Files
@ 75b0d3fd6303
Branch filter:
Location: kallithea/Jenkinsfile - annotation
75b0d3fd6303
8.7 KiB
text/plain
ssh: handle IPv6 ssh connections
Performing ssh actions towards Kallithea via an IPv6 connection gave the
following error:
$ hg incoming ssh://kallithea@example.com/repo
remote: Traceback (most recent call last):
remote: File ".../bin/kallithea-cli", line 11, in <module>
remote: load_entry_point('Kallithea', 'console_scripts', 'kallithea-cli')()
remote: File ".../python2.7/site-packages/click/core.py", line 764, in __call__
remote: return self.main(*args, **kwargs)
remote: File ".../python2.7/site-packages/click/core.py", line 717, in main
remote: rv = self.invoke(ctx)
remote: File ".../python2.7/site-packages/click/core.py", line 1137, in invoke
remote: return _process_result(sub_ctx.command.invoke(sub_ctx))
remote: File ".../python2.7/site-packages/click/core.py", line 956, in invoke
remote: return ctx.invoke(self.callback, **ctx.params)
remote: File ".../python2.7/site-packages/click/core.py", line 555, in invoke
remote: return callback(*args, **kwargs)
remote: File ".../kallithea/bin/kallithea_cli_base.py", line 79, in runtime_wrapper
remote: return annotated(*args, **kwargs)
remote: File ".../kallithea/bin/kallithea_cli_ssh.py", line 74, in ssh_serve
remote: vcs_handler.serve(user_id, key_id, client_ip)
remote: File ".../kallithea/lib/vcs/backends/ssh.py", line 65, in serve
remote: self.authuser = AuthUser.make(dbuser=dbuser, ip_addr=client_ip)
remote: File ".../kallithea/lib/auth.py", line 407, in make
remote: if not check_ip_access(source_ip=ip_addr, allowed_ips=allowed_ips):
remote: File ".../kallithea/lib/auth.py", line 860, in check_ip_access
remote: if ipaddr.IPAddress(source_ip) in ipaddr.IPNetwork(ip):
remote: File ".../kallithea/lib/ipaddr.py", line 76, in IPAddress
remote:
remote: ValueError: '2' does not appear to be an IPv4 or IPv6 address
abort: no suitable response from remote hg!
This was caused by IPv4-exclusive parsing of the SSH_CONNECTION variable.
With an IPv6 address starting with '2a02:1810:', only the first '2' would
survive.
According to 'man 1 ssh':
SSH_CONNECTION Identifies the client and server ends of the con‐
nection. The variable contains four space-sepa‐
rated values: client IP address, client port num‐
ber, server IP address, and server port number.
So, the client IP address will be the first space-separated word, regardless
of IPv4 or IPv6. Use that knowledge without further parsing.
(commit message by Thomas De Schampheleire)
Performing ssh actions towards Kallithea via an IPv6 connection gave the
following error:
$ hg incoming ssh://kallithea@example.com/repo
remote: Traceback (most recent call last):
remote: File ".../bin/kallithea-cli", line 11, in <module>
remote: load_entry_point('Kallithea', 'console_scripts', 'kallithea-cli')()
remote: File ".../python2.7/site-packages/click/core.py", line 764, in __call__
remote: return self.main(*args, **kwargs)
remote: File ".../python2.7/site-packages/click/core.py", line 717, in main
remote: rv = self.invoke(ctx)
remote: File ".../python2.7/site-packages/click/core.py", line 1137, in invoke
remote: return _process_result(sub_ctx.command.invoke(sub_ctx))
remote: File ".../python2.7/site-packages/click/core.py", line 956, in invoke
remote: return ctx.invoke(self.callback, **ctx.params)
remote: File ".../python2.7/site-packages/click/core.py", line 555, in invoke
remote: return callback(*args, **kwargs)
remote: File ".../kallithea/bin/kallithea_cli_base.py", line 79, in runtime_wrapper
remote: return annotated(*args, **kwargs)
remote: File ".../kallithea/bin/kallithea_cli_ssh.py", line 74, in ssh_serve
remote: vcs_handler.serve(user_id, key_id, client_ip)
remote: File ".../kallithea/lib/vcs/backends/ssh.py", line 65, in serve
remote: self.authuser = AuthUser.make(dbuser=dbuser, ip_addr=client_ip)
remote: File ".../kallithea/lib/auth.py", line 407, in make
remote: if not check_ip_access(source_ip=ip_addr, allowed_ips=allowed_ips):
remote: File ".../kallithea/lib/auth.py", line 860, in check_ip_access
remote: if ipaddr.IPAddress(source_ip) in ipaddr.IPNetwork(ip):
remote: File ".../kallithea/lib/ipaddr.py", line 76, in IPAddress
remote:
remote: ValueError: '2' does not appear to be an IPv4 or IPv6 address
abort: no suitable response from remote hg!
This was caused by IPv4-exclusive parsing of the SSH_CONNECTION variable.
With an IPv6 address starting with '2a02:1810:', only the first '2' would
survive.
According to 'man 1 ssh':
SSH_CONNECTION Identifies the client and server ends of the con‐
nection. The variable contains four space-sepa‐
rated values: client IP address, client port num‐
ber, server IP address, and server port number.
So, the client IP address will be the first space-separated word, regardless
of IPv4 or IPv6. Use that knowledge without further parsing.
(commit message by Thomas De Schampheleire)
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 | 8a60eb2b7603 8a60eb2b7603 8a60eb2b7603 8d788789b38a 58713c2ebfff 58713c2ebfff 58713c2ebfff 58713c2ebfff 58713c2ebfff 58713c2ebfff 8d788789b38a ad275fcc5a90 ad275fcc5a90 8d788789b38a ad275fcc5a90 ad275fcc5a90 8d788789b38a 8d788789b38a 8d788789b38a 8d788789b38a 8d788789b38a 8d788789b38a 8d788789b38a 8d788789b38a 8d788789b38a 8d788789b38a 8d788789b38a ad275fcc5a90 8d788789b38a 8d788789b38a 8d788789b38a 8d788789b38a 8d788789b38a 8d788789b38a 8d788789b38a 8d788789b38a 8d788789b38a 8d788789b38a 8d788789b38a 8d788789b38a 8d788789b38a 8d788789b38a 8d788789b38a 8d788789b38a 8d788789b38a 8d788789b38a 8d788789b38a 8d788789b38a 8d788789b38a 8d788789b38a 8d788789b38a 8d788789b38a 8d788789b38a 8d788789b38a 8d788789b38a 8d788789b38a 8d788789b38a 8d788789b38a 8d788789b38a 8d788789b38a 8d788789b38a 8d788789b38a 8d788789b38a 8d788789b38a bc1b11a5d548 8d788789b38a 8d788789b38a 8d788789b38a 8d788789b38a 8d788789b38a 8a60eb2b7603 8a60eb2b7603 8a60eb2b7603 8a60eb2b7603 8a60eb2b7603 8d788789b38a 15a12f2a47b4 8d788789b38a 8d788789b38a 8d788789b38a 0acb46763886 8d788789b38a 8d788789b38a 8d788789b38a 0acb46763886 8d788789b38a 8d788789b38a 8d788789b38a 8d788789b38a 8d788789b38a 0acb46763886 0acb46763886 8d788789b38a 8d788789b38a 8a60eb2b7603 8a60eb2b7603 8a60eb2b7603 8a60eb2b7603 8a60eb2b7603 8d788789b38a 15a12f2a47b4 8d788789b38a 8d788789b38a 8d788789b38a 8d788789b38a 8d788789b38a 8d788789b38a 8d788789b38a 8d788789b38a 8d788789b38a 8d788789b38a 8d788789b38a 8d788789b38a 8d788789b38a 8d788789b38a 0acb46763886 8d788789b38a 8d788789b38a 8d788789b38a 8d788789b38a 8d788789b38a 0acb46763886 0acb46763886 8d788789b38a 8d788789b38a 8a60eb2b7603 8a60eb2b7603 8a60eb2b7603 8a60eb2b7603 8a60eb2b7603 8d788789b38a 15a12f2a47b4 8d788789b38a 8d788789b38a 8d788789b38a 8d788789b38a 8d788789b38a 8d788789b38a 8d788789b38a 0acb46763886 8d788789b38a 8d788789b38a 8d788789b38a 0acb46763886 8d788789b38a 8d788789b38a 8d788789b38a 8d788789b38a 8d788789b38a 8d788789b38a 0acb46763886 0acb46763886 8d788789b38a 8d788789b38a 8a60eb2b7603 8a60eb2b7603 8a60eb2b7603 8a60eb2b7603 8a60eb2b7603 8d788789b38a 15a12f2a47b4 8d788789b38a 8d788789b38a 8d788789b38a 8d788789b38a 8d788789b38a 8d788789b38a 8d788789b38a 0acb46763886 8d788789b38a 8d788789b38a 8d788789b38a 0acb46763886 8d788789b38a 8d788789b38a 8d788789b38a 8d788789b38a 8d788789b38a 8d788789b38a 0acb46763886 0acb46763886 8d788789b38a 8d788789b38a 8d788789b38a 8d788789b38a 8a60eb2b7603 8a60eb2b7603 0acb46763886 0acb46763886 0acb46763886 0acb46763886 0acb46763886 0acb46763886 0acb46763886 0acb46763886 0acb46763886 0acb46763886 0acb46763886 0acb46763886 0acb46763886 0acb46763886 0acb46763886 0acb46763886 0acb46763886 0acb46763886 0acb46763886 0acb46763886 0acb46763886 0acb46763886 0acb46763886 0acb46763886 8a60eb2b7603 | def createvirtualenv = ''
def activatevirtualenv = ''
node {
properties([[$class: 'BuildDiscarderProperty',
strategy: [$class: 'LogRotator',
artifactDaysToKeepStr: '',
artifactNumToKeepStr: '10',
daysToKeepStr: '',
numToKeepStr: '']]]);
if (isUnix()) {
createvirtualenv = 'rm -r $JENKINS_HOME/venv/$JOB_NAME || true && virtualenv $JENKINS_HOME/venv/$JOB_NAME'
activatevirtualenv = '. $JENKINS_HOME/venv/$JOB_NAME/bin/activate'
} else {
createvirtualenv = 'rmdir /s /q %JENKINS_HOME%\\venv\\%JOB_NAME% || true && virtualenv %JENKINS_HOME%\\venv\\%JOB_NAME%'
activatevirtualenv = 'call %JENKINS_HOME%\\venv\\%JOB_NAME%\\Scripts\\activate.bat'
}
stage('checkout') {
checkout scm
if (isUnix()) {
sh 'hg --config extensions.purge= purge --all'
} else {
bat 'hg --config extensions.purge= purge --all'
}
}
stage('virtual env') {
def virtualenvscript = """$createvirtualenv
$activatevirtualenv
python -m pip install --upgrade pip
pip install --upgrade setuptools
pip install --upgrade pylint
pip install --upgrade pytest-cov
"""
if (isUnix()) {
virtualenvscript += """
pip install --upgrade python-ldap
pip install --upgrade python-pam
"""
sh virtualenvscript
} else {
bat virtualenvscript
}
}
stage('setup') {
def virtualenvscript = """$activatevirtualenv
pip install --upgrade -e .
pip install -r dev_requirements.txt
python setup.py compile_catalog
"""
if (isUnix()) {
sh virtualenvscript
} else {
bat virtualenvscript
}
stash name: 'kallithea', useDefaultExcludes: false
}
stage('pylint') {
sh script: """$activatevirtualenv
pylint -j 0 --disable=C -f parseable kallithea > pylint.out
""", returnStatus: true
archiveArtifacts 'pylint.out'
try {
step([$class: 'WarningsPublisher', canComputeNew: false, canResolveRelativePaths: false, defaultEncoding: '', excludePattern: '', healthy: '', includePattern: '', messagesPattern: '', parserConfigurations: [[parserName: 'PyLint', pattern: 'pylint.out']], unHealthy: ''])
} catch (java.lang.IllegalArgumentException exc) {
echo "You need to install the 'Warnings Plug-in' to display the pylint report."
currentBuild.result = 'UNSTABLE'
echo "Caught: ${exc}"
}
}
}
def pytests = [:]
pytests['sqlite'] = {
node {
ws {
deleteDir()
unstash name: 'kallithea'
if (isUnix()) {
sh script: """$activatevirtualenv
py.test -p no:sugar --cov-config .coveragerc --junit-xml=pytest_sqlite.xml --cov=kallithea
""", returnStatus: true
} else {
bat script: """$activatevirtualenv
py.test -p no:sugar --cov-config .coveragerc --junit-xml=pytest_sqlite.xml --cov=kallithea
""", returnStatus: true
}
sh 'sed --in-place "s/\\(classname=[\'\\"]\\)/\\1SQLITE./g" pytest_sqlite.xml'
archiveArtifacts 'pytest_sqlite.xml'
junit 'pytest_sqlite.xml'
writeFile(file: '.coverage.sqlite', text: readFile('.coverage'))
stash name: 'coverage.sqlite', includes: '.coverage.sqlite'
}
}
}
pytests['de'] = {
node {
if (isUnix()) {
ws {
deleteDir()
unstash name: 'kallithea'
withEnv(['LANG=de_DE.UTF-8',
'LANGUAGE=de',
'LC_ADDRESS=de_DE.UTF-8',
'LC_IDENTIFICATION=de_DE.UTF-8',
'LC_MEASUREMENT=de_DE.UTF-8',
'LC_MONETARY=de_DE.UTF-8',
'LC_NAME=de_DE.UTF-8',
'LC_NUMERIC=de_DE.UTF-8',
'LC_PAPER=de_DE.UTF-8',
'LC_TELEPHONE=de_DE.UTF-8',
'LC_TIME=de_DE.UTF-8',
]) {
sh script: """$activatevirtualenv
py.test -p no:sugar --cov-config .coveragerc --junit-xml=pytest_de.xml --cov=kallithea
""", returnStatus: true
}
sh 'sed --in-place "s/\\(classname=[\'\\"]\\)/\\1DE./g" pytest_de.xml'
archiveArtifacts 'pytest_de.xml'
junit 'pytest_de.xml'
writeFile(file: '.coverage.de', text: readFile('.coverage'))
stash name: 'coverage.de', includes: '.coverage.de'
}
}
}
}
pytests['mysql'] = {
node {
if (isUnix()) {
ws {
deleteDir()
unstash name: 'kallithea'
sh """$activatevirtualenv
pip install --upgrade MySQL-python
"""
withEnv(['TEST_DB=mysql://kallithea:kallithea@jenkins_mysql/kallithea_test?charset=utf8']) {
if (isUnix()) {
sh script: """$activatevirtualenv
py.test -p no:sugar --cov-config .coveragerc --junit-xml=pytest_mysql.xml --cov=kallithea
""", returnStatus: true
} else {
bat script: """$activatevirtualenv
py.test -p no:sugar --cov-config .coveragerc --junit-xml=pytest_mysql.xml --cov=kallithea
""", returnStatus: true
}
}
sh 'sed --in-place "s/\\(classname=[\'\\"]\\)/\\1MYSQL./g" pytest_mysql.xml'
archiveArtifacts 'pytest_mysql.xml'
junit 'pytest_mysql.xml'
writeFile(file: '.coverage.mysql', text: readFile('.coverage'))
stash name: 'coverage.mysql', includes: '.coverage.mysql'
}
}
}
}
pytests['postgresql'] = {
node {
if (isUnix()) {
ws {
deleteDir()
unstash name: 'kallithea'
sh """$activatevirtualenv
pip install --upgrade psycopg2
"""
withEnv(['TEST_DB=postgresql://kallithea:kallithea@jenkins_postgresql/kallithea_test']) {
if (isUnix()) {
sh script: """$activatevirtualenv
py.test -p no:sugar --cov-config .coveragerc --junit-xml=pytest_postgresql.xml --cov=kallithea
""", returnStatus: true
} else {
bat script: """$activatevirtualenv
py.test -p no:sugar --cov-config .coveragerc --junit-xml=pytest_postgresql.xml --cov=kallithea
""", returnStatus: true
}
}
sh 'sed --in-place "s/\\(classname=[\'\\"]\\)/\\1POSTGRES./g" pytest_postgresql.xml'
archiveArtifacts 'pytest_postgresql.xml'
junit 'pytest_postgresql.xml'
writeFile(file: '.coverage.postgresql', text: readFile('.coverage'))
stash name: 'coverage.postgresql', includes: '.coverage.postgresql'
}
}
}
}
stage('Tests') {
parallel pytests
node {
unstash 'coverage.sqlite'
unstash 'coverage.de'
unstash 'coverage.mysql'
unstash 'coverage.postgresql'
if (isUnix()) {
sh script: """$activatevirtualenv
coverage combine .coverage.sqlite .coverage.de .coverage.mysql .coverage.postgresql
coverage xml
""", returnStatus: true
} else {
bat script: """$activatevirtualenv
coverage combine .coverage.sqlite .coverage.de .coverage.mysql .coverage.postgresql
coverage xml
""", returnStatus: true
}
try {
step([$class: 'CoberturaPublisher', autoUpdateHealth: false, autoUpdateStability: false, coberturaReportFile: 'coverage.xml', failNoReports: false, failUnhealthy: false, failUnstable: false, maxNumberOfBuilds: 0, onlyStable: false, zoomCoverageChart: false])
} catch (java.lang.IllegalArgumentException exc) {
echo "You need to install the pipeline compatible 'CoberturaPublisher Plug-in' to display the coverage report."
currentBuild.result = 'UNSTABLE'
echo "Caught: ${exc}"
}
}
}
|