Fix #32629: Add User, Runtiem and DeviceRequest docker flags

Author: LEDfan

pom.xml

@@ -214,7 +214,7 @@
         <dependency>
             <groupId>org.mandas</groupId>
             <artifactId>docker-client</artifactId>
-            <version>7.0.99-OA</version>
+            <version>7.0.8-OA-1</version>
         </dependency>
         <dependency>
             <groupId>org.glassfish.jersey.core</groupId>

src/main/java/eu/openanalytics/containerproxy/backend/docker/DockerEngineBackend.java

@@ -33,6 +33,7 @@
 import eu.openanalytics.containerproxy.model.runtime.runtimevalues.RuntimeValueKey;
 import eu.openanalytics.containerproxy.model.runtime.runtimevalues.UserIdKey;
 import eu.openanalytics.containerproxy.model.spec.ContainerSpec;
+import eu.openanalytics.containerproxy.model.spec.DockerDeviceRequest;
 import eu.openanalytics.containerproxy.model.spec.ProxySpec;
 import org.mandas.docker.client.DockerClient;
 import org.mandas.docker.client.LogStream;
@@ -134,6 +135,20 @@ public Proxy startContainer(Authentication user, Container initialContainer, Con
             spec.getVolumes().ifPresent(hostConfigBuilder::binds);
             hostConfigBuilder.privileged(isPrivileged() || spec.isPrivileged());
 
+            List<HostConfig.DeviceRequest> deviceRequests = new ArrayList<>();
+            for (DockerDeviceRequest deviceRequest : spec.getDockerDeviceRequests()) {
+                HostConfig.DeviceRequest.Builder builder= HostConfig.DeviceRequest.builder();
+                deviceRequest.getDriver().ifPresent(builder::driver);
+                deviceRequest.getCount().ifPresent(builder::count);
+                deviceRequest.getDeviceIds().ifPresent(builder::deviceIds);
+                deviceRequest.getCapabilities().ifPresent(builder::capabilities);
+                deviceRequest.getOptions().ifPresent(builder::options);
+                deviceRequests.add(builder.build());
+            }
+            hostConfigBuilder.deviceRequests(deviceRequests);
+
+            spec.getDockerRuntime().ifPresent(hostConfigBuilder::runtime);
+
             Map<String, String> labels = spec.getLabels().getValueOrDefault(new HashMap<>());
 
             Stream.concat(
@@ -152,6 +167,7 @@ public Proxy startContainer(Authentication user, Container initialContainer, Con
                 .exposedPorts(dockerPortBindings.keySet())
                 .cmd(spec.getCmd().getValueOrNull())
                 .env(convertEnv(buildEnv(user, spec, proxy)))
+                .user(spec.getDockerUser().getValueOrNull())
                 .build();
 
             proxyStartupLogBuilder.startingContainer(initialContainer.getIndex());

src/main/java/eu/openanalytics/containerproxy/backend/docker/DockerSwarmBackend.java

@@ -136,6 +136,7 @@ public Proxy startContainer(Authentication user, Container initialContainer, Con
                     .dnsConfig(DnsConfig.builder().nameServers(spec.getDns().getValueOrNull()).build())
                     .mounts(mounts)
                     .secrets(secretBinds)
+                    .user(spec.getDockerUser().getValueOrNull())
                     .build();
 
             List<NetworkAttachmentConfig> networks = new ArrayList<>(spec.getNetworkConnections()

src/main/java/eu/openanalytics/containerproxy/model/spec/ContainerSpec.java

@@ -81,6 +81,13 @@ public class ContainerSpec {
     private String dockerRegistryDomain;
     private String dockerRegistryUsername;
     private String dockerRegistryPassword;
+    @Builder.Default
+    private SpelField.String dockerRuntime = new SpelField.String();
+    @Builder.Default
+    private SpelField.String dockerUser = new SpelField.String();
+    @Builder.Default
+    private List<DockerDeviceRequest> dockerDeviceRequests = new ArrayList<>();
+
     @Builder.Default
     private SpelField.String resourceName = new SpelField.String();
 
@@ -122,6 +129,9 @@ public ContainerSpec firstResolve(SpecExpressionResolver resolver, SpecExpressio
             .cpuRequest(cpuRequest.resolve(resolver, context))
             .cpuLimit(cpuLimit.resolve(resolver, context))
             .portMapping(portMapping.stream().map(p -> p.resolve(resolver, context)).toList())
+            .dockerRuntime(dockerRuntime.resolve(resolver, context))
+            .dockerUser(dockerUser.resolve(resolver, context))
+            .dockerDeviceRequests(dockerDeviceRequests)
             .build();
     }
 

src/main/java/eu/openanalytics/containerproxy/model/spec/DockerDeviceRequest.java

@@ -0,0 +1,83 @@
+/**
+ * ContainerProxy
+ *
+ * Copyright (C) 2016-2024 Open Analytics
+ *
+ * ===========================================================================
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the Apache License as published by
+ * The Apache Software Foundation, either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * Apache License for more details.
+ *
+ * You should have received a copy of the Apache License
+ * along with this program.  If not, see <http://www.apache.org/licenses/>
+ */
+package eu.openanalytics.containerproxy.model.spec;
+
+import java.util.List;
+import java.util.Map;
+import java.util.Optional;
+
+public class DockerDeviceRequest {
+
+    private String driver;
+    private Integer count;
+    private List<String> deviceIds;
+    private List<List<String>> capabilities;
+    private Map<String, String> options;
+
+    public DockerDeviceRequest(String driver, Integer count, List<String> deviceIds, List<List<String>> capabilities, Map<String, String> options) {
+        this.driver = driver;
+        this.count = count;
+        this.deviceIds = deviceIds;
+        this.capabilities = capabilities;
+        this.options = options;
+    }
+
+    public Optional<String> getDriver() {
+        return Optional.ofNullable(driver);
+    }
+
+    public void setDriver(String driver) {
+        this.driver = driver;
+    }
+
+    public Optional<Integer> getCount() {
+        return Optional.ofNullable(count);
+    }
+
+    public void setCount(Integer count) {
+        this.count = count;
+    }
+
+    public Optional<List<String>> getDeviceIds() {
+        return Optional.ofNullable(deviceIds);
+    }
+
+    public void setDeviceIds(List<String> deviceIds) {
+        this.deviceIds = deviceIds;
+    }
+
+    public Optional<List<List<String>>> getCapabilities() {
+        return Optional.ofNullable(capabilities);
+    }
+
+    public void setCapabilities(List<List<String>> capabilities) {
+        this.capabilities = capabilities;
+    }
+
+    public Optional<Map<String, String>> getOptions() {
+        return Optional.ofNullable(options);
+    }
+
+    public void setOptions(Map<String, String> options) {
+        this.options = options;
+    }
+
+}