xref: /cloud-hypervisor/scripts/dev_cli.sh (revision 462c58d58b9404b3dbf3ac592b6bcc33d54b357a)
1#!/bin/bash
2
3# Copyright 2018 Amazon.com, Inc. or its affiliates. All Rights Reserved.
4# Copyright © 2020 Intel Corporation
5# SPDX-License-Identifier: Apache-2.0
6
7CLI_NAME="Cloud Hypervisor"
8
9CTR_IMAGE_TAG="cloudhypervisor/dev"
10CTR_IMAGE_VERSION="v3"
11CTR_IMAGE="${CTR_IMAGE_TAG}:${CTR_IMAGE_VERSION}"
12
13DOCKER_RUNTIME="docker"
14
15# Host paths
16CLH_SCRIPTS_DIR=$(cd "$(dirname "$0")" && pwd)
17CLH_ROOT_DIR=$(cd "${CLH_SCRIPTS_DIR}/.." && pwd)
18CLH_BUILD_DIR="${CLH_ROOT_DIR}/build"
19CLH_CARGO_TARGET="${CLH_BUILD_DIR}/cargo_target"
20CLH_DOCKERFILE="${CLH_SCRIPTS_DIR}/../resources/Dockerfile"
21CLH_CTR_BUILD_DIR="/tmp/cloud-hypervisor/ctr-build"
22CLH_INTEGRATION_WORKLOADS="${HOME}/workloads"
23
24# Container paths
25CTR_CLH_ROOT_DIR="/cloud-hypervisor"
26CTR_CLH_CARGO_BUILT_DIR="${CTR_CLH_ROOT_DIR}/build"
27CTR_CLH_CARGO_TARGET="${CTR_CLH_CARGO_BUILT_DIR}/cargo_target"
28CTR_CLH_INTEGRATION_WORKLOADS="/root/workloads"
29
30# Cargo paths
31# Full path to the cargo registry dir on the host. This appears on the host
32# because we want to persist the cargo registry across container invocations.
33# Otherwise, any rust crates from crates.io would be downloaded again each time
34# we build or test.
35CARGO_REGISTRY_DIR="${CLH_BUILD_DIR}/cargo_registry"
36
37# Full path to the cargo git registry on the host. This serves the same purpose
38# as CARGO_REGISTRY_DIR, for crates downloaded from GitHub repos instead of
39# crates.io.
40CARGO_GIT_REGISTRY_DIR="${CLH_BUILD_DIR}/cargo_git_registry"
41
42# Full path to the cargo target dir on the host.
43CARGO_TARGET_DIR="${CLH_BUILD_DIR}/cargo_target"
44
45# Send a decorated message to stdout, followed by a new line
46#
47say() {
48    [ -t 1 ] && [ -n "$TERM" ] \
49        && echo "$(tput setaf 2)[$CLI_NAME]$(tput sgr0) $*" \
50        || echo "[$CLI_NAME] $*"
51}
52
53# Send a decorated message to stdout, without a trailing new line
54#
55say_noln() {
56    [ -t 1 ] && [ -n "$TERM" ] \
57        && echo -n "$(tput setaf 2)[$CLI_NAME]$(tput sgr0) $*" \
58        || echo "[$CLI_NAME] $*"
59}
60
61# Send a text message to stderr
62#
63say_err() {
64    [ -t 2 ] && [ -n "$TERM" ] \
65        && echo "$(tput setaf 1)[$CLI_NAME] $*$(tput sgr0)" 1>&2 \
66        || echo "[$CLI_NAME] $*" 1>&2
67}
68
69# Send a warning-highlighted text to stdout
70say_warn() {
71    [ -t 1 ] && [ -n "$TERM" ] \
72        && echo "$(tput setaf 3)[$CLI_NAME] $*$(tput sgr0)" \
73        || echo "[$CLI_NAME] $*"
74}
75
76# Exit with an error message and (optional) code
77# Usage: die [-c <error code>] <error message>
78#
79die() {
80    code=1
81    [[ "$1" = "-c" ]] && {
82        code="$2"
83        shift 2
84    }
85    say_err "$@"
86    exit $code
87}
88
89# Exit with an error message if the last exit code is not 0
90#
91ok_or_die() {
92    code=$?
