From 31845cd57f3664bcfd042aebfd43e10fba1c6807 Mon Sep 17 00:00:00 2001 From: Paul Sokolovsky Date: Fri, 20 Apr 2012 18:20:12 +0300 Subject: Actually use prepare_build_config.py during build initialization. --- node/build | 46 +++++++++++++++++++++++--------------------- node/prepare_build_config.py | 6 +++++- 2 files changed, 29 insertions(+), 23 deletions(-) (limited to 'node') diff --git a/node/build b/node/build index b5afe52..6b842e5 100755 --- a/node/build +++ b/node/build @@ -21,16 +21,34 @@ set -xe # We need ramdisk size when executing under root, but still don't want # to evaluate build config (== arbitrary code) as such. function get_ramdisk_size () { - sudo -E -H -u jenkins-build bash -es "$1" <<\EOF - export CONFIGURATION="$(echo "$1" | base64 -id)" - set -a - eval "$CONFIGURATION" - set +a + sudo -E -H -u jenkins-build bash -es <<\EOF + source /var/run/build-tools/build-config echo $RAMDISK_SIZE EOF } BUILD_SCRIPT_ROOT=$(readlink -f "$(dirname "${0}")/../build-scripts") +if ! $BUILD_SCRIPT_ROOT/../node/prepare_build_config.py "$2"; then + echo "Early exit due to build environment validation failure" + exit 1 +fi +# At this point, safely sourceable build config is in /var/run/build-tools/build-config +source /var/run/build-tools/build-config + +if [ -n "$BUILD_CONFIG_REPO" ]; then + echo "Fetching build config indirectly from git" + save_dir=$PWD + rm -rf /tmp/buildconf.$$ + mkdir -p /tmp/buildconf.$$ + cd /tmp/buildconf.$$ + git clone "$BUILD_CONFIG_REPO" + cd * + git checkout "$BUILD_CONFIG_BRANCH" + $BUILD_SCRIPT_ROOT/../node/prepare_build_config.py "$(cat "$BUILD_CONFIG_FILENAME")" + cd $save_dir + source /var/run/build-tools/build-config +fi + # Stopgap measure to cleanup environment on instances reused for different jobs mount | grep -E "^tmpfs on .+workspace/" | awk ' {print $3}' | xargs --no-run-if-empty -n1 umount @@ -66,26 +84,10 @@ cd build sudo -E -H -u jenkins-build bash -xes "${BUILD_SCRIPT_ROOT}" "$@" <<\EOF export BUILD_SCRIPT_ROOT="${1}" HOST="${2}" -export CONFIGURATION="$(echo "${3}" | base64 -id)" set -a -eval "$CONFIGURATION" +source /var/run/build-tools/build-config set +a -if [ -n "$BUILD_CONFIG_REPO" ]; then - echo "Fetching build config indirectly from git" - save_dir=$PWD - rm -rf /tmp/buildconf.$$ - mkdir -p /tmp/buildconf.$$ - cd /tmp/buildconf.$$ - git clone "$BUILD_CONFIG_REPO" - cd * - git checkout "$BUILD_CONFIG_BRANCH" - CONFIGURATION=$(cat "$BUILD_CONFIG_FILENAME") - cd $save_dir - set -a - eval $CONFIGURATION - set +a -fi # Backward compatibility with SCRIPT_NAME if [ -n "$SCRIPT_NAME" ]; then diff --git a/node/prepare_build_config.py b/node/prepare_build_config.py index 7188a10..3086453 100755 --- a/node/prepare_build_config.py +++ b/node/prepare_build_config.py @@ -8,6 +8,9 @@ import pipes SLAVE_TYPE_FILE = "/var/run/build-tools/slave-type" SLAVE_TYPE_RESTRICTED = "Natty Release 64bit Instance Store - private builds" +# sf-safe build config is written to this file +BUILD_CONFIG_FILE = "/var/run/build-tools/build-config" + class BuildConfigMismatchException(Exception): pass @@ -64,7 +67,7 @@ def validate_config(config, slave_type): def convert_config_to_shell(config_text): config = {} - out = open("build_config", "w") + out = open(BUILD_CONFIG_FILE, "w") for l in cfg.split("\n"): l = l.strip() @@ -77,6 +80,7 @@ def convert_config_to_shell(config_text): val = shell_unquote(val) config[var] = val print "%s=%s" % (var, pipes.quote(val)) + out.close() if __name__ == "__main__": -- cgit v1.2.3