starlingx
/
root
Code Issues Proposed changes

docker-images: avoid git errors for local repos 

A recent update to git [1] causes errors when cloning a local git
repository whose .git directory contains symlinks, which it does for
repos managed by the "repo" tool. This is triggered by docker image
builds that have the following in their recipes:

  PROJECT_REPO=/path/to/local/git/repo
  MIRROR_LOCAL=yes

Symptoms: "git clone /path/to/local/git/repo" fails with an error
similar to

  fatal: failed to start iterator over '[...]/.git/objects': Not a
  directory

Workaround: add "--no-local" when calling "git clone". This avoids the
error, and also makes physical copies of .git/objects, rather than
hard-linking them.

TESTS
===================
* Make sure "git clone --no-local /path/to/local/git/repo" works
  with both the original git package (1:2.30.2-1) and the patched
  package (1:2.30.2-1+deb11u2).
* Build a test image that triggers this case

[1] https://security-tracker.debian.org/tracker/CVE-2023-22490

Closes-Bug: 2009723
Signed-off-by: Davlet Panech <davlet.panech@windriver.com>
Change-Id: I90bf0b21713701fe253b23a1bfb9fd49ec649853
This commit is contained in:
Davlet Panech 2023-03-08 12:18:31 -05:00
parent 4b5bf4bcec
commit 143cd0b946
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
build-tools/build-docker-images/build-stx-images.sh
View File

@ -457,7 +457,7 @@ function build_image_loci {
echo "Creating bare clone of ${PROJECT_REPO} for ${LABEL} build..."
if [ -n "${PROJECT_REF}" ]; then
echo "PROJECT_REF specified is ${PROJECT_REF}..."
git clone --bare ${PROJECT_REPO} ${CLONE_DIR} \
git clone --no-local --bare ${PROJECT_REPO} ${CLONE_DIR} \
&& cd ${PROJECT_REPO} \
&& git push --force ${CLONE_DIR} HEAD:refs/heads/${PROJECT_REF} \
&& mv ${CLONE_DIR}/hooks/post-update.sample ${CLONE_DIR}/hooks/post-update \
@ -466,7 +466,7 @@ function build_image_loci {
&& git update-server-info \
&& cd ${ORIGWD}
else
git clone --bare ${PROJECT_REPO} ${CLONE_DIR} \
git clone --no-local --bare ${PROJECT_REPO} ${CLONE_DIR} \
&& cd ${PROJECT_REPO} \
&& mv ${CLONE_DIR}/hooks/post-update.sample ${CLONE_DIR}/hooks/post-update \
&& chmod a+x ${CLONE_DIR}/hooks/post-update \