summaryrefslogtreecommitdiff
path: root/lib
Commit message (Collapse)AuthorAgeFilesLines
* Revert "Remove unused #list_remote_tags"revert-53Rémy Coutable2016-04-251-0/+22
| | | | | | This reverts commit f5e87590d463b4b3d1bf5cd6b49a9d0d60acd552. Signed-off-by: Rémy Coutable <remy@rymai.me>
* Update post receive worker so it logs a unique JID in sidekiqaiionx/gitlab-shell-aiionx-post_receive_jidaiionx2016-04-191-2/+4
|
* Remove branch functionalityRobert Schilling2016-04-191-15/+0
|
* Remove rm-tag commandRobert Schilling2016-04-181-7/+0
|
* Remove unused #list_remote_tagsRobert Schilling2016-04-161-22/+0
|
* Revert "Do not prune objects during 'git gc'"Jacob Vosmaer2016-04-061-1/+1
| | | | | | | This reverts commit 1ca8a44f0baa1728650308fe992f42660170ae16. Never pruning loose objects at all is not really a solution for anything, and it causes annoying `git gc --auto` warnings.
* Add new command to list tags from a remote repo.Rubén Dávila2016-03-311-1/+24
| | | | | | The output of the `git ls-remote` command is written to the STDOUT so the client can read and parse the list of tags. If there is an error it's also written to STDOUT.
* Add the ability to fetch remote repo without tags.gl_ee_issue_116Rubén Dávila2016-03-301-2/+6
| | | | | | When fetching remote repo with tags the new remote tags are mixed in with the local tags (all tags are saved under refs/tags), this affects the UI of the Project given that we're showing up tags of a remote repo.
* Add encoding for the ssh key on the urlPablo Carranza2016-03-241-1/+1
|
* Change use of fingerprint for whole keyPablo Carranza2016-03-241-2/+2
|
* Change API endpoint to authorized_keysPablo Carranza2016-03-241-1/+1
|
* Add authorized keys bin script to find keys by fingerprintPablo Carranza2016-03-243-13/+19
|
* Add ssh-key resource get to gitlab_netPablo Carranza2016-03-241-0/+5
| | | | | This provides the integration point to the internal API to get the ssh key from the internal API.
* Add new commands: push-branches and delete-remote-branches.Rubén Dávila2016-03-211-0/+43
|
* get git annex to work when using custom SSH portJames Lopez2016-03-161-3/+2
|
* Do not prune objects during 'git gc'Jacob Vosmaer2016-03-141-1/+1
| | | | | This is a workaround to reduce the impact of https://gitlab.com/gitlab-org/gitlab-ce/issues/13524 .
* Remove redundant `|| false`Douwe Maan2016-03-031-1/+1
|
* Added an optional --force parameter for gitlab-projects fetch-remotefeature/fetch-remote-forcedGabriel Mazetto2016-03-031-1/+6
| | | | | | The optional parameter will decide wheter to fetch using --force or not. fetching with --force is a requirement for Gitlab Geo secondary node replication.
* Actually use the read_timeout config optionJacob Vosmaer2016-02-091-1/+5
|
* Log duration of HTTP API requestsnet-read-timeoutJacob Vosmaer2016-02-091-0/+5
|
* Use an HTTP timeout of 5 minutes by defaultJacob Vosmaer2016-02-091-6/+11
|
* Merge branch 'master' of https://gitlab.com/jnijhof/gitlab-shellJeroen Nijhof2016-01-041-2/+13
|\ | | | | | | | | Conflicts: lib/gitlab_projects.rb
| * Check if path exists for gcJeroen Nijhof2015-11-191-0/+4
| |
| * Added git gc for housekeepingJeroen Nijhof2015-10-211-3/+10
| |
* | Merge branch 'remove-trailing-slashes' into 'master' v2.6.9Douwe Maan2015-12-141-1/+1
|\ \ | | | | | | | | | | | | | | | | | | | | | Remove trailing slashes from gitlab_url They do not play nice with gitlab-workhorse (or rather Golang net/http DefaultServemux). See merge request !35
| * | Be more consistent about default gitlab_urlremove-trailing-slashesJacob Vosmaer2015-12-111-1/+1
| | |
| * | Remove trailing slashes from gitlab_urlJacob Vosmaer2015-12-111-1/+1
| | | | | | | | | | | | | | | They do not play nice with gitlab-workhorse (or rather Golang net/http DefaultServemux).
* | | Merge branch 'stricter-exec_cmd' into 'master' Dmitriy Zaporozhets2015-12-011-12/+20
|\ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | Stricter exec cmd In response to the gitlab-shell 2.6.6-2.6.7 remote code execution vulnerability. See merge request !33
| * | | Add comment about untrusted origin_cmdstricter-exec_cmdJacob Vosmaer2015-11-261-0/+3
| | | |
| * | | Limit availability of SSH_ORIGINAL_COMMANDJacob Vosmaer2015-11-251-12/+10
| | | | | | | | | | | | | | | | | | | | Hoping this makes it more obvious when code touches the very unsafe contents of this variable.
| * | | Disallow execing stringsJacob Vosmaer2015-11-251-0/+7
| |/ / | | | | | | | | | Passing strings to Kernel::exec leads to remote code execution.
* | | Merge branch 'y/git-home' into 'master' Dmitriy Zaporozhets2015-11-251-0/+1
|\ \ \ | |/ / |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Pass $HOME to git as well [ this patch has the same rationale and reasoning as https://gitlab.com/gitlab-org/gitlab-workhorse/commit/0d0bd209 details follow ] Git has 3 places for configs: - system - global (per user), and - local (per repository) System config location is hardcoded at git compile time (to usually $prefix/etc/gitconfig). Local configuration is usually picked because we pass full repo path to subcommand. But global configuration is currently not picked at all, because HOME env variable is not passed to git. Pass $HOME through and let git see it's "global" config. Currently GitLab omnibus stores gitlab user name/email + "autocrlf = true" in global config, so missing it should not be a blocker for receive/send-pack operations. But having it is more correct and can be handy in the future if/when more git operations are done from-under gitlab-shell. Having $HOME properly set is also needed when one cannot change system git config and have to put site-wide configuration into global git config under $HOME. That was the case I've hit and the reason for this patch. /cc @dzaporozhets, @jacobvosmaer See merge request !32
| * | Pass $HOME to git as wellKirill Smelkov2015-11-241-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | [ this patch has the same rationale and reasoning as https://gitlab.com/gitlab-org/gitlab-workhorse/commit/0d0bd209 details follow ] Git has 3 places for configs: - system - global (per user), and - local (per repository) System config location is hardcoded at git compile time (to usually $prefix/etc/gitconfig). Local configuration is usually picked because we pass full repo path to subcommand. But global configuration is currently not picked at all, because HOME env variable is not passed to git. Pass $HOME through and let git see it's "global" config. Currently GitLab omnibus stores gitlab user name/email + "autocrlf = true" in global config, so missing it should not be a blocker for receive/send-pack operations. But having it is more correct and can be handy in the future if/when more git operations are done from-under gitlab-shell. Having $HOME properly set is also needed when one cannot change system git config and have to put site-wide configuration into global git config under $HOME. That was the case I've hit and the reason for this patch.
* | | Revert "Run git-lfs-authenticate script with original command line arguments"Dmitriy Zaporozhets2015-11-251-2/+0
|/ / | | | | | | | | | | This reverts commit 8449979ff029af51be0c675c5b6262bc4adc8b3d. Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
* | Merge branch 'mirror-repository' into 'master' Robert Speicher2015-11-171-6/+35
|\ \ | | | | | | | | | | | | | | | | | | Add fetch-remote command for repo mirroring Also exits `import-repository` with non-zero status when import fails. See merge request !29
| * | Add fetch-remote commandDouwe Maan2015-11-111-0/+25
| | |
| * | Exit with non-zero status when import-repository failsDouwe Maan2015-11-111-6/+10
| |/
* | Revert "Merge branch 'use-load-path' into 'master' "Dmitriy Zaporozhets2015-11-121-5/+1
| | | | | | | | | | This reverts commit ae498b6cd4122d3d7f35e6b73b50c53615ca3488, reversing changes made to 79fdf65c71e90773fbf52d6832b74cf5a7124755.
* | Merge branch 'y/httpunix2' into 'master' Dmitriy Zaporozhets2015-11-122-1/+60
|\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add support to connect gitlab-shell to Unicorn via UNIX socket (v2) Hello up there. I'm doing SlapOS port of GitLab, and that means several different services could be running on the same machine, including several GitLabs. So far all internal GitLab subservices could be glued together via UNIX sockets except gitlab-shell -> Unicorn link, which, when done via local TCP, requires firewall/network namespaces to protect services on one machine from each other. On the other hand access to UNIX domain sockets is managed via regular UNIX permissions on filesystem, and thus is easier to manage. Besides UNIX domain sockets are well known to be faster compared to TCP over loopback - in particular to have ~ 2 times less latency and ~ 2 times more throughput. From this point of view it makes sense to teach gitlab-shell to talk to Unicorn via UNIX socket and switch to that mode by default eventually. I've just made a patch for this. Please apply. Thanks beforehand, Kirill /cc @dzaporozhets, @jacobvosmaer, @rspeicher See merge request !30
| * | Add support to connect gitlab-shell to Unicorn via UNIX socketKirill Smelkov2015-11-102-1/+60
| |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | It is well known that UNIX sockets are faster than TCP over loopback. E.g. on my machine according to lmbench[1] they have ~ 2 times lower latency and ~ 2-3 times more throughput compared to TCP over loopback: *Local* Communication latencies in microseconds - smaller is better --------------------------------------------------------------------- Host OS 2p/0K Pipe AF UDP RPC/ TCP RPC/ TCP ctxsw UNIX UDP TCP conn --------- ------------- ----- ----- ---- ----- ----- ----- ----- ---- teco Linux 4.2.0-1 13.8 29.2 26.8 45.0 47.9 48.5 55.5 45. *Local* Communication bandwidths in MB/s - bigger is better ----------------------------------------------------------------------------- Host OS Pipe AF TCP File Mmap Bcopy Bcopy Mem Mem UNIX reread reread (libc) (hand) read write --------- ------------- ---- ---- ---- ------ ------ ------ ------ ---- ----- teco Linux 4.2.0-1 1084 4353 1493 2329.1 3720.7 1613.8 1109.2 3402 1404. The same ratio usually holds for servers. Also UNIX sockets, since they reside on filesystem, besides being faster with less latency, have one another nice property: access permissions to them are managed the same way access to files is. Because of lower latencies and higher throughput - for performance reasons, and for easier security, it makes sense to interconnect services on one machine via UNIX sockets and talk via TCP only to outside world. All internal services inside GitLab can talk to each other via UNIX socket already and only gitlab-shell was missing support to talk to Unicorn via UNIX socket. Let's teach gitlab-shell to talk via UNIX sockets. [1] http://www.bitmover.com/lmbench/ ~~~~ In this patch we - add URI::HTTPUNIX to handle http+unix:// URI scheme - add Net::HTTPUNIX to handle "connect via unix socket and then talk http" - adjust GitlabNet#http_client_for() accordingly - adjust documentation in config.yml.example The http+unix:// scheme is not reinvented anew: the idea about its structure is quite logical an was already established at least in requests-unixsocket python package: http://fixall.online/theres-no-need-to-reinvent-the-wheelhttpsgithubcommsabramorequests-unixsocketurl/241810/ https://github.com/msabramo/requests-unixsocket
* | use SHELL_ROOT_PATH variable to set ROOT_PATHPirate Praveen2015-11-101-1/+5
|/
* Merge branch 'master' of gitlab.com:gitlab-org/gitlab-shell into ↵Jacob Vosmaer2015-10-012-4/+15
|\ | | | | | | no-init-on-gcryptsetup
| * Merge branch 'bozaro/gitlab-shell-git-lfs-authenticate'Dmitriy Zaporozhets2015-09-101-0/+2
| |\ | | | | | | | | | Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
| | * Run git-lfs-authenticate script with original command line argumentsArtem V. Navrotskiy2015-09-091-0/+2
| | |
| * | Merge branch 'bozaro/gitlab-shell-lang'Dmitriy Zaporozhets2015-09-101-0/+1
| |\ \ | | | | | | | | | | | | Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
| | * | Do not clean LANG environment variable for the git hooks when working ↵Artem V. Navrotskiy2015-09-091-0/+1
| | |/ | | | | | | | | | | | | | | | through the SSH-protocol When cleaning this environment variable can be problems with the processing of non-ASCII data
| * | Handle broken symlinks in create-hookscreate-hooks-broken-symlinkJacob Vosmaer2015-08-121-4/+12
| |/ | | | | | | | | | | | | If a repository contained a broken symlink named 'hooks', this would raise ENOENT in lib/gitlab_projects.rb, which got ignored in bin/create-hooks. This commit fixes that by making sure we handle broken symlinks in lib/gitlab_projects.rb.
* | Skip 'git annex init' when using 'gcryptsetup'no-init-on-gcryptsetupJacob Vosmaer2015-08-111-1/+6
|/ | | | | 'gcryptsetup' is a special git-annex feature that does its own initialization.
* Merge branch 'git_annex_env_variable'Dmitriy Zaporozhets2015-08-041-1/+11
|\
| * If git-annex is enabled set GIT_ANNEX_SHELL_LIMITED variable.git_annex_env_variableMarin Jankovski2015-07-161-1/+11
| |
View Lorry Controller Status