Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: clean up working dir after each run #20540

Open
wants to merge 13 commits into
base: master
Choose a base branch
from

Conversation

IvanJobs
Copy link

@IvanJobs IvanJobs commented Oct 14, 2024

Task name:
Clean up working dir after each run to avoid permission issue.

Description:
Oryx build will change file owners to root after each build which caused permission issue on AzDo with self-hosted agents when Cx tries to checkout the code by the second time during which it will fail to delete the previous files owned by root.

https://github.com/microsoft/Oryx/blob/0b76566110f0db32097b869761e056fd9b01848d/src/BuildScriptGenerator/Node/NodeBashBuildSnippet.sh.tpl#L142

This PR is to clean up files on behalf of root inside the docker container to prepare a clean working dir for next run.

The issue can be described like this.

When cx uses self hosted agent, the source code will be checked out into some folder on the agent, like work/1/s, I think s stands for source code. The file owner is the current user by which we start the self-hosted agent, for example, ivan. A docker container will be created with work/1/s mounted to /working_dir in the container. When oryx build finished build the project in container, it will change file owners to root for all files under /working_dir, i.e., _work/1/s on the hosted machine. The second time, when azdo pipeline tries to check out the new version of the repo, it will try to clean up _work/1/s on behalf of ivan, but it's unable to delete files owned by root.

based on my testing, anyway in this case, self-hosted agent will try to clean up or overwrite this folder _work/1/s before each run. It should be good for us to clean it up after each run in the container.

Test it from end-to-end in my private AzDo repo, looks good.

Customized version:
image

Changes applied:
image

Run multiple times, looks good.

Documentation changes required: (Y/N)
N

Added unit tests: (Y/N)
N/

Attached related issue: (Y/N)
N

Checklist:

  • Task version was bumped - please check instruction how to do it
  • Checked that applied changes work as expected
  • Reproduced the permission issue for the second run
  • Change the launch script and try to reproduce it, failed with successful results
  • Try managed agent, things work good

@IvanJobs IvanJobs requested review from mkarmark, joslinmicrosoft and a team as code owners October 14, 2024 07:38
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants