Set repo directory as safe in the git global config #10
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
About a month ago a Git security vulnerability was annouced: https://github.blog/2022-04-12-git-security-vulnerability-announced/ The security patch to address this vulnerability prevents Git from looking at .git folders owned by other users, unless these directories are added to a "safe" list in the Git config. This Github Action uses a Docker container based on Ubuntu 20.04, and the version of Git shipped with Ubuntu 20.04 was also patched. As a result, it is now necessary for this Action to set the repo directory as safe *inside the container*, given that the owner of the repo directory (Github runner user) is different from the Docker user (root). Otherwise, all Git commands fail. See also actions/checkout#760. Fixes antrea-io#9 Signed-off-by: Antonin Bas <abas@vmware.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
About a month ago a Git security vulnerability was annouced:
https://github.blog/2022-04-12-git-security-vulnerability-announced/
The security patch to address this vulnerability prevents Git from
looking at .git folders owned by other users, unless these directories
are added to a "safe" list in the Git config.
This Github Action uses a Docker container based on Ubuntu 20.04, and
the version of Git shipped with Ubuntu 20.04 was also patched. As a
result, it is now necessary for this Action to set the repo directory as
safe inside the container, given that the owner of the repo directory
(Github runner user) is different from the Docker user
(root). Otherwise, all Git commands fail.
See also actions/checkout#760.
Fixes #9
Signed-off-by: Antonin Bas abas@vmware.com