Merge pull request #1173 from pikasTech/fix/1148-d518-bootstrap-workspace-owner
fix(agentrun): bootstrap source workspace as owner
This commit is contained in:
@@ -498,18 +498,48 @@ export function yamlLaneSourceBootstrapSubmitScript(spec: AgentRunLaneSpec): str
|
||||
`bootstrap_branch=${shQuote(bootstrap)}`,
|
||||
`state_dir=${shQuote(stateDir)}`,
|
||||
"mkdir -p \"$state_dir\" \"$(dirname \"$workspace\")\"",
|
||||
"case \"$remote\" in",
|
||||
" git@*:*)",
|
||||
" mkdir -p \"$HOME/.ssh\"",
|
||||
" chmod 700 \"$HOME/.ssh\" 2>/dev/null || true",
|
||||
" export GIT_SSH_COMMAND=${GIT_SSH_COMMAND:-ssh -o StrictHostKeyChecking=accept-new}",
|
||||
" ;;",
|
||||
" ssh://*)",
|
||||
" mkdir -p \"$HOME/.ssh\"",
|
||||
" chmod 700 \"$HOME/.ssh\" 2>/dev/null || true",
|
||||
" export GIT_SSH_COMMAND=${GIT_SSH_COMMAND:-ssh -o StrictHostKeyChecking=accept-new}",
|
||||
"git_user=''",
|
||||
"git_home=''",
|
||||
"case \"$workspace\" in",
|
||||
" /home/*/*)",
|
||||
" git_user=${workspace#/home/}",
|
||||
" git_user=${git_user%%/*}",
|
||||
" git_home=/home/$git_user",
|
||||
" if ! id \"$git_user\" >/dev/null 2>&1; then git_user=''; git_home=''; fi",
|
||||
" ;;",
|
||||
"esac",
|
||||
"if [ -n \"$git_user\" ]; then chown \"$git_user:$git_user\" \"$(dirname \"$workspace\")\" 2>/dev/null || true; fi",
|
||||
"case \"$remote\" in",
|
||||
" git@*:*)",
|
||||
" if [ -n \"$git_user\" ] && [ -f \"$git_home/.ssh/id_ed25519\" ]; then",
|
||||
" if [ -z \"${GIT_SSH_COMMAND:-}\" ]; then GIT_SSH_COMMAND=\"ssh -i $git_home/.ssh/id_ed25519 -o IdentitiesOnly=yes -o StrictHostKeyChecking=accept-new -o UserKnownHostsFile=$git_home/.ssh/known_hosts\"; fi",
|
||||
" export GIT_SSH_COMMAND",
|
||||
" else",
|
||||
" mkdir -p \"$HOME/.ssh\"",
|
||||
" chmod 700 \"$HOME/.ssh\" 2>/dev/null || true",
|
||||
" if [ -z \"${GIT_SSH_COMMAND:-}\" ]; then GIT_SSH_COMMAND=\"ssh -o StrictHostKeyChecking=accept-new\"; fi",
|
||||
" export GIT_SSH_COMMAND",
|
||||
" fi",
|
||||
" ;;",
|
||||
" ssh://*)",
|
||||
" if [ -n \"$git_user\" ] && [ -f \"$git_home/.ssh/id_ed25519\" ]; then",
|
||||
" if [ -z \"${GIT_SSH_COMMAND:-}\" ]; then GIT_SSH_COMMAND=\"ssh -i $git_home/.ssh/id_ed25519 -o IdentitiesOnly=yes -o StrictHostKeyChecking=accept-new -o UserKnownHostsFile=$git_home/.ssh/known_hosts\"; fi",
|
||||
" export GIT_SSH_COMMAND",
|
||||
" else",
|
||||
" mkdir -p \"$HOME/.ssh\"",
|
||||
" chmod 700 \"$HOME/.ssh\" 2>/dev/null || true",
|
||||
" if [ -z \"${GIT_SSH_COMMAND:-}\" ]; then GIT_SSH_COMMAND=\"ssh -o StrictHostKeyChecking=accept-new\"; fi",
|
||||
" export GIT_SSH_COMMAND",
|
||||
" fi",
|
||||
" ;;",
|
||||
"esac",
|
||||
"git_cmd() {",
|
||||
" if [ -n \"$git_user\" ]; then",
|
||||
" sudo -u \"$git_user\" env HOME=\"$git_home\" GIT_SSH_COMMAND=\"$GIT_SSH_COMMAND\" git \"$@\"",
|
||||
" else",
|
||||
" git \"$@\"",
|
||||
" fi",
|
||||
"}",
|
||||
"job_id=\"source-bootstrap-$(date +%s)-$$\"",
|
||||
"status_file=\"$state_dir/$job_id.json\"",
|
||||
"stdout_file=\"$state_dir/$job_id.stdout.log\"",
|
||||
@@ -525,28 +555,28 @@ export function yamlLaneSourceBootstrapSubmitScript(spec: AgentRunLaneSpec): str
|
||||
"NODE",
|
||||
" fi; exit \"$code\"; }",
|
||||
" trap write_failed_status EXIT",
|
||||
" if [ -d \"$workspace/.git\" ] && git -C \"$workspace\" rev-parse --git-dir >/dev/null 2>&1; then",
|
||||
" if [ -d \"$workspace/.git\" ] && git_cmd -C \"$workspace\" rev-parse --git-dir >/dev/null 2>&1; then",
|
||||
" :",
|
||||
" else",
|
||||
" rm -rf \"$workspace\"",
|
||||
" git clone --no-checkout \"$remote\" \"$workspace\"",
|
||||
" git_cmd clone --no-checkout \"$remote\" \"$workspace\"",
|
||||
" fi",
|
||||
" cd \"$workspace\"",
|
||||
" git remote set-url origin \"$remote\" || git remote add origin \"$remote\"",
|
||||
" git fetch origin \"$bootstrap_branch\" \"$branch\" || git fetch origin \"$bootstrap_branch\"",
|
||||
" if git rev-parse --verify \"refs/remotes/origin/$branch^{commit}\" >/dev/null 2>&1; then",
|
||||
" git checkout -B \"$branch\" \"refs/remotes/origin/$branch\"",
|
||||
" git_cmd remote set-url origin \"$remote\" || git_cmd remote add origin \"$remote\"",
|
||||
" git_cmd fetch origin \"$bootstrap_branch\" \"$branch\" || git_cmd fetch origin \"$bootstrap_branch\"",
|
||||
" if git_cmd rev-parse --verify \"refs/remotes/origin/$branch^{commit}\" >/dev/null 2>&1; then",
|
||||
" git_cmd checkout -B \"$branch\" \"refs/remotes/origin/$branch\"",
|
||||
" else",
|
||||
" git checkout -B \"$branch\" \"refs/remotes/origin/$bootstrap_branch\"",
|
||||
" git_cmd checkout -B \"$branch\" \"refs/remotes/origin/$bootstrap_branch\"",
|
||||
" fi",
|
||||
" if [ -f deploy/deploy.json ]; then rm deploy/deploy.json; fi",
|
||||
" git add -A deploy/deploy.json 2>/dev/null || true",
|
||||
" if ! git diff --quiet --cached -- deploy/deploy.json 2>/dev/null; then",
|
||||
" git -c user.email=agentrun@unidesk.local -c user.name='UniDesk AgentRun Ops' commit -m 'chore: remove service deploy json truth'",
|
||||
" git_cmd add -A deploy/deploy.json 2>/dev/null || true",
|
||||
" if ! git_cmd diff --quiet --cached -- deploy/deploy.json 2>/dev/null; then",
|
||||
" git_cmd -c user.email=agentrun@unidesk.local -c user.name='UniDesk AgentRun Ops' commit -m 'chore: remove service deploy json truth'",
|
||||
" fi",
|
||||
" git push -u origin \"$branch\"",
|
||||
" source_commit=$(git rev-parse HEAD)",
|
||||
" status_short=$(git status --short)",
|
||||
" git_cmd push -u origin \"$branch\"",
|
||||
" source_commit=$(git_cmd rev-parse HEAD)",
|
||||
" status_short=$(git_cmd status --short)",
|
||||
" SOURCE_COMMIT=\"$source_commit\" STATUS_SHORT=\"$status_short\" JOB_ID=\"$job_id\" WORKSPACE=\"$workspace\" BRANCH=\"$branch\" node <<'NODE' > \"$status_file\"",
|
||||
"console.log(JSON.stringify({ ok: process.env.STATUS_SHORT === '', status: 'succeeded', jobId: process.env.JOB_ID, workspace: process.env.WORKSPACE, branch: process.env.BRANCH, sourceCommit: process.env.SOURCE_COMMIT, workspaceClean: process.env.STATUS_SHORT === '', statusShort: process.env.STATUS_SHORT || null, removedServiceDeployJson: true, valuesPrinted: false }));",
|
||||
"NODE",
|
||||
|
||||
Reference in New Issue
Block a user