Created
May 9, 2022 14:00
-
-
Save vext01/3a26acabd2693551bd2d9d019cf0ebc7 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| diff --git a/bin/run_docker_ci_job b/bin/run_docker_ci_job | |
| index bfd5689..4936468 100755 | |
| --- a/bin/run_docker_ci_job | |
| +++ b/bin/run_docker_ci_job | |
| @@ -26,13 +26,16 @@ run_image() { | |
| # Image name must be unique to the buildbot worker so that workers don't clash. | |
| image_tag=${LOGNAME}-${repo}-${suffix} | |
| + # The container will be run as the worker's "host user". The image is | |
| + # expected to create a user with the same UID. | |
| + ci_uid=`id -u` | |
| + | |
| # Run the CI job. | |
| - echo ${image_tag} | |
| - docker build -t ${image_tag} --file $1 . | |
| + docker build --build-arg CI_UID=${ci_uid} -t ${image_tag} --file $1 . | |
| # XXX: `--rm` removes the container on exit, but in the future we might | |
| # think about leaving failed containers behind (for X hours?) for | |
| # post-mortem debugging. | |
| - docker run --rm ${image_tag} | |
| + docker run -u ${ci_uid} --rm ${image_tag} | |
| status=$? | |
| # Remove untagged and unreferenced images. | |
| @@ -48,10 +51,13 @@ ci_dockerfiles=`ls .buildbot_dockerfile_*` | |
| if [ "${ci_dockerfiles}" = "" ]; then | |
| cat << EOF > ${DEFAULT_DOCKERFILE} | |
| FROM debian:bullseye | |
| + ARG CI_UID | |
| + RUN useradd -m -u \${CI_UID} ci | |
| RUN apt-get update && \ | |
| apt-get -y install build-essential curl | |
| WORKDIR /ci | |
| - COPY . . | |
| + RUN chown \${CI_UID}:\${CI_UID} . | |
| + COPY --chown=\${CI_UID}:\${CI_UID} . . | |
| CMD sh -x .buildbot.sh | |
| EOF | |
| ci_dockerfiles=${DEFAULT_DOCKERFILE} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment