[conda] - Accept the terms of service for root and target user and conda cleanup (#1622)

Kaniska244 · web-flow · commit 8054e63d4047 · 2026-04-16T20:02:34.000+05:30
* [conda] - Accept the terms of service for root and target user and conda cleanup

* Removing the version bump.

* Removing commented lines.

* Retrigger test

* Revert the notes change
diff --git a/src/conda/install.sh b/src/conda/install.sh
@@ -86,10 +86,23 @@ accept_anaconda_tos_if_needed() {
 
     for channel in "https://repo.anaconda.com/pkgs/main" "https://repo.anaconda.com/pkgs/r"; do
         echo "Accepting Conda Terms of Service for ${channel}..."
+        # Accept as root (for install-time commands)
         "${CONDA_DIR}/bin/conda" tos accept --override-channels --channel "${channel}"
+        # Accept as the target user (for runtime usage)
+        sudo_if "${CONDA_DIR}/bin/conda" tos accept --override-channels --channel "${channel}"
     done
 }
 
+clean_conda_cache() {
+    "${CONDA_DIR}/bin/conda" clean --all --yes
+    find "${CONDA_DIR}" -type f -name '*.pyc' -delete
+    find "${CONDA_DIR}" -type d -name '__pycache__' -exec rm -rf {} +
+    rm -rf "${CONDA_DIR}/pkgs/cache" /root/.cache/pip
+    if [ "${USERNAME}" != "root" ]; then
+        rm -rf "/home/${USERNAME}/.cache/pip"
+    fi
+}
+
 # Install Conda if it's missing
 if ! conda --version &> /dev/null ; then
     if ! cat /etc/group | grep -e "^conda:" > /dev/null 2>&1; then
@@ -145,16 +158,7 @@ if ! conda --version &> /dev/null ; then
     
     find "${CONDA_DIR}" -type d -print0 | xargs -n 1 -0 chmod g+s
 
-    # Temporary fixes
-    # Due to https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23491
-    install_user_package certifi
-    # Due to https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0286 and https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23931
-    install_user_package cryptography
-    # Due to https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40897
-    install_user_package setuptools
-
-    install_user_package pluggy
-
+    clean_conda_cache
 fi
 
 # Display a notice on conda when not running in GitHub Codespaces
diff --git a/test/conda/conda_channel_creation_with_root.sh b/test/conda/conda_channel_creation_with_root.sh
@@ -0,0 +1 @@
+conda_channel_creation.sh
diff --git a/test/conda/install_conda_package_after_upgrade_with_root.sh b/test/conda/install_conda_package_after_upgrade_with_root.sh
@@ -0,0 +1 @@
+install_conda_package_after_upgrade.sh
diff --git a/test/conda/scenarios.json b/test/conda/scenarios.json
@@ -1,6 +1,6 @@
 {
     "install_conda": {
-        "image": "ubuntu:noble",
+        "image": "mcr.microsoft.com/devcontainers/base:noble",
         "features": {
             "conda": {
                 "version": "latest",
@@ -9,12 +9,24 @@
         }
     },
     "install_conda_package_after_upgrade": {
-        "image": "ubuntu:noble",
+        "image": "mcr.microsoft.com/devcontainers/base:noble",
         "features": {
             "conda": {}
         }
     },
     "conda_channel_creation": {
+        "image": "mcr.microsoft.com/devcontainers/base:noble",
+        "features": {
+            "conda": {}
+        }
+    },
+    "install_conda_package_after_upgrade_with_root": {
+        "image": "ubuntu:noble",
+        "features": {
+            "conda": {}
+        }
+    },
+    "conda_channel_creation_with_root": {
         "image": "ubuntu:noble",
         "features": {
             "conda": {}
