| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| |\
| |
| |
| |
| |
| | |
* commit 'a7d59ed9b87f24246f3907a5fe8a1b472e3fa740':
Fix rendering issues
Rework CI documentation by adding informations about YAML, the use of Docker images and building them
|
| | |\
| | |
| | |
| | |
| | |
| | |
| | | |
Update CI documentation to include complete YAML syntax, Docker features and use of Variables covered
/cc @JobV @sytses
See merge request !205
|
| | | | |
|
| | |/
| |
| |
| | |
images and building them
|
| |\ \
| |/
|/|
| |
| |
| |
| |
| |
| |
| | |
Fix permission escalation
This fixes permission escalation as described here: https://gitlab.com/gitlab-org/gitlab-ci/issues/225
As this is security fix this commit should be cherry-picked to 7.13: https://dev.gitlab.org/gitlab/gitlab-ci/commit/02982e545744925a6ce8238ed354abdd8e6c835f
See merge request !165
|
| |/
|
|
|
|
| |
- check if user has manage access to project
- don't cache result of authorized_projects, because it's serialised with User object
- clear user sessions
|
| |\
| |
| |
| |
| |
| |
| |
| | |
fix small spelling issue in CONTRIBUTING.md
Fix mispelling of 'submission' in contributing doc.
See merge request !201
|
| | | |
|
| |\ \
| | |
| | |
| | |
| | |
| | | |
Point to correct GitLab CI url.
See merge request !202
|
| | |/ |
|
| |\ \
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Fix upgrader version detection
This ports changes from the gitlab upgrader script to gitlabci. With the changes the upgrader script now works correct with versions that contain more than 1 digit.
See merge request !203
|
| | |/
| |
| |
| |
| |
| |
| | |
- fixes upgrader script not working with v7.1x versions
- rspec test cases from gitlab for upgrader lib
- rename gitlab to gitlabci
- use real data for gitlabci3 version check
|
| |/ |
|
| | |
|
| |\
| |
| |
| |
| |
| | |
Create config/secrets.yml with 0600
See merge request !200
|
| | | |
|
| |/ |
|
| |\
| |
| |
| |
| |
| |
| |
| | |
Update install and update documentation for 7.13
@JobV Please push directly to this branch and merge if ok.
See merge request !199
|
| | | |
|
| |/ |
|
| |\
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Allow to specify flexible list of types in yaml
First part of flexible pipeline build in GitLab CI
Having following `.gitlab-ci.yml`:
```
types:
- test
- deploy
- notify
rspec:
script: "rspec"
rubocop:
script: "rubocop"
staging:
type: deploy
script: "echo deploy"
only:
- master
production:
type: deploy
script: "echo production"
only:
- tags
dockerhub:
type: notify
script: "curl http://docker/hub/web/hook"
downstream:
type: notify
script: "curl http://build/downstream/jobs"
```
GitLab CI will trigger two test jobs in parallel, when finished it will trigged either staging or production, when finished it will trigger dockerhub and downstream in parallel.
The UI (screenshots are not for above YAML):
TODO:
- [x] Implement in CI
- [x] Specs
- [x] Changelog
- [x] CI tests
- [ ] Documentation
/cc @vsizov @sytses @dzaporozhets
See merge request !198
|
| | | |
|
| | | |
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
```
types:
- test
- deploy
- notify
rspec:
script: "rspec"
rubocop:
script: "rubocop"
staging:
type: deploy
script: "echo deploy"
only:
- master
production:
type: deploy
script: "echo production"
only:
- tags
dockerhub:
type: notify
script: "curl http://docker/hub/web/hook"
downstream:
type: notify
script: "curl http://build/downstream/jobs"
```
This will trigger two test jobs in parallel, when finished it will trigged either staging or production, when finished it will trigger dockerhub and downstream in parallel.
|
| |\ \
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Encrypt variables
/cc @dzaporozhets @jacobvosmaer @vsizov
See merge request !187
|
| | | | |
|
| | | | |
|
| | | | |
|
| | | | |
|
| |/ / |
|
| |\ \
| |/
|/|
| |
| |
| |
| |
| |
| |
| | |
Use config/secrets.yml to store session secret and database encryption secret
I took the approach that config/secrets.yml is generated when key is not found.
/cc @vsizov @jacobvosmaer
See merge request !195
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| |\ \
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Use builds_without_retry to calculate average coverage
/cc @vsizov
See merge request !197
|
| | | | |
|
| | |/ |
|
| |\ \
| |/
|/|
| |
| |
| |
| |
| |
| |
| | |
Disable link to runner if it's not assigned to specific project
Fixes 404 when clicking on available runner from project's page
/cc @vsizov
See merge request !196
|
| |/
|
|
| |
when clicking on available runner from project's page
|
| |\
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Gem version updates
### Bump rails, jquery-rails, sprockets, sass-rails versions
Addresses security advisories:
- https://groups.google.com/forum/#!topic/ruby-security-ann/XIZPbobuwaY
- https://groups.google.com/forum/#!topic/ruby-security-ann/gcUbICUmKMc
---
### Bump coveralls version
Addresses security issues in its rest-client dependencies:
- https://github.com/rest-client/rest-client/issues/369
- http://www.osvdb.org/show/osvdb/117461
Closes #214
See merge request !194
|
| | |
| |
| |
| |
| |
| |
| | |
Addresses security issues in its rest-client dependencies:
- https://github.com/rest-client/rest-client/issues/369
- http://www.osvdb.org/show/osvdb/117461
|
| |/
|
|
|
|
|
| |
Addresses security advisories:
- https://groups.google.com/forum/#!topic/ruby-security-ann/XIZPbobuwaY
- https://groups.google.com/forum/#!topic/ruby-security-ann/gcUbICUmKMc
|
| |\
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Make configurable builds_path in application.yml
We have a new option in `application.yml`:
```
gitlab_ci:
builds_path: builds/
```
/cc @marin @vsizov
See merge request !193
|
| | | |
|
| |\ \
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Added random salt and hashing to oauth state parameter
This ensures signs state parameter. The generated state is built like this:
```
salt = random_hex(16bytes)
secret = sha256_hex(gitlab_ci_secret + salt + return_to)
state = "salt:secret:return_to"
```
This prevents from faking the state and forcing redirect to provided URL. However this doesn't prevent replay attacks if you know the valid `state` parameter for specific `return_to`. Should we be concerned about it?
/cc @vsizov @jacobvosmaer
See merge request !192
|
| | | | |
|
| | | | |
|
