Merge changes Ia9d66420,I65a9f6d5

* changes: tcwg-dev: Simplify script names tcwg-dev: Make start.sh friendly to run on unconfigured machine
author: Maxim Kuvyrkov <maxim.kuvyrkov@linaro.org> 2018-04-27 10:14:51 +0000
committer: Linaro Code Review <review@review.linaro.org> 2018-04-27 10:14:51 +0000
commit: a9502397dec9fdf8c3e0b416e61f846fdd49ed9f (patch)
tree: 1fc576aa1e4999f979bcca5d0da8dfdaf043eed2
parent: 5e8ab00127d8cc5df5125109e02e20c25f1418cd (diff)
parent: 69047c494893300b303bb17fe1047a31d45f50b0 (diff)
4 files changed, 121 insertions, 48 deletions
diff --git a/tcwg-base/tcwg-dev/build.sh b/tcwg-base/tcwg-dev/build.sh
index 8729547c..9d0e9f87 100755
--- a/tcwg-base/tcwg-dev/build.sh
+++ b/tcwg-base/tcwg-dev/build.sh
@@ -16,11 +16,7 @@ name=$(basename ${PWD} | cut -f3- -d '-')
 image=linaro/ci-${arch}-${name}-ubuntu:${distro}
 top=$(git rev-parse --show-toplevel)
 
-cat $top/tcwg-base/tcwg-dev/start.sh.tmpl \
-    | sed -e "s#@IMAGE@#$image#g" \
-	  -e "s#@DISTRO@#$distro#g" > start.sh
-chmod +x start.sh
-cp $top/tcwg-base/tcwg-dev/run.sh.tmpl run.sh
+cp $top/tcwg-base/$name/start.sh $top/tcwg-base/$name/run.sh ./
 
 (cd ..; ./build.sh)
 "$top"/tcwg-base/validate-dockerfile.sh Dockerfile
diff --git a/tcwg-base/tcwg-dev/run.sh.tmpl b/tcwg-base/tcwg-dev/run.sh
index 53bc630f..8029a32f 100755
--- a/tcwg-base/tcwg-dev/run.sh.tmpl
+++ b/tcwg-base/tcwg-dev/run.sh
@@ -2,7 +2,7 @@
 
 set -e
 
-if [ x"$@" = x"start.sh" ]; then
+if [ x"$1" = x"start.sh" ]; then
     cat /start.sh
     exit 0
 fi
diff --git a/tcwg-base/tcwg-dev/start.sh b/tcwg-base/tcwg-dev/start.sh
new file mode 100755
index 00000000..e36c8516
--- /dev/null
+++ b/tcwg-base/tcwg-dev/start.sh
@@ -0,0 +1,119 @@
+#!/bin/bash
+
+set -e
+
+usage ()
+{
+    cat <<EOF
+$0 [OPTIONS] -- IMAGE
+
+Options:
+  --getent DATA
+	User data from "getent passwd"
+
+  --group NAME
+	Primary group name
+
+  --name CONTAINER_NAME
+	Name of the container
+
+  --pubkey KEY
+	SSH public key to install inside container
+
+  --user USER
+	Username to create inside the container
+
+  --verbose true/false
+	Whether to run in verbose mode
+EOF
+    exit 1
+}
+
+getent="default"
+group="default"
+name="default"
+pubkey="ldap"
+user="$USER"
+verbose=false
+
+while [ $# -gt 0 ]; do
+    case $1 in
+	--getent) getent="$2"; shift ;;
+	--group) group="$2"; shift ;;
+	--name) name="$2"; shift ;;
+	--pubkey) pubkey="$2"; shift ;;
+	--user) user="$2"; shift ;;
+	--verbose) verbose="$2"; shift ;;
+	--) shift; break ;;
+	*) echo "ERROR: Wrong option: $1"; usage ;;
+    esac
+    shift
+done
+
+image="$1"
+
+if $verbose; then
+    set -x
+fi
+
+if groups tcwg-buildslave 2>/dev/null | grep -q docker; then
+    # If tcwg-buildslave user is present, use it to start the container
+    # to have [sudo] log record of container startups.
+    DOCKER="sudo -u tcwg-buildslave docker"
+elif [ x"$(id -u)" = x"0" ] || groups 2>/dev/null | grep -q docker; then
+    # Run docker straight up if $USER is root or in "docker" group.
+    DOCKER="docker"
+else
+    # Fallback to sudo otherwise.
+    DOCKER="sudo docker"
+fi
+
+if [ x"$name" = x"default" ]; then
+    name="$user-$(echo "$image" | tr "/:" "_")"
+fi
+
+mounts=""
+if [ -d "/home/$user" ]; then
+    # Bind-mount $HOME
+    mounts="$mounts -v /home/$user:/home/$user"
+else
+    # Create/re-use docker volume and mount it as user's home
+    mounts="$mounts -v home-$user:/home"
+fi
+
+if [ -d "/home/tcwg-buildslave" ]; then
+    # Bind-mount /home/tcwg-buildslave read-only to get access to
+    # /home/tcwg-buildslave/snapshots-ref/
+    mounts="$mounts -v /home/tcwg-buildslave:/home/tcwg-buildslave:ro"
+fi
+
+# Use at most half of all available RAM.
+memlimit=$(($(free -g | awk '/^Mem/ { print $2 }') / 2))G
+# IPC_LOCK is required for some implementations of ssh-agent (e.g., MATE's).
+# SYS_PTRACE is required for debugger work.
+caps="--cap-add=IPC_LOCK --cap-add=SYS_PTRACE"
+
+if [ x"$getent" = x"default" ]; then
+    getent=$(getent passwd $user)
+fi
+
+if [ x"$group" = x"default" ]; then
+    group=$(id -gn $user)
+fi
+
+if [ x"$pubkey" = x"ldap" ]; then
+    # Fetch ssh public key from LDAP.
+    pubkey=$(/etc/ssh/ssh_keys.py $user 2>/dev/null || sss_ssh_authorizedkeys $user 2>/dev/null)
+fi
+
+$DOCKER run --name=$name -dt -p 22 $mounts --memory=$memlimit --pids-limit=5000 $caps $image "$getent" "$group" "$pubkey"
+
+port=$($DOCKER port $name 22 | cut -d: -f 2)
+
+set +x
+echo "NOTE: the warning about kernel not supporting swap memory limit is expected"
+echo "To connect to container run \"ssh -p $port localhost\""
+echo "To stop container run \"docker stop $name\""
+echo "To restart container run \"docker start $name\""
+echo "To remove container run \"docker rm -fv $name\""
+echo "See https://collaborate.linaro.org/display/TCWG/How+to+setup+personal+dev+environment+using+docker for additional info"
diff --git a/tcwg-base/tcwg-dev/start.sh.tmpl b/tcwg-base/tcwg-dev/start.sh.tmpl
deleted file mode 100755
index 9a3b3956..00000000
--- a/tcwg-base/tcwg-dev/start.sh.tmpl
+++ /dev/null
@@ -1,42 +0,0 @@
-#!/bin/bash
-
-set -e
-set -x
-
-if groups tcwg-buildslave 2>/dev/null | grep -q docker; then
-    # If tcwg-buildslave user is present, use it to start the container
-    # to have [sudo] log record of container startups.
-    DOCKER="sudo -u tcwg-buildslave docker"
-elif groups 2>/dev/null | grep -q docker; then
-    # Run docker straight up if $USER is in "docker" group.
-    DOCKER="docker"
-else
-    # Fallback to sudo otherwise.
-    DOCKER="sudo docker"
-fi
-
-image=@IMAGE@
-name=$USER-@DISTRO@
-# Bind-mount $HOME and /home/tcwg-buildslave (to get access to
-# /home/tcwg-buildslave/snapshots-ref/)
-mounts="-v $HOME:$HOME -v /home/tcwg-buildslave:/home/tcwg-buildslave:ro"
-# Use at most half of all available RAM.
-memlimit=$(($(free -g | awk '/^Mem/ { print $2 }') / 2))G
-# IPC_LOCK is required for some implementations of ssh-agent (e.g., MATE's).
-# SYS_PTRACE is required for debugger work.
-caps="--cap-add=IPC_LOCK --cap-add=SYS_PTRACE"
-# Fetch ssh public key from LDAP.
-pubkey="$(/etc/ssh/ssh_keys.py $USER 2>/dev/null || sss_ssh_authorizedkeys $USER 2>/dev/null)"
-
-$DOCKER pull $image
-$DOCKER run --name=$name -dt -p 22 $mounts --memory=$memlimit --pids-limit=5000 $caps $image "$(getent passwd $USER)" "$(id -gn)" "$pubkey"
-
-port=$($DOCKER port $name 22 | cut -d: -f 2)
-
-set +x
-echo "NOTE: the warning about kernel not supporting swap memory limit is expected"
-echo "To connect to container run \"ssh -p $port localhost\""
-echo "To stop container run \"docker stop $name\""
-echo "To restart container run \"docker start $name\""
-echo "To remove container run \"docker rm -fv $name\""
-echo "See https://collaborate.linaro.org/display/TCWG/How+to+setup+personal+dev+environment+using+docker for additional info"
author	Maxim Kuvyrkov <maxim.kuvyrkov@linaro.org>	2018-04-27 10:14:51 +0000
committer	Linaro Code Review <review@review.linaro.org>	2018-04-27 10:14:51 +0000
commit	a9502397dec9fdf8c3e0b416e61f846fdd49ed9f (patch)
tree	1fc576aa1e4999f979bcca5d0da8dfdaf043eed2
parent	5e8ab00127d8cc5df5125109e02e20c25f1418cd (diff)
parent	69047c494893300b303bb17fe1047a31d45f50b0 (diff)