Problem pushing to dokku host: detected dubious ownership in repository at '/github/workspace'

[darko1002001]

Description of problem

I am getting this error when using the 1.1.1 version of the action

  Pushing to Dokku Host
  fatal: detected dubious ownership in repository at '/github/workspace'
  To add an exception for this directory, call:

      git config --global --add safe.directory /github/workspace

Command that gets executed which fails

  /usr/bin/docker run --name cd98fa40c5366f07943d08915418e239e0cfd_f14866 --label 4cd98f --workdir /github/workspace --rm -e INPUT_BRANCH -e INPUT_GIT_REMOTE_URL -e INPUT_SSH_PRIVATE_KEY -e INPUT_CI_BRANCH_NAME -e INPUT_CI_COMMIT -e INPUT_COMMAND -e INPUT_DEPLOY_DOCKER_IMAGE -e INPUT_DEPLOY_USER_NAME -e INPUT_DEPLOY_USER_EMAIL -e INPUT_GIT_PUSH_FLAGS -e INPUT_REVIEW_APP_NAME -e INPUT_SSH_HOST_KEY -e BRANCH -e CI_BRANCH_NAME -e CI_COMMIT -e COMMAND -e DEPLOY_DOCKER_IMAGE -e DEPLOY_USER_NAME -e DEPLOY_USER_EMAIL -e GIT_PUSH_FLAGS -e GIT_REMOTE_URL -e REVIEW_APP_NAME -e SSH_HOST_KEY -e SSH_PRIVATE_KEY -e HOME -e GITHUB_JOB -e GITHUB_REF -e GITHUB_SHA -e GITHUB_REPOSITORY -e GITHUB_REPOSITORY_OWNER -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RETENTION_DAYS -e GITHUB_RUN_ATTEMPT -e GITHUB_ACTOR -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GITHUB_EVENT_NAME -e GITHUB_SERVER_URL -e GITHUB_API_URL -e GITHUB_GRAPHQL_URL -e GITHUB_REF_NAME -e GITHUB_REF_PROTECTED -e GITHUB_REF_TYPE -e GITHUB_WORKSPACE -e GITHUB_ACTION -e GITHUB_EVENT_PATH -e GITHUB_ACTION_REPOSITORY -e GITHUB_ACTION_REF -e GITHUB_PATH -e GITHUB_ENV -e GITHUB_STEP_SUMMARY -e RUNNER_OS -e RUNNER_ARCH -e RUNNER_NAME -e RUNNER_TOOL_CACHE -e RUNNER_TEMP -e RUNNER_WORKSPACE -e ACTIONS_RUNTIME_URL -e ACTIONS_RUNTIME_TOKEN -e ACTIONS_CACHE_URL -e GITHUB_ACTIONS=true -e CI=true --entrypoint "/bin/dokku-deploy" -v "/var/run/docker.sock":"/var/run/docker.sock" -v "/home/runner/work/_temp/_github_home":"/github/home" -v "/home/runner/work/_temp/_github_workflow":"/github/workflow" -v "/home/runner/work/_temp/_runner_file_commands":"/github/file_commands" -v "/home/runner/work/my-app/my-app-backend":"/github/workspace" 4cd98f:a40c5366f07943d08915418e239e0cfd

Environment configuration

This is the deploy task i am using.

deploy: runs-on: ubuntu-latest steps:

• name: Cloning repo uses: actions/checkout@v3 with: fetch-depth: 0
• name: Push to staging - Backend uses: dokku/github-action@master with: branch: 'master' git_remote_url: 'my ssh url here' ssh_private_key: PRIVATE KEY HERE

I am using: dokku version 0.27.6

[joelstoddard]

+1 on this, my theory is the addition of the optional arguments here is interfering with the git config inside the container, where the user.email and user.name that the action uses to deploy to your dokku instance is set, though I haven't found those lines in the codebase(s) yet.

Quick fix would be to revert to version 1.0.2 in your workflow file, replacing dokku/github-action@master with dokku/github-action@1.0.2.

[josegonzalez]

That theory is unfortunately wrong. It has to do with the newer git version that is used in the newer base image. I can set that property in the image before we do a git push but I'm afk so that will need to wait till later today.

[javierav]

This error is due to a git command security improvement change: https://github.com/git/git/commit/8959555cee7ec045958f9b6dd62e541affb7e7d9

Also reported here https://github.com/actions/runner/issues/2033

The most obvious solution is add git config --global --add safe.directory /github/workspace

[asilano]

The most obvious solution is add git config --global --add safe.directory /github/workspace

Add it where? If I add it as a step in the job between checkout and push...

  deploy_staging:
    concurrency:
      group: staging_deploy
    runs-on: ubuntu-latest
    if: github.ref == 'refs/heads/staging'
    needs: [test]
    steps:
      - name: Clone
        uses: actions/checkout@v2
        with:
          fetch-depth: 0

      - name: Mark github workspace as safe
        run: |
          git config --global --add safe.directory /github/workspace

      - name: Push to dokku staging
        uses: dokku/github-action@master
        with:
          git_push_flags: '--force'
          git_remote_url: 'ssh://dokku@my-server'
          ssh_private_key: ${{ secrets.DOKKU_PRIVATE_KEY }}

Then it still fails. Likewise if I try the suggestion from actions/runner#2033 of chown -R $(id -u):$(id -g) $PWD

[javierav]

Sorry @asilano , but these changes should be done by @josegonzalez in the bin/* files of https://github.com/dokku/ci-docker-docker image repository. He said that will do later today. 😉

[asilano]

Ah, thought that might be the case.

Is there a known workaround?

[josegonzalez]

If someone wants to try version ed6c57e19913c8f663e0b240fe3b3cfc1c8c5781 (instead of v1.1.0) to verify the fix, that would be great.

[josegonzalez]

The newer version is out. If someone wants to try v1.1.2, let me know if it is fixed (should be).

[asilano]

Seems to do the job - thanks for the speedy fix!

[javierav]

@josegonzalez yes, it works as expected! Thanks! 👏🏻 👏🏻

[rahoulb]

Can confirm it works for me - thank you for the quick fix.

[bernatixer]

Thanks for the quick fix :D