blob: 5476ff0ea10d9a1b5beb9d7b77d13f95ffcb4678 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
|
#!/bin/bash
#
# DOCKER_CMD should be either `docker` or `podman`.
#
# if using (rootless) podman, remember to set /etc/subuid
# and /etc/subgid.
#
docker_cmd=${DOCKER_CMD:-"docker"}
[ "$DOCKER_CMD" = "podman" ] && userns_podman="--userns=keep-id" selinux=",z"
einfo() {
echo "$*" >&2
}
die() {
echo "$*" >&2
exit 1
}
#
# The caller is expected to override the CONTAINER environment
# variable with the container they wish to launch.
#
BASE="registry.gitlab.com/xen-project/xen"
case "_${CONTAINER}" in
_alpine) CONTAINER="${BASE}/alpine:3.12" ;;
_alpine-arm64v8) CONTAINER="${BASE}/alpine:3.12-arm64v8" ;;
_archlinux|_arch) CONTAINER="${BASE}/archlinux:current" ;;
_riscv64) CONTAINER="${BASE}/archlinux:current-riscv64" ;;
_centos7) CONTAINER="${BASE}/centos:7" ;;
_fedora) CONTAINER="${BASE}/fedora:29";;
_focal) CONTAINER="${BASE}/ubuntu:focal" ;;
_jessie) CONTAINER="${BASE}/debian:jessie" ;;
_jessie-i386) CONTAINER="${BASE}/debian:jessie-i386" ;;
_stretch|_) CONTAINER="${BASE}/debian:stretch" ;;
_stretch-i386) CONTAINER="${BASE}/debian:stretch-i386" ;;
_buster-gcc-ibt) CONTAINER="${BASE}/debian:buster-gcc-ibt" ;;
_unstable|_) CONTAINER="${BASE}/debian:unstable" ;;
_unstable-i386) CONTAINER="${BASE}/debian:unstable-i386" ;;
_unstable-arm64v8-arm32-gcc) CONTAINER="${BASE}/debian:unstable-arm64v8-arm32-gcc" ;;
_unstable-arm64v8) CONTAINER="${BASE}/debian:unstable-arm64v8" ;;
_unstable-cppcheck) CONTAINER="${BASE}/debian:unstable-cppcheck" ;;
_bionic) CONTAINER="${BASE}/ubuntu:bionic" ;;
_trusty) CONTAINER="${BASE}/ubuntu:trusty" ;;
_xenial) CONTAINER="${BASE}/ubuntu:xenial" ;;
_opensuse-leap|_leap) CONTAINER="${BASE}/suse:opensuse-leap" ;;
_opensuse-tumbleweed|_tumbleweed) CONTAINER="${BASE}/suse:opensuse-tumbleweed" ;;
esac
# Use this variable to control whether root should be used
case "_${CONTAINER_UID0}" in
_1) userarg= ;;
_0|_) userarg="-u $(id -u) $userns_podman" ;;
esac
# Save the commands for future use
cmd=("$@")
# If no command was specified, just drop us into a shell if we're interactive
[ $# -eq 0 ] && tty -s && cmd=("/bin/bash")
# Are we in an interactive terminal?
tty -s && termint=t
#
# Fetch the latest version of the container in hub.docker.com,
# unless it's a newly created local copy.
#
if [[ "_${CONTAINER_NO_PULL}" != "_1" ]]; then
einfo "*** Ensuring ${CONTAINER} is up to date"
${docker_cmd} pull ${CONTAINER} > /dev/null || \
die "Failed to update container"
fi
if hash greadlink > /dev/null 2>&1; then
READLINK=greadlink
elif [[ $(uname -s) == "Darwin" ]]; then
echo "Unable to forward SSH agent without coreutils installed"
unset SSH_AUTH_SOCK
else
READLINK=readlink
fi
# Ensure we've got what we need for SSH_AUTH_SOCK
if [[ -n ${SSH_AUTH_SOCK} ]]; then
fullpath_sock=$(${READLINK} -f ${SSH_AUTH_SOCK} 2> /dev/null)
if [ $? -ne 0 ]; then
echo "Invalid SSH_AUTH_SOCK: ${SSH_AUTH_SOCK}"
unset SSH_AUTH_SOCK
else
SSH_AUTH_DIR=$(dirname ${fullpath_sock})
SSH_AUTH_NAME=$(basename ${fullpath_sock})
fi
fi
# Figure out the base of what we want as our sources
# by using the top of the git repo
if [[ -z ${CONTAINER_PATH} ]]; then
CONTAINER_PATH=$(git rev-parse --show-toplevel)
fi
# Kick off Docker
einfo "*** Launching container ..."
exec ${docker_cmd} run \
${userarg} \
${SSH_AUTH_SOCK:+-e SSH_AUTH_SOCK="/tmp/ssh-agent/${SSH_AUTH_NAME}"} \
-v "${CONTAINER_PATH}":/build:rw${selinux} \
-v "${HOME}/.ssh":/root/.ssh:ro \
${SSH_AUTH_DIR:+-v "${SSH_AUTH_DIR}":/tmp/ssh-agent${selinux}} \
${CONTAINER_ARGS} \
-${termint}i --rm -- \
${CONTAINER} \
"${cmd[@]}"
|
