Ticket #41 (new enhancement)

Opened 1 year ago

Last modified 6 months ago

Patch to let svn use username and password for checkout or update

Reported by: leoh Assigned to: leoh
Priority: minor Milestone: 0.8.0
Component: vc-support Version:
Keywords: Cc: leoh, warner

Description

I needed SVN to use --username and --password when accessing a repository, so added that functionality in my (Debian) 0.7.5-1.1 - see attached patch.

Attachments

buildbot-svn-passwd.patch (3.3 kB) - added by leoh on 05/30/07 11:42:23.
Patch against 0.7.5 to let svn use --username and --password

Change History

05/30/07 11:42:23 changed by leoh

  • attachment buildbot-svn-passwd.patch added.

Patch against 0.7.5 to let svn use --username and --password

05/30/07 11:44:40 changed by leoh

  • component changed from buildprocess to vc-support.

07/27/07 00:55:43 changed by warner

  • cc set to leoh, warner.
  • owner changed from warner to leoh.

looks pretty good. If you add some docs to docs/buildbot.texinfo describing the new parameters then I'll go ahead and apply it.

Also, instead of pulling the username/password out of kwargs, just pull them out as regular arguments: 

buildbot/steps/source.py:
class SVN(...)
    def __init__(self, ...
                 username=None, password=None, **kwargs)
...

thanks,

-Brian

07/28/07 09:58:49 changed by warner

note to self: when closing this one, also close SF#1685034

(follow-up: ↓ 5 ) 07/28/07 10:02:16 changed by warner

I seem to remember that when this has come up before, folks have pointed out that the password you use for this will be displayed in the logs of the checkout step. If your buildmaster is private and the logs aren't visible to the world, this is probably ok (it probably means that your SVN server is world-visible, and you're using the password to restrict access to it, but the buildmaster is visible to everybody who can read from your SVN server anyway).

It would probably be worthwhile to make a note of this fact in the docs, though. These docs want to go into the 'SVN' node (grep for '@node SVN'), around line 3716 of current trunk.

(in reply to: ↑ 4 ) 07/30/07 21:40:19 changed by leoh

Replying to warner:

I seem to remember that when this has come up before, folks have pointed out that the password you use for this will be displayed in the logs of the checkout step. If your buildmaster is private and the logs aren't visible to the world, this is probably ok (it probably means that your SVN server is world-visible, and you're using the password to restrict access to it, but the buildmaster is visible to everybody who can read from your SVN server anyway).

You're right, and this is a clear problem. I may have a potential solution to suggest (once I get back home -- I'm on vacation with limited connectivity right now).

It would probably be worthwhile to make a note of this fact in the docs, though. These docs want to go into the 'SVN' node (grep for '@node SVN'), around line 3716 of current trunk.

09/30/07 00:16:02 changed by warner

  • milestone changed from 0.7.6 to 0.7.7.

0.7.6 is right around the corner, so I'm pushing this one out to the following release until we get the docs and resolve the password-in-the-clear issue

12/28/07 00:50:09 changed by warner

  • milestone changed from 0.7.7 to 0.7.8.

no progress on this yet, bumping to 0.7.8

01/03/08 04:57:16 changed by exarkun

There are other options it would be nice to pass to svn commands. For example, I want to pass --ignore-externals. Maybe it would make sense to just generalize the SVN step to allow arbitrary argments?

05/28/08 07:08:49 changed by marcusl

Generalizing to allow custom commands is good, but some kind of obfuscation for the password part would be good. (Perhaps allow a buildstep to override the display string, so the SVN-step can replace the password with <<secret>> or something)