Getting Could not create pull request 404: 404 Project Not Found (-1) in a gitlab merge request integration

[schimini]

Describe the issue

When using gitlab merge request as the version control system, when trying to push I always get "Could not create pull request 404: 404 Project Not Found (-1)."

Not only I don't understand the error, but it seems like it's trying to search something on GitHub, since it mentions pull request instead of merge request

I already tried

• I've read and searched the documentation.
• I've searched for similar filed issues in this repository.

Steps to reproduce the behavior

1. Create a new hosted project
2. Create a new component using gitlab merge request as version control.
3. Setup gitlab repo with http
4. Try to push

Expected behavior

A gitlab merge request being created. I'm getting the commit but the Weblate UI says it's still pending and the push fails (in theory)

Screenshots

Exception traceback

No response

How do you run Weblate?

weblate.org service

Weblate versions

The current on hosted Weblate.

Weblate deploy checks

No response

Additional context

No response

[schimini]

I switched back to Git as the version control system and this is the result:

To https://gitlab.com/<repo>/translations.git ! [rejected] main -> weblate (non-fast-forward) error: failed to push some refs to 'https://gitlab.com/<repo>/translations.git hint: Updates were rejected because a pushed branch tip is behind its remote hint: counterpart. Check out this branch and integrate the remote changes hint: (e.g. 'git pull ...') before pushing again. hint: See the 'Note about fast-forwards' in 'git push --help' for details. (1)

[nijel]

You should use force pushing if you are rewriting the repo (the GitLab merge requests do this automatically).

There might be some issue in figuring out GitLab project URL as you're not the only one getting a 404 in this case, see #12406

[schimini]

Thanks for the fast reply @nijel and for the great job with Weblate (I've used in 3/4 projects and counting) !
I could see something like that being the reason since I also have subgroups in my url. I'll check the code to see if something pops up.
https://github.com/WeblateOrg/weblate/blob/9148c82cf6be94feb92d82109251b3f6835f41d4/weblate/vcs/git.py#L1723C9-L1727C66 here for example

target_path = credentials["url"].rsplit("/", 1)[-1]
cmd = ["remote", "get-url", "--push", credentials["username"]]
fork_remotes = self.execute(cmd, needs_lock=False, merge_err=False).splitlines()
fork_path = self.get_fork_path(fork_remotes[0])
return credentials["url"].replace(target_path, fork_path)

def get_fork_path(self, repo: str) -> str:
    _scheme, _host, owner, slug = self.parse_repo_url(repo)
    return urllib.parse.quote(f"{owner}/{slug}", safe="")

I don't know whatcredentials["url"]contains but if it would be the repo full url this could be interesting. If this would be https://gitlab.com/group/subgroup/repo.git or even just ending in repo, then
target_path would be repo.git or repo.

assuming fork_remotes will get a list of remotes (those would also be the full name for the fork repo), get_fork_path uses parse_repo_url (which handles the url correctly from what I've seen ) so it would return properly "group/subgroup/fork_repo"

by replacing at the end we could potentially get https://gitlab.com/group/subgroup/group/subgroup/fork_repo or https://gitlab.com/group/subgroup/group/subgroup/fork_repo.git

This is all speculative since I haven't tested any of this, I don't know python and I don't know Weblate's code base at all.

I was doing this on cloud Weblate so I can't see logs. Will try to get Weblate to run on my machine and try to replicate the setup and I'll have you know.

[nijel]

If this happened on Hosted Weblate, can you please share a link to the project so that I can debug it there?

[schimini]

Ofc: https://hosted.weblate.org/projects/mypolis/

[nijel]

Thanks, I think #12466 should address this.

[schimini]

@nijel thank you very much. I see now that it was related with having credentials in the url.

This setup is not my preferred to be honest. I started with trying to add hosted Weblate's ssh key to gitlab (and either I already had It in my account or someone else had in the platform) but it failed. With the ssh key and basic git configuration (no MR) I wasn't able to get it to work (my assumption is that gitlab doesn't allow the same ssh key to be used in different projects across platform).

Having a private gitlab repo in the gitlab.org instance makes it so that, since I can't add my own ssh key to Weblate (hosted, to my knowledge), or add hosted weblate ssh public key to gitlab, I have to generate a deploy token, or other tokens (personal ones) and set them in the url (again, I don't think there's any other configuration page to set this kind of credentials in hosted Weblate, please correct if I'm wrong).

This doesn't seem super cool to me, in the sense that that url's are usually not considered to be secret data, (they might get logged anywhere, standard storage types, etc). If you know of another way to authenticate towards the repo in Weblate let me know.

Other than that, thank you. Very good job!

[nijel]

Storing secrets in URL should be safe in Weblate, the code was written with the intention that the secrets might be present there. But of course, bugs can always happen.

Documented approach is to add weblate user as a collaborator to your repo, see https://docs.weblate.org/en/latest/vcs.html#accessing-repositories-from-hosted-weblate. In the long-term, I'd like to have native integration with GitLab, but that will take some time.

[github-actions]

Thank you for your report; the issue you have reported has just been fixed.

• In case you see a problem with the fix, please comment on this issue.
• In case you see a similar problem, please open a separate issue.
• If you are happy with the outcome, don’t hesitate to support Weblate by making a donation.