-
Notifications
You must be signed in to change notification settings - Fork 5.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
gitfs regression with authenticated repos #23013
Comments
I just upgraded a CentOS 7 machine to
|
I upgraded another Fedora machine and it fails as described initially, too. |
Comparing the debug output of the CentOS vs the Fedora machines I see the following appearing on the Fedora (i.e. non-working) machines only:
|
This has nothing to do with CentOS vs Fedora. After adding a few debug lines in gitfs.py it was clear that the ssh key is not used. Creating
|
Thanks for this report @markusr815. When you upgraded salt, did you also upgrade python-pygit2? Or is that the same as before you upgraded the version of salt on your minion? I am trying to reproduce this error right now. |
Ok, I can confirm this bug. Thanks very much for this excellent report - it made it easy to reproduce once I realized what was going on. The https way of authenticating explained here works just fine, but the ssh method is indeed broken. Steps to reproduce on a Fedora 21 VM:
Install pygit 2:
Then try to run a state from the your gitfs repository listed in the minion config:
ping @terminalmage |
Fixed this by replacing /usr/lib/python2.6/site-packages/salt/fileserver/gitfs.py with the one found in here https://github.com/saltstack/salt/releases/download/v2014.7.1/salt-2014.7.1.tar.gz |
@deuscapturus Do you think this is a duplicate of the other bug you filed a couple of days ago? If so, I know that we usually keep the "earliest" bugs open and close new duplicates, but since I've outlined some reproduction steps and narrowed this down and you've provided some helpful info here as well, I'm inclined to keep this one open and close the other one. What do you think? |
This was caused by a bugfix where branches/tags removed from the remote repo were still showing up as salt fileserver environments. pygit2 doesn't know how to detect remote refs, so I added code that uses the git CLI to run I've disabled stale ref cleaning for authenticated repos in #23094, and opened libgit2/pygit2#524 to request proper support for detecting stale refs in pygit2. |
I renamed this issue to reflect the actual problem. |
Is there a suggested workaround until the next release? |
Commenting out this line and adding a #cleaned = _clean_stale(repo['repo'], refs_post)
cleaned = [] |
@terminalmage is that in my master, minion, or both? |
looks like it only needs to change on the master. Thanks @terminalmage! |
Yes, just the master. Sorry, should have been more specific. |
FYI. Applying the workaround 'cleaned = []' will fix most gitfs issues but will still cause an issue with file.recurse giving error "Recurse failed: none of the specified sources were found". For a complete fix follow the workaround I specified above. |
I just upgraded my Fedora 21 install from
salt-{,minon-}2014.7.1-1.fc21.noarch
to2014.7.5-1.fc21.noarch
. Now, my setup does not work anymore.I have
python-pygit2
version 0.21.4 installed.All I get is this:
The
top.sls
is really simple for this repo:The directory
/var/cache/salt/minion/files/base/
did contain the proper files previously. Although, after removing/var/cache/salt/minion/{gitfs,files}
for testing purposes, it stays empty after a call tostate.highstate
:Is this expected behavior? I can't find anything about this in the Salt 2014.7.5 Release Notes.
The text was updated successfully, but these errors were encountered: