forked from hyperledger/fabric
-
Notifications
You must be signed in to change notification settings - Fork 0
/
utils.go
186 lines (163 loc) · 6.96 KB
/
utils.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
/*
Copyright IBM Corp. All Rights Reserved.
SPDX-License-Identifier: Apache-2.0
*/
package util
import (
"bytes"
"fmt"
"io"
"runtime"
"strings"
docker "github.com/fsouza/go-dockerclient"
"github.com/hyperledger/fabric/common/flogging"
"github.com/hyperledger/fabric/common/metadata"
"github.com/spf13/viper"
)
var logger = flogging.MustGetLogger("chaincode.platform.util")
type DockerBuildOptions struct {
Image string
Cmd string
Env []string
InputStream io.Reader
OutputStream io.Writer
}
//-------------------------------------------------------------------------------------------
// DockerBuild
//-------------------------------------------------------------------------------------------
// This function allows a "pass-through" build of chaincode within a docker container as
// an alternative to using standard "docker build" + Dockerfile mechanisms. The plain docker
// build is somewhat limiting due to the resulting image that is a superset composition of
// the build-time and run-time environments. This superset can be problematic on several
// fronts, such as a bloated image size, and additional security exposure associated with
// applications that are not needed, etc.
//
// Therefore, this mechanism creates a pipeline consisting of an ephemeral docker
// container that accepts source code as input, runs some function (e.g. "go build"), and
// outputs the result. The intention is that this output will be consumed as the basis of
// a streamlined container by installing the output into a downstream docker-build based on
// an appropriate minimal image.
//
// The input parameters are fairly simple:
// - Image: (optional) The builder image to use or "chaincode.builder"
// - Cmd: The command to execute inside the container.
// - InputStream: A tarball of files that will be expanded into /chaincode/input.
// - OutputStream: A tarball of files that will be gathered from /chaincode/output
// after successful execution of Cmd.
//-------------------------------------------------------------------------------------------
func DockerBuild(opts DockerBuildOptions, client *docker.Client) error {
if opts.Image == "" {
opts.Image = GetDockerImageFromConfig("chaincode.builder")
if opts.Image == "" {
return fmt.Errorf("No image provided and \"chaincode.builder\" default does not exist")
}
}
logger.Debugf("Attempting build with image %s", opts.Image)
//-----------------------------------------------------------------------------------
// Ensure the image exists locally, or pull it from a registry if it doesn't
//-----------------------------------------------------------------------------------
_, err := client.InspectImage(opts.Image)
if err != nil {
logger.Debugf("Image %s does not exist locally, attempt pull", opts.Image)
err = client.PullImage(docker.PullImageOptions{Repository: opts.Image}, docker.AuthConfiguration{})
if err != nil {
return fmt.Errorf("Failed to pull %s: %s", opts.Image, err)
}
}
//-----------------------------------------------------------------------------------
// Create an ephemeral container, armed with our Image/Cmd
//-----------------------------------------------------------------------------------
container, err := client.CreateContainer(docker.CreateContainerOptions{
Config: &docker.Config{
Image: opts.Image,
Cmd: []string{"/bin/sh", "-c", opts.Cmd},
Env: opts.Env,
AttachStdout: true,
AttachStderr: true,
},
})
if err != nil {
return fmt.Errorf("Error creating container: %s", err)
}
defer client.RemoveContainer(docker.RemoveContainerOptions{ID: container.ID})
//-----------------------------------------------------------------------------------
// Upload our input stream
//-----------------------------------------------------------------------------------
err = client.UploadToContainer(container.ID, docker.UploadToContainerOptions{
Path: "/chaincode/input",
InputStream: opts.InputStream,
})
if err != nil {
return fmt.Errorf("Error uploading input to container: %s", err)
}
//-----------------------------------------------------------------------------------
// Attach stdout buffer to capture possible compilation errors
//-----------------------------------------------------------------------------------
stdout := bytes.NewBuffer(nil)
cw, err := client.AttachToContainerNonBlocking(docker.AttachToContainerOptions{
Container: container.ID,
OutputStream: stdout,
ErrorStream: stdout,
Logs: true,
Stdout: true,
Stderr: true,
Stream: true,
})
if err != nil {
return fmt.Errorf("Error attaching to container: %s", err)
}
//-----------------------------------------------------------------------------------
// Launch the actual build, realizing the Env/Cmd specified at container creation
//-----------------------------------------------------------------------------------
err = client.StartContainer(container.ID, nil)
if err != nil {
cw.Close()
return fmt.Errorf("Error executing build: %s \"%s\"", err, stdout.String())
}
//-----------------------------------------------------------------------------------
// Wait for the build to complete and gather the return value
//-----------------------------------------------------------------------------------
retval, err := client.WaitContainer(container.ID)
if err != nil {
cw.Close()
return fmt.Errorf("Error waiting for container to complete: %s", err)
}
// Wait for stream copying to complete before accessing stdout.
cw.Close()
if err := cw.Wait(); err != nil {
logger.Errorf("attach wait failed: %s", err)
}
if retval > 0 {
return fmt.Errorf("Error returned from build: %d \"%s\"", retval, stdout.String())
}
logger.Debugf("Build output is %s", stdout.String())
//-----------------------------------------------------------------------------------
// Finally, download the result
//-----------------------------------------------------------------------------------
err = client.DownloadFromContainer(container.ID, docker.DownloadFromContainerOptions{
Path: "/chaincode/output/.",
OutputStream: opts.OutputStream,
})
if err != nil {
return fmt.Errorf("Error downloading output: %s", err)
}
return nil
}
// GetDockerImageFromConfig replaces variables in the config
func GetDockerImageFromConfig(path string) string {
r := strings.NewReplacer(
"$(ARCH)", runtime.GOARCH,
"$(PROJECT_VERSION)", metadata.Version,
"$(TWO_DIGIT_VERSION)", twoDigitVersion(metadata.Version),
"$(DOCKER_NS)", metadata.DockerNamespace,
"$(BASE_DOCKER_NS)", metadata.BaseDockerNamespace)
return r.Replace(viper.GetString(path))
}
// twoDigitVersion truncates a 3 digit version (e.g. 2.0.0) to a 2 digit version (e.g. 2.0),
// If version does not include dots (e.g. latest), just return the passed version
func twoDigitVersion(version string) string {
if strings.LastIndex(version, ".") < 0 {
return version
}
return version[0:strings.LastIndex(version, ".")]
}