internal/app: modularise outcome finalise

This is the initial effort of splitting up host and container side of finalisation for params to shim. The new layout also enables much finer grained unit testing of each step, as well as partition access to per-app state for each step. Signed-off-by: Ophestra <cat@gensokyo.uk>
2025-10-05 02:42:41 +09:00
parent 9462af08f3
commit eb5ee4fece
18 changed files with 1152 additions and 700 deletions
--- a/internal/app/sptmpdir.go
+++ b/internal/app/sptmpdir.go
@@ -0,0 +1,33 @@
+package app
+
+import (
+	"hakurei.app/container"
+	"hakurei.app/hst"
+	"hakurei.app/system"
+	"hakurei.app/system/acl"
+)
+
+// spTmpdirOp sets up TMPDIR inside the container.
+type spTmpdirOp struct{}
+
+func (s spTmpdirOp) toSystem(state *outcomeStateSys, _ *hst.Config) error {
+	tmpdir, tmpdirInst := s.commonPaths(state.outcomeState)
+	state.sys.Ensure(tmpdir, 0700)
+	state.sys.UpdatePermType(system.User, tmpdir, acl.Execute)
+	state.sys.Ensure(tmpdirInst, 01700)
+	state.sys.UpdatePermType(system.User, tmpdirInst, acl.Read, acl.Write, acl.Execute)
+	return nil
+}
+
+func (s spTmpdirOp) toContainer(state *outcomeStateParams) error {
+	// mount inner /tmp from share so it shares persistence and storage behaviour of host /tmp
+	_, tmpdirInst := s.commonPaths(state.outcomeState)
+	state.params.Bind(tmpdirInst, container.AbsFHSTmp, container.BindWritable)
+	return nil
+}
+
+func (s spTmpdirOp) commonPaths(state *outcomeState) (tmpdir, tmpdirInst *container.Absolute) {
+	tmpdir = state.sc.SharePath.Append("tmpdir")
+	tmpdirInst = tmpdir.Append(state.identity.String())
+	return
+}