Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

Always use Fips Cryptography #896

Merged
merged 1 commit into from
Jan 12, 2021
Merged

Always use Fips Cryptography #896

merged 1 commit into from
Jan 12, 2021

Conversation

TingluoHuang
Copy link
Member

The feature flag has turned on and the required service change has deployed.

@TingluoHuang TingluoHuang requested a review from a team as a code owner January 7, 2021 16:19
@t0rr3sp3dr0 t0rr3sp3dr0 mentioned this pull request Jan 7, 2021
Merged
@TingluoHuang TingluoHuang merged commit 3b34e20 into main Jan 12, 2021
@TingluoHuang TingluoHuang deleted the users/tihuang/finishfips branch January 12, 2021 16:05
ashb pushed a commit to ashb/runner that referenced this pull request Jan 13, 2021
@TingluoHuang @ashb
always use Fips Cryptography (actions#896)
9e5bf42
@jonico
Copy link

jonico commented Jan 20, 2021

@TingluoHuang: This is breaking GitHub Enterprise Server 2.22 in scenarios where the runner binaries are updated automatically.

From the runners log:

  | 2021-01-20T14:55:54.932+01:00 | x-tfs-processid: 98044e3b-313d-42e8-8674-fc387d67f23d
  | 2021-01-20T14:55:54.932+01:00 | activityid: 2a07b621-ed6d-4857-be58-7df581d07be4
  | 2021-01-20T14:55:54.932+01:00 | x-tfs-session: cfdc1d98-dc29-4348-9652-d9d29ed3a1ed
  | 2021-01-20T14:55:54.932+01:00 | x-vss-e2eid: a119b94a-10a8-4819-9956-5b804088aefd
  | 2021-01-20T14:55:54.932+01:00 | x-vss-senderdeploymentid: 4fa63284-cff6-c043-679c-da198ae687a5
  | 2021-01-20T14:55:54.932+01:00 | x-tfs-serviceerror: The+user+%27System%3aPublicAccess%3baaaaaaaa-aaaa-aaaa-aaaa-aaaaaaaaaaaa%27+is+not+authorized+to+access+this+resource.
  | 2021-01-20T14:55:54.932+01:00 | x-vss-s2stargetservice: 0000005A-0000-8888-8000-000000000000/visualstudio.com
  | 2021-01-20T14:55:54.932+01:00 | X-Frame-Options: DENY
  | 2021-01-20T14:55:54.932+01:00 | [2021-01-20 13:55:54Z INFO RSAFileKeyManager] Loading RSA key parameters from file /home/ec2-user/actions-runner/.credentials_rsaparams
  | 2021-01-20T14:55:55.182+01:00 | [2021-01-20 13:55:54Z INFO RSAFileKeyManager] Loading RSA key parameters from file /home/ec2-user/actions-runner/.credentials_rsaparams
  | 2021-01-20T14:55:55.182+01:00 | [2021-01-20 13:55:55Z ERR GitHubActionsService] POST request to https://octodemo.com/_services/vstoken/_apis/oauth2/token/0f19532c-dde1-414e-b81b-4127816fc91c failed. HTTP Status: BadRequest
  | 2021-01-20T14:55:55.182+01:00 | [2021-01-20 13:55:55Z INFO GitHubActionsService] AAD Correlation ID for this token request: Unknown
  | 2021-01-20T14:55:55.182+01:00 | [2021-01-20 13:55:55Z ERR Runner] GitHub.Services.OAuth.VssOAuthTokenRequestException: The signature is not valid. at GitHub.Services.OAuth.VssOAuthTokenProvider.OnGetTokenAsync(IssuedToken failedToken, CancellationToken cancellationToken) at GitHub.Services.Common.IssuedTokenProvider.GetTokenOperation.GetTokenAsync(VssTraceActivity traceActivity) at GitHub.Services.Common.IssuedTokenProvider.GetTokenAsync(IssuedToken failedToken, CancellationToken cancellationToken) at GitHub.Services.Common.VssHttpMessageHandler.SendAsync(HttpRequestMessage request, CancellationToken cancellationToken) at GitHub.Services.Common.VssHttpRetryMessageHandler.SendAsync(HttpRequestMessage request, CancellationToken cancellationToken) at System.Net.Http.HttpClient.SendAsyncCore(HttpRequestMessage request, HttpCompletionOption completionOption, Boolean async, Boolean emitTelemetryStartStop, CancellationToken cancellationToken) at GitHub.Services.WebApi.VssHttpClientBase.SendAsync(HttpRequestMessage message, HttpCompletionOption completionOption, Object userState, CancellationToken cancellationToken) at GitHub.Services.WebApi.VssHttpClientBase.SendAsync[T](HttpRequestMessage message, Object userState, CancellationToken cancellationToken) at GitHub.Services.WebApi.VssHttpClientBase.SendAsync[T](HttpMethod method, IEnumerable`1 additionalHeaders, Guid locationId, Object routeValues, ApiResourceVersion version, HttpContent content, IEnumerable`1 queryParameters, Object userState, CancellationToken cancellationToken) at GitHub.Runner.Listener.Configuration.ConfigurationManager.ConfigureAsync(CommandSettings command) at GitHub.Runner.Listener.Runner.ExecuteCommand(CommandSettings command)
  | 2021-01-20T14:55:55.182+01:00 | [2021-01-20 13:55:55Z ERR Terminal] WRITE ERROR: The signature is not valid.

