| |
@@ -4764,6 +4764,10 @@
|
| |
rootopts = {'install_group': 'srpm-build',
|
| |
'setup_dns': True,
|
| |
'repo_id': repo_id}
|
| |
+ if self.options.scm_credentials_dir is not None and os.path.isdir(self.options.scm_credentials_dir):
|
| |
+ rootopts['bind_opts'] = {'dirs' : {self.options.scm_credentials_dir : '/credentials',}}
|
| |
+ ## Force internal_dev_setup back to true because bind_opts is used to turn it off
|
| |
+ rootopts['internal_dev_setup'] = True
|
| |
br_arch = self.find_arch('noarch', self.session.host.getHost(), self.session.getBuildConfig(build_tag['id'], event=event_id))
|
| |
broot = BuildRoot(self.session, self.options, build_tag['id'], br_arch, self.id, **rootopts)
|
| |
broot.workdir = self.workdir
|
| |
@@ -6156,6 +6160,7 @@
|
| |
'createrepo_update': True,
|
| |
'pkgurl': None,
|
| |
'allowed_scms': '',
|
| |
+ 'scm_credentials_dir': None,
|
| |
'support_rpm_source_layout': True,
|
| |
'yum_proxy': None,
|
| |
'maven_repo_ignore': '*.md5 *.sha1 maven-metadata*.xml _maven.repositories '
|
| |
Some places force every access to their systems to be authenticated for
audit purposes, which means even an https fetch of a source tarball
needs access to some sort of credential.
Provide for a directory intended to contain credentials to be
bind-mounted into the BuildRoot for the BuildSRPMFromSCM task as
"/credentials". Whatever runs a a result of the source_cmd ("make
sources") is responsible for doing something useful with the contents.