sh: 1: nest: Permission denied in GitHub Action - continuous-integration

For some reason the build step for my NestJS project in my GitHub Action fails for a few days now. I use Turborepo with pnpm in a monorepo and try to run the build with turbo run build. This works flawlessly on my local machine, but somehow in GitHub it fails with sh: 1: nest: Permission denied. ELIFECYCLE  Command failed with exit code 126. I'm not sure how this is possible, since I couldn't find any meaningful change I made to the code in the meantime. It just stopped working unexpectedly. I actually think it is an issue with GH Actions, since it actually works in my local Docker build as well.
Has anyone else encountered this issue with NestJS in GH Actions?
This is my action yml:
name: Test, lint and build
on:
push:
jobs:
test-lint-build:
runs-on: ubuntu-latest
services:
postgres:
# Docker Hub image
image: postgres
# Provide the password for postgres
env:
POSTGRES_HOST: localhost
POSTGRES_USER: test
POSTGRES_PASSWORD: docker
POSTGRES_DB: financing-database
ports:
# Maps tcp port 5432 on service container to the host
- 2345:5432
# Set health checks to wait until postgres has started
options: >-
--health-cmd pg_isready
--health-interval 10s
--health-timeout 5s
--health-retries 5
steps:
- name: Checkout
uses: actions/checkout#v3
- name: Install pnpm
uses: pnpm/action-setup#v2.2.2
with:
version: latest
- name: Install
run: pnpm i
- name: Lint
run: pnpm run lint
- name: Test
run: pnpm run test
- name: Build
run: pnpm run build
env:
VITE_SERVER_ENDPOINT: http://localhost:8000/api
- name: Test financing-server (e2e)
run: pnpm --filter #project/financing-server run test:e2e

I found out what was causing the problem. I was using node-linker = hoisted to mitigate some issues the pnpm way of linking modules was causing with my jest tests. Removing this from my project suddenly made the action work again.
I still don't know why this only broke the build recently, since I've had this option activated for some time now.

Related

Cypress Github Action Fail-The process '/usr/bin/npx' failed with exit code 1

I use GitHub Action for CI/CD, I write some cypress tests and YAML files from it. But when I push the repository I got an error.
name: Testing EDGE Portal
runs-on: self-hosted
needs: [deploy_edge_service]
steps:
- name: Install node
uses: actions/setup-node#v3
with:
node:version: '16'
- name: setup cypress env
run: |
echo "setup cypress env"
- name: run all test
uses: cypress-io/github-action#v5
with:
start: npm start
working-directory: ./integration_test/NetProbe_E2E/cypress
command: npx cypress run --env grepTags="#trap #probe"
The failing error
enter image description here
How I fix that problem.

Can someone advise me a good practice for my Azure DevOps deployment

Good afternoon,
I am building a CI pipeline in Azure DevOps which is new ground for me. I managed to create add the build tasks en steps that I wanted. Although there still are some issues. I explain those issues down here.
Issue #1
I misunderstood the meaning of the latest tag. I thought it would automatically pull the latest/newest version from the specified Docker Hub.
Currently my Docker build looks like this:
- task: Docker#2
displayName: 'Build Docker image'
inputs:
repository: '<my_repo_name>'
command: 'build'
Dockerfile: '**/Dockerfile'
tags: $(Build.BuildId)
This pipeline YAML is to deploy to my production VPS which I added under Pipelines -> Environments.
Here is the deployment step of the pipeline:
- deployment: VMDeploy
displayName: 'Deployment to VPS'
pool:
vmImage: 'Ubuntu-20.04'
environment:
name: CDB_VPS
resourceName: <my_resource_name>
resourceType: VirtualMachine
strategy:
runOnce:
deploy:
steps:
- script: docker pull <my_repo_name>:latest
- script: docker stop $(docker ps -aq)
- script: docker run -p 8085:8085 <my_repo_name>:latest
Issue #2
I do not get any errors in the pipeline while running it. But I am wondering if this is a good practice. By using this it will always run version latest. Also I don't think this is how I should deploy.
Issue #3
The deployment block gets executed before the build and push block is finished. To give extra information I will post the entire YAML file down here.
trigger:
- master
jobs:
- job: Build
displayName: 'Build Maven project and Docker build'
steps:
- task: replacetokens#3
displayName: 'Replace tokens'
inputs:
targetFiles: |
**/application.properties
- task: Maven#3
displayName: 'Build Maven project'
inputs:
mavenPomFile: 'pom.xml'
goals: 'package'
jdkVersionOption: 11
publishJUnitResults: true
- task: Docker#2
displayName: 'Build Docker image'
inputs:
repository: '<my_repo_name>'
command: 'build'
Dockerfile: '**/Dockerfile'
tags: $(Build.BuildId)
- task: Docker#2
displayName: 'Push Docker image to Docker hub'
inputs:
containerRegistry: 'Dockerhub connection'
repository: '<my_repo_name>'
command: 'push'
Dockerfile: '**/Dockerfile'
tags: $(Build.BuildId)
- deployment: VMDeploy
displayName: 'Deployment to VPS'
pool:
vmImage: 'Ubuntu-20.04'
environment:
name: CDB_VPS
resourceName: <my_vps_resource_name>
resourceType: VirtualMachine
strategy:
runOnce:
deploy:
steps:
- script: docker pull <my_repo_name>:latest
- script: docker stop $(docker ps -aq)
- script: docker run -p 8085:8085 <my_repo_name>:latest
If you want to make this on specific image please replace latest with $(Build.BuildId).
steps:
- script: docker pull <my_repo_name>:$(Build.BuildId)
- script: docker stop $(docker ps -aq)
- script: docker run -p 8085:8085 <my_repo_name>:$(Build.BuildId)
And if you want VMDeploy waits for Build please add dependsOn
- deployment: VMDeploy
depenedsOn: Build
Issue #1
The tag in the docker task mean: A list of tags in separate lines. These tags are used in build, push and buildAndPush commands. We could see the tag in the docker, such as below.
Issue #2
We could check the latest deploy in the docker and Azure DevOps pipeline log to ensure that it always run version latest
Issue #3
You could check Krzysztof Madej answer.

Travis doesn't deploy on heroku. Invalid credentials

I'm trying to set up automatic deploy on heroku with travis. I get this error when travis try to deploy:
API request failed.
Message: Invalid credentials provided.
Reference:
failed to deploy
This is my travis file:
jobs:
include:
- language: python
python:
- "3.6"
install:
- pip install -r Deployment/requirements.txt
script:
- python -c "print ('Testing some script')"
branches:
only:
- master
- develop
before_deploy:
- cd Deployment
deploy:
- provider: heroku
skip_cleanup: true
api_key:
secure: b3AVdCtJ2e/+Gu1...
app:
master: motorent-deploy
develop: motorent-apitest
- language: android
dist: trusty
env:
global:
- ANDROID_API_LEVEL=29
- ANDROID_BUILD_TOOLS_VERSION=29.0.3
- extra-google-google_play_services
- extra-google-m2repository
- extra-android-m2repository
- addon-google_apis-google-$ANDROID_API_LEVEL
android:
licenses:
- 'android-sdk-preview-license-.+'
- 'android-sdk-license-.+'
- 'google-gdk-license-.+'
components:
- tools
- platform-tools
- android-$ANDROID_API_LEVEL
- build-tools-$ANDROID_BUILD_TOOLS_VERSION
- extra-google-google_play_services
- extra-google-m2repository
- extra-android-m2repository
- addon-google_apis-google-$ANDROID_API_LEVEL
addons:
apt:
packages:
ant
before_install:
- touch $HOME/.android/repositories.cfg
- yes | sdkmanager "platforms;android-29"
- yes | sdkmanager "build-tools;29.0.3"
before_script:
- cd AndroidApp
- chmod +x gradlew
script:
- ./gradlew build check
As you can see I have two differents projects in the same repository, but it's not important, because the android test works well. What doesn't work is the deploy of Flask project. The solutions that I have found talk about the need to encrypt the api_key. I have tested it with Travis encrypt $(heroku auth:token) but it doesn't work either.
I've been trying to find the error for a long time but I don't know what it can be.
I had the same error.
Here are steps that I performed to fix it.
Firstly I tried the command: heroku auth:token
but the output was:
› Warning: token will expire 06/06/2021
› Use heroku authorizations:create to generate a long-term token
Then I tried the command: heroku authorizations:create
One line from the output contained Token: <created_heroku_auth_token>
I took the value of it (<created_heroku_auth_token>)
and I went to
https://travis-ci.org/github/<my_github_user>/<my_repo>/settings
where I created new environment variable:
HEROKU_AUTH_TOKEN with value of my <created_heroku_auth_token>
Then in my .travis.yml I changed value of api_key to:
api_key: $HEROKU_AUTH_TOKEN
After pushing this change, the deployment to heroku went fine.

Get Git History in Google Cloud Build Step

I'm using Google Cloud Build to run CI for my Nx workspace. Here's the cloudbuild.yaml file:
steps:
- name: 'gcr.io/cloud-builders/docker'
id: Test_Affected_Projects
entrypoint: 'sh'
args: [
'-c',
'docker build --build-arg NPM_TOKEN=$$NPM_TOKEN --file ./test/Dockerfile.test-runner -t mha-test-runner .']
secretEnv: ['NPM_TOKEN']
# Remove the docker image
secrets:
- kmsKeyName: /path/to/key
secretEnv:
NPM_TOKEN: some_key_value
(There are currently two steps, but I removed the second for brevity. The second step just removes the created docker image.)
Now the command inside the Docker image here runs all the tests for the Nx workspace. The thing is, Nx has a great command where only the affected libraries will be tested. But for the command to run, the git history of the project needs to be available.
I've tried to get the git history in the cloud build context, but I haven't been able to get it working. This is the step I added to try and get everything working:
steps:
- name: 'gcr.io/cloud-builders/git'
args: ['fetch', '--unshallow']
- name: 'gcr.io/cloud-builders/docker'
id: Test_Affected_Projects
entrypoint: 'sh'
args: [
'-c',
'docker build --build-arg NPM_TOKEN=$$NPM_TOKEN --file ./test/Dockerfile.test-runner -t mha-test-runner .']
secretEnv: ['NPM_TOKEN']
# Remove the docker image
secrets:
- kmsKeyName: /path/to/key
secretEnv:
NPM_TOKEN: some_key_value
That new first command, which should get the git history, fails. The error message says that it's not a git repo, so the command fails.
My question is: how can I get the git history in the cloud build context so that I can use it with different commands in the build/testing process?
I think the reason this isn't working is that you need to store the github credentials in the cloud build environment.
I believe this guide can help.
will allow you to do so, and then you will be able to call the git fetch --unshallow as you already have.

docker-compose deployment configuration for Circle CI

I am using Circle CI to deploy a microservice to a Digital Ocean droplet and had a few questions about whether my approach is the right one.
My microservice is built using docker-compose, and therefore requires a docker-compose.yml file to pull, start the images that constitute it.
In a nutshell, my deployment approach would be:
Merge branch to master will kick off a CircleCI build
CircleCI will run unit tests
Upon all tests passing, docker-compose build and docker-compose push to Docker Hub
Stop all running images of that service on remote server.
Remove dangling images, and local networks.
Download the relevant docker-compose.yml, Dockerfile and docker-compose.env files.
Pull using docker-compose pull
Start images using docker-compose up
I am using this configuration in CircleCI:
version: 2.1
jobs:
build:
docker:
- image: "circleci/node:10.16.0"
steps:
- checkout
- run:
name: Update to latest npm version
command: "sudo npm install -g npm#latest"
- restore_cache:
key: dependency-cache-{{ checksum "package-lock.json" }}
- run:
name: Install dependencies
command: npm install
- run:
name: Install `docker-compose`
command: |
curl -L https://github.com/docker/compose/releases/download/1.19.0/docker-compose-`uname -s`-`uname -m` > ~/docker-compose
chmod +x ~/docker-compose
sudo mv ~/docker-compose /usr/local/bin/docker-compose
- setup_remote_docker:
docker_layer_caching: false
- run:
name: Build using `docker-compose`
command: |
docker-compose build
- run:
name: Login for Docker Hub
command: |
echo "$DOCKER_PASSWORD" | docker login --username $DOCKER_USERNAME --password-stdin
- run:
name: Push to Docker Hub
command: |
docker-compose push
- run: ssh-keyscan $DIGITALOCEAN_HOST >> ~/.ssh/known_hosts
- add_ssh_keys:
fingerprints:
- fo:of:fe:ef:af
- run:
name: Remove currently running containers
command: |
ssh root#$DIGITALOCEAN_HOST ./deploy_image.sh
I am planning on creating a bash script to handle steps 4 to 8 from my list above.
Is it a good idea to have a script take care of the Docker steps?
Or is there a better way to have a more "native" CircleCI configuration?

Resources