rm bind && go fmt

This commit is contained in:
Alex 2022-11-29 09:51:00 +01:00
parent 153b8f1b9d
commit d9912eb940
Signed by: lx
GPG key ID: 0E496D15096376BE
2 changed files with 57 additions and 83 deletions

View file

@ -8,12 +8,12 @@ import (
"sync" "sync"
"time" "time"
"github.com/Alexis211/nomad-driver-exec2/executor"
"github.com/hashicorp/consul-template/signals" "github.com/hashicorp/consul-template/signals"
hclog "github.com/hashicorp/go-hclog" hclog "github.com/hashicorp/go-hclog"
"github.com/hashicorp/nomad/client/lib/cgutil" "github.com/hashicorp/nomad/client/lib/cgutil"
"github.com/hashicorp/nomad/drivers/shared/capabilities" "github.com/hashicorp/nomad/drivers/shared/capabilities"
"github.com/hashicorp/nomad/drivers/shared/eventer" "github.com/hashicorp/nomad/drivers/shared/eventer"
"github.com/Alexis211/nomad-driver-exec2/executor"
"github.com/hashicorp/nomad/drivers/shared/resolvconf" "github.com/hashicorp/nomad/drivers/shared/resolvconf"
"github.com/hashicorp/nomad/helper/pluginutils/hclutils" "github.com/hashicorp/nomad/helper/pluginutils/hclutils"
"github.com/hashicorp/nomad/helper/pluginutils/loader" "github.com/hashicorp/nomad/helper/pluginutils/loader"
@ -71,14 +71,9 @@ var (
hclspec.NewAttr("allow_caps", "list(string)", false), hclspec.NewAttr("allow_caps", "list(string)", false),
hclspec.NewLiteral(capabilities.HCLSpecLiteral), hclspec.NewLiteral(capabilities.HCLSpecLiteral),
), ),
// Default host directories to bind in tasks "allow_bind": hclspec.NewDefault(
"bind": hclspec.NewDefault( hclspec.NewAttr("allow_bind", "bool", false),
hclspec.NewAttr("bind", "list(map(string))", false), hclspec.NewLiteral("true"),
hclspec.NewLiteral("{}"),
),
"bind_read_only": hclspec.NewDefault(
hclspec.NewAttr("bind_read_only", "list(map(string))", false),
hclspec.NewLiteral("{}"),
), ),
}) })
@ -157,11 +152,8 @@ type Config struct {
// running on this node. // running on this node.
AllowCaps []string `codec:"allow_caps"` AllowCaps []string `codec:"allow_caps"`
// Paths to bind for read-write acess in all jobs // AllowBind defines whether users may bind host directories
Bind hclutils.MapStrStr `codec:"bind"` AllowBind bool `codec:"allow_bind"`
// Paths to bind for read-only acess in all jobs
BindReadOnly hclutils.MapStrStr `codec:"bind_read_only"`
} }
func (c *Config) validate() error { func (c *Config) validate() error {
@ -409,7 +401,7 @@ func (d *Driver) RecoverTask(handle *drivers.TaskHandle) error {
// Create new executor // Create new executor
exec := executor.NewExecutorWithIsolation( exec := executor.NewExecutorWithIsolation(
d.logger.With("task_name", handle.Config.Name, "alloc_id", handle.Config.AllocID),) d.logger.With("task_name", handle.Config.Name, "alloc_id", handle.Config.AllocID))
h := &taskHandle{ h := &taskHandle{
exec: exec, exec: exec,
@ -446,7 +438,7 @@ func (d *Driver) StartTask(cfg *drivers.TaskConfig) (*drivers.TaskHandle, *drive
handle.Config = cfg handle.Config = cfg
exec := executor.NewExecutorWithIsolation( exec := executor.NewExecutorWithIsolation(
d.logger.With("task_name", handle.Config.Name, "alloc_id", handle.Config.AllocID),) d.logger.With("task_name", handle.Config.Name, "alloc_id", handle.Config.AllocID))
user := cfg.User user := cfg.User
if user == "" { if user == "" {
@ -462,32 +454,9 @@ func (d *Driver) StartTask(cfg *drivers.TaskConfig) (*drivers.TaskHandle, *drive
} }
// Bind mounts specified in driver config // Bind mounts specified in driver config
if d.config.Bind != nil {
for host, task := range d.config.Bind {
mount_config := drivers.MountConfig{
TaskPath: task,
HostPath: host,
Readonly: false,
PropagationMode: "private",
}
d.logger.Info("adding RW mount from driver config", "mount_config", hclog.Fmt("%+v", mount_config))
cfg.Mounts = append(cfg.Mounts, &mount_config)
}
}
if d.config.BindReadOnly != nil {
for host, task := range d.config.BindReadOnly {
mount_config := drivers.MountConfig{
TaskPath: task,
HostPath: host,
Readonly: true,
PropagationMode: "private",
}
d.logger.Info("adding RO mount from driver config", "mount_config", hclog.Fmt("%+v", mount_config))
cfg.Mounts = append(cfg.Mounts, &mount_config)
}
}
// Bind mounts specified in task config // Bind mounts specified in task config
if d.config.AllowBind {
if driverConfig.Bind != nil { if driverConfig.Bind != nil {
for host, task := range driverConfig.Bind { for host, task := range driverConfig.Bind {
mount_config := drivers.MountConfig{ mount_config := drivers.MountConfig{
@ -512,6 +481,11 @@ func (d *Driver) StartTask(cfg *drivers.TaskConfig) (*drivers.TaskHandle, *drive
cfg.Mounts = append(cfg.Mounts, &mount_config) cfg.Mounts = append(cfg.Mounts, &mount_config)
} }
} }
} else {
if len(driverConfig.Bind) > 0 || len(driverConfig.BindReadOnly) > 0 {
return nil, nil, fmt.Errorf("bind and bind_read_only are deactivated for the %s driver", pluginName)
}
}
caps, err := capabilities.Calculate( caps, err := capabilities.Calculate(
capabilities.NomadDefaults(), d.config.AllowCaps, driverConfig.CapAdd, driverConfig.CapDrop, capabilities.NomadDefaults(), d.config.AllowCaps, driverConfig.CapAdd, driverConfig.CapDrop,

View file

@ -6,8 +6,8 @@ import (
"sync" "sync"
"time" "time"
hclog "github.com/hashicorp/go-hclog"
"github.com/Alexis211/nomad-driver-exec2/executor" "github.com/Alexis211/nomad-driver-exec2/executor"
hclog "github.com/hashicorp/go-hclog"
"github.com/hashicorp/nomad/plugins/drivers" "github.com/hashicorp/nomad/plugins/drivers"
) )