I was in need to migrate a legacy source Gitlab instance to a newer omnibus based instance. The old server was based on Centos 6.5, the new server is running Debian 12. The package installed is gitlab-ce_8.17.8-ce.0_amd64.deb.
Post installation, the first configuration failed due to a Bcrypt error. According to online instructions this issue was fixed in a newer “bcrypt” Gem version and it was advised to update the gem. I used the command below to update the Gem, which indeed seemed to resolve my problem
opt/gitlab/embedded/bin/gem update bcrypt
After the first reconfigure I restored a backup and restored my secrets, all without issues. After restoring my backup i ran an additional reconfigure. All self tests pass without errors and i see the Gitlab home page.
But now the problem, when I try to login with my admin account I see a 500 error and the following part in the log:
==> /var/log/gitlab/gitlab-rails/production.log <==
Started POST "/users/sign_in" for 172.17.134.1 at 2023-07-12 14:08:35 +0100
Processing by SessionsController#create as HTML
Parameters: {"utf8"=>"✓", "authenticity_token"=>"6MDrZVtTTdKwApGs/qi6pQ8rxYr6Idn1zkDm63MfZAauoJeQz5DfUMs1Trt+MG1KJRko5Y5Fqph45Z8ugEWSKg==", "user"=>{"login"=>"lmolenaar", "password"=>"[FILTERED]", "remember_me"=>"1"}}
Completed 401 Unauthorized in 485ms (ActiveRecord: 39.9ms)
Processing by SessionsController#new as HTML
Parameters: {"utf8"=>"✓", "authenticity_token"=>"6MDrZVtTTdKwApGs/qi6pQ8rxYr6Idn1zkDm63MfZAauoJeQz5DfUMs1Trt+MG1KJRko5Y5Fqph45Z8ugEWSKg==", "user"=>{"login"=>"lmolenaar", "password"=>"[FILTERED]", "remember_me"=>"1"}}
Completed 500 Internal Server Error in 142ms (ActiveRecord: 0.9ms)
BCrypt::Errors::InvalidHash (invalid hash):
app/controllers/sessions_controller.rb:24:in `new'
The “new” part the ruby file shows:
opt/gitlab/embedded/service/gitlab-rails/app/controllers/sessions_controller.rb
def new
set_minimum_password_length
if Gitlab.config.ldap.enabled
@ldap_servers = Gitlab::LDAP::Config.servers
else
@ldap_servers = []
end
super
end
I regonise that i am running an ancient version of Gitlab but I hope that somebody might be able to provide a workaround for my issue? Are there more locations where I need to update the bcrypt gem or can I apply a hack in any of the .rb files?