init commit for coverting to podman
This commit is contained in:
zerodoctor
@@ -7,8 +7,8 @@ package compiler
|
||||
import (
|
||||
"strconv"
|
||||
|
||||
"github.com/drone-runners/drone-runner-docker/engine"
|
||||
"github.com/drone-runners/drone-runner-docker/engine/resource"
|
||||
"github.com/drone-runners/drone-runner-podman/engine"
|
||||
"github.com/drone-runners/drone-runner-podman/engine/resource"
|
||||
"github.com/drone/runner-go/manifest"
|
||||
"github.com/drone/runner-go/pipeline/runtime"
|
||||
)
|
||||
|
||||
@@ -8,8 +8,8 @@ import (
|
||||
"testing"
|
||||
|
||||
"github.com/dchest/uniuri"
|
||||
"github.com/drone-runners/drone-runner-docker/engine"
|
||||
"github.com/drone-runners/drone-runner-docker/engine/resource"
|
||||
"github.com/drone-runners/drone-runner-podman/engine"
|
||||
"github.com/drone-runners/drone-runner-podman/engine/resource"
|
||||
"github.com/drone/drone-go/drone"
|
||||
"github.com/drone/runner-go/environ/provider"
|
||||
"github.com/drone/runner-go/manifest"
|
||||
|
||||
@@ -9,9 +9,9 @@ import (
|
||||
"os"
|
||||
"strings"
|
||||
|
||||
"github.com/drone-runners/drone-runner-docker/engine"
|
||||
"github.com/drone-runners/drone-runner-docker/engine/resource"
|
||||
"github.com/drone-runners/drone-runner-docker/internal/docker/image"
|
||||
"github.com/drone-runners/drone-runner-podman/engine"
|
||||
"github.com/drone-runners/drone-runner-podman/engine/resource"
|
||||
"github.com/drone-runners/drone-runner-podman/internal/podman/image"
|
||||
|
||||
"github.com/drone/drone-go/drone"
|
||||
"github.com/drone/runner-go/clone"
|
||||
@@ -37,7 +37,7 @@ var random = func() string {
|
||||
// with privileged capabilities in order to run Docker
|
||||
// in Docker.
|
||||
var Privileged = []string{
|
||||
"plugins/docker",
|
||||
"plugins/podman",
|
||||
"plugins/acr",
|
||||
"plugins/ecr",
|
||||
"plugins/gcr",
|
||||
@@ -230,7 +230,7 @@ func (c *Compiler) Compile(ctx context.Context, args runtime.CompilerArgs) runti
|
||||
)
|
||||
|
||||
// create network reference variables
|
||||
envs["DRONE_DOCKER_NETWORK_ID"] = spec.Network.ID
|
||||
envs["DRONE_PODMAN_NETWORK_ID"] = spec.Network.ID
|
||||
|
||||
// create the workspace variables
|
||||
envs["DRONE_WORKSPACE"] = full
|
||||
@@ -239,9 +239,9 @@ func (c *Compiler) Compile(ctx context.Context, args runtime.CompilerArgs) runti
|
||||
|
||||
// create volume reference variables
|
||||
if volume.EmptyDir != nil {
|
||||
envs["DRONE_DOCKER_VOLUME_ID"] = volume.EmptyDir.ID
|
||||
envs["DRONE_PODMAN_VOLUME_ID"] = volume.EmptyDir.ID
|
||||
} else {
|
||||
envs["DRONE_DOCKER_VOLUME_PATH"] = volume.HostPath.Path
|
||||
envs["DRONE_PODMAN_VOLUME_PATH"] = volume.HostPath.Path
|
||||
}
|
||||
|
||||
// create tmate variables
|
||||
@@ -359,7 +359,7 @@ func (c *Compiler) Compile(ctx context.Context, args runtime.CompilerArgs) runti
|
||||
Labels: stageLabels,
|
||||
Pull: engine.PullIfNotExists,
|
||||
Image: image.Expand(c.Tmate.Image),
|
||||
Entrypoint: []string{"/bin/drone-runner-docker"},
|
||||
Entrypoint: []string{"/bin/drone-runner-podman"},
|
||||
Command: []string{"copy"},
|
||||
Network: "none",
|
||||
})
|
||||
@@ -531,7 +531,7 @@ func (c *Compiler) Compile(ctx context.Context, args runtime.CompilerArgs) runti
|
||||
// feature toggle that disables the check that restricts
|
||||
// docker plugins from mounting volumes.
|
||||
// DO NOT USE: THIS WILL BE DEPRECATED IN THE FUTURE
|
||||
var allowDockerPluginVolumes = os.Getenv("DRONE_FLAG_ALLOW_DOCKER_PLUGIN_VOLUMES") == "true"
|
||||
var allowPodmanPluginVolumes = os.Getenv("DRONE_FLAG_ALLOW_PODMAN_PLUGIN_VOLUMES") == "true"
|
||||
|
||||
func (c *Compiler) isPrivileged(step *resource.Step) bool {
|
||||
// privileged-by-default containers are only
|
||||
@@ -547,7 +547,7 @@ func (c *Compiler) isPrivileged(step *resource.Step) bool {
|
||||
return false
|
||||
}
|
||||
|
||||
if allowDockerPluginVolumes == false {
|
||||
if allowPodmanPluginVolumes == false {
|
||||
if len(step.Volumes) > 0 {
|
||||
return false
|
||||
}
|
||||
|
||||
@@ -2,6 +2,7 @@
|
||||
// Use of this source code is governed by the Polyform License
|
||||
// that can be found in the LICENSE file.
|
||||
|
||||
//go:build !windows
|
||||
// +build !windows
|
||||
|
||||
package compiler
|
||||
@@ -9,14 +10,13 @@ package compiler
|
||||
import (
|
||||
"context"
|
||||
"encoding/json"
|
||||
"io/ioutil"
|
||||
"os"
|
||||
"strconv"
|
||||
"testing"
|
||||
|
||||
"github.com/dchest/uniuri"
|
||||
"github.com/drone-runners/drone-runner-docker/engine"
|
||||
"github.com/drone-runners/drone-runner-docker/engine/resource"
|
||||
"github.com/drone-runners/drone-runner-podman/engine"
|
||||
"github.com/drone-runners/drone-runner-podman/engine/resource"
|
||||
"github.com/drone/drone-go/drone"
|
||||
"github.com/drone/runner-go/environ/provider"
|
||||
"github.com/drone/runner-go/manifest"
|
||||
@@ -280,7 +280,7 @@ func testCompile(t *testing.T, source, golden string) *engine.Spec {
|
||||
|
||||
got := compiler.Compile(nocontext, args)
|
||||
|
||||
raw, err := ioutil.ReadFile(golden)
|
||||
raw, err := os.ReadFile(golden)
|
||||
if err != nil {
|
||||
t.Error(err)
|
||||
}
|
||||
@@ -320,13 +320,13 @@ func TestIsPrivileged(t *testing.T) {
|
||||
t.Errorf("Disable privileged mode if commands are specified")
|
||||
}
|
||||
if c.isPrivileged(&resource.Step{Image: "foo", Command: []string{"echo hello", "echo world"}}) {
|
||||
t.Errorf("Disable privileged mode if the Docker command is specified")
|
||||
t.Errorf("Disable privileged mode if the Podman command is specified")
|
||||
}
|
||||
if c.isPrivileged(&resource.Step{Image: "foo", Entrypoint: []string{"/bin/sh"}}) {
|
||||
t.Errorf("Disable privileged mode if the Docker entrypoint is specified")
|
||||
t.Errorf("Disable privileged mode if the Podman entrypoint is specified")
|
||||
}
|
||||
if c.isPrivileged(&resource.Step{Image: "foo", Volumes: []*resource.VolumeMount{{MountPath: "/var/run/docker.sock"}}}) {
|
||||
t.Errorf("Disable privileged mode if /var/run/docker.sock mounted")
|
||||
if c.isPrivileged(&resource.Step{Image: "foo", Volumes: []*resource.VolumeMount{{MountPath: "/var/run/podman.sock"}}}) {
|
||||
t.Errorf("Disable privileged mode if /var/run/podman.sock mounted")
|
||||
}
|
||||
if c.isPrivileged(&resource.Step{Image: "foo", Volumes: []*resource.VolumeMount{{MountPath: "/var"}}}) {
|
||||
t.Errorf("Disable privileged mode if /var mounted")
|
||||
|
||||
@@ -5,10 +5,10 @@
|
||||
package compiler
|
||||
|
||||
import (
|
||||
"github.com/drone-runners/drone-runner-docker/engine"
|
||||
"github.com/drone-runners/drone-runner-docker/engine/compiler/shell"
|
||||
"github.com/drone-runners/drone-runner-docker/engine/compiler/shell/powershell"
|
||||
"github.com/drone-runners/drone-runner-docker/engine/resource"
|
||||
"github.com/drone-runners/drone-runner-podman/engine"
|
||||
"github.com/drone-runners/drone-runner-podman/engine/compiler/shell"
|
||||
"github.com/drone-runners/drone-runner-podman/engine/compiler/shell/powershell"
|
||||
"github.com/drone-runners/drone-runner-podman/engine/resource"
|
||||
)
|
||||
|
||||
// helper function configures the pipeline script for the
|
||||
|
||||
@@ -7,10 +7,10 @@ package compiler
|
||||
import (
|
||||
"strings"
|
||||
|
||||
"github.com/drone-runners/drone-runner-docker/engine"
|
||||
"github.com/drone-runners/drone-runner-docker/engine/resource"
|
||||
"github.com/drone-runners/drone-runner-docker/internal/docker/image"
|
||||
"github.com/drone-runners/drone-runner-docker/internal/encoder"
|
||||
"github.com/drone-runners/drone-runner-podman/engine"
|
||||
"github.com/drone-runners/drone-runner-podman/engine/resource"
|
||||
"github.com/drone-runners/drone-runner-podman/internal/encoder"
|
||||
"github.com/drone-runners/drone-runner-podman/internal/podman/image"
|
||||
|
||||
"github.com/drone/runner-go/pipeline/runtime"
|
||||
)
|
||||
|
||||
2
engine/compiler/testdata/graph.yml
vendored
2
engine/compiler/testdata/graph.yml
vendored
@@ -1,5 +1,5 @@
|
||||
kind: pipeline
|
||||
type: docker
|
||||
type: podman
|
||||
name: default
|
||||
|
||||
steps:
|
||||
|
||||
2
engine/compiler/testdata/match.yml
vendored
2
engine/compiler/testdata/match.yml
vendored
@@ -1,5 +1,5 @@
|
||||
kind: pipeline
|
||||
type: docker
|
||||
type: podman
|
||||
name: default
|
||||
|
||||
clone:
|
||||
|
||||
4
engine/compiler/testdata/noclone_graph.yml
vendored
4
engine/compiler/testdata/noclone_graph.yml
vendored
@@ -1,5 +1,5 @@
|
||||
kind: pipeline
|
||||
type: docker
|
||||
type: podman
|
||||
name: default
|
||||
|
||||
clone:
|
||||
@@ -15,4 +15,4 @@ steps:
|
||||
image: golang
|
||||
commands:
|
||||
- go test
|
||||
depends_on: [ build ]
|
||||
depends_on: [ build ]
|
||||
|
||||
2
engine/compiler/testdata/noclone_serial.yml
vendored
2
engine/compiler/testdata/noclone_serial.yml
vendored
@@ -1,5 +1,5 @@
|
||||
kind: pipeline
|
||||
type: docker
|
||||
type: podman
|
||||
name: default
|
||||
|
||||
clone:
|
||||
|
||||
2
engine/compiler/testdata/run_always.yml
vendored
2
engine/compiler/testdata/run_always.yml
vendored
@@ -1,5 +1,5 @@
|
||||
kind: pipeline
|
||||
type: docker
|
||||
type: podman
|
||||
name: default
|
||||
|
||||
clone:
|
||||
|
||||
2
engine/compiler/testdata/run_failure.yml
vendored
2
engine/compiler/testdata/run_failure.yml
vendored
@@ -1,5 +1,5 @@
|
||||
kind: pipeline
|
||||
type: docker
|
||||
type: podman
|
||||
name: default
|
||||
|
||||
clone:
|
||||
|
||||
2
engine/compiler/testdata/secret.yml
vendored
2
engine/compiler/testdata/secret.yml
vendored
@@ -1,5 +1,5 @@
|
||||
kind: pipeline
|
||||
type: docker
|
||||
type: podman
|
||||
name: default
|
||||
|
||||
clone:
|
||||
|
||||
2
engine/compiler/testdata/serial.yml
vendored
2
engine/compiler/testdata/serial.yml
vendored
@@ -1,5 +1,5 @@
|
||||
kind: pipeline
|
||||
type: docker
|
||||
type: podman
|
||||
name: default
|
||||
|
||||
steps:
|
||||
|
||||
2
engine/compiler/testdata/steps.yml
vendored
2
engine/compiler/testdata/steps.yml
vendored
@@ -1,5 +1,5 @@
|
||||
kind: pipeline
|
||||
type: docker
|
||||
type: podman
|
||||
name: default
|
||||
|
||||
clone:
|
||||
|
||||
@@ -7,8 +7,8 @@ package compiler
|
||||
import (
|
||||
"strings"
|
||||
|
||||
"github.com/drone-runners/drone-runner-docker/engine"
|
||||
"github.com/drone-runners/drone-runner-docker/engine/resource"
|
||||
"github.com/drone-runners/drone-runner-podman/engine"
|
||||
"github.com/drone-runners/drone-runner-podman/engine/resource"
|
||||
|
||||
"github.com/drone/drone-go/drone"
|
||||
"github.com/drone/runner-go/manifest"
|
||||
|
||||
@@ -7,8 +7,8 @@ package compiler
|
||||
import (
|
||||
"testing"
|
||||
|
||||
"github.com/drone-runners/drone-runner-docker/engine"
|
||||
"github.com/drone-runners/drone-runner-docker/engine/resource"
|
||||
"github.com/drone-runners/drone-runner-podman/engine"
|
||||
"github.com/drone-runners/drone-runner-podman/engine/resource"
|
||||
|
||||
"github.com/drone/runner-go/manifest"
|
||||
|
||||
|
||||
@@ -8,8 +8,8 @@ import (
|
||||
stdpath "path"
|
||||
"strings"
|
||||
|
||||
"github.com/drone-runners/drone-runner-docker/engine"
|
||||
"github.com/drone-runners/drone-runner-docker/engine/resource"
|
||||
"github.com/drone-runners/drone-runner-podman/engine"
|
||||
"github.com/drone-runners/drone-runner-podman/engine/resource"
|
||||
)
|
||||
|
||||
const (
|
||||
|
||||
@@ -7,8 +7,8 @@ package compiler
|
||||
import (
|
||||
"testing"
|
||||
|
||||
"github.com/drone-runners/drone-runner-docker/engine"
|
||||
"github.com/drone-runners/drone-runner-docker/engine/resource"
|
||||
"github.com/drone-runners/drone-runner-podman/engine"
|
||||
"github.com/drone-runners/drone-runner-podman/engine/resource"
|
||||
"github.com/drone/runner-go/manifest"
|
||||
)
|
||||
|
||||
|
||||
@@ -5,114 +5,117 @@
|
||||
package engine
|
||||
|
||||
import (
|
||||
"io/fs"
|
||||
"net"
|
||||
"strings"
|
||||
|
||||
"github.com/docker/docker/api/types/container"
|
||||
"github.com/containers/common/libnetwork/types"
|
||||
"github.com/containers/podman/v4/pkg/specgen"
|
||||
"github.com/docker/docker/api/types/mount"
|
||||
"github.com/docker/docker/api/types/network"
|
||||
"github.com/opencontainers/runtime-spec/specs-go"
|
||||
"github.com/sirupsen/logrus"
|
||||
)
|
||||
|
||||
// returns a container configuration.
