Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Ruby error in handle_composer_errors #1003

Closed
FinishingLine opened this issue Feb 21, 2024 · 8 comments
Closed

Ruby error in handle_composer_errors #1003

FinishingLine opened this issue Feb 21, 2024 · 8 comments
Labels
bug Something isn't working

Comments

@FinishingLine
Copy link

FinishingLine commented Feb 21, 2024
edited
Loading

Describe the bug
A ruby error is being triggered when Dependabot is running since Monday and unable to fetch the git URL in Azure Repos (error suggests an authentication issue, but possibly also in part that our private repo has no version?)

Nothing has changed in our pipeline or dependabot files and token hasn't expired/revoked (but have tried regenerating anyway)

/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/dependabot-composer-0.246.0/lib/dependabot/composer/update_checker/version_resolver.rb:260:in `handle_composer_errors': The following git URLs could not be retrieved: https://dev.azure.com/**/**/_git/** (Dependabot::GitDependenciesNotReachable)
	from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/dependabot-composer-0.246.0/lib/dependabot/composer/update_checker/version_resolver.rb:88:in `rescue in fetch_latest_resolvable_version_string'
	from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/dependabot-composer-0.246.0/lib/dependabot/composer/update_checker/version_resolver.rb:78:in `fetch_latest_resolvable_version_string'
	from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/dependabot-composer-0.246.0/lib/dependabot/composer/update_checker/version_resolver.rb:65:in `fetch_latest_resolvable_version'
	from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/dependabot-composer-0.246.0/lib/dependabot/composer/update_checker/version_resolver.rb:55:in `latest_resolvable_version'
	from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/dependabot-composer-0.246.0/lib/dependabot/composer/update_checker.rb:122:in `fetch_lowest_resolvable_security_fix_version'
	from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/dependabot-composer-0.246.0/lib/dependabot/composer/update_checker.rb:48:in `lowest_resolvable_security_fix_version'
	from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/dependabot-common-0.246.0/lib/dependabot/update_checkers/base.rb:124:in `preferred_resolvable_version'
	from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11284/lib/types/private/methods/call_validation_2_7.rb:919:in `bind_call'
	from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11284/lib/types/private/methods/call_validation_2_7.rb:919:in `block in create_validator_method_medium0'
	from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/dependabot-common-0.246.0/lib/dependabot/update_checkers/base.rb:343:in `preferred_version_resolvable_with_unlock?'
	from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11284/lib/types/private/methods/call_validation_2_7.rb:919:in `bind_call'
	from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11284/lib/types/private/methods/call_validation_2_7.rb:919:in `block in create_validator_method_medium0'
	from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/dependabot-common-0.246.0/lib/dependabot/update_checkers/base.rb:334:in `numeric_version_can_update?'
	from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11284/lib/types/private/methods/call_validation.rb:270:in `bind_call'
	from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11284/lib/types/private/methods/call_validation.rb:270:in `validate_call'
	from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11284/lib/types/private/methods/_methods.rb:277:in `block in _on_method_added'
	from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/dependabot-common-0.246.0/lib/dependabot/update_checkers/base.rb:277:in `version_can_update?'
	from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11284/lib/types/private/methods/call_validation.rb:167:in `bind_call'
	from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11284/lib/types/private/methods/call_validation.rb:167:in `validate_call_skip_block_type'
	from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11284/lib/types/private/methods/call_validation.rb:109:in `block in create_validator_slow_skip_block_type'
	from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/dependabot-common-0.246.0/lib/dependabot/update_checkers/base.rb:93:in `can_update?'
	from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11284/lib/types/private/methods/call_validation.rb:167:in `bind_call'
	from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11284/lib/types/private/methods/call_validation.rb:167:in `validate_call_skip_block_type'
	from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11284/lib/types/private/methods/call_validation.rb:109:in `block in create_validator_slow_skip_block_type'
	from bin/update_script.rb:595:in `block in <main>'
	from bin/update_script.rb:545:in `each'
	from bin/update_script.rb:545:in `<main>'
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/dependabot-common-0.246.0/lib/dependabot/shared_helpers.rb:189:in `run_helper_subprocess': Failed to execute git clone --mirror -- 'https://**@dev.azure.com/**/**/_git/**' '/home/dependabot/.cache/composer/vcs/https---**-dev.azure.com-**-**--git-**/' (Dependabot::SharedHelpers::HelperSubprocessFailed)

