Articles tagged with Admin

  • Gitlab CE GPG key installed but not correct for this package

    During update of Gitlab CE, the following message popped up

    The GPG keys listed for the "gitlab_gitlab-ce" repository are already installed but they are not correct for this package. 
Check that the correct key URLs are configured for this repository.. Failing package is: gitlab-ce-17.11.7-ce.0.el8.x86_64

    Turns out, the repository has two GPG keys now. Gitlab provides a script that installed the missing key and is idempotent.

    curl -sS https://packages.gitlab.com/install/repositories/gitlab/gitlab-ce/script.rpm.sh | sudo bash

  • Microk8s with Gitlab container registry == Uncharted territory

    It took me too much time to not share this. When using Gitlab access tokens to allow Microk8s to access the registry of you Gitlab instance, there is no documented procedure regarding the authentication. After fiddling around with this, I got the crucial hint from DeepSeek.

    The solution is to copy over a working config.json to one member of the k8s cluster.

    sudo mkdir -p /var/snap/microk8s/current/.docker/
mv ~/config.json /var/snap/microk8s/current/.docker/
sudo chmod 600 /var/snap/microk8s/current/.docker/config.json

    After that, a hosts.toml file in the correct path needs to be created.

    mkdir -p "/var/snap/microk8s/current/args/certs.d/${GITLAB_HOST}:${GITLAB_PORT}"
cat > "/var/snap/microk8s/current/args/certs.d/${GITLAB_HOST}:${GITLAB_PORT}/hosts.toml" << EOF
server = "https://${GITLAB_HOST}:${GITLAB_PORT}"

[host."https://${GITLAB_HOST}:${GITLAB_PORT}"]
  capabilities = ["pull", "resolve", "push"]
  skip_verify = false
EOF

    And then the cluster needs a restart to apply the changes.

    The approach to move the authentication from hosts.toml to a config.json is not documented in the microk8s documentation. I found several pages where people with the same scenario where looking for help, but not a single working answer. The LLM saved the day.