• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1# Copyright 2019 Google LLC
2#
3# Use of this source code is governed by a BSD-style license that can be
4# found in the LICENSE file.
5
6
7import posixpath
8from recipe_engine import recipe_api
9
10
11MOUNT_SRC = '/SRC'
12MOUNT_OUT = '/OUT'
13
14
15class DockerApi(recipe_api.RecipeApi):
16  def _chmod(self, filepath, mode, recursive=False):
17    cmd = ['chmod']
18    if recursive:
19      cmd.append('-R')
20    cmd.extend([mode, filepath])
21    name = ' '.join([str(elem) for elem in cmd])
22    self.m.step(name, cmd=cmd, infra_step=True)
23
24  def mount_src(self):
25    return MOUNT_SRC
26
27  def mount_out(self):
28    return MOUNT_OUT
29
30  # Unless match_directory_structure ==True, src_dir must be
31  # self.m.path['start_dir'] for the script to be located correctly.
32  def run(self, name, docker_image, src_dir, out_dir, script, args=None, docker_args=None, copies=None, recursive_read=None, attempts=1, match_directory_structure=False):
33    # Setup. Docker runs as a different user, so we need to give it access to
34    # read, write, and execute certain files.
35    with self.m.step.nest('Docker setup'):
36      step_stdout = self.m.python.inline(
37          name='Get uid and gid',
38          program='''import os
39print '%d:%d' % (os.getuid(), os.getgid())
40''',
41          stdout=self.m.raw_io.output(),
42          step_test_data=(
43              lambda: self.m.raw_io.test_api.stream_output('13:17'))).stdout
44      uid_gid_pair = step_stdout.rstrip() if step_stdout else ''
45      # Make sure out_dir exists, otherwise mounting will fail.
46      # (Note that the docker --mount option, unlike the --volume option, does
47      # not create this dir as root if it doesn't exist.)
48      self.m.file.ensure_directory('mkdirs out_dir', out_dir, mode=0o777)
49      # ensure_directory won't change the permissions if the dir already exists,
50      # so we need to do that explicitly.
51      self._chmod(out_dir, '777')
52
53      # chmod the src_dir, but not recursively; Swarming writes some files which
54      # we can't access, so "chmod -R" will fail if this is the root workdir.
55      self._chmod(src_dir, '755')
56
57      # Need to make the script executable, or Docker can't run it.
58      self._chmod(script, '0755')
59
60      # Copy any requested files.
61      if copies:
62        for src, dest in copies.iteritems():
63          dirname = self.m.path.dirname(dest)
64          self.m.file.ensure_directory(
65              'mkdirs %s' % dirname, dirname, mode=0o777)
66          self.m.file.copy('cp %s %s' % (src, dest), src, dest)
67          self._chmod(dest, '644')
68
69      # Recursive chmod any requested directories.
70      if recursive_read:
71        for elem in recursive_read:
72          self._chmod(elem, 'a+r', recursive=True)
73
74    # Run.
75    cmd = [
76      'docker', 'run', '--shm-size=2gb', '--rm', '--user', uid_gid_pair,
77      '--mount', 'type=bind,source=%s,target=%s' %
78                 (src_dir, src_dir if match_directory_structure else MOUNT_SRC),
79      '--mount', 'type=bind,source=%s,target=%s' %
80                 (out_dir, out_dir if match_directory_structure else MOUNT_OUT),
81    ]
82    if docker_args:
83      cmd.extend(docker_args)
84    if not match_directory_structure:
85      # This only works when src_dir == self.m.path['start_dir'] but that's our
86      # only use case for now.
87      script = MOUNT_SRC + '/' + posixpath.relpath(str(script), str(self.m.path['start_dir']))
88    cmd.extend([docker_image, script])
89    if args:
90      cmd.extend(args)
91
92    env = {'DOCKER_CONFIG': '/home/chrome-bot/.docker'}
93    with self.m.env(env):
94      self.m.run.with_retry(self.m.step, name, attempts, cmd=cmd)
95