Merge commit 'b39d0c318921bae2e3a11df9ee6828291dad9864' into object-storage-ee-to-ce-backport

author: Kamil Trzciński <ayufan@ayufan.eu> 2018-02-28 20:06:12 +0100
committer: Kamil Trzciński <ayufan@ayufan.eu> 2018-02-28 20:06:12 +0100
commit: 5a69b51bc870f5b42ee3406ba77de02f44ef8d32 (patch)
tree: c2a6e5b2c171826236b5d0f5e1ed8d02bd1554d2 /config/initializers
parent: b1f8d8a1739ff48412c8205f0007a2af8399d097 (diff)
parent: b39d0c318921bae2e3a11df9ee6828291dad9864 (diff)
download: gitlab-ce-5a69b51bc870f5b42ee3406ba77de02f44ef8d32.tar.gz
16 files changed, 114 insertions, 45 deletions
diff --git a/config/initializers/0_acts_as_taggable.rb b/config/initializers/0_acts_as_taggable.rb
index 54e9fcc31db..50dc47673ab 100644
--- a/config/initializers/0_acts_as_taggable.rb
+++ b/config/initializers/0_acts_as_taggable.rb
@@ -5,5 +5,5 @@ ActsAsTaggableOn.strict_case_match = true
 ActsAsTaggableOn.tags_counter = false
 
 # validate that counter cache is disabled
-raise "Counter cache is not disabled" if 
+raise "Counter cache is not disabled" if
     ActsAsTaggableOn::Tagging.reflections["tag"].options[:counter_cache]
diff --git a/config/initializers/0_inflections.rb b/config/initializers/0_inflections.rb
index f977104ff9d..1ad9ddca877 100644
--- a/config/initializers/0_inflections.rb
+++ b/config/initializers/0_inflections.rb
@@ -10,5 +10,10 @@
 # end
 #
 ActiveSupport::Inflector.inflections do |inflect|
-  inflect.uncountable %w(award_emoji project_statistics system_note_metadata)
+  inflect.uncountable %w(
+    award_emoji
+    project_statistics
+    system_note_metadata
+    project_auto_devops
+  )
 end
diff --git a/config/initializers/1_settings.rb b/config/initializers/1_settings.rb
index d804fb16167..5729206774e 100644
--- a/config/initializers/1_settings.rb
+++ b/config/initializers/1_settings.rb
@@ -1,3 +1,5 @@
+# rubocop:disable GitlabSecurity/PublicSend
+
 require_dependency Rails.root.join('lib/gitlab') # Load Gitlab as soon as possible
 
 class Settings < Settingslogic
@@ -71,7 +73,7 @@ class Settings < Settingslogic
 
     # check that `current` (string or integer) is a contant in `modul`.
     def verify_constant(modul, current, default)
-      constant = modul.constants.find{ |name| modul.const_get(name) == current }
+      constant = modul.constants.find { |name| modul.const_get(name) == current }
       value = constant.nil? ? default : modul.const_get(constant)
       if current.is_a? String
         value = modul.const_get(current.upcase) rescue default
@@ -137,6 +139,8 @@ if Settings.ldap['enabled'] || Rails.env.test?
   end
 
   Settings.ldap['servers'].each do |key, server|
+    server = Settingslogic.new(server)
+
     server['label'] ||= 'LDAP'
     server['timeout'] ||= 10.seconds
     server['block_auto_created_users'] = false if server['block_auto_created_users'].nil?
@@ -151,18 +155,13 @@ if Settings.ldap['enabled'] || Rails.env.test?
     server['encryption'] = 'simple_tls' if server['encryption'] == 'ssl'
     server['encryption'] = 'start_tls' if server['encryption'] == 'tls'
 
-    # Certificates are not verified for backwards compatibility.
-    # This default should be flipped to true in 9.5.
-    if server['verify_certificates'].nil?
-      server['verify_certificates'] = false
-
-      message = <<-MSG.strip_heredoc
-        LDAP SSL certificate verification is disabled for backwards-compatibility.
-        Please add the "verify_certificates" option to gitlab.yml for each LDAP
-        server. Certificate verification will be enabled by default in GitLab 9.5.
-      MSG
-      Rails.logger.warn(message)
-    end
+    # Certificate verification was added in 9.4.2, and defaulted to false for
+    # backwards-compatibility.
+    #
+    # Since GitLab 10.0, verify_certificates defaults to true for security.
+    server['verify_certificates'] = true if server['verify_certificates'].nil?
+
+    Settings.ldap['servers'][key] = server
   end
 end
 
@@ -174,7 +173,20 @@ Settings.omniauth['external_providers'] = [] if Settings.omniauth['external_prov
 Settings.omniauth['block_auto_created_users'] = true if Settings.omniauth['block_auto_created_users'].nil?
 Settings.omniauth['auto_link_ldap_user'] = false if Settings.omniauth['auto_link_ldap_user'].nil?
 Settings.omniauth['auto_link_saml_user'] = false if Settings.omniauth['auto_link_saml_user'].nil?
-Settings.omniauth['sync_email_from_provider'] ||= nil
+
+Settings.omniauth['sync_profile_from_provider'] = false if Settings.omniauth['sync_profile_from_provider'].nil?
+Settings.omniauth['sync_profile_attributes'] = ['email'] if Settings.omniauth['sync_profile_attributes'].nil?
+
+# Handle backwards compatibility with merge request 11268
+if Settings.omniauth['sync_email_from_provider']
+  if Settings.omniauth['sync_profile_from_provider'].is_a?(Array)
+    Settings.omniauth['sync_profile_from_provider'] |= [Settings.omniauth['sync_email_from_provider']]
+  elsif !Settings.omniauth['sync_profile_from_provider']
+    Settings.omniauth['sync_profile_from_provider'] = [Settings.omniauth['sync_email_from_provider']]
+  end
+
+  Settings.omniauth['sync_profile_attributes'] |= ['email'] unless Settings.omniauth['sync_profile_attributes'] == true
+end
 
 Settings.omniauth['providers'] ||= []
 Settings.omniauth['cas3'] ||= Settingslogic.new({})
@@ -220,6 +232,7 @@ Settings['gitlab'] ||= Settingslogic.new({})
 Settings.gitlab['default_projects_limit'] ||= 100000
 Settings.gitlab['default_branch_protection'] ||= 2
 Settings.gitlab['default_can_create_group'] = true if Settings.gitlab['default_can_create_group'].nil?
+Settings.gitlab['default_theme'] = Gitlab::Themes::APPLICATION_DEFAULT if Settings.gitlab['default_theme'].nil?
 Settings.gitlab['host']       ||= ENV['GITLAB_HOST'] || 'localhost'
 Settings.gitlab['ssh_host']   ||= Settings.gitlab.host
 Settings.gitlab['https']        = false if Settings.gitlab['https'].nil?
@@ -440,7 +453,9 @@ unless Settings.repositories.storages['default']
   Settings.repositories.storages['default']['path'] ||= Settings.gitlab['user_home'] + '/repositories/'
 end
 
-Settings.repositories.storages.values.each do |storage|
+Settings.repositories.storages.each do |key, storage|
+  storage = Settingslogic.new(storage)
+
   # Expand relative paths
   storage['path'] = Settings.absolute(storage['path'])
   # Set failure defaults
@@ -454,6 +469,8 @@ Settings.repositories.storages.values.each do |storage|
   storage['failure_reset_time'] = storage['failure_reset_time'].to_i
   # We might want to have a timeout shorter than 1 second.
   storage['storage_timeout'] = storage['storage_timeout'].to_f
+
+  Settings.repositories.storages[key] = storage
 end
 
 #
diff --git a/config/initializers/6_validations.rb b/config/initializers/6_validations.rb
index 92ce4dd03cd..f8e67ce04c9 100644
--- a/config/initializers/6_validations.rb
+++ b/config/initializers/6_validations.rb
@@ -37,12 +37,12 @@ def validate_storages_config
       storage_validation_error("#{name} is not a valid storage, because it has no `path` key. Refer to gitlab.yml.example for an updated example")
     end
 
-    %w(failure_count_threshold failure_wait_time failure_reset_time storage_timeout).each do |setting|
+    %w(failure_count_threshold failure_reset_time storage_timeout).each do |setting|
       # Falling back to the defaults is fine!
       next if repository_storage[setting].nil?
 
       unless repository_storage[setting].to_f > 0
-        storage_validation_error("#{setting}, for storage `#{name}` needs to be greater than 0")
+        storage_validation_error("`#{setting}` for storage `#{name}` needs to be greater than 0")
       end
     end
   end
diff --git a/config/initializers/7_prometheus_metrics.rb b/config/initializers/7_prometheus_metrics.rb
index 54c797e0714..31839297523 100644
--- a/config/initializers/7_prometheus_metrics.rb
+++ b/config/initializers/7_prometheus_metrics.rb
@@ -1,4 +1,5 @@
 require 'prometheus/client'
+require 'prometheus/client/support/unicorn'
 
 Prometheus::Client.configure do |config|
   config.logger = Rails.logger
@@ -9,6 +10,8 @@ Prometheus::Client.configure do |config|
   if Rails.env.development? || Rails.env.test?
     config.multiprocess_files_dir ||= Rails.root.join('tmp/prometheus_multiproc_dir')
   end
+
+  config.pid_provider = Prometheus::Client::Support::Unicorn.method(:worker_pid_provider)
 end
 
 Sidekiq.configure_server do |config|
diff --git a/config/initializers/8_metrics.rb b/config/initializers/8_metrics.rb
index 2aeb94d47cd..e1a59d8c152 100644
--- a/config/initializers/8_metrics.rb
+++ b/config/initializers/8_metrics.rb
@@ -114,11 +114,12 @@ def instrument_classes(instrumentation)
   # This is a Rails scope so we have to instrument it manually.
   instrumentation.instrument_method(Project, :visible_to_user)
 
-  # Needed for https://gitlab.com/gitlab-org/gitlab-ce/issues/34509
-  instrumentation.instrument_method(MarkupHelper, :link_to_gfm)
-
   # Needed for https://gitlab.com/gitlab-org/gitlab-ce/issues/30224#note_32306159
   instrumentation.instrument_instance_method(MergeRequestDiff, :load_commits)
+
+  # Needed for https://gitlab.com/gitlab-org/gitlab-ce/issues/36061
+  instrumentation.instrument_instance_method(MergeRequest, :ensure_ref_fetched)
+  instrumentation.instrument_instance_method(MergeRequest, :fetch_ref)
 end
 # rubocop:enable Metrics/AbcSize
 
diff --git a/config/initializers/active_record_array_type_casting.rb b/config/initializers/active_record_array_type_casting.rb
new file mode 100644
index 00000000000..d94d592add6
--- /dev/null
+++ b/config/initializers/active_record_array_type_casting.rb
@@ -0,0 +1,20 @@
+module ActiveRecord
+  class PredicateBuilder
+    class ArrayHandler
+      module TypeCasting
+        def call(attribute, value)
+          # This is necessary because by default ActiveRecord does not respect
+          # custom type definitions (like our `ShaAttribute`) when providing an
+          # array in `where`, like in `where(commit_sha: [sha1, sha2, sha3])`.
+          model = attribute.relation&.engine
+          type = model.user_provided_columns[attribute.name] if model
+          value = value.map { |value| type.type_cast_for_database(value) } if type
+
+          super(attribute, value)
+        end
+      end
+
+      prepend TypeCasting
+    end
+  end
+end
diff --git a/config/initializers/active_record_locking.rb b/config/initializers/active_record_locking.rb
index 9266ff0f615..150aaa2a8c2 100644
--- a/config/initializers/active_record_locking.rb
+++ b/config/initializers/active_record_locking.rb
@@ -18,7 +18,7 @@ module ActiveRecord
 
         lock_col = self.class.locking_column
 
-        previous_lock_value = send(lock_col).to_i
+        previous_lock_value = send(lock_col).to_i # rubocop:disable GitlabSecurity/PublicSend
 
         # This line is added as a patch
         previous_lock_value = nil if previous_lock_value == '0' || previous_lock_value == 0
@@ -48,7 +48,7 @@ module ActiveRecord
 
         # If something went wrong, revert the version.
         rescue Exception
-          send(lock_col + '=', previous_lock_value)
+          send(lock_col + '=', previous_lock_value)  # rubocop:disable GitlabSecurity/PublicSend
           raise
         end
       end
diff --git a/config/initializers/active_record_mysql_timestamp.rb b/config/initializers/active_record_mysql_timestamp.rb
new file mode 100644
index 00000000000..af74c4ff6fb
--- /dev/null
+++ b/config/initializers/active_record_mysql_timestamp.rb
@@ -0,0 +1,30 @@
+# Make sure that MySQL won't try to use CURRENT_TIMESTAMP when the timestamp
+# column is NOT NULL. See https://gitlab.com/gitlab-org/gitlab-ce/issues/36405
+# And also: https://bugs.mysql.com/bug.php?id=75098
+# This patch was based on:
+# https://github.com/rails/rails/blob/15ef55efb591e5379486ccf53dd3e13f416564f6/activerecord/lib/active_record/connection_adapters/mysql/schema_creation.rb#L34-L36
+
+if Gitlab::Database.mysql?
+  require 'active_record/connection_adapters/abstract/schema_creation'
+
+  module MySQLTimestampFix
+    def add_column_options!(sql, options)
+      # By default, TIMESTAMP columns are NOT NULL, cannot contain NULL values,
+      # and assigning NULL assigns the current timestamp. To permit a TIMESTAMP
+      # column to contain NULL, explicitly declare it with the NULL attribute.
+      # See http://dev.mysql.com/doc/refman/5.7/en/timestamp-initialization.html
+      if sql.end_with?('timestamp') && !options[:primary_key]
+        if options[:null] != false
+          sql << ' NULL'
+        elsif options[:column].default.nil?
+          sql << ' DEFAULT 0'
+        end
+      end
+
+      super
+    end
+  end
+
+  ActiveRecord::ConnectionAdapters::AbstractAdapter::SchemaCreation
+    .prepend(MySQLTimestampFix)
+end
diff --git a/config/initializers/fast_gettext.rb b/config/initializers/fast_gettext.rb
index eb589ecdb52..fd0167aa476 100644
--- a/config/initializers/fast_gettext.rb
+++ b/config/initializers/fast_gettext.rb
@@ -1,4 +1,7 @@
-FastGettext.add_text_domain 'gitlab', path: File.join(Rails.root, 'locale'), type: :po
+FastGettext.add_text_domain 'gitlab',
+                            path: File.join(Rails.root, 'locale'),
+                            type: :po,
+                            ignore_fuzzy: true
 FastGettext.default_text_domain = 'gitlab'
 FastGettext.default_available_locales = Gitlab::I18n.available_locales
 FastGettext.default_locale = :en
diff --git a/config/initializers/omniauth.rb b/config/initializers/omniauth.rb
index 56c279ffcf4..fddb018e948 100644
--- a/config/initializers/omniauth.rb
+++ b/config/initializers/omniauth.rb
@@ -6,12 +6,6 @@ if Gitlab::LDAP::Config.enabled?
       const_set(server['provider_class'], Class.new(LDAP))
     end
   end
-
-  OmniauthCallbacksController.class_eval do
-    Gitlab::LDAP::Config.available_servers.each do |server|
-      alias_method server['provider_name'], :ldap
-    end
-  end
 end
 
 OmniAuth.config.full_host = Settings.gitlab['base_url']
diff --git a/config/initializers/sentry.rb b/config/initializers/sentry.rb
index 6b0cff75653..62d0967009a 100644
--- a/config/initializers/sentry.rb
+++ b/config/initializers/sentry.rb
@@ -1,19 +1,18 @@
 # Be sure to restart your server when you modify this file.
 
 require 'gitlab/current_settings'
-include Gitlab::CurrentSettings
 
 if Rails.env.production?
   # allow it to fail: it may do so when create_from_defaults is executed before migrations are actually done
   begin
-    sentry_enabled = current_application_settings.sentry_enabled
+    sentry_enabled = Gitlab::CurrentSettings.current_application_settings.sentry_enabled
   rescue
     sentry_enabled = false
   end
 
   if sentry_enabled
     Raven.configure do |config|
-      config.dsn = current_application_settings.sentry_dsn
+      config.dsn = Gitlab::CurrentSettings.current_application_settings.sentry_dsn
       config.release = Gitlab::REVISION
 
       # Sanitize fields based on those sanitized from Rails.
diff --git a/config/initializers/session_store.rb b/config/initializers/session_store.rb
index e8213ac8ba4..f2fde1e0048 100644
--- a/config/initializers/session_store.rb
+++ b/config/initializers/session_store.rb
@@ -1,11 +1,10 @@
 # Be sure to restart your server when you modify this file.
 
 require 'gitlab/current_settings'
-include Gitlab::CurrentSettings
 
 # allow it to fail: it may do so when create_from_defaults is executed before migrations are actually done
 begin
-  Settings.gitlab['session_expire_delay'] = current_application_settings.session_expire_delay || 10080
+  Settings.gitlab['session_expire_delay'] = Gitlab::CurrentSettings.current_application_settings.session_expire_delay || 10080
 rescue
   Settings.gitlab['session_expire_delay'] ||= 10080
 end
diff --git a/config/initializers/static_files.rb b/config/initializers/static_files.rb
index 9ed96ddb0b4..943e01f1496 100644
--- a/config/initializers/static_files.rb
+++ b/config/initializers/static_files.rb
@@ -1,15 +1,15 @@
 app = Rails.application
 
 if app.config.serve_static_files
-  # The `ActionDispatch::Static` middleware intercepts requests for static files 
-  # by checking if they exist in the `/public` directory. 
+  # The `ActionDispatch::Static` middleware intercepts requests for static files
+  # by checking if they exist in the `/public` directory.
   # We're replacing it with our `Gitlab::Middleware::Static` that does the same,
   # except ignoring `/uploads`, letting those go through to the GitLab Rails app.
 
   app.config.middleware.swap(
-    ActionDispatch::Static, 
-    Gitlab::Middleware::Static, 
-    app.paths["public"].first, 
+    ActionDispatch::Static,
+    Gitlab::Middleware::Static,
+    app.paths["public"].first,
     app.config.static_cache_control
   )
 
diff --git a/config/initializers/trusted_proxies.rb b/config/initializers/trusted_proxies.rb
index fc4f02453d7..0c32528311e 100644
--- a/config/initializers/trusted_proxies.rb
+++ b/config/initializers/trusted_proxies.rb
@@ -2,7 +2,7 @@
 # as the ActionDispatch::Request object. This is necessary for libraries
 # like rack_attack where they don't use ActionDispatch, and we want them
 # to block/throttle requests on private networks.
-# Rack Attack specific issue: https://github.com/kickstarter/rack-attack/issues/145 
+# Rack Attack specific issue: https://github.com/kickstarter/rack-attack/issues/145
 module Rack
   class Request
     def trusted_proxy?(ip)
diff --git a/config/initializers/workhorse_multipart.rb b/config/initializers/workhorse_multipart.rb
index 064e5964f09..4196e3a8f61 100644
--- a/config/initializers/workhorse_multipart.rb
+++ b/config/initializers/workhorse_multipart.rb
@@ -10,10 +10,8 @@ end
 #
 module Gitlab
   module StrongParameterScalars
-    GITLAB_PERMITTED_SCALAR_TYPES = [::UploadedFile].freeze
-
     def permitted_scalar?(value)
-      super || GITLAB_PERMITTED_SCALAR_TYPES.any? { |type| value.is_a?(type) }
+      super || value.is_a?(::UploadedFile)
     end
   end
 end
author	Kamil Trzciński <ayufan@ayufan.eu>	2018-02-28 20:06:12 +0100
committer	Kamil Trzciński <ayufan@ayufan.eu>	2018-02-28 20:06:12 +0100
commit	5a69b51bc870f5b42ee3406ba77de02f44ef8d32 (patch)
tree	c2a6e5b2c171826236b5d0f5e1ed8d02bd1554d2 /config/initializers
parent	b1f8d8a1739ff48412c8205f0007a2af8399d097 (diff)
parent	b39d0c318921bae2e3a11df9ee6828291dad9864 (diff)
download	gitlab-ce-5a69b51bc870f5b42ee3406ba77de02f44ef8d32.tar.gz