github-action icon indicating copy to clipboard operation
github-action copied to clipboard
verified publisher icon renovatebot

docker-cmd-file not working

Open lazytesting opened this issue 1 year ago • 8 comments

This issue is maybe related to https://github.com/renovatebot/github-action/issues/794 but that one does not contains a solution and I still got a stable reproduction scenario.

  1. In the action config file I set:
 with:
          docker-cmd-file: example/entrypoint.sh
  1. In the logs I see
/usr/bin/docker run --env LOG_LEVEL --env RENOVATE_TOKEN=*** --env RENOVATE_CONFIG_FILE=/github-action/renovate-config.js --volume /home/runner/work/test-renovate/test-renovate/example/renovate-config.js:/github-action/renovate-config.js --volume /home/runner/work/test-renovate/test-renovate/example/entrypoint.sh:/entrypoint.sh --user root --volume /tmp:/tmp --rm ghcr.io/renovatebot/renovate:37.175.3 /entrypoint.sh
...some unrelevant log lines...
DEBUG: CLI config "config": {"repositories": ["/entrypoint.sh"]}
  1. It seems that the /entrypoint.sh argument for docker run is not running the custom entrypoints script
  2. I think renovate gets called with this argument, like this:
renovate /entrypoint.sh

this would explain why it sees a cli config with this value als repositories at least.

I took the examples from this project and stripped it down to a minimal reproduction path. code: https://github.com/lazytesting/test-renovate action run: https://github.com/lazytesting/test-renovate/actions/runs/7829422258/job/21361374380

The strange thing is that it seems to work in the e2e test github action of this project but I cannot see the difference.

lazytesting avatar Feb 08 '24 12:02 lazytesting

I'm pretty sure it this test which fails: https://github.com/renovatebot/docker-renovate/blob/e0c1bdc511c5c7e912f2b45a669be07447e52cdd/bin/docker-entrypoint.sh#L13

This needs a community contribution to fix, because we don't use this.

viceice avatar Feb 08 '24 12:02 viceice

Happy to contribute but I lack a bit of context. What I don't understand is why that file gets called, I would expect that it gets overriden with the docker-cmd-file setting or do I miss something?

lazytesting avatar Feb 08 '24 13:02 lazytesting

I don't really know whats going wrong, but here is a working example on our ci https://github.com/renovatebot/github-action/blob/fd4ca43dc25c8a99795c6b65ef99c5e46ad33e2f/.github/workflows/build.yml#L104

viceice avatar Feb 08 '24 13:02 viceice

Finally found it... it was the execution permission after all. I did set them but not in the correct way...

If you like it, I with the following changes:

  • add the executable part to the documentation
  • add a validation that the file is executable

lazytesting avatar Feb 09 '24 08:02 lazytesting

sure, go ahead

viceice avatar Feb 09 '24 10:02 viceice

@viceice Can we update the description of docker-cmd-file

  1. it is misleading because it is executing the docker entry point and not CMD
  2. It requires a root user to execute (also noticeable in the example you linked) https://github.com/renovatebot/renovate/blob/9d3b4858525253df45dadc50ebe61ce5b2658628/tools/docker/Dockerfile#L86C1-L86C11

1oglop1 avatar Oct 03 '24 10:10 1oglop1

sure, feel free to open a PR 🤗

viceice avatar Oct 03 '24 14:10 viceice

sure, feel free to open a PR 🤗

@viceice Please take a look at https://github.com/renovatebot/github-action/pull/866 I believe it should clarify what the parameter does. PS. I also read #783 and I agree with you "I do not like it". As a maintainer, I'd encourage the user to fork the action or just use the plain docker command to lower the maintenance burden here. IMO the best solution would be to drop the parameter if you do not use it.

1oglop1 avatar Oct 03 '24 21:10 1oglop1