Open usma0118 opened 5 years ago
I'm also getting this error; found in another thread that setting access rights for the build user could be a possible fix - sadly this did not work for me, but reposting below.
Give it the following rights:
I was able to workaround the issue by changing the project visibility from private to public.
Can anyone else confirm that the issue caused by the project visibility?
I have the same issue and setting access rights for build user does not fix the issue for me. I too could workaround by changing the project visibility from private to public and with that the issue disappeared and the pull request was generated. However, making the project as public is not really a viable option for our production Azure Devops project. Can someone please look into this issue?
I have the same issue with version 0.4.34 of the extension/0.25 nukeeper running on the windows-latest pipeline, checked the Build user permissions and are set correctly,
Log is quite empty...
....
Updates failed LibGit2SharpException : request failed with status code: 403
Attempted 1 updates and did 0
##[debug]task result: Succeeded
##[debug]Processed: ##vso[task.complete result=Succeeded;]done
I am having the same issue as @phatcher . I did also verify the build user permissions are set with the 3 permissions listed in the documentation. My repo is private and it is not an option to make it public
In case anyone else is having this issue the fix I found is from this site (https://developercommunity.visualstudio.com/content/problem/826481/systemaccesstoken-allows-reading-git-repository-wi.html)
"When the project-level setting Limit job authorization scope to current project is disabled the System.AccessToken refers to an app-level account that cannot be removed as reader of all repositories." - This is likely why it's not affecting public repositories and only private repos
Fix: Enable the project-level pipeline setting Limit job authorization scope to current project Make sure that the user [project] Build Service ([organisation]) is member of the organisation level group Project Collection Build Service Group (otherwise pipelines will not be fired because not able to access the orchestration plan)
Didn't need to change project visibility instead, assign the required permissions to two accounts named with the format:
The permissions are the same:
Guided by https://www.edvella.com/Post/46/Keep_your_solution_up_to_date_with_NuKeeper
Hope that helps someone.
Platform: AzureDevops Build setup as: https://nukeeper.com/platform/azure-devops/#extension
Build Agent: Hosted 2017
Failure on: Git push to origin/nukeeper-update-AutoMapper-to-8.1.1 Updates failed LibGit2SharpException : request failed with status code: 403
Logb__0() in /home/vsts/work/r1/a/drop/NuKeeper.Git/LibGit2SharpDriver.cs:line 189
at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state)
--- End of stack trace from previous location where exception was thrown ---
at System.Threading.Tasks.Task.ExecuteWithThreadLocal(Task& currentTaskSlot)
--- End of stack trace from previous location where exception was thrown ---
at NuKeeper.Engine.Packages.PackageUpdater.MakeUpdatePullRequests(IGitDriver git, RepositoryData repository, NuGetSources sources, SettingsContainer settings, IReadOnlyCollection
Git commit with message '📦 Automatic update of AutoMapper to 8.1.1' Git push to origin/nukeeper-update-AutoMapper-to-8.1.1 Updates failed LibGit2SharpException : request failed with status code: 403 at LibGit2Sharp.Core.Ensure.HandleError(Int32 result) at LibGit2Sharp.Core.Proxy.git_remote_push(RemoteHandle remote, IEnumerable
1 refSpecs, GitPushOptions opts) at LibGit2Sharp.Network.Push(Remote remote, IEnumerable1 pushRefSpecs, PushOptions pushOptions) at LibGit2Sharp.Network.Push(IEnumerable
1 branches, PushOptions pushOptions) at NuKeeper.Git.LibGit2SharpDriver.<>c__DisplayClass17_0.1 updates) in /home/vsts/work/r1/a/drop/NuKeeper/Engine/Packages/PackageUpdater.cs:line 85 at NuKeeper.Engine.Packages.PackageUpdater.MakeUpdatePullRequests(IGitDriver git, RepositoryData repository, IReadOnlyCollection
1 updates, NuGetSources sources, SettingsContainer settings) in /home/vsts/work/r1/a/drop/NuKeeper/Engine/Packages/PackageUpdater.cs:line 46`