diff options
author | Dennis Tang <dtang@gitlab.com> | 2018-06-19 15:27:39 +0000 |
---|---|---|
committer | Dennis Tang <dtang@gitlab.com> | 2018-06-19 15:27:39 +0000 |
commit | dc31dac219a2b7c4ceb390005d8b48dec8904a5b (patch) | |
tree | d3d4ffe58d1db802c941722bf209b243f6d90435 /config | |
parent | 3e5899ad9839d3ef8a920da8b6948ba4d0fa2c06 (diff) | |
parent | 9092e96abc165ccd76d5b54fcd507c8c989b99ec (diff) | |
download | gitlab-ce-dc31dac219a2b7c4ceb390005d8b48dec8904a5b.tar.gz |
Merge remote-tracking branch 'origin/master' into 43446-new-cluster-page-tabs
Diffstat (limited to 'config')
24 files changed, 187 insertions, 108 deletions
diff --git a/config/application.rb b/config/application.rb index 1b575f1325d..95f6d2c9af1 100644 --- a/config/application.rb +++ b/config/application.rb @@ -12,6 +12,7 @@ module Gitlab require_dependency Rails.root.join('lib/gitlab/redis/shared_state') require_dependency Rails.root.join('lib/gitlab/request_context') require_dependency Rails.root.join('lib/gitlab/current_settings') + require_dependency Rails.root.join('lib/gitlab/middleware/read_only') # Settings in config/environments/* take precedence over those specified here. # Application configuration should go into files in config/initializers @@ -70,6 +71,7 @@ module Gitlab # - Webhook URLs (:hook) # - Sentry DSN (:sentry_dsn) # - Deploy keys (:key) + # - File content from Web Editor (:content) config.filter_parameters += [/token$/, /password/, /secret/] config.filter_parameters += %i( certificate @@ -81,6 +83,7 @@ module Gitlab sentry_dsn trace variables + content ) # Enable escaping HTML in JSON. @@ -173,7 +176,7 @@ module Gitlab ENV['GIT_TERMINAL_PROMPT'] = '0' # Gitlab Read-only middleware support - config.middleware.insert_after ActionDispatch::Flash, '::Gitlab::Middleware::ReadOnly' + config.middleware.insert_after ActionDispatch::Flash, ::Gitlab::Middleware::ReadOnly config.generators do |g| g.factory_bot false diff --git a/config/dependency_decisions.yml b/config/dependency_decisions.yml index 6616b85129e..21c20cd5e93 100644 --- a/config/dependency_decisions.yml +++ b/config/dependency_decisions.yml @@ -534,3 +534,9 @@ :why: https://github.com/squaremo/bitsyntax-js/blob/master/LICENSE-MIT :versions: [] :when: 2018-02-20 22:20:25.958123000 Z +- - :approve + - "@webassemblyjs/ieee754" + - :who: Mike Greiling + :why: https://github.com/xtuc/webassemblyjs/blob/master/LICENSE + :versions: [] + :when: 2018-06-08 05:30:56.764116000 Z diff --git a/config/environments/test.rb b/config/environments/test.rb index 1849c984351..af1011a1ab1 100644 --- a/config/environments/test.rb +++ b/config/environments/test.rb @@ -1,7 +1,7 @@ Rails.application.configure do # Make sure the middleware is inserted first in middleware chain - config.middleware.insert_before('ActionDispatch::Static', 'Gitlab::Testing::RequestBlockerMiddleware') - config.middleware.insert_before('ActionDispatch::Static', 'Gitlab::Testing::RequestInspectorMiddleware') + config.middleware.insert_before(ActionDispatch::Static, Gitlab::Testing::RequestBlockerMiddleware) + config.middleware.insert_before(ActionDispatch::Static, Gitlab::Testing::RequestInspectorMiddleware) # Settings specified here will take precedence over those in config/application.rb diff --git a/config/gitlab.yml.example b/config/gitlab.yml.example index 7eb44b8059e..489dc8840e5 100644 --- a/config/gitlab.yml.example +++ b/config/gitlab.yml.example @@ -78,10 +78,15 @@ production: &base # username_changing_enabled: false # default: true - User can change her username/namespace ## Default theme ID ## 1 - Indigo - ## 2 - Dark - ## 3 - Light - ## 4 - Blue + ## 2 - Light Indigo + ## 3 - Blue + ## 4 - Light Blue ## 5 - Green + ## 6 - Light Green + ## 7 - Red + ## 8 - Light Red + ## 9 - Dark + ## 10 - Light # default_theme: 1 # default: 1 ## Automatic issue closing diff --git a/config/initializers/1_settings.rb b/config/initializers/1_settings.rb index a0e3ab0d343..12d09150127 100644 --- a/config/initializers/1_settings.rb +++ b/config/initializers/1_settings.rb @@ -289,6 +289,9 @@ Settings.cron_jobs['repository_archive_cache_worker']['job_class'] = 'Repository Settings.cron_jobs['import_export_project_cleanup_worker'] ||= Settingslogic.new({}) Settings.cron_jobs['import_export_project_cleanup_worker']['cron'] ||= '0 * * * *' Settings.cron_jobs['import_export_project_cleanup_worker']['job_class'] = 'ImportExportProjectCleanupWorker' +Settings.cron_jobs['ci_archive_traces_cron_worker'] ||= Settingslogic.new({}) +Settings.cron_jobs['ci_archive_traces_cron_worker']['cron'] ||= '17 * * * *' +Settings.cron_jobs['ci_archive_traces_cron_worker']['job_class'] = 'Ci::ArchiveTracesCronWorker' Settings.cron_jobs['requests_profiles_worker'] ||= Settingslogic.new({}) Settings.cron_jobs['requests_profiles_worker']['cron'] ||= '0 0 * * *' Settings.cron_jobs['requests_profiles_worker']['job_class'] = 'RequestsProfilesWorker' diff --git a/config/initializers/active_record_locking.rb b/config/initializers/active_record_locking.rb index 3e7111fd063..0861544c5a4 100644 --- a/config/initializers/active_record_locking.rb +++ b/config/initializers/active_record_locking.rb @@ -1,73 +1,80 @@ # rubocop:disable Lint/RescueException -# Remove this entire initializer when we are at rails 5.0. -# This file fixes the bug (see below) which has been fixed in the upstream. -unless Gitlab.rails5? - # This patch fixes https://github.com/rails/rails/issues/26024 - # TODO: Remove it when it's no longer necessary - - module ActiveRecord - module Locking - module Optimistic - # We overwrite this method because we don't want to have default value - # for newly created records - def _create_record(attribute_names = self.attribute_names, *) # :nodoc: - super - end +# Remove this monkey-patch when all lock_version values are converted from NULLs to zeros. +# See https://gitlab.com/gitlab-org/gitlab-ce/issues/25228 +module ActiveRecord + module Locking + module Optimistic + # We overwrite this method because we don't want to have default value + # for newly created records + def _create_record(attribute_names = self.attribute_names, *) # :nodoc: + super + end - def _update_record(attribute_names = self.attribute_names) #:nodoc: - return super unless locking_enabled? - return 0 if attribute_names.empty? + def _update_record(attribute_names = self.attribute_names) #:nodoc: + return super unless locking_enabled? + return 0 if attribute_names.empty? - lock_col = self.class.locking_column + lock_col = self.class.locking_column - previous_lock_value = send(lock_col).to_i # rubocop:disable GitlabSecurity/PublicSend + previous_lock_value = send(lock_col).to_i # rubocop:disable GitlabSecurity/PublicSend - # This line is added as a patch - previous_lock_value = nil if previous_lock_value == '0' || previous_lock_value == 0 + # This line is added as a patch + previous_lock_value = nil if previous_lock_value == '0' || previous_lock_value == 0 - increment_lock + increment_lock - attribute_names += [lock_col] - attribute_names.uniq! + attribute_names += [lock_col] + attribute_names.uniq! - begin - relation = self.class.unscoped + begin + relation = self.class.unscoped - affected_rows = relation.where( - self.class.primary_key => id, - lock_col => previous_lock_value - ).update_all( - attributes_for_update(attribute_names).map do |name| - [name, _read_attribute(name)] - end.to_h - ) + affected_rows = relation.where( + self.class.primary_key => id, + lock_col => previous_lock_value + ).update_all( + attributes_for_update(attribute_names).map do |name| + [name, _read_attribute(name)] + end.to_h + ) - unless affected_rows == 1 - raise ActiveRecord::StaleObjectError.new(self, "update") - end + unless affected_rows == 1 + raise ActiveRecord::StaleObjectError.new(self, "update") + end - affected_rows + affected_rows - # If something went wrong, revert the version. - rescue Exception - send(lock_col + '=', previous_lock_value) # rubocop:disable GitlabSecurity/PublicSend - raise - end + # If something went wrong, revert the version. + rescue Exception + send(lock_col + '=', previous_lock_value) # rubocop:disable GitlabSecurity/PublicSend + raise end + end - # This is patched because we need it to query `lock_version IS NULL` - # rather than `lock_version = 0` whenever lock_version is NULL. - def relation_for_destroy - return super unless locking_enabled? + # This is patched because we need it to query `lock_version IS NULL` + # rather than `lock_version = 0` whenever lock_version is NULL. + def relation_for_destroy + return super unless locking_enabled? - column_name = self.class.locking_column - super.where(self.class.arel_table[column_name].eq(self[column_name])) - end + column_name = self.class.locking_column + super.where(self.class.arel_table[column_name].eq(self[column_name])) end + end + + # This is patched because we want `lock_version` default to `NULL` + # rather than `0` + if Gitlab.rails5? + class LockingType + def deserialize(value) + super + end - # This is patched because we want `lock_version` default to `NULL` - # rather than `0` + def serialize(value) + super + end + end + else class LockingType < SimpleDelegator def type_cast_from_database(value) super diff --git a/config/initializers/active_record_migration.rb b/config/initializers/active_record_migration.rb new file mode 100644 index 00000000000..04c06be7834 --- /dev/null +++ b/config/initializers/active_record_migration.rb @@ -0,0 +1,10 @@ +require 'active_record/migration' + +module ActiveRecord + class Migration + # data_source_exists? is not available in 4.2.10, table_exists deprecated in 5.0 + def table_exists?(table_name) + ActiveRecord::Base.connection.data_source_exists?(table_name) + end + end +end diff --git a/config/initializers/artifacts_direct_upload_support.rb b/config/initializers/artifacts_direct_upload_support.rb deleted file mode 100644 index d2bc35ea613..00000000000 --- a/config/initializers/artifacts_direct_upload_support.rb +++ /dev/null @@ -1,7 +0,0 @@ -artifacts_object_store = Gitlab.config.artifacts.object_store - -if artifacts_object_store.enabled && - artifacts_object_store.direct_upload && - artifacts_object_store.connection&.provider.to_s != 'Google' - raise "Only 'Google' is supported as a object storage provider when 'direct_upload' of artifacts is used" -end diff --git a/config/initializers/direct_upload_support.rb b/config/initializers/direct_upload_support.rb new file mode 100644 index 00000000000..32fc8c8bc69 --- /dev/null +++ b/config/initializers/direct_upload_support.rb @@ -0,0 +1,19 @@ +class DirectUploadsValidator + SUPPORTED_DIRECT_UPLOAD_PROVIDERS = %w(Google AWS).freeze + + ValidationError = Class.new(StandardError) + + def verify!(object_store) + return unless object_store.enabled + return unless object_store.direct_upload + return if SUPPORTED_DIRECT_UPLOAD_PROVIDERS.include?(object_store.connection&.provider.to_s) + + raise ValidationError, "Only #{SUPPORTED_DIRECT_UPLOAD_PROVIDERS.join(',')} are supported as a object storage provider when 'direct_upload' is used" + end +end + +DirectUploadsValidator.new.tap do |validator| + [Gitlab.config.artifacts, Gitlab.config.uploads, Gitlab.config.lfs].each do |uploader| + validator.verify!(uploader.object_store) + end +end diff --git a/config/initializers/disable_email_interceptor.rb b/config/initializers/disable_email_interceptor.rb index c76a6b8b19f..e8770c8d460 100644 --- a/config/initializers/disable_email_interceptor.rb +++ b/config/initializers/disable_email_interceptor.rb @@ -1,2 +1,5 @@ # Interceptor in lib/disable_email_interceptor.rb -ActionMailer::Base.register_interceptor(DisableEmailInterceptor) unless Gitlab.config.gitlab.email_enabled +unless Gitlab.config.gitlab.email_enabled + ActionMailer::Base.register_interceptor(DisableEmailInterceptor) + ActionMailer::Base.logger = nil +end diff --git a/config/initializers/lograge.rb b/config/initializers/lograge.rb index 114c1cb512f..1cf8a24e98c 100644 --- a/config/initializers/lograge.rb +++ b/config/initializers/lograge.rb @@ -27,6 +27,7 @@ unless Sidekiq.server? gitaly_calls = Gitlab::GitalyClient.get_request_count payload[:gitaly_calls] = gitaly_calls if gitaly_calls > 0 + payload[:response] = event.payload[:response] if event.payload[:response] payload end diff --git a/config/initializers/mime_types.rb b/config/initializers/mime_types.rb index e9326653cbe..acbdf8de5a6 100644 --- a/config/initializers/mime_types.rb +++ b/config/initializers/mime_types.rb @@ -15,3 +15,5 @@ Mime::Type.register "video/ogg", :ogv Mime::Type.unregister :json Mime::Type.register 'application/json', :json, [LfsRequest::CONTENT_TYPE, 'application/json'] + +Mime::Type.register 'image/x-icon', :ico diff --git a/config/initializers/mini_magick.rb b/config/initializers/mini_magick.rb new file mode 100644 index 00000000000..db0e7bbaaa3 --- /dev/null +++ b/config/initializers/mini_magick.rb @@ -0,0 +1,3 @@ +MiniMagick.configure do |config| + config.cli = :graphicsmagick +end diff --git a/config/initializers/postgresql_opclasses_support.rb b/config/initializers/postgresql_opclasses_support.rb index c2f3023b330..7b8afc78817 100644 --- a/config/initializers/postgresql_opclasses_support.rb +++ b/config/initializers/postgresql_opclasses_support.rb @@ -41,7 +41,12 @@ module ActiveRecord # Abstract representation of an index definition on a table. Instances of # this type are typically created and returned by methods in database # adapters. e.g. ActiveRecord::ConnectionAdapters::AbstractMysqlAdapter#indexes - class IndexDefinition < Struct.new(:table, :name, :unique, :columns, :lengths, :orders, :where, :type, :using, :opclasses) #:nodoc: + attrs = [:table, :name, :unique, :columns, :lengths, :orders, :where, :type, :using, :opclasses] + + # In Rails 5 the second last attribute is newly `:comment` + attrs.insert(-2, :comment) if Gitlab.rails5? + + class IndexDefinition < Struct.new(*attrs) #:nodoc: end end end @@ -107,8 +112,15 @@ module ActiveRecord result.map do |row| index_name = row[0] - unique = row[1] == 't' + unique = if Gitlab.rails5? + row[1] + else + row[1] == 't' + end indkey = row[2].split(" ") + if Gitlab.rails5? + indkey = indkey.map(&:to_i) + end inddef = row[3] oid = row[4] diff --git a/config/initializers/rack_attack_global.rb b/config/initializers/rack_attack_global.rb index a90516eee7d..45963831c41 100644 --- a/config/initializers/rack_attack_global.rb +++ b/config/initializers/rack_attack_global.rb @@ -26,7 +26,7 @@ class Rack::Attack throttle('throttle_unauthenticated', Gitlab::Throttle.unauthenticated_options) do |req| Gitlab::Throttle.settings.throttle_unauthenticated_enabled && req.unauthenticated? && - !req.api_internal_request? && + !req.should_be_skipped? && req.ip end @@ -59,6 +59,10 @@ class Rack::Attack path =~ %r{^/api/v\d+/internal/} end + def should_be_skipped? + api_internal_request? + end + def web_request? !api_request? end diff --git a/config/locales/carrierwave.en.yml b/config/locales/carrierwave.en.yml new file mode 100644 index 00000000000..12619226460 --- /dev/null +++ b/config/locales/carrierwave.en.yml @@ -0,0 +1,14 @@ +en: + errors: + messages: + carrierwave_processing_error: failed to be processed + carrierwave_integrity_error: is not of an allowed file type + carrierwave_download_error: could not be downloaded + extension_whitelist_error: "You are not allowed to upload %{extension} files, allowed types: %{allowed_types}" + extension_blacklist_error: "You are not allowed to upload %{extension} files, prohibited types: %{prohibited_types}" + content_type_whitelist_error: "You are not allowed to upload %{content_type} files" + content_type_blacklist_error: "You are not allowed to upload %{content_type} files" + rmagick_processing_error: "Failed to manipulate with rmagick, maybe it is not an image?" + mini_magick_processing_error: "Failed to manipulate with MiniMagick, maybe it is not an image? Original Error: %{e}" + min_size_error: "File size should be greater than %{min_size}" + max_size_error: "File size should be less than %{max_size}" diff --git a/config/prometheus/additional_metrics.yml b/config/prometheus/additional_metrics.yml index 13732384953..c994bad7865 100644 --- a/config/prometheus/additional_metrics.yml +++ b/config/prometheus/additional_metrics.yml @@ -29,14 +29,14 @@ label: Pod average unit: ms - title: "HTTP Error Rate" - y_label: "HTTP 500 Errors / Sec" + y_label: "HTTP Errors" required_metrics: - nginx_upstream_responses_total weight: 1 queries: - - query_range: 'sum(rate(nginx_upstream_responses_total{status_code="5xx", upstream=~"%{kube_namespace}-%{ci_environment_slug}-.*"}[2m]))' - label: HTTP Errors - unit: "errors / sec" + - query_range: 'sum(rate(nginx_upstream_responses_total{status_code="5xx", upstream=~"%{kube_namespace}-%{ci_environment_slug}-.*"}[2m])) / sum(rate(nginx_upstream_responses_total{upstream=~"%{kube_namespace}-%{ci_environment_slug}-.*"}[2m])) * 100' + label: 5xx Errors + unit: "%" - group: Response metrics (HA Proxy) priority: 10 metrics: diff --git a/config/routes.rb b/config/routes.rb index 52726f94753..e0a9139b1b4 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -11,6 +11,12 @@ Rails.application.routes.draw do post :toggle_award_emoji, on: :member end + favicon_redirect = redirect do |_params, _request| + ActionController::Base.helpers.asset_url(Gitlab::Favicon.main) + end + get 'favicon.png', to: favicon_redirect + get 'favicon.ico', to: favicon_redirect + draw :sherlock draw :development draw :ci diff --git a/config/routes/admin.rb b/config/routes/admin.rb index 3cca1210e39..ff27ceb50dc 100644 --- a/config/routes/admin.rb +++ b/config/routes/admin.rb @@ -102,6 +102,7 @@ namespace :admin do get :preview_sign_in delete :logo delete :header_logos + delete :favicon end end diff --git a/config/routes/api.rb b/config/routes/api.rb index ce7a7c88900..b1aebf4d606 100644 --- a/config/routes/api.rb +++ b/config/routes/api.rb @@ -1,2 +1,7 @@ +constraints(::Constraints::FeatureConstrainer.new(:graphql)) do + post '/api/graphql', to: 'graphql#execute' + mount GraphiQL::Rails::Engine, at: '/-/graphql-explorer', graphql_path: '/api/graphql' +end + API::API.logger Rails.logger mount API::API => '/' diff --git a/config/routes/uploads.rb b/config/routes/uploads.rb index 6370645bcb9..6becadd57ae 100644 --- a/config/routes/uploads.rb +++ b/config/routes/uploads.rb @@ -17,7 +17,7 @@ scope path: :uploads do # Appearance get "-/system/:model/:mounted_as/:id/:filename", to: "uploads#show", - constraints: { model: /appearance/, mounted_as: /logo|header_logo/, filename: /.+/ } + constraints: { model: /appearance/, mounted_as: /logo|header_logo|favicon/, filename: /.+/ } # Project markdown uploads get ":namespace_id/:project_id/:secret/:filename", diff --git a/config/routes/wiki.rb b/config/routes/wiki.rb index c2da84ff6f2..cd3828b743c 100644 --- a/config/routes/wiki.rb +++ b/config/routes/wiki.rb @@ -6,7 +6,7 @@ scope(controller: :wikis) do post '/', to: 'wikis#create' end - scope(path: 'wikis/*id', as: :wiki, format: false) do + scope(path: 'wikis/*id', as: :wiki, format: false, defaults: { format: :html }) do get :edit get :history post :preview_markdown diff --git a/config/unicorn.rb.example b/config/unicorn.rb.example index cc10da2bd88..220a0191160 100644 --- a/config/unicorn.rb.example +++ b/config/unicorn.rb.example @@ -81,6 +81,17 @@ GC.respond_to?(:copy_on_write_friendly=) and # fast LAN. check_client_connection false +before_exec do |server| + # The following is necessary to ensure stale Prometheus metrics don't + # accumulate over time. It needs to be done in this hook as opposed to + # inside an init script to ensure metrics files aren't deleted after new + # unicorn workers start after a SIGUSR2 is received. + if ENV['prometheus_multiproc_dir'] + old_metrics = Dir[File.join(ENV['prometheus_multiproc_dir'], '*.db')] + FileUtils.rm_rf(old_metrics) + end +end + before_fork do |server, worker| # the following is highly recommended for Rails + "preload_app true" # as there's no need for the master process to hold a connection diff --git a/config/webpack.config.js b/config/webpack.config.js index d6ab32972fb..b1e378f6c27 100644 --- a/config/webpack.config.js +++ b/config/webpack.config.js @@ -1,11 +1,10 @@ -const fs = require('fs'); const path = require('path'); const glob = require('glob'); const webpack = require('webpack'); const VueLoaderPlugin = require('vue-loader/lib/plugin'); const StatsWriterPlugin = require('webpack-stats-plugin').StatsWriterPlugin; -const CopyWebpackPlugin = require('copy-webpack-plugin'); const CompressionPlugin = require('compression-webpack-plugin'); +const MonacoWebpackPlugin = require('monaco-editor-webpack-plugin'); const BundleAnalyzerPlugin = require('webpack-bundle-analyzer').BundleAnalyzerPlugin; const ROOT_PATH = path.resolve(__dirname, '..'); @@ -168,15 +167,7 @@ module.exports = { name: '[name].[hash:8].[ext]', }, }, - { - test: /monaco-editor\/\w+\/vs\/loader\.js$/, - use: [ - { loader: 'exports-loader', options: 'l.global' }, - { loader: 'imports-loader', options: 'l=>{},this=>l,AMDLoader=>this,module=>undefined' }, - ], - }, ], - noParse: [/monaco-editor\/\w+\/vs\//], }, optimization: { @@ -226,6 +217,9 @@ module.exports = { // enable vue-loader to use existing loader rules for other module types new VueLoaderPlugin(), + // automatically configure monaco editor web workers + new MonacoWebpackPlugin(), + // prevent pikaday from including moment.js new webpack.IgnorePlugin(/moment/, /pikaday/), @@ -235,29 +229,6 @@ module.exports = { jQuery: 'jquery', }), - // copy pre-compiled vendor libraries verbatim - new CopyWebpackPlugin([ - { - from: path.join( - ROOT_PATH, - `node_modules/monaco-editor/${IS_PRODUCTION ? 'min' : 'dev'}/vs` - ), - to: 'monaco-editor/vs', - transform: function(content, path) { - if (/\.js$/.test(path) && !/worker/i.test(path) && !/typescript/i.test(path)) { - return ( - '(function(){\n' + - 'var define = this.define, require = this.require;\n' + - 'window.define = define; window.require = require;\n' + - content + - '\n}.call(window.__monaco_context__ || (window.__monaco_context__ = {})));' - ); - } - return content; - }, - }, - ]), - // compression can require a lot of compute time and is disabled in CI IS_PRODUCTION && !NO_COMPRESSION && new CompressionPlugin(), |