You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
If a public registry is not reachable, cargo release -x --no-push to a private registry cannot proceed.
One concrete example is MITM where extra CA is added to the developer machine for enterprisey reasons:
$ RUST_LOG=debug ~/projects/cargo-release/target/debug/cargo-release release -x --verbose --no-push 2023.12.1
[2023-12-18T22:24:06Z DEBUG reqwest::connect] starting new connection: https://index.crates.io/
[2023-12-18T22:24:06Z DEBUG rustls::client::hs] No cached session for DnsName("index.crates.io")
[2023-12-18T22:24:06Z DEBUG rustls::client::hs] Not resuming any session
[2023-12-18T22:24:06Z DEBUG rustls::client::hs] Using ciphersuite TLS13_AES_256_GCM_SHA384
[2023-12-18T22:24:06Z DEBUG rustls::client::tls13] Not resuming
[2023-12-18T22:24:06Z DEBUG rustls::client::tls13] TLS1.3 encrypted extensions: [ServerNameAck, Protocols([ProtocolName(6832)])]
[2023-12-18T22:24:06Z DEBUG rustls::client::hs] ALPN protocol is Some(b"h2")
error: error sending request for url (https://index.crates.io/th/re/thread-saturation-exporter): error trying to connect: invalid peer certificate: UnknownIssuer: error trying to connect: invalid peer certificate: UnknownIssuer: invalid peer certificate: UnknownIssuer
There is no easy way to tell rustls to use an extra CA here, but that's a little beside the point.
One can add a panic!() to RemoteIndex::krate to get the offending stack trace:
thread 'main' panicked at src/ops/index.rs:86:9:
oh no
stack backtrace:
0: rust_begin_unwind
at /rustc/79e9716c980570bfd1f666e3b16ac583f0168962/library/std/src/panicking.rs:597:5
1: core::panicking::panic_fmt
at /rustc/79e9716c980570bfd1f666e3b16ac583f0168962/library/core/src/panicking.rs:72:14
2: cargo_release::ops::index::RemoteIndex::krate
at /Users/ivan/projects/cargo-release/src/ops/index.rs:86:9
3: cargo_release::ops::index::CratesIoIndex::krate
at /Users/ivan/projects/cargo-release/src/ops/index.rs:50:21
4: cargo_release::ops::index::CratesIoIndex::has_krate
at /Users/ivan/projects/cargo-release/src/ops/index.rs:21:12
5: cargo_release::steps::release::ReleaseStep::run
at /Users/ivan/projects/cargo-release/src/steps/release.rs:76:16
6: cargo_release::run
at /Users/ivan/projects/cargo-release/src/bin/cargo-release.rs:30:17
7: cargo_release::main
at /Users/ivan/projects/cargo-release/src/bin/cargo-release.rs:9:15
8: core::ops::function::FnOnce::call_once
at /rustc/79e9716c980570bfd1f666e3b16ac583f0168962/library/core/src/ops/function.rs:250:5
note: Some details are omitted, run with `RUST_BACKTRACE=full` for a verbose backtrace.
It doesn't feel right to check public registry to see whether a crate exists there when I'm trying to make a release for a private registry. Removing this check allows my releases to proceed as expected.
I'm not sure what's the right solution is here, but I'm certain that it should not require public registry queries.
The text was updated successfully, but these errors were encountered:
epage
added a commit
to epage/cargo-release
that referenced
this issue
Dec 27, 2023
Ideally we'd find the proper registry and talk to it but that takes a
lot more work to support.
Until then, we'll just act like the registry has no packages in it and
put in some specific hacks to support it.
This should be less brittle than our previous approach which just hoped
we sprinkled `config.registr().is_none()` in the right places.
Fixescrate-ci#732
If a public registry is not reachable,
cargo release -x --no-push
to a private registry cannot proceed.One concrete example is MITM where extra CA is added to the developer machine for enterprisey reasons:
There is no easy way to tell rustls to use an extra CA here, but that's a little beside the point.
One can add a
panic!()
toRemoteIndex::krate
to get the offending stack trace:This is the place where it's called:
It doesn't feel right to check public registry to see whether a crate exists there when I'm trying to make a release for a private registry. Removing this check allows my releases to proceed as expected.
I'm not sure what's the right solution is here, but I'm certain that it should not require public registry queries.
The text was updated successfully, but these errors were encountered: