From a48c084e134e9f126a4acc390911ffbde106d9ad Mon Sep 17 00:00:00 2001 From: Zvonko Kaiser Date: Mon, 3 Jun 2024 11:45:28 +0000 Subject: [PATCH] ci: remove sudo and make sure image is owed by user The image build needs special handling since we're doing a lot of privileged operations. Signed-off-by: Zvonko Kaiser --- tools/osbuilder/image-builder/image_builder.sh | 7 ++++--- tools/osbuilder/initrd-builder/initrd_builder.sh | 4 ++-- tools/packaging/guest-image/build_image.sh | 4 ++-- 3 files changed, 8 insertions(+), 7 deletions(-) diff --git a/tools/osbuilder/image-builder/image_builder.sh b/tools/osbuilder/image-builder/image_builder.sh index 50264d5146..8772de4eed 100755 --- a/tools/osbuilder/image-builder/image_builder.sh +++ b/tools/osbuilder/image-builder/image_builder.sh @@ -201,6 +201,8 @@ build_with_container() { --env DEBUG="${DEBUG}" \ --env ARCH="${ARCH}" \ --env TARGET_ARCH="${TARGET_ARCH}" \ + --env USER="$(id -u)" \ + --env GROUP="$(id -g)" \ -v /dev:/dev \ -v "${script_dir}":"/osbuilder" \ -v "${script_dir}/../scripts":"/scripts" \ @@ -609,9 +611,6 @@ set_dax_header() { } main() { - [ "$(id -u)" -eq 0 ] || die "$0: must be run as root" - [ "$#" -eq 0 ] && usage && return 0 - # variables that can be overwritten by environment variables local agent_bin="${AGENT_BIN:-kata-agent}" local agent_init="${AGENT_INIT:-no}" @@ -678,6 +677,8 @@ main() { fi # insert at the beginning of the image the MBR + DAX header set_dax_header "${image}" "${img_size}" "${fs_type}" "${nsdax_bin}" + + chown "${USER}:${GROUP}" "${image}" } main "$@" diff --git a/tools/osbuilder/initrd-builder/initrd_builder.sh b/tools/osbuilder/initrd-builder/initrd_builder.sh index fb95f6a38c..19b02651bf 100755 --- a/tools/osbuilder/initrd-builder/initrd_builder.sh +++ b/tools/osbuilder/initrd-builder/initrd_builder.sh @@ -73,7 +73,7 @@ OK "init is installed" OK "Agent is installed" # initramfs expects /init -ln -sf /sbin/init "${ROOTFS}/init" +sudo ln -sf /sbin/init "${ROOTFS}/init" info "Creating ${IMAGE_DIR}/${IMAGE_NAME} based on rootfs at ${ROOTFS}" -( cd "${ROOTFS}" && find . | cpio -H newc -o | gzip -9 ) > "${IMAGE_DIR}"/"${IMAGE_NAME}" +( cd "${ROOTFS}" && sudo find . | sudo cpio -H newc -o | gzip -9 ) > "${IMAGE_DIR}"/"${IMAGE_NAME}" diff --git a/tools/packaging/guest-image/build_image.sh b/tools/packaging/guest-image/build_image.sh index 9ce5065c94..3f576dddc7 100755 --- a/tools/packaging/guest-image/build_image.sh +++ b/tools/packaging/guest-image/build_image.sh @@ -36,7 +36,7 @@ build_initrd() { info "Build initrd" info "initrd os: $os_name" info "initrd os version: $os_version" - sudo -E PATH="$PATH" make initrd \ + make initrd \ DISTRO="$os_name" \ DEBUG="${DEBUG:-}" \ OS_VERSION="${os_version}" \ @@ -59,7 +59,7 @@ build_image() { info "Build image" info "image os: $os_name" info "image os version: $os_version" - sudo -E PATH="${PATH}" make image \ + make image \ DISTRO="${os_name}" \ DEBUG="${DEBUG:-}" \ USE_DOCKER="1" \