diff --git a/.kokoro/docker/Dockerfile b/.kokoro/docker/Dockerfile index 29e176ab18d5..d4450eebf402 100644 --- a/.kokoro/docker/Dockerfile +++ b/.kokoro/docker/Dockerfile @@ -94,19 +94,12 @@ RUN curl https://packages.microsoft.com/keys/microsoft.asc | apt-key add - \ && rm -rf /var/lib/apt/lists/* \ && rm -f /var/cache/apt/archives/*.deb +COPY fetch_gpg_keys.sh /tmp # Install the desired versions of Python. RUN set -ex \ && export GNUPGHOME="$(mktemp -d)" \ && echo "disable-ipv6" >> "${GNUPGHOME}/dirmngr.conf" \ - && gpg --keyserver ha.pool.sks-keyservers.net --recv-keys \ - # 2.7.17 (Benjamin Peterson) - C01E1CAD5EA2C4F0B8E3571504C367C218ADD4FF \ - # 3.4.10, 3.5.9 (Larry Hastings) - 97FC712E4C024BBEA48A61ED3A5CA953F73C700D \ - # 3.6.9, 3.7.5 (Ned Deily) - 0D96DF4D4110E5C43FBFB17F2D347EA6AA65421D \ - # 3.8.0 (Łukasz Langa) - E3FF2839C048B25C084DEBE9B26995E310250568 \ + && /tmp/fetch_gpg_keys.sh \ && for PYTHON_VERSION in 2.7.18 3.6.10 3.7.7 3.8.3; do \ wget --no-check-certificate -O python-${PYTHON_VERSION}.tar.xz "https://www.python.org/ftp/python/${PYTHON_VERSION%%[a-z]*}/Python-$PYTHON_VERSION.tar.xz" \ && wget --no-check-certificate -O python-${PYTHON_VERSION}.tar.xz.asc "https://www.python.org/ftp/python/${PYTHON_VERSION%%[a-z]*}/Python-$PYTHON_VERSION.tar.xz.asc" \ diff --git a/.kokoro/docker/fetch_gpg_keys.sh b/.kokoro/docker/fetch_gpg_keys.sh new file mode 100755 index 000000000000..bec72f622d26 --- /dev/null +++ b/.kokoro/docker/fetch_gpg_keys.sh @@ -0,0 +1,49 @@ +#!/bin/bash +# Copyright 2020 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# A script to fetch gpg keys with retry. + +function retry { + if [[ "${#}" -le 1 ]]; then + echo "Usage: ${0} retry_count commands.." + exit 1 + fi + local retries=${1} + local command="${@:2}" + until [[ "${retries}" -le 0 ]]; do + $command && return 0 + if [[ $? -ne 0 ]]; then + echo "command failed, retrying" + ((retries--)) + fi + done + return 1 +} + +# 2.7.17 (Benjamin Peterson) +retry 3 gpg --keyserver ha.pool.sks-keyservers.net --recv-keys \ + C01E1CAD5EA2C4F0B8E3571504C367C218ADD4FF + +# 3.4.10, 3.5.9 (Larry Hastings) +retry 3 gpg --keyserver ha.pool.sks-keyservers.net --recv-keys \ + 97FC712E4C024BBEA48A61ED3A5CA953F73C700D + +# 3.6.9, 3.7.5 (Ned Deily) +retry 3 gpg --keyserver ha.pool.sks-keyservers.net --recv-keys \ + 0D96DF4D4110E5C43FBFB17F2D347EA6AA65421D + +# 3.8.0 (Łukasz Langa) +retry 3 gpg --keyserver ha.pool.sks-keyservers.net --recv-keys \ + E3FF2839C048B25C084DEBE9B26995E310250568 diff --git a/.kokoro/trampoline_v2.sh b/.kokoro/trampoline_v2.sh index 69477e91df67..d43cb3956f27 100755 --- a/.kokoro/trampoline_v2.sh +++ b/.kokoro/trampoline_v2.sh @@ -120,15 +120,16 @@ PROGRAM_PATH="$(realpath "$0")" PROGRAM_DIR="$(dirname "${PROGRAM_PATH}")" PROJECT_ROOT="$(repo_root "${PROGRAM_DIR}")" -RUNNING_IN_CI="false" -TRAMPOLINE_V2="true" +RUNNING_IN_CI="${RUNNING_IN_CI:-false}" +TRAMPOLINE_VERSION="2.0.0" # The workspace in the container, defaults to /workspace. TRAMPOLINE_WORKSPACE="${TRAMPOLINE_WORKSPACE:-/workspace}" -# If it's running on Kokoro, RUNNING_IN_CI will be true and -# TRAMPOLINE_CI is set to 'kokoro'. Both envvars will be passing down -# to the container for telling which CI system we're in. +# Detect which CI systems we're in. If we're in any of the CI systems +# we support, `RUNNING_IN_CI` will be true and `TRAMPOLINE_CI` will be +# the name of the CI system. Both envvars will be passing down to the +# container for telling which CI system we're in. if [[ -n "${KOKORO_BUILD_ID:-}" ]]; then # descriptive env var for indicating it's on CI. RUNNING_IN_CI="true" @@ -137,6 +138,9 @@ if [[ -n "${KOKORO_BUILD_ID:-}" ]]; then log_yellow "Configuring Container Registry access" gcloud auth list gcloud auth configure-docker --quiet +elif [[ "${TRAVIS:-}" == "true" ]]; then + RUNNING_IN_CI="true" + TRAMPOLINE_CI="travis" fi # Configure the service account for pulling the docker image. @@ -171,8 +175,8 @@ pass_down_envvars=( "RUNNING_IN_CI" # Indicates which CI system we're in. "TRAMPOLINE_CI" - # Indicates we're running trampoline_v2. - "TRAMPOLINE_V2" + # Indicates the version of the script. + "TRAMPOLINE_VERSION" # KOKORO dynamic variables. "KOKORO_BUILD_NUMBER" "KOKORO_BUILD_ID" @@ -249,12 +253,28 @@ if [[ "${TRAMPOLINE_DOCKERFILE:-none}" != "none" ]]; then if [[ "${TRAMPOLINE_SHOW_COMMAND:-false}" == "true" ]]; then echo "docker build" "${docker_build_flags[@]}" "${context_dir}" fi - if docker build "${docker_build_flags[@]}" "${context_dir}"; then - log_green "Finished building the docker image." - update_cache="true" + + # ON CI systems, we want to suppress docker build logs, only + # output the logs when it fails. + if [[ "${RUNNING_IN_CI:-}" == "true" ]]; then + if docker build "${docker_build_flags[@]}" "${context_dir}" \ + > "${tmpdir}/docker_build.log" 2>&1; then + log_green "Finished building the docker image." + update_cache="true" + else + log_red "Failed to build the Docker image, aborting." + log_yellow "Dumping the build logs:" + cat "${tmpdir}/docker_build.log" + exit 1 + fi else - log_red "Failed to build the Docker image. Aborting." - exit 1 + if docker build "${docker_build_flags[@]}" "${context_dir}"; then + log_green "Finished building the docker image." + update_cache="true" + else + log_red "Failed to build the Docker image, aborting." + exit 1 + fi fi else if [[ "${has_cache}" != "true" ]]; then