particle-os/debian-koji
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
debian-koji/docs/source/plugins.rst
Tomas Kopecek 3b82594a32 change config separator to whitespace
2017-03-30 09:25:51 -04:00

68 lines
2.1 KiB
ReStructuredText
Raw Blame History

=======
Plugins
=======
Following plugins are available in default koji installation.
Runroot
=======
Plugin for running any command in buildroot.
Save Failed Tree Plugin
=======================
In some cases developers want to investigate exact environment in which their
build failed. Reconstructing this environment via mock needn't end with
exactly same structure (due to builder settings, etc.). In such case this
plugin can be used to retrieve tarball with complete mock tree.
Additional feature is that some paths from buildroot can be left out from
tarball. Feature can be configured via
`/etc/kojid/plugins/save_failed_tree.conf` file. Currently only field
filters.paths is used and it consists of globs (standard python's fnmatch is
used) separated by whitespaces.
.. code-block:: ini
[filters]
paths = /etc/*.keytab /tmp/secret_data
.. warning::
For security reasons, currently all ``/tmp/krb5cc*`` and ``/etc/*.keytab``
files are removed from tarball. If we found some other dangerous pieces,
they can be added to this blacklist.
Special task method is created for achieving this which is called
``SaveFailedTree``. This task can be created via CLI:
``koji save-failed-tree <taskID>``. Additional options are:
.. option:: --full
directs koji to create tarball with complete tree.
.. option:: --nowait
exit immediately after creating task
.. option:: --quiet
don't print any information to output
After task finishes, one can find the tarball on relevant task web page (URL
will be printed to stdout until ``--quiet`` is used.
Plugin allow to save trees only for tasks defined in config
``/etc/koji-hub/plugins/save_failed_tree.conf``. Option
``allowed_methods`` contains list of comma-delimited names of tasks. Default
configuration contains line: ``allowed_methods = buildArch``. Anybody
is allowed to create this type of task (and download tarball).
.. warning::
Don't forget that this type of task can generate huge amount of data, so use
it wisely.
TODO
----
* Separate volume/directory on hub
* garbage collector + policy for retaining generated tarballs
Reference in a new issue View git blame Copy permalink