From 551d36e50206d4b248f3257c6153f72c7994ecde Mon Sep 17 00:00:00 2001
From: Bo Chen <chen.bo@intel.com>
Date: Thu, 29 Feb 2024 14:23:30 -0800
Subject: [PATCH] build: Add a step to fix workspace permissions on bare-metal
 workers

When a bare-metal worker is canceled, its workspace can be left with
files owned by the root user as a result of running tests from our
container. This patch add a step to fix workspace permissions for such
case before checking out code.

Signed-off-by: Bo Chen <chen.bo@intel.com>
(cherry picked from commit f48942ce3f12f507ea5530b926aaf631d914dadd)
---
 .github/workflows/integration-arm64.yaml        | 2 ++
 .github/workflows/integration-rate-limiter.yaml | 3 +++
 .github/workflows/integration-sgx.yaml          | 3 +++
 .github/workflows/integration-vfio.yaml         | 3 +++
 4 files changed, 11 insertions(+)

diff --git a/.github/workflows/integration-arm64.yaml b/.github/workflows/integration-arm64.yaml
index f21dfb23b..333f1b8fb 100644
--- a/.github/workflows/integration-arm64.yaml
+++ b/.github/workflows/integration-arm64.yaml
@@ -7,6 +7,8 @@ jobs:
     name: Tests (ARM64)
     runs-on: focal-arm64
     steps:
+      - name: Fix workspace permissions
+        run: sudo chown -R github-runner:github-runner ${GITHUB_WORKSPACE}
       - name: Code checkout
         uses: actions/checkout@v4
         with:
diff --git a/.github/workflows/integration-rate-limiter.yaml b/.github/workflows/integration-rate-limiter.yaml
index 2a3035931..50f7f7dfb 100644
--- a/.github/workflows/integration-rate-limiter.yaml
+++ b/.github/workflows/integration-rate-limiter.yaml
@@ -9,6 +9,9 @@ jobs:
     name: Tests (Rate-Limiter)
     runs-on: jammy-rate-limiter
     steps:
+      - name: Fix workspace permissions
+        if: ${{ github.event_name != 'pull_request' }}
+        run: sudo chown -R github-runner:github-runner ${GITHUB_WORKSPACE}
       - name: Code checkout
         uses: actions/checkout@v4
         with:
diff --git a/.github/workflows/integration-sgx.yaml b/.github/workflows/integration-sgx.yaml
index 2f9dd45d2..1332ac65e 100644
--- a/.github/workflows/integration-sgx.yaml
+++ b/.github/workflows/integration-sgx.yaml
@@ -9,6 +9,9 @@ jobs:
     name: Tests (SGX)
     runs-on: jammy-sgx
     steps:
+      - name: Fix workspace permissions
+        if: ${{ github.event_name != 'pull_request' }}
+        run: sudo chown -R github-runner:github-runner ${GITHUB_WORKSPACE}
       - name: Code checkout
         uses: actions/checkout@v4
         with:
diff --git a/.github/workflows/integration-vfio.yaml b/.github/workflows/integration-vfio.yaml
index dd808d4ad..5973c841f 100644
--- a/.github/workflows/integration-vfio.yaml
+++ b/.github/workflows/integration-vfio.yaml
@@ -9,6 +9,9 @@ jobs:
     name: Tests (VFIO)
     runs-on: jammy-vfio
     steps:
+      - name: Fix workspace permissions
+        if: ${{ github.event_name != 'pull_request' }}
+        run: sudo chown -R github-runner:github-runner ${GITHUB_WORKSPACE}
       - name: Code checkout
         uses: actions/checkout@v4
         with: