diff --git a/src/vscode-docker/.devcontainer.json b/src/vscode-docker/.devcontainer.json index 7a57f43c..e9e8bf33 100644 --- a/src/vscode-docker/.devcontainer.json +++ b/src/vscode-docker/.devcontainer.json @@ -5,7 +5,7 @@ "shutdownAction": "none", "workspaceFolder": "/workspace", "postCreateCommand": - "./startupscript/post-startup.sh abc /config \"${templateOption:cloud}\" \"${templateOption:login}\"", + "./startupscript/post-startup.sh abc /config \"${templateOption:cloud}\" \"${templateOption:login}\"; bash ./create-cortex-config.sh /config; bash ./install-cortex-cli.sh", // re-mount bucket files on container start up "postStartCommand": [ "./startupscript/remount-on-restart.sh", diff --git a/src/vscode-docker/Dockerfile b/src/vscode-docker/Dockerfile index 98e0e657..2194a26e 100644 --- a/src/vscode-docker/Dockerfile +++ b/src/vscode-docker/Dockerfile @@ -56,12 +56,11 @@ RUN wget https://go.dev/dl/go1.23.5.linux-amd64.tar.gz && \ rm go1.23.5.linux-amd64.tar.gz # Install gh (GitHub CLI version 2.86.0) -RUN curl -fsSL https://cli.github.com/packages/githubcli-archive-keyring.gpg | dd of=/usr/share/keyrings/githubcli-archive-keyring.gpg && \ - chmod go+r /usr/share/keyrings/githubcli-archive-keyring.gpg && \ - echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/githubcli-archive-keyring.gpg] https://cli.github.com/packages stable main" | tee /etc/apt/sources.list.d/github-cli.list > /dev/null && \ - apt-get update && \ - apt-get install -y gh=2.86.0 && \ - rm -rf /var/lib/apt/lists/* +ARG GH_CLI_VERSION=2.86.0 +RUN curl -L "https://github.com/cli/cli/releases/download/v${GH_CLI_VERSION}/gh_${GH_CLI_VERSION}_linux_amd64.tar.gz" -o gh.tar.gz && \ + tar -xzf gh.tar.gz && \ + mv gh_${GH_CLI_VERSION}_linux_amd64/bin/gh /usr/local/bin/ && \ + rm -rf gh.tar.gz gh_${GH_CLI_VERSION}_linux_amd64 # Install uv (Python package manager version 0.9.27) RUN curl -LsSf https://astral.sh/uv/0.9.27/install.sh | sh && \ @@ -69,8 +68,8 @@ RUN curl -LsSf https://astral.sh/uv/0.9.27/install.sh | sh && \ mv $HOME/.local/bin/uvx /usr/local/bin/ # Set up environment variables -ENV PATH="/usr/local/go/bin:${PATH}" ENV GOPATH="/config/go" +ENV PATH="/usr/local/go/bin:${GOPATH}/bin:${PATH}" ENV GOPRIVATE="github.com/verily-src/*" ENV SUDO_PASSWORD="pwd" diff --git a/src/vscode-docker/create-cortex-config.sh b/src/vscode-docker/create-cortex-config.sh new file mode 100644 index 00000000..9579daed --- /dev/null +++ b/src/vscode-docker/create-cortex-config.sh @@ -0,0 +1,86 @@ +#!/bin/bash + +# create-cortex-config.sh +# +# Creates cortex.yaml configuration file in the container user's home directory +# This script runs inside the container and attempts to retrieve GCP metadata + +set -o errexit +set -o nounset +set -o pipefail + +# Wait for metadata server to be ready +echo "Waiting 5 seconds for metadata server to be ready..." +sleep 5 + +if [[ $# -ne 1 ]]; then + echo "Usage: $0 " + exit 1 +fi + +readonly HOME_DIR="${1}" +readonly CORTEX_CONFIG_PATH="${HOME_DIR}/cortex.yaml" + +echo "Creating cortex.yaml configuration..." + +# Try to get GCP project ID from metadata server +# Note: This may not work from inside the container depending on network configuration +GCP_PROJECT_ID="" +GCP_REGION="" + +if GCP_PROJECT_ID=$(curl --retry 3 --max-time 5 -s -f \ + -H "Metadata-Flavor: Google" \ + "http://metadata.google.internal/computeMetadata/v1/project/project-id" 2>/dev/null); then + echo "Successfully retrieved GCP project ID: ${GCP_PROJECT_ID}" + + # Also try to get the region + if ZONE=$(curl --retry 3 --max-time 5 -s -f \ + -H "Metadata-Flavor: Google" \ + "http://metadata.google.internal/computeMetadata/v1/instance/zone" 2>/dev/null); then + GCP_REGION=$(echo "${ZONE}" | awk -F'/' '{print $4}' | sed 's/-[^-]*$//') + echo "Successfully retrieved GCP region: ${GCP_REGION}" + fi +else + echo "Warning: Could not retrieve GCP project ID from metadata server" + echo "The metadata server may not be accessible from inside the container" + + # Check if gcloud is available and authenticated as a fallback + if command -v gcloud &> /dev/null; then + if GCP_PROJECT_ID=$(gcloud config get-value project 