Release (#10)

* Project import generated by Copybara. PiperOrigin-RevId: 159017565 * Project import generated by Copybara. PiperOrigin-RevId: 159017565 * Project import generated by Copybara. PiperOrigin-RevId: 159017565 * Project import generated by Copybara. PiperOrigin-RevId: 159017565 * Project import generated by Copybara. PiperOrigin-RevId: 159017565 * Project import generated by Copybara. PiperOrigin-RevId: 159017565 * Project import generated by Copybara. PiperOrigin-RevId: 159017565 * Project import generated by Copybara. PiperOrigin-RevId: 159017565 * Project import generated by Copybara. PiperOrigin-RevId: 159017565 * Project import generated by Copybara. PiperOrigin-RevId: 159017565 * Project import generated by Copybara. PiperOrigin-RevId: 159017565 * Project import generated by Copybara. PiperOrigin-RevId: 159017565 * Revendor (#6) * remove old vendor dependencies * re-vendor dependencies * Revendor (#7) * remove old vendor dependencies * re-vendor dependencies * Project import generated by Copybara. PiperOrigin-RevId: 159017565 * Revendor (#8) * remove old vendor dependencies * re-vendor dependencies * Project import generated by Copybara. PiperOrigin-RevId: 159017565 * Project import generated by Copybara. PiperOrigin-RevId: 162346017 * Project import generated by Copybara. PiperOrigin-RevId: 162346017
GoogleCloudPlatform · Jul 18, 2017 · 395315c · 395315c
1 parent c5e4a60
commit 395315c
Show file tree

Hide file tree

Showing 7 changed files with 132 additions and 106 deletions.
diff --git a/build/build.go b/build/build.go
@@ -44,8 +44,9 @@ const (
 	containerWorkspaceDir = "/workspace"
 
 	// homeVolume is the name of the Docker volume that contains the build's
-	// $HOME directory, mounted in as /home.
+	// $HOME directory, mounted in as /builder/home.
 	homeVolume = "homevol"
+	homeDir    = "/builder/home"
 
 	// maxPushRetries is the maximum number of times we retry pushing an image
 	// in the face of gcr.io DNS lookup errors.
@@ -240,9 +241,9 @@ func (b *Build) UpdateDockerAccessToken(tok string) error {
 		var buf bytes.Buffer
 		args := []string{"docker", "run",
 			// Mount in the home volume.
-			"--volume", homeVolume + ":/home",
-			// Make /home $HOME.
-			"--env", "HOME=/home",
+			"--volume", homeVolume + ":" + homeDir,
+			// Make /builder/home $HOME.
+			"--env", "HOME=" + homeDir,
 			// Make sure the container uses the correct docker daemon.
 			"--volume", "/var/run/docker.sock:/var/run/docker.sock",
 			"gcr.io/cloud-builders/docker",
@@ -279,9 +280,9 @@ func (b *Build) dockerPull(tag string, outWriter, errWriter io.Writer) (string,
 	// Pull from within a container with $HOME mounted.
 	args := []string{"docker", "run",
 		// Mount in the home volume.
-		"--volume", homeVolume + ":/home",
-		// Make /home $HOME.
-		"--env", "HOME=/home",
+		"--volume", homeVolume + ":" + homeDir,
+		// Make /builder/home $HOME.
+		"--env", "HOME=" + homeDir,
 		// Make sure the container uses the correct docker daemon.
 		"--volume", "/var/run/docker.sock:/var/run/docker.sock",
 		"gcr.io/cloud-builders/docker",
@@ -368,9 +369,9 @@ func (b *Build) dockerPushWithRetries(tag string, attempt int) (string, error) {
 	// Push from within a container with $HOME mounted.
 	args := []string{"docker", "run",
 		// Mount in the home volume.
-		"--volume", homeVolume + ":/home",
-		// Make /home $HOME.
-		"--env", "HOME=/home",
+		"--volume", homeVolume + ":" + homeDir,
+		// Make /builder/home $HOME.
+		"--env", "HOME=" + homeDir,
 		// Make sure the container uses the correct docker daemon.
 		"--volume", "/var/run/docker.sock:/var/run/docker.sock",
 		"gcr.io/cloud-builders/docker",
@@ -638,6 +639,19 @@ func (b *Build) fetchAndRunStep(step *cb.BuildStep, idx int, waitChans []chan st
 }
 
 func (b *Build) runBuildSteps() error {
+	// Create the home volume.
+	homeVol := volume.New(homeVolume, b.Runner)
+	if err := homeVol.Setup(); err != nil {
+		return err
+	}
+	defer func() {
+		if err := homeVol.Close(); err != nil {
+			log.Printf("Failed to delete homevol: %v", err)
+		}
+	}()
+
+	// Clean the build steps before trying to delete the volume used by the
+	// running containers.
 	defer b.cleanBuildSteps()
 
 	// Create the home volume.
@@ -714,9 +728,9 @@ func (b *Build) dockerRunArgs(stepDir string, idx int) []string {
 		// filepath.Join would produce an incorrect result.
 		"--workdir", path.Join(containerWorkspaceDir, stepDir),
 		// Mount in the home volume.
-		"--volume", homeVolume+":/home",
-		// Make /home $HOME.
-		"--env", "HOME=/home",
+		"--volume", homeVolume+":"+homeDir,
+		// Make /builder/home $HOME.
+		"--env", "HOME="+homeDir,
 		// Link in the spoofed metadata container to provide GCE metadata.
 		"--link", "metadata:metadata.google.internal",
 		// Run in privileged mode per discussion in b/31267381.

diff --git a/build/build_test.go b/build/build_test.go
@@ -15,7 +15,6 @@
 package build
 
 import (
-	"encoding/base64"
 	"errors"
 	"fmt"
 	"io"
@@ -45,6 +44,7 @@ type mockRunner struct {
 	remotePushesFail bool
 	dockerRunHandler func(args []string, out, err io.Writer) error
 	localFiles       map[string]string
+	volumes          map[string]bool
 }
 
 func newMockRunner(t *testing.T, testCaseName string) *mockRunner {
@@ -69,6 +69,7 @@ func newMockRunner(t *testing.T, testCaseName string) *mockRunner {
 			"gcr.io/my-project/my-builder":  true,
 		},
 		localFiles: map[string]string{},
+		volumes:    map[string]bool{},
 	}
 }
 
@@ -181,10 +182,17 @@ ea358092da77: Image successfully pushed
 		return r.dockerRunHandler(args, out, err)
 	}
 	if startsWith(args, "docker", "volume") {
-		if reflect.DeepEqual(args, []string{"docker", "volume", "create", "--name", "homevol"}) {
+		if startsWith(args, "docker", "volume", "create", "--name") {
+			volName := args[len(args)-1]
+			r.volumes[volName] = true
 			return nil
 		}
-		if reflect.DeepEqual(args, []string{"docker", "volume", "rm", "homevol"}) {
+		if startsWith(args, "docker", "volume", "rm") {
+			volName := args[len(args)-1]
+			if r.volumes[volName] {
+				return fmt.Errorf("volume %q has not been created (or was already deleted)", volName)
+			}
+			delete(r.volumes, volName)
 			return nil
 		}
 		r.t.Errorf("Unexpected docker volume call: %v", args)
@@ -354,9 +362,9 @@ func TestFetchBuilder(t *testing.T) {
 		buildRequest: commonBuildRequest,
 		wantCommands: []string{
 			"docker inspect gcr.io/my-project/my-compiler",
-			"docker run --volume homevol:/home --env HOME=/home --volume /var/run/docker.sock:/var/run/docker.sock gcr.io/cloud-builders/docker pull gcr.io/my-project/my-compiler",
+			"docker run --volume homevol:/builder/home --env HOME=/builder/home --volume /var/run/docker.sock:/var/run/docker.sock gcr.io/cloud-builders/docker pull gcr.io/my-project/my-compiler",
 			"docker inspect gcr.io/my-project/my-builder",
-			"docker run --volume homevol:/home --env HOME=/home --volume /var/run/docker.sock:/var/run/docker.sock gcr.io/cloud-builders/docker pull gcr.io/my-project/my-builder",
+			"docker run --volume homevol:/builder/home --env HOME=/builder/home --volume /var/run/docker.sock:/var/run/docker.sock gcr.io/cloud-builders/docker pull gcr.io/my-project/my-builder",
 		},
 	}, {
 		name: "TestFetchBuilderExists",
@@ -378,7 +386,7 @@ func TestFetchBuilder(t *testing.T) {
 		// no image in remoteImages
 		wantCommands: []string{
 			"docker inspect gcr.io/invalid-build-step",
-			"docker run --volume homevol:/home --env HOME=/home --volume /var/run/docker.sock:/var/run/docker.sock gcr.io/cloud-builders/docker pull gcr.io/invalid-build-step",
+			"docker run --volume homevol:/builder/home --env HOME=/builder/home --volume /var/run/docker.sock:/var/run/docker.sock gcr.io/cloud-builders/docker pull gcr.io/invalid-build-step",
 		},
 		wantErr: errors.New(`error pulling build step "gcr.io/invalid-build-step": exit status 1 for tag "gcr.io/invalid-build-step"`),
 	}}
@@ -579,10 +587,10 @@ func TestRunBuildSteps(t *testing.T) {
 		wantCommands: []string{
 			"docker volume create --name homevol",
 			"docker inspect gcr.io/my-project/my-compiler",
-			"docker run --volume homevol:/home --env HOME=/home --volume /var/run/docker.sock:/var/run/docker.sock gcr.io/cloud-builders/docker pull gcr.io/my-project/my-compiler",
+			"docker run --volume homevol:/builder/home --env HOME=/builder/home --volume /var/run/docker.sock:/var/run/docker.sock gcr.io/cloud-builders/docker pull gcr.io/my-project/my-compiler",
 			dockerRunString(0) + " gcr.io/my-project/my-compiler",
 			"docker inspect gcr.io/my-project/my-builder",
-			"docker run --volume homevol:/home --env HOME=/home --volume /var/run/docker.sock:/var/run/docker.sock gcr.io/cloud-builders/docker pull gcr.io/my-project/my-builder",
+			"docker run --volume homevol:/builder/home --env HOME=/builder/home --volume /var/run/docker.sock:/var/run/docker.sock gcr.io/cloud-builders/docker pull gcr.io/my-project/my-builder",
 			dockerRunInStepDir(1, "foo/baz") +
 				" --env FOO=bar" +
 				" --env BAZ=buz" +
@@ -592,6 +600,7 @@ func TestRunBuildSteps(t *testing.T) {
 			"docker inspect gcr.io/build-output-tag-no-digest",
 			"docker volume rm homevol",
 			"docker rm -f step_0 step_1",
+			"docker volume rm homevol",
 		},
 	}, {
 		name:           "TestRunBuilderFailExplicit",
@@ -894,9 +903,9 @@ func TestPushImages(t *testing.T) {
 		buildRequest:     commonBuildRequest,
 		remotePushesFail: false,
 		wantCommands: []string{
-			"docker run --volume homevol:/home --env HOME=/home --volume /var/run/docker.sock:/var/run/docker.sock gcr.io/cloud-builders/docker push gcr.io/build-output-tag-1",
-			"docker run --volume homevol:/home --env HOME=/home --volume /var/run/docker.sock:/var/run/docker.sock gcr.io/cloud-builders/docker push gcr.io/build-output-tag-2",
-			"docker run --volume homevol:/home --env HOME=/home --volume /var/run/docker.sock:/var/run/docker.sock gcr.io/cloud-builders/docker push gcr.io/build-output-tag-no-digest",
+			"docker run --volume homevol:/builder/home --env HOME=/builder/home --volume /var/run/docker.sock:/var/run/docker.sock gcr.io/cloud-builders/docker push gcr.io/build-output-tag-1",
+			"docker run --volume homevol:/builder/home --env HOME=/builder/home --volume /var/run/docker.sock:/var/run/docker.sock gcr.io/cloud-builders/docker push gcr.io/build-output-tag-2",
+			"docker run --volume homevol:/builder/home --env HOME=/builder/home --volume /var/run/docker.sock:/var/run/docker.sock gcr.io/cloud-builders/docker push gcr.io/build-output-tag-no-digest",
 		},
 	}, {
 		name:             "TestPushImagesFail",
@@ -1243,18 +1252,6 @@ func TestStripTagDigest(t *testing.T) {
 	}
 }
 
