// RunContainer runs a fake Docker container
func (f *FakeDocker) RunContainer(opts docker.RunContainerOptions) error {
f.RunContainerOpts = opts
if f.RunContainerErrorBeforeStart {
return f.RunContainerError
}
if opts.OnStart != nil {
if err := opts.OnStart(); err != nil {
return err
}
}
if opts.PostExec != nil {
opts.PostExec.PostExecute(f.RunContainerContainerID, string(opts.Command))
}
return f.RunContainerError
}
// Execute runs the specified STI script in the builder image.
func (b *STI) Execute(command string, user string, config *api.Config) error {
glog.V(2).Infof("Using image name %s", config.BuilderImage)
env, err := scripts.GetEnvironment(config)
if err != nil {
glog.V(1).Infof("No user environment provided (%v)", err)
}
buildEnv := append(scripts.ConvertEnvironment(env), b.generateConfigEnv()...)
errOutput := ""
outReader, outWriter := io.Pipe()
errReader, errWriter := io.Pipe()
defer outReader.Close()
defer outWriter.Close()
defer errReader.Close()
defer errWriter.Close()
externalScripts := b.externalScripts[command]
// if LayeredBuild is called then all the scripts will be placed inside the image
if config.LayeredBuild {
externalScripts = false
}
opts := dockerpkg.RunContainerOptions{
Image: config.BuilderImage,
Stdout: outWriter,
Stderr: errWriter,
// The PullImage is false because the PullImage function should be called
// before we run the container
PullImage: false,
ExternalScripts: externalScripts,
ScriptsURL: config.ScriptsURL,
Destination: config.Destination,
Command: command,
Env: buildEnv,
User: user,
PostExec: b.postExecutor,
NetworkMode: string(config.DockerNetworkMode),
CGroupLimits: config.CGroupLimits,
CapDrop: config.DropCapabilities,
}
// If there are injections specified, override the original assemble script
// and wait till all injections are uploaded into the container that runs the
// assemble script.
injectionComplete := make(chan struct{})
var injectionError error
if len(config.Injections) > 0 && command == api.Assemble {
workdir, err := b.docker.GetImageWorkdir(config.BuilderImage)
if err != nil {
return err
}
util.FixInjectionsWithRelativePath(workdir, &config.Injections)
injectedFiles, err := util.ExpandInjectedFiles(config.Injections)
if err != nil {
return err
}
rmScript, err := util.CreateInjectedFilesRemovalScript(injectedFiles, "/tmp/rm-injections")
if err != nil {
return err
}
defer os.Remove(rmScript)
opts.CommandOverrides = func(cmd string) string {
return fmt.Sprintf("while [ ! -f %q ]; do sleep 0.5; done; %s; result=$?; source %[1]s; exit $result",
"/tmp/rm-injections", cmd)
}
originalOnStart := opts.OnStart
opts.OnStart = func(containerID string) error {
defer close(injectionComplete)
if err != nil {
injectionError = err
return err
}
glog.V(2).Info("starting the injections uploading ...")
for _, s := range config.Injections {
if err := b.docker.UploadToContainer(s.SourcePath, s.DestinationDir, containerID); err != nil {
injectionError = util.HandleInjectionError(s, err)
return err
}
}
if err := b.docker.UploadToContainer(rmScript, "/tmp/rm-injections", containerID); err != nil {
injectionError = util.HandleInjectionError(api.InjectPath{SourcePath: rmScript, DestinationDir: "/tmp/rm-injections"}, err)
return err
}
if originalOnStart != nil {
return originalOnStart(containerID)
}
return nil
}
} else {
close(injectionComplete)
}
wg := sync.WaitGroup{}
if !config.LayeredBuild {
wg.Add(1)
uploadDir := filepath.Join(config.WorkingDir, "upload")
// TODO: be able to pass a stream directly to the Docker build to avoid the double temp hit
r, w := io.Pipe()
go func() {
// Wait for the injections to complete and check the error. Do not start
// streaming the sources when the injection failed.
<-injectionComplete
if injectionError != nil {
wg.Done()
return
}
glog.V(2).Info("starting the source uploading ...")
var err error
defer func() {
w.CloseWithError(err)
if r := recover(); r != nil {
glog.Errorf("recovered panic: %#v", r)
}
wg.Done()
}()
err = b.tar.CreateTarStream(uploadDir, false, w)
}()
opts.Stdin = r
defer wg.Wait()
}
go func(reader io.Reader) {
scanner := bufio.NewReader(reader)
for {
text, err := scanner.ReadString('\n')
if err != nil {
// we're ignoring ErrClosedPipe, as this is information
// the docker container ended streaming logs
if glog.V(2) && err != io.ErrClosedPipe {
glog.Errorf("Error reading docker stdout, %v", err)
}
break
}
// Nothing is printed when the quiet option is set
if config.Quiet {
continue
}
// The log level > 3 forces to use glog instead of printing to stdout
if glog.V(3) {
glog.Info(text)
continue
}
fmt.Fprintf(os.Stdout, "%s\n", strings.TrimSpace(text))
}
}(outReader)
go dockerpkg.StreamContainerIO(errReader, &errOutput, glog.Error)
err = b.docker.RunContainer(opts)
if util.IsTimeoutError(err) {
// Cancel waiting for source input if the container timeouts
wg.Done()
}
if e, ok := err.(errors.ContainerError); ok {
return errors.NewContainerError(config.BuilderImage, e.ErrorCode, errOutput)
}
return err
}
// Execute runs the specified STI script in the builder image.
func (builder *STI) Execute(command string, user string, config *api.Config) error {
glog.V(2).Infof("Using image name %s", config.BuilderImage)
// we can't invoke this method before (for example in New() method)
// because of later initialization of config.WorkingDir
builder.env = createBuildEnvironment(config)
errOutput := ""
outReader, outWriter := io.Pipe()
errReader, errWriter := io.Pipe()
defer outReader.Close()
defer outWriter.Close()
defer errReader.Close()
defer errWriter.Close()
externalScripts := builder.externalScripts[command]
// if LayeredBuild is called then all the scripts will be placed inside the image
if config.LayeredBuild {
externalScripts = false
}
opts := dockerpkg.RunContainerOptions{
Image: config.BuilderImage,
Stdout: outWriter,
Stderr: errWriter,
// The PullImage is false because the PullImage function should be called
// before we run the container
PullImage: false,
ExternalScripts: externalScripts,
ScriptsURL: config.ScriptsURL,
Destination: config.Destination,
Command: command,
Env: builder.env,
User: user,
PostExec: builder.postExecutor,
NetworkMode: string(config.DockerNetworkMode),
CGroupLimits: config.CGroupLimits,
CapDrop: config.DropCapabilities,
Binds: config.BuildVolumes.AsBinds(),
}
// If there are injections specified, override the original assemble script
// and wait till all injections are uploaded into the container that runs the
// assemble script.
injectionComplete := make(chan struct{})
var injectionError error
if len(config.Injections) > 0 && command == api.Assemble {
workdir, err := builder.docker.GetImageWorkdir(config.BuilderImage)
if err != nil {
builder.result.BuildInfo.FailureReason = utilstatus.NewFailureReason(utilstatus.ReasonGenericS2IBuildFailed, utilstatus.ReasonMessageGenericS2iBuildFailed)
return err
}
config.Injections = util.FixInjectionsWithRelativePath(workdir, config.Injections)
injectedFiles, err := util.ExpandInjectedFiles(config.Injections)
if err != nil {
builder.result.BuildInfo.FailureReason = utilstatus.NewFailureReason(utilstatus.ReasonInstallScriptsFailed, utilstatus.ReasonMessageInstallScriptsFailed)
return err
}
rmScript, err := util.CreateInjectedFilesRemovalScript(injectedFiles, "/tmp/rm-injections")
if err != nil {
builder.result.BuildInfo.FailureReason = utilstatus.NewFailureReason(utilstatus.ReasonGenericS2IBuildFailed, utilstatus.ReasonMessageGenericS2iBuildFailed)
return err
}
defer os.Remove(rmScript)
opts.CommandOverrides = func(cmd string) string {
return fmt.Sprintf("while [ ! -f %q ]; do sleep 0.5; done; %s; result=$?; source %[1]s; exit $result",
"/tmp/rm-injections", cmd)
}
originalOnStart := opts.OnStart
opts.OnStart = func(containerID string) error {
defer close(injectionComplete)
if err != nil {
injectionError = err
return err
}
glog.V(2).Info("starting the injections uploading ...")
for _, s := range config.Injections {
if err := builder.docker.UploadToContainer(s.Source, s.Destination, containerID); err != nil {
injectionError = util.HandleInjectionError(s, err)
return err
}
}
if err := builder.docker.UploadToContainer(rmScript, "/tmp/rm-injections", containerID); err != nil {
injectionError = util.HandleInjectionError(api.VolumeSpec{Source: rmScript, Destination: "/tmp/rm-injections"}, err)
return err
}
if originalOnStart != nil {
return originalOnStart(containerID)
}
return nil
}
} else {
close(injectionComplete)
}
wg := sync.WaitGroup{}
if !config.LayeredBuild {
wg.Add(1)
uploadDir := filepath.Join(config.WorkingDir, "upload")
// TODO: be able to pass a stream directly to the Docker build to avoid the double temp hit
r, w := io.Pipe()
go func() {
// reminder, multiple defers follow a stack, LIFO order of processing
defer wg.Done()
// Wait for the injections to complete and check the error. Do not start
// streaming the sources when the injection failed.
<-injectionComplete
if injectionError != nil {
return
}
glog.V(2).Info("starting the source uploading ...")
var err error
defer func() {
w.CloseWithError(err)
if r := recover(); r != nil {
glog.Errorf("recovered panic: %#v", r)
}
}()
err = builder.tar.CreateTarStream(uploadDir, false, w)
}()
opts.Stdin = r
}
go func(reader io.Reader) {
scanner := bufio.NewReader(reader)
// Precede build output with newline
glog.Info()
for {
text, err := scanner.ReadString('\n')
if err != nil {
// we're ignoring ErrClosedPipe, as this is information
// the docker container ended streaming logs
if glog.Is(2) && err != io.ErrClosedPipe && err != io.EOF {
glog.Errorf("Error reading docker stdout, %#v", err)
}
break
}
// Nothing is printed when the quiet option is set
if config.Quiet {
continue
}
glog.Info(strings.TrimSpace(text))
}
// Terminate build output with new line
glog.Info()
}(outReader)
go dockerpkg.StreamContainerIO(errReader, &errOutput, func(a ...interface{}) { glog.Info(a...) })
err := builder.docker.RunContainer(opts)
if e, ok := err.(errors.ContainerError); ok {
// even with deferred close above, close errReader now so we avoid data race condition on errOutput;
// closing will cause StreamContainerIO to exit, thus releasing the writer in the equation
errReader.Close()
return errors.NewContainerError(config.BuilderImage, e.ErrorCode, errOutput)
}
// Do not wait for source input if the container times out.
// FIXME: this potentially leaks a goroutine.
if !util.IsTimeoutError(err) {
wg.Wait()
}
return err
}
func (step *startRuntimeImageAndUploadFilesStep) execute(ctx *postExecutorStepContext) error {
glog.V(3).Info("Executing step: start runtime image and upload files")
fd, err := ioutil.TempFile("", "s2i-upload-done")
if err != nil {
return err
}
fd.Close()
lastFilePath := fd.Name()
defer func() {
os.Remove(lastFilePath)
}()
lastFileDstPath := "/tmp/" + filepath.Base(lastFilePath)
outReader, outWriter := io.Pipe()
errReader, errWriter := io.Pipe()
artifactsDir := filepath.Join(step.builder.config.WorkingDir, api.RuntimeArtifactsDir)
// We copy scripts to a directory with artifacts to upload files in one shot
for _, script := range []string{api.AssembleRuntime, api.Run} {
// scripts must be inside of "scripts" subdir, see createCommandForExecutingRunScript()
destinationDir := filepath.Join(artifactsDir, "scripts")
err = step.copyScriptIfNeeded(script, destinationDir)
if err != nil {
return err
}
}
image := step.builder.config.RuntimeImage
workDir, err := step.docker.GetImageWorkdir(image)
if err != nil {
return fmt.Errorf("could not get working dir of %q image: %v", image, err)
}
commandBaseDir := filepath.Join(workDir, "scripts")
useExternalAssembleScript := step.builder.externalScripts[api.AssembleRuntime]
if !useExternalAssembleScript {
// script already inside of the image
var scriptsURL string
scriptsURL, err = step.docker.GetScriptsURL(image)
if err != nil {
return err
}
if len(scriptsURL) == 0 {
return fmt.Errorf("could not determine scripts URL for image %q", image)
}
commandBaseDir = strings.TrimPrefix(scriptsURL, "image://")
}
cmd := fmt.Sprintf(
"while [ ! -f %q ]; do sleep 0.5; done; %s/%s; exit $?",
lastFileDstPath,
commandBaseDir,
api.AssembleRuntime,
)
opts := dockerpkg.RunContainerOptions{
Image: image,
PullImage: false, // The PullImage is false because we've already pulled the image
CommandExplicit: []string{"/bin/sh", "-c", cmd},
Stdout: outWriter,
Stderr: errWriter,
NetworkMode: string(step.builder.config.DockerNetworkMode),
CGroupLimits: step.builder.config.CGroupLimits,
CapDrop: step.builder.config.DropCapabilities,
PostExec: step.builder.postExecutor,
Env: step.builder.env,
}
opts.OnStart = func(containerID string) error {
setStandardPerms := func(writer io.Writer) s2itar.Writer {
return s2itar.ChmodAdapter{Writer: tar.NewWriter(writer), NewFileMode: 0644, NewExecFileMode: 0755, NewDirMode: 0755}
}
glog.V(5).Infof("Uploading directory %q -> %q", artifactsDir, workDir)
onStartErr := step.docker.UploadToContainerWithTarWriter(step.fs, artifactsDir, workDir, containerID, setStandardPerms)
if onStartErr != nil {
return fmt.Errorf("could not upload directory (%q -> %q) into container %s: %v", artifactsDir, workDir, containerID, err)
}
glog.V(5).Infof("Uploading file %q -> %q", lastFilePath, lastFileDstPath)
onStartErr = step.docker.UploadToContainerWithTarWriter(step.fs, lastFilePath, lastFileDstPath, containerID, setStandardPerms)
if onStartErr != nil {
return fmt.Errorf("could not upload file (%q -> %q) into container %s: %v", lastFilePath, lastFileDstPath, containerID, err)
}
return onStartErr
}
dockerpkg.StreamContainerIO(outReader, nil, func(s string) { glog.V(0).Info(s) })
errOutput := ""
c := dockerpkg.StreamContainerIO(errReader, &errOutput, func(s string) { glog.Info(s) })
// switch to the next stage of post executors steps
step.builder.postExecutorStage++
err = step.docker.RunContainer(opts)
if e, ok := err.(s2ierr.ContainerError); ok {
// Must wait for StreamContainerIO goroutine above to exit before reading errOutput.
<-c
err = s2ierr.NewContainerError(image, e.ErrorCode, errOutput)
}
return err
}
func (step *startRuntimeImageAndUploadFilesStep) execute(ctx *postExecutorStepContext) error {
glog.V(3).Info("Executing step: start runtime image and upload files")
fd, err := ioutil.TempFile("", "s2i-upload-done")
if err != nil {
return err
}
fd.Close()
lastFilePath := fd.Name()
defer func() {
os.Remove(lastFilePath)
}()
lastFileDstPath := "/tmp/" + filepath.Base(lastFilePath)
outReader, outWriter := io.Pipe()
defer outReader.Close()
defer outWriter.Close()
errReader, errWriter := io.Pipe()
defer errReader.Close()
defer errWriter.Close()
artifactsDir := filepath.Join(step.builder.config.WorkingDir, api.RuntimeArtifactsDir)
// We copy scripts to a directory with artifacts to upload files in one shot
for _, script := range []string{api.AssembleRuntime, api.Run} {
// scripts must be inside of "scripts" subdir, see createCommandForExecutingRunScript()
destinationDir := filepath.Join(artifactsDir, "scripts")
if err := step.copyScriptIfNeeded(script, destinationDir); err != nil {
return err
}
}
image := step.builder.config.RuntimeImage
workDir, err := step.docker.GetImageWorkdir(image)
if err != nil {
return fmt.Errorf("Couldn't get working dir of %q image: %v", image, err)
}
commandBaseDir := filepath.Join(workDir, "scripts")
useExternalAssembleScript := step.builder.externalScripts[api.AssembleRuntime]
if !useExternalAssembleScript {
// script already inside of the image
scriptsURL, err := step.docker.GetScriptsURL(image)
if err != nil {
return err
}
if len(scriptsURL) == 0 {
return fmt.Errorf("Couldn't determine scripts URL for image %q", image)
}
commandBaseDir = strings.TrimPrefix(scriptsURL, "image://")
}
cmd := fmt.Sprintf(
"while [ ! -f %q ]; do sleep 0.5; done; %s/%s; exit $?",
lastFileDstPath,
commandBaseDir,
api.AssembleRuntime,
)
opts := dockerpkg.RunContainerOptions{
Image: image,
Entrypoint: DefaultEntrypoint,
PullImage: false, // The PullImage is false because we've already pulled the image
CommandExplicit: []string{"/bin/sh", "-c", cmd},
Stdout: outWriter,
Stderr: errWriter,
NetworkMode: string(step.builder.config.DockerNetworkMode),
CGroupLimits: step.builder.config.CGroupLimits,
CapDrop: step.builder.config.DropCapabilities,
PostExec: step.builder.postExecutor,
Env: step.builder.env,
}
opts.OnStart = func(containerID string) error {
setStandardPerms := func(path string, info os.FileInfo, err error) error {
if err != nil {
return err
}
// chmod does nothing on windows anyway.
if runtime.GOOS == "windows" {
return nil
}
// Skip chmod for symlinks
if info.Mode()&os.ModeSymlink != 0 {
return nil
}
// file should be writable by owner (u=w) and readable by other users (a=r),
// executable bit should be left as is
mode := os.FileMode(0644)
// syscall.S_IEXEC == 0x40 but we can't reference the constant if we want
// to build releases for windows.
if info.IsDir() || info.Mode()&0x40 != 0 {
mode = 0755
}
return step.fs.Chmod(path, mode)
}
glog.V(5).Infof("Uploading directory %q -> %q", artifactsDir, workDir)
if err := step.docker.UploadToContainerWithCallback(artifactsDir, workDir, containerID, setStandardPerms, true); err != nil {
return fmt.Errorf("Couldn't upload directory (%q -> %q) into container %s: %v", artifactsDir, workDir, containerID, err)
}
glog.V(5).Infof("Uploading file %q -> %q", lastFilePath, lastFileDstPath)
if err := step.docker.UploadToContainerWithCallback(lastFilePath, lastFileDstPath, containerID, setStandardPerms, true); err != nil {
return fmt.Errorf("Couldn't upload file (%q -> %q) into container %s: %v", lastFilePath, lastFileDstPath, containerID, err)
}
return err
}
go dockerpkg.StreamContainerIO(outReader, nil, func(a ...interface{}) { glog.V(0).Info(a...) })
errOutput := ""
go dockerpkg.StreamContainerIO(errReader, &errOutput, func(a ...interface{}) { glog.Info(a...) })
// switch to the next stage of post executors steps
step.builder.postExecutorStage++
err = step.docker.RunContainer(opts)
if e, ok := err.(errors.ContainerError); ok {
return errors.NewContainerError(image, e.ErrorCode, errOutput)
}
return nil
}
// Execute runs the specified STI script in the builder image.
