diff options
author | Vladimir Shushlin <vshushlin@gitlab.com> | 2020-05-19 14:01:05 +0300 |
---|---|---|
committer | Vladimir Shushlin <vshushlin@gitlab.com> | 2020-05-19 14:01:05 +0300 |
commit | 6d3a0ace6d73c41e7c2442e84b2cab6fe1ade22f (patch) | |
tree | 0d223831b471357b40c4ebbea4e5c9818aaee3cb | |
parent | 7fc40304d81069da9f9dc1f201714ae7a848f708 (diff) | |
parent | e7aaafad18934d57c8046fd641834fac344854ae (diff) |
Merge branch 'add-domain-source-config' into 'master'
Add domain-config-source flag
See merge request gitlab-org/gitlab-pages!284
-rw-r--r-- | .gitlab-ci.yml | 14 | ||||
-rw-r--r-- | app_config.go | 29 | ||||
-rw-r--r-- | internal/source/domains.go | 3 | ||||
-rw-r--r-- | internal/source/domains_test.go | 9 | ||||
-rw-r--r-- | internal/source/gitlab/client/config.go | 1 | ||||
-rw-r--r-- | main.go | 17 |
6 files changed, 50 insertions, 23 deletions
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 33f20858..c05e641b 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -1,5 +1,5 @@ include: - - template: Security/License-Management.gitlab-ci.yml + - template: Security/License-Scanning.gitlab-ci.yml - template: Security/SAST.gitlab-ci.yml - template: Security/Dependency-Scanning.gitlab-ci.yml @@ -50,13 +50,23 @@ default: paths: - bin/gitlab-pages -license_management: +license_scanning: stage: prepare variables: LICENSE_MANAGEMENT_SETUP_CMD: go mod vendor + rules: + - if: $CI_MERGE_REQUEST_ID + when: on_success + - if: $CI_COMMIT_BRANCH == 'master' + when: on_success sast: stage: prepare + rules: + - if: $CI_MERGE_REQUEST_ID + when: on_success + - if: $CI_COMMIT_BRANCH == 'master' + when: on_success download deps: extends: .go-mod-cache diff --git a/app_config.go b/app_config.go index 5d481bb6..3bc2197b 100644 --- a/app_config.go +++ b/app_config.go @@ -27,18 +27,19 @@ type appConfig struct { LogFormat string LogVerbose bool - StoreSecret string - GitLabServer string - InternalGitLabServer string - GitLabAPISecretKey []byte - GitlabClientHTTPTimeout time.Duration - GitlabJWTTokenExpiration time.Duration - ClientID string - ClientSecret string - RedirectURI string - SentryDSN string - SentryEnvironment string - CustomHeaders []string + StoreSecret string + GitLabServer string + InternalGitLabServer string + GitLabAPISecretKey []byte + GitlabClientHTTPTimeout time.Duration + GitlabJWTTokenExpiration time.Duration + DomainConfigurationSource string + ClientID string + ClientSecret string + RedirectURI string + SentryDSN string + SentryEnvironment string + CustomHeaders []string } // InternalGitLabServerURL returns URL to a GitLab instance. @@ -58,3 +59,7 @@ func (config appConfig) GitlabClientConnectionTimeout() time.Duration { func (config appConfig) GitlabJWTTokenExpiry() time.Duration { return config.GitlabJWTTokenExpiration } + +func (config appConfig) DomainConfigSource() string { + return config.DomainConfigurationSource +} diff --git a/internal/source/domains.go b/internal/source/domains.go index 8de7c574..7a376bc7 100644 --- a/internal/source/domains.go +++ b/internal/source/domains.go @@ -41,6 +41,9 @@ type Domains struct { // not initialize `dm` as we later check the readiness by comparing it with a // nil value. func NewDomains(config Config) (*Domains, error) { + // TODO: choose domain source config via config.DomainConfigSource() + // https://gitlab.com/gitlab-org/gitlab/-/issues/217912 + if len(config.InternalGitLabServerURL()) == 0 || len(config.GitlabAPISecret()) == 0 { return &Domains{disk: disk.New()}, nil } diff --git a/internal/source/domains_test.go b/internal/source/domains_test.go index ebafb6fc..9fffe4a9 100644 --- a/internal/source/domains_test.go +++ b/internal/source/domains_test.go @@ -12,8 +12,9 @@ import ( ) type sourceConfig struct { - api string - secret string + api string + secret string + domainSource string } func (c sourceConfig) InternalGitLabServerURL() string { @@ -31,6 +32,10 @@ func (c sourceConfig) GitlabJWTTokenExpiry() time.Duration { return 30 * time.Second } +func (c sourceConfig) DomainConfigSource() string { + return c.domainSource +} + func TestDomainSources(t *testing.T) { t.Run("when GitLab API URL has been provided", func(t *testing.T) { domains, err := NewDomains(sourceConfig{api: "https://gitlab.com", secret: "abc"}) diff --git a/internal/source/gitlab/client/config.go b/internal/source/gitlab/client/config.go index 19a87452..bd9aa061 100644 --- a/internal/source/gitlab/client/config.go +++ b/internal/source/gitlab/client/config.go @@ -9,4 +9,5 @@ type Config interface { GitlabAPISecret() []byte GitlabClientConnectionTimeout() time.Duration GitlabJWTTokenExpiry() time.Duration + DomainConfigSource() string } @@ -65,13 +65,15 @@ var ( gitLabAPISecretKey = flag.String("api-secret-key", "", "File with secret key used to authenticate with the GitLab API") gitlabClientHTTPTimeout = flag.Duration("gitlab-client-http-timeout", 10*time.Second, "GitLab API HTTP client connection timeout in seconds (default: 10s)") gitlabClientJWTExpiry = flag.Duration("gitlab-client-jwt-expiry", 30*time.Second, "JWT Token expiry time in seconds (default: 30s)") - clientID = flag.String("auth-client-id", "", "GitLab application Client ID") - clientSecret = flag.String("auth-client-secret", "", "GitLab application Client Secret") - redirectURI = flag.String("auth-redirect-uri", "", "GitLab application redirect URI") - maxConns = flag.Uint("max-conns", 5000, "Limit on the number of concurrent connections to the HTTP, HTTPS or proxy listeners") - insecureCiphers = flag.Bool("insecure-ciphers", false, "Use default list of cipher suites, may contain insecure ones like 3DES and RC4") - tlsMinVersion = flag.String("tls-min-version", "tls1.2", tlsconfig.FlagUsage("min")) - tlsMaxVersion = flag.String("tls-max-version", "", tlsconfig.FlagUsage("max")) + // TODO: implement functionality for disk, auto and gitlab https://gitlab.com/gitlab-org/gitlab/-/issues/217912 + domainConfigSource = flag.String("domain-config-source", "disk", "Domain configuration source 'disk', 'auto' or 'gitlab' (default: 'disk')") + clientID = flag.String("auth-client-id", "", "GitLab application Client ID") + clientSecret = flag.String("auth-client-secret", "", "GitLab application Client Secret") + redirectURI = flag.String("auth-redirect-uri", "", "GitLab application redirect URI") + maxConns = flag.Uint("max-conns", 5000, "Limit on the number of concurrent connections to the HTTP, HTTPS or proxy listeners") + insecureCiphers = flag.Bool("insecure-ciphers", false, "Use default list of cipher suites, may contain insecure ones like 3DES and RC4") + tlsMinVersion = flag.String("tls-min-version", "tls1.2", tlsconfig.FlagUsage("min")) + tlsMaxVersion = flag.String("tls-max-version", "", tlsconfig.FlagUsage("max")) disableCrossOriginRequests = flag.Bool("disable-cross-origin-requests", false, "Disable cross-origin requests") @@ -193,6 +195,7 @@ func configFromFlags() appConfig { config.InternalGitLabServer = internalGitLabServerFromFlags() config.GitlabClientHTTPTimeout = *gitlabClientHTTPTimeout config.GitlabJWTTokenExpiration = *gitlabClientJWTExpiry + config.DomainConfigurationSource = *domainConfigSource config.StoreSecret = *secret config.ClientID = *clientID config.ClientSecret = *clientSecret |