opensource/podman
1
0
Fork 0
mirror of https://github.com/containers/podman.git synced 2025-06-27 13:38:49 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #2708 from cevich/actual_rootless_two

Browse Source 
Cirrus: Various fixes for rootless testing
This commit is contained in:
OpenShift Merge Robot
2019-03-20 06:30:40 -07:00
committed by GitHub
parent 537c382f5b 37eb694bd0
commit 22e81b3af5
4 changed files with 28 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
.cirrus.yml
View File

@ -70,8 +70,6 @@ env:
#### Default to NOT running in rootless-testing mode #### Default to NOT running in rootless-testing mode
#### ####
ROOTLESS_USER: "" ROOTLESS_USER: ""
ROOTLESS_UID: ""
ROOTLESS_GID: ""
#### ####
#### Credentials and other secret-sauces, decrypted at runtime when authorized. #### Credentials and other secret-sauces, decrypted at runtime when authorized.
@ -101,7 +99,7 @@ env:
CIRRUS_TASK_ID CIRRUS_REPO_NAME CIRRUS_REPO_OWNER CIRRUS_REPO_FULL_NAME CIRRUS_TASK_ID CIRRUS_REPO_NAME CIRRUS_REPO_OWNER CIRRUS_REPO_FULL_NAME
CIRRUS_REPO_CLONE_URL CIRRUS_SHELL CIRRUS_USER_COLLABORATOR CIRRUS_USER_PERMISSION CIRRUS_REPO_CLONE_URL CIRRUS_SHELL CIRRUS_USER_COLLABORATOR CIRRUS_USER_PERMISSION
CIRRUS_WORKING_DIR CIRRUS_HTTP_CACHE_HOST PACKER_BUILDS BUILT_IMAGE_SUFFIX CIRRUS_WORKING_DIR CIRRUS_HTTP_CACHE_HOST PACKER_BUILDS BUILT_IMAGE_SUFFIX
XDG_DATA_DIRS XDG_RUNTIME_DIR XDG_SESSION_ID ROOTLESS_USER ROOTLESS_UID ROOTLESS_GID XDG_DATA_DIRS XDG_RUNTIME_DIR XDG_SESSION_ID ROOTLESS_USER
# Every *_task runs in parallel in separate VMsd. The name prefix only for reference # Every *_task runs in parallel in separate VMsd. The name prefix only for reference
@ -252,8 +250,6 @@ rootless_testing_task:
env: env:
ROOTLESS_USER: "olympiclongjumpingwithjesus" ROOTLESS_USER: "olympiclongjumpingwithjesus"
ROOTLESS_UID: 123456
ROOTLESS_GID: 123456
timeout_in: 120m timeout_in: 120m

