Mercurial > hg
view contrib/dockerdeb @ 30832:da5fa0f13a41
ui: introduce an experimental dict of exportable environment variables
Care needs to be taken to prevent leaking potentially sensitive environment
variables through hgweb, if template support for environment variables is to be
introduced. There are a few ideas about the API for preventing accidental
leaking [1]. Option 3 seems best from the POV of not needing to configure
anything in the normal case. I couldn't figure out how to do that, so guard it
with an experimental option for now.
[1] https://www.mercurial-scm.org/pipermail/mercurial-devel/2017-January/092383.html
author | Matt Harbison <matt_harbison@yahoo.com> |
---|---|
date | Tue, 17 Jan 2017 23:05:12 -0500 |
parents | 78074575df2e |
children |
line wrap: on
line source
#!/bin/bash -eu . $(dirname $0)/dockerlib.sh . $(dirname $0)/packagelib.sh BUILDDIR=$(dirname $0) export ROOTDIR=$(cd $BUILDDIR/.. > /dev/null; pwd) checkdocker DISTID="$1" CODENAME="$2" PLATFORM="$1-$2" shift; shift # extra params are passed to build process OUTPUTDIR=${OUTPUTDIR:=$ROOTDIR/packages/$PLATFORM} initcontainer $PLATFORM # debuild only appears to be able to save built debs etc to .., so we # have to share the .. of the current directory with the docker # container and hope it's writable. Whee. dn=$(basename $PWD) if [ $(uname) = "Darwin" ] ; then $DOCKER run -u $DBUILDUSER --rm -v $PWD/..:/mnt $CONTAINER \ sh -c "cd /mnt/$dn && make clean && make local" fi $DOCKER run -u $DBUILDUSER --rm -v $PWD/..:/mnt $CONTAINER \ sh -c "cd /mnt/$dn && DEB_BUILD_OPTIONS='${DEB_BUILD_OPTIONS:=}' contrib/builddeb --build --distid $DISTID --codename $CODENAME $@" contrib/builddeb --cleanup --distid $DISTID --codename $CODENAME if [ $(uname) = "Darwin" ] ; then $DOCKER run -u $DBUILDUSER --rm -v $PWD/..:/mnt $CONTAINER \ sh -c "cd /mnt/$dn && make clean" fi