Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Permissions denied to delete files #13

Closed
wrdls opened this issue Aug 30, 2023 · 5 comments · Fixed by #19
Closed

Permissions denied to delete files #13

wrdls opened this issue Aug 30, 2023 · 5 comments · Fixed by #19

Comments

@wrdls
Copy link

wrdls commented Aug 30, 2023
edited
Loading

devbox-install-action seems to be missing permissions to clean up it's own files.

This doesn't seem to affect the pipeline outcome, but it generates a lot of logs.

I call the action as follows:

    - name: Install devbox
      uses: jetpack-io/devbox-install-action@v0.6.0
      with:
        project-path: ${{ github.action_path }}
        enable-cache: 'true'
        refresh-cli: 'false'
        disable-nix-access-token: 'true'
        devbox-version: 0.5.11
Logs 
2023-08-30T07:18:52.8613548Z Requested labels: ubuntu-latest
2023-08-30T07:18:52.8615004Z Waiting for a runner to pick up this job...
2023-08-30T07:18:54.8704455Z Job is waiting for a hosted runner to come online.
2023-08-30T07:18:55.8642805Z Job is about to start running on the hosted runner: GitHub Actions 2 (hosted)
2023-08-30T07:18:59.8522963Z Current runner version: '2.308.0'
2023-08-30T07:18:59.8548766Z ##[group]Operating System
2023-08-30T07:18:59.8549333Z Ubuntu
2023-08-30T07:18:59.8549625Z 22.04.3
2023-08-30T07:18:59.8549958Z LTS
2023-08-30T07:18:59.8550214Z ##[endgroup]
2023-08-30T07:18:59.8550549Z ##[group]Runner Image
2023-08-30T07:18:59.8550899Z Image: ubuntu-22.04
2023-08-30T07:18:59.8551223Z Version: 20230821.1.0
2023-08-30T07:18:59.8551736Z Included Software: https://github.com/actions/runner-images/blob/ubuntu22/20230821.1/images/linux/Ubuntu2204-Readme.md
2023-08-30T07:18:59.8552396Z Image Release: https://github.com/actions/runner-images/releases/tag/ubuntu22%2F20230821.1
2023-08-30T07:18:59.8552863Z ##[endgroup]
2023-08-30T07:18:59.8553209Z ##[group]Runner Image Provisioner
2023-08-30T07:18:59.8553510Z 2.0.266.1
2023-08-30T07:18:59.8553844Z ##[endgroup]
2023-08-30T07:18:59.8554502Z ##[group]GITHUB_TOKEN Permissions
2023-08-30T07:18:59.8555028Z Contents: read
2023-08-30T07:18:59.8555303Z Metadata: read
2023-08-30T07:18:59.8555863Z ##[endgroup]
...
2023-08-30T07:19:06.1406861Z ##[group]Run jetpack-io/devbox-install-action@v0.6.0
2023-08-30T07:19:06.1407142Z with:
2023-08-30T07:19:06.1407444Z   project-path: /home/runner/work/_actions/mycompany/mycustom-action/main
2023-08-30T07:19:06.1407768Z   enable-cache: true
2023-08-30T07:19:06.1407997Z   refresh-cli: false
2023-08-30T07:19:06.1408240Z   disable-nix-access-token: true
2023-08-30T07:19:06.1408495Z   devbox-version: 0.5.11
2023-08-30T07:19:06.1408718Z ##[endgroup]
2023-08-30T07:19:06.1476735Z ##[group]Run sudo chmod u+s "$(command -v tar)"
2023-08-30T07:19:06.1477121Z �[36;1msudo chmod u+s "$(command -v tar)"�[0m
2023-08-30T07:19:06.1537159Z shell: /usr/bin/bash --noprofile --norc -e -o pipefail {0}
2023-08-30T07:19:06.1537483Z ##[endgroup]
2023-08-30T07:19:06.2613732Z ##[group]Run actions/cache@v3
2023-08-30T07:19:06.2613964Z with:
2023-08-30T07:19:06.2614271Z   path: ~/.nix-defexpr
~/.nix-profile
/nix/store
/nix/var/nix
~/.local/state/nix

