From 9c8ddbb3f3f2fc97db9283898b6a85aee7235fae Mon Sep 17 00:00:00 2001 From: Mathieu Virbel Date: Wed, 2 Jul 2025 15:17:05 -0600 Subject: [PATCH] feat: add sudo and sudoers (#20) * feat: add sudo and sudoers * Update cubbi/images/cubbi_init.py Co-authored-by: pr-agent-monadical[bot] <198624643+pr-agent-monadical[bot]@users.noreply.github.com> --------- Co-authored-by: pr-agent-monadical[bot] <198624643+pr-agent-monadical[bot]@users.noreply.github.com> --- cubbi/images/aider/Dockerfile | 3 ++- cubbi/images/aider/test_aider.py | 3 ++- cubbi/images/claudecode/Dockerfile | 3 ++- cubbi/images/cubbi_init.py | 10 ++++++++++ cubbi/images/goose/Dockerfile | 1 + cubbi/images/opencode/Dockerfile | 1 + 6 files changed, 18 insertions(+), 3 deletions(-) diff --git a/cubbi/images/aider/Dockerfile b/cubbi/images/aider/Dockerfile index b3b657e..ae8233f 100644 --- a/cubbi/images/aider/Dockerfile +++ b/cubbi/images/aider/Dockerfile @@ -6,6 +6,7 @@ LABEL description="Aider AI pair programming for Cubbi" # Install system dependencies including gosu for user switching RUN apt-get update && apt-get install -y --no-install-recommends \ gosu \ + sudo \ passwd \ bash \ curl \ @@ -64,4 +65,4 @@ RUN /cubbi/cubbi_init.py --help WORKDIR /app ENTRYPOINT ["/cubbi/cubbi_init.py"] -CMD ["tail", "-f", "/dev/null"] \ No newline at end of file +CMD ["tail", "-f", "/dev/null"] diff --git a/cubbi/images/aider/test_aider.py b/cubbi/images/aider/test_aider.py index 9730e38..d234c60 100755 --- a/cubbi/images/aider/test_aider.py +++ b/cubbi/images/aider/test_aider.py @@ -7,6 +7,7 @@ Tests Docker image build, API key configuration, and Cubbi CLI integration import subprocess import sys import tempfile +import re def run_command(cmd, description="", check=True): @@ -156,7 +157,7 @@ def test_cubbi_cli_integration(): assert ( result.returncode == 0 - and "aider 0.84.0" in result.stdout + and re.search(r"aider \d+\.\d+\.\d+", result.stdout) and "Cubbi CLI test successful" in result.stdout ), "Cubbi CLI session creation failed" print("✅ Cubbi CLI session creation works") diff --git a/cubbi/images/claudecode/Dockerfile b/cubbi/images/claudecode/Dockerfile index 3f15e3d..af96a27 100644 --- a/cubbi/images/claudecode/Dockerfile +++ b/cubbi/images/claudecode/Dockerfile @@ -6,6 +6,7 @@ LABEL description="Claude Code for Cubbi" # Install system dependencies including gosu for user switching RUN apt-get update && apt-get install -y --no-install-recommends \ gosu \ + sudo \ passwd \ bash \ curl \ @@ -69,4 +70,4 @@ RUN /cubbi/cubbi_init.py --help WORKDIR /app ENTRYPOINT ["/cubbi/cubbi_init.py"] -CMD ["tail", "-f", "/dev/null"] \ No newline at end of file +CMD ["tail", "-f", "/dev/null"] diff --git a/cubbi/images/cubbi_init.py b/cubbi/images/cubbi_init.py index a14e8a2..f90d0ba 100755 --- a/cubbi/images/cubbi_init.py +++ b/cubbi/images/cubbi_init.py @@ -222,6 +222,16 @@ class UserManager: ): return False + # Create the sudoers file entry for the 'cubbi' user + sudoers_command = [ + "sh", + "-c", + "echo 'cubbi ALL=(ALL) NOPASSWD:ALL' > /etc/sudoers.d/cubbi && chmod 0440 /etc/sudoers.d/cubbi", + ] + if not self._run_command(sudoers_command): + self.status.log("Failed to create sudoers entry for cubbi", "ERROR") + return False + return True diff --git a/cubbi/images/goose/Dockerfile b/cubbi/images/goose/Dockerfile index ab7087b..c8eb368 100644 --- a/cubbi/images/goose/Dockerfile +++ b/cubbi/images/goose/Dockerfile @@ -6,6 +6,7 @@ LABEL description="Goose for Cubbi" # Install system dependencies including gosu for user switching and shadow for useradd/groupadd RUN apt-get update && apt-get install -y --no-install-recommends \ gosu \ + sudo \ passwd \ bash \ curl \ diff --git a/cubbi/images/opencode/Dockerfile b/cubbi/images/opencode/Dockerfile index 5b4cd58..9948ec1 100644 --- a/cubbi/images/opencode/Dockerfile +++ b/cubbi/images/opencode/Dockerfile @@ -6,6 +6,7 @@ LABEL description="Opencode for Cubbi" # Install system dependencies including gosu for user switching and shadow for useradd/groupadd RUN apt-get update && apt-get install -y --no-install-recommends \ gosu \ + sudo \ passwd \ bash \ curl \