Gitlab-runner (executor docker) problem in non root image

GitLab CI/CD
1

Have docker-image with non root user
But in job, repo checkouted with root rights. (why? helpers?)

any ideas how make checkout with my user?

dockerfile mock 
FROM ubuntu:xenial 

# does not matter

RUN groupadd mygroup \
 && useradd -d /home/myuser -s /bin/bash -m -g mygroup myuser \
 && mkdir -p /builds \
 && mkdir -p /cache \
 && chown myuser:mygroup /builds \
 && chown myuser:mygroup /cache

USER myuser
WORKDIR /home/myuser
# END OF FILE
config.toml 
concurrent = 10
check_interval = 0

[session_server]
  session_timeout = 1800

[[runners]]
  name = "docker-runners"
  limit = 0
  output_limit = 4096
  url = "{server here}"
  token = "{token here}"
  executor = "docker"
  [runners.custom_build_dir]
  [runners.docker]
    tls_verify = false
  image = "{base image here}"
  privileged = false
    disable_entrypoint_overwrite = false
    oom_kill_disable = true
    disable_cache = false
  volumes = ["/var/run/docker.sock:/var/run/docker.sock", "/cache"]
    shm_size = 0
  [runners.cache]
    [runners.cache.s3]
    [runners.cache.gcs]
  environment = []
.gitlab-ci.yml 
test_custom_user:
  image: {non root image here}
  script:
    - ls -al
    - whoami
2

I think what you’re looking for is https://gitlab.com/gitlab-org/gitlab-runner/issues/2750.

1 Like
3

Thank you for link!.
Exactly same question. Found some tricks in answers.

4

But did you actually find a solution? I only see two very hacky workarounds, and a suggestion that the better one won’t work for your use-case. What have you done, in the end?