runner-images icon indicating copy to clipboard operation
runner-images copied to clipboard

Published 20 hours ago verified publisher icon actions

`bundle install` with cached Ruby version fails

Open rafalhejna opened this issue 7 months ago • 13 comments

Description

Running bundle install is fine when we're using the non-cached version of Ruby on the previous Ubuntu runner image version

2024-07-10T14:37:33.9769136Z Current runner version: '2.317.0' 2024-07-10T14:37:33.9790402Z ##[group]Operating System 2024-07-10T14:37:33.9790998Z Ubuntu 2024-07-10T14:37:33.9791488Z 22.04.4 2024-07-10T14:37:33.9791825Z LTS 2024-07-10T14:37:33.9792186Z ##[endgroup] 2024-07-10T14:37:33.9792700Z ##[group]Runner Image 2024-07-10T14:37:33.9793146Z Image: ubuntu-22.04 2024-07-10T14:37:33.9793536Z Version: 20240630.1.0 2024-07-10T14:37:33.9794589Z Included Software: https://github.com/actions/runner-images/blob/ubuntu22/20240630.1/images/ubuntu/Ubuntu2204-Readme.md 2024-07-10T14:37:33.9796238Z Image Release: https://github.com/actions/runner-images/releases/tag/ubuntu22%2F20240630.1 (...) 2024-07-10T14:37:38.9526000Z ##[group]Run ruby/setup-ruby@v1 2024-07-10T14:37:38.9526424Z with: 2024-07-10T14:37:38.9526819Z ruby-version: 3.2 2024-07-10T14:37:38.9527225Z working-directory: mfe-deployer-cli 2024-07-10T14:37:38.9527681Z bundler-cache: false 2024-07-10T14:37:38.9528118Z env: 2024-07-10T14:37:38.9528509Z ARTIFACTORY_USER: *** 2024-07-10T14:37:38.9529075Z ARTIFACTORY_SECRET: *** 2024-07-10T14:37:38.9529488Z BUNDLE_GEMFILE: Gemfile 2024-07-10T14:37:38.9529893Z ##[endgroup] 2024-07-10T14:37:39.0813459Z ##[group]Modifying PATH 2024-07-10T14:37:39.0816638Z Entries added to PATH to use selected Ruby: 2024-07-10T14:37:39.0824323Z /opt/hostedtoolcache/Ruby/3.2.4/x64/bin 2024-07-10T14:37:39.0825311Z ##[endgroup] 2024-07-10T14:37:39.0853873Z ##[group]Downloading Ruby 2024-07-10T14:37:39.0856708Z https://github.com/ruby/ruby-builder/releases/download/toolcache/ruby-3.2.4-ubuntu-22.04.tar.gz 2024-07-10T14:37:40.0313603Z Took 0.95 seconds 2024-07-10T14:37:40.0315668Z ##[endgroup] 2024-07-10T14:37:40.0316771Z ##[group]Extracting Ruby 2024-07-10T14:37:40.0351346Z [command]/usr/bin/tar -xz -C /opt/hostedtoolcache/Ruby/3.2.4 -f /home/runner/work/_temp/b8ede50a-14c4-44f2-9367-4e8b6d82f189 2024-07-10T14:37:40.4519673Z Took 0.42 seconds 2024-07-10T14:37:40.4524272Z ##[endgroup] 2024-07-10T14:37:40.4525198Z ##[group]Print Ruby version 2024-07-10T14:37:40.4540984Z [command]/opt/hostedtoolcache/Ruby/3.2.4/x64/bin/ruby --version 2024-07-10T14:37:40.4752622Z ruby 3.2.4 (2024-04-23 revision af471c0e01) [x86_64-linux] 2024-07-10T14:37:40.4776078Z Took 0.03 seconds 2024-07-10T14:37:40.4777092Z ##[endgroup] (...) 2024-07-10T14:37:56.5613666Z Resolving dependencies... 2024-07-10T14:37:56.6730433Z Installing rake 13.2.1 2024-07-10T14:37:56.6900067Z Installing public_suffix 6.0.0 2024-07-10T14:37:56.6986005Z Installing addressable 2.8.7 2024-07-10T14:37:56.7098775Z Installing ast 2.4.2 2024-07-10T14:37:56.7154023Z Installing aws-eventstream 1.3.0 2024-07-10T14:37:56.7199656Z Installing aws-partitions 1.949.0 (...) 2024-07-10T14:38:12.3313472Z Updating files in vendor/cache 2024-07-10T14:38:12.6282042Z Bundle complete! 12 Gemfile dependencies, 87 gems now installed.

But, when using the same Ruby version on the latest ubuntu-22.04 image (which is cached now), the same process fails:

2024-07-11T08:17:45.8734859Z Current runner version: '2.317.0' 2024-07-11T08:17:45.8759431Z ##[group]Operating System 2024-07-11T08:17:45.8760172Z Ubuntu 2024-07-11T08:17:45.8760546Z 22.04.4 2024-07-11T08:17:45.8760878Z LTS 2024-07-11T08:17:45.8761308Z ##[endgroup] 2024-07-11T08:17:45.8761694Z ##[group]Runner Image 2024-07-11T08:17:45.8762218Z Image: ubuntu-22.04 2024-07-11T08:17:45.8762639Z Version: 20240708.1.0 2024-07-11T08:17:45.8763594Z Included Software: https://github.com/actions/runner-images/blob/ubuntu22/20240708.1/images/ubuntu/Ubuntu2204-Readme.md 2024-07-11T08:17:45.8765108Z Image Release: https://github.com/actions/runner-images/releases/tag/ubuntu22%2F20240708.1 (...) 2024-07-11T08:17:49.2356296Z ##[group]Run ruby/setup-ruby@v1 2024-07-11T08:17:49.2356834Z with: 2024-07-11T08:17:49.2357162Z ruby-version: 3.2 2024-07-11T08:17:49.2357748Z working-directory: mfe-deployer-cli 2024-07-11T08:17:49.2358224Z bundler-cache: false 2024-07-11T08:17:49.2358605Z env: 2024-07-11T08:17:49.2359196Z ARTIFACTORY_USER: *** 2024-07-11T08:17:49.2359775Z ARTIFACTORY_SECRET: *** 2024-07-11T08:17:49.2360286Z BUNDLE_GEMFILE: Gemfile 2024-07-11T08:17:49.2360664Z ##[endgroup] 2024-07-11T08:17:49.3649305Z ##[group]Modifying PATH 2024-07-11T08:17:49.3656182Z Entries added to PATH to use selected Ruby: 2024-07-11T08:17:49.3661447Z /opt/hostedtoolcache/Ruby/3.2.4/x64/bin 2024-07-11T08:17:49.3663008Z ##[endgroup] 2024-07-11T08:17:49.3672701Z ##[group]Print Ruby version 2024-07-11T08:17:49.3752651Z [command]/opt/hostedtoolcache/Ruby/3.2.4/x64/bin/ruby --version 2024-07-11T08:17:49.6350374Z ruby 3.2.4 (2024-04-23 revision af471c0e01) [x86_64-linux] 2024-07-11T08:17:49.6384838Z Took 0.27 seconds 2024-07-11T08:17:49.6386482Z ##[endgroup] (...) 2024-07-11T08:18:06.7804824Z Resolving dependencies... 2024-07-11T08:18:06.8980268Z Installing rake 13.2.1 2024-07-11T08:18:06.9163191Z Installing public_suffix 6.0.0 2024-07-11T08:18:06.9254810Z Installing addressable 2.8.7 2024-07-11T08:18:06.9376314Z Installing ast 2.4.2 2024-07-11T08:18:06.9440183Z Installing aws-eventstream 1.3.0 2024-07-11T08:18:06.9521833Z Installing aws-partitions 1.949.0 2024-07-11T08:18:06.9611562Z Installing aws-sigv4 1.8.0 2024-07-11T08:18:06.9662496Z Installing jmespath 1.6.2 2024-07-11T08:18:06.9769621Z Installing aws-sdk-core 3.200.0 2024-07-11T08:18:07.0387049Z Installing aws-sdk-cloudfront 1.95.0 2024-07-11T08:18:07.0584938Z Installing aws-sdk-dynamodb 1.115.0 2024-07-11T08:18:07.0774526Z Installing aws-sdk-kms 1.87.0 2024-07-11T08:18:07.0947666Z Installing aws-sdk-s3 1.155.0 2024-07-11T08:18:07.1433257Z Installing aws-sdk-sts 1.11.0 2024-07-11T08:18:07.1479781Z Installing thread_safe 0.3.6 2024-07-11T08:18:07.1645890Z Installing descendants_tracker 0.0.4 2024-07-11T08:18:07.1735172Z Installing ice_nine 0.11.2 2024-07-11T08:18:07.1908758Z Installing axiom-types 0.1.1 2024-07-11T08:18:07.2097510Z Installing base64 0.2.0 2024-07-11T08:18:07.2135264Z Installing bigdecimal 3.1.8 with native extensions (...) 2024-07-11T08:18:16.4172445Z The installation path is insecure. Bundler cannot continue. 2024-07-11T08:18:16.4174345Z /opt/hostedtoolcache/Ruby/3.2.4/x64/lib/ruby/gems/3.2.0/gems is world-writable 2024-07-11T08:18:16.4175595Z (without sticky bit). 2024-07-11T08:18:16.4176918Z Bundler cannot safely replace gems in world-writeable directories due to 2024-07-11T08:18:16.4222809Z potential vulnerabilities. 2024-07-11T08:18:16.4223945Z Please change the permissions of this directory or choose a different install 2024-07-11T08:18:16.4224961Z path.

Platforms affected

  • [ ] Azure DevOps
  • [X] GitHub Actions - Standard Runners
  • [ ] GitHub Actions - Larger Runners

Runner images affected

  • [ ] Ubuntu 20.04
  • [X] Ubuntu 22.04
  • [ ] Ubuntu 24.04
  • [ ] macOS 12
  • [ ] macOS 13
  • [ ] macOS 13 Arm64
  • [ ] macOS 14
  • [ ] macOS 14 Arm64
  • [ ] Windows Server 2019
  • [ ] Windows Server 2022

Image version and build link

20240708.1.0

Is it regression?

Yes, it worked on 20240630.1.0

Expected behavior

bundle install is successful

Actual behavior

bundle install fails

Repro steps

  1. Create a workflow with ubuntu-latest as a runner image
  2. Prepare a sample Gemfile with couple of gems
  3. Add setup-ruby@v1 step with version 3.2 of Ruby
  4. Add bundle install step
  5. Run the workflow

rafalhejna avatar Jul 11 '24 09:07 rafalhejna