Commit graph

16 commits

Author SHA1 Message Date
Thong Kuah
4ec16912b8 Autocorrect with RSpec/ExampleWording cop
- rewords examples starting with 'should'
- rewords examples starting with 'it'

Note: I had to manually fixup "onlies" to "only"
2019-04-05 08:43:27 +00:00
Thong Kuah
a2cfc150ce Add # frozen_string_literal to spec/models
Adds `# frozen_string_literal: true` to spec/models ruby files
2019-04-01 14:37:54 +13:00
Stan Hu
6fbbd4ab39 Only send one notification for failed remote mirror
Retries in Sidekiq and in the remote mirror scheduler can cause repeated
attempts in quick succession if the sync fails. Each failure will then
send an e-mail to all project maintainers, which can spam users
unnecessarily.

Modify the logic to send one notification the first time the mirror
fails by setting `error_notification_sent` to `true` and reset the
flag after a successful sync.

Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/56222
2019-01-15 00:15:40 -08:00
John Jarvis
e4dabec82a Merge branch 'security-fix-ssrf-import-url-remote-mirror' into 'master'
[master] SSRF - Scan Internal Ports and GCP/AWS endpoints

See merge request gitlab/gitlabhq!2689
2019-01-01 20:38:37 +00:00
Francisco Javier López
63c48f7380
Replaced UrlValidator with PublicUrlValidator for import_url and remote mirror urls 2018-12-13 08:57:04 +01:00
Alejandro Rodríguez
b65cb237ce Send a notification email on mirror update errors
The email is sent to project maintainers containing the last mirror
update error. This will allow maintainers to set alarms and react
accordingly.
2018-12-11 23:08:17 -03:00
Stan Hu
207f0a1b16 Make RemoteMirror's only_protected_branches default value consistent
From https://gitlab.com/gitlab-org/gitlab-ce/issues/53515, we see the
backend appears to have inconsistent default values for this column:

* DB schema: false by default
* UI checkbox: false by default
* `RemoteMirror` model: true by default

This leads to unintended behavior where the boolean is activated if the
UI doesn't pass in a value for the checkbox.
2018-11-28 11:23:27 -08:00
Nick Thomas
f1bc7b6eb5
SSH public-key authentication for push mirroring 2018-11-19 11:46:39 +00:00
Alejandro Rodríguez
a99bf447a2 Remove Gitlab::Git::Repository#rugged and Gollum code
Cleanup code, and refactor tests that still use Rugged. After this, there should
be no Rugged code that access the instance's repositories on non-test
environments. There is still some rugged code for other tasks like the
repository import task, but since it doesn't access any repository storage path
it can stay.
2018-10-02 16:34:28 -03:00
Stan Hu
578137f6e4 Fix remote mirrors failing if Git remotes have not been added
Remote mirrors only get created when the URL changes, However, during the GCP
migration, the remote mirror did not get created automatically. Plus, there's
no guarantee someone restoring a repository from backup would have this
remote. We now add the remote each time we attempt to fetch from the
repository.

This works because Gitaly doesn't throw up an exception or error if the
remote already exists:
https://gitlab.com/gitlab-org/gitaly/issues/1317

In the future, we should attempt to add if the remote doesn't exist:
https://gitlab.com/gitlab-org/gitaly/issues/1316

Closes #50562
2018-08-22 17:02:09 -07:00
Lin Jen-Shin
4ee08b77bc Updates from rubocop -a 2018-07-09 21:13:08 +08:00
Jacob Vosmaer (GitLab)
5cf5680f9c Deny repository disk access in development and test 2018-06-14 11:18:25 +00:00
Francisco Javier López
1418afc2d6 Avoid checking the user format in every url validation 2018-06-11 13:29:37 +00:00
Francisco Javier López
840f80d48b Add validation to webhook and service URLs to ensure they are not blocked because of SSRF 2018-06-01 11:43:53 +00:00
Tiago Botelho
961255b107 Adds remote mirror table migration 2018-05-07 12:00:13 +02:00
Tiago Botelho
9a13059332 Backports every CE related change from ee-5484 to CE 2018-05-07 11:59:51 +02:00