Skip to content

Can't view instance configuration page when using FIPS GitLab.

Everyone can contribute. Help move this issue forward while earning points, leveling up and collecting rewards.

Summary

When using a GitLab Omnibus FIPS image the https://<gitlab url>/help/instance_configuration can't be viewed. Visiting the page results in a 500 error. This is due to the page trying to render the MD5 hash of the instance's SSH keys. MD5 is not a valid cryptography algorithm in FIPS.

The error message includes "exception.class":"ActionView::Template::Error","exception.message":"Digest initialization failed: disabled for FIPS",

Steps to reproduce

  1. Have a FIPS enabled OS image.
  2. Install a Gitlab Omnibus FIPS package
  3. Go to https://<gitlab url>/help/instance_configuration

What is the current bug behavior?

A 500 error is displayed.

What is the expected correct behavior?

The page should render and show the instance's configuration.

Relevant logs and/or screenshots

production.json 
{"method":"GET","path":"/help/instance_configuration","format":"html","controller":"HelpController","action":"instance_configuration","status":500,"time":"2024-09-30T20:59:57.603Z","params":[],"correlation_id":"01J92BQ5GQE0RM5AVK7X3A40FV","meta.caller_id":"HelpController#instance_configuration","meta.feature_category":"not_owned","meta.remote_ip":"redacted","meta.user":"root","meta.user_id":1,"meta.client_id":"user/1","remote_ip":"redacted","user_id":1,"username":"root","ua":"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36","queue_duration_s":0.007605,"request_urgency":"default","target_duration_s":1,"redis_calls":7,"redis_allowed_cross_slot_calls":1,"redis_duration_s":0.002054,"redis_read_bytes":366,"redis_write_bytes":827,"redis_cache_calls":1,"redis_cache_duration_s":0.000193,"redis_cache_write_bytes":38,"redis_db_load_balancing_calls":2,"redis_db_load_balancing_duration_s":0.000455,"redis_db_load_balancing_write_bytes":104,"redis_feature_flag_calls":1,"redis_feature_flag_duration_s":0.000233,"redis_feature_flag_read_bytes":199,"redis_feature_flag_write_bytes":76,"redis_sessions_calls":3,"redis_sessions_allowed_cross_slot_calls":1,"redis_sessions_duration_s":0.001173,"redis_sessions_read_bytes":167,"redis_sessions_write_bytes":609,"db_count":3,"db_write_count":0,"db_cached_count":0,"db_txn_count":0,"db_replica_txn_count":0,"db_primary_txn_count":0,"db_main_txn_count":0,"db_ci_txn_count":0,"db_main_replica_txn_count":0,"db_ci_replica_txn_count":0,"db_replica_count":0,"db_primary_count":3,"db_main_count":3,"db_ci_count":0,"db_main_replica_count":0,"db_ci_replica_count":0,"db_replica_cached_count":0,"db_primary_cached_count":0,"db_main_cached_count":0,"db_ci_cached_count":0,"db_main_replica_cached_count":0,"db_ci_replica_cached_count":0,"db_replica_wal_count":0,"db_primary_wal_count":0,"db_main_wal_count":0,"db_ci_wal_count":0,"db_main_replica_wal_count":0,"db_ci_replica_wal_count":0,"db_replica_wal_cached_count":0,"db_primary_wal_cached_count":0,"db_main_wal_cached_count":0,"db_ci_wal_cached_count":0,"db_main_replica_wal_cached_count":0,"db_ci_replica_wal_cached_count":0,"db_replica_txn_max_duration_s":0.0,"db_primary_txn_max_duration_s":0.0,"db_main_txn_max_duration_s":0.0,"db_ci_txn_max_duration_s":0.0,"db_main_replica_txn_max_duration_s":0.0,"db_ci_replica_txn_max_duration_s":0.0,"db_replica_txn_duration_s":0.0,"db_primary_txn_duration_s":0.0,"db_main_txn_duration_s":0.0,"db_ci_txn_duration_s":0.0,"db_main_replica_txn_duration_s":0.0,"db_ci_replica_txn_duration_s":0.0,"db_replica_duration_s":0.0,"db_primary_duration_s":0.004,"db_main_duration_s":0.004,"db_ci_duration_s":0.0,"db_main_replica_duration_s":0.0,"db_ci_replica_duration_s":0.0,"cpu_s":0.235341,"mem_objects":166259,"mem_bytes":19193752,"mem_mallocs":89127,"mem_total_bytes":25844112,"pid":2867,"worker_id":"puma_0","rate_limiting_gates":[],"exception.class":"ActionView::Template::Error","exception.message":"Digest initialization failed: disabled for FIPS","exception.backtrace":["openssl (3.2.0) lib/openssl/digest.rb:31:in `initialize'","openssl (3.2.0) lib/openssl/digest.rb:31:in `block (3 levels) in <class:Digest>'","openssl (3.2.0) lib/openssl/digest.rb:37:in `new'","openssl (3.2.0) lib/openssl/digest.rb:37:in `block (3 levels) in <class:Digest>'","ssh_data (1.3.0) lib/ssh_data/public_key/base.rb:19:in `fingerprint'","lib/gitlab/ssh_public_key.rb:94:in `fingerprint'","app/models/instance_configuration.rb:176:in `ssh_algorithm_md5'","app/models/instance_configuration.rb:164:in `ssh_algorithm_hashes'","app/models/instance_configuration.rb:30:in `block in ssh_algorithms_hashes'","app/models/instance_configuration.rb:30:in `map'","app/models/instance_configuration.rb:30:in `ssh_algorithms_hashes'","app/models/instance_configuration.rb:20:in `configuration'","ee/app/models/ee/instance_configuration.rb:11:in `configuration'","app/models/instance_configuration.rb:13:in `block in settings'","activesupport (7.0.8.4) lib/active_support/cache.rb:809:in `block in save_block_result_to_cache'","activesupport (7.0.8.4) lib/active_support/cache.rb:783:in `block in instrument'","activesupport (7.0.8.4) lib/active_support/notifications.rb:206:in `block in instrument'","activesupport (7.0.8.4) lib/active_support/notifications/instrumenter.rb:24:in `instrument'","activesupport (7.0.8.4) lib/active_support/notifications.rb:206:in `instrument'","activesupport (7.0.8.4) lib/active_support/cache.rb:783:in `instrument'","activesupport (7.0.8.4) lib/active_support/cache.rb:808:in `save_block_result_to_cache'","activesupport (7.0.8.4) lib/active_support/cache.rb:338:in `fetch'","app/models/instance_configuration.rb:12:in `settings'","app/views/help/instance_configuration/_ssh_info.html.haml:1","actionview (7.0.8.4) lib/action_view/base.rb:244:in `public_send'","actionview (7.0.8.4) lib/action_view/base.rb:244:in `_run'","actionview (7.0.8.4) lib/action_view/template.rb:157:in `block in render'","activesupport (7.0.8.4) lib/active_support/notifications.rb:208:in `instrument'","actionview (7.0.8.4) lib/action_view/template.rb:361:in `instrument_render_template'","actionview (7.0.8.4) lib/action_view/template.rb:155:in `render'","actionview (7.0.8.4) lib/action_view/renderer/partial_renderer.rb:251:in `block in render_partial_template'","activesupport (7.0.8.4) lib/active_support/notifications.rb:208:in `instrument'","actionview (7.0.8.4) lib/action_view/renderer/partial_renderer.rb:246:in `render_partial_template'","actionview (7.0.8.4) lib/action_view/renderer/partial_renderer.rb:237:in `render'","actionview (7.0.8.4) lib/action_view/renderer/renderer.rb:81:in `render_partial_to_object'","actionview (7.0.8.4) lib/action_view/renderer/renderer.rb:53:in `render_partial'","actionview (7.0.8.4) lib/action_view/helpers/rendering_helper.rb:44:in `render'","app/views/help/instance_configuration.html.haml:8","actionview (7.0.8.4) lib/action_view/base.rb:244:in `public_send'","actionview (7.0.8.4) lib/action_view/base.rb:244:in `_run'","actionview (7.0.8.4) lib/action_view/template.rb:157:in `block in render'","activesupport (7.0.8.4) lib/active_support/notifications.rb:208:in `instrument'","actionview (7.0.8.4) lib/action_view/template.rb:361:in `instrument_render_template'","actionview (7.0.8.4) lib/action_view/template.rb:155:in `render'","actionview (7.0.8.4) lib/action_view/renderer/template_renderer.rb:65:in `block (2 levels) in render_template'","activesupport (7.0.8.4) lib/active_support/notifications.rb:206:in `block in instrument'","activesupport (7.0.8.4) lib/active_support/notifications/instrumenter.rb:24:in `instrument'","activesupport (7.0.8.4) lib/active_support/notifications.rb:206:in `instrument'","actionview (7.0.8.4) lib/action_view/renderer/template_renderer.rb:60:in `block in render_template'","actionview (7.0.8.4) lib/action_view/renderer/template_renderer.rb:75:in `block in render_with_layout'","activesupport (7.0.8.4) lib/active_support/notifications.rb:208:in `instrument'","actionview (7.0.8.4) lib/action_view/renderer/template_renderer.rb:74:in `render_with_layout'","actionview (7.0.8.4) lib/action_view/renderer/template_renderer.rb:59:in `render_template'","actionview (7.0.8.4) lib/action_view/renderer/template_renderer.rb:11:in `render'","actionview (7.0.8.4) lib/action_view/renderer/renderer.rb:61:in `render_template_to_object'","actionview (7.0.8.4) lib/action_view/renderer/renderer.rb:29:in `render_to_object'","actionview (7.0.8.4) lib/action_view/rendering.rb:117:in `block in _render_template'","actionview (7.0.8.4) lib/action_view/base.rb:270:in `in_rendering_context'","actionview (7.0.8.4) lib/action_view/rendering.rb:116:in `_render_template'","actionpack (7.0.8.4) lib/action_controller/metal/streaming.rb:216:in `_render_template'","actionview (7.0.8.4) lib/action_view/rendering.rb:103:in `render_to_body'","actionpack (7.0.8.4) lib/action_controller/metal/rendering.rb:158:in `render_to_body'","actionpack (7.0.8.4) lib/action_controller/metal/renderers.rb:141:in `render_to_body'","actionpack (7.0.8.4) lib/abstract_controller/rendering.rb:27:in `render'","actionpack (7.0.8.4) lib/action_controller/metal/rendering.rb:139:in `render'","actionpack (7.0.8.4) lib/action_controller/metal/instrumentation.rb:22:in `block (2 levels) in render'","/opt/gitlab/embedded/lib/ruby/3.1.0/benchmark.rb:311:in `realtime'","activesupport (7.0.8.4) lib/active_support/core_ext/benchmark.rb:14:in `ms'","actionpack (7.0.8.4) lib/action_controller/metal/instrumentation.rb:22:in `block in render'","actionpack (7.0.8.4) lib/action_controller/metal/instrumentation.rb:91:in `cleanup_view_runtime'","activerecord (7.0.8.4) lib/active_record/railties/controller_runtime.rb:34:in `cleanup_view_runtime'","elasticsearch-rails (7.2.1) lib/elasticsearch/rails/instrumentation/controller_runtime.rb:37:in `cleanup_view_runtime'","actionpack (7.0.8.4) lib/action_controller/metal/instrumentation.rb:21:in `render'","app/controllers/application_controller.rb:143:in `render'","actionpack (7.0.8.4) lib/action_controller/metal/implicit_render.rb:35:in `default_render'","actionpack (7.0.8.4) lib/action_controller/metal/basic_implicit_render.rb:7:in `send_action'","actionpack (7.0.8.4) lib/abstract_controller/base.rb:215:in `process_action'","actionpack (7.0.8.4) lib/action_controller/metal/rendering.rb:165:in `process_action'","actionpack (7.0.8.4) lib/abstract_controller/callbacks.rb:234:in `block in process_action'","activesupport (7.0.8.4) lib/active_support/callbacks.rb:118:in `block in run_callbacks'","lib/gitlab/ip_address_state.rb:11:in `with'","ee/app/controllers/ee/application_controller.rb:45:in `set_current_ip_address'","activesupport (7.0.8.4) lib/active_support/callbacks.rb:127:in `block in run_callbacks'","app/controllers/application_controller.rb:484:in `set_current_admin'","activesupport (7.0.8.4) lib/active_support/callbacks.rb:127:in `block in run_callbacks'","lib/gitlab/session.rb:11:in `with_session'","app/controllers/application_controller.rb:475:in `set_session_storage'","activesupport (7.0.8.4) lib/active_support/callbacks.rb:127:in `block in run_callbacks'","lib/gitlab/i18n.rb:114:in `with_locale'","lib/gitlab/i18n.rb:120:in `with_user_locale'","app/controllers/application_controller.rb:466:in `set_locale'","activesupport (7.0.8.4) lib/active_support/callbacks.rb:127:in `block in run_callbacks'","marginalia (1.11.1) lib/marginalia.rb:109:in `record_query_comment'","activesupport (7.0.8.4) lib/active_support/callbacks.rb:127:in `block in run_callbacks'","app/controllers/application_controller.rb:459:in `set_current_context'","activesupport (7.0.8.4) lib/active_support/callbacks.rb:127:in `block in run_callbacks'","sentry-rails (5.19.0) lib/sentry/rails/controller_transaction.rb:30:in `block in sentry_around_action'","sentry-ruby (5.19.0) lib/sentry/hub.rb:102:in `with_child_span'","sentry-ruby (5.19.0) lib/sentry-ruby.rb:498:in `with_child_span'","sentry-rails (5.19.0) lib/sentry/rails/controller_transaction.rb:16:in `sentry_around_action'","activesupport (7.0.8.4) lib/active_support/callbacks.rb:127:in `block in run_callbacks'","activesupport (7.0.8.4) lib/active_support/callbacks.rb:138:in `run_callbacks'","actionpack (7.0.8.4) lib/abstract_controller/callbacks.rb:233:in `process_action'","actionpack (7.0.8.4) lib/action_controller/metal/rescue.rb:23:in `process_action'","actionpack (7.0.8.4) lib/action_controller/metal/instrumentation.rb:67:in `block in process_action'","activesupport (7.0.8.4) lib/active_support/notifications.rb:206:in `block in instrument'","activesupport (7.0.8.4) lib/active_support/notifications/instrumenter.rb:24:in `instrument'","activesupport (7.0.8.4) lib/active_support/notifications.rb:206:in `instrument'","actionpack (7.0.8.4) lib/action_controller/metal/instrumentation.rb:66:in `process_action'","actionpack (7.0.8.4) lib/action_controller/metal/params_wrapper.rb:259:in `process_action'","activerecord (7.0.8.4) lib/active_record/railties/controller_runtime.rb:27:in `process_action'","actionpack (7.0.8.4) lib/abstract_controller/base.rb:151:in `process'","actionview (7.0.8.4) lib/action_view/rendering.rb:39:in `process'","actionpack (7.0.8.4) lib/action_controller/metal.rb:188:in `dispatch'","actionpack (7.0.8.4) lib/action_controller/metal.rb:249:in `block in dispatch'","lib/gitlab/middleware/action_controller_static_context.rb:23:in `call'","actionpack (7.0.8.4) lib/action_controller/metal.rb:249:in `dispatch'","actionpack (7.0.8.4) lib/action_dispatch/routing/route_set.rb:49:in `dispatch'","actionpack (7.0.8.4) lib/action_dispatch/routing/route_set.rb:32:in `serve'","actionpack (7.0.8.4) lib/action_dispatch/journey/router.rb:50:in `block in serve'","actionpack (7.0.8.4) lib/action_dispatch/journey/router.rb:32:in `each'","actionpack (7.0.8.4) lib/action_dispatch/journey/router.rb:32:in `serve'","actionpack (7.0.8.4) lib/action_dispatch/routing/route_set.rb:852:in `call'","gitlab-experiment (0.9.1) lib/gitlab/experiment/middleware.rb:19:in `call'","flipper (0.26.2) lib/flipper/middleware/memoizer.rb:72:in `memoized_call'","flipper (0.26.2) lib/flipper/middleware/memoizer.rb:37:in `call'","lib/gitlab/metrics/elasticsearch_rack_middleware.rb:16:in `call'","lib/gitlab/middleware/sidekiq_shard_awareness_validation.rb:20:in `block in call'","lib/gitlab/sidekiq_sharding/validator.rb:42:in `enabled'","lib/gitlab/middleware/sidekiq_shard_awareness_validation.rb:20:in `call'","lib/gitlab/middleware/memory_report.rb:13:in `call'","lib/gitlab/middleware/speedscope.rb:13:in `call'","lib/gitlab/database/load_balancing/rack_middleware.rb:23:in `call'","lib/gitlab/middleware/rails_queue_duration.rb:33:in `call'","lib/gitlab/etag_caching/middleware.rb:21:in `call'","lib/gitlab/metrics/rack_middleware.rb:16:in `block in call'","lib/gitlab/metrics/web_transaction.rb:46:in `run'","lib/gitlab/metrics/rack_middleware.rb:16:in `call'","lib/gitlab/middleware/go.rb:21:in `call'","lib/gitlab/middleware/query_analyzer.rb:11:in `block in call'","lib/gitlab/database/query_analyzer.rb:40:in `within'","lib/gitlab/middleware/query_analyzer.rb:11:in `call'","batch-loader (2.0.5) lib/batch_loader/middleware.rb:11:in `call'","rack-attack (6.7.0) lib/rack/attack.rb:103:in `call'","apollo_upload_server (2.1.6) lib/apollo_upload_server/middleware.rb:19:in `call'","lib/gitlab/middleware/multipart.rb:173:in `call'","rack-attack (6.7.0) lib/rack/attack.rb:127:in `call'","warden (1.2.9) lib/warden/manager.rb:36:in `block in call'","warden (1.2.9) lib/warden/manager.rb:34:in `catch'","warden (1.2.9) lib/warden/manager.rb:34:in `call'","rack-cors (2.0.2) lib/rack/cors.rb:102:in `call'","rack (2.2.9) lib/rack/tempfile_reaper.rb:15:in `call'","rack (2.2.9) lib/rack/etag.rb:27:in `call'","rack (2.2.9) lib/rack/conditional_get.rb:27:in `call'","rack (2.2.9) lib/rack/head.rb:12:in `call'","actionpack (7.0.8.4) lib/action_dispatch/http/permissions_policy.rb:38:in `call'","actionpack (7.0.8.4) lib/action_dispatch/http/content_security_policy.rb:36:in `call'","lib/gitlab/middleware/read_only/controller.rb:50:in `call'","lib/gitlab/middleware/read_only.rb:18:in `call'","lib/gitlab/middleware/unauthenticated_session_expiry.rb:18:in `call'","rack (2.2.9) lib/rack/session/abstract/id.rb:266:in `context'","rack (2.2.9) lib/rack/session/abstract/id.rb:260:in `call'","actionpack (7.0.8.4) lib/action_dispatch/middleware/cookies.rb:704:in `call'","lib/gitlab/middleware/strip_cookies.rb:29:in `call'","lib/gitlab/middleware/same_site_cookies.rb:27:in `call'","actionpack (7.0.8.4) lib/action_dispatch/middleware/callbacks.rb:27:in `block in call'","activesupport (7.0.8.4) lib/active_support/callbacks.rb:99:in `run_callbacks'","actionpack (7.0.8.4) lib/action_dispatch/middleware/callbacks.rb:26:in `call'","sentry-rails (5.19.0) lib/sentry/rails/rescued_exception_interceptor.rb:12:in `call'","actionpack (7.0.8.4) lib/action_dispatch/middleware/debug_exceptions.rb:28:in `call'","lib/gitlab/middleware/path_traversal_check.rb:35:in `call'","lib/gitlab/middleware/handle_malformed_strings.rb:21:in `call'","sentry-ruby (5.19.0) lib/sentry/rack/capture_exceptions.rb:30:in `block (2 levels) in call'","sentry-ruby (5.19.0) lib/sentry/hub.rb:258:in `with_session_tracking'","sentry-ruby (5.19.0) lib/sentry-ruby.rb:411:in `with_session_tracking'","sentry-ruby (5.19.0) lib/sentry/rack/capture_exceptions.rb:21:in `block in call'","sentry-ruby (5.19.0) lib/sentry/hub.rb:59:in `with_scope'","sentry-ruby (5.19.0) lib/sentry-ruby.rb:391:in `with_scope'","sentry-ruby (5.19.0) lib/sentry/rack/capture_exceptions.rb:20:in `call'","actionpack (7.0.8.4) lib/action_dispatch/middleware/show_exceptions.rb:29:in `call'","lib/gitlab/middleware/basic_health_check.rb:25:in `call'","lograge (0.11.2) lib/lograge/rails_ext/rack/logger.rb:15:in `call_app'","railties (7.0.8.4) lib/rails/rack/logger.rb:25:in `block in call'","activesupport (7.0.8.4) lib/active_support/tagged_logging.rb:99:in `block in tagged'","activesupport (7.0.8.4) lib/active_support/tagged_logging.rb:37:in `tagged'","activesupport (7.0.8.4) lib/active_support/tagged_logging.rb:99:in `tagged'","railties (7.0.8.4) lib/rails/rack/logger.rb:25:in `call'","actionpack (7.0.8.4) lib/action_dispatch/middleware/remote_ip.rb:93:in `call'","lib/gitlab/middleware/handle_ip_spoof_attack_error.rb:25:in `call'","lib/gitlab/middleware/request_context.rb:15:in `call'","lib/gitlab/middleware/webhook_recursion_detection.rb:15:in `call'","request_store (1.5.1) lib/request_store/middleware.rb:19:in `call'","rack (2.2.9) lib/rack/method_override.rb:24:in `call'","rack (2.2.9) lib/rack/runtime.rb:22:in `call'","rack-timeout (0.7.0) lib/rack/timeout/core.rb:154:in `block in call'","rack-timeout (0.7.0) lib/rack/timeout/support/timeout.rb:19:in `timeout'","rack-timeout (0.7.0) lib/rack/timeout/core.rb:153:in `call'","config/initializers/fix_local_cache_middleware.rb:11:in `call'","lib/gitlab/middleware/compressed_json.rb:44:in `call'","actionpack (7.0.8.4) lib/action_dispatch/middleware/executor.rb:14:in `call'","lib/gitlab/middleware/rack_multipart_tempfile_factory.rb:19:in `call'","rack (2.2.9) lib/rack/sendfile.rb:110:in `call'","lib/gitlab/middleware/sidekiq_web_static.rb:20:in `call'","lib/gitlab/metrics/requests_rack_middleware.rb:79:in `call'","gitlab-labkit (0.36.1) lib/labkit/middleware/rack.rb:22:in `block in call'","gitlab-labkit (0.36.1) lib/labkit/context.rb:35:in `with_context'","gitlab-labkit (0.36.1) lib/labkit/middleware/rack.rb:21:in `call'","actionpack (7.0.8.4) lib/action_dispatch/middleware/request_id.rb:26:in `call'","actionpack (7.0.8.4) lib/action_dispatch/middleware/host_authorization.rb:131:in `call'","railties (7.0.8.4) lib/rails/engine.rb:530:in `call'","railties (7.0.8.4) lib/rails/railtie.rb:226:in `public_send'","railties (7.0.8.4) lib/rails/railtie.rb:226:in `method_missing'","lib/gitlab/middleware/release_env.rb:13:in `call'","rack (2.2.9) lib/rack/urlmap.rb:74:in `block in call'","rack (2.2.9) lib/rack/urlmap.rb:58:in `each'","rack (2.2.9) lib/rack/urlmap.rb:58:in `call'","puma (6.4.0) lib/puma/configuration.rb:272:in `call'","puma (6.4.0) lib/puma/request.rb:100:in `block in handle_request'","puma (6.4.0) lib/puma/thread_pool.rb:378:in `with_force_shutdown'","puma (6.4.0) lib/puma/request.rb:99:in `handle_request'","puma (6.4.0) lib/puma/server.rb:443:in `process_client'","puma (6.4.0) lib/puma/server.rb:241:in `block in run'","puma (6.4.0) lib/puma/thread_pool.rb:155:in `block in spawn_thread'"],"exception.cause_class":"OpenSSL::Digest::DigestError","db_duration_s":0.0083,"view_duration_s":0.0,"duration_s":0.07877}

Output of checks

Results of GitLab environment info

Expand for output related to GitLab environment info 

System information
System:         Ubuntu 20.04
Proxy:          no
Current User:   git
Using RVM:      no
Ruby Version:   3.1.5p253
Gem Version:    3.5.17
Bundler Version:2.5.11
Rake Version:   13.0.6
Redis Version:  7.0.15
Sidekiq Version:7.2.4
Go Version:     unknown

GitLab information
Version:        17.4.1-ee
Revision:       40bdc966046
Directory:      /opt/gitlab/embedded/service/gitlab-rails
DB Adapter:     PostgreSQL
DB Version:     14.11
URL:            http://fips.env-dc54e0c7.gcp.gitlabsandbox.net
HTTP Clone URL: http://fips.env-dc54e0c7.gcp.gitlabsandbox.net/some-group/some-project.git
SSH Clone URL:  git@fips.env-dc54e0c7.gcp.gitlabsandbox.net:some-group/some-project.git
Elasticsearch:  no
Geo:            no
Using LDAP:     no
Using Omniauth: yes
Omniauth Providers: 

GitLab Shell
Version:        14.39.0
Repository storages:
- default:      unix:/var/opt/gitlab/gitaly/gitaly.socket
GitLab Shell path:              /opt/gitlab/embedded/service/gitlab-shell

Gitaly
- default Address:      unix:/var/opt/gitlab/gitaly

Results of GitLab application Check

Expand for output related to the GitLab application check 
root@fipstest:~# sudo gitlab-rake gitlab:env:info

System information
System:         Ubuntu 20.04
Proxy:          no
Current User:   git
Using RVM:      no
Ruby Version:   3.1.5p253
Gem Version:    3.5.17
Bundler Version:2.5.11
Rake Version:   13.0.6
Redis Version:  7.0.15
Sidekiq Version:7.2.4
Go Version:     unknown


GitLab information
Version:        17.4.1-ee
Revision:       40bdc966046
Directory:      /opt/gitlab/embedded/service/gitlab-rails
DB Adapter:     PostgreSQL
DB Version:     14.11
URL:            http://fips.env-dc54e0c7.gcp.gitlabsandbox.net
HTTP Clone URL: http://fips.env-dc54e0c7.gcp.gitlabsandbox.net/some-group/some-project.git
SSH Clone URL:  git@fips.env-dc54e0c7.gcp.gitlabsandbox.net:some-group/some-project.git
Elasticsearch:  no
Geo:            no
Using LDAP:     no
Using Omniauth: yes
Omniauth Providers:


GitLab Shell
Version:        14.39.0
Repository storages:
  • default: unix:/var/opt/gitlab/gitaly/gitaly.socket GitLab Shell path: /opt/gitlab/embedded/service/gitlab-shell

Gitaly

  • default Address: unix:/var/opt/gitlab/gitaly/gitaly.socket
  • default Version: 17.4.1
  • default Git Version: 2.46.0 root@fipstest:~# sudo gitlab-rake gitlab:check SANITIZE=true Checking GitLab subtasks ...

Checking GitLab Shell ...

GitLab Shell: ... GitLab Shell version >= 14.39.0 ? ... OK (14.39.0) Running /opt/gitlab/embedded/service/gitlab-shell/bin/gitlab-shell-check Internal API available: OK Redis available via internal API: OK gitlab-shell self-check successful

Checking GitLab Shell ... Finished

Checking Gitaly ...

Gitaly: ... default ... OK

Checking Gitaly ... Finished

Checking Sidekiq ...

Sidekiq: ... Running? ... yes Number of Sidekiq processes (cluster/worker) ... 1/1

Checking Sidekiq ... Finished

Checking Incoming Email ...

Incoming Email: ... Reply by email is disabled in config/gitlab.yml

Checking Incoming Email ... Finished

Checking LDAP ...

LDAP: ... LDAP is disabled in config/gitlab.yml

Checking LDAP ... Finished

Checking GitLab App ...

Database config exists? ... yes Tables are truncated? ... skipped All migrations up? ... yes Database contains orphaned GroupMembers? ... no GitLab config exists? ... yes GitLab config up to date? ... yes Cable config exists? ... yes Resque config exists? ... yes Log directory writable? ... yes Tmp directory writable? ... yes Uploads directory exists? ... yes Uploads directory has correct permissions? ... yes Uploads directory tmp has correct permissions? ... skipped (no tmp uploads folder yet) Systemd unit files or init script exist? ... skipped (omnibus-gitlab has neither init script nor systemd units) Systemd unit files or init script up-to-date? ... skipped (omnibus-gitlab has neither init script nor systemd units) Projects have namespace: ... can't check, you have no projects Redis version >= 6.2.14? ... yes Ruby version >= 3.0.6 ? ... yes (3.1.5) Git user has default SSH configuration? ... yes Active users: ... 1 Is authorized keys file accessible? ... yes GitLab configured to store new projects in hashed storage? ... yes All projects are in hashed storage? ... yes Elasticsearch version 7.x-8.x or OpenSearch version 1.x ... skipped (Advanced Search is disabled) All migrations must be finished before doing a major upgrade ... skipped (Advanced Search is disabled)

Checking GitLab App ... Finished

Checking GitLab subtasks ... Finished

Possible fixes

https://gitlab.com/gitlab-org/gitlab/-/blob/master/app/models/instance_configuration.rb#L175
https://gitlab.com/gitlab-org/gitlab/-/blob/master/app/models/instance_configuration.rb#L164

One possible fix is when we realize FIPS mode is active is to not attempt to render the MD5 hash.

Edited by 🤖 GitLab Bot 🤖