Tuesday, February 11, 2014

Red Hat JBoss BPM Suite - access GIT project using SSH


This is one of the most asked questions that I have been getting since the release last week of Red Hat JBoss BRMS & Red Hat JBoss BPM Suite v6 products.

For this article, I will be referencing JBoss BPM Suite product as this is a super set of the JBoss BRMS product. This means that all I describe below in this solution below applies to both products.

It all has to do with the new development and deployment models that are introduced when the repository being used is GIT based.

If we take a closer look at the JBoss BPM Suite architecture we see that the repository linking business users and the development teams is a GIT repository.

JBoss BPM Suite architecture
The usual work flow would have the business analysts working in the JBoss BPM Suite web based GUI tooling using model designers, process designers, and various rule designers to put together their projects. Once this has been completed, or parallel to this work, developers in the organization can work on their applications and contribute to support the business analysts with updates.

When we were working and testing the initial beta releases of the product this was all done through the unsecured git-based protocol, which allowed you to clone and push without any form of authentication. This would look like the following example, using the Generic Loan Demo, of cloning a read-only copy of the project:

$ git clone git://localhost/bpms-generic-loan

Cloning into 'bpms-generic-loan'...
remote: Counting objects: 266, done
remote: Finding sources: 100% (266/266)
remote: Getting sizes: 100% (213/213)
remote: Compressing objects:  51% (110/212)
remote: Total 266 (delta 22), reused 133 (delta 19)
Receiving objects: 100% (266/266), 47.97 KiB, done.
Resolving deltas: 100% (54/54), done.

As of the final product release, it is no longer possible to push your changes without authentication.

If you should try to push any changes you will see the following errors:

$ git push

fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.

To achieve this you would make use of the SSH protocol when you clone and push your projects. This would look like the following, again using the Generic Loan Demo project:

Secure clone project

$ git clone ssh://erics@localhost:8001/bpms-generic-loan

Cloning into 'bpms-generic-loan'...

The authenticity of host '[localhost]:8001 ([127.0.0.1]:8001)' can't be established.
DSA key fingerprint is 62:c2:c5:4c:22:3a:dd:8e:24:34:bf:3f:16:e7:3c:73.
Are you sure you want to continue connecting (yes/no)? yes

Warning: Permanently added '[localhost]:8001' (DSA) to the list of known hosts.
Authenticated with partial success.
Password authentication

Password: bpmsuite   <<<<< enter-password-here

remote: Counting objects: 266, done
remote: Finding sources: 100% (266/266)
remote: Getting sizes: 100% (213/213)
remote: Compressing objects:  51% (110/212)
remote: Total 266 (delta 22), reused 133 (delta 19)
Receiving objects: 100% (266/266), 47.97 KiB, done.
Resolving deltas: 100% (54/54), done.

Secure push changes

$ git push

Authenticated with partial success.
Password authentication

Password: bpmsuite   <<<<< enter-password-here

Counting objects: 5, done.
Delta compression using up to 4 threads.
Compressing objects: 100% (3/3), done.
Writing objects: 100% (3/3), 282 bytes, done.
Total 3 (delta 2), reused 0 (delta 0)
remote: Resolving deltas: 100% (2/2)
remote: Updating references: 100% (1/1)
To ssh://erics@localhost:8001/bpms-generic-loan
   f789a22..659ef75  master -> master

I hope this helps you along as you explore and expand you knowledge while developing your BPM projects with the JBoss BPM Suite.