Skip to content

Commit

Permalink
ci: always run tests as an unprivileged user
Browse files Browse the repository at this point in the history 
Signed-off-by: Phillip Wood <[email protected]>
  • Loading branch information
@phillipwood
phillipwood committed Nov 1, 2023
1 parent 9e81214 commit a2d3262
Show file tree
Hide file tree
Showing 2 changed files with 8 additions and 3 deletions.
4 changes: 1 addition & 3 deletions .gitlab-ci.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,9 +12,7 @@ test:
before_script:
- ./ci/install-docker-dependencies.sh
script:
- useradd builder --create-home
- chown -R builder "${CI_PROJECT_DIR}"
- sudo --preserve-env --set-home --user=builder ./ci/run-build-and-tests.sh
- ./ci/run-build-and-tests.sh
after_script:
- |
if test "$CI_JOB_STATUS" != 'success'
Expand Down
7 changes: 7 additions & 0 deletions ci/run-build-and-tests.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,13 @@
# Build and test Git
#

if test "$(id -u)" -eq 0
then
useradd --home-dir "$(pwd)" builder
chown -R builder .
exec sudo --preserve-env --set-home --user=builder "$0"
fi

. ${0%/*}/lib.sh

case "$CI_OS_NAME" in
Expand Down

0 comments on commit a2d3262

Please sign in to comment.