fixed release-notes ssh git checkout website pr #2421
Conversation
k8s-ci-robot
added
release-note
k8s-ci-robot
added
the
sig/release
|
/assign @puerco |
| @@ -788,7 +788,7 @@ func releaseNotesJSON(repoPath, tag string) (jsonString string, err error) { | |||
|
|
|||
| // Preclone the repo to be able to read branches and tags | |||
| logrus.Infof("Cloning %s/%s", git.DefaultGithubOrg, git.DefaultGithubRepo) | |||
| repo, err := git.CloneOrOpenDefaultGitHubRepoSSH(repoPath) | |||
| repo, err := git.CloneOrOpenGitHubRepo(repoPath, git.DefaultGithubOrg, git.DefaultGithubRepo, false) | |||
There was a problem hiding this comment.
Thanks for the change @csantanapr
What this change will do is avoid cloning the repo via ssh and instead do all the copy operations via https. I'm willing to have this change because I guess members of the release team will bump into fewer problems as cloning with https is simpler.
But I'm concerned that we are not really getting to the root of the problem. If there is a problem with one of the git dependencies below it would be useful to know so that we can fix it.
Any idea what may be causing the key errors?
There was a problem hiding this comment.
The latest version of git-go doesn't have the fix form it's dependency go-git/go-git#411
I found this on argocd issue argoproj/argo-cd#7723
the Go SSH client also doesn’t yet support RSA with SHA-2, so we recommend using an Ed25519 key there
https://github.blog/2021-09-01-improving-git-protocol-security-github/#libgit2-and-other-git-clients
I believe that's why its having issues despite not using DSA.
There was a problem hiding this comment.
Consider using the workflow for kpromo pr: https://github.com/kubernetes-sigs/promo-tools/blob/main/cmd/kpromo/cmd/pr/pr.go
There was a problem hiding this comment.
Hi, @justaugustus I'm not familiar with kpromo pr is this is a tool I need to run against this PR to get it merge?
There was a problem hiding this comment.
Hi, @justaugustus I'm not familiar with
kpromo pris this is a tool I need to run against this PR to get it merge?
@csantanapr -- It's a tool we use for image promotion manifest updates, which will trigger the creation of a PR. I figure you can borrow some logic from it to create the release notes PRs here. :)
There was a problem hiding this comment.
That code was first borrowed from the release notes code hehe :)
@csantana, the flow that @justaugustus points out is also using https, I think we can switch krel release-notes safely.
There was a problem hiding this comment.
In other words there is agreement to merge this PR 😉
|
@puerco |
|
Another point to add is, for a new person helping with release-notes.
If we drop the ssh requirement then the new person only needs to set |
|
I did some more testing. I though it was my rsa2 ssh key maybe it was old or the keylength 2048 I tried with the 2 keys github has documented in their website https://docs.github.com/en/authentication/connecting-to-github-with-ssh/generating-a-new-ssh-key-and-adding-it-to-the-ssh-agent and I was able to validate they both work with Also cloning the repo Can you try your self @puerco just in case, first remove the repo then run with this |
|
It might be a MacOS thing. |
|
@puerco I was able to get it working consistently on both Linux and MacOS when the key gets added to |
|
OK, let's merge this to make it easier for the release team members to submit the PRs. Thanks @csantanapr ! |
k8s-ci-robot
added
the
lgtm
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: csantanapr, puerco The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
k8s-ci-robot
added
the
approved
|
Woot ! |
What type of PR is this?
/kind bug
Which issue(s) this PR fixes:
Fixes #2420