Bug 256574 - www/gitlab-pages: Not able to connect to gitlab API using secret
Summary: www/gitlab-pages: Not able to connect to gitlab API using secret
Status: Closed Not A Bug
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Only Me
Assignee: Steve Wills
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2021-06-13 11:48 UTC by fulder
Modified: 2021-08-29 19:06 UTC (History)
0 users

See Also:
bugzilla: maintainer-feedback? (swills)


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description fulder 2021-06-13 11:48:15 UTC

    
Comment 1 Mark Linimon freebsd_committer freebsd_triage 2021-06-13 11:58:31 UTC
^Triage: to submitter: we need more information.
Comment 2 fulder 2021-06-13 12:01:30 UTC
Hello,

I've been trying to install the "gitlab-ce" port which has a dependency to the gitlab-pages. 

After a fresh install I first got an error message about not present "shared/pages" folder:

level=fatal msg="could not change directory into pagesRoot" error="chdir shared/pages: no such file or directory"

Simply creating it in the ${gitlab_pages_dir} solved the problem, but then I instead got the warning:

level=warning msg="failed to initialize GitLab client for `-domain-config-source=auto`" error="GitLab API URL or API secret has not been provided"

Checking the gitlab-pages service I first noticed the startcmd function uses a variable not defined in the service file at all: ${gitlab_pages_args}. In order to be able to configure the pages daemon I set it to gitlab_pages_args="-config ${gitlab_pages_dir}/config.ini" and created this config file with the following content:

internal-gitlab-server=http://<MY_LOCAL_IP>
api-secret-key=/usr/local/www/gitlab-ce/.gitlab_shell_secret

restarting the service now instead gives me the error message:
level=fatal msg="Failed to load config" error="expected 32 bytes GitLab API secret but got 24 bytes

Am a bit lost how I solve this issue. Do you have any ideas or something that I've done really wrong here?

Best Regards,
Michal
Comment 3 Steve Wills freebsd_committer freebsd_triage 2021-08-28 02:33:02 UTC
Have you tried setting:

api-secret-key=SECRET_KEY_VALUE_HERE

rather than the path to the file containing the secret key?
Comment 4 Steve Wills freebsd_committer freebsd_triage 2021-08-29 19:06:23 UTC
(In reply to fulder from comment #2)

> Checking the gitlab-pages service I first noticed the startcmd function uses a variable not defined in the service file at all: ${gitlab_pages_args}.

It's defined by /etc/rc.subr, see man 8 rc.subr, and defaults to empty. It's an optional thing you can set, if you need it. The service uses it order to honor that option.

> In order to be able to configure the pages daemon I set it to gitlab_pages_args="-config ${gitlab_pages_dir}/config.ini" and created this config file with the following content:
> 
> internal-gitlab-server=http://<MY_LOCAL_IP>
> api-secret-key=/usr/local/www/gitlab-ce/.gitlab_shell_secret
> 
> restarting the service now instead gives me the error message:
> level=fatal msg="Failed to load config" error="expected 32 bytes GitLab API secret but got 24 bytes

I think you're mixing up the gitlab shell secret and the gitlab pages secret. Reading:

https://docs.gitlab.com/ee/administration/pages/source.html#wildcard-domains

which shows an example like:

api-secret-key=/home/git/gitlab/gitlab-pages-secret

and the gitlab-pages-secret file being generated with openssl:

sudo -u git -H openssl rand -base64 32 > /home/git/gitlab/gitlab-pages-secret

This file is again referenced in gitlab.yml under the pages section:

  secret_file: /home/git/gitlab/gitlab-pages/gitlab-pages-secret

Obviously our paths will differ from the documentation which is targeted at Linux users. For further info, see the source:

https://gitlab.com/gitlab-org/gitlab-pages/-/blob/master/internal/config/config.go

Hopefully this helps, please re-open if you're still having trouble.