- package config
-
- import (
- "gerrit.wikimedia.org/r/blubber/build"
- )
-
- // RunsConfig holds configuration fields related to the application's
- // runtime environment.
- //
- type RunsConfig struct {
- UserConfig `json:",inline"`
- Insecurely Flag `json:"insecurely"` // runs user owns application files
- Environment map[string]string `json:"environment" validate:"envvars"` // environment variables
- }
-
- // Merge takes another RunsConfig and overwrites this struct's fields. All
- // fields except Environment are overwritten if set. The latter is an additive
- // merge.
- //
- func (run *RunsConfig) Merge(run2 RunsConfig) {
- run.UserConfig.Merge(run2.UserConfig)
- run.Insecurely.Merge(run2.Insecurely)
-
- if run.Environment == nil {
- run.Environment = make(map[string]string)
- }
-
- for name, value := range run2.Environment {
- run.Environment[name] = value
- }
- }
-
- // InstructionsForPhase injects build instructions related to the runtime
- // configuration.
- //
- // PhasePrivileged
- //
- // Creates LocalLibPrefix directory and unprivileged user home directory,
- // creates the unprivileged user and its group, and sets up directory
- // permissions.
- //
- // PhasePrivilegeDropped
- //
- // Injects build.Env instructions for all names/values defined by
- // RunsConfig.Environment.
- //
- func (run RunsConfig) InstructionsForPhase(phase build.Phase) []build.Instruction {
- switch phase {
- case build.PhasePrivileged:
- return []build.Instruction{build.RunAll{
- build.CreateUser(run.As, run.UID, run.GID),
- }}
- case build.PhasePrivilegeDropped:
- if len(run.Environment) > 0 {
- return []build.Instruction{
- build.Env{run.Environment},
- }
- }
- }
-
- return []build.Instruction{}
- }
|