diff --git a/.ci/asic_create_recipe.sh b/.ci/asic_create_recipe.sh index 33a85c04dc82ca6ddbe606aa9e3b1f3720e23cc0..d159a2f5bbb54a870ab8172717885d772520fb0f 100755 --- a/.ci/asic_create_recipe.sh +++ b/.ci/asic_create_recipe.sh @@ -81,6 +81,9 @@ From: ${DOCKER_BASE_IMAGE} # ECM: and now some abspacking yum -y install ccache sudo parallel + # ECM: and userspace mount stuff + yum -y install fuse3 + # create a fingerprint by which we can identify the container from within cat /proc/sys/kernel/random/uuid > /opt/fingerprint @@ -99,7 +102,10 @@ From: ${DOCKER_BASE_IMAGE} export CONTAINER_STYLE="${CONTAINER_STYLE}" "${SPACK_INSTALL_SCRIPTS}/complete_spack_install_routine_called_in_post_as_root.sh" wait - "${SPACK_INSTALL_SCRIPTS}/install_singularity_as_root.sh" || \ + ( + "${SPACK_INSTALL_SCRIPTS}/install_singularity_as_root.sh" && \ + "${SPACK_INSTALL_SCRIPTS}/install_gocryptfs_as_root.sh" + ) || \ ( sudo -Eu spack "${SPACK_INSTALL_SCRIPTS}/preserve_built_spack_packages.sh" && exit 1 # propagate the error @@ -118,8 +124,8 @@ From: ${DOCKER_BASE_IMAGE} unset LC_COLLATE LC_CTYPE LC_MONETARY LC_NUMERIC LC_TIME LC_MESSAGES LC_ALL fi - # python now from conda... - PATH=/opt/conda/bin:${PATH} + # python now from conda... and gopath/bin (gocryptfs) + PATH=/opt/conda/bin:/opt/go/gopath/bin:${PATH} # ensure conda sees a clean env unset PYTHONHOME EOF diff --git a/.ci/install_gocryptfs_as_root.sh b/.ci/install_gocryptfs_as_root.sh new file mode 100755 index 0000000000000000000000000000000000000000..ef8d87fedb65556105dbfeaca19960381bba2338 --- /dev/null +++ b/.ci/install_gocryptfs_as_root.sh @@ -0,0 +1,30 @@ +#!/bin/bash -lx +# Install gocryptfs from source; needed for older base images such as Cent OS 7 +# (ASIC container image) + + +set -euo pipefail +shopt -s inherit_errexit 2>/dev/null || true + +sourcedir="$(dirname "$(readlink -m "${BASH_SOURCE[0]}")")" +source "${sourcedir}/commons.sh" +source "${sourcedir}/setup_env_spack.sh" +GOCRYPTFS_REPO="https://github.com/rfjakob/gocryptfs.git" + +# go assumed to be provided via install_singularity_as_root.sh; repeat variables +GO_INSTALL_PATH=/opt/go + +# setup environment +export PATH="${GO_INSTALL_PATH}/go/bin${PATH:+:${PATH}}" +export GOPATH="${GO_INSTALL_PATH}/gopath" + +# build gocryptfs +# this is a go 1.11-based install flow which probably should be adjusted for +# modern go (no need to build from source within the gopath folder anymore) +GOCRYPTFS_INSTALL_PATH="${SPACK_TMPDIR}/gocryptfs" +git clone "${GOCRYPTFS_REPO}" "${GOCRYPTFS_INSTALL_PATH}" + +pushd "${GOCRYPTFS_INSTALL_PATH}" +# build and install +./build.bash +popd diff --git a/.ci/install_system_dependencies.sh b/.ci/install_system_dependencies.sh index 28e0a0e7dc09beaa3c9b7b42135f6229737182d2..f0d9e50ff6ea4d4e26f0c083fbf4be4bf840b1a3 100755 --- a/.ci/install_system_dependencies.sh +++ b/.ci/install_system_dependencies.sh @@ -19,6 +19,7 @@ system_dependencies=( "g++-aarch64-linux-gnu" "gcc-aarch64-linux-gnu" "gfortran-aarch64-linux-gnu" + "gocryptfs" "htop" "iproute2" "iptables"