vcpkg_from_git: Add support for git over ssh#9446
Conversation
|
/azp run |
|
Maybe we should choose a port as an example to test? |
marcrambo
force-pushed
the
enable-git-over-ssh
branch
from
83c4a8d to
60b904a
Compare
|
I rebased and resolved the conflicts. Anything else I can do on my side? Would be nice to merge this one. |
JackBoosY
added
the
info:needs-maintainer-attention
|
Does this work on Linux/macOS? |
JackBoosY
added
waiting for response
and removed
info:needs-maintainer-attention
|
Yes this also works on macos / linux. Actually on these platforms git over ssh was already working, I didn't have to add anything. The only problematic platform was windows because of the clean_environment step. |
|
As @JackBoosY suggested we could also modify one of the ports to use ssh to verify the ci passes. We probably want to do that on another MR though which we close afterwards. As an alternative I can also push to this branch, and then revert the commit. |
|
@marcrambo I might just test it locally, that's all it really needs, I think. I'm going to bring it up at the PR review meeting tomorrow :) |
|
@strega-nil sounds good. Thanks! |
toolsrc/src/vcpkg/build.cpp
Outdated
There was a problem hiding this comment.
Should probably "usr/bin/ssh.exe" rather than going through the operator/= logic so many times.
There was a problem hiding this comment.
As the path separator is \ on windows this would then look like this:
fs::path git_ssh_exe_path = git_ssh_search_path / "usr\\bin\\ssh.exe"
To be honest I would rather leave it like it is. After all std::filesystem was designed to elegantly handle these platform specific details. I'd favor clarity over performance here and it looks like this is not performance critical code anyways.
There was a problem hiding this comment.
You can also do git_ssh_search_path / "usr/bin/ssh.exe"
|
Could we modify the code to append to path, as opposed to prepending to path? There's a concern about overriding some utilities with the path to ssh. |
marcrambo
force-pushed
the
enable-git-over-ssh
branch
from
dfd0fc3 to
4da3abf
Compare
|
@strega-nil I have changed the code to append the ssh path as you suggested which is probably safer. Unfortunately the pipeline seems to be broken again, but this seems unrelated to my changes. |
|
/azp run |
|
/azp run |
2 similar comments
|
/azp run |
|
/azp run |
|
Hi, |
Thanks for reporting this issue. I haven't tested it but I would say the failure is expected behavior unless you are using |
Hi, yes I imagine it's expected behavior but looking from end-user perspective, it would be nice if we could find a solution for him to know what to do (as the error message is not clear, and he just expects things to just work). |
Hi, thanks for reporting. I can reproduce the issue. I guess it has to do with additional binaries that are now visible next to the ssh executable. I'll try to come up with a solution. Probably the only way will be to overwrite the GIT_SSH environment variable. |
|
all you had to do was add a folder to ENV PATH and it's already done |
|
@marcrambo This PR looks good and ready to merge. I don't know if you wanted to make any more changes, but let me know |
dan-shaw
added
info:needs-maintainer-attention
|
@dan-shaw What about the critical issue I talked about a few messages above, that breaks compilation? |
Yes that's what I thought too. However adding the ssh directory to the path also pulls in quite a lot of unix binaries next to the ssh executable. This seems to affect the build process of open-ssh as reported by @christophe-calmejane , and potentially other packages. |
|
@dan-shaw @christophe-calmejane I had another look and it turns out the ssh path problem was fixed in upstream git-for-windows. There is no need to modify the path at all anymore, which is great! There is an interesting read on the subject here https://gitter.im/git-for-windows/git?at=5d2d8c4e01621760bcc2e649. The funny coincidence is that the git version was bumped quite recently in vcpkg: https://github.com/microsoft/vcpkg/pull/10311/files just 2 days before I rebased my PR, so that's a pretty good timing i'd say ;) @christophe-calmejane thanks again for reporting the issue. It was also quite good timing i'd say ;) I have tested extensively all variants of downloaded / system git, with / without GIT_SSH GIT_SSH_COMMAND ... and everything is working as expected. |
|
@marcrambo I rebased my own work yesterday, and was forced to revert your commits due to openssl compilation issue, and the funny thing I noticed is my ssh repositories were working just fine! |
Yes vcpkg uses a download cache for each package. So even if you remove and reinstall a package, vcpkg will not fetch the source again. This explains why it was still working for you after switching back to master. At least the remaining parts of this PR are needed to unblock non-https urls, and to whitelist some environmental variables for the ssh-agent. @dan-shaw from my side this PR is good to go. Please feel free to merge. |
|
I was talking about a cache for SSH, not vcpkg. When I do my tests I always wipe all generated folders (downloads, buildtrees, packages, installed). |
JackBoosY
added
Needs Testing
and removed
info:needs-maintainer-attention
|
@marcrambo I confirm I can build openssl-windows once again, and I can clone using SSH as well. |
|
@christophe-calmejane So, does this PR work now? |
|
@JackBoosY yes it does |
JackBoosY
added
info:needs-maintainer-attention
|
@marcrambo Thanks for the PR and wait! @christophe-calmejane thanks for testing! |
* vcpkg_from_git: Add support for git over ssh * vcpkg_from_git: append ssh bin directory to path * vcpkg_from_git: fix function signature on non windows platforms * Revert "vcpkg_from_git: fix function signature on non windows platforms" This reverts commit 0d608ee. * Revert "vcpkg_from_git: append ssh bin directory to path" This reverts commit 377ce3f. * Partial Revert "vcpkg_from_git: Add support for git over ssh" This partially reverts commit 9b81b16. Co-authored-by: Marc Boucek <marc.boucek@native-instruments.de> Co-authored-by: Marc Boucek <marc.boucek@posteo.net>
9 participants
vcpkg_from_git currently restricts urls to start with https. This PR removes the restriction and adds support for git over SSH, which is often preferred or even needed for private repos.
I do understand the restriction of https in vcpkg_from_github / vcpkg_from_bitbucket but from my understanding in vcpkg_from_git both protocols should be allowed and work the same way.
The tricky part is to make git over SSH work inside sandboxed vcpkg environment on windows:
I have tested all the above combinations of set / unset environment variables and git clients on windows. I have also tested on MacOS to verify that ssh works as expected, but this was already working out of the box, since there is no sandboxing on non-windows platforms.
What does your PR fix? Fixes issues vcpkg_from_git does not work with SSH URL #6126, Allow more transports (e.g. ssh, http) for vcpkg_from_git() #9046
Which triplets are supported/not supported? Have you updated the CI baseline?
This change should be triplet independent. I tested it with x64-windows and x64-macOS
Does your PR follow the maintainer guide?
AFAIK yes.