fix for tb.sh dies on rmdir /var/lib/mock

tb.sh create might fail to create the builder docker image.
Yum install of the mock package failed, but yum did not report
the failure because other packages in the instalation set succeeded.
A subsequent command in the dockerfile fails when it tries to
remove/relocate /var/lib/mock, but failes because it is not present.

The yum error reporting was corrected in a recent update.
But this does not address cached copies of old and broken
yum install steps that pre-date the fix.

The mock package is paricularly sensitive as it has cengn as
the only source, where as other packages have multiple sources.

One option is to force docker to not use the cache at all, which
is slow.

The second option is to change the docker file, placing the
yum command to install mock under a seperate docker RUN command.
The altered build instructions ensure that the docker cache
with the broken install can't be used.  While we are at it,
move the user/project customization steps as far down as possible
to improve cache usage.

This change implements both.

Closes-Bug: 1917901
Signed-off-by: Scott Little <scott.little@windriver.com>
Change-Id: I28041bb44af53384c00a750b7162c6c6808c4e2d

Dockerfile

@@ -59,10 +59,8 @@ RUN rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY* && \
 VOLUME /run /tmp
 
 # Download required dependencies by mirror/build processes.
-RUN groupadd -g 751 cgts && \
+RUN yum install -y \
-    echo "mock:x:751:root" >> /etc/group && \
+        anaconda \
-    echo "mockbuild:x:9001:" >> /etc/group && \
-    yum install -y anaconda \
         anaconda-runtime \
         autoconf-archive \
         autogen \
@@ -90,8 +88,6 @@ RUN groupadd -g 751 cgts && \
         lighttpd-mod_geoip \
         net-tools \
         mkisofs \
-        http://mirror.starlingx.cengn.ca/mirror/centos/epel/dl.fedoraproject.org/pub/epel/7/x86_64/Packages/m/mock-1.4.16-1.el7.noarch.rpm \
-        http://mirror.starlingx.cengn.ca/mirror/centos/epel/dl.fedoraproject.org/pub/epel/7/x86_64/Packages/m/mock-core-configs-31.6-1.el7.noarch.rpm \
         mongodb \
         mongodb-server \
         pax \
@@ -123,21 +119,26 @@ RUN groupadd -g 751 cgts && \
         vim-enhanced \
         wget
 
-# This image requires a set of scripts and helpers
+# Finally install a locked down version of mock
-# for working correctly, in this section they are
+RUN groupadd -g 751 cgts && \
-# copied inside the image.
+    echo "mock:x:751:root" >> /etc/group && \
-COPY toCOPY/finishSetup.sh /usr/local/bin
+    echo "mockbuild:x:9001:" >> /etc/group && \
-COPY toCOPY/populate_downloads.sh /usr/local/bin
+    yum install -y \
-COPY toCOPY/generate-local-repo.sh /usr/local/bin
+        http://mirror.starlingx.cengn.ca/mirror/centos/epel/dl.fedoraproject.org/pub/epel/7/x86_64/Packages/m/mock-1.4.16-1.el7.noarch.rpm \
-COPY toCOPY/generate-centos-repo.sh /usr/local/bin
+        http://mirror.starlingx.cengn.ca/mirror/centos/epel/dl.fedoraproject.org/pub/epel/7/x86_64/Packages/m/mock-core-configs-31.6-1.el7.noarch.rpm
-COPY toCOPY/lst_utils.sh /usr/local/bin
+
-COPY toCOPY/.inputrc /home/$MYUNAME/
+# mock custumizations
-COPY toCOPY/builder-constraints.txt /home/$MYUNAME/
+# forcing chroots since a couple of packages naughtily insist on network access and
+# we dont have nspawn and networks happy together.
+RUN useradd -s /sbin/nologin -u 9001 -g 9001 mockbuild && \
+    rmdir /var/lib/mock && \
+    ln -s /localdisk/loadbuild/mock /var/lib/mock && \
+    rmdir /var/cache/mock && \
+    ln -s /localdisk/loadbuild/mock-cache /var/cache/mock && \
+    echo "config_opts['use_nspawn'] = False" >> /etc/mock/site-defaults.cfg && \
+    echo "config_opts['rpmbuild_networking'] = True" >> /etc/mock/site-defaults.cfg && \
+    echo  >> /etc/mock/site-defaults.cfg
 
-# Thes are included for backward compatibility, and
-# should be removed after a reasonable time.
-COPY toCOPY/generate-cgcs-tis-repo /usr/local/bin
-COPY toCOPY/generate-cgcs-centos-repo.sh /usr/local/bin
 
 # cpan modules, installing with cpanminus to avoid stupid questions since cpan is whack
 RUN cpanm --notest Fatal && \
@@ -146,10 +147,6 @@ RUN cpanm --notest Fatal && \
     cpanm --notest XML::Parser && \
     cpanm --notest XML::Simple
 
-# pip installs
-RUN pip install -c /home/$MYUNAME/builder-constraints.txt python-subunit junitxml --upgrade && \
-    pip install -c /home/$MYUNAME/builder-constraints.txt tox --upgrade
-
 # Install repo tool
 RUN curl https://storage.googleapis.com/git-repo-downloads/repo > /usr/local/bin/repo && \
     chmod a+x /usr/local/bin/repo
@@ -161,17 +158,34 @@ RUN yum install -y golang && \
     mkdir -p ${GOPATH}/bin && \
     curl https://raw.githubusercontent.com/golang/dep/master/install.sh | sh
 
-# mock time
+# Uprev git, git-review, repo
-# forcing chroots since a couple of packages naughtily insist on network access and
+RUN yum install -y dh-autoreconf curl-devel expat-devel gettext-devel  openssl-devel perl-devel zlib-devel asciidoc xmlto docbook2X && \
-# we dont have nspawn and networks happy together.
+    cd /tmp && \
-RUN useradd -s /sbin/nologin -u 9001 -g 9001 mockbuild && \
+    wget https://github.com/git/git/archive/v2.29.2.tar.gz -O git-2.29.2.tar.gz && \
-    rmdir /var/lib/mock && \
+    tar xzvf git-2.29.2.tar.gz && \
-    ln -s /localdisk/loadbuild/mock /var/lib/mock && \
+    cd git-2.29.2 && \
-    rmdir /var/cache/mock && \
+    make configure && \
-    ln -s /localdisk/loadbuild/mock-cache /var/cache/mock && \
+    ./configure --prefix=/usr/local && \
-    echo "config_opts['use_nspawn'] = False" >> /etc/mock/site-defaults.cfg && \
+    make all doc && \
-    echo "config_opts['rpmbuild_networking'] = True" >> /etc/mock/site-defaults.cfg && \
+    make install install-doc && \
-    echo  >> /etc/mock/site-defaults.cfg
+    cd /tmp && \
+    rm -rf git-2.29.2.tar.gz git-2.29.2 && \
+    pip install git-review --upgrade
+
+# Systemd Enablement
+RUN (cd /lib/systemd/system/sysinit.target.wants/; for i in *; do [ $i == systemd-tmpfiles-setup.service ] || rm -f $i; done); \
+    rm -f /lib/systemd/system/multi-user.target.wants/*;\
+    rm -f /etc/systemd/system/*.wants/*;\
+    rm -f /lib/systemd/system/local-fs.target.wants/*; \
+    rm -f /lib/systemd/system/sockets.target.wants/*udev*; \
+    rm -f /lib/systemd/system/sockets.target.wants/*initctl*; \
+    rm -f /lib/systemd/system/basic.target.wants/*;\
+    rm -f /lib/systemd/system/anaconda.target.wants/*
+
+# pip installs
+COPY toCOPY/builder-constraints.txt /home/$MYUNAME/
+RUN pip install -c /home/$MYUNAME/builder-constraints.txt python-subunit junitxml --upgrade && \
+    pip install -c /home/$MYUNAME/builder-constraints.txt tox --upgrade
 
 # Inherited  tools for mock stuff
 # we at least need the mock_cache_unlock tool
@@ -181,6 +195,21 @@ RUN cd /opt/mock_overlay && \
     make && \
     make install
 
+# This image requires a set of scripts and helpers
+# for working correctly, in this section they are
+# copied inside the image.
+COPY toCOPY/finishSetup.sh /usr/local/bin
+COPY toCOPY/populate_downloads.sh /usr/local/bin
+COPY toCOPY/generate-local-repo.sh /usr/local/bin
+COPY toCOPY/generate-centos-repo.sh /usr/local/bin
+COPY toCOPY/lst_utils.sh /usr/local/bin
+COPY toCOPY/.inputrc /home/$MYUNAME/
+
+# Thes are included for backward compatibility, and
+# should be removed after a reasonable time.
+COPY toCOPY/generate-cgcs-tis-repo /usr/local/bin
+COPY toCOPY/generate-cgcs-centos-repo.sh /usr/local/bin
+
 #  ENV setup
 RUN echo "# Load stx-builder configuration" >> /etc/profile.d/stx-builder-conf.sh && \
     echo "if [[ -r \${HOME}/buildrc ]]; then" >> /etc/profile.d/stx-builder-conf.sh && \
@@ -232,30 +261,6 @@ RUN echo "$MYUNAME ALL=(ALL:ALL) NOPASSWD:ALL" >> /etc/sudoers && \
     sed -i "s/dir-listing.activate/#dir-listing.activate/g" /etc/lighttpd/conf.d/dirlisting.conf && \
     echo "dir-listing.activate = \"enable\"" >> /etc/lighttpd/conf.d/dirlisting.conf
 
-# Uprev git, git-review, repo
-RUN yum install -y dh-autoreconf curl-devel expat-devel gettext-devel  openssl-devel perl-devel zlib-devel asciidoc xmlto docbook2X && \
-    cd /tmp && \
-    wget https://github.com/git/git/archive/v2.29.2.tar.gz -O git-2.29.2.tar.gz && \
-    tar xzvf git-2.29.2.tar.gz && \
-    cd git-2.29.2 && \
-    make configure && \
-    ./configure --prefix=/usr/local && \
-    make all doc && \
-    make install install-doc && \
-    cd /tmp && \
-    rm -rf git-2.29.2.tar.gz git-2.29.2 && \
-    pip install git-review --upgrade
-
-# Systemd Enablement
-RUN (cd /lib/systemd/system/sysinit.target.wants/; for i in *; do [ $i == systemd-tmpfiles-setup.service ] || rm -f $i; done); \
-    rm -f /lib/systemd/system/multi-user.target.wants/*;\
-    rm -f /etc/systemd/system/*.wants/*;\
-    rm -f /lib/systemd/system/local-fs.target.wants/*; \
-    rm -f /lib/systemd/system/sockets.target.wants/*udev*; \
-    rm -f /lib/systemd/system/sockets.target.wants/*initctl*; \
-    rm -f /lib/systemd/system/basic.target.wants/*;\
-    rm -f /lib/systemd/system/anaconda.target.wants/*
-
 RUN useradd -r -u $MYUID -g cgts -m $MYUNAME && \
     ln -s /home/$MYUNAME/.ssh /mySSH && \
     rsync -av /etc/skel/ /home/$MYUNAME/

tb.sh

@@ -24,12 +24,17 @@ CMD=$1
 TC_CONTAINER_NAME=${MYUNAME}-centos-builder
 TC_CONTAINER_TAG=local/${MYUNAME}-stx-builder:7.8
 TC_DOCKERFILE=Dockerfile
+NO_CACHE=0
 
 function create_container {
     local EXTRA_ARGS=""
 
     if [ ! -z ${MY_EMAIL} ]; then
-        EXTRA_ARGS="--build-arg MY_EMAIL=${MY_EMAIL}"
+        EXTRA_ARGS+="--build-arg MY_EMAIL=${MY_EMAIL}"
+    fi
+
+    if [ $NO_CACHE -eq 1 ]; then
+        EXTRA_ARGS+=" --no-cache"
     fi
 
     docker build \
@@ -87,7 +92,7 @@ function clean_container {
 }
 
 function usage {
-    echo "$0 [create|run|exec|env|stop|kill|clean]"
+    echo "$0 [create|create_no_cache|run|exec|env|stop|kill|clean]"
 }
 
 case $CMD in
@@ -109,6 +114,10 @@ case $CMD in
     create)
         create_container
         ;;
+    create_no_cache)
+        NO_CACHE=1
+        create_container
+        ;;
     exec)
         exec_container
         ;;