search

OpenAPITools / openapi-generator-cli

A node package wrapper for https://github.com/OpenAPITools/openapi-generator
Apache License 2.0
1.45k stars 153 forks source link

[BUG] Validate command not working (403 Unauthorized) #802

Closed Maxeh closed 1 month ago

Maxeh commented 1 month ago

The command openapi-generator-cli validate -i filename.yamlstopped working an hour ago, and the following error is displayed:

Unable to query repository, because of: "Request failed with status code 403"

Response:
content-type text/html
transfer-encoding chunked
connection keep-alive
last-modified Thu, 29 Jun 2023 21:58:13 GMT
x-amz-server-side-encryption AES256
x-amz-version-id U3ZaZTaKrLRBrWo55miiffLOU8l1yB4b
server AmazonS3
date Tue, 17 Sep 2024 06:47:56 GMT
etag W/"0c112f990610ec889ab9033dda471ae0"
vary Accept-Encoding
x-cache Error from cloudfront
via 1.1 6b15a9d1514a5645abfd43cbf330ce48.cloudfront.net (CloudFront)
x-amz-cf-pop FRA56-P9
x-amz-cf-id 60XqRN0wkS6nQwW4QWbMeWILAKb8Q4SXLsZcRy2h68jys8oJsl6TFw==
age 55025
x-xss-protection 1; mode=block
x-frame-options SAMEORIGIN
referrer-policy strict-origin-when-cross-origin
x-content-type-options nosniff
strict-transport-security max-age=31536000

It seems the program tries to create the "openapitools.json" by downloading it from a S3 bucket which fails due to 403 ? If I create the file manually, the command works.

alexturek commented 1 month ago

I've been seeing this in CI builds (Github Actions) and locally as well. The fastest way to repro it I've found is running this command repeatedly

openapi-generator-cli version-manager set 7.8.0

It seems to fail more often on Github Actions than locally, but that might just be random luck.

I get two flavors of errors

Most common:

Unable to query repository, because of: "Request failed with status code 403"

Have seen this one twice:

Unable to query repository, because of: "Request failed with status code 502"
nerumo commented 1 month ago

Which project is responsible for the jar hosting? this one? Just that we contact the right people about it...

disrael-globality commented 1 month ago

It was working until a couple hours ago, now I consistently get the error:

Unable to query repository, because of: "Request failed with status code 403"

unlike @alexturek, I have not been able to get this to work over repeated attempts.

bhaq-tri commented 1 month ago

Reporting the same error locally and on my CI/CD pipelines:

$ openapi-generator-cli version                   
Unable to query repository, because of: "Request failed with status code 403"
ChristopherJMiller commented 1 month ago

Getting this as well when running generate commands in my pipelines. Anyone aware of a workaround?

disrael-globality commented 1 month ago

Checking the source, it looks like this is coming when trying to connect to search.maven.org. And it looks like there have been several outages of this today. https://status.maven.org/

collinsauve commented 1 month ago

We hit this today too. Could be due to the above outages, or perhaps Maven has started rate-limiting our hosted CI IPs: Maven Central and the tragedy of the commons.

Wondering how many organisations that are experiencing this are only seeing this from a third-party hosted CI system? We use CircleCI.

bsod90 commented 1 month ago

I'm getting this even on my home network (Comcast) Has anyone found a workaround yet? VPN?

disrael-globality commented 1 month ago

Interestingly enough, I'm getting when on VPN to office, but when I get off VPN, it works.

epsilonlessthanzero commented 1 month ago

We're also running into this with our AWS CI Pipelines. The affected commands work fine on my local machine.

takecchi commented 1 month ago

I was still getting a 403 error, so I resolved it by using Docker.

docker run --rm -v ./${mount_dir}:/local openapitools/openapi-generator-cli:v7.3.0 generate -i /local/openapi.yaml -g typescript-fetch -o /local/src
szymonprz commented 1 month ago

You can also use your internal (mave/nexus etc) repositories if you're in enterprise

 "version": "7.8.0",
    "repository": {
      "downloadUrl": "url_to_your_repository/org/openapitools/openapi-generator-cli/7.8/0/openapi-generator-cli-7.8.0.jar"
    }

https://github.com/OpenAPITools/openapi-generator-cli?tab=readme-ov-file#using-custom--private-maven-registry

patrickdejong commented 1 month ago

I have this issue since yesterday afternoon. openapi-generator-cli version-manager set 7.5.0 will result in a 403 result and my pipelines have stopped working

epsilonlessthanzero commented 1 month ago

Solution that works for us: If the "openapitools.json" file already exists in your repository, openapi-generator-cli will not attempt to create it on the fly and hence will not send the requests that are generating the 403s.

Turns out the README already states that you should add the "openapitools.json" file to your VCS.

janskola commented 1 month ago

Hello all affected, as per my investigation the issue is with malfunctioning search.maven.org which is used as a source of available versions of Java part of openapi-generator. Despite the fact that Sonatype claims that it should work. I captured following request coming from openapi-generator-cli towards search.maven.org:

https://search.maven.org/solrsearch/select?q=g:org.openapitools+AND+a:openapi-generator-cli&core=gav&start=0&rows=200

Details:

GET /solrsearch/select?q=g:org.openapitools+AND+a:openapi-generator-cli&core=gav&start=0&rows=200 HTTP/1.1
Accept: application/json, text/plain, */*
User-Agent: axios/1.7.4
Accept-Encoding: gzip, deflate, br
Host: search.maven.org
Connection: close

Response:

HTTP/2 502 Bad Gateway
Content-Type: text/html
Content-Length: 122
Server: awselb/2.0
Date: Thu, 19 Sep 2024 09:17:02 GMT
X-Cache: Error from cloudfront
Via: 1.1 6c21a88f98dc05bf345d31b96407e6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P9
X-Amz-Cf-Id: eEnm3YUjx9ZI4DN5um5_am_uxpABTUxo5cqA6efB-pUmy0MCZfkscA==
X-Xss-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000

<html>
<head><title>502 Bad Gateway</title></head>
<body>
<center><h1>502 Bad Gateway</h1></center>
</body>
</html>
Dylan-Carriere commented 1 month ago

I also had the same issue today. Addingopenapitools.json file to my repository solves the issue:

{
  "$schema": "./node_modules/@openapitools/openapi-generator-cli/config.schema.json",
  "spaces": 2,
  "generator-cli": {
    "version": "7.8.0"
  }
}
github-actions[bot] commented 1 month ago

:tada: This issue has been resolved in version 2.13.8 :tada:

The release is available on:

Your semantic-release bot :package::rocket:

github-actions[bot] commented 1 month ago

:tada: This issue has been resolved in version 2.13.9 :tada:

The release is available on:

Your semantic-release bot :package::rocket:

wing328 commented 1 month ago

did a test to confirm now if errors occur when querying serach.maven.org, it will fallback to a fixed list of released versions

Unable to query repository, because of: "connect ECONNREFUSED 127.0.0.1:443". Return default versions instead.
Download 7.8.0 ...
Downloaded 7.8.0
Did set selected version to 7.8.0
[main] INFO  o.o.codegen.DefaultGenerator - Generating with dryRun=false
[main] INFO  o.o.codegen.DefaultGenerator - OpenAPI Generator: ruby (client)
[main] INFO  o.o.codegen.DefaultGenerator - Generator 'ruby' is considered stable.
[main] INFO  o.o.c.languages.AbstractRubyCodegen - Hint: Environment variable 'RUBY_POST_PROCESS_FILE' (optional) not defined. E.g. to format the source code, please try 'export RUBY_POST_PROCESS_FILE="/usr/local/bin/rubocop -a"' (Linux/Mac)

please give it a try with the latest stable version 2.13.9

if the query (search.maven.org) fails for whatever reason, the CLI will fallback to a fixed list of released versions.

to completely bypass making a request to https://search.maven.org, simply set the environment variable OPENAPI_GENERATOR_CLI_SEARCH_URL to DEFAULT, e.g. https://github.com/OpenAPITools/openapi-generator-cli/blob/master/.github/workflows/build.yml#L87