diff options
Diffstat (limited to 'config/initializers')
| -rw-r--r-- | config/initializers/00_connection_logger.rb | 26 | ||||
| -rw-r--r-- | config/initializers/0_log_deprecations.rb | 14 | ||||
| -rw-r--r-- | config/initializers/1_acts_as_taggable.rb | 33 | ||||
| -rw-r--r-- | config/initializers/1_settings.rb | 11 | ||||
| -rw-r--r-- | config/initializers/8_devise.rb | 2 | ||||
| -rw-r--r-- | config/initializers/database_config.rb | 6 | ||||
| -rw-r--r-- | config/initializers/doorkeeper.rb | 2 | ||||
| -rw-r--r-- | config/initializers/enumerator_next_patch.rb | 44 | ||||
| -rw-r--r-- | config/initializers/memory_watchdog.rb | 19 | ||||
| -rw-r--r-- | config/initializers/peek.rb | 5 | ||||
| -rw-r--r-- | config/initializers/rack_timeout.rb | 4 | ||||
| -rw-r--r-- | config/initializers/set_active_support_hash_digest_class.rb | 11 | ||||
| -rw-r--r-- | config/initializers/wikicloth_redos_patch.rb | 75 |
13 files changed, 198 insertions, 54 deletions
diff --git a/config/initializers/00_connection_logger.rb b/config/initializers/00_connection_logger.rb deleted file mode 100644 index 9f03d13f95f..00000000000 --- a/config/initializers/00_connection_logger.rb +++ /dev/null @@ -1,26 +0,0 @@ -# frozen_string_literal: true - -module NewConnectionLogger - extend ActiveSupport::Concern - - prepended do |base| - base.class_attribute :warn_on_new_connection, default: false - end - - class_methods do - def new_client(...) - if warn_on_new_connection && !ENV['SKIP_LOG_INITIALIZER_CONNECTIONS'] - cleaned_caller = Gitlab::BacktraceCleaner.clean_backtrace(caller) - message = "Database connection should not be called during initializers. Read more at https://docs.gitlab.com/ee/development/rails_initializers.html#database-connections-in-initializers" - - ActiveSupport::Deprecation.warn(message, cleaned_caller) - - warn caller if ENV['DEBUG_INITIALIZER_CONNECTIONS'] - end - - super - end - end -end - -ActiveRecord::ConnectionAdapters::PostgreSQLAdapter.prepend(NewConnectionLogger) diff --git a/config/initializers/0_log_deprecations.rb b/config/initializers/0_log_deprecations.rb index 20fb5144937..6ba18ea1136 100644 --- a/config/initializers/0_log_deprecations.rb +++ b/config/initializers/0_log_deprecations.rb @@ -9,11 +9,15 @@ end if log_deprecations? # Log deprecation warnings emitted through Kernel#warn, such as from gems or # the Ruby VM. - Warning.process(/.+is deprecated$/) do |warning| - Gitlab::DeprecationJsonLogger.info(message: warning.strip, source: 'ruby') - # Returning :default means we continue emitting this to stderr as well. - :default - end + actions = { + /.+is deprecated$/ => lambda do |warning| + Gitlab::DeprecationJsonLogger.info(message: warning.strip, source: 'ruby') + # Returning :default means we continue emitting this to stderr as well. + :default + end + } + + Warning.process('', actions) # Log deprecation warnings emitted from Rails (see ActiveSupport::Deprecation). ActiveSupport::Notifications.subscribe('deprecation.rails') do |name, start, finish, id, payload| diff --git a/config/initializers/1_acts_as_taggable.rb b/config/initializers/1_acts_as_taggable.rb index 59412aef755..0c34bf3941b 100644 --- a/config/initializers/1_acts_as_taggable.rb +++ b/config/initializers/1_acts_as_taggable.rb @@ -15,3 +15,36 @@ raise "Counter cache is not disabled" if model.connection_specification_name = Ci::ApplicationRecord.connection_specification_name model.singleton_class.delegate :connection, :sticking, to: '::Ci::ApplicationRecord' end + +# Modified from https://github.com/mbleigh/acts-as-taggable-on/pull/1081 +# with insert_all, which is not supported in MySQL +# See https://gitlab.com/gitlab-org/gitlab/-/issues/338346#note_996969960 +module ActsAsTaggableOnTagPatch + def