You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@mesos.apache.org by al...@apache.org on 2017/03/24 04:52:49 UTC
mesos git commit: Docker environment gets passed on docker run
command.
Repository: mesos
Updated Branches:
refs/heads/master 9ff4b5172 -> b416dbe0f
Docker environment gets passed on docker run command.
Removes the use of `--env_file` as that does not support newlines
in environment variable values. Also avoids leaking of possibly
sensitive environment variables to the log.
Review: https://reviews.apache.org/r/57846/
Project: http://git-wip-us.apache.org/repos/asf/mesos/repo
Commit: http://git-wip-us.apache.org/repos/asf/mesos/commit/b416dbe0
Tree: http://git-wip-us.apache.org/repos/asf/mesos/tree/b416dbe0
Diff: http://git-wip-us.apache.org/repos/asf/mesos/diff/b416dbe0
Branch: refs/heads/master
Commit: b416dbe0f092f032edfa89f2f9e9c41239603ec9
Parents: 9ff4b51
Author: Till Toenshoff <to...@me.com>
Authored: Fri Mar 24 05:46:13 2017 +0100
Committer: Alexander Rukletsov <al...@apache.org>
Committed: Fri Mar 24 05:52:00 2017 +0100
----------------------------------------------------------------------
src/docker/docker.cpp | 51 +++++-----------------------------------------
1 file changed, 5 insertions(+), 46 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/mesos/blob/b416dbe0/src/docker/docker.cpp
----------------------------------------------------------------------
diff --git a/src/docker/docker.cpp b/src/docker/docker.cpp
index 44fbde8..9de19d4 100755
--- a/src/docker/docker.cpp
+++ b/src/docker/docker.cpp
@@ -805,43 +805,11 @@ Future<Option<int>> Docker::run(
argv.push_back(stringify(options.memory->bytes()));
}
- string environmentVariables;
-
foreachpair(const string& key, const string& value, options.env) {
- environmentVariables += key + "=" + value + "\n";
- }
-
- Try<string> environmentFile_ = os::mktemp();
- if (environmentFile_.isError()) {
- return Failure("Failed to create temporary docker environment "
- "file: " + environmentFile_.error());
+ argv.push_back("-e");
+ argv.push_back(key + "=" + value);
}
- const string& environmentFile = environmentFile_.get();
-
- Try<int_fd> fd = os::open(
- environmentFile,
- O_WRONLY | O_CREAT | O_TRUNC | O_CLOEXEC,
- S_IRUSR | S_IWUSR);
-
- if (fd.isError()) {
- return Failure(
- "Failed to open file '" + environmentFile + "': " + fd.error());
- }
-
- Try<Nothing> write = os::write(fd.get(), environmentVariables);
-
- os::close(fd.get());
-
- if (write.isError()) {
- return Failure(
- "Failed to write docker environment file to '" + environmentFile +
- "': " + write.error());
- }
-
- argv.push_back("--env-file");
- argv.push_back(environmentFile);
-
foreach(const string& volume, options.volumes) {
argv.push_back("-v");
argv.push_back(volume);
@@ -938,7 +906,7 @@ Future<Option<int>> Docker::run(
string cmd = strings::join(" ", argv);
- LOG(INFO) << "Running " << cmd;
+ VLOG(1) << "Running " << cmd;
Try<Subprocess> s = subprocess(
path,
@@ -949,19 +917,10 @@ Future<Option<int>> Docker::run(
nullptr);
if (s.isError()) {
- return Failure("Failed to create subprocess '" + cmd + "': " + s.error());
+ return Failure("Failed to create subprocess '" + path + "': " + s.error());
}
- s->status()
- .onDiscard(lambda::bind(&commandDiscarded, s.get(), cmd))
- .onAny([environmentFile]() {
- Try<Nothing> rm = os::rm(environmentFile);
-
- if (rm.isError()) {
- LOG(WARNING) << "Failed to remove temporary docker environment file "
- << "'" << environmentFile << "': " << rm.error();
- }
- });
+ s->status().onDiscard(lambda::bind(&commandDiscarded, s.get(), cmd));
// Ideally we could capture the stderr when docker itself fails,
// however due to the stderr redirection used here we cannot.