diff options
-rwxr-xr-x | bin/chroot-run.sh | 96 | ||||
-rw-r--r-- | etc/sudoers.d/jenkins | 2 |
2 files changed, 97 insertions, 1 deletions
diff --git a/bin/chroot-run.sh b/bin/chroot-run.sh new file mode 100755 index 00000000..a0f0dd43 --- /dev/null +++ b/bin/chroot-run.sh @@ -0,0 +1,96 @@ +#!/bin/sh + +# Copyright 2012,2013 Holger Levsen <holger@layer-acht.org> +# Copyright 2013 Antonio Terceiro <terceiro@debian.org> +# released under the GPLv=2 + +# $1 = base distro +# $2 $3 ... = command to run inside a clean chroot running the distro in $1 + +set -e +export LC_ALL=C + +# Defaults for the jenkins.debian.net environment +if [ -z "$MIRROR" ]; then + export MIRROR=http://ftp.de.debian.org/debian +fi +if [ -z "$http_proxy" ]; then + export http_proxy="http://localhost:3128" +fi +if [ -z "$CHROOT_BASE" ]; then + export CHROOT_BASE=/chroots +fi + +if [ $# -lt 2 ]; then + echo "usage: $0 DISTRO CMD [ARG1 ARG2 ...]" + exit 1 +fi + +DISTRO="$1" +shift + +if [ ! -d "$CHROOT_BASE" ]; then + echo "Directory $CHROOT_BASE does not exist, aborting." + exit 1 +fi + +export CHROOT_TARGET=$(mktemp -d -p $CHROOT_BASE/ chroot-run-$DISTRO.XXXXXXXXX) +if [ -z "$CHROOT_TARGET" ]; then + echo "Could not create a directory to create the chroot in, aborting." + exit 1 +fi + +export CURDIR=$(pwd) + +export SCRIPT_HEADER="#!/bin/bash +set -x +set -e +export DEBIAN_FRONTEND=noninteractive +export LC_ALL=C +export http_proxy=$http_proxy" + +bootstrap() { + sudo debootstrap $DISTRO $CHROOT_TARGET $MIRROR + + cat > $CHROOT_TARGET/tmp/chroot-prepare <<-EOF +$SCRIPT_HEADER +mount /proc -t proc /proc +echo -e '#!/bin/sh\nexit 101' > /usr/sbin/policy-rc.d +chmod +x /usr/sbin/policy-rc.d +echo 'Acquire::http::Proxy "$http_proxy";' > /etc/apt/apt.conf.d/80proxy +echo "deb-src $MIRROR $DISTRO main" >> /etc/apt/sources.list +apt-get update +EOF + + chmod +x $CHROOT_TARGET/tmp/chroot-prepare + sudo chroot $CHROOT_TARGET /tmp/chroot-prepare +} + +cleanup() { + if [ -d $CHROOT_TARGET/proc ]; then + sudo umount -l $CHROOT_TARGET/proc || fuser -mv $CHROOT_TARGET/proc + fi + if [ -d $CHROOT_TARGET/testrun ]; then + sudo umount -l $CHROOT_TARGET/testrun || fuser -mv $CHROOT_TARGET/testrun + fi + if [ -d $CHROOT_TARGET ]; then + sudo rm -rf --one-file-system $CHROOT_TARGET || fuser -mv $CHROOT_TARGET + fi +} +trap cleanup INT TERM EXIT + +run() { + sudo chroot $CHROOT_TARGET mkdir /testrun + sudo mount --bind $CURDIR $CHROOT_TARGET/testrun + cat > $CHROOT_TARGET/tmp/chroot-testrun <<-EOF +$SCRIPT_HEADER +cd /testrun +$@ +EOF + chmod +x $CHROOT_TARGET/tmp/chroot-testrun + sudo chroot $CHROOT_TARGET /tmp/chroot-testrun +} + +bootstrap +run "$@" +cleanup diff --git a/etc/sudoers.d/jenkins b/etc/sudoers.d/jenkins index 2bd28425..1d11b1a7 100644 --- a/etc/sudoers.d/jenkins +++ b/etc/sudoers.d/jenkins @@ -1,4 +1,4 @@ -jenkins ALL= NOPASSWD: /usr/sbin/debootstrap *, /usr/sbin/chroot /chroots/*, /usr/sbin/chroot /media/*, /bin/ls -la /media/*, /bin/rm -rf --one-file-system /chroots/*, /bin/umount -l /chroots/*, /bin/umount -l /media/*, /bin/mount -o loop*, /usr/bin/du *, /bin/kill -9 *, /usr/bin/qemu-system-x86_64 *, /bin/mkdir -p /media/*, /usr/bin/guestmount *, /bin/cp -r /media/*, /bin/chown -R jenkins\:jenkins /var/lib/jenkins/jobs/*, SETENV: NOPASSWD: /usr/sbin/pbuilder * +jenkins ALL= NOPASSWD: /usr/sbin/debootstrap *, /usr/sbin/chroot /chroots/*, /usr/sbin/chroot /media/*, /bin/ls -la /media/*, /bin/rm -rf --one-file-system /chroots/*, /bin/umount -l /chroots/*, /bin/umount -l /media/*, /bin/mount -o loop*, /bin/mount --bind *, /usr/bin/du *, /bin/kill -9 *, /usr/bin/qemu-system-x86_64 *, /bin/mkdir -p /media/*, /usr/bin/guestmount *, /bin/cp -r /media/*, /bin/chown -R jenkins\:jenkins /var/lib/jenkins/jobs/*, SETENV: NOPASSWD: /usr/sbin/pbuilder * # keep these environment variables Defaults env_keep += "http_proxy", env_reset |