We Keep Coding

What is skaffold doing after skaffold build pushed successfully

When I run skaffold in a github workflow like this
skaffold build
it calls the gradle jib correctly, creates an image and pushes it to the ghcr successfully. Grdale finishes successfully as can be seen in the log. Nevertheless, something happens afterwards that fails. It seems someone tries to access the just built image but is not authorized. This does not happen, if I execute it locally. And it does not fail in the github workflow if I call gradlew jib directly without skaffold being involved.
Built and pushed image as ghcr.io/tobias-neubert/motd-service:453f4c4-dirty
BUILD SUCCESSFUL in 11s
4 actionable tasks: 4 executed
time="2023-02-15T12:07:09Z" level=error msg="No matching credentials were found for \"ghcr.io\""
time="2023-02-15T12:07:09Z" level=error msg="No matching credentials were found for \"ghcr.io\""
getting image: GET https://ghcr.io/token?scope=repository%3Atobias-neubert%2Fmotd-service%3Apull&service=ghcr.io: UNAUTHORIZED: authentication required
Error: Process completed with exit code 1.
The github workflow:
name: Build and push motd-service
on:
push:
permissions:
packages: write
jobs:
build:
runs-on: ubuntu-latest
steps:
- name: Checkout Code
uses: actions/checkout#v3
- name: Set up Java
uses: actions/setup-java#v2
with:
java-version: 17
distribution: temurin
- name: Setup Gradle
uses: gradle/gradle-build-action#v2
- name: Make gradlew executable
run: chmod +x ./gradlew
- name: Install skaffold
run: |
curl -Lo skaffold https://storage.googleapis.com/skaffold/releases/latest/skaffold-linux-amd64 && \
sudo install skaffold /usr/local/bin/
- name: Deactivate collecting skaffold metrics
run: skaffold config set --global collect-metrics false
- name: Build the motd image
env:
GH_PASSWORD: '${{ secrets.GITHUB_TOKEN }}'
run: skaffold build
Does anybody know what happens here?

It tries to fetch the digest of the new image, which it needs to render the k8s resources. Pushing the image was made by gradle. The jib plugin is configured to use environment variables for authenticating against ghcr.io. But skaffold does not know about those. So it fails to authenticate. A docker login does the trick, although it is not safe in a CI. So now I have to search for a better way to tell skaffold to authenticate against the registry

Backstage Unable to use mkdocs to create Tech Docs for an existing component

I have enabled Github actions to create Tech docs after a commit. Below is the workflow file written to create Md files. But "techdocs-cli generate --no-docker --verbose" command fails with the below error. Can someone please help with the issue?
Failed to generate docs from /home/runner/work/myapp3/myapp3 into /home/runner/work/myapp3/myapp3/site; caused by unknown error 'Command mkdocs failed, exit code: 1'
workflow file:
name: Publish TechDocs Site
on:
push:
branches: master
jobs:
publish-techdocs-site:
runs-on: ubuntu-latest
env:
TECHDOCS_S3_BUCKET_NAME: XXX
AWS_ACCESS_KEY_ID: XXX
AWS_SECRET_ACCESS_KEY: XXX
AWS_REGION: XXX
ENTITY_NAMESPACE: 'default'
ENTITY_KIND: 'Component'
ENTITY_NAME: ‘XXX’
steps:
- name: Checkout code
uses: actions/checkout#v2
- uses: actions/setup-node#v2
- uses: actions/setup-python#v2
- name: Install techdocs-cli
run: sudo npm install -g #techdocs/cli
- name: Install mkdocs and mkdocs plugins
run: python -m pip install mkdocs-techdocs-core==1.*
- name: Generate docs site
run: techdocs-cli generate --no-docker --verbose
- name: Publish docs site
run: techdocs-cli publish --publisher-type awsS3 --storage-name $TECHDOCS_S3_BUCKET_NAME --entity $ENTITY_NAMESPACE/$ENTITY_KIND/$ENTITY_NAME

I had the same issue and it was resolved once you had the right folder structure where you have the mkdocs.yml file.
As long as you have a docs folder in the same root structure with the .md file that needs to be published.
The same .md file needs to be configured in the navigation section of the mkdocs.yml file as well

Exclude Directories from a Scheduled Github Action

I am creating a github action to run on a schedule. The purpose of the action is to pull my pypi package pip install alphavantage_api_client then run python app.py to verify my published package is working correctly. To make this work, I need to exclude the internal client source code with something like paths-ignore but it's not working. How do I exclude a directory within a github action? Here is my github action config:
name: Daily End to End Tests with Alphavantage API PyPi
on:
schedule:
- cron: "0 */12 * * *"
paths-ignore:
- alphvantage_api_client
permissions:
contents: read
env:
ALPHAVANTAGE_API_KEY: "${{ secrets.ALPHAVANTAGE_API_KEY }}"
jobs:
build:
runs-on: ubuntu-latest
timeout-minutes: 20
environment:
name: "Daily End to End Tests"
steps:
- uses: actions/checkout#v3
- name: Set up Python 3.10
uses: actions/setup-python#v3
with:
python-version: "3.10"
- name: Install dependencies
run: |
python -m pip install --upgrade pip
pip install alphavantage_api_client
python app.py
The error i get from the above is a syntax error with the paths-ignore, so i can see there is a problem.
I've referenced the documentation here
https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#example-excluding-paths=
but i don't see a way to exclude paths for a scheduled action. Can someone point me in the right direction?

Publishing to Github Pages

I am currently working on setting up a workflow for my Github Pages site. I have successfully created html files from Python and now only need to publish. I am using this Github Action for doing that. However, my builds fail with the error message:
github-pages 222 | Error: No such file or directory # rb_check_realpath_internal - /github/workspace/bin/python3
I have the file /bin/python3 in my repository and it should additionally not be used for that build shouldnt it?
Why is it getting used and how do I fix it?
Note: I am not limited to this specific action. If there is another one that works better I would be happy to use it!
This is my worker file right now:
name: Jekyll site CI
on:
push:
branches: [ gh-pages ]
pull_request:
branches: [ gh-pages ]
jobs:
build:
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout#v2.4.0
- name: install python
uses: actions/setup-python#v2
with:
python-version: "3.9.2"
- name: install python packages
run: |
python -m pip install --upgrade pip
pip install jinja2
- name: run python script
run: python app.py
- name: Deploy to GitHub Pages
if: success()
uses: crazy-max/ghaction-github-pages#v2.5.0
with:
build_dir: ./
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

Environment variables when deploying Firebase Cloud functions with Github Actions

I have been trying to automate the deployment of firebase cloud functions using the Github actions CI/CD workflows.
The functions are developed using NodeJs, Express, and Typescript. And all environment variables are saved in a .env file that is not tracked on github (for obvious reasons)
The main.yaml file (in .github/workflows/)
name: CI/CD
on:
push:
branches: [ deploy ]
pull_request:
branches: [ deploy ]
workflow_dispatch:
jobs:
deploy:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout#v2
- name: create env file
run: |
cd functions
touch .env
echo "${{ secrets.ENV_VARS }}" >> .env
- name: Install npm packages
run: |
cd functions
npm install
- name: Deploy to Firebase
uses: w9jds/firebase-action#master
with:
args: deploy
env:
FIREBASE_TOKEN: ${{ secrets.FIREBASE_TOKEN }}
The workflow first creates a .env file where it writes the env variables (saved in github secrets)
then installs the dependencies,
and finally deploy the cloud functions
The steps are executed without any issues, up to the deployment part where I got this error
Error: Service account object must contain a string "project_id" property.
at FirebaseAppError.FirebaseError [as constructor] (/github/workspace/functions/node_modules/firebase-admin/lib/utils/error.js:44:28)
at FirebaseAppError.PrefixedFirebaseError [as constructor] (/github/workspace/functions/node_modules/firebase-admin/lib/utils/error.js:90:28)
at new FirebaseAppError (/github/workspace/functions/node_modules/firebase-admin/lib/utils/error.js:125:28)
at new ServiceAccount (/github/workspace/functions/node_modules/firebase-admin/lib/credential/credential-internal.js:134:19)
at new ServiceAccountCredential (/github/workspace/functions/node_modules/firebase-admin/lib/credential/credential-internal.js:68:15)
at Object.exports.cert (/github/workspace/functions/node_modules/firebase-admin/lib/credential/credential.js:34:54)
at Object.<anonymous> (/github/workspace/functions/lib/config/firebase.js:10:34)
at Module._compile (internal/modules/cjs/loader.js:1085:14)
at Object.Module._extensions..js (internal/modules/cjs/loader.js:1114:10)
at Module.load (internal/modules/cjs/loader.js:950:32)
Thank you in advance

I solved this problem. The answer was very simple: instead of following the different tutorials that use "w9jds/firebase-action#master" for the deployment, I simply used firebase deploy :)
The new main.yaml
name: CI/CD
on:
push:
branches: [ deploy]
pull_request:
branches: [ deploy]
workflow_dispatch:
jobs:
main:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout#v2
# Environment variables
- name: create env file
run: |
cd functions
touch .env
echo "${{ secrets.ENV_VARS }}" >> .env
# Install npm packages and firebase
- name: Install npm packages
run: |
cd functions
npm install
npm audit fix
npm install firebase-tools
# Run tests
- name: Run tests
run: |
cd functions
npm run test
# Deploying the functions to firebase
- name: Deploy to Firebase
run: |
cd functions
npm run deploy
env:
FIREBASE_TOKEN: ${{ secrets.FIREBASE_TOKEN }}