Dockerfile*: chown the copied files

When `go install` is called, go tries to get the git commit hash and embed it
into the built binary. Internally, go just calls the git executable.

The newer go-toolset seems to be based on RHEL 9.2 that ships a newer version
of git (2.39.1). This version contains the safe directory patch that
disallows git from operating on repositories owned by different users.

Thus, we need to chown the files when copying.

See

https://git-scm.com/docs/git-config/2.35.2#Documentation/git-config.txt-safedirectory
Signed-off-by: Ondřej Budai <ondrej@budai.cz>

distribution/Dockerfile-fauxauth

@@ -1,5 +1,8 @@
 FROM registry.access.redhat.com/ubi9/go-toolset:latest AS builder
-COPY . .
+# ubi9/go-toolset defaults to uid 1001. Let's copy the files with this UID as well.
+# Otherwise, VCS stamping will fail because git >= 2.35.2 refuses to work in
+# a repository owned by a different user.
+COPY --chown=1001 . .
 ENV GOFLAGS=-mod=vendor
 RUN go install ./cmd/osbuild-mock-openid-provider/
 

distribution/Dockerfile-ubi

@@ -5,7 +5,10 @@ USER 0
 # uses `libgpgme` so we need to install it and its build dependencies
 RUN dnf install -y gpgme-devel libassuan-devel
 USER 1001
-COPY . .
+# ubi9/go-toolset defaults to uid 1001. Let's copy the files with this UID as well.
+# Otherwise, VCS stamping will fail because git >= 2.35.2 refuses to work in
+# a repository owned by a different user.
+COPY --chown=1001 . .
 ENV GOFLAGS=-mod=vendor
 RUN go install ./cmd/osbuild-composer/
 

distribution/Dockerfile-ubi-maintenance

@@ -1,5 +1,8 @@
 FROM registry.access.redhat.com/ubi9/go-toolset:latest AS builder
-COPY . .
+# ubi9/go-toolset defaults to uid 1001. Let's copy the files with this UID as well.
+# Otherwise, VCS stamping will fail because git >= 2.35.2 refuses to work in
+# a repository owned by a different user.
+COPY --chown=1001 . .
 ENV GOFLAGS=-mod=vendor
 RUN go install ./cmd/osbuild-service-maintenance/