Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Crawler fails due to lack of authentication #3968

Closed
NotMyFault opened this issue Mar 1, 2024 · 5 comments
Closed

Crawler fails due to lack of authentication #3968

NotMyFault opened this issue Mar 1, 2024 · 5 comments
Assignees
@lemeurherve
Labels
trusted.ci.jenkins.io
Milestone
infra-team-sync-2...

Comments

@NotMyFault
Copy link
Member

Service(s)

trusted.ci.jenkins.io

Summary

Starting March the 1st, the crawler builds fail with

01:39:53  INFO: Failed to scan directory/file . Logging errors in scanning logs.
01:39:53  
01:39:53  Cannot perform sync due to error: GET https://updatesjenkinsio.file.core.windows.net/updates-jenkins-io/updates
01:39:53  --------------------------------------------------------------------------------
01:39:53  RESPONSE 403: 403 Server failed to authenticate the request. Make sure the value of Authorization header is formed correctly including the signature.
01:39:53  ERROR CODE: AuthenticationFailed
01:39:53  --------------------------------------------------------------------------------
01:39:53  <?xml version="1.0" encoding="utf-8"?><Error><Code>AuthenticationFailed</Code><Message>Server failed to authenticate the request. Make sure the value of Authorization header is formed correctly including the signature.
01:39:53  RequestId:99b5a69b-901a-000a-1370-6be3e6000000
01:39:53  Time:2024-03-01T00:39:53.5940990Z</Message><AuthenticationErrorDetail>Signature not valid in the specified time frame: Start [Mon, 01 Jan 2024 00:00:00 GMT] - Expiry [Fri, 01 Mar 2024 00:00:00 GMT] - Current [Fri, 01 Mar 2024 00:39:53 GMT]</AuthenticationErrorDetail></Error>
01:39:53  --------------------------------------------------------------------------------

Reproduction steps

No response
@NotMyFault NotMyFault added the triage Incoming issues that need review label Mar 1, 2024
@lemeurherve
Copy link
Member

lemeurherve commented Mar 1, 2024
edited

Thanks for the issue!

The SAS token is expired, I need to renew it, then in a second time to replace it with a short lived SAS token generated from a service principal.

Ref for later:

@lemeurherve lemeurherve self-assigned this Mar 1, 2024
@lemeurherve lemeurherve removed the triage Incoming issues that need review label Mar 1, 2024
@lemeurherve lemeurherve added this to the infra-team-sync-2024-03-05 milestone Mar 1, 2024
This was referenced Mar 1, 2024
Closed
Open
@lemeurherve
Copy link
Member

lemeurherve commented Mar 1, 2024
edited

New SAS token expiring on the 2 of April generated, credentials updates-jenkins-io-file-share-sas-token-query-string updated on trusted.ci.jenkins.io, crawler job is now failing on the R2 bucket sync (another expired credentials 😓).

@lemeurherve
Copy link
Member

I've made modifications in terraform-states (private repo) to update cloudflare tokens but can't apply them at the moment as I encounter a GPG error (and as it's quite late for me already).
Will continue later, the azure file storage has been updated.

@lemeurherve lemeurherve mentioned this issue Mar 5, 2024
Merged
@lemeurherve lemeurherve mentioned this issue Mar 6, 2024
Merged
@lemeurherve
Copy link
Member

Ran a crawler job on trusted.ci.jenkins.io: ✅

@lemeurherve
Copy link
Member

lemeurherve commented Mar 6, 2024
edited

New SAS token expiring on the 2 of April generated, credentials updates-jenkins-io-file-share-sas-token-query-string updated on trusted.ci.jenkins.io

This token will be replaced by a short-lived one.

Ref:

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@lemeurherve lemeurherve

Labels
trusted.ci.jenkins.io
Projects
None yet
Milestone
infra-team-sync-2024-03-12
Development

No branches or pull requests
3 participants
@dduportal @NotMyFault @lemeurherve