From 7ad749eece8cf2e96b8b9d3a66aae221d2b07374 Mon Sep 17 00:00:00 2001
From: Simon Cornet <simon@simoncor.net>
Date: Wed, 28 May 2025 19:02:22 +0200
Subject: [PATCH] feat: allow drone to use sh with env

---
 templates/usermanagement/sudoers.d/sudoers.j2 | 1 +
 1 file changed, 1 insertion(+)

diff --git a/templates/usermanagement/sudoers.d/sudoers.j2 b/templates/usermanagement/sudoers.d/sudoers.j2
index 1022a09..3b8659d 100644
--- a/templates/usermanagement/sudoers.d/sudoers.j2
+++ b/templates/usermanagement/sudoers.d/sudoers.j2
@@ -4,6 +4,7 @@ drone ansible.siempie.internal=(root) NOPASSWD:/usr/bin/git -C /etc/ansible *
 drone ansible.siempie.internal=(root) NOPASSWD:/usr/bin/git -C /etc/ansible/roles/common *
 drone ansible.siempie.internal=(root) NOPASSWD:/usr/local/bin/ansible-galaxy *
 drone ansible.siempie.internal=(root) NOPASSWD:/usr/local/bin/ansible-playbook *
+drone ansible.siempie.internal=(root) NOPASSWD:SETENV:/usr/bin/sh *
 {% endif %}
 {% if inventory_hostname == 'mgmt01.infra.vpn.mirahsimon.us' %}
 drone mgmt01.siempie.internal=(simon) NOPASSWD:/usr/local/bin/kubectl *