Git Authentication fails on GHE

[tomfrenken]

Summary

I installed Jenkins X with the latest jx binary and jx-boot-config
and afterwards jx import was failing due to bad credentials,
here is what I found out.

After nuking everything to replicate the error I tried to delete a repository before
even running jx import with jx delete repo, there I was asked if I want to use the git bot-user for that, which I previously defined in jx boot, or some other user.

Here is the first issue, now that I chose a different user, without even being prompted to enter OAuth token, some other OAuth token is apparently used by default, as I receive this error:

? Do you wish to use jx-bot-serviceuser as the Git user name No
? Git user name I519840
? Which organisation do you want to use? I519840
Owner of repo is same as username, using GitHub API for Users
error: GET https://github.tools.sap/api/v3/users/I519840/repos?per_page=100: 401 Bad credentials []

The issue really kicks in when running jx import though, here I can enter the real OAuth token, though it is still not used?

Therefore I receive this error:

WARNING: No username defined for the current Git server!
? Do you wish to use I519840 as the Git user name: Yes
trying to use draft pack: none
ERROR: Could not find pack: none going to try detect which pack to use
selected pack: /Users/i519840/.jx/draft/packs/github.com/jenkins-x-buildpacks/jenkins-x-kubernetes/packs/maven
replacing placeholders in directory /Users/i519840/Code/jx_related_repos/jx-test
app name: jx-test, git server: github.com, org: i519840, Docker registry org: sap-cpe-cloudpot-dev
skipping directory "/Users/i519840/Code/jx_related_repos/jx-test/.git"
WARNING: organisation I519840 detected from URL https://github.tools.sap/I519840/jx-test.git. '--org i519840' will be ignored
WARNING: Querying webhooks on I519840/jx-test: GET https://api.github.com/repos/I519840/jx-test/hooks: 401 Bad credentials []
Creating GitHub webhook for I519840/jx-test for url http://hook-jx.35.204.94.235.nip.io/hook
error: unable to create webhook for I519840/jx-test - permission denied: POST https://api.github.com/repos/I519840/jx-test/hooks: 403 API rate limit of 60 still exceeded until 2020-01-22 11:43:03 +0100 CET, not making remote request. [rate reset in 19m35s]

I tried to curl the same url with my OAuth token to verify that it's not my token's fault and in fact, the curl was working, which means that the wrong token is being used for authentication.

Steps to reproduce the behavior

Run jx boot with the latest CLI, afterwards try importing a repository which is created outside of the org, preferably your normal user account.

Alternativly, run jx delete repo and choose a different user than the default.

Jx version

The output of jx version is:

jx                 2.0.1142
Kubernetes cluster v1.13.11-gke.14
kubectl            v1.17.1
helm client        Client: v2.16.1+gbbdfe5e
git                2.25.0
Operating System   Mac OS X 10.15.2 build 19C57

Jenkins type

• Serverless Jenkins X Pipelines (Tekton + Lighthouse)
• Classic Jenkins

Operating system / Environment

Mac OS X 10.15.2 build 19C57

[abayer]

I’m betting this is related to stale data in ~/.jx/gitAuth.yml, but not sure yet.

EDIT: Ignore, I wasn't awake enough yet. =)

[abayer]

What is the exact command line you're using with jx import? Somehow it's ending up thinking the git provider is github.com, not your GHE, and I'm trying to figure out where exactly in the code path that's happening.

[abayer]

So the problem is that --git-provider-url is hardcoded to default to https://github.com. The same logic for defaulting that is used in jx install (and related commands like jx create cluster, jx create terraform and friends), jx edit env, jx create env. Most of these cases should instead default to empty and pull from the team settings instead., but with the jx install family (which are deprecated in the first place), there aren't team settings yet, so they should probably stay with defaulting to https://github.com.

Also we should be setting gitServer in the team settings to cluster.gitServer from jx-requirements.yml.