Benoit/esh
Archived
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
This repository has been archived on 2025-02-14. You can view files and clone it, but cannot push or open issues or pull requests.
esh/esh_undocker/resources/extract.rb
Benoit 65be894048 Archive abandoned project
2025-02-15 01:05:58 +09:00

113 lines
3.4 KiB
Ruby
Raw Permalink Blame History

#
# Cookbook:: esh_undocker
# Resource:: extract
#
# Copyright:: 2022, https://easyself.host
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
unified_mode true
property :image, String, name_property: true
#property :tag, String, required: true
#property :network, String, required: true
#property :env, Array, required: true
default_action :extract
action :extract do
image = new_resource.image
parts = image.split(':')
tag = parts.pop
url, image = parts.join(':').split('/', 2)
#tag = new_resource.tag
#network = new_resource.network
#env = new_resource.env
path = '/opt/undocker'
directory path do
owner 'root'
group 'root'
mode '0755'
action :create
end
apt_package %w(umoci jq)
current_digest = `jq -r '.from_descriptor_path.descriptor_walk[].digest' < #{path}/#{image}/umoci.json`.strip
latest_digest = `skopeo inspect oci:#{Chef::Config['file_cache_path']}/#{image}-#{tag}:#{tag} | jq -r .Digest`.strip
directory "#{path}/#{image}" do
recursive true
action :delete
only_if { current_digest != latest_digest }
end
execute "undockerize #{image} (convert to OCI runtime bundle)" do
command <<~EOT
umoci unpack \
--image #{Chef::Config['file_cache_path']}/#{image}-#{tag}:#{tag} \
#{path}/#{image}
done
EOT
# Weird, umoci return 2 not 0...
returns 2
not_if { current_digest == latest_digest }
end
directory "#{path}/#{image}" do
owner 'root'
group 'root'
mode '0755'
action :create
end
# bash "patch #{path}/#{image}/config.json rootfs path" do
# code <<~EOT
# cat <<< $(jq '.root.path = "#{path}/#{image}/rootfs"' #{path}/#{image}/config.json) > #{path}/#{image}/config.json
# EOT
# action :run
# not_if do
# `jq '.root.path == "#{path}/#{image}/rootfs"' #{path}/#{image}/config.json`.strip == 'true'
# end
# end
#
# bash "patch #{path}/#{image}/config.json network namespace" do
# code <<~EOT
# cat <<< $(jq 'del(.linux.namespaces[] | select(.type == "network"))' #{path}/#{image}/config.json) > #{path}/#{image}/config.json
# EOT
# action :run
# only_if do
# `jq -r '.linux.namespaces[] | select(.type == "network") | .type' #{path}/#{image}/config.json`.strip == 'network'
# end
# only_if { network == 'host' }
# end
#
# file "/usr/local/bin/patch_process_env_#{image}.sh" do
# content <<~EOT
# #!/usr/bin/bash
# set -euo pipefail
# cat <<< $(jq '.process.env += #{env}' #{path}/#{image}/config.json) > #{path}/#{image}/config.json
# EOT
# owner 'root'
# group 'root'
# mode '0755'
# action :create
# notifies :run, "execute[patch #{path}/#{image}/config.json process env]", :immediately
# end
#
# execute "patch #{path}/#{image}/config.json process env" do
# command "/usr/local/bin/patch_process_env_#{image}.sh"
# action :nothing
# # TODO: Add a guard, complicated to find if env vars are missing
# end
end
Reference in a new issue View git blame Copy permalink