Build as normal user and not as root (PROJQUAY-4630)

[dmc5179]

All commands in the Makefile start with "sudo". Building the code base should not require root access. And mistakes in the code or commands could seriously impact a system, i.e a misplaced rm -rf.

[HammerMeetNail]

@dmc5179 Thanks for the PR, this has been on our todo list. Gonna spin it up and see if we can get it merged.

[HammerMeetNail]

@dmc5179 Looks like this breaks CI. There's a handful of spots that include sudo still. Can you update the PR to remove them and we'll rerun CI?

$ rg --hidden sudo .
./cmd/install.go
94:	installCmd.Flags().BoolVarP(&askBecomePass, "askBecomePass", "", false, "Whether or not to ask for sudo password during SSH connection.")
258:	podmanCmd := fmt.Sprintf(`sudo podman run `+

./cmd/utils.go
189:		statement = `sudo /usr/bin/podman image import \
194:		statement = `sudo /usr/bin/podman image import \
205:		statement = `sudo /usr/bin/podman image import \
225:		statement = `sudo /usr/bin/podman image import \
246:		statement = `sudo /usr/bin/podman image import \

./cmd/uninstall.go
32:	uninstallCmd.Flags().BoolVarP(&askBecomePass, "askBecomePass", "", false, "Whether or not to ask for sudo password during SSH connection.")
66:	podmanCmd := fmt.Sprintf(`sudo podman run `+

./cmd/upgrade.go
37:	upgradeCmd.Flags().BoolVarP(&askBecomePass, "askBecomePass", "", false, "Whether or not to ask for sudo password during SSH connection.")
177:	podmanCmd := fmt.Sprintf(`sudo podman run `+

./.github/workflows/jobs.yml
58:        run: sudo pip install ansible-builder
61:        run: "sudo docker login -u ${{ secrets.REGISTRY_USERNAME }} -p ${{ secrets.REGISTRY_PASSWORD }} registry.redhat.io"
145:        run: ssh jonathan@quay 'sudo subscription-manager refresh; sudo yum -y install podman'
148:        run: ssh jonathan@quay "sudo podman login -u ${{ secrets.REGISTRY_USERNAME }} -p ${{ secrets.REGISTRY_PASSWORD }} registry.redhat.io"
244:        run: ssh jonathan@quay 'sudo subscription-manager refresh; sudo yum -y install podman'
247:        run: ssh jonathan@quay "sudo podman login -u ${{ secrets.REGISTRY_USERNAME }} -p ${{ secrets.REGISTRY_PASSWORD }} registry.redhat.io"
251:        run: ssh jonathan@quay 'sudo firewall-cmd --direct --add-rule ipv4 filter OUTPUT 0 -m state --state ESTABLISHED,RELATED -j ACCEPT; sudo firewall-cmd --direct --add-rule ipv4 filter OUTPUT 1 -p tcp -m tcp --dport=22 -j ACCEPT; sudo firewall-cmd --direct --add-rule ipv4 filter OUTPUT 1 -p tcp -m tcp --dport=8443 -j ACCEPT; sudo firewall-cmd --direct --add-rule ipv4 filter OUTPUT 2 -j DROP'

./.github/actions/setup-terraform/action.yml
42:      run: echo "$(terraform output --raw ip)  quay" | sudo tee -a /etc/hosts; sudo cat /etc/hosts

./README.md
9:- Passwordless `sudo` access on the target host (rootless install tbd)
97:$ sudo ./mirror-registry upgrade -v
112:$ sudo ./mirror-registry uninstall -v
148:**NOTE:** The build process pulls images from registry.redhat.io, you may need to run `sudo podman login registry.redhat.io` before starting the build.

[HammerMeetNail]

Closing this in lieu of #103