Potential issue with Github runners
9 views
Skip to first unread message
Nicolas Dechesne
Sep 4, 2025, 6:49:46 AM (3 days ago) Sep 4
to kas-...@googlegroups.com
hi there,
I've been having this weird issue for quite some time now, and I don't
know how to move forward.. we are using Github CI with self hosted
runners with ephemeral AWS instances for meta-qcom BSP layers.
I am trying to use the kas container directly from the Github CI job with
container:
image: ghcr.io/siemens/kas/kas
What I observe is that the Github checkout action fails in when
executed in the context of the KAS container, logs are here:
https://github.com/qualcomm-linux/meta-qcom-3rdparty/actions/runs/17461113080/job/49586141611
When using
container:
image: debian:trixie
Everything works fine.
Would anyone have any hint about this and how to overcome this problem?
Using KAS container for our builds would make things much easier than
starting from the default debian container.
thanks!
I've been having this weird issue for quite some time now, and I don't
know how to move forward.. we are using Github CI with self hosted
runners with ephemeral AWS instances for meta-qcom BSP layers.
I am trying to use the kas container directly from the Github CI job with
container:
image: ghcr.io/siemens/kas/kas
What I observe is that the Github checkout action fails in when
executed in the context of the KAS container, logs are here:
https://github.com/qualcomm-linux/meta-qcom-3rdparty/actions/runs/17461113080/job/49586141611
When using
container:
image: debian:trixie
Everything works fine.
Would anyone have any hint about this and how to overcome this problem?
Using KAS container for our builds would make things much easier than
starting from the default debian container.
thanks!
MOESSBAUER, Felix
Sep 4, 2025, 8:14:59 AM (3 days ago) Sep 4
to nicolas....@oss.qualcomm.com, kas-...@googlegroups.com
On Thu, 2025-09-04 at 12:49 +0200, 'Nicolas Dechesne' via kas-devel
wrote:
I briefly checked the output and it seems like the job is writing to
directories which are owned by root. As the kas container image
switches the user in the entrypoint [1], the github script is probably
executed under the builder user. That won't work.
>
> When using
> container:
> image: debian:trixie
> Everything works fine.
Here you're running as root :)
>
> Would anyone have any hint about this and how to overcome this
> problem?
What we usually do on GitHub is do simply use the kas-container script.
Here's an example how to do that: [2]
[1] https://github.com/siemens/kas/blob/master/container-entrypoint
[2]
https://github.com/siemens/meta-iot2050/blob/master/.github/workflows/main.yml#L78
Best regards,
Felix
>
> Using KAS container for our builds would make things much easier than
> starting from the default debian container.
>
> thanks!
--
Siemens AG
Linux Expert Center
Friedrich-Ludwig-Bauer-Str. 3
85748 Garching, Germany
wrote:
> hi there,
>
> I've been having this weird issue for quite some time now, and I
> don't
> know how to move forward.. we are using Github CI with self hosted
> runners with ephemeral AWS instances for meta-qcom BSP layers.
>
> I am trying to use the kas container directly from the Github CI job
> with
>
> container:
> image: ghcr.io/siemens/kas/kas
>
> What I observe is that the Github checkout action fails in when
> executed in the context of the KAS container, logs are here:
>
> https://github.com/qualcomm-linux/meta-qcom-3rdparty/actions/runs/17461113080/job/49586141611
Hi,
>
> I've been having this weird issue for quite some time now, and I
> don't
> know how to move forward.. we are using Github CI with self hosted
> runners with ephemeral AWS instances for meta-qcom BSP layers.
>
> I am trying to use the kas container directly from the Github CI job
> with
>
> container:
> image: ghcr.io/siemens/kas/kas
>
> What I observe is that the Github checkout action fails in when
> executed in the context of the KAS container, logs are here:
>
> https://github.com/qualcomm-linux/meta-qcom-3rdparty/actions/runs/17461113080/job/49586141611
I briefly checked the output and it seems like the job is writing to
directories which are owned by root. As the kas container image
switches the user in the entrypoint [1], the github script is probably
executed under the builder user. That won't work.
>
> When using
> container:
> image: debian:trixie
> Everything works fine.
>
> Would anyone have any hint about this and how to overcome this
> problem?
Here's an example how to do that: [2]
[1] https://github.com/siemens/kas/blob/master/container-entrypoint
[2]
https://github.com/siemens/meta-iot2050/blob/master/.github/workflows/main.yml#L78
Best regards,
Felix
>
> Using KAS container for our builds would make things much easier than
> starting from the default debian container.
>
> thanks!
Siemens AG
Linux Expert Center
Friedrich-Ludwig-Bauer-Str. 3
85748 Garching, Germany
Reply all
Reply to author
Forward
0 new messages