Closed Doddy-codes closed 1 year ago
I’ve got the same issue :-/
Please share dependabot.yml
, .npmrc
, and azure-pipelines.yml
files
.github/dependabot.yml version: 2 updates:
.azure-dependabot.yml schedules:
pool: vmImage: 'ubuntu-latest'
variables: DEPENDABOT_EXTRA_CREDENTIALS: '[{"type":"npm_registry","token":"$(DEPENDABOT_PAT)","registry":"$(NPM_REG)"}]' # put the credentials for private registries and feeds
stages:
.npmrc @research:registry=https://pkgs.dev.azure.com/OUR_ORGANIZATION/_packaging/Research/npm/registry/ @research:always-auth=true
What's the value of NPM_REG?
NPM_REG is the research:registry in npmrc
https://pkgs.dev.azure.com/OUR_ORGANIZATION/_packaging/Research/npm/registry/
Thanks!
Seems like the token needs to be prefixed by the registry name?
Try this for DEPENDABOT_EXTRA_CREDENTIALS
:
"[{\"type\":\"npm_registry\",\"token\":\"Research:$(DEPENDABOT_PAT)\",\"registry\":\"pkgs.dev.azure.com/OUR_ORGANIZATION/_packaging/Research/npm/registry/\"}]"
When trying that:
2022-11-23T20:27:53.5825113Z /usr/local/lib/ruby/gems/3.1.0/gems/bundler-1.17.3/lib/bundler/shared_helpers.rb:29: warning: Pathname#untaint is deprecated and will be removed in Ruby 3.2.
2022-11-23T20:27:53.5837035Z /usr/local/lib/ruby/gems/3.1.0/gems/bundler-1.17.3/lib/bundler/shared_helpers.rb:118: warning: Pathname#untaint is deprecated and will be removed in Ruby 3.2.
2022-11-23T20:27:53.5852706Z /usr/local/lib/ruby/gems/3.1.0/gems/bundler-1.17.3/lib/bundler/shared_helpers.rb:118: warning: Pathname#untaint is deprecated and will be removed in Ruby 3.2.
2022-11-23T20:27:53.5909563Z /usr/local/lib/ruby/gems/3.1.0/gems/bundler-1.17.3/lib/bundler/shared_helpers.rb:29: warning: Pathname#untaint is deprecated and will be removed in Ruby 3.2.
2022-11-23T20:27:53.5933110Z /usr/local/lib/ruby/gems/3.1.0/gems/bundler-1.17.3/lib/bundler/shared_helpers.rb:118: warning: Pathname#untaint is deprecated and will be removed in Ruby 3.2.
2022-11-23T20:27:53.5967354Z /usr/local/lib/ruby/gems/3.1.0/gems/bundler-1.17.3/lib/bundler/shared_helpers.rb:118: warning: Pathname#untaint is deprecated and will be removed in Ruby 3.2.
2022-11-23T20:27:53.7419707Z /usr/local/lib/ruby/gems/3.1.0/gems/bundler-1.17.3/lib/bundler/shared_helpers.rb:29: warning: Pathname#untaint is deprecated and will be removed in Ruby 3.2.
2022-11-23T20:27:53.7421102Z /usr/local/lib/ruby/gems/3.1.0/gems/bundler-1.17.3/lib/bundler/shared_helpers.rb:118: warning: Pathname#untaint is deprecated and will be removed in Ruby 3.2.
2022-11-23T20:27:53.7427173Z /usr/local/lib/ruby/gems/3.1.0/gems/bundler-1.17.3/lib/bundler/shared_helpers.rb:118: warning: Pathname#untaint is deprecated and will be removed in Ruby 3.2.
2022-11-23T20:27:53.7608819Z /usr/local/lib/ruby/gems/3.1.0/gems/bundler-1.17.3/lib/bundler/shared_helpers.rb:35: warning: Pathname#untaint is deprecated and will be removed in Ruby 3.2.
2022-11-23T20:27:53.7613127Z /usr/local/lib/ruby/gems/3.1.0/gems/bundler-1.17.3/lib/bundler/shared_helpers.rb:35: warning: Pathname#untaint is deprecated and will be removed in Ruby 3.2.
2022-11-23T20:27:53.7614363Z /usr/local/lib/ruby/gems/3.1.0/gems/bundler-1.17.3/lib/bundler/shared_helpers.rb:44: warning: Pathname#untaint is deprecated and will be removed in Ruby 3.2.
2022-11-23T20:27:53.7700563Z /usr/local/lib/ruby/gems/3.1.0/gems/bundler-1.17.3/lib/bundler/shared_helpers.rb:118: warning: Pathname#untaint is deprecated and will be removed in Ruby 3.2.
2022-11-23T20:27:54.1805293Z To use retry middleware with Faraday v2.0+, install faraday-retry
gem
2022-11-23T20:27:55.9769482Z /home/dependabot/dependabot-script/.bundle/gems/dependabot-common-0.213.0/lib/dependabot/clients/azure.rb:237:in get': Dependabot::Clients::Azure::Unauthorized (Dependabot::Clients::Azure::Unauthorized) 2022-11-23T20:27:55.9772529Z from /home/dependabot/dependabot-script/.bundle/gems/dependabot-common-0.213.0/lib/dependabot/clients/azure.rb:52:in
fetch_commit'
2022-11-23T20:27:55.9774203Z from /home/dependabot/dependabot-script/.bundle/gems/dependabot-common-0.213.0/lib/dependabot/file_fetchers/base.rb:78:in commit' 2022-11-23T20:27:55.9775929Z from /home/dependabot/dependabot-script/.bundle/gems/dependabot-common-0.213.0/lib/dependabot/file_fetchers/base.rb:463:in
_full_specification_for'
2022-11-23T20:27:55.9777926Z from /home/dependabot/dependabot-script/.bundle/gems/dependabot-common-0.213.0/lib/dependabot/file_fetchers/base.rb:473:in _fetch_file_content' 2022-11-23T20:27:55.9779694Z from /home/dependabot/dependabot-script/.bundle/gems/dependabot-common-0.213.0/lib/dependabot/file_fetchers/base.rb:149:in
fetch_file_from_host'
2022-11-23T20:27:55.9781620Z from /home/dependabot/dependabot-script/.bundle/gems/dependabot-common-0.213.0/lib/dependabot/config/file_fetcher.rb:32:in block in fetch_files' 2022-11-23T20:27:55.9783306Z from /home/dependabot/dependabot-script/.bundle/gems/dependabot-common-0.213.0/lib/dependabot/config/file_fetcher.rb:28:in
each'
2022-11-23T20:27:55.9784969Z from /home/dependabot/dependabot-script/.bundle/gems/dependabot-common-0.213.0/lib/dependabot/config/file_fetcher.rb:28:in fetch_files' 2022-11-23T20:27:55.9786580Z from /home/dependabot/dependabot-script/.bundle/gems/dependabot-common-0.213.0/lib/dependabot/file_fetchers/base.rb:69:in
files'
2022-11-23T20:27:55.9788197Z from /home/dependabot/dependabot-script/.bundle/gems/dependabot-common-0.213.0/lib/dependabot/config/file_fetcher.rb:20:in config_file' 2022-11-23T20:27:55.9789333Z from ./update-script.rb:265:in
NOTE: When specifying a different dependabot tag, (0:7) the originally defined pipeline runs fine
The updated dependabot image (0:10) has resolved the issue. Can close this issue.
Thank you for your help
This job was working fine last week and no changes were made, however it is now failing with:
To use retry middleware with Faraday v2.0+, install'
from ./update-script.rb:310:in '
GitHub access token has been provided.
Using hostname = 'dev.azure.com', protocol = 'https', port = '443'.
Using 'https://dev.azure.com:443/' as API endpoint
Pull Requests shall be linked to milestone (work item) 3499
Fetching npm_and_yarn dependency files for (our registry)
Targeting 'develop' branch under '/' directory
Parsing dependencies information
Checking if @babel/runtime 7.20.1 needs updating
No update needed for @babel/runtime 7.20.1
Checking if @research/react-app-cards 1.0.0 needs updating
faraday-retry
gem /home/dependabot/dependabot-script/.bundle/gems/dependabot-npm_and_yarn-0.213.0/lib/dependabot/npm_and_yarn/update_checker/latest_version_finder.rb:319:incheck_npm_response': The following source could not be reached as it requires authentication (and any provided details were invalid or lacked the required permissions): https://pkgs.dev.azure.com/BC-SDPR-Research/_packaging/Research/npm/registry/ (Dependabot::PrivateSourceAuthenticationFailure) from /home/dependabot/dependabot-script/.bundle/gems/dependabot-npm_and_yarn-0.213.0/lib/dependabot/npm_and_yarn/update_checker/latest_version_finder.rb:276:in
npm_details' from /home/dependabot/dependabot-script/.bundle/gems/dependabot-npm_and_yarn-0.213.0/lib/dependabot/npm_and_yarn/update_checker/latest_version_finder.rb:108:invalid_npm_details?' from /home/dependabot/dependabot-script/.bundle/gems/dependabot-npm_and_yarn-0.213.0/lib/dependabot/npm_and_yarn/update_checker/latest_version_finder.rb:36:in
latest_version_from_registry' from /home/dependabot/dependabot-script/.bundle/gems/dependabot-npm_and_yarn-0.213.0/lib/dependabot/npm_and_yarn/update_checker.rb:294:inlatest_released_version' from /home/dependabot/dependabot-script/.bundle/gems/dependabot-npm_and_yarn-0.213.0/lib/dependabot/npm_and_yarn/update_checker.rb:319:in
latest_version_details' from /home/dependabot/dependabot-script/.bundle/gems/dependabot-npm_and_yarn-0.213.0/lib/dependabot/npm_and_yarn/update_checker.rb:39:inlatest_version' from /home/dependabot/dependabot-script/.bundle/gems/dependabot-common-0.213.0/lib/dependabot/update_checkers/base.rb:231:in
numeric_version_up_to_date?' from /home/dependabot/dependabot-script/.bundle/gems/dependabot-common-0.213.0/lib/dependabot/update_checkers/base.rb:189:inversion_up_to_date?' from /home/dependabot/dependabot-script/.bundle/gems/dependabot-common-0.213.0/lib/dependabot/update_checkers/base.rb:33:in
up_to_date?' from /home/dependabot/dependabot-script/.bundle/gems/dependabot-npm_and_yarn-0.213.0/lib/dependabot/npm_and_yarn/update_checker.rb:27:inup_to_date?' from ./update-script.rb:332:in
block ineach' from ./update-script.rb:310:in
[error]The process '/usr/bin/docker' failed with exit code 1
Finishing: Run Dependabot - dtes
OUR Pipeline is as defined below. NOTE: This was working last week and no changes were made schedules:
Varibales: IMAGETOCACHE = tingle/dependabot-azure-devops:latest NPM_REG = our npm registry
Please let me know any suggestions, thank you.