Skip to content

GitLab

Commit edb06ab2 authored by 徐豪's avatar 徐豪
Browse files

init

parents
Hide whitespace changes
Inline Side-by-side
Showing with 1183 additions and 0 deletions

Too many changes to show.

To preserve performance only 532 of 532+ files are displayed.
Plain diff Email patch
config/templates/gitlab-backup-cli/gitlab_backup_cli_wrapper.erb 0 → 100644
View file @ edb06ab2
#!/usr/bin/env bash
set -euo pipefail
# Export the environment variables
PATH="/opt/gitlab/embedded/bin${PATH+:}${PATH}"
export PATH
export GITLAB_BACKUP_CLI_CONFIG_FILE="<%= install_dir %>/etc/gitlab-backup-cli-config.yml"
gitlab_backup_cli="<%= install_dir %>/embedded/service/gitlab-rails/bin/gitlab-backup-cli"
error_echo()
{
echo "$1" >&2
}
if [[ ! -f ${gitlab_backup_cli} ]] ; then
error_echo "$0 error: could not load ${gitlab_backup_cli}"
error_echo "Either you are not allowed to execute the binary, or it does not exist yet."
error_echo "You can generate it with: sudo gitlab-ctl reconfigure"
exit 1
fi
# Executes the gitlab-backup-cli tool with embedded ruby
"${gitlab_backup_cli}" "${@}"
config/templates/gitlab-cookbooks/cookbook_packages_default.erb 0 → 100644
View file @ edb06ab2
#
# Copyright:: Copyright (c) 2012 Opscode, Inc.
# Copyright:: Copyright (c) 2015 GitLab B.V.
# License:: Apache License, Version 2.0
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
# Package attributes
# Default location of install-dir is /opt/gitlab/. This path is set during build time.
# DO NOT change this value unless you are building your own GitLab packages
default['package']['install-dir'] = "<%= install_dir %>"
config/templates/gitlab-cookbooks/dna.json.erb 0 → 100644
View file @ edb06ab2
{
"run_list": [ "recipe[<%= master_cookbook %>]" ],
"package": {
"public_attributes": true
}
}
config/templates/gitlab-cookbooks/geo-postgresql-config.json.erb 0 → 100644
View file @ edb06ab2
{
"run_list": [
"recipe[<%= master_cookbook %>::config]",
"recipe[gitlab-ee::geo-postgresql]"
]
}
config/templates/gitlab-cookbooks/patroni-config.json.erb 0 → 100644
View file @ edb06ab2
{
"run_list": [
"recipe[<%= master_cookbook %>::config]",
"recipe[postgresql::enable]",
"recipe[patroni::enable]"
]
}
config/templates/gitlab-cookbooks/pg-upgrade-config.json.erb 0 → 100644
View file @ edb06ab2
{
"run_list": [ "recipe[<%= master_cookbook %>]" ],
"package": {
"public_attributes": true
},
"postgresql": {
"auto_restart_on_version_change": false
},
"gitlab": {
"geo-postgresql": {
"auto_restart_on_version_change": false
}
}
}
config/templates/gitlab-cookbooks/postgresql-bin.json.erb 0 → 100644
View file @ edb06ab2
{
"run_list": [
"recipe[<%= master_cookbook %>::config]",
"recipe[postgresql::bin]"
]
}
config/templates/gitlab-cookbooks/postgresql-config.json.erb 0 → 100644
View file @ edb06ab2
{
"run_list": [
"recipe[<%= master_cookbook %>::config]",
"recipe[postgresql::enable]"
]
}
config/templates/gitlab-rails/bundle_exec_wrapper.erb 0 → 100644
View file @ edb06ab2
#!/bin/sh
# Unset ENV variables that might interfere with
# omnibus-gitlab ruby env (looking at you rvm, and bundler)
for ruby_env_var in RUBYOPT \
RUBYLIB \
BUNDLE_BIN_PATH \
BUNDLE_GEMFILE \
GEM_PATH \
GEM_HOME
do
unset $ruby_env_var
done
error_echo()
{
echo "$1" 2>& 1
}
gitlab_rails_rc='<%= install_dir %>/etc/gitlab-rails-rc'
if ! [ -f ${gitlab_rails_rc} ] ; then
error_echo "$0 error: could not load ${gitlab_rails_rc}"
error_echo "Either you are not allowed to read the file, or it does not exist yet."
error_echo "You can generate it with: sudo gitlab-ctl reconfigure"
exit 1
fi
. ${gitlab_rails_rc}
cd <%= install_dir %>/embedded/service/gitlab-rails
if [ -n "$NO_PRIVILEGE_DROP" ]; then
privilege_drop=''
elif [ "$(id -n -u)" = "${gitlab_user}" ] ; then
# We are already running at the intended privilege; don't try to drop
# privileges again because only root can do that (and we are apparently not
# root!).
privilege_drop=''
else
privilege_drop="-u ${gitlab_user}:${gitlab_group}"
fi
# Suppress one-line pattern matching warnings: https://gitlab.com/gitlab-org/gitlab/-/issues/420811
rubyopt="RUBYOPT=-W:no-experimental"
exec <%= install_dir %>/embedded/bin/chpst -e <%= install_dir %>/etc/gitlab-rails/env ${privilege_drop} -U ${gitlab_user}:${gitlab_group} /usr/bin/env ${rubyopt} <%= install_dir %>/embedded/bin/bundle exec <%= command %>
config/templates/gitlab-rails/gem_license_generator.erb 0 → 100644
View file @ edb06ab2
#!/opt/gitlab/embedded/bin/ruby
require 'find'
gem_dir = `<%= install_dir %>/embedded/bin/gem environment gemdir`
gems_directory = File.join(gem_dir.chomp, 'gems')
compiled_licenses_file = "<%= license_file %>"
license_path_list = []
Find.find(gems_directory) do |path|
begin
next if File.directory?(path)
base_name = File.basename(path)
next if ['.rb', '.yml'].include? File.extname(base_name)
if base_name.downcase.include?('license') || base_name.downcase.include?('licence') || base_name.downcase.include?('copying')
license_path_list << path
full_path = path.dup
path.slice!(gems_directory)
license_text = File.read(full_path)
output = ">>> #{path} \n\n #{license_text} \n\n"
File.open(compiled_licenses_file, 'a') { |f| f.write(output)}
end
rescue
puts "Error with #{path}"
end
end
config/templates/gitlab-rails/rake_backup_wrapper.erb 0 → 100644
View file @ edb06ab2
#!/usr/bin/env bash
VERBOSE=1
##
## usage [SUBCOMMAND]
##
## Prints out SUBCOMMAND usage and exits with code `0`. Prints the general
## usage when SUBCOMMAND is missing.
##
usage() {
case "${1}" in
create)
echo 'Usage: gitlab-backup create [OPTIONS]'
echo
echo " Create a new backup. Wrapper for \`gitlab-rake gitlab:backup:create\`."
echo
echo 'OPTIONS:'
echo
echo ' -h, --help Display this help message and exits,'
echo
echo ' Additional OPTIONS are passed to the underlying command.'
;;
restore)
echo 'Usage: gitlab-backup restore [OPTIONS]'
echo
echo " Restore from a backup. Wrapper for \`gitlab-rake gitlab:backup:restore\`."
echo
echo ' Automatically changes the ownership of registry directory (when enabled)'
echo ' to ensure filesytem permissions are correct.'
echo
echo 'OPTIONS:'
echo
echo ' -h, --help Display this help message and exits.'
echo
echo ' Additional OPTIONS passed to the underlying command.'
;;
*)
echo 'Usage: gitlab-backup COMMAND [OPTIONS]'
echo
echo 'OPTIONS:'
echo
echo " -h, --help Display this help message and exits. Use \`COMMAND --help\`"
echo ' for more information on a command.'
echo
echo 'COMMANDS:'
echo ' create Creates a new backup.'
echo ' restore Restores from a backup.'
;;
esac
exit 0
}
##
## chown_registry USER
##
## Transfers ownership of registry directory to USER.
##
chown_registry() {
[ ${VERBOSE} -gt 0 ] && printf 'Transfering ownership of %s to %s\n' "${registry_dir}" "${1}"
chown -R "${1}" "${registry_dir}"
}
##
## backup_create ARGS
##
## Calls `gitlab-rake gitlab:backup:create` and passess ARGS to it.
##
backup_create() {
# Print usage if help flag is present.
case "${1}" in
-h|--help)
shift
usage 'create'
;;
*)
;;
esac
<%= install_dir %>/bin/gitlab-rake gitlab:backup:create ${@}
}
##
## backup_restore ARGS
##
## Calls `gitlab-rake gitlab:backup:restore` and passess ARGS to it. Also,
## registers hooks to change ownership of registry directory before and
## after restore.
##
backup_restore() {
# Print usage if help flag is present.
case "${1}" in
-h|--help)
shift
usage 'restore'
;;
*)
;;
esac
if [ -n "${registry_dir}" ]; then
# Transfer ownership to git user to ensure that recovery won't fail on
# the existing registry
chown_registry ${gitlab_user}
# Transfer ownership back to registry user when restore task is finished.
trap "chown_registry ${registry_user}" EXIT
fi
<%= install_dir %>/bin/gitlab-rake gitlab:backup:restore ${@}
}
# Load gitlab-rails-rc
gitlab_rails_rc='<%= install_dir %>/etc/gitlab-rails-rc'
if ! [ -f ${gitlab_rails_rc} ] ; then
>&2 echo "${0} error: could not load ${gitlab_rails_rc}"
>&2 echo 'Either you are not allowed to read the file, or it does not exist yet.'
>&2 echo "You can generate it with \`sudo gitlab-ctl reconfigure\`"
exit 2
fi
. ${gitlab_rails_rc}
# Parse general options and sub-command.
while (( "${#}" )); do
case "${1}" in
-h|--help)
shift
usage
;;
--)
shift
break
;;
-*|--*)
>&2 echo "Unsupported option: ${1}"
exit 1
;;
*)
break
;;
esac
done
subcommand=${1:-create}
shift
# Run subcommand
case "${subcommand}" in
create)
backup_create ${@}
;;
restore)
backup_restore ${@}
;;
*)
>&2 echo "Unknown command: ${subcommand}"
exit 1
;;
esac
config/templates/omnibus-gitlab-gems/Gemfile 0 → 100644
View file @ edb06ab2
# THis defines the dependencies needed for Chef and its cookbooks to
# run. Any dependency needed by `gitlab-ctl reconfigure` should be
# included here.
#
# Note that you must avoid installing a gem from a Git source in this
# file because Bundler installs gems from source in a different
# directory than prepackaged gems. Gems installed from source cannot be
# found with the Ruby interpreter unless `bundle exec` is used.
source 'https://rubygems.org'
# To ensure LD_LIBRARY_PATH includes /opt/gitlab/embedded/lib avoid
# the precompiled native gems.
gem 'ffi', '1.17.0', force_ruby_platform: true
# chef depends on unf_ext. This needs to be listed before Chef
# since Cinc will look inside the Cinc RubyGems.
gem 'unf_ext', '0.0.9.1'
# The version here should be in agreement with /Gemfile.lock so that our rspec
# testing stays consistent with the package contents.
source 'https://packagecloud.io/cinc-project/stable' do
gem 'chef', '18.3.0'
gem 'chef-cli', '5.6.1'
gem 'chef-bin', '18.3.0'
gem 'chef-config', '18.3.0'
gem 'chef-zero', '15.0.11'
gem 'inspec-core', '6.6.0'
end
gem 'ohai', '18.1.3'
# TODO: Include omnibus-ctl in the Gemfile
# Currently omnibus-ctl is installed via config/software since we build
# a custom version from the Git source for licensing reasons and for Ruby 3.2 fixes.
gem 'acme-client', '2.0.18'
gem 'rainbow', '3.1.1'
gem 'gitlab-ruby-shadow', '2.5.1', require: 'shadow'
gem 'tomlib', '0.6.0'
gem 'mixlib-log', '3.0.9'
gem 'remote_syslog', '1.6.15'
# pin the version of faraday and faraday-net_http temporarily until
# conflicts between the version of net-http it requires and the version of
# net-http shipped in the Gemfile can be resolved
gem 'faraday-net_http', '3.0.2'
gem 'faraday', '2.8.1'
# Temporary workaround because upstream inspec-core does not list this as
# a requirement and it causes failures during gitlab-ctl reconfigure in
# the QA job pipelines.
# This can be dropped once https://github.com/inspec/inspec/pull/6925
# has been merged and released.
gem 'rubocop-ast', '1.21.0'
# We need to install our own copy of license_finder since the
# license_finder installed by gitlab-omnibus-builder appears to search
# the builder gem directory instead of the Omnibus gem directory.
gem 'license_finder', '7.1.0'
config/templates/omnibus-gitlab-gems/Gemfile.lock 0 → 100644
View file @ edb06ab2
GEM
remote: https://packagecloud.io/cinc-project/stable/
specs:
chef (18.3.0)
addressable
aws-sdk-s3 (~> 1.91)
aws-sdk-secretsmanager (~> 1.46)
chef-config (= 18.3.0)
chef-utils (= 18.3.0)
chef-vault
chef-zero (>= 14.0.11)
corefoundation (~> 0.3.4)
diff-lcs (>= 1.2.4, < 1.6.0, != 1.4.0)
erubis (~> 2.7)
ffi (>= 1.15.5)
ffi-libarchive (~> 1.0, >= 1.0.3)
ffi-yajl (~> 2.2)
iniparse (~> 1.4)
inspec-core (>= 5)
license-acceptance (>= 1.0.5, < 3)
mixlib-archive (>= 0.4, < 2.0)
mixlib-authentication (>= 2.1, < 4)
mixlib-cli (>= 2.1.1, < 3.0)
mixlib-log (>= 2.0.3, < 4.0)
mixlib-shellout (>= 3.1.1, < 4.0)
net-ftp
net-sftp (>= 2.1.2, < 5.0)
ohai (~> 18.0)
plist (~> 3.2)
proxifier2 (~> 1.1)
syslog-logger (~> 1.6)
train-core (~> 3.10)
train-rest (>= 0.4.1)
train-winrm (>= 0.2.5)
unf_ext (>= 0.0.8.2)
uuidtools (>= 2.1.5, < 3.0)
vault (~> 0.16)
chef-bin (18.3.0)
chef (= 18.3.0)
chef-cli (5.6.1)
addressable (>= 2.3.5, < 2.9)
chef (>= 16.0)
cookbook-omnifetch (~> 0.5)
diff-lcs (>= 1.0, < 1.4)
ffi-yajl (>= 1.0, < 3.0)
license-acceptance (>= 1.0.11, < 3)
minitar (~> 0.6)
mixlib-cli (>= 1.7, < 3.0)
mixlib-shellout (>= 2.0, < 4.0)
pastel (~> 0.7)
solve (> 2.0, < 5.0)
chef-config (18.3.0)
addressable
chef-utils (= 18.3.0)
fuzzyurl
mixlib-config (>= 2.2.12, < 4.0)
mixlib-shellout (>= 2.0, < 4.0)
tomlrb (~> 1.2)
chef-utils (18.3.0)
concurrent-ruby
chef-zero (15.0.11)
ffi-yajl (~> 2.2)
hashie (>= 2.0, < 5.0)
mixlib-log (>= 2.0, < 4.0)
rack (~> 2.0, >= 2.0.6)
uuidtools (~> 2.1)
webrick
inspec-core (6.6.0)
addressable (~> 2.4)
chef-licensing (>= 0.7.5)
chef-telemetry (~> 1.0, >= 1.0.8)
faraday (>= 1, < 3)
faraday-follow_redirects (~> 0.3)
hashie (>= 3.4, < 6.0)
license-acceptance (>= 0.2.13, < 3.0)
method_source (>= 0.8, < 2.0)
mixlib-log (~> 3.0)
multipart-post (~> 2.0)
parallel (~> 1.9)
parslet (>= 1.5, < 2.0)
pry (~> 0.13)
rspec (>= 3.9, <= 3.12)
rspec-its (~> 1.2)
rubyzip (>= 1.2.2, < 3.0)
semverse (~> 3.0)
sslshake (~> 1.2)
thor (>= 0.20, < 1.3.0)
tomlrb (>= 1.2, < 2.1)
train-core (>= 3.11.0)
tty-prompt (~> 0.17)
tty-table (~> 0.10)
GEM
remote: https://rubygems.org/
specs:
acme-client (2.0.18)
faraday (>= 1.0, < 3.0.0)
faraday-retry (>= 1.0, < 3.0.0)
activesupport (7.0.8)
concurrent-ruby (~> 1.0, >= 1.0.2)
i18n (>= 1.6, < 2)
minitest (>= 5.1)
tzinfo (~> 2.0)
addressable (2.8.6)
public_suffix (>= 2.0.2, < 6.0)
ast (2.4.2)
aws-eventstream (1.3.0)
aws-partitions (1.883.0)
aws-sdk-core (3.194.2)
aws-eventstream (~> 1, >= 1.3.0)
aws-partitions (~> 1, >= 1.651.0)
aws-sigv4 (~> 1.8)
jmespath (~> 1, >= 1.6.1)
aws-sdk-kms (1.76.0)
aws-sdk-core (~> 3, >= 3.188.0)
aws-sigv4 (~> 1.1)
aws-sdk-s3 (1.149.1)
aws-sdk-core (~> 3, >= 3.194.0)
aws-sdk-kms (~> 1)
aws-sigv4 (~> 1.8)
aws-sdk-secretsmanager (1.92.0)
aws-sdk-core (~> 3, >= 3.193.0)
aws-sigv4 (~> 1.1)
aws-sigv4 (1.8.0)
aws-eventstream (~> 1, >= 1.0.2)
base64 (0.2.0)
bigdecimal (3.1.8)
builder (3.2.4)
chef-licensing (0.7.5)
activesupport (~> 7.0, < 7.1)
chef-config (>= 15)
faraday (>= 1, < 3)
faraday-http-cache
tty-prompt (~> 0.23)
tty-spinner (~> 0.9.3)
chef-telemetry (1.1.1)
chef-config
concurrent-ruby (~> 1.0)
chef-vault (4.1.11)
coderay (1.1.3)
concurrent-ruby (1.2.3)
cookbook-omnifetch (0.12.2)
mixlib-archive (>= 0.4, < 2.0)
corefoundation (0.3.13)
ffi (>= 1.15.0)
date (3.3.4)
diff-lcs (1.3)
domain_name (0.6.20240107)
em-resolv-replace (1.1.3)
erubi (1.12.0)
erubis (2.7.0)
eventmachine (1.0.9.1)
eventmachine-tail (0.6.5)
eventmachine
faraday (2.8.1)
base64
faraday-net_http (>= 2.0, < 3.1)
ruby2_keywords (>= 0.0.4)
faraday-follow_redirects (0.3.0)
faraday (>= 1, < 3)
faraday-http-cache (2.5.1)
faraday (>= 0.8)
faraday-net_http (3.0.2)
faraday-retry (2.2.1)
faraday (~> 2.0)
ffi (1.17.0)
ffi-libarchive (1.1.14)
ffi (~> 1.0)
ffi-yajl (2.6.0)
libyajl2 (>= 1.2)
file-tail (1.2.0)
tins (~> 1.0)
fuzzyurl (0.9.0)
gitlab-ruby-shadow (2.5.1)
gssapi (1.3.1)
ffi (>= 1.0.1)
gyoku (1.4.0)
builder (>= 2.1.2)
rexml (~> 3.0)
hashie (4.1.0)
http-accept (1.7.0)
http-cookie (1.0.5)
domain_name (~> 0.5)
httpclient (2.8.3)
i18n (1.14.1)
concurrent-ruby (~> 1.0)
iniparse (1.5.0)
ipaddress (0.8.3)
jmespath (1.6.2)
json (2.7.1)
libyajl2 (2.1.0)
license-acceptance (2.1.13)
pastel (~> 0.7)
tomlrb (>= 1.2, < 3.0)
tty-box (~> 0.6)
tty-prompt (~> 0.20)
license_finder (7.1.0)
bundler
rubyzip (>= 1, < 3)
thor (~> 1.2)
tomlrb (>= 1.3, < 2.1)
with_env (= 1.1.0)
xml-simple (~> 1.1.9)
little-plugger (1.1.4)
logging (2.3.1)
little-plugger (~> 1.1)
multi_json (~> 1.14)
method_source (1.0.0)
mime-types (3.5.2)
mime-types-data (~> 3.2015)
mime-types-data (3.2024.0507)
minitar (0.9)
minitest (5.21.2)
mixlib-archive (1.1.7)
mixlib-log
mixlib-authentication (3.0.10)
mixlib-cli (2.1.8)
mixlib-config (3.0.27)
tomlrb
mixlib-log (3.0.9)
mixlib-shellout (3.2.7)
chef-utils
molinillo (0.8.0)
multi_json (1.15.0)
multipart-post (2.4.1)
net-ftp (0.3.4)
net-protocol
time
net-protocol (0.2.2)
timeout
net-scp (4.0.0)
net-ssh (>= 2.6.5, < 8.0.0)
net-sftp (4.0.0)
net-ssh (>= 5.0.0, < 8.0.0)
net-ssh (7.2.3)
netrc (0.11.0)
nori (2.7.0)
bigdecimal
ohai (18.1.3)
chef-config (>= 14.12, < 19)
chef-utils (>= 16.0, < 19)
ffi (~> 1.9)
ffi-yajl (~> 2.2)
ipaddress
mixlib-cli (>= 1.7.0)
mixlib-config (>= 2.0, < 4.0)
mixlib-log (>= 2.0.1, < 4.0)
mixlib-shellout (~> 3.2, >= 3.2.5)
plist (~> 3.1)
train-core
wmi-lite (~> 1.0)
parallel (1.24.0)
parser (3.3.0.5)
ast (~> 2.4.1)
racc
parslet (1.8.2)
pastel (0.8.0)
tty-color (~> 0.5)
plist (3.7.1)
proxifier2 (1.1.0)
pry (0.14.2)
coderay (~> 1.1)
method_source (~> 1.0)
public_suffix (5.0.5)
racc (1.7.3)
rack (2.2.8)
rainbow (3.1.1)
remote_syslog (1.6.15)
em-resolv-replace
eventmachine (>= 0.12.10, < 1.1)
eventmachine-tail (>= 0.6.4)
file-tail
servolux (~> 0.10.0)
syslog_protocol (~> 0.9.2)
rest-client (2.1.0)
http-accept (>= 1.7.0, < 2.0)
http-cookie (>= 1.0.2, < 2.0)
mime-types (>= 1.16, < 4.0)
netrc (~> 0.8)
rexml (3.2.6)
rspec (3.12.0)
rspec-core (~> 3.12.0)
rspec-expectations (~> 3.12.0)
rspec-mocks (~> 3.12.0)
rspec-core (3.12.2)
rspec-support (~> 3.12.0)
rspec-expectations (3.12.3)
diff-lcs (>= 1.2.0, < 2.0)
rspec-support (~> 3.12.0)
rspec-its (1.3.0)
rspec-core (>= 3.0.0)
rspec-expectations (>= 3.0.0)
rspec-mocks (3.12.6)
diff-lcs (>= 1.2.0, < 2.0)
rspec-support (~> 3.12.0)
rspec-support (3.12.2)
rubocop-ast (1.21.0)
parser (>= 3.1.1.0)
ruby2_keywords (0.0.5)
rubyntlm (0.6.3)
rubyzip (2.3.2)
semverse (3.0.2)
servolux (0.10.0)
solve (4.0.4)
molinillo (~> 0.6)
semverse (>= 1.1, < 4.0)
sslshake (1.3.1)
strings (0.2.1)
strings-ansi (~> 0.2)
unicode-display_width (>= 1.5, < 3.0)
unicode_utils (~> 1.4)
strings-ansi (0.2.0)
sync (0.5.0)
syslog-logger (1.6.8)
syslog_protocol (0.9.2)
thor (1.2.2)
time (0.3.0)
date
timeout (0.4.1)
tins (1.32.1)
sync
tomlib (0.6.0)
tomlrb (1.3.0)
train-core (3.12.3)
addressable (~> 2.5)
ffi (!= 1.13.0)
json (>= 1.8, < 3.0)
mixlib-shellout (>= 2.0, < 4.0)
net-scp (>= 1.2, < 5.0)
net-ssh (>= 2.9, < 8.0)
train-rest (0.5.0)
aws-sigv4 (~> 1.5)
rest-client (~> 2.1)
train-core (~> 3.0)
train-winrm (0.2.13)
winrm (>= 2.3.6, < 3.0)
winrm-elevated (~> 1.2.2)
winrm-fs (~> 1.0)
tty-box (0.7.0)
pastel (~> 0.8)
strings (~> 0.2.0)
tty-cursor (~> 0.7)
tty-color (0.6.0)
tty-cursor (0.7.1)
tty-prompt (0.23.1)
pastel (~> 0.8)
tty-reader (~> 0.8)
tty-reader (0.9.0)
tty-cursor (~> 0.7)
tty-screen (~> 0.8)
wisper (~> 2.0)
tty-screen (0.8.2)
tty-spinner (0.9.3)
tty-cursor (~> 0.7)
tty-table (0.12.0)
pastel (~> 0.8)
strings (~> 0.2.0)
tty-screen (~> 0.8)
tzinfo (2.0.6)
concurrent-ruby (~> 1.0)
unf_ext (0.0.9.1)
unicode-display_width (2.5.0)
unicode_utils (1.4.0)
uuidtools (2.2.0)
vault (0.18.2)
aws-sigv4
webrick (1.8.1)
winrm (2.3.6)
builder (>= 2.1.2)
erubi (~> 1.8)
gssapi (~> 1.2)
gyoku (~> 1.0)
httpclient (~> 2.2, >= 2.2.0.2)
logging (>= 1.6.1, < 3.0)
nori (~> 2.0)
rubyntlm (~> 0.6.0, >= 0.6.3)
winrm-elevated (1.2.3)
erubi (~> 1.8)
winrm (~> 2.0)
winrm-fs (~> 1.0)
winrm-fs (1.3.5)
erubi (~> 1.8)
logging (>= 1.6.1, < 3.0)
rubyzip (~> 2.0)
winrm (~> 2.0)
wisper (2.0.1)
with_env (1.1.0)
wmi-lite (1.0.7)
xml-simple (1.1.9)
rexml
PLATFORMS
ruby
DEPENDENCIES
acme-client (= 2.0.18)
chef (= 18.3.0)!
chef-bin (= 18.3.0)!
chef-cli (= 5.6.1)!
chef-config (= 18.3.0)!
chef-zero (= 15.0.11)!
faraday (= 2.8.1)
faraday-net_http (= 3.0.2)
ffi (= 1.17.0)
gitlab-ruby-shadow (= 2.5.1)
inspec-core (= 6.6.0)!
license_finder (= 7.1.0)
mixlib-log (= 3.0.9)
ohai (= 18.1.3)
rainbow (= 3.1.1)
remote_syslog (= 1.6.15)
rubocop-ast (= 1.21.0)
tomlib (= 0.6.0)
unf_ext (= 0.0.9.1)
BUNDLED WITH
2.5.5
config/templates/package-scripts/external_url.sh 0 → 100644
View file @ edb06ab2
check_if_ec2()
{
if [ -f /sys/hypervisor/uuid ] && [ `head -c 3 /sys/hypervisor/uuid` = 'ec2' ]; then
return 0
else
return 1
fi
}
get_ec2_address()
{
url=$1
# Try collecting fqdn if it is set correctly
fqdn=$(/opt/gitlab/embedded/bin/curl -s ${url})
if [ -n "${fqdn}" ]; then
# Checking if curl returned an XML message
word="<?xml"
if ! $(test "${fqdn#*$word}" != "$fqdn"); then
EXTERNAL_URL="http://${fqdn}"
fi
fi
}
get_details_from_ec2()
{
get_ec2_address "http://169.254.169.254/latest/meta-data/public-hostname"
if [ -z "${EXTERNAL_URL}" ]; then
get_ec2_address "http://169.254.169.254/latest/meta-data/public-ipv4"
fi
}
set_protocol()
{
# Checking if EXTERNAL_URL starts with http:// or https://
if ! $(echo ${EXTERNAL_URL} | awk '$0 !~ /^http[s]?:\/\// {exit 1}'); then
EXTERNAL_URL="http://${EXTERNAL_URL}"
fi
}
if [ -z "${EXTERNAL_URL}" ]; then
# Grab address from EC2 only if this is first installation. For upgrades,
# EXTERNAL_URL env variable is the only thing that may define external URL
# other than what is in gitlab.rb
if ! [ -e /etc/gitlab/gitlab.rb ] ; then
check_if_ec2
if [ $? -eq 0 ] ; then
get_details_from_ec2
fi
fi
else
set_protocol
fi
if [ -z "${EXTERNAL_URL}" ]; then
EXTERNAL_URL="http://gitlab.example.com"
fi
config/templates/package-scripts/postinst.erb 0 → 100644
View file @ edb06ab2
#!/bin/sh
#
# Perform necessary gitlab setup steps
# after package is installed.
#
DEST_DIR=<%= install_dir %>
notify()
{
echo "gitlab: $1"
}
update_external_url()
{
EXISTING_EXTERNAL_URL=$(awk '/^external_url/ { print $2 }' /etc/gitlab/gitlab.rb | tr -d "'\"")
if [ "$EXTERNAL_URL" = "http://gitlab.example.com" ]; then
EXTERNAL_URL=$EXISTING_EXTERNAL_URL
elif [ "$EXTERNAL_URL" != "$EXISTING_EXTERNAL_URL" ]; then
sed -i 's!^external_url .*!external_url "'$EXTERNAL_URL'"!g' /etc/gitlab/gitlab.rb
fi
}
create_config_template()
{
# Create a minimal gitlab.rb template if /etc/gitlab/gitlab.rb does not exist.
if ! [ -e /etc/gitlab/gitlab.rb ] ; then
mkdir -p /etc/gitlab
cp "${DEST_DIR}/etc/gitlab.rb.template" /etc/gitlab/gitlab.rb
sed -i 's!GENERATED_EXTERNAL_URL!'$EXTERNAL_URL'!g' /etc/gitlab/gitlab.rb
chmod 600 /etc/gitlab/gitlab.rb
else
update_external_url
fi
}
fix_directory_permissions()
{
if [ -x /usr/bin/dpkg-query ] ; then
# We are in the land of .deb packages. We should fix package directory owners
# because of the faulty 7.2.0 / 7.2.1 .deb packages.
/usr/bin/dpkg-query -L gitlab-ce gitlab-ee 2>/dev/null | while read f ; do
if [ -d "$f" ] ; then
# This directory may have been created when installing omnibus-gitlab
# 7.2.0 / 7.2.1, so it could have the wrong owner.
chown root:root "$f"
fi
done
fi
}
if [ -n "${GITLAB_DEBUG}" ] ; then
notify "debug: arguments: $@"
fi
<%= external_url_script %>
${DEST_DIR}/embedded/bin/symlink_ctl_cmds ${DEST_DIR}
create_config_template
fix_directory_permissions
case "$1" in
configure)
# Looks like a DEB install. We don't know if it is a fresh install or an
# upgrade.
EXTERNAL_URL=${EXTERNAL_URL} ${DEST_DIR}/bin/gitlab-ctl upgrade
;;
*)
# No op.
;;
esac
config/templates/package-scripts/postrm.erb 0 → 100644
View file @ edb06ab2
#!/bin/sh
# WARNING: REQUIRES /bin/sh
#
# - must run on /bin/sh on solaris 9
# - must run on /bin/sh on AIX 6.x
# - if you think you are a bash wizard, you probably do not understand
# this programming language. do not touch.
# - if you are under 40, get peer review from your elders.
is_smartos() {
uname -v | grep "^joyent" 2>&1 >/dev/null
}
if is_smartos; then
PREFIX="/opt/local"
else
PREFIX="/usr"
fi
cleanup_symlinks() {
binaries="gitlab-ctl gitlab-rake gitlab-rails gitlab-psql gitlab-backup"
for binary in $binaries; do
rm -f $PREFIX/bin/$binary
done
}
# Clean up binary symlinks if they exist
# see: http://tickets.opscode.com/browse/CHEF-3022
if [ ! -f /etc/redhat-release -a ! -f /etc/fedora-release -a ! -f /etc/system-release ]; then
# not a redhat-ish RPM-based system
cleanup_symlinks
elif [ "x$1" = "x0" ]; then
# RPM-based system and we're deinstalling rather than upgrading
cleanup_symlinks
fi
config/templates/package-scripts/posttrans.erb 0 → 100644
View file @ edb06ab2
#!/bin/sh
# GitLab post-transition script
# RPM only
DEST_DIR=<%= install_dir %>
if [ -e /etc/gitlab/gitlab.rb ] ; then
EXTERNAL_URL=$(awk '/^external_url/ { print $2 }' /etc/gitlab/gitlab.rb | tr -d "'\"")
fi
<%= external_url_script %>
${DEST_DIR}/embedded/bin/symlink_ctl_cmds ${DEST_DIR}
EXTERNAL_URL=${EXTERNAL_URL} ${DEST_DIR}/bin/gitlab-ctl upgrade
config/templates/package-scripts/preinst.erb 0 → 100644
View file @ edb06ab2
#!/bin/sh
# GitLab pre-install script
DEST_DIR=<%= install_dir %>
NEW_MAJOR_VERSION=<%= build_version.split(".")[0] %>
NEW_MINOR_VERSION=<%= build_version.split(".")[0,2].join(".") %>
mkdir -p /var/log/gitlab/reconfigure
skip_backup_file=/etc/gitlab/skip-auto-backup
skip_reconfigure_file=/etc/gitlab/skip-auto-reconfigure
# environment may contain these - clear them out
OLD_VERSION_STRING=""
OLD_MAJOR_VERSION=""
OLD_MINOR_VERSION=""
if [ -e "${DEST_DIR}/version-manifest.json" ] ; then
OLD_VERSION_STRING=$(grep -i "build_version" ${DEST_DIR}/version-manifest.json | awk -F ': ' '{print $2}' | tr -d '",')
# Getting the Major and Major.Minor format of existing version string
OLD_MAJOR_VERSION=$(echo $OLD_VERSION_STRING | awk -F "." '{print $1}')
OLD_MINOR_VERSION=$(echo $OLD_VERSION_STRING | awk -F "." '{print $1"."$2}')
fi
greater_version()
{
test "$(printf '%s\n' "$@" | sort -V | tail -n 1)" = "$1";
}
config_check() {
if [ -e "${DEST_DIR}/embedded/service/omnibus-ctl/check_config.rb" ] ; then
${DEST_DIR}/bin/gitlab-ctl check-config --version=${NEW_MINOR_VERSION}
if [ $? -ne 0 ]; then
exit 1
fi
fi
}
upgrade_check() {
# Minimum version from which jumps are permitted to current version.
# Follows https://docs.gitlab.com/ee/update/index.html#upgrade-paths
MIN_VERSION=16.11
if [ -n "${OLD_VERSION_STRING}" ] ; then
# Checking
# If existing version is less than required minimum version, do not permit the upgrade.
if ! greater_version $OLD_MINOR_VERSION $MIN_VERSION; then
notify "It seems you are upgrading from ${OLD_MINOR_VERSION} to ${NEW_MINOR_VERSION}."
notify "It is required to upgrade to the latest ${MIN_VERSION}.x version first before proceeding."
# If the upgrade is a major version jump, print a major upgrade notification.
if test ${OLD_MAJOR_VERSION} -lt ${NEW_MAJOR_VERSION}; then
notify "Please follow the upgrade documentation at https://docs.gitlab.com/ee/update/#upgrading-to-a-new-major-version"
else
notify "Please follow the upgrade documentation at https://docs.gitlab.com/ee/update/index.html#upgrade-paths"
fi
exit 1
fi
fi
}
pg_check() {
PG_MIN_VERSION=14
# Fetch the currently running version from the database
# If this doesn't work, assume this isn't a database node
if ! running_version=$(${DEST_DIR}/bin/gitlab-psql -d template1 -c 'SHOW server_version' -qt 2>/dev/null); then
notify
notify "This node does not appear to be running a database"
notify "Skipping version check, if you think this is an error exit now"
notify
return
fi
# Check if PostgreSQL version is less than PG_MIN_VERSION and notify user.
# In AWK, $NF will return the last column of the version output, which
# is the version string. By doing $NF+0, we force awk to convert it to a
# float, so that we can do numerical comparison.
if ! $(echo ${running_version} | awk -v PG_MIN_VERSION="$PG_MIN_VERSION" '$NF+0 < PG_MIN_VERSION {exit 1}'); then
notify
notify "Your version of PostgreSQL is no longer supported. Please upgrade your PostgreSQL version to ${PG_MIN_VERSION}."
notify "Check https://docs.gitlab.com/omnibus/settings/database.html#upgrade-packaged-postgresql-server for details."
notify ""
notify "Upgrade failed. Retry the upgrade after upgrading your PostgreSQL version."
exit 1
fi
}
main() {
if [ -e "${skip_reconfigure_file}" ] ; then
# The user wants us to do nothing
return
fi
if [ -d ${DEST_DIR}/service/puma ] && [ ! -e "${skip_backup_file}" ] ; then
notify "Automatically backing up only the GitLab SQL database (excluding everything else!)"
if ! ${DEST_DIR}/bin/gitlab-rake gitlab:backup:create SKIP=repositories,uploads,builds,artifacts,lfs,terraform_state,ci_secure_files,registry,pages,packages ; then
backup_failed "Database"
fi
BACKUP_ETC_ADDED_VERSION=12.3
if greater_version $OLD_MINOR_VERSION $BACKUP_ETC_ADDED_VERSION; then
notify "Automatically backing up /etc/gitlab"
if ! ${DEST_DIR}/bin/gitlab-ctl backup-etc --no-delete-old-backups ; then
notify "Configuration backup failed - check permissions for /etc/gitlab/config_backup/ [is it nfs root_squash?]"
fi
fi
fi
}
backup_failed() {
notify
notify "$1 backup failed! If you want to skip this backup, run the following command and try again:"
notify
notify " sudo touch ${skip_backup_file}"
notify
exit 1
}
notify() {
echo "gitlab preinstall: $1"
}
if [ -n "${GITLAB_DEBUG}" ] ; then
notify "debug: arguments: $@"
fi
case "$1" in
2)
# Looks like an RPM upgrade
upgrade_check
config_check
pg_check
main
;;
upgrade)
# Looks like a DEB upgrade
upgrade_check
config_check
pg_check
main
;;
*)
# This is not an upgrade, nothing to do.
;;
esac
\ No newline at end of file
config/templates/runit/runsvdir-start.erb 0 → 100644
View file @ edb06ab2
#!/bin/bash
#
# Copyright 2012-<%= Time.now.year %> Chef Software, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
PATH=<%= install_dir %>/bin:<%= install_dir %>/embedded/bin:/usr/local/bin:/usr/local/sbin:/bin:/sbin:/usr/bin:/usr/sbin
ulimit -c 0
ulimit -d unlimited
ulimit -e 0
ulimit -f unlimited
ulimit -i 62793
ulimit -l 64
ulimit -m unlimited
# WARNING: Increasing the global file descriptor limit increases RAM
# consumption on startup dramatically!
ulimit -n 50000
ulimit -q 819200
ulimit -r 0
ulimit -s 10240
ulimit -t unlimited
ulimit -u unlimited
ulimit -v unlimited
ulimit -x unlimited
echo "1000000" > /proc/sys/fs/file-max
umask 022
exec env - PATH=$PATH \
runsvdir -P <%= install_dir %>/service 'log: <%= '.'*395 %>'
danger/reviewers/Dangerfile 0 → 100644
View file @ edb06ab2
# frozen_string_literal: true
return if helper.has_scoped_label_with_scope?("workflow")
REVIEWERS_MESSAGE = <<~MSG
Once your MR is ready for review you can comment `@gitlab-bot ready <@user>` to request the first review to someone. It's recommended that you pick the one suggested by the reviewer roulette. But you can ignore it and assign it to someone else if you see fit.
Merge requests are handled according to the workflow documented in our [handbook](https://about.gitlab.com/handbook/engineering/infrastructure/core-platform/systems/distribution/merge_requests.html#workflow) and should receive a response within the limit documented in our [Service-level objective (SLO)](https://about.gitlab.com/handbook/engineering/development/enablement/systems/distribution/merge_requests.html#service-level-objective).
If you don't receive a response from the reviewer within the SLO, please mention `@gitlab-org\/distribution`, or one of our [Project Maintainers](https://about.gitlab.com/handbook/engineering/projects/#omnibus-gitlab)
MSG
# Print maintainers message
message(REVIEWERS_MESSAGE)
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment