compose: Support 'postprocess-script'

This is obviously a total cop-out. However, without glibc fixes, we can't do better. See: https://bugzilla.redhat.com/show_bug.cgi?id=156477
2014-11-14 11:53:21 -05:00 · 2014-11-14 11:53:21 -05:00 · 51fbd8c920
commit 51fbd8c920
parent 6f959fd20f
4 changed files with 55 additions and 1 deletions
--- a/doc/treefile.md
+++ b/doc/treefile.md
@ -52,6 +52,26 @@ Treefile

   Note this does not alter the RPM database, so `rpm -V` will complain.

+ * `postprocess-script`: String, optional: Full filesystem path to a script
+   that will be executed in the context of the target tree.  The script
+   will be copied into the target into `/tmp`, and run as a container
+   (a restricted chroot, with no network access).  After execution is
+   complete, it will be deleted.
+
+   It is *strongly recommended* to avoid using this except as a last resort.
+   Having the system generated through RPMs allows administrators to understand
+   the inputs to the system.  Any new files created through this mechanism will
+   not have the versioning inherent in RPM.
+
+   Only the script file will be copied in; thus if it has any dependencies,
+   on data beyond what is in the target tree, you must embed them in the binary
+   itself.
+
+   An example use for this is working around bugs in the input RPMs that are
+   hard to fix in stable releases.
+
+   Note this does not alter the RPM database, so `rpm -V` will complain.
+
 * `include`: string, optional: Path to another treefile which will be
   used as an inheritance base.  The semantics for inheritance are:
   Non-array values in child values override parent values.  Array
--- a/src/rpmostree-compose-builtin-tree.c
+++ b/src/rpmostree-compose-builtin-tree.c
@ -1038,7 +1038,8 @@ rpmostree_compose_builtin_tree (int             argc,
  if (g_strcmp0 (g_getenv ("RPM_OSTREE_BREAK"), "post-yum") == 0)
    goto out;

-  if (!rpmostree_treefile_postprocessing (yumroot, self->serialized_treefile, treefile,
+  if (!rpmostree_treefile_postprocessing (yumroot, self->treefile_context_dirs->pdata[0],
+                                          self->serialized_treefile, treefile,
                                          cancellable, error))
    goto out;

--- a/src/rpmostree-postprocess.c
+++ b/src/rpmostree-postprocess.c
@ -1061,6 +1061,7 @@ handle_remove_files_from_package (GFile         *yumroot,

 gboolean
 rpmostree_treefile_postprocessing (GFile         *yumroot,
+                                   GFile         *context_directory,
                                   GBytes        *serialized_treefile,
                                   JsonObject    *treefile,
                                   GCancellable  *cancellable,
@ -1071,6 +1072,7 @@ rpmostree_treefile_postprocessing (GFile         *yumroot,
  JsonArray *units = NULL;
  JsonArray *remove = NULL;
  const char *default_target = NULL;
+  const char *postprocess_script = NULL;

  if (json_object_has_member (treefile, "units"))
    units = json_object_get_array_member (treefile, "units");
@ -1209,6 +1211,36 @@ rpmostree_treefile_postprocessing (GFile         *yumroot,
            goto out;
        }
    }
+
+  if (!_rpmostree_jsonutil_object_get_optional_string_member (treefile, "postprocess-script",
+                                                              &postprocess_script, error))
+    goto out;
+    
+  if (postprocess_script)
+    {
+      gs_unref_object GFile *src = g_file_resolve_relative_path (context_directory, postprocess_script);
+      const char *bn = gs_file_get_basename_cached (src);
+      gs_unref_object GFile *yumroot_tmp = g_file_resolve_relative_path (yumroot, "tmp");
+      gs_unref_object GFile *dest = g_file_resolve_relative_path (yumroot_tmp, bn);
+      gs_free char *targetpath = g_build_filename ("/tmp", gs_file_get_basename_cached (src), NULL);
+
+      if (!g_file_copy (src, dest, 0, cancellable, NULL, NULL, error))
+        {
+          g_prefix_error (error, "Copying postprocess-script '%s' into target: ", bn);
+          goto out;
+        }
+      
+      g_print ("Executing postprocessing script '%s'...\n", bn);
+      if (!gs_subprocess_simple_run_sync (NULL, GS_SUBPROCESS_STREAM_DISPOSITION_NULL,
+                                          cancellable, error,
+                                          "systemd-nspawn", "-D", gs_file_get_path_cached (yumroot),
+                                          "--private-network",
+                                          targetpath,
+                                          NULL))
+        goto out;
+                                          
+      g_print ("Executing postprocessing script '%s'...done\n", bn);
+    }
  
  ret = TRUE;
 out:
--- a/src/rpmostree-postprocess.h
+++ b/src/rpmostree-postprocess.h
@ -30,6 +30,7 @@ typedef enum {

 gboolean
 rpmostree_treefile_postprocessing (GFile         *rootfs,
+                                   GFile         *context_directory,
                                   GBytes        *serialized_treefile,
                                   JsonObject    *treefile,
                                   GCancellable  *cancellable,