From de09c8367b9b73e5b60c290fc60aae07430f8864 Mon Sep 17 00:00:00 2001
From: Omar Al-Ithawi <i@omardo.com>
Date: Thu, 16 Nov 2023 08:10:15 +0300
Subject: [PATCH] fix: rootless docker refactor

---
 tests/commands/test_dev.py                    | 24 -------------------
 tutor/commands/dev.py                         |  7 ------
 tutor/env.py                                  |  1 +
 tutor/templates/dev/docker-compose.yml        |  9 +++++++
 .../local/docker-compose.ulimits.yml          | 11 ---------
 tutor/templates/local/docker-compose.yml      |  4 ++++
 6 files changed, 14 insertions(+), 42 deletions(-)
 delete mode 100644 tutor/templates/local/docker-compose.ulimits.yml

diff --git a/tests/commands/test_dev.py b/tests/commands/test_dev.py
index f6e0a92392c..0b962d723a3 100644
--- a/tests/commands/test_dev.py
+++ b/tests/commands/test_dev.py
@@ -1,34 +1,10 @@
 import unittest
-from unittest.mock import patch, MagicMock
 
 from .base import TestCommandMixin
 
-from tutor.commands import dev
-from tutor.types import Config
-
 
 class DevTests(unittest.TestCase, TestCommandMixin):
     def test_dev_help(self) -> None:
         result = self.invoke(["dev", "--help"])
         self.assertEqual(0, result.exit_code)
         self.assertIsNone(result.exception)
-
-    @patch("tutor.utils.is_docker_rootless")
-    def test_rootless_no_ulimits(self, mock_is_docker_rootless: MagicMock) -> None:
-        configs: Config = {
-            "DEV_PROJECT_NAME": "maple",
-        }
-
-        mock_is_docker_rootless.return_value = False
-        task_runner = dev.DevTaskRunner("/app", configs)
-        self.assertIn(
-            "/app/env/local/docker-compose.ulimits.yml",
-            task_runner.docker_compose_files,
-        )
-
-        mock_is_docker_rootless.return_value = True
-        task_runner = dev.DevTaskRunner("/app", configs)
-        self.assertNotIn(
-            "/app/env/local/docker-compose.ulimits.yml",
-            task_runner.docker_compose_files,
-        )
diff --git a/tutor/commands/dev.py b/tutor/commands/dev.py
index 845ccbe0e54..a5f6c136f6e 100644
--- a/tutor/commands/dev.py
+++ b/tutor/commands/dev.py
@@ -8,7 +8,6 @@
 from tutor import hooks
 from tutor.commands import compose
 from tutor.types import Config, get_typed
-from tutor import utils
 
 
 class DevTaskRunner(compose.ComposeTaskRunner):
@@ -25,12 +24,6 @@ def __init__(self, root: str, config: Config):
             tutor_env.pathjoin(self.root, "dev", "docker-compose.override.yml"),
         ]
 
-        if not utils.is_docker_rootless():
-            # Setting `ulimits` throws an error when running in rootless mode.
-            self.docker_compose_files += [
-                tutor_env.pathjoin(self.root, "local", "docker-compose.ulimits.yml"),
-            ]
-
         self.docker_compose_job_files += [
             tutor_env.pathjoin(self.root, "local", "docker-compose.jobs.yml"),
             tutor_env.pathjoin(self.root, "dev", "docker-compose.jobs.yml"),
diff --git a/tutor/env.py b/tutor/env.py
index 9ced7d5b8c7..08db87dc6d4 100644
--- a/tutor/env.py
+++ b/tutor/env.py
@@ -55,6 +55,7 @@ def _prepare_environment() -> None:
             ("TUTOR_APP", __app__.replace("-", "_")),
             ("TUTOR_VERSION", __version__),
             ("is_buildkit_enabled", utils.is_buildkit_enabled),
+            ("is_docker_rootless", utils.is_docker_rootless),
         ],
     )
 
diff --git a/tutor/templates/dev/docker-compose.yml b/tutor/templates/dev/docker-compose.yml
index 4b8cd38c9bd..9215500a992 100644
--- a/tutor/templates/dev/docker-compose.yml
+++ b/tutor/templates/dev/docker-compose.yml
@@ -52,4 +52,13 @@ services:
     command: openedx-assets watch-themes --env dev
     restart: unless-stopped
 
+  {% if RUN_ELASTICSEARCH and is_docker_rootless() %}
+  elasticsearch:
+    ulimits:
+      memlock:
+        # Fixes error setting rlimits for ready process in rootless docker
+        soft: 0
+        hard: 0
+  {% endif %}
+
   {{ patch("local-docker-compose-dev-services")|indent(2) }}
diff --git a/tutor/templates/local/docker-compose.ulimits.yml b/tutor/templates/local/docker-compose.ulimits.yml
deleted file mode 100644
index 04f5155af4f..00000000000
--- a/tutor/templates/local/docker-compose.ulimits.yml
+++ /dev/null
@@ -1,11 +0,0 @@
-# This file contains the `ulimits` configuration which is skipped on rootless Docker because
-# it's not supported.
-version: "{{ DOCKER_COMPOSE_VERSION }}"
-services:
-  {% if RUN_ELASTICSEARCH -%}
-  elasticsearch:
-    ulimits:
-      memlock:
-        soft: -1
-        hard: -1
-  {%- endif %}
diff --git a/tutor/templates/local/docker-compose.yml b/tutor/templates/local/docker-compose.yml
index e9a3e121229..a2ace7c57bd 100644
--- a/tutor/templates/local/docker-compose.yml
+++ b/tutor/templates/local/docker-compose.yml
@@ -57,6 +57,10 @@ services:
       - bootstrap.memory_lock=true
       - discovery.type=single-node
       - "ES_JAVA_OPTS=-Xms{{ ELASTICSEARCH_HEAP_SIZE }} -Xmx{{ ELASTICSEARCH_HEAP_SIZE }}"
+    ulimits:
+      memlock:
+        soft: -1
+        hard: -1
     restart: unless-stopped
     user: "1000:1000"
     volumes: