[arvados] created: 2.7.0-6627-g38c29089e1
git repository hosting
git at public.arvados.org
Mon May 27 14:45:17 UTC 2024
at 38c29089e15d6b2924a4645e1a0a86677a1ac08f (commit)
commit 38c29089e15d6b2924a4645e1a0a86677a1ac08f
Author: Tom Clegg <tom at curii.com>
Date: Mon May 27 10:44:54 2024 -0400
20758: Use --mount instead of -v/--volume for docker bind mounts.
If the source path does not exist, -v/--volume assumes the source path
is the name of a volume and creates an empty one. We would rather get
a "source path does not exist" error.
Arvados-DCO-1.1-Signed-off-by: Tom Clegg <tom at curii.com>
diff --git a/build/package-build-dockerfiles/README b/build/package-build-dockerfiles/README
index 0dfab94c14..f4f411443c 100644
--- a/build/package-build-dockerfiles/README
+++ b/build/package-build-dockerfiles/README
@@ -10,4 +10,4 @@ DOCKER IMAGE BUILD
BUILD PACKAGES
==============
-`docker run -v /path/to/your/arvados-dev/jenkins:/jenkins -v /path/to/your/arvados:/arvados arvados/build:DISTRO`
+`docker run --mount type=bind,src=/path/to/your/arvados-dev/jenkins,dst=/jenkins --mount type=bind,src=/path/to/your/arvados,dst=/arvados arvados/build:DISTRO`
diff --git a/build/run-build-packages-one-target.sh b/build/run-build-packages-one-target.sh
index b1801dd307..f6c3cb9c62 100755
--- a/build/run-build-packages-one-target.sh
+++ b/build/run-build-packages-one-target.sh
@@ -263,11 +263,11 @@ package_fails=""
mkdir -p "$WORKSPACE/services/api/vendor/cache-$TARGET"
docker_volume_args=(
- -v "$JENKINS_DIR:/jenkins"
- -v "$WORKSPACE:/arvados"
+ --mount "type=bind,src=$JENKINS_DIR,dst=/jenkins"
+ --mount "type=bind,src=$WORKSPACE,dst=/arvados"
--tmpfs /arvados/services/api/.bundle:rw,noexec,nosuid,size=1m
--tmpfs /arvados/services/api/vendor:rw,exec,nosuid,size=1g
- -v "$WORKSPACE/services/api/vendor/cache-$TARGET:/arvados/services/api/vendor/cache"
+ --mount "type=bind,src=$WORKSPACE/services/api/vendor/cache-$TARGET,dst=/arvados/services/api/vendor/cache"
)
if [[ -n "$test_packages" ]]; then
@@ -335,7 +335,7 @@ else
if docker run \
--rm \
"${docker_volume_args[@]}" \
- -v $tmpfile:/root/.bundle/config \
+ --mount "type=bind,src=$tmpfile,dst=/root/.bundle/config" \
--env ARVADOS_BUILDING_VERSION="$ARVADOS_BUILDING_VERSION" \
--env ARVADOS_BUILDING_ITERATION="$ARVADOS_BUILDING_ITERATION" \
--env ARVADOS_DEBUG=$ARVADOS_DEBUG \
diff --git a/cmd/arvados-package/build.go b/cmd/arvados-package/build.go
index 2ce8a67432..3164c0b9d0 100644
--- a/cmd/arvados-package/build.go
+++ b/cmd/arvados-package/build.go
@@ -80,8 +80,8 @@ func build(ctx context.Context, opts opts, stdin io.Reader, stdout, stderr io.Wr
cmd := exec.CommandContext(ctx, "docker", "run",
"--name", buildCtrName,
"--tmpfs", "/tmp:exec,mode=01777",
- "-v", selfbin+":/arvados-package:ro",
- "-v", opts.SourceDir+":/arvados:ro",
+ "--mount", "type=bind,src="+selfbin+",dst=/arvados-package,readonly",
+ "--mount", "type=bind,src="+opts.SourceDir+",dst=/arvados,readonly",
opts.TargetOS,
"/arvados-package", "_install",
"-eatmydata",
@@ -110,9 +110,9 @@ func build(ctx context.Context, opts opts, stdin io.Reader, stdout, stderr io.Wr
cmd := exec.CommandContext(ctx, "docker", "run",
"--rm",
"--tmpfs", "/tmp:exec,mode=01777",
- "-v", tmpdir+":/pkg",
- "-v", selfbin+":/arvados-package:ro",
- "-v", opts.SourceDir+":/arvados:ro",
+ "--mount", "type=bind,src="+tmpdir+",dst=/pkg",
+ "--mount", "type=bind,src="+selfbin+",dst=/arvados-package,readonly",
+ "--mount", "type=bind,src="+opts.SourceDir+",dst=/arvados,readonly",
buildImageName,
"eatmydata", "/arvados-package", "_fpm",
"-source", "/arvados",
diff --git a/cmd/arvados-package/install.go b/cmd/arvados-package/install.go
index 38efae0461..b3b0b54198 100644
--- a/cmd/arvados-package/install.go
+++ b/cmd/arvados-package/install.go
@@ -45,7 +45,7 @@ func testinstall(ctx context.Context, opts opts, stdin io.Reader, stdout, stderr
cmd := exec.CommandContext(ctx, "docker", "run",
"--name", depsCtrName,
"--tmpfs", "/tmp:exec,mode=01777",
- "-v", absPackageDir+":/pkg:ro",
+ "--mount", "type=bind,src="+absPackageDir+",dst=/pkg,readonly",
"--env", "DEBIAN_FRONTEND=noninteractive",
opts.TargetOS,
"bash", "-c", `
@@ -87,7 +87,7 @@ rm /etc/apt/sources.list.d/arvados-local.list
}
cmd := exec.CommandContext(ctx, "docker", "run", "--rm",
"--tmpfs=/tmp:exec,mode=01777",
- "--volume="+absPackageDir+":/pkg:ro",
+ "--mount=type=bind,src="+absPackageDir+",dst=/pkg,readonly",
"--env=DEBIAN_FRONTEND=noninteractive")
if opts.Live != "" {
cmd.Args = append(cmd.Args,
@@ -98,7 +98,7 @@ rm /etc/apt/sources.list.d/arvados-local.list
"--publish=:4440-4460:4440-4460",
"--publish=:9000-9020:9000-9020",
"--add-host="+opts.Live+":0.0.0.0",
- "--volume=/var/lib/acme:/var/lib/acme:ro")
+ "--mount=type=bind,src=/var/lib/acme,dst=/var/lib/acme,readonly")
} else {
cmd.Args = append(cmd.Args,
"--env=domain=localhost",
diff --git a/lib/controller/localdb/login_ldap_docker_test.sh b/lib/controller/localdb/login_ldap_docker_test.sh
index c539e0e60b..d094634ad2 100755
--- a/lib/controller/localdb/login_ldap_docker_test.sh
+++ b/lib/controller/localdb/login_ldap_docker_test.sh
@@ -193,7 +193,7 @@ EOF
echo >&2 "Adding example user entry user=foo-bar pass=secret (retrying until server comes up)"
docker run --rm --entrypoint= \
- -v "${tmpdir}/add_example_user.ldif":/add_example_user.ldif:ro \
+ --mount type=bind,src="${tmpdir}/add_example_user.ldif",dst=/add_example_user.ldif,readonly \
osixia/openldap:1.3.0 \
bash -c "for f in \$(seq 1 5); do if ldapadd -H '${ldapurl}' -D 'cn=${adminuser},dc=example,dc=org' -w '${adminpassword}' -f /add_example_user.ldif; then exit 0; else sleep 2; fi; done; echo 'failed to add user entry'; exit 1"
@@ -204,10 +204,10 @@ ctrlctr=ctrl-${RANDOM}
echo >&2 "Starting arvados controller in docker container ${ctrlctr}"
docker run --detach --rm --name=${ctrlctr} \
-p 9999 \
- -v "${tmpdir}/pam_ldap.conf":/etc/pam_ldap.conf:ro \
- -v "${tmpdir}/arvados-server":/bin/arvados-server:ro \
- -v "${tmpdir}/zzzzz.yml":/etc/arvados/config.yml:ro \
- -v $(realpath "${PWD}/../../.."):/arvados:ro \
+ --mount type=bind,src="${tmpdir}/pam_ldap.conf",dst=/etc/pam_ldap.conf,readonly \
+ --mount type=bind,src="${tmpdir}/arvados-server",dst=/bin/arvados-server,readonly \
+ --mount type=bind,src="${tmpdir}/zzzzz.yml",dst=/etc/arvados/config.yml,readonly \
+ --mount type=bind,src="$(realpath "${PWD}/../../..")",dst=/arvados,readonly \
debian:11 \
bash -c "${setup_pam_ldap:-true} && arvados-server controller"
docker logs --follow ${ctrlctr} 2>$debug >$debug &
diff --git a/lib/install/deps_test.go b/lib/install/deps_test.go
index b9274b425c..9ab030f05a 100644
--- a/lib/install/deps_test.go
+++ b/lib/install/deps_test.go
@@ -25,13 +25,13 @@ tmp="` + tmp + `"
sourcepath="$(realpath ../..)"
(cd ${sourcepath} && go build -o ${tmp} ./cmd/arvados-server)
docker run -i --rm --workdir /arvados \
- -v ${tmp}/arvados-server:/arvados-server:ro \
- -v ${sourcepath}:/arvados:ro \
- -v /arvados/services/api/.bundle \
- -v /arvados/services/api/tmp \
+ --mount type=bind,src="${tmp}/arvados-server",dst=/arvados-server,readonly \
+ --mount type=bind,src="${sourcepath}",dst=/arvados,readonly \
+ --mount type=tmpfs,dst=/arvados/services/api/.bundle \
+ --mount type=tmpfs,dst=/arvados/services/api/tmp \
--env http_proxy \
--env https_proxy \
- debian:11 \
+ debian:bookworm \
bash -c "/arvados-server install -type test &&
git config --global --add safe.directory /arvados &&
/arvados-server boot -type test -config doc/examples/config/zzzzz.yml -own-temporary-database -shutdown -timeout 9m"
diff --git a/lib/pam/docker_test.go b/lib/pam/docker_test.go
index 9fafc2f217..6ce596df2d 100644
--- a/lib/pam/docker_test.go
+++ b/lib/pam/docker_test.go
@@ -111,9 +111,9 @@ func (s *DockerSuite) runTestClient(c *check.C, args ...string) (stdout, stderr
"run", "--rm",
"--hostname", "testvm2.shell",
"--add-host", "zzzzz.arvadosapi.com:" + s.hostip,
- "-v", s.tmpdir + "/pam_arvados.so:/usr/lib/pam_arvados.so:ro",
- "-v", s.tmpdir + "/conffile:/usr/share/pam-configs/arvados:ro",
- "-v", s.tmpdir + "/testclient:/testclient:ro",
+ "--mount", "type=bind,src=" + s.tmpdir + "/pam_arvados.so,dst=/usr/lib/pam_arvados.so,readonly",
+ "--mount", "type=bind,src=" + s.tmpdir + "/conffile,dst=/usr/share/pam-configs/arvados,readonly",
+ "--mount", "type=bind,src=" + s.tmpdir + "/testclient,dst=/testclient,readonly",
"debian:bookworm",
"/testclient"}, args...)...)
stdout = &bytes.Buffer{}
diff --git a/services/workbench2/Makefile b/services/workbench2/Makefile
index 72235b96f7..3bc293e356 100644
--- a/services/workbench2/Makefile
+++ b/services/workbench2/Makefile
@@ -101,8 +101,8 @@ integration-tests-in-docker: workbench2-build-image check-arvados-directory
docker run $(TI) --rm \
--env ARVADOS_DIRECTORY=/usr/src/arvados \
--env GIT_DISCOVERY_ACROSS_FILESYSTEM=1 \
- -v $(WORKSPACE):/usr/src/arvados/services/workbench2 \
- -v $(ARVADOS_DIRECTORY):/usr/src/arvados \
+ --mount type=bind,src=$(WORKSPACE),dst=/usr/src/arvados/services/workbench2 \
+ --mount type=bind,src=$(ARVADOS_DIRECTORY),dst=/usr/src/arvados \
-w /usr/src/arvados/services/workbench2 \
workbench2-build \
make arvados-server-install integration-tests SPECFILE=$(SPECFILE)
@@ -111,8 +111,8 @@ unit-tests-in-docker: workbench2-build-image check-arvados-directory
docker run $(TI) --rm \
--env ARVADOS_DIRECTORY=/usr/src/arvados \
--env GIT_DISCOVERY_ACROSS_FILESYSTEM=1 \
- -v $(WORKSPACE):/usr/src/arvados/services/workbench2 \
- -v $(ARVADOS_DIRECTORY):/usr/src/arvados \
+ --mount type=bind,src=$(WORKSPACE),dst=/usr/src/arvados/services/workbench2 \
+ --mount type=bind,src=$(ARVADOS_DIRECTORY),dst=/usr/src/arvados \
-w /usr/src/arvados/services/workbench2 \
workbench2-build \
make arvados-server-install unit-tests
@@ -122,8 +122,8 @@ tests-in-docker: workbench2-build-image check-arvados-directory
