exozyme/packages
3
1
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity
packages/woodpecker-agent-sudo/sudo.patch
Anthony Wang 023d679d67 Add 'woodpecker-agent-sudo/' from commit '022837448e8e6877c3717160612ca8642db4e0ca' 
git-subtree-dir: woodpecker-agent-sudo
git-subtree-mainline: 996cb8e076
git-subtree-split: 022837448e
2023-11-11 19:09:38 -05:00

71 lines
2.3 KiB
Diff
Raw Blame History

diff --git a/pipeline/backend/local/local.go b/pipeline/backend/local/local.go
index 2405c19bb..50321b8e7 100644
--- a/pipeline/backend/local/local.go
+++ b/pipeline/backend/local/local.go
@@ -44,7 +44,7 @@ var notAllowedEnvVarOverwrites = []string{
type workflowState struct {
stepCMDs map[string]*exec.Cmd
- baseDir string
+ user string
homeDir string
workspaceDir string
}
@@ -79,23 +79,17 @@ func (e *local) Load(context.Context) error {
func (e *local) SetupWorkflow(_ context.Context, conf *types.Config, taskUUID string) error {
log.Trace().Str("taskUUID", taskUUID).Msg("create workflow environment")
- baseDir, err := os.MkdirTemp("", "woodpecker-local-*")
- if err != nil {
- return err
- }
+ user := conf.Stages[0].Steps[0].Environment["CI_COMMIT_AUTHOR"]
state := &workflowState{
stepCMDs: make(map[string]*exec.Cmd),
- baseDir: baseDir,
- workspaceDir: filepath.Join(baseDir, "workspace"),
- homeDir: filepath.Join(baseDir, "home"),
- }
-
- if err := os.Mkdir(state.homeDir, 0o700); err != nil {
- return err
+ user: user,
+ workspaceDir: filepath.Join("/tmp", user, conf.Stages[0].Steps[0].Environment["CI_REPO_NAME"]),
+ homeDir: filepath.Join("/home", user),
}
- if err := os.Mkdir(state.workspaceDir, 0o700); err != nil {
+ err := exec.Command("sudo", "-u", state.user, "mkdir", "-p", state.workspaceDir).Run()
+ if err != nil {
return err
}
@@ -132,7 +126,8 @@ func (e *local) StartStep(ctx context.Context, step *types.Step, taskUUID string
// Set HOME
env = append(env, "HOME="+state.homeDir)
- var command []string
+ // Run command as commit author user
+ command := []string{"sudo", "-E", "-u", state.user}
if step.Image == constant.DefaultCloneImage {
// Default clone step
// TODO: use tmp HOME and insert netrc and delete it after clone
@@ -209,16 +204,6 @@ func (e *local) TailStep(_ context.Context, step *types.Step, taskUUID string) (
func (e *local) DestroyWorkflow(_ context.Context, conf *types.Config, taskUUID string) error {
log.Trace().Str("taskUUID", taskUUID).Msgf("delete workflow environment")
- state, err := e.getWorkflowStateFromConfig(conf)
- if err != nil {
- return err
- }
-
- err = os.RemoveAll(state.baseDir)
- if err != nil {
- return err
- }
-
workflowID, err := e.getWorkflowIDFromConfig(conf)
if err != nil {
return err
Reference in a new issue View git blame Copy permalink