[rustc.git] / src / ci / docker / run.sh

#!/usr/bin/env bash

set -e

export MSYS_NO_PATHCONV=1

script=`cd $(dirname $0) && pwd`/`basename $0`
image=$1

docker_dir="`dirname $script`"
ci_dir="`dirname $docker_dir`"
src_dir="`dirname $ci_dir`"
root_dir="`dirname $src_dir`"

objdir=$root_dir/obj
dist=$objdir/build/dist

source "$ci_dir/shared.sh"

if [ -f "$docker_dir/$image/Dockerfile" ]; then
    if [ "$CI" != "" ]; then
      hash_key=/tmp/.docker-hash-key.txt
      rm -f "${hash_key}"
      echo $image >> $hash_key

      cat "$docker_dir/$image/Dockerfile" >> $hash_key
      # Look for all source files involves in the COPY command
      copied_files=/tmp/.docker-copied-files.txt
      rm -f "$copied_files"
      for i in $(sed -n -e 's/^COPY \(.*\) .*$/\1/p' "$docker_dir/$image/Dockerfile"); do
        # List the file names
        find "$docker_dir/$i" -type f >> $copied_files
      done
      # Sort the file names and cat the content into the hash key
      sort $copied_files | xargs cat >> $hash_key

      docker --version >> $hash_key
      cksum=$(sha512sum $hash_key | \
        awk '{print $1}')

      s3url="s3://$SCCACHE_BUCKET/docker/$cksum"
      url="https://$SCCACHE_BUCKET.s3.amazonaws.com/docker/$cksum"
      upload="aws s3 cp - $s3url"

      echo "Attempting to download $url"
      rm -f /tmp/rustci_docker_cache
      set +e
      retry curl -y 30 -Y 10 --connect-timeout 30 -f -L -C - -o /tmp/rustci_docker_cache "$url"
      loaded_images=$(docker load -i /tmp/rustci_docker_cache | sed 's/.* sha/sha/')
      set -e
      echo "Downloaded containers:\n$loaded_images"
    fi

    dockerfile="$docker_dir/$image/Dockerfile"
    if [ -x /usr/bin/cygpath ]; then
        context="`cygpath -w $docker_dir`"
        dockerfile="`cygpath -w $dockerfile`"
    else
        context="$docker_dir"
    fi
    retry docker \
      build \
      --rm \
      -t rust-ci \
      -f "$dockerfile" \
      "$context"

    if [ "$upload" != "" ]; then
      digest=$(docker inspect rust-ci --format '{{.Id}}')
      echo "Built container $digest"
      if ! grep -q "$digest" <(echo "$loaded_images"); then
        echo "Uploading finished image to $url"
        set +e
        docker history -q rust-ci | \
          grep -v missing | \
          xargs docker save | \
          gzip | \
          $upload
        set -e
      else
        echo "Looks like docker image is the same as before, not uploading"
      fi
      # Record the container image for reuse, e.g. by rustup.rs builds
      info="$dist/image-$image.txt"
      mkdir -p "$dist"
      echo "$url" >"$info"
      echo "$digest" >>"$info"
    fi
elif [ -f "$docker_dir/disabled/$image/Dockerfile" ]; then
    if isCI; then
        echo Cannot run disabled images on CI!
        exit 1
    fi
    # Transform changes the context of disabled Dockerfiles to match the enabled ones
    tar --transform 's#^./disabled/#./#' -C $docker_dir -c . | docker \
      build \
      --rm \
      -t rust-ci \
      -f "$image/Dockerfile" \
      -
else
    echo Invalid image: $image
    exit 1
fi

mkdir -p $HOME/.cargo
mkdir -p $objdir/tmp
mkdir -p $objdir/cores
mkdir -p /tmp/toolstate

args=
if [ "$SCCACHE_BUCKET" != "" ]; then
    args="$args --env SCCACHE_BUCKET"
    args="$args --env SCCACHE_REGION"
    args="$args --env AWS_ACCESS_KEY_ID"
    args="$args --env AWS_SECRET_ACCESS_KEY"
else
    mkdir -p $HOME/.cache/sccache
    args="$args --env SCCACHE_DIR=/sccache --volume $HOME/.cache/sccache:/sccache"
fi

