| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
| |
|
|
|
|
| |
Replaced by buildbox-run.
|
|
|
|
| |
Replaced by buildbox-run.
|
| |
|
|
|
|
| |
This job uses buildbox-run-bubblewrap and buildbox-fuse.
|
|
|
|
| |
buildbox-run-userchroot requires a shell.
|
|
|
|
|
|
|
|
| |
The root directory is not allowed to be writable by userchroot.
+ sh -c -e echo 'I can write to root' > /test
sh: can't create /test: Permission denied
|
|
|
|
|
|
|
| |
The root directory is not allowed to be writable by userchroot.
+ sh -e -c touch /foo
touch: /foo: Permission denied
|
|
|
|
|
|
|
|
| |
The root directory is not allowed to be writable by userchroot.
+ sh -e -c mkdir -p /tests
mkdir: can't create directory '/tests': Permission denied
Command 'mkdir -p /tests' failed with exitcode 1
|
| |
|
|
|
|
|
| |
The tests are flaky due to non-deterministic timestamps in the output of
`ls -l`. See https://gitlab.com/BuildStream/buildstream/issues/1218
|
|
|
|
| |
Individual commands are not logged with command batching.
|
|
|
|
| |
Individual commands are not logged with command batching.
|
|
|
|
| |
Individual commands are not logged with command batching.
|
|
|
|
| |
Bind mounting is not supported.
|
|
|
|
| |
The root directory can't be marked read-only with buildbox-run.
|
|
|
|
|
| |
This is required for testing with userchroot to create staging
directories in a system-specific prefix.
|
| |
|
| |
|
|
|
|
|
| |
The buildbox-run sandbox is used only if BST_FORCE_SANDBOX is set to
buildbox-run.
|
| |
|
| |
|
| |
|
|
|
|
|
|
| |
Calling _reset() instead of completely replacing the object fixes
element plugins that use a virtual directory object across Sandbox.run()
calls such as the compose plugin with integration commands.
|
|
|
|
| |
This reinitializes a CASBasedDirectory object from a directory digest.
|
|\
| |
| |
| |
| | |
Multiple CI improvements
See merge request BuildStream/buildstream!1747
|
| |
| |
| |
| |
| | |
We can remove the sast job overwriting and instead 'just' add the
variable it needs to the global variables.
|
| |
| |
| |
| |
| | |
Our image versions tend to drift over time. Let's use a variable to
ensure they are always all at the same version.
|
|/
|
|
|
| |
Contrary to what we thought, those don't get expanded, and we ended up
having the external tests run only for py35, which is incorrect.
|
|\
| |
| |
| |
| | |
Support buildbox-casd running as separate user
See merge request BuildStream/buildstream!1737
|
| |
| |
| |
| |
| |
| |
| |
| | |
To protect the local cache of buildbox-casd from corruption without the
use of FUSE, buildbox-casd has to run as a different user.
Use less restrictive umasks in the source determinism tests to allow
buildbox-casd to function when it is running as a separate user.
|
| |
| |
| |
| | |
This is not necessary and doesn't work with CASD_SEPARATE_USER.
|
| |
| |
| |
| | |
This is not necessary and doesn't work with CASD_SEPARATE_USER.
|
| |
| |
| |
| |
| | |
Linux does not allow hardlinks to read-only files of other users by
default since Linux 3.6 (see /proc/sys/fs/protected_hardlinks).
|
| |
| |
| |
| |
| | |
This is set to True if buildbox-casd is installed with the set-uid bit
and thus, indicates whether buildbox-casd is running as a separate user.
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
By default, Linux doesn't allow creating hardlinks to read-only files of
other users since Linux 3.6 (see /proc/sys/fs/protected_hardlinks).
This fixes staging when buildbox-casd is running as a separate user and
the traditional bubblewrap sandboxing backend is used. This combination
is not recommended, however, it's triggered in CI by docker images that
run buildbox-casd as a separate user and a few test cases that override
BST_FORCE_SANDBOX.
|
|/
|
|
|
|
|
|
|
|
|
| |
This is necessary to allow using buildbox-run with userchroot in the
near future, since currently only the owner of the BuildStream process
can access the CASD socket, but the buildbox-casd binary will need to
be setuid' to another user.
This gets around this limitation by allowing the group to access a
symlink, which in turn should point to a directory owned by the CASD
user.
|
|\
| |
| |
| |
| |
| |
| | |
Refactor casserver.py: Stop relying on the buildstream-internal `CASCache` implementation
Closes #1167
See merge request BuildStream/buildstream!1645
|
| | |
|
| |
| |
| |
| |
| |
| | |
This also involves a number of changes to tests and other parts of the
codebase since they were hacking about wit API that shouldn't have
existed.
|
| | |
|
|/ |
|
|\
| |
| |
| |
| | |
update_commiters.py: Fix security vulnerabilities
See merge request BuildStream/buildstream!1743
|
|/
|
|
|
| |
Not really an issue, this was only to be run on our repository, but it
keeps the linter silent and makes for better sample code.
|
|\
| |
| |
| |
| | |
Update BuildStream requirements
See merge request BuildStream/buildstream!1742
|
| |
| |
| |
| |
| |
| |
| |
| | |
This updates all dependencies on the project, which is mainly needed
by python3.8 but can be done independentely.
This also disables multiple false positive lint errors and disable a
new check that we don't need.
|
| |
| |
| |
| |
| |
| | |
This gives a potentially more explicit understanding of what went
wrong, and pytest can give better information about that exception
than just us asserting the return code.
|
| |
| |
| |
| |
| | |
Newer pylint versions detect and complain about unnecessary elif/else
after a continue/break/return clause. Let's remove them
|
|/
|
|
|
| |
Newer version of pylint detect when a comprehension would not be needed.
Let's remove all the ones that are indeed extraneous
|