Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

Integrating Renovate in BitBucket Pipeline Throws 401 error

Jamshaid
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
April 25, 2024

I have the following BitBucket Pipeline added to my repository:    

image: node:latest

definitions:

steps:

- step: &renovate-step

name: Run Renovate

script:

- npm install -g renovate

- renovate --platform bitbucket --endpoint https://api.bitbucket.org/ --username ${USERNAME} --token ${APP_TOKEN} --autodiscover true

pipelines:

default:

- step:

name: 'Placeholder Default Step'

script:

- echo "This is a placeholder step for the default pipeline."

custom:

scheduled_renovate:

- step:

<<: *renovate-step

 

This pipline throws the following error. I can confirm that the app token used is correct.



+ renovate --platform bitbucket --endpoint https://api.bitbucket.org/ --username ${USERNAME} --token ${APP_TOKEN} --autodiscover true
(node:114) [DEP0040] DeprecationWarning: The `punycode` module is deprecated. Please use a userland alternative instead.
(Use `node --trace-deprecation ...` to show where the warning was created)
ERROR: bitbucket getRepos error
"err": {
"name": "HTTPError",
"code": "ERR_NON_2XX_3XX_RESPONSE",
"timings": {
"start": 1713945223419,
"socket": 1713945223419,
"lookup": 1713945223419,
"connect": 1713945223419,
"secureConnect": 1713945223419,
"upload": 1713945223419,
"response": 1713945223504,
"end": 1713945223505,
"phases": {
"wait": 0,
"dns": 0,
"tcp": 0,
"tls": 0,
"request": 0,
"firstByte": 85,
"download": 1,
"total": 86
}
},
"message": "Response code 401 (Unauthorized)",
"stack": "HTTPError: Response code 401 (Unauthorized)\n at Request.<anonymous> (/usr/local/lib/node_modules/renovate/node_modules/got/dist/source/as-promise/index.js:118:42)\n at processTicksAndRejections (node:internal/process/task_queues:95:5)",
"options": {
"headers": {
"user-agent": "RenovateBot/37.320.0 (https://github.com/renovatebot/renovate)",
"accept": "application/json",
"authorization": "***********",
"accept-encoding": "gzip, deflate, br"
},
"url": "https://api.bitbucket.org/2.0/repositories?role=contributor&pagelen=100",
"hostType": "bitbucket",
"username": "",
"password": "",
"method": "GET",
"http2": false
},
"response": {
"statusCode": 401,
"statusMessage": "Unauthorized",
"body": {
"type": "error",
"error": {
"message": "Token is invalid or not supported for this endpoint."
}
},
"headers": {
"date": "Wed, 24 Apr 2024 07:53:43 GMT",
"content-type": "application/json",
"content-length": "95",
"server": "AtlassianEdge",
"www-authenticate": "OAuth realm=\"Bitbucket.org HTTP\"",
"etag": "\"bbe089b08de73c5e8547da71615cd8b0\"",
"vary": "Origin",
"x-dc-location": "Micros-3",
"x-served-by": "ca15dc7e9bdf",
"x-version": "2767ae4f0e6e",
"x-static-version": "2767ae4f0e6e",
"x-request-count": "429",
"x-render-time": "0.0026738643646240234",
"x-b3-traceid": "33fac901a9504be99ec9f17e8f2605f8",
"x-b3-spanid": "c0296c4fd928aafb",
"x-frame-options": "SAMEORIGIN",
"x-usage-user-time": "0.006830",
"x-usage-system-time": "0.000000",
"x-usage-input-ops": "0",
"x-usage-output-ops": "0",
"x-trace-id": "33fac901a9504be99ec9f17e8f2605f8",
"strict-transport-security": "max-age=31536000; includeSubDomains; preload",
"api-via-stargate": "True",
"x-content-type-options": "nosniff",
"x-xss-protection": "1; mode=block",
"atl-traceid": "33fac901a9504be99ec9f17e8f2605f8",
"report-to": "{\"endpoints\": [{\"url\": \"https://dz8aopenkvv6s.cloudfront.net\"}], \"group\": \"endpoint-1\", \"include_subdomains\": true, \"max_age\": 600}",
"nel": "{\"failure_fraction\": 0.001, \"include_subdomains\": true, \"max_age\": 600, \"report_to\": \"endpoint-1\"}"
},
"httpVersion": "1.1",
"retryCount": 0
}
}
FATAL: Fatal error: Response code 401 (Unauthorized)
"err": {
"name": "HTTPError",
"code": "ERR_NON_2XX_3XX_RESPONSE",
"timings": {
"start": 1713945223419,
"socket": 1713945223419,
"lookup": 1713945223419,
"connect": 1713945223419,
"secureConnect": 1713945223419,
"upload": 1713945223419,
"response": 1713945223504,
"end": 1713945223505,
"phases": {
"wait": 0,
"dns": 0,
"tcp": 0,
"tls": 0,
"request": 0,
"firstByte": 85,
"download": 1,
"total": 86
}
},
"message": "Response code 401 (Unauthorized)",
"stack": "HTTPError: Response code 401 (Unauthorized)\n at Request.<anonymous> (/usr/local/lib/node_modules/renovate/node_modules/got/dist/source/as-promise/index.js:118:42)\n at processTicksAndRejections (node:internal/process/task_queues:95:5)",
"options": {
"headers": {
"user-agent": "RenovateBot/37.320.0 (https://github.com/renovatebot/renovate)",
"accept": "application/json",
"authorization": "***********",
"accept-encoding": "gzip, deflate, br"
},
"url": "https://api.bitbucket.org/2.0/repositories?role=contributor&pagelen=100",
"hostType": "bitbucket",
"username": "",
"password": "",
"method": "GET",
"http2": false
},
"response": {
"statusCode": 401,
"statusMessage": "Unauthorized",
"body": {
"type": "error",
"error": {
"message": "Token is invalid or not supported for this endpoint."
}
},
"headers": {
"date": "Wed, 24 Apr 2024 07:53:43 GMT",
"content-type": "application/json",
"content-length": "95",
"server": "AtlassianEdge",
"www-authenticate": "OAuth realm=\"Bitbucket.org HTTP\"",
"etag": "\"bbe089b08de73c5e8547da71615cd8b0\"",
"vary": "Origin",
"x-dc-location": "Micros-3",
"x-served-by": "ca15dc7e9bdf",
"x-version": "2767ae4f0e6e",
"x-static-version": "2767ae4f0e6e",
"x-request-count": "429",
"x-render-time": "0.0026738643646240234",
"x-b3-traceid": "33fac901a9504be99ec9f17e8f2605f8",
"x-b3-spanid": "c0296c4fd928aafb",
"x-frame-options": "SAMEORIGIN",
"x-usage-user-time": "0.006830",
"x-usage-system-time": "0.000000",
"x-usage-input-ops": "0",
"x-usage-output-ops": "0",
"x-trace-id": "33fac901a9504be99ec9f17e8f2605f8",
"strict-transport-security": "max-age=31536000; includeSubDomains; preload",
"api-via-stargate": "True",
"x-content-type-options": "nosniff",
"x-xss-protection": "1; mode=block",
"atl-traceid": "33fac901a9504be99ec9f17e8f2605f8",
"report-to": "{\"endpoints\": [{\"url\": \"https://dz8aopenkvv6s.cloudfront.net\"}], \"group\": \"endpoint-1\", \"include_subdomains\": true, \"max_age\": 600}",
"nel": "{\"failure_fraction\": 0.001, \"include_subdomains\": true, \"max_age\": 600, \"report_to\": \"endpoint-1\"}"
},
"httpVersion": "1.1",
"retryCount": 0
}
}
INFO: Renovate was run at log level "info". Set LOG_LEVEL=debug in environment variables to see extended debug logs.
INFO: Renovate is exiting with a non-zero code due to the following logged errors
"loggerErrors": [
{
"name": "renovate",
"level": 50,
"logContext": "znJdvSGS402KIl3sF0KPM",
"err": {
"name": "HTTPError",
"code": "ERR_NON_2XX_3XX_RESPONSE",
"timings": {
"start": 1713945223419,
"socket": 1713945223419,
"lookup": 1713945223419,
"connect": 1713945223419,
"secureConnect": 1713945223419,
"upload": 1713945223419,
"response": 1713945223504,
"end": 1713945223505,
"phases": {
"wait": 0,
"dns": 0,
"tcp": 0,
"tls": 0,
"request": 0,
"firstByte": 85,
"download": 1,
"total": 86
}
},
"message": "Response code 401 (Unauthorized)",
"stack": "HTTPError: Response code 401 (Unauthorized)\n at Request.<anonymous> (/usr/local/lib/node_modules/renovate/node_modules/got/dist/source/as-promise/index.js:118:42)\n at processTicksAndRejections (node:internal/process/task_queues:95:5)",
"options": {
"headers": {
"user-agent": "RenovateBot/37.320.0 (https://github.com/renovatebot/renovate)",
"accept": "application/json",
"authorization": "***********",
"accept-encoding": "gzip, deflate, br"
},
"url": "https://api.bitbucket.org/2.0/repositories?role=contributor&pagelen=100",
"hostType": "bitbucket",
"username": "",
"password": "",
"method": "GET",
"http2": false
},
"response": {
"statusCode": 401,
"statusMessage": "Unauthorized",
"body": {
"type": "error",
"error": {
"message": "Token is invalid or not supported for this endpoint."
}
},
"headers": {
"date": "Wed, 24 Apr 2024 07:53:43 GMT",
"content-type": "application/json",
"content-length": "95",
"server": "AtlassianEdge",
"www-authenticate": "OAuth realm=\"Bitbucket.org HTTP\"",
"etag": "\"bbe089b08de73c5e8547da71615cd8b0\"",
"vary": "Origin",
"x-dc-location": "Micros-3",
"x-served-by": "ca15dc7e9bdf",
"x-version": "2767ae4f0e6e",
"x-static-version": "2767ae4f0e6e",
"x-request-count": "429",
"x-render-time": "0.0026738643646240234",
"x-b3-traceid": "33fac901a9504be99ec9f17e8f2605f8",
"x-b3-spanid": "c0296c4fd928aafb",
"x-frame-options": "SAMEORIGIN",
"x-usage-user-time": "0.006830",
"x-usage-system-time": "0.000000",
"x-usage-input-ops": "0",
"x-usage-output-ops": "0",
"x-trace-id": "33fac901a9504be99ec9f17e8f2605f8",
"strict-transport-security": "max-age=31536000; includeSubDomains; preload",
"api-via-stargate": "True",
"x-content-type-options": "nosniff",
"x-xss-protection": "1; mode=block",
"atl-traceid": "33fac901a9504be99ec9f17e8f2605f8",
"report-to": "{\"endpoints\": [{\"url\": \"https://dz8aopenkvv6s.cloudfront.net\"}], \"group\": \"endpoint-1\", \"include_subdomains\": true, \"max_age\": 600}",
"nel": "{\"failure_fraction\": 0.001, \"include_subdomains\": true, \"max_age\": 600, \"report_to\": \"endpoint-1\"}"
},
"httpVersion": "1.1",
"retryCount": 0
}
},
"msg": "bitbucket getRepos error"
},
{
"name": "renovate",
"level": 60,
"logContext": "znJdvSGS402KIl3sF0KPM",
"err": {
"name": "HTTPError",
"code": "ERR_NON_2XX_3XX_RESPONSE",
"timings": {
"start": 1713945223419,
"socket": 1713945223419,
"lookup": 1713945223419,
"connect": 1713945223419,
"secureConnect": 1713945223419,
"upload": 1713945223419,
"response": 1713945223504,
"end": 1713945223505,
"phases": {
"wait": 0,
"dns": 0,
"tcp": 0,
"tls": 0,
"request": 0,
"firstByte": 85,
"download": 1,
"total": 86
}
},
"message": "Response code 401 (Unauthorized)",
"stack": "HTTPError: Response code 401 (Unauthorized)\n at Request.<anonymous> (/usr/local/lib/node_modules/renovate/node_modules/got/dist/source/as-promise/index.js:118:42)\n at processTicksAndRejections (node:internal/process/task_queues:95:5)",
"options": {
"headers": {
"user-agent": "RenovateBot/37.320.0 (https://github.com/renovatebot/renovate)",
"accept": "application/json",
"authorization": "***********",
"accept-encoding": "gzip, deflate, br"
},
"url": "https://api.bitbucket.org/2.0/repositories?role=contributor&pagelen=100",
"hostType": "bitbucket",
"username": "",
"password": "",
"method": "GET",
"http2": false
},
"response": {
"statusCode": 401,
"statusMessage": "Unauthorized",
"body": {
"type": "error",
"error": {
"message": "Token is invalid or not supported for this endpoint."
}
},
"headers": {
"date": "Wed, 24 Apr 2024 07:53:43 GMT",
"content-type": "application/json",
"content-length": "95",
"server": "AtlassianEdge",
"www-authenticate": "OAuth realm=\"Bitbucket.org HTTP\"",
"etag": "\"bbe089b08de73c5e8547da71615cd8b0\"",
"vary": "Origin",
"x-dc-location": "Micros-3",
"x-served-by": "ca15dc7e9bdf",
"x-version": "2767ae4f0e6e",
"x-static-version": "2767ae4f0e6e",
"x-request-count": "429",
"x-render-time": "0.0026738643646240234",
"x-b3-traceid": "33fac901a9504be99ec9f17e8f2605f8",
"x-b3-spanid": "c0296c4fd928aafb",
"x-frame-options": "SAMEORIGIN",
"x-usage-user-time": "0.006830",
"x-usage-system-time": "0.000000",
"x-usage-input-ops": "0",
"x-usage-output-ops": "0",
"x-trace-id": "33fac901a9504be99ec9f17e8f2605f8",
"strict-transport-security": "max-age=31536000; includeSubDomains; preload",
"api-via-stargate": "True",
"x-content-type-options": "nosniff",
"x-xss-protection": "1; mode=block",
"atl-traceid": "33fac901a9504be99ec9f17e8f2605f8",
"report-to": "{\"endpoints\": [{\"url\": \"https://dz8aopenkvv6s.cloudfront.net\"}], \"group\": \"endpoint-1\", \"include_subdomains\": true, \"max_age\": 600}",
"nel": "{\"failure_fraction\": 0.001, \"include_subdomains\": true, \"max_age\": 600, \"report_to\": \"endpoint-1\"}"
},
"httpVersion": "1.1",
"retryCount": 0
}
},
"msg": "Fatal error: Response code 401 (Unauthorized)"
}
]


What i might be doing wrong here? The App Token has Read, Write and Admin access.

1 answer

0 votes
Oleksandr Kyrdan
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
April 26, 2024

Hi @Jamshaid 

Thanks for your question!

For your case we have renovate-scan pipe.

Just add to you bitbucket-pipelines.yml file the next:

script:
  - pipe: atlassian/renovate-scan:0.5.0
    variables:
      CONFIG_FILE_PATH: '<your-config.yaml>'

To start using this pipe you need to create a Bitbucket account for Renovate bot usage. Declare RENOVATE_USERNAME, RENOVATE_USER_EMAIL with your created bot parameters.

Additionally, you must create app password according to the docs. Set your app password as a bitbucket variable RENOVATE_PASSWORD. To allow bot to create pull requests under the needed repositories (in example repository $BITBUCKET_REPO_FULL_NAME) -> Repository settings -> User and group access add write permissions for your created Bitbucket account.

Note! You should not expose renovate username, password or email at your config. For these variables user should only use Bitbucket secured repository variables. The next renovate config variables will be injected at your config with your bitbucket variables: RENOVATE_GIT_AUTHOR="Renovate bot <$RENOVATE_USER_EMAIL>", RENOVATE_PASSWORD=$RENOVATE_PASSWORD, RENOVATE_USERNAME=$RENOVATE_USERNAME, RENOVATE_DRY_RUN=$RENOVATE_DRY_RUN.

More details you could find in the Readme for the pipe.


Best regards,
Oleksandr Kyrdan

Jamshaid
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
April 28, 2024

I have the following pipeline

image: atlassian/default-image:latest

pipelines:

default:

- step:

name: "Renovate Update Scan"

script:

- pipe: atlassian/renovate-scan:0.5.0

variables:

RENOVATE_USERNAME: $RENOVATE_USERNAME

RENOVATE_PASSWORD: $RENOVATE_PASSWORD

RENOVATE_USER_EMAIL: $RENOVATE_USER_EMAIL

CONFIG_FILE_PATH: 'config.yaml'

# Set dry run to true if you want to test without making changes

RENOVATE_DRY_RUN: 'false'

DEBUG: 'true'

 

Following is the config.yaml

platform: 'bitbucket'

onboarding: true

onboardingConfig:

extends:

- config:base

repositories:

- abcxyz/testing-tracking-of-updates


 

Jamshaid
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
April 28, 2024

@Oleksandr Kyrdan 

I face the following error when the pipeline is run. what could be causing the issue? i am unable to get the reason. 

level=error msg="error waiting for container: unexpected EOF"

Suggest an answer

Log in or Sign up to answer
DEPLOYMENT TYPE
CLOUD
TAGS
AUG Leaders

Atlassian Community Events