-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathbbbbb-run
More file actions
executable file
·78 lines (71 loc) · 2.48 KB
/
bbbbb-run
File metadata and controls
executable file
·78 lines (71 loc) · 2.48 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
#!/usr/bin/env bash
set -euo pipefail
IFS=$'\n\t'
GROUP=$(id -gn)
BAKERY_ROOT=${BBBBB_BAKERY_ROOT:-$PWD}
BAKERY_MOUNTPOINT=${BBBBB_BAKERY_MOUNTPOINT:-/bakery}
FAKE_HOMEDIR=${BBBBB_FAKE_HOMEDIR:-1}
HOSTWIDE_DIR=${BBBBB_HOSTWIDE_DIR:-/srv/bitbake}
HOSTWIDE_PARENT_TMPFS=${BBBBB_HOSTWIDE_PARENT_TMPFS:-1}
HASHSERV_RW=${BBBBB_HASHSERV_RW:-/run/hashserv-rw}
HASHSERV_RO=${BBBBB_HASHSERV_RO:-/run/hashserv-ro}
HASHSERV_PARENT_TMPFS=${BBBBB_HASHSERV_PARENT_TMPFS:-0}
MACHINE_IMAGE=${BBBBB_MACHINE_IMAGE:-/var/lib/machines/bitbake-debian-11-kirkstone}
homedir_opts=()
if [[ "$FAKE_HOMEDIR" -gt 0 ]]; then
# systemd-nspawn doesn't provide a way to make a user-owned tmpfs, so we
# have to make a real directory.
trap 'rm -rf "$homedir_path"' EXIT
homedir_path=$(mktemp -d)
homedir_opts+=(
--bind="$homedir_path":/run/fake/home/"$USER"
--setenv=HOME=/run/fake/home/"$USER"
)
fi
# opportunistically bind host-wide caches into container
hostwide_opts=()
if [[ -w "$HOSTWIDE_DIR"/sstate_cache || -w "$HOSTWIDE_DIR"/downloads ]]; then
echo "will bind $HOSTWIDE_DIR read/write into container" >&2
hostwide_opts+=(--bind="$HOSTWIDE_DIR")
elif [[ -r "$HOSTWIDE_DIR"/sstate_cache || -r "$HOSTWIDE_DIR"/downloads ]]; then
echo "will bind $HOSTWIDE_DIR read-only into container" >&2
hostwide_opts+=(--bind-ro="$HOSTWIDE_DIR")
fi
if [[ ${#hostwide_opts[@]} -gt 0 && "$HOSTWIDE_PARENT_TMPFS" -gt 0 ]]; then
hostwide_opts+=(--tmpfs="$(dirname "$HOSTWIDE_DIR")")
fi
# opportunistically bind hashserv socket into container
hashserv_opts=()
if [[ -r "$HASHSERV_RW" ]]; then
echo "will bind $HASHSERV_RW into container" >&2
hashserv_opts+=(--bind="$HASHSERV_RW")
if [[ "$HASHSERV_PARENT_TMPFS" -gt 0 ]]; then
hashserv_opts+=(--tmpfs="$(dirname "$HASHSERV_RW")")
fi
elif [[ -r "$HASHSERV_RO" ]]; then
echo "will bind $HASHSERV_RO into container" >&2
hashserv_opts+=(--bind="$HASHSERV_RO")
if [[ "$HASHSERV_PARENT_TMPFS" -gt 0 ]]; then
hashserv_opts+=(--tmpfs="$(dirname "$HASHSERV_RO")")
fi
fi
if [[ $# -eq 0 ]]; then
set -- bash
fi
exec sudo systemd-nspawn \
--image="$MACHINE_IMAGE" \
--read-only \
--tmpfs=/var/tmp:mode=1777 \
--private-users=pick \
--private-users-ownership=map \
--bind-user="$USER" \
"${homedir_opts[@]}" \
--bind="$BAKERY_ROOT":/bakery \
"${hostwide_opts[@]}" \
"${hashserv_opts[@]}" \
--user="$USER" \
--chdir=/bakery \
--as-pid2 \
--console=autopipe \
-- \
"$@"