Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Azure Devops Extension][Post-pulling docker image] Unable to clone repository due to authentication issue #1141

Closed
firasrg opened this issue May 31, 2024 · 1 comment
Closed

[Azure Devops Extension][Post-pulling docker image] Unable to clone repository due to authentication issue #1141

firasrg opened this issue May 31, 2024 · 1 comment

Comments

@firasrg
Copy link

firasrg commented May 31, 2024

Describe the bug
I don't understand why the cloning gets rejected while the PAT (personal access token) has full access to code and PRs? Knowing that image pulling works fine.

My source files
This is my .azuredevops/dependabot.yml :

version: 2
updates:
  - package-ecosystem: "npm"
    directory: "/"
    schedule:
      interval: "daily"

And the following is my pipeline file :

trigger: none

pool:
  name: <MySelfHostedAgentName>

steps:
  - task: dependabot@1
    inputs:
      authToken: <MyPAT>
      azureDevOpsAccessToken: <MyPAT>
      extraEnvironmentVariables: AZURE_ORGANIZATION=tfs/DefaultCollection

Expected behavior
Im expecting the clone-repo task to work properly without any issues !

Logs
The following is the log im getting on Azure Devops build :

##[section]Démarrage : dependabot
  ==============================================================================
Task         : Dependabot
Description  : Automatically update dependencies and vulnerabilities in your code
Version      : 1.28.708
Author       : Tingle Software
Help         : For help please visit https://github.com/tinglesoftware/dependabot-azure-devops
  ==============================================================================
  [command]/usr/bin/docker run --rm -i -e DEPENDABOT_PACKAGE_MANAGER=npm -e DEPENDABOT_OPEN_PULL_REQUESTS_LIMIT=5 -e DEPENDABOT_DIRECTORY=/ -e DEPENDABOT_FAIL_ON_EXCEPTION=true -e AZURE_ORGANIZATION=DefaultCollection -e AZURE_PROJECT=MY20%PROJECT -e AZURE_REPOSITORY=expo-starter-kit -e AZURE_ACCESS_TOKEN=mvtvk5icfdhkvjqfvr3kans6oonqfdp6ss2bccrincv3l6gk3btq -e AZURE_MERGE_STRATEGY=squash -e AZURE_HOSTNAME=tfs.myeditions.com -e AZURE_VIRTUAL_DIRECTORY=tfs -e AZURE_ORGANIZATION=tfs/DefaultCollection ghcr.io/tinglesoftware/dependabot-updater-npm:1.28 update_script
  Using 'https://tfs.myeditions.com:443/tfs/' as API endpoint
  Pull Requests shall be linked to milestone (work item) 0
  Working in tfs/DefaultCollection/MY20%PROJECT/_git/expo-starter-kit, 'default' branch under '/' directory
  Cloning repository into /home/dependabot/dependabot-updater/tmp/tfs/DefaultCollection/MY20%PROJECT/_git/expo-starter-kit
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/dependabot-common-0.253.0/lib/dependabot/file_fetchers/base.rb:175:in `rescue in clone_repo_contents': Cloning into '/home/dependabot/dependabot-updater/tmp/tfs/DefaultCollection/MY20%PROJECT/_git/expo-starter-kit'... (Dependabot::RepoNotFound)
fatal: Authentication failed for 'https://tfs.myeditions.com/tfs/DefaultCollection/MY20%PROJECT/_git/expo-starter-kit/'
  from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/dependabot-common-0.253.0/lib/dependabot/file_fetchers/base.rb:163:in `clone_repo_contents'
  from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11352/lib/types/private/methods/call_validation_2_7.rb:59:in `bind_call'
  from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11352/lib/types/private/methods/call_validation_2_7.rb:59:in `block in create_validator_method_fast0'
  from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/dependabot-npm_and_yarn-0.253.0/lib/dependabot/npm_and_yarn/file_fetcher.rb:50:in `clone_repo_contents'
  from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11352/lib/types/private/methods/call_validation.rb:270:in `bind_call'
  from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11352/lib/types/private/methods/call_validation.rb:270:in `validate_call'
  from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11352/lib/types/private/methods/_methods.rb:277:in `block in _on_method_added'
  from bin/update_script.rb:505:in `<main>'
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/dependabot-common-0.253.0/lib/dependabot/shared_helpers.rb:429:in `run_shell_command': Cloning into '/home/dependabot/dependabot-updater/tmp/tfs/DefaultCollection/MY20%PROJECT/_git/expo-starter-kit'... (Dependabot::SharedHelpers::HelperSubprocessFailed)
fatal: Authentication failed for 'https://tfs.myeditions.com/tfs/DefaultCollection/MY20%PROJECT/_git/expo-starter-kit/'
  from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11352/lib/types/private/methods/call_validation.rb:167:in `bind_call'
  from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11352/lib/types/private/methods/call_validation.rb:167:in `validate_call_skip_block_type'
  from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11352/lib/types/private/methods/call_validation.rb:109:in `block in create_validator_slow_skip_block_type'
  from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/dependabot-common-0.253.0/lib/dependabot/file_fetchers/base.rb:792:in `block in _clone_repo_contents'
  from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/dependabot-common-0.253.0/lib/dependabot/shared_helpers.rb:265:in `with_git_configured'
  from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11352/lib/types/private/methods/call_validation.rb:270:in `bind_call'
  from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11352/lib/types/private/methods/call_validation.rb:270:in `validate_call'
  from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11352/lib/types/private/methods/_methods.rb:277:in `block in _on_method_added'
  from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/dependabot-common-0.253.0/lib/dependabot/file_fetchers/base.rb:776:in `_clone_repo_contents'
  from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11352/lib/types/private/methods/call_validation.rb:270:in `bind_call'
  from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11352/lib/types/private/methods/call_validation.rb:270:in `validate_call'
  from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11352/lib/types/private/methods/_methods.rb:277:in `block in _on_method_added'
  from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/dependabot-common-0.253.0/lib/dependabot/file_fetchers/base.rb:165:in `clone_repo_contents'
  from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11352/lib/types/private/methods/call_validation_2_7.rb:59:in `bind_call'
  from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11352/lib/types/private/methods/call_validation_2_7.rb:59:in `block in create_validator_method_fast0'
  from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/dependabot-npm_and_yarn-0.253.0/lib/dependabot/npm_and_yarn/file_fetcher.rb:50:in `clone_repo_contents'
  from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11352/lib/types/private/methods/call_validation.rb:270:in `bind_call'
  from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11352/lib/types/private/methods/call_validation.rb:270:in `validate_call'
  from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11352/lib/types/private/methods/_methods.rb:277:in `block in _on_method_added'
  from bin/update_script.rb:505:in `<main>'
##[error]The process '/usr/bin/docker' failed with exit code 1
##[section]Finalisation : dependabot

Extension (please complete the following information):

  • Host: Azure Devops On-premise Server
  • Version Dev17.M153.5 (2019)

Additional context
I checked with our IT team about the issue, they can't find any solution to solve this issue. Pleas help
@firasrg firasrg changed the title [Azure Devops Extension][Post-pulling docker image] Unable to clone repository [Azure Devops Extension][Post-pulling docker image] Unable to clone repository due to authentication issue May 31, 2024
@mburumaxwell
Copy link
Contributor

@firasrg, your access token mvtvk5icfdhkvjqfvr3kans6oonqfdp6ss2bccrincv3l6gk3btq has been exposed. Remember to roll/regenerate/revoke it if you already haven't

Regarding the authentication issue, there seems to be an issue with TFS or Azure DevOps server according to #1034. We do not use either of the two so fixed related to that will have to be contributed by someone who uses the same since they have the ability and time to test. I will close this, lets track via the issue above.

@mburumaxwell mburumaxwell closed this as not planned Won't fix, can't repro, duplicate, stale Jun 8, 2024
@MonticolaExplorator MonticolaExplorator mentioned this issue Oct 30, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@mburumaxwell @firasrg