Error Sign in to GitLab form Teamcity
Hello, help please..
Installed TeamCity server and GitLab CE Server on other VM.
Problem:
**Can't authenticate and get access to GitlabCE repository through TeamCity to select available repositories on page VSC Roots. **
I got the message: Empty error response from https://gitlab.prod.com/oauth/token, status code: 504 (teamcity_invalid_response) Connection: GitLab CE/EE (project: XTestConnection)
Manually, if i paste a reference to the repository Fetch URL Gitlab CE, i can run builds, all works. And it only works if the git@gitlab.prod.com:project/test.git, but not https://gitlab.prod.com/project/test.git, and works only with uploaded SSH key authentication, not login/pass GitlabCE
If attach GitLab.com everything works, i get a list of repositories, with any kind of URL and authorization.
Between servers I don’t have a proxy, open full access. If i use a browser or command line, then successful connection to Gitlab (and Api included) GitLab API is available from the browser or CLT
However, there is a NGINX proxy from the gitlab ce omnybus installation. Maybe in NGINX settings gitlab.rb i need to write something, I did not find a solve that...
How to reproduce:
- In TeamCity, on root project, go to project settings - coonections - add connections - GitLab CE/EE
- copy Callback URL as https://xxx-xxx-webbuild01.xx.xxxxxxxxxxxxxxxxx.local/oauth/gitlab/accessToken.html
- Go to GitLab settings - applications - add Redirect URL - touch "api" - Save.
- Then I copy Application ID and Secret insert them into Teamcity with url https://gitlab.prod.com/
Now let’s create a configuration:
- edit VSC Root, Fetch URL, press button GitLab CE/EE
- press button Sing in to GitLab
- open window with a message about autorize teamcity in gitlab
- click Autorize
- and I get a message after some waiting
GitLab Request Error: Empty error response from https://gitlab.prod.com/oauth/token, status code: 504 (teamcity_invalid_response) Connection: GitLab CE/EE (project: XTestConnection)
TeamCity, I authorize using LDAP (Windows AD), but I tried to create a local internal account for the test. GitLab authorizes using created credentials inside, without using third-party OAuth gitlab-rake gitlab:check LDAP: ... LDAP is disabled in config/gitlab.yml Checking LDAP ... Finished
Screenshots
Click to expand
Results of GitLab application Check
sudo gitlab-rake gitlab:check
Click to expand
`Checking GitLab subtasks ...Checking GitLab Shell ...
GitLab Shell: ... GitLab Shell version >= 9.0.0 ? ... OK (9.0.0)
Running /opt/gitlab/embedded/service/gitlab-shell/bin/check
Check GitLab API access: OK
Redis available via internal API: OK
Access to /var/opt/gitlab/.ssh/authorized_keys: OK
gitlab-shell self-check successful
Checking GitLab Shell ... Finished
Checking Gitaly ...
Gitaly: ... default ... OK
Checking Gitaly ... Finished
Checking Sidekiq ...
Sidekiq: ... Running? ... yes
Number of Sidekiq processes ... 1
Checking Sidekiq ... Finished
Checking Incoming Email ...
Incoming Email: ... Reply by email is disabled in config/gitlab.yml
Checking Incoming Email ... Finished
Checking LDAP ...
LDAP: ... LDAP is disabled in config/gitlab.yml
Checking LDAP ... Finished
Checking GitLab App ...