26
contrib/cirrus/lib.sh
View File

@ -54,8 +54,6 @@ show_env_vars() {
BUILDTAGS $BUILDTAGS BUILDTAGS $BUILDTAGS
BUILT_IMAGE_SUFFIX $BUILT_IMAGE_SUFFIX BUILT_IMAGE_SUFFIX $BUILT_IMAGE_SUFFIX
ROOTLESS_USER $ROOTLESS_USER ROOTLESS_USER $ROOTLESS_USER
ROOTLESS_UID $ROOTLESS_UID
ROOTLESS_GID $ROOTLESS_GID
CI $CI CI $CI
CIRRUS_CI $CIRRUS_CI CIRRUS_CI $CIRRUS_CI
CI_NODE_INDEX $CI_NODE_INDEX CI_NODE_INDEX $CI_NODE_INDEX
@ -130,7 +128,7 @@ bad_os_id_ver() {
} }
run_rootless() { run_rootless() {
if [[ -z "$ROOTLESS_USER" ]] && [[ -z "$ROOTLESS_UID" ]] && [[ -z "$ROOTLESS_GID" ]] if [[ -z "$ROOTLESS_USER" ]]
then then
return 1 return 1
else else
@ -170,15 +168,23 @@ record_timestamp() {
setup_rootless() { setup_rootless() {
req_env_var " req_env_var "
ROOTLESS_USER $ROOTLESS_USER ROOTLESS_USER $ROOTLESS_USER
#ROOTLESS_UID $ROOTLESS_UID
#ROOTLESS_GID $ROOTLESS_GID
GOSRC $GOSRC GOSRC $GOSRC
ENVLIB $ENVLIB ENVLIB $ENVLIB
" "
if passwd --status $ROOTLESS_USER
then
echo "Updating $ROOTLESS_USER user permissions on possibly changed libpod code"
chown -R $ROOTLESS_USER:$ROOTLESS_USER "$GOSRC"
return 0
fi
# Guarantee independence from specific values
ROOTLESS_UID=$[RANDOM+1000]
ROOTLESS_GID=$[RANDOM+1000]
echo "creating $ROOTLESS_UID:$ROOTLESS_GID $ROOTLESS_USER user" echo "creating $ROOTLESS_UID:$ROOTLESS_GID $ROOTLESS_USER user"
#groupadd -g $ROOTLESS_GID $ROOTLESS_USER groupadd -g $ROOTLESS_GID $ROOTLESS_USER
#useradd -g $ROOTLESS_GID -u $ROOTLESS_UID --no-user-group --create-home $ROOTLESS_USER useradd -g $ROOTLESS_GID -u $ROOTLESS_UID --no-user-group --create-home $ROOTLESS_USER
useradd --create-home $ROOTLESS_USER
chown -R $ROOTLESS_USER:$ROOTLESS_USER "$GOSRC" chown -R $ROOTLESS_USER:$ROOTLESS_USER "$GOSRC"
echo "creating ssh keypair for $USER" echo "creating ssh keypair for $USER"
@ -193,7 +199,9 @@ setup_rootless() {
cat /root/.ssh/authorized_keys >> "/home/$ROOTLESS_USER/.ssh/authorized_keys" cat /root/.ssh/authorized_keys >> "/home/$ROOTLESS_USER/.ssh/authorized_keys"
echo "Configuring subuid and subgid" echo "Configuring subuid and subgid"
echo "${ROOTLESS_USER}:$[ROOTLESS_UID * 100]:65536" | tee -a /etc/subuid >> /etc/subgid grep -q "${ROOTLESS_USER}" /etc/subuid || \
echo "${ROOTLESS_USER}:$[ROOTLESS_UID * 100]:65536" | \
tee -a /etc/subuid >> /etc/subgid
echo "Setting permissions on automation files" echo "Setting permissions on automation files"
chmod 666 "$TIMESTAMPS_FILEPATH" chmod 666 "$TIMESTAMPS_FILEPATH"

9
contrib/cirrus/setup_environment.sh
View File

@ -44,8 +44,6 @@ then
"export OS_RELEASE_VER=\"$(os_release_ver)\"" \ "export OS_RELEASE_VER=\"$(os_release_ver)\"" \
"export OS_REL_VER=\"$(os_release_id)-$(os_release_ver)\"" \ "export OS_REL_VER=\"$(os_release_id)-$(os_release_ver)\"" \
"export ROOTLESS_USER=$ROOTLESS_USER" \ "export ROOTLESS_USER=$ROOTLESS_USER" \
"export ROOTLESS_UID=$ROOTLESS_UID" \
"export ROOTLESS_GID=$ROOTLESS_GID" \
"export BUILT_IMAGE_SUFFIX=\"-$CIRRUS_REPO_NAME-${CIRRUS_CHANGE_IN_REPO:0:8}\"" \ "export BUILT_IMAGE_SUFFIX=\"-$CIRRUS_REPO_NAME-${CIRRUS_CHANGE_IN_REPO:0:8}\"" \
"export GOPATH=\"/var/tmp/go\"" \ "export GOPATH=\"/var/tmp/go\"" \
'export PATH="$HOME/bin:$GOPATH/bin:/usr/local/bin:$PATH"' \ 'export PATH="$HOME/bin:$GOPATH/bin:/usr/local/bin:$PATH"' \
@ -74,6 +72,7 @@ then
esac esac
cd "${GOSRC}/" cd "${GOSRC}/"
# Reload to incorporate any changes from above
source "$SCRIPT_BASE/lib.sh" source "$SCRIPT_BASE/lib.sh"
if run_rootless if run_rootless
@ -83,12 +82,6 @@ then
go get github.com/onsi/ginkgo/ginkgo go get github.com/onsi/ginkgo/ginkgo
go get github.com/onsi/gomega/... go get github.com/onsi/gomega/...
dnf -y update runc dnf -y update runc
else
# Includes some $HOME relative details
go env | while read envline
do
X=$(echo "export $envline" | tee -a "$HOME/$ENVLIB") && eval "$X" && echo "$X"
done
fi fi
fi fi

11
hack/get_ci_vm.sh
View File

@ -19,6 +19,7 @@ PROJECT="libpod-218412"
GOSRC="/var/tmp/go/src/github.com/containers/libpod" GOSRC="/var/tmp/go/src/github.com/containers/libpod"
GCLOUD_IMAGE=${GCLOUD_IMAGE:-quay.io/cevich/gcloud_centos:latest} GCLOUD_IMAGE=${GCLOUD_IMAGE:-quay.io/cevich/gcloud_centos:latest}
GCLOUD_SUDO=${GCLOUD_SUDO-sudo} GCLOUD_SUDO=${GCLOUD_SUDO-sudo}
ROOTLESS_USER="madcowdog"
# Shared tmp directory between container and us # Shared tmp directory between container and us
TMPDIR=$(mktemp -d --tmpdir $(basename $0)_tmpdir_XXXXXX) TMPDIR=$(mktemp -d --tmpdir $(basename $0)_tmpdir_XXXXXX)
@ -69,7 +70,9 @@ image_hints() {
show_usage() { show_usage() {
echo -e "\n${RED}ERROR: $1${NOR}" echo -e "\n${RED}ERROR: $1${NOR}"
echo -e "${YEL}Usage: $(basename $0) [-s | -p] <image_name>${NOR}\n" echo -e "${YEL}Usage: $(basename $0) [-s | -p | -r] <image_name>${NOR}"
echo "Use -s / -p to select source or package based dependencies"
echo -e "Use -r to setup and run tests as a regular user.\n"
if [[ -r ".cirrus.yml" ]] if [[ -r ".cirrus.yml" ]]
then then
echo -e "${YEL}Some possible image_name values (from .cirrus.yml):${NOR}" echo -e "${YEL}Some possible image_name values (from .cirrus.yml):${NOR}"
@ -106,7 +109,7 @@ parse_args(){
IMAGE_NAME="$2" IMAGE_NAME="$2"
elif [[ "$1" == "-r" ]] elif [[ "$1" == "-r" ]]
then then
DEPS="ROOTLESS_USER=madcowdog ROOTLESS_UID=3210 ROOTLESS_GID=3210" DEPS="ROOTLESS_USER=$ROOTLESS_USER"
IMAGE_NAME="$2" IMAGE_NAME="$2"
else # no -s or -p else # no -s or -p
DEPS="$(get_env_vars)" DEPS="$(get_env_vars)"
@ -213,4 +216,8 @@ echo -e "\n${YEL}Executing environment setup${NOR}"
showrun $SSH_CMD --command "$SETUP_CMD" showrun $SSH_CMD --command "$SETUP_CMD"
echo -e "\n${YEL}Connecting to $VMNAME ${RED}(option to delete VM upon logout).${NOR}\n" echo -e "\n${YEL}Connecting to $VMNAME ${RED}(option to delete VM upon logout).${NOR}\n"
if [[ "$1" == "-r" ]]
then
SSH_CMD="$PGCLOUD compute ssh $ROOTLESS_USER@$VMNAME"
fi
showrun $SSH_CMD -- -t "cd $GOSRC && exec env $DEPS bash -il" showrun $SSH_CMD -- -t "cd $GOSRC && exec env $DEPS bash -il"