try adding bundle

Signed-off-by: Vanessa Sochat <[email protected]>

Author: vsoch

singularity/build/scripts/bundle.go

@@ -0,0 +1,115 @@
+// Copyright (c) 2018-2019, Sylabs Inc. All rights reserved.
+// This software is licensed under a 3-clause BSD license. Please consult the
+// LICENSE.md file distributed with the sources of this project regarding your
+// rights to use or distribute this software.
+
+package types
+
+import (
+	"io/ioutil"
+	"os"
+	"path/filepath"
+
+	ocitypes "github.com/containers/image/types"
+	"github.com/sylabs/singularity/internal/pkg/sylog"
+)
+
+// Bundle is the temporary build environment used during the image
+// building process. A Bundle is the programmatic representation of
+// the directory structure which will constitute this environmenb.
+// /tmp/...:
+//     fs/ - A chroot filesystem
+//     .singularity.d/ - Container metadata (from 2.x image format)
+//     config.json (optional) - Contain information for OCI image bundle
+//     etc... - The Bundle dir can theoretically contain arbitrary directories,
+//              files, etc... which can be interpreted by the Chef
+type Bundle struct {
+	// FSObjects is a map of the filesystem objects contained in the Bundle. An object
+	// will be built as one section of a SIF file.
+	//
+	// Known FSObjects labels:
+	//   * rootfs -> root file system
+	//   * .singularity.d -> .singularity.d directory (includes image exec scripts)
+	//   * data -> directory containing data files
+	FSObjects   map[string]string `json:"fsObjects"`
+	JSONObjects map[string][]byte `json:"jsonObjects"`
+	Recipe      Definition        `json:"rawDeffile"`
+	BindPath    []string          `json:"bindPath"`
+	Path        string            `json:"bundlePath"`
+	Opts        Options           `json:"opts"`
+}
+
+// Options defines build time behavior to be executed on the bundle
+type Options struct {
+	// sections are the parts of the definition to run during the build
+	Sections []string `json:"sections"`
+	// TmpDir specifies a non-standard temporary location to perform a build
+	TmpDir string
+	// LibraryURL contains URL to library where base images can be pulled
+	LibraryURL string `json:"libraryURL"`
+	// LibraryAuthToken contains authentication token to access specified library
+	LibraryAuthToken string `json:"libraryAuthToken"`
+	// contains docker credentials if specified
+	DockerAuthConfig *ocitypes.DockerAuthConfig
+	// noTest indicates if build should skip running the test script
+	NoTest bool `json:"noTest"`
+	// force automatically deletes an existing container at build destination while performing build
+	Force bool `json:"force"`
+	// update detects and builds using an existing sandbox container at build destination
+	Update bool `json:"update"`
+	// noHTTPS
+	NoHTTPS bool `json:"noHTTPS"`
+	// NoCleanUp allows a user to prevent a bundle from being cleaned up after a failed build
+	// useful for debugging
+	NoCleanUp bool `json:"noCleanUp"`
+}
+
+// NewBundle creates a Bundle environment
+func NewBundle(bundleDir, bundlePrefix string) (b *Bundle, err error) {
+	b = &Bundle{}
+	b.JSONObjects = make(map[string][]byte)
+
+	if bundlePrefix == "" {
+		bundlePrefix = "sbuild-"
+	}
+
+	// Bundle path must be predictable
+	b.Path = "/tmp/sbuild"
+	err = os.MkDir(b.Path)
+	if err != nil {
+		return nil, err
+	}
+	sylog.Debugf("Created temporary directory for bundle %v\n", b.Path)
+
+	b.FSObjects = map[string]string{
+		"rootfs": "fs",
+	}
+
+	for _, fso := range b.FSObjects {
+		if err = os.MkdirAll(filepath.Join(b.Path, fso), 0755); err != nil {
+			return
+		}
+	}
+
+	return b, nil
+}
+
+// Rootfs give the path to the root filesystem in the Bundle
+func (b *Bundle) Rootfs() string {
+	return filepath.Join(b.Path, b.FSObjects["rootfs"])
+}
+
+// RunSection iterates through the sections specified in a bundle
+// and returns true if the given string, s, is a section of the
+// definition that should be executed during the build process
+func (b Bundle) RunSection(s string) bool {
+	for _, section := range b.Opts.Sections {
+		if section == "none" {
+			return false
+		}
+		if section == "all" || section == s {
+			return true
+		}
+	}
+	return false
+}

singularity/build/scripts/singularity-build-latest.sh

@@ -24,133 +24,6 @@
 #
 ################################################################################
 
