Permission denied when using "cache" in gitlab-ci.yml

We get the following when attempting to use cache directives

This is with gitlab from bigbang release 1.5.0

changed the description

Please provide relevant gitlab-ci.yml code in the description that shows how you are configuring cache.

added gitlabRunner label

This is mostly copied from the maven gitlab template

# This file is a template, and might need editing before it works on your project.
# Build JAVA applications using Apache Maven (http://maven.apache.org)
# For docker image tags see https://hub.docker.com/_/maven/
#
# For general lifecycle information see https://maven.apache.org/guides/introduction/introduction-to-the-lifecycle.html

# This template will build and test your projects
# * Caches downloaded dependencies and plugins between invocation.
# * Verify but don't deploy merge requests.
# * Deploy built artifacts from master branch only.

stages:
  - build
  - test
  - deploy

variables:
  # This will suppress any download for dependencies and plugins or upload messages which would clutter the console log.
  # `showDateTime` will show the passed time in milliseconds. You need to specify `--batch-mode` to make this work.
  MAVEN_OPTS: "-Dhttps.protocols=TLSv1.2 -Dmaven.repo.local=$CI_PROJECT_DIR/.m2/repository -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=WARN -Dorg.slf4j.simpleLogger.showDateTime=true -Djava.awt.headless=true"
  # As of Maven 3.3.0 instead of this you may define these options in `.mvn/maven.config` so the same config is used
  # when running from the command line.
  # `installAtEnd` and `deployAtEnd` are only effective with recent version of the corresponding plugins.
  MAVEN_CLI_OPTS: "--batch-mode --errors --fail-at-end --show-version -DinstallAtEnd=true -DdeployAtEnd=true"

before_script:
  - export CERT_PATH=${CI_PROJECT_DIR}/.certs
  - export SSL_ARGS="-Dmaven.wagon.http.ssl.insecure=true -Dmaven.wagon.http.ssl.allowall=true"

# This template uses jdk8 for verifying and deploying images
image: maven:3.8.1-jdk-11

# Cache downloaded dependencies and plugins between builds.
# To keep cache across branches add 'key: "$CI_JOB_NAME"'
cache:
  paths:
    - .m2/repository
    - target/

build:
  stage: build
  script:
    - mvn $MAVEN_CLI_OPTS package

This is our config from the bigbant customer template in configmpa.yaml

  gitlabRunner:
    enabled: true
    values:
      rbac:
        create: true
        clusterWideAccess: true   
      monitoring:
        enabled: true

This is probably caused by IronBank hardened images not allowing user 'git' to write to root directories. Probable solution is a patch to IronBank image to allow write access.

assigned to @kevin.wilder

i can reproduce the access denied error.

created merge request !12 (merged) to address this issue

mentioned in merge request !12 (merged)

found a fix using the toml runner config

runners:
  config: |
    [[runners]]
      clone_url = "http://gitlab-webservice-default.gitlab.svc.cluster.local:8181"
      cache_dir = "/tmp/gitlab-runner/cache"
      [runners.kubernetes]
        image = "registry1.dso.mil/ironbank/redhat/ubi/ubi8:8.3"
        helper_image = "registry1.dso.mil/ironbank/gitlab/gitlab-runner/gitlab-runner-helper:v13.9.0"
        image_pull_secrets = ["private-registry"]

added kindbug label

mentioned in commit bc9fb763

closed with merge request !12 (merged)

Thanks !