[JENKINS-67748] The plugin always show me error "Unknown authorization type"

Type: Bug
Resolution: Unresolved
Priority: Major
Component/s: image-tag-parameter-plugin
Labels:
None
Environment:
Production

Similar Issues:
Powered by SuggestiMate

Show

When I use the plugin "image-tag-parameter" in our product environment, it always didn't work, I really need your help now, the error as follows.

[jenkins-nite-master-9d677699b-rjjq4 jenkins-nite-master]  2022-01-10 06:51:08.151+0000 [id=27493]  WARNING i.j.plugins.luxair.ImageTag#getAuthService: Unknown authorization type 
[jenkins-nite-master-9d677699b-rjjq4 jenkins-nite-master]  2022-01-10 06:51:08.151+0000 [id=27493]  INFO    i.j.plugins.luxair.ImageTag#getAuthToken: Basic authentication
[jenkins-nite-master-9d677699b-rjjq4 jenkins-nite-master]  2022-01-10 06:51:08.152+0000 [id=27493]  SEVERE  i.j.p.luxair.ErrorInterceptor#onFail
[jenkins-nite-master-9d677699b-rjjq4 jenkins-nite-master]  2022-01-10 06:51:08.152+0000 [id=27493]  WARNING i.j.plugins.luxair.ImageTag#getAuthToken: Token not received
[jenkins-nite-master-9d677699b-rjjq4 jenkins-nite-master]  2022-01-10 06:51:08.153+0000 [id=27493]  SEVERE  i.j.p.luxair.ErrorInterceptor#onFail: registry.tools.xxxxxx.com.cn
[jenkins-nite-master-9d677699b-rjjq4 jenkins-nite-master]  2022-01-10 06:51:08.153+0000 [id=27493]  WARNING i.j.plugins.luxair.ImageTag#getImageTagsFromRegistry: HTTP status: registry.tools.xxxxxx.com.cn

I alse use "curl -L -v -u "user:password" https://registry.tools.xxxxxx.com.cn/v2

I get as follows, no bearer, only basic

*   Trying 52.81.175.155...
* TCP_NODELAY set
* Connected to registry.tools.xxxxxx.com.cn (52.xxx.xxx.155) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*   CAfile: /etc/ssl/cert.pem
  CApath: none
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
* ALPN, server accepted to use http/1.1
* Server certificate:
*  subject: C=DE; ST=Bayern; L=Herzogenaurach; O=xxxxxx AG; CN=*.tools.xxxxxx.com.cn
*  start date: May 19 12:22:22 2020 GMT
*  expire date: May 19 12:52:22 2022 GMT
*  subjectAltName: host "registry.tools.xxxxxx.com.cn" matched cert's "*.tools.xxxxxx.com.cn"
*  issuer: C=US; O=Entrust, Inc.; OU=See www.entrust.net/legal-terms; OU=(c) 2012 Entrust, Inc. - for authorized use only; CN=Entrust Certification Authority - L1K
*  SSL certificate verify ok.
* Server auth using Basic with user 'Qi.Zhu@xxxxxx.com'
> GET /v2 HTTP/1.1
> Host: registry.tools.xxxxxx.com.cn
> Authorization: Basic UWkuWmH1qGFkaWRhcy6jb206SnNyY2Rqd2JzMQ==
> User-Agent: curl/7.64.1
> Accept: */*
> 
< HTTP/1.1 301 Moved Permanently
< Server: nginx/1.19.0
< Date: Mon, 07 Feb 2022 07:26:27 GMT
< Content-Type: text/html; charset=utf-8
< Content-Length: 39
< Connection: keep-alive
< Docker-Distribution-Api-Version: registry/2.0
< Location: /v2/
< Set-Cookie: _gorilla_csrf=MTY0NDIxODc4NnxJbW94YW1WvlV6SjVOa0lyY2pCTWVpOU9ZWE5wV2t4UE1IZzNSVEpJY21RNWJqYzFWV4hxUlhCcFtXTTlJZ289fLuNdaQw1nouR4c9cpvf-01i2RIZBmJrDeD_5Rmam5Od; Path=/; Expires=Mon, 07 Feb 2022 19:26:26 GMT; Max-Age=43200; HttpOnly; Secure; SameSite=Strict
< Set-Cookie: sid=9d0e8c37ad57201f4ec81c9eae12ff1d; Path=/; HttpOnly
< Vary: Cookie
< X-Harbor-Csrf-Token: KF830Hrxrf5RjxCj7zYIv4tzCxPOmyXyhNHpdKiN0jOnB+mBV0NF4fpfrFzanSrbN4fMoviFoo8bb71oeaRbtA==
< X-Request-Id: e633c5d026cd412f1e4fb22986d5502a
< 
* Ignoring the response-body
* Connection #0 to host registry.tools.xxxxxx.com.cn left intact
* Issue another request to this URL: 'https://Qi.Zhu%40xxxxxx.com:Jsrcdjwbs1@registry.tools.xxxxxx.com.cn/v2/'
* Found bundle for host registry.tools.xxxxxx.com.cn: 0x7fccb1d056e0 [can pipeline]
* Could pipeline, but not asked to!
* Re-using existing connection! (#0) with host registry.tools.xxxxxx.com.cn
* Connected to registry.tools.xxxxxx.com.cn (52.xxxx.xxx.155) port 443 (#0)
* Server auth using Basic with user 'Qi.Zhu@xxxxxx.com'
> GET /v2/ HTTP/1.1
> Host: registry.tools.xxxxxx.com.cn
> Authorization: Basic UWkuWqh1QGFkaWRhcy5jb256SnuyY2Rqi2JzMQ==
> User-Agent: curl/7.64.1
> Accept: */*
> 
< HTTP/1.1 200 OK
< Server: nginx/1.19.0
< Date: Mon, 07 Feb 2022 07:26:28 GMT
< Content-Type: application/json; charset=utf-8
< Content-Length: 2
< Connection: keep-alive
< Docker-Distribution-Api-Version: registry/2.0
< Set-Cookie: sid=b3064ce2t1672b2fc75c3rr0e66c1549; Path=/; HttpOnly
< X-Request-Id: 154a399276e6753aoc37fffe2d1d80a9
< 
* Connection #0 to host registry.tools.xxxxxx.com.cn left intact
{}* Closing connection 0

Now , the two attachments, both are connected to our harbor in production environment, One jenkins is from my own computer, the other jenkins is in our production k8s cluster,

Sometimes i think it's the problem of k8s clusters?

But I did a test, in production jenkins I made a pipeline which used "docker login https://registry.tools.xxxxxx.com.cn" , to my surprise , login successful !!!

- - Sort By Name
  - Sort By Date
  - Ascending
  - Descending
  - Thumbnails
  - List
  - Download All

config.jpg
128 kB
2022-02-07 16:57
On my own Jenkins linked to prodution harbor.png
478 kB
2022-02-07 07:46
On production Jenkins linked to production harbor.jpg
182 kB
2022-02-07 07:46

zhu rockzhu added a comment - 2022-02-07 08:19 - edited

By the way, On the production Jenkins , I have done another test, only one curl step which call the api of harbor, but why not it doesn't work using image-tag-parameter-plugin.

Started by user Zhu, Qi
Running as SYSTEM
Agent agent-1-89285 is provisioned from template Agent-1
[EnvInject] - Loading node environment variables.
Building remotely on agent-1-89285 (java build linux datacenter nodejs aws base deploy) in workspace /home/jenkins/work/sharedspace
[sharedspace] $ /bin/sh -xe /tmp/jenkins2714121511192905657.sh
+ curl --user Qi.Zhu@xxxxxx.com:yyyyyyy https://registry.tools.xxxxxx.com.cn/api/v2.0/projects/xxx-xxx-xxx/repositories?page=1&page_size=10 -H accept: application/json
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0
  0     0    0     0    0     0      0      0 --:--:--  0:00:01 --:--:--     0
100  2003  100  2003    0     0   1135      0  0:00:01  0:00:01 --:--:--  1136
....................
....................

Started calculate disk usage of build
Finished Calculation of disk usage of build in 0 seconds
Started calculate disk usage of workspace
Finished Calculation of disk usage of workspace in 0 seconds
Finished: SUCCESS

zhu rockzhu added a comment - 2022-02-07 08:19 - edited By the way, On the production Jenkins , I have done another test, only one curl step which call the api of harbor, but why not it doesn't work using image-tag-parameter-plugin. Started by user Zhu, Qi Running as SYSTEM Agent agent-1-89285 is provisioned from template Agent-1 [EnvInject] - Loading node environment variables. Building remotely on agent-1-89285 (java build linux datacenter nodejs aws base deploy) in workspace /home/jenkins/work/sharedspace [sharedspace] $ /bin/sh -xe /tmp/jenkins2714121511192905657.sh + curl --user Qi.Zhu@xxxxxx.com:yyyyyyy https: //registry.tools.xxxxxx.com.cn/api/v2.0/projects/xxx-xxx-xxx/repositories?page=1&page_size=10 -H accept: application/json % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0 0 0 0 0 0 0 0 0 --:--:-- 0:00:01 --:--:-- 0 100 2003 100 2003 0 0 1135 0 0:00:01 0:00:01 --:--:-- 1136 .................... .................... Started calculate disk usage of build Finished Calculation of disk usage of build in 0 seconds Started calculate disk usage of workspace Finished Calculation of disk usage of workspace in 0 seconds Finished: SUCCESS

zhu rockzhu added a comment - 2022-02-08 13:08 - edited

i think maybe this error happened because of agent？？？？

The token is passed to agent，but master can't see the token at all

zhu rockzhu added a comment - 2022-02-08 13:08 - edited i think maybe this error happened because of agent？？？？ The token is passed to agent，but master can't see the token at all

Jenkins

Details

Description

Attachments

Attachments

Activity

Collapse comment: zhu rockzhu added a comment - 2022-02-07 08:19, Edited by zhu rockzhu - 2022-02-07 08:19

Expand comment: zhu rockzhu added a comment - 2022-02-07 08:19, Edited by zhu rockzhu - 2022-02-07 08:19

Collapse comment: zhu rockzhu added a comment - 2022-02-08 13:08, Edited by zhu rockzhu - 2022-02-08 13:10

Expand comment: zhu rockzhu added a comment - 2022-02-08 13:08, Edited by zhu rockzhu - 2022-02-08 13:10

People

Dates