From 26e4270e41446050f8fc88576ea1ab3a4475c71b Mon Sep 17 00:00:00 2001
From: watiko <watiko@users.noreply.github.com>
Date: Sun, 9 Aug 2020 05:31:26 +0900
Subject: [PATCH] fix file permission for non root user docker image (#334)

---
 pkg/runner/run_context.go                           |  4 ++--
 pkg/runner/runner_test.go                           |  1 +
 pkg/runner/step_context.go                          |  2 +-
 pkg/runner/testdata/job-container-non-root/push.yml | 10 ++++++++++
 4 files changed, 14 insertions(+), 3 deletions(-)
 create mode 100644 pkg/runner/testdata/job-container-non-root/push.yml

diff --git a/pkg/runner/run_context.go b/pkg/runner/run_context.go
index 2829cc6..beaa885 100644
--- a/pkg/runner/run_context.go
+++ b/pkg/runner/run_context.go
@@ -122,11 +122,11 @@ func (rc *RunContext) startJobContainer() common.Executor {
 			rc.JobContainer.CopyDir(copyToPath, rc.Config.Workdir+"/.").IfBool(copyWorkspace),
 			rc.JobContainer.Copy("/github/", &container.FileEntry{
 				Name: "workflow/event.json",
-				Mode: 644,
+				Mode: 0644,
 				Body: rc.EventJSON,
 			}, &container.FileEntry{
 				Name: "home/.act",
-				Mode: 644,
+				Mode: 0644,
 				Body: "",
 			}),
 		)(ctx)
diff --git a/pkg/runner/runner_test.go b/pkg/runner/runner_test.go
index 14a576b..441a5f8 100644
--- a/pkg/runner/runner_test.go
+++ b/pkg/runner/runner_test.go
@@ -45,6 +45,7 @@ func TestRunEvent(t *testing.T) {
 		{"fail", "push", "exit with `FAILURE`: 1"},
 		{"runs-on", "push", ""},
 		{"job-container", "push", ""},
+		{"job-container-non-root", "push", ""},
 		{"uses-docker-url", "push", ""},
 		{"remote-action-docker", "push", ""},
 		{"remote-action-js", "push", ""},
diff --git a/pkg/runner/step_context.go b/pkg/runner/step_context.go
index cd43e47..6e6197a 100644
--- a/pkg/runner/step_context.go
+++ b/pkg/runner/step_context.go
@@ -129,7 +129,7 @@ func (sc *StepContext) setupShellCommand() common.Executor {
 		sc.Cmd = strings.Fields(strings.Replace(step.ShellCommand(), "{0}", containerPath, 1))
 		return rc.JobContainer.Copy("/github/", &container.FileEntry{
 			Name: scriptName,
-			Mode: 755,
+			Mode: 0755,
 			Body: script.String(),
 		})(ctx)
 	}
diff --git a/pkg/runner/testdata/job-container-non-root/push.yml b/pkg/runner/testdata/job-container-non-root/push.yml
new file mode 100644
index 0000000..602b273
--- /dev/null
+++ b/pkg/runner/testdata/job-container-non-root/push.yml
@@ -0,0 +1,10 @@
+name: job-container
+on: push
+
+jobs:
+  test:
+    runs-on: ubuntu-latest
+    container: 
+      image: ocaml/opam2:debian-9-opam
+    steps:
+      - run: echo PASS