semver-resource icon indicating copy to clipboard operation
semver-resource copied to clipboard
verified publisher icon concourse

If git fails to push, it will not stop retrying

Open dimaj opened this issue 7 years ago • 3 comments

Had a situation, where the user that was pushing to our git repo didn't have push rights to a restricted branch. As a result, the step was running over and over again. There was no helpful information as to what was happening.

I think it would be nice if errors from git were surfaced to the logs and retry had a limit.

dimaj avatar Feb 12 '19 19:02 dimaj

What do you mean that "the step was running over and over again"? In our case, Concourse doesn't have permission to write to develop where src/version.txt is.

However, the put step lights up green. Also, the version number keeps incrementing in subsequent jobs -- I assume this gets cached in the resource?

Since we have no idea the git push failures are happening, if something ever wipes the state in Concourse, our version number would get reset.

Configuration (Concourse v 5.7.0) is:

resources:
- name: library-version
  type: semver
  source:
    branch: develop
    driver: git
    file: src/version.txt
    private_key: ((bitbucket-repo-private-key))
    uri: ssh://git@domain:1234/project/repo.git

jobs:
- name: job-build-packages
  serial: true
  plan:
  - get: library-version
    params:
      bump: patch
  - put: library-version
    params:
      file: library-version/version

Output of put step:

Cloning into '/tmp/semver-git-repo'...
Warning: Permanently added '[domain]:1234,[127.0.0.1]:1234' (RSA) to the list of known hosts.
HEAD is now at abcd987 latest-commit-message-here
From ssh://domain:1234/project/repo
 * branch            develop    -> FETCH_HEAD
HEAD is now at abcd987 latest-commit-message-here
From ssh://domain:1234/project/repo
 * branch            develop    -> FETCH_HEAD
HEAD is now at abcd987 latest-commit-message-here

The contents of src/version.txt remain at 1.3.0, but subsequent runs of the pipeline have this in the get: library-version step: bumped locally from 1.3.5 to 1.3.6 bumped locally from 1.3.6 to 1.3.7

Gregro avatar Jan 29 '20 15:01 Gregro

I was seeing messages like these: https://github.com/concourse/semver-resource/issues/38#issuecomment-391724803

And job would not terminate. I am pretty sure that PR #92 fixed the issue, but I need to verify it. Let me try to find some time to verify it and report back.

Also, when you say that

Concourse doesn't have permission to write to develop where src/version.txt is.

how can you guarantee that? What will happen if you were to do this:

$ cd git_repo
$ export GIT_SSH_COMMAND='ssh -i /path/to/your/private/key/referenced/in/pipeline'
$ echo testing > src/testing
$ git add testing
$ git commit testing -m "testing git pushes"
$ git push origin develop

Will that push your commit or will it be denied?

dimaj avatar Jan 29 '20 17:01 dimaj

We have manually triggered jobs to bump to a new major, minor or patch version. The semver resource has 0.0.1 as the initial version, git as the driver and an SSH access key to Bitbucket Cloud. But we overlooked that an SSH access key on Bitbucket Cloud only provides read access to the repository.

Below you can see two green runs of the minor version bump:

Screenshot 2021-03-02 at 13 59 07

The job reports success, but the push to Bitbucket Cloud clearly fails. This kind of error should be reported as an error in the job as well IMO.

ringods avatar Mar 02 '21 13:03 ringods