entrypoint.sh exits when RUN_AS_ROOT unset
Rumbles opened this issue · comments
I recently had an issue starting the container, the RUN_AS_ROOT env var was unset, and I got this message in the logs:
ERROR: RUN_AS_ROOT env var is set to true but the user has been overriden and is not running as root
But we are running as root, so this message is confounding... I managed to work around it by setting the env var RUN_AS_ROOT to an empty string.
What's your configuration set as?
docker run -it \
-e REPO_URL="https://github.com/octokode/test1" \
-e RUNNER_NAME="foo-runner" \
-e RUNNER_TOKEN="redact" \
-e DISABLE_AUTO_UPDATE="true" \
-u root \
myoung34/github-runner:latest
works as expected:
Runner reusage is disabled
Disable auto update option is enabled
Configuring
--------------------------------------------------------------------------------
| ____ _ _ _ _ _ _ _ _ |
| / ___(_) |_| | | |_ _| |__ / \ ___| |_(_) ___ _ __ ___ |
| | | _| | __| |_| | | | | '_ \ / _ \ / __| __| |/ _ \| '_ \/ __| |
| | |_| | | |_| _ | |_| | |_) | / ___ \ (__| |_| | (_) | | | \__ \ |
| \____|_|\__|_| |_|\__,_|_.__/ /_/ \_\___|\__|_|\___/|_| |_|___/ |
| |
| Self-hosted runner registration |
| |
--------------------------------------------------------------------------------
# Authentication
√ Connected to GitHub
# Runner Registration
√ Runner successfully added
√ Runner connection is good
# Runner settings
√ Settings Saved.
√ Connected to GitHub
Current runner version: '2.296.0'
2022-08-29 17:05:30Z: Listening for Jobs
✗ docker exec -it e095dce6c262 /bin/bash
root@e095dce6c262:/actions-runner# whoami
root
I'm using the following:
/usr/bin/docker run \
--rm \
--name="github-runner-${REPO}-$1" \
--privileged \
--dns 192.168.200.1 \
--network=host \
-e REPO_URL="https://github.com/${ORG}/${REPO}" \
-e ACCESS_TOKEN="${PAT_TOKEN}" \
-e RUNNER_NAME="teamcity-${REPO}-$1" \
-e RUNNER_WORKDIR="/tmp/github-runner/work_${REPO}-$1" \
-e RUN_AS_ROOT="false" \
-v /var/run/docker.sock:/var/run/docker.sock \
-v /tmp/github-runner:/tmp/github-runner \
-v /dev/log:/dev/log \
-e LABELS="${LABELS}" \
myoung34/github-runner:latest
We never have had user explicitly set in the docker config, previously that worked fine, it looks like the container is being run by root, when you exec in your shell is owned by root... but if I don't have RUN_AS_ROOT set to false I get an error
RUN_AS_ROOT will default to true if its empty or non-existent. If youre setting it to "" it will still end up as true
The only way this is happening is if something is defaulting the user to not be id 0 or root, i simply can't replicate this. the logic in entrypoint.sh is correct in all my testing
in fact if you have -e RUN_AS_ROOT="false" then something is definitely not running it as root.
You can check with $ docker inspect {container id} | jq '.[].Config.User'
II commented on it yes
I have the same issue, I don't specify non-root user anywhere, $ docker inspect {container id} | jq '.[].Config.User' outputs ""
NVM, it works fine with the current latest
And the times when it fails do you have logs that indicate that the entry point failed before it errored with that message
I'm away for Labor Day weekend but I'll sync back up on this on Tuesday