Permissions denied to delete files

wrdls commented 1 year ago

devbox-install-action seems to be missing permissions to clean up it's own files.

This doesn't seem to affect the pipeline outcome, but it generates a lot of logs.

I call the action as follows:

    - name: Install devbox
      uses: jetpack-io/devbox-install-action@v0.6.0
      with:
        project-path: ${{ github.action_path }}
        enable-cache: 'true'
        refresh-cli: 'false'
        disable-nix-access-token: 'true'
        devbox-version: 0.5.11

Logs

``` 2023-08-30T07:18:52.8613548Z Requested labels: ubuntu-latest 2023-08-30T07:18:52.8615004Z Waiting for a runner to pick up this job... 2023-08-30T07:18:54.8704455Z Job is waiting for a hosted runner to come online. 2023-08-30T07:18:55.8642805Z Job is about to start running on the hosted runner: GitHub Actions 2 (hosted) 2023-08-30T07:18:59.8522963Z Current runner version: '2.308.0' 2023-08-30T07:18:59.8548766Z ##[group]Operating System 2023-08-30T07:18:59.8549333Z Ubuntu 2023-08-30T07:18:59.8549625Z 22.04.3 2023-08-30T07:18:59.8549958Z LTS 2023-08-30T07:18:59.8550214Z ##[endgroup] 2023-08-30T07:18:59.8550549Z ##[group]Runner Image 2023-08-30T07:18:59.8550899Z Image: ubuntu-22.04 2023-08-30T07:18:59.8551223Z Version: 20230821.1.0 2023-08-30T07:18:59.8551736Z Included Software: https://github.com/actions/runner-images/blob/ubuntu22/20230821.1/images/linux/Ubuntu2204-Readme.md 2023-08-30T07:18:59.8552396Z Image Release: https://github.com/actions/runner-images/releases/tag/ubuntu22%2F20230821.1 2023-08-30T07:18:59.8552863Z ##[endgroup] 2023-08-30T07:18:59.8553209Z ##[group]Runner Image Provisioner 2023-08-30T07:18:59.8553510Z 2.0.266.1 2023-08-30T07:18:59.8553844Z ##[endgroup] 2023-08-30T07:18:59.8554502Z ##[group]GITHUB_TOKEN Permissions 2023-08-30T07:18:59.8555028Z Contents: read 2023-08-30T07:18:59.8555303Z Metadata: read 2023-08-30T07:18:59.8555863Z ##[endgroup] ... 2023-08-30T07:19:06.1406861Z ##[group]Run jetpack-io/devbox-install-action@v0.6.0 2023-08-30T07:19:06.1407142Z with: 2023-08-30T07:19:06.1407444Z project-path: /home/runner/work/_actions/mycompany/mycustom-action/main 2023-08-30T07:19:06.1407768Z enable-cache: true 2023-08-30T07:19:06.1407997Z refresh-cli: false 2023-08-30T07:19:06.1408240Z disable-nix-access-token: true 2023-08-30T07:19:06.1408495Z devbox-version: 0.5.11 2023-08-30T07:19:06.1408718Z ##[endgroup] 2023-08-30T07:19:06.1476735Z ##[group]Run sudo chmod u+s "$(command -v tar)" 2023-08-30T07:19:06.1477121Z [36;1msudo chmod u+s "$(command -v tar)"[0m 2023-08-30T07:19:06.1537159Z shell: /usr/bin/bash --noprofile --norc -e -o pipefail {0} 2023-08-30T07:19:06.1537483Z ##[endgroup] 2023-08-30T07:19:06.2613732Z ##[group]Run actions/cache@v3 2023-08-30T07:19:06.2613964Z with: 2023-08-30T07:19:06.2614271Z path: ~/.nix-defexpr ~/.nix-profile /nix/store /nix/var/nix ~/.local/state/nix 2023-08-30T07:19:06.2614600Z key: Linux-devbox- 2023-08-30T07:19:06.2614847Z enableCrossOsArchive: false 2023-08-30T07:19:06.2615108Z fail-on-cache-miss: false 2023-08-30T07:19:06.2615342Z lookup-only: false 2023-08-30T07:19:06.2615554Z ##[endgroup] 2023-08-30T07:19:06.4927878Z Cache not found for input keys: Linux-devbox- 2023-08-30T07:19:06.5006057Z ##[group]Run if [[ -n $DEVBOX_USE_VERSION ]]; then 2023-08-30T07:19:06.5006410Z [36;1mif [[ -n $DEVBOX_USE_VERSION ]]; then[0m 2023-08-30T07:19:06.5006746Z [36;1m echo "latest_version=$DEVBOX_USE_VERSION" >> $GITHUB_ENV[0m 2023-08-30T07:19:06.5007044Z [36;1melse[0m 2023-08-30T07:19:06.5007266Z [36;1m tmp_file=$(mktemp)[0m 2023-08-30T07:19:06.5007599Z [36;1m latest_url="https://releases.jetpack.io/devbox/stable/version"[0m 2023-08-30T07:19:06.5008003Z [36;1m curl --fail --silent --location --output "${tmp_file}" "${latest_url}"[0m 2023-08-30T07:19:06.5008342Z [36;1m latest_version=$(cat "${tmp_file}")[0m 2023-08-30T07:19:06.5008637Z [36;1m if [[ -n ${latest_version} ]]; then[0m 2023-08-30T07:19:06.5008961Z [36;1m echo "Found devbox latest version ${latest_version}."[0m 2023-08-30T07:19:06.5009311Z [36;1m echo "latest_version=$latest_version" >> $GITHUB_ENV[0m 2023-08-30T07:19:06.5009579Z [36;1m else[0m 2023-08-30T07:19:06.5009864Z [36;1m echo "ERROR: unable to find the latest devbox version."[0m 2023-08-30T07:19:06.5010147Z [36;1m exit 1[0m 2023-08-30T07:19:06.5010353Z [36;1m fi[0m 2023-08-30T07:19:06.5010547Z [36;1mfi[0m 2023-08-30T07:19:06.5065630Z shell: /usr/bin/bash --noprofile --norc -e -o pipefail {0} 2023-08-30T07:19:06.5065966Z env: 2023-08-30T07:19:06.5066196Z DEVBOX_USE_VERSION: 0.5.11 2023-08-30T07:19:06.5066426Z ##[endgroup] 2023-08-30T07:19:06.5344609Z ##[group]Run actions/cache@v3 2023-08-30T07:19:06.5345387Z with: 2023-08-30T07:19:06.5345632Z path: /usr/local/bin/devbox 2023-08-30T07:19:06.5345906Z key: Linux-devbox-0.5.11 2023-08-30T07:19:06.5346186Z enableCrossOsArchive: false 2023-08-30T07:19:06.5346643Z fail-on-cache-miss: false 2023-08-30T07:19:06.5346908Z lookup-only: false 2023-08-30T07:19:06.5347146Z env: 2023-08-30T07:19:06.5347376Z latest_version: 0.5.11 2023-08-30T07:19:06.5347619Z ##[endgroup] 2023-08-30T07:19:06.7900601Z Cache not found for input keys: Linux-devbox-0.5.11 2023-08-30T07:19:06.8001070Z ##[group]Run export DEVBOX_USE_VERSION="0.5.11" 2023-08-30T07:19:06.8001428Z [36;1mexport DEVBOX_USE_VERSION="0.5.11"[0m 2023-08-30T07:19:06.8001777Z [36;1mcurl -fsSL https://get.jetpack.io/devbox | FORCE=1 bash[0m 2023-08-30T07:19:06.8002070Z [36;1m[0m 2023-08-30T07:19:06.8002465Z [36;1mversion=$(devbox version)[0m 2023-08-30T07:19:06.8002763Z [36;1mif [[ ! "$version" = "$DEVBOX_USE_VERSION" ]]; then[0m 2023-08-30T07:19:06.8003172Z [36;1m echo "ERROR: mismatch devbox version downloaded. Expected $DEVBOX_USE_VERSION, got $version."[0m 2023-08-30T07:19:06.8003518Z [36;1m exit 1[0m 2023-08-30T07:19:06.8003725Z [36;1mfi[0m 2023-08-30T07:19:06.8004018Z [36;1mDEVBOX_BINARY="$(find "${HOME}/.cache/devbox/bin" -name devbox)"[0m 2023-08-30T07:19:06.8004351Z [36;1mif [ -n "$DEVBOX_SHA256" ]; then[0m 2023-08-30T07:19:06.8004658Z [36;1m if command -v "sha256sum" 1>/dev/null 2>&1; then[0m 2023-08-30T07:19:06.8004993Z [36;1m # Linux distributions will likely have this.[0m 2023-08-30T07:19:06.8005347Z [36;1m DEVBOX_CHECKSUM="$(sha256sum "$DEVBOX_BINARY" | cut -f1 -d' ')"[0m 2023-08-30T07:19:06.8005699Z [36;1m elif command -v "shasum" 1>/dev/null 2>&1; then[0m 2023-08-30T07:19:06.8005992Z [36;1m # MacOS comes with this.[0m 2023-08-30T07:19:06.8006323Z [36;1m DEVBOX_CHECKSUM="$(shasum -a 256 "$DEVBOX_BINARY" | cut -f1 -d' ')"[0m 2023-08-30T07:19:06.8006617Z [36;1m fi[0m 2023-08-30T07:19:06.8006809Z [36;1m[0m 2023-08-30T07:19:06.8007042Z [36;1m if [ -z "$DEVBOX_CHECKSUM" ]; then[0m 2023-08-30T07:19:06.8007429Z [36;1m echo "ERROR: unable to get devbox checksum. Please ensure sha256sum or shasum is installed."[0m 2023-08-30T07:19:06.8007776Z [36;1m exit 2[0m 2023-08-30T07:19:06.8007996Z [36;1m fi[0m 2023-08-30T07:19:06.8008183Z [36;1m[0m 2023-08-30T07:19:06.8008442Z [36;1m if [[ ! "$DEVBOX_CHECKSUM" = "$DEVBOX_SHA256" ]]; then[0m 2023-08-30T07:19:06.8008835Z [36;1m echo "ERROR: checksums do not match. Expected $DEVBOX_SHA256, got $DEVBOX_CHECKSUM."[0m 2023-08-30T07:19:06.8009163Z [36;1m exit 3[0m 2023-08-30T07:19:06.8009363Z [36;1m fi[0m 2023-08-30T07:19:06.8009555Z [36;1mfi[0m 2023-08-30T07:19:06.8009816Z [36;1msudo mv "$DEVBOX_BINARY" /usr/local/bin/devbox[0m 2023-08-30T07:19:06.8063736Z shell: /usr/bin/bash --noprofile --norc -e -o pipefail {0} 2023-08-30T07:19:06.8064033Z env: 2023-08-30T07:19:06.8064241Z latest_version: 0.5.11 2023-08-30T07:19:06.8064470Z DEVBOX_SHA256: 2023-08-30T07:19:06.8064681Z ##[endgroup] 2023-08-30T07:19:07.1336978Z Devbox 📦 by jetpack.io 2023-08-30T07:19:07.1337762Z Instant and predictable development environments and containers. 2023-08-30T07:19:07.1338272Z 2023-08-30T07:19:07.1338676Z This script downloads and installs the latest devbox binary. 2023-08-30T07:19:07.1338942Z 2023-08-30T07:19:07.1339059Z Confirm Installation Details 2023-08-30T07:19:07.1339341Z Location: /usr/local/bin/devbox 2023-08-30T07:19:07.1339678Z Download URL: https://releases.jetpack.io/devbox 2023-08-30T07:19:07.1339885Z 2023-08-30T07:19:07.1339897Z 2023-08-30T07:19:07.1341127Z Downloading and Installing 2023-08-30T07:19:07.1341703Z → Downloading devbox binary... 2023-08-30T07:19:07.6986883Z [1F[0K✓ Downloading devbox binary... [DONE] 2023-08-30T07:19:07.6987713Z → Installing in /usr/local/bin/devbox (requires sudo)... 2023-08-30T07:19:08.0132307Z [1F[0K✓ Installing in /usr/local/bin/devbox... [DONE] 2023-08-30T07:19:08.3149048Z ✓ Successfully installed devbox 🚀 2023-08-30T07:19:08.6162595Z 2023-08-30T07:19:08.6163284Z Next Steps 2023-08-30T07:19:08.6165950Z 1. Learn how to use devbox 2023-08-30T07:19:08.6166711Z Run devbox help or read the docs at https://github.com/jetpack-io/devbox 2023-08-30T07:19:08.6167828Z 2. Get help and give feedback 2023-08-30T07:19:08.6168416Z Join our community at https://discord.gg/jetpack-io 2023-08-30T07:19:08.6433447Z → Downloading version 0.5.11... 2023-08-30T07:19:09.4737199Z [1F[0K✓ Downloading version 0.5.11... [DONE] 2023-08-30T07:19:09.4768019Z → Verifying checksum... 2023-08-30T07:19:09.8277196Z [1F[0K✓ Verifying checksum... [DONE] 2023-08-30T07:19:09.8277587Z → Unpacking binary... 2023-08-30T07:19:10.0095610Z [1F[0K✓ Unpacking binary... [DONE] 2023-08-30T07:19:10.0128998Z 2023-08-30T07:19:10.0491586Z ##[group]Run NIX_INSTALLER_NO_CHANNEL_ADD=1 2023-08-30T07:19:10.0492078Z [36;1mNIX_INSTALLER_NO_CHANNEL_ADD=1[0m 2023-08-30T07:19:10.0492344Z [36;1mNIX_BUILD_SHELL=/bin/bash[0m 2023-08-30T07:19:10.0492734Z [36;1mdevbox run --config=/home/runner/work/_actions/mycompany/mycustom-action/main -- echo "Packages installed!"[0m 2023-08-30T07:19:10.0547318Z shell: /usr/bin/bash --noprofile --norc -e -o pipefail {0} 2023-08-30T07:19:10.0547620Z env: 2023-08-30T07:19:10.0547872Z latest_version: 0.5.11 2023-08-30T07:19:10.0548105Z ##[endgroup] 2023-08-30T07:19:10.0678494Z 2023-08-30T07:19:10.0678979Z Nix is not installed. Devbox will attempt to install it. 2023-08-30T07:19:10.0679545Z 2023-08-30T07:19:10.0681482Z Installing nix with: curl -L https://nixos.org/nix/install | sh -s 2023-08-30T07:19:10.0681860Z This may require sudo access. 2023-08-30T07:19:10.0745035Z % Total % Received % Xferd Average Speed Time Time Time Current 2023-08-30T07:19:10.0745771Z Dload Upload Total Spent Left Speed 2023-08-30T07:19:10.0746270Z 2023-08-30T07:19:10.3264568Z 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0 2023-08-30T07:19:10.3267827Z 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0 2023-08-30T07:19:10.4462840Z 2023-08-30T07:19:10.4464319Z 100 4052 100 4052 0 0 10890 0 --:--:-- --:--:-- --:--:-- 10890 2023-08-30T07:19:10.4509677Z downloading Nix 2.17.0 binary tarball for x86_64-linux from 'https://releases.nixos.org/nix/nix-2.17.0/nix-2.17.0-x86_64-linux.tar.xz' to '/tmp/nix-binary-tarball-unpack.YYsbj5Tg6v'... 2023-08-30T07:19:10.4559138Z % Total % Received % Xferd Average Speed Time Time Time Current 2023-08-30T07:19:10.4559546Z Dload Upload Total Spent Left Speed 2023-08-30T07:19:10.4559762Z 2023-08-30T07:19:10.5599094Z 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0 2023-08-30T07:19:10.9574787Z 0 21.1M 0 8385 0 0 80485 0 0:04:35 --:--:-- 0:04:35 79857 2023-08-30T07:19:10.9575674Z 100 21.1M 100 21.1M 0 0 42.1M 0 --:--:-- --:--:-- --:--:-- 42.0M 2023-08-30T07:19:13.1676097Z Note: a multi-user installation is possible. See https://nixos.org/manual/nix/stable/installation/installing-binary.html#multi-user-installation 2023-08-30T07:19:13.1726924Z performing a single-user installation of Nix... 2023-08-30T07:19:13.1727519Z directory /nix does not exist; creating it by running 'mkdir -m 0755 /nix && chown runner /nix' using sudo 2023-08-30T07:19:13.1829466Z copying Nix to /nix/store... 2023-08-30T07:19:13.5476134Z 2023-08-30T07:19:13.6181939Z installing 'nix-2.17.0' 2023-08-30T07:19:13.6279048Z building '/nix/store/61gizrp8m1wm9r9jh9ric60fdri1m0fc-user-environment.drv'... 2023-08-30T07:19:14.7862934Z unpacking channels... 2023-08-30T07:19:24.8684673Z modifying /home/runner/.bash_profile... 2023-08-30T07:19:24.8691304Z 2023-08-30T07:19:24.8692124Z Installation finished! To ensure that the necessary environment 2023-08-30T07:19:24.8693179Z variables are set, either log in again, or type 2023-08-30T07:19:24.8693587Z 2023-08-30T07:19:24.8694040Z . /home/runner/.nix-profile/etc/profile.d/nix.sh 2023-08-30T07:19:24.8694317Z 2023-08-30T07:19:24.8694486Z in your shell. 2023-08-30T07:19:24.8739669Z rm: cannot remove '/tmp/nix-binary-tarball-unpack.YYsbj5Tg6v/unpack/nix-2.17.0-x86_64-linux/install-systemd-multi-user.sh': Permission denied 2023-08-30T07:19:24.8742240Z rm: cannot remove '/tmp/nix-binary-tarball-unpack.YYsbj5Tg6v/unpack/nix-2.17.0-x86_64-linux/install': Permission denied 2023-08-30T07:19:24.8744047Z rm: cannot remove '/tmp/nix-binary-tarball-unpack.YYsbj5Tg6v/unpack/nix-2.17.0-x86_64-linux/install-multi-user': Permission denied 2023-08-30T07:19:24.8745438Z rm: cannot remove '/tmp/nix-binary-tarball-unpack.YYsbj5Tg6v/unpack/nix-2.17.0-x86_64-linux/store/jpj9lx0p2h1vs3gkzj8jh350113bsm84-sqlite-3.39.4/lib/libsqlite3.so.0.8.6': Permission denied ... ```

savil commented 1 year ago

@LucilleH are you familiar already with how to edit the permissions for this action? If not, I can look into it.

LucilleH commented 1 year ago

looks like this step is not getting around the permission issue as it promises. @savil can you look? I'm a bit swamped this week

alexpovel commented 11 months ago

I also ran into that issue, and can provide a "live example" for debugging. Perhaps useful to you. In that example, that pipeline step is fine and finishes, like the OP observed as well.

However, that run was a couple days ago, and by now the install pipeline step itself doesn't finish successfully anymore. Not sure if that's related to the /tmp deletion issue though...

EDIT: Nope, second issue is unrelated to first one. Removing enable-cache: true gets rid of the permission issue, but the error persists: ERROR: mismatch devbox version downloaded. Expected 0.5.12, got ... scroll down to end of output... 0.5.12.. Which is... bizarre! Perhaps a whitespace issue here...? Got rid of this one by specifying devbox-version: 0.5.11 for the action. In any case, a separate issue. Isn't bash wonderful 😋

savil commented 11 months ago

@alexpovel thanks for reporting your experience.

I pulled out the second bug into its own issue https://github.com/jetpack-io/devbox-install-action/issues/15. We are looking into it.

savil commented 11 months ago

From https://github.com/alexpovel/ancv/actions/runs/6047793118/job/16411917582#step:3:173

rm: cannot remove '/tmp/nix-binary-tarball-unpack.2fjskgl82F/unpack/nix-2.17.0-x86_64-linux/install-systemd-multi-user.sh': Permission denied
rm: cannot remove '/tmp/nix-binary-tarball-unpack.2fjskgl82F/unpack/nix-2.17.0-x86_64-linux/install': Permission denied
rm: cannot remove '/tmp/nix-binary-tarball-unpack.2fjskgl82F/unpack/nix-2.17.0-x86_64-linux/install-multi-user': Permission denied
rm: cannot remove '/tmp/nix-binary-tarball-unpack.2fjskgl82F/unpack/nix-2.17.0-x86_64-linux/store/jpj9lx0p2h1vs3gkzj8jh350113bsm84-sqlite-3.39.4/lib/libsqlite3.so.0.8.6': Permission denied
...

These errors seem to be from the nix installer trying to clean up itself.

jetify-com / devbox-install-action

Permissions denied to delete files #13