Download as
Browse Code »

Commit 6b9a60904451fb192e445774768ccb53f7f8d2f8

Authored by Dmitriy Zaporozhets
1 parent 85de55a1
Exists in master and in 4 other branches 6-8-stable, 7-0-stable, 7-0-stable-spb, spb-stable

preparing for gitlab-shell

Showing 4 changed files with 16 additions and 302 deletions   Show diff stats
Gemfile
  Diff comments   View file @6b9a609
... ... @@ -32,9 +32,6 @@ gem 'gitlab_omniauth-ldap', '1.0.2', require: "omniauth-ldap"
32 32 # Dump db to yml file. Mostly used to migrate from sqlite to mysql
33 33 gem 'gitlab_yaml_db', '1.0.0', require: "yaml_db"
34 34  
35   -# Gitolite client (for work with gitolite-admin repo)
36   -gem "gitolite", '1.1.0'
37   -
38 35 # Syntax highlighter
39 36 gem "pygments.rb", git: "https://github.com/gitlabhq/pygments.rb.git", branch: "master"
40 37  
... ...
Gemfile.lock
  Diff comments   View file @6b9a609
... ... @@ -107,7 +107,6 @@ GEM
107 107 coderay (>= 1.0.0)
108 108 erubis (>= 2.7.0)
109 109 binding_of_caller (0.6.8)
110   - blankslate (3.1.2)
111 110 bootstrap-sass (2.2.1.1)
112 111 sass (~> 3.2)
113 112 builder (3.0.4)
... ... @@ -195,10 +194,6 @@ GEM
195 194 pyu-ruby-sasl (~> 0.0.3.1)
196 195 rubyntlm (~> 0.1.1)
197 196 gitlab_yaml_db (1.0.0)
198   - gitolite (1.1.0)
199   - gratr19 (~> 0.4.4.1)
200   - grit (~> 2.5.0)
201   - hashery (~> 1.5.0)
202 197 grape (0.2.2)
203 198 activesupport
204 199 hashie (~> 1.2)
... ... @@ -208,7 +203,6 @@ GEM
208 203 rack-accept
209 204 rack-mount
210 205 virtus
211   - gratr19 (0.4.4.1)
212 206 growl (1.0.3)
213 207 guard (1.5.4)
214 208 listen (>= 0.4.2)
... ... @@ -227,8 +221,6 @@ GEM
227 221 activesupport (>= 3.1, < 4.1)
228 222 haml (~> 3.1)
229 223 railties (>= 3.1, < 4.1)
230   - hashery (1.5.0)
231   - blankslate
232 224 hashie (1.2.0)
233 225 hike (1.2.1)
234 226 http_parser.rb (0.5.3)
... ... @@ -497,7 +489,6 @@ DEPENDENCIES
497 489 gitlab_meta (= 4.0)
498 490 gitlab_omniauth-ldap (= 1.0.2)
499 491 gitlab_yaml_db (= 1.0.0)
500   - gitolite (= 1.1.0)
501 492 grack!
502 493 grape (~> 0.2.1)
503 494 grit!
... ...
lib/gitlab/backend/gitolite.rb
  Diff comments   View file @6b9a609
1   -require_relative 'gitolite_config'
2   -
3 1 module Gitlab
4 2 class Gitolite
5 3 class AccessDenied < StandardError; end
... ... @@ -8,52 +6,25 @@ module Gitlab
8 6 Gitlab::GitoliteConfig.new
9 7 end
10 8  
11   - # Update gitolite config with new key
12   - #
13   - # Ex.
14   - # set_key("m_gitlab_com_12343", "sha-rsa ...", [2, 3, 6])
15   - #
16   - def set_key(key_id, key_content, project_ids)
17   - projects = Project.where(id: project_ids)
18   -
19   - config.apply do |config|
20   - config.write_key(key_id, key_content)
21   - config.update_projects(projects)
22   - end
23   - end
24   -
25   - # Remove ssh key from gitolite config
  9 + # Add new key to gitlab-shell
26 10 #
27 11 # Ex.
28   - # remove_key("m_gitlab_com_12343", [2, 3, 6])
  12 + # add_key("randx", "sha-rsa ...")
29 13 #
30   - def remove_key(key_id, project_ids)
31   - projects = Project.where(id: project_ids)
32   -
33   - config.apply do |config|
34   - config.rm_key(key_id)
35   - config.update_projects(projects)
36   - end
  14 + def add_key(username, key_content)
  15 + # TODO: implement
37 16 end
38 17  
39   - # Update project config in gitolite by project id
  18 + # Remove ssh key from gitlab shell
40 19 #
41 20 # Ex.
42   - # update_repository(23)
  21 + # remove_key("sha-rsa")
43 22 #
44   - def update_repository(project_id)
45   - project = Project.find(project_id)
46   - config.update_project!(project)
47   - end
48   -
49   - def move_repository(old_repo, project)
50   - config.apply do |config|
51   - config.clean_repo(old_repo)
52   - config.update_project(project)
53   - end
  23 + def remove_key(key_content)
  24 + # TODO: implement
54 25 end
55 26  
56   - # Remove repository from gitolite
  27 + # Remove repository from file system
57 28 #
58 29 # name - project path with namespace
59 30 #
... ... @@ -61,20 +32,18 @@ module Gitlab
61 32 # remove_repository("gitlab/gitlab-ci")
62 33 #
63 34 def remove_repository(name)
64   - config.destroy_project!(name)
  35 + # TODO: implement
65 36 end
66 37  
67   - # Update projects configs in gitolite by project ids
  38 + # Init new repository
  39 + #
  40 + # name - project path with namespace
68 41 #
69 42 # Ex.
70   - # update_repositories([1, 4, 6])
  43 + # add_repository("gitlab/gitlab-ci")
71 44 #
72   - def update_repositories(project_ids)
73   - projects = Project.where(id: project_ids)
74   -
75   - config.apply do |config|
76   - config.update_projects(projects)
77   - end
  45 + def add_repository(name)
  46 + # TODO: implement
78 47 end
79 48  
80 49 def url_to_repo path
... ... @@ -84,7 +53,5 @@ module Gitlab
84 53 def enable_automerge
85 54 config.admin_all_repo!
86 55 end
87   -
88   - alias_method :create_repository, :update_repository
89 56 end
90 57 end
... ...
lib/gitlab/backend/gitolite_config.rb
View file @85de55a
... ... @@ -1,241 +0,0 @@
1   -require 'gitolite'
2   -require 'timeout'
3   -require 'fileutils'
4   -
5   -module Gitlab
6   - class GitoliteConfig
7   - include Gitlab::Popen
8   -
9   - class PullError < StandardError; end
10   - class PushError < StandardError; end
11   - class BrokenGitolite < StandardError; end
12   -
13   - attr_reader :config_tmp_dir, :tmp_dir, :ga_repo, :conf
14   -
15   - def initialize
16   - @tmp_dir = Rails.root.join("tmp").to_s
17   - @config_tmp_dir = File.join(@tmp_dir,"gitlabhq-gitolite-#{Time.now.to_i}")
18   - end
19   -
20   - def ga_repo
21   - @ga_repo ||= ::Gitolite::GitoliteAdmin.new(
22   - File.join(config_tmp_dir,'gitolite'),
23   - conf: Gitlab.config.gitolite.config_file
24   - )
25   - end
26   -
27   - def apply
28   - Timeout::timeout(30) do
29   - File.open(File.join(tmp_dir, "gitlabhq-gitolite.lock"), "w+") do |f|
30   - begin
31   - # Set exclusive lock
32   - # to prevent race condition
33   - f.flock(File::LOCK_EX)
34   -
35   - # Pull gitolite-admin repo
36   - # in tmp dir before do any changes
37   - pull
38   -
39   - # Build ga_repo object and @conf
40   - # to access gitolite-admin configuration
41   - @conf = ga_repo.config
42   -
43   - # Do any changes
44   - # in gitolite-admin
45   - # config here
46   - yield(self)
47   -
48   - # Save changes in
49   - # gitolite-admin repo
50   - # before push it
51   - ga_repo.save
52   -
53   - # Push gitolite-admin repo
54   - # to apply all changes
55   - push
56   - ensure
57   - # Remove tmp dir
58   - # removing the gitolite folder first is important to avoid
59   - # NFS issues.
60   - FileUtils.rm_rf(File.join(config_tmp_dir, 'gitolite'))
61   -
62   - # Remove parent tmp dir
63   - FileUtils.rm_rf(config_tmp_dir)
64   -
65   - # Unlock so other task can access
66   - # gitolite configuration
67   - f.flock(File::LOCK_UN)
68   - end
69   - end
70   - end
71   - rescue PullError => ex
72   - log("Pull error -> " + ex.message)
73   - raise Gitolite::AccessDenied, ex.message
74   -
75   - rescue PushError => ex
76   - log("Push error -> " + " " + ex.message)
77   - raise Gitolite::AccessDenied, ex.message
78   -
79   - rescue BrokenGitolite => ex
80   - log("Gitolite error -> " + " " + ex.message)
81   - raise Gitolite::AccessDenied, ex.message
82   -
83   - rescue Exception => ex
84   - log(ex.class.name + " " + ex.message)
85   - raise Gitolite::AccessDenied.new("gitolite timeout")
86   - end
87   -
88   - def log message
89   - Gitlab::GitLogger.error(message)
90   - end
91   -
92   - def path_to_repo(name)
93   - File.join(Gitlab.config.gitolite.repos_path, "#{name}.git")
94   - end
95   -
96   - def destroy_project(name)
97   - full_path = path_to_repo(name)
98   - FileUtils.rm_rf(full_path) if File.exists?(full_path)
99   - conf.rm_repo(name)
100   - end
101   -
102   - def clean_repo repo_name
103   - conf.rm_repo(repo_name)
104   - end
105   -
106   - def destroy_project!(project)
107   - apply do |config|
108   - config.destroy_project(project)
109   - end
110   - end
111   -
112   - def write_key(id, key)
113   - File.open(File.join(config_tmp_dir, 'gitolite/keydir',"#{id}.pub"), 'w') do |f|
114   - f.write(key.gsub(/\n/,''))
115   - end
116   - end
117   -
118   - def rm_key(user)
119   - key_path = File.join(config_tmp_dir, 'gitolite/keydir', "#{user}.pub")
120   - ga_key = ::Gitolite::SSHKey.from_file(key_path)
121   - ga_repo.rm_key(ga_key)
122   - end
123   -
124   - # update or create
125   - def update_project(project)
126   - repo = update_project_config(project, conf)
127   - conf.add_repo(repo, true)
128   - end
129   -
130   - def update_project!( project)
131   - apply do |config|
132   - config.update_project(project)
133   - end
134   - end
135   -
136   - # Updates many projects and uses project.path_with_namespace as the repo path
137   - # An order of magnitude faster than update_project
138   - def update_projects(projects)
139   - projects.each do |project|
140   - repo = update_project_config(project, conf)
141   - conf.add_repo(repo, true)
142   - end
143   - end
144   -
145   - def update_project_config(project, conf)
146   - repo_name = project.path_with_namespace
147   -
148   - repo = if conf.has_repo?(repo_name)
149   - conf.get_repo(repo_name)
150   - else
151   - ::Gitolite::Config::Repo.new(repo_name)
152   - end
153   -
154   - name_readers = project.team.repository_readers
155   - name_writers = project.team.repository_writers
156   - name_masters = project.team.repository_masters
157   -
158   - pr_br = project.protected_branches.map(&:name).join("$ ")
159   -
160   - repo.clean_permissions
161   -
162   - # Deny access to protected branches for writers
163   - unless name_writers.blank? || pr_br.blank?
164   - repo.add_permission("-", pr_br.strip + "$ ", name_writers)
165   - end
166   -
167   - # Add read permissions
168   - repo.add_permission("R", "", name_readers) unless name_readers.blank?
169   -
170   - # Add write permissions
171   - repo.add_permission("RW+", "", name_writers) unless name_writers.blank?
172   - repo.add_permission("RW+", "", name_masters) unless name_masters.blank?
173   -
174   - # Add sharedRepository config
175   - repo.set_git_config("core.sharedRepository", "0660")
176   -
177   - repo
178   - end
179   -
180   - # Enable access to all repos for gitolite admin.
181   - # We use it for accept merge request feature
182   - def admin_all_repo
183   - owner_name = Gitlab.config.gitolite.admin_key
184   -
185   - # @ALL repos premission for gitolite owner
186   - repo_name = "@all"
187   - repo = if conf.has_repo?(repo_name)
188   - conf.get_repo(repo_name)
189   - else
190   - ::Gitolite::Config::Repo.new(repo_name)
191   - end
192   -
193   - repo.add_permission("RW+", "", owner_name)
194   - conf.add_repo(repo, true)
195   - end
196   -
197   - def admin_all_repo!
198   - apply { |config| config.admin_all_repo }
199   - end
200   -
201   - private
202   -
203   - def pull
204   - # Create config tmp dir like "RAILS_ROOT/tmp/gitlabhq-gitolite-132545"
205   - Dir.mkdir config_tmp_dir
206   -
207   - # Clone gitolite-admin repo into tmp dir
208   - popen("git clone #{Gitlab.config.gitolite.admin_uri} #{config_tmp_dir}/gitolite", tmp_dir)
209   -
210   - # Ensure file with config presents after cloning
211   - unless File.exists?(File.join(config_tmp_dir, 'gitolite', 'conf', 'gitolite.conf'))
212   - raise PullError, "unable to clone gitolite-admin repo"
213   - end
214   - end
215   -
216   - def push
217   - output, status = popen('git add -A', tmp_conf_path)
218   - raise "Git add failed." unless status.zero?
219   -
220   - # git commit returns 0 on success, and 1 if there is nothing to commit
221   - output, status = popen('git commit -m "GitLab"', tmp_conf_path)
222   - raise "Git add failed." unless [0,1].include?(status)
223   -
224   - output, status = popen('git push', tmp_conf_path)
225   -
226   - if output =~ /remote\: FATAL/
227   - raise BrokenGitolite, output
228   - end
229   -
230   - if status.zero? || output =~ /Everything up\-to\-date/
231   - return true
232   - else
233   - raise PushError, "unable to push gitolite-admin repo"
234   - end
235   - end
236   -
237   - def tmp_conf_path
238   - File.join(config_tmp_dir,'gitolite')
239   - end
240   - end
241   -end