Merge pull request #180 from adevinta/docker-context-host

backend/docker: consider the current context to set the client host

backend/docker/docker.go

@@ -13,20 +13,25 @@ import (
 	"fmt"
 	"io"
 	"net"
+	"os"
+	"path/filepath"
 	"sync"
 	"time"
 
 	"github.com/adevinta/vulcan-agent/backend"
 	"github.com/adevinta/vulcan-agent/config"
 	"github.com/adevinta/vulcan-agent/log"
 	"github.com/adevinta/vulcan-agent/retryer"
+	"github.com/docker/cli/cli/command"
 	dockercliconfig "github.com/docker/cli/cli/config"
+	"github.com/docker/cli/cli/flags"
 	"github.com/docker/docker/api/types"
 	"github.com/docker/docker/api/types/container"
 	"github.com/docker/docker/api/types/filters"
 	"github.com/docker/docker/api/types/network"
 	"github.com/docker/docker/client"
 	"github.com/docker/docker/pkg/stdcopy"
+	"github.com/docker/go-connections/tlsconfig"
 )
 
 const (
@@ -94,7 +99,7 @@ type Docker struct {
 	agentAddr string
 	checkVars backend.CheckVars
 	log       log.Logger
-	cli       *client.Client
+	cli       client.APIClient
 	retryer   Retryer
 	updater   ConfigUpdater
 	auths     registryAuths
@@ -179,7 +184,7 @@ func NewBackend(log log.Logger, cfg config.Config, updater ConfigUpdater) (backe
 	retries := cfgReg.BackoffMaxRetries
 	re := retryer.NewRetryer(retries, interval, log)
 
-	envCli, err := client.NewClientWithOpts(client.FromEnv, client.WithAPIVersionNegotiation())
+	cli, err := command.NewAPIClientFromFlags(defaultClientOptions(), dockercliconfig.LoadDefaultConfigFile(io.Discard))
 	if err != nil {
 		return &Docker{}, err
 	}
@@ -189,7 +194,7 @@ func NewBackend(log log.Logger, cfg config.Config, updater ConfigUpdater) (backe
 		agentAddr: agentAddr,
 		log:       log,
 		checkVars: cfg.Check.Vars,
-		cli:       envCli,
+		cli:       cli,
 		retryer:   re,
 		updater:   updater,
 		auths: registryAuths{
@@ -226,6 +231,30 @@ func NewBackend(log log.Logger, cfg config.Config, updater ConfigUpdater) (backe
 	return b, nil
 }
 
+func defaultClientOptions() *flags.ClientOptions {
+	tlsVerify := os.Getenv(client.EnvTLSVerify) != ""
+
+	var tlsopts *tlsconfig.Options
+	if tlsVerify {
+		certPath := os.Getenv(client.EnvOverrideCertPath)
+		if certPath == "" {
+			certPath = dockercliconfig.Dir()
+		}
+		tlsopts = &tlsconfig.Options{
+			CAFile:   filepath.Join(certPath, flags.DefaultCaFile),
+			CertFile: filepath.Join(certPath, flags.DefaultCertFile),
+			KeyFile:  filepath.Join(certPath, flags.DefaultKeyFile),
+		}
+	}
+
+	opts := &flags.ClientOptions{
+		TLS:        tlsVerify,
+		TLSVerify:  tlsVerify,
+		TLSOptions: tlsopts,
+	}
+	return opts
+}
+
 // addRegistryAuth adds the auth to the map only if valid.
 func (b *Docker) addRegistryAuth(domain string, auth *types.AuthConfig) error {
 	if domain == "" {

backend/docker/docker_test.go

@@ -436,7 +436,7 @@ func removeContainer(name string) (err error) {
 	return cmd.Run()
 }
 
-func waitForContainer(cli *client.Client, id string) (string, error) {
+func waitForContainer(cli client.APIClient, id string) (string, error) {
 	filter := filters.NewArgs(filters.KeyValuePair{
 		Key:   "label",
 		Value: fmt.Sprintf("CheckID=%s", id),

go.mod

@@ -10,6 +10,7 @@ require (
 	github.com/docker/cli v24.0.5+incompatible
 	github.com/docker/distribution v2.8.2+incompatible
 	github.com/docker/docker v24.0.5+incompatible
+	github.com/docker/go-connections v0.4.0
 	github.com/google/go-cmp v0.5.9
 	github.com/google/uuid v1.3.0
 	github.com/gorilla/websocket v1.5.0
@@ -19,20 +20,39 @@ require (
 )
 
 require (
+	github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1 // indirect
 	github.com/DataDog/datadog-go v4.8.3+incompatible // indirect
 	github.com/Microsoft/go-winio v0.5.2 // indirect
+	github.com/beorn7/perks v1.0.1 // indirect
 	github.com/docker/docker-credential-helpers v0.6.4 // indirect
-	github.com/docker/go-connections v0.4.0 // indirect
+	github.com/docker/go v1.5.1-1.0.20160303222718-d30aec9fd63c // indirect
+	github.com/docker/go-metrics v0.0.1 // indirect
 	github.com/docker/go-units v0.4.0 // indirect
+	github.com/fvbommel/sortorder v1.1.0 // indirect
 	github.com/gogo/protobuf v1.3.2 // indirect
+	github.com/golang/protobuf v1.3.4 // indirect
+	github.com/gorilla/mux v1.8.0 // indirect
+	github.com/inconshreveable/mousetrap v1.1.0 // indirect
 	github.com/jmespath/go-jmespath v0.4.0 // indirect
+	github.com/matttproud/golang_protobuf_extensions v1.0.1 // indirect
+	github.com/miekg/pkcs11 v1.0.2 // indirect
+	github.com/moby/sys/sequential v0.5.0 // indirect
 	github.com/moby/term v0.0.0-20210619224110-3f7ff695adc6 // indirect
 	github.com/morikuni/aec v1.0.0 // indirect
 	github.com/opencontainers/go-digest v1.0.0 // indirect
 	github.com/opencontainers/image-spec v1.0.2 // indirect
 	github.com/pkg/errors v0.9.1 // indirect
+	github.com/prometheus/client_golang v1.1.0 // indirect
+	github.com/prometheus/client_model v0.0.0-20190129233127-fd36f4220a90 // indirect
+	github.com/prometheus/common v0.6.0 // indirect
+	github.com/prometheus/procfs v0.0.3 // indirect
+	github.com/spf13/cobra v1.7.0 // indirect
+	github.com/spf13/pflag v1.0.5 // indirect
+	github.com/theupdateframework/notary v0.7.0 // indirect
+	golang.org/x/crypto v0.0.0-20210921155107-089bfa567519 // indirect
 	golang.org/x/net v0.9.0 // indirect
 	golang.org/x/sys v0.7.0 // indirect
+	golang.org/x/term v0.7.0 // indirect
 	golang.org/x/time v0.0.0-20220411224347-583f2d630306 // indirect
 	gotest.tools/v3 v3.2.0 // indirect
 )