Change name and document the bind_mount config paths
The content in these can be a file or a directory - so _dirs is confusing. Change it to _paths and document it. Change-Id: Ida38766cd3d440d75a6dc55035a54e0804e03760
This commit is contained in:
parent
b41a5d9e8f
commit
01380dd885
|
@ -361,6 +361,26 @@ executor
|
|||
|
||||
disk_limit_per_job=100
|
||||
|
||||
**trusted_ro_paths**
|
||||
|
||||
List of paths, separated by ':' to read-only bind mount into trusted
|
||||
bubblewrap contexts.
|
||||
|
||||
**trusted_rw_paths**
|
||||
|
||||
List of paths, separated by ':' to read-write bind mount into trusted
|
||||
bubblewrap contexts.
|
||||
|
||||
**untrusted_ro_paths**
|
||||
|
||||
List of paths, separated by ':' to read-only bind mount into untrusted
|
||||
bubblewrap contexts.
|
||||
|
||||
**untrusted_rw_paths**
|
||||
|
||||
List of paths, separated by ':' to read-write bind mount into untrusted
|
||||
bubblewrap contexts.
|
||||
|
||||
merger
|
||||
""""""
|
||||
|
||||
|
|
|
@ -27,8 +27,8 @@ zuul_url=http://zuul.example.com/p
|
|||
|
||||
[executor]
|
||||
default_username=zuul
|
||||
trusted_ro_dirs=/opt/zuul-scripts:/var/cache
|
||||
trusted_rw_dirs=/opt/zuul-logs
|
||||
trusted_ro_paths=/opt/zuul-scripts:/var/cache
|
||||
trusted_rw_paths=/opt/zuul-logs
|
||||
|
||||
[web]
|
||||
listen_address=127.0.0.1
|
||||
|
|
|
@ -2080,7 +2080,7 @@ class ZuulTestCase(BaseTestCase):
|
|||
self.copyDirToRepo(project,
|
||||
os.path.join(git_path, reponame))
|
||||
# Make test_root persist after ansible run for .flag test
|
||||
self.config.set('executor', 'trusted_rw_dirs', self.test_root)
|
||||
self.config.set('executor', 'trusted_rw_paths', self.test_root)
|
||||
self.setupAllProjectKeys()
|
||||
|
||||
def setupSimpleLayout(self):
|
||||
|
|
|
@ -272,11 +272,11 @@ class WrapperInterface(object, metaclass=abc.ABCMeta):
|
|||
pass
|
||||
|
||||
@abc.abstractmethod
|
||||
def setMountsMap(self, state_dir, ro_dirs=[], rw_dirs=[]):
|
||||
def setMountsMap(self, state_dir, ro_paths=None, rw_paths=None):
|
||||
"""Add additional mount point to the execution environment.
|
||||
|
||||
:arg str state_dir: the state directory to be read write
|
||||
:arg list ro_dirs: read only directories paths
|
||||
:arg list rw_dirs: read write directories paths
|
||||
:arg list ro_paths: read only files or directories to bind mount
|
||||
:arg list rw_paths: read write files or directories to bind mount
|
||||
"""
|
||||
pass
|
||||
|
|
|
@ -83,12 +83,12 @@ class BubblewrapDriver(Driver, WrapperInterface):
|
|||
def stop(self):
|
||||
pass
|
||||
|
||||
def setMountsMap(self, ro_dirs=None, rw_dirs=None):
|
||||
if not ro_dirs:
|
||||
ro_dirs = []
|
||||
if not rw_dirs:
|
||||
rw_dirs = []
|
||||
self.mounts_map = {'ro': ro_dirs, 'rw': rw_dirs}
|
||||
def setMountsMap(self, ro_paths=None, rw_paths=None):
|
||||
if not ro_paths:
|
||||
ro_paths = []
|
||||
if not rw_paths:
|
||||
rw_paths = []
|
||||
self.mounts_map = {'ro': ro_paths, 'rw': rw_paths}
|
||||
|
||||
def getPopen(self, **kwargs):
|
||||
# Set zuul_dir if it was not passed in
|
||||
|
|
|
@ -1467,20 +1467,20 @@ class AnsibleJob(object):
|
|||
opt_prefix = 'trusted'
|
||||
else:
|
||||
opt_prefix = 'untrusted'
|
||||
ro_dirs = get_default(self.executor_server.config, 'executor',
|
||||
'%s_ro_dirs' % opt_prefix)
|
||||
rw_dirs = get_default(self.executor_server.config, 'executor',
|
||||
'%s_rw_dirs' % opt_prefix)
|
||||
ro_dirs = ro_dirs.split(":") if ro_dirs else []
|
||||
rw_dirs = rw_dirs.split(":") if rw_dirs else []
|
||||
ro_paths = get_default(self.executor_server.config, 'executor',
|
||||
'%s_ro_paths' % opt_prefix)
|
||||
rw_paths = get_default(self.executor_server.config, 'executor',
|
||||
'%s_rw_paths' % opt_prefix)
|
||||
ro_paths = ro_paths.split(":") if ro_paths else []
|
||||
rw_paths = rw_paths.split(":") if rw_paths else []
|
||||
|
||||
ro_dirs.append(self.executor_server.ansible_dir)
|
||||
ro_paths.append(self.executor_server.ansible_dir)
|
||||
|
||||
if self.executor_variables_file:
|
||||
ro_dirs.append(self.executor_variables_file)
|
||||
ro_paths.append(self.executor_variables_file)
|
||||
|
||||
self.executor_server.execution_wrapper.setMountsMap(ro_dirs,
|
||||
rw_dirs)
|
||||
self.executor_server.execution_wrapper.setMountsMap(ro_paths,
|
||||
rw_paths)
|
||||
|
||||
popen = self.executor_server.execution_wrapper.getPopen(
|
||||
work_dir=self.jobdir.root,
|
||||
|
|
Loading…
Reference in New Issue