Skip to content
You're viewing an older version of this GitHub Action. Do you want to see the latest version instead?
lock

GitHub Action

Rootless Docker

0.1.1

Rootless Docker

lock

Rootless Docker

Run Docker in Rootless Mode to Prevent Permission Errors

Installation

Copy and paste the following snippet into your .yml file.

              

- name: Rootless Docker

uses: ScribeMD/[email protected]

Learn more about this action in ScribeMD/rootless-docker

Choose a version

rootless-docker

Test Bump Version pre-commit Conventional Commits code style: prettier

Run Docker in Rootless Mode to Prevent Permission Errors

GitHub-hosted (and many self-hosted) runners use rootful Docker, but the runner itself does not run as root. As described in actions/runner#434, files created by Docker containers are hence owned by root, resulting in permission errors when the runner attempts to clean up checked out repositories. This action efficiently prevents those permission errors by running Docker in rootless mode so that all files are owned by the runner user. This approach has many benefits as it is:

  • safer than elevating the runner to root
  • less brittle than changing the ownership/permissions of or deleting files
  • simpler than other ways of running rootless Docker
  • and fast (~15 seconds on GitHub-hosted runner ubuntu-20.04)

Docker's documentation discusses rootless mode in detail. If you are running a supported Linux distribution locally, you can follow the steps there to use rootless mode. If you aren't sure, you can ask Docker whether it is in rootless mode:

docker info --format "{{ .ClientInfo.Context }}"

Usage

  • Add the following step before your first use of Docker:
- name: Use Docker in rootless mode.
  uses: ScribeMD/rootless-docker@0

Supported Runners

  • Tested on ubuntu-20.04
  • Probably works on ubuntu-18.04
  • May work on future versions of Linux
  • Definitely doesn't work on Windows or macOS since Docker only offers rootless mode on Linux

Contributing

Please refer to CONTRIBUTING.md.

Changelog

Please refer to CHANGELOG.md.