zuul
/
zuul
Code Issues Proposed changes

Create secrets dir in bwrap 

Since the mountpoint for the tmpfs used for playbook secrets may
itself be on a read-only bind mount inside the bubblewrap environment,
ensure that it is created before bwrap runs.

Change-Id: I493d1b33500c23d4e2c1458247345cc751757a0b
This commit is contained in:
James E. Blair 2017-08-22 15:45:13 -07:00
parent 2477c0548f
commit c3d69047b5
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
zuul/executor/server.py
View File

@ -256,6 +256,7 @@ class JobDirPlaybook(object):
self.ansible_config = os.path.join(self.root, 'ansible.cfg') self.ansible_config = os.path.join(self.root, 'ansible.cfg')
self.project_link = os.path.join(self.root, 'project') self.project_link = os.path.join(self.root, 'project')
self.secrets_root = os.path.join(self.root, 'secrets') self.secrets_root = os.path.join(self.root, 'secrets')
os.makedirs(self.secrets_root)
self.secrets = os.path.join(self.secrets_root, 'secrets.yaml') self.secrets = os.path.join(self.secrets_root, 'secrets.yaml')
self.secrets_content = None self.secrets_content = None