Latest runner does not have permission to remove files in `post` runs

[sethvargo]

Describe the bug Permissions regression in latest GitHub-hosted Actions runner.

To Reproduce

1. Run any action that deletes a file as a "post" step (e.g. google-github-actions/auth).

Expected behavior Post steps should not fail with EACCES: permission denied when deleting a file.

Runner Version and Platform

2.316.0

OS of the machine running the runner?
ubuntu-22.04, but also happening on ubuntu-20.04

What's not working?

Post job cleanup.
##[error]google-github-actions/auth post failed with: failed to remove "/runner/_work/workspace/workspace/gha-creds-27dd4d9424d98d66.json": EACCES: permission denied, unlink '/runner/_work/workspace/workspace/gha-creds-27dd4d9424d98d66.json'
##[debug]Node Action run completed with exit code 1

Additional Info

I am one of the authors of a GitHub Action that uses a post step. The action has not changed since Feb 25, 2024, but there have been an influx of issues like https://github.com/google-github-actions/auth/issues/411, which point to a permissions change on the runner with a recent release. Like many GitHub Actions, we use a post step to clean the runner after invocations, so that self-hosted runners are not polluted with credentials.

The code that executes the remove is fairly straightforwarded, and has been working without issue for over a year.

[JoelBenton-hx]

Within the google-github-actions/auth#411 there has been a fix added with pinninggruntwork-io/terragrunt-action to Version 2.0.2 which appears to fix the issue (If you are using this in with google-github-actions/auth). Link to terragrunt-action ticket - https://github.com/gruntwork-io/terragrunt-action/issues/64

[sethvargo]

Looks like this is actually an issue with a different action modifying permissions: https://github.com/gruntwork-io/terragrunt-action/issues/64.