Unable to fork/exec in a container

Hi there,

I’m running a bash script that runs some additional commands inside a container and I’m getting following error:

Error: Error asking for user input: 1 error(s) occurred:

  • provider.google: fork/exec /drone/src/roles//.terraform/plugins/linux_amd64/terraform-provider-google_v1.16.0_x4: permission denied

.drone.yml:
steps:

  • name: test
    image: hashicorp/terraform:0.11.12
    commands:
    • apk update && apk add bash
    • bash _scripts/test.sh

_scripts/test.sh:
#!/bin/bash
set -m
CWD=$(pwd)

for dir in find . -type d | egrep -v '(git)'; do
cd $CWD/$dir
if [[ ! -z find . -type f -maxdepth 1 -name '*.tf' ]]; then
echo “Entering… $CWD/$dir”
terraform init
terraform plan -detailed-exitcode >/dev/null
fi
fi

I understand this is Terraform-specific, but if I run terraform init from the .drone.yml it works like a charm.
Are there any ways to give permissions to fork/exec processes in the scripts?

Let me know,
Thank you!

Are there any ways to give permissions to fork/exec processes in the scripts?

Generally speaking, Drone does not restrict what is running inside a container. Such restrictions are enforced by Docker or by standard unix permissions. So in this case, my guess would be that the terraform image sets a non-root USER as the default user, which in turn lacks such privileges. Just a guess, though …

You could test this by adding user: root to your configuration:

- name: test
  image: hashicorp/terraform:0.11.12
  user: root
  commands:
    - apk update && apk add bash
    - bash _scripts/test.sh

Thanks Brad. Root didn’t work even with larger image (ubuntu:latest). It could be something on the cluster we’re running (GKE) as the pipeline works fine locally. It might be that Terraform is requires some additional privileges on a container level.