fatal: unsafe repository ('/github/workspace' is owned by someone else)

Question

fatal: unsafe repository ('/github/workspace' is owned by someone else)

derberg opened this issue 3 years ago · 9 comments

Hey, something wrong started happening few hours ago with the action.

must be related to https://github.blog/2022-04-12-git-security-vulnerability-announced/
related similar issue actions/checkout#760
I test solutions here derberg/test-experiment#154

logs:

Cannot find mlc_config.json
NOTE: See https://github.com/tcort/markdown-link-check#config-file-format to know more about
customizing markdown-link-check by using a configuration file.
USE_QUIET_MODE: yes
USE_VERBOSE_MODE: yes
FOLDER_PATH: .
MAX_DEPTH: -1
CHECK_MODIFIED_FILES: yes
FILE_EXTENSION: .md
FILE_PATH: 
BASE_BRANCH: master
fatal: unsafe repository ('/github/workspace' is owned by someone else)
To add an exception for this directory, call:

	git config --global --add safe.directory /github/workspace

I tried a few workarounds but non of them works: https://github.com/derberg/test-experiment/blob/derberg-patch-20/.github/workflows/links.yml#L16-L20

any ideas?

Answer 1 · 2022-04-13T12:59:34.000Z

I resolved this issue temporary 🙇

fork this repository
add git config --global --add safe.directory /github/workspace to entrypoint.sh
example: labeneko@2cbe46a
fix yml
- uses: gaurav-nelson/github-action-markdown-link-check@v1 → - uses: {your_repository}/github-action-markdown-link-check@master

Answer 2 · 2022-04-13T14:25:47.000Z

There are some more details about this error in a more general context here: actions/checkout#760

Answer 3 · 2022-04-14T19:21:07.000Z

Hmm, I've upgraded to checkout action v3, and I've also set git config --global --add safe.directory /github/workspace, but I'm still seeing the error. Any hints?

Answer 4 · 2022-04-17T04:06:56.000Z

Hmm, I've upgraded to checkout action v3, and I've also set git config --global --add safe.directory /github/workspace, but I'm still seeing the error. Any hints?

The difficulty for this action is that it runs git inside Docker, so the place where you need to edit the git config is inside the container. That is why the comment above suggests forking this repository (this is what I've done as a workaround as well).

Answer 5 · 2022-04-17T08:09:03.000Z

The difficulty for this action is that it runs git inside Docker, so the place where you need to edit the git config is inside the container

Thanks, that makes sense for the git config --global --add safe.directory /github/workspace part. But should the upgrade to checkout action v3(.0.1) alone have already fixed the issue?

Answer 6 · 2022-04-17T08:13:14.000Z

Looks like there's a new issue specifically about failing "in other workflow steps after running checkout".

Answer 7 · 2022-04-19T00:15:47.000Z

Hmm, I've upgraded to checkout action v3, and I've also set git config --global --add safe.directory /github/workspace, but I'm still seeing the error. Any hints?

The difficulty for this action is that it runs git inside Docker, so the place where you need to edit the git config is inside the container. That is why the comment above suggests forking this repository (this is what I've done as a workaround as well).

I tried the comment but it seems the markdown link checker cannot access the reference links, any insight?

Answer 8 · 2022-04-19T00:24:00.000Z

I tried the comment but it seems the markdown link checker cannot access the reference links, any insight?

The issue with reference links is not related to the permissions issue, but should be resolved by #129 being merged and released.

Answer 9 · 2022-04-20T07:18:15.000Z

ok, I see 7h ago new v1 tag was created that points to a commit with the fix, so closing this one