在极狐Gitlab备份恢复过程中,如果没有恢复 gitlab-secrets.json 密钥文件,会造成部分页面访问出现 500 错误,比如:
- admin runners查看页面:http://<gitlab>/admin/runners
- 项目ci/cd设置页面:http://<gitlab>/<group>/<project>/-/settings/ci_cd
- 项目的 webhook 设置页面
/var/log/gitlab/gitlab-rails/production.log 中报错:
Started GET "/admin/runners" for 10.10.10.1 at 2022-09-06 16:47:23 +0800
Processing by Admin::RunnersController#index as HTML
Rendered layout layouts/admin.html.haml (Duration: 33.1ms | Allocations: 46956)
Completed 500 Internal Server Error in 60ms (ActiveRecord: 4.0ms | Elasticsearch: 0.0ms | Allocations: 57308)
ActionView::Template::Error ():
39:
40: .col-sm-6
41: .bs-callout
42: = render partial: 'ci/runner/how_to_setup_runner',
43: locals: { registration_token: Gitlab::CurrentSettings.runners_registration_token,
44: type: 'shared',
45: reset_token_url: reset_registration_token_admin_application_settings_path,
lib/gitlab/crypto_helper.rb:28:in `aes256_gcm_decrypt'
app/models/concerns/token_authenticatable_strategies/encryption_helper.rb:18:in `decrypt_token'
app/models/concerns/token_authenticatable_strategies/encrypted.rb:45:in `get_token'
app/models/concerns/token_authenticatable_strategies/base.rb:38:in `ensure_token!'
app/models/concerns/token_authenticatable.rb:48:in `block in add_authentication_token_field'
app/models/application_setting_implementation.rb:365:in `runners_registration_token'
lib/gitlab/current_settings.rb:32:in `method_missing'
app/views/admin/runners/index.html.haml:42
app/controllers/application_controller.rb:128:in `render'
ee/lib/gitlab/ip_address_state.rb:10:in `with'
ee/app/controllers/ee/application_controller.rb:40:in `set_current_ip_address'
app/controllers/application_controller.rb:487:in `set_current_admin'
lib/gitlab/session.rb:11:in `with_session'
app/controllers/application_controller.rb:478:in `set_session_storage'
lib/gitlab/i18n.rb:99:in `with_locale'
lib/gitlab/i18n.rb:105:in `with_user_locale'
app/controllers/application_controller.rb:472:in `set_locale'
app/controllers/application_controller.rb:466:in `set_current_context'
lib/gitlab/metrics/elasticsearch_rack_middleware.rb:16:in `call'
lib/gitlab/middleware/rails_queue_duration.rb:33:in `call'
lib/gitlab/metrics/rack_middleware.rb:16:in `block in call'
lib/gitlab/metrics/web_transaction.rb:21:in `run'
lib/gitlab/metrics/rack_middleware.rb:16:in `call'
lib/gitlab/middleware/speedscope.rb:13:in `call'
lib/gitlab/request_profiler/middleware.rb:17:in `call'
lib/gitlab/jira/middleware.rb:19:in `call'
lib/gitlab/middleware/go.rb:20:in `call'
lib/gitlab/etag_caching/middleware.rb:21:in `call'
lib/gitlab/middleware/multipart.rb:172:in `call'
lib/gitlab/middleware/read_only/controller.rb:50:in `call'
lib/gitlab/middleware/read_only.rb:18:in `call'
lib/gitlab/middleware/same_site_cookies.rb:27:in `call'
lib/gitlab/middleware/handle_malformed_strings.rb:21:in `call'
lib/gitlab/middleware/basic_health_check.rb:25:in `call'
lib/gitlab/middleware/handle_ip_spoof_attack_error.rb:25:in `call'
lib/gitlab/middleware/request_context.rb:21:in `call'
config/initializers/fix_local_cache_middleware.rb:11:in `call'
lib/gitlab/middleware/rack_multipart_tempfile_factory.rb:19:in `call'
lib/gitlab/metrics/requests_rack_middleware.rb:74:in `call'
lib/gitlab/middleware/release_env.rb:12:in `call'
或者 /var/log/gitlab/gitlab-rails/production_json.log 报错:
{"method":"GET","path":"/admin/runners","format":"html","controller":"Admin::RunnersController","action":"index","status":500,"time":"2022-09-06T08:47:23.493Z","params":[],"remote_ip":"10.10.10.1","user_id":1,"username":"root","ua":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36 Edg/105.0.1343.27","correlation_id":"01GC8ZQ4RZWWHMKYQN6N1J5KHF","meta.user":"root","meta.caller_id":"Admin::RunnersController#index","meta.remote_ip":"10.10.10.1","meta.feature_category":"continuous_integration","meta.client_id":"user/1","redis_calls":5,"redis_duration_s":0.001087,"redis_read_bytes":215,"redis_write_bytes":1445,"redis_cache_calls":4,"redis_cache_duration_s":0.000796,"redis_cache_read_bytes":4,"redis_cache_write_bytes":704,"redis_shared_state_calls":1,"redis_shared_state_duration_s":0.000291,"redis_shared_state_read_bytes":211,"redis_shared_state_write_bytes":741,"db_count":7,"db_write_count":0,"db_cached_count":0,"cpu_s":0.065872,"mem_objects":63133,"mem_bytes":4747280,"mem_mallocs":17565,"mem_total_bytes":7272600,"queue_duration_s":0.005334,"exception.class":"ActionView::Template::Error","exception.message":"","exception.backtrace":["lib/gitlab/crypto_helper.rb:28:in `aes256_gcm_decrypt'","app/models/concerns/token_authenticatable_strategies/encryption_helper.rb:18:in `decrypt_token'","app/models/concerns/token_authenticatable_strategies/encrypted.rb:45:in `get_token'","app/models/concerns/token_authenticatable_strategies/base.rb:38:in `ensure_token!'","app/models/concerns/token_authenticatable.rb:48:in `block in add_authentication_token_field'","app/models/application_setting_implementation.rb:365:in `runners_registration_token'","lib/gitlab/current_settings.rb:32:in `method_missing'","app/views/admin/runners/index.html.haml:42","app/controllers/application_controller.rb:128:in `render'","ee/lib/gitlab/ip_address_state.rb:10:in `with'","ee/app/controllers/ee/application_controller.rb:40:in `set_current_ip_address'","app/controllers/application_controller.rb:487:in `set_current_admin'","lib/gitlab/session.rb:11:in `with_session'","app/controllers/application_controller.rb:478:in `set_session_storage'","lib/gitlab/i18n.rb:99:in `with_locale'","lib/gitlab/i18n.rb:105:in `with_user_locale'","app/controllers/application_controller.rb:472:in `set_locale'","app/controllers/application_controller.rb:466:in `set_current_context'","lib/gitlab/metrics/elasticsearch_rack_middleware.rb:16:in `call'","lib/gitlab/middleware/rails_queue_duration.rb:33:in `call'","lib/gitlab/metrics/rack_middleware.rb:16:in `block in call'","lib/gitlab/metrics/web_transaction.rb:21:in `run'","lib/gitlab/metrics/rack_middleware.rb:16:in `call'","lib/gitlab/middleware/speedscope.rb:13:in `call'","lib/gitlab/request_profiler/middleware.rb:17:in `call'","lib/gitlab/jira/middleware.rb:19:in `call'","lib/gitlab/middleware/go.rb:20:in `call'","lib/gitlab/etag_caching/middleware.rb:21:in `call'","lib/gitlab/middleware/multipart.rb:172:in `call'","lib/gitlab/middleware/read_only/controller.rb:50:in `call'","lib/gitlab/middleware/read_only.rb:18:in `call'","lib/gitlab/middleware/same_site_cookies.rb:27:in `call'","lib/gitlab/middleware/handle_malformed_strings.rb:21:in `call'","lib/gitlab/middleware/basic_health_check.rb:25:in `call'","lib/gitlab/middleware/handle_ip_spoof_attack_error.rb:25:in `call'","lib/gitlab/middleware/request_context.rb:21:in `call'","config/initializers/fix_local_cache_middleware.rb:11:in `call'","lib/gitlab/middleware/rack_multipart_tempfile_factory.rb:19:in `call'","lib/gitlab/metrics/requests_rack_middleware.rb:74:in `call'","lib/gitlab/middleware/release_env.rb:12:in `call'"],"db_duration_s":0.00403,"view_duration_s":0.0,"duration_s":0.06002}
这时候解决方法有两种:
-
重新恢复 gitlab-secrets.json 文件,然后 gitlab-ctl reconfigure && gitlab-ctl restart
-
根据 when-the-secrets-file-is-lost | GitLab 重置 secret,但会丢失一些数据
$ gitlab-rails dbconsole
SELECT * FROM public."ci_group_variables";
SELECT * FROM public."ci_variables";
DELETE FROM ci_group_variables;
DELETE FROM ci_variables;
UPDATE projects SET runners_token = null, runners_token_encrypted = null;
UPDATE namespaces SET runners_token = null, runners_token_encrypted = null;
UPDATE application_settings SET runners_registration_token_encrypted = null;
UPDATE application_settings SET encrypted_ci_jwt_signing_key = null;
UPDATE ci_runners SET token = null, token_encrypted = null;
UPDATE ci_builds SET token = null, token_encrypted = null;
TRUNCATE integrations, chat_names, issue_tracker_data, jira_tracker_data, slack_integrations, web_hooks, zentao_tracker_data, web_hook_logs;
# TRUNCATE chat_names, issue_tracker_data, jira_tracker_data, slack_integrations, web_hooks, web_hook_logs CASCADE;
gitlab拆分Redis、Nginx、PG后,启动失败36 人气#安装配置
测试图片是否可以正常打开55 人气#CI/CD
测试贴,请忽略35 人气#其他
Ubuntu 22.04 安装 Gitlab 16.11.1成功后一88 人气#安装配置
小马哥
关注公众号
添加专业顾问
徐晓伟
m3lony.💭
我心无窍