android-emulator-runner icon indicating copy to clipboard operation
android-emulator-runner copied to clipboard

Published 20 hours ago verified publisher icon ReactiveCircus

Don't rely on sudo

Open adiknoth opened this issue 4 years ago • 8 comments

https://github.com/ReactiveCircus/android-emulator-runner/blob/e22ecdedeed4a7a597291c493ef554b21e73f44c/src/sdk-installer.ts#L18

issues a sudo call. CI is often confined to an unprivileged user for isolation purposes. Don't assume the CI runner can write anything but their own working directory.

Any reference to sudo must be avoided, you simply don't have root.

adiknoth avatar Jul 02 '20 09:07 adiknoth

From GitHub Actions docs:

The Linux and macOS virtual machines both run using passwordless sudo. When you need to execute commands or install tools that require more privileges than the current user, you can use sudo without needing to provide a password.

ychescale9 avatar Jul 02 '20 09:07 ychescale9

I have the same issue. The problem is that we are running in a self-hosted machine. Is there a workaround for this? (perhaps pre configuring the path with privileges for the runner user?)

inm-certi avatar Jul 02 '20 21:07 inm-certi

@inm-certi I can think of 2 solutions:

  1. require that the Android SDK on the self-hosted machine be fully configured:
    • android-sdk-preview-license needs to be accepted
    • cmdline-tools installed and configured if you care about building with JDK 9+
  2. ignore the pre-installed Android SDK in $ANDROID_HOME and do a complete download and installation of the SDK in the current working directory.

Neither is required on macos, and I'm not sure how many users are interested in running this action with a self-hosted ubuntu runner. If you have control on your runner, you could even go further by enabling KVM on the machines so you can get hardware-accelerated emulators on Linux. But at that point you might as well write your own action as you've already done > 50% of what Android Emulator Runner is doing.

TLDR is I'm not personally super interested in working on Linux support for this action unless KVM is enabled for the GitHub hosted runners in the future. If anyone who cares about Linux / self-hosted runner support is willing to contribute I'd be happy to accept a PR:)

ychescale9 avatar Jul 03 '20 06:07 ychescale9

Yes, I'm thinking about doing this PR. I was just trying to understand which other options would I have.

I am thinking about create a flag on action.yml, named self-hosted, for example:

  self-hosted:
    description: 'Run the actions in a self-hosted environment. This option will ignore your current "ANDROID_HOME" installation and install do a fresh install'
    default: 'false'

Although I could not use this action at all, and do the setup on my machine, I'd rather use this action and have a solution flexible, so I can run it anywhere. :)

inm-certi avatar Jul 03 '20 12:07 inm-certi

Thanks for willing to contribute! I haven’t worked with self hosted runner before so I’m not sure what the general requirements are for those users, we could define a unique path for self hosted runners but I’m a bit concerned this might open up a can of worms as some of the other action configs might be affected or only work in certain scenarios. Basically the line between the hosted machine environment and the action itself would be even more blurry which I imagine would make supporting / debugging harder.

WRT doing a fresh SDK download and installation, wouldn’t it be better if the self hosted machines are setup with all the required SDK components installed license accepted in which case the action can completely skip the sdk-installer step?

ychescale9 avatar Jul 03 '20 13:07 ychescale9

Thanks for this comment, I was coding when I read. So I included a option to specify the path to android-home, so it is possible to use a pre installed sdk, or install if required. In my personal case, would be bad to pre install in each machine. I have a pool of machine, and any change (SDK version for example) would required to update and sync each one.

I think it will solve the problem with pre existing environments or others actions.

The code was based on another action that does it: install the android sdk, which some small changes. https://github.com/Malinskiy/action-android

I will run some tests and open the PR.

inm-certi avatar Jul 03 '20 18:07 inm-certi

I included a option to specify the path to android-home

I like that better 👍

ychescale9 avatar Jul 04 '20 08:07 ychescale9

Hello,

I see Y'all are re-implementing stuff that is already implemented :) https://github.com/android-actions/setup-android/blob/main/src/main.ts

Regards, Vilius

ViliusSutkus89 avatar May 28 '21 07:05 ViliusSutkus89