Add ci-storage private key for root user too to allow sudo for ci-sto…

…rage (#27) ## PRs in the Stack - ➡ #27 (The stack is managed by [git-grok](https://github.com/dimikot/git-grok).)
dimikot · Oct 7, 2024 · 9f8f281 · 9f8f281
1 parent 1bb4c08
commit 9f8f281
Show file tree

Hide file tree

Showing 2 changed files with 9 additions and 5 deletions.
diff --git a/docker/ci-runner/Dockerfile b/docker/ci-runner/Dockerfile
@@ -42,10 +42,7 @@ RUN true \
 USER guest
 RUN true \
     && mkdir ~guest/.cache && chmod 700 ~guest/.cache \
-    && mkdir ~guest/.ssh && chmod 700 ~guest/.ssh \
-    && mkdir ~guest/actions-runner \
-    && chown -R guest:guest ~guest \
-    && cd ~guest/actions-runner \
+    && mkdir ~guest/actions-runner && cd ~guest/actions-runner \
     && arch=$(dpkg --print-architecture) \
     && case "$arch" in \
       x86_64|amd64) arch=linux-x64 ;; \

diff --git a/docker/ci-runner/root/entrypoint.50-ssh-keys.sh b/docker/ci-runner/root/entrypoint.50-ssh-keys.sh
@@ -1,13 +1,20 @@
 #!/bin/bash
 #
-# Puts SSH keys into the guest's home directory.
+# Puts SSH keys into the guest's and root's home directories.
 #
 set -u -e
 
+mkdir -p ~guest/.ssh && chmod 700 ~guest/.ssh
+mkdir -p ~root/.ssh && chmod 700 ~root/.ssh
+
 secret_file=/run/secrets/CI_STORAGE_PRIVATE_KEY
 if [[ -f "$secret_file" ]]; then
   cat "$secret_file" > ~guest/.ssh/id_rsa
+  cat "$secret_file" > ~root/.ssh/id_rsa
 fi
 
 chmod 600 ~guest/.ssh/* || true
 chown -R guest:guest ~guest/.ssh || true
+
+chmod 600 ~root/.ssh/* || true
+chown -R root:root ~root/.ssh || true