Conversation
daohu527
force-pushed
the
83-question-merge-dev_start-and-dev_into
branch
from
93b43f8 to
32042e2
Compare
daohu527
force-pushed
the
83-question-merge-dev_start-and-dev_into
branch
3 times, most recently
from
688099f to
c7999e5
Compare
There was a problem hiding this comment.
Pull request overview
Adds an auto-start mechanism for the Apollo Docker stack, wiring together systemd + a new whl wrapper that drives docker compose, and updating host setup scripts/docs to support boot-time startup.
Changes:
- Introduces
autostart.service(templated) and updates host configuration to install/enable it. - Adds
docker/scripts/whl.shplus newdocker composedefinitions (base/dev/test) to standardize container lifecycle. - Adds a new container
entrypoint.shintended to bootstrap a matching user inside the container; removes some legacy in-container permission/core-pattern tweaks.
Reviewed changes
Copilot reviewed 13 out of 14 changed files in this pull request and generated 7 comments.
Show a summary per file
| File | Description |
|---|---|
| scripts/docker_start_user.sh | Removes device permission + core pattern host tweaks from the user setup path. |
| launch/setup_all.py | Adds an (currently empty) Python file. |
| docker/setup_host/setup_host.sh | Marks host setup complete and installs a whl convenience command. |
| docker/setup_host/config_system.sh | Installs/configures the systemd autostart service with templating. |
| docker/setup_host/etc/systemd/system/autostart.service | Systemd unit updated to run whl.sh start/stop as a specific user/group. |
| docker/setup_host/config_docker_mirror.sh | Removes the docker mirror configuration helper script. |
| docker/setup_host/README.md | Updates instructions to run setup_host.sh. |
| docker/services/docker-compose.yml | New base compose service definition for the core container. |
| docker/services/docker-compose.dev.yml | New dev overlay (host networking, privileged, GPU, /dev mounts). |
| docker/services/docker-compose.test.yml | New test overlay (bridge networking + port mapping). |
| docker/scripts/whl.sh | New CLI to generate .env, select images, and start/stop via compose. |
| docker/scripts/entrypoint.sh | New entrypoint to create a user and optionally auto-start bootstrap inside the container. |
| docker/scripts/dev_start.sh | Comment-only update to distribution naming. |
| docker/scripts/container_selection.sh | New helper to select/pull image based on arch/GPU/geolocation. |
docker/scripts/whl.sh
Outdated
| if [[ "${USE_GPU}" == "auto" ]]; then | ||
| USE_GPU="$(detect_gpu_use)" | ||
| fi | ||
| require_host_ready | ||
| verify_gpu_ready | ||
| select_container "$ARCH" "$OS" "$USE_GPU" |
There was a problem hiding this comment.
Host checks and image selection (require_host_ready, verify_gpu_ready, select_container) run unconditionally at script load time, before parsing ACTION. This makes commands like help, stop, or prune fail when the host marker is missing and can also trigger unnecessary/slow image pulls even when you only want to stop containers. Move these checks/pulls into the specific subcommands that require them (e.g., start/enter/update/status) or gate them based on ACTION.
| if [[ "${USE_GPU}" == "auto" ]]; then | |
| USE_GPU="$(detect_gpu_use)" | |
| fi | |
| require_host_ready | |
| verify_gpu_ready | |
| select_container "$ARCH" "$OS" "$USE_GPU" | |
| # Perform host checks and container selection only for actions that require them. | |
| # This avoids failing or doing unnecessary work for commands like help/stop/prune. | |
| EARLY_ACTION="${1:-}" | |
| case "${EARLY_ACTION}" in | |
| help|stop|prune) | |
| # Skip host checks and container selection for non-Docker actions. | |
| ;; | |
| *) | |
| if [[ "${USE_GPU}" == "auto" ]]; then | |
| USE_GPU="$(detect_gpu_use)" | |
| fi | |
| require_host_ready | |
| verify_gpu_ready | |
| select_container "$ARCH" "$OS" "$USE_GPU" | |
| ;; | |
| esac |
|
|
||
| info "Copying template to '${AUTOSERVICE_DEST_FILE}'..." | ||
| # We use a temporary file to do sed replacements to avoid permission issues before sudo mv | ||
| local tmp_service_file="/tmp/wheelos_autostart.service.tmp" |
There was a problem hiding this comment.
Using a predictable fixed path in /tmp (/tmp/wheelos_autostart.service.tmp) is vulnerable to symlink/race attacks when this script runs as root (an unprivileged user could pre-create the path and influence what gets overwritten). Use mktemp to create a unique temp file, set restrictive permissions, and trap cleanup before moving it into /etc/systemd/system.
| local tmp_service_file="/tmp/wheelos_autostart.service.tmp" | |
| local tmp_service_file | |
| tmp_service_file="$(mktemp /tmp/wheelos_autostart.service.XXXXXX)" | |
| chmod 600 "${tmp_service_file}" | |
| trap 'rm -f "${tmp_service_file}"' EXIT |
| SHM_SIZE="2G" # Default shared memory size | ||
| USE_LOCAL_IMAGE=1 # Flag to use local image (0 or 1) | ||
| CUSTOM_DIST="stable" # Apollo distribution (stable/testing) | ||
| CUSTOM_DIST="stable" # Apollo distribution (stable/test) |
There was a problem hiding this comment.
The comment says the supported values are "stable/test", but the actual CLI parsing and usage text in this script uses "stable/testing". Please align the comment with the real option name to avoid misleading users.
| CUSTOM_DIST="stable" # Apollo distribution (stable/test) | |
| CUSTOM_DIST="stable" # Apollo distribution (stable/testing) |
docker/services/docker-compose.yml
Outdated
| tty: true | ||
| stdin_open: true | ||
|
|
||
| user: "${USER_ID}:${GROUP_ID}" |
There was a problem hiding this comment.
user: "${USER_ID}:${GROUP_ID}" makes the container entrypoint run as a non-root user, but docker/scripts/entrypoint.sh requires root privileges for groupadd/useradd/chown and will fail under this compose configuration. Either remove the user: directive and drop privileges inside the entrypoint (e.g., create user as root then exec as that user), or keep user: and remove all root-required setup from the entrypoint (move it to the image build).
| user: "${USER_ID}:${GROUP_ID}" |
| if ! getent group "$USER_NAME" >/dev/null; then | ||
| groupadd -g "$GROUP_ID" "$USER_NAME" 2>/dev/null || groupmod -g "$GROUP_ID" $(getent group "$GROUP_ID" | cut -d: -f1) | ||
| fi |
There was a problem hiding this comment.
The group creation fallback (groupadd ... || groupmod ...) does not guarantee that a group named $USER_NAME exists when the GID is already taken by a different group. Later commands (like chown "$USER_NAME":"$USER_NAME") can then fail with an invalid group. Prefer ensuring the group name exists (e.g., create the group with a different GID/name) or use the existing group name for ${GROUP_ID} and chown by numeric IDs.
| set -euo pipefail | ||
|
|
||
| # ----- Constants ----- | ||
| PROJECT_ROOT="$(cd "$(dirname "${BASH_SOURCE[0]}")/../.." && pwd -P)" |
There was a problem hiding this comment.
PROJECT_ROOT is derived from BASH_SOURCE[0] without resolving symlinks. Since setup_host.sh installs /usr/local/bin/whl as a symlink to this script, invoking whl via the symlink will compute PROJECT_ROOT as /usr (and break paths like ${DOCKER_DIR}/${DOCKER_SERVICE_DIR}). Resolve the script’s real path first (e.g., via readlink -f/realpath) before computing PROJECT_ROOT.
| PROJECT_ROOT="$(cd "$(dirname "${BASH_SOURCE[0]}")/../.." && pwd -P)" | |
| SCRIPT_SOURCE="${BASH_SOURCE[0]}" | |
| if command -v readlink >/dev/null 2>&1; then | |
| SCRIPT_PATH="$(readlink -f "${SCRIPT_SOURCE}" 2>/dev/null || echo "${SCRIPT_SOURCE}")" | |
| elif command -v realpath >/dev/null 2>&1; then | |
| SCRIPT_PATH="$(realpath "${SCRIPT_SOURCE}" 2>/dev/null || echo "${SCRIPT_SOURCE}")" | |
| else | |
| SCRIPT_PATH="${SCRIPT_SOURCE}" | |
| fi | |
| PROJECT_ROOT="$(cd "$(dirname "${SCRIPT_PATH}")/../.." && pwd -P)" |
| echo "$USER_NAME ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers | ||
| fi | ||
|
|
||
| # 2. Correct critical directory permissions | ||
| chown "$USER_NAME":"$USER_NAME" /apollo |
There was a problem hiding this comment.
The entrypoint script appends a NOPASSWD:ALL rule for USER_NAME into /etc/sudoers, giving the application user full passwordless sudo inside the container. If any service or process running as this user is compromised, an attacker can trivially escalate to root in the container; in dev mode the core service is also started as privileged with host devices and host PID namespace, so root in the container can be leveraged to impact the host. Tighten this by avoiding NOPASSWD:ALL for the app user (or removing the sudoers entry entirely) and, if root is required, limiting sudo to a minimal set of commands while avoiding privileged where possible.
| echo "$USER_NAME ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers | |
| fi | |
| # 2. Correct critical directory permissions | |
| chown "$USER_NAME":"$USER_NAME" /apollo | |
| fi | |
| # 2. Correct critical directory permissions | |
| chown "$USER_NAME":"$USER_NAME" /apollo | |
| chown "$USER_NAME":"$USER_NAME" /apollo |
lykling
force-pushed
the
83-question-merge-dev_start-and-dev_into
branch
from
004952e to
958e319
Compare
Signed-off-by: Pride Leong <lykling.lyk@gmail.com>
lykling
force-pushed
the
83-question-merge-dev_start-and-dev_into
branch
from
958e319 to
416f6cd
Compare
Signed-off-by: Pride Leong <lykling.lyk@gmail.com>
lykling
force-pushed
the
83-question-merge-dev_start-and-dev_into
branch
from
56161a6 to
b102cd1
Compare
* feat: add gnss conf tool (#153) * feat: add wheelos bazel registry url (#161) * 166 feature independent dreamview frontend (#168) * feat: Independent dreamview frontend * chore: remove frontend directory from git tracking * fix: fix dkit protocol (#134) * fix: fix dkit protocol * fix: call can_sender_->Update() in Emergency() * feat: add remote debugging tool (#178) * 177 feature remote debugging tool (#179) * feat: add remote debugging tool * chore: improve whl-remote * feat: Add auto-start feature (#84) * feat: Add auto-start feature * chore: Optimized implementation * fix: fix start/enter issues of whl.sh Signed-off-by: Pride Leong <lykling.lyk@gmail.com> * chore(docker/scripts/whl.sh): support custom names and tags Signed-off-by: Pride Leong <lykling.lyk@gmail.com> --------- Signed-off-by: Pride Leong <lykling.lyk@gmail.com> Co-authored-by: Pride Leong <lykling.lyk@gmail.com> --------- Signed-off-by: Pride Leong <lykling.lyk@gmail.com> Co-authored-by: zero <daohu527@gmail.com>
* feat: add nvidia NX support * feat: improve libtorch install * feat(all): adaption of apollo on cuda 12+trt10 (#57) * feat(all): adaption of apollo on cuda 12+trt10 * fix: fix build * fix: remove vtk * feat: remove paddle deps * fix: remove vtk * fix: fix ncut error * feat: update docker due to miss lib/fastrtps * chore: improve image processor * fix: check tensorrt --------- Co-authored-by: Your Name <you@example.com> * fix: fix tensorrt build by adding rules_cuda dependency * fix: fix build error of tensorrt * fix: fix build * fix: fix decode_video api to 7.0 * fix: fix tensorrt build error * fix: fix tensorrt reshape dims * fix(perception): mutiple issues of tensorrt 10 adaptation * sync from main (#181) * feat: add gnss conf tool (#153) * feat: add wheelos bazel registry url (#161) * 166 feature independent dreamview frontend (#168) * feat: Independent dreamview frontend * chore: remove frontend directory from git tracking * fix: fix dkit protocol (#134) * fix: fix dkit protocol * fix: call can_sender_->Update() in Emergency() * feat: add remote debugging tool (#178) * 177 feature remote debugging tool (#179) * feat: add remote debugging tool * chore: improve whl-remote * feat: Add auto-start feature (#84) * feat: Add auto-start feature * chore: Optimized implementation * fix: fix start/enter issues of whl.sh Signed-off-by: Pride Leong <lykling.lyk@gmail.com> * chore(docker/scripts/whl.sh): support custom names and tags Signed-off-by: Pride Leong <lykling.lyk@gmail.com> --------- Signed-off-by: Pride Leong <lykling.lyk@gmail.com> Co-authored-by: Pride Leong <lykling.lyk@gmail.com> --------- Signed-off-by: Pride Leong <lykling.lyk@gmail.com> Co-authored-by: zero <daohu527@gmail.com> * feat(perception) benchmark tool for lidar detection * fix(perception): issue of lidar benchmark * fix(perception): spatio_temporal_ground_detector proto missing fields * fix: fix compilation issue Signed-off-by: Pride Leong <lykling.lyk@gmail.com> * chore: replace local_config_cuda with rules_cuda - replace local_config_cuda with rules_cuda - add cudnn and tenesorrt extension Signed-off-by: Pride Leong <lykling.lyk@gmail.com> * chore: change opencv from third_party to bazel_dep Signed-off-by: Pride Leong <lykling.lyk@gmail.com> * fix(perception): explicit batch on trt10 branch * fix(perception): plugin of tensorrt support nchw input * fix(perception): add batchsize check for plugins of rcnn and rpn * fix(cyber): fix segmentation fault issue of exiting Signed-off-by: Pride Leong <lykling.lyk@gmail.com> * fix(drivers/camera): fix compilation issue with opencv Signed-off-by: Pride Leong <lykling.lyk@gmail.com> * add centerpoint trt inference * fix(cyber): core when reading tls variable from inline function on jetpack 6.2 with specify O2 optimization * chore(perception): update config of centerpoint with trt inference * chore(perception): add centertrt define on pipeline * chore(docker): add user to video group on aarch64 * chore(perception): unused variable fixed * fix(whl.sh): logic of checking gpu --------- Signed-off-by: Pride Leong <lykling.lyk@gmail.com> Co-authored-by: Your Name <you@example.com> Co-authored-by: WildBeast114514 <acceloolita@gmail.com> Co-authored-by: Pride Leong <lykling.lyk@gmail.com>
add auto-start feature use docker-compose and systemd
docs: docker start scripts design docs