Skip to content

Commit

Permalink
Enable access to git using the user credentials
Browse files Browse the repository at this point in the history
Added mount of ~/.netrc
Set HOME to the user $HOME
  • Loading branch information
eranco74 committed Jan 15, 2018
1 parent 1471245 commit 925a7a5
Show file tree
Hide file tree
Showing 2 changed files with 22 additions and 0 deletions.
3 changes: 3 additions & 0 deletions skipper/runner.py
Original file line number Diff line number Diff line change
Expand Up @@ -30,6 +30,7 @@ def _run_nested(fqdn_image, environment, command, interactive, name, net, volume
cwd = os.getcwd()
workspace = os.path.dirname(cwd)
project = os.path.basename(cwd)
homedir = os.path.expanduser('~')

docker_cmd = ['docker', 'run']
if interactive:
Expand All @@ -56,6 +57,7 @@ def _run_nested(fqdn_image, environment, command, interactive, name, net, volume
user_id = os.getuid()
docker_cmd += ['-e', 'SKIPPER_USERNAME=%(user)s' % dict(user=user)]
docker_cmd += ['-e', 'SKIPPER_UID=%(user_id)s' % dict(user_id=user_id)]
docker_cmd += ['-e', 'HOME=%(homedir)s' % dict(homedir=homedir)]

docker_gid = grp.getgrnam('docker').gr_gid
docker_cmd += ['-e', 'SKIPPER_DOCKER_GID=%(docker_gid)s' % dict(docker_gid=docker_gid)]
Expand All @@ -67,6 +69,7 @@ def _run_nested(fqdn_image, environment, command, interactive, name, net, volume

volumes.extend([
'%(workspace)s:%(workspace)s:rw,Z' % dict(workspace=workspace),
'%(homedir)s/.netrc:%(homedir)s/.netrc:ro' % dict(homedir=homedir),
'/var/lib/osmosis:/var/lib/osmosis:rw,Z',
'/var/run/docker.sock:/var/run/docker.sock:Z',
'/opt/skipper/skipper-entrypoint.sh:/opt/skipper/skipper-entrypoint.sh:Z',
Expand Down
19 changes: 19 additions & 0 deletions tests/test_runner.py
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,7 @@
FQDN_IMAGE = REGISTRY + '/' + IMAGE + ':' + TAG

WORKDIR = '/home/adir/work'
HOME_DIR = '/home/adir'
PROJECT = 'proj'
PROJECT_DIR = os.path.join(WORKDIR, PROJECT)

Expand Down Expand Up @@ -42,6 +43,7 @@ def test_run_complex_command_not_nested(self, popen_mock):

@mock.patch('getpass.getuser', mock.MagicMock(autospec=True, return_value='testuser'))
@mock.patch('os.getcwd', mock.MagicMock(autospec=True, return_value=PROJECT_DIR))
@mock.patch('os.path.expanduser', mock.MagicMock(autospec=True, return_value=HOME_DIR))
@mock.patch('os.getuid', autospec=True)
@mock.patch('grp.getgrnam', autospec=True)
@mock.patch('subprocess.Popen', autospec=False)
Expand All @@ -62,8 +64,10 @@ def test_run_simple_command_nested_network_exist(self, check_output_mock, popen_
'--net', 'host',
'-e', 'SKIPPER_USERNAME=testuser',
'-e', 'SKIPPER_UID=%(user_uid)s' % dict(user_uid=USER_ID),
'-e', 'HOME=%(homedir)s' % dict(homedir=HOME_DIR),
'-e', 'SKIPPER_DOCKER_GID=978',
'-v', '%(workdir)s:%(workdir)s:rw,Z' % dict(workdir=WORKDIR),
'-v', '%(homedir)s/.netrc:%(homedir)s/.netrc:ro' % dict(homedir=HOME_DIR),
'-v', '/var/lib/osmosis:/var/lib/osmosis:rw,Z',
'-v', '/var/run/docker.sock:/var/run/docker.sock:Z',
'-v', '/opt/skipper/skipper-entrypoint.sh:/opt/skipper/skipper-entrypoint.sh:Z',
Expand All @@ -76,6 +80,7 @@ def test_run_simple_command_nested_network_exist(self, check_output_mock, popen_

