Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

gh-ci-scale-up ERROR: A JSON web token could not be decoded #4429

Closed
lpossamai opened this issue Feb 19, 2025 · 1 comment
Closed

gh-ci-scale-up ERROR: A JSON web token could not be decoded #4429

lpossamai opened this issue Feb 19, 2025 · 1 comment

Comments

@lpossamai
Copy link

Hey,

I've got the same issue as previously reported here.

{
    "level": "WARN",
    "message": "Ignoring error: HttpError: A JSON web token could not be decoded - https://docs.github.com/rest",
    "sampling_rate": 0,
    "service": "runners-scale-up",
    "timestamp": "2025-02-19T02:05:17.258Z",
    "xray_trace_id": "",
    "region": "ap-southeast-2",
    "environment": "cicd-linux-x64-ubuntu",
    "aws-request-id": "",
    "function-name": "cicd-linux-x64-ubuntu-scale-up",
    "module": "lambda.ts"
}

I'm using the multi-runner module (latest version), and this is what I've done so far:

  1. Got the module deployed + Github App (organization level)
  2. Added the Webhook + secret (secret taken from SSM Parameter, couldn't find it in the output)
  3. installed the app organization side with workflow-job subscription to events

Troubleshooting / what I've tried:

  1. Can see the new events on GH Apps page coming in

Image

  1. In the /aws/lambda/cicd-webhook logs, I can see the webhook is working
sending message to SQS: {\"QueueUrl\":\"https://sqs.ap-southeast-2.amazonaws.com/XXXXXXXX/cicd-linux-x64-ubuntu-queued-builds

"message": "Successfully dispatched job for ploreco/PageBuilder to the queue https://sqs.ap-southeast-2.amazonaws.com/XXXXXXXX/cicd-linux-x64-ubuntu-queued-builds"
  1. The output of cat app.private-key.pem | base64 is provided to the module like this:
github_app = {
    id             = var.github_app.id
    key_base64     = var.github_app.key_base64
    webhook_secret = random_id.webhook_secret.hex
  }

github_app.key_base64 is a variable that is being used as a string (for now, hopefully #4420 is implemented :))

github_app = {
  id         = "612913"
  key_base64 = "LS0tLS1CRUdK..........."
}

I'll continue to troubleshoot on my side and update this issue with further details.

Thanks!
@lpossamai
Copy link
Author

OK, I found the issue. Maybe I'm too dumb, but the documentation states:

On the General page, make a note of the "App ID" and "Client ID" parameters.
Generate a new private key and save the app.private-key.pem file.

I didn't realized that but the private key is actually the one from Github, in the Github App:

Image

Then, cat app.private-key.pem | base64.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@lpossamai