Skip to content

Enhance Docker permission detection and improve error messages (Fixes #34)#334

Closed
roman-y-wu wants to merge 9 commits intoosrf:mainfrom
roman-y-wu:main
Closed

Enhance Docker permission detection and improve error messages (Fixes #34)#334
roman-y-wu wants to merge 9 commits intoosrf:mainfrom
roman-y-wu:main

Conversation

@roman-y-wu
Copy link

@roman-y-wu roman-y-wu commented Aug 11, 2025

issue: #34
Solution

  • Added a Docker permission check that detects whether the current user can access the Docker daemon.
  • When permission is denied, the CLI now displays a clear error message with step-by-step instructions to fix it.
  • Retained handling for other error scenarios (daemon not running, Docker not installed, unknown errors).

Testing

  • Local environment: Docker Desktop 28.3.2 (API 1.51), all unit and integration tests passed.
  • Normal operation tests: image build, container run, cleanup — all passed.
  • Permission-denied simulation: correctly triggered the new friendly error output without Python tracebacks.

Roman Wu and others added 9 commits July 24, 2025 22:03
Add resource limits extensions for CPU, memory, and shared memory
8210719 
- Enhanced ShmSize extension with build-time shm-size support via --shm-size-build
- Added CpuLimits extension providing --cpus argument for runtime CPU limits
- Added MemoryLimits extension providing --memory/-m argument for runtime memory limits
- Extended core infrastructure to support docker build arguments from extensions
- Added comprehensive input validation for memory and CPU formats
- Updated documentation and added test coverage for all new functionality
- Improved .gitignore with comprehensive Python and development file patterns

These extensions expose docker build and runtime resource limit arguments
(shm-size, cpus, memory) to rocker users, providing better control over
container resource allocation.
Update .gitignore
502d46b
Merge branch 'osrf:main' into main
b190cdd
@tfoote
Merge branch 'main' into main
941c3d5
Refactor resource constraint extensions per tfoote feedback
29887b7 
- Move ShmSize, CpuLimits, and MemoryLimits to separate constraint_extensions.py file
- Create reusable validate_memory_format() helper function to avoid code duplication
- Enhance memory validation to support Docker byte-value formats (2b, 1024kb, 300m, 1gb)
- Update CPU error message to "Expected a floating point number (e.g., '1.5')"
- Update setup.py entry points to reference new constraint_extensions module

Addresses all feedback from tfoote in PR osrf#331 review comments.
Add tests for constraint extensions: ShmSize, CpuLimits, and MemoryLi…
70ca375 
…mits
Revert .gitignore changes and remove duplicate tests from test_extens…
2978e90 
…ion.py
Merge branch 'osrf:main' into main
6af31dc
Add DockerPermissionError class and enhance error handling for Docker…
8d6e2c2 
… permission issues
@roman-y-wu roman-y-wu requested a review from tfoote as a code owner August 11, 2025 17:50
tfoote
tfoote requested changes Aug 22, 2025
View reviewed changes
Copy link
Collaborator

@tfoote tfoote left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This approach seems to be relatively fragile and doing a lot of string parsing. It seems to me that it might make sense to simply do a check which will validate directly the measuable things that might block this. For example testing directly if docker is on the path. or check if the user is in the docker group. Those things can be done to measure the actual error state and aren't fragile to error strings which might evolve across.

I also haven't looked deeper but are any of these caught in subclasses of DockerException that could be detected without string parsing?

src/rocker/cli.py
print("ERROR: %s" % ex)
if ex.suggested_fix:
print("\n%s" % ex.suggested_fix)
return 1
Copy link
Collaborator

@tfoote tfoote Aug 19, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please use parser.error here instead of printing and returning.

And please add a descriptive context for the Error not just ERROR:

src/rocker/core.py
"""
error_str = str(exception).lower()

# Check for common permission-related error patterns
Copy link
Collaborator

@tfoote tfoote Aug 22, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

How did you create this list?

src/rocker/core.py
return True, error_message, suggested_fix

# Check for Docker daemon not running
daemon_indicators = [
Copy link
Collaborator

@tfoote tfoote Aug 22, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

How did you create this one too?

@tfoote tfoote mentioned this pull request Jan 23, 2026
Closed
@T-Rajeev30 T-Rajeev30 mentioned this pull request Jan 24, 2026
Merged
@tfoote
Copy link
Collaborator

tfoote commented Jan 27, 2026

Superseded by #343

@tfoote tfoote closed this Jan 27, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@tfoote tfoote tfoote requested changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@roman-y-wu @tfoote