diff options
| author | Karen Arutyunov <karen@codesynthesis.com> | 2023-05-19 13:47:15 +0300 |
|---|---|---|
| committer | Karen Arutyunov <karen@codesynthesis.com> | 2023-05-19 13:47:15 +0300 |
| commit | 9d3853cef802cb25ccc5c6749293d76990a3030c (patch) | |
| tree | acaa4d3d1c2a042aeaa631808acb22e50dc47b16 | |
| parent | e81faac093c1e9ee8f7dc710230c4b9e03b37d3a (diff) | |
Fix upload-bindist-clean and update INSTALL
| -rw-r--r-- | INSTALL | 12 | ||||
| -rw-r--r-- | brep/handler/upload/upload-bindist-clean.in | 14 |
2 files changed, 24 insertions, 2 deletions
@@ -349,7 +349,17 @@ in the subsequent subsections. If the build artifacts upload functionality is enabled in addition to the build2 build bot functionality you most likely will want to additionally setup -the cleanup of the outdated build artifacts. +the cleanup of the outdated build artifacts. For example, for binary +distribution package uploads handled by brep-upload-bindist the cleanup needs +to be performed by periodic execution of brep-upload-bindist-clean script. +Note that the directory where the uploads are saved to must exist and have +read, write, and execute permissions granted to the brep user. This, for +example, can be achieved with the following commands: + +# mkdir /var/bindist +# chown www-data:www-data /var/bindist +# setfacl -m u:brep:rwx /var/bindist +# setfacl -dm u:brep:rwx /var/bindist If the CI request functionality is enabled you most likely will want to additionally setup the tenants cleanup. diff --git a/brep/handler/upload/upload-bindist-clean.in b/brep/handler/upload/upload-bindist-clean.in index 20c2b00..99914a7 100644 --- a/brep/handler/upload/upload-bindist-clean.in +++ b/brep/handler/upload/upload-bindist-clean.in @@ -187,7 +187,19 @@ for d in "${expired_dirs[@]}"; do # Remove the package configuration directory. # - run rm -r "$d" + # Note that this directory contains files copied from a subdirectory of + # upload-data. These files are normally owned by the Apache2 user/group + # and have rw-r--r-- permissions. This script is normally executed as the + # brep user/group and thus the uploads root directory and all its + # subdirectories must have read, write, and execute permissions granted to + # the brep user, for example, by using ACL (see INSTALL file for + # details). Since cp preserves the file permissions by default, these + # files effective permissions will normally be r-- (read-only) for this + # script. In this case rm pops up the 'remove write-protected regular + # file' prompt by default prior to removing these files. To suppress the + # prompt we will pass the -f option to rm. + # + run rm -rf "$d" # Remove the empty parent directories. # |