PushFlows ignores the result of PushCommand.call() with BitBucket

[lburja]

Describe the issue

I have a situation where the PushFlows task finishes successfully, but I see no commits in the remote git repo (BitBucket).

Here is a screenshot from Kestra, where the log output claims that changes were pushed:

However, when I check the remote repository, no commits have been made in fact.

By looking in the source code, I see that the result of PushCommand.call() is ignored:

According to this StackOverflow question, not all push errors result in an exception being thrown, some of them are returned as push results : https://stackoverflow.com/questions/51140394/jgit-push-wont-fail-when-push-is-impossible I believe that the push fails in some way, but there's no way to see the error in Kestra.

I would expect at the very least that any push result is logged. Even better, it would be returned as an output, and the task would throw an exception if any update was rejected.

Environment

• Kestra Version: v0.18.2
• Operating System (OS/Docker/Kubernetes): Kubernetes
• Java Version (if you don't run kestra in Docker): n/a

[anna-geller]

Can you share the exact flow you were using? Also, can you say more about your setup? Is your Git VCS self-hosted and if so, can you confirm you can reach it from your kestra container? Do you see any server logs that can be helpful to reproduce this?

We should certainly fail the task if something fails to be pushed

cc @smunteankestra perhaps you can check the default BitBucket setup on develop to see if you can reproduce?

[lburja]

@anna-geller Yes, I can share the flow, it's pretty simple:

id: git-push-flows
namespace: git

pluginDefaults:
  - type: io.kestra.plugin.git.PushFlows
    values:
      url: https://dpl.cis.consilium.europa.eu/bitbucket/scm/gscdp/data-platform.git
      branch: master
      password: "....redacted...."
      username: "....redacted...."
      includeChildNamespaces: true 

tasks:
  - id: commit-and-push-git
    type: io.kestra.plugin.git.PushFlows
    gitDirectory: kestra/git-sync/flows/git
    sourceNamespace: git
    commitMessage: Latest flows in namespace git

We have indeed a self-hosted BitBucket. It's reachable from Kestra, since I can do SyncFlows successfully.

There are some rules for commits, for example unsigned commits are rejected. In this case, maybe the error is that the commit is unsigned. Or maybe something else.

The point of the bug report is that Kestra doesn't log any errors if the push is rejected. If I saw the reject message, I could fix it (e.g., disabling in BitBucket the requirement for signed commits for this particular repo).

[smunteankestra]

@anna-geller I checked a simple commit to bitbucket - works most likely it's something related to the bitbucket configuration

Flow

id: manuallypush
namespace: io.kestra.flows

tasks:
  - id: commit_and_push
    type: io.kestra.plugin.git.PushFlows
    username: "{{kv('user')}}"
    password: "{{ kv('password') }}"
    url: https://bitbucket.org/kestratest123/kestratest123.git
    branch: main
    sourceNamespace: debug
    targetNamespace: tutorial
    gitDirectory: flows
    commitMessage: "push all development flows to Git and create a PR"
    dryRun: false

[lburja]

@smunteankestra The point is that PushCommand::call() returns a value (Iterable<PushResult>), which might contain status OK, or status REJECTED_OTHER_REASON, or ....

But, Kestra ignores the result (see AbstractPushTask):

[lburja]

I've tested my hypothesis, and it's indeed this option that breaks the push:

If I disable the "Verify Commit Signature", then the Push finishes with success:

[anna-geller]

great, thx so much for thorough examination @smunteankestra 💯

so next steps: add error handling for when push doesn't work when commit signature verification is not enabled