Hi Jim.

Comments inline.


On Fri, Oct 31, 2008 at 9:32 AM, Jim Lloyd <[EMAIL PROTECTED]> wrote:

> Hi,
>
> I've spent the last couple days installing and configuring reviewboard for
> the first time. We use a subversion repository and developers use the
> svn+ssh access method. My initial attempts to configure reviewboard to use
> svn+ssh failed. I was able to submit a change with post-review, and see that
> a review record had been created in reviewboard, but reviewboard failed to
> retrieve the diff. I experimented a bit with my configuration settings, but
> eventually I did the workaround of configuring the apache/mod_dav_svn access
> for our repository, supporting read-only operations, and then configured
> reviewboard to access the repository via http. This allowed reviewboard to
> get the base revision, and I concluded that I was done.
>
> However, a new post-review now gives the error:
> Error creating review request: The repository path specified is not in the
> list of known repositories (code 206)
>
> I'd appreciate it if someone could give some authoritative answers to what
> are hopefully trivial questions:
>
>    1. Does reviewboard work fine with just svn+ssh access?
>
> It should, yes.


>
>    1.
>    2. If so, I'd like to create a 'reviewboad' account that reviewboard
>    will use as its identity when performing any svn operations. Can this
>    account work with read-only access to the repostitory?
>
>
Review Board never writes to the repository in any way, so a read-only
account would work fine. Though, if there's anonymous access to the
repository, that often works better.


>    1.
>    2. In the repositories configuration, for an svn+ssh repository, the
>    password should be the unix login password for the reviewboard userid,
>    correct?
>
> Correct.


>
>    1.
>    2. The password seems to be stored in plain text. Is there a more
>    secure setup available, perhaps using ssh PubkeyAuthentication?
>
> Yes, unfortunately it is stored in plain text. What you should be able to
do is sudo to the user that the web server runs as, generate a
public/private key, and then configure the server to give that key access
without requiring a password. Assuming you have complete control as to
what's running on your system, that should be fine. If you lock down this
user on the server and on the repository, even better.


>
>    1.
>    2. In the repositories configuration, there is a field labelled "Mirror
>    path:". Can I use this to allow both svn+ssh and http access to the same
>    repository?
>
> Yeah. What basically happens is that Review Board will check either the
main repository path or the mirror path when looking up a repository (say,
from post-review), but will use the mirror path (if set) for the actual
calls to the server. (Why it uses the mirror path and not the main one, I
don't recall anymore -- I think it was due to how we had things set up at
VMware originally to work around something).

So you can set the mirror path to be https, and then use svn+ssh for the
main repository path, and post-review will verify the local user's svn+ssh
path against that.

Christian

--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups 
"reviewboard" group.
To post to this group, send email to reviewboard@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/reviewboard?hl=en
-~----------~----~----~----~------~----~------~--~---

Reply via email to