2020-10-06 14:08:49 -04:00
|
|
|
# frozen_string_literal: true
|
2019-06-25 13:54:42 -04:00
|
|
|
require_relative 'boot'
|
2011-10-08 17:36:38 -04:00
|
|
|
|
2020-01-29 13:08:47 -05:00
|
|
|
# Based on https://github.com/rails/rails/blob/v6.0.1/railties/lib/rails/all.rb
|
2019-06-25 13:54:42 -04:00
|
|
|
# Only load the railties we need instead of loading everything
|
2020-01-29 13:08:47 -05:00
|
|
|
require 'rails'
|
|
|
|
|
2019-06-25 13:54:42 -04:00
|
|
|
require 'active_record/railtie'
|
|
|
|
require 'action_controller/railtie'
|
|
|
|
require 'action_view/railtie'
|
|
|
|
require 'action_mailer/railtie'
|
2020-03-17 17:09:16 -04:00
|
|
|
require 'action_cable/engine'
|
2019-06-25 13:54:42 -04:00
|
|
|
require 'rails/test_unit/railtie'
|
2016-04-15 11:35:40 -04:00
|
|
|
|
2019-06-25 13:54:42 -04:00
|
|
|
Bundler.require(*Rails.groups)
|
2011-10-08 17:36:38 -04:00
|
|
|
|
|
|
|
module Gitlab
|
|
|
|
class Application < Rails::Application
|
2019-07-08 18:36:29 -04:00
|
|
|
require_dependency Rails.root.join('lib/gitlab')
|
2019-09-19 17:06:29 -04:00
|
|
|
require_dependency Rails.root.join('lib/gitlab/utils')
|
2020-07-08 02:09:13 -04:00
|
|
|
require_dependency Rails.root.join('lib/gitlab/action_cable/config')
|
2020-06-10 14:09:15 -04:00
|
|
|
require_dependency Rails.root.join('lib/gitlab/redis/wrapper')
|
|
|
|
require_dependency Rails.root.join('lib/gitlab/redis/cache')
|
|
|
|
require_dependency Rails.root.join('lib/gitlab/redis/queues')
|
|
|
|
require_dependency Rails.root.join('lib/gitlab/redis/shared_state')
|
2018-02-09 12:08:33 -05:00
|
|
|
require_dependency Rails.root.join('lib/gitlab/current_settings')
|
2018-06-12 23:12:38 -04:00
|
|
|
require_dependency Rails.root.join('lib/gitlab/middleware/read_only')
|
2018-09-07 03:21:30 -04:00
|
|
|
require_dependency Rails.root.join('lib/gitlab/middleware/basic_health_check')
|
2020-03-28 05:08:30 -04:00
|
|
|
require_dependency Rails.root.join('lib/gitlab/middleware/same_site_cookies')
|
2020-06-01 05:08:28 -04:00
|
|
|
require_dependency Rails.root.join('lib/gitlab/middleware/handle_ip_spoof_attack_error')
|
2020-10-26 17:08:22 -04:00
|
|
|
require_dependency Rails.root.join('lib/gitlab/middleware/handle_malformed_strings')
|
2021-04-12 11:09:30 -04:00
|
|
|
require_dependency Rails.root.join('lib/gitlab/middleware/rack_multipart_tempfile_factory')
|
2020-06-10 14:09:15 -04:00
|
|
|
require_dependency Rails.root.join('lib/gitlab/runtime')
|
2016-04-15 11:35:40 -04:00
|
|
|
|
2021-06-18 08:10:03 -04:00
|
|
|
config.autoloader = :classic
|
|
|
|
|
2011-10-08 17:36:38 -04:00
|
|
|
# Settings in config/environments/* take precedence over those specified here.
|
|
|
|
# Application configuration should go into files in config/initializers
|
|
|
|
# -- all .rb files in that directory are automatically loaded.
|
|
|
|
|
2016-04-05 12:43:48 -04:00
|
|
|
# Sidekiq uses eager loading, but directories not in the standard Rails
|
|
|
|
# directories must be added to the eager load paths:
|
|
|
|
# https://github.com/mperham/sidekiq/wiki/FAQ#why-doesnt-sidekiq-autoload-my-rails-application-code
|
|
|
|
# Also, there is no need to add `lib` to autoload_paths since autoloading is
|
|
|
|
# configured to check for eager loaded paths:
|
|
|
|
# https://github.com/rails/rails/blob/v4.2.6/railties/lib/rails/engine.rb#L687
|
|
|
|
# This is a nice reference article on autoloading/eager loading:
|
|
|
|
# http://blog.arkency.com/2014/11/dont-forget-about-eager-load-when-extending-autoload
|
2017-08-04 09:45:14 -04:00
|
|
|
config.eager_load_paths.push(*%W[#{config.root}/lib
|
2018-03-05 12:51:40 -05:00
|
|
|
#{config.root}/app/models/badges
|
2016-04-05 12:43:48 -04:00
|
|
|
#{config.root}/app/models/hooks
|
2016-04-15 11:35:40 -04:00
|
|
|
#{config.root}/app/models/members
|
2016-10-21 12:13:41 -04:00
|
|
|
#{config.root}/app/models/project_services
|
2018-07-10 10:19:45 -04:00
|
|
|
#{config.root}/app/graphql/resolvers/concerns
|
2020-09-14 11:09:28 -04:00
|
|
|
#{config.root}/app/graphql/mutations/concerns
|
|
|
|
#{config.root}/app/graphql/types/concerns])
|
2011-10-08 17:36:38 -04:00
|
|
|
|
2016-05-19 15:58:35 -04:00
|
|
|
config.generators.templates.push("#{config.root}/generator_templates")
|
|
|
|
|
2021-05-17 14:10:42 -04:00
|
|
|
foss_eager_load_paths = config.eager_load_paths.dup.freeze
|
2021-04-13 14:11:28 -04:00
|
|
|
load_paths = lambda do |dir:|
|
2021-05-17 14:10:42 -04:00
|
|
|
ext_paths = foss_eager_load_paths.each_with_object([]) do |path, memo|
|
2021-04-13 14:11:28 -04:00
|
|
|
ext_path = config.root.join(dir, Pathname.new(path).relative_path_from(config.root))
|
|
|
|
memo << ext_path.to_s
|
2019-09-19 17:06:29 -04:00
|
|
|
end
|
2019-06-12 11:21:18 -04:00
|
|
|
|
2021-04-13 14:11:28 -04:00
|
|
|
ext_paths << "#{config.root}/#{dir}/app/replicators"
|
2020-02-05 22:08:47 -05:00
|
|
|
|
2019-09-19 17:06:29 -04:00
|
|
|
# Eager load should load CE first
|
2021-04-13 14:11:28 -04:00
|
|
|
config.eager_load_paths.push(*ext_paths)
|
|
|
|
config.helpers_paths.push "#{config.root}/#{dir}/app/helpers"
|
2019-06-12 11:21:18 -04:00
|
|
|
|
2021-04-13 14:11:28 -04:00
|
|
|
# Other than Ruby modules we load extensions first
|
|
|
|
config.paths['lib/tasks'].unshift "#{config.root}/#{dir}/lib/tasks"
|
|
|
|
config.paths['app/views'].unshift "#{config.root}/#{dir}/app/views"
|
|
|
|
end
|
|
|
|
|
|
|
|
Gitlab.ee do
|
|
|
|
load_paths.call(dir: 'ee')
|
|
|
|
end
|
|
|
|
|
|
|
|
Gitlab.jh do
|
|
|
|
load_paths.call(dir: 'jh')
|
2019-09-19 17:06:29 -04:00
|
|
|
end
|
2019-06-12 11:21:18 -04:00
|
|
|
|
2017-12-14 10:14:57 -05:00
|
|
|
# Rake tasks ignore the eager loading settings, so we need to set the
|
|
|
|
# autoload paths explicitly
|
|
|
|
config.autoload_paths = config.eager_load_paths.dup
|
2021-05-12 23:10:19 -04:00
|
|
|
config.autoload_paths.push("#{config.root}/lib/generators")
|
2017-12-14 10:14:57 -05:00
|
|
|
|
2011-10-08 17:36:38 -04:00
|
|
|
# Only load the plugins named here, in the order given (default is alphabetical).
|
|
|
|
# :all can be used as a placeholder for all plugins not explicitly named.
|
|
|
|
# config.plugins = [ :exception_notification, :ssl_requirement, :all ]
|
|
|
|
|
|
|
|
# The default locale is :en and all translations from config/locales/*.rb,yml are auto loaded.
|
|
|
|
# config.i18n.load_path += Dir[Rails.root.join('my', 'locales', '*.{rb,yml}').to_s]
|
|
|
|
# config.i18n.default_locale = :de
|
2014-01-09 07:17:02 -05:00
|
|
|
config.i18n.enforce_available_locales = false
|
2011-10-08 17:36:38 -04:00
|
|
|
|
2018-11-21 06:17:26 -05:00
|
|
|
# Enable locale fallbacks for I18n (makes lookups for any locale fall back to
|
|
|
|
# the I18n.default_locale when a translation can not be found).
|
|
|
|
# We have to explicitly set default locale since 1.1.0 - see:
|
|
|
|
# https://github.com/svenfuchs/i18n/pull/415
|
|
|
|
config.i18n.fallbacks = [:en]
|
|
|
|
|
2017-05-04 02:58:57 -04:00
|
|
|
# Translation for AR attrs is not working well for POROs like WikiPage
|
|
|
|
config.gettext_i18n_rails.use_for_active_record_attributes = false
|
|
|
|
|
2011-10-08 17:36:38 -04:00
|
|
|
# Configure the default encoding used in templates for Ruby 1.9.
|
|
|
|
config.encoding = "utf-8"
|
|
|
|
|
|
|
|
# Configure sensitive parameters which will be filtered from the log file.
|
2016-05-19 15:58:35 -04:00
|
|
|
#
|
2016-04-28 14:12:03 -04:00
|
|
|
# Parameters filtered:
|
2017-09-10 10:05:55 -04:00
|
|
|
# - Any parameter ending with `token`
|
2017-08-31 00:14:29 -04:00
|
|
|
# - Any parameter containing `password`
|
|
|
|
# - Any parameter containing `secret`
|
2018-09-11 18:04:40 -04:00
|
|
|
# - Any parameter ending with `key`
|
2016-04-28 14:12:03 -04:00
|
|
|
# - Two-factor tokens (:otp_attempt)
|
|
|
|
# - Repo/Project Import URLs (:import_url)
|
2018-01-11 11:19:59 -05:00
|
|
|
# - Build traces (:trace)
|
2016-04-28 14:12:03 -04:00
|
|
|
# - Build variables (:variables)
|
|
|
|
# - GitLab Pages SSL cert/key info (:certificate, :encrypted_key)
|
|
|
|
# - Webhook URLs (:hook)
|
|
|
|
# - Sentry DSN (:sentry_dsn)
|
2018-05-30 06:12:42 -04:00
|
|
|
# - File content from Web Editor (:content)
|
2019-03-12 23:01:00 -04:00
|
|
|
# - Jira shared secret (:sharedSecret)
|
2019-07-30 06:07:28 -04:00
|
|
|
# - Titles, bodies, and descriptions for notes, issues, etc.
|
2018-11-28 13:36:11 -05:00
|
|
|
#
|
2019-07-30 06:07:28 -04:00
|
|
|
# NOTE: It is **IMPORTANT** to also update labkit's filter when
|
|
|
|
# adding parameters here to not introduce another security
|
|
|
|
# vulnerability:
|
|
|
|
# https://gitlab.com/gitlab-org/labkit/blob/master/mask/matchers.go
|
|
|
|
config.filter_parameters += [
|
|
|
|
/token$/,
|
|
|
|
/password/,
|
|
|
|
/secret/,
|
|
|
|
/key$/,
|
|
|
|
/^body$/,
|
|
|
|
/^description$/,
|
|
|
|
/^note$/,
|
|
|
|
/^text$/,
|
2020-10-07 05:09:13 -04:00
|
|
|
/^title$/,
|
|
|
|
/^hook$/
|
2019-07-30 06:07:28 -04:00
|
|
|
]
|
2016-04-28 14:12:03 -04:00
|
|
|
config.filter_parameters += %i(
|
|
|
|
certificate
|
|
|
|
encrypted_key
|
|
|
|
import_url
|
2020-04-30 17:09:47 -04:00
|
|
|
elasticsearch_url
|
2021-05-12 23:10:19 -04:00
|
|
|
elasticsearch_password
|
2020-12-07 16:10:08 -05:00
|
|
|
search
|
2020-12-13 19:10:01 -05:00
|
|
|
jwt
|
2016-04-28 14:12:03 -04:00
|
|
|
otp_attempt
|
|
|
|
sentry_dsn
|
2018-01-11 11:19:59 -05:00
|
|
|
trace
|
2016-04-28 14:12:03 -04:00
|
|
|
variables
|
2018-05-30 06:12:42 -04:00
|
|
|
content
|
2019-03-12 23:01:00 -04:00
|
|
|
sharedSecret
|
2016-04-28 14:12:03 -04:00
|
|
|
)
|
2011-10-08 17:36:38 -04:00
|
|
|
|
2012-11-14 08:45:15 -05:00
|
|
|
# Enable escaping HTML in JSON.
|
|
|
|
config.active_support.escape_html_entities_in_json = true
|
|
|
|
|
|
|
|
# Use SQL instead of Active Record's schema dumper when creating the database.
|
|
|
|
# This is necessary if your schema can't be completely dumped by the schema dumper,
|
|
|
|
# like if you have constraints or database-specific column types
|
2020-03-22 11:09:49 -04:00
|
|
|
config.active_record.schema_format = :sql
|
2012-11-14 08:45:15 -05:00
|
|
|
|
2021-06-15 11:10:04 -04:00
|
|
|
# Use new connection handling so that we can use Rails 6.1+ multiple
|
|
|
|
# database support.
|
|
|
|
config.active_record.legacy_connection_handling = false
|
|
|
|
|
2020-07-14 08:09:14 -04:00
|
|
|
config.action_mailer.delivery_job = "ActionMailer::MailDeliveryJob"
|
|
|
|
|
2011-10-08 17:36:38 -04:00
|
|
|
# Enable the asset pipeline
|
|
|
|
config.assets.enabled = true
|
2018-01-25 08:14:46 -05:00
|
|
|
|
2017-03-16 03:21:18 -04:00
|
|
|
# Support legacy unicode file named img emojis, `1F939.png`
|
|
|
|
config.assets.paths << Gemojione.images_path
|
2018-01-25 08:14:46 -05:00
|
|
|
config.assets.paths << "#{config.root}/vendor/assets/fonts"
|
|
|
|
|
2020-09-30 05:10:11 -04:00
|
|
|
config.assets.precompile << "application_utilities.css"
|
|
|
|
config.assets.precompile << "application_utilities_dark.css"
|
2020-06-11 11:08:36 -04:00
|
|
|
config.assets.precompile << "application_dark.css"
|
|
|
|
|
2020-08-04 17:09:56 -04:00
|
|
|
config.assets.precompile << "startup/*.css"
|
|
|
|
|
2014-04-02 08:42:35 -04:00
|
|
|
config.assets.precompile << "print.css"
|
2019-11-12 16:06:30 -05:00
|
|
|
config.assets.precompile << "mailer.css"
|
|
|
|
config.assets.precompile << "mailer_client_specific.css"
|
2016-01-28 11:54:13 -05:00
|
|
|
config.assets.precompile << "notify.css"
|
2016-03-22 22:20:47 -04:00
|
|
|
config.assets.precompile << "mailers/*.css"
|
2020-08-26 14:11:43 -04:00
|
|
|
config.assets.precompile << "page_bundles/_mixins_and_variables_and_functions.css"
|
2021-01-26 13:09:30 -05:00
|
|
|
config.assets.precompile << "page_bundles/admin/application_settings_metrics_and_profiling.css"
|
|
|
|
config.assets.precompile << "page_bundles/admin/jobs_index.css"
|
2020-10-26 11:08:40 -04:00
|
|
|
config.assets.precompile << "page_bundles/alert_management_details.css"
|
2021-01-06 07:10:58 -05:00
|
|
|
config.assets.precompile << "page_bundles/alert_management_settings.css"
|
2020-09-24 14:09:51 -04:00
|
|
|
config.assets.precompile << "page_bundles/boards.css"
|
2020-10-30 17:08:52 -04:00
|
|
|
config.assets.precompile << "page_bundles/build.css"
|
2020-10-23 05:08:41 -04:00
|
|
|
config.assets.precompile << "page_bundles/ci_status.css"
|
2020-09-29 02:09:45 -04:00
|
|
|
config.assets.precompile << "page_bundles/cycle_analytics.css"
|
2020-10-12 17:08:56 -04:00
|
|
|
config.assets.precompile << "page_bundles/dev_ops_report.css"
|
2020-10-06 14:08:49 -04:00
|
|
|
config.assets.precompile << "page_bundles/environments.css"
|
2020-11-16 16:09:02 -05:00
|
|
|
config.assets.precompile << "page_bundles/epics.css"
|
2020-10-12 05:08:38 -04:00
|
|
|
config.assets.precompile << "page_bundles/error_tracking_details.css"
|
2020-10-13 08:08:41 -04:00
|
|
|
config.assets.precompile << "page_bundles/error_tracking_index.css"
|
2021-05-21 02:11:06 -04:00
|
|
|
config.assets.precompile << "page_bundles/group.css"
|
2018-07-26 04:15:13 -04:00
