could not lock config file /root/.gitconfig: Operation not permitted error in docker executor since upgrade to runner 13.2
Summary
Since the update I get the following issue with the docker executor, regardless of the container across all projects.:
...
Getting source from Git repository
error: could not lock config file /root/.gitconfig: Operation not permitted
ERROR: Job failed: exit code 1
Steps to reproduce
It is through out all containers. However, one of my .gitlab-ci.yml
looks like this:
.gitlab-ci.yml
image: aergus/latex
build_test:
tags:
- lab
- docker
script:
- ./build.sh
- Docker runner in default configuration on ubuntu 18.04.4 (all patched)
- it all worked before 13.2.
Actual behavior
I get this error in my job log and the job fails:
...
Getting source from Git repository
error: could not lock config file /root/.gitconfig: Operation not permitted
Expected behavior
I would expect the container to run.
Relevant logs and/or screenshots
job log
Running with gitlab-runner 13.2.0 (353dd94e)
on name and tags 0ab8d384
Preparing the "docker" executor
Using Docker executor with image aergus/latex ...
Using locally found image version due to if-not-present pull policy
Using docker image sha256:c1838d640a69449c94dfe7c634590ed14b4e5823363de0e8238f0429ebeacc53 for aergus/latex ...
Preparing environment
Running on runner-0ab8d384-project-90-concurrent-0 via host...
Getting source from Git repository
error: could not lock config file /root/.gitconfig: Operation not permitted
ERROR: Job failed: exit code 1
Environment description
This is an omnibus installation, however the gitlab-runner is from the ppa.
config.toml contents
[[runners]]
name = "name and tags"
url = "https://git.host.tld/ci"
token = "<token>"
executor = "docker"
environment = ["DOCKER_DRIVER=overlay2"]
[runners.cache]
[runners.docker]
tls_verify = false
image = "image:stable"
privileged = false
disable_entrypoint_overwrite = false
oom_kill_disable = false
disable_cache = false
volumes = ["/cache"]
pull_policy = "if-not-present"
shm_size = 0
Workaround
There's two workarounds at the moment:
-
Use the
overlay2
storage driver: This is typically the recommended driver to use anyway, and just happens to fix the problem at the moment. -
Or, temporarily Override the helper image to use
gitlab/gitlab-runner-helper:x86_64-6fbc7474
[[runners]] (...) executor = "docker" [runners.docker] (...) helper_image = "gitlab/gitlab-runner-helper:x86_64-6fbc7474"
Edited by Arran Walker