docker-puppet.py: only create docker-puppet.sh when it doesn't exist

In docker-puppet.py, we only create docker-puppet.sh script if it doesn't exist yet. It's not useful to re-create it and it can be dangerous to regenerate the script while docker-puppet.py is running, since we bind mount the script to the containers. It's possible that during a multi-process task, the script changes and then the entrypoint fails to run correctly if the interpreter is not present in the script. This patch makes sure that we create the script only when needed, and also that we remove it before running docker-puppet.py, which will be useful when doing clean deployments or upgrades. Context: https://github.com/containers/libpod/issues/1844 Change-Id: I0ac69adb47f59a9ca82764b5537532014a782913
2019-01-08 21:47:00 -05:00 · 2019-01-08 21:47:00 -05:00 · d8ee4b9e73
parent d71c8b4aaa
commit d8ee4b9e73
2 changed files with 120 additions and 110 deletions
--- a/common/deploy-steps-tasks.yaml
+++ b/common/deploy-steps-tasks.yaml
@ -121,6 +121,15 @@
            - container_config
            - container_config_tasks

+        - name: Delete existing /var/lib/docker-puppet/docker-puppet.sh
+          file:
+            path: /var/lib/docker-puppet/docker-puppet.sh
+            state: absent
+          tags:
+            - container_config
+          ignore_errors: true
+          check_mode: no
+
        - name: Delete existing /var/lib/docker-puppet/check-mode for check mode
          file:
            path: /var/lib/docker-puppet/check-mode
--- a/docker/docker-puppet.py
+++ b/docker/docker-puppet.py
@ -257,7 +257,8 @@ for service in (json_data or []):

 log.info('Service compilation completed.')

-with open(sh_script, 'w') as script_file:
+if not os.path.exists(sh_script):
+    with open(sh_script, 'w') as script_file:
        os.chmod(script_file.name, 0o755)
        script_file.write("""#!/bin/bash
        set -ex