[libvirt PATCH v2 2/4] ci: Run podman command directly without wrapping it with prepare.sh

Fri, 12 Feb 2021 06:20:09 -0800 

The prepare.sh script isn't currently used and forces us to make use
of sudo to switch the user inside the container from root to $USER
which created a problem on our Debian Slim-based containers which don't
have the 'sudo' package installed.
This patch removes the sudo invocation and instead runs the CMD
directly with podman.

Summary of the changes:
- move the corresponding env variables which we need to be set in the
  environment from the sudo invocation to the podman invocation
- pass --workdir to podman to retain the original behaviour we had with
  sudo spawning a login shell.
- MESON_OPTS env variable doesn't need to propagated to the execution
  environment anymore (like we had to do with sudo), because it's
  defined in the Dockerfile

Signed-off-by: Erik Skultety <eskul...@redhat.com>
Reviewed-by: Andrea Bolognani <abolo...@redhat.com>
---
 ci/Makefile | 27 ++++++++++++---------------
 1 file changed, 12 insertions(+), 15 deletions(-)

diff --git a/ci/Makefile b/ci/Makefile
index 7938e14c15..9308738d2d 100644
--- a/ci/Makefile
+++ b/ci/Makefile
@@ -82,7 +82,6 @@ CI_HOME_MOUNTS = \
        $(NULL)
 
 CI_SCRIPT_MOUNTS = \
-       --volume $(CI_SCRATCHDIR)/prepare:$(CI_USER_HOME)/prepare:z \
        --volume $(CI_SCRATCHDIR)/build:$(CI_USER_HOME)/build:z \
        $(NULL)
 
@@ -150,6 +149,8 @@ CI_GIT_ARGS = \
 #   --user    we execute as the same user & group account
 #             as dev so that file ownership matches host
 #             instead of root:root
+#   --workdir we change to user's home dir in the container
+#             before running the workload
 #   --volume  to pass in the cloned git repo & config
 #   --ulimit  lower files limit for performance reasons
 #   --interactive
@@ -158,6 +159,11 @@ CI_ENGINE_ARGS = \
        --rm \
        --interactive \
        --tty \
+       --user "$(CI_UID)":"$(CI_GID)" \
+       --workdir "$(CI_USER_HOME)" \
+       --env CI_CONT_SRCDIR="$(CI_CONT_SRCDIR)" \
+       --env CI_MESON_ARGS="$(CI_MESON_ARGS)" \
+       --env CI_NINJA_ARGS="$(CI_NINJA_ARGS)" \
        $(CI_PODMAN_ARGS) \
        $(CI_PWDB_MOUNTS) \
        $(CI_HOME_MOUNTS) \
@@ -178,9 +184,8 @@ ci-prepare-tree: ci-check-engine
                cp /etc/passwd $(CI_SCRATCHDIR); \
                cp /etc/group $(CI_SCRATCHDIR); \
                mkdir -p $(CI_SCRATCHDIR)/home; \
-               cp "$(CI_PREPARE_SCRIPT)" $(CI_SCRATCHDIR)/prepare; \
                cp "$(CI_BUILD_SCRIPT)" $(CI_SCRATCHDIR)/build; \
-               chmod +x "$(CI_SCRATCHDIR)/prepare" "$(CI_SCRATCHDIR)/build"; \
+               chmod +x "$(CI_SCRATCHDIR)/build"; \
                echo "Cloning $(CI_GIT_ROOT) to $(CI_HOST_SRCDIR)"; \
                git clone $(CI_GIT_ARGS) $(CI_GIT_ROOT) $(CI_HOST_SRCDIR) || 
exit 1; \
                for mod in $$(git submodule | awk '{ print $$2 }' | sed -E 
's,^../,,g') ; \
@@ -192,18 +197,10 @@ ci-prepare-tree: ci-check-engine
        fi
 
 ci-run-command@%: ci-prepare-tree
-       $(CI_ENGINE) run $(CI_ENGINE_ARGS) $(CI_IMAGE_PREFIX)$*$(CI_IMAGE_TAG) \
-               /bin/bash -c ' \
-               $(CI_USER_HOME)/prepare || exit 1; \
-               sudo \
-                 --login \
-                 --user="#$(CI_UID)" \
-                 --group="#$(CI_GID)" \
-                 MESON_OPTS="$$MESON_OPTS" \
-                 CI_CONT_SRCDIR="$(CI_CONT_SRCDIR)" \
-                 CI_MESON_ARGS="$(CI_MESON_ARGS)" \
-                 CI_NINJA_ARGS="$(CI_NINJA_ARGS)" \
-                 $(CI_COMMAND) || exit 1'
+       $(CI_ENGINE) run \
+               $(CI_ENGINE_ARGS) \
+               $(CI_IMAGE_PREFIX)$*$(CI_IMAGE_TAG) \
+               $(CI_COMMAND)
        @test "$(CI_CLEAN)" = "1" && rm -rf $(CI_SCRATCHDIR) || :
 
 ci-shell@%:
-- 
2.29.2

Reply via email to