From c0088832d8cfaac2357a7ab1869d8ef0a0b574fe Mon Sep 17 00:00:00 2001 From: yu-i-i Date: Fri, 20 Mar 2026 05:15:41 +0100 Subject: [PATCH] Sandboxed compiles: avoid destroying containers of recently accessed projects see upstream commit a9c4138 here is an appropriate DockerRunner.mjs patch --- services/clsi/app/js/DockerRunner.mjs | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/services/clsi/app/js/DockerRunner.mjs b/services/clsi/app/js/DockerRunner.mjs index 07fd3c7961..fa32fee10c 100644 --- a/services/clsi/app/js/DockerRunner.mjs +++ b/services/clsi/app/js/DockerRunner.mjs @@ -7,6 +7,7 @@ import async from 'async' import LockManager from './DockerLockManager.js' import Path from 'node:path' import _ from 'lodash' +import { getLastProjectAccessTime } from './LastProjectAccess.js' const dockerode = new Docker() @@ -547,6 +548,19 @@ const DockerRunner = { for (const container of containers) { const { name, id, ttl } = DockerRunner.examineOldContainer(container) if (name.slice(0, 9) === '/project-' && ttl <= 0) { + // extract projectId: /project--... + const match = name.match(/^\/project-([a-f0-9]{24})-/) + const projectId = match && match[1] + + if (projectId != null) { + const lastAccess = getLastProjectAccessTime(projectId) + // if last access time is missing, lastAccess === 0, container will be destroyed + // provided that MAX_CONTAINER_AGE is less that 56 years, but anyway, let's check it + if (lastAccess && lastAccess > Date.now() - DockerRunner.MAX_CONTAINER_AGE) { + continue + } + } + // strip the / prefix // the LockManager uses the plain container name const plainName = name.slice(1)