Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Cannot log in with GitLab self-hosted #48

Open
lexi-o99 opened this issue Nov 14, 2024 · 6 comments
Open

Cannot log in with GitLab self-hosted #48

lexi-o99 opened this issue Nov 14, 2024 · 6 comments

Comments

@lexi-o99
Copy link

lexi-o99 commented Nov 14, 2024
edited
Loading

I am having issues logging in with GitLab self-hosted, this issue might be the same as #34 however I'm not too sure as they didn't provide logs.

I have created the app in GitLab and that all works okay (after changing the redirect URI as mentioned in #34) the issue is when GitLab sends me back to my CodeCov instance.

I am using Traefik as a proxy so there may me issues there related to information, such as headers, not being passed through properly. When I'm redirected to CodeCov with the token I get a JSON 500 error page and the following logs;

gateway-1    | 192.168.0.1:38462 [14/Nov/2024:12:56:36.445] http be_default/s1 0/0/10/8/18 304 196 - - ---- 1/1/0/0/0 0/0 "GET / HTTP/1.1"
api-1        | /usr/local/lib/python3.12/site-packages/cerberus/validator.py:1666: UserWarning: No validation schema is defined for the arguments of rule 'check_aggregation_fields'
api-1        |   warn(
api-1        | {"message": "GraphQL Request", "asctime": "2024-11-14 12:56:41,893", "name": "graphql_api.views", "levelname": "INFO", "lineno": 243, "pathname": "/app/graphql_api/views.py", "funcName": "post", "threadName": "ThreadPoolExecutor-1_0", "taskName": "Task-1", "server_hostname": "8020834738cb", "request_method": "POST", "request_path": "/graphql/gh", "request_body": {"query": "query GetLoginProviders { config { loginProviders } }", "variables": {}}, "user": "AnonymousUser", "utctime": "2024-11-14T12:56:41.893000", "logger.name": "graphql_api.views", "logger.thread_name": "ThreadPoolExecutor-1_0", "level": "INFO"}
api-1        | {"message": "[GQL Rate Limit] - Setting new key", "asctime": "2024-11-14 12:56:41,897", "name": "graphql_api.views", "levelname": "INFO", "lineno": 354, "pathname": "/app/graphql_api/views.py", "funcName": "_check_ratelimit", "threadName": "ThreadPoolExecutor-1_0", "taskName": "Task-1", "key": "rl-ip:92.236.200.137", "user_id": null, "utctime": "2024-11-14T12:56:41.897000", "logger.name": "graphql_api.views", "logger.thread_name": "ThreadPoolExecutor-1_0", "level": "INFO"}
gateway-1    | 192.168.0.1:38462 [14/Nov/2024:12:56:37.950] http be_api/s1 0/0/1/3954/3955 200 952 - - ---- 1/1/0/0/0 0/0 "POST /graphql/gh HTTP/1.1"
api-1        | {"h": "192.168.0.8", "t": "[14/Nov/2024:12:56:41 +0000]", "r": "POST /graphql/gh HTTP/1.1", "s": "200", "b": "63", "f": "https://codecov.nps.onl/", "a": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 OPR/114.0.0.0", "taskName": null}
api-1        | {"message": "Gitlab oauth with scope: 'api'", "asctime": "2024-11-14 12:56:48,360", "name": "codecov_auth.views.gitlab", "levelname": "INFO", "lineno": 46, "pathname": "/app/codecov_auth/views/gitlab.py", "funcName": "get_url_to_redirect_to", "threadName": "MainThread", "taskName": null, "utctime": "2024-11-14T12:56:48.360000", "logger.name": "codecov_auth.views.gitlab", "logger.thread_name": "MainThread", "level": "INFO"}
gateway-1    | 192.168.0.1:38462 [14/Nov/2024:12:56:48.330] http be_api/s1 0/0/1/113/114 302 1231 - - ---- 1/1/0/0/0 0/0 "GET /login/gle HTTP/1.1"
api-1        | {"h": "192.168.0.8", "t": "[14/Nov/2024:12:56:48 +0000]", "r": "GET /login/gle HTTP/1.1", "s": "302", "b": "0", "f": "https://codecov.nps.onl/", "a": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 OPR/114.0.0.0", "taskName": null}
api-1        | {"message": "GitLab HTTP 200", "asctime": "2024-11-14 12:56:49,660", "name": "shared.torngit.gitlab", "levelname": "INFO", "lineno": 449, "pathname": "/usr/local/lib/python3.12/site-packages/shared/torngit/gitlab.py", "funcName": "fetch_and_handle_errors", "threadName": "ThreadPoolExecutor-2_0", "taskName": "Task-4", "body": null, "utctime": "2024-11-14T12:56:49.660000", "logger.name": "shared.torngit.gitlab", "logger.thread_name": "ThreadPoolExecutor-2_0", "level": "INFO"}
api-1        | {"message": "GitLab HTTP 200", "asctime": "2024-11-14 12:56:50,277", "name": "shared.torngit.gitlab", "levelname": "INFO", "lineno": 449, "pathname": "/usr/local/lib/python3.12/site-packages/shared/torngit/gitlab.py", "funcName": "fetch_and_handle_errors", "threadName": "ThreadPoolExecutor-2_0", "taskName": "Task-4", "body": null, "event": "api", "endpoint": "/user", "method": "get", "bot": null, "utctime": "2024-11-14T12:56:50.277000", "logger.name": "shared.torngit.gitlab", "logger.thread_name": "ThreadPoolExecutor-2_0", "level": "INFO"}
api-1        | {"message": "GitLab HTTP 200", "asctime": "2024-11-14 12:56:50,983", "name": "shared.torngit.gitlab", "levelname": "INFO", "lineno": 449, "pathname": "/usr/local/lib/python3.12/site-packages/shared/torngit/gitlab.py", "funcName": "fetch_and_handle_errors", "threadName": "ThreadPoolExecutor-2_0", "taskName": "Task-4", "body": null, "event": "api", "endpoint": "/groups", "method": "GET", "bot": null, "utctime": "2024-11-14T12:56:50.983000", "logger.name": "shared.torngit.gitlab", "logger.thread_name": "ThreadPoolExecutor-2_0", "level": "INFO"}
api-1        | {"message": "Compute Engine Metadata server unavailable on attempt 1 of 3. Reason: timed out", "asctime": "2024-11-14 12:56:54,073", "name": "google.auth.compute_engine._metadata", "levelname": "WARNING", "lineno": 141, "pathname": "/usr/local/lib/python3.12/site-packages/google/auth/compute_engine/_metadata.py", "funcName": "ping", "threadName": "MainThread", "taskName": null, "utctime": "2024-11-14T12:56:54.073000", "logger.name": "google.auth.compute_engine._metadata", "logger.thread_name": "MainThread", "level": "WARNING"}
api-1        | {"message": "Compute Engine Metadata server unavailable on attempt 2 of 3. Reason: timed out", "asctime": "2024-11-14 12:56:57,075", "name": "google.auth.compute_engine._metadata", "levelname": "WARNING", "lineno": 141, "pathname": "/usr/local/lib/python3.12/site-packages/google/auth/compute_engine/_metadata.py", "funcName": "ping", "threadName": "MainThread", "taskName": null, "utctime": "2024-11-14T12:56:57.075000", "logger.name": "google.auth.compute_engine._metadata", "logger.thread_name": "MainThread", "level": "WARNING"}
api-1        | {"message": "Compute Engine Metadata server unavailable on attempt 3 of 3. Reason: timed out", "asctime": "2024-11-14 12:57:00,077", "name": "google.auth.compute_engine._metadata", "levelname": "WARNING", "lineno": 141, "pathname": "/usr/local/lib/python3.12/site-packages/google/auth/compute_engine/_metadata.py", "funcName": "ping", "threadName": "MainThread", "taskName": null, "utctime": "2024-11-14T12:57:00.077000", "logger.name": "google.auth.compute_engine._metadata", "logger.thread_name": "MainThread", "level": "WARNING"}
api-1        | {"message": "Authentication failed using Compute Engine authentication due to unavailable metadata server.", "asctime": "2024-11-14 12:57:00,078", "name": "google.auth._default", "levelname": "WARNING", "lineno": 340, "pathname": "/usr/local/lib/python3.12/site-packages/google/auth/_default.py", "funcName": "_get_gce_credentials", "threadName": "MainThread", "taskName": null, "utctime": "2024-11-14T12:57:00.078000", "logger.name": "google.auth._default", "logger.thread_name": "MainThread", "level": "WARNING"}
api-1        | {"message": "Internal Server Error: /login/gle", "asctime": "2024-11-14 12:57:00,082", "name": "django.request", "levelname": "ERROR", "lineno": 241, "pathname": "/usr/local/lib/python3.12/site-packages/django/utils/log.py", "funcName": "log_response", "threadName": "MainThread", "exc_info": "Traceback (most recent call last):\n  File \"/usr/local/lib/python3.12/site-packages/django/db/models/query.py\", line 916, in get_or_create\n    return self.get(**kwargs), False\n           ^^^^^^^^^^^^^^^^^^\n  File \"/usr/local/lib/python3.12/site-packages/django/db/models/query.py\", line 637, in get\n    raise self.model.DoesNotExist(\nshared.django_apps.codecov_auth.models.Owner.DoesNotExist: Owner matching query does not exist.\n\nDuring handling of the above exception, another exception occurred:\n\nTraceback (most recent call last):\n  File \"/usr/local/lib/python3.12/site-packages/django/core/handlers/exception.py\", line 55, in inner\n    response = get_response(request)\n               ^^^^^^^^^^^^^^^^^^^^^\n  File \"/usr/local/lib/python3.12/site-packages/django/core/handlers/base.py\", line 197, in _get_response\n    response = wrapped_callback(request, *callback_args, **callback_kwargs)\n               ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^\n  File \"/usr/local/lib/python3.12/site-packages/django/views/generic/base.py\", line 104, in view\n    return self.dispatch(request, *args, **kwargs)\n           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^\n  File \"/usr/local/lib/python3.12/site-packages/django/views/generic/base.py\", line 143, in dispatch\n    return handler(request, *args, **kwargs)\n           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^\n  File \"/app/codecov_auth/views/gitlab.py\", line 98, in get\n    return self.actual_login_step(request)\n           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^\n  File \"/app/codecov_auth/views/gitlab.py\", line 78, in actual_login_step\n    user = self.get_and_modify_owner(user_dict, request)\n           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^\n  File \"/app/codecov_auth/views/base.py\", line 265, in get_and_modify_owner\n    upserted_orgs = [self.get_or_create_org(org) for org in formatted_orgs]\n                     ^^^^^^^^^^^^^^^^^^^^^^^^^^^\n  File \"/app/codecov_auth/views/base.py\", line 186, in get_or_create_org\n    owner, was_created = Owner.objects.get_or_create(\n                         ^^^^^^^^^^^^^^^^^^^^^^^^^^^^\n  File \"/usr/local/lib/python3.12/site-packages/django/db/models/manager.py\", line 87, in manager_method\n    return getattr(self.get_queryset(), name)(*args, **kwargs)\n           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^\n  File \"/usr/local/lib/python3.12/site-packages/django/db/models/query.py\", line 923, in get_or_create\n    return self.create(**params), True\n           ^^^^^^^^^^^^^^^^^^^^^\n  File \"/usr/local/lib/python3.12/site-packages/django/db/models/query.py\", line 658, in create\n    obj.save(force_insert=True, using=self.db)\n  File \"/usr/local/lib/python3.12/site-packages/shared/django_apps/codecov_auth/models.py\", line 395, in save\n    super().save(*args, **kwargs)\n  File \"/usr/local/lib/python3.12/site-packages/django/db/models/base.py\", line 814, in save\n    self.save_base(\n  File \"/usr/local/lib/python3.12/site-packages/model_utils/tracker.py\", line 343, in inner\n    return original(instance, *args, **kwargs)\n           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^\n  File \"/usr/local/lib/python3.12/site-packages/django/db/models/base.py\", line 892, in save_base\n    post_save.send(\n  File \"/usr/local/lib/python3.12/site-packages/django/dispatch/dispatcher.py\", line 177, in send\n    (receiver, receiver(signal=self, sender=sender, **named))\n               ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^\n  File \"/app/codecov_auth/signals.py\", line 53, in update_owner\n    ShelterPubsub.get_instance().publish(data)\n    ^^^^^^^^^^^^^^^^^^^^^^^^^^^^\n  File \"/app/utils/shelter.py\", line 22, in get_instance\n    cls._instance = cls()\n                    ^^^^^\n  File \"/app/utils/shelter.py\", line 27, in __init__\n    self.pubsub_publisher = pubsub_v1.PublisherClient()\n
         ^^^^^^^^^^^^^^^^^^^^^^^^^^^\n  File \"/usr/local/lib/python3.12/site-packages/google/cloud/pubsub_v1/publisher/client.py\", line 139, in __init__\n    super().__init__(**kwargs)\n  File \"/usr/local/lib/python3.12/site-packages/google/pubsub_v1/services/publisher/client.py\", line 492, in __init__\n    self._transport = Transport(\n                      ^^^^^^^^^^\n  File \"/usr/local/lib/python3.12/site-packages/google/pubsub_v1/services/publisher/transports/grpc.py\", line 153, in __init__\n    super().__init__(\n  File \"/usr/local/lib/python3.12/site-packages/google/pubsub_v1/services/publisher/transports/base.py\", line 104, in __init__\n    credentials, _ = google.auth.default(\n                     ^^^^^^^^^^^^^^^^^^^^\n  File \"/usr/local/lib/python3.12/site-packages/google/auth/_default.py\", line 692, in default\n    raise exceptions.DefaultCredentialsError(_CLOUD_SDK_MISSING_CREDENTIALS)\ngoogle.auth.exceptions.DefaultCredentialsError: Your default credentials were not found. To set up Application Default Credentials, see https://cloud.google.com/docs/authentication/external/set-up-adc for more information.", "taskName": null, "status_code": 500, "request": "<WSGIRequest: GET '/login/gle?code=<code>&state=<state>'>", "utctime": "2024-11-14T12:57:00.082000", "logger.name": "django.request", "logger.thread_name": "MainThread", "level": "ERROR"}
api-1        | {"h": "192.168.0.8", "t": "[14/Nov/2024:12:57:00 +0000]", "r": "GET /login/gle?code=<code>&state=<state> HTTP/1.1", "s": "500", "b": "31", "f": "https://gitlab.nps.onl/", "a": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 OPR/114.0.0.0", "taskName": null}
gateway-1    | 192.168.0.1:38462 [14/Nov/2024:12:56:49.341] http be_api/s1 0/0/0/10825/10825 500 853 - - ---- 1/1/0/0/0 0/0 "GET /login/gle?code=<code>&state=<state> HTTP/1.1"

I can see it's erroring due to missing Google Cloud credentials. Should these be in the image?
@Alexsaphir
Copy link

I think they fixed it 👏

@Amir1453
Copy link

Amir1453 commented Dec 8, 2024

I am having the same exact problem, I changed the Redirect URI to gle instead of gitlab_enterprises, which brought me to the authentication window, but then I get missing Google Cloud credentials errors in my logs.

@Wazabiii
Copy link

Wazabiii commented Dec 9, 2024

In your docker-compose.yml
Try adding this environment variable for the worker and api services:

[...]
api:
    image: codecov/self-hosted-api:latest-calver #note: this is for setup purposes only, be sure to pin to the latest release from our changelog: https://docs.codecov.io/changelog
    environment:
      - PUBSUB_EMULATOR_HOST=localhost
[...]
worker:
    image: codecov/self-hosted-worker:latest-calver #note: this is for setup purposes only, be sure to pin to the latest release from our changelog: https://docs.codecov.io/changelog
    environment:
      - PUBSUB_EMULATOR_HOST=localhost

@disberd
Copy link

disberd commented Dec 11, 2024

Doing what @Wazabiii suggested remove the google auth error, but i brings me back to simply redirecting to the main login page :(

@BohdanK-W32
Copy link

@Wazabiii, you're a lifesaver! Thanks, it's working now, it was a last broken thing.

If I'll have more free time, I'll publish our repo with a complete configuration on @zapal-tech. But if not, I'll be ready to help anyone who struggles a few days with setup and horrible, unmaintained documentation.

@lexi-o99
Copy link
Author

@Wazabiii You're the best. Thank you!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@Alexsaphir @Wazabiii @disberd @BohdanK-W32 @lexi-o99 @Amir1453