 ###############################################################
 # 
 # Copyright 2011 Red Hat, Inc. 
 # 
 # Licensed under the Apache License, Version 2.0 (the "License"); you 
 # may not use this file except in compliance with the License.  You may 
 # obtain a copy of the License at 
 # 
 #    http://www.apache.org/licenses/LICENSE-2.0 
 # 
 # Unless required by applicable law or agreed to in writing, software 
 # distributed under the License is distributed on an "AS IS" BASIS, 
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and 
 # limitations under the License. 
 # 
 ############################################################### 

include_directories(${CONDOR_SCHEDD_SRC_DIR})

set( starterElements
starter.cpp
starter_guidance.cpp
docker_proc.cpp
filter.cpp
find_child_proc.cpp
has_sysadmin_cap.cpp
io_proxy.cpp
io_proxy_handler.cpp
java_detect.cpp
java_proc.cpp
jic_local_config.cpp
jic_local.cpp
jic_local_file.cpp
jic_local_schedd.cpp
jic_shadow.cpp
execute_dir_monitor.cpp
job_info_communicator.cpp
local_user_log.cpp
NTsenders.cpp
os_proc.cpp
parallel_proc.cpp
remote_proc.cpp
script_proc.cpp
singularity.cpp
sshd_proc.cpp
StarterHookMgr.cpp
starter_user_policy.cpp
starter_util.cpp
starter_v61_main.cpp
stream_handler.cpp
tool_daemon_proc.cpp
user_proc.cpp
vanilla_proc.cpp
vm_gahp_request.cpp
vm_gahp_server.cpp
vm_proc.cpp
)

if (LINUX)
	list(APPEND starterElements
		../condor_startd.V6/VolumeManager.cpp
	)
endif(LINUX)

if (UNIX)
set_source_files_properties(jic_shadow.cpp PROPERTIES COMPILE_FLAGS "-Wno-deprecated-declarations")
endif(UNIX)

condor_daemon( EXE condor_starter SOURCES "${starterElements}" LIBRARIES "${CONDOR_LIBS}" INSTALL "${C_SBIN}")

# need to add all the other install targets for libexec.
install ( FILES CondorJavaWrapper.class CondorJavaInfo.class DESTINATION ${C_LIB} )

if (HAVE_SSH_TO_JOB)
	install ( FILES condor_ssh_to_job_sshd_setup condor_ssh_to_job_shell_setup DESTINATION ${C_LIBEXEC} PERMISSIONS ${CONDOR_SCRIPT_PERMS} )
	configure_file( ${CMAKE_CURRENT_SOURCE_DIR}/condor_ssh_to_job_sshd_config_template.in ${CMAKE_CURRENT_BINARY_DIR}/condor_ssh_to_job_sshd_config_template @ONLY )
	install ( FILES ${CMAKE_CURRENT_BINARY_DIR}/condor_ssh_to_job_sshd_config_template DESTINATION ${C_LIB} )
endif(HAVE_SSH_TO_JOB)

if (LINUX)
	condor_exe(condor_pid_ns_init "condor_pid_ns_init.cpp" ${C_LIBEXEC} "" OFF)
endif()

if (DOCKER_ALLOW_RUN_AS_ROOT)
	set_source_files_properties(docker_proc.cpp PROPERTIES COMPILE_DEFINITIONS DOCKER_ALLOW_RUN_AS_ROOT=1)
endif()

# We can't assume that docker is installed or runnable at build time.  So, we check in
# a docker test image.  It can be built as follows

# gcc -static -o exit_37 exit_37.c
# docker build -t htcondor_docker_test .
# docker save htcondor_docker_test > htcondor_docker_test

# and repeat the process with an exit_37 built on an arm machine..
# and name the file htcondor_docker_test_arm

# At startup we run singularity with a sandbox dir of $(LIBEXEC)/singularity_test_sandbox
# and run this small program to verify that it exits with code 37
if (LINUX)
	add_executable(exit_37 "exit_37.c")

	# At startup, run this program which emits the current user namespace
	# if it is different from ours, the singularity we ran it in is
	# configured to use user namespaces.  Otherwise, it is a setuid singularity
	add_executable(get_user_ns "get_user_ns.c")
	target_link_libraries(get_user_ns "-static")

	# Address Sanitizer can't deal with statically linked exes
	if (WITH_ADDRESS_SANITIZER)
		target_compile_options(exit_37 PUBLIC -fno-sanitize=address)
		set_target_properties( exit_37 PROPERTIES STATIC_LIBRARY_OPTIONS "-fno-sanitize=address")
		set_target_properties( exit_37 PROPERTIES LINK_FLAGS "-fno-sanitize=address")
		target_compile_options(get_user_ns PUBLIC -fno-sanitize=address)
		set_target_properties( get_user_ns PROPERTIES STATIC_LIBRARY_OPTIONSLINK_FLAGS "-fno-sanitize=address")
		set_target_properties( get_user_ns PROPERTIES LINK_FLAGS "-fno-sanitize=address")
	endif()

	if (WITH_UB_SANITIZER)
		set_target_properties( exit_37 PROPERTIES COMPILE_FLAGS "-fno-sanitize=undefined")
		set_target_properties( exit_37 PROPERTIES STATIC_LINK_FLAGS "-fno-sanitize=undefined")
		set_target_properties( get_user_ns PROPERTIES COMPILE_FLAGS "-fno-sanitize=undefined")
		set_target_properties( get_user_ns PROPERTIES STATIC_LINK_FLAGS "-fno-sanitize=undefined")
	endif()


	# Our special assembly version of exit_37 needs special flags
	# but only works on 64 bit linux
	if ("${SYS_ARCH}" STREQUAL "X86_64")
		target_link_libraries(exit_37 "-nostdlib -static")
	else()
		target_link_libraries(exit_37 "-static")
	endif()
endif()

# Just like we can't asume that docker is installed or runnable on the build machine
# we can't assume that singularity is either, so we check in a small .sif file
# built with 
# mkdir chroot
# cp $(LIBEXEC)/singularity_test_sandbox/bin/exit_37 chroot
# singularity build exit_37.sif chroot

if (LINUX)
	install ( FILES condor_container_launcher.sh DESTINATION ${C_LIBEXEC} PERMISSIONS ${CONDOR_SCRIPT_PERMS} )
	install ( FILES ${CMAKE_CURRENT_SOURCE_DIR}/htcondor_docker_test DESTINATION ${C_LIBEXEC} )
	install ( FILES ${CMAKE_CURRENT_SOURCE_DIR}/htcondor_docker_test_arm DESTINATION ${C_LIBEXEC} )
	if ("${SYS_ARCH}" STREQUAL "AARCH64" OR "${SYS_ARCH}" STREQUAL "PPC64LE" OR "${SYS_ARCH}" STREQUAL "X86_64")
		install ( FILES ${CMAKE_CURRENT_SOURCE_DIR}/exit_37.sif.${SYS_ARCH} RENAME exit_37.sif DESTINATION ${C_LIBEXEC})
	endif()
	install ( DIRECTORY DESTINATION ${C_LIBEXEC}/singularity_test_sandbox )
	install ( DIRECTORY DESTINATION ${C_LIBEXEC}/singularity_test_sandbox/dev )
	install ( DIRECTORY DESTINATION ${C_LIBEXEC}/singularity_test_sandbox/proc )
	install ( FILES ${CMAKE_CURRENT_BINARY_DIR}/exit_37 DESTINATION ${C_LIBEXEC}/singularity_test_sandbox PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
	install ( FILES ${CMAKE_CURRENT_BINARY_DIR}/get_user_ns DESTINATION ${C_LIBEXEC}/singularity_test_sandbox PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
endif()


# The diagnostic tools the shadow might invoke.
condor_exe(
    condor_diagnostic_send_ep_logs
    "condor_diagnostic_send_ep_logs.cpp"
    ${C_LIBEXEC} "${CONDOR_LIBS}" OFF
)

