summaryrefslogtreecommitdiff
path: root/config/initializers
Commit message (Collapse)AuthorAgeFilesLines
* Revert the revert of Optimistic Lockingrevert_revert_issuable_lockValery Sizov2016-08-221-0/+57
|
* Fix cron job keyexpiration-date-on-membershipsDouwe Maan2016-08-191-3/+3
|
* Merge branch 'master' into expiration-date-on-membershipsDouwe Maan2016-08-181-1/+2
|\
| * Small refactor and syntax fixes.2fa-api-checkPatricio Cano2016-08-181-1/+1
| |
| * Removed unnecessary service for user retrieval and improved API error message.Patricio Cano2016-08-181-1/+2
| |
| * Added checks for 2FA to the API `/sessions` endpoint and the Resource Owner ↵Patricio Cano2016-08-181-1/+1
| | | | | | | | Password Credentials flow.
* | Allow project group links to be expiredSean McGivern2016-08-181-0/+3
| |
* | Merge branch 'master' into expiration-date-on-membershipsSean McGivern2016-08-1810-49/+102
|\ \ | |/
| * Instrument Project.visible_to_userYorick Peterse2016-08-121-0/+3
| | | | | | | | | | | | Because this method is a Rails scope we have to instrument it manually as regular the instrumentation methods only instrument methods defined directly on a Class or Module.
| * Merge branch 'remove-grack-lfs' into 'master' Rémy Coutable2016-08-112-3/+7
| |\ | | | | | | | | | | | | | | | | | | | | | | | | Remove Grack::Auth: part 2 (LFS) Deprecate Grack::Auth and handle LFS in Rails controllers under the Project namespace. Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/14501 See merge request !5369
| | * Merge branch 'master' of https://gitlab.com/gitlab-org/gitlab-ce into ↵Jacob Vosmaer2016-08-097-6/+37
| | |\ | | | | | | | | | | | | remove-grack-lfs
| | * | Handle custom Git LFS content typeJacob Vosmaer2016-07-221-0/+7
| | | |
| | * | Remove obsolete codeJacob Vosmaer2016-07-221-3/+0
| | | |
| * | | Merge branch 'decouple-secret-keys' into 'master' Douwe Maan2016-08-101-33/+70
| |\ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Store OTP secret key in secrets.yml ## What does this MR do? Migrate the value of `.secret` to `config/secrets.yml` if present, so that `.secret` can be rotated without preventing all users with 2FA from logging in. (On a clean setup, generate different keys for each.) ## Are there points in the code the reviewer needs to double check? I'm not sure we actually need `.secret` at all after this, but it seems safer not to touch it. ## Why was this MR needed? We have some DB encryption keys in `config/secrets.yml`, and one in `.secret`. They should all be in the same place. ## What are the relevant issue numbers? #3963, which isn't closed until I make the relevant changes in Omnibus too. ## Does this MR meet the acceptance criteria? - [x] [CHANGELOG](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CHANGELOG) entry added - [x] [Documentation created/updated](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/doc_styleguide.md) - ~~API support added~~ - Tests - [x] Added for this feature/bug - [x] All builds are passing - [x] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides) - [x] Branch has no merge conflicts with `master` (if you do - rebase it please) - [x] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits) See merge request !5274
| | * | | Ignore Rails/Exit cop in initializerSean McGivern2016-08-041-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | We do not want to proceed with loading the app in this case, as it could lose a secret needed to decrypt values in the database.
| | * | | Clarify intentions of secret token initializerSean McGivern2016-08-031-35/+55
| | | | |
| | * | | Give priority to environment variablesSean McGivern2016-08-031-4/+20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | If an environment variable exists for secret_key_base, use that - always. But don't save it to secrets.yml. Also ensure that we never write to secrets.yml if there's a non-blank value there.
| | * | | Store all secret keys in secrets.ymlSean McGivern2016-08-031-24/+16
| | | | | | | | | | | | | | | | | | | | | | | | | Move the last secret from .secret to config/secrets.yml, and delete .secret if it exists.
| | * | | Store OTP secret key in secrets.ymlSean McGivern2016-08-031-36/+45
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | .secret stores the secret token used for both encrypting login cookies and for encrypting stored OTP secrets. We can't rotate this, because that would invalidate all existing OTP secrets. If the secret token is present in the .secret file or an environment variable, save it as otp_key_base in secrets.yml. Now .secret can be rotated without invalidating OTP secrets. If the secret token isn't present (initial setup), then just generate a separate otp_key_base and save in secrets.yml. Update the docs to reflect that secrets.yml needs to be retained past upgrades, but .secret doesn't.
| * | | | Merge branch 'brodock/gitlab-ce-feature/redis-sentinel'Douwe Maan2016-08-092-10/+8
| |\ \ \ \ | | |_|_|/ | |/| | | | | | | | | | | | | # Conflicts: # lib/gitlab/redis.rb
| | * | | Make sidekiq get config settings from Gitlab::RedisConfigGabriel Mazetto2016-08-041-8/+6
| | | | |
| | * | | Deduplicated resque.yml loading from several placesGabriel Mazetto2016-08-041-2/+2
| | | | | | | | | | | | | | | | | | | | We will trust redis configuration params loading to Gitlab::RedisConfig.
| * | | | Update to send changed password notification emailsTom Bell2016-08-051-0/+3
| |/ / / | | | | | | | | | | | | | | | | Add the devise initializer config setting to enable the sending of notification emails when a user changes their password.
| * | | Merge branch 'fix/ha-mode-import-issue' into 'master' Rémy Coutable2016-08-041-3/+3
| |\ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fix Import/Export not working in HA mode Use a shared path instead of `Tempfile` default `/tmp` so the import file is accessible by any GitLab instance. Fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/20506 - [x] [CHANGELOG](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CHANGELOG) entry added - Tests - [x] All builds are passing - [x] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides) - [x] Branch has no merge conflicts with `master` (if you do - rebase it please) - [x] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits) See merge request !5618
| | * | | using shared path for project import uploads and refactored gitlab remove ↵James Lopez2016-08-041-3/+3
| | | | | | | | | | | | | | | | | | | | export worker
| * | | | Instrument Gitlab::Highlightinstrument-gitlab-highlightYorick Peterse2016-08-031-0/+3
| | |/ / | |/| | | | | | | | | | | | | | This class does quite a few interesting things so let's instrument it so we can see how much time is being spent in this class.
| * | | Instrument the Repository classinstrument-repository-classYorick Peterse2016-08-021-0/+1
| |/ / | | | | | | | | | | | | Since this isn't an ActiveRecord::Base descendant it wasn't instrumented.
| * | Fix RequestProfiler::Middleware error when code is reloaded in developmentfix/request-profiler-middleware-error-on-reloadAhmad Sherif2016-08-011-0/+2
| | | | | | | | | | | | Closes #20452
| * | Ignore invalid IPs in X-Forwarded-For when trusted proxies are configured.lookatmike2016-07-311-0/+2
| | |
* | | Add worker which removes expired members.Adam Niedzielski2016-08-041-0/+3
|/ /
* | Merge branch '20124-disable-repository-validation-during-precompile-step' ↵Stan Hu2016-07-271-1/+1
|\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | into 'master' Add ENV variable to skip repository storages validations Closes #20124 See merge request !5478
| * | Add ENV variable to skip repository storages validations20124-disable-repository-validation-during-precompile-stepAlejandro Rodríguez2016-07-251-1/+1
| | |
* | | Profile requests when a header is passedfeature/profile-requests-conditionallyAhmad Sherif2016-07-262-0/+6
| | |
* | | Enable SIDEKIQ_REQUEST_STORE by defaultadd-sidekiq-request-storeStan Hu2016-07-251-1/+1
| | |
* | | Add support for using RequestStore within Sidekiq tasks via ↵Stan Hu2016-07-251-0/+1
|/ / | | | | | | | | | | | | | | | | SIDEKIQ_REQUEST_STORE env variable This significantly reduces the DB churn in the PostReceive task when it performs reference extraction. See #18663
* | Instrument Nokogiri parsing methodsYorick Peterse2016-07-251-0/+7
| | | | | | | | | | This allows us to see how much time is being spent in just parsing HTML/XML documents.
* | Ignore invalid trusted proxies in X-Forwarded-For headerreject-invalid-trusted-proxiesStan Hu2016-07-231-2/+8
|/ | | | | | | Certain reverse proxies can send invalid IP addresses in the X-Forwarded-For header For example, Apache can send (null). Closes #20194
* Skip repository storage path valitaions on test environmentAlejandro Rodríguez2016-07-211-6/+10
| | | | | Storage path are not created until `TestEnv.init`, so we must skip their validation on initialization.
* Use Pathname to make the repository storage path validations more robustAlejandro Rodríguez2016-07-211-5/+6
|
* Avoid data-integrity issue when repository_downloads_path is incorrectlyDouglas Barbosa Alexandre2016-07-211-1/+15
|
* Merge branch '4142-show-inline-video' into 'master' Rémy Coutable2016-07-211-2/+6
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add support for inline videos in issue, MR and notes (on issue, commit, MR, and MR diff) ## What does this MR do? It adds support for inline videos in issue, MR and notes (on issue, commit, MR, and MR diff). Most of the work was done by @hayesr in !3508 but a few improvements were still missing. ## Why was this MR needed? To be able to play uploaded videos in GitLab! ## What are the relevant issue numbers? Closes #4142. ## Screenshots ### Video players ![Screen_Shot_2016-07-19_at_18.44.09](/uploads/e85e531b455a41c3e66b26b356abaafd/Screen_Shot_2016-07-19_at_18.44.09.png) ----- ![Screen_Shot_2016-07-19_at_18.44.29](/uploads/05f52a812760210d1eae86a7f8fc48bc/Screen_Shot_2016-07-19_at_18.44.29.png) ----- ## Does this MR meet the acceptance criteria? - [x] [CHANGELOG](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CHANGELOG) entry added - [x] [Documentation created/updated](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/doc_styleguide.md) - Tests - [x] Test `VideoLinkFilter` - [x] Test in `spec/features/markdown_spec.rb` - [x] Improve `spec/uploaders/file_uploader_spec.rb` - [x] All builds are passing - [x] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides) - [x] Branch has no merge conflicts with `master` (if you do - rebase it please) - [x] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits) See merge request !5215
| * Don't allow `.ogg` as a valid video extension4142-show-inline-videoRémy Coutable2016-07-211-1/+1
| | | | | | | | | | | | `.ogg` is for music files. Signed-off-by: Rémy Coutable <remy@rymai.me>
| * Remove duplication, useless rescue, and avoid using ActionViewRémy Coutable2016-07-191-4/+2
| | | | | | | | Signed-off-by: Rémy Coutable <remy@rymai.me>
| * First support of videos in issues, MRs and notesEric Hayes2016-07-191-2/+8
| | | | | | | | | | * Registered video MIME types * Currently supporting browser-supported formats with extensions that match the mime type
* | Revert "Merge branch 'csp-basics' into 'master' "Robert Speicher2016-07-201-109/+0
| | | | | | | | | | This reverts commit 9065f9c5ff073d376eb6377ca63ead93623fc8a3, reversing changes made to f0b446e55506b251e85afd4bb063586bccb52eb2.
* | Revert "Merge branch 'remove-csp-sentry-reporting' into 'master' "Robert Speicher2016-07-201-2/+12
| | | | | | | | | | This reverts commit 79b02e40e5842540ceff4454f6c2c51f13fc081c, reversing changes made to f2cd21e8946dcef13e8be408b96b079b5ced682a.
* | Merge branch 'email-domain-blacklist' into 'master' Robert Speicher2016-07-201-1/+1
|\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Added the ability to block sign ups using a domain blacklist. As part of this MR, I restructured the Application Settings form to separate **Sign up** related settings from **Sign in** related settings and make everything cleaner and easier to read. Fixes #19749 Related to #5573 See merge request !5259
| * | Refactor and rename `restricted_signup_domains` to `domain_whitelist` to ↵Patricio Cano2016-07-181-1/+1
| | | | | | | | | | | | better conform to its behavior and newly introduced behavior.
* | | Log cron_jobs configuration instead of raising exceptionGabriel Mazetto2016-07-201-1/+2
| | |
* | | Fix the Sentry spam from CSP violations by disabling it.Connor Shea2016-07-191-12/+2
| |/ |/|
View Lorry Controller Status