Git configured correctly? ... yes
Database config exists? ... yes
All migrations up? ... yes
Database contains orphaned GroupMembers? ... no
GitLab config exists? ... yes
GitLab config up to date? ... yes
Log directory writable? ... yes
Tmp directory writable? ... yes
Uploads directory exists? ... yes
Uploads directory has correct permissions? ... yes
Uploads directory tmp has correct permissions? ... yes
Init script exists? ... skipped (omnibus-gitlab has no init script)
Init script up-to-date? ... skipped (omnibus-gitlab has no init script)
Projects have namespace: ... ... Redis version >= 2.8.0? ... yes
Ruby version >= 2.5.3 ? ... yes (2.5.3)
Git version >= 2.18.0 ? ... yes (2.18.1)
Git user has default SSH configuration? ... yes
Active users: ... 24
Checking GitLab App ... Finished
Checking GitLab subtasks ... Finished
`
Results of GitLab environment info
sudo gitlab-rake gitlab:env:info:
Click to expand
System information
System:
Current User: git
Using RVM: no
Ruby Version: 2.5.3p105
Gem Version: 2.7.6
Bundler Version:1.17.3
Rake Version: 12.3.2
Redis Version: 3.2.12
Git Version: 2.18.1
Sidekiq Version:5.2.5
Go Version: unknown
GitLab information
Version: 11.10.1
Revision: 861fe405
Directory: /opt/gitlab/embedded/service/gitlab-rails
DB Adapter: PostgreSQL
DB Version: 9.6.11
HTTP Clone URL: https://gitlab.prod.com/some-group/some-project.git
SSH Clone URL: git@gitlab.prod.com:some-group/some-project.git
Using LDAP: no
Using Omniauth: yes
Omniauth Providers:
GitLab Shell
Version: 9.0.0
Repository storage paths:
- default: /var/opt/gitlab/git-data/repositories
GitLab Shell path: /opt/gitlab/embedded/service/gitlab-shell
Git: /opt/gitlab/embedded/bin/git
Relevant logs and/or screenshots
gitlab-ctl tail output:
Click to expand
==> /var/log/gitlab/gitlab-rails/production.log <== Started GET "/oauth/authorize?client_id=08355cb723b0afa0e0faf79d662498ef243a8ba9b29bd81d61e3a3d511c1e7b9&redirect_uri=https%3A%2F%2Fxx-x-webbuild01.xx.something.local%2Foauth%2Fgitlab%2FaccessToken.html&response_type=code&state=eyJyZXF1ZXN0S2V5IjoiR05rcWpEWXdiazlwMUFvZWpmZE16dWRleEZXNGwyaGEiLCJjb25uZWN0aW9uSWQiOiJQUk9KRUNUX0VYVF83IiwicHJvamVjdElkIjoiWFRlc3RDb25uZWN0aW9uIiwiY2FsbGJhY2tVcmwiOiIvb2F1dGgvZ2l0bGFiL3JlcG9zaXRvcmllcy5odG1sP3Byb2plY3RJZFx1MDAzZFhUZXN0Q29ubmVjdGlvblx1MDAyNmNvbm5lY3Rpb25JZFx1MDAzZFBST0pFQ1RfRVhUXzdcdTAwMjZ0b2tlbk9idGFpbmVkXHUwMDNkdHJ1ZVx1MDAyNnNob3dNb2RlXHUwMDNkcG9wdXAiLCJhY3Rpb24iOiJjb21wbGV0ZUF1dGhvcml6YXRpb24ifQ==" for 172.20.21.95 at 2022-04-28 12:04:04 +0200 Processing by Oauth::AuthorizationsController#new as HTML Parameters: {"client_id"=>"08355cb723b0afa0e0faf79d662498ef243a8ba9b29bd81d61e3a3d511c1e7b9", "redirect_uri"=>"https://xx-x-webbuild01.xx.something.local/oauth/gitlab/accessToken.html", "response_type"=>"code", "state"=>"eyJyZXF1ZXN0S2V5IjoiR05rcWpEWXdiazlwMUFvZWpmZE16dWRleEZXNGwyaGEiLCJjb25uZWN0aW9uSWQiOiJQUk9KRUNUX0VYVF83IiwicHJvamVjdElkIjoiWFRlc3RDb25uZWN0aW9uIiwiY2FsbGJhY2tVcmwiOiIvb2F1dGgvZ2l0bGFiL3JlcG9zaXRvcmllcy5odG1sP3Byb2plY3RJZFx1MDAzZFhUZXN0Q29ubmVjdGlvblx1MDAyNmNvbm5lY3Rpb25JZFx1MDAzZFBST0pFQ1RfRVhUXzdcdTAwMjZ0b2tlbk9idGFpbmVkXHUwMDNkdHJ1ZVx1MDAyNnNob3dNb2RlXHUwMDNkcG9wdXAiLCJhY3Rpb24iOiJjb21wbGV0ZUF1dGhvcml6YXRpb24ifQ=="} Redirected to https://xx-x-webbuild01.xx.something.local/oauth/gitlab/accessToken.html?code=5ce09fb1de6feeb37f7827d852f5a8bb640be4e448888d8cd17bc7d95ce19471&state=eyJyZXF1ZXN0S2V5IjoiR05rcWpEWXdiazlwMUFvZWpmZE16dWRleEZXNGwyaGEiLCJjb25uZWN0aW9uSWQiOiJQUk9KRUNUX0VYVF83IiwicHJvamVjdElkIjoiWFRlc3RDb25uZWN0aW9uIiwiY2FsbGJhY2tVcmwiOiIvb2F1dGgvZ2l0bGFiL3JlcG9zaXRvcmllcy5odG1sP3Byb2plY3RJZFx1MDAzZFhUZXN0Q29ubmVjdGlvblx1MDAyNmNvbm5lY3Rpb25JZFx1MDAzZFBST0pFQ1RfRVhUXzdcdTAwMjZ0b2tlbk9idGFpbmVkXHUwMDNkdHJ1ZVx1MDAyNnNob3dNb2RlXHUwMDNkcG9wdXAiLCJhY3Rpb24iOiJjb21wbGV0ZUF1dGhvcml6YXRpb24ifQ%3D%3D Completed 302 Found in 49ms (ActiveRecord: 8.2ms)
==> /var/log/gitlab/gitlab-rails/production_json.log <== {"method":"GET","path":"/oauth/authorize","format":"html","controller":"Oauth::AuthorizationsController","action":"new","status":302,"duration":50.21,"view":0.0,"db":8.2,"location":"https://xx-x-webbuild01.xx.something.local/oauth/gitlab/accessToken.html","time":"2022-04-28T10:04:04.593Z","params":[{"key":"client_id","value":"08355cb723b0afa0e0faf79d662498ef243a8ba9b29bd81d61e3a3d511c1e7b9"},{"key":"redirect_uri","value":"https://xx-x-webbuild01.xx.something.local/oauth/gitlab/accessToken.html"},{"key":"response_type","value":"code"},{"key":"state","value":"eyJyZXF1ZXN0S2V5IjoiR05rcWpEWXdiazlwMUFvZWpmZE16dWRleEZXNGwyaGEiLCJjb25uZWN0aW9uSWQiOiJQUk9KRUNUX0VYVF83IiwicHJvamVjdElkIjoiWFRlc3RDb25uZWN0aW9uIiwiY2FsbGJhY2tVcmwiOiIvb2F1dGgvZ2l0bGFiL3JlcG9zaXRvcmllcy5odG1sP3Byb2plY3RJZFx1MDAzZFhUZXN0Q29ubmVjdGlvblx1MDAyNmNvbm5lY3Rpb25JZFx1MDAzZFBST0pFQ1RfRVhUXzdcdTAwMjZ0b2tlbk9idGFpbmVkXHUwMDNkdHJ1ZVx1MDAyNnNob3dNb2RlXHUwMDNkcG9wdXAiLCJhY3Rpb24iOiJjb21wbGV0ZUF1dGhvcml6YXRpb24ifQ=="}],"remote_ip":null,"user_id":null,"username":null,"ua":null,"queue_duration":null,"correlation_id":"X7DJjAbVFg8"}
==> /var/log/gitlab/nginx/gitlab_access.log <== "GET /oauth/authorize?client_id=08355cb723b0afa0e0faf79d662498ef243a8ba9b29bd81d61e3a3d511c1e7b9&redirect_uri=https%3A%2F%2Fxx-x-webbuild01.xx.something.local%2Foauth%2Fgitlab%2FaccessToken.html&response_type=code&state=eyJyZXF1ZXN0S2V5IjoiSmtCank3Wmw3Z3d2V01CVnlWREFveXhENFQwZ0lMM1AiLCJjb25uZWN0aW9uSWQiOiJQUk9KRUNUX0VYVF83IiwicHJvamVjdElkIjoiWFRlc3RDb25uZWN0aW9uIiwiY2FsbGJhY2tVcmwiOiIvb2F1dGgvZ2l0bGFiL3JlcG9zaXRvcmllcy5odG1sP3Byb2plY3RJZFx1MDAzZFhUZXN0Q29ubmVjdGlvblx1MDAyNmNvbm5lY3Rpb25JZFx1MDAzZFBST0pFQ1RfRVhUXzdcdTAwMjZ0b2tlbk9idGFpbmVkXHUwMDNkdHJ1ZVx1MDAyNnNob3dNb2RlXHUwMDNkcG9wdXAiLCJhY3Rpb24iOiJjb21wbGV0ZUF1dGhvcml6YXRpb24ifQ== HTTP/2.0" 302 645 "https://xx-x-webbuild01.xx.something.local/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36"
Possible fixes
Settings may be(
Thank you!