Merge pull request #9 from hapakaien/bugfix/sudoers-user

fix: add user directly into sudoers file

.github/workflows/main.yml

@@ -25,7 +25,7 @@ jobs:
           cat action.yml
 
       - name: Get sample PKGBUILD
-        run: wget https://github.com/datakrama/plenti-bin/raw/f5ffaaee02a2119aa16f6b7a27e87e198e096b47/PKGBUILD
+        run: wget https://github.com/hapakaien/plenti-bin/raw/f5ffaaee02a2119aa16f6b7a27e87e198e096b47/PKGBUILD
 
       - name: Running test
         uses: ./
@@ -95,7 +95,7 @@ jobs:
         uses: actions/checkout@v2.4.0
 
       - name: Get sample PKGBUILD
-        run: wget https://github.com/datakrama/plenti-bin/raw/f5ffaaee02a2119aa16f6b7a27e87e198e096b47/PKGBUILD
+        run: wget https://github.com/hapakaien/plenti-bin/raw/f5ffaaee02a2119aa16f6b7a27e87e198e096b47/PKGBUILD
 
       - name: Update action.yml to use edge tagged container image
         if: github.ref == 'refs/heads/main'

CHANGELOG.md

@@ -7,6 +7,15 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 
+### Changed
+
+- Move repo from datakrama to hapakaien
+- `builder` user is added to sudoers directly instead of via the wheel group
+
+### Fixed
+
+- `builder` is not in the sudoers file
+
 ## [1.1.1] - 2021-10-26
 
 ### Fixed

Dockerfile

@@ -5,11 +5,10 @@ FROM docker.io/library/archlinux:base-devel
 RUN pacman -Syu --needed --noconfirm pacman-contrib namcap git
 
 # Setup user
-RUN useradd --create-home --shell /bin/bash builder && \
-    passwd --delete builder && \
-    chown -vR builder:builder /home/builder && \
-    usermod -aG wheel builder && \
-    echo 'wheel  ALL=(ALL:ALL) ALL' >> /etc/sudoers
+RUN useradd -m builder && \
+    echo 'builder ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers
+WORKDIR /home/builder
+USER builder
 
 # Copy files
 COPY LICENSE README.md /

README.md

@@ -1,6 +1,6 @@
 # Arch Linux's package tools action
 
-[![GitHub Workflow Status](https://img.shields.io/github/workflow/status/datakrama/archlinux-package-action/CI?label=CI&style=flat-square)](https://github.com/datakrama/archlinux-package-action/actions) [![GitHub release (latest by date)](https://img.shields.io/github/v/release/datakrama/archlinux-package-action?style=flat-square)](https://github.com/datakrama/archlinux-package-action/releases) [![GitHub](https://img.shields.io/github/license/datakrama/archlinux-package-action?style=flat-square)](./LICENSE)
+[![GitHub Workflow Status](https://img.shields.io/github/workflow/status/hapakaien/archlinux-package-action/CI?label=CI&style=flat-square)](https://github.com/hapakaien/archlinux-package-action/actions) [![GitHub release (latest by date)](https://img.shields.io/github/v/release/hapakaien/archlinux-package-action?style=flat-square)](https://github.com/hapakaien/archlinux-package-action/releases) [![GitHub](https://img.shields.io/github/license/hapakaien/archlinux-package-action?style=flat-square)](./LICENSE)
 
 This action allows running tools needed for creating Arch Linux (and AUR) package. 
 Here's what this action can do:
@@ -52,7 +52,7 @@ jobs:
         uses: actions/checkout@v2
 
       - name: Validate package
-        uses: datakrama/archlinux-package-action@v1
+        uses: hapakaien/archlinux-package-action@v1
 ```
 
 #### 2. Only generate .SRCINFO
@@ -72,7 +72,7 @@ jobs:
         uses: actions/checkout@v2
 
       - name: Validate package
-        uses: datakrama/archlinux-package-action@v1
+        uses: hapakaien/archlinux-package-action@v1
         with:
           flags: ''
           namcap: false
@@ -96,7 +96,7 @@ jobs:
         uses: actions/checkout@v2
 
       - name: Validate package
-        uses: datakrama/archlinux-package-action@v1
+        uses: hapakaien/archlinux-package-action@v1
         with:
           flags: ''
           namcap: false
@@ -120,7 +120,7 @@ jobs:
         uses: actions/checkout@v2
 
       - name: Validate package
-        uses: datakrama/archlinux-package-action@v1
+        uses: hapakaien/archlinux-package-action@v1
         with:
           path: package
           flags: '-si --noconfirm'

entrypoint.sh

@@ -2,13 +2,15 @@
 set -e
 
 # Set path
-echo "::group::Copying file from $WORKPATH to /tmp/gh-action"
 WORKPATH=$GITHUB_WORKSPACE/$INPUT_PATH
+HOME=/home/builder
+echo "::group::Copying files from $WORKPATH to $HOME/gh-action"
 # Set path permision
-sudo -u builder mkdir /tmp/gh-action
-sudo -u builder cp -rfv "$GITHUB_WORKSPACE"/.git /tmp/gh-action/.git
-sudo -u builder cp -fv "$WORKPATH"/PKGBUILD /tmp/gh-action/PKGBUILD
-cd /tmp/gh-action
+cd $HOME
+mkdir gh-action
+cd gh-action
+cp -rfv "$GITHUB_WORKSPACE"/.git ./
+sudo cp -fv "$WORKPATH"/PKGBUILD ./
 echo "::endgroup::"
 
 # Update pkgver
@@ -30,7 +32,7 @@ fi
 # Update checksums
 if [[ $INPUT_UPDPKGSUMS == true ]]; then
     echo "::group::Updating checksums on PKGBUILD"
-    sudo -u builder updpkgsums
+    updpkgsums
     git diff PKGBUILD
     echo "::endgroup::"
 fi
@@ -38,7 +40,7 @@ fi
 # Generate .SRCINFO
 if [[ $INPUT_SRCINFO == true ]]; then
     echo "::group::Generating new .SRCINFO based on PKGBUILD"
-    sudo -u builder makepkg --printsrcinfo > .SRCINFO
+    makepkg --printsrcinfo > .SRCINFO
     git diff .SRCINFO
     echo "::endgroup::"
 fi
@@ -53,13 +55,13 @@ fi
 # Run makepkg
 if [[ -n $INPUT_FLAGS ]]; then
     echo "::group::Running makepkg with flags"
-    sudo -u builder makepkg $INPUT_FLAGS
+    makepkg $INPUT_FLAGS
     echo "::endgroup::"
 fi
 
-echo "::group::Copying files from /tmp/gh-action to $WORKPATH"
-cp -fv /tmp/gh-action/PKGBUILD "$WORKPATH"/PKGBUILD
-if [[ -e /tmp/gh-action/.SRCINFO ]]; then
-    cp -fv /tmp/gh-action/.SRCINFO "$WORKPATH"/.SRCINFO
+echo "::group::Copying files from $HOME/gh-action to $WORKPATH"
+sudo cp -fv PKGBUILD "$WORKPATH"/PKGBUILD
+if [[ -e .SRCINFO ]]; then
+    sudo cp -fv .SRCINFO "$WORKPATH"/.SRCINFO
 fi
 echo "::endgroup::"