Git Integration for Jira Self-Managed (Data Center/Server) Documentation

Contact Support
GitKraken Status  

Why I am getting the error, “git-upload-pack not permitted”?

You are getting this error because of wrong login credentials or a permission issue.

What’s on this page:

 


 

Having Invalid Credentials

The most common cause is a wrong login credentials input.

REPOSITORY LEVEL Go to the Manage Git repositories configuration list. Select  Actions for a particular repository then Edit repository settings.


Check the repository properties for the Username and Password/PAT fields and verify that they are filled with correct values. Retype login credentials just to make sure and save the settings.

INTEGRATION LEVEL Go to the Manage Git repositories configuration list. Select Actions for a particular repository then Edit integration connection settings.


Check the integration properties for the Username and Password/PAT fields and verify that they are filled with correct values. Retype login credentials just to make sure and save the settings.

 

Not Having Enough Access Permissions

The other cause is not having enough access permissions to clone repositories. Try to clone a repository via the git client console using the correct <JIRA_user> on a Jira server. If an error is raised, the Git Integration for Jira app will also do the same.

To install Git Integration for Jira app and clone a repository:

  1. Go to your Jira server.

  2. Install the git client: sudo apt-get install git or sudo yum install git.

  3. Verify the correct <JIRA_user> (Go to Jira Administration ➜ System ➜ System Info. Scroll to User NameHow?).

  4. Re-login as <JIRA_user>

  5. Run git clone http://<your-repo>/

The command should be successful. If not, ask your administrator to setup your environment.

 

Using Proxies

If you are using proxy, configure your Jira with the following parameter format:

Dhttp.proxyHost=<your-proxy-host>
Dhttps.proxyHost=<your-proxy-host>
Dhttp.proxyPort=<your-proxy-port>
Dhttps.proxyPort=<your-proxy-port>
Dhttp.proxyUser=*****
Dhttps.proxyUser=*****
Dhttp.proxyPassword=*****
Dhttps.proxyPassword=*****
Dhttp.nonProxyHosts=*.some.mask|localhost|1.1.1.1<someIP>
Dhttps.nonProxyHosts=*.some.mask|localhost|1.1.1.1<someIP>

Enter <your-git-server-host> to nonProxyHosts entries.

 

Examining Logs and Errors

To get a better view of the cause of the error:

  • See the debug logs of the jgit library in Jira generated during cloning/re-indexing of your repository.

    Enable debug logging for jgit library in Jira:

    1. Go to Jira Administration ➜ System.

    2. On the sidebar, under System Support, click Logging and profiling.

    3. Scroll down to the Default Loggers section, then click Configure.

    4. Enter org.apache.http for Package Name then set Logging Level to DEBUG.

    5. Click Add to add this configuration to the Debug Loggers list.

     

    Collect logs generated during reindex of your repository:

    1. Write down the current time right before doing a reindex – let’s call it time1.

    2. Do a reindex for your integration/repository via dashboard menu Git ➜ Manage repositories ➜Actions ➜ Reindex integration/repository.

    3. After the reindex is complete, write down the current time – let’s call it time2.

    4. Collect logs created between time1 and time2.

  • See the verbose logs of successful clone of your repository cloned by the console git client.

    • From the command line, run set GIT_CURL_VERBOSE=1

    • Do a git clone of the affected repository git clone http://<your-repo>.

 

The output is a verbose log of this process.

Compare the debug and the verbose logs and see the difference between them or send us both logs to [email protected] for in-depth review.

Examine used authentication schemes. If you are seeing Basic authentication, you can verify that the right login credentials are passed.

 

How to find supported authentication schemes?

Below is an example of the debug logs of the jgit library in JIRA generated during cloning/re-indexing of your repository:

...
2016-10-24 19:46:21,504 xiplink-gitplugin-RevisionIndexerImpl:thread - 0 DEBUG      [http.impl.client.TargetAuthenticationStrategy] Authentication schemes in the order of preference: [Negotiate, Kerberos, NTLM, Digest, Basic]
2016-10-24 19:46:21,504 xiplink-gitplugin-RevisionIndexerImpl:thread - 0 DEBUG      [http.impl.client.TargetAuthenticationStrategy] Challenge for Negotiate authentication scheme not available
2016-10-24 19:46:21,504 xiplink-gitplugin-RevisionIndexerImpl:thread - 0 DEBUG      [http.impl.client.TargetAuthenticationStrategy] Challenge for Kerberos authentication scheme not available
2016-10-24 19:46:21,504 xiplink-gitplugin-RevisionIndexerImpl:thread - 0 DEBUG      [http.impl.client.TargetAuthenticationStrategy] Challenge for NTLM authentication scheme not available
2016-10-24 19:46:21,504 xiplink-gitplugin-RevisionIndexerImpl:thread - 0 DEBUG      [http.impl.client.TargetAuthenticationStrategy] Challenge for Digest authentication scheme not available
2016-10-24 19:46:21,504 xiplink-gitplugin-RevisionIndexerImpl:thread - 0 DEBUG      [http.client.protocol.RequestAddCookies] CookieSpec selected: default
...

In this case, the Basic authentication was used because all other authentication methods have been rejected.

 

How to find login credentials used in Basic authentication?

Below is another example of the debug logs of the jgit library in JIRA generated during cloning/re-indexing of your repository:

...
2016-10-24 19:46:21,504 xiplink-gitplugin-RevisionIndexerImpl:thread - 0 DEBUG      [org.apache.http.headers] http-outgoing-9 >> GET /<your-git-server-url>/<your-repo-name>.git/info/refs?service=git-upload-pack HTTP/1.1
2016-10-24 19:46:21,504 xiplink-gitplugin-RevisionIndexerImpl:thread - 0 DEBUG      [org.apache.http.headers] http-outgoing-9 >> Accept-Encoding: gzip
2016-10-24 19:46:21,504 xiplink-gitplugin-RevisionIndexerImpl:thread - 0 DEBUG      [org.apache.http.headers] http-outgoing-9 >> Pragma: no-cache
2016-10-24 19:46:21,504 xiplink-gitplugin-RevisionIndexerImpl:thread - 0 DEBUG      [org.apache.http.headers] http-outgoing-9 >> User-Agent: JGit/unknown
2016-10-24 19:46:21,519 xiplink-gitplugin-RevisionIndexerImpl:thread - 0 DEBUG      [org.apache.http.headers] http-outgoing-9 >> Authorization: Basic amlyYTpqaXJhcGFzc3dvcmQ=
2016-10-24 19:46:21,519 xiplink-gitplugin-RevisionIndexerImpl:thread - 0 DEBUG      [org.apache.http.headers] http-outgoing-9 >> Accept: application/x-git-upload-pack-advertisement, */*
2016-10-24 19:46:21,519 xiplink-gitplugin-RevisionIndexerImpl:thread - 0 DEBUG      [org.apache.http.headers] http-outgoing-9 >> Host: 123.123.123.123
2016-10-24 19:46:21,519 xiplink-gitplugin-RevisionIndexerImpl:thread - 0 DEBUG      [org.apache.http.headers] http-outgoing-9 >> Connection: Keep-Alive
...

From the above log:

  1. Find the header, Authorization.

  2. In the example it contains Basic amlyYTpqaXJhcGFzc3dvcmQ=, where amlyYTpqaXJhcGFzc3dvcmQ= is the login credentials encoded in base64. Decode the base64 string using any online decoder. Result: jira:jirapassword.

  3. Verify that jira is the expected username and jirapassword is the expected password.

Contact us
If you still have a question – reach out to our Support Desk or email us at [email protected].

 

More articles about troubleshooting, workarounds and solutions

Why I am getting the error, “git-upload-pack not permitted”? (this page)

Avoid OutOfMemory exceptions by configuring or memory allocation with Jira to accommodate large repositories

Cannot auto-deploy some tracked repositories: Specified origin is incorrect or not supported

Connection Reset when Accessing the Database

“Dangerous use of multiple connections” error on local database

Duplicate entry 0 for key PRIMARY exceptions in log

Error while reindexing – Java heap space / Object too large, rejecting the pack

Gitolite integration: Why the Git integration app not see the master branch?

Health Check: Database Collation

Indexing error – Too many open files

Installation fails when installing manually

Jira index error: IndexNotFoundException: no segments* file found

Malformed input or input contains unmappable characters

Personal access token failing Azure DevOps integration with Not Authorized error

Problems with shared home on Azure Storage

Pull request index error: org.json.JSONException

Repositories missing from Azure DevOps integration

“Service proxy has been destroyed” exceptions in log

SQLException ‘Incorrect string value’ in merge requests

SSH key file format is invalid

TFS – Not authorized exception when Jira works thru proxy

Unexpected exception parsing XML document from URL error in log

Why don’t I see the Create Branch or Pull Request features?

Your token has not been granted the required scopes

When a GIJ license expires, it shows up as a session error to the user

edDSA provider not supported WARN in logs

Have feedback about this article? Did we miss something? Let us know!
On this page