Added option for running docker-executor in privileged (#82)

* Added option for running docker-executor in privileged

Author: firecow

src/commander.ts

@@ -6,7 +6,7 @@ import {Utils} from "./utils";
 
 export class Commander {
 
-    static async runPipeline(parser: Parser, manualArgs: string[]) {
+    static async runPipeline(parser: Parser, manualArgs: string[], privileged: boolean) {
         const jobs = parser.getJobs();
         const stages = parser.getStages().concat();
 
@@ -27,7 +27,7 @@ export class Commander {
 
                 if (!job.isRunning() && !job.isFinished()) {
                     // noinspection ES6MissingAwait
-                    job.start();
+                    job.start(privileged);
                 }
             }
 
@@ -41,7 +41,7 @@ export class Commander {
                 const needsConditionMet = job.needs.every((v) => (finishedJobNames.indexOf(v) >= 0));
                 if (needsConditionMet) {
                     // noinspection ES6MissingAwait
-                    job.start();
+                    job.start(privileged);
                 }
             }
 
@@ -86,7 +86,7 @@ export class Commander {
         }
     }
 
-    static async runSingleJob(parser: Parser, jobName: string,   needs: boolean) {
+    static async runSingleJob(parser: Parser, jobName: string, needs: boolean, privileged: boolean) {
         const jobs: Job[] = [];
         const foundJob = parser.getJobByName(jobName);
         jobs.push(foundJob);
@@ -110,7 +110,7 @@ export class Commander {
         }
 
         for (const job of jobs) {
-            await job.start();
+            await job.start(privileged);
         }
 
         await Commander.printReport(jobs);

src/default-cmd.ts

@@ -35,13 +35,13 @@ export async function handler(argv: any) {
         checkFolderAndFile(cwd);
         const pipelineIid = await state.getPipelineIid(cwd);
         const parser = await Parser.create(cwd, pipelineIid);
-        await Commander.runSingleJob(parser, argv.job, argv.needs);
+        await Commander.runSingleJob(parser, argv.job, argv.needs, argv.privileged);
     } else {
         checkFolderAndFile(cwd);
         await state.incrementPipelineIid(cwd);
         const pipelineIid = await state.getPipelineIid(cwd);
         const parser = await Parser.create(cwd, pipelineIid);
-        await Commander.runPipeline(parser, argv.manual || []);
+        await Commander.runPipeline(parser, argv.manual || [], argv.privileged);
     }
 }
 

src/index.ts

@@ -31,6 +31,7 @@ process.on('unhandledRejection', e => {
         .command(defaultCmd)
         .usage("Find more information at https://github.com/firecow/gitlab-ci-local")
         .strictOptions()
+        .env("GCL")
         .option("manual", {
             type: "array",
             description: "One or more manual jobs to run during a pipeline",
@@ -56,6 +57,12 @@ process.on('unhandledRejection', e => {
             description: "Run needed jobs, when executing a single job",
             requiresArg: false
         })
+        .option("privileged", {
+            type: "boolean",
+            default: false,
+            description: "Set docker executor to privileged mode",
+            requiresArg: false
+        })
         .completion("completion", false, async (_, yargsArgv) => {
             try {
                 const cwd = yargsArgv.cwd || process.cwd();

src/job.ts

@@ -154,7 +154,7 @@ export class Job {
         return this._afterScriptsExitCode;
     }
 
-    async start(): Promise<void> {
+    async start(privileged: boolean): Promise<void> {
         const startTime = process.hrtime();
 
         this.running = true;
@@ -168,7 +168,7 @@ export class Job {
         }
 
         const prescripts = this.beforeScripts.concat(this.scripts);
-        this._prescriptsExitCode = await this.execScripts(prescripts);
+        this._prescriptsExitCode = await this.execScripts(prescripts, privileged);
         if (this.afterScripts.length === 0 && this._prescriptsExitCode > 0 && !this.allowFailure) {
             process.stderr.write(`${this.getExitedString(startTime, this._prescriptsExitCode, false)}\n`);
             this.running = false;
@@ -196,7 +196,7 @@ export class Job {
 
         this._afterScriptsExitCode = 0;
         if (this.afterScripts.length > 0) {
-            this._afterScriptsExitCode = await this.execScripts(this.afterScripts);
+            this._afterScriptsExitCode = await this.execScripts(this.afterScripts, privileged);
         }
 
         if (this._afterScriptsExitCode > 0) {
@@ -257,7 +257,7 @@ export class Job {
         }
     }
 
-    private async execScripts(scripts: string[]): Promise<number> {
+    private async execScripts(scripts: string[], privileged: boolean): Promise<number> {
         const jobNameStr = this.getJobNameString();
         const outputFilesPath = this.getOutputFilesPath();
         let time;
@@ -308,7 +308,11 @@ export class Job {
             process.stdout.write(`${this.getJobNameString()} ${magentaBright('pulled')} in ${magenta(prettyHrtime(endTime))}\n`);
 
             let dockerCmd = ``;
-            dockerCmd += `docker create -u 0:0 -i ${this.image} `;
+            if (privileged) {
+                dockerCmd += `docker create --privileged -u 0:0 -i ${this.image} `;
+            } else {
+                dockerCmd += `docker create -u 0:0 -i ${this.image} `;
+            }
             dockerCmd += `sh -c "\n`
             dockerCmd += `if [ -x /usr/local/bin/bash ]; then\n`
             dockerCmd += `\texec /usr/local/bin/bash \n`;

tests/cases.test.ts

@@ -112,7 +112,8 @@ test('image <test-job>', async () => {
 test('image <test-entrypoint>', async () => {
     await defaultCmd.handler({
         cwd: 'tests/test-cases/image',
-        job: 'test-entrypoint'
+        job: 'test-entrypoint',
+        privileged: true
     });
 
     expect(mockProcessStdout).toHaveBeenCalledWith("/\n");