I am new to GitLab and I want create a Gitlab CI pipeline which builds the Docker image and basically pushes it to my Dockerhub. I created a Free account in Gitlab and created a simple pipeline. Below is my pipeline.
Below are the Environment Variables (Note: I'm pushing to DockerHub)
But it says login failed. Username and password is correct
Do I need to create a Token ?
is the branch running the pipeline protected? since protected variables are seen only in protected branches and tags in gitlab
Related
I need to get a file from a private GitLab in a script (actually a Yocto recipe, if it matters).
Issuing: https://gitlab2server.com/api/v4/projects/53/packages/generic/paCKAGE/21.08.16/FILE.tar.xz on a browser works fine, but wget <same URL> fails with a "401 Unauthorized".
I can get around the problem with curl --header "PRIVATE_TOKEN: xxxx" ... but that means encoding my private token into a shell script which doesn't seem right.
To access a regular git repo I can use git clone git:... and it works because of the uploaded keys.
Using the equivalent scp gitlab2server.com:/api/v4/... . does not work because "Permission denied (publickey).".
What is the right way to do this?
Ideally I would need to have a ssh (actually scp, of course) access using pre-shared keys to access the files. I would hate to put large binaries into the git repo just to be able to access them.
The only way to authenticate with the GitLab API (including the Package API here) is using a personal access token, or the CI_JOB_TOKEN environment variable if running within GitLab CI/CD. CI_JOB_TOKEN is one of the Predefined Variables available to every CI/CD Pipeline Job and holds a non-admin token.
I have Azure Container Registry instance, where the container images are pushed. We have ACRPush role to some crdentials(service principal account)
Can we pull the images from the ACR without any authentication. We want to make this publicly available to pull images without any docker login/authentication.
Regards
Jayashree
I think there are some things you need to understand carefully. First, the ACR is a private registry, so you must have the credential with the right permission to push and pull images. Second, the docker login is just a method to set the credential for the registry, so it's not necessary.
According to the above things, you do not need to run docker login command, but you must have a credential for the ACR. You can run the Azure CLI command az acr login --name acr_name and this command will set the credential for docker without running docker login.
Using Azure CLI, you can update the registry to allow anonymous pull using
az acr update --anonymous-pull-enabled ...
https://learn.microsoft.com/en-us/cli/azure/acr?view=azure-cli-latest#az_acr_update
We have multiple repositories that have multiple deployments in K8S.
Today, we have Tekton with the following setup:
We have 3 different projects, that should be build the same and deploy (they are just different repo and different name)
We defined 3 Tasks: Build Image, Deploy to S3, and Deploy to K8S cluster.
We defined 1 Pipeline that accepts parameters from the PipelineRun.
Our problem is that we want to get Webhooks externally from GitHub and to run the appropriate Pipeline automatically without the need to run it with params.
In addition, we want to be able to have the PipelineRun with default paramaters, so Users can invoke deployments automatically.
So - is our configuration and setup seems ok? Should we do something differently?
Our problem is that we want to get Webhooks externally from GitHub and to run the appropriate Pipeline automatically without the need to run it with params. In addition, we want to be able to have the PipelineRun with default paramaters, so Users can invoke deployments automatically.
This sounds ok. The GitHub webhook initiates PipelineRuns of your Pipeline through a Trigger. But your Pipeline can also be initiated by the users directly in the cluster, or by using the Tekton Dashboard.
I'm trying to integrate serverless to my circleci workflow.
I tried first adding both, key and secret to AWS permissions, but that did not work.
Then, I added key and secret to Environment variables and in my config file:
sudo npm install -g serverless
sls config credentials --provider aws --key $AWS_ACCESS_KEY_ID --secret $AWS_SECRET_ACCESS_KEY
sls deploy -v
But I see the same error:
Serverless Error ---------------------------------------
You are not currently logged in. Follow instructions in http://slss.io/run-in-cicd to setup env vars for authentication.
Anyone had this issue? I could not find an answer or hint online. Thanks.
This likely only applies to those trying to use Serverless Enterprise with the monitoring & dashboards they have set up. #wintvelt's answer wouldn't work for me because if i deleted the org variable, it would likely break the connection needed for Enterprise. So steps for my CircleCI setup:
In CircleCI, create a Context for each environment with the AWS Key ID and Secret as environment variables (putting them in a context is a nice to have, you could use other methods of making Circle inject environment variables into builds).
In your Serverless Framework dashboard, create a new access key which you will use in Circle.
Create a new environment variable SERVERLESS_ACCESS_KEY with the value from step 2.
I got this idea from reading how Seed.run has users integrate with Serverless. For more info read this link: https://seed.run/docs/integrating-with-serverless-enterprise.
Just checked Circleci stopped supporting AWS Permissions as a configurable option in the settings page.
You need to set the credentials as environment variables for the projects. The credentials should be named exactly AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY.
that's all you need to do. you don't have to do any additional step. I tried this on my project and it worked.
Your deployment step should simply be
sls deploy
As a follow-up to the previous answer: I had exactly the same error.
I took the solution from the chat as a solution.
For me the fixes I applied:
In CircleCI project settings, under "AWS permissions" I added the AWS Access Key ID and Secret Access key
In CircleCI project settings, under "Environment variables", I also added the AWS Access Key ID and Secret Access key
From my serverless.yml file, I deleted the line with org variable
For me, 1. and 2. alone was not enough. I also had to remove the line from my yml file to make deployment via CircleCI work.
For those landing here with the same issue, hope this helps!
I have setup Gitlab in ubuntu server, it's working fine. I access Gitlab by url http://123.456.789.100 and Gitlab login details
username:admin#local.host
password:123456
Then I wanted to set Gitlab CI for test the code before it merge. I have done with setting Gitlab CI by using the link. I have done setting up every thing except Runners. While set ssh git#<your gitlab url> in Runner I face error
ssh git#123.456.789.100
it prompts me for password
git#123.456.789.100's password:
I entered password(123456) of gitlab's that I used to enter into gitlab server, then I have this error
Permission denied please try again
But I got Gitlab CI web interface by http://123.456.789.100:8081(I did set Gitlab-ci to listen on 8081 port). Then I entered Gitlab server's username and password as admin#local.host and 123456, I got Invalid credentials.
What would be the wrong I made?
When you put git# in the ssh it’s actually trying to use the git user on the machine that is running GitLab (rather than some GitLab controlled user).
The easiest fix for this would be to create an SSH key on the runner in question and then add that SSH key to GitLab. That will allow the runner to access the GitLab instance and clone and repositories you need.
For more help getting started, see this page on Configuring GitLab runners.