unrecognized arguments in kubernetes mode

[mrclrchtr]

Checks

• [X] I've already read https://docs.github.com/en/actions/hosting-your-own-runners/managing-self-hosted-runners-with-actions-runner-controller/troubleshooting-actions-runner-controller-errors and I'm sure my issue is not covered in the troubleshooting guide.
• [X] I am using charts that are officially provided

Controller Version

0.9.1

Deployment Method

ArgoCD

Checks

• [X] This isn't a question or user support case (For Q&A and community support, go to Discussions).
• [X] I've read the Changelog before submitting this issue and I'm sure it's not due to any recently-introduced backward-incompatible changes

To Reproduce

1. Enable kubernetes mode:
2. Execute the checkov action

Describe the bug

Error Message:

Run bridgecrewio/checkov-action@16a499510c688de562827ce542c1bc3e641aea2c
  with:
    output_format: cli,sarif
    output_file_path: console,results.sarif
    download_external_modules: true
    skip_check: CKV_GIT_5,CKV_GIT_6,CKV_TF_1
    quiet: true
    directory: .
    log_level: WARNING
    container_user: 0
Run '/home/runner/k8s/index.js'
  shell: /home/runner/externals/node16/bin/node {0}
usage: checkov [-h] [-v] [--support] [-d DIRECTORY] [--add-check]
               [-f FILE [FILE ...]] [--skip-path SKIP_PATH]
               [--external-checks-dir EXTERNAL_CHECKS_DIR]
               [--external-checks-git EXTERNAL_CHECKS_GIT] [-l]
               [-o {cli,csv,cyclonedx,cyclonedx_json,json,junitxml,github_failed_only,gitlab_sast,sarif,spdx}]
               [--output-file-path OUTPUT_FILE_PATH] [--output-bc-ids]
               [--include-all-checkov-policies] [--quiet] [--compact]
               [--framework FRAMEWORK [FRAMEWORK ...]]
               [--skip-framework SKIP_FRAMEWORK [SKIP_FRAMEWORK ...]]
               [-c CHECK] [--skip-check SKIP_CHECK]
               [--run-all-external-checks] [-s] [--soft-fail-on SOFT_FAIL_ON]
               [--hard-fail-on HARD_FAIL_ON] [--bc-api-key BC_API_KEY]
               [--prisma-api-url PRISMA_API_URL] [--skip-results-upload]
               [--docker-image DOCKER_IMAGE]
               [--dockerfile-path DOCKERFILE_PATH] [--repo-id REPO_ID]
               [-b BRANCH] [--skip-download] [--use-enforcement-rules]
               [--download-external-modules DOWNLOAD_EXTERNAL_MODULES]
               [--var-file VAR_FILE]
               [--external-modules-download-path EXTERNAL_MODULES_DOWNLOAD_PATH]
               [--evaluate-variables EVALUATE_VARIABLES] [-ca CA_CERTIFICATE]
               [--no-cert-verify]
               [--repo-root-for-plan-enrichment REPO_ROOT_FOR_PLAN_ENRICHMENT]
               [--config-file CONFIG_FILE] [--create-config CREATE_CONFIG]
               [--show-config] [--create-baseline] [--baseline BASELINE]
               [--output-baseline-as-skipped]
               [--skip-cve-package SKIP_CVE_PACKAGE]
               [--policy-metadata-filter POLICY_METADATA_FILTER]
               [--policy-metadata-filter-exception POLICY_METADATA_FILTER_EXCEPTION]
               [--secrets-scan-file-type SECRETS_SCAN_FILE_TYPE]
               [--enable-secret-scan-all-files]
               [--block-list-secret-scan BLOCK_LIST_SECRET_SCAN]
               [--summary-position {top,bottom}]
               [--skip-resources-without-violations] [--deep-analysis]
               [--no-fail-on-crash] [--mask MASK] [--scan-secrets-history]
               [--secrets-history-timeout SECRETS_HISTORY_TIMEOUT]
               [--openai-api-key OPENAI_API_KEY]
checkov: error: unrecognized arguments:  .  CKV_GIT_5,CKV_GIT_6,CKV_TF_1  true         cli,sarif console,results.sarif true  WARNING             --user 0
Error: Error: job k8s-runner-[2](https://github.com/mrclrchtr-de/git-ops/actions/runs/8740064621/job/23982844967#step:3:2)xdt7-runner-mpxc7-step-46c[3](https://github.com/mrclrchtr-de/git-ops/actions/runs/8740064621/job/23982844967#step:3:3)b8aa has failed
Error: Process completed with exit code 1.
Error: Executing the custom container implementation failed. Please contact your self hosted runner administrator.

Describe the expected behavior

The action should run, as it runs without kubernetes mode.

If I comment out the ACTIONS_RUNNER_CONTAINER_HOOKS, the action is working as expected.

Additional Context

Values

template:
  spec:
    securityContext:
      fsGroup: 1001
    containers:
      - name: runner
        image: ghcr.io/mrclrchtr-de/actions-runner:v1.6.0
        env:
          - name: ACTIONS_RUNNER_CONTAINER_HOOKS
            value: /home/runner/k8s/index.js
          - name: ACTIONS_RUNNER_POD_NAME
            valueFrom:
              fieldRef:
                fieldPath: metadata.name
          - name: ACTIONS_RUNNER_REQUIRE_JOB_CONTAINER
            value: 'false'
          - name: DOCKER_HOST
            value: unix:///var/run/docker.sock
          - name: RUNNER_WAIT_FOR_DOCKER_IN_SECONDS
            value: "120"
          - name: TEST_INTEGRATION_USE_SNAPSHOTTER
            value: "true"
        command:
          - /home/runner/run.sh
        volumeMounts:
          - mountPath: /home/runner/_work
            name: work
          - mountPath: /var/run
            name: dind-sock

Workflow
```yaml
# A workflow run is made up of one or more jobs that can run sequentially or in parallel
jobs:
  # This workflow contains a single job called "scan"
  scan:

    permissions:
      contents: read # for actions/checkout to fetch code
      security-events: write # for GitHub/codeql-action/upload-sarif to upload SARIF results
      actions: read # only required for a private repository by GitHub/codeql-action/upload-sarif to get the Action run status

    # noinspection YAMLSchemaValidation
    runs-on: k8s-runner

    # Steps represent a sequence of tasks that will be executed as part of the job
    steps:
      # Checks-out your repository under $GITHUB_WORKSPACE, so follow-up steps can access it
      - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4

      - name: Checkov GitHub Action
        uses: bridgecrewio/checkov-action@16a499510c688de562827ce542c1bc3e641aea2c # v12
        with:
          # This will add both a CLI output to the console and create a results.sarif file
          output_format: cli,sarif
          output_file_path: console,results.sarif
          download_external_modules: true
          skip_check: CKV_GIT_5,CKV_GIT_6,CKV_TF_1
          quiet: true
          soft_fail: true

### Controller Logs

```shell
n/a

Runner Pod Logs

n/a

[github-actions[bot]]

Hello! Thank you for filing an issue.

The maintainers will triage your issue shortly.

In the meantime, please take a look at the troubleshooting guide for bug reports.

If this is a feature request, please review our contribution guidelines.