s3-cp-action
s3-cp-action copied to clipboard
prewk
Permission question
I am using this action in an upstream workflow that triggers a downstream workflow. It seems to work fine, except that the permissions of the file downloaded from the S3 bucket appear to be incorrect. A listing of my workspace files looks like this:
Run ls -lR
.:
total 16
-rw-r--r-- 1 runner docker 101 Jul 15 15:11 README.md
drwxr-xr-x 2 runner docker 4096 Jul 15 15:11 artifacts
-rwxr-xr-x 1 runner docker 310 Jul 15 15:11 stage1.sh
-rwxr-xr-x 1 runner docker 97 Jul 15 15:11 stage2.sh
./artifacts:
total 6892
-rw-r--r-- 1 root root 7054295 Jul 15 15:10 stage1.art
The step that gets the file from S3 looks like this:
# Get the artifacts from the upstream workflow.
- name: Get artifacts from upstream workflow
uses: prewk/s3-cp-action@v2
with:
aws_access_key_id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws_secret_access_key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws_region: 'us-west-2'
source: 's3://stage1-artifacts'
dest: 'artifacts'
flags: --recursive
This causes a problem for my further downstream processing, as it appears to be running as runner:docker and hence the artifact file is read-only. Is there some flag or option that would result in the downloaded artifact being owned by runner rather than root?
Sorry for replying so slowly: I'm not sure I can be of help here unfortunately, I barely use GH Actions and lack knowledge of their permission system.
If you come up with something that requires an added parameter or something then I'll happily merge a PR 👍
I hit this same issue. Not sure what was causing the incorrect permissions, but running this after the s3-cp-action step worked for me
- name: change permissions for downloaded files
run: sudo chown -R $USER:$USER artifacts
