RUNNER_ALLOW_RUNASROOT variable is not set during start-runner operations #1524
Description
During instance startup when trying to launch the runner as root, the following logs are produced and the runner fails to launch.
| 2021-12-16T12:34:20.628-06:00 | Dec 16 18:34:19 ip-10-100-76-217 user-data: Delete GH Runner token from AWS SSM
| 2021-12-16T12:34:20.628-06:00 | Dec 16 18:34:20 ip-10-100-76-217 user-data: Configure GH Runner as user root
| 2021-12-16T12:34:20.628-06:00 | Dec 16 18:34:20 ip-10-100-76-217 systemd: Created slice User Slice of root.
| 2021-12-16T12:34:20.628-06:00 | Dec 16 18:34:20 ip-10-100-76-217 systemd: Started Session c1 of user root.
| 2021-12-16T12:34:20.628-06:00 | Dec 16 18:34:20 ip-10-100-76-217 user-data: Must not run with sudo
The logs never reach "Starting the runner as user" as expected so it seems that the ./config.sh call is failing. To hackfix this, I'm approaching it like so:
...
if [[ "$run_as" == "root" ]]; then
run_as_root_flag='RUNNER_ALLOW_RUNASROOT=1'
fi
echo "Configure GH Runner as user $run_as"
sudo -u "$run_as" -- $run_as_root_flag ./config.sh --unattended --name "$instance_id" --work "_work" $${config}
## Start the runner
echo "Starting runner after $(awk '{print int($1/3600)":"int(($1%3600)/60)":"int($1%60)}' /proc/uptime)"
echo "Starting the runner as user $run_as"
if [[ $agent_mode = "ephemeral" ]]; then
echo "Starting the runner in ephemeral mode"
sudo -u "$run_as" -- $run_as_root_flag ./run.sh
echo "Runner has finished"
echo "Stopping cloudwatch service"
service awslogsd stop
echo "Terminating instance"
aws ec2 terminate-instances --instance-ids "$instance_id" --region "$region"
else
echo "Installing the runner as a service"
./svc.sh install "$run_as"
echo "Starting the runner in persistent mode"
./svc.sh start
fiPlease let me know if there's a config I'm missing or there's a better way to accomplish this, otherwise I can put in a PR with this.