Open DavidRadoorHummel opened 1 year ago
Hi @DavidRadoorHummel Thanks for reporting this issue. Can you please try again with JFROG_CLI_LOG_LEVEL=DEBUG environment variable and provide the full logs from the pipeline?
Hi @sverdlov93
I made a quick pipeline with the above example.
Pipeline:
# Starter pipeline
# Start with a minimal pipeline that you can customize to build and deploy your code.
# Add steps that build, run tests, deploy, and more:
# https://aka.ms/yaml
trigger:
- none
pool:
name: T-David
steps:
- task: JfrogCliV2@1
inputs:
jfrogPlatformConnection: 'Artifactory Test JFrog CLI'
command: |
jf rt ping"
env:
JFROG_CLI_LOG_LEVEL: "DEBUG"
And the log output:
Starting: JfrogCliV2
==============================================================================
Task : JFrog CLI V2
Description : Run your own JFrog CLI command.
Version : 1.8.0
Author : JFrog
Help : [More Information](https://github.com/jfrog/jfrog-azure-devops-extension#Executing-JFrog-CLI-Commands)
==============================================================================
Downloading: https://releases.jfrog.io/artifactory/jfrog-cli/v2-jf/2.44.1/jfrog-cli-windows-amd64/jf.exe
Caching tool: jf 2.44.1 x64
Running jfrog-cli from C:\<Redacted>\_work\_tool\jf\2.44.1\x64\jf.exe
JFrog CLI version: 2.44.1
Executing JFrog CLI Command:
C:\<Redacted>\_work\_tool\jf\2.44.1\x64\jf.exe c add "<Redacted>_20230821.3_jfrog_cli_cmd_1692597994852" --url="https://artifactory.com/" --interactive=false --user="***" --basic-auth-only --password-stdin
08:06:34 [Debug] JFrog CLI version: 2.44.1
08:06:34 [Debug] OS/Arch: windows/amd64
08:06:35 [Warn] You are using JFrog CLI version 2.44.1, however version 2.45.0 is available.
To install the latest version, visit: https://jfrog.com/getcli
To see the release notes, visit: https://github.com/jfrog/jfrog-cli/releases
To avoid this message, set the JFROG_CLI_AVOID_NEW_VERSION_WARNING variable to TRUE
08:06:35 [Debug] Using password provided via Stdin
08:06:35 [Debug] Locking config file to run config AddOrEdit command.
08:06:35 [Debug] Creating lock in: C:\Users\<redacted>\.jfrog\locks\config
08:06:35 [Debug] Sending HTTP GET request to: https://artifactory.com/artifactory/api/security/encryptedPassword
08:06:37 [Debug] Releasing lock: C:\Users\<redacted>\.jfrog\locks\config\jfrog-cli.conf.lck.13968.1692597995061837400
08:06:37 [Debug] Config AddOrEdit command completed successfully. config file is released.
08:06:37 [Error] The following error was received while trying to encrypt your password: Artifactory response: 404
{
"errors": [
{
"status": 404,
"message": "Not Found"
}
]
}
##[error]Error occurred while executing task: Error: Command failed: C:\<Redacted>\_work\_tool\jf\2.44.1\x64\jf.exe c add "<Redacted>_20230821.3_jfrog_cli_cmd_1692597994852" --url="https://artifactory.com/" --interactive=false --user="***" --basic-auth-only --password-stdin
Finishing: JfrogCliV2
EDIT:
As you can see, the request is
08:06:35 [Debug] Sending HTTP GET request to: https://artifactory.com/artifactory/api/security/encryptedPassword
Notice the /artifactory/
in the request. When NGINX sees this incoming request, it becomes:
https://artifactory.com/artifactory/artifactory/api/security/encryptedPassword
Which coincides with the error presented in the Artifactory log file:
Request /artifactory/api/security/encryptedPassword should be a repo request and does not match any repo key
Best regards David
@DavidRadoorHummel Ohh your Artifatory URL is https://artifactory.com
? and not https://jfrogplatform.com/artifactory
?
Hi @sverdlov93 for legal reasons I cannot disclose the URL of our Artifactory server.
It is self-hosted and not a Cloud services provided by JFrog. artifactory.com is simply a placeholder.
EDIT:
I just realized what you meant, sorry about that.
Yes. For historical reasons, our url is https://artifactory.com and not https://jfrogplatform.com/artifactory
This is also why we want to setup jfrog CLI with the --artifactory-url
argument and not --url
Describe the bug
The task "JFrog CLI V2" is not configurable in anyway. As such it will collide with Artifactory setups where you use NGINX to auto-postfixes requests with /artifactory/
The task is set to execute in such a way that it is set up with:
jf.exe c add "test" --url="https://artifactory-test.com/" --interactive=false --user="***" --basic-auth-only --password-stdin
Since the setup uses the argument
--url
the "artifactory url" becomeshttps://artifactory-test.com/artifactory/
. With NGINX as a reverse proxy, any incoming requests from this JFrog CLI configuration becomeshttps://artifactory-test.com/artifactory/artifactory/*
which, of course, is not valid.The task has no possible way to be configured. This is needed such that
jf.exe c add "test" --url="https://artifactory-test.com/" --interactive=false --user="***" --basic-auth-only --password-stdin
Could be changed tojf.exe c add "test" --artifactory-url="https://artifactory-test.com/" --interactive=false --user="***" --basic-auth-only --password-stdin
Which would work with NGINX.
Current behavior
The task forces the use of argument
--url
which will not work with NGINX reverse proxy setup that auto-postfixes requests with/artifactory/
Reproduction steps
Task will fail with:
[Error] The following error was received while trying to encrypt your password: Artifactory response: 404
Theartifactory-service.log
file will show:Request /artifactory/api/security/encryptedPassword should be a repo request and does not match any repo key
Expected behavior
The JFrog CLI task is configurable, such that argument
--artifactory-url
can be used.Azure DevOps extension name and version
2.8.0 (Latest)
JFrog CLI version
jf 2.44.1 x64
Operating system type and version
Windows 10
JFrog Artifactory version (if relevant)
No response
JFrog Xray version (if relevant)
No response
JFrog Distribution version (if relevant)
No response