Login with Github always redirects back to the Login page

[rahul-roy-glean]

I'm trying out the self-hosted setup with Docker compose and trying to enable a login with GH. I have setup the GH app as mentioned in the guide and trying to login with the same. My docker compose looks like -

version: "3"

services:
  gateway:
    image: codecov/self-hosted-gateway:latest-stable #note: this is for setup purposes only, be sure to pin to the latest release from our changelog: https://docs.codecov.io/changelog
    volumes:
      - ./config:/config
      - ${CODECOV_SSL_CERT-/cert/codecov.pem}:/etc/codecov/ssl/certs/cert.crt:ro # uncomment if using ssl
      - ${CODECOV_SSL_KEY-/cert/privkey.pem}:/etc/codecov/ssl/certs/cert.crt.key:ro
    ports:
      - "${CODECOV_PORT-8080}:8080"
      - "${CODECOV_SSL_PORT-8443}:8443" # uncomment if using ssl
    environment:
      - CODECOV_GATEWAY_MINIO_ENABLED=true
      - CODECOV_GATEWAY_SSL_ENABLED=true # uncomment if using ssl
    networks:
      - codecov
    depends_on:
      - api
      - frontend

  frontend:
    image: codecov/self-hosted-frontend:latest-stable #note: this is for setup purposes only, be sure to pin to the latest release from our changelog: https://docs.codecov.io/changelog
    environment:
      - CODECOV_BASE_HOST=localhost:8443
      - CODECOV_API_HOST=localhost:8443
      - CODECOV_IA_HOST=localhost:8443
      - CODECOV_SCHEME=http
    volumes:
      - ./config:/config:z
      - ${CODECOV_SSL_CERT-/cert/codecov.pem}:/etc/nginx/codecov.crt:ro
      - ${CODECOV_SSL_KEY-/cert/privkey.pem}:/etc/nginx/codecov.key:ro
    ports:
      - "8080"
    networks:
      - codecov

  api:
    image: codecov/self-hosted-api:latest-stable #note: this is for setup purposes only, be sure to pin to the latest release from our changelog: https://docs.codecov.io/changelog
    volumes:
      - ./config:/config:z
    networks:
      - codecov
    depends_on:
      - minio
      - timescale
      - postgres
      - redis

  worker:
    image: codecov/self-hosted-worker:latest-stable #note: this is for setup purposes only, be sure to pin to the latest release from our changelog: https://docs.codecov.io/changelog
    environment:
      - RUN_ENV=ENTERPRISE
    volumes:
      - ./config:/config
      - archive-volume:/archive
    networks:
      - codecov
    depends_on:
      - minio
      - redis
      - postgres
      - timescale

  redis:
    image: redis:6-alpine
    volumes:
      - redis-volume:/data
    networks:
      - codecov

  postgres:
    image: postgres:14-alpine
    environment:
      - POSTGRES_PASSWORD=testpassword
      - POSTGRES_USER=postgres
      - POSTGRES_DB=postgres
    volumes:
      - postgres-volume:/var/lib/postgresql/data
    networks:
      - codecov

  timescale:
    image: timescale/timescaledb-ha:pg14-latest
    environment:
      - POSTGRES_PASSWORD=testpassword
      - POSTGRES_USER=postgres
      - POSTGRES_DB=postgres
    volumes:
      - timescale-volume:/var/lib/postgresql/data
    networks:
      - codecov

  minio:
    image: minio/minio:RELEASE.2020-04-15T00-39-01Z
    command: server /export
    ports:
      - "${CODECOV_MINIO_PORT-9000}:9000"
    environment:
      - MINIO_ACCESS_KEY=codecov-default-key
      - MINIO_SECRET_KEY=codecov-default-secret
    volumes:
      - archive-volume:/export
    networks:
      - codecov

volumes:
  postgres-volume:
  timescale-volume:
  redis-volume:
  archive-volume:

networks:
  codecov:
    driver: bridge

and my codecov.yml looks like

  codecov_url: https://35.188.12.198:8443
  enterprise_license: "<some_license>"
  # https://docs.codecov.com/docs/configuration#instance-wide-admins
  admins:
    - service: github
      username: "<GH Username>"
  http:
    cookie_secret: "1234abcxyz"
  timeseries:
    enabled: true
github:
  integration:
    id: 22
    pem: /config/file.pem
  client_id: "<some_id>"
  client_secret: "<some_secret>"
  global_upload_token: "<upload-token>"
services:
  redis_url: "redis://redis:6379"
  database_url: "postgres://postgres:testpassword@postgres:5432/postgres"
  timeseries_database_url: "postgres://postgres:testpassword@timescale:5432/postgres"
  minio:
    host: minio
    port: 9000

I haven't been able to perform a login with GH, in the worker logs i see something like -

{"message": "Warning: login request is missing state or has disagreeing state", "asctime": "2024-06-26 04:24:33,493", "name": "codecov_auth.views.base", "levelname": "WARNING", "lineno": 141, "pathname": "/app/codecov_auth/views/base.py", "funcName": "get_redirection_url_from_state", "threadName": "MainThread", "taskName": null, "logger.name": "codecov_auth.views.base", "logger.thread_name": "MainThread", "level": "WARNING"}
{"h": "192.168.240.9", "t": "[26/Jun/2024:04:24:33 +0000]", "r": "GET /login/gh?code=4521914e2b612b721886&state=5664647f224048439cad99a99de6444e HTTP/1.1", "s": "302", "b": "0", "f": "-", "a": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36", "taskName": null}
{"message": "GraphQL Request", "asctime": "2024-06-26 04:24:33,815", "name": "graphql_api.views", "levelname": "INFO", "lineno": 223, "pathname": "/app/graphql_api/views.py", "funcName": "post", "threadName": "ThreadPoolExecutor-9_0", "taskName": "Task-41", "server_hostname": "b77eb9829181", "request_method": "POST", "request_path": "/graphql/gh", "request_body": {"query": "query GetLoginProviders { config { loginProviders } }", "variables": {}}, "user": "AnonymousUser", "logger.name": "graphql_api.views", "logger.thread_name": "ThreadPoolExecutor-9_0", "level": "INFO"}

Could someone please help here ?

[bert0RM]

I am also seeing this issue. I've attached a video for reference.

https://github.com/codecov/self-hosted/assets/33237379/837e8639-e439-449f-b181-ba224537ab1c

[tekkeitserktok]

Same than this one with gitlab : #34

[bert0RM]

This fixed the issue for me: https://github.com/codecov/self-hosted/pull/42 @rahul-roy-glean @tekkeitserktok Can you please test this on your end? @jason-ford-codecov Can you review the PR?