Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Build and Upload PAM OAuth RPMs (Inf-794) #1

Merged
merged 5 commits into from
Jun 7, 2023
Merged

Build and Upload PAM OAuth RPMs (Inf-794) #1

merged 5 commits into from
Jun 7, 2023

Conversation

jeff-takaki
Copy link

The uploads can be found at the bottom of the portion of the Actions summary page. The action checks out the code and from the rpm directory builds the container pamoauth2device-rpm-build. The docker run command creates a volume that maps /data inside the container to the .workspace variable which is the file path of the root directory of the current repo on the github actions runner. There was a permission issue between the user of the container and the github actions user where github actions user could not copy anything from inside the container. Setting the container user as root solved the problem but that may not be the appropriate work around. The upload artifact action pulls the build rpms from the .workspace/RPMS path.

@jeff-takaki
Build and Upload PAM OAuth RPMs (Inf-794)
be9806d 
The uploads can be found at the bottom of the portion of the Actions summary page.
The action checks out the code and from the rpm directory builds the container pamoauth2device-rpm-build.
The docker run command creates a volume that maps /data inside the container to the .workspace variable
which is the file path of the root directory of the current repo on the github actions runner.
There was a permission issue between the user of the container and the github actions user where
github actions user could not copy anything from inside the container. Setting the container user
as root solved the problem but that may not be the appropriate work around. The upload artifact
action pulls the build rpms from the .workspace/RPMS path.
@brianhlin
Copy link

@jtakaki-matc I generally don't love making everything run as root. Instead of dumping the contents of /data from the container into the GHA repo root, how about you create a dir specifically for the build output, make sure that has the correct uid/gid ownership (see below), and mount that dir into the container instead?

$ podman run --rm -it  pamoauth2device-rpm-build:latest id builder
uid=1000(builder) gid=1000(builder) groups=1000(builder)

@jeff-takaki
Copy link
Author

@brianhlin I've got green check marks for this update, I think that's better??

@jeff-takaki
Add uid and gid to Dockerfile for USER builder
e38151a 
Remove uid and gid from docker run command in workflow
@jeff-takaki
Copy link
Author

@brianhlin Updated Dockerfile!

brianhlin
brianhlin approved these changes Jun 7, 2023
View reviewed changes
Copy link

@brianhlin brianhlin left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This LGTM!

@jeff-takaki @brianhlin
Remove unnecessary user parameter in docker run command
56316df 
Co-authored-by: Brian Lin <brianhlin@gmail.com>
@brianhlin brianhlin merged commit 153b644 into CHTC:master Jun 7, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@brianhlin brianhlin brianhlin approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@jeff-takaki @brianhlin