gitlab-runner can't connect to redirected http to https gitlab instance
gitlab-runner fail to connect by redirected http to https gitlab instance.
/etc/gitlab-runner/config.toml:
...
[[runners]]
name = "sl2.dev.somehost.com"
url = "http://git.somehost.com/ci"
root@sl2:~# systemctl status gitlab-runner.service
● gitlab-runner.service - GitLab Runner
Loaded: loaded (/etc/systemd/system/gitlab-runner.service; enabled)
Active: active (running) since Пт 2018-06-22 13:13:05 MSK; 1min 6s ago
Main PID: 95033 (gitlab-ci-multi)
CGroup: /system.slice/ssh.service/system.slice/gitlab-runner.service
└─95033 /usr/bin/gitlab-ci-multi-runner run --working-directory /home/gitlab-runner --config /etc/gitlab-runner/config.toml --service gitlab-runner --syslog --user gitlab-runner
июн 22 13:13:21 sl2.dev.somesite.com gitlab-runner[95033]: time="2018-06-22T13:13:21+03:00" level=warning msg="Checking for jobs... failed" runner=7ef697b8 status="404 Not Found"
<nil>
июн 22 13:13:21 sl2.dev.somesite.com gitlab-ci-multi-runner[95033]: time="2018-06-22T13:13:21+03:00" level=warning msg="Checking for jobs... failed" runner=7ef697b8 status="404 Not Found"
июн 22 13:13:26 sl2.dev.somesite.com gitlab-runner[95033]: time="2018-06-22T13:13:26+03:00" level=warning msg="Checking for jobs... failed" runner=7ef697b8 status="404 Not Found"
<nil>
июн 22 13:13:26 sl2.dev.somesite.com gitlab-ci-multi-runner[95033]: time="2018-06-22T13:13:26+03:00" level=warning msg="Checking for jobs... failed" runner=7ef697b8 status="404 Not Found"
июн 22 13:13:39 sl2.dev.somesite.com gitlab-runner[95033]: time="2018-06-22T13:13:39+03:00" level=warning msg="Checking for jobs... failed" runner=7ef697b8 status="404 Not Found"
<nil>
июн 22 13:13:39 sl2.dev.somesite.com gitlab-ci-multi-runner[95033]: time="2018-06-22T13:13:39+03:00" level=warning msg="Checking for jobs... failed" runner=7ef697b8 status="404 Not Found"
июн 22 13:13:47 sl2.dev.somesite.com gitlab-runner[95033]: time="2018-06-22T13:13:47+03:00" level=warning msg="Checking for jobs... failed" runner=7ef697b8 status="404 Not Found"
<nil>
июн 22 13:13:47 sl2.dev.somesite.com gitlab-ci-multi-runner[95033]: time="2018-06-22T13:13:47+03:00" level=warning msg="Checking for jobs... failed" runner=7ef697b8 status="404 Not Found"
июн 22 13:14:07 sl2.dev.somesite.com gitlab-runner[95033]: time="2018-06-22T13:14:07+03:00" level=warning msg="Checking for jobs... failed" runner=7ef697b8 status="404 Not Found"
<nil>
июн 22 13:14:07 sl2.dev.somesite.com gitlab-ci-multi-runner[95033]: time="2018-06-22T13:14:07+03:00" level=warning msg="Checking for jobs... failed" runner=7ef697b8 status="404 Not Found"
root@sl2:~# curl -vIL git.somehost.ru
* Rebuilt URL to: git.somehost.ru/
* Hostname was NOT found in DNS cache
* Trying 10.1.14.202...
* Connected to git.somehost.ru (10.1.14.202) port 80 (#0)
> HEAD / HTTP/1.1
> User-Agent: curl/7.38.0
> Host: git.somehost.ru
> Accept: */*
>
< HTTP/1.1 301 Moved Permanently
HTTP/1.1 301 Moved Permanently
* Server nginx is not blacklisted
< Server: nginx
Server: nginx
< Date: Fri, 22 Jun 2018 11:38:32 GMT
Date: Fri, 22 Jun 2018 11:38:32 GMT
< Content-Type: text/html
Content-Type: text/html
< Content-Length: 178
Content-Length: 178
< Connection: keep-alive
Connection: keep-alive
< Location: https://git.somehost.ru:443/
Location: https://git.somehost.ru:443/
<
* Connection #0 to host git.somehost.ru left intact
* Issue another request to this URL: 'https://git.somehost.ru:443/'
* Found bundle for host git.somehost.ru: 0x7fcc631b4690
* Hostname was NOT found in DNS cache
* Trying 10.1.14.202...
