search

concourse / semver-resource

automated semantic version bumping
Apache License 2.0
97 stars 105 forks source link

error bumping version: private keys with passphrases are not supported #115

Open CalamarBicefalo opened 4 years ago

CalamarBicefalo commented 4 years ago

I have a pair of credentials that are not passphrase protected. The key has read/write access in GitHub.

For the current pipeline:

jobs:
  - name: test-and-build
    plan:
      - get: a-service
        trigger: true
      - put: version
        params:
          pre: SNAPSHOT

and the following resources:

resources:
  - name: a-service
    type: git
    source:
      uri: git@github.com:org/a-service.git
      branch: master
      private_key: ((a-service-deploy-key))

  - name: version
    type: semver
    source:
      initial_version: "0.0.0"
      driver: git
      uri: git@github.com:org/versions.git
      private_key: ((versions-deploy-key))
      branch: master
      file: a-service

I get the error: error bumping version: private keys with passphrases are not supported

I saw a similar report in the git resource and followed advice there... The interesting thing is that if I use the version repo as input for the git resource, the git resource is capable of fetching the latest version commit (and then the version resource complains even though it is using the very same key/url), which proves:

Any thoughts?

CalamarBicefalo commented 4 years ago

I found the problem... but it may be something nice to address in the resource.

It was indeed a key finishing without the new blank line. The bad news is that we use AWS secret manager and it seems to strip blank lines no matter what...

Adding any arbitrary new line would make it work but it is not a scalable solution, and other concourse resources seem to tolerate this, so at a very least there's an inconsistent approach that would be nice to address.

CalamarBicefalo commented 4 years ago

For anyone interested, a cleaner workaround in case you cannot add a blank line to the key (that was our case) would be:

  - name: version
    type: semver
    source:
      initial_version: "0.0.0"
      driver: git
      uri: git@github.com:org/versions.git
      private_key: |
         ((versions-deploy-key))
      branch: master
      file: a-service
Drupi commented 4 years ago

Yep ! Works ! Thank you very much :)

RealOrko commented 4 years ago

This issue was identified here: https://github.com/concourse/semver-resource/issues/79

What I find interesting is that sombody proposed a possible code change for a PR. :thinking: