I use nuxt (nitro as backend) and have an error in one of my endpoints which is the callback endpoint for a github app installation. In that endpoint I just import user data into our database.
I don't get it, the github app runs on vercel too, and I added the privateKey the same way as I did now. This has to have to do with octokit. All of the secrets are valid, I checked like 5 times. What is wrong here?
My environment in production:
^20
The function that causes the error:
const { data: installation } = await octokit.rest.apps.getInstallation({
installation_id: installationId
})
Everything works fine locally, but when I deploy it on vercel, I get the following error:
Error: error:1E08010C:DECODER routines::unsupported
at createPrivateKey (node:internal/crypto/keys:632:12)
at convertPrivateKey (file:///var/task/node_modules/universal-github-app-jwt/lib/crypto-node.js:11:10)
at getToken (file:///var/task/node_modules/universal-github-app-jwt/lib/get-token.js:19:31)
at githubAppJwt (file:///var/task/node_modules/universal-github-app-jwt/index.js:32:23)
at getAppAuthentication (file:///var/task/node_modules/@octokit/auth-app/dist-node/index.js:14:37)
at hook (file:///var/task/node_modules/@octokit/auth-app/dist-node/index.js:315:37)
at async requestWithGraphqlErrorHandling (file:///var/task/node_modules/@octokit/plugin-retry/dist-bundle/index.js:36:20)
at async Job.doExecute (/var/task/node_modules/bottleneck/light.js:405:18) {
library: 'DECODER routines',
reason: 'unsupported',
code: 'ERR_OSSL_UNSUPPORTED'
}
If I understand correctly, the problem is, that the openssl version is not compatible with the nodejs version, right?
What I tried:
caused:
Error: error:1E08010C:DECODER routines::unsupported
at createPrivateKey (node:internal/crypto/keys:632:12)
at convertPrivateKey (file:///var/task/node_modules/universal-github-app-jwt/lib/crypto-node.js:11:10)
at getToken (file:///var/task/node_modules/universal-github-app-jwt/lib/get-token.js:19:31)
at githubAppJwt (file:///var/task/node_modules/universal-github-app-jwt/index.js:32:23)
at getAppAuthentication (file:///var/task/node_modules/@octokit/auth-app/dist-node/index.js:14:37)
at hook (file:///var/task/node_modules/@octokit/auth-app/dist-node/index.js:315:37)
at async requestWithGraphqlErrorHandling (file:///var/task/node_modules/@octokit/plugin-retry/dist-bundle/index.js:36:20)
at async Job.doExecute (/var/task/node_modules/bottleneck/light.js:405:18) {
library: 'DECODER routines',
reason: 'unsupported',
code: 'ERR_OSSL_UNSUPPORTED'
}
and
Unable to load legacy provider.
# node[3]: v8::Maybe<bool> node::crypto::CipherJob<CipherTraits>::ToResult(v8::Local<v8::Value>*, v8::Local<v8::Value>*) [with CipherTraits = node::crypto::AESCipherTraits] at ../src/crypto/crypto_cipher.h:262
# Assertion failed: errors->Empty()
----- Native stack trace -----
1: 0x55e379de39ac node::Assert(node::AssertionInfo const&) [node]
2: 0x55e379f7f77c node::crypto::CryptoJob<node::crypto::AESCipherTraits>::AfterThreadPoolWork(int) [node]
3: 0x55e37ab42fc9 [node]
4: 0x55e37ab48193 [node]
5: 0x55e37ab60b73 [node]
6: 0x55e37ab49227 uv_run [node]
7: 0x55e379cd4146 node::SpinEventLoopInternal(node::Environment*) [node]
8: 0x55e379e3b3f6 [node]
9: 0x55e379e3bf5c node::NodeMainInstance::Run() [node]
10: 0x55e379d920c3 node::Start(int, char**) [node]
11: 0x7fb593021eb0 [/lib64/libc.so.6]
12: 0x7fb593021f60 __libc_start_main [/lib64/libc.so.6]
13: 0x55e379cd1465 _start [node]
Node.js process exited with signal: 6 (SIGABRT). The logs above can help with debugging the issue.
What I found:
Thanks to: https://github.com/octokit/octokit.js/issues/2623#issuecomment-1928596166
I have no clue, why it didn't work without that, but I changed my runtimeConfig to the following:
runtimeConfig: {
github: {
app: {
webhookSecret: process.env.GITHUB_APP_WEBHOOK_SECRET,
appId: process.env.GITHUB_APP_ID,
clientId: process.env.GITHUB_APP_GITHUB_CLIENT_ID,
clientSecret: process.env.GITHUB_APP_GITHUB_CLIENT_SECRET,
privateKey: Buffer.from(
String(
process.env.GITHUB_APP_PRIVATE_KEY?.replace(/\\n/g, '\n').trim()
),
"base64",
).toString("utf-8")
}
},
I Not sure why it didn't work the way I did it for my other projects. I tried to fix it with 3 other "solutions" and wasted a lot of time doing so. That is the only approach that worked. I will start to encode all of my privateKeys in the future, because I guess that is the most robust way.