This repository has been archived by the owner on Nov 25, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 68
/
Copy pathrun
executable file
·175 lines (150 loc) · 6.07 KB
/
run
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
#!/bin/bash -e
# Copyright 2016 The Upbound Authors. All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
scriptdir="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
source "${scriptdir}/common.sh"
#if [ ! -z $DOCKER_HOST ]; then
# echo ERROR: we only support the case where docker is running locally for now.
# exit 1
#fi
# build the the container if we've not done so already
if [ "`uname -m`" != "x86_64" ]; then
echo ERROR: we only support the cross container build on amd64 host.
exit 1
fi
echo ==== building the cross container \(this could take minutes the first time\)
make_cmd="make --no-print-directory -C ${scriptdir}/cross build PULL=0"
make_output=$($make_cmd 2>&1) || {
cat <<EOF >&2
=== cross build image failed for ${CROSS_IMAGE}
${make_output}
EOF
exit 1
}
# run the container with the same uid and gid of the user to avoid
# permissions issues when sharing volumes with the host
USER_ARGS="-e BUILDER_UID=$( id -u ) -e BUILDER_GID=$( id -g )"
BUILDER_HOME=/home/upbound
# setup kubectl from the host if available
if [ -d ${HOME}/.kube ]; then
KUBE_ARGS="-v ${HOME}/.kube:${BUILDER_HOME}/.kube"
fi
if [ -x ${KUBEADM_DIND_DIR}/kubectl ]; then
KUBEADM_DIND_ARGS="-v ${KUBEADM_DIND_DIR}/kubectl:/usr/bin/kubectl"
fi
if [ "`uname -s`" != "Linux" ]; then
# On non-linux hosts, its is EXTREMELY slow to mount the source
# tree inside the container. As such we use rsync to copy the source
# tree to a new docker volumer on each run. The first rsync take a
# little bit of time, but subsequent ones go by fast. This approach
# is MUCH faster than using osxfs, NFS or other approaches.
# create a new volume to hold our go workspace. NOTE: while concurrent
# runs of the build container are supported they will share the same volume
# and we will be rsyncing to it at different times. This could lead to
# undefined behavior but this should be a rare case on non-linux envs.
if [[ ! $(docker volume ls | grep ${CROSS_IMAGE_VOLUME}) ]]; then
echo ==== Creating docker volume "${CROSS_IMAGE_VOLUME}" and syncing sources
echo ==== for first time. This could take a few seconds.
docker volume create --name ${CROSS_IMAGE_VOLUME} &> /dev/null
fi
# On non-linux the layout is as follows:
#
# /var/run/docker.sock (bind mounted to host /var/run/docker.sock)
# /${BUILDER_HOME} (bind mounted to an independent docker volume)
# /.netrc (bind mounted to host ${HOME}/.netrc)
# /.aws (bind mounted to host ${HOME}/.aws)
# /.docker (bind mounted to host ${HOME}/.docker)
# /go/src/github.com/upbound/api (rsync'd from host <source>)
# now copy the source tree to the container volume. Note this also
# copies the .git directory but not the index.lock files which
# change frequently and sometimes cause rsync to fail.
rsync_host_to_container \
--filter="- /.work/" \
--filter="- /.vscode/" \
--filter="- index.lock"
MOUNT_OPTS="${MOUNT_OPTS} -v ${CROSS_IMAGE_VOLUME}:${BUILDER_HOME}"
else
# On linux bind mounts are cheap so we dont need to rsync
# the layout is as follows:
#
# /var/run/docker.sock (bind mounted to host /var/run/docker.sock)
# /${BUILDER_HOME}
# /.netrc (bind mounted to host ${HOME}/.netrc)
# /.aws (bind mounted to host ${HOME}/.aws)
# /.docker (bind mounted to host ${HOME}/.docker)
# /go
# /pkg (bind mounted to <source>/.work/cross_pkg)
# /src/github.com/upbound/api (bind mounted to <source>)
MOUNT_OPTS="${MOUNT_OPTS} \
-v ${scriptdir}/../.work/cross_pkg:${BUILDER_HOME}/go/pkg
-v ${scriptdir}/..:${BUILDER_HOME}/go/src/${PROJECT_REPO}"
fi
# we copy credential files for github access
[[ -f ${HOME}/.netrc ]] && NETRC_ARGS="-v ${HOME}/.netrc:${BUILDER_HOME}/.netrc"
tty -s && TTY_ARGS=-ti || TTY_ARGS=
# docker seems more reliable when running with net=host.
if [ -z "${DISABLE_HOST_NETWORK}" ]; then
NET_ARGS="--net=host"
fi
# BUGBUG: new docker clients switch to using OSX keychain. how do we copy creds?
# sometimes we run docker inside docker. bind the docker config and socket
if [ -z "${DISABLE_NESTED_DOCKER}" ]; then
DOCKER_NESTED_ARGS="\
-v ${HOME}/.docker:${BUILDER_HOME}/.docker \
-v /var/run/docker.sock:/var/run/docker.sock"
fi
# set AWS creds
AWS_ARGS="\
-e AWS_ACCESS_KEY_ID \
-e AWS_SECRET_ACCESS_KEY \
-e AWS_DEFAULT_REGION \
-v ${HOME}/.aws:${BUILDER_HOME}/.aws"
rsync_back() {
if [ "`uname -s`" != "Linux" ]; then
# rsync generated files back to the host. IMPORTANT: we never rsync the .git directory back
# since the host's version might have changed.
rsync_container_to_host \
--filter="+ /_output/" \
--filter="+ /.cache/" \
--filter="+ /vendor/" \
--filter="- /*"
fi
}
# set GOPRIVATE to skip go-proxy on upbound by default - https://tip.golang.org/cmd/go/#hdr-Module_configuration_for_non_public_modules
GOPRIVATE="github.com/upbound/*"
docker run \
--rm \
-h ${BUILD_HOST} \
-e BUILD_REGISTRY=${BUILD_REGISTRY} \
-e GOPATH="${BUILDER_HOME}/go" \
-e GITHUB_TOKEN \
-e VERSION \
-e CHANNEL \
-e RUNNING_IN_CI \
-e GOPRIVATE="${GOPRIVATE}" \
-v ${PWD}/_output:${BUILDER_HOME}/go/bin \
${TTY_ARGS} \
${KUBE_ARGS} \
${KUBEADM_DIND_ARGS} \
${DOWNLOAD_ARGS} \
${NETRC_ARGS} \
${AWS_ARGS} \
${USER_ARGS} \
${DOCKER_NESTED_ARGS} \
${NET_ARGS} \
${MOUNT_OPTS} \
-w ${BUILDER_HOME}/go/src/${PROJECT_REPO} \
${CROSS_IMAGE} \
"$@" || { rsync_back; exit 1; }
rsync_back