Differences

This shows you the differences between two versions of the page.

--- git:gitlab:ci:issues [2023/07/05 14:05] – niziak
+++ git:gitlab:ci:issues [2025/03/12 09:07] (current) – niziak
@@ Line 1: / Line 1: @@
 ====== CI Issues ======
+===== Connection closed by remote host =====
+On 22 CPU machine, when Buildroot is in parallel download mode (''BR2_PER_PACKAGE_DIRECTORIES=y''):
+<code>
+kex_exchange_identification: Connection closed by remote host
+Connection closed by 192.168.64.240 port 22
+</code>
+In Gitlab server logs:
+<code>
+gitlab sshd[1800758]: error: beginning MaxStartups throttling
+gitlab sshd[1800758]: drop connection #10 from [192.168.65.128]:37112 on [192.168.64.240]:22 past MaxStartups
+</code>
+Solution: [[https://docs.gitlab.com/topics/git/troubleshooting_git/#ssh_exchange_identification-error|ssh_exchange_identification]]
+===== remote: You are not allowed to download code from this project. =====
+<code>
+Cloning into '/builds/group/project/buildroot/src/maginc-submodule'...
+remote: You are not allowed to download code from this project.
+fatal: unable to access 'https://gitlab.example.com/groups/project/magic-submodule.git': The requested URL returned error: 403
+fatal: clone of 'https://gitlab-ci-token:[MASKED]@gitlab.example.com/groups/project/magic-submodule.git' into submodule path '/builds/group/project/buildroot/src/maginc-submodule' failed
+</code>
+Reason:
+[[https://docs.gitlab.com/ee/update/deprecations.html#default-cicd-job-token-ci_job_token-scope-changed|Default CI/CD job token (CI_JOB_TOKEN) scope changed]]
+More:
+[[https://gitlab.grinndev.ovh/help/ci/jobs/ci_job_token#allow-access-to-your-project-with-a-job-token|Allow access to your project with a job token]]
+Solution:
+  * Go to ''Submodule to be cloned'' in Gitlab UI
+  * Settings --> CI/CD --> Token Access
 ===== fatal: No names found, cannot describe anything =====
@@ Line 50: / Line 87: @@
 **Workaround 2:** [[https://docs.gitlab.com/ee/ci/runners/configure_runners.html#rewrite-submodule-urls-to-https|Rewrite submodule URLs to HTTPS]]
-===== fatal: unsafe repository =====
-Error:
-<code>fatal: detected dubious ownership in repository at</code>
-<code>
-fatal: unsafe repository ('/builds/rPrca3qv/0/group/project' is owned by someone else)
-To add an exception for this directory, call:
-	git config --global --add safe.directory /builds/rPrca3qv/0/group/project
-</code>
-Workaround:
-<code bash>
-git config --global --add safe.directory ${CI_PROJECT_DIR}
-</code>
-Workarounds:
-  * [[https://gitlab.com/gitlab-org/gitlab-runner/-/issues/29022|Configure project clone directory as safe by default]]
-  * [[https://gitlab.com/gitlab-org/gitlab-runner/-/merge_requests/3538|Mark project working directory as safe for Git ]]
-**Best workaround:**
-[[https://gitlab.com/gitlab-org/gitlab-runner/-/issues/29022#note_1356788508]]
-<file toml config.toml>
-[[runners]]
-  environment = ["GIT_CONFIG_COUNT=1", "GIT_CONFIG_KEY_0=safe.directory", "GIT_CONFIG_VALUE_0=*", "GIT_CONFIG_PARAMETERS='safe.directory=*'"]
-</file>
-or re-register runner with args:
-<code bash>
-gitlab-runner register \
-      --env "GIT_CONFIG_COUNT=1" \
-      --env "GIT_CONFIG_KEY_0=safe.directory" \
-      --env "GIT_CONFIG_VALUE_0=*" \
-      --env "GIT_CONFIG_PARAMETERS="'safe.directory=*'"
-</code>
-**Note:** According to [[https://github.com/yoctoproject/poky/commit/5bca57859b280f73b23247aac7dec6b05f48fde8|bitbake.conf: mark all directories as safe for git to read ]]:
-<code>
-This can be set globally via the
-internal environment variable GIT_CONFIG_PARAMETERS, we can't use
-GIT_CONFIG_*_KEY/VALUE as that isn't present in all the releases which
-have the ownership check.
-</code>
 ===== CAfile: none =====

Tools

menus and quick search

quick search

site status

Page Tools

meta data for this page

Differences