notification-controller icon indicating copy to clipboard operation
notification-controller copied to clipboard
verified publisher icon fluxcd

provider address for gitlab needs to contain the project id

Open stoetti opened this issue 4 years ago • 2 comments

From the documentation here I tried setting up a provider for my gitlab-repo using the git-url used to clone the project. The notification-controller then reported a 404 when trying to post the commit-status.

https://***/api/v4/projects/xxx/xxx/xxx/xxx/statuses/b5d3df3bc3fd0d530b1ef897374c3af80e3560b3

As the url contains the full path of groups I tried settings up the provider using the projects id instead of the path in the form

https://***/123

This way the notification controller is using the correct api-url with project id.

From my understanding the gitlab-api does not support accessing the api via the project path instead the id has to be used. This should be mentioned in the documentation for setting up flux. Maybe even a sample for each of the supported providers would be nice as other providers.

stoetti avatar May 11 '21 04:05 stoetti

So does this require a more detailed documentation which differs between clone urls and provider urls?

phillebaba avatar May 19 '21 21:05 phillebaba

Just not to open a new issue, let me leave a comment here. It still doesn't work for namespaced (in terms of Gitlab) projects, because notification-controller keeps trying to send HTTP request to project address containing slash / as delimiter.

{"level":"error","ts":"2023-01-12T07:27:14.099Z","logger":"event-server","msg":"failed to send notification","reconciler kind":"Kustomization","name":"my-project","namespace":"sbx","error":"unable to list commit status: GET https://gitlab.example.com/api/v4/projects/company-projects/my-project/repository/commits/<commit sha>/statuses: 404 {message: 404 Commit Not Found}"}

Indeed if try to send this request manually we'll receive exactly the same error:

curl --header "PRIVATE-TOKEN: <my personal token with full api permissions>" "https://gitlab.example.com/api/v4/projects/company-projects/my-project/repository/commits"

# output
{"error":"404 Not Found"}

But if we change slash character between group name company-projects and project name my-project to %2F as suggested in the official gitlab docs (reference: https://docs.gitlab.com/ee/api/index.html#namespaced-path-encoding) it will succeed:

curl --header "PRIVATE-TOKEN: <my personal token with full api permissions>" "https://gitlab.example.com/api/v4/projects/company-projects%2Fmy-project/repository/commits"

# output
[{"id":"309cxxxxx2d12","short_id":"309cxxxx","created_at":"2023-01-11T08:30:48.000+00:00","parent_ids":["415bxxxxd0d9","b9d7xxxxxx26e9"],"title":"Merge branch 'develop' into 'master'","message": ... ] ...} ...]

I tried to specify %2F in provider definition but it also didn't does the trick:

apiVersion: notification.toolkit.fluxcd.io/v1beta2
kind: Provider
metadata:
  name: my-project
  namespace: flux-system
spec:
  type: gitlab
  address: https://gitlab.example.com/company-projects%2Fmy-project.git
  secretRef:
    name: gitlab-token

some diag info:

flux version

# gives us

flux: v0.38.2
helm-controller: v0.28.1
image-automation-controller: v0.28.0
image-reflector-controller: v0.23.1
kustomize-controller: v0.32.0
notification-controller: v0.30.2
source-controller: v0.33.0

and

flux check

# output
► checking prerequisites
✗ flux 0.38.2 <0.38.3 (new version is available, please upgrade)
✔ Kubernetes 1.25.4 >=1.20.6-0
► checking controllers
✔ helm-controller: deployment ready
► ghcr.io/fluxcd/helm-controller:v0.28.1
✔ image-automation-controller: deployment ready
► ghcr.io/fluxcd/image-automation-controller:v0.28.0
✔ image-reflector-controller: deployment ready
► ghcr.io/fluxcd/image-reflector-controller:v0.23.1
✔ kustomize-controller: deployment ready
► ghcr.io/fluxcd/kustomize-controller:v0.32.0
✔ notification-controller: deployment ready
► ghcr.io/fluxcd/notification-controller:v0.30.2
✔ source-controller: deployment ready
► ghcr.io/fluxcd/source-controller:v0.33.0
► checking crds
✔ alerts.notification.toolkit.fluxcd.io/v1beta2
✔ buckets.source.toolkit.fluxcd.io/v1beta2
✔ gitrepositories.source.toolkit.fluxcd.io/v1beta2
✔ helmcharts.source.toolkit.fluxcd.io/v1beta2
✔ helmreleases.helm.toolkit.fluxcd.io/v2beta1
✔ helmrepositories.source.toolkit.fluxcd.io/v1beta2
✔ imagepolicies.image.toolkit.fluxcd.io/v1beta1
✔ imagerepositories.image.toolkit.fluxcd.io/v1beta1
✔ imageupdateautomations.image.toolkit.fluxcd.io/v1beta1
✔ kustomizations.kustomize.toolkit.fluxcd.io/v1beta2
✔ ocirepositories.source.toolkit.fluxcd.io/v1beta2
✔ providers.notification.toolkit.fluxcd.io/v1beta2
✔ receivers.notification.toolkit.fluxcd.io/v1beta2
✔ all checks passed

Would be great to be able to specify project id in a separate field, or fix address parsing in another way! And in regards of documentation - yeah, the more samples - the better. I can't even imagine how it would look like somewhere within Gitlab interface when notification-controller sent successful update...

Thank you!

mikalai-t avatar Jan 12 '23 08:01 mikalai-t