Skip to content

Fix dubious-ownership git failure in rocq-image container jobs#58

Merged
alpaylan merged 1 commit into
mainfrom
container-safe-directory
May 27, 2026
Merged

Fix dubious-ownership git failure in rocq-image container jobs#58
alpaylan merged 1 commit into
mainfrom
container-safe-directory

Conversation

@alpaylan

Copy link
Copy Markdown
Owner

Why

Follow-up to #57. With the prebuilt rocq-image now in place, the experiment job runs inside the container as root, while the checked-out workspace (and every nested submodule working dir) is owned by the host-runner uid. git refuses to operate on a repo it doesn't "own", so the Re-init submodules over HTTPS step fails:

fatal: detected dubious ownership in repository at '/__w/programmable-pbt-artifact/programmable-pbt-artifact'
##[error]Process completed with exit code 128.

…and every subsequent step (Install etna-cli, Register experiment, Run experiment) is skipped. This never happened on the host runner, which owns its workspace. actions/checkout whitelists its own git operations, but the explicit re-init step doesn't inherit that.

Fix

Add git config --global --add safe.directory '*' at the top of the re-init step, before any git command. Setting it globally means it also covers any git the experiment run shells out to later. No-op on the host path (the runner owns its workspace), so the non-container path is unaffected.

Validation

  1. Surfaced by an actual container run of bst-proplang-rocq (run): the image pulled and actions/checkout (incl. all submodules) succeeded inside it — confirming Add prebuilt Rocq toolchain image for run-experiment's rocq-image #57 works — then this step was the next failure.
  2. Reproduced and fixed locally against the toolchain image (git 2.43.0, as root, repo owned by uid 1001):
WITHOUT fix:  git submodule sync/update -> fatal: detected dubious ownership ... exit=128
WITH fix:     git submodule sync/update -> exit=0

🤖 Generated with Claude Code

When run-experiment.yml runs inside a `rocq-image` container it runs as root
while the checked-out workspace (and every nested submodule working dir) is
owned by the host-runner uid, so the "Re-init submodules over HTTPS" step dies
with `fatal: detected dubious ownership in repository` (exit 128) and skips the
whole experiment. actions/checkout whitelists its own operations, but the
explicit re-init step doesn't.

Add `git config --global --add safe.directory '*'` at the top of that step,
before any git runs. Global so it also covers git the experiment run shells out
to later; a no-op on the host runner, which owns its own workspace.

Reproduced and verified against the toolchain image locally: as root on a
uid-1001-owned repo, `git submodule sync/update` fails 128 without the line and
succeeds 0 with it.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
@alpaylan alpaylan merged commit 640470b into main May 27, 2026
7 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant