Merge branch 'development'

Author: intisy

src/main/java/io/github/intisy/docker/MacDockerProvider.java

@@ -46,7 +46,7 @@ public class MacDockerProvider extends DockerProvider {
 
     private final String instanceId;
     private final String vmName;
-    
+
     private final Path instanceDir;
 
     private DockerClient dockerClient;
@@ -72,11 +72,11 @@ public void ensureInstalled() throws IOException {
             log.info("Lima not found. Downloading Lima {}...", LIMA_VERSION);
             downloadAndInstallLima();
         }
-        
+
         if (!isLimaInstalled()) {
             throw new IOException("Failed to install Lima. Please install manually: brew install lima");
         }
-        
+
         log.info("Lima is ready");
     }
 
@@ -101,7 +101,7 @@ private boolean isLimaInstalled() {
                 Process process = pb.start();
                 byte[] output = readAllBytes(process.getInputStream());
                 int exitCode = process.waitFor();
-                
+
                 if (exitCode == 0) {
                     log.debug("Local Lima version: {}", new String(output).trim());
                     return true;
@@ -110,14 +110,14 @@ private boolean isLimaInstalled() {
                 log.debug("Local Lima check failed: {}", e.getMessage());
             }
         }
-        
+
         try {
             ProcessBuilder pb = new ProcessBuilder("limactl", "--version");
             pb.redirectErrorStream(true);
             Process process = pb.start();
             byte[] output = readAllBytes(process.getInputStream());
             int exitCode = process.waitFor();
-            
+
             if (exitCode == 0) {
                 log.debug("System Lima version: {}", new String(output).trim());
                 return true;
@@ -136,9 +136,9 @@ private boolean isLimaInstalled() {
     private void downloadAndInstallLima() throws IOException {
         String arch = getArch();
         String downloadUrl = String.format(LIMA_DOWNLOAD_URL, LIMA_VERSION, LIMA_VERSION, arch);
-        
+
         log.info("Downloading Lima from {}...", downloadUrl);
-        
+
         if (Files.exists(LIMA_DIR)) {
             try (java.util.stream.Stream<Path> walk = Files.walk(LIMA_DIR)) {
                 walk.sorted(java.util.Comparator.reverseOrder())
@@ -147,17 +147,17 @@ private void downloadAndInstallLima() throws IOException {
             }
         }
         Files.createDirectories(LIMA_DIR);
-        
+
         URL url = new URL(downloadUrl);
         HttpURLConnection connection = (HttpURLConnection) url.openConnection();
         connection.setInstanceFollowRedirects(true);
         connection.setRequestMethod("GET");
-        
+
         int responseCode = connection.getResponseCode();
         if (responseCode != 200) {
             throw new IOException("Failed to download Lima from " + downloadUrl + ". Status code: " + responseCode);
         }
-        
+
         try (InputStream is = connection.getInputStream();
              GzipCompressorInputStream gzis = new GzipCompressorInputStream(is);
              TarArchiveInputStream tis = new TarArchiveInputStream(gzis)) {
@@ -176,9 +176,9 @@ private void downloadAndInstallLima() throws IOException {
                 }
             }
         }
-        
+
         Files.write(LIMA_VERSION_FILE, LIMA_VERSION.getBytes());
-        
+
         log.info("Lima {} installed successfully", LIMA_VERSION);
     }
 
@@ -202,20 +202,20 @@ private String getArch() {
     @Override
     public void start() throws IOException, InterruptedException {
         log.info("Starting Docker via Lima VM (instance: {})...", instanceId);
-        
+
         ensureInstalled();
         Files.createDirectories(instanceDir);
-        
+
         dockerPort = 2375 + Math.abs(instanceId.hashCode() % 1000);
-        
+
         createAndStartLimaVm();
-        
+
         if (!waitForDocker()) {
             String logs = getLimaLogs();
             log.error("Lima VM logs:\n{}", logs);
             throw new RuntimeException("Docker daemon in Lima VM failed to start. See logs above.");
         }
-        
+
         log.info("Docker daemon started in Lima VM (instance: {}, port: {})", instanceId, dockerPort);
     }
 
