Accepted
During infrastructure testing, specifically when running make test, users experienced poor UX due to
sudo password prompts being mixed with other command output. This created several problems:
- Mixed Output: The sudo password prompt appeared in the middle of verbose OpenTofu output, making it difficult to notice
- Test Hangs: Users would miss the password prompt, causing tests to hang indefinitely
- Unclear Timing: Users didn't know when sudo access would be needed during the test process
- Interrupted Flow: Password prompts appeared at unpredictable times during infrastructure provisioning
The issue occurred during OpenTofu's local-exec provisioner execution in
infrastructure/terraform/main.tf:
# Fix permissions after creation
provisioner "local-exec" {
command = "${path.module}/../scripts/fix-volume-permissions.sh"
}This script runs sudo commands for libvirt volume permission management, but the password prompt
was buried in OpenTofu's verbose output.
We chose Option 1: Pre-authorize sudo with timeout and clear user messaging.
-
Sudo Cache Management Functions in
scripts/shell-utils.sh:is_sudo_cached()- Check if sudo credentials are cachedensure_sudo_cached(description)- Warn user and cache sudo credentialsrun_with_sudo(description, command)- Run command with pre-cached sudoclear_sudo_cache()- Clear sudo cache for testing
-
Proactive Sudo Preparation:
- Cache sudo credentials before infrastructure operations begin
- Clear user messaging about when and why sudo is needed
- Use harmless
sudo -vcommand to cache without executing privileged operations
-
Integration Points:
tests/test-e2e.sh: Prepare sudo cache before infrastructure provisioninginfrastructure/scripts/provision-infrastructure.sh: Cache sudo beforetofu applyinfrastructure/scripts/fix-volume-permissions.sh: Use cached sudo for operations
Before:
make test
# ... lots of OpenTofu output ...
libvirt_volume.base_image (local-exec): Fixing libvirt volume permissions...
[sudo] password for user: # <- Hidden in output, easy to missAfter:
make test
⚠️ SUDO PREPARATION
Infrastructure provisioning requires administrator privileges
[sudo] password for user: # <- Clear, upfront prompt
✓ Administrator privileges confirmed and cached
# ... rest runs without interruption ...- Pros: Safe, minimal changes, clear UX, leverages existing sudo timeout
- Cons: Still requires password entry once
- Pros: No password prompts during tests
- Cons: Security risk, requires system configuration changes, complex setup
- Pros: Better output control
- Cons: Still needs sudo password, more complex Terraform
- Pros: No host sudo needed
- Cons: Complex implementation, may not solve all permission issues
- Pros: Simple implementation
- Cons: Doesn't solve the core mixing problem
- Pros: GUI prompts, better UX
- Cons: Complex setup, environment dependencies
- Pros: One-time setup eliminates problem
- Cons: Security implications, system configuration complexity
Option 1 was chosen because it:
- Maintains Security: Uses standard sudo timeout without permanent passwordless access
- Minimal Risk: Uses safe
sudo -vcommand that doesn't execute privileged operations - Clear UX: Users know exactly when and why password is needed
- Simple Implementation: Leverages existing sudo cache mechanism (~15 minutes)
- Backwards Compatible: Doesn't require system configuration changes
- Universal: Works across different Linux distributions and environments
# Check if sudo credentials are cached
is_sudo_cached() {
sudo -n true 2>/dev/null
}
# Warn user and ensure sudo is cached
ensure_sudo_cached() {
local operation_description="${1:-the operation}"
if is_sudo_cached; then
return 0
fi
log_warning "The next step requires administrator privileges"
log_info "You may be prompted for your password to ${operation_description}"
# Use harmless sudo command to cache credentials
if sudo -v; then
log_success "Administrator privileges confirmed"
return 0
else
log_error "Failed to obtain administrator privileges"
return 1
fi
}# Before any infrastructure operation that needs sudo
if ! ensure_sudo_cached "provision libvirt infrastructure"; then
log_error "Cannot proceed without administrator privileges"
exit 1
fi
# Now run operations that need sudo - no prompts expected
sudo chown -R libvirt-qemu:libvirt /var/lib/libvirt/images/- Better UX: Clear, predictable password prompts
- No Mixed Output: Password prompt happens before verbose operations
- Faster Tests: No hanging due to missed prompts
- Security Maintained: Uses standard sudo timeout mechanism
- Universal: Works in all environments without special setup
- Still Requires Password: Users must enter password once per test session
- Cache Dependency: Relies on system sudo timeout (usually 15 minutes)
- Additional Code: Added complexity in shell utilities
- Test Duration: No impact on test execution time
- Security Posture: Maintains existing security model
- Maintenance: Minimal ongoing maintenance required
Success of this decision can be measured by:
- Reduced Support Issues: Fewer reports of hanging tests or missed prompts
- Contributor Feedback: Improved developer experience feedback
- Test Reliability: More consistent test execution without manual intervention
- ADR-001: Makefile Location - Central automation interface
- ADR-002: Docker for All Services - Service architecture
- Original issue discussion with password prompt mixing
- Shell utilities implementation in
scripts/shell-utils.sh - Integration testing guide documentation
- Sudo cache timeout documentation:
man sudo