Page MenuHomePhabricator

Unable to push repository to remote, hostname is inaccessible
Closed, ResolvedPublic

Description

I've created a test project: https://gitlab-test.wmcloud.org/kostajh/mediawiki-extensions-GrowthExperiments

I'm prompted to add this URL for the remote: git remote add origin git@gitlab.gitlab-test.wmcloud.org:kostajh/mediawiki-extensions-GrowthExperiments.git

When I try to push, I get:

Pushing to gitlab.gitlab-test.wmcloud.org:kostajh/mediawiki-extensions-GrowthExperiments.git
ssh: Could not resolve hostname gitlab.gitlab-test.wmcloud.org: Name or service not known
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.

Event Timeline

To the best of my knowledge push have to happen over https. I don't think ssh has been configured yet :]

To the best of my knowledge push have to happen over https. I don't think ssh has been configured yet :]

Ah, OK. Maybe we should note that in the This is a test instance of GitLab for use by the Wikimedia technical community. Please be mindful that data here may disappear. notice?

This is a test instance of GitLab for use by the Wikimedia technical community. Please be mindful that data here may disappear. Pull/push only over HTTPS, not with SSH

Yeah, see T261900 - I need to re-open that for a hostname, I think. In the meanwhile I'll configure it to give out the IP address, since that should remain static.

Mentioned in SAL (#wikimedia-releng) [2020-09-11T19:27:58Z] <brennen> gitlab-test may experience some downtime as a result of zone transfer for T262516, T261900

brennen lowered the priority of this task from High to Medium.Sep 11 2020, 10:38 PM

While the gitlab box is now accessible via a floating IP at gitlab-test.wmcloud.org, there's a separate issue here with how SSH is configured on cloud VPS instances - it attempts to auth against LDAP but doesn't fall back to local users like the git created by the GitLab omnibus Chef config. There might be a workaround for that, or maybe we can add a separate sshd.

In the meanwhile, I've updated the banner to indicate that people should use the HTTPS transport.

Change 626785 had a related patch set uploaded (by Thcipriani; owner: Thcipriani):
[operations/puppet@production] gitlab-test: pam access for ssh for git user

https://gerrit.wikimedia.org/r/626785

Change 626785 merged by RLazarus:
[operations/puppet@production] gitlab-test: pam access for ssh for git user

https://gerrit.wikimedia.org/r/626785

brennen moved this task from Waiting Response to Done or Declined on the User-brennen board.

Looks good:

14:17:59 brennen@inertia:~ ✶ ssh git@gitlab-test.wmcloud.org
Enter passphrase for key '/home/brennen/.ssh/id_rsa': 
PTY allocation request failed on channel 0
Welcome to GitLab, @brennen!
Connection to gitlab-test.wmcloud.org closed.

And trying with an actual repo:

14:23:37 brennen@inertia:~ ✶ git clone git@gitlab-test.wmcloud.org:brennen/wrt.git
Cloning into 'wrt'...
remote: Enumerating objects: 2664, done.
remote: Counting objects: 100% (2664/2664), done.
remote: Compressing objects: 100% (977/977), done.
remote: Total 2664 (delta 1533), reused 2659 (delta 1531), pack-reused 0
Receiving objects: 100% (2664/2664), 1.27 MiB | 2.49 MiB/s, done.
Resolving deltas: 100% (1533/1533), done.

Thanks all, and sorry for the hassle.

(Note that you might need to double-check that remotes are using git@gitlab-test.wmcloud.org and not the earlier variant.)

~
(/^ヮ^)/*:・゚✧ /usr/bin/ssh -T git@gitlab-test.wmcloud.org
Host key fingerprint is SHA256:ivD4/XKLYZyNxua0clumaPUosFXGEeBD+CRZvYwI1Hc
+---[ECDSA 256]---+
|...++o..         |
|. ++..oE         |
| . =++.o         |
|  . o.*          |
|  .  o  S        |
|  .+.+.=         |
|  .+o.%o+        |
|  ..+O+Bo        |
|   .o+B=o.       |
+----[SHA256]-----+
Welcome to GitLab, @thcipriani!

\o/