2>/dev/null) && [[ -n "${GCP_PROJECT_ID}" ]]; then + echo "Retrieved project ID from gcloud config: ${GCP_PROJECT_ID}" + GCP_REGION=$(gcloud config get-value compute/region 2>/dev/null || echo "") + fi + fi +fi + +# Create the cortex.yaml file +if [[ -n "${GCP_PROJECT_ID}" ]]; then + cat > "${CORTEX_CONFIG_PATH}" << EOF +# Cortex configuration +# Generated on $(date -u +"%Y-%m-%d %H:%M:%S UTC") +gcp_project_id: ${GCP_PROJECT_ID} +gcp_region: ${GCP_REGION:-UNKNOWN} +profiles_repo: shared-artifacts-a2hhlz +EOF + + echo "cortex.yaml created successfully at ${CORTEX_CONFIG_PATH}" + cat "${CORTEX_CONFIG_PATH}" +else + echo "Warning: Could not determine GCP project ID" + echo "Creating cortex.yaml with placeholder values" + cat > "${CORTEX_CONFIG_PATH}" << EOF +# Cortex configuration +# Generated on $(date -u +"%Y-%m-%d %H:%M:%S UTC") +# WARNING: Could not automatically determine GCP project ID +gcp_project_id: "UNKNOWN" +gcp_region: "UNKNOWN" +profiles_repo: shared-artifacts-a2hhlz +# Please update this file with the correct values +EOF + echo "cortex.yaml created with placeholder at ${CORTEX_CONFIG_PATH}" +fi + +# Ensure proper ownership +if [[ -f "${CORTEX_CONFIG_PATH}" ]]; then + chmod 644 "${CORTEX_CONFIG_PATH}" +fi diff --git a/src/vscode-docker/install-cortex-cli.sh b/src/vscode-docker/install-cortex-cli.sh new file mode 100644 index 00000000..a64d5000 --- /dev/null +++ b/src/vscode-docker/install-cortex-cli.sh @@ -0,0 +1,85 @@ +#!/bin/bash + +# install-cortex-cli.sh +# +# Installs cortex-cli from the verily1 monorepo if it exists +# This script runs inside the container after the postCreateCommand + +set -o errexit +set -o nounset +set -o pipefail + +echo "Checking for verily1 monorepo..." + +# Check multiple possible locations for verily1 repo +VERILY1_PATH="" +for path in "/workspace/repos/verily1" "/config/repos/verily1" "$HOME/repos/verily1"; do + if [[ -d "${path}" ]]; then + VERILY1_PATH="${path}" + break + fi +done + +if [[ -z "${VERILY1_PATH}" ]]; then + echo "verily1 repository not found in any of the expected locations:" + echo " - /workspace/repos/verily1" + echo " - /config/repos/verily1" + echo " - \$HOME/repos/verily1" + echo "Skipping cortex-cli installation" + exit 0 +fi + +readonly VERILY1_PATH + +echo "Found verily1 repository at ${VERILY1_PATH}" + +# Verify Go is installed +if ! command -v go &> /dev/null; then + echo "Error: Go is not installed or not in PATH" + exit 1 +fi + +echo "Go version: $(go version)" + +# Set up Go environment if not already set +export GOPATH="${GOPATH:-/config/go}" +export PATH="${PATH}:${GOPATH}/bin" + +echo "GOPATH: ${GOPATH}" +echo "Installing cortex-cli..." + +# Navigate to verily1 and install cortex-cli +cd "${VERILY1_PATH}" + +if [[ ! -d "cortex/tools/cortex-cli" ]]; then + echo "Error: cortex-cli source not found at cortex/tools/cortex-cli" + exit 1 +fi + +# Install cortex-cli as user abc (where SSH keys are configured) +# Use the same pattern as post-startup.sh: sudo -u USER bash -l -c +echo "Installing cortex-cli as user abc (root doesn't have SSH keys)..." +echo "GOPATH is set to: ${GOPATH}" +echo "Running go install with verbose output..." + +# Use sudo instead of su - matches the RUN_AS_LOGIN_USER pattern from post-startup.sh +if sudo -u abc bash -l -c "cd ${VERILY1_PATH} && export GOPATH=${GOPATH} && export PATH=/usr/local/go/bin:${GOPATH}/bin:\$PATH && go install -v ./cortex/tools/cortex-cli"; then + echo "cortex-cli installed successfully to ${GOPATH}/bin/cortex-cli" + + # Verify installation + if [[ -f "${GOPATH}/bin/cortex-cli" ]]; then + echo "Verifying cortex-cli installation..." + "${GOPATH}/bin/cortex-cli" --help || echo "cortex-cli binary exists but --help failed" + else + echo "Warning: cortex-cli binary not found at expected location ${GOPATH}/bin/cortex-cli" + echo "Checking if it installed elsewhere..." + find /config -name "cortex-cli" 2>/dev/null || echo "cortex-cli not found in /config" + fi +else + EXIT_CODE=$? + echo "Error: Failed to install cortex-cli (exit code: ${EXIT_CODE})" + echo "Error output should be visible above" + exit 1 +fi + +echo "cortex-cli installation complete"