Fix file ownership issues for self-hosted runners. (#141)

2025-07-04 12:25:19 -04:00 · 2020-08-22 21:28:57 +02:00 · 2020-08-22 21:28:57 +02:00 · 24e9c186fd
commit 24e9c186fd
parent 92cfb31622
5 changed files with 30 additions and 3 deletions
--- a/action/Dockerfile
+++ b/action/Dockerfile
@ -1,6 +1,10 @@
 ARG IMAGE
 FROM $IMAGE

+ARG UNAME=runner
+ARG UID=1000
+ARG GID=1000
+
 LABEL "com.github.actions.name"="Unity - Builder"
 LABEL "com.github.actions.description"="Build Unity projects for different platforms."
 LABEL "com.github.actions.icon"="box"
@ -10,9 +14,15 @@ LABEL "repository"="http://github.com/webbertakken/unity-actions"
 LABEL "homepage"="http://github.com/webbertakken/unity-actions"
 LABEL "maintainer"="Webber Takken <webber@takken.io>"

+RUN bash -c 'mkdir -p /github/{home,workflow,workspace}' && chown $UID:$GID -R /github/
+RUN getent group $GID || groupadd -g $GID $UNAME
+RUN id -u $UID &>/dev/null || useradd -m -u $UID -g $GID -s /bin/bash -d /github/home $UNAME
+
 ADD default-build-script /UnityBuilderAction
 ADD steps /steps
 RUN chmod -R +x /steps
 ADD entrypoint.sh /entrypoint.sh
 RUN chmod +x /entrypoint.sh
 ENTRYPOINT ["/entrypoint.sh"]
+
+USER $UID:$GID
--- a/action/index.js
+++ b/action/index.js
--- a/src/index.js
+++ b/src/index.js
@ -16,7 +16,13 @@ async function action() {
  } else {
    // Build docker image
    // TODO: No image required (instead use a version published to dockerhub for the action, supply credentials for github cloning)
-    const builtImage = await Docker.build({ path: actionFolder, dockerfile, baseImage });
+    const builtImage = await Docker.build({
+      path: actionFolder,
+      dockerfile,
+      baseImage,
+      uid: buildParameters.uid,
+      gid: buildParameters.gid,
+    });
    await Docker.run(builtImage, { workspace, ...buildParameters });
  }
 }
--- a/src/model/build-parameters.js
+++ b/src/model/build-parameters.js
@ -1,3 +1,4 @@
+import os from 'os';
 import AndroidVersioning from './android-versioning';
 import Input from './input';
 import Platform from './platform';
@ -20,8 +21,12 @@ class BuildParameters {
      Input.androidVersionCode,
    );

+    const { uid, gid } = os.userInfo();
+
    return {
      version: Input.unityVersion,
+      uid,
+      gid,
      runnerTempPath: process.env.RUNNER_TEMP,
      platform: Input.targetPlatform,
      projectPath: Input.projectPath,
--- a/src/model/docker.js
+++ b/src/model/docker.js
@ -1,15 +1,18 @@
+import fs from 'fs';
 import { exec } from '@actions/exec';
 import ImageTag from './image-tag';

 class Docker {
  static async build(buildParameters, silent = false) {
-    const { path, dockerfile, baseImage } = buildParameters;
+    const { path, dockerfile, baseImage, uid, gid } = buildParameters;
    const { version, platform } = baseImage;

    const tag = new ImageTag({ repository: '', name: 'unity-builder', version, platform });
    const command = `docker build ${path} \
      --file ${dockerfile} \
      --build-arg IMAGE=${baseImage} \
+      --build-arg UID=${uid} \
+      --build-arg GID=${gid} \
      --tag ${tag}`;

    await exec(command, undefined, { silent });
@ -83,6 +86,9 @@ class Docker {
        --volume "${workspace}":"/github/workspace" \
        ${image}`;

+    fs.mkdirSync(`${runnerTempPath}/_github_home`, { recursive: true });
+    fs.mkdirSync(`${runnerTempPath}/_github_workflow`, { recursive: true });
+
    await exec(command, undefined, { silent });
  }
 }