Mercurial > hg
annotate contrib/packaging/dockerdeb @ 38457:11eda1f1b6e7
packaging: consistently create build user in Dockerfiles
Previously, dockerlib.sh appended some commands to create a
"build" user in each Docker image. The resulting Docker images
could be inconsistent depending on the execution environment
and base image.
With this change, we explicitly create our custom user and
group as the first action in each Dockerfile. The user always
has user:group 1000:1000 and all built images are consistent.
We also create a home directory for the user under /build.
This directory is currently ignored.
As part of this, we stop setting the DBUILDUSER variable in
dockerlib.sh and instead set it in the respective scripts that
call it. This is in preparation for further refactoring of
dockerlib.sh.
Differential Revision: https://phab.mercurial-scm.org/D3758
| author | Gregory Szorc <gregory.szorc@gmail.com> |
|---|---|
| date | Sat, 12 May 2018 15:51:37 -0700 |
| parents | 917f635b5c6a |
| children | e5916f1236f3 |
| rev | line source |
|---|---|
|
24973
4c4d0012db4f
dockerdeb: rules to build a debian package using docker
Augie Fackler <augie@google.com>
parents:
diff
changeset
|
1 #!/bin/bash -eu |
|
4c4d0012db4f
dockerdeb: rules to build a debian package using docker
Augie Fackler <augie@google.com>
parents:
diff
changeset
|
2 |
|
4c4d0012db4f
dockerdeb: rules to build a debian package using docker
Augie Fackler <augie@google.com>
parents:
diff
changeset
|
3 . $(dirname $0)/dockerlib.sh |
|
38005
ea70512b1ad6
packaging: move packagelib.sh into contrib/packaging/
Gregory Szorc <gregory.szorc@gmail.com>
parents:
38004
diff
changeset
|
4 . $(dirname $0)/packagelib.sh |
|
24973
4c4d0012db4f
dockerdeb: rules to build a debian package using docker
Augie Fackler <augie@google.com>
parents:
diff
changeset
|
5 |
|
4c4d0012db4f
dockerdeb: rules to build a debian package using docker
Augie Fackler <augie@google.com>
parents:
diff
changeset
|
6 BUILDDIR=$(dirname $0) |
|
38004
1868db0d1515
packaging: move some docker scripts into contrib/packaging/
Gregory Szorc <gregory.szorc@gmail.com>
parents:
29007
diff
changeset
|
7 export ROOTDIR=$(cd $BUILDDIR/../.. > /dev/null; pwd) |
|
24973
4c4d0012db4f
dockerdeb: rules to build a debian package using docker
Augie Fackler <augie@google.com>
parents:
diff
changeset
|
8 |
|
4c4d0012db4f
dockerdeb: rules to build a debian package using docker
Augie Fackler <augie@google.com>
parents:
diff
changeset
|
9 checkdocker |
|
4c4d0012db4f
dockerdeb: rules to build a debian package using docker
Augie Fackler <augie@google.com>
parents:
diff
changeset
|
10 |
|
27210
9b86d29867a5
builddeb: add --distid option to specify Distributor ID
Anton Shestakov <av6@dwimlabs.net>
parents:
27209
diff
changeset
|
11 DISTID="$1" |
|
9b86d29867a5
builddeb: add --distid option to specify Distributor ID
Anton Shestakov <av6@dwimlabs.net>
parents:
27209
diff
changeset
|
12 CODENAME="$2" |
|
9b86d29867a5
builddeb: add --distid option to specify Distributor ID
Anton Shestakov <av6@dwimlabs.net>
parents:
27209
diff
changeset
|
13 PLATFORM="$1-$2" |
|
29006
be02dfe41ae2
dockerdeb: fix incorrect number of shifts
Sean Farley <sean@farley.io>
parents:
28987
diff
changeset
|
14 shift; shift # extra params are passed to build process |
|
24973
4c4d0012db4f
dockerdeb: rules to build a debian package using docker
Augie Fackler <augie@google.com>
parents:
diff
changeset
|
15 |
|
26148
7f49efcaa9b4
debian: switch to using debhelper and dh_python2 to build debs
Augie Fackler <augie@google.com>
parents:
26108
diff
changeset
|
16 OUTPUTDIR=${OUTPUTDIR:=$ROOTDIR/packages/$PLATFORM} |
|
7f49efcaa9b4
debian: switch to using debhelper and dh_python2 to build debs
Augie Fackler <augie@google.com>
parents:
26108
diff
changeset
|
17 |
|
24973
4c4d0012db4f
dockerdeb: rules to build a debian package using docker
Augie Fackler <augie@google.com>
parents:
diff
changeset
|
18 initcontainer $PLATFORM |
|
4c4d0012db4f
dockerdeb: rules to build a debian package using docker
Augie Fackler <augie@google.com>
parents:
diff
changeset
|
19 |
|
26148
7f49efcaa9b4
debian: switch to using debhelper and dh_python2 to build debs
Augie Fackler <augie@google.com>
parents:
26108
diff
changeset
|
20 # debuild only appears to be able to save built debs etc to .., so we |
|
7f49efcaa9b4
debian: switch to using debhelper and dh_python2 to build debs
Augie Fackler <augie@google.com>
parents:
26108
diff
changeset
|
21 # have to share the .. of the current directory with the docker |
|
7f49efcaa9b4
debian: switch to using debhelper and dh_python2 to build debs
Augie Fackler <augie@google.com>
parents:
26108
diff
changeset
|
22 # container and hope it's writable. Whee. |
|
38013
917f635b5c6a
packaging: make packaging scripts less reliant on pwd
Gregory Szorc <gregory.szorc@gmail.com>
parents:
38006
diff
changeset
|
23 dn=$(basename $ROOTDIR) |
|
24973
4c4d0012db4f
dockerdeb: rules to build a debian package using docker
Augie Fackler <augie@google.com>
parents:
diff
changeset
|
24 |
|
38457
11eda1f1b6e7
packaging: consistently create build user in Dockerfiles
Gregory Szorc <gregory.szorc@gmail.com>
parents:
38013
diff
changeset
|
25 DBUILDUSER=build |
|
11eda1f1b6e7
packaging: consistently create build user in Dockerfiles
Gregory Szorc <gregory.szorc@gmail.com>
parents:
38013
diff
changeset
|
26 |
|
24973
4c4d0012db4f
dockerdeb: rules to build a debian package using docker
Augie Fackler <augie@google.com>
parents:
diff
changeset
|
27 if [ $(uname) = "Darwin" ] ; then |
|
26148
7f49efcaa9b4
debian: switch to using debhelper and dh_python2 to build debs
Augie Fackler <augie@google.com>
parents:
26108
diff
changeset
|
28 $DOCKER run -u $DBUILDUSER --rm -v $PWD/..:/mnt $CONTAINER \ |
|
7f49efcaa9b4
debian: switch to using debhelper and dh_python2 to build debs
Augie Fackler <augie@google.com>
parents:
26108
diff
changeset
|
29 sh -c "cd /mnt/$dn && make clean && make local" |
|
24973
4c4d0012db4f
dockerdeb: rules to build a debian package using docker
Augie Fackler <augie@google.com>
parents:
diff
changeset
|
30 fi |
|
38013
917f635b5c6a
packaging: make packaging scripts less reliant on pwd
Gregory Szorc <gregory.szorc@gmail.com>
parents:
38006
diff
changeset
|
31 $DOCKER run -u $DBUILDUSER --rm -v $ROOTDIR/..:/mnt $CONTAINER \ |
|
38006
64b086f0ebb5
packaging: move builddeb into contrib/packaging/
Gregory Szorc <gregory.szorc@gmail.com>
parents:
38005
diff
changeset
|
32 sh -c "cd /mnt/$dn && DEB_BUILD_OPTIONS='${DEB_BUILD_OPTIONS:=}' contrib/packaging/builddeb --build --distid $DISTID --codename $CODENAME $@" |
|
64b086f0ebb5
packaging: move builddeb into contrib/packaging/
Gregory Szorc <gregory.szorc@gmail.com>
parents:
38005
diff
changeset
|
33 contrib/packaging/builddeb --cleanup --distid $DISTID --codename $CODENAME |
|
24973
4c4d0012db4f
dockerdeb: rules to build a debian package using docker
Augie Fackler <augie@google.com>
parents:
diff
changeset
|
34 if [ $(uname) = "Darwin" ] ; then |
|
26148
7f49efcaa9b4
debian: switch to using debhelper and dh_python2 to build debs
Augie Fackler <augie@google.com>
parents:
26108
diff
changeset
|
35 $DOCKER run -u $DBUILDUSER --rm -v $PWD/..:/mnt $CONTAINER \ |
|
7f49efcaa9b4
debian: switch to using debhelper and dh_python2 to build debs
Augie Fackler <augie@google.com>
parents:
26108
diff
changeset
|
36 sh -c "cd /mnt/$dn && make clean" |
|
24973
4c4d0012db4f
dockerdeb: rules to build a debian package using docker
Augie Fackler <augie@google.com>
parents:
diff
changeset
|
37 fi |