Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Invalid projects URL prevent authentication #74

Open
simon-jouet opened this issue May 10, 2019 · 5 comments
Open

Invalid projects URL prevent authentication #74

simon-jouet opened this issue May 10, 2019 · 5 comments

Comments

@simon-jouet
Copy link

First off, thanks for verdaccio-gitlab it's been great to use!

I just migrated my gitlab from one server to another and moved verdaccio with it. At the same time I upgraded the version of both gitlab and verdaccio but I'm running into some issues now with the authentication.

Looking a bit into it I get this error from verdaccio

[2019-05-10 09:04:20]  info <-- 10.0.1.4 requested 'PUT /-/user/org.couchdb.user:simon-jouet'
[2019-05-10 09:04:20]  error--- [gitlab] user: simon-jouet error querying gitlab: StatusCodeError: 404 - {"error":"404 Not Found"}
[2019-05-10 09:04:20]  http <-- 401, user: null(62.30.156.32 via 10.0.1.4), req: 'PUT /-/user/org.couchdb.user:simon-jouet', error: error authenticating user
[2019-05-10 09:04:20]  http <-- 401, user: null(62.30.156.32 via 10.0.1.4), req: 'PUT /-/user/org.couchdb.user:simon-jouet', error: error authenticating user

and looking into gitlab API logs, I noticed that url called to get the projects is incorrect

10.0.3.4 - - [10/May/2019:09:04:20 +0000] "GET /api/v4/user HTTP/1.1" 200 810 "" "-"
10.0.3.4 - - [10/May/2019:09:04:20 +0000] "GET /api/v4/groups?min_access_level=40 HTTP/1.1" 200 563 "" "-"
10.0.3.4 - - [10/May/2019:09:04:20 +0000] "GET /api/v4/projects?min_access_level=40 HTTP/1.1" 200 39581 "" "-"
10.0.3.4 - - [10/May/2019:09:04:20 +0000] "GET /api/v4/https://<my_gitlab_url>/api/v4/projects?membership=false&min_access_level=40&order_by=created_at&owned=false&page=2&per_page=20&simple=false&sort=desc&starred=false&statistics=false&with_custom_attributes=false&with_issues_enabled=false&with_merge_requests_enabled=false HTTP/1.1" 404 25 "" "-"

In that you can see that the final call is /api/v4 but then the aboslute url to the gitlab project is used.

For the time being I reverted to the previous version of verdaccio-gitlab with image: bufferoverflow/verdaccio-gitlab@sha256:1a5c2e910cff98f2ab3c8030c868c8d2013274f0a0edaf83ba6a01270f5900ef and it seems to be working.

@dlouzan
Copy link
Collaborator

dlouzan commented May 10, 2019

This is a quite funny effect. Seems to have been introduced by #62 but caused by the Gitlab library itself, not us. One of the changes in that PR was to use the projects API call, but somehow it builds the query to gitlab incorrectly. I wasn't myself able to reproduce the issue.

I checked the changelog of the gitlab library but didn't find anything in this direction.

@bufferoverflow @jstarry What do you think?

@dlouzan
Copy link
Collaborator

dlouzan commented May 10, 2019

@simon-jouet No sorry, my mistake, I'm diving deeper into this but I don't think the request comes from verdaccio-gitlab, the correct projects call is just before the funny query. I don't think the query in gitlab is coming from us, and in fact you can see in the logs that verdaccio-gitlab reports a 401 (missing auth).

Are you sure you don't have some extra plugin around querying that?

@dlouzan
Copy link
Collaborator

dlouzan commented May 10, 2019

Otherwise this might have to do with the latest changes in verdaccio, or the logs are out of order :-?

@dlouzan
Copy link
Collaborator

dlouzan commented May 10, 2019

@simon-jouet Are you by chance using url_prefix in verdaccio with a full url? If so, this might be a regression somehow caused by verdaccio/verdaccio#1299

@simon-jouet
Copy link
Author

Thanks @dlouzan, getting back to you on the points you've made

Are you sure you don't have some extra plugin around querying that?

Yeah no other plugins, just a docker stack for verdaccio-gitlab with verdaccio.yaml nothing else

  verdaccio:
    image: bufferoverflow/verdaccio-gitlab@sha256:1a5c2e910cff98f2ab3c8030c868c8d2013274f0a0edaf83ba6a01270f5900ef
    configs:
      - source: verdaccio-config
        target: /verdaccio/conf/config.yaml
    networks:
      - default
      - proxy
    volumes:
      - verdaccio:/verdaccio/storage
    deploy:
      placement:
        constraints: [node.labels.gitlab == true]

@simon-jouet Are you by chance using url_prefix in verdaccio with a full url? If so, this might be a regression somehow caused by verdaccio/verdaccio#1299

I'm not no, I've posted the config below and I think it's a fairly out-the-box one

storage: /verdaccio/storage/data

plugins: /verdaccio/plugins

listen:
  - 0.0.0.0:4873

auth:
  gitlab:
    url: http://gitlab
    authCache:
      enabled: true
      ttl: 300
    # publish: $developer

uplinks:
  npmjs:
    url: https://registry.npmjs.org/

packages:
  '@*/*':
    # scoped packages
    access: $authenticated
    publish: $authenticated
    proxy: npmjs
    gitlab: true

  '**':
    access: $authenticated
    publish: $authenticated
    proxy: npmjs
    gitlab: true

# Log level can be changed to info, http etc. for less verbose output
logs:
  - {type: stdout, format: pretty-timestamped, level: debug}

Otherwise this might have to do with the latest changes in verdaccio, or the logs are out of order :-?

I would think it's something to do with the latest changes considering that the exact same config with a rollback in version is working without any problems (using the same version of gitlab)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants