[Github] Add sudo to CI container #122036
Conversation
This patch adds sudo to the CI container and also adds the gha user as a member of the sudo group along with making any member of the sudo group able to run commands as root without a password. This is primarily intended to enable installing new software through apt-get without having to rebuild the container.
|
@llvm/pr-subscribers-github-workflow Author: Aiden Grossman (boomanaiden154) ChangesThis patch adds sudo to the CI container and also adds the gha user as a member of the sudo group along with making any member of the sudo group able to run commands as root without a password. This is primarily intended to enable installing new software through apt-get without having to rebuild the container. Full diff: https://github.com/llvm/llvm-project/pull/122036.diff 1 Files Affected:
diff --git a/.github/workflows/containers/github-action-ci/Dockerfile b/.github/workflows/containers/github-action-ci/Dockerfile
index 58355d261c43c9..d4e6cdcd70423a 100644
--- a/.github/workflows/containers/github-action-ci/Dockerfile
+++ b/.github/workflows/containers/github-action-ci/Dockerfile
@@ -57,6 +57,7 @@ RUN apt-get update && \
nodejs \
perl-modules \
python3-psutil \
+ sudo \
# These are needed by the premerge pipeline. Pip is used to install
# dependent python packages and ccache is used for build caching. File and
@@ -73,5 +74,11 @@ ENV PATH=${LLVM_SYSROOT}/bin:${PATH}
# permissions issues in some tests. Set the user id to 1001 as that is the
# user id that Github Actions uses to perform the checkout action.
RUN useradd gha -u 1001 -m -s /bin/bash
+
+# Also add the user to passwordless sudoers so that we can install software
+# later on without having to rebuild the container.
+RUN adduser gha sudo
+RUN echo '%sudo ALL=(ALL) NOPASSWD:ALL' >> /etc/sudoers
+
USER gha
|
|
This is intended to fix the failures in the SPIRV workflow (along with a follow up patch to enable the use of sudo) noticed in #74092. |
|
This doesn't actually fix the issue, but still might be good to land for experimentation in the future. #122044 should actually fix the issue, but haven't tested. |
This patch adds sudo to the CI container and also adds the gha user as a member of the sudo group along with making any member of the sudo group able to run commands as root without a password. This is primarily intended to enable installing new software through apt-get without having to rebuild the container.