diff options
| author | Kamil Trzciński <ayufan@ayufan.eu> | 2018-02-28 20:06:12 +0100 |
|---|---|---|
| committer | Kamil Trzciński <ayufan@ayufan.eu> | 2018-02-28 20:06:12 +0100 |
| commit | 5a69b51bc870f5b42ee3406ba77de02f44ef8d32 (patch) | |
| tree | c2a6e5b2c171826236b5d0f5e1ed8d02bd1554d2 /config | |
| parent | b1f8d8a1739ff48412c8205f0007a2af8399d097 (diff) | |
| parent | b39d0c318921bae2e3a11df9ee6828291dad9864 (diff) | |
| download | gitlab-ce-5a69b51bc870f5b42ee3406ba77de02f44ef8d32.tar.gz | |
Merge commit 'b39d0c318921bae2e3a11df9ee6828291dad9864' into object-storage-ee-to-ce-backport
Diffstat (limited to 'config')
28 files changed, 224 insertions, 97 deletions
diff --git a/config/application.rb b/config/application.rb index 47887bf8596..32a290f2002 100644 --- a/config/application.rb +++ b/config/application.rb @@ -51,31 +51,24 @@ module Gitlab # Configure sensitive parameters which will be filtered from the log file. # # Parameters filtered: - # - Password (:password, :password_confirmation) - # - Private tokens + # - Any parameter ending with `_token` + # - Any parameter containing `password` + # - Any parameter containing `secret` # - Two-factor tokens (:otp_attempt) # - Repo/Project Import URLs (:import_url) # - Build variables (:variables) # - GitLab Pages SSL cert/key info (:certificate, :encrypted_key) # - Webhook URLs (:hook) - # - GitLab-shell secret token (:secret_token) # - Sentry DSN (:sentry_dsn) # - Deploy keys (:key) + config.filter_parameters += [/_token$/, /password/, /secret/] config.filter_parameters += %i( - authentication_token certificate encrypted_key hook import_url - incoming_email_token - rss_token key otp_attempt - password - password_confirmation - private_token - runners_token - secret_token sentry_dsn variables ) @@ -176,7 +169,7 @@ module Gitlab next unless name.include?('namespace_project') define_method(name.sub('namespace_project', 'project')) do |project, *args| - send(name, project&.namespace, project, *args) + send(name, project&.namespace, project, *args) # rubocop:disable GitlabSecurity/PublicSend end end end diff --git a/config/dependency_decisions.yml b/config/dependency_decisions.yml index ca5b941aebf..d6c3c84851b 100644 --- a/config/dependency_decisions.yml +++ b/config/dependency_decisions.yml @@ -404,3 +404,15 @@ :why: https://github.com/mafintosh/thunky/blob/master/README.md#license :versions: [] :when: 2017-08-07 05:56:09.907045000 Z +- - :whitelist + - Unlicense + - :who: Nick Thomas <nick@gitlab.com> + :why: https://gitlab.com/gitlab-com/organization/issues/116 + :versions: [] + :when: 2017-09-01 17:17:51.996511844 Z +- - :blacklist + - Facebook BSD+PATENTS + - :who: Nick Thomas <nick@gitlab.com> + :why: https://gitlab.com/gitlab-com/organization/issues/117 + :versions: [] + :when: 2017-09-04 12:59:51.150798717 Z diff --git a/config/gitlab.yml.example b/config/gitlab.yml.example index a9edde4d6e2..793ac0fdba9 100644 --- a/config/gitlab.yml.example +++ b/config/gitlab.yml.example @@ -76,6 +76,13 @@ production: &base # default_can_create_group: false # default: true # username_changing_enabled: false # default: true - User can change her username/namespace + ## Default theme ID + ## 1 - Indigo + ## 2 - Dark + ## 3 - Light + ## 4 - Blue + ## 5 - Green + # default_theme: 1 # default: 1 ## Automatic issue closing # If a commit message matches this regular expression, all issues referenced from the matched text will be closed. @@ -281,9 +288,8 @@ production: &base encryption: 'plain' # Enables SSL certificate verification if encryption method is - # "start_tls" or "simple_tls". (Defaults to false for backward- - # compatibility) - verify_certificates: false + # "start_tls" or "simple_tls". Defaults to true. + verify_certificates: true # Specifies the path to a file containing a PEM-format CA certificate, # e.g. if you need to use an internal CA. @@ -381,9 +387,16 @@ production: &base # showing GitLab's sign-in page (default: show the GitLab sign-in page) # auto_sign_in_with_provider: saml - # Sync user's email address from the specified Omniauth provider every time the user logs - # in (default: nil). And consequently make this field read-only. - # sync_email_from_provider: cas3 + # Sync user's profile from the specified Omniauth providers every time the user logs in (default: empty). + # Define the allowed providers using an array, e.g. ["cas3", "saml", "twitter"], + # or as true/false to allow all providers or none. + # sync_profile_from_provider: [] + + # Select which info to sync from the providers above. (default: email). + # Define the synced profile info using an array. Available options are "name", "email" and "location" + # e.g. ["name", "email", "location"] or as true to sync all available. + # This consequently will make the selected attributes read-only. + # sync_profile_attributes: true # CAUTION! # This allows users to login without having a user account first. Define the allowed providers @@ -517,7 +530,7 @@ production: &base failure_count_threshold: 10 # number of failures before stopping attempts failure_wait_time: 30 # Seconds after an access failure before allowing access again failure_reset_time: 1800 # Time in seconds to expire failures - storage_timeout: 5 # Time in seconds to wait before aborting a storage access attempt + storage_timeout: 30 # Time in seconds to wait before aborting a storage access attempt ## Backup settings @@ -657,6 +670,9 @@ test: default: path: tmp/tests/repositories/ gitaly_address: unix:tmp/tests/gitaly/gitaly.socket + failure_count_threshold: 999999 + failure_wait_time: 0 + storage_timeout: 30 broken: path: tmp/tests/non-existent-repositories gitaly_address: unix:tmp/tests/gitaly/gitaly.socket diff --git a/config/initializers/0_acts_as_taggable.rb b/config/initializers/0_acts_as_taggable.rb index 54e9fcc31db..50dc47673ab 100644 --- a/config/initializers/0_acts_as_taggable.rb +++ b/config/initializers/0_acts_as_taggable.rb @@ -5,5 +5,5 @@ ActsAsTaggableOn.strict_case_match = true ActsAsTaggableOn.tags_counter = false # validate that counter cache is disabled -raise "Counter cache is not disabled" if +raise "Counter cache is not disabled" if ActsAsTaggableOn::Tagging.reflections["tag"].options[:counter_cache] diff --git a/config/initializers/0_inflections.rb b/config/initializers/0_inflections.rb index f977104ff9d..1ad9ddca877 100644 --- a/config/initializers/0_inflections.rb +++ b/config/initializers/0_inflections.rb @@ -10,5 +10,10 @@ # end # ActiveSupport::Inflector.inflections do |inflect| - inflect.uncountable %w(award_emoji project_statistics system_note_metadata) + inflect.uncountable %w( + award_emoji + project_statistics + system_note_metadata + project_auto_devops + ) end diff --git a/config/initializers/1_settings.rb b/config/initializers/1_settings.rb index d804fb16167..5729206774e 100644 --- a/config/initializers/1_settings.rb +++ b/config/initializers/1_settings.rb @@ -1,3 +1,5 @@ +# rubocop:disable GitlabSecurity/PublicSend + require_dependency Rails.root.join('lib/gitlab') # Load Gitlab as soon as possible class Settings < Settingslogic @@ -71,7 +73,7 @@ class Settings < Settingslogic # check that `current` (string or integer) is a contant in `modul`. def verify_constant(modul, current, default) - constant = modul.constants.find{ |name| modul.const_get(name) == current } + constant = modul.constants.find { |name| modul.const_get(name) == current } value = constant.nil? ? default : modul.const_get(constant) if current.is_a? String value = modul.const_get(current.upcase) rescue default @@ -137,6 +139,8 @@ if Settings.ldap['enabled'] || Rails.env.test? end Settings.ldap['servers'].each do |key, server| + server = Settingslogic.new(server) + server['label'] ||= 'LDAP' server['timeout'] ||= 10.seconds server['block_auto_created_users'] = false if server['block_auto_created_users'].nil? @@ -151,18 +155,13 @@ if Settings.ldap['enabled'] || Rails.env.test? server['encryption'] = 'simple_tls' if server['encryption'] == 'ssl' server['encryption'] = 'start_tls' if server['encryption'] == 'tls' - # Certificates are not verified for backwards compatibility. - # This default should be flipped to true in 9.5. - if server['verify_certificates'].nil? - server['verify_certificates'] = false - - message = <<-MSG.strip_heredoc - LDAP SSL certificate verification is disabled for backwards-compatibility. - Please add the "verify_certificates" option to gitlab.yml for each LDAP - server. Certificate verification will be enabled by default in GitLab 9.5. - MSG - Rails.logger.warn(message) - end + # Certificate verification was added in 9.4.2, and defaulted to false for + # backwards-compatibility. + # + # Since GitLab 10.0, verify_certificates defaults to true for security. + server['verify_certificates'] = true if server['verify_certificates'].nil? + + Settings.ldap['servers'][key] = server end end @@ -174,7 +173,20 @@ Settings.omniauth['external_providers'] = [] if Settings.omniauth['external_prov Settings.omniauth['block_auto_created_users'] = true if Settings.omniauth['block_auto_created_users'].nil? Settings.omniauth['auto_link_ldap_user'] = false if Settings.omniauth['auto_link_ldap_user'].nil? Settings.omniauth['auto_link_saml_user'] = false if Settings.omniauth['auto_link_saml_user'].nil? -Settings.omniauth['sync_email_from_provider'] ||= nil + +Settings.omniauth['sync_profile_from_provider'] = false if Settings.omniauth['sync_profile_from_provider'].nil? +Settings.omniauth['sync_profile_attributes'] = ['email'] if Settings.omniauth['sync_profile_attributes'].nil? + +# Handle backwards compatibility with merge request 11268 +if Settings.omniauth['sync_email_from_provider'] + if Settings.omniauth['sync_profile_from_provider'].is_a?(Array) + Settings.omniauth['sync_profile_from_provider'] |= [Settings.omniauth['sync_email_from_provider']] + elsif !Settings.omniauth['sync_profile_from_provider'] + Settings.omniauth['sync_profile_from_provider'] = [Settings.omniauth['sync_email_from_provider']] + end + + Settings.omniauth['sync_profile_attributes'] |= ['email'] unless Settings.omniauth['sync_profile_attributes'] == true +end Settings.omniauth['providers'] ||= [] Settings.omniauth['cas3'] ||= Settingslogic.new({}) @@ -220,6 +232,7 @@ Settings['gitlab'] ||= Settingslogic.new({}) Settings.gitlab['default_projects_limit'] ||= 100000 Settings.gitlab['default_branch_protection'] ||= 2 Settings.gitlab['default_can_create_group'] = true if Settings.gitlab['default_can_create_group'].nil? +Settings.gitlab['default_theme'] = Gitlab::Themes::APPLICATION_DEFAULT if Settings.gitlab['default_theme'].nil? Settings.gitlab['host'] ||= ENV['GITLAB_HOST'] || 'localhost' Settings.gitlab['ssh_host'] ||= Settings.gitlab.host Settings.gitlab['https'] = false if Settings.gitlab['https'].nil? @@ -440,7 +453,9 @@ unless Settings.repositories.storages['default'] Settings.repositories.storages['default']['path'] ||= Settings.gitlab['user_home'] + '/repositories/' end -Settings.repositories.storages.values.each do |storage| +Settings.repositories.storages.each do |key, storage| + storage = Settingslogic.new(storage) + # Expand relative paths storage['path'] = Settings.absolute(storage['path']) # Set failure defaults @@ -454,6 +469,8 @@ Settings.repositories.storages.values.each do |storage| storage['failure_reset_time'] = storage['failure_reset_time'].to_i # We might want to have a timeout shorter than 1 second. storage['storage_timeout'] = storage['storage_timeout'].to_f + + Settings.repositories.storages[key] = storage end # diff --git a/config/initializers/6_validations.rb b/config/initializers/6_validations.rb index 92ce4dd03cd..f8e67ce04c9 100644 --- a/config/initializers/6_validations.rb +++ b/config/initializers/6_validations.rb @@ -37,12 +37,12 @@ def validate_storages_config storage_validation_error("#{name} is not a valid storage, because it has no `path` key. Refer to gitlab.yml.example for an updated example") end - %w(failure_count_threshold failure_wait_time failure_reset_time storage_timeout).each do |setting| + %w(failure_count_threshold failure_reset_time storage_timeout).each do |setting| # Falling back to the defaults is fine! next if repository_storage[setting].nil? unless repository_storage[setting].to_f > 0 - storage_validation_error("#{setting}, for storage `#{name}` needs to be greater than 0") + storage_validation_error("`#{setting}` for storage `#{name}` needs to be greater than 0") end end end diff --git a/config/initializers/7_prometheus_metrics.rb b/config/initializers/7_prometheus_metrics.rb index 54c797e0714..31839297523 100644 --- a/config/initializers/7_prometheus_metrics.rb +++ b/config/initializers/7_prometheus_metrics.rb @@ -1,4 +1,5 @@ require 'prometheus/client' +require 'prometheus/client/support/unicorn' Prometheus::Client.configure do |config| config.logger = Rails.logger @@ -9,6 +10,8 @@ Prometheus::Client.configure do |config| if Rails.env.development? || Rails.env.test? config.multiprocess_files_dir ||= Rails.root.join('tmp/prometheus_multiproc_dir') end + + config.pid_provider = Prometheus::Client::Support::Unicorn.method(:worker_pid_provider) end Sidekiq.configure_server do |config| diff --git a/config/initializers/8_metrics.rb b/config/initializers/8_metrics.rb index 2aeb94d47cd..e1a59d8c152 100644 --- a/config/initializers/8_metrics.rb +++ b/config/initializers/8_metrics.rb @@ -114,11 +114,12 @@ def instrument_classes(instrumentation) # This is a Rails scope so we have to instrument it manually. instrumentation.instrument_method(Project, :visible_to_user) - # Needed for https://gitlab.com/gitlab-org/gitlab-ce/issues/34509 - instrumentation.instrument_method(MarkupHelper, :link_to_gfm) - # Needed for https://gitlab.com/gitlab-org/gitlab-ce/issues/30224#note_32306159 instrumentation.instrument_instance_method(MergeRequestDiff, :load_commits) + + # Needed for https://gitlab.com/gitlab-org/gitlab-ce/issues/36061 + instrumentation.instrument_instance_method(MergeRequest, :ensure_ref_fetched) + instrumentation.instrument_instance_method(MergeRequest, :fetch_ref) end # rubocop:enable Metrics/AbcSize diff --git a/config/initializers/active_record_array_type_casting.rb b/config/initializers/active_record_array_type_casting.rb new file mode 100644 index 00000000000..d94d592add6 --- /dev/null +++ b/config/initializers/active_record_array_type_casting.rb @@ -0,0 +1,20 @@ +module ActiveRecord + class PredicateBuilder + class ArrayHandler + module TypeCasting + def call(attribute, value) + # This is necessary because by default ActiveRecord does not respect + # custom type definitions (like our `ShaAttribute`) when providing an + # array in `where`, like in `where(commit_sha: [sha1, sha2, sha3])`. + model = attribute.relation&.engine + type = model.user_provided_columns[attribute.name] if model + value = value.map { |value| type.type_cast_for_database(value) } if type + + super(attribute, value) + end + end + + prepend TypeCasting + end + end +end diff --git a/config/initializers/active_record_locking.rb b/config/initializers/active_record_locking.rb index 9266ff0f615..150aaa2a8c2 100644 --- a/config/initializers/active_record_locking.rb +++ b/config/initializers/active_record_locking.rb @@ -18,7 +18,7 @@ module ActiveRecord lock_col = self.class.locking_column - previous_lock_value = send(lock_col).to_i + previous_lock_value = send(lock_col).to_i # rubocop:disable GitlabSecurity/PublicSend # This line is added as a patch previous_lock_value = nil if previous_lock_value == '0' || previous_lock_value == 0 @@ -48,7 +48,7 @@ module ActiveRecord # If something went wrong, revert the version. rescue Exception - send(lock_col + '=', previous_lock_value) + send(lock_col + '=', previous_lock_value) # rubocop:disable GitlabSecurity/PublicSend raise end end diff --git a/config/initializers/active_record_mysql_timestamp.rb b/config/initializers/active_record_mysql_timestamp.rb new file mode 100644 index 00000000000..af74c4ff6fb --- /dev/null +++ b/config/initializers/active_record_mysql_timestamp.rb @@ -0,0 +1,30 @@ +# Make sure that MySQL won't try to use CURRENT_TIMESTAMP when the timestamp +# column is NOT NULL. See https://gitlab.com/gitlab-org/gitlab-ce/issues/36405 +# And also: https://bugs.mysql.com/bug.php?id=75098 +# This patch was based on: +# https://github.com/rails/rails/blob/15ef55efb591e5379486ccf53dd3e13f416564f6/activerecord/lib/active_record/connection_adapters/mysql/schema_creation.rb#L34-L36 + +if Gitlab::Database.mysql? + require 'active_record/connection_adapters/abstract/schema_creation' + + module MySQLTimestampFix + def add_column_options!(sql, options) + # By default, TIMESTAMP columns are NOT NULL, cannot contain NULL values, + # and assigning NULL assigns the current timestamp. To permit a TIMESTAMP + # column to contain NULL, explicitly declare it with the NULL attribute. + # See http://dev.mysql.com/doc/refman/5.7/en/timestamp-initialization.html + if sql.end_with?('timestamp') && !options[:primary_key] + if options[:null] != false + sql << ' NULL' + elsif options[:column].default.nil? + sql << ' DEFAULT 0' + end + end + + super + end + end + + ActiveRecord::ConnectionAdapters::AbstractAdapter::SchemaCreation + .prepend(MySQLTimestampFix) +end diff --git a/config/initializers/fast_gettext.rb b/config/initializers/fast_gettext.rb index eb589ecdb52..fd0167aa476 100644 --- a/config/initializers/fast_gettext.rb +++ b/config/initializers/fast_gettext.rb @@ -1,4 +1,7 @@ -FastGettext.add_text_domain 'gitlab', path: File.join(Rails.root, 'locale'), type: :po +FastGettext.add_text_domain 'gitlab', + path: File.join(Rails.root, 'locale'), + type: :po, + ignore_fuzzy: true FastGettext.default_text_domain = 'gitlab' FastGettext.default_available_locales = Gitlab::I18n.available_locales FastGettext.default_locale = :en diff --git a/config/initializers/omniauth.rb b/config/initializers/omniauth.rb index 56c279ffcf4..fddb018e948 100644 --- a/config/initializers/omniauth.rb +++ b/config/initializers/omniauth.rb @@ -6,12 +6,6 @@ if Gitlab::LDAP::Config.enabled? const_set(server['provider_class'], Class.new(LDAP)) end end - - OmniauthCallbacksController.class_eval do - Gitlab::LDAP::Config.available_servers.each do |server| - alias_method server['provider_name'], :ldap - end - end end OmniAuth.config.full_host = Settings.gitlab['base_url'] diff --git a/config/initializers/sentry.rb b/config/initializers/sentry.rb index 6b0cff75653..62d0967009a 100644 --- a/config/initializers/sentry.rb +++ b/config/initializers/sentry.rb @@ -1,19 +1,18 @@ # Be sure to restart your server when you modify this file. require 'gitlab/current_settings' -include Gitlab::CurrentSettings if Rails.env.production? # allow it to fail: it may do so when create_from_defaults is executed before migrations are actually done begin - sentry_enabled = current_application_settings.sentry_enabled + sentry_enabled = Gitlab::CurrentSettings.current_application_settings.sentry_enabled rescue sentry_enabled = false end if sentry_enabled Raven.configure do |config| - config.dsn = current_application_settings.sentry_dsn + config.dsn = Gitlab::CurrentSettings.current_application_settings.sentry_dsn config.release = Gitlab::REVISION # Sanitize fields based on those sanitized from Rails. diff --git a/config/initializers/session_store.rb b/config/initializers/session_store.rb index e8213ac8ba4..f2fde1e0048 100644 --- a/config/initializers/session_store.rb +++ b/config/initializers/session_store.rb @@ -1,11 +1,10 @@ # Be sure to restart your server when you modify this file. require 'gitlab/current_settings' -include Gitlab::CurrentSettings # allow it to fail: it may do so when create_from_defaults is executed before migrations are actually done begin - Settings.gitlab['session_expire_delay'] = current_application_settings.session_expire_delay || 10080 + Settings.gitlab['session_expire_delay'] = Gitlab::CurrentSettings.current_application_settings.session_expire_delay || 10080 rescue Settings.gitlab['session_expire_delay'] ||= 10080 end diff --git a/config/initializers/static_files.rb b/config/initializers/static_files.rb index 9ed96ddb0b4..943e01f1496 100644 --- a/config/initializers/static_files.rb +++ b/config/initializers/static_files.rb @@ -1,15 +1,15 @@ app = Rails.application if app.config.serve_static_files - # The `ActionDispatch::Static` middleware intercepts requests for static files - # by checking if they exist in the `/public` directory. + # The `ActionDispatch::Static` middleware intercepts requests for static files + # by checking if they exist in the `/public` directory. # We're replacing it with our `Gitlab::Middleware::Static` that does the same, # except ignoring `/uploads`, letting those go through to the GitLab Rails app. app.config.middleware.swap( - ActionDispatch::Static, - Gitlab::Middleware::Static, - app.paths["public"].first, + ActionDispatch::Static, + Gitlab::Middleware::Static, + app.paths["public"].first, app.config.static_cache_control ) diff --git a/config/initializers/trusted_proxies.rb b/config/initializers/trusted_proxies.rb index fc4f02453d7..0c32528311e 100644 --- a/config/initializers/trusted_proxies.rb +++ b/config/initializers/trusted_proxies.rb @@ -2,7 +2,7 @@ # as the ActionDispatch::Request object. This is necessary for libraries # like rack_attack where they don't use ActionDispatch, and we want them # to block/throttle requests on private networks. -# Rack Attack specific issue: https://github.com/kickstarter/rack-attack/issues/145 +# Rack Attack specific issue: https://github.com/kickstarter/rack-attack/issues/145 module Rack class Request def trusted_proxy?(ip) diff --git a/config/initializers/workhorse_multipart.rb b/config/initializers/workhorse_multipart.rb index 064e5964f09..4196e3a8f61 100644 --- a/config/initializers/workhorse_multipart.rb +++ b/config/initializers/workhorse_multipart.rb @@ -10,10 +10,8 @@ end # module Gitlab module StrongParameterScalars - GITLAB_PERMITTED_SCALAR_TYPES = [::UploadedFile].freeze - def permitted_scalar?(value) - super || GITLAB_PERMITTED_SCALAR_TYPES.any? { |type| value.is_a?(type) } + super || value.is_a?(::UploadedFile) end end end diff --git a/config/karma.config.js b/config/karma.config.js index 2f571978e08..e459f5cdac3 100644 --- a/config/karma.config.js +++ b/config/karma.config.js @@ -8,6 +8,7 @@ if (webpackConfig.plugins) { webpackConfig.plugins = webpackConfig.plugins.filter(function (plugin) { return !( plugin instanceof webpack.optimize.CommonsChunkPlugin || + plugin instanceof webpack.optimize.ModuleConcatenationPlugin || plugin instanceof webpack.DefinePlugin ); }); diff --git a/config/prometheus/additional_metrics.yml b/config/prometheus/additional_metrics.yml index 5eb01d62924..0642a0b2fe9 100644 --- a/config/prometheus/additional_metrics.yml +++ b/config/prometheus/additional_metrics.yml @@ -1,3 +1,33 @@ +- group: Response metrics (NGINX Ingress) + priority: 10 + metrics: + - title: "Throughput" + y_label: "Requests / Sec" + required_metrics: + - nginx_upstream_requests_total + weight: 1 + queries: + - query_range: 'sum(rate(nginx_upstream_requests_total{upstream=~"%{kube_namespace}-%{ci_environment_slug}-.*"}[2m]))' + label: Total + unit: req / sec + - title: "Latency" + y_label: "Latency (ms)" + required_metrics: + - nginx_upstream_response_msecs_avg + weight: 1 + queries: + - query_range: 'avg(nginx_upstream_response_msecs_avg{upstream=~"%{kube_namespace}-%{ci_environment_slug}-.*"})' + label: Average + unit: ms + - title: "HTTP Error Rate" + y_label: "HTTP 500 Errors / Sec" + required_metrics: + - nginx_upstream_responses_total + weight: 1 + queries: + - query_range: 'sum(rate(nginx_upstream_responses_total{status_code="5xx", upstream=~"%{kube_namespace}-%{ci_environment_slug}-.*"}[2m]))' + label: HTTP Errors + unit: "errors / sec" - group: Response metrics (HA Proxy) priority: 10 metrics: @@ -68,18 +98,18 @@ - nginx_upstream_response_msecs_avg weight: 1 queries: - - query_range: 'avg(nginx_upstream_response_msecs_avg{%{environment_filter}}) * 1000' + - query_range: 'avg(nginx_upstream_response_msecs_avg{%{environment_filter}})' label: Upstream unit: ms - title: "HTTP Error Rate" - y_label: "Error Rate (%)" + y_label: "HTTP 500 Errors / Sec" required_metrics: - nginx_responses_total weight: 1 queries: - - query_range: 'sum(rate(nginx_responses_total{status_code="5xx", %{environment_filter}}[2m])) / sum(rate(nginx_requests_total{server_zone!="*", server_zone!="_", %{environment_filter}}[2m]))' + - query_range: 'sum(rate(nginx_responses_total{status_code="5xx", %{environment_filter}}[2m]))' label: HTTP Errors - unit: "%" + unit: "errors / sec" - group: System metrics (Kubernetes) priority: 5 metrics: diff --git a/config/routes.rb b/config/routes.rb index 4fd6cb5d439..5683725c8a2 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -27,6 +27,7 @@ Rails.application.routes.draw do get '/autocomplete/users' => 'autocomplete#users' get '/autocomplete/users/:id' => 'autocomplete#user' get '/autocomplete/projects' => 'autocomplete#projects' + get '/autocomplete/award_emojis' => 'autocomplete#award_emojis' # Search get 'search' => 'search#show' @@ -73,6 +74,19 @@ Rails.application.routes.draw do # Notification settings resources :notification_settings, only: [:create, :update] + # Boards resources shared between group and projects + resources :boards do + resources :lists, module: :boards, only: [:index, :create, :update, :destroy] do + collection do + post :generate + end + + resources :issues, only: [:index, :create, :update] + end + + resources :issues, module: :boards, only: [:index, :update] + end + draw :import draw :uploads draw :explore diff --git a/config/routes/ci.rb b/config/routes/ci.rb index 8d23aa8fbf6..cbd4c2db852 100644 --- a/config/routes/ci.rb +++ b/config/routes/ci.rb @@ -1,8 +1,4 @@ namespace :ci do - # CI API - Ci::API::API.logger Rails.logger - mount Ci::API::API => '/api' - resource :lint, only: [:show, :create] root to: redirect('/') diff --git a/config/routes/project.rb b/config/routes/project.rb index 06928c7b9ce..b36d13888cd 100644 --- a/config/routes/project.rb +++ b/config/routes/project.rb @@ -303,11 +303,13 @@ constraints(ProjectUrlConstrainer.new) do member do post :toggle_subscription post :mark_as_spam + post :move get :referenced_merge_requests get :related_branches get :can_create_branch get :realtime_changes post :create_merge_request + get :discussions, format: :json end collection do post :bulk_update @@ -341,19 +343,7 @@ constraints(ProjectUrlConstrainer.new) do get 'noteable/:target_type/:target_id/notes' => 'notes#index', as: 'noteable_notes' - resources :boards, only: [:index, :show] do - scope module: :boards do - resources :issues, only: [:index, :update] - - resources :lists, only: [:index, :create, :update, :destroy] do - collection do - post :generate - end - - resources :issues, only: [:index, :create] - end - end - end + resources :boards, only: [:index, :show, :create, :update, :destroy] resources :todos, only: [:create] diff --git a/config/routes/repository.rb b/config/routes/repository.rb index 2ba16035ece..9ffdebbcff1 100644 --- a/config/routes/repository.rb +++ b/config/routes/repository.rb @@ -3,6 +3,9 @@ resource :repository, only: [:create] do member do get ':ref/archive', constraints: { format: Gitlab::PathRegex.archive_formats_regex, ref: /.+/ }, action: 'archive', as: 'archive' + + # deprecated since GitLab 9.5 + get 'archive', constraints: { format: Gitlab::PathRegex.archive_formats_regex }, as: 'archive_alternative' end end diff --git a/config/routes/uploads.rb b/config/routes/uploads.rb index e9c9aa8b2f9..d7bca8310e4 100644 --- a/config/routes/uploads.rb +++ b/config/routes/uploads.rb @@ -5,12 +5,12 @@ scope path: :uploads do constraints: { model: /note|user|group|project/, mounted_as: /avatar|attachment/, filename: /[^\/]+/ } # show uploads for models, snippets (notes) available for now - get 'system/:model/:id/:secret/:filename', + get '-/system/:model/:id/:secret/:filename', to: 'uploads#show', constraints: { model: /personal_snippet/, id: /\d+/, filename: /[^\/]+/ } # show temporary uploads - get 'system/temp/:secret/:filename', + get '-/system/temp/:secret/:filename', to: 'uploads#show', constraints: { filename: /[^\/]+/ } diff --git a/config/sidekiq_queues.yml b/config/sidekiq_queues.yml index 83abc83c9f0..24c001362c6 100644 --- a/config/sidekiq_queues.yml +++ b/config/sidekiq_queues.yml @@ -27,6 +27,10 @@ - [new_merge_request, 2] - [build, 2] - [pipeline, 2] + - [pipeline_processing, 5] + - [pipeline_default, 3] + - [pipeline_cache, 3] + - [pipeline_hooks, 2] - [gitlab_shell, 2] - [email_receiver, 2] - [emails_on_push, 2] diff --git a/config/webpack.config.js b/config/webpack.config.js index 8e1b80cd39f..6b0cd023291 100644 --- a/config/webpack.config.js +++ b/config/webpack.config.js @@ -30,7 +30,7 @@ var config = { blob: './blob_edit/blob_bundle.js', boards: './boards/boards_bundle.js', common: './commons/index.js', - common_vue: ['vue', './vue_shared/common_vue.js'], + common_vue: './vue_shared/vue_resource_interceptor.js', common_d3: ['d3'], cycle_analytics: './cycle_analytics/cycle_analytics_bundle.js', commit_pipelines: './commit/pipelines/pipelines_bundle.js', @@ -55,6 +55,7 @@ var config = { monitoring: './monitoring/monitoring_bundle.js', network: './network/network_bundle.js', notebook_viewer: './blob/notebook_viewer.js', + notes: './notes/index.js', pdf_viewer: './blob/pdf_viewer.js', pipelines: './pipelines/pipelines_bundle.js', pipelines_charts: './pipelines/pipelines_charts.js', @@ -76,7 +77,6 @@ var config = { terminal: './terminal/terminal_bundle.js', u2f: ['vendor/u2f'], ui_development_kit: './ui_development_kit.js', - users: './users/index.js', raven: './raven/index.js', vue_merge_request_widget: './vue_merge_request_widget/index.js', test: './test.js', @@ -171,7 +171,7 @@ var config = { if (chunk.name) { return chunk.name; } - return chunk.modules.map((m) => { + return chunk.mapModules((m) => { var chunkPath = m.request.split('!').pop(); return path.relative(m.context, chunkPath); }).join('_'); @@ -195,6 +195,7 @@ var config = { 'merge_conflicts', 'monitoring', 'notebook_viewer', + 'notes', 'pdf_viewer', 'pipelines', 'pipelines_details', @@ -223,6 +224,9 @@ var config = { names: ['main', 'locale', 'common', 'webpack_runtime'], }), + // enable scope hoisting + new webpack.optimize.ModuleConcatenationPlugin(), + // copy pre-compiled vendor libraries verbatim new CopyWebpackPlugin([ { @@ -274,14 +278,9 @@ if (IS_PRODUCTION) { }) ); - // zopfli requires a lot of compute time and is disabled in CI + // compression can require a lot of compute time and is disabled in CI if (!NO_COMPRESSION) { - // gracefully fall back to gzip if `node-zopfli` is unavailable (e.g. in CentOS 6) - try { - config.plugins.push(new CompressionPlugin({ algorithm: 'zopfli' })); - } catch(err) { - config.plugins.push(new CompressionPlugin({ algorithm: 'gzip' })); - } + config.plugins.push(new CompressionPlugin()); } } |