Python wrapper with Docker backend with profiles

package

@@ -1,10 +1,10 @@
 #!/usr/bin/env python3
 
-import argparse, sys, shutil, os, hashlib
+import argparse, sys, shutil, os, subprocess
 
 sys.path.append(os.path.dirname(__file__) + '/lib')
 
-import tamarin, system, rkt
+import tamarin
 
 def create_args_parser():
     '''Return a new configured ArgumentParser'''
@@ -20,80 +20,37 @@ def create_args_parser():
     parser.add_argument("-b", "--base", help="Use the specified image instead of the profile's one", default='')
     parser.add_argument("--rebuild", help="Ignore cache and rebuild container's image", action="store_true", default=False)
     parser.add_argument("--debug", help="Will add extra output and start the container in interactive mode", action="store_true", default=False)
+    parser.add_argument("--cleanup", help="Clear the workspace and remove obsolete Docker images before build", action="store_true", default=False)
 
     return parser
 
-def download_and_extract_rkt(dest_dir, debug=False):
-    '''Download and extract rkt to the given destination directory'''
-    rkt_archive_path = tamarin.download_rkt(debug=debug)
-    system.extract_tar(rkt_archive_path, workspace_tmp, debug=debug)
-    rkt_archive_dir = tamarin.get_rkt_achive_dest_dir()
-    shutil.rmtree(local_rkt_dir, ignore_errors=True)
-    os.rename(rkt_archive_dir, dest_dir)
+def build_image(build_workspace, base_image, profile_name, profile, debug=False, rebuild=False):
 
-def download_and_extract_acbuild(dest_dir, debug=False):
-    '''Download and extract acbuild to the given destination directory'''
-    acbuild_archive_path = tamarin.download_acbuild(debug=debug)
-    system.extract_tar(acbuild_archive_path, workspace_tmp, debug=debug)
-    acbuild_archive_dir = tamarin.get_acbuild_achive_dest_dir()
-    shutil.rmtree(local_acbuild_dir, ignore_errors=True)
-    os.rename(acbuild_archive_dir, dest_dir)
-
-def get_cached_image_path(profile, debug=False):
-    '''Compute and return the path for an hypothetic cached image for the given profile'''
-    containerbuild_hooks = profile['containerbuild']['hooks']
-    hasher = hashlib.sha1()
-    hasher.update(base_image.encode())
-    hasher.update(containerbuild_hooks.encode())
-    image_hash = hasher.hexdigest()
-    cache_dir = tamarin.get_workspace_subdir('cache')
-    return os.path.join(os.sep, cache_dir, '{:s}.aci'.format(image_hash[:12]));
-
-def build_image(build_workspace, aci_file, base_image, profile, debug=False):
-
-    acbuild_flags = ["--work-path", build_workspace]
-
-    # Find and export base image from rkt' store
-    name_pattern = base_image.split('/')[-1] + '$'
-    image = rkt.find_image_by_name(name_pattern, rkt_flags=rkt_flags)
-    rkt.export_image(image['id'], aci_file, rkt_flags=rkt_flags, debug=debug);
-
-    # Build image
-    tamarin.run_acbuild(acbuild_flags+["begin", aci_file], debug=debug)
-    tamarin.run_acbuild(acbuild_flags+["set-name", "image_{:d}".format(pid)], debug=debug)
-    tamarin.run_acbuild(acbuild_flags+["mount", "add", "src", "/src", "--read-only"], debug=debug)
-    tamarin.run_acbuild(acbuild_flags+["mount", "add", "dist", "/dist"], debug=debug)
-    tamarin.run_acbuild(acbuild_flags+["mount", "add", "tamarin-hooks", "/tamarin/hooks", "--read-only"], debug=debug)
-    tamarin.run_acbuild(acbuild_flags+["mount", "add", "tamarin-lib", "/tamarin/lib", "--read-only"], debug=debug)
-    tamarin.run_acbuild(acbuild_flags+["mount", "add", "tamarin-profiles", "/tamarin/profiles", "--read-only"], debug=debug)
+    with open("{:s}/Dockerfile".format(build_workspace), 'w') as dockerfile:
+        dockerfile.write("FROM {:s}\n".format(base_image))
 
     # Configure "containerbuild" hooks environment
     hooks_env = os.environ.copy()
-    hooks_env["PATH"] = os.environ['PATH'] + ':' + tamarin.get_workspace_subdir('acbuild')
-    hooks_env["TAMARIN_ACBUILD"] = " ".join([system.which('acbuild', local_acbuild_dir)]+acbuild_flags)
-    hooks_env["TAMARIN_ACBUILD_ENGINE"] = "chroot" if not system.which('systemctl') else "systemd-nspawn"
+    hooks_env["PATH"] = os.environ['PATH'] + ':' + tamarin.get_lib_dir()
 
     # Run hooks
     tamarin.run_profile_hooks(profile, 'containerbuild', cwd=build_workspace, env=hooks_env, debug=debug)
 
-    tamarin.run_acbuild(acbuild_flags+["write", "--overwrite", aci_file], as_root=True, debug=debug)
-    tamarin.run_acbuild(acbuild_flags+["end"], as_root=True, debug=debug)
+    image_tag = "tamarin:{:s}_{:s}_{:d}".format(profile_name, base_image.replace(':', '_'), os.getpid())
 
-    return aci_file
+    build_args = [ "build", "-t", image_tag ]
 
-def cleanup(build_workspace, rkt_flags, debug=False):
+    if rebuild:
+        build_args += [ "--no-cache" ]
 
-    # Nettoyage des conteneurs
-    rkt.run([
-        "gc",
-        "--grace-period=0"
-    ] + rkt_flags, as_root=True, debug=debug)
+    tamarin.run_docker(build_args + [build_workspace], debug=debug)
 
