Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

go build fails to read vcs info when .git is owned by a different user #452

Closed
forsaken628 opened this issue Feb 6, 2023 · 6 comments
Closed

go build fails to read vcs info when .git is owned by a different user #452

forsaken628 opened this issue Feb 6, 2023 · 6 comments

Comments

@forsaken628
Copy link

golang:bullseye built-in install git(2.30.2) which break our CI/CD system.

golang/go#53532
@peterdeme
Copy link

peterdeme commented Feb 6, 2023
edited
Loading

Same here, it messed up our CI/CD on GitHub Actions.

  test:
    name: Test
    runs-on: ubuntu-latest
    container: golang:1.19
    steps:
      - name: Test the code
        run: go test ./...

Output:

error obtaining VCS status: exit status 128
	Use -buildvcs=false to disable VCS stamping.

We fixed it by using the previous version of the container:

    container: golang@sha256:bb9811fad43a7d6fd2173248d8331b2dcf5ac9af20976b1937ecd214c5b8c383

@TeddiO
Copy link

TeddiO commented Feb 6, 2023
edited
Loading

Can confirm a similar issue in our CI/CD pipelines. In addition if you run go build with the -v flag you get the extra output:

fatal: detected dubious ownership in repository at '/__w/<path>'
To add an exception for this directory, call:

	git config --global --add safe.directory /__w/<path>

What's curious is actions/checkout calls this command yet it doesn't seem to be applied. Calling the command manually does work though.

1.20 and 1.19.5 based builds are affected.

1.19.4 and previous are functioning as intended.

@peterdeme
Copy link

peterdeme commented Feb 6, 2023
edited
Loading

The interesting thing is that actions/checkout@v3 even adds the current directory to the safe directories by default:

image

But for some reason it still doesn't work. If you manually add it, it starts to work:

      - name: Check out repository code
        uses: actions/checkout@v3

      - name: Set workspace as safe
        run: git config --global --add safe.directory $GITHUB_WORKSPACE

Weird.

@sozercan sozercan mentioned this issue Feb 6, 2023
Closed
@sozercan
Copy link

sozercan commented Feb 6, 2023
edited
Loading

Looks like this is due to git update that backports CVE fixes in debian bullseye and bumps the version to 2.30.2-1+deb11u1
https://release.debian.org/proposed-updates/bullseye_diffs/git_2.30.2-1+deb11u1.debdiff

@pmengelbert pmengelbert mentioned this issue Feb 7, 2023
Merged
@srenatus srenatus mentioned this issue Feb 7, 2023
Merged
@pmengelbert pmengelbert mentioned this issue Feb 7, 2023
Closed
@tianon
Copy link
Member

tianon commented Feb 8, 2023

The best solution here is probably going to be using git config --add safe.directory /... to your CI/builds 😞

@yosifkit
Copy link
Member

yosifkit commented Feb 8, 2023

Closing as this is not something we can work around generally and safely in the image and is the result of a CVE fix in git.

@yosifkit yosifkit closed this as not planned Won't fix, can't repro, duplicate, stale Feb 8, 2023
dkoshkin added a commit to mesosphere/cluster-api that referenced this issue Feb 9, 2023
@dkoshkin
ci: pin golang image
e6e64e8 
Fixes docker-library/golang#452
@mrueg mrueg mentioned this issue Feb 13, 2023
Closed
@atc0005 atc0005 mentioned this issue Feb 15, 2023
Closed
@mrueg mrueg mentioned this issue Feb 17, 2023
Merged
palexster pushed a commit to palexster/cluster-api that referenced this issue Mar 21, 2023
@dkoshkin
ci: pin golang image
da63d96 
Fixes docker-library/golang#452
@blackpiglet blackpiglet mentioned this issue Mar 27, 2023
Closed
takirala pushed a commit to takirala/cluster-api that referenced this issue Apr 11, 2023
@dkoshkin @takirala
ci: pin golang image
4568020 
Fixes docker-library/golang#452
takirala pushed a commit to takirala/cluster-api that referenced this issue Apr 12, 2023
@dkoshkin @takirala
ci: pin golang image
e2af8dd 
Fixes docker-library/golang#452
@joao-r-reis joao-r-reis mentioned this issue Jun 11, 2024
Merged
@cxdy cxdy mentioned this issue Oct 30, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@tianon @sozercan @yosifkit @TeddiO @forsaken628 @peterdeme