ci: remove the docker entrypoint Omitting an entrypoint.sh to configure the container and instead depending on docker primitives allows us to be more portable. (If a distribution uses a different mechanism for adding users, we need not have multiple entrypoint.sh files or invariants within it; instead we can configure that in the dockerfile itself along with all the other distribution specific components.)
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173
diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
index 2bc91e7..7d9c46e 100644
--- a/.github/workflows/main.yml
+++ b/.github/workflows/main.yml
@@ -11,7 +11,7 @@ on:
env:
docker-registry: docker.pkg.github.com
- docker-config-path: ci/docker
+ docker-config-path: source/ci/docker
jobs:
# Build the docker container images that we will use for our Linux
@@ -55,7 +55,7 @@ jobs:
if: matrix.container.qemu == true
- name: Download existing container
run: |
- "${{ github.workspace }}/ci/getcontainer.sh" "${{ matrix.container.name }}" "${{ matrix.container.dockerfile }}"
+ "${{ github.workspace }}/source/ci/getcontainer.sh" "${{ matrix.container.name }}" "${{ matrix.container.dockerfile }}"
env:
DOCKER_REGISTRY: ${{ env.docker-registry }}
GITHUB_TOKEN: ${{ secrets.github_token }}
@@ -206,9 +206,10 @@ jobs:
- name: Check out repository
uses: actions/checkout@v2
with:
+ path: source
fetch-depth: 0
- name: Set up build environment
- run: ci/setup-${{ matrix.platform.setup-script }}.sh
+ run: source/ci/setup-${{ matrix.platform.setup-script }}.sh
shell: bash
if: matrix.platform.setup-script != ''
- name: Setup QEMU
@@ -216,7 +217,7 @@ jobs:
if: matrix.platform.container.qemu == true
- name: Download container
run: |
- "${{ github.workspace }}/ci/getcontainer.sh" "${{ matrix.platform.container.name }}" "${{ matrix.platform.container.dockerfile }}"
+ "${{ github.workspace }}/source/ci/getcontainer.sh" "${{ matrix.platform.container.name }}" "${{ matrix.platform.container.dockerfile }}"
env:
DOCKER_REGISTRY: ${{ env.docker-registry }}
GITHUB_TOKEN: ${{ secrets.github_token }}
@@ -233,8 +234,9 @@ jobs:
if [ -n "${{ matrix.platform.container.name }}" ]; then
docker run \
--rm \
- -v "$(pwd):/home/libgit2/source" \
- -w /home/libgit2/source \
+ --user libgit2:libgit2 \
+ -v "$(pwd)/source:/home/libgit2/source" \
+ -w /home/libgit2 \
-e ASAN_SYMBOLIZER_PATH \
-e CC \
-e CFLAGS \
@@ -247,11 +249,11 @@ jobs:
-e TSAN_OPTIONS \
-e UBSAN_OPTIONS \
${{ env.docker-registry-container-sha }} \
- /bin/bash -c "mkdir build && cd build && ../ci/build.sh && ../ci/test.sh"
+ /bin/bash -c "mkdir build && cd build && ../source/ci/build.sh && ../source/ci/test.sh"
else
mkdir build && cd build
- ../ci/build.sh
- ../ci/test.sh
+ ../source/ci/build.sh
+ ../source/ci/test.sh
fi
shell: bash
diff --git a/.github/workflows/nightly.yml b/.github/workflows/nightly.yml
index b52b398..e44f0d4 100644
--- a/.github/workflows/nightly.yml
+++ b/.github/workflows/nightly.yml
@@ -215,6 +215,7 @@ jobs:
- name: Check out repository
uses: actions/checkout@v2
with:
+ path: source
fetch-depth: 0
- name: Set up build environment
run: ci/setup-${{ matrix.platform.setup-script }}.sh
@@ -242,8 +243,9 @@ jobs:
if [ -n "${{ matrix.platform.container.name }}" ]; then
docker run \
--rm \
- -v "$(pwd):/home/libgit2/source" \
- -w /home/libgit2/source \
+ --user libgit2:libgit2 \
+ -v "$(pwd)/source:/home/libgit2/source" \
+ -w /home/libgit2 \
-e ASAN_SYMBOLIZER_PATH \
-e CC \
-e CFLAGS \
@@ -255,11 +257,11 @@ jobs:
-e SKIP_SSH_TESTS \
-e TSAN_OPTIONS \
${{ env.docker-registry-container-sha }} \
- /bin/bash -c "mkdir build && cd build && ../ci/build.sh && ../ci/test.sh"
+ /bin/bash -c "mkdir build && cd build && ../source/ci/build.sh && ../source/ci/test.sh"
else
mkdir build && cd build
- ../ci/build.sh
- ../ci/test.sh
+ ../source/ci/build.sh
+ ../source/ci/test.sh
fi
shell: bash
diff --git a/ci/docker/bionic b/ci/docker/bionic
index 85bb6ec..fb6a34b 100644
--- a/ci/docker/bionic
+++ b/ci/docker/bionic
@@ -36,9 +36,8 @@ RUN cd /tmp && \
cd .. && \
rm -rf mbedtls-2.16.2
-FROM mbedtls AS configure
-COPY entrypoint.sh /usr/local/bin/entrypoint.sh
-RUN chmod a+x /usr/local/bin/entrypoint.sh
-RUN mkdir /var/run/sshd
+FROM mbedtls AS adduser
+RUN useradd --shell /bin/bash libgit2 --create-home
-ENTRYPOINT ["/usr/local/bin/entrypoint.sh"]
+FROM adduser AS configure
+RUN mkdir /var/run/sshd
diff --git a/ci/docker/entrypoint.sh b/ci/docker/entrypoint.sh
deleted file mode 100644
index 8d96e3a..0000000
--- a/ci/docker/entrypoint.sh
+++ /dev/null
@@ -1,4 +0,0 @@
-#!/bin/bash -e
-useradd --shell /bin/bash libgit2
-chown --recursive libgit2:libgit2 /home/libgit2
-exec sudo --preserve-env --set-home --user=libgit2 "$@"
diff --git a/ci/docker/focal b/ci/docker/focal
index ce97268..c0c57f6 100644
--- a/ci/docker/focal
+++ b/ci/docker/focal
@@ -72,9 +72,8 @@ RUN cd /tmp && \
cd .. && \
rm -rf valgrind-3.15.0
-FROM valgrind AS configure
-COPY entrypoint.sh /usr/local/bin/entrypoint.sh
-RUN chmod a+x /usr/local/bin/entrypoint.sh
-RUN mkdir /var/run/sshd
+FROM valgrind AS adduser
+RUN useradd --shell /bin/bash libgit2 --create-home
-ENTRYPOINT ["/usr/local/bin/entrypoint.sh"]
+FROM adduser AS configure
+RUN mkdir /var/run/sshd
diff --git a/ci/docker/xenial b/ci/docker/xenial
index 1c8e585..d2ba031 100644
--- a/ci/docker/xenial
+++ b/ci/docker/xenial
@@ -59,9 +59,8 @@ RUN cd /tmp && \
cd .. && \
rm -rf valgrind-3.15.0
-FROM valgrind AS configure
-COPY entrypoint.sh /usr/local/bin/entrypoint.sh
-RUN chmod a+x /usr/local/bin/entrypoint.sh
-RUN mkdir /var/run/sshd
+FROM valgrind AS adduser
+RUN useradd --shell /bin/bash libgit2 --create-home
-ENTRYPOINT ["/usr/local/bin/entrypoint.sh"]
+FROM adduser AS configure
+RUN mkdir /var/run/sshd