cms
cms copied to clipboard
craftcms
[4.5.4]: file_put_contents() permissions error in Github Actions build/deploy to GCP
What happened?
Description
Craft CMS v4.5.4 seems to Docker build and start just fine locally, but when we build in the Github Actions environment and deploy to Google Cloud's App Engine environment we see the following error in the Github Actions logs during bootstrap:
error: file_put_contents(/var/www/html/composer.json): Failed to open stream: Permission denied
Craft v4.5.3 appears to build and deploy fine. I noticed that there have been changed to src/services/Composer.php and I am wondering if they are the culprit?
We are assigning the Apache www-data user with read/write permissions in our Dockerfile.
Steps to reproduce
- Add
composer.jsoncontents - Run Craft CMS from Dockerfile
- Run Github Actions build
- If possible, deploy to GCP
Expected behavior
Docker image builds, deploys, starts fine.
Actual behavior
Docker image appears to build, but bootstrapping appears to error with file_put_contents() permissions error.
Craft CMS version
4.5.4
PHP version
8.1
Operating system and version
Debian 11 (in Docker)
Database type and version
No response
Image driver and version
No response
Installed plugins and versions
{
"require": {
"carlcs/craft-assetmetadata": "^4.0",
"castiron/next-builds": "^1.0",
"craftcms/aws-s3": "2.0.3",
"craftcms/cms": "4.5.4",
"craftcms/contact-form": "3.0.1",
"craftcms/contact-form-honeypot": "^2.0.0",
"craftcms/google-cloud": "^2.0.0",
"craftcms/redactor": "3.0.4",
"jamesedmonston/graphql-authentication": "2.5.0",
"lsst-epo/canto-dam-assets": "dev-develop-v4",
"lsst/canto-dam-integrator": "dev-EPO-7854#v0.3.2",
"rynpsc/craft-phone-number": "^2.1.0",
"sebastianlenz/linkfield": "^2.1.4",
"spicyweb/craft-neo": "3.8.6",
"venveo/craft-bulkedit": "4.0.1",
"verbb/super-table": "3.0.9",
"vlucas/phpdotenv": "^3.4.0",
"wrav/oembed": "^2.2.2"
},
"repositories": [
{
"type": "vcs",
"url": "https://github.com/lsst-epo/craft-canto-dam-integrator.git"
},
{
"type": "vcs",
"url": "https://github.com/lsst-epo/canto-dam-assets.git"
},
{
"type": "path",
"url": "plugins/nextbuilds"
}
],
"require-dev": {
"yiisoft/yii2-shell": "^2.0.5"
},
"autoload": {
"psr-4": {
"modules\\": "modules/",
"modules\\userregistrationmodule\\": "modules/userregistrationmodule/src/"
}
},
"config": {
"sort-packages": true,
"optimize-autoloader": true,
"platform": {
"php": "8.1.10"
},
"allow-plugins": {
"yiisoft/yii2-composer": true,
"craftcms/plugin-installer": true
}
},
"scripts": {
"post-root-package-install": [
"@php -r \"file_exists('.env') || copy('.env.example', '.env');\""
]
},
"minimum-stability": "dev",
"prefer-stable": true
}
I don't know the specifics of your GHA or Docker file, but Craft does require write access to that file:
https://craftcms.com/docs/4.x/requirements.html#permissions
The error indicates that that isn't happening right now, so I'd double check the permissions and ownership on that file against Apache'swww-data user.
The error indicates that that isn't happening right now, so I'd double check the permissions and ownership on that file against Apache's
www-datauser.
I can confirm that when built and started locally the composer.json is owned by www-data and has the correct permissions.
And what's odd is that the only change between the build/deploy succeeded and Craft starting up successfully is the version bump from v4.5.3 => v4.5.4
It’s definitely odd - I would be suspicious of a change from Craft 4.4.x to Craft 4.5.x because we changed some things on how Composer works internally starting with 4.5.
However, nothing is jumping out at me that would cause this issue when comparing 4.5.3 to 4.5.4.
https://github.com/craftcms/cms/compare/4.5.3...4.5.4
Going to go ahead and close this for lack of activity, but OP feel free to comment back and we can reopen as necessary.