From 1760b8b58674deed933c415cf027fa03d1f5f15c Mon Sep 17 00:00:00 2001 From: nathan Date: Thu, 7 Sep 2023 12:58:45 +0000 Subject: [PATCH] doing it --- .devcontainer/devcontainer.json | 25 +++++++++++++++++++++++++ driver/docker-container/driver.go | 12 ++++++++---- 2 files changed, 33 insertions(+), 4 deletions(-) create mode 100644 .devcontainer/devcontainer.json diff --git a/.devcontainer/devcontainer.json b/.devcontainer/devcontainer.json new file mode 100644 index 00000000..f3d39f7a --- /dev/null +++ b/.devcontainer/devcontainer.json @@ -0,0 +1,25 @@ +// For format details, see https://aka.ms/devcontainer.json. For config options, see the +// README at: https://github.com/devcontainers/templates/tree/main/src/go +{ + "name": "Go", + // Or use a Dockerfile or Docker Compose file. More info: https://containers.dev/guide/dockerfile + "image": "mcr.microsoft.com/devcontainers/go:1-1.21-bullseye", + "features": { + "ghcr.io/devcontainers/features/docker-in-docker:2": {} + } + + // Features to add to the dev container. More info: https://containers.dev/features. + // "features": {}, + + // Use 'forwardPorts' to make a list of ports inside the container available locally. + // "forwardPorts": [], + + // Use 'postCreateCommand' to run commands after the container is created. + // "postCreateCommand": "go version", + + // Configure tool-specific properties. + // "customizations": {}, + + // Uncomment to connect as root instead. More info: https://aka.ms/dev-containers-non-root. + // "remoteUser": "root" +} diff --git a/driver/docker-container/driver.go b/driver/docker-container/driver.go index c842d091..c887432d 100644 --- a/driver/docker-container/driver.go +++ b/driver/docker-container/driver.go @@ -140,7 +140,7 @@ func (d *Driver) create(ctx context.Context, l progress.SubLogger) error { return err } for _, f := range secOpts { - fmt.Println(f) + fmt.Println("range of opts ", f) if f.Name == "userns" { hc.UsernsMode = "host" break @@ -149,13 +149,17 @@ func (d *Driver) create(ctx context.Context, l progress.SubLogger) error { //hc.SecurityOpt=["seccomp:unconfined" "apparmor:unconfined" "systempaths:unconfined"] hc.SecurityOpt = append(hc.SecurityOpt, "seccomp=unconfined") hc.SecurityOpt = append(hc.SecurityOpt, "apparmor=unconfined") - hc.SecurityOpt = append(hc.SecurityOpt, "systempaths=unconfined") + //hc.SecurityOpt = append(hc.SecurityOpt, "systempaths=unconfined") hc.Privileged = false } - fmt.Println(cfg) - fmt.Println(hc) + fmt.Println("cfg: ", cfg) + fmt.Println("hc privileged:", hc.Privileged) + fmt.Println("hc: ", hc.SecurityOpt) + fmt.Println("hc: ", hc.SecurityOpt) + fmt.Println(hc.SecurityOpt) _, err := d.DockerAPI.ContainerCreate(ctx, cfg, hc, &network.NetworkingConfig{}, nil, d.Name) if err != nil && !errdefs.IsConflict(err) { + l.Wrap("fucking dumb", func() error { fmt.Println(err.Error()); return nil }) return err } if err == nil {