Prefix all resources to avoid collisions

[CpuID]

On the odd occasion I've seen 2 things trying to run on a system, using the same name (eg. creating or destroying the same Docker network, or same Docker container name), owned by 2 different sockguard processes. This can lead to unexpected results.

In addition, I've seen situations where some subsystem generates a resource name starting with an underscore (Jenkins shortening of workspace names), which I've also seen lead to some unexpected results.

I think it would be wise to have Sockguard transparently prefix all resources created with some random string, eg. a short (3-5char?) [0-9a-z] value + a delimiter? Picturing something like c7sd3_resourcename.

This should be appended by sockguard for Docker API calls, but stripped from responses.

@lox thoughts?

[CpuID]

A perfect example:

ERROR: for elasticsearch  Cannot create container for service elasticsearch: Conflict. The container name "/compose_elasticsearch_1" is already in use by container "6444acf96e9350d97199f8bb074e274d05fc04548e027554262880dffaebd9d3". You have to remove (or rename) that container to be able to reuse that name.

[CpuID]

We've done some testing today with docker-compose, and found that if Jenkins shortens a branch to something like:

_when-file-access-check-not-done

This has led to things hanging. Unsure if this is sockguard, but the fact the Jenkins agents start timing out right on Docker operations smells like it. Nothing obvious in our Sockguard logs though, but by changing branch name to something that leads to a non-underscore prefixed name, things "just work".

[CpuID]

(for my own notes) confirmed again today Jenkins doing its name prefix trimming thing and ending up with a _ prefix caused java.lang.InterruptedException on Jenkins jobs. Unexpected as an error, but good to log for history.