Use sudo for docker commands so that we do not have to sudo make build_current.
What does this MR do?
This applies sudo
directly to the docker commands in make build_current
that require it. With this, make build_current
need not be run with sudo
.
Why was this MR needed?
Currently, following the instructions at https://docs.gitlab.com/runner/development/ , sudo
is needed to make build_current
. However, only the docker
commands actually require sudo
, so all the other commands run in the course of the make
are running with more privileges than than they need.
Are there points in the code the reviewer needs to double check?
The most significant change is to the docker export
command. Simply applying sudo
with the normal -o
flag would result in an output file owned by root, meaning the later xz
command would also require sudo
. Of course, applying sudo
to xz
as well works fine, and might be more elegant, but it would mean that another command would be running with more privileges than strictly necessary. This current version mangles the docker export
command to write the output file as the regular user, so that the later xz
will not require sudo
. I'm not sure whether this is the best way.
EDIT: Hmm, more importantly, the build fails due to lack of sudo
. I guess we can't assume availability of sudo
? Is there an alternative we can use to restrict the privileges make
is running with?
Does this MR meet the acceptance criteria?
-
Documentation created/updated -
Added tests for this feature/bug -
In case of conflicts with master
- branch was rebased