|
|
|
config.assets.precompile << "page_bundles/ide.css"
|
2020-12-14 07:09:44 -05:00
|
|
|
config.assets.precompile << "page_bundles/import.css"
|
2021-01-06 07:10:58 -05:00
|
|
|
config.assets.precompile << "page_bundles/incident_management_list.css"
|
2020-10-05 05:08:17 -04:00
|
|
|
config.assets.precompile << "page_bundles/issues_list.css"
|
2020-09-01 08:11:01 -04:00
|
|
|
config.assets.precompile << "page_bundles/jira_connect.css"
|
2020-10-16 02:08:48 -04:00
|
|
|
config.assets.precompile << "page_bundles/jira_connect_users.css"
|
2021-02-23 13:10:40 -05:00
|
|
|
config.assets.precompile << "page_bundles/learn_gitlab.css"
|
2021-03-11 07:09:28 -05:00
|
|
|
config.assets.precompile << "page_bundles/members.css"
|
2020-10-07 02:09:03 -04:00
|
|
|
config.assets.precompile << "page_bundles/merge_conflicts.css"
|
2020-10-13 05:08:27 -04:00
|
|
|
config.assets.precompile << "page_bundles/merge_requests.css"
|
2020-09-24 17:09:38 -04:00
|
|
|
config.assets.precompile << "page_bundles/milestone.css"
|
2021-05-06 05:18:56 -04:00
|
|
|
config.assets.precompile << "page_bundles/new_namespace.css"
|
2021-01-06 07:10:58 -05:00
|
|
|
config.assets.precompile << "page_bundles/oncall_schedules.css"
|
2021-05-23 20:10:35 -04:00
|
|
|
config.assets.precompile << "page_bundles/escalation_policies.css"
|
2020-10-05 17:08:47 -04:00
|
|
|
config.assets.precompile << "page_bundles/pipeline.css"
|
2020-10-26 11:08:40 -04:00
|
|
|
config.assets.precompile << "page_bundles/pipeline_schedules.css"
|
2021-01-06 07:10:58 -05:00
|
|
|
config.assets.precompile << "page_bundles/pipelines.css"
|
2020-10-19 05:08:58 -04:00
|
|
|
config.assets.precompile << "page_bundles/productivity_analytics.css"
|
2020-12-08 10:09:45 -05:00
|
|
|
config.assets.precompile << "page_bundles/profile_two_factor_auth.css"
|
2021-05-21 02:11:06 -04:00
|
|
|
config.assets.precompile << "page_bundles/project.css"
|
2021-01-06 07:10:58 -05:00
|
|
|
config.assets.precompile << "page_bundles/reports.css"
|
|
|
|
config.assets.precompile << "page_bundles/roadmap.css"
|
2020-12-08 19:09:42 -05:00
|
|
|
config.assets.precompile << "page_bundles/security_dashboard.css"
|
2021-02-17 13:09:19 -05:00
|
|
|
config.assets.precompile << "page_bundles/security_discover.css"
|
2021-01-06 07:10:58 -05:00
|
|
|
config.assets.precompile << "page_bundles/signup.css"
|
2020-10-20 02:09:03 -04:00
|
|
|
config.assets.precompile << "page_bundles/terminal.css"
|
2020-08-26 14:11:43 -04:00
|
|
|
config.assets.precompile << "page_bundles/todos.css"
|
2020-10-20 02:09:03 -04:00
|
|
|
config.assets.precompile << "page_bundles/wiki.css"
|
2020-10-26 11:08:40 -04:00
|
|
|
config.assets.precompile << "page_bundles/xterm.css"
|
2020-10-05 08:08:47 -04:00
|
|
|
config.assets.precompile << "lazy_bundles/cropper.css"
|
2020-11-16 10:09:23 -05:00
|
|
|
config.assets.precompile << "lazy_bundles/select2.css"
|
2017-07-06 15:37:31 -04:00
|
|
|
config.assets.precompile << "performance_bar.css"
|
2020-01-06 07:07:56 -05:00
|
|
|
config.assets.precompile << "disable_animations.css"
|
2021-03-02 13:11:20 -05:00
|
|
|
config.assets.precompile << "test_environment.css"
|
2018-02-06 08:33:18 -05:00
|
|
|
config.assets.precompile << "snippets.css"
|
2017-10-04 07:23:52 -04:00
|
|
|
config.assets.precompile << "locale/**/app.js"
|
2018-05-02 14:23:17 -04:00
|
|
|
config.assets.precompile << "emoji_sprites.css"
|
2018-05-31 17:28:19 -04:00
|
|
|
config.assets.precompile << "errors.css"
