Cannot create personal access token under user preferences

eclipse-che / che

Kubernetes based Cloud Development Environments for Enterprise Teams

http://eclipse.org/che

Eclipse Public License 2.0

6.99k stars 1.19k forks source link

Cannot create personal access token under user preferences #23129

Open huonguyenlt opened 3 months ago

huonguyenlt commented 3 months ago

Describe the bug

Cannot add personal access token with provider Microsoft azure devops Error: Token "test" was not added because it is not valid.

Che version

7.89

Steps to reproduce

Create PAT on azure devops

Add the PAT to che

Error after add the token

Expected behavior

Should be able to add the PAT

Runtime

other (please specify in additional context)

Screenshots

No response

Installation method

other (please specify in additional context)

Environment

Amazon

Eclipse Che Logs

No response

Additional context

Che cluster is deployed on EKS

tolusha commented 3 months ago

It should definitely work for https://dev.azure.com If you have Azure On Prem, then it is needed to configure Eclipse Che firstly. Although, I had no chance to try it, it must be possible. Update checluster custom resource to set the correct values:

spec:
  components:
    cheServer:
      extraProperties:
        CHE_INTEGRATION_AZURE_DEVOPS_APPLICATION__SCOPES: "vso.code_write"
        CHE_OAUTH_AZURE_DEVOPS_AUTHURI: "https://app.vssps.visualstudio.com/oauth2/authorize"
        CHE_OAUTH_AZURE_DEVOPS_TOKENURI: "https://app.vssps.visualstudio.com/oauth2/token"
        CHE_INTEGRATION_AZURE_DEVOPS_API_ENDPOINT: "https://vssps.dev.azure.com"
        CHE_INTEGRATION_AZURE_DEVOPS_SCM_API__ENDPOINT: "https://dev.azure.com"

huonguyenlt commented 3 months ago

@tolusha the config you provide only available for azure devops service. In my case, i use azure devops server.

huonguyenlt commented 3 months ago

I tried to add the property CHE_INTEGRATION_AZURE_DEVOPS_SCM_API__ENDPOINT bbut still not working

huonguyenlt commented 2 months ago

Also update the CHE_INTEGRATION_AZURE_DEVOPS_API_ENDPOINT with my azure devops server url, still eclispe che use the default https://vssps.dev.azure.com as you can see in the below error message Caused by: java.net.URISyntaxException: Illegal character in path at index 41: https://vssps.dev.azure.com/DevSecOps-COE /_apis/profile/profiles/me?api-version=7.0

PS: do we have the document (exhausted list) of extraProperties

tolusha commented 2 months ago

still eclispe che use the default https://vssps.dev.azure.com/

Double check if che-server pod is restarted. Log into the container and print env to check the acutal values of env vars.

PS: do we have the document (exhausted list) of extraProperties

Unfortunately I can't find them in our documentation. But the list is available by the url [1]

[1] https://github.com/eclipse-che/che-server/blob/main/assembly/assembly-wsmaster-war/src/main/webapp/WEB-INF/classes/che/che.properties

huonguyenlt commented 2 months ago

@tolusha I checked the env vars, they are all correct. Is there any env var I have to set beside these 3?

sh-4.4$ CHE_INTEGRATION_AZURE_DEVOPS_API__ENDPOINT=https://devado.xxx.com
sh-4.4$ CHE_INTEGRATION_AZURE_DEVOPS_APPLICATION__SCOPES=vso.code_write
sh-4.4$ CHE_INTEGRATION_AZURE_DEVOPS_SCM_API__ENDPOINT=https://devado.xxx.com

In the link you shared, it says CHE_INTEGRATION_AZURE_DEVOPS_API__ENDPOINT is the Azure DevOps Service API server address. So I am confused if it is applicable for my case as I use azure devops server.

# Azure DevOps Service API server address.
che.integration.azure.devops.api_endpoint=https://vssps.dev.azure.com

One more question, do you know where I can find logs after adding the Personal access token. I check all che components' log but cant find them

tolusha commented 2 months ago

Is there any env var I have to set beside these 3?

I bileve it should be enough to add PAT

One more question, do you know where I can find logs after adding the Personal access token. I check all che components' log but cant find them

They are available if log level set to DEBUG spec.components.cheServer.logLevel: DEBUG

When PAT is added, we simply validte it by requesting the user profile as below [1]. If use can't be retrieve, then PAT is considered to be invalid and can't be added.

[1] https://github.com/eclipse-che/che-server/blob/c5963e0de77b98298af79c642e44e372f85739c6/wsmaster/che-core-api-factory-azure-devops/src/main/java/org/eclipse/che/api/factory/server/azure/devops/AzureDevOpsApiClient.java#L91-L103

tolusha commented 1 month ago

@huonguyenlt Were you able to add PAT eventually ?

huonguyenlt commented 1 month ago

@tolusha no, I am not able to do it. I think it does not support azure server.