Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

cml-runner self-hosted issues

See original GitHub issue

~/.cml/cml-*/ is not named according to --name
~/.cml/cml-*/ is not cleaned up on exit (should be cleaned esp. if no --name)
don’t pass sensitive env vars (#802)
cache runner setup script in ~/.cml/ (#615)
feature request: local secrets (cml runner --env flag similar to docker run --env)
feature request: user ID (cml runner --user flag similar to docker run --user)
feature request: auto-mount sockets for docker-in-docker support (#799)

Issue Analytics

State:
Created 2 years ago
Reactions:1
Comments:7 (7 by maintainers)

Top GitHub Comments

4reactions

DavidGOrtegacommented, Nov 4, 2021

There is not a lot of work to do here. As we discussed the GH runner has the “ability” to propagate its ENV vars. Here GH runner inherits the CML wrapper vars. What we should do to fix this and not allow the GH runner to behave this way is simply pass an empty ENV vars in the exec. This way the ENV vars that will always access the runner will be the CI vars and workflow.

1reaction

casperdclcommented, Nov 4, 2021

just realised this is also a problem on all runners (not just manual self-hosted)

jobs:
  deploy:
    runs-on: ubuntu-latest
    steps:
    - uses: iterative/setup-cml@v1
    - uses: actions/checkout@v2
    - run: |
        cml runner --labels=cml-runner --cloud=aws --cloud-type=t2.micro
      env:
        AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
        AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
        REPO_TOKEN: ${{ secrets.CML_CI_TOKEN }}
  train:
    runs-on: [self-hosted, cml-runner]
    steps:
    - run: env # why does this list AWS_ACCESS_KEY_ID & AWS_SECRET_ACCESS_KEY ??

should really either