4

I'm using gitlab-ci for my simple project.

And everything is ok my runner is working on my local machine(ubuntu18-04) and I tested it with simple .gitlab-ci.yml.

Now I try to use the following yml:

image: ubuntu:18.04 

build-job:
  stage: build
  script:
    - echo "Hello, $GITLAB_USER_LOGIN!"
    - sudo apt-get update

but I get the following error:

/bin/bash: line 110: sudo: command not found

How can I use sudo?

badcode
  • 581
  • 1
  • 9
  • 28
  • 1
    Why do you need `sudo` at all? A typical out-of-the-box upstream Linux-distro-centric Docker container invokes its processes as root _already_, so there's nothing for `sudo` to do. – Charles Duffy Jan 17 '21 at 16:30
  • 1
    (With my information-security hat on, I also really, _really_ hate to see containers following this pattern -- when the software gets upgraded at build time to whatever-a-network-resource-happens-to-currently-have you have no guarantees about exactly which packages are active in any given run, and also need to be sure you rebuild your containers after relevant security updates; the Nix approach, where resolving individual versions happens when calculating steps for the run -- so this information is stored and available for later lookup -- makes far more sense). – Charles Duffy Jan 17 '21 at 16:40

1 Answers1

3

You shouldn't have to worry about updating the Ubuntu image used in a Gitlab CI pipeline job because the docker container is destroyed when the job is finished. Furthermore, the docker images are frequently updated. If you look at ubuntu:18.04's docker hub page, it was just updated 2 days ago: https://hub.docker.com/_/ubuntu?tab=tags&page=1&ordering=last_updated

Since you're doing an update here, I'm going to assume that next you might want to install some packages. It's possible to do so, but not advised since every pipeline that you run will have to install those packages, which can really slow them down. Instead, you can create a custom docker image based on a parent image and customize it that way. Then you can either upload that docker image to docker hub, Gitlab's registry (if using self-hosted Gitlab, it has to be enabled by an admin), or built on all of your gitlab-runners.

Here's a dumb example:

# .../custom_ubuntu:18.04/Dockerfile
FROM ubuntu:18.04
RUN apt-get install git

Next you can build the image: docker build /path/to/directory/that/has/dockerfile, tag it so you can reference it in your pipeline config file: docker tag aaaaafffff59 my_org/custom_ubuntu:18.04. Then if needed you can upload the tagged image docker push my_org/custom_ubuntu:18.04.

In your .gitlab-ci.yml file, reference this custom Ubuntu image:

image: my_org/custom_ubuntu:18.04 

build-job:
  stage: build
  script:
    - echo "Hello, $GITLAB_USER_LOGIN!"
    - git --version # ensures the package you need is available

You can read more about using custom images in Gitlab CI here: https://docs.gitlab.com/charts/advanced/custom-images/

Adam Marshall
  • 6,369
  • 1
  • 29
  • 45
  • "You shouldn't have to worry about updating the Ubuntu image" You absolutely should, since most packages you might need aren't install by default... – Cerin Jun 19 '21 at 01:06
  • In that case, you're free to create a custom image based on Ubuntu with updates and any new packages installed that you need, then use the custom image. Updates and package installations shouldn't be done in a running pipeline (just from a time loss perspective). – Adam Marshall Jun 24 '21 at 17:52