From 51a532a532e3bd506b0e0bc6661bd7942685e93e Mon Sep 17 00:00:00 2001
From: Steve Loughran <stevel@cloudera.com>
Date: Mon, 18 Apr 2022 19:24:35 +0100
Subject: [PATCH] HADOOP-18202. create-release fails fatal: unsafe repository
 (#4188)

Since April 2022/CVE-2022-24765, git refuses to work in directories
whose owner != the current user, unless explicitly told to trust it.

This patches the create-release script to trust the /build/source
dir mounted from the hosting OS, whose userid is inevitably different
from that of the account in the container running git.

Contributed by: Steve Loughran, Ayush Saxena and the new git error messages

Change-Id: I855a105e6d0ab533468f9436578c8d4f81b0840b
---
 dev-support/bin/create-release | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/dev-support/bin/create-release b/dev-support/bin/create-release
index 39a5d0d319..3682917963 100755
--- a/dev-support/bin/create-release
+++ b/dev-support/bin/create-release
@@ -535,6 +535,10 @@ function makearelease
 
   big_console_header "Cleaning the Source Tree"
 
+  # Since CVE-2022-24765 in April 2022, git refuses to work in directories
+  # whose owner != the current user, unless explicitly told to trust it.
+  git config --global --add safe.directory /build/source
+
   # git clean to clear any remnants from previous build
   run "${GIT}" clean -xdf -e /patchprocess