-
Notifications
You must be signed in to change notification settings - Fork 266
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Only fix permissions of the pipeline's build directory
Currently the fix-buildkite-agent-builds-permissions script, that's run by our environment hook, chown's the agent’s entire builds directory on every job run. This means the chown operation gets slower every time a different pipeline is checked out onto disk. This changes the permissions fixing script to chown only the running pipeline’s checkout dir (if it exists), rather than the entire builds dir. The permissions tests have also been moved from the comment in the bottom of the file into their own executable .bats tests.
- Loading branch information
1 parent
dc335f2
commit 5428dc8
Showing
5 changed files
with
168 additions
and
56 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,9 @@ | ||
version: '3' | ||
|
||
services: | ||
unit-tests: | ||
image: lucor/bats | ||
volumes: | ||
- .:/src:ro | ||
working_dir: /src | ||
command: bats /src/unit-tests/ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,93 @@ | ||
#!/usr/bin/env bats | ||
|
||
FIX_PERMISSIONS_SCRIPT="/src/packer/conf/buildkite-agent/scripts/fix-buildkite-agent-builds-permissions" | ||
|
||
@test "Slashes in the agent arg cause an exit 1" { | ||
run "$FIX_PERMISSIONS_SCRIPT" "/" "abc" | ||
[ "$status" -eq 1 ] | ||
} | ||
|
||
@test "Slashes in the agent arg cause an exit 1" { | ||
run "$FIX_PERMISSIONS_SCRIPT" "abc/" "abc" | ||
[ "$status" -eq 1 ] | ||
} | ||
|
||
@test "Slashes in the agent arg cause an exit 1" { | ||
run "$FIX_PERMISSIONS_SCRIPT" "/abc" "abc" | ||
[ "$status" -eq 1 ] | ||
} | ||
|
||
@test "Slashes in the agent arg cause an exit 1" { | ||
run "$FIX_PERMISSIONS_SCRIPT" "abc/def" "abc" | ||
[ "$status" -eq 1 ] | ||
} | ||
|
||
@test "Slashes in the agent arg cause an exit 1" { | ||
run "$FIX_PERMISSIONS_SCRIPT" "abc/def/ghi" "abc" | ||
[ "$status" -eq 1 ] | ||
} | ||
|
||
@test "Slashes in the agent arg cause an exit 1" { | ||
run "$FIX_PERMISSIONS_SCRIPT" "/abc/" "abc" | ||
[ "$status" -eq 1 ] | ||
} | ||
|
||
@test "Slashes in the pipeline arg cause an exit 1" { | ||
run "$FIX_PERMISSIONS_SCRIPT" "abc" "/" | ||
[ "$status" -eq 1 ] | ||
} | ||
|
||
@test "Slashes in the pipeline arg cause an exit 1" { | ||
run "$FIX_PERMISSIONS_SCRIPT" "abc/" "abc" | ||
[ "$status" -eq 1 ] | ||
} | ||
|
||
@test "Slashes in the pipeline arg cause an exit 1" { | ||
run "$FIX_PERMISSIONS_SCRIPT" "abc" "/abc" | ||
[ "$status" -eq 1 ] | ||
} | ||
|
||
@test "Slashes in the pipeline arg cause an exit 1" { | ||
run "$FIX_PERMISSIONS_SCRIPT" "abc" "abc/def" | ||
[ "$status" -eq 1 ] | ||
} | ||
|
||
@test "Slashes in the pipeline arg cause an exit 1" { | ||
run "$FIX_PERMISSIONS_SCRIPT" "abc" "abc/def/ghi" | ||
[ "$status" -eq 1 ] | ||
} | ||
|
||
@test "Slashes in the pipeline arg cause an exit 1" { | ||
run "$FIX_PERMISSIONS_SCRIPT" "abc" "/abc/" | ||
[ "$status" -eq 1 ] | ||
} | ||
|
||
@test "Single dot traversal in the agent arg cause an exit 2" { | ||
run "$FIX_PERMISSIONS_SCRIPT" "." "abc" | ||
[ "$status" -eq 2 ] | ||
} | ||
|
||
@test "Double dot traversal in the agent arg cause an exit 2" { | ||
run "$FIX_PERMISSIONS_SCRIPT" ".." "abc" | ||
[ "$status" -eq 2 ] | ||
} | ||
|
||
@test "Single dot traversal in the pipeline arg cause an exit 2" { | ||
run "$FIX_PERMISSIONS_SCRIPT" "abc" "." | ||
[ "$status" -eq 2 ] | ||
} | ||
|
||
@test "Double dot traversal in the pipeline arg cause an exit 2" { | ||
run "$FIX_PERMISSIONS_SCRIPT" "abc" ".." | ||
[ "$status" -eq 2 ] | ||
} | ||
|
||
@test "Blank agent arg cause an exit 3" { | ||
run "$FIX_PERMISSIONS_SCRIPT" "" "abc" | ||
[ "$status" -eq 3 ] | ||
} | ||
|
||
@test "Blank pipeline arg cause an exit 3" { | ||
run "$FIX_PERMISSIONS_SCRIPT" "abc" "" | ||
[ "$status" -eq 3 ] | ||
} |