Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Ci] Fix DRA artifacts permissions #5175

Merged
merged 14 commits into from
Jul 19, 2024
Merged

[Ci] Fix DRA artifacts permissions #5175

merged 14 commits into from
Jul 19, 2024

Conversation

pazone
Copy link
Contributor

@pazone pazone commented Jul 19, 2024

What does this PR do?

Adds group read file permissions to artifacts.

Why is it important?

Checklist

  • My code follows the style guidelines of this project
  • I have commented my code, particularly in hard-to-understand areas
  • I have made corresponding changes to the documentation
  • I have made corresponding change to the default configuration files
  • I have added tests that prove my fix is effective or that my feature works
  • I have added an entry in ./changelog/fragments using the changelog tool
  • I have added an integration test or an E2E test

Disruptive User Impact

How to test this PR locally

Related issues

Questions to ask yourself

  • How are we going to support this in production?
  • How are we going to measure its adoption?
  • How are we going to debug this?
  • What are the metrics I should take care of?
  • ...

@pazone pazone added enhancement New feature or request skip-changelog backport-v8.14.0 Automated backport with mergify backport-8.15 Automated backport to the 8.15 branch with mergify labels Jul 19, 2024
@pazone pazone requested a review from pchila July 19, 2024 11:19
@pazone pazone requested a review from a team as a code owner July 19, 2024 11:19
@pazone pazone requested a review from faec July 19, 2024 11:19
@mergify mergify bot assigned pazone Jul 19, 2024
@pazone
Copy link
Contributor Author

pazone commented Jul 19, 2024

go installation script is broken

@pazone pazone requested a review from alexsapran July 19, 2024 14:30
Copy link

Quality Gate passed Quality Gate passed

Issues
0 New issues
0 Fixed issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
No data about Duplication

See analysis details on SonarQube

@@ -63,14 +61,14 @@ steps:
machineType: "c2-standard-16"
diskSizeGb: 400
command: |
if [[ -z "${MANIFEST_URL}" ]]; then
if [[ -z "$${MANIFEST_URL}" ]]; then
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm confused. The switch to $$ would output the PID, right? So everywhere this is used, the string being checked will be non-null.

Copy link
Contributor Author

@pazone pazone Jul 19, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

before any pipeline execution builkite agent uploads the pipeline yaml with buildkite-agent pipeline upload. It interpolates the yaml; if it finds $somethig it considers it a variable and tries to resolve it during the upload. ${MANIFEST_URL} will be resolved to "" (empty string). The $$ is used to avoid variable substitution.
I still don't understand why it worked before.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ah, thanks for explaining. I guess I haven't noticed this because most pipelines have the command logic in separate .sh files.

Comment on lines +10 to +13
SETUP_MAGE_VERSION="1.14.0"
fi
if [[ -z "${SETUP_GVM_VERSION-""}" ]]; then
SETUP_GVM_VERSION=$(grep -oe "SETUP_GVM_VERSION\: [\"'].*[\"']" "$PIPELINE" | awk '{print $2}' | sed "s/'//g" )
SETUP_GVM_VERSION="v0.5.0" # https://github.com/andrewkroh/gvm/issues/44#issuecomment-1013231151
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

How are these version changes related to the permissions problem?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It's indirectly related to the issue. Go installation started to fail. It tried to extract the SETUP_GVM_VERSION from pipeline.elastic-agent-package.yml and it stopped working after my changes. I just decided to simplify it because it's actually a very simple thing that was done in an overly complex way

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks 👍

@pazone pazone merged commit 0f4c277 into main Jul 19, 2024
13 checks passed
@pazone pazone deleted the ci_dra_packaging_permissions branch July 19, 2024 16:24
mergify bot pushed a commit that referenced this pull request Jul 19, 2024
* Debug DRA

* Debug DRA

* Debug DRA

* [CI] Fix packaging permissions

* [CI] Fix packaging permissions

* CHanged added read permissions

* CHanged added read permissions

* Fix veriables interpolation

* Debug

* Debug

* Debug

* Debug

* Cleanup

* Cleanup

(cherry picked from commit 0f4c277)
mergify bot pushed a commit that referenced this pull request Jul 19, 2024
* Debug DRA

* Debug DRA

* Debug DRA

* [CI] Fix packaging permissions

* [CI] Fix packaging permissions

* CHanged added read permissions

* CHanged added read permissions

* Fix veriables interpolation

* Debug

* Debug

* Debug

* Debug

* Cleanup

* Cleanup

(cherry picked from commit 0f4c277)
pazone added a commit that referenced this pull request Jul 25, 2024
* Debug DRA

* Debug DRA

* Debug DRA

* [CI] Fix packaging permissions

* [CI] Fix packaging permissions

* CHanged added read permissions

* CHanged added read permissions

* Fix veriables interpolation

* Debug

* Debug

* Debug

* Debug

* Cleanup

* Cleanup

(cherry picked from commit 0f4c277)

Co-authored-by: Pavel Zorin <[email protected]>
pazone added a commit that referenced this pull request Jul 25, 2024
* Debug DRA

* Debug DRA

* Debug DRA

* [CI] Fix packaging permissions

* [CI] Fix packaging permissions

* CHanged added read permissions

* CHanged added read permissions

* Fix veriables interpolation

* Debug

* Debug

* Debug

* Debug

* Cleanup

* Cleanup

(cherry picked from commit 0f4c277)

Co-authored-by: Pavel Zorin <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
backport-8.15 Automated backport to the 8.15 branch with mergify backport-v8.14.0 Automated backport with mergify enhancement New feature or request skip-changelog
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants