Request for a new repository for release kickoff: git.mozilla.org/build/release-kickoff

VERIFIED FIXED

Status

Developer Services
General
VERIFIED FIXED
6 years ago
4 years ago

People

(Reporter: bhearsum, Assigned: bkero)

Tracking

Details

(Reporter)

Description

6 years ago
Commit level access: 2
Purpose: RoR for release kickoff webapp, being deployed as ship-it.mozilla.org (+ ship-it-dev.allizom.org)
Doesn't ship as part of any product.

Please create the repository as empty, and I'll fill it in with a codedrop afterwards.
Aproved by releng:
 - type: git
 - name: build/release-kickoff on git.mozilla.org
 - access: level 2 scm
 - hooks: none
 - description: ship-it.m.o source
Assignee: nobody → server-ops-devservices
Component: Release Engineering: Developer Tools → Server Operations: Developer Services
QA Contact: lsblakk → shyam
Done.

shyam@spike ~/mozilla/repos/git/gitolite-admin (master) % git push origin master
Counting objects: 7, done.
Delta compression using up to 8 threads.
Compressing objects: 100% (3/3), done.
Writing objects: 100% (4/4), 422 bytes, done.
Total 4 (delta 1), reused 0 (delta 0)
remote: Initialized empty Git repository in /var/lib/gitolite3/repositories/build/release-kickoff.git/
Assignee: server-ops-devservices → shyam
Status: NEW → RESOLVED
Last Resolved: 6 years ago
Resolution: --- → FIXED
(Reporter)

Comment 3

6 years ago
I'm almost certain that this is pebkac, but I'm unable to clone through any means:
➜  ~cl  git clone git://git.mozilla.org/build/release-kickoff.git
Cloning into 'release-kickoff'...
fatal: unable to connect to git.mozilla.org:
git.mozilla.org[0: 63.245.215.69]: errno=Connection timed out

➜  ~cl  git clone https://git.mozilla.org/build/release-kickoff.git
Cloning into 'release-kickoff'...
fatal: remote error: FATAL: R any build/release-kickoff gitweb DENIED by fallthru
(or you mis-spelled the reponame)
➜  ~cl  git clone http://git.mozilla.org/build/release-kickoff.git 
Cloning into 'release-kickoff'...
fatal: remote error: FATAL: R any build/release-kickoff gitweb DENIED by fallthru
(or you mis-spelled the reponame)
Status: RESOLVED → REOPENED
Resolution: FIXED → ---
(Reporter)

Comment 4

6 years ago
15:16 < bkero> bhearsum: I literally 's/all/@all/' and it worked. :) Let me know if you have any more problems with it.


After that, I was able to clone but I'm still unable to push. Here's a bunch of things I've tried:
➜  release-kickoff git:(master) git remote -v
origin	ssh://gitolite3@git.mozilla.org/build/release-kickoff.git (fetch)
origin	ssh://gitolite3@git.mozilla.org/build/release-kickoff.git (push)
➜  release-kickoff git:(master) git push origin
FATAL: W any build/release-kickoff b2gbld DENIED by fallthru
(or you mis-spelled the reponame)
fatal: The remote end hung up unexpectedly


➜  release-kickoff git:(master) git remote -v
origin	ssh://bhearsum@git.mozilla.org/build/release-kickoff.git (fetch)
origin	ssh://bhearsum@git.mozilla.org/build/release-kickoff.git (push)
➜  release-kickoff git:(master) git push origin
fatal: '/build/release-kickoff.git' does not appear to be a git repository
fatal: The remote end hung up unexpectedly



➜  release-kickoff git:(master) git remote -v
origin	ssh://git.mozilla.org/build/release-kickoff.git (fetch)
origin	ssh://git.mozilla.org/build/release-kickoff.git (push)
➜  release-kickoff git:(master) grep -n2 git ~/.ssh/config
7-    StrictHostKeyChecking no
8-
9:Host git.mozilla.org
10-    User bhearsum@mozilla.com
11-
➜  release-kickoff git:(master) git push origin
Permission denied (publickey,gssapi-keyex,gssapi-with-mic).
fatal: The remote end hung up unexpectedly
(Assignee)

Comment 5

6 years ago
bkero@Gluttony:~/code$ git clone ssh://gitolite3@git.mozilla.org/build/release-kickoff.git
Cloning into 'release-kickoff'...
warning: You appear to have cloned an empty repository.
bkero@Gluttony:~/code/release-kickoff$ echo hello >> testfile
bkero@Gluttony:~/code/release-kickoff$ git add testfile
bkero@Gluttony:~/code/release-kickoff$ git commit -m 'test commit'
[master (root-commit) c677b4f] test commit
 1 file changed, 1 insertion(+)
 create mode 100644 testfile
bkero@Gluttony:~/code/release-kickoff$ git push origin master
Counting objects: 3, done.
Writing objects: 100% (3/3), 213 bytes, done.
Total 3 (delta 0), reused 0 (delta 0)
To ssh://gitolite3@git.mozilla.org/build/release-kickoff.git
 * [new branch]      master -> master


^ This seems to have worked for me.

bkero@Gluttony:~/code/release-kickoff$ git rm testfile
rm 'testfile'
bkero@Gluttony:~/code/release-kickoff$ git commit -m delete testfile
[master 5d6d1a3] delete
 1 file changed, 1 deletion(-)
 delete mode 100644 testfile
bkero@Gluttony:~/code/release-kickoff$ git push
Counting objects: 3, done.
Writing objects: 100% (2/2), 187 bytes, done.
Total 2 (delta 0), reused 0 (delta 0)
To ssh://gitolite3@git.mozilla.org/build/release-kickoff.git
   c677b4f..5d6d1a3  HEAD -> master
(Reporter)

Comment 6

6 years ago
Weird...I ran your exact commands and still can't push:
➜  ~cl  git clone ssh://gitolite3@git.mozilla.org/build/release-kickoff.git
Cloning into 'release-kickoff'...
remote: Counting objects: 5, done.
remote: Compressing objects: 100% (2/2), done.
remote: Total 5 (delta 0), reused 0 (delta 0)
Receiving objects: 100% (5/5), done.
➜  release-kickoff git:(master) echo hello >> testfile 
➜  release-kickoff git:(master) ✗ git add testfile
➜  release-kickoff git:(master) ✗ git commit -m 'test commit'
[master c32c571] test commit
 1 file changed, 1 insertion(+)
 create mode 100644 testfile
➜  release-kickoff git:(master) git push origin master
FATAL: W any build/release-kickoff b2gbld DENIED by fallthru
(or you mis-spelled the reponame)
fatal: The remote end hung up unexpectedly
(Assignee)

Comment 7

6 years ago
Could you please try running 'ssh gitolite3@git.mozilla.org'?

bkero@Gluttony:~$ ssh git.mozilla.org -l gitolite3
PTY allocation request failed on channel 0
hello bkero@mozilla.com, this is gitolite3@git1 running gitolite3 3.04-1.el6 on git 1.7.11.3

 R W	build/release-kickoff
(Reporter)

Comment 8

6 years ago
➜  mozilla-central git:(gaia-l10n) ssh gitolite3@git.mozilla.org
PTY allocation request failed on channel 0
hello b2gbld, this is gitolite3@git1 running gitolite3 3.04-1.el6 on git 1.7.11.3

 R  	build/release-kickoff
 R  	releases/gaia
 R  	releases/gecko
Connection to git.mozilla.org closed.
(Assignee)

Comment 9

6 years ago
It seems the b2gbld key (user) doesn't have write access to the release-kickoff repository. Would you like me to add write permission for this user?
(Reporter)

Comment 10

6 years ago
(In reply to Ben Kero [:bkero] from comment #9)
> It seems the b2gbld key (user) doesn't have write access to the
> release-kickoff repository. Would you like me to add write permission for
> this user?

That doesn't sound right...as far as I know I'm pushing as bhearsum, not b2gbld. If I'm not, that sounds like a problem...

I definitely don't think that b2gbld should have write access to this repository.
(Assignee)

Comment 11

6 years ago
[root@git1.dmz.scl3 ~]# /usr/local/bin/ldap-group-query.sh bhearsum@mozilla.com
<many ldap groups listed here>

[root@git1.dmz.scl3 ~]# /usr/local/bin/ldap-group-query.sh b2gbld

[root@git1.dmz.scl3 ~]#
(Assignee)

Comment 12

6 years ago
I'd recommend 'ssh -v gitolite3@git.mozilla.org' to see which key it's using to authenticate
(Reporter)

Comment 13

6 years ago
I don't have b2gbld on my laptop or in my keychain AFAIK. Here's the output from that ssh command:

➜  mozilla-central git:(gaia-l10n) ssh -v gitolite3@git.mozilla.org
OpenSSH_6.0p1 Debian-3ubuntu1, OpenSSL 1.0.1c 10 May 2012
debug1: Reading configuration data /home/bhearsum/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug1: Connecting to git.mozilla.org [63.245.215.69] port 22.
debug1: Connection established.
debug1: identity file /home/bhearsum/.ssh/id_rsa type -1
debug1: identity file /home/bhearsum/.ssh/id_rsa-cert type -1
debug1: identity file /home/bhearsum/.ssh/id_dsa type 2
debug1: Checking blacklist file /usr/share/ssh/blacklist.DSA-1024
debug1: Checking blacklist file /etc/ssh/blacklist.DSA-1024
debug1: identity file /home/bhearsum/.ssh/id_dsa-cert type -1
debug1: identity file /home/bhearsum/.ssh/id_ecdsa type -1
debug1: identity file /home/bhearsum/.ssh/id_ecdsa-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
debug1: match: OpenSSH_5.3 pat OpenSSH_5*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.0p1 Debian-3ubuntu1
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Server host key: RSA 39:98:42:50:b3:af:d0:14:72:73:03:20:fc:f4:a8:a7
debug1: Host 'git.mozilla.org' is known and matches the RSA host key.
debug1: Found key in /home/bhearsum/.ssh/known_hosts:259
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic
debug1: Next authentication method: gssapi-keyex
debug1: No valid Key exchange context
debug1: Next authentication method: gssapi-with-mic
debug1: Unspecified GSS failure.  Minor code may provide more information
Credentials cache file '/tmp/krb5cc_1000' not found

debug1: Unspecified GSS failure.  Minor code may provide more information
Credentials cache file '/tmp/krb5cc_1000' not found

debug1: Unspecified GSS failure.  Minor code may provide more information


debug1: Unspecified GSS failure.  Minor code may provide more information
Credentials cache file '/tmp/krb5cc_1000' not found

debug1: Next authentication method: publickey
debug1: Offering DSA public key: /home/bhearsum/.ssh/id_dsa
debug1: Remote: Forced command: /usr/share/gitolite3/gitolite-shell b2gbld
debug1: Remote: Port forwarding disabled.
debug1: Remote: X11 forwarding disabled.
debug1: Remote: Agent forwarding disabled.
debug1: Remote: Pty allocation disabled.
debug1: Server accepts key: pkalg ssh-dss blen 433
debug1: Remote: Forced command: /usr/share/gitolite3/gitolite-shell b2gbld
debug1: Remote: Port forwarding disabled.
debug1: Remote: X11 forwarding disabled.
debug1: Remote: Agent forwarding disabled.
debug1: Remote: Pty allocation disabled.
debug1: Authentication succeeded (publickey).
Authenticated to git.mozilla.org ([63.245.215.69]:22).
debug1: channel 0: new [client-session]
debug1: Requesting no-more-sessions@openssh.com
debug1: Entering interactive session.
debug1: Requesting authentication agent forwarding.
debug1: Sending environment.
debug1: Sending env LC_MESSAGES = tl_PH.UTF-8
debug1: Sending env LANG = tl_PH.UTF-8
debug1: Sending env LC_CTYPE = tl_PH.UTF-8
PTY allocation request failed on channel 0
hello b2gbld, this is gitolite3@git1 running gitolite3 3.04-1.el6 on git 1.7.11.3

 R  	build/release-kickoff
 R  	releases/gaia
 R  	releases/gecko
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
debug1: client_input_channel_req: channel 0 rtype eow@openssh.com reply 0
debug1: channel 0: free: client-session, nchannels 1
Connection to git.mozilla.org closed.
Transferred: sent 3376, received 3208 bytes, in 0.3 seconds
Bytes per second: sent 9734.3, received 9249.9
debug1: Exit status 0


And id_dsa.pub is my key:
➜  .ssh  cat ~/.ssh/id_dsa.pub
ssh-dss AAAAB3NzaC1kc3MAAACBAJX3rQmGT8ZDbKJlJW/oCGqgLorXgM73VR3CnHHt+oH1svCP1OuxCrL21YZ5ap0XZqNcXbwtkdJ9jHFl2NEieuRArEvdwMmqqMZ2jfXegoEIYNKcUI840iu2WukXzlAuQxRz7uLKa85IQekrq+Vp66dV0bmkSQYuSP6BPOMvOVa9AAAAFQCvlncHMdcFItkzGy3TvPOmLETFjwAAAIAJUfOBZ5hSGnmslud43LQOLs5iYUYg9U+1G3d4LlmUztF7+Fh4T1RiX+FBj0VsqcPcsIYitOqdaUUDuXvV4PvQ0eIq1Llk5wxoyYluApLga+fsGUF9VfVd8/Y/3YfHJSYztAVq9gOnaFWsMRUmBEBczyh/NjhCRdunCBFAmwBWpgAAAIBQCD4Qol7OPQtjU6Dxz5CCR/bljS29pp4X58irYQgwjRDTfKDDXl6bhmYEFGYoSDv9PgBF8u/KH/7TQryT147/CPpj2vObcoH9bJlVIkYVxj/ik8c6yb9drcdq0RoCWNvvEJepMV3HYMeFeJMF5cTxFWpHlRnOFEX4UJV8IF36cw== bhearsum@bitters-2.local
(Assignee)

