summaryrefslogtreecommitdiff
path: root/lib/gitlab_shell.rb
Commit message (Collapse)AuthorAgeFilesLines
* Refactor repository paths handling to allow multiple git mount pointsshardsAlejandro Rodríguez2016-06-291-29/+25
|
* get git annex to work when using custom SSH portJames Lopez2016-03-161-3/+2
|
* Merge branch 'stricter-exec_cmd' into 'master' Dmitriy Zaporozhets2015-12-011-12/+20
|\ | | | | | | | | | | | | | | Stricter exec cmd In response to the gitlab-shell 2.6.6-2.6.7 remote code execution vulnerability. See merge request !33
| * Add comment about untrusted origin_cmdstricter-exec_cmdJacob Vosmaer2015-11-261-0/+3
| |
| * Limit availability of SSH_ORIGINAL_COMMANDJacob Vosmaer2015-11-251-12/+10
| | | | | | | | | | Hoping this makes it more obvious when code touches the very unsafe contents of this variable.
| * Disallow execing stringsJacob Vosmaer2015-11-251-0/+7
| | | | | | | | Passing strings to Kernel::exec leads to remote code execution.
* | Merge branch 'y/git-home' into 'master' Dmitriy Zaporozhets2015-11-251-0/+1
|\ \ | |/ |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Pass $HOME to git as well [ this patch has the same rationale and reasoning as https://gitlab.com/gitlab-org/gitlab-workhorse/commit/0d0bd209 details follow ] Git has 3 places for configs: - system - global (per user), and - local (per repository) System config location is hardcoded at git compile time (to usually $prefix/etc/gitconfig). Local configuration is usually picked because we pass full repo path to subcommand. But global configuration is currently not picked at all, because HOME env variable is not passed to git. Pass $HOME through and let git see it's "global" config. Currently GitLab omnibus stores gitlab user name/email + "autocrlf = true" in global config, so missing it should not be a blocker for receive/send-pack operations. But having it is more correct and can be handy in the future if/when more git operations are done from-under gitlab-shell. Having $HOME properly set is also needed when one cannot change system git config and have to put site-wide configuration into global git config under $HOME. That was the case I've hit and the reason for this patch. /cc @dzaporozhets, @jacobvosmaer See merge request !32
| * Pass $HOME to git as wellKirill Smelkov2015-11-241-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | [ this patch has the same rationale and reasoning as https://gitlab.com/gitlab-org/gitlab-workhorse/commit/0d0bd209 details follow ] Git has 3 places for configs: - system - global (per user), and - local (per repository) System config location is hardcoded at git compile time (to usually $prefix/etc/gitconfig). Local configuration is usually picked because we pass full repo path to subcommand. But global configuration is currently not picked at all, because HOME env variable is not passed to git. Pass $HOME through and let git see it's "global" config. Currently GitLab omnibus stores gitlab user name/email + "autocrlf = true" in global config, so missing it should not be a blocker for receive/send-pack operations. But having it is more correct and can be handy in the future if/when more git operations are done from-under gitlab-shell. Having $HOME properly set is also needed when one cannot change system git config and have to put site-wide configuration into global git config under $HOME. That was the case I've hit and the reason for this patch.
* | Revert "Run git-lfs-authenticate script with original command line arguments"Dmitriy Zaporozhets2015-11-251-2/+0
|/ | | | | | This reverts commit 8449979ff029af51be0c675c5b6262bc4adc8b3d. Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
* Merge branch 'master' of gitlab.com:gitlab-org/gitlab-shell into ↵Jacob Vosmaer2015-10-011-0/+3
|\ | | | | | | no-init-on-gcryptsetup
| * Merge branch 'bozaro/gitlab-shell-git-lfs-authenticate'Dmitriy Zaporozhets2015-09-101-0/+2
| |\ | | | | | | | | | Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
| | * Run git-lfs-authenticate script with original command line argumentsArtem V. Navrotskiy2015-09-091-0/+2
| | |
| * | Do not clean LANG environment variable for the git hooks when working ↵Artem V. Navrotskiy2015-09-091-0/+1
| |/ | | | | | | | | | | through the SSH-protocol When cleaning this environment variable can be problems with the processing of non-ASCII data
* | Skip 'git annex init' when using 'gcryptsetup'no-init-on-gcryptsetupJacob Vosmaer2015-08-111-1/+6
|/ | | | | 'gcryptsetup' is a special git-annex feature that does its own initialization.
* If git-annex is enabled set GIT_ANNEX_SHELL_LIMITED variable.git_annex_env_variableMarin Jankovski2015-07-161-1/+11
|
* Add git-lfs-authenticate to command white listArtem V. Navrotskiy2015-06-291-3/+16
|
* Refactor GitlabShell#exec a bit.Douwe Maan2015-04-061-7/+9
|
* GitlabShell doesn't need to set GL_ID at all.Douwe Maan2015-04-061-5/+4
|
* Write GitlabShell error to stderr.nice-error-messageDouwe Maan2015-04-061-18/+30
|
* Fail early on invalid input (raise ... unless ...)Jacob Vosmaer2015-02-201-34/+28
| | | | | This intention of this change is to make the normal flow of execution easier to read, and to prevent mistakes in deeply nested if-else trees.
* Immediatly raise exception if git-annex is disabledDmitriy Zaporozhets2015-02-191-17/+25
|
* Safer line sub for git-annex commandv2.5.2Dmitriy Zaporozhets2015-02-181-1/+1
|
* Fix syntax of git init commandDmitriy Zaporozhets2015-02-171-1/+1
|
* Fix git-annex init repoDmitriy Zaporozhets2015-02-171-3/+3
|
* Make fixes to pass rubocopDmitriy Zaporozhets2015-02-161-1/+1
|
* Add config option to disable git-annexDmitriy Zaporozhets2015-02-161-4/+4
|
* Enable git-annex on first commandDmitriy Zaporozhets2015-02-131-9/+14
|
* Improve logging for git-annexDmitriy Zaporozhets2015-02-121-1/+4
|
* Merge branch 'master' into git-annexDmitriy Zaporozhets2015-02-121-14/+12
|\ | | | | | | | | Conflicts: lib/gitlab_shell.rb
| * Log full Net::HTTP error.Douwe Maan2015-02-121-1/+0
| |
| * Show nice error message when internal API is unreachable.Douwe Maan2015-02-111-11/+12
| |
* | Enable git-annex validate accessGitLab2015-02-121-6/+5
| |
* | Patch gitlab-shell to work with git-annex-shellDmitriy Zaporozhets2015-02-111-6/+38
|/
* Revert "Revert "Merge branch 'git_hook_messages'""Valery Sizov2014-11-241-1/+1
| | | | This reverts commit f8453da5868dd7a23d0f2f3da7a45e33c441d1db.
* Revert "Merge branch 'git_hook_messages'"Jacob Vosmaer2014-11-201-1/+1
| | | | | | | | | | At least the following things were broken: - missing require for 'gitlab_access_status' in lib/gitlab_net.rb - gitlabhq master internal API returns 'true' or 'false', gitlab-shell expects JSON This reverts commit 11311a95545f967a5736cd16ab5fc37f7e658519, reversing changes made to 45444597aef3e434571de2491934ae92357ad231.
* Show error message when git access is rejectedValery Sizov2014-11-141-1/+1
|
* Merge pull request #81 from corny/patch-1Dmitriy Zaporozhets2014-10-281-3/+1
|\ | | | | avoid @user_tried
| * Update gitlab_shell.rbJulian K.2013-08-071-3/+1
| | | | | | using instance_variable_defined to avoid @user_tried
* | Use a different style of one-line classesJacob Vosmaer2014-08-271-1/+1
| |
* | Handle invalid number of argumentsJacob Vosmaer2014-08-271-3/+8
| | | | | | | | | | | | | | When a remote user with a valid SSH key runs something like 'ssh git@gitlab.example.com foobar', gitlab-shell would raise an exception in the GitlabShell#escape_path method. With this change, we catch an invalid number of arguments as soon as possible and exit.
* | use abort isntead of raise when checking pathJob van der Voort2014-08-271-1/+1
| |
* | set LD_LIBRARY_PATH for Kernel::execLars Sjöström2014-03-261-1/+1
| |
* | Explain why GitlabShell#exec_cmd has no testsJacob Vosmaer2014-03-121-0/+1
| |
* | Fix typo in Kernel::exec optionsJacob Vosmaer2014-03-121-1/+1
| |
* | Restrict env variables passed to git-xxx-packJacob Vosmaer2014-03-071-2/+2
| |
* | Merge branch 'remove_open3' of /home/git/repositories/gitlab/gitlab-shellDmitriy Zaporozhets2013-11-211-1/+0
|\ \
| * | Remove unused open3 dependencyJacob Vosmaer2013-11-191-1/+0
| | |
* | | Fix relative path detection for ssh://host:port/repo.gitDmitriy Zaporozhets2013-11-201-1/+3
|/ / | | | | | | Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
* | Escape repository pathDmitriy Zaporozhets2013-11-131-1/+9
| | | | | | | | Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
* | Version up to 1.7.2v1.7.2Dmitriy Zaporozhets2013-10-311-1/+1
| |
View Lorry Controller Status