Login with Github always redirects back to the Login page
rahul-roy-glean opened this issue · 14 comments
I'm trying out the self-hosted setup with Docker compose and trying to enable a login with GH.
I have setup the GH app as mentioned in the guide and trying to login with the same.
My docker compose looks like -
version: "3"
services:
gateway:
image: codecov/self-hosted-gateway:latest-stable #note: this is for setup purposes only, be sure to pin to the latest release from our changelog: https://docs.codecov.io/changelog
volumes:
- ./config:/config
- ${CODECOV_SSL_CERT-/cert/codecov.pem}:/etc/codecov/ssl/certs/cert.crt:ro # uncomment if using ssl
- ${CODECOV_SSL_KEY-/cert/privkey.pem}:/etc/codecov/ssl/certs/cert.crt.key:ro
ports:
- "${CODECOV_PORT-8080}:8080"
- "${CODECOV_SSL_PORT-8443}:8443" # uncomment if using ssl
environment:
- CODECOV_GATEWAY_MINIO_ENABLED=true
- CODECOV_GATEWAY_SSL_ENABLED=true # uncomment if using ssl
networks:
- codecov
depends_on:
- api
- frontend
frontend:
image: codecov/self-hosted-frontend:latest-stable #note: this is for setup purposes only, be sure to pin to the latest release from our changelog: https://docs.codecov.io/changelog
environment:
- CODECOV_BASE_HOST=localhost:8443
- CODECOV_API_HOST=localhost:8443
- CODECOV_IA_HOST=localhost:8443
- CODECOV_SCHEME=http
volumes:
- ./config:/config:z
- ${CODECOV_SSL_CERT-/cert/codecov.pem}:/etc/nginx/codecov.crt:ro
- ${CODECOV_SSL_KEY-/cert/privkey.pem}:/etc/nginx/codecov.key:ro
ports:
- "8080"
networks:
- codecov
api:
image: codecov/self-hosted-api:latest-stable #note: this is for setup purposes only, be sure to pin to the latest release from our changelog: https://docs.codecov.io/changelog
volumes:
- ./config:/config:z
networks:
- codecov
depends_on:
- minio
- timescale
- postgres
- redis
worker:
image: codecov/self-hosted-worker:latest-stable #note: this is for setup purposes only, be sure to pin to the latest release from our changelog: https://docs.codecov.io/changelog
environment:
- RUN_ENV=ENTERPRISE
volumes:
- ./config:/config
- archive-volume:/archive
networks:
- codecov
depends_on:
- minio
- redis
- postgres
- timescale
redis:
image: redis:6-alpine
volumes:
- redis-volume:/data
networks:
- codecov
postgres:
image: postgres:14-alpine
environment:
- POSTGRES_PASSWORD=testpassword
- POSTGRES_USER=postgres
- POSTGRES_DB=postgres
volumes:
- postgres-volume:/var/lib/postgresql/data
networks:
- codecov
timescale:
image: timescale/timescaledb-ha:pg14-latest
environment:
- POSTGRES_PASSWORD=testpassword
- POSTGRES_USER=postgres
- POSTGRES_DB=postgres
volumes:
- timescale-volume:/var/lib/postgresql/data
networks:
- codecov
minio:
image: minio/minio:RELEASE.2020-04-15T00-39-01Z
command: server /export
ports:
- "${CODECOV_MINIO_PORT-9000}:9000"
environment:
- MINIO_ACCESS_KEY=codecov-default-key
- MINIO_SECRET_KEY=codecov-default-secret
volumes:
- archive-volume:/export
networks:
- codecov
volumes:
postgres-volume:
timescale-volume:
redis-volume:
archive-volume:
networks:
codecov:
driver: bridge
and my codecov.yml looks like
codecov_url: https://35.188.12.198:8443
enterprise_license: "<some_license>"
# https://docs.codecov.com/docs/configuration#instance-wide-admins
admins:
- service: github
username: "<GH Username>"
http:
cookie_secret: "1234abcxyz"
timeseries:
enabled: true
github:
integration:
id: 22
pem: /config/file.pem
client_id: "<some_id>"
client_secret: "<some_secret>"
global_upload_token: "<upload-token>"
services:
redis_url: "redis://redis:6379"
database_url: "postgres://postgres:testpassword@postgres:5432/postgres"
timeseries_database_url: "postgres://postgres:testpassword@timescale:5432/postgres"
minio:
host: minio
port: 9000
I haven't been able to perform a login with GH, in the worker logs i see something like -
{"message": "Warning: login request is missing state or has disagreeing state", "asctime": "2024-06-26 04:24:33,493", "name": "codecov_auth.views.base", "levelname": "WARNING", "lineno": 141, "pathname": "/app/codecov_auth/views/base.py", "funcName": "get_redirection_url_from_state", "threadName": "MainThread", "taskName": null, "logger.name": "codecov_auth.views.base", "logger.thread_name": "MainThread", "level": "WARNING"}
{"h": "192.168.240.9", "t": "[26/Jun/2024:04:24:33 +0000]", "r": "GET /login/gh?code=4521914e2b612b721886&state=5664647f224048439cad99a99de6444e HTTP/1.1", "s": "302", "b": "0", "f": "-", "a": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36", "taskName": null}
{"message": "GraphQL Request", "asctime": "2024-06-26 04:24:33,815", "name": "graphql_api.views", "levelname": "INFO", "lineno": 223, "pathname": "/app/graphql_api/views.py", "funcName": "post", "threadName": "ThreadPoolExecutor-9_0", "taskName": "Task-41", "server_hostname": "b77eb9829181", "request_method": "POST", "request_path": "/graphql/gh", "request_body": {"query": "query GetLoginProviders { config { loginProviders } }", "variables": {}}, "user": "AnonymousUser", "logger.name": "graphql_api.views", "logger.thread_name": "ThreadPoolExecutor-9_0", "level": "INFO"}
Could someone please help here ?
