fa42b8394e
Data race detection identified that `getWorkflowSecrets` is mutating `rc.caller.runContext.Config.Secrets` while interpolating values, in the case where secrets are inherited by a reusable workflow. This map is also mutated earlier in evaluation by `(*RunContext).handleCredentials`. It's possible that multiple goroutines performing mutation to this shared map could cause runtime panics (not observed). The issue is addressed creating a separate map to store interpolated secrets in `getWorkflowSecrets`, which was already the behavior in the non-inherited secret case. Automated testing for this issue will be provided by #861 when all data races are resolved. ``` ================== WARNING: DATA RACE Read at 0x00c0003a9620 by goroutine 2546: runtime.mapaccess1_faststr() /home/mfenniak/go/pkg/mod/golang.org/toolchain@v0.0.1-go1.24.6.linux-amd64/src/internal/runtime/maps/runtime_faststr_swiss.go:103 +0x0 code.forgejo.org/forgejo/runner/v9/act/runner.(*RunContext).handleCredentials() /.../forgejo-runner/act/runner/run_context.go:1395 +0xab code.forgejo.org/forgejo/runner/v9/act/runner.(*RunContext).prepareJobContainer() /.../forgejo-runner/act/runner/run_context.go:460 +0x2de code.forgejo.org/forgejo/runner/v9/act/runner.(*RunContext).startContainer.func1.(*RunContext).startJobContainer.2() /.../forgejo-runner/act/runner/run_context.go:610 +0x5e code.forgejo.org/forgejo/runner/v9/act/runner.(*RunContext).startContainer.func1() /.../forgejo-runner/act/runner/run_context.go:853 +0xf3 code.forgejo.org/forgejo/runner/v9/act/runner.newJobExecutor.NewPipelineExecutor.Executor.Then.func22() /.../forgejo-runner/act/common/executor.go:136 +0x57 ...snip... Previous write at 0x00c0003a9620 by goroutine 2440: runtime.mapassign_faststr() /home/mfenniak/go/pkg/mod/golang.org/toolchain@v0.0.1-go1.24.6.linux-amd64/src/internal/runtime/maps/runtime_faststr_swiss.go:263 +0x0 code.forgejo.org/forgejo/runner/v9/act/runner.getWorkflowSecrets() /.../forgejo-runner/act/runner/expression.go:578 +0x547 code.forgejo.org/forgejo/runner/v9/act/runner.(*RunContext).NewExpressionEvaluatorWithEnv() /.../forgejo-runner/act/runner/expression.go:85 +0x3fc code.forgejo.org/forgejo/runner/v9/act/common/git.FindGitRevision() /.../forgejo-runner/act/common/git/git.go:70 +0xe4 github.com/go-git/go-git/v5.PlainOpenWithOptions() /home/mfenniak/go/pkg/mod/github.com/go-git/go-git/v5@v5.16.2/repository.go:332 +0x7a6 code.forgejo.org/forgejo/runner/v9/act/common/git.FindGitRevision() /.../forgejo-runner/act/common/git/git.go:58 +0xc4 ...snip... ================== ``` Reviewed-on: https://code.forgejo.org/forgejo/runner/pulls/875 Reviewed-by: earl-warren <earl-warren@noreply.code.forgejo.org> Co-authored-by: Mathieu Fenniak <mathieu@fenniak.net> Co-committed-by: Mathieu Fenniak <mathieu@fenniak.net> |
||
|---|---|---|
| .. | ||
| artifactcache | ||
| cacheproxy | ||
| common | ||
| container | ||
| exprparser | ||
| filecollector | ||
| jobparser | ||
| lookpath | ||
| model | ||
| runner | ||
| schema | ||
| workflowpattern | ||