GitHub integration error "cannot verify team membership" - drone.io

I have launched a drone/drone:0.8 using docker, and providing these environment variables:
DRONE_ADMIN=stevecrozz
DRONE_GITHUB=true
DRONE_GITHUB_CLIENT=...
DRONE_GITHUB_SECRET=...
DRONE_OPEN=true
DRONE_ORGS=myorg
When I attempt to log in, I get:
msg="cannot verify team membership for ."
I was expecting to be logged in since I am a member of 'myorg' on github. It isn't clear to me what I can do to troubleshoot from here.

In this case, it turned out that the Github OAuth application had not yet been approved by 'myorg' on Github. Once an administrator approved the application, I was able to successfully log into my drone application and use it.

Related

Logon failed, use Ctrl + C to cancel basic credential prompt

I'm facing problems while trying to pull/push my code into a GitHub repository using the cmd prompt for the last two days. How can I resolve this issue?
Logon failed, use Ctrl + C to cancel basic credential prompt. Username for 'https://github.com': satyendrasingh8 Password for 'https://satyendrasingh8#github.com': remote: Invalid username or password. fatal: Authentication failed for 'https://github.com/satyendrasingh8/chatApp.git/'
Fitz_Hoo is right! I just wanted to give a more detailed explanation that fix my issue. Essentially GitHub deprecated their password authentication recently (you can read more by clicking here).
Now instead of adding your username/email and password, you will login with your browser. The image below is the new interface. As Fitz_hoo mentions, you must update your Git to see the new changes!
If you are using Windows, you can simply use this command below to update your Git:
git update-git-for-windows
I fixed the problem just simply by upgrading my client Git Bash to the latest version!
When I encountered the problem, I received an email from a GitHub official, who told me the reason was mainly the Git version was incompatible:
GitHub has changed how users authenticate when using Git for Windows, and now requires the use of a web browser to authenticate to GitHub. To be able to login via web browser, users need to update to the latest version of Git for Windows. You can download the latest version at:
https://gitforwindows.org/
One reason for this message could be that the remote branch you were trying to pull was already deleted.
Delete the GitHub entry from Credential Manager: Control Panel → User Accounts → Credential Manager.
Then push the code again.
For me, the problem was that instead of my username I was trying to login with my email.
I received an email from GitHub telling me
We recently updated the format of our API authentication tokens,
providing additional security benefits to all our customers. In order
to benefit from this new format, please regenerate your personal
access token
I regenerated my personal access token (PAT) and was then unable to log in from command line on Windows 10 when I tried something like git pull.
A window would pop up, inviting me to enter 'username or email' and password. I tried various combinations, using the PAT, as mentioned in the GitHub documentation, and the actual password, but every time I received:
Logon failed, use ctrl+c to cancel basic credential prompt
Thanks to the answers from Fitz_Hoo and ousecTic, I updated my Git install with the command provided by ousecTic, and the authentication process was then completely different.
You can opt to use a PAT, but when you paste it in, no characters at all are shown, so just hit Enter.
In my case, I had this issue in relation to the federated authentication to AWS CodeCommit. The fix was to upgrade git to +v2.30.z (i.e. 2.35.3) and disable interactive prompt (docs):
git config --global credential.interactive false
A global configuration in ~/.gitconfig would look like:
[credential]
interactive = false
A AWS CodeCommit specific configuration, would look like (in ~/.gitconfig):
[credential "https://git-codecommit.us-east-1.amazonaws.com"]
interactive = false
here is the solution which works for me, uninstall Git from Machine after that install new version of it and sign in via web

ERROR: (gcloud.compute.ssh) Could not fetch resource: - Insufficient Permission

I am having trouble working through the Compute Engine Quickstart: Build a to-do app with a MongoDB tutorial. (edit: I am running the tutorial from within the compute engine console; i.e. https://console.cloud.google.com/compute/instances?project=&tutorial=compute_quickstart)
I SSH into the backend instance. I enter the "gcloud compute" command as copied from the tutorial. I am prompted to enter a passphrase. The following is returned:
WARNING: The public SSH key file for gcloud does not exist.
WARNING: The private SSH key file for gcloud does not exist.
WARNING: You do not have an SSH key for gcloud.
WARNING: SSH keygen will be executed to generate a key.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in
...
<< Identifying detail ommitted >>
...
**ERROR: (gcloud.compute.ssh) Could not fetch resource:
- Insufficient Permission**
I had run through this stage of the tutorial on a previous occasion with no problems.
I am working from a Windows 10 PC with the google-cloud-sdk installed. I am using google chrome. I have tried in both regular and incognito modes.
Any help or advice greatfully received!
DaveDub
It looks like the attempt to SSH is recognising the instance in your project, but the user doesn't have the required permissions to access the machine.
Have you tried running:
gcloud auth login
and completing the web-based authorization to ensure you are attempting to access the machine as the correct (authenticated) user? This process ensures the Cloud SDK you are running inherits the permissions of the user specified in the web-based authorisation. See here for more information on this.
It's also worth adding the link to the tutorial you are following to your question.
Besides the accepted answer, be sure you are in the correct gcloud project
gcloud projects list
Then
gcloud config set project <your-project>
I just ran into this for yet another reason. Google has always had poor handling of multi-user auth conflicts with their business products. Whatever you sign into a clean chrome session with 'first' gets a 'special', invisible role. I've noticed with gsuite that I get 'forced' into that first user when I try to access the admin panel, and the only way to escape is to make sure that whatever google user I use for the gsuite admin is 'first', or open an incognito window. I've seen this bug for years, can't believe it still exists.
Anyways, I ran into a similar issue. Somehow I was the wrong google user, so the link I got when copy/pasting out of 'connect with gcloud command' was implying wrong google user. Only noticed later when I just gave up and used the terminal that I was not my normal user... So, might look into that.

Openshift Origin Latest Project creation issue

I am unable to create project in open shift. I created a project previously and deleted it. Looks like a project exists but unable to access or delete it. Seems like i am stuck. Also logging into the console https://console.preview.openshift.com/console/ doesn't show any existing projects.
I ran the following oc commands from the terminal.
Any suggestions on how to resolve this issue?
Thanks
XX:~ XX$ oc new-project test
Error from server: projectrequests "test" is forbidden: user XX cannot create more than 1 project(s).
XX:~ XX$ oc delete project test
Error from server: User "XX" cannot delete projects in project "test"
XX:~ XX$ oc status
Error from server: User "XX" cannot get projects in project "default"
XX:~ XX$ oc get projects
You need to give privileges/policies to your user which will allow the actions you want to perform.
If you are just in a proof-of-concept environment I would recommend the make your user cluster-admin in the whole cluster. This will give all the possible privileges to your user. Of course this in't recommended for every user in a 'real' environment.
First you need to authenticate with the 'default admin' which is created after the installation. This default admin-user isn't working with the normal user/password authentication. It's using a client certificate.
oc login -u system:admin --config=/etc/origin/master/admin.kubeconfig
Now you will see a list of the available projects (default, openshift management, etc). Now you're able to give cluster-roles to other users.
Make your user cluster-admin over the whole cluster
oadm policy add-cluster-role-to-user cluster-admin (youruser)
Now you have the cluster-admin privileges inside the whole cluster. You are also able to give privileges for some user in a specific project and not in the whole cluster. Than you have to use:
oadm policy add-role-to-user <role> <username> (in the current project)
This will give the role to a user, but only inside the project from where you've performed this command.
For more information about the avaiable cluster roles and policies I will point to the official documentation.
I raised a defect with Openshift Team as pointed out in the Support Link.
https://docs.openshift.com/online/getting_started/devpreview_faq.html#devpreview-faq-support
Here is the response i received from Support Team.
It seems that you have issued a bug and followed up for this already:
https://bugzilla.redhat.com/show_bug.cgi?id=1368862
After the cause is investigated, our operations team will sure clean up the project manually for you to allow you continue working with the developer preview
Latest update:
The project has now been cleaned up and you should be able to create a new project.
I am able to create Project in Openshift now.

Bluemix APIConnect Publishing a loopback project from command line

I am following the APIC tutorial documented here:
Publishing a project from the command line
I have gone through the steps in the tutorial to get into the APIConnect dashboard in Bluemix and into the Sandbox catalog.
I get the baseURL under api management:
e.g. https://api.us.apiconnect.ibmcloud.com/FREDusibmcom-dev/sb
Then I use that to
apic config:set
catalog=apic-catalog://api.us.apiconnect.ibmcloud.com/orgs/FREDusibmcom-dev/catalogs/sb
app=apic-app://api.us.apiconnect.ibmcloud.com/orgs/FREDusibmcom-dev/apps/acme-bank-Fred
After this as per the instructions, I try to login using my Bluemix credentials
apic login --server api.us.apiconnect.ibmcloud.com -u fred -p mypassword
This fails with:
ERROR Login to api.us.apiconnect.ibmcloud.com failed, please verify the servername and credential
Am I doing something wrong in regards to the servername or credentials that I am using? Thanks!
For your server argument in the login command, use us.apiconnect.ibmcloud.com instead. I think the api portion is throwing things off.
Once successful there, I also recommend that you run apic edit and proceed to Log in with Bluemix there, as that will ensure that you're able to publish applications to Bluemix from the CLI or API Designer.
I assume you used your actual username/password, and not "fred/mypassword".
If so, then the problem may be with the Bluemix URL. There's now a simpler way to get the app identifier and catalog identifier (and to make sure you have the right Bluemix base URL). The catalog & app tiles now have a link icon that you can click to easiy copy the catalog/app identifers:
Geting the catalog identifier
The Bluemix base URL will the part immediately following apic-catalog:// in the catalog identifier.
We're in the process of updating the docs with this.

Jenkins and Visual Studio Online integration authentication

right now I am trying to Setup Continuouse Integration - Delivery for a basic WCF Service, which will be hosted on a Microsoft Azure VM. The Project is Version Controlled through Visual Studio Online. So I installed Jenkins (also on the Azure VM), TFS plugin etc. and started the first Test Build:
As Server URL I used "[VSO Adress]/DefaultCollection"
and for Login purposes my Microsoft Account (I can Access VSO with that). The Problem is, when I run the Build I get the following error in Jenkins:
Started by user Developer
Building in workspace C:\Program Files (x86)\Jenkins\jobs\test\workspace
[workspace] $ "C:\Program Files (x86)\TEE-CLC-11.0.0.1306\TEE-CLC-11.0.0\tf.cmd" workspaces -format:brief -server:[VSO Adress]/DefaultCollection ****"
An error occurred: Access denied connecting to TFS server [VSO Adress] (authenticating as har****#*******o.com)
FATAL: Executable returned an unexpected result code [100]
ERROR: null
Finished: FAILURE
So my question is, whether it is generally possible to connect Jenkins and VSO that way and if so, which login credentials are needed
You will not be able to authenticate with your Microsoft ID as Jenkins is not able to get the encrypted token. If you head over to VSO you can open your profile (top right) and configure alternative credentials you can use them to login.
Also you can get service account credentials through the API. I created a simple tool for this: http://nakedalm.com/tfs-service-credential-viewer/
It's crude but usually works.