[MediaWiki-commits] [Gerrit] integration/config[master]: docker: fix pip cache permissions

Mon, 23 Oct 2017 08:35:45 -0700 

Hashar has uploaded a new change for review. ( 
https://gerrit.wikimedia.org/r/385993 )

Change subject: docker: fix pip cache permissions
......................................................................

docker: fix pip cache permissions

pip creates cache materials so that it is solely accessible by the user.
We run the container as 65534:500.  To use castor, we would need to read
the cache as jenkins-deploy:500.

Fix XDG_CACHE_DIR files and directories to let group read them. Will let
castor save the container cache when running on the host.

Change-Id: I47573245c9af5372d5cc35c08b641dce9ac25afc
---
M dockerfiles/tox/example-run.sh
M dockerfiles/tox/run.sh
2 files changed, 15 insertions(+), 1 deletion(-)


  git pull ssh://gerrit.wikimedia.org:29418/integration/config 
refs/changes/93/385993/1

diff --git a/dockerfiles/tox/example-run.sh b/dockerfiles/tox/example-run.sh
index 866d76a..d126ec7 100644
--- a/dockerfiles/tox/example-run.sh
+++ b/dockerfiles/tox/example-run.sh
@@ -1,11 +1,13 @@
 #!/bin/bash
 
 install --mode 777 --directory log
+install --mode 777 --directory cache
 docker run \
     --rm --tty \
     --env ZUUL_URL=https://gerrit.wikimedia.org/r \
     --env ZUUL_PROJECT=analytics/quarry/web \
     --env ZUUL_COMMIT=master \
     --env ZUUL_REF=master \
+    --volume /"$(pwd)"/cache://cache \
     --volume /"$(pwd)"/log://log \
      wmfreleng/tox:latest
diff --git a/dockerfiles/tox/run.sh b/dockerfiles/tox/run.sh
index 9b2cfe5..85a18e8 100644
--- a/dockerfiles/tox/run.sh
+++ b/dockerfiles/tox/run.sh
@@ -10,7 +10,19 @@
     mv /src/.tox/log "${LOG_DIR}" || /bin/true
 }
 
-trap capture_logs EXIT
+fix_cache_permissions() {
+    # CI runs has nobody:wikidev and the docker host would need access to
+    # files. pip creates its cache with restrictive permissions.
+    find "$XDG_CACHE_HOME" -type d -not -perm '/g+rx' -print0|xargs -0 
--no-run-if-empty chmod g+rx
+    find "$XDG_CACHE_HOME" -type f -not -perm '/g+r' -print0|xargs -0 
--no-run-if-empty chmod g+r
+}
+
+handle_exit() {
+    capture_logs
+    fix_cache_permissions
+}
+
+trap handle_exit EXIT
 
 cd /src
 

-- 
To view, visit https://gerrit.wikimedia.org/r/385993
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings

Gerrit-MessageType: newchange
Gerrit-Change-Id: I47573245c9af5372d5cc35c08b641dce9ac25afc
Gerrit-PatchSet: 1
Gerrit-Project: integration/config
Gerrit-Branch: master
Gerrit-Owner: Hashar <[email protected]>

_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits

Reply via email to