Welcome to mirror list, hosted at ThFree Co, Russian Federation.

gitlab.com/gitlab-org/gitlab-foss.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/config
diff options
context:
space:
mode:
Diffstat (limited to 'config')
-rw-r--r--config/initializers/warden.rb32
-rw-r--r--config/routes/project.rb1
-rw-r--r--config/unicorn.rb.example8
-rw-r--r--config/unicorn.rb.example.development17
4 files changed, 46 insertions, 12 deletions
diff --git a/config/initializers/warden.rb b/config/initializers/warden.rb
index d64b659c6d7..33f55069c3e 100644
--- a/config/initializers/warden.rb
+++ b/config/initializers/warden.rb
@@ -2,7 +2,7 @@ Rails.application.configure do |config|
Warden::Manager.after_set_user(scope: :user) do |user, auth, opts|
Gitlab::Auth::UniqueIpsLimiter.limit_user!(user)
- activity = Gitlab::Auth::Activity.new(user, opts)
+ activity = Gitlab::Auth::Activity.new(opts)
case opts[:event]
when :authentication
@@ -26,16 +26,32 @@ Rails.application.configure do |config|
end
Warden::Manager.before_failure(scope: :user) do |env, opts|
- tracker = Gitlab::Auth::BlockedUserTracker.new(env)
- tracker.log_blocked_user_activity! if tracker.user_blocked?
-
- Gitlab::Auth::Activity.new(tracker.user, opts).user_authentication_failed!
+ Gitlab::Auth::Activity.new(opts).user_authentication_failed!
end
- Warden::Manager.before_logout(scope: :user) do |user_warden, auth, opts|
- user = user_warden || auth.user
+ Warden::Manager.before_logout(scope: :user) do |user, auth, opts|
+ user ||= auth.user
+ activity = Gitlab::Auth::Activity.new(opts)
+ tracker = Gitlab::Auth::BlockedUserTracker.new(user, auth)
ActiveSession.destroy(user, auth.request.session.id)
- Gitlab::Auth::Activity.new(user, opts).user_session_destroyed!
+ activity.user_session_destroyed!
+
+ ##
+ # It is possible that `before_logout` event is going to be triggered
+ # multiple times during the request lifecycle. We want to increment
+ # metrics and write logs only once in that case.
+ #
+ # 'warden.auth.*' is our custom hash key that follows usual convention
+ # of naming keys in the Rack env hash.
+ #
+ next if auth.env['warden.auth.user.blocked']
+
+ if user.blocked?
+ activity.user_blocked!
+ tracker.log_activity!
+ end
+
+ auth.env['warden.auth.user.blocked'] = true
end
end
diff --git a/config/routes/project.rb b/config/routes/project.rb
index 8e019f8c8bb..0220e88c819 100644
--- a/config/routes/project.rb
+++ b/config/routes/project.rb
@@ -109,6 +109,7 @@ constraints(::Constraints::ProjectUrlConstrainer.new) do
post :assign_related_issues
get :discussions, format: :json
post :rebase
+ get :test_reports
scope constraints: { format: nil }, action: :show do
get :commits, defaults: { tab: 'commits' }
diff --git a/config/unicorn.rb.example b/config/unicorn.rb.example
index 8f2d842e5b6..020e9a00d87 100644
--- a/config/unicorn.rb.example
+++ b/config/unicorn.rb.example
@@ -67,11 +67,11 @@ pid "/home/git/gitlab/tmp/pids/unicorn.pid"
stderr_path "/home/git/gitlab/log/unicorn.stderr.log"
stdout_path "/home/git/gitlab/log/unicorn.stdout.log"
-# combine Ruby 2.0.0dev or REE with "preload_app true" for memory savings
-# http://rubyenterpriseedition.com/faq.html#adapt_apps_for_cow
+# Save memory by sharing the application code among multiple Unicorn workers
+# with "preload_app true". See:
+# https://www.rubydoc.info/gems/unicorn/5.1.0/Unicorn%2FConfigurator:preload_app
+# https://brandur.org/ruby-memory#copy-on-write
preload_app true
-GC.respond_to?(:copy_on_write_friendly=) and
- GC.copy_on_write_friendly = true
# Enable this flag to have unicorn test client connections by writing the
# beginning of the HTTP headers before calling the application. This
diff --git a/config/unicorn.rb.example.development b/config/unicorn.rb.example.development
index 0df028648d1..5712549a66d 100644
--- a/config/unicorn.rb.example.development
+++ b/config/unicorn.rb.example.development
@@ -1,7 +1,15 @@
worker_processes 2
timeout 60
+preload_app true
+check_client_connection false
+
before_fork do |server, worker|
+ # the following is highly recommended for Rails + "preload_app true"
+ # as there's no need for the master process to hold a connection
+ defined?(ActiveRecord::Base) and
+ ActiveRecord::Base.connection.disconnect!
+
if /darwin/ =~ RUBY_PLATFORM
require 'fiddle'
@@ -13,3 +21,12 @@ before_fork do |server, worker|
end
end
+after_fork do |server, worker|
+ # Unicorn clears out signals before it forks, so rbtrace won't work
+ # unless it is enabled after the fork.
+ require 'rbtrace' if ENV['ENABLE_RBTRACE']
+
+ # the following is *required* for Rails + "preload_app true",
+ defined?(ActiveRecord::Base) and
+ ActiveRecord::Base.establish_connection
+end
generated by cgit v1.2.3 (git 2.25.1) at 2024-09-11 03:06:41 +0300