allow for custom switch user commands in SingularityExecutor

SingularityExecutor/src/main/java/com/hubspot/singularity/executor/config/SingularityExecutorConfiguration.java

@@ -219,6 +219,10 @@ public class SingularityExecutorConfiguration extends BaseRunnerConfiguration {
   @JsonProperty
   private String procCgroupFormat = "/proc/%s/cgroup";
 
+  @NotEmpty
+  @JsonProperty
+  private String switchUserCommandFormat = "sudo -E -u %s";
+
   @JsonProperty
   @NotEmpty
   private List<String> artifactSignatureVerificationCommand = Arrays.asList("/usr/bin/gpg", "--verify", "{artifactSignaturePath}");
@@ -528,6 +532,14 @@ public void setProcCgroupFormat(String procCgroupFormat) {
     this.procCgroupFormat = procCgroupFormat;
   }
 
+  public String getSwitchUserCommandFormat() {
+    return switchUserCommandFormat;
+  }
+
+  public void setSwitchUserCommandFormat(String switchUserCommandFormat) {
+    this.switchUserCommandFormat = switchUserCommandFormat;
+  }
+
   public List<String> getArtifactSignatureVerificationCommand() {
     return artifactSignatureVerificationCommand;
   }
@@ -587,8 +599,14 @@ public String toString() {
             ", useLocalDownloadService=" + useLocalDownloadService +
             ", localDownloadServiceTimeoutMillis=" + localDownloadServiceTimeoutMillis +
             ", maxTaskThreads=" + maxTaskThreads +
-            ", dockerPrefix=" + dockerPrefix +
+            ", dockerPrefix='" + dockerPrefix + '\'' +
             ", dockerStopTimeout=" + dockerStopTimeout +
+            ", cgroupsMesosCpuTasksFormat='" + cgroupsMesosCpuTasksFormat + '\'' +
+            ", procCgroupFormat='" + procCgroupFormat + '\'' +
+            ", switchUserCommandFormat='" + switchUserCommandFormat + '\'' +
+            ", artifactSignatureVerificationCommand=" + artifactSignatureVerificationCommand +
+            ", failTaskOnInvalidArtifactSignature=" + failTaskOnInvalidArtifactSignature +
+            ", signatureVerifyOut='" + signatureVerifyOut + '\'' +
             ']';
   }
 

SingularityExecutor/src/main/java/com/hubspot/singularity/executor/models/RunnerContext.java

@@ -17,8 +17,9 @@ public class RunnerContext {
   private final Optional<Integer> maxTaskThreads;
   private final boolean shouldChangeUser;
   private final Integer maxOpenFiles;
+  private final String switchUserCommand;
 
-  public RunnerContext(String cmd, String taskAppDirectory, String logDir, String user, String logFile, String taskId, Optional<Integer> maxTaskThreads, boolean shouldChangeUser, Integer maxOpenFiles) {
+  public RunnerContext(String cmd, String taskAppDirectory, String logDir, String user, String logFile, String taskId, Optional<Integer> maxTaskThreads, boolean shouldChangeUser, Integer maxOpenFiles, String switchUserCommand) {
     this.cmd = cmd;
     this.taskAppDirectory = taskAppDirectory;
     this.logDir = logDir;
@@ -29,6 +30,7 @@ public RunnerContext(String cmd, String taskAppDirectory, String logDir, String
     this.maxTaskThreads = maxTaskThreads;
     this.shouldChangeUser = shouldChangeUser;
     this.maxOpenFiles = maxOpenFiles;
+    this.switchUserCommand = switchUserCommand;
   }
 
   public String getCmd() {
@@ -67,6 +69,10 @@ public Integer getMaxOpenFiles() {
     return maxOpenFiles;
   }
 
+  public String getSwitchUserCommand() {
+    return switchUserCommand;
+  }
+
   @Override
   public String toString() {
     return "RunnerContext[" +
@@ -78,6 +84,7 @@ public String toString() {
             ", taskId='" + taskId + '\'' +
             ", maxTaskThreads=" + maxTaskThreads +
             ", shouldChangeUser=" + shouldChangeUser +
+            ", switchUserCommand=" + switchUserCommand +
             ']';
   }
 }

SingularityExecutor/src/main/java/com/hubspot/singularity/executor/task/SingularityExecutorTaskProcessBuilder.java

@@ -112,7 +112,8 @@ private ProcessBuilder buildProcessBuilder(TaskInfo taskInfo, ExecutorData execu
       task.getTaskId(),
       executorData.getMaxTaskThreads().or(configuration.getMaxTaskThreads()),
       !getExecutorUser().equals(executorData.getUser().or(configuration.getDefaultRunAsUser())),
-      executorData.getMaxOpenFiles().orNull());
+      executorData.getMaxOpenFiles().orNull(),
+      String.format(configuration.getSwitchUserCommandFormat(), executorData.getUser().or(configuration.getDefaultRunAsUser())));
     EnvironmentContext environmentContext = new EnvironmentContext(taskInfo);
     if (taskInfo.hasContainer() && taskInfo.getContainer().hasDocker()) {
       task.getLog().info("Writing a runner script to execute {} in docker container", cmd);

SingularityExecutor/src/main/resources/runner.sh.hbs

@@ -62,8 +62,8 @@ fi
 
 # execute command
 {{#if shouldChangeUser}}
-echo "Executing: sudo -E -u {{{ user }}} {{#if maxOpenFiles}}/bin/bash -c 'ulimit -n {{{maxOpenFiles}}} && {{/if}}{{{ cmd }}}{{#if maxOpenFiles}}'{{/if}} >> ../{{{ logFile }}} 2>&1"
-exec sudo -E -u {{{ user }}} {{#if maxOpenFiles}}/bin/bash -c 'ulimit -n {{{maxOpenFiles}}} && {{/if}}{{{ cmd }}}{{#if maxOpenFiles}}'{{/if}} >> ../{{{ logFile }}} 2>&1
+echo "Executing: {{{ switchUserCommand }}} {{#if maxOpenFiles}}/bin/bash -c 'ulimit -n {{{maxOpenFiles}}} && {{/if}}{{{ cmd }}}{{#if maxOpenFiles}}'{{/if}} >> ../{{{ logFile }}} 2>&1"
+exec {{{ switchUserCommand }}} {{#if maxOpenFiles}}/bin/bash -c 'ulimit -n {{{maxOpenFiles}}} && {{/if}}{{{ cmd }}}{{#if maxOpenFiles}}'{{/if}} >> ../{{{ logFile }}} 2>&1
 {{else}}
 echo "Executing: {{{ cmd }}} >> ../{{{ logFile }}} 2>&1"
 {{#if maxOpenFiles}}ulimit -n {{{maxOpenFiles}}}{{/if}}