From 4f3a1db2b6688b0ae4a63ea7a7d56f6a25dcd955 Mon Sep 17 00:00:00 2001
From: Sheogorath <sheogorath@shivering-isles.com>
Date: Fri, 24 Jun 2022 17:54:15 +0200
Subject: [PATCH] fix(gitlab): Add autolink configuration

This patch adds the missing autolink configuration to gitlab, which
allows users to be linked back to their account based on the email
address.

This is required since switching from SAML to OIDC disabled the link
between the accounts.

References:
https://docs.gitlab.com/ee/integration/omniauth.html#link-existing-users-to-omniauth-users
---
 roles/gitlab/templates/docker-compose.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/roles/gitlab/templates/docker-compose.yml b/roles/gitlab/templates/docker-compose.yml
index faf75686..1e7c711d 100644
--- a/roles/gitlab/templates/docker-compose.yml
+++ b/roles/gitlab/templates/docker-compose.yml
@@ -123,6 +123,7 @@ services:
         gitlab_rails['omniauth_auto_sign_in_with_provider'] = 'openid_connect'
         gitlab_rails['omniauth_sync_profile_attributes'] = ['name', 'email']
         gitlab_rails['omniauth_allow_bypass_two_factor'] = ['openid_connect']
+        gitlab_rails['omniauth_auto_link_user'] = ["openid_connect"]
         gitlab_rails['omniauth_providers'] = [
           {
             name: 'openid_connect',
-- 
GitLab