Skip to content

Commit fe1e43f

Browse files
committed
Mount daemon Docker socket for nested workloads
1 parent 63e9474 commit fe1e43f

3 files changed

Lines changed: 23 additions & 24 deletions

File tree

internal/runtime/docker.go

Lines changed: 6 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -63,22 +63,15 @@ func probeSocket(candidates ...string) string {
6363
return ""
6464
}
6565

66-
// SocketPath returns the Unix socket path used by the Docker client.
67-
// Returns the actual path for the standard /var/run/docker.sock so callers
68-
// can bind-mount it into containers. Returns empty string for non-standard
69-
// sockets (Colima, OrbStack) which communicate with VMs and cannot be
70-
// bind-mounted. Called by internal/container/start.go to decide whether
71-
// to add a Docker socket bind-mount when starting LocalStack.
66+
// SocketPath returns the daemon-visible Unix socket path to bind-mount into
67+
// containers so LocalStack can launch nested workloads such as Lambda functions.
68+
// Even when the CLI connects through a user-scoped socket (for example Colima),
69+
// the daemon resolves bind mounts inside its own environment where the socket is
70+
// exposed at /var/run/docker.sock.
7271
func (d *DockerRuntime) SocketPath() string {
7372
host := d.client.DaemonHost()
7473
if strings.HasPrefix(host, "unix://") {
75-
sock := strings.TrimPrefix(host, "unix://")
76-
// Skip bind-mount for non-standard sockets (Colima, OrbStack, etc.)
77-
// These sockets communicate with VMs and cannot be bind-mounted
78-
if sock != "/var/run/docker.sock" {
79-
return ""
80-
}
81-
return sock
74+
return "/var/run/docker.sock"
8275
}
8376
return ""
8477
}

internal/runtime/docker_test.go

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -40,25 +40,25 @@ func TestProbeSocket_ReturnsEmptyForNoCandidates(t *testing.T) {
4040
}
4141

4242
func TestSocketPath_ExtractsUnixPath(t *testing.T) {
43-
t.Run("standard socket returns path", func(t *testing.T) {
43+
t.Run("standard socket returns daemon path", func(t *testing.T) {
4444
cli, err := client.NewClientWithOpts(client.WithHost("unix:///var/run/docker.sock"))
4545
require.NoError(t, err)
4646
rt := &DockerRuntime{client: cli}
4747
assert.Equal(t, "/var/run/docker.sock", rt.SocketPath())
4848
})
4949

50-
t.Run("non-standard socket returns empty", func(t *testing.T) {
50+
t.Run("non-standard socket returns daemon path", func(t *testing.T) {
5151
cli, err := client.NewClientWithOpts(client.WithHost("unix:///home/user/.colima/default/docker.sock"))
5252
require.NoError(t, err)
5353
rt := &DockerRuntime{client: cli}
54-
assert.Equal(t, "", rt.SocketPath(), "non-standard sockets should return empty to skip bind-mount")
54+
assert.Equal(t, "/var/run/docker.sock", rt.SocketPath())
5555
})
5656

57-
t.Run("orbstack socket returns empty", func(t *testing.T) {
57+
t.Run("orbstack socket returns daemon path", func(t *testing.T) {
5858
cli, err := client.NewClientWithOpts(client.WithHost("unix:///Users/user/.orbstack/run/docker.sock"))
5959
require.NoError(t, err)
6060
rt := &DockerRuntime{client: cli}
61-
assert.Equal(t, "", rt.SocketPath(), "non-standard sockets should return empty to skip bind-mount")
61+
assert.Equal(t, "/var/run/docker.sock", rt.SocketPath())
6262
})
6363
}
6464

test/integration/start_test.go

Lines changed: 12 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -168,14 +168,10 @@ func TestStartCommandSetsUpContainerCorrectly(t *testing.T) {
168168
t.Skip("Docker daemon is not reachable via unix socket")
169169
}
170170

171-
// Skip bind-mount assertion for non-standard sockets (Colima, OrbStack)
172-
// since these communicate with VMs and cannot be bind-mounted
173-
if dockerClient.DaemonHost() != "unix:///var/run/docker.sock" {
174-
t.Skip("Docker daemon uses non-standard socket (Colima/OrbStack) - socket not bind-mounted")
175-
}
176-
177171
assert.True(t, hasBindTarget(inspect.HostConfig.Binds, "/var/run/docker.sock"),
178172
"expected Docker socket bind mount to /var/run/docker.sock, got: %v", inspect.HostConfig.Binds)
173+
assert.True(t, hasBindSource(inspect.HostConfig.Binds, "/var/run/docker.sock"),
174+
"expected Docker socket bind mount from /var/run/docker.sock, got: %v", inspect.HostConfig.Binds)
179175

180176
envVars := containerEnvToMap(inspect.Config.Env)
181177
assert.Equal(t, "unix:///var/run/docker.sock", envVars["DOCKER_HOST"])
@@ -224,6 +220,16 @@ func hasBindTarget(binds []string, containerPath string) bool {
224220
return false
225221
}
226222

223+
func hasBindSource(binds []string, hostPath string) bool {
224+
for _, b := range binds {
225+
parts := strings.Split(b, ":")
226+
if len(parts) >= 2 && parts[0] == hostPath {
227+
return true
228+
}
229+
}
230+
return false
231+
}
232+
227233
func cleanup() {
228234
ctx := context.Background()
229235
_ = dockerClient.ContainerStop(ctx, containerName, container.StopOptions{})

0 commit comments

Comments
 (0)