terrakube icon indicating copy to clipboard operation
terrakube copied to clipboard

Published 20 hours ago verified publisher icon AzBuilder

Gitlab CE integration assumes HTTPS deployment of Terrakube

Open AlejandroGarcia95 opened this issue 7 months ago • 2 comments

Bug description 🐞

We have noticed this while trying to integrate Terrakube with our own Gitlab CE instance. The GitlabToken classes that implement the VCS integration with Gitlab assume Terrakube is deployed with HTTPS enabled, and they have the https URL scheme hardcoded (for example, here). Of course, this might not be the case, as Terrakube can be deployed without enabling HTTPS. Additionally, this is inconsistent with the redirect_uri shown in the Terrakube UI, as the UI itself can correctly detect the http scheme.

The result is that the integration itself fails with the following page on the Terrakube UI: image

Inspecting the logs on Gitlab, you can see the problem is that the redirect_uri used is using https:

2024-06-18 18:39:45.903 ERROR 1 --- [nio-8080-exec-5] o.a.c.c.C.[.[.[/].[dispatcherServlet]    : Servlet.service() for servlet [dispatcherServlet] in context with path [] threw exception [Request processing failed; nested exception is org.springframework.web.reactive.function.client.WebClientResponseException$BadRequest: 400 Bad Request from POST http://whitecicd-webservice.tcloud.whitestack.com/oauth/token?client_id=e0075541692aa5bd73962df9469842e0605262a01f35e2c5b35ec3e5340bc074&client_secret=gloas-2e182eb2d98328494584bac7a2ff2bfb26cd54433ba1ae4a9bc3b2476b32c13a&code=cf43ddd3c96c888e596d10b276c6ca49cf2947b9907daf467f393ba3de72647c&grant_type=authorization_code&redirect_uri=https://terrakube-api.tcloud.whitestack.com/callback/v1/vcs/32bf4d70-2da0-11ef-824a-6d5dccf13a80] with root cause

If I understood well, this does not happen when using Gitlab cloud, as the redirect_uri is not used for that integration.

Also, I can confirm that if Terrakube is deployed with HTTPS enabled, the integration works.

Steps to reproduce

  • Install Gitlab CE (we are using their upstream Helm chart).

  • Install latest Terrakube without HTTPS support.

  • Follow the integration docs for Gitlab CE to try and integrate Terrakube with Gitlab.

Expected behavior

Integration should work without HTTPS enabled on Terrakube.

Example repository

No response

Anything else?

No response

AlejandroGarcia95 avatar Jun 26 '24 16:06 AlejandroGarcia95