mirror of
https://github.com/balena-io/balena-cli.git
synced 2024-12-21 06:33:28 +00:00
225408c57d
to/on/via balena devices Change-type: minor Signed-off-by: Paulo Castro <paulo@balena.io>
203 lines
6.1 KiB
CoffeeScript
203 lines
6.1 KiB
CoffeeScript
###*
|
|
# @license
|
|
# Copyright 2017-2019 Balena Ltd.
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
# you may not use this file except in compliance with the License.
|
|
# You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
# See the License for the specific language governing permissions and
|
|
# limitations under the License.
|
|
###
|
|
|
|
# Functions to help actions which rely on using docker
|
|
|
|
Promise = require('bluebird')
|
|
_ = require('lodash')
|
|
|
|
# Use this function to seed an action's list of capitano options
|
|
# with the docker options. Using this interface means that
|
|
# all functions using docker will expose the same interface
|
|
#
|
|
# NOTE: Care MUST be taken when using the function, so as to
|
|
# not redefine/override options already provided.
|
|
exports.appendConnectionOptions = appendConnectionOptions = (opts) ->
|
|
opts.concat [
|
|
{
|
|
signature: 'docker'
|
|
parameter: 'docker'
|
|
description: 'Path to a local docker socket (e.g. /var/run/docker.sock)'
|
|
alias: 'P'
|
|
},
|
|
{
|
|
signature: 'dockerHost'
|
|
parameter: 'dockerHost'
|
|
description: 'Docker daemon hostname or IP address (dev machine or balena device) '
|
|
alias: 'h'
|
|
},
|
|
{
|
|
signature: 'dockerPort'
|
|
parameter: 'dockerPort'
|
|
description: 'Docker daemon TCP port number (hint: 2375 for balena devices)'
|
|
alias: 'p'
|
|
},
|
|
{
|
|
signature: 'ca'
|
|
parameter: 'ca'
|
|
description: 'Docker host TLS certificate authority file'
|
|
},
|
|
{
|
|
signature: 'cert'
|
|
parameter: 'cert'
|
|
description: 'Docker host TLS certificate file'
|
|
},
|
|
{
|
|
signature: 'key'
|
|
parameter: 'key'
|
|
description: 'Docker host TLS key file'
|
|
},
|
|
]
|
|
|
|
# Use this function to seed an action's list of capitano options
|
|
# with the docker options. Using this interface means that
|
|
# all functions using docker will expose the same interface
|
|
#
|
|
# NOTE: Care MUST be taken when using the function, so as to
|
|
# not redefine/override options already provided.
|
|
exports.appendOptions = (opts) ->
|
|
appendConnectionOptions(opts).concat [
|
|
{
|
|
signature: 'tag'
|
|
parameter: 'tag'
|
|
description: 'The alias to the generated image'
|
|
alias: 't'
|
|
},
|
|
{
|
|
signature: 'buildArg'
|
|
parameter: 'arg'
|
|
description: 'Set a build-time variable (eg. "-B \'ARG=value\'"). Can be specified multiple times.'
|
|
alias: 'B'
|
|
},
|
|
{
|
|
signature: 'nocache'
|
|
description: "Don't use docker layer caching when building"
|
|
boolean: true
|
|
},
|
|
{
|
|
signature: 'squash'
|
|
description: 'Squash newly built layers into a single new layer'
|
|
boolean: true
|
|
}
|
|
]
|
|
|
|
generateConnectOpts = (opts) ->
|
|
buildDockerodeOpts = require('dockerode-options')
|
|
fs = require('mz/fs')
|
|
_ = require('lodash')
|
|
|
|
Promise.try ->
|
|
connectOpts = {}
|
|
# Firsly need to decide between a local docker socket
|
|
# and a host available over a host:port combo
|
|
if opts.docker? and not opts.dockerHost?
|
|
# good, local docker socket
|
|
connectOpts.socketPath = opts.docker
|
|
else if opts.dockerHost? and not opts.docker?
|
|
# Good a host is provided, and local socket isn't
|
|
connectOpts.host = opts.dockerHost
|
|
connectOpts.port = opts.dockerPort || 2376
|
|
else if opts.docker? and opts.dockerHost?
|
|
# Both provided, no obvious way to continue
|
|
throw new Error("Both a local docker socket and docker host have been provided. Don't know how to continue.")
|
|
else if process.env.DOCKER_HOST
|
|
# If no explicit options are provided, use the env
|
|
connectOpts = buildDockerodeOpts(process.env.DOCKER_HOST)
|
|
else
|
|
# No options anywhere, assume default docker local socket
|
|
connectOpts.socketPath = '/var/run/docker.sock'
|
|
|
|
# Now need to check if the user wants to connect over TLS
|
|
# to the host
|
|
|
|
# If any are set...
|
|
if (opts.ca? or opts.cert? or opts.key?)
|
|
# but not all
|
|
if not (opts.ca? and opts.cert? and opts.key?)
|
|
throw new Error('You must provide a CA, certificate and key in order to use TLS')
|
|
|
|
certBodies = {
|
|
ca: fs.readFile(opts.ca, 'utf-8')
|
|
cert: fs.readFile(opts.cert, 'utf-8')
|
|
key: fs.readFile(opts.key, 'utf-8')
|
|
}
|
|
return Promise.props(certBodies)
|
|
.then (toMerge) ->
|
|
_.merge(connectOpts, toMerge)
|
|
|
|
return connectOpts
|
|
|
|
parseBuildArgs = (args) ->
|
|
_ = require('lodash')
|
|
if not _.isArray(args)
|
|
args = [ args ]
|
|
buildArgs = {}
|
|
args.forEach (arg) ->
|
|
# note: [^] matches any character, including line breaks
|
|
pair = /^([^\s]+?)=([^]*)$/.exec(arg)
|
|
if pair?
|
|
buildArgs[pair[1]] = pair[2] ? ''
|
|
else
|
|
throw new Error("Could not parse build argument: '#{arg}'")
|
|
return buildArgs
|
|
|
|
exports.generateBuildOpts = (options) ->
|
|
opts = {}
|
|
if options.tag?
|
|
opts.t = options.tag
|
|
if options.nocache?
|
|
opts.nocache = true
|
|
if options.squash?
|
|
opts.squash = true
|
|
if options.buildArg?
|
|
opts.buildargs = parseBuildArgs(options.buildArg)
|
|
if not _.isEmpty(options['registry-secrets'])
|
|
opts.registryconfig = options['registry-secrets']
|
|
return opts
|
|
|
|
exports.getDocker = (options) ->
|
|
generateConnectOpts(options)
|
|
.then(createClient)
|
|
.tap(ensureDockerSeemsAccessible)
|
|
|
|
getDockerToolbelt = _.once ->
|
|
Docker = require('docker-toolbelt')
|
|
Promise.promisifyAll Docker.prototype, {
|
|
filter: (name) -> name == 'run'
|
|
multiArgs: true
|
|
}
|
|
Promise.promisifyAll(Docker.prototype)
|
|
Promise.promisifyAll(new Docker({}).getImage().constructor.prototype)
|
|
Promise.promisifyAll(new Docker({}).getContainer().constructor.prototype)
|
|
return Docker
|
|
|
|
# docker-toolbelt v3 is not backwards compatible as it removes all *Async
|
|
# methods that are in wide use in the CLI. The workaround for now is to
|
|
# manually promisify the client and replace all `new Docker()` calls with
|
|
# this shared function that returns a promisified client.
|
|
#
|
|
# **New code must not use the *Async methods.**
|
|
#
|
|
exports.createClient = createClient = (opts) ->
|
|
Docker = getDockerToolbelt()
|
|
return new Docker(opts)
|
|
|
|
ensureDockerSeemsAccessible = (docker) ->
|
|
{ exitWithExpectedError } = require('./patterns')
|
|
docker.ping().catch ->
|
|
exitWithExpectedError('Docker seems to be unavailable. Is it installed and running?')
|