Age | Commit message (Collapse) | Author |
|
|
|
To enable continuous profiling, we need the tag to be set, otherwise the null profiler gets included instead, and it does nothing.
See https://gitlab.com/gitlab-org/labkit/blob/master/monitoring/null_profiler.go#L1 and https://gitlab.com/gitlab-org/labkit/blob/master/monitoring/profiler.go#L1
|
|
|
|
Remove references to ./bin/golint, ./bin/gocycle and remove
_support/ directory.
Add formatting rule to .golangci.yml for goimports and local imports.
|
|
As part of https://gitlab.com/gitlab-org/gitlab-pages/-/issues/385
we have introduced the use of a custom `.golangci.yml` file with some
custom rules for linting.
This replaces the need of downloading and using `golint`, `gofmt`
`go vet` and `gocyclo` manually. We take advantage of the custom
`golangci-lint` docker image as stated in the [Automatic lintinb]
(https://docs.gitlab.com/ee/development/go_guide/#automatic-linting)
section of the Go standards and style guidelines.
This iteration enables a subset of linters, with the remaining
of them enabled on a separate MR as described in the issue above.
The main changes introduced by this linter include:
- gosec: potential hardcoded credentials
- goconst: DRY by declaring and using constants
- gosimple: reduce statements complexity and improve return statements
|
|
|
|
Remove some duplicate logic on Auth module
Separate handling artifact to own handlers package
Unit test handlers by mocking auth and artifact modules
Add generate-mock step to Makefile
Use additional handler func to simplify TryMakeRequest return type
Always try with token if exists
Do not log RequestURI, log path only
Remove not used logRequest func
|
|
Pages has a built-in chroot mechanism which relies on the Pages binary
being a proper statically-compiled binary with no need for a linker to
run.
For most go packages, this is the default when `CGO_ENABLED=0` is
chosen. However, Arch Linux has a `go-pie` distribution of Go that
changes the default build mode so they produce position-independent
executables by default.
These are still statically compiled, but operate by compiling the Go
application code into a relocatable library, and statically compiling
that library with a stub executable that jumps into the relocated code.
On Linux, this produces a "type DYN" ELF instead of a "type EXEC" ELF,
and requires a linker to be invoked.
This is incompatible with the chroot mode, and - since Go is a managed
language, and since we disable cgo in Pages - doesn't increase security
as far as I can tell.
Fixing Pages to work with `-buildmode=pie` seems too difficult as long
as we include chroot support, so explicitly specify `-buildmode=exe` to
produce a working binary when compiling under go-pie instead.
|
|
This reverts commit 27bd4d83cade6a721330e8583874e7c715bf3a26.
|
|
|
|
|
|
|