more testing

Signed-off-by: Vanessa Sochat <[email protected]>

Author: vsoch

singularity/build/scripts/README.md

@@ -0,0 +1,8 @@
+# Changes
+
+ - [build.go](build.go) is from [here](https://github.com/sylabs/singularity/blob/release-3.4/internal/pkg/build/build.go)
+ - [bundle.go](bundle.go) is from [here](https://github.com/sylabs/singularity/blob/release-3.4/pkg/build/types/bundle.go)
+
+For bundle.go, we accept an extra argument for the stage, and the directory
+created is named based on that. Build.go then provides this stage. If no stage
+is provided, it works as normal.

singularity/build/scripts/bundle.go

@@ -6,7 +6,6 @@
 package types
 
 import (
-	"io/ioutil"
 	"os"
 	"path/filepath"
 
@@ -86,11 +85,10 @@ func bundleCommon(bundleDir, bundlePrefix string, keyInfo *crypt.KeyInfo, stageN
 		bundlePrefix = "sbuild-"
 	}
 
-	// Bundle path must be predictable
-	// TODO if this isn't defined just do sbuild
-	sylog.Debugf("Stage name is %v\n", stageName)
+	// Bundle path must be predictable (/tmp/sbuild if not defined)
+	sylog.Infof("Stage name is %v\n", stageName)
 	b.Path = "/tmp/sbuild" + stageName
-	sylog.Debugf("Will use path for bundle %v\n", b.Path)
+	sylog.Infof("Will use path for bundle %v\n", b.Path)
 
 	err = os.Mkdir(b.Path, 0755)
 	if err != nil {
@@ -120,7 +118,7 @@ func NewEncryptedBundle(bundleDir, bundlePrefix string, keyInfo *crypt.KeyInfo,
 }
 
 // NewBundle creates a Bundle environment
-func NewBundle(bundleDir, bundlePrefix string) (b *Bundle, err error, stageName string) {
+func NewBundle(bundleDir, bundlePrefix string, stageName string) (b *Bundle, err error) {
 	return bundleCommon(bundleDir, bundlePrefix, nil, stageName)
 }
 

singularity/build/scripts/secure-build.sh

@@ -15,15 +15,13 @@ fi
 # Get all stages
 CONTENDER_STAGES=$(cat $SINGULARITY_BUILDDEF | grep ^[[:blank:]]*Stage:)
 
-stages="build"
+# Case 1: We have stages
 for stage in $CONTENDER_STAGES; do
     if [ "$stage" != "Stage" ]; then
         stages="$stage $stages"
     fi
 done
 
-echo "Found stages $stages"
-
 SINGULARITY_confdir="/usr/local/etc/singularity"
 SINGULARITY_bindir="/usr/local/bin"
 SINGULARITY_libexecdir="/usr/local/libexec/singularity"
@@ -63,18 +61,9 @@ cat > "$SINGULARITY_WORKDIR/root/.rpmmacros" << RPMMAC
 %_dbpath %{_var}/lib/rpm
 RPMMAC
 
-# Staged build image is the main / final build
+# Location for the repository
 REPO_DIR="/root/repo"
-STAGED_BUILD_IMAGE="/root/build"
-
 mkdir -p ${SINGULARITY_WORKDIR}${REPO_DIR}
-mkdir -p ${SINGULARITY_WORKDIR}${STAGED_BUILD_IMAGE}
-
-# Make directory for each stage (build included)
-#for stage in $stages; do
-#    echo "Creating ${SINGULARITY_WORKDIR}/root/$stage"
-#    mkdir -p "${SINGULARITY_WORKDIR}/root/$stage"
-#done
 
 # Move the repo to be the REPO_DIR
 cp -R $BUILDDEF_DIR/* ${SINGULARITY_WORKDIR}$REPO_DIR
@@ -88,10 +77,7 @@ HOSTS_FILE="$SINGULARITY_WORKDIR/hosts"
 cp /etc/resolv.conf $RESOLV_CONF
 cp /etc/hosts $HOSTS_FILE
 
-cat > "$FSTAB_FILE" << FSTAB
-none $STAGED_BUILD_IMAGE      bind    dev     0 0
-FSTAB
-
+# Create base temporary config file
 cat > "$TMP_CONF_FILE" << CONF
 config passwd = yes
 config group = no
@@ -109,7 +95,6 @@ user bind control = no
 bind path = $SINGULARITY_WORKDIR/root:/root
 bind path = $SINGULARITY_WORKDIR/tmp:/tmp
 bind path = $SINGULARITY_WORKDIR/var_tmp:/var/tmp
-bind path = /tmp/sbuild/fs:$STAGED_BUILD_IMAGE
 bind path = $FSTAB_FILE:/etc/fstab
 bind path = $RESOLV_CONF:/etc/resolv.conf
 bind path = $HOSTS_FILE:/etc/hosts
@@ -118,10 +103,7 @@ allow user capabilities = no
 allow setuid = yes
 CONF
 
-# We only use the builder once, make default config
-cp "$TMP_CONF_FILE" "${SINGULARITY_confdir}/singularity.conf"
-
-# here build pre-stage
+# Shared starting script (will have build command appended)
 cat > "$BUILD_SCRIPT" << SCRIPT
 #!/bin/sh
 mount -r --no-mtab -t proc proc /proc
@@ -135,10 +117,53 @@ if [ \$? != 0 ]; then
     exit 1
 fi
 cd $REPO_DIR
-singularity build $STAGED_BUILD_IMAGE/container.sif $BUILDDEF
-exit \$?
 SCRIPT
 
+
+# Proceed based on stages (or not)
+if [ "$stages" == "" ]; then 
+    echo "NO STAGES"
+
+    # Staged build image is the main / final build
+    STAGED_BUILD_IMAGE="/root/build"
+    mkdir -p ${SINGULARITY_WORKDIR}${STAGED_BUILD_IMAGE}
+
+    cat > "$FSTAB_FILE" << FSTAB
+none $STAGED_BUILD_IMAGE      bind    dev     0 0
+FSTAB
+
+    # Update config file with staged build image
+    echo "bind path = /tmp/sbuild/fs:$STAGED_BUILD_IMAGE" >> "$TMP_CONF_FILE"
+
+    # We only use the builder once, make default config
+    cp "$TMP_CONF_FILE" "${SINGULARITY_confdir}/singularity.conf"
+
+    # add final lines of build script
+    echo "singularity build $STAGED_BUILD_IMAGE/container.sif $BUILDDEF" >> "${BUILD_SCRIPT}"
+    echo "exit \$?" >> ${BUILD_SCRIPT}
+
+else 
+    echo "Found stages $stages"
+
+    # Make directory for each stage (/root/<stage>
+    for stage in $stages; do
+        STAGED_BUILD_IMAGE="/root/$stage"
+        echo "Creating ${SINGULARITY_WORKDIR}$STAGED_BUILD_IMAGE"
+        mkdir -p "${SINGULARITY_WORKDIR}$STAGED_BUILD_IMAGE"
+        echo "none ${STAGED_BUILD_IMAGE}      bind    dev     0 0" >> "$FSTAB_FILE"
+        echo "bind path = /tmp/sbuild$stage/fs:$STAGED_BUILD_IMAGE" >> "$TMP_CONF_FILE"
+        echo "bind path = /tmp/sbuild$stage/fs:$STAGED_BUILD_IMAGE" >> "$TMP_CONF_FILE"
+    done
+
+    # The final stage is where we put the container
+    echo "Final staged build image is $STAGED_BUILD_IMAGE"
+
+    # We only use the builder once, make default config
+    cp "$TMP_CONF_FILE" "${SINGULARITY_confdir}/singularity.conf"
+
+fi
+
+# Shared final tweaks
 chmod +x $BUILD_SCRIPT
 
 unset SINGULARITY_IMAGE
@@ -154,8 +179,8 @@ if [ $? != 0 ]; then
 fi
 
 if [ ! -f "${SINGULARITY_WORKDIR}${STAGED_BUILD_IMAGE}/container.sif" ]; then
-   echo "Container was not built.";
-   exit 1;
+    echo "Container was not built.";
+    exit 1;
 fi
 
 mv "${SINGULARITY_WORKDIR}${STAGED_BUILD_IMAGE}/container.sif" "$BUILDDEF_DIR/${SINGULARITY_FINAL}"

singularity/build/scripts/singularity-prepare-instance.sh

@@ -47,15 +47,15 @@ sudo -H python3 -m pip install oauth2client==3.0.0
 sudo -H python3 -m pip install ipython
 
 # Install GoLang
-export VERSION=1.12.6 OS=linux ARCH=amd64
+export VERSION=1.13 OS=linux ARCH=amd64
 
 wget -O /tmp/go${VERSION}.${OS}-${ARCH}.tar.gz https://dl.google.com/go/go${VERSION}.${OS}-${ARCH}.tar.gz && \
     sudo tar -C /usr/local -xzf /tmp/go${VERSION}.${OS}-${ARCH}.tar.gz
 
 # Install Singularity from Github
 
 mkdir -p /tmp/go
-export GOPATH=/tmp/go SINGULARITY_VERSION=3.2.1
+export GOPATH=/tmp/go SINGULARITY_VERSION=3.4.2
 export PATH=/usr/local/go/bin:$PATH
 echo 'Defaults env_keep += "GOPATH"' | sudo tee --append /etc/sudoers.d/env_keep
 
@@ -69,7 +69,8 @@ mkdir -p ${GOPATH}/src/github.com/sylabs && \
 
 # https://github.com/sylabs/singularity/blob/release-3.4/internal/pkg/build/build.go is 3.4.2 at build time
 cd ${GOPATH}/src/github.com/sylabs/singularity && \
-    wget https://raw.githubusercontent.com/singularityhub/singularity-python/v3.2.1/singularity/build/scripts/bundle.go && \
+    wget https://raw.githubusercontent.com/singularityhub/singularity-python/v$SINGULARITY_VERSION/singularity/build/scripts/bundle.go && \
+    wget https://raw.githubusercontent.com/singularityhub/singularity-python/v$SINGULARITY_VERSION/singularity/build/scripts/build.go && \
     mv bundle.go pkg/build/types/ && \
     mv build.go internal/pkg/build/build.go
     ./mconfig && \
@@ -97,7 +98,7 @@ From: ubuntu:18.04
     export VERSION=1.12.6 OS=linux ARCH=amd64
     export SINGULARITY_VERSION=3.2.1
     apt-get update -y
-    apt-get -y install git build-essential libssl-dev uuid-dev pkg-config curl gcc
+    apt-get -y install git build-essential libssl-dev uuid-dev pkg-config curl gcc cryptsetup
     apt-get -y install libgpgme11-dev libseccomp-dev squashfs-tools libc6-dev-i386
     apt-get install -y debootstrap yum pacman
     apt-get clean