From 9c5e96e376754cf922b1417af184fd8552f9feef Mon Sep 17 00:00:00 2001 From: Eric Anderson Date: Tue, 13 Mar 2018 09:38:21 -0700 Subject: [PATCH] buildscripts: Cleaner Linux release Docker This is a greatly simplified Docker container compared to that in compiler/. We really want the docker image to just be a build environment, and build the specific versions of dependencies as part of our normal build (not docker build). It also includes a helper script that lets you easily do build actions with the docker environment, but into a checkout on the host. This can dramatically reduce the pain in building from the docker container as the source doesn't need to be checked out and only caches are lost between invocations. --- buildscripts/grpc-java-releasing/Dockerfile | 6 +++ .../scl-enable-devtoolset.sh | 13 ++++++ buildscripts/kokoro/unix.sh | 8 ++-- buildscripts/run_in_docker.sh | 40 +++++++++++++++++++ 4 files changed, 64 insertions(+), 3 deletions(-) create mode 100644 buildscripts/grpc-java-releasing/Dockerfile create mode 100755 buildscripts/grpc-java-releasing/scl-enable-devtoolset.sh create mode 100755 buildscripts/run_in_docker.sh diff --git a/buildscripts/grpc-java-releasing/Dockerfile b/buildscripts/grpc-java-releasing/Dockerfile new file mode 100644 index 0000000000..fe1a8687e3 --- /dev/null +++ b/buildscripts/grpc-java-releasing/Dockerfile @@ -0,0 +1,6 @@ +FROM protoc-artifacts:latest + +COPY scl-enable-devtoolset.sh / + +# Start in devtoolset environment that uses GCC 4.7 +ENTRYPOINT ["/scl-enable-devtoolset.sh"] diff --git a/buildscripts/grpc-java-releasing/scl-enable-devtoolset.sh b/buildscripts/grpc-java-releasing/scl-enable-devtoolset.sh new file mode 100755 index 0000000000..8d9585eab3 --- /dev/null +++ b/buildscripts/grpc-java-releasing/scl-enable-devtoolset.sh @@ -0,0 +1,13 @@ +#!/bin/bash +set -eu -o pipefail + +quote() { + local arg + for arg in "$@"; do + printf "'" + printf "%s" "$arg" | sed -e "s/'/'\\\\''/g" + printf "' " + done +} + +exec scl enable devtoolset-1.1 "$(quote "$@")" diff --git a/buildscripts/kokoro/unix.sh b/buildscripts/kokoro/unix.sh index 255748d09f..4b29f1ff01 100755 --- a/buildscripts/kokoro/unix.sh +++ b/buildscripts/kokoro/unix.sh @@ -43,6 +43,7 @@ GRADLE_FLAGS="${GRADLE_FLAGS:-}" GRADLE_FLAGS+=" -Pcheckstyle.ignoreFailures=false" GRADLE_FLAGS+=" -PfailOnWarnings=true" GRADLE_FLAGS+=" -PerrorProne=true" +GRADLE_FLAGS+=" -Dorg.gradle.parallel=true" export GRADLE_OPTS="-Xmx512m" # Make protobuf discoverable by :grpc-compiler @@ -60,7 +61,7 @@ if [[ -z "${SKIP_CLEAN_CHECK:-}" && ! -z $(git status --porcelain) ]]; then fi # Run tests -./gradlew build +./gradlew build $GRADLE_FLAGS pushd examples ./gradlew build $GRADLE_FLAGS # --batch-mode reduces log spam @@ -69,8 +70,9 @@ popd # TODO(zpencer): also build the GAE examples LOCAL_MVN_TEMP=$(mktemp -d) -./gradlew clean grpc-compiler:build grpc-compiler:uploadArchives -PtargetArch=x86_64 \ - -Dorg.gradle.parallel=false -PrepositoryDir=$LOCAL_MVN_TEMP $GRADLE_FLAGS +# Note that this disables parallel=true from GRADLE_FLAGS +./gradlew clean grpc-compiler:build grpc-compiler:uploadArchives $GRADLE_FLAGS -PtargetArch=x86_64 \ + -Dorg.gradle.parallel=false -PrepositoryDir=$LOCAL_MVN_TEMP if [[ -z "${MVN_ARTIFACTS:-}" ]]; then exit 0 diff --git a/buildscripts/run_in_docker.sh b/buildscripts/run_in_docker.sh new file mode 100755 index 0000000000..f6ec7e32c6 --- /dev/null +++ b/buildscripts/run_in_docker.sh @@ -0,0 +1,40 @@ +#!/bin/bash +set -eu -o pipefail + +quote() { + local arg + for arg in "$@"; do + printf "'" + printf "%s" "$arg" | sed -e "s/'/'\\\\''/g" + printf "' " + done +} + +if [[ "${1:-}" != "in-docker" ]]; then + readonly grpc_java_dir="$(dirname $(readlink -f "$0"))/.." + exec docker run -it --rm=true -v "${grpc_java_dir}:/grpc-java" -w /grpc-java \ + grpc-java-releasing \ + ./buildscripts/run_in_docker.sh in-docker "$(id -u)" "$(id -g)" "$@" +fi + +## In Docker + +shift + +readonly swap_uid="$1" +readonly swap_gid="$2" +shift 2 + +# Java uses NSS to determine the user's home. If that fails it uses '?' in the +# current directory. So we need to set up the user's home in /etc/passwd. +# If this wasn't the case, we could have passed -u to docker run and avoided +# this script inside the container. JAVA_TOOL_OPTIONS is okay, but is noisy. +groupadd thegroup -g "$swap_gid" +useradd theuser -u "$swap_uid" -g "$swap_gid" -m +if [[ "$#" -eq 0 ]]; then + exec su theuser +else + # runuser is too old in the container to support the -u flag; if it did, we'd + # be able to remove the 'quote' function. + exec su theuser -c "$(quote "$@")" +fi