I'm trying to set http.extraheader to get credentials into a Azure Devops pipeline, by setting http.extraheader="AUTHORIZATION: bearer $ENV{System_AccessToken}". Consider the following snippet:
# For CI we need to set the AUTHORIZATION for git clones
if(DEFINED ENV{System_AccessToken})
set(GIT_CONFIG_EXTRA_HEADER "AUTHORIZATION: bearer $ENV{System_AccessToken}" CACHE STRING "")
endif()
# Fetch the toolbox
include(FetchContent)
FetchContent_Declare(toolbox
GIT_REPOSITORY https://repo/toolbox
GIT_CONFIG http.extraheader=${GIT_CONFIG_EXTRA_HEADER}
)
This works on Windows, but on Linux I get the following error:
[1/9] Creating directories for 'toolbox-populate'
[1/9] Performing download step (git clone) for 'toolbox-populate'
Cloning into 'toolbox-src'...
error: key does not contain a section: AUTHORIZATION:
fatal: unable to write parameters to config file
So, in essence the string in ${GIT_CONFIG_EXTRA_HEADER} is not quoted correctly I guess, but I cannot figure out what to do.
Looks like a bug in CMake. I filed an issue.
Related
Much like this thread: Publishing and Consuming GitHub Package Repository with NuGet: Unable to load the service index error
I have the csproj correct, the nuget.config correct (same as in that thread, but for my username), and following the answer where the token has all the rights, and I do the dotnet nuget add source, and the dotnet nuget push (same formatting/syntax).
However, I always always get this:
warn: <username> does not have the correct permissions to execute 'CreatePackageVersion'
Forbidden https://nuget.pkg.github.com/(username)/ 687ms
error: Response status code does not indicate success: 403 (Forbidden).
I've tried with/without the -k (git token) in the dotnet nuget push, no effect. The --interactive that it recommends, doesn't change anything.
I'm running this in a standard command line in the \bin\Release\netstandard2.0\publish directory, after having published to that folder.
Did already restart computer even after adding appropriate csproj and nuget.config data. Also tried doing #username and username (my username with and without an at sign, since all docs have no actual username examples, many blackened out).
(I do want it to be public readable, already added source .../(username)/index.json).
Check the RepositoryUrl in your csproj. It should match the repository you're uploading packages to. You may also need to set PublishRepositoryUrl.
The Azure DevOps pipeline has this variable:
Name: pat
Value: Git repo authentication token
The pipeline has a Bash script task. It is set to filepath. Filepath is set to script.sh. script.sh begins with:
git clone https://username:$(PAT)#dev.azure.com/company/project/_git/repo-name
Errors in pipeline logs:
PAT: command not found
Cloning into 'repo-name'...
fatal: Authentication failed for 'https://dev.azure.com/healthcatalyst/CAP/_git/docs-template/'
To validate that the authentication token and repo URL are accurate, I can verify this works when run as inline code:
git clone https://username:$(pat)#dev.azure.com/company/project/_git/repo-name
script.sh file is in repo-name.
However, environment variables work. Both of the following return the accurate value within the script. Note that one has no quotes and the other does.
echo $BUILD_REPOSITORY_NAME
repo-name
echo "$BUILD_REPOSITORY_NAME"
repo-name
Based on documentation I've seen (I am having difficulty with Microsoft's docs because I am not using a YAML file), I've tried unsuccessfully:
$pat
$PAT
$(PAT)
"$(PAT)"
gitToken=<backtick - Markdown is not allowing me to show a backtick here>echo $PAT<backtick>
Does anyone know what I'm doing wrong? Thank you for any tips.
Is your PAT variable a secret variable ?
If so, then it's not directly accessible in script files
As you can see in the documentation: https://learn.microsoft.com/en-us/azure/devops/pipelines/process/variables?view=azure-devops&tabs=yaml%2Cbatch#secret-variables
Unlike a normal variable, they are not automatically decrypted into environment variables for scripts. You need to explicitly map secret variables.
Example:
...
env:
MY_MAPPED_ENV_VAR: $(mySecret) # the recommended way to map to an env variable
Or if you are using the visual editor, like that:
Use System.AccessToken instead of personal PAT:
git clone https://$SYSTEM_ACCESSTOKEN#dev.azure.com/company/project/_git/repo-name
To enable $SYSTEM_ACCESSTOKEN: go to release page in ADO > Tasks > Agent job > check Allow scripts to access the OAuth token
I am using Git on Linux.
I followed this to create a Personal Access Token but forgot to save it.
Therefore, when I was asked to enter the "password" again, I deleted the old PAT and created a new PAT. For some reason, the new token is rejected and I get
fatal: Authentication failed for 'https://github.com/username/***.git/'
When I look at the tokens page on github, this token says it was never used. What might be the issue here?
The issue might be with your current credential helper.
Type git config credential.helper to see which one is used.
Type:
printf "protocol=https\nhost=github.com"|git-credential-xxx erase
(Replace xxx by the credential helper name from the first command output)
That will clear out the cached credentials for https://github.com.
Then try again a git push, and see if it asks you for your credentials: enter your new PAT as password.
If you don't have a credential helper, I suggest installing microsoft/Git-Credential-Manager-Core (there is a Linux package).
Add a credential store, and you are set.
After discussion:
there was no credential helper
this is a personnal account (not a technical service one, used by multiple users)
the issue was with pasting the token
I would therefore use a store credential caching:
git config --global credential.helper 'store --file /home/<user>/.my-credentials
Then:
git ls-remote https://github.com/<user>/<repo>
That will trigger the prompt for your username and token.
Edit /home/<user>/.my-credentials and make sure the right token is in it.
Alternatively,
git config --global credential.helper 'store --file /home/<user>/.my-credentials'
and then:
git ls-remote https://<user>:<token>#github.com/<user>/<repo>
has worked.
I had to delete my token and create a new one and it worked for me
What is the right sintaxis for running git clone command on an Azure function powershell 7.0?
Im trying with: git clone <repo https>
and also adding the path at the end git clone <repo https> /.
i get the following error message:
`Command 'starter.cmd git clone https ...' was aborted due to no output nor CPU activity for 60 seconds. You can increase the SCM_COMMAND_IDLE_TIMEOUT app setting (or WEBJOBS_IDLE_TIMEOUT if this is a WebJob) if needed.`
*Update:
Also tried with git clone https://username:password#github.com/username/repository.git
Cloning into ''...
fatal: unable to access 'https://github.com//.git/': URL using bad/illegal format or missing URL
I have'nt found any documenation on this... is it even possible?
I'd first ask what you're trying to achieve by doing this as it's a bit of an odd scenario and there may be a better way of cloning a repo as part of a pipeline and publishing the content with your Function.
If you really must go this route I would look at downloading the repo/branch content with Invoke-RestMethod/Invoke-WebRequest instead and unpacking to the underlying directory structure.
Invoke-WebRequest -Uri 'https://github.com/$owner/$repo/archive/$branch.zip' -OutFile '$repo.zip'
or using the .NET approach like Matthias pointed out in this response:
https://stackoverflow.com/a/48547954/12040634
I have a GitLab project which is set up as follows:
myserver.com/SuperGroup/SubGroup/SubGroupProject
The tree of the following project is a top-level txt file and a txt file within a directory. I get the tree from the GitLab API with:
myserver.com/api/v4/projects/1/repository/tree?recursive=true
[{"id":"aba61143388f605d3fe9de9033ecb4575e4d9b69","name":"myDirectory","type":"tree","path":"myDirectory","mode":"040000"},{"id":"0e3a2b246ab92abac101d0eb2e96b57e2d24915d","name":"1stLevelFile.txt","type":"blob","path":"myDirectory/1stLevelFile.txt","mode":"100644"},{"id":"3501682ba833c3e50addab55e42488e98200b323","name":"top_level.txt","type":"blob","path":"top_level.txt","mode":"100644"}]
If I request the contents for top_level.txt they are returned without any issue via:
myserver.com/api/v4/projects/1/repository/files/top_level.txt?ref=master
However I am unable to access myDirectory/1stLevelFile.txt with any API call I try. E.g.:
myserver.com/api/v4/projects/1/repository/files/"myDirectory%2F1stLevelFile.txt"?ref=master
and,
myserver.com/api/v4/projects/1/repository/files/"myDirectory%2F1stLevelFile%2Etxt"?ref=master
Results in:
Not Found The requested URL /api/v4/projects/1/repository/files/myDirectory/1stLevelFile.txt was not found on this server.
Apache/2.4.25 (Debian) Server at myserver.com Port 443
myserver.com/api/v4/projects/1/repository/files/"myDirectory/1stLevelFile.txt"?ref=master and,
myserver.com/api/v4/projects/1/repository/files?ref=master&path=myDirectory%2F1stLevelFile.txt
Results in:
error "404 Not Found"
The versions of the components are:
GitLab 10.6.3-ee
GitLab Shell 6.0.4
GitLab Workhorse v4.0.0
GitLab API v4
Ruby 2.3.6p384
Rails 4.2.10
postgresql 9.6.8
According to my research there was a similar bug which was fixed with the 10.0.0 update.
I also added my ssh-key although I doubt it has any effect, following this advice with the same issue in php.
Solution:
I eventually solved it by adjusting the apache installed on the server.
Just follow these instructions: https://gitlab.com/gitlab-org/gitlab-ce/issues/35079#note_76374269
According to your code, I will go thinking you use curl.
If it is the case, why are you adding double quotes to your file path ?
The doc do not contains it.
Can you test it like that please ?
curl --request GET --header 'PRIVATE-TOKEN: XXXXXXXXX' myserver.com/api/v4/projects/1/repository/files/myDirectory%2F1stLevelFile%2Etxt?ref=master