Github with opswork auto deployment using webhook help needed - github

Again i got stuck to achive the target to trigger deployment once code is pushed to repo, I search the net but i found only old information github is updated and as per there instruction i setup all values but still not working so its look i am missing something I tried to follow the instruction but it seems old http://bytes.babbel.com/en/articles/2014-01-22-github-service-hook-for-aws-ops-works.html
The interface is confusing and i am confused because there is no connection between repo name and opswork service , so what value webhook should send to opswork service ?
Below is what i understood
Setup webhook and it will trigger and send pay load to CI or services as needed once code is pushed to repo (this part is working and send payload to some where) : But this is failing because its Payload URL should i give the opswork service url generated by git hub ?
Opswork services : This is not working ,
App
Given from AWS opswork's app : opswork ID
Stack
Given from AWS opswork's stack: opswork ID
Branch name
Here is the confussion again as per github help i need to give the SHA configured for that app in the AWS OpsWorks Console ? Why should i give SHA not the Master or the link of repo ?
GitHub api url
This is optional what should i give here ?
Aws access key
No issues
Aws secret access key
No issues
GitHub token
Optional : Created token as instructed , Both with token and without token not working.
So If you check opswork is not getting triggered , I thought when i push the changes it may work internally but not.
So its seems web hook and opswork service need to be interact at some level but unable to figure it out :(
I checked git hub help also found nothing for new interface
I checked google and stackoverflow too , but not found any thing
Kindly anyone please answer .

One alternative way would be to set up AWS CodePipeline (CodeDeploy??) to deploy to your AWS Opsworks stack.
CodePipeline is a Continuous Delivery solution from Amazon. Mid 2016 they announced that CodePipeline works with OpsWorks - see their blog announcement: AWS CodePipeline Adds Integration with AWS OpsWorks. There's some walkthroughs there too, depending on what version of OpsWorks your stack is set up for.
(It does feel a bit weird to use a deployment service to deploy to a service that has an existing deployment service... but eh, thought this might help)

The problem is with the process of Github and opswork , if there is any error then both do not report user with error.
I contacted to Github support and luckily they responded me back with error message "The security token included in the request is invalid."
Then i recopied the access key and secret key removed "GitHub api url" as blank and branch name to "master" (so it will always deploy the latest version aka head)
Also make sure you need to set permission again in opswork this is separate to IAM permission ,
Steps -> Goto your stack - Permission and edit -> add user github with permission "IAM Policies Only".
There is no interaction between web hooks and integrations . so you can make use of integration services without web hook :) .
Thanks to Stack overflow , Git-hub both :)

Related

Jenkins pipeline unable to connect to github PRIVATE repository

Pulled latest jenkins image in docker. Followed the steps of jenkins io. Jenkins runs fine, I am able to create builds which checkout git repos.
What doesn't seem to work, is to create a pipeline for a PRIVATE github repo. The documentation states:
create access token in github [OK]
use it to authenticate [OK]
choose company/project [OK]
choose multibranch repo [OK]
create pipeline [fails]
The wizard complains about that there is no existing Jenkinsfile in my repo. That's incorrect. I do have a Jenkinsfile, which is correct (generated by blueocean too). So I guess the fact the blueocean complains about missing Jenkinsfile is related to not being able to find the project/branches in github. Something with credentials no longer working?
Also, when I follow the steps and try to manually create the pipeline:
Again, a strange error message, again I guess related to something which is broken in credential management, either in jenkins <-> github, or blueocean <-> github.
Last, when I open the build (=pipeline) from jenkins dashboard, I can click on Scan repository log which at least states the error clearly.
ERROR: [Mon Jul 11 12:43:07 UTC 2022] Could not update folder level actions from source blueocean
[Mon Jul 11 12:43:07 UTC 2022] Finished branch indexing. Indexing took 0.23 sec
FATAL: Invalid scan credentials when using anonymous access to connect to basprins/unode on https://api.github.com
Finished: FAILURE
Again, the Personal Access Token is good. I created one with ALL scopes enabled (max rights in my repo) just to be sure nothing is left unchecked. It is "good enough" to login and checkout the branch. It seems to fail with actually creating the pipeline. I have no clue what else can be wrong on my side.
I tried any combination of username/password (legacy email address username + legacy password, or my github username + personal access token, and all 4 possible combinations of the two username/password pairs). Nothing gives.
Is there anybody that can confirm (or deny?) that above is possible, or would be willing to reproduce it on your side? It's an no-brainer docker setup. All you need to create is some temporary PRIVATE github.
Looking forward to an actual answer!
I had the same error and it seems like the jenkins credentials for the personal access token are not getting created automatically. This is how you can check if your issue is the same as mine:
Open the configuration of the multibranch pipeline.
Go to branch sources and then check if there is a name in the dropdown for credentials.
If there is no name then it's the same issue.
The following is what I did to fix it:
Click on Add and create a credential with the following values:
Kind: Choose the option username and password.
username: Enter the github username.
password: Enter the api token you created.
Create the credential by clicking on add.
Choose the credential in the dropdown credentials and save the configuration.
Go to the overview page for the multibranch pipeline (in the old jenkins, not blueocean) and click on Scan repository now to run the scan again with working credentials.
The error should now be resolved.

Webhooks: GCP and Github

Since Github changed their authentication methods to only accept Personal Access Tokens I've had some trouble with getting my GCP Build Trigger to run when I push to the main branch of my repo.
Does anyone know how I can re-authenticate, or change the password that's being used to connect GCP to Github?
On GCP I have tried reconnecting to the repo, 'forgetting' the repo and then reconnecting, I'm not incredibly clued up on this platform, I've only been using it for a few weeks.
"token" would be used for HTTPS URL.
The official GCP documentation uses SSH URLs, which does not need tokens (but SSH keys): that would be one alternative.

Setup Github Webhook for AWS EC2 server

I have a webapp deployed in aws ec2 instance. I recently got to know about Github Webhook. Now i am trying to setup webhook service for my ec2 server. Can someone pls give a walk-through about:
1. How to receive the webhook payload for server endpoint.
2. What will be the Payload URL that one have to write in github webhook service.
First you need to go to your repo, and click through this sequence:
Settings -> Webhooks & Services -> Add webhook
Then paste the url where github will submit data for each new commit. You can find examples of payload in example.
Then implement the logic needed in the backend to work with info about new commits.

Azure Push Notification REST No Service is Hosted at the Specified Address

I am using Azure mobile services to do Push Notifications. I have a push notification service bus created. When I try to connect to that through a REST service I get the following response:
404No service is hosted at the specified address. TrackingId:dfc9aea1-e229-4eb7-b393-c8cd6bce258d_G19,TimeStamp:11/3/2014 8:39:21 PM
The POSTMAN request looks like so which duplicates the problem:
How do I further troubleshoot this because the service is there? What am I missing?
A reference to the above API can be found here:
http://msdn.microsoft.com/en-us/library/azure/dn223266.aspx
After troubleshooting with Microsoft we found the problem to be two-fold.
The Connection String key you should be using is found on the hubs page. Named DefaultFullSharedAccessSignature.
The next thing is the hub name shouldn't be the namespace.
In my URIā€¦
https://qb-alphahub-ns.servicebus.windows.net/qb-alphahub-ns/messages/?api-version=2013-10
Should be
https://qb-alphahub-ns.servicebus.windows.net/qb-alphahub/messages/?api-version=2013-10
I had the exact same issue when sending requests via Python and Postman.
I tried the above solution with no luck. My issue ended up being two-fold as well:
My namespace was named the same as my notification hub. Had to rename my hub.
I had to add an extra header to the POST: "X-WNS-Type": "wns/toast"
After making the changes, my toast notifications started working with successful responses from the Notification Hub web services.

Jenkins and GitHub webhook: HTTP 403

I have a GitHub repository which I would like to have notify Jenkins of new commits via a post-receive hook. I've installed the GitHub plugin into Jenkins and have allowed for Jenkins to manage it's own hook URLs. The project has the correct git repository URL and is instructed to "Build when a change is pushed to GitHub". When I have GitHub send a test payload I find this in the nginx webserver that front's Jenkins:
207.97.227.233 - - [15/Sep/2011:07:36:51 +0000] "POST /github-webhook/ HTTP/1.1" 403 561 "-" "-"
I was running SSL so I disabled it to no effect. Do I need to provide special permissions to an anonymous user in the permissions matrix?
Please forgive the lack of configuration files: I'm happy to share those that might exist but I don't know what might be useful to share.
As I don't allow anonymous access, it turns out I needed to create a specific user for GitHub pushes and to grant it Overall read, Job create and Job read. It was also necessary to bundle the authentication into the webhook URL, like so:
https://foo:password#jenkins.example.com/github-webhook/
From Github's instructions ("Configuring global authentication", the first section),
1. Create a user in Jenkins which has, at a minimum, Job/Build permissions
2. Log in as that user (this is required even if you are a Jenkins admin user), then click on the user's name in the top right corner of the page
3. Click 'Configure,' then 'Show API Token...', and note/copy the User ID and API Token.
4. In GitLab, when you create webhooks to trigger Jenkins jobs, use this format for the URL and do not enter anything for 'Secret Token': http://USERID:APITOKEN#JENKINS_URL/project/YOUR_JOB
In my case I used http://USERID:APITOKEN#myIPaddress:808/ and no project/YOUR_JOB
As previously mentioned Jenkins does not allow anonymous access (you don't want people to trigger builds for you!). Adding a username and password in the clear is not the best solution.
1) If your Jenkins is behind a VPN, you need to make sure that your Jenkins webhooks URL are exposed
2) In the GitHub plugin configuration add the correct accessible Jenkins webhook URL(https://jenkins.example.com/github-webhook/) in Override Hook URL
3) Add a secret in the Shared secret section (preferably a long random string). This would be a token sent from Jenkins to GitHub and vice versa for authentication. This should be different from the GitHub Server Credentials!
4) Make sure the user has owner access to add webhooks to your GitHub repos
5) Don't forget to re-register the webhooks after this
https://username:password#jenkins.example.com/github-webhook/ worked for me but the password has to be encoded for the payload to work. My github was not able to contact jenkins due to nginx authorisation but passing username and encoded password worked!