Permission denied

Drone Support
1

Hello,

I’m trying to execute some tests with my node application, but after I make “npm install” (which runs fine), I run “npm test” I got some permission error (as you can see bellow):

sh: 1: react-scripts: Permission denied

Here is my drone.yml

kind: pipeline
type: kubernetes
name: pipeline-pull-request

trigger:
  event:
    - pull_request

steps:
- name: test
  image: node
  commands:
  - npm install
  - npm test

I’m running everything inside kubernetes.

There is anything that I’m missing to execute/configure?

Thanks!

2

perhaps this thread is relevant to your issue?
http://discuss.harness.io/t/cant-run-tests-permissions-denied/4682/2?u=bradrydzewski

1 Like
3

Oh It was almost related. Haha. But I fixed :slight_smile:

I needed to copy all files inside /home/node/ and executed all commands inside this directory.

I don’t know the reason, but it worked.

Thanks Brad!

4

Instead of copying the files to /home/node you might try the following:

steps:
  - name: test
    image: node
+   user: root
    commands:
    - npm install
    - npm run test

The Drone workspace is a Docker volume and Docker volumes are owned by root. If your image set a default non-root users this can cause access problems to the volume.

1 Like
5

I think that the value should be a user ID not a user name (drone: 1.6.5):

steps:
  - name: test
    image: node
+   user: 0
    commands:
    - npm install
    - npm run test
6

I think that the value should be a user ID not a user name (drone: 1.6.5):

It probably depends on whether or not you are using the docker runner or the kubernetes runner

7

Right, the user ID is used while using kubernetes runner.
Thanks

8

"copying the files to /home/node"
was the only solution that worked for me, trying to set the user had no effect.

was able to reproduce with alpine, seems that on my setup, I can’t execute files from the mounted volume (docker runner)

kind: pipeline
type: docker
name: default

steps:
  - name: test
    image: alpine
    commands:
      - pwd
      - echo "echo from outside volume" > /tmp/foo.sh
      - chmod +x /tmp/foo.sh
      - cat //tmp/foo.sh
      - /tmp/foo.sh
      - echo "echo from drone src" > /drone/src/foo.sh
      - chmod +x /drone/src/foo.sh
      - cat /drone/src/foo.sh
      - /drone/src/foo.sh

result:
the file created outside /drone/src is executed, while the one inside /drone/src is shown by cat but is not executed

latest: Pulling from library/alpine
Digest: sha256:185518070891758909c9f839cf4ca393ee977ac378609f700f60a771a2dfe321
Status: Image is up to date for alpine:latest
+ pwd
/drone/src
+ echo "echo from outside volume" > /tmp/foo.sh
+ chmod +x /tmp/foo.sh
+ cat //tmp/foo.sh
echo from outside volume
+ /tmp/foo.sh
from outside volume
+ echo "echo from drone src" > /drone/src/foo.sh
+ chmod +x /drone/src/foo.sh
+ cat /drone/src/foo.sh
echo from drone src
+ /drone/src/foo.sh
/bin/sh: /drone/src/foo.sh: Permission denied
9

This particular thread focuses on the issue where the default USER in an image is non-root, which causes problems due to the fact that docker volumes are owned by root. The example yaml you posted uses an alpine image, and has a default USER of root, which means the error message would be unrelated to this root cause.

With that being said, I tested your yaml and was unable to reproduce the problem [1][2]. Executing a shell script from the workspace is a common use case, and we have not received any reports of problems with this capability. This could perhaps indicate a problem with your host machine (is it possible you have apparmor or selinux configured in a way that could cause a problem? …)

[1] https://github.com/drone/hello-world/commit/e4b4857fd453ee2caa47114aa6ff548d06552cdd
[2] https://cloud.drone.io/drone/hello-world/184/1/2