Files owned by root:root when using actions/checkout on self-hosted runner

Question

I have a GitHub Actions workflow running on a self-hosted runner that looks like this:

---
name: Workflow

on:
  workflow_call:

jobs:
  build:
    runs-on: self-hosted
    
    steps:
    - name: Cleanup build folder
      run: |
        rm -rf /home/github/actions-runner/_work/* || true

    - name: Checkout
      uses: actions/checkout@v3
      with:
        fetch-depth: 0

The issue I'm facing is that sometimes the files that are checked out are owned by root:root (randomly, it seems), which makes the first step fail. This forces me to clean up the self-hosted machine manually before being able to re-launch the workflow.

Rolling back to actions/checkout@v2 does not seem to solve the issue for me.

One solution is to run the first step as sudo, but I'm not comfortable changing the configuration so it doesn't ask for the password when executing rm.

Answer 1

In my experience, the files owned by root come from jobs that use containers, since most containers run as root - and most importantly/non-intuitively, GHA mounts existing local folders as the drive for containers. I found that setting my containers to run as the same UID/GID as my GHA runner user on the host solved the issue.