-SINGULARITY_libexecdir="/usr/local/libexec/singularity"
-SINGULARITY_PATH="/usr/local/bin"
-SECBUILD_IMAGE="$SINGULARITY_libexecdir/singularity/secure-build/secbuild.sif"
-
-# Set the isolated root
-if [ -z "${SINGULARITY_ISOLATED_ROOT:-}" ]; then
-    BUILDDEF_DIR_NAME=$(dirname ${SINGULARITY_BUILDDEF:-})
-else
-    BUILDDEF_DIR_NAME=$(readlink -f ${SINGULARITY_ISOLATED_ROOT:-})
-fi
-BUILDDEF_DIR=$(readlink -f ${BUILDDEF_DIR_NAME:-})
-
-if [ -z "${BUILDDEF_DIR:-}" ]; then
-    message ERROR "Can't find parent directory of $SINGULARITY_BUILDDEF\n"
-    exit 1
-fi
-
-BUILDDEF=$(basename ${SINGULARITY_BUILDDEF:-})
-
-# create a temporary dir per build instance
-export SINGULARITY_WORKDIR=$(mktemp -d)
-
-# create /tmp and /var/tmp into WORKDIR
-mkdir -p $SINGULARITY_WORKDIR/tmp $SINGULARITY_WORKDIR/var_tmp
-
-# set sticky bit for these directories
-chmod 1777 $SINGULARITY_WORKDIR/tmp
-chmod 1777 $SINGULARITY_WORKDIR/var_tmp
-
-# setup a fake root directory
-cp -a /etc/skel $SINGULARITY_WORKDIR/root
-
-cat > "$SINGULARITY_WORKDIR/root/.rpmmacros" << RPMMAC
-%_var /var
-%_dbpath %{_var}/lib/rpm
-RPMMAC
-
-REPO_DIR="/root/repo"
-STAGED_BUILD_IMAGE="/root/build"
-
-mkdir ${SINGULARITY_WORKDIR}${REPO_DIR}
-mkdir ${SINGULARITY_WORKDIR}${STAGED_BUILD_IMAGE}
-
-BUILD_SCRIPT="$SINGULARITY_WORKDIR/tmp/build-script"
-TMP_CONF_FILE="$SINGULARITY_WORKDIR/tmp.conf"
-FSTAB_FILE="$SINGULARITY_WORKDIR/fstab"
-RESOLV_CONF="$SINGULARITY_WORKDIR/resolv.conf"
-HOSTS_FILE="$SINGULARITY_WORKDIR/hosts"
-
-cp /etc/resolv.conf $RESOLV_CONF
-cp /etc/hosts $HOSTS_FILE
-
-cat > "$FSTAB_FILE" << FSTAB
-none $STAGED_BUILD_IMAGE      bind    dev     0 0
-FSTAB
-
-cat > "$TMP_CONF_FILE" << CONF
-config passwd = no
-config group = no
-config resolv_conf = no
-mount proc = no
-mount sys = no
-mount home = no
-mount dev = minimal
-mount devpts = no
-mount tmp = no
-enable overlay = no
-user bind control = no
-bind path = $SINGULARITY_WORKDIR/root:/root
-bind path = $SINGULARITY_WORKDIR/tmp:/tmp
-bind path = $SINGULARITY_WORKDIR/var_tmp:/var/tmp
-bind path = $SINGULARITY_ROOTFS:$STAGED_BUILD_IMAGE
-bind path = $BUILDDEF_DIR:$REPO_DIR
-bind path = $FSTAB_FILE:/etc/fstab
-bind path = $RESOLV_CONF:/etc/resolv.conf
-bind path = $HOSTS_FILE:/etc/hosts
-root default capabilities = default
-allow user capabilities = no
-CONF
-
-# here build pre-stage
-cat > "$BUILD_SCRIPT" << SCRIPT
-#!/bin/sh
-mount -r --no-mtab -t proc proc /proc
-if [ \$? != 0 ]; then
-    echo "Can't mount /proc directory"
-    exit 1
-fi
-mount -r --no-mtab -t sysfs sysfs /sys
-if [ \$? != 0 ]; then
-    echo "Can't mount /sys directory"
-    exit 1
-fi
-mount -o remount,dev $STAGED_BUILD_IMAGE
-if [ \$? != 0 ]; then
-    echo "Can't remount $STAGED_BUILD_IMAGE"
-    exit 1
-fi
-cd $REPO_DIR
-singularity build --sandbox $STAGED_BUILD_IMAGE $BUILDDEF
-exit \$?
-SCRIPT
-
-chmod +x $BUILD_SCRIPT
-
-unset SINGULARITY_IMAGE
-unset SINGULARITY_NO_PRIVS
-unset SINGULARITY_KEEP_PRIVS
-unset SINGULARITY_ADD_CAPS
-unset SINGULARITY_DROP_CAPS
-
-${SINGULARITY_bindir}/singularity -c $TMP_CONF_FILE exec -e -i -p $SECBUILD_IMAGE /tmp/build-script
-if [ $? != 0 ]; then
-    rm -rf $SINGULARITY_WORKDIR
-    exit 1
-fi
-
-rm -rf $SINGULARITY_WORKDIR
-
-
-
-
-
-
-
-
-
 
 echo "Start Time: $(date)." > /tmp/.shub-log 2>&1
 timeout -s KILL 2h sudo python3 -c "from singularity.build.google import run_build; run_build()" >> /tmp/.shub-log 2>&1

singularity/build/scripts/singularity-prepare-instance.sh

@@ -38,11 +38,11 @@ sudo apt-get -y install git \
                    python3-pip
 
 # Pip3 installs
-sudo pip3 install --upgrade pip &&
-sudo pip3 install pyasn1-modules -U &&
-sudo pip3 install --upgrade google-api-python-client &&
-sudo pip3 install --upgrade google &&
-sudo pip3 install oauth2client==3.0.0
+sudo -H pip3 install -H --upgrade pip
+sudo -H pip3 install pyasn1-modules -U
+sudo -H pip3 install --upgrade google-api-python-client
+sudo -H pip3 install --upgrade google
+sudo -H pip3 install oauth2client==3.0.0
 
 # Install GoLang
 export VERSION=1.12.6 OS=linux ARCH=amd64
@@ -66,6 +66,7 @@ mkdir -p ${GOPATH}/src/github.com/sylabs && \
     echo "v${SINGULARITY_VERSION}" > VERSION
 
 cd ${GOPATH}/src/github.com/sylabs/singularity && \
+    wget 
     ./mconfig && \
     cd ./builddir && \
     make && \