Failure occurred during GIT Browsing - bitbucket

All, I am using REST API to add bitbucket branch URL into SAST scanner. When sending the REST API from postman, getting error message: "Failure occurred during GIT Browsing". The curl is:
curl --location --request POST 'http://<host name/IP>/cxrestapi/projects/{projectId}/sourceCode/remoteSettings/git' --header 'Authorization: Bearer --header 'Content-Type: application/x-www-form-urlencoded' --data-urlencode 'url=https://bitbucket.org//.git'
--data-urlencode 'branch=refs/heads/master' --data-urlencode 'username=' --data-urlencode 'password='
If I do the same for public Github (https://github.com//.git), curl works fine. Any suggestion is appreciated.

Related

Can you specify a deployment target with Octopus Deploy API

I am trying to use Octopus Deploy Deployment API and i ran into a problem where the deployment runs on all deployment targets, is there a way to specify the deployment target i would like to run the deployment on.
curl --location --request POST '$(octopus-url)/api/$(SpaceId)/deployments' \
--header 'X-Octopus-ApiKey: API-KEY' \
--header 'Content-Type: application/json' \
--data-raw '{
"ReleaseId": "Releases-ID",
"EnvironmentId": "Environments-ID",
}'
You can specify the machines you want to deploy to using the SpecificMachineIds property. It's an array type, and you need to know the machine ids, not the names of the machines:
curl --location --request POST '$(octopus-url)/api/$(SpaceId)/deployments' \
--header 'X-Octopus-ApiKey: API-KEY' \
--header 'Content-Type: application/json' \
--data-raw '{
"ReleaseId": "Releases-ID",
"EnvironmentId": "Environments-ID",
"SpecificMachineIds": ["Machines-1", "Machines-2"],
}'
Hope that helps!

Sign in with Apple - Exchange Identifiers - Request is invalid

We try to exchange 'Sign in with apple' between 2 teams, we proceed as follows:
The old team generates a transfer_sub for the new team, the request (https://developer.apple.com/documentation/sign_in_with_apple/transferring_your_apps_and_users_to_another_team) here looks like this:
curl -sS --location --request POST "https://appleid.apple.com/auth/usermigrationinfo" \
--header 'Content-Type: application/x-www-form-urlencoded' \
--header 'Authorization: Bearer XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX' \
-d "sub=$oldUserSub&target=$newTeamId&client_id=$oldAppBundleID&client_secret=$oldSecret"
This works perfectly, the old team receives a transfer_sub and gives it to the new team.
{"transfer_sub":"XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"}
The new team gets the new ID with the following request (https://developer.apple.com/documentation/sign_in_with_apple/bringing_new_apps_and_users_into_your_team):
curl -sS --location --request POST "https://appleid.apple.com/auth/usermigrationinfo" \
--header 'Content-Type: application/x-www-form-urlencoded' \
--header 'Authorization: Bearer XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX' \
-d "transfer_sub=$transferSubFromOldTeam&client_id=$newAppBundleID&client_secret=$newSecret"
Unfortunately this does not work because there is an error return:
{"error":"invalid_request"}
Does anyone have an idea what to do to make the relegation valid?
Have you already transferred your app?
The same issue has already been resolved in the Developer Forums.
Referring to here may resolve this issue.
The answer says:
You cannot use the api "/auth/usermigrationinfo" of the URL before app transfer.
So, If you haven't transferred your app yet, you have to complete your app transfer first. Then the new team will be able to get the new ID with the following request:
curl -sS --location --request POST "https://appleid.apple.com/auth/usermigrationinfo" \
--header 'Content-Type: application/x-www-form-urlencoded' \
--header 'Authorization: Bearer XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX' \
-d "transfer_sub=$transferSubFromOldTeam&client_id=$newAppBundleID&client_secret=$newSecret"

How to get manifests using HTTP API v2?

How to authenticate with the V2 API is useful and works.
REPO="https://hub.docker.com/v2"
I'm able to get tokens, list (my) repos and lists their images and tags.
curl --silent \
--header "Authorization: JWT ${TOKEN}" \
${REPO}/repositories/${USERNAME}/
curl --silent \
--header "Authorization: JWT ${TOKEN}" \
${REPO}/repositories/${USERNAME}/${IMAGE}/tags/
I'd like to 'GET MANIFEST' but I'm struggling to get this to work:
https://docs.docker.com/registry/spec/api/#manifest:
curl --silent \
--header "Host: hub.docker.com" \
--header "Authorization: JWT ${TOKEN}" \
${REPO}/repositories/${USERNAME}/${IMAGE}/manifests/
curl --silent \
--header "Host: hub.docker.com" \
--header "Authorization: JWT ${TOKEN}" \
${REPO}/${USERNAME}/${IMAGE}/manifests/
curl --silent \
--header "Host: hub.docker.com" \
--header "Authorization: JWT ${TOKEN}" \
${REPO}/${USERNAME}/${IMAGE}/manifests/${TAG}
I've tried with|without the Host header. With various values for the Host header. But, I'm clearly missing something. I tried pattern-matching against the working endpoints but no joy:
curl --silent \
--header "Authorization: JWT ${TOKEN}" \
${REPO}/repositories/${USERNAME}/${IMAGE}/manifests/
Curiously, this page shows "GET TAGS" seemingly incorrectly as /v2/<name>/tags/list:
https://docs.docker.com/registry/spec/api/#tags
Reviewed:
https://stackoverflow.com/a/45605443/609290
Follow-up
I'm a Googler and have access to Google Container Registry (GCR).
REPO="https://gcr.io/v2/"
On a whim, I just tried 'GET MANIFEST' against GCR and the requests works:
curl --silent \
--request GET \
--user _token:$(gcloud auth print-access-token) \
${REPO}/${PROJECT}/${IMAGE}/manifests/${TAG}
It's quite confusing with all the *.docker.com|io subdomains!
I found registry.hub.docker.com and index.docker.io the most reliable ones.
You can easily query the tags from there, but for the manifests you'll need to get a token for pulling first:
REGISTRY=https://index.docker.io/v2
#REGISTRY="https://registry.hub.docker.com/v2"
#REGISTRY="https://registry.docker.io/v2"
#REGISTRY="https://registry-1.docker.io/v2"
#REGISTRY="https://hub.docker.com/v2"
REPO=library
IMAGE=debian
# Could also be a repo digest
TAG=latest
# Query tags
curl "$REGISTRY/repositories/$REPO/$IMAGE/tags/"
# Query manifest
curl -iL "$REGISTRY/$REPO/$IMAGE/manifests/$TAG"
# HTTP/1.1 401 Unauthorized
# Www-Authenticate: Bearer realm="https://auth.docker.io/token",service="registry.docker.io",scope="repository:library/debian:pull"
TOKEN=$(curl -sSL "https://auth.docker.io/token?service=registry.docker.io&scope=repository:$REPO/$IMAGE:pull" \
| jq --raw-output .token)
curl -LH "Authorization: Bearer ${TOKEN}" "$REGISTRY/$REPO/$IMAGE/manifests/$TAG"
# Some repos seem to return V1 Schemas by default
REPO=nginxinc
IMAGE=nginx-unprivileged
TAG=1.17.2
curl -LH "Authorization: Bearer $(curl -sSL "https://auth.docker.io/token?service=registry.docker.io&scope=repository:$REPO/$IMAGE:pull" | jq --raw-output .token)" \
"$REGISTRY/$REPO/$IMAGE/manifests/$TAG"
# Solution: Set the Accept Header for V2
curl -LH "Authorization: Bearer $(curl -sSL "https://auth.docker.io/token?service=registry.docker.io&scope=repository:$REPO/$IMAGE:pull" | jq --raw-output .token)" \
-H "Accept:application/vnd.docker.distribution.manifest.v2+json" \
"$REGISTRY/$REPO/$IMAGE/manifests/$TAG"
See
this gist for another example and
this repo for a reusable script docker-image-size-curl.sh
Authorization with hub.docker.com works differently and you don't seem to get the manifests from there 🤔

Why am i getting HTTP 404 & sub_code":"S00004 ? IBM Watson

I am using curl command :
curl -X POST --user "apikey:xxx" \
--header "Content-Type: application/json" \
--header "Accept: application/json" \
--data-binary #profile.json \
"https://gateway-fra.watsonplatform.net/personality-insights/api"
and IBM is giving me response:
x{"code":404,"sub_code":"S00004","error":"Not Found"}%
anyone has idea why?
this is my .json file
https://watson-developer-cloud.github.io/doc-tutorial-downloads/personality-insights/profile.json
Try using the following curl command:
curl -X POST --user "apikey:xxxxxxxx" --header "Content-Type: application/json" --header "Accept: application/json" --data-binary #profile.json "https://gateway-fra.watsonplatform.net/personality-insights/api/v3/profile?version=2017-10-13&consumption_preferences=true&raw_scores=true"
Replace xxxxxxxx with your apikey. Please avoid using real apikey in public in the future. Anyone can use your key. I have edited the question to hide it.
Please follow the API reference for Personality Insights for more info.

Google Cloud : Bearer token generated from service account gives "insufficient_scope" error

I have a Google Cloud service account and I'm able to use its JSON key to query google cloud data store via GCP python client libraries.
I'm using the very same JSON to generate a bearer token to run the same request via curl but this fails with "insufficient_scope" error.
Steps used to generate Bearer Token:
gcloud auth activate-service-account --key-file=KEY_FILE
TOKEN=$(gcloud auth application-default print-access-token)
curl command used with bearer token:
curl 'https://datastore.googleapis.com/v1/projects/my_project:runQuery' \
-X POST \
-H "Authorization: Bearer $TOKEN" \
-H 'Accept: application/json' \
-H 'Content-Type: application/json' \
--data-binary '{"gqlQuery":{"queryString":"select * from Tasktest111"}}' \
--compressed

Resources