From 9469666623bd7d407cd02ed14273c826069bc65d Mon Sep 17 00:00:00 2001 From: Chris Wilson Date: Wed, 28 Sep 2016 23:48:32 +0000 Subject: Update warn message for MySQL fix --- config/initializers/connection_fix.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'config/initializers') diff --git a/config/initializers/connection_fix.rb b/config/initializers/connection_fix.rb index d831a1838ed..d0b1444f607 100644 --- a/config/initializers/connection_fix.rb +++ b/config/initializers/connection_fix.rb @@ -20,7 +20,7 @@ if defined?(ActiveRecord::ConnectionAdapters::Mysql2Adapter) execute_without_retry(*args) rescue ActiveRecord::StatementInvalid => e if e.message =~ /server has gone away/i - warn "Server timed out, retrying" + warn "Lost connection to MySQL server during query" reconnect! retry else -- cgit v1.2.1 From 5dbf1f487188e73bc5eb556c7b955088ff4676e5 Mon Sep 17 00:00:00 2001 From: Andre Guedes Date: Wed, 21 Sep 2016 09:46:13 -0300 Subject: Use `Module#prepend` instead of `alias_method_chain` --- .../attr_encrypted_no_db_connection.rb | 25 ++++++++++---------- config/initializers/postgresql_limit_fix.rb | 27 +++++++++++----------- 2 files changed, 27 insertions(+), 25 deletions(-) (limited to 'config/initializers') diff --git a/config/initializers/attr_encrypted_no_db_connection.rb b/config/initializers/attr_encrypted_no_db_connection.rb index c668864089b..e007666b852 100644 --- a/config/initializers/attr_encrypted_no_db_connection.rb +++ b/config/initializers/attr_encrypted_no_db_connection.rb @@ -1,20 +1,21 @@ module AttrEncrypted module Adapters module ActiveRecord - def attribute_instance_methods_as_symbols_with_no_db_connection - # Use with_connection so the connection doesn't stay pinned to the thread. - connected = ::ActiveRecord::Base.connection_pool.with_connection(&:active?) rescue false - - if connected - # Call version from AttrEncrypted::Adapters::ActiveRecord - attribute_instance_methods_as_symbols_without_no_db_connection - else - # Call version from AttrEncrypted, i.e., `super` with regards to AttrEncrypted::Adapters::ActiveRecord - AttrEncrypted.instance_method(:attribute_instance_methods_as_symbols).bind(self).call + module DBConnectionQuerier + def attribute_instance_methods_as_symbols + # Use with_connection so the connection doesn't stay pinned to the thread. + connected = ::ActiveRecord::Base.connection_pool.with_connection(&:active?) rescue false + + if connected + # Call version from AttrEncrypted::Adapters::ActiveRecord + super + else + # Call version from AttrEncrypted, i.e., `super` with regards to AttrEncrypted::Adapters::ActiveRecord + AttrEncrypted.instance_method(:attribute_instance_methods_as_symbols).bind(self).call + end end end - - alias_method_chain :attribute_instance_methods_as_symbols, :no_db_connection + prepend DBConnectionQuerier end end end diff --git a/config/initializers/postgresql_limit_fix.rb b/config/initializers/postgresql_limit_fix.rb index 0cb3aaf4d24..4224d857e8a 100644 --- a/config/initializers/postgresql_limit_fix.rb +++ b/config/initializers/postgresql_limit_fix.rb @@ -1,5 +1,19 @@ if defined?(ActiveRecord::ConnectionAdapters::PostgreSQLAdapter) class ActiveRecord::ConnectionAdapters::PostgreSQLAdapter + module LimitFilter + def add_column(table_name, column_name, type, options = {}) + options.delete(:limit) if type == :text + super(table_name, column_name, type, options) + end + + def change_column(table_name, column_name, type, options = {}) + options.delete(:limit) if type == :text + super(table_name, column_name, type, options) + end + end + + prepend ActiveRecord::ConnectionAdapters::PostgreSQLAdapter::LimitFilter + class TableDefinition def text(*args) options = args.extract_options! @@ -9,18 +23,5 @@ if defined?(ActiveRecord::ConnectionAdapters::PostgreSQLAdapter) column_names.each { |name| column(name, type, options) } end end - - def add_column_with_limit_filter(table_name, column_name, type, options = {}) - options.delete(:limit) if type == :text - add_column_without_limit_filter(table_name, column_name, type, options) - end - - def change_column_with_limit_filter(table_name, column_name, type, options = {}) - options.delete(:limit) if type == :text - change_column_without_limit_filter(table_name, column_name, type, options) - end - - alias_method_chain :add_column, :limit_filter - alias_method_chain :change_column, :limit_filter end end -- cgit v1.2.1 From 52ee85e7bf35d372285d70cc93016854774839b1 Mon Sep 17 00:00:00 2001 From: Jacob Vosmaer Date: Fri, 30 Sep 2016 12:27:43 +0200 Subject: Initialize Redis pool in single-threaded context This side-steps the need for mutexes and whatnot. --- config/initializers/7_redis.rb | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 config/initializers/7_redis.rb (limited to 'config/initializers') diff --git a/config/initializers/7_redis.rb b/config/initializers/7_redis.rb new file mode 100644 index 00000000000..ae2ca258df1 --- /dev/null +++ b/config/initializers/7_redis.rb @@ -0,0 +1,3 @@ +# Make sure we initialize a Redis connection pool before Sidekiq starts +# multi-threaded execution. +Gitlab::Redis.with { nil } -- cgit v1.2.1 From 74c8e091f40c29a59b99bf7864b9fee303c68e50 Mon Sep 17 00:00:00 2001 From: Fu Xu Date: Fri, 2 Sep 2016 16:57:08 +0800 Subject: add configurable email subject suffix --- config/initializers/1_settings.rb | 1 + 1 file changed, 1 insertion(+) (limited to 'config/initializers') diff --git a/config/initializers/1_settings.rb b/config/initializers/1_settings.rb index 195108b921b..c5ed2162c92 100644 --- a/config/initializers/1_settings.rb +++ b/config/initializers/1_settings.rb @@ -186,6 +186,7 @@ Settings.gitlab['email_enabled'] ||= true if Settings.gitlab['email_enabled'].ni Settings.gitlab['email_from'] ||= ENV['GITLAB_EMAIL_FROM'] || "gitlab@#{Settings.gitlab.host}" Settings.gitlab['email_display_name'] ||= ENV['GITLAB_EMAIL_DISPLAY_NAME'] || 'GitLab' Settings.gitlab['email_reply_to'] ||= ENV['GITLAB_EMAIL_REPLY_TO'] || "noreply@#{Settings.gitlab.host}" +Settings.gitlab['email_subject_suffix'] ||= ENV['GITLAB_EMAIL_SUBJECT_SUFFIX'] || "" Settings.gitlab['base_url'] ||= Settings.send(:build_base_gitlab_url) Settings.gitlab['url'] ||= Settings.send(:build_gitlab_url) Settings.gitlab['user'] ||= 'git' -- cgit v1.2.1 From 437bebb0ff6e7deba6fd157ec6b55112e125731f Mon Sep 17 00:00:00 2001 From: Jacob Vosmaer Date: Tue, 4 Oct 2016 16:35:41 +0200 Subject: Don't send Private-Token headers to Sentry Fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/22537 --- config/initializers/sentry.rb | 2 ++ 1 file changed, 2 insertions(+) (limited to 'config/initializers') diff --git a/config/initializers/sentry.rb b/config/initializers/sentry.rb index 5892c1de024..4f30d1265c8 100644 --- a/config/initializers/sentry.rb +++ b/config/initializers/sentry.rb @@ -18,6 +18,8 @@ if Rails.env.production? # Sanitize fields based on those sanitized from Rails. config.sanitize_fields = Rails.application.config.filter_parameters.map(&:to_s) + # Sanitize authentication headers + config.sanitize_http_headers = %w[Authorization Private-Token] config.tags = { program: Gitlab::Sentry.program_context } end end -- cgit v1.2.1 From fe46e4eb35dd6728a8a5ebcee9cc05a4613effbf Mon Sep 17 00:00:00 2001 From: Justin DiPierro Date: Thu, 29 Sep 2016 12:46:54 -0400 Subject: Load Github::Shell's secret token from file on initialization instead of every request. --- config/initializers/gitlab_shell_secret_token.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'config/initializers') diff --git a/config/initializers/gitlab_shell_secret_token.rb b/config/initializers/gitlab_shell_secret_token.rb index 7454c33c9dd..529dcdd4644 100644 --- a/config/initializers/gitlab_shell_secret_token.rb +++ b/config/initializers/gitlab_shell_secret_token.rb @@ -1 +1 @@ -Gitlab::Shell.new.generate_and_link_secret_token +Gitlab::Shell.ensure_secret_token! -- cgit v1.2.1 From 5766e0661dd39198bdafeb53678830df4c3c5e3e Mon Sep 17 00:00:00 2001 From: Nick Thomas Date: Thu, 6 Oct 2016 19:14:57 +0100 Subject: Memoize ActiveRecord::Migrator.migrations in tests --- config/initializers/ar_speed_up_migration_checking.rb | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) create mode 100644 config/initializers/ar_speed_up_migration_checking.rb (limited to 'config/initializers') diff --git a/config/initializers/ar_speed_up_migration_checking.rb b/config/initializers/ar_speed_up_migration_checking.rb new file mode 100644 index 00000000000..1fe5defc01d --- /dev/null +++ b/config/initializers/ar_speed_up_migration_checking.rb @@ -0,0 +1,18 @@ +if Rails.env.test? + require 'active_record/migration' + + module ActiveRecord + class Migrator + class << self + alias_method :migrations_unmemoized, :migrations + + # This method is called a large number of times per rspec example, and + # it reads + parses `db/migrate/*` each time. Memoizing it can save 0.5 + # seconds per spec. + def migrations(paths) + @migrations ||= migrations_unmemoized(paths) + end + end + end + end +end -- cgit v1.2.1 From e94cd6fdfe43d9128d37a539cf84f4388c5cf970 Mon Sep 17 00:00:00 2001 From: Nick Thomas Date: Thu, 6 Oct 2016 22:17:11 +0100 Subject: Add markdown cache columns to the database, but don't use them yet This commit adds a number of _html columns and, with the exception of Note, starts updating them whenever the content of their partner fields changes. Note has a collision with the note_html attr_accessor; that will be fixed later A background worker for clearing these cache columns is also introduced - use `rake cache:clear` to set it off. You can clear the database or Redis caches separately by running `rake cache:clear:db` or `rake cache:clear:redis`, respectively. --- config/initializers/ar5_batching.rb | 41 +++++++++++++++++++++++++++++++++++++ 1 file changed, 41 insertions(+) create mode 100644 config/initializers/ar5_batching.rb (limited to 'config/initializers') diff --git a/config/initializers/ar5_batching.rb b/config/initializers/ar5_batching.rb new file mode 100644 index 00000000000..35e8b3808e2 --- /dev/null +++ b/config/initializers/ar5_batching.rb @@ -0,0 +1,41 @@ +# Port ActiveRecord::Relation#in_batches from ActiveRecord 5. +# https://github.com/rails/rails/blob/ac027338e4a165273607dccee49a3d38bc836794/activerecord/lib/active_record/relation/batches.rb#L184 +# TODO: this can be removed once we're using AR5. +raise "Vendored ActiveRecord 5 code! Delete #{__FILE__}!" if ActiveRecord::VERSION::MAJOR >= 5 + +module ActiveRecord + module Batches + # Differences from upstream: enumerator support was removed, and custom + # order/limit clauses are ignored without a warning. + def in_batches(of: 1000, start: nil, finish: nil, load: false) + raise "Must provide a block" unless block_given? + + relation = self.reorder(batch_order).limit(of) + relation = relation.where(arel_table[primary_key].gteq(start)) if start + relation = relation.where(arel_table[primary_key].lteq(finish)) if finish + batch_relation = relation + + loop do + if load + records = batch_relation.records + ids = records.map(&:id) + yielded_relation = self.where(primary_key => ids) + yielded_relation.load_records(records) + else + ids = batch_relation.pluck(primary_key) + yielded_relation = self.where(primary_key => ids) + end + + break if ids.empty? + + primary_key_offset = ids.last + raise ArgumentError.new("Primary key not included in the custom select clause") unless primary_key_offset + + yield yielded_relation + + break if ids.length < of + batch_relation = relation.where(arel_table[primary_key].gt(primary_key_offset)) + end + end + end +end -- cgit v1.2.1 From 237c8f66e6608420629503280aaea555ee980022 Mon Sep 17 00:00:00 2001 From: Yorick Peterse Date: Fri, 7 Oct 2016 15:24:09 +0200 Subject: Precalculate trending projects This commit introduces a Sidekiq worker that precalculates the list of trending projects on a daily basis. The resulting set is stored in a database table that is then queried by Project.trending. This setup means that Unicorn workers no longer _may_ have to calculate the list of trending projects. Furthermore it supports filtering without any complex caching mechanisms. The data in the "trending_projects" table is inserted in the same order as the project ranking. This means that getting the projects in the correct order is simply a matter of: SELECT projects.* FROM projects INNER JOIN trending_projects ON trending_projects.project_id = projects.id ORDER BY trending_projects.id ASC; Such a query will only take a few milliseconds at most (as measured on GitLab.com), opposed to a few seconds for the query used for calculating the project ranks. The migration in this commit does not require downtime and takes care of populating an initial list of trending projects. --- config/initializers/1_settings.rb | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'config/initializers') diff --git a/config/initializers/1_settings.rb b/config/initializers/1_settings.rb index c5ed2162c92..efe0ac9c965 100644 --- a/config/initializers/1_settings.rb +++ b/config/initializers/1_settings.rb @@ -304,6 +304,10 @@ Settings.cron_jobs['prune_old_events_worker'] ||= Settingslogic.new({}) Settings.cron_jobs['prune_old_events_worker']['cron'] ||= '* */6 * * *' Settings.cron_jobs['prune_old_events_worker']['job_class'] = 'PruneOldEventsWorker' +Settings.cron_jobs['trending_projects_worker'] ||= Settingslogic.new({}) +Settings.cron_jobs['trending_projects_worker']['cron'] = '0 1 * * *' +Settings.cron_jobs['trending_projects_worker']['job_class'] = 'TrendingProjectsWorker' + # # GitLab Shell # -- cgit v1.2.1 From 5c5259335f8bcc4de117c1e36648a269911281fb Mon Sep 17 00:00:00 2001 From: Sean McGivern Date: Thu, 1 Sep 2016 11:39:37 +0100 Subject: Add instrumentation to conflict classes --- config/initializers/metrics.rb | 1 + 1 file changed, 1 insertion(+) (limited to 'config/initializers') diff --git a/config/initializers/metrics.rb b/config/initializers/metrics.rb index be22085b0df..3b8771543e4 100644 --- a/config/initializers/metrics.rb +++ b/config/initializers/metrics.rb @@ -67,6 +67,7 @@ if Gitlab::Metrics.enabled? ['app', 'finders'] => ['app', 'finders'], ['app', 'mailers', 'emails'] => ['app', 'mailers'], ['app', 'services', '**'] => ['app', 'services'], + ['lib', 'gitlab', 'conflicts'] => ['lib'], ['lib', 'gitlab', 'diff'] => ['lib'], ['lib', 'gitlab', 'email', 'message'] => ['lib'], ['lib', 'gitlab', 'checks'] => ['lib'] -- cgit v1.2.1 From 17a97ef2fa3ee3aba31b401001a1f0f9744fbf12 Mon Sep 17 00:00:00 2001 From: Frank Groeneveld Date: Fri, 28 Oct 2016 19:39:20 +0200 Subject: Remove unreferenced LFS objects from DB and fs --- config/initializers/1_settings.rb | 3 +++ 1 file changed, 3 insertions(+) (limited to 'config/initializers') diff --git a/config/initializers/1_settings.rb b/config/initializers/1_settings.rb index efe0ac9c965..9fec2ad6bf7 100644 --- a/config/initializers/1_settings.rb +++ b/config/initializers/1_settings.rb @@ -307,6 +307,9 @@ Settings.cron_jobs['prune_old_events_worker']['job_class'] = 'PruneOldEventsWork Settings.cron_jobs['trending_projects_worker'] ||= Settingslogic.new({}) Settings.cron_jobs['trending_projects_worker']['cron'] = '0 1 * * *' Settings.cron_jobs['trending_projects_worker']['job_class'] = 'TrendingProjectsWorker' +Settings.cron_jobs['remove_unreferenced_lfs_objects_worker'] ||= Settingslogic.new({}) +Settings.cron_jobs['remove_unreferenced_lfs_objects_worker']['cron'] ||= '20 0 * * *' +Settings.cron_jobs['remove_unreferenced_lfs_objects_worker']['job_class'] = 'RemoveUnreferencedLfsObjectsWorker' # # GitLab Shell -- cgit v1.2.1 From 83c8241160ed48ab066e2c5bd58d0914a745197c Mon Sep 17 00:00:00 2001 From: Yorick Peterse Date: Thu, 27 Oct 2016 14:36:53 +0200 Subject: Support for post deployment migrations These are regular Rails migrations that are executed by default. A user can opt-out of these migrations by setting an environment variable during the deployment process. Fixes gitlab-org/gitlab-ce#22133 --- config/initializers/0_post_deployment_migrations.rb | 12 ++++++++++++ 1 file changed, 12 insertions(+) create mode 100644 config/initializers/0_post_deployment_migrations.rb (limited to 'config/initializers') diff --git a/config/initializers/0_post_deployment_migrations.rb b/config/initializers/0_post_deployment_migrations.rb new file mode 100644 index 00000000000..0068a03d214 --- /dev/null +++ b/config/initializers/0_post_deployment_migrations.rb @@ -0,0 +1,12 @@ +# Post deployment migrations are included by default. This file must be loaded +# before other initializers as Rails may otherwise memoize a list of migrations +# excluding the post deployment migrations. +unless ENV['SKIP_POST_DEPLOYMENT_MIGRATIONS'] + path = Rails.root.join('db', 'post_migrate').to_s + + Rails.application.config.paths['db/migrate'] << path + + # Rails memoizes migrations at certain points where it won't read the above + # path just yet. As such we must also update the following list of paths. + ActiveRecord::Migrator.migrations_paths << path +end -- cgit v1.2.1 From cde3963dae470b1c785b142851ed870355ecc67b Mon Sep 17 00:00:00 2001 From: Stan Hu Date: Tue, 1 Nov 2016 00:37:13 -0700 Subject: Initialize Sidekiq with the list of queues used by GitLab The Sidekiq client API adds an entry to the Sidekiq "queues" list, but mail_room and gitlab-shell use redis-rb directly to insert jobs into Redis and thus do not make an extra "sadd" call to Redis each time a job is inserted. To make it possible to monitor these queues via the API, add an initialization step to set up the list at startup. Closes gitlab-com/infrastructure#682 --- config/initializers/sidekiq.rb | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) (limited to 'config/initializers') diff --git a/config/initializers/sidekiq.rb b/config/initializers/sidekiq.rb index f7e714cd6bc..0455a98dbfe 100644 --- a/config/initializers/sidekiq.rb +++ b/config/initializers/sidekiq.rb @@ -42,3 +42,19 @@ end Sidekiq.configure_client do |config| config.redis = redis_config_hash end + +# The Sidekiq client API always adds the queue to the Sidekiq queue +# list, but mail_room and gitlab-shell do not. This is only necessary +# for monitoring. +config = YAML.load_file(Rails.root.join('config', 'sidekiq_queues.yml').to_s) + +begin + Sidekiq.redis do |conn| + conn.pipelined do + config[:queues].each do |queue| + conn.sadd('queues', queue[0]) + end + end + end +rescue Redis::BaseError, SocketError +end -- cgit v1.2.1 From d498ec98e0286efecd70040180c69c2002f9ed78 Mon Sep 17 00:00:00 2001 From: Drew Blessing Date: Fri, 4 Nov 2016 14:48:05 -0500 Subject: Set default Sidekiq retries to 3 By default, Sidekiq will retry 25 times with an exponential backoff. This may result in jobs retrying for up to 21 days. Most Sidekiq failures occur when attempting to connect to external services - Project service hooks, web hooks, mailers, mirror updates, etc. We should set a default retry of 3, and if that's not sufficient individual workers can override this in the worker class. --- config/initializers/sidekiq.rb | 3 +++ 1 file changed, 3 insertions(+) (limited to 'config/initializers') diff --git a/config/initializers/sidekiq.rb b/config/initializers/sidekiq.rb index 0455a98dbfe..023af2af23c 100644 --- a/config/initializers/sidekiq.rb +++ b/config/initializers/sidekiq.rb @@ -2,6 +2,9 @@ redis_config_hash = Gitlab::Redis.params redis_config_hash[:namespace] = Gitlab::Redis::SIDEKIQ_NAMESPACE +# Default is to retry 25 times with exponential backoff. That's too much. +Sidekiq.default_worker_options = { retry: 3 } + Sidekiq.configure_server do |config| config.redis = redis_config_hash -- cgit v1.2.1 From 41990128a33c268f3af2db80f4ac224802ac8b76 Mon Sep 17 00:00:00 2001 From: Dmitriy Zaporozhets Date: Mon, 7 Nov 2016 17:14:34 +0200 Subject: Refactor project routing * split on multiple files * improve routing order Signed-off-by: Dmitriy Zaporozhets --- config/initializers/routing_draw.rb | 7 +++++++ 1 file changed, 7 insertions(+) create mode 100644 config/initializers/routing_draw.rb (limited to 'config/initializers') diff --git a/config/initializers/routing_draw.rb b/config/initializers/routing_draw.rb new file mode 100644 index 00000000000..25003cf0239 --- /dev/null +++ b/config/initializers/routing_draw.rb @@ -0,0 +1,7 @@ +# Adds draw method into Rails routing +# It allows us to keep routing splitted into files +class ActionDispatch::Routing::Mapper + def draw(routes_name) + instance_eval(File.read(Rails.root.join("config/routes/#{routes_name}.rb"))) + end +end -- cgit v1.2.1 From 9e2964c15a7d387e46e25c83afa478c12a856d77 Mon Sep 17 00:00:00 2001 From: Patricio Cano Date: Fri, 4 Nov 2016 12:53:12 -0600 Subject: Allow certain Sidekiq jobs to be throttled --- config/initializers/sidekiq.rb | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) (limited to 'config/initializers') diff --git a/config/initializers/sidekiq.rb b/config/initializers/sidekiq.rb index 023af2af23c..6e660a8c026 100644 --- a/config/initializers/sidekiq.rb +++ b/config/initializers/sidekiq.rb @@ -1,3 +1,6 @@ +require 'gitlab/current_settings' +include Gitlab::CurrentSettings + # Custom Redis configuration redis_config_hash = Gitlab::Redis.params redis_config_hash[:namespace] = Gitlab::Redis::SIDEKIQ_NAMESPACE @@ -29,6 +32,19 @@ Sidekiq.configure_server do |config| end Sidekiq::Cron::Job.load_from_hash! cron_jobs + # allow it to fail: it may do so when create_from_defaults is executed before migrations are actually done + begin + throttling_enabled = current_application_settings.sidekiq_throttling_enabled + rescue + throttling_enabled = false + end + + if throttling_enabled + { 'project_cache' => 0.1, 'pipeline' => 0.1 }.each do |queue, ratio| + Sidekiq::Queue[queue].limit = (ratio * Sidekiq.options[:concurrency]).ceil + end + end + # Database pool should be at least `sidekiq_concurrency` + 2 # For more info, see: https://github.com/mperham/sidekiq/blob/master/4.0-Upgrade.md config = ActiveRecord::Base.configurations[Rails.env] || -- cgit v1.2.1 From b95216aabadb336e4ed8cdc01f69e873f47f10d0 Mon Sep 17 00:00:00 2001 From: Patricio Cano Date: Fri, 4 Nov 2016 16:54:24 -0600 Subject: Allow the Sidekiq queues to throttle and the factor by which to throttle them to be configurable --- config/initializers/sidekiq.rb | 16 ++++------------ 1 file changed, 4 insertions(+), 12 deletions(-) (limited to 'config/initializers') diff --git a/config/initializers/sidekiq.rb b/config/initializers/sidekiq.rb index 6e660a8c026..7cc5e396f98 100644 --- a/config/initializers/sidekiq.rb +++ b/config/initializers/sidekiq.rb @@ -1,6 +1,3 @@ -require 'gitlab/current_settings' -include Gitlab::CurrentSettings - # Custom Redis configuration redis_config_hash = Gitlab::Redis.params redis_config_hash[:namespace] = Gitlab::Redis::SIDEKIQ_NAMESPACE @@ -32,16 +29,11 @@ Sidekiq.configure_server do |config| end Sidekiq::Cron::Job.load_from_hash! cron_jobs - # allow it to fail: it may do so when create_from_defaults is executed before migrations are actually done - begin - throttling_enabled = current_application_settings.sidekiq_throttling_enabled - rescue - throttling_enabled = false - end + if Gitlab::CurrentSettings.sidekiq_throttling_enabled? + factor = current_application_settings.sidekiq_throttling_factor - if throttling_enabled - { 'project_cache' => 0.1, 'pipeline' => 0.1 }.each do |queue, ratio| - Sidekiq::Queue[queue].limit = (ratio * Sidekiq.options[:concurrency]).ceil + current_application_settings.sidekiq_throttling_queues.each do |queue| + Sidekiq::Queue[queue].limit = (factor * Sidekiq.options[:concurrency]).ceil end end -- cgit v1.2.1 From 208530494e5d2c5c62a3e1c24489aae0e4935e3a Mon Sep 17 00:00:00 2001 From: Patricio Cano Date: Tue, 8 Nov 2016 16:31:37 -0600 Subject: Refactored initializer code to its own class and added tests --- config/initializers/sidekiq.rb | 8 +------- 1 file changed, 1 insertion(+), 7 deletions(-) (limited to 'config/initializers') diff --git a/config/initializers/sidekiq.rb b/config/initializers/sidekiq.rb index 7cc5e396f98..b87b31d9697 100644 --- a/config/initializers/sidekiq.rb +++ b/config/initializers/sidekiq.rb @@ -29,13 +29,7 @@ Sidekiq.configure_server do |config| end Sidekiq::Cron::Job.load_from_hash! cron_jobs - if Gitlab::CurrentSettings.sidekiq_throttling_enabled? - factor = current_application_settings.sidekiq_throttling_factor - - current_application_settings.sidekiq_throttling_queues.each do |queue| - Sidekiq::Queue[queue].limit = (factor * Sidekiq.options[:concurrency]).ceil - end - end + Gitlab::SidekiqThrottler.execute! # Database pool should be at least `sidekiq_concurrency` + 2 # For more info, see: https://github.com/mperham/sidekiq/blob/master/4.0-Upgrade.md -- cgit v1.2.1 From 0803a350b09d2c80a7ff1c2d1e17712989b7a0c2 Mon Sep 17 00:00:00 2001 From: Josep Llaneras Date: Wed, 12 Oct 2016 01:22:09 +0200 Subject: Issue #13823: random message when all Todos are Done --- config/initializers/1_settings.rb | 1 + 1 file changed, 1 insertion(+) (limited to 'config/initializers') diff --git a/config/initializers/1_settings.rb b/config/initializers/1_settings.rb index 9fec2ad6bf7..9ddd1554811 100644 --- a/config/initializers/1_settings.rb +++ b/config/initializers/1_settings.rb @@ -215,6 +215,7 @@ Settings.gitlab.default_projects_features['visibility_level'] = Settings.send( Settings.gitlab['domain_whitelist'] ||= [] Settings.gitlab['import_sources'] ||= %w[github bitbucket gitlab google_code fogbugz git gitlab_project] Settings.gitlab['trusted_proxies'] ||= [] +Settings.gitlab['no_todos_messages'] ||= YAML.load_file(Rails.root.join('config', 'no_todos_messages.yml')) # # CI -- cgit v1.2.1 From c50b98da723dab9a35ddb2cde0258d141cf92495 Mon Sep 17 00:00:00 2001 From: Drew Blessing Date: Fri, 11 Nov 2016 14:44:08 -0600 Subject: Centralize LDAP config/filter logic Centralize all LDAP config logic in `GitLab::LDAP::Config`. Previously, some logic was in the Devise initializer and it was not honoring the `user_filter`. If a user outside the configured `user_filter` signed in, an account would be created but they would then be denied access. Now that logic is centralized, the filter is honored and users outside the filter are never created. --- config/initializers/devise.rb | 19 +++---------------- 1 file changed, 3 insertions(+), 16 deletions(-) (limited to 'config/initializers') diff --git a/config/initializers/devise.rb b/config/initializers/devise.rb index a0a8f88584c..f06c4d4ecf2 100644 --- a/config/initializers/devise.rb +++ b/config/initializers/devise.rb @@ -213,22 +213,9 @@ Devise.setup do |config| end if Gitlab::LDAP::Config.enabled? - Gitlab.config.ldap.servers.values.each do |server| - if server['allow_username_or_email_login'] - email_stripping_proc = ->(name) {name.gsub(/@.*\z/, '')} - else - email_stripping_proc = ->(name) {name} - end - - config.omniauth server['provider_name'], - host: server['host'], - base: server['base'], - uid: server['uid'], - port: server['port'], - method: server['method'], - bind_dn: server['bind_dn'], - password: server['password'], - name_proc: email_stripping_proc + Gitlab::LDAP::Config.providers.each do |provider| + ldap_config = Gitlab::LDAP::Config.new(provider) + config.omniauth(provider, ldap_config.omniauth_options) end end -- cgit v1.2.1 From 067da6224ef2cc53ae4ac38e3f3d1c99d1a97f96 Mon Sep 17 00:00:00 2001 From: Brian Neel Date: Thu, 10 Nov 2016 20:14:54 -0500 Subject: fix shibboleth misconfigurations resulting in authentication bypass --- config/initializers/devise.rb | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'config/initializers') diff --git a/config/initializers/devise.rb b/config/initializers/devise.rb index a0a8f88584c..a5b415457db 100644 --- a/config/initializers/devise.rb +++ b/config/initializers/devise.rb @@ -254,6 +254,10 @@ Devise.setup do |config| end end + if provider['name'] == 'shibboleth' + provider['args'][:fail_with_empty_uid] = true + end + # A Hash from the configuration will be passed as is. provider_arguments << provider['args'].symbolize_keys end -- cgit v1.2.1 From e14bb160ac8756d663a1397de4482f02fd738e1e Mon Sep 17 00:00:00 2001 From: Brian Neel Date: Fri, 18 Nov 2016 13:45:52 -0500 Subject: Add logging for rack attack events --- config/initializers/rack_attack_logging.rb | 7 +++++++ 1 file changed, 7 insertions(+) create mode 100644 config/initializers/rack_attack_logging.rb (limited to 'config/initializers') diff --git a/config/initializers/rack_attack_logging.rb b/config/initializers/rack_attack_logging.rb new file mode 100644 index 00000000000..8bb9ea29c33 --- /dev/null +++ b/config/initializers/rack_attack_logging.rb @@ -0,0 +1,7 @@ +# Adds logging for all Rack Attack blocks and throttling events. + +ActiveSupport::Notifications.subscribe('rack.attack') do |name, start, finish, request_id, req| + if [:throttle, :blacklist].include? req.env['rack.attack.match_type'] + Rails.logger.info("Rack_Attack: #{req.env['rack.attack.match_type']} #{req.ip} #{req.request_method} #{req.fullpath}") + end +end -- cgit v1.2.1