| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| | |
|
| | |
|
| |\
| |
| |
| |
| |
| |
| | |
Resolve "NameError: uninitialized constant ApplicationSetting::DEFAULTS"
Closes #27280
See merge request !8805
|
| | |
| |
| |
| | |
Signed-off-by: Rémy Coutable <remy@rymai.me>
|
| | |
| |
| |
| |
| |
| | |
Also, remove non-existing Ci::ApplicationSetting.expire!
Signed-off-by: Rémy Coutable <remy@rymai.me>
|
| |/
|
|
| |
environment
|
| |\
| |
| |
| |
| |
| |
| | |
Fix race conditions for AuthorizedProjectsWorker
Closes #26194 and #26310
See merge request !8701
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
There were two cases that could be problematic:
1. Because sometimes AuthorizedProjectsWorker would be scheduled in a
transaction it was possible for a job to run/complete before a
COMMIT; resulting in it either producing an error, or producing no
new data.
2. When scheduling jobs the code would not wait until completion. This
could lead to a user creating a project and then immediately trying
to push to it. Usually this will work fine, but given enough load it
might take a few seconds before a user has access.
The first one is problematic, the second one is mostly just annoying
(but annoying enough to warrant a solution).
This commit changes two things to deal with this:
1. Sidekiq scheduling now takes places after a COMMIT, this is ensured
by scheduling using Rails' after_commit hook instead of doing so in
an arbitrary method.
2. When scheduling jobs the calling thread now waits for all jobs to
complete.
Solution 2 requires tracking of job completions. Sidekiq provides a way
to find a job by its ID, but this involves scanning over the entire
queue; something that is very in-efficient for large queues. As such a
more efficient solution is necessary. There are two main Gems that can
do this in a more efficient manner:
* sidekiq-status
* sidekiq_status
No, this is not a joke. Both Gems do a similar thing (but slightly
different), and the only difference in their name is a dash vs an
underscore. Both Gems however provide far more than just checking if a
job has been completed, and both have their problems. sidekiq-status
does not appear to be actively maintained, with the last release being
in 2015. It also has some issues during testing as API calls are not
stubbed in any way. sidekiq_status on the other hand does not appear to
be very popular, and introduces a similar amount of code.
Because of this I opted to write a simple home grown solution. After
all, all we need is storing a job ID somewhere so we can efficiently
look it up; we don't need extra web UIs (as provided by sidekiq-status)
or complex APIs to update progress, etc.
This is where Gitlab::SidekiqStatus comes in handy. This namespace
contains some code used for tracking, removing, and looking up job IDs;
all without having to scan over an entire queue. Data is removed
explicitly, but also expires automatically just in case.
Using this API we can now schedule jobs in a fork-join like manner: we
schedule the jobs in Sidekiq, process them in parallel, then wait for
completion. By using Sidekiq we can leverage all the benefits such as
being able to scale across multiple cores and hosts, retrying failed
jobs, etc.
The one downside is that we need to make sure we can deal with
unexpected increases in job processing timings. To deal with this the
class Gitlab::JobWaiter (used for waiting for jobs to complete) will
only wait a number of seconds (30 by default). Once this timeout is
reached it will simply return.
For GitLab.com almost all AuthorizedProjectWorker jobs complete in
seconds, only very rarely do we spike to job timings of around a minute.
These in turn seem to be the result of external factors (e.g. deploys),
in which case a user is most likely not able to use the system anyway.
In short, this new solution should ensure that jobs are processed
properly and that in almost all cases a user has access to their
resources whenever they need to have access.
|
| |/
|
|
|
|
|
|
|
|
| |
An empty file in one of the instrumented directories will cause the app
to fail to start when metrics are enabled. Metrics aren't enabled by
default in development or test.
We could handle the empty file case explicitly, but a file could still
not define the constant it is expected to, so instead run the
initializer manually in a spec and check that it succeeds.
|
| | |
|
| | |
|
| |\
| |
| |
| |
| | |
Add more storage statistics
See merge request !7754
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This adds counters for build artifacts and LFS objects, and moves
the preexisting repository_size and commit_count from the projects
table into a new project_statistics table.
The counters are displayed in the administration area for projects
and groups, and also available through the API for admins (on */all)
and normal users (on */owned)
The statistics are updated through ProjectCacheWorker, which can now
do more granular updates with the new :statistics argument.
|
| |/ |
|
| |
|
|
| |
Signed-off-by: Rémy Coutable <remy@rymai.me>
|
| | |
|
| |\
| |
| |
| |
| |
| |
| |
| |
| |
| | |
into 'master'
Enable Style/MultilineOperationIndentation in Rubocop
Fixes #25741
See merge request !8125
|
| | | |
|
| | | |
|
| | | |
|
| |\ \
| |/ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
- Move the `Oauth2::AccessTokenValidationService` class to
`AccessTokenValidationService`, since it is now being used for
personal access token validation as well.
- Each API endpoint declares the scopes it accepts (if any). Currently,
the top level API module declares the `api` scope, and the `Users` API
module declares the `read_user` scope (for GET requests).
- Move the `find_user_by_private_token` from the API `Helpers` module to
the `APIGuard` module, to avoid littering `Helpers` with more
auth-related methods to support `find_user_by_private_token`
|
| | |\
| | |
| | |
| | |
| | |
| | |
| | | |
Render math in Asciidoc and Markdown with KaTeX using code blocks
Closes #13690 and #13180
See merge request !8003
|
| | | | |
|
| | | | |
|
| |\ \ \
| |/ / |
|
| | | | |
|
| | |/
| |
| |
| |
| | |
Add authentication_token to filter_parameters list
See merge request !2041
|
| | |\
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Make deleting with optimistic locking respect NULL
Make deleting with optimistic locking respect NULL
For now deleting with optimistic locking is broken when
lock_version is still NULL, because Rails would try to
delete with `lock_version = 0` while in the database
the column is still `NULL`.
The monkey patches would force Rails just pass whatever
in the column, and stop Rails from casting `NULL` into `0`
when the value is read from database.
Closes #24766
See merge request !7867
|
| | | | |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
For now deleting with optimistic locking is broken when
lock_version is still NULL, because Rails would try to
delete with `lock_version = 0` while in the database
the column is still `NULL`.
The monkey patches would force Rails just pass whatever
in the column, and stop Rails from casting `NULL` into `0`
when the value is read from database.
Closes #24766
|
| | |/
| |
| |
| |
| | |
* Closes gitlab-org/gitlab-ce#25143
* Closes gitlab-org/omnibus-gitlab#1743
|
| |\ \
| |/ |
|
| | |
| |
| |
| |
| |
| | |
This new global setting will allow admins to specify if HTML emails should be sent or not,
this is basically useful when system administrators want to save some disk space by avoiding
emails in HTML format and using only the Plain Text version.
|
| | | |
|
| |/ |
|
| | |
|
| |\
| |
| |
| |
| |
| |
| | |
fix shibboleth misconfigurations resulting in authentication bypass
This merge request fixes #22267 where a misconfigured Shibboleth `HTTP_UID` or `HTTP_EPPN` could result in users being logged into an account that did not belong to them.
See merge request !7428
|
| | | |
|
| |\ \
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Issue #13823: random message when all Todos are Done
## What does this MR do?
Shows a random message every time the To Do list is empty: https://gitlab.com/gitlab-org/gitlab-ce/issues/13823
## Are there points in the code the reviewer needs to double check?
It's my first contribution to GitLab so I might need some help:
- I'm loading a yaml file in the controller. I'm not sure where would be the best place to put it.
- I'm also having the error below running the tests but it doesn't seem related to my changes. I think I might have some issue with my config. Could you double check if the tests pass for you?
/home/pep/.rvm/gems/ruby-2.3.1/gems/actionpack-4.2.7.1/lib/action_dispatch/middleware/debug_exceptions.rb:21:in `call': No route matches [GET] "/autocomplete/users/sjobs@apple.com.json" (ActionController::RoutingError)
## Why was this MR needed?
https://gitlab.com/gitlab-org/gitlab-ce/issues/13823
## Screenshots (if relevant)
## Does this MR meet the acceptance criteria?
- [x] [CHANGELOG](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CHANGELOG) entry added
- [ ] [Documentation created/updated](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/doc_styleguide.md)
- [ ] API support added
- Tests
- [x] Added for this feature/bug
- [ ] All builds are passing
- [x] Conform by the [merge request performance guides](http://docs.gitlab.com/ce/development/merge_request_performance_guidelines.html)
- [x] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides)
- [x] Branch has no merge conflicts with `master` (if it does - rebase it please)
- [x] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits)
## What are the relevant issue numbers?
https://gitlab.com/gitlab-org/gitlab-ce/issues/13823
See merge request !6818
|
| | | | |
|
| |/ /
| |
| |
| |
| |
| |
| |
| |
| | |
Centralize all LDAP config logic in `GitLab::LDAP::Config`. Previously,
some logic was in the Devise initializer and it was not honoring the
`user_filter`. If a user outside the configured `user_filter` signed
in, an account would be created but they would then be denied access.
Now that logic is centralized, the filter is honored and users outside
the filter are never created.
|
| | | |
|
| | |
| |
| |
| | |
them to be configurable
|
| |/ |
|
| |\
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Refactor project routing
## What does this MR do?
Refactor project routing:
* split on multiple files
* improve routing order
## Why was this MR needed?
It makes it easier to maintain and modify project routing
## What are the relevant issue numbers?
Extracted from https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/7121
See merge request !7329
|
| | |
| |
| |
| |
| |
| |
| | |
* split on multiple files
* improve routing order
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
|
| |/
|
|
|
|
|
|
|
| |
By default, Sidekiq will retry 25 times with an exponential backoff.
This may result in jobs retrying for up to 21 days. Most Sidekiq
failures occur when attempting to connect to external services -
Project service hooks, web hooks, mailers, mirror updates, etc.
We should set a default retry of 3, and if that's not sufficient
individual workers can override this in the worker class.
|
| |\
| |
| |
| |
| |
| |
| |
| | |
Support for post deployment migrations
Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/22133
See merge request !6572
|
