act
act copied to clipboard
nektos
Terraform commands failed with permission denied when using hashicorp-setup-terraform@v1 on Windows
The workflow works as expected from WSL, but from the WIndows client, act is unable to execute commands.
There is a little bit of additional context in #437.
Debug output for the hashicorp-setup-terraform step.
[Dev/Terraform] 💬 ::debug::Terraform CLI path is /tmp/a7dfec18-44fa-4226-ab7e-88a951b1d926.
[Dev/Terraform] 💬 ::debug::Moving /tmp/a7dfec18-44fa-4226-ab7e-88a951b1d926/terraform to /tmp/a7dfec18-44fa-4226-ab7e-88a951b1d926/terraform-bin.
[Dev/Terraform] 💬 ::debug::Copying /actions/hashicorp-setup-terraform@v1/dist/index1.js to /tmp/a7dfec18-44fa-4226-ab7e-88a951b1d926/terraform.
[Dev/Terraform] ⚙ ::add-path:: /tmp/a7dfec18-44fa-4226-ab7e-88a951b1d926
[Dev/Terraform] ✅ Success - hashicorp/setup-terraform@v1
Output from Terraform Format step.
[Dev/Terraform] ⭐ Run Terraform Format
time="2021-01-20T13:56:12-05:00" level=debug msg="Wrote command 'terraform fmt -check' to 'workflow/fmt'"
time="2021-01-20T13:56:12-05:00" level=debug msg="Writing entry to tarball workflow/fmt len:20"
[Dev/Terraform] Extracting content to '/github/'
[Dev/Terraform] Exec command '[bash --noprofile --norc -eo pipefail /github/workflow/fmt]'
| /github/workflow/fmt: line 1: /tmp/a7dfec18-44fa-4226-ab7e-88a951b1d926/terraform: Permission denied
[Dev/Terraform] ❌ Failure - Terraform Format
time="2021-01-20T13:56:12-05:00" level=debug msg="exit with `FAILURE`: 126"
> docker version
Client: Docker Engine - Community
Cloud integration: 1.0.4
Version: 20.10.2
API version: 1.41
Go version: go1.13.15
Git commit: 2291f61
Built: Mon Dec 28 16:14:16 2020
OS/Arch: windows/amd64
Context: default
Experimental: true
One thing I've noticed is that the execution flag is missing from the terraform script when run from Windows:
root@docker-desktop:/github/workspace# ls -l /tmp/49a791f2-9668-415a-9605-0365673d086f/
total 83620
-rw-rw-rw- 1 root root 63187 Jan 20 20:16 terraform
-rwxr-xr-x 1 root root 85561299 Jan 6 19:04 terraform-bin
But in Linux/WSL, the execute bit is set:
root@docker-desktop:/github/workspace# ls -l /tmp/993cb99e-cc79-4bee-a4e7-e611b2ebfa1f/
total 83620
-rwxr-xr-x 1 root root 63187 Jan 20 20:15 terraform
-rwxr-xr-x 1 root root 85561299 Jan 6 19:04 terraform-bin
This is because permission system is completely different between Windows and Linux, didn't had time to look at where and how it does but I assume act can recursively chmod +x all actions after copy when runtime.GOOS == 'windows'.
I assume that is the case. Despite being a copy from a Linux container to a Linux container, invoking through the Windows client is messing it up.
@cdhunt It's not Linux<>Linux copy
::debug::Copying /actions/hashicorp-setup-terraform@v1/dist/index1.js to /tmp/3ebc1b30-79a1-4ab6-ae5f-d62eb03aeadc/terraform.
I actually have no idea if that can be solved just in act with Go
Yeah, I looked through the code and see it dumps to the local filesystem before copying into the container.
Can you exec a chmod +x here.
Issue is stale and will be closed in 14 days unless there is new activity
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "Published by a pub.dev verified publisher"){kind=small}
Issue is stale and will be closed in 14 days unless there is new activity
was this ever solved?
I am also using a windows system and having issues with permission denied errors
A workaround is to add this step after you install terraform.
# bug with act and terraform permissions: https://github.com/nektos/act/issues/491
- name: fix terraform file permissions
run: find /tmp -name "terraform" -type f -exec chmod 755 {} +
Theoretically, it could consult Git about the file flags if started from Windows.
Say,
$ git ls-files --stage gradlew
100755 572252646b9962fbf8261861ffa7bc7f403d3386 0 gradlew
This means the file should have the execute bit set.
