swmodd: Add support to pull images from registries

swmodd/Makefile

@@ -5,12 +5,12 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=swmodd
-PKG_VERSION:=2.1.8
+PKG_VERSION:=2.1.9
 
 LOCAL_DEV:=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
-PKG_SOURCE_VERSION:=f673871b6689b32d726fe633ace5f75de6d5b99f
+PKG_SOURCE_VERSION:=2941682d0e8c3a509b8e5b03e6b03609619ca542
 PKG_SOURCE_URL:=https://dev.iopsys.eu/iopsys/swmodd.git
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip
@@ -32,7 +32,7 @@ define Package/swmodd
   DEPENDS:=+libuci +libubox +ubus +libuuid +opkg +libcurl \
 	    +PACKAGE_liblxc:liblxc +@BUSYBOX_CONFIG_BUSYBOX \
 	    +@BUSYBOX_CONFIG_FEATURE_SHOW_SCRIPT +@BUSYBOX_CONFIG_SCRIPT \
-	    +swmodd-cgroup
+	    +swmodd-cgroup +jq
 endef
 
 define Package/swmodd/description

swmodd/files/etc/init.d/crun

@@ -15,7 +15,10 @@ validate_container_section() {
 		'type:string' \
 		'autostart:bool:1' \
 		'du_status:string' \
-		'requested_state:string'
+		'requested_state:string' \
+		'url:string' \
+		'username:string' \
+		'password:string'
 }
 
 is_container_running() {
@@ -24,7 +27,7 @@ is_container_running() {
 }
 
 configure_crun_container() {
-	local name type autostart du_status requested_state
+	local name type autostart du_status requested_state url username password
 	local BRIDGE BUNDLE
 	local RUNNER="/etc/swmodd/run.sh"
 
@@ -44,24 +47,50 @@ configure_crun_container() {
 		return 0;
 	fi
 
-	if [ ! -d "${BUNDLE:?}/${name:?}" ]; then
-		log "Crun container {${BUNDLE:?}/${name:?}} not available"
-		return 0;
+	if [ "${du_status}" == "Installing" ]; then
+		local result
+		log "Pull image from registry"
+		uci_set swmodd ${1} du_status Installing_start
+		uci_set swmodd ${1} username ""
+		uci_set swmodd ${1} password ""
+		result=$(${RUNNER} -b "${BUNDLE}" -n "${name}" -r "${url}" -l "${username}:${password}")
+		if [ "$?" -eq 0 ]; then
+			uci_set swmodd ${1} du_status Installing_success
+			du_status="Installed"
+		else
+			uci_set swmodd ${1} du_status Installing_failed
+			uci_set swmodd ${1} fault_string "${result}"
+			return 0;
+		fi
 	fi
 
-	if [ "${du_status}" == "Uninstalling" ] || [ "${du_status}" == "Uninstalled" ]; then
+	if [ "${du_status}" == "Uninstalling" ]; then
 		ubus call service delete "{\"name\":\"crun\",\"instance\":\"${name}\"}"
-		crun kill --all "${name}" 9
+		if is_container_running "${name}"; then
+			crun kill --all "${name}" 9
+		fi
 		${RUNNER} -c -n "${name}"
 		if [ -d "${BUNDLE:?}/${name:?}" ]; then
 			rm -rf "${BUNDLE:?}/${name:?}"
 		fi
+
+		# If directory still exists then uninstall failed
+		if [ -d "${BUNDLE}/${name}" ]; then
+			uci_set swmodd ${1} du_status Uninstalling_failed
+			uci_set swmodd ${1} fault_string "Failed to remove ${BUNDLE}/${name}"
+		else
+			uci_set swmodd ${1} du_status Uninstalling_success
+		fi
 		# Delete the uci config section after uninstall
-		uci_remove swmodd "${1}"
 		log "CRUN container ${name} removed"
 		return 0;
 	fi
 
+	if [ ! -d "${BUNDLE:?}/${name:?}" ]; then
+		log "Crun container {${BUNDLE:?}/${name:?}} not available"
+		return 0;
+	fi
+
 	if [ "${du_status}" != "Installed" ]; then
 		return 0;
 	fi
@@ -78,9 +107,11 @@ configure_crun_container() {
 		if [ "${requested_state}" == "Idle" ]; then
 			crun pause "${name}"
 		elif [ "${requested_state}" == "Active" ]; then
-			${RUNNER} -u -n "${name}" -b "${BRIDGE}"
+			${RUNNER} -u -n "${name}" -i "${BRIDGE}"
 			crun resume "${name}"
 		fi
+	else
+		${RUNNER} -U -b "${BUNDLE}" -n "${name}"
 	fi
 
         procd_open_instance "${name}"
@@ -113,6 +144,7 @@ start_service() {
 	mkdir -p "${bundle}"
 	config_foreach configure_crun_container du_eu_assoc "${bundle}" "${bridge}"
 	uci_commit
+	ubus -t 5 call swmodules reload
 }
 
 stop_service() {

swmodd/files/etc/init.d/swmodd

@@ -19,9 +19,6 @@ validate_globals_section()
 start_service() {
 	local enabled debug log_level sock bundle_root
 
-	# creating fallback shared mount-point
-	mkdir -p /tmp/swmodd_dw
-
 	config_load swmodd
 
 	validate_globals_section || {
@@ -51,17 +48,9 @@ start_service() {
 	procd_close_instance
 }
 
-stop_service() {
-	service_stop ${PROG}
-}
-
 reload_service() {
-	if ubus list swmodules >/dev/null 2>&1; then
-		ubus -t 20 call swmodules reload
-	else
-		stop
-		start
-	fi
+	stop
+	start
 }
 
 service_triggers() {

swmodd/files/etc/swmodd/run.sh

@@ -4,17 +4,23 @@ VETHNAME=""
 
 log() {
 	echo "${@}"|logger -t crun.runner -p info
+	echo "${@}"
 }
 
-if ! command -v crun >/dev/null 2>&1;then
-	log "CRUN binary not present"
-	return 1
-fi
+check_binary() {
+	if [ -z "${1}" ]; then
+		return 0;
+	fi
 
-if ! command -v script >/dev/null 2>&1;then
-	log "script not present"
-	return 1
-fi
+	if ! command -v "${1}" >/dev/null 2>&1;then
+		log "${1} not present in system"
+		exit 1
+	fi
+	return 0;
+}
+
+check_binary crun
+check_binary script
 
 get_veth_name() {
 	local name
@@ -59,6 +65,12 @@ setup_container_network() {
 	ip link set dev "${VETHNAME}" up
 	# Link with host bridge
 	brctl addif "${bridge_name}" "${VETHNAME}"
+	# Get Ip from bridge and make the link ready
+	ip netns exec "$name" udhcpc -i eth0 -x hostname:"CRUN-${name}"
+	if [ "${du_status}" != "Installed" ]; then
+		return 0;
+	fi
+
 }
 
 run_container() {
@@ -78,16 +90,104 @@ run_container() {
         script -q -c "crun run -b ${bundle}/${name} ${name}" /dev/null
 }
 
+update_network_ns() {
+    local type
+    json_select $2
+    json_get_var type type
+    if [ "${type}" == "network" ]; then
+        json_add_string path "/var/run/netns/${NAME}"
+	break;
+    fi
+    json_select ..
+}
+
+update_config_json() {
+
+	if [ ! -f "${BUNDLE:?}/${NAME:?}/config.json" ]; then
+		log "config.json not found"
+		exit 0;
+	fi
+
+	if [ -f "/usr/share/libubox/jshn.sh" ]; then
+		. /usr/share/libubox/jshn.sh
+	else
+		log "jshn.sh missing in the system"
+		exit 1;
+	fi
+	cd "${BUNDLE}/${NAME}"
+	if cat config.json |jq '.linux.namespaces[] |select (.type == "network") |.path' |grep -q ${NAME}; then
+		exit 0;
+	fi
+
+	mv config.json config_orig.json
+	json_init
+	json_load_file "config_orig.json"
+	json_select linux
+	json_for_each_item update_network_ns namespaces
+	json_dump >config.json
+}
+
+pull_image_from_registry() {
+	local temp
+
+	if [ -z "${BUNDLE}" -o -z "${NAME}" -o -z "${REGURL}" ]; then
+		log "Information missing for installation"
+		exit 1
+	fi
+
+	if [ -d "${BUNDLE}/${NAME}" ]; then
+		log "Container with same name already present"
+		exit 1
+	fi
+
+	check_binary skopeo
+	check_binary umoci
+	temp="$(mktemp -d)"
+	cd "${temp}"
+	OPTS=""
+	if [ "${#LOGIN}" -gt 3 ]; then
+		OPTS="--src-creds ${LOGIN}"
+	fi
+	# inspect and get size check system
+	# skopeo inspect --raw docker://mengel38/finalfate:latest-arm32v7 |jq '[ .layers[].size ] | add'
+	skopeo --command-timeout 4m copy ${OPTS} ${REGURL} oci:${NAME}_tmp:latest >/dev/null 2>&1
+	umoci unpack --image ${NAME}_tmp:latest ${NAME} >/dev/null 2>&1
+	rm -rf "${NAME}_tmp"
+	if [ ! -f "${NAME}/config.json" ]; then
+		log "Failed to pull the image config missing"
+		cd -
+		rm -rf "${temp}"
+		exit 1
+	fi
+
+	mv ${NAME} ${BUNDLE}/
+	if [ "$?" -ne 0 ]; then
+		log "Failed ${name} move in ${BUNDLE}"
+		cd -
+		rm -rf "${temp}"
+		rm -rf ${BUNDLE}/${NAME}
+		exit 1
+	fi
+
+	cd -
+	rm -rf "${temp}"
+	update_config_json
+}
+
 clean=0
 net_update=0
-while getopts b:n:i:cu options
+update_json=0
+while getopts b:n:i:r:l:cuU options
 do
 	case "${options}" in
 		b) BUNDLE=${OPTARG};;
 		n) NAME=${OPTARG};;
 		i) BRIDGE=${OPTARG};;
+		r) REGURL=${OPTARG};;
+		l) LOGIN=${OPTARG};;
 		c) clean=1;;
 		u) net_update=1;;
+		U) update_json=1;;
 		*) log "Invalid options";;
 	esac
 done
@@ -97,6 +197,16 @@ if [ -z "${NAME}" ]; then
 	return 0;
 fi
 
+if [ "${update_json}" -eq 1 ]; then
+	update_config_json
+	return 0;
+fi
+
+if [ -n "${REGURL}" ]; then
+	pull_image_from_registry
+	return 0;
+fi
+
 if [ "$clean" -eq 1 ]; then
 	clean_container_network "${NAME}"
 	return 0;