Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Trusted publisher workflow: server produces 500 with action version 1.8.6 #153

Closed
deathbots opened this issue May 3, 2023 · 9 comments
Closed

Trusted publisher workflow: server produces 500 with action version 1.8.6 #153

deathbots opened this issue May 3, 2023 · 9 comments

Comments

@deathbots
Copy link

In testing out the new GHA trusted publisher workflow, the

Trusted publishing exchange failure: 
Token request failed: the index produced an unexpected
500 response.

Example failure

The job that fails with the 500

Strong possibility the error is on my side, but the 500 indicates otherwise of course :) Please let me know if you see something obvious or if I can try something new.
@webknjaz
Copy link
Member

webknjaz commented May 3, 2023

@woodruffw ^

@woodruffw
Copy link
Member

Thanks for the ping @webknjaz!

@deathbots: is this a regression with the latest release of the action, or is this the first version you're trying? Also, could you share a screencap of your trusted publisher setup?

(I can't triage the 500 directly, but @di or another PyPI admin can.)

@di
Copy link
Sponsor Member

di commented May 3, 2023

Hey @deathbots, I tried to leave you a note here: runZeroInc/runzero-sdk-py#11

This should be resolved now!

@deathbots
Copy link
Author

Thank you @di you are our hero! Whatever you did, it worked great. And thank you very much to all in thread for getting the OpenID Connect work over the line and into hands.

@webknjaz
Copy link
Member

webknjaz commented May 11, 2023
edited

@di FYI I've just got a 503 too.

@woodruffw it's weird that the annotation only shows this single line:

Trusted publishing exchange failure:

In the logs, though, I see:

Notice: Attempting to perform trusted publishing exchange to retrieve a temporary short-lived API token for authentication against https://test.pypi.org/legacy/ due to __token__ username with no supplied password field
Error: Trusted publishing exchange failure: 
Token request failed: the index produced an unexpected
503 response.

This strongly suggests a server configuration or downtime issue; wait
a few minutes and try again.

(https://github.com/ansible-community/ansible-pygments/actions/runs/4951889218/jobs/8857581936#step:4:28)

I wonder if it's time to implement some sort of an exponential backoff...

@di
Copy link
Sponsor Member

di commented May 11, 2023

Hmm, is the 503 actually coming from the token exchange request, or is it from the upload request? Our object storage provider is currently having a minor outage which I think will manifest as a 500-level failure here, but should only affect the upload, not the token exchange.

@woodruffw
Copy link
Member

Based on the error message, it looks like it happened during the token exchange (that's the only time we render the HTTP status code like that).

@webknjaz I'll have some time to look at fixing that annotation render tomorrow 🙂

@woodruffw
Copy link
Member

I'll have some time to look at fixing that annotation render tomorrow

I think this is a linebreak thing: the message in question is wrapped over multiple lines, so only the first gets the annotation.

@woodruffw woodruffw mentioned this issue May 12, 2023
Merged
@woodruffw
Copy link
Member

Opened #156 with the annotation fix.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@di @webknjaz @woodruffw @deathbots