X-Git-Url: https://git.arvados.org/arvados.git/blobdiff_plain/66088cabf30c5291ad8894e7009d9c9af466c158..40389b659fb332fcbe71d6348b1557b65c97da2b:/build/run-build-packages-one-target.sh

diff --git a/build/run-build-packages-one-target.sh b/build/run-build-packages-one-target.sh
index 29370279c6..be97ef0d13 100755
--- a/build/run-build-packages-one-target.sh
+++ b/build/run-build-packages-one-target.sh
@@ -137,12 +137,19 @@ while [ $# -gt 0 ]; do
 done
 
 set -e
+orig_umask="$(umask)"
 
 if [[ -n "$ARVADOS_BUILDING_VERSION" ]]; then
     echo "build version='$ARVADOS_BUILDING_VERSION', package iteration='$ARVADOS_BUILDING_ITERATION'"
 fi
 
 if [[ -n "$test_packages" ]]; then
+  # Packages are built world-readable, so package indexes should be too,
+  # especially because since 2022 apt uses an unprivileged user `_apt` to
+  # retrieve everything.  Ensure it has permissions to read the packages
+  # when mounted as a volume inside the Docker container.
+  chmod a+rx "$WORKSPACE" "$WORKSPACE/packages" "$WORKSPACE/packages/$TARGET"
+  umask 022
   if [[ -n "$(find $WORKSPACE/packages/$TARGET -name '*.rpm')" ]] ; then
     CREATEREPO="$(command -v createrepo createrepo_c | tail -n1)"
     if [[ -z "$CREATEREPO" ]]; then
@@ -179,6 +186,7 @@ if [[ -n "$test_packages" ]]; then
 
   COMMAND="/jenkins/package-testing/test-packages-$TARGET.sh"
   IMAGE="arvados/package-test:$TARGET"
+  umask "$orig_umask"
 else
   IMAGE="arvados/build:$TARGET"
   if [[ "$COMMAND" != "" ]]; then
@@ -203,7 +211,7 @@ if [[ "$SKIP_DOCKER_BUILD" != 1 ]] ; then
     cd $TARGET
     time docker build --tag "$IMAGE" \
 	 --build-arg HOSTTYPE=$HOSTTYPE \
-	 --build-arg BRANCH=$(git rev-parse --abbrev-ref HEAD) \
+	 --build-arg BRANCH=$(git rev-parse HEAD) \
 	 --build-arg GOVERSION=$GOVERSION --no-cache .
     popd
 fi
@@ -221,7 +229,6 @@ if test -z "$packages" ; then
         arvados-src
         arvados-sync-groups
         arvados-sync-users
-        arvados-workbench
         arvados-workbench2
         arvados-ws
         crunch-dispatch-local
@@ -249,16 +256,13 @@ FINAL_EXITCODE=0
 
 package_fails=""
 
-mkdir -p "$WORKSPACE/apps/workbench/vendor/cache-$TARGET"
 mkdir -p "$WORKSPACE/services/api/vendor/cache-$TARGET"
 
 docker_volume_args=(
     -v "$JENKINS_DIR:/jenkins"
     -v "$WORKSPACE:/arvados"
     -v /arvados/services/api/vendor/bundle
-    -v /arvados/apps/workbench/vendor/bundle
     -v "$WORKSPACE/services/api/vendor/cache-$TARGET:/arvados/services/api/vendor/cache"
-    -v "$WORKSPACE/apps/workbench/vendor/cache-$TARGET:/arvados/apps/workbench/vendor/cache"
 )
 
 if [[ -n "$test_packages" ]]; then