The default behavior of divingbell-perm is to fail when trying to assign
permissions to non-existent files.
This change adds an option to values.yaml to skip any missing files and
proceed with the rest of the assignments.
conf:
perm:
ignore_missing: true # default is false
This may be useful in cases where files will never exist on a node, or
cases where the file does not exist yet, but will exist later. Note that
with this option enabled, a run in which files are skipped is considered
successful, so the rerun_policy and rerun_interval will determine if and
when another attempt will be made.
Change-Id: I15505d6292dda66942c66eea5a4d0666bd6bdfa7
The hash used by divingbell-perms to decide whether or not to rerun the
permissions script was being generated incorrectly, using a fixed value
instead of actually looking at the values passed to the chart.
This change updates the hash to reflect conf.divingbell.perms, and will
rerun the script if the hash changes.
Also fixes the logic to revert permissions.
Change-Id: I74f056f69a1b7f0eb9223915b1671e1e18091483
While working on another change, I discovered conditions
in many test cases that echoed fail messages but did not
actually exit, so the gate could succeed even though some
tests failed. This patchset aims to fix those problems, and
then fix the problems masked by those problems:
1) fix bug in revert function of file permissions module
preventing permissions from being reverted.
2) fix various syntax and logic problems in test script
3) add wait_for_tiller_ready function to avoid race condition
with test script using helm too early
4) add install for ethtool in test script
5) ignore ethtool pod failures (see note #1 in [0])
6) make logging of test results more uniform
7) Fix error message logic in perm.sh
8) Fix case in _shcommon.tpl where error message was not
logged, causing test script to unnecessarily wait for
container timeout
[0]: https://review.opendev.org/676010
Change-Id: I22182d35250c37c96e73d9f5f49abfb2246f2a35
Use the common logger for consistent log output for some echo statements
that were not making use of it.
Change-Id: I7fae2a950318f5cd3245a4571dc464009726d4ae
- When reverting permissions on a file, there is no check for existence
causing a deleted file to CL the perm module
Change-Id: Ifae0ac196acf8ac2ccef84102967b6b4305a7691
- Adds the ability to rerun divingbell-perm at specified interval.
- Adds the ability to specify a rerun policy of
'always', 'never', 'once_successfully'. Default value is 'always'.
Demo: https://asciinema.org/a/220289
Change-Id: I3909b4d92f8e2bdb0d826ca1cfbd62f937c2532d
via new module 'perm'
1) DaemonSet
2) Secret (instead of old ConfigMap)
3) Include module /bin/_perm.sh.tpl
4) Commented example in values.yaml
5) Demo: https://asciinema.org/a/209509
6) Increased # of expected DaemonSets
7) Rebased after a few merges
8) Addressing comments
9) Migrated from ConfigMap to Secret
10) Got rid of 'eval'
11) Test
12) Demo for host targeting: https://asciinema.org/a/213125
Change-Id: Ia3181dcb7fc1ccc7422c635b010000f6d3fbcf4d
Phil Sphicas