@@ -224,10 +224,10 @@ public void start() throws IOException, InterruptedException {
      */
     private void createAndStartLimaVm() throws IOException, InterruptedException {
         String limactl = getLimactlPath();
-        
+
         String vmStatus = runLimaCommand(limactl, "list", "--format", "{{.Name}}:{{.Status}}");
         boolean vmExists = vmStatus.contains(vmName + ":");
-        
+
         if (vmExists) {
             log.info("Lima VM {} already exists, checking status...", vmName);
             if (vmStatus.contains(vmName + ":Running")) {
@@ -243,30 +243,30 @@ private void createAndStartLimaVm() throws IOException, InterruptedException {
                 return;
             }
         }
-        
+
         Path configPath = instanceDir.resolve("lima.yaml");
         String limaConfig = createLimaConfig();
         Files.write(configPath, limaConfig.getBytes());
-        
+
         log.info("Creating Lima VM {} with Docker...", vmName);
-        
+
         ProcessBuilder pb = new ProcessBuilder(limactl, "start", "--name=" + vmName, configPath.toString());
         pb.redirectErrorStream(true);
         pb.inheritIO();
         Process process = pb.start();
-        
+
         boolean completed = process.waitFor(10, TimeUnit.MINUTES);
         if (!completed) {
             process.destroyForcibly();
             throw new RuntimeException("Lima VM creation timed out after 10 minutes");
         }
-        
+
         if (process.exitValue() != 0) {
             throw new RuntimeException("Failed to create Lima VM. Exit code: " + process.exitValue());
         }
-        
+
         vmStartedByUs = true;
-        
+
         ensureDockerRunning();
     }
 
@@ -336,13 +336,13 @@ private String createLimaConfig() {
      */
     private void ensureDockerRunning() throws IOException, InterruptedException {
         log.debug("Ensuring Docker is running in Lima VM {}...", vmName);
-        
+
         String result = runLimaShellCommand("systemctl is-active docker || true");
         if (!"active".equals(result.trim())) {
             log.info("Starting Docker in Lima VM...");
             runLimaShellCommand("sudo systemctl start docker");
         }
-        
+
         String tcpCheck = runLimaShellCommand("ss -tlnp | grep 2375 || true");
         if (tcpCheck.trim().isEmpty()) {
             log.info("Configuring Docker to listen on TCP...");
@@ -401,16 +401,16 @@ private boolean waitForDocker() throws InterruptedException {
         long timeoutMillis = TimeUnit.SECONDS.toMillis(120);
         long startTime = System.currentTimeMillis();
         int attempts = 0;
-        
+
         while (System.currentTimeMillis() - startTime < timeoutMillis) {
             attempts++;
-            
+
             try {
                 Socket socket = new Socket();
                 socket.connect(new InetSocketAddress("localhost", dockerPort), 1000);
                 socket.close();
                 log.debug("Docker daemon is listening on localhost:{} after {} attempts", dockerPort, attempts);
-                
+
                 try {
                     DockerClient testClient = DockerClient.builder()
                             .withHost("tcp://localhost:" + dockerPort)
@@ -423,12 +423,12 @@ private boolean waitForDocker() throws InterruptedException {
                 }
             } catch (IOException e) {
             }
-            
+
             if (attempts % 20 == 0) {
-                log.debug("Still waiting for Docker... ({} seconds elapsed)", 
+                log.debug("Still waiting for Docker... ({} seconds elapsed)",
                         (System.currentTimeMillis() - startTime) / 1000);
             }
-            
+
             Thread.sleep(500);
         }
 
@@ -458,17 +458,17 @@ public void stop() {
             }
             dockerClient = null;
         }
-        
+
         if (vmStartedByUs) {
             try {
                 String limactl = getLimactlPath();
-                
+
                 log.info("Stopping Lima VM {}...", vmName);
                 ProcessBuilder pb = new ProcessBuilder(limactl, "stop", vmName);
                 pb.redirectErrorStream(true);
                 Process process = pb.start();
                 process.waitFor(30, TimeUnit.SECONDS);
-                
+
                 log.info("Deleting Lima VM {}...", vmName);
                 pb = new ProcessBuilder(limactl, "delete", vmName, "--force");
                 pb.redirectErrorStream(true);

src/main/java/io/github/intisy/docker/WindowsDockerProvider.java

@@ -169,63 +169,99 @@ public void installNvidiaContainerToolkit() throws IOException {
         log.info("Installing NVIDIA Container Toolkit in WSL2 (distro: {})...", wslDistro);
         log.info("This may take a few minutes...");
 
-        String distroId = runWslCommand("cat /etc/os-release | grep '^ID=' | cut -d= -f2 | tr -d '\"'", false, 5).trim();
-        String distroVersion = runWslCommand("cat /etc/os-release | grep '^VERSION_ID=' | cut -d= -f2 | tr -d '\"'", false, 5).trim();
-        log.debug("Detected distro: {} {}", distroId, distroVersion);
-        
-        String distribution = distroId + distroVersion;
+        if (!checkPasswordlessSudoForApt()) {
+            log.error("NVIDIA Container Toolkit installation requires passwordless sudo.");
+            log.error("Please run this ONE-TIME setup in WSL ({}):", wslDistro);
+            log.error("");
+            log.error("  wsl -d {}", wslDistro);
+            log.error("  sudo bash -c 'echo \"$USER ALL=(ALL) NOPASSWD: ALL\" > /etc/sudoers.d/nopasswd-$USER'");
+            log.error("  sudo chmod 440 /etc/sudoers.d/nopasswd-$USER");
+            log.error("  exit");
+            log.error("");
+            log.error("Or install manually:");
+            printManualInstallInstructions();
+            throw new IOException("Passwordless sudo is required. Run the setup commands above in WSL.");
+        }
 
         try {
             log.info("Adding NVIDIA GPG key...");
             String gpgKeyCmd = "curl -fsSL https://nvidia.github.io/libnvidia-container/gpgkey | " +
-                    "sudo gpg --dearmor -o /usr/share/keyrings/nvidia-container-toolkit-keyring.gpg --yes";
-            String gpgResult = runWslCommandWithTimeout(gpgKeyCmd, true, 60);
+                    "sudo gpg --dearmor -o /usr/share/keyrings/nvidia-container-toolkit-keyring.gpg --yes 2>&1";
+            String gpgResult = runWslCommandWithTimeout(gpgKeyCmd, false, 60);
             log.debug("GPG key result: {}", gpgResult);
 
             log.info("Adding NVIDIA repository...");
-            String repoCmd = String.format(
-                    "curl -s -L https://nvidia.github.io/libnvidia-container/%s/libnvidia-container.list | " +
+            String repoCmd = "curl -s -L https://nvidia.github.io/libnvidia-container/stable/deb/nvidia-container-toolkit.list | " +
                     "sed 's#deb https://#deb [signed-by=/usr/share/keyrings/nvidia-container-toolkit-keyring.gpg] https://#g' | " +
-                    "sudo tee /etc/apt/sources.list.d/nvidia-container-toolkit.list > /dev/null",
-                    distribution);
+                    "sudo tee /etc/apt/sources.list.d/nvidia-container-toolkit.list > /dev/null 2>&1 && echo ok";
             String repoResult = runWslCommandWithTimeout(repoCmd, false, 60);
             log.debug("Repo add result: {}", repoResult);
 
             log.info("Updating package lists...");
-            String updateResult = runWslCommandWithTimeout("sudo apt-get update", false, 120);
+            String updateResult = runWslCommandWithTimeout("sudo apt-get update 2>&1", false, 180);
             log.debug("apt update result: {}", updateResult);
 
             log.info("Installing nvidia-container-toolkit package...");
             String installResult = runWslCommandWithTimeout(
-                    "sudo DEBIAN_FRONTEND=noninteractive apt-get install -y nvidia-container-toolkit", false, 300);
+                    "sudo apt-get install -y nvidia-container-toolkit 2>&1", false, 600);
             log.debug("Install result: {}", installResult);
 
