meta data for this page
Book Creator
 Add this page to your book
Book Creator
 Remove this page from your book  

 Manage book(0 page(s))
 Help

CI Issues

remote: You are not allowed to download code from this project.

Cloning into '/builds/group/project/buildroot/src/maginc-submodule'...
remote: You are not allowed to download code from this project.
fatal: unable to access 'https://gitlab.example.com/groups/project/magic-submodule.git': The requested URL returned error: 403
fatal: clone of 'https://gitlab-ci-token:[MASKED]@gitlab.example.com/groups/project/magic-submodule.git' into submodule path '/builds/group/project/buildroot/src/maginc-submodule' failed

Reason: Default CI/CD job token (CI_JOB_TOKEN) scope changed

More: Allow access to your project with a job token

Solution:

  • Go to Submodule to be cloned in Gitlab UI
  • Settings –> CI/CD –> Token Access

fatal: No names found, cannot describe anything

fatal: No names found, cannot describe anything.

When git describe –tags is used to detect version name but repository doesn't contain tags.

Possible reasons of failure:

  • shallow clone, to unshallow run sudo git fetch –unshallow
  • gitlab ???

cannot run ssh

Synchronizing submodule url for 'xxx'
Cloning into 'xxx'...
error: cannot run ssh: No such file or directory
fatal: unable to fork
fatal: clone of 'git@gitlab.xxx:xxx/xxx.git' into submodule path 'xxx' failed

Looks like SSH client is not installed in Job image (install openssh-clients).

Reason: During clone operation Gitlab Runner is using small helper (around 66MB) image where ssh client is not installed: 

docker run --rm -it registry.gitlab.com/gitlab-org/gitlab-runner/gitlab-runner-helper:alpine-latest-x86_64-000bc602 ssh

It is possible to chose flavour of helper image: helper-image

Images source: runner-helper

Ubuntu helper flavour contains ssh client: 

docker run --rm -it gitlab/gitlab-runner-helper:ubuntu-x86_64-bleeding ssh
docker run --rm -it gitlab/gitlab-runner-helper:ubuntu-x86_64-v15.11.1 ssh

Solution: use Ubuntu based helper image:

config.toml
  [runners.docker]
    helper_image = "gitlab/gitlab-runner-helper:ubuntu-x86_64-v16.0.2"
    helper_image_flavor = "ubuntu"

Workaround 1: use relative submodules as described in Using relative URLs. Gitlab runner will use https to clone submodules.

Workaround 2: Rewrite submodule URLs to HTTPS

CAfile: none

fatal: unable to access 'https://gitlab-ci-token:[MASKED]@gitlab.example.com/superproject/sandbox.git/': server certificate verification failed. CAfile: none CRLfile: none

Problem test: 

git clone https://gitlab.example.com
 
fatal: unable to access 'https://gitlab.example.com/': server certificate verification failed. CAfile: none CRLfile: none

Solution: 

sudo apt update; sudo apt install -yq libgnutls30 ca-certificates

Dockerfile fix: 

RUN apt-get update && apt-get install -yq --no-install-recommends \
    ca-certificates \
    libgnutls30 \
    && apt-get clean && rm -rf /var/lib/apt/lists/*