summaryrefslogtreecommitdiff
path: root/lib
Commit message (Collapse)AuthorAgeFilesLines
* Whitelist or fix additional `Gitlab/PublicSend` cop violationsrs-more-public-send-whitelistsRobert Speicher2017-08-1426-36/+39
| | | | | An upcoming update to rubocop-gitlab-security added additional violations.
* Merge branch 'gitaly-404-commit-list-files' into 'master'Douwe Maan2017-08-142-22/+48
|\ | | | | | | | | | | | | Migrate `Git::Repository.ls_files` to Gitaly Closes gitaly#404 See merge request !13302
| * Migrate Git::Repository.ls_files to Gitalygitaly-404-commit-list-filesKim "BKC" Carlbäcker2017-08-102-22/+48
| |
* | Merge branch 'fix/thread-safe-gpgme-tmp-directory' into 'master'Dmitriy Zaporozhets2017-08-141-11/+29
|\ \ | | | | | | | | | | | | | | | | | | Fix: Thread safe GPGME tmp directory Closes #35986 See merge request !13481
| * | reset original directory in ensureAlexis Reigel2017-08-141-8/+4
| | |
| * | use mutex for keychain interactionAlexis Reigel2017-08-141-8/+26
| | | | | | | | | | | | | | | | | | | | | | | | setting of the gpg home directory is not thread safe, as the directoy gets stored on the class. if multiple threads change the directory at the same time, one of the threads will be working in the wrong directory.
| * | store gpg return directory locallyAlexis Reigel2017-08-111-5/+9
| | |
* | | Merge branch 'bvl-rollback-renamed-system-namespace' into 'master'Douwe Maan2017-08-141-0/+79
|\ \ \ | | | | | | | | | | | | | | | | | | | | | | | | Don't rename system when migrating from 9.x -> 9.4 Closes #35525 and #36148 See merge request !13228
| * | | Move the personal snippet uploads from `system` to `-/system`bvl-rollback-renamed-system-namespaceBob Van Landuyt2017-08-111-0/+79
| | | | | | | | | | | | | | | | | | | | Update the markdown unconditionally since the move might have been done before, but the markdown not updated.
* | | | Merge branch 'feature/migrate-force-push-check-to-gitaly' into 'master'Robert Speicher2017-08-112-7/+16
|\ \ \ \ | | | | | | | | | | | | | | | | | | | | Migrate force push check to Gitaly See merge request !13406
| * | | | Migrate force push check to Gitalyfeature/migrate-force-push-check-to-gitalyAhmad Sherif2017-08-112-7/+16
| | |_|/ | |/| |
* | | | Merge branch 'disable-project-export' into 'master'Rémy Coutable2017-08-111-0/+1
|\ \ \ \ | | | | | | | | | | | | | | | | | | | | Add option to disable project export on instance See merge request !13211
| * | | | Add option to disable project export on instanceRobin Bobbitt2017-08-111-0/+1
| | |/ / | |/| |
* | | | Merge branch 'rs-coverage-updates' into 'master'Rémy Coutable2017-08-114-16/+6
|\ \ \ \ | | | | | | | | | | | | | | | | | | | | Better categorize test coverage results See merge request !13485
| * | | | Better categorize test coverage resultsrs-coverage-updatesRobert Speicher2017-08-114-16/+6
| |/ / / | | | | | | | | | | | | Also marks a few things as uncovered, and removes an unused class.
* | | | Merge branch '36213-return-is_admin-in-users-api-when-current_user-is-admin' ↵Sean McGivern2017-08-111-9/+4
|\ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | into 'master' Include the `is_admin` field in the `GET /users/:id` API when current user is an admin Closes #36213 See merge request !13501
| * | | | Include the `is_admin` field in the `GET /users/:id` API when current user ↵Rémy Coutable2017-08-111-9/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | is an admin Signed-off-by: Rémy Coutable <remy@rymai.me>
* | | | | Merge branch 'rc/32308-rspec-retry-hack' into 'master'Sean McGivern2017-08-113-0/+160
|\ \ \ \ \ | |_|/ / / |/| | | | | | | | | | | | | | Detect and keep track of flaky specs See merge request !13021
| * | | | Use a new RspecFlakyListener to detect flaky specsRémy Coutable2017-08-113-0/+160
| | | | | | | | | | | | | | | | | | | | Signed-off-by: Rémy Coutable <remy@rymai.me>
* | | | | Merge branch 'split-events-into-push-events' into 'master'Sean McGivern2017-08-115-10/+220
|\ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | Use a separate table for storing push events See merge request !12463
| * | | | | Use a specialized class for querying eventsYorick Peterse2017-08-101-0/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This changes various controllers to use the new EventCollection class for retrieving events. This class uses a JOIN LATERAL query on PostgreSQL to retrieve queries in a more efficient way, while falling back to a simpler / less efficient query for MySQL. The EventCollection class also includes a limit on the number of events to display to prevent malicious users from cycling through all events, as doing so could put a lot of pressure on the database. JOIN LATERAL is only supported on PostgreSQL starting with version 9.3.0 and as such this optimisation is only used when using PostgreSQL 9.3 or newer.
| * | | | | Migrate events into a new formatYorick Peterse2017-08-104-10/+216
| | |_|_|/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This commit migrates events data in such a way that push events are stored much more efficiently. This is done by creating a shadow table called "events_for_migration", and a table called "push_event_payloads" which is used for storing push data of push events. The background migration in this commit will copy events from the "events" table into the "events_for_migration" table, push events in will also have a row created in "push_event_payloads". This approach allows us to reclaim space in the next release by simply swapping the "events" and "events_for_migration" tables, then dropping the old events (now "events_for_migration") table. The new table structure is also optimised for storage space, and does not include the unused "title" column nor the "data" column (since this data is moved to "push_event_payloads"). == Newly Created Events Newly created events are inserted into both "events" and "events_for_migration", both using the exact same primary key value. The table "push_event_payloads" in turn has a foreign key to the _shadow_ table. This removes the need for recreating and validating the foreign key after swapping the tables. Since the shadow table also has a foreign key to "projects.id" we also don't have to worry about orphaned rows. This approach however does require some additional storage as we're duplicating a portion of the events data for at least 1 release. The exact amount is hard to estimate, but for GitLab.com this is expected to be between 10 and 20 GB at most. The background migration in this commit deliberately does _not_ update the "events" table as doing so would put a lot of pressure on PostgreSQL's auto vacuuming system. == Supporting Both Old And New Events Application code has also been adjusted to support push events using both the old and new data formats. This is done by creating a PushEvent class which extends the regular Event class. Using Rails' Single Table Inheritance system we can ensure the right class is used for the right data, which in this case is based on the value of `events.action`. To support displaying old and new data at the same time the PushEvent class re-defines a few methods of the Event class, falling back to their original implementations for push events in the old format. Once all existing events have been migrated the various push event related methods can be removed from the Event model, and the calls to `super` can be removed from the methods in the PushEvent model. The UI and event atom feed have also been slightly changed to better handle this new setup, fortunately only a few changes were necessary to make this work. == API Changes The API only displays push data of events in the new format. Supporting both formats in the API is a bit more difficult compared to the UI. Since the old push data was not really well documented (apart from one example that used an incorrect "action" nmae) I decided that supporting both was not worth the effort, especially since events will be migrated in a few days _and_ new events are created in the correct format.
* | | | | Show error message for API 500 error in tests, andLin Jen-Shin2017-08-111-1/+9
| |/ / / |/| | | | | | | | | | | document have_gitlab_http_status
* | | | Fix merge request diff deserialisation when too_large was absentSean McGivern2017-08-111-0/+2
| |/ / |/| | | | | | | | | | | Not all diffs in st_diffs had the too_large attribute set at all, but the column is non-nullable. Explicitly cast to boolean to avoid that problem.
* | | Merge branch 'gitlab-git-expose-raw-log' into 'master'Sean McGivern2017-08-111-16/+17
|\ \ \ | | | | | | | | | | | | | | | | Expose the raw_log method See merge request !13434
| * | | Expose the raw_log methodgitlab-git-expose-raw-logJacob Vosmaer2017-08-091-16/+17
| | |/ | |/|
* | | Merge branch 'jej/security-release-2017-08-10' into 'master'Stan Hu2017-08-102-1/+13
|\ \ \ | | | | | | | | | | | | | | | | Security release 2017-08-10 patch See merge request !13477
| * | | Merge branch 'rs-alphanumeric-ssh-params' into 'security-9-4'jej/security-release-2017-08-10James Edwards-Jones2017-08-101-0/+8
| | | | | | | | | | | | | | | | | | | | Ensure user and hostnames begin with an alnum character in UrlBlocker See merge request !2138
| * | | Merge branch 'import-symlinks-9-3' into 'security-9-3'James Edwards-Jones2017-08-101-1/+5
| | |/ | |/| | | | | | | | | | Fix file disclosure via hidden symlinks using the project import (9.3) See merge request !2164
* | | Filter sensitive query string parameters from NGINX access logsNick Thomas2017-08-102-3/+71
|/ /
* | Merge branch 'gitaly-repository-exists' into 'master'32665-make-project-and-features-visibility-settings-less-confusingSean McGivern2017-08-091-1/+1
|\ \ | | | | | | | | | | | | Rename RPC 'Exists' to 'RepositoryExists' See merge request !13277
| * | Rename RPC 'Exists' to 'RepositoryExists'Jacob Vosmaer2017-08-091-1/+1
| | |
* | | Merge branch 'fix-gitlab-pages-cache-config' into 'master'Grzegorz Bizon2017-08-092-2/+8
|\ \ \ | | | | | | | | | | | | | | | | Fix proxy config in Gitlab Pages nginx examples See merge request !13375
| * | | Fix proxy config in Gitlab Pages nginx examplesNick Thomas2017-08-082-2/+8
| | | |
* | | | Merge branch '36003-do-not-include-to-kernel' into 'master'Robert Speicher2017-08-093-13/+3
|\ \ \ \ | |_|/ / |/| | | | | | | | | | | | | | | | | | | Don't include anything to Kernel only because of tasks Closes #36003 See merge request !13380
| * | | We shouldn't include utility methods everywhereLin Jen-Shin2017-08-081-0/+2
| | | |
| * | | Just extend main, rather than include to KernelLin Jen-Shin2017-08-082-13/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Unfortunately rake doesn't have nested context, everything just runs on a main rake object. This is probably due to compatibility issue, but anyway, we could just extend the object.
* | | | Merge branch 'rc/enable-the-Layout/SpaceBeforeBlockBraces-cop' into 'master'Robert Speicher2017-08-095-7/+8
|\ \ \ \ | | | | | | | | | | | | | | | | | | | | Enable the Layout/SpaceBeforeBlockBraces cop See merge request !13413
| * | | | Fix ee_compat_check when EE branch uses a prefixRémy Coutable2017-08-091-2/+3
| | | | | | | | | | | | | | | | | | | | Signed-off-by: Rémy Coutable <remy@rymai.me>
| * | | | Enable the Layout/SpaceBeforeBlockBraces coprc/enable-the-Layout/SpaceBeforeBlockBraces-copRémy Coutable2017-08-094-5/+5
| | |_|/ | |/| | | | | | | | | | Signed-off-by: Rémy Coutable <remy@rymai.me>
* | | | Explain why we use select all for project_url_constrainer.rbDmitriy Zaporozhets2017-08-091-0/+2
|/ / /
* | | Merge branch 'add-rubocop-gitlab-security' into 'master'Robert Speicher2017-08-0810-14/+16
|\ \ \ | | | | | | | | | | | | | | | | Add rubocop-gitlab-security gem See merge request !12177
| * | | Re-enable SqlInjection and CommandInjectionBrian Neel2017-08-0810-14/+16
| | | |
* | | | Merge branch 'gitaly-bundle-gemfile' into 'master'Rémy Coutable2017-08-081-1/+1
|\ \ \ \ | |/ / / |/| | | | | | | | | | | Unset BUNDLE_GEMFILE when installing Gitaly See merge request !13378
| * | | Unset BUNDLE_GEMFILE when installing GitalyJacob Vosmaer2017-08-081-1/+1
| | | |
* | | | Merge branch 'gitaly-find-commit' into 'master'Dmitriy Zaporozhets2017-08-0811-89/+108
|\ \ \ \ | |_|/ / |/| | | | | | | | | | | | | | | | | | | Incorporate Gitaly's CommitService.FindCommit RPC Closes gitaly#402 See merge request !13094
| * | | Incorporate Gitaly's CommitService.FindCommit RPCgitaly-find-commitAlejandro Rodríguez2017-08-074-22/+55
| | | |
| * | | Move `deltas` and `diff_from_parents` logic to Gitlab::Git::CommitAlejandro Rodríguez2017-08-073-28/+39
| | | | | | | | | | | | | | | | | | | | | | | | This helps keep the abstraction layers simpler, and also keep the interface of those methods consistent, in case of implementation changes.
| * | | Refactor Gitlab::Git::Commit to include a repositoryAlejandro Rodríguez2017-08-078-45/+20
| | | |
* | | | Merge branch '35098-raise-encoding-confidence-threshold' into 'master'Sean McGivern2017-08-081-1/+1
|\ \ \ \ | |_|/ / |/| | | | | | | | | | | | | | | | | | | Raise encoding confidence threshold to 50 Closes #35098 See merge request !12990
View Lorry Controller Status