mirror of
https://github.com/yu-i-i/overleaf-cep.git
synced 2026-05-23 17:19:37 +02:00
Sandboxed Compiles: support configurable texlive image root via env var
This commit is contained in:
yu-i-i
@@ -29,7 +29,7 @@ The CLSI can be configured through the following environment variables:
|
||||
- `PROCESS_LIFE_SPAN_LIMIT_MS` - Process life span limit in milliseconds
|
||||
- `SMOKE_TEST` - Whether to run smoke tests
|
||||
- `TEXLIVE_IMAGE` - The TeX Live Docker image to use for sibling containers, e.g. `us-east1-docker.pkg.dev/overleaf-ops/ol-docker/texlive-full:2025.1`
|
||||
- `TEX_LIVE_IMAGE_NAME_OVERRIDE` - The name of the registry for the Docker image e.g. `us-east1-docker.pkg.dev/overleaf-ops/ol-docker`
|
||||
- `TEX_LIVE_DOCKER_IMAGE_ROOT` - The name of the registry for the Docker image e.g. `us-east1-docker.pkg.dev/overleaf-ops/ol-docker`
|
||||
- `TEXLIVE_IMAGE_USER` - When using sibling containers, the user to run as in the TeX Live image. Defaults to `tex`
|
||||
- `TEXLIVE_OPENOUT_ANY` - Sets the `openout_any` environment variable for TeX Live (see the `\openout` primitive [documentation](http://tug.org/texinfohtml/web2c.html#tex-invocation))
|
||||
|
||||
|
||||
@@ -131,7 +131,7 @@ function compile(req, res, next) {
|
||||
compiler: request.compiler,
|
||||
draft: request.draft,
|
||||
imageName: request.imageName
|
||||
? request.imageName
|
||||
? Path.basename(request.imageName)
|
||||
: undefined,
|
||||
rootResourcePath: request.rootResourcePath,
|
||||
stopOnFirstError: request.stopOnFirstError,
|
||||
|
||||
@@ -41,8 +41,8 @@ const DockerRunner = {
|
||||
}
|
||||
|
||||
if (Settings.texliveImageNameOveride != null) {
|
||||
const img = image.split('/')
|
||||
image = `${Settings.texliveImageNameOveride}/${img[2]}`
|
||||
const img = Path.basename(image)
|
||||
image = `${Settings.texliveImageNameOveride}/${img}`
|
||||
}
|
||||
|
||||
if (compileGroup === 'synctex-output') {
|
||||
@@ -238,6 +238,7 @@ const DockerRunner = {
|
||||
const match = image.match(/:([0-9]+)\.[0-9]+|:TL([0-9]+)/)
|
||||
// the rolling build does not follow our <year>.<version>.<patch> convention
|
||||
const year = match ? match[1] || match[2] : 'rolling'
|
||||
|
||||
env.PATH = `/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/local/texlive/${year}/bin/x86_64-linux/`
|
||||
const options = {
|
||||
Cmd: command,
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
clsi
|
||||
--data-dirs=cache,compiles,output
|
||||
--dependencies=
|
||||
--env-add=ENABLE_PDF_CACHING="true",PDF_CACHING_ENABLE_WORKER_POOL="true",ALLOWED_IMAGES=quay.io/sharelatex/texlive-full:2025.1,TEXLIVE_IMAGE=quay.io/sharelatex/texlive-full:2025.1,TEX_LIVE_IMAGE_NAME_OVERRIDE=us-east1-docker.pkg.dev/overleaf-ops/ol-docker,TEXLIVE_IMAGE_USER="tex",SANDBOXED_COMPILES="true",SANDBOXED_COMPILES_HOST_DIR_COMPILES=$PWD/compiles,SANDBOXED_COMPILES_HOST_DIR_OUTPUT=$PWD/output
|
||||
--env-add=ENABLE_PDF_CACHING="true",PDF_CACHING_ENABLE_WORKER_POOL="true",ALLOWED_IMAGES=quay.io/sharelatex/texlive-full:2025.1,TEXLIVE_IMAGE=quay.io/sharelatex/texlive-full:2025.1,TEX_LIVE_DOCKER_IMAGE_ROOT=us-east1-docker.pkg.dev/overleaf-ops/ol-docker,TEXLIVE_IMAGE_USER="tex",SANDBOXED_COMPILES="true",SANDBOXED_COMPILES_HOST_DIR_COMPILES=$PWD/compiles,SANDBOXED_COMPILES_HOST_DIR_OUTPUT=$PWD/output
|
||||
--env-pass-through=
|
||||
--esmock-loader=False
|
||||
--node-version=22.18.0
|
||||
|
||||
@@ -65,7 +65,7 @@ module.exports = {
|
||||
project_cache_length_ms: 1000 * 60 * 60 * 24,
|
||||
parallelFileDownloads: process.env.FILESTORE_PARALLEL_FILE_DOWNLOADS || 1,
|
||||
filestoreDomainOveride: process.env.FILESTORE_DOMAIN_OVERRIDE,
|
||||
texliveImageNameOveride: process.env.TEX_LIVE_IMAGE_NAME_OVERRIDE,
|
||||
texliveImageNameOveride: process.env.TEX_LIVE_DOCKER_IMAGE_ROOT,
|
||||
texliveOpenoutAny: process.env.TEXLIVE_OPENOUT_ANY,
|
||||
texliveMaxPrintLine: process.env.TEXLIVE_MAX_PRINT_LINE,
|
||||
enablePdfCaching: process.env.ENABLE_PDF_CACHING === 'true',
|
||||
|
||||
@@ -30,7 +30,7 @@ services:
|
||||
PDF_CACHING_ENABLE_WORKER_POOL: "true"
|
||||
ALLOWED_IMAGES: quay.io/sharelatex/texlive-full:2025.1
|
||||
TEXLIVE_IMAGE: quay.io/sharelatex/texlive-full:2025.1
|
||||
TEX_LIVE_IMAGE_NAME_OVERRIDE: us-east1-docker.pkg.dev/overleaf-ops/ol-docker
|
||||
TEX_LIVE_DOCKER_IMAGE_ROOT: us-east1-docker.pkg.dev/overleaf-ops/ol-docker
|
||||
TEXLIVE_IMAGE_USER: "tex"
|
||||
SANDBOXED_COMPILES: "true"
|
||||
SANDBOXED_COMPILES_HOST_DIR_COMPILES: $PWD/compiles
|
||||
|
||||
@@ -44,7 +44,7 @@ services:
|
||||
PDF_CACHING_ENABLE_WORKER_POOL: "true"
|
||||
ALLOWED_IMAGES: quay.io/sharelatex/texlive-full:2025.1
|
||||
TEXLIVE_IMAGE: quay.io/sharelatex/texlive-full:2025.1
|
||||
TEX_LIVE_IMAGE_NAME_OVERRIDE: us-east1-docker.pkg.dev/overleaf-ops/ol-docker
|
||||
TEX_LIVE_DOCKER_IMAGE_ROOT: us-east1-docker.pkg.dev/overleaf-ops/ol-docker
|
||||
TEXLIVE_IMAGE_USER: "tex"
|
||||
SANDBOXED_COMPILES: "true"
|
||||
SANDBOXED_COMPILES_HOST_DIR_COMPILES: $PWD/compiles
|
||||
|
||||
@@ -45,7 +45,7 @@ const ProjectOptionsHandler = {
|
||||
if (!isAllowed) {
|
||||
throw new Error(`invalid imageName: ${imageName}`)
|
||||
}
|
||||
return settings.imageRoot + '/' + imageName
|
||||
return imageName
|
||||
},
|
||||
|
||||
async setImageName(projectId, imageName) {
|
||||
|
||||
@@ -20,3 +20,6 @@ if (process.env.SANDBOXED_COMPILES === 'true') {
|
||||
}
|
||||
Settings.currentImageName = process.env.TEX_LIVE_DOCKER_IMAGE
|
||||
}
|
||||
|
||||
const SandboxedCompilesModule = {}
|
||||
export default SandboxedCompilesModule
|
||||
|
||||
Reference in New Issue
Block a user