Change auth method in releasepy: remove shared token and use Jenkins API tokens #1201
Conversation
Signed-off-by: Jose Luis Rivero <[email protected]>
Signed-off-by: Jose Luis Rivero <[email protected]>
|
The second commit in the PR changes the auth model from using a job token via GET parameter named 'token' to use a basic_auth model over https using POST. It works with the same config file than the |
j-rivero
changed the title
| import subprocess | ||
| import sys | ||
| import tempfile | ||
| import os | ||
| import urllib.parse | ||
| import urllib.request | ||
| import urllib3 |
There was a problem hiding this comment.
it would be helpful to document somewhere the python dependencies needed to run release.py. I am using a python venv, so with trial and error I installed the missing dependencies, but it could be clearer
There was a problem hiding this comment.
Or avoid using libraries outside of the python standard libraries if possible.
There was a problem hiding this comment.
it would be helpful to document somewhere the python dependencies needed to run
release.py. I am using a python venv, so with trial and error I installed the missing dependencies, but it could be clearer
I added basic python metadata in ccf062b and updated the documentation in gazebosim/docs#538
Or avoid using libraries outside of the python standard libraries if possible.
Need to double check if we can get rid of urlib3 now that I have clear how the credentials work through GET/POST. Don't want to make more changes in this PR, let's try in a different one.
|
Note that this needs to wait to be merged to #1206 to be ready |
Provide a cli option to inject credentials designed to work with nightly. This has the side effect on the test code that we no longer need the _RELEASEPY_TEST_CREDENTIAL. Signed-off-by: Jose Luis Rivero <[email protected]>
Signed-off-by: Jose Luis Rivero <[email protected]>
Signed-off-by: Jose Luis Rivero <[email protected]>
|
Testing the nightly run with https://build.osrfoundation.org/job/ignition-__upcoming__-nightly-scheduler/26/console ...
+ echo 'releasing gz-tools3 (from branch main)'
releasing gz-tools3 (from branch main)
+ python3 ./scripts/release.py --dry-run gz-tools3 nightly --auth osrfbuild:**** --release-repo-branch main --nightly-src-branch main --upload-to-repo nightly
Downloading releasing info for gz-tools3
Linux distributions in the -release repository:
+ focal ('amd64', 'armhf', 'arm64')
+ jammy ('amd64', 'armhf', 'arm64')
Safety checks:
+ OK No underscore in package name
+ OK Package names in changelog and control
+ OK Jenkins credentials are good
Simulation of jobs to be called if not dry-run:
+ Releasing ubuntu focal/amd64 in https://build.osrfoundation.org//job/gz-tools3-debbuilder?search=nightly-1
+ Releasing ubuntu jammy/amd64 in https://build.osrfoundation.org//job/gz-tools3-debbuilder?search=nightly-1
+ echo ' - done'
... |
Signed-off-by: Jose Luis Rivero <[email protected]>
Signed-off-by: Jose Luis Rivero <[email protected]>
j-rivero
force-pushed
the
jrivero/remove_the_longest_token_ever
branch
from
c0b5473 to
2a070f8
Compare
|
Added a warning for the developers using the current shared token 2a070f8 |
Signed-off-by: Jose Luis Rivero <[email protected]>
Making @nuclearsandwich happy. Remove the token used in DSL.
Developers documentation update: gazebosim/docs#538
This change will break existing nightly scheduler calls. A subsequent PR should take care of it.