We are also having this issue. We need to always relogin with the gitlab drone application user.
I finally found a solution for it.
Since I am fresh to GO and I just made some changes to make gitlab work without testing on others, I didn’t create a PR for the project.
A pre-build image with the fix can be found at gluxhappy/drone-server-gitlab. If you have any (security) concerns, you can build your own from scripts at gluxhappy/drone-gitlab .
That is not enough, some changes in the go-scm module also need to be made (see my reply below).
Could you please explain those changes? Do they fix the error message I mentioned and if so, how?
As you can see from the Github repo I mentioned in the previews reply, beside the same change in the PR for the drone main repo, some additional changes are also need in the go-scm repo which is a sub-module of the main drone-server project. The changes in that repo is to add
client_secret parameters when requesting a token refresh. This is documented in the Gitlab documentation but seems not the standard way of the OAuth2. That’s why I didn’t create a PR for the go-scm repo since this change could break the refresh of tho platforms.
DRONE_GIT_USERNAME should be a user’s name and
DRONE_GIT_PASSWORD should be an Personal Access Token with long expiration time. The access token should has been grant at least read access to all repositories you want to build via the Drone.
I use gitlab 15.0 and drone 2.12.0.
I followed the doc from official drone website. GitLab | Drone
I think it’s a little weird if we use the personal account as the env for DRONE_GIT_USERNAME and DRONE_GIT_PASSWORD.
Thanks for @gluxhappy
I tried the method you provide at #11. It doesn’t work for me. I really don’t know why.
but I downgrade from 15.0 to 14.10.3 successfully.
It came back normal now for me.
Hope this issue will be fixed in the future.
We have rebuilt Drone with the
go-scm change you proposed. Sadly, it doesn’t seem to change anything, some builds still randomly fail with the
fatal: could not read Username for 'https://gitlab.com': terminal prompts disabled error.
We face the same issue.
Has any solution with this?
as a hacky fix if you have people login in a lot it should work of longer as the tokens get renewed when you login
it seems work！！ thanks！！https://github.com/gluxhappy/drone-gitlab
Looks like the latest release fixed the issue.
I’m not sure that it does. As I have mentioned, we have tried the change in that PR and it seems to fix authentication timeout in Drone web UI and webhooks not arriving, but we still kept getting intermittent build failures with another error.
What did fully fix it is using
DRONE_GIT_PASSWORD with a personal token as suggested in this thread. (The additional change to
go-scm, however, didn’t help, we tried it too.) Still, it’s better than nothing. Perhaps now that the PR is merged, more people will get the same clone step error we did, report it, and prompt another fix
I confirmed with the latest drone 2.12.1 fixed the issue.
I didn’t use extra settings for my drone and keep the original settings.
Tried latest drone 2.12.1 and its fixed oauth2 token refresh issue.
but got new issue when doing multi pipeline with clone step on every pipeline.
is your issue related to multi pipeline?
becase when its multi pipeline with only one clone step it work.
in my case, its not make the job failure. in drone ui, it will stuck with forever loading on next pipeline.
log from drone:
WARN manager: cannot generate netrc. error="The provided authorization grant is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client."
Everytime a pipeline starts, the go-scm does a force refresh of the OAuth token which cause the existing token expried immedentily even the expired one was refresh half a second ago (multi pipeline). The token will then be distributed to agent for code cloning and will not be updated any more.
Please use the Personal Access token for code clone.
@phiexz Please check my lastest reply for the issue of multiple pipeline stucking.
Thanks @gluxhappy , using
DRONE_GIT_USERNAME fix multiple pipeline issue