tailscale / gitops-acl-action

GitOps for your Tailscale ACLs
85 stars 25 forks source link

Gitops action failed due to missing exec 'git' #15

Closed adrsham closed 1 year ago

adrsham commented 1 year ago

Hi there,

Been using gitops-acls actions for 2 months and things have been good. The last change to policy.hujson passed Nov 26, 2022, but today when I pushed a change the gitops-acls failed.

Snippet of the logs from the failed run.

Step 1/6 : FROM golang:1.18.4-alpine3.16 AS build
   ---> 759ab1463be2
  Step 2/6 : RUN go install tailscale.com/cmd/gitops-pusher@gitops-1.30.0
   ---> Running in 25d9d3fc80b5
  go: tailscale.com/cmd/gitops-pusher@gitops-1.30.0: git init --bare in /go/pkg/mod/cache/vcs/9bf93cdd5e3615[52](https://github.com/adrsham/tailscale/actions/runs/3555183448/jobs/6175193349#step:2:52)fb70627875b91a00b92696cf79a2eee79c8a40cf76585c67: exec: "git": executable file not found in $PATH
  The command '/bin/sh -c go install tailscale.com/cmd/gitops-pusher@gitops-1.30.0' returned a non-zero code: 1

Error: Docker build failed with exit code 1

From what I know, nothing has changed on my end, secrets are not yet expired, and even just rerunning a job that passed in Nov 26, 2022 triggers this failure.

Let me know if more details are needed, thanks for taking a look.

DentonGentry commented 1 year ago

exec: "git": executable file not found in $PATH

Something about the base image?

adrsham commented 1 year ago

do you mean golang:1.18.4-alpine3.16? Seems like it hasn't been changed in 4 months so should be unrelated?

michael-staffa commented 1 year ago

Having the same issue on mine. Can't see any recent changes to dependencies that might cause a change.

michael-staffa commented 1 year ago

Couldn't duplicate the issue locally. Would try testing the GitHub runner itself.

/home/user/tmp/gitops-acl-action # docker build -t ts-acl-action ./
Sending build context to Docker daemon  134.7kB
Step 1/6 : FROM golang:1.18.4-alpine3.16 AS build
 ---> 759ab1463be2
Step 2/6 : RUN go install tailscale.com/cmd/gitops-pusher@gitops-1.30.0
 ---> Running in a1062fd72447
go: downloading tailscale.com v1.30.1-0.20220901215746-b14e31831a1d
go: downloading github.com/tailscale/hujson v0.0.0-20220630195928-54599719472f
go: downloading github.com/peterbourgon/ff/v3 v3.1.2
Removing intermediate container a1062fd72447
 ---> 0948a8fc0afd
Step 3/6 : FROM alpine:3.16
3.16: Pulling from library/alpine
ca7dd9ec2225: Pull complete 
Digest: sha256:b95359c2505145f16c6aa384f9cc74eeff78eb36d308ca4fd902eeeb0a0b161b
Status: Downloaded newer image for alpine:3.16
 ---> bfe296a52501
Step 4/6 : COPY --from=build /go/bin/gitops-pusher /usr/local/bin/gitops-pusher
 ---> 890f7a10d91a
Step 5/6 : COPY ./entrypoint.sh /entrypoint.sh
 ---> c482d7b46d50
Step 6/6 : ENTRYPOINT ["/entrypoint.sh"]
 ---> Running in 634c91439fe5
Removing intermediate container 634c91439fe5
 ---> 70387deb1a0e
Successfully built 70387deb1a0e
Successfully tagged ts-acl-action:latest
michael-staffa commented 1 year ago

Yes indeed, this seems to be a problem with the default GitHub runner on ubuntu:latest.

Created a self-hosted runner on my local machine, modified my workflow to point at it, and reran the action. It completed successfully.

√ Connected to GitHub

Current runner version: '2.299.1'
2022-12-09 12:06:41Z: Listening for Jobs
2022-12-09 12:08:04Z: Running job: acls
2022-12-09 12:08:13Z: Job acls completed with result: Succeeded

image

michael-staffa commented 1 year ago

@adrsham For a temporary workaround I would suggest a simple self-hosted runner. I'll do some more testing and look at opening a bug report with GitHub in the meantime.

--- Edit ---

This seems to be resolved for me now. Either a fluke or GitHub realised and fixed it already.

DentonGentry commented 1 year ago

If it comes up again, choosing the ubuntu-20.04 image may also resolve it.

They're in the middle of transitioning ubuntu:latest from 20.04 to 22.04. As I understand it, right now ubuntu:latest can get either one with a gradual ramp up of 22.04.

adrsham commented 1 year ago

Thanks folks, hardcoding to 20.04 worked for me.

file .github/workflows/tailscale.yml

jobs:
  acls:
    runs-on: ubuntu-20.04

Should that be in the documentation? I believe in the Docker world, using latest is generally not recommended?

adrsham commented 1 year ago

https://tailscale.com/kb/1204/gitops-acls/#set-up-your-gitops-configuration this page is also missing the latest caching fix to tailscale.yml?

DentonGentry commented 1 year ago

https://tailscale.com/kb/1204/gitops-acls/#set-up-your-gitops-configuration this page is also missing the latest caching fix to tailscale.yml?

https://tailscale.com/kb/1204/gitops-acls/#set-up-your-gitops-configuration doesn't include a caching config at all, to keep the article shorter and simpler. The expectation is that if you've decided to customize the Action for your own use, you'll add whatever else is needed. If you use the action Tailscale provides, you get a caching config.

Should that be in the documentation?

This seems like a transient failure based on something GitHub did in the base image, and then resolved. I don't expect to document it.

adrsham commented 1 year ago
jobs:
  acls:
    runs-on: ubuntu-22.04

I tested again using 22.04, and it passed.

Since this is a transient issue, closing issue. Thanks for the help