I’m able to build, test and run my dockerized app through a single buildkite agent. Right now, I’m working on setting up an app server (including installing ssl and nginx conf) which requires root (or sudo) level permissions. If I’m going to do it over buildkite, I maybe should create a second agent, authorize it with sudo and create another pipeline targeting this agent. Because I don’t want to increase the permissions of the existing agent, it’s doing its job well. Maybe I’m thinking against buildkite pipelining concepts? Would like to hear if there is a recommended approach for this kind of jobs that require higher auth.
First i need to understand your environment. What Agent installation did you use? Are you using the docker plugins, also are you running this on the Elastic stack.
Your reasoning is correct, to have another agent that has the sudo level permissions. You should be able to run sudo but the only drawback with the permissions the agent will be able to do anything all the time which is not good.