woodpecker-ci / woodpecker

Woodpecker is a simple, yet powerful CI/CD engine with great extensibility.
https://woodpecker-ci.org
Apache License 2.0
4.31k stars 371 forks source link

agent connection seems broken, rpc access token expired #4144

Open mortbauer opened 2 months ago

mortbauer commented 2 months ago

Component

server, agent

Describe the bug

Setup a woordpecker server and agent via 2 docker containers with a shared WOODPECKER_AGENT_SECRET Everything works fine at first, but after a couple of hours the communication between server and agent fails. The logs from the agent are:

 ERR src/agent/rpc/client_grpc.go:461 > grpc error: report_health(): code: Unauthenticated error="rpc error: code = Unauthenticated desc = access token is invalid: invalid token: token has invalid claims: token is expired"
5:40PM ERR src/cmd/agent/core/agent.go:251 > failed to report health error="rpc error: code = Unauthenticated desc = access token is invalid: invalid token: token has invalid claims: token is expired"

The server doesn't log anything relevant about it I think. So since this is so basic, I really hesitated to report that bug, believing I made some mistake, so I actually recreated my real setup with the most basic setup just locally and it is the same problem.

Steps to reproduce

  1. start server with:
    docker run --rm -it -p 8000:8000 -p 9000:9000 -v ./datatest:/var/lib/woodpecker -e WOODPECKER_HOST=http://localhost:8000 -e WOODPECKER_AGENT_SECRET=ADFI34YAKMIGSNKK55IPCKVVJWNULOBQY2QRIBJ42X527NY7GLTQ===1 -v /var/run/docker.sock:/var/run/docker.sock -e WOODPECKER_LOG_LEVEL=debug -e WOODPECKER_GITEA=true -e WOODPECKER_GITEA_CLIENT=... -e WOODPECKER_GITEA_SECRET=...-e WOODPECKER_GITEA_URL=... -e WOODPECKER_OPEN=true -e WOODPECKER_ADMIN=martin --name woodpecker-server-test woodpeckerci/woodpecker-server:v2.7.1-alpine
  2. start agent with:
    docker run --rm -it --network host -e WOODPECKER_SERVER=localhost:9000 -e WOODPECKER_AGENT_SECRET=ADFI34YAKMIGSNKK55IPCKVVJWNULOBQY2QRIBJ42X527NY7GLTQ===1 -v /var/run/docker.sock:/var/run/docker.sock -e WOODPECKER_LOG_LEVEL=debug  --name woodpecker-runner-test woodpeckerci/woodpecker-agent:v2.7.1-alpine
  3. check it works
  4. wait for a day and you will see the error in the agent logs, server doesn't report anything related i think

Expected behavior

No response

System Info

* woodpeckerci/woodpecker-server:v2.7.1-alpine
* woodpeckerci/woodpecker-agent:v2.7.1-alpine

Additional context

No response

Validations

pat-s commented 1 month ago

Can confirm this (on next). Didn't encounter it yet with 2.7.0.