Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix dubious ownership in repository #2

Merged
merged 1 commit into from
Mar 6, 2023
Merged

Fix dubious ownership in repository #2

merged 1 commit into from
Mar 6, 2023

Conversation

winstonsung
Copy link
Contributor

@winstonsung winstonsung commented Feb 26, 2023
edited
Loading

Bug: T314987

Fix fatal: detected dubious ownership in repository at '/github/workspace'

This had caused several CI failures in https://github.com/wikimedia/mediawiki-extensions-Wikibase/actions .

Error: fatal: detected dubious ownership in repository at '/github/workspace'
To add an exception for this directory, call:
git config --global --add safe.directory /github/workspace
Reason: Recent versions of git require the .git folder to be owned
by the same user (see https://github.blog/2022-04-12-git-security-vulnerability-announced/ ).

Related:

Patchsets:

@winstonsung
Copy link
Contributor Author

CC @tarrow

@winstonsung
Copy link
Contributor Author

CC @lucaswerkmeister

lucaswerkmeister
lucaswerkmeister reviewed Feb 27, 2023
View reviewed changes
Copy link
Member

@lucaswerkmeister lucaswerkmeister left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Note: We should also add something like “Bug: T314987” to the commit message when merging this change, as I believe this PR will resolve that issue (Wikibase GitHub workflow that extracts library commits is broken).

I’m also not very familiar with how GitHub actions are made (only with how to use them), so it would be great if @tarrow could take a look.

Dockerfile Outdated Show resolved Hide resolved
Dockerfile Show resolved Hide resolved
@winstonsung
Fix dubious ownership in repository
60aafd5 
Fix fatal: detected dubious ownership in repository at '/github/workspace'

Bug: T314987
@winstonsung winstonsung deleted the branch wmde:main February 27, 2023 14:41
@winstonsung winstonsung deleted the main branch February 27, 2023 14:41
@winstonsung winstonsung reopened this Feb 27, 2023
@winstonsung
Copy link
Contributor Author

(Reminder: Approved but haven't merge.)

@tarrow
Copy link
Collaborator

tarrow commented Mar 6, 2023

generally looks fine to me; one thought I had was that maybe we ought to instead ensure that the user running git is matching the ownership of this files. I guess this would involve tweaking the container to ensure it was using the same user as the checkout action.

However, I'm not sure this is worth doing if this fix works. It's probably easier to merge this and then test than do anything else so lets go ahead.

Thanks so much for the work @winstonsung :)

@tarrow tarrow merged commit 243025e into wmde:main Mar 6, 2023
lucaswerkmeister added a commit to wmde/git-monorepo-splice-docker-action that referenced this pull request Mar 6, 2023
@lucaswerkmeister
Fix dubious ownership error
deb4018 
See wmde/git-filter-repo-docker-action#2.

Bug: T314987
@lucaswerkmeister lucaswerkmeister mentioned this pull request Mar 6, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@lucaswerkmeister lucaswerkmeister lucaswerkmeister approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@winstonsung @tarrow @lucaswerkmeister