Source code issues with git and coveralls

[djhoese]

I'm looking for help on an issue that seems to have been going on for a while, but was only made obvious with the release of coveralls 4.0. In pre-4.0 jobs the Coveralls Parallel job showed errors like:

No source for /home/runner/work/satpy/satpy/satpy/writers/utils.py
Failed collecting git data. Are you running coveralls inside a git repository? Is git installed?
Traceback (most recent call last):
  File "/usr/local/lib/python3.12/site-packages/coveralls/git.py", line 82, in git_info
    'id': gitlog('%H'),
          ^^^^^^^^^^^^
  File "/usr/local/lib/python3.12/site-packages/coveralls/git.py", line 25, in gitlog
    glog = run_command('git', '--no-pager', 'log', '-1',
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.12/site-packages/coveralls/git.py", line 17, in run_command
    raise CoverallsException(
coveralls.exception.CoverallsException: command return code 128, STDOUT: "b''"
STDERR: "b"fatal: detected dubious ownership in repository at '/github/workspace'\nTo add an exception for this directory, call:\n\n\tgit config --global --add safe.directory /github/workspace\n""
cd /github/workspace

And now I get:

   File "/usr/local/lib/python3.12/site-packages/coveralls/reporter.py", line 51, in report
    raise CoverallsException(f'Got coverage library error: {e}') from e
coveralls.exception.CoverallsException: Got coverage library error: No source for code: '/home/runner/work/satpy/satpy/satpy/__init__.py'.

So I think the changes in coveralls 4.0 just made the previous issues more apparent. However, it isn't clear to me why this is happening at all as we use github's checkout action and that adds the safe.directory for us.

See pre-4.0 job here: https://github.com/pytroll/satpy/actions/runs/8895645100/job/24426490438 And post-4.0 job here: https://github.com/pytroll/satpy/actions/runs/8911051363/job/24471561248

Has anyone run into this and know how to work around it?

[djhoese]

It looks like the first major issue was that we accidentally removed the relative files configuration, but @AndreMiras it looks like I needed to add git config --global --add safe.directory /github/workspace otherwise I get the dubious ownership error. Have you run into this before?

[djhoese]

 Trying submitting coverage with service_name: github...
cd .
Failed collecting git data. Are you running coveralls inside a git repository? Is git installed?
Traceback (most recent call last):
  File "/usr/local/lib/python3.12/site-packages/coveralls/git.py", line 16, in run_command
    cmd = subprocess.run(
          ^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.12/subprocess.py", line 571, in run
    raise CalledProcessError(retcode, process.args,
subprocess.CalledProcessError: Command '['git', '--no-pager', 'log', '-1', '--pretty=format:%H']' returned non-zero exit status 128.

The above exception was the direct cause of the following exception:

Traceback (most recent call last):
  File "/usr/local/lib/python3.12/site-packages/coveralls/git.py", line 88, in git_info
    'id': gitlog('%H'),
          ^^^^^^^^^^^^
  File "/usr/local/lib/python3.12/site-packages/coveralls/git.py", line 30, in gitlog
    return run_command(
           ^^^^^^^^^^^^
  File "/usr/local/lib/python3.12/site-packages/coveralls/git.py", line 22, in run_command
    raise CoverallsException(
coveralls.exception.CoverallsException: Command '['git', '--no-pager', 'log', '-1', '--pretty=format:%H']' returned non-zero exit status 128.
STDOUT: b''
STDERR: b"fatal: detected dubious ownership in repository at '/github/workspace'\nTo add an exception for this directory, call:\n\n\tgit config --global --add safe.directory /github/workspace\n"
cd /github/workspace

[AndreMiras]

It doesn't ring the bell, but I haven't used coveralls much lately. Thanks for the bug report and the follow up

[djhoese]

I'm not sure what has changed in github actions or in the way they are calling docker/this image that is making this not work anymore. I had to modify this action's entrypoint to make this work, but I'm surprised I'm the first one to complain about it.

[AndreMiras]

Thanks for the follow up. Yes I think it happened with a recent git security patch. Feel free to make a PR to this repo with your change to the entrypoint

[loicgasser]

I can confirm I ran into the same issue. Thanks for fixing it @djhoese

[loicgasser]

ah yes it's not fixed more context here: https://github.com/actions/runner/issues/2033

[loicgasser]

that did it for me: https://github.com/djhoese/coveralls-python-action/compare/develop...KeenStrategy:coveralls-python-action:add-safe-directory?expand=1

[djhoese]

Oh I had just tried --global in the Dockerfile and that didn't work. --system may be the difference. Let me try that...

[djhoese]

@loicgasser Doing it in the Dockerfile doesn't seem to fix it for me when I use it in my downstream CI.

[djhoese]

See #26 for my attempt, but it does seem to be making coveralls mad.

[loicgasser]

I can confirm this did the trick for me as I am now pointing to this branch in all of my projects. We might need to work on fixing the tests..

[loicgasser]

FYI the failure comes from this repo not coveralls https://github.com/AndreMiras/coveralls-python-action/blob/develop/tests/test_entrypoint.py#L256

[djhoese]

Looks like coveralls-python no longer retries:

https://github.com/TheKevJames/coveralls-python/commit/44e95634387b1145cada5888d63dd062a0b9bef9

So I think changing that test to 2 makes sense. Agree? I might have to update the warning it checks for too.

[loicgasser]

Good find 👍 This seems reasonable to me