[MediaWiki-commits] [Gerrit] integration/config[master]: Delete log/src as nobody via a docker container

[Hashar (Code Review)]

Hashar has uploaded a new change for review. ( 
https://gerrit.wikimedia.org/r/396009 )

Change subject: Delete log/src as nobody via a docker container
......................................................................

Delete log/src as nobody via a docker container

log / src might have files not deletable by the Jenkins agent. For
examples:
* pip writing a pip/http which is only accessibly by nobody
* npm install node_modules with group 'nogroup', failling to honor the
  parent directory setgid.

That least to the next build failling to delete some files. Instead of
deleting as jenkins-deploy, use a Docker container to delete log and src
as the nobody user.

That is done by mounting the whole workspace as a volume and then
deleting the directories individually.

Update:
*tox-docker
*node-6-docker
pywikibot-core-tox-doc-docker
pywikibot-core-tox-nose34-docker
pywikibot-core-tox-nose-docker
composer-package-php70-docker
composer-php70-docker
lintr-docker
lintr-docker-non-voting
mediawiki-core-php70-phan-docker
mediawiki-core-phpcs-docker
mwext-php70-phan-docker
operations-puppet-tests-docker

Change-Id: I7171db1454c4dd52322ac031ad5c7cc39977c39e
---
M jjb/macro-docker.yaml
1 file changed, 17 insertions(+), 5 deletions(-)


  git pull ssh://gerrit.wikimedia.org:29418/integration/config 
refs/changes/09/396009/1

diff --git a/jjb/macro-docker.yaml b/jjb/macro-docker.yaml
index d9ea506..92afd5a 100644
--- a/jjb/macro-docker.yaml
+++ b/jjb/macro-docker.yaml
@@ -3,18 +3,30 @@
 - builder:
     name: docker-log-dir
     builders:
-     - shell: |
-        rm -rf log
-        mkdir -m 2777 -p "log"
+     - docker-wipe-dir:
+         dir: log
 
 # Create a src directory that will be
 # mounted into a container with --volume
 - builder:
     name: docker-src-dir
     builders:
+     - docker-wipe-dir:
+         dir: src
+
+- builder:
+    name: docker-wipe-dir
+    builders:
      - shell: |
-        rm -rf src
-        mkdir -m 2777 -p "src"
+
+         set -eux
+         exec docker run \
+             --rm \
+             -v "$WORKSPACE":/workspace \
+             --entrypoint=/bin/rm \
+             docker-registry.wikimedia.org/wikimedia-stretch:latest \
+             -fR "/workspace/{dir}"
+         mkdir -m 2777 -p "{dir}"
 
 # Create a cache directory that will be
 # mounted into a container with --volume

-- 
To view, visit https://gerrit.wikimedia.org/r/396009
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings

Gerrit-MessageType: newchange
Gerrit-Change-Id: I7171db1454c4dd52322ac031ad5c7cc39977c39e
Gerrit-PatchSet: 1
Gerrit-Project: integration/config
Gerrit-Branch: master
Gerrit-Owner: Hashar <has...@free.fr>

_______________________________________________
MediaWiki-commits mailing list
MediaWiki-commits@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits