From c90f9c8d67bf178878f5b0e6328f7c38808b5013 Mon Sep 17 00:00:00 2001 From: xengineering Date: Sun, 28 Jul 2024 19:17:18 +0200 Subject: Switch to execution in QEMU virtual machine This ensures that the build environment is exactly the same. Furthermore security risks for the host are minimized. --- main.go | 38 +++++++++++++++----------------------- 1 file changed, 15 insertions(+), 23 deletions(-) (limited to 'main.go') diff --git a/main.go b/main.go index ef428f4..52492fe 100644 --- a/main.go +++ b/main.go @@ -12,6 +12,10 @@ import ( "time" ) +const ( + workbench = `build` +) + var ( key = "" repo = "" @@ -52,15 +56,13 @@ func main() { waitBoot() - workbench := prepareWorkbench(repo, commit) - defer os.RemoveAll(workbench) - craft(workbench) + checkoutSources(repo, commit) + craft() } -func runCommand(dir string, name string, args ...string) { - log.Printf("%s %s\n", name, strings.Join(args, " ")) - command := exec.Command(name, args...) - command.Dir = dir +func runCommand(name string, args ...string) { + log.Printf("Remote execution: %s %s\n", name, strings.Join(args, " ")) + command := sshCommand(name, args...) command.Stderr = os.Stderr command.Stdout = os.Stdout err := command.Run() @@ -130,14 +132,14 @@ func waitBoot() { log.Fatalf("Could not reach VM %d times - giving up", retries) } -func craft(workbench string) { +func craft() { script := fmt.Sprintf(`#!/bin/sh +cd %s %s -`, task) +`, workbench, task) - cmd := exec.Command("sh") - cmd.Dir = workbench + cmd := sshCommand("sh") cmd.Stdin = bytes.NewBufferString(script) cmd.Stdout = os.Stdout cmd.Stderr = os.Stderr @@ -148,14 +150,8 @@ func craft(workbench string) { } } -func prepareWorkbench(repo string, commit string) string { - workbench, err := os.MkdirTemp("", "*-craft") - if err != nil { - log.Fatal(err) - } - +func checkoutSources(repo string, commit string) string { runCommand( - workbench, "git", "clone", repo, @@ -163,7 +159,6 @@ func prepareWorkbench(repo string, commit string) string { ) runCommand( - workbench, "git", "--git-dir", filepath.Join(workbench, ".git"), @@ -174,11 +169,8 @@ func prepareWorkbench(repo string, commit string) string { ) runCommand( - workbench, "git", - "--git-dir", - filepath.Join(workbench, ".git"), - "--work-tree", + "-C", workbench, "submodule", "update", -- cgit v1.2.3-70-g09d2