2023-08-30T07:19:06.2614600Z   key: Linux-devbox-
2023-08-30T07:19:06.2614847Z   enableCrossOsArchive: false
2023-08-30T07:19:06.2615108Z   fail-on-cache-miss: false
2023-08-30T07:19:06.2615342Z   lookup-only: false
2023-08-30T07:19:06.2615554Z ##[endgroup]
2023-08-30T07:19:06.4927878Z Cache not found for input keys: Linux-devbox-
2023-08-30T07:19:06.5006057Z ##[group]Run if [[ -n $DEVBOX_USE_VERSION ]]; then
2023-08-30T07:19:06.5006410Z �[36;1mif [[ -n $DEVBOX_USE_VERSION ]]; then�[0m
2023-08-30T07:19:06.5006746Z �[36;1m  echo "latest_version=$DEVBOX_USE_VERSION" >> $GITHUB_ENV�[0m
2023-08-30T07:19:06.5007044Z �[36;1melse�[0m
2023-08-30T07:19:06.5007266Z �[36;1m  tmp_file=$(mktemp)�[0m
2023-08-30T07:19:06.5007599Z �[36;1m  latest_url="https://releases.jetpack.io/devbox/stable/version"�[0m
2023-08-30T07:19:06.5008003Z �[36;1m  curl --fail --silent --location --output "${tmp_file}" "${latest_url}"�[0m
2023-08-30T07:19:06.5008342Z �[36;1m  latest_version=$(cat "${tmp_file}")�[0m
2023-08-30T07:19:06.5008637Z �[36;1m  if [[ -n ${latest_version} ]]; then�[0m
2023-08-30T07:19:06.5008961Z �[36;1m    echo "Found devbox latest version ${latest_version}."�[0m
2023-08-30T07:19:06.5009311Z �[36;1m    echo "latest_version=$latest_version" >> $GITHUB_ENV�[0m
2023-08-30T07:19:06.5009579Z �[36;1m  else�[0m
2023-08-30T07:19:06.5009864Z �[36;1m    echo "ERROR: unable to find the latest devbox version."�[0m
2023-08-30T07:19:06.5010147Z �[36;1m    exit 1�[0m
2023-08-30T07:19:06.5010353Z �[36;1m  fi�[0m
2023-08-30T07:19:06.5010547Z �[36;1mfi�[0m
2023-08-30T07:19:06.5065630Z shell: /usr/bin/bash --noprofile --norc -e -o pipefail {0}
2023-08-30T07:19:06.5065966Z env:
2023-08-30T07:19:06.5066196Z   DEVBOX_USE_VERSION: 0.5.11
2023-08-30T07:19:06.5066426Z ##[endgroup]
2023-08-30T07:19:06.5344609Z ##[group]Run actions/cache@v3
2023-08-30T07:19:06.5345387Z with:
2023-08-30T07:19:06.5345632Z   path: /usr/local/bin/devbox
2023-08-30T07:19:06.5345906Z   key: Linux-devbox-0.5.11
2023-08-30T07:19:06.5346186Z   enableCrossOsArchive: false
2023-08-30T07:19:06.5346643Z   fail-on-cache-miss: false
2023-08-30T07:19:06.5346908Z   lookup-only: false
2023-08-30T07:19:06.5347146Z env:
2023-08-30T07:19:06.5347376Z   latest_version: 0.5.11
2023-08-30T07:19:06.5347619Z ##[endgroup]
2023-08-30T07:19:06.7900601Z Cache not found for input keys: Linux-devbox-0.5.11
2023-08-30T07:19:06.8001070Z ##[group]Run export DEVBOX_USE_VERSION="0.5.11"
2023-08-30T07:19:06.8001428Z �[36;1mexport DEVBOX_USE_VERSION="0.5.11"�[0m
2023-08-30T07:19:06.8001777Z �[36;1mcurl -fsSL https://get.jetpack.io/devbox | FORCE=1 bash�[0m
2023-08-30T07:19:06.8002070Z �[36;1m�[0m
2023-08-30T07:19:06.8002465Z �[36;1mversion=$(devbox version)�[0m
2023-08-30T07:19:06.8002763Z �[36;1mif [[ ! "$version" = "$DEVBOX_USE_VERSION" ]]; then�[0m
2023-08-30T07:19:06.8003172Z �[36;1m  echo "ERROR: mismatch devbox version downloaded. Expected $DEVBOX_USE_VERSION, got $version."�[0m
2023-08-30T07:19:06.8003518Z �[36;1m  exit 1�[0m
2023-08-30T07:19:06.8003725Z �[36;1mfi�[0m
2023-08-30T07:19:06.8004018Z �[36;1mDEVBOX_BINARY="$(find "${HOME}/.cache/devbox/bin" -name devbox)"�[0m
2023-08-30T07:19:06.8004351Z �[36;1mif [ -n "$DEVBOX_SHA256" ]; then�[0m
2023-08-30T07:19:06.8004658Z �[36;1m  if command -v "sha256sum" 1>/dev/null 2>&1; then�[0m
2023-08-30T07:19:06.8004993Z �[36;1m    # Linux distributions will likely have this.�[0m
2023-08-30T07:19:06.8005347Z �[36;1m    DEVBOX_CHECKSUM="$(sha256sum "$DEVBOX_BINARY" | cut -f1 -d' ')"�[0m
2023-08-30T07:19:06.8005699Z �[36;1m  elif command -v "shasum" 1>/dev/null 2>&1; then�[0m
2023-08-30T07:19:06.8005992Z �[36;1m    # MacOS comes with this.�[0m
2023-08-30T07:19:06.8006323Z �[36;1m    DEVBOX_CHECKSUM="$(shasum -a 256 "$DEVBOX_BINARY" | cut -f1 -d' ')"�[0m
2023-08-30T07:19:06.8006617Z �[36;1m  fi�[0m
2023-08-30T07:19:06.8006809Z �[36;1m�[0m
2023-08-30T07:19:06.8007042Z �[36;1m  if [ -z "$DEVBOX_CHECKSUM" ]; then�[0m
2023-08-30T07:19:06.8007429Z �[36;1m    echo "ERROR: unable to get devbox checksum. Please ensure sha256sum or shasum is installed."�[0m
2023-08-30T07:19:06.8007776Z �[36;1m    exit 2�[0m
2023-08-30T07:19:06.8007996Z �[36;1m  fi�[0m
2023-08-30T07:19:06.8008183Z �[36;1m�[0m
2023-08-30T07:19:06.8008442Z �[36;1m  if [[ ! "$DEVBOX_CHECKSUM" = "$DEVBOX_SHA256" ]]; then�[0m
2023-08-30T07:19:06.8008835Z �[36;1m    echo "ERROR: checksums do not match. Expected $DEVBOX_SHA256, got $DEVBOX_CHECKSUM."�[0m
2023-08-30T07:19:06.8009163Z �[36;1m    exit 3�[0m
2023-08-30T07:19:06.8009363Z �[36;1m  fi�[0m
2023-08-30T07:19:06.8009555Z �[36;1mfi�[0m
2023-08-30T07:19:06.8009816Z �[36;1msudo mv "$DEVBOX_BINARY" /usr/local/bin/devbox�[0m
2023-08-30T07:19:06.8063736Z shell: /usr/bin/bash --noprofile --norc -e -o pipefail {0}
2023-08-30T07:19:06.8064033Z env:
2023-08-30T07:19:06.8064241Z   latest_version: 0.5.11
2023-08-30T07:19:06.8064470Z   DEVBOX_SHA256:
2023-08-30T07:19:06.8064681Z ##[endgroup]
2023-08-30T07:19:07.1336978Z Devbox 📦 by jetpack.io
2023-08-30T07:19:07.1337762Z   Instant and predictable development environments and containers.
2023-08-30T07:19:07.1338272Z
2023-08-30T07:19:07.1338676Z   This script downloads and installs the latest devbox binary.
2023-08-30T07:19:07.1338942Z
2023-08-30T07:19:07.1339059Z Confirm Installation Details
2023-08-30T07:19:07.1339341Z   Location:     /usr/local/bin/devbox
2023-08-30T07:19:07.1339678Z   Download URL: https://releases.jetpack.io/devbox
2023-08-30T07:19:07.1339885Z
2023-08-30T07:19:07.1339897Z
2023-08-30T07:19:07.1341127Z Downloading and Installing
2023-08-30T07:19:07.1341703Z → Downloading devbox binary...
2023-08-30T07:19:07.6986883Z �[1F�[0K✓ Downloading devbox binary... [DONE]
2023-08-30T07:19:07.6987713Z → Installing in /usr/local/bin/devbox (requires sudo)...
2023-08-30T07:19:08.0132307Z �[1F�[0K✓ Installing in /usr/local/bin/devbox... [DONE]
2023-08-30T07:19:08.3149048Z ✓ Successfully installed devbox 🚀
2023-08-30T07:19:08.6162595Z
2023-08-30T07:19:08.6163284Z Next Steps
2023-08-30T07:19:08.6165950Z   1. Learn how to use devbox
2023-08-30T07:19:08.6166711Z      Run devbox help or read the docs at https://github.com/jetpack-io/devbox
2023-08-30T07:19:08.6167828Z   2. Get help and give feedback
2023-08-30T07:19:08.6168416Z      Join our community at https://discord.gg/jetpack-io
2023-08-30T07:19:08.6433447Z → Downloading version 0.5.11...
2023-08-30T07:19:09.4737199Z �[1F�[0K✓ Downloading version 0.5.11... [DONE]
2023-08-30T07:19:09.4768019Z → Verifying checksum...
2023-08-30T07:19:09.8277196Z �[1F�[0K✓ Verifying checksum... [DONE]
2023-08-30T07:19:09.8277587Z → Unpacking binary...
2023-08-30T07:19:10.0095610Z �[1F�[0K✓ Unpacking binary... [DONE]
2023-08-30T07:19:10.0128998Z
2023-08-30T07:19:10.0491586Z ##[group]Run NIX_INSTALLER_NO_CHANNEL_ADD=1
2023-08-30T07:19:10.0492078Z �[36;1mNIX_INSTALLER_NO_CHANNEL_ADD=1�[0m
2023-08-30T07:19:10.0492344Z �[36;1mNIX_BUILD_SHELL=/bin/bash�[0m
2023-08-30T07:19:10.0492734Z �[36;1mdevbox run --config=/home/runner/work/_actions/mycompany/mycustom-action/main -- echo "Packages installed!"�[0m
2023-08-30T07:19:10.0547318Z shell: /usr/bin/bash --noprofile --norc -e -o pipefail {0}
2023-08-30T07:19:10.0547620Z env:
2023-08-30T07:19:10.0547872Z   latest_version: 0.5.11
2023-08-30T07:19:10.0548105Z ##[endgroup]
2023-08-30T07:19:10.0678494Z
2023-08-30T07:19:10.0678979Z Nix is not installed. Devbox will attempt to install it.
2023-08-30T07:19:10.0679545Z
2023-08-30T07:19:10.0681482Z Installing nix with: curl -L https://nixos.org/nix/install | sh -s
2023-08-30T07:19:10.0681860Z This may require sudo access.
2023-08-30T07:19:10.0745035Z   % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
2023-08-30T07:19:10.0745771Z                                  Dload  Upload   Total   Spent    Left  Speed
2023-08-30T07:19:10.0746270Z
2023-08-30T07:19:10.3264568Z   0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0
2023-08-30T07:19:10.3267827Z   0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0
2023-08-30T07:19:10.4462840Z
2023-08-30T07:19:10.4464319Z 100  4052  100  4052    0     0  10890      0 --:--:-- --:--:-- --:--:-- 10890
2023-08-30T07:19:10.4509677Z downloading Nix 2.17.0 binary tarball for x86_64-linux from 'https://releases.nixos.org/nix/nix-2.17.0/nix-2.17.0-x86_64-linux.tar.xz' to '/tmp/nix-binary-tarball-unpack.YYsbj5Tg6v'...
2023-08-30T07:19:10.4559138Z   % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
2023-08-30T07:19:10.4559546Z                                  Dload  Upload   Total   Spent    Left  Speed
2023-08-30T07:19:10.4559762Z
2023-08-30T07:19:10.5599094Z   0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0
2023-08-30T07:19:10.9574787Z   0 21.1M    0  8385    0     0  80485      0  0:04:35 --:--:--  0:04:35 79857
2023-08-30T07:19:10.9575674Z 100 21.1M  100 21.1M    0     0  42.1M      0 --:--:-- --:--:-- --:--:-- 42.0M
2023-08-30T07:19:13.1676097Z Note: a multi-user installation is possible. See https://nixos.org/manual/nix/stable/installation/installing-binary.html#multi-user-installation
2023-08-30T07:19:13.1726924Z performing a single-user installation of Nix...
2023-08-30T07:19:13.1727519Z directory /nix does not exist; creating it by running 'mkdir -m 0755 /nix && chown runner /nix' using sudo
2023-08-30T07:19:13.1829466Z copying Nix to /nix/store...
2023-08-30T07:19:13.5476134Z
2023-08-30T07:19:13.6181939Z installing 'nix-2.17.0'
2023-08-30T07:19:13.6279048Z building '/nix/store/61gizrp8m1wm9r9jh9ric60fdri1m0fc-user-environment.drv'...
2023-08-30T07:19:14.7862934Z unpacking channels...
2023-08-30T07:19:24.8684673Z modifying /home/runner/.bash_profile...
2023-08-30T07:19:24.8691304Z
2023-08-30T07:19:24.8692124Z Installation finished!  To ensure that the necessary environment
2023-08-30T07:19:24.8693179Z variables are set, either log in again, or type
2023-08-30T07:19:24.8693587Z
2023-08-30T07:19:24.8694040Z   . /home/runner/.nix-profile/etc/profile.d/nix.sh
2023-08-30T07:19:24.8694317Z
2023-08-30T07:19:24.8694486Z in your shell.
2023-08-30T07:19:24.8739669Z rm: cannot remove '/tmp/nix-binary-tarball-unpack.YYsbj5Tg6v/unpack/nix-2.17.0-x86_64-linux/install-systemd-multi-user.sh': Permission denied
2023-08-30T07:19:24.8742240Z rm: cannot remove '/tmp/nix-binary-tarball-unpack.YYsbj5Tg6v/unpack/nix-2.17.0-x86_64-linux/install': Permission denied
2023-08-30T07:19:24.8744047Z rm: cannot remove '/tmp/nix-binary-tarball-unpack.YYsbj5Tg6v/unpack/nix-2.17.0-x86_64-linux/install-multi-user': Permission denied
2023-08-30T07:19:24.8745438Z rm: cannot remove '/tmp/nix-binary-tarball-unpack.YYsbj5Tg6v/unpack/nix-2.17.0-x86_64-linux/store/jpj9lx0p2h1vs3gkzj8jh350113bsm84-sqlite-3.39.4/lib/libsqlite3.so.0.8.6': Permission denied
...
@savil
Copy link

