diff options
author | Jakub Jirutka <jakub@jirutka.cz> | 2015-02-16 13:16:26 +0100 |
---|---|---|
committer | Jakub Jirutka <jakub@jirutka.cz> | 2015-05-16 21:46:06 +0200 |
commit | ed3298fc019d224b9048901972ac03e5272a3b25 (patch) | |
tree | bbdaea24522778869f106fdfe99f691feb8ccbc7 | |
parent | 35729671fb3a123ddeb7b2b1cda446fd661bd4e6 (diff) | |
download | gitlab-ce-ed3298fc019d224b9048901972ac03e5272a3b25.tar.gz |
Allow to configure gitlab_shell_secret location
-rw-r--r-- | CHANGELOG | 1 | ||||
-rw-r--r-- | config/gitlab.yml.example | 4 | ||||
-rw-r--r-- | config/initializers/1_settings.rb | 1 | ||||
-rw-r--r-- | config/initializers/gitlab_shell_secret_token.rb | 8 | ||||
-rw-r--r-- | lib/api/helpers.rb | 2 | ||||
-rw-r--r-- | spec/requests/api/internal_spec.rb | 2 |
6 files changed, 12 insertions, 6 deletions
diff --git a/CHANGELOG b/CHANGELOG index ade877feb9a..5afd70a2f49 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -67,6 +67,7 @@ v 7.11.0 (unreleased) - Spin spinner icon next to "Checking for CI status..." on MR page. - Fix reference links in dashboard activity and ATOM feeds. - Ensure that the first added admin performs repository imports + - Allow to configure location of the `.gitlab_shell_secret` file. (Jakub Jirutka) v 7.10.2 - Fix CI links on MR page diff --git a/config/gitlab.yml.example b/config/gitlab.yml.example index bd2081688d1..fbc7f515f34 100644 --- a/config/gitlab.yml.example +++ b/config/gitlab.yml.example @@ -245,6 +245,10 @@ production: &base repos_path: /home/git/repositories/ hooks_path: /home/git/gitlab-shell/hooks/ + # File that contains the secret key for verifying access for gitlab-shell. + # Default is '.gitlab_shell_secret' relative to Rails.root (i.e. root of the GitLab app). + # secret_file: /home/git/gitlab/.gitlab_shell_secret + # Git over HTTP upload_pack: true receive_pack: true diff --git a/config/initializers/1_settings.rb b/config/initializers/1_settings.rb index e5ac66a2323..2351ef7b0ce 100644 --- a/config/initializers/1_settings.rb +++ b/config/initializers/1_settings.rb @@ -148,6 +148,7 @@ Settings.gravatar['ssl_url'] ||= 'https://secure.gravatar.com/avatar/%{hash}? Settings['gitlab_shell'] ||= Settingslogic.new({}) Settings.gitlab_shell['path'] ||= Settings.gitlab['user_home'] + '/gitlab-shell/' Settings.gitlab_shell['hooks_path'] ||= Settings.gitlab['user_home'] + '/gitlab-shell/hooks/' +Settings.gitlab_shell['secret_file'] ||= Rails.root.join('.gitlab_shell_secret') Settings.gitlab_shell['receive_pack'] = true if Settings.gitlab_shell['receive_pack'].nil? Settings.gitlab_shell['upload_pack'] = true if Settings.gitlab_shell['upload_pack'].nil? Settings.gitlab_shell['repos_path'] ||= Settings.gitlab['user_home'] + '/repositories/' diff --git a/config/initializers/gitlab_shell_secret_token.rb b/config/initializers/gitlab_shell_secret_token.rb index e7c9f0ba7c2..751fccead07 100644 --- a/config/initializers/gitlab_shell_secret_token.rb +++ b/config/initializers/gitlab_shell_secret_token.rb @@ -5,8 +5,7 @@ require 'securerandom' # Your secret key for verifying the gitlab_shell. -secret_file = Rails.root.join('.gitlab_shell_secret') -gitlab_shell_symlink = File.join(Gitlab.config.gitlab_shell.path, '.gitlab_shell_secret') +secret_file = Gitlab.config.gitlab_shell.secret_file unless File.exist? secret_file # Generate a new token of 16 random hexadecimal characters and store it in secret_file. @@ -14,6 +13,7 @@ unless File.exist? secret_file File.write(secret_file, token) end -if File.exist?(Gitlab.config.gitlab_shell.path) && !File.exist?(gitlab_shell_symlink) - FileUtils.symlink(secret_file, gitlab_shell_symlink) +link_path = File.join(Gitlab.config.gitlab_shell.path, '.gitlab_shell_secret') +if File.exist?(Gitlab.config.gitlab_shell.path) && !File.exist?(link_path) + FileUtils.symlink(secret_file, link_path) end diff --git a/lib/api/helpers.rb b/lib/api/helpers.rb index 85e9081680d..1ebf9a1f022 100644 --- a/lib/api/helpers.rb +++ b/lib/api/helpers.rb @@ -243,7 +243,7 @@ module API end def secret_token - File.read(Rails.root.join('.gitlab_shell_secret')).chomp + File.read(Gitlab.config.gitlab_shell.secret_file).chomp end def handle_member_errors(errors) diff --git a/spec/requests/api/internal_spec.rb b/spec/requests/api/internal_spec.rb index 4c7d15d6594..8d0ae1475c2 100644 --- a/spec/requests/api/internal_spec.rb +++ b/spec/requests/api/internal_spec.rb @@ -5,7 +5,7 @@ describe API::API, api: true do let(:user) { create(:user) } let(:key) { create(:key, user: user) } let(:project) { create(:project) } - let(:secret_token) { File.read Rails.root.join('.gitlab_shell_secret') } + let(:secret_token) { File.read Gitlab.config.gitlab_shell.secret_file } describe "GET /internal/check", no_db: true do it do |