1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
|
diff --git a/pipeline/backend/local/clone.go b/pipeline/backend/local/clone.go
index b659a090a..82ae5c5cc 100644
--- a/pipeline/backend/local/clone.go
+++ b/pipeline/backend/local/clone.go
@@ -94,14 +94,13 @@ func (e *local) execClone(ctx context.Context, step *types.Step, state *workflow
}
cmd = exec.CommandContext(ctx, pwsh, "-Command", fmt.Sprintf("%s ; $code=$? ; %s ; if (!$code) {[Environment]::Exit(1)}", state.pluginGitBinary, rmCmd))
} else {
- cmd = exec.CommandContext(ctx, "/bin/sh", "-c", fmt.Sprintf("%s ; export code=$? ; %s ; exit $code", state.pluginGitBinary, rmCmd))
+ cmd = exec.CommandContext(ctx, "sudo", "-E", "-u", state.user, "-D", state.workspaceDir, "/bin/sh", "-c", fmt.Sprintf("%s ; export code=$? ; %s ; exit $code", state.pluginGitBinary, rmCmd))
}
} else {
// if we have NO netrc, we can just exec the clone directly
- cmd = exec.CommandContext(ctx, state.pluginGitBinary)
+ cmd = exec.CommandContext(ctx, "sudo", "-E", "-u", state.user, "-D", state.workspaceDir, state.pluginGitBinary)
}
cmd.Env = env
- cmd.Dir = state.workspaceDir
// Get output and redirect Stderr to Stdout
e.output, _ = cmd.StdoutPipe()
diff --git a/pipeline/backend/local/local.go b/pipeline/backend/local/local.go
index 698a3f0f9..5bef80857 100644
--- a/pipeline/backend/local/local.go
+++ b/pipeline/backend/local/local.go
@@ -36,7 +36,7 @@ import (
type workflowState struct {
stepCMDs map[string]*exec.Cmd
- baseDir string
+ user string
homeDir string
workspaceDir string
pluginGitBinary string
@@ -80,26 +80,20 @@ func (e *local) Load(ctx context.Context) (*types.EngineInfo, error) {
}
// SetupWorkflow the pipeline environment.
-func (e *local) SetupWorkflow(_ context.Context, _ *types.Config, taskUUID string) error {
+func (e *local) SetupWorkflow(ctx context.Context, conf *types.Config, taskUUID string) error {
log.Trace().Str("taskUUID", taskUUID).Msg("create workflow environment")
- baseDir, err := os.MkdirTemp(e.tempDir, "woodpecker-local-*")
- if err != nil {
- return err
- }
+ user := conf.Stages[0].Steps[0].Environment["CI_COMMIT_AUTHOR"]
state := &workflowState{
stepCMDs: make(map[string]*exec.Cmd),
- baseDir: baseDir,
- workspaceDir: filepath.Join(baseDir, "workspace"),
- homeDir: filepath.Join(baseDir, "home"),
+ user: user,
+ workspaceDir: filepath.Join("/home", user, ".cache", "woodpecker", conf.Stages[0].Steps[0].Environment["CI_REPO_NAME"]),
+ homeDir: filepath.Join("/home", user),
}
- if err := os.Mkdir(state.homeDir, 0o700); err != nil {
- return err
- }
-
- if err := os.Mkdir(state.workspaceDir, 0o700); err != nil {
+ err := exec.CommandContext(ctx, "sudo", "-u", state.user, "mkdir", "-p", state.workspaceDir).Run()
+ if err != nil {
return err
}
@@ -152,9 +146,8 @@ func (e *local) execCommands(ctx context.Context, step *types.Step, state *workf
}
// Use "image name" as run command (indicate shell)
- cmd := exec.CommandContext(ctx, step.Image, args...)
+ cmd := exec.CommandContext(ctx, "sudo", append([]string{"-E", "-u", state.user, "-D", state.workspaceDir, step.Image}, args...)...)
cmd.Env = env
- cmd.Dir = state.workspaceDir
// Get output and redirect Stderr to Stdout
e.output, _ = cmd.StdoutPipe()
@@ -178,9 +171,8 @@ func (e *local) execPlugin(ctx context.Context, step *types.Step, state *workflo
return fmt.Errorf("lookup plugin binary: %w", err)
}
- cmd := exec.CommandContext(ctx, binary)
+ cmd := exec.CommandContext(ctx, "sudo", "-E", "-u", state.user, "-D", state.workspaceDir, binary)
cmd.Env = env
- cmd.Dir = state.workspaceDir
// Get output and redirect Stderr to Stdout
e.output, _ = cmd.StdoutPipe()
@@ -237,19 +229,9 @@ func (e *local) DestroyStep(_ context.Context, _ *types.Step, _ string) error {
func (e *local) DestroyWorkflow(_ context.Context, _ *types.Config, taskUUID string) error {
log.Trace().Str("taskUUID", taskUUID).Msgf("delete workflow environment")
- state, err := e.getState(taskUUID)
- if err != nil {
- return err
- }
-
- err = os.RemoveAll(state.baseDir)
- if err != nil {
- return err
- }
-
e.deleteState(taskUUID)
- return err
+ return nil
}
func (e *local) getState(taskUUID string) (*workflowState, error) {
|