Latest changes for 3.5.2

Includes new tooling for building Pinafore alongside Mastodon Includes utility for easily entering docker containers Includes changes to libloader to make the scratch container easier
5 months ago · 81af907eca
parent c37d26a9cf
commit 81af907eca
6 changed files with 167 additions and 46 deletions
--- a/assets/libloader.sh
+++ b/assets/libloader.sh
@ -183,6 +183,15 @@ role_maint_media() {
 	enrich sg
 	CMD_RUN="$CMD_MAINT_MEDIA --days=$TUN_MAINT_MEDIA_LIFETIME"
 }
+role_maint_scratch() {
+	enrich mastodon
+	enrich db
+	enrich es
+	enrich sg
+	enrich vapid
+	enrich mail
+	CMD_RUN="/bin/cat /dev/stdin"
+}
 role_maint() {
 	if [ "x$MTASK" = "x" ]; then
 		_err Maintenance task not defined.
@ -191,6 +200,7 @@ role_maint() {
 	case "$MTASK" in
 		cards) role_maint_cards;;
 		media) role_maint_media;;
+		scratch) role_maint_scratch;;
 		*)
 			_err Maintenance task not recognised.
 			exit 1
--- a/ci-drone.yml
+++ b/ci-drone.yml
@ -1,43 +0,0 @@
-kind: pipeline
-type: docker
-name: default
-
-trigger:
-  event:
-    - custom
-
-steps:
- name: prepare
-  image: alpine:3.15
-  commands:
-    - apk add --update git rsync
-    - ./generate-patch.sh "${MASTODON_VERSION}" --no-build
- name: build
-  image: docker:dind
-  privileged: true
-  commands:
-    - /usr/local/bin/dockerd-entrypoint.sh &
-    - sleep 10
-    - MASTODON_VERSION=${MASTODON_VERSION} source ./libqueerpatchy.sh && build image && docker login -u ${DOCKER_USERNAME} -p ${DOCKER_PASSWORD} && push image
-#  environment:
-#    MASTODON_VERSION: v${MASTODON_VERSION}
-#  settings:
-#    username:
-#      from_secret: docker_username
-#    password:
-#      from_secret: docker_password
-#    repo: ${DOCKER_USERNAME}/qp-mastodon
-#    build_args_from_env:
-#      - MASTODON_VERSION
-#    tags:
-#      - latest
-#      - v${MASTODON_VERSION}
-#    context: ./deploy
-#    dockerfile: ./deploy/Dockerfile
-#    purge: true
-#    custom_dns:
-#      - 8.8.8.8
- name: cleanup
-  image: alpine:3.15
-  commands:
-    - ./generate-patch.sh "${MASTODON_VERSION}" --cleanup
--- a/deploy/3.5.1_1-backport-aliases-fix.patch.old
+++ b/deploy/3.5.1_1-backport-aliases-fix.patch.old
--- a/122
+++ b/122
@ -0,0 +1,122 @@
+#!/bin/sh
+
+RETVAL=0
+FDOUT=/dev/stdout
+FDERR=/dev/stderr
+
+STACK_NAME=
+CT_NAME=
+STCT_SEP=_
+EXEC_TGT=
+EXEC_AS=0
+EXEC_SHELL=/bin/sh
+EXEC_ARGS=
+
+usage () {
+	cat > /dev/stdout <<EOS
+$0: Execute a command within a docker container roughly matching the given name.
+
+Usage:
+$0 [-u ID][-s SHELL][-S STACK_NAME] NAME_FRAGMENT
+EOS
+}
+
+_fmtlog () {
+	echo "$1: $2"
+}
+_log () {
+	echo "$@" >> $FDOUT
+}
+_notice () {
+	_fmtlog NOTICE "$1" >> $FDOUT
+}
+_info () {
+	_fmtlog INFO "$1" >> $FDOUT
+}
+_warn () {
+	_fmtlog WARN "$1" >> $FDERR
+}
+_err () {
+	_fmtlog ERR "$1" >> $FDERR
+	if [ "$2" = "" ] || [ "$2" = "0" ]; then exit 1
+	else exit "$2"; fi
+}
+
+ctls () {
+        docker ps -f 'status=running' -f "name=~*$1*" --format '{{.Names}} ({{.ID}}) - {{.Status}}'
+}
+ctid () {
+	docker ps -f 'status=running' -f "name=~*$1*" --format '{{.ID}}'
+}
+ctc () {
+	ctid "$1" | wc -l
+}
+
+argparse () {
+	while :; do case $1 in
+	-v|--verbose)
+	        set -x
+	        ;;
+	--stack=?*)
+		STACK_NAME=${1#*=}
+		;;
+	-S|--stack)
+		STACK_NAME="$2"; shift
+		;;
+	--shell=?*)
+		EXEC_SHELL=${1#*=}
+		;;
+	-s|--shell)
+		EXEC_SHELL="$2"; shift
+		;;
+	--uid=?*|--user=?*)
+		EXEC_AS=${1#*=}
+		;;
+	-u|--uid|--user)
+		EXEC_AS="$2"; shift
+		;;
+	--name=?*)
+	        CT_NAME=${1#*=}
+	        ;;
+	-n|--name)
+	        CT_NAME="$2"; shift
+	        ;;
+	--)
+		shift; break
+		;;
+	-h|--help)
+		usage; exit $RETVAL
+		;;
+	-?*)
+		$0 --help
+		_err "Unrecognised option $1" 1
+		;;
+	*)
+	        CT_NAME="$1"; shift
+	        EXEC_ARGS="$*"
+		break
+	esac; shift; done
+}
+
+## TODO: try_shell - retry each in a list of possible shells
+## TODO: least_privileged_user - find the least privileged user of a running CT
+
+argparse "$@"
+if [ "$CT_NAME" = "" ]; then _err "No container name fragment specified!" 1; fi
+if [ "$CT_NAME" != "" ] && [ "$STACK_NAME" = "" ]; then
+        EXEC_TGT="$CT_NAME"
+else
+        EXEC_TGT="$STACK_NAME$STCT_SEP$CT_NAME"
+fi
+MATCHED_CTS=$(ctc "$EXEC_TGT")
+if [ "$MATCHED_CTS" -lt 1 ]; then _err "No running containers matched '$EXEC_TGT'" 1; fi
+if [ "$MATCHED_CTS" -gt 1 ]; then
+        _err "More than one running container matched '$EXEC_TGT', please refine.
+Matched containers:
+$(ctls "$EXEC_TGT")" 1
+fi
+CTID=$(ctid "$EXEC_TGT")
+# Ignore unquoted args, otherwise bad things happen
+# shellcheck disable=SC2086
+docker exec -it -u "$EXEC_AS" "$CTID" "$EXEC_SHELL" $EXEC_ARGS
+echo "Command exited with status $?"
--- a/libqueerpatchy.sh
+++ b/libqueerpatchy.sh
@ -28,6 +28,9 @@ prep_tainted() {
 	prep_tainted_meemu
 	prep_tainted_w95
 }
+prep_pinafore() {
+	git clone $GIT_ARG_DEFAULTS --branch v$PINAFORE_VERSION https://commit.pup.cloud/mirrors/pinafore pinafore
+}
 build_assets_meemu() {
 	rsync -av --files-from modifications/theemu/meemu-theme.txt modifications/theemu tainted
 	cp -pr untainted/app/javascript/mastodon/locales/en.json tainted/app/javascript/mastodon/locales/en.json
@ -68,19 +71,28 @@ build_patch() {
 build_image() {
 	docker build --build-arg MASTODON_VERSION=$DOCKER_UPSTREAM_VERSION -t maffsie/qp-mastodon:latest -t maffsie/qp-mastodon:v$TAG_VERSION deploy/
 }
+build_pinafore() {
+	docker build -t maffsie/qp-pinafore:latest -t maffsie/qp-pinafore:v$PINAFORE_VERSION pinafore/
+}
 push_image() {
 	docker push maffsie/qp-mastodon
+	docker push maffsie/qp-pinafore
 }
 cleanup_prebuild() {
 	rm -rf untainted tainted modifications
 }
 cleanup_postbuild() {
-	rm -rf deploy/queer.party.patch deploy/fonts deploy/images deploy/loader
+	rm -rf deploy/queer.party.patch deploy/fonts deploy/images deploy/loader pinafore
+}
+cleanup_docker() {
+	docker image prune -af
 }
 prep() {
 	case "$1" in
 		untainted) prep_untainted;;
 		tainted) prep_tainted;;
+		pinafore) prep_pinafore;;
+		patch) prep_untainted; prep_tainted;;
 	esac
 }
 build() {
@ -88,6 +100,7 @@ build() {
 		assets) build_assets;;
 		patch) build_patch;;
 		image) build_image;;
+		pinafore) build_pinafore;;
 	esac
 }
 push() {
@ -99,6 +112,8 @@ cleanup() {
 	case "$1" in
 		prebuild) cleanup_prebuild;;
 		postbuild) cleanup_postbuild;;
+		docker) cleanup_docker;;
+		all) cleanup_prebuild; cleanup_postbuild; cleanup_docker;;
 	esac
 }
 main() {
@ -115,8 +130,23 @@ main() {
 		exit
 	fi
 	build image
+	if [ "x$PINAFORE_VERSION" != "x" ]; then
+		pinafore_main
+	else
+		push image
+		cleanup postbuild
+		cleanup docker
+	fi
+}
+pinafore_main() {
+	if [ "x$PINAFORE_VERSION" == "x" ]; then
+		echo "Please specify a pinafore version with variable PINAFORE_VERSION" > /dev/stderr
+		exit 1
+	fi
+	prep pinafore
+	build pinafore
 	push image
 	cleanup postbuild
+	cleanup docker
 }

-
--- a/qp.yaml
+++ b/qp.yaml
@ -630,7 +630,6 @@ services:
  mastoscratch:
    image: maffsie/qp-mastodon:latest
    stdin_open: true
-    command: bash -c "cat /dev/stdin"
    deploy:
      mode: replicated
      replicas: 1
@ -641,6 +640,9 @@ services:
        condition: none
    volumes:
      - qp_pubsys:/mastodon/public/system
+    environment:
+      ROLE: maintenance
+      MTASK: scratch
    configs:
      - source: cdn
        target: /configs/sg