vitalyliber / dokku-github-action

Deploy applications to Dokku
https://vitalyliber.com/courses/deploj-prilozhenij-s-dokku
MIT License
78 stars 32 forks source link

Deploy fails with dubious ownership error from git #25

Closed mschoettle closed 1 year ago

mschoettle commented 1 year ago

Today our deploy pipeline failed with the following error:

Run vitalyliber/dokku-github-action@v6.2
Setting up SSH directory
Saving SSH key
fatal: detected dubious ownership in repository at '/github/workspace'
Enabling force deploy
To add an exception for this directory, call:

    git config --global --add safe.directory /github/workspace
Disabling host key checking
The deploy is starting

I see that this is coming from git ensuring that the ownership of parent directories do not differ (see: https://github.blog/2022-04-12-git-security-vulnerability-announced/).

I don't fully understand how actions work but assume that this is happening in this action. Is it possible that the ownership differs between /github/workspace/ vs. any of its parents? Not sure exactly why this happens now all of a sudden. It was working fine before today.

mschoettle commented 1 year ago

I compared the log from yesterday and today and see that when building the image for this action there is a different git version being installed:

yesterday: 1:2.20.1-2+deb10u4 today: 1:2.20.1-2+deb10u6

The git version is 2.20.1, the fix was introduced into a later version but maybe it was backported for Debian. Looks like it: https://lists.debian.org/debian-lts-announce/2022/12/msg00025.html

I will create a PR to add this config.