Skip to content

Commit

Permalink
Fix killing of unresponsive containers by adding init process (#369)
Browse files Browse the repository at this point in the history 
This adds the `--init` flag to the `docker run` command so that the
entrypoint process (`bash` in our case) is started by a init process.
That fixes the behaviour of the interrupt signal simply having no
effect.

From what I could gather that's because PID 1 (which is the
`--entrypoint` in a Docker container) is protected and cannot be killed.
But `--init` is given the PID1 is an init process, which forwards the
signal to our entrypoint and kills it, exiting afterwards.

Resources:

- https://stackoverflow.com/questions/45718967/how-do-you-kill-a-docker-containers-default-command-without-killing-the-entire-c
- https://unix.stackexchange.com/questions/457649/unable-to-kill-process-with-pid-1-in-docker-container
- https://stackoverflow.com/questions/31538314/stopping-docker-container-from-inside
  • Loading branch information
@mrnugget
mrnugget authored Nov 5, 2020
1 parent dff0227 commit 5f079e0
Show file tree
Hide file tree
Showing 2 changed files with 2 additions and 0 deletions.
1 change: 1 addition & 0 deletions CHANGELOG.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,7 @@ All notable changes to `src-cli` are documented in this file.

- Campaign steps run in a container that does not run as root could fail on systems that do not map the running user ID to the container, most notably desktop Linux. This has been fixed: temporary files and workspaces mounted into the container now have sufficient permissions to allow the container user to execute the step. [#366](https://github.com/sourcegraph/src-cli/pull/366)
- Executing campaigns on Windows would fail due to obscure `--cidfile` errors: namely, the temporary cidfile would not be removed before `docker run` was invoked. This has been fixed. [#368](https://github.com/sourcegraph/src-cli/pull/368)
- Unresponsive containers started by `src campaign [apply|preview]` can now be killed by hitting Ctrl-C. Previously the signal wasn't properly forwarded to the process in the container. [#369](https://github.com/sourcegraph/src-cli/pull/369)

## 3.21.5

Expand Down
1 change: 1 addition & 0 deletions internal/campaigns/run_steps.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -176,6 +176,7 @@ func runSteps(ctx context.Context, wc *WorkspaceCreator, repo *graphql.Repositor
args := []string{
"run",
"--rm",
"--init",
"--cidfile", cidFile.Name(),
"--workdir", workDir,
"--mount", fmt.Sprintf("type=bind,source=%s,target=%s", volumeDir, workDir),
Expand Down

0 comments on commit 5f079e0

Please sign in to comment.