summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--contrib/cirrus/lib.sh4
-rwxr-xr-xcontrib/cirrus/runner.sh7
-rwxr-xr-xcontrib/cirrus/setup_environment.sh5
3 files changed, 12 insertions, 4 deletions
diff --git a/contrib/cirrus/lib.sh b/contrib/cirrus/lib.sh
index 583f85fc1..0f02c166f 100644
--- a/contrib/cirrus/lib.sh
+++ b/contrib/cirrus/lib.sh
@@ -169,10 +169,6 @@ setup_rootless() {
groupadd -g $rootless_gid $ROOTLESS_USER
useradd -g $rootless_gid -u $rootless_uid --no-user-group --create-home $ROOTLESS_USER
- # We also set up rootless user for image-scp tests (running as root)
- if [[ $PRIV_NAME = "rootless" ]]; then
- chown -R $ROOTLESS_USER:$ROOTLESS_USER "$GOPATH" "$GOSRC"
- fi
echo "$ROOTLESS_USER ALL=(root) NOPASSWD: ALL" > /etc/sudoers.d/ci-rootless
mkdir -p "$HOME/.ssh" "/home/$ROOTLESS_USER/.ssh"
diff --git a/contrib/cirrus/runner.sh b/contrib/cirrus/runner.sh
index 832339d07..101270703 100755
--- a/contrib/cirrus/runner.sh
+++ b/contrib/cirrus/runner.sh
@@ -449,6 +449,13 @@ if [[ "$PRIV_NAME" == "rootless" ]] && [[ "$UID" -eq 0 ]]; then
# https://github.com/containers/podman/issues/10857
rm -rf /var/lib/cni
+ # This must be done at the last second, otherwise `make` calls
+ # in setup_environment (as root) will balk about ownership.
+ msg "Recursively chowning \$GOPATH and \$GOSRC to $ROOTLESS_USER"
+ if [[ $PRIV_NAME = "rootless" ]]; then
+ chown -R $ROOTLESS_USER:$ROOTLESS_USER "$GOPATH" "$GOSRC"
+ fi
+
req_env_vars ROOTLESS_USER
msg "Re-executing runner through ssh as user '$ROOTLESS_USER'"
msg "************************************************************"
diff --git a/contrib/cirrus/setup_environment.sh b/contrib/cirrus/setup_environment.sh
index cf53dfcc8..e3eb46783 100755
--- a/contrib/cirrus/setup_environment.sh
+++ b/contrib/cirrus/setup_environment.sh
@@ -42,6 +42,8 @@ cp hack/podman-registry /bin
_gc='git config --file /root/.gitconfig'
$_gc user.email "TMcTestFace@example.com"
$_gc user.name "Testy McTestface"
+# Bypass git safety/security checks when operating in a throwaway environment
+git config --system --add safe.directory $GOSRC
# Ensure that all lower-level contexts and child-processes have
# ready access to higher level orchestration (e.g Cirrus-CI)
@@ -304,6 +306,9 @@ case "$TEST_FLAVOR" in
# Guarantee the docker daemon can't be started, even by accident
rm -vf $(type -P dockerd)
+ msg "Recursively chowning source to $ROOTLESS_USER"
+ chown -R $ROOTLESS_USER:$ROOTLESS_USER "$GOPATH" "$GOSRC"
+
msg "Obtaining necessary gitlab-runner testing bits"
slug="gitlab.com/gitlab-org/gitlab-runner"
helper_fqin="registry.gitlab.com/gitlab-org/gitlab-runner/gitlab-runner-helper:x86_64-latest-pwsh"