[Bug] Invalid format : Can't connect to new Bitbucket projects after upgrade to 2.x
leewillis77 opened this issue · comments
Expected behavior
When a new project is setup and SSH keys configured, build clones repository successfully.
Actual behavior
When a new project is setup, and SSH keys configured, the build fails with the following error:
Cloning into '<PHP_CENSOR_PATH>/runtime/builds/14/2315_f67f6a5d'...
Load key "/tmp/key_NpOwTO": invalid format
git@bitbucket.org: Permission denied (publickey).
fatal: Could not read from remote repository.
Note: Existing projects are unaffected.
The only difference I can see between a working, and non-working project is for the old (working) projects, the private key is marked as:
-----BEGIN RSA PRIVATE KEY-----
For new (failing) projects, the private key is marked:
-----BEGIN OPENSSH PRIVATE KEY-----
Steps to reproduce
- Create a new project
- Copy generated public key into Bitbucket access keys
- Attempt to build project
Environment
- PHP Censor version: 2.0.1
- Operating System: Ubuntu 20.04.1
- PHP version: 7.4.13
- MySQL/PostgreSQL version: 8.0.23
After a bit of investigation, I think the issue is that the private key is generated and stored with \r\n style newlines.
The following SQL update resolved the issue for me:
update projects set ssh_private_key = REPLACE(ssh_private_key, '\r', '') where id = 15;
@leewillis77 Thank you for the detailed report with investigation and workaround! I will try to fix it as soon as posible.
Fixed in branch 2.0-ssh-key-fix
. @leewillis77 Could you test fix with your case please?
I'm afraid that, the keys generated there don't work either (although they no longer appear to have \r characters in). They give the same "invalid format" error as the original report.
Here's the steps I'm following:
- Go to Admin Options » Add Project
- Choose "Bitbucket (Git)"
- Enter repository name, title and default branch
- Click "Save Project"
- Copy "public key"
- Got to Bitbucket, and click on Repository Settings » Access Keys
- Click "Add key", enter a label, and paste in the public key
- Head back to php-censor, and click "Build now"
@leewillis77 Could you test your case on branch 2.0-ssh-key-fix
again please? I guess I fix problem and now I can't reproduce it. For testing you should create new project with new key or edit/save any old project before use key. Thanks!
Confirmed working here. Thanks!
Merged into branches release-1.3
, release-2.0
and master
. It will be released in versions 1.3.2
and 2.0.2
.
Thanks!