Merge branch 'master' of https://gitlab.com/gitlab-org/gitlab-ce into git-http-controller

6 files changed, 49 insertions, 7 deletions

diff --git a/config/gitlab.yml.example b/config/gitlab.yml.example
index 35c7c425a5a..d9c15f81404 100644
--- a/config/gitlab.yml.example
+++ b/config/gitlab.yml.example
@@ -46,6 +46,15 @@ production: &base
     #
     # relative_url_root: /gitlab
 
+    # Trusted Proxies
+    # Customize if you have GitLab behind a reverse proxy which is running on a different machine.
+    # Add the IP address for your reverse proxy to the list, otherwise users will appear signed in from that address.
+    trusted_proxies:
+      # Examples:
+      #- 192.168.1.0/24
+      #- 192.168.2.1
+      #- 2001:0db8::/32
+
     # Uncomment and customize if you can't use the default user to run GitLab (default: 'git')
     # user: git
 
@@ -155,7 +164,17 @@ production: &base
     # Flag stuck CI builds as failed
     stuck_ci_builds_worker:
       cron: "0 0 * * *"
+    # Periodically run 'git fsck' on all repositories. If started more than
+    # once per hour you will have concurrent 'git fsck' jobs.
+    repository_check_worker:
+      cron: "20 * * * *"
+    # Send admin emails once a day
+    admin_email_worker:
+      cron: "0 0 * * *"
 
+    # Remove outdated repository archives
+    repository_archive_cache_worker:
+      cron: "0 * * * *"
 
   #
   # 2. GitLab CI settings
@@ -304,6 +323,13 @@ production: &base
     # (default: false)
     auto_link_saml_user: false
 
+    # Set different Omniauth providers as external so that all users creating accounts
+    # via these providers will not be able to have access to internal projects. You
+    # will need to use the full name of the provider, like `google_oauth2` for Google.
+    # Refer to the examples below for the full names of the supported providers.
+    # (default: [])
+    external_providers: []
+
     ## Auth providers
     # Uncomment the following lines and fill in the data of the auth provider you want to use
     # If your favorite auth provider is not listed you can use others:
diff --git a/config/initializers/1_settings.rb b/config/initializers/1_settings.rb
index 72c4d8d61ce..10c25044b75 100644
--- a/config/initializers/1_settings.rb
+++ b/config/initializers/1_settings.rb
@@ -129,6 +129,7 @@ Settings['omniauth'] ||= Settingslogic.new({})
 Settings.omniauth['enabled']      = false if Settings.omniauth['enabled'].nil?
 Settings.omniauth['auto_sign_in_with_provider'] = false if Settings.omniauth['auto_sign_in_with_provider'].nil?
 Settings.omniauth['allow_single_sign_on'] = false if Settings.omniauth['allow_single_sign_on'].nil?
+Settings.omniauth['external_providers'] = [] if Settings.omniauth['external_providers'].nil?
 Settings.omniauth['block_auto_created_users'] = true if Settings.omniauth['block_auto_created_users'].nil?
 Settings.omniauth['auto_link_ldap_user'] = false if Settings.omniauth['auto_link_ldap_user'].nil?
 Settings.omniauth['auto_link_saml_user'] = false if Settings.omniauth['auto_link_saml_user'].nil?
@@ -190,6 +191,7 @@ Settings.gitlab.default_projects_features['visibility_level']    = Settings.send
 Settings.gitlab['repository_downloads_path'] = File.join(Settings.shared['path'], 'cache/archive') if Settings.gitlab['repository_downloads_path'].nil?
 Settings.gitlab['restricted_signup_domains'] ||= []
 Settings.gitlab['import_sources'] ||= ['github','bitbucket','gitlab','gitorious','google_code','fogbugz','git']
+Settings.gitlab['trusted_proxies'] ||= []
 
 
 #
@@ -239,7 +241,15 @@ Settings['cron_jobs'] ||= Settingslogic.new({})
 Settings.cron_jobs['stuck_ci_builds_worker'] ||= Settingslogic.new({})
 Settings.cron_jobs['stuck_ci_builds_worker']['cron'] ||= '0 0 * * *'
 Settings.cron_jobs['stuck_ci_builds_worker']['job_class'] = 'StuckCiBuildsWorker'
-
+Settings.cron_jobs['repository_check_worker'] ||= Settingslogic.new({})
+Settings.cron_jobs['repository_check_worker']['cron'] ||= '20 * * * *'
+Settings.cron_jobs['repository_check_worker']['job_class'] = 'RepositoryCheck::BatchWorker'
+Settings.cron_jobs['admin_email_worker'] ||= Settingslogic.new({})
+Settings.cron_jobs['admin_email_worker']['cron'] ||= '0 0 * * *'
+Settings.cron_jobs['admin_email_worker']['job_class'] = 'AdminEmailWorker'
+Settings.cron_jobs['repository_archive_cache_worker'] ||= Settingslogic.new({})
+Settings.cron_jobs['repository_archive_cache_worker']['cron'] ||= '0 * * * *'
+Settings.cron_jobs['repository_archive_cache_worker']['job_class'] = 'RepositoryArchiveCacheWorker'
 
 #
 # GitLab Shell
diff --git a/config/initializers/session_store.rb b/config/initializers/session_store.rb
index 70285255877..88cb859871c 100644
--- a/config/initializers/session_store.rb
+++ b/config/initializers/session_store.rb
@@ -14,7 +14,7 @@ if Rails.env.test?
   Gitlab::Application.config.session_store :cookie_store, key: "_gitlab_session"
 else
   redis_config = Gitlab::Redis.redis_store_options
-  redis_config[:namespace] = 'session:gitlab'
+  redis_config[:namespace] = Gitlab::Redis::SESSION_NAMESPACE
   
   Gitlab::Application.config.session_store(
     :redis_store, # Using the cookie_store would enable session replay attacks.
diff --git a/config/initializers/sidekiq.rb b/config/initializers/sidekiq.rb
index 9182d929809..f1eec674888 100644
--- a/config/initializers/sidekiq.rb
+++ b/config/initializers/sidekiq.rb
@@ -1,9 +1,7 @@
-SIDEKIQ_REDIS_NAMESPACE = 'resque:gitlab'
-
 Sidekiq.configure_server do |config|
   config.redis = {
     url: Gitlab::Redis.url,
-    namespace: SIDEKIQ_REDIS_NAMESPACE
+    namespace: Gitlab::Redis::SIDEKIQ_NAMESPACE
   }
 
   config.server_middleware do |chain|
@@ -30,6 +28,6 @@ end
 Sidekiq.configure_client do |config|
   config.redis = {
     url: Gitlab::Redis.url,
-    namespace: SIDEKIQ_REDIS_NAMESPACE
+    namespace: Gitlab::Redis::SIDEKIQ_NAMESPACE
   }
 end
diff --git a/config/initializers/trusted_proxies.rb b/config/initializers/trusted_proxies.rb
new file mode 100644
index 00000000000..b8cc025bae2
--- /dev/null
+++ b/config/initializers/trusted_proxies.rb
@@ -0,0 +1,2 @@
+Rails.application.config.action_dispatch.trusted_proxies =
+  [ '127.0.0.1', '::1' ] + Array(Gitlab.config.gitlab.trusted_proxies)
diff --git a/config/routes.rb b/config/routes.rb
index f8a8c9bc7b2..6e822b0d096 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -264,6 +264,7 @@ Rails.application.routes.draw do
 
         member do
           put :transfer
+          post :repository_check
         end
 
         resources :runner_projects
@@ -281,6 +282,7 @@ Rails.application.routes.draw do
     resource :application_settings, only: [:show, :update] do
       resources :services
       put :reset_runners_token
+      put :clear_repository_check_states
     end
 
     resources :labels
@@ -326,7 +328,7 @@ Rails.application.routes.draw do
         end
       end
       resource :preferences, only: [:show, :update]
-      resources :keys, except: [:new]
+      resources :keys
       resources :emails, only: [:index, :create, :destroy]
       resource :avatar, only: [:destroy]
       resource :two_factor_auth, only: [:new, :create, :destroy] do
@@ -406,6 +408,7 @@ Rails.application.routes.draw do
 
       resource :avatar, only: [:destroy]
       resources :milestones, constraints: { id: /[^\/]+/ }, only: [:index, :show, :update, :new, :create]
+      resource :notification_setting, only: [:update]
     end
   end
 
@@ -614,6 +617,7 @@ Rails.application.routes.draw do
 
         resources :forks, only: [:index, :new, :create]
         resource :import, only: [:new, :create, :show]
+        resource :notification_setting, only: [:update]
 
         resources :refs, only: [] do
           collection do
@@ -706,6 +710,8 @@ Rails.application.routes.draw do
         resources :issues, constraints: { id: /\d+/ } do
           member do
             post :toggle_subscription
+            get :referenced_merge_requests
+            get :related_branches
           end
           collection do
             post  :bulk_update