feat: [CI-13861]: support gitness provided variables for docker configuration (#2517)

* fix lint * feat: [CDE-192]: implement overrides and honor env variables for CDE docker client * remove default value of host from config and Dockerfile * feat: [CI-13861]: support gitness provided variables for docker configuration
2024-08-15 12:15:31 +00:00 · 2024-08-15 12:15:31 +00:00 · e1ef7e9609
parent 7a3df78d8b
commit e1ef7e9609
7 changed files with 53 additions and 21 deletions
--- a/.local.env
+++ b/.local.env
@ -7,6 +7,6 @@ GITNESS_METRIC_ENABLED=false
 GITNESS_HTTP_HOST=localhost
 GITNESS_GITSPACE_ENABLE=true
 GITNESS_DEBUG=true
-GITNESS_DOCKER_API_VERSION=1.40
+GITNESS_DOCKER_API_VERSION=1.41
 GITNESS_SSH_ENABLE=true
 GITNESS_SSH_HOST=localhost
--- a/5
+++ b/5
@ -82,8 +82,7 @@ ENV GITNESS_DATABASE_DATASOURCE /data/database.sqlite
 ENV GITNESS_METRIC_ENABLED=true
 ENV GITNESS_METRIC_ENDPOINT=https://stats.drone.ci/api/v1/gitness
 ENV GITNESS_TOKEN_COOKIE_NAME=token
-ENV GITNESS_DOCKER_HOST unix:///var/run/docker.sock
-ENV GITNESS_DOCKER_API_VERSION 1.40
+ENV GITNESS_DOCKER_API_VERSION 1.41
 ENV GITNESS_SSH_ENABLE=true
 ENV GITNESS_GITSPACE_ENABLE=true

@ -93,4 +92,4 @@ COPY --from=cert-image /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/ca-cert
 EXPOSE 3000
 EXPOSE 3022

-ENTRYPOINT [ "/app/gitness", "server" ]
+ENTRYPOINT [ "/app/gitness", "server" ]
--- a/app/pipeline/runner/runner.go
+++ b/app/pipeline/runner/runner.go
@ -20,6 +20,7 @@ import (
 	"github.com/harness/gitness/app/pipeline/resolver"
 	"github.com/harness/gitness/types"

+	dockerclient "github.com/docker/docker/client"
 	"github.com/drone-runners/drone-runner-docker/engine"
 	"github.com/drone-runners/drone-runner-docker/engine/compiler"
 	"github.com/drone-runners/drone-runner-docker/engine/linter"
@ -49,6 +50,21 @@ var Privileged = []string{
 	"plugins/heroku",
 }

+// dockerOpts returns back the options to be overridden from docker options set
+// in the environment. If values are specified in gitness, they get preference.
+func dockerOpts(config *types.Config) []dockerclient.Opt {
+	var overrides []dockerclient.Opt
+
+	if config.Docker.Host != "" {
+		overrides = append(overrides, dockerclient.WithHost(config.Docker.Host))
+	}
+	if config.Docker.APIVersion != "" {
+		overrides = append(overrides, dockerclient.WithVersion(config.Docker.APIVersion))
+	}
+
+	return overrides
+}
+
 func NewExecutionRunner(
 	config *types.Config,
 	client runnerclient.Client,
@ -73,7 +89,7 @@ func NewExecutionRunner(
 	remote := remote.New(client)
 	upload := uploader.New(client)
 	tracer := history.New(remote)
-	engine, err := engine.NewEnv(engine.Opts{})
+	engine, err := engine.NewEnv(engine.Opts{}, dockerOpts(config)...)
 	if err != nil {
 		return nil, err
 	}
@ -90,7 +106,7 @@ func NewExecutionRunner(
 		Exec:     exec.Exec,
 	}

