I am trying to automate uploading binaries of C++ library as GitHub Releases with Travis-CI. The release is set up to proceed with encrypted token from a user with admin privileges on repository.
Everything is according to the docs, but still getting my builds failed with this error:
`on_complete': GET https://api.github.com/user: 401 - Bad credentials // See: https://developer.github.com/v3 (Octokit::Unauthorized)
Please see details at: https://api.travis-ci.com/v3/job/161301399/log.txt
Let me clarify how I set up a release:
$ travis login
# Answer the security challenge with GitHub username/password
$ travis setup releases --com
# Answer the security challenge with GitHub username/password
# Answer few more questions
I do the --com part since the repository was recently moved to travis-ci.com and the job is performed there. However, I also tried the --pro and `` (no option, default to .org).
So here is deploy section of my .travis.yml:
deploy:
provider: releases
skip_cleanup: true
draft: true
overwrite: true
api_key:
secure: [... omitted ...]
file: ${DISTRIBUTION_NAME}
on:
all_branches: true
As for now I've run out of options, so any advice would be highly appreciated.
Well, after banging my head against the wall for the straight 3 hours, it come to my attention that I was encrypting OAuth token as secret for different repo.
Namely, travis setup releases (and updated .travis.yml) mentioned Multy-io/Multy-back while I was working on script for Multy-io/Multy-Core project.
This is leftover from setting up previous project. Please note that you might want to explicitly set the repository to avoid similar issue with:
with travis setup releases -r Name/Repo
Related
I'm seeing this error as of today, was working yesterday and prior to that as well.
Can't see that anything has changed in the Heroku documentation that might cause this breaking change.
Error:
Switched to a new branch 'deploy'
remote: ! WARNING:
remote: ! Do not authenticate with username and password using git.
remote: ! Run `heroku login` to update your credentials, then retry the git command.
remote: ! See documentation for details: https://devcenter.heroku.com/articles/git#http-git-authentication
fatal: Authentication failed for 'https://git.heroku.com/snapnhd-staging.git/'
main.yml
server-deploy:
needs: server-check
runs-on: ubuntu-latest
steps:
- uses: actions/checkout#master
- uses: actions/setup-ruby#v1
with:
ruby-version: '2.6.x'
- name: Determine Heroku App
id: heroku
uses: ./.github/actions/heroku-app
- name: Deploy
env:
HEROKU_API_KEY: ${{ secrets.HEROKU_API_KEY }}
HEROKU_APP: ${{ steps.heroku.outputs.app }}
run: |
git remote add heroku \
https://heroku:$HEROKU_API_KEY#git.heroku.com/$HEROKU_APP.git
git fetch --unshallow origin
git checkout -b deploy
git push heroku deploy:master -f
As part of their response to this ongoing security investigation, Heroku forced all users to reset their passwords on or around May 4 (quoting from an email that, presumably, all customers should have received):
As part of our efforts to enhance our security and in response to an incident published on status.heroku.com, we wanted to inform you that we will begin resetting user account passwords on May 4, 2022.
This also invalidated API tokens:
NOTE: A password reset will also invalidate your API access tokens. As a result, any automations you’ve built to integrate with the Heroku Platform API that use these tokens may result in 403 forbidden errors. To avoid downtime you will need to re-enable direct authorizations by following the instructions here and update your integrations to use your newly generated token.
The linked article shows several ways to generate a new token, all of which boil down to a POST to
https://api.heroku.com/oauth/authorizations
The exact method depends partly on whether you have multi-factor authentication enabled. If you aren't already using MFA, this would be a good time to enable it.
Generate a new token and update your GitHub Actions configuration to use it.
I am using golang to create a simple CLI application. I am using GoReleaser to release this to Gitlab. I followed the steps outlined in https://goreleaser.com/quick-start/ to release changes to gitlab.
I have generated a personal access token with API scope. I am tagging the changes and pushing them before I use the goreleaser to publish artifacts.
I always get the error which says release failed after 452.34s error=github/gitlab/gitea releases: failed to publish artifacts: Get "https://PRIVATEGITLABURL/api/v4/projects/PRIVATE_GITLAB_PROJECT/releases/v1%2E0%2E3": dial tcp IP_ADDRESS:443: connect: operation timed out.
My .gorelease.yml file
before:
hooks:
# You may remove this if you don't use go modules.
- go mod tidy
# you may remove this if you don't need go generate
- go generate ./...
builds:
- env:
- CGO_ENABLED=0
goos:
- windows
snapshot:
name_template: "{{ incpatch .Version }}-next"
changelog:
sort: asc
filters:
exclude:
- '^docs:'
- '^test:'
# .goreleaser.yml
gitlab_urls:
api: https://PRIVATE_GITLAB_REPO/api/v4/
download: https://PRIVATE_GITLAB_REPO
# set to true if you use a self-signed certificate
skip_tls_verify: false
Any Ideas? My gitlab version is GitLab Enterprise Edition 14.1.5-ee
Check first if this is because of goreleaser/goreleaser issue 1879 ("
Using goreleaser behind a http(s) proxy "), which is supported since PR 1885 and goreleaser v0.147.0:
either your GitLab server is accessible through internet, and you have not set HTTP(S)_PROXY environment variables
or your GitLab server is on your intranet, you have set HTTP(S)_PROXY, but forgot the NO_PROXY (to not use the proxy when accessing through https:// an intranet resource).
Batuhan Apaydın suggests in the OP's discussion to apply the gitlab configuration:
# .goreleaser.yml
release:
# Default is extracted from the origin remote URL or empty if its private hosted.
# You can also use Gitlab's internal project id by setting it in the name
# field and leaving the owner field empty.
gitlab:
owner: user
name: repo.
The OP GrailsTest confirms, from GH discussion, in the comments:
I could not push my release as I can only access GitLab via SSH.
HTTP does not seem to work. Https has never worked on my machine, possibly because I have not set environment variables.
I could get this working on my colleagues machine who can access GitLab via HHTPS and SSH.
I have a Jekyll site that uses the jekyll-paginate plugin and is hosted by GitHub Pages, pretty standard.
Does anybody know of other solutions to handle pagination such that I could build two blogs from the same site at domain/blog1 and domain/blog2 using this solution, but also retain pagination?
Retaining the current pagination design is not a priority. Creative ideas that require redesign are welcome.
I know jekyll-paginate-multiple exists, but GitHub Pages does not support it natively, and I would have to maintain two repos to maintain the site code and build artifacts separately, which is not ideal.
Use any custom Plugin/Gem with your GitHub Pages hosted Jekyll blog
Here is how you CAN use any custom plugin on a GitHub Pages hosted website. I use this on my own blog so I'm 100% certain that it works. The basic idea is that you use TravisCI to build your custom Jekyll site on a staging branch and then push it automatically to your GitHubPages master branch that serves your website. Here comes the quick walkthrough:
a) you configure GitHub Pages to host from the docs folder of your master branch
b) you add and configure a staging branch to be the default branch of your repo, there is where you do all your local work, releases work through setting a git tag on this branch
c) you use _config.yml file to set your destination directory to docs
# _config.yml
destination: docs
d) to avoid build issues with Travis CI you can add Gemfile.lock to your .gitignore file and the docs folder to your local .git/info/exclude since you don't want to push them anymore. To exclude the docs folder from a local push is optional, but for me that works best. You also may need to delete the Gemfile.lock first and then let Travis CI pick the fitting versions for the selected Docker OS, otherwise you can run into version conflicts which can be pretty hard to fix.
e) to deploy with Travis CI into production a.k.a. your live site you add a .travis.yml file alike :
language: ruby
rvm:
- 2.6.3
install:
- bundle install
script:
- JEKYLL_ENV="production" bundle exec jekyll build
deploy:
provider: script
script: bash script/deploy.sh
skip_cleanup: true
on:
tags: true
branch: staging
branches:
only:
- staging
- /\d+\.\d+(\.\d+)?(-\S*)?$/
env:
global:
- NOKOGIRI_USE_SYSTEM_LIBRARIES=true
- secure: TRAVIS_SECRET_KEY_FOR_GITHUB_CREDENTIALS
sudo: false
cache: bundler
notifications:
email: false
g) script/deploy.sh looks somewhat like this:
#!/usr/bin/env bash
bundle install
JEKYLL_ENV="production" bundle exec jekyll build
git status
git add .
git commit -m"[skip travis] Automated build"
git remote set-url origin https://USERNAME:$PSW#github.com/YOUR_GIT_USER/YOUR_REPO.git
git push origin HEAD:master --force
e) to get your encrypted TRAVIS_SECRET_KEY_FOR_GITHUB_CREDENTIALS in .travis.yml with the used $PSW variable used in the deploy script, just follow the Encryption Key Doc
Once this configuration is done, you can use any Gem the same way as on localhost since the building part is not done by GitHub anymore but TravisCI.
Conclusion
You just work on staging and only let Travis CI push to your master branch. You use tags in the form 1.0.0 to deploy. All you need to do now is to add jekyll-paginate-multiple to your Gemfile and _config.yml and you are ready.
If anyone is interested in more details for those step, have a look at this Blog Post detailing the issue
If jekyll-paginate-multiple works in your context, you can use it on GitHub pages as well.
All you need to do is to copy
https://github.com/scandio/jekyll-paginate-multiple/blob/master/lib/jekyll-paginate-multiple.rb
into your repos _plugins folder and you are good to go.
I'm trying out WSL 2 on windows 10 and it's gone well so far, but I've been struggling for 2 weeks to make this work, because for some reason go get doesn't use or is not able to make the Git Credentials Manager to prompt for my credentials.
I followed this blog to set up WSL2 with GCM https://www.edwardthomson.com/blog/git_credential_manager_with_windows_subsystem_for_linux.html
And it works very good for most of the daily tasks like cloning, read and write. But when using go get I get this error.
go get <remote github repo>#<latest commit id>
go: <remote github repo> 681dceefc81203e094872401c184d038090d6049 => v0.0.17-0.20200501212733-681dceefc812
go get: <remote github repo>#v0.0.17-0.20200501212733-681dceefc812/go.mod: verifying module: <remote github repo>#v0.0.17-0.20200501212733-681dceefc812/go.mod: reading https://sum.golang.org/lookup/<remote github repo>#v0.0.17-0.20200501212733-681dceefc812: 410 Gone
server response:
not found: <remote github repo>#v0.0.17-0.20200501212733-681dceefc812: invalid version: git fetch -f origin refs/heads/*:refs/heads/* refs/tags/*:refs/tags/* in /tmp/gopath/pkg/mod/cache/vcs/232ff028cb2fdebd254e30bfc612843483f0fe3fbeb18d5fc8fb4b20f21c9021: exit status 128:
fatal: could not read Username for 'https://github.com': terminal prompts disabled
Already tried ssh-keys and the solutions proposed here go get results in 'terminal prompts disabled' error for github private repo
But the error remains the same, when enabling env GIT_TERMINAL_PROMPT=1 nothing happens, I guess it's because WSL 2 doesn't have the permissions to do that. Anyway I also tried this tool https://github.com/microsoft/Git-Credential-Manager-for-Mac-and-Linux and by setting a variable for plain credentials store, it prompts in the terminal for credentials. But I'm using 2FA because it's required by the organization and the prompt only asks for username and password, so the authentication fails.
So I have to reach out to a mate who is using Mac. He is able to go get the dependency to affect go.mod, make a commit and push the change so I can pull it and continue from there. But of course this is not ideal, and he doesn't have any problem, he uses osxkeychain to manage his git credentials.
Anyone has faced this issue? or know how to solve it? Thank you so much in advance.
Go is not able to understand that certain modules are private and their checksum should not be validated against go's checksum library. The following error comes from that
verifying module: <remote github repo>#v0.0.17-0.20200501212733-681dceefc812/go.mod: reading https://sum.golang.org/lookup/<remote github repo>#v0.0.17-0.20200501212733-681dceefc812: 410 Gone
If possible use at least go 1.13 or, higher. Go had introduced an env variables by name GOPRIVATE, GONOPROXY and GONOSUMDB for managing private modules better. Simplest way to signal to Go that you are importing a private repo is to use GOPRIVATE. Set the pattern of private repos to GOPRIVATE env variable to suppress checksum validation and usage of GOPROXY. Example below avoids checksum for all repos in that hierarchy:
GOPRIVATE=github.com/<your org>/*
Check out answers here and here. You can also do go help module-private for help.
So, I recently made two big changes ... moved my code from bitbucket to github, and set up a pipeline on heroku with a new staging app (original app is now production).
I got a new github token and placed it into the auth.json file as was done with the previous bitbucket repo (it's a private repo). However, when I push to heroku to build the code with composer there, I cannot connect with the laravel spark repo.
Error:
Installing laravel/spark (v3.0.5): Downloading (failed) Failed to download laravel/spark
from dist: The "https://api.github.com/repos/laravel/spark/zipball/512af184c15d793c33328ff03313553ea6feacba"
file could not be downloaded (HTTP/1.1 404 Not Found)
Now trying to download from source
Installing laravel/spark (v3.0.5): Cloning 512af184c1
[RuntimeException]
Failed to execute git clone --no-checkout 'https://***:***#github.com/laravel/spark.git' '/tmp/build_9916d292e7eb72e0fbe34f47e3d9854c/vendor/laravel/spark' && cd '/tmp/build_9916d292e7eb72e0fbe34f47e3d9854c/vendor/laravel/spark' && git remote add composer 'https://***:***#github.com/laravel/spark.git' && git fetch composer
remote: Repository not found.
fatal: repository 'https://***:***#github.com/laravel/spark.git/' not found
What I have tried ...
Setting the github api token on heroku with
heroku config:set GITHUB_API_TOKEN=<token>
Setting the composer github token
composer config -g github-oauth.github.com <token>
I am connected to the Laravel Spark repo on github and when I run composer on my local machine I am not prompted for a spark token. Every other dependency that I have runs fine - I can change the auth.json and that is not the case, so I don't think this is a problem with lack of access to my github.
Does anyone know how Laravel - Spark checks to grant access and how we can check to see where we are going wrong? There should be a checklist of things that can be looked at if access is denied.
Any help is appreciated. Been stuck for almost a week. I really need some way to figure out how to connect to the Spark repo.
(Edit) Spark is a composer satis repo. I can't really find any info on how to prompt this type of repo to tell me why I can't clone it or how best to communicate with it.
(Edit 2) Also tried changing the git config to ensure that it had the right token. This should be overwritten by the files, but I tried it anyway.
git config github.accesstoken <token>
The response from the software providers is to use an alternative method and place the code under my source control so that composer is not trying to load it. I do not wish to do this for a number of reasons. Again, I need a way to clone the satis repo in composer.
Edit 3: I have also tried going to the URL of the repo and attempting to access one of the versions. This displays the same error as when you go to the URL in the error directly (it's the same URL).
{
"message": "Not Found",
"documentation_url": "https://developer.github.com/v3/repos/contents/#get-archive-link"
}
This seems to back up the belief that this is not a composer issue, but something to do with a github setting or spark setting.
Edit 4: It occurred to me that my problems started after upgrading to V6 and I am getting denied access to the spark repo containing versions 1-5 and version 6 is separate. I upgraded my spark version to 6 and had access to that repo. I then tried uploaded the code base to heroku that had version 6 but was denied access to the repo there.
I also tried ...
heroku config:set github_oauth=<token>
Edit 5: I noticed that the output from pushing to heroku included the phrase
NOTICE: Using $COMPOSER_GITHUB_OAUTH_TOKEN for GitHub OAuth.
In response, I found an article asserting that the oauth token should be set in the config portion of composer.json as ...
"config": {
"github-oauth": {
"github.com": "<token>"
}
}
I tried it, but it didn't work
So, it turns out there were several issues. The final big one was that for some reason, I had to delete my api personal token used for github access and create a new one with full privileges for everything. Once that was set up, I had access and was able to reduce the privileges to repo only.
https://github.com/ladybirdweb/agorainvoicing Use open source Agora Invoicing software. It has all the tools you need to start software selling business. It is build on Laravel framework and is very similar to Laravel Spark