From 30a02c74dc208238d513e8dd39edde8af9545cf2 Mon Sep 17 00:00:00 2001 From: "Zaiming (Stone) Shi" Date: Wed, 14 Sep 2022 20:17:47 +0200 Subject: [PATCH] build: allow passing ssh agent to docker run in buildx.sh --- scripts/buildx.sh | 48 ++++++++++++++++++++++++++++++++++++++++------- 1 file changed, 41 insertions(+), 7 deletions(-) diff --git a/scripts/buildx.sh b/scripts/buildx.sh index 98386efa0..5f4599765 100755 --- a/scripts/buildx.sh +++ b/scripts/buildx.sh @@ -20,10 +20,13 @@ help() { echo "--arch amd64|arm64: Target arch to build the EMQ X package for" echo "--src_dir : EMQ X source ode in this dir, default to PWD" echo "--builder : Builder image to pull" + echo " E.g. ghcr.io/emqx/emqx-builder/4.4-19:24.1.5-3-debian11" echo "--system : The target OS system the package is being built for, ex: debian11" - echo " E.g. ghcr.io/emqx/emqx-builder/4.4-19:24.1.5-3-debian10" + echo "--ssh: Pass ssh agent to the builder." + echo " Also configures git in container to use ssh instead of https to clone deps" } +USE_SSH='no' while [ "$#" -gt 0 ]; do case $1 in -h|--help) @@ -54,6 +57,10 @@ while [ "$#" -gt 0 ]; do SYSTEM="$2" shift 2 ;; + --ssh) + USE_SSH='yes' + shift + ;; *) echo "WARN: Unknown arg (ignored): $1" shift @@ -72,18 +79,45 @@ if [ "$PKGTYPE" != 'zip' ] && [ "$PKGTYPE" != 'pkg' ]; then exit 1 fi +## Although we have 'deterministic' set in 'erl_opts', and foced overriding at project level, +## still, some of the beams might be compiled (e.g. by erlang.mk) without this flag +## longer file path means larger beam files +## i.e. Keep the path to work dir short! +DOCKER_WORKDIR='/emqx' + cd "${SRC_DIR:-.}" -set -x -# $SYSTEM below is used by the `relup-base-vsns.escript` to correctly -# output the list of relup base versions. +cat <.gitconfig.tmp +[core] + sshCommand = ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no +[safe] + directory = $DOCKER_WORKDIR +EOF + +if [ "$USE_SSH" = 'yes' ]; then + cat <>.gitconfig.tmp +[url "ssh://git@github.com/"] + insteadOf = https://github.com/ +EOF + # when passing ssh agent, we assume this command is executed locally not in ci, so add '-t' option + SSH_AGENT_OPTION="-t -e SSH_AUTH_SOCK=/ssh-agent -v ${SSH_AUTH_SOCK}:/ssh-agent" +else + SSH_AGENT_OPTION='' +fi + docker info docker run --rm --privileged tonistiigi/binfmt:latest --install "${ARCH}" + +# $SYSTEM below is used by the `relup-base-vsns.escript` to correctly +# output the list of relup base versions. +# shellcheck disable=SC2086 docker run -i --rm \ - -v "$(pwd)":/emqx \ - --workdir /emqx \ + -v "$(pwd)":$DOCKER_WORKDIR \ + -v "$(pwd)/.gitconfig.tmp":/root/.gitconfig \ + --workdir $DOCKER_WORKDIR \ --platform="linux/$ARCH" \ --user root \ -e SYSTEM="$SYSTEM" \ + $SSH_AGENT_OPTION \ "$BUILDER" \ - bash -euc "git config --global --add safe.directory /emqx && chown -R root:root _build && make ${PROFILE}-${PKGTYPE} && .ci/build_packages/tests.sh $PROFILE $PKGTYPE" + bash -euc "mkdir -p _build && chown -R root:root _build && make ${PROFILE}-${PKGTYPE} && .ci/build_packages/tests.sh $PROFILE $PKGTYPE"