93    [[ $code -eq 0 ]] || die -c $code "$@"
94}
95
96# Make sure the build/ dirs are available. Exit if we can't create them.
97# Upon returning from this call, the caller can be certain the build/ dirs exist.
98#
99ensure_build_dir() {
100    for dir in "$CLH_BUILD_DIR" \
101		   "$CLH_INTEGRATION_WORKLOADS" \
102		   "$CLH_CTR_BUILD_DIR" \
103		   "$CARGO_TARGET_DIR" \
104		   "$CARGO_REGISTRY_DIR" \
105		   "$CARGO_GIT_REGISTRY_DIR"; do
106        mkdir -p "$dir" || die "Error: cannot create dir $dir"
107        [ -x "$dir" ] && [ -w "$dir" ] || \
108            {
109                say "Wrong permissions for $dir. Attempting to fix them ..."
110                chmod +x+w "$dir"
111            } || \
112            die "Error: wrong permissions for $dir. Should be +x+w"
113    done
114}
115
116# Make sure we're using the latest dev container, by just pulling it.
117ensure_latest_ctr() {
118    $DOCKER_RUNTIME pull "$CTR_IMAGE"
119
120    ok_or_die "Error pulling container image. Aborting."
121}
122
123# Fix main directory permissions after a container ran as root.
124# Since the container ran as root, any files it creates will be owned by root.
125# This fixes that by recursively changing the ownership of /cloud-hypervisor to the
126# current user.
127#
128fix_dir_perms() {
129    # Yes, running Docker to get elevated privileges, just to chown some files
130    # is a dirty hack.
131    $DOCKER_RUNTIME run \
132	--workdir "$CTR_CLH_ROOT_DIR" \
133	   --rm \
134	   --volume /dev:/dev \
135	   --volume "$CLH_ROOT_DIR:$CTR_CLH_ROOT_DIR" \
136	   "$CTR_IMAGE" \
137           chown -R "$(id -u):$(id -g)" "$CTR_CLH_ROOT_DIR"
138
139    return $1
140}
141
142cmd_help() {
143    echo ""
144    echo "Cloud Hypervisor $(basename $0)"
145    echo "Usage: $(basename $0) <command> [<command args>]"
146    echo ""
147    echo "Available commands:"
148    echo ""
149    echo "    build [--debug|--release] [--libc musl|gnu] [-- [<cargo args>]]"
150    echo "        Build the Cloud Hypervisor binaries."
151    echo "        --debug               Build the debug binaries. This is the default."
152    echo "        --release             Build the release binaries."
153    echo "        --libc                Select the C library Cloud Hypervisor will be built against. Default is gnu"
154    echo ""
155    echo "    tests [--unit|--cargo|--all] [--libc musl|gnu] [-- [<cargo test args>]]"
156    echo "        Run the Cloud Hypervisor tests."
157    echo "        --unit               Run the unit tests."
158    echo "        --cargo              Run the cargo tests."
159    echo "        --integration        Run the integration tests."
160    echo "        --libc               Select the C library Cloud Hypervisor will be built against. Default is gnu"
161    echo "        --all                Run all tests."
162    echo ""
163    echo "    build-container [--type]"
164    echo "        Build the Cloud Hypervisor container."
165    echo "        --dev                Build dev container. This is the default."
166    echo ""
167    echo "    clean [<cargo args>]]"
168    echo "        Remove the Cloud Hypervisor artifacts."
169    echo ""
170    echo "    help"
171    echo "        Display this help message."
172    echo ""
173}
174
175cmd_build() {
176    build="debug"
177    libc="gnu"
178
179    while [ $# -gt 0 ]; do
180	case "$1" in
181            "-h"|"--help")  { cmd_help; exit 1;     } ;;
182            "--debug")      { build="debug";      } ;;
183            "--release")    { build="release";    } ;;
184            "--libc")
185                shift
186                [[ "$1" =~ ^(musl|gnu)$ ]] || \
187                    die "Invalid libc: $1. Valid options are \"musl\" and \"gnu\"."
188                libc="$1"
189                ;;
190            "--")           { shift; break;         } ;;
191            *)
192		die "Unknown build argument: $1. Please use --help for help."
193		;;
194	esac
195	shift
196    done
197
198    target="$(uname -m)-unknown-linux-${libc}"
199
200    cargo_args=("$@")
201    [ $build = "release" ] && cargo_args+=("--release")
202    cargo_args+=(--target "$target")
203    [ $(uname -m) = "aarch64" ] && cargo_args+=("--no-default-features")
204    [ $(uname -m) = "aarch64" ] && cargo_args+=(--features "mmio")
205
206    rustflags=""
207    if [ $(uname -m) = "aarch64" ] && [ $libc = "musl" ] ; then
208        rustflags="-C link-arg=-lgcc"
209    fi
210
211    # A workaround on Arm64 to avoid build errors in kvm-bindings
212    if [ $(uname -m) = "aarch64" ]; then
213        sed -i 's/"with-serde",\ //g' "$CLH_ROOT_DIR"/hypervisor/Cargo.toml
214    fi
215
216    $DOCKER_RUNTIME run \
217	   --user "$(id -u):$(id -g)" \
218	   --workdir "$CTR_CLH_ROOT_DIR" \
219	   --rm \
220	   --volume /dev:/dev \
221	   --volume "$CLH_ROOT_DIR:$CTR_CLH_ROOT_DIR" \
222	   --env RUSTFLAGS="$rustflags" \
223	   "$CTR_IMAGE" \
224	   cargo build \
225	         --target-dir "$CTR_CLH_CARGO_TARGET" \
226	         "${cargo_args[@]}" && say "Binaries placed under $CLH_CARGO_TARGET/$target/$build"
227}
228
229cmd_clean() {
230    cargo_args=("$@")
231
232    $DOCKER_RUNTIME run \
233	   --user "$(id -u):$(id -g)" \
234	   --workdir "$CTR_CLH_ROOT_DIR" \
235	   --rm \
236	   --volume "$CLH_ROOT_DIR:$CTR_CLH_ROOT_DIR" \
237	   "$CTR_IMAGE" \
238	   cargo clean \
239	         --target-dir "$CTR_CLH_CARGO_TARGET" \
240	         "${cargo_args[@]}"
241    }
242
243cmd_tests() {
244    unit=false
245    cargo=false
246    integration=false
247    libc="gnu"
248
249    while [ $# -gt 0 ]; do
250	case "$1" in
251            "-h"|"--help")           { cmd_help; exit 1;     } ;;
252            "--unit")                { unit=true;      } ;;
253            "--cargo")               { cargo=true;    } ;;
254            "--integration")         { integration=true;    } ;;
255            "--libc")
256                shift
257                [[ "$1" =~ ^(musl|gnu)$ ]] || \
258                    die "Invalid libc: $1. Valid options are \"musl\" and \"gnu\"."
259                libc="$1"
260                ;;
261	    "--all")                 { cargo=true; unit=true; integration=true;  } ;;
262            "--")                    { shift; break;         } ;;
263            *)
264		die "Unknown tests argument: $1. Please use --help for help."
265		;;
266	esac
267	shift
268    done
269
270    target="$(uname -m)-unknown-linux-${libc}"
271    cflags=""
272    target_cc=""
273    if [[ "$target" == "x86_64-unknown-linux-musl" ]]; then
274	target_cc="musl-gcc"
275	cflags="-I /usr/include/x86_64-linux-musl/ -idirafter /usr/include/"
276    fi
277
278    if [ "$unit" = true ] ;  then
279	say "Running unit tests for $target..."
280	$DOCKER_RUNTIME run \
281	       --workdir "$CTR_CLH_ROOT_DIR" \
282	       --rm \
283	       --device /dev/kvm \
284	       --device /dev/net/tun \
285	       --cap-add net_admin \
286	       --volume "$CLH_ROOT_DIR:$CTR_CLH_ROOT_DIR" \
287	       --env BUILD_TARGET="$target" \
288	       --env CFLAGS="$cflags" \
289	       --env TARGET_CC="$target_cc" \
290	       "$CTR_IMAGE" \
291	       ./scripts/run_unit_tests.sh "$@" || fix_dir_perms $? || exit $?
292    fi
293
294    if [ "$cargo" = true ] ;  then
295	say "Running cargo tests..."
296	$DOCKER_RUNTIME run \
297	       --workdir "$CTR_CLH_ROOT_DIR" \
298	       --rm \
299	       --volume "$CLH_ROOT_DIR:$CTR_CLH_ROOT_DIR" \
300	       "$CTR_IMAGE" \
301	       ./scripts/run_cargo_tests.sh || fix_dir_perms $? || exit $?
302    fi
303
304    if [ "$integration" = true ] ;  then
305	say "Running integration tests for $target..."
306	$DOCKER_RUNTIME run \
307	       --workdir "$CTR_CLH_ROOT_DIR" \
308	       --rm \
309	       --privileged \
310	       --security-opt seccomp=unconfined \
311	       --ipc=host \
312	       --net=host \
313	       --mount type=tmpfs,destination=/tmp \
314	       --volume /dev:/dev \
315	       --volume "$CLH_ROOT_DIR:$CTR_CLH_ROOT_DIR" \
316	       --volume "$CLH_INTEGRATION_WORKLOADS:$CTR_CLH_INTEGRATION_WORKLOADS" \
317	       --env USER="root" \
318	       --env CH_LIBC="${libc}" \
319	       "$CTR_IMAGE" \
320	       ./scripts/run_integration_tests.sh "$@" || fix_dir_perms $? || exit $?
321    fi
322
323    fix_dir_perms $?
324}
325
326cmd_build-container() {
327    container_type="dev"
328
329    while [ $# -gt 0 ]; do
330	case "$1" in
331            "-h"|"--help")  { cmd_help; exit 1;     } ;;
332            "--dev")        { container_type="dev"; } ;;
333            "--")           { shift; break;         } ;;
334            *)
335		die "Unknown build-container argument: $1. Please use --help for help."
336		;;
337	esac
338	shift
339    done
340
341    BUILD_DIR=/tmp/cloud-hypervisor/container/
342
343    mkdir -p $BUILD_DIR
344    cp $CLH_DOCKERFILE $BUILD_DIR
345
346    $DOCKER_RUNTIME build \
347	   --target $container_type \
348	   -t $CTR_IMAGE \
349	   -f $BUILD_DIR/Dockerfile \
350	   --build-arg TARGETARCH="$(uname -m)" \
351	   $BUILD_DIR
352}
353
354# Parse main command line args.
355#
356while [ $# -gt 0 ]; do
357    case "$1" in
358        -h|--help)              { cmd_help; exit 1;     } ;;
359        -y|--unattended)        { OPT_UNATTENDED=true;  } ;;
360        -*)
361            die "Unknown arg: $1. Please use \`$0 help\` for help."
362            ;;
363        *)
364            break
365            ;;
366    esac
367    shift
368done
369
370# $1 is now a command name. Check if it is a valid command and, if so,
371# run it.
372#
373declare -f "cmd_$1" > /dev/null
374ok_or_die "Unknown command: $1. Please use \`$0 help\` for help."
375
376cmd=cmd_$1
377shift
378
379ensure_build_dir
380if [ $(uname -m) = "x86_64" ]; then
381    ensure_latest_ctr
382fi
383
384# Before a public image for AArch64 ready, we build the container if needed.
385if [ $(uname -m) = "aarch64" ]; then
386    cmd_build-container
387fi
388
389$cmd "$@"
390