diff options
-rw-r--r-- | CHANGELOG | 5 | ||||
-rw-r--r-- | app/views/admin/users/index.html.haml | 2 | ||||
-rw-r--r-- | doc/install/installation.md | 30 | ||||
-rw-r--r-- | doc/migrate_ci_to_ce/README.md | 347 | ||||
-rw-r--r-- | doc/update/upgrader.md | 2 | ||||
-rw-r--r-- | lib/api/users.rb | 11 | ||||
-rw-r--r-- | lib/tasks/gitlab/check.rake | 5 | ||||
-rw-r--r-- | spec/requests/api/users_spec.rb | 14 |
8 files changed, 231 insertions, 185 deletions
diff --git a/CHANGELOG b/CHANGELOG index 8e516322a6a..1cb338f16da 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -1,6 +1,9 @@ Please view this file on the master branch, on stable branches it's out of date. -v 8.0.0 (unreleased) +v 8.0.1 + - Improve CI migration procedure and documentation + +v 8.0.0 - Fix Markdown links not showing up in dashboard activity feed (Stan Hu) - Remove milestones from merge requests when milestones are deleted (Stan Hu) - Fix HTML link that was improperly escaped in new user e-mail (Stan Hu) diff --git a/app/views/admin/users/index.html.haml b/app/views/admin/users/index.html.haml index 5e40d95d1c5..e3698ac1c46 100644 --- a/app/views/admin/users/index.html.haml +++ b/app/views/admin/users/index.html.haml @@ -97,5 +97,5 @@ - if user.access_locked? = link_to 'Unlock', unlock_admin_user_path(user), method: :put, class: "btn btn-xs btn-success", data: { confirm: 'Are you sure?' } - if user.can_be_removed? - = link_to 'Destroy', [:admin, user], data: { confirm: "USER #{user.name} WILL BE REMOVED! All tickets linked to this user will also be removed! Maybe block the user instead? Are you sure?" }, method: :delete, class: "btn btn-xs btn-remove" + = link_to 'Destroy', [:admin, user], data: { confirm: "USER #{user.name} WILL BE REMOVED! All issues, merge requests and groups linked to this user will also be removed! Maybe block the user instead? Are you sure?" }, method: :delete, class: "btn btn-xs btn-remove" = paginate @users, theme: "gitlab" diff --git a/doc/install/installation.md b/doc/install/installation.md index 3b074fc8467..5887891c1ab 100644 --- a/doc/install/installation.md +++ b/doc/install/installation.md @@ -474,9 +474,22 @@ Using a self-signed certificate is discouraged but if you must use it follow the ``` 1. In the `config.yml` of gitlab-shell set `self_signed_cert` to `true`. -### Additional Markup Styles +### Enable Reply by email -Apart from the always supported markdown style there are other rich text files that GitLab can display. But you might have to install a dependency to do so. Please see the [github-markup gem readme](https://github.com/gitlabhq/markup#markups) for more information. +See the ["Reply by email" documentation](../incoming_email/README.md) for more information on how to set this up. + +### LDAP Authentication + +You can configure LDAP authentication in `config/gitlab.yml`. Please restart GitLab after editing this file. + +### Using Custom Omniauth Providers + +See the [omniauth integration document](../integration/omniauth.md) + +### Build your projects + +GitLab can build your projects. To enable that feature you need GitLab Runners to do that for you. +Checkout the [Gitlab Runner section](https://about.gitlab.com/gitlab-ci/#gitlab-runner) to install it ### Custom Redis Connection @@ -502,15 +515,6 @@ If you are running SSH on a non-standard port, you must change the GitLab user's You also need to change the corresponding options (e.g. `ssh_user`, `ssh_host`, `admin_uri`) in the `config\gitlab.yml` file. -### LDAP Authentication - -You can configure LDAP authentication in `config/gitlab.yml`. Please restart GitLab after editing this file. - -### Using Custom Omniauth Providers - -See the [omniauth integration document](../integration/omniauth.md) - -### Build your projects +### Additional Markup Styles -GitLab can build your projects. To enable that feature you need GitLab Runners to do that for you. -Checkout the [Gitlab Runner section](https://about.gitlab.com/gitlab-ci/#gitlab-runner) to install it +Apart from the always supported markdown style there are other rich text files that GitLab can display. But you might have to install a dependency to do so. Please see the [github-markup gem readme](https://github.com/gitlabhq/markup#markups) for more information. diff --git a/doc/migrate_ci_to_ce/README.md b/doc/migrate_ci_to_ce/README.md index 1f050e2def2..2725bf343ee 100644 --- a/doc/migrate_ci_to_ce/README.md +++ b/doc/migrate_ci_to_ce/README.md @@ -5,232 +5,251 @@ Edition (EE), GitLab CI is no longer its own application, but is instead built into the CE and EE applications. This guide will detail the process of migrating your CI installation and data -into your GitLab CE or EE installation. +into your GitLab CE or EE installation. **You can only migrate CI data from +GitLab CI 8.0 to GitLab 8.0; migrating between other versions (e.g.7.14 to 8.1) +is not possible.** -### Before we begin +We recommend that you read through the entire migration process in this +document before beginning. -**You need to have a working installation of GitLab CI version 8.0 to perform -this migration. The older versions are not supported and will most likely break -this migration procedure.** +### Overview -This migration cannot be performed online and takes a significant amount of -time. Make sure to plan ahead. +In this document we assume you have a GitLab server and a GitLab CI server. It +does not matter if these are the same machine. -If you are running a version of GitLab CI prior to 8.0 please follow the -appropriate [update guide](https://gitlab.com/gitlab-org/gitlab-ci/tree/master/doc/update/) -before proceeding. +The migration consists of three parts: updating GitLab and GitLab CI, moving +data, and redirecting traffic. -The migration is divided into four parts and covers both manual and Omnibus -installations: +Please note that CI builds triggered on your GitLab server in the time between +updating to 8.0 and finishing the migration will be lost. Your GitLab server +can be online for most of the procedure; the only GitLab downtime (if any) is +during the upgrade to 8.0. Your CI service will be offline from the moment you +upgrade to 8.0 until you finish the migration procedure. -1. [GitLab CI](#part-i-gitlab-ci) -1. [Gitlab CE (or EE)](#part-ii-gitlab-ce-or-ee) -1. [Nginx configuration](#part-iii-nginx-configuration) -1. [Finishing Up](#part-iv-finishing-up) +### Before upgrading -### Part I: GitLab CI +If you have GitLab CI installed using omnibus-gitlab packages but *you don't want to migrate your existing data*: -#### 1. Stop GitLab CI - - # Manual installation - sudo service gitlab_ci stop - - # Omnibus installation - sudo gitlab-ctl stop ci-unicorn ci-sidekiq - -#### 2. Create a backup - -The migration procedure modifies the structure of the CI database. If something -goes wrong, you will not be able to revert to a previous version without a -backup. - -If your GitLab CI installation uses **MySQL** and your GitLab CE (or EE) -installation uses **PostgreSQL** you'll need to convert the CI database by -setting a `MYSQL_TO_POSTGRESQL` flag. - -If you use the Omnibus package you most likely use **PostgreSQL** on both GitLab -CE (or EE) and CI. +```bash +mv /var/opt/gitlab/gitlab-ci/builds /var/opt/gitlab/gitlab-ci/builds.$(date +%s) +``` -You can check which database each install is using by viewing their -database configuration files: +and run `sudo gitlab-ctl reconfigure`. - cat /home/gitlab_ci/gitlab-ci/config/database.yml - cat /home/git/gitlab/config/database.yml +#### 1. Verify that backups work -- If both applications use the same database `adapter`, create the backup with - this command: +Make sure that the backup script on both servers can connect to the database. - # Manual installation - cd /home/gitlab_ci/gitlab-ci - sudo -u gitlab_ci -H bundle exec rake backup:create RAILS_ENV=production +``` +# On your CI server: +# Omnibus +sudo gitlab-ci-rake backup:create - # Omnibus installation - sudo gitlab-ci-rake backup:create +# Source +cd /home/gitlab_ci/gitlab-ci +sudo -u gitlab_ci -H bundle exec rake backup:create RAILS_ENV=production +``` -- If CI uses MySQL, and CE (or EE) uses PostgreSQL, create the backup with this - command (note the `MYSQL_TO_POSTGRESQL` flag): +Also check on your GitLab server. - # Manual installation - cd /home/gitlab_ci/gitlab-ci - sudo -u gitlab_ci -H bundle exec rake backup:create RAILS_ENV=production MYSQL_TO_POSTGRESQL=1 +``` +# On your GitLab server: +# Omnibus +sudo gitlab-rake gitlab:backup:create SKIP=repositories,uploads - # Omnibus installation - sudo gitlab-ci-rake backup:create MYSQL_TO_POSTGRESQL=1 +# Source +cd /home/git/gitlab +sudo -u git -H bundle exec rake gitlab:backup:create RAILS_ENV=production SKIP=repositories,uploads +``` -#### 3. Remove cronjob +If this fails you need to fix it before upgrading to 8.0. Also see +https://about.gitlab.com/getting-help/ -**Note:** This step is only required for **manual installations**. Omnibus users -can [skip to the next step](#part-ii-gitlab-ce-or-ee). +#### 2. Check source and target database types - # Manual installation - cd /home/gitlab_ci/gitlab-ci - sudo -u gitlab_ci -H bundle exec whenever --clear-crontab +Check what databases you use on your GitLab server and your CI server. + Look for the 'adapter:' line. If your CI server and your GitLab server use +the same database adapter no special care is needed. If your CI server uses +MySQL and your GitLab server uses PostgreSQL you need to pass a special option +during the 'Moving data' part. **If your CI server uses PostgreSQL and your +GitLab server uses MySQL you cannot migrate your CI data to GitLab 8.0.** -### Part II: GitLab CE (or EE) +``` +# On your CI server: +# Omnibus +sudo gitlab-ci-rake env:info -#### 1. Ensure GitLab is updated +# Source +cd /home/gitlab_ci/gitlab-ci +sudo -u gitlab_ci -H bundle exec rake env:info RAILS_ENV=production +``` -Your GitLab CE or EE installation **must be version 8.0**. If it's not, follow -the [update guide](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/update/7.14-to-8.0.md) -before proceeding. +``` +# On your GitLab server: +# Omnibus +sudo gitlab-rake gitlab:env:info -If you use the Omnibus packages simply run `apt-get upgrade` to install the -latest version. +# Source +cd /home/git/gitlab +sudo -u git -H bundle exec rake gitlab:env:info RAILS_ENV=production +``` -#### 2. Prevent CI usage during the migration process +#### 3. Storage planning -As an administrator, go to **Admin Area** -> **Settings**, and under **Continuous -Integration** uncheck **Disable to prevent CI usage until rake ci:migrate is run -(8.0 only)**. +Decide where to store CI build traces on GitLab server. GitLab CI uses + files on disk to store CI build traces. The default path for these build +traces is `/var/opt/gitlab/gitlab-ci/builds` (Omnibus) or +`/home/git/gitlab/builds` (Source). If you are storing your repository data in +a special location, or if you are using NFS, you should make sure that you +store build traces on the same storage as your Git repositories. -This will disable the CI integration and prevent users from creating CI projects -until the migration process is completed. +### I. Upgrading -#### 3. Stop GitLab +From this point on, GitLab CI will be unavailable for your end users. -Before you can migrate data you need to stop the GitLab service first: +#### 1. Upgrade GitLab to 8.0 - # Manual installation - sudo service gitlab stop +First upgrade your GitLab server to version 8.0: +https://about.gitlab.com/update/ - # Omnibus installation - sudo gitlab-ctl stop unicorn sidekiq +#### 2. Disable CI on the GitLab server during the migration -#### 4. Create a backup +After you update, go to the admin panel and temporarily disable CI. As + an administrator, go to **Admin Area** -> **Settings**, and under +**Continuous Integration** uncheck **Disable to prevent CI usage until rake +ci:migrate is run (8.0 only)**. -This migration poses a **significant risk** of breaking your GitLab -installation. Create a backup before proceeding: +#### 3. CI settings are now in GitLab - # Manual installation - cd /home/git/gitlab - sudo -u git -H bundle exec rake gitlab:backup:create RAILS_ENV=production +If you want to use custom CI settings (e.g. change where builds are + stored), please update `/etc/gitlab/gitlab.rb` (Omnibus) or +`/home/git/gitlab/config/gitlab.yml` (Source). - # Omnibus installation - sudo gitlab-rake gitlab:backup:create +#### 4. Upgrade GitLab CI to 8.0 -It's possible to speed up backup creation by skipping repositories and uploads: +Now upgrade GitLab CI to version 8.0. If you are using Omnibus packages, + this may have already happened when you upgraded GitLab to 8.0. - # Manual installation - cd /home/git/gitlab - sudo -u git -H bundle exec rake gitlab:backup:create RAILS_ENV=production SKIP=repositories,uploads +#### 5. Disable GitLab CI on the CI server - # Omnibus installation - sudo gitlab-rake gitlab:backup:create SKIP=repositories,uploads +Disable GitLab CI after upgrading to 8.0. -#### 5. Copy secret tokens from CI +``` +# On your CI server: +# Omnibus +sudo gitlab-ctl stop ci-unicorn +sudo gitlab-ctl stop ci-sidekiq + +# Source +sudo service gitlab_ci stop +cd /home/gitlab_ci/gitlab-ci +sudo -u gitlab_ci -H bundle exec whenever --clear-crontab +``` -The `secrets.yml` file stores encryption keys for secure variables. +### II. Moving data -- **Manual installations** need to copy the contents of GitLab CI's - `config/secrets.yml` file to the same file in GitLab CE: +#### 1. Database encryption key - ```bash - # Manual installation - sudo cp /home/gitlab_ci/gitlab-ci/config/secrets.yml /home/git/gitlab/config/secrets.yml - sudo chown git:git /home/git/gitlab/config/secrets.yml - sudo chown 0600 /home/git/gitlab/config/secrets.yml - ``` +Move the database encryption key from your CI server to your GitLab + server. The command below will show you what you need to copy-paste to your +GitLab server. On Omnibus GitLab servers you will have to add a line to +`/etc/gitlab/gitlab.rb`. On GitLab servers installed from source you will have +to replace the contents of `/home/git/gitlab/config/secrets.yml`. -- **Omnibus installations** where GitLab CI and CE (or EE) are on the same - server don't need to do anything further, because the secrets are stored in - `/etc/gitlab/gitlab-secrets.json`. +``` +# On your CI server: +# Omnibus +sudo gitlab-ci-rake backup:show_secrets -- **Omnibus installations** where GitLab CI is on a different server than CE (or - EE) will need to: - 1. On the CI server, copy the `db_key_base` value from - `/etc/gitlab/gitlab-secrets.json` - 1. On the CE (or EE) server, add `gitlab_ci['db_key_base'] = - "VALUE_FROM_ABOVE"` to the `/etc/gitlab/gitlab.rb` file and run `sudo - gitlab-ctl reconfigure` +# Source +cd /home/gitlab_ci/gitlab-ci +sudo -u gitlab_ci -H bundle exec rake backup:show_secrets RAILS_ENV=production +``` -#### 6. New configuration options for `gitlab.yml` +#### 2. SQL data and build traces -**Note:** This step is only required for **manual installations**. Omnibus users -can [skip to the next step](#7-copy-backup-from-gitlab-ci). +Create your final CI data export. If you are converting from MySQL to + PostgreSQL, add ` MYSQL_TO_POSTGRESQL=1` to the end of the rake command. When +the command finishes it will print the path to your data export archive; you +will need this file later. -There are new configuration options available for `gitlab.yml`. View them with -the command below and apply them manually to your current `gitlab.yml`: +``` +# On your CI server: +# Omnibus +sudo gitlab-ci-rake backup:create - git diff origin/7-14-stable:config/gitlab.yml.example origin/8-0-stable:config/gitlab.yml.example +# Source +cd /home/gitlab_ci/gitlab-ci +sudo -u gitlab_ci -H bundle exec rake backup:create RAILS_ENV=production +``` -The new options include configuration settings for GitLab CI. +#### 3. Copy data to the GitLab server -#### 7. Copy backup from GitLab CI +If you were running GitLab and GitLab CI on the same server you can skip this +step. -```bash -# Manual installation -sudo cp -v /home/gitlab_ci/gitlab-ci/tmp/backups/*_gitlab_ci_backup.tar /home/git/gitlab/tmp/backups -sudo chown git:git /home/git/gitlab/tmp/backups/*_gitlab_ci_backup.tar +Copy your CI data archive to your GitLab server. There are many ways to do +this, below we use SSH agent forwarding and 'scp', which will be easy and fast +for most setups. You can also copy the data archive first from the CI server to +your laptop and then from your laptop to the GitLab server. -# Omnibus installation -sudo cp -v /var/opt/gitlab/ci-backups/*_gitlab_ci_backup.tar /var/opt/gitlab/backups/ -sudo chown git:git /var/opt/gitlab/backups/*_gitlab_ci_backup.tar +``` +# Start from your laptop +ssh -A ci_admin@ci_server.example +# Now on the CI server +scp /path/to/12345_gitlab_ci_backup.tar gitlab_admin@gitlab_server.example:~ ``` -If moving across the servers you can use `scp`. -However, this requires you to provide an authorized key or password to login to -the GitLab CE (or EE) server from the CI server. You can try to use ssh-agent -from your local machine to have that: login to your GitLab CI server using -`ssh -A`. +#### 4. Move data to the GitLab backups folder -```bash -# Manual installation -scp /home/gitlab_ci/gitlab-ci/tmp/backups/*_gitlab_ci_backup.tar root@gitlab.example.com:/home/git/gitlab/tmp/backup +Make the CI data archive discoverable for GitLab. We assume below that you +store backups in the default path, adjust the command if necessary. -# Omnibus installation -scp /var/opt/gitlab/ci-backups/*_gitlab_ci_backup.tar root@gitlab.example.com:/var/opt/gitlab/backups/ ``` +# On your GitLab server: +# Omnibus +sudo mv /path/to/12345_gitlab_ci_backup.tar /var/opt/gitlab/backups/ -#### 8. Import GitLab CI backup - -Now you'll import the GitLab CI database dump that you created earlier into the -GitLab CE or EE database: +# Source +sudo mv /path/to/12345_gitlab_ci_backup.tar /home/git/gitlab/tmp/backups/ +``` - # Manual installation - sudo -u git -H bundle exec rake ci:migrate RAILS_ENV=production +#### 5. Import the CI data into GitLab. - # Omnibus installation - sudo gitlab-rake ci:migrate +This step will delete any existing CI data on your GitLab server. There should +be no CI data yet because you turned CI on the GitLab server off earlier. -This task will take some time. +``` +# On your GitLab server: +# Omnibus +sudo gitlab-rake ci:migrate -This migration task automatically re-enables the CI setting that you -[disabled earlier](#2-prevent-ci-usage-during-the-migration-process). +# Source +cd /home/git/gitlab +sudo -u git -H bundle exec rake ci:migrate RAILS_ENV=production +``` -#### 9. Start GitLab +#### 6. Restart GitLab -You can start GitLab CE (or EE) now and see if everything is working: +``` +# On your GitLab server: +# Omnibus +sudo gitlab-ctl hup unicorn +sudo gitlab-ctl restart sidekiq - # Manual installation - sudo service gitlab start +# Source +sudo service gitlab reload +``` - # Omnibus installation - sudo gitlab-ctl restart unicorn sidekiq +### III. Redirecting traffic -### Part III: Nginx configuration +If you were running GitLab CI with Omnibus packages and you were using the +internal NGINX configuration your CI service should now be available both at +`ci.example.com` (the old address) and `gitlab.example.com/ci`. **You are done!** -This section is only required for **manual installations**. Omnibus users can -[skip to the final step](#part-iv-finishing-up). +If you installed GitLab CI from source we now need to configure a redirect in +NGINX so that existing CI runners can keep using the old CI server address, and +so that existing links to your CI server keep working. #### 1. Update Nginx configuration @@ -296,16 +315,6 @@ You should also make sure that you can: sudo /etc/init.d/nginx restart -### Part IV: Finishing Up - -If everything went well you should be able to access your migrated CI install by -visiting `https://gitlab.example.com/ci/`. If you visit the old GitLab CI -address, you should be redirected to the new one. - -**Enjoy!** - -### Troubleshooting - #### Restore from backup If something went wrong and you need to restore a backup, consult the [Backup diff --git a/doc/update/upgrader.md b/doc/update/upgrader.md index 6854250dab7..fd0327686b1 100644 --- a/doc/update/upgrader.md +++ b/doc/update/upgrader.md @@ -1,4 +1,4 @@ -# GitLab Upgrader +# GitLab Upgrader (deprecated) *DEPRECATED* We recommend to [switch to the Omnibus package and repository server](https://about.gitlab.com/update/) instead of using this script. diff --git a/lib/api/users.rb b/lib/api/users.rb index 813cc379e43..a98d668e02d 100644 --- a/lib/api/users.rb +++ b/lib/api/users.rb @@ -121,6 +121,17 @@ module API User.where(username: attrs[:username]). where.not(id: user.id).count > 0 + identity_attrs = attributes_for_keys [:provider, :extern_uid] + if identity_attrs.any? + identity = user.identities.find_by(provider: identity_attrs[:provider]) + if identity + identity.update_attributes(identity_attrs) + else + identity = user.identities.build(identity_attrs) + identity.save + end + end + if user.update_attributes(attrs) present user, with: Entities::UserFull else diff --git a/lib/tasks/gitlab/check.rake b/lib/tasks/gitlab/check.rake index c8222f8ce11..66f1ecf385f 100644 --- a/lib/tasks/gitlab/check.rake +++ b/lib/tasks/gitlab/check.rake @@ -679,6 +679,11 @@ namespace :gitlab do def check_initd_configured_correctly print "Init.d configured correctly? ... " + if omnibus_gitlab? + puts 'skipped (omnibus-gitlab has no init script)'.magenta + return + end + path = "/etc/default/gitlab" if File.exist?(path) && File.read(path).include?("mail_room_enabled=true") diff --git a/spec/requests/api/users_spec.rb b/spec/requests/api/users_spec.rb index f9bc63680ba..d26a300ed82 100644 --- a/spec/requests/api/users_spec.rb +++ b/spec/requests/api/users_spec.rb @@ -7,6 +7,7 @@ describe API::API, api: true do let(:admin) { create(:admin) } let(:key) { create(:key, user: user) } let(:email) { create(:email, user: user) } + let(:omniauth_user) { create(:omniauth_user) } describe "GET /users" do context "when unauthenticated" do @@ -230,6 +231,19 @@ describe API::API, api: true do expect(user.reload.username).to eq(user.username) end + it "should update user's existing identity" do + put api("/users/#{omniauth_user.id}", admin), provider: 'ldapmain', extern_uid: '654321' + expect(response.status).to eq(200) + expect(omniauth_user.reload.identities.first.extern_uid).to eq('654321') + end + + it 'should update user with new identity' do + put api("/users/#{user.id}", admin), provider: 'github', extern_uid: '67890' + expect(response.status).to eq(200) + expect(user.reload.identities.first.extern_uid).to eq('67890') + expect(user.reload.identities.first.provider).to eq('github') + end + it "should update admin status" do put api("/users/#{user.id}", admin), { admin: true } expect(response.status).to eq(200) |