GitHub Docker container action cannot write to /github/workspace

I get this action error:

There was an error while trying to write to `/github/workspace/Gemfile.lock`. It is likely that you need to
grant write permissions for that path.

The workflow is like this:

jobs:
  build:
    name: Build website
    runs-on: ubuntu-latest
    steps:
    - ...
    - name: Run Jekyll
      uses: faph/action-jekyll@v0.1

See https://github.com/2000-class-association/2000-class-association.github.io/blob/master/.github/workflows/pages.yml

The action is pretty much a plain vanilla jekyll container. See https://github.com/faph/action-jekyll

Why can the Docker action not write to /github/workspace?

The container gets executed like this:

/usr/bin/docker run --name df7dccc1e3050b95143e885044e45fccd7f2f_45008b --label 0df7dc
--workdir /github/workspace --rm -e HOME -e GITHUB_REF -e GITHUB_SHA -e GITHUB_REPOSITORY -e GITHUB_ACTOR
-e GITHUB_WORKFLOW -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GITHUB_EVENT_NAME -e GITHUB_WORKSPACE
-e GITHUB_ACTION -e GITHUB_EVENT_PATH -e RUNNER_OS -e RUNNER_TOOL_CACHE -e RUNNER_TEMP -e RUNNER_WORKSPACE
-v "/var/run/docker.sock":"/var/run/docker.sock" -v "/home/runner/work/_temp/_github_home":"/github/home"
-v "/home/runner/work/_temp/_github_workflow":"/github/workflow"
-v "/home/runner/work/2000-class-association.github.io/2000-class-association.github.io":"/github/workspace"
0df7dc:cc1e3050b95143e885044e45fccd7f2f

Nothing suggests that the volume is mounted read-only…

1 Like

The answer is here:

https://help.github.com/en/articles/virtual-environments-for-github-actions#docker-container-filesystem

In this instance, the docker container did switch user to something else that did not have write permissions on the host system’s file system.

3 Likes