OneDev
Dashboards
Projects
Global Views
Code Search
server
Code
Pull Requests
Issues
List
Boards
Iterations
Builds
Packages
Statistics
Child Projects
Audit Log
OneDev 14.0.6
Documentation Support & Bug Report RESTful API Incompatibilities License Agreement Check Update
Projects onedev server Issues OD-2447
Can the remote URL and trusted self-signed certificate options under Repository Sync/Push to Remote in the Build be decoupled from the configuration file? (OD-2447)
LHSFK opened 7 months ago

Question 1: Can configure the remote URL through Job Secrets? Reason: When the URL of the upstream repository (such as the middle-tier OneDev instance) is different in different environments (testing, production), if the URL is hard-coded in the build script, the synchronization operation is likely to fail. Putting it in Job Secrets will be more flexible. Modifying the remote URL does not require adding a commit, and the same configuration task can be easily reused according to different instances

Question 2.: Can configure a self-signed certificate through Job Secrets? Reason: Self-signed certificates may need to be rotated and updated frequently. Hard-coded certificates make the configuration less flexible. Every time you change the certificate, you need to manually modify the build file, which will increase unnecessary commits in the git repository

Can the contents of the remote URL and self-signed certificate options be decoupled from .onedev-buildspec.yml.

  • Robin Shen commented 7 months ago

    Yes, you can define job property and secret in project build setting, and then reference them in remote url and certificate. Check the inline help of these fields on how to use variables

  • Robin Shen changed state to 'Closed' 7 months ago
    Previous Value Current Value 
    Open
    		 
    Closed
  • LHSFK commented 7 months ago

    The userName field doesn't seem to be able to use Job Properties

  • LHSFK changed state to 'Open' 7 months ago
    Previous Value Current Value 
    Closed
    		 
    Open
  • LHSFK commented 7 months ago

    name: Mirrors Repositorys remoteUrl: '@property:Mirrors_Repositories_Url@' userName: '@property:Mirrors_Repositories_username@' passwordSecret: Mirrors_Repositories_Password certificate: '@property:Mirrors_Repositories_Cert@'

    13:18:28 Running step "Mirrors Repositorys"... 13:18:28 fatal: unable to access 'https://property:Mirrors_Repositories_username@:*****@test.git.local/test/test.git/': URL rejected: Port number was not a decimal number between 0 and 65535 13:18:28 Command execution failed (command: git -c http.sslCAInfo=/opt/onedev/temp/server/certificate14399940181085312798pem push --force https://@property:Mirrors_Repositories_username@:*****@test.git.local/test/test.git 89abb753441ead65933eae6a37de9c8f42e3b60a:refs/heads/rc, exit code: 128)

  • LHSFK commented 7 months ago

    Is it possible to decouple userName?

  • Robin Shen commented 7 months ago

    Is it possible to decouple userName?

    Will be addressed via OD-2450. Also recommed to use secret instead of property for certficate field, as property does not accept multi-line values.

  • LHSFK commented 7 months ago

    OK, thanks for your help.

  • LHSFK changed state to 'Closed' 7 months ago
    Previous Value Current Value 
    Open
    		 
    Closed
issue 1/1
Type
Question
Priority
Normal
Assignee
Robin Shen
Labels
No labels
Issue Votes (0)
Login to vote
Watchers (2)
Reference
OD-2447
Please wait...
Connection lost or session expired, reload to recover
Page is in error, reload to recover