Merge pull request #64 from DeterminateSystems/hoverbear/fh-156-installer-action-shouldnt-require-sudo

No longer require sudo
This commit is contained in:
Ana Hobden 2024-01-09 09:50:39 -08:00 committed by GitHub
commit 0f8fa3d242
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 35 additions and 15 deletions

24
dist/index.js generated vendored
View file

@ -488,11 +488,14 @@ class NixInstallerAction {
} }
} }
async setup_kvm() { async setup_kvm() {
const current_user = (0,node_os__WEBPACK_IMPORTED_MODULE_8__.userInfo)();
const is_root = current_user.uid === 0;
const maybe_sudo = is_root ? "" : "sudo";
const kvm_rules = "/etc/udev/rules.d/99-determinate-nix-installer-kvm.rules"; const kvm_rules = "/etc/udev/rules.d/99-determinate-nix-installer-kvm.rules";
try { try {
const write_file_exit_code = await _actions_exec__WEBPACK_IMPORTED_MODULE_3__.exec("sh", [ const write_file_exit_code = await _actions_exec__WEBPACK_IMPORTED_MODULE_3__.exec("sh", [
"-c", "-c",
`echo 'KERNEL=="kvm", GROUP="kvm", MODE="0666", OPTIONS+="static_node=kvm"' | sudo tee ${kvm_rules} > /dev/null`, `echo 'KERNEL=="kvm", GROUP="kvm", MODE="0666", OPTIONS+="static_node=kvm"' | ${maybe_sudo} tee ${kvm_rules} > /dev/null`,
], { ], {
silent: true, silent: true,
listeners: { listeners: {
@ -513,7 +516,11 @@ class NixInstallerAction {
if (write_file_exit_code !== 0) { if (write_file_exit_code !== 0) {
throw new Error(`Non-zero exit code of \`${write_file_exit_code}\` detected while writing '${kvm_rules}'`); throw new Error(`Non-zero exit code of \`${write_file_exit_code}\` detected while writing '${kvm_rules}'`);
} }
const debug_run_throw = async (action, command, args) => { const debug_root_run_throw = async (action, command, args) => {
if (!is_root) {
args = [command, ...args];
command = "sudo";
}
const reload_exit_code = await _actions_exec__WEBPACK_IMPORTED_MODULE_3__.exec(command, args, { const reload_exit_code = await _actions_exec__WEBPACK_IMPORTED_MODULE_3__.exec(command, args, {
silent: true, silent: true,
listeners: { listeners: {
@ -535,20 +542,23 @@ class NixInstallerAction {
throw new Error(`Non-zero exit code of \`${reload_exit_code}\` detected while ${action}.`); throw new Error(`Non-zero exit code of \`${reload_exit_code}\` detected while ${action}.`);
} }
}; };
await debug_run_throw("reloading udev rules", `sudo`, [ await debug_root_run_throw("reloading udev rules", "udevadm", [
"udevadm",
"control", "control",
"--reload-rules", "--reload-rules",
]); ]);
await debug_run_throw("triggering udev against kvm", `sudo`, [ await debug_root_run_throw("triggering udev against kvm", "udevadm", [
"udevadm",
"trigger", "trigger",
"--name-match=kvm", "--name-match=kvm",
]); ]);
return true; return true;
} }
catch (error) { catch (error) {
await _actions_exec__WEBPACK_IMPORTED_MODULE_3__.exec("sudo", ["rm", "-f", kvm_rules]); if (is_root) {
await _actions_exec__WEBPACK_IMPORTED_MODULE_3__.exec("rm", ["-f", kvm_rules]);
}
else {
await _actions_exec__WEBPACK_IMPORTED_MODULE_3__.exec("sudo", ["rm", "-f", kvm_rules]);
}
return false; return false;
} }
} }

2
dist/index.js.map generated vendored

File diff suppressed because one or more lines are too long

View file

@ -630,6 +630,10 @@ class NixInstallerAction {
} }
private async setup_kvm(): Promise<boolean> { private async setup_kvm(): Promise<boolean> {
const current_user = userInfo();
const is_root = current_user.uid === 0;
const maybe_sudo = is_root ? "" : "sudo";
const kvm_rules = const kvm_rules =
"/etc/udev/rules.d/99-determinate-nix-installer-kvm.rules"; "/etc/udev/rules.d/99-determinate-nix-installer-kvm.rules";
try { try {
@ -637,7 +641,7 @@ class NixInstallerAction {
"sh", "sh",
[ [
"-c", "-c",
`echo 'KERNEL=="kvm", GROUP="kvm", MODE="0666", OPTIONS+="static_node=kvm"' | sudo tee ${kvm_rules} > /dev/null`, `echo 'KERNEL=="kvm", GROUP="kvm", MODE="0666", OPTIONS+="static_node=kvm"' | ${maybe_sudo} tee ${kvm_rules} > /dev/null`,
], ],
{ {
silent: true, silent: true,
@ -664,11 +668,15 @@ class NixInstallerAction {
); );
} }
const debug_run_throw = async ( const debug_root_run_throw = async (
action: string, action: string,
command: string, command: string,
args: string[], args: string[],
): Promise<void> => { ): Promise<void> => {
if (!is_root) {
args = [command, ...args];
command = "sudo";
}
const reload_exit_code = await actions_exec.exec(command, args, { const reload_exit_code = await actions_exec.exec(command, args, {
silent: true, silent: true,
listeners: { listeners: {
@ -694,21 +702,23 @@ class NixInstallerAction {
} }
}; };
await debug_run_throw("reloading udev rules", `sudo`, [ await debug_root_run_throw("reloading udev rules", "udevadm", [
"udevadm",
"control", "control",
"--reload-rules", "--reload-rules",
]); ]);
await debug_run_throw("triggering udev against kvm", `sudo`, [ await debug_root_run_throw("triggering udev against kvm", "udevadm", [
"udevadm",
"trigger", "trigger",
"--name-match=kvm", "--name-match=kvm",
]); ]);
return true; return true;
} catch (error) { } catch (error) {
await actions_exec.exec("sudo", ["rm", "-f", kvm_rules]); if (is_root) {
await actions_exec.exec("rm", ["-f", kvm_rules]);
} else {
await actions_exec.exec("sudo", ["rm", "-f", kvm_rules]);
}
return false; return false;
} }