Age | Commit message (Collapse) | Author |
|
|
|
Allow internal fetches to see all hidden references
See merge request gitlab-org/gitaly!1640
|
|
|
|
Configure logging as early as possible
Closes #2185
See merge request gitlab-org/gitaly!1666
|
|
SSHUpload{Pack,Archive}: fix timeout tests
Closes #2222
See merge request gitlab-org/gitaly!1664
|
|
|
|
|
|
Fix upload pack request racy test
Closes #2217
See merge request gitlab-org/gitaly!1661
|
|
Gitaly feature flags are broken: convert underscores to dashes
Closes #2216
See merge request gitlab-org/gitaly!1659
|
|
- replace underscores to hyphens in feature flag names
Closes: https://gitlab.com/gitlab-org/gitaly/issues/2216
|
|
|
|
Restore gitaly_connections_total prometheus metric
Closes #2213
See merge request gitlab-org/gitaly!1657
|
|
|
|
This includes changes for the security release, merged on master though
not yet on the master branch of gitaly @ gitlab.com
|
|
Limit the negotiation phase for certain Gitaly RPCs
See merge request gitlab/gitaly!45
|
|
Use internal socket dir for internal gitaly socket
Closes #2184
See merge request gitlab-org/gitaly!1642
|
|
Both gitaly-ruby and gitaly hooks will need the gitaly internal socket
directory, so we can pull it out into the config package. Also this
change starts an internal gitaly socket that listens for connections.
|
|
Wire in bootstrap package for praefect for zero downtime deploy
Closes #1898
See merge request gitlab-org/gitaly!1638
|
|
|
|
Praefect multiple virtual storage
See merge request gitlab-org/gitaly!1606
|
|
|
|
ListCommitsByOid: add histogram for request size
See merge request gitlab-org/gitaly!1650
|
|
|
|
Proposal for Praefect queue database
See merge request gitlab-org/gitaly!1643
|
|
|
|
Revert "Merge branch 'sh-upgrade-charlock-holmes' into 'master'"
See merge request gitlab-org/gitaly!1652
|
|
Add labkit healthcheck with fix
Closes #2189
See merge request gitlab-org/gitaly!1646
|
|
|
|
Add DiskStatistics grpc method to ServerService
Closes #2146
See merge request gitlab-org/gitaly!1620
|
|
Use testhelper to build gitaly-ssh in test
See merge request gitlab-org/gitaly!1649
|
|
|
|
This reverts merge request !1647
|
|
|
|
Add Praefect service
See merge request gitlab-org/gitaly!1628
|
|
|
|
Upgrade charlock_holmes Ruby gem to v0.7.7
See merge request gitlab-org/gitaly!1647
|
|
This fixes some build issues on MacOS:
https://github.com/brianmario/charlock_holmes/compare/0.7.6..v0.7.7
|
|
UpdateRemoteMirror: fix default branch resolution
Closes #1421
See merge request gitlab-org/gitaly!1641
|
|
|
|
Fix most deprecation warnings
See merge request gitlab-org/gitaly!1630
|
|
Signed-off-by: Mateusz Nowotyński <maxmati4@gmail.com>
|
|
Add new Prometheus metrics to investigate write pressure
See merge request gitlab-org/gitaly!1616
|
|
|
|
In most cases, Gitaly trusts that the caller of the RPC has validated
that the user is permitted to perform the action represented by the RPC
and doesn't repeat any access control checks. Where an RPC reads data
from a client-controlled stream before acting, the time between the
check and the operation can be artificially extended. This can lead to
security issues where
Solve this by placing a limit on the *negotiation phase* of two RPCs
that are known to be vulnerable:
* ssh.SSHUploadPack
* ssh.SSHUploadArchive
These RPCs are known not to be vulnerable, for one reason or another:
* ssh.SSHReceivePack
* smarthttp.ReceivePack
The smarthttp.UploadPack RPC is vulnerable, but the vulnerability is
being handled in Workhorse.
|
|
Delete .codecov.yml
See merge request gitlab-org/gitaly!1644
|
|
Refactor datastore to its own package
See merge request gitlab-org/gitaly!1627
|
|
Revert "Merge branch 'move-healthcheck-to-labkit' into 'master'"
Closes #2188
See merge request gitlab-org/gitaly!1645
|
|
This reverts commit 3b68223057bed9d6e6111e7882daa3d0b679c316, reversing
changes made to 1b130a414536204204b6f998e3bbb4b01d79c6b5.
|
|
Gone unused, so we can clean up.
|
|
Validate that hook files are reachable and executable
Closes #1590
See merge request gitlab-org/gitaly!1574
|