Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

OPTIONS request to "/api/" failed, reason: Internal server error occurs. API is not accessible

See original GitHub issue

Summary

my chectl version image

i have installed eclipse-che using below command

chectl server:deploy --che-operator-cr-patch-yaml=/Users/divine/Documents/office_tasks/TAP-4540/terraformCheJune17/eclipseche_yaml/che-operator-cr-patch.yaml --platform=k8s --installer=operator --debug --k8spoderrorrechecktimeout=1000000 --domain=eclipseche-dchelladurai-chejune15.calatrava.vmware.com --k8spodreadytimeout=1000000

i have integrated dex with github connector . i followed the steps mentioned here , to configure dex with github connector.

when i hit eclipse-che dashboard url, the webpage redirects to github login and after successful authentication flow in github, the webpage redirects back to eclipse-che dashboard url, but it fails to completely load the webpage due to below error.

https://eclipseche-dchelladurai-chejune15.calatrava.vmware.com/api/ —OPTIONS request-- this api throws errorMessage 500 Internal server error occurs. API is not accessible

https://eclipseche-dchelladurai-chejune15.calatrava.vmware.com/api/ — what does this api do?

below is the output of che ingress in eclipse-che namespace. i have installed ingress-nginx in the k8s cluster.
is this error anything related to my ingress configuration? image

Please help me to fix this error @tolusha @sparkoo

image image image

https://eclipseche-dchelladurai-chejune15.calatrava.vmware.com/api/

image

checluster output kubectl get checluster eclipse-che -n eclipse-che -o yaml

apiVersion: org.eclipse.che/v2
kind: CheCluster
metadata:
  creationTimestamp: "2022-06-17T10:02:53Z"
  finalizers:
  - checluster.che.eclipse.org
  - cheGateway.clusterpermissions.finalizers.che.eclipse.org
  - cheWorkspaces.clusterpermissions.finalizers.che.eclipse.org
  - namespaces-editor.permissions.finalizers.che.eclipse.org
  - devWorkspace.permissions.finalizers.che.eclipse.org
  - dashboard.clusterpermissions.finalizers.che.eclipse.org
  generation: 2
  name: eclipse-che
  namespace: eclipse-che
  resourceVersion: "736485"
  uid: 68fc4e54-e437-497b-a7ee-24264735a6a2
spec:
  components:
    cheServer:
      debug: true
      deployment:
        securityContext: {}
      logLevel: INFO
      proxy: {}
    dashboard:
      deployment:
        securityContext: {}
    database:
      credentialsSecretName: postgres-credentials
      deployment:
        securityContext: {}
      externalDb: true
      postgresDb: dbche
      postgresHostName: database-1-postgres.cq9mxgg86wjj.ap-south-1.rds.amazonaws.com
      postgresPort: "5432"
      pvc: {}
    devWorkspace:
      deployment:
        securityContext: {}
    devfileRegistry:
      deployment:
        securityContext: {}
    imagePuller:
      enable: false
      spec: {}
    metrics:
      enable: true
    pluginRegistry:
      deployment:
        securityContext: {}
  containerRegistry: {}
  devEnvironments:
    defaultNamespace:
      template: <username>-che
    storage:
      pvc: {}
      pvcStrategy: common
    trustedCerts: {}
  networking:
    auth:
      gateway:
        deployment:
          securityContext: {}
      identityProviderURL: https://dex-dchelladurai-chejune15.calatrava.vmware.com
      oAuthClientName: eclipse-che
      oAuthSecret: ZXhhbXBsZS1hcHAtc2VjcmV0
    domain: eclipseche-dchelladurai-chejune15.calatrava.vmware.com
    tlsSecretName: che-tls
status:
  chePhase: Active
  cheURL: https://eclipseche-dchelladurai-chejune15.calatrava.vmware.com
  cheVersion: next
  devfileRegistryURL: https://eclipseche-dchelladurai-chejune15.calatrava.vmware.com/devfile-registry
  gatewayPhase: Established
  pluginRegistryURL: https://eclipseche-dchelladurai-chejune15.calatrava.vmware.com/plugin-registry/v3
  workspaceBaseDomain: eclipseche-dchelladurai-chejune15.calatrava.vmware.com

my dex.yaml configuration

---
apiVersion: v1
kind: Namespace
metadata:
  name: dex
---
apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
    app: dex
  name: dex
  namespace: dex
spec:
  replicas: 1
  selector:
    matchLabels:
      app: dex
  template:
    metadata:
      labels:
        app: dex
    spec:
      serviceAccountName: dex # This is created below
      containers:
      - image: ghcr.io/dexidp/dex:v2.30.0
        name: dex
        command: ["/usr/local/bin/dex", "serve", "/etc/dex/cfg/config.yaml"]

        ports:
        - name: https
          containerPort: 5556

        volumeMounts:
        - name: config
          mountPath: /etc/dex/cfg
        - name: tls
          mountPath: /etc/dex/tls

        env:
        - name: GITHUB_CLIENT_ID
          valueFrom:
            secretKeyRef:
              name: github-client
              key: client-id
        - name: GITHUB_CLIENT_SECRET
          valueFrom:
            secretKeyRef:
              name: github-client
              key: client-secret

        readinessProbe:
          httpGet:
            path: /healthz
            port: 5556
            scheme: HTTPS
      volumes:
      - name: config
        configMap:
          name: dex
          items:
          - key: config.yaml
            path: config.yaml
      - name: tls
        secret:
          secretName: dex.example.com.tls
---
kind: ConfigMap
apiVersion: v1
metadata:
  name: dex
  namespace: dex
data:
  config.yaml: |
    issuer: https://dex-dchelladurai-chejune15.calatrava.vmware.com
    storage:
      type: kubernetes
      config:
        inCluster: true
    web:
      https: 0.0.0.0:5556
      tlsCert: /etc/dex/tls/tls.crt
      tlsKey: /etc/dex/tls/tls.key
    connectors:
    - type: github
      id: github
      name: GitHub
      config:
        clientID: f5108abcdef
        clientSecret: b193d487a4bfe44abcdef
        redirectURI: https://dex-dchelladurai-chejune15.calatrava.vmware.com/callback
        org: kubernetes
    oauth2:
      skipApprovalScreen: true

    staticClients:
    - id: eclipse-che
      redirectURIs:
      - 'https://eclipseche-dchelladurai-chejune15.calatrava.vmware.com/oauth/callback'
      name: 'eclipse-che'
      secret: ZXhhbXBsZS1hcHAtc2VjcmV0
---
apiVersion: v1
kind: Service
metadata:
  name: dex
  namespace: dex
spec:
  type: ClusterIP
  ports:
  - name: dex
    port: 5556
    protocol: TCP
    targetPort: 5556
  selector:
    app: dex
---
apiVersion: v1
kind: ServiceAccount
metadata:
  labels:
    app: dex
  name: dex
  namespace: dex
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  name: dex
rules:
- apiGroups: ["dex.coreos.com"] # API group created by dex
  resources: ["*"]
  verbs: ["*"]
- apiGroups: ["apiextensions.k8s.io"]
  resources: ["customresourcedefinitions"]
  verbs: ["create"] # To manage its own resources, dex must be able to create customresourcedefinitions
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: dex
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: dex
subjects:
- kind: ServiceAccount
  name: dex           # Service account assigned to the dex pod, created above
  namespace: dex  # The namespace dex is running in

Relevant information

No response

Issue Analytics

  • State:closed
  • Created a year ago
  • Comments:9 (3 by maintainers)

github_iconTop GitHub Comments

1reaction
Divine1commented, Jun 17, 2022

@tolusha @sparkoo

below is the custom-certs configmap which i created in eclipse-che namespace as per the [documentation] (https://www.eclipse.org/che/docs/stable/administration-guide/importing-untrusted-tls-certificates/). is this correct?

image

i used below commands to create it

kubectl create configmap custom-certs --from-file=calatrava-ssl/openid-ca.pem -n eclipse-che

kubectl label configmap custom-certs app.kubernetes.io/part-of=che.eclipse.org app.kubernetes.io/component=ca-bundle -n eclipse-che
1reaction
tolushacommented, Jun 17, 2022
Read more comments on GitHub >

github_iconTop Results From Across the Web

500 Internal Server Error | Apigee Edge
The 500 Internal Server error could be caused by an error during the execution of any policy within Edge or by an error...
Read more >
Response to CORS preflight OPTIONS request is 500 Internal ...
The problem you need to solve is, the server you're sending the request to is responding to OPTIONS requests with a 500 Internal...
Read more >
Troubleshoot CORS errors from API Gateway - Amazon AWS
I get the error "No 'Access-Control-Allow-Origin' header is present on the requested resource" when I try to invoke my Amazon API Gateway ...
Read more >
Troubleshooting requests - Postman Learning Center
Postman errors, It's possible that Postman might be making invalid requests to your API server. You can confirm this by checking your server...
Read more >
500 Internal Server Error - HTTP - MDN Web Docs - Mozilla
This error response is a generic "catch-all" response. Usually, this indicates the server cannot find a better 5xx error code to response.
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

Unable to list devworkspaces: devworkspaces.workspace.devfile.io is forbidden: User cannot list resource "devworkspaces" in API group "workspace.devfile.io" in the namespace

Next page

failed to discover OIDC configuration: unexpected status "400" - che-gateway