fix: run as runner user + redirect bun temp to writable /home/runner

Running as root breaks Claude CLI (refuses to start). Running as runner breaks bun (can't write to root-owned /tmp dirs from Docker build). Fix: run as --user runner, but redirect BUN_TMPDIR and TMPDIR to /home/runner/.cache/bun which is writable by the runner user. GITHUB_ENV exports apply to all subsequent steps. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-05-05 21:25:27 +02:00 · 2026-03-23 17:59:23 -07:00
parent 470ac394d5
commit 9dc04020a4
2 changed files with 12 additions and 7 deletions
@@ -59,8 +59,5 @@ RUN useradd -m -s /bin/bash runner \
    && chmod -R a+rX /opt/node_modules_cache \
    && mkdir -p /home/runner/.gstack && chown -R runner:runner /home/runner/.gstack \
    && chmod 1777 /tmp \
-    && mkdir -p /home/runner/.bun && chown -R runner:runner /home/runner/.bun
-
-# NOTE: Do NOT use USER runner here — GH Actions overrides USER and HOME
-# anyway, creating permission conflicts. Instead, we run as root (GH default)
-# and use gosu/su-exec for claude commands that refuse root.
+    && mkdir -p /home/runner/.bun && chown -R runner:runner /home/runner/.bun \
+    && chmod -R 1777 /tmp