fedora-infrastructure

Clone
Source Code
GIT

#10222 [release-monitoring] Github OpenShift webhook returns 401
Closed: Fixed 3 years ago by zlopez. Opened 3 years ago by zlopez.

Closed: Fixed
Reopen Issue

Describe what you would like us to do:

For Anitya I have a Github webhook setup to automatically build a new version of Anitya when there is a new commit pushed to either staging or production branch. It was set up using this guide https://docs.openshift.com/container-platform/3.11/dev_guide/builds/triggering_builds.html

In past it worked, but recently I noticed that I'm getting 401 with this json response

{"kind":"Status","apiVersion":"v1","metadata":{},"status":"Failure","message":"the webhook \"github\" for \"release-monitoring-web-build\" did not accept your secret","reason":"Unauthorized","code":401}

I didn't do any change in the webhook for long time and it seems I can't look at the secret at all to verify if it's correct, so I'm stuck here. It stopped working for both staging and production webhook as well.

The OpenShift project is release-monitoring: staging and [production]((https://os.fedoraproject.org/console/project/release-monitoring)

The Github repository can be found here

Could you look at it?

When do you need this to be done by? (YYYY/MM/DD)

It's not urgent as I can still trigger the builds manually, but it's annoying that this automation doesn't work

You should be able to see the secret directly in your buildconfig yaml as you're not using openshift secret for it according to your deployment playbook.
You can use the cli oc -n release-monitoring get bc/release-monitoring-web-build -o yaml or on the UI : Actions -> Edit YAML (it will not be displayed in GitHub Webhook URL on the build configuration page).

Metadata Update from @zlopez:
- Issue priority set to: Waiting on Assignee (was: Needs Review)
- Issue tagged with: low-gain, low-trouble, ops
3 years ago

You should be able to see the secret directly in your buildconfig yaml as you're not using openshift secret for it according to your deployment playbook.
You can use the cli oc -n release-monitoring get bc/release-monitoring-web-build -o yaml or on the UI : Actions -> Edit YAML (it will not be displayed in GitHub Webhook URL on the build configuration page).

Thanks, I can see the secret in annotations of BuildConfig and it is really different. So I changed it on the Anitya and the webhook is now working. Closing this issue.

I only see <secret> in the URL, so I'm not able to check this.

Metadata Update from @zlopez:
- Issue close_status updated to: Fixed
- Issue status updated to: Closed (was: Open)
3 years ago

Log in to comment on this ticket.

Metadata
None

ops low-trouble low-gain

None
None
Waiting on Assignee
Boards 1
ops Status: Done
Powered by Pagure 5.14.1
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.