I'm trying to encrypt a service account file for Google Cloud and transfer over BitBucket to eventually deploy to GCP Kubernetes. I'm using the travis command line to do this, but whenever I try to log in via the command line it assumes I have a GitHub account associated with Travis CI not BitBucket.
travis encrypt-file service.json -r USERNAME/REPO
When I run this, Travis assumes I have trying to auth a GitHub account and asks me to login. It tries to validate my username and password against GitHub not BitBucket.
We need your GitHub login to identify you.
Is there an alternative command line command that lets me force a BitBucket login? Or a workaround for allowing me to encrypt the file and include in my .travis.yml build file?
You can use -t TRAVIS_TOKEN instead of authentication via login command (login command assumes that you want to login via GitHub)
Your encrypt command will look like this:
travis encrypt-file --pro --repo USER/REPO -t TRAVIS_TOKEN file --add
Steps to get user token:
Login into Travis (via BitBucket)
Click your user icon (top right corner) and select Settings
This will show you your Repositories with option to show Settings or Plan.
Select Settings
Click Copy token from API authentication
Or just click this link Travis CI preferences and Copy Token.
Related
I'm following the steps listed here to try and link an existing local project to a new repo on GitHub.
I ran gh repo create but got an Authentication error, with a note to update my credentials in the .gitsomeconfig file. I ran gh configure and entered my GitHub username and my GitHub password (since I chose that option instead of using an authentication token). I entered them exactly the same as I type them in. Then I ran gh repo create again and still ran into the Authentication error. I output the content of .gitsomeconfig and verified that the user_login is correct (It doesn't display my password anywhere).
I've tried running gh configureat least 6 times now. I've copied and pasted from Lastpass to be extra sure I'm entering credentials correctly. I've tried both my username and my email address since I wasn't sure which gh configure actually wanted for username, but neither seem to work. I'm at a loss for what might be going wrong. Any thoughts or suggestions?
The right command is gh auth login, using your GitHub account name and your GitHub token (not password, your PAT: Personal Access Token, with scopes "admin:org, gist, repo, user, workflow")
Then you can check with gh auth status.
Once the status is clean (authenticated), you can proceed with other commands, like gh repo create.
I'm trying to clone a github repository locally using the following command
git clone https://github.com/*myuser*/*myrepo.git*
This brings up the authentication dialog
Here I am using the exact same credentials with which I can login to the website.
But I always get a Logon failed error.
I am not using two factor authentication and tried to reset my password but without result.
Am I missing something?
Ok, seems username-password usage is deprecated and you have to create a Personal Access Token.
https://docs.github.com/en/github/authenticating-to-github/creating-a-personal-access-token
Using this access token worked for me with the basic credential prompt, not when using the dialog window.
I created Authentication token as well all permission for user which running pipeline is defined
If you checked Run with Build Agent Credentials as Authentication in the task. And the build account {ProjectName} build service ({OrganizationName}) was granted Read and Contribute permission in the Wiki Security page.
But you still encounter above error. It's probably because you have IIS Basic Authentication turned on in the Azure DevOps Server machine. When IIS Basic Authentication is enabled on your windows machine, it prevents you from using personal access tokens (PATs) as an authentication mechanism. See here.
We recommend you keep IIS Basic Authentication turned off at all times when using Azure DevOps Server. Only if necessary should you enable IIS Basic Authentication. When IIS Basic Authentication is enabled on your windows machine, it prevents you from using personal access tokens (PATs) as an authentication mechanism.
As workaround to this, you can add an extra header which includes a base 64 encoding of "user:PAT" to the Git requests when IIS Basic Authentication is enabled:
So you can run the pure git commands in a powershell task to update your wiki repo, instead of uisng the git based wiki updater task. See below example scripts in the powershell task (yaml format):
steps:
- powershell: |
git config --global user.email "your#eamil.com"
git config --global user.name "name"
$MyPat = "$(system.accesstoken)"
$B64Pat = [Convert]::ToBase64String([System.Text.Encoding]::UTF8.GetBytes(":$MyPat"))
#clone the wiki repo
git -c http.extraHeader="Authorization: Basic $B64Pat" clone https://server/collection/_git/Document.wiki -q
cd Document.wiki
#add a new file
echo echo "some-text" > addnew.md
git add .
git commit -m message
#push to wiki repo
git -c http.extraHeader="Authorization: Basic $B64Pat" push https://server/collection/_git/Document.wiki -q
displayName: 'update wiki'
Check here for more information.
In order to use the Build Agent OAuth token $(system.accesstoken) in above script. You need click the Agent job 1 and Check the option Allow scripts to access the OAuth token
I am having problems using setup releases with a github token. I like travis-ci but I am not willing to hand out my github password - I need to use the token and I read the documentation as this should be possible this way. Unfortunately it still asks for pasword:
$ travis login --github-token XXXXXXXXX
Successfully logged in as ligi!
$ travis whoami
You are ligi (ligi)
$ travis setup releases
Detected repository as ligi/gobandroid, is this correct? |yes|
Username:
Here's a route which doesn't involve typing your GitHub password into the terminal. I assume you have the travis CI installed. This assumes you're using travis-ci.org, but replacing --org with --com should work otherwise.
If github.com/your/repo was your repo:
Generate a Github personal access token with the following scope: read:org, public_repo, repo:status, repo_deployment, user:email, write:repo_hook
(Optional?) Login using travis login <github token> --org
Run echo <github token> | travis encrypt --org -r your/repo
Use that secret in your .travis.yml file as described in the documentation
You may need to provide full repo scope, but for the free tier of Travis, public_repo is enough. I'm also not sure which of the other scopes are mandatory.
echo is useful on Windows because Ctrl-D doesn't work properly in Powershell.
The Travis CI CLI will not send the GitHub password to Travis CI, instead it will send it to GitHub and use it to generate a GitHub token (the same is true for travis login).
However, if you still feel uncomfortable, you can configure the deployment manually.
Add the following to your .travis.yml:
deploy:
provider: releases
api_key: "GITHUB OAUTH TOKEN"
file: "FILE TO UPLOAD"
skip_cleanup: true
on:
tags: true
all_branches: true
You can encrypt the GitHub OAuth token via travis encrypt .... It is not necessary to be logged in via the CLI for this, and the encryption happens locally.
See http://docs.travis-ci.com/user/deployment/releases/ for the full documentation
I think you can use -t/--token option, e.g.
travis login --org --github-token G1tHu8T0K3N
travis setup releases --org -t G1tHu8T0K3N
I would like to create a webhook within Gitlab to automatically update a mirror repository on Github, whenever a push event happens. I've checked this page, but I didn't understand how it is done.
My Gitlab version is 6.5. Here is the configuration page:
What should I put in URL? Where do I need to place the script to update the repository?
You don't need a webhook for that. A regular post-receive hook will work very well.
To create and use such a hook you just have to login on the server where your gitlab is installed and create an ssh key for git user.
sudo -u git ssh-keygen -f /home/git/.ssh/reponame_key
(do not type any passphrase when prompted)
Go to your github account and add the public key (it's been created as /home/git/ssh/reponame_key.pub) to your project as a deploy key.
have a look at https://help.github.com/articles/managing-deploy-keys if you need help with that.
Once that is done, you just have to configure the connection between your git server and github's:
add an alias to git user's ssh configuration (add following lines to /home/git/.ssh/config - create it if it's not present)
Host reponame
IdentityFile /home/git/.ssh/reponame_key
HostName github.com
User git
Now add the new remote (using the alias you just created) to your repository:
cd /home/git/repositories/namespace/reponame.git
git remote add --mirror github reponame:youruser/reponame.git
Now that everything is in place you'll have to create the actual hook:
cd /home/git/repositories/namespace/reponame.git/hooks
echo "exec git push --quiet github &" >> post-receive
chmod 755 post-receive
The lastcommand is very important because git will check if a hook is executable before running it.
That's it!
(Replace reponame, namespace and youruser according to your real accounts and enjoy).
Last note: if you want your name andavatar near commits on github, make sure that the email address you are using on gitlab is one of the addresses inked to your github account as well. You'll see your gitlab username otherwise.
If you aren't hosting your own GitLab, GitLab.com has introduced this feature directly, without any workarounds.
From within a project use the gear icon to select Mirror Repository
Scroll down to Push to a remote repository
Checkmark Remote mirror repository: Automatically update the remote mirror's branches, tags, and commits from this repository every hour.
Enter the repository you want to update; for GitHub you can include your username and password in the URL, like so: https://yourgithubusername:yourgithubpassword#github.com/agaric/guts_discuss_resource.git —as noted in the comments, it is much better securitywise to use your GitHub access token here instead of login credentials; will update the answer when i've tested.
For WebHooks processing I'm using sinatra web server.
require 'sinatra'
post '/pew' do
puts JSON.parse request.body.read
# here can be placed signal code to run commit processing script
end
register webhook for push events(or other) to http://localhost:4567/pew within GitLab
and since this moment on each commit gitlab will be sending commit info to url.