LDAP members of subgroup cannot be added in the reviewers list
104 views
Skip to first unread message
Ansar M
Aug 2, 2018, 12:07:03 PM8/2/18
to Repo and Gerrit Discussion
Hi Team,
As we are unable to add the groups in reviewers list.
Steps to reproduce:
1) created a group in Gerrit named "test-group"
2) added ldap group as subgroup in test-group
3) Tried to add the test-group to reviewers list but unable to add.
But we are able to add the group where members are added manually or directly to the group. Only the issue occurring while adding the ldap group as subgroup.
Please help us to resolve the issue.
Regards
Ansar
As we are unable to add the groups in reviewers list.
Steps to reproduce:
1) created a group in Gerrit named "test-group"
2) added ldap group as subgroup in test-group
3) Tried to add the test-group to reviewers list but unable to add.
But we are able to add the group where members are added manually or directly to the group. Only the issue occurring while adding the ldap group as subgroup.
Please help us to resolve the issue.
Regards
Ansar
Gert van Dijk
Aug 2, 2018, 12:29:34 PM8/2/18
to Repo and Gerrit Discussion
On Thursday, 2 August 2018 18:07:03 UTC+2, Ansar M wrote:
Steps to reproduce:
1) created a group in Gerrit named "test-group"
2) added ldap group as subgroup in test-group
3) Tried to add the test-group to reviewers list but unable to add.
But we are able to add the group where members are added manually or directly to the group. Only the issue occurring while adding the ldap group as subgroup.
I think you're describing a known issue, which is unresolved at this time, unfortunately. References:
Richard Christie
Aug 2, 2018, 12:50:20 PM8/2/18
to Repo and Gerrit Discussion
We got around this problem by creating a plugin (though it could have been done by external service) which manually dumps groups out of LDAP and adds them to gerrit as real gerrit groups named <organisation>.<group>.<group-name>.
It updates the gerrit groups with the real contents of ldap, keeping them in synch with changes every 5 mins or so. This also solved a confusing legacy issue we have with out unix groups that we have many called similar things with the same unix group id to get around historical limitations of NIS. i.e. we also coalesce these by group id.
The group's description in gerrit holds the original server and GID, so if groups ever rename we should rename in gerrit too.
The only operation we do not support is delete, (we just empty the group in gerrit) because AFAIK gerrit doesn't seem to support deletion of groups.
Once we've fixed anything that breaks as a result of group transition to note-db in 2.16, we might well opensource it if there's interest.
Prabhu kondarangi
Jan 19, 2022, 2:34:12 AM1/19/22
to Repo and Gerrit Discussion
Hi Guys,
I am looking for the latest update of this thread hence raising a question here.
Do we have a fix available to add an LDAP group as a reviewer?
I appreciate your valuable inputs. Thanks!
Regards,
Regards,
PK
Edwin Kempin
Jan 19, 2022, 2:38:48 AM1/19/22
to Repo and Gerrit Discussion
On Wednesday, January 19, 2022 at 8:34:12 AM UTC+1 prabh...@gmail.com wrote:
Hi Guys,I am looking for the latest update of this thread hence raising a question here.Do we have a fix available to add an LDAP group as a reviewer?
AFAIK nobody implemented this yet:
Reply all
Reply to author
Forward
0 new messages