| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
| |
This is the same as gitlab-shell's default. This is to ensure
that it's always set.
It needs to be the same as gitlab-shell's default because we
don't set a default value in omnibus-gitlab. If users don't
set the value of that config in their install and they upgraded,
we must ensure that it's still going to point to the same
authorized keys file.
|
| |\
| |
| |
| |
| | |
Add warnings to performance bar response
See merge request gitlab-org/gitlab-ce!31054
|
| | |
| |
| |
| |
| |
| | |
This key is useful to reduce the amount of logic needed on the frontend:
if `has_warnings` is true, then the frontend knows that the request in
question has warnings for some metric.
|
| |/
|
|
| |
(cherry picked from commit 897a9d308db46b620b738b98f2b0e5630ac7d2dd)
|
| |
|
|
| |
allow_bypass_two_factor configration dose not work with saml provider
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
This change adds Distributed Tracing support for two new types of events
1. Redis Calls
1. ActiveSupport (Rails) Caching Operations
The intention is to help application developers and infrastructure
SREs to understand the pressure that caching operations can have on
the application when running at scale.
The Redis and Caching spans can be viewed in the Jaeger UI by clicking
the "Trace" link in the performance bar when running on GDK.
|
| |\
| |
| |
| |
| | |
feat: smime signed notification emails
See merge request gitlab-org/gitlab-ce!30644
|
| | |
| |
| |
| |
| |
| | |
- Add mail interceptor the signs outgoing email with SMIME
- Add lib and helpers to work with SMIME data
- New configuration params for setting up SMIME key and cert files
|
| |\ \
| | |
| | |
| | |
| | | |
Port of EE "Elasticsearch versioned schema for other ActiveRecord models"
See merge request gitlab-org/gitlab-ce!31660
|
| | | |
| | |
| | |
| | | |
Doc for multi-indices archtecture
|
| | | |
| | |
| | |
| | | |
Transform `CancelledError` into `JobRetry::Skip`
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This makes:
- very shallow `Middleware::Monitor` to only request tracking
of sidekiq jobs,
- `SidekiqStatus::Monitor` to be responsible to maintain persistent
connection to receive messages,
- `SidekiqStatus::Monitor` to always use structured logging
and instance variables
|
| |/ /
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This adds a middleware to track all threads
for running jobs.
This makes sidekiq to watch for redis-delivered notifications.
This makes be able to send notification to interrupt
running sidekiq jobs.
This does not take into account any native code,
as `Thread.raise` generates exception once the control gets
back to Ruby.
The separate measure should be taken to interrupt gRPC, shellouts,
or anything else that escapes Ruby.
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Current `auth.log` uses `fullpath` and `ip`, while `api_json.log` uses
`remote_ip` and `path` for the same fields. Let's standardize these
namings to make it easier for people working with the data.
Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/66167
|
| |\ \
| | |
| | |
| | |
| | | |
Update qa/Dockerfile to be built from the project root context
See merge request gitlab-org/gitlab-ce!31533
|
| | | |
| | |
| | |
| | |
| | | |
For the QA tests to use the new injection methods, we must require the
initializer and ensure that the "constantize" method is available.
|
| |/ /
| |
| |
| |
| |
| |
| | |
After moving the multiproc dir cleanup into `config.ru`:`warmup`, we
stopped cleaning Sidekiq metrics dir which is not correct.
This MR intended to fix that. More details:
https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/31668
|
| |\ \
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
'47003-user-onboarding-replace-current-email-confirmation-flow-with-a-soft-email-confirmation-flow' into 'master'
Soft email confirmation flow
Closes #47003
See merge request gitlab-org/gitlab-ce!31245
|
| | |/
| |
| |
| | |
to 30 days
|
| |\ \
| | |
| | |
| | |
| | |
| | |
| | | |
'46548-open-source-alternative-to-recaptcha-for-gitlab-com-registration' into 'master'
Open source alternative to reCAPTCHA for GitLab.com registration
See merge request gitlab-org/gitlab-ce!31625
|
| | | |
| | |
| | |
| | |
| | |
| | | |
With a time treshold of 4 seconds
and a firstname and lastname honeypot
input fields when signing up
|
| |\ \ \
| | | |
| | | |
| | | |
| | | | |
Elasticsearch versioned schema for Snippet
See merge request gitlab-org/gitlab-ce!31465
|
| | |/ / |
|
| |/ /
| |
| |
| |
| |
| |
| |
| |
| | |
When we hit our app with the initial request, in `warmup`,
some metrics already being created as well as corresponding files.
If we do `multiproc_file_dir` cleanup after that, we delete the files
from the dir while keeping them in memory which leads to the incorrect
behavior: the metric is being updated in in-memory, while is not present
in the db, not sent to Prometheus as the result.
|
| |/
|
|
|
|
|
|
|
|
| |
This will help identify Sidekiq jobs that invoke excessive number of
filesystem access.
