Jaypore CI

docker_runtime.go (6870B)

---

 package jci
 
 import (
 	"bytes"
 	"context"
 	"encoding/json"
 	"fmt"
 	"io"
 	"log"
 	"net"
 	"net/http"
 	"strings"
 	"time"
 )
 
 const dockerSocketPath = "/var/run/docker.sock"
 
 // dockerRuntime implements ContainerRuntime by talking directly to the Docker
 // Engine API over its Unix socket. No external dependencies are required.
 type dockerRuntime struct {
 	client *http.Client
 }
 
 func newDockerRuntime() *dockerRuntime {
 	return &dockerRuntime{
 		client: &http.Client{
 			Transport: &http.Transport{
 				DialContext: func(_ context.Context, _, _ string) (net.Conn, error) {
 					return net.Dial("unix", dockerSocketPath)
 				},
 			},
 		},
 	}
 }
 
 // doRequest performs an HTTP request against the Docker Engine API.
 // The base URL is always http://localhost (the host part is ignored for Unix
 // socket connections but must be present for Go's http.Client).
 func (d *dockerRuntime) doRequest(method, path string, body interface{}) (*http.Response, error) {
 	var bodyReader io.Reader
 	if body != nil {
 		b, err := json.Marshal(body)
 		if err != nil {
 			return nil, fmt.Errorf("marshal request: %w", err)
 		}
 		bodyReader = bytes.NewReader(b)
 	}
 	req, err := http.NewRequest(method, "http://localhost"+path, bodyReader)
 	if err != nil {
 		return nil, err
 	}
 	if body != nil {
 		req.Header.Set("Content-Type", "application/json")
 	}
 	return d.client.Do(req)
 }
 
 // StartContainer implements ContainerRuntime.
 // It calls POST /containers/create then POST /containers/{id}/start.
 func (d *dockerRuntime) StartContainer(spec ContainerSpec) (string, error) {
 	log.Printf("docker: creating container image=%s binds=%v autoRemove=%v", spec.Image, spec.Binds, spec.AutoRemove)
 
 	payload := map[string]interface{}{
 		"Image":  spec.Image,
 		"Cmd":    spec.Command,
 		"Env":    spec.Env,
 		"Labels": spec.Labels,
 		"HostConfig": map[string]interface{}{
 			"Binds": spec.Binds,
 			// AutoRemove is intentionally omitted here so that containers
 			// remain visible via `docker ps -a` for post-mortem inspection
 			// even when they exit or fail to start. The reaper handles cleanup.
 		},
 	}
 
 	resp, err := d.doRequest("POST", "/v1.41/containers/create", payload)
 	if err != nil {
 		return "", fmt.Errorf("containers/create: %w", err)
 	}
 	defer resp.Body.Close()
 	raw, _ := io.ReadAll(resp.Body)
 	log.Printf("docker: containers/create → HTTP %d body: %s", resp.StatusCode, raw)
 	if resp.StatusCode != http.StatusCreated {
 		return "", fmt.Errorf("containers/create: status %d: %s", resp.StatusCode, raw)
 	}
 
 	var created struct {
 		ID       string   `json:"Id"`
 		Warnings []string `json:"Warnings"`
 	}
 	if err := json.Unmarshal(raw, &created); err != nil {
 		return "", fmt.Errorf("containers/create decode: %w", err)
 	}
 	if len(created.Warnings) > 0 {
 		log.Printf("docker: containers/create warnings for %s: %v", created.ID[:12], created.Warnings)
 	}
 	log.Printf("docker: container created id=%s", created.ID[:12])
 
 	log.Printf("docker: starting container id=%s", created.ID[:12])
 	resp2, err := d.doRequest("POST", "/v1.41/containers/"+created.ID+"/start", nil)
 	if err != nil {
 		return "", fmt.Errorf("containers/start: %w", err)
 	}
 	raw2, _ := io.ReadAll(resp2.Body)
 	resp2.Body.Close()
 	log.Printf("docker: containers/start → HTTP %d body: %s", resp2.StatusCode, raw2)
 	if resp2.StatusCode != http.StatusNoContent && resp2.StatusCode != http.StatusOK {
 		return "", fmt.Errorf("containers/start: status %d: %s", resp2.StatusCode, raw2)
 	}
 
 	log.Printf("docker: container started id=%s", created.ID[:12])
 	return created.ID, nil
 }
 
