| -@gerrit:opendev.org- Simon Westphahl proposed: [zuul/zuul] 937035: Remove implicit smart reconfig during startup https://review.opendev.org/c/zuul/zuul/+/937035 | 06:10 | |
| -@gerrit:opendev.org- Felix Edel proposed: [zuul/zuul] 937112: WIP: Reduce empty space on status page https://review.opendev.org/c/zuul/zuul/+/937112 | 10:51 | |
| -@gerrit:opendev.org- Simon Westphahl proposed: [zuul/zuul] 937035: Remove implicit smart reconfig during startup https://review.opendev.org/c/zuul/zuul/+/937035 | 15:09 | |
| @jim:acmegating.com | Clark: looks like latest gerrit images have broken the quickstart auto-setup. my guess from the error message is that this is probably a minor admin-only setup issue, and probably won't affect users, including opendev. but maybe opendev's automated testing. https://zuul.opendev.org/t/zuul/build/03393e74b1964bcb9fae7da363a712f0/log/container_logs/gerritconfig.log | 17:41 |
|---|---|---|
| @jim:acmegating.com | i'm going to take a look and see if i can fix it | 17:41 |
| -@gerrit:opendev.org- James E. Blair https://matrix.to/#/@jim:acmegating.com proposed: [zuul/zuul] 937198: WIP: fix quickstart https://review.opendev.org/c/zuul/zuul/+/937198 | 17:43 | |
| @jim:acmegating.com | that's my throw it at the wall and see if it sticks fix while i look into it more | 17:43 |
| @clarkb:matrix.org | corvus: for opendev's automated testing do you mean our testing of gerrit in system config? Those use our own images. Or do you mean zuul in opendev? It's probably related to the recent 3.11 release though since you use latest in quick start iirc | 17:44 |
| @jim:acmegating.com | Clark: i meant opendev's auto testing of its own images. if it has a "push all-projects" step like that. | 17:44 |
| @clarkb:matrix.org | Oh I see if this is a 3.11 change we may need to do the same in our testing | 17:45 |
| @clarkb:matrix.org | Got it | 17:45 |
| @jim:acmegating.com | cause it looks like the error is something like "admin" isn't "admin" enough to change its own permissions | 17:45 |
| @clarkb:matrix.org | corvus: https://www.gerritcodereview.com/3.11.html#other-changes change 421141 looks suspicious | 17:52 |
| @jim:acmegating.com | wait so they made an exception for their *own* tests | 17:53 |
| @jim:acmegating.com | but not anyone elses? | 17:53 |
| @clarkb:matrix.org | it looks like they set up the test permissions via perms updates somehow though | 17:59 |
| @clarkb:matrix.org | but how do you bootstrap that if you can't push that isn't clear to me yet. | 17:59 |
| @jim:acmegating.com | we're updating perms by pushing all-projects... | 17:59 |
| @clarkb:matrix.org | it almost looks like they are backdooring the system by modifying things in java directly in the running server | 18:00 |
| @clarkb:matrix.org | I have to say this doesn't seem friendly to anyone who might be testing gerrit | 18:00 |
| @jim:acmegating.com | well, how would a regular brand new user do it? | 18:01 |
| @clarkb:matrix.org | based on the ocmmit message you create a change as admin and approve it as admin | 18:01 |
| @clarkb:matrix.org | I think functionally its just adding extra steps and less automation friendly | 18:01 |
| @clarkb:matrix.org | in the name of pushing for more code review, but I would probably argue admins shouldn't be hobbled like that and admins should be given the option | 18:02 |
| @jim:acmegating.com | so you read "admins can assign themselves the permission to push directly." as "admins can create a change and self-approve and submit"? | 18:02 |
| @clarkb:matrix.org | yes | 18:02 |
| @clarkb:matrix.org | basically do code review once then you don't have to do it again | 18:03 |
| @jim:acmegating.com | ...that could have been more clear... | 18:03 |
| @jim:acmegating.com | Clark: okay, so we would need to push a change to gerrit, then either assume the change number or query for the change to get the change number, then use the api to approve and submit the change. | 18:08 |
| @jim:acmegating.com | where "the api" might be the rest api or the ssh api | 18:08 |
| @clarkb:matrix.org | that sounds right | 18:09 |
| @jim:acmegating.com | also, what's the syntax to propose a change to meta/config? | 18:09 |
| @jim:acmegating.com | is that HEAD:refs/for/meta/config ? | 18:09 |
| @clarkb:matrix.org | I assume you push the content to refs/for/meta/config ya | 18:09 |
| @jim:acmegating.com | that seems potentially conflicty with a branch named "meta/config" | 18:10 |
| @jim:acmegating.com | since meta/config isn't under heads | 18:10 |
| @fungicide:matrix.org | i take it this isn't something you can work around through the implicit "gerrit code review" account authenticated with the ssh host key? | 18:10 |
| @jim:acmegating.com | git push origin HEAD:refs/for/refs/meta/config | 18:11 |
| @clarkb:matrix.org | corvus: docs say it is git push origin HEAD:refs/for/refs/meta/config | 18:11 |
| @jim:acmegating.com | fungi: hrm......good question | 18:11 |
| @jim:acmegating.com | is there a username to use with that? | 18:16 |
| @fungicide:matrix.org | https://docs.opendev.org/opendev/system-config/latest/sysadmin.html#gerrit-admins has an explicit example, relying on gerrit suexec to work around the fact that the backdoor account doesn't have the ability to do certain things | 18:17 |
| @fungicide:matrix.org | and yeah, the username is literally Gerrit Code Review | 18:17 |
| @jim:acmegating.com | thx; i think i have enough to try that locally, 1 sec | 18:18 |
| @fungicide:matrix.org | given that backdoor is documented pretty much nowhere officially, i'm just waiting for the day that they decide to delete it as unsupported, so i'm sort of iffy wrt relying on it long-term (but it's been there since at least early gerrit v2, maybe longer) | 18:20 |
| @jim:acmegating.com | [2024-12-05T18:34:43.811Z] [SshCommandStart-1[start (user Gerrit Code Review)]] WARN com.google.gerrit.sshd.CommandFactoryProvider : Cannot start command "git-receive-pack '/All-Projects'" for user Gerrit Code Review | 18:35 |
| java.lang.UnsupportedOperationException: PeerDaemonUser is not an IdentifiedUser | ||
| @jim:acmegating.com | fungi: ^ that looks like a no :( | 18:35 |
| @fungicide:matrix.org | ah, yeah i've not tried using it for git operations, only the ssh-based api | 18:40 |
| -@gerrit:opendev.org- James E. Blair https://matrix.to/#/@jim:acmegating.com proposed: [zuul/zuul] 937198: Update quickstart for latest gerrit https://review.opendev.org/c/zuul/zuul/+/937198 | 19:15 | |
| @jim:acmegating.com | Clark: fungi ^ that's the simplest incantation i've come up with | 19:15 |
| @fungicide:matrix.org | succinct at least, could have been worse | 19:20 |
| @jim:acmegating.com | has the project argument, so it's not instantly deprecated. should hold out for a few days at least. | 19:22 |
| @clarkb:matrix.org | looking | 19:22 |
| -@gerrit:opendev.org- Zuul merged on behalf of James E. Blair https://matrix.to/#/@jim:acmegating.com: [zuul/zuul] 937198: Update quickstart for latest gerrit https://review.opendev.org/c/zuul/zuul/+/937198 | 20:55 | |
| -@gerrit:opendev.org- James E. Blair https://matrix.to/#/@jim:acmegating.com proposed: | 21:01 | |
| - [zuul/zuul] 937210: Add an option to skip workspace checkouts https://review.opendev.org/c/zuul/zuul/+/937210 | ||
| - [zuul/zuul] 937211: Further reduce workspace checkouts https://review.opendev.org/c/zuul/zuul/+/937211 | ||
| - [zuul/zuul] 937212: Use empty sparse checkouts in mergers https://review.opendev.org/c/zuul/zuul/+/937212 | ||
Generated by irclog2html.py 2.17.3 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!