wip

pkg/build/main_build.go

@@ -18,6 +18,8 @@ package build
 
 import (
 	"log/slog"
+	"sync"
+	"syscall"
 
 	"gitea.plemya-x.ru/Plemya-x/ALR/internal/utils"
 	"gitea.plemya-x.ru/Plemya-x/ALR/pkg/manager"
@@ -25,28 +27,48 @@ import (
 
 func NewMainBuilder(
 	cfg Config,
+	mgr manager.Manager,
 	repos PackageFinder,
-) (*Builder, error) {
-	installerExecutor, err := GetSafeInstaller()
+) (*Builder, func(), error) {
+	var err error
+
+	var safeInstallerClose, safeScriptExecutorClose func()
+
+	var cleanupOnce sync.Once
+	cleanup := func() {
+		cleanupOnce.Do(func() {
+			if safeScriptExecutorClose != nil {
+				safeScriptExecutorClose()
+			}
+			if safeInstallerClose != nil {
+				safeInstallerClose()
+			}
+		})
+	}
+
+	defer func() {
+		if err != nil {
+			slog.Debug("close executors")
+			cleanup()
+		}
+	}()
+
+	installerExecutor, safeInstallerClose, err := GetSafeInstaller()
 	if err != nil {
-		slog.Error("i will panic GetSafeInstaller", "err", err)
-		return nil, err
+		return nil, nil, err
 	}
 
 	// It is very important!
 	// See https://stackoverflow.com/questions/47296408/cannot-open-uid-map-for-writing-from-an-app-with-cap-setuid-capability-set
-	if err := utils.NoNewPrivs(); err != nil {
-		return nil, err
+	if err = utils.NoNewPrivs(); err != nil {
+		return nil, nil, err
 	}
 
-	s, err := GetSafeScriptExecutor()
+	s, safeScriptExecutorClose, err := GetSafeScriptExecutor()
 	if err != nil {
-		slog.Error("i will panic GetSafeScriptExecutor", "err", err)
-		return nil, err
+		return nil, nil, err
 	}
 
-	mgr := manager.Detect()
-
 	builder := &Builder{
 		scriptExecutor: s,
 		cacheExecutor: &Cache{
@@ -68,5 +90,7 @@ func NewMainBuilder(
 		repos: repos,
 	}
 
-	return builder, nil
+	slog.Warn("uid", "uid", syscall.Getuid(), "gid", syscall.Getgid())
+
+	return builder, cleanup, nil
 }