ci: resolve dubious ownership for git#2100
Merged
lzap merged 1 commit intoosbuild:mainfrom Dec 18, 2025
Merged
Conversation
This patch addresses the recurring error obtaining VCS status: exit status 128 seen during the build phase of our GitHub Actions. This error is caused by a Git security update (CVE-2022-24765) that prevents Git commands from running in directories owned by a user different from the current one. In our CI/CD environment—especially when using containers—the workspace owner often differs from the build user, causing Go's VCS stamping to fail. This is safe, because our CI environments are not shared.
achilleas-k
approved these changes
Dec 18, 2025
This was referenced Dec 18, 2025
mvo5
approved these changes
Dec 18, 2025
croissanne
added a commit
to croissanne/osbuild-composer
that referenced
this pull request
Jan 21, 2026
Changes with 0.231.0 ---------------- - Drop iommu.strict=0 from aarch64 EC2 images (osbuild/images#2090) - Author: Achilleas Koutsou, Reviewers: Lukáš Zapletal, Simon de Vlieger, Tomáš Hozza - bootc: Fix selinux labeling when using separate build container (osbuild/images#2092) - Author: Alexander Larsson, Reviewers: Lukáš Zapletal, Simon de Vlieger, Tomáš Hozza - ci: resolve dubious ownership for git (osbuild/images#2100) - Author: Lukáš Zapletal, Reviewers: Achilleas Koutsou, Michael Vogt - data: import RH v4 key on rhel-10.1+ only (osbuild/images#2097) - Author: Michael Vogt, Reviewers: Lukáš Zapletal, Simon de Vlieger - distrodefs: drop `use_syslinux` as it has no effect (osbuild/images#2088) - Author: Michael Vogt, Reviewers: Lukáš Zapletal, Simon de Vlieger - fedora: /boot on btrfs for Fedora Cloud 44 (HMS-9737) (osbuild/images#1960) - Author: Simon de Vlieger, Reviewers: Lukáš Zapletal, Neal Gompa (ニール・ゴンパ), Tomáš Hozza - fedora: add `server-network-installer` (osbuild/images#2094) - Author: Simon de Vlieger, Reviewers: Lukáš Zapletal, Tomáš Hozza - installer: only install `syslinux` when needed (osbuild/images#2089) - Author: Simon de Vlieger, Reviewers: Lukáš Zapletal, Tomáš Hozza - manifest: add `set -e` to `bootc switch...` kickstart %post (osbuild/images#2093) - Author: Michael Vogt, Reviewers: Lukáš Zapletal, Simon de Vlieger, Tomáš Hozza - many: include legal and license files in ISO (osbuild/images#2099) - Author: Simon de Vlieger, Reviewers: Lukáš Zapletal, Tomáš Hozza - osbuild: drop `valueIn` helper (osbuild/images#2086) - Author: Michael Vogt, Reviewers: Brian C. Lane, Simon de Vlieger - readme: update link to image definitions (osbuild/images#2070) - Author: Anna Vítová, Reviewers: Achilleas Koutsou, Lukáš Zapletal, Simon de Vlieger, Tomáš Hozza - test: cross arch build/boot smoke test for ppc64le,s390x (osbuild/images#2069) - Author: Michael Vogt, Reviewers: Lukáš Zapletal, Simon de Vlieger, Tomáš Hozza
achilleas-k
pushed a commit
to osbuild/osbuild-composer
that referenced
this pull request
Jan 21, 2026
Changes with 0.231.0 ---------------- - Drop iommu.strict=0 from aarch64 EC2 images (osbuild/images#2090) - Author: Achilleas Koutsou, Reviewers: Lukáš Zapletal, Simon de Vlieger, Tomáš Hozza - bootc: Fix selinux labeling when using separate build container (osbuild/images#2092) - Author: Alexander Larsson, Reviewers: Lukáš Zapletal, Simon de Vlieger, Tomáš Hozza - ci: resolve dubious ownership for git (osbuild/images#2100) - Author: Lukáš Zapletal, Reviewers: Achilleas Koutsou, Michael Vogt - data: import RH v4 key on rhel-10.1+ only (osbuild/images#2097) - Author: Michael Vogt, Reviewers: Lukáš Zapletal, Simon de Vlieger - distrodefs: drop `use_syslinux` as it has no effect (osbuild/images#2088) - Author: Michael Vogt, Reviewers: Lukáš Zapletal, Simon de Vlieger - fedora: /boot on btrfs for Fedora Cloud 44 (HMS-9737) (osbuild/images#1960) - Author: Simon de Vlieger, Reviewers: Lukáš Zapletal, Neal Gompa (ニール・ゴンパ), Tomáš Hozza - fedora: add `server-network-installer` (osbuild/images#2094) - Author: Simon de Vlieger, Reviewers: Lukáš Zapletal, Tomáš Hozza - installer: only install `syslinux` when needed (osbuild/images#2089) - Author: Simon de Vlieger, Reviewers: Lukáš Zapletal, Tomáš Hozza - manifest: add `set -e` to `bootc switch...` kickstart %post (osbuild/images#2093) - Author: Michael Vogt, Reviewers: Lukáš Zapletal, Simon de Vlieger, Tomáš Hozza - many: include legal and license files in ISO (osbuild/images#2099) - Author: Simon de Vlieger, Reviewers: Lukáš Zapletal, Tomáš Hozza - osbuild: drop `valueIn` helper (osbuild/images#2086) - Author: Michael Vogt, Reviewers: Brian C. Lane, Simon de Vlieger - readme: update link to image definitions (osbuild/images#2070) - Author: Anna Vítová, Reviewers: Achilleas Koutsou, Lukáš Zapletal, Simon de Vlieger, Tomáš Hozza - test: cross arch build/boot smoke test for ppc64le,s390x (osbuild/images#2069) - Author: Michael Vogt, Reviewers: Lukáš Zapletal, Simon de Vlieger, Tomáš Hozza
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This patch addresses the recurring error obtaining
VCS status: exit status 128seen during the build phase of our GitHub Actions.This error is caused by a Git security update (CVE-2022-24765) that prevents Git commands from running in directories owned by a user different from the current one. In our CI/CD environment—especially when using containers—the workspace owner often differs from the build user, causing Go's VCS stamping to fail.
This is safe, because our CI environments are not shared.
For the record,
git buildin fact actually does work and produce binary (at least versions 1.20+) but it still returns 128 which our wrapper treats as error, correctly so. Therefore whole test fails.