diff options
author | Boris Kolpackov <boris@codesynthesis.com> | 2017-04-18 15:55:39 +0200 |
---|---|---|
committer | Boris Kolpackov <boris@codesynthesis.com> | 2017-04-18 15:55:39 +0200 |
commit | fa910a11d351a496a7db8da65b33625cf790c928 (patch) | |
tree | 469235ee3c24b8b6fd852f499d1a19210bd10f8c | |
parent | 6e306c77d3bd945dd48fd9746ac1b07610e85f36 (diff) |
Add controller_url, controller_trust parameters
-rwxr-xr-x | buildos | 88 | ||||
-rw-r--r-- | doc/manual.cli | 14 |
2 files changed, 88 insertions, 14 deletions
@@ -65,15 +65,30 @@ for v in "${cmdline[@]}"; do val="$(sed -re 's/^[^=]+=(.*)$/\1/' <<<"$v")" # Extract value. val="$(sed -re "s/^('(.*)'|\"(.*)\")$/\2\3/" <<<"$val")" # Strip quoted. - # If the variable contains a dot, then it is a toolchain variable. + # Recognize some variables as arrays. + # + a= + + # If the variable contains a dot, then it is a toolchain name-specific + # variable. # if [[ "$var" == *.* ]]; then tn="$(sed -re 's/^[^.]+\.(.+)$/\1/' <<<"$var")" - var="${tn}_$(sed -re 's/^([^.]+)\..+$/\1/' <<<"$var")" + var="$(sed -re 's/^([^.]+)\..+$/\1/' <<<"$var")" + + if [ "$var" = "controller_url" -o "$var" = "controller_trust" ]; then + a=true + fi + + var="${tn}_$var" toolchains["$tn"]="${tn}_" fi - declare "$var=$val" + if [ -n "$a" ]; then + declare -a "$var+=('$val')" + else + declare "$var=$val" + fi fi done @@ -103,6 +118,10 @@ function restart () sudo systemctl reboot } +if [ -z "$buildid_url" ]; then + info "no buildos.buildid_url specified, not monitoring for new os builds" +fi + # Process toolchains. # @@ -143,8 +162,19 @@ for tn in "${!toolchains[@]}"; do if [ -z "$(toolchain_value "$tp" toolchain_trust)" ]; then declare "${tp}toolchain_trust=no" fi + + # Warn if we have no controller URLs for this toolchain. + # + n="${tp}controller_url[0]" + if [ -z "${!n}" ]; then + info "no buildos.controller_url.$tn specified, not starting bbot agent" + fi done +if [ "${#toolchain_names[@]}" -eq 0 ]; then + info "no buildos.toolchain_url specified, not bootstrapping" +fi + # Divide CPUs and RAM (in kB) among the toolchains. # # Reserve 4G of RAM for ourselves (rootfs, tmpfs). @@ -179,27 +209,31 @@ function print () echo "buildid_url: $buildid_url" echo + local n i tn tp tu tt for tn in "${toolchain_names[@]}"; do tp="${toolchains["$tn"]}" tu="$(toolchain_value "$tp" toolchain_url)" tt="$(toolchain_value "$tp" toolchain_trust)" - echo "$tn.toolchain_url: $tu" - echo "$tn.toolchain_trust: $tt" + echo "$tn.toolchain_url: $tu" + echo "$tn.toolchain_trust: $tt" + + n="${tp}controller_url[@]" + for i in "${!n}"; do + echo "$tn.controller_url: $i" + done + + n="${tp}controller_trust[@]" + for i in "${!n}"; do + echo "$tn.controller_trust: $i" + done + echo done } print | email "starting build os monitor" -if [ -z "$buildid_url" ]; then - info "no buildos.buildid_url specified, not monitoring for new os builds" -fi - -if [ "${#toolchain_names[@]}" -eq 0 ]; then - info "no buildos.toolchain_url specified, not bootstrapping" -fi - # Machines cleanup (/build/machines/). # diag=() @@ -639,7 +673,7 @@ function bbot_start () # <toolchain-name> <toolchain-index> local r=1 - local b_word + local i n b_word while true; do # The "breakout loop". b_word="$(bpkg status bbot | cut -d ' ' -f 1)" @@ -684,6 +718,24 @@ function bbot_start () # <toolchain-name> <toolchain-index> -e "s/^(Environment=TOOLCHAIN_NUM)=.*/\1=$ti/" \ "$id/lib/systemd/system/bbot-agent@.service" + # Patch in the controller URLs. + # + n="${tp}controller_url[@]" + for i in "${!n}"; do + sed -i -r \ + -e "s#^(Environment=\"CONTROLLER_URL=[^\"]*)\"\$#\1 $i\"#" \ + "$id/lib/systemd/system/bbot-agent@.service" + done + + # Patch in the controller trust fingerprints. + # + n="${tp}controller_trust[@]" + for i in "${!n}"; do + sed -i -r \ + -e "s#^(Environment=\"CONTROLLER_TRUST=[^\"]*)\"\$#\1 --trust $i\"#" \ + "$id/lib/systemd/system/bbot-agent@.service" + done + sudo ln -sf "$id/lib/systemd/system/bbot-agent@.service" \ "/usr/lib/systemd/system/bbot-agent@$tn.service" @@ -830,6 +882,14 @@ EOF continue fi + # Or those that have no controllers (maybe it would have been better + # to build it but not start). + # + n="${tp}controller_url[0]" + if [ -z "${!n}" ]; then + continue + fi + s= bbot_check "$tn" 2>&1 | tee "$tr/bbot-$count.log" 1>&2 diff --git a/doc/manual.cli b/doc/manual.cli index 2d275aa..3abd639 100644 --- a/doc/manual.cli +++ b/doc/manual.cli @@ -356,6 +356,20 @@ While the monitor itself only needs the \c{build2-toolchain} package, build machine toolchain bootstrap may require additional packages (which will be accessed via TFTP using predictable names). +\h#config-controllers|Controllers| + +For each toolchain the \c{bbot} agent polls one or more controllers for build +tasks to perform. The controller URLs are configured with the +the \c{buildos.controller_url[.<name>]} kernel command line parameter (where +\c{<name>} is optional toolchain name). To specify multiple controllers, +repeat this parameter. + +Additionally, we can use the \c{buildos.controller_trust[.<name>]} kernel +command line parameter to specify SHA256 repository certificate fingerprints +to trust (see the \c{trust} build task manifest value for details). To specify +multiple fingerprints, repeat this parameter. + + \h1#machines|Build Machines| At the top level, a machine storage volume (see \l{#config-storage-machines |