Omnibus Installation: Env Variables from host/user ignored in /opt/gitlab/embedded/bin/runsvdir-start

Hi folks,

Maybe related:

#211488 (closed)

Summary

Environment variables from the OS and/or the chosen user are not supplied to the gitlab main process - and therefore to all the subprocesses.

Steps to reproduce

create systemd oderride unit file

[root@mgtgit005:/opt/gitlab] cat /etc/systemd/system/gitlab-runsvdir.service.d/override.conf
[Service]
ExecStartPre=/bin/bash -c 'printenv > /tmp/gitenv'
Environment="HTTP_PROXY=http://xx.xx.xx.xx:80"
Environment="HTTPS_PROXY=http://xx.xx.xx.xx:80"
Environment="NO_PROXY=localhost,127.0.0.1,xxx.com"

check that proxy config is available

[root@mgtgit005:/opt/gitlab] cat /tmp/gitenv
NO_PROXY=localhost,127.0.0.1,.a41mgt.local,.all-for-one.net
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
PWD=/
HTTPS_PROXY=http://91.229.169.122:80
SHLVL=1
HTTP_PROXY=http://91.229.169.122:80
LC_CTYPE=en_US.UTF-8
_=/usr/bin/printenv

get environment of main process

[root@mgtgit005:/opt/gitlab] cat /proc/37380/environ
PATH=/opt/gitlab/bin:/opt/gitlab/embedded/bin:/usr/local/bin:/usr/local/sbin:/bin:/sbin:/usr/bin:/usr/sbin
[root@mgtgit005:/opt/gitlab]

Expected Output

get environment of main process

[root@mgtgit005:/opt/gitlab] cat /proc/37380/environ
PATH=/opt/gitlab/bin:/opt/gitlab/embedded/bin:/usr/local/bin:/usr/local/sbin:/bin:/sbin:/usr/bin:/usr/sbin
NO_PROXY=localhost,127.0.0.1,.a41mgt.local,.all-for-one.net
HTTPS_PROXY=http://91.229.169.122:80
HTTP_PROXY=http://91.229.169.122:80
[root@mgtgit005:/opt/gitlab]

Background

My Organization disabled our selfhosted ADFS Solution and we wanted to migrate the gitlab instance to Azure Authentication instead of SAML. Sadly our gitlab instance is behind a corporate proxy for new outgoing connections. Because of this change we followed the how-to (https://docs.gitlab.com/ee/integration/azure.html) on Gitlab Docs. Everything ok until we tested. We always got "Connection Refused", so i began searching, why the systemwide proxy config seemed not working. Proxy Config is done on this Suse SLES via /etc/sysconfig/proxy file.

possible source of bug

In Omnibus Installation, go to /opt/gitlab/embedded/bin/runsvdir-start.

on line ~40:

exec env - PATH=$PATH  \
runsvdir -P /opt/gitlab/service 'log: ................................................................................................................................................................................................................................................................................
...........................................................................................................................'

This "env - PATH=$PATH" enforces, that ALL other variables will not be handed over to the started process runsvdir.

Possible fixes

Delete the "env" part so all OS ENV-variables will be handed over.

Greetings hasechris