Can not use allow_local_requests_from_hooks_and_services attribute with gitlab 12.1

Summary

Can not using allow_local_requests_from_hooks_and_services attribute with gitlab 12.1

Steps to reproduce

Using root account to login to gitlab, access Admin Area-->Settings-->Network

What is the current bug behavior?

Got 500 internal error

What is the expected correct behavior?

can access to this screen

Relevant logs

ActionView::Template::Error (undefined method `allow_local_requests_from_hooks_and_services' for # Did you mean? allow_local_requests_from_web_hooks_and_services allow_local_requests_from_web_hooks_and_services? allow_local_requests_from_web_hooks_and_services= allow_local_requests_from_web_hooks_and_services_was allow_local_requests_from_web_hooks_and_services_change): 4: %fieldset 5: .form-group 6: .form-check 7: = f.check_box :allow_local_requests_from_hooks_and_services, class: 'form-check-input' 8: = f.label :allow_local_requests_from_hooks_and_services, class: 'form-check-label' do 9: Allow requests to the local network from hooks and services 10:

app/views/admin/application_settings/_outbound.html.haml:7:in block in _app_views_admin_application_settings__outbound_html_haml___4185815194167942773_70210146176260' app/views/admin/application_settings/_outbound.html.haml:1:in _app_views_admin_application_settings__outbound_html_haml___4185815194167942773_70210146176260' app/views/admin/application_settings/network.html.haml:36:in _app_views_admin_application_settings_network_html_haml__2558519709331380592_70210138316740' app/controllers/application_controller.rb:117:in render' lib/gitlab/session.rb:11:in with_session' app/controllers/application_controller.rb:445:in set_session_storage' lib/gitlab/i18n.rb:55:in with_locale' lib/gitlab/i18n.rb:61:in with_user_locale' app/controllers/application_controller.rb:439:in set_locale' lib/gitlab/middleware/rails_queue_duration.rb:27:in call' lib/gitlab/metrics/rack_middleware.rb:17:in block in call' lib/gitlab/metrics/transaction.rb:57:in run' lib/gitlab/metrics/rack_middleware.rb:17:in call' lib/gitlab/middleware/multipart.rb:103:in call' lib/gitlab/request_profiler/middleware.rb:16:in call' lib/gitlab/middleware/go.rb:20:in call' lib/gitlab/etag_caching/middleware.rb:13:in call' lib/gitlab/middleware/correlation_id.rb:16:in block in call' lib/gitlab/middleware/correlation_id.rb:15:in call' lib/gitlab/middleware/read_only/controller.rb:40:in call' lib/gitlab/middleware/read_only.rb:18:in call' lib/gitlab/middleware/basic_health_check.rb:25:in call' lib/gitlab/request_context.rb:26:in call' lib/gitlab/metrics/requests_rack_middleware.rb:29:in call' lib/gitlab/middleware/release_env.rb:12:in `call' Started GET "/-/liveness?token=[FILTERED]" for 10.191.199.248 at 2019-08-26 14:27:20 +0900 Processing by HealthController#liveness as HTML Parameters: {"token"=>"[FILTERED]"} Completed 200 OK in 1ms (Views: 0.2ms | ActiveRecord: 0.0ms)

==> /var/log/gitlab/gitlab-rails/production_json.log <== {"method":"GET","path":"/admin/application_settings/network","format":"html","controller":"Admin::ApplicationSettingsController","action":"network","status":500,"error":"ActionView::Template::Error: undefined method `allow_local_requests_from_hooks_and_services' for #ApplicationSetting:0x00007fb624b3a010\nDid you mean? allow_local_requests_from_web_hooks_and_services\n allow_local_requests_from_web_hooks_and_services?\n allow_local_requests_from_web_hooks_and_services=\n allow_local_requests_from_web_hooks_and_services_was\n allow_local_requests_from_web_hooks_and_services_change","duration":334.19,"view":0.0,"db":39.99,"time":"2019-08-26T05:27:20.339Z","params":[],"remote_ip":"219.117.237.241","user_id":1,"username":"root","ua":"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.100 Safari/537.36","queue_duration":5.37,"correlation_id":"UUhLEMwqHd8"} {"method":"GET","path":"/-/liveness","format":"html","controller":"HealthController","action":"liveness","status":200,"duration":0.69,"view":0.2,"db":0.0,"time":"2019-08-26T05:27:20.557Z","params":[{"key":"token","value":"[FILTERED]"}],"remote_ip":null,"user_id":null,"username":null,"ua":null,"queue_duration":null,"correlation_id":"XBUhZqL8FEa"}

==> /var/log/gitlab/gitlab-workhorse/current <== {"correlation_id":"UUhLEMwqHd8","duration":0.358633162,"host":"abc.com","level":"info","method":"GET","msg":"access","proto":"HTTP/1.1","referer":"","remoteAddr":"219.117.237.241:0","remoteIp":"219.117.237.241","status":500,"system":"http","time":"2019-08-26T14:27:20+09:00","uri":"/admin/application_settings/network","userAgent":"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.100 Safari/537.36","written":2926}

Details of package version

Provide the package version installation details

System information System: Current User: git Using RVM: no Ruby Version: 2.6.3p62 Gem Version: 2.7.9 Bundler Version:1.17.3 Rake Version: 12.3.2 Redis Version: 3.2.12 Git Version: 2.21.0 Sidekiq Version:5.2.7 Go Version: unknown

GitLab information Version: 12.1.0 Revision: 295480f4553 Directory: /opt/gitlab/embedded/service/gitlab-rails DB Adapter: PostgreSQL DB Version: 9.6.11 URL: https://abc.com HTTP Clone URL: https://abc.com/some-group/some-project.git SSH Clone URL: git@abc.com:some-group/some-project.git Using LDAP: no Using Omniauth: yes Omniauth Providers: saml

GitLab Shell Version: 9.3.0 Repository storage paths:

default: /gitlab-nfs/gitlab-data/git-data/repositories GitLab Shell path: /opt/gitlab/embedded/service/gitlab-shell Git: /opt/gitlab/embedded/bin/git

Environment details

Operating System: RedHat7
Installation Target, remove incorrect values:
- VM: Digital Ocean, AWS, GCP, Azure, Other AWS
Installation Type, remove incorrect values:
- Upgrade from version 11.4
Is there any other software running on the machine: No
Is this a single or multiple node installation?
Resources
- CPU: 4 core
- Memory total: 16GB

Configuration details

Provide the relevant sections of `/etc/gitlab/gitlab.rb`


#Gitlab
git_data_dirs({
   "default" => {
      "path" => "/gitlab-nfs/gitlab-data/git-data"
  }
})
user['home'] = '/gitlab-nfs/gitlab-data/home'
gitlab_rails['uploads_directory'] = '/gitlab-nfs/gitlab-data/uploads'
gitlab_rails['shared_path'] = '/gitlab-nfs/gitlab-data/shared'
gitlab_ci['builds_directory'] = '/gitlab-nfs/gitlab-data/builds'

#Database
gitlab_rails['db_adapter'] = "postgresql"
gitlab_rails['db_encoding'] = "unicode"
gitlab_rails['db_database'] = “XXX”
gitlab_rails['db_username'] = “XXX”
gitlab_rails['db_password'] = “XXX”
gitlab_rails['db_host'] = ‘XXX’

#Redis cache
gitlab_rails['redis_host'] = ‘XXX’
gitlab_rails['redis_port'] = 6379

user['username'] = "git"
user['group'] = "git"

#Ensure UIDs and GIDs match between servers for permissions via NFS
user['uid'] = 9000
user['gid'] = 9000
web_server['uid'] = 9001
web_server['gid'] = 9001
registry['uid'] = 9002
registry['gid'] = 9002

#Prevent GitLab from starting if NFS data mounts are not available
#high_availability['mountpoint'] = '/gitlab-nfs/gitlab-data/git-data'

#backup path
gitlab_rails['backup_path'] = '/gitlab-nfs/gitlab-data/backups'
##Limit backup lifetime to 3  days - 259200 seconds
gitlab_rails['backup_keep_time'] = 259200
#Disable components that will not be on the GitLab application server
#roles ['application_role']

#Nginx
external_url 'https://abc.com'
nginx['redirect_http_to_https'] = true
nginx['proxy_set_headers'] = {
  "X-Forwarded-Proto" => "http",
  "X-Forwarded-Port" => "80"
}

#Add ALB
nginx['real_ip_trusted_addresses'] = [ '10.0.0.0/16' ]
nginx['real_ip_header'] = 'X-Forwarded-For'
nginx['real_ip_recursive'] = 'on'
nginx['listen_port'] = 80
nginx['listen_https'] = false

#Enable SAML

gitlab_rails['omniauth_enabled'] = true
gitlab_rails['omniauth_allow_single_sign_on'] = ['saml']
# gitlab_rails['omniauth_sync_email_from_provider'] = 'saml'
# gitlab_rails['omniauth_sync_profile_from_provider'] = ['saml']
#gitlab_rails['omniauth_sync_profile_attributes'] = ['name','email']
gitlab_rails['omniauth_auto_sign_in_with_provider'] = 'saml'
gitlab_rails['omniauth_block_auto_created_users'] = false
#
gitlab_rails['omniauth_auto_link_ldap_user'] = false
gitlab_rails['omniauth_auto_link_saml_user'] = true
gitlab_rails['omniauth_providers'] = [
{
name: 'saml',
#groups_attribute: 'Groups',
#external_groups:[''],
args:{
	assertion_consumer_service_url: 'https://abc.com/users/auth/saml/callback',
	idp_cert_fingerprint: ‘XXX’,
	idp_sso_target_url: 'https://acb.com/sso/saml',
	issuer: 'https://abc.com/',
	name_identifier_format: 'urn:oasis:names:tc:SAML:2.0:nameid-format:Unspecified',
	attribute_statements: { email: ['MailAddress'] },
        upstream_two_factor_authn_contexts:
               %w(
                 urn:oasis:names:tc:SAML:2.0:ac:classes:CertificateProtectedTransport
                 urn:oasis:names:tc:SAML:2.0:ac:classes:SecondFactorOTPSMS
                 urn:oasis:names:tc:SAML:2.0:ac:classes:SecondFactorIGTOKEN
               )
	},
label: 'Okta'
}]

# Enable rack attack for basic authen (from git client)
gitlab_rails['rack_attack_git_basic_auth'] = {
   'enabled' => true,
   'ip_whitelist' => %w(“XXX/32”,
                      “XXX/24"),
   'maxretry' => 10, # Limit the number of Git HTTP authentication attempts per IP
   'findtime' => 60, # Reset the auth attempt counter per IP after 60 seconds
   'bantime' => 3600 # Ban an IP for one hour (3600s) after too many auth attempts
 }

#enable Grapfana
grafana['gitlab_application_id'] = ‘XXX’
grafana['gitlab_secret'] = ‘XXX’

/label ~bug ~webhooks

Edited Aug 27, 2019 by Nhựt Lê Minh