-type fakeKMS struct {
-	plaintext string
-	err       error
-}
-
-func (k fakeKMS) Decrypt(_, enc string) (string, error) {
-	if _, err := base64.StdEncoding.DecodeString(enc); err != nil {
-		return "", err
-	}
-	return k.plaintext, k.err
-}
-
 func TestPushDigestScraping(t *testing.T) {
 	cases := []struct {
 		desc     string
@@ -1435,12 +1432,13 @@ func TestStart(t *testing.T) {
 		wantCommands: []string{
 			"docker volume create --name homevol",
 			"docker inspect gcr.io/my-project/my-builder",
-			"docker run --volume homevol:/home --env HOME=/home --volume /var/run/docker.sock:/var/run/docker.sock gcr.io/cloud-builders/docker pull gcr.io/my-project/my-builder",
+			"docker run --volume homevol:/builder/home --env HOME=/builder/home --volume /var/run/docker.sock:/var/run/docker.sock gcr.io/cloud-builders/docker pull gcr.io/my-project/my-builder",
 			dockerRunString(0) + " gcr.io/my-project/my-builder a",
 			"docker inspect gcr.io/build",
 			"docker volume rm homevol",
 			"docker rm -f step_0",
-			"docker run --volume homevol:/home --env HOME=/home --volume /var/run/docker.sock:/var/run/docker.sock gcr.io/cloud-builders/docker push gcr.io/build",
+			"docker volume rm homevol",
+			"docker run --volume homevol:/builder/home --env HOME=/builder/home --volume /var/run/docker.sock:/var/run/docker.sock gcr.io/cloud-builders/docker push gcr.io/build",
 		},
 	}, {
 		name: "Build without pushing images",
@@ -1455,11 +1453,12 @@ func TestStart(t *testing.T) {
 		wantCommands: []string{
 			"docker volume create --name homevol",
 			"docker inspect gcr.io/my-project/my-builder",
-			"docker run --volume homevol:/home --env HOME=/home --volume /var/run/docker.sock:/var/run/docker.sock gcr.io/cloud-builders/docker pull gcr.io/my-project/my-builder",
+			"docker run --volume homevol:/builder/home --env HOME=/builder/home --volume /var/run/docker.sock:/var/run/docker.sock gcr.io/cloud-builders/docker pull gcr.io/my-project/my-builder",
 			dockerRunString(0) + " gcr.io/my-project/my-builder a",
 			"docker inspect gcr.io/build",
 			"docker volume rm homevol",
 			"docker rm -f step_0",
+			"docker volume rm homevol",
 		},
 	}} {
 		r := newMockRunner(t, tc.name)

diff --git a/gcloud/gcloud.go b/gcloud/gcloud.go
@@ -33,7 +33,7 @@ func AccessToken(r runner.Runner) (string, error) {
 	if err := r.Run(cmd, nil, &tb, os.Stderr, ""); err != nil {
 		return "", err
 	}
-	return tb.String(), nil
+	return strings.TrimSpace(tb.String()), nil
 }
 
 // ProjectInfo gets the project id and number from local gcloud.

diff --git a/gcloud/gcloud_test.go b/gcloud/gcloud_test.go
@@ -56,11 +56,11 @@ func (r *mockRunner) Run(args []string, in io.Reader, out, err io.Writer, _ stri
 	r.mu.Unlock()
 
 	if startsWith(args, "gcloud", "config", "list") {
-		io.WriteString(out, fmt.Sprintf(`%s
-`, r.projectID))
+		fmt.Fprintln(out, r.projectID)
 	} else if startsWith(args, "gcloud", "projects", "describe") {
-		io.WriteString(out, `1234
-`)
+		fmt.Fprintln(out, "1234")
+	} else if startsWith(args, "gcloud", "auth", "application-default", "print-access-token") {
+		fmt.Fprintln(out, "my-token")
 	}
 
 	return nil
@@ -80,9 +80,13 @@ func (r *mockRunner) Clean() error {
 
 func TestAccessToken(t *testing.T) {
 	r := newMockRunner(t, "")
-	if _, err := AccessToken(r); err != nil {
+	token, err := AccessToken(r)
+	if err != nil {
 		t.Errorf("AccessToken failed: %v", err)
 	}
+	if token != "my-token" {
+		t.Errorf("AccessToken failed returning the token; got %s, want %s", token, "my-token")
+	}
 	got := strings.Join(r.commands, "\n")
 	want := "gcloud auth application-default print-access-token"
 	if got != want {