From 3d6dc42003126c2c60991e2691b75c425128074b Mon Sep 17 00:00:00 2001
From: nadeemshahzad <nshahzad@edx.org>
Date: Fri, 15 Apr 2022 16:26:44 +0500
Subject: [PATCH 1/3] fix: add safe directory config and use escalated
 privileges with git clean

---
 playbooks/roles/git_clone/tasks/main.yml | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/playbooks/roles/git_clone/tasks/main.yml b/playbooks/roles/git_clone/tasks/main.yml
index 09d3bf32dff..07a52eb1e5d 100644
--- a/playbooks/roles/git_clone/tasks/main.yml
+++ b/playbooks/roles/git_clone/tasks/main.yml
@@ -111,6 +111,15 @@
     - install
     - install:code
 
+- name: Run git safe.directory
+  shell: git config --global --add safe.directory {{ item.DESTINATION }}
+  become: true
+  with_items: "{{ GIT_REPOS }}"
+  no_log: "{{ GIT_CLONE_NO_LOGGING }}"
+  tags:
+    - install
+    - install:code
+
 - name: Run git clean after checking out code
   shell: cd {{ item.DESTINATION }} && git clean -xdf
   become: true

From b942cb22d72d54e83c674547679cfc7beafa1e3d Mon Sep 17 00:00:00 2001
From: magajh <maria.jaimes@edunext.co>
Date: Tue, 19 Apr 2022 11:29:14 -0400
Subject: [PATCH 2/3] Run git safe.directory before checking that working tree
 is clean

---
 playbooks/roles/git_clone/tasks/main.yml | 18 +++++++++---------
 1 file changed, 9 insertions(+), 9 deletions(-)

diff --git a/playbooks/roles/git_clone/tasks/main.yml b/playbooks/roles/git_clone/tasks/main.yml
index 07a52eb1e5d..040fb341d10 100644
--- a/playbooks/roles/git_clone/tasks/main.yml
+++ b/playbooks/roles/git_clone/tasks/main.yml
@@ -54,6 +54,15 @@
     - install
     - install:code
 
+- name: Run git safe.directory
+  shell: git config --global --add safe.directory {{ item.DESTINATION }}
+  become: true
+  with_items: "{{ GIT_REPOS }}"
+  no_log: "{{ GIT_CLONE_NO_LOGGING }}"
+  tags:
+    - install
+    - install:code
+
 - name: Check that working tree is clean
   shell: test ! -e "{{ item }}" || git -C "{{ item }}" status --porcelain --untracked-files=no
   register: dirty_files
@@ -111,15 +120,6 @@
     - install
     - install:code
 
-- name: Run git safe.directory
-  shell: git config --global --add safe.directory {{ item.DESTINATION }}
-  become: true
-  with_items: "{{ GIT_REPOS }}"
-  no_log: "{{ GIT_CLONE_NO_LOGGING }}"
-  tags:
-    - install
-    - install:code
-
 - name: Run git clean after checking out code
   shell: cd {{ item.DESTINATION }} && git clean -xdf
   become: true

From 4dd5482e07fba7adb1219804fdb7439344a43cfd Mon Sep 17 00:00:00 2001
From: magajh <maria.jaimes@edunext.co>
Date: Wed, 4 May 2022 13:32:09 -0400
Subject: [PATCH 3/3] Set no_log to False

---
 playbooks/roles/git_clone/tasks/main.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/playbooks/roles/git_clone/tasks/main.yml b/playbooks/roles/git_clone/tasks/main.yml
index 040fb341d10..4aeb93ca89e 100644
--- a/playbooks/roles/git_clone/tasks/main.yml
+++ b/playbooks/roles/git_clone/tasks/main.yml
@@ -49,7 +49,7 @@
     mode: "0600"
   when: item.PROTOCOL == "ssh" and GIT_REPOS is defined
   with_items: "{{ GIT_REPOS }}"
-  no_log: "{{ GIT_CLONE_NO_LOGGING }}"
+  no_log: False
   tags:
     - install
     - install:code
@@ -89,7 +89,7 @@
   register: code_checkout
   when: item.PROTOCOL == "ssh" and GIT_REPOS is defined
   with_items: "{{ GIT_REPOS }}"
-  no_log: "{{ GIT_CLONE_NO_LOGGING }}"
+  no_log: False
   tags:
     - install
     - install:code