From 288d0da43c5912174e969eb2c92b0ab3eca65a67 Mon Sep 17 00:00:00 2001 From: "Henrique F. Simoes" Date: Thu, 14 Sep 2023 12:00:35 -0300 Subject: [PATCH] base: use a helper script for extracting tarballs. Trivial tarball extraction leads to file ownership to be kept, which can cause permission problems with rootless container engines. This could be overcome by changing subuid and subgid ranges or ignoring ownership from the container filesystem in the installed machine. However, this leads to a more difficult setup for the IOC machines. Instead, file ownership is ignored during extraction in the build phase. This requirement of customizing extraction for all downloaded archives justifies having a dedicated helper script for both downloading and extracting archives. For convenience, a list of URLs can be defined. Tarball archives are downloaded to a dedicated temporary directory to avoid filename conflicts, since they might have arbitrary names. The extraction can be made either in the current directory or at the filesystem root. The latter is useful to extract to specific directories without any intervention. It should be used, for instance, to install custom packages to the /usr/local tree. Noisy output from commands are replaced by short messages to make the build progress more clean. Exceptionally, `wget` output is logged to stdout only when it fails. --- base/Dockerfile | 2 ++ base/install_epics.sh | 4 +--- base/install_modules.sh | 8 ++------ base/lnls-get-n-unpack.sh | 24 ++++++++++++++++++++++++ 4 files changed, 29 insertions(+), 9 deletions(-) create mode 100755 base/lnls-get-n-unpack.sh diff --git a/base/Dockerfile b/base/Dockerfile index bab6aee..66740b9 100644 --- a/base/Dockerfile +++ b/base/Dockerfile @@ -19,6 +19,8 @@ RUN apt update -y && \ wget \ ca-certificates +COPY lnls-get-n-unpack.sh /usr/local/bin/lnls-get-n-unpack + ARG EPICS_BASE_VERSION ENV EPICS_BASE_PATH /opt/epics/base ENV EPICS_MODULES_PATH /opt/epics/modules diff --git a/base/install_epics.sh b/base/install_epics.sh index fc4a8a5..c9b1d2e 100755 --- a/base/install_epics.sh +++ b/base/install_epics.sh @@ -2,9 +2,7 @@ set -ex -wget https://epics-controls.org/download/base/base-${EPICS_BASE_VERSION}.tar.gz -tar -xf base-${EPICS_BASE_VERSION}.tar.gz -rm base-${EPICS_BASE_VERSION}.tar.gz +lnls-get-n-unpack -l https://epics-controls.org/download/base/base-${EPICS_BASE_VERSION}.tar.gz mv base-${EPICS_BASE_VERSION} ${EPICS_BASE_PATH} make -j ${JOBS} -C ${EPICS_BASE_PATH} install diff --git a/base/install_modules.sh b/base/install_modules.sh index c0d7657..76ef731 100755 --- a/base/install_modules.sh +++ b/base/install_modules.sh @@ -7,9 +7,7 @@ download_github_module() { module_name=$2 tag=$3 - wget https://github.com/$github_org/$module_name/archive/refs/tags/$tag.tar.gz - tar -xf $tag.tar.gz - rm $tag.tar.gz + lnls-get-n-unpack -l https://github.com/$github_org/$module_name/archive/refs/tags/$tag.tar.gz mv $module_name-$tag $module_name } @@ -45,9 +43,7 @@ install_github_module() { echo EPICS_BASE=${EPICS_BASE_PATH} > ${EPICS_MODULES_PATH}/../RELEASE # Build seq first since it doesn't depend on anything -wget "https://static.erico.dev/seq-$SEQUENCER_VERSION.tar.gz" -tar -xf seq-$SEQUENCER_VERSION.tar.gz -rm seq-$SEQUENCER_VERSION.tar.gz +lnls-get-n-unpack -l "https://static.erico.dev/seq-$SEQUENCER_VERSION.tar.gz" mv seq-$SEQUENCER_VERSION seq install_module seq SNCSEQ " EPICS_BASE = ${EPICS_BASE_PATH} diff --git a/base/lnls-get-n-unpack.sh b/base/lnls-get-n-unpack.sh new file mode 100755 index 0000000..0923d5e --- /dev/null +++ b/base/lnls-get-n-unpack.sh @@ -0,0 +1,24 @@ +#!/usr/bin/env bash +# +# Download and extract tarball archive from the network. + +set -eu + +case "$1" in + -r) dest=/ ;; + -l) dest=. ;; + *) >&2 echo "Invalid extraction mode: must be either root (-r) or local (-l)." + exit 1; + ;; +esac + +shift + +for url; do + download_dir=$(mktemp -d) + + echo Downloading "$url"... + wget -P $download_dir -o /tmp/wget.log "$url" || (cat /tmp/wget.log && false) + tar --no-same-owner -xf $download_dir/* -C $dest + rm -rf $download_dir /tmp/wget.log +done