Skip to content

Commit 9df6cf6

Browse files
committed
Use non-root user in actions
Refs: actions/checkout#211 (comment)
1 parent 37d3d40 commit 9df6cf6

File tree

1 file changed

+16
-2
lines changed

1 file changed

+16
-2
lines changed

.github/workflows/ci.yaml

Lines changed: 16 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -7,17 +7,31 @@ on:
77
branches: [master]
88

99
jobs:
10+
configure:
11+
runs-on: ubuntu-latest
12+
outputs:
13+
uid_gid: ${{ steps.get-user.outputs.uid_gid }}
14+
steps:
15+
- id: get-user
16+
run: echo "::set-output name=uid_gid::$(id -u):$(id -g)"
17+
1018
clone-and-install:
19+
needs: configure
1120
runs-on: ubuntu-latest
12-
container: mcr.microsoft.com/vscode/devcontainers/base:ubuntu
21+
container:
22+
image: mcr.microsoft.com/vscode/devcontainers/base:ubuntu
23+
options: --user ${{ needs.configure.outputs.uid_gid }}
1324
steps:
1425
- uses: actions/checkout@v2
1526
- run: ./install
1627
- run: '"$HOME/.local/bin/chezmoi" data'
1728

1829
convenience-script:
30+
needs: configure
1931
runs-on: ubuntu-latest
20-
container: mcr.microsoft.com/vscode/devcontainers/base:ubuntu
32+
container:
33+
image: mcr.microsoft.com/vscode/devcontainers/base:ubuntu
34+
options: --user ${{ needs.configure.outputs.uid_gid }}
2135
steps:
2236
- run: sh -c "$(wget -qO- 'https://raw.githubusercontent.com/felipecassiors/dotfiles/${{ github.sha }}/scripts/install_dotfiles.sh')"
2337
- run: '"$HOME/.local/bin/chezmoi" data'

0 commit comments

Comments
 (0)