From 2477c5bf213ae311b1bf812f3097a26d8d9ead4c Mon Sep 17 00:00:00 2001 From: Lars Wirzenius Date: Sat, 13 Jan 2018 17:43:13 +0200 Subject: Add: run shell actions in a container if requested --- worker_manager | 39 +++++++++++++++++++++++++++++---------- 1 file changed, 29 insertions(+), 10 deletions(-) (limited to 'worker_manager') diff --git a/worker_manager b/worker_manager index a7a2b10..989ae21 100755 --- a/worker_manager +++ b/worker_manager @@ -80,6 +80,13 @@ class WorkerManager(cliapp.Application): default='/var/lib/ick/workspace', ) + self.settings.string( + ['systree'], + 'use DIR as the system tree for containers', + metavar='DIR', + default='/var/lib/ick/systree', + ) + def process_args(self, args): self.settings.require('name') self.settings.require('controller') @@ -89,7 +96,8 @@ class WorkerManager(cliapp.Application): tg = TokenGenerator() tg.set_key(self.settings['token-key']) api = ControllerAPI(name, url, tg) - worker = Worker(name, api, self.settings['workspace']) + worker = Worker( + name, api, self.settings['workspace'], self.settings['systree']) logging.info('Worker manager %s starts, controller is %s', name, url) @@ -254,10 +262,11 @@ class TokenGenerator: class Worker: - def __init__(self, name, api, workspace): + def __init__(self, name, api, workspace, systree): self._name = name self._api = api self._workspace = workspace + self._systree = systree def do_work(self, work): @@ -274,7 +283,7 @@ class Worker: if klass is None: exit_code = -1 else: - worker = klass(self._api, self._workspace, post) + worker = klass(self._api, self._workspace, self._systree, post) exit_code = worker.do(work) self.finish_work(work, exit_code) @@ -317,9 +326,10 @@ class Worker: class WorkerBase: - def __init__(self, api, workspace, post): + def __init__(self, api, workspace, systree, post): self._api = api self._workspace = workspace + self._systree = systree self._post = post def do(self, work): @@ -329,8 +339,13 @@ class WorkerBase: if self.where(work) == 'chroot': logging.debug('CHROOT REQUESTED') argv = ['sudo', 'chroot', self._workspace] + argv + elif self.where(work) == 'container': + logging.debug('CONTAINER REQUESTED') + argv = [ + 'sudo', 'systemd-nspawn', '-D', self._systree, '--bind', self._workspace, + ] + argv else: - logging.debug('NOT IN CHROOT') + logging.debug('HOST REQUESTED') logging.debug('running: %r', argv) exit_code, _, _ = cliapp.runcmd_unchecked( argv, @@ -363,7 +378,9 @@ class WorkerBase: class ShellWorker(WorkerBase): def get_argv(self, work, params_text): - code_snippet = work['step']['shell'] + step = work['step'] + code_snippet = step['shell'] + where = step.get('where', 'host') prefix = 'params() { echo -n "%s" | base64 -d; }\n' % params_text return ['bash', '-exuc', prefix + code_snippet] @@ -445,10 +462,12 @@ class SystreePopulator(WorkerBase): systree_dir = '/var/lib/ick/systree' def do(self, work): - systree_name = work.get('systree_name') + step = work['step'] + systree_name = step.get('systree_name') if not systree_name: - self.report(b'No systree_name parameter, no systree population') - return 0 + self.report( + b'No systree_name field in action, no systree population') + return 1 self.make_directory_empty(self.systree_dir) tarball = self._api.download_blob(systree_name) @@ -462,7 +481,7 @@ class SystreePopulator(WorkerBase): def unpack_systree(self, tarball, dirname): return self.execute_argv( - ['sudo', 'tar', '-zxvf', '-', '-C', dirname], + ['sudo', 'tar', '-zxf', '-', '-C', dirname], feed_stdin=tarball, ) -- cgit v1.2.1