|
||||
func toConfig(spec *Spec, step *Step) *container.Config {
|
||||
config := &container.Config{
|
||||
Image: step.Image,
|
||||
func toSpec(spec *Spec, step *Step) *specgen.SpecGenerator {
|
||||
basic := specgen.ContainerBasicConfig{
|
||||
Name: step.ID,
|
||||
RawImageName: step.Image,
|
||||
Labels: step.Labels,
|
||||
WorkingDir: step.WorkingDir,
|
||||
User: step.User,
|
||||
AttachStdin: false,
|
||||
AttachStdout: true,
|
||||
AttachStderr: true,
|
||||
Tty: false,
|
||||
OpenStdin: false,
|
||||
StdinOnce: false,
|
||||
ArgsEscaped: false,
|
||||
Env: step.Envs,
|
||||
Entrypoint: step.Entrypoint,
|
||||
Command: step.Command,
|
||||
Stdin: false,
|
||||
Terminal: false,
|
||||
}
|
||||
|
||||
if len(step.Envs) != 0 {
|
||||
config.Env = toEnv(step.Envs)
|
||||
}
|
||||
for _, sec := range step.Secrets {
|
||||
config.Env = append(config.Env, sec.Env+"="+string(sec.Data))
|
||||
basic.EnvSecrets[sec.Env] = string(sec.Data)
|
||||
}
|
||||
|
||||
if len(step.Entrypoint) != 0 {
|
||||
config.Entrypoint = step.Entrypoint
|
||||
volume := specgen.ContainerStorageConfig{
|
||||
Image: step.Image,
|
||||
WorkDir: step.WorkingDir,
|
||||
ShmSize: toPtr(step.ShmSize),
|
||||
}
|
||||
if len(step.Command) != 0 {
|
||||
config.Cmd = step.Command
|
||||
|
||||
volumeSet := toVolumeSet(spec, step)
|
||||
for path := range volumeSet {
|
||||
volume.Volumes = append(volume.Volumes, &specgen.NamedVolume{
|
||||
Dest: path,
|
||||
})
|
||||
}
|
||||
|
||||
if len(step.Volumes) != 0 {
|
||||
config.Volumes = toVolumeSet(spec, step)
|
||||
volume.Devices = toLinuxDeviceSlice(spec, step)
|
||||
volume.Mounts = toLinuxVolumeMounts(spec, step)
|
||||
}
|
||||
return config
|
||||
}
|
||||
|
||||
// returns a container host configuration.
|
||||
func toHostConfig(spec *Spec, step *Step) *container.HostConfig {
|
||||
config := &container.HostConfig{
|
||||
LogConfig: container.LogConfig{
|
||||
Type: "json-file",
|
||||
},
|
||||
security := specgen.ContainerSecurityConfig{
|
||||
User: step.User,
|
||||
Privileged: step.Privileged,
|
||||
ShmSize: step.ShmSize,
|
||||
}
|
||||
// windows does not support privileged so we hard-code
|
||||
// this value to false.
|
||||
|
||||
// windows does not support privileged so we hard-code this value to false.
|
||||
// podman doesn't even support windows so this would be a problem
|
||||
// if we reach here
|
||||
if spec.Platform.OS == "windows" {
|
||||
config.Privileged = false
|
||||
security.Privileged = false
|
||||
}
|
||||
|
||||
var dns []net.IP
|
||||
for i := range step.DNS {
|
||||
ip, _, err := net.ParseCIDR(step.DNS[i])
|
||||
if err != nil {
|
||||
logrus.Warnf("failed to parse dns [ip=%s] [error=%s]", step.DNS[i], err.Error())
|
||||
continue
|
||||
}
|
||||
dns = append(dns, ip)
|
||||
}
|
||||
|
||||
net := specgen.ContainerNetworkConfig{
|
||||
DNSServers: dns,
|
||||
DNSSearch: step.DNSSearch,
|
||||
HostAdd: step.ExtraHosts,
|
||||
}
|
||||
|
||||
if len(step.Network) > 0 {
|
||||
config.NetworkMode = container.NetworkMode(step.Network)
|
||||
}
|
||||
if len(step.DNS) > 0 {
|
||||
config.DNS = step.DNS
|
||||
}
|
||||
if len(step.DNSSearch) > 0 {
|
||||
config.DNSSearch = step.DNSSearch
|
||||
}
|
||||
if len(step.ExtraHosts) > 0 {
|
||||
config.ExtraHosts = step.ExtraHosts
|
||||
net.Networks = make(map[string]types.PerNetworkOptions)
|
||||
net.Networks[step.Network] = types.PerNetworkOptions{}
|
||||
}
|
||||
|
||||
resource := specgen.ContainerResourceConfig{}
|
||||
if isUnlimited(step) == false {
|
||||
config.Resources = container.Resources{
|
||||
CPUPeriod: step.CPUPeriod,
|
||||
CPUQuota: step.CPUQuota,
|
||||
CpusetCpus: strings.Join(step.CPUSet, ","),
|
||||
CPUShares: step.CPUShares,
|
||||
Memory: step.MemLimit,
|
||||
MemorySwap: step.MemSwapLimit,
|
||||
resource = specgen.ContainerResourceConfig{
|
||||
CPUPeriod: uint64(step.CPUPeriod),
|
||||
CPUQuota: step.CPUQuota,
|
||||
ResourceLimits: &specs.LinuxResources{
|
||||
CPU: &specs.LinuxCPU{
|
||||
Cpus: strings.Join(step.CPUSet, ","),
|
||||
Shares: toPtr(uint64(step.CPUShares)),
|
||||
},
|
||||
Memory: &specs.LinuxMemory{
|
||||
Limit: &step.MemLimit,
|
||||
Swap: &step.MemSwapLimit,
|
||||
},
|
||||
},
|
||||
}
|
||||
}
|
||||
|
||||
if len(step.Volumes) != 0 {
|
||||
config.Devices = toDeviceSlice(spec, step)
|
||||
config.Binds = toVolumeSlice(spec, step)
|
||||
config.Mounts = toVolumeMounts(spec, step)
|
||||
config := &specgen.SpecGenerator{
|
||||
ContainerBasicConfig: basic,
|
||||
ContainerStorageConfig: volume,
|
||||
ContainerSecurityConfig: security,
|
||||
ContainerNetworkConfig: net,
|
||||
ContainerResourceConfig: resource,
|
||||
}
|
||||
return config
|
||||
}
|
||||
|
||||
// helper function returns the container network configuration.
|
||||
func toNetConfig(spec *Spec, proc *Step) *network.NetworkingConfig {
|
||||
// if the user overrides the default network we do not
|
||||
// attach to the user-defined network.
|
||||
if proc.Network != "" {
|
||||
return &network.NetworkingConfig{}
|
||||
}
|
||||
endpoints := map[string]*network.EndpointSettings{}
|
||||
endpoints[spec.Network.ID] = &network.EndpointSettings{
|
||||
NetworkID: spec.Network.ID,
|
||||
Aliases: []string{proc.Name},
|
||||
}
|
||||
return &network.NetworkingConfig{
|
||||
EndpointsConfig: endpoints,
|
||||
}
|
||||
return config
|
||||
}
|
||||
|
||||
// helper function that converts a slice of device paths to a slice of
|
||||
// container.DeviceMapping.
|
||||
func toDeviceSlice(spec *Spec, step *Step) []container.DeviceMapping {
|
||||
var to []container.DeviceMapping
|
||||
func toLinuxDeviceSlice(spec *Spec, step *Step) []specs.LinuxDevice {
|
||||
var to []specs.LinuxDevice
|
||||
for _, mount := range step.Devices {
|
||||
device, ok := lookupVolume(spec, mount.Name)
|
||||
if !ok {
|
||||
@@ -121,10 +124,13 @@ func toDeviceSlice(spec *Spec, step *Step) []container.DeviceMapping {
|
||||
if isDevice(device) == false {
|
||||
continue
|
||||
}
|
||||
to = append(to, container.DeviceMapping{
|
||||
PathOnHost: device.HostPath.Path,
|
||||
PathInContainer: mount.DevicePath,
|
||||
CgroupPermissions: "rwm",
|
||||
to = append(to, specs.LinuxDevice{
|
||||
// NOTE: there only host path... weird
|
||||
Path: device.HostPath.Path,
|
||||
|
||||
// PathOnHost: device.HostPath.Path,
|
||||
// PathInContainer: mount.DevicePath,
|
||||
FileMode: toPtr(fs.ModePerm),
|
||||
})
|
||||
}
|
||||
if len(to) == 0 {
|
||||
@@ -184,8 +190,8 @@ func toVolumeSlice(spec *Spec, step *Step) []string {
|
||||
|
||||
// helper function returns a slice of docker mount
|
||||
// configurations.
|
||||
func toVolumeMounts(spec *Spec, step *Step) []mount.Mount {
|
||||
var mounts []mount.Mount
|
||||
func toLinuxVolumeMounts(spec *Spec, step *Step) []specs.Mount {
|
||||
var mounts []specs.Mount
|
||||
for _, target := range step.Volumes {
|
||||
source, ok := lookupVolume(spec, target.Name)
|
||||
if !ok {
|
||||
@@ -203,7 +209,7 @@ func toVolumeMounts(spec *Spec, step *Step) []mount.Mount {
|
||||
if isDataVolume(source) {
|
||||
continue
|
||||
}
|
||||
mounts = append(mounts, toMount(source, target))
|
||||
mounts = append(mounts, toLinuxMount(source, target))
|
||||
}
|
||||
if len(mounts) == 0 {
|
||||
return nil
|
||||
@@ -213,21 +219,30 @@ func toVolumeMounts(spec *Spec, step *Step) []mount.Mount {
|
||||
|
||||
// helper function converts the volume declaration to a
|
||||
// docker mount structure.
|
||||
func toMount(source *Volume, target *VolumeMount) mount.Mount {
|
||||
to := mount.Mount{
|
||||
Target: target.Path,
|
||||
Type: toVolumeType(source),
|
||||
func toLinuxMount(source *Volume, target *VolumeMount) specs.Mount {
|
||||
to := specs.Mount{
|
||||
Destination: target.Path,
|
||||
Type: string(toVolumeType(source)),
|
||||
}
|
||||
if isBindMount(source) || isNamedPipe(source) {
|
||||
to.Source = source.HostPath.Path
|
||||
to.ReadOnly = source.HostPath.ReadOnly
|
||||
}
|
||||
if isTempfs(source) {
|
||||
to.TmpfsOptions = &mount.TmpfsOptions{
|
||||
SizeBytes: source.EmptyDir.SizeLimit,
|
||||
Mode: 0700,
|
||||
if source.HostPath.ReadOnly {
|
||||
// options defaults = rw, suid, dev, exec, auto, nouser, and async
|
||||
to.Options = append(to.Options, "ro")
|
||||
}
|
||||
// to.ReadOnly = source.HostPath.ReadOnly
|
||||
}
|
||||
|
||||
if isTempfs(source) {
|
||||
// NOTE: not sure if this is translatable
|
||||
// probably part of resource struct
|
||||
|
||||
// to.TmpfsOptions = &mount.TmpfsOptions{
|
||||
// SizeBytes: source.EmptyDir.SizeLimit,
|
||||
// Mode: 0700,
|
||||
// }
|
||||
}
|
||||
|
||||
return to
|
||||
}
|
||||
|
||||
|
||||
215
engine/engine.go
215
engine/engine.go
@@ -5,64 +5,57 @@
|
||||
package engine
|
||||
|
||||
import (
|
||||
"bytes"
|
||||
"context"
|
||||
"io"
|
||||
"io/ioutil"
|
||||
"os"
|
||||
"time"
|
||||
|
||||
"github.com/drone-runners/drone-runner-docker/internal/docker/errors"
|
||||
"github.com/drone-runners/drone-runner-docker/internal/docker/image"
|
||||
"github.com/drone-runners/drone-runner-docker/internal/docker/jsonmessage"
|
||||
"github.com/drone-runners/drone-runner-docker/internal/docker/stdcopy"
|
||||
"github.com/drone-runners/drone-runner-podman/internal/podman/errors"
|
||||
"github.com/drone-runners/drone-runner-podman/internal/podman/image"
|
||||
"github.com/drone-runners/drone-runner-podman/internal/podman/jsonmessage"
|
||||
"github.com/drone-runners/drone-runner-podman/internal/podman/stdcopy"
|
||||
"github.com/drone/runner-go/logger"
|
||||
"github.com/drone/runner-go/pipeline/runtime"
|
||||
"github.com/drone/runner-go/registry/auths"
|
||||
|
||||
"github.com/docker/docker/api/types"
|
||||
"github.com/docker/docker/api/types/container"
|
||||
"github.com/docker/docker/api/types/network"
|
||||
"github.com/docker/docker/api/types/volume"
|
||||
"github.com/docker/docker/client"
|
||||
"github.com/docker/docker/errdefs"
|
||||
"github.com/containers/common/libnetwork/types"
|
||||
"github.com/containers/podman/v4/pkg/bindings"
|
||||
"github.com/containers/podman/v4/pkg/bindings/containers"
|
||||
"github.com/containers/podman/v4/pkg/bindings/images"
|
||||
"github.com/containers/podman/v4/pkg/bindings/network"
|
||||
"github.com/containers/podman/v4/pkg/bindings/volumes"
|
||||
"github.com/containers/podman/v4/pkg/domain/entities"
|
||||
)
|
||||
|
||||
// TODO: figure out what to do about this global
|
||||
const UNIX_SOCK string = "unix:///run/podman/podman.sock"
|
||||
|
||||
// Opts configures the Docker engine.
|
||||
type Opts struct {
|
||||
HidePull bool
|
||||
}
|
||||
|
||||
// Docker implements a Docker pipeline engine.
|
||||
type Docker struct {
|
||||
client client.APIClient
|
||||
// Podman implements a Podman pipeline engine.
|
||||
type Podman struct {
|
||||
hidePull bool
|
||||
conn context.Context
|
||||
}
|
||||
|
||||
// New returns a new engine.
|
||||
func New(client client.APIClient, opts Opts) *Docker {
|
||||
return &Docker{
|
||||
client: client,
|
||||
func New(conn context.Context, opts Opts) *Podman {
|
||||
return &Podman{
|
||||
hidePull: opts.HidePull,
|
||||
}
|
||||
}
|
||||
|
||||
// NewEnv returns a new Engine from the environment.
|
||||
func NewEnv(opts Opts) (*Docker, error) {
|
||||
cli, err := client.NewClientWithOpts(client.FromEnv)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
return New(cli, opts), nil
|
||||
}
|
||||
|
||||
// Ping pings the Docker daemon.
|
||||
func (e *Docker) Ping(ctx context.Context) error {
|
||||
_, err := e.client.Ping(ctx)
|
||||
return err
|
||||
func NewEnv(ctx context.Context, opts Opts) (*Podman, error) {
|
||||
conn, err := bindings.NewConnection(ctx, UNIX_SOCK)
|
||||
return New(conn, opts), err
|
||||
}
|
||||
|
||||
// Setup the pipeline environment.
|
||||
func (e *Docker) Setup(ctx context.Context, specv runtime.Spec) error {
|
||||
func (e *Podman) Setup(ctx context.Context, specv runtime.Spec) error {
|
||||
spec := specv.(*Spec)
|
||||
|
||||
// creates the default temporary (local) volumes
|
||||
@@ -71,11 +64,16 @@ func (e *Docker) Setup(ctx context.Context, specv runtime.Spec) error {
|
||||
if vol.EmptyDir == nil {
|
||||
continue
|
||||
}
|
||||
_, err := e.client.VolumeCreate(ctx, volume.VolumeCreateBody{
|
||||
Name: vol.EmptyDir.ID,
|
||||
Driver: "local",
|
||||
Labels: vol.EmptyDir.Labels,
|
||||
})
|
||||
|
||||
_, err := volumes.Create(
|
||||
e.conn,
|
||||
entities.VolumeCreateOptions{
|
||||
Name: vol.EmptyDir.ID,
|
||||
Driver: "local",
|
||||
Label: vol.EmptyDir.Labels,
|
||||
},
|
||||
&volumes.CreateOptions{},
|
||||
)
|
||||
if err != nil {
|
||||
return errors.TrimExtraInfo(err)
|
||||
}
|
||||
@@ -87,7 +85,9 @@ func (e *Docker) Setup(ctx context.Context, specv runtime.Spec) error {
|
||||
if spec.Platform.OS == "windows" {
|
||||
driver = "nat"
|
||||
}
|
||||
_, err := e.client.NetworkCreate(ctx, spec.Network.ID, types.NetworkCreate{
|
||||
|
||||
_, err := network.Create(e.conn, &types.Network{
|
||||
ID: spec.Network.ID,
|
||||
Driver: driver,
|
||||
Options: spec.Network.Options,
|
||||
Labels: spec.Network.Labels,
|
||||
@@ -95,7 +95,7 @@ func (e *Docker) Setup(ctx context.Context, specv runtime.Spec) error {
|
||||
|
||||
// launches the inernal setup steps
|
||||
for _, step := range spec.Internal {
|
||||
if err := e.create(ctx, spec, step, ioutil.Discard); err != nil {
|
||||
if err := e.create(ctx, spec, step, io.Discard); err != nil {
|
||||
logger.FromContext(ctx).
|
||||
WithError(err).
|
||||
WithField("container", step.ID).
|
||||
@@ -126,18 +126,19 @@ func (e *Docker) Setup(ctx context.Context, specv runtime.Spec) error {
|
||||
}
|
||||
|
||||
// Destroy the pipeline environment.
|
||||
func (e *Docker) Destroy(ctx context.Context, specv runtime.Spec) error {
|
||||
func (e *Podman) Destroy(ctx context.Context, specv runtime.Spec) error {
|
||||
spec := specv.(*Spec)
|
||||
|
||||
removeOpts := types.ContainerRemoveOptions{
|
||||
Force: true,
|
||||
RemoveLinks: false,
|
||||
RemoveVolumes: true,
|
||||
removeOpts := containers.RemoveOptions{
|
||||
Force: toPtr(true),
|
||||
Volumes: toPtr(true),
|
||||
Depend: toPtr(true), // maybe?
|
||||
Ignore: toPtr(true),
|
||||
}
|
||||
|
||||
// stop all containers
|
||||
for _, step := range append(spec.Steps, spec.Internal...) {
|
||||
if err := e.client.ContainerKill(ctx, step.ID, "9"); err != nil && !client.IsErrNotFound(err) && !errdefs.IsConflict(err) {
|
||||
if err := containers.Kill(ctx, step.ID, &containers.KillOptions{Signal: toPtr("9")}); err != nil {
|
||||
logger.FromContext(ctx).
|
||||
WithError(err).
|
||||
WithField("container", step.ID).
|
||||
@@ -147,7 +148,7 @@ func (e *Docker) Destroy(ctx context.Context, specv runtime.Spec) error {
|
||||
|
||||
// cleanup all containers
|
||||
for _, step := range append(spec.Steps, spec.Internal...) {
|
||||
if err := e.client.ContainerRemove(ctx, step.ID, removeOpts); err != nil && !client.IsErrNotFound(err) {
|
||||
if _, err := containers.Remove(e.conn, step.ID, &removeOpts); err != nil {
|
||||
logger.FromContext(ctx).
|
||||
WithError(err).
|
||||
WithField("container", step.ID).
|
||||
@@ -165,7 +166,8 @@ func (e *Docker) Destroy(ctx context.Context, specv runtime.Spec) error {
|
||||
if vol.EmptyDir.Medium == "memory" {
|
||||
continue
|
||||
}
|
||||
if err := e.client.VolumeRemove(ctx, vol.EmptyDir.ID, true); err != nil {
|
||||
|
||||
if err := volumes.Remove(e.conn, vol.EmptyDir.ID, &volumes.RemoveOptions{Force: toPtr(true)}); err != nil {
|
||||
logger.FromContext(ctx).
|
||||
WithError(err).
|
||||
WithField("volume", vol.EmptyDir.ID).
|
||||
@@ -173,8 +175,7 @@ func (e *Docker) Destroy(ctx context.Context, specv runtime.Spec) error {
|
||||
}
|
||||
}
|
||||
|
||||
// cleanup the network
|
||||
if err := e.client.NetworkRemove(ctx, spec.Network.ID); err != nil {
|
||||
if _, err := network.Remove(e.conn, spec.Network.ID, &network.RemoveOptions{}); err != nil {
|
||||
logger.FromContext(ctx).
|
||||
WithError(err).
|
||||
WithField("network", spec.Network.ID).
|
||||
@@ -189,7 +190,7 @@ func (e *Docker) Destroy(ctx context.Context, specv runtime.Spec) error {
|
||||
}
|
||||
|
||||
// Run runs the pipeline step.
|
||||
func (e *Docker) Run(ctx context.Context, specv runtime.Spec, stepv runtime.Step, output io.Writer) (*runtime.State, error) {
|
||||
func (e *Podman) Run(ctx context.Context, specv runtime.Spec, stepv runtime.Step, output io.Writer) (*runtime.State, error) {
|
||||
spec := specv.(*Spec)
|
||||
step := stepv.(*Step)
|
||||
|
||||
@@ -209,7 +210,7 @@ func (e *Docker) Run(ctx context.Context, specv runtime.Spec, stepv runtime.Step
|
||||
// tail the container
|
||||
logger.FromContext(ctx).
|
||||
WithField("step id", step.ID).
|
||||
Debugln("using deferred docker tail")
|
||||
Debugln("using deferred podman tail")
|
||||
logs, tailErr := e.deferTail(ctx, step.ID, output)
|
||||
if tailErr != nil {
|
||||
return nil, errors.TrimExtraInfo(tailErr)
|
||||
@@ -229,64 +230,52 @@ func (e *Docker) Run(ctx context.Context, specv runtime.Spec, stepv runtime.Step
|
||||
// emulate docker commands
|
||||
//
|
||||
|
||||
func (e *Docker) create(ctx context.Context, spec *Spec, step *Step, output io.Writer) error {
|
||||
func (e *Podman) create(ctx context.Context, spec *Spec, step *Step, output io.Writer) error {
|
||||
// create pull options with encoded authorization credentials.
|
||||
pullopts := types.ImagePullOptions{}
|
||||
pullopts := images.PullOptions{}
|
||||
if step.Auth != nil {
|
||||
pullopts.RegistryAuth = auths.Header(
|
||||
step.Auth.Username,
|
||||
step.Auth.Password,
|
||||
)
|
||||
pullopts.Username = &step.Auth.Username
|
||||
pullopts.Password = &step.Auth.Password
|
||||
}
|
||||
|
||||
// Read(p []byte) (n int, err error)
|
||||
// automatically pull the latest version of the image if requested
|
||||
// by the process configuration, or if the image is :latest
|
||||
if step.Pull == PullAlways ||
|
||||
(step.Pull == PullDefault && image.IsLatest(step.Image)) {
|
||||
rc, pullerr := e.client.ImagePull(ctx, step.Image, pullopts)
|
||||
rc, pullerr := images.Pull(e.conn, step.Image, &pullopts)
|
||||
if pullerr == nil {
|
||||
b := bytes.NewBuffer(flattenToBytes(rc))
|
||||
if e.hidePull {
|
||||
io.Copy(ioutil.Discard, rc)
|
||||
} else {
|
||||
jsonmessage.Copy(rc, output)
|
||||
io.Copy(io.Discard, b)
|
||||
}
|
||||
rc.Close()
|
||||
|
||||
jsonmessage.Copy(b, output)
|
||||
}
|
||||
if pullerr != nil {
|
||||
return pullerr
|
||||
}
|
||||
}
|
||||
|
||||
_, err := e.client.ContainerCreate(ctx,
|
||||
toConfig(spec, step),
|
||||
toHostConfig(spec, step),
|
||||
toNetConfig(spec, step),
|
||||
step.ID,
|
||||
)
|
||||
_, err := containers.CreateWithSpec(e.conn, toSpec(spec, step), &containers.CreateOptions{})
|
||||
|
||||
// automatically pull and try to re-create the image if the
|
||||
// failure is caused because the image does not exist.
|
||||
if client.IsErrNotFound(err) && step.Pull != PullNever {
|
||||
rc, pullerr := e.client.ImagePull(ctx, step.Image, pullopts)
|
||||
if step.Pull != PullNever {
|
||||
rc, pullerr := images.Pull(e.conn, step.Image, &pullopts)
|
||||
if pullerr != nil {
|
||||
return pullerr
|
||||
}
|
||||
|
||||
b := bytes.NewBuffer(flattenToBytes(rc))
|
||||
if e.hidePull {
|
||||
io.Copy(ioutil.Discard, rc)
|
||||
} else {
|
||||
jsonmessage.Copy(rc, output)
|
||||
io.Copy(io.Discard, b)
|
||||
}
|
||||
rc.Close()
|
||||
jsonmessage.Copy(b, output)
|
||||
|
||||
// once the image is successfully pulled we attempt to
|
||||
// re-create the container.
|
||||
_, err = e.client.ContainerCreate(ctx,
|
||||
toConfig(spec, step),
|
||||
toHostConfig(spec, step),
|
||||
toNetConfig(spec, step),
|
||||
step.ID,
|
||||
)
|
||||
_, err = containers.CreateWithSpec(e.conn, toSpec(spec, step), &containers.CreateOptions{})
|
||||
}
|
||||
if err != nil {
|
||||
return err
|
||||
@@ -296,7 +285,7 @@ func (e *Docker) create(ctx context.Context, spec *Spec, step *Step, output io.W
|
||||
// primarily used to attach global user-defined networks.
|
||||
if step.Network == "" {
|
||||
for _, net := range step.Networks {
|
||||
err = e.client.NetworkConnect(ctx, net, step.ID, &network.EndpointSettings{
|
||||
err = network.Connect(e.conn, net, step.ID, &types.PerNetworkOptions{
|
||||
Aliases: []string{net},
|
||||
})
|
||||
if err != nil {
|
||||
@@ -309,13 +298,13 @@ func (e *Docker) create(ctx context.Context, spec *Spec, step *Step, output io.W
|
||||
}
|
||||
|
||||
// helper function emulates the `docker start` command.
|
||||
func (e *Docker) start(ctx context.Context, id string) error {
|
||||
return e.client.ContainerStart(ctx, id, types.ContainerStartOptions{})
|
||||
func (e *Podman) start(ctx context.Context, id string) error {
|
||||
return containers.Start(e.conn, id, &containers.StartOptions{})
|
||||
}
|
||||
|
||||
// helper function emulates the `docker wait` command, blocking
|
||||
// until the container stops and returning the exit code.
|
||||
func (e *Docker) waitRetry(ctx context.Context, id string) (*runtime.State, error) {
|
||||
func (e *Podman) waitRetry(ctx context.Context, id string) (*runtime.State, error) {
|
||||
for {
|
||||
// if the context is canceled, meaning the
|
||||
// pipeline timed out or was killed by the
|
||||
@@ -332,42 +321,42 @@ func (e *Docker) waitRetry(ctx context.Context, id string) (*runtime.State, erro
|
||||
}
|
||||
logger.FromContext(ctx).
|
||||
WithField("container", id).
|
||||
Trace("docker wait exited unexpectedly")
|
||||
Trace("podman wait exited unexpectedly")
|
||||
}
|
||||
}
|
||||
|
||||
// helper function emulates the `docker wait` command, blocking
|
||||
// until the container stops and returning the exit code.
|
||||
func (e *Docker) wait(ctx context.Context, id string) (*runtime.State, error) {
|
||||
wait, errc := e.client.ContainerWait(ctx, id, container.WaitConditionNotRunning)
|
||||
select {
|
||||
case <-wait:
|
||||
case <-errc:
|
||||
}
|
||||
func (e *Podman) wait(ctx context.Context, id string) (*runtime.State, error) {
|
||||
containers.Wait(ctx, id, &containers.WaitOptions{
|
||||
Conditions: []string{"created", "exited", "dead", "removing", "removed"},
|
||||
})
|
||||
|
||||
info, err := e.client.ContainerInspect(ctx, id)
|
||||
info, err := containers.Inspect(ctx, id, &containers.InspectOptions{})
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
return &runtime.State{
|
||||
Exited: !info.State.Running,
|
||||
ExitCode: info.State.ExitCode,
|
||||
ExitCode: int(info.State.ExitCode),
|
||||
OOMKilled: info.State.OOMKilled,
|
||||
}, nil
|
||||
}
|
||||
|
||||
// helper function emulates the `docker logs -f` command, streaming all container logs until the container stops.
|
||||
func (e *Docker) deferTail(ctx context.Context, id string, output io.Writer) (logs io.ReadCloser, err error) {
|
||||
opts := types.ContainerLogsOptions{
|
||||
Follow: true,
|
||||
ShowStdout: true,
|
||||
ShowStderr: true,
|
||||
Details: false,
|
||||
Timestamps: false,
|
||||
func (e *Podman) deferTail(ctx context.Context, id string, output io.Writer) (logs io.ReadCloser, err error) {
|
||||
opts := containers.LogOptions{
|
||||
Follow: toPtr(true),
|
||||
Stdout: toPtr(true),
|
||||
Stderr: toPtr(true),
|
||||
Timestamps: toPtr(false),
|
||||
}
|
||||
|
||||
logs, err = e.client.ContainerLogs(ctx, id, opts)
|
||||
out := make(chan string, 100)
|
||||
error := make(chan string, 100)
|
||||
|
||||
err = containers.Logs(ctx, id, &opts, out, error)
|
||||
if err != nil {
|
||||
logger.FromContext(ctx).
|
||||
WithError(err).
|
||||
@@ -382,23 +371,25 @@ func (e *Docker) deferTail(ctx context.Context, id string, output io.Writer) (lo
|
||||
}
|
||||
|
||||
// helper function emulates the `docker logs -f` command, streaming all container logs until the container stops.
|
||||
func (e *Docker) tail(ctx context.Context, id string, output io.Writer) error {
|
||||
opts := types.ContainerLogsOptions{
|
||||
Follow: true,
|
||||
ShowStdout: true,
|
||||
ShowStderr: true,
|
||||
Details: false,
|
||||
Timestamps: false,
|
||||
func (e *Podman) tail(ctx context.Context, id string, output io.Writer) error {
|
||||
opts := containers.LogOptions{
|
||||
Follow: toPtr(true),
|
||||
Stdout: toPtr(true),
|
||||
Stderr: toPtr(true),
|
||||
Timestamps: toPtr(false),
|
||||
}
|
||||
|
||||
logs, err := e.client.ContainerLogs(ctx, id, opts)
|
||||
out := make(chan string, 100)
|
||||
error := make(chan string, 100)
|
||||
|
||||
err := containers.Logs(ctx, id, &opts, out, error)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
go func() {
|
||||
stdcopy.StdCopy(output, output, logs)
|
||||
logs.Close()
|
||||
}()
|
||||
// go func() {
|
||||
// stdcopy.StdCopy(output, output, logs)
|
||||
// logs.Close()
|
||||
// }()
|
||||
return nil
|
||||
}
|
||||
|
||||
@@ -10,7 +10,7 @@ import (
|
||||
"path/filepath"
|
||||
"strings"
|
||||
|
||||
"github.com/drone-runners/drone-runner-docker/engine/resource"
|
||||
"github.com/drone-runners/drone-runner-podman/engine/resource"
|
||||
"github.com/drone/drone-go/drone"
|
||||
"github.com/drone/runner-go/manifest"
|
||||
)
|
||||
@@ -130,7 +130,7 @@ func checkStep(step *resource.Step, trusted bool) error {
|
||||
}
|
||||
for _, mount := range step.Volumes {
|
||||
switch mount.Name {
|
||||
case "workspace", "_workspace", "_docker_socket":
|
||||
case "workspace", "_workspace", "_podman_socket":
|
||||
return fmt.Errorf("linter: invalid volume name: %s", mount.Name)
|
||||
}
|
||||
if strings.HasPrefix(filepath.Clean(mount.MountPath), "/run/drone") {
|
||||
@@ -157,7 +157,7 @@ func checkVolumes(pipeline *resource.Pipeline, trusted bool) error {
|
||||
switch volume.Name {
|
||||
case "":
|
||||
return fmt.Errorf("linter: missing volume name")
|
||||
case "workspace", "_workspace", "_docker_socket":
|
||||
case "workspace", "_workspace", "_podman_socket":
|
||||
return fmt.Errorf("linter: invalid volume name: %s", volume.Name)
|
||||
}
|
||||
}
|
||||
|
||||
@@ -8,7 +8,7 @@ import (
|
||||
"path"
|
||||
"testing"
|
||||
|
||||
"github.com/drone-runners/drone-runner-docker/engine/resource"
|
||||
"github.com/drone-runners/drone-runner-podman/engine/resource"
|
||||
"github.com/drone/drone-go/drone"
|
||||
"github.com/drone/runner-go/manifest"
|
||||
)
|
||||
@@ -47,7 +47,7 @@ func TestLint(t *testing.T) {
|
||||
path: "testdata/pipeline_volume_invalid_name.yml",
|
||||
trusted: false,
|
||||
invalid: true,
|
||||
message: "linter: invalid volume name: _docker_socket",
|
||||
message: "linter: invalid volume name: _podman_socket",
|
||||
},
|
||||
// user should not be trying to mount internal or restricted
|
||||
// volume paths.
|
||||
|
||||
4
engine/linter/testdata/duplicate_name.yml
vendored
4
engine/linter/testdata/duplicate_name.yml
vendored
@@ -1,6 +1,6 @@
|
||||
---
|
||||
kind: pipeline
|
||||
type: docker
|
||||
type: podman
|
||||
name: default
|
||||
|
||||
steps:
|
||||
@@ -21,4 +21,4 @@ steps:
|
||||
- go build
|
||||
- go test
|
||||
|
||||
...
|
||||
...
|
||||
|
||||
4
engine/linter/testdata/duplicate_step.yml
vendored
4
engine/linter/testdata/duplicate_step.yml
vendored
@@ -1,6 +1,6 @@
|
||||
---
|
||||
kind: pipeline
|
||||
type: docker
|
||||
type: podman
|
||||
name: default
|
||||
|
||||
steps:
|
||||
@@ -14,4 +14,4 @@ steps:
|
||||
image: golang
|
||||
commands:
|
||||
- go build
|
||||
- go test
|
||||
- go test
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
---
|
||||
kind: pipeline
|
||||
type: docker
|
||||
type: podman
|
||||
name: default
|
||||
|
||||
steps:
|
||||
|
||||
2
engine/linter/testdata/invalid_arch.yml
vendored
2
engine/linter/testdata/invalid_arch.yml
vendored
@@ -1,6 +1,6 @@
|
||||
---
|
||||
kind: pipeline
|
||||
type: docker
|
||||
type: podman
|
||||
name: linux
|
||||
|
||||
platform:
|
||||
|
||||
2
engine/linter/testdata/invalid_os.yml
vendored
2
engine/linter/testdata/invalid_os.yml
vendored
@@ -1,6 +1,6 @@
|
||||
---
|
||||
kind: pipeline
|
||||
type: docker
|
||||
type: podman
|
||||
name: linux
|
||||
|
||||
platform:
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
---
|
||||
kind: pipeline
|
||||
type: docker
|
||||
type: podman
|
||||
name: linux
|
||||
|
||||
steps:
|
||||
|
||||
4
engine/linter/testdata/missing_dep.yml
vendored
4
engine/linter/testdata/missing_dep.yml
vendored
@@ -1,6 +1,6 @@
|
||||
---
|
||||
kind: pipeline
|
||||
type: docker
|
||||
type: podman
|
||||
name: default
|
||||
|
||||
steps:
|
||||
@@ -15,4 +15,4 @@ steps:
|
||||
- go build
|
||||
- go test
|
||||
depends_on:
|
||||
- foo
|
||||
- foo
|
||||
|
||||
2
engine/linter/testdata/missing_image.yml
vendored
2
engine/linter/testdata/missing_image.yml
vendored
@@ -1,6 +1,6 @@
|
||||
---
|
||||
kind: pipeline
|
||||
type: docker
|
||||
type: podman
|
||||
name: linux
|
||||
|
||||
steps:
|
||||
|
||||
2
engine/linter/testdata/missing_name.yml
vendored
2
engine/linter/testdata/missing_name.yml
vendored
@@ -1,6 +1,6 @@
|
||||
---
|
||||
kind: pipeline
|
||||
type: docker
|
||||
type: podman
|
||||
name: linux
|
||||
|
||||
steps:
|
||||
|
||||
2
engine/linter/testdata/pipeline_device.yml
vendored
2
engine/linter/testdata/pipeline_device.yml
vendored
@@ -1,6 +1,6 @@
|
||||
---
|
||||
kind: pipeline
|
||||
type: docker
|
||||
type: podman
|
||||
name: linux
|
||||
|
||||
steps:
|
||||
|
||||
2
engine/linter/testdata/pipeline_dns.yml
vendored
2
engine/linter/testdata/pipeline_dns.yml
vendored
@@ -1,6 +1,6 @@
|
||||
---
|
||||
kind: pipeline
|
||||
type: docker
|
||||
type: podman
|
||||
name: linux
|
||||
|
||||
steps:
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
---
|
||||
kind: pipeline
|
||||
type: docker
|
||||
type: podman
|
||||
name: linux
|
||||
|
||||
steps:
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
---
|
||||
kind: pipeline
|
||||
type: docker
|
||||
type: podman
|
||||
name: linux
|
||||
|
||||
steps:
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
---
|
||||
kind: pipeline
|
||||
type: docker
|
||||
type: podman
|
||||
name: linux
|
||||
|
||||
steps:
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
---
|
||||
kind: pipeline
|
||||
type: docker
|
||||
type: podman
|
||||
name: linux
|
||||
|
||||
steps:
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
---
|
||||
kind: pipeline
|
||||
type: docker
|
||||
type: podman
|
||||
name: linux
|
||||
|
||||
steps:
|
||||
|
||||
@@ -1,14 +1,14 @@
|
||||
---
|
||||
kind: pipeline
|
||||
type: docker
|
||||
type: podman
|
||||
name: linux
|
||||
|
||||
steps:
|
||||
- name: test
|
||||
image: docker
|
||||
image: podman
|
||||
volumes:
|
||||
- name: _docker_socket
|
||||
path: /var/run/docker.sock
|
||||
- name: _podman_socket
|
||||
path: /run/podman/podman.sock
|
||||
commands:
|
||||
- docker system prune
|
||||
- podman system prune
|
||||
|
||||
|
||||
2
engine/linter/testdata/service_device.yml
vendored
2
engine/linter/testdata/service_device.yml
vendored
@@ -1,6 +1,6 @@
|
||||
---
|
||||
kind: pipeline
|
||||
type: docker
|
||||
type: podman
|
||||
name: linux
|
||||
|
||||
steps:
|
||||
|
||||
2
engine/linter/testdata/service_port_host.yml
vendored
2
engine/linter/testdata/service_port_host.yml
vendored
@@ -1,6 +1,6 @@
|
||||
---
|
||||
kind: pipeline
|
||||
type: docker
|
||||
type: podman
|
||||
name: linux
|
||||
|
||||
steps:
|
||||
|
||||
4
engine/linter/testdata/simple.yml
vendored
4
engine/linter/testdata/simple.yml
vendored
@@ -1,6 +1,6 @@
|
||||
---
|
||||
kind: pipeline
|
||||
type: docker
|
||||
type: podman
|
||||
name: amd64
|
||||
|
||||
steps:
|
||||
@@ -36,4 +36,4 @@ steps:
|
||||
|
||||
depends_on:
|
||||
- amd64
|
||||
...
|
||||
...
|
||||
|
||||
2
engine/linter/testdata/volume_empty_dir.yml
vendored
2
engine/linter/testdata/volume_empty_dir.yml
vendored
@@ -1,6 +1,6 @@
|
||||
---
|
||||
kind: pipeline
|
||||
type: docker
|
||||
type: podman
|
||||
name: linux
|
||||
|
||||
steps:
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
---
|
||||
kind: pipeline
|
||||
type: docker
|
||||
type: podman
|
||||
name: linux
|
||||
|
||||
steps:
|
||||
|
||||
2
engine/linter/testdata/volume_host_path.yml
vendored
2
engine/linter/testdata/volume_host_path.yml
vendored
@@ -1,6 +1,6 @@
|
||||
---
|
||||
kind: pipeline
|
||||
type: docker
|
||||
type: podman
|
||||
name: linux
|
||||
|
||||
steps:
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
---
|
||||
kind: pipeline
|
||||
type: docker
|
||||
type: podman
|
||||
name: linux
|
||||
|
||||
steps:
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
---
|
||||
kind: pipeline
|
||||
type: docker
|
||||
type: podman
|
||||
name: linux
|
||||
|
||||
steps:
|
||||
|
||||
4
engine/linter/testdata/volume_restricted.yml
vendored
4
engine/linter/testdata/volume_restricted.yml
vendored
@@ -1,6 +1,6 @@
|
||||
---
|
||||
kind: pipeline
|
||||
type: docker
|
||||
type: podman
|
||||
name: linux
|
||||
|
||||
steps:
|
||||
@@ -15,4 +15,4 @@ steps:
|
||||
|
||||
volumes:
|
||||
- name: vol
|
||||
temp: {}
|
||||
temp: {}
|
||||
|
||||
@@ -32,7 +32,7 @@ func TestParse(t *testing.T) {
|
||||
},
|
||||
&Pipeline{
|
||||
Kind: "pipeline",
|
||||
Type: "docker",
|
||||
Type: "podman",
|
||||
Name: "default",
|
||||
Version: "1",
|
||||
Environment: map[string]string{
|
||||
@@ -48,8 +48,8 @@ func TestParse(t *testing.T) {
|
||||
Clone: manifest.Clone{
|
||||
Depth: 50,
|
||||
},
|
||||
Deps: []string{"dependency"},
|
||||
PullSecrets: []string{"dockerconfigjson"},
|
||||
Deps: []string{"dependency"},
|
||||
PullSecrets: []string{"podmanconfigjson"},
|
||||
Trigger: manifest.Conditions{
|
||||
Branch: manifest.Condition{
|
||||
Include: []string{"master"},
|
||||
@@ -130,7 +130,7 @@ func TestParseNoMatch(t *testing.T) {
|
||||
func TestMatch(t *testing.T) {
|
||||
r := &manifest.RawResource{
|
||||
Kind: "pipeline",
|
||||
Type: "docker",
|
||||
Type: "podman",
|
||||
}
|
||||
if match(r) == false {
|
||||
t.Errorf("Expect match, got false")
|
||||
@@ -138,7 +138,7 @@ func TestMatch(t *testing.T) {
|
||||
|
||||
r = &manifest.RawResource{
|
||||
Kind: "approval",
|
||||
Type: "docker",
|
||||
Type: "podman",
|
||||
}
|
||||
if match(r) == true {
|
||||
t.Errorf("Expect kind mismatch, got true")
|
||||
|
||||
@@ -16,7 +16,7 @@ var (
|
||||
// Defines the Resource Kind and Type.