func (builder *STI) Execute(command string, user string, config *api.Config) error {
glog.V(2).Infof("Using image name %s", config.BuilderImage)
// we can't invoke this method before (for example in New() method)
// because of later initialization of config.WorkingDir
builder.env = createBuildEnvironment(config)
errOutput := ""
outReader, outWriter := io.Pipe()
errReader, errWriter := io.Pipe()
externalScripts := builder.externalScripts[command]
// if LayeredBuild is called then all the scripts will be placed inside the image
if config.LayeredBuild {
externalScripts = false
}
opts := dockerpkg.RunContainerOptions{
Image: config.BuilderImage,
Stdout: outWriter,
Stderr: errWriter,
// The PullImage is false because the PullImage function should be called
// before we run the container
PullImage: false,
ExternalScripts: externalScripts,
ScriptsURL: config.ScriptsURL,
Destination: config.Destination,
Command: command,
Env: builder.env,
User: user,
PostExec: builder.postExecutor,
NetworkMode: string(config.DockerNetworkMode),
CGroupLimits: config.CGroupLimits,
CapDrop: config.DropCapabilities,
Binds: config.BuildVolumes.AsBinds(),
}
// If there are injections specified, override the original assemble script
// and wait till all injections are uploaded into the container that runs the
// assemble script.
injectionError := make(chan error)
if len(config.Injections) > 0 && command == api.Assemble {
workdir, err := builder.docker.GetImageWorkdir(config.BuilderImage)
if err != nil {
builder.result.BuildInfo.FailureReason = utilstatus.NewFailureReason(
utilstatus.ReasonGenericS2IBuildFailed,
utilstatus.ReasonMessageGenericS2iBuildFailed,
)
return err
}
config.Injections = util.FixInjectionsWithRelativePath(workdir, config.Injections)
injectedFiles, err := util.ExpandInjectedFiles(builder.fs, config.Injections)
if err != nil {
builder.result.BuildInfo.FailureReason = utilstatus.NewFailureReason(
utilstatus.ReasonInstallScriptsFailed,
utilstatus.ReasonMessageInstallScriptsFailed,
)
return err
}
rmScript, err := util.CreateInjectedFilesRemovalScript(injectedFiles, "/tmp/rm-injections")
if err != nil {
builder.result.BuildInfo.FailureReason = utilstatus.NewFailureReason(
utilstatus.ReasonGenericS2IBuildFailed,
utilstatus.ReasonMessageGenericS2iBuildFailed,
)
return err
}
defer os.Remove(rmScript)
opts.CommandOverrides = func(cmd string) string {
return fmt.Sprintf("while [ ! -f %q ]; do sleep 0.5; done; %s; result=$?; source %[1]s; exit $result",
"/tmp/rm-injections", cmd)
}
originalOnStart := opts.OnStart
opts.OnStart = func(containerID string) error {
defer close(injectionError)
glog.V(2).Info("starting the injections uploading ...")
for _, s := range config.Injections {
if err := builder.docker.UploadToContainer(builder.fs, s.Source, s.Destination, containerID); err != nil {
injectionError <- util.HandleInjectionError(s, err)
return err
}
}
if err := builder.docker.UploadToContainer(builder.fs, rmScript, "/tmp/rm-injections", containerID); err != nil {
injectionError <- util.HandleInjectionError(api.VolumeSpec{Source: rmScript, Destination: "/tmp/rm-injections"}, err)
return err
}
if originalOnStart != nil {
return originalOnStart(containerID)
}
return nil
}
} else {
close(injectionError)
}
if !config.LayeredBuild {
r, w := io.Pipe()
opts.Stdin = r
go func() {
// Wait for the injections to complete and check the error. Do not start
// streaming the sources when the injection failed.
if <-injectionError != nil {
w.Close()
return
}
glog.V(2).Info("starting the source uploading ...")
uploadDir := filepath.Join(config.WorkingDir, "upload")
w.CloseWithError(builder.tar.CreateTarStream(uploadDir, false, w))
}()
}
dockerpkg.StreamContainerIO(outReader, nil, func(s string) {
if !config.Quiet {
glog.Info(strings.TrimSpace(s))
}
})
c := dockerpkg.StreamContainerIO(errReader, &errOutput, func(s string) { glog.Info(s) })
err := builder.docker.RunContainer(opts)
if e, ok := err.(s2ierr.ContainerError); ok {
// Must wait for StreamContainerIO goroutine above to exit before reading errOutput.
<-c
err = s2ierr.NewContainerError(config.BuilderImage, e.ErrorCode, errOutput)
}
return err
}