Since monday, I'm not able to use the lint CI API from gitlab, which is documented here https://docs.gitlab.com/ee/api/lint.html#validate-the-ci-yaml-configuration
I'm working on a self hosted gitlab, and we updated gitlab to the last version (13.8.4).
I've noticed that the documentation has changed between 13.8 and 13.9, they mentioned
Access to this endpoint requires authentication.
So I tried to generate a personal access token with full access (I'm admin), but I still get a 401.
Here is my try :
$ curl --header "Content-Type: application/json" --header "PRIVATE-TOKEN: P3r50Na1t0k3N" "https://my-domain.artips.fr/api/v4/ci/lint" --data '{"content": "{ \"image\": \"ruby:2.6\", \"services\": [\"postgres\"], \"before_script\": [\"bundle install\", \"bundle exec rake db:create\"], \"variables\": {\"DB_NAME\": \"postgres\"}, \"types\": [\"test\", \"deploy\", \"notify\"], \"rspec\": { \"script\": \"rake spec\", \"tags\": [\"ruby\", \"postgres\"], \"only\": [\"branches\"]}}"}'
# Result : {"message":"401 Unauthorized"}
# Other try
$ curl -X POST --header "Content-Type: application/json" --header "PRIVATE-TOKEN: P3r50Na1t0k3N" "https:///my-domain.artips.fr/api/v4/ci/lint" --data '{"content": "{ \"image\": \"ruby:2.6\", \"services\": [\"postgres\"], \"before_script\": [\"bundle install\", \"bundle exec rake db:create\"], \"variables\": {\"DB_NAME\": \"postgres\"}, \"types\": [\"test\", \"deploy\", \"notify\"], \"rspec\": { \"script\": \"rake spec\", \"tags\": [\"ruby\", \"postgres\"], \"only\": [\"branches\"]}}"}'
# same result: {"message":"401 Unauthorized"}
Has anyone run into the same problem ?
Thanks in advance
Takeshi
There is an ongoing issue regarding the CI Lint API endpoint. It seems that authentication for this endpoint doesn't work when "signing up" is disabled on on-premise Gitlab instance. I guess the issue will be fixed in future releases.
The user token's scope must grant read/write permission to yout gitlab instance's API (as you may see in the picture). The user hasn't to be admin.
import requests
import urllib.parse
from requests.auth import HTTPBasicAuth
url = 'https://gitlab.example.com/'
api = urllib.parse.urljoin(url, '/api/v4/projects')
private_token = 'xxx'
params = dict(private_token=private_token)
auth = HTTPBasicAuth('username', 'password') # username and password, different from login account, generally provided from ops
response = requests.get(api, params, auth=auth)
print(response)
print(response.json())
Related
Any chance that I can get this OAUTH system to let me login with curl?
When I make the following call with curl, I keep getting the error message bellow and can't get passed it.
curl -X POST -H "Content-Type: application/x-www-form-urlencoded" -d "grant_type=authorization_code&response_type=code&client_id=xxx_id_xxx&client_secret=xxx_secret_xxx&redirect_uri=https://www.anaf.ro" "https://logincert.anaf.ro/anaf-oauth2/v1/authorize"
{
"error":"invalid_client",
"error_description":"The client app does not support implicit grant"
}
Thanks,
Chris
I have a large number of GitHub repositories that have been sorted into various organizations. I wish to change the visibility of the repos by batch to public using the following API call:
curl -u {user}:{pat} -H "Accept: application/vnd.github.v3+json" -X PATCH https://api.github.com/repos/{user}/angular.powershifter -d '{"private":false}'
Which as best as I can tell is the API call (see github docs). The {user] and {pat} in the sample above are real values, and the {pat} has every option selected. The {user} is both the owner of the repo and the organization.
What I get in response is is a 404 with the following body.
{
"message": "Not Found",
"documentation_url": "https://docs.github.com/rest/reference/repos#update-a-repository"
}
Is it possible to set the properties of repositories under an organization using the API?
What is the API call?
Bonus points if you can point me to the documentation!
Thanks.
Use Bearer Token based authentication. Github is deprecating password based authentications.
curl \
-H 'Authorization: Bearer ${GITHUB-TOKEN}' \
-X PATCH \
-H "Accept: application/vnd.github.v3+json" \
https://api.github.com/repos/${OWNER}/${repo} \
-d '{"private":"false"}'
Link for the github documentation
https://docs.github.com/en/free-pro-team#latest/rest/overview/other-authentication-methods
Yes it is possible.
I've had some issues with this too.
Short answer use bearer token (As #shek said), and change false to "false":
curl -v -H "Authorization: Bearer ${GITHUB_TOKEN}"
-X PATCH https://api.github.com/repos/${ORGANIZATION}/${REPO}
-H "Accept: application/vnd.github.v3+json" -d '{"private": "false"}';
Notice that your token has full control of private repositories when creating the token:
full control of private repositories image
The link is quite confusing, because if for example you need to get all the repositories from GitHub you'll have to use:
https://api.github.com/orgs/${ORGANIZATION}/repos?${parameters}
Also when you need to change permissions you'll need to use:
https://api.github.com/orgs/${ORGANIZATION}/teams/${TEAM}/repos/${ORGANIZATION}/${REPO}
(Notice the orgs, which is missing in the PATCH command).
GitHub repositories documentation:
https://docs.github.com/en/rest/reference/repos#update-a-repository
GitHub auth methods (From #shek):
https://docs.github.com/en/free-pro-team#latest/rest/overview/other-authentication-methods
I have created a IBM cloud Object storage service and i have created objects i.e image files in it.
I am looking for the steps to access the images as public URLs. I did some initial research and found there are cURL commands using swift Client to do this.
Reference links
How to access files in container in Object Storage Service in Bluemix? AND
Public URLs For Objects In Bluemix Object Storage Service
from the above links, it says the following steps
Set up the swift CLI . Can you link me the steps to set up Swift CLI ? ( the link in the reference link dosen't work anymore ).
2.Change the container ACL to read with following PUT request
curl -X PUT "https://dal.objectstorage.open.softlayer.com/v1/AUTH_123/mycontainer" \
-H "X-Auth-Token: token123" \
-H "X-Container-Read: .r:*"
But i am not sure what to input on X-Auth-Token header ? i have the following information from the service credentials of COS.
{
"apikey": "X7aDm6yu123123hXwqvq1231232HgOtIGeZiAOEg",
"endpoints": "https://cos-service.bluemix.net/endpoints",
"iam_apikey_description": "Auto generated apikey during resource-key operation for Instance - crn:v1:bluemix:public:cloud-object-storage:global:a/f9aabca54c702be8386b2a3f9815b4e4:d145a33e-e8b1-446f-a87d-69431eaec0b1::",
"iam_apikey_name": "auto-generated-apikey-bed16ed5-1373-47bc-b268-5e0f521bc802",
"iam_role_crn": "crn:v1:bluemix:public:iam::::serviceRole:Writer",
"iam_serviceid_crn": "crn:v1:bluemix:public:iam-identity::a/f9aabca54c702be8386b2a3f9815b4e4::serviceid:ServiceId-36c373a0-4bb9-4316-bc4b-86ea4c98dcd7",
"resource_instance_id": "crn:v1:bluemix:public:cloud-object-storage:global:a/f9aabca54c702be8386b2a3f9815b4e4:d145a33e-e8b1-446f-a87d-69431eaec0b1::"
}
Any help would be really appreciated. Thanks
The bearer token is from IAM.
https://console.bluemix.net/docs/services/cloud-object-storage/getting-started-cli.html#gather-key-information
See this doc on generating pre-signed urls (temporary).
https://console.bluemix.net/docs/services/cloud-object-storage/api-reference/api-reference-objects.html#object-operations
To do a one-off request like that, you can get oauth tokens from the command line using ibmcloud iam oauth-tokens. To specifically get an IAM Token, I use:
export IAM_TOKEN=`ibmcloud iam oauth-tokens | head -n 1 | awk ' {print $4} '`
Then follow that up with your cURL command:
curl -H "Authorization: Bearer $IAM_TOKEN" ...
An application should request tokens based on the apiKey as mentioned.
curl -X POST -H "Content-Type: application/x-www-form-urlencoded" -H "Cache-Control: no-cache" -d 'apikey=<your api key here>&grant_type=urn:ibm:params:oauth:grant-type:apikey' "https://iam.bluemix.net/identity/token"
Here's an example using NPM's request-promise:
const response = await rp({
url: 'https://iam.bluemix.net/identity/token',
headers: {
'Content-Type': 'application/x-www-form-urlencoded',
},
method: "POST",
body: `apikey=${apiKey}&grant_type=urn%3Aibm%3Aparams%3Aoauth%3Agrant-type%3Aapikey`,
json: true
});
const token = response.access_token;
I just created a qna knowledge base but i'm finding it difficult to consume the endpoint api. I have actually done this before Microsoft changed the endpoint configuration features. please find below my test credentials
POST /knowledgebases/6a523867-3606-480e-9179-bd7e06df4b4d/generateAnswer
Host: https://kb12.azurewebsites.net/qnamaker
Authorization: EndpointKey 604c416d-ef24-402d-b889-cbbb4c16a396
Content-Type: application/json
{"question":"hi"}
i used `Ocp-Apim-Subscription-Key: 604c416d-ef24-402d-b889-cbbb4c16a396 but i keep getting 502 error
.
keep getting 502 error
I do a test using fiddler and can reproduce same issue, to solve the issue, you can go Tools > Options > HTTPS to make tls1.2 allowable.
Test result:
Curl example that works for me -
replace xxxx..., yyyy...., and myazureresourcename with your own values shown on the publish page.
curl \
--header "Content-type: application/json" \
--header "Authorization: EndpointKey xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" \
--request POST \
--data '{"question":"what is my endpoint?"}' \
https://myazureresourcename.azurewebsites.net/qnamaker/knowledgebases/yyyyyyyy-yyyy-yyyy-yyyy-yyyyyyyyyyyy/generateAnswer
I am making a request to the below URL-
Post https://api.github.com/repos/kvimal/2048/issues
With my Token as a header for authorization.
The Curl Request
curl -i -X POST https://api.github.com/repos/kvimal/2048/issues -d "{title:'hey'}" -H "Authorization: Bearer xxxxxxxxxxxxxxxxxx" -H "Content-Type: application/json"
And GitHub sends a response 404 Not found. I have reade the Documentation and as far as i have observed i am doing it by the github standards. Can anyone Help with this issues?
As illustrated in this python script, the header should be using 'token' not Bearer'
headers = {
'Content-Type':'application/json',
'Authorization': 'token %s' % token,
}
(That script doesn't use curl, but give an idea of the header)
For curl queries, see this curl POST tutorial:
curl -H "Authorization: token OAUTH-TOKEN"
And the POST message must be complete as well (as in this python script)
issue = {'title': title,
'body': body,
'assignee': assignee,
'milestone': milestone,
'labels': labels}
# Add the issue to our repository
r = session.post(url, json=issue)
(again, not curl, but gives you an example of the body)
Go to "Edit personal access token" page, checkout the "Select scopes" session.
Make sure the token has been granted required access right.
I encountered similar case when trying to create public repo with 'Authorization: token ...' header.