You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@couchdb.apache.org by wo...@apache.org on 2017/07/20 16:16:59 UTC
[couchdb] branch jenkins-packages-3 updated: try not running as
root anymore
This is an automated email from the ASF dual-hosted git repository.
wohali pushed a commit to branch jenkins-packages-3
in repository https://gitbox.apache.org/repos/asf/couchdb.git
The following commit(s) were added to refs/heads/jenkins-packages-3 by this push:
new 82b6829 try not running as root anymore
82b6829 is described below
commit 82b6829d9069e13858c8d985c0dd63cf2c477994
Author: Joan Touzet <jo...@atypical.net>
AuthorDate: Thu Jul 20 12:16:43 2017 -0400
try not running as root anymore
---
Jenkinsfile | 65 +++++++++++++++++++++++--------------------------------------
1 file changed, 24 insertions(+), 41 deletions(-)
diff --git a/Jenkinsfile b/Jenkinsfile
index 38397a3..0178170 100644
--- a/Jenkinsfile
+++ b/Jenkinsfile
@@ -33,7 +33,7 @@ pipeline {
// We need the jenkins user mapped inside of the image
// npm config cache below is required because /home/jenkins doesn't
// ACTUALLY exist in the image
- args '-e npm_config_cache=npm-cache -e HOME=. -v=/etc/passwd:/etc/passwd -v /etc/group:/etc/group --user 0:0'
+ args '-e npm_config_cache=npm-cache -e HOME=. -v=/etc/passwd:/etc/passwd -v /etc/group:/etc/group'
}
}
steps {
@@ -43,7 +43,6 @@ pipeline {
rm -rf apache-couchdb-*
./configure --with-curl
make dist
- chown -R jenkins:jenkins * || true
'''
}
}
@@ -66,8 +65,6 @@ pipeline {
// their build results to each other during the build, which ACTUALLY
// HAPPENS. Ugh.
- // we run all package builds as root inside the Docker container
-
// Build packages on supported platforms using esl's erlang
stage('Test') {
steps {
@@ -75,12 +72,11 @@ pipeline {
node(label: 'ubuntu') {
timeout(time: 60, unit: "MINUTES") {
sh 'docker pull couchdbdev/centos-6-erlang-18.3'
- withDockerContainer(image: 'couchdbdev/centos-6-erlang-18.3', args: '-e LD_LIBRARY_PATH=/usr/local/bin -v=/etc/passwd:/etc/passwd -v /etc/group:/etc/group --user 0:0') {
+ withDockerContainer(image: 'couchdbdev/centos-6-erlang-18.3', args: '-e LD_LIBRARY_PATH=/usr/local/bin') {
sh 'rm -f apache-couchdb-*.tar.gz'
unstash 'tarball'
sh '''
cwd=$(pwd)
- umask 0
mkdir -p $COUCHDB_IO_LOG_DIR
# Build CouchDB from tarball
@@ -104,8 +100,7 @@ pipeline {
# Cleanup & save for posterity
rm -rf $cwd/pkgs/$platform && mkdir -p $cwd/pkgs/$platform
- mv ~/rpmbuild/RPMS/x86_64/*rpm $cwd/pkgs/$platform || true
- chown -R jenkins:jenkins $cwd/*
+ mv ../rpmbuild/RPMS/x86_64/*rpm $cwd/pkgs/$platform || true
'''
} // withDocker
} // timeout
@@ -117,7 +112,7 @@ pipeline {
node(label: 'ubuntu') {
timeout(time: 45, unit: "MINUTES") {
sh 'docker pull couchdbdev/centos-7-erlang-default'
- withDockerContainer(image: 'couchdbdev/centos-7-erlang-default', args: '-e LD_LIBRARY_PATH=/usr/local/bin -e npm_config_cache=npm-cache -e HOME=. -v=/etc/passwd:/etc/passwd -v /etc/group:/etc/group') {
+ withDockerContainer(image: 'couchdbdev/centos-7-erlang-default', args: '-e LD_LIBRARY_PATH=/usr/local/bin') {
sh 'rm -f apache-couchdb-*.tar.gz'
unstash 'tarball'
sh '''
@@ -142,12 +137,11 @@ pipeline {
node(label: 'ubuntu') {
timeout(time: 60, unit: "MINUTES") {
sh 'docker pull couchdbdev/centos-7-erlang-18.3'
- withDockerContainer(image: 'couchdbdev/centos-7-erlang-18.3', args: '-e LD_LIBRARY_PATH=/usr/local/bin -v=/etc/passwd:/etc/passwd -v /etc/group:/etc/group --user 0:0') {
+ withDockerContainer(image: 'couchdbdev/centos-7-erlang-18.3', args: '-e LD_LIBRARY_PATH=/usr/local/bin') {
sh 'rm -f apache-couchdb-*.tar.gz'
unstash 'tarball'
sh '''
cwd=$(pwd)
- umask 0
mkdir -p $COUCHDB_IO_LOG_DIR
# Build CouchDB from tarball
@@ -171,8 +165,7 @@ pipeline {
# Cleanup & save for posterity
rm -rf $cwd/pkgs/$platform && mkdir -p $cwd/pkgs/$platform
- mv ~/rpmbuild/RPMS/x86_64/*rpm $cwd/pkgs/$platform || true
- chown -R jenkins:jenkins $cwd/*
+ mv ../rpmbuild/RPMS/x86_64/*rpm $cwd/pkgs/$platform || true
'''
} // withDocker
} // timeout
@@ -184,7 +177,7 @@ pipeline {
node(label: 'ubuntu') {
timeout(time: 45, unit: "MINUTES") {
sh 'docker pull couchdbdev/ubuntu-12.04-erlang-18.3'
- withDockerContainer(image: 'couchdbdev/ubuntu-12.04-erlang-18.3', args: '-e npm_config_cache=npm-cache -e HOME=. -v=/etc/passwd:/etc/passwd -v /etc/group:/etc/group') {
+ withDockerContainer(image: 'couchdbdev/ubuntu-12.04-erlang-18.3') {
sh 'rm -f apache-couchdb-*.tar.gz'
unstash 'tarball'
sh '''
@@ -207,7 +200,7 @@ pipeline {
node(label: 'ubuntu') {
timeout(time: 45, unit: "MINUTES") {
sh 'docker pull couchdbdev/ubuntu-14.04-erlang-default'
- withDockerContainer(image: 'couchdbdev/ubuntu-14.04-erlang-default', args: '-e npm_config_cache=npm-cache -e HOME=. -v=/etc/passwd:/etc/passwd -v /etc/group:/etc/group') {
+ withDockerContainer(image: 'couchdbdev/ubuntu-14.04-erlang-default') {
sh 'rm -f apache-couchdb-*.tar.gz'
unstash 'tarball'
sh '''
@@ -230,12 +223,11 @@ pipeline {
node(label: 'ubuntu') {
timeout(time: 60, unit: "MINUTES") {
sh 'docker pull couchdbdev/ubuntu-14.04-erlang-18.3'
- withDockerContainer(image: 'couchdbdev/ubuntu-14.04-erlang-18.3', args: '-v=/etc/passwd:/etc/passwd -v /etc/group:/etc/group --user 0:0') {
+ withDockerContainer(image: 'couchdbdev/ubuntu-14.04-erlang-18.3') {
sh 'rm -f apache-couchdb-*.tar.gz'
unstash 'tarball'
sh '''
cwd=$(pwd)
- umask 0
mkdir -p $COUCHDB_IO_LOG_DIR
