id	summary	reporter	owner	description	type	status	priority	milestone	component	version	resolution	keywords	cc	blockedby	blocking	notify_on_close	platform	project
15260	Programmatic access to Trac	Zach Pearson	Zach Pearson	"I like Trac and I recognize the strengths it gives us, but I'm pretty envious of the GitHub close-on-push workflow. It's kind of a nightmare to try and remember to link the commit that closed a ticket to the ticket. 

I'd like it if when I pushed commits to GitHub, some script would look at the commit and if it closes a ticket, copy the body of the commit into a Trac comment and close the ticket.

Say the commit was 

{{{
fix(bundle): Summary
<reasoning>
Fixes Trac#15118
}}}


To update Trac tickets, you have to first GET the ticket and note the time of the most recent change, then include that in your subsequent request. Trac will check it against what it thinks the most recent change time is and reject your request if it is older, to prevent out of order edits. So the script would GET /trac/ChimeraX/15118, note the most recent change (in the <head> HTML tag Trac includes a script that has a list of JSON objects describing all changes with timestamps) then POST 

{{{
__FORM_TOKEN: <form token from Trac cookie>
comment: [https://www.github.com/rbvi/ChimeraX/<commit hash> Fixed:] + <commit body>
action: resolve
action_resolve_resolve_resolution: fixed
submit: Submit changes
field_reporter: <user>
start_time: <most recent change time from get>
view_time: <most recent change time from get>
}}}

Having this be a client side utility is somewhat more flexible because there can be other resolutions to tickets that aren't prompted by commits, like invalid, wontfix, or 'can't reproduce'. I can write code that formats the comment for me and sends the request. I'm just unable to figure out how to authenticate to our Trac on the command line since it is kerberized. 

I copied krb5.conf to my local machine and added my identity to it

`ktutil add --keytab=/etc/kbr5.keytab -p zjp@CGL.UCSF.EDU -w $(rbw get cgl) -e aes256-cts-hmac-sha1-96 -V 1`
(rbw is a command line program to access Bitwarden vaults)

then I ran `kinit` and got a TGT (I think)?

But I can't successfully authenticate. 

`curl -v --negotiate -u: https://rbvi.ucsf.edu/admin/kerbtest.py`

Gives me a 401

I also see `* gss_init_sec_context() failed:  An unsupported mechanism was requested. unknown mech-code 0 for mech unknown.` in the output, but I think this might be a red herring. I also get a 401 at first on my browser, then a popup window asking for my username and password. Then when I enter that, I get no indication of anything happening. My request for the original page simply goes through. 

"	enhancement	closed	minor		Platform		fixed		Greg Couch				all	ChimeraX