summaryrefslogtreecommitdiff
path: root/internal
Commit message (Collapse)AuthorAgeFilesLines
* Add context fields to loggingid-context-fieldsIgor Drozdov2021-09-155-12/+12
| | | | It adds correlation ids wherever possible
* Extract server config related code out of sshd.goIgor Drozdov2021-09-154-73/+217
|
* Unit test exit-codes for sshd/session.goid-session-test-2Igor Drozdov2021-09-151-0/+145
|
* Unit test sshd.handleEnv functionIgor Drozdov2021-09-151-0/+44
|
* Add TestInvalidClientConfig and TestNewServerWithoutHosts for sshd.goid-sshd-testsIgor Drozdov2021-09-151-0/+16
|
* Merge branch 'main' into refactor/cmdNick Thomas2021-09-141-1/+1
|\
| * Fix a flaky testNick Thomas2021-09-141-1/+1
| |
* | refactor: fix style issuesfeistel2021-09-081-4/+4
| |
* | refactor: rearchitect command and executable Go modulesfeistel2021-09-087-474/+5
|/
* Merge branch 'remove/generic-args' into 'main'Nick Thomas2021-09-087-35/+37
|\ | | | | | | | | | | | | refactor: remove commandargs.GenericArgs Closes #212 See merge request gitlab-org/gitlab-shell!506
| * refactor: add acceptargs field to executablefeistel2021-09-085-16/+20
| | | | | | | | | | parse logic will only run if the executable accept args. healthcheck is the only one not accepting arguments.
| * refactor: improve unknown executable error messagefeistel2021-09-081-1/+2
| |
| * refactor: remove commandargs.GenericArgsfeistel2021-08-113-21/+18
| |
* | refactor: move away from ioutil (deprecated)feistel2021-08-1917-47/+45
| |
* | refactor: change httpclient to return an errorfeistel2021-08-133-7/+12
| |
* | refactor: update usage of NewHTTPClient to NewHTTPClientWithOptsfeistel2021-08-111-1/+6
|/
* Merge branch '499-use-labkit-logging-initialize' into 'main'Patrick Bajao2021-08-042-33/+63
|\ | | | | | | | | | | | | Switch to labkit for logging system setup Closes #271 See merge request gitlab-org/gitlab-shell!504
| * Switch to labkit for logging system setupNick Thomas2021-08-042-33/+63
| | | | | | | | | | | | | | | | | | | | | | - We start supporting the "color" format for logs. - We now respond to SIGHUP by reopening the log file. - We now respect the log format when no log filename is specified. Output to syslog in the event of logging system setup is preserved in OpenSSH mode. Changelog: added
* | Merge branch 'security-300265' into 'main'Patrick Bajao2021-08-042-4/+9
|\ \ | |/ |/| | | | | Modify regex to prevent partial matches See merge request gitlab-org/security/gitlab-shell!6
| * Modify regex to prevent partial matchesRobert May2021-06-292-4/+9
| |
* | Remove some unreliable testsNick Thomas2021-07-304-71/+76
| | | | | | | | | | | | | | | | | | | | | | | | | | Logrus buffers its output internally, which makes these tests fail intermittently. They're also not a good example to follow generally. We now have acceptance tests that exercise this functionality so I'm pretty relaxed about losing the expectations. However, we can test them by inspecting the server-received metadata too, so there's no loss of coverage here. The move from logrus to labkit for logging also makes these tests hard to justify keeping.
* | Sshd: Log same correlation_id on auth keysIgor Drozdov2021-07-273-54/+152
| |
* | Merge branch 'sh-update-go-proxyproto' into 'main'Nick Thomas2021-07-271-1/+5
|\ \ | | | | | | | | | | | | Update go-proxyproto to v0.6.0 See merge request gitlab-org/gitlab-shell!499
| * | Set a 90-second timeout on proxy headersStan Hu2021-07-261-9/+12
| | |
* | | Fix formatting via make fmtStan Hu2021-07-266-18/+16
|/ /
* | Merge branch 'id-switch-logging-to-labkit' into 'main'Patrick Bajao2021-07-234-21/+23
|\ \ | | | | | | | | | | | | Switch to labkit/log for logging functionality See merge request gitlab-org/gitlab-shell!498
| * | Switch to labkit/log for logging functionalityIgor Drozdov2021-07-224-21/+23
| | |
* | | Unit tests for internal/sshd/connection.goNick Thomas2021-07-221-5/+73
|/ /
* | Prometheus metrics for HTTP requestsIgor Drozdov2021-07-214-40/+101
| | | | | | | | | | A RoundTripper for tracking the duration of an http request is introduced
* | remove tracing.NewRoundTripper from internal/Config, now that NewHTTPClient ↵Igor Wiedler2021-07-201-10/+4
| | | | | | | | already includes it
* | Provide liveness and readiness probesIgor Drozdov2021-07-193-15/+114
| | | | | | | | | | They are going to be used to determine whether a server is alive and ready to accept traffic
* | Shutdown sshd gracefullyIgor Drozdov2021-07-153-22/+132
| | | | | | | | | | | | | | | | When interruption signal is sent, we are closing ssh listener to prevent it from accepting new connections Then after configured grace period, we cancel the context to cancel all ongoing operations
* | Merge branch 'id-refactor-test-helper' into 'main'Nick Thomas2021-07-142-32/+11
|\ \ | | | | | | | | | | | | Refactor testhelper.PrepareTestRootDir using t.Cleanup See merge request gitlab-org/gitlab-shell!493
| * | Refactor testhelper.PrepareTestRootDir using t.CleanupIgor Drozdov2021-07-142-32/+11
| |/
* | Merge branch 'change_log_format' into 'main'Patrick Bajao2021-07-131-1/+1
|\ \ | | | | | | | | | | | | Change default logging format to JSON See merge request gitlab-org/gitlab-shell!476
| * | changed filename extension to .log as json can operate on .log filelistout2021-05-261-1/+1
| | |
| * | changed the format of log file to json from textlistout2021-05-241-2/+2
| | |
* | | Fix the Geo SSH push proxy hangingValery Sizov2021-07-014-6/+74
| |/ |/| | | | | | | | | | | | | | | | | Geo SSH proxy push currently impossible when the only action that happens is branch removal. This fix works in a way that it waits for flush packet from git and then checks pkt lines to determine is pack data is expected. The thing is that git doesnt send pack data when only branch removal happens. Explanation is in https://gitlab.com/gitlab-org/gitlab/-/issues/330494
* | Adding a UTC converter and testGary Holtz2021-06-182-1/+38
| |
* | fix: upgrade of the gitaly dependencyPavlo Strokov2021-06-027-12/+12
| | | | | | | | | | | | | | | | | | | | | | Gitaly project now properly respects module release flow and includes a module suffix in the package name. It requires to re-write all non-suffixed imports with suffixed of a specific version of tha module. With proper module versioning we don't need to use a 'replace' directive to point to specific commit and can use semantic versioning for the gitaly dependency. Part of: https://gitlab.com/gitlab-org/gitaly/-/issues/3177
* | Unit test wrong channel typeIgor Drozdov2021-06-011-4/+34
| |
* | Merge branch '501-fix-opentracing-init' into 'main'Igor Drozdov2021-05-249-87/+105
|\ \ | |/ |/| | | | | | | | | Fix opentracing setup for gitlab-sshd Closes #501 See merge request gitlab-org/gitlab-shell!473
| * Fix opentracing setup for gitlab-sshdNick Thomas2021-05-179-87/+105
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Previously, opentracing (if configured) was initialized late in the gitlab-shell process's lifespan, coming just before making a gRPC call to Gitaly. By moving the opentracing initialization to be at process startup, we make it available for the whole process lifecycle, which is very useful to gitlab-sshd, as it means we'll only call tracing.Initialize() once on process startup, rather than once per SSH connection. To get this working, we need to introduce a context to gitlab-sshd. This carries the client/service name, but also carries an initial correlation ID. The main outcome of this is that all calls to the authorized_keys endpoint from a given gitlab-sshd process will now share a correlation ID. I don't have a strong opinion about this either way. Changelog: fixed
* | Add a simple acceptance test for git-receive-packSean McGivern2021-05-201-3/+3
| |
* | Add acceptance test for git-lfs-authenticateSean McGivern2021-05-171-0/+22
|/
* Merge branch '501-gitaly-respect-parent-context' into 'main'Nick Thomas2021-05-1013-41/+39
|\ | | | | | | | | Respect parent context for Gitaly calls See merge request gitlab-org/gitlab-shell!469
| * Respect parent context for Gitaly callsNick Thomas2021-05-0513-41/+39
| | | | | | | | | | | | | | | | | | Without these changes, Gitaly calls would not be linked to a parent context. This means that they would have an unassociated correlationID, and Gitaly RPC calls would not be cancel()ed by parent context cancellation. Changelog: fixed
* | Stop changing directory to the filesystem rootNick Thomas2021-05-061-6/+0
| | | | | | | | | | | | | | | | | | | | | | This behaviour dates from when Gitaly RPCs were executed in Ruby by a Go subprocess. It's not needed for gitlab-shell now that it's in Go, and it's a very strange thing for gitlab-sshd. Best just to remove it. If we wanted to retain this behaviour, we could have an `os.Chdir` call in the gitlab-shell binary, but I just don't think it's needed. Changelog: fixed
* | Merge branch '516-handle-ssl-cert-dir-correctly' into 'main'Nick Thomas2021-05-044-87/+94
|\ \ | | | | | | | | | | | | | | | | | | gitlab-sshd: Respect the ssl_cert_dir config Closes #516 See merge request gitlab-org/gitlab-shell!467
| * | gitlab-sshd: Respect the ssl_cert_dir config516-handle-ssl-cert-dir-correctlyNick Thomas2021-04-304-87/+94
| |/ | | | | | | Changelog: fixed
View Lorry Controller Status