feat: add workloads to the plan #571
Conversation
| } else if s.workload != nil { | ||
| // Take user/group config from workload | ||
| uid, gid, err = osutil.NormalizeUidGid(s.workload.UserID, s.workload.GroupID, s.workload.User, s.workload.Group) | ||
| } |
There was a problem hiding this comment.
What about the else case?
There was a problem hiding this comment.
uid, gid are nil, and setCmdCredential() is not called, resulting in the services being run as the current user
| @@ -378,6 +405,12 @@ func (s *serviceData) startInternal() error { | |||
| } | |||
| } | |||
|
|
|||
| if s.workload != nil && len(s.workload.Environment) != 0 { | |||
| for k, v := range s.workload.Environment { | |||
| environment[k] = v | |||
There was a problem hiding this comment.
Do we allow every environment variable to be customized here? Just thought about this. I guess yes.
There was a problem hiding this comment.
Yes, we decided nothing against that when discussing the spec, but I'm happy to explore this. Personally, I don't think there's anything wrong per se with allowing every environment variable to be changed, but if you have arguments against that I'm happy to make them part of the spec discussion
| Entries map[string]*Workload `yaml:",inline"` | ||
| } | ||
|
|
||
| func (ws *WorkloadsSection) IsZero() bool { |
There was a problem hiding this comment.
Suggestion to rename to IsEmpty
There was a problem hiding this comment.
Feels more fitting, however IsZero() is already part of the Section interface in the plan:
Lines 53 to 59 in d8a630a
| } | ||
|
|
||
| func (ws *WorkloadsSection) combine(other *WorkloadsSection) error { | ||
| if len(other.Entries) != 0 && ws.Entries == nil { |
There was a problem hiding this comment.
!other.IsEmpty() && ws.Entries == nil
There was a problem hiding this comment.
This would potentially result in a nil pointer dereference in sneaky ways, since it's up to the implementation of IsZero() to dereference or not the pointer receiver. len() is special in that len(nil) == 0 for slices and maps.
| if w.Name == "" { | ||
| return errors.New("cannot have an empty name") | ||
| } | ||
| // Value of Override is checked in the (*WorkloadSection).combine() method |
There was a problem hiding this comment.
My intuition is that validate should do that check regardless.
| return errors.New("cannot have an empty name") | ||
| } | ||
| // Value of Override is checked in the (*WorkloadSection).combine() method | ||
| return nil |
There was a problem hiding this comment.
Additionally, there could be a lot of invalid stuff in the Environment map. Would it make sense to check here?
| UserID *int `yaml:"user-id,omitempty"` | ||
| User string `yaml:"user,omitempty"` | ||
| GroupID *int `yaml:"group-id,omitempty"` | ||
| Group string `yaml:"group,omitempty"` |
There was a problem hiding this comment.
Considering we allow specifying both user-id and username, or both group-id and group name, there's a possibility of a workload where the group-id doesn't actually match the group name and same for users. Where would we deal with that? I expect this will only get detected for sure in kernos bootstrap. Correct?
There was a problem hiding this comment.
This is detected in servstate when calling osutil.NormalizeUidGid(). An error may be returned if user/user-id or group/group-id does not match, as well as when specifying a user/group that does not exist in the system.
Workloads are a way to optionally group services and apply shared run configuration (user, group, environment) to services, in a way that may be extended in the future to support confinement.