 // ListContainers implements ContainerRuntime.
 // Calls GET /containers/json?all=true&filters={"label":["<labelFilter>"]}
 // all=true is required so that stopped/exited containers are also returned and
 // can be reaped if they exceeded their timeout.
 func (d *dockerRuntime) ListContainers(labelFilter string) ([]ContainerInfo, error) {
 	filters, _ := json.Marshal(map[string][]string{"label": {labelFilter}})
 	path := "/v1.41/containers/json?all=true&filters=" + string(filters)
 
 	resp, err := d.doRequest("GET", path, nil)
 	if err != nil {
 		return nil, fmt.Errorf("containers/json: %w", err)
 	}
 	defer resp.Body.Close()
 	raw, _ := io.ReadAll(resp.Body)
 	if resp.StatusCode != http.StatusOK {
 		return nil, fmt.Errorf("containers/json: status %d: %s", resp.StatusCode, raw)
 	}
 
 	var list []struct {
 		ID     string            `json:"Id"`
 		Labels map[string]string `json:"Labels"`
 	}
 	if err := json.Unmarshal(raw, &list); err != nil {
 		return nil, fmt.Errorf("containers/json decode: %w", err)
 	}
 
 	out := make([]ContainerInfo, len(list))
 	for i, c := range list {
 		out[i] = ContainerInfo{ID: c.ID, Labels: c.Labels}
 	}
 	return out, nil
 }
 
 // InspectStartedAt implements ContainerRuntime.
 // Calls GET /containers/{id}/json and parses State.StartedAt.
 func (d *dockerRuntime) InspectStartedAt(id string) (time.Time, error) {
 	resp, err := d.doRequest("GET", "/v1.41/containers/"+id+"/json", nil)
 	if err != nil {
 		return time.Time{}, fmt.Errorf("containers/inspect: %w", err)
 	}
 	defer resp.Body.Close()
 	raw, _ := io.ReadAll(resp.Body)
 	if resp.StatusCode != http.StatusOK {
 		return time.Time{}, fmt.Errorf("containers/inspect: status %d: %s", resp.StatusCode, raw)
 	}
 
 	var info struct {
 		State struct {
 			StartedAt string `json:"StartedAt"`
 		} `json:"State"`
 	}
 	if err := json.Unmarshal(raw, &info); err != nil {
 		return time.Time{}, fmt.Errorf("containers/inspect decode: %w", err)
 	}
 	return time.Parse(time.RFC3339Nano, info.State.StartedAt)
 }
 
 // RemoveContainer implements ContainerRuntime.
 // Calls DELETE /containers/{id}?force=true
 func (d *dockerRuntime) RemoveContainer(id string) error {
 	log.Printf("docker: removing container %s", id[:12])
 	resp, err := d.doRequest("DELETE", "/v1.41/containers/"+id+"?force=true", nil)
 	if err != nil {
 		log.Printf("docker: containers/remove %s → error: %v", id[:12], err)
 		return fmt.Errorf("containers/remove: %w", err)
 	}
 	raw, _ := io.ReadAll(resp.Body)
 	resp.Body.Close()
 	log.Printf("docker: containers/remove %s → HTTP %d: %s", id[:12], resp.StatusCode, raw)
 	if resp.StatusCode != http.StatusNoContent && resp.StatusCode != http.StatusOK {
 		return fmt.Errorf("containers/remove: status %d: %s", resp.StatusCode, raw)
 	}
 	return nil
 }
 
 // logContainerCmd returns a human-readable "docker run …" style string for
 // logging purposes. Callers are responsible for masking sensitive values
 // (e.g. credentials in Command) before passing the spec.
 func logContainerCmd(spec ContainerSpec) string {
 	var b strings.Builder
 	b.WriteString("docker run -d")
 	for _, v := range spec.Binds {
 		b.WriteString(" -v " + v)
 	}
 	for _, e := range spec.Env {
 		b.WriteString(" -e " + e)
 	}
 	for k, v := range spec.Labels {
 		b.WriteString(" --label " + k + "=" + v)
 	}
 	b.WriteString(" " + spec.Image)
 	for _, c := range spec.Command {
 		b.WriteString(" " + c)
 	}
 	return b.String()
 }