GitHub integration with accessToken failing

JonasHiltl / openchangelog

Easy to configure & self hostable Changelog Website

https://openchangelog.com

GNU Affero General Public License v3.0

154 stars 9 forks source link

GitHub integration with accessToken failing #22

Open lsanchez-v opened 3 weeks ago

lsanchez-v commented 3 weeks ago

Hi,

I'm trying to integrate openchangelog (running in a k8s cluster) with one of my company's GitHub repositories to read the CHANGELOG.md file on it, but I'm getting the following error from the pod:

superfluous response.WriteHeader call from github.com/jonashiltl/openchangelog/internal/handler/web.RegisterWebHandler.serveHTTP.func1 (routes.go:80)

I'm using the following config:

addr: 0.0.0.0:6001
page:
  title: testing title
  subtitle: This page lists all the data releases
  colorScheme: light
  logo:
    src: https://img.icons8.com/?size=100&id=89745&format=png&color=000000
    width: 70px
    height: 25px
    link: https://example.com
github:
  owner: mycompany
  repo: myrepo
  path: CHANGELOG.md
  auth:
    accessToken: ***

I'm also giving full "repo" and "project" permissions to the access token. Would that be enough?

Any idea what this error could mean? is there any way to enable a more detailed debugging mode?

Thanks.

JonasHiltl commented 3 weeks ago

@lsanchez-v Thanks for this report.

For me both fine-grained and classic tokens work with private repos. Sounds like you are using classic tokens, so you might try fine-grained (Beta) ones.

For fine-grained tokens Openchangelog only requires Contents & Metadata read-only permissions. For classic tokens Openchangelog requires the repo scope.

Unfortunately Openchangelog doesn't currently have a debug mode, but I want to add structured logging in the future.

lsanchez-v commented 3 weeks ago

Hi @JonasHiltl,

Thanks for your answer. I've just tried with a fine-grained token, but I'm getting the same error.

JonasHiltl commented 3 weeks ago

@lsanchez-v Are you using ghcr.io/jonashiltl/openchangelog:0.4.1? And are there any other logs or does the rendered html page show an error message?

lsanchez-v commented 3 weeks ago

@JonasHiltl yes indeed, I'm using the 0.4.1 version. Regarding the error, this is what I see:

500
Get "https://api.github.com/repos/my_org/repo_name/contents/CHANGELOG.md": net/http: TLS handshake timeout

JonasHiltl commented 3 weeks ago

@lsanchez-v looks like some certificate issue between GitHub and your Kubernetes environment since the TLS handshake is failing.

This doesn't look like an Openchangelog error.

Must be an issue from Go + Kubernetes + https request

lsanchez-v commented 3 weeks ago

@JonasHiltl That's what I thought, but I'm able to reach GitHub from a pod in the container: