Add support for setcap from build command

[francislavoie]

Fix #128

Haven't tested this yet. But it should be straight-forwards.

One detail I'm not sure how to handle is sudo. The runDev version of the code uses sudo by default, and that seems reasonable since a dev account is probably a regular user and not root. But this purpose of the runBuild version is to run in Docker, which will be running as root. So having sudo would fail. I just added another env var to cover that case.

Is there a better way to automatically detect whether sudo should be used? I'm not sure how that should be done from Go.

[abjugard]

The old doumentation for XCADDY_SETCAP said it only ran while in devmode, I don't see any code changes related to this. I'm not saying it's wrong, this is more of a "did we miss anything?" check than anything hehe.

[francislavoie]

Yeah, that was correct. I'm not sure I understand the question?

It was only in runDev previously, I'm adding it to runBuild as well here.

The difference is runDev is invoked when running xcaddy run --config Caddyfile which builds then runs an ephemeral binary, and runBuild is invoked on xcaddy build which just builds and outputs the binary.

[abjugard]

Now I feel silly 😅

[mohammed90]

Thanks for doing this, Francis! About this

But this purpose of the runBuild version is to run in Docker, which will be running as root. So having sudo would fail.

If I'm not mistaken, using sudo while root will just executes the subsequent command normally without errors. Is there a special circumstance in Docker build env that would break it?

[mohammed90]

Look great now. Thanks!

[mholt]

Thanks! Good call on the LookPath too. Sounds like in most cases that should work without even needing to set the env var to toggle sudo.