From 080a58c885164613e3eda4fe82188f2a3685a346 Mon Sep 17 00:00:00 2001
From: Lansana DIOMANDE <ldiomande@takima.fr>
Date: Tue, 17 May 2022 16:17:53 +0200
Subject: [PATCH] refactor: Use docker dind image with privilege

---
 Dockerfile.desktop                            | 35 +++++++++----------
 .../deadlock-extension/src/core/controller.ts |  3 --
 .../keycloakOAuth2DeviceFlowConnection.ts     |  1 +
 .../deadlock-extension/src/core/mission.ts    |  8 +----
 start.desktop.sh                              |  3 ++
 5 files changed, 22 insertions(+), 28 deletions(-)

diff --git a/Dockerfile.desktop b/Dockerfile.desktop
index c67c501a..84850d36 100644
--- a/Dockerfile.desktop
+++ b/Dockerfile.desktop
@@ -1,16 +1,19 @@
-FROM node:16.15
+FROM docker:20.10.16-dind-alpine3.15
 
-RUN apt update -y
-RUN apt  install vim -y && apt  install nano -y \
-    && apt  install rsync -y && apt install sudo -y \
-    && apt  install bash -y  && apt  install openssh-server -y \
-    && apt  install git -y && apt install python3 -y \
-    && ln -sf python3 /usr/bin/python && apt install g++ -y
+RUN apk update
+RUN apk add --update nodejs npm
+RUN apk  --no-cache add vim && apk  --no-cache add nano \
+    && apk  --no-cache add rsync && apk  --no-cache add sudo \
+    && apk  --no-cache add bash && apk  --no-cache add openssh \
+    && apk  --no-cache add git && apk add --update --no-cache python3 && ln -sf python3 /usr/bin/python
 
 ## User account
-RUN adduser --disabled-password --gecos '' deadlock && \
-    usermod -aG sudo deadlock && passwd -d deadlock
-RUN echo '%sudo ALL=(ALL) NOPASSWD:ALL' >> /etc/sudoers
+RUN addgroup -S sudo && adduser --disabled-password --gecos '' deadlock && \
+    adduser deadlock sudo && \
+    addgroup -S docker && adduser deadlock docker && \
+    echo '%sudo ALL=(ALL) NOPASSWD:ALL' >> /etc/sudoers
+
+RUN chown root:docker /usr/local/bin/docker
 
 
 COPY setup_trace.py setup_trace.py
@@ -20,18 +23,14 @@ RUN chown deadlock setup_trace.py
 COPY recorder-out deadlock/
 COPY .gitignore_recorder deadlock/.gitignore
 
+
+
 COPY start.desktop.sh .
 RUN chmod 504 deadlock/ -R
 RUN chmod 500 start.desktop.sh
 
-RUN mkdir /project && mkdir /tmp/.ssh && mkdir /home/deadlock/mission && \
-    chown deadlock:deadlock /home/deadlock
-
-RUN curl -fsSL https://get.docker.com -o get-docker.sh && sh get-docker.sh
-RUN curl -SL https://github.com/docker/compose/releases/download/v2.5.0/docker-compose-linux-x86_64 -o /usr/local/bin/docker-compose && \
-    chmod +x /usr/local/bin/docker-compose && \
-    ln -s /usr/local/bin/docker-compose /usr/bin/docker-compose
+RUN mkdir /project && mkdir /tmp/.ssh && mkdir /home/deadlock/mission
 
-RUN  usermod -aG docker deadlock
+RUN chown deadlock:deadlock /home/deadlock
 
 ENTRYPOINT ["bash", "start.desktop.sh"]
\ No newline at end of file
diff --git a/deadlock-plugins/deadlock-extension/src/core/controller.ts b/deadlock-plugins/deadlock-extension/src/core/controller.ts
index ced2bd6b..e2435100 100644
--- a/deadlock-plugins/deadlock-extension/src/core/controller.ts
+++ b/deadlock-plugins/deadlock-extension/src/core/controller.ts
@@ -87,8 +87,6 @@ export default class Controller {
     }
   }
 
-  public async createMissionUserChallengeJson(missionId: string) {}
-
   public async clear() {
     const exensionStorage = ExtensionStore.getInstance();
     await exensionStorage.clear();
@@ -133,7 +131,6 @@ export default class Controller {
         vscode.window.showInformationMessage('Déjà connecté: session récupérée');
       }
 
-      console.log('BEFORE QUERY');
       const user: User = await this.callApiService.getUser();
       const giteaPublicProperties: GiteaPublicProperties = await this.callApiService.getGiteaPublicProperties();
       // TODO Should I fetch GET api/missions/{missionId} one day instead of passing necessary parameters in vscode xdg-open link ?
diff --git a/deadlock-plugins/deadlock-extension/src/core/keycloakOAuth2DeviceFlowConnection.ts b/deadlock-plugins/deadlock-extension/src/core/keycloakOAuth2DeviceFlowConnection.ts
index 1ec89b2e..65d92f09 100644
--- a/deadlock-plugins/deadlock-extension/src/core/keycloakOAuth2DeviceFlowConnection.ts
+++ b/deadlock-plugins/deadlock-extension/src/core/keycloakOAuth2DeviceFlowConnection.ts
@@ -154,6 +154,7 @@ export default class KeycloakOAuth2DeviceFlowConnection {
         agent: new https.Agent({ rejectUnauthorized: REJECT_UNAUTHORIZED }),
       });
       userAuthenticationRequestResponseCode = userAuthenticationRequestResponse.status;
+      log(` Status ${userAuthenticationRequestResponseCode}`);
       switch (userAuthenticationRequestResponseCode) {
         case HttpStatusCode.BAD_REQUEST: {
           await this.onUserAuthenticationBadRequest(userAuthenticationRequestResponse);
diff --git a/deadlock-plugins/deadlock-extension/src/core/mission.ts b/deadlock-plugins/deadlock-extension/src/core/mission.ts
index b3875cf7..71001ff1 100644
--- a/deadlock-plugins/deadlock-extension/src/core/mission.ts
+++ b/deadlock-plugins/deadlock-extension/src/core/mission.ts
@@ -89,13 +89,7 @@ export default class Mission {
           workspaceMount: `source=${this.hostMissionMountDir},target=${this.remoteMissionDir},type=bind`,
           workspaceFolder: `${this.remoteMissionDir}`,
           onCreateCommand: `cp -R ${this.remoteGiteaWorkDir} ${this.remoteMissionDir}`,
-          features: {
-            'docker-from-docker': {
-              version: 'latest',
-              moby: true,
-              dockerDashComposeVersion: 'v1',
-            },
-          },
+          runArgs: ['--privileged'],
           ...options,
         };
         return JSON.stringify(devcontainer, null, 2);
diff --git a/start.desktop.sh b/start.desktop.sh
index da33cffd..c7847a1f 100644
--- a/start.desktop.sh
+++ b/start.desktop.sh
@@ -3,6 +3,9 @@
 ON_START_UP_FILE="/deadlock/startup.sh"
 TAG="[DEADLOCK]"
 
+# Start docker in docker
+dockerd-entrypoint.sh $@ &
+
 # setup ssh key for root user
 # must be installed by the API first within /tmp/.ssh
 mkdir ~/.ssh
-- 
GitLab