-
Notifications
You must be signed in to change notification settings - Fork 2.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Rubygems with Artifactory doesn't seem to work #7315
Comments
For the extraction problem, please raise that as a bug in the main repo, ideally with a simple reproduction repo. For the lookup, can you confirm if the URL is correct by querying it manually with authentication? And how have you configured ruby gems authentication for Renovate? |
Hi i the url is wrong but it seems to be coming from renovate because i found out artifactory as a rubygems repo has the following endpoint for rubygems: authentication isnt necessary for this repo because it allows anonymous installs but it is behind a vpn. see also: https://www.jfrog.com/confluence/display/JFROG/RubyGems+Repositories my config looks like this: module.exports = {
extends: [
"docker:enableMajor",
":semanticCommits",
"group:monorepos",
"group:recommended",
":preserveSemverRanges"
],
platform: "gitlab",
endpoint: "https://git.tech.rz.db.de/api/v4",
token: `${process.env.GIT_USER_API_TOKEN}`,
logLevel: `debug`,
labels: ["renovate", "seec-mop"],
ignoreDeps: ["docker-hub-remote.bahnhub.tech.rz.db.de/renovate/renovate"],
assigneesFromCodeOwners: true,
assigneesSampleSize: 5,
lockFileMaintenance: { enabled: true },
recreateClosed: true, //probably debug config
requireConfig: false,
onboarding: false,
requiredStatusChecks: null,
packageRules: [
{
updateTypes: ["minor", "patch", "pin", "digest"],
gitlabAutomerge: false,
automerge: false,
},
{
updateTypes: ["major"],
labels: ["major","renovate", "seec-mop"],
},
{
datasources: ["docker"],
updateTypes: ["major","minor", "patch", "pin", "digest"],
enabled: true
}
],
vulnerabilityAlerts: {
labels: ["security"],
enabled: true,
},
npmrc: `registry=https://bahnhub.tech.rz.db.de/artifactory/api/npm/default-npm-3rdparty/\nalways-auth=true\n_auth=${process.env.ARTIFACTORY_TOKEN}`,
pinDigests: true,
hostRules: [
{
hostType: "rubygems",
username: `${process.env.ARTIFACTORY_USERNAME}`,
password: `${process.env.ARTIFACTORY_PASSWORD}`,
baseUrl:
"https://bahnhub.tech.rz.db.de/artifactory/api/gems/seec-serviceteam-1-gems-prod-local",
},
{
hostType: "rubygems",
username: `${process.env.ARTIFACTORY_USERNAME}`,
password: `${process.env.ARTIFACTORY_PASSWORD}`,
baseUrl:
"https://bahnhub.tech.rz.db.de/artifactory/api/gems/seec-mov-gems-prod-local",
},
],
}; PS: data is now real because it seems to be fine with my company |
https://github.com/renovatebot/renovate/blob/master/lib/datasource/rubygems/releases.ts |
Yes, I think it sounds like we need some code changes to our rubygems datasource, and any help on this would be greatly appreciated. I would hope that the code is not necessarily artifactory specific but it seems it's a URL structure we don't support yet. I'm guessing there's some overlap with other rubygems queries we've had: https://github.com/renovatebot/renovate/issues?q=is%3Aissue+is%3Aopen+sort%3Aupdated-desc+rubygems I will rename and transfer this issue into the main repo |
Comparison of attempted (failing) vs proper URL:
The renovate/lib/datasource/rubygems/get.ts Lines 17 to 30 in caad3cf
I think we're calling |
as the log states above the base url is set to |
so can we do something like if path includes artifactory? baseurl + path? |
Actually I think it should be a fix in our HTTP layer, independent of artifactory or rubygems. PR in progress |
that would be even better. Do you think this is a bigger problem to tackle? I would like to keep track of the PR :) |
just to clear more things for artifactory (dont know about rubygems or other) when requesting the gem the url is like this: https://bahnhub.tech.rz.db.de:443/artifactory/seec-serviceteam-1-gems-prod-local/gems/sfn_seec_base-1.4.2.gem sample json:
|
I think we already should have the URL correct, it's just that we were joining the URL incorrectly. See #7316 for what is hopefully the only fix required |
🎉 This issue has been resolved in version 23.31.1 🎉 The release is available on:
Your semantic-release bot 📦🚀 |
@henrysachs can you test out 23.31.1 ? |
will do as far as i saw there is no docker container currently for this right? |
Yes, there's a multi-step build process so it will need to pop up in an hour or two |
i'm getting an unauthorized now. So there seems to be progress need to dig deeper into that myself because im sure thats on my side. But the Url for the json is now correct. Thanks a lot! |
OK, please create a new issue if you think there's something needing changing from Renovate |
Which Renovate are you using?
Renovate Open Source CLI
Which platform are you using?
GitLab self-hosted
Have you checked the logs? Don't forget to include them if relevant
What would you like to do?
I wanted to scan ruby gems from a private artifactory. In the Gemfile i face 2 issues.
sample gemfile
this is the output:
"bundler": {"fileCount": 1, "depCount": 2}
when renovate checks these gems it tries to request them from the wrong url atleast this is what i think. But with debug logging enabled the config seems about right for me:
thats currently my dead end where i don't know what i could further do to trace this.
i'm happy to gather more information if necessary. But i need to anonymize the data a bit so expect a typo.
The text was updated successfully, but these errors were encountered: