New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Superchain: sudo broken? #3746
Comments
Hi @udondan! Indeed, we were trying to fix the same problem that you've encountered. It's a weird one. Right now, the best I can do is to add ---
name: Test
on:
push:
branches:
- main
workflow_dispatch:
jobs:
test-sudo:
name: Test sudo
runs-on: ubuntu-latest
container:
image: jsii/superchain:1-buster-slim-node14
options: --group-add sudo
steps:
- name: Run command with sudo
run: |
whoami
sudo whoami This is the workaround for me at the moment. If you're using projen, the fix looks something like this: const buildWorkflow = project.tryFindObjectFile('.github/workflows/build.yml');
buildWorkflow.patch(JsonPatch.add('/jobs/build/container/options', '--group-add sudo')); Hopefully this information helps! |
Absolutely! Thanks for the workaround. That fixed it. I guess we leave this open until we at least understand the problem? Or feel free to close. Setting the option is perfectly fine for me. |
Yeah this is particularly odd as we changed nothing related to our |
It appears the latest |
|
Describe the bug
Since August 31 I'm getting errors from my guthub action which uses jsii/superchain:1-buster-slim, failing to run a command with
sudo
. The command is unchanged and was running since pretty much forever:Which now results in
I see that there was a change on the sudoers settings on September 1: https://github.com/aws/jsii/pull/3737/files
So yeah, I realize that this change was made 1 day after it started to fail for me. Also, I see nothing wrong with the change, IMHO it should work with both. But the fact that the change was made very closely to when it started to fail on my end is a smoking gun. Maybe you @RomainMuller tried to actually fix the very same problem I'm experiencing?
Also what is strange is, this only happens in a github action. Locally no issues:
I prepared a demo repo with a minimal example https://github.com/udondan/superchain-sudo-test
Since the action output is not public, I'm attaching a screenshot:
Expected Behavior
sudo should execute, as per sudoers setting
Current Behavior
sudo fails as if sudoers settings are not available/correct
Reproduction Steps
In a github action, run a sudo command
Possible Solution
No response
Additional Information/Context
No response
SDK version used
Environment details (OS name and version, etc.)
The text was updated successfully, but these errors were encountered: