Menu
I need to write a script that can push a tag from a build server to a git server WITHOUT USING SSH KEYS.
More people have access to the build server than to the git server, so SSH keys won't work because then anyone could push to the git server without specifying their own credentials.
The script will be run from Jenkins/Hudson, which prompts the user for a username and password when it begins the build, then passes them as environment variables to the script.
The problem is, I can find no way to force git to accept the password programmatically.
I tried:
echo %password% | git push
as well as
git push < tempfilewithpassword.txt (not that writing the password to a temp file is a good idea anyway).
But in both cases git still prompts for the password.
UPDATE: I also have tried a python script, redirecting stdin and stdout, no luck, still get the prompt.
UPDATE: Additionally I tried Expect for Windows, which does NOT get a prompt, either in the console OR in Expect itself (I.E. Expect never sees any output from git, it just times out eventually).
Any suggestions?
NOTE: Let me clarify, because people are really getting hung up on using SSH keys.
Requirements:
As far as I know, NOTHING that involves setting up SSH keys will satisfy this (unless I require the user to upload their SSH key when they initiate the script, which is not convenient).
510
If you don't want anyone to have push access to your git repository, create a separate user on the build server which no-one but you has access to, and ensure its home directory is readable only by yourself. This user will be used when you want to do tagging or other pushing to your repository from the script. Now you can set up ssh keys normally.
However, I have to wonder, why does it have to be the build server that initiates the push/pull? Can't a script on the machine which contains your repo initiate it? Then the whole issue would be moot, surely?
185
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