find_or_create_all_with_like_by_name(*list) + list = Array(list).flatten + + return [] if list.empty? + + existing_tags = named_any(list) + + missing = list.reject do |tag_name| + comparable_tag_name = comparable_name(tag_name) + existing_tags.find { |tag| comparable_name(tag.name) == comparable_tag_name } + end + + if missing.empty? + new_tags = [] + else + attributes_to_add = missing.map do |tag_name| + { name: tag_name } + end + + insert_all(attributes_to_add, unique_by: :name) + new_tags = named_any(missing) + end + + existing_tags + new_tags + end +end + +::ActsAsTaggableOn::Tag.singleton_class.prepend(ActsAsTaggableOnTagPatch) diff --git a/config/initializers/1_settings.rb b/config/initializers/1_settings.rb index 8de514e9455..2de4efbe8ef 100644 --- a/config/initializers/1_settings.rb +++ b/config/initializers/1_settings.rb @@ -241,8 +241,6 @@ end # Settings['gitlab_ci'] ||= Settingslogic.new({}) Settings.gitlab_ci['shared_runners_enabled'] = true if Settings.gitlab_ci['shared_runners_enabled'].nil? -Settings.gitlab_ci['all_broken_builds'] = true if Settings.gitlab_ci['all_broken_builds'].nil? -Settings.gitlab_ci['add_pusher'] = false if Settings.gitlab_ci['add_pusher'].nil? Settings.gitlab_ci['builds_path'] = Settings.absolute(Settings.gitlab_ci['builds_path'] || "builds/") Settings.gitlab_ci['url'] ||= Settings.__send__(:build_gitlab_ci_url) @@ -632,6 +630,9 @@ Settings.cron_jobs['inactive_projects_deletion_cron_worker']['job_class'] = 'Pro Settings.cron_jobs['loose_foreign_keys_cleanup_worker'] ||= Settingslogic.new({}) Settings.cron_jobs['loose_foreign_keys_cleanup_worker']['cron'] ||= '*/1 * * * *' Settings.cron_jobs['loose_foreign_keys_cleanup_worker']['job_class'] = 'LooseForeignKeys::CleanupWorker' +Settings.cron_jobs['ci_runner_versions_reconciliation_worker'] ||= Settingslogic.new({}) +Settings.cron_jobs['ci_runner_versions_reconciliation_worker']['cron'] ||= '20 * * * *' +Settings.cron_jobs['ci_runner_versions_reconciliation_worker']['job_class'] = 'Ci::Runners::ReconcileExistingRunnerVersionsCronWorker' Gitlab.ee do Settings.cron_jobs['analytics_devops_adoption_create_all_snapshots_worker'] ||= Settingslogic.new({}) @@ -971,6 +972,9 @@ Settings.monitoring.sidekiq_exporter['enabled'] ||= false Settings.monitoring.sidekiq_exporter['log_enabled'] ||= false Settings.monitoring.sidekiq_exporter['address'] ||= 'localhost' Settings.monitoring.sidekiq_exporter['port'] ||= 8082 +Settings.monitoring.sidekiq_exporter['tls_enabled'] ||= false +Settings.monitoring.sidekiq_exporter['tls_cert_path'] ||= nil +Settings.monitoring.sidekiq_exporter['tls_key_path'] ||= nil Settings.monitoring['sidekiq_health_checks'] ||= Settingslogic.new({}) Settings.monitoring.sidekiq_health_checks['enabled'] ||= false @@ -981,6 +985,9 @@ Settings.monitoring['web_exporter'] ||= Settingslogic.new({}) Settings.monitoring.web_exporter['enabled'] ||= false Settings.monitoring.web_exporter['address'] ||= 'localhost' Settings.monitoring.web_exporter['port'] ||= 8083 +Settings.monitoring.web_exporter['tls_enabled'] ||= false +Settings.monitoring.web_exporter['tls_cert_path'] ||= nil +Settings.monitoring.web_exporter['tls_key_path'] ||= nil # # Prometheus settings diff --git a/config/initializers/8_devise.rb b/config/initializers/8_devise.rb index 3cac012c2f7..65314c4472f 100644 --- a/config/initializers/8_devise.rb +++ b/config/initializers/8_devise.rb @@ -184,7 +184,7 @@ Devise.setup do |config| # :authlogic_sha512 (then you should set stretches above to 20 for default behavior) # and :restful_authentication_sha1 (then you should set stretches to 10, and copy # REST_AUTH_SITE_KEY to pepper) - # config.encryptor = :sha512 + config.encryptor = :pbkdf2_sha512 # Authentication through token does not store user in session and needs # to be supplied on each request. Useful if you are using the token as API token. diff --git a/config/initializers/database_config.rb b/config/initializers/database_config.rb index 84ef0bc9f16..31666c884bc 100644 --- a/config/initializers/database_config.rb +++ b/config/initializers/database_config.rb @@ -1,6 +1,12 @@ # frozen_string_literal: true Gitlab.ee do + if Gitlab::Geo.geo_database_configured? + # Make sure connects_to for geo gets called outside of config/routes.rb first + # See InitializerConnections.with_disabled_database_connections + Geo::TrackingBase + end + if Gitlab::Runtime.sidekiq? && Gitlab::Geo.geo_database_configured? # The Geo::TrackingBase model does not yet use connects_to. So, # this will not properly support geo: from config/databse.yml diff --git a/config/initializers/doorkeeper.rb b/config/initializers/doorkeeper.rb index 7827ad8f168..6ad8b02bfea 100644 --- a/config/initializers/doorkeeper.rb +++ b/config/initializers/doorkeeper.rb @@ -39,7 +39,7 @@ Doorkeeper.configure do # Reuse access token for the same resource owner within an application (disabled by default) # Rationale: https://github.com/doorkeeper-gem/doorkeeper/issues/383 - reuse_access_token + # reuse_access_token # Issue access tokens with refresh token (disabled by default) use_refresh_token diff --git a/config/initializers/enumerator_next_patch.rb b/config/initializers/enumerator_next_patch.rb new file mode 100644 index 00000000000..e1fc04731ae --- /dev/null +++ b/config/initializers/enumerator_next_patch.rb @@ -0,0 +1,44 @@ +# frozen_string_literal: true + +# Monkey patch of Enumerator#next to get better stack traces +# when an error is raised from within a Fiber. +# https://bugs.ruby-lang.org/issues/16829 +module EnumeratorNextPatch + %w(next next_values peek peek_values).each do |name| + define_method(name) do |*args| + gitlab_patch_backtrace_marker { super(*args) } + rescue Exception => err # rubocop: disable Lint/RescueException + err.set_backtrace(err.backtrace + caller) unless + has_gitlab_patch_backtrace_marker?(err.backtrace) && backtrace_matches_caller?(err.backtrace) + + raise + end + end + + private + + def gitlab_patch_backtrace_marker + yield + end + + # This function tells us whether the exception was generated by #next itself or by something in + # the Fiber that it invokes. If it's generated by #next, then the backtrace will have + # #gitlab_patch_backtrace_marker as the third item down the trace (since + # #gitlab_patch_backtrace_marker calls a block, which in turn calls #next.) If it's generated + # by the Fiber that #next invokes, then it won't contain this marker. + def has_gitlab_patch_backtrace_marker?(backtrace) + match = %r(^(.*):[0-9]+:in `gitlab_patch_backtrace_marker'$).match(backtrace[2]) + + !!match && match[1] == __FILE__ + end + + # This function makes sure that the rest of the stack trace matches in order to avoid missing + # an exception that was generated by calling #next on another Enumerator inside the Fiber. + # This might miss some *very* contrived scenarios involving recursion, but exceptions don't + # provide Fiber information, so it's the best we can do. + def backtrace_matches_caller?(backtrace) + backtrace[3..] == caller[1..] + end +end + +Enumerator.prepend(EnumeratorNextPatch) diff --git a/config/initializers/memory_watchdog.rb b/config/initializers/memory_watchdog.rb new file mode 100644 index 00000000000..72779a18b10 --- /dev/null +++ b/config/initializers/memory_watchdog.rb @@ -0,0 +1,19 @@ +# frozen_string_literal: true + +return unless Gitlab::Runtime.application? +return unless Gitlab::Utils.to_boolean(ENV['GITLAB_MEMORY_WATCHDOG_ENABLED']) + +Gitlab::Cluster::LifecycleEvents.on_worker_start do + handler = + if Gitlab::Runtime.puma? + Gitlab::Memory::Watchdog::PumaHandler.new + elsif Gitlab::Runtime.sidekiq? + Gitlab::Memory::Watchdog::TermProcessHandler.new + else + Gitlab::Memory::Watchdog::NullHandler.instance + end + + Gitlab::Memory::Watchdog.new( + handler: handler, logger: Gitlab::AppLogger + ).start +end diff --git a/config/initializers/peek.rb b/config/initializers/peek.rb index 9662039e3eb..efd4594e64c 100644 --- a/config/initializers/peek.rb +++ b/config/initializers/peek.rb @@ -5,7 +5,10 @@ require 'peek/adapters/redis' Peek::Adapters::Redis.prepend ::Gitlab::PerformanceBar::RedisAdapterWhenPeekEnabled Peek.singleton_class.prepend ::Gitlab::PerformanceBar::WithTopLevelWarnings -Rails.application.config.peek.adapter = :redis, { client: ::Redis.new(Gitlab::Redis::Cache.params) } +Rails.application.config.peek.adapter = :redis, { + client: ::Redis.new(Gitlab::Redis::Cache.params), + expires_in: 5.minutes +} Peek.into Peek::Views::Host Peek.into Peek::Views::ActiveRecord diff --git a/config/initializers/rack_timeout.rb b/config/initializers/rack_timeout.rb index c2f2f3e093c..27077f4f0f6 100644 --- a/config/initializers/rack_timeout.rb +++ b/config/initializers/rack_timeout.rb @@ -20,3 +20,7 @@ if Gitlab::Runtime.puma? && !Rails.env.test? observer = Gitlab::Cluster::RackTimeoutObserver.new Rack::Timeout.register_state_change_observer(:gitlab_rack_timeout, &observer.callback) end + +unless Gitlab::Utils.to_boolean(ENV['GITLAB_RAILS_RACK_TIMEOUT_ENABLE_LOGGING'], default: true) + Rack::Timeout::Logger.disable +end diff --git a/config/initializers/set_active_support_hash_digest_class.rb b/config/initializers/set_active_support_hash_digest_class.rb deleted file mode 100644 index 743b45eed34..00000000000 --- a/config/initializers/set_active_support_hash_digest_class.rb +++ /dev/null @@ -1,11 +0,0 @@ -# frozen_string_literal: true - -Rails.application.configure do - # We set ActiveSupport::Digest.hash_digest_class directly copying - # See https://github.com/rails/rails/blob/6-1-stable/activesupport/lib/active_support/railtie.rb#L96-L98 - # - # Note that is the only usage of config.active_support.hash_digest_class - config.after_initialize do - ActiveSupport::Digest.hash_digest_class = Gitlab::HashDigest::Facade - end -end diff --git a/config/initializers/wikicloth_redos_patch.rb b/config/initializers/wikicloth_redos_patch.rb index 13180180c32..a0b7c2e2466 100644 --- a/config/initializers/wikicloth_redos_patch.rb +++ b/config/initializers/wikicloth_redos_patch.rb @@ -2,15 +2,22 @@ require 'wikicloth' require 'wikicloth/wiki_buffer/var' +require 'digest/sha2' -# Adds patch for changes in this PR: https://github.com/nricciar/wikicloth/pull/112/files +# Adds patch for changes in these PRs: # -# That fix has already been merged, but the maintainers are not releasing new versions, so we -# need to patch it here. +# https://github.com/nricciar/wikicloth/pull/112 +# https://github.com/nricciar/wikicloth/pull/131 +# +# The first fix has already been merged, but the second has not, +# and the maintainers are not releasing new versions, so we +# need to patch them here. # # If they ever do release a version, then we can remove this file. # -# See: https://gitlab.com/gitlab-org/gitlab/-/issues/334056#note_745336618 +# See: +# - https://gitlab.com/gitlab-org/gitlab/-/issues/334056#note_745336618 +# - https://gitlab.com/gitlab-org/gitlab/-/issues/361266 # Guard to ensure we remember to delete this patch if they ever release a new version of wikicloth raise 'New version of WikiCloth detected, please remove this patch' unless Gem::Version.new(WikiCloth::VERSION) == Gem::Version.new('0.8.1') @@ -30,9 +37,12 @@ raise 'New version of WikiCloth detected, please remove this patch' unless Gem:: # rubocop:disable Layout/EmptyLineAfterGuardClause # rubocop:disable Performance/ReverseEach # rubocop:disable Style/BlockDelimiters -# rubocop:disable Cop/LineBreakAroundConditionalBlock # rubocop:disable Layout/MultilineBlockLayout # rubocop:disable Layout/BlockEndNewline +# rubocop:disable Style/PerlBackrefs +# rubocop:disable Style/RegexpLiteralMixedPreserve +# rubocop:disable Style/RedundantRegexpCharacterClass +# rubocop:disable Performance/StringInclude module WikiCloth class WikiCloth def render(opt={}) @@ -110,7 +120,7 @@ module WikiCloth key = params[0].to_s.strip key_options = params[1..].collect { |p| p.is_a?(Hash) ? { :name => p[:name].strip, :value => p[:value].strip } : p.strip } key_options ||= [] - key_digest = Digest::MD5.hexdigest(key_options.to_a.sort {|x,y| (x.is_a?(Hash) ? x[:name] : x) <=> (y.is_a?(Hash) ? y[:name] : y) }.inspect) + key_digest = Digest::SHA256.hexdigest(key_options.to_a.sort {|x,y| (x.is_a?(Hash) ? x[:name] : x) <=> (y.is_a?(Hash) ? y[:name] : y) }.inspect) return @options[:params][key] if @options[:params].has_key?(key) # if we have a valid cache fragment use it @@ -138,6 +148,54 @@ module WikiCloth end end end + + class WikiBuffer::HTMLElement < WikiBuffer + def to_html + if NO_NEED_TO_CLOSE.include?(self.element_name) + return "<#{self.element_name} />" if SHORT_TAGS.include?(self.element_name) + return "</#{self.element_name}><#{self.element_name}>" if @tag_check == self.element_name + end + + if ESCAPED_TAGS.include?(self.element_name) + # remove empty first line + self.element_content = $1 if self.element_content =~ /^\s*\n(.*)$/m + # escape all html inside this element + self.element_content = self.element_content.gsub('<','<').gsub('>','>') + # hack to fix <code><nowiki> nested mess + self.element_content = self.element_content.gsub(/<[\/]*\s*nowiki\s*>/,'') + end + + case self.element_name + when "template" + @options[:link_handler].cache({ :name => self.element_attributes["__name"], :content => self.element_content, :sha256 => self.element_attributes["__hash"] }) + return self.element_content + when "noinclude" + return self.in_template? ? "" : self.element_content + when "includeonly" + return self.in_template? ? self.element_content : "" + when "nowiki" + return self.element_content + when "a" + if self.element_attributes['href'] =~ /:\/\// + return @options[:link_handler].external_link(self.element_attributes['href'], self.element_content) + elsif self.element_attributes['href'].nil? || self.element_attributes['href'] =~ /^\s*([\?\/])/ + # if a element has no href attribute, or href starts with / or ? + return elem.tag!(self.element_name, self.element_attributes) { |x| x << self.element_content } + end + else + if Extension.element_exists?(self.element_name) + return Extension.html_elements[self.element_name][:klass].new(@options).instance_exec( self, &Extension.html_elements[self.element_name][:block] ).to_s + end + end + + tmp = elem.tag!(self.element_name, self.element_attributes) { |x| x << self.element_content } + unless ALLOWED_ELEMENTS.include?(self.element_name) + tmp.gsub!(/[\-!\|&"\{\}\[\]]/) { |r| self.escape_char(r) } + return tmp.gsub('<', '<').gsub('>', '>') + end + tmp + end + end end # rubocop:enable Style/ClassAndModuleChildren # rubocop:enable Layout/SpaceAroundEqualsInParameterDefault @@ -154,6 +212,9 @@ end # rubocop:enable Layout/EmptyLineAfterGuardClause # rubocop:enable Performance/ReverseEach # rubocop:enable Style/BlockDelimiters -# rubocop:enable Cop/LineBreakAroundConditionalBlock # rubocop:enable Layout/MultilineBlockLayout # rubocop:enable Layout/BlockEndNewline +# rubocop:enable Style/PerlBackrefs +# rubocop:enable Style/RegexpLiteralMixedPreserve +# rubocop:enable Style/RedundantRegexpCharacterClass +# rubocop:enable Performance/StringInclude |