Creating from template project results in change of file permissions

Summary

When creating a project from the default spring template it appears that the permissions change and execution permissions get dropped with the project executables.

This most often shows up as a SAST Permission denied error since Category:SAST will fail to run by attempting to use the mvnw executable that's incorrectly initialized.

Steps to reproduce

  1. Create project from template spring
  2. Clone project and template
  3. Compare permissions between templated project and source project

Example

Note missing executable permissions:

gl ❯ git clone git@gitlab.com:gitlab-org/project-templates/spring.git && ls -l spring/mvnw
Cloning into 'spring'...
remote: Enumerating objects: 95, done.
remote: Counting objects: 100% (95/95), done.
remote: Compressing objects: 100% (47/47), done.
remote: Total 95 (delta 23), reused 86 (delta 20)
Receiving objects: 100% (95/95), 55.47 KiB | 660.00 KiB/s, done.
Resolving deltas: 100% (23/23), done.
-rwxr-xr-x  1 theoretick  staff  6468 Sep 23 13:05 spring/mvnw

gl ❯ git clone git@gitlab.com:theoretick/spring-permissions-test.git && ls -l spring-permissions-test/mvnw
Cloning into 'spring-permissions-test'...
remote: Enumerating objects: 27, done.
remote: Total 27 (delta 0), reused 0 (delta 0)
Receiving objects: 100% (27/27), 47.28 KiB | 562.00 KiB/s, done.
-rw-r--r--  1 theoretick  staff  6468 Sep 23 13:10 spring-permissions-test/mvnw

Example Project

https://gitlab.com/theoretick/spring-permissions-test

What is the current bug behavior?

Permissions change when cloning template projects, preventing execution of included scripts

What is the expected correct behavior?

Permissions should mirror template projects

Relevant logs and/or screenshots

See reproduction above

Output of checks

This bug happens on GitLab.com

Results of GitLab environment info

Expand for output related to GitLab environment info 
(For installations with omnibus-gitlab package run and paste the output of:
sudo gitlab-rake gitlab:env:info)


(For installations from source run and paste the output of:
sudo -u git -H bundle exec rake gitlab:env:info RAILS_ENV=production)

Results of GitLab application Check

Expand for output related to the GitLab application check 
(For installations with omnibus-gitlab package run and paste the output of:
sudo gitlab-rake gitlab:check SANITIZE=true)


(For installations from source run and paste the output of:
sudo -u git -H bundle exec rake gitlab:check RAILS_ENV=production SANITIZE=true)


(we will only investigate if the tests are passing)

Possible fixes

(If you can, link to the line of code that might be responsible for the problem)

Edited by Lucas Charles