Browse Source

Fix: tools/airship permissions and directories issues

The UID:GID under which commands from within containers are run does not
necessarily match UID:GID set in container. This patch enforces run of
containers with process UID:GID matching current user's UID:GID.

Creation of directories is documented, so that user's wouldn't get
unambigious error.

Change-Id: I122afc29e0968391574b74f330e5a3a4beb8ed52
changes/00/661600/1
Roman Gorshunov 2 years ago
parent
commit
74779ac6d8
  1. 2
      doc/source/airsloop.rst
  2. 5
      tools/airship

2
doc/source/airsloop.rst

@ -191,12 +191,14 @@ installing git, installing docker, clone sevral repos etc.
.. code-block:: bash
mkdir certs
./tools/airship promenade generate-certs -o /target/certs /target/collect/*.yaml
3. Generate genesis.sh scipt
.. code-block:: bash
mkdir bundle
./tools/airship promenade build-all -o /target/bundle /target/collect/*.yaml /target/certs/*.yaml
4. Execute the genesis.sh script

5
tools/airship

@ -42,6 +42,8 @@ EOF
REPO_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )"/../ >/dev/null 2>&1 && pwd )"
USER=$(id -u)
GROUP=$(id -g)
# Key/value lookups from manifests
manifests_lookup(){
@ -110,6 +112,7 @@ pegleg() {
versions_lookup "['data']['images']['ucp']['pegleg']['pegleg']"
docker run --rm --net=host $TERM_OPTS \
-u "${USER}:${GROUP}" \
-w /target \
-v $(pwd):/target \
-v ${HOME}/.ssh:/target/.ssh \
@ -132,6 +135,7 @@ NO_PROXY=${NO_PROXY:-}
EOF
docker run --rm --net=host $TERM_OPTS \
-u "${USER}:${GROUP}" \
-w /target \
-v $(pwd):/target \
--env-file $ENV_FILE \
@ -144,6 +148,7 @@ shipyard() {
SHIPYARD_IMAGE=$RESULT
docker run --rm --net=host $TERM_OPTS \
-u "${USER}:${GROUP}" \
-w /target \
-v $(pwd):/target \
--env-file $ENV_FILE \

Loading…
Cancel
Save