From 789bebf3f343740295e37463ae7156b58a37c432 Mon Sep 17 00:00:00 2001
From: Marat Radchenko <marat@slonopotamus.org>
Date: Thu, 14 Mar 2024 11:59:38 +0300
Subject: [PATCH] Make containerd socket path configurable

---
 README.md            | 15 ++++++++-------
 containerd/driver.go | 26 ++++++++++++++++----------
 2 files changed, 24 insertions(+), 17 deletions(-)

diff --git a/README.md b/README.md
index 594cbf9..e58c110 100644
--- a/README.md
+++ b/README.md
@@ -91,13 +91,14 @@ To interact with `images` and `containers` directly, you can use [`nerdctl`](htt
 
 **Driver Config**
 
-| Option | Type | Required | Default | Description |
-| :---: | :---: | :---: | :---: | :--- |
-| **enabled** | bool | no | true | Enable/Disable task driver. |
-| **containerd_runtime** | string | yes | N/A | Runtime for containerd e.g. `io.containerd.runc.v1` or `io.containerd.runc.v2`. |
-| **stats_interval** | string | no | 1s | Interval for collecting `TaskStats`. |
-| **allow_privileged** | bool | no | true | If set to `false`, driver will deny running privileged jobs. |
-| **auth** | block | no | N/A | Provide authentication for a private registry. See [Authentication](#authentication-private-registry) for more details. |
+|         Option         |  Type  | Required |              Default              | Description                                                                                                             |
+|:----------------------:|:------:|:--------:|:---------------------------------:|:------------------------------------------------------------------------------------------------------------------------|
+|      **enabled**       |  bool  |    no    |               true                | Enable/Disable task driver.                                                                                             |
+| **containerd_address** | string |    no    | `/run/containerd/containerd.sock` | Path to containerd socket.                                                                                              |
+| **containerd_runtime** | string |   yes    |                N/A                | Runtime for containerd e.g. `io.containerd.runc.v1` or `io.containerd.runc.v2`.                                         |
+|   **stats_interval**   | string |    no    |                1s                 | Interval for collecting `TaskStats`.                                                                                    |
+|  **allow_privileged**  |  bool  |    no    |               true                | If set to `false`, driver will deny running privileged jobs.                                                            |
+|        **auth**        | block  |    no    |                N/A                | Provide authentication for a private registry. See [Authentication](#authentication-private-registry) for more details. |
 
 **Task Config**
 
diff --git a/containerd/driver.go b/containerd/driver.go
index c7fbd57..eb0f525 100644
--- a/containerd/driver.go
+++ b/containerd/driver.go
@@ -24,6 +24,7 @@ import (
 	"time"
 
 	"github.com/containerd/containerd"
+	"github.com/containerd/containerd/defaults"
 	"github.com/containerd/containerd/namespaces"
 	"github.com/hashicorp/consul-template/signals"
 	"github.com/hashicorp/go-hclog"
@@ -79,6 +80,10 @@ var (
 			hclspec.NewAttr("enabled", "bool", false),
 			hclspec.NewLiteral("true"),
 		),
+		"containerd_address": hclspec.NewDefault(
+			hclspec.NewAttr("containerd_address", "string", false),
+			hclspec.NewLiteral(defaults.DefaultAddress),
+		),
 		"containerd_runtime": hclspec.NewAttr("containerd_runtime", "string", true),
 		"stats_interval":     hclspec.NewAttr("stats_interval", "string", false),
 		"allow_privileged": hclspec.NewDefault(
@@ -152,6 +157,7 @@ var (
 // Config contains configuration information for the plugin
 type Config struct {
 	Enabled           bool         `codec:"enabled"`
+	ContainerdAddress string       `codec:"containerd_address"`
 	ContainerdRuntime string       `codec:"containerd_runtime"`
 	StatsInterval     string       `codec:"stats_interval"`
 	AllowPrivileged   bool         `codec:"allow_privileged"`
@@ -249,14 +255,6 @@ func NewPlugin(logger log.Logger) drivers.DriverPlugin {
 	ctx, cancel := context.WithCancel(context.Background())
 	logger = logger.Named(PluginName)
 
-	// This will create a new containerd client which will talk to
-	// default containerd socket path.
-	client, err := containerd.New("/run/containerd/containerd.sock")
-	if err != nil {
-		logger.Error("Error in creating containerd client", "err", err)
-		return nil
-	}
-
 	// Calls to containerd API are namespaced.
 	// "nomad" is the namespace that will be used for all nomad-driver-containerd
 	// related containerd API calls.
@@ -274,7 +272,6 @@ func NewPlugin(logger log.Logger) drivers.DriverPlugin {
 		tasks:          newTaskStore(),
 		ctx:            ctx,
 		ctxContainerd:  ctxContainerd,
-		client:         client,
 		signalShutdown: cancel,
 		logger:         logger,
 	}
@@ -324,12 +321,21 @@ func (d *Driver) ConfigSchema() (*hclspec.Spec, error) {
 // SetConfig is called by the client to pass the configuration for the plugin.
 func (d *Driver) SetConfig(cfg *base.Config) error {
 	var config Config
+	var err error
 	if len(cfg.PluginConfig) != 0 {
-		if err := base.MsgPackDecode(cfg.PluginConfig, &config); err != nil {
+		if err = base.MsgPackDecode(cfg.PluginConfig, &config); err != nil {
 			return err
 		}
 	}
 
+	// This will create a new containerd client which will talk to
+	// default containerd socket path.
+	d.client, err = containerd.New(config.ContainerdAddress)
+	if err != nil {
+		d.logger.Error("Error in creating containerd client", "err", err)
+		return err
+	}
+
 	// Save the configuration to the plugin
 	d.config = &config