-
Notifications
You must be signed in to change notification settings - Fork 148
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Ci] Fix DRA artifacts permissions #5175
Conversation
go installation script is broken |
Quality Gate passedIssues Measures |
@@ -63,14 +61,14 @@ steps: | |||
machineType: "c2-standard-16" | |||
diskSizeGb: 400 | |||
command: | | |||
if [[ -z "${MANIFEST_URL}" ]]; then | |||
if [[ -z "$${MANIFEST_URL}" ]]; then |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm confused. The switch to $$
would output the PID, right? So everywhere this is used, the string being checked will be non-null.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
before any pipeline execution builkite agent uploads the pipeline yaml with buildkite-agent pipeline upload
. It interpolates the yaml; if it finds $somethig
it considers it a variable and tries to resolve it during the upload. ${MANIFEST_URL}
will be resolved to ""
(empty string). The $$
is used to avoid variable substitution.
I still don't understand why it worked before.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ah, thanks for explaining. I guess I haven't noticed this because most pipelines have the command logic in separate .sh files.
SETUP_MAGE_VERSION="1.14.0" | ||
fi | ||
if [[ -z "${SETUP_GVM_VERSION-""}" ]]; then | ||
SETUP_GVM_VERSION=$(grep -oe "SETUP_GVM_VERSION\: [\"'].*[\"']" "$PIPELINE" | awk '{print $2}' | sed "s/'//g" ) | ||
SETUP_GVM_VERSION="v0.5.0" # https://github.com/andrewkroh/gvm/issues/44#issuecomment-1013231151 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
How are these version changes related to the permissions problem?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It's indirectly related to the issue. Go installation started to fail. It tried to extract the SETUP_GVM_VERSION
from pipeline.elastic-agent-package.yml and it stopped working after my changes. I just decided to simplify it because it's actually a very simple thing that was done in an overly complex way
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks 👍
* Debug DRA * Debug DRA * Debug DRA * [CI] Fix packaging permissions * [CI] Fix packaging permissions * CHanged added read permissions * CHanged added read permissions * Fix veriables interpolation * Debug * Debug * Debug * Debug * Cleanup * Cleanup (cherry picked from commit 0f4c277)
* Debug DRA * Debug DRA * Debug DRA * [CI] Fix packaging permissions * [CI] Fix packaging permissions * CHanged added read permissions * CHanged added read permissions * Fix veriables interpolation * Debug * Debug * Debug * Debug * Cleanup * Cleanup (cherry picked from commit 0f4c277)
* Debug DRA * Debug DRA * Debug DRA * [CI] Fix packaging permissions * [CI] Fix packaging permissions * CHanged added read permissions * CHanged added read permissions * Fix veriables interpolation * Debug * Debug * Debug * Debug * Cleanup * Cleanup (cherry picked from commit 0f4c277) Co-authored-by: Pavel Zorin <[email protected]>
* Debug DRA * Debug DRA * Debug DRA * [CI] Fix packaging permissions * [CI] Fix packaging permissions * CHanged added read permissions * CHanged added read permissions * Fix veriables interpolation * Debug * Debug * Debug * Debug * Cleanup * Cleanup (cherry picked from commit 0f4c277) Co-authored-by: Pavel Zorin <[email protected]>
What does this PR do?
Adds group read file permissions to artifacts.
Why is it important?
Checklist
./changelog/fragments
using the changelog toolDisruptive User Impact
How to test this PR locally
Related issues
Questions to ask yourself