Hello Thcipriani,
I'd like you to do a code review. Please visit
https://gerrit.wikimedia.org/r/387590
to review the following change.
Change subject: Fix up tox log permissions with Docker
......................................................................
Fix up tox log permissions with Docker
Use setgid on $WORKSPACE/log to have all sub files belong to the wikidev
group.
Set umask to have files created with g+w, which lets jenkins-deploy
delete them later on.
Redo the log capturing trap. mv preserve permissions which causes files
in $WORKSPACE/log to belong to nobody:nogroup (ie: they dont honor
setgid).
Use cp instead, which kindly ignore perms.
Address:
rm: cannot remove ‘log/log/tox-0.log’: Permission denied
Change-Id: I78e0d711ca0cc619db495dcea3d0ba1b8b4e46f6
Signed-off-by: Tyler Cipriani <[email protected]>
---
M dockerfiles/tox/example-run.sh
M dockerfiles/tox/run.sh
M jjb/python-jobs.yaml
3 files changed, 11 insertions(+), 4 deletions(-)
git pull ssh://gerrit.wikimedia.org:29418/integration/config
refs/changes/90/387590/1
diff --git a/dockerfiles/tox/example-run.sh b/dockerfiles/tox/example-run.sh
index 866d76a..3408752 100644
--- a/dockerfiles/tox/example-run.sh
+++ b/dockerfiles/tox/example-run.sh
@@ -1,6 +1,6 @@
#!/bin/bash
-install --mode 777 --directory log
+install --mode 2777 --directory log
docker run \
--rm --tty \
--env ZUUL_URL=https://gerrit.wikimedia.org/r \
diff --git a/dockerfiles/tox/run.sh b/dockerfiles/tox/run.sh
index 9b2cfe5..f9a3d0f 100644
--- a/dockerfiles/tox/run.sh
+++ b/dockerfiles/tox/run.sh
@@ -2,12 +2,19 @@
set -euxo pipefail
+umask 002
+
LOG_DIR=/log
export LOG_DIR
capture_logs() {
- mv /src/.tox/*/log/*.log "${LOG_DIR}" || /bin/true
- mv /src/.tox/log "${LOG_DIR}" || /bin/true
+ # XXX unlike `mv`, `cp` does not preserve permissions and hence the
+ # destination files will inherit the group thanks to log having setgid.
+ #
+ # XXX later tox version supports specifying the envs log directory
+ #
+ cp --recursive /src/.tox/*/log/*.log "${LOG_DIR}" || /bin/true
+ cp --recursive /src/.tox/log "${LOG_DIR}" || /bin/true
}
trap capture_logs EXIT
diff --git a/jjb/python-jobs.yaml b/jjb/python-jobs.yaml
index 4abf7bf..618d098 100644
--- a/jjb/python-jobs.yaml
+++ b/jjb/python-jobs.yaml
@@ -75,7 +75,7 @@
- docker-zuul-env
- docker-log-dir
- docker-run-with-log-and-workspace-cache:
- image: 'wmfreleng/tox:v2017.10.23.15.33'
+ image: 'wmfreleng/tox:v2017.10.31.15.21'
logdir: '/log'
wrappers:
- timeout:
--
To view, visit https://gerrit.wikimedia.org/r/387590
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: newchange
Gerrit-Change-Id: I78e0d711ca0cc619db495dcea3d0ba1b8b4e46f6
Gerrit-PatchSet: 1
Gerrit-Project: integration/config
Gerrit-Branch: master
Gerrit-Owner: Hashar <[email protected]>
Gerrit-Reviewer: Thcipriani <[email protected]>
_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
