summaryrefslogtreecommitdiff
path: root/config/initializers
Commit message (Collapse)AuthorAgeFilesLines
* Add instrumentation to conflict classesSean McGivern2016-10-131-0/+1
|
* Precalculate trending projectsprecalculate-trending-projectsYorick Peterse2016-10-101-0/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | This commit introduces a Sidekiq worker that precalculates the list of trending projects on a daily basis. The resulting set is stored in a database table that is then queried by Project.trending. This setup means that Unicorn workers no longer _may_ have to calculate the list of trending projects. Furthermore it supports filtering without any complex caching mechanisms. The data in the "trending_projects" table is inserted in the same order as the project ranking. This means that getting the projects in the correct order is simply a matter of: SELECT projects.* FROM projects INNER JOIN trending_projects ON trending_projects.project_id = projects.id ORDER BY trending_projects.id ASC; Such a query will only take a few milliseconds at most (as measured on GitLab.com), opposed to a few seconds for the query used for calculating the project ranks. The migration in this commit does not require downtime and takes care of populating an initial list of trending projects.
* Merge branch 'memoize_shell_secret_token' into 'master' Rémy Coutable2016-10-071-1/+1
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Memoize Github::Shell's secret token ## What does this MR do? `API::Helpers#secret_token` was reading the secret file on every invocation. This MR reads the file in the `gitlab_shell_secret_token.rb` initializer and saves it as a class variable at `Gitlab::Shell.secret_token` ## Are there points in the code the reviewer needs to double check? - I'm not sure if the use of `cattr_accessor` is the best approach, or if should be moved into the `class << self` block? - Should `API::Helpers#secret_token` be removed in favor of using `Gitlab::Shell.secret_token`? ## Why was this MR needed? Performance optimization. Fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/22510 See merge request !6599
| * Load Github::Shell's secret token from file on initialization instead of ↵Justin DiPierro2016-10-061-1/+1
| | | | | | | | every request.
* | Add markdown cache columns to the database, but don't use them yetNick Thomas2016-10-071-0/+41
| | | | | | | | | | | | | | | | | | | | | | | | This commit adds a number of _html columns and, with the exception of Note, starts updating them whenever the content of their partner fields changes. Note has a collision with the note_html attr_accessor; that will be fixed later A background worker for clearing these cache columns is also introduced - use `rake cache:clear` to set it off. You can clear the database or Redis caches separately by running `rake cache:clear:db` or `rake cache:clear:redis`, respectively.
* | Memoize ActiveRecord::Migrator.migrations in testsNick Thomas2016-10-061-0/+18
|/
* Merge commit 'dev/security' into 'master'Rémy Coutable2016-10-061-0/+2
|\ | | | | | | Signed-off-by: Rémy Coutable <remy@rymai.me>
| * Don't send Private-Token headers to SentryJacob Vosmaer2016-10-041-0/+2
| | | | | | | | Fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/22537
* | add configurable email subject suffixFu Xu2016-10-031-0/+1
| |
* | Merge branch 'initialize-redis' into 'master' Yorick Peterse2016-09-301-0/+3
|\ \ | | | | | | | | | | | | Initialize Redis pool in single-threaded context See merge request !6613
| * | Initialize Redis pool in single-threaded contextJacob Vosmaer2016-09-301-0/+3
| |/ | | | | | | This side-steps the need for mutexes and whatnot.
* | Use `Module#prepend` instead of `alias_method_chain`Andre Guedes2016-09-302-25/+27
| |
* | Update warn message for MySQL fixmrchrisw/mysql-connection-warnChris Wilson2016-09-281-1/+1
|/
* Gitlab::Checks is now instrumentedPaco Guzman2016-09-131-1/+2
| | | So we have a detailed view of what checks perform bad
* Merge branch 'rails-5-backports' into 'master' Robert Speicher2016-09-121-6/+2
|\ | | | | | | | | | | | | | | | | | | | | Fix two problematic bits of code that will be deprecated or broken in Rails 5. Found in the Rails 5 MR: !5555 These are safe to use in Rails 4.2.7 as well as Rails 5.0.0, so I figured I'd backport them for the sake of making that merge request smaller. The explanation for the mime_types.rb code is here: https://github.com/rails-api/active_model_serializers/issues/1027#issuecomment-126543577 See merge request !6214
| * No need for this variable.Connor Shea2016-09-121-6/+1
| |
| * Remove x-json mime_type, rename to json_mime_types.rails-5-backportsConnor Shea2016-09-111-3/+2
| |
| * Fix two problematic bits of code that will be deprecated or broken in Rails 5.Connor Shea2016-09-051-6/+8
| |
* | Merge branch 'gitlab-workhorse-safeties' into 'master' Jacob Vosmaer (GitLab)2016-09-091-0/+8
|\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Security and safety improvements for gitlab-workhorse integration Companion to https://gitlab.com/gitlab-org/gitlab-workhorse/merge_requests/60 - Use a custom content type when sending data to gitlab-workhorse - Verify (using JWT and a shared secret on disk) that internal API requests came from gitlab-workhorse This will allow us to build features in gitlab-workhorse that require more trust, and protect us against programming mistakes in the future. This is designed so that no action is required for installations from source. For omnibus-gitlab we need to add code that manages the shared secret. See merge request !5907
| * | Verify JWT messages from gitlab-workhorseJacob Vosmaer2016-09-051-0/+8
| |/
* | Limited amount of pruned Event rows per runOlaf Tomalka2016-09-071-1/+1
| | | | | | | | | | | | | | | | Old deployments of Gitlab might have a big number of old events to be deleted. Such numbers cause the worker to timeout. I've limited the amount of rows that should be destroyed at once to 10000, and increased how often pruning shall take place to 4 times a day.
* | Added cron to prune events older than 12 months.Olaf Tomalka2016-09-071-0/+3
|/ | | | | | | | Since contribution calendar shows only 12 months of activity, events older than that time are not visible anywhere and can be safely pruned saving big amount of database storage. Fixes #21164
* Fix Sentry not reporting right program for Sidekiq workersfix-sidekiq-sentry-contextStan Hu2016-08-251-0/+1
| | | | | | | Moves program tag into the global configuration since this doesn't change and since Sidekiq workers get a unique context for each event. Closes #21410
* Remove gitoriouszj-remove-gitoriousZ.J. van de Weg2016-08-251-1/+1
|
* Revert the revert of Optimistic Lockingrevert_revert_issuable_lockValery Sizov2016-08-221-0/+57
|
* Fix cron job keyexpiration-date-on-membershipsDouwe Maan2016-08-191-3/+3
|
* Merge branch 'master' into expiration-date-on-membershipsDouwe Maan2016-08-181-1/+2
|\
| * Small refactor and syntax fixes.2fa-api-checkPatricio Cano2016-08-181-1/+1
| |
| * Removed unnecessary service for user retrieval and improved API error message.Patricio Cano2016-08-181-1/+2
| |
| * Added checks for 2FA to the API `/sessions` endpoint and the Resource Owner ↵Patricio Cano2016-08-181-1/+1
| | | | | | | | Password Credentials flow.
* | Allow project group links to be expiredSean McGivern2016-08-181-0/+3
| |
* | Merge branch 'master' into expiration-date-on-membershipsSean McGivern2016-08-1810-49/+102
|\ \ | |/
| * Instrument Project.visible_to_userYorick Peterse2016-08-121-0/+3
| | | | | | | | | | | | Because this method is a Rails scope we have to instrument it manually as regular the instrumentation methods only instrument methods defined directly on a Class or Module.
| * Merge branch 'remove-grack-lfs' into 'master' Rémy Coutable2016-08-112-3/+7
| |\ | | | | | | | | | | | | | | | | | | | | | | | | Remove Grack::Auth: part 2 (LFS) Deprecate Grack::Auth and handle LFS in Rails controllers under the Project namespace. Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/14501 See merge request !5369
| | * Merge branch 'master' of https://gitlab.com/gitlab-org/gitlab-ce into ↵Jacob Vosmaer2016-08-097-6/+37
| | |\ | | | | | | | | | | | | remove-grack-lfs
| | * | Handle custom Git LFS content typeJacob Vosmaer2016-07-221-0/+7
| | | |
| | * | Remove obsolete codeJacob Vosmaer2016-07-221-3/+0
| | | |
| * | | Merge branch 'decouple-secret-keys' into 'master' Douwe Maan2016-08-101-33/+70
| |\ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Store OTP secret key in secrets.yml ## What does this MR do? Migrate the value of `.secret` to `config/secrets.yml` if present, so that `.secret` can be rotated without preventing all users with 2FA from logging in. (On a clean setup, generate different keys for each.) ## Are there points in the code the reviewer needs to double check? I'm not sure we actually need `.secret` at all after this, but it seems safer not to touch it. ## Why was this MR needed? We have some DB encryption keys in `config/secrets.yml`, and one in `.secret`. They should all be in the same place. ## What are the relevant issue numbers? #3963, which isn't closed until I make the relevant changes in Omnibus too. ## Does this MR meet the acceptance criteria? - [x] [CHANGELOG](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CHANGELOG) entry added - [x] [Documentation created/updated](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/doc_styleguide.md) - ~~API support added~~ - Tests - [x] Added for this feature/bug - [x] All builds are passing - [x] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides) - [x] Branch has no merge conflicts with `master` (if you do - rebase it please) - [x] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits) See merge request !5274
| | * | | Ignore Rails/Exit cop in initializerSean McGivern2016-08-041-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | We do not want to proceed with loading the app in this case, as it could lose a secret needed to decrypt values in the database.
| | * | | Clarify intentions of secret token initializerSean McGivern2016-08-031-35/+55
| | | | |
| | * | | Give priority to environment variablesSean McGivern2016-08-031-4/+20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | If an environment variable exists for secret_key_base, use that - always. But don't save it to secrets.yml. Also ensure that we never write to secrets.yml if there's a non-blank value there.
| | * | | Store all secret keys in secrets.ymlSean McGivern2016-08-031-24/+16
| | | | | | | | | | | | | | | | | | | | | | | | | Move the last secret from .secret to config/secrets.yml, and delete .secret if it exists.
| | * | | Store OTP secret key in secrets.ymlSean McGivern2016-08-031-36/+45
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | .secret stores the secret token used for both encrypting login cookies and for encrypting stored OTP secrets. We can't rotate this, because that would invalidate all existing OTP secrets. If the secret token is present in the .secret file or an environment variable, save it as otp_key_base in secrets.yml. Now .secret can be rotated without invalidating OTP secrets. If the secret token isn't present (initial setup), then just generate a separate otp_key_base and save in secrets.yml. Update the docs to reflect that secrets.yml needs to be retained past upgrades, but .secret doesn't.
| * | | | Merge branch 'brodock/gitlab-ce-feature/redis-sentinel'Douwe Maan2016-08-092-10/+8
| |\ \ \ \ | | |_|_|/ | |/| | | | | | | | | | | | | # Conflicts: # lib/gitlab/redis.rb
| | * | | Make sidekiq get config settings from Gitlab::RedisConfigGabriel Mazetto2016-08-041-8/+6
| | | | |
| | * | | Deduplicated resque.yml loading from several placesGabriel Mazetto2016-08-041-2/+2
| | | | | | | | | | | | | | | | | | | | We will trust redis configuration params loading to Gitlab::RedisConfig.
| * | | | Update to send changed password notification emailsTom Bell2016-08-051-0/+3
| |/ / / | | | | | | | | | | | | | | | | Add the devise initializer config setting to enable the sending of notification emails when a user changes their password.
| * | | Merge branch 'fix/ha-mode-import-issue' into 'master' Rémy Coutable2016-08-041-3/+3
| |\ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fix Import/Export not working in HA mode Use a shared path instead of `Tempfile` default `/tmp` so the import file is accessible by any GitLab instance. Fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/20506 - [x] [CHANGELOG](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CHANGELOG) entry added - Tests - [x] All builds are passing - [x] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides) - [x] Branch has no merge conflicts with `master` (if you do - rebase it please) - [x] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits) See merge request !5618
| | * | | using shared path for project import uploads and refactored gitlab remove ↵James Lopez2016-08-041-3/+3
| | | | | | | | | | | | | | | | | | | | export worker
| * | | | Instrument Gitlab::Highlightinstrument-gitlab-highlightYorick Peterse2016-08-031-0/+3
| | |/ / | |/| | | | | | | | | | | | | | This class does quite a few interesting things so let's instrument it so we can see how much time is being spent in this class.
View Lorry Controller Status