/
call-service-in-docker.sh
executable file
·186 lines (157 loc) · 4.88 KB
/
call-service-in-docker.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
#!/bin/bash
#set -x
function printlog {
printf "%s %s %7s %s\n" `date +"%Y-%m-%d %H:%M:%S"` "[$$]" "$@" >> $LOGFILE
}
function create_dir {
DIR=$1
if [ ! -d $DIR ];then
printlog "Creating directory '$DIR'"
mkdir -p $DIR || exit 1
else
printlog "Directory '$DIR' already exists"
fi
}
#FSDIR="/opt/obs/SourceServiceSystem"
DOCKER_IMAGE=`obs_admin --query-config docker_image`
SERVICES_DIR=`obs_admin --query-config servicetempdir`
SCM_COMMAND=0
WITH_NET=0
COMMAND="$1"
LOGDIR=/srv/obs/service/log/
LOGFILE=$LOGDIR/`basename $0`.log
if [[ ! $DOCKER_IMAGE ]];then
DOCKER_IMAGE=suse/sles12sp2-source-service:latest
fi
printlog "$0 called:"
printlog "$@"
create_dir "$LOGDIR"
shift
case "$COMMAND" in
*/download_url|*/download_src_package|*/update_source|*/download_files|*/generator_pom|*/snapcraft|*/kiwi_import)
WITH_NET="1"
;;
*/tar_scm|*/obs_scm)
SCM_COMMAND=1
WITH_NET="1"
;;
esac
while [ $# -gt 0 ]; do
case $1 in
--scm)
PARAM_SCM=$2
;;
--scm=*)
PARAM_SCM=$1
PARAM_SCM=${PARAM_SCM#--scm=}
;;
--url)
PARAM_URL=$2
;;
--url=*)
PARAM_URL=$1
PARAM_URL=${PARAM_URL#--url=}
;;
esac
if [ "$1" == "--outdir" ] ; then
shift
OUTDIR="$1"
else
COMMAND="$COMMAND '${1//\'/_}'"
shift
COMMAND="$COMMAND '${1//\'/_}'"
fi
shift
done
if [ -z "$OUTDIR" ] ; then
echo "ERROR: no outdir given"
exit 1
fi
MOUNTDIR=`dirname $OUTDIR`
RETURN="0"
create_dir "$MOUNTDIR"
# set -x
INNERBASEDIR=`mktemp -u /var/cache/obs/XXXXXXXXXXXX`
CONTAINER_ID=src-service-`basename $INNERBASEDIR`
INNEROUTDIR="$INNERBASEDIR/out"
OUTEROUTDIR="$MOUNTDIR/out"
INNERSRCDIR="$INNERBASEDIR/src"
OUTERSRCDIR="$MOUNTDIR/src"
INNERSCRIPTDIR="$INNERBASEDIR/scripts"
INNERSCRIPT="$INNERSCRIPTDIR/inner.sh"
create_dir "$OUTEROUTDIR"
create_dir "$OUTERSRCDIR"
create_dir "$MOUNTDIR$INNERSCRIPTDIR"
# Create inner.sh which is just a wrapper for
# su nobody -s inner.sh.command
printlog "Creating INNERSCRIPT '$MOUNTDIR/$INNERSCRIPT'"
echo "#!/bin/bash" > "$MOUNTDIR/$INNERSCRIPT"
echo "export OBS_SERVICE_APIURL=\"$OBS_SERVICE_APIURL\"" >> "$MOUNTDIR/$INNERSCRIPT"
echo "cd $INNERSRCDIR" >> "$MOUNTDIR/$INNERSCRIPT"
echo -n "${INNERSCRIPT}.command" >> "$MOUNTDIR/$INNERSCRIPT"
# Create inner.sh.command
# dirname /srv/obs/service/11875/out/
printlog "Creating INNERSCRIPT.command '$MOUNTDIR/${INNERSCRIPT}.command'"