-    # Nettoyage des images obsolètes du store
-    rkt.run([
-        "image",
-        "gc"
-    ] + rkt_flags, as_root=True, debug=debug)
+    return image_tag
+
+def cleanup(build_workspace=None, debug=False):
+
+    if build_workspace == None:
+        build_workspace = tamarin.get_workspace_subdir('tmp')
 
     # Suppression de l'espace de travail de build
     shutil.rmtree(build_workspace, ignore_errors=True)
@@ -108,6 +65,9 @@ if __name__ == "__main__":
 
     validate_args(args)
 
+    if args.cleanup:
+        cleanup(debug=args.debug)
+
     # Verify project directory
     project_dir = os.path.abspath(args.project_directory)
     output_dir = os.path.abspath(args.output)
@@ -116,69 +76,42 @@ if __name__ == "__main__":
     profile = tamarin.load_profile(args.profile, debug=args.debug)
 
     workspace = tamarin.get_workspace_dir()
-    workspace_tmp = tamarin.get_workspace_subdir('tmp')
-
-    local_rkt_dir = tamarin.get_workspace_subdir('rkt')
-    if not system.which('rkt', local_rkt_dir):
-        download_and_extract_rkt(local_rkt_dir)
-
-    local_acbuild_dir = tamarin.get_workspace_subdir('acbuild')
-    if not system.which('acbuild', local_acbuild_dir):
-        download_and_extract_acbuild(local_acbuild_dir)
 
     pid = os.getpid()
     build_workspace = tamarin.get_workspace_subdir('tmp/build_{:d}'.format(pid))
 
-    rkt_store = tamarin.get_workspace_subdir('store')
-    rkt_flags = ["--dir={:s}".format(rkt_store)]
-
     base_image = args.base if args.base != '' else profile['profile']['default_image']
 
-    # If the base image is Docker-based, download it
-    if base_image.startswith('docker://'):
-        rkt.run([
-            "fetch",
-            "--insecure-options=image",
-            base_image
-        ] + rkt_flags, debug=args.debug)
-
-    aci_file = os.path.join(os.sep, build_workspace, 'image.aci')
-    cached_image_file = get_cached_image_path(profile, debug=args.debug)
-
-    if not args.rebuild and os.path.exists(cached_image_file):
-        # Copy cached image
-        shutil.copyfile(cached_image_file, aci_file)
-    else:
-        build_image(build_workspace, aci_file, base_image, profile, debug=args.debug)
-        # Cache image
-        shutil.copyfile(aci_file, cached_image_file)
+    image_tag = build_image(build_workspace, base_image, args.profile, profile,  debug=args.debug, rebuild=args.rebuild)
 
     # rkt run arguments
-    rkt_args = [
-      "run",
-      "--insecure-options=image",
-      aci_file, "--net=host",
-      "--volume=src,kind=host,source={:s}".format(project_dir),
-      "--volume=dist,kind=host,source={:s}".format(output_dir),
-      "--volume=tamarin-hooks,kind=host,source={:s}".format(tamarin.get_hooks_dir()),
-      "--volume=tamarin-lib,kind=host,source={:s}".format(tamarin.get_lib_dir()),
-      "--volume=tamarin-profiles,kind=host,source={:s}".format(tamarin.get_profiles_dir())
+    docker_args = [
+        "run",
+        "--rm",
+        "-v", "{:s}:/src:ro".format(project_dir),
+        "-v", "{:s}:/dist".format(output_dir),
+        "-v", "{:s}:/tamarin/hooks:ro".format(tamarin.get_hooks_dir()),
+        "-v", "{:s}:/tamarin/lib:ro".format(tamarin.get_lib_dir()),
+        "-v", "{:s}:/tamarin/profiles:ro".format(tamarin.get_profiles_dir())
     ]
 
     # Use environment proxy if defined
     for proxy_var in ['HTTP_PROXY', 'HTTPS_PROXY', 'http_proxy', 'https_proxy']:
-      if proxy_var in os.environ:
-        rkt_args += ["--set-env={:s}={:s}".format(proxy_var, os.environ[proxy_var])]
+        if proxy_var in os.environ:
+            docker_args += ["-e", "{:s}={:s}".format(proxy_var, os.environ[proxy_var])]
+
+    kwargs = dict()
+    kwargs['debug'] = args.debug
 
     if args.debug:
-      rkt_args += ["--interactive", "--exec", "/bin/bash"]
-      helper_cmd = " ".join(["/usr/bin/python3", "/tamarin/lib/build.py", args.profile, args.architecture])
-      print("Executer '{:s}' pour lancer la construction du paquet.".format(helper_cmd))
+        kwargs['pty'] = True
+        docker_args += ["-it", image_tag, "/bin/sh"]
+        helper_cmd = " ".join(["/usr/bin/python3", "/tamarin/lib/build.py", args.profile, args.architecture])
+        print("Executer '{:s}' pour lancer la construction du paquet.".format(helper_cmd))
     else:
-      rkt_args += ["--exec", "/usr/bin/python3", "--", "/tamarin/lib/build.py", args.profile, args.architecture]
+        docker_args += [image_tag, "/usr/bin/python3", "/tamarin/lib/build.py", args.profile, args.architecture]
 
     # Start container
-    rkt.run(rkt_flags+rkt_args, as_root=True, debug=args.debug)
+    tamarin.run_docker(docker_args, **kwargs)
 
-    # Cleanup
-    cleanup(build_workspace, rkt_flags, debug=args.debug)
+    cleanup(build_workspace, debug=args.debug)