From 62a1fd8dcb69efc031b693df49b8d28342f50108 Mon Sep 17 00:00:00 2001
From: Anbraten <anton@ju60.de>
Date: Fri, 29 Apr 2022 15:15:32 +0200
Subject: [PATCH] Add support to define a custom docker network and enable
 docker ipv6 (#893)

- Add support to define a custom docker network and enable docker ipv6
- Adjust docs
---
 .../docs/30-administration/15-agent-config.md |  4 ++
 .../22-backends/10-docker.md                  | 14 +++++
 docs/docs/40-cli.md                           | 62 +++++++++----------
 pipeline/backend/docker/docker.go             | 31 ++++++----
 4 files changed, 68 insertions(+), 43 deletions(-)

diff --git a/docs/docs/30-administration/15-agent-config.md b/docs/docs/30-administration/15-agent-config.md
index d8f741667..8fa7b662e 100644
--- a/docs/docs/30-administration/15-agent-config.md
+++ b/docs/docs/30-administration/15-agent-config.md
@@ -155,6 +155,10 @@ Configures if the gRPC server certificate should be verified, only valid when `W
 
 Configures the backend engine to run pipelines on. Possible values are `auto-detect`, `docker`, `local` or `ssh`.
 
+### `WOODPECKER_BACKEND_DOCKER_*`
+
+See [Docker backend configuration](backends/docker/#configuration)
+
 ### `WOODPECKER_BACKEND_SSH_*`
 
 See [SSH backend configuration](backends/ssh/#configuration)
diff --git a/docs/docs/30-administration/22-backends/10-docker.md b/docs/docs/30-administration/22-backends/10-docker.md
index 4bac1c0db..09fb0eca9 100644
--- a/docs/docs/30-administration/22-backends/10-docker.md
+++ b/docs/docs/30-administration/22-backends/10-docker.md
@@ -1 +1,15 @@
 # Docker backend
+
+This is the original backend used with Woodpecker. The docker backend executes each step inside a separate container started on the agent.
+
+## Configuration
+
+### `WOODPECKER_BACKEND_DOCKER_NETWORK`
+> Default: empty
+
+Set to the name of an existing network which will be attached to all your pipeline containers (steps). Please be careful as this allows the containers of different piplines to access each other!
+
+### `WOODPECKER_BACKEND_DOCKER_ENABLE_IPV6`
+> Default: `false`
+
+Enable IPv6 for the networks used by pipeline containers (steps). Make sure you configured your docker daemon to support IPv6.
diff --git a/docs/docs/40-cli.md b/docs/docs/40-cli.md
index 7048b45eb..66cb76fd3 100644
--- a/docs/docs/40-cli.md
+++ b/docs/docs/40-cli.md
@@ -254,37 +254,37 @@ execute a local build
 
 **--build-created**="":  (default: 0)
 
-**--build-event**="": 
+**--build-event**="":
 
 **--build-finished**="":  (default: 0)
 
-**--build-link**="": 
+**--build-link**="":
 
 **--build-number**="":  (default: 0)
 
 **--build-started**="":  (default: 0)
 
-**--build-status**="": 
+**--build-status**="":
 
-**--build-target**="": 
+**--build-target**="":
 
-**--commit-author-avatar**="": 
+**--commit-author-avatar**="":
 
-**--commit-author-email**="": 
+**--commit-author-email**="":
 
-**--commit-author-name**="": 
+**--commit-author-name**="":
 
-**--commit-branch**="": 
+**--commit-branch**="":
 
-**--commit-message**="": 
+**--commit-message**="":
 
-**--commit-ref**="": 
+**--commit-ref**="":
 
-**--commit-refspec**="": 
+**--commit-refspec**="":
 
-**--commit-sha**="": 
+**--commit-sha**="":
 
-**--env**="": 
+**--env**="":
 
 **--job-number**="":  (default: 0)
 
@@ -292,11 +292,11 @@ execute a local build
 
 **--log-level**="": set logging level (default: info)
 
-**--netrc-machine**="": 
+**--netrc-machine**="":
 
-**--netrc-password**="": 
+**--netrc-password**="":
 
-**--netrc-username**="": 
+**--netrc-username**="":
 
 **--network**="": external networks
 
@@ -304,43 +304,43 @@ execute a local build
 
 **--prev-build-created**="":  (default: 0)
 
-**--prev-build-event**="": 
+**--prev-build-event**="":
 
 **--prev-build-finished**="":  (default: 0)
 
-**--prev-build-link**="": 
+**--prev-build-link**="":
 
 **--prev-build-number**="":  (default: 0)
 
 **--prev-build-started**="":  (default: 0)
 
-**--prev-build-status**="": 
+**--prev-build-status**="":
 
-**--prev-commit-author-avatar**="": 
+**--prev-commit-author-avatar**="":
 
-**--prev-commit-author-email**="": 
+**--prev-commit-author-email**="":
 
-**--prev-commit-author-name**="": 
+**--prev-commit-author-name**="":
 
-**--prev-commit-branch**="": 
+**--prev-commit-branch**="":
 
-**--prev-commit-message**="": 
+**--prev-commit-message**="":
 
-**--prev-commit-ref**="": 
+**--prev-commit-ref**="":
 
-**--prev-commit-refspec**="": 
+**--prev-commit-refspec**="":
 
-**--prev-commit-sha**="": 
+**--prev-commit-sha**="":
 
 **--privileged**="": privileged plugins (default: [plugins/docker plugins/gcr plugins/ecr woodpeckerci/plugin-docker woodpeckerci/plugin-docker-buildx])
 
-**--repo-link**="": 
+**--repo-link**="":
 
-**--repo-name**="": 
+**--repo-name**="":
 
-**--repo-private**="": 
+**--repo-private**="":
 
-**--repo-remote-url**="": 
+**--repo-remote-url**="":
 
 **--server, -s**="": server address
 
diff --git a/pipeline/backend/docker/docker.go b/pipeline/backend/docker/docker.go
index 003643dca..54766466b 100644
--- a/pipeline/backend/docker/docker.go
+++ b/pipeline/backend/docker/docker.go
@@ -4,6 +4,7 @@ import (
 	"context"
 	"io"
 	"os"
+	"strconv"
 	"strings"
 
 	"github.com/docker/docker/api/types"
@@ -19,7 +20,9 @@ import (
 )
 
 type docker struct {
-	client client.APIClient
+	client     client.APIClient
+	enableIPv6 bool
+	network    string
 }
 
 // make sure docker implements Engine
@@ -52,6 +55,10 @@ func (e *docker) Load() error {
 	}
 	e.client = cli
 
+	e.enableIPv6, _ = strconv.ParseBool(os.Getenv("WOODPECKER_BACKEND_DOCKER_ENABLE_IPV6"))
+
+	e.network = os.Getenv("WOODPECKER_BACKEND_DOCKER_NETWORK")
+
 	return nil
 }
 
@@ -69,8 +76,9 @@ func (e *docker) Setup(_ context.Context, conf *backend.Config) error {
 	}
 	for _, n := range conf.Networks {
 		_, err := e.client.NetworkCreate(noContext, n.Name, types.NetworkCreate{
-			Driver:  n.Driver,
-			Options: n.DriverOpts,
+			Driver:     n.Driver,
+			Options:    n.DriverOpts,
+			EnableIPv6: e.enableIPv6,
 			// Labels:  defaultLabels,
 		})
 		if err != nil {
@@ -137,16 +145,15 @@ func (e *docker) Exec(ctx context.Context, proc *backend.Step) error {
 				return err
 			}
 		}
-	}
 
-	// if proc.Network != "host" { // or bridge, overlay, none, internal, container:<name> ....
-	// 	err = e.client.NetworkConnect(ctx, proc.Network, proc.Name, &network.EndpointSettings{
-	// 		Aliases: proc.NetworkAliases,
-	// 	})
-	// 	if err != nil {
-	// 		return err
-	// 	}
-	// }
+		// join the container to an existing network
+		if e.network != "" {
+			err = e.client.NetworkConnect(ctx, e.network, proc.Name, &network.EndpointSettings{})
+			if err != nil {
+				return err
+			}
+		}
+	}
 
 	return e.client.ContainerStart(ctx, proc.Name, startOpts)
 }