You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@brooklyn.apache.org by aledsage <gi...@git.apache.org> on 2018/09/24 13:04:48 UTC

[GitHub] brooklyn-library pull request #159: Jenkins docker: use non-root user

GitHub user aledsage opened a pull request:

    https://github.com/apache/brooklyn-library/pull/159

    Jenkins docker: use non-root user

    Implementing part of the advice from infra in https://issues.apache.org/jira/browse/INFRA-16417
    
    ---
    They advised we use `-u 910:910`, rather than the mvn command running as root in the container. 
    
    Note that running the docker build on my local (mac) laptop, the user ids are interesting! In the container, (which use bind mounts for `.m2` and and the workspace) are owned by root:root. However, on my laptop, the files created are still owned by my own user.
    
    Magic?! I'm therefore not sure whether this change will make much difference.
    
    ---
    The other big change we need (not done here - I'll look at that next), recommended in INFRA-16417, is to STOP bind mounting .m2. They said: "Please don't use a bind mount for filesystems you intend to write to".

You can merge this pull request into a Git repository by running:

    $ git pull https://github.com/aledsage/brooklyn-library fix-jenkins-build

Alternatively you can review and apply these changes as the patch at:

    https://github.com/apache/brooklyn-library/pull/159.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

    This closes #159
    
----
commit 5a9fc95a99cd7b21fe2de9707e4a3286a358635f
Author: Aled Sage <al...@...>
Date:   2018-09-24T12:32:07Z

    Jenkins docker: use non-root user

----


---

[GitHub] brooklyn-library issue #159: Jenkins docker: use non-root user

Posted by aledsage <gi...@git.apache.org>.

Github user aledsage commented on the issue:

    https://github.com/apache/brooklyn-library/pull/159
  
    @tbouron will do, but will first confirm that brooklyn-library master build works, and will also look to see if/how we can avoid the bind mount of the writable directories.


---

[GitHub] brooklyn-library issue #159: Jenkins docker: use non-root user

Posted by tbouron <gi...@git.apache.org>.

Github user tbouron commented on the issue:

    https://github.com/apache/brooklyn-library/pull/159
  
    One thing though, could you port the change to the other submodule @aledsage ?


---

[GitHub] brooklyn-library pull request #159: Jenkins docker: use non-root user

Posted by asfgit <gi...@git.apache.org>.

Github user asfgit closed the pull request at:

    https://github.com/apache/brooklyn-library/pull/159


---

[GitHub] brooklyn-library issue #159: Jenkins docker: use non-root user

Posted by tbouron <gi...@git.apache.org>.

Github user tbouron commented on the issue:

    https://github.com/apache/brooklyn-library/pull/159
  
    LGTM and follow what docs for the maven image: https://hub.docker.com/_/maven/ "Running as non-root"
    
    As Jenkins seems happy, I'm happy and I'll merge this. Thanks @aledsage 


---