fatal: detected dubious ownership in repository at

Question

fatal: detected dubious ownership in repository at

Closed this issue 2 years ago · 12 comments

I started seeing this error today

It makes no sense, as the actions/checkout added the repo to the safe safe dir list

What could the issue be in this case?

Answer 1 · 2022-12-15T19:57:14.000Z

I'm wondering if maybe fixing submodule command escaping caused this (#964). The other recent change to this action was updating @actions/io.

Could you try an older release to see if v3.2.0 caused an issue (v3 is just an alias to the latest)?

uses: actions/checkout@v3.1.0

I'm not able to reproduce this so far. If you could add some logs or a workflow example I can take a look.

Answer 2 · 2022-12-17T20:19:05.000Z

Here's a sample job that failed because of that error. The repo is very simple, hopefully it can be helpful to reproduce the issue. I tried v2 and the issue wasn't there for the checkout action but it still was for others like add-and-commit that should work if modifying the git config worked properly (see this job for an example). The workaround I found was to add the directory myself in a separate step before cloning the repo (see this job for an example).

Answer 3 · 2022-12-17T22:08:14.000Z

Guys, I don't know why, but after I changed to an order image, the error is gone. My workflow jobs use a container image. I build new images from time to time, every time a new node dependency is updated. I just got an image from 9 days ago and the issue was gone. I really have no clue what is happening because I did not change anything else in the workflow. So, how could an image break this? Would u have any guesses? I can share the dockerfile from the image that works, and the one that has this error.

Answer 4 · 2022-12-19T10:09:56.000Z

@cory-miller Im still using @V3 and the issue is gone. Im pretty sure it has nothing to do with this action. The only thing I did was changing my workflows to use a container image that was built a few days ago. But I cant determine exactly why this fixed this issue. I added more details in the issue I created in the actions/runner-images repo.

Answer 5 · 2022-12-20T16:09:37.000Z

@cory-miller i tried v2 (latest) and did not work

Answer 6 · 2022-12-20T20:53:08.000Z

Finally found the issue. It is caused by a security patch that was released for git in some package managers. If you want a solution, read the other ticket that I linked from the runner's repository.

Answer 7 · 2023-01-30T08:20:44.000Z

Mine was caused by installing a few more packages (which suddenly got updated). Getting rid of those dependencies solved my issue.

Answer 8 · 2023-02-10T23:34:04.000Z

I think if this is running in a container it needs to be --system and not --global for some reason.

Answer 9 · 2023-02-10T23:47:10.000Z

So, inside a container it makes sense why the global git config doesn't exist: it clearly wasn't created by the runner or checkout.

git config --global --list
fatal: unable to read config file '/github/home/.gitconfig': No such file or directory

I'm pretty sure this is a real bug and will open a new issue for it.

Answer 10 · 2023-02-11T01:58:08.000Z

Here is the new issue: #1169

Answer 11 · 2023-09-17T08:29:05.000Z

FFR: Just use the users option:
actions/runner#2033 (comment)

Answer 12 · 2024-05-15T13:43:23.000Z

Still facing a problem when using gh in an action that uses a container. Here is my workflow file: https://github.com/huggingface/check-pr-test-workflows/actions/runs/9096755130/workflow.

Here are the logs: https://github.com/huggingface/check-pr-test-workflows/actions/runs/9096755130/job/25002925621

Any suggestions?

I have tried adding --user and it didn't help.