#!/bin/bash # Copyright 2019 The gVisor Authors. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. set -xeo pipefail # Declare kokoro's required public keys. declare -r ssh_public_keys=( "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDg7L/ZaEauETWrPklUTky3kvxqQfe2Ax/2CsSqhNIGNMnK/8d79CHlmY9+dE1FFQ/RzKNCaltgy7XcN/fCYiCZr5jm2ZtnLuGNOTzupMNhaYiPL419qmL+5rZXt4/dWTrsHbFRACxT8j51PcRMO5wgbL0Bg2XXimbx8kDFaurL2gqduQYqlu4lxWCaJqOL71WogcimeL63Nq/yeH5PJPWpqE4P9VUQSwAzBWFK/hLeds/AiP3MgVS65qHBnhq0JsHy8JQsqjZbG7Iidt/Ll0+gqzEbi62gDIcczG4KC0iOVzDDP/1BxDtt1lKeA23ll769Fcm3rJyoBMYxjvdw1TDx sabujp@trigger.mtv.corp.google.com" "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBNgGK/hCdjmulHfRE3hp4rZs38NCR8yAh0eDsztxqGcuXnuSnL7jOlRrbcQpremJ84omD4eKrIpwJUs+YokMdv4= sabujp@trigger.svl.corp.google.com" ) # Install dependencies. while true; do if (apt-get update && apt-get install -y \ rsync \ coreutils \ python-psutil \ qemu-kvm \ python-pip \ python3-pip \ zip); then break fi result=$? if [[ $result -ne 100 ]]; then exit $result fi done # junitparser is used to merge junit xml files. pip install junitparser # We need a kbuilder user, which may already exist. useradd -c "kbuilder user" -m -s /bin/bash kbuilder || true # We need to provision appropriate keys. mkdir -p ~kbuilder/.ssh (IFS=$'\n'; echo "${ssh_public_keys[*]}") > ~kbuilder/.ssh/authorized_keys chmod 0600 ~kbuilder/.ssh/authorized_keys chown -R kbuilder ~kbuilder/.ssh # Give passwordless sudo access. cat > /etc/sudoers.d/kokoro <<EOF kbuilder ALL=(ALL) NOPASSWD:ALL EOF # Ensure we can run Docker without sudo. usermod -aG docker kbuilder # Ensure that we can access kvm. usermod -aG kvm kbuilder # Ensure that /tmpfs exists and is writable by kokoro. # # Note that kokoro will typically attach a second disk (sdb) to the instance # that is used for the /tmpfs volume. In the future we could setup an init # script that formats and mounts this here; however, we don't expect our build # artifacts to be that large. mkdir -p /tmpfs && chmod 0777 /tmpfs && touch /tmpfs/READY