From d246b3e2de2676233ba77ea40180400f2353113c Mon Sep 17 00:00:00 2001 From: Ayaan Zaidi Date: Mon, 11 May 2026 11:20:25 +0530 Subject: [PATCH] ci(mantis): preserve codex action home through sudo --- .github/workflows/mantis-telegram-desktop-proof.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/mantis-telegram-desktop-proof.yml b/.github/workflows/mantis-telegram-desktop-proof.yml index 01fec6ec9c5..993336750fd 100644 --- a/.github/workflows/mantis-telegram-desktop-proof.yml +++ b/.github/workflows/mantis-telegram-desktop-proof.yml @@ -346,6 +346,8 @@ jobs: run: | set -euo pipefail sudo useradd --create-home --shell /bin/bash codex + printf '%s\n' 'Defaults env_keep += "CODEX_HOME CODEX_INTERNAL_ORIGINATOR_OVERRIDE"' | sudo tee /etc/sudoers.d/mantis-codex-env >/dev/null + sudo chmod 0440 /etc/sudoers.d/mantis-codex-env codex_home="/tmp/mantis-codex-home-${GITHUB_RUN_ID}" sudo install -d -m 0770 -o codex -g codex "$codex_home" sudo setfacl -m u:runner:rwx,u:codex:rwx "$codex_home"