search

nginx / unit

NGINX Unit - universal web app server - a lightweight and versatile open source server that simplifies the application stack by natively executing application code across eight different programming language runtimes.
https://unit.nginx.org
Apache License 2.0
5.25k stars 321 forks source link

CLI: Filter Docker containers in a more clever way #1254

Closed danielledeleo closed 1 month ago

danielledeleo commented 1 month ago

See this PR comment: https://github.com/nginx/unit/pull/1241/files#r1594347912

As discussed with @avahahn this can likely be solved by filtering on Docker image labels, one of these, e.g. https://github.com/nginx/unit/blob/5d1ce5c4475f8d126b61650f3c678e3f94549f6b/pkg/docker/Dockerfile.minimal#L3-L9

javorszky commented 1 month ago

@danielledeleo @avahahn I'm wondering whether going by the labels is reliable. The only ones that I would consider sort of okay to match for are the image source, or maybe the image url. Inspecting what ctr.labels is here gives us the following for unit:php8.3 image:

0 = {std::collections::hash::map::HashMap<alloc::string::String, alloc::string::String, std::hash::random::RandomState>} size=7
 [0] = {(alloc::string::String, alloc::string::String)} 
  0 = {alloc::string::String} "org.opencontainers.image.source"
  1 = {alloc::string::String} "https://github.com/nginx/unit"
 [1] = {(alloc::string::String, alloc::string::String)} 
  0 = {alloc::string::String} "org.opencontainers.image.title"
  1 = {alloc::string::String} "Unit (php8.3)"
 [2] = {(alloc::string::String, alloc::string::String)} 
  0 = {alloc::string::String} "org.opencontainers.image.vendor"
  1 = {alloc::string::String} "NGINX Docker Maintainers <docker-maint@nginx.com>"
 [3] = {(alloc::string::String, alloc::string::String)} 
  0 = {alloc::string::String} "org.opencontainers.image.documentation"
  1 = {alloc::string::String} "https://unit.nginx.org/installation/#docker-images"
 [4] = {(alloc::string::String, alloc::string::String)} 
  0 = {alloc::string::String} "org.opencontainers.image.description"
  1 = {alloc::string::String} "Official build of Unit for Docker."
 [5] = {(alloc::string::String, alloc::string::String)} 
  0 = {alloc::string::String} "org.opencontainers.image.url"
  1 = {alloc::string::String} "https://unit.nginx.org"
 [6] = {(alloc::string::String, alloc::string::String)} 
  0 = {alloc::string::String} "org.opencontainers.image.version"
  1 = {alloc::string::String} "1.32.1"

I think a far more reliable test to figure out whether Unit is running within docker is whether unit is running within docker. This is the value of ctr.command.0:

command = {core::option::Option<alloc::string::String>::Some} 
 0 = {alloc::string::String} "/usr/local/bin/docker-entrypoint.sh unitd --no-daemon --control unix:/var/run/control.unit.sock"

We can match on ?unitd (maybe space, unitd, space) which should have a high confidence of what we want regardless of the image name or values of any of the labels.

What do you think?

javorszky commented 1 month ago

PR's up! ☝🏻