/
local.go
498 lines (438 loc) · 15.6 KB
/
local.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
// Copyright 2023 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
package execution
import (
"bytes"
"errors"
"fmt"
"log"
"os"
"os/exec"
"path/filepath"
"github.com/bazelbuild/remote-apis-sdks/go/pkg/digest"
remote "github.com/bazelbuild/remote-apis/build/bazel/remote/execution/v2"
"google.golang.org/genproto/googleapis/rpc/errdetails"
"google.golang.org/grpc/codes"
"google.golang.org/grpc/status"
"google.golang.org/protobuf/proto"
"github.com/philwo/kajiya/blobstore"
)
// TODO: Make this configurable via a flag.
const fastCopy = true
type Executor struct {
execDir string
cas *blobstore.ContentAddressableStorage
}
func New(execDir string, cas *blobstore.ContentAddressableStorage) (*Executor, error) {
if execDir == "" {
return nil, fmt.Errorf("execDir must be set")
}
if cas == nil {
return nil, fmt.Errorf("cas must be set")
}
// Create the data directory if it doesn't exist.
if err := os.MkdirAll(execDir, 0755); err != nil {
return nil, fmt.Errorf("failed to create directory %q: %v", execDir, err)
}
return &Executor{
execDir: execDir,
cas: cas,
}, nil
}
// Execute executes the given action and returns the result.
func (e *Executor) Execute(action *remote.Action) (*remote.ActionResult, error) {
var missingBlobs []digest.Digest
// Get the command from the CAS.
cmd, err := e.getCommand(action.CommandDigest)
if err != nil {
if os.IsNotExist(err) {
missingBlobs = append(missingBlobs, digest.NewFromProtoUnvalidated(action.CommandDigest))
} else {
return nil, err
}
}
// Get the input root from the CAS.
inputRoot, err := e.getDirectory(action.InputRootDigest)
if err != nil {
if os.IsNotExist(err) {
missingBlobs = append(missingBlobs, digest.NewFromProtoUnvalidated(action.InputRootDigest))
} else {
return nil, err
}
}
// Build an execution directory for the action. If the input root is nil, it means that its
// digest was not found in the CAS, so we skip this part and just return an error next.
var execDir string
if inputRoot != nil {
execDir, err = os.MkdirTemp(e.execDir, "*")
defer e.deleteExecutionDirectory(execDir)
if err != nil {
return nil, fmt.Errorf("failed to create execution directory: %v", err)
}
mb, err := e.materializeDirectory(execDir, inputRoot)
if err != nil {
return nil, fmt.Errorf("failed to materialize input root: %v", err)
}
missingBlobs = append(missingBlobs, mb...)
}
// If there were any missing blobs, we fail early and return the list to the client.
if len(missingBlobs) > 0 {
return nil, e.formatMissingBlobsError(missingBlobs)
}
// If a working directory was specified, verify that it exists.
workDir := execDir
if cmd.WorkingDirectory != "" {
if !filepath.IsLocal(cmd.WorkingDirectory) {
return nil, fmt.Errorf("working directory %q points outside of input root", cmd.WorkingDirectory)
}
workDir = filepath.Join(execDir, cmd.WorkingDirectory)
if err := os.MkdirAll(workDir, 0755); err != nil {
return nil, fmt.Errorf("could not create working directory: %v", err)
}
}
// Create the directories required by all output files and directories.
outputPaths, err := e.createOutputPaths(cmd, workDir)
if err != nil {
return nil, err
}
// Execute the command.
actionResult, err := e.executeCommand(execDir, cmd)
if err != nil {
return nil, fmt.Errorf("failed to execute command: %v", err)
}
// Save stdout and stderr to the CAS and update their digests in the action result.
if err := e.saveStdOutErr(actionResult); err != nil {
return nil, err
}
// Go through all output files and directories and upload them to the CAS.
for _, outputPath := range outputPaths {
joinedPath := filepath.Join(workDir, outputPath)
fi, err := os.Stat(joinedPath)
if err != nil {
if os.IsNotExist(err) {
// Ignore non-existing output files.
continue
}
return nil, fmt.Errorf("failed to stat output path %q: %v", outputPath, err)
}
if fi.IsDir() {
// Upload the directory to the CAS.
