如何为无人机中的给定构建阶段指定用户?

时间:2018-05-29 22:04:50

标签: drone drone.io

我正在尝试使用非常“类似lambda”的图像来运行某些测试,但它非常像lambda,用户没有真正的权限(包括安装我的测试引擎所需的权限)。

有没有办法指定图像执行的用户?

pipeline:
    test_lambda:
        image: lambci/lambda:python3.6
        user: root
        resources:
            limits:
                memory: 128M
        commands:
            - whoami
            - pip install pytest
            - py.test

输出。请注意,用户名为sbx_user1051,而非root 

$ drone exec
[test_lambda:L0:0s] + whoami
[test_lambda:L1:0s] sbx_user1051
[test_lambda:L2:0s] + pip install pytest
[test_lambda:L3:0s] The directory '/root/.cache/pip/http' or its parent directory is not owned by the current user and the cache has been disabled. Please check the permissions and owner of that directory. If executing pip with sudo, you may want sudo's -H flag.
[test_lambda:L4:0s] The directory '/root/.cache/pip' or its parent directory is not owned by the current user and caching wheels has been disabled. check the permissions and owner of that directory. If executing pip with sudo, you may want sudo's -H flag.
[test_lambda:L5:0s] Collecting pytest
[test_lambda:L6:0s]   Downloading https://files.pythonhosted.org/packages/62/59/950a805f90587d6e2f3692cf43700becb7cdf6c16b06d84e7516b199236b/pytest-3.6.0-py2.py3-none-any.whl (194kB)
[test_lambda:L7:0s] Collecting pluggy<0.7,>=0.5 (from pytest)
[test_lambda:L8:0s]   Downloading https://files.pythonhosted.org/packages/ba/65/ded3bc40bbf8d887f262f150fbe1ae6637765b5c9534bd55690ed2c0b0f7/pluggy-0.6.0-py3-none-any.whl
[test_lambda:L9:1s] Collecting attrs>=17.4.0 (from pytest)
[test_lambda:L10:1s]   Downloading https://files.pythonhosted.org/packages/41/59/cedf87e91ed541be7957c501a92102f9cc6363c623a7666d69d51c78ac5b/attrs-18.1.0-py2.py3-none-any.whl
[test_lambda:L11:1s] Collecting atomicwrites>=1.0 (from pytest)
[test_lambda:L12:1s]   Downloading https://files.pythonhosted.org/packages/0a/e8/cd6375e7a59664eeea9e1c77a766eeac0fc3083bb958c2b41ec46b95f29c/atomicwrites-1.1.5-py2.py3-none-any.whl
[test_lambda:L13:1s] Collecting py>=1.5.0 (from pytest)
[test_lambda:L14:1s]   Downloading https://files.pythonhosted.org/packages/67/a5/f77982214dd4c8fd104b066f249adea2c49e25e8703d284382eb5e9ab35a/py-1.5.3-py2.py3-none-any.whl (84kB)
[test_lambda:L15:1s] Requirement already satisfied: six>=1.10.0 in /var/runtime (from pytest)
[test_lambda:L16:1s] Collecting more-itertools>=4.0.0 (from pytest)
[test_lambda:L17:1s]   Downloading https://files.pythonhosted.org/packages/85/40/90c3b0393e12b9827381004224de8814686e3d7182f9d4182477f600826d/more_itertools-4.2.0-py3-none-any.whl (45kB)
[test_lambda:L18:1s] Requirement already satisfied: setuptools in /var/lang/lib/python3.6/site-packages (from pytest)
[test_lambda:L19:1s] Installing collected packages: pluggy, attrs, atomicwrites, py, more-itertools, pytest
[test_lambda:L20:1s] Exception:
[test_lambda:L21:1s] Traceback (most recent call last):
[test_lambda:L22:1s]   File "/var/lang/lib/python3.6/site-packages/pip/basecommand.py", line 215, in main
[test_lambda:L23:1s]     status = self.run(options, args)
[test_lambda:L24:1s]   File "/var/lang/lib/python3.6/site-packages/pip/commands/install.py", line 342, in run
[test_lambda:L25:1s]     prefix=options.prefix_path,
[test_lambda:L26:1s]   File "/var/lang/lib/python3.6/site-packages/pip/req/req_set.py", line 784, in install
[test_lambda:L27:1s]     **kwargs
[test_lambda:L28:1s]   File "/var/lang/lib/python3.6/site-packages/pip/req/req_install.py", line 851, in install
[test_lambda:L29:1s]     self.move_wheel_files(self.source_dir, root=root, prefix=prefix)
[test_lambda:L30:1s]   File "/var/lang/lib/python3.6/site-packages/pip/req/req_install.py", line 1064, in move_wheel_files
[test_lambda:L31:1s]     isolated=self.isolated,
[test_lambda:L32:1s]   File "/var/lang/lib/python3.6/site-packages/pip/wheel.py", line 345, in move_wheel_files
[test_lambda:L33:1s]     clobber(source, lib_dir, True)
[test_lambda:L34:1s]   File "/var/lang/lib/python3.6/site-packages/pip/wheel.py", line 316, in clobber
[test_lambda:L35:1s]     ensure_dir(destdir)
[test_lambda:L36:1s]   File "/var/lang/lib/python3.6/site-packages/pip/utils/__init__.py", line 83, in ensure_dir
[test_lambda:L37:1s]     os.makedirs(path)
[test_lambda:L38:1s]   File "/var/lang/lib/python3.6/os.py", line 220, in makedirs
[test_lambda:L39:1s]     mkdir(name, mode)
[test_lambda:L40:1s] PermissionError: [Errno 13] Permission denied: '/var/lang/lib/python3.6/site-packages/pluggy-0.6.0.dist-info'
[test_lambda:L41:1s] You are using pip version 9.0.1, however version 10.0.1 is available.
[test_lambda:L42:1s] You should consider upgrading via the 'pip install --upgrade pip' command.
2018/05/29 15:06:16 drone_step_0 : exit code 2

1 个答案:

答案 0 :(得分:1)

挑战在于默认情况下Docker卷是root。因此,为了写入工作区卷,即克隆代码的默认工作目录,容器用户需要是root用户。

有一个git clone插件的实验版本,它试图将目录chown给非特权用户。这将允许具有非特权用户的容器访问工作区,但是,肯定存在一些边缘情况。

您可以使用以下语法的实验性git插件:

clone:
  git:
    image: plugins/git:next

pipeline:
    test_lambda:
        image: lambci/lambda:python3.6
        commands:
            - pip install pytest
            - py.test

提醒一下,仍然存在一些边缘情况,非root容器仍然没有得到官方支持(从0.8版本开始),但是,这可能足以使您的示例正常工作。

相关问题
最新问题