Age | Commit message (Collapse) | Author |
|
This will allow namespace domains to serve custom 404.html files
for public projects. This change adds a check to check for permision
only if it's serving a namespace domain with access controls enabled.
|
|
|
|
|
|
Register ServingTime.
Rename DiskServingFileSize so that it's a histogram without
needing labels
|
|
- ineffassign
- misspell
- structcheck
- typecheck
- unconvert
- unused
- varcheck
- whitespace
|
|
Use filename from closure
|
|
|
|
|
|
Passing secrets via command line is not allowed anymore.
A config file should be used instead. The default filename is
`gitlab-pages-config`. The following command line options will
throw an error and prevent pages from running if set explicitly:
- `-auth-client-id`
- `-auth-client-secret`
- `-auth-secret`
|
|
|
|
|
|
|
|
guide
|
|
(cherry picked from commit d6364c55ab51708b3ec92cde07ffa80fa9b84765)
|
|
Instead of passing domains once in an ENV variable we now watcn a config
file (specified with `GITLAB_SOURCE_CONFIG_FILE`, defaults to
`.gitlab-source-config.yml` and update ednabled/broken domains when it's
content change.
This way we can control this without having to restart Pages.
Related to https://gitlab.com/gitlab-org/gitlab-pages/issues/266.
|
|
* master:
Add support for the port component in the Host header
Base64 decode GitLab API secret
|
|
* master:
Check presence of GitLab API secret when building a domains source
Make GitLab API Secret a supported parameter
Improve error reporting in the main package
Check if GitLab API secret has been provided too
Avoid using `testify/assert` in favor of `require`
Test domains source not fully configured
Improve error handing when creating new domains config source
Fix formatting in internal/source/gitlab/client/client_test.go
Conflicts:
acceptance_test.go
internal/source/gitlab/client/client_test.go
|
|
before using it.
|
|
|
|
|
|
|
|
|
|
|
|
* master:
Improve GitLab client tests
Change GitLab API JWT expire time to 5s
Read the context of api-secret-key file and store it in app config
Improve gitlab client tests
Ensure there is response before defer close it in gitlab.GetVirtualDomain
Document acrguments for gitlab.NewClient
Add HTTP client to consume GitLab internal API for Pages
|
|
|
|
as GitLabAPISecretKey
|
|
|
|
Related to https://gitlab.com/gitlab-org/gitlab/issues/28781 and
https://gitlab.com/gitlab-org/gitlab-pages/issues/253.
|
|
Remove some duplicate logic on Auth module
Separate handling artifact to own handlers package
Unit test handlers by mocking auth and artifact modules
Add generate-mock step to Makefile
Use additional handler func to simplify TryMakeRequest return type
Always try with token if exists
Do not log RequestURI, log path only
Remove not used logRequest func
|
|
The "assert" form is difficult to use correctly and complicates test
understanding. I think we should insist on using require *only* in
our tests across GitLab.
|
|
|
|
|
|
We can't rely on r.TLS when pages are served behind proxy
So we save https flag to a context for later usage
Right now I'm trying to keep changes to a minimum since
I'm planning to backport this to older versions
That's why https flag is not refactored throughout the codebase
The alternative way would be to use gorilla's proxy headers
I'm planning to refactor to that version later
|
|
* Rename "DomainsServed", `_total` is reserved for counters.
* Rename "SessionsActive", "active