The timing data is stored in `RequestStore`, but this is only active
within the middleware and is not directly accessible to the Sidekiq
logger. However, it is possible for the middleware to modify the job
hash to pass this data along to the logger.
|
| |\
| |
| |
| |
| |
| |
| | |
Add support for Content-Security-Policy
Closes #65330
See merge request gitlab-org/gitlab-ce!31402
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
A nonce-based Content-Security-Policy thwarts XSS attacks by allowing
inline JavaScript to execute if the script nonce matches the header
value. Rails 5.2 supports nonce-based Content-Security-Policy headers,
so provide configuration to enable this and make it work.
To support this, we need to change all `:javascript` HAML filters to the
following form:
```
= javascript_tag nonce: true do
:plain
...
```
We use `%script` throughout our HAML to store JSON and other text, but
since this doesn't execute, browsers don't appear to block this content
from being used and require the nonce value to be present.
|
| |/
|
|
|
|
| |
These were disabled in production mode, but that also broke the rest of
the performance bar. As they were only enabled in development mode, we
can just remove them for now.
|
| |
|
| |
This reverts merge request !31379
|
| |\
| |
| |
| |
| | |
Support X_if_ee methods for QA tests
See merge request gitlab-org/gitlab-ce!31379
|
| | |
| |
| |
| |
| | |
For the QA tests to use the new injection methods, we must require the
initializer and ensure that the "constantize" method is available.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Previously, both InfluxSampler and RubySampler were relying on the
`GC::Profiler.total_time` data which is the sum over the list
of captured GC events. Also, both samplers asynchronously called
`GC::Profiler.clear` which led to incorrect metric data because
each sampler has the wrong assumption it is the only object who calls
`GC::Profiler.clear` and thus could rely on the gathered results between
such calls.
We should ensure that `GC::Profiler.total_time` is called only in one
place making it possible to rely on accumulated data between such wipes.
Also, we need to track the amount of profiler reports we lost.
|
| |/
|
|
| |
Introducing Docker Registry replication
|
| |
|
|
|
|
|
|
|
|
|
| |
This adds the methods prepend_if_ee, extend_if_ee, and include_if_ee
that can be used to inject EE specific modules in EE.
These methods are exposed as an initializer that is loaded as soon as
possible. For tests that use fast_spec_helper.rb we must load this
initializer manually, as the Rails environment is not loaded. This is
not the most pretty setup, but unfortunately there is no alternative
that we can use.
|
| |
|
|
|
|
|
|
|
| |
1. The output isn't great. It can be hard to find hotspots and, even
when you do find them, to find why those are hotspots.
2. It uses some jQuery-specific frontend code which we can remove now
that we don't have this any more.
3. It's only possible to profile the initial request, not any subsequent
AJAX requests.
|
| |\ |
|
| | |\
| | |
| | |
| | |
| | | |
Do not allow localhost url redirection in GitHub Integration
See merge request gitlab/gitlabhq!3188
|
| | | | |
|
| |\ \ \
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Replace peek-pg with our own implementation
Closes #44441
See merge request gitlab-org/gitlab-ce!31187
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
This uses an ActiveRecord subscriber to get queries and calculate the
total query time from that. This means that the total will always be
consistent with the queries in the table. It does however mean that we
could potentially miss some queries that don't go through ActiveRecord.
Making this change also allows us to unify the response JSON a little
bit, making the frontend slightly simpler as a result.
|
| |/ / /
| | |
| | |
| | |
| | | |
This adds diirect monitoring for sidekiq metrics. This is done via
sidekiq middleware and a sampler to pull from sidekiqs api.
|
| | | |
| | |
| | |
| | |
| | | |
Changes all calls to data_source_exists? to table_exists?
since that is the intent of these calls
|
| |\ \ \
| |/ /
|/| |
| | |
| | | |
Backport of https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/14597
See merge request gitlab-org/gitlab-ce!30520
|
| | | |
| | |
| | |
| | |
| | | |
This is the first part of Docker Registry replication
for secondary Geo node.
|
| |/ /
| |
| |
| |
| |
| | |
This will help diagnose the source of excessive I/O from Rugged
calls. To implement this, we need to obtain the full list of arguments
sent to each request method.
|
| |\ \
| | |
| | |
| | |
| | |
| | |
| | | |
Remove dead mysql code
Closes #63191
See merge request gitlab-org/gitlab-ce!29608
|
| | | |
| | |
| | |
| | | |
None of this code can be reached any more, so it can all be removed
|
| |/ /
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This is no longer needed with Rails 5.2. opclass is the attribute used
per https://github.com/rails/rails/pull/19090/files.
Now that we've removed the monkey patch and restored the Rails schema
dumper, it appears Rails has dropped the inclusion of `using: :btree` as
well (https://github.com/rails/rails/pull/27981).
Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/64529
|
| | | |
|
| |\ \
| | |
| | |
| | |
| | |
| | |
| | | |
Add Rugged calls and duration to API and Rails logs
Closes #64676
See merge request gitlab-org/gitlab-ce!30871
|
