SME-532: Fix runner permissions (#61)

gruntwork-io · May 1, 2024 · 0e1d503 · 0e1d503
1 parent 30ca77d
commit 0e1d503
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 23 deletions.
diff --git a/Dockerfile b/Dockerfile
@@ -1,5 +1,5 @@
 # Dockerfile used in execution of Github Action
-FROM gruntwork/terragrunt:0.1.0
+FROM gruntwork/terragrunt:0.2.0
 LABEL maintainer "Gruntwork <[email protected]>"
 
 ENV MISE_CONFIG_DIR=~/.config/mise
@@ -8,8 +8,6 @@ ENV MISE_DATA_DIR=~/.local/share/mise
 ENV MISE_CACHE_DIR=~/.cache/mise
 ENV ASDF_HASHICORP_TERRAFORM_VERSION_FILE=.terraform-version
 
-ENV PATH="~/.local/share/mise/shims:~/mise:${PATH}"
-
 COPY ["./src/main.sh", "/action/main.sh"]
 
 ENTRYPOINT ["/action/main.sh"]
diff --git a/terragrunt/Dockerfile b/terragrunt/Dockerfile
@@ -6,7 +6,8 @@ LABEL maintainer "Gruntwork <[email protected]>"
 ARG MISE_VERSION_INSTALL=v2024.4.0
 
 ENV DEBIAN_FRONTEND=noninteractive
-RUN apt-get update && apt-get install -y \
+RUN apt-get update \
+    && apt-get install -y \
     curl \
     git \
     jq \
@@ -15,30 +16,14 @@ RUN apt-get update && apt-get install -y \
     sudo \
     && rm -rf /var/lib/apt/lists/*
 
-# Create runner user
-RUN addgroup --system --gid 127 docker \
-    && useradd --system -u 1001 -g 127 -ms /bin/bash runner \
-    && usermod -aG sudo runner && echo 'runner ALL=(ALL) NOPASSWD:ALL' >> /etc/sudoers
-USER runner
-WORKDIR /home/runner
-
 RUN mkdir -p /home/runner/.ssh
 COPY ./known_hosts /home/runner/.ssh/known_hosts
 
 # install mise
-RUN mkdir -p "${HOME}/mise" \
-    && wget -q "https://github.com/jdx/mise/releases/download/${MISE_VERSION_INSTALL}/mise-${MISE_VERSION_INSTALL}-linux-x64" -O "/${HOME}/mise/mise" \
-    && chmod u+x "${HOME}/mise/mise"
-
-ENV MISE_CONFIG_DIR=~/.config/mise
-ENV MISE_STATE_DIR=~/.local/state/mise
-ENV MISE_DATA_DIR=~/.local/share/mise
-ENV MISE_CACHE_DIR=~/.cache/mise
-ENV ASDF_HASHICORP_TERRAFORM_VERSION_FILE=.terraform-version
+RUN wget -q "https://github.com/jdx/mise/releases/download/${MISE_VERSION_INSTALL}/mise-${MISE_VERSION_INSTALL}-linux-x64" -O "/usr/bin/mise" \
+    && chmod +x "/usr/bin/mise"
 
-# Running action as runner user
-# https://docs.github.com/en/actions/creating-actions/dockerfile-support-for-github-actions#user
-ENV PATH="~/.local/share/mise/shims:~/mise:${PATH}"
+ENV PATH="~/.local/share/mise/shims:${PATH}"
 
 ENV TF_INPUT=false
 ENV TF_IN_AUTOMATION=1