| Commit message (Collapse) | Author | Age | Files | Lines |
... | |
|\
| |
| |
| |
| |
| |
| |
| |
| | |
Remove secret from request headers
See merge request https://gitlab.com/gitlab-org/gitlab-shell/-/merge_requests/689
Merged-by: Ash McKenzie <amckenzie@gitlab.com>
Approved-by: Ash McKenzie <amckenzie@gitlab.com>
Co-authored-by: Igor Drozdov <idrozdov@gitlab.com>
|
|/
|
|
| |
Now the requests are verified via JWT
|
|\
| |
| |
| |
| |
| |
| |
| | |
Update .tool-versions to Go 1.18.7
See merge request https://gitlab.com/gitlab-org/gitlab-shell/-/merge_requests/688
Merged-by: Igor Drozdov <idrozdov@gitlab.com>
Co-authored-by: Stan Hu <stanhu@gmail.com>
|
|/
|
|
|
|
| |
Security announcement: https://groups.google.com/g/golang-announce/c/xtuG5faxtaU
Part of https://gitlab.com/groups/gitlab-org/-/epics/8843
|
|\
| |
| |
| |
| |
| |
| |
| |
| | |
Release v14.12.0
See merge request https://gitlab.com/gitlab-org/gitlab-shell/-/merge_requests/687
Merged-by: Igor Drozdov <idrozdov@gitlab.com>
Approved-by: Igor Drozdov <idrozdov@gitlab.com>
|
|/
|
|
|
|
|
| |
- Trim secret before signing JWT tokens !686
- Bump .tool-versions to use Go 1.18.6 !685
- Update Gitaly to 15.4.0-rc2 !681
- Test against Golang v1.19 !680
|
|\
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Trim secret before signing JWT tokens
See merge request https://gitlab.com/gitlab-org/gitlab-shell/-/merge_requests/686
Merged-by: Ash McKenzie <amckenzie@gitlab.com>
Approved-by: Alejandro Rodríguez <alejandro@gitlab.com>
Approved-by: Ash McKenzie <amckenzie@gitlab.com>
Co-authored-by: Igor Drozdov <idrozdov@gitlab.com>
|
| |
| |
| |
| |
| | |
With this change we don't rely on the secret to either contain
a newline or not contain it.
|
|\ \
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Bump .tool-versions to use Go 1.18.6
See merge request https://gitlab.com/gitlab-org/gitlab-shell/-/merge_requests/685
Merged-by: Igor Drozdov <idrozdov@gitlab.com>
Approved-by: Igor Drozdov <idrozdov@gitlab.com>
Co-authored-by: Stan Hu <stanhu@gmail.com>
|
|/ /
| |
| |
| |
| |
| |
| | |
go 1.17 is no longer receiving security updates. Update to go 1.18 in
preparation for upgrading.
Part of https://gitlab.com/groups/gitlab-org/-/epics/8843
|
|\ \
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Update docs metadata link in gitlab-shell repo
See merge request https://gitlab.com/gitlab-org/gitlab-shell/-/merge_requests/684
Merged-by: Alejandro Rodríguez <alejandro@gitlab.com>
Approved-by: Alejandro Rodríguez <alejandro@gitlab.com>
Co-authored-by: Amy Qualls <aqualls@gitlab.com>
|
|/ / |
|
|\ \
| |/
|/|
| |
| |
| |
| |
| |
| | |
Add developer documentation to command package
See merge request https://gitlab.com/gitlab-org/gitlab-shell/-/merge_requests/594
Merged-by: Patrick Bajao <ebajao@gitlab.com>
Approved-by: Patrick Bajao <ebajao@gitlab.com>
Co-authored-by: Igor Drozdov <idrozdov@gitlab.com>
|
| | |
|
| | |
|
|\ \
| | |
| | |
| | |
| | | |
Update Gitaly to 15.4.0-rc2
See merge request gitlab-org/gitlab-shell!681
|
|/ /
| |
| |
| |
| | |
It has gitlab-shell dependency removed, so it makes sense to
remove the exclusion of circular dependency
|
|\ \
| | |
| | |
| | |
| | | |
Run tests agains 1.19 Golang
See merge request gitlab-org/gitlab-shell!680
|
|/ / |
|
|\ \
| | |
| | |
| | |
| | | |
Update gitlab-dangerfiles gem
See merge request gitlab-org/gitlab-shell!678
|
| | | |
|
|\ \ \
| |/ /
|/| |
| | |
| | | |
Release 14.11.0
See merge request gitlab-org/gitlab-shell!677
|
|/ / |
|
|\ \
| | |
| | |
| | |
| | | |
Update Gitaly to v15
See merge request gitlab-org/gitlab-shell!676
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This commit also excludes gitlab-shell from dependencies:
Gitaly specifies Gitlab Shell as a dependency as well in order
to use gitlabnet client to perform API endpoints to Gitlab Rails.
As a result, Gitlab Shell requires Gitaly -> Gitaly requires an
older version of Gitlab Shell -> that version requires an older
version of Gitlab Shell, etc. Let's use exclude to break the
chain earlier
|
|\ \ \
| |/ /
|/| |
| | |
| | | |
Fixed extra slashes in API request paths generated for geo
See merge request gitlab-org/gitlab-shell!673
|
| |/ |
|
|\ \
| |/
|/|
| |
| | |
Fix failing TestGitReceivePackSuccess
See merge request gitlab-org/gitlab-shell!675
|
|/
|
|
|
|
|
|
|
| |
After https://gitlab.com/gitlab-org/gitaly/-/merge_requests/4766
has been introduced, the test started fail because we basically
cancel the git-receive-pack after the output is received
This commit gracefully closes the connection to make the test
pass
|
|\
| |
| |
| |
| | |
Add simple_roulette to Dangerfile
See merge request gitlab-org/gitlab-shell!672
|
|/ |
|
|\
| |
| |
| |
| | |
Release v14.10.0
See merge request gitlab-org/gitlab-shell!671
|
|/ |
|
|\
| |
| |
| |
| |
| |
| |
| |
| | |
'main'
Implement Push Auth support for 2FA verification
Closes #506
See merge request gitlab-org/gitlab-shell!454
|
| |
| |
| |
| | |
Use a single channel to handle both Push Auth and OTP results
|
|/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When `2fa_verify` command is executed:
- A user is asked to enter OTP
- A blocking call for push auth is performed
Then:
- If the push auth request fails, the user is still able to enter
OTP
- If OTP is invalid, the `2fa_verify` command ends the execution
- If OTP is valid or push auth request succeeded, then the user is
successfully authenticated
- If 30 seconds passed while no OTP or Push have been provided,
then the `2fa_verify` command ends the execution
|
|\
| |
| |
| |
| |
| |
| | |
Fix flaky race test
Closes #590
See merge request gitlab-org/gitlab-shell!670
|
| |
| |
| |
| |
| |
| |
| |
| | |
`ignoredError.err` was being used in a Goroutine handler, but the
value of `ignoredError` changes with each test case. To avoid a race,
make a local copy of the error before each Goroutine runs.
Closes https://gitlab.com/gitlab-org/gitlab-shell/-/issues/590
|
|\ \
| |/
|/|
| |
| | |
Release v14.9.0
See merge request gitlab-org/gitlab-shell!669
|
|/
|
|
|
| |
- Update LabKit library to v1.16.0 !668
(https://gitlab.com/gitlab-org/labkit/-/releases/v1.16.0)
|
|\
| |
| |
| |
| | |
Update LabKit library to v1.16.0
See merge request gitlab-org/gitlab-shell!668
|
|/
|
|
|
|
|
| |
* include original address in correlation CIDR checks ([ae96001](https://gitlab.com/gitlab-org/labkit/commit/ae9600163a6f5fa2ad06676a00b310af36573df4))
* run make recipes in parallel during backward compat check ([efa9c71](https://gitlab.com/gitlab-org/labkit/commit/efa9c71e13ef2bfe4415278e6b1e5c5ee8cc8022))
See https://gitlab.com/gitlab-org/labkit/-/releases/v1.16.0
|
|\
| |
| |
| |
| | |
Release v14.8.0
See merge request gitlab-org/gitlab-shell!667
|
|/
|
|
|
|
|
| |
- go: Bump major version to v14 !666
- Pass original IP from PROXY requests to internal API calls !665
- Fix make install copying the wrong binaries !664
- gitlab-sshd: Add support for configuring host certificates !661
|
|\
| |
| |
| |
| |
| |
| | |
go: Bump major version to v14
Closes #593
See merge request gitlab-org/gitlab-shell!666
|
|/
|
|
|
|
|
|
|
|
|
|
|
| |
While gitlab-shell currently has a major version of v14, the module path
it exposes is not using that major version like it is required by the Go
standard. This makes it impossible for dependents to import gitlab-shell
as a dependency without using a commit as version.
Fix this by changing the module path of gitlab-shell to instead be
`gitlab.com/gitlab-org/gitlab-shell/v14` and adjust all imports
accordingly.
Changelog: fixed
|
|\
| |
| |
| |
| | |
Pass original IP from PROXY requests to internal API calls
See merge request gitlab-org/gitlab-shell!665
|
|/ |
|
|\
| |
| |
| |
| | |
gitlab-sshd: Add support for configuring host certificates
See merge request gitlab-org/gitlab-shell!661
|
|/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This adds support for specifying host certificates via the
`host_cert_files` option and advertises the signed key to the
client. This acts similarly to OpenSSH's `HostCertificate` parameter:
gitlab-sshd attempts to match a host key to its certificate, and then
substitutes the matching host key with a certificate signed by a
trusted certificate authority's key.
This is the first requirement to supporting SSH certificates. This
will enable the client to trust the server if both trust a common
certificate authority. The `TrustedUserCAKeys` option will need to be
supported later for the server to trust all user keys signed by this
certificate authority.
Relates to https://gitlab.com/gitlab-org/gitlab-shell/-/issues/495
|