# Run containers as privileged as it should give them access to some more
# syscalls such as ptrace and whatnot. In the upgrade to LLVM 5.0 it was
# discovered that the leak sanitizer apparently needs these syscalls nowadays so
# we'll need `--privileged` for at least the `x86_64-gnu` builder, so this just
# goes ahead and sets it for all builders.
args="$args --privileged"

# Things get a little weird if this script is already running in a docker
# container. If we're already in a docker container then we assume it's set up
# to do docker-in-docker where we have access to a working `docker` command.
#
# If this is the case (we check via the presence of `/.dockerenv`)
# then we can't actually use the `--volume` argument. Typically we use
# `--volume` to efficiently share the build and source directory between this
# script and the container we're about to spawn. If we're inside docker already
# though the `--volume` argument maps the *host's* folder to the container we're
# about to spawn, when in fact we want the folder in this container itself. To
# work around this we use a recipe cribbed from
# https://circleci.com/docs/2.0/building-docker-images/#mounting-folders to
# create a temporary container with a volume. We then copy the entire source
# directory into this container, and then use that copy in the container we're
# about to spawn. Finally after the build finishes we re-extract the object
# directory.
#
# Note that none of this is necessary if we're *not* in a docker-in-docker
# scenario. If this script is run on a bare metal host then we share a bunch of
# data directories to share as much data as possible. Note that we also use
# `LOCAL_USER_ID` (recognized in `src/ci/run.sh`) to ensure that files are all
# read/written as the same user as the bare-metal user.
if [ -f /.dockerenv ]; then
  docker create -v /checkout --name checkout alpine:3.4 /bin/true
  docker cp . checkout:/checkout
  args="$args --volumes-from checkout"
else
  args="$args --volume $root_dir:/checkout:ro"
  args="$args --volume $objdir:/checkout/obj"
  args="$args --volume $HOME/.cargo:/cargo"
  args="$args --volume $HOME/rustsrc:$HOME/rustsrc"
  args="$args --volume /tmp/toolstate:/tmp/toolstate"
  args="$args --env LOCAL_USER_ID=`id -u`"
fi

docker \
  run \
  --workdir /checkout/obj \
  --env SRC=/checkout \
  $args \
  --env CARGO_HOME=/cargo \
  --env DEPLOY \
  --env DEPLOY_ALT \
  --env CI \
  --env TF_BUILD \
  --env BUILD_SOURCEBRANCHNAME \
  --env GITHUB_ACTIONS \
  --env GITHUB_REF \
  --env TOOLSTATE_REPO_ACCESS_TOKEN \
  --env TOOLSTATE_REPO \
  --env TOOLSTATE_PUBLISH \
  --env CI_JOB_NAME="${CI_JOB_NAME-$IMAGE}" \
  --init \
  --rm \
  rust-ci \
  /checkout/src/ci/run.sh

if [ -f /.dockerenv ]; then
  rm -rf $objdir
  docker cp checkout:/checkout/obj $objdir
fi
Commit	Line	Data
abe05a73	1	#!/usr/bin/env bash
476ff2be SL	2
	3	set -e
	4
abe05a73 XL	5	export MSYS_NO_PATHCONV=1
abe05a73 XL	6
476ff2be SL	7	script=`cd $(dirname $0) && pwd`/`basename $0`
	8	image=$1
	9
	10	docker_dir="`dirname $script`"
	11	ci_dir="`dirname $docker_dir`"
	12	src_dir="`dirname $ci_dir`"
	13	root_dir="`dirname $src_dir`"
	14
532ac7d7 XL	15	objdir=$root_dir/obj
	16	dist=$objdir/build/dist
	17
8bb4bdeb XL	18	source "$ci_dir/shared.sh"
8bb4bdeb XL	19
7cac9316	20	if [ -f "$docker_dir/$image/Dockerfile" ]; then
0531ce1d	21	if [ "$CI" != "" ]; then
0731742a	22	hash_key=/tmp/.docker-hash-key.txt
9fa01778 XL	23	rm -f "${hash_key}"
9fa01778 XL	24	echo $image >> $hash_key
532ac7d7 XL	25
	26	cat "$docker_dir/$image/Dockerfile" >> $hash_key
	27	# Look for all source files involves in the COPY command
	28	copied_files=/tmp/.docker-copied-files.txt
	29	rm -f "$copied_files"
	30	for i in $(sed -n -e 's/^COPY \(.\) .$/\1/p' "$docker_dir/$image/Dockerfile"); do
	31	# List the file names
	32	find "$docker_dir/$i" -type f >> $copied_files
	33	done
	34	# Sort the file names and cat the content into the hash key
	35	sort $copied_files \| xargs cat >> $hash_key
	36
0731742a XL	37	docker --version >> $hash_key
0731742a XL	38	cksum=$(sha512sum $hash_key \| \
0531ce1d	39	awk '{print $1}')
dc9dc135	40
0531ce1d	41	s3url="s3://$SCCACHE_BUCKET/docker/$cksum"
dc9dc135 XL	42	url="https://$SCCACHE_BUCKET.s3.amazonaws.com/docker/$cksum"
	43	upload="aws s3 cp - $s3url"
	44
	45	echo "Attempting to download $url"
94b46f34	46	rm -f /tmp/rustci_docker_cache
0531ce1d	47	set +e
9fa01778	48	retry curl -y 30 -Y 10 --connect-timeout 30 -f -L -C - -o /tmp/rustci_docker_cache "$url"
94b46f34	49	loaded_images=$(docker load -i /tmp/rustci_docker_cache \| sed 's/.* sha/sha/')
0531ce1d XL	50	set -e
	51	echo "Downloaded containers:\n$loaded_images"
	52	fi
	53
abe05a73 XL	54	dockerfile="$docker_dir/$image/Dockerfile"
	55	if [ -x /usr/bin/cygpath ]; then
	56	context="`cygpath -w $docker_dir`"
	57	dockerfile="`cygpath -w $dockerfile`"
	58	else
	59	context="$docker_dir"
	60	fi
7cac9316 XL	61	retry docker \
	62	build \
	63	--rm \
	64	-t rust-ci \
abe05a73 XL	65	-f "$dockerfile" \
abe05a73 XL	66	"$context"
0531ce1d	67
dc9dc135	68	if [ "$upload" != "" ]; then
0531ce1d XL	69	digest=$(docker inspect rust-ci --format '{{.Id}}')
	70	echo "Built container $digest"
	71	if ! grep -q "$digest" <(echo "$loaded_images"); then
dc9dc135	72	echo "Uploading finished image to $url"
0531ce1d XL	73	set +e
	74	docker history -q rust-ci \| \
	75	grep -v missing \| \
	76	xargs docker save \| \
	77	gzip \| \
dc9dc135	78	$upload
0531ce1d XL	79	set -e
	80	else
	81	echo "Looks like docker image is the same as before, not uploading"
	82	fi
532ac7d7 XL	83	# Record the container image for reuse, e.g. by rustup.rs builds
	84	info="$dist/image-$image.txt"
	85	mkdir -p "$dist"
	86	echo "$url" >"$info"
	87	echo "$digest" >>"$info"
0531ce1d	88	fi
7cac9316	89	elif [ -f "$docker_dir/disabled/$image/Dockerfile" ]; then
dc9dc135 XL	90	if isCI; then
dc9dc135 XL	91	echo Cannot run disabled images on CI!
7cac9316 XL	92	exit 1
7cac9316 XL	93	fi
ea8adc8c XL	94	# Transform changes the context of disabled Dockerfiles to match the enabled ones
ea8adc8c XL	95	tar --transform 's#^./disabled/#./#' -C $docker_dir -c . \| docker \
7cac9316 XL	96	build \
	97	--rm \
	98	-t rust-ci \
ea8adc8c XL	99	-f "$image/Dockerfile" \
ea8adc8c XL	100	-
7cac9316 XL	101	else
	102	echo Invalid image: $image
	103	exit 1
	104	fi
	105
476ff2be	106	mkdir -p $HOME/.cargo
8bb4bdeb	107	mkdir -p $objdir/tmp
8faf50e0	108	mkdir -p $objdir/cores
e74abb32	109	mkdir -p /tmp/toolstate
