Merge pull request #48 from Roblox/cwd

Add option to select current working directory (cwd).

README.md

@@ -87,6 +87,7 @@ More detailed instructions are in the [`example README.md`](https://github.com/R
 | **image** | string | yes | OCI image (docker is also OCI compatible) for your container. |
 | **command** | string | no | Command to override command defined in the image. |
 | **args** | []string | no | Arguments to the command. |
+| **cwd** | string | no | Specify the current working directory for your container process. If the directory does not exist, one will be created for you. |
 | **privileged** | bool | no | Run container in privileged mode. Your container will have all linux capabilities when running in privileged mode. |
 | **host_dns** | bool | no | Default (`true`). By default, a container launched using `containerd-driver` will use host `/etc/resolv.conf`. This is similar to [`docker behavior`](https://docs.docker.com/config/containers/container-networking/#dns-services). However, if you don't want to use host DNS, you can turn off this flag by setting `host_dns=false`. |
 | **seccomp** | bool | no | Enable default seccomp profile. List of [`allowed syscalls`](https://github.com/containerd/containerd/blob/master/contrib/seccomp/seccomp_default.go#L51-L390). |

containerd/containerd.go

@@ -115,6 +115,11 @@ func (d *Driver) createContainer(containerConfig *ContainerConfig, config *TaskC
 		opts = append(opts, oci.WithDroppedCapabilities(config.CapDrop))
 	}
 
+	// Set current working directory (cwd).
+	if config.Cwd != "" {
+		opts = append(opts, oci.WithProcessCwd(config.Cwd))
+	}
+
 	// Set environment variables.
 	opts = append(opts, oci.WithEnv(containerConfig.Env))
 

containerd/driver.go

@@ -90,6 +90,7 @@ var (
 		"args":       hclspec.NewAttr("args", "list(string)", false),
 		"cap_add":    hclspec.NewAttr("cap_add", "list(string)", false),
 		"cap_drop":   hclspec.NewAttr("cap_drop", "list(string)", false),
+		"cwd":        hclspec.NewAttr("cwd", "string", false),
 		"devices":    hclspec.NewAttr("devices", "list(string)", false),
 		"privileged": hclspec.NewAttr("privileged", "bool", false),
 		"host_dns": hclspec.NewDefault(
@@ -146,6 +147,7 @@ type TaskConfig struct {
 	Args           []string `codec:"args"`
 	CapAdd         []string `codec:"cap_add"`
 	CapDrop        []string `codec:"cap_drop"`
+	Cwd            string   `codec:"cwd"`
 	Devices        []string `codec:"devices"`
 	Seccomp        bool     `codec:"seccomp"`
 	SeccompProfile string   `codec:"seccomp_profile"`

example/redis.nomad

@@ -8,6 +8,7 @@ job "redis" {
       config {
         image   = "docker.io/library/redis:alpine"
         seccomp = true
+        cwd     = "/home/redis"
       }
 
       resources {

tests/001-test-redis.sh

@@ -25,10 +25,10 @@ test_redis_nomad_job() {
         exit 1
     fi
 
-    echo "INFO: Exec redis job."
-    exec_output=$(nomad alloc exec -job redis echo hello_exec)
-    if [ $exec_output != "hello_exec" ]; then
-        echo "ERROR: Error in exec'ing redis job."
+    echo "INFO: Exec redis job and check current working directory (cwd)."
+    exec_output=$(nomad alloc exec -job redis pwd)
+    if [ $exec_output != "/home/redis" ]; then
+        echo "ERROR: Error in exec'ing redis job and checking current working directory (cwd)."
         exit 1
     fi