pull docker bots before running them

This commit is contained in:
Ilion Beyst 2022-07-24 23:08:51 +02:00
parent 14b51033fc
commit 93c4306b10
2 changed files with 45 additions and 2 deletions

View file

@ -15,12 +15,22 @@ use crate::match_context::{EventBus, PlayerHandle, RequestError, RequestMessage}
use crate::match_log::{MatchLogMessage, MatchLogger, StdErrMessage};
use crate::BotSpec;
// TODO: this API needs a better design with respect to pulling
// and general container management
#[derive(Clone, Debug)]
pub struct DockerBotSpec {
pub image: String,
pub binds: Option<Vec<String>>,
pub argv: Option<Vec<String>>,
pub working_dir: Option<String>,
pub pull: bool,
pub credentials: Option<Credentials>,
}
#[derive(Clone, Debug)]
pub struct Credentials {
pub username: String,
pub password: String,
}
#[async_trait]
@ -43,6 +53,30 @@ async fn spawn_docker_process(
) -> Result<ContainerProcess, bollard::errors::Error> {
let docker = Docker::connect_with_socket_defaults()?;
if params.pull {
let mut create_image_stream = docker.create_image(
Some(bollard::image::CreateImageOptions {
from_image: params.image.as_str(),
..Default::default()
}),
None,
params
.credentials
.as_ref()
.map(|credentials| bollard::auth::DockerCredentials {
username: Some(credentials.username.clone()),
password: Some(credentials.password.clone()),
..Default::default()
}),
);
while let Some(item) = create_image_stream.next().await {
// just consume the stream for now,
// and make noise when something breaks
let _info = item.expect("hit error in docker pull");
}
}
let memory_limit = 512 * 1024 * 1024; // 512MB
let config = container::Config {
image: Some(params.image.clone()),

View file

@ -1,8 +1,7 @@
use std::{path::PathBuf, sync::Arc};
use diesel::{PgConnection, QueryResult};
use planetwars_matchrunner::{self as runner, docker_runner::DockerBotSpec, BotSpec, MatchConfig};
use runner::MatchOutcome;
use std::{path::PathBuf, sync::Arc};
use tokio::task::JoinHandle;
use crate::{
@ -113,6 +112,11 @@ pub fn bot_version_to_botspec(
binds: None,
argv: None,
working_dir: None,
pull: true,
credentials: Some(runner::docker_runner::Credentials {
username: "admin".to_string(),
password: runner_config.registry_admin_password.clone(),
}),
})
} else {
// TODO: ideally this would not be possible
@ -131,6 +135,11 @@ fn python_docker_bot_spec(config: &GlobalConfig, code_bundle_path: &str) -> Box<
binds: Some(vec![format!("{}:{}", code_bundle_path_str, "/workdir")]),
argv: Some(vec!["python".to_string(), "bot.py".to_string()]),
working_dir: Some("/workdir".to_string()),
// This would be a pull from dockerhub at the moment, let's avoid that for now.
// Maybe the best course of action would be to replicate all images in the dedicated
// registry, so that we only have to provide credentials to that one.
pull: false,
credentials: None,
})
}