Executable treated like non executable

[Jollerprutt]

Hi,

I'm having some issues with running ros industrial_ci using this runner.
Running ros-industrial/industrial_ci fails with exit code 126 when executing first script.

Run ros-industrial/industrial_ci@master
  with:
  env:
    ROS_DISTRO: melodic
    ROS_REPO: main
/tmp/github-runner-your-repo2/_temp/659933a1-9012-4c3b-919b-3955de776141.sh: line 1: /tmp/github-runner-your-repo2/_actions/ros-industrial/industrial_ci/master/.github/action.sh: Permission denied
Error: Process completed with exit code 126.

The script is definitely executable.

Started with.

docker run -d --name github-runner9 \
  -e REPO_URL="https://github.com/Jollerprutt/ci_test" \
  -e RUNNER_NAME_PREFIX="arm-runner" \
  -e ACCESS_TOKEN="<redacted>" \
  -e RUNNER_WORKDIR="/tmp/github-runner-your-repo2" \
  -e RUNNER_GROUP="my-group" \
  -e LABELS="linux,arm64,cluster1,safe" \
  -v /var/run/docker.sock:/var/run/docker.sock \
  --tmpfs /tmp/github-runner-your-repo2 \
  --security-opt=label=disable \
  myoung34/github-runner:latest

Job

industrial_ci_arm64:
    strategy:
      matrix:
        env:
          - {ROS_DISTRO: noetic, ROS_REPO: testing}
          - {ROS_DISTRO: noetic, ROS_REPO: main}
          - {ROS_DISTRO: melodic, ROS_REPO: main}
    runs-on: [self-hosted, linux, ARM64, safe]
    steps:
      - uses: actions/checkout@v1
      - uses: 'ros-industrial/industrial_ci@master'
        env: ${{matrix.env}}

Runs on a RPi4 with ubuntu 18.04.

If I create a container from scratch and install the actions runner with the official script the problem does not occur, so it is most likely related to myoung34/github-runner.
Also the github hosted hosts run it with no issue.

Any idea what could be causing this?
Thanks in advance :)

[myoung34]

having a shebang line #!/bin/bash doesnt make it executable. You need to probably need to chmod +x that script to be safe or check permissions.

There's not much I can do here, I'm not sure how to troubleshoot a third party repo but this one seems to work with all the other workflows thrown at it.

[RainbowMango]

Hi @myoung34 ,
I have a script and it's executable:

-rwxr-xr-x  1 root root  697 Nov 11 10:03 verify-codegen.sh

The job is

  codegen:
    name: codegen
    runs-on: self-hosted
    steps:
      - name: checkout code
        uses: actions/checkout@v2
      - name: install Go
        uses: actions/setup-go@v2
        with:
          go-version: 1.14.x
      - name: verify codegen
        run: hack/verify-codegen.sh

The same job runs all well before, but after I switched to selfhost-runner, it always has Permission issue:

/tmp/github-runner-your-repo/_temp/596a7601-8880-4e26-a527-96d9ba0f3a8c.sh: line 1: hack/verify-codegen.sh: Permission denied

PS: I'm running with deployment.

[myoung34]

@RainbowMango @Jollerprutt The reason I can't help you is because as a base: there's nothing preventing this from workign as far as this project is concerned.

To prove that this works as expected:

$ docker run \
  -e REPO_URL="https://github.com/OctoKode/test1" \
  -e RUNNER_NAME="foo-runner" \
  -e RUNNER_TOKEN="redact" \
  -v /var/run/docker.sock:/var/run/docker.sock \
  myoung34/github-runner:latest

And committed this test push: OctoKode/test1@ce44c44

Its essentially the same as your verify codegen as far as executing is concerned:

name: Test

on: [push]

jobs:
  test:
    runs-on: self-hosted
    steps:
    - uses: actions/checkout@v1
    - name: ls
      run: ls -alh; pwd
    - name: verify codegen
      run: ./test.sh

where test.sh is +x and

#!/bin/bash
echo something

which gives me:

√ Connected to GitHub
2021-03-21 20:54:32Z: Running job: test
2021-03-21 20:54:37Z: Job test completed with result: Succeeded

From the runner

The output is here: https://github.com/OctoKode/test1/runs/2161381995?check_suite_focus=true

There's absolutely nothing keeping .sh files from executing. Youll need to dig into what permissions, location, etc is syncing and possibly preventing the execution, but again: nothing here is preventing these scripts from working.

[RainbowMango]

@myoung34 Thanks. I added bash before each script and that works.

      - name: verify codegen
        run: bash hack/verify-codegen.sh

I don't know why.

[myoung34]

my guess is that whatever FS driver youre using is losing the +x

if you do a ls -alh i bet it will coincide

[makarov-roman]

This is because docker mounts tmpfs with noexec flag. More info here
Edit: That I said above is relevant for --mount type=tmpfs. Apparently you can use --tmpfs with exec flag as workaround
e.g.

docker run -d --name github-runner9 \
  -e REPO_URL="https://github.com/Jollerprutt/ci_test" \
  -e RUNNER_NAME_PREFIX="arm-runner" \
  -e ACCESS_TOKEN="<redacted>" \
  -e RUNNER_WORKDIR="/tmp/github-runner-your-repo2" \
  -e RUNNER_GROUP="my-group" \
  -e LABELS="linux,arm64,cluster1,safe" \
  -v /var/run/docker.sock:/var/run/docker.sock \
  --tmpfs /tmp/github-runner-your-repo2:exec \
  --security-opt=label=disable \
  myoung34/github-runner:latest