def build_image_environment(version, base, rev):
appname = version.appconfig.appname
build_cmds = version.appconfig.build
if not isinstance(build_cmds, list):
build_cmds = [build_cmds,]
# checkout code of version @ rev
build_path = tempfile.mkdtemp()
clone_path = os.path.join(build_path, appname)
clone_code(version.app.git, clone_path, rev, branch=None)
# remove git history
ensure_dir_absent(os.path.join(clone_path, '.git'))
# launcher script
launcher = template.render_template('launcher.jinja', appname=appname)
ensure_file(os.path.join(build_path, 'launcher'), content=launcher, mode=0755)
# build dockerfile
dockerfile = template.render_template(
'dockerfile.jinja', base=base, appname=appname,
build_cmds=build_cmds, user_id=version.user_id)
ensure_file(os.path.join(build_path, 'Dockerfile'), content=dockerfile)
yield build_path
# clean build dir
ensure_dir_absent(build_path)
def build_image_environment(version, base, rev):
appname = version.appconfig.appname
build_cmd = version.appconfig.build
if isinstance(build_cmd, list):
# 好 tricky...
build_cmd = '\nRUN '.join(build_cmd)
# checkout code of version @ rev
build_path = tempfile.mkdtemp()
clone_path = os.path.join(build_path, appname)
repo = pygit2.clone_repository(version.app.git, clone_path)
repo.checkout('HEAD')
o = repo.revparse_single(rev)
repo.checkout_tree(o.tree)
# remove git history
ensure_dir_absent(os.path.join(clone_path, '.git'))
# build dockerfile
dockerfile = DOCKER_FILE_TEMPLATE.format(
base=base, appname=appname, build_cmd=build_cmd
)
ensure_file(os.path.join(build_path, 'Dockerfile'), content=dockerfile)
# TODO 这里可能需要加上静态文件的处理
yield build_path
# clean build dir
ensure_dir_absent(build_path)
def save_docker_certs(ip, *certs):
"""
save certs in DOCKER_CERT_PATH/{ip} as well as redis
:param ip: str, host ip address
:param certs: tuple of str, content of .pem files, must be (ca, cert, key)
"""
if not DOCKER_CERT_PATH:
_log.warn('DOCKER_CERT_PATH not set')
return
certs_dir = make_certs_dir(ip)
for fname, content in zip(needed_cert_files, certs):
key = make_redis_cert_file_key(ip, fname)
rds.set(key, content)
ensure_file(os.path.join(certs_dir, fname), mode=0444, content=content)
def save_docker_certs(ip, *certs):
"""
save certs in DOCKER_CERT_PATH/{ip} as well as redis
:param ip: str, host ip address
:param certs: tuple of str, content of .pem files, must be (ca, cert, key)
"""
if not DOCKER_CERT_PATH:
_log.warn('DOCKER_CERT_PATH not set')
return
certs_dir = make_certs_dir(ip)
for fname, content in zip(needed_cert_files, certs):
key = make_redis_cert_file_key(ip, fname)
rds.set(key, content)
ensure_file(os.path.join(certs_dir, fname), mode=0444, content=content)
def save_docker_certs(host, ca, cert, key):
if not DOCKER_CERT_PATH:
return
base_dir = os.path.join(DOCKER_CERT_PATH, host.ip)
ensure_dir(base_dir)
ensure_file(os.path.join(base_dir, 'ca.pem'), mode=0444, content=ca)
ensure_file(os.path.join(base_dir, 'cert.pem'), mode=0444, content=cert)
ensure_file(os.path.join(base_dir, 'key.pem'), mode=0400, content=key)
def get_docker_certs(ip):
"""
return valid .cert absolute file paths: (ca_path, cert_path, key_path), in
the mean time, ensure the files are on both local and redis
"""
results = []
# make sure the directory for the cert files is created
make_certs_dir(ip)
for fname in needed_cert_files:
file_path = make_cert_path(ip, fname)
key = make_redis_cert_file_key(ip, fname)
# respect redis file first, if not found, provide with local copy,
# this could make things easier when changing certificate files
content = rds.get(key)
if content:
ensure_file(file_path, mode=0444, content=content)
else:
with open(file_path) as f:
rds.set(key, f.read())
results.append(file_path)
return results
def get_docker_certs(ip):
"""
return valid .cert absolute file paths: (ca_path, cert_path, key_path), in
the mean time, ensure the files are on both local and redis
"""
results = []
# make sure the directory for the cert files is created
make_certs_dir(ip)
for fname in needed_cert_files:
file_path = make_cert_path(ip, fname)
key = make_redis_cert_file_key(ip, fname)
# respect redis file first, if not found, provide with local copy,
# this could make things easier when changing certificate files
content = rds.get(key)
if content:
ensure_file(file_path, mode=0444, content=content)
else:
with open(file_path) as f:
rds.set(key, f.read())
results.append(file_path)
return results
def save_docker_certs(host_or_ip, ca, cert, key):
if not DOCKER_CERT_PATH:
return
if not isinstance(host_or_ip, basestring):
host_or_ip = host_or_ip.ip
base_dir = os.path.join(DOCKER_CERT_PATH, host_or_ip)
ensure_dir(base_dir)
ensure_file(os.path.join(base_dir, 'ca.pem'), mode=0444, content=ca)
ensure_file(os.path.join(base_dir, 'cert.pem'), mode=0444, content=cert)
ensure_file(os.path.join(base_dir, 'key.pem'), mode=0400, content=key)
def build_image_environment(version, base, archive_file=None):
appname = version.appconfig.appname
build_cmds = version.appconfig.build
if not isinstance(build_cmds, list):
build_cmds = [
build_cmds,
]
if archive_file and os.path.isfile(archive_file):
# if archive_file is passed
build_path = os.path.dirname(archive_file)
code_path = os.path.join(build_path, appname)
f = zipfile.ZipFile(archive_file)
f.extractall(code_path)
else:
# checkout code of version @ version.short_sha
build_path = tempfile.mkdtemp()
code_path = os.path.join(build_path, appname)
clone_code(version.app.git, code_path, version.short_sha, branch=None)
# remove git history
ensure_dir_absent(os.path.join(code_path, '.git'))
# launcher script
entry = 'exec sudo -E -u %s $@' % appname
entry_root = 'exec $@'
launcher = template.render_template('launcher.jinja', entrypoint=entry)
launcheroot = template.render_template('launcher.jinja',
entrypoint=entry_root)
ensure_file(os.path.join(build_path, 'launcher'),
content=launcher,
mode=0755)
ensure_file(os.path.join(build_path, 'launcheroot'),
content=launcheroot,
mode=0755)
# build dockerfile
dockerfile = template.render_template('dockerfile.jinja',
base=base,
appname=appname,
build_cmds=build_cmds,
user_id=version.user_id)
ensure_file(os.path.join(build_path, 'Dockerfile'), content=dockerfile)
yield build_path
# clean build dir
ensure_dir_absent(build_path)
def build_image_environment(version, base, archive_file=None):
appname = version.appconfig.appname
build_cmds = version.appconfig.build
if not isinstance(build_cmds, list):
build_cmds = [build_cmds, ]
if archive_file and os.path.isfile(archive_file):
# if archive_file is passed
build_path = os.path.dirname(archive_file)
code_path = os.path.join(build_path, appname)
f = zipfile.ZipFile(archive_file)
f.extractall(code_path)
else:
# checkout code of version @ version.short_sha
build_path = tempfile.mkdtemp()
code_path = os.path.join(build_path, appname)
clone_code(version.app.git, code_path, version.short_sha, branch=None)
# remove git history
ensure_dir_absent(os.path.join(code_path, '.git'))
# launcher script
entry = 'exec sudo -E -u %s $@' % appname
entry_root = 'exec $@'
launcher = template.render_template('launcher.jinja', entrypoint=entry)
launcheroot = template.render_template('launcher.jinja', entrypoint=entry_root)
ensure_file(os.path.join(build_path, 'launcher'), content=launcher, mode=0755)
ensure_file(os.path.join(build_path, 'launcheroot'), content=launcheroot, mode=0755)
# build dockerfile
dockerfile = template.render_template(
'dockerfile.jinja', base=base, appname=appname,
build_cmds=build_cmds, user_id=version.user_id)
ensure_file(os.path.join(build_path, 'Dockerfile'), content=dockerfile)
yield build_path
# clean build dir
ensure_dir_absent(build_path)