Cloning into bare repository '/home/dependabot/.cache/composer/vcs/https---**-dev.azure.com-**-**--git-**'...
fatal: Authentication failed for 'https://dev.azure.com/**/**/_git/**/'
	from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11284/lib/types/private/methods/call_validation.rb:270:in `bind_call'
	from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11284/lib/types/private/methods/call_validation.rb:270:in `validate_call'
	from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11284/lib/types/private/methods/_methods.rb:277:in `block in _on_method_added'
	from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/dependabot-composer-0.246.0/lib/dependabot/composer/update_checker/version_resolver.rb:140:in `block in run_update_checker'
	from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/dependabot-common-0.246.0/lib/dependabot/shared_helpers.rb:265:in `with_git_configured'
	from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11284/lib/types/private/methods/call_validation.rb:270:in `bind_call'
	from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11284/lib/types/private/methods/call_validation.rb:270:in `validate_call'
	from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11284/lib/types/private/methods/call_validation.rb:191:in `block in create_validator_slow'
	from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/dependabot-composer-0.246.0/lib/dependabot/composer/update_checker/version_resolver.rb:139:in `run_update_checker'
	from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/dependabot-composer-0.246.0/lib/dependabot/composer/update_checker/version_resolver.rb:82:in `block in fetch_latest_resolvable_version_string'
	from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/dependabot-common-0.246.0/lib/dependabot/shared_helpers.rb:81:in `block in in_a_temporary_directory'
	from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/dependabot-common-0.246.0/lib/dependabot/shared_helpers.rb:81:in `chdir'
	from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/dependabot-common-0.246.0/lib/dependabot/shared_helpers.rb:81:in `in_a_temporary_directory'
	from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11284/lib/types/private/methods/call_validation.rb:270:in `bind_call'
	from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11284/lib/types/private/methods/call_validation.rb:270:in `validate_call'
	from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11284/lib/types/private/methods/_methods.rb:277:in `block in _on_method_added'
	from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/dependabot-composer-0.246.0/lib/dependabot/composer/update_checker/version_resolver.rb:80:in `fetch_latest_resolvable_version_string'
	from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/dependabot-composer-0.246.0/lib/dependabot/composer/update_checker/version_resolver.rb:65:in `fetch_latest_resolvable_version'
	from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/dependabot-composer-0.246.0/lib/dependabot/composer/update_checker/version_resolver.rb:55:in `latest_resolvable_version'
	from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/dependabot-composer-0.246.0/lib/dependabot/composer/update_checker.rb:122:in `fetch_lowest_resolvable_security_fix_version'
	from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/dependabot-composer-0.246.0/lib/dependabot/composer/update_checker.rb:48:in `lowest_resolvable_security_fix_version'
	from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/dependabot-common-0.246.0/lib/dependabot/update_checkers/base.rb:124:in `preferred_resolvable_version'
	from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11284/lib/types/private/methods/call_validation_2_7.rb:919:in `bind_call'
	from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11284/lib/types/private/methods/call_validation_2_7.rb:919:in `block in create_validator_method_medium0'
	from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/dependabot-common-0.246.0/lib/dependabot/update_checkers/base.rb:343:in `preferred_version_resolvable_with_unlock?'
	from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11284/lib/types/private/methods/call_validation_2_7.rb:919:in `bind_call'
	from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11284/lib/types/private/methods/call_validation_2_7.rb:919:in `block in create_validator_method_medium0'
	from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/dependabot-common-0.246.0/lib/dependabot/update_checkers/base.rb:334:in `numeric_version_can_update?'
	from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11284/lib/types/private/methods/call_validation.rb:270:in `bind_call'
	from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11284/lib/types/private/methods/call_validation.rb:270:in `validate_call'
	from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11284/lib/types/private/methods/_methods.rb:277:in `block in _on_method_added'
	from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/dependabot-common-0.246.0/lib/dependabot/update_checkers/base.rb:277:in `version_can_update?'
	from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11284/lib/types/private/methods/call_validation.rb:167:in `bind_call'
	from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11284/lib/types/private/methods/call_validation.rb:167:in `validate_call_skip_block_type'
	from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11284/lib/types/private/methods/call_validation.rb:109:in `block in create_validator_slow_skip_block_type'
	from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/dependabot-common-0.246.0/lib/dependabot/update_checkers/base.rb:93:in `can_update?'
	from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11284/lib/types/private/methods/call_validation.rb:167:in `bind_call'
	from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11284/lib/types/private/methods/call_validation.rb:167:in `validate_call_skip_block_type'
	from /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11284/lib/types/private/methods/call_validation.rb:109:in `block in create_validator_slow_skip_block_type'
	from bin/update_script.rb:595:in `block in <main>'
	from bin/update_script.rb:545:in `each'
	from bin/update_script.rb:545:in `<main>'
##[error]The process '/usr/bin/docker' failed with exit code 1
@mburumaxwell
Copy link
Contributor

Still the case with version 1.27.x?

@FinishingLine
Copy link
Author

FinishingLine commented Mar 15, 2024
edited
Loading

@mburumaxwell Still happening 😥 I've updated the original error in the first post with updated output

@vitorelli
Copy link

vitorelli commented Apr 2, 2024
edited
Loading

I am facing the same issue. When try to update git submodules it shows

/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/dependabot-common-0.249.0/lib/dependabot/git_metadata_fetcher.rb:112:in fetch_upload_pack_for: The following git URLs could not be retrieved: https://mygitsubmodule_url (Dependabot::GitDependenciesNotReachable)

Any ideas how to solve it?

@mburumaxwell
Copy link
Contributor

Could this be related to #504 ?

@mburumaxwell mburumaxwell added the bug Something isn't working label Jun 8, 2024
@FinishingLine
Copy link
Author

It worked fine in January and part of February (19th Feb may have been the last day it worked, so it may be something in 1.26.2 or 1.26.3 that caused it to fail?), though the linked issue is from February last year so may not be related?

The immediate line before was checking is twig 3.8.0 should be updated, but the version resolver ruby file error (as included in the issue) is related to our ADO private repo not resolving (though nothing changed)

@mburumaxwell
Copy link
Contributor

If after today's version, this still occurs. I recommend confirming that the token has access to the second repository (sometimes things change without our knowledge). Should it persist beyond that, you would have to raise the issue at https://github.com/dependabot/dependabot-core because that's an implementation detail that I have no clue how to solve. We can keep this open for a few weeks until then.

@mburumaxwell mburumaxwell closed this as not planned Won't fix, can't repro, duplicate, stale Jul 25, 2024
@FinishingLine
Copy link
Author

FinishingLine commented Oct 22, 2024
edited
Loading

@mburumaxwell not sure if helps, but had a reply from someone dependabot/dependabot-core#9978 where it seems something needs fixing here

The version of the Azure DevOps task used by OP has known auth issues which are caused because the credentials proxy is not used when running the updater. Using the latest task version should fix the issue.

Not sure if the latest version fixed the issue as had issue last night/9 hours ago still with 1.36

@rhyskoedijk
Copy link
Contributor

rhyskoedijk commented Oct 22, 2024
edited
Loading

@FinishingLine it was me 😄

My comment might have been a bit cryptic; what I was trying to say is that the authentication issues in TaskV1 have been fixed in this project if you upgrade to TaskV2, which handles private feed authentication more like the GitHub Dependabot does.

If your pipeline is still failing, I'm going to assume your pipeline is still using version 1 of the task; Would you be able to try it with version 2 and see if it resolves the issue?

If you still have auth issues, opening a new issue in this project would be helpful so we can investigate it with more relevant logs

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@rhyskoedijk @mburumaxwell @vitorelli @FinishingLine