thboop added a commit that referenced this pull request Jan 21, 2021
@thboop
Revert "always use Fips Cryptography (#896)"
cc9c081 
3b34e20
@thboop thboop mentioned this pull request Jan 21, 2021
Merged
thboop added a commit that referenced this pull request Jan 21, 2021
@thboop
Runner v2.276.0 fixes (#928)
3fb9154 
* Revert "always use Fips Cryptography (#896)"

3b34e20

* Revert "Update ldd check with dotnet 5."

4b6ded0

* Revert "Update SDK to .NET 5 (#799)"

fc3ca9b

* Update dotnet-install scripts
thboop added a commit that referenced this pull request Jan 21, 2021
@thboop @TingluoHuang
Update Runner 276 release branch (#931)
88098a6 
* Update ldd check with dotnet 5.

* Runner v2.276.0 fixes (#928)

* Revert "always use Fips Cryptography (#896)"

3b34e20

* Revert "Update ldd check with dotnet 5."

4b6ded0

* Revert "Update SDK to .NET 5 (#799)"

fc3ca9b

* Update dotnet-install scripts

* prep 2.276.1 runner release (#929)

Co-authored-by: Tingluo Huang <huangtingluo@gmail.com>
@jonico jonico mentioned this pull request Jan 22, 2021
Closed
TingluoHuang added a commit that referenced this pull request Apr 21, 2021
@TingluoHuang
always use Fips Cryptography (#896)
e1acc1b
TingluoHuang pushed a commit that referenced this pull request Apr 21, 2021
@thboop @TingluoHuang
Runner v2.276.0 fixes (#928)
26a794b 
* Revert "always use Fips Cryptography (#896)"

3b34e20

* Revert "Update ldd check with dotnet 5."

4b6ded0

* Revert "Update SDK to .NET 5 (#799)"

fc3ca9b

* Update dotnet-install scripts
@evrardjp evrardjp mentioned this pull request May 14, 2021
Merged
AdamOlech pushed a commit to antmicro/runner that referenced this pull request Jul 28, 2021
@TingluoHuang @AdamOlech
always use Fips Cryptography (actions#896)
ff20bcb
AdamOlech pushed a commit to antmicro/runner that referenced this pull request Jul 28, 2021
@TingluoHuang @AdamOlech
always use Fips Cryptography (actions#896)
f729375
# for free to join this conversation on GitHub. Already have an account? # to comment
Reviewers

@hfaulds hfaulds hfaulds approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@TingluoHuang @jonico @hfaulds