Backport: fix: Allow non-root user to run the bundle-certificates script 17.3 (!2045) · Merge requests · GitLab.org / Build / CNG

Jason Plum requested to merge cherry-pick-ff65154b-2 into 17-3-stable Sep 30, 2024

What does this MR do?

Merge branch 'certificates-without-root' into 'master'

fix: Allow non-root user to run the bundle-certificates script

Closes gitlab-com/gl-infra/gitlab-dedicated/team#6336

See merge request !2043 (merged)

Merged-by: Jason Plum jplum@gitlab.com Approved-by: Jason Plum jplum@gitlab.com Co-authored-by: John Edge 13796758-jedge1@users.noreply.gitlab.com

(cherry picked from commit ff65154b)

f3342f04 fix: Allow non-root user to run update-ca-trust 73b1823b Add write permissions to /etc/pki/tls/certs ba0bc1ad Set extraction path to prevent modifying permissions

Co-authored-by: Jason Plum jplum@gitlab.com

Related issues

Checklist

See Definition of done.

For anything in this list which will not be completed, please provide a reason in the MR discussion

Required

Merge Request Title, and Description are up to date, accurate, and descriptive
MR targeting the appropriate branch
MR has a green pipeline on GitLab.com
When ready for review, MR is labeled "~workflow::ready for review" per the Distribution MR workflow

Expected (please provide an explanation if not completing)

Test plan indicating conditions for success has been posted and passes
Documentation created/updated
Integration tests added to GitLab QA
The impact any change in container size has should be evaluated
New dependencies are managed with dependencies.io

Backport: fix: Allow non-root user to run the bundle-certificates script 17.3

What does this MR do?

Related issues

Checklist

Required

Expected (please provide an explanation if not completing)

Merge request reports