Closed
Bug 574757
Opened 14 years ago
Closed 14 years ago
Allow ffxbld & stage-ffxbld to pull from ssh://hgpvt.mozilla.org/shadow-central
Categories
(mozilla.org Graveyard :: Server Operations, task)
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: lsblakk, Assigned: aravind)
References
Details
(Whiteboard: [sg:nse])
working on staging-slaves in the build network and unable to clone from this repo due to connection refused.
Reporter | ||
Comment 1•14 years ago
|
||
after talking with dveditz about this in IRC, it came up that I was trying to pull with http:// and instead should be doing either https or ssh. Using https wouldn't be great because there would be authentication required and we can't check that into our (public) configs. So I'm changing the summary of this to ask for cltbld's ssh key to be given authorization to clone from this repo. That should allow us to clone to the slaves without exposing anything.
Reporter | ||
Updated•14 years ago
|
Summary: Connection refused when trying to read from hgpvt.mozilla.org → Allow cltbld to pull from ssh://hgpvt.mozilla.org/shadow-central
Updated•14 years ago
|
Group: mozilla-confidential → core-security
Updated•14 years ago
|
Whiteboard: [sg:nse]
Assignee | ||
Comment 2•14 years ago
|
||
cltbld doesn't even have a ldap account (afaik), ffxbld does. Can I use that account instead?
Reporter | ||
Comment 3•14 years ago
|
||
sure - that would be great, thanks
Assignee | ||
Updated•14 years ago
|
Summary: Allow cltbld to pull from ssh://hgpvt.mozilla.org/shadow-central → Allow ffxbld to pull from ssh://hgpvt.mozilla.org/shadow-central
Assignee | ||
Comment 4•14 years ago
|
||
Granted ffxbld user access to the sec group.
Status: NEW → RESOLVED
Closed: 14 years ago
Resolution: --- → FIXED
Reporter | ||
Comment 5•14 years ago
|
||
Please also allow stage-ffxbld to pull from this repo as it currently can not. Editing summary to reflect this.
Status: RESOLVED → REOPENED
Resolution: FIXED → ---
Summary: Allow ffxbld to pull from ssh://hgpvt.mozilla.org/shadow-central → Allow ffxbld & stage-ffxbld to pull from ssh://hgpvt.mozilla.org/shadow-central
Reporter | ||
Comment 6•14 years ago
|
||
My assumption that stage-ffxbld cannot access the repo is based on: Staging slave: [cltbld@mv-moz2-linux-ix-slave01 ~]$ /tools/python/bin/hg clone --verbose --noupdate ssh://stage-ffxbld@hgpvt.mozilla.org/shadow-central /builds/slave/shadow-central-linux/build running ssh stage-ffxbld@hgpvt.mozilla.org "hg -R shadow-central serve --stdio" remote: abort: There is no Mercurial repository here (.hg not found)! abort: no suitable response from remote hg! Production slave: [cltbld@mv-moz2-linux-ix-slave21 ~]$ /tools/python/bin/hg clone --verbose --noupdate ssh://ffxbld@hgpvt.mozilla.org/shadow-central /builds/slave/shadow-central-linux/build running ssh ffxbld@hgpvt.mozilla.org "hg -R shadow-central serve --stdio" requesting all changes adding changesets
Assignee | ||
Comment 7•14 years ago
|
||
flipped the bits for stage-ffxbld to allow access to those repos.
Status: REOPENED → RESOLVED
Closed: 14 years ago → 14 years ago
Resolution: --- → FIXED
Updated•9 years ago
|
Product: mozilla.org → mozilla.org Graveyard
Updated•9 years ago
|
Group: core-security
You need to log in
before you can comment on or make changes to this bug.
Description
•