Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

New git CVE changes break this GHA #5

Open
KevinJCross opened this issue Apr 29, 2022 · 4 comments
Open

New git CVE changes break this GHA #5

KevinJCross opened this issue Apr 29, 2022 · 4 comments

Comments

@KevinJCross
Copy link

when using this GHA v1.0.12 we now get

Run UnicornGlobal/[email protected]
/usr/bin/docker run --name b31304f6ab38839452bb44ab0a5eb12df5c_0e9478 --label 294b31 --workdir /github/workspace --rm -e GOROOT -e INPUT_STATUS-ARGS -e INPUT_PATHSPEC -e HOME -e GITHUB_JOB -e GITHUB_REF -e GITHUB_SHA -e GITHUB_REPOSITORY -e GITHUB_REPOSITORY_OWNER -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RETENTION_DAYS -e GITHUB_RUN_ATTEMPT -e GITHUB_ACTOR -e GITHUB_WORKFLOW -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GITHUB_EVENT_NAME -e GITHUB_SERVER_URL -e GITHUB_API_URL -e GITHUB_GRAPHQL_URL -e GITHUB_REF_NAME -e GITHUB_REF_PROTECTED -e GITHUB_REF_TYPE -e GITHUB_WORKSPACE -e GITHUB_ACTION -e GITHUB_EVENT_PATH -e GITHUB_ACTION_REPOSITORY -e GITHUB_ACTION_REF -e GITHUB_PATH -e GITHUB_ENV -e GITHUB_STEP_SUMMARY -e RUNNER_OS -e RUNNER_ARCH -e RUNNER_NAME -e RUNNER_TOOL_CACHE -e RUNNER_TEMP -e RUNNER_WORKSPACE -e ACTIONS_RUNTIME_URL -e ACTIONS_RUNTIME_TOKEN -e ACTIONS_CACHE_URL -e GITHUB_ACTIONS=true -e CI=true -v "/var/run/docker.sock":"/var/run/docker.sock" -v "/home/runner/work/_temp/_github_home":"/github/home" -v "/home/runner/work/_temp/_github_workflow":"/github/workflow" -v "/home/runner/work/_temp/_runner_file_commands":"/github/file_commands" -v "/home/runner/work/app-autoscaler-release/app-autoscaler-release":"/github/workspace" 294b31:304f6ab38839452bb44ab0a5eb12df5c  "" ""
fatal: unsafe repository ('/github/workspace' is owned by someone else)
To add an exception for this directory, call:

	git config --global --add safe.directory /github/workspace

This is the same problem that checkout recently had
@somidad
Copy link

somidad commented May 10, 2022

Same for me.

@somidad
Copy link

somidad commented May 13, 2022
edited
Loading

@KevinJCross, I am now using below:

https://gist.github.com/somidad/3ce6e8a7b7d77ac8fa7fad583003d6f5

@esizer esizer mentioned this issue May 13, 2022
Merged
@KevinJCross
Copy link
Author

@gsongsong
Thanks its actually simpler than using this GHA 😆 .

escaped added a commit to woltapp/wolt-python-package-cookiecutter that referenced this issue May 25, 2022
@escaped
fix: autoupdate is broken due to new GHA policy
f67912d 
See UnicornGlobal/has-changes-action#5
@escaped escaped mentioned this issue May 25, 2022
Merged
@jakubjab jakubjab mentioned this issue Jun 15, 2022
Closed
silvestre added a commit to cloudfoundry/app-autoscaler-release that referenced this issue Aug 4, 2022
@silvestre
Replace UnicornGlobal/has-changes-action
e411a62 
with UnicornGlobal/has-changes-action#5 (comment)
@silvestre silvestre mentioned this issue Aug 4, 2022
Merged
silvestre added a commit to cloudfoundry/app-autoscaler-release that referenced this issue Aug 5, 2022
@silvestre
Replace UnicornGlobal/has-changes-action
277ca7e 
with
UnicornGlobal/has-changes-action#5 (comment)
@Zabuzard Zabuzard mentioned this issue Sep 2, 2022
Closed
stephenwan-opal added a commit to opalsecurity/terraform-provider-opal that referenced this issue Sep 21, 2022
@stephenwan-opal
.github: actually fail workflow if docs have changed
3d8040b 
UnicornGlobal/has-changes-action#5
stephenwan-opal added a commit to opalsecurity/terraform-provider-opal that referenced this issue Sep 21, 2022
@stephenwan-opal
.github: actually fail workflow if docs have changed
1041d20 
UnicornGlobal/has-changes-action#5

There is a bug in ghe generator where the presence of the env var
will cause a diff during generation. We hack around this by blanking out the env var
during generation.

hashicorp/terraform-plugin-docs#12
LeslieColor added a commit to color/lokalise-actions that referenced this issue Nov 14, 2022
@LeslieColor
Update change check to address "fatal error" when building new artifact
93e607a 
Workaround outlined and linked in UnicornGlobal/has-changes-action#5 (comment)
@LeslieColor LeslieColor mentioned this issue Nov 14, 2022
Merged
@astone123
Copy link

@KevinJCross, I am now using below:

https://gist.github.com/gsongsong/3ce6e8a7b7d77ac8fa7fad583003d6f5

- name: Check if there is any change
  id: get_changes
  run: echo "::set-output name=changed::$(git status --porcelain | wc -l)"
- name: Do something if there is any change
  if: steps.get_changes.outputs.changed != 0
  run: do something

This should now be

 - name: Check if there is any change
   id: get_changes
   run: echo "changed=$(git status --porcelain | wc -l)" >> $GITHUB_OUTPUT
 - name: Do something if there is any change
   if: steps.get_changes.outputs.changed != 0
   run: do something

since Github is deprecating set-output in favor of Environment Files

@somidad somidad mentioned this issue Jun 23, 2023
Open
@ralimi ralimi mentioned this issue Aug 27, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@somidad @KevinJCross @astone123