aboutsummaryrefslogtreecommitdiffstats
path: root/build/docker/runcontext
blob: c4f7b29bc559622a6776c0aab413eed70cdee501 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132

#!/bin/bash
set -e
##############################################################################
# Copyright (c) 2015 Ericsson AB and others.
# stefan.k.berg@ericsson.com
# jonas.bjurel@ericsson.com
# All rights reserved. This program and the accompanying materials
# are made available under the terms of the Apache License, Version 2.0
# which accompanies this distribution, and is available at
# http://www.apache.org/licenses/LICENSE-2.0
##############################################################################
#

############################################################################
# BEGIN of Exit handlers
#

do_exit () {
    CID=`cat $CID_FILE </dev/null`
    rm -f $CID_FILE
    rm -rf $CONTEXT_DIR
    set +e
    docker kill $CID > /dev/null 2>&1
    docker rm -f $CID > /dev/null 2>&1
    docker rmi -f $IID > /dev/null 2>&1
    set -e
}

#
# End of Exit handlers
############################################################################

trap do_exit SIGINT SIGTERM EXIT

context=$1
shift
USER_ID=`id -u`
USER=`whoami`
GROUP_ID=`id -g`

GITROOT=`git rev-parse --show-toplevel`
CID_FILE=`mktemp -u -t runcontext.XXXXXXXXXX`
CONTEXT_DIR=`mktemp -d ${GITROOT}/.docker_contextXXXXXX`

# If RSYNC_CONNECT_PROG is used, we need to copy all of
# the SSH structure, should one of the keys need to be
# used.
if [ -n "$RSYNC_CONNECT_PROG" -a -x $HOME/.ssh ]; then
    cp -rp $HOME/.ssh $CONTEXT_DIR
    rm -f $CONTEXT_DIR/.ssh/known_hosts
else
    mkdir $CONTEXT_DIR/.ssh
fi

# Disable verification of unknown keys
cat >> $CONTEXT_DIR/.ssh/config <<EOF
StrictHostKeyChecking=no
EOF

cat > $CONTEXT_DIR/Dockerfile <<EOF
FROM $context
$(env | egrep -i 'proxy|rsync' | sed 's/^/ENV /' | sed 's/=/ /')
RUN date || date
COPY .ssh  $HOME/.ssh
RUN chown -R $USER_ID:$GROUP_ID $HOME/.ssh
RUN chown -R $USER_ID:$GROUP_ID $HOME
RUN chmod 700 $HOME/.ssh
RUN /root/setcontext $USER $USER_ID $GROUP_ID $HOME
EOF

res=`docker build -q --force-rm $CONTEXT_DIR`
IID=`echo $res | sed 's/.* //'`

# Handle proxy settings passed to the context
if env | grep -iq .*proxy; then
    envfile="$(readlink -f $(dirname $0)/..)/environment.mk"

    test -n "$HTTP_PROXY" && my_http_proxy=$HTTP_PROXY
    test -n "$http_proxy" && my_http_proxy=$http_proxy

    test -n "$HTTPS_PROXY" && my_https_proxy=$HTTPS_PROXY
    test -n "$https_proxy" && my_https_proxy=$https_proxy

    test -n "$NO_PROXY" && my_no_proxy=$NO_PROXY
    test -n "$no_proxy" && my_no_proxy=$no_proxy

    # Make sure to add the Docker socket in no_proxy
    if [ -n "$my_no_proxy" ]; then
        my_no_proxy+=",/var/run/docker.sock"
    else
        my_no_proxy="/var/run/docker.sock"
    fi

    echo "Creating $envfile"
    echo "# This file is automatically generated by runcontext, do not edit!" > $envfile
    test -n "$my_http_proxy" && echo "export http_proxy=$my_http_proxy" >> $envfile
    test -n "$my_https_proxy" && echo "export https_proxy=$my_https_proxy" >> $envfile
    test -n "$my_no_proxy" && echo "export no_proxy=$my_no_proxy" >> $envfile
    test -n "$RSYNC_PROXY" && echo "export RSYNC_PROXY=$RSYNC_PROXY" >> $envfile
    test -n "$RSYNC_CONNECT_PROG" && echo "export RSYNC_CONNECT_PROG=$RSYNC_CONNECT_PROG" >> $envfile
    echo "export npm_config_registry=http://registry.npmjs.org/" >> $envfile
else
    echo "No need to generate environment.mk"
    rm -f $envfile
fi

# Evaluate the need for bind mounting the cache directory
if [ -n "$CACHEBASE" ]; then
    if echo $CACHEBASE | grep -q '^file://'; then
        CACHEMOUNT="-v $(echo $CACHEBASE | sed 's;file://;;'):$(echo $CACHEBASE | sed 's;file://;;')"
    fi
fi

# FIXME: TERM is required because: https://github.com/docker/docker/issues/9299
RUN_CONTEXT_OPT="--cidfile $CID_FILE --privileged=true --rm \
    -e TERM=$TERM \
    -e HOME=$HOME -e CACHEDEBUG -e CACHETRANSPORT -e CACHEMAXAGE -e CACHEBASE \
    -e BUILD_FUEL_PLUGINS -e MIRROR_UBUNTU -e MIRROR_UBUNTU_ROOT \
    -e MIRROR_MOS_UBUNTU -e MIRROR_MOS_UBUNTU_ROOT -e MIRROR_FUEL \
    -e LATEST_TARGET_UBUNTU -e UBUNTU_ARCH \
    -u $USER_ID:$GROUP_ID -w $PWD \
    -v $GITROOT:$GITROOT -v /sys/fs/cgroup:/sys/fs/cgroup:ro $CACHEMOUNT"

# Passing "debug" puts up an interactive bash shell
if [ "$1" == "debug" ]; then
  echo command: docker run ${RUN_CONTEXT_OPT} $IID bash
  docker run -i -t ${RUN_CONTEXT_OPT} $IID bash
else
  echo command: docker run ${RUN_CONTEXT_OPT} $IID $@
  docker run -t ${RUN_CONTEXT_OPT} $IID $@
fi