Commit 4e1757bfda0530238e3ab4208b47789e196d5602
Exists in
master
and in
4 other branches
Merge branch 'gitlab-shell' of dev.gitlabhq.com:gitlab/gitlabhq
Showing
42 changed files
with
253 additions
and
719 deletions
Show diff stats
Gemfile
| ... | ... | @@ -32,9 +32,6 @@ gem 'gitlab_omniauth-ldap', '1.0.2', require: "omniauth-ldap" |
| 32 | 32 | # Dump db to yml file. Mostly used to migrate from sqlite to mysql |
| 33 | 33 | gem 'gitlab_yaml_db', '1.0.0', require: "yaml_db" |
| 34 | 34 | |
| 35 | -# Gitolite client (for work with gitolite-admin repo) | |
| 36 | -gem "gitolite", '1.1.0' | |
| 37 | - | |
| 38 | 35 | # Syntax highlighter |
| 39 | 36 | gem "pygments.rb", git: "https://github.com/gitlabhq/pygments.rb.git", branch: "master" |
| 40 | 37 | ... | ... |
Gemfile.lock
| ... | ... | @@ -107,7 +107,6 @@ GEM |
| 107 | 107 | coderay (>= 1.0.0) |
| 108 | 108 | erubis (>= 2.7.0) |
| 109 | 109 | binding_of_caller (0.6.8) |
| 110 | - blankslate (3.1.2) | |
| 111 | 110 | bootstrap-sass (2.2.1.1) |
| 112 | 111 | sass (~> 3.2) |
| 113 | 112 | builder (3.0.4) |
| ... | ... | @@ -195,10 +194,6 @@ GEM |
| 195 | 194 | pyu-ruby-sasl (~> 0.0.3.1) |
| 196 | 195 | rubyntlm (~> 0.1.1) |
| 197 | 196 | gitlab_yaml_db (1.0.0) |
| 198 | - gitolite (1.1.0) | |
| 199 | - gratr19 (~> 0.4.4.1) | |
| 200 | - grit (~> 2.5.0) | |
| 201 | - hashery (~> 1.5.0) | |
| 202 | 197 | grape (0.2.2) |
| 203 | 198 | activesupport |
| 204 | 199 | hashie (~> 1.2) |
| ... | ... | @@ -208,7 +203,6 @@ GEM |
| 208 | 203 | rack-accept |
| 209 | 204 | rack-mount |
| 210 | 205 | virtus |
| 211 | - gratr19 (0.4.4.1) | |
| 212 | 206 | growl (1.0.3) |
| 213 | 207 | guard (1.5.4) |
| 214 | 208 | listen (>= 0.4.2) |
| ... | ... | @@ -227,8 +221,6 @@ GEM |
| 227 | 221 | activesupport (>= 3.1, < 4.1) |
| 228 | 222 | haml (~> 3.1) |
| 229 | 223 | railties (>= 3.1, < 4.1) |
| 230 | - hashery (1.5.0) | |
| 231 | - blankslate | |
| 232 | 224 | hashie (1.2.0) |
| 233 | 225 | hike (1.2.1) |
| 234 | 226 | http_parser.rb (0.5.3) |
| ... | ... | @@ -497,7 +489,6 @@ DEPENDENCIES |
| 497 | 489 | gitlab_meta (= 4.0) |
| 498 | 490 | gitlab_omniauth-ldap (= 1.0.2) |
| 499 | 491 | gitlab_yaml_db (= 1.0.0) |
| 500 | - gitolite (= 1.1.0) | |
| 501 | 492 | grack! |
| 502 | 493 | grape (~> 0.2.1) |
| 503 | 494 | grit! | ... | ... |
app/controllers/application_controller.rb
| ... | ... | @@ -10,11 +10,6 @@ class ApplicationController < ActionController::Base |
| 10 | 10 | |
| 11 | 11 | helper_method :abilities, :can? |
| 12 | 12 | |
| 13 | - rescue_from Gitlab::Gitolite::AccessDenied do |exception| | |
| 14 | - log_exception(exception) | |
| 15 | - render "errors/gitolite", layout: "errors", status: 500 | |
| 16 | - end | |
| 17 | - | |
| 18 | 13 | rescue_from Encoding::CompatibilityError do |exception| |
| 19 | 14 | log_exception(exception) |
| 20 | 15 | render "errors/encoding", layout: "errors", status: 500 | ... | ... |
app/models/key.rb
| ... | ... | @@ -24,8 +24,8 @@ class Key < ActiveRecord::Base |
| 24 | 24 | before_save :set_identifier |
| 25 | 25 | |
| 26 | 26 | validates :title, presence: true, length: { within: 0..255 } |
| 27 | - validates :key, presence: true, length: { within: 0..5000 }, format: { :with => /ssh-.{3} / } | |
| 28 | - validate :unique_key, :fingerprintable_key | |
| 27 | + validates :key, presence: true, length: { within: 0..5000 }, format: { :with => /ssh-.{3} / }, uniqueness: true | |
| 28 | + validate :fingerprintable_key | |
| 29 | 29 | |
| 30 | 30 | delegate :name, :email, to: :user, prefix: true |
| 31 | 31 | |
| ... | ... | @@ -33,14 +33,6 @@ class Key < ActiveRecord::Base |
| 33 | 33 | self.key = self.key.strip unless self.key.blank? |
| 34 | 34 | end |
| 35 | 35 | |
| 36 | - def unique_key | |
| 37 | - query = Key.where(key: key) | |
| 38 | - query = query.where('(project_id IS NULL OR project_id = ?)', project_id) if project_id | |
| 39 | - if (query.count > 0) | |
| 40 | - errors.add :key, 'already exist.' | |
| 41 | - end | |
| 42 | - end | |
| 43 | - | |
| 44 | 36 | def fingerprintable_key |
| 45 | 37 | return true unless key # Don't test if there is no key. |
| 46 | 38 | # `ssh-keygen -lf /dev/stdin <<< "#{key}"` errors with: redirection unexpected |
| ... | ... | @@ -65,7 +57,7 @@ class Key < ActiveRecord::Base |
| 65 | 57 | end |
| 66 | 58 | |
| 67 | 59 | def is_deploy_key |
| 68 | - true if project_id | |
| 60 | + !!project_id | |
| 69 | 61 | end |
| 70 | 62 | |
| 71 | 63 | # projects that has this key |
| ... | ... | @@ -77,7 +69,7 @@ class Key < ActiveRecord::Base |
| 77 | 69 | end |
| 78 | 70 | end |
| 79 | 71 | |
| 80 | - def last_deploy? | |
| 81 | - Key.where(identifier: identifier).count == 0 | |
| 72 | + def shell_id | |
| 73 | + "key-#{self.id}" | |
| 82 | 74 | end |
| 83 | 75 | end | ... | ... |
app/models/namespace.rb
| ... | ... | @@ -27,7 +27,6 @@ class Namespace < ActiveRecord::Base |
| 27 | 27 | |
| 28 | 28 | after_create :ensure_dir_exist |
| 29 | 29 | after_update :move_dir |
| 30 | - after_commit :update_gitolite, on: :update, if: :require_update_gitolite | |
| 31 | 30 | after_destroy :rm_dir |
| 32 | 31 | |
| 33 | 32 | scope :root, where('type IS NULL') |
| ... | ... | @@ -89,11 +88,6 @@ class Namespace < ActiveRecord::Base |
| 89 | 88 | end |
| 90 | 89 | end |
| 91 | 90 | |
| 92 | - def update_gitolite | |
| 93 | - @require_update_gitolite = false | |
| 94 | - projects.each(&:update_repository) | |
| 95 | - end | |
| 96 | - | |
| 97 | 91 | def rm_dir |
| 98 | 92 | dir_path = File.join(Gitlab.config.gitolite.repos_path, path) |
| 99 | 93 | FileUtils.rm_r( dir_path, force: true ) | ... | ... |
app/models/project.rb
| ... | ... | @@ -262,8 +262,6 @@ class Project < ActiveRecord::Base |
| 262 | 262 | |
| 263 | 263 | Gitlab::ProjectMover.new(self, old_dir, new_dir).execute |
| 264 | 264 | |
| 265 | - gitolite.move_repository(old_repo, self) | |
| 266 | - | |
| 267 | 265 | save! |
| 268 | 266 | end |
| 269 | 267 | rescue Gitlab::ProjectMover::ProjectMoveError => ex |
| ... | ... | @@ -459,20 +457,6 @@ class Project < ActiveRecord::Base |
| 459 | 457 | namespace.try(:path) || '' |
| 460 | 458 | end |
| 461 | 459 | |
| 462 | - def update_repository | |
| 463 | - GitoliteWorker.perform_async( | |
| 464 | - :update_repository, | |
| 465 | - self.id | |
| 466 | - ) | |
| 467 | - end | |
| 468 | - | |
| 469 | - def destroy_repository | |
| 470 | - GitoliteWorker.perform_async( | |
| 471 | - :remove_repository, | |
| 472 | - self.path_with_namespace | |
| 473 | - ) | |
| 474 | - end | |
| 475 | - | |
| 476 | 460 | def repo_exists? |
| 477 | 461 | @repo_exists ||= (repository && repository.branches.present?) |
| 478 | 462 | rescue | ... | ... |
app/models/project_team.rb
app/models/protected_branch.rb
| ... | ... | @@ -18,13 +18,6 @@ class ProtectedBranch < ActiveRecord::Base |
| 18 | 18 | validates :name, presence: true |
| 19 | 19 | validates :project, presence: true |
| 20 | 20 | |
| 21 | - after_save :update_repository | |
| 22 | - after_destroy :update_repository | |
| 23 | - | |
| 24 | - def update_repository | |
| 25 | - project.update_repository | |
| 26 | - end | |
| 27 | - | |
| 28 | 21 | def commit |
| 29 | 22 | project.repository.commit(self.name) |
| 30 | 23 | end | ... | ... |
app/models/users_project.rb
| ... | ... | @@ -25,9 +25,6 @@ class UsersProject < ActiveRecord::Base |
| 25 | 25 | |
| 26 | 26 | attr_accessor :skip_git |
| 27 | 27 | |
| 28 | - after_save :update_repository, unless: :skip_git? | |
| 29 | - after_destroy :update_repository, unless: :skip_git? | |
| 30 | - | |
| 31 | 28 | validates :user, presence: true |
| 32 | 29 | validates :user_id, uniqueness: { scope: [:project_id], message: "already exists in project" } |
| 33 | 30 | validates :project_access, inclusion: { in: [GUEST, REPORTER, DEVELOPER, MASTER] }, presence: true |
| ... | ... | @@ -84,11 +81,6 @@ class UsersProject < ActiveRecord::Base |
| 84 | 81 | end |
| 85 | 82 | end |
| 86 | 83 | |
| 87 | - GitoliteWorker.perform_async( | |
| 88 | - :update_repositories, | |
| 89 | - project_ids | |
| 90 | - ) | |
| 91 | - | |
| 92 | 84 | true |
| 93 | 85 | rescue |
| 94 | 86 | false |
| ... | ... | @@ -103,11 +95,6 @@ class UsersProject < ActiveRecord::Base |
| 103 | 95 | end |
| 104 | 96 | end |
| 105 | 97 | |
| 106 | - GitoliteWorker.perform_async( | |
| 107 | - :update_repositories, | |
| 108 | - project_ids | |
| 109 | - ) | |
| 110 | - | |
| 111 | 98 | true |
| 112 | 99 | rescue |
| 113 | 100 | false |
| ... | ... | @@ -136,10 +123,6 @@ class UsersProject < ActiveRecord::Base |
| 136 | 123 | end |
| 137 | 124 | end |
| 138 | 125 | |
| 139 | - def update_repository | |
| 140 | - project.update_repository | |
| 141 | - end | |
| 142 | - | |
| 143 | 126 | def project_access_human |
| 144 | 127 | Project.access_options.key(self.project_access) |
| 145 | 128 | end | ... | ... |
app/observers/key_observer.rb
| ... | ... | @@ -3,20 +3,17 @@ class KeyObserver < ActiveRecord::Observer |
| 3 | 3 | |
| 4 | 4 | def after_save(key) |
| 5 | 5 | GitoliteWorker.perform_async( |
| 6 | - :set_key, | |
| 7 | - key.identifier, | |
| 8 | - key.key, | |
| 9 | - key.projects.map(&:id) | |
| 6 | + :add_key, | |
| 7 | + key.shell_id, | |
| 8 | + key.key | |
| 10 | 9 | ) |
| 11 | 10 | end |
| 12 | 11 | |
| 13 | 12 | def after_destroy(key) |
| 14 | - return if key.is_deploy_key && !key.last_deploy? | |
| 15 | - | |
| 16 | 13 | GitoliteWorker.perform_async( |
| 17 | 14 | :remove_key, |
| 18 | - key.identifier, | |
| 19 | - key.projects.map(&:id) | |
| 15 | + key.shell_id, | |
| 16 | + key.key, | |
| 20 | 17 | ) |
| 21 | 18 | end |
| 22 | 19 | end | ... | ... |
app/observers/project_observer.rb
| 1 | 1 | class ProjectObserver < ActiveRecord::Observer |
| 2 | 2 | def after_create(project) |
| 3 | - project.update_repository | |
| 3 | + GitoliteWorker.perform_async( | |
| 4 | + :add_repository, | |
| 5 | + project.path_with_namespace | |
| 6 | + ) | |
| 7 | + | |
| 8 | + log_info("#{project.owner.name} created a new project \"#{project.name_with_namespace}\"") | |
| 4 | 9 | end |
| 5 | 10 | |
| 6 | 11 | def after_update(project) |
| ... | ... | @@ -8,14 +13,14 @@ class ProjectObserver < ActiveRecord::Observer |
| 8 | 13 | end |
| 9 | 14 | |
| 10 | 15 | def after_destroy(project) |
| 11 | - log_info("Project \"#{project.name}\" was removed") | |
| 16 | + GitoliteWorker.perform_async( | |
| 17 | + :remove_repository, | |
| 18 | + project.path_with_namespace | |
| 19 | + ) | |
| 12 | 20 | |
| 13 | 21 | project.satellite.destroy |
| 14 | - project.destroy_repository | |
| 15 | - end | |
| 16 | 22 | |
| 17 | - def after_create project | |
| 18 | - log_info("#{project.owner.name} created a new project \"#{project.name_with_namespace}\"") | |
| 23 | + log_info("Project \"#{project.name}\" was removed") | |
| 19 | 24 | end |
| 20 | 25 | |
| 21 | 26 | protected | ... | ... |
app/workers/post_receive.rb
| ... | ... | @@ -27,11 +27,15 @@ class PostReceive |
| 27 | 27 | User.find_by_email(email) if email |
| 28 | 28 | elsif /^[A-Z0-9._%a-z\-]+@(?:[A-Z0-9a-z\-]+\.)+[A-Za-z]{2,4}$/.match(identifier) |
| 29 | 29 | User.find_by_email(identifier) |
| 30 | - else | |
| 31 | - Key.find_by_identifier(identifier).try(:user) | |
| 30 | + elsif identifier =~ /key/ | |
| 31 | + key_id = identifier.gsub("key-", "") | |
| 32 | + Key.find_by_id(key_id).try(:user) | |
| 32 | 33 | end |
| 33 | 34 | |
| 34 | - return false unless user | |
| 35 | + unless user | |
| 36 | + Gitlab::GitLogger.error("POST-RECEIVE: Triggered hook for non-existing user \"#{identifier} \"") | |
| 37 | + return false | |
| 38 | + end | |
| 35 | 39 | |
| 36 | 40 | project.trigger_post_receive(oldrev, newrev, ref, user) |
| 37 | 41 | end | ... | ... |
config/gitlab.yml.example
| ... | ... | @@ -96,7 +96,7 @@ omniauth: |
| 96 | 96 | # GitLab Satellites |
| 97 | 97 | satellites: |
| 98 | 98 | # Relative paths are relative to Rails.root (default: tmp/repo_satellites/) |
| 99 | - path: /home/gitlab/gitlab-satellites/ | |
| 99 | + path: /home/git/gitlab-satellites/ | |
| 100 | 100 | |
| 101 | 101 | ## Backup settings |
| 102 | 102 | backup: |
| ... | ... | @@ -105,8 +105,6 @@ backup: |
| 105 | 105 | |
| 106 | 106 | ## Gitolite settings |
| 107 | 107 | gitolite: |
| 108 | - admin_uri: git@localhost:gitolite-admin | |
| 109 | - | |
| 110 | 108 | # REPOS_PATH MUST NOT BE A SYMLINK!!! |
| 111 | 109 | repos_path: /home/git/repositories/ |
| 112 | 110 | hooks_path: /home/git/.gitolite/hooks/ | ... | ... |
config/initializers/1_settings.rb
| ... | ... | @@ -51,7 +51,7 @@ Settings.gitlab['protocol'] ||= Settings.gitlab.https ? "https" : "http" |
| 51 | 51 | Settings.gitlab['email_from'] ||= "gitlab@#{Settings.gitlab.host}" |
| 52 | 52 | Settings.gitlab['support_email'] ||= Settings.gitlab.email_from |
| 53 | 53 | Settings.gitlab['url'] ||= Settings.send(:build_gitlab_url) |
| 54 | -Settings.gitlab['user'] ||= 'gitlab' | |
| 54 | +Settings.gitlab['user'] ||= 'git' | |
| 55 | 55 | Settings.gitlab['signup_enabled'] ||= false |
| 56 | 56 | |
| 57 | 57 | Settings['gravatar'] ||= Settingslogic.new({}) | ... | ... |
config/initializers/5_backend.rb
config/unicorn.rb.example
doc/install/installation.md
| ... | ... | @@ -90,87 +90,27 @@ Install the Bundler Gem: |
| 90 | 90 | |
| 91 | 91 | # 3. System Users |
| 92 | 92 | |
| 93 | -Create a user for Git and Gitolite: | |
| 93 | +Create a `git` user for Gitlab: | |
| 94 | 94 | |
| 95 | - sudo adduser \ | |
| 96 | - --system \ | |
| 97 | - --shell /bin/sh \ | |
| 98 | - --gecos 'Git Version Control' \ | |
| 99 | - --group \ | |
| 100 | - --disabled-password \ | |
| 101 | - --home /home/git \ | |
| 102 | - git | |
| 95 | + sudo adduser --disabled-login --gecos 'GitLab' git | |
