feat: check if required binaries are present#272
Merged
nikola-jokic merged 4 commits intoactions:mainfrom Nov 10, 2025
Merged
Conversation
d34ba95 to
20bbf0c
Compare
Previously the necessary binaries were copied over using the runner container. This lead to issues in case your main container was using the musl libc implementation. Instead of copying over any binaries, the initContainer now checks if the required binaries are present in the main container.
bc73e58 to
3b92a92
Compare
| rm "$0" # remove script after running | ||
| mv /__w/_temp/_github_home /github/home && \ | ||
| mv /__w/_temp/_github_workflow /github/workflow && \ | ||
| mv /__w/_temp/_runner_file_commands /github/file_commands && \ |
Contributor
Author
There was a problem hiding this comment.
The /__w/_temp/_runner_file_commands directory did not exist when I was testing this via container actions, which resulted in the mv command failing.
Collaborator
There was a problem hiding this comment.
What we can do is not fail if it doesn't exist, but this _runner_file_commands is the one containing add_path and other functionalities
I'm not sure why it wasn't present, that is strange
Do you have maybe something I could use to reproduce it?
Contributor
Author
There was a problem hiding this comment.
I will add it again and double check if my findings were correct last week. (It was a busy day).
If the issue still persists I can provide you with something to reproduce it.
Contributor
Author
There was a problem hiding this comment.
I've added the moving of the _runner_file_commands again and the issues pops up.
name: Attempt test staging
on:
workflow_dispatch:
jobs:
staging-test2:
name: "[STG] Container action via staging runner"
runs-on: default-staging
container: my-registry/tm-gha-base:v3 # Just an ubuntu based container running as root
steps:
- uses: TrendMiner/tm-actions-commit-lint@v2The tm-actions-commit-lint action is in a private organization so you will have to use a different action. But basically any container based action should result in this error.
Here is the action.yml of that action.
---
name: Commit Lint Action
description: |
Lints commit messages using commitlint.
For push events, it lints the latest commit.
For pull request events, it lints all commits from base to head.
It is important to note that this action needs to be run in a job where your repository is checked out.
The action requires your full git history to be available. You can do that by using the 'fetch-depth: 0' option.
- name: Checkout repository
uses: actions/checkout@x.y.z
with:
fetch-depth: 0
inputs:
event_name:
description: "GitHub event name"
default: ${{ github.event_name }}
base_sha:
description: "Base SHA for pull request events"
default: ${{ github.event.pull_request.base.sha }}
head_sha:
description: "Head SHA for pull request events"
default: ${{ github.event.pull_request.head.sha }}
runs:
using: docker
entrypoint: /entrypoint.sh
image: "docker://my-repo/tm-commitlint:3.0.0"
args:
- ${{ inputs.event_name }}
- ${{ inputs.base_sha }}
- ${{ inputs.head_sha }}Below is the output from attempting to run the workflow.
Run '/home/runner/k8s/index.js'
##[debug]/home/runner/externals/node20/bin/node /home/runner/k8s/index.js
##[debug]Copying files from pod default-staging-b9kr6-runner-d94br-workflow to /home/runner/_work/tm-pnt-dummy/tm-pnt-dummy
##[debug]Copying from pod default-staging-b9kr6-runner-d94br-workflow /__w to /home/runner/_work/__w
##[debug]internalExecOutput response: {"metadata":{},"status":"Success"}
(node:105) [DEP0005] DeprecationWarning: Buffer() is deprecated due to security and usability issues. Please use the Buffer.alloc(), Buffer.allocUnsafe(), or Buffer.from() methods instead.
(Use `node --trace-deprecation ...` to show where the warning was created)
##[debug]Attempt 1 failed: Error: child process exited with code 2
##[debug]Writing container step script to /home/runner/_work/__w/_temp/fb8735f0-be32-11f0-84c4-6d00f3e880f5.sh
##[debug]Copying /home/runner/_work/__w to pod default-staging-b9kr6-runner-d94br-step-6e5aa24e at /__w
##[debug]internalExecOutput response: {"metadata":{},"status":"Success"}
##[debug]Executing container step script in pod default-staging-b9kr6-runner-d94br-step-6e5aa24e
##[debug]execPodStep response: {"metadata":{},"status":"Failure","message":"command terminated with non-zero exit code: command terminated with exit code 1","reason":"NonZeroExitCode","details":{"causes":[{"reason":"ExitCode","message":"1"}]}}
##[debug]{"message":"command terminated with non-zero exit code: command terminated with exit code 1","details":{"causes":[{"reason":"ExitCode","message":"1"}]}}
mv: can't rename '/__w/_temp/_runner_file_commands': No such file or directory
##[debug]execPodStep failed: {}
Error: Failed to run container step: Error: failed to run script step: Error: command terminated with non-zero exit code: command terminated with exit code 1
Error: Error: failed to run script step: Error: command terminated with non-zero exit code: command terminated with exit code 1
Error: Process completed with exit code 1.
Error: Executing the custom container implementation failed. Please contact your self hosted runner administrator.
##[debug]System.Exception: Executing the custom container implementation failed. Please contact your self hosted runner administrator.
##[debug] ---> System.Exception: The hook script at '/home/runner/k8s/index.js' running command 'RunContainerStep' did not execute successfully
##[debug] at GitHub.Runner.Worker.Container.ContainerHooks.ContainerHookManager.ExecuteHookScript[T](IExecutionContext context, HookInput input, ActionRunStage stage, String prependPath)
##[debug] --- End of inner exception stack trace ---
##[debug] at GitHub.Runner.Worker.Container.ContainerHooks.ContainerHookManager.ExecuteHookScript[T](IExecutionContext context, HookInput input, ActionRunStage stage, String prependPath)
##[debug] at GitHub.Runner.Worker.Container.ContainerHooks.ContainerHookManager.RunContainerStepAsync(IExecutionContext context, ContainerInfo container, String dockerFile)
##[debug] at GitHub.Runner.Worker.Handlers.ContainerActionHandler.RunAsync(ActionRunStage stage)
##[debug] at GitHub.Runner.Worker.ActionRunner.RunAsync()
##[debug] at GitHub.Runner.Worker.StepsRunner.RunStepAsync(IStep step, CancellationToken jobCancellationToken)
##[debug]Finishing: Run tm-actions-commit-lint
Collaborator
There was a problem hiding this comment.
I say leave it in, and we can create a separate PR fixing this issue.
Contributor
Author
There was a problem hiding this comment.
I've added it back, but prevented it from failing, if that is okay for you.
Contributor
Author
|
I wonder if we should also check (and fail) if runner-container-hooks/packages/k8s/src/k8s/utils.ts Lines 293 to 295 in 2934de3 Even though the action does not fail, it probably might be a good idea to also make sure that Run TrendMiner/tm-actions-mvn-spotless@v1
Run actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8
Run '/home/runner/k8s/index.js'
(node:225) [DEP0005] DeprecationWarning: Buffer() is deprecated due to security and usability issues. Please use the Buffer.alloc(), Buffer.allocUnsafe(), or Buffer.from() methods instead.
(Use `node --trace-deprecation ...` to show where the warning was created)
sh: line 1: find: command not found
sh: line 1: find: command not found
sh: line 1: find: command not found
sh: line 1: find: command not found
sh: line 1: find: command not found
sh: line 1: find: command not found
sh: line 1: find: command not found
sh: line 1: find: command not found
sh: line 1: find: command not found
sh: line 1: find: command not found
sh: line 1: find: command not found
sh: line 1: find: command not found
sh: line 1: find: command not found
sh: line 1: find: command not found
sh: line 1: find: command not found
GITHUB_EVENT_PATH /github/workflow/event.json does not exist
GITHUB_EVENT_PATH /github/workflow/event.json does not exist
Syncing repository: TrendMiner/tm-example
Getting Git version info
Temporarily overriding HOME='/__w/_temp/44edf1c7-1a75-4851-85bc-df454d9a80ef' before making global git config changes
Adding repository directory to the temporary git global config as a safe directory |
It seems that for container actions this directory does not exist.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This closes #271 and #266.
Previously the necessary binaries were copied over using the runner container. This lead to issues in case your main container was using the musl libc implementation.
Instead of copying over any binaries, the initContainer now checks if the required binaries are present in the main container.