Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Error in GitHub Workflow: detected dubious ownership in repository #5

Closed
theory opened this issue Jan 19, 2024 · 3 comments · Fixed by #6 or #9
Closed

Error in GitHub Workflow: detected dubious ownership in repository #5

theory opened this issue Jan 19, 2024 · 3 comments · Fixed by #6 or #9
Assignees
@theory
Labels
bug Something isn't working

Comments

@theory
Copy link
Member

theory commented Jan 19, 2024

At least when running as the root user. Looks like it can be fixed by adding a command to entrypoint.sh
@theory theory added the bug Something isn't working label Jan 19, 2024
@theory theory self-assigned this Jan 19, 2024
theory added a commit that referenced this issue Jan 19, 2024
@theory
Fix Git archiving and upgrade
dd88d37 
In GitHub actions `pgxn-bundle` was failing to run `git archive` because
the `git rev-parse` command it uses to test whether it's working in a
Git tree was failing with the suppressed error "detected dubious
ownership in repository". Fix it by running this command in
`entrypoint.sh`:

```shell
git config --system --add safe.directory "$PWD"
```

So that the working directory is always considered safe. Also tweaked
the test to fail if it doesn't use `git archive` to zip the files, and
updated `pgxn-bundle` to say whether it's archiving from a Git repo or
zipping all the files. Also turned on verbosity for `git archive` to
emit the list of files added to the zip archive. Fixes #5.

Other changes:

*   Use the Docker `--volume` option instead of `--mount` in tests and
    documentation.
*   Upgrade checkout and Docker GitHub actions.
*   Update copyright year.
*   Document installed Apt packages.
theory added a commit that referenced this issue Jan 19, 2024
@theory
Fix Git archiving and improve docs
06651f0 
In GitHub actions `pgxn-bundle` was failing to run `git archive` because
the `git rev-parse` command it uses to test whether it's working in a
Git tree was failing with the suppressed error "detected dubious
ownership in repository". Fix it by running this command in
`entrypoint.sh`:

```shell
git config --system --add safe.directory "$PWD"
```

So that the working directory is always considered safe. Also tweaked
the test to fail if it doesn't use `git archive` to zip the files, and
updated `pgxn-bundle` to say whether it's archiving from a Git repo or
zipping all the files. Also turned on verbosity for `git archive` to
emit the list of files added to the zip archive. Fixes #5.

Other changes:

*   Use the Docker `--volume` option instead of `--mount` in tests and
    documentation.
*   Upgrade checkout and Docker GitHub actions.
*   Update copyright year.
*   Document installed Apt packages.
theory added a commit that referenced this issue Jan 19, 2024
@theory
Fix Git archiving and improve docs
16970ba 
In GitHub actions `pgxn-bundle` was failing to run `git archive` because
the `git rev-parse` command it uses to test whether it's working in a
Git tree was failing with the suppressed error "detected dubious
ownership in repository". Fix it by running this command in
`entrypoint.sh`:

```shell
git config --system --add safe.directory "$PWD"
```

So that the working directory is always considered safe. Also tweaked
the test to fail if it doesn't use `git archive` to zip the files, and
updated `pgxn-bundle` to say whether it's archiving from a Git repo or
zipping all the files. Also turned on verbosity for `git archive` to
emit the list of files added to the zip archive. Fixes #5.

Other changes:

*   Use the Docker `--volume` option instead of `--mount` in tests and
    documentation.
*   Upgrade checkout and Docker GitHub actions.
*   Update copyright year.
*   Document installed Apt packages.
@theory theory mentioned this issue Jan 19, 2024
Merged
@theory theory closed this as completed in aac074a Jan 19, 2024
@theory
Copy link
Member Author

theory commented Jan 19, 2024

Unfortunately this is still happening in one of my projects. Re-opening till I can figure it out.

@theory theory reopened this Jan 19, 2024
theory added a commit to tembo-io/pg_vectorize that referenced this issue Jan 19, 2024
@theory
Generate META.json
91e9985 
Rather than modify it in the repository and potentially create weird
conflicts. Generate it from an input file, instead.

Use `git config --add safe.directory` to tell Git to trust the current
directory, even though it is used by a different user. This is required
to work around pgxn/docker-pgxn-tools#5.

But also use the newly-released `pgxn/pgxn-tools:1.4` image to build the
distribution, so as to use the new `GIT_BUNDLE_OPTS` variable to add the
generated `META.json` file to the bundle. It would otherwise be excluded
because `git archive` includes only committed files.
@theory theory mentioned this issue Jan 19, 2024
Merged
@theory
Copy link
Member Author

theory commented Jan 20, 2024
edited
Loading

Okay, #6 legit fixes this issue for someone just running the image, as demonstrated in this run failing without entrypoint.sh setting safe.directory. But I'm still seeing failures in GitHub workflows. It might be something to do with actions/checkout#1169, so I'm keeping an eye on it.

@theory
Copy link
Member Author

theory commented Jan 22, 2024

Going to try to disable this security check in the Docker image.

@theory theory mentioned this issue Jan 22, 2024
Merged
@theory theory closed this as completed in 1114aed Jan 22, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@theory theory

Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
1 participant
@theory