search

actions / runner-container-hooks

Runner Container Hooks for GitHub Actions
MIT License
67 stars 43 forks source link

Escaping issue in workflow using `containerMode.type: kubernetes` #99

Closed samchoraria closed 1 year ago

samchoraria commented 1 year ago

Hi, we're hitting an escaping issue with the new ARC scale-set runners in containerMode.type: kubernetes, which does not occur in containerMode.type: dind.

Tested on ARC, gha-runner-scale-set-0.4.0 using latest runner image.

This workflow reproduces the issue, we've used a rockylinux:8 container as it clearly shows escape related errors but the problems exists with e.g. ubuntu:latest. Workflow uses the github-script action with correctly formatted Javascript.

on:
  workflow_dispatch:

jobs:
  escape_test:
    runs-on: arc
    container:
      image: rockylinux:8

    steps:
      - name: Escaping not required...
        uses: actions/github-script@v6
        with:
          script: |
            console.log(process.env.GITHUB_WORKSPACE);

      - name: Escaped-ish in K8s mode...
        uses: actions/github-script@v6
        with:
          script: |
            const fish = 'tuna'
            console.log(`'<strong>Fish:</strong> ${fish} <br/>'`);
            console.log(`'${process.env.GITHUB_WORKSPACE}'`);

      - name: Escaping failure in K8s mode...
        uses: actions/github-script@v6
        with:
          script: |
            const fish = 'tuna';
            console.log(`<strong>Fish:</strong> ${fish} <br/>`);
            console.log(`Workspace is: ${process.env.GITHUB_WORKSPACE}`);

WORKING containerMode.type: dind results of final job step Escaping failure in K8s mode...

Run actions/github-script@v6
  with:
    script: const fish = 'tuna';
  console.log(`<strong>Fish:</strong> ${fish} <br/>`);
  console.log(`Workspace is: ${process.env.GITHUB_WORKSPACE}`);
    ...
/usr/bin/docker exec 13f368313f0f1043c2711a96caef013389460e2de3a70f73dac66bb1b28b sh -c "cat /etc/*release | grep ^ID"
<strong>Fish:</strong> tuna <br/>
Workspace is: /__w/dummy-service/dummy-service

FAILING containerMode.type: kubernetes results of final job step Escaping failure in K8s mode...

Run actions/github-script@v6
  with:
    script: const fish = 'tuna';
  console.log(`<strong>Fish:</strong> ${fish} <br/>`);
  console.log(`Workspace is: ${process.env.GITHUB_WORKSPACE}`);
     ...
Run '/home/runner/k8s/index.js'
  shell: /home/runner/externals/node16/bin/node {0}

/__w/_temp/902ea180-3b58-11ee-be34-5381b4801e58.sh: command substitution: line 3: syntax error near unexpected token `newline'
/__w/_temp/902ea180-3b58-11ee-be34-5381b4801e58.sh: line 3: ${process.env.GITHUB_WORKSPACE}: bad substitution
nikola-jokic commented 1 year ago

Hey @samchoraria,

Thank you for raising this issue! I have created a PR that should fix it