mailing list mirror (one of many)
 help / color / mirror / code / Atom feed
* Temporary credentials timeout during long operations
@ 2020-07-13 19:48 Peterson, Alex
       [not found] ` <>
  0 siblings, 1 reply; 2+ messages in thread
From: Peterson, Alex @ 2020-07-13 19:48 UTC (permalink / raw)
  To: git

Greetings,  recently I've run into an issue where long push operations fail when using a credential helper like the AWS CodeCommit helper because it provides time-limited credentials which expire during the operation.  Is there an existing method to enforce refreshing credentials from a credential helper on the client or should I go down the path of creating a credential.timeout feature that automatically refills credentials from helpers during long operations to avoid this issue?

Steps to reproduce:
1. Create a repository with LFS
2. Add a large file that will take a long time to push (long enough for the credentials to expire)
3. Enable a helper that provides temporary credentials 
4. Set a remote that uses HTTPS and git push

All initial HTTPS commands authenticate OK and the LFS file uploads fine but by the time it is done, the credentials have expired so the final git-receive-pack fails and the entire push operation fails.

> POST /v1/repos/example/git-receive-pack HTTP/1.1
< HTTP/1.1 403 
error: RPC failed; HTTP 403 curl 22 The requested URL returned error: 403 
fatal: the remote end hung up unexpectedly 

For testing purposes I modified post_rpc() so that it always requests new credentials before every HTTPS request, and was able to push any number of large files.

SSH works fine (with keepalives enabled) and so does HTTPS with a permanent username/password, it's just the credential helpers that provide time-limited credentials.


^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2020-08-26  1:44 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-07-13 19:48 Temporary credentials timeout during long operations Peterson, Alex
     [not found] ` <>
     [not found]   ` <>
2020-08-26  1:44     ` brian m. carlson

Code repositories for project(s) associated with this public inbox

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).