Perforce over SSL

Answered

Hi,
I am struggling with configuring Team City to download the source code from Perforce (P4) which can be accessed over the SSL. Without SSL everything work perfectly fine. All I actually did was to add "ssl:" in a front of the host specification. After running the build I got error message:

The authenticity of '123.123.123.123:1666' can't be established,
this may be your first attempt to connect to this P4PORT.
The fingerprint for the key sent to your client is
ff:ff:ff:ff:ff:B5:E8:4A:5B:05:AC:69:35:DF:10:DF:D0:8D:A1:EE
To allow connection use the 'p4 trust' command.



The problem is that running "p4 trust" doesn't help (from the command line). I tried several more things. Non of them works:
- Run 'p4 trust' as the Administrator and run TeamCity server service on Administrator credentials.
- Specify env.P4TRUST environment variable for the project configuration that points to the p4trust.txt file with the server trust entry.

When I am performing all P4 related actions from the command line, I can complete everything without any problems. My configuration looks like this:

P4USER=Some_User
P4PORT=ssl:perforce:1666

After running "p4 trust" I can add the server as a trusted one and continue working with the P4 repository.

If anyone has had a similar problem please share your findings.

Team City configuration:
- TeamCity Professional 7.1 (build 23907)
- Windows Server 2008 R2 Enterprise SP1 (64-bit)

Thank you,
Marek
5 comments
Comment actions Permalink

Hi Marek,

The solution that worked in my case is:

  1. Create new Windows user account with Administrator rights
  2. Log on to Windows using this new account (to create a profile)
  3. Open connection to the SSL server using P4V and accept the fingerprint (this would create .p4trust.txt file for this account), don't set P4TRUST env variable
  4. Set both TeamCity Server and Build Agent services to run using this new Windows account

The VCS Port value should look like: ssl:perforce.yourdomain.com:1666.

Cheers,
Andrzej

0
Comment actions Permalink

Hi Andrzej,
Thank you for your post. That's something that works for me. After creting a separate account for Team City and following your instructions, I am finally able to get successfully connected to the SSLed Perforce.

Best Regards,
Marek

0
Comment actions Permalink

Thanks for the info. Has anyone found a solution that doesn't require creating a new Windows user?

0
Comment actions Permalink

Hello,

TeamCity build agent should support .p4trust file which is stored in the home directory of the build agent user. Could you please do the following step:

  • login onto build agent machine under the same account as TeamCity build agent is run under
  • issue run the p4 trust command for needed url
  • make sure /Users/<username>/.p4trust file is created

Then set env.P4TRUST pointing to the .p4trust file in buildAgent.properties. Please let me know if it helps.

0
Comment actions Permalink

Hi Alina,

Thanks for the reply.  I was able to get it working yesterday and meant to make another post for anyone else who might be experiencing the issue.

I found TeamCity did not work if P4TRUST was not explicitly specified.  After specifying it, I had to restart the server so that the environment variable would be recognized by the TC server process.  Once I did so I was able to achieve a successful test connection in VCS root, and I was able to perform a successful build.  I did not have to create a new Windows user.  Note that I specified P4TRUST to be the Perforce default $HOME/p4trust.txt

On the agent side, all that I needed was to have a valid .p4trust file.  Here I again had it in the default $HOME/p4trust.txt (or $HOME/.p4trust like in your step).   I did not have to specify P4TRUST, and as such did not have to restart the agent.

Thanks!
Gabe

0

Please sign in to leave a comment.