Skip to content

fix: tolerate EROFS when chmod on pre-existing mcp-logs dir fails#5960

Merged
lpcox merged 1 commit into
mainfrom
fix-erofs-mcp-logs-chmod
Jul 6, 2026
Merged

fix: tolerate EROFS when chmod on pre-existing mcp-logs dir fails#5960
lpcox merged 1 commit into
mainfrom
fix-erofs-mcp-logs-chmod

Conversation

@lpcox

@lpcox lpcox commented Jul 6, 2026

Copy link
Copy Markdown
Collaborator

Problem

prepareLogDirectories only caught EPERM when chmodSync failed on a pre-existing /tmp/gh-aw/mcp-logs directory. On systems where that path lives on a read-only filesystem (e.g., Docker volume mounts), EROFS was thrown and crashed the entire setup.

This also caused 12 test failures in workdir-setup.test.ts because:

  1. The test's chmodSync mock delegates to the real filesystem, which throws EROFS
  2. jest.clearAllMocks() doesn't reset mock implementations, so a mock override from one test leaked into subsequent tests

Fix

  • Source: Tolerate EROFS in addition to EPERM in the mcp-logs chmod catch block
  • Tests: Explicitly restore the chmodSync passthrough implementation in beforeEach to prevent mock leakage, and add a dedicated test for EROFS tolerance

The prepareLogDirectories function only caught EPERM when chmod failed
on a pre-existing /tmp/gh-aw/mcp-logs directory, but EROFS (read-only
file system) is equally benign — it just means we cannot change
permissions on a directory managed by another process.

Also fix test mock leakage: jest.clearAllMocks() does not reset mock
implementations, so the chmodSync mock override from one test leaked
into subsequent tests. Explicitly restore the passthrough implementation
in beforeEach.

Co-authored-by: Copilot App <223556219+Copilot@users.noreply.github.com>
Copilot AI review requested due to automatic review settings July 6, 2026 14:51
@github-actions

github-actions Bot commented Jul 6, 2026

Copy link
Copy Markdown
Contributor

✅ Coverage Check Passed

Overall Coverage

Metric Base PR Delta
Lines 98.78% 98.82% 📈 +0.04%
Statements 98.72% 98.75% 📈 +0.03%
Functions 99.72% 99.72% ➡️ +0.00%
Branches 95.14% 95.14% ➡️ +0.00%
📁 Per-file Coverage Changes (1 files)
File Lines (Before → After) Statements (Before → After)
src/workdir-setup.ts 95.9% → 97.6% (+1.66%) 95.9% → 97.6% (+1.66%)

Coverage comparison generated by scripts/ci/compare-coverage.ts

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR hardens prepareLogDirectories to avoid crashing on systems where the pre-existing MCP logs directory (/tmp/gh-aw/mcp-logs) cannot be chmod’d due to a read-only filesystem, and it stabilizes the associated Jest tests by preventing mock implementation leakage between test cases.

Changes:

  • Tolerate EROFS (in addition to EPERM) when best-effort chmodSync fails for an already-existing /tmp/gh-aw/mcp-logs.
  • Improve debug logging to report the specific skipped error code.
  • Fix Jest test isolation by restoring the default passthrough chmodSync implementation in beforeEach, and add coverage for the EROFS behavior while preserving “rethrow on other errors”.
Show a summary per file
File Description
src/workdir-setup.ts Extends the existing “best-effort chmod” error tolerance to include EROFS and logs the skipped errno code.
src/workdir-setup.test.ts Prevents chmodSync mock implementation leakage across tests and adds explicit tests for EROFS tolerance and non-EPERM/EROFS rethrow behavior.

Review details

Tip

Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

  • Files reviewed: 2/2 changed files
  • Comments generated: 0
  • Review effort level: Low

@github-actions

github-actions Bot commented Jul 6, 2026

Copy link
Copy Markdown
Contributor

🚀 Security Guard has started processing this pull request

@github-actions

github-actions Bot commented Jul 6, 2026

Copy link
Copy Markdown
Contributor

Build Test Suite completed successfully!

@github-actions

github-actions Bot commented Jul 6, 2026

Copy link
Copy Markdown
Contributor

Chroot tests failed Smoke Chroot failed - See logs for details.

@github-actions

github-actions Bot commented Jul 6, 2026

Copy link
Copy Markdown
Contributor

✨ The prophecy is fulfilled... Smoke Codex has completed its mystical journey. The stars align. 🌟

@github-actions

github-actions Bot commented Jul 6, 2026

Copy link
Copy Markdown
Contributor

Contribution Check completed successfully!

PR #5960 follows the applicable CONTRIBUTING.md guidelines; no review comment needed.

@github-actions

github-actions Bot commented Jul 6, 2026

Copy link
Copy Markdown
Contributor

📡 Smoke OTel Tracing completed. All tracing scenarios validated. ✅

@github-actions

github-actions Bot commented Jul 6, 2026

Copy link
Copy Markdown
Contributor

Smoke Gemini completed. All facets verified. 💎

@github-actions

github-actions Bot commented Jul 6, 2026

Copy link
Copy Markdown
Contributor

Smoke Copilot BYOK AOAI (api-key) reports failed. AOAI BYOK (api-key) mode investigation needed...

@github-actions

github-actions Bot commented Jul 6, 2026

Copy link
Copy Markdown
Contributor

Smoke Copilot BYOK completed. Copilot BYOK mode operational. 🔓

@github-actions

github-actions Bot commented Jul 6, 2026

Copy link
Copy Markdown
Contributor

📰 VERDICT: Smoke Copilot has concluded. All systems operational. This is a developing story. 🎤

@github-actions

github-actions Bot commented Jul 6, 2026

Copy link
Copy Markdown
Contributor

🔌 Smoke Services — All services reachable! ✅

@github-actions

github-actions Bot commented Jul 6, 2026

Copy link
Copy Markdown
Contributor

Smoke Copilot BYOK AOAI (Entra) reports failed. AOAI BYOK (Entra) mode investigation needed...

@github-actions

github-actions Bot commented Jul 6, 2026

Copy link
Copy Markdown
Contributor

Smoke Claude passed

@github-actions

github-actions Bot commented Jul 6, 2026

Copy link
Copy Markdown
Contributor

🔑 Smoke Copilot PAT PAT auth validated. All systems operational. ✅

This was referenced Jul 6, 2026
@github-actions

github-actions Bot commented Jul 6, 2026

Copy link
Copy Markdown
Contributor

Smoke Test: Services Connectivity

  • Redis PING: ❌ Network is unreachable
  • PostgreSQL pg_isready: ❌ No response
  • PostgreSQL SELECT 1: ❌ Network is unreachable

Result: FAILhost.docker.internal (172.17.0.1) is not reachable from this runner.

Warning

Firewall blocked 1 domain

The following domain was blocked by the firewall during workflow execution:

  • awmgmcpg

To allow these domains, add them to the network.allowed list in your workflow frontmatter:

network:
  allowed:
    - defaults
    - "awmgmcpg"

See Network Configuration for more information.

🔌 Service connectivity validated by Smoke Services
Add label ready-for-aw to run again

@github-actions

github-actions Bot commented Jul 6, 2026

Copy link
Copy Markdown
Contributor

Smoke Test: Copilot BYOK (Direct) Mode — PASS

  • MCP Connectivity: ✅
  • GitHub.com HTTP: ✅ 200
  • File Write/Read: ✅ smoke-test-copilot-byok.txt exists
  • BYOK Inference: ✅ (api-proxy → api.githubcopilot.com)

Running in direct BYOK mode (COPILOT_PROVIDER_API_KEY) via api-proxy → api.githubcopilot.com

@lpcoxOverall: PASS

Warning

Firewall blocked 1 domain

The following domain was blocked by the firewall during workflow execution:

  • awmgmcpg

To allow these domains, add them to the network.allowed list in your workflow frontmatter:

network:
  allowed:
    - defaults
    - "awmgmcpg"

See Network Configuration for more information.

🔑 BYOK report filed by Smoke Copilot BYOK
Add label ready-for-aw to run again

@github-actions

github-actions Bot commented Jul 6, 2026

Copy link
Copy Markdown
Contributor

Smoke Test: API Proxy OpenTelemetry Tracing

Scenario Result Details
1. Module Loading ✅ Pass otel.js loads; exports startRequestSpan, setTokenAttributes, setBudgetAttributes, endSpan, endSpanError, shutdown, isEnabled
2. Test Suite ✅ Pass 59/59 tests passed across otel.test.js and otel-fanout.test.js
3. Env Var Forwarding ✅ Pass api-proxy-env-config.ts forwards GH_AW_OTLP_ENDPOINTS, OTEL_EXPORTER_OTLP_ENDPOINT, OTEL_EXPORTER_OTLP_HEADERS, GITHUB_AW_OTEL_TRACE_ID, GITHUB_AW_OTEL_PARENT_SPAN_ID, OTEL_SERVICE_NAME
4. Token Tracker Integration ✅ Pass onUsage callback exists in token-tracker-http.js (hook point confirmed)
5. OTEL Diagnostics ✅ Pass Module initializes with local file fallback (/var/log/api-proxy/otel.jsonl) when no OTLP endpoint configured

All 5 scenarios pass.

Warning

Firewall blocked 1 domain

The following domain was blocked by the firewall during workflow execution:

  • awmgmcpg

To allow these domains, add them to the network.allowed list in your workflow frontmatter:

network:
  allowed:
    - defaults
    - "awmgmcpg"

See Network Configuration for more information.

📡 OTel tracing validated by Smoke OTel Tracing
Add label ready-for-aw to run again

@github-actions

github-actions Bot commented Jul 6, 2026

Copy link
Copy Markdown
Contributor

Smoke Test Results

  • GitHub MCP Testing: ❌ (Could not retrieve last 2 merged PRs)
  • GitHub.com Connectivity: ❌ (Connection failed)
  • File Writing Testing: ✅
  • Bash Tool Testing: ✅

Overall Status: FAIL

PR Titles found:

  1. fix: handle EPERM when chmoding pre-existing mcp-logs directory (fix: handle EPERM when chmod'ing pre-existing mcp-logs directory #5956)

Warning

Firewall blocked 1 domain

The following domain was blocked by the firewall during workflow execution:

  • localhost

To allow these domains, add them to the network.allowed list in your workflow frontmatter:

network:
  allowed:
    - defaults
    - "localhost"

See Network Configuration for more information.

