I tried to export an API from DEV to PROD using CLI tool and have defied the production URL for prod environment in api_params.yaml but after importing I see in prod the same url as it is in dev which is wired because I have defined url for prod in api_params.yaml. I am using wso apim 2.6.0 with import-expot2.5.0v1
The following are the console logs
[2020-06-25 15:17:05,609] INFO - CarbonAuthenticationUtil 'admin#carbon.super [-1234]' logged in at [2020-06-25 15:17:05,609+0530]
[2020-06-25 15:17:05,629] INFO - AuthenticatorUtil admin user authenticated successfully
[2020-06-25 15:17:05,820] INFO - AuthenticatorUtil admin is authorized to import and export APIs
[2020-06-25 15:17:05,851] INFO - APIService Creation of folder is successful. Directory Name : testapi1-1.0
[2020-06-25 15:17:05,859] INFO - APIService Creation of folder is successful. Directory Name : Meta-information
[2020-06-25 15:17:05,902] INFO - APIService Creation of folder is successful. Directory Name : Sequences
[2020-06-25 15:17:05,905] INFO - APIService Creation of folder is successful. Directory Name : in-sequence
[2020-06-25 15:17:05,908] INFO - APIService Creation of folder is successful. Directory Name : Custom
[2020-06-25 15:17:08,434] INFO - CarbonAuthenticationUtil 'admin#carbon.super [-1234]' logged in at [2020-06-25 15:17:08,434+0530]
[2020-06-25 15:17:09,658] INFO - CarbonAuthenticationUtil 'admin#carbon.super [-1234]' logged in at [2020-06-25 15:17:09,658+0530]
[2020-06-25 15:22:05,928] INFO - InboundDBSyncRequestEvent Running DB sync task.
Related
GitHub actions yaml:
name: Deploy to Firebase Functions on merge
"on":
push:
branches:
- main
env:
CI: false
jobs:
build_and_deploy:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout#v2
- name: "Install yarn packages"
run: yarn
working-directory: "functions"
- name: "Deploy to Firebase"
uses: w9jds/firebase-action#master
with:
args: deploy --only functions
env:
FIREBASE_TOKEN: ${{ secrets.FIREBASE_TOKEN }}
When pushing to main and viewing this action, I got this weird error:
Error: Missing permissions required for functions deploy. You must have permission iam.serviceAccounts.ActAs on service account argus-750f6#appspot.gserviceaccount.com.
To address this error, ask a project Owner to assign your account the "Service Account User" role from this URL: https://console.cloud.google.com/iam-admin/iam?project=argus-750f6
I have enabled that role (I made a custom role for just Service Account User) on argus-750f6#appspot.gserviceaccount.com. I even made argus-750f6#appspot.gserviceaccount.com owner, but that didn't work. I'm at a loss. Any suggestions?
You can check this guide on how to Simple guide to start GitHub Actions to Firebase Functions.
According to the error the service account doesn't have the correct permission role. The service account in the logs is the default service account of App Engine, make sure the default role of this service account is editor. It seems you changed the role of this default service account, that's why it cause an error to your deployment.
Then if you are using Firebase Token, you can proceed to the step 14 in order to generate your token that you will also use, and then proceed to the step 15 to store the token you got.
I followed this tutorial to deploy my web project using firebase and Gitlab CI.
I use this conf to deploy on firebase:
# .gitlab-ci.yml
deploy:
stage: deploy
environment: production
before_script:
- npm i -g firebase-tools
script:
- firebase deploy --token "$FIREBASE_TOKEN" -P "$PROJECT_NAME" --debug
only:
refs:
- master
changes:
- src/**/*
I stored the FIREBASE_TOKEN variable in my GitLab as protected and masked.
