-
Notifications
You must be signed in to change notification settings - Fork 4.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add git ls-remote to validate the remote GIT repository #5573
Conversation
@@ -27,6 +26,10 @@ const ( | |||
urlCheckTimeout = 16 * time.Second | |||
) | |||
|
|||
var ( | |||
GitAuthenticationError, GitNotFoundError error |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Aren't these nil?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
yeah, should stop drinking
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
These should be error types. See for example
type fatalError string |
Other than what Michalis already pointed out, looks good. |
2f72f01
to
480f286
Compare
[test] |
LGTM |
succ := make(chan bool, 1) | ||
go func() { | ||
out, err = cmd.CombinedOutput() | ||
succ <- true |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We don't really care about this value so this should be an empty struct.
one more nit, LGTM otherwise |
Actually can you add a test case for this as well? |
if this works with proxies, you should remove the logic that skips this check when a proxy is set. |
480f286
to
92d12fd
Compare
i fixed everything, but do not merge this yet, need to test if the proxy stuff works as expected |
// remote repository failed to authenticate. | ||
// Since this is calling the 'git' binary, the proxy settings should be | ||
// available for this command. | ||
func checkRemoteGit(url string, timeout time.Duration) error { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I thought the original issue was a long hang when an invalid IP or host was specified... does this fail fast in cases like that?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I see the timeout, but not a test exercising it... is that possible?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@liggitt it hangs when it was asking for password in case you have private repos.... and yes, there is no test exercising this, something I have to follow up
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
i can, also I think github is asking me for a password even if I request "https://github.com/openshift/foo"
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Per #3624 it would be good not to rely on external services, using Jordan's idea of httptest returning 401 is preferable, imho.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
👍
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@soltysh i would not be that optimistic, I might revert the github test to have positive case ;-)
@bparees tested with proxy/without proxy and by accident tested also the timeout... it all works, so this is mergeable now |
[test] again |
if !testConnection { | ||
return nil | ||
|
||
if strings.Contains(string(out), "Authentication failed") { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Use a switch
7e614a1
to
4724788
Compare
@mfojtik this works when going through a proxy? the scenario that was broken before that lead to reworking this was a git server that could only be reached via proxy. (the testing that was done which was insufficient was accessing a git server via a proxy, when that git server could also be reached w/o using the proxy) |
if err != nil { | ||
t.Errorf("expected no error, got %q", err) | ||
} | ||
err = checkRemoteGit("https://254.254.254.254/foo/bar", 10*time.Second) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
lower the time limit, we don't want this test to take 30 seconds to run
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
20 seconds. one of those tests won't normally hit the timeout.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
/pedant
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I didn't say it would take 30 seconds. I said I didn't want it to take 30 seconds, which I don't 😁
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
well it won't, so desire met? :)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
there are two now :-) the first one should never hit the timeout, I will lower the second one :-) is that ok?
4724788
to
460e849
Compare
460e849
to
317425e
Compare
[test] |
6dcf89e
to
a83fd22
Compare
// ignored. This command will replace git:// with https:// in that case. | ||
if strings.HasPrefix(gitSource.URI, "git://") { | ||
glog.V(4).Infof("Using https:// instead of git:// prefix for %q", gitSource.URI) | ||
out, err := exec.Command("git", "config", "--global", `url."https://".insteadOf git://`).CombinedOutput() |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@bparees sanity check required
34c27af
to
611ad20
Compare
|
||
// When the protocol is git:// the HTTPS_PROXY and HTTP_PROXY variables are | ||
// ignored. This command will replace git:// with https:// in that case. | ||
if strings.HasPrefix(gitSource.URI, "git://") { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this is wrong... the git://
protocol is not http/https-based, and should not be using http_proxy/https_proxy. It's over a completely different port, so switching to https://
could actually break the check (https://git-scm.com/book/en/v2/Git-on-the-Server-The-Protocols#The-Git-Protocol)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@liggitt the command bellow this will set it global, so the clone (if https succeed) will work normally.
continuous-integration/openshift-jenkins/test Waiting: Determining build queue position |
61e1ad0
to
d69b2b0
Compare
[testonlyextended][extended:core(s2i build with proxy)] |
d69b2b0
to
ebbbcc0
Compare
Evaluated for origin test up to ebbbcc0 |
Evaluated for origin testonlyextended up to ebbbcc0 |
continuous-integration/openshift-jenkins/test FAILURE (https://ci.openshift.redhat.com/jenkins/job/test_pull_requests_origin/7212/) (Extended Tests: core(s2i build with proxy)) |
continuous-integration/openshift-jenkins/testonlyextended SUCCESS (https://ci.openshift.redhat.com/jenkins/job/test_pull_requests_origin/7218/) (Extended Tests: core(s2i build with proxy)) |
@bparees ready for review/merge |
[merge] |
1 similar comment
[merge] |
[merge] ! |
continuous-integration/openshift-jenkins/merge SUCCESS (https://ci.openshift.redhat.com/jenkins/job/merge_pull_requests_origin/4058/) (Image: devenv-rhel7_2742) |
@bparees @csrwng each merge failed with different flaky test :-) This time, new-app is the winner:
Previously it was new-app again:
And before it was timeout starting openshift server :-) |
The merge failure is an integration test flake:
which is assigned to me: #5937 |
[merge] (an innocent chicken was sacrificed) |
Evaluated for origin merge up to ebbbcc0 |
Merged by openshift-bot
Fixes: #4564
Fixes: #5944
@bparees @soltysh this will use
git ls-remote
command to check the source repository URL. It should pickup all credentials we have for the GIT in case the repo is private. It also perform check if the repository is reachable. Proxy vars should be picked up as well (I didn't tested this).