[SCM] ci-tooling packaging branch, master, updated. 876c40f4967e0797332658368c66b2d23018f0d3

Rohan Garg rohangarg-guest at moszumanska.debian.org
Thu Nov 5 15:13:47 UTC 2015 

Gitweb-URL: http://git.debian.org/?p=pkg-kde/ci-tooling.git;a=commitdiff;h=876c40f

The following commit has been merged in the master branch:
commit 876c40f4967e0797332658368c66b2d23018f0d3
Author: Rohan Garg <rohan at garg.io>
Date:   Thu Nov 5 16:13:21 2015 +0100

    Fix permissions before exiting
---
 ci/builder.rb | 10 ++++++++++
 ci/sourcer.rb | 10 ++++++++++
 2 files changed, 20 insertions(+)

diff --git a/ci/builder.rb b/ci/builder.rb
index 35d78c5..05ac75e 100755
--- a/ci/builder.rb
+++ b/ci/builder.rb
@@ -14,3 +14,13 @@ Apt.update
 source = YAML::load_file('source.yaml')
 builder = CI::PackageBuilder.new
 builder.build(source)
+
+# Workaround for docker not having suidmaps. We run as root in the docker
+# which will result in uid/gid of written things to be 0 rather than whatever
+# jenkins has. So instead we have a fake jenkins user in the docker we can
+# chmod to. This ultimately ensures that the owernship is using the uid of
+# the host jenkins (equal to docker jenkins) such that we don't end up with
+# stuff owned by others.
+at_exit do
+  FileUtils.chown_R('jenkins', 'jenkins', Dir.pwd, verbose: true)
+end unless testing
diff --git a/ci/sourcer.rb b/ci/sourcer.rb
index 3b2a367..4051127 100755
--- a/ci/sourcer.rb
+++ b/ci/sourcer.rb
@@ -7,3 +7,13 @@ s = CI::VcsSourceBuilder.new(release: DIST)
 r = s.run
 # Write out metadata
 open('build/source.yaml', 'w+') { |f| f.write(YAML.dump(r)) }
+
+# Workaround for docker not having suidmaps. We run as root in the docker
+# which will result in uid/gid of written things to be 0 rather than whatever
+# jenkins has. So instead we have a fake jenkins user in the docker we can
+# chmod to. This ultimately ensures that the owernship is using the uid of
+# the host jenkins (equal to docker jenkins) such that we don't end up with
+# stuff owned by others.
+at_exit do
+  FileUtils.chown_R('jenkins', 'jenkins', Dir.pwd, verbose: true)
+end unless testing

-- 
ci-tooling packaging

More information about the pkg-kde-commits mailing list