diff options
| -rw-r--r-- | VERSION | 2 | ||||
| -rw-r--r-- | app/assets/stylesheets/application.scss | 55 | ||||
| -rw-r--r-- | config/initializers/1_settings.rb | 2 | ||||
| -rw-r--r-- | config/initializers/secret_token.rb | 4 | ||||
| -rw-r--r-- | doc/README.md | 2 | ||||
| -rw-r--r-- | doc/api/merge_requests.md | 9 | ||||
| -rw-r--r-- | doc/api/users.md | 27 | ||||
| -rw-r--r-- | doc/install/installation.md | 2 | ||||
| -rw-r--r-- | doc/install/requirements.md | 22 | ||||
| -rw-r--r-- | doc/release/monthly.md | 30 | ||||
| -rw-r--r-- | doc/update/6.7-to-6.8.md | 12 | ||||
| -rw-r--r-- | doc/update/README.md | 4 | ||||
| -rw-r--r-- | doc/update/upgrader.md | 6 | ||||
| -rw-r--r-- | doc/workflow/authorization_for_merge_requests.md | 32 | ||||
| -rw-r--r-- | lib/api/users.rb | 39 | ||||
| -rw-r--r-- | spec/requests/api/users_spec.rb | 61 |
16 files changed, 227 insertions, 82 deletions
@@ -1 +1 @@ -6.8.0.rc1 +6.8.0 diff --git a/app/assets/stylesheets/application.scss b/app/assets/stylesheets/application.scss index ce36c1132ea..c53873f95a2 100644 --- a/app/assets/stylesheets/application.scss +++ b/app/assets/stylesheets/application.scss @@ -12,10 +12,7 @@ *= require nprogress-bootstrap */ -@import "main/variables.scss"; -@import "main/mixins.scss"; -@import "main/fonts.scss"; -@import "main/layout.scss"; +@import "main/*"; /** * Customized Twitter bootstrap @@ -31,64 +28,22 @@ /** * Generic css (forms, nav etc): */ -@import "generic/avatar.scss"; -@import "generic/common.scss"; -@import "generic/typography.scss"; -@import "generic/buttons.scss"; -@import "generic/blocks.scss"; -@import "generic/ui_box.scss"; -@import "generic/issue_box.scss"; -@import "generic/files.scss"; -@import "generic/lists.scss"; -@import "generic/flash.scss"; -@import "generic/forms.scss"; -@import "generic/selects.scss"; -@import "generic/highlight.scss"; -@import "generic/jquery.scss"; +@import "generic/*"; /** * Page specific styles (issues, projects etc): */ -@import "sections/header.scss"; -@import "sections/nav.scss"; -@import "sections/commits.scss"; -@import "sections/diff.scss"; -@import "sections/issues.scss"; -@import "sections/projects.scss"; -@import "sections/snippets.scss"; -@import "sections/votes.scss"; -@import "sections/merge_requests.scss"; -@import "sections/graph.scss"; -@import "sections/events.scss"; -@import "sections/themes.scss"; -@import "sections/tree.scss"; -@import "sections/notes.scss"; -@import "sections/profile.scss"; -@import "sections/login.scss"; -@import "sections/editor.scss"; -@import "sections/admin.scss"; -@import "sections/wiki.scss"; -@import "sections/wall.scss"; -@import "sections/dashboard.scss"; -@import "sections/stat_graph.scss"; -@import "sections/groups.scss"; +@import "sections/*"; /** * Code highlight */ -@import "highlight/white.scss"; -@import "highlight/dark.scss"; -@import "highlight/solarized_dark.scss"; -@import "highlight/monokai.scss"; +@import "highlight/*"; /** * UI themes: */ -@import "themes/ui_basic.scss"; -@import "themes/ui_mars.scss"; -@import "themes/ui_modern.scss"; -@import "themes/ui_gray.scss"; -@import "themes/ui_color.scss"; +@import "themes/*"; /** * Styles for JS behaviors. diff --git a/config/initializers/1_settings.rb b/config/initializers/1_settings.rb index 82a08241e01..ee1b7ebf3f3 100644 --- a/config/initializers/1_settings.rb +++ b/config/initializers/1_settings.rb @@ -1,5 +1,5 @@ class Settings < Settingslogic - source "#{Rails.root}/config/gitlab.yml" + source ENV.fetch('GITLAB_CONFIG') { "#{Rails.root}/config/gitlab.yml" } namespace Rails.env class << self diff --git a/config/initializers/secret_token.rb b/config/initializers/secret_token.rb index 98400290113..62a54bc8c63 100644 --- a/config/initializers/secret_token.rb +++ b/config/initializers/secret_token.rb @@ -9,7 +9,9 @@ require 'securerandom' def find_secure_token token_file = Rails.root.join('.secret') - if File.exist? token_file + if ENV.key?('SECRET_KEY_BASE') + ENV['SECRET_KEY_BASE'] + elsif File.exist? token_file # Use the existing token. File.read(token_file).chomp else diff --git a/doc/README.md b/doc/README.md index 6c8fe3a96ce..b73d7bb38e1 100644 --- a/doc/README.md +++ b/doc/README.md @@ -6,7 +6,7 @@ + [Public access](public_access/public_access.md) Learn how you can allow public and internal access to a project. + [SSH](ssh/README.md) Setup your ssh keys and deploy keys for secure access to your projects. + [Web hooks](web_hooks/web_hooks.md) Let GitLab notify you when new code has been pushed to your project. -+ [Workflow](workflow/workflow.md) Learn how to use Git and GitLab together. ++ [Workflow](workflow/README.md) Learn how to use Git and GitLab together. **Administrator documentation** diff --git a/doc/api/merge_requests.md b/doc/api/merge_requests.md index 4e864ae1078..2996f609d43 100644 --- a/doc/api/merge_requests.md +++ b/doc/api/merge_requests.md @@ -105,10 +105,11 @@ POST /projects/:id/merge_requests Parameters: + `id` (required) - The ID of a project -+ `source_branch` (required) - The source branch -+ `target_branch` (required) - The target branch -+ `assignee_id` (optional) - Assignee user ID -+ `title` (required) - Title of MR ++ `source_branch` (required) - The source branch ++ `target_branch` (required) - The target branch ++ `assignee_id` (optional) - Assignee user ID ++ `title` (required) - Title of MR ++ `target_project_id` (optional) - The target project (numeric id) ```json { diff --git a/doc/api/users.md b/doc/api/users.md index 2d5dedb3a39..2b927c30777 100644 --- a/doc/api/users.md +++ b/doc/api/users.md @@ -220,6 +220,18 @@ Parameters: + **none** +## List SSH keys for user + +Get a list of a specified user's SSH keys. Available only for admin + +``` +GET /users/:uid/keys +``` + +Parameters: + ++ `uid` (required) - id of specified user + ## Single SSH key @@ -286,3 +298,18 @@ Parameters: + `id` (required) - SSH key ID +## Delete SSH key + +Deletes key owned by a specified user. Available only for admin. + +``` +DELETE /users/:uid/keys/:id +``` + +Parameters: + ++ `uid` (required) - id of specified user ++ `id` (required) - SSH key ID + +Will return `200 Ok` on success, or `404 Not found` if either user or key cannot be found. + diff --git a/doc/install/installation.md b/doc/install/installation.md index fb3faa536f0..579656eda2f 100644 --- a/doc/install/installation.md +++ b/doc/install/installation.md @@ -128,7 +128,7 @@ GitLab Shell is an ssh access and repository management software developed speci cd /home/git # Clone gitlab shell - sudo -u git -H git clone https://gitlab.com/gitlab-org/gitlab-shell.git -b v1.9.1 + sudo -u git -H git clone https://gitlab.com/gitlab-org/gitlab-shell.git -b v1.9.3 cd gitlab-shell diff --git a/doc/install/requirements.md b/doc/install/requirements.md index 56a2a5efeb0..62e21dc72bb 100644 --- a/doc/install/requirements.md +++ b/doc/install/requirements.md @@ -43,18 +43,24 @@ We love [JRuby](http://jruby.org/) and [Rubinius](http://rubini.us/)) but GitLab ## CPU -- 1 core works for under 100 users but the responsiveness might suffer -- **2 cores** is the **recommended** number of cores and supports up to 100 users -- 4 cores supports up to 1,000 users -- 8 cores supports up to 10,000 users +- 1 core works supports up to 100 users but the application will not be responsive +- **2 cores** is the **recommended** number of cores and supports up to 500 users +- 4 cores supports up to 2,000 users +- 8 cores supports up to 5,000 users +- 16 cores supports up to 10,0000 users +- 32 cores supports up to 20,0000 users +- 64 cores supports up to 40,0000 users ## Memory -- 512MB is too little memory, GitLab will be very slow and you will need 250MB of swap -- 768MB is the minimal memory size but we advise against this +- 512MB is the abolute minimum, you need 256MB of swap, you can configure only one slow unicorn worker, only ssh access will work, we do not recommend this - 1GB supports up to 100 users (with individual repositories under 250MB, otherwise git memory usage necessitates using swap space) -- **2GB** is the **recommended** memory size and supports up to 1,000 users -- 4GB supports up to 10,000 users +- **2GB** is the **recommended** memory size and supports up to 500 users +- 4GB supports up to 2,000 users +- 8GB supports up to 5,000 users +- 16GB supports up to 10,000 users +- 32GB supports up to 20,000 users +- 64GB supports up to 40,000 users ## Storage diff --git a/doc/release/monthly.md b/doc/release/monthly.md index 9dbe62f1210..284e4e16595 100644 --- a/doc/release/monthly.md +++ b/doc/release/monthly.md @@ -58,16 +58,32 @@ Check if changed since last release (~22nd of last month depending on when last * [](https://coveralls.io/r/gitlabhq/gitlabhq) -## Make a release branch +## Release Schedule After making the release branch new commits are cherry-picked from master. When the release gets closer we get more selective what is cherry-picked. The days of the month are approximately as follows: -* 1-7th: official merge window (see contributing guide) -* 8-14th: work on bugfixes, sponsored features and GitLab EE -* 15th: code freeze (stop merging into master except essential bugfixes) -* 18th: release candidate 1 (VERSION x.x.0.rc1, annotated tag and tweet about x.x.0.rc1, release on GitLab Cloud) -* 20st: optional release candidate 2 (x.x.0.rc2, only if rc1 had problems) -* 22nd: release (VERSION x.x.0, create x-x-stable branch, annotated tag tag, blog and tweet) +* 1-7th: Official merge window (see contributing guide). +* 8-14th: Work on bugfixes, sponsored features and GitLab EE. +* 15th: Code freeze + - Stop merging into master, except essential bugfixes + - Select a Release Manager +* 18th: Release Candidate 1 + - Set VERSION to x.x.0.rc1 + - Create annotated tag x.x.0.rc1 + - Push the changes to GitLab.com, dev.gitlab.com, GitHub + - Tweet about the release + - Create a new branch on cloud for rc1 + - Deploy the new branch on Cloud after tests pass +* 20st: Optional release candidate 2 (x.x.0.rc2, only if rc1 had problems) +* 22nd: Release + - Create x-x-stable branch and push to the repositories + - QA + - Fix anything coming out of the QA + - Set VERSION to x.x.0 + - Create annotated tag x.x.0 + - Push VERSION + Tag to master, merge into x-x-stable + - Publish blog for new release + - Tweet to blog (see below) * 23nd: optional patch releases (x.x.1, x.x.2, etc., only if there are serious problems) * 24-end of month: release GitLab EE and GitLab CI diff --git a/doc/update/6.7-to-6.8.md b/doc/update/6.7-to-6.8.md index 57918bca82d..63023fd384b 100644 --- a/doc/update/6.7-to-6.8.md +++ b/doc/update/6.7-to-6.8.md @@ -1,4 +1,4 @@ -# From 6.6 to 6.7 +# From 6.7 to 6.8 ### 0. Backup @@ -9,7 +9,9 @@ sudo -u git -H bundle exec rake gitlab:backup:create RAILS_ENV=production ### 1. Stop server - sudo service gitlab stop +```bash +sudo service gitlab stop +``` ### 2. Get latest code @@ -37,7 +39,7 @@ sudo -u git -H git checkout 6-8-stable-ee ```bash cd /home/git/gitlab-shell sudo -u git -H git fetch -sudo -u git -H git checkout v1.9.1 +sudo -u git -H git checkout v1.9.3 ``` ### 4. Install libs, migrations, etc. @@ -114,10 +116,10 @@ To make sure you didn't miss anything run a more thorough check with: If all items are green, then congratulations upgrade is complete! -## Things went south? Revert to previous version (6.6) +## Things went south? Revert to previous version (6.7) ### 1. Revert the code to the previous version -Follow the [`upgrade guide from 6.5 to 6.6`](6.5-to-6.6.md), except for the database migration +Follow the [`upgrade guide from 6.6 to 6.7`](6.6-to-6.7.md), except for the database migration (The backup is already migrated to the previous version) ### 2. Restore from the backup: diff --git a/doc/update/README.md b/doc/update/README.md index 06e3764616f..9ce48a019e8 100644 --- a/doc/update/README.md +++ b/doc/update/README.md @@ -1,5 +1,5 @@ -+ [The indivual upgrade guides](https://gitlab.com/gitlab-org/gitlab-ce/tree/master/doc/update) -+ [Uprader](upgrader.md) ++ [The individual upgrade guides](https://gitlab.com/gitlab-org/gitlab-ce/tree/master/doc/update) ++ [Upgrader](upgrader.md) + [Ruby](ruby.md) + [Patch versions](patch_versions.md) + [MySQL to PostgreSQL](mysql_to_postgresql.md) diff --git a/doc/update/upgrader.md b/doc/update/upgrader.md index fd45154ac82..72a94f67b3c 100644 --- a/doc/update/upgrader.md +++ b/doc/update/upgrader.md @@ -46,4 +46,8 @@ If all items are green, then congratulations upgrade is complete! You've read through the entire guide, and probably did all the steps manually. Here is a one liner for convenience, the next time you upgrade: - cd /home/git/gitlab; sudo -u git -H bundle exec rake gitlab:backup:create RAILS_ENV=production; sudo service gitlab stop; sudo -u git -H ruby script/upgrade.rb -y; sudo service gitlab start; sudo service nginx restart; sudo -u git -H bundle exec rake gitlab:check RAILS_ENV=production +```bash +cd /home/git/gitlab; sudo -u git -H bundle exec rake gitlab:backup:create RAILS_ENV=production; \ + sudo service gitlab stop; sudo -u git -H ruby script/upgrade.rb -y; sudo service gitlab start; \ + sudo service nginx restart; sudo -u git -H bundle exec rake gitlab:check RAILS_ENV=production +``` diff --git a/doc/workflow/authorization_for_merge_requests.md b/doc/workflow/authorization_for_merge_requests.md new file mode 100644 index 00000000000..4e07d7c04c5 --- /dev/null +++ b/doc/workflow/authorization_for_merge_requests.md @@ -0,0 +1,32 @@ +There are two main ways to have a merge request flow with GitLab: working with protected branches in a single repository, or working with forks of an authoritative project. + +## Protected branch flow + +With the protected branch flow everybody works within the same GitLab project. +The project maintainers get Master access and the regular developers get Developer access. +The maintainers mark the authoritative branches as 'Protected'. +The developers push feature branches to the project and create merge requests to have their feature branches reviewed and merged into one of the protected branches. +Only users with Master access can merge changes into a protected branch. + +### Advantages + +- fewer projects means less clutter +- developers need to consider only one remote repository + +### Disadvantages + +- manual setup of protected branch required for each new project + +## Forking workflow + +With the forking workflow the maintainers get Master access and the regular developers get Reporter access to the authoritative repository, which prohibits them from pushing any changes to it. +Developers create forks of the authoritative project and push their feature branches to their own forks. +To get their changes into master they need to create a merge request across forks. + +### Advantages + +- in an appropriately configured GitLab group, new projects automatically get the required access restrictions for regular developers: fewer manual steps to configure authorization for new projects + +### Disadvantages + +- the project need to keep their forks up to date, which requires more advanced Git skills (managing multiple remotes) diff --git a/lib/api/users.rb b/lib/api/users.rb index ae808b6272b..6ed2740c333 100644 --- a/lib/api/users.rb +++ b/lib/api/users.rb @@ -113,6 +113,45 @@ module API end end + # Get ssh keys of a specified user. Only available to admin users. + # + # Parameters: + # uid (required) - The ID of a user + # Example Request: + # GET /users/:uid/keys + get ':uid/keys' do + authenticated_as_admin! + user = User.find_by(id: params[:uid]) + if user + present user.keys, with: Entities::SSHKey + else + not_found! + end + end + + # Delete existing ssh key of a specified user. Only available to admin + # users. + # + # Parameters: + # uid (required) - The ID of a user + # id (required) - SSH Key ID + # Example Request: + # DELETE /users/:uid/keys/:id + delete ':uid/keys/:id' do + authenticated_as_admin! + user = User.find_by(id: params[:uid]) + if user + begin + key = user.keys.find params[:id] + key.destroy + rescue ActiveRecord::RecordNotFound + not_found! + end + else + not_found! + end + end + # Delete user. Available only for admin # # Example Request: diff --git a/spec/requests/api/users_spec.rb b/spec/requests/api/users_spec.rb index 86610c47513..a6d300b099b 100644 --- a/spec/requests/api/users_spec.rb +++ b/spec/requests/api/users_spec.rb @@ -242,6 +242,67 @@ describe API::API, api: true do end end + describe 'GET /user/:uid/keys' do + before { admin } + + context 'when unauthenticated' do + it 'should return authentication error' do + get api("/users/#{user.id}/keys") + response.status.should == 401 + end + end + + context 'when authenticated' do + it 'should return 404 for non-existing user' do + get api('/users/999999/keys', admin) + response.status.should == 404 + end + + it 'should return array of ssh keys' do + user.keys << key + user.save + get api("/users/#{user.id}/keys", admin) + response.status.should == 200 + json_response.should be_an Array + json_response.first['title'].should == key.title + end + end + end + + describe 'DELETE /user/:uid/keys/:id' do + before { admin } + + context 'when unauthenticated' do + it 'should return authentication error' do + delete api("/users/#{user.id}/keys/42") + response.status.should == 401 + end + end + + context 'when authenticated' do + it 'should delete existing key' do + user.keys << key + user.save + expect { + delete api("/users/#{user.id}/keys/#{key.id}", admin) + }.to change { user.keys.count }.by(-1) + response.status.should == 200 + end + + it 'should return 404 error if user not found' do + user.keys << key + user.save + delete api("/users/999999/keys/#{key.id}", admin) + response.status.should == 404 + end + + it 'should return 404 error if key not foud' do + delete api("/users/#{user.id}/keys/42", admin) + response.status.should == 404 + end + end + end + describe "DELETE /users/:id" do before { admin } |