You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We use app_auth as method to authenticate against our GHE and since we've upgraded to v5.8.0 this produces an authentication error. For example:
Exception: invoke of github:index/getRepository:getRepository failed: invocation of github:index/getRepository:getRepository returned an error: invoking github:index/getRepository:getRepository: GET https://<ghe-instance>/api/v3/repos/<owner>/<repo>: 401 Must authenticate to access this API. []
It seems to affect resources and functions alike.
When downgrading to the previous version (v5.7.0) it works.
Expected Behavior
The expected behavior is that with a github provider using app_auth it should be possible to access the GH(E) API.
Note that this also includes a Terraform version of the Pulumi app, using the terraform-github provider this provider is based on. However, using app auth with the Terraform provider still works - tested v5.20.0 (used in v5.7.0), v5.23.0 (used in v5.8.0), and v5.25.0.
Additional context
What I also noticed is that, setting the pem_file to any invalid value - a path, or a random string - does not produce the error: no decodeable PEM data found error as described in #348.
I also glanced at the "changelog" (v5.7.0...v5.8.0 ) but have not found anything so far.
Edit: What also works is setting the environment variables and just initializing the app auth args with empty values:
So by the looks of it the app auth is not set correctly by the pulumi provider.
Output of pulumi about
CLI
Version 3.66.0
Go Version go1.20.4
Go Compiler gc
Plugins
NAME VERSION
github 5.8.0
python unknown
Host
OS darwin
Version 13.3.1
Arch arm64
This project is written in python: executable='/Playground/pulumi-stuff/test-github-provider/.venv/bin/python3' version='3.11.3
'
Current Stack: test-github-provider/dev
TYPE URN
pulumi:pulumi:Stack urn:pulumi:dev::test-github-provider::pulumi:pulumi:Stack::test-github-provider-dev
pulumi:providers:pulumi urn:pulumi:dev::test-github-provider::pulumi:providers:pulumi::default
pulumi:pulumi:StackReference urn:pulumi:dev::test-github-provider::pulumi:pulumi:StackReference::common-config-stack
pulumi:providers:github urn:pulumi:dev::test-github-provider::pulumi:providers:github::github-provider
Found no pending operations associated with dev
Backend
<redacted>
Dependencies:
NAME VERSION
pip 23.0.1
pulumi-github 5.8.0
setuptools 67.4.0
test-github-provider 0.1.0
wheel 0.38.4
Pulumi locates its logs in /var/folders/5b/dd8bgp9178s13b8bm4g7vhs40000gn/T/ by default
Contributing
No response
The text was updated successfully, but these errors were encountered:
Hi @ederst - thank you so much for this very thorough issue ❤️ . Thank you also for providing workarounds, though of course we understand they aren't a solution.
What happened?
We use
app_auth
as method to authenticate against our GHE and since we've upgraded to v5.8.0 this produces an authentication error. For example:It seems to affect resources and functions alike.
When downgrading to the previous version (v5.7.0) it works.
Expected Behavior
The expected behavior is that with a github provider using
app_auth
it should be possible to access the GH(E) API.Steps to reproduce
I have coded a sample app to reproduce: https://github.com/ederst/pulumi-in-a-pickle/tree/github-provider-app-auth
Note that this also includes a Terraform version of the Pulumi app, using the terraform-github provider this provider is based on. However, using app auth with the Terraform provider still works - tested v5.20.0 (used in v5.7.0), v5.23.0 (used in v5.8.0), and v5.25.0.
Additional context
What I also noticed is that, setting the
pem_file
to any invalid value - a path, or a random string - does not produce theerror: no decodeable PEM data found
error as described in #348.I also glanced at the "changelog" (v5.7.0...v5.8.0 ) but have not found anything so far.
Edit: What also works is setting the environment variables and just initializing the app auth args with empty values:
So by the looks of it the app auth is not set correctly by the pulumi provider.
Output of
pulumi about
Contributing
No response
The text was updated successfully, but these errors were encountered: