From 335385334a72303ba1441f94926bfcafba719f00 Mon Sep 17 00:00:00 2001 From: Adin Scannell Date: Tue, 11 Aug 2020 22:46:54 -0700 Subject: [PATCH] Add generic cloudbuild configuration. --- cloudbuild.yaml | 16 ++++++++++++++++ tools/bazel.mk | 33 +++++++++++++++++++++++---------- 2 files changed, 39 insertions(+), 10 deletions(-) create mode 100644 cloudbuild.yaml diff --git a/cloudbuild.yaml b/cloudbuild.yaml new file mode 100644 index 0000000000..a5927b10c6 --- /dev/null +++ b/cloudbuild.yaml @@ -0,0 +1,16 @@ +steps: +- name: 'gcr.io/cloud-builders/docker' + entrypoint: '/usr/bin/make' + args: + - 'DOCKER_NETWORK=cloudbuild' + - 'BAZEL_CONFIG=${_BAZEL_CONFIG}' + - 'OPTIONS=${_OPTIONS}' + - '${_TARGET}' +substitutions: + _OPTIONS: '' + _BAZEL_CONFIG: '' + _TARGET: 'default' +options: + machineType: 'N1_HIGHCPU_8' + logStreamingOption: STREAM_ON +timeout: 3600s diff --git a/tools/bazel.mk b/tools/bazel.mk index 3e27af7d14..e16edfbb65 100644 --- a/tools/bazel.mk +++ b/tools/bazel.mk @@ -21,7 +21,7 @@ BRANCH_NAME := $(shell (git branch --show-current 2>/dev/null || \ xargs -n 1 basename 2>/dev/null) # Bazel container configuration (see below). -USER ?= gvisor +USER ?= $(shell whoami) HASH ?= $(shell readlink -m $(CURDIR) | md5sum | cut -c1-8) BUILDER_BASE := gvisor.dev/images/default BUILDER_IMAGE := gvisor.dev/images/builder @@ -53,7 +53,15 @@ ifeq (true,$(shell [[ -t 0 ]] && echo true)) FULL_DOCKER_EXEC_OPTIONS += --tty endif +# Add our group, if non-root. +ifneq (0,$(GID)) +GROUPADD_DOCKER += groupadd --gid $(GID) --non-unique $(USER) && +endif + # Add docker passthrough options. +ifneq ($(DOCKER_NETWORK),) +FULL_DOCKER_RUN_OPTIONS += --network=$(DOCKER_NETWORK) +endif ifneq ($(DOCKER_PRIVILEGED),) FULL_DOCKER_RUN_OPTIONS += -v "$(DOCKER_SOCKET):$(DOCKER_SOCKET)" FULL_DOCKER_RUN_OPTIONS += $(DOCKER_PRIVILEGED) @@ -66,6 +74,18 @@ FULL_DOCKER_RUN_OPTIONS += --group-add $(DOCKER_GROUP) endif endif +# Add our user with appropriate options, if non-root. +# +# NOTE: we pass -l to useradd below because otherwise you can hit a bug +# best described here: +# ttps://github.com/moby/moby/issues/5419#issuecomment-193876183 +# +# TL;DR: trying to add to /var/log/lastlog (sparse file) runs the machine out +# out of disk space. +ifneq (0,$(UID)) +USERADD_DOCKER += useradd -l --uid $(UID) --non-unique --no-create-home --gid $(GID) $(USERADD_OPTIONS) -d $(HOME) $(USER) && +endif + # Add KVM passthrough options. ifneq (,$(wildcard /dev/kvm)) FULL_DOCKER_RUN_OPTIONS += --device=/dev/kvm @@ -82,19 +102,12 @@ ifneq (,$(BAZEL_CONFIG)) OPTIONS += --config=$(BAZEL_CONFIG) endif -# NOTE: we pass -l to useradd below because otherwise you can hit a bug -# best described here: -# https://github.com/moby/moby/issues/5419#issuecomment-193876183 -# TLDR; trying to add to /var/log/lastlog (sparse file) runs the machine out -# out of disk space. bazel-image: load-default @if docker ps --all | grep $(BUILDER_NAME); then docker rm -f $(BUILDER_NAME); fi docker run --user 0:0 --entrypoint "" --name $(BUILDER_NAME) \ $(BUILDER_BASE) \ - sh -c "groupadd --gid $(GID) --non-unique $(USER) && \ - $(GROUPADD_DOCKER) \ - useradd -l --uid $(UID) --non-unique --no-create-home \ - --gid $(GID) $(USERADD_OPTIONS) -d $(HOME) $(USER) && \ + sh -c "$(GROUPADD_DOCKER) \ + $(USERADD_DOCKER) \ if [[ -e /dev/kvm ]]; then chmod a+rw /dev/kvm; fi" docker commit $(BUILDER_NAME) $(BUILDER_IMAGE) @docker rm -f $(BUILDER_NAME)