在 gitlab 管道中运行“sudo su”

Question

I've installed some software on a server that my gitlab runner SSH's to, and one of the commands needs to be run after doing sudo su . If I run it as a regular user, but with sudo in front of it - it doesn't work. I have to first completely switch to the sudo user first.

This works fine when I SSH into the server and do the commands manually. But when I try it from the pipeline (rough code below):

my_script:
  stage: stage
  script:
    - ssh -o -i id_rsa -tt user@1.1.1.1 << EOF
    - sudo su
    - run_special_command <blah blah>
    - exit
    # above exits from the SSH. below should stop the pipeline
    - exit 0
    - EOF

I get very weird output like the below:

$ sudo su
[user@1.1.1.1 user]$ sudo su
echo $'\x1b[32;1m$ run_special_command <blah blah>\x1b[0;m'
run_special_command <blah blah>
echo $'\x1b[32;1m$ exit\x1b[0;m'
exit
echo $'\x1b[32;1m$ exit 0\x1b[0;m'
exit 0
echo $'\x1b[32;1m$ EOF\x1b[0;m'

And what I'm seeing is that it doesn't even run the command at all - and I can't figure out why.

Answer 1

In this case, you need to put your script as a multi-line string in your YAML. Alternatively, commit a shell script to repo and execute that.

and one of the commands needs to be run after doing sudo su. If I run it as a regular user, but with sudo in front of it - it doesn't work.

As a side note, you can probably use sudo -E instead of sudo su before the command. But what you have should also work with the multi-line script.

MyJob:
  script: |
    ssh -o -i id_rsa -tt user@host << EOF
    sudo -E my_command
    EOF
    exit 0

Alternatively, write your script into a shell script committed to the repository (with executable permissions set) and run it from your job:

MyJob:
  script: “my_script.sh”