contrib/dockerrpm
author Mads Kiilerich <madski@unity3d.com>
Fri, 30 May 2014 14:14:33 +0200
changeset 22440 cf7b5c011737
parent 22439 d2a00ced3cce
child 22441 bb9a06d14857
permissions -rwxr-xr-x
dockerrpm: run docker build process as the current user, not as root Docker can be run by ordinary users if they are in the docker group. The build process would however be run as a root user, only protected by the sandboxing. That caused problems with the shared directory where rpmbuild would be picky about building from sources owned by less privileged users and producing files owned by root. Instead, add a build user with the right uid/gid to the image and run the docker process as that user.
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
22438
f5abb231b80a dockerrpm: check that docker is running correctly before building
Mads Kiilerich <madski@unity3d.com>
parents: 21642
diff changeset
     1
#!/bin/bash -e
21255
62a2749895e4 build: initial support for in-tree autobuilding recipes
Matt Mackall <mpm@selenic.com>
parents:
diff changeset
     2
62a2749895e4 build: initial support for in-tree autobuilding recipes
Matt Mackall <mpm@selenic.com>
parents:
diff changeset
     3
BUILDDIR=$(dirname $0)
62a2749895e4 build: initial support for in-tree autobuilding recipes
Matt Mackall <mpm@selenic.com>
parents:
diff changeset
     4
ROOTDIR=$(cd $BUILDDIR/..; pwd)
62a2749895e4 build: initial support for in-tree autobuilding recipes
Matt Mackall <mpm@selenic.com>
parents:
diff changeset
     5
22438
f5abb231b80a dockerrpm: check that docker is running correctly before building
Mads Kiilerich <madski@unity3d.com>
parents: 21642
diff changeset
     6
if which docker.io >> /dev/null 2>&1 ; then
21642
76a347bcdb33 docker: check for docker.io first
Matt Mackall <mpm@selenic.com>
parents: 21561
diff changeset
     7
  DOCKER=docker.io
22438
f5abb231b80a dockerrpm: check that docker is running correctly before building
Mads Kiilerich <madski@unity3d.com>
parents: 21642
diff changeset
     8
elif which docker >> /dev/null 2>&1 ; then
21255
62a2749895e4 build: initial support for in-tree autobuilding recipes
Matt Mackall <mpm@selenic.com>
parents:
diff changeset
     9
  DOCKER=docker
22438
f5abb231b80a dockerrpm: check that docker is running correctly before building
Mads Kiilerich <madski@unity3d.com>
parents: 21642
diff changeset
    10
else
f5abb231b80a dockerrpm: check that docker is running correctly before building
Mads Kiilerich <madski@unity3d.com>
parents: 21642
diff changeset
    11
  echo "Error: docker must be installed"
f5abb231b80a dockerrpm: check that docker is running correctly before building
Mads Kiilerich <madski@unity3d.com>
parents: 21642
diff changeset
    12
  exit 1
21255
62a2749895e4 build: initial support for in-tree autobuilding recipes
Matt Mackall <mpm@selenic.com>
parents:
diff changeset
    13
fi
62a2749895e4 build: initial support for in-tree autobuilding recipes
Matt Mackall <mpm@selenic.com>
parents:
diff changeset
    14
22438
f5abb231b80a dockerrpm: check that docker is running correctly before building
Mads Kiilerich <madski@unity3d.com>
parents: 21642
diff changeset
    15
$DOCKER -h 2> /dev/null | grep -q Jansens && { echo "Error: $DOCKER is the Docking System Tray - install docker.io instead"; exit 1; }
f5abb231b80a dockerrpm: check that docker is running correctly before building
Mads Kiilerich <madski@unity3d.com>
parents: 21642
diff changeset
    16
$DOCKER version | grep -q "^Client version:" || { echo "Error: unexpected output from \"$DOCKER version\""; exit 1; }
f5abb231b80a dockerrpm: check that docker is running correctly before building
Mads Kiilerich <madski@unity3d.com>
parents: 21642
diff changeset
    17
$DOCKER version | grep -q "^Server version:" || { echo "Error: could not get docker server version - check it is running and your permissions"; exit 1; }
f5abb231b80a dockerrpm: check that docker is running correctly before building
Mads Kiilerich <madski@unity3d.com>
parents: 21642
diff changeset
    18
22439
d2a00ced3cce dockerrpm: better handling of specification of docker name
Mads Kiilerich <madski@unity3d.com>
parents: 22438
diff changeset
    19
PLATFORM="$1"
d2a00ced3cce dockerrpm: better handling of specification of docker name
Mads Kiilerich <madski@unity3d.com>
parents: 22438
diff changeset
    20
[ "$PLATFORM" ] || { echo "Error: platform name must be specified"; exit 1; }
d2a00ced3cce dockerrpm: better handling of specification of docker name
Mads Kiilerich <madski@unity3d.com>
parents: 22438
diff changeset
    21
d2a00ced3cce dockerrpm: better handling of specification of docker name
Mads Kiilerich <madski@unity3d.com>
parents: 22438
diff changeset
    22
DFILE="$ROOTDIR/contrib/docker/$PLATFORM"
d2a00ced3cce dockerrpm: better handling of specification of docker name
Mads Kiilerich <madski@unity3d.com>
parents: 22438
diff changeset
    23
[ -f "$DFILE" ] || { echo "Error: docker file $DFILE not found"; exit 1; }
d2a00ced3cce dockerrpm: better handling of specification of docker name
Mads Kiilerich <madski@unity3d.com>
parents: 22438
diff changeset
    24
d2a00ced3cce dockerrpm: better handling of specification of docker name
Mads Kiilerich <madski@unity3d.com>
parents: 22438
diff changeset
    25
CONTAINER="hg-dockerrpm-$PLATFORM"
d2a00ced3cce dockerrpm: better handling of specification of docker name
Mads Kiilerich <madski@unity3d.com>
parents: 22438
diff changeset
    26
22440
cf7b5c011737 dockerrpm: run docker build process as the current user, not as root
Mads Kiilerich <madski@unity3d.com>
parents: 22439
diff changeset
    27
DBUILDUSER=build
cf7b5c011737 dockerrpm: run docker build process as the current user, not as root
Mads Kiilerich <madski@unity3d.com>
parents: 22439
diff changeset
    28
(
cf7b5c011737 dockerrpm: run docker build process as the current user, not as root
Mads Kiilerich <madski@unity3d.com>
parents: 22439
diff changeset
    29
cat $DFILE
cf7b5c011737 dockerrpm: run docker build process as the current user, not as root
Mads Kiilerich <madski@unity3d.com>
parents: 22439
diff changeset
    30
echo RUN groupadd $DBUILDUSER -g `id -g`
cf7b5c011737 dockerrpm: run docker build process as the current user, not as root
Mads Kiilerich <madski@unity3d.com>
parents: 22439
diff changeset
    31
echo RUN useradd $DBUILDUSER -u `id -u` -g $DBUILDUSER
cf7b5c011737 dockerrpm: run docker build process as the current user, not as root
Mads Kiilerich <madski@unity3d.com>
parents: 22439
diff changeset
    32
) | $DOCKER build --tag $CONTAINER -
cf7b5c011737 dockerrpm: run docker build process as the current user, not as root
Mads Kiilerich <madski@unity3d.com>
parents: 22439
diff changeset
    33
cf7b5c011737 dockerrpm: run docker build process as the current user, not as root
Mads Kiilerich <madski@unity3d.com>
parents: 22439
diff changeset
    34
$DOCKER run -u $DBUILDUSER --rm -v $ROOTDIR:/hg $CONTAINER bash -c \
22439
d2a00ced3cce dockerrpm: better handling of specification of docker name
Mads Kiilerich <madski@unity3d.com>
parents: 22438
diff changeset
    35
    "cp -a hg hg-build; cd hg-build; make clean local $PLATFORM; cp packages/$PLATFORM/* /hg/packages/$PLATFORM/"