CI jobs failing after v0.7.10 images were published #848
Assignees
Labels
Milestone
Comments
|
This is a slightly older report, but may be relevant to what I'm seeing here: The reporter used these commands to generate diffs of the images:
I'll lookup how to obtain that tool and run the first command. |
|
Digging around, the consensus is that it's related to recent Git updates. The workarounds appear to be providing a "safe directory" for the checked out Git repos. Oddly enough, the GHAWs are already doing this? For example, from the and then the next step: This command is being run:
and that is the path referenced by the earlier code checkout?
|
|
Explicitly downgraded the shared CI workflows from using the |
It did, but only after I asked for all jobs to be re-ran. Re-running just the failed jobs seemed to continue referencing the |
$ docker container run -it --rm -v $PWD:$PWD -w $PWD ghcr.io/atc0005/go-ci:go-ci-stable-v0.7.9-0-gdf9564d3 git --version
git version 2.30.2
$ docker container run -it --rm -v $PWD:$PWD -w $PWD ghcr.io/atc0005/go-ci:go-ci-stable-v0.7.10-0-gcc0a2418 git --version
git version 2.30.2 |
Installed the tool per directions on https://github.com/GoogleContainerTools/container-diff $ container-diff diff --type=apt ghcr.io/atc0005/go-ci:go-ci-stable-v0.7.9-0-gdf9564d3 ghcr.io/atc0005/go-ci:go-ci-stable-v0.7.10-0-gcc0a2418
-----Apt-----
Packages found only in ghcr.io/atc0005/go-ci:go-ci-stable-v0.7.9-0-gdf9564d3: None
Packages found only in ghcr.io/atc0005/go-ci:go-ci-stable-v0.7.10-0-gcc0a2418: None
Version differences:
PACKAGE IMAGE1 (ghcr.io/atc0005/go-ci:go-ci-stable-v0.7.9-0-gdf9564d3) IMAGE2 (ghcr.io/atc0005/go-ci:go-ci-stable-v0.7.10-0-gcc0a2418)
-curl 7.74.0-1.3 deb11u3, 429K 7.74.0-1.3 deb11u5, 430K
-git 1:2.30.2-1, 34.2M 1:2.30.2-1 deb11u1, 34.3M
-git-man 1:2.30.2-1, 1.8M 1:2.30.2-1 deb11u1, 1.8M
-libcurl3-gnutls 7.74.0-1.3 deb11u3, 735K 7.74.0-1.3 deb11u5, 736K
-libcurl4 7.74.0-1.3 deb11u3, 739K 7.74.0-1.3 deb11u5, 740K
-linux-libc-dev 5.10.158-2, 5.7M 5.10.162-1, 5.7Mgit package version diff: -1:2.30.2-1
+1:2.30.2-1 deb11u1 |
root@7c4235dc9081:/home/ubuntu/Desktop# apt list -a git
Listing... Done
git/stable-security,now 1:2.30.2-1+deb11u1 amd64 [installed]
git/stable 1:2.30.2-1 amd64
root@7c4235dc9081:/home/ubuntu/Desktop# dpkg -l | grep git
ii dash 0.5.11+git20200708+dd9ef66-5 amd64 POSIX-compliant shell
ii git 1:2.30.2-1+deb11u1 amd64 fast, scalable, distributed revision control system
ii git-man 1:2.30.2-1+deb11u1 all fast, scalable, distributed revision control system (manual pages)
ii librtmp1:amd64 2.4+20151223.gitfa8646d.1-2+b2 amd64 toolkit for RTMP streams (shared library)
root@7c4235dc9081:/home/ubuntu/Desktop# apt-get install git=1:2.30.2-1
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
Suggested packages:
gettext-base git-daemon-run | git-daemon-sysvinit git-doc git-el git-email git-gui gitk gitweb git-cvs git-mediawiki git-svn
Recommended packages:
patch less
The following packages will be DOWNGRADED:
git
0 upgraded, 0 newly installed, 1 downgraded, 0 to remove and 2 not upgraded.
Need to get 5527 kB of archives.
After this operation, 22.5 kB disk space will be freed.Downgrading is an option, at least for now. |
atc0005
added a commit
that referenced
this issue
Feb 11, 2023
Work around potential "dubious ownership" complaints from Git regarding the workspace used by GitHub task runners by explicitly marking the current working directory as trusted. Since we're not sharing that space with other user accounts this should be a safe assumption to make. refs GH-848
atc0005
added a commit
to atc0005/shared-project-resources
that referenced
this issue
Feb 11, 2023
Swap from hard-coded version (used as a workaround) of images from the atc0005/go-ci project to using a GitHub Actions Workflow variable set at the top of each workflow. As of this commit we've switched back to the `latest` tag for each image, but we can now easily switch all atc0005/go-ci images to a specific version for testing purposes in the future. refs GH-56 refs atc0005/go-ci#848
atc0005
added a commit
to atc0005/shared-project-resources
that referenced
this issue
Feb 11, 2023
Work around potential "dubious ownership" complaints from Git regarding the workspace used by GitHub task runners by explicitly marking the current working directory as trusted after checking out content from the repo. Since we're not sharing that space with other user accounts this should be a safe assumption to make. refs atc0005/go-ci#848
atc0005
added a commit
to atc0005/shared-project-resources
that referenced
this issue
Feb 11, 2023
This container image does not use Git for any of its operations so we skip this step, but leave the commented out task as an explicit indicator that we're not performing that step (for a reason). refs atc0005/go-ci#848
|
Workarounds applied at the workflow level:
|
This was done to avoid making a change directly at the image level that could impact other users. |
atc0005
added a commit
to atc0005/mysql2sqlite
that referenced
this issue
Feb 11, 2023
Work around potential "dubious ownership" complaints from Git regarding the workspace used by GitHub task runners by explicitly marking the current working directory as trusted. Since we're not sharing that space with other user accounts this should be a safe assumption to make. refs atc0005/go-ci#848
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Overview
After the v0.7.10 images were uploaded I began working on a new release for a different project. As part of a routine CHANGELOG PR the CI jobs began falling over:
Example of a CI failure involving the
ghcr.io/atc0005/go-ci:go-ci-stable-mirror-buildimage:Example of a CI failure involving the
ghcr.io/atc0005/go-ci:go-ci-stableimage:References
go buildfails to read vcs info when .git is owned by a different user golang/go#53532The text was updated successfully, but these errors were encountered: