Sebastian/action-stalwart-install
1
0
Fork 0
mirror of https://github.com/SebastianKrupinski/action-stalwart-install.git synced 2026-04-11 20:55:01 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: use sudo

Browse Source 
Signed-off-by: Sebastian Krupinski <krupinski01@gmail.com>
This commit is contained in:
Sebastian Krupinski
2026-02-23 20:34:07 -05:00
parent f64999c8a2
commit fd6196def2
3 changed files with 23 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
.github/workflows/test.yml vendored
View File

@@ -345,6 +345,11 @@ jobs:
- name: Checkout repository - name: Checkout repository
uses: actions/checkout@v4 uses: actions/checkout@v4
- name: Install dependencies
run: |
sudo apt-get update -qq
sudo apt-get install -y jq curl
- name: Test invalid JSON (domains) - name: Test invalid JSON (domains)
id: test_invalid_domains id: test_invalid_domains
continue-on-error: true continue-on-error: true

17
action.yml
View File

@@ -25,10 +25,13 @@ runs:
run: | run: |
echo "::group::Checking prerequisites" echo "::group::Checking prerequisites"
# Check if running as root # Check if running as root or if sudo is available
if [ "$(id -u)" -ne 0 ]; then if [ "$(id -u)" -ne 0 ]; then
echo "::error::This action must run as root. Use 'sudo' or run in a container with root privileges." if ! command -v sudo &> /dev/null; then
exit 1 echo "::error::This action must run as root or 'sudo' must be available."
exit 1
fi
echo " Running as non-root user — will use sudo for privileged steps."
fi fi
# Check for required commands # Check for required commands
@@ -49,7 +52,9 @@ runs:
run: | run: |
echo "::group::Installing Stalwart Mail Server" echo "::group::Installing Stalwart Mail Server"
chmod +x "${{ github.action_path }}/scripts/install.sh" chmod +x "${{ github.action_path }}/scripts/install.sh"
"${{ github.action_path }}/scripts/install.sh" SUDO=""
if [ "$(id -u)" -ne 0 ]; then SUDO="sudo -E"; fi
$SUDO "${{ github.action_path }}/scripts/install.sh"
echo "::endgroup::" echo "::endgroup::"
- name: Configure Stalwart - name: Configure Stalwart
@@ -72,7 +77,9 @@ runs:
echo "::group::Configuring Stalwart" echo "::group::Configuring Stalwart"
chmod +x "${{ github.action_path }}/scripts/configure.sh" chmod +x "${{ github.action_path }}/scripts/configure.sh"
"${{ github.action_path }}/scripts/configure.sh" SUDO=""
if [ "$(id -u)" -ne 0 ]; then SUDO="sudo -E"; fi
$SUDO "${{ github.action_path }}/scripts/configure.sh"
echo "::endgroup::" echo "::endgroup::"
- name: Display completion message - name: Display completion message

7
scripts/configure.sh
View File

@@ -58,7 +58,12 @@ main() {
# Save admin password to temp file for testing/debugging (remove in production) # Save admin password to temp file for testing/debugging (remove in production)
echo "$current_password" > /tmp/stalwart_admin_password echo "$current_password" > /tmp/stalwart_admin_password
chmod 600 /tmp/stalwart_admin_password # Use 644 so the invoking (non-root) runner user can read the file
chmod 644 /tmp/stalwart_admin_password
# If invoked via sudo, transfer ownership back to the calling user
if [ -n "${SUDO_USER:-}" ]; then
chown "$SUDO_USER" /tmp/stalwart_admin_password
fi
# Create domains if provided # Create domains if provided
if [ -n "$DOMAINS_JSON" ]; then if [ -n "$DOMAINS_JSON" ]; then