ci: remove sudo and make sure image is owed by user

The image build needs special handling since we're doing a lot of
privileged operations.

Signed-off-by: Zvonko Kaiser <zkaiser@nvidia.com>
This commit is contained in:
Zvonko Kaiser
2024-06-03 11:45:28 +00:00
parent f093c4c190
commit a48c084e13
3 changed files with 8 additions and 7 deletions

View File

@@ -201,6 +201,8 @@ build_with_container() {
--env DEBUG="${DEBUG}" \
--env ARCH="${ARCH}" \
--env TARGET_ARCH="${TARGET_ARCH}" \
--env USER="$(id -u)" \
--env GROUP="$(id -g)" \
-v /dev:/dev \
-v "${script_dir}":"/osbuilder" \
-v "${script_dir}/../scripts":"/scripts" \
@@ -609,9 +611,6 @@ set_dax_header() {
}
main() {
[ "$(id -u)" -eq 0 ] || die "$0: must be run as root"
[ "$#" -eq 0 ] && usage && return 0
# variables that can be overwritten by environment variables
local agent_bin="${AGENT_BIN:-kata-agent}"
local agent_init="${AGENT_INIT:-no}"
@@ -678,6 +677,8 @@ main() {
fi
# insert at the beginning of the image the MBR + DAX header
set_dax_header "${image}" "${img_size}" "${fs_type}" "${nsdax_bin}"
chown "${USER}:${GROUP}" "${image}"
}
main "$@"

View File

@@ -73,7 +73,7 @@ OK "init is installed"
OK "Agent is installed"
# initramfs expects /init
ln -sf /sbin/init "${ROOTFS}/init"
sudo ln -sf /sbin/init "${ROOTFS}/init"
info "Creating ${IMAGE_DIR}/${IMAGE_NAME} based on rootfs at ${ROOTFS}"
( cd "${ROOTFS}" && find . | cpio -H newc -o | gzip -9 ) > "${IMAGE_DIR}"/"${IMAGE_NAME}"
( cd "${ROOTFS}" && sudo find . | sudo cpio -H newc -o | gzip -9 ) > "${IMAGE_DIR}"/"${IMAGE_NAME}"