diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2023-06-08 09:08:49 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2023-06-08 09:08:49 +0300 |
commit | 208f195a9bc3614e3c720d6e485830d37c4f49df (patch) | |
tree | e3fe98a5debe6147a29a244d5e8f2e9096264c56 /doc/ci/secrets/id_token_authentication.md | |
parent | bf293d47937b3332462689c3fecc868706553f3a (diff) |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'doc/ci/secrets/id_token_authentication.md')
-rw-r--r-- | doc/ci/secrets/id_token_authentication.md | 31 |
1 files changed, 31 insertions, 0 deletions
diff --git a/doc/ci/secrets/id_token_authentication.md b/doc/ci/secrets/id_token_authentication.md index 12e0402be25..6bb460f9fc7 100644 --- a/doc/ci/secrets/id_token_authentication.md +++ b/doc/ci/secrets/id_token_authentication.md @@ -190,3 +190,34 @@ To enable automatic ID token authentication: 1. Toggle **Limit JSON Web Token (JWT) access** to enabled. <!--- end_remove --> + +## Troubleshooting + +### `400: missing token` status code + +This error indicates that one or more basic components necessary for ID tokens are +either missing or not configured as expect. + +To find the problem, an administrator can look for more details in the instance's +`exceptions_json.log` for the specific method that failed. + +#### `GitLab::Ci::Jwt::NoSigningKeyError` + +This error in the `exceptions_json.log` file is likely because the signing key is +missing from the database and the token could not be generated. To verify this is the issue, +run the following query on the instance's PostgreSQL terminal: + +```sql +SELECT encrypted_ci_jwt_signing_key FROM application_settings; +``` + +If the returned value is empty, use the Rails snippet below to generate a new key +and replace it internally: + +```ruby + key = OpenSSL::PKey::RSA.new(2048).to_pem + + ApplicationSetting.find_each do |application_setting| + application_setting.update(ci_jwt_signing_key: key) + end +``` |