I am also seeing this issue. I've attached a video for reference.
Screen.Recording.2024-06-30.at.11.29.01.PM.mov
Same than this one with gitlab : #34
This fixed the issue for me: #42
@rahul-roy-glean @tekkeitserktok Can you please test this on your end?
@jason-ford-codecov Can you review the PR?
Hello @bert0RM, I use MY_IP.nip.io for codecov and gitlab.local domains for my local setup.
Will it work ? Or do I need to change other parameters in my config ?
I use "latest-calver" tag for docker images btw.
Thanks !
@tekkeitserktok The change works for the default docker compose setup. Im not sure how nip.io works but what did you set the cookies_domain to? and what host are you using for the self-hosted-frontend?
@bert0RM , here is my config for the frontend part:
`
frontend:
image: codecov/self-hosted-frontend:latest-calver
environment:
- CODECOV_BASE_HOST=10.84.31.161.nip.io:8080
- CODECOV_API_HOST=10.84.31.161.nip.io:8080
- CODECOV_IA_HOST=10.84.31.161.nip.io:8080
- CODECOV_SCHEME=http
volumes:
- ./config:/config
ports:
- "8080"
networks:
- codecov
`
I tried "localhost" and "nip.io" for the cookie_domain config but it didn't work
Can you try 10.84.31.161 or 10.84.31.161.nip.io for the cookie_domain?
I am also seeing this issue. I've attached a video for reference.
Screen.Recording.2024-06-30.at.11.29.01.PM.mov
Thanks for your efforts to fix the issue. I am testing the same flow using Docker Compose and ngrok but am still encountering the same issue. When I tried using an older version of codecov-api. This issue disappeared, but other issues arose. I have also tested your proposed solutions by setting cookie_domain, but it did not resolve the problem. any idea ?
Can you try
10.84.31.161or10.84.31.161.nip.iofor the cookie_domain?
I tried, it didn't work :'(
I have the same problem
I've tried @bert0RM method with "localhost" or my domain name but without success.
I've tried the latest-calver, latest-stable and 24.4.1
Also having this same issue with a self-hosted gitlab instance
Hey!
Same issue here. I have the docker containers behind nginx. I tried setting cookie_domain to both localhost and the ip of the server (no domain attached to it), but without success
Edit: Here are the relevant configs:
gateway:
image: codecov/self-hosted-gateway:latest-calver #note: this is for setup purposes only, be sure to pin to the latest release from our changelog: https://docs.codecov.io/changelog
volumes:
- ./config:/config
#- ${CODECOV_SSL_CERT-/cert/codecov.crt}:/etc/codecov/ssl/certs/cert.crt:ro # uncomment if using ssl
ports:
- "${CODECOV_PORT-8080}:8080"
#- "${CODECOV_SSL_PORT-8443}:8443" # uncomment if using ssl
environment:
- CODECOV_GATEWAY_MINIO_ENABLED=true
#- CODECOV_GATEWAY_SSL_ENABLED=true # uncomment if using ssl
networks:
- codecov
depends_on:
- api
- frontend
frontend:
image: codecov/self-hosted-frontend:latest-calver #note: this is for setup purposes only, be sure to pin to the latest release from our changelog: https://docs.codecov.io/changelog
environment:
- CODECOV_BASE_HOST=18.156.69.72
- CODECOV_API_HOST=18.156.69.72
- CODECOV_IA_HOST=18.156.69.72
- CODECOV_SCHEME=http
volumes:
- ./config:/config
ports:
- "8080"
networks:
- codecov
api:
image: codecov/self-hosted-api:latest-calver #note: this is for setup purposes only, be sure to pin to the latest release from our changelog: https://docs.codecov.io/changelog
volumes:
- ./config:/config
networks:
- codecov
depends_on:
- minio
- timescale
- postgres
- redis
setup:
codecov_url: "http://18.156.69.72"
enterprise_license: "<license>"
admins:
- service: github
username: "adiRandom"
http:
cookie_secret: "<secret>"
cookies_domain: localhost #also tried 18.156.69.72
timeseries:
enabled: true
@rahul-roy-glean @adiRandom and others using GitHub.com:
In the GitHub App settings, ensure that the callback URL is example.com/login/gh, not example.com/login/ghe
ghe = GitHub Enterprise