renovate
renovate copied to clipboard
renovatebot
[gitlab-ci] Filesystem access violation with .gitlab-ci.yml
How are you running Renovate?
Self-hosted
If you're self-hosting Renovate, tell us what version of Renovate you run.
32.116.0
Please select which platform you are using if self-hosting.
gitlab.com
If you're self-hosting Renovate, tell us what version of the platform you run.
GitLab.com
Was this something which used to work for you, and then stopped?
It used to work, and then stopped
Describe the bug
Since release 32.115.0 there's an error with .gitlab-ci.yml if include starts with double /.
Double / is a valid construction previously advertised as hack to https://gitlab.com/gitlab-org/gitlab/-/issues/28987.
This was introduced by #16511.
Relevant debug logs
Logs
WARN: Preventing access to file outside the base directory (repository=vitoyucepi/renovate-issue-16600)
"path": "/.gitlab-ci.yml",
"baseDir": "/tmp/renovate/repos/gitlab/vitoyucepi/renovate-issue-16600"
ERROR: Repository has unknown error (repository=vitoyucepi/renovate-issue-16600)
"err": {
"message": "file-access-violation-error",
"stack": "Error: file-access-violation-error\n at assertBaseDir (/usr/src/app/node_modules/renovate/lib/util/fs/util.ts:12:11)\n at ensurePath (/usr/src/app/node_modules/renovate/lib/util/fs/util.ts:21:3)\n at ensureLocalPath (/usr/src/app/node_modules/renovate/lib/util/fs/util.ts:26:10)\n at readLocalFile (/usr/src/app/node_modules/renovate/lib/util/fs/index.ts:34:40)\n at Object.extractAllPackageFiles (/usr/src/app/node_modules/renovate/lib/modules/manager/gitlabci/extract.ts:130:40)\n at extractAllPackageFiles (/usr/src/app/node_modules/renovate/lib/modules/manager/index.ts:49:17)\n at getManagerPackageFiles (/usr/src/app/node_modules/renovate/lib/workers/repository/extract/manager-files.ts:33:29)\n at /usr/src/app/node_modules/renovate/lib/workers/repository/extract/index.ts:47:28\n at async Promise.all (index 0)\n at extractAllDependencies (/usr/src/app/node_modules/renovate/lib/workers/repository/extract/index.ts:45:26)\n at checkOnboardingBranch (/usr/src/app/node_modules/renovate/lib/workers/repository/onboarding/branch/index.ts:58:22)\n at getRepoConfig (/usr/src/app/node_modules/renovate/lib/workers/repository/init/config.ts:15:12)\n at initRepo (/usr/src/app/node_modules/renovate/lib/workers/repository/init/index.ts:37:12)\n at Object.renovateRepository (/usr/src/app/node_modules/renovate/lib/workers/repository/index.ts:40:14)\n at Object.start (/usr/src/app/node_modules/renovate/lib/workers/global/index.ts:154:7)\n at /usr/src/app/node_modules/renovate/lib/renovate.ts:16:22"
}
Have you created a minimal reproduction repository?
I have linked to a minimal reproduction repository in the bug description
Note: I think the workaround mentioned in the referenced issue is fixed in 14.9, see https://docs.gitlab.com/ee/ci/yaml/includes.html#use-nested-includes-with-duplicate-includes-entries
Release post: https://about.gitlab.com/releases/2022/03/22/gitlab-14-9-released/#include-the-same-cicd-template-multiple-times And the MR that fixed it: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/78297/diffs
My original thought:
Hmm, I'd personally say that making a 'fix' (workaround) for another workaround that has been fixed in the product ~5 months ago is not necessary. I'll just have to update my configurations.
However, I'm not the original author (@vitoyucepi), can't speak for him.
Now that I'm thinking about it, it's still valid syntax in GitLab CI configuration and your current PR addresses that gap, so I'd say your PR is still a good addition 😄.
I think if the syntax is still valid in gitlab-ci, then it could be used in some legacy code.
I'm not sure if it's possible not only use leading /, but also leading ..
I think //.// should work fine , but //..// is not the same, because of ...
What about path.normalize instead of regexp?
:tada: This issue has been resolved in version 32.159.1 :tada:
The release is available on:
- GitHub release
-
32.159.1
Your semantic-release bot :package::rocket:
