5 files changed, 83 insertions, 16 deletions

diff --git a/lib/tasks/gitlab/container_registry.rake b/lib/tasks/gitlab/container_registry.rake
new file mode 100644
index 00000000000..7687cb237cc
--- /dev/null
+++ b/lib/tasks/gitlab/container_registry.rake
@@ -0,0 +1,35 @@
+namespace :gitlab do
+  namespace :container_registry do
+    desc "GitLab | Container Registry | Configure"
+    task configure: :gitlab_environment do
+      configure
+    end
+
+    def configure
+      registry_config = Gitlab.config.registry
+
+      unless registry_config.enabled && registry_config.api_url.presence
+        puts "Registry is not enabled or registry api url is not present.".color(:yellow)
+        return
+      end
+
+      warn_user_is_not_gitlab
+
+      url = registry_config.api_url
+      # registry_info will query the /v2 route of the registry API. This route
+      # requires authentication, but not authorization (the response has no body,
+      # only headers that show the version of the registry). There is no
+      # associated user when running this rake, so we need to generate a valid
+      # JWT token with no access permissions to authenticate as a trusted client.
+      token = Auth::ContainerRegistryAuthenticationService.access_token([], [])
+      client = ContainerRegistry::Client.new(url, token: token)
+      info = client.registry_info
+
+      Gitlab::CurrentSettings.update!(
+        container_registry_vendor: info[:vendor] || '',
+        container_registry_version: info[:version] || '',
+        container_registry_features: info[:features] || []
+      )
+    end
+  end
+end
diff --git a/lib/tasks/gitlab/db.rake b/lib/tasks/gitlab/db.rake
index 506027aa866..4917d496d07 100644
--- a/lib/tasks/gitlab/db.rake
+++ b/lib/tasks/gitlab/db.rake
@@ -92,9 +92,42 @@ namespace :gitlab do
       Rake::Task[task_name].reenable
     end
 
-    # Inform Rake that gitlab:schema:clean_structure_sql should be run every time rake db:structure:dump is run
+    desc 'This dumps GitLab specific database details - it runs after db:structure:dump'
+    task :dump_custom_structure do |task_name|
+      Gitlab::Database::CustomStructure.new.dump
+
+      # Allow this task to be called multiple times, as happens when running db:migrate:redo
+      Rake::Task[task_name].reenable
+    end
+
+    desc 'This loads GitLab specific database details - runs after db:structure:dump'
+    task :load_custom_structure do
+      configuration = Rails.application.config_for(:database)
+
+      ENV['PGHOST']     = configuration['host']          if configuration['host']
+      ENV['PGPORT']     = configuration['port'].to_s     if configuration['port']
+      ENV['PGPASSWORD'] = configuration['password'].to_s if configuration['password']
+      ENV['PGUSER']     = configuration['username'].to_s if configuration['username']
+
+      command = 'psql'
+      dump_filepath = Gitlab::Database::CustomStructure.custom_dump_filepath.to_path
+      args = ['-v', 'ON_ERROR_STOP=1', '-q', '-X', '-f', dump_filepath, configuration['database']]
+
+      unless Kernel.system(command, *args)
+        raise "failed to execute:\n#{command} #{args.join(' ')}\n\n" \
+          "Please ensure `#{command}` is installed in your PATH and has proper permissions.\n\n"
+      end
+    end
+
+    # Inform Rake that custom tasks should be run every time rake db:structure:dump is run
     Rake::Task['db:structure:dump'].enhance do
       Rake::Task['gitlab:db:clean_structure_sql'].invoke
+      Rake::Task['gitlab:db:dump_custom_structure'].invoke
+    end
+
+    # Inform Rake that custom tasks should be run every time rake db:structure:load is run
+    Rake::Task['db:structure:load'].enhance do
+      Rake::Task['gitlab:db:load_custom_structure'].invoke
     end
   end
 end
diff --git a/lib/tasks/gitlab/doctor/secrets.rake b/lib/tasks/gitlab/doctor/secrets.rake
new file mode 100644
index 00000000000..3fdef9dfc80
--- /dev/null
+++ b/lib/tasks/gitlab/doctor/secrets.rake
@@ -0,0 +1,12 @@
+namespace :gitlab do
+  namespace :doctor do
+    desc "GitLab | Check if the database encrypted values can be decrypted using current secrets"
+    task secrets: :gitlab_environment do
+      logger = Logger.new(STDOUT)
+
+      logger.level = Gitlab::Utils.to_boolean(ENV['VERBOSE']) ? Logger::DEBUG : Logger::INFO
+
+      Gitlab::Doctor::Secrets.new(logger).run!
+    end
+  end
+end
diff --git a/lib/tasks/gitlab/features.rake b/lib/tasks/gitlab/features.rake
index 9cf568c07fe..2309aa5d214 100644
--- a/lib/tasks/gitlab/features.rake
+++ b/lib/tasks/gitlab/features.rake
@@ -21,7 +21,7 @@ namespace :gitlab do
     Gitlab::Git::RuggedImpl::Repository::FEATURE_FLAGS.each do |flag|
       case status
       when nil
-        Feature.get(flag).remove
+        Feature.remove(flag)
       when true
         Feature.enable(flag)
       when false
diff --git a/lib/tasks/gitlab/shell.rake b/lib/tasks/gitlab/shell.rake
index d6e62a5c550..edbaec85bd9 100644
--- a/lib/tasks/gitlab/shell.rake
+++ b/lib/tasks/gitlab/shell.rake
@@ -21,25 +21,12 @@ namespace :gitlab do
           gitlab_url: gitlab_url,
           http_settings: { self_signed_cert: false }.stringify_keys,
           auth_file: File.join(user_home, ".ssh", "authorized_keys"),
-          redis: {
-            bin: `which redis-cli`.chomp,
-            namespace: "resque:gitlab"
-          }.stringify_keys,
           log_level: "INFO",
           audit_usernames: false
         }.stringify_keys
 
-        redis_url = URI.parse(ENV['REDIS_URL'] || "redis://localhost:6379")
-
-        if redis_url.scheme == 'unix'
-          config['redis']['socket'] = redis_url.path
-        else
-          config['redis']['host'] = redis_url.host
-          config['redis']['port'] = redis_url.port
-        end
-
         # Generate config.yml based on existing gitlab settings
-        File.open("config.yml", "w+") {|f| f.puts config.to_yaml}
+        File.open("config.yml", "w+") {|f| f.puts config.to_yaml }
 
         [
           %w(bin/install) + repository_storage_paths_args,