onedev/server

#1568 Mounted directory prevents OneDev restoring old program files when upgrade fails

Released

Activities

Robin Shen opened 7 months ago

No description

OneDev changed state to 'Closed' 7 months ago

Previous Value	Current Value
Open	Closed

OneDev commented 7 months ago

State changed as code fixing the issue is committed (7d7a8af7)

Referenced from commit 7 months ago

fix: mounted directory prevents OneDev restoring old program files when upgrade fails (#1568 )

Robin Shen committed 7 months ago

7d7a8af7

OneDev changed state to 'Released' 7 months ago

Previous Value	Current Value
Closed	Released

OneDev commented 7 months ago

State changed as build #4114 is successful

jbauer commented 7 months ago

@robin Hm maybe a better fix would be to have the folder trusted-cert outside of conf and then do not treat that trusted-cert folder as program files. Thus you would never touch it at all during upgrade. Reason is that certs could also be mounted read-only. Given that it is user provided data it might make sense to treat it similar as the sites folder containing all repositories.

For example with Docker Swarm someone might have their CA cert stored as a docker secret and wants to mount it. While you could customize the mount location, it will be a single read-only file mount and would break your fix I guess.

Robin Shen commented 7 months ago

build #4121 is improved to copy file only if target file is writable.

Type	Bug
Priority	Minor
Assignee	Robin Shen
Affected Versions	<=9.1.11
Labels	No labels

Issue Votes (0)

Watchers (3)

Reference

onedev/server#1568