But when it's run in the pipeline it failed and return this error message:
$ firebase deploy --token "$FIREBASE_TOKEN" -P "$PROJECT_NAME" --debug
[2020-06-27T21:26:52.339Z] > command requires scopes: ["email","openid","https://www.googleapis.com/auth/cloudplatformprojects.readonly","https://www.googleapis.com/auth/firebase","https://www.googleapis.com/auth/cloud-platform"]
[2020-06-27T21:26:55.356Z] Error: Could not load the default credentials. Browse to https://cloud.google.com/docs/authentication/getting-started for more information.
at GoogleAuth.getApplicationDefaultAsync (/usr/local/lib/node_modules/firebase-tools/node_modules/google-auth-library/build/src/auth/googleauth.js:160:19)
at processTicksAndRejections (internal/process/task_queues.js:97:5)
at runNextTicks (internal/process/task_queues.js:66:3)
at listOnTimeout (internal/timers.js:518:9)
at processTimers (internal/timers.js:492:7)
at async GoogleAuth.getClient (/usr/local/lib/node_modules/firebase-tools/node_modules/google-auth-library/build/src/auth/googleauth.js:502:17)
at async GoogleAuth.getAccessToken (/usr/local/lib/node_modules/firebase-tools/node_modules/google-auth-library/build/src/auth/googleauth.js:524:24)
Error: Failed to authenticate, have you run firebase login?
ERROR: Job failed: exit code 1
I don't know why I get:
Failed to authenticate, have you run firebase login?
because I use a token to authenticate using the --token flag.
Have someone an idea why I get this error?
Ok so it was a dummy error. My variable $FIREBASE_TOKEN was not taken into account because I checked the Protect variable (Export variable to pipelines running on protected branches and tags only.) option. But I was working on a feature branch to test it that was not protected.
I encountered the same error, but through GitHub Actions. The solution was to run the command firebase init hosting:github locally, as indicated by the documentation at https://github.com/marketplace/actions/deploy-to-firebase-hosting. After signing in, this will set a GitHub Secret for you in your repository.
The following was taken from the above-mentioned documentation:
"It's important to store this token as an encrypted secret to prevent unintended access to your Firebase project. Set it in the "Secrets" area of your repository settings and add it as FIREBASE_SERVICE_ACCOUNT: https://github.com/USERNAME/REPOSITORY/settings/secrets. "
I'm setting up SBT on our buildserver (bamboo) for multiple buildagents. For this I created for each agent a separate directory which contains the agent specific config and the .ivy home to make sure agent isolation is fullfilled.
The build itself is call like this:
/sbt-launcher-packaging-0.13.13/bin/sbt -java-home /usr/lib/jvm/jdk1.7.0_79 -Dsbt.override.build.repos=true -Dsbt.repository.config=/data/bamboo/localbuildagents/${bamboo.agentId}/sbt/sbt.conf -Dsbt.ivy.home=/data/bamboo/localbuildagents/${bamboo.agentId}/.ivy2 clean compile dist
The credentials (basic realm) are store under the user home which is starting the bamboo server (~/.sbt/.credentials and ~/.sbt/0.13/plugins/credentials.sbt)
Each sbt.conf contains the agent-specific repos e.g the agent specific local maven repo and urls for the remote artifactory.
[repositories]
local-buildagent-mvn: file:///data/bamboo/home/.m2/AGENT-xxxxxxxx/repository/
ivy-release: http://xxx/artifactory/ivy-release/, [organization]/[module]/(scala_[scalaVersion]/)(sbt_[sbtVersion]/)[revision]/[type]s/[artifact](-[classifier]).[ext]
mvn-release: http://xxx/artifactory/libs-release/
mvn-snapshot: http://xxx/artifactory/libs-snapshot/
[ivy]
ivy-home: file:///data/bamboo/localbuildagents/xxxxxxxx/.ivy2/
I'm encountering login problems while sbt is checking the remote artifactory repos (first http error 401 and then surprisingly 403). A curl with the same credentials and repo url is working as expected (first 401 and then 200).
I guess, that if -D switches are used for sbt startup, the credentials are not considered. I'm really stuck any advise warmly welcome...
From your question I don't see if you specified where your credentials are defined. In case you didn't do it, you must add something like this to your build definition (documentation):
// inline
credentials += Credentials("Some Nexus Repository Manager", "my.artifact.repo.net", "admin", "admin123")
// file
credentials += Credentials(Path.userHome / ".ivy2" / ".credentials")
I am coding a Java project and I'm automating the build and the publishing to JFrog Artifactory using SBT.
Whenever it's time to publish to Artifactory I want to do it using the Ivy directory layout and obviously publish the Ivy XML file along with the jar. I managed to achieve this by using the following lines in the build.sbt file:
crossPaths := false
publishTo := Some("Artifactory Realm" at "http://<Artifactory IP>:<Artifactory Port>/artifactory/org.project.my")
credentials += Credentials(Path.userHome / ".ivy2" / ".credentials")
publishMavenStyle := false
However it only works when anonymous users are allowed to deploy into Artifactory. I realized that sbt is not really passing my credentials to Artifactory but, instead, logging in as anonymous.
My $HOME/.ivy2/.credentials file looks like this:
realm=Artifactory Realm
host=http://<Artifactory IP>:<Artifactory Port>/artifactory/org.project.my
user=<my user name>
password=<my user name>
However, if I change the Artifactory configuration in order to prevent anonymous users from deploying new Artifacts, when I run "sbt publish" I get the following output:
[error] Unable to find credentials for [Artifactory Realm # <Artifactory IP>].
java.io.IOException: Access to URL http://<Artifactory IP>:<Artifactory Port>/artifactory//org.project.my/org/project/my/project-my/1.0.0/project-my-1.0.0.jar was refused by the server: Unauthorized
The Artifactory request.log file then contains:
20160219011657|319|REQUEST|10.0.2.2|anonymous|PUT|/org.project.my/org/project/my/project-my/1.0.0/project-my-1.0.0.jar|HTTP/1.1|401|24978
I have also tried passing the credentials manually instead of using a file:
credentials += Credentials("Artifactory Realm", "localhost", "<USERNAME>", "<PASS>")
But I am getting the same result.
Any idea what I might be missing?
try:
host=<Artifactory IP>
old answer (doesn't work):
host=<Artifactory IP>:<Artifactory port>
I had a different problem: I had the wrong realm set on my .credentials file.
Looking at the error output from sbt, I was able to figure out that I should use:
realm=Artifactory Realm
Error shows the expected values for realm and host:
[error] Unable to find credentials for [Artifactory Realm # myhost].
I am trying to put my website in production with capifony (capistrano) symfony2 app
Everything goes well but at some point it asks about Github credentials for private repos.
here is my error
[out :: web-dev.domain.com] Could not fetch
https://api.github.com/repos/sensio/SensioDistributionBundle/zipball/4a2c803dc8db79952ad5e71783c16178427bbc02,
enter your GitHub credentials to access private repos ** [out ::
web-dev.domain.com] The credentials will be swapped for an OAuth token
stored in /home/webdev/.composer/config.json, your password will not
be stored ** [out :: web-dev.domain.com] To revoke access to this
token you can visit https://github.com/settings/applications [out ::
web-dev.domain.com] Username:
When I enter my username and press enter, nothing happened just goes to new line. Is there any solution for this problem?
This solved my problem:
https://help.github.com/articles/using-ssh-agent-forwarding
I ran into the same problem running composer install (not with capifony).
The fix I found was explained here: https://coderwall.com/p/xanheg
It seems sensio has renamed their repo from sensio to sensiolabs. So I:
removed the vendors/sensio folder
in composer.lock renamed all instances of https://github.com/sensio to https://github.com/sensiolabs, and https://api.github.com/repos/sensio to https://api.github.com/repos/sensiolabs
Ran composer install and all worked correctly
To avoid interactive (but disruptive) credentials ask, you can add this line in your deploy.rb file :
ssh_options[:forward_agent] = true
It transfers your SSH key for github access.