tangled.org / core
Monorepo for Tangled tangled.org
2
Fork 66

Configure Feed

Select the types of activity you want to include in your feed.

spindle: support exposing docker socket

author
Spencer Heywood committer
Tangled date (May 19, 2026, 1:01 PM +0300) commit 39402c71 parent b2f2af4e
+16 -2
+1
docs/DOCS.md
··· 967 967 - `SPINDLE_SERVER_DEV`: A boolean indicating whether the server is running in development mode (default: `false`). 968 968 - `SPINDLE_SERVER_OWNER`: The DID of the owner (required). 969 969 - `SPINDLE_SERVER_LOG_DIR`: The directory to store workflow logs (default: `"/var/log/spindle"`). 970 + - `SPINDLE_SERVER_DOCKER_SOCKET`: Path to Docker socket to expose to invoked Spindle containers (default: `""`). 970 971 - `SPINDLE_PIPELINES_NIXERY`: The Nixery URL (default: `"nixery.tangled.sh"`). 971 972 - `SPINDLE_PIPELINES_WORKFLOW_TIMEOUT`: The default workflow timeout (default: `"5m"`). 972 973
+1
spindle/config/config.go
··· 22 22 QueueSize int `env:"QUEUE_SIZE, default=100"` 23 23 MaxJobCount int `env:"MAX_JOB_COUNT, default=2"` // max number of pipelines that run at a time 24 24 MaxConcurrentWorkflows int `env:"MAX_CONCURRENT_WORKFLOWS, default=8"` // max number of workflow containers running at once (memory cap) 25 + DockerSocket string `env:"DOCKER_SOCKET"` // path to a docker socket to expose to workflow containers 25 26 } 26 27 27 28 type Tap struct {
+14 -2
spindle/engines/nixery/engine.go
··· 73 73 type addlFields struct { 74 74 image string 75 75 container string 76 + mounts []mount.Mount 76 77 } 77 78 78 79 func (e *Engine) InitWorkflow(twf tangled.Pipeline_Workflow, tpl tangled.Pipeline) (*models.Workflow, error) { ··· 105 106 swf.Environment = dwf.Environment 106 107 addl.image = workflowImage(dwf.Dependencies, e.cfg.NixeryPipelines.Nixery) 107 108 109 + if sock := e.cfg.Server.DockerSocket; sock != "" { 110 + addl.mounts = append(addl.mounts, mount.Mount{ 111 + Type: mount.TypeBind, 112 + Source: sock, 113 + Target: sock, 114 + ReadOnly: false, 115 + }) 116 + } 108 117 setup := &setupSteps{} 109 118 110 119 setup.addStep(nixConfStep()) ··· 239 248 // TODO(winter): investigate whether environment variables passed here 240 249 // get propagated to ContainerExec processes 241 250 }, &container.HostConfig{ 242 - Mounts: []mount.Mount{ 251 + Mounts: append([]mount.Mount{ 243 252 { 244 253 Type: mount.TypeTmpfs, 245 254 Target: "/tmp", ··· 251 260 }, 252 261 }, 253 262 }, 254 - }, 263 + }, addl.mounts...), 255 264 ReadonlyRootfs: false, 256 265 CapDrop: []string{"ALL"}, 257 266 CapAdd: []string{"CAP_DAC_OVERRIDE", "CAP_CHOWN", "CAP_FOWNER", "CAP_SETUID", "CAP_SETGID"}, ··· 360 369 envs.AddEnv("HOME", homeDir) 361 370 existingPath := "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" 362 371 envs.AddEnv("PATH", fmt.Sprintf("%s/.nix-profile/bin:/nix/var/nix/profiles/default/bin:%s", homeDir, existingPath)) 372 + if sock := e.cfg.Server.DockerSocket; sock != "" { 373 + envs.AddEnv("DOCKER_HOST", fmt.Sprintf("unix://%s", sock)) 374 + } 363 375 364 376 mkExecResp, err := e.docker.ContainerExecCreate(ctx, addl.container, container.ExecOptions{ 365 377 Cmd: []string{"bash", "-c", step.Command()},