-
Notifications
You must be signed in to change notification settings - Fork 31
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
chore: ipython shell in a Docker container
Initial support for running ipython shell as a docker compose service that connects to other services running locally.
- Loading branch information
Showing
13 changed files
with
347 additions
and
161 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,5 @@ | ||
# Local files with development scretes. | ||
/secrets/ | ||
|
||
# Home in the container | ||
/home/ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,47 @@ | ||
#!/bin/sh | ||
|
||
set -eu | ||
|
||
self="$(realpath "$0")" | ||
secrets="${self%/*}/secrets" | ||
|
||
test -d "$secrets" || { | ||
echo "Creating $secrets directory" >&2 | ||
mkdir -m 0700 "$secrets" | ||
} | ||
|
||
f="$secrets/payments-test.json" | ||
test -s "$f" || { | ||
echo "The file with configuration keys $f does not exist or empty, please obtain it" | ||
exit 1 | ||
} | ||
|
||
# We need to generate ED25519 key in PEM format and its public key in OpenSSH | ||
# format. Unfortunately ssh-keygen released only 2024 supports. So use a | ||
# workaround. | ||
|
||
pem="$secrets/payment-test-operator.pem" | ||
test -s "$pem" || { | ||
echo "ED25519 private key file $pem does not exist, generating it" >&2 | ||
x="$(command -v openssl 2>/dev/null || :)" | ||
test "$x" || { | ||
echo "openssl tool does not exist, please install it. On Debian-based system use:" >&2 | ||
echo " apt install openssl" >&2 | ||
exit 1 | ||
} | ||
rm -f "$pem.tmp" | ||
openssl genpkey -algorithm ed25519 > "$pem.tmp" | ||
mv "$pem.tmp" "$pem" | ||
} | ||
pub="${pem%.pem}.pub" | ||
test -s "$pub" || { | ||
echo "ED25519 public key file $pub does not exist, producing it from" >&2 | ||
x="$(command -v sshpk-conv 2>/dev/null || :)" | ||
test "$x" || { | ||
echo "sshpk-conv utility does not exist, please install it. On Debian-based system use:" >&2 | ||
echo " apt install node-sshpk" >&2 | ||
exit 1 | ||
} | ||
sshpk-conv -T pem -t ssh -f "$pem" -o "$pub" | ||
} | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,37 @@ | ||
#!/bin/sh | ||
|
||
# Helper to sync the container user with the id of the owner of workspace and | ||
# then run the command as that user. | ||
|
||
set -eu | ||
|
||
workspace_uid_gid="$(stat -c %u:%g /workspace)" | ||
uid="${workspace_uid_gid%:*}" | ||
gid="${workspace_uid_gid#*:}" | ||
|
||
h="/workspace/local-dev/home" | ||
|
||
if ! test -h /home/user; then | ||
# The user in the container not yet adjusted | ||
groupmod -g "$gid" user | ||
usermod -u "$uid" user | ||
|
||
# Updating files inside /workspace may race with other containers. So to | ||
# copy skeleton first copy it to a temporeary location and then move | ||
# atomically. | ||
if ! test -d "$h"; then | ||
echo "Creating $h" >&2 | ||
chown -R user:user /home/user | ||
tmp="$(mktemp -u -p "${h%/*}")" | ||
cp -a /home/user "$tmp" || { rm -rf "$tmp"; exit 1; } | ||
mv "$tmp" "$h" || { rm -rf "$tmp"; exit 1; } | ||
fi | ||
rm -rf /home/user | ||
ln -s "$h" /home/user | ||
fi | ||
|
||
# We want to keep the current environmnet for the subprocess so we do not use | ||
# --reset-env with setprov. Rather we just fixup few variables using env. | ||
exec setpriv --init-groups --regid "$gid" --reuid "$uid" --no-new-privs \ | ||
env HOME="$h" SHELL=/usr/bin/bash USER=user LOGNAME=user \ | ||
PATH=/usr/local/bin:/usr/bin "$@" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,36 @@ | ||
#!/bin/sh | ||
|
||
# Helper to run a command with its arguments until the timestamp of its | ||
# executable changes. | ||
|
||
set -eu | ||
|
||
target="$1" | ||
|
||
test -x "$1" || { | ||
echo "The argument $1 is not an executable" >&2 | ||
exit 1 | ||
} | ||
|
||
monitor() { | ||
local modification_time t | ||
modification_time="$(stat -c "%Y" "$target")" | ||
while :; do | ||
sleep 1 | ||
t="$(stat -c "%Y" "$target")" | ||
if test "$t" -ne "$modification_time"; then | ||
echo "Newer $target is detected, restarting" >&2 | ||
kill "$$" | ||
sleep 0.5 | ||
kill -9 "$$" | ||
fi | ||
done | ||
} | ||
|
||
monitor & | ||
|
||
bar="======================================================================" | ||
t="$(date '+%Y-%m-%d %H:%M:%S')" | ||
printf '%s\n[%s] Running\n[%s] %s\n%s\n' "$bar" "$t" "$t" "$*" "$bar" >&2 | ||
|
||
exec "$@" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.