-
Notifications
You must be signed in to change notification settings - Fork 29
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fatal: unsafe repository ('/github/workspace' is owned by someone else) #30
Comments
@stefanb Is there a fix for this? |
My untested guess at fixing this is to either
|
@stefanb Thanks for responding. I tried both:
and
but none of them worked. |
Ownership seem to be ok:
Note the repeated "reponame" in the path, but this should not be a problem. |
Not sure where the |
|
Tried setting both |
From the Dockerfile, there's no running user defined, so it use root as default, but the directory ownership is runner:docker. I test with docker build and run it and shows:
If github action use user (runner), we cloud add it and run entrypoint with runner. |
FYI, I also tried with local config: |
Tried also
and
both with no effect, even though GIT_CEILING_DIRECTORIES was listed in the command line to docker. |
Also getting this error as well. |
FIxed in release 2.9 via #31 |
requires updating the commit action due to github-actions-x/commit#30
requires updating the commit action due to github-actions-x/commit#30
requires updating the commit action due to github-actions-x/commit#30
requires updating the commit action due to github-actions-x/commit#30
git addressed CVE-2022-24765 by refusing to process a git repository configuration file if the repository is owned by a different user. That broke CI on GitHub which uses a different user for checking out and for running the tests. actions/checkout worked around it for itself, but it reverts safe.directory git settings on exit. Hence this patch fixes it by explicitly setting git option safe.directory when a packit, which calls git, is called. github-actions-x/commit#30
As per github-actions-x/commit#30, /github/workspace isn't a safe directory anymore, preventing the push Bumping to 2.9 fixes the problem
All GitHub actions that are committing changes back to the repository started to fail overnight.
It is likely due to git emergency upgrade to fix CVE-2022-24765, see:
https://github.blog/2022-04-12-git-security-vulnerability-announced/
Log:
Example actions: https://github.com/sledilnik/data/actions
The text was updated successfully, but these errors were encountered: