From 06aae60b658eb38e2162d153ef3aa0fa59c0e2ca Mon Sep 17 00:00:00 2001
From: Jan Kiszka <jan.kiszka@siemens.com>
Date: Mon, 6 Feb 2023 17:57:53 +0100
Subject: [PATCH] container: Disable git safe.directory when running without
 kas-container

This is for the sake of the gitlab-ci runner which does not properly
aligns the ownership of the repo it checks out with the UID:GID of
our builder user. Reason not yet understood and hard to debug (logging
of the runner is incomplete).

Work around this issue by disabling safe.directory checks in case the
container is called without kas-container as wrapper (means, when it is
called without setting "--user=root"). This preserves git's checks for
the common interactive case, the more critical one.

Reported-by: Ross Burton <ross@burtonini.com>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
---
 container-entrypoint | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/container-entrypoint b/container-entrypoint
index a10e1dd..cc6cce4 100755
--- a/container-entrypoint
+++ b/container-entrypoint
@@ -13,8 +13,15 @@ may also need to update the host distribution (e.g. Debian Jessie -> Stretch).
 EOF
 fi
 
-if [ -z "$USER_ID" ] || [ "$USER_ID" == 0 ]; then
-	# Not a kas-container call, or we shall run everything as root
+if [ -z "$USER_ID" ]; then
+	# Not a kas-container call
+	GOSU=""
+
+	# Work around gitlab-runner not aligning checked out repo ownership
+	# with our builder user
+	sudo git config --system safe.directory "*"
+elif [ "$USER_ID" == 0 ]; then
+	# We shall run everything as root
 	GOSU=""
 else
 	GROUP_ID=${GROUP_ID:-$(id -g)}