From 1cbd7a159651a81a4a3521c782d6e1ab11b7bd32 Mon Sep 17 00:00:00 2001
From: Tom Clegg <tom@curii.com>
Date: Tue, 12 Nov 2024 13:20:23 -0500
Subject: [PATCH] 22316: `arvados-server install` option to add user to docker
 group.

Arvados-DCO-1.1-Signed-off-by: Tom Clegg <tom@curii.com>
---
 lib/install/deps.go | 31 +++++++++++++++++++++++++++++++
 1 file changed, 31 insertions(+)

diff --git a/lib/install/deps.go b/lib/install/deps.go
index 97aefd209c..d390b6975d 100644
--- a/lib/install/deps.go
+++ b/lib/install/deps.go
@@ -19,6 +19,7 @@ import (
 	"path/filepath"
 	"regexp"
 	"runtime"
+	"slices"
 	"strconv"
 	"strings"
 	"syscall"
@@ -57,6 +58,7 @@ type installCommand struct {
 	SingularityVersion string
 	NodejsVersion      string
 	EatMyData          bool
+	UserAccount        string
 }
 
 func (inst *installCommand) RunCommand(prog string, args []string, stdin io.Reader, stdout, stderr io.Writer) int {
@@ -84,6 +86,7 @@ func (inst *installCommand) RunCommand(prog string, args []string, stdin io.Read
 	flags.StringVar(&inst.SingularityVersion, "singularity-version", defaultSingularityVersion, "Singularity `version` to install (do not override in production mode)")
 	flags.StringVar(&inst.NodejsVersion, "nodejs-version", defaultNodejsVersion, "Nodejs `version` to install (not applicable in production mode)")
 	flags.BoolVar(&inst.EatMyData, "eatmydata", false, "use eatmydata to speed up install")
+	flags.StringVar(&inst.UserAccount, "user-account", "", "Account to add to the docker group so it can run the test suite (not applicable in production mode)")
 
 	if ok, code := cmd.ParseFlags(flags, prog, args, "", stderr); !ok {
 		return code
@@ -317,6 +320,34 @@ fi
 			err = fmt.Errorf("couldn't set fs.inotify.max_user_watches value. (Is this a docker container? Fix this on the docker host by adding fs.inotify.max_user_watches=524288 to /etc/sysctl.conf and running `sysctl -p`)")
 			return 1
 		}
+
+		if inst.UserAccount != "" {
+			dockergroup, err2 := user.LookupGroup("docker")
+			if err2 != nil {
+				err = fmt.Errorf("docker group lookup failed: %w", err2)
+				return 1
+			}
+			user, err2 := user.Lookup(inst.UserAccount)
+			if err2 != nil {
+				err = fmt.Errorf("user lookup failed: %q: %w", inst.UserAccount, err2)
+				return 1
+			}
+			gids, err2 := user.GroupIds()
+			if err2 != nil {
+				err = fmt.Errorf("group lookup for user %q failed: %w", inst.UserAccount, err2)
+				return 1
+			}
+			if slices.Index(gids, dockergroup.Gid) >= 0 {
+				logger.Printf("user %s (%s) is already a member of the docker group (%s)", inst.UserAccount, user.Uid, dockergroup.Gid)
+			} else {
+				logger.Printf("adding user %s (%s) to the docker group (%s)", inst.UserAccount, user.Uid, dockergroup.Gid)
+				out, err2 := exec.Command("adduser", inst.UserAccount, "docker").CombinedOutput()
+				if err2 != nil {
+					err = fmt.Errorf("error adding user %q to docker group: %w, %q", inst.UserAccount, err2, out)
+					return 1
+				}
+			}
+		}
 	}
 
 	os.Mkdir("/var/lib/arvados", 0755)
-- 
2.30.2