From fe2507957b77a7fc0b5e90308499205a09781003 Mon Sep 17 00:00:00 2001
From: Colin Walters <walters@verbum.org>
Date: Tue, 31 May 2022 17:12:54 -0400
Subject: [PATCH] ci: Also work around git checkout security check

See https://github.com/actions/checkout/issues/760#issuecomment-1097461496

Nothing malicious is happening here, we are just using the checkout
with various UIDs for complex reasons.

The name of this script is now kind of wrong, but changing it
would require a ratchet with the CI config in openshift/release.
---
 ci/set-openshift-user.sh | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/ci/set-openshift-user.sh b/ci/set-openshift-user.sh
index 3e0070ee..5953337c 100755
--- a/ci/set-openshift-user.sh
+++ b/ci/set-openshift-user.sh
@@ -22,3 +22,9 @@ rm /tmp/passwd
 # Not strictly required, but nice for debugging.
 id
 whoami
+
+# Workaround for how we cache the cosa builds in Prow and juggle users,
+# see also https://github.com/actions/checkout/issues/760#issuecomment-1097461496
+if test -d src/config; then
+    git config --global --add safe.directory $PWD/src/config
+fi