search

terraform-docs / gh-actions

A Github action for generating Terraform module documentation using terraform-docs and gomplate
Apache License 2.0
144 stars 61 forks source link

insufficient permission for adding an object to repository database .git/objects error: Error building trees #90

Open marcofranssen opened 2 years ago

marcofranssen commented 2 years ago

Describe the bug

On a small new repo this action creates new folders in the .git/objects folder. These objects are owned by root:root as opposed to runner:docker. Therefore any other actions fail when trying to write to git.

How can we reproduce it?

See the logs of this workflow run:

https://github.com/marcofranssen/terraform-provider-curl/actions/runs/2909746851

Environment information

Ubuntu GitHub runner.

marcofranssen commented 2 years ago

Probably this is the root cause https://github.com/terraform-docs/gh-actions/issues/50

marcofranssen commented 2 years ago

For now I workarround the issue as following:

      - name: Debug
        run: |
          ls -lha .git
          ls -lha .git/objects

      - name: Update module docs
        uses: terraform-docs/gh-actions@v1.0.0
        with:
          working-dir: examples/${{ matrix.module }}
          output-file: README.md
          output-method: inject
          git-push: "false"

      - name: Debug
        run: |
          ls -lha .git
          ls -lha .git/objects

      - name: Fix .git owner
        run: sudo chown runner:docker -R .git

      - name: Debug
        run: |
          ls -lha .git
          ls -lha .git/objects

Doing the sudo chown runner:docker -R .git fixes the problem for any next steps like creating a PR in my workflow.

ocobles commented 1 year ago

I'm experimenting exactly same issue, using git-push: "false" and it fails committing changes in next step

 runs-on: ubuntu-latest
...
 - name: Render terraform docs inside the main and the modules README.md files
    id: terraform-docs
    uses: terraform-docs/gh-actions@v1.0.0
    with:
      find-dir: .
      args: --sort-by required
      indention: 3
      git-push: "false"

  - name: Create Pull Request
     ...

@marcofranssen's workaround solves the issue but I would like to understand the cause. What's weird to me is that it was working fine, but suddenly it started crashing. I compared both workflows and with the same versions for all actions (same SHA), the only difference between the previous job that works and now is a new version of the image runner, I can't test with the old version as it's impossible to specify an image version.