Allow non-root user to run git clone plugin
This commit is contained in:
parent
41c2120a63
commit
79700f47fe
@ -1,5 +1,9 @@
|
|||||||
FROM alpine:3.12
|
FROM alpine:3.12
|
||||||
RUN apk add --no-cache ca-certificates git git-lfs openssh curl perl aws-cli
|
RUN apk add --no-cache ca-certificates git git-lfs openssh curl perl aws-cli sudo
|
||||||
|
|
||||||
ADD posix/* /usr/local/bin/
|
ADD posix/* /usr/local/bin/
|
||||||
ENTRYPOINT ["/usr/local/bin/clone"]
|
RUN adduser -g Drone -s /bin/sh -D -u 1000 drone
|
||||||
|
RUN echo 'drone ALL=(ALL) NOPASSWD:ALL' > /etc/sudoers.d/drone
|
||||||
|
USER drone:drone
|
||||||
|
|
||||||
|
ENTRYPOINT ["/usr/local/bin/clone"]
|
15
posix/clone
15
posix/clone
@ -1,15 +1,20 @@
|
|||||||
#!/bin/sh
|
#!/bin/sh
|
||||||
|
|
||||||
if [[ ! -z "${DRONE_WORKSPACE}" ]]; then
|
if [[ ! -z "${DRONE_WORKSPACE}" ]]; then
|
||||||
|
if [[ -n "${CI}" ]]; then
|
||||||
|
sudo mkdir -p ${DRONE_WORKSPACE}
|
||||||
|
sudo chown drone:drone ${DRONE_WORKSPACE}
|
||||||
|
else
|
||||||
|
mkdir -p ${DRONE_WORKSPACE}
|
||||||
|
fi
|
||||||
cd ${DRONE_WORKSPACE}
|
cd ${DRONE_WORKSPACE}
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# if the home directory is not set (which should
|
# we default home directory to /home/drone
|
||||||
# never be the case) we default to /root
|
|
||||||
|
|
||||||
if [[ -z "${HOME}" ]]; then
|
if [ "$HOME" != "/home/drone" ]; then
|
||||||
echo "HOME directory not set; default to /root"
|
export HOME=/home/drone
|
||||||
export HOME=/root
|
sudo chmod 766 /home/drone
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# if the home directory does not exist it should
|
# if the home directory does not exist it should
|
||||||
|
Loading…
Reference in New Issue
Block a user