Introduce non-reusable docker cache volumes (!3269) · Merge requests · GitLab.org / gitlab-runner

Arran Walker requested to merge 27022-randomized-temporary-volume-name into main Jan 10, 2022

What does this MR do?

Ensures that a docker volume created with CreateTemporary are really temporary.

Right now, they're temporary in that they're expected to be deleted after the job is finished. However, if the volume fails to be removed, the volume can accidentally be re-used by a future job as the volume name is not unique.

Trying to fix all instances of where a volume may not be removed is surprisingly hard. It's safer for the temporary volume to use a unique name.

Why was this MR needed?

This fixes reported cases in #27022 (closed) where files have been present in a volume where they shouldn't have been, due to the accidental reuse of a volume that was unable to be removed.

What's the best way to test this MR?

Use a job similar to:

image: busybox:latest

variables:
  GIT_STRATEGY: clone

test:
  script:
    - sleep 10

GIT_STRATEGY: clone will use CreateTemporary is used for the cache volume.

Run the job (can be used with gitlab-runner exec: gitlab-runner exec docker test)
Immediately cancel the job once sleeping
Run job again but let it succeed this time.

With the previous implementation, the error ERROR: Failed to cleanup volumes will be shown, as the second job is now attempting to delete a volume that has been reused.

With the implementation in this MR, no such error will exist, because a new volume will have been created and then successfully removed.

What are the relevant issue numbers?

#27022 (closed)

Edited Jan 31, 2022 by Arran Walker

Introduce non-reusable docker cache volumes

What does this MR do?

Why was this MR needed?

What's the best way to test this MR?

What are the relevant issue numbers?

Merge request reports