savil commented Aug 30, 2023

@LucilleH are you familiar already with how to edit the permissions for this action? If not, I can look into it.

@LucilleH
Copy link
Contributor

LucilleH commented Aug 30, 2023
edited
Loading

looks like this step is not getting around the permission issue as it promises. @savil can you look? I'm a bit swamped this week

@alexpovel
Copy link

alexpovel commented Sep 5, 2023
edited
Loading

I also ran into that issue, and can provide a "live example" for debugging. Perhaps useful to you. In that example, that pipeline step is fine and finishes, like the OP observed as well.

However, that run was a couple days ago, and by now the install pipeline step itself doesn't finish successfully anymore. Not sure if that's related to the /tmp deletion issue though...

EDIT: Nope, second issue is unrelated to first one. Removing enable-cache: true gets rid of the permission issue, but the error persists: ERROR: mismatch devbox version downloaded. Expected 0.5.12, got ... scroll down to end of output... 0.5.12.. Which is... bizarre! Perhaps a whitespace issue here...? Got rid of this one by specifying devbox-version: 0.5.11 for the action. In any case, a separate issue. Isn't bash wonderful 😋

@alexpovel alexpovel mentioned this issue Sep 5, 2023
Merged
@savil
Copy link

savil commented Sep 5, 2023

@alexpovel thanks for reporting your experience.

I pulled out the second bug into its own issue #15. We are looking into it.

@savil
Copy link

savil commented Sep 6, 2023

From https://github.com/alexpovel/ancv/actions/runs/6047793118/job/16411917582#step:3:173

rm: cannot remove '/tmp/nix-binary-tarball-unpack.2fjskgl82F/unpack/nix-2.17.0-x86_64-linux/install-systemd-multi-user.sh': Permission denied
rm: cannot remove '/tmp/nix-binary-tarball-unpack.2fjskgl82F/unpack/nix-2.17.0-x86_64-linux/install': Permission denied
rm: cannot remove '/tmp/nix-binary-tarball-unpack.2fjskgl82F/unpack/nix-2.17.0-x86_64-linux/install-multi-user': Permission denied
rm: cannot remove '/tmp/nix-binary-tarball-unpack.2fjskgl82F/unpack/nix-2.17.0-x86_64-linux/store/jpj9lx0p2h1vs3gkzj8jh350113bsm84-sqlite-3.39.4/lib/libsqlite3.so.0.8.6': Permission denied
...

These errors seem to be from the nix installer trying to clean up itself.

@LucilleH LucilleH mentioned this issue Sep 19, 2023
Merged
github-merge-queue bot pushed a commit that referenced this issue Sep 19, 2023
@LucilleH
Fix macos caching issue (#19)
572189b 
### Description
macOS caching is broken. This PR fixes it. This is related to `gtar` not
having `sudo` permission, but `/nix/store` requires sudo. There are many
many related issues out there. eg.
actions/cache#749

I also switched to using DeterminateSystems nix installer. However, I
noticed that even though cache is successfully restored in the latest
round of CICD, we are still fetching the binaries from remote? (at least
based on the log lines) Why is that?

I suspect that I'm missing some sqlite data in the cached files. cc
@savil @gcurtis if any of you have insights into this.

EDIT: SOLVED. Added xdg paths in the cache and it reduces the time by
half. 🎉 🎉 🎉

closes #13
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Fix macos caching issue jetify-com/devbox-install-action
4 participants
@savil @LucilleH @wrdls @alexpovel