Closed vfarcic closed 9 months ago
I faced the same issue. I resolved it by changing my Git token (I had missed some of the permissions), I deleted ~/.jx/ and also jx boot again and put new git token.
Btw does your jx step verify install
looks ok?
In my case, the issue persists. I create a new cluster, deleted the whole ~/.jx
directory, created a new GH token with all the permissions enabled, and installed jx
using Boot. When I try to create a new quickstart project, I'm still getting the same error (401 Bad credentials
).
The issue does not seem to be related to the way jx
is installed. The same happens both with jx install
and jx boot
.
@vfarcic I wonder if you can reproduce without doing a clone of the git repo but letting jx boot
do the fork first? e.g. doing jx boot
then modifying jx-requirements.yml
?
@jstrachan I'll try that later today, but I don't think that's the issue since it appears not only with the boot but also when I run jx create cluster
or jx install
. Since the environment repos are created successfully, I can only guess that the issue is with jx
local cache since jx create quickstart
does not use the credentials in the cluster. Or maybe it expects something in the local git setup...
@jstrachan I noticed something strange... During the Boot process, it asked me for the Pipeline bot Git token
and I pasted one that I have from before. However, the output says Generated token xxxxxxxxxxxxxxxxxxxxxxxxxx, to use it press enter.
The one from that output is not the same token as the one I pasted. Can that be a clue?
I just finish setting it up by letting jx boot
do the fork and the result is the same.
creating a QuickStart uses your personal token which is stored in ~/.jx/gitAuth.yml
I guess that token is stale? You could edit the file by hand or delete it and re-run the jx create QuickStart
command?
Ideally if a Bad credentials
message we should zap the token & ask the user to create a new one.
Btw the token needs scope to create new git repos & register webhooks
BTW in older versions of jx
the create QuickStart command would incorrectly use the pipeline bot user & token to create the new git repository - which might be why you are seeing this regression - you have a stale local token (which is not used / updated when using boot)
That's the issue. I deleted ~/.jx
a while ago because of some problems. Now I see that it is not being created anymore. Some of the changes to the project caused it to stop creating it.
so there is no ~/.jx/gitAuth.yml
file?
note it’s not used or created via boot - but should be for jx create quickstart/ jx import
I guess this should be an urgent issue since it'll likely cause problems for all the jx
newbies that will install it for the first time.
... those that do not have ~/.jx/gitAuth.yml
from before.
@vfarcic I just went through a very similar exercise and resolved it - deleted all Github related entries in Keychain Access and supplied a fresh Github token by executing a git command and being prompted.
Deleting all GitHub related entries from the Keychain Access made it work. Nevertheless, I still do not think we should close this issue. I believe that there is still a problem that should be resolved, either through code or docs.
This happened to me yesterday and today. Same issue. However, I got past it after (erroneously recreating my SSH keys), then executing jx import
on the quickstart local directory, which succeded but ONLY after the creation of QuickStart and not at the time of creation, which should work as expected.
I had the same issue: I generated a new personal access token which made the old one fail. After I updated the /root/.jx/gitAuth.yml file, everything worked again.
The same issue is happening again. I recreated GitHub entry in the key chain and I deleted the whole ~/.jx
directory. What is different, this time, is that jx create quickstart
is not creating ~/.jx/gitAuth.yml
file.
Here's the output:
bash-3.2$ jx create quickstart --filter golang-http --project-name jx-knative \
> --deploy-kind knative
Using Git provider github.com at https://github.com
? Do you wish to use vfarcic as the Git user name? Yes
? Who should be the owner of the repository? vfarcic
X Sorry, your reply was invalid: GET https://api.github.com/repos/vfarcic/jx-knative: 401 Bad credentials []
? Enter the new repository name:
error: interrupt
bash-3.2$ ls -la ~/.jx/
total 0
drwxr----- 6 vfarcic staff 192 May 10 19:02 .
drwxr-xr-x+ 80 vfarcic staff 2560 May 10 19:06 ..
drwxr----- 2 vfarcic staff 64 May 10 18:22 bin
drwxr----- 3 vfarcic staff 96 May 10 18:22 draft
drwxr----- 42 vfarcic staff 1344 May 10 18:22 jenkins-x-versions
drwxr----- 3 vfarcic staff 96 May 10 18:50 localSecrets
More info:
$ TRACE_GITHUB_API=true jx create quickstart \
--filter golang-http --verbose
DEBUG: Current configuration dir: /Users/vfarcic/.jx
DEBUG: VersionRepository: https://github.com/jenkins-x/jenkins-x-versions.git git ref: v1.0.359
DEBUG: ? A local Jenkins X versions repository already exists, pulling the latest: Yes
DEBUG: LC_ALL=C JX_LOG_LEVEL=error git fetch https://github.com/jenkins-x/jenkins-x-versions.git --tags
DEBUG: LC_ALL=C JX_LOG_LEVEL=error git fetch https://github.com/jenkins-x/jenkins-x-versions.git v1.0.359
DEBUG: LC_ALL=C JX_LOG_LEVEL=error git branch -r
DEBUG: LC_ALL=C JX_LOG_LEVEL=error git checkout FETCH_HEAD
DEBUG: LC_ALL=C JX_LOG_LEVEL=error git fetch --tags
DEBUG: LC_ALL=C JX_LOG_LEVEL=error git describe v1.0.359 --abbrev=0 --contains
DEBUG: getting vault name for namespace jx
DEBUG: system vault name from config jx-vault-vfarcic2
DEBUG: Finding ingress url for jx-vault-vfarcic2 in namespace jx
DEBUG: found service url http://vault-jx.34.74.202.28.nip.io
DEBUG: Connecting to vault on http://vault-jx.34.74.202.28.nip.io
DEBUG: Searching for repositories in Git server https://github.com owner jenkins-x-quickstarts includes * excludes WIP-* as user vfarcic
Using Git provider github.com at https://github.com
? Do you wish to use vfarcic as the Git user name? Yes
DEBUG: About to create repository on server https://github.com with user vfarcic
? Who should be the owner of the repository? vfarcic
X Sorry, your reply was invalid: GET https://api.github.com/repos/vfarcic/xxx: 401 Bad credentials []
? Enter the new repository name:
The same thing is happening again. I had to delete the ~/.jx
directory because the local cache was messing up with incorrect credentials when creating new clusters. Now I cannot create a quickstart. Apart from the obvious problem with that, how are additional users expected to use JX? They will not start with pre-populated ~/.jx
directory. If I'm guessing right, no one but the person who set up the cluster will be able to create quickstarts or import projects and even the person who created the cluster will not be able to do that if ~/.jx
directory is removed. On top of all that, the --git-api-token
argument is completely ignored so I'm not sure what is the purpose of having it.
I'm failing the similar way, when import, and create quickstart. repeated from the beginning several times(creating cluster and. re-boot jx) but it didn't help. Any workaround?
$ jx import WARNING: No username defined for the current Git server! ? Git user name: havenqi trying to use draft pack: python selected pack: /Users/My/.jx/draft/packs/github.com/jenkins-x-buildpacks/jenkins-x-kubernetes/packs/python replacing placeholders in directory /Users/My/jenkins-x/playground/python-flask-docker app name: python-flask-docker, git server: github.com, org: havenqi, Docker registry org: havenqi skipping directory "/Users/My/jenkins-x/playground/python-flask-docker/.git" Draft pack python added Pushed Git repository to git@github.com:havenqi/python-flask-docker.git WARNING: Querying webhooks on havenqi/python-flask-docker: GET https://api.github.com/repos/havenqi/python-flask-docker/hooks: 401 Bad credentials [] Creating GitHub webhook for havenqi/python-flask-docker for url http://hook-jx.54.196.4.114.nip.io/hook error: POST https://api.github.com/repos/havenqi/python-flask-docker/hooks: 401 Bad credentials [] $ jx version NAME VERSION jx 2.1.59 Kubernetes cluster v1.15.11-eks-af3caf kubectl v1.13.2 helm client 2.12.2 git 2.24.3 (Apple Git-128) Operating System Mac OS X 10.15.4 build 19E287
And even I explicitly append ---git-username, and --git-api-token, it still failed. I think at least two issues here,
Using a bot user sounds like a blank check to do whatever you want. I believe that every change (including the initial commits) in Git should be associated with a person.
I generated a new github token, this works for me!
I have the same issue.
jx create quickstart
does not create the gitAuth.yaml file either.
Same issue persists on my end as well. During the first iteration the terminal output is as follows.
WARNING: organisation WESA detected from URL https://github.ibm.com/WESA/go-sample-jenkinx.git. '--org wesa' will be ignored
Creating GitHub webhook for WESA/go-sample-jenkinx for url http://hook.jx.wsaservice.us-east.containers.appdomain.cloud/hook
To be able to create a repository on github.com we need an API Token
Please click this URL and generate a token
https://github.com/settings/tokens/new?scopes=repo,read:user,read:org,user:email,write:repo_hook,delete_repo
Then COPY the token and enter it below:
? API Token: ****************************************
error: failed to start pipeline build: getting branch master on WESA/go-sample-jenkinx: getting branch master on WESA/go-sample-jenkinx: GET https://api.github.com/repos/WESA/go-sample-jenkinx/branches/master: 401 Bad credentials []
here I don't understand the placement for https://github.com where I have clearly defined an enterprise account during boot and quickstart steps.
for all the consecutive runs I am getting the same message as everyone else.
WARNING: organisation WESA detected from URL https://github.ibm.com/WESA/go-sample-jenkinx4.git. '--org wesa' will be ignored
Creating GitHub webhook for WESA/go-sample-jenkinx4 for url http://hook.jx.wsaservice.us-east.containers.appdomain.cloud/hook
error: failed to start pipeline build: getting branch master on WESA/go-sample-jenkinx4: getting branch master on WESA/go-sample-jenkinx4: GET https://api.github.com/repos/WESA/go-sample-jenkinx4/branches/master: 401 Bad credentials []
Access token was also recreated. Still no results.
In jx3, I resolved by update the credentials
in ~/git/
Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale
.
Stale issues rot after an additional 30d of inactivity and eventually close.
If this issue is safe to close now please do so with /close
.
Provide feedback via https://jenkins-x.io/community.
/lifecycle stale
This issue refers to Jenkins X 2, which isn't supported
Summary
When creating a new quickstart project,
Bad credentials
error is popping up. That happened in a cluster set up withjx boot
. It did manage to create the initial environment repos, so the issue is not in the token I passed to the process.Steps to reproduce the behavior
The output of the last command is as follows.
It tried the same command with the additional
--git-api-token
argument and it fails with the same error.Expected behavior
It works
Actual behavior
It doesn't work
Jx version
The output of
jx version
is:Jenkins type
Kubernetes cluster
GKE
Operating system / Environment
MacOS