2bc13cdfaf
Ansible 2.4 changes the way the template module works. It now processes the template and writes it into a temporary file in a newly created temporary dir. After that it reuses the copy plugin to copy this onto the node. This fails for untrusted jobs because the temporary file is created outside of the work root which fails the safe path validation of the copy plugin [1]. There are two issues with this behavior. First Ansible doesn't use the configured local_tmp dir for this temporary file. This can be fixed by setting the TMP variable. Second our current local_tmp setting is outside of the work dir so this needs to be moved into the work dir. [1] Failed log: TASK [gitlint : Ensure project has a fallback default config] node | ERROR node | { node | "msg": "Accessing files from outside the working dir /tmp/54614d6f189a48968648c4e68c05bdba/work is prohibited", node | "path": "/tmp/tmpssae4qfb/gitlint.j2" node | } Change-Id: Ie2c7518973fc81f51826fa16021b95590e08749e |
||
---|---|---|
.. | ||
__init__.py | ||
client.py | ||
server.py |