`setup-python` pip upgrade triggers root user warning on self-hosted runners

[xgboosted]

Problem

On root-user self-hosted runners (e.g. Hetzner Cloud), setup-python internally upgrades pip against the system Python outside any venv:

// src/find-python.ts — installPip()
`${pythonLocation}/python -m pip install --upgrade pip --disable-pip-version-check`

This produces on every run:

WARNING: Running pip as the 'root' user can result in broken permissions...
Use the --root-user-action option if you know what you are doing.

The warning cannot be suppressed from the workflow side because setup-python spawns the pip subprocess via a Node.js child process with a controlled environment that does not reliably inherit the job-level PIP_ROOT_USER_ACTION env var or /etc/pip.conf.

Proposed Fix

Add --root-user-action=ignore to the pip upgrade call in src/find-python.ts:

await exec.exec(`${pythonLocation}/python`, [
  '-m', 'pip', 'install', '--upgrade', 'pip',
  '--root-user-action=ignore',
  '--disable-pip-version-check',
  '--no-warn-script-location'
]);

This is a non-breaking, no-op change on non-root runners.

Reproduction

jobs:
  test:
    runs-on: self-hosted  # root user (e.g. Hetzner Cloud ephemeral runner)
    steps:
      - uses: actions/setup-python@v6
        with:
          python-version: '3.12'

Log output:

Upgrading pip...
WARNING: Running pip as the 'root' user...
Successfully installed pip-26.0.1

Environment

setup-python	v6
Runner OS	Ubuntu 24.04
Runner user	root
Python version	3.12

[mahabaleshwars]

Hi @xgboosted,
Thank you for creating this issue. We will investigate it and provide feedback as soon as we have some updates.