summaryrefslogtreecommitdiffstats
path: root/crates/runner/src/task.rs
diff options
context:
space:
mode:
Diffstat (limited to 'crates/runner/src/task.rs')
-rw-r--r--crates/runner/src/task.rs46
1 files changed, 27 insertions, 19 deletions
diff --git a/crates/runner/src/task.rs b/crates/runner/src/task.rs
index c43fc2f..8981d13 100644
--- a/crates/runner/src/task.rs
+++ b/crates/runner/src/task.rs
@@ -51,6 +51,7 @@ fn input_hash(task: &Task) -> InputHash {
struct HashInput<'a> {
pub command: &'a str,
pub workdir: &'a str,
+ pub rootfs: &'a ArchiveHash,
pub inherit: &'a [LayerHash],
pub depends: HashMap<DependencyHash, &'a Dependency>,
pub outputs: &'a HashMap<String, String>,
@@ -58,6 +59,7 @@ fn input_hash(task: &Task) -> InputHash {
let input = HashInput {
command: &task.command,
workdir: &task.workdir,
+ rootfs: &task.rootfs,
inherit: &task.inherit,
depends: task
.depends
@@ -180,22 +182,27 @@ fn check_conflicts(
Ok(())
}
-fn init_task_rootfs(input_hash: &InputHash, depends: &DependMap) -> Result<Stack<fs::Mount>> {
+fn init_task_rootfs(input_hash: &InputHash, task: &Task) -> Result<Stack<fs::Mount>> {
let task_tmp_dir = paths::task_tmp_dir(input_hash);
let mount_target = paths::join(&[&task_tmp_dir, paths::TASK_TMP_ROOTFS_SUBDIR]);
+ let rootfs = paths::depend_dir(&task.rootfs);
+
+ let depends = unpack_dependencies(input_hash, task).context("Failed to unpack dependencies")?;
let mut mounts = Stack::new();
mounts.push(
- fs::mount(
- paths::ROOTFS_DIR,
- &mount_target,
- None,
- MsFlags::MS_BIND,
- None,
- )
- .with_context(|| format!("Failed to bind mount rootfs to {:?}", mount_target))?,
+ fs::mount(rootfs, &mount_target, None, MsFlags::MS_BIND, None)
+ .with_context(|| format!("Failed to bind mount rootfs to {:?}", mount_target))?,
);
+ mount::mount::<str, str, str, str>(
+ None,
+ &mount_target,
+ None,
+ MsFlags::MS_REMOUNT | MsFlags::MS_BIND | MsFlags::MS_RDONLY,
+ None,
+ )
+ .context("Failed to mount container rootfs read-only")?;
let (mut dirs, mut files) = get_contents(&mount_target, "")?;
@@ -209,11 +216,11 @@ fn init_task_rootfs(input_hash: &InputHash, depends: &DependMap) -> Result<Stack
)));
}
- let dep_target = mount_target.clone() + path;
+ let dep_target = mount_target.clone() + &path;
let dep_paths: Box<[_]> = dep_hashes.iter().map(paths::depend_dir).collect();
for dep in dep_paths.iter() {
- let (dep_dirs, dep_files) = get_contents(dep, path)?;
+ let (dep_dirs, dep_files) = get_contents(dep, &path)?;
check_conflicts(&dirs, &files, &dep_dirs, &dep_files)?;
dirs.extend(dep_dirs);
files.extend(dep_files);
@@ -306,6 +313,8 @@ fn unpack_dependency(task: &Task, hash: &ArchiveHash) -> Result<()> {
fn unpack_dependencies(input_hash: &InputHash, task: &Task) -> Result<DependMap> {
let task_tmp_dir = paths::task_tmp_dir(input_hash);
+ unpack_dependency(task, &task.rootfs)?;
+
let mut ret = DependMap::new();
for dep in &task.depends {
@@ -330,7 +339,7 @@ fn unpack_dependencies(input_hash: &InputHash, task: &Task) -> Result<DependMap>
Ok(ret)
}
-fn collect_output(input_hash: &InputHash, path: &str) -> Result<Option<ArchiveHash>> {
+fn collect_output(input_hash: &InputHash, task: &Task, path: &str) -> Result<Option<ArchiveHash>> {
let source = paths::join(&[&paths::task_tmp_dir(input_hash), path]);
if !Path::new(&source).is_dir() {
return Ok(None);
@@ -344,7 +353,7 @@ fn collect_output(input_hash: &InputHash, path: &str) -> Result<Option<ArchiveHa
let writer = TeeWriter::new(file, hasher);
let mut buffered_writer = BufWriter::with_capacity(16 * 1024 * 1024, writer);
- super::tar::pack(&mut buffered_writer, &source)?;
+ super::tar::pack(&task.rootfs, &mut buffered_writer, &source)?;
let writer = buffered_writer.into_inner()?;
let (file, hasher) = writer.into_inner();
@@ -364,7 +373,7 @@ fn collect_outputs(input_hash: &InputHash, task: &Task) -> Result<HashMap<String
let mut ret = HashMap::new();
for (name, path) in &task.outputs {
- if let Some(hash) = collect_output(input_hash, path)? {
+ if let Some(hash) = collect_output(input_hash, task, path)? {
ret.insert(name.clone(), hash);
}
}
@@ -374,9 +383,8 @@ fn collect_outputs(input_hash: &InputHash, task: &Task) -> Result<HashMap<String
fn run_task(input_hash: &InputHash, task: &Task, jobserver: &mut Jobserver) -> Result<()> {
let _workdir_mount = init_task(input_hash, task).context("Failed to initialize task")?;
- let depends = unpack_dependencies(input_hash, task).context("Failed to unpack dependencies")?;
let _rootfs_mounts =
- init_task_rootfs(input_hash, &depends).context("Failed to initialize task rootfs")?;
+ init_task_rootfs(input_hash, task).context("Failed to initialize task rootfs")?;
let task_tmp_dir = paths::task_tmp_dir(input_hash);
let rootfs = paths::join(&[&task_tmp_dir, paths::TASK_TMP_ROOTFS_SUBDIR]);
@@ -475,7 +483,7 @@ fn run_task(input_hash: &InputHash, task: &Task, jobserver: &mut Jobserver) -> R
Ok(())
}
-fn hash_layer(input_hash: &InputHash) -> Result<Option<LayerHash>> {
+fn hash_layer(input_hash: &InputHash, task: &Task) -> Result<Option<LayerHash>> {
let task_state_dir = paths::task_state_dir(input_hash);
let task_layer_dir = paths::join(&[&task_state_dir, paths::TASK_STATE_LAYER_SUBDIR]);
@@ -487,7 +495,7 @@ fn hash_layer(input_hash: &InputHash) -> Result<Option<LayerHash>> {
let hasher = LayerHasher::new();
let mut buffered_writer = BufWriter::with_capacity(16 * 1024 * 1024, hasher);
- tar::pack(&mut buffered_writer, &task_layer_dir)?;
+ tar::pack(&task.rootfs, &mut buffered_writer, &task_layer_dir)?;
let hasher = buffered_writer.into_inner()?;
Ok(Some(LayerHash(StringHash(hasher.finalize().into()))))
@@ -529,7 +537,7 @@ fn run_and_hash_task(
let outputs = collect_outputs(input_hash, task)?;
- let layer = hash_layer(input_hash)?;
+ let layer = hash_layer(input_hash, task)?;
move_layer(input_hash, &layer)?;
Ok(TaskOutput {
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-07 21:20:06 +0200