gitleaks / gitleaks-action

Protect your secrets using Gitleaks-Action
https://gitleaks.io
Other
330 stars 129 forks source link

Fix installation error on self-hosted runner #138

Open simonjur opened 8 months ago

simonjur commented 8 months ago

Suffix download temporary file with version. Delete the temporary file after extraction.

Should fix #127

soulseekah commented 2 months ago

This works, however, I think that the download should not depend on the username (we use "root" on all our runners) but rather on the runner name instead.

simonjur commented 2 months ago

Yes true. Good point. Let me fix it.

simonjur commented 2 months ago

🤔 actually... it seems there is no (nice) way how to get the runner name from JS action https://github.com/actions/toolkit/issues/1681 I'll investigate a bit more on this... (tomorrow)

nashpaz123 commented 1 month ago

also waiting for the merge on this :-)

soulseekah commented 1 month ago

Here's an idea: why not use - env and RUNNER_NAME: ${{ runner.name }}. And then use the environment variable via process.env as per usual? If it's not set use hostname.

I've also opened a discussion here https://github.com/orgs/community/discussions/137836 if you care to upvote :)

soulseekah commented 1 month ago

@simonjur https://docs.github.com/en/actions/writing-workflows/choosing-what-your-workflow-does/store-information-in-variables#default-environment-variables it seems that RUNNER_NAME environment variable should actually be there. But I'm not seeing it for some reason. Can you try?

simonjur commented 1 month ago

@soulseekah many thanks for the suggestion 👍 . I was a bit stuck on this. Let me try it and get back to you (hopefully today)

simonjur commented 1 month ago

Here's an idea: why not use - env and RUNNER_NAME: ${{ runner.name }}. And then use the environment variable via process.env as per usual? If it's not set use hostname.

I've also opened a discussion here https://github.com/orgs/community/discussions/137836 if you care to upvote :)

just a note to this solution. yep this would work and I was considering it... but passing some env like: RUNNER_NAME: ${{ runner.name }} to this action just doesn't look good... I mean it just doesn't fit to the other envs:

- uses: gitleaks/gitleaks-action@v2
  env:
    RUNNER_NAME: ${{ runner.name }}.   <-------------------- yep it would work but how is this related to what the action is actually doing? Looks more like a hack to me.
    GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
    GITLEAKS_LICENSE: ${{ secrets.GITLEAKS_LICENSE}} # Only required for Organizations, not personal accounts.

But it's a good suggestion and a last-resort fallback maybe... we'll see 🙈

simonjur commented 1 month ago

yep env var is there self-hosted runner:

...
  "GITHUB_ACTION_REF": "main",
  "RUNNER_OS": "Linux",
  "RUNNER_ARCH": "X64",
  "RUNNER_NAME": "github-actions-runner24-1",
  "RUNNER_ENVIRONMENT": "self-hosted",   <-------------- THIS
  "RUNNER_TOOL_CACHE": "/home/actions-runner-1/runner/_work/_tool",
...

and like this on gh-hosted runner:

...
  "RUNNER_OS": "Linux",
  "RUNNER_ARCH": "X64",
  "RUNNER_NAME": "GitHub Actions 11",   <-------------- THIS
  "RUNNER_ENVIRONMENT": "github-hosted",
  "RUNNER_TEMP": "/home/runner/work/_temp",
...

let me finish this PR then...

simonjur commented 1 month ago

fixed ✅