--env ARVADOS_DIRECTORY=/usr/src/arvados \
--env GIT_DISCOVERY_ACROSS_FILESYSTEM=1 \
--env ci="${ci}" \
- -v $(WORKSPACE):/usr/src/arvados/services/workbench2 \
- -v$(ARVADOS_DIRECTORY):/usr/src/arvados \
+ --mount type=bind,src=$(WORKSPACE),dst=/usr/src/arvados/services/workbench2 \
+ --mount type=bind,src=$(ARVADOS_DIRECTORY),dst=/usr/src/arvados \
-w /usr/src/arvados/services/workbench2 \
workbench2-build \
make test
@@ -194,8 +194,8 @@ packages-in-docker: check-arvados-directory workbench2-build-image
--env DESCRIPTION="${DESCRIPTION}" \
--env GIT_DISCOVERY_ACROSS_FILESYSTEM=1 \
-w "/tmp/workbench2" \
- -v ${WORKSPACE}:/tmp/workbench2 \
- -v ${ARVADOS_DIRECTORY}:/tmp/arvados \
+ --mount type=bind,src=${WORKSPACE},dst=/tmp/workbench2 \
+ --mount type=bind,src=${ARVADOS_DIRECTORY},dst=/tmp/arvados \
workbench2-build:latest \
sh -c 'git config --global --add safe.directory /tmp/workbench2 && make packages'
diff --git a/tools/arvbox/bin/arvbox b/tools/arvbox/bin/arvbox
index 13583ba288..9bae5cda7b 100755
--- a/tools/arvbox/bin/arvbox
+++ b/tools/arvbox/bin/arvbox
@@ -125,15 +125,15 @@ wait_for_arvbox() {
docker_run_dev() {
docker run \
- "--volume=$ARVADOS_ROOT:/usr/src/arvados:rw" \
- "--volume=$PG_DATA:/var/lib/postgresql:rw" \
- "--volume=$VAR_DATA:$ARVADOS_CONTAINER_PATH:rw" \
- "--volume=$PASSENGER:/var/lib/passenger:rw" \
- "--volume=$GEMS:/var/lib/arvados-arvbox/.gem:rw" \
- "--volume=$PIPCACHE:/var/lib/pip:rw" \
- "--volume=$NPMCACHE:/var/lib/npm:rw" \
- "--volume=$GOSTUFF:/var/lib/gopath:rw" \
- "--volume=$RLIBS:/var/lib/Rlibs:rw" \
+ "--mount=type=bind,src=$ARVADOS_ROOT,dst=/usr/src/arvados" \
+ "--mount=type=bind,src=$PG_DATA,dst=/var/lib/postgresql" \
+ "--mount=type=bind,src=$VAR_DATA,dst=$ARVADOS_CONTAINER_PATH" \
+ "--mount=type=bind,src=$PASSENGER,dst=/var/lib/passenger" \
+ "--mount=type=bind,src=$GEMS,dst=/var/lib/arvados-arvbox/.gem" \
+ "--mount=type=bind,src=$PIPCACHE,dst=/var/lib/pip" \
+ "--mount=type=bind,src=$NPMCACHE,dst=/var/lib/npm" \
+ "--mount=type=bind,src=$GOSTUFF,dst=/var/lib/gopath" \
+ "--mount=type=bind,src=$RLIBS,dst=/var/lib/Rlibs" \
--label "org.arvados.arvbox_config=$CONFIG" \
"$@"
}
@@ -198,7 +198,7 @@ run() {
iptemp=$(mktemp)
echo $localip > $iptemp
chmod og+r $iptemp
- PUBLIC="--volume=$iptemp:/var/run/localip_override
+ PUBLIC="--mount=type=bind,src=$iptemp,dst=/var/run/localip_override
--publish=443:443
--publish=3001:3001
--publish=8000:8000
@@ -283,11 +283,11 @@ run() {
if [[ $need_setup = 1 ]] ; then
docker_run_dev \
--detach \
- --name=${ARVBOX_CONTAINER} \
- "--env=SVDIR=/etc/devenv-service" \
- "--volume=$HOME:$HOME:rw" \
- --volume=/tmp/.X11-unix:/tmp/.X11-unix:rw \
- arvados/arvbox-dev$TAG
+ --name="${ARVBOX_CONTAINER}" \
+ --env=SVDIR=/etc/devenv-service \
+ --mount=type=bind,src="$HOME",dst="$HOME" \
+ --mount=type=bind,src=/tmp/.X11-unix,dst=/tmp/.X11-unix \
+ arvados/arvbox-dev$TAG
fi
exec docker exec --interactive --tty \
-e LINES=$(tput lines) \
-----------------------------------------------------------------------
hooks/post-receive
--
More information about the arvados-commits
mailing list