Bug 1394883: use /builds/worker in image building; r?gps
This includes adding TASKCLUSTER_VOLUMES to docker image builds directly. The
env variable is not added as part of the task transform because `run-task` is
not in payload.command. In fact, build-image.sh calls run-task after doing
some other housekeeping.
Ideally image builds would be turned into jobs and all of this would occur
automatically, but that turns out to be quite a bit too complex for this
incidental fix -- perhaps best solved in another bug.
MozReview-Commit-ID: FYHvafJras7
--- a/taskcluster/docker/image_builder/Dockerfile
+++ b/taskcluster/docker/image_builder/Dockerfile
@@ -17,26 +17,26 @@ ADD topsrcdir/taskcluster/docker/recipes
# Add and run setup script
ADD build-image.sh /usr/local/bin/build-image.sh
ADD download-and-compress /usr/local/bin/download-and-compress
ADD setup.sh /setup/setup.sh
RUN bash /setup/setup.sh
# Setup a workspace that won't use AUFS.
-VOLUME /home/worker/checkouts
-VOLUME /home/worker/workspace
+VOLUME /builds/worker/checkouts
+VOLUME /builds/worker/workspace
# Set variable normally configured at login, by the shells parent process, these
# are taken from GNU su manual
-ENV HOME /home/worker
+ENV HOME /builds/worker
ENV SHELL /bin/bash
ENV USER worker
ENV LOGNAME worker
ENV HOSTNAME taskcluster-worker
ENV LC_ALL C
# Create worker user
-RUN useradd -d /home/worker -s /bin/bash -m worker
+RUN useradd -d /builds/worker -s /bin/bash -m worker
# Set some sane defaults
-WORKDIR /home/worker/
+WORKDIR /builds/worker/
CMD build-image.sh
--- a/taskcluster/docker/image_builder/HASH
+++ b/taskcluster/docker/image_builder/HASH
@@ -1,1 +1,1 @@
-sha256:ceaaf92511cfbff711598005585127953873332c62f245dcf1892510c4eb371f
+sha256:24ce54a1602453bc93515aecd9d4ad25a22115fbc4b209ddb5541377e9a37315
--- a/taskcluster/docker/image_builder/VERSION
+++ b/taskcluster/docker/image_builder/VERSION
@@ -1,1 +1,1 @@
-1.3.0
+2.0.0
--- a/taskcluster/docker/image_builder/build-image.sh
+++ b/taskcluster/docker/image_builder/build-image.sh
@@ -13,31 +13,31 @@ raise_error() {
exit 1
}
# Ensure that the PROJECT is specified so the image can be indexed
test -n "$PROJECT" || raise_error "PROJECT must be provided."
test -n "$HASH" || raise_error "Context HASH must be provided."
test -n "$IMAGE_NAME" || raise_error "IMAGE_NAME must be provided."
-# Create artifact folder
-mkdir -p /home/worker/workspace/artifacts
-
# Construct a CONTEXT_FILE
-CONTEXT_FILE=/home/worker/workspace/context.tar
+CONTEXT_FILE=/builds/worker/workspace/context.tar
# Run ./mach taskcluster-build-image with --context-only to build context
run-task \
- --vcs-checkout "/home/worker/checkouts/gecko" \
+ --vcs-checkout "/builds/worker/checkouts/gecko" \
-- \
- /home/worker/checkouts/gecko/mach taskcluster-build-image \
+ /builds/worker/checkouts/gecko/mach taskcluster-build-image \
--context-only "$CONTEXT_FILE" \
"$IMAGE_NAME"
test -f "$CONTEXT_FILE" || raise_error "Context file wasn't created"
+# Create artifact folder (note that this must occur after run-task)
+mkdir -p /builds/worker/workspace/artifacts
+
# Post context tar-ball to docker daemon
# This interacts directly with the docker remote API, see:
# https://docs.docker.com/engine/reference/api/docker_remote_api_v1.18/
curl -s --fail \
-X POST \
--header 'Content-Type: application/tar' \
--data-binary "@$CONTEXT_FILE" \
--unix-socket /var/run/docker.sock "http:/build?t=$IMAGE_NAME:$HASH" \
@@ -58,10 +58,10 @@ fi
# Get image from docker daemon (try up to 10 times)
# This interacts directly with the docker remote API, see:
# https://docs.docker.com/engine/reference/api/docker_remote_api_v1.18/
#
# The script will retry up to 10 times.
/usr/local/bin/download-and-compress \
http+unix://%2Fvar%2Frun%2Fdocker.sock/images/${IMAGE_NAME}:${HASH}/get \
- /home/worker/workspace/image.tar.zst.tmp \
- /home/worker/workspace/artifacts/image.tar.zst
+ /builds/worker/workspace/image.tar.zst.tmp \
+ /builds/worker/workspace/artifacts/image.tar.zst
--- a/taskcluster/docker/image_builder/setup.sh
+++ b/taskcluster/docker/image_builder/setup.sh
@@ -24,17 +24,17 @@ apt-get install -y python-pip
. /setup/install-mercurial.sh
# Install build-image.sh script
chmod +x /usr/local/bin/build-image.sh
chmod +x /usr/local/bin/run-task
chmod +x /usr/local/bin/download-and-compress
# Create workspace
-mkdir -p /home/worker/workspace
+mkdir -p /builds/worker/workspace
# Install python-zstandard.
cd /setup
tooltool_fetch <<EOF
[
{
"size": 463794,
"visibility": "public",
--- a/taskcluster/taskgraph/transforms/docker_image.py
+++ b/taskcluster/taskgraph/transforms/docker_image.py
@@ -95,37 +95,38 @@ def fill_template(config, tasks):
# this image..
'worker': {
'implementation': 'docker-worker',
'os': 'linux',
'docker-image': docker_image('image_builder'),
'caches': [{
'type': 'persistent',
'name': 'level-{}-imagebuilder-v1'.format(config.params['level']),
- 'mount-point': '/home/worker/checkouts',
+ 'mount-point': '/builds/worker/checkouts',
}],
'volumes': [
- # Keep in sync with Dockerfile.
- '/home/worker/checkouts',
- '/home/worker/workspace',
+ # Keep in sync with Dockerfile and TASKCLUSTER_VOLUMES
+ '/builds/worker/checkouts',
+ '/builds/worker/workspace',
],
'artifacts': [{
'type': 'file',
- 'path': '/home/worker/workspace/artifacts/image.tar.zst',
+ 'path': '/builds/worker/workspace/artifacts/image.tar.zst',
'name': 'public/image.tar.zst',
}],
'env': {
- 'HG_STORE_PATH': '/home/worker/checkouts/hg-store',
+ 'HG_STORE_PATH': '/builds/worker/checkouts/hg-store',
'HASH': context_hash,
'PROJECT': config.params['project'],
'IMAGE_NAME': image_name,
'DOCKER_IMAGE_ZSTD_LEVEL': zstd_level,
'GECKO_BASE_REPOSITORY': config.params['base_repository'],
'GECKO_HEAD_REPOSITORY': config.params['head_repository'],
'GECKO_HEAD_REV': config.params['head_rev'],
+ 'TASKCLUSTER_VOLUMES': '/builds/worker/checkouts;/builds/worker/workspace',
},
'chain-of-trust': True,
'docker-in-docker': True,
'taskcluster-proxy': True,
'max-run-time': 7200,
},
}
