HI
i am in stage of integrating chef habitat to github after installation of on-prem . i configured under applications and settings , but it is not working . is there a way to troubleshoot where it went wrong. my builder UI can redirect to github URL , but after that it is not able to authenticate and do a callback to habitat URL .
You can enable debug logging, there’s some instructions in the README of the on-prem-builder repo: https://github.com/habitat-sh/on-prem-builder/ search for “Debug Logging”.
Some things it could be: Incorrect callback URI, Proxies getting in the way.
Thanks bro.
i enabled the loggin , but i dont see any clue why the authentication is not happening .
i setup the proxy already using export proxy command.
Can you paste the contents of your systemd unit file? That should contain your proxy settings.
@prashi89
I’ve seen this when my bldr.env isn’t quite correct.
Can you confirm that in bldr.env :
APP_URL ends with “/”
OAUTH_REDIRECT_URL ends with “/”
OAUTH_CLIENT_ID is complete and correct
OAUTH_CLIENT_SECRET is complete and correct
Apply changes to the bldr.env:
bash ./install.sh
Hi Predominant,
are you asking for the below file?
system]# vi hab-sup.service
[Unit]
Description=Habitat Supervisor
[Service]
ExecStartPre=/bin/bash -c “/bin/systemctl set-environment SSL_CERT_FILE=/hab/pkgs/core/cacerts/2018.12.05/20190115014206/ssl/cert.pem”
ExecStart=/bin/hab sup run
ExecStop=/bin/hab sup term
KillMode=process
LimitNOFILE=65535
[Install]
WantedBy=default.target
HI Kagarmoe,
yes i applied the same settings in env file . my builder ui can redirect to github and i enter credentails in github , after that it is not redirecting back to the builder UI page
Hi
Any other suggestions , anything i can check in github side ?
Hi Kagarmoe/Predominant,
i see now the errors from gitlab response , any idea what these errors are referring to
hab[11378]: builder-api.default(O): [2019-10-11T07:00:53Z DEBUG reqwest::async_impl::response] Response: ‘403 Forbidden’ for https://gitlab.xxx.xxxx.xxx/api/v4/user
hab[11378]: builder-api.default(O): [2019-10-11T07:00:53Z DEBUG tokio_reactor::registration] scheduling Read for: 0
hab[11378]: builder-api.default(O): [2019-10-11T07:00:53Z DEBUG oauth_client::gitlab] GitLab response body: {“error”:“insufficient_scope”,“error_description”:“The request requires higher privileges than provided by the access token.”,“scope”:“read_user api”}
hab[11378]: builder-api.default(O): [2019-10-11T07:00:53Z INFO actix_web::middleware::logger] 10.xxx.xxx.xx:50494 “GET /v1/authenticate/7d04d7513d1f3391aad9efbe4eb37ddcfc479b40339547fbbc26eae0f8677b9c HTTP/1.1” 401 0 “http://10.XXX.XXXX.XXXX/?code=7d04d7513d1f3391aad9efbe4eb37ddcfc479b40339547fbbc26eae0f8677b9c&state=8e721445-382a-4193-bfd7-3bce8fa4d5f3” “Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36” 1.134844
hab[11378]: builder-api.default(O): [2019-10-11T07:04:08Z DEBUG reqwest::async_impl::response] Response: ‘401 Unauthorized’ for https://gitlab.xxxx.xxx.xxx/vasiredp
hab[11378]: builder-api.default(O): [2019-10-11T07:04:08Z DEBUG tokio_reactor::registration] scheduling Read for: 0
hab[11378]: builder-api.default(O): [2019-10-11T07:04:08Z DEBUG oauth_client::gitlab] GitLab response body: {“error”:“You need to sign in or sign up before continuing.”}
hab[11378]: builder-api.default(O): [2019-10-11T07:04:08Z INFO actix_web::middleware::logger] 10.xxx.xxx.xx:51310 “GET /v1/authenticate/372a39bd831655b4a8c46a397d9aee2bd6f86408f4892ad1a3a157f5794e409c HTTP/1.1” 401 0 “http://10.XXX.XXXX.XXXXX/?code=372a39bd831655b4a8c46a397d9aee2bd6f86408f4892ad1a3a157f5794e409c&state=8e721445-382a-4193-bfd7-3bce8fa4d5f3” “Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36” 1.138843