-
Notifications
You must be signed in to change notification settings - Fork 1.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Permission denied when "Deleting the contents of" #211
Comments
You may need to specify the checkout The containers are setup at the beginning of the job. And git clone will fail if the directory isnt empty. You could always symlink the dir back in place (or copy the files), if you need the data underneath the repository. Or if it's your test data, consider updating your scripts to allow the location to be overridden using an env var. |
I just removed the service and is working again. The thing is that I was able to use the script without problems (with the service) in the past. So AFAIK, the problem is that the service mount the volume before the github checkout and this create a existing file with the same name (I guess) and github/checkoutv2 cannot remove it, right? |
I experienced the same issue. To get around this I ran a command to change file permissions right before executing actions/checkout: sudo chown -R $USER:$USER /home/github/actions-runner/_work/{REPOSITORY_NAME_HERE} |
I'm going to add a troubleshooting doc. I'll add a section for this. |
Thank you for reporting this,. I am also facing the same issue.. But I still couldn't figure out a way to resolve this. Please help. |
Could you take a look at @jeremylynch response? |
I had to add "echo password" before, otherwise sudo is asking for password.
Is there a better solution? |
@ericsciple I have encountered a similar issue, but have not been able to sort it using the suggested solution by @jeremylynch. We're getting this error when using this action: And secrets.Nothing contains our PAT, which should be valid (defined for a user that has access to the repo, saved as a secret in the repo). Important note - the same flow works without using the container, and the checkout is successful. Any idea as to what the problem might be? I'll appreciate any advice |
@guykeller Is it solved? I have same problem when initialzing the repository |
Also having the same issue if I use a container. |
I was not able to solve this, and instead had to stop using a container altogether. |
Potentially related to actions/runner#434 |
@guykeller You may find something helpful here. |
Is there any way to simply make the checkout work with containers running as non-root? I'm trying something like: clone-and-install:
runs-on: ubuntu-latest
container:
image: mcr.microsoft.com/vscode/devcontainers/base:ubuntu
options: --user 1000
steps:
- uses: actions/checkout@v2 and it does not work. If I run the container as root it works by the way. |
@felipecrs Well, how it looks, GitHub runner, is running under user, with UID: 1001 and GID: 116
|
It makes sense. Do you know if is there any way to discover the UID dynamically? The |
@felipecrs No idea. Currently, I can see only two options. Hardcoded value or "Configure" Job where you can fetch UID and use it later. But it does not make sense. |
@felipecrs Something like this (runs-on must be equal):
But it is ridiculous. |
Thank you so much @xanantis! The need for this is indeed ridiculous, but it solves my problem. |
@felipecrs you're welcome 😄 |
@xanantis since I didn't find it documented anywhere, I suppose it can change anytime without any warnings, so I prefer to keep my builds safe. |
Any plan on fix this, this is quite annoying since many services limit user not to be root. |
I believe the maintainers should close this issue since it's not caused by this Action. And of course, point to the relevant repository. Reading actions/runner#434 description, I don't think it's so related. |
Hi, I'm just sharing a variant of @EKami's solution but with the clean-up task executed as a single step instead of a job to save a runner execution: generate-openapi-code:
name: Generate Go code from OpenAPI definitions
runs-on: [self-hosted, nodejs]
needs: [lint-openapi]
steps:
- name: Check out code
uses: actions/checkout@v3
# 🐳 Step spawning a Docker container 🐳
- name: Generate web API client packages
working-directory: ./history
run: |
npm install
# This task spawns a Docker container per the OpenAPI Generator CLI configuration file
# present in the current working directory 👇
npx @openapitools/openapi-generator-cli generate
- name: Archive Paylead API client package
uses: actions/upload-artifact@v3
with:
name: openapi-paylead-api-package
path: |
history/pkg/paylead_api
if-no-files-found: error
# Temporary solution.
# See https://github.com/actions/checkout/issues/211 for more details.
- name: Clean up GitHub workspace
uses: docker://ubuntu:latest # 👈 Clean-up done in a Docker container 🐳
with:
args: find /github/workspace/. -name . -o -prune -exec rm -rf -- {} + |
Hi was trying this out, but while running this command its asking for password how to pass the password without doing an echo and sending through pipe | |
Adding cleaning workspace step in workflow
Before Cloning the Repo First clean the workspace it will work. |
It was woring perfectly till today, I haven't changed a line, but I got this for today's build: |
@Yalchin403 |
I was able to resolve this by adding this step: - name: Chown user
run: |
sudo chown -R $USER:$USER $GITHUB_WORKSPACE |
If you run inside a docker container, no files are stored so the next time you run you shouldn't get the error:
|
Only solution that worked for me after 12 hours of debugging. |
I found a solution for this - check out the code of each job in a different directory so that different jobs don't interfere with each other. Here is my setup: name: ci-pipeline
#run-name: CI run for branch ${{ github.ref_name }}
on: [push]
jobs:
test:
runs-on: ts-hosted
steps:
- uses: actions/checkout@v3
with:
path: test
- run: bash ./scripts/ci.sh test
lint:
runs-on: ts-hosted
steps:
- uses: actions/checkout@v3
with:
path: lint
- run: bash ./scripts/ci.sh lint No monkey business changing permissions or dealing with sudo. |
If you're being prompted for a password when calling Appending something like this to the bottom
|
* Fix: override `WORKDIR` command * Patch: disabled if condition for testing * Patch: disable preceding workflow * Patch: add verbose option to check path * Patch: use `root` user according to actions/checkout#1014 * Patch: add a `chown` step to take ownership According to actions/checkout#211 * Patch: removed `sudo` as it's not found * Patch: add a `path` parameter? * Patch: try changing pwd * Patch: add `ls` to check what's happening * Patch: replace `--local` using `--global` * Patch: fix dubious ownership * Patch: trying to fix detached HEAD * Revert "Patch: disable preceding workflow" This reverts commit 2d1c778. * Revert "Patch: add verbose option to check path" This reverts commit 86d5211. * Revert "Patch: disabled if condition for testing" This reverts commit 83d4c4a. * Patch: remove `--dry-run` in deploy step * Patch: trying to remove `chown` step
Because we are now mounting volumes, the current user may not have the rights to delete the repository. Clone it elsewhere to workaround that for the Linux job. See actions/checkout#211
Hi checkout team,
I'm having an issue when actions/checkout@v2 is trying to delete the repository:
I tried to change the permissions of the file but still happening, this has been happening since yesterday. I think that could be a bug but correct me if I'm wrong.
My
.github/workflow/docker.yml
is like this:The text was updated successfully, but these errors were encountered: