-
Notifications
You must be signed in to change notification settings - Fork 108
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix gitlab v15 token refresh #596
base: master
Are you sure you want to change the base?
Conversation
Codecov Report
@@ Coverage Diff @@
## master #596 +/- ##
=========================================
Coverage 99.16% 99.16%
- Complexity 1910 1912 +2
=========================================
Files 301 301
Lines 6072 6078 +6
=========================================
+ Hits 6021 6027 +6
Misses 51 51
Continue to review full report at Codecov.
|
For this, an additional migrate task would be required. |
interesting find and fix, is creating/register a new user from "oauth" still possible? |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
looks good to me, but please fix the redirect_route
@@ -11,7 +11,7 @@ knpu_oauth2_client: | |||
type: gitlab | |||
client_id: '%env(OAUTH_GITLAB_CLIENT_ID)%' | |||
client_secret: '%env(OAUTH_GITLAB_CLIENT_SECRET)%' | |||
redirect_route: register_gitlab_check | |||
redirect_route: package_gitlab_check |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is it still possible to register a user with oauth flow? (route: register_gitlab_check (\Buddy\Repman\Controller\OAuth\GitLabController::registerCheck
) will create/login users \Buddy\Repman\Controller\OAuth\OAuthController::createAndAuthenticateUser
edit:
this breaks the initial redirect to create the user
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
To keep the redirect_url the same in the initial request for the oauth token which is stored and for the token refresh, i changed the config here.
I changed the route for registration to the register_gitlab_check in d22367b
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
👍
🆙 please |
Hi, |
+1. Updated code with these changes and I'm able to synchronize packages again. Thanks @KSauter and @Fahl-Design for addressing this! [edit] |
Stumbled upon this PR after I got errors in repman after upgrading to gitlab 15.1.
Anyone else experiencing this? |
The error from gitlab is:
|
We've just upgraded our GitLab to 15.x as well and are also seeing these issues. Yesterday I was able to fix it by adding an expires timestamp (might want to set a date by default in the next version). But are also now seeing the @temp / @KSauter / @babbassp do we need more work on this PR to get everything working? Or can we see if this one can be merged already, and create a new PR for other issues regarding the token refreshing for GitLab? |
@xvilo like I stated in this thread (or another one? don't know), the PR works, but for us it still requires manual intervention. |
@temp are you sure that you are running the newest version of this MR? It works for me since Jun without any manual steps. @xvilo if you set the expire date before you applied this patch, the refreshed tokens in your databare are broken. Please test if applying this patch and deleting the tokens from the DB will help. You have to go to the "app package" => "Gitlab" process to generate a new token after you updated everyting. |
@KSauter doh. I really had an error in the changed files. Will report later if it works now. |
So, to add, on 31 Aug 2022 we started using this branch (custom deployed fork on Kubernetes). Which, after removing the OAuth tokens from DB worked fine again. HOWEVER, I'm currently looking at it (around 2 days later) and seeing these again: I suspect this PR is not fully ready yet, so this might confirm @temp's suspicions |
Hey, when i reboot all the virtual machine of repman (Installation with ansible) the error with token will apear an another time, and i need to clear the user_oauth_token tabke again and retry the authentification with gitlab and it work again |
Confirmed @slappyslap comment.
|
@f3l1x Thx for the workaround. For people like me, running this in docker, there is a simple way to run the query using the console: bin/console doctrine:query:sql "<QUERY HERE>" |
Seems to work fine for 55 days |
Any update ? |
1 similar comment
Any update ? |
I still have a problem, when i reboot the VM (ansible install), i need to clear the token and reconnect to gitlab every reboot, but i'm not able to reproduce this locally on my mac, I'm going to investigate with clone of the VM |
Hi folks, how do we get this merged? /cc @akondas |
This bug is awfully annoying. We keep running into this on an near to every day basis. Is there any way we can speed this up here? Does this PR work with the current code base? If so, why can't we merge it? |
AFAIK @akondas is the only one with write access, and he seems to have stopped responding on any issue or PR. We can create a fork and apply the patches ourselves, but this will only help with self-hosted instances of Repman |
Nice project, but we are using Packeton with GitLab synchronization and merge request review feature. But it would be nice to have this features here too. |
We plan to switch to packeton too, any tips for me ?
Le ven. 28 juil. 2023 à 16:01, konanado ***@***.***> a écrit :
… Nice project, but we are using Packeton
<https://github.com/vtsykun/packeton> with GitLab synchronization and
merge request review feature. But it would be nice to have this features
here too.
—
Reply to this email directly, view it on GitHub
<#596 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/ADTZEPZSVIKZ44E553ARI3DXSPA4ZANCNFSM5ZJPSIOA>
.
You are receiving this because you were mentioned.Message ID:
***@***.***>
|
It seems Packaton is not easy to scale horizontally, as there is no option to save package dists to S3, they need to be on disk. So doing this, requiring something like NFS shares or |
It's really weird, it did work for quite a while. But since a week or two (no update on GitLab's side) it's not working anymore and we manually have to create a new token. I'm a bit confused by this TBH |
Just to leave this here: Packeton is really easy to setup. We have a setup where we run the docker version behind Caddy as a reverse proxy. Took me round about 2 hours to figure everything out + get it running. Sad to see Repman go, but it just got too annoying to revive the token every 2 days. |
any update? |
I'd like to point out that:
|
No description provided.