Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Clearly error when ownership check fails when walking parent directories to find a Taskfile #1683

Open
deviantintegral opened this issue Jun 5, 2024 · 2 comments
Open

Clearly error when ownership check fails when walking parent directories to find a Taskfile #1683

deviantintegral opened this issue Jun 5, 2024 · 2 comments
Labels
state: needs triage Waiting to be triaged by a maintainer.

Comments

@deviantintegral
Copy link
Contributor

I ran into a tricky issue where Task wasn't finding an expected Taskfile: https://github.com/orgs/ddev/discussions/6273

What was confusing to me is that https://taskfile.dev/next/usage/#running-a-taskfile-from-a-subdirectory says

it will walk up the file tree until it finds one (similar to how git works)

I think it's common for this to refer to git not crossing mounted file systems when looking for a .git directory. It wasn't clear to me that this would also involve ownership checks, which is done here:

task/taskfile/taskfile.go

Lines 148 to 150 in 40d7715

// Error if we reached the root directory and still haven't found a file
// OR if the user id of the directory changes
if path == parentPath || (parentOwner != owner) {

I assume this is all to prevent potential security issues like the one in Git https://github.blog/2022-04-12-git-security-vulnerability-announced/.

It'd be great if Task could either:

  • Clearly say why it stopped walking parent directories.
  • Or, if we don't need to check ownership then don't.
@task-bot task-bot added the state: needs triage Waiting to be triaged by a maintainer. label Jun 5, 2024
@NikitaCOEUR
Copy link

Same problem on my side, an issue in a GITHUB ACTION CI running in a container.

I am working in a child directory of the GitHub repository, and the owner is different between :

Also, if no Taskfile is found by going up from the child directories to the root of the repository, no Taskfile is found at the root either since the owner has changed...

Only workaround: execute the task by targeting the Taskfile directly:

task --taskfile "${GITHUB_WORKSPACE}/Taskfile.yml" ...

@NikitaCOEUR NikitaCOEUR mentioned this issue Jul 17, 2024
Merged
@solidDoWant
Copy link

I ran into this as well, using vscode dev containers on Windows. Repo gets mounted to /workspaces/<dir name>. This directory is owned by root, with perms set to 0o777. All files within the directory are owned by the vscode user. As a result, I cannot run task from any subdirectory.

It'd really be great if either the check was removed, or there was a global option (env var preferably) to disable it.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
state: needs triage Waiting to be triaged by a maintainer.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@deviantintegral @solidDoWant @task-bot @NikitaCOEUR