From c08aa03e629eb537277d48c092de8a58927ad7c9 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jiri=20Dan=C4=9Bk?= <jdanek@redhat.com>
Date: Thu, 19 Jan 2023 18:04:35 +0100
Subject: [PATCH] Issue #908 - Change owner of CI job checkout directory to
 deal with security

---
 .github/workflows/build.yaml | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml
index ee9548b15..e4b2e3e25 100644
--- a/.github/workflows/build.yaml
+++ b/.github/workflows/build.yaml
@@ -727,6 +727,9 @@ jobs:
 
       - uses: actions/checkout@v3
 
+      - name: Take ownership of the checkout directory (Git CVE-2022-24765)
+        run: chown --recursive --reference=/ .
+
       - name: Deploy the spec.rpkg file to /
         run: ln -s packaging/skupper-router.spec.rpkg ./