summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* client: Allow User-Agent header to be overriddenzj-override-user-agentZeger-Jan van de Weg2020-10-142-2/+43
| | | | | | | | | | The user agent for requests to the internal API endpoints used the default Go provided user agent. This change updates that to always set something else, by default `GitLab-Shell`. Than for others importing the package, there's a new API to set it to something else. This has been done with new method, a setter, to maintain backwards compatibility in the API.
* Merge branch 'sh-suppress-random-correlation-id-log' into 'master'Ash McKenzie2020-10-131-1/+0
|\ | | | | | | | | Drop "generated random correlation ID" log message See merge request gitlab-org/gitlab-shell!417
| * Drop "generated random correlation ID" log messagesh-suppress-random-correlation-id-logStan Hu2020-10-131-1/+0
|/ | | | | | This message happens all the time and doesn't add a lot of value. Relates to https://gitlab.com/gitlab-com/gl-infra/delivery/-/issues/1275
* Merge branch 'release-13.8.0' into 'master'v13.8.0Igor Drozdov2020-10-022-1/+7
|\ | | | | | | | | Release v13.8.0 See merge request gitlab-org/gitlab-shell!416
| * Release v13.8.0Stan Hu2020-10-022-1/+7
|/
* Merge branch 'sh-update-gitaly-dep' into 'master'Nick Thomas2020-10-012-32/+68
|\ | | | | | | | | Update Gitaly module dependency See merge request gitlab-org/gitlab-shell!414
| * Update Gitaly module dependencysh-update-gitaly-depStan Hu2020-10-012-32/+68
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This updates Gitaly's latest Protocol Buffer definitions, which were last updated in Feburary 2020, with the latest version of Gitaly. This is done to ensure the definitions are in sync with Workhorse (https://gitlab.com/gitlab-org/gitlab-workhorse/-/merge_requests/619) and Gitaly. Because we started tagging Gitaly versions `v13.x.x` instead of `v1.x.x`, `go get` refuses to update the Gitaly module using the latest tag or SHA (https://gitlab.com/gitlab-org/gitaly/-/issues/3177). Go tries to enforce semantic compatibility by requiring the use of module paths (e.g. `m/v13`), and Gitaly doesn't adhere to this scheme. To workaround this issue, we use the replace directive (https://github.com/golang/go/wiki/Modules#when-should-i-use-the-replace-directive): ``` go mod edit -replace gitlab.com/gitlab-org/gitaly=gitlab.com/gitlab-org/gitaly@3f5e218def93024f3aafe590c22cd1b29f744105 ```
* | Merge branch 'zj-config-secret' into 'master'Nick Thomas2020-10-011-0/+4
|\ \ | |/ |/| | | | | config: Set a secret example See merge request gitlab-org/gitlab-shell!415
| * config: Set a secret exampleZeger-Jan van de Weg2020-10-011-0/+4
|/ | | | | | | The config.yml.example didn't include a field I was expecting to be there, which lead me to believe the field didn't exist. This change adds the `secret` YAML field, and describes how it interacts with the secrets_file.
* Merge branch 'sh-extract-context-from-env' into 'master'Ash McKenzie2020-09-2153-157/+304
|\ | | | | | | | | | | | | Make it possible to propagate correlation ID across processes Closes #474 See merge request gitlab-org/gitlab-shell!413
| * Make it possible to propagate correlation ID across processesStan Hu2020-09-2053-157/+304
|/ | | | | | | | | | | | | | | | | | | | | | | | | | | Previously, gitlab-shell did not pass a context through the application. Correlation IDs were generated down the call stack instead of passed around from the start execution. This has several potential downsides: 1. It's easier for programming mistakes to be made in future that lead to multiple correlation IDs being generated for a single request. 2. Correlation IDs cannot be passed in from upstream requests 3. Other advantages of context passing, such as distributed tracing is not possible. This commit changes the behavior: 1. Extract the correlation ID from the environment at the start of the application. 2. If no correlation ID exists, generate a random one. 3. Pass the correlation ID to the GitLabNet API requests. This change also enables other clients of GitLabNet (e.g. Gitaly) to pass along the correlation ID in the internal API requests (https://gitlab.com/gitlab-org/gitaly/-/issues/2725). Fixes https://gitlab.com/gitlab-org/gitlab-shell/-/issues/474
* Merge branch 'zj-remove-hooks-dir' into 'master'Igor Drozdov2020-09-114-31/+0
|\ | | | | | | | | hooks: Remove deprecated hooks dir See merge request gitlab-org/gitlab-shell!411
| * hooks: Remove deprecated hooks dirzj-remove-hooks-dirZeger-Jan van de Weg2020-09-114-31/+0
|/ | | | | | | | | Over a year ago, through e0824f17367a44e5bac84dac7197f9b45e37ab01, the hooks in this repository were updated to not be successful, basically block each push from happening. This change removes the hooks, and updates the documentation. There's no customer impact, and these changes are just part of a general cleanup.
* Merge branch 'fix-security-scans' into 'master'Nick Thomas2020-09-031-26/+13
|\ | | | | | | | | Fix SAST and Dependency Scanning See merge request gitlab-org/gitlab-shell!410
| * Fix SAST and Dependency ScanningPhilippe Lafoucrière2020-09-031-26/+13
|/
* Merge branch 'id-use-docker-image-for-code-intelligence' into 'master'Patrick Bajao2020-08-281-2/+1
|\ | | | | | | | | Use docker image for Code Intelligence See merge request gitlab-org/gitlab-shell!409
| * Use docker image for Code Intelligenceid-use-docker-image-for-code-intelligenceIgor Drozdov2020-08-281-2/+1
|/
* Merge branch 'sh-release-13.7.0' into 'master'v13.7.0Igor Drozdov2020-08-212-1/+4
|\ | | | | | | | | Release v13.7.0 See merge request gitlab-org/gitlab-shell!408
| * Release v13.7.0Stan Hu2020-08-212-1/+4
|/
* Merge branch 'sh-fix-unix-relative-url-access' into 'master'Igor Drozdov2020-08-216-70/+105
|\ | | | | | | | | Fix gitlab-shell not handling relative URLs over UNIX sockets See merge request gitlab-org/gitlab-shell!406
| * Fix gitlab-shell not handling relative URLs over UNIX socketssh-fix-unix-relative-url-accessStan Hu2020-08-206-70/+105
|/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | From https://gitlab.com/gitlab-org/omnibus-gitlab/-/merge_requests/4498#note_397401883, if you specify a relative path such as: ``` external_url 'http://gitlab.example.com/gitlab' ``` gitlab-shell doesn't have a way to pass the `/gitlab` to the host. For example, let's say we have: ``` gitlab_url: "http+unix://%2Fvar%2Fopt%2Fgitlab%2Fgitlab-workhorse%2Fsocket" ``` If we have `/gitlab` as the relative path, how do we specify what is the UNIX socket path and what is the relative path? If we specify: ``` gitlab_url: "http+unix:///var/opt/gitlab/gitlab-workhorse.socket/gitlab ``` This is ambiguous. Is the socket in `/var/opt/gitlab/gitlab-workhorse.socket/gitlab` or in `/var/opt/gitlab/gitlab-workhorse.socket`? To fix this, this merge request adds an optional `gitlab_relative_url_root` config parameter: ``` gitlab_url: "http+unix://%2Fvar%2Fopt%2Fgitlab%2Fgitlab-workhorse%2Fsocket" gitlab_relative_url_root: /gitlab ``` This is only used with UNIX domain sockets to disambiguate the socket and base URL path. If `gitlab_url` uses `http://` or `https://`, then `gitlab_relative_url_root` is ignored. Relates to https://gitlab.com/gitlab-org/gitlab-shell/-/issues/476
* Merge branch 'pb-release-13-6-0' into 'master'v13.6.0Igor Drozdov2020-08-182-1/+4
|\ | | | | | | | | Release v13.6.0 See merge request gitlab-org/gitlab-shell!407
| * Release v13.6.0pb-release-13-6-0Patrick Bajao2020-08-182-1/+4
|/
* Merge branch 'master' into 'master'Patrick Bajao2020-08-189-6/+679
|\ | | | | | | | | Add support obtaining personal access tokens via SSH See merge request gitlab-org/gitlab-shell!397
| * Add support obtaining personal access tokens via SSHTaylan Develioglu2020-08-179-6/+679
|/ | | | | | | | | | | | | | | | | | | | | | | | Implements the feature requested in gitlab-org/gitlab#19672 This requires the internal api counterpart in gitlab-org/gitlab!36302 to be merged first. It can be used as follows: ``` censored@censored-VirtualBox:~/git/gitlab$ ssh git@gitlab-2004 personal_access_token remote: remote: ======================================================================== remote: remote: Usage: personal_access_token <name> <scope1[,scope2,...]> [ttl_days] remote: remote: ======================================================================== remote: censored@censored-VirtualBox:~/git/gitlab$ ssh git@gitlab-2004 personal_access_token newtoken read_api,read_repository 30 Token: aAY1G3YPeemECgUvxuXY Scopes: read_api,read_repository Expires: 2020-08-07 ```
* Merge branch 'patch-2' into 'master'Nick Thomas2020-08-111-1/+1
|\ | | | | | | | | Specify more recent go version in go.mod See merge request gitlab-org/gitlab-shell!405
| * Specify more recent go version in go.modLukas 'Eipi' Eipert2020-08-111-1/+1
|/
* Merge branch 'sh-release-13.5.0' into 'master'v13.5.0Igor Drozdov2020-08-052-1/+4
|\ | | | | | | | | Release v13.5.0 See merge request gitlab-org/gitlab-shell!404
| * Release v13.5.0Stan Hu2020-08-052-1/+4
|/
* Merge branch 'sh-inject-and-log-correlation-di' into 'master'Igor Drozdov2020-07-319-30/+67
|\ | | | | | | | | Generate and log correlation IDs See merge request gitlab-org/gitlab-shell!400
| * Generate and log correlation IDsStan Hu2020-07-319-30/+67
|/ | | | | This will make it easier to tie an SSH access request to Rails API and Gitaly requests.
* Merge branch 'revert-869aeb90' into 'master'Igor Drozdov2020-07-231-0/+22
|\ | | | | | | | | Revert "Update executable.go" See merge request gitlab-org/gitlab-shell!403
| * Revert "Update executable.go"Igor Drozdov2020-07-231-0/+22
|/ | | This reverts commit 869aeb9057962b089abfd8ce0b6d4a0962bbb154
* Update executable.goIgor Drozdov2020-07-231-22/+0
|
* Merge branch 'sh-release-13-4-0' into 'master'v13.4.0Igor Drozdov2020-07-232-1/+7
|\ | | | | | | | | Release v13.4.0 See merge request gitlab-org/gitlab-shell!402
| * Release v13.4.0Stan Hu2020-07-232-1/+7
|/
* Merge branch 'sh-log-ssh-key-details' into 'master'Igor Drozdov2020-07-236-2/+14
|\ | | | | | | | | Log SSH key details See merge request gitlab-org/gitlab-shell!398
| * Log SSH key detailsStan Hu2020-07-236-2/+14
|/ | | | | | | | | | | | | | | | | | | | | Right now when a client such as gitlab-shell calls the `/api/v4/internal/allowed` API, the response only tells the client what user has been granted access, and it's impossible to tell which deploy key/token was used in the authentication request. This commit adds logs for the following when available: 1. `gl_key_type` (e.g. `deploy_key` or `key`) 2. `gl_key_id` These fields make it possible for admins to identify the exact record that was used to authenticate the user. API changes in the `/internal/allowed` endpoint in https://gitlab.com/gitlab-org/gitlab/-/merge_requests/37289 are needed to support this. Relates to https://gitlab.com/gitlab-org/gitlab-shell/-/issues/203
* Merge branch 'sh-log-remote-ip' into 'master'Ash McKenzie2020-07-232-1/+8
|\ | | | | | | | | | | | | Log remote IP for executed commands Closes #199 See merge request gitlab-org/gitlab-shell!399
| * Log remote IP for executed commandssh-log-remote-ipStan Hu2020-07-202-1/+8
| | | | | | | | | | | | | | | | Admins may want to know what client IP originated the request. This commit adds a `remote_ip` field to the log that extracts the IP address from the `SSH_CONNECTION` environment variable. Closes https://gitlab.com/gitlab-org/gitlab-shell/-/issues/199
* | Merge branch 'sh-drop-go-1.12' into 'master'Igor Drozdov2020-07-221-5/+1
|\ \ | |/ |/| | | | | Drop Go v1.12 support See merge request gitlab-org/gitlab-shell!401
| * Drop Go v1.12 supportStan Hu2020-07-221-5/+1
|/ | | | | | | We officially use Go v1.13+ for everything (https://docs.gitlab.com/ee/install/requirements.html#go-versions), and dropping Go v1.12 allows us to use new methods such as `http.NewRequestWithContext`.
* Merge branch ↵Patrick Bajao2020-07-029-26/+110
|\ | | | | | | | | | | | | '459-system-default-ssl_cert_dir-is-being-used-during-remote-gitaly-over-tls' into 'master' Support ssl_cert_dir config setting See merge request gitlab-org/gitlab-shell!393
| * Pass in ssl_cert_dir config settingAsh McKenzie2020-07-024-4/+36
| |
| * Include SSL_CERT_DIR env var in commandAsh McKenzie2020-07-022-22/+60
| |
| * Support new ssl_cert_dir config settingAsh McKenzie2020-07-013-0/+14
|/
* Merge branch 'go-coverage' into 'master'Nick Thomas2020-06-084-4/+13
|\ | | | | | | | | Extract coverage for Go code on CI pipeline See merge request gitlab-org/gitlab-shell!392
| * Extract coverage for Go code on CI pipelinego-coverageTakuya Noguchi2020-06-064-4/+13
| | | | | | | | Signed-off-by: Takuya Noguchi <takninnovationresearch@gmail.com>
* | Merge branch 'id-use-reports-for-code-navigation' into 'master'Nick Thomas2020-06-051-6/+2
|\ \ | |/ |/| | | | | Use simplified setup for code intelligence See merge request gitlab-org/gitlab-shell!386
| * Use LSIF reports for code navigationid-use-reports-for-code-navigationIgor Drozdov2020-05-281-6/+2
| |
View Lorry Controller Status