# Build CouchDB from tarball
@@ -254,14 +246,12 @@ pipeline {
cp $cwd/apache-couchdb-*.tar.gz couchdb
tar -xf $cwd/apache-couchdb-*.tar.gz -C couchdb
cd couchdb-pkg
- sudo apt-get install -y libmozjs185-dev
platform=$(lsb_release -cs)
make $platform PLATFORM=$platform
# Cleanup & save for posterity
rm -rf $cwd/pkgs/$platform && mkdir -p $cwd/pkgs/$platform
mv ../couchdb/*deb $cwd/pkgs/$platform || true
- chown -R jenkins:jenkins $cwd/*
'''
} // withDocker
} // timeout
@@ -273,7 +263,7 @@ pipeline {
node(label: 'ubuntu') {
timeout(time: 45, unit: "MINUTES") {
sh 'docker pull couchdbdev/ubuntu-16.04-erlang-default'
- withDockerContainer(image: 'couchdbdev/ubuntu-16.04-erlang-default', args: '-e npm_config_cache=npm-cache -e HOME=. -v=/etc/passwd:/etc/passwd -v /etc/group:/etc/group') {
+ withDockerContainer(image: 'couchdbdev/ubuntu-16.04-erlang-default') {
sh 'rm -f apache-couchdb-*.tar.gz'
unstash 'tarball'
sh '''
@@ -296,12 +286,11 @@ pipeline {
node(label: 'ubuntu') {
timeout(time: 60, unit: "MINUTES") {
sh 'docker pull couchdbdev/ubuntu-16.04-erlang-18.3'
- withDockerContainer(image: 'couchdbdev/ubuntu-16.04-erlang-18.3', args: '-v=/etc/passwd:/etc/passwd -v /etc/group:/etc/group --user 0:0') {
+ withDockerContainer(image: 'couchdbdev/ubuntu-16.04-erlang-18.3') {
sh 'rm -f apache-couchdb-*.tar.gz'
unstash 'tarball'
sh '''
cwd=$(pwd)
- umask 0
mkdir -p $COUCHDB_IO_LOG_DIR
# Build CouchDB from tarball
@@ -320,14 +309,12 @@ pipeline {
cp $cwd/apache-couchdb-*.tar.gz couchdb
tar -xf $cwd/apache-couchdb-*.tar.gz -C couchdb
cd couchdb-pkg
- sudo apt-get install -y libmozjs185-dev
platform=$(lsb_release -cs)
make $platform PLATFORM=$platform
# Cleanup & save for posterity
rm -rf $cwd/pkgs/$platform && mkdir -p $cwd/pkgs/$platform
mv ../couchdb/*deb $cwd/pkgs/$platform || true
- chown -R jenkins:jenkins $cwd/*
'''
} // withDocker
} // timeout
@@ -339,7 +326,7 @@ pipeline {
node(label: 'ubuntu') {
timeout(time: 45, unit: "MINUTES") {
sh 'docker pull couchdbdev/debian-8-erlang-default'
- withDockerContainer(image: 'couchdbdev/debian-8-erlang-default', args: '-e npm_config_cache=npm-cache -e HOME=. -v=/etc/passwd:/etc/passwd -v /etc/group:/etc/group') {
+ withDockerContainer(image: 'couchdbdev/debian-8-erlang-default') {
sh 'rm -f apache-couchdb-*.tar.gz'
unstash 'tarball'
sh '''
@@ -362,8 +349,7 @@ pipeline {
node(label: 'ubuntu') {
timeout(time: 60, unit: "MINUTES") {
sh 'docker pull couchdbdev/debian-8-erlang-18.3'
- // must run as root because of sudo step below
- withDockerContainer(image: 'couchdbdev/debian-8-erlang-18.3', args: '-v=/etc/passwd:/etc/passwd -v /etc/group:/etc/group --user 0:0') {
+ withDockerContainer(image: 'couchdbdev/debian-8-erlang-18.3') {
sh 'rm -f apache-couchdb-*.tar.gz'
unstash 'tarball'
sh '''
@@ -386,14 +372,12 @@ pipeline {
cp $cwd/apache-couchdb-*.tar.gz couchdb
tar -xf $cwd/apache-couchdb-*.tar.gz -C couchdb
cd couchdb-pkg
- sudo apt-get install -y libmozjs185-dev
platform=$(lsb_release -cs)
make $platform PLATFORM=$platform
# Cleanup & save for posterity
rm -rf $cwd/pkgs/$platform && mkdir -p $cwd/pkgs/$platform
mv ../couchdb/*deb $cwd/pkgs/$platform || true
- chown -R jenkins:jenkins $cwd/*
'''
} // withDocker
} // timeout
@@ -414,7 +398,6 @@ pipeline {
// This image has the deb AND rpm repo tools installed in it
image 'couchdbdev/debian-8-base'
// We need the jenkins user mapped inside of the image
- // We must run as root because we have to create ~/.ssh for rsync
args '-v /etc/passwd:/etc/passwd -v /etc/group:/etc/group'
label 'ubuntu'
}
@@ -423,6 +406,12 @@ pipeline {
withCredentials([file(credentialsId: 'jenkins-key', variable: 'KEY')]) {
sh 'rm -rf pkgs *.tar.gz'
unarchive mapping: ['pkgs/' : '.']
+ unstash 'tarball'
+ echo 'Retrieving & cleaning current couchdb-vm2 tree...'
+ sh '''
+ rsync -avz -e "ssh -o StrictHostKeyChecking=no -i $KEY" jenkins@couchdb-vm2.apache.org:/var/www/html/$BRANCH_NAME .
+ rm -rf $BRANCH_NAME/debian/* $BRANCH_NAME/el6/* $BRANCH_NAME/el7/*
+ '''
echo 'Building Debian repo...'
sh '''
git clone https://github.com/apache/couchdb-pkg
@@ -435,23 +424,17 @@ pipeline {
cd pkgs/centos6 && createrepo --database .
cd ../centos7 && rm -f js* && createrepo --database .
'''
- echo 'rsyncing repos to couchdb-vm2...'
+ echo 'rsyncing tree to couchdb-vm2...'
sh '''
- mkdir -p $BRANCH_NAME/debian $BRANCH_NAME/el6 $BRANCH_NAME/el7
mv couchdb-pkg/repo/pool $BRANCH_NAME/debian
mv couchdb-pkg/repo/dists $BRANCH_NAME/debian
mv pkgs/centos6/* $BRANCH_NAME/el6
mv pkgs/centos7/* $BRANCH_NAME/el7
- rsync -avz --delete -e "ssh -o StrictHostKeyChecking=no -i $KEY" $BRANCH_NAME jenkins@couchdb-vm2.apache.org:/var/www/html
- '''
- // cronjob on couchdb-vm2 cleans up old tarballs (keeps latest 10)
- echo 'rsyncing source tarball to couchdb-vm2...'
- unstash 'tarball'
- sh '''
- rm -rf $BRANCH_NAME
- mkdir -p $BRANCH_NAME/source
mv apache-couchdb-*.tar.gz $BRANCH_NAME/source
- rsync -avz -e "ssh -o StrictHostKeyChecking=no -i $KEY" $BRANCH_NAME jenkins@couchdb-vm2.apache.org:/var/www/html
+ cd $BRANCH_NAME/source
+ ls -1tr | head -n -10 | xargs -d '\n' rm -f --
+ cd ../..
+ rsync -avz --delete -e "ssh -o StrictHostKeyChecking=no -i $KEY" $BRANCH_NAME jenkins@couchdb-vm2.apache.org:/var/www/html
rm -rf $BRANCH_NAME couchdb-pkg *.tar.gz
'''
deleteDir()
--
To stop receiving notification emails like this one, please contact
['"commits@couchdb.apache.org" <co...@couchdb.apache.org>'].