Uploaded image for project: 'Artifactory Binary Repository'
  1. Artifactory Binary Repository
  2. RTFACT-20305

Build Promotion without overwrite permission fails with unique pattern in PyPi repository

    Details

    • Type: Bug
    • Status: Open
    • Priority: Normal
    • Resolution: Unresolved
    • Affects Version/s: 6.7.0, 6.12.2, 6.13.1
    • Fix Version/s: None
    • Component/s: None
    • Labels:
      None

      Description

      The second build promotion is failing for Pypi (local) repositories for a non-admin user who does not have delete/overwrite permissions for the repositories, even though the published artifacts names are different.

      Step 1: Create two Pypi local repositories named pypi-local and pypi-release

      Step 2: Assign Read, annotate, deploy and delete permissions to pypi-local repository for a user.

      Step 3: Assign Read, annotate, deploy permissions to pypi-release repository for a user and configure JFrog CLI with the user.

      Step 4: Uploaded the package pokemonscli-1.0.2.tar.gz with build number 1 to pypi-local repository
                   jfrog rt bce pokemon 1
                   jfrog rt upload --build-name pokemon --build-number 1 pokemonscli-1.0.2.tar.gz pypi-local/pokemon/

      Step 5: Published the build info for package pokemonscli-1.0.2.tar.gz with build number 1
                   jfrog rt build-publish pokemon 1

      Step 6: Promoted the package from pypi-local to pypi-release repository. Build Promoted successfully*(build number 1)*.
                   jfrog rt build-promote pokemon 1 pypi-release

      Step 7: Uploaded the package pokemonscli-1.0.3.tar.gz to local repository with build number 2 to pypi-local repository.
                   jfrog rt bce pokemon 2
                   jfrog rt upload --build-name pokemon --build-number 2 pokemonscli-1.0.3.tar.gz pypi-local/pokemon/

      Step 8: Published the build info for package pokemonscli-1.0.3.tar.gz with build number 2.
                   jfrog rt build-publish pokemon 2

      Step 9: Tried Promoting the package from pypi-local to pypi-release repository with build number 2.
                   jfrog rt build-promote pokemon 2 pypi-release
      Build promotion failed with “User doesn't have permissions to override 'pypi-release:proj1'. Needs delete permissions.”

      Error Snippet from Artifactory:

      2019-10-09 09:57:39,006 [http-nio-8081-exec-10] [ERROR] (o.a.r.s.m.BaseRepoPathMover:457) - User doesn't have permissions to override 'pypi-release:proj'. Needs delete permissions.

      2019-10-09 09:57:39,031 [http-nio-8081-exec-10] [INFO ] (o.a.b.BuildPromotionHelper:214) - Skipping promotion status update: item promotion was completed with errors and warnings.

      Step 10: Tried to Upload, Publish and Promote different packages mentioned below
      cran-0.1.14.tar.gz - build number 3
      cran-0.1.13.tar.gz - build number 4
      fastcluster-1.1.25.tar.gz - build number 5
      fastcluster-1.1.24.tar.gz - build number 6
      All the build promotions are successful (build number 3,4,5,6)

      Step 11: Take the same package pokemonscli-1.0.3.tar.gz which was tried to promote with build number 2 and upload it with a different build number 7
      Step 12: Publish the build info for pokemonscli-1.0.3.tar.gz with build number 7.
      Step 13: Tried Promoting the package from pypi-local to pypi-release repository with build number 7. Build promotion failed with

      “User doesn't have permissions to override 'pypi-release:proj1'. Needs delete permissions.”

      Step 14: Not able to Promote the package pokemonscli-1.0.3.tar.gz even with different build number (As mentioned in step 13).

      Step 15: Could observe that only the second build promotion is failing for a non-admin user who does not have permissions to delete/overwrite in the pypi-release repository.

      Step 16: Observed the same behaviour with older artifactory versions.

       

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              vigneshs Vignesh S
            • Votes:
              1 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated: