XCode Cloud Setup with GitLab - Application Token with `gloas-` Prefix

Following this guide (Connecting Xcode Cloud to a self-managed GitLab instance) and this thread (AppstoreConnect not accepting the GitLab application secret) with a workaround to modify the following file ./embedded/service/gitlab-rails/lib/gitlab/doorkeeper_secret_storing/token/unique_application_token.rb to remove the prefix for secret generation, seems to me more like a bug in GitLab and the workaround a bit hacky!

  • Shouldn’t GitLab remove its prefix for the request again here?
  • Or have we made another mistake here? Whereas we are not the only ones with the problem, it seems…

This prefix feature was implemented recently Prefixes OAuth Application Secrets with gloat (c5d6a3f5) · Commits · GitLab.org / GitLab · GitLab @nmalcolm

Thanks for flagging. Suggest opening a bug report and tag the MR authors. Thanks!

Finally, I don’t know if this is a bug or a misbehavior on the XCode side.
XCode Cloud checks the length of the AuthToken (which makes sense from XCode’s point of view), which has changed due to this change and therefore an authentication of XCode-Cloud against GitLab as application is no longer possible.
Perhaps other applications are also affected by this change…

Thanks. I’m not sure either - best is to discuss with GitLab engineers in an issue. :slight_smile: