summaryrefslogtreecommitdiff
path: root/lib
Commit message (Collapse)AuthorAgeFilesLines
* Process commands with Gitaly if a flag is passed from the appfeature/gitaly-feature-flagAhmad Sherif2016-12-272-5/+16
|
* Pass relevant git environment variables while calling `/allowed`Timothy Andrew2016-12-162-3/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | 1. Starting version 2.11, git changed the way the pre-receive flow works. - Previously, the new potential objects would be added to the main repo. If the pre-receive passes, the new objects stay in the repo but are linked up. If the pre-receive fails, the new objects stay orphaned in the repo, and are cleaned up during the next `git gc`. - In 2.11, the new potential objects are added to a temporary "alternate object directory", that git creates for this purpose. If the pre-receive passes, the objects from the alternate object directory are migrated to the main repo. If the pre-receive fails the alternate object directory is simply deleted. 2. In our workflow, the pre-recieve script calls the `/allowed` endpoint on the rails server. This `/allowed` endpoint calls out directly to git to perform various checks. These direct calls to git do _not_ have the necessary environment variables set which allow access to the "alternate object directory" (explained above). Therefore these calls to git are not able to access any of the new potential objects to be added during this push. 3. We fix this by passing the relevant environment variables (GIT_ALTERNATE_OBJECT_DIRECTORIES, GIT_OBJECT_DIRECTORY, and GIT_QUARANTINE_PATH) to the `/allowed` endpoint, which will then include these environment variables while calling out to git.
* Make custom hooks dir configurableSean McGivern2016-12-122-8/+17
| | | | | | | | Add a new configuration option, custom_hooks_dir. When this is set, we will look for global custom hooks in: <custom_hooks_dir>/{pre-receive,update,post-receive}.d/* When this is not set, default to <REPO_PATH>/hooks.
* Make merge request text after push clearerLisanne Fellinger2016-12-081-1/+1
| | | | | | Add changelog entry Editing changelog entry version
* avoid Dir.exists? duplication by moving the check to match_hook_filesElan Ruusamäe2016-12-011-6/+4
|
* use String.end_with? instead of regexpElan Ruusamäe2016-12-011-1/+1
|
* custom_hook: chain custom hooksElan Ruusamäe2016-12-011-11/+37
| | | | | | | | | | | | | update hooks lookup to use <hook>.d/* from repository hooks dir the order would be: 1. <repository>.git/custom_hooks/<hook_name> - per project hook 2. <repository>.git/custom_hooks/<hook_name>.d/* - per project hooks 3. <repository>.git/hooks/<hook_name>.d/* - global hooks only executable files are matched and backup files excluded (*~) and the resulting list is sorted per each lookup
* custom_hook: add support for global custom hooksDirk Hörner2016-12-011-12/+22
| | | | | | | | | | | | | This commit adds the option of having another set of global custom hooks along with the already supported repository local custom hooks. The repository local custom hook is executed first (if available). If successful, execution continues with the global custom hook (if available). This way, local custom hooks get priority over global custom hooks. Global custom hooks can be enabled by placing an executable file into the "custom_hooks" directory within gitlab-shell (create if it does not exist, yet).
* custom_hook: refactor to pull repo_path into classDirk Hörner2016-12-011-7/+8
| | | | | | This commit takes the GitlabCustomHook a bit clother to the other hook handling classes by receiving the repo_path as argument to initialize() instead of passing it to each method.
* custom_hook: only execute hook if file is executableDirk Hörner2016-12-011-1/+1
| | | | | This commit fixes an issue where an existing but unexecutable hook would cause an uncaught execption.
* Fetch repositories with --prune option by default.add-prune-option-to-fetch-commandRuben Davila2016-11-291-0/+1
| | | | This will allow us to not recreate branches that has been deleted on the upstream and the mirror.
* Fix gitlab_custom_hook dependencies70-push-fails-because-of-missing-dependencies-on-gitlab_custom_hooksAlejandro Rodríguez2016-11-161-0/+1
|
* Add instrumentation to push hooksmore-instrumentation-down-the-pipelineAhmad Sherif2016-11-163-6/+15
| | | | Related to #22053
* Use full repository path for API calls instead of extracting namedz-support-nested-namespacesDmitriy Zaporozhets2016-10-274-20/+9
| | | | Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
* Re-use the default logger for performance metricsYorick Peterse2016-10-121-2/+3
| | | | | | | This removes the need for configuring anything extra. To make scraping easier each line is prefixed by "metrics:". Fixes #64
* Instrument GitLab Shell and log metrics data to a filePaco Guzman2016-10-115-34/+121
|
* Fix rsync with ionice command buildingAlejandro Rodríguez2016-10-071-6/+7
|
* Fix short circuit logic between rsync with and without ionice forAlejandro Rodríguez2016-10-051-1/+3
| | | | storage migrations
* added GL_IDadd_gl_idValery Sizov2016-10-051-3/+9
|
* Enable GIT_TRACE/GIT_TRACE_PACKET/GIT_TRACE_PERFORMANCE by providing the ↵59-git-tracingPaco Guzman2016-09-272-0/+30
| | | | | | git_trace_log_file config key The value of the variable if present must be a writable absolute path. If it’s not the case we log a proper message and not enable tracing to not throw output to the users.
* Set a low IO priority for storage moves to lower performance impactionice-mvAlejandro Rodríguez2016-09-201-1/+11
|
* Properly rescue from JSON parse.lfs-authenticate-supportPatricio Cano2016-09-081-2/+6
|
* Style fixes and better tests.Patricio Cano2016-09-062-3/+3
|
* Refactored LFS auth logic to use its own API endpoint.Patricio Cano2016-09-064-18/+40
|
* Refactored JSON header generation to its own class and added tests for itPatricio Cano2016-09-062-10/+24
|
* Added LFS support to SSHPatricio Cano2016-09-063-5/+27
| | | | - Required changes to GitLab Shell include the actual handling of the `git-lfs-authenticate` command and the retrieval of the correct credentials.
* Add option to recover 2FA via SSHDrew Blessing2016-08-262-9/+56
|
* Sentinel connection parameters in `config.yml` fileGabriel Mazetto2016-08-181-0/+6
|
* Merge branch 'dup-frozen-argv-key' into 'master' Robert Speicher2016-08-111-1/+2
|\ | | | | | | | | | | | | | | | | In order to use chomp! on the input later, we need to dup the ARGV input string for keys Also updated the gitlab_key tests to freeze the ARGV variables. Fixes https://gitlab.com/gitlab-org/gitlab-shell/issues/56 See merge request !84
| * In order to use chomp! on the input later, we need to dup the ARGV input ↵dup-frozen-argv-keyDJ Mountney2016-08-101-1/+2
| | | | | | | | | | | | string for keys Also updated the gitlab_key tests to freeze the ARGV variables.
* | Merge branch 'feature/new-merge-request-url' into 'master' Douwe Maan2016-08-112-1/+36
|\ \ | |/ |/| | | | | | | | | Show Merge request link after pushing if new brach This is part of implementation for issue https://gitlab.com/gitlab-org/gitlab-ce/issues/18266 See merge request !77
| * print new merge request urls after push receivedScott Le2016-08-122-1/+36
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | update spec different text for new and existing merge request update spec fix style switch order of messages enhance message appearance remove extra spaces
* | Update the keys permission check to open the file in write mode.DJ Mountney2016-08-101-2/+2
| | | | | | | | That way the file is created if it does not exist.
* | Changes proposed during reviewJacob Vosmaer2016-08-101-1/+1
| |
* | Defense in depth for authorized_keys linesJacob Vosmaer2016-08-051-0/+5
| |
* | Refactor 'GitlabKey' class awaysmall-fixesJacob Vosmaer2016-08-041-15/+11
| | | | | | | | | | It is not nice to have both 'GitlabKeys' and 'GitlabKey'. We also do not need GitlabKey to be a class when it has no state.
* | Add permission check tests, improve checkauthorized-keys-permission-checkJacob Vosmaer2016-08-031-3/+3
| |
* | Improve authorized_keys checkJacob Vosmaer2016-08-021-0/+13
| | | | | | | | | | | | The old check only looked if authorized_keys exists. With this change, we look whether we can actually open the file for reading and writing. When this fails we try to print useful diagnostic information.
* | Manage authorized_keys permissions continuouslykeys-chmodJacob Vosmaer2016-08-011-4/+11
|/ | | | | | We can lazily create authorized_keys and set its permissions. This adds negligible overhead and it allows us to remove a setup step from GitLab both on source and in omnibus-gitlab.
* Track ongoing pushes and reject mv-storage commands if there are push ↵mv-storageAlejandro Rodríguez2016-07-273-3/+76
| | | | running (after waiting some time)
* Add command to move repositories between repository storagesAlejandro Rodríguez2016-07-271-0/+32
|
* Allow gitlab-project's fork-project command to fork projects between ↵Alejandro Rodríguez2016-07-261-1/+8
| | | | different repository storages
* Add an error message when using shell commands with incompatible GitLab versionsAlejandro Rodríguez2016-07-061-0/+1
|
* Make use of a constant for the used SSH protocolPatricio Cano2016-07-051-2/+3
|
* Rename ENV['PROTOCOL'] to ENV['GL_PROTOCOL'] and make it mandatory with no ↵Patricio Cano2016-07-053-3/+3
| | | | fallback value
* Simplify protocol assign, and populate ENV['PROTOCOL'] variable when calling ↵Patricio Cano2016-07-051-1/+2
| | | | hooks via SSH
* Allow GitLab Shell to check for allowed access based on the used Git protocol.Patricio Cano2016-07-053-5/+7
|
* use STDERR to output error messagesValery Sizov2016-07-051-3/+3
|
* Refactor repository paths handling to allow multiple git mount pointsshardsAlejandro Rodríguez2016-06-297-42/+34
|
* Simplify custom hook output handlingcustom-hook-outputJacob Vosmaer2016-06-241-29/+16
|
View Lorry Controller Status