@mock.patch('getpass.getuser', mock.MagicMock(autospec=True, return_value='testuser'))
@mock.patch('os.getcwd', mock.MagicMock(autospec=True, return_value=PROJECT_DIR))
@mock.patch('os.path.expanduser', mock.MagicMock(autospec=True, return_value=HOME_DIR))
@mock.patch('os.getuid', autospec=True)
@mock.patch('grp.getgrnam', autospec=True)
@mock.patch('subprocess.Popen', autospec=False)
Expand All @@ -96,8 +101,10 @@ def test_run_simple_command_nested_network_not_exist(self, check_output_mock, po
'--net', 'host',
'-e', 'SKIPPER_USERNAME=testuser',
'-e', 'SKIPPER_UID=%(user_uid)s' % dict(user_uid=USER_ID),
'-e', 'HOME=%(homedir)s' % dict(homedir=HOME_DIR),
'-e', 'SKIPPER_DOCKER_GID=978',
'-v', '%(workdir)s:%(workdir)s:rw,Z' % dict(workdir=WORKDIR),
'-v', '%(homedir)s/.netrc:%(homedir)s/.netrc:ro' % dict(homedir=HOME_DIR),
'-v', '/var/lib/osmosis:/var/lib/osmosis:rw,Z',
'-v', '/var/run/docker.sock:/var/run/docker.sock:Z',
'-v', '/opt/skipper/skipper-entrypoint.sh:/opt/skipper/skipper-entrypoint.sh:Z',
Expand All @@ -110,6 +117,7 @@ def test_run_simple_command_nested_network_not_exist(self, check_output_mock, po

@mock.patch('getpass.getuser', mock.MagicMock(autospec=True, return_value='testuser'))
@mock.patch('os.getcwd', mock.MagicMock(autospec=True, return_value=PROJECT_DIR))
@mock.patch('os.path.expanduser', mock.MagicMock(autospec=True, return_value=HOME_DIR))
@mock.patch('os.getuid', autospec=True)
@mock.patch('grp.getgrnam', autospec=True)
@mock.patch('subprocess.Popen', autospec=False)
Expand All @@ -132,8 +140,10 @@ def test_run_simple_command_nested_with_env(self, check_output_mock, popen_mock,
'-e', 'KEY2=VAL2',
'-e', 'SKIPPER_USERNAME=testuser',
'-e', 'SKIPPER_UID=%(user_uid)s' % dict(user_uid=USER_ID),
'-e', 'HOME=%(homedir)s' % dict(homedir=HOME_DIR),
'-e', 'SKIPPER_DOCKER_GID=978',
'-v', '%(workdir)s:%(workdir)s:rw,Z' % dict(workdir=WORKDIR),
'-v', '%(homedir)s/.netrc:%(homedir)s/.netrc:ro' % dict(homedir=HOME_DIR),
'-v', '/var/lib/osmosis:/var/lib/osmosis:rw,Z',
'-v', '/var/run/docker.sock:/var/run/docker.sock:Z',
'-v', '/opt/skipper/skipper-entrypoint.sh:/opt/skipper/skipper-entrypoint.sh:Z',
Expand All @@ -146,6 +156,7 @@ def test_run_simple_command_nested_with_env(self, check_output_mock, popen_mock,

@mock.patch('getpass.getuser', mock.MagicMock(autospec=True, return_value='testuser'))
@mock.patch('os.getcwd', mock.MagicMock(autospec=True, return_value=PROJECT_DIR))
@mock.patch('os.path.expanduser', mock.MagicMock(autospec=True, return_value=HOME_DIR))
@mock.patch('os.getuid', autospec=True)
@mock.patch('grp.getgrnam', autospec=True)
@mock.patch('subprocess.Popen', autospec=False)
Expand All @@ -167,8 +178,10 @@ def test_run_simple_command_nested_interactive(self, check_output_mock, popen_mo
'--net', 'host',
'-e', 'SKIPPER_USERNAME=testuser',
'-e', 'SKIPPER_UID=%(user_uid)s' % dict(user_uid=USER_ID),
'-e', 'HOME=%(homedir)s' % dict(homedir=HOME_DIR),
'-e', 'SKIPPER_DOCKER_GID=978',
'-v', '%(workdir)s:%(workdir)s:rw,Z' % dict(workdir=WORKDIR),
'-v', '%(homedir)s/.netrc:%(homedir)s/.netrc:ro' % dict(homedir=HOME_DIR),
'-v', '/var/lib/osmosis:/var/lib/osmosis:rw,Z',
'-v', '/var/run/docker.sock:/var/run/docker.sock:Z',
'-v', '/opt/skipper/skipper-entrypoint.sh:/opt/skipper/skipper-entrypoint.sh:Z',
Expand All @@ -181,6 +194,7 @@ def test_run_simple_command_nested_interactive(self, check_output_mock, popen_mo

@mock.patch('getpass.getuser', mock.MagicMock(autospec=True, return_value='testuser'))
@mock.patch('os.getcwd', mock.MagicMock(autospec=True, return_value=PROJECT_DIR))
@mock.patch('os.path.expanduser', mock.MagicMock(autospec=True, return_value=HOME_DIR))
@mock.patch('os.getuid', autospec=True)
@mock.patch('grp.getgrnam', autospec=True,)
@mock.patch('subprocess.Popen', autospec=False)
Expand All @@ -201,8 +215,10 @@ def test_run_complex_command_nested(self, check_output_mock, popen_mock, grp_get
'--net', 'host',
'-e', 'SKIPPER_USERNAME=testuser',
'-e', 'SKIPPER_UID=%(user_uid)s' % dict(user_uid=USER_ID),
'-e', 'HOME=%(homedir)s' % dict(homedir=HOME_DIR),
'-e', 'SKIPPER_DOCKER_GID=978',
'-v', '%(workdir)s:%(workdir)s:rw,Z' % dict(workdir=WORKDIR),
'-v', '%(homedir)s/.netrc:%(homedir)s/.netrc:ro' % dict(homedir=HOME_DIR),
'-v', '/var/lib/osmosis:/var/lib/osmosis:rw,Z',
'-v', '/var/run/docker.sock:/var/run/docker.sock:Z',
'-v', '/opt/skipper/skipper-entrypoint.sh:/opt/skipper/skipper-entrypoint.sh:Z',
Expand All @@ -215,6 +231,7 @@ def test_run_complex_command_nested(self, check_output_mock, popen_mock, grp_get

@mock.patch('getpass.getuser', mock.MagicMock(autospec=True, return_value='testuser'))
@mock.patch('os.getcwd', mock.MagicMock(autospec=True, return_value=PROJECT_DIR))
@mock.patch('os.path.expanduser', mock.MagicMock(autospec=True, return_value=HOME_DIR))
@mock.patch('os.getuid', autospec=True)
@mock.patch('grp.getgrnam', autospec=True)
@mock.patch('subprocess.Popen', autospec=False)
Expand All @@ -237,8 +254,10 @@ def test_run_complex_command_nested_with_env(self, check_output_mock, popen_mock
'-e', 'KEY2=VAL2',
'-e', 'SKIPPER_USERNAME=testuser',
'-e', 'SKIPPER_UID=%(user_uid)s' % dict(user_uid=USER_ID),
'-e', 'HOME=%(homedir)s' % dict(homedir=HOME_DIR),
'-e', 'SKIPPER_DOCKER_GID=978',
'-v', '%(workdir)s:%(workdir)s:rw,Z' % dict(workdir=WORKDIR),
'-v', '%(homedir)s/.netrc:%(homedir)s/.netrc:ro' % dict(homedir=HOME_DIR),
'-v', '/var/lib/osmosis:/var/lib/osmosis:rw,Z',
'-v', '/var/run/docker.sock:/var/run/docker.sock:Z',
'-v', '/opt/skipper/skipper-entrypoint.sh:/opt/skipper/skipper-entrypoint.sh:Z',
Expand Down

0 comments on commit 925a7a5

Please sign in to comment.