From 4b299daf56e4b7d5f0cae64d633113f7e642358e Mon Sep 17 00:00:00 2001 From: Lior Rozner Date: Tue, 24 Feb 2026 21:07:14 -0800 Subject: [PATCH 01/10] Add Linux Docker test job to workflows Add a test-linux-docker job to both .github/workflows/ci.yaml and .github/workflows/integration-tests.yaml. The job runs in an ubuntu:24.04 container (--privileged) with a 10-minute timeout, verifies Twingate status and attempts to access a secure resource via curl. In CI it invokes the local action (./) with the SERVICE_KEY secret; in integration-tests it exercises the published action twingate/github-action@main (passing service-key and debug) to validate behavior in a Docker environment. --- .github/workflows/ci.yaml | 22 ++++++++++++++++++++++ .github/workflows/integration-tests.yaml | 22 ++++++++++++++++++++++ 2 files changed, 44 insertions(+) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 8c1af14..c8945cd 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -75,6 +75,28 @@ jobs: - run: echo "SUCCESS!!! 🤩 This job's status is ${{ job.status }}." + test-linux-docker: + runs-on: ubuntu-latest + container: + image: ubuntu:24.04 + options: --privileged + timeout-minutes: 10 + steps: + - uses: actions/checkout@v6 + + - uses: ./ + with: + service-key: ${{ secrets.SERVICE_KEY }} + + - name: Verify Twingate status + run: twingate status + + - name: Access a secure resource + env: + TEST_URL: http://business.prod.beamreachinc.int/ + run: | + curl -v $TEST_URL + test-windows: strategy: max-parallel: 4 diff --git a/.github/workflows/integration-tests.yaml b/.github/workflows/integration-tests.yaml index 23775b0..17ec2b1 100644 --- a/.github/workflows/integration-tests.yaml +++ b/.github/workflows/integration-tests.yaml @@ -51,6 +51,28 @@ jobs: if: always() run: journalctl -u twingate + test-linux-docker: + runs-on: ubuntu-latest + container: + image: ubuntu:24.04 + options: --privileged + timeout-minutes: 10 + steps: + - name: Test published action + uses: twingate/github-action@main + with: + service-key: ${{ secrets.SERVICE_KEY }} + debug: ${{ inputs.debug || 'false' }} + + - name: Verify Twingate status + run: twingate status + + - name: Access a secure resource + env: + TEST_URL: http://business.prod.beamreachinc.int/ + run: | + curl -v $TEST_URL + test-windows: strategy: max-parallel: 4 From dfae559e651f7e1b1d6c6368cc0b2ea6a605a7df Mon Sep 17 00:00:00 2001 From: Lior Rozner Date: Tue, 24 Feb 2026 21:20:25 -0800 Subject: [PATCH 02/10] fix: use GITHUB_ACTION_PATH env var for container compatibility Use runtime environment variable instead of parse-time context expression to resolve action path correctly inside Docker containers. Co-Authored-By: Claude Opus 4.5 --- action.yml | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/action.yml b/action.yml index 2d806dd..07fc541 100644 --- a/action.yml +++ b/action.yml @@ -26,7 +26,7 @@ runs: if: runner.os != 'Linux' && runner.os != 'Windows' shell: bash run: | - source ${{ github.action_path }}/scripts/linux-helpers.sh + source "$GITHUB_ACTION_PATH/scripts/linux-helpers.sh" log ERROR "Unsupported Runner OS: ${{ runner.os }}" exit 1 @@ -36,7 +36,7 @@ runs: shell: bash run: | export DEBUG_MODE='${{ inputs.debug }}' - source ${{ github.action_path }}/scripts/linux-helpers.sh + source "$GITHUB_ACTION_PATH/scripts/linux-helpers.sh" VERSION=$(get_twingate_version) echo "version=$VERSION" >> $GITHUB_OUTPUT @@ -50,7 +50,7 @@ runs: shell: powershell run: | $env:DEBUG_MODE = '${{ inputs.debug }}' - . ${{ github.action_path }}/scripts/windows-helpers.ps1 + . "$env:GITHUB_ACTION_PATH/scripts/windows-helpers.ps1" $version = Get-TwingateVersion Add-Content -Path $env:GITHUB_OUTPUT -Value "version=$version" @@ -95,7 +95,7 @@ runs: shell: bash run: | export DEBUG_MODE='${{ inputs.debug }}' - source ${{ github.action_path }}/scripts/linux-helpers.sh + source "$GITHUB_ACTION_PATH/scripts/linux-helpers.sh" VALID=$(validate_cache_linux) echo "valid=$VALID" >> $GITHUB_OUTPUT @@ -106,7 +106,7 @@ runs: shell: powershell run: | $env:DEBUG_MODE = '${{ inputs.debug }}' - . ${{ github.action_path }}/scripts/windows-helpers.ps1 + . "$env:GITHUB_ACTION_PATH/scripts/windows-helpers.ps1" $cacheDir = "${{ runner.temp }}\twingate-cache" $isValid = Validate-CacheWindows -CacheDir $cacheDir @@ -117,7 +117,7 @@ runs: shell: bash run: | export DEBUG_MODE='${{ inputs.debug }}' - source ${{ github.action_path }}/scripts/linux-helpers.sh + source "$GITHUB_ACTION_PATH/scripts/linux-helpers.sh" log DEBUG "Installing Twingate from cache" # Install all packages from cache directory (twingate + dependencies) @@ -129,7 +129,7 @@ runs: shell: powershell run: | $env:DEBUG_MODE = '${{ inputs.debug }}' - . ${{ github.action_path }}/scripts/windows-helpers.ps1 + . "$env:GITHUB_ACTION_PATH/scripts/windows-helpers.ps1" log DEBUG "Copying cached MSI to working directory" $cacheDir = "${{ runner.temp }}\twingate-cache" @@ -174,7 +174,7 @@ runs: shell: powershell run: | $env:DEBUG_MODE = '${{ inputs.debug }}' - . ${{ github.action_path }}/scripts/windows-helpers.ps1 + . "$env:GITHUB_ACTION_PATH/scripts/windows-helpers.ps1" # Download MSI $msiUrl = "https://api.twingate.com/download/windows?installer=msi" @@ -200,7 +200,7 @@ runs: shell: bash run: | export DEBUG_MODE='${{ inputs.debug }}' - source ${{ github.action_path }}/scripts/linux-helpers.sh + source "$GITHUB_ACTION_PATH/scripts/linux-helpers.sh" echo '${{ inputs.service-key }}' | sudo twingate setup --headless - MAX_RETRIES=5 @@ -248,7 +248,7 @@ runs: shell: powershell run: | $env:DEBUG_MODE = '${{ inputs.debug }}' - . ${{ github.action_path }}/scripts/windows-helpers.ps1 + . "$env:GITHUB_ACTION_PATH/scripts/windows-helpers.ps1" # Install Twingate client and start service Set-Content .\key.json '${{ inputs.service-key }}' From 421edf086b8cb832662ecc4e2e1243a307309fbb Mon Sep 17 00:00:00 2001 From: Lior Rozner Date: Tue, 24 Feb 2026 21:26:36 -0800 Subject: [PATCH 03/10] fix: support running in minimal Docker containers - Add SUDO variable to linux-helpers.sh that's empty when root - Replace hardcoded sudo with $SUDO in all Linux steps - Auto-install curl and gnupg if missing in container environments Co-Authored-By: Claude Opus 4.5 --- action.yml | 39 ++++++++++++++++++++++++++++----------- scripts/linux-helpers.sh | 7 +++++++ 2 files changed, 35 insertions(+), 11 deletions(-) diff --git a/action.yml b/action.yml index 07fc541..d3ca0e0 100644 --- a/action.yml +++ b/action.yml @@ -30,6 +30,21 @@ runs: log ERROR "Unsupported Runner OS: ${{ runner.os }}" exit 1 + - name: Install prerequisites (Linux) + if: runner.os == 'Linux' + shell: bash + run: | + # Check if we're in a minimal container environment missing required tools + MISSING_DEPS="" + command -v curl >/dev/null 2>&1 || MISSING_DEPS="$MISSING_DEPS curl" + command -v gpg >/dev/null 2>&1 || MISSING_DEPS="$MISSING_DEPS gnupg" + + if [ -n "$MISSING_DEPS" ]; then + echo "Installing missing dependencies:$MISSING_DEPS" + apt-get update + apt-get install -y $MISSING_DEPS + fi + - name: Get latest Twingate version (Linux) if: runner.os == 'Linux' && inputs.cache == 'true' id: twingate-version-linux @@ -121,8 +136,8 @@ runs: log DEBUG "Installing Twingate from cache" # Install all packages from cache directory (twingate + dependencies) - sudo dpkg -i ~/.twingate-cache/*.deb || true - sudo apt-get install -f -yq + $SUDO dpkg -i ~/.twingate-cache/*.deb || true + $SUDO apt-get install -f -yq - name: Copy cached MSI to working directory (Windows) if: runner.os == 'Windows' && inputs.cache == 'true' && steps.validate-cache-windows.outputs.valid == 'true' @@ -147,27 +162,29 @@ runs: if: runner.os == 'Linux' && (inputs.cache != 'true' || steps.cache-twingate-linux.outputs.cache-hit != 'true' || steps.validate-cache-linux.outputs.valid != 'true' || steps.twingate-version-linux.outputs.version == 'unknown') shell: bash run: | + source "$GITHUB_ACTION_PATH/scripts/linux-helpers.sh" + # Import Twingate GPG key for signature verification - curl -fsSL https://packages.twingate.com/apt/gpg.key | sudo gpg --batch --yes --no-tty --dearmor -o /usr/share/keyrings/twingate-client-keyring.gpg + curl -fsSL https://packages.twingate.com/apt/gpg.key | $SUDO gpg --batch --yes --no-tty --dearmor -o /usr/share/keyrings/twingate-client-keyring.gpg # Add Twingate repository with GPG key verification - echo "deb [signed-by=/usr/share/keyrings/twingate-client-keyring.gpg] https://packages.twingate.com/apt/ * *" | sudo tee /etc/apt/sources.list.d/twingate.list + echo "deb [signed-by=/usr/share/keyrings/twingate-client-keyring.gpg] https://packages.twingate.com/apt/ * *" | $SUDO tee /etc/apt/sources.list.d/twingate.list - sudo apt update - sudo apt-get update -o Dir::Etc::sourcelist="sources.list.d/twingate.list" -o Dir::Etc::sourceparts="-" -o APT::Get::List-Cleanup="0" + $SUDO apt update + $SUDO apt-get update -o Dir::Etc::sourcelist="sources.list.d/twingate.list" -o Dir::Etc::sourceparts="-" -o APT::Get::List-Cleanup="0" # Download all packages to cache if caching is enabled if [ "${{ steps.twingate-version-linux.outputs.version }}" != "unknown" ]; then mkdir -p ~/.twingate-cache # Download Twingate and all dependencies to cache directory - sudo apt-get install -yq --download-only -o Dir::Cache::Archives="$HOME/.twingate-cache" twingate + $SUDO apt-get install -yq --download-only -o Dir::Cache::Archives="$HOME/.twingate-cache" twingate # Install to resolve any missing dependencies, then download them - sudo apt-get install -yq --download-only -o Dir::Cache::Archives="$HOME/.twingate-cache" -f + $SUDO apt-get install -yq --download-only -o Dir::Cache::Archives="$HOME/.twingate-cache" -f # Fix permissions so cache action can save files - sudo chown -R "$(id -u)":"$(id -g)" "$HOME/.twingate-cache" + $SUDO chown -R "$(id -u)":"$(id -g)" "$HOME/.twingate-cache" fi - sudo apt install -yq twingate + $SUDO apt install -yq twingate - name: Download and cache Twingate MSI (Windows) if: runner.os == 'Windows' && (inputs.cache != 'true' || steps.cache-twingate-windows.outputs.cache-hit != 'true' || steps.validate-cache-windows.outputs.valid != 'true' || steps.twingate-version-windows.outputs.version == 'unknown') @@ -202,7 +219,7 @@ runs: export DEBUG_MODE='${{ inputs.debug }}' source "$GITHUB_ACTION_PATH/scripts/linux-helpers.sh" - echo '${{ inputs.service-key }}' | sudo twingate setup --headless - + echo '${{ inputs.service-key }}' | $SUDO twingate setup --headless - MAX_RETRIES=5 WAIT_TIME=5 n=0 diff --git a/scripts/linux-helpers.sh b/scripts/linux-helpers.sh index 27cb719..a0d20ea 100644 --- a/scripts/linux-helpers.sh +++ b/scripts/linux-helpers.sh @@ -2,6 +2,13 @@ # Linux helper functions for logging, version detection, and cache validation # Usage: source ./scripts/linux-helpers.sh +# Set SUDO to empty if running as root, otherwise "sudo" +if [ "$(id -u)" -eq 0 ]; then + SUDO="" +else + SUDO="sudo" +fi + log() { local level=$1 shift From 979893195a54c40b0d8a64f3dcb7e2ee5da89fc6 Mon Sep 17 00:00:00 2001 From: Lior Rozner Date: Tue, 24 Feb 2026 21:33:22 -0800 Subject: [PATCH 04/10] test: temporarily use branch for integration tests TODO: revert to @main after merging PR #71 Co-Authored-By: Claude Opus 4.5 --- .github/workflows/integration-tests.yaml | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/.github/workflows/integration-tests.yaml b/.github/workflows/integration-tests.yaml index 17ec2b1..e9c13c6 100644 --- a/.github/workflows/integration-tests.yaml +++ b/.github/workflows/integration-tests.yaml @@ -32,7 +32,8 @@ jobs: timeout-minutes: 5 steps: - name: Test published action - uses: twingate/github-action@main + # TODO: revert to @main after merging PR #71 + uses: twingate/github-action@feature/lr/support_for_running_inside_docker with: service-key: ${{ secrets[matrix.service-key] }} debug: ${{ inputs.debug || 'false' }} @@ -59,7 +60,8 @@ jobs: timeout-minutes: 10 steps: - name: Test published action - uses: twingate/github-action@main + # TODO: revert to @main after merging PR #71 + uses: twingate/github-action@feature/lr/support_for_running_inside_docker with: service-key: ${{ secrets.SERVICE_KEY }} debug: ${{ inputs.debug || 'false' }} @@ -89,7 +91,8 @@ jobs: timeout-minutes: 6 steps: - name: Test published action - uses: twingate/github-action@main + # TODO: revert to @main after merging PR #71 + uses: twingate/github-action@feature/lr/support_for_running_inside_docker with: service-key: ${{ secrets[matrix.service-key] }} debug: ${{ inputs.debug || 'false' }} From d8ab135e56693066eb308f8548ece5f6fd2fb7c4 Mon Sep 17 00:00:00 2001 From: Lior Rozner Date: Tue, 24 Feb 2026 21:35:45 -0800 Subject: [PATCH 05/10] revert: use @main for integration tests Co-Authored-By: Claude Opus 4.5 --- .github/workflows/integration-tests.yaml | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) diff --git a/.github/workflows/integration-tests.yaml b/.github/workflows/integration-tests.yaml index e9c13c6..17ec2b1 100644 --- a/.github/workflows/integration-tests.yaml +++ b/.github/workflows/integration-tests.yaml @@ -32,8 +32,7 @@ jobs: timeout-minutes: 5 steps: - name: Test published action - # TODO: revert to @main after merging PR #71 - uses: twingate/github-action@feature/lr/support_for_running_inside_docker + uses: twingate/github-action@main with: service-key: ${{ secrets[matrix.service-key] }} debug: ${{ inputs.debug || 'false' }} @@ -60,8 +59,7 @@ jobs: timeout-minutes: 10 steps: - name: Test published action - # TODO: revert to @main after merging PR #71 - uses: twingate/github-action@feature/lr/support_for_running_inside_docker + uses: twingate/github-action@main with: service-key: ${{ secrets.SERVICE_KEY }} debug: ${{ inputs.debug || 'false' }} @@ -91,8 +89,7 @@ jobs: timeout-minutes: 6 steps: - name: Test published action - # TODO: revert to @main after merging PR #71 - uses: twingate/github-action@feature/lr/support_for_running_inside_docker + uses: twingate/github-action@main with: service-key: ${{ secrets[matrix.service-key] }} debug: ${{ inputs.debug || 'false' }} From ba0bda0fbcda6c62c2e8e2ca3af035feb2806512 Mon Sep 17 00:00:00 2001 From: Lior Rozner Date: Tue, 24 Feb 2026 21:38:29 -0800 Subject: [PATCH 06/10] fix: address PR review feedback - Add "Print client logs" step to test-linux-docker jobs for debugging - Add SUDO logic to prerequisites step for non-root environments - Fix spacing in echo message Co-Authored-By: Claude Opus 4.5 --- .github/workflows/ci.yaml | 4 ++++ .github/workflows/integration-tests.yaml | 4 ++++ action.yml | 12 +++++++++--- 3 files changed, 17 insertions(+), 3 deletions(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index c8945cd..be5be0c 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -97,6 +97,10 @@ jobs: run: | curl -v $TEST_URL + - name: Print client logs + if: always() + run: journalctl -u twingate + test-windows: strategy: max-parallel: 4 diff --git a/.github/workflows/integration-tests.yaml b/.github/workflows/integration-tests.yaml index 17ec2b1..ff7d5bd 100644 --- a/.github/workflows/integration-tests.yaml +++ b/.github/workflows/integration-tests.yaml @@ -73,6 +73,10 @@ jobs: run: | curl -v $TEST_URL + - name: Print client logs + if: always() + run: journalctl -u twingate + test-windows: strategy: max-parallel: 4 diff --git a/action.yml b/action.yml index d3ca0e0..0144091 100644 --- a/action.yml +++ b/action.yml @@ -40,9 +40,15 @@ runs: command -v gpg >/dev/null 2>&1 || MISSING_DEPS="$MISSING_DEPS gnupg" if [ -n "$MISSING_DEPS" ]; then - echo "Installing missing dependencies:$MISSING_DEPS" - apt-get update - apt-get install -y $MISSING_DEPS + # Use sudo if not running as root and sudo is available + SUDO="" + if [ "$(id -u)" -ne 0 ] && command -v sudo >/dev/null 2>&1; then + SUDO="sudo" + fi + + echo "Installing missing dependencies: $MISSING_DEPS" + $SUDO apt-get update + $SUDO apt-get install -y $MISSING_DEPS fi - name: Get latest Twingate version (Linux) From 12f79d23639c119efbdc0f6e1f5821f4641a39ac Mon Sep 17 00:00:00 2001 From: Lior Rozner Date: Tue, 24 Feb 2026 21:44:06 -0800 Subject: [PATCH 07/10] fix: use /var/log/twingated.log in container environments When journalctl isn't available, Twingate logs to this file instead. Co-Authored-By: Claude Opus 4.5 --- .github/workflows/ci.yaml | 9 ++++++++- .github/workflows/integration-tests.yaml | 9 ++++++++- 2 files changed, 16 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index be5be0c..ca0db1a 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -99,7 +99,14 @@ jobs: - name: Print client logs if: always() - run: journalctl -u twingate + run: | + if command -v journalctl >/dev/null 2>&1; then + journalctl -u twingate + elif [ -f /var/log/twingated.log ]; then + cat /var/log/twingated.log + else + echo "No Twingate logs found" + fi test-windows: strategy: diff --git a/.github/workflows/integration-tests.yaml b/.github/workflows/integration-tests.yaml index ff7d5bd..6373211 100644 --- a/.github/workflows/integration-tests.yaml +++ b/.github/workflows/integration-tests.yaml @@ -75,7 +75,14 @@ jobs: - name: Print client logs if: always() - run: journalctl -u twingate + run: | + if command -v journalctl >/dev/null 2>&1; then + journalctl -u twingate + elif [ -f /var/log/twingated.log ]; then + cat /var/log/twingated.log + else + echo "No Twingate logs found" + fi test-windows: strategy: From 0d1d45a36c60452539e156c3d2de786d52f6c160 Mon Sep 17 00:00:00 2001 From: Eran Kampf <205185+ekampf@users.noreply.github.com> Date: Wed, 25 Feb 2026 09:06:29 -0800 Subject: [PATCH 08/10] Apply suggestion from @Copilot Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> --- scripts/linux-helpers.sh | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/scripts/linux-helpers.sh b/scripts/linux-helpers.sh index a0d20ea..c099603 100644 --- a/scripts/linux-helpers.sh +++ b/scripts/linux-helpers.sh @@ -2,11 +2,16 @@ # Linux helper functions for logging, version detection, and cache validation # Usage: source ./scripts/linux-helpers.sh -# Set SUDO to empty if running as root, otherwise "sudo" +# Set SUDO to empty if running as root. For non-root, require that "sudo" exists. if [ "$(id -u)" -eq 0 ]; then SUDO="" else - SUDO="sudo" + if command -v sudo >/dev/null 2>&1; then + SUDO="sudo" + else + echo "[ERROR] sudo is not available. Please install sudo or run this script as root." >&2 + exit 1 + fi fi log() { From a5ed0c520dc028d2152134d5d9d52eaabc17aa42 Mon Sep 17 00:00:00 2001 From: Eran Kampf <205185+ekampf@users.noreply.github.com> Date: Wed, 25 Feb 2026 09:06:59 -0800 Subject: [PATCH 09/10] fix error message --- scripts/linux-helpers.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/linux-helpers.sh b/scripts/linux-helpers.sh index c099603..fb7b7fa 100644 --- a/scripts/linux-helpers.sh +++ b/scripts/linux-helpers.sh @@ -9,7 +9,7 @@ else if command -v sudo >/dev/null 2>&1; then SUDO="sudo" else - echo "[ERROR] sudo is not available. Please install sudo or run this script as root." >&2 + echo "[ERROR] sudo is not available. Please run this script as root." >&2 exit 1 fi fi From 524ae8254b697a919bb2f52e6534ecc0ba1b7255 Mon Sep 17 00:00:00 2001 From: Eran Kampf Date: Wed, 25 Feb 2026 13:46:14 -0800 Subject: [PATCH 10/10] refactor sudo logic to be shared --- action.yml | 7 ++----- scripts/linux-helpers.sh | 13 ++----------- scripts/sudo-detect.sh | 16 ++++++++++++++++ 3 files changed, 20 insertions(+), 16 deletions(-) create mode 100755 scripts/sudo-detect.sh diff --git a/action.yml b/action.yml index 0144091..97afcd8 100644 --- a/action.yml +++ b/action.yml @@ -40,11 +40,8 @@ runs: command -v gpg >/dev/null 2>&1 || MISSING_DEPS="$MISSING_DEPS gnupg" if [ -n "$MISSING_DEPS" ]; then - # Use sudo if not running as root and sudo is available - SUDO="" - if [ "$(id -u)" -ne 0 ] && command -v sudo >/dev/null 2>&1; then - SUDO="sudo" - fi + # Detect if we need sudo for package installation + source "$GITHUB_ACTION_PATH/scripts/sudo-detect.sh" echo "Installing missing dependencies: $MISSING_DEPS" $SUDO apt-get update diff --git a/scripts/linux-helpers.sh b/scripts/linux-helpers.sh index fb7b7fa..09ec63c 100644 --- a/scripts/linux-helpers.sh +++ b/scripts/linux-helpers.sh @@ -2,17 +2,8 @@ # Linux helper functions for logging, version detection, and cache validation # Usage: source ./scripts/linux-helpers.sh -# Set SUDO to empty if running as root. For non-root, require that "sudo" exists. -if [ "$(id -u)" -eq 0 ]; then - SUDO="" -else - if command -v sudo >/dev/null 2>&1; then - SUDO="sudo" - else - echo "[ERROR] sudo is not available. Please run this script as root." >&2 - exit 1 - fi -fi +# Source SUDO detection +source "$(dirname "${BASH_SOURCE[0]}")/sudo-detect.sh" log() { local level=$1 diff --git a/scripts/sudo-detect.sh b/scripts/sudo-detect.sh new file mode 100755 index 0000000..86f993f --- /dev/null +++ b/scripts/sudo-detect.sh @@ -0,0 +1,16 @@ +#!/bin/bash +# Detects and sets SUDO variable for privilege escalation +# Usage: source sudo-detect.sh + +if [ "$(id -u)" -eq 0 ]; then + SUDO="" +else + if command -v sudo >/dev/null 2>&1; then + SUDO="sudo" + else + echo "[ERROR] sudo is not available. Please run this script as root." >&2 + exit 1 + fi +fi + +export SUDO