-	engine2, err := engine2.NewEnv(engine2.Opts{})
+	engine2, err := engine2.NewEnv(engine2.Opts{}, dockerOpts(config)...)
 	if err != nil {
 		return nil, err
 	}
--- a/go.mod
+++ b/go.mod
@ -12,7 +12,7 @@ require (
 	github.com/dchest/uniuri v1.2.0
 	github.com/docker/docker v27.1.1+incompatible
 	github.com/docker/go-connections v0.5.0
-	github.com/drone-runners/drone-runner-docker v1.8.4-0.20240725142717-515d467f7b29
+	github.com/drone-runners/drone-runner-docker v1.8.4-0.20240815103043-c6c3a3e33ce3
 	github.com/drone/drone-go v1.7.1
 	github.com/drone/drone-yaml v1.2.3
 	github.com/drone/funcmap v0.0.0-20240227160611-7e19e9cd5a1c
@ -77,6 +77,7 @@ require (
 	cloud.google.com/go/compute/metadata v0.5.0 // indirect
 	cloud.google.com/go/iam v1.1.12 // indirect
 	dario.cat/mergo v1.0.0 // indirect
+	github.com/99designs/basicauth-go v0.0.0-20160802081356-2a93ba0f464d // indirect
 	github.com/99designs/httpsignatures-go v0.0.0-20170731043157-88528bf4ca7e // indirect
 	github.com/Azure/go-ansiterm v0.0.0-20230124172434-306776ec8161 // indirect
 	github.com/BobuSumisu/aho-corasick v1.0.3 // indirect
@ -93,6 +94,7 @@ require (
 	github.com/docker/distribution v2.7.1+incompatible // indirect
 	github.com/docker/go-units v0.5.0 // indirect
 	github.com/drone/envsubst v1.0.3 // indirect
+	github.com/drone/signal v1.0.0 // indirect
 	github.com/fatih/semgroup v1.2.0 // indirect
 	github.com/felixge/httpsnoop v1.0.4 // indirect
 	github.com/fsnotify/fsnotify v1.7.0 // indirect
--- a/go.sum
+++ b/go.sum
@ -21,6 +21,7 @@ dario.cat/mergo v1.0.0/go.mod h1:uNxQE+84aUszobStD9th8a29P2fMDhsBdgRYvZOxGmk=
 docker.io/go-docker v1.0.0/go.mod h1:7tiAn5a0LFmjbPDbyTPOaTTOuG1ZRNXdPA6RvKY+fpY=
 filippo.io/edwards25519 v1.1.0 h1:FNf4tywRC1HmFuKW5xopWpigGjJKiJSV0Cqo0cJWDaA=
 filippo.io/edwards25519 v1.1.0/go.mod h1:BxyFTGdWcka3PhytdK4V28tE5sGfRvvvRV7EaN4VDT4=
+github.com/99designs/basicauth-go v0.0.0-20160802081356-2a93ba0f464d h1:j6oB/WPCigdOkxtuPl1VSIiLpy7Mdsu6phQffbF19Ng=
 github.com/99designs/basicauth-go v0.0.0-20160802081356-2a93ba0f464d/go.mod h1:3cARGAK9CfW3HoxCy1a0G4TKrdiKke8ftOMEOHyySYs=
 github.com/99designs/httpsignatures-go v0.0.0-20170731043157-88528bf4ca7e h1:rl2Aq4ZODqTDkeSqQBy+fzpZPamacO1Srp8zq7jf2Sc=
 github.com/99designs/httpsignatures-go v0.0.0-20170731043157-88528bf4ca7e/go.mod h1:Xa6lInWHNQnuWoF0YPSsx+INFA9qk7/7pTjwb3PInkY=
@ -145,6 +146,8 @@ github.com/docker/go-units v0.5.0 h1:69rxXcBk27SvSaaxTtLh/8llcHD8vYHT7WSdRZ/jvr4
 github.com/docker/go-units v0.5.0/go.mod h1:fgPhTUdO+D/Jk86RDLlptpiXQzgHJF7gydDDbaIK4Dk=
 github.com/drone-runners/drone-runner-docker v1.8.4-0.20240725142717-515d467f7b29 h1:7k3uDEBK1FcVDb8qFF7P2bWyimsrdcnzs4ZfX02WqqI=
 github.com/drone-runners/drone-runner-docker v1.8.4-0.20240725142717-515d467f7b29/go.mod h1:kkQh3P4hJp82vjLTju1RkMvnbY+7cImwaoRH3lExnWA=
+github.com/drone-runners/drone-runner-docker v1.8.4-0.20240815103043-c6c3a3e33ce3 h1:NnP4ingWdiSNvY5NRit3jrd+kS6j+9Lg2EWfGQqXzTQ=
+github.com/drone-runners/drone-runner-docker v1.8.4-0.20240815103043-c6c3a3e33ce3/go.mod h1:kkQh3P4hJp82vjLTju1RkMvnbY+7cImwaoRH3lExnWA=
 github.com/drone/drone-go v1.7.1 h1:ZX+3Rs8YHUSUQ5mkuMLmm1zr1ttiiE2YGNxF3AnyDKw=
 github.com/drone/drone-go v1.7.1/go.mod h1:fxCf9jAnXDZV1yDr0ckTuWd1intvcQwfJmTRpTZ1mXg=
 github.com/drone/drone-runtime v1.0.7-0.20190729202838-87c84080f4a1/go.mod h1:+osgwGADc/nyl40J0fdsf8Z09bgcBZXvXXnLOY48zYs=
@ -163,6 +166,7 @@ github.com/drone/go-scm v1.38.4 h1:KW+znh2tg3tJwbiFfzhjZQ2gbyasJ213V7hZ00QaVpc=
 github.com/drone/go-scm v1.38.4/go.mod h1:DFIJJjhMj0TSXPz+0ni4nyZ9gtTtC40Vh/TGRugtyWw=
 github.com/drone/runner-go v1.12.0 h1:zUjDj9ylsJ4n4Mvy4znddq/Z4EBzcUXzTltpzokKtgs=
 github.com/drone/runner-go v1.12.0/go.mod h1:vu4pPPYDoeN6vdYQAY01GGGsAIW4aLganJNaa8Fx8zE=
+github.com/drone/signal v1.0.0 h1:NrnM2M/4yAuU/tXs6RP1a1ZfxnaHwYkd0kJurA1p6uI=
 github.com/drone/signal v1.0.0/go.mod h1:S8t92eFT0g4WUgEc/LxG+LCuiskpMNsG0ajAMGnyZpc=
 github.com/drone/spec v0.0.0-20230920145636-3827abdce961 h1:aUWrLS2ghyxIpDICpZOV50V1x7JLM3U80UQDQxMKT54=
 github.com/drone/spec v0.0.0-20230920145636-3827abdce961/go.mod h1:KyQZA9qwuscbbM7yTrtZg25Wammoc5GKwaRem8kDA5k=
--- a/infraprovider/docker_client_factory.go
+++ b/infraprovider/docker_client_factory.go
@ -51,20 +51,11 @@ func (d *DockerClientFactory) NewDockerClient(
 }

 func (d *DockerClientFactory) getClient(_ []types.InfraProviderParameter) (*client.Client, error) {
-	var opts []client.Opt
-
-	opts = append(opts, client.WithHost(d.config.DockerHost))
-
-	opts = append(opts, client.WithVersion(d.config.DockerAPIVersion))
-
-	if d.config.DockerCertPath != "" {
-		httpsClient, err := d.getHTTPSClient()
-		if err != nil {
-			return nil, fmt.Errorf("unable to create https client for docker client: %w", err)
-		}
-		opts = append(opts, client.WithHTTPClient(httpsClient))
+	overrides, err := d.dockerOpts(d.config)
+	if err != nil {
+		return nil, fmt.Errorf("unable to create docker opts overrides: %w", err)
 	}
-
+	opts := append([]client.Opt{client.FromEnv}, overrides...)
 	dockerClient, err := client.NewClientWithOpts(opts...)
 	if err != nil {
 		return nil, fmt.Errorf("unable to create docker client: %w", err)
@ -89,3 +80,23 @@ func (d *DockerClientFactory) getHTTPSClient() (*http.Client, error) {
 		CheckRedirect: client.CheckRedirect,
 	}, nil
 }
+
+// dockerOpts returns back the options to be overridden from docker options set
+// in the environment. If values are specified in gitness, they get preference.
+func (d *DockerClientFactory) dockerOpts(config *DockerConfig) ([]client.Opt, error) {
+	var overrides []client.Opt
+	if config.DockerHost != "" {
+		overrides = append(overrides, client.WithHost(config.DockerHost))
+	}
+	if config.DockerAPIVersion != "" {
+		overrides = append(overrides, client.WithVersion(config.DockerAPIVersion))
+	}
+	if config.DockerCertPath != "" {
+		httpsClient, err := d.getHTTPSClient()
+		if err != nil {
+			return nil, fmt.Errorf("unable to create https client for docker client: %w", err)
+		}
+		overrides = append(overrides, client.WithHTTPClient(httpsClient))
+	}
+	return overrides, nil
+}
--- a/types/config.go
+++ b/types/config.go
@ -385,7 +385,7 @@ type Config struct {

 	Docker struct {
 		// Host sets the url to the docker server.
-		Host string `envconfig:"GITNESS_DOCKER_HOST" default:"unix:///var/run/docker.sock"`
+		Host string `envconfig:"GITNESS_DOCKER_HOST"`
 		// APIVersion sets the version of the API to reach, leave empty for latest.
 		APIVersion string `envconfig:"GITNESS_DOCKER_API_VERSION"`
 		// CertPath sets the path to load the TLS certificates from.