Skip to content

refactors the prow build scripts #781

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
openshift-merge-robot merged 1 commit into from
Apr 21, 2022
Merged

refactors the prow build scripts #781

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 0 additions & 6 deletions ci/prow-build.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -48,9 +48,3 @@ cosa buildfetch --url=${prev_build_url}
cosa fetch
cosa build
cosa buildextend-extensions

# Give the newly-built OCI archive a predictable filename to make OCI archive extraction simpler
arch="x86_64"
cosa_build_id="$(cat "${COSA_DIR}/builds/builds.json" | jq -r '.builds[0].id')"
current_build_dir="${COSA_DIR}/builds/latest/${arch}"
mv "${current_build_dir}/rhcos-${cosa_build_id}-ostree.${arch}.ociarchive" "${current_build_dir}/rhcos.${arch}.ociarchive"
24 changes: 24 additions & 0 deletions ci/set-openshift-user.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,24 @@
#!/bin/bash

# This script is used to update the /etc/passwd file within the COSA container
# at test-time. The need for this comes from the fact that OpenShift will run a
# container with a randomized user ID by default to enhance security. Because
# COSA runs with an unprivileged user ("builder") instead of (container) root,
# this presents special challenges for file and disk permissions. This particular
# pattern was inspired by:
# - https://cloud.redhat.com/blog/jupyter-on-openshift-part-6-running-as-an-assigned-user-id
# - https://cloud.redhat.com/blog/a-guide-to-openshift-and-uids

set -xeuo

user_id="$(id -u)"
group_id="$(id -g)"

cat /etc/passwd | grep -v "^builder" > /tmp/passwd
echo "builder:x:${user_id}:${group_id}::/home/builder:/bin/bash" >> /tmp/passwd
cat /tmp/passwd > /etc/passwd
rm /tmp/passwd

# Not strictly required, but nice for debugging.
id
whoami
10 changes: 10 additions & 0 deletions ci/simplify-ociarchive-path.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
#!/bin/bash
# Give the newly-built OCI archive a predictable filename to make OCI archive
# extraction / ingestion simpler in Prow.

set -xeuo

arch="x86_64"
cosa_build_id="$(cat "${COSA_DIR}/builds/builds.json" | jq -r '.builds[0].id')"
current_build_dir="${COSA_DIR}/builds/latest/${arch}"
mv "${current_build_dir}/rhcos-${cosa_build_id}-ostree.${arch}.ociarchive" "${current_build_dir}/rhcos.${arch}.ociarchive"