From ac700edb658d08015edb231c818ee7f834fd903c Mon Sep 17 00:00:00 2001
From: Mark Yen <mark.yen@suse.com>
Date: Tue, 26 May 2020 15:12:49 -0700
Subject: [PATCH 1/5] feat: Add BPM hooks

This adds the minimal BPM hooks to let things run.  This is necessary as
quarks-operator does not support non-BPM jobs.
---
 jobs/nfsbrokerpush/spec                  |  1 +
 jobs/nfsbrokerpush/templates/bpm.yml.erb |  3 +++
 jobs/nfsv3driver/spec                    |  1 +
 jobs/nfsv3driver/templates/bpm.yml.erb   | 10 ++++++++++
 4 files changed, 15 insertions(+)
 create mode 100644 jobs/nfsbrokerpush/templates/bpm.yml.erb
 create mode 100644 jobs/nfsv3driver/templates/bpm.yml.erb

diff --git a/jobs/nfsbrokerpush/spec b/jobs/nfsbrokerpush/spec
index 9bf31382..7387b5df 100644
--- a/jobs/nfsbrokerpush/spec
+++ b/jobs/nfsbrokerpush/spec
@@ -10,6 +10,7 @@ templates:
   services.json.erb: config/services.json
   start.sh.erb: start.sh
   uaa_ca.crt.erb: uaa_ca.crt
+  bpm.yml.erb: config/bpm.yml
 
 packages:
   - nfsbroker
diff --git a/jobs/nfsbrokerpush/templates/bpm.yml.erb b/jobs/nfsbrokerpush/templates/bpm.yml.erb
new file mode 100644
index 00000000..e4863b18
--- /dev/null
+++ b/jobs/nfsbrokerpush/templates/bpm.yml.erb
@@ -0,0 +1,3 @@
+processes:
+  - name: nfsbrokerpush
+    executable: /var/vcap/jobs/nfsbrokerpush/bin/run
diff --git a/jobs/nfsv3driver/spec b/jobs/nfsv3driver/spec
index 7d62cc0c..ecd800ea 100644
--- a/jobs/nfsv3driver/spec
+++ b/jobs/nfsv3driver/spec
@@ -11,6 +11,7 @@ templates:
   ctl.erb: bin/nfsv3driver_ctl
   start.sh.erb: bin/start.sh
   drain.erb: bin/drain
+  bpm.yml.erb: config/bpm.yml
 
 packages:
 - nfs-debs
diff --git a/jobs/nfsv3driver/templates/bpm.yml.erb b/jobs/nfsv3driver/templates/bpm.yml.erb
new file mode 100644
index 00000000..10e1605e
--- /dev/null
+++ b/jobs/nfsv3driver/templates/bpm.yml.erb
@@ -0,0 +1,10 @@
+processes:
+- name: nfsv3driver
+  executable: /var/vcap/jobs/nfsv3driver/bin/start.sh
+  hooks:
+    pre_start: /var/vcap/jobs/nfsv3driver/bin/pre-start
+  additional_volumes:
+  - path: /var/vcap/data/voldrivers
+    writable: true
+  unsafe:
+    privileged: true

From 7a37cca7faf23e1a64fbef38e489b4f5fde91949 Mon Sep 17 00:00:00 2001
From: Mark Yen <mark.yen@suse.com>
Date: Wed, 27 May 2020 15:36:53 -0700
Subject: [PATCH 2/5] fix: Make openldap build on SUSE/fissile.

We need `-L` for libdb to be found; we also require a `soelim`
executable (which normally comes in the `groff` package) for the build
to succeed.  As we don't actually need the output (documentation), just
write a stub that does nothing instead.
---
 packages/openldap/packaging | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/packages/openldap/packaging b/packages/openldap/packaging
index b78937fa..fc192ec3 100644
--- a/packages/openldap/packaging
+++ b/packages/openldap/packaging
@@ -1,3 +1,4 @@
+#!/usr/bin/env bash
 set -e # exit immediately if a simple command exits with a non-zero status
 set -u # report the usage of uninitialized variables
 
@@ -13,7 +14,15 @@ cd $BOSH_COMPILE_TARGET
 tar -xzvf openldap/openldap-2.4.44.tgz
 cd openldap-2.4.44
 
+# We don't have groff (which provides soelim) in the stemcell; since that's only
+# used to generate documentation (that we don't care about) anyway, just make a
+# stub that doesn't do anything useful.
+mkdir -p "${HOME}/bin"
+ln -s /usr/bin/true "${HOME}/bin/soelim"
+export PATH="${PATH}:${HOME}/bin"
+
 export CPPFLAGS="-I ${BDB_PATH}/include"
+export LDFLAGS="-L${BDB_PATH}/lib"
 export LD_LIBRARY_PATH="${BDB_PATH}/lib"
 ./configure --prefix=${BOSH_INSTALL_TARGET}
 

From ddb33339e8ebefb2732575883358581582d68039 Mon Sep 17 00:00:00 2001
From: Mark Yen <mark.yen@suse.com>
Date: Wed, 27 May 2020 15:38:43 -0700
Subject: [PATCH 3/5] feat: Add cf-cli-6-linux package

In the quarks world, we do not have co-located jobs (since each job runs
in an independent container).  Instead, we can vendor the CLI package
so that it is visible in the nfsbrokerpush job.
---
 .final_builds/packages/cf-cli-6-linux/index.yml | 6 ++++++
 jobs/nfsbrokerpush/spec                         | 1 +
 packages/cf-cli-6-linux/spec.lock               | 2 ++
 3 files changed, 9 insertions(+)
 create mode 100644 .final_builds/packages/cf-cli-6-linux/index.yml
 create mode 100644 packages/cf-cli-6-linux/spec.lock

diff --git a/.final_builds/packages/cf-cli-6-linux/index.yml b/.final_builds/packages/cf-cli-6-linux/index.yml
new file mode 100644
index 00000000..90de9c6d
--- /dev/null
+++ b/.final_builds/packages/cf-cli-6-linux/index.yml
@@ -0,0 +1,6 @@
+builds:
+  ca0f17c83f5a19e7a76de8e39d08bbe87aedb94f:
+    version: ca0f17c83f5a19e7a76de8e39d08bbe87aedb94f
+    blobstore_id: 0fd37f5c-9f28-4d5f-5d81-5af0cb7ffa7b
+    sha1: f352a9f895c8233bc4e4bf0f6e88065ea79a3283
+format-version: "2"
diff --git a/jobs/nfsbrokerpush/spec b/jobs/nfsbrokerpush/spec
index 7387b5df..bc18727f 100644
--- a/jobs/nfsbrokerpush/spec
+++ b/jobs/nfsbrokerpush/spec
@@ -14,6 +14,7 @@ templates:
 
 packages:
   - nfsbroker
+  - cf-cli-6-linux
 
 consumes:
   - name: credhub
diff --git a/packages/cf-cli-6-linux/spec.lock b/packages/cf-cli-6-linux/spec.lock
new file mode 100644
index 00000000..ce8f3558
--- /dev/null
+++ b/packages/cf-cli-6-linux/spec.lock
@@ -0,0 +1,2 @@
+name: cf-cli-6-linux
+fingerprint: ca0f17c83f5a19e7a76de8e39d08bbe87aedb94f

From 0c7eb7697f97d703b5dce02d2477bee2cf3f6c6d Mon Sep 17 00:00:00 2001
From: Mark Yen <mark.yen@suse.com>
Date: Wed, 27 May 2020 15:41:23 -0700
Subject: [PATCH 4/5] fix: nfsv3driver: run rpcbind / rpc.statd

Mounting NFS volumes requires rpc.statd to be running (for lock
management).  As we run each job in a separate container, we cannot just
add jobs for them (as then rpc.statd would not be able to communicate
with rpcbind correctly).  Instead, just spawn them in the nfsv3driver
startup script; they will background themselves.

Also, remove the logging redirects, as logging to stdout/stderr is more
useful in a containerized scenario.
---
 jobs/nfsv3driver/templates/start.sh.erb | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/jobs/nfsv3driver/templates/start.sh.erb b/jobs/nfsv3driver/templates/start.sh.erb
index 5bfcd44e..2d7001f5 100644
--- a/jobs/nfsv3driver/templates/start.sh.erb
+++ b/jobs/nfsv3driver/templates/start.sh.erb
@@ -30,6 +30,10 @@ ENABLE_INSECURE_SKIP_VERIFY=""
 ENABLE_INSECURE_SKIP_VERIFY="--insecureSkipVerify"
 <% end %>
 
+# Spawn things needed for NFS
+/sbin/rpcbind -w
+/usr/sbin/rpc.statd --no-syslog
+
 exec /var/vcap/packages/nfsv3driver/bin/nfsv3driver \
   --listenAddr="<%= p("nfsv3driver.listen_addr") %>" \
   --transport="tcp-json" \
@@ -49,5 +53,3 @@ exec /var/vcap/packages/nfsv3driver/bin/nfsv3driver \
   --logLevel="<%= p("nfsv3driver.log_level") %>" \
   --timeFormat="<%= p("nfsv3driver.log_time_format") %>" \
   --mapfsPath="<%= link("mapfs").p("path") %>" \
-  >> $LOG_DIR/nfsv3driver.stdout.log \
-  2>> $LOG_DIR/nfsv3driver.stderr.log

From 530405eecdc04e92e516135497ecbb7744ea3fa8 Mon Sep 17 00:00:00 2001
From: Mark Yen <mark.yen@suse.com>
Date: Wed, 27 May 2020 16:19:35 -0700
Subject: [PATCH 5/5] fix: nfsv3driver: rename pre-start script

If the pre-start script is named bin/pre-start, it will (also) be run as
a BOSH pre-start script (in addition to being run as a BPM pre-start
script); quarks-operator will in this case mount
/var/vcap/data/voldrivers as read-only, which breaks the pre-start
script.  Only use it as a BPM pre-start script instead to ensure that
the volume is mounted read-write.
---
 jobs/nfsv3driver/spec                  | 2 +-
 jobs/nfsv3driver/templates/bpm.yml.erb | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/jobs/nfsv3driver/spec b/jobs/nfsv3driver/spec
index ecd800ea..e05e1dd9 100644
--- a/jobs/nfsv3driver/spec
+++ b/jobs/nfsv3driver/spec
@@ -7,7 +7,7 @@ templates:
   client.key.erb: config/certs/client.key
   server.crt.erb: config/certs/server.crt
   server.key.erb: config/certs/server.key
-  install.erb: bin/pre-start
+  install.erb: bin/install
   ctl.erb: bin/nfsv3driver_ctl
   start.sh.erb: bin/start.sh
   drain.erb: bin/drain
diff --git a/jobs/nfsv3driver/templates/bpm.yml.erb b/jobs/nfsv3driver/templates/bpm.yml.erb
index 10e1605e..d8583f84 100644
--- a/jobs/nfsv3driver/templates/bpm.yml.erb
+++ b/jobs/nfsv3driver/templates/bpm.yml.erb
@@ -2,7 +2,7 @@ processes:
 - name: nfsv3driver
   executable: /var/vcap/jobs/nfsv3driver/bin/start.sh
   hooks:
-    pre_start: /var/vcap/jobs/nfsv3driver/bin/pre-start
+    pre_start: /var/vcap/jobs/nfsv3driver/bin/install
   additional_volumes:
   - path: /var/vcap/data/voldrivers
     writable: true