From 669a778d19ddcea2a47a0b421fcba63cc71afc76 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Joakim=20Kolsj=C3=B6?= <joakim.kolsjo@gmail.com>
Date: Mon, 2 Dec 2024 14:43:15 +0100
Subject: [PATCH] Fixing running sudo within the GHA setup

Co-authored-by: Peter Wall <47324121+p-wall@users.noreply.github.com>
---
 app/controllers/api/cloud_inits_controller.rb | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/app/controllers/api/cloud_inits_controller.rb b/app/controllers/api/cloud_inits_controller.rb
index aa35a18..bb86a4d 100644
--- a/app/controllers/api/cloud_inits_controller.rb
+++ b/app/controllers/api/cloud_inits_controller.rb
@@ -27,11 +27,13 @@ def show
 	  },
 	],
 	runcmd: [
-          "while read -r env; do export \"$env\"; done < /etc/environment",
 	  "systemctl stop sshd",
 	  "systemctl disable sshd",
 	  "curl https://maintenance.auctionet.dev/running; true",
-          "curl -s https://raw.githubusercontent.com/actions/runner/main/scripts/create-latest-svc.sh | bash -s #{App.github_actions_runner_scope}",
+
+          # The script relies on running sudo but we've disabled root which means it will bring up a prompt to set a password. Running su will run it as the default user that can sudo and also reload the /etc/environment variables.
+          "su username -c 'curl -s https://raw.githubusercontent.com/actions/runner/main/scripts/create-latest-svc.sh | bash -s #{App.github_actions_runner_scope}'",
+
 	  "curl https://maintenance.auctionet.dev/it-ran; true",
 	  "reboot",
 	],