Merge pull request #73 from gjrtimmer/fix/chown

fix apply chown permissions in parallel for large workspace

Jenkinsfile

@@ -375,7 +375,9 @@ pipeline {
     // Build Docker container for push to LS Repo
     stage('Build-Single') {
       when {
-        environment name: 'MULTIARCH', value: 'false'
+        expression {
+          env.MULTIARCH == 'false' || params.PACKAGE_CHECK == 'true' 
+        }
         environment name: 'EXIT_STATUS', value: ''
       }
       steps {
@@ -400,7 +402,10 @@ pipeline {
     // Build MultiArch Docker containers for push to LS Repo
     stage('Build-Multi') {
       when {
-        environment name: 'MULTIARCH', value: 'true'
+        allOf {
+          environment name: 'MULTIARCH', value: 'true'
+          expression { params.PACKAGE_CHECK == 'false' }
+        }
         environment name: 'EXIT_STATUS', value: ''
       }
       parallel {
@@ -505,7 +510,7 @@ pipeline {
         sh '''#! /bin/bash
               set -e
               TEMPDIR=$(mktemp -d)
-              if [ "${MULTIARCH}" == "true" ]; then
+              if [ "${MULTIARCH}" == "true" ] && [ "${PACKAGE_CHECK}" == "false" ]; then
                 LOCAL_CONTAINER=${IMAGE}:amd64-${META_TAG}
               else
                 LOCAL_CONTAINER=${IMAGE}:${META_TAG}
@@ -566,7 +571,7 @@ pipeline {
       steps {
         sh '''#! /bin/bash
               echo "Packages were updated. Cleaning up the image and exiting."
-              if [ "${MULTIARCH}" == "true" ]; then
+              if [ "${MULTIARCH}" == "true" ] && [ "${PACKAGE_CHECK}" == "false" ]; then
                 docker rmi ${IMAGE}:amd64-${META_TAG}
               else
                 docker rmi ${IMAGE}:${META_TAG}
@@ -590,7 +595,7 @@ pipeline {
       steps {
         sh '''#! /bin/bash
               echo "There are no package updates. Cleaning up the image and exiting."
-              if [ "${MULTIARCH}" == "true" ]; then
+              if [ "${MULTIARCH}" == "true" ] && [ "${PACKAGE_CHECK}" == "false" ]; then
                 docker rmi ${IMAGE}:amd64-${META_TAG}
               else
                 docker rmi ${IMAGE}:${META_TAG}

README.md

@@ -260,6 +260,7 @@ Once registered you can define the dockerfile to use with `-f Dockerfile.aarch64
 
 ## Versions
 
+* **16.09.21:** - Fix slow `chown` on large workspace (contents of workspace folder no longer chowned).
 * **11.07.21:** - Bump node to 14 to fix builds
 * **08.05.21:** - Fix doc link
 * **04.02.20:** - Allow setting gui password via hash using env var `HASHED_PASSWORD`.

package_versions.txt

@@ -1,7 +1,7 @@
 adduser3.116ubuntu1
 apt1.6.14
 apt-utils1.6.14
-base-files10.1ubuntu2.10
+base-files10.1ubuntu2.11
 base-passwd3.5.44
 bash4.4.18-2ubuntu1.2
 bsdutils1:2.31.1-0.4ubuntu3.7
@@ -20,8 +20,8 @@ fdisk2.31.1-0.4ubuntu3.7
 file1:5.32-2ubuntu0.4
 findutils4.6.0+git+20170828-2
 gcc-8-base8.4.0-1ubuntu1~18.04
-git1:2.17.1-1ubuntu0.8
-git-man1:2.17.1-1ubuntu0.8
+git1:2.17.1-1ubuntu0.9
+git-man1:2.17.1-1ubuntu0.9
 gnupg2.2.4-1ubuntu1.4
 gnupg-l10n2.2.4-1ubuntu1.4
 gnupg-utils2.2.4-1ubuntu1.4
@@ -54,7 +54,7 @@ libc62.27-3ubuntu1.4
 libcap-ng00.7.7-3.1
 libc-bin2.27-3ubuntu1.4
 libcom-err21.44.1-1ubuntu1.3
-libcurl3-gnutls7.58.0-2ubuntu3.14
+libcurl3-gnutls7.58.0-2ubuntu3.15
 libcurl47.58.0-2ubuntu3.14
 libdb5.35.3.28-13.1ubuntu1.1
 libdebconfclient00.213ubuntu1
@@ -125,13 +125,13 @@ libsepol12.7-1
 libsmartcols12.31.1-0.4ubuntu3.7
 libsqlite3-03.22.0-1ubuntu0.4
 libss21.44.1-1ubuntu1.3
-libssl1.0.01.0.2n-1ubuntu5.6
-libssl1.11.1.1-1ubuntu2.1~18.04.9
+libssl1.0.01.0.2n-1ubuntu5.7
+libssl1.11.1.1-1ubuntu2.1~18.04.13
 libstdc++68.4.0-1ubuntu1~18.04
-libsystemd0237-3ubuntu10.50
+libsystemd0237-3ubuntu10.51
 libtasn1-64.13-2
 libtinfo56.1-1ubuntu1.18.04
-libudev1237-3ubuntu10.50
+libudev1237-3ubuntu10.51
 libunistring20.9.9-0ubuntu2
 libuuid12.31.1-0.4ubuntu3.7
 libwind0-heimdal7.5.0+dfsg-1
@@ -155,9 +155,9 @@ ncurses-base6.1-1ubuntu1.18.04
 ncurses-bin6.1-1ubuntu1.18.04
 netbase5.4
 net-tools1.60+git20161116.90da8a0-1ubuntu1
-nodejs14.17.4-1nodesource1
-openssh-client1:7.6p1-4ubuntu0.3
-openssl1.1.1-1ubuntu2.1~18.04.9
+nodejs14.17.6-1nodesource1
+openssh-client1:7.6p1-4ubuntu0.5
+openssl1.1.1-1ubuntu2.1~18.04.13
 passwd1:4.5-1ubuntu2
 patch2.7.6-2ubuntu1.1
 perl5.26.1-6ubuntu0.5

readme-vars.yml

@@ -75,6 +75,7 @@ app_setup_block: |
 
 # changelog
 changelogs:
+  - { date: "16.09.21:", desc: "Fix slow `chown` on large workspace (contents of workspace folder no longer chowned)." }
   - { date: "11.07.21:", desc: "Bump node to 14 to fix builds" }
   - { date: "08.05.21:", desc: "Fix doc link" }
   - { date: "04.02.20:", desc: "Allow setting gui password via hash using env var `HASHED_PASSWORD`." }

root/etc/cont-init.d/30-config

@@ -18,5 +18,20 @@ if [ -n "${SUDO_PASSWORD}" ] || [ -n "${SUDO_PASSWORD_HASH}" ]; then
 fi
 
 # permissions
-chown -R abc:abc \
-    /config
+if [ -f "/usr/bin/find" ] && [ -f "/usr/bin/xargs" ]; then
+    CORES=$(nproc --all)
+
+    # Split workload between config and workspace
+    echo "setting permissions::configuration"
+    find /config -path /config/workspace -prune -false -o -type d -print0 | \
+        xargs --null -r --max-args=1 --max-procs=$((CORES*2*8)) \
+        chown -R abc:abc
+
+    echo "setting permissions::workspace"
+    chown abc:abc /config/workspace
+else
+    # Set permissions on data mount
+    # do not decend into the workspace
+    chown -R abc:abc "$(ls /config -I workspace)"
+    chown abc:abc /config/workspace
+fi