This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Get hands-on experience with 20+ free Google Cloud products and $300 in free credit for new customers.
Log in to ask a question

Dataform connection to GitHub showing "computation of the authentication status" error

Posted on 09-11-2024 12:21 PM
du-jw
Bronze 1
Bronze 1
Reply posted on --/--/---- --:-- AM
I'm having some issues setting up Dataform for the first time and connecting to a GitHub repo via SSH. I've followed the steps to Connect to a third-party Git repository but in the Dataform console page I'm getting this error: "An error occurred during computation of the authentication status".
 
I have confirmed the following:
- My generated public key is uploaded to GitHub
- Using GitHub's public host key (ed25519) in this format:
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOMqqnkVzrm0SdG6UOoqKLsabgH5C9okWi0dh2l9GKJl
- Using the generated private key, stored in a secret in this format:
-----BEGIN OPENSSH PRIVATE KEY-----
<private key>
-----END OPENSSH PRIVATE KEY-----
- The default Dataform service account is granted roles/secretmanager.secretAccessor on the secret
- There are no restrictions on the dataform.restrictGitRemotes org policy (Allowed = all)
 
previously had the "We are unable to connect to your Git provider with the configured credentials" error, which was because I incorrectly used my generated public key.
0 3 423
Topic Labels
0 Likes
3 REPLIES 3

Posted on --/--/---- --:-- AM
jangemmar
Staff
Reply posted on --/--/---- --:-- AM

Hi @du-jw,

Welcome to Google Cloud Community!

The error “An error occurred during computation of the authentication status” message suggests that there is an access issue between your GitHub repository and Dataform. Here are the possible workarounds to isolate the issue:

  • Make sure you’re using the latest version of the secret containing the correct private key and it is not expired.
  • Double-check the extra spaces or line breaks within your secret value. Even the slightest whitespace within the secret value can cause problems.
  • While you mentioned the service account has correct access, ensure these permissions are at the correct project level where the secret is stored. Verify that no other IAM constraints are blocking the access.
  • Ensure you don’t have any firewall rules blocking port 22 (SSH) within your project.

Also, try to examine the Dataform logs in Cloud Logging for more specific error messages. Search for logs related to Git or authentication around the time you tried to connect.

In addition, here are the Secret Manager best practices for your reference.

I hope the above information is helpful.

0 Likes

Posted on --/--/---- --:-- AM
du-jw
Bronze 1
Bronze 1
In response to jangemmar
Reply posted on --/--/---- --:-- AM

Thank you for the suggestions. I tried the following, none of which resolved the error unfortunately.

  • Updated the secret once again, ensuring the private key was uploaded in the exact format it was generated. I was able to SSH to GitHub from my desktop using this key, so I know it's valid.
  • Confirmed that the Dataform service account is granted roles/secretmanager.secretAccessor at the project level, in the same project as the secret. When I go to the secret and open the Permissions tab, I do see the service account listed with that role applied.
  • Confirmed there are no firewall rules blocking port 22 in the project (and in GitHub we do not have any IP block/allowlist rules). There are also no Deny Policies that would prevent secret access. 

Also worth noting, I tried configuring the GitHub connection using HTTPS instead, following the steps listed here, which did not change the error, so this leads me to believe the format of the key/secret value itself is not the issue.

I browsed the logs for any other clues, but did not find anything (aside from the aforementioned repository updates) when filtering on "resource.labels.service="dataform.googleapis.com".

Eager to hear any other suggestions you may have, thanks.

0 Likes

Posted on --/--/---- --:-- AM
du-jw
Bronze 1
Bronze 1
Reply posted on --/--/---- --:-- AM

I've found the issue and now the repo connection is working. Because the GitHub repo (and account) I'm using are part of an organization that uses SAML SSO, there is an additional required step of authorizing the SSH key after it is uploaded to GitHub, by clicking Configure SSO -> Authorize. Documentation and a screenshot are found here. After doing so, the Dataform connection settings had to be refreshed (Edit Git Connection -> Update) in order for it to attempt the connection again.

0 Likes