|
2020-09-01 08:11:01 -04:00
|
|
|
config.assets.precompile << "jira_connect.js"
|
2014-02-25 12:15:08 -05:00
|
|
|
|
2020-09-02 14:10:40 -04:00
|
|
|
config.assets.precompile << "themes/*.css"
|
|
|
|
|
2019-02-21 19:58:37 -05:00
|
|
|
config.assets.precompile << "highlight/themes/*.css"
|
2019-02-14 01:54:34 -05:00
|
|
|
|
2018-03-09 16:32:11 -05:00
|
|
|
# Import gitlab-svgs directly from vendored directory
|
2018-10-31 07:35:33 -04:00
|
|
|
config.assets.paths << "#{config.root}/node_modules/@gitlab/svgs/dist"
|
2018-03-09 16:32:11 -05:00
|
|
|
config.assets.precompile << "icons.svg"
|
|
|
|
config.assets.precompile << "icons.json"
|
|
|
|
config.assets.precompile << "illustrations/*.svg"
|
|
|
|
|
2018-08-03 09:15:04 -04:00
|
|
|
# Import css for xterm
|
|
|
|
config.assets.paths << "#{config.root}/node_modules/xterm/src/"
|
2018-08-03 08:41:33 -04:00
|
|
|
config.assets.precompile << "xterm.css"
|
|
|
|
|
2019-07-22 09:00:08 -04:00
|
|
|
# Import path for EE specific SCSS entry point
|
|
|
|
# In CE it will import a noop file, in EE a functioning file
|
|
|
|
# Order is important, so that the ee file takes precedence:
|
2019-09-19 17:06:29 -04:00
|
|
|
config.assets.paths << "#{config.root}/ee/app/assets/stylesheets/_ee" if Gitlab.ee?
|
2019-07-22 09:00:08 -04:00
|
|
|
config.assets.paths << "#{config.root}/app/assets/stylesheets/_ee"
|
|
|
|
|
2019-06-12 11:21:18 -04:00
|
|
|
config.assets.paths << "#{config.root}/vendor/assets/javascripts/"
|
|
|
|
config.assets.precompile << "snowplow/sp.js"
|
|
|
|
|
2019-07-22 15:45:14 -04:00
|
|
|
# This path must come last to avoid confusing sprockets
|
2019-09-18 10:02:45 -04:00
|
|
|
# See https://gitlab.com/gitlab-org/gitlab-foss/issues/64091#note_194512508
|
2019-07-22 15:45:14 -04:00
|
|
|
config.assets.paths << "#{config.root}/node_modules"
|
|
|
|
|
2011-10-08 17:36:38 -04:00
|
|
|
# Version of your assets, change this if you want to expire all your assets
|
|
|
|
config.assets.version = '1.0'
|
2013-08-19 16:20:32 -04:00
|
|
|
|
2018-11-16 01:49:48 -05:00
|
|
|
# Nokogiri is significantly faster and uses less memory than REXML
|
|
|
|
ActiveSupport::XmlMini.backend = 'Nokogiri'
|
|
|
|
|
2018-07-06 16:20:02 -04:00
|
|
|
# This middleware needs to precede ActiveRecord::QueryCache and other middlewares that
|
|
|
|
# connect to the database.
|
2018-09-07 03:21:30 -04:00
|
|
|
config.middleware.insert_after Rails::Rack::Logger, ::Gitlab::Middleware::BasicHealthCheck
|
2018-07-06 16:20:02 -04:00
|
|
|
|
2017-09-15 13:31:32 -04:00
|
|
|
config.middleware.insert_after Warden::Manager, Rack::Attack
|
2013-12-05 03:29:45 -05:00
|
|
|
|
2020-03-28 05:08:30 -04:00
|
|
|
config.middleware.insert_before ActionDispatch::Cookies, ::Gitlab::Middleware::SameSiteCookies
|
|
|
|
|
2020-06-01 05:08:28 -04:00
|
|
|
config.middleware.insert_before ActionDispatch::RemoteIp, ::Gitlab::Middleware::HandleIpSpoofAttackError
|
|
|
|
|
2020-10-26 17:08:22 -04:00
|
|
|
config.middleware.insert_after ActionDispatch::ActionableExceptions, ::Gitlab::Middleware::HandleMalformedStrings
|
2020-10-19 11:08:58 -04:00
|
|
|
|
2021-04-12 11:09:30 -04:00
|
|
|
config.middleware.insert_after Rack::Sendfile, ::Gitlab::Middleware::RackMultipartTempfileFactory
|
|
|
|
|
2013-12-05 03:29:45 -05:00
|
|
|
# Allow access to GitLab API from other domains
|
2016-09-22 08:20:17 -04:00
|
|
|
config.middleware.insert_before Warden::Manager, Rack::Cors do
|
2020-01-16 04:08:46 -05:00
|
|
|
headers_to_expose = %w[Link X-Total X-Total-Pages X-Per-Page X-Page X-Next-Page X-Prev-Page X-Gitlab-Blob-Id X-Gitlab-Commit-Id X-Gitlab-Content-Sha256 X-Gitlab-Encoding X-Gitlab-File-Name X-Gitlab-File-Path X-Gitlab-Last-Commit-Id X-Gitlab-Ref X-Gitlab-Size]
|
|
|
|
|
2016-09-22 08:21:55 -04:00
|
|
|
allow do
|
|
|
|
origins Gitlab.config.gitlab.url
|
|
|
|
resource '/api/*',
|
|
|
|
credentials: true,
|
|
|
|
headers: :any,
|
|
|
|
methods: :any,
|
2020-01-16 04:08:46 -05:00
|
|
|
expose: headers_to_expose
|
2016-09-22 08:21:55 -04:00
|
|
|
end
|
|
|
|
|
|
|
|
# Cross-origin requests must not have the session cookie available
|
2013-12-05 03:29:45 -05:00
|
|
|
allow do
|
|
|
|
origins '*'
|
2015-01-23 15:33:20 -05:00
|
|
|
resource '/api/*',
|
2016-09-22 08:21:55 -04:00
|
|
|
credentials: false,
|
2015-01-23 15:33:20 -05:00
|
|
|
headers: :any,
|
2015-10-07 22:08:37 -04:00
|
|
|
methods: :any,
|
2020-01-16 04:08:46 -05:00
|
|
|
expose: headers_to_expose
|
2013-12-05 03:29:45 -05:00
|
|
|
end
|
2021-01-28 04:09:07 -05:00
|
|
|
|
|
|
|
# Cross-origin requests must be enabled for the Authorization code with PKCE OAuth flow when used from a browser.
|
2021-06-09 11:10:05 -04:00
|
|
|
%w(/oauth/token /oauth/revoke).each do |oauth_path|
|
|
|
|
allow do
|
|
|
|
origins '*'
|
|
|
|
resource oauth_path,
|
|
|
|
headers: %w(Authorization),
|
|
|
|
credentials: false,
|
|
|
|
methods: %i(post)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
# These are routes from doorkeeper-openid_connect:
|
|
|
|
# https://github.com/doorkeeper-gem/doorkeeper-openid_connect#routes
|
2021-01-28 04:09:07 -05:00
|
|
|
allow do
|
|
|
|
origins '*'
|
2021-06-09 11:10:05 -04:00
|
|
|
resource '/oauth/userinfo',
|
|
|
|
headers: %w(Authorization),
|
|
|
|
credentials: false,
|
|
|
|
methods: %i(get head post)
|
|
|
|
end
|
|
|
|
|
|
|
|
%w(/oauth/discovery/keys /.well-known/openid-configuration /.well-known/webfinger).each do |openid_path|
|
|
|
|
allow do
|
|
|
|
origins '*'
|
|
|
|
resource openid_path,
|
2021-01-28 04:09:07 -05:00
|
|
|
credentials: false,
|
2021-06-09 11:10:05 -04:00
|
|
|
methods: %i(get head)
|
|
|
|
end
|
2021-01-28 04:09:07 -05:00
|
|
|
end
|
2013-12-05 03:29:45 -05:00
|
|
|
end
|
2014-08-29 05:38:21 -04:00
|
|
|
|
2020-06-10 14:09:15 -04:00
|
|
|
# Use caching across all environments
|
|
|
|
# Full list of options:
|
|
|
|
# https://api.rubyonrails.org/classes/ActiveSupport/Cache/RedisCacheStore.html#method-c-new
|
|
|
|
caching_config_hash = {}
|
|
|
|
caching_config_hash[:redis] = Gitlab::Redis::Cache.pool
|
|
|
|
caching_config_hash[:compress] = Gitlab::Utils.to_boolean(ENV.fetch('ENABLE_REDIS_CACHE_COMPRESSION', '1'))
|
|
|
|
caching_config_hash[:namespace] = Gitlab::Redis::Cache::CACHE_NAMESPACE
|
|
|
|
caching_config_hash[:expires_in] = 2.weeks # Cache should not grow forever
|
|
|
|
|
|
|
|
config.cache_store = :redis_cache_store, caching_config_hash
|
|
|
|
|
2015-11-26 08:48:01 -05:00
|
|
|
config.active_job.queue_adapter = :sidekiq
|
|
|
|
|
2014-11-18 10:15:51 -05:00
|
|
|
# This is needed for gitlab-shell
|
|
|
|
ENV['GITLAB_PATH_OUTSIDE_HOOK'] = ENV['PATH']
|
2017-03-31 06:42:04 -04:00
|
|
|
ENV['GIT_TERMINAL_PROMPT'] = '0'
|
2016-03-04 15:00:11 -05:00
|
|
|
|
2018-09-21 08:05:37 -04:00
|
|
|
# GitLab Read-only middleware support
|
2018-06-12 23:12:38 -04:00
|
|
|
config.middleware.insert_after ActionDispatch::Flash, ::Gitlab::Middleware::ReadOnly
|
2017-09-19 03:44:58 -04:00
|
|
|
|
2016-03-04 15:00:11 -05:00
|
|
|
config.generators do |g|
|
2017-12-13 19:13:44 -05:00
|
|
|
g.factory_bot false
|
2016-03-04 15:00:11 -05:00
|
|
|
end
|
2017-06-29 13:06:35 -04:00
|
|
|
|
2020-09-28 14:09:40 -04:00
|
|
|
# sprocket-rails adds some precompile assets we actually do not need.
|
|
|
|
#
|
|
|
|
# It copies all _non_ js and CSS files from the app/assets/ older.
|
|
|
|
#
|
|
|
|
# In our case this copies for example: Vue, Markdown and Graphql, which we do not need
|
|
|
|
# for production.
|
|
|
|
#
|
|
|
|
# We remove this default behavior and then reimplement it in order to consider ee/ as well
|
|
|
|
# and remove those other files we do not need.
|
|
|
|
#
|
|
|
|
# For reference: https://github.com/rails/sprockets-rails/blob/v3.2.1/lib/sprockets/railtie.rb#L84-L87
|
|
|
|
initializer :correct_precompile_targets, after: :set_default_precompile do |app|
|
|
|
|
app.config.assets.precompile.reject! { |entry| entry == Sprockets::Railtie::LOOSE_APP_ASSETS }
|
|
|
|
|
|
|
|
asset_roots = [config.root.join("app/assets").to_s]
|
|
|
|
|
|
|
|
if Gitlab.ee?
|
|
|
|
asset_roots << config.root.join("ee/app/assets").to_s
|
|
|
|
end
|
|
|
|
|
|
|
|
LOOSE_APP_ASSETS = lambda do |logical_path, filename|
|
|
|
|
filename.start_with?(*asset_roots) &&
|
|
|
|
!['.js', '.css', '.md', '.vue', '.graphql', ''].include?(File.extname(logical_path))
|
|
|
|
end
|
|
|
|
|
|
|
|
app.config.assets.precompile << LOOSE_APP_ASSETS
|
|
|
|
end
|
|
|
|
|
2020-02-20 16:08:48 -05:00
|
|
|
# This empty initializer forces the :let_zeitwerk_take_over initializer to run before we load
|
|
|
|
# initializers in config/initializers. This is done because autoloading before Zeitwerk takes
|
|
|
|
# over is deprecated but our initializers do a lot of autoloading.
|
|
|
|
# See https://gitlab.com/gitlab-org/gitlab/issues/197346 for more details
|
|
|
|
initializer :move_initializers, before: :load_config_initializers, after: :let_zeitwerk_take_over do
|
|
|
|
end
|
|
|
|
|
2020-03-02 07:07:57 -05:00
|
|
|
# We need this for initializers that need to be run before Zeitwerk is loaded
|
|
|
|
initializer :before_zeitwerk, before: :let_zeitwerk_take_over, after: :prepend_helpers_path do
|
|
|
|
Dir[Rails.root.join('config/initializers_before_autoloader/*.rb')].sort.each do |initializer|
|
|
|
|
load_config_initializer(initializer)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2020-09-29 02:09:45 -04:00
|
|
|
# Add EE assets. They should take precedence over CE. This means if two files exist, e.g.:
|
|
|
|
#
|
|
|
|
# ee/app/assets/stylesheets/example.scss
|
|
|
|
# app/assets/stylesheets/example.scss
|
|
|
|
#
|
|
|
|
# The ee/ version will be preferred.
|
|
|
|
initializer :prefer_ee_assets, after: :append_assets_path do |app|
|
|
|
|
if Gitlab.ee?
|
|
|
|
%w[images javascripts stylesheets].each do |path|
|
|
|
|
app.config.assets.paths.unshift("#{config.root}/ee/app/assets/#{path}")
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
2011-10-08 17:36:38 -04:00
|
|
|
end
|
|
|
|
end
|