Please note: I have also used the way which is mentioned hereīut, I found that usermod is not there for macOS. password for gitlab-runner: Sorry, try again. Output 3: Fetching changes with git depth set to 20. Please note: I have saved $password_secret in Gitlab variables and it's value is $cret as someone on google said this can be it's value. So, to resolve this, I used sudo -S su < $password_secret as shown: # Is performed before the scripts in the stages step It says sudo: a terminal is required to read the password either use the -S option to read from standard input or configure an askpass helper sudo: a password is required Sudo: a terminal is required to read the password either use the -S option to read from standard input or configure an askpass helper Output 2: Getting source from Git repositoryįetching changes with git depth set to 20. But with the above change, I started to get this issue. Where I am trying to remove /var/cache/apt/archives/lock and /var/lib/dpkg/lock, as this is what I found on Google. So to resolve the above issue, I thought to change the brefore_script part with this # Is performed before the scripts in the stages step Which says E: Could not open lock file /var/lib/dpkg/lock-frontend - open (13: Permission denied) E: Unable to acquire the dpkg frontend lock (/var/lib/dpkg/lock-frontend), are you root? $ apt-get install -y libncurses5-dev libglib2.0-dev libgeoip-dev libtokyocabinet-dev zlib1g-dev libncursesw5-dev libbz2-devĮ: Could not open lock file /var/lib/dpkg/lock-frontend - open (13: Permission denied)Į: Unable to acquire the dpkg frontend lock (/var/lib/dpkg/lock-frontend), are you root?Ĭleaning up project directory and file based variables Reinitialized existing Git repository in /home/gitlab-runner/builds/GJ7z2Aym/0/edge_release_management/.git/Įxecuting "step_script" stage of the job script Output 1: Fetching changes with git depth set to 20. The problem I initially getting with the above gitlab-ci.yml file was: # The files which are to be made available in GitLab # This stage is only executed for new tags apt-get install -y libncurses5-dev libglib2.0-dev libgeoip-dev libtokyocabinet-dev zlib1g-dev libncursesw5-dev libbz2-dev # Defines stages which are to be executed My first gitlab-ci.yml file was(which is just given there on the official link of gitlab I provided above): # Is performed before the scripts in the stages step PS: I am using mac andįollowing this official link by gitlab to get my task done "John T"'s comment should also include the "-k" parameter, as if you run "sudo -S" without "-k" and sudo authentication cache already has your credentials (and is still valid, default sudo authentication cache is 5 minutes) then bash will run your password as a command instead, which is bad.I am new to gitlab runners and trying to automate my project so that whenever a new tag is released, it should build a new deb package. Setting "echo "" | sudo -S -v" to a variable instead might also be a good idea, then just run the variable before each command that needs root privileges, see Janar's comment. However, I'm thinking using this for scripting purposes, so I'll keep it at the top of all my scripts for best security practices. You could also put "export HISTIGNORE=' sudo -S'" in your ~/.bashrc file, then load it with ". Yes, whoami shouldn't take 5 minutes, but I figure might as well have it run before each command for consistency. Note I ran a sudo before each command to ensure that the sudo cache is updated, as the default is 5 mintues. But the downside of this is that you'll need to be aware of the 5 minute cache.įor example: $ export HISTIGNORE='*sudo -S*' Another method is to update the sudo authentication credential cache (default is enabled with 5 minutes timeout), then run the sudo separately. The downside to the above method is that if you want to see the commands you ran in the history later on they won't be there. $ echo "" | sudo -S -k bash /tmp/myscript.sh “-k” means to ignore cached credentials to force sudo “-S”, means to use stdin for the password, That is the history in memory or "~/.bash_history" file.įor example, the below will safely pipe your password to the sudo command, without "HISTIGNORE" means to not save this command into the history. Then pass your password safely to sudo: $ echo "your_password" | sudo -S -k Set HISTIGNORE to " sudo -S" $ export HISTIGNORE='*sudo -S*'
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |