Set git repo ownership for nodepool dib integration testing
We run nodepool-builder as root in the integration testing but /home/zuul/src repos are owned by zuul. When git tries to do local clones of these repos it fails because security concerns mean it will not talk to git repos owned by a different user. Address this by chowning /home/zuul/src and its contents to root:root. We don't use the git config method because that would require modifying the container image and that seems less ideal than making the test environment match what we need. Change-Id: Idf78c50180b7b989082befe797f5003ebb29ec5b
This commit is contained in:
parent
70b1172630
commit
612fb2e062
@ -92,6 +92,20 @@
|
|||||||
dest: /etc/nodepool/docker-compose.yaml
|
dest: /etc/nodepool/docker-compose.yaml
|
||||||
mode: 0600
|
mode: 0600
|
||||||
|
|
||||||
|
- name: Change git repo ownership
|
||||||
|
# Git doesn't want to perform actions against local git repos owned
|
||||||
|
# by a user other than the one invoking the git commands for security
|
||||||
|
# reasons. We run podman-compose below as root which should run the
|
||||||
|
# builder as root. Therefore we need to chown the git repos to root
|
||||||
|
# so that we can use them as the source of information for the builds.
|
||||||
|
file:
|
||||||
|
path: /home/zuul/src/
|
||||||
|
state: directory
|
||||||
|
owner: 'root'
|
||||||
|
group: 'root'
|
||||||
|
recurse: true
|
||||||
|
become: yes
|
||||||
|
|
||||||
- name: Run podman compose pull
|
- name: Run podman compose pull
|
||||||
shell:
|
shell:
|
||||||
cmd: podman-compose pull
|
cmd: podman-compose pull
|
||||||
|
Loading…
x
Reference in New Issue
Block a user