I'm trying to setup gitlab with gitlab CI on internal network on Debian.
Im using Gitlab 6.7.3 abd gitlab ci 4.3.
Gitlab is on selfsigned ssl.
Everything seems ok until i try to start build. Both systems are connected and tokens auto setted up.
When i commit into repository the build shows in gitlab CI as "pending" and in log i can see:
Started POST "/projects/1/build?token=d18e0fea59ae4d40327f9cc11d2793" for 127.0.0.1 at 2014-04-25 05:38:02 +0000
Processing by ProjectsController#build as HTML
Parameters: {"before"=>"0000000000000000000000000000000000000000", "after"=>"437d8dddd2de6c3329ca58808fd08b4557f8b3af", "ref"=>"refs/heads/master", "user_id"=>3, "user_name"=>"Pokluda, Vaclav", "project_id"=>1, "repository"=>{"name"=>"test", "url"=>"git#mobile-gitlab.dev:Vaclav.Pokluda/test.git", "description"=>"", "homepage"=>"https://mobile-gitlab.dev/Vaclav.Pokluda/test"}, "commits"=>nil, "total_commits_count"=>0, "token"=>"d18e0fea59ae4d40327f9cc11d2793", "id"=>"1", "project"=>{}}
Can't verify CSRF token authenticity
Completed 201 Created in 15ms (ActiveRecord: 1.6ms)
Any suggestion?
I guess you may be hitting the same bug as me, https://gitlab.com/gitlab-org/omnibus-gitlab/issues/761
Related
I'm trying to push to GAR from my local machine, but I always get this error:
failed to authorize: failed to fetch anonymous token: unexpected status: 403 Forbidden
First, I've confirmed that my account has the Artifact Registry Writer role through IAM.
I have done the following locally:
# Login with my Google account
gcloud auth login --update-adc --force
# Configure docker to use the gcloud CLI auth helper
gcloud auth configure-docker us-west1-docker.pkg.dev
# docker login for good measure
docker login
# Tag my image (already built)
docker tag myimage us-west1-docker.pkg.dev/myproject/myrepo/myimage
# Push it
docker push us-west1-docker.pkg.dev/myproject/myrepo/myimage
On this final command I get the error above.
I have read all the Google documentation I could find but they all suggest the above steps:
https://cloud.google.com/artifact-registry/docs/docker/pushing-and-pulling
https://cloud.google.com/artifact-registry/docs/docker/troubleshoot
Note: I can't pull either, using the command provided directly from the GCP web UI.
I'm on M1 Mac.
So I was able to solve this problem by completely nuking Docker, specifically with these steps: https://stackoverflow.com/a/69437543/3846032. I couldn't uninstall it by normal means, it would just hang, implying that the problems I was getting were a result of my Docker installation being very broken. Indeed, I managed to follow the above steps on another machine and it worked, which led me to conclude the steps above and my credentials were totally fine.
The 403 was a red herring, it must have come from my local Docker being broken in such a way that it doesn't send properly authenticated requests.
I created tekton pipeline on minikube as per this link (Basically I'm pulling the repo from github and generating image and pushing it to ECR)
But in my case, I'm pushing the image to AWS ECR.
I configured credentials of AWS ECR on my cluster as per this
When I'm running the pipeline I'm getting the following error.
Note: For testing if my AWS credentials were configured correctly or not, I created a simple deployment spec file and ran it. The image is pulled and the application is running. But with tekton I'm getting 401 issue. Can someone help me with this issue, please?
INFO[0000] GET KEYCHAIN
error checking push permissions -- make sure you entered the correct tag name, and that you are authenticated correctly, and try again: checking push permission for "12345678910.dkr.ecr.us-east-1.amazonaws.com/test-api:latest": POST https://12345678910.dkr.ecr.us-east-1.amazonaws.com/v2/test-api/blobs/uploads/: unexpected status code 401 Unauthorized: Not Authorized
I'm getting this weird error in azure pipelines. We use a ACR to supply our base images and we connect to this using a service connection which works well most of the time. However occasionally we get an error:
/usr/bin/docker pull /base-images/python:3.7-buster-vanilla
Error response from daemon: Get https:///v2/base-images/python/manifests/3.7-buster-vanilla: unauthorized: authentication required, visit https://aka.ms/acr/authorization for more information.
There does not seem to be any clear explanation for this because when we perform a retry of the specific task this works fine.
We have no separate login to the acr and we only define the connection that needs to be used in the job itself:
container:
image: servers.azurecr.io/base-images/python:3.7-buster-vanilla
endpoint: server-Service-Connection
I have been looking at the build logs but was not able to get any usefull information from there. If any additional information is needed i would of course be happy to supply it.
I fixed this error using the Azure CLI az acr login --name *registry-name* Solution explained here at Azure Registry troubleshooting docs
I think you may be running into a Docker Hub issue. We're experiencing this intermittently in our CI (not Azure) during regular pulls for python images.
From https://status.docker.com/pages/history/533c6539221ae15e3f000031
February 3, 2021 5:21PM
UTC[Investigating] A number of users may experience problems logging into Docker Hub.
Nothing i try seems to trigger my Jenkins webhooks from github
Things to know
My Jenkins instance sits behind a Nginx proxy
I am using the Organization type Jenkins project with a Jenkinsfile
The git user used is using a personal access token and has organization rights and all needed permissions
I have security setup on the Jenkins instance so my Jenkins webhook url is https://foo:bar#jenkins.doctify.co.uk/github-webhook/
The webhook has the accurate set of permissions
This gets the green tick and a 200 response from the Jenkins instance
When using polling to trigger the branch indexing this works correctly
In the logs i only see this sometimes and never a pull request event
INFO: Received POST for https://github.com/doctify/platform
Jul 14, 2016 4:13:40 PM org.jenkinsci.plugins.github.webhook.subscriber.DefaultPushGHEventSubscriber onEvent
My Organization configuration
Jenkins Version 2.13, Git Version 2.7.5
Questions
How do I get this to work?
How do I make it better and have the organization plugin create the webhooks automatically the way I'm sure its meant to do?
We've been successfully using TeamCity and Octopus on a single machine, and now we have added a new build agent due to growing number of simultaneous builds. I have set up a new Octopus Tentacle and verified that Tentacle is reachable from the Octopus server in Listener role. However,any build that uses Octopack fails when executed on the new TeamCity agent. Here is an extract from the build log:
Running command: octo.exe create-release --server
servername:8443 --apikey SECRET --project NRK Bridge (Legacy)
--enableservicemessages --version 0.0.0.662 --deployto Dev --waitfordeployment --package=NRK.Bridge.Web:0.0.0.662 --packageversion=0.0.0.662
[12:06:02]Creating Octopus Deploy release
[12:06:02]Octopus Deploy Command Line Tool, version 2.0.8.22
[12:06:03]Handshaking with Octopus server: servername:8443
[12:06:06]The following certificate errors were
encountered when establishing the HTTPS connection to the server:
RemoteCertificateChainErrors
[12:06:06]Certificate subject name: CN=servername
[12:06:06]Certificate thumbprint: 79C26(...)
[12:06:07]The following certificate errors were encountered when
establishing the HTTPS connection to the server:
RemoteCertificateChainErrors
[12:06:07]Certificate subject name: CN=servername
[12:06:07]Certificate thumbprint: 79C26(...)
[12:06:08]The following certificate errors were encountered when
establishing the HTTPS connection to the server:
RemoteCertificateChainErrors
What I noticed is that the certificate thumbprint in the build log is different from thumbprints shown in Octopus server machine page. I tried to generate a new API key and re-register a Tentacle. Am I overlooking something here?
Did you copy the Api key into Team City? The api key is different to thumb prints. Api Key can be found in Octopus Admin section, under users tab.