[all] Devstack jobs are failing due to a git security fix
fungi at yuggoth.org
Wed Apr 13 12:02:05 UTC 2022
On 2022-04-13 11:17:06 +0200 (+0200), Dmitriy Rabotyagov wrote:
> I actually wonder if the approach with config flag to mark checkouts as
> safe should be applied more generally, when zuul preps repos for usage,
> instead of hook in devstack specifically. As it's a more general issue,
> since zuul repos can't be used as is now for other projects as well
> (limited to devstack).
I don't follow the logic here. Zuul checkouts are owned by the zuul
user which is also the user under which the job payload is executed.
This problem only arises if you try to run Git as a different user
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 963 bytes
Desc: not available
More information about the openstack-discuss