Comment 14

6 years ago
[root@git1.dmz.scl3 keydir]# grep "AAAAB3NzaC1kc3MAAACBAJX3rQmGT8ZDbKJlJW/oCGqgLorXgM73VR3CnHHt+oH1svCP1OuxCrL21YZ5ap0XZqNcXbwtkdJ9jHFl2NEieuRArEvdwMmqqMZ2jfXegoEIYNKcUI840iu2WukXzlAuQxRz7uLKa85IQekrq+Vp66dV0bmkSQYuSP6BPOMvOVa9AAAAFQCvlncHMdcFItkzGy3TvPOmLETFjwAAAIAJUfOBZ5hSGnmslud43LQOLs5iYUYg9U+1G3d4LlmUztF7+Fh4T1RiX+FBj0VsqcPcsIYitOqdaUUDuXvV4PvQ0eIq1Llk5wxoyYluApLga+fsGUF9VfVd8" *

b2gbld@gitolite4.pub:ssh-dss AAAAB3NzaC1kc3MAAACBAJX3rQmGT8ZDbKJlJW/oCGqgLorXgM73VR3CnHHt+oH1svCP1OuxCrL21YZ5ap0XZqNcXbwtkdJ9jHFl2NEieuRArEvdwMmqqMZ2jfXegoEIYNKcUI840iu2WukXzlAuQxRz7uLKa85IQekrq+Vp66dV0bmkSQYuSP6BPOMvOVa9AAAAFQCvlncHMdcFItkzGy3TvPOmLETFjwAAAIAJUfOBZ5hSGnmslud43LQOLs5iYUYg9U+1G3d4LlmUztF7+Fh4T1RiX+FBj0VsqcPcsIYitOqdaUUDuXvV4PvQ0eIq1Llk5wxoyYluApLga+fsGUF9VfVd8/Y/3YfHJSYztAVq9gOnaFWsMRUmBEBczyh/NjhCRdunCBFAmwBWpgAAAIBQCD4Qol7OPQtjU6Dxz5CCR/bljS29pp4X58irYQgwjRDTfKDDXl6bhmYEFGYoSDv9PgBF8u/KH/7TQryT147/CPpj2vObcoH9bJlVIkYVxj/ik8c6yb9drcdq0RoCWNvvEJepMV3HYMeFeJMF5cTxFWpHlRnOFEX4UJV8IF36cw== b2gbld_gitolite_4

bhearsum@mozilla.com@gitolite1.pub:ssh-dss AAAAB3NzaC1kc3MAAACBAJX3rQmGT8ZDbKJlJW/oCGqgLorXgM73VR3CnHHt+oH1svCP1OuxCrL21YZ5ap0XZqNcXbwtkdJ9jHFl2NEieuRArEvdwMmqqMZ2jfXegoEIYNKcUI840iu2WukXzlAuQxRz7uLKa85IQekrq+Vp66dV0bmkSQYuSP6BPOMvOVa9AAAAFQCvlncHMdcFItkzGy3TvPOmLETFjwAAAIAJUfOBZ5hSGnmslud43LQOLs5iYUYg9U+1G3d4LlmUztF7+Fh4T1RiX+FBj0VsqcPcsIYitOqdaUUDuXvV4PvQ0eIq1Llk5wxoyYluApLga+fsGUF9VfVd8/Y/3YfHJSYztAVq9gOnaFWsMRUmBEBczyh/NjhCRdunCBFAmwBWpgAAAIBQCD4Qol7OPQtjU6Dxz5CCR/bljS29pp4X58irYQgwjRDTfKDDXl6bhmYEFGYoSDv9PgBF8u/KH/7TQryT147/CPpj2vObcoH9bJlVIkYVxj/ik8c6yb9drcdq0RoCWNvvEJepMV3HYMeFeJMF5cTxFWpHlRnOFEX4UJV8IF36cw== bhearsum_gitolite_1


It seems your pubkey is also the pubkey of b2gbld, and it is being interpreted before your user.
(Reporter)

Comment 15

6 years ago
That seems....odd. I don't see any bugs with a request to add me there, and I don't know why I would need to be part of that key. Can you remove me from that? Should I file that separately?
(Assignee)

Comment 16

6 years ago
I removed your key from the b2gbld cacount, manually remade the list of ldap identities in puppet, and pushed it out to the git server.

Confirmed on IRC.
Assignee: shyam → bkero
Status: REOPENED → RESOLVED
Last Resolved: 6 years ago6 years ago
Resolution: --- → FIXED
(Reporter)

Comment 17

6 years ago
And I pushed successfully - thanks for your help here!
Status: RESOLVED → VERIFIED
Component: Server Operations: Developer Services → General
Product: mozilla.org → Developer Services
You need to log in before you can comment on or make changes to this bug.