func injectLayers(c *workflow.Context) (err error) {
dir, ok := c.Arguments["tempdir"]
if !ok {
return errors.New("Impossible state")
}
// Inject some vars
output.WriteHeader("Injecting flitter layers to Dockerfile")
dockerfout, err := os.OpenFile(dir+"/Dockerfile", os.O_APPEND|os.O_WRONLY, 0666)
if err != nil {
output.WriteError("Could not inject things to Dockerfile")
return err
}
_, err = dockerfout.Write([]byte("\nENV GIT_SHA " + sha + "\n"))
if err != nil {
output.WriteError("Error: " + err.Error())
return err
}
dockerfout.Write([]byte("ENV BUILTBY " + os.Getenv("USER") + "\n"))
dockerfout.Write([]byte("ENV APPNAME " + os.Getenv("REPO") + "\n"))
dockerfout.Write([]byte("ENV BUILDID " + buildid))
dockerfout.Close()
output.WriteData("done")
return
}
// main is the entry point for cloudchaser, the build sentry.
func main() {
flag.Parse()
app := os.Getenv("REPO")
user := os.Getenv("USER")
client := etcd.NewClient([]string{*etcdmachine})
output.WriteHeader("Checking permission")
output.WriteData("user: "******"app: " + app)
var allowedusers []string
path := constants.ETCD_APPS + app + "/users"
res, err := client.Get(path, false, false)
if err != nil {
output.WriteError("Permissions check failed: " + err.Error())
output.WriteData("Do you have permission to deploy this app?")
os.Exit(1)
}
rawusers := res.Node.Value
err = json.Unmarshal([]byte(rawusers), &allowedusers)
if err != nil {
output.WriteError("Internal json decoding reply in allowed app users parsing")
output.WriteData(err.Error())
return
}
for _, username := range allowedusers {
if strings.ToLower(username) == strings.ToLower(user) {
goto allowed
}
}
output.WriteError("User is not authorized to make builds")
output.WriteData("I think you are " + user)
output.WriteData("Please check the needed permissions and try again later.")
allowed:
output.WriteData("")
output.WriteData("Kicking off build")
output.WriteData("")
os.Exit(0)
}
func deployImage(c *workflow.Context) (err error) {
// Report information about the build
output.WriteHeader("Deploying")
build := &datatypes.Build{
App: os.Getenv("REPO"),
ID: buildid,
Image: image,
User: os.Getenv("USER"),
}
unitSlice := []*unit.UnitOption{
{"Unit", "Description", "Flitter app " + repo + " deploy " + build.ID},
{"Service", "TimeoutStartSec", "30m"},
{"Service", "ExecStartPre", "/usr/bin/docker pull " + build.Image},
{"Service", "ExecStartPre", "-/usr/bin/docker rm -f app-" + repo + "-" + build.ID},
{"Service", "ExecStart", "/bin/sh -c '/usr/bin/docker run -P --name app-" + repo + "-" + build.ID + " --hostname " + repo + " -e HOST=$COREOS_PRIVATE_IPV4 " + build.Image + " '"},
{"Service", "ExecStop", "/usr/bin/docker rm -f app-" + repo + "-" + build.ID},
}
if err := startUnit("app-"+repo, buildid, unitSlice); err != nil {
output.WriteError("Fleet unit start failed: " + err.Error())
output.WriteData("Please verify that fleet is online.")
return err
}
return
}
func tagAndPushImage(c *workflow.Context) (err error) {
// Tag and push to registry
output.WriteHeader("Pushing image " + image + " to registry")
cmd := exec.Command("docker", "push", image)
err = cmd.Run()
if err != nil {
output.WriteError("Error in push: " + err.Error())
stderr, err := cmd.StderrPipe()
if err != nil {
output.WriteData("Cannot get debug information")
return err
}
spew := bufio.NewReader(stderr)
for {
line, _, err := spew.ReadLine()
if err == io.EOF {
return err
}
if err != nil {
output.WriteData(err)
return err
}
output.WriteData(string(line))
}
}
output.WriteData("done")
return
}
func buildImage(c *workflow.Context) (err error) {
dir, ok := c.Arguments["tempdir"]
if !ok {
return errors.New("Impossible state")
}
// Build docker image
image = config.RegistryHost + ":" + config.RegistryPort +
"/" + os.Getenv("USER") + "/" + repo + ":" + sha[:7]
// 192.168.45.117:5000/xena/mpd:1fc8018
output.WriteHeader("Building docker image " + image)
cmd := exec.Command("docker", "build", "-t", image, dir)
cmd.Dir = dir
cmd.Stdout = os.Stdout
cmd.Stderr = os.Stdout
err = cmd.Run()
if err != nil {
output.WriteError(err.Error())
return err
}
return
}
func validateDockerfile(c *workflow.Context) (err error) {
dir, ok := c.Arguments["tempdir"]
if !ok {
return errors.New("Impossible state")
}
// Validate Docker image
output.WriteHeader("Validating Dockerfile")
fin, err := os.Open(dir + "/Dockerfile")
if err != nil {
output.WriteError("Could not validate Dockerfile")
return err
}
exposed := false
scanner := bufio.NewReader(fin)
line, isPrefix, err := scanner.ReadLine()
for err == nil && !isPrefix {
s := string(line)
split := strings.Split(s, " ")
if len(split) == 0 {
continue
}
if strings.ToUpper(split[0]) == "EXPOSE" {
if exposed {
output.WriteData("Multiple ports exposed")
output.WriteData("Please make sure to only expose one port")
output.WriteData("You can and will run into undefined behavior")
output.WriteData("You have been warned")
output.WriteData("")
break
} else {
exposed = true
}
}
line, isPrefix, err = scanner.ReadLine()
}
fin.Close()
output.WriteData("done")
return
}
func checkDockerfile(c *workflow.Context) (err error) {
dir, ok := c.Arguments["tempdir"]
if !ok {
return errors.New("Impossible state")
}
// Find the Dockerfile
if _, err := os.Stat(dir + "/Dockerfile"); os.IsNotExist(err) {
output.WriteError("Need a dockerfile to build!")
output.WriteData("See https://github.com/Xe/flitter/issues/24 for more information")
return err
}
return
}
// main is the entrypoint for the builder
func main() {
flag.Parse()
if len(flag.Args()) < 3 {
*help = true
}
if *help {
fmt.Printf("Usage:\n")
fmt.Printf(" builder [options] <repo> <branch> <sha>\n\n")
flag.Usage()
os.Exit(128)
}
config = NewConfig(*etcdhost)
user = os.Getenv("USER")
repo = flag.Arg(0)
branch = flag.Arg(1)
sha = flag.Arg(2)
buildid = sha[0:8]
output.WriteHeader("Building " + repo + " branch " + branch + " as " + user)
c := workflow.New("builder")
c.Use(
makeTempDir,
extractTarball,
checkDockerfile,
injectLayers,
validateDockerfile,
buildImage,
tagAndPushImage,
deployImage,
successMessage,
)
err := c.Run()
if err != nil {
output.WriteError(err.Error())
log.Fatal(err)
}
}