-
Notifications
You must be signed in to change notification settings - Fork 8
SONARSCSVN-9 Support SVN+SSH authentication using private key #4
Conversation
I've upgraded the SVN plugin, but adding |
@jakub-bochenski Would you mind debugging the same way you did in your orignal SO post just to be sure data is correctly passed to SVNKit. I would expect something like:
|
I see the file property is set, but server response is the same
|
Setting passphrase to |
@jakub-bochenski I finally spend the time to set up a SVN+SSH repo and did some tests. It was working fine after I managed to solve all SSH configuration issues that are not specific to SVN. Please test:
It should not prompt you for a password. In my case I had to fix permission issues following: http://unix.stackexchange.com/questions/36540/why-am-i-still-getting-a-password-prompt-with-ssh-with-public-key-authentication |
No, as I've written in the initial post on SO:
Note the username for ssh connection is "ssh", "jbochenski" is used for SVN auth. PS. I've also had sonarruner working with previous versions of SVN plugin that used svn command directly |
FTR, without ant ENV changes I just did:
|
@jakub-bochenski Strange because in your logs I see: |
This indeed worked, but I think the current situation is confusing. I think sonar should at least report an error or a warning when the property-bound username doesn't match the one in URL |
Do you confirm that in SVN+SSH "mode" the SSH user and SVN user are the same? I can add a note in sonar.svn.username property to say it could also be the SSH user in case of SVN+SSH. But doing some check regarding the URL will be more work since we don't process this URL (SVNKit take the one in the repo). Also having a way to override the user to be used could be interesting: you can configure your CI engine to checkout with a user "ci" then let SonarQube do the blame with another user "sonarqube" so that you can monitor the traffic on your SVN server. |
66c7bac
to
bac3059
Compare
No, and this is WAI What works for me is setting
How about sending a PR to SVNKit? |
Maybe the documentation is not clear but in both case (HTTP auth / SSH auth) we are not interested by the SVN username but only the username needed to perform authentication. |
It was certainly confusing to me, so I'd appreciate a clarification |
This is strange - I see the SVNKit version was supposedly upgraded to 1.8.11 but I'm still getting https://issues.tmatesoft.com/issue/SVNKIT-606 when using 1.3-SNAPSHOT version |
The version in RC you've sent me is still 1.8.10 :(
|
Yep, I made this change later. Do you want that I push a new RC or are you able to build and test from sources? |
I tried doing it on my own but the problem still appears so I'd like to try a CI-built one. |
We can't easily update to SVNKit 1.8.12 until they have deployed it on Central. I have created a ticket: https://issues.tmatesoft.com/issue/SVNKIT-650 Feel free to add some pressure ;) |
@jakub-bochenski Was it ok with rc2 ? |
I tried using new version. Downloaded and installed 1.3-SNAPSHOT RC2 (double checked in update center). Set keys Run I also tried to get some more debug information. Latest run was |
@alexbde When you say SonarQube analysis is successful: does it mean you manage to see blame info in SonarQube UI? Can you share logs of your analysis (send them to me privately if you want). You can enable logs with -X but not sure it will show more details. To get more details you may need to plug a remote debugger on the process, but that's not easy on Jenkins. |
@henryju No, I can't see it in SonarQube. I meant there is no failure before svn blame, sorry. How should I send logs to you? |
@alexbde OK so no need for logs. Are you sure your keystore is not protected by a passphrase? Is /etc/ssh/id_rsa-sonar readable to SQ Scanner process? |
@henryju Yep, I double checked passphrase protection, none at all. Readability is a good thought. It's rw-r--r-- so it should be readable at least. Wouldn't there be an FileNotFoundException or similar if it won't be readable? |
Okay, I solved my issue. I didn't thought it matters but I got two different machines, one running Jenkins and one running SonarQube. I've had placed file |
Checking existence of the file is a very good idea. I'll do that (it is very strange SVNKit is not doing this check). |
Okay. Just let me know when there's a RC3 you need to be tested. |
I don't plan to do another RC. I'll do the final release. But thanks for offering ;) |
That's even better ;) |
No description provided.