sigs.k8s.io/prow@v0.0.0-20240503223140-c5e374dc7eb1/hack/run-in-node-container.sh (about)

     1  #!/usr/bin/env bash
     2  # Copyright 2021 The Kubernetes Authors.
     3  #
     4  # Licensed under the Apache License, Version 2.0 (the "License");
     5  # you may not use this file except in compliance with the License.
     6  # You may obtain a copy of the License at
     7  #
     8  #     http://www.apache.org/licenses/LICENSE-2.0
     9  #
    10  # Unless required by applicable law or agreed to in writing, software
    11  # distributed under the License is distributed on an "AS IS" BASIS,
    12  # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    13  # See the License for the specific language governing permissions and
    14  # limitations under the License.
    15  
    16  # This script runs $@ in a node container
    17  
    18  set -o errexit
    19  set -o nounset
    20  set -o pipefail
    21  
    22  REPO_ROOT="$(cd "$(dirname "${BASH_SOURCE[0]}")/.." && pwd -P)"
    23  cd "${REPO_ROOT}"
    24  
    25  NODE_IMAGE='node:18-bullseye-slim'
    26  
    27  DOCKER=(docker)
    28  
    29  if [[ -n "${NO_DOCKER:-}" ]]; then
    30    DOCKER=(echo docker)
    31  elif ! (command -v docker >/dev/null); then
    32    echo "WARNING: docker not installed; please install docker or try setting NO_DOCKER=true" >&2
    33    exit 1
    34  fi
    35  
    36  # We are running as the current host user/group so the files produced are
    37  # owned appropriately on the host.
    38  # With rootless mode, this happens without the need for a --user option.
    39  # https://www.redhat.com/sysadmin/user-flag-rootless-containers
    40  # Docker includes the "rootless" keyword in its "system info" output,
    41  # whereas podman includes "rootless: (true|false)".
    42  DOCKER_USER=""
    43  if ! "${DOCKER[@]}" system info | grep -q "rootless\(: true\)\?$"; then
    44      DOCKER_USER="--user $(id -u):$(id -g)"
    45  fi
    46  
    47  # NOTE: yarn tries to read configs under $HOME and fails if it can't,
    48  # we don't need these configs but we need it to not fail.
    49  # We set HOME to somewhere read/write-able by any user, since our uid will not
    50  # exist in /etc/passwd in the node image and yarn will try to read from / and
    51  # fail instead if we don't.
    52  "${DOCKER[@]}" run \
    53      --rm -i \
    54      ${DOCKER_USER} \
    55      -e HOME=/tmp \
    56      -v "${REPO_ROOT:?}:${REPO_ROOT:?}" -w "${REPO_ROOT}" \
    57      --security-opt="label=disable" \
    58      "${NODE_IMAGE}" \
    59      "$@"
    60  if [[ -n "${NO_DOCKER:-}" ]]; then
    61    (
    62      set -o xtrace
    63      "$@"
    64    )
    65  fi