diff options
author | Kamil Trzcinski <ayufan@ayufan.eu> | 2015-07-06 13:47:05 +0200 |
---|---|---|
committer | Kamil Trzcinski <ayufan@ayufan.eu> | 2015-08-03 15:43:27 +0200 |
commit | 4f469a133d4a5990d8ee0cf81d770bb8db47b9b1 (patch) | |
tree | d2d49a714358aa5614162cf3a6dd247a449cea43 | |
parent | f7dbf6d1a4b5724445de4da658103ce976b02a29 (diff) | |
download | gitlab-ci-4f469a133d4a5990d8ee0cf81d770bb8db47b9b1.tar.gz |
Use redis to store user sessions
-rw-r--r-- | CHANGELOG | 1 | ||||
-rw-r--r-- | Gemfile | 3 | ||||
-rw-r--r-- | Gemfile.lock | 17 | ||||
-rw-r--r-- | config/environments/test.rb | 2 | ||||
-rw-r--r-- | config/initializers/1_settings.rb | 1 | ||||
-rw-r--r-- | config/initializers/session_store.rb | 33 |
6 files changed, 52 insertions, 5 deletions
@@ -30,6 +30,7 @@ v7.13.0 - Store all secrets in config/secrets.yml - Encrypt variables - Allow to specify flexible list of types in yaml + - Use redis to store user sessions v7.12.2 - Revert: Runner without tag should pick builds without tag only @@ -33,6 +33,9 @@ gem "unicorn", "~> 4.8.2" # Haml gem 'haml-rails','~> 0.5.3' +# Cache +gem 'redis-rails' + # Background jobs gem 'slim' gem 'sinatra', require: nil diff --git a/Gemfile.lock b/Gemfile.lock index 5d648b3..3674c03 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -337,8 +337,24 @@ GEM nokogiri (>= 1.4.1) trollop redis (3.0.6) + redis-actionpack (4.0.0) + actionpack (~> 4) + redis-rack (~> 1.5.0) + redis-store (~> 1.1.0) + redis-activesupport (4.0.0) + activesupport (~> 4) + redis-store (~> 1.1.0) redis-namespace (1.4.1) redis (~> 3.0.4) + redis-rack (1.5.0) + rack (~> 1.5) + redis-store (~> 1.1.0) + redis-rails (4.0.0) + redis-actionpack (~> 4) + redis-activesupport (~> 4) + redis-store (~> 1.1.0) + redis-store (1.1.5) + redis (>= 2.2) request_store (1.2.0) rest-client (1.8.0) http-cookie (>= 1.0.2, < 2.0) @@ -506,6 +522,7 @@ DEPENDENCIES rake rb-fsevent rb-inotify + redis-rails request_store rspec-rails rubocop (= 0.28.0) diff --git a/config/environments/test.rb b/config/environments/test.rb index 00a6495..347de66 100644 --- a/config/environments/test.rb +++ b/config/environments/test.rb @@ -5,7 +5,7 @@ GitlabCi::Application.configure do # test suite. You never need to work with it otherwise. Remember that # your test database is "scratch space" for the test suite and is wiped # and recreated between test runs. Don't rely on the data there! - config.cache_classes = true + config.cache_classes = false # Configure static asset server for tests with Cache-Control for performance config.serve_static_assets = true diff --git a/config/initializers/1_settings.rb b/config/initializers/1_settings.rb index f344685..0bbc7ae 100644 --- a/config/initializers/1_settings.rb +++ b/config/initializers/1_settings.rb @@ -41,6 +41,7 @@ Settings.gitlab_ci['all_broken_builds'] = true if Settings.gitlab_ci['all_brok Settings.gitlab_ci['add_pusher'] = false if Settings.gitlab_ci['add_pusher'].nil? Settings.gitlab_ci['url'] ||= Settings.send(:build_gitlab_ci_url) Settings.gitlab_ci['builds_path'] = File.expand_path(Settings.gitlab_ci['builds_path'] || "builds/", Rails.root) +Settings.gitlab_ci['session_expire_delay']||= 10080 # Compatibility with old config Settings['gitlab_server_urls'] ||= Settings['allowed_gitlab_urls'] diff --git a/config/initializers/session_store.rb b/config/initializers/session_store.rb index 21ff758..7ab8a9c 100644 --- a/config/initializers/session_store.rb +++ b/config/initializers/session_store.rb @@ -1,4 +1,29 @@ -# Use the database for sessions instead of the cookie-based default, -# which shouldn't be used to store highly confidential information -# (create the session table with "rails generate session_migration") -Rails.application.config.session_store :active_record_store +# Be sure to restart your server when you modify this file. + +# Use Redis caching across all environments +redis_config_file = Rails.root.join('config', 'resque.yml') + +redis_url_string = if File.exists?(redis_config_file) + YAML.load_file(redis_config_file)[Rails.env] + else + "redis://localhost:6379" + end + +# Redis::Store does not handle Unix sockets well, so let's do it for them +redis_config_hash = Redis::Store::Factory.extract_host_options_from_uri(redis_url_string) +redis_uri = URI.parse(redis_url_string) +if redis_uri.scheme == 'unix' + redis_config_hash[:path] = redis_uri.path +end + +redis_config_hash[:namespace] = 'session:gitlab_ci' + +GitlabCi::Application.config.session_store( + :redis_store, # Using the cookie_store would enable session replay attacks. + servers: redis_config_hash, + key: '_gitlab_ci_session', + secure: GitlabCi.config.gitlab_ci.https, + httponly: true, + expire_after: Settings.gitlab_ci['session_expire_delay'] * 60, + path: (Rails.application.config.relative_url_root.nil?) ? '/' : Rails.application.config.relative_url_root +) |