VSCode Pull Requests - Organization - github

I have my personal GitHub account which has been given access to Repos that exist as part of an organization. I'm trying to create a pull-request from within VSCode for these Repos, but I get the below error.
Is there a setting I'm just missing?
[Info] GitHubRepository> Creating pull requests failed: HttpError: Validation Failed: {"resource":"PullRequest","field":"head","code":"invalid"}

HttpError
Check first if you have a git config credential.helper set (to, for instance on windows, manager-core)
If you have, that means the wrong credentials (username/password) are cached in said credential helper. They are not the ones for your organization GitHub account.
See GitHub "Caching your GitHub credentials in Git" and update them.

Related

remote: Write access to repository not granted. - admin of repo but within an organisation

I'm part of an organization, and through the UI I can create a private repository inside that organization.
Going on repository -> setting -> Collaboration and team, I can see
I'm the admin
I've created my PAT and in fact, I can commit and push other
public repositories.
But if I clone this new repository I get "fatal: unable to access"
Is there anything specific to do when creating repos inside an organization?
If I try to create a new PAT and try to create it for specific repos, I can't see this new repo in the list of my repos! So I have to create it for "All repositories".
Other trials:
git clone https://<username>:<token>#github.com/orgName/repoName failed
git clone https://<username>#github.com/orgName/repoName failed
git clone https://github.com/orgName/repoName of course failed as well
BUT, one strange thing:
git clone https://<token>#github.com/orgName/repoName asked me for a password
I didn't go on, maybe it's recognized just as a new username so it was asking for a password
Turns out for whatever reason you have to use ssh and cannot use PAT and https. After registering a key on GitHub everything worked as expected.
Here is the guide: https://docs.github.com/en/authentication/connecting-to-github-with-ssh/checking-for-existing-ssh-keys
If it is a private repository that is accessed using the classic Personal Access Token(PAT) try resetting the fetch and push url for the remote repo by running:
git remote set-url origin https://<classic PAT >#github.com/organization_name/repo_name
In order to do the same while using the newer fine-grained token:
git remote set-url origin https://oauth2:<fine-grained PAT >#github.com/organization_name/repo_name
If indeed the Personal access token above is authorized to access that repo you should now be able to do all functions from before such as cloning, pushing and pulling.

Permission denied to git push as a contributor

Recently I have been added as a contributor to a program allowing me to make some changes but I can't git push my fixed code to the repo.
The error is as follows:
remote: Permission denied to myusername.
fatal: unable to access 'program URL': The requested URL returned error: 403
I can create a pull request to modify the file but my instructor said it would be troublesome if he had to check the request and merge them every time so he added me as a contributor.
I googled my question and some said I need to add my SSH key to my instructor's account, but does it mean I have permissions to all repo of my instructor?
I'm just a beginner in github, many thanks for your help!
You need to have an SSH key for your own account (not your instructor's). If he added you as a contributor and you cloned the repository via SSH (as it seems you did), Github will check your personal SSH key to identify you whenever you try to push.
Just follow these steps to add your SSH key to your account: https://docs.github.com/en/github/authenticating-to-github/connecting-to-github-with-ssh/adding-a-new-ssh-key-to-your-github-account

Git repository permissions issue in Azure DevOps Pipeline

In an Azure Pipelines Task, I am attempting to create and push a new branch. I am able to clone the repo using the $(System.AccessToken) variable, bit when I try to push the new branch I get the following error:
remote: TF401027: You need the Git 'GenericContribute' permission to perform this action. Details: identity 'Build\(GUID)', scope 'repository'.
If I check my repository security, I see that both the Build Service user and Project Collection Build Service Accounts group has Contribute, Create Branch, Contribute to pull request, and Create Tag permission set to "Allow", which from all the research I've done is all I should need to do.
How can I troubleshoot this issue? I assume that either I am missing something silly, or there's a permissions inheritance issue. However, if I'm setting security on the repository itself my assumption is that should override any inherited permissions.
Pipeline:
steps:
- powershell: |
git -c http.extraheader="AUTHORIZATION: bearer $(System.AccessToken)" clone "https://repoaddress/_git/common"
cd common
git checkout develop
git checkout -b release/$(build.buildNumber) $(build.buildNumber)
git -c http.extraheader="AUTHORIZATION: bearer $(System.AccessToken)" push -u origin HEAD
displayName: 'Create Branch From Tag'
Permissions:
It should caused by your build service account do not have the contribute permission for this repository.
Go Project setting --> Repositories --> click Repos you want to operate -->set repository permissions accordingly.
Note: Service account is Project Collection Build Service (org name)
Update1
I got the issue, add this service account {project name} Build Service ({Org name}) and configure the account permission, it will work.
According to the error message: Details: identity 'Build\(GUID)', scope 'repository'., we could get the service account GUID
Check this REST API, it could list the service account, we could search the service account name via the GUID, then configure the permission.
Update2
Since you are using AccessToken, it update the repo via service account, as another workaround, we could use Personal access token do the same things, and it do not need to configure service account permission.
Update2
A sample power shell script to clone the repo via PAT token:
$MyPat = 'yourPAT'
$B64Pat = [Convert]::ToBase64String([System.Text.Encoding]::UTF8.GetBytes(":$MyPat"))
git -c http.extraHeader="Authorization: Basic $B64Pat" clone https://dev.azure.com/yourOrgName/yourProjectName/_git/yourRepoName
And we will receive two notifications during the lifetime of a PAT - one upon creation and the other seven days before the expiration. You could refer to this doc for more details.
Seven days before your PAT expires, you receive a notification similar to the following example.
Then we could change the Expiration time.

Azure Devops git credentials not authenticating when try doing git pull

I've set up a git repo in Azure Dev Ops and I'm trying to do a git pull to my computer via https. I set up a credential alias in Dev Ops (this seemed to be the only authentication method that worked for pulling originally).
When I pull to my computer I'm being prompted for the alias password (which is definitely correct, as is working on other computers). When I enter the password I'm getting the following error message:
fatal: Authentication failed for [git url]
Does anyone know what might be causing this?
The email address linked to the Dev Ops account has been added to the team members in Dev Ops (this was causing issues with git pulling on another computer, however this resolved that instance of the error)

SSH access to GitHub repository

I have followed the process described in Multiple GitHub Accounts & SSH Config (stefano's answer) and have set up SSH access to multiple repositories using deploy keys. I've tried that on repositories of a specific GitHub organization and it works fine - I can pull and push changes. I've also tried this on my user area and it still works great.
However, when trying this on repositories in another GitHub organization (e.g. when doing a git push) it fails with the following error
ERROR: Permission to XXXX/YYYY.git denied to deploy key
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
When checking SSH access through ssh -T I get
"Hi XXX/YYYY! You've successfully authenticated, but GitHub does not provide shell access."
which suggests that SSH should be working.
I have gone through the organization settings (main page for GitHub organization > Settings) and they have pretty much identical settings, except from what you would expect to be different e.g. contact email etc.
I was wondering if anyone has any ideas about what could be causing this. Are there any more organization settings somewhere by any chance?
ERROR: Permission to XXXX/YYYY.git denied to deploy key
This looks like you are trying to push using a deploy key. This key is used for deployment and therefore only to read-only access of your repository. Make sure you have the key which is enrolled in your github account, make sure it is used (IdentityFile in ~/.ssh/config) and get rid of the deploy key from the standard location which is picked by default (~/.ssh/id_{rsa,dsa,ecdsa,ed25519}). Note, that if there are more "valid" keys, only the firs succeeds.