Security Insights giving error message `Could not resolve to a Repository with the name '<reponame>'`

[Andy-medidata]

Expected Behavior

The dependabot widget should display correct values

Current Behavior

I'm troubleshooting our integration to Github, our Github App config. It is working locally but not working in our live environment. So I tried opening an incognito window against my local dev environment. In a normal browser, it is working correctly, in the incognito window, I'm seeing the error message Could not resolve to a Repository with the name '<reponame>'. I noticed that there's a cookie in the browser github-refresh-token that is formatted differently between the two windows. The working window has access-token. prefixed to the token (and is much shorter), the incognito window does not have the prefix and a longer token. Both windows are on the same machine at the same time.

Steps to Reproduce

install the Security Insights plugin and enable the dependabot widget per install instructions.

Our Github integrations (from app-config.yaml): integrations: github: - host: github.com token: ${GITHUB_TOKEN} auth: environment: development providers: okta: development: clientId: ${AUTH_OKTA_CLIENT_ID} clientSecret: ${AUTH_OKTA_CLIENT_SECRET} audience: ${AUTH_OKTA_DOMAIN} github: development: clientId: ${AUTH_GITHUB_CLIENT_ID} clientSecret: ${AUTH_GITHUB_CLIENT_SECRET}

Open in a chrome browser, point to component, it works correctly Open in a chrome incognito window, point to component, you get the error Could not resolve to a Repository....

Your Environment

• @backstage/plugin-catalog-react version: "^1.0.0"
• @backstage/integration version: "^1.2.0"

[roadie-bot]

https://app.shortcut.com/larder/story/9204

[kissmikijr]

@Andy-medidata Is this issue still happening ?

[Andy-medidata]

yes it is. I'll run another test to confirm this afternoon

[kissmikijr]

If it is still an issue can you provide some more details, possible screenshots which card are we talking about exactly? After opening it in incognito did you login again to github and still doesn't work ?

[Andy-medidata]

will do, in the middle of another story, may take me a day to get back to that branch...

[Andy-medidata]

here's a screenshot of the error :

[Andy-medidata]

just duplicated in the incognito window, I'm scanning through the logs looking for error messages that seem relevant...

[Andy-medidata]

the only messages I've found so far:

[1] 2022-08-05T17:30:54.071Z backstage info ::1 - - [05/Aug/2022:17:30:54 +0000] "GET /api/catalog/entities/by-name/component/default/api-gateway HTTP/1.1" 304 - "http://localhost:3000/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36" type=incomingRequest
[1] Request not identified as belonging to a backstage's background process
[1] Request not identified as belonging to a backstage's background process
[1] Request not identified as belonging to a backstage's background process

I'm not certain the "Request not identified" are related to this or not... edit: fixing formatting

[Andy-medidata]

just double checked I've implemented the setup steps: https://www.npmjs.com/package/@roadiehq/backstage-plugin-security-insights

for implementing the dependabot widget, I did not implement the Security Insights widget/page because we do not have it enabled.

[github-actions[bot]]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.