dirs, err := e.buildMerkleTree(joinedPath)
if err != nil {
return nil, fmt.Errorf("failed to build merkle tree for %q: %v", outputPath, err)
}
tree := remote.Tree{
Root: dirs[0],
}
if len(dirs) > 1 {
tree.Children = dirs[1:]
}
treeBytes, err := proto.Marshal(&tree)
if err != nil {
return nil, fmt.Errorf("failed to marshal tree: %v", err)
}
d, err := e.cas.Put(treeBytes)
if err != nil {
return nil, fmt.Errorf("failed to upload tree to CAS: %v", err)
}
actionResult.OutputDirectories = append(actionResult.OutputDirectories, &remote.OutputDirectory{
Path: outputPath,
TreeDigest: d.ToProto(),
IsTopologicallySorted: false,
})
} else {
// Upload the file to the CAS.
d, err := digest.NewFromFile(joinedPath)
if err != nil {
return nil, fmt.Errorf("failed to compute digest of file %q: %v", outputPath, err)
}
if err := e.cas.Adopt(d, joinedPath); err != nil {
return nil, fmt.Errorf("failed to upload file %q to CAS: %v", outputPath, err)
}
actionResult.OutputFiles = append(actionResult.OutputFiles, &remote.OutputFile{
Path: outputPath,
Digest: d.ToProto(),
IsExecutable: fi.Mode()&0111 != 0,
})
}
}
return actionResult, nil
}
// createOutputPaths creates the directories required by all output files and directories.
// It transforms and returns the list of output paths so that they're relative to our current working directory.
func (e *Executor) createOutputPaths(cmd *remote.Command, workDir string) (outputPaths []string, err error) {
if cmd.OutputPaths != nil {
// REAPI v2.1+
outputPaths = cmd.OutputPaths
} else {
// REAPI v2.0
outputPaths = make([]string, 0, len(cmd.OutputFiles)+len(cmd.OutputDirectories))
outputPaths = append(outputPaths, cmd.OutputFiles...)
outputPaths = append(outputPaths, cmd.OutputDirectories...)
}
for _, outputPath := range outputPaths {
// We need to create the parent directories of the output path, because the command
// may not create them itself.
if err := os.MkdirAll(filepath.Join(workDir, filepath.Dir(outputPath)), 0755); err != nil {
return nil, fmt.Errorf("failed to create parent directories for %q: %v", outputPath, err)
}
}
return outputPaths, nil
}
// saveStdOutErr saves stdout and stderr to the CAS and returns the updated action result.
func (e *Executor) saveStdOutErr(actionResult *remote.ActionResult) error {
d, err := e.cas.Put(actionResult.StdoutRaw)
if err != nil {
return status.Errorf(codes.Internal, "failed to put stdout into CAS: %v", err)
}
actionResult.StdoutDigest = d.ToProto()
d, err = e.cas.Put(actionResult.StderrRaw)
if err != nil {
return status.Errorf(codes.Internal, "failed to put stderr into CAS: %v", err)
}
actionResult.StderrDigest = d.ToProto()
// Servers are not required to inline stdout and stderr, so we just set them to nil.
// The client can just fetch them from the CAS if it needs them.
actionResult.StdoutRaw = nil
actionResult.StderrRaw = nil
return nil
}
func (e *Executor) getDirectory(d *remote.Digest) (*remote.Directory, error) {
dirDigest, err := digest.NewFromProto(d)
if err != nil {
return nil, fmt.Errorf("failed to parse directory digest: %v", err)
}
dirBytes, err := e.cas.Get(dirDigest)
if err != nil {
return nil, fmt.Errorf("failed to get directory from CAS: %v", err)
}
dir := &remote.Directory{}
if err := proto.Unmarshal(dirBytes, dir); err != nil {
return nil, fmt.Errorf("failed to unmarshal directory: %v", err)
}
return dir, nil
}
func (e *Executor) getCommand(d *remote.Digest) (*remote.Command, error) {
cmdDigest, err := digest.NewFromProto(d)
if err != nil {
return nil, fmt.Errorf("failed to parse command digest: %v", err)
}
cmdBytes, err := e.cas.Get(cmdDigest)
if err != nil {
return nil, fmt.Errorf("failed to get command from CAS: %v", err)
}
cmd := &remote.Command{}
if err := proto.Unmarshal(cmdBytes, cmd); err != nil {
return nil, fmt.Errorf("failed to unmarshal command: %v", err)
}
return cmd, nil
}
// materializeDirectory recursively materializes the given directory in the
// local filesystem. The directory itself is created at the given path, and
// all files and subdirectories are created under that path.
func (e *Executor) materializeDirectory(path string, d *remote.Directory) (missingBlobs []digest.Digest, err error) {
// First, materialize all the input files in the directory.
for _, fileNode := range d.Files {
filePath := filepath.Join(path, fileNode.Name)
err = e.materializeFile(filePath, fileNode)
if err != nil {
if os.IsNotExist(err) {
missingBlobs = append(missingBlobs, digest.NewFromProtoUnvalidated(fileNode.Digest))
continue
}
return nil, fmt.Errorf("failed to materialize file: %v", err)
}
}
// Next, materialize all the subdirectories.
for _, sdNode := range d.Directories {
sdPath := filepath.Join(path, sdNode.Name)
err = os.Mkdir(sdPath, 0755)
if err != nil {
return nil, fmt.Errorf("failed to create subdirectory: %v", err)
}
sd, err := e.getDirectory(sdNode.Digest)
if err != nil {
if os.IsNotExist(err) {
missingBlobs = append(missingBlobs, digest.NewFromProtoUnvalidated(sdNode.Digest))
continue
}
return nil, fmt.Errorf("failed to get subdirectory: %v", err)
}
sdMissingBlobs, err := e.materializeDirectory(sdPath, sd)
missingBlobs = append(missingBlobs, sdMissingBlobs...)
if err != nil {
return nil, fmt.Errorf("failed to materialize subdirectory: %v", err)
}
}
// Finally, set the directory properties. We have to do this after the files
// have been materialized, because otherwise the mtime of the directory would
// be updated to the current time.
if d.NodeProperties != nil {
if d.NodeProperties.Mtime != nil {
time := d.NodeProperties.Mtime.AsTime()
if err := os.Chtimes(path, time, time); err != nil {
return nil, fmt.Errorf("failed to set mtime: %v", err)
}
}
if d.NodeProperties.UnixMode != nil {
if err := os.Chmod(path, os.FileMode(d.NodeProperties.UnixMode.Value)); err != nil {
return nil, fmt.Errorf("failed to set mode: %v", err)
}
}
}
return missingBlobs, nil
}
// materializeFile downloads the given file from the CAS and writes it to the given path.
func (e *Executor) materializeFile(filePath string, fileNode *remote.FileNode) error {
fileDigest, err := digest.NewFromProto(fileNode.Digest)
if err != nil {
return fmt.Errorf("failed to parse file digest: %v", err)
}
// Calculate the file permissions from all relevant fields.
perm := os.FileMode(0644)
if fileNode.NodeProperties != nil && fileNode.NodeProperties.UnixMode != nil {
perm = os.FileMode(fileNode.NodeProperties.UnixMode.Value)
}
if fileNode.IsExecutable {
perm |= 0111
}
if fastCopy {
// Fast copy is enabled, so we just create a hard link to the file in the CAS.
err := e.cas.LinkTo(fileDigest, filePath)
if err != nil {
return fmt.Errorf("failed to link to file in CAS: %v", err)
}
err = os.Chmod(filePath, perm)
if err != nil {
return fmt.Errorf("failed to set mode: %v", err)
}
} else {
fileBytes, err := e.cas.Get(fileDigest)
if err != nil {
return fmt.Errorf("failed to get file from CAS: %v", err)
}
err = os.WriteFile(filePath, fileBytes, perm)
if err != nil {
return fmt.Errorf("failed to write file: %v", err)
}
}
if fileNode.NodeProperties != nil && fileNode.NodeProperties.Mtime != nil {
time := fileNode.NodeProperties.Mtime.AsTime()
if err := os.Chtimes(filePath, time, time); err != nil {
return fmt.Errorf("failed to set mtime: %v", err)
}
}
return nil
}
// formatMissingBlobsError formats a list of missing blobs as a gRPC "FailedPrecondition" error
// as described in the Remote Execution API.
func (e *Executor) formatMissingBlobsError(blobs []digest.Digest) error {
violations := make([]*errdetails.PreconditionFailure_Violation, 0, len(blobs))
for _, b := range blobs {
violations = append(violations, &errdetails.PreconditionFailure_Violation{
Type: "MISSING",
Subject: fmt.Sprintf("blobs/%s/%d", b.Hash, b.Size),
})
}
s, err := status.New(codes.FailedPrecondition, "missing blobs").WithDetails(&errdetails.PreconditionFailure{
Violations: violations,
})
if err != nil {
return fmt.Errorf("failed to create status: %v", err)
}
return s.Err()
}
// executeCommand runs cmd in the input root execDir, which must already have been prepared by the caller.
// If we were able to execute the command, a valid ActionResult will be returned and error is nil.
// This includes the case where we ran the command, and it exited with an exit code != 0.
// However, if something went wrong during preparation or while spawning the process, an error is returned.
func (e *Executor) executeCommand(execDir string, cmd *remote.Command) (*remote.ActionResult, error) {
if cmd.Platform != nil {
for _, prop := range cmd.Platform.Properties {
if prop.Name == "container-image" {
// TODO: Implement containerized execution for actions that ask to run inside a given container image.
}
}
}
c := exec.Command(cmd.Arguments[0], cmd.Arguments[1:]...)
c.Dir = filepath.Join(execDir, cmd.WorkingDirectory)
for _, env := range cmd.EnvironmentVariables {
c.Env = append(c.Env, fmt.Sprintf("%s=%s", env.Name, env.Value))
}
var stdout, stderr bytes.Buffer
c.Stdout = &stdout
c.Stderr = &stderr
if err := c.Run(); err != nil {
// ExitError just means that the command returned a non-zero exit code.
// In that case we just set the ExitCode in the ActionResult to it.
// However, other errors mean that something went wrong, and we need to
// return them to the caller.
if exitErr := (&exec.ExitError{}); !errors.As(err, &exitErr) {
return nil, err
}
}
return &remote.ActionResult{
ExitCode: int32(c.ProcessState.ExitCode()),
StdoutRaw: stdout.Bytes(),
StderrRaw: stderr.Bytes(),
}, nil
}
// addDirectoryToTree recursively walks through the given directory and adds itself, all files and
// subdirectories to the given Tree.
func (e *Executor) buildMerkleTree(path string) (dirs []*remote.Directory, err error) {
dir := &remote.Directory{}
dirEntries, err := os.ReadDir(path)
if err != nil {
return nil, fmt.Errorf("failed to read directory: %v", err)
}
for _, dirEntry := range dirEntries {
if dirEntry.IsDir() {
subDirs, err := e.buildMerkleTree(filepath.Join(path, dirEntry.Name()))
if err != nil {
return nil, fmt.Errorf("failed to build merkle tree: %v", err)
}
d, err := digest.NewFromMessage(subDirs[0])
if err != nil {
return nil, fmt.Errorf("failed to get digest: %v", err)
}
dir.Directories = append(dir.Directories, &remote.DirectoryNode{
Name: dirEntry.Name(),
Digest: d.ToProto(),
})
dirs = append(dirs, subDirs...)
} else {
d, err := digest.NewFromFile(filepath.Join(path, dirEntry.Name()))
if err != nil {
return nil, fmt.Errorf("failed to get digest: %v", err)
}
fi, err := dirEntry.Info()
if err != nil {
return nil, fmt.Errorf("failed to get file info: %v", err)
}
fileNode := &remote.FileNode{
Name: dirEntry.Name(),
Digest: d.ToProto(),
IsExecutable: fi.Mode()&0111 != 0,
}
err = e.cas.Adopt(d, filepath.Join(path, dirEntry.Name()))
if err != nil {
return nil, fmt.Errorf("failed to move file into CAS: %v", err)
}
dir.Files = append(dir.Files, fileNode)
}
}
dirBytes, err := proto.Marshal(dir)
if err != nil {
return nil, fmt.Errorf("failed to marshal directory: %v", err)
}
if _, err = e.cas.Put(dirBytes); err != nil {
return nil, err
}
return append([]*remote.Directory{dir}, dirs...), nil
}
func (e *Executor) deleteExecutionDirectory(dir string) {
if err := os.RemoveAll(dir); err != nil {
log.Printf("🚨 failed to remove execution directory: %v", err)
}
}