From 64617bf4c8c954defeb63d737c25531a0c9e127b Mon Sep 17 00:00:00 2001 From: Cédric Ollivier Date: Fri, 15 Apr 2022 12:14:24 +0200 Subject: Set uid and gid to 1000 in all jobs MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit It works globally even if most of containers aren't leveraging 1000 as uid (root is allowed to write everywhere). Change-Id: I8b2892cd9abc28a87417ad90a7dca6cd16dab319 Signed-off-by: Cédric Ollivier --- jjb/functest/functest-kubernetes-pi.yaml | 14 +++++++++++++- jjb/functest/functest-kubernetes.yaml | 14 +++++++++++++- jjb/functest/functest-pi.yaml | 18 ++++++++++++++++-- jjb/functest/functest.yaml | 18 ++++++++++++++++-- jjb/functest/xtesting-pi.yaml | 10 ++++++++-- jjb/functest/xtesting.yaml | 10 ++++++++-- 6 files changed, 74 insertions(+), 10 deletions(-) diff --git a/jjb/functest/functest-kubernetes-pi.yaml b/jjb/functest/functest-kubernetes-pi.yaml index 40b37c1e7..340ae236c 100644 --- a/jjb/functest/functest-kubernetes-pi.yaml +++ b/jjb/functest/functest-kubernetes-pi.yaml @@ -87,6 +87,8 @@ volumes: '{volumes}' env: '{env}' network: '{network}' + uid: '{uid}' + gid: '{gid}' - builder: name: functest-kubernetes-pi-pull-containers @@ -126,7 +128,7 @@ image={repo}:{port}/{container}:{tag} fi mkdir -p $WORKSPACE/results - chown 1000:1000 $WORKSPACE/results + chown {uid}:{gid} $WORKSPACE/results docker run --rm \ --privileged={privileged} \ --network={network} \ @@ -274,6 +276,8 @@ - k8s_smoke privileged: 'false' network: bridge + uid: 1000 + gid: 1000 jobs: - 'functest-kubernetes-pi-ollivier-functest-kubernetes-healthcheck-{tag}-{test}-run' @@ -320,6 +324,8 @@ - sig_storage_serial privileged: 'false' network: bridge + uid: 1000 + gid: 1000 exclude: - tag: latest test: k8s_io @@ -380,6 +386,8 @@ - kube_bench_node privileged: 'false' network: bridge + uid: 1000 + gid: 1000 jobs: - 'functest-kubernetes-pi-ollivier-functest-kubernetes-security-{tag}-{test}-run' @@ -412,6 +420,8 @@ - netperf privileged: 'false' network: bridge + uid: 1000 + gid: 1000 jobs: - 'functest-kubernetes-pi-ollivier-functest-kubernetes-benchmarking-{tag}-{test}-run' @@ -445,6 +455,8 @@ - cnf_testsuite privileged: 'false' network: bridge + uid: 1000 + gid: 1000 jobs: - 'functest-kubernetes-pi-ollivier-functest-kubernetes-cnf-{tag}-{test}-run' diff --git a/jjb/functest/functest-kubernetes.yaml b/jjb/functest/functest-kubernetes.yaml index dabe84494..53603ca7e 100644 --- a/jjb/functest/functest-kubernetes.yaml +++ b/jjb/functest/functest-kubernetes.yaml @@ -87,6 +87,8 @@ volumes: '{volumes}' env: '{env}' network: '{network}' + uid: '{uid}' + gid: '{gid}' - builder: name: functest-kubernetes-pull-containers @@ -126,7 +128,7 @@ image={repo}:{port}/{container}:{tag} fi mkdir -p $WORKSPACE/results - chown 1000:1000 $WORKSPACE/results + chown {uid}:{gid} $WORKSPACE/results docker run --rm \ --privileged={privileged} \ --network={network} \ @@ -274,6 +276,8 @@ - k8s_smoke privileged: 'false' network: bridge + uid: 1000 + gid: 1000 jobs: - 'functest-kubernetes-opnfv-functest-kubernetes-healthcheck-{tag}-{test}-run' @@ -320,6 +324,8 @@ - sig_storage_serial privileged: 'false' network: bridge + uid: 1000 + gid: 1000 exclude: - tag: latest test: k8s_io @@ -362,6 +368,8 @@ - kube_bench_node privileged: 'false' network: bridge + uid: 1000 + gid: 1000 jobs: - 'functest-kubernetes-opnfv-functest-kubernetes-security-{tag}-{test}-run' @@ -394,6 +402,8 @@ - netperf privileged: 'false' network: bridge + uid: 1000 + gid: 1000 jobs: - 'functest-kubernetes-opnfv-functest-kubernetes-benchmarking-{tag}-{test}-run' @@ -427,6 +437,8 @@ - cnf_testsuite privileged: 'false' network: bridge + uid: 1000 + gid: 1000 jobs: - 'functest-kubernetes-opnfv-functest-kubernetes-cnf-{tag}-{test}-run' diff --git a/jjb/functest/functest-pi.yaml b/jjb/functest/functest-pi.yaml index 9afca8f4f..23dcb51dc 100644 --- a/jjb/functest/functest-pi.yaml +++ b/jjb/functest/functest-pi.yaml @@ -112,6 +112,8 @@ volumes: '{volumes}' env: '{env}' network: '{network}' + uid: '{uid}' + gid: '{gid}' DASHBOARD_URL: '{DASHBOARD_URL}' - builder: @@ -151,8 +153,8 @@ else image={repo}:{port}/{container}:{tag} fi - mkdir -p $WORKSPACE/results - chown 1000:1000 $WORKSPACE/results + sudo mkdir -p $WORKSPACE/results + sudo chown {uid}:{gid} $WORKSPACE/results sudo docker run --rm \ --privileged={privileged} \ --network={network} \ @@ -330,6 +332,8 @@ - tempest_horizon privileged: 'false' network: bridge + uid: 1000 + gid: 1000 jobs: - 'functest-pi-ollivier-functest-healthcheck-{tag}-{test}-run' @@ -386,6 +390,8 @@ - tempest_cyborg privileged: 'false' network: bridge + uid: 1000 + gid: 1000 exclude: - tag: latest test: refstack_defcore @@ -603,6 +609,8 @@ - tempest_slow_cntt privileged: 'false' network: bridge + uid: 1000 + gid: 1000 jobs: - 'functest-pi-ollivier-functest-smoke-cntt-{tag}-{test}-run' @@ -641,6 +649,8 @@ - shaker privileged: 'false' network: bridge + uid: 1000 + gid: 1000 jobs: - 'functest-pi-ollivier-functest-benchmarking-{tag}-{test}-run' @@ -677,6 +687,8 @@ - rally_jobs_cntt privileged: 'false' network: bridge + uid: 1000 + gid: 1000 jobs: - 'functest-pi-ollivier-functest-benchmarking-cntt-{tag}-{test}-run' @@ -716,6 +728,8 @@ - juju_epc privileged: 'false' network: bridge + uid: 1000 + gid: 1000 jobs: - 'functest-pi-ollivier-functest-vnf-{tag}-{test}-run' diff --git a/jjb/functest/functest.yaml b/jjb/functest/functest.yaml index bb5de274f..7d1172742 100644 --- a/jjb/functest/functest.yaml +++ b/jjb/functest/functest.yaml @@ -100,6 +100,8 @@ volumes: '{volumes}' env: '{env}' network: '{network}' + uid: '{uid}' + gid: '{gid}' DASHBOARD_URL: '{DASHBOARD_URL}' - builder: @@ -139,8 +141,8 @@ else image={repo}:{port}/{container}:{tag} fi - mkdir -p $WORKSPACE/results - chown 1000:1000 $WORKSPACE/results + sudo mkdir -p $WORKSPACE/results + sudo chown {uid}:{gid} $WORKSPACE/results sudo docker run --rm \ --privileged={privileged} \ --network={network} \ @@ -318,6 +320,8 @@ - tempest_horizon privileged: 'false' network: bridge + uid: 1000 + gid: 1000 jobs: - 'functest-opnfv-functest-healthcheck-{tag}-{test}-run' @@ -374,6 +378,8 @@ - tempest_cyborg privileged: 'false' network: bridge + uid: 1000 + gid: 1000 exclude: - tag: latest test: refstack_defcore @@ -475,6 +481,8 @@ - tempest_slow_cntt privileged: 'false' network: bridge + uid: 1000 + gid: 1000 jobs: - 'functest-opnfv-functest-smoke-cntt-{tag}-{test}-run' @@ -513,6 +521,8 @@ - shaker privileged: 'false' network: bridge + uid: 1000 + gid: 1000 jobs: - 'functest-opnfv-functest-benchmarking-{tag}-{test}-run' @@ -549,6 +559,8 @@ - rally_jobs_cntt privileged: 'false' network: bridge + uid: 1000 + gid: 1000 jobs: - 'functest-opnfv-functest-benchmarking-cntt-{tag}-{test}-run' @@ -588,6 +600,8 @@ - juju_epc privileged: 'false' network: bridge + uid: 1000 + gid: 1000 jobs: - 'functest-opnfv-functest-vnf-{tag}-{test}-run' diff --git a/jjb/functest/xtesting-pi.yaml b/jjb/functest/xtesting-pi.yaml index 7b16e848f..3fbfaf034 100644 --- a/jjb/functest/xtesting-pi.yaml +++ b/jjb/functest/xtesting-pi.yaml @@ -73,6 +73,8 @@ volumes: '{volumes}' env: '{env}' network: '{network}' + uid: '{uid}' + gid: '{gid}' - builder: name: xtesting-pi-pull-containers @@ -111,8 +113,8 @@ else image={repo}:{port}/{container}:{tag} fi - mkdir -p $WORKSPACE/results - chown 1000:1000 $WORKSPACE/results + sudo mkdir -p $WORKSPACE/results + sudo chown {uid}:{gid} $WORKSPACE/results sudo docker run --rm \ --privileged={privileged} \ --network={network} \ @@ -216,6 +218,8 @@ - eighth privileged: 'false' network: bridge + uid: 1000 + gid: 1000 exclude: - tag: leguer test: eighth @@ -259,6 +263,8 @@ - seventh privileged: 'false' network: bridge + uid: 1000 + gid: 1000 jobs: - 'xtesting-pi-ollivier-xtesting-mts-{tag}-{test}-run' diff --git a/jjb/functest/xtesting.yaml b/jjb/functest/xtesting.yaml index 0c75a839d..193ec2dab 100644 --- a/jjb/functest/xtesting.yaml +++ b/jjb/functest/xtesting.yaml @@ -73,6 +73,8 @@ volumes: '{volumes}' env: '{env}' network: '{network}' + uid: '{uid}' + gid: '{gid}' - builder: name: xtesting-pull-containers @@ -111,8 +113,8 @@ else image={repo}:{port}/{container}:{tag} fi - mkdir -p $WORKSPACE/results - chown 1000:1000 $WORKSPACE/results + sudo mkdir -p $WORKSPACE/results + sudo chown {uid}:{gid} $WORKSPACE/results sudo docker run --rm \ --privileged={privileged} \ --network={network} \ @@ -216,6 +218,8 @@ - eighth privileged: 'false' network: bridge + uid: 1000 + gid: 1000 exclude: - tag: leguer test: eighth @@ -247,6 +251,8 @@ - seventh privileged: 'false' network: bridge + uid: 1000 + gid: 1000 jobs: - 'xtesting-opnfv-xtesting-mts-{tag}-{test}-run' -- cgit 1.2.3-korg