I am currently running a pipeline in Gitlab and I am trying to mirror a repo on Codecommit. My .gitlab-ci.yml file contains those commands :
mirror_id=$(curl --request POST --data "url=https://${codecommit_username}:${codecommit_password}@${codecommit_repo}" --header "PRIVATE-TOKEN:${CLIENT_GITLAB_PRIVATE_TOKEN}" "https://gitlab.com/api/v4/projects/${project_id}/remote_mirrors" | jq '.id')
curl --request PUT --data "enabled=true" --data "only_protected_branches=true" --header "PRIVATE-TOKEN:${CLIENT_GITLAB_PRIVATE_TOKEN}" "https://gitlab.com/api/v4/projects/${project_id}/remote_mirrors/${mirror_id}" > /dev/null 2>&1
Here is the result in gitlab : gitlab error
13:get remote references: create git ls-remote: exit status 128, stderr: "fatal: unable to access 'https://git-codecommit.us-east-1.amazonaws.com/v1/repos/aft-account-provisioning-customizations/': The requested URL returned error: 403\n".
I already tried hardcoding my credentials and token with those commands but the same thing happens as soon as it is pushed.
For some odd reason when I do it manually it works fine manual mirroring and my repo is pushed without a problem to the Codecommit repo. I already checked the user in AWS and he has full admin access.
It seems to me that the problem comes from the Curl command( as it works fine manually) somehow the repo is mirrored but it does not like it when there is a push to the code commit.
Any suggestions? Thank you
Edit:
I was able to find the problem. It was due to the password generated in AWS for the gitlab access, when special characters like + were in the password, the Curl command did not seem to like it.
My work around was : create a while loop in bash checking if the password contains any special characters( expect the last character which is always a = and does not seem to bother the curl command) and it if does, it destroys the user and recreate it. I did not explore every possibility but maybe it would be possible to escape those special characters somehow?
I was able to find the problem. It was due to the password generated in AWS for the gitlab access, when special characters like + were in the password, the Curl command did not seem to like it.
My work around was : create a while loop in bash checking if the password contains any special characters( expect the last character which is always a = and does not seem to bother the curl command) and it if does, it destroys the user and recreate it. I did not explore every possibility but maybe it would be possible to escape those special characters somehow?