Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

error bumping version: private keys with passphrases are not supported #115

Open
CalamarBicefalo opened this issue Jul 16, 2020 · 4 comments
Open

error bumping version: private keys with passphrases are not supported #115

CalamarBicefalo opened this issue Jul 16, 2020 · 4 comments

Comments

@CalamarBicefalo
Copy link

CalamarBicefalo commented Jul 16, 2020
edited
Loading

I have a pair of credentials that are not passphrase protected. The key has read/write access in GitHub.

For the current pipeline:

jobs:
  - name: test-and-build
    plan:
      - get: a-service
        trigger: true
      - put: version
        params:
          pre: SNAPSHOT

and the following resources:

resources:
  - name: a-service
    type: git
    source:
      uri: [email protected]:org/a-service.git
      branch: master
      private_key: ((a-service-deploy-key))

  - name: version
    type: semver
    source:
      initial_version: "0.0.0"
      driver: git
      uri: [email protected]:org/versions.git
      private_key: ((versions-deploy-key))
      branch: master
      file: a-service

I get the error:
error bumping version: private keys with passphrases are not supported

I saw a similar report in the git resource and followed advice there... The interesting thing is that if I use the version repo as input for the git resource, the git resource is capable of fetching the latest version commit (and then the version resource complains even though it is using the very same key/url), which proves:

  • The key is correct and works
  • The key is properly interpolated
  • Other git backed concourse resources seem happy with that

Any thoughts?
@CalamarBicefalo
Copy link
Author

CalamarBicefalo commented Jul 16, 2020
edited
Loading

I found the problem... but it may be something nice to address in the resource.

It was indeed a key finishing without the new blank line. The bad news is that we use AWS secret manager and it seems to strip blank lines no matter what...

Adding any arbitrary new line would make it work but it is not a scalable solution, and other concourse resources seem to tolerate this, so at a very least there's an inconsistent approach that would be nice to address.

@CalamarBicefalo
Copy link
Author

For anyone interested, a cleaner workaround in case you cannot add a blank line to the key (that was our case) would be:

  - name: version
    type: semver
    source:
      initial_version: "0.0.0"
      driver: git
      uri: [email protected]:org/versions.git
      private_key: |
         ((versions-deploy-key))
      branch: master
      file: a-service

@Drupi
Copy link

Drupi commented Jul 20, 2020

Yep ! Works ! Thank you very much :)

@RealOrko
Copy link

This issue was identified here: #79

What I find interesting is that sombody proposed a possible code change for a PR. 🤔

arnikaeva pushed a commit to boclips/boclips-player that referenced this issue Sep 23, 2021
Add new line to versions' private_key
3aefb30 
See more details in:
concourse/semver-resource#115
@xtremerui xtremerui mentioned this issue Mar 17, 2022
Closed
2 tasks
kieron-dev pushed a commit to cloudfoundry/eirini-ci that referenced this issue Apr 27, 2022
@georgethebeatle
Extract a common semver func to handle the trailing newline reqiremen…
7e1f761 
…t of the semver resource

see concourse/semver-resource#115

Co-authored-by: Georgi Sabev <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@CalamarBicefalo @Drupi @RealOrko