Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Setting ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION only works at workflow (not job/step) level #3370

Open
MPV opened this issue Jul 4, 2024 · 3 comments
Open

Setting ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION only works at workflow (not job/step) level #3370

MPV opened this issue Jul 4, 2024 · 3 comments
Labels
bug Something isn't working

Comments

@MPV
Copy link
Contributor

MPV commented Jul 4, 2024

Describe the bug

To Reproduce
Steps to reproduce the behavior:

  1. Use an action that fails on node20 but works on node16
  2. Set the ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION: true at the jobs.<job_id>.steps[*].env step level
  3. Run workflow

Expected behavior
While the blog post on the matter says:

To opt out of this and continue using Node16 while it is still available in the runner, you can choose to set ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION=true as an ‘env’ in their workflow or as an environment variable on your runner machine.

...it would make a lot more sense to just pick the older node version for just the steps (actions) that actually require it, so one can run this compatibility mode only for those single actions that actually require it (and keep it clear to maintainers and not obscure any other actions in the same workflow that may be added at a later time but also still require an upgrade).

Runner Version and Platform

Version of your runner? 2.317.0

OS of the machine running the runner? Linux

What's not working?

Seeing step output mentioning Node.js v20.13.1 when setting ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION at the jobs.<job_id>.steps[*].env step level.

...until I set ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION at the env workflow level.
@MPV MPV added the bug Something isn't working label Jul 4, 2024
@MPV MPV mentioned this issue Jul 4, 2024
Open
@MPV
Copy link
Contributor Author

MPV commented Jul 4, 2024

If it helps, I suspect this is the related code:

runner/src/Runner.Worker/JobRunner.cs

Lines 293 to 297 in 70746ff

if (jobContext.Global.Variables.TryGetValue(Constants.Runner.EnforcedNode16DetectedAfterEndOfLifeEnvVariable, out var node20ForceWarnings) && (jobContext.Global.Variables.GetBoolean("DistributedTask.ForceGithubJavascriptActionsToNode20") ?? false))
{
var actions = string.Join(", ", StringUtil.ConvertFromJson<HashSet<string>>(node20ForceWarnings));
jobContext.Warning(string.Format(Constants.Runner.EnforcedNode16DetectedAfterEndOfLife, actions));
}

@SirSaunders
Copy link

SirSaunders commented Jul 5, 2024
edited

We are getting the same issues as of yesterday, it seems to be effecting a lot of people since yesterday.

Just a couple I stumbled upon:
actions/checkout#1590
arenadata/gpdb#986
#3373
actions/checkout#1809

@SirSaunders
Copy link

If you do not want to update ALL the steps and workflow yamls you can add an env var on the runner. I did the following

cd actions-runner && echo "ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION=true" >> .env

Note: action-runner is the name of the folder I unpacked my runner to when I first set it up, yours may be named differently. The .env loads all the env var for the runner from there.

Ref the github actions doc here: https://docs.github.com/en/actions/hosting-your-own-runners/managing-self-hosted-runners/using-a-proxy-server-with-self-hosted-runners#using-a-env-file-to-set-the-proxy-configuration

@cbalioglu cbalioglu mentioned this issue Jul 5, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@MPV @SirSaunders