Docker 与 Drone 和 Gitlab 组合,Gitlab 错误 "The redirect URI included is not valid."
Docker compose with Drone and Gitlab, Gitlab errors "The redirect URI included is not valid."
我正在研究 CI 技术,所以我想我会使用 Docker compose 在本地设置 Drone with Gitlab。这是 docker-compose.yml:
version: "2"
services:
example_gitlab:
image: gitlab/gitlab-ce:latest
volumes:
- ./new-gitlab/srv/gitlab/config:/etc/gitlab
- ./new-gitlab/srv/gitlab/logs:/var/log/gitlab
- ./new-gitlab/srv/gitlab/data:/var/opt/gitlab
ports:
- "4443:443"
- "8000:80"
- "2222:22"
example_drone:
build: ./drone
volumes:
- /var/lib/drone/
- /var/run/docker.sock:/var/run/docker.sock
- ./drone/sqlite/drone.sqlite:/var/lib/drone/drone.sqlite
environment:
- DRONE_GITLAB=true
- DRONE_GITLAB_URL=http://0.0.0.0:8000
- DRONE_GITLAB_CLIENT=4b5292ffbe30e93713b57853c43194aa63d50c176516c8ffaa8b213f1bb1555b
- DRONE_GITLAB_SECRET=6088c59102511a418154197d415762a8768e0e2d6c9ad4bb9013f48d1df3b226
ports:
- "8080:8080"
应用程序启动正常,我已经使用这些设置在 gitlab 中设置了一个应用程序:
Name: Drone
Redirect URI: http://0.0.0.0:8080/authorize
然后我获取了 id 和 secret 并将它们添加到无人机环境中。这一切都很好。但是,当我尝试从无人机登录 gitlab 时,我得到:
发生错误
包含的重定向 URI 无效。
不知道为什么?
我认为问题在于您的重定向 url 不包括端口:
Name: Drone
Redirect URI: http://0.0.0.0/authorize
重定向 url 是 Gitlab 在身份验证后将用户重定向到的 url。这应该是包含端口的无人机服务器地址:
Name: Drone
Redirect URI: http://0.0.0.0:8080/authorize
我遇到了同样的问题,我已经用这个配置解决了它:
version: '2'
services:
#PROXY
nginx:
image: jwilder/nginx-proxy:latest
restart: always
ports:
- "80:80"
volumes:
- /var/run/docker.sock:/tmp/docker.sock:ro
depends_on:
- drone-server
- gitlab
networks:
- drone
- gitlab
# GITLAB
gitlab:
image: gitlab/gitlab-ce:latest
environment:
VIRTUAL_HOST: "gitlab.dev"
VIRTUAL_PORT: "8080"
GITLAB_HTTPS: "false"
SSL_SELF_SIGNED: "false"
volumes:
- ./gitlab/srv/gitlab/config:/etc/gitlab
- ./gitlab/srv/gitlab/logs:/var/log/gitlab
- ./gitlab/srv/gitlab/data:/var/opt/gitlab
ports:
- "4443:443"
- "8080:80"
- "2222:22"
networks:
- gitlab
# DRONE
drone-server:
image: drone/drone:0.5
ports:
- "8000:8000"
networks:
- drone
- gitlab
links:
- gitlab
volumes:
- ./drone-data:/var/lib/drone/
environment:
VIRTUAL_HOST: "drone.dev"
VIRTUAL_PORT: "8000"
# DRONE ENV
DRONE_SERVER_ADDR: ":8000"
DRONE_DEBUG: "true"
# CHANGEME: Randomly generate something at least 24 characters long with
# a password generator.
DRONE_SECRET: "replace-this-with-your-own-random-secret"
DRONE_DATABASE_DRIVER: sqlite3
DRONE_DATABASE_DATASOURCE: /var/lib/drone/drone.sqlite
DRONE_OPEN: "true"
# DRONE_ORGS: ""
# CHANGEME: Replace with Github username(s) to grant admin privs to.
# DRONE_ADMIN: admin,users,here
DRONE_ADMIN_ALL: "true"
# DRONE GITLAB params
DRONE_GITLAB: "true"
DRONE_GITLAB_URL: http://gitlab.dev:8080
DRONE_GITLAB_CLIENT: a7ee6c568eb1824b9c43bb514fe2eded8142284bf484d587a66ed1713d82cfb7
DRONE_GITLAB_SECRET: 786c7f7b84497b00215c3ff2cea6a4d693b378071a162f751e8e5910be46fb08
DRONE_GITLAB_SKIP_VERIFY: true
# disable SSL
DRONE_GITLAB_SKIP_VERIFY: "true"
drone-agent:
image: drone/drone:0.5
command: agent
depends_on:
- drone-server
networks:
- drone
volumes:
- /var/run/docker.sock:/var/run/docker.sock
environment:
DRONE_SERVER: ws://drone-server:8000/ws/broker
DRONE_DEBUG: "true"
# CHANGEME: Change this to match the DRONE_SECRET value specified in your
# drone-server container above.
DRONE_SECRET: "replace-this-with-your-own-random-secret"
networks:
drone:
driver: bridge
gitlab:
driver: bridge
现在的问题是没有注册客户端。我在日志中看不到任何错误:
gitlab_1 |
gitlab_1 | ==> /var/log/gitlab/gitlab-rails/production.log <==
gitlab_1 | Started POST "/oauth/authorize" for 172.27.0.1 at 2017-01-22 02:48:40 +0000
gitlab_1 | Processing by Oauth::AuthorizationsController#create as HTML
gitlab_1 | Parameters: {"utf8"=>"✓", "authenticity_token"=>"hWP+9zf36+E8pSPZPJX/MJQ2oddjVniNZFWdrmguP3x28nCmliNRsZzmUNwAtktsltDCNwMJVlrn4YV3DxepzA==", "client_id"=>"a7ee6c568eb1824b9c43bb514fe2eded8142284bf484d587a66ed1713d82cfb7", "redirect_uri"=>"http://drone.dev/authorize", "state"=>"drone", "response_type"=>"code", "scope"=>"api"}
gitlab_1 | Redirected to http://drone.dev/authorize?code=f38ce22be01132f1bc9486c5305262400ce36241c9a1de38867030bd0be6bc51&state=drone
gitlab_1 | Completed 302 Found in 39ms (ActiveRecord: 15.9ms)
gitlab_1 | Started GET "/oauth/authorize?client_id=a7ee6c568eb1824b9c43bb514fe2eded8142284bf484d587a66ed1713d82cfb7&redirect_uri=http%3A%2F%2Fdrone.dev%2Fauthorize&response_type=code&scope=api&state=drone" for 172.27.0.1 at 2017-01-22 02:48:40 +0000
gitlab_1 | Processing by Oauth::AuthorizationsController#new as HTML
gitlab_1 | Parameters: {"client_id"=>"a7ee6c568eb1824b9c43bb514fe2eded8142284bf484d587a66ed1713d82cfb7", "redirect_uri"=>"http://drone.dev/authorize", "response_type"=>"code", "scope"=>"api", "state"=>"drone"}
gitlab_1 | Completed 200 OK in 40ms (Views: 21.2ms | ActiveRecord: 15.1ms)
gitlab_1 |
gitlab_1 | ==> /var/log/gitlab/gitlab-workhorse/current <==
gitlab_1 | 2017-01-22_02:48:40.91198 gitlab.dev:8080 @ - - [2017-01-22 02:48:40.853291066 +0000 UTC] "POST /oauth/authorize HTTP/1.1" 302 178 "http://gitlab.dev:8080/oauth/authorize?client_id=a7ee6c568eb1824b9c43bb514fe2eded8142284bf484d587a66ed1713d82cfb7&redirect_uri=http%3A%2F%2Fdrone.dev%2Fauthorize&response_type=code&scope=api&state=drone" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.95 Safari/537.36" 0.058615
gitlab_1 | 2017-01-22_02:48:41.01414 gitlab.dev:8080 @ - - [2017-01-22 02:48:40.968217945 +0000 UTC] "GET /oauth/authorize?client_id=a7ee6c568eb1824b9c43bb514fe2eded8142284bf484d587a66ed1713d82cfb7&redirect_uri=http%3A%2F%2Fdrone.dev%2Fauthorize&response_type=code&scope=api&state=drone HTTP/1.1" 200 13012 "http://gitlab.dev:8080/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.95 Safari/537.36" 0.045840
gitlab_1 |
gitlab_1 | ==> /var/log/gitlab/nginx/gitlab_access.log <==
gitlab_1 | 172.27.0.1 - - [22/Jan/2017:02:48:40 +0000] "POST /oauth/authorize HTTP/1.1" 302 178 "http://gitlab.dev:8080/oauth/authorize?client_id=a7ee6c568eb1824b9c43bb514fe2eded8142284bf484d587a66ed1713d82cfb7&redirect_uri=http%3A%2F%2Fdrone.dev%2Fauthorize&response_type=code&scope=api&state=drone" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.95 Safari/537.36"
gitlab_1 | 172.27.0.1 - - [22/Jan/2017:02:48:41 +0000] "GET /oauth/authorize?client_id=a7ee6c568eb1824b9c43bb514fe2eded8142284bf484d587a66ed1713d82cfb7&redirect_uri=http%3A%2F%2Fdrone.dev%2Fauthorize&response_type=code&scope=api&state=drone HTTP/1.1" 200 4526 "http://gitlab.dev:8080/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.95 Safari/537.36"
有人遇到这个问题吗???
打开无人机主页,右击login with gitlab按钮,selectcopy link address,你从按钮复制的url就是你需要的redirect url在 gitlab 站点设置。
我正在研究 CI 技术,所以我想我会使用 Docker compose 在本地设置 Drone with Gitlab。这是 docker-compose.yml:
version: "2"
services:
example_gitlab:
image: gitlab/gitlab-ce:latest
volumes:
- ./new-gitlab/srv/gitlab/config:/etc/gitlab
- ./new-gitlab/srv/gitlab/logs:/var/log/gitlab
- ./new-gitlab/srv/gitlab/data:/var/opt/gitlab
ports:
- "4443:443"
- "8000:80"
- "2222:22"
example_drone:
build: ./drone
volumes:
- /var/lib/drone/
- /var/run/docker.sock:/var/run/docker.sock
- ./drone/sqlite/drone.sqlite:/var/lib/drone/drone.sqlite
environment:
- DRONE_GITLAB=true
- DRONE_GITLAB_URL=http://0.0.0.0:8000
- DRONE_GITLAB_CLIENT=4b5292ffbe30e93713b57853c43194aa63d50c176516c8ffaa8b213f1bb1555b
- DRONE_GITLAB_SECRET=6088c59102511a418154197d415762a8768e0e2d6c9ad4bb9013f48d1df3b226
ports:
- "8080:8080"
应用程序启动正常,我已经使用这些设置在 gitlab 中设置了一个应用程序:
Name: Drone
Redirect URI: http://0.0.0.0:8080/authorize
然后我获取了 id 和 secret 并将它们添加到无人机环境中。这一切都很好。但是,当我尝试从无人机登录 gitlab 时,我得到:
发生错误
包含的重定向 URI 无效。
不知道为什么?
我认为问题在于您的重定向 url 不包括端口:
Name: Drone
Redirect URI: http://0.0.0.0/authorize
重定向 url 是 Gitlab 在身份验证后将用户重定向到的 url。这应该是包含端口的无人机服务器地址:
Name: Drone
Redirect URI: http://0.0.0.0:8080/authorize
我遇到了同样的问题,我已经用这个配置解决了它:
version: '2'
services:
#PROXY
nginx:
image: jwilder/nginx-proxy:latest
restart: always
ports:
- "80:80"
volumes:
- /var/run/docker.sock:/tmp/docker.sock:ro
depends_on:
- drone-server
- gitlab
networks:
- drone
- gitlab
# GITLAB
gitlab:
image: gitlab/gitlab-ce:latest
environment:
VIRTUAL_HOST: "gitlab.dev"
VIRTUAL_PORT: "8080"
GITLAB_HTTPS: "false"
SSL_SELF_SIGNED: "false"
volumes:
- ./gitlab/srv/gitlab/config:/etc/gitlab
- ./gitlab/srv/gitlab/logs:/var/log/gitlab
- ./gitlab/srv/gitlab/data:/var/opt/gitlab
ports:
- "4443:443"
- "8080:80"
- "2222:22"
networks:
- gitlab
# DRONE
drone-server:
image: drone/drone:0.5
ports:
- "8000:8000"
networks:
- drone
- gitlab
links:
- gitlab
volumes:
- ./drone-data:/var/lib/drone/
environment:
VIRTUAL_HOST: "drone.dev"
VIRTUAL_PORT: "8000"
# DRONE ENV
DRONE_SERVER_ADDR: ":8000"
DRONE_DEBUG: "true"
# CHANGEME: Randomly generate something at least 24 characters long with
# a password generator.
DRONE_SECRET: "replace-this-with-your-own-random-secret"
DRONE_DATABASE_DRIVER: sqlite3
DRONE_DATABASE_DATASOURCE: /var/lib/drone/drone.sqlite
DRONE_OPEN: "true"
# DRONE_ORGS: ""
# CHANGEME: Replace with Github username(s) to grant admin privs to.
# DRONE_ADMIN: admin,users,here
DRONE_ADMIN_ALL: "true"
# DRONE GITLAB params
DRONE_GITLAB: "true"
DRONE_GITLAB_URL: http://gitlab.dev:8080
DRONE_GITLAB_CLIENT: a7ee6c568eb1824b9c43bb514fe2eded8142284bf484d587a66ed1713d82cfb7
DRONE_GITLAB_SECRET: 786c7f7b84497b00215c3ff2cea6a4d693b378071a162f751e8e5910be46fb08
DRONE_GITLAB_SKIP_VERIFY: true
# disable SSL
DRONE_GITLAB_SKIP_VERIFY: "true"
drone-agent:
image: drone/drone:0.5
command: agent
depends_on:
- drone-server
networks:
- drone
volumes:
- /var/run/docker.sock:/var/run/docker.sock
environment:
DRONE_SERVER: ws://drone-server:8000/ws/broker
DRONE_DEBUG: "true"
# CHANGEME: Change this to match the DRONE_SECRET value specified in your
# drone-server container above.
DRONE_SECRET: "replace-this-with-your-own-random-secret"
networks:
drone:
driver: bridge
gitlab:
driver: bridge
现在的问题是没有注册客户端。我在日志中看不到任何错误:
gitlab_1 |
gitlab_1 | ==> /var/log/gitlab/gitlab-rails/production.log <==
gitlab_1 | Started POST "/oauth/authorize" for 172.27.0.1 at 2017-01-22 02:48:40 +0000
gitlab_1 | Processing by Oauth::AuthorizationsController#create as HTML
gitlab_1 | Parameters: {"utf8"=>"✓", "authenticity_token"=>"hWP+9zf36+E8pSPZPJX/MJQ2oddjVniNZFWdrmguP3x28nCmliNRsZzmUNwAtktsltDCNwMJVlrn4YV3DxepzA==", "client_id"=>"a7ee6c568eb1824b9c43bb514fe2eded8142284bf484d587a66ed1713d82cfb7", "redirect_uri"=>"http://drone.dev/authorize", "state"=>"drone", "response_type"=>"code", "scope"=>"api"}
gitlab_1 | Redirected to http://drone.dev/authorize?code=f38ce22be01132f1bc9486c5305262400ce36241c9a1de38867030bd0be6bc51&state=drone
gitlab_1 | Completed 302 Found in 39ms (ActiveRecord: 15.9ms)
gitlab_1 | Started GET "/oauth/authorize?client_id=a7ee6c568eb1824b9c43bb514fe2eded8142284bf484d587a66ed1713d82cfb7&redirect_uri=http%3A%2F%2Fdrone.dev%2Fauthorize&response_type=code&scope=api&state=drone" for 172.27.0.1 at 2017-01-22 02:48:40 +0000
gitlab_1 | Processing by Oauth::AuthorizationsController#new as HTML
gitlab_1 | Parameters: {"client_id"=>"a7ee6c568eb1824b9c43bb514fe2eded8142284bf484d587a66ed1713d82cfb7", "redirect_uri"=>"http://drone.dev/authorize", "response_type"=>"code", "scope"=>"api", "state"=>"drone"}
gitlab_1 | Completed 200 OK in 40ms (Views: 21.2ms | ActiveRecord: 15.1ms)
gitlab_1 |
gitlab_1 | ==> /var/log/gitlab/gitlab-workhorse/current <==
gitlab_1 | 2017-01-22_02:48:40.91198 gitlab.dev:8080 @ - - [2017-01-22 02:48:40.853291066 +0000 UTC] "POST /oauth/authorize HTTP/1.1" 302 178 "http://gitlab.dev:8080/oauth/authorize?client_id=a7ee6c568eb1824b9c43bb514fe2eded8142284bf484d587a66ed1713d82cfb7&redirect_uri=http%3A%2F%2Fdrone.dev%2Fauthorize&response_type=code&scope=api&state=drone" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.95 Safari/537.36" 0.058615
gitlab_1 | 2017-01-22_02:48:41.01414 gitlab.dev:8080 @ - - [2017-01-22 02:48:40.968217945 +0000 UTC] "GET /oauth/authorize?client_id=a7ee6c568eb1824b9c43bb514fe2eded8142284bf484d587a66ed1713d82cfb7&redirect_uri=http%3A%2F%2Fdrone.dev%2Fauthorize&response_type=code&scope=api&state=drone HTTP/1.1" 200 13012 "http://gitlab.dev:8080/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.95 Safari/537.36" 0.045840
gitlab_1 |
gitlab_1 | ==> /var/log/gitlab/nginx/gitlab_access.log <==
gitlab_1 | 172.27.0.1 - - [22/Jan/2017:02:48:40 +0000] "POST /oauth/authorize HTTP/1.1" 302 178 "http://gitlab.dev:8080/oauth/authorize?client_id=a7ee6c568eb1824b9c43bb514fe2eded8142284bf484d587a66ed1713d82cfb7&redirect_uri=http%3A%2F%2Fdrone.dev%2Fauthorize&response_type=code&scope=api&state=drone" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.95 Safari/537.36"
gitlab_1 | 172.27.0.1 - - [22/Jan/2017:02:48:41 +0000] "GET /oauth/authorize?client_id=a7ee6c568eb1824b9c43bb514fe2eded8142284bf484d587a66ed1713d82cfb7&redirect_uri=http%3A%2F%2Fdrone.dev%2Fauthorize&response_type=code&scope=api&state=drone HTTP/1.1" 200 4526 "http://gitlab.dev:8080/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.95 Safari/537.36"
有人遇到这个问题吗???
打开无人机主页,右击login with gitlab按钮,selectcopy link address,你从按钮复制的url就是你需要的redirect url在 gitlab 站点设置。