Merge branch 'master' into upgrade-to-webpack-v4

* master: (252 commits) Upgrade underscore.js Enable prometheus metrics by default Add signature verification badge to compare view Add Changelog Update instalation from source guide fix Web IDE file tree scroll issue Enable quick support actions default Backport of 4084-epics-username-autocomplete Remove top margin on the terms page with performance bar Backports every CE related change from ee-44542 to CE Fix typo in changelog entry fix missing space Backport IdentityLinker#failed? from GroupSaml callback flow Add ci_cd_settings delete_all dependency on project AutoDevOps Docs fix invalid external link Ignore knapsack and rspec_flaky Ensure web hook 'blocked URL' errors are stored in as web hook logs and properly surfaced to the user Partially revert ebcd5711c5ff937bf925002bf9a5b636b037684e to fix runner pages Reuses `InternalRedirect` when possible Enforces terms in the web application ...
author: Mike Greiling <mike@pixelcog.com> 2018-05-07 20:44:07 +0300
committer: Mike Greiling <mike@pixelcog.com> 2018-05-07 20:44:07 +0300
commit: caf49264b47999a5b888a3ada3b70cc76e94d2bd (patch)
tree: 3990cc9b709c59302c697ca80c0763e78f4ed943 /config
parent: 33bd0d4fdebb528fec8e3018f8d972f20b205476 (diff)
parent: 9f7a6742466931f219cb83ff63e6debcec5db221 (diff)
11 files changed, 67 insertions, 18 deletions
diff --git a/config/application.rb b/config/application.rb
index ad7338763f7..09f706e3d70 100644
--- a/config/application.rb
+++ b/config/application.rb
@@ -115,6 +115,7 @@ module Gitlab
     config.assets.precompile << "test.css"
     config.assets.precompile << "snippets.css"
     config.assets.precompile << "locale/**/app.js"
+    config.assets.precompile << "emoji_sprites.css"
 
     # Import gitlab-svgs directly from vendored directory
     config.assets.paths << "#{config.root}/node_modules/@gitlab-org/gitlab-svgs/dist"
diff --git a/config/initializers/8_metrics.rb b/config/initializers/8_metrics.rb
index 7cdf49159b4..8a851b89c56 100644
--- a/config/initializers/8_metrics.rb
+++ b/config/initializers/8_metrics.rb
@@ -119,7 +119,14 @@ def instrument_classes(instrumentation)
 end
 # rubocop:enable Metrics/AbcSize
 
-if Gitlab::Metrics.enabled?
+# With prometheus enabled by default this breaks all specs
+# that stubs methods using `any_instance_of` for the models reloaded here.
+#
+# We should deprecate the usage of `any_instance_of` in the future
+# check: https://github.com/rspec/rspec-mocks#settings-mocks-or-stubs-on-any-instance-of-a-class
+#
+# Related issue: https://gitlab.com/gitlab-org/gitlab-ce/issues/33587
+if Gitlab::Metrics.enabled? && !Rails.env.test?
   require 'pathname'
   require 'influxdb'
   require 'connection_pool'
diff --git a/config/initializers/console_message.rb b/config/initializers/console_message.rb
new file mode 100644
index 00000000000..536ab337d85
--- /dev/null
+++ b/config/initializers/console_message.rb
@@ -0,0 +1,10 @@
+# rubocop:disable Rails/Output
+if defined?(Rails::Console)
+  # note that this will not print out when using `spring`
+  justify = 15
+  puts "-------------------------------------------------------------------------------------"
+  puts " Gitlab:".ljust(justify) + "#{Gitlab::VERSION} (#{Gitlab::REVISION})"
+  puts " Gitlab Shell:".ljust(justify) + Gitlab::Shell.new.version
+  puts " #{Gitlab::Database.adapter_name}:".ljust(justify) + Gitlab::Database.version
+  puts "-------------------------------------------------------------------------------------"
+end
diff --git a/config/initializers/forbid_sidekiq_in_transactions.rb b/config/initializers/forbid_sidekiq_in_transactions.rb
index 4603123665d..deb94d7dbce 100644
--- a/config/initializers/forbid_sidekiq_in_transactions.rb
+++ b/config/initializers/forbid_sidekiq_in_transactions.rb
@@ -27,7 +27,7 @@ module Sidekiq
                 Use an `after_commit` hook, or include `AfterCommitQueue` and use a `run_after_commit` block instead.
                 MSG
               rescue Sidekiq::Worker::EnqueueFromTransactionError => e
-                Rails.logger.error(e.message) if Rails.env.production?
+                ::Rails.logger.error(e.message) if ::Rails.env.production?
                 Gitlab::Sentry.track_exception(e)
               end
             end
diff --git a/config/initializers/session_store.rb b/config/initializers/session_store.rb
index f2fde1e0048..da24881885e 100644
--- a/config/initializers/session_store.rb
+++ b/config/initializers/session_store.rb
@@ -15,19 +15,15 @@ cookie_key = if Rails.env.development?
                "_gitlab_session"
              end
 
-if Rails.env.test?
-  Gitlab::Application.config.session_store :cookie_store, key: "_gitlab_session"
-else
-  sessions_config = Gitlab::Redis::SharedState.params
-  sessions_config[:namespace] = Gitlab::Redis::SharedState::SESSION_NAMESPACE
+sessions_config = Gitlab::Redis::SharedState.params
+sessions_config[:namespace] = Gitlab::Redis::SharedState::SESSION_NAMESPACE
 
-  Gitlab::Application.config.session_store(
-    :redis_store, # Using the cookie_store would enable session replay attacks.
-    servers: sessions_config,
-    key: cookie_key,
-    secure: Gitlab.config.gitlab.https,
-    httponly: true,
-    expires_in: Settings.gitlab['session_expire_delay'] * 60,
-    path: Rails.application.config.relative_url_root.nil? ? '/' : Gitlab::Application.config.relative_url_root
-  )
-end
+Gitlab::Application.config.session_store(
+  :redis_store, # Using the cookie_store would enable session replay attacks.
+  servers: sessions_config,
+  key: cookie_key,
+  secure: Gitlab.config.gitlab.https,
+  httponly: true,
+  expires_in: Settings.gitlab['session_expire_delay'] * 60,
+  path: Rails.application.config.relative_url_root.nil? ? '/' : Gitlab::Application.config.relative_url_root
+)
diff --git a/config/initializers/trusted_proxies.rb b/config/initializers/trusted_proxies.rb
index 0c32528311e..ca2eed664ed 100644
--- a/config/initializers/trusted_proxies.rb
+++ b/config/initializers/trusted_proxies.rb
@@ -22,3 +22,16 @@ end.compact
 
 Rails.application.config.action_dispatch.trusted_proxies = (
   ['127.0.0.1', '::1'] + gitlab_trusted_proxies)
+
+# A monkey patch to make trusted proxies work with Rails 5.0.
+# Inspired by https://github.com/rails/rails/issues/5223#issuecomment-263778719
+# Remove this monkey patch when upstream is fixed.
+if Gitlab.rails5?
+  module TrustedProxyMonkeyPatch
+    def ip
+      @ip ||= (get_header("action_dispatch.remote_ip") || super).to_s
+    end
+  end
+
+  ActionDispatch::Request.send(:include, TrustedProxyMonkeyPatch)
+end
diff --git a/config/initializers/warden.rb b/config/initializers/warden.rb
index ee034d21eae..bf079f8e1a7 100644
--- a/config/initializers/warden.rb
+++ b/config/initializers/warden.rb
@@ -6,4 +6,16 @@ Rails.application.configure do |config|
   Warden::Manager.before_failure do |env, opts|
     Gitlab::Auth::BlockedUserTracker.log_if_user_blocked(env)
   end
+
+  Warden::Manager.after_authentication do |user, auth, opts|
+    ActiveSession.cleanup(user)
+  end
+
+  Warden::Manager.after_set_user only: :fetch do |user, auth, opts|
+    ActiveSession.set(user, auth.request)
+  end
+
+  Warden::Manager.before_logout do |user, auth, opts|
+    ActiveSession.destroy(user || auth.user, auth.request.session.id)
+  end
 end
diff --git a/config/routes/profile.rb b/config/routes/profile.rb
index bcfc17a5f66..a9ba5ac2c0b 100644
--- a/config/routes/profile.rb
+++ b/config/routes/profile.rb
@@ -30,6 +30,7 @@ resource :profile, only: [:show, :update] do
         put :revoke
       end
     end
+    resources :active_sessions, only: [:index, :destroy]
     resources :emails, only: [:index, :create, :destroy] do
       member do
         put :resend_confirmation_instructions
diff --git a/config/routes/project.rb b/config/routes/project.rb
index 2a1bcb8cde2..f36341cdcaf 100644
--- a/config/routes/project.rb
+++ b/config/routes/project.rb
@@ -161,7 +161,6 @@ constraints(::Constraints::ProjectUrlConstrainer.new) do
           end
 
           get :diff_for_path
-          get :update_branches
           get :branch_from
           get :branch_to
         end
@@ -183,6 +182,7 @@ constraints(::Constraints::ProjectUrlConstrainer.new) do
 
         member do
           get :stage
+          get :stage_ajax
           post :cancel
           post :retry
           get :builds
@@ -410,6 +410,7 @@ constraints(::Constraints::ProjectUrlConstrainer.new) do
 
         collection do
           post :toggle_shared_runners
+          post :toggle_group_runners
         end
       end
 
diff --git a/config/routes/repository.rb b/config/routes/repository.rb
index 9e506a1a43a..e2bf8d6a7ff 100644
--- a/config/routes/repository.rb
+++ b/config/routes/repository.rb
@@ -18,6 +18,7 @@ scope format: false do
   resources :compare, only: [:index, :create] do
     collection do
       get :diff_for_path
+      get :signatures
     end
   end
 
diff --git a/config/routes/user.rb b/config/routes/user.rb
index f8677693fab..bc7df5e7584 100644
--- a/config/routes/user.rb
+++ b/config/routes/user.rb
@@ -27,6 +27,13 @@ devise_scope :user do
   get '/users/almost_there' => 'confirmations#almost_there'
 end
 
+scope '-/users', module: :users do
+  resources :terms, only: [:index] do
+    post :accept, on: :member
+    post :decline, on: :member
+  end
+end
+
 scope(constraints: { username: Gitlab::PathRegex.root_namespace_route_regex }) do
   scope(path: 'users/:username',
         as: :user,
author	Mike Greiling <mike@pixelcog.com>	2018-05-07 20:44:07 +0300
committer	Mike Greiling <mike@pixelcog.com>	2018-05-07 20:44:07 +0300
commit	caf49264b47999a5b888a3ada3b70cc76e94d2bd (patch)
tree	3990cc9b709c59302c697ca80c0763e78f4ed943 /config
parent	33bd0d4fdebb528fec8e3018f8d972f20b205476 (diff)
parent	9f7a6742466931f219cb83ff63e6debcec5db221 (diff)