Hi,
Thank you for your reply - sorry I got pulled away to another task.
For the task config:
Command: /bin/sh
Arguments: ./{companyName}/game-deploy/checkToken.sh
Inside the script:
#! /bin/bash
curl "https://{COMPANY NAME}/go/api/stages/testStage/Deploy/history" \
-H "Authorization: Bearer $GOCD_ACCESS_TOKEN" \
-H 'Accept: application/vnd.go.cd.v3+json'
echo cksum $GOCD_ACCESS_TOKEN
I have taken your suggestion of wrapping this in a script rather than
having it as an argument. It now passes but in the console it shows "cksum
*******". How would I be able to compare the cksum of the token if it is
hidden from me? I already have the cksum from when I tested on VS Code, I
am not sure how to proceed in GOCD.
>From some testing, I found that if I use my personal access token in this
script on Notepad++, it will return an answer. If I use GOCD_ACCESS_TOKEN
in Notepad, it will fail, telling me I am not authenticated. However it
will pass in the same script in GOCD.
If I am correct and that when "cksum ****" appears, that means I have
passed the auth check, I am still not sure how I managed to fix the problem
for when this happens in the future.
What would your advice for my next steps be?
Thank you,
Gabes.
On Fri, Feb 19, 2021 at 11:48 AM Marques Lee <[email protected]>
wrote:
> Can you post your task config? Just a guess before actually seeing your
> config is that you might be putting ${GOCD_ACCESS_TOKEN} as a raw argument.
> Since the arguments are effectively shell-escaped, `curl` might be sending
> the literal text ${GOCD_ACCESS_TOKEN} instead of interpolating your secret
> variable.
>
> The solution to that is to either:
>
> - Wrap your `curl` call with `bash -c`, or
> - Wrap this in a script and call your script
>
> In either case above, curl will receive the interpolated value.
>
> But, let's take a look at your task config to confirm what's going on.
>
> Best,
>
> Marques
>
> On Thu, Feb 18, 2021 at 1:58 PM Gabriel Callaghan <
> [email protected]> wrote:
>
>> Hi,
>>
>> I have a script which does an API call. To authenticate myself, I use a
>> token.
>>
>> $ curl '
>> https://ci.example.com/go/api/stages/mypipeline/defaultStage/history' \
>> -H "Authorization: Bearer ${GOCD_ACCESS_TOKEN}" \
>> -H 'Accept: application/vnd.go.cd.v3+json'
>>
>> When I use this api, if in my script I use my personal access token
>> generated by GOCD, the call works. However, if I have the same API call
>> with the same token, but the token is inside the secure variable section of
>> the pipeline, and called using ${GOCD_ACCESS_TOKEN}, I am unable to get
>> authenticated.
>>
>> I have tried to hash the token to see if it matches. When doing cksum on
>> my personal token inside my script, I get a different result from if I did
>> cksum <<<${GOCD_ACCESS_TOKEN}.
>>
>> I am a junior, so I have much to learn and I would apperciate any help in
>> understanding how to resolve this issue.
>>
>> Thank you :)
>> Gabes.
>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "go-cd" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to [email protected].
>> To view this discussion on the web visit
>> https://groups.google.com/d/msgid/go-cd/2a219c35-6c78-4ae3-8070-1e2a54118638n%40googlegroups.com
>> <https://groups.google.com/d/msgid/go-cd/2a219c35-6c78-4ae3-8070-1e2a54118638n%40googlegroups.com?utm_medium=email&utm_source=footer>
>> .
>>
> --
> You received this message because you are subscribed to the Google Groups
> "go-cd" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to [email protected].
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/go-cd/CAPKX9jZAnKGrupURs%3DrmR5FXceBowfG_WLQFUFdVPEYnqut70A%40mail.gmail.com
> <https://groups.google.com/d/msgid/go-cd/CAPKX9jZAnKGrupURs%3DrmR5FXceBowfG_WLQFUFdVPEYnqut70A%40mail.gmail.com?utm_medium=email&utm_source=footer>
> .
>
--
You received this message because you are subscribed to the Google Groups
"go-cd" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/go-cd/CAKV4bkeVVUaObxjv1S-j478UzuTDjv1d8TEhRJ%3D1U%2BCkkX69cA%40mail.gmail.com.
