After my latest update to Gitlab (to version 10.7.3 ee), I found my webhooks on several of my repositories stopped working. When I’d manually test them from the Gitlab Interface, I got a generic 500 error:
I figured this had something to do with the recent update, so I dug into the logs. I found the issue in /var/log/gitlab/gitlab-rails/production.log:
Gitlab::HTTP::BlockedUrlError (URL ‘https://myserver.domain.com:8170/code-manager/v1/webhook?type=github&token=blahblahblahblah’ is blocked: Requests to the local network
are not allowed):
lib/gitlab/proxy_http_connection_adapter.rb:17:in `rescue in connection’
lib/gitlab/proxy_http_connection_adapter.rb:14:in `connection’
app/services/web_hook_service.rb:73:in `make_request’
app/services/web_hook_service.rb:26:in `execute’
app/models/hooks/web_hook.rb:10:in `execute’
app/services/test_hooks/base_service.rb:22:in `block in execute’
app/services/test_hooks/base_service.rb:19:in `catch’
app/services/test_hooks/base_service.rb:19:in `execute’
app/controllers/projects/hooks_controller.rb:41:in `test’
lib/gitlab/i18n.rb:50:in `with_locale’
lib/gitlab/i18n.rb:56:in `with_user_locale’
app/controllers/application_controller.rb:334:in `set_locale’
lib/gitlab/middleware/multipart.rb:95:in `call’
lib/gitlab/request_profiler/middleware.rb:14:in `call’
ee/lib/gitlab/jira/middleware.rb:15:in `call’
lib/gitlab/middleware/go.rb:17:in `call’
lib/gitlab/etag_caching/middleware.rb:11:in `call’
lib/gitlab/middleware/read_only/controller.rb:28:in `call’
lib/gitlab/middleware/read_only.rb:16:in `call’
lib/gitlab/request_context.rb:18:in `call’
lib/gitlab/metrics/requests_rack_middleware.rb:27:in `call’
lib/gitlab/middleware/release_env.rb:10:in `call’
The whole “requests to the local network are not allowed” thing was new to me, so I found this:
https://docs.gitlab.com/ee/user/project/integrations/webhooks.html
The comments at the bottom showed me the way. THere is a new setting you have to enable:
- Log into Gitlab
- Go to the admin area
- Go to Settings
- Go to Outbound Requests
- Click the “Allow requests to the local network from hooks and services” button.
- Save the changes
Viola! It works now.