summaryrefslogtreecommitdiff
path: root/lib/gitlab_net.rb
Commit message (Collapse)AuthorAgeFilesLines
* pass gl_username through to hooksDavid Turner2017-09-281-1/+7
|
* Support new /internal/pre-receive API endpoint for post-receivegitaly-redis-refactorAlejandro Rodríguez2017-09-051-0/+8
|
* Support new /internal/post-receive API endpointAlejandro Rodríguez2017-08-301-0/+14
|
* Make geo_node a default parametersh-show-all-refsStan Hu2017-07-241-1/+1
|
* Support unhiding of all refs for Geo NodesStan Hu2017-07-211-1/+1
| | | | | | By default, we hide certain refs (e.g. keep-around/XXX) to save user download time. We need to preserve these references on secondary Geo nodes to have a true copy.
* Handle internal API errors when getting merge request URLsonly-parse-mr-urls-on-successSean McGivern2017-07-121-1/+8
|
* Revert "Merge branch ↵revert-gl-repositoryAlejandro Rodríguez2017-07-031-7/+6
| | | | | | | '86-follow-up-from-use-gl_repository-if-present-when-enqueing-sidekiq-postreceive-jobs' into 'master'" This reverts commit fa6343515ba65423e9de4c98c6005facc6059938, reversing changes made to 62af7f6af72728cecb98c5275d8b7aeb3953e564.
* Merge branch 'master' into remove-references-to-v3-internal-apiDmitriy Zaporozhets2017-06-211-6/+7
|\ | | | | | | Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
| * Remove old `project` parameter, use `gl_repository` instead86-follow-up-from-use-gl_repository-if-present-when-enqueing-sidekiq-postreceive-jobsAlejandro Rodríguez2017-06-201-6/+7
| |
* | Remove references to V3 internal APIremove-references-to-v3-internal-apiAdam Niedzielski2017-06-161-12/+8
|/ | | | | | | In the main Rails app we use exactly the same code for /api/v3/internal and /api/v4/internal This means that we can move gitlab-shell to V4 in preparation for sunsetting V3
* Setup use of gl-repository to enqueue PostReceive sidekiq jobsAlejandro Rodríguez2017-05-111-1/+0
|
* Handle GL_REPOSITORY env variable and use it in api callsAlejandro Rodríguez2017-05-111-6/+11
|
* Use api/v4 for gitaly notification and add testsgitaly-post-receive-2Alejandro Rodríguez2017-02-101-9/+13
|
* Add gitaly notification on post-receive hookAlejandro Rodríguez2017-02-071-0/+8
|
* Set a 'Host' header on unix socketsJacob Vosmaer2017-01-031-0/+6
| | | | Workaround for a bug in the HTTPUNIX client.
* Pass relevant git environment variables while calling `/allowed`Timothy Andrew2016-12-161-2/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | 1. Starting version 2.11, git changed the way the pre-receive flow works. - Previously, the new potential objects would be added to the main repo. If the pre-receive passes, the new objects stay in the repo but are linked up. If the pre-receive fails, the new objects stay orphaned in the repo, and are cleaned up during the next `git gc`. - In 2.11, the new potential objects are added to a temporary "alternate object directory", that git creates for this purpose. If the pre-receive passes, the objects from the alternate object directory are migrated to the main repo. If the pre-receive fails the alternate object directory is simply deleted. 2. In our workflow, the pre-recieve script calls the `/allowed` endpoint on the rails server. This `/allowed` endpoint calls out directly to git to perform various checks. These direct calls to git do _not_ have the necessary environment variables set which allow access to the "alternate object directory" (explained above). Therefore these calls to git are not able to access any of the new potential objects to be added during this push. 3. We fix this by passing the relevant environment variables (GIT_ALTERNATE_OBJECT_DIRECTORIES, GIT_OBJECT_DIRECTORY, and GIT_QUARANTINE_PATH) to the `/allowed` endpoint, which will then include these environment variables while calling out to git.
* Use full repository path for API calls instead of extracting namedz-support-nested-namespacesDmitriy Zaporozhets2016-10-271-8/+6
| | | | Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
* Refactored LFS auth logic to use its own API endpoint.Patricio Cano2016-09-061-5/+22
|
* Added LFS support to SSHPatricio Cano2016-09-061-1/+1
| | | | - Required changes to GitLab Shell include the actual handling of the `git-lfs-authenticate` command and the retrieval of the correct credentials.
* Add option to recover 2FA via SSHDrew Blessing2016-08-261-0/+9
|
* Sentinel connection parameters in `config.yml` fileGabriel Mazetto2016-08-181-0/+6
|
* print new merge request urls after push receivedScott Le2016-08-121-0/+7
| | | | | | | | | | | | | | | | update spec different text for new and existing merge request update spec fix style switch order of messages enhance message appearance remove extra spaces
* Rename ENV['PROTOCOL'] to ENV['GL_PROTOCOL'] and make it mandatory with no ↵Patricio Cano2016-07-051-1/+1
| | | | fallback value
* Allow GitLab Shell to check for allowed access based on the used Git protocol.Patricio Cano2016-07-051-1/+2
|
* Refactor repository paths handling to allow multiple git mount pointsshardsAlejandro Rodríguez2016-06-291-1/+1
|
* Put Redis loading code in one placegitlab-redisJacob Vosmaer2016-06-231-1/+1
|
* Put redis library in lib/vendor/ and adjust LOAD_PATHuse-redis-rb-clientStan Hu2016-05-121-1/+1
|
* Add redis-rb as a vendored libraryStan Hu2016-05-121-1/+1
| | | | `make update-redis` will clone the library and adjust the paths properly
* Use Redis Ruby client instead of shelling out to redis-cliStan Hu2016-05-121-0/+19
| | | | Closes gitlab-org/gitlab-ce#17329
* Add encoding for the ssh key on the urlPablo Carranza2016-03-241-1/+1
|
* Change use of fingerprint for whole keyPablo Carranza2016-03-241-2/+2
|
* Change API endpoint to authorized_keysPablo Carranza2016-03-241-1/+1
|
* Add authorized keys bin script to find keys by fingerprintPablo Carranza2016-03-241-2/+4
|
* Add ssh-key resource get to gitlab_netPablo Carranza2016-03-241-0/+5
| | | | | This provides the integration point to the internal API to get the ssh key from the internal API.
* Actually use the read_timeout config optionJacob Vosmaer2016-02-091-1/+5
|
* Log duration of HTTP API requestsnet-read-timeoutJacob Vosmaer2016-02-091-0/+5
|
* Use an HTTP timeout of 5 minutes by defaultJacob Vosmaer2016-02-091-6/+11
|
* Add support to connect gitlab-shell to Unicorn via UNIX socketKirill Smelkov2015-11-101-1/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | It is well known that UNIX sockets are faster than TCP over loopback. E.g. on my machine according to lmbench[1] they have ~ 2 times lower latency and ~ 2-3 times more throughput compared to TCP over loopback: *Local* Communication latencies in microseconds - smaller is better --------------------------------------------------------------------- Host OS 2p/0K Pipe AF UDP RPC/ TCP RPC/ TCP ctxsw UNIX UDP TCP conn --------- ------------- ----- ----- ---- ----- ----- ----- ----- ---- teco Linux 4.2.0-1 13.8 29.2 26.8 45.0 47.9 48.5 55.5 45. *Local* Communication bandwidths in MB/s - bigger is better ----------------------------------------------------------------------------- Host OS Pipe AF TCP File Mmap Bcopy Bcopy Mem Mem UNIX reread reread (libc) (hand) read write --------- ------------- ---- ---- ---- ------ ------ ------ ------ ---- ----- teco Linux 4.2.0-1 1084 4353 1493 2329.1 3720.7 1613.8 1109.2 3402 1404. The same ratio usually holds for servers. Also UNIX sockets, since they reside on filesystem, besides being faster with less latency, have one another nice property: access permissions to them are managed the same way access to files is. Because of lower latencies and higher throughput - for performance reasons, and for easier security, it makes sense to interconnect services on one machine via UNIX sockets and talk via TCP only to outside world. All internal services inside GitLab can talk to each other via UNIX socket already and only gitlab-shell was missing support to talk to Unicorn via UNIX socket. Let's teach gitlab-shell to talk via UNIX sockets. [1] http://www.bitmover.com/lmbench/ ~~~~ In this patch we - add URI::HTTPUNIX to handle http+unix:// URI scheme - add Net::HTTPUNIX to handle "connect via unix socket and then talk http" - adjust GitlabNet#http_client_for() accordingly - adjust documentation in config.yml.example The http+unix:// scheme is not reinvented anew: the idea about its structure is quite logical an was already established at least in requests-unixsocket python package: http://fixall.online/theres-no-need-to-reinvent-the-wheelhttpsgithubcommsabramorequests-unixsocketurl/241810/ https://github.com/msabramo/requests-unixsocket
* Merge pull request #212 from jirutka/patch-1Dmitriy Zaporozhets2015-04-101-1/+1
|\ | | | | Allow to configure location of the secret file
| * Allow to configure location of the secret fileJakub Jirutka2015-02-081-1/+1
| |
* | Improve broadcast message logicv2.5.1Dmitriy Zaporozhets2015-02-181-7/+3
| | | | | | | | | | Expect broadcast message API endpoint to return 200 with empty JSON if no broadcast messages available
* | Log full Net::HTTP error.Douwe Maan2015-02-121-1/+2
| |
* | Show nice error message when internal API is unreachable.Douwe Maan2015-02-111-1/+7
| |
* | Refactor: Remove #tap for readability and performance and DRY up get/post.Douwe Maan2015-02-111-40/+40
| |
* | Print broadcast message if one is available.Douwe Maan2015-02-091-0/+9
|/
* Fix gitlab-shell access for any kind of branchv2.4.2Dmitriy Zaporozhets2015-01-281-1/+2
|
* Join changes in GitlabNet libraryDmitriy Zaporozhets2015-01-281-1/+1
|
* double quotes to single quotesChristian González2015-01-021-1/+1
|
* typo in message: "accesible" -> "accessible"Christian González2015-01-011-1/+1
|
* Add missing 'require_relative' in gitlab_net.rbJacob Vosmaer2014-11-251-0/+1
| | | | | | | | | | | | | | | | | Without this 'require' statement, you get the following error: ``` $ git ls-remote origin /home/git/gitlab-shell/lib/gitlab_net.rb:30:in `check_access': uninitialized constant GitlabNet::GitAccessStatus (NameError) from /home/git/gitlab-shell/lib/gitlab_shell.rb:63:in `validate_access' from /home/git/gitlab-shell/lib/gitlab_shell.rb:24:in `exec' from /home/git/gitlab-shell/bin/gitlab-shell:16:in `<main>' fatal: Could not read from remote repository. Please make sure you have the correct access rights and the repository exists. ```
View Lorry Controller Status