Uploading artifacts...Unauthorized status=401

I’m trying to use CI to compile latex files as written here: https://gitlab.com/gitlab-org/gitlab-ce/issues/4250
It is my first experience with CI and docker so I may be doing something wrong.
Docker is installed on the same server as GitLab CE, when running “gitlab-runner register” for the executor I selected “docker”.

The log message (after running for about 2 minutes) shows that latex compilation is done, but saving artifacts fails:

Uploading artifacts…
proposal.pdf: found 1 matching files
WARNING: Uploading artifacts to coordinator… failed id=12 responseStatus=401 Unauthorized status=401 Unauthorized token=_E4pHowf

At the same time from access.log:
/var/log/gitlab/nginx/gitlab_access.log:XXX.XXX.XXX.XXX - - [09/Oct/2017:15:24:29 -0700] “GET /xxxxxxx/xxx.git/info/refs?service=git-upload-pack HTTP/1.1” 401 26 “” “git/2.8.6”
/var/log/gitlab/nginx/gitlab_access.log:XXX.XXX.XXX.XXX - - [09/Oct/2017:15:24:36 -0700] “GET /406.shtml HTTP/1.1” 401 49 “” “gitlab-runner 10.0.0 (; go1.8.3; linux/amd64)”

I’m with the same company…

Problem

Apache’s ModSecurity module was denying the access.

Quick fix

Add to Apache’s config for GitLab (IDs of the rules depend on ModSecurity config):
<Proxy “*”>
  <IfModule security2_module>
    SecRuleRemoveById 960012
    SecRuleRemoveById 960013
   </IfModule>
</Proxy>

More info

  • Setup: Apache/2.4.27 (cPanel) + Nginx (bundled) + GitLab 10.0.3
  • OS: CentOS 7
  • From Apache’s error log:
    • Rule 960012 violation:

      ModSecurity: Access denied with code 406 (phase 2). Operator EQ matched 0 at REQUEST_HEADERS…[id “960012”] [msg “POST request must have a Content-Length header”] [severity “WARNING”] [tag “PROTOCOL_VIOLATION/EVASION”] …

    • Rule 960013 violation:

      ModSecurity: Access denied with code 406 (phase 2). Operator EQ matched 0 at REQUEST_HEADERS…[id “960013”] [msg “ModSecurity does not support transfer encodings”] [severity “ERROR”] [tag “PROTOCOL_VIOLATION/EVASION”] …