From 0834ccd690297f62e4c03416e0b3fba4ed19f867 Mon Sep 17 00:00:00 2001 From: Daniel Dides Date: Wed, 1 Mar 2023 13:40:41 -0600 Subject: [PATCH 1/2] batch_exec: inject docker container registry as a prefix --- cmd/src/batch_exec.go | 30 ++++++++++++++++++++++++------ 1 file changed, 24 insertions(+), 6 deletions(-) diff --git a/cmd/src/batch_exec.go b/cmd/src/batch_exec.go index 11aadf39e3..86fe66e029 100644 --- a/cmd/src/batch_exec.go +++ b/cmd/src/batch_exec.go @@ -8,6 +8,7 @@ import ( "io" "os" "path/filepath" + "strings" "time" "github.com/sourcegraph/src-cli/internal/batches/docker" @@ -174,6 +175,29 @@ func executeBatchSpecInWorkspaces(ctx context.Context, flags *executorModeFlags) return errors.New("invalid execution, no steps to process") } + // Pass the os.Environ to run steps to allow access to the secrets set + // in the executor environment. + // The executor runtime takes care of not forwarding any sensitive secrets + // from the host, so this is safe. + globalEnv := os.Environ() + + // If the docker prefix registry is set, inject it into each step's container + // to fully qualify the container name + environ := map[string]string{} + for _, e := range globalEnv { + pair := strings.SplitN(e, "=", 2) + environ[pair[0]] = pair[1] + } + + dockerPrefix, ok := environ["DOCKER_PREFIX_REGISTRY_URL"] + if ok { + + for i := 0; i < len(task.Steps); i++ { + step := &task.Steps[i] + step.Container = fmt.Sprintf("%s/%s", dockerPrefix, step.Container) + } + } + imageCache := docker.NewImageCache() ui.PreparingContainerImages() @@ -194,12 +218,6 @@ func executeBatchSpecInWorkspaces(ctx context.Context, flags *executorModeFlags) taskExecUI.Start([]*executor.Task{task}) taskExecUI.TaskStarted(task) - // Pass the os.Environ to run steps to allow access to the secrets set - // in the executor environment. - // The executor runtime takes care of not forwarding any sensitive secrets - // from the host, so this is safe. - globalEnv := os.Environ() - opts := &executor.RunStepsOpts{ Logger: &log.NoopTaskLogger{}, WC: workspace.NewExecutorWorkspaceCreator(tempDir, repoDir), From fbb47f99bb7e21f7462089c30383d76b75701eb1 Mon Sep 17 00:00:00 2001 From: Daniel Dides Date: Wed, 1 Mar 2023 14:35:04 -0600 Subject: [PATCH 2/2] Remove empty line --- cmd/src/batch_exec.go | 1 - 1 file changed, 1 deletion(-) diff --git a/cmd/src/batch_exec.go b/cmd/src/batch_exec.go index 86fe66e029..c5b4d223a1 100644 --- a/cmd/src/batch_exec.go +++ b/cmd/src/batch_exec.go @@ -191,7 +191,6 @@ func executeBatchSpecInWorkspaces(ctx context.Context, flags *executorModeFlags) dockerPrefix, ok := environ["DOCKER_PREFIX_REGISTRY_URL"] if ok { - for i := 0; i < len(task.Steps); i++ { step := &task.Steps[i] step.Container = fmt.Sprintf("%s/%s", dockerPrefix, step.Container)