Occasionally the first upload of artifacts during a GitLab pipeline fail.
I'm getting the following error message in the logs:
2019-08-01 13:43:14,149 [http-nio-8082-exec-187] [ERROR]
(o.j.s.b.p.t.FilePersistenceHelper:87) - Failed moving
'path_to_artifactory\filestore_pre\dbRecord123.bin' to
'path_to_artifactory\filestore\5e\5ecc5f719b4442b9b04f9010646d34917aca8ca2'.
Access to file denied null 2019-08-01 13:43:14,149
[http-nio-8082-exec-187] [ERROR] (o.a.w.s.RepoFilter :251) - Upload
request of products-stage-qa:file_to_upload failed due to {}
java.nio.file.AccessDeniedException: Failed to persist file with sha1:
5ecc5f719b4442b9b04f9010646d34917aca8ca2
This seems to happen only during builds, but not during other uploads directly by a user.
It doesn't happen all the time, and only on first tries. But I haven't found any logic when the first try fails or succeeds. It doesn't seem to have anything to do with file types or the like. I can't really determine if it has anything to do with network speeds though since I only have access to part of the infrastructure.
I found an open ticket with the same error message, but only for Conan and for us it only happens with ivy repositories
We are using Artifactory 6.9.1 and GitLab 12.0.3 starter
This looks to be a permission issue. You are getting an error message that states that the move failed due to "Access to file denied".
You can try to log in to the server using the "artifactory" user and manually move the file called "path_to_artifactory\filestore_pre\dbRecord123.bin" to "path_to_artifactory\filestore\5e\5ecc5f719b4442b9b04f9010646d34917aca8ca2" and see if you have any issues with this. To log in to the server with the "artifactory" user you can use the command "sudo -s -u artifactory".
You will also need to make sure that all filestore and its subdirectories are owned by the "artifactory" user and have the correct permissions.
Hope this helps.
Related
Much like this thread: Publishing and Consuming GitHub Package Repository with NuGet: Unable to load the service index error
I have the csproj correct, the nuget.config correct (same as in that thread, but for my username), and following the answer where the token has all the rights, and I do the dotnet nuget add source, and the dotnet nuget push (same formatting/syntax).
However, I always always get this:
warn: <username> does not have the correct permissions to execute 'CreatePackageVersion'
Forbidden https://nuget.pkg.github.com/(username)/ 687ms
error: Response status code does not indicate success: 403 (Forbidden).
I've tried with/without the -k (git token) in the dotnet nuget push, no effect. The --interactive that it recommends, doesn't change anything.
I'm running this in a standard command line in the \bin\Release\netstandard2.0\publish directory, after having published to that folder.
Did already restart computer even after adding appropriate csproj and nuget.config data. Also tried doing #username and username (my username with and without an at sign, since all docs have no actual username examples, many blackened out).
(I do want it to be public readable, already added source .../(username)/index.json).
Check the RepositoryUrl in your csproj. It should match the repository you're uploading packages to. You may also need to set PublishRepositoryUrl.
I'm running a deployment using Gitlab CI
I keep getting this error.
secret/review-swagger-rn2vs9-secret replaced
No helm values file found at '.gitlab/auto-deploy-values.yaml'
Deploying new stable release...
UPGRADE FAILED
Error: "review-swagger-rn2vs9" has no deployed releases
ROLLING BACKError: timed out waiting for the condition
Uploading artifacts...
00:01
WARNING: environment_url.txt: no matching files
WARNING: tiller.log: no matching files
ERROR: No files to upload
ERROR: Job failed: exit code 1
any idea why?
Review your Cluster credentials.
delete the token
recreate a token or more likly try to use the "default" token.
recreate the whole Gitlab <-> Kubernetes connection
try the connection not at project level, try it on group or root level (this was my issue) on Gitlab
I was trying to showcase binary authorization to my client as POC. During the deployment, it is failing with the following error message:
pods "hello-app-6589454ddd-wlkbg" is forbidden: image policy webhook backend denied one or more images: Denied by cluster admission rule for us-central1.staging-cluster. Denied by Attestor. Image gcr.io//hello-app:e1479a4 denied by projects//attestors/vulnz-attestor: Attestor cannot attest to an image deployed by tag
I have adhered all steps mentioned in the site.
I have verified the image repeatedly for few occurances, for example using below command to force fully make the attestation:
gcloud alpha container binauthz attestations sign-and-create --project "projectxyz" --artifact-url "gcr.io/projectxyz/hello-app#sha256:82f1887cf5e1ff80ee67f4a820703130b7d533f43fe4b7a2b6b32ec430ddd699" --attestor "vulnz-attestor" --attestor-project "projectxyz" --keyversion "1" --keyversion-key "vulnz-signer" --keyversion-location "us-central1" --keyversion-keyring "binauthz" --keyversion-project "projectxyz"
It throws error as:
ERROR: (gcloud.alpha.container.binauthz.attestations.sign-and-create) Resource in project [project xyz] is the subject of a conflict: occurrence ID "c5f03cc3-3829-44cc-ae38-2b2b3967ba61" already exists in project "projectxyz"
So when I verify, I found the attestion present:
gcloud beta container binauthz attestations list --artifact-url "gcr.io/projectxyz/hello-app#sha256:82f1887cf5e1ff80ee67f4a820703130b7d533f43fe4b7a2b6b32ec430ddd699" --attestor "vulnz-attestor" --attestor-project "projectxyz" --format json | jq '.[0].kind' \
> | grep 'ATTESTATION'
"ATTESTATION"
Here are the screen shots:
Any feedback please?
Thanks in advance.
Thank you for trying Binary Authorization. I just updated the Binary Authorization Solution, which you might find helpful.
A few things I noticed along the way:
... denied by projects//attestors/vulnz-attestor:
There should be a project ID in between projects and attestors, like:
projects/my-project/attestors/vulnz-attestor
Similarly, your gcr.io links should include that same project ID, for example:
gcr.io//hello-app:e1479a4
should be
gcr.io/my-project/hello-app:e1479a4
If you followed a tutorial, it likely asked you to set a variable like $PROJECT_ID, but you may have accidentally unset it or ran the command in a different terminal session.
After pointed to another repository problem solved, but before that you were having problems and there could be many reasons. please contact support with error message if you are having the same problem.
After a successful "bitbake core-image-sato" build, i moved the downloads folder to my private repository, and then deleted downloads the folder and fetched it from my private repository.
I added BB_NO_NETWORK = "1" in local.conf, and when I tried to do "bitbake core-image-sato" it fails.
NOTE: Executing RunQueue Tasks
ERROR: gnu-config-native-20150728+gitAUTOINC+b576fa87c1-r0 do_fetch: Network access disabled through BB_NO_NETWORK (or set indirectly due to use of BB_FETCH_PREMIRRORONLY) but access requested with command LANG=C git -c core.fsyncobjectfiles=0 fetch -f --prune --progress git://git.savannah.gnu.org/config.git refs/*:refs/* (for url git://git.savannah.gnu.org/config.git)
ERROR: gnu-config-native-20150728+gitAUTOINC+b576fa87c1-r0 do_fetch: Function failed: base_do_fetch
ERROR: Logfile of failure stored in: /home/jamal/test/new_repot/build/tmp/work/x86_64-linux/gnu-config-native/20150728+gitAUTOINC+b576fa87c1-r0/temp/log.do_fetch.29816
ERROR: Task (virtual:native:/home/jamal/test/new_repot/sources/poky/meta/recipes-devtools/gnu-config/gnu-config_git.bb:do_fetch) failed with exit code '1'
It is trying to fetch the source code again, from network, as network access is disabled it fails.
Can you guys please help me in resolving this problem. Thanks for your time and patience.
The problem is missing BB_GENERATE_MIRROR_TARBALLS = "1" in local.conf. Tarballs from git repositories are automatically not created due to performance reasons, see the manual. Setting that variable enables creating of the tarballs, so they can be used later on and git server don't need to be contacted.
(Please see comments for the question for more information, we discussed the solution there. Thanks to #md.jamal for testing it.)
When configuring JRebel on my remote server (JBoss on linux) I have configured the JVM arg as
-javaagent:/home/user/jrebel.jar" -Drebel.remoting_plugin=true
The jrebel.jar is absolutely definitely in that location, yet the server fails to start with the error:
Error opening zip
file or JAR manifest missing : /home/user/jrebel.jar Error occurred
during initialization of VM agent library failed to init: instrument
So the arg is oviously being passed to the JVM correctly, but for the life of me I can't work out why it can't find the jar. I've been through every Zero Turnaround article I can find + looked at the solutions that have resolved it for other people, but no luck. Any ideas?
Turned out to be a permissions problem - the JBoss user didn't have the permissions to access the directory that I had placed jrebel.jar into.
Would have been nice to have a more meaningfull error - e.g. 'permissions denied'. Shows my lack of Linux knowledge though I guess.
After the jar was moved to a directory within the JBoss installation + the jar owner was changed to the JBoss user and Read/Write/Execute permissions added, all is well.
Yes , the permission is the reason that this error happens to me when I tried to open PHPSTORM and that error was :
Error opening zip file or JAR manifest missing : ${JetbrainsIdesCrackPath}
Error occurred during initialization of VM
agent library failed to init: instrument
so before running PHPSTORM I had to run the command : sudo -i to get the root permission to run the program.