* Connected to git.somehost.ru (10.1.14.202) port 443 (#1)
* successfully set certificate verify locations:
* CAfile: none
CApath: /etc/ssl/certs
* SSLv3, TLS handshake, Client hello (1):
* SSLv3, TLS handshake, Server hello (2):
* SSLv3, TLS handshake, CERT (11):
* SSLv3, TLS handshake, Server key exchange (12):
* SSLv3, TLS handshake, Server finished (14):
* SSLv3, TLS handshake, Client key exchange (16):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
* Server certificate:
* subject: C=RU; postalCode=125125; ST=Leningrag; L=St. Petersburg; street=d. 19 litera A ofis 204, Gagarina; O=LLC somehost; OU=job; OU=PremiumSSL Wildcard; CN=*.somehost.ru
* start date: 2018-05-23 00:00:00 GMT
* expire date: 2020-06-03 23:59:59 GMT
* subjectAltName: git.somehost.ru matched
* issuer: C=RU; ST=Moscow; L=Moscow; O=RU-Center (skipped); CN=RU-CENTER High Assurance Services CA 2
* SSL certificate verify ok.
> HEAD / HTTP/1.1
> User-Agent: curl/7.38.0
> Host: git.somehost.ru
> Accept: */*
>
< HTTP/1.1 302 Found
HTTP/1.1 302 Found
* Server nginx is not blacklisted
< Server: nginx
Server: nginx
< Date: Fri, 22 Jun 2018 11:38:32 GMT
Date: Fri, 22 Jun 2018 11:38:32 GMT
< Content-Type: text/html; charset=utf-8
Content-Type: text/html; charset=utf-8
< Connection: keep-alive
Connection: keep-alive
< Cache-Control: no-cache
Cache-Control: no-cache
< Location: https://git.somehost.ru/users/sign_in
Location: https://git.somehost.ru/users/sign_in
< X-Content-Type-Options: nosniff
X-Content-Type-Options: nosniff
< X-Frame-Options: DENY
X-Frame-Options: DENY
< X-Request-Id: bc6601b7-8d04-48cc-9e50-9b4fdb171080
X-Request-Id: bc6601b7-8d04-48cc-9e50-9b4fdb171080
< X-Runtime: 0.048107
X-Runtime: 0.048107
< X-Ua-Compatible: IE=edge
X-Ua-Compatible: IE=edge
< X-Xss-Protection: 1; mode=block
X-Xss-Protection: 1; mode=block
< Strict-Transport-Security: max-age=31536000
Strict-Transport-Security: max-age=31536000
<
* Connection #1 to host git.somehost.ru left intact
* Issue another request to this URL: 'https://git.somehost.ru/users/sign_in'
* Found bundle for host git.somehost.ru: 0x7fcc631b4690
* Re-using existing connection! (#1) with host git.somehost.ru
* Connected to git.somehost.ru (10.1.14.202) port 443 (#1)
> HEAD /users/sign_in HTTP/1.1
> User-Agent: curl/7.38.0
> Host: git.somehost.ru
> Accept: */*
>
< HTTP/1.1 200 OK
HTTP/1.1 200 OK
* Server nginx is not blacklisted
< Server: nginx
Server: nginx
< Date: Fri, 22 Jun 2018 11:38:32 GMT
Date: Fri, 22 Jun 2018 11:38:32 GMT
< Content-Type: text/html; charset=utf-8
Content-Type: text/html; charset=utf-8
< Connection: keep-alive
Connection: keep-alive
< Vary: Accept-Encoding
Vary: Accept-Encoding
< Cache-Control: max-age=0, private, must-revalidate
Cache-Control: max-age=0, private, must-revalidate
< Etag: W/"757ce738986d09c68d8c15484f38a88e"
Etag: W/"757ce738986d09c68d8c15484f38a88e"
< Set-Cookie: _gitlab_session=961234ccde5ac6eefd568948940ee679; path=/; secure; HttpOnly
Set-Cookie: _gitlab_session=961234ccde5ac6eefd568948940ee679; path=/; secure; HttpOnly
< X-Content-Type-Options: nosniff
X-Content-Type-Options: nosniff
< X-Frame-Options: DENY
X-Frame-Options: DENY
< X-Request-Id: 75e04d32-c5c6-4ebd-b8b1-2f52cca5600b
X-Request-Id: 75e04d32-c5c6-4ebd-b8b1-2f52cca5600b
< X-Runtime: 0.170009
X-Runtime: 0.170009
< X-Ua-Compatible: IE=edge
X-Ua-Compatible: IE=edge
< X-Xss-Protection: 1; mode=block
X-Xss-Protection: 1; mode=block
< Strict-Transport-Security: max-age=31536000
Strict-Transport-Security: max-age=31536000
<
* Connection #1 to host git.somehost.ru left intact
After replace in /etc/gitlab-runner/config.toml http to https - gitlab runner work well:
[[runners]]
name = "sl2.dev.somehost.com"
url = "https://git.somehost.com/ci"
But with multiple host with instances of gitlab-runner to need change congfigurations on each host. And this is pain and suffering.
Edited by RNZ