From aba04a0e803e0aa6468449becef734f058c036d4 Mon Sep 17 00:00:00 2001
From: "Pavel Tumik @ GitPod" <18602811+sagor999@users.noreply.github.com>
Date: Mon, 17 Oct 2022 16:04:53 -0700
Subject: [PATCH] run git command as gitpod user when using pvc

---
 components/content-service/pkg/git/git.go       | 10 +++++++++-
 .../content-service/pkg/initializer/git.go      | 17 +++++++++++++++++
 .../pkg/initializer/initializer.go              |  3 ++-
 3 files changed, 28 insertions(+), 2 deletions(-)

diff --git a/components/content-service/pkg/git/git.go b/components/content-service/pkg/git/git.go
index e5f99416b5dfbe..362d1d6cc7c3d0 100644
--- a/components/content-service/pkg/git/git.go
+++ b/components/content-service/pkg/git/git.go
@@ -92,6 +92,9 @@ type Client struct {
 
 	// UpstreamCloneURI is the fork upstream of a repository
 	UpstreamRemoteURI string
+
+	// if true will run git command as gitpod user (should be executed as root that has access to sudo in this case)
+	RunAsGitpodUser bool
 }
 
 // Status describes the status of a Git repo/working copy akin to "git status"
@@ -197,7 +200,12 @@ func (c *Client) GitWithOutput(ctx context.Context, ignoreErr *string, subcomman
 
 	span.LogKV("args", fullArgs)
 
-	cmd := exec.Command("git", fullArgs...)
+	cmdName := "git"
+	if c.RunAsGitpodUser {
+		cmdName = "sudo"
+		fullArgs = append([]string{"-u", "gitpod", "git"}, fullArgs...)
+	}
+	cmd := exec.Command(cmdName, fullArgs...)
 	cmd.Dir = c.Location
 	cmd.Env = env
 
diff --git a/components/content-service/pkg/initializer/git.go b/components/content-service/pkg/initializer/git.go
index e3eaccb3f240d4..6e5b4076f2d8c7 100644
--- a/components/content-service/pkg/initializer/git.go
+++ b/components/content-service/pkg/initializer/git.go
@@ -76,6 +76,23 @@ func (ws *GitInitializer) Run(ctx context.Context, mappings []archive.IDMapping)
 			return err
 		}
 
+		// make sure that folder itself is owned by gitpod user prior to doing git clone
+		// this is needed as otherwise git clone will fail if the folder is owned by root
+		if ws.RunAsGitpodUser {
+			args := []string{"gitpod", ws.Location}
+			cmd := exec.Command("chown", args...)
+			res, cerr := cmd.CombinedOutput()
+			if cerr != nil && !process.IsNotChildProcess(cerr) {
+				err = git.OpFailedError{
+					Args:       args,
+					ExecErr:    cerr,
+					Output:     string(res),
+					Subcommand: "chown",
+				}
+				return err
+			}
+		}
+
 		log.WithField("stage", "init").WithField("location", ws.Location).Debug("Running git clone on workspace")
 		err = ws.Clone(ctx)
 		if err != nil {
diff --git a/components/content-service/pkg/initializer/initializer.go b/components/content-service/pkg/initializer/initializer.go
index 828202f08b59fd..1fc2a5a1d6156f 100644
--- a/components/content-service/pkg/initializer/initializer.go
+++ b/components/content-service/pkg/initializer/initializer.go
@@ -261,10 +261,11 @@ func newGitInitializer(ctx context.Context, loc string, req *csapi.GitInitialize
 			Config:            req.Config.CustomConfig,
 			AuthMethod:        authMethod,
 			AuthProvider:      authProvider,
+			RunAsGitpodUser:   forceGitpodUser,
 		},
 		TargetMode:  targetMode,
 		CloneTarget: req.CloneTaget,
-		Chown:       forceGitpodUser,
+		Chown:       false,
 	}, nil
 }