cli
cli copied to clipboard
buildkite
bk init - GraphQL error: Authentication required - but it might actually be a permissions issue
I create a GraphQL token for my org but I don't give it any scopes (because I don't know who/when they are needed, and there are so many of them, so I just ignore it).
Then when I run bk init I get a GraphQL error: Authentication required error:
$ bk configure
...
$ bk init
Checking for pipeline file: .buildkite/pipeline.yml ✅
Checking for git repository and remote: https://github.com/drnic/buildkite-envvar-playtime ✅
Checking for buildkite pipeline: GraphQL error: Authentication required. Please supply a valid API Access Token: https://buildkite.com/docs/apis/graphql-api#authentication ❌
🚨 GraphQL error: Authentication required. Please supply a valid API Access Token: https://buildkite.com/docs/apis/graphql-api#authentication
My guess is that it isn't an authentication issue (authentication = who is this?) but an authorization issue (is this user allowed to do operation xyz?)
Is it possible for the bk init command error nicely and educate me in future?
Which scopes do I need for bk init and other bk operations?
Hmm, maybe I'm wrong -- I added all the scopes to my token but bk init still failing as above.
Tried again - created new api token with all scopes, and all checkboxes checked. Here's the debug output from bk init --debug --debug-graphql
bk init --debug --debug-graphql
2020/02/25 08:42:13 [keyring] Considering backends: [keychain pass file]
Checking for pipeline file: Created .buildkite/pipeline.yml ✅
Checking for git repository and remote: https://github.com/drnic/buildkite-envvar-playtime ✅
Checking for buildkite pipeline: ⠋ DEBUG request uri=https://graphql.buildkite.com/v1
POST /v1 HTTP/1.1
Host: graphql.buildkite.com
Authorization: Bearer <redacted>
Content-Type: application/json
{
"query": "query($slug:ID!) {\n\t\t\tpipeline(slug: $slug) {\n\t\t\t\trepository {\n\t\t\t\t\turl\n\t\t\t\t}\n\t\t\t}\n\t\t}",
"variables": {
"slug": "drnic/buildkite-envvar-playtime"
}
}
⠴ DEBUG response uri=https://graphql.buildkite.com/v1
HTTP/2.0 401 Unauthorized
Connection: close
Access-Control-Allow-Methods: POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server-Timing, X-Buildkite-Metrics
Access-Control-Max-Age: 86400
Cache-Control: no-cache
Content-Type: application/json; charset=utf-8
Date: Mon, 24 Feb 2020 22:42:15 GMT
Referrer-Policy: strict-origin-when-cross-origin
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains
Www-Authenticate: Bearer realm="graphql.buildkite.com"
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Request-Id: 489d5c8a-76de-4b69-8650-215308ca1dd6
X-Runtime: 0.024123
X-Xss-Protection: 1; mode=block
{
"errors": [
{
"message": "Authentication required. Please supply a valid API Access Token: https://buildkite.com/docs/apis/graphql-api#authentication"
}
]
}
GraphQL error: Authentication required. Please supply a valid API Access Token: https://buildkite.com/docs/apis/graphql-api#authentication ❌
🚨 GraphQL error: Authentication required. Please supply a valid API Access Token: https://buildkite.com/docs/apis/graphql-api#authentication
I have kind of the same question... https://github.com/buildkite/cli gives no guidance as to which scopes are necessary for running builds locally
Are any Buildkite staff monitoring these issues? There seem to be a lot open with no comments
