After going the number of SO threads and blogs and Spring cloud config documentation still, I couldn't find on how I can connect to remote GITLAB repository as I'm getting below error while starting the spring-cloud-config server.
Caused by: com.jcraft.jsch.JSchException: Auth fail
spring:
cloud:
config:
server:
git:
uri: git#private_gitlab_repo:project
search-paths: '{application}'
skip-ssl-validation: true
strict-host-key-checking: false
known-hosts-file: C:\Users\myname\.ssh\known_hosts
spring-boot :2.1.2.RELEASE
spring-cloud.version: Greenwich.RELEASE
OS: Windows-7
With the command prompt, I could able to interact with the GITLAB repository. I do have the SSH key generated and added the public key in GITLAB settings. Also, I do not have the option to use username and password to connect to GITLAB.
Any pointers on where I'm missing the configuration or steps?
Found that this is my IntelliJ idea IDE issue and when I try running the same project in command prompt it worked without any issues.
Related
I am banging my head around why spring cloud config is using ssh even when i try to provide https uri in the application.yaml. Here's my quick config file:
spring:
cloud:
config:
server:
git:
uri: https://github.com/myOrg/myRepo
skipSslValidation: true
username: ${GITHUB_USERNAME}
password: ${GITHUB_PASSWORD}
server:
port: 8888
ssl:
enabled: false
I would assume spring cloud config to use https to do this connection and clone the repo. Can someone help me understand why still it uses ssh and fails on auth(which is obvious as I don't provide any private key):
org.springframework.cloud.config.server.environment.NoSuchRepositoryException: Cannot clone or checkout repository: https://github.com/myOrg/myRepo
at org.springframework.cloud.config.server.environment...
Caused by: org.eclipse.jgit.api.errors.TransportException: git#github.com:myOrg/myRepo: Auth fail
....
Caused by: com.jcraft.jsch.JSchException: Auth fail
at com.jcraft.jsch.Session.connect(Session.java:519) ~[jsch-0.1.55.jar:na]
at org.eclipse.jgit.transport.JschConfigSessionFactory.getSession(JschConfigSessionFactory.java:115) ~[org.eclipse.jgit.ssh.jsch-5.12.0.202106070339-r.jar:5.12.0.202106070339-r]
... 62 common frames omitted
My suspicion is that if https doesn't work, it tries via ssh. That's why it's using ssh. Has anyone faced issues like this?
Any help appreciated!
Answering my own question. Apparently, the fallback was due to the ~/.git folder in which ssh access was recommended. Deleting it solved the problem.
I have a Spring-Boot application that use Spring Cloud Config and I'm trying to get the application's configuration file from Bitbucket. I was able to get the configuration file some time ago but now I'm getting an error when I try to access by config-server url.
application.yml:
server:
port: 8888
spring:
application:
name: config-server
cloud:
config:
server:
git:
password: ##########
username: ##########
uri: https://USERNAME#bitbucket.org/repositorios-closeup/cup-configuration-files
searchPaths: '{application}'
When I try to access the url the application is showing an error - NOT AUTHORIZED:
org.eclipse.jgit.api.errors.TransportException: https://USERNAME#bitbucket.org/repositorios-closeup/cup-configuration-files: not authorized
at org.eclipse.jgit.api.FetchCommand.call(FetchCommand.java:254) ~[org.eclipse.jgit-5.1.3.201810200350-r.jar:5.1.3.201810200350-r]
at org.eclipse.jgit.api.CloneCommand.fetch(CloneCommand.java:306) ~[org.eclipse.jgit-5.1.3.201810200350-r.jar:5.1.3.201810200350-r]
Does anybody know what is happening? I've already check all credentials and url on bitbucket.
I had to generate a Personal Access Token on my Github user settings. And use it, instead of the real password.
I know you mentioned Bitbucket, but I've got the same issue with Github instead. And that's how I solved the "Not authorized" message.
I want to add my contribution to this question. I hope it might help someone. #henriqueor answer was what helped me. As I've enabled SSH I needed to generate a Personal Access Token with all scopes granted. (As I'm a Junior Developer, I would need more time to investigate what scopes are necessary to avoid this error.)
Selected scopes: admin:enterprise, admin:gpg_key, admin:org, admin:org_hook, admin:public_key, admin:repo_hook, admin:ssh_signing_key, delete:packages, delete_repo, gist, notifications, project, repo, user, workflow, write:discussion, write:packages
I added the following command line. It worked for me.
spring.cloud.config.server.git.ignore-local-ssh-settings=true
This setting ignores the local ssh config.
I needed to change the authentication to use ssh instead of https.
I generated the ssh using this command:
sh-keygen -m PEM -t rsa -b 4096 -C 'bitbucket_username'
Imported the public key to bitbucket using this tutorial:
https://support.atlassian.com/bitbucket-cloud/docs/set-up-an-ssh-key/
And changed my application.yml to use the ssh-private-key:
cloud:
config:
server:
git:
uri: git#bitbucket.org:repositorios/configuration-files.git
searchPaths: '{application}'
ignore-local-ssh-settings: true
private-key: |
-----BEGIN RSA PRIVATE KEY-----
...
-----END RSA PRIVATE KEY-----
default-label: master
For BitBucket i had to create an App Password and put it in the spring.cloud.config.server.git.password property
BitBucket create App Passwords
I had this working on localhost about a month ago, but when I came back to the project, hitting the URL results in a "This site can’t provide a secure connection" error in the browser. For reference, I believe I had used this site as a guide to get it set up: https://www.thomasvitale.com/https-spring-boot-ssl-certificate/
I'm running the project with the bootRun Gradle task and the default embedded Tomcat server. The following configuration is set:
/grails-app/conf/application.yml
spring:
profiles: development
server:
port: 8092
ssl:
enabled: true
key-store: classpath:keystore.jks
key-store-password: password
key-store-type: pkcs12
key-alias: alias
key-password: password
The keystore is located at /src/main/resources/keystore.jks.
I don't see any errors in the console indicating any issues opening or accessing the keystore so I'm at a loss as to what might have changed. Is there a better guide than the one linked above that would give me other things to check for issues?
Eventually, I tried changing the password field to something I knew was not the password and the app started without errors. This led me to determine that the YAML file was not being picked up by bootRun. Removing the Spring profile config at the top of the YAML file then caused the app to error because of the incorrect password.
This led me to realize that somehow the active profile configuration in my Gradle bootRun task was reset. Adding -Dspring.profiles.active=development to the VM options fixes the problem.
I'm trying to build sample microservice app using this tutorial Tutorial. jhipster v5.2.1 So I've created a gateway and an armory started consul using this command:
docker-compose -f src/main/docker/consul.yml up
While I've pointed into the armory folder writing this command :
./gradlew
I got this error :
2018-09-03 13:20:11.235 WARN 7224 --- [ restartedMain] o.s.c.c.c.ConsulPropertySourceLocator : Unable to load consul config from config/armory-swagger/
com.ecwid.consul.transport.TransportException: org.apache.http.conn.HttpHostConnectException: Connect to localhost:8600 [localhost/127.0.0.1, localhost/0:0:0:0:0:0:0:1] failed: Connection refused: connect
Could you please help me
If you are using the toolbox you have to replace localhost by the IP of your Docker machine vm. You will have to ajust the bootstrap.yml properties to point to this adress.
You should also be able to apply this trick : https://www.jhipster.tech/tips/020_tip_using_docker_containers_as_localhost_on_mac_and_windows.html
I just changed fail-fast to false in bootstrap-prod.yml
You can disable Spring Cloud Config this way.
fail-fast: false
Otherwise you have to provide proper configuration as stated above.
Or you can run this command if you have already installed consul on your development machine.
consul agent -dev
We use spring cloud configuration Server (SCCS) with a svn backend.
I currently investigate into fallback/emergency scenarios when the backend is (temporarly) not available.
In case of a svn backend SCCS is downloading the configuration files into a local directory.
Our idea is to configure SCCS it first looks for the svn backend, and when it is not available the copied files are taken for the source.
Does anybody know how configuration has to look like, or has a totally different idea how this scenario is to be faced?
Thank you in advance!
So basically you want the Cloud Config Server to have multiple repositories. You can do that with profiles, but the switch from one repository to another one won't be automatic (at least from the top of my head).
The Spring Cloud Config Server bootstrap.yml with two repositories:
spring:
profiles.active: remote-svn
application:
name: config-server
cloud:
config:
server:
svn:
uri: https://yourserver.com/config-repo
force-pull: true
//---
spring:
profiles: local-svn
application:
name: config-server
cloud:
config:
server:
svn:
uri: ${user.home}/config-repo
Generally you would start your server like:
mvn spring-boot:run
But if your remote svn server is down, you would kill the server and restart it like:
mvn spring-boot:run -Dspring.profiles.active=local-svn
The thing is that you must maintain both of these repositories synced. So when you push your configurations to the SVN repository, you need to have two remotes configured. One referencing your SVN server and the other referencing the Spring Cloud Config Server repository.
You can have a bash script with a logic that checks the health of your SVN server and when it finds out that the server is down it restart the Spring Cloud Config Server using the local-svn profile.