Change default Gerrit HTTP auth method

The current default HTTP authentication method for Zuul's Gerrit driver is Digest, but that has not been supported by Gerrit since version 2.15. Change the default to Basic which matches the current default and should be the value for most Gerrit installations. Change-Id: I4b034311dba53d959b4e1dfd2e9319ade45b1438
2020-01-23 13:52:15 -08:00 · 2020-01-23 13:52:15 -08:00 · a7a9c8b38f
commit a7a9c8b38f
parent b33afa1b68
3 changed files with 19 additions and 10 deletions
--- a/doc/source/reference/drivers/gerrit.rst
+++ b/doc/source/reference/drivers/gerrit.rst
@ -103,18 +103,19 @@ The supported options in ``zuul.conf`` connections are:
      section of the ``Settings`` page in Gerrit.

   .. attr:: auth_type
-      :default: digest
+      :default: basic

      The HTTP authentication mechanism.

-      .. value:: digest
-
-         HTTP Digest authentication; the default for most Gerrit
-         installations.
-
      .. value:: basic

-         HTTP Basic authentication.
+         HTTP Basic authentication; the default for most Gerrit
+         installations.
+
+      .. value:: digest
+
+         HTTP Digest authentication; only used in versions of Gerrit
+         prior to 2.15.

      .. value:: form

--- a/releasenotes/notes/gerrit-default-auth-c6165622bffc6434.yaml
+++ b/releasenotes/notes/gerrit-default-auth-c6165622bffc6434.yaml
@ -0,0 +1,8 @@
+upgrade:
+  - |
+    The default for :attr:`<gerrit connection>.auth_type` has changed from
+    ``digest`` to ``basic``.  Digest authentication has not been supported
+    in Gerrit since version 2.15.
+
+    If your Zuul connects to an older version of Gerrit via HTTP
+    authentication, you may now need to explicitly set this value.
--- a/zuul/driver/gerrit/gerritconnection.py
+++ b/zuul/driver/gerrit/gerritconnection.py
@ -483,12 +483,12 @@ class GerritConnection(BaseConnection):
                zuul_version.release_string,
                requests.utils.default_user_agent())
            self.session = requests.Session()
-            if self.auth_type == 'basic':
-                authclass = requests.auth.HTTPBasicAuth
+            if self.auth_type == 'digest':
+                authclass = requests.auth.HTTPDigestAuth
            elif self.auth_type == 'form':
                authclass = FormAuth
            else:
-                authclass = requests.auth.HTTPDigestAuth
+                authclass = requests.auth.HTTPBasicAuth
            self.auth = authclass(
                self.user, self.password)