diff --git a/casm/cmds/podman/systemd.py b/casm/cmds/podman/systemd.py index 7aaca65..2be444f 100644 --- a/casm/cmds/podman/systemd.py +++ b/casm/cmds/podman/systemd.py @@ -12,7 +12,7 @@ from ..service import add_pos_services -@add_command("enable", help="Enable systemd for containers") +@add_command("enable", help="Enable systemd unit for containers") def add_cmd_enable(_arg: argp): _arg.add_argument("--restart-policy", dest="restart_policy", type=str, nargs=1, metavar="STR", default=["on-failure"], @@ -37,7 +37,7 @@ def run_cmd_enable(cmds: commands) -> int: return 0 -@add_command("disable", help="Disable systemd for containers") +@add_command("disable", help="Disable systemd unit for containers") def add_cmd_disable(_arg: argp): add_pos_services(_arg) @@ -57,11 +57,31 @@ def run_cmd_disable(cmds: commands) -> int: return 0 +@add_command("guard", help="Guard systemd unit for containers") +def add_cmd_guard(_arg: argp): + add_pos_services(_arg) + + +@run_command(add_cmd_guard) +def run_cmd_guard(cmds: commands) -> int: + assemble: assemble_file = cmds.args.assemble_file + assert isinstance(assemble, assemble_file) + services: List[str] = cmds.args.services + for service in assemble.template.services: + cmds.logger.debug(f"{service.title}: {service.container_name}") + if len(services) > 0 and service.title not in services: + continue + container_name = assemble.safe_substitute(service.container_name) + cmds.logger.info(f"guard container {container_name}") + podman_container(container_name).guard_service() + return 0 + + @add_command("systemd", help="Manage systemd units") def add_cmd_systemd(_arg: argp): pass -@run_command(add_cmd_systemd, add_cmd_enable, add_cmd_disable) +@run_command(add_cmd_systemd, add_cmd_enable, add_cmd_disable, add_cmd_guard) def run_cmd_systemd(cmds: commands) -> int: return 0 diff --git a/casm/utils/podman.py b/casm/utils/podman.py index 23a4382..301241b 100644 --- a/casm/utils/podman.py +++ b/casm/utils/podman.py @@ -1,5 +1,6 @@ # coding:utf-8 +import getpass import os import shutil from typing import Any @@ -95,7 +96,7 @@ def __init__(self, container: Container): self.__container: Container = container self.__info: Dict[str, Any] = container.inspect() self.__state: Optional[podman_container_inspect.state_struct] = None - self.__host_config: Optional[podman_container_inspect.host_config_struct] = None # noqa: E501 + self.__host_config: Optional[podman_container_inspect.host_config_struct] = None # noqa:E501 @property def container(self) -> Container: @@ -130,7 +131,7 @@ def State(self) -> state_struct: @property def HostConfig(self) -> host_config_struct: if self.__host_config is None: - self.__host_config = self.host_config_struct(self.info["HostConfig"]) # noqa: E501 + self.__host_config = self.host_config_struct(self.info["HostConfig"]) # noqa:E501 return self.__host_config @@ -187,8 +188,8 @@ def generate_service(self, restart_policy: str = "on-failure", raise FileNotFoundError("podman command not found") container_inspect: podman_container_inspect = self.inspect() - mounts: List[Optional[str]] = [mountpoint(bind.split(":")[0]) for bind in # noqa: E501 - container_inspect.HostConfig.Binds if bind.startswith("/")] # noqa: E501 + mounts: List[Optional[str]] = [mountpoint(bind.split(":")[0]) for bind in # noqa:E501 + container_inspect.HostConfig.Binds if bind.startswith("/")] # noqa:E501 mountpoints: List[str] = ["/run/containers/storage"] mountpoints.extend([m for m in mounts if isinstance(m, str)]) content: str = f""" @@ -237,6 +238,14 @@ def disable_service(self) -> int: systemd_service.delete_unit(unit=self.service_unit) return 0 + def guard_service(self, interval: int = 3) -> int: + container_name: str = self.container_name + with open(f"/etc/cron.d/guard-{container_name}.sh", "w") as hdl: + username: str = getpass.getuser() + hdl.write(f"PATH={os.environ['PATH']}\n") + hdl.write(f"*/{interval} * * * * {username} cman guard ${container_name}\n") # noqa:E501 + return 0 + class podman_cmd: '''Execute podman command