search

actions / runner

The Runner for GitHub Actions :rocket:
https://github.com/features/actions
MIT License
4.86k stars 954 forks source link

Runner version 2.320.0 breaks my custom image #3488

Open DAGRSAG opened 2 weeks ago

DAGRSAG commented 2 weeks ago

Describe the bug I have own images which I'm using for our ARC runners. Those images are using your runner image as base. With the new version 2.320.0 my workflow fails, because ssh-keyscan is no longer available

To Reproduce here is my docker file to create our internal images

ARG RUNNER_VERSION=2.320.0

FROM ghcr.io/actions/actions-runner:${RUNNER_VERSION}

USER root

# Install common dependencies
RUN apt update -y && apt upgrade -y && \
    apt install -y \
        git-lfs \
        gettext-base \
        zstd && \
    git lfs install && \
    wget https://github.com/mikefarah/yq/releases/latest/download/yq_linux_amd64 -O /usr/bin/yq && \
    chmod +x /usr/bin/yq && \
    curl -sL https://deb.nodesource.com/setup_20.x | bash - && \
    curl -fsSL https://cli.github.com/packages/githubcli-archive-keyring.gpg | dd of=/usr/share/keyrings/githubcli-archive-keyring.gpg && \
    chmod go+r /usr/share/keyrings/githubcli-archive-keyring.gpg && \
    echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/githubcli-archive-keyring.gpg] https://cli.github.com/packages stable main" | tee /etc/apt/sources.list.d/github-cli.list > /dev/null && \
    apt update && apt install -y gh nodejs && \
    rm -rf /var/lib/apt/lists/*

USER runner

RUN mkdir -p ~/.ssh && sudo ssh-keyscan -t rsa github.com >> ~/.ssh/known_hosts

Expected behavior docker build can be executed without any issue

Runner Version and Platform

2.320.0

What's not working?

#6 [3/3] RUN mkdir -p ~/.ssh && sudo ssh-keyscan -t rsa github.com >> ~/.ssh/known_hosts
#6 0.257 sudo: ssh-keyscan: command not found
#6 ERROR: process "/bin/sh -c mkdir -p ~/.ssh && sudo ssh-keyscan -t rsa github.com >> ~/.ssh/known_hosts" did not complete successfully: exit code: 1
------
 > [3/3] RUN mkdir -p ~/.ssh && sudo ssh-keyscan -t rsa github.com >> ~/.ssh/known_hosts:
0.257 sudo: ssh-keyscan: command not found
------
Dockerfile:30
--------------------
  28 |     USER runner
  29 |     
  30 | >>> RUN mkdir -p ~/.ssh && sudo ssh-keyscan -t rsa github.com >> ~/.ssh/known_hosts
  31 |     
--------------------
ERROR: failed to solve: process "/bin/sh -c mkdir -p ~/.ssh && sudo ssh-keyscan -t rsa github.com >> ~/.ssh/known_hosts" did not complete successfully: exit code: 1

Please explain, why this isn't working anymore? In the changelog I could not find anything about such a change. With version 2.319.1 it worked without any issue. I want to understand if this is an expected breaking change or a mistake

BR Daniel

brconnell4 commented 2 weeks ago

I had the same problem with one of our developers using openssh in our cicd. I added the following to our dockerfile

We were using

            - name: Setup SSH
              uses: webfactory/ssh-agent@v0.9.0
# Required for Actions
RUN apt-get update && apt-get install -y git \
    curl \
    jq \
    openssh-client

# Used for mobile
ENV PATH="/usr/bin/ssh-agent:${PATH}"

The new addition being openssh-client , the other installs are just for other dependencies not required for this situation. It still took a good 2 hours out of my work day to triage as I did other dependency updates in our runners. It would be amazing if things broke in a minor version update that they were in the readme notes and to add deprecation warnings in logs and messages to not waste developer time