Skip to content

Commit

Permalink
Fix permissions of .scannerwork directory (#57)
Browse files Browse the repository at this point in the history
  • Loading branch information
cody-simms-sonarsource authored Dec 8, 2023
1 parent 5ee47de commit e2a1ee7
Show file tree
Hide file tree
Showing 3 changed files with 14 additions and 3 deletions.
6 changes: 3 additions & 3 deletions Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -19,10 +19,10 @@ ENV LC_ALL="C.UTF-8"

WORKDIR /opt

# https://help.github.com/en/actions/creating-actions/dockerfile-support-for-github-actions#user
USER root

# Prepare entrypoint
COPY entrypoint.sh /entrypoint.sh
RUN chmod +x /entrypoint.sh
COPY cleanup.sh /cleanup.sh
RUN chmod +x /cleanup.sh
ENTRYPOINT ["/entrypoint.sh"]

2 changes: 2 additions & 0 deletions action.yml
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,8 @@ branding:
runs:
using: docker
image: Dockerfile
entrypoint: "/entrypoint.sh"
post-entrypoint: "/cleanup.sh"
inputs:
args:
description: Additional arguments to the sonarcloud scanner
Expand Down
9 changes: 9 additions & 0 deletions cleanup.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
#!/bin/bash

set -e

_tmp_file=$(ls "${INPUT_PROJECTBASEDIR}/" | head -1)
PERM=$(stat -c "%u:%g" "${INPUT_PROJECTBASEDIR}/$_tmp_file")

chown -R $PERM "${INPUT_PROJECTBASEDIR}/"

10 comments on commit e2a1ee7

@zhaoyi0113
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This commit seems break something during clean up. I got Access to the path '/home/runner/work/_temp/_github_workflow/event.json' is denied. on post run after this action.

@adrian-livefront
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Same thing happened with our pipelines @cody-simms-sonarsource

@cody-simms-sonarsource
Copy link
Contributor Author

@cody-simms-sonarsource cody-simms-sonarsource commented on e2a1ee7 Dec 11, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This commit seems break something during clean up. I got Access to the path '/home/runner/work/_temp/_github_workflow/event.json' is denied. on post run after this action.

@zhaoyi0113 @adrian-livefront Interesting. Are you running this action on a self-hosted runner?

@adrian-livefront
Copy link

@adrian-livefront adrian-livefront commented on e2a1ee7 Dec 11, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@cody-simms-sonarsource no, the failing pipelines ran on Github hosted runners

Current runner version: '2.311.0'
Operating System
  Ubuntu
  22.04.3
  LTS
Runner Image
  Image: ubuntu-22.04
  Version: 20231205.1.0
  Included Software: https://github.com/actions/runner-images/blob/ubuntu22/20231205.1/images/ubuntu/Ubuntu2204-Readme.md
  Image Release: https://github.com/actions/runner-images/releases/tag/ubuntu22%2F20231205.1
Runner Image Provisioner
  2.0.321.1

To be clear, a rollback to Sonar v2.0.2 fixed the issue.

The failed logs have a couple hundred lines of read-only errors, here's an excerpt:

chown: /proc/fb: Permission denied
chown: /proc/fs/ext4/sda1/fc_info: Read-only file system
chown: /proc/fs/ext4/sda1/options: Read-only file system
chown: /proc/fs/ext4/sda1/mb_stats: Read-only file system
chown: /proc/fs/ext4/sda1/mb_groups: Read-only file system
chown: /proc/fs/ext4/sda1/es_shrinker_info: Read-only file system
[...]

@cody-simms-sonarsource
Copy link
Contributor Author

@cody-simms-sonarsource cody-simms-sonarsource commented on e2a1ee7 Dec 11, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@adrian-livefront thanks for the info, I'm looking into a fix now. One more question, are you providing any value for the projectBaseDir input arg? If so, could you share it?

@adrian-livefront
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

For the runs in question, projectBaseDir was not used.

@cody-simms-sonarsource
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@adrian-livefront I've spent some time on this, but I have not been able to reproduce the issue. I think I have a fix but I'd like to make sure. Are you able to share the github workflow YAML file you're using?

@adrian-livefront
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Unfortunately I can not. But happy to verify concerns.

@cody-simms-sonarsource
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@adrian-livefront @zhaoyi0113 we released version 2.1.1 of the action, please give it a try and let me know if the issues persist.

@adrian-livefront
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

That did it, thanks for the quick fix @cody-simms-sonarsource!

Please sign in to comment.