Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Cleaning up the working directory fails if the application created files/directories under different UID/GID. #3541

Open
GamePlayer-8 opened this issue Nov 6, 2024 · 0 comments
Labels
bug Something isn't working

Comments

@GamePlayer-8
Copy link

Describe the bug
In a GitHub-hosted runner the issue doesn't occur due to Azure clean-up strategy. While in the self-hosted runner is pretty common.

While the runtime creates the files owned by i.e. root under a non-root user (i.e. runner), the Post Checkout or whatever else fails to fully cleanup the working directory, resulting in further failures of the self-hosted and corruption of the pending steps / other workflows.

To Reproduce
Steps to reproduce the behavior:

  1. Create self-hosted runner.
  2. Run a workflow what's checking branch and creating a directory along with a file, both owned by root or other user.
  3. Create another workflow step what's checking out the same or other branch or re-run the workflow under the same repo or any other under the same runner.
  4. Get the error as follows:
Warning: Unable to clean or reset the repository. The repository will be recreated instead.
Deleting the contents of '/home/runner/actions-runner/_work/<working dir>/<repo>'
Error: File was unable to be removed Error: EACCES: permission denied, unlink '/home/runner/actions-runner/_work/<working dir>/<repo>/<root owned DIR>/<root owned FILE>'

Expected behavior
Once the step is finished, GitHub runner attempts to use SUDO as to cleanup remainings of the _work directory, in order to make sure the work zone is ready for the rest of the tasks.

Runner Version and Platform

Linux-x64-2.230.0

OS of the machine running the runner?
Debian 12 server

What's not working?

The final cleanup job of the runner.

Job Log Output

The log comes from https://github.com/GamePlayer-8/stoney-kernel/actions/runs/11687408761/job/32546565772

Run actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
  with:
    repository: GamePlayer-8/stoney-kernel
    token: ***
    ssh-strict: true
    ssh-user: git
    persist-credentials: true
    clean: true
    sparse-checkout-cone-mode: true
    fetch-depth: 1
    fetch-tags: false
    show-progress: true
    lfs: false
    submodules: false
    set-safe-directory: true
  env:
    DEBIAN_FRONTEND: noninteractive
    TZ: Etc/UTC
Syncing repository: GamePlayer-8/stoney-kernel
Getting Git version info
  Working directory is '/home/runner/actions-runner/_work/stoney-kernel/stoney-kernel'
  /usr/bin/git version
  git version 2.39.5
Temporarily overriding HOME='/home/runner/actions-runner/_work/_temp/099e3bdf-613f-4e79-a90d-85068bb500bc' before making global git config changes
Adding repository directory to the temporary git global config as a safe directory
/usr/bin/git config --global --add safe.directory /home/runner/actions-runner/_work/stoney-kernel/stoney-kernel
/usr/bin/git config --local --get remote.origin.url
https://github.com/GamePlayer-8/stoney-kernel
Removing previously created refs, to avoid conflicts
  /usr/bin/git rev-parse --symbolic-full-name --verify --quiet HEAD
  refs/heads/main
  /usr/bin/git checkout --detach
  HEAD is now at 1dd5b26 install gawk & diffutils to the alpine image
  /usr/bin/git branch --delete --force main
  Deleted branch main (was 1dd5b26).
/usr/bin/git submodule status
Cleaning the repository
Warning: Unable to clean or reset the repository. The repository will be recreated instead.
Deleting the contents of '/home/runner/actions-runner/_work/stoney-kernel/stoney-kernel'
Error: File was unable to be removed Error: EACCES: permission denied, unlink '/home/runner/actions-runner/_work/stoney-kernel/stoney-kernel/packages/kernel-alpine.tar.gz'

Runner and Worker's Diagnostic Logs

Worker_20241105-232849-utc.log

@GamePlayer-8 GamePlayer-8 added the bug Something isn't working label Nov 6, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug Something isn't working
Projects
None yet
Development

No branches or pull requests

1 participant