webhook icon indicating copy to clipboard operation
webhook copied to clipboard

Published 20 hours ago verified publisher icon adnanh

webhook snap can't execute command

Open bakwc opened this issue 4 years ago • 13 comments

I have a script with following content:

#!/bin/bash

git pull

Script doesn't work, and there is an error in logs:

line 3: git: command not found

Webhook is running under the same user, standalone script launch is 100% working, git command present in bash.

Why opensource usage is such a pain?

bakwc avatar Apr 29 '21 14:04 bakwc

It appears you are running webhook in an environment where it does not inherit the environment variables from your user/process and therefore $PATH is undefined. So you either need to define it, or give the full path to the binary.

Why opensource usage is such a pain?

There is a saying that goes "What goes around, comes around". Maybe you are just the one that is painful to work with? ;-)

fbartels avatar Apr 29 '21 16:04 fbartels

$PATH is defined, I made "echo $PATH > log.txt" and everything exists in path.

bakwc avatar Apr 29 '21 18:04 bakwc

If you use the full path to the git binary, does it work?

moorereason avatar Apr 29 '21 19:04 moorereason

No, it gives:

/usr/bin/git: No such file or directory

I already tried with passing working directory and without passing anything, nothing works.

bakwc avatar Apr 29 '21 19:04 bakwc

What version of webhook and how did you install it?

Check your file permissions. Does the user running the webhook service have access to execute the git binary? Are you using selinux or anything would prevent the webhook service from execution git?

moorereason avatar Apr 29 '21 19:04 moorereason

Version: 2.8.0 Installed and run via snap:

fippo@mainserver:~/koding/myapp/server$ snap run webhook -port 1111 -hooks /home/fippo/webhooks/hooks.json -verbose
[webhook] 2021/04/29 22:30:17 version 2.8.0 starting
[webhook] 2021/04/29 22:30:17 setting up os signal watcher
[webhook] 2021/04/29 22:30:17 attempting to load hooks from /home/fippo/webhooks/hooks.json
[webhook] 2021/04/29 22:30:17 found 1 hook(s) in file
[webhook] 2021/04/29 22:30:17 	loaded: myapp
[webhook] 2021/04/29 22:30:17 serving hooks on http://0.0.0.0:1111/hooks/{id}
[webhook] 2021/04/29 22:30:17 os signal watcher ready
[webhook] 2021/04/29 22:30:50 [7e2a2d] incoming HTTP GET request from 172.28.0.1:61274
[webhook] 2021/04/29 22:30:50 [7e2a2d] myapp got matched
[webhook] 2021/04/29 22:30:50 [7e2a2d] error parsing body payload due to unsupported content type header:
[webhook] 2021/04/29 22:30:50 [7e2a2d] myapp hook triggered successfully
[webhook] 2021/04/29 22:30:50 [7e2a2d] 200 | 8 B | 428.822µs | 123.1.1.1:1111 | GET /hooks/myapp
[webhook] 2021/04/29 22:30:50 [7e2a2d] executing /home/fippo/koding/myapp/server/deploy.sh (/home/fippo/koding/myapp/server/deploy.sh) with arguments ["/home/fippo/koding/myapp/server/deploy.sh"] and environment [] using  as cwd
[webhook] 2021/04/29 22:30:50 [7e2a2d] command output: /bin/bash: warning: setlocale: LC_ALL: cannot change locale (en_US.UTF-8)
/home/fippo/koding/myapp/server/deploy.sh: line 3: /usr/bin/git: No such file or directory
/home/fippo/koding/myapp/server/deploy.sh: line 5: docker: command not found
/home/fippo/koding/myapp/server/deploy.sh: line 6: docker: command not found
/home/fippo/koding/myapp/server/deploy.sh: line 7: docker: command not found
/home/fippo/koding/myapp/server/deploy.sh: line 8: docker: command not found

Does the user running the webhook service have access to execute the git binary

Sure

Are you using selinux or anything would prevent the webhook service from execution git?

Nothing, just regular ubuntu (slightly old, 16.04).

bakwc avatar Apr 29 '21 19:04 bakwc

I don't use snaps, but I'm assuming that's the problem.

Cc: @adnanh

moorereason avatar Apr 29 '21 20:04 moorereason

there are no configuration hooks and vars in snap, so I'd assume it won't work from snap

slntopp avatar Jul 15 '21 22:07 slntopp

May be it is a good idea at least to mention in README.md that snap version have some limitations?

bakwc avatar Jul 15 '21 22:07 bakwc

Pretty much indeed🤷‍♂️

slntopp avatar Jul 15 '21 22:07 slntopp

I don't know how snap works and I wanted to give it a try by installing the latest version of webhook. I did not find any information for the configuration, how to edit the service or where I have to put the configuration file. I think the app is sandboxed like apps on macOS. Webhook is installed in strict mode. I think you can't execute /usr/bin/git because you are not allowed to do that, but you can run deploy.sh because it's in your home directory. With snap interfaces we see that webhook have :network :network-bind and home. Confinement could be great for this app, but as Webhook executes shell scripts that probably use a lot of binaries and directories outside the home folder, maybe it's not suitable for snapd...

atika avatar Dec 07 '21 01:12 atika

+1, I have the same behavior in centos

vallemar avatar Dec 15 '21 22:12 vallemar

I have some knowledge about snaps. There are various interfaces and tools to poke holes in the sandbox, but I agree that with a tool like this the sandbox make little sense. My suggestion it make it a "classic snap" with is a snap package without a sandbox. A classic snap needs to be manually approved by Canonical, I think this tool have a good case why it should be approved.

It can still be useful to use the snap store for discoverability and ease of installation for users. If not, I suggest that you merge #566 and unpublish the snap from the store.

Let me know if you need any help.

nsg avatar Mar 10 '22 14:03 nsg