diff options
| author | Steve Azzopardi <steveazz@outlook.com> | 2019-04-01 15:09:19 +0200 |
|---|---|---|
| committer | Steve Azzopardi <steveazz@outlook.com> | 2019-04-09 11:59:33 +0200 |
| commit | f211ba2b265466deb95bb9a8c689ff8544b36a85 (patch) | |
| tree | 39979f0dfdd646dbaa3d3858b750b2098b818862 | |
| parent | 87f665e83e2139363f94d19bae08c3a2682c6481 (diff) | |
| download | gitlab-ce-docs/add-runner-token-reset.tar.gz | |
Add guide on how to reset runners tokendocs/add-runner-token-reset
| -rw-r--r-- | doc/raketasks/backup_restore.md | 49 |
1 files changed, 43 insertions, 6 deletions
diff --git a/doc/raketasks/backup_restore.md b/doc/raketasks/backup_restore.md index 32c2e4a5c99..471e74ff40a 100644 --- a/doc/raketasks/backup_restore.md +++ b/doc/raketasks/backup_restore.md @@ -848,15 +848,20 @@ including (but not restricted to): * [Project mirroring](../workflow/repository_mirroring.md) * [Web hooks](../user/project/integrations/webhooks.md) -In the case of CI/CD, variables, you might experience some weird behavior, like -stuck jobs or 500 errors. In that case, you can try removing contents of the -`ci_group_variables` and `ci_project_variables` tables from the database. +In cases like CI/CD variables and Runner authentication, you might +experience some unexpected behavior such as stuck jobs and 500 error. In +this case, you are required to reset all the tokens for CI/CD variables +and Runner Authentication, which is described in more detail below. +Afterword you should now be able to visit your project, and the jobs +will start running again. CAUTION: **Warning:** Use the following commands at your own risk, and make sure you've taken a backup beforehand. -1. Enter the Rails console: +#### Reset CI/CD variables + +1. Enter the DB console: For Omnibus GitLab packages: @@ -889,8 +894,40 @@ backup beforehand. 1. You may need to reconfigure or restart GitLab for the changes to take effect. -You should now be able to visit your project, and the jobs will start -running again. + +#### Reset Runner registration tokens + + +1. Enter the DB console: + + For Omnibus GitLab packages: + + ```sh + sudo gitlab-rails dbconsole + ``` + + For installations from source: + + ```sh + sudo -u git -H bundle exec rails dbconsole RAILS_ENV=production + ``` + +1. Clear all the tokens for projects, groups, and the whole instance: + +DANGER: **Danger:** +The last UPDATE will result into the runners not being able to pick up +new jobs, you have to register new runners. + + ```sql + -- Clear project tokens + UPDATE projects SET runners_token = null, runners_token_encrypted = null; + -- Clear group tokens + UPDATE namespaces SET runners_token = null, runners_token_encrypted = null; + -- Clear instance tokens + UPDATE application_settings SET runners_registration_token_encrypted = null; + -- Clear runner tokens + UPDATE ci_runners SET token = null, token_encrypted = null; + ``` A similar strategy can be employed for the remaining features - by removing the data that cannot be decrypted, GitLab can be brought back into working order, |