Zero-to-jupyterhub-k8s: Gitlab Auth throw error
Hi,
I have been trying to add the auth mehtod with gitlab, for that I pass this config inside the config.yaml when I execute helm upgrade --install jhub jupyterhub/jupyterhub --namespace jhub --version 0.9-445a953 --values config.yaml
But I have this error in the hub-pod:
Loading /etc/jupyterhub/config/values.yaml
Loading /etc/jupyterhub/secret/values.yaml
[E 2019-06-19 07:23:35.674 JupyterHub app:1958]
Traceback (most recent call last):
File "/usr/local/lib/python3.6/dist-packages/jupyterhub/app.py", line 1955, in launch_instance_async
await self.initialize(argv)
File "/usr/local/lib/python3.6/dist-packages/jupyterhub/app.py", line 1639, in initialize
self.load_config_file(self.config_file)
File "</usr/local/lib/python3.6/dist-packages/decorator.py:decorator-gen-5>", line 2, in load_config_file
File "/usr/local/lib/python3.6/dist-packages/traitlets/config/application.py", line 87, in catch_config_error
return method(app, *args, **kwargs)
File "/usr/local/lib/python3.6/dist-packages/traitlets/config/application.py", line 598, in load_config_file
raise_config_file_errors=self.raise_config_file_errors,
File "/usr/local/lib/python3.6/dist-packages/traitlets/config/application.py", line 562, in _load_config_files
config = loader.load_config()
File "/usr/local/lib/python3.6/dist-packages/traitlets/config/loader.py", line 457, in load_config
self._read_file_as_dict()
File "/usr/local/lib/python3.6/dist-packages/traitlets/config/loader.py", line 489, in _read_file_as_dict
py3compat.execfile(conf_filename, namespace)
File "/usr/local/lib/python3.6/dist-packages/ipython_genutils/py3compat.py", line 198, in execfile
exec(compiler(f.read(), fname, 'exec'), glob, loc)
File "/srv/jupyterhub_config.py", line 279, in <module>
set_config_if_not_none(c.GitLabOAuthenticator, trait, 'auth.gitlab.' + cfg_key)
TypeError: must be str, not NoneType
The config.yaml look like this:
proxy:
secretToken: "<Secret Token>"
https:
letsencrypt:
contactEmail: '[email protected]'
hosts:
- 'jupyter2.example.com'
hub:
extraEnv:
KUBERNETES_SERVICE_HOST: "kubernetes.default.svc.cluster.local"
GITLAB_URL: "https://gitlab.example.com"
cpu:
guarantee: 1
memory:
guarantee: 3G
cull:
timeout: 1200
every: 600
prePuller:
hook:
enabled: false
continuous:
enabled: true
auth:
type: gitlab
gitlab:
clientId: "<ID of gitlab application>"
clientSecret: "<Secret of Gitlab application>"
callbackUrl: "http://jupyter2.example.com/hub/oauth_callback"
Is this error caused by something I lack in the config?
Jose3212
All 7 comments
Getting the same error. Similar config worked with Github OAuth application.
Anyone has it working?
sampathkethineedi
on 27 Jun 2019
This is code that relates to the error, at least if we are using the latest helm chart without modifying the hub image.
I don't have time at the moment to help out further =/
consideRatio
on 27 Jun 2019
Is there any update on this? I had to downgrade everything here to 0.7.0 again to get this working
I haven't had time to debug this further, anyone else experienced this?
dalssaso
on 22 Aug 2019
I managed with the following workaround:
hub:
extraEnv:
JUPYTER_ENABLE_LAB: 1
GITLAB_HOST: "https://gitlab.example.com"
extraConfig: |
c.JupyterHub.authenticator_class = 'oauthenticator.gitlab.GitLabOAuthenticator'
c.KubeSpawner.cmd = ['jupyter-labhub']
c.GitLabOAuthenticator.scope = ['api read_repository write_repository']
c.GitLabOAuthenticator.oauth_callback_url = "https://<host>/hub/oauth_callback"
c.GitLabOAuthenticator.client_id = "<client>"
c.GitLabOAuthenticator.client_secret = "<secret>"
auth:
state:
enabled: true
cryptoKey: "<super secret key>"
MBcom
on 19 Oct 2019
This issue has been mentioned on Jupyter Community Forum. There might be relevant details there:
https://discourse.jupyter.org/t/restricted-psp-z2jh-fails-in-local-gitlab-oauth-workflow/6202/1
meeseeksmachine
on 1 Oct 2020
@MBcom: Thank you for the pointers. For someone looking to do this on a local gitlab, details are here. Did you also have to run the hub image as a root user? Getting an error when running this as a non-privileged user during the adduser step, which is expected.
NerdSec
on 1 Oct 2020
This was an issue about the Helm chart configuration not being passed through to JupyterHub's actual configuration that should run the GitLab authenticator. This is resolved as far as I know in the latest development release of this Helm chart. Due to this, I'm going to close this issue and would ask that a new one is reopened that focuses on the specific new issue that relates to GitLabAuthenticator, which perhaps if so should be opened in the jupyterhub/oauthenticator repository where it is defined.
consideRatio
on 1 Oct 2020
Related issues
tylere
路
4Comments
consideRatio
路
3Comments
consideRatio
路
4Comments
consideRatio
路
3Comments
gsemet
路
3Comments
Most helpful comment
I managed with the following workaround: