fix(ccp-agent): whitelist /app/instance for git safe.directory

The agent container runs as root but the bind-mounted instance directory is owned by the host user (UID 1000 = `node` in the container). Modern git refuses to operate on such repos without an explicit safe.directory entry, breaking upgrade-check.sh's `git fetch/log` calls on source-installed tenants. Verified empirically on soroush after the previous fix landed. Bunker Admin
2026-05-20 12:14:39 -06:00 · 2026-05-20 12:14:39 -06:00 · 1b80e8294c
commit 1b80e8294c
parent a531f9b9ce
1 changed files with 6 additions and 0 deletions
--- a/changemaker-control-panel/agent/Dockerfile
+++ b/changemaker-control-panel/agent/Dockerfile
@ -12,6 +12,12 @@ FROM node:20-alpine
 # shells out to (upgrade-check.sh, upgrade.sh, backup.sh). Without them, every
 # /upgrade/* and /backup/* call returns "command not found" failures.
 RUN apk add --no-cache docker-cli docker-cli-compose git rsync bash curl jq python3
+# Agent runs as root, but the bind-mounted /app/instance is owned by the host
+# user (UID 1000 = `node` inside the container). Modern git refuses to operate
+# on repos with mismatched ownership without an explicit safe.directory entry.
+# Wildcard whitelist all paths — the agent only mounts a single host directory
+# anyway (the instance's project root).
+RUN git config --system --add safe.directory '*'
 WORKDIR /app
 COPY package*.json ./
 RUN npm ci --production