)]}'
{"/PATCHSET_LEVEL":[{"author":{"_account_id":11628,"name":"Michael Johnson","email":"johnsomor@gmail.com","username":"johnsom"},"change_message_id":"5456b2481073395ddc6d754f45f912e44bab591d","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":1,"id":"81481dab_1b106e6f","updated":"2022-04-13 23:32:35.000000000","message":"testing with https://review.opendev.org/837778","commit_id":"1fc8766290f6367ef0a3ea38e61b7330aad2ab87"},{"author":{"_account_id":7118,"name":"Ian Wienand","email":"iwienand@redhat.com","username":"iwienand"},"change_message_id":"6c04692fda40f3aa5ec30f4e0b62a50fa5d33073","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":2,"id":"3e433c9d_58bce2de","updated":"2022-04-14 04:05:44.000000000","message":"I\u0027m seeing that git has released a \"fix\" for this that at least allows you to globally set all repos as trusted [1].  that is certainly an appealing option ...\n\nthe problem here is that we are copying in a repo from the stack user, setup at\n\nhttps://opendev.org/openstack/octavia/src/branch/master/devstack/plugin.sh#L41\n\nI haven\u0027t yet determined the exact order of operations that leads to\n\nhttps://zuul.opendev.org/t/openstack/build/b86683e35eed47b6946e02d1b156482e/log/controller/logs/dib-build/amphora-x64-haproxy.qcow2_log.txt#1914\n\n[1] http://public-inbox.org/git/20220412180510.GA2173@szeder.dev/T/#t","commit_id":"ae873bd60bc5b1caab448df8c595cf69d1abb00a"}],"diskimage_builder/elements/source-repositories/extra-data.d/98-source-repositories":[{"author":{"_account_id":29244,"name":"Gregory Thiemonge","email":"gthiemon@redhat.com","username":"gthiemonge"},"change_message_id":"5eb7bfc34ebb4fae9f129203975ff08193025b02","unresolved":true,"context_lines":[{"line_number":130,"context_line":"                    #"},{"line_number":131,"context_line":"                    # [1] https://github.com/git/git/commit/ \\"},{"line_number":132,"context_line":"                    #     8959555cee7ec045958f9b6dd62e541affb7e7d9"},{"line_number":133,"context_line":"                    sudo git config --global --add safe.directory ${CACHE_PATH}"},{"line_number":134,"context_line":"                fi"},{"line_number":135,"context_line":""},{"line_number":136,"context_line":"                if [ \"$REPOREF\" !\u003d \"*\" ] ; then"}],"source_content_type":"application/x-shellscript","patch_set":2,"id":"7d394121_a1f880d6","line":133,"range":{"start_line":133,"start_character":20,"end_line":133,"end_character":24},"updated":"2022-04-14 04:32:44.000000000","message":"From the centos-8 logs:\n\n2022-04-14 01:02:47.463 | + /tmp/dib_build.DQG2D0bo/hooks/extra-data.d/98-source-repositories:get_repos_for_element:189 :   sudo git config --global --add safe.directory /tmp/dib_build.DQG2D0bo/mnt/tmp/ironic-python-agent\n2022-04-14 01:02:47.473 | + /tmp/dib_build.DQG2D0bo/hooks/extra-data.d/98-source-repositories:get_repos_for_element:190 :   pushd /tmp/dib_build.DQG2D0bo/mnt/tmp/ironic-python-agent\n2022-04-14 01:02:47.476 | + /tmp/dib_build.DQG2D0bo/hooks/extra-data.d/98-source-repositories:get_repos_for_element:191 :   [[ HEAD \u003d\u003d \\* ]]\n2022-04-14 01:02:47.480 | + /tmp/dib_build.DQG2D0bo/hooks/extra-data.d/98-source-repositories:get_repos_for_element:196 :   sudo git fetch -q /home/zuul/.cache/image-create/source-repositories/ironic_python_agent_64901bedc28fec235d2769aa790bc99f3492aa13 HEAD:fetch_HEAD\n2022-04-14 01:02:47.514 | + /tmp/dib_build.DQG2D0bo/hooks/extra-data.d/98-source-repositories:get_repos_for_element:197 :   sudo git reset --hard FETCH_HEAD\n2022-04-14 01:02:47.547 | HEAD is now at f9a7871 Add Python3 zed unit tests\n2022-04-14 01:02:47.552 | ++ /tmp/dib_build.DQG2D0bo/hooks/extra-data.d/98-source-repositories:get_repos_for_element:199 :   git rev-parse FETCH_HEAD\n2022-04-14 01:02:47.553 | fatal: unsafe repository (\u0027/tmp/dib_build.DQG2D0bo/mnt/tmp/ironic-python-agent\u0027 is owned by someone else)\n2022-04-14 01:02:47.553 | To add an exception for this directory, call:\n2022-04-14 01:02:47.553 | \n2022-04-14 01:02:47.553 | \tgit config --global --add safe.directory /tmp/dib_build.DQG2D0bo/mnt/tmp/ironic-python-agent\n\n\nit looks like \"git config\" is called with sudo, but git rev-parse doen\u0027t use sudo.\nMaybe we should add the safe.directory for both root user and \"default\" user","commit_id":"ae873bd60bc5b1caab448df8c595cf69d1abb00a"},{"author":{"_account_id":7118,"name":"Ian Wienand","email":"iwienand@redhat.com","username":"iwienand"},"change_message_id":"6e688b47be12ab4227cf4e5e201d6f396df7c556","unresolved":true,"context_lines":[{"line_number":130,"context_line":"                    #"},{"line_number":131,"context_line":"                    # [1] https://github.com/git/git/commit/ \\"},{"line_number":132,"context_line":"                    #     8959555cee7ec045958f9b6dd62e541affb7e7d9"},{"line_number":133,"context_line":"                    sudo git config --global --add safe.directory ${CACHE_PATH}"},{"line_number":134,"context_line":"                fi"},{"line_number":135,"context_line":""},{"line_number":136,"context_line":"                if [ \"$REPOREF\" !\u003d \"*\" ] ; then"}],"source_content_type":"application/x-shellscript","patch_set":2,"id":"54b61bad_d80883b7","line":133,"range":{"start_line":133,"start_character":20,"end_line":133,"end_character":24},"in_reply_to":"7d394121_a1f880d6","updated":"2022-04-14 06:16:21.000000000","message":"I\u0027m not saying we shouldn\u0027t do that -- I really don\u0027t know.  \n\nAnother approach I *think* that might work is being more explicit with the git calls and the context they are working in; proposal at [1].  This is mostly a suggestion that I hope works ...\n\nWe can probably speculatively test both ways, and decide which is more palatable \n\n[1] https://review.opendev.org/c/openstack/diskimage-builder/+/837824","commit_id":"ae873bd60bc5b1caab448df8c595cf69d1abb00a"}]}