Creating from template project results in change of file permissions
Summary
When creating a project from the default spring template it appears that the permissions change and execution permissions get dropped with the project executables.
This most often shows up as a SAST Permission denied
error since Category:SAST will fail to run by attempting to use the mvnw
executable that's incorrectly initialized.
Steps to reproduce
- Create project from template
spring
- Clone project and template
- Compare permissions between
templated project
andsource project
Example
Note missing executable permissions:
gl ❯ git clone git@gitlab.com:gitlab-org/project-templates/spring.git && ls -l spring/mvnw
Cloning into 'spring'...
remote: Enumerating objects: 95, done.
remote: Counting objects: 100% (95/95), done.
remote: Compressing objects: 100% (47/47), done.
remote: Total 95 (delta 23), reused 86 (delta 20)
Receiving objects: 100% (95/95), 55.47 KiB | 660.00 KiB/s, done.
Resolving deltas: 100% (23/23), done.
-rwxr-xr-x 1 theoretick staff 6468 Sep 23 13:05 spring/mvnw
gl ❯ git clone git@gitlab.com:theoretick/spring-permissions-test.git && ls -l spring-permissions-test/mvnw
Cloning into 'spring-permissions-test'...
remote: Enumerating objects: 27, done.
remote: Total 27 (delta 0), reused 0 (delta 0)
Receiving objects: 100% (27/27), 47.28 KiB | 562.00 KiB/s, done.
-rw-r--r-- 1 theoretick staff 6468 Sep 23 13:10 spring-permissions-test/mvnw
Example Project
https://gitlab.com/theoretick/spring-permissions-test
What is the current bug behavior?
Permissions change when cloning template projects, preventing execution of included scripts
What is the expected correct behavior?
Permissions should mirror template projects
Relevant logs and/or screenshots
See reproduction above
Output of checks
This bug happens on GitLab.com
Results of GitLab environment info
Expand for output related to GitLab environment info
(For installations with omnibus-gitlab package run and paste the output of:
sudo gitlab-rake gitlab:env:info
)(For installations from source run and paste the output of:
sudo -u git -H bundle exec rake gitlab:env:info RAILS_ENV=production
)
Results of GitLab application Check
Expand for output related to the GitLab application check
(For installations with omnibus-gitlab package run and paste the output of:
sudo gitlab-rake gitlab:check SANITIZE=true
)(For installations from source run and paste the output of:
sudo -u git -H bundle exec rake gitlab:check RAILS_ENV=production SANITIZE=true
)(we will only investigate if the tests are passing)
Possible fixes
(If you can, link to the line of code that might be responsible for the problem)