Hi,Thanks for the reply!I have just created a tag as I always do - "git tag -a v1.0.2" in this case. However, after adding the "Push" right to the users (to refs/tags/*), things seems to work like before.
Le vendredi 4 mai 2018 08:59:48 UTC+2, Peter Olsson a écrit :Hi,Thanks for the reply!I have just created a tag as I always do - "git tag -a v1.0.2" in this case. However, after adding the "Push" right to the users (to refs/tags/*), things seems to work like before.I had the same issue.
Worked in 2.14 but required explicit push rights under refs/tags/* to work.
I'm not sure if the previous or the new behaviour is the correct one?Regards,Peter Olsson
Den torsdag 3 maj 2018 kl. 15:07:19 UTC+2 skrev Gert van Dijk:It looks like you are pushing new content to the tags (refs), according to the error output. If that's indeed the case, you will need the Push permission on the ref as well and that would not be different between 2.14 and 2.15 if I'm correct.
On Thursday, 3 May 2018 13:38:26 UTC+2, Peter Olsson wrote:Hello,Are there any new access rights that must be updated/added after migrating from 2.14.7 to 2.15.1, for allowing push of tags?Before upgrade this worked without any issues, after upgrade we get this:! [remote rejected] v1.0.2 -> v1.0.2 (prohibited by Gerrit: update for creating new commit object not permitted)We have these rights assigned for the repository:Reference: refs/tags/*Create Reference: Project OwnersCreate Signed Tag: Project OwnersCreate Annotated Tag: Project OwnersRegards,Peter Olsson
--
--
To unsubscribe, email repo-discuss...@googlegroups.com
More info at http://groups.google.com/group/repo-discuss?hl=en
---
You received this message because you are subscribed to the Google Groups "Repo and Gerrit Discussion" group.
To unsubscribe from this group and stop receiving emails from it, send an email to repo-discuss...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
I have just created a tag as I always do - "git tag -a v1.0.2" in this case. However, after adding the "Push" right to the users (to refs/tags/*), things seems to work like before.I'm not sure if the previous or the new behaviour is the correct one?
Just to avoid confusion here. I did not tag contents that was unknown to the server in this case. I just tried to push a tag that referenced an existing commit (both locally and on the server). And to do this I had to add the push rights to refs/tags/*.
Hello again!Just to avoid confusion here. I did not tag contents that was unknown to the server in this case. I just tried to push a tag that referenced an existing commit (both locally and on the server). And to do this I had to add the push rights to refs/tags/*.
Regards,Peter Olsson
Den tisdag 8 maj 2018 kl. 09:05:08 UTC+2 skrev Gert van Dijk:On Friday, 4 May 2018 08:59:48 UTC+2, Peter Olsson wrote:I have just created a tag as I always do - "git tag -a v1.0.2" in this case. However, after adding the "Push" right to the users (to refs/tags/*), things seems to work like before.I'm not sure if the previous or the new behaviour is the correct one?
Glad that it helped!
Just wanted to add that it should be very uncommon to create new tags for content that's unknown to the server, right? I mean, generally speaking, someone would only set a tag on a commit that has been submitted in Gerrit or at least part of a branch. If you need this permission to create your tag, this means you're pushing new content that's only part of this tag and not in any branch.
I think it's very powerful to prevent this from happening with Gerrit by not granting this permission.
And thanks Edwin for the exact pointer!
--
I did some further testing, and it seems to be a problem only when pushing via https.I did tests with the same user, using both ssh and https. When using ssh it worked without the push rights, but with https, push rights was required.Should I open a ticket for this?
--