I just created a IAM User in AWS and am now wanting to add the access key ID and the secret access key to my forked Github project for use in GitHub actions
I use the same name as defined in my workflow yml for GitHub actions, and enter the text copied from IAM, and I get this error with no further text:
Failed to add secret. Please try again.
Do you know what may cause this?
I had the same issue on Safari. The console showed JS errors:
"Unrecognized Content-Security-Policy directive 'worker-src'"
...
Setting the secret through Chrome worked though.
Related
Build pipeline is failing with following error. Please suggest
I have set up key valut already.
Yes you have set up the KeyVault, but the service connection needed to access the keyVault seems to be missing.
If you have created the service connection too, then you just need to authorize the service connection(one time activity), you can try clicking on the Authorize resources button (bottom-right in the screenshot).
Here are the steps I did and got the error every time...
Created docker registry in jfrog artifactory and added container there.
create access token on jfrog artifactory
create secret in aws secret manager side (username: password:). Added Task execution role to add secretsmanager:*
create ECS task definition. Add private repository and add secret manager ARN
run the task and wait to see NGINX container to run... and finally got below error..
"asm fetching username: authorization data is malformed, empty field"
Not sure what wrong i am doing here. Here is the Doc has given by AWS on same. But still not working...
https://aws.amazon.com/blogs/compute/introducing-private-registry-authentication-support-for-aws-fargate/
Any help appreciated!
this is my mistake; I added a space after "username " section in AWS SM. once delete that space, it worked immidiate.
Need to write username and password spelling correctly in key value pair.
I get the following error
We cannot complete your request
server_error: The request could not be completed. Please try again later.
Error link:
https://login.live.com/HandleGithubResponse.srf?code=c3f48c4783f6d1d5ef1b&state=38FEE58AB9343DAB#
update
I used GitHub to log in to Azure before, and published a plugin. Now, when I want to log in to Azure using GitHub, I will be forced to log in to my MS account. My mailbox is rxliuli#gmail.com on both MS and GitHub.
At the same time, I created an organization rxliuli after logging in with an MS account, Azure did not have any errors, but when I want to log in to rxliuli (create a personal token), it will prompt ERROR Failed request: (401) What's wrong, is there any way for me to use the publisher name rxliuli after logging in with GitHub before?
update
I can't use vsce to create any new users right now. . .
update
Currently, I can use github to log in to azure, but using vsce login rxliuli still shows ERROR Failed request: (401), I am sure that the token has all permissions and has not expired
Well, actually because the token I created has no choice to allow all organizations. . .
ref: https://code.visualstudio.com/api/working-with-extensions/publishing-extension#i-get-403-forbidden-or-401-unauthorized-error-when-i-try-to-publish-my-extension
The official boilerplate code injects the npm token as follows
NODE_AUTH_TOKEN: ${{secrets.npm_token}}
How do I access and set this variable? I cant find it in the GUI.
Go to your project in Github
Select the Settings tab
Click the Secrets section in the left hand menu
Add a new secret and provide a name (e.g. npm_token) and a value.
In addition to the GUI, you now (January 2020) have a GitHub Actions API(!, still beta though), as announced here.
And it does include a GitHub Actions Secrets API:
Create or update an repository secret:
Creates or updates an organization secret with an encrypted value. Encrypt your secret using LibSodium.
You must authenticate using an access token with the admin:repo scope to use this endpoint.
GitHub Apps must have the secrets organization permission to use this endpoint.
PUT /repos/{owner}/{repo}/actions/secrets/{secret_name}
Get a repository secret
Gets a single secret without revealing its encrypted value.
Anyone with write access to the repository can use this endpoint.
GitHub Apps must have the secrets permission to use this endpoint.
GET /repos/:owner/:repo/actions/secrets/:name
So the GUI is no longer the sole option: you can script and get/set an Actions secret through this new API.
This page is hard to find, but it exists in the official docs here: Creating and using secrets (encrypted variables).
Copied from the docs below for convenience:
Secret names cannot include any spaces. To ensure that GitHub redacts
your secret in logs, avoid using structured data as the values of
secrets, like JSON or encoded Git blobs.
On GitHub, navigate to the main page of the repository.
Under your repository name, click Settings.
In the left sidebar, click Secrets.
Type a name for your secret in the "Name" input box.
Type the value for your secret.
Click Add secret.
The link above has a bit more info around using secrets as well.
I've created a simple CLI that can help you achieve that - https://github.com/unfor19/githubsecrets
This CLI is based on the official API. You can install it with pip or use Docker, read the README.md for more information
Again i got stuck to achive the target to trigger deployment once code is pushed to repo, I search the net but i found only old information github is updated and as per there instruction i setup all values but still not working so its look i am missing something I tried to follow the instruction but it seems old http://bytes.babbel.com/en/articles/2014-01-22-github-service-hook-for-aws-ops-works.html
The interface is confusing and i am confused because there is no connection between repo name and opswork service , so what value webhook should send to opswork service ?
Below is what i understood
Setup webhook and it will trigger and send pay load to CI or services as needed once code is pushed to repo (this part is working and send payload to some where) : But this is failing because its Payload URL should i give the opswork service url generated by git hub ?
Opswork services : This is not working ,
App
Given from AWS opswork's app : opswork ID
Stack
Given from AWS opswork's stack: opswork ID
Branch name
Here is the confussion again as per github help i need to give the SHA configured for that app in the AWS OpsWorks Console ? Why should i give SHA not the Master or the link of repo ?
GitHub api url
This is optional what should i give here ?
Aws access key
No issues
Aws secret access key
No issues
GitHub token
Optional : Created token as instructed , Both with token and without token not working.
So If you check opswork is not getting triggered , I thought when i push the changes it may work internally but not.
So its seems web hook and opswork service need to be interact at some level but unable to figure it out :(
I checked git hub help also found nothing for new interface
I checked google and stackoverflow too , but not found any thing
Kindly anyone please answer .
One alternative way would be to set up AWS CodePipeline (CodeDeploy??) to deploy to your AWS Opsworks stack.
CodePipeline is a Continuous Delivery solution from Amazon. Mid 2016 they announced that CodePipeline works with OpsWorks - see their blog announcement: AWS CodePipeline Adds Integration with AWS OpsWorks. There's some walkthroughs there too, depending on what version of OpsWorks your stack is set up for.
(It does feel a bit weird to use a deployment service to deploy to a service that has an existing deployment service... but eh, thought this might help)
The problem is with the process of Github and opswork , if there is any error then both do not report user with error.
I contacted to Github support and luckily they responded me back with error message "The security token included in the request is invalid."
Then i recopied the access key and secret key removed "GitHub api url" as blank and branch name to "master" (so it will always deploy the latest version aka head)
Also make sure you need to set permission again in opswork this is separate to IAM permission ,
Steps -> Goto your stack - Permission and edit -> add user github with permission "IAM Policies Only".
There is no interaction between web hooks and integrations . so you can make use of integration services without web hook :) .
Thanks to Stack overflow , Git-hub both :)