| 103 | 96 | |
| 104 | -Create a user for GitLab: | |
| 97 | +# 4. GitLab shell | |
| 105 | 98 | |
| 106 | - sudo adduser --disabled-login --gecos 'GitLab' gitlab | |
| 107 | - | |
| 108 | - # Add it to the git group | |
| 109 | - sudo usermod -a -G git gitlab | |
| 110 | - | |
| 111 | - # Generate the SSH key | |
| 112 | - sudo -u gitlab -H ssh-keygen -q -N '' -t rsa -f /home/gitlab/.ssh/id_rsa | |
| 113 | - | |
| 114 | - | |
| 115 | -# 4. Gitolite | |
| 116 | - | |
| 117 | -Clone GitLab's fork of the Gitolite source code: | |
| 99 | + # login as git | |
| 100 | + sudo su git | |
| 118 | 101 | |
| 102 | + # go to home directory | |
| 119 | 103 | cd /home/git |
| 120 | - sudo -u git -H git clone -b gl-v320 https://github.com/gitlabhq/gitolite.git /home/git/gitolite | |
| 121 | - | |
| 122 | -Setup Gitolite with GitLab as its admin: | |
| 123 | - | |
| 124 | -**Important Note:** | |
| 125 | -GitLab assumes *full and unshared* control over this Gitolite installation. | |
| 126 | - | |
| 127 | - # Add Gitolite scripts to $PATH | |
| 128 | - sudo -u git -H mkdir /home/git/bin | |
| 129 | - sudo -u git -H sh -c 'printf "%b\n%b\n" "PATH=\$PATH:/home/git/bin" "export PATH" >> /home/git/.profile' | |
| 130 | - sudo -u git -H sh -c 'gitolite/install -ln /home/git/bin' | |
| 131 | - | |
| 132 | - # Copy the gitlab user's (public) SSH key ... | |
| 133 | - sudo cp /home/gitlab/.ssh/id_rsa.pub /home/git/gitlab.pub | |
| 134 | - sudo chmod 0444 /home/git/gitlab.pub | |
| 135 | - | |
| 136 | - # ... and use it as the admin key for the Gitolite setup | |
| 137 | - sudo -u git -H sh -c "PATH=/home/git/bin:$PATH; gitolite setup -pk /home/git/gitlab.pub" | |
| 138 | - | |
| 139 | -Fix the directory permissions for the configuration directory: | |
| 140 | - | |
| 141 | - # Make sure the Gitolite config dir is owned by git | |
| 142 | - sudo chmod 750 /home/git/.gitolite/ | |
| 143 | - sudo chown -R git:git /home/git/.gitolite/ | |
| 144 | 104 | |
| 145 | -Fix the directory permissions for the repositories: | |
| 105 | + # clone gitlab shell | |
| 106 | + git clone https://dzaporozhets@dev.gitlab.org/gitlab/gitlab-shell.git | |
| 146 | 107 | |
| 147 | - # Make sure the repositories dir is owned by git and it stays that way | |
| 148 | - sudo chmod -R ug+rwX,o-rwx /home/git/repositories/ | |
| 149 | - sudo chown -R git:git /home/git/repositories/ | |
| 150 | - find /home/git/repositories -type d -print0 | sudo xargs -0 chmod g+s | |
| 108 | + # setup | |
| 109 | + cd gitlab-shell | |
| 110 | + cp config.yml.example config.yml | |
| 111 | + ./bin/install | |
| 151 | 112 | |
| 152 | 113 | |
| 153 | -## Add domains to list to the list of known hosts | |
| 154 | - | |
| 155 | - sudo -u gitlab -H ssh git@localhost | |
| 156 | - sudo -u gitlab -H ssh git@YOUR_DOMAIN_NAME | |
| 157 | - sudo -u gitlab -H ssh git@YOUR_GITOLITE_DOMAIN_NAME | |
| 158 | - | |
| 159 | - | |
| 160 | -## Test if everything works so far | |
| 161 | - | |
| 162 | - # Clone the admin repo so SSH adds localhost to known_hosts ... | |
| 163 | - # ... and to be sure your users have access to Gitolite | |
| 164 | - sudo -u gitlab -H git clone git@localhost:gitolite-admin.git /tmp/gitolite-admin | |
| 165 | - | |
| 166 | - # If it succeeded without errors you can remove the cloned repo | |
| 167 | - sudo rm -rf /tmp/gitolite-admin | |
| 168 | - | |
| 169 | -**Important Note:** | |
| 170 | -If you can't clone the `gitolite-admin` repository: **DO NOT PROCEED WITH INSTALLATION**! | |
| 171 | -Check the [Trouble Shooting Guide](https://github.com/gitlabhq/gitlab-public-wiki/wiki/Trouble-Shooting-Guide) | |
| 172 | -and make sure you have followed all of the above steps carefully. | |
| 173 | - | |
| 174 | 114 | |
| 175 | 115 | # 5. Database |
| 176 | 116 | |
| ... | ... | @@ -179,46 +119,46 @@ To setup the MySQL/PostgreSQL database and dependencies please see [`doc/install |
| 179 | 119 | |
| 180 | 120 | # 6. GitLab |
| 181 | 121 | |
| 182 | - # We'll install GitLab into home directory of the user "gitlab" | |
| 183 | - cd /home/gitlab | |
| 122 | + # We'll install GitLab into home directory of the user "git" | |
| 123 | + cd /home/git | |
| 184 | 124 | |
| 185 | 125 | ## Clone the Source |
| 186 | 126 | |
| 187 | 127 | # Clone GitLab repository |
| 188 | - sudo -u gitlab -H git clone https://github.com/gitlabhq/gitlabhq.git gitlab | |
| 128 | + sudo -u git -H git clone https://github.com/gitlabhq/gitlabhq.git gitlab | |
| 189 | 129 | |
| 190 | 130 | # Go to gitlab dir |
| 191 | - cd /home/gitlab/gitlab | |
| 131 | + cd /home/git/gitlab | |
| 192 | 132 | |
| 193 | 133 | # Checkout to stable release |
| 194 | - sudo -u gitlab -H git checkout 4-1-stable | |
| 134 | + sudo -u git -H git checkout 5-0-stable | |
| 195 | 135 | |
| 196 | 136 | **Note:** |
| 197 | -You can change `4-1-stable` to `master` if you want the *bleeding edge* version, but | |
| 137 | +You can change `5-0-stable` to `master` if you want the *bleeding edge* version, but | |
| 198 | 138 | do so with caution! |
| 199 | 139 | |
| 200 | 140 | ## Configure it |
| 201 | 141 | |
| 202 | - cd /home/gitlab/gitlab | |
| 142 | + cd /home/git/gitlab | |
| 203 | 143 | |
| 204 | 144 | # Copy the example GitLab config |
| 205 | - sudo -u gitlab -H cp config/gitlab.yml.example config/gitlab.yml | |
| 145 | + sudo -u git -H cp config/gitlab.yml.example config/gitlab.yml | |
| 206 | 146 | |
| 207 | 147 | # Make sure to change "localhost" to the fully-qualified domain name of your |
| 208 | 148 | # host serving GitLab where necessary |
| 209 | - sudo -u gitlab -H vim config/gitlab.yml | |
| 149 | + sudo -u git -H vim config/gitlab.yml | |
| 210 | 150 | |
| 211 | 151 | # Make sure GitLab can write to the log/ and tmp/ directories |
| 212 | - sudo chown -R gitlab log/ | |
| 213 | - sudo chown -R gitlab tmp/ | |
| 152 | + sudo chown -R git log/ | |
| 153 | + sudo chown -R git tmp/ | |
| 214 | 154 | sudo chmod -R u+rwX log/ |
| 215 | 155 | sudo chmod -R u+rwX tmp/ |
| 216 | 156 | |
| 217 | 157 | # Make directory for satellites |
| 218 | - sudo -u gitlab -H mkdir /home/gitlab/gitlab-satellites | |
| 158 | + sudo -u git -H mkdir /home/git/gitlab-satellites | |
| 219 | 159 | |
| 220 | 160 | # Copy the example Unicorn config |
| 221 | - sudo -u gitlab -H cp config/unicorn.rb.example config/unicorn.rb | |
| 161 | + sudo -u git -H cp config/unicorn.rb.example config/unicorn.rb | |
| 222 | 162 | |
| 223 | 163 | **Important Note:** |
| 224 | 164 | Make sure to edit both files to match your setup. |
| ... | ... | @@ -226,42 +166,29 @@ Make sure to edit both files to match your setup. |
| 226 | 166 | ## Configure GitLab DB settings |
| 227 | 167 | |
| 228 | 168 | # Mysql |
| 229 | - sudo -u gitlab cp config/database.yml.mysql config/database.yml | |
| 169 | + sudo -u git cp config/database.yml.mysql config/database.yml | |
| 230 | 170 | |
| 231 | 171 | # PostgreSQL |
| 232 | - sudo -u gitlab cp config/database.yml.postgresql config/database.yml | |
| 172 | + sudo -u git cp config/database.yml.postgresql config/database.yml | |
| 233 | 173 | |
| 234 | 174 | Make sure to update username/password in config/database.yml. |
| 235 | 175 | |
| 236 | 176 | ## Install Gems |
| 237 | 177 | |
| 238 | - cd /home/gitlab/gitlab | |
| 178 | + cd /home/git/gitlab | |
| 239 | 179 | |
| 240 | 180 | sudo gem install charlock_holmes --version '0.6.9' |
| 241 | 181 | |
| 242 | 182 | # For MySQL (note, the option says "without") |
| 243 | - sudo -u gitlab -H bundle install --deployment --without development test postgres | |
| 183 | + sudo -u git -H bundle install --deployment --without development test postgres | |
| 244 | 184 | |
| 245 | 185 | # Or for PostgreSQL |
| 246 | - sudo -u gitlab -H bundle install --deployment --without development test mysql | |
| 247 | - | |
| 248 | -## Configure Git | |
| 249 | - | |
| 250 | -GitLab needs to be able to commit and push changes to Gitolite. In order to do | |
| 251 | -that Git requires a username and email. (We recommend using the same address | |
| 252 | -used for the `email.from` setting in `config/gitlab.yml`) | |
| 253 | - | |
| 254 | - sudo -u gitlab -H git config --global user.name "GitLab" | |
| 255 | - sudo -u gitlab -H git config --global user.email "gitlab@localhost" | |
| 256 | - | |
| 257 | -## Setup GitLab Hooks | |
| 186 | + sudo -u git -H bundle install --deployment --without development test mysql | |
| 258 | 187 | |
| 259 | - sudo cp ./lib/hooks/post-receive /home/git/.gitolite/hooks/common/post-receive | |
| 260 | - sudo chown git:git /home/git/.gitolite/hooks/common/post-receive | |
| 261 | 188 | |
| 262 | 189 | ## Initialise Database and Activate Advanced Features |
| 263 | 190 | |
| 264 | - sudo -u gitlab -H bundle exec rake gitlab:setup RAILS_ENV=production | |
| 191 | + sudo -u git -H bundle exec rake gitlab:setup RAILS_ENV=production | |
| 265 | 192 | |
| 266 | 193 | |
| 267 | 194 | ## Install Init Script |
| ... | ... | @@ -280,11 +207,11 @@ Make GitLab start on boot: |
| 280 | 207 | |
| 281 | 208 | Check if GitLab and its environment is configured correctly: |
| 282 | 209 | |
| 283 | - sudo -u gitlab -H bundle exec rake gitlab:env:info RAILS_ENV=production | |
| 210 | + sudo -u git -H bundle exec rake gitlab:env:info RAILS_ENV=production | |
| 284 | 211 | |
| 285 | 212 | To make sure you didn't miss anything run a more thorough check with: |
| 286 | 213 | |
| 287 | - sudo -u gitlab -H bundle exec rake gitlab:check RAILS_ENV=production | |
| 214 | + sudo -u git -H bundle exec rake gitlab:check RAILS_ENV=production | |
| 288 | 215 | |
| 289 | 216 | If all items are green, then congratulations on successfully installing GitLab! |
| 290 | 217 | However there are still a few steps left. |
| ... | ... | @@ -357,7 +284,7 @@ a different host, you can configure its connection string via the |
| 357 | 284 | |
| 358 | 285 | If you are running SSH on a non-standard port, you must change the gitlab user'S SSH config. |
| 359 | 286 | |
| 360 | - # Add to /home/gitlab/.ssh/config | |
| 287 | + # Add to /home/git/.ssh/config | |
| 361 | 288 | host localhost # Give your setup a name (here: override localhost) |
| 362 | 289 | user git # Your remote git user |
| 363 | 290 | port 2222 # Your port number | ... | ... |
doc/install/structure.md
| ... | ... | @@ -3,37 +3,23 @@ |
| 3 | 3 | This is the directory structure you will end up with following the instructions in the Installation Guide. |
| 4 | 4 | |
| 5 | 5 | |-- home |
| 6 | - | |-- gitlab | |
| 6 | + | |-- git | |
| 7 | 7 | | |-- .ssh |
| 8 | 8 | | |-- gitlab |
| 9 | 9 | | |-- gitlab-satellites |
| 10 | - | |-- git | |
| 11 | - | |-- .gitolite | |
| 12 | - | |-- .ssh | |
| 13 | - | |-- bin | |
| 14 | - | |-- gitolite | |
| 10 | + | |-- gitlab-shell | |
| 15 | 11 | | |-- repositories |
| 16 | 12 | |
| 17 | 13 | |
| 18 | -**/home/gitlab/.ssh** | |
| 19 | - Contains the Gitolite admin key GitLab uses to configure Gitolite. | |
| 14 | +**/home/git/.ssh** | |
| 20 | 15 | |
| 21 | -**/home/gitlab/gitlab** | |
| 16 | +**/home/git/gitlab** | |
| 22 | 17 | This is where GitLab lives. |
| 23 | 18 | |
| 24 | -**/home/gitlab/gitlab-satellites** | |
| 19 | +**/home/git/gitlab-satellites** | |
| 25 | 20 | Contains a copy of all repositories with a working tree. |
| 26 | 21 | It's used for merge requests, editing files, etc. |
| 27 | 22 | |
| 28 | -**/home/git/.ssh** | |
| 29 | - Contains the SSH access configuration managed by Gitolite. | |
| 30 | - | |
| 31 | -**/home/git/bin** | |
| 32 | - Contains Gitolite executables. | |
| 33 | - | |
| 34 | -**/home/git/gitolite** | |
| 35 | - This is where Gitolite lives. | |
| 36 | - | |
| 37 | 23 | **/home/git/repositories** |
| 38 | 24 | Holds all your repositories in bare format. |
| 39 | 25 | This is the place Git uses when you pull/push to your projects. | ... | ... |
features/support/env.rb
| ... | ... | @@ -9,17 +9,12 @@ require 'spinach/capybara' |
| 9 | 9 | require 'sidekiq/testing/inline' |
| 10 | 10 | |
| 11 | 11 | |
| 12 | -%w(gitolite_stub stubbed_repository valid_commit).each do |f| | |
| 12 | +%w(stubbed_repository valid_commit).each do |f| | |
| 13 | 13 | require Rails.root.join('spec', 'support', f) |
| 14 | 14 | end |
| 15 | 15 | |
| 16 | 16 | Dir["#{Rails.root}/features/steps/shared/*.rb"].each {|file| require file} |
| 17 | 17 | |
| 18 | -# | |
| 19 | -# Stub gitolite | |
| 20 | -# | |
| 21 | -include GitoliteStub | |
| 22 | - | |
| 23 | 18 | WebMock.allow_net_connect! |
| 24 | 19 | # |
| 25 | 20 | # JS driver |
| ... | ... | @@ -49,6 +44,4 @@ Spinach.hooks.before_run do |
| 49 | 44 | RSpec::Mocks::setup self |
| 50 | 45 | |
| 51 | 46 | include FactoryGirl::Syntax::Methods |
| 52 | - | |
| 53 | - stub_gitolite! | |
| 54 | 47 | end | ... | ... |
lib/api.rb
| ... | ... | @@ -0,0 +1,49 @@ |
| 1 | +module Gitlab | |
| 2 | + # Internal access API | |
| 3 | + class Internal < Grape::API | |
| 4 | + namespace 'internal' do | |
| 5 | + # | |
| 6 | + # Check if ssh key has access to project code | |
| 7 | + # | |
| 8 | + get "/allowed" do | |
| 9 | + key = Key.find(params[:key_id]) | |
| 10 | + project = Project.find_with_namespace(params[:project]) | |
| 11 | + git_cmd = params[:action] | |
| 12 | + | |
| 13 | + if key.is_deploy_key | |
| 14 | + project == key.project && git_cmd == 'git-upload-pack' | |
| 15 | + else | |
| 16 | + user = key.user | |
| 17 | + action = case git_cmd | |
| 18 | + when 'git-upload-pack' | |
| 19 | + then :download_code | |
| 20 | + when 'git-receive-pack' | |
| 21 | + then | |
| 22 | + if project.protected_branch?(params[:ref]) | |
| 23 | + :push_code_to_protected_branches | |
| 24 | + else | |
| 25 | + :push_code | |
| 26 | + end | |
| 27 | + end | |
| 28 | + | |
| 29 | + user.can?(action, project) | |
| 30 | + end | |
| 31 | + end | |
| 32 | + | |
| 33 | + # | |
| 34 | + # Discover user by ssh key | |
| 35 | + # | |
| 36 | + get "/discover" do | |
| 37 | + key = Key.find(params[:key_id]) | |
| 38 | + present key.user, with: Entities::User | |
| 39 | + end | |
| 40 | + | |
| 41 | + get "/check" do | |
| 42 | + { | |
| 43 | + api_version: '3' | |
| 44 | + } | |
| 45 | + end | |
| 46 | + end | |
| 47 | + end | |
| 48 | +end | |
| 49 | + | ... | ... |
lib/gitlab/backend/gitolite.rb
| ... | ... | @@ -1,90 +0,0 @@ |
| 1 | -require_relative 'gitolite_config' | |
| 2 | - | |
| 3 | -module Gitlab | |
| 4 | - class Gitolite | |
| 5 | - class AccessDenied < StandardError; end | |
| 6 | - | |
| 7 | - def config | |
| 8 | - Gitlab::GitoliteConfig.new | |
| 9 | - end | |
| 10 | - | |
| 11 | - # Update gitolite config with new key | |
| 12 | - # | |
| 13 | - # Ex. | |
| 14 | - # set_key("m_gitlab_com_12343", "sha-rsa ...", [2, 3, 6]) | |
| 15 | - # | |
| 16 | - def set_key(key_id, key_content, project_ids) | |
| 17 | - projects = Project.where(id: project_ids) | |
| 18 | - | |
| 19 | - config.apply do |config| | |
| 20 | - config.write_key(key_id, key_content) | |
| 21 | - config.update_projects(projects) | |
| 22 | - end | |
| 23 | - end | |
| 24 | - | |
| 25 | - # Remove ssh key from gitolite config | |
| 26 | - # | |
| 27 | - # Ex. | |
| 28 | - # remove_key("m_gitlab_com_12343", [2, 3, 6]) | |
| 29 | - # | |
| 30 | - def remove_key(key_id, project_ids) | |
| 31 | - projects = Project.where(id: project_ids) | |
| 32 | - | |
| 33 | - config.apply do |config| | |
| 34 | - config.rm_key(key_id) | |
| 35 | - config.update_projects(projects) | |
| 36 | - end | |
| 37 | - end | |
| 38 | - | |
| 39 | - # Update project config in gitolite by project id | |
| 40 | - # | |
| 41 | - # Ex. | |
| 42 | - # update_repository(23) | |
| 43 | - # | |
| 44 | - def update_repository(project_id) | |
| 45 | - project = Project.find(project_id) | |
| 46 | - config.update_project!(project) | |
| 47 | - end | |
| 48 | - | |
| 49 | - def move_repository(old_repo, project) | |
| 50 | - config.apply do |config| | |
| 51 | - config.clean_repo(old_repo) | |
| 52 | - config.update_project(project) | |
| 53 | - end | |
| 54 | - end | |
| 55 | - | |
| 56 | - # Remove repository from gitolite | |
| 57 | - # | |
| 58 | - # name - project path with namespace | |
| 59 | - # | |
| 60 | - # Ex. | |
| 61 | - # remove_repository("gitlab/gitlab-ci") | |
| 62 | - # | |
| 63 | - def remove_repository(name) | |
| 64 | - config.destroy_project!(name) | |
| 65 | - end | |
| 66 | - | |
| 67 | - # Update projects configs in gitolite by project ids | |
| 68 | - # | |
| 69 | - # Ex. | |
| 70 | - # update_repositories([1, 4, 6]) | |
| 71 | - # | |
| 72 | - def update_repositories(project_ids) | |
| 73 | - projects = Project.where(id: project_ids) | |
| 74 | - | |
| 75 | - config.apply do |config| | |
| 76 | - config.update_projects(projects) | |
| 77 | - end | |
| 78 | - end | |
| 79 | - | |
| 80 | - def url_to_repo path | |
| 81 | - Gitlab.config.gitolite.ssh_path_prefix + "#{path}.git" | |
| 82 | - end | |
| 83 | - | |
| 84 | - def enable_automerge | |
| 85 | - config.admin_all_repo! | |
| 86 | - end | |
| 87 | - | |
| 88 | - alias_method :create_repository, :update_repository | |
| 89 | - end | |
| 90 | -end |
lib/gitlab/backend/gitolite_config.rb
| ... | ... | @@ -1,241 +0,0 @@ |
| 1 | -require 'gitolite' | |
| 2 | -require 'timeout' | |
| 3 | -require 'fileutils' | |
| 4 | - | |
| 5 | -module Gitlab | |
| 6 | - class GitoliteConfig | |
| 7 | - include Gitlab::Popen | |
| 8 | - | |
| 9 | - class PullError < StandardError; end | |
| 10 | - class PushError < StandardError; end | |
| 11 | - class BrokenGitolite < StandardError; end | |
| 12 | - | |
| 13 | - attr_reader :config_tmp_dir, :tmp_dir, :ga_repo, :conf | |
| 14 | - | |
| 15 | - def initialize | |
| 16 | - @tmp_dir = Rails.root.join("tmp").to_s | |
| 17 | - @config_tmp_dir = File.join(@tmp_dir,"gitlabhq-gitolite-#{Time.now.to_i}") | |
| 18 | - end | |
| 19 | - | |
| 20 | - def ga_repo | |
| 21 | - @ga_repo ||= ::Gitolite::GitoliteAdmin.new( | |
| 22 | - File.join(config_tmp_dir,'gitolite'), | |
| 23 | - conf: Gitlab.config.gitolite.config_file | |
| 24 | - ) | |
| 25 | - end | |
| 26 | - | |
| 27 | - def apply | |
| 28 | - Timeout::timeout(30) do | |
| 29 | - File.open(File.join(tmp_dir, "gitlabhq-gitolite.lock"), "w+") do |f| | |
| 30 | - begin | |
| 31 | - # Set exclusive lock | |
| 32 | - # to prevent race condition | |
| 33 | - f.flock(File::LOCK_EX) | |
| 34 | - | |
| 35 | - # Pull gitolite-admin repo | |
| 36 | - # in tmp dir before do any changes | |
| 37 | - pull | |
| 38 | - | |
| 39 | - # Build ga_repo object and @conf | |
| 40 | - # to access gitolite-admin configuration | |
| 41 | - @conf = ga_repo.config | |
| 42 | - | |
| 43 | - # Do any changes | |
| 44 | - # in gitolite-admin | |
| 45 | - # config here | |
| 46 | - yield(self) | |
| 47 | - | |
| 48 | - # Save changes in | |
| 49 | - # gitolite-admin repo | |
| 50 | - # before push it | |
| 51 | - ga_repo.save | |
| 52 | - | |
| 53 | - # Push gitolite-admin repo | |
| 54 | - # to apply all changes | |
| 55 | - push | |
| 56 | - ensure | |
| 57 | - # Remove tmp dir | |
| 58 | - # removing the gitolite folder first is important to avoid | |
| 59 | - # NFS issues. | |
| 60 | - FileUtils.rm_rf(File.join(config_tmp_dir, 'gitolite')) | |
| 61 | - | |
| 62 | - # Remove parent tmp dir | |
| 63 | - FileUtils.rm_rf(config_tmp_dir) | |
| 64 | - | |
| 65 | - # Unlock so other task can access | |
| 66 | - # gitolite configuration | |
| 67 | - f.flock(File::LOCK_UN) | |
| 68 | - end | |
| 69 | - end | |
| 70 | - end | |
| 71 | - rescue PullError => ex | |
| 72 | - log("Pull error -> " + ex.message) | |
| 73 | - raise Gitolite::AccessDenied, ex.message | |
| 74 | - | |
| 75 | - rescue PushError => ex | |
| 76 | - log("Push error -> " + " " + ex.message) | |
| 77 | - raise Gitolite::AccessDenied, ex.message | |
| 78 | - | |
| 79 | - rescue BrokenGitolite => ex | |
| 80 | - log("Gitolite error -> " + " " + ex.message) | |
| 81 | - raise Gitolite::AccessDenied, ex.message | |
| 82 | - | |
| 83 | - rescue Exception => ex | |
| 84 | - log(ex.class.name + " " + ex.message) | |
| 85 | - raise Gitolite::AccessDenied.new("gitolite timeout") | |
| 86 | - end | |
| 87 | - | |
| 88 | - def log message | |
| 89 | - Gitlab::GitLogger.error(message) | |
| 90 | - end | |
| 91 | - | |
| 92 | - def path_to_repo(name) | |
| 93 | - File.join(Gitlab.config.gitolite.repos_path, "#{name}.git") | |
| 94 | - end | |
| 95 | - | |
| 96 | - def destroy_project(name) | |
| 97 | - full_path = path_to_repo(name) | |
| 98 | - FileUtils.rm_rf(full_path) if File.exists?(full_path) | |
| 99 | - conf.rm_repo(name) | |
| 100 | - end | |
| 101 | - | |
| 102 | - def clean_repo repo_name | |
| 103 | - conf.rm_repo(repo_name) | |
| 104 | - end | |
| 105 | - | |
| 106 | - def destroy_project!(project) | |
| 107 | - apply do |config| | |
| 108 | - config.destroy_project(project) | |
| 109 | - end | |
| 110 | - end | |
| 111 | - | |
| 112 | - def write_key(id, key) | |
| 113 | - File.open(File.join(config_tmp_dir, 'gitolite/keydir',"#{id}.pub"), 'w') do |f| | |
| 114 | - f.write(key.gsub(/\n/,'')) | |
| 115 | - end | |
| 116 | - end | |
| 117 | - | |
| 118 | - def rm_key(user) | |
| 119 | - key_path = File.join(config_tmp_dir, 'gitolite/keydir', "#{user}.pub") | |
| 120 | - ga_key = ::Gitolite::SSHKey.from_file(key_path) | |
| 121 | - ga_repo.rm_key(ga_key) | |
| 122 | - end | |
| 123 | - | |
| 124 | - # update or create | |
| 125 | - def update_project(project) | |
| 126 | - repo = update_project_config(project, conf) | |
| 127 | - conf.add_repo(repo, true) | |
| 128 | - end | |
| 129 | - | |
| 130 | - def update_project!( project) | |
| 131 | - apply do |config| | |
| 132 | - config.update_project(project) | |
| 133 | - end | |
| 134 | - end | |
| 135 | - | |
| 136 | - # Updates many projects and uses project.path_with_namespace as the repo path | |
| 137 | - # An order of magnitude faster than update_project | |
| 138 | - def update_projects(projects) | |
| 139 | - projects.each do |project| | |
| 140 | - repo = update_project_config(project, conf) | |
| 141 | - conf.add_repo(repo, true) | |
| 142 | - end | |
| 143 | - end | |
| 144 | - | |
| 145 | - def update_project_config(project, conf) | |
| 146 | - repo_name = project.path_with_namespace | |
| 147 | - | |
| 148 | - repo = if conf.has_repo?(repo_name) | |
| 149 | - conf.get_repo(repo_name) | |
| 150 | - else | |
| 151 | - ::Gitolite::Config::Repo.new(repo_name) | |
| 152 | - end | |
| 153 | - | |
| 154 | - name_readers = project.team.repository_readers | |
| 155 | - name_writers = project.team.repository_writers | |
| 156 | - name_masters = project.team.repository_masters | |
| 157 | - | |
| 158 | - pr_br = project.protected_branches.map(&:name).join("$ ") | |
| 159 | - | |
| 160 | - repo.clean_permissions | |
| 161 | - | |
| 162 | - # Deny access to protected branches for writers | |
| 163 | - unless name_writers.blank? || pr_br.blank? | |
| 164 | - repo.add_permission("-", pr_br.strip + "$ ", name_writers) | |
| 165 | - end | |
| 166 | - | |
| 167 | - # Add read permissions | |
| 168 | - repo.add_permission("R", "", name_readers) unless name_readers.blank? | |
| 169 | - | |
| 170 | - # Add write permissions | |
| 171 | - repo.add_permission("RW+", "", name_writers) unless name_writers.blank? | |
| 172 | - repo.add_permission("RW+", "", name_masters) unless name_masters.blank? | |
| 173 | - | |
| 174 | - # Add sharedRepository config | |
| 175 | - repo.set_git_config("core.sharedRepository", "0660") | |
| 176 | - | |
| 177 | - repo | |
| 178 | - end | |
| 179 | - | |
| 180 | - # Enable access to all repos for gitolite admin. | |
| 181 | - # We use it for accept merge request feature | |
| 182 | - def admin_all_repo | |
| 183 | - owner_name = Gitlab.config.gitolite.admin_key | |
| 184 | - | |
| 185 | - # @ALL repos premission for gitolite owner | |
| 186 | - repo_name = "@all" | |
| 187 | - repo = if conf.has_repo?(repo_name) | |
| 188 | - conf.get_repo(repo_name) | |
| 189 | - else | |
| 190 | - ::Gitolite::Config::Repo.new(repo_name) | |
| 191 | - end | |
| 192 | - | |
| 193 | - repo.add_permission("RW+", "", owner_name) | |
| 194 | - conf.add_repo(repo, true) | |
| 195 | - end | |
| 196 | - | |
| 197 | - def admin_all_repo! | |
| 198 | - apply { |config| config.admin_all_repo } | |
| 199 | - end | |
| 200 | - | |
| 201 | - private | |
| 202 | - | |
| 203 | - def pull | |
| 204 | - # Create config tmp dir like "RAILS_ROOT/tmp/gitlabhq-gitolite-132545" | |
| 205 | - Dir.mkdir config_tmp_dir | |
| 206 | - | |
| 207 | - # Clone gitolite-admin repo into tmp dir | |
| 208 | - popen("git clone #{Gitlab.config.gitolite.admin_uri} #{config_tmp_dir}/gitolite", tmp_dir) | |
| 209 | - | |
| 210 | - # Ensure file with config presents after cloning | |
| 211 | - unless File.exists?(File.join(config_tmp_dir, 'gitolite', 'conf', 'gitolite.conf')) | |
| 212 | - raise PullError, "unable to clone gitolite-admin repo" | |
| 213 | - end | |
| 214 | - end | |
| 215 | - | |
| 216 | - def push | |
| 217 | - output, status = popen('git add -A', tmp_conf_path) | |
| 218 | - raise "Git add failed." unless status.zero? | |
| 219 | - | |
| 220 | - # git commit returns 0 on success, and 1 if there is nothing to commit | |
| 221 | - output, status = popen('git commit -m "GitLab"', tmp_conf_path) | |
| 222 | - raise "Git add failed." unless [0,1].include?(status) | |
| 223 | - | |
| 224 | - output, status = popen('git push', tmp_conf_path) | |
| 225 | - | |
| 226 | - if output =~ /remote\: FATAL/ | |
| 227 | - raise BrokenGitolite, output | |
| 228 | - end | |
| 229 | - | |
| 230 | - if status.zero? || output =~ /Everything up\-to\-date/ | |
| 231 | - return true | |
| 232 | - else | |
| 233 | - raise PushError, "unable to push gitolite-admin repo" | |
| 234 | - end | |
| 235 | - end | |
| 236 | - | |
| 237 | - def tmp_conf_path | |
| 238 | - File.join(config_tmp_dir,'gitolite') | |
| 239 | - end | |
| 240 | - end | |
| 241 | -end |
| ... | ... | @@ -0,0 +1,50 @@ |
| 1 | +module Gitlab | |
| 2 | + class Shell | |
| 3 | + class AccessDenied < StandardError; end | |
| 4 | + | |
| 5 | + # Init new repository | |
| 6 | + # | |
| 7 | + # name - project path with namespace | |
| 8 | + # | |
| 9 | + # Ex. | |
| 10 | + # add_repository("gitlab/gitlab-ci") | |
| 11 | + # | |
| 12 | + def add_repository(name) | |
| 13 | + system("/home/git/gitlab-shell/bin/gitlab-projects add-project #{name}.git") | |
| 14 | + end | |
| 15 | + | |
| 16 | + # Remove repository from file system | |
| 17 | + # | |
| 18 | + # name - project path with namespace | |
| 19 | + # | |
| 20 | + # Ex. | |
| 21 | + # remove_repository("gitlab/gitlab-ci") | |
| 22 | + # | |
| 23 | + def remove_repository(name) | |
| 24 | + system("/home/git/gitlab-shell/bin/gitlab-projects rm-project #{name}.git") | |
| 25 | + end | |
| 26 | + | |
| 27 | + # Add new key to gitlab-shell | |
| 28 | + # | |
| 29 | + # Ex. | |
| 30 | + # add_key("key-42", "sha-rsa ...") | |
| 31 | + # | |
| 32 | + def add_key(key_id, key_content) | |
| 33 | + system("/home/git/gitlab-shell/bin/gitlab-keys add-key #{key_id} \"#{key_content}\"") | |
| 34 | + end | |
| 35 | + | |
| 36 | + # Remove ssh key from gitlab shell | |
| 37 | + # | |
| 38 | + # Ex. | |
| 39 | + # remove_key("key-342", "sha-rsa ...") | |
| 40 | + # | |
| 41 | + def remove_key(key_id, key_content) | |
| 42 | + system("/home/git/gitlab-shell/bin/gitlab-keys rm-key #{key_id} \"#{key_content}\"") | |
| 43 | + end | |
| 44 | + | |
| 45 | + | |
| 46 | + def url_to_repo path | |
| 47 | + Gitlab.config.gitolite.ssh_path_prefix + "#{path}.git" | |
| 48 | + end | |
| 49 | + end | |
| 50 | +end | ... | ... |
lib/gitlab/satellite/satellite.rb
| ... | ... | @@ -30,10 +30,10 @@ module Gitlab |
| 30 | 30 | end |
| 31 | 31 | |
| 32 | 32 | def create |
| 33 | - output, status = popen("git clone #{project.url_to_repo} #{path}", | |
| 33 | + output, status = popen("git clone #{project.repository.path_to_repo} #{path}", | |
| 34 | 34 | Gitlab.config.satellites.path) |
| 35 | 35 | |
| 36 | - log("PID: #{project.id}: git clone #{project.url_to_repo} #{path}") | |
| 36 | + log("PID: #{project.id}: git clone #{project.repository.path_to_repo} #{path}") | |
| 37 | 37 | log("PID: #{project.id}: -> #{output}") |
| 38 | 38 | |
| 39 | 39 | if status.zero? | ... | ... |
lib/gitolited.rb
lib/hooks/post-receive
| ... | ... | @@ -1,12 +0,0 @@ |
| 1 | -#!/usr/bin/env bash | |
| 2 | - | |
| 3 | -# Version 4.1 | |
| 4 | -# This file was placed here by GitLab. It makes sure that your pushed commits | |
| 5 | -# will be processed properly. | |
| 6 | - | |
| 7 | -while read oldrev newrev ref | |
| 8 | -do | |
| 9 | - # For every branch or tag that was pushed, create a Resque job in redis. | |
| 10 | - repo_path=`pwd` | |
| 11 | - env -i redis-cli rpush "resque:gitlab:queue:post_receive" "{\"class\":\"PostReceive\",\"args\":[\"$repo_path\",\"$oldrev\",\"$newrev\",\"$ref\",\"$GL_USER\"]}" > /dev/null 2>&1 | |
| 12 | -done |
lib/support/rewrite-hooks.sh
| ... | ... | @@ -1,32 +0,0 @@ |
| 1 | -#!/bin/bash | |
| 2 | - | |
| 3 | -src="/home/git/repositories" | |
| 4 | - | |
| 5 | -for dir in `ls "$src/"` | |
| 6 | -do | |
| 7 | - if [ -d "$src/$dir" ]; then | |
| 8 | - | |
| 9 | - if [ "$dir" = "gitolite-admin.git" ] | |
| 10 | - then | |
| 11 | - continue | |
| 12 | - fi | |
| 13 | - | |
| 14 | - if [[ "$dir" =~ ^.*.git$ ]] | |
| 15 | - then | |
| 16 | - project_hook="$src/$dir/hooks/post-receive" | |
| 17 | - gitolite_hook="/home/git/.gitolite/hooks/common/post-receive" | |
| 18 | - | |
| 19 | - ln -s -f $gitolite_hook $project_hook | |
| 20 | - else | |
| 21 | - for subdir in `ls "$src/$dir/"` | |
| 22 | - do | |
| 23 | - if [ -d "$src/$dir/$subdir" ] && [[ "$subdir" =~ ^.*.git$ ]]; then | |
| 24 | - project_hook="$src/$dir/$subdir/hooks/post-receive" | |
| 25 | - gitolite_hook="/home/git/.gitolite/hooks/common/post-receive" | |
| 26 | - | |
| 27 | - ln -s -f $gitolite_hook $project_hook | |
| 28 | - fi | |
| 29 | - done | |
| 30 | - fi | |
| 31 | - fi | |
| 32 | -done |
lib/support/truncate_repositories.sh
| ... | ... | @@ -1,11 +0,0 @@ |
| 1 | -#!/bin/bash | |
| 2 | - | |
| 3 | -echo "Danger!!! Data Loss" | |
| 4 | -while true; do | |
| 5 | - read -p "Do you wish to all directories except gitolite-admin.git from /home/git/repositories/ (y/n) ?: " yn | |
| 6 | - case $yn in | |
| 7 | - [Yy]* ) sh -c "find /home/git/repositories/. -maxdepth 1 -not -name 'gitolite-admin.git' -not -name '.' | xargs sudo rm -rf"; break;; | |
| 8 | - [Nn]* ) exit;; | |
| 9 | - * ) echo "Please answer yes or no.";; | |
| 10 | - esac | |
| 11 | -done |
lib/tasks/gitlab/enable_automerge.rake
| ... | ... | @@ -3,11 +3,6 @@ namespace :gitlab do |
| 3 | 3 | task :enable_automerge => :environment do |
| 4 | 4 | warn_user_is_not_gitlab |
| 5 | 5 | |
| 6 | - puts "Updating repo permissions ..." | |
| 7 | - Gitlab::Gitolite.new.enable_automerge | |
| 8 | - puts "... #{"done".green}" | |
| 9 | - puts "" | |
| 10 | - | |
| 11 | 6 | print "Creating satellites for ..." |
| 12 | 7 | unless Project.count > 0 |
| 13 | 8 | puts "skipping, because you have no projects".magenta | ... | ... |
| ... | ... | @@ -0,0 +1,32 @@ |
| 1 | +namespace :gitlab do | |
| 2 | + namespace :shell do | |
| 3 | + desc "GITLAB | Setup gitlab-shell" | |
| 4 | + task :setup => :environment do | |
| 5 | + setup | |
| 6 | + end | |
| 7 | + end | |
| 8 | + | |
| 9 | + def setup | |
| 10 | + warn_user_is_not_gitlab | |
| 11 | + | |
| 12 | + puts "This will rebuild an authorized_keys file." | |
| 13 | + puts "You will lose any data stored in /home/git/.ssh/authorized_keys." | |
| 14 | + ask_to_continue | |
| 15 | + puts "" | |
| 16 | + | |
| 17 | + system("echo '# Managed by gitlab-shell' > /home/git/.ssh/authorized_keys") | |
| 18 | + | |
| 19 | + Key.find_each(:batch_size => 1000) do |key| | |
| 20 | + if Gitlab::Shell.new.add_key(key.shell_id, key.key) | |
| 21 | + print '.' | |
| 22 | + else | |
| 23 | + print 'F' | |
| 24 | + end | |
| 25 | + end | |
| 26 | + | |
| 27 | + rescue Gitlab::TaskAbortedByUserError | |
| 28 | + puts "Quitting...".red | |
| 29 | + exit 1 | |
| 30 | + end | |
| 31 | +end | |
| 32 | + | ... | ... |
spec/lib/gitolite_config_spec.rb
| ... | ... | @@ -1,16 +0,0 @@ |
| 1 | -require 'spec_helper' | |
| 2 | - | |
| 3 | -describe Gitlab::GitoliteConfig do | |
| 4 | - let(:gitolite) { Gitlab::GitoliteConfig.new } | |
| 5 | - | |
| 6 | - it { should respond_to :write_key } | |
| 7 | - it { should respond_to :rm_key } | |
| 8 | - it { should respond_to :update_project } | |
| 9 | - it { should respond_to :update_project! } | |
| 10 | - it { should respond_to :update_projects } | |
| 11 | - it { should respond_to :destroy_project } | |
| 12 | - it { should respond_to :destroy_project! } | |
| 13 | - it { should respond_to :apply } | |
| 14 | - it { should respond_to :admin_all_repo } | |
| 15 | - it { should respond_to :admin_all_repo! } | |
| 16 | -end |
spec/lib/gitolite_spec.rb
| ... | ... | @@ -1,26 +0,0 @@ |
| 1 | -require 'spec_helper' | |
| 2 | - | |
| 3 | -describe Gitlab::Gitolite do | |
| 4 | - let(:project) { double('Project', id: 7, path: 'diaspora') } | |
| 5 | - let(:gitolite_config) { double('Gitlab::GitoliteConfig') } | |
| 6 | - let(:gitolite) { Gitlab::Gitolite.new } | |
| 7 | - | |
| 8 | - before do | |
| 9 | - gitolite.stub(config: gitolite_config) | |
| 10 | - Project.stub(find: project) | |
| 11 | - end | |
| 12 | - | |
| 13 | - it { should respond_to :set_key } | |
| 14 | - it { should respond_to :remove_key } | |
| 15 | - | |
| 16 | - it { should respond_to :update_repository } | |
| 17 | - it { should respond_to :create_repository } | |
| 18 | - it { should respond_to :remove_repository } | |
| 19 | - | |
| 20 | - it { gitolite.url_to_repo('diaspora').should == Gitlab.config.gitolite.ssh_path_prefix + "diaspora.git" } | |
| 21 | - | |
| 22 | - it "should call config update" do | |
| 23 | - gitolite_config.should_receive(:update_project!) | |
| 24 | - gitolite.update_repository(project.id) | |
| 25 | - end | |
| 26 | -end |
| ... | ... | @@ -0,0 +1,17 @@ |
| 1 | +require 'spec_helper' | |
| 2 | + | |
| 3 | +describe Gitlab::Shell do | |
| 4 | + let(:project) { double('Project', id: 7, path: 'diaspora') } | |
| 5 | + let(:gitolite) { Gitlab::Shell.new } | |
| 6 | + | |
| 7 | + before do | |
| 8 | + Project.stub(find: project) | |
| 9 | + end | |
| 10 | + | |
| 11 | + it { should respond_to :add_key } | |
| 12 | + it { should respond_to :remove_key } | |
| 13 | + it { should respond_to :add_repository } | |
| 14 | + it { should respond_to :remove_repository } | |
| 15 | + | |
| 16 | + it { gitolite.url_to_repo('diaspora').should == Gitlab.config.gitolite.ssh_path_prefix + "diaspora.git" } | |
| 17 | +end | ... | ... |
spec/models/key_spec.rb
| ... | ... | @@ -46,9 +46,9 @@ describe Key do |
| 46 | 46 | key.should_not be_valid |
| 47 | 47 | end |
| 48 | 48 | |
| 49 | - it "does accept the same key for another project" do | |
| 49 | + it "does not accept the same key for another project" do | |
| 50 | 50 | key = build(:key, project_id: 0) |
| 51 | - key.should be_valid | |
| 51 | + key.should_not be_valid | |
| 52 | 52 | end |
| 53 | 53 | end |
| 54 | 54 | ... | ... |
spec/models/project_spec.rb
| ... | ... | @@ -77,8 +77,6 @@ describe Project do |
| 77 | 77 | it { should respond_to(:url_to_repo) } |
| 78 | 78 | it { should respond_to(:repo_exists?) } |
| 79 | 79 | it { should respond_to(:satellite) } |
| 80 | - it { should respond_to(:update_repository) } | |
| 81 | - it { should respond_to(:destroy_repository) } | |
| 82 | 80 | it { should respond_to(:observe_push) } |
| 83 | 81 | it { should respond_to(:update_merge_requests) } |
| 84 | 82 | it { should respond_to(:execute_hooks) } | ... | ... |
spec/models/protected_branch_spec.rb
| ... | ... | @@ -24,19 +24,4 @@ describe ProtectedBranch do |
| 24 | 24 | it { should validate_presence_of(:project) } |
| 25 | 25 | it { should validate_presence_of(:name) } |
| 26 | 26 | end |
| 27 | - | |
| 28 | - describe 'Callbacks' do | |
| 29 | - let(:branch) { build(:protected_branch) } | |
| 30 | - | |
| 31 | - it 'call update_repository after save' do | |
| 32 | - branch.should_receive(:update_repository) | |
| 33 | - branch.save | |
| 34 | - end | |
| 35 | - | |
| 36 | - it 'call update_repository after destroy' do | |
| 37 | - branch.save | |
| 38 | - branch.should_receive(:update_repository) | |
| 39 | - branch.destroy | |
| 40 | - end | |
| 41 | - end | |
| 42 | 27 | end | ... | ... |
spec/observers/key_observer_spec.rb
| ... | ... | @@ -3,7 +3,7 @@ require 'spec_helper' |
| 3 | 3 | describe KeyObserver do |
| 4 | 4 | before do |
| 5 | 5 | @key = double('Key', |
| 6 | - identifier: 'admin_654654', | |
| 6 | + shell_id: 'key-32', | |
| 7 | 7 | key: '== a vaild ssh key', |
| 8 | 8 | projects: [], |
| 9 | 9 | is_deploy_key: false |
| ... | ... | @@ -14,14 +14,14 @@ describe KeyObserver do |
| 14 | 14 | |
| 15 | 15 | context :after_save do |
| 16 | 16 | it do |
| 17 | - GitoliteWorker.should_receive(:perform_async).with(:set_key, @key.identifier, @key.key, @key.projects.map(&:id)) | |
| 17 | + GitoliteWorker.should_receive(:perform_async).with(:add_key, @key.shell_id, @key.key) | |
| 18 | 18 | @observer.after_save(@key) |
| 19 | 19 | end |
| 20 | 20 | end |
| 21 | 21 | |
| 22 | 22 | context :after_destroy do |
| 23 | 23 | it do |
| 24 | - GitoliteWorker.should_receive(:perform_async).with(:remove_key, @key.identifier, @key.projects.map(&:id)) | |
| 24 | + GitoliteWorker.should_receive(:perform_async).with(:remove_key, @key.shell_id, @key.key) | |
| 25 | 25 | @observer.after_destroy(@key) |
| 26 | 26 | end |
| 27 | 27 | end | ... | ... |
spec/spec_helper.rb
| ... | ... | @@ -24,7 +24,6 @@ RSpec.configure do |config| |
| 24 | 24 | config.mock_with :rspec |
| 25 | 25 | |
| 26 | 26 | config.include LoginHelpers, type: :request |
| 27 | - config.include GitoliteStub | |
| 28 | 27 | config.include FactoryGirl::Syntax::Methods |
| 29 | 28 | config.include Devise::TestHelpers, type: :controller |
| 30 | 29 | |
| ... | ... | @@ -34,8 +33,6 @@ RSpec.configure do |config| |
| 34 | 33 | config.use_transactional_fixtures = false |
| 35 | 34 | |
| 36 | 35 | config.before do |
| 37 | - stub_gitolite! | |
| 38 | - | |
| 39 | 36 | # Use tmp dir for FS manipulations |
| 40 | 37 | temp_repos_path = Rails.root.join('tmp', 'test-git-base-path') |
| 41 | 38 | Gitlab.config.gitolite.stub(repos_path: temp_repos_path) | ... | ... |
spec/support/gitolite_stub.rb
| ... | ... | @@ -1,21 +0,0 @@ |
| 1 | -module GitoliteStub | |
| 2 | - def stub_gitolite! | |
| 3 | - stub_gitlab_gitolite | |
| 4 | - stub_gitolite_admin | |
| 5 | - end | |
| 6 | - | |
| 7 | - def stub_gitolite_admin | |
| 8 | - gitolite_admin = double('Gitolite::GitoliteAdmin') | |
| 9 | - gitolite_admin.as_null_object | |
| 10 | - | |
| 11 | - Gitolite::GitoliteAdmin.stub(new: gitolite_admin) | |
| 12 | - end | |
| 13 | - | |
| 14 | - def stub_gitlab_gitolite | |
| 15 | - gitolite_config = double('Gitlab::GitoliteConfig') | |
| 16 | - gitolite_config.stub(apply: ->() { yield(self) }) | |
| 17 | - gitolite_config.as_null_object | |
| 18 | - | |
| 19 | - Gitlab::GitoliteConfig.stub(new: gitolite_config) | |
| 20 | - end | |
| 21 | -end |
spec/support/stubbed_repository.rb
| 1 | 1 | require "repository" |
| 2 | 2 | require "project" |
| 3 | +require "shell" | |
| 3 | 4 | |
| 4 | 5 | # Stubs out all Git repository access done by models so that specs can run |
| 5 | 6 | # against fake repositories without Grit complaining that they don't exist. |
| ... | ... | @@ -36,3 +37,23 @@ class GitLabTestRepo < Repository |
| 36 | 37 | @repo ||= Grit::Repo.new(Rails.root.join('tmp', 'repositories', 'gitlabhq')) |
| 37 | 38 | end |
| 38 | 39 | end |
| 40 | + | |
| 41 | +module Gitlab | |
| 42 | + class Shell | |
| 43 | + def add_repository name | |
| 44 | + true | |
| 45 | + end | |
| 46 | + | |
| 47 | + def remove_repository name | |
| 48 | + true | |
| 49 | + end | |
| 50 | + | |
| 51 | + def add_key id, key | |
| 52 | + true | |
| 53 | + end | |
| 54 | + | |
| 55 | + def remove_key id, key | |
| 56 | + true | |
| 57 | + end | |
| 58 | + end | |
| 59 | +end | ... | ... |
spec/workers/post_receive_spec.rb
| ... | ... | @@ -11,7 +11,7 @@ describe PostReceive do |
| 11 | 11 | context "web hook" do |
| 12 | 12 | let(:project) { create(:project) } |
| 13 | 13 | let(:key) { create(:key, user: project.owner) } |
| 14 | - let(:key_id) { key.identifier } | |
| 14 | + let(:key_id) { key.shell_id } | |
| 15 | 15 | |
| 16 | 16 | it "fetches the correct project" do |
| 17 | 17 | Project.should_receive(:find_with_namespace).with(project.path_with_namespace).and_return(project) |
| ... | ... | @@ -19,7 +19,7 @@ describe PostReceive do |
| 19 | 19 | end |
| 20 | 20 | |
| 21 | 21 | it "does not run if the author is not in the project" do |
| 22 | - Key.stub(find_by_identifier: nil) | |
| 22 | + Key.stub(find_by_id: nil) | |
| 23 | 23 | |
| 24 | 24 | project.should_not_receive(:observe_push) |
| 25 | 25 | project.should_not_receive(:execute_hooks) | ... | ... |