docker-cmd-file not working

[lazytesting]

This issue is maybe related to https://github.com/renovatebot/github-action/issues/794 but that one does not contains a solution and I still got a stable reproduction scenario.

1. In the action config file I set:

   with:
         docker-cmd-file: example/entrypoint.sh

2. In the logs I see

   /usr/bin/docker run --env LOG_LEVEL --env RENOVATE_TOKEN=*** --env RENOVATE_CONFIG_FILE=/github-action/renovate-config.js --volume /home/runner/work/test-renovate/test-renovate/example/renovate-config.js:/github-action/renovate-config.js --volume /home/runner/work/test-renovate/test-renovate/example/entrypoint.sh:/entrypoint.sh --user root --volume /tmp:/tmp --rm ghcr.io/renovatebot/renovate:37.175.3 /entrypoint.sh
   ...some unrelevant log lines...
   DEBUG: CLI config "config": {"repositories": ["/entrypoint.sh"]}

3. It seems that the /entrypoint.sh argument for docker run is not running the custom entrypoints script

4. I think renovate gets called with this argument, like this:

   renovate /entrypoint.sh

   this would explain why it sees a cli config with this value als repositories at least.

I took the examples from this project and stripped it down to a minimal reproduction path. code: https://github.com/lazytesting/test-renovate action run: https://github.com/lazytesting/test-renovate/actions/runs/7829422258/job/21361374380

The strange thing is that it seems to work in the e2e test github action of this project but I cannot see the difference.

[viceice]

I'm pretty sure it this test which fails: https://github.com/renovatebot/docker-renovate/blob/e0c1bdc511c5c7e912f2b45a669be07447e52cdd/bin/docker-entrypoint.sh#L13

This needs a community contribution to fix, because we don't use this.

[lazytesting]

Happy to contribute but I lack a bit of context. What I don't understand is why that file gets called, I would expect that it gets overriden with the docker-cmd-file setting or do I miss something?

[viceice]

I don't really know whats going wrong, but here is a working example on our ci https://github.com/renovatebot/github-action/blob/fd4ca43dc25c8a99795c6b65ef99c5e46ad33e2f/.github/workflows/build.yml#L104

[lazytesting]

Finally found it... it was the execution permission after all. I did set them but not in the correct way...

If you like it, I with the following changes:

• add the executable part to the documentation
• add a validation that the file is executable

[viceice]

sure, go ahead

[1oglop1]

@viceice Can we update the description of docker-cmd-file 1) it is misleading because it is executing the docker entry point and not CMD 2) It requires a root user to execute (also noticeable in the example you linked) https://github.com/renovatebot/renovate/blob/9d3b4858525253df45dadc50ebe61ce5b2658628/tools/docker/Dockerfile#L86C1-L86C11

[viceice]

sure, feel free to open a PR 🤗

[1oglop1]

sure, feel free to open a PR 🤗

@viceice Please take a look at https://github.com/renovatebot/github-action/pull/866 I believe it should clarify what the parameter does. PS. I also read #783 and I agree with you "I do not like it". As a maintainer, I'd encourage the user to fork the action or just use the plain docker command to lower the maintenance burden here. IMO the best solution would be to drop the parameter if you do not use it.