rsyslog/rsyslog
1
0
Fork 0
mirror of https://github.com/rsyslog/rsyslog.git synced 2026-06-19 10:32:55 +02:00
Code Issues Packages Projects Releases Wiki Activity

agents: avoid local container UID trap

Browse Source 
Why:
Local validation should prevent known workflow traps instead of making each
agent rediscover and repair them after a container run.

Impact:
Local container validation now defaults to host UID ownership, reducing
permission cleanup churn in worktrees.

Before/After:
Before, the helper forced the dev image default user; after, it lets the
container wrapper map to the host uid/gid by default.

Technical Overview:
The local validation helper no longer exports an empty
RSYSLOG_CONTAINER_UID for Ubuntu 26.04 check and focused-test lanes.
Leaving the variable unset uses the existing devcontainer.sh behavior that
passes the host uid/gid to docker and injects passwd/group entries when
needed.
The container-testing skill now documents this as the normal local mode and
keeps RSYSLOG_CONTAINER_UID='' reserved for intentional GitHub Actions user
reproduction.
The fallback cleanup guidance remains for already-polluted or intentionally
CI-user worktrees.

With the help of AI-Agents: Codex
This commit is contained in:
Rainer Gerhards 2026-05-28 18:11:11 +02:00
parent d8a747b69e
commit c7ae67aded
No known key found for this signature in database
GPG Key ID: 0CB6B2A8BE80B499
2 changed files with 9 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
.agent/skills/rsyslog_local_container_testing/SKILL.md
View File

@ -224,6 +224,15 @@ normal local dev-container validation. When the task specifically validates a
locally built runtime or dev image, use that locally built image/tag for the
container-under-test and record its image ID.
For normal local validation, do not set `RSYSLOG_CONTAINER_UID=''`. Leaving
`RSYSLOG_CONTAINER_UID` unset lets `devtools/devcontainer.sh` run the container
process as the host uid/gid and inject a matching passwd/group entry when
needed. This prevents generated build products from being owned by the dev
image's default user, which is often a different uid than the host checkout
owner. Set `RSYSLOG_CONTAINER_UID=''` only when intentionally reproducing the
exact GitHub Actions default-container-user behavior, and expect to normalize
ownership afterwards.
## Clean Tree Rule
Before switching compiler, sanitizer flags, configure options, container image,
@ -295,7 +304,6 @@ For `clang21-ndebug`:
make distclean || true
/usr/bin/time -p env \
RSYSLOG_DEV_CONTAINER='rsyslog/rsyslog_dev_base_ubuntu:26.04' \
RSYSLOG_CONTAINER_UID='' \
CI_CONFIGURE_CACHE='1' \
CC='clang-21' \
CFLAGS='-g' \
@ -303,7 +311,6 @@ RSYSLOG_CONFIGURE_OPTIONS_EXTRA='--enable-debug=no' \
devtools/devcontainer.sh --rm devtools/run-configure.sh
/usr/bin/time -p env \
RSYSLOG_DEV_CONTAINER='rsyslog/rsyslog_dev_base_ubuntu:26.04' \
RSYSLOG_CONTAINER_UID='' \
devtools/devcontainer.sh --rm make -j20
```
@ -313,7 +320,6 @@ For `gcc15-gnu23-debug`:
make distclean || true
/usr/bin/time -p env \
RSYSLOG_DEV_CONTAINER='rsyslog/rsyslog_dev_base_ubuntu:26.04' \
RSYSLOG_CONTAINER_UID='' \
CI_CONFIGURE_CACHE='1' \
CC='gcc-15' \
CFLAGS='-g -std=gnu23' \
@ -321,7 +327,6 @@ RSYSLOG_CONFIGURE_OPTIONS_EXTRA='--enable-debug=yes --disable-omamqp1' \
devtools/devcontainer.sh --rm devtools/run-configure.sh
/usr/bin/time -p env \
RSYSLOG_DEV_CONTAINER='rsyslog/rsyslog_dev_base_ubuntu:26.04' \
RSYSLOG_CONTAINER_UID='' \
devtools/devcontainer.sh --rm make -j20
```
@ -343,7 +348,6 @@ make distclean || true
: "${RSYSLOG_LOCAL_CHECK_JOBS:=10}"
: "${RSYSLOG_LOCAL_BUILD_JOBS:=10}"
export RSYSLOG_DEV_CONTAINER='rsyslog/rsyslog_dev_base_ubuntu:26.04'
export RSYSLOG_CONTAINER_UID=''
export RSYSLOG_TESTBENCH_CHANGED_FILES="$({
git diff --name-only origin/main...HEAD
git diff --name-only HEAD
@ -459,7 +463,6 @@ apply the same PR-style configure suppressions in local container runs:
```sh
make distclean || true
export RSYSLOG_DEV_CONTAINER='rsyslog/rsyslog_dev_base_ubuntu:26.04'
export RSYSLOG_CONTAINER_UID=''
export RSYSLOG_TESTBENCH_CHANGED_FILES='runtime/lookup.c'
export CC='gcc'
export CFLAGS='-g'

2
devtools/local-validation-plan.sh
View File

@ -356,7 +356,6 @@ run_change_gated_ubuntu26() {
fi
run_distclean_if_available
export RSYSLOG_DEV_CONTAINER='rsyslog/rsyslog_dev_base_ubuntu:26.04'
export RSYSLOG_CONTAINER_UID=''
export RSYSLOG_TESTBENCH_CHANGED_FILES
RSYSLOG_TESTBENCH_CHANGED_FILES="$(cat "$tmp_changed")"
export CC='gcc'
@ -379,7 +378,6 @@ run_focused_test_shell() {
have_devcontainer_script || return 0
run_distclean_if_available
export RSYSLOG_DEV_CONTAINER='rsyslog/rsyslog_dev_base_ubuntu:26.04'
export RSYSLOG_CONTAINER_UID=''
export CC='gcc'
export CFLAGS='-g'
export CI_CONFIGURE_CACHE=1