|
||||
const (
|
||||
Kind = "pipeline"
|
||||
Type = "docker"
|
||||
Type = "podman"
|
||||
)
|
||||
|
||||
// Pipeline is a pipeline resource that executes pipelines
|
||||
|
||||
@@ -39,7 +39,7 @@ func TestGetters(t *testing.T) {
|
||||
pipeline := &Pipeline{
|
||||
Version: "1.0.0",
|
||||
Kind: "pipeline",
|
||||
Type: "docker",
|
||||
Type: "podman",
|
||||
Name: "default",
|
||||
Deps: []string{"before"},
|
||||
Platform: platform,
|
||||
|
||||
4
engine/resource/testdata/linterr.yml
vendored
4
engine/resource/testdata/linterr.yml
vendored
@@ -1,6 +1,6 @@
|
||||
---
|
||||
kind: pipeline
|
||||
type: docker
|
||||
type: podman
|
||||
|
||||
server:
|
||||
image: docker-18-04
|
||||
@@ -12,4 +12,4 @@ steps:
|
||||
- go build
|
||||
- go test
|
||||
|
||||
...
|
||||
...
|
||||
|
||||
4
engine/resource/testdata/malformed.yml
vendored
4
engine/resource/testdata/malformed.yml
vendored
@@ -1,8 +1,8 @@
|
||||
---
|
||||
kind: pipeline
|
||||
type: docker
|
||||
type: podman
|
||||
|
||||
steps:
|
||||
foo: bar
|
||||
|
||||
...
|
||||
...
|
||||
|
||||
4
engine/resource/testdata/manifest.yml
vendored
4
engine/resource/testdata/manifest.yml
vendored
@@ -10,7 +10,7 @@ data: f0e4c2f76c58916ec25
|
||||
|
||||
---
|
||||
kind: pipeline
|
||||
type: docker
|
||||
type: podman
|
||||
name: default
|
||||
version: 1
|
||||
|
||||
@@ -54,7 +54,7 @@ services:
|
||||
command: [ "--debug" ]
|
||||
|
||||
image_pull_secrets:
|
||||
- dockerconfigjson
|
||||
- podmanconfigjson
|
||||
|
||||
trigger:
|
||||
branch: [ master ]
|
||||
|
||||
4
engine/resource/testdata/nilstep.yml
vendored
4
engine/resource/testdata/nilstep.yml
vendored
@@ -1,9 +1,9 @@
|
||||
---
|
||||
kind: pipeline
|
||||
type: docker
|
||||
type: podman
|
||||
name: test
|
||||
|
||||
steps:
|
||||
- ~
|
||||
|
||||
...
|
||||
...
|
||||
|
||||
4
engine/resource/testdata/nomatch.yml
vendored
4
engine/resource/testdata/nomatch.yml
vendored
@@ -1,5 +1,5 @@
|
||||
---
|
||||
kind: pipeline
|
||||
type: docker
|
||||
type: podman
|
||||
|
||||
...
|
||||
...
|
||||
|
||||
2
engine/testdata/network_default.yml
vendored
2
engine/testdata/network_default.yml
vendored
@@ -1,5 +1,5 @@
|
||||
kind: pipeline
|
||||
type: docker
|
||||
type: podman
|
||||
name: default
|
||||
|
||||
clone:
|
||||
|
||||
2
engine/testdata/status_failure.yml
vendored
2
engine/testdata/status_failure.yml
vendored
@@ -1,5 +1,5 @@
|
||||
kind: pipeline
|
||||
type: docker
|
||||
type: podman
|
||||
name: default
|
||||
|
||||
clone:
|
||||
|
||||
2
engine/testdata/status_success.yml
vendored
2
engine/testdata/status_success.yml
vendored
@@ -1,5 +1,5 @@
|
||||
kind: pipeline
|
||||
type: docker
|
||||
type: podman
|
||||
name: default
|
||||
|
||||
clone:
|
||||
|
||||
4
engine/testdata/volume_host.yml
vendored
4
engine/testdata/volume_host.yml
vendored
@@ -1,5 +1,5 @@
|
||||
kind: pipeline
|
||||
type: docker
|
||||
type: podman
|
||||
name: default
|
||||
|
||||
clone:
|
||||
@@ -29,4 +29,4 @@ steps:
|
||||
volumes:
|
||||
- name: test
|
||||
host:
|
||||
path: /tmp/drone/test
|
||||
path: /tmp/drone/test
|
||||
|
||||
2
engine/testdata/volume_mem.yml
vendored
2
engine/testdata/volume_mem.yml
vendored
@@ -1,5 +1,5 @@
|
||||
kind: pipeline
|
||||
type: docker
|
||||
type: podman
|
||||
name: default
|
||||
|
||||
clone:
|
||||
|
||||
2
engine/testdata/volume_temp.yml
vendored
2
engine/testdata/volume_temp.yml
vendored
@@ -1,5 +1,5 @@
|
||||
kind: pipeline
|
||||
type: docker
|
||||
type: podman
|
||||
name: default
|
||||
|
||||
clone:
|
||||
|
||||
2
engine/testdata/workspace_custom.yml
vendored
2
engine/testdata/workspace_custom.yml
vendored
@@ -1,5 +1,5 @@
|
||||
kind: pipeline
|
||||
type: docker
|
||||
type: podman
|
||||
name: default
|
||||
|
||||
clone:
|
||||
|
||||
2
engine/testdata/workspace_default.yml
vendored
2
engine/testdata/workspace_default.yml
vendored
@@ -1,5 +1,5 @@
|
||||
kind: pipeline
|
||||
type: docker
|
||||
type: podman
|
||||
name: default
|
||||
|
||||
clone:
|
||||
|
||||
2
engine/testdata/workspace_legacy.yml
vendored
2
engine/testdata/workspace_legacy.yml
vendored
@@ -1,5 +1,5 @@
|
||||
kind: pipeline
|
||||
type: docker
|
||||
type: podman
|
||||
name: default
|
||||
|
||||
clone:
|
||||
|
||||
@@ -3,3 +3,80 @@
|
||||
// that can be found in the LICENSE file.
|
||||
|
||||
package engine
|
||||
|
||||
import (
|
||||
"bytes"
|
||||
"context"
|
||||
"io"
|
||||
"reflect"
|
||||
)
|
||||
|
||||
// if another module requires this function
|
||||
// then remove this function and place in util module
|
||||
func toPtr[T any](a T) *T {
|
||||
ptr := new(T)
|
||||
*ptr = a
|
||||
return ptr
|
||||
}
|
||||
|
||||
func flattenToBytes(data []string) []byte {
|
||||
var total int
|
||||
for i := range data {
|
||||
total += len(data[i])
|
||||
}
|
||||
|
||||
b := make([]byte, total)
|
||||
for i := range data {
|
||||
b = append(b, data[i]...)
|
||||
}
|
||||
|
||||
return b
|
||||
}
|
||||
|
||||
type ReaderClose struct {
|
||||
ctx context.Context
|
||||
channels []chan string
|
||||
}
|
||||
|
||||
func NewChansReadClose(ctx context.Context, channels ...chan string) ReaderClose {
|
||||
return ReaderClose{
|
||||
ctx: ctx,
|
||||
channels: channels,
|
||||
}
|
||||
}
|
||||
|
||||
func (c *ReaderClose) Read(p []byte) (int, error) {
|
||||
cases := make([]reflect.SelectCase, len(c.channels))
|
||||
for i := range c.channels {
|
||||
cases[i] = reflect.SelectCase{Dir: reflect.SelectRecv, Chan: reflect.ValueOf(c.channels[i])}
|
||||
}
|
||||
|
||||
remaining := len(cases)
|
||||
for remaining > 0 {
|
||||
select {
|
||||
case <-c.ctx.Done():
|
||||
c.Close()
|
||||
return len(p), nil
|
||||
default:
|
||||
}
|
||||
|
||||
chosen, value, ok := reflect.Select(cases)
|
||||
if !ok {
|
||||
cases[chosen].Chan = reflect.ValueOf(nil)
|
||||
remaining -= 1
|
||||
continue
|
||||
}
|
||||
|
||||
io.WriteString(bytes.NewBuffer(p), value.String())
|
||||
}
|
||||
|
||||
return len(p), io.EOF
|
||||
}
|
||||
|
||||
func (c *ReaderClose) Close() error {
|
||||
for i := range c.channels {
|
||||
close(c.channels[i])
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
@@ -3,3 +3,9 @@
|
||||
// that can be found in the LICENSE file.
|
||||
|
||||
package engine
|
||||
|
||||
import "testing"
|
||||
|
||||
func TestChansToReader(t *testing.T) {
|
||||
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user