From 4d4e88a3d07cfc01e6d871b2d39b03bd49833c95 Mon Sep 17 00:00:00 2001 From: Clark Boylan Date: Wed, 13 Apr 2022 13:07:13 -0700 Subject: [PATCH] Update our gitea test to handle new git behavior Git was recently updated to fix a security issue that prevents git from operating on a repo as userA if the repo is owned by userB. In our gitea tests we use our local zuul repo clone of system-config to push back into gitea to get some real content into gitea. We were operating as root but zuul owns that repo. Update the commands to run as zuul to workaround the git error. Change-Id: I87105bae4bdd69465cce4d5bc412241dc1c88623 --- playbooks/test-gitea.yaml | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/playbooks/test-gitea.yaml b/playbooks/test-gitea.yaml index 18ab376b5f..86b48a4b35 100644 --- a/playbooks/test-gitea.yaml +++ b/playbooks/test-gitea.yaml @@ -22,8 +22,12 @@ when: '"Zuuls new description" not in zuul_content.content' - name: Configure ssh for pushing into test gitea shell: | - ssh-keyscan -t rsa -p 222 localhost >> .ssh/known_hosts + ssh-keyscan -t rsa -p 222 localhost >> /home/zuul/.ssh/known_hosts ssh-keygen -t ed25519 -f /home/zuul/.ssh/id_ed25519 -C giteagerrittest -P '' + # We become zuul here because we need to git push has zuul later to + # ensure the owner of the git repo is the one operating on it. + become: true + become_user: zuul - name: Register new gitea gerrit pubkey value slurp: src: /home/zuul/.ssh/id_ed25519.pub @@ -48,6 +52,11 @@ cd /home/zuul/src/opendev.org/opendev/system-config git remote add test-gitea ssh://git@localhost:222/opendev/system-config GIT_SSH_COMMAND='ssh -i /home/zuul/.ssh/id_ed25519' git push -f test-gitea master + # We run this as zuul because zuul owns the git repo in /home/zuul + # and git by default does not want to operate on a git repo as another + # user. + become: true + become_user: zuul - name: Clone system-config to check that partial clones aren't breaking stuff shell: | cd /tmp