diff --git a/cloudconfig/templates.go b/cloudconfig/templates.go index 7fea8c97..e02c9c77 100644 --- a/cloudconfig/templates.go +++ b/cloudconfig/templates.go @@ -94,10 +94,10 @@ function downloadAndExtractRunner() { TEMP_TOKEN="Authorization: Bearer {{ .TempDownloadToken }}" fi curl --retry 5 --retry-delay 5 --retry-connrefused --fail -L -H "${TEMP_TOKEN}" -o "/home/{{ .RunnerUsername }}/{{ .FileName }}" "{{ .DownloadURL }}" || fail "failed to download tools" - mkdir -p /home/runner/actions-runner || fail "failed to create actions-runner folder" + mkdir -p /home/{{ .RunnerUsername }}/actions-runner || fail "failed to create actions-runner folder" sendStatus "extracting runner" tar xf "/home/{{ .RunnerUsername }}/{{ .FileName }}" -C /home/{{ .RunnerUsername }}/actions-runner/ || fail "failed to extract runner" - chown {{ .RunnerUsername }}:{{ .RunnerGroup }} -R /home/{{ .RunnerUsername }}/actions-runner/ || fail "failed to change owner" + # chown {{ .RunnerUsername }}:{{ .RunnerGroup }} -R /home/{{ .RunnerUsername }}/actions-runner/ || fail "failed to change owner" } TEMP_TOKEN="" @@ -119,8 +119,8 @@ if [ -z "$CACHED_RUNNER" ];then else sendStatus "using cached runner found in $CACHED_RUNNER" sudo cp -a "$CACHED_RUNNER" "/home/{{ .RunnerUsername }}/actions-runner" + sudo chown {{ .RunnerUsername }}:{{ .RunnerGroup }} -R "/home/{{ .RunnerUsername }}/actions-runner" || fail "failed to change owner" cd /home/{{ .RunnerUsername }}/actions-runner - chown {{ .RunnerUsername }}:{{ .RunnerGroup }} -R "/home/{{ .RunnerUsername }}/actions-runner" || fail "failed to change owner" fi @@ -129,7 +129,7 @@ set +e attempt=1 while true; do ERROUT=$(mktemp) - sudo -u {{ .RunnerUsername }} -- ./config.sh --unattended --url "{{ .RepoURL }}" --token "$GITHUB_TOKEN" $RUNNER_GROUP_OPT --name "{{ .RunnerName }}" --labels "{{ .RunnerLabels }}" --ephemeral 2>$ERROUT + ./config.sh --unattended --url "{{ .RepoURL }}" --token "$GITHUB_TOKEN" $RUNNER_GROUP_OPT --name "{{ .RunnerName }}" --labels "{{ .RunnerLabels }}" --ephemeral 2>$ERROUT if [ $? -eq 0 ]; then rm $ERROUT || true sendStatus "runner successfully configured after $attempt attempt(s)" @@ -140,7 +140,7 @@ while true; do # if the runner is already configured, remove it and try again. In the past configuring a runner # managed to register it but timed out later, resulting in an error. - sudo -u {{ .RunnerUsername }} -- ./config.sh remove --token "$GITHUB_TOKEN" || true + ./config.sh remove --token "$GITHUB_TOKEN" || true if [ $attempt -gt 5 ];then rm $ERROUT || true @@ -155,7 +155,7 @@ done set -e sendStatus "installing runner service" -./svc.sh install {{ .RunnerUsername }} || fail "failed to install service" +sudo ./svc.sh install {{ .RunnerUsername }} || fail "failed to install service" if [ -e "/sys/fs/selinux" ];then sudo chcon -h user_u:object_r:bin_t /home/runner/ || fail "failed to change selinux context" @@ -163,7 +163,7 @@ if [ -e "/sys/fs/selinux" ];then fi sendStatus "starting service" -./svc.sh start || fail "failed to start service" +sudo ./svc.sh start || fail "failed to start service" set +e AGENT_ID=$(grep "agentId" /home/{{ .RunnerUsername }}/actions-runner/.runner | tr -d -c 0-9) diff --git a/util/util.go b/util/util.go index f1e040c7..bf8f29ac 100644 --- a/util/util.go +++ b/util/util.go @@ -277,7 +277,7 @@ func GetCloudConfig(bootstrapParams params.BootstrapInstance, tools github.Runne cloudCfg.AddSSHKey(bootstrapParams.SSHKeys...) cloudCfg.AddFile(installScript, "/install_runner.sh", "root:root", "755") - cloudCfg.AddRunCmd("/install_runner.sh") + cloudCfg.AddRunCmd(fmt.Sprintf("su -l -c /install_runner.sh %s", appdefaults.DefaultUser)) cloudCfg.AddRunCmd("rm -f /install_runner.sh") if bootstrapParams.CACertBundle != nil && len(bootstrapParams.CACertBundle) > 0 { if err := cloudCfg.AddCACert(bootstrapParams.CACertBundle); err != nil {