Git with a cup of tea! Painless self-hosted all-in-one software development service, including Git hosting, code review, team collaboration, package registry and CI/CD
I was trying to use Gitea Action Runner to implement a document building process. But whenever I want to use actions/checkout@v2 from github, it always fails to set up the job environment. The core error is
Extracting content to '/var/run/act/'
☁ git clone 'https://github.com/actions/checkout' # ref=v2
cloning https://github.com/actions/checkout to /home/***/.cache/act/actions-checkout@v2
Unable to clone https://github.com/actions/checkout refs/heads/v2: Get "https://github.com/actions/checkout/info/refs?service=git-upload-pack": tls: failed to verify certificate: x509: certificate signed by unknown authority
Therefore, I have tried to set up GIT_SSL_NO_VERIFY = true for the docker image to be loaded. But this variable doesn't seem to be passed along to the workflow. I have tried to include this variable setting in /etc/systemd/system/act_runner.service, as well as in my .gitea/workflow/build.yml file. For the later case, I have the following setting:
But in the runner's log, I cannot find anywhere that GIT_SSL_NO_VERIFY is set up. Also, even though I have set RUNNER_TOOL_CACHE: /toolcache, but in the log, that variable is still set to its default value at /opt/hostedtoolcache ...
See the log below:
132_action_runner(version:v0.2.10) received task 52 of job 44, be triggered by event: push
workflow prepared
evaluating expression 'success()'
expression 'success()' evaluated to 'true'
🚀 Start image=gitea/runner-images:ubuntu-[2](http://10.50.90.132:3000/PMA/PMA-MIL/actions/runs/24#jobstep-0-2)2.04
🐳 docker pull image=gitea/runner-images:ubuntu-22.04 platform= username= forcePull=false
🐳 docker pull gitea/runner-images:ubuntu-22.04
Image exists? true
Cleaning up network for job Build documentation, and network name is: GITEA-ACTIONS-TASK-52_WORKFLOW-Build-and-deploy-document_JOB-Build-documentation-build-network
🐳 docker create image=gitea/runner-images:ubuntu-22.04 platform= entrypoint=["/bin/sleep" "10800"] cmd=[] network="GITEA-ACTIONS-TASK-52_WORKFLOW-Build-and-deploy-document_JOB-Build-documentation-build-network"
Custom container.Config from options ==> &{Hostname: Domainname: User: AttachStdin:false AttachStdout:true AttachStderr:true ExposedPorts:map[] Tty:false OpenStdin:false StdinOnce:false Env:[] Cmd:[] Healthcheck:<nil> ArgsEscaped:false Image: Volumes:map[] WorkingDir: Entrypoint:[] NetworkDisabled:false MacAddress: OnBuild:[] Labels:map[] StopSignal: StopTimeout:<nil> Shell:[]}
Merged container.Config ==> &{Hostname: Domainname: User: AttachStdin:false AttachStdout:true AttachStderr:true ExposedPorts:map[] Tty:false OpenStdin:false StdinOnce:false Env:[RUNNER_TOOL_CACHE=/opt/hostedtoolcache RUNNER_OS=Linux RUNNER_ARCH=X64 RUNNER_TEMP=/tmp LANG=C.UTF-8] Cmd:[] Healthcheck:<nil> ArgsEscaped:false Image:gitea/runner-images:ubuntu-22.04 Volumes:map[] WorkingDir:/workspace/PMA/PMA-MIL Entrypoint:[/bin/sleep 10800] NetworkDisabled:false MacAddress: OnBuild:[] Labels:map[] StopSignal: StopTimeout:<nil> Shell:[]}
Custom container.HostConfig from options ==> &{Binds:[] ContainerIDFile: LogConfig:{Type: Config:map[]} NetworkMode:GITEA-ACTIONS-TASK-52_WORKFLOW-Build-and-deploy-document_JOB-Build-documentation-build-network PortBindings:map[] RestartPolicy:{Name:no MaximumRetryCount:0} AutoRemove:false VolumeDriver: VolumesFrom:[] ConsoleSize:[0 0] Annotations:map[] CapAdd:[] CapDrop:[] CgroupnsMode: DNS:[] DNSOptions:[] DNSSearch:[] ExtraHosts:[] GroupAdd:[] IpcMode: Cgroup: Links:[] OomScoreAdj:0 PidMode: Privileged:false PublishAllPorts:false ReadonlyRootfs:false SecurityOpt:[] StorageOpt:map[] Tmpfs:map[] UTSMode: UsernsMode: ShmSize:0 Sysctls:map[] Runtime: Isolation: Resources:{CPUShares:0 Memory:0 NanoCPUs:0 CgroupParent: BlkioWeight:0 BlkioWeightDevice:[] BlkioDeviceReadBps:[] BlkioDeviceWriteBps:[] BlkioDeviceReadIOps:[] BlkioDeviceWriteIOps:[] CPUPeriod:0 CPUQuota:0 CPURealtimePeriod:0 CPURealtimeRuntime:0 CpusetCpus: CpusetMems: Devices:[] DeviceCgroupRules:[] DeviceRequests:[] KernelMemory:0 KernelMemoryTCP:0 MemoryReservation:0 MemorySwap:0 MemorySwappiness:0xc000670940 OomKillDisable:0xc0006708[3](http://10.50.90.132:3000/PMA/PMA-MIL/actions/runs/24#jobstep-0-3)b PidsLimit:0xc0006709a0 Ulimits:[] CPUCount:0 CPUPercent:0 IOMaximumIOps:0 IOMaximumBandwidth:0} Mounts:[] MaskedPaths:[] ReadonlyPaths:[] Init:<nil>}
--network and --net in the options will be ignored.
Merged container.HostConfig ==> &{Binds:[/var/run/docker.sock:/var/run/docker.sock] ContainerIDFile: LogConfig:{Type: Config:map[]} NetworkMode:GITEA-ACTIONS-TASK-52_WORKFLOW-Build-and-deploy-document_JOB-Build-documentation-build-network PortBindings:map[] RestartPolicy:{Name:no MaximumRetryCount:0} AutoRemove:true VolumeDriver: VolumesFrom:[] ConsoleSize:[0 0] Annotations:map[] CapAdd:[] CapDrop:[] CgroupnsMode: DNS:[] DNSOptions:[] DNSSearch:[] ExtraHosts:[] GroupAdd:[] IpcMode: Cgroup: Links:[] OomScoreAdj:0 PidMode: Privileged:true PublishAllPorts:false ReadonlyRootfs:false SecurityOpt:[] StorageOpt:map[] Tmpfs:map[] UTSMode: UsernsMode: ShmSize:0 Sysctls:map[] Runtime: Isolation: Resources:{CPUShares:0 Memory:0 NanoCPUs:0 CgroupParent: BlkioWeight:0 BlkioWeightDevice:[] BlkioDeviceReadBps:[] BlkioDeviceWriteBps:[] BlkioDeviceReadIOps:[] BlkioDeviceWriteIOps:[] CPUPeriod:0 CPUQuota:0 CPURealtimePeriod:0 CPURealtimeRuntime:0 CpusetCpus: CpusetMems: Devices:[] DeviceCgroupRules:[] DeviceRequests:[] KernelMemory:0 KernelMemoryTCP:0 MemoryReservation:0 MemorySwap:0 MemorySwappiness:0xc0006709[4](http://10.50.90.132:3000/PMA/PMA-MIL/actions/runs/24#jobstep-0-4)0 OomKillDisable:0xc00067083b PidsLimit:0xc0006709a0 Ulimits:[] CPUCount:0 CPUPercent:0 IOMaximumIOps:0 IOMaximumBandwidth:0} Mounts:[{Type:volume Source:act-toolcache Target:/opt/hostedtoolcache ReadOnly:false Consistency: BindOptions:<nil> VolumeOptions:<nil> TmpfsOptions:<nil> ClusterOptions:<nil>} {Type:volume Source:GITEA-ACTIONS-TASK-[5](http://10.50.90.132:3000/PMA/PMA-MIL/actions/runs/24#jobstep-0-5)2_WORKFLOW-Build-and-deploy-document_JOB-Build-documentation-env Target:/var/run/act ReadOnly:false Consistency: BindOptions:<nil> VolumeOptions:<nil> TmpfsOptions:<nil> ClusterOptions:<nil>} {Type:volume Source:GITEA-ACTIONS-TASK-52_WORKFLOW-Build-and-deploy-document_JOB-Build-documentation Target:/workspace/PMA/PMA-MIL ReadOnly:false Consistency: BindOptions:<nil> VolumeOptions:<nil> TmpfsOptions:<nil> ClusterOptions:<nil>}] MaskedPaths:[] ReadonlyPaths:[] Init:<nil>}
Created container name=GITEA-ACTIONS-TASK-52_WORKFLOW-Build-and-deploy-document_JOB-Build-documentation id=09[6](http://10.50.90.132:3000/PMA/PMA-MIL/actions/runs/24#jobstep-0-6)4ebda47b41f8f806205e0a29ee791bcaf9effbe2bd96be9b20608cad83c15 from image gitea/runner-images:ubuntu-22.04 (platform: )
ENV ==> [RUNNER_TOOL_CACHE=/opt/hostedtoolcache RUNNER_OS=Linux RUNNER_ARCH=X64 RUNNER_TEMP=/tmp LANG=C.UTF-8]
🐳 docker run image=gitea/runner-images:ubuntu-22.04 platform= entrypoint=["/bin/sleep" "10800"] cmd=[] network="GITEA-ACTIONS-TASK-52_WORKFLOW-Build-and-deploy-document_JOB-Build-documentation-build-network"
Starting container: 0964ebda4[7](http://10.50.90.132:3000/PMA/PMA-MIL/actions/runs/24#jobstep-0-7)b41f8f806205e0a29ee791bcaf9effbe2bd96be9b20608cad[8](http://10.50.90.132:3000/PMA/PMA-MIL/actions/runs/24#jobstep-0-8)3c15
Started container: 0[9](http://10.50.90.132:3000/PMA/PMA-MIL/actions/runs/24#jobstep-0-9)64ebda47b41f8f806205e0a29ee791bcaf9effbe2bd96be9b20608cad83c15
Writing entry to tarball workflow/event.json len:4433
Writing entry to tarball workflow/envs.txt len:0
Extracting content to '/var/run/act/'
☁ git clone 'https://github.com/actions/checkout' # ref=v2
cloning https://github.com/actions/checkout to /home/***/.cache/act/actions-checkout@v2
Unable to clone https://github.com/actions/checkout refs/heads/v2: Get "https://github.com/actions/checkout/info/refs?service=git-upload-pack": tls: failed to verify certificate: x509: certificate signed by unknown authority
Get "https://github.com/actions/checkout/info/refs?service=git-upload-pack": tls: failed to verify certificate: x509: certificate signed by unknown authority
skipping post step for 'Deploy to server'; step was not executed
skipping post step for 'Set up Python'; step was not executed
skipping post step for 'Checkout code'; step was not executed
Cleaning up container for job Build documentation
Removed container: 0964ebda47b41f8f806205e0a29ee791bcaf9effbe2bd96be9b20608cad83c15
🐳 docker volume rm GITEA-ACTIONS-TASK-52_WORKFLOW-Build-and-deploy-document_JOB-Build-documentation
🐳 docker volume rm GITEA-ACTIONS-TASK-52_WORKFLOW-Build-and-deploy-document_JOB-Build-documentation-env
Cleaning up network for job Build documentation, and network name is: GITEA-ACTIONS-TASK-52_WORKFLOW-Build-and-deploy-document_JOB-Build-documentation-build-network
🏁 Job failed
Get "https://github.com/actions/checkout/info/refs?service=git-upload-pack": tls: failed to verify certificate: x509: certificate signed by unknown authority
So, how to make environment variables pass along to the container, and how to make git clone work in this case? I believe there is a bug.
Gitea Version
1.21.4
Can you reproduce the bug on the Gitea demo site?
Yes
Log Gist
No response
Screenshots
No response
Git Version
2.41.0
Operating System
CentOS 7.9
How are you running Gitea?
Run Gitea from binary, and Action Runner from a binary. Host everything on a centOS server.
Thanks for the report! While this suggestion possibly won't affect anything, could you try bumping the checkout action to v4? Could you also try setting the env you want on the checkout it step itself?
Description
I was trying to use Gitea Action Runner to implement a document building process. But whenever I want to use
actions/checkout@v2
from github, it always fails to set up the job environment. The core error isTherefore, I have tried to set up
GIT_SSL_NO_VERIFY = true
for the docker image to be loaded. But this variable doesn't seem to be passed along to the workflow. I have tried to include this variable setting in/etc/systemd/system/act_runner.service
, as well as in my.gitea/workflow/build.yml
file. For the later case, I have the following setting:But in the runner's log, I cannot find anywhere that
GIT_SSL_NO_VERIFY
is set up. Also, even though I have setRUNNER_TOOL_CACHE: /toolcache
, but in the log, that variable is still set to its default value at/opt/hostedtoolcache
...See the log below:
So, how to make environment variables pass along to the container, and how to make git clone work in this case? I believe there is a bug.
Gitea Version
1.21.4
Can you reproduce the bug on the Gitea demo site?
Yes
Log Gist
No response
Screenshots
No response
Git Version
2.41.0
Operating System
CentOS 7.9
How are you running Gitea?
Run Gitea from binary, and Action Runner from a binary. Host everything on a centOS server.
Database
None