[
https://issues.apache.org/jira/browse/SCM-1030?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Nikolas Falco updated SCM-1030:
-------------------------------
Description:
We are moving our SCM developer connection from https that use a configured
appPassword credentials to git/ssh configured with a private SSH key.
From
{code:xml}
<developerConnection>scm:git:https://bitbucket.org/owner/reponame.git</developerConnection>{code}
with credentials in settings.xml like this:
{code:xml}
<server>
<id>bitbucket.org</id>
<username>builder</username>
<password>secret</password>
</server>
{code}
To
{code:xml}
<developerConnection>scm:git:ssh://g...@bitbucket.org/owner/reponame.git</developerConnection>{code}
with credentials in settings.xml like this:
{code:xml}
<server>
<id>bitbucket.org</id>
<privateKey>fullpath/to/private/key</privateKey>
</server>
{code}
When we run {{mvn -ntp release:prepare}} we get the following error:
{code:bash}
[INFO] 11/17 prepare:scm-commit-release
[INFO] Checking in modified POMs...
[INFO] Executing: cmd.exe /X /C "git add -- pom.xml"
[INFO] Working directory: D:\git\reponame
[INFO] Executing: cmd.exe /X /C "git rev-parse --show-prefix"
[INFO] Working directory: D:\git\reponame
[INFO] Executing: cmd.exe /X /C "git status --porcelain ."
[INFO] Working directory: D:\git\reponame
[WARNING] Ignoring unrecognized line: ?? pom.xml.releaseBackup
[WARNING] Ignoring unrecognized line: ?? release.properties
[INFO] Executing: cmd.exe /X /C "git commit --verbose -F
C:\Users\nfalco\AppData\Local\Temp\maven-scm-2141752647.commit"
[INFO] Working directory: D:\git\os-devops-organisation-pom
[INFO] Executing: cmd.exe /X /C "git symbolic-ref HEAD"
[INFO] Working directory: D:\git\reponame
[INFO] Executing: cmd.exe /X /C "git push
ssh:********@bitbucket.org/owner/reponame.git
refs/heads/master:refs/heads/master"
[INFO] Working directory: D:\git\reponame
[INFO] 12/17 prepare:scm-tag
[INFO] Tagging release with the label 1.13...
[INFO] Executing: cmd.exe /X /C "git tag -F
C:\Users\nfalco\AppData\Local\Temp\maven-scm-699167272.commit 1.13"
[INFO] Working directory: D:\git\reponame
[INFO] Executing: cmd.exe /X /C "git push
ssh:********@bitbucket.org/owner/reponame.git refs/tags/1.13"
[INFO] Working directory: D:\git\reponame
[INFO] ------------------------------------------------------------------------
[INFO] BUILD FAILURE
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 15.470 s
[INFO] Finished at: 2025-04-08T15:54:53+02:00
[INFO] ------------------------------------------------------------------------
[ERROR] Failed to execute goal
org.apache.maven.plugins:maven-release-plugin:3.1.1:prepare (default-cli) on
project opensoftware-parent: Unable to tag SCM
[ERROR] Provider message:
[ERROR] The git-push command failed.
[ERROR] Command output:
[ERROR] g...@bitbucket.org: Permission denied (publickey).
[ERROR] fatal: Could not read from remote repository.
[ERROR]
[ERROR] Please make sure you have the correct access rights
[ERROR] and the repository exists.
[ERROR]
{code}
Commit {{[maven-release-plugin] prepare release 1.13}} is pushed with success
but fail to push annotated tag.
If we add the environment variable
{code:bash}
GIT_SSH_COMMAND = "ssh -i d:\\builder.private.openssh"{code}
the tag is pushed with success to remote
{code:bash}
...
[INFO] 12/17 prepare:scm-tag
[INFO] Tagging release with the label 1.13...
[INFO] Executing: cmd.exe /X /C "git tag -F
C:\Users\nfalco\AppData\Local\Temp\maven-scm-826466640.commit 1.13"
[INFO] Working directory: D:\git\reponame
[INFO] Executing: cmd.exe /X /C "git push
ssh:********@bitbucket.org/owner/reponame.git refs/tags/1.13"
[INFO] Working directory: D:\git\reponame
[INFO] Executing: cmd.exe /X /C "git ls-files"
[INFO] Working directory: D:\git\reponame
[INFO] 13/17 prepare:rewrite-poms-for-development
[INFO] Transforming pom.xml opensoftware-parent 'Opensoftware'...
[INFO] 14/17 prepare:remove-release-poms
[INFO] Not removing release POMs
[INFO] 15/17 prepare:run-completion-goals
[INFO] 16/17 prepare:scm-commit-development
[INFO] Checking in modified POMs...
[INFO] Executing: cmd.exe /X /C "git add -- pom.xml"
[INFO] Working directory: D:\git\reponame
[INFO] Executing: cmd.exe /X /C "git rev-parse --show-prefix"
[INFO] Working directory: D:\git\reponame
[INFO] Executing: cmd.exe /X /C "git status --porcelain ."
[INFO] Working directory: D:\git\reponame
[WARNING] Ignoring unrecognized line: ?? pom.xml.releaseBackup
[WARNING] Ignoring unrecognized line: ?? release.properties
[INFO] Executing: cmd.exe /X /C "git commit --verbose -F
C:\Users\nfalco\AppData\Local\Temp\maven-scm-1969078592.commit"
[INFO] Working directory: D:\git\reponame
[INFO] Executing: cmd.exe /X /C "git symbolic-ref HEAD"
[INFO] Working directory: D:\git\reponame
[INFO] Executing: cmd.exe /X /C "git push
ssh:********@bitbucket.org/owner/reponame.git
refs/heads/master:refs/heads/master"
[INFO] Working directory: D:\git\reponame
[INFO] 17/17 prepare:end-release
[INFO] Release preparation complete.
{code}
Digging into the source code in Github repository I think I have found the root
cause for this behaviour.
In GitTagCommand class at [line
149|https://github.com/apache/maven-scm/blob/55f3e9ec07567ea97e3c58db5d495389d48b34b9/maven-scm-providers/maven-scm-providers-git/maven-scm-provider-gitexe/src/main/java/org/apache/maven/scm/provider/git/gitexe/command/tag/GitTagCommand.java#L149]
the push command is created without pass the given GitScmProviderRepository to
git CLI builder. This mean that the CLI builder at [line
101|https://github.com/apache/maven-scm/blob/55f3e9ec07567ea97e3c58db5d495389d48b34b9/maven-scm-providers/maven-scm-providers-git/maven-scm-provider-gitexe/src/main/java/org/apache/maven/scm/provider/git/gitexe/command/GitCommandLineUtils.java#L101]
will not inject the GIT_SSH_COMMAND variable with the privateKey like the
CheckInCommand does at [line
189|https://github.com/apache/maven-scm/blob/55f3e9ec07567ea97e3c58db5d495389d48b34b9/maven-scm-providers/maven-scm-providers-git/maven-scm-provider-gitexe/src/main/java/org/apache/maven/scm/provider/git/gitexe/command/checkin/GitCheckInCommand.java#L189]
was:
We are moving our SCM developer connection from https that use a configured
appPassword credentials to git/ssh configured with a private SSH key.
From
{code:xml}
<developerConnection>scm:git:https://bitbucket.org/owner/reponame.git</developerConnection>{code}
with credentials in settings.xml like this:
{code:xml}
<server>
<id>bitbucket.org</id>
<username>builder</username>
<password>secret</password>
</server>
{code}
To
{code:xml}
<developerConnection>scm:git:ssh://g...@bitbucket.org/owner/reponame.git</developerConnection>{code}
with credentials in settings.xml like this:
{code:xml}
<server>
<id>bitbucket.org</id>
<privateKey>fullpath/to/private/key</privateKey>
</server>
{code}
When we run {{mvn -ntp release:prepare}} we get the following error:
{code:bash}
[INFO] 11/17 prepare:scm-commit-release
[INFO] Checking in modified POMs...
[INFO] Executing: cmd.exe /X /C "git add -- pom.xml"
[INFO] Working directory: D:\git\reponame
[INFO] Executing: cmd.exe /X /C "git rev-parse --show-prefix"
[INFO] Working directory: D:\git\reponame
[INFO] Executing: cmd.exe /X /C "git status --porcelain ."
[INFO] Working directory: D:\git\reponame
[WARNING] Ignoring unrecognized line: ?? pom.xml.releaseBackup
[WARNING] Ignoring unrecognized line: ?? release.properties
[INFO] Executing: cmd.exe /X /C "git commit --verbose -F
C:\Users\nfalco\AppData\Local\Temp\maven-scm-2141752647.commit"
[INFO] Working directory: D:\git\os-devops-organisation-pom
[INFO] Executing: cmd.exe /X /C "git symbolic-ref HEAD"
[INFO] Working directory: D:\git\reponame
[INFO] Executing: cmd.exe /X /C "git push
ssh:********@bitbucket.org/owner/reponame.git
refs/heads/master:refs/heads/master"
[INFO] Working directory: D:\git\reponame
[INFO] 12/17 prepare:scm-tag
[INFO] Tagging release with the label 1.13...
[INFO] Executing: cmd.exe /X /C "git tag -F
C:\Users\nfalco\AppData\Local\Temp\maven-scm-699167272.commit 1.13"
[INFO] Working directory: D:\git\reponame
[INFO] Executing: cmd.exe /X /C "git push
ssh:********@bitbucket.org/owner/reponame.git refs/tags/1.13"
[INFO] Working directory: D:\git\reponame
[INFO] ------------------------------------------------------------------------
[INFO] BUILD FAILURE
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 15.470 s
[INFO] Finished at: 2025-04-08T15:54:53+02:00
[INFO] ------------------------------------------------------------------------
[ERROR] Failed to execute goal
org.apache.maven.plugins:maven-release-plugin:3.1.1:prepare (default-cli) on
project opensoftware-parent: Unable to tag SCM
[ERROR] Provider message:
[ERROR] The git-push command failed.
[ERROR] Command output:
[ERROR] g...@bitbucket.org: Permission denied (publickey).
[ERROR] fatal: Could not read from remote repository.
[ERROR]
[ERROR] Please make sure you have the correct access rights
[ERROR] and the repository exists.
[ERROR]
{code}
Commit {{[maven-release-plugin] prepare release 1.13}} is pushed with success
but fail to push annotated tag.
If we add the environment variable
{code:bash}
GIT_SSH_COMMAND = "ssh -i d:\\builder.private.openssh"{code}
the tag is pushed with success to remote
{code:bash}
...
[INFO] 12/17 prepare:scm-tag
[INFO] Tagging release with the label 1.13...
[INFO] Executing: cmd.exe /X /C "git tag -F
C:\Users\nfalco\AppData\Local\Temp\maven-scm-826466640.commit 1.13"
[INFO] Working directory: D:\git\reponame
[INFO] Executing: cmd.exe /X /C "git push
ssh:********@bitbucket.org/owner/reponame.git refs/tags/1.13"
[INFO] Working directory: D:\git\reponame
[INFO] Executing: cmd.exe /X /C "git ls-files"
[INFO] Working directory: D:\git\reponame
[INFO] 13/17 prepare:rewrite-poms-for-development
[INFO] Transforming pom.xml opensoftware-parent 'Opensoftware'...
[INFO] 14/17 prepare:remove-release-poms
[INFO] Not removing release POMs
[INFO] 15/17 prepare:run-completion-goals
[INFO] 16/17 prepare:scm-commit-development
[INFO] Checking in modified POMs...
[INFO] Executing: cmd.exe /X /C "git add -- pom.xml"
[INFO] Working directory: D:\git\reponame
[INFO] Executing: cmd.exe /X /C "git rev-parse --show-prefix"
[INFO] Working directory: D:\git\reponame
[INFO] Executing: cmd.exe /X /C "git status --porcelain ."
[INFO] Working directory: D:\git\reponame
[WARNING] Ignoring unrecognized line: ?? pom.xml.releaseBackup
[WARNING] Ignoring unrecognized line: ?? release.properties
[INFO] Executing: cmd.exe /X /C "git commit --verbose -F
C:\Users\nfalco\AppData\Local\Temp\maven-scm-1969078592.commit"
[INFO] Working directory: D:\git\reponame
[INFO] Executing: cmd.exe /X /C "git symbolic-ref HEAD"
[INFO] Working directory: D:\git\reponame
[INFO] Executing: cmd.exe /X /C "git push
ssh:********@bitbucket.org/owner/reponame.git
refs/heads/master:refs/heads/master"
[INFO] Working directory: D:\git\reponame
[INFO] 17/17 prepare:end-release
[INFO] Release preparation complete.
{code}
Digging into the source code in Github repository I think to found the root
reason of this behaviour.
In GitTagCommand class at [line
149|https://github.com/apache/maven-scm/blob/55f3e9ec07567ea97e3c58db5d495389d48b34b9/maven-scm-providers/maven-scm-providers-git/maven-scm-provider-gitexe/src/main/java/org/apache/maven/scm/provider/git/gitexe/command/tag/GitTagCommand.java#L149]
the push command is created without pass the given GitScmProviderRepository to
git CLI builder. This mean that the CLI builder at [line
101|https://github.com/apache/maven-scm/blob/55f3e9ec07567ea97e3c58db5d495389d48b34b9/maven-scm-providers/maven-scm-providers-git/maven-scm-provider-gitexe/src/main/java/org/apache/maven/scm/provider/git/gitexe/command/GitCommandLineUtils.java#L101]
will not inject the GIT_SSH_COMMAND variable with the privateKey like the
CheckInCommand does at [line
189|https://github.com/apache/maven-scm/blob/55f3e9ec07567ea97e3c58db5d495389d48b34b9/maven-scm-providers/maven-scm-providers-git/maven-scm-provider-gitexe/src/main/java/org/apache/maven/scm/provider/git/gitexe/command/checkin/GitCheckInCommand.java#L189]
> Prepare goal does fail to push tag using SCM URL over SSH
> ---------------------------------------------------------
>
> Key: SCM-1030
> URL: https://issues.apache.org/jira/browse/SCM-1030
> Project: Maven SCM
> Issue Type: Bug
> Components: maven-scm-provider-gitexe
> Affects Versions: 2.1.0
> Environment: windows 11
> maven 3.9.9
> git 2.47.1
> Reporter: Nikolas Falco
> Priority: Major
>
> We are moving our SCM developer connection from https that use a configured
> appPassword credentials to git/ssh configured with a private SSH key.
> From
> {code:xml}
> <developerConnection>scm:git:https://bitbucket.org/owner/reponame.git</developerConnection>{code}
> with credentials in settings.xml like this:
> {code:xml}
> <server>
> <id>bitbucket.org</id>
> <username>builder</username>
> <password>secret</password>
> </server>
> {code}
> To
> {code:xml}
> <developerConnection>scm:git:ssh://g...@bitbucket.org/owner/reponame.git</developerConnection>{code}
> with credentials in settings.xml like this:
> {code:xml}
> <server>
> <id>bitbucket.org</id>
> <privateKey>fullpath/to/private/key</privateKey>
> </server>
> {code}
> When we run {{mvn -ntp release:prepare}} we get the following error:
> {code:bash}
> [INFO] 11/17 prepare:scm-commit-release
> [INFO] Checking in modified POMs...
> [INFO] Executing: cmd.exe /X /C "git add -- pom.xml"
> [INFO] Working directory: D:\git\reponame
> [INFO] Executing: cmd.exe /X /C "git rev-parse --show-prefix"
> [INFO] Working directory: D:\git\reponame
> [INFO] Executing: cmd.exe /X /C "git status --porcelain ."
> [INFO] Working directory: D:\git\reponame
> [WARNING] Ignoring unrecognized line: ?? pom.xml.releaseBackup
> [WARNING] Ignoring unrecognized line: ?? release.properties
> [INFO] Executing: cmd.exe /X /C "git commit --verbose -F
> C:\Users\nfalco\AppData\Local\Temp\maven-scm-2141752647.commit"
> [INFO] Working directory: D:\git\os-devops-organisation-pom
> [INFO] Executing: cmd.exe /X /C "git symbolic-ref HEAD"
> [INFO] Working directory: D:\git\reponame
> [INFO] Executing: cmd.exe /X /C "git push
> ssh:********@bitbucket.org/owner/reponame.git
> refs/heads/master:refs/heads/master"
> [INFO] Working directory: D:\git\reponame
> [INFO] 12/17 prepare:scm-tag
> [INFO] Tagging release with the label 1.13...
> [INFO] Executing: cmd.exe /X /C "git tag -F
> C:\Users\nfalco\AppData\Local\Temp\maven-scm-699167272.commit 1.13"
> [INFO] Working directory: D:\git\reponame
> [INFO] Executing: cmd.exe /X /C "git push
> ssh:********@bitbucket.org/owner/reponame.git refs/tags/1.13"
> [INFO] Working directory: D:\git\reponame
> [INFO]
> ------------------------------------------------------------------------
> [INFO] BUILD FAILURE
> [INFO]
> ------------------------------------------------------------------------
> [INFO] Total time: 15.470 s
> [INFO] Finished at: 2025-04-08T15:54:53+02:00
> [INFO]
> ------------------------------------------------------------------------
> [ERROR] Failed to execute goal
> org.apache.maven.plugins:maven-release-plugin:3.1.1:prepare (default-cli) on
> project opensoftware-parent: Unable to tag SCM
> [ERROR] Provider message:
> [ERROR] The git-push command failed.
> [ERROR] Command output:
> [ERROR] g...@bitbucket.org: Permission denied (publickey).
> [ERROR] fatal: Could not read from remote repository.
> [ERROR]
> [ERROR] Please make sure you have the correct access rights
> [ERROR] and the repository exists.
> [ERROR]
> {code}
> Commit {{[maven-release-plugin] prepare release 1.13}} is pushed with success
> but fail to push annotated tag.
> If we add the environment variable
> {code:bash}
> GIT_SSH_COMMAND = "ssh -i d:\\builder.private.openssh"{code}
> the tag is pushed with success to remote
> {code:bash}
> ...
> [INFO] 12/17 prepare:scm-tag
> [INFO] Tagging release with the label 1.13...
> [INFO] Executing: cmd.exe /X /C "git tag -F
> C:\Users\nfalco\AppData\Local\Temp\maven-scm-826466640.commit 1.13"
> [INFO] Working directory: D:\git\reponame
> [INFO] Executing: cmd.exe /X /C "git push
> ssh:********@bitbucket.org/owner/reponame.git refs/tags/1.13"
> [INFO] Working directory: D:\git\reponame
> [INFO] Executing: cmd.exe /X /C "git ls-files"
> [INFO] Working directory: D:\git\reponame
> [INFO] 13/17 prepare:rewrite-poms-for-development
> [INFO] Transforming pom.xml opensoftware-parent 'Opensoftware'...
> [INFO] 14/17 prepare:remove-release-poms
> [INFO] Not removing release POMs
> [INFO] 15/17 prepare:run-completion-goals
> [INFO] 16/17 prepare:scm-commit-development
> [INFO] Checking in modified POMs...
> [INFO] Executing: cmd.exe /X /C "git add -- pom.xml"
> [INFO] Working directory: D:\git\reponame
> [INFO] Executing: cmd.exe /X /C "git rev-parse --show-prefix"
> [INFO] Working directory: D:\git\reponame
> [INFO] Executing: cmd.exe /X /C "git status --porcelain ."
> [INFO] Working directory: D:\git\reponame
> [WARNING] Ignoring unrecognized line: ?? pom.xml.releaseBackup
> [WARNING] Ignoring unrecognized line: ?? release.properties
> [INFO] Executing: cmd.exe /X /C "git commit --verbose -F
> C:\Users\nfalco\AppData\Local\Temp\maven-scm-1969078592.commit"
> [INFO] Working directory: D:\git\reponame
> [INFO] Executing: cmd.exe /X /C "git symbolic-ref HEAD"
> [INFO] Working directory: D:\git\reponame
> [INFO] Executing: cmd.exe /X /C "git push
> ssh:********@bitbucket.org/owner/reponame.git
> refs/heads/master:refs/heads/master"
> [INFO] Working directory: D:\git\reponame
> [INFO] 17/17 prepare:end-release
> [INFO] Release preparation complete.
> {code}
>
> Digging into the source code in Github repository I think I have found the
> root cause for this behaviour.
> In GitTagCommand class at [line
> 149|https://github.com/apache/maven-scm/blob/55f3e9ec07567ea97e3c58db5d495389d48b34b9/maven-scm-providers/maven-scm-providers-git/maven-scm-provider-gitexe/src/main/java/org/apache/maven/scm/provider/git/gitexe/command/tag/GitTagCommand.java#L149]
> the push command is created without pass the given GitScmProviderRepository
> to git CLI builder. This mean that the CLI builder at [line
> 101|https://github.com/apache/maven-scm/blob/55f3e9ec07567ea97e3c58db5d495389d48b34b9/maven-scm-providers/maven-scm-providers-git/maven-scm-provider-gitexe/src/main/java/org/apache/maven/scm/provider/git/gitexe/command/GitCommandLineUtils.java#L101]
> will not inject the GIT_SSH_COMMAND variable with the privateKey like the
> CheckInCommand does at [line
> 189|https://github.com/apache/maven-scm/blob/55f3e9ec07567ea97e3c58db5d495389d48b34b9/maven-scm-providers/maven-scm-providers-git/maven-scm-provider-gitexe/src/main/java/org/apache/maven/scm/provider/git/gitexe/command/checkin/GitCheckInCommand.java#L189]
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
