summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
...
* Merge branch 'id-remove-secret-from-headers' into 'main'Ash McKenzie2022-10-182-37/+0
|\ | | | | | | | | | | | | | | | | Remove secret from request headers See merge request https://gitlab.com/gitlab-org/gitlab-shell/-/merge_requests/689 Merged-by: Ash McKenzie <amckenzie@gitlab.com> Approved-by: Ash McKenzie <amckenzie@gitlab.com> Co-authored-by: Igor Drozdov <idrozdov@gitlab.com>
| * Remove secret from request headersIgor Drozdov2022-10-172-37/+0
|/ | | | Now the requests are verified via JWT
* Merge branch 'sh-update-tool-versions-1.18.7' into 'main'Igor Drozdov2022-10-131-1/+1
|\ | | | | | | | | | | | | | | Update .tool-versions to Go 1.18.7 See merge request https://gitlab.com/gitlab-org/gitlab-shell/-/merge_requests/688 Merged-by: Igor Drozdov <idrozdov@gitlab.com> Co-authored-by: Stan Hu <stanhu@gmail.com>
| * Update .tool-versions to Go 1.18.7Stan Hu2022-10-121-1/+1
|/ | | | | | Security announcement: https://groups.google.com/g/golang-announce/c/xtuG5faxtaU Part of https://gitlab.com/groups/gitlab-org/-/epics/8843
* Merge branch 'id-release-14-12-0' into 'main'v14.12.0Igor Drozdov2022-09-282-1/+8
|\ | | | | | | | | | | | | | | | | Release v14.12.0 See merge request https://gitlab.com/gitlab-org/gitlab-shell/-/merge_requests/687 Merged-by: Igor Drozdov <idrozdov@gitlab.com> Approved-by: Igor Drozdov <idrozdov@gitlab.com>
| * Release v14.12.0Igor Drozdov2022-09-282-1/+8
|/ | | | | | | - Trim secret before signing JWT tokens !686 - Bump .tool-versions to use Go 1.18.6 !685 - Update Gitaly to 15.4.0-rc2 !681 - Test against Golang v1.19 !680
* Merge branch 'id-fix-jwt-tokens' into 'main'Ash McKenzie2022-09-282-10/+23
|\ | | | | | | | | | | | | | | | | | | Trim secret before signing JWT tokens See merge request https://gitlab.com/gitlab-org/gitlab-shell/-/merge_requests/686 Merged-by: Ash McKenzie <amckenzie@gitlab.com> Approved-by: Alejandro Rodríguez <alejandro@gitlab.com> Approved-by: Ash McKenzie <amckenzie@gitlab.com> Co-authored-by: Igor Drozdov <idrozdov@gitlab.com>
| * Trim secret before signing JWT tokensIgor Drozdov2022-09-272-10/+23
| | | | | | | | | | With this change we don't rely on the secret to either contain a newline or not contain it.
* | Merge branch 'sh-bump-go-1.18' into 'main'Igor Drozdov2022-09-271-1/+1
|\ \ | | | | | | | | | | | | | | | | | | | | | | | | Bump .tool-versions to use Go 1.18.6 See merge request https://gitlab.com/gitlab-org/gitlab-shell/-/merge_requests/685 Merged-by: Igor Drozdov <idrozdov@gitlab.com> Approved-by: Igor Drozdov <idrozdov@gitlab.com> Co-authored-by: Stan Hu <stanhu@gmail.com>
| * | Bump .tool-versions to use Go 1.18.6Stan Hu2022-09-261-1/+1
|/ / | | | | | | | | | | | | go 1.17 is no longer receiving security updates. Update to go 1.18 in preparation for upgrading. Part of https://gitlab.com/groups/gitlab-org/-/epics/8843
* | Merge branch 'aqualls-update-docs-metadata' into 'main'Alejandro Rodríguez2022-09-222-2/+2
|\ \ | | | | | | | | | | | | | | | | | | | | | | | | Update docs metadata link in gitlab-shell repo See merge request https://gitlab.com/gitlab-org/gitlab-shell/-/merge_requests/684 Merged-by: Alejandro Rodríguez <alejandro@gitlab.com> Approved-by: Alejandro Rodríguez <alejandro@gitlab.com> Co-authored-by: Amy Qualls <aqualls@gitlab.com>
| * | Update docs metadata link in gitlab-shell repoAmy Qualls2022-09-222-2/+2
|/ /
* | Merge branch 'id-add-documentation-to-command' into 'main'Patrick Bajao2022-09-211-0/+30
|\ \ | |/ |/| | | | | | | | | | | | | Add developer documentation to command package See merge request https://gitlab.com/gitlab-org/gitlab-shell/-/merge_requests/594 Merged-by: Patrick Bajao <ebajao@gitlab.com> Approved-by: Patrick Bajao <ebajao@gitlab.com> Co-authored-by: Igor Drozdov <idrozdov@gitlab.com>
| * Specify all packages that use commandsPatrick Bajao2022-08-031-1/+5
| |
| * Add developer documentation to command packageIgor Drozdov2022-08-031-0/+26
| |
* | Merge branch 'id-bump-gitaly' into 'main'Ash McKenzie2022-08-312-46/+114
|\ \ | | | | | | | | | | | | Update Gitaly to 15.4.0-rc2 See merge request gitlab-org/gitlab-shell!681
| * | Update Gitaly to 15.4.0-rc2Igor Drozdov2022-08-302-46/+114
|/ / | | | | | | | | It has gitlab-shell dependency removed, so it makes sense to remove the exclusion of circular dependency
* | Merge branch 'id-test-against-1.19' into 'main'Ash McKenzie2022-08-161-1/+1
|\ \ | | | | | | | | | | | | Run tests agains 1.19 Golang See merge request gitlab-org/gitlab-shell!680
| * | Add Golang 1.19 to CIIgor Drozdov2022-08-161-1/+1
|/ /
* | Merge branch 'id-update-danger-gem' into 'main'Patrick Bajao2022-08-112-20/+20
|\ \ | | | | | | | | | | | | Update gitlab-dangerfiles gem See merge request gitlab-org/gitlab-shell!678
| * | Update gitlab-dangerfiles gemIgor Drozdov2022-08-112-20/+20
| | |
* | | Merge branch 'id-release-14-11-0' into 'main'v14.11.0Igor Drozdov2022-08-112-1/+6
|\ \ \ | |/ / |/| | | | | | | | Release 14.11.0 See merge request gitlab-org/gitlab-shell!677
| * | Release 14.11.0Igor Drozdov2022-08-112-1/+6
|/ /
* | Merge branch 'id-update-gitaly-to-v15' into 'main'Patrick Bajao2022-08-1012-393/+319
|\ \ | | | | | | | | | | | | Update Gitaly to v15 See merge request gitlab-org/gitlab-shell!676
| * | Update Gitaly to v15Igor Drozdov2022-08-0512-393/+319
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This commit also excludes gitlab-shell from dependencies: Gitaly specifies Gitlab Shell as a dependency as well in order to use gitlabnet client to perform API endpoints to Gitlab Rails. As a result, Gitlab Shell requires Gitaly -> Gitaly requires an older version of Gitlab Shell -> that version requires an older version of Gitlab Shell, etc. Let's use exclude to break the chain earlier
* | | Merge branch 'I-365101' into 'main'Igor Drozdov2022-08-052-1/+16
|\ \ \ | |/ / |/| | | | | | | | Fixed extra slashes in API request paths generated for geo See merge request gitlab-org/gitlab-shell!673
| * | Fixed extra slashes in API request paths generated for geoCarlos Yu2022-08-052-1/+16
| |/
* | Merge branch 'id-fix-git-receive-pack-in-tests' into 'main'Stan Hu2022-08-051-2/+15
|\ \ | |/ |/| | | | | Fix failing TestGitReceivePackSuccess See merge request gitlab-org/gitlab-shell!675
| * Fix failing TestGitReceivePackSuccessIgor Drozdov2022-08-051-2/+15
|/ | | | | | | | | After https://gitlab.com/gitlab-org/gitaly/-/merge_requests/4766 has been introduced, the test started fail because we basically cancel the git-receive-pack after the output is received This commit gracefully closes the connection to make the test pass
* Merge branch 'tchu-add-simple-roulette-to-dangerfile' into 'main'Patrick Bajao2022-07-281-1/+1
|\ | | | | | | | | Add simple_roulette to Dangerfile See merge request gitlab-org/gitlab-shell!672
| * Add simple_roulette to DangerfileTerri Chu2022-07-261-1/+1
|/
* Merge branch 'id-release-14-10-0' into 'main'v14.10.0Igor Drozdov2022-07-212-1/+5
|\ | | | | | | | | Release v14.10.0 See merge request gitlab-org/gitlab-shell!671
| * Release v14.10.0Igor Drozdov2022-07-212-1/+5
|/
* Merge branch '506-twofactorverify-command-to-support-push-notification' into ↵Patrick Bajao2022-07-215-116/+326
|\ | | | | | | | | | | | | | | | | 'main' Implement Push Auth support for 2FA verification Closes #506 See merge request gitlab-org/gitlab-shell!454
| * Simplify 2FA Push auth processingIgor Drozdov2022-07-2011-870/+573
| | | | | | | | Use a single channel to handle both Push Auth and OTP results
| * Implement Push Auth support for 2FA verificationkmcknight2022-07-188-61/+568
|/ | | | | | | | | | | | | | | | | When `2fa_verify` command is executed: - A user is asked to enter OTP - A blocking call for push auth is performed Then: - If the push auth request fails, the user is still able to enter OTP - If OTP is invalid, the `2fa_verify` command ends the execution - If OTP is valid or push auth request succeeded, then the user is successfully authenticated - If 30 seconds passed while no OTP or Push have been provided, then the `2fa_verify` command ends the execution
* Merge branch 'sh-fix-flaky-race-test' into 'main'Igor Drozdov2022-07-151-1/+2
|\ | | | | | | | | | | | | Fix flaky race test Closes #590 See merge request gitlab-org/gitlab-shell!670
| * Fix flaky race testStan Hu2022-07-141-1/+2
| | | | | | | | | | | | | | | | `ignoredError.err` was being used in a Goroutine handler, but the value of `ignoredError` changes with each test case. To avoid a race, make a local copy of the error before each Goroutine runs. Closes https://gitlab.com/gitlab-org/gitlab-shell/-/issues/590
* | Merge branch 'sh-release-14.9.0' into 'main'v14.9.0Stan Hu2022-07-152-1/+5
|\ \ | |/ |/| | | | | Release v14.9.0 See merge request gitlab-org/gitlab-shell!669
| * Release v14.9.0Stan Hu2022-07-142-1/+5
|/ | | | | - Update LabKit library to v1.16.0 !668 (https://gitlab.com/gitlab-org/labkit/-/releases/v1.16.0)
* Merge branch 'vendor-v1.16.0' into 'main'Stan Hu2022-07-132-3/+4
|\ | | | | | | | | Update LabKit library to v1.16.0 See merge request gitlab-org/gitlab-shell!668
| * Update LabKit library to v1.16.0Alejandro Rodríguez2022-07-132-3/+4
|/ | | | | | | * include original address in correlation CIDR checks ([ae96001](https://gitlab.com/gitlab-org/labkit/commit/ae9600163a6f5fa2ad06676a00b310af36573df4)) * run make recipes in parallel during backward compat check ([efa9c71](https://gitlab.com/gitlab-org/labkit/commit/efa9c71e13ef2bfe4415278e6b1e5c5ee8cc8022)) See https://gitlab.com/gitlab-org/labkit/-/releases/v1.16.0
* Merge branch 'id-release-14-8' into 'main'v14.8.0Igor Drozdov2022-07-052-1/+8
|\ | | | | | | | | Release v14.8.0 See merge request gitlab-org/gitlab-shell!667
| * Release v14.8.0Igor Drozdov2022-07-052-1/+8
|/ | | | | | | - go: Bump major version to v14 !666 - Pass original IP from PROXY requests to internal API calls !665 - Fix make install copying the wrong binaries !664 - gitlab-sshd: Add support for configuring host certificates !661
* Merge branch 'pks-go-module-path-version' into 'main'Igor Drozdov2022-07-0592-373/+373
|\ | | | | | | | | | | | | go: Bump major version to v14 Closes #593 See merge request gitlab-org/gitlab-shell!666
| * go: Bump major version to v14Patrick Steinhardt2022-07-0592-373/+373
|/ | | | | | | | | | | | | While gitlab-shell currently has a major version of v14, the module path it exposes is not using that major version like it is required by the Go standard. This makes it impossible for dependents to import gitlab-shell as a dependency without using a commit as version. Fix this by changing the module path of gitlab-shell to instead be `gitlab.com/gitlab-org/gitlab-shell/v14` and adjust all imports accordingly. Changelog: fixed
* Merge branch 'sshd-forwarded-for' into 'main'Igor Drozdov2022-07-016-20/+76
|\ | | | | | | | | Pass original IP from PROXY requests to internal API calls See merge request gitlab-org/gitlab-shell!665
| * Pass original IP from PROXY requests to internal API callsAlejandro Rodríguez2022-06-306-20/+76
|/
* Merge branch 'sh-sshd-add-host-cert-support' into 'main'Igor Drozdov2022-06-2912-8/+191
|\ | | | | | | | | gitlab-sshd: Add support for configuring host certificates See merge request gitlab-org/gitlab-shell!661
| * gitlab-sshd: Add support for configuring host certificatesStan Hu2022-06-2612-8/+191
|/ | | | | | | | | | | | | | | | | This adds support for specifying host certificates via the `host_cert_files` option and advertises the signed key to the client. This acts similarly to OpenSSH's `HostCertificate` parameter: gitlab-sshd attempts to match a host key to its certificate, and then substitutes the matching host key with a certificate signed by a trusted certificate authority's key. This is the first requirement to supporting SSH certificates. This will enable the client to trust the server if both trust a common certificate authority. The `TrustedUserCAKeys` option will need to be supported later for the server to trust all user keys signed by this certificate authority. Relates to https://gitlab.com/gitlab-org/gitlab-shell/-/issues/495