search

game-ci / unity-builder

Build Unity projects for different platforms
https://github.com/marketplace/actions/unity-builder
MIT License
839 stars 239 forks source link

UPM authentication and runAsHostUser on self-hosted linux runner #660

Open eberleinNeobird opened 1 month ago

eberleinNeobird commented 1 month ago

Bug description

I created a self-hosted Linux runner for GitHub, to build my unity app. When I set the unity-builder runAsHosteUser to true authentication to UPM Server fails:

An error occurred while resolving packages:
  Project has invalid dependencies:
    com.neobird.bootstrap: Request [GET <my verdaccio package>] failed because it lacks valid authentication credentials

How to reproduce

Install Linux runner like described on: https://game.ci/docs/self-hosting/host-provisioning/ubuntu-setup

Use these two steps:

      - name: Setup UPM Authentication
        timeout-minutes: 10
        run: |
          mkdir ${{ runner.temp }}/_github_home
          cd ${{ runner.temp }}/_github_home
          echo "[npmAuth.\"my verdaccio url"]" >> .upmconfig.toml
          echo "alwaysAuth = true" >> .upmconfig.toml
          echo "token = \"${{ secrets.NPM_AUTH_TOKEN }}\"" >> .upmconfig.toml

and

      - name: Unity Build (${{ matrix.targetPlatform }}, ${{ matrix.buildProfile }}, ${{ matrix.unityVersion }})
        uses: game-ci/unity-builder@v4
        timeout-minutes: 60
        env:
          UNITY_SERIAL: ${{ secrets.UNITY_SERIAL }}
          UNITY_EMAIL: ${{ secrets.UNITY_EMAIL }}
          UNITY_PASSWORD: ${{ secrets.UNITY_PASSWORD }}
        with:
          runAsHostUser: ${{ matrix.runAsHostUser }}
          versioning: Semantic
          dockerWorkspacePath: /github/workspace
          unityVersion: ${{ matrix.unityVersion }}
          targetPlatform: ${{ matrix.targetPlatform }}
          buildMethod: NeoBird.Build.BuildScript
          customParameters: '-buildProfile ${{ matrix.buildProfile }

matrix.runAsHostUser of course is true.

Expected behavior

UPM packages should be resolved.

Maybe it's because of step Setup, UPM Authentication does not run as HostUser. Thx for your help.

GabLeRoux commented 1 month ago

Here is something you might try to resolve your authentication issue with UPM. (Note: I did not try this).

When using runAsHostUser: true on a self-hosted Linux runner, the problem might be from the .upmconfig.toml file not being accessible or correctly configured for the host user.

  1. Adjust UPM Authentication Setup: Place the .upmconfig.toml in the host user's home directory:

    - name: Setup UPM Authentication
 timeout-minutes: 10
 run: |
   mkdir -p $HOME/.upmconfig
   echo "[npmAuth.\"<your verdaccio url>\"]" >> $HOME/.upmconfig/.upmconfig.toml
   echo "alwaysAuth = true" >> $HOME/.upmconfig/.upmconfig.toml
   echo "token = \"${{ secrets.NPM_AUTH_TOKEN }}\"" >> $HOME/.upmconfig/.upmconfig.toml

  2. Ensure Permissions: Ensure the file has the correct permissions for the host user:

    - name: Set Permissions for UPM Config
 run: |
   chown -R $(whoami) $HOME/.upmconfig

  3. Use the Correct User: Ensure the Unity build step runs as the correct user:

    - name: Unity Build
 uses: game-ci/unity-builder@v4
 timeout-minutes: 60
 env:
   UNITY_SERIAL: ${{ secrets.UNITY_SERIAL }}
   UNITY_EMAIL: ${{ secrets.UNITY_EMAIL }}
   UNITY_PASSWORD: ${{ secrets.UNITY_PASSWORD }}
 with:
   runAsHostUser: true
   versioning: Semantic
   dockerWorkspacePath: /github/workspace
   unityVersion: ${{ matrix.unityVersion }}
   targetPlatform: ${{ matrix.targetPlatform }}
   buildMethod: NeoBird.Build.BuildScript
   customParameters: '-buildProfile ${{ matrix.buildProfile }}'

The UPM configuration file is documented here: https://docs.unity3d.com/Manual/upm-config.html

JanikHelbig-NB commented 3 weeks ago

Hi @GabLeRoux, I'm working on the same issue as @eberleinNeobird and I've tried to apply your suggestions. I've checked the logs and the docker container is being correctly run with the RUN_AS_HOST_USER=true flag. The Setup UPM Authentication step now also creates the .upmconfig.toml file inside host user home directory, as it should, and the file permissions appear correct.

Unfortunately the Unity instance inside the docker container still doesn't seem to be able to locate it. Unity doesn't log where it's looking for this configuration file and wether or not it's found anything either.

Is there a way to mount additional directories to the docker container or at least pass an additional environment variable? Ideally without needing to configure custom docker images.

GabLeRoux commented 3 weeks ago

Is there a way to mount additional directories to the docker container or at least pass an additional environment variable? Ideally without needing to configure custom docker images.

I'm not exactly sure how this can be achieved with github-actions. I think the most important thing here is to figure out where Unity reads .upmconfig.toml and confirm it has access to it. According to https://docs.unity3d.com/Manual/upm-config.html It should be $HOME/.upmconfig.

Maybe a way to investigate this would be to fork the game-ci/unity-builder action, update the scripts and run the action with custom commands within the docker image to print what the container has access to.

If the container can't see $HOME/.upmconfig, we'll need to figure out how it can see it.

I don't have much information on that either.