fix: use tag-only image ref in rootless permission repair#6025
Conversation
The permission fixer was building compound tag@digest image references (e.g. agent:0.27.22@sha256:...) for its docker run --pull never command. Docker still attempts registry verification for tag@digest refs even with --pull never, causing a 30-second timeout per directory when GHCR credentials are unavailable (cleaned before the agent step completes). Strip the digest from the image ref since this is a local-only operation and the image is already tagged locally by the download step. Fixes ~90s of wasted time and eliminates cascading EACCES errors when chroot-home cleanup fails after the permission repair times out. Co-authored-by: Copilot App <223556219+Copilot@users.noreply.github.com>
|
@copilot merge main |
|
| Metric | Base | PR | Delta |
|---|---|---|---|
| Lines | 98.92% | 98.92% | ➡️ +0.00% |
| Statements | 98.87% | 98.87% | ➡️ +0.00% |
| Functions | 99.44% | 99.44% | ➡️ +0.00% |
| Branches | 95.39% | 95.35% | 📉 -0.04% |
Coverage comparison generated by scripts/ci/compare-coverage.ts
There was a problem hiding this comment.
Pull request overview
This PR updates the rootless artifact permission repair flow to avoid using compound Docker image references (tag@digest) when running a local-only docker run --pull never, preventing Docker from attempting registry verification (and timing out when GHCR creds are unavailable).
Changes:
- Stop building
tag@digestimage refs for the permission-fixer container and instead use a tag-only ref (<registry>/<image>:<tag>). - Remove the now-unneeded
buildRuntimeImageRefimport from the permission repair module.
Show a summary per file
| File | Description |
|---|---|
src/artifact-permissions.ts |
Switches permission-fixer image reference generation to tag-only to avoid registry verification timeouts under --pull never. |
Review details
Tip
Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
- Files reviewed: 1/1 changed files
- Comments generated: 1
- Review effort level: Low
| // Use tag-only ref (no digest) because this runs with --pull never. | ||
| // Including the digest causes Docker to attempt registry verification | ||
| // even with --pull never, which times out if credentials are unavailable. | ||
| return `${registry}/${imageName}:${parsedImageTag.tag}`; |
Merged from |
|
📰 VERDICT: Smoke Copilot has concluded. All systems operational. This is a developing story. 🎤 |
|
✅ Smoke Gemini completed. All facets verified. 💎 Smoke test completed. Results reported to PR #6025. Status: FAIL. |
|
✅ Smoke Claude passed |
|
📡 Smoke OTel Tracing completed. All tracing scenarios validated. ✅ |
|
🔑 Smoke Copilot PAT PAT auth validated. All systems operational. ✅ |
|
🔌 Smoke Services — All services reachable! ✅ |
|
✅ Build Test Suite completed successfully! |
|
✅ Smoke Copilot BYOK AOAI (Entra) completed. Copilot AOAI BYOK (Entra) mode operational. 🔓 |
|
🚀 Security Guard has started processing this pull request |
|
✨ The prophecy is fulfilled... Smoke Codex has completed its mystical journey. The stars align. 🌟 |
|
✅ Smoke Copilot BYOK completed. Copilot BYOK mode operational. 🔓 |
|
Chroot tests passed! Smoke Chroot - All security and functionality tests succeeded. |
|
❌ Smoke Copilot BYOK AOAI (api-key) reports failed. AOAI BYOK (api-key) mode investigation needed... |
|
✅ Contribution Check completed successfully! PR #6025 follows the applicable CONTRIBUTING.md guidelines; no contribution-guidelines comment needed. |
Smoke Test Results for Gemini
Overall Status: FAIL Merged PRs (found in log):
Warning Firewall blocked 1 domainThe following domain was blocked by the firewall during workflow execution:
network:
allowed:
- defaults
- "localhost"See Network Configuration for more information.
|
Smoke Test: Claude Engine ValidationOverall result: ✅ PASS
Warning Firewall blocked 1 domainThe following domain was blocked by the firewall during workflow execution:
network:
allowed:
- defaults
- "awmgmcpg"See Network Configuration for more information.
|
Smoke Test Results
Overall: PASS (core connectivity verified) @lpcox — smoke tests completed. Warning Firewall blocked 1 domainThe following domain was blocked by the firewall during workflow execution:
network:
allowed:
- defaults
- "awmgmcpg"See Network Configuration for more information.
|
Smoke Test: GitHub Actions Services Connectivity
Overall: FAIL — Warning Firewall blocked 1 domainThe following domain was blocked by the firewall during workflow execution:
network:
allowed:
- defaults
- "awmgmcpg"See Network Configuration for more information.
|
Smoke Test: Copilot PAT Auth — PASS
Overall: PASS | Auth mode: PAT (COPILOT_GITHUB_TOKEN) Warning Firewall blocked 1 domainThe following domain was blocked by the firewall during workflow execution:
network:
allowed:
- defaults
- "awmgmcpg"See Network Configuration for more information.
|
|
✅ Smoke Test: Copilot BYOK (Direct) Mode — PASS
Running in direct BYOK mode (COPILOT_PROVIDER_API_KEY) via api-proxy → api.githubcopilot.com Warning Firewall blocked 1 domainThe following domain was blocked by the firewall during workflow execution:
network:
allowed:
- defaults
- "awmgmcpg"See Network Configuration for more information.
|
|
@lpcox smoke test results:
Running in direct BYOK mode (AWF_AUTH_TYPE=github-oidc + AWF_AUTH_AZURE_* + COPILOT_PROVIDER_BASE_URL) via api-proxy → Azure OpenAI (Foundry, o4-mini-aw) authenticated via Microsoft Entra Overall status: PASS Warning Firewall blocked 1 domainThe following domain was blocked by the firewall during workflow execution:
network:
allowed:
- defaults
- "awmgmcpg"See Network Configuration for more information.
|
|
Smoke test results:\n- #6008 fix: add Gemini usageMetadata support to token parsers: ✅\n- #6005 Clarify MCP localhost rewrite, transport semantics, and reachability under network isolation: ✅\n- #6025 fix: use tag-only image ref in rootless permission repair: ✅\n- Overall: PASS Warning Firewall blocked 2 domainsThe following domains were blocked by the firewall during workflow execution:
network:
allowed:
- defaults
- "awmgmcpg"
- "registry.npmjs.org"See Network Configuration for more information.
|
Chroot Version Comparison Results
Overall: ❌ FAILED — Python and Node.js versions differ between host and chroot environments. Warning Firewall blocked 1 domainThe following domain was blocked by the firewall during workflow execution:
network:
allowed:
- defaults
- "awmgmcpg"See Network Configuration for more information.
|
🏗️ Build Test Suite Results
Overall: 8/8 ecosystems passed — ✅ PASS Warning Firewall blocked 1 domainThe following domain was blocked by the firewall during workflow execution:
network:
allowed:
- defaults
- "awmgmcpg"See Network Configuration for more information.
|
🔭 OTEL Tracing Smoke Test Results
All scenarios pass. OTEL tracing integration is functional. Warning Firewall blocked 1 domainThe following domain was blocked by the firewall during workflow execution:
network:
allowed:
- defaults
- "awmgmcpg"See Network Configuration for more information.
|
Add new failure mode B10 (rootless permission repair timeout on tag@digest ref) to all three mirrored catalog files: - .github/workflows/shared/self-hosted-failure-modes.md - .github/workflows/self-hosted-runner-doctor.md - .github/agents/self-hosted-runner-doctor.md B10 captures the symptom from PR #6025: fixArtifactPermissionsForRootless() built compound tag@digest refs that caused Docker to attempt GHCR manifest verification even under --pull never, timing out ~30 s per directory. Fixed by resolvePermFixerImageRef() returning tag-only refs. Closes #6069
…st timeout) (#6078) * Initial plan * docs: add B10 failure mode to runner doctor catalog Add new failure mode B10 (rootless permission repair timeout on tag@digest ref) to all three mirrored catalog files: - .github/workflows/shared/self-hosted-failure-modes.md - .github/workflows/self-hosted-runner-doctor.md - .github/agents/self-hosted-runner-doctor.md B10 captures the symptom from PR #6025: fixArtifactPermissionsForRootless() built compound tag@digest refs that caused Docker to attempt GHCR manifest verification even under --pull never, timing out ~30 s per directory. Fixed by resolvePermFixerImageRef() returning tag-only refs. Closes #6069 * Potential fix for pull request finding Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com> * Potential fix for pull request finding Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com> --------- Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: Landon Cox <landon.cox@microsoft.com> Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
Problem
fixArtifactPermissionsForRootless()builds compoundtag@digestimage references (e.g.,agent:0.27.22@sha256:55f065...) for itsdocker run --pull nevercommand. Despite--pull never, Docker still attempts registry manifest verification for compound references. When GHCR credentials are unavailable (cleaned in an earlier workflow step), this verification times out after ~30 seconds per directory.Observed in: https://github.com/github/gh-aw-mcpg/actions/runs/28965706129/job/85948370446#step:29:317
Each repair attempt takes exactly ~30s (TCP connect timeout), wasting ~90s total per run.
Fix
Strip the
@sha256:...digest from the image ref inresolvePermFixerImageRef(). This is a local-only operation (--pull never) and the image is already tagged locally (e.g.,agent:0.27.22) by the download step — no digest verification is needed.Impact