gitlab-org--gitlab-foss/lib/tasks/gitlab/shell.rake
Patrick Bajao 26dadbc9c4 Integrate Gitlab::Keys with Gitlab::Shell
In this commit, some methods that aren't being used
are removed from `Gitlab::Shell`. They are the ff:
- `#remove_keys_not_found_in_db`
- `#batch_read_key_ids`
- `#list_key_ids`

The corresponding methods in `Gitlab::Keys` have been
removed as well.
2019-03-19 11:16:21 +00:00

156 lines
4.9 KiB
Ruby

namespace :gitlab do
namespace :shell do
desc "GitLab | Install or upgrade gitlab-shell"
task :install, [:repo] => :gitlab_environment do |t, args|
warn_user_is_not_gitlab
default_version = Gitlab::Shell.version_required
args.with_defaults(repo: 'https://gitlab.com/gitlab-org/gitlab-shell.git')
gitlab_url = Gitlab.config.gitlab.url
# gitlab-shell requires a / at the end of the url
gitlab_url += '/' unless gitlab_url.end_with?('/')
target_dir = Gitlab.config.gitlab_shell.path
checkout_or_clone_version(version: default_version, repo: args.repo, target_dir: target_dir)
# Make sure we're on the right tag
Dir.chdir(target_dir) do
config = {
user: Gitlab.config.gitlab.user,
gitlab_url: gitlab_url,
http_settings: { self_signed_cert: false }.stringify_keys,
auth_file: File.join(user_home, ".ssh", "authorized_keys"),
redis: {
bin: `which redis-cli`.chomp,
namespace: "resque:gitlab"
}.stringify_keys,
log_level: "INFO",
audit_usernames: false
}.stringify_keys
redis_url = URI.parse(ENV['REDIS_URL'] || "redis://localhost:6379")
if redis_url.scheme == 'unix'
config['redis']['socket'] = redis_url.path
else
config['redis']['host'] = redis_url.host
config['redis']['port'] = redis_url.port
end
# Generate config.yml based on existing gitlab settings
File.open("config.yml", "w+") {|f| f.puts config.to_yaml}
[
%w(bin/install) + repository_storage_paths_args,
%w(bin/compile)
].each do |cmd|
unless Kernel.system(*cmd)
raise "command failed: #{cmd.join(' ')}"
end
end
end
# (Re)create hooks
Rake::Task['gitlab:shell:create_hooks'].invoke
Gitlab::Shell.ensure_secret_token!
end
desc "GitLab | Setup gitlab-shell"
task setup: :gitlab_environment do
setup
end
desc "GitLab | Build missing projects"
task build_missing_projects: :gitlab_environment do
Project.find_each(batch_size: 1000) do |project|
path_to_repo = project.repository.path_to_repo
if File.exist?(path_to_repo)
print '-'
else
if Gitlab::Shell.new.create_repository(project.repository_storage,
project.disk_path)
print '.'
else
print 'F'
end
end
end
end
desc 'Create or repair repository hooks symlink'
task create_hooks: :gitlab_environment do
warn_user_is_not_gitlab
puts 'Creating/Repairing hooks symlinks for all repositories'
system(*%W(#{Gitlab.config.gitlab_shell.path}/bin/create-hooks) + repository_storage_paths_args)
puts 'done'.color(:green)
end
end
def setup
warn_user_is_not_gitlab
ensure_write_to_authorized_keys_is_enabled
unless ENV['force'] == 'yes'
puts "This task will now rebuild the authorized_keys file."
puts "You will lose any data stored in the authorized_keys file."
ask_to_continue
puts ""
end
Gitlab::Shell.new.remove_all_keys
Key.find_in_batches(batch_size: 1000) do |keys|
unless Gitlab::Shell.new.batch_add_keys(keys)
puts "Failed to add keys...".color(:red)
exit 1
end
end
rescue Gitlab::TaskAbortedByUserError
puts "Quitting...".color(:red)
exit 1
end
def ensure_write_to_authorized_keys_is_enabled
return if Gitlab::CurrentSettings.current_application_settings.authorized_keys_enabled
puts authorized_keys_is_disabled_warning
unless ENV['force'] == 'yes'
puts 'Do you want to permanently enable the "Write to authorized_keys file" setting now?'
ask_to_continue
end
puts 'Enabling the "Write to authorized_keys file" setting...'
Gitlab::CurrentSettings.current_application_settings.update!(authorized_keys_enabled: true)
puts 'Successfully enabled "Write to authorized_keys file"!'
puts ''
end
def authorized_keys_is_disabled_warning
<<-MSG.strip_heredoc
WARNING
The "Write to authorized_keys file" setting is disabled, which prevents
the file from being rebuilt!
It should be enabled for most GitLab installations. Large installations
may wish to disable it as part of speeding up SSH operations.
See https://docs.gitlab.com/ee/administration/operations/fast_ssh_key_lookup.html
If you did not intentionally disable this option in Admin Area > Settings,
then you may have been affected by the 9.3.0 bug in which the new setting
was disabled by default.
https://gitlab.com/gitlab-org/gitlab-ee/issues/2738
It was reverted in 9.3.1 and fixed in 9.3.3, however, if Settings were
saved while the setting was unchecked, then it is still disabled.
MSG
end
end