summaryrefslogtreecommitdiff
path: root/automation/scripts/containerize
blob: 5476ff0ea10d9a1b5beb9d7b77d13f95ffcb4678 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
#!/bin/bash

#
# DOCKER_CMD should be either `docker` or `podman`.
#
# if using (rootless) podman, remember to set /etc/subuid
# and /etc/subgid.
#
docker_cmd=${DOCKER_CMD:-"docker"}
[ "$DOCKER_CMD" = "podman" ] && userns_podman="--userns=keep-id" selinux=",z"

einfo() {
    echo "$*" >&2
}

die() {
    echo "$*" >&2
    exit 1
}

#
# The caller is expected to override the CONTAINER environment
# variable with the container they wish to launch.
#
BASE="registry.gitlab.com/xen-project/xen"
case "_${CONTAINER}" in
    _alpine) CONTAINER="${BASE}/alpine:3.12" ;;
    _alpine-arm64v8) CONTAINER="${BASE}/alpine:3.12-arm64v8" ;;
    _archlinux|_arch) CONTAINER="${BASE}/archlinux:current" ;;
    _riscv64) CONTAINER="${BASE}/archlinux:current-riscv64" ;;
    _centos7) CONTAINER="${BASE}/centos:7" ;;
    _fedora) CONTAINER="${BASE}/fedora:29";;
    _focal) CONTAINER="${BASE}/ubuntu:focal" ;;
    _jessie) CONTAINER="${BASE}/debian:jessie" ;;
    _jessie-i386) CONTAINER="${BASE}/debian:jessie-i386" ;;
    _stretch|_) CONTAINER="${BASE}/debian:stretch" ;;
    _stretch-i386) CONTAINER="${BASE}/debian:stretch-i386" ;;
    _buster-gcc-ibt) CONTAINER="${BASE}/debian:buster-gcc-ibt" ;;
    _unstable|_) CONTAINER="${BASE}/debian:unstable" ;;
    _unstable-i386) CONTAINER="${BASE}/debian:unstable-i386" ;;
    _unstable-arm64v8-arm32-gcc) CONTAINER="${BASE}/debian:unstable-arm64v8-arm32-gcc" ;;
    _unstable-arm64v8) CONTAINER="${BASE}/debian:unstable-arm64v8" ;;
    _unstable-cppcheck) CONTAINER="${BASE}/debian:unstable-cppcheck" ;;
    _bionic) CONTAINER="${BASE}/ubuntu:bionic" ;;
    _trusty) CONTAINER="${BASE}/ubuntu:trusty" ;;
    _xenial) CONTAINER="${BASE}/ubuntu:xenial" ;;
    _opensuse-leap|_leap) CONTAINER="${BASE}/suse:opensuse-leap" ;;
    _opensuse-tumbleweed|_tumbleweed) CONTAINER="${BASE}/suse:opensuse-tumbleweed" ;;
esac

# Use this variable to control whether root should be used
case "_${CONTAINER_UID0}" in
    _1)   userarg= ;;
    _0|_) userarg="-u $(id -u) $userns_podman" ;;
esac

# Save the commands for future use
cmd=("$@")

# If no command was specified, just drop us into a shell if we're interactive
[ $# -eq 0 ] && tty -s && cmd=("/bin/bash")

# Are we in an interactive terminal?
tty -s && termint=t

#
# Fetch the latest version of the container in hub.docker.com,
# unless it's a newly created local copy.
#
if [[ "_${CONTAINER_NO_PULL}" != "_1" ]]; then
    einfo "*** Ensuring ${CONTAINER} is up to date"
    ${docker_cmd} pull ${CONTAINER} > /dev/null ||     \
        die "Failed to update container"
fi

if hash greadlink > /dev/null 2>&1; then
    READLINK=greadlink
elif [[ $(uname -s) == "Darwin" ]]; then
    echo "Unable to forward SSH agent without coreutils installed"
    unset SSH_AUTH_SOCK
else
    READLINK=readlink
fi

# Ensure we've got what we need for SSH_AUTH_SOCK
if [[ -n ${SSH_AUTH_SOCK} ]]; then
    fullpath_sock=$(${READLINK} -f ${SSH_AUTH_SOCK} 2> /dev/null)
    if [ $? -ne 0 ]; then
        echo "Invalid SSH_AUTH_SOCK: ${SSH_AUTH_SOCK}"
        unset SSH_AUTH_SOCK
    else
        SSH_AUTH_DIR=$(dirname ${fullpath_sock})
        SSH_AUTH_NAME=$(basename ${fullpath_sock})
    fi
fi

# Figure out the base of what we want as our sources
# by using the top of the git repo
if [[ -z ${CONTAINER_PATH} ]]; then
    CONTAINER_PATH=$(git rev-parse --show-toplevel)
fi

# Kick off Docker
einfo "*** Launching container ..."
exec ${docker_cmd} run \
    ${userarg} \
    ${SSH_AUTH_SOCK:+-e SSH_AUTH_SOCK="/tmp/ssh-agent/${SSH_AUTH_NAME}"} \
    -v "${CONTAINER_PATH}":/build:rw${selinux} \
    -v "${HOME}/.ssh":/root/.ssh:ro \
    ${SSH_AUTH_DIR:+-v "${SSH_AUTH_DIR}":/tmp/ssh-agent${selinux}} \
    ${CONTAINER_ARGS} \
    -${termint}i --rm -- \
    ${CONTAINER} \
    "${cmd[@]}"