32a655c1 SL	110
	111	args=
	112	if [ "$SCCACHE_BUCKET" != "" ]; then
3b2f2976 XL	113	args="$args --env SCCACHE_BUCKET"
	114	args="$args --env SCCACHE_REGION"
	115	args="$args --env AWS_ACCESS_KEY_ID"
	116	args="$args --env AWS_SECRET_ACCESS_KEY"
32a655c1 SL	117	else
	118	mkdir -p $HOME/.cache/sccache
	119	args="$args --env SCCACHE_DIR=/sccache --volume $HOME/.cache/sccache:/sccache"
	120	fi
476ff2be	121
3b2f2976 XL	122	# Run containers as privileged as it should give them access to some more
	123	# syscalls such as ptrace and whatnot. In the upgrade to LLVM 5.0 it was
	124	# discovered that the leak sanitizer apparently needs these syscalls nowadays so
	125	# we'll need `--privileged` for at least the `x86_64-gnu` builder, so this just
	126	# goes ahead and sets it for all builders.
	127	args="$args --privileged"
	128
416331ca XL	129	# Things get a little weird if this script is already running in a docker
	130	# container. If we're already in a docker container then we assume it's set up
	131	# to do docker-in-docker where we have access to a working `docker` command.
	132	#
	133	# If this is the case (we check via the presence of `/.dockerenv`)
	134	# then we can't actually use the `--volume` argument. Typically we use
	135	# `--volume` to efficiently share the build and source directory between this
	136	# script and the container we're about to spawn. If we're inside docker already
	137	# though the `--volume` argument maps the host's folder to the container we're
	138	# about to spawn, when in fact we want the folder in this container itself. To
	139	# work around this we use a recipe cribbed from
	140	# https://circleci.com/docs/2.0/building-docker-images/#mounting-folders to
	141	# create a temporary container with a volume. We then copy the entire source
	142	# directory into this container, and then use that copy in the container we're
	143	# about to spawn. Finally after the build finishes we re-extract the object
	144	# directory.
	145	#
	146	# Note that none of this is necessary if we're not in a docker-in-docker
	147	# scenario. If this script is run on a bare metal host then we share a bunch of
	148	# data directories to share as much data as possible. Note that we also use
	149	# `LOCAL_USER_ID` (recognized in `src/ci/run.sh`) to ensure that files are all
	150	# read/written as the same user as the bare-metal user.
	151	if [ -f /.dockerenv ]; then
	152	docker create -v /checkout --name checkout alpine:3.4 /bin/true
	153	docker cp . checkout:/checkout
	154	args="$args --volumes-from checkout"
	155	else
	156	args="$args --volume $root_dir:/checkout:ro"
	157	args="$args --volume $objdir:/checkout/obj"
	158	args="$args --volume $HOME/.cargo:/cargo"
	159	args="$args --volume $HOME/rustsrc:$HOME/rustsrc"
e74abb32	160	args="$args --volume /tmp/toolstate:/tmp/toolstate"
416331ca XL	161	args="$args --env LOCAL_USER_ID=`id -u`"
	162	fi
	163
	164	docker \
476ff2be	165	run \
476ff2be SL	166	--workdir /checkout/obj \
476ff2be SL	167	--env SRC=/checkout \
32a655c1	168	$args \
476ff2be	169	--env CARGO_HOME=/cargo \
3b2f2976 XL	170	--env DEPLOY \
3b2f2976 XL	171	--env DEPLOY_ALT \
dc9dc135	172	--env CI \
dc9dc135 XL	173	--env TF_BUILD \
dc9dc135 XL	174	--env BUILD_SOURCEBRANCHNAME \
60c5eb7d XL	175	--env GITHUB_ACTIONS \
60c5eb7d XL	176	--env GITHUB_REF \
ff7c6d11	177	--env TOOLSTATE_REPO_ACCESS_TOKEN \
dc9dc135	178	--env TOOLSTATE_REPO \
416331ca	179	--env TOOLSTATE_PUBLISH \
83c7162d	180	--env CI_JOB_NAME="${CI_JOB_NAME-$IMAGE}" \
3b2f2976	181	--init \
32a655c1	182	--rm \
476ff2be SL	183	rust-ci \
476ff2be SL	184	/checkout/src/ci/run.sh
416331ca XL	185
	186	if [ -f /.dockerenv ]; then
	187	rm -rf $objdir
	188	docker cp checkout:/checkout/obj $objdir
	189	fi