Backed out 2 changesets (bug 1295380) because it needs treeherder changes deployed before it can land a=backouty
authorWes Kocher <wkocher@mozilla.com>
Thu, 18 Aug 2016 15:03:55 -0700
changeset 309968 f90d73ed026973d4e442d1711eede5626bc9cf01
parent 309967 c592e44da5f31eeaca861e6e1af75b6ed2c9fe59
child 309969 9b55d21dd1523cedee12f30daa097b9cd3154aa2
push id31516
push userkwierso@gmail.com
push dateThu, 18 Aug 2016 22:03:59 +0000
treeherderautoland@f90d73ed0269 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersbackouty
bugs1295380
milestone51.0a1
backs out905fb4a53386c76d931e4a04a31d03739a00a1ff
213a4986ccfd71f04f822e56b1a9ad9505ed5e98
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Backed out 2 changesets (bug 1295380) because it needs treeherder changes deployed before it can land a=backouty Backed out changeset 905fb4a53386 (bug 1295380) Backed out changeset 213a4986ccfd (bug 1295380)
taskcluster/taskgraph/transforms/tests/make_task_description.py
testing/docker/desktop-test/Dockerfile
testing/docker/desktop-test/bin/test.sh
testing/docker/desktop1604-test/bin/test.sh
testing/docker/recipes/run-task
--- a/taskcluster/taskgraph/transforms/tests/make_task_description.py
+++ b/taskcluster/taskgraph/transforms/tests/make_task_description.py
@@ -188,24 +188,18 @@ def docker_worker_setup(config, test, ta
             'mount-point': '/home/worker/tooltool-cache',
         })
         taskdesc['scopes'].extend([
             'docker-worker:relengapi-proxy:tooltool.download.internal',
             'docker-worker:relengapi-proxy:tooltool.download.public',
         ])
 
     # assemble the command line
-    command = [
-        '/home/worker/bin/run-task',
-        # The workspace cache/volume is default owned by root:root.
-        '--chown', '/home/worker/workspace',
-        '--',
-        '/home/worker/bin/test-linux.sh',
-    ]
 
+    command = ["bash", "/home/worker/bin/test.sh"]
     if mozharness.get('no-read-buildbot-config'):
         command.append("--no-read-buildbot-config")
     command.extend([
         {"task-reference": "--installer-url=" + installer_url},
         {"task-reference": "--test-packages-url=" + test_packages_url},
     ])
     command.extend(mozharness.get('extra-options', []))
 
--- a/testing/docker/desktop-test/Dockerfile
+++ b/testing/docker/desktop-test/Dockerfile
@@ -37,16 +37,17 @@ ENV           USER          worker
 ENV           LOGNAME       worker
 ENV           HOSTNAME      taskcluster-worker
 ENV           LANG          en_US.UTF-8
 ENV           LC_ALL        en_US.UTF-8
 
 # Add utilities and configuration
 COPY           dot-files/config              /home/worker/.config
 COPY           dot-files/pulse               /home/worker/.pulse
+COPY           bin                           /home/worker/bin
 RUN            chmod +x bin/*
 # TODO: remove this when buildbot is gone
 COPY           buildprops.json               /home/worker/buildprops.json
 COPY           tc-vcs-config.yml /etc/taskcluster-vcs.yml
 
 # TODO: remove
 ADD            https://raw.githubusercontent.com/taskcluster/buildbot-step/master/buildbot_step /home/worker/bin/buildbot_step
 RUN chmod u+x /home/worker/bin/buildbot_step
new file mode 100644
--- /dev/null
+++ b/testing/docker/desktop-test/bin/test.sh
@@ -0,0 +1,20 @@
+#! /bin/bash -vex
+
+set -x -e
+
+: GECKO_HEAD_REPOSITORY         ${GECKO_HEAD_REPOSITORY:=https://hg.mozilla.org/mozilla-central}
+: GECKO_HEAD_REV                ${GECKO_HEAD_REV:=default}
+: WORKSPACE                     ${WORKSPACE:=/home/worker/workspace}
+
+
+# TODO: when bug 1093833 is solved and tasks can run as non-root, reduce this
+# to a simple fail-if-root check
+if [ $(id -u) = 0 ]; then
+    chown -R worker:worker /home/worker
+    # drop privileges by re-running this script
+    exec sudo -E -u worker bash /home/worker/bin/test.sh "${@}"
+fi
+
+[ -d $WORKSPACE ] || mkdir -p $WORKSPACE
+cd $WORKSPACE
+exec /home/worker/bin/test-linux.sh "${@}"
new file mode 100644
--- /dev/null
+++ b/testing/docker/desktop1604-test/bin/test.sh
@@ -0,0 +1,20 @@
+#! /bin/bash -vex
+
+set -x -e
+
+: GECKO_HEAD_REPOSITORY         ${GECKO_HEAD_REPOSITORY:=https://hg.mozilla.org/mozilla-central}
+: GECKO_HEAD_REV                ${GECKO_HEAD_REV:=default}
+: WORKSPACE                     ${WORKSPACE:=/home/worker/workspace}
+
+
+# TODO: when bug 1093833 is solved and tasks can run as non-root, reduce this
+# to a simple fail-if-root check
+if [ $(id -u) = 0 ]; then
+    chown -R worker:worker /home/worker
+    # drop privileges by re-running this script
+    exec sudo -E -u worker bash /home/worker/bin/test.sh "${@}"
+fi
+
+[ -d $WORKSPACE ] || mkdir -p $WORKSPACE
+cd $WORKSPACE
+exec /home/worker/bin/test-linux.sh "${@}"
--- a/testing/docker/recipes/run-task
+++ b/testing/docker/recipes/run-task
@@ -126,23 +126,16 @@ def main(args):
         task_args = args[i + 1:]
     except ValueError:
         our_args = args
         task_args = []
 
     parser = argparse.ArgumentParser()
     parser.add_argument('--user', default='worker', help='user to run as')
     parser.add_argument('--group', default='worker', help='group to run as')
-    # We allow paths to be chowned by the --user:--group before permissions are
-    # dropped. This is often necessary for caches/volumes, since they default
-    # to root:root ownership.
-    parser.add_argument('--chown', action='append',
-                        help='Directory to chown to --user:--group')
-    parser.add_argument('--chown-recursive', action='append',
-                        help='Directory to recursively chown to --user:--group')
     parser.add_argument('--vcs-checkout',
                         help='Directory where Gecko checkout should be created')
 
     args = parser.parse_args(our_args)
 
     try:
         user = pwd.getpwnam(args.user)
     except KeyError:
@@ -157,33 +150,16 @@ def main(args):
         return 1
 
     uid = user.pw_uid
     gid = group.gr_gid
 
     # Find all groups to which this user is a member.
     gids = [g.gr_gid for g in grp.getgrall() if args.group in g.gr_mem]
 
-    # Change ownership of requested paths.
-    # FUTURE: parse argument values for user/group if we don't want to
-    # use --user/--group.
-    for path in args.chown or []:
-        print_line(b'chown', b'changing ownership of %s to %s:%s\n' % (
-                   path, user.pw_name, group.gr_name))
-        os.chown(path, uid, gid)
-
-    for path in args.chown_recursive or []:
-        print_line(b'chown', b'recursively changing ownership of %s to %s:%s\n' %
-                   (path, user.pw_name, group.gr_name))
-        for root, dirs, files in os.walk(path):
-            for d in dirs:
-                os.chown(os.path.join(root, d), uid, gid)
-            for f in files:
-                os.chown(os.path.join(root, f), uid, gid)
-
     checkout = args.vcs_checkout
     if checkout:
         # Ensure the directory for the source checkout exists.
         try:
             os.makedirs(os.path.dirname(checkout))
         except OSError as e:
             if e.errno != errno.EEXIST:
                 raise