From fc59df67e278b5a874c6ce258038d277acc100d1 Mon Sep 17 00:00:00 2001 From: Jasper Maes Date: Wed, 29 Aug 2018 21:29:18 +0200 Subject: Rails 5: include opclasses in rails 5 schema dump --- .../initializers/postgresql_opclasses_support.rb | 50 ++++++++++++++-------- 1 file changed, 31 insertions(+), 19 deletions(-) (limited to 'config') diff --git a/config/initializers/postgresql_opclasses_support.rb b/config/initializers/postgresql_opclasses_support.rb index 7b8afc78817..12a0770a455 100644 --- a/config/initializers/postgresql_opclasses_support.rb +++ b/config/initializers/postgresql_opclasses_support.rb @@ -144,7 +144,10 @@ module ActiveRecord [column, opclass] if opclass end.compact] - IndexDefinition.new(table_name, index_name, unique, column_names, [], orders, where, nil, using, opclasses) + index_attrs = [table_name, index_name, unique, column_names, [], orders, where, nil, using, opclasses] + index_attrs.insert(-2, nil) if Gitlab.rails5? # include index comment for Rails 5 + + IndexDefinition.new(*index_attrs) end end.compact end @@ -172,29 +175,38 @@ module ActiveRecord def indexes(table, stream) if (indexes = @connection.indexes(table)).any? add_index_statements = indexes.map do |index| - statement_parts = [ - "add_index #{remove_prefix_and_suffix(index.table).inspect}", - index.columns.inspect, - "name: #{index.name.inspect}", - ] - statement_parts << 'unique: true' if index.unique - - index_lengths = (index.lengths || []).compact - statement_parts << "length: #{Hash[index.columns.zip(index.lengths)].inspect}" if index_lengths.any? - - index_orders = index.orders || {} - statement_parts << "order: #{index.orders.inspect}" if index_orders.any? - statement_parts << "where: #{index.where.inspect}" if index.where - statement_parts << "using: #{index.using.inspect}" if index.using - statement_parts << "type: #{index.type.inspect}" if index.type - statement_parts << "opclasses: #{index.opclasses}" if index.opclasses.present? - - " #{statement_parts.join(', ')}" + table_name = remove_prefix_and_suffix(index.table).inspect + " add_index #{([table_name]+index_parts(index)).join(', ')}" end stream.puts add_index_statements.sort.join("\n") stream.puts end end + + def indexes_in_create(table, stream) + if (indexes = @connection.indexes(table)).any? + index_statements = indexes.map do |index| + " t.index #{index_parts(index).join(', ')}" + end + stream.puts index_statements.sort.join("\n") + end + end + + def index_parts(index) + index_parts = [ + index.columns.inspect, + "name: #{index.name.inspect}", + ] + index_parts << "unique: true" if index.unique + index_parts << "length: { #{format_options(index.lengths)} }" if index.lengths.present? + index_parts << "order: { #{format_options(index.orders)} }" if index.orders.present? + index_parts << "where: #{index.where.inspect}" if index.where + index_parts << "using: #{index.using.inspect}" if index.using + index_parts << "type: #{index.type.inspect}" if index.type + index_parts << "opclasses: #{index.opclasses.inspect}" if index.opclasses.present? + index_parts << "comment: #{index.comment.inspect}" if Gitlab.rails5? && index.comment + index_parts + end end end -- cgit v1.2.1 From d11cfcf777b33cf565f9c089b819add14b76d162 Mon Sep 17 00:00:00 2001 From: Winnie Hellmann Date: Thu, 30 Aug 2018 14:08:46 +0200 Subject: Exclude frontend development dependencies from license restrictions --- config/dependency_decisions.yml | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'config') diff --git a/config/dependency_decisions.yml b/config/dependency_decisions.yml index dce1fc1bc45..16f16f77fb9 100644 --- a/config/dependency_decisions.yml +++ b/config/dependency_decisions.yml @@ -570,3 +570,10 @@ :why: https://github.com/codesandbox-app/codesandbox-importers/blob/master/packages/import-utils/LICENSE :versions: [] :when: 2018-08-03 12:23:24.083046000 Z +- - :ignore_group + - devDependencies + - :who: Winnie Hellmann + :why: NPM packages used for development are not distributed with the final product and are therefore + exempt. + :versions: [] + :when: 2018-08-30 12:06:35.668181000 Z -- cgit v1.2.1 From 19e56902cac9a653b0255e88faaced0e0e8ff703 Mon Sep 17 00:00:00 2001 From: Stan Hu Date: Fri, 31 Aug 2018 10:50:27 -0700 Subject: Bump unauthenticated session time from 1 hour to 2 hours Users who have their system clocks configured inconsistently due to Daylight Savings may see a GitLab session cookie that immediately expires, resulting in a 422 error. To avoid these errors, we can bump the unauthenticated session time from 1 hour to 2 hours so they have time to login and get the default 7-day session. Closes #50393 --- config/initializers/1_settings.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'config') diff --git a/config/initializers/1_settings.rb b/config/initializers/1_settings.rb index 9ad55e21d11..ab351b86cae 100644 --- a/config/initializers/1_settings.rb +++ b/config/initializers/1_settings.rb @@ -141,7 +141,7 @@ Settings.gitlab['default_projects_features'] ||= {} Settings.gitlab['webhook_timeout'] ||= 10 Settings.gitlab['max_attachment_size'] ||= 10 Settings.gitlab['session_expire_delay'] ||= 10080 -Settings.gitlab['unauthenticated_session_expire_delay'] ||= 1.hour.to_i +Settings.gitlab['unauthenticated_session_expire_delay'] ||= 2.hours.to_i Settings.gitlab.default_projects_features['issues'] = true if Settings.gitlab.default_projects_features['issues'].nil? Settings.gitlab.default_projects_features['merge_requests'] = true if Settings.gitlab.default_projects_features['merge_requests'].nil? Settings.gitlab.default_projects_features['wiki'] = true if Settings.gitlab.default_projects_features['wiki'].nil? -- cgit v1.2.1 From 4442972b060593b045254668af32658382f18e6b Mon Sep 17 00:00:00 2001 From: Stan Hu Date: Thu, 30 Aug 2018 12:35:32 -0700 Subject: Disable the Sidekiq Admin Rack session GitLab already has its own session store, so this extra Sidekiq session is unnecessary. In addition, the GitLab session store properly sets the Secure flag, unlike the default Rack session. CSRF protection in the Sidekiq /admin page continues to work with the existing GitLab session. See https://github.com/mperham/sidekiq/pull/3183 for more details. Part of #49120 --- config/initializers/sidekiq.rb | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'config') diff --git a/config/initializers/sidekiq.rb b/config/initializers/sidekiq.rb index 6f54bee4713..476eaabfed8 100644 --- a/config/initializers/sidekiq.rb +++ b/config/initializers/sidekiq.rb @@ -1,3 +1,9 @@ +require 'sidekiq/web' + +# Disable the Sidekiq Rack session since GitLab already has its own session store. +# CSRF protection still works (https://github.com/mperham/sidekiq/commit/315504e766c4fd88a29b7772169060afc4c40329). +Sidekiq::Web.set :sessions, false + # Custom Queues configuration queues_config_hash = Gitlab::Redis::Queues.params queues_config_hash[:namespace] = Gitlab::Redis::Queues::SIDEKIQ_NAMESPACE -- cgit v1.2.1 From 743add978aafa43862867a89b00a04e888199947 Mon Sep 17 00:00:00 2001 From: Winnie Hellmann Date: Mon, 3 Sep 2018 13:16:23 +0000 Subject: Move badge settings to general settings --- config/routes/group.rb | 1 - config/routes/project.rb | 1 - 2 files changed, 2 deletions(-) (limited to 'config') diff --git a/config/routes/group.rb b/config/routes/group.rb index d7313e43786..343865cc50c 100644 --- a/config/routes/group.rb +++ b/config/routes/group.rb @@ -25,7 +25,6 @@ constraints(::Constraints::GroupUrlConstrainer.new) do constraints: { group_id: Gitlab::PathRegex.full_namespace_route_regex }) do namespace :settings do resource :ci_cd, only: [:show], controller: 'ci_cd' - resources :badges, only: [:index] end resource :variables, only: [:show, :update] diff --git a/config/routes/project.rb b/config/routes/project.rb index 34f49546983..4021d62b931 100644 --- a/config/routes/project.rb +++ b/config/routes/project.rb @@ -442,7 +442,6 @@ constraints(::Constraints::ProjectUrlConstrainer.new) do resource :repository, only: [:show], controller: :repository do post :create_deploy_token, path: 'deploy_token/create' end - resources :badges, only: [:index] end # Since both wiki and repository routing contains wildcard characters -- cgit v1.2.1 From ba914c32e1a8cd35f17e42df5ab4c7730c617a23 Mon Sep 17 00:00:00 2001 From: Jasper Maes Date: Mon, 3 Sep 2018 18:28:17 +0200 Subject: Rails 5: support schema t.index for mysql --- .../mysql_set_length_for_binary_indexes.rb | 28 ++++++++++++++++++++++ 1 file changed, 28 insertions(+) (limited to 'config') diff --git a/config/initializers/mysql_set_length_for_binary_indexes.rb b/config/initializers/mysql_set_length_for_binary_indexes.rb index de0bc5322aa..1b16b39d517 100644 --- a/config/initializers/mysql_set_length_for_binary_indexes.rb +++ b/config/initializers/mysql_set_length_for_binary_indexes.rb @@ -2,6 +2,9 @@ # MySQL adapter apply a length of 20. Otherwise MySQL can't create an index on # binary columns. +# This module can be removed once a Rails 5 schema is used. +# It can't be wrapped in a check that checks Gitlab.rails5? because +# the old Rails 4 schema layout is still used module MysqlSetLengthForBinaryIndex def add_index(table_name, column_names, options = {}) Array(column_names).each do |column_name| @@ -19,3 +22,28 @@ end if defined?(ActiveRecord::ConnectionAdapters::Mysql2Adapter) ActiveRecord::ConnectionAdapters::Mysql2Adapter.send(:prepend, MysqlSetLengthForBinaryIndex) end + +if Gitlab.rails5? + module MysqlSetLengthForBinaryIndexAndIgnorePostgresOptionsForSchema + # This method is used in Rails 5 schema loading as t.index + def index(column_names, options = {}) + Array(column_names).each do |column_name| + column = columns.find { |c| c.name == column_name } + + if column&.type == :binary + options[:length] = 20 + end + end + + # Ignore indexes that use opclasses, + # also see config/initializers/mysql_ignore_postgresql_options.rb + unless options[:opclasses] + super(column_names, options) + end + end + end + + if defined?(ActiveRecord::ConnectionAdapters::MySQL::TableDefinition) + ActiveRecord::ConnectionAdapters::MySQL::TableDefinition.send(:prepend, MysqlSetLengthForBinaryIndexAndIgnorePostgresOptionsForSchema) + end +end -- cgit v1.2.1 From d5e9185618cc30227b2bd68f4322a3d7860152ee Mon Sep 17 00:00:00 2001 From: Olivier Gonzalez Date: Tue, 4 Sep 2018 18:52:03 -0400 Subject: Make MySQL patch for binary indexes compatible with composite indexes --- config/initializers/mysql_set_length_for_binary_indexes.rb | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'config') diff --git a/config/initializers/mysql_set_length_for_binary_indexes.rb b/config/initializers/mysql_set_length_for_binary_indexes.rb index 1b16b39d517..81ed2fb83de 100644 --- a/config/initializers/mysql_set_length_for_binary_indexes.rb +++ b/config/initializers/mysql_set_length_for_binary_indexes.rb @@ -7,11 +7,12 @@ # the old Rails 4 schema layout is still used module MysqlSetLengthForBinaryIndex def add_index(table_name, column_names, options = {}) + options[:length] ||= {} Array(column_names).each do |column_name| column = ActiveRecord::Base.connection.columns(table_name).find { |c| c.name == column_name } if column&.type == :binary - options[:length] = 20 + options[:length][column_name] = 20 end end @@ -27,11 +28,12 @@ if Gitlab.rails5? module MysqlSetLengthForBinaryIndexAndIgnorePostgresOptionsForSchema # This method is used in Rails 5 schema loading as t.index def index(column_names, options = {}) + options[:length] ||= {} Array(column_names).each do |column_name| column = columns.find { |c| c.name == column_name } if column&.type == :binary - options[:length] = 20 + options[:length][column_name] = 20 end end -- cgit v1.2.1 From 3309bf7583aa0999212001d532b2fc9daa09a7ed Mon Sep 17 00:00:00 2001 From: "Balasankar \"Balu\" C" Date: Wed, 5 Sep 2018 11:59:30 +0000 Subject: Add license info of unknown libraries to license_finder configuration instead of direct approval --- config/dependency_decisions.yml | 28 ++++++++++++++++++---------- 1 file changed, 18 insertions(+), 10 deletions(-) (limited to 'config') diff --git a/config/dependency_decisions.yml b/config/dependency_decisions.yml index 16f16f77fb9..664035831a5 100644 --- a/config/dependency_decisions.yml +++ b/config/dependency_decisions.yml @@ -235,8 +235,9 @@ :why: https://github.com/component/inherit/blob/master/LICENSE :versions: [] :when: 2017-01-14 20:10:41.804804000 Z -- - :approve +- - :license - fsevents + - MIT - :who: Matt Lee :why: https://github.com/strongloop/fsevents/blob/master/LICENSE :versions: [] @@ -380,8 +381,9 @@ :why: https://github.com/Tjatse/ansi-html/blob/master/LICENSE :versions: [] :when: 2017-04-10 05:42:12.898178000 Z -- - :approve +- - :license - map-stream + - MIT - :who: Mike Greiling :why: https://github.com/dominictarr/map-stream/blob/master/LICENCE :versions: [] @@ -458,8 +460,9 @@ :why: CC0 1.0 - https://github.com/jonathantneal/svg4everybody/blob/master/LICENSE.md :versions: [] :when: 2017-09-13 17:31:16.425819400 Z -- - :approve +- - :license - "@gitlab-org/gitlab-svgs" + - MIT - :who: Tim Zallmann :why: Our own library - GitLab License https://gitlab.com/gitlab-org/gitlab-svgs :versions: [] @@ -528,8 +531,9 @@ :why: https://github.com/mafintosh/cyclist/blob/master/LICENSE :versions: [] :when: 2018-02-20 21:37:43.774978000 Z -- - :approve +- - :license - bitsyntax + - MIT - :who: Mike Greiling :why: https://github.com/squaremo/bitsyntax-js/blob/master/LICENSE-MIT :versions: [] @@ -540,8 +544,9 @@ :why: https://github.com/xtuc/webassemblyjs/blob/master/LICENSE :versions: [] :when: 2018-06-08 05:30:56.764116000 Z -- - :approve +- - :license - "@gitlab-org/gitlab-ui" + - MIT - :who: Clement Ho :why: Our own library :versions: [] @@ -552,20 +557,23 @@ :why: https://github.com/pieroxy/lz-string/blob/master/LICENSE.txt :versions: [] :when: 2018-08-03 08:22:44.973457000 Z -- - :approve +- - :license - smooshpack + - LGPL - :who: Phil Hughes :why: https://github.com/CompuIves/codesandbox-client/blob/master/packages/sandpack/LICENSE.md :versions: [] :when: 2018-08-03 08:24:29.578991000 Z -- - :approve +- - :license - codesandbox-import-util-types + - LGPL - :who: Phil Hughes :why: https://github.com/codesandbox-app/codesandbox-importers/blob/master/packages/types/LICENSE :versions: [] :when: 2018-08-03 12:22:47.574421000 Z -- - :approve +- - :license - codesandbox-import-utils + - LGPL - :who: Phil Hughes :why: https://github.com/codesandbox-app/codesandbox-importers/blob/master/packages/import-utils/LICENSE :versions: [] @@ -573,7 +581,7 @@ - - :ignore_group - devDependencies - :who: Winnie Hellmann - :why: NPM packages used for development are not distributed with the final product and are therefore - exempt. + :why: NPM packages used for development are not distributed with the final product + and are therefore exempt. :versions: [] :when: 2018-08-30 12:06:35.668181000 Z -- cgit v1.2.1 From 93005b4e811a41da2c845b7c1ab558625c338a72 Mon Sep 17 00:00:00 2001 From: Stan Hu Date: Wed, 5 Sep 2018 14:40:36 -0700 Subject: Add User-Agent to production_json.log This will help production gain more visibility which browsers may be having issues. --- config/initializers/lograge.rb | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'config') diff --git a/config/initializers/lograge.rb b/config/initializers/lograge.rb index 1cf8a24e98c..840404e0ec0 100644 --- a/config/initializers/lograge.rb +++ b/config/initializers/lograge.rb @@ -22,7 +22,8 @@ unless Sidekiq.server? params: params, remote_ip: event.payload[:remote_ip], user_id: event.payload[:user_id], - username: event.payload[:username] + username: event.payload[:username], + ua: event.payload[:ua] } gitaly_calls = Gitlab::GitalyClient.get_request_count -- cgit v1.2.1 From 262b974123d22b5d6b662b232ca4792d7998a166 Mon Sep 17 00:00:00 2001 From: Stan Hu Date: Mon, 13 Aug 2018 15:36:15 -0700 Subject: Fix attachments not displaying inline with Google Cloud Storage There were several issues: 1. With Google Cloud Storage, we can't override the Content-Type with Response-Content-Type once it is set. Setting the value to `application/octet-stream` doesn't buy us anything. GCS defaults to `application/octet-stream`, and AWS uses `binary/octet-stream`. Just remove this `Content-Type` when we upload new files. 2. CarrierWave and fog-google need to support query parameters: https://github.com/fog/fog-google/pull/409/files, https://github.com/carrierwaveuploader/carrierwave/pull/2332/files. CarrierWave has been monkey-patched until an official release. 3. Workhorse also needs to remove the Content-Type header in the request (https://gitlab.com/gitlab-org/gitlab-workhorse/blob/ef80978ff89e628c8eeb66556720e30587d3deb6/internal/objectstore/object.go#L66), or we'll get a 403 error when uploading due to signed URLs not matching the headers. Upgrading to Workhorse 6.1.0 for https://gitlab.com/gitlab-org/gitlab-workhorse/merge_requests/297 will make Workhorse use the headers that are used by Rails. Closes #49957 --- config/initializers/carrierwave_patch.rb | 29 ++++++++++++++++++++++ .../initializers/fog_google_https_private_urls.rb | 2 +- 2 files changed, 30 insertions(+), 1 deletion(-) create mode 100644 config/initializers/carrierwave_patch.rb (limited to 'config') diff --git a/config/initializers/carrierwave_patch.rb b/config/initializers/carrierwave_patch.rb new file mode 100644 index 00000000000..35ffff03abe --- /dev/null +++ b/config/initializers/carrierwave_patch.rb @@ -0,0 +1,29 @@ +# This monkey patches CarrierWave 1.2.3 to make Google Cloud Storage work with +# extra query parameters: +# https://github.com/carrierwaveuploader/carrierwave/pull/2332/files +module CarrierWave + module Storage + class Fog < Abstract + class File + def authenticated_url(options = {}) + if %w(AWS Google Rackspace OpenStack).include?(@uploader.fog_credentials[:provider]) + # avoid a get by using local references + local_directory = connection.directories.new(key: @uploader.fog_directory) + local_file = local_directory.files.new(key: path) + expire_at = ::Fog::Time.now + @uploader.fog_authenticated_url_expiration + case @uploader.fog_credentials[:provider] + when 'AWS', 'Google' + local_file.url(expire_at, options) + when 'Rackspace' + connection.get_object_https_url(@uploader.fog_directory, path, expire_at, options) + when 'OpenStack' + connection.get_object_https_url(@uploader.fog_directory, path, expire_at) + else + local_file.url(expire_at) + end + end + end + end + end + end +end diff --git a/config/initializers/fog_google_https_private_urls.rb b/config/initializers/fog_google_https_private_urls.rb index c65a534b536..682b1050c68 100644 --- a/config/initializers/fog_google_https_private_urls.rb +++ b/config/initializers/fog_google_https_private_urls.rb @@ -9,7 +9,7 @@ module Fog module MonkeyPatch def url(expires, options = {}) requires :key - collection.get_https_url(key, expires) + collection.get_https_url(key, expires, options) end end -- cgit v1.2.1