“Geo: Health Status API returns error 500 for CipherError”
When setup steps are now followed correctly, we may miss to copy the database encryption key. Detecting an incorrect encryption key is easy as it will return an OpenSSL exception like the following:
OpenSSL::Cipher::CipherError ():
/opt/gitlab/embedded/lib/ruby/gems/2.3.0/gems/encryptor-3.0.0/lib/encryptor.rb:98:in `final'
/opt/gitlab/embedded/lib/ruby/gems/2.3.0/gems/encryptor-3.0.0/lib/encryptor.rb:98:in `crypt'
/opt/gitlab/embedded/lib/ruby/gems/2.3.0/gems/encryptor-3.0.0/lib/encryptor.rb:49:in `decrypt'
/opt/gitlab/embedded/lib/ruby/gems/2.3.0/gems/attr_encrypted-3.0.3/lib/attr_encrypted.rb:233:in `decrypt'
/opt/gitlab/embedded/lib/ruby/gems/2.3.0/gems/attr_encrypted-3.0.3/lib/attr_encrypted.rb:317:in `decrypt'
/opt/gitlab/embedded/lib/ruby/gems/2.3.0/gems/attr_encrypted-3.0.3/lib/attr_encrypted.rb:155:in `block (2 levels) in attr_encrypted'
/opt/gitlab/embedded/service/gitlab-rails/lib/gitlab/geo/jwt_request_decoder.rb:52:in `hmac_secret'
/opt/gitlab/embedded/service/gitlab-rails/lib/gitlab/geo/jwt_request_decoder.rb:71:in `decode_auth_header'
/opt/gitlab/embedded/service/gitlab-rails/lib/gitlab/geo/jwt_request_decoder.rb:25:in `decode_geo_request'
/opt/gitlab/embedded/service/gitlab-rails/lib/gitlab/geo/jwt_request_decoder.rb:13:in `decode'
/opt/gitlab/embedded/service/gitlab-rails/lib/api/geo.rb:97:in `authenticate_by_gitlab_geo_node_token!'
/opt/gitlab/embedded/service/gitlab-rails/lib/api/geo.rb:36:in `block (2 levels) in <class:Geo>'
...We should rescue this type of error and send an human readable error to the Health Status API.
Edited by Gabriel Mazetto