1. 04 Mar, 2019 3 commits
    • Nick Thomas's avatar
      sidekiq: terminate child processes at shutdown · f0c52df5
      Nick Thomas authored
      Sidekiq jobs frequently spawn long-lived child processes to do work.
      In some circumstances, these can be reparented to init when sidekiq is
      terminated, leading to duplication of work and strange concurrency
      This commit changes sidekiq so that, if run as a process group leader,
      it will forward `INT` and `TERM` signals to the whole process group. If
      the memory killer is active, it will also use the process group when
      resorting to `kill -9` to shut down.
      These changes mean that a naive `kill <pid-of-sidekiq>` will now do the
      right thing, killing any child processes spawned by sidekiq, as long as
      the process supervisor placed it in its own process group.
      If sidekiq isn't a process group leader, this new code is skipped.
    • Drew Blessing's avatar
      Allow raw `tls_options` to be passed in LDAP configuration · f6350fac
      Drew Blessing authored
      We've previously exposed ca_file and ssl_version but there are many
      possible options that can be used inside tls_options. Instead of
      exposing individual ones, simply expose the entire hash so it can
      be passed in and we won't have to add things in the future.
    • Bob Van Landuyt's avatar
      Types::BaseField accepts authorize after reload · 58aaa766
      Bob Van Landuyt authored
      When working on files in `app/graphql` the code correctly gets
      However, the redefined `Types::BaseField` would never receive the
      `.accepts_definition` call, causing all queries after a reload to
      fail. Calling `.accepts_definition` on its superclass makes sure the
      reloaded version also has the `authorize` definition specified.
  2. 01 Mar, 2019 6 commits
  3. 28 Feb, 2019 2 commits
  4. 27 Feb, 2019 3 commits
  5. 25 Feb, 2019 2 commits
    • Luke Duncalfe's avatar
      Improve GraphQL Authorization DSL · ccb4edbc
      Luke Duncalfe authored
      Previously GraphQL field authorization happened like this:
          class ProjectType
            field :my_field, MyFieldType do
              authorize :permission
      This change allowed us to authorize like this instead:
          class ProjectType
            field :my_field, MyFieldType, authorize: :permission
      A new initializer registers the `authorize` metadata keyword on GraphQL
      Schema Objects and Fields, and we can collect this data within the
      context of Instrumentation like this:
      The previous functionality of authorize is still being used for
      mutations, as the #authorize method here is called at during the code
      that executes during the mutation, rather than when a field resolves.
    • Thong Kuah's avatar
      Turn on backtrace for sidekiq in development · f09399fc
      Thong Kuah authored
      This enables easier debugging in GDK
  6. 22 Feb, 2019 1 commit
  7. 20 Feb, 2019 1 commit
  8. 19 Feb, 2019 1 commit
  9. 15 Feb, 2019 1 commit
    • Simon Knox's avatar
      Only load selected syntax highlight CSS · 5996fd14
      Simon Knox authored
      Compile highlight CSS separately
      Move highlight-specific mixins out of mixins.scss
      Rename solarized themes to match theme name as this was a smaller
      change than changing all instances to snake_case
  10. 14 Feb, 2019 2 commits
  11. 13 Feb, 2019 1 commit
    • Luke Bennett's avatar
      Improve the GitHub and Gitea import feature table interface · 534a6117
      Luke Bennett authored
      These are backend changes.
      Use Vue for the import feature UI for "githubish"
      providers (GitHub and Gitea).
      Add "Go to project" button after a successful import.
      Use CI-style status icons and improve spacing of the
      table and its component.
      Adds ETag polling to the github and gitea import
      jobs endpoint.
  12. 12 Feb, 2019 1 commit
    • Stan Hu's avatar
      Log queue duration in production_json.log · 51ca7922
      Stan Hu authored
      `queue_duration` is a useful metric that is currently in api_json.log
      but not in production_json.log. We should add it because it tells us how
      long the request sat in Workhorse before Unicorn processed it. Having
      this field enables the support team to better troubleshoot when delays
      began to happen.
  13. 10 Feb, 2019 1 commit
    • Peter Leitzen's avatar
      Fix error when reloading code in Sidekiq · 1931c3ef
      Peter Leitzen authored
      This commit fixes the following error in development:
          ArgumentError: A copy of Gitlab::Metrics::Transaction has been
          removed from the module tree but is still active!
  14. 08 Feb, 2019 2 commits
    • Nick Thomas's avatar
      Remove HipChat integration from GitLab · a5378665
      Nick Thomas authored
    • Andrew Newdigate's avatar
      Provide a performance bar link to the Jaeger UI · 48bcd524
      Andrew Newdigate authored
      Jaeger is a distributed tracing tool. This change adds a "Tracing" link
      to the performance bar to directly link to a current request in Jaeger.
      This is useful for two reasons: 1 - it provides affordance to developers
      that the distributed tracing tool is available, so that it can quickly
      be discovered. 2 - it allows developers to quickly find a specific trace
      without having to manually navigate to a second user-interface.
  15. 06 Feb, 2019 3 commits
  16. 05 Feb, 2019 4 commits
  17. 02 Feb, 2019 1 commit
  18. 31 Jan, 2019 1 commit
    • Stan Hu's avatar
      Alias GitHub and BitBucket OAuth2 callback URLs · 88f2e961
      Stan Hu authored
      To prevent an OAuth2 covert redirect vulnerability, this commit adds and
      uses an alias for the GitHub and BitBucket OAuth2 callback URLs to the
      following paths:
      GitHub: /users/auth/-/import/github
      Bitbucket: /users/auth/-/import/bitbucket
      This allows admins to put a more restrictive callback URL in the OAuth2
      configuration settings. Instead of https://example.com, admins can now use:
      It's possible but not trivial to change Devise and OmniAuth to use a
      different prefix for callback URLs instead of /users/auth. For now,
      aliasing the import URLs under the /users/auth namespace should suffice.
      Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/56663
  19. 30 Jan, 2019 2 commits
  20. 25 Jan, 2019 2 commits
    • Gabriel Mazetto's avatar
      Refactor Storage Migration · 7bc16889
      Gabriel Mazetto authored
      Specs were reviewed and improved to better cover the current behavior.
      There was some standardization done as well to facilitate the
      implementation of the rollback functionality.
      StorageMigratorWorker was extracted to HashedStorage namespace were
      RollbackerWorker will live one as well.
    • Kamil Trzciński's avatar
      Add Container Registry API · 045d07ba
      Kamil Trzciński authored
      This includes a set of APIs to manipulate container registry.
      This includes also an ability to delete tags based on requested
      criteria, like keep-last-n, matching-name, older-than.