GitHub action workflow 'mkdir' works for me as admin but not work for other member with write permission

GitHub action workflow (against pull request) ‘mkdir’ inside step works for me as admin but not work for other member with write permission, he got ‘Permission denied’, what can be the reason ?
mkdir: cannot create directory ‘/.kube/’: Permission denied

Hard to say without more details about your workflow, ideally a link to a run log or at least the workflow YAML.

The error message looks like trying to create a directory inside the root directory (/), which generally shouldn’t work without root access.

That does not help:

Run sudo mkdir -p "/home/runner/.kube/"
[11](https://github.com/redhat-performance/benchmark-runner/runs/3863990524?check_suite_focus=true#step:7:11)/home/runner/work/_temp/d67a86e8-912c-4d65-a324-4c6765f2f93b.sh: line 2: /home/runner/.kube/config: Permission denied

BTW, That works for me but not to member user although he has a write permission.
Do you know why ?

Not without the full workflow, no. The original error message indicated it’s not using the home directory.

This is the full stage:

For me as repository owner it works, for other admin it failed:

The last line here is likely to be the problem:

      env:
        KUBECONFIG: ${{ secrets.FUNC_KUBECONFIG }}
        RUNNER_PATH: ${{ secrets.RUNNER_PATH }}

The RUNNER_PATH is populated from a secret, so when running from a fork it’s empty. That explains the /.kube/ path. Makes me wonder why the path is coming from a secret, generally /home/runner/ shouldn’t need to be secret. :thinking:

Try to put hard coded /home/runner and got the same behavior:
Run sudo mkdir -p “/home/runner/.kube/”

Run sudo mkdir -p "/home/runner/.kube/"
/home/runner/work/_temp/d67a86e8-912c-4d65-a324-4c6765f2f93b.sh: line 2: /home/runner/.kube/config: Permission denied
Error: Process completed with exit code 1.

I guess it something in credentials because it works for me and not to others.

This is progress actually, now it’s the writing to /home/runner/.kube/config that fails. That’s caused by the sudo you added to the mkdir command: If the directory is owned by root, the regular runner user can’t write to it. :wink:

I am able to do that, what is the difference between me to other users ?

I took a glance at the actions tab for your repository. The difference is that other users are making PRs from their forks, and you’re pushing directly to the repository. I’ve explained above why that causes trouble:

Ok thx. you can close this ticket.