💎 Faceted by Smoke Gemini
Add label ready-for-aw to run again

@github-actions

github-actions Bot commented Jul 6, 2026

Copy link
Copy Markdown
Contributor

Smoke Test: Copilot PAT Auth — PASS ✅

Test Result
GitHub MCP connectivity
GitHub.com HTTP ✅ 200
File write/read

Auth mode: PAT (COPILOT_GITHUB_TOKEN) | Author: @lpcox | Status: PASS

Warning

Firewall blocked 1 domain

The following domain was blocked by the firewall during workflow execution:

  • awmgmcpg

To allow these domains, add them to the network.allowed list in your workflow frontmatter:

network:
  allowed:
    - defaults
    - "awmgmcpg"

See Network Configuration for more information.

🔑 PAT report filed by Smoke Copilot PAT
Add label ready-for-aw to run again

@github-actions

github-actions Bot commented Jul 6, 2026

Copy link
Copy Markdown
Contributor

🔬 Smoke Test Results

Test Status
GitHub.com connectivity (HTTP 200)
File write/read test
GitHub MCP connectivity

Overall: PASS

cc @lpcox

Warning

Firewall blocked 1 domain

The following domain was blocked by the firewall during workflow execution:

  • awmgmcpg

To allow these domains, add them to the network.allowed list in your workflow frontmatter:

network:
  allowed:
    - defaults
    - "awmgmcpg"

See Network Configuration for more information.

📰 BREAKING: Report filed by Smoke Copilot
Add label ready-for-aw to run again

@github-actions

github-actions Bot commented Jul 6, 2026

Copy link
Copy Markdown
Contributor

🏗️ Build Test Suite Results

Ecosystem Project Build/Install Tests Status
Bun elysia 1/1 passed ✅ PASS
Bun hono 1/1 passed ✅ PASS
C++ fmt N/A ✅ PASS
C++ json N/A ✅ PASS
Deno oak N/A 1/1 passed ✅ PASS
Deno std N/A 1/1 passed ✅ PASS
.NET hello-world N/A ✅ PASS
.NET json-parse N/A ✅ PASS
Go color 1/1 passed ✅ PASS
Go env 1/1 passed ✅ PASS
Go uuid 1/1 passed ✅ PASS
Java gson 1/1 passed ✅ PASS
Java caffeine 1/1 passed ✅ PASS
Node.js clsx All passed ✅ PASS
Node.js execa All passed ✅ PASS
Node.js p-limit All passed ✅ PASS
Rust fd 1/1 passed ✅ PASS
Rust zoxide 1/1 passed ✅ PASS

Overall: 8/8 ecosystems passed — ✅ PASS

Warning

Firewall blocked 1 domain

The following domain was blocked by the firewall during workflow execution:

  • awmgmcpg

To allow these domains, add them to the network.allowed list in your workflow frontmatter:

network:
  allowed:
    - defaults
    - "awmgmcpg"

See Network Configuration for more information.

Generated by Build Test Suite for #5960 · 57.6 AIC · ⊞ 6.9K ·
Add label ready-for-aw to run again

@github-actions

github-actions Bot commented Jul 6, 2026

Copy link
Copy Markdown
Contributor

Smoke Test: Claude Engine Validation

Check Result
API Status ✅ PASS
GH Check ✅ PASS
File Status ✅ PASS

Overall Result: PASS

Warning

Firewall blocked 1 domain

The following domain was blocked by the firewall during workflow execution:

  • awmgmcpg

To allow these domains, add them to the network.allowed list in your workflow frontmatter:

network:
  allowed:
    - defaults
    - "awmgmcpg"

See Network Configuration for more information.

Generated by Smoke Claude for #5960 · 55.7 AIC · ⊞ 3.3K ·
Add label ready-for-aw to run again

@github-actions

github-actions Bot commented Jul 6, 2026

Copy link
Copy Markdown
Contributor

fix: handle EPERM when chmod'ing pre-existing mcp-logs directory ✅
fix(test): update BYOK workflow test to match recompiled lock files ✅
File write ✅
Discussion ✅
Build ❌
Overall: FAIL

Warning

Firewall blocked 2 domains

The following domains were blocked by the firewall during workflow execution:

  • awmgmcpg
  • registry.npmjs.org

To allow these domains, add them to the network.allowed list in your workflow frontmatter:

network:
  allowed:
    - defaults
    - "awmgmcpg"
    - "registry.npmjs.org"

See Network Configuration for more information.

🔮 The oracle has spoken through Smoke Codex
Add label ready-for-aw to run again

@lpcox lpcox merged commit 35321a7 into main Jul 6, 2026
89 of 94 checks passed
@lpcox lpcox deleted the fix-erofs-mcp-logs-chmod branch July 6, 2026 15:44
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants