In trying GitHub Actions using self-hosted runners, we want to use the official sonarcloud-github-action. While it’s documented for SonarCloud, we were able to successfully get it to do a scan on a GitHub Enterprise Server self-hosted runner and publish to an internal SonarQube instance.
The only issue is that the sonarcloud-github-action leaves behind a
.scannerwork directory in the repository directory, owned by
root rather than our runner’s service user.
Subsequent runs on the same runner fail since the runner user can’t delete those root owned files.
This is the actions/checkout@v2 output from a subsequent run:
2021-04-13T21:59:20.0688540Z Syncing repository: test-org/test-repo 2021-04-13T21:59:20.0700408Z ##[group]Getting Git version info 2021-04-13T21:59:20.0701753Z Working directory is '/var/lib/github/work/test-org/test-repo' 2021-04-13T21:59:20.0731284Z [command]/usr/bin/git version 2021-04-13T21:59:20.0780126Z git version 2.31.1 2021-04-13T21:59:20.0798423Z ##[endgroup] 2021-04-13T21:59:20.0804852Z Deleting the contents of '/var/lib/github/work/test-repo/test-repo' 2021-04-13T21:59:20.0865829Z ##[error]Command failed: rm -rf "/var/lib/github/work/test-repo/test-repo/.scannerwork" rm: cannot remove '/var/lib/github/work/test-repo/test-repo/.scannerwork/.sonar_lock': Permission denied rm: cannot remove '/var/lib/github/work/test-repo/test-repo/.scannerwork/.sonartmp/eslint-bridge-bundle': Permission denied
This appears to be a bug in the action, though maybe one that doesn’t crop up on GitHub’s public hosted runners.
Can anyone confirm that this is an issue and know where I would report this as a needed fix/enhancement?