Set `umask 0000` before executing scripts for k8s executor
requested to merge hierarchicalpolymorphist/gitlab-ci-multi-runner:2570-fix-kubernetes-executor-non-privileged-user into master
What does this MR do?
For kubernetes executor, run umask 0000 before running any scripts so the build folders are created with proper permissions that allow a non-privileged user to write to.
Why was this MR needed?
This is to fix https://gitlab.com/gitlab-org/gitlab-ci-multi-runner/issues/2570
When the runner image is set to use a non-privileged user, kubernetes executor reports permission denied while trying to dump variables such as CI_SERVER_TLS_KEY_FILE to $BUILDS_DIR/${PROJECT}.tmp folder.
Are there points in the code the reviewer needs to double check?
There's already a MR that fixes the issue but I feel changing the permission of files for all executors is a broad change. This MR fixes the issue by only changing what's affected.
Does this MR meet the acceptance criteria?
-
Documentation created/updated - Tests
-
Added for this feature/bug -
All builds are passing
-
-
Branch has no merge conflicts with master(if you do - rebase it please)
What are the relevant issue numbers?
Closes #2570 (closed)
Edited by username-removed-405260