| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |\
| |
| |
| |
| | |
Use Gitlab::HTTP for all chat notifications
See merge request gitlab/gitlabhq!3517
|
| | | |
|
| |/ |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |\
| |
| |
| |
| |
| |
| | |
Use image proxy to mitigate stealing ip addresses
Closes #2812
See merge request gitlab/gitlabhq!2926
|
| | |
| |
| |
| |
| |
| | |
User images and videos will get proxied through
the Camo server in order to keep malicious
sites from collecting the IP address of users.
|
| |\ \
| |/
|/|
| |
| | |
DNS Rebind SSRF in Kubernetes Integration
See merge request gitlab/gitlabhq!3345
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Kubeclient uses rest-client. We hack into to access the net/http object
so that we can patch to connect to the resolved IP + set
hostname_override.
Add specs for discord. The discord integration also uses rest-client, so
since we patched rest-client, spec that the DNS rebinding protection
works
|
| |/
|
|
|
|
| |
- Add mail interceptor the signs outgoing email with SMIME
- Add lib and helpers to work with SMIME data
- New configuration params for setting up SMIME key and cert files
|
| |
|
|
|
|
| |
The circuit breaker itself got removed a while ago, when that happened
some parts got left behind. Using grep old stale settings and
validations were found and are now removed.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Storing this key in secrets.yml was a bad idea,
it would require users using HA setups to manually
replicate secrets across nodes during update,
it also needed support from omnibus package
* Revert "Generate Let's Encrypt private key"
This reverts commit 444959bfa0b79e827a2a1a7a314acac19390f976.
* Add Let's Encrypt private key to settings
as encrypted attribute
* Generate Let's Encrypt private key
in database migration
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
| |
Because this could potentially load a model and we shouldn't
load models before all the patches we have in places.
|
| |
|
|
|
|
|
|
|
|
| |
Updates specs to use new rails5 format.
The old format:
`get :show, { some: params }, { some: headers }`
The new format:
`get :show, params: { some: params }, headers: { some: headers }`
|
| |
|
|
| |
This reverts commit 3560b11922fd180eea5cafd0e763e0e601c5c4ee.
|
| |
|
|
| |
This changes `correlation_id` to be `correlation-id` when passed via jobs
|
| |
|
|
|
|
|
|
| |
The Correlation ID is taken or generated from received X-Request-ID.
Then it is being passed to all executed services (sidekiq workers
or gitaly calls).
The Correlation ID is logged in all structured logs as `correlation_id`.
|
| |
|
|
|
|
|
|
|
| |
If the EncryptColumns background migration runs in a sidekiq with a
stale view of the database schema, or when the purported destination
columns don't actually exist, data loss can result. Attempt to work
around these issues by reloading schema information before running
the migration, and raising errors if the model reports that any of its
source or destination columns are missing.
|
| |
|
|
| |
Signed-off-by: Takuya Noguchi <takninnovationresearch@gmail.com>
|
| | |
|
| | |
|
| | |
|
| | |
|
| |\
| |
| |
| |
| | |
Upgrade to Ruby 2.4.4
See merge request gitlab-org/gitlab-ce!19055
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Fixes that make this work:
* A change in Ruby (https://github.com/ruby/ruby/commit/ce635262f53b760284d56bb1027baebaaec175d1)
requires passing in the exact required length for OpenSSL keys and IVs.
* Ensure the secrets.yml is generated before any prepended modules are
loaded. This is done by renaming the `secret_token.rb` initializer to
`01_secret_token.rb`, which is a bit ugly but involves the least impact on
other files.
|
| |/
|
|
|
|
|
|
|
|
|
| |
This gem (https://gitlab.com/gitlab-org/grape-path-helpers) makes a number of changes:
1. Brings in @mdelaossa's changes in https://github.com/reprah/grape-route-helpers/pull/21
2. Fixes some broken specs and code for Grape 1.0+
3. Optimizes the generation of paths by bringing in @dblessing's
HashWithIndifferentAccess changes in https://gitlab.com/gitlab-org/gitlab-ce/issues/45718#note_70123793
Closes #45718
|
| |
|
|
|
| |
Given the settings initializer creates Gitaly Storage Settings objects
already, the calls to path can be moved to that initializer.
|
| | |
|
| | |
|
| |\
| |
| |
| |
| |
| |
| | |
Bring Object Storage to CE
Closes #4171, #4163, #3370, #2841, and #29203
See merge request gitlab-org/gitlab-ce!17358
|
| | |
| |
| |
| |
| |
| |
| | |
Resolve ""Support private HTTPS urls for object storage""
Closes #4879
See merge request gitlab-org/gitlab-ee!4475
|
| |/ |
|
| |
|
|
|
| |
Bringing in https://github.com/reprah/grape-route-helpers/pull/21 as a
monkey patch since the grape-route-helpers project seems to be abandoned
|
