This error has suddenly started appearing on previously working Puppet implementations.
git have added a change, in December 2022, in response to a purported security vulnerability which prevents users who don’t own the directory that the git repository resides in from doing any git actions in that directory. For example, if a directory which contains a git repository is owned by phil:phil then user root cannot do a git log in that directory. The following will be presented:
fatal: detected dubious ownership in repository at '/xxx'
To add an exception for this directory, call:
git config --global --add safe.directory /xxx
This was added in git v2.35.2 however Debian have kindly backported this fix into Debian 10 / Buster, which runs git v2.20.1.
This is particularly perplexing with Puppet because, at time of writing, even when a git directory is owned by foo:bar and you specify a user of foo in your vcsrepo block, it will clone the repository but then fail on all subsequent runs with the Path exists and is not the desired repository error.
The best solution, currently, seems to be to disable this new behaviour and revert back to the old behaviour. You can either do this on the command line or by shipping a gitconfig to all of your servers, if you have many of them.
The command line way is:
git config --global --add safe.directory "*"
Or you can add this to your /etc/gitconfig:
[safe]
directory = *
I suspect (hope) Puppet will fix this fairly soon.
Hi! you can put safe_directory => True in Puppet to add this directory and avoid the error.
Thanks. I see this was added in a very recent version of Puppet