echo "#!/bin/bash" > "$MOUNTDIR/${INNERSCRIPT}.command"
echo "set -x" >> "$MOUNTDIR/${INNERSCRIPT}.command"
echo "echo Running ${COMMAND[@]} --outdir $INNEROUTDIR" >> "$MOUNTDIR/${INNERSCRIPT}.command"
DOCKER_OPTS_NET="--net=bridge"
if [ "$WITH_NET" != "1" ] ; then
printlog "Using docker without network"
DOCKER_OPTS_NET="--net=none"
else
printlog "Using docker with network"
fi
DOCKER_VOLUMES="-v $OUTEROUTDIR:$INNEROUTDIR -v $OUTERSRCDIR:$INNERSRCDIR -v $MOUNTDIR$INNERSCRIPTDIR:$INNERSCRIPTDIR"
JAILED=""
if [ $SCM_COMMAND -eq 1 ];then
URL_HASH=`echo $PARAM_URL|sha256sum|cut -f1 -d\ `
OUTERSCMCACHE="$SERVICES_DIR/scm-cache/$URL_HASH"
INNERSCMCACHE="$INNERBASEDIR/scm-cache"
create_dir "$OUTERSCMCACHE"
DOCKER_VOLUMES="$DOCKER_VOLUMES -v $OUTERSCMCACHE:$INNERSCMCACHE"
echo "export CACHEDIRECTORY='$INNERSCMCACHE'" >> "$MOUNTDIR/${INNERSCRIPT}.command"
fi
FULL_COMMAND="${COMMAND[@]} --outdir $INNEROUTDIR"
printlog "FULL_COMMAND: '$FULL_COMMAND'"
echo "export HOME=/home/daemon" >> "$MOUNTDIR/${INNERSCRIPT}.command"
echo "$FULL_COMMAND" >> "$MOUNTDIR/${INNERSCRIPT}.command"
chmod 0755 "$MOUNTDIR/$INNERSCRIPT"
chmod 0755 "$MOUNTDIR/${INNERSCRIPT}.command"
# useful for debugging purposes
if [[ $DEBUG_DOCKER ]];then
DEBUG_OPTIONS="-it"
INNERSCRIPT=/bin/bash
fi
find $MOUNTDIR
# run jailed process
DOCKER_RUN_CMD="docker run -u 2:2 $DOCKER_OPTS_NET --rm --name $CONTAINER_ID $DOCKER_VOLUMES $DEBUG_OPTIONS $DOCKER_IMAGE $INNERSCRIPT"
printlog "DOCKER_RUN_CMD: '$DOCKER_RUN_CMD'"
CMD_OUT=$(${DOCKER_RUN_CMD} 2>&1)
if [ $? -eq 0 ]; then
# move out the result
if [ 0`find "$MOUNTDIR/$INNEROUTDIR" -type f 2>/dev/null| wc -l` -gt 0 ]; then
for i in _service:* ; do
if [ ! -f "$MOUNTDIR/$INNERSRCDIR/$i" ]; then
rm -f "$i"
fi
done
fi
else
printlog "$CMD_OUT"
echo "$CMD_OUT"
RETURN="3"
fi
if [[ $DEBUG_DOCKER ]];then
printlog "DEBUG_DOCKER is set. Skipping cleanup"
else
printlog "Starting cleanup"
[ -d "$MOUNTDIR/$INNERSRCDIR" ] && rmdir --ignore-fail-on-non-empty "$MOUNTDIR/$INNERSRCDIR"
[ -d "$MOUNTDIR/$INNEROUTDIR" ] && rmdir --ignore-fail-on-non-empty "$MOUNTDIR/$INNEROUTDIR"
rm -f "$MOUNTDIR/${INNERSCRIPT}.command" 2> /dev/null
rm -f "$MOUNTDIR/$INNERSCRIPT" 2> /dev/null
rmdir --ignore-fail-on-non-empty "$MOUNTDIR$INNERSCRIPTDIR" 2> /dev/null
rmdir --ignore-fail-on-non-empty "$MOUNTDIR" 2> /dev/null
docker inspect $CONTAINER_ID > /dev/null 2>&1 && docker rm --force --volumes $CONTAINER_ID
fi
exit $RETURN