// ExtractTarStreamFromTarReader extracts files from a given tar stream. // Times out if reading from the stream for any given file // exceeds the value of timeout func (t *stiTar) ExtractTarStreamFromTarReader(dir string, tarReader Reader, logger io.Writer) error { err := util.TimeoutAfter(t.timeout, "", func(timeoutTimer *time.Timer) error { for { header, err := tarReader.Next() if !timeoutTimer.Stop() { return &util.TimeoutError{} } timeoutTimer.Reset(t.timeout) if err == io.EOF { return nil } if err != nil { glog.Errorf("Error reading next tar header: %v", err) return err } if header.FileInfo().IsDir() { dirPath := filepath.Join(dir, header.Name) glog.V(3).Infof("Creating directory %s", dirPath) if err = os.MkdirAll(dirPath, 0700); err != nil { glog.Errorf("Error creating dir %q: %v", dirPath, err) return err } } else { fileDir := filepath.Dir(header.Name) dirPath := filepath.Join(dir, fileDir) glog.V(3).Infof("Creating directory %s", dirPath) if err = os.MkdirAll(dirPath, 0700); err != nil { glog.Errorf("Error creating dir %q: %v", dirPath, err) return err } if header.Typeflag == tar.TypeSymlink { if err := t.extractLink(dir, header, tarReader); err != nil { glog.Errorf("Error extracting link %q: %v", header.Name, err) return err } continue } logFile(logger, header.Name) if err := t.extractFile(dir, header, tarReader); err != nil { glog.Errorf("Error extracting file %q: %v", header.Name, err) return err } } } }) if err != nil { glog.Error("Error extracting tar stream") } else { glog.V(2).Info("Done extracting tar stream") } if util.IsTimeoutError(err) { err = s2ierr.NewTarTimeoutError() } return err }
// Execute runs the specified STI script in the builder image. func (b *STI) Execute(command string, user string, config *api.Config) error { glog.V(2).Infof("Using image name %s", config.BuilderImage) env, err := scripts.GetEnvironment(config) if err != nil { glog.V(1).Infof("No user environment provided (%v)", err) } buildEnv := append(scripts.ConvertEnvironment(env), b.generateConfigEnv()...) errOutput := "" outReader, outWriter := io.Pipe() errReader, errWriter := io.Pipe() defer outReader.Close() defer outWriter.Close() defer errReader.Close() defer errWriter.Close() externalScripts := b.externalScripts[command] // if LayeredBuild is called then all the scripts will be placed inside the image if config.LayeredBuild { externalScripts = false } opts := dockerpkg.RunContainerOptions{ Image: config.BuilderImage, Stdout: outWriter, Stderr: errWriter, // The PullImage is false because the PullImage function should be called // before we run the container PullImage: false, ExternalScripts: externalScripts, ScriptsURL: config.ScriptsURL, Destination: config.Destination, Command: command, Env: buildEnv, User: user, PostExec: b.postExecutor, NetworkMode: string(config.DockerNetworkMode), CGroupLimits: config.CGroupLimits, CapDrop: config.DropCapabilities, } // If there are injections specified, override the original assemble script // and wait till all injections are uploaded into the container that runs the // assemble script. injectionComplete := make(chan struct{}) var injectionError error if len(config.Injections) > 0 && command == api.Assemble { workdir, err := b.docker.GetImageWorkdir(config.BuilderImage) if err != nil { return err } util.FixInjectionsWithRelativePath(workdir, &config.Injections) injectedFiles, err := util.ExpandInjectedFiles(config.Injections) if err != nil { return err } rmScript, err := util.CreateInjectedFilesRemovalScript(injectedFiles, "/tmp/rm-injections") if err != nil { return err } defer os.Remove(rmScript) opts.CommandOverrides = func(cmd string) string { return fmt.Sprintf("while [ ! -f %q ]; do sleep 0.5; done; %s; result=$?; source %[1]s; exit $result", "/tmp/rm-injections", cmd) } originalOnStart := opts.OnStart opts.OnStart = func(containerID string) error { defer close(injectionComplete) if err != nil { injectionError = err return err } glog.V(2).Info("starting the injections uploading ...") for _, s := range config.Injections { if err := b.docker.UploadToContainer(s.SourcePath, s.DestinationDir, containerID); err != nil { injectionError = util.HandleInjectionError(s, err) return err } } if err := b.docker.UploadToContainer(rmScript, "/tmp/rm-injections", containerID); err != nil { injectionError = util.HandleInjectionError(api.InjectPath{SourcePath: rmScript, DestinationDir: "/tmp/rm-injections"}, err) return err } if originalOnStart != nil { return originalOnStart(containerID) } return nil } } else { close(injectionComplete) } wg := sync.WaitGroup{} if !config.LayeredBuild { wg.Add(1) uploadDir := filepath.Join(config.WorkingDir, "upload") // TODO: be able to pass a stream directly to the Docker build to avoid the double temp hit r, w := io.Pipe() go func() { // Wait for the injections to complete and check the error. Do not start // streaming the sources when the injection failed. <-injectionComplete if injectionError != nil { wg.Done() return } glog.V(2).Info("starting the source uploading ...") var err error defer func() { w.CloseWithError(err) if r := recover(); r != nil { glog.Errorf("recovered panic: %#v", r) } wg.Done() }() err = b.tar.CreateTarStream(uploadDir, false, w) }() opts.Stdin = r defer wg.Wait() } go func(reader io.Reader) { scanner := bufio.NewReader(reader) for { text, err := scanner.ReadString('\n') if err != nil { // we're ignoring ErrClosedPipe, as this is information // the docker container ended streaming logs if glog.V(2) && err != io.ErrClosedPipe { glog.Errorf("Error reading docker stdout, %v", err) } break } // Nothing is printed when the quiet option is set if config.Quiet { continue } // The log level > 3 forces to use glog instead of printing to stdout if glog.V(3) { glog.Info(text) continue } fmt.Fprintf(os.Stdout, "%s\n", strings.TrimSpace(text)) } }(outReader) go dockerpkg.StreamContainerIO(errReader, &errOutput, glog.Error) err = b.docker.RunContainer(opts) if util.IsTimeoutError(err) { // Cancel waiting for source input if the container timeouts wg.Done() } if e, ok := err.(errors.ContainerError); ok { return errors.NewContainerError(config.BuilderImage, e.ErrorCode, errOutput) } return err }
// Execute runs the specified STI script in the builder image. func (builder *STI) Execute(command string, user string, config *api.Config) error { glog.V(2).Infof("Using image name %s", config.BuilderImage) // we can't invoke this method before (for example in New() method) // because of later initialization of config.WorkingDir builder.env = createBuildEnvironment(config) errOutput := "" outReader, outWriter := io.Pipe() errReader, errWriter := io.Pipe() defer outReader.Close() defer outWriter.Close() defer errReader.Close() defer errWriter.Close() externalScripts := builder.externalScripts[command] // if LayeredBuild is called then all the scripts will be placed inside the image if config.LayeredBuild { externalScripts = false } opts := dockerpkg.RunContainerOptions{ Image: config.BuilderImage, Stdout: outWriter, Stderr: errWriter, // The PullImage is false because the PullImage function should be called // before we run the container PullImage: false, ExternalScripts: externalScripts, ScriptsURL: config.ScriptsURL, Destination: config.Destination, Command: command, Env: builder.env, User: user, PostExec: builder.postExecutor, NetworkMode: string(config.DockerNetworkMode), CGroupLimits: config.CGroupLimits, CapDrop: config.DropCapabilities, Binds: config.BuildVolumes.AsBinds(), } // If there are injections specified, override the original assemble script // and wait till all injections are uploaded into the container that runs the // assemble script. injectionComplete := make(chan struct{}) var injectionError error if len(config.Injections) > 0 && command == api.Assemble { workdir, err := builder.docker.GetImageWorkdir(config.BuilderImage) if err != nil { builder.result.BuildInfo.FailureReason = utilstatus.NewFailureReason(utilstatus.ReasonGenericS2IBuildFailed, utilstatus.ReasonMessageGenericS2iBuildFailed) return err } config.Injections = util.FixInjectionsWithRelativePath(workdir, config.Injections) injectedFiles, err := util.ExpandInjectedFiles(config.Injections) if err != nil { builder.result.BuildInfo.FailureReason = utilstatus.NewFailureReason(utilstatus.ReasonInstallScriptsFailed, utilstatus.ReasonMessageInstallScriptsFailed) return err } rmScript, err := util.CreateInjectedFilesRemovalScript(injectedFiles, "/tmp/rm-injections") if err != nil { builder.result.BuildInfo.FailureReason = utilstatus.NewFailureReason(utilstatus.ReasonGenericS2IBuildFailed, utilstatus.ReasonMessageGenericS2iBuildFailed) return err } defer os.Remove(rmScript) opts.CommandOverrides = func(cmd string) string { return fmt.Sprintf("while [ ! -f %q ]; do sleep 0.5; done; %s; result=$?; source %[1]s; exit $result", "/tmp/rm-injections", cmd) } originalOnStart := opts.OnStart opts.OnStart = func(containerID string) error { defer close(injectionComplete) if err != nil { injectionError = err return err } glog.V(2).Info("starting the injections uploading ...") for _, s := range config.Injections { if err := builder.docker.UploadToContainer(s.Source, s.Destination, containerID); err != nil { injectionError = util.HandleInjectionError(s, err) return err } } if err := builder.docker.UploadToContainer(rmScript, "/tmp/rm-injections", containerID); err != nil { injectionError = util.HandleInjectionError(api.VolumeSpec{Source: rmScript, Destination: "/tmp/rm-injections"}, err) return err } if originalOnStart != nil { return originalOnStart(containerID) } return nil } } else { close(injectionComplete) } wg := sync.WaitGroup{} if !config.LayeredBuild { wg.Add(1) uploadDir := filepath.Join(config.WorkingDir, "upload") // TODO: be able to pass a stream directly to the Docker build to avoid the double temp hit r, w := io.Pipe() go func() { // reminder, multiple defers follow a stack, LIFO order of processing defer wg.Done() // Wait for the injections to complete and check the error. Do not start // streaming the sources when the injection failed. <-injectionComplete if injectionError != nil { return } glog.V(2).Info("starting the source uploading ...") var err error defer func() { w.CloseWithError(err) if r := recover(); r != nil { glog.Errorf("recovered panic: %#v", r) } }() err = builder.tar.CreateTarStream(uploadDir, false, w) }() opts.Stdin = r } go func(reader io.Reader) { scanner := bufio.NewReader(reader) // Precede build output with newline glog.Info() for { text, err := scanner.ReadString('\n') if err != nil { // we're ignoring ErrClosedPipe, as this is information // the docker container ended streaming logs if glog.Is(2) && err != io.ErrClosedPipe && err != io.EOF { glog.Errorf("Error reading docker stdout, %#v", err) } break } // Nothing is printed when the quiet option is set if config.Quiet { continue } glog.Info(strings.TrimSpace(text)) } // Terminate build output with new line glog.Info() }(outReader) go dockerpkg.StreamContainerIO(errReader, &errOutput, func(a ...interface{}) { glog.Info(a...) }) err := builder.docker.RunContainer(opts) if e, ok := err.(errors.ContainerError); ok { // even with deferred close above, close errReader now so we avoid data race condition on errOutput; // closing will cause StreamContainerIO to exit, thus releasing the writer in the equation errReader.Close() return errors.NewContainerError(config.BuilderImage, e.ErrorCode, errOutput) } // Do not wait for source input if the container times out. // FIXME: this potentially leaks a goroutine. if !util.IsTimeoutError(err) { wg.Wait() } return err }