1#!/bin/bash 2# Copyright 2023 Google LLC 3# 4# Licensed under the Apache License, Version 2.0 (the "License"); 5# you may not use this file except in compliance with the License. 6# You may obtain a copy of the License at 7# 8# http://www.apache.org/licenses/LICENSE-2.0 9# 10# Unless required by applicable law or agreed to in writing, software 11# distributed under the License is distributed on an "AS IS" BASIS, 12# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13# See the License for the specific language governing permissions and 14# limitations under the License. 15################################################################################ 16 17# Utility script to optionally run a command optionally in a new container. 18# 19# This script must be run from inside the Tink library to run the command for. 20# 21# NOTE: When running in a new container, this sctips mounts the parent folder of 22# `pwd`. Other dependencies, if any, are assumed to be located there. For 23# example, if running tink-py tests, this script assumes: 24# - pwd => /path/to/parent/tink-py 25# - mount path => /path/to/parent 26# - ls /path/to/parent => tink_cc tink_py. 27 28set -eo pipefail 29 30usage() { 31 cat <<EOF 32Usage: $0 [-c <container image>] [-k <service key file path>] <command> 33 -c: [Optional] Container image to run the command on. 34 -k: [Optional] Service key file path for pulling the image from the Google Artifact Registry (https://cloud.google.com/artifact-registry). 35 -e: [Optional] File containing a list of environment variables to pass to Docker using --env-file (see https://docs.docker.com/engine/reference/commandline/run/#env). 36 -h: Help. Print this usage information. 37EOF 38 exit 1 39} 40 41# Args. 42COMMAND= 43 44# Options. 45CONTAINER_IMAGE_NAME= 46GCR_SERVICE_KEY_PATH= 47DOCKER_ENV_FILE= 48 49####################################### 50# Process command line arguments. 51####################################### 52process_args() { 53 # Parse options. 54 while getopts "hc:k:e:" opt; do 55 case "${opt}" in 56 c) CONTAINER_IMAGE_NAME="${OPTARG}" ;; 57 k) GCR_SERVICE_KEY_PATH="${OPTARG}" ;; 58 e) DOCKER_ENV_FILE="${OPTARG}" ;; 59 *) usage ;; 60 esac 61 done 62 shift $((OPTIND - 1)) 63 readonly CONTAINER_IMAGE_NAME 64 readonly GCR_SERVICE_KEY_PATH 65 readonly DOCKER_ENV_FILE 66 readonly COMMAND=("$@") 67} 68 69main() { 70 process_args "$@" 71 72 if [[ -z "${CONTAINER_IMAGE_NAME:-}" ]]; then 73 echo "Running command on the host" 74 time "${COMMAND[@]}" 75 else 76 echo "Running command on a new container from image ${CONTAINER_IMAGE_NAME}" 77 if [[ ! -z "${GCR_SERVICE_KEY_PATH:-}" ]]; then 78 # Activate service account to read from a private artifact registry repo. 79 gcloud auth activate-service-account --key-file="${GCR_SERVICE_KEY_PATH}" 80 gcloud config set project tink-test-infrastructure 81 gcloud auth configure-docker us-docker.pkg.dev --quiet 82 fi 83 local -r path_to_mount="$(dirname "$(pwd)")" 84 local -r library_to_test="$(basename "$(pwd)")" 85 time docker pull "${CONTAINER_IMAGE_NAME}" 86 87 local docker_opts=( 88 --network="host" 89 --mount type=bind,src="${path_to_mount}",dst=/deps 90 --workdir=/deps/"${library_to_test}" 91 --rm 92 ) 93 if [[ -n "${DOCKER_ENV_FILE}" ]]; then 94 docker_opts+=( --env-file="${DOCKER_ENV_FILE}" ) 95 fi 96 readonly docker_opts 97 time docker run "${docker_opts[@]}" "${CONTAINER_IMAGE_NAME}" \ 98 bash -c "$(echo "${COMMAND[@]}")" 99 fi 100} 101 102main "$@" 103