Merge "Change name and document the bind_mount config paths" into feature/zuulv3
diff --git a/doc/source/admin/components.rst b/doc/source/admin/components.rst
index 08671c9..e30966b 100644
--- a/doc/source/admin/components.rst
+++ b/doc/source/admin/components.rst
@@ -361,6 +361,26 @@
disk_limit_per_job=100
+**trusted_ro_paths**
+
+ List of paths, separated by ':' to read-only bind mount into trusted
+ bubblewrap contexts.
+
+**trusted_rw_paths**
+
+ List of paths, separated by ':' to read-write bind mount into trusted
+ bubblewrap contexts.
+
+**untrusted_ro_paths**
+
+ List of paths, separated by ':' to read-only bind mount into untrusted
+ bubblewrap contexts.
+
+**untrusted_rw_paths**
+
+ List of paths, separated by ':' to read-write bind mount into untrusted
+ bubblewrap contexts.
+
merger
""""""
diff --git a/etc/zuul.conf-sample b/etc/zuul.conf-sample
index e6375a5..0ae42a2 100644
--- a/etc/zuul.conf-sample
+++ b/etc/zuul.conf-sample
@@ -27,8 +27,8 @@
[executor]
default_username=zuul
-trusted_ro_dirs=/opt/zuul-scripts:/var/cache
-trusted_rw_dirs=/opt/zuul-logs
+trusted_ro_paths=/opt/zuul-scripts:/var/cache
+trusted_rw_paths=/opt/zuul-logs
[web]
listen_address=127.0.0.1
diff --git a/tests/base.py b/tests/base.py
index 568e15f..35c8324 100755
--- a/tests/base.py
+++ b/tests/base.py
@@ -2080,7 +2080,7 @@
self.copyDirToRepo(project,
os.path.join(git_path, reponame))
# Make test_root persist after ansible run for .flag test
- self.config.set('executor', 'trusted_rw_dirs', self.test_root)
+ self.config.set('executor', 'trusted_rw_paths', self.test_root)
self.setupAllProjectKeys()
def setupSimpleLayout(self):
diff --git a/zuul/driver/__init__.py b/zuul/driver/__init__.py
index 5193fe6..6ac9197 100644
--- a/zuul/driver/__init__.py
+++ b/zuul/driver/__init__.py
@@ -272,11 +272,11 @@
pass
@abc.abstractmethod
- def setMountsMap(self, state_dir, ro_dirs=[], rw_dirs=[]):
+ def setMountsMap(self, state_dir, ro_paths=None, rw_paths=None):
"""Add additional mount point to the execution environment.
:arg str state_dir: the state directory to be read write
- :arg list ro_dirs: read only directories paths
- :arg list rw_dirs: read write directories paths
+ :arg list ro_paths: read only files or directories to bind mount
+ :arg list rw_paths: read write files or directories to bind mount
"""
pass
diff --git a/zuul/driver/bubblewrap/__init__.py b/zuul/driver/bubblewrap/__init__.py
index ea75c0b..5370484 100644
--- a/zuul/driver/bubblewrap/__init__.py
+++ b/zuul/driver/bubblewrap/__init__.py
@@ -83,12 +83,12 @@
def stop(self):
pass
- def setMountsMap(self, ro_dirs=None, rw_dirs=None):
- if not ro_dirs:
- ro_dirs = []
- if not rw_dirs:
- rw_dirs = []
- self.mounts_map = {'ro': ro_dirs, 'rw': rw_dirs}
+ def setMountsMap(self, ro_paths=None, rw_paths=None):
+ if not ro_paths:
+ ro_paths = []
+ if not rw_paths:
+ rw_paths = []
+ self.mounts_map = {'ro': ro_paths, 'rw': rw_paths}
def getPopen(self, **kwargs):
# Set zuul_dir if it was not passed in
diff --git a/zuul/executor/server.py b/zuul/executor/server.py
index b306e75..21c4cf1 100644
--- a/zuul/executor/server.py
+++ b/zuul/executor/server.py
@@ -1467,20 +1467,20 @@
opt_prefix = 'trusted'
else:
opt_prefix = 'untrusted'
- ro_dirs = get_default(self.executor_server.config, 'executor',
- '%s_ro_dirs' % opt_prefix)
- rw_dirs = get_default(self.executor_server.config, 'executor',
- '%s_rw_dirs' % opt_prefix)
- ro_dirs = ro_dirs.split(":") if ro_dirs else []
- rw_dirs = rw_dirs.split(":") if rw_dirs else []
+ ro_paths = get_default(self.executor_server.config, 'executor',
+ '%s_ro_paths' % opt_prefix)
+ rw_paths = get_default(self.executor_server.config, 'executor',
+ '%s_rw_paths' % opt_prefix)
+ ro_paths = ro_paths.split(":") if ro_paths else []
+ rw_paths = rw_paths.split(":") if rw_paths else []
- ro_dirs.append(self.executor_server.ansible_dir)
+ ro_paths.append(self.executor_server.ansible_dir)
if self.executor_variables_file:
- ro_dirs.append(self.executor_variables_file)
+ ro_paths.append(self.executor_variables_file)
- self.executor_server.execution_wrapper.setMountsMap(ro_dirs,
- rw_dirs)
+ self.executor_server.execution_wrapper.setMountsMap(ro_paths,
+ rw_paths)
popen = self.executor_server.execution_wrapper.getPopen(
work_dir=self.jobdir.root,