diff options
| -rwxr-xr-x | msci | 83 |
1 files changed, 48 insertions, 35 deletions
@@ -57,39 +57,46 @@ write_cron() { } run_project() { - ppath="$MSCI_HOME"/projects/"$1".json - repo_name="$1" - repo_url=$(jq -r '.url' "$ppath") - repo_path="$MSCI_HOME"/tmp/"$repo_name" - echo "cloning repo: $repo_url" | tee -a "$2" - git clone --quiet "$repo_url" "$repo_path" - pushd "$repo_path" >/dev/null || return 1 - for job in "$repo_path"/.makeshiftci/*; do - pname=$(jq -r '.name' "$job") - echo "running job: $pname" | tee -a "$2" - pimage=$(jq -r '.image' "$job") - psecrets=$(jq -r '.secrets' "$job") - prun=$(jq -r '.run[]' "$job") - env_secrets=() - secret_mounts=() - if [ ! "$psecrets" = 'null' ]; then - for secret_key in $(echo "$psecrets" | jq -r '. | keys[]'); do - secret_value=$(echo "$psecrets" | jq -r ".$secret_key") - secret_name=$(openssl rand -hex 16) - secret_mounts+=("--mount=type=bind,source=$secret_value,target=/$secret_name,readonly") - env_secrets+=("$secret_key=/$secret_name") - done - fi - docker run --rm \ - "${env_secrets[@]/#/--env=}" \ - --mount type=bind,source="$repo_path",target=/"$repo_name" \ - "${secret_mounts[@]}" \ - --workdir="/$repo_name" \ - "$pimage" \ - sh -c "exec $prun" | tee -a "$2" - done - popd >/dev/null && rm -rf "$repo_path" - echo "finished" | tee -a "$2" + ( + set -euo pipefail + ppath="$MSCI_HOME"/projects/"$1".json + repo_name="$1" + repo_url=$(jq -r '.url' "$ppath") + repo_path="$MSCI_HOME"/tmp/"$repo_name" + echo "cloning repo: $repo_url" | tee -a "$2" + ! git clone "$repo_url" "$repo_path" &>/dev/null && + echo "failed to clone repo" | tee -a "$2" && exit 1 + ! pushd "$repo_path" &>/dev/null && + echo "unable to cd into cloned repo" | tee -a "$2" && exit 1 + for job in "$repo_path"/.makeshiftci/*; do + pname=$(jq -r '.name' "$job") + echo "running job: $pname" | tee -a "$2" + pimage=$(jq -r '.image' "$job") + psecrets=$(jq -r '.secrets' "$job") + prun=$(jq -r '.run[]' "$job") + env_secrets=() + secret_mounts=() + if [ ! "$psecrets" = 'null' ]; then + for secret_key in $(echo "$psecrets" | jq -r '. | keys[]'); do + secret_value=$(echo "$psecrets" | jq -r ".$secret_key") + secret_name=$(openssl rand -hex 16) + secret_mounts+=("--mount=type=bind,source=$secret_value,target=/$secret_name,readonly") + env_secrets+=("$secret_key=/$secret_name") + done + fi + ! docker runawk --rm \ + "${env_secrets[@]/#/--env=}" \ + --mount type=bind,source="$repo_path",target=/"$repo_name" \ + "${secret_mounts[@]}" \ + --workdir="/$repo_name" \ + "$pimage" \ + sh -c "exec $prun" | tee -a "$2" && echo "docker failed" | tee -a "$2" && exit 1 + done + (popd &>/dev/null && rm -rf "$repo_path") || + echo "failed to delete tmp repo" | tee -a "$2" && exit 1 + echo "finished" | tee -a "$2" + ) + } create_project() { @@ -246,7 +253,13 @@ case $1 in echo $((last_run + 1)) ) stdout_path="$stdout_path"/"$next_run" - run_project "$2" "$stdout_path" + echo -e "--MSCI_DATE($(date))--" >>"$stdout_path" + if ! run_project "$2" "$stdout_path"; then + echo -e "--MSCI_EXIT_FAILURE--" >>"$stdout_path" && + rm -rf "$MSCI_HOME"/tmp/"$2" + exit 1 + fi + echo -e "--MSCI_EXIT_SUCCESS--" >>"$stdout_path" ;; --list) list_projects @@ -279,7 +292,7 @@ case $1 in rm -rf "$MSCI_HOME"/tmp/"$2" && echo "cleared tmp for $2" confirm_in "clear stdout?" && - rm -rf "$MSCI_HOME"/stdout/"$2" && + rm -rf "$MSCI_HOME"/stdout/**/"$2"/* && echo "cleared stdout for $2" ;; esac |