             log.info("Configuring Docker to use NVIDIA runtime...");
-            String configResult = runWslCommandWithTimeout("sudo nvidia-ctk runtime configure --runtime=docker", false, 30);
+            String configResult = runWslCommandWithTimeout("sudo nvidia-ctk runtime configure --runtime=docker 2>&1", false, 60);
             log.debug("Config result: {}", configResult);
 
             if (isNvidiaContainerToolkitInstalled()) {
                 log.info("NVIDIA Container Toolkit installed successfully!");
             } else {
-                throw new IOException("Installation completed but toolkit not found. Please check manually.");
+                throw new IOException("Installation completed but toolkit not found. Check output above for errors.");
             }
 
         } catch (Exception e) {
             log.error("Failed to install NVIDIA Container Toolkit: {}", e.getMessage());
             log.error("");
-            log.error("You can install it manually by running these commands in WSL ({}):", wslDistro);
-            log.error("  distribution=$(. /etc/os-release;echo $ID$VERSION_ID)");
-            log.error("  curl -fsSL https://nvidia.github.io/libnvidia-container/gpgkey | sudo gpg --dearmor -o /usr/share/keyrings/nvidia-container-toolkit-keyring.gpg");
-            log.error("  curl -s -L https://nvidia.github.io/libnvidia-container/$distribution/libnvidia-container.list | \\");
-            log.error("    sed 's#deb https://#deb [signed-by=/usr/share/keyrings/nvidia-container-toolkit-keyring.gpg] https://#g' | \\");
-            log.error("    sudo tee /etc/apt/sources.list.d/nvidia-container-toolkit.list");
-            log.error("  sudo apt-get update");
-            log.error("  sudo apt-get install -y nvidia-container-toolkit");
-            log.error("  sudo nvidia-ctk runtime configure --runtime=docker");
+            printManualInstallInstructions();
             throw new IOException("Failed to install NVIDIA Container Toolkit: " + e.getMessage(), e);
         }
     }
 
+    /**
+     * Check if passwordless sudo is available (tests with 'sudo -n true').
+     */
+    private boolean checkPasswordlessSudoForApt() {
+        try {
+            ProcessBuilder pb = new ProcessBuilder("wsl", "-d", wslDistro, "-e", "bash", "-c",
+                    "sudo -n true 2>/dev/null && echo yes || echo no");
+            pb.redirectErrorStream(true);
+            Process process = pb.start();
+            byte[] output = readAllBytes(process.getInputStream());
+            boolean completed = process.waitFor(5, TimeUnit.SECONDS);
+
+            if (!completed) {
+                log.debug("sudo check timed out");
+                return false;
+            }
+
+            String result = new String(output).trim();
+            boolean hasPasswordlessSudo = "yes".equals(result);
+            log.debug("Passwordless sudo available: {}", hasPasswordlessSudo);
+            return hasPasswordlessSudo;
+        } catch (IOException | InterruptedException e) {
+            log.debug("Failed to check passwordless sudo: {}", e.getMessage());
+            return false;
+        }
+    }
+
+    private void printManualInstallInstructions() {
+        log.error("You can install it manually by running these commands in WSL ({}):", wslDistro);
+        log.error("  curl -fsSL https://nvidia.github.io/libnvidia-container/gpgkey | sudo gpg --dearmor -o /usr/share/keyrings/nvidia-container-toolkit-keyring.gpg --yes");
+        log.error("  curl -s -L https://nvidia.github.io/libnvidia-container/stable/deb/nvidia-container-toolkit.list | \\");
+        log.error("    sed 's#deb https://#deb [signed-by=/usr/share/keyrings/nvidia-container-toolkit-keyring.gpg] https://#g' | \\");
+        log.error("    sudo tee /etc/apt/sources.list.d/nvidia-container-toolkit.list");
+        log.error("  sudo apt-get update");
+        log.error("  sudo apt-get install -y nvidia-container-toolkit");
+        log.error("  sudo nvidia-ctk runtime configure --runtime=docker");
+    }
+
     /**
      * Ensure NVIDIA Container Toolkit is set up for GPU support.
      * Automatically installs if NVIDIA GPU is detected but toolkit is not installed.