Closed
Bug 1351060
Opened 7 years ago
Closed 7 years ago
"Taskcluster: You do not have sufficient scopes. ..." when trying to manually add (trigger) a single job on try
Categories
(Taskcluster :: Services, defect)
Taskcluster
Services
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: mayhemer, Unassigned)
Details
Logged in as hbambas at mozilla.com, this used to work (not sure how long ago, a month or so..). The whole message is: Taskcluster: You do not have sufficient scopes. This request requires you to have one of the following sets of scopes: [ [ "queue:create-task:aws-provisioner-v1/gecko-decision" ], [ "queue:define-task:aws-provisioner-v1/gecko-decision", "queue:task-group-id:gecko-level-1/SSGabY1KTsq2_k_ov1W97w", "queue:schedule-task:gecko-level-1/SSGabY1KTsq2_k_ov1W97w/SSGabY1KTsq2_k_ov1W97w" ] ] You only have the scopes: [ "assume:hook-id:garbage/*", "assume:mozilla-group:IntranetWiki", "assume:mozilla-group:StatsDashboard", "assume:mozilla-group:all-moco-mofo@mozilla.com", "assume:mozilla-group:all-moco@mozilla.com", "assume:mozilla-group:corp-contractors@mozilla.com", "assume:mozilla-group:corp-vpn", "assume:mozilla-group:eu-corp-contractors@mozilla.com", "assume:mozilla-group:eu@mozilla.com", "assume:mozilla-group:jduell-directs@mozilla.com", "assume:mozilla-group:okta_mfa", "assume:mozilla-group:phonebook_access", "assume:mozilla-group:team_moco", "assume:mozilla-group:vpn_cloudops_webpagetest", "assume:mozilla-group:vpn_corp", "assume:mozilla-group:vpn_default", "assume:mozilla-user:hbambas@mozilla.com", "assume:mozillians-user:mayhemer", "assume:project:taskcluster:tutorial", "assume:worker-id:*", "auth:create-client:mozilla-ldap/hbambas@mozilla.com/*", "auth:create-role:hook-id:garbage/*", "auth:delete-client:mozilla-ldap/hbambas@mozilla.com/*", "auth:delete-role:hook-id:garbage/*", "auth:reset-access-token:mozilla-ldap/hbambas@mozilla.com/*", "auth:update-client:mozilla-ldap/hbambas@mozilla.com/*", "auth:update-role:hook-id:garbage/*", "hooks:modify-hook:garbage/*", "hooks:trigger-hook:garbage/*", "queue:create-task:aws-provisioner-v1/b2gtest", "queue:create-task:aws-provisioner-v1/tutorial", "queue:get-artifact:private/*", "queue:rerun-task", "queue:resolve-task", "scheduler:create-task-graph", "scheduler:extend-task-graph", "secrets:get:garbage/*", "secrets:set:garbage/*" ] In other words you are missing scopes from one of the options: * Option 0: - "queue:create-task:aws-provisioner-v1/gecko-decision" * Option 1: - "queue:define-task:aws-provisioner-v1/gecko-decision", and - "queue:task-group-id:gecko-level-1/SSGabY1KTsq2_k_ov1W97w", and - "queue:schedule-task:gecko-level-1/SSGabY1KTsq2_k_ov1W97w/SSGabY1KTsq2_k_ov1W97w" Result: can't trigger jobs on try. What do I have to do?
Comment 1•7 years ago
|
||
It doesn't look like that account has commit privileges. You'll need to login with the account you use to commit with.
Reporter | ||
Comment 2•7 years ago
|
||
My commit access is bound to my bugzilla email. No idea how to log into tuskcluster with that. Probably best would be to ask commit rights for my LDAP bound email. It can't just be easy....
Comment 3•7 years ago
|
||
Commit access is governed by LDAP, so the account definitely exists in LDAP. You may just need to figure out the password for it, through the forgotten-password process. You might also consider just merging the two LDAP accounts?
Reporter | ||
Comment 4•7 years ago
|
||
(In reply to Dustin J. Mitchell [:dustin] from comment #3) > Commit access is governed by LDAP, so the account definitely exists in LDAP. > You may just need to figure out the password for it, through the > forgotten-password process. Will try. It's nearly a 10 years old account :) > > You might also consider just merging the two LDAP accounts? If that's possible, it might be the best option. Thanks.
Comment 5•7 years ago
|
||
No problem. I'm not an LDAP admin, so that's about all I can do for you :/
Status: NEW → RESOLVED
Closed: 7 years ago
Resolution: --- → FIXED
Assignee | ||
Updated•5 years ago
|
Component: Login → Services
You need to log in
before you can comment on or make changes to this bug.
Description
•