(GitHub 操作,上传工件)尽管授予了完全权限,但访问被拒绝尝试上传文件
[英](GitHub Actions, Upload artifact) Access denied trying to upload a file despite giving it full permissions
问题描述
Describe the problem
描述问题
I am making an action that runs API tests from a docker container, which generates a report.html.我正在执行一个从 docker 容器运行 API 测试的操作,该容器生成一个 report.html。 This report is saved into a docker volume.此报告保存到 docker 卷中。 Within the action, after the report is created, I attempt to use actions/upload-artifact on report.html, using the path to its place in the volume on the host machine.在操作中,创建报告后,我尝试在 report.html 上使用 actions/upload-artifact,使用其在主机卷中的位置的路径。
The problem is I get Error: EACCES: permission denied, lstat /path/to/report.html when the action attempts to do this.问题是当操作尝试执行此操作时Error: EACCES: permission denied, lstat /path/to/report.html我收到Error: EACCES: permission denied, lstat /path/to/report.html 。
I've tried to solve this by doing sudo chmod ugo+rwx /path/to/report.html before using the action but it changed nothing.我试图通过在使用该操作之前执行sudo chmod ugo+rwx /path/to/report.html来解决此问题,但它没有任何改变。 I think running the action with sudo would work but that doesn't seem to be supported.我认为使用 sudo 运行该操作会起作用,但这似乎不受支持。
How to reproduce如何繁殖
Reproducing an analogous example where I just create a test.txt file in the volume.重现一个类似的例子,我只是在卷中创建一个 test.txt 文件。 github action looks like this: github 操作如下所示:
name: Action
on:
push:
jobs:
example:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v2
- name: Compose Containers and Run
run: |
docker-compose up --abort-on-container-exit
- name: Fix permissions
run: |
sudo chmod ugo+rwx /var/lib/docker/volumes/example_reports/_data/test.txt
- name: Upload report.html
uses: actions/upload-artifact@v2
with:
name: test.txt
path: /var/lib/docker/volumes/example_reports/_data/test.txt
Dockerfile is simply: Dockerfile 很简单:
FROM ubuntu
ENTRYPOINT [ "/bin/bash", "-c" ]
And doker compose:和 doker 组成:
version: "3.7"
services:
example:
build:
context: .
volumes:
- reports:/home/reports
command: ["touch /home/reports/test.txt"]
volumes:
reports:
2 个解决方案
解决方案1
0 2021-11-15 16:32:22
Your docker container is running as root and therefore creating the file as root.您的 docker 容器以 root 身份运行,因此以 root 身份创建文件。
You can change that by specifying您可以通过指定来更改它
user: '1000:1000'
for your service in your docker-compose file.为您的 docker-compose 文件中的服务。
解决方案2
0 2021-11-16 16:07:55
Turns out I was thinking about this too hard.原来我想得太难了。 All I needed to do to get upload-artifact to work was copy the file out of the volume directory first.为了让上传工件工作,我需要做的就是首先将文件从卷目录中复制出来。
In the action file, instead of trying to fix permissions, simply do this after composing up the containers:在操作文件中,不要尝试修复权限,只需在组合容器后执行此操作:
- name: Copy out file from volume
run: |
sudo cp /var/lib/docker/volumes/example_reports/_data/test.txt /home/
- name: Upload report.html
uses: actions/upload-artifact@v2
with:
name: test.txt
path: /home/test.txt
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.