Gerrit LDAP setup and getting InitInjector failed error - ldap

i am trying to configure LDAP auth setup in gerrit and to encrypt/decrypt LDAP password from secure.config file , i used secure-config plugin. and i placed that plugin under $gerrit/path/lib and added line in gerrit.config file
[gerrit]
secureStoreClass = com.googlesource.gerrit.plugins.secureconfig.SecureConfigStore
followed instruction from https://gerrit.googlesource.com/plugins/secure-config/
then i did init like below and getting below error
java -jar gerrit-war-2.13.7.war init -d Gerrit/
fatal: InitInjector failed
fatal: Unable to create injector, see the following errors
fatal: 1) Error injecting constructor, java.lang.NullPointerException
fatal: at com.googlesource.gerrit.plugins.secureconfig.PBECodec.<init>(PBECodec.java:47)
fatal: at com.googlesource.gerrit.plugins.secureconfig.PBECodec.class(PBECodec.java:39)
fatal: while locating com.googlesource.gerrit.plugins.secureconfig.PBECodec
fatal: for the 2nd parameter of com.googlesource.gerrit.plugins.secureconfig.SecureConfigStore.<init>(SecureConfigStore.java:46)
fatal:at com.googlesource.gerrit.plugins.secureconfig.SecureConfigStore.class(SecureConfigStore.java:46)
fatal:while locating com.googlesource.gerrit.plugins.secureconfig.SecureConfigStore fatal: while locating com.google.gerrit.server.securestore.SecureStoreProvider
fatal: at com.google.gerrit.pgm.init.BaseInit$1.configure(BaseInit.java:274)
fatal: while locating com.google.gerrit.server.securestore.SecureStore
fatal: for the 2nd parameter of com.google.gerrit.server.config.GerritServerConfigProvider.<init>(GerritServerConfigProvider.java:40)
fatal: while locating com.google.gerrit.server.config.GerritServerConfigProvider
fatal: at com.google.gerrit.server.config.GerritServerConfigModule.configure(GerritServerConfigModule.java:78) fatal: while locating org.eclipse.jgit.lib.Config annotated with #com.google.gerrit.server.config.GerritServerConfig()
fatal: for the 1st parameter of com.google.gerrit.server.config.TrackingFootersProvider.<init>(TrackingFootersProvider.java:46)
fatal: at com.google.gerrit.server.config.TrackingFootersProvider.class(TrackingFootersProvider.java:35)
fatal: while locating com.google.gerrit.server.config.TrackingFootersProvider
fatal: at com.google.gerrit.server.config.GerritServerConfigModule.configure(GerritServerConfigModule.java:77)
fatal: while locating com.google.gerrit.server.config.TrackingFooters fatal: Caused by: java.lang.NullPointerException

You're following the instructions from the master branch but you're using Gerrit 2.13.7. Have you installed the secure-config plugin from master branch or from stable-2.13 one? I saw there's a difference between the master and stable-2.13 instructions in the "How to run" section:
master
Gerrit secure.config properties need to be generated and managed using the Gerrit init wizard. All the passwords entered at init will be stored as encrypted values and then decrypted on-the-fly when needed at runtime.
stable-2.13
This plugin will decode values in secure.config, it will fail if there is an existing secure.config which contains values that are not encrypted. If the values in the current secure.config are not encrypted you will need to either clear out secure.config or back it up by moving it to another file before running this plugin.
See the stable-2.13 instructions here.

Related

i am trying to run the command "pacman -Syu" on "msys2" and it doesn't work

I just installed the window64 version of msys2 and I try to update the package database and base packages running the "pacman -Syu" command.
I get this error :
$ pacman -Syu
:: Synchronizing package databases...
mingw32.db failed to download
mingw64.db failed to download
ucrt64.db failed to download
clang32.db failed to download
clang64.db failed to download
error: failed retrieving file 'mingw32.db' from mirror.msys2.org : SSL connection timeout
error: failed retrieving file 'mingw64.db' from mirror.msys2.org : SSL connection timeout
error: failed retrieving file 'ucrt64.db' from mirror.msys2.org : SSL connection timeout
warning: too many errors from mirror.msys2.org, skipping for the remainder of this transaction
error: failed retrieving file 'clang32.db' from mirror.msys2.org : SSL connection timeout
error: failed retrieving file 'clang64.db' from mirror.msys2.org : SSL connection timeout
error: failed retrieving file 'mingw32.db' from repo.msys2.org : SSL connection timeout
if anyone has an idea i would appreciate it.

Hyperledger Fabric error: "TLS: bad certificate server" when installing chaincode

I'm just starting learning HLF, and I have an error while following tutorial from the docs: link
I downloaded fabric-samples using this command (replaced bit.ly link with the destination):
curl -sSL https://raw.githubusercontent.com/hyperledger/fabric/master/scripts/bootstrap.sh | bash -s -- 2.2.2 1.4.9
I run logspout in one terminal and try to execute peer lifecycle chaincode install basic.tar.gz in another one, and this is the result i get
Error: failed to retrieve endorser client for install: endorser client
failed to connect to localhost:7051: failed to create new connection:
context deadline exceeded
Log presented by Logspout:
peer0.org1.example.com|2022-03-15 13:03:24.452 UTC [core.comm]
ServerHandshake -> ERRO 04a Server TLS handshake failed in 2.650245ms
with error remote error: tls: bad certificate server=PeerServer
remoteaddress=172.22.0.1:61126
I set the envs in terminal as instructed in the docs, and I checked that CORE_PEER_TLS_ROOTCERT_FILE variable points to an existing file. The content of the file is the same as on the container.
What I tried to do:
download fabric-samples again and redo all the setup with copy-pasting the commands directly from docs
Do you have any suggestions where I can look for an issue?
I resolved the problem, I was using peer version 2.2.1 from previous experiments, it probably collided with FABRIC_CFG_PATH

Jenkins withCredentials gitUsernamePassword GIT issue

I have an issue with pushing to repo using jenkins git plugin.
I'm using withCredentials([gitUsernamePassword(credentialsId: 'id')])
I'm have credentials looks like user#support.com, so then I'm trying to push I see an error Authentication failed .
Probably git plugin couldn't process login which looks like user#support.com, due to this fact auth looks like https://user#support.com#site_name, 2 symbols "#" in 1 string.
17:18:02 14:18:02.696390 git.c:371 trace: built-in: git 'push' 'origin' 'branch_name'
17:18:02 14:18:02.697060 run-command.c:350 trace: run_command: 'git-remote-https' 'origin' 'https://site_name/repo_name.git'
17:18:02 14:18:02.824423 run-command.c:350 trace: run_command: **** 'Username for '\''https://site_name'\'': '
17:18:02 14:18:02.827488 run-command.c:350 trace: run_command: **** 'Password for '\''https://user#support.com#site_name'\'': '
17:18:05 remote: Invalid username or password
17:18:05 fatal: Authentication failed for 'https://site_name/repo_name.git/'
Any suggestions?

Fabric8 / Minikube: Builds in Jenkins are failing due to authorization problems

I wanted to learn more about Fabric8, however, it is not possible to build even a very simple project. I am running it locally on a Minikube cluster.
The setup is:
Mac OS Sierra
Minikube v0.18.0
Fabric8 v0.4.122
So I have a simple Spring Boot application in the local Gogs repository. The builds are failing with this message:
/usr/bin/git checkout -f d8af29f8af7a498331a244d245fb321003ef110d
/usr/bin/git rev-list d8af29f8af7a498331a244d245fb321003ef110d # timeout=10
[Pipeline] End of Pipeline
io.fabric8.kubernetes.client.KubernetesClientException: An error has occurred.
at io.fabric8.kubernetes.client.KubernetesClientException.launderThrowable(KubernetesClientException.java:57)
at io.fabric8.kubernetes.client.utils.HttpClientUtils.createHttpClient(HttpClientUtils.java:153)
[...]
Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1949)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:302)
So I took the ca.crt from Minikube (~/minikube/ca.crt) and added it (base64-encoded) to the jenkins-git-ssh secret which gets mounted in the Jenkins pod in /var/run/secrets/kubernetes.io/serviceaccount. The next build ended with this error:
/usr/bin/git checkout -f d8af29f8af7a498331a244d245fb321003ef110d
/usr/bin/git rev-list d8af29f8af7a498331a244d245fb321003ef110d # timeout=10
[Pipeline] End of Pipeline
io.fabric8.kubernetes.client.KubernetesClientException: Failure executing: GET at: https://kubernetes.default/. Message: Unauthorized
.
The same happens when I use apiserver.crt from Minikube.
When using ca.pem instead I get:
Caused by: java.security.cert.CertificateException: Unable to initialize, java.io.IOException: extra data given to DerValue constructor
at sun.security.x509.X509CertImpl.<init>(X509CertImpl.java:198)
at sun.security.provider.X509Factory.engineGenerateCertificate(X509Factory.java:102)
I can access the Kubernetes API from the Jenkins pod only when adding both apiserver.crt and apiserver.key to the secret. Executing
curl -k --cert apiserver.crt --key apiserver.key https://kubernetes.default/.
is successful then - but the Jenkins build is still failing.
So Im a bit lost here. Does anybody have an idea how to continue?
Thanks and regards,
Daniel
we have a fix but it's not released yet. Details can be found https://github.com/fabric8io/fabric8/issues/6829#issuecomment-301467664 which also describes a workaround.
TL;DR you can edit the jenkins service account and remove the following lines before restarting the jenkins master pod:
-secrets:
-- name: "jenkins-git-ssh"
-- name: "jenkins-master-ssh"
-- name: "jenkins-release-gpg"
Hope that helps.

Git-svn 'refs/remotes/tags' exists; cannot create

I have a problem when trying to migrate the subversion repository to Git repository
I run by following command
git svn clone -s --ignore-paths="tags" svn://localhost/web .
and I got the error message as below,
branch_from: /branches/tags => /branches/tags/3.7
Found possible branch point: svn://localhost/web/branches/tags/3.7 => svn://localhost/web/tags/3.7, 15131
Initializing parent: refs/remotes/tags/3.7#15131
W: Ignoring error from SVN, path probably does not exist: (160013): Filesystem has no item: File not found: revision 101, path '/branches/tags/3.7'
W: Do not be alarmed at the above message git-svn is just searching aggressively for old history.
This may take a while on large repositories
Found possible branch point: svn://localhost/web/branches/workspace_production_3.0 => svn://localhost/web/branches/tags/3.7, 10538
Found branch parent: (refs/remotes/tags/3.7#15131) a7067c8515c17c7f0bf8c6390a785426a8de5b83
Following parent with do_switch
Successfully followed parent
error: 'refs/remotes/tags' exists; cannot create 'refs/remotes/tags/3.7#15131'
fatal: Cannot lock the ref 'refs/remotes/tags/3.7#15131'.
update-ref -m r10539 refs/remotes/tags/3.7#15131 67f3c547c7dfac657fcfd7759746f44eb74b187f: command returned error: 128
actually I don't want to ignore any path, but seem like tags occurs the problem, so I put it to the ignore-path.
Do I missing something?
For my repository, there are the previous revision that contains non-standard repository form like /branches/tags , so, I fixed by re-create git rep with following command
git svn init -s --ignore-paths="^tags|^branches/tags" svn://localhost/web .
git svn fetch