Closed NotMyFault closed 8 months ago
Audit:
Checking...
~As I don't know what @lemeurherve did in #3414 except the linked terraform PRs~ (see https://github.com/jenkins-infra/helpdesk/issues/3875#issuecomment-1868290946)
As we're in holidays for the next week, I've commented out the azcopy
command https://github.com/jenkins-infra/crawler/commit/d0efde1404c2e45cc71737fc532025b8b325b061 and a build is currently running (I'll watch it).~
We'll work on this in January then
And now
$ aws s3 sync ./updates/ s3://westeurope-updates-jenkins-io/updates/ --no-progress --no-follow-symlinks --size-only --exclude .svn --endpoint-url https://8d1838a43923148c5cee18ccc356a594.r2.cloudflarestorage.com/
09:50:50 fatal error: An error occurred (Unauthorized) when calling the ListObjectsV2 operation: Unauthorized
New hotfix incoming
https://github.com/jenkins-infra/crawler/commit/e196bb7f25a92e2168f81f1130653d61f0c057b6 (watching build on trusted)
Finished: SUCCESS
we can finish 2023 in this state \o/
Thanks for checking 🎄
As I don't know what @lemeurherve did in #3414 except the linked terraform PRs, and because we're in holidays for the next week, I've commented out the
azcopy
command jenkins-infra/crawler@d0efde1 and a build is currently running (I'll watch it).We'll work on this in January then
Nothing done in #3414 explains the HTTP/403. I've reopened #3818 and I'll check if I did not forget a firewall rule somewhere. That could also explain the aws s3
errors after the first hotfix.
Resuming analysis on this topic.
azcopy
on the crawler job to test: the mian branch job might have failure due to my tests. I'll also mention this in jenkins-infra (no status.jenkins.io as it is not a public thing)Retried and got the following detailed error message for the azcopy
operation:
Time:2024-01-02T13:25:44.6252585Z</Message><AuthenticationErrorDetail>Signature not valid in the specified time frame: Start [Fri, 06 Oct 2023 00:00:00 GMT] - Expiry [Fri, 22 Dec 2023 00:00:00 GMT] - Current [Tue, 02 Jan 2024 13:25:44 GMT]</AuthenticationErrorDetail></Error>
https://github.com/jenkins-infra/azure/pull/565 to rotate expiry
Update:
WiP:
azcopy
aws s3
sync and fix it if still presentUpdate:
azcopy
✅WiP:
aws s3
sync and fix it if still presentWiP: Check error for the aws s3
sync and fix it if still present
fatal error: An error occurred (Unauthorized) when calling the ListObjectsV2 operation: Unauthorized
when trying to S3-sync to the cloudflare bucketGotcha: all API tokens have reached their TTL in Cloudflare. It also breaks the jenkins-infra/cloudflare project since last month (at least).
See https://github.com/jenkins-infra/helpdesk/issues/2649#issuecomment-1874328160
Update:
UnAuthorized
errorUpdate:
Todo:
Last steps: https://github.com/jenkins-infra/helpdesk/issues/2649#issuecomment-1879711494
Last build of crawler built without any problem
Service(s)
trusted.ci.jenkins.io
Summary
The crawler job is failing again, this time
azcopy sync
yields a 403, causing the job to fail.Reproduction steps
No response