trusted-sandbox 0.0.7.pre → 0.0.8.pre

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: cbe86ae0e84ca1284ecaea9c28106b7382c98b5a
-  data.tar.gz: 9f329d62c93260cdca7658dfaf238564db3682fd
+  metadata.gz: c7b64a3255a3beeac10c6a8866473acff1efae09
+  data.tar.gz: e8f26b14b22e0b850e3b46988ba7075d9b5a6270
 SHA512:
-  metadata.gz: 967ccab278244a1e4f4facb79def2720c98bb1ecdfd6601390228072c60fcab69367db0203018ff04d06daacdd5c26fd755eb27f1d59eed7063c0014938eca20
-  data.tar.gz: 713a93db44b5e600bd35e3f9b8ab76fd3b33113a5af92a0c298b82cefaf84e791708f9c70415a4098b2d687b0ea44fbac0bb9a744127462e0c4246b9034287d2
+  metadata.gz: 373a6cb32b03fcc0a111b21948bb6dde39db93454c07fcc969bd70d9d6b9c784ad8d415d4cd17cb36258b0eb9df6f9a202140f45442c3eac130e54c216fe43b0
+  data.tar.gz: 251425a9574927a6e691cf78bfbb26f325e118f1a05fc0641bf4e55f9f14b00c7db748e8327f1527091874eaae8492fcc694fb0f4c16db174e28962dd08edaa1

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    trusted-sandbox (0.0.6.pre)
+    trusted-sandbox (0.0.7.pre)
       docker-api (~> 1.13)
       thor (~> 0.19)
 

data/README.md

@@ -55,7 +55,7 @@ $ gem install trusted-sandbox
 
 ### Step 2
 Install Docker. Refer to the Docker documentation to see how to install Docker on your environment.
-Note that on a linux server the docker daemon runs as root and owns the socket used to connect to it.
+Note that on a Linux server the docker daemon runs as root and owns the socket used to connect to it.
 To give your app user access to that socket you will need to add the user to the docker group.
 ```
 $ sudo gpasswd -a ${USER} docker
@@ -76,7 +76,7 @@ Run the following command which will copy the `trusted_sandbox.yml` file into yo
 $ trusted_sandbox install
 ```
 
-Follow the configuration instructions below. Once you're done configuring, test your installation by running:
+Then follow the configuration instructions below. Once you're done configuring, test your installation by running:
 ```
 $ trusted_sandbox test
 ```
@@ -105,14 +105,23 @@ Follow the instructions in the relevant sections of the configuration guide.
 
 Let's go over the sections of the YAML configuration file you created in step 3 above.
 
-### Docker access
+### Docker connection
+
+Trusted Sandbox uses the `docker-api` gem to communicate with docker. `docker-api`'s default work quite well for a
+Linux host, and you should be good by omitting `docker_url` and `docker_cert_path` all together.
+
 ```ruby
-  # ENV['DOCKER_HOST'] is used if omitted
+  # If omitted ENV['DOCKER_HOST'] is used. If it is not set, docker-api defaults are used
   docker_url: https://192.168.59.103:2376
 
-  # ENV['DOCKER_CERT_PATH'] is used if omitted
+  # If omitted ENV['DOCKER_CERT_PATH'] is used. If it is not set, docker-api defaults are used
   docker_cert_path: ~/.boot2docker/certs/boot2docker-vm
+```
+If you need finer control of `docker-api` configuration, you can add a `docker_options` hash entry to the
+YAML file which will override any configuration and passed through to `Docker.options`.
 
+In addition, these docker-related configuration parameters can be used:
+```ruby
   docker_image_name: vaharoni/trusted_sandbox:2.1.2.v1
 
   # Optional authentication
@@ -123,9 +132,6 @@ Let's go over the sections of the YAML configuration file you created in step 3
 
 ```
 
-Trusted Sandbox uses the `docker-api` gem to communicate with docker. Some of the parameters above are used to setup
-the global `Docker` class. For finer control of its configuration, you can add a `docker_options` hash entry to the
-YAML file which will override any configuration and passed through to `Docker.options`.
 
 ### Limiting resources
 CPU:
@@ -160,21 +166,16 @@ Note that controlling memory swap limits and user quotas requires additional ste
 
 ### Execution parameters
 
-A temporary directory under which sub directories are created and mounted to containers.
-The code and args exchange between the host and containers is done via these sub directories.
-
 ```ruby
+  # A temporary folder under which sub folders are created and mounted to containers.
+  # The code and args exchange between the host and containers is done via these sub folders.
   host_code_root_path: tmp/code_dirs
-```
 
-When set to true, the temporary sub directories will not be erased. This allows you to login to the container to
-troubleshoot issues as explained in the "Troubleshooting" section.
-```ruby
+  # When set to true, the temporary sub folders will not be erased. This allows you to login
+  # to the container to troubleshoot issues as explained in the "Troubleshooting" section.
   keep_code_folders: false
-```
 
-A directory used by the UID-pool to handle locks.
-```ruby
+  # A folder used by the UID-pool to handle locks.
   host_uid_pool_lock_path: tmp/uid_pool_lock
 ```
 

data/lib/trusted_sandbox/config/trusted_sandbox.yml

@@ -1,12 +1,13 @@
 development:
-  # Optional login information
-  docker_login:
-    user:                       my_user
-    password:                   my_password
-    email:                      email@email.com
-
-  docker_url:                   https://192.168.59.103:2376
-  docker_cert_path:             ~/.boot2docker/certs/boot2docker-vm
+  # # Optional login information
+  # docker_login:
+  #  user:                       my_user
+  #  password:                   my_password
+  #  email:                      email@email.com
+
+  # # For a linux host these can remain empty
+  # docker_url:                   https://192.168.59.103:2376
+  # docker_cert_path:             ~/.boot2docker/certs/boot2docker-vm
 
   docker_image_name:            vaharoni/trusted_sandbox:2.1.2.v1
 

data/lib/trusted_sandbox/config.rb

@@ -52,11 +52,11 @@ module TrustedSandbox
 
     def docker_cert_path=(value)
       @docker_cert_path = File.expand_path(value)
-      Docker.options = {
-        private_key_path: "#{@docker_cert_path}/key.pem",
-        certificate_path: "#{@docker_cert_path}/cert.pem",
-        ssl_verify_peer: false
-      }.merge(docker_options)
+      @docker_options_for_cert = {
+          private_key_path: "#{@docker_cert_path}/key.pem",
+          certificate_path: "#{@docker_cert_path}/cert.pem",
+          ssl_verify_peer: false
+      }
     end
 
     def host_code_root_path=(path)
@@ -81,6 +81,8 @@ module TrustedSandbox
     # Called to do any necessary setup to allow staged configuration
     # @return [Config] self for chaining
     def finished_configuring
+      Docker.options = @docker_options_for_cert.merge(docker_options)
+
       return self unless @docker_auth_needed
       Docker.authenticate! username: @docker_auth_user, password: @docker_auth_password, email: @docker_auth_email
       @docker_auth_needed = false
@@ -93,6 +95,7 @@ module TrustedSandbox
     #   contain a value for the requested configuration options
     # @params params [Hash] hash containing configuration options
     def initialize(other_config, params={})
+      @docker_options_for_cert = {}
       @other_config = other_config
       params.each do |key, value|
         send "#{key}=", value

data/lib/trusted_sandbox/version.rb

@@ -1,3 +1,3 @@
 module TrustedSandbox
-  VERSION = '0.0.7.pre'
+  VERSION = '0.0.8.pre'
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: trusted-sandbox
 version: !ruby/object:Gem::Version
-  version: 0.0.7.pre
+  version: 0.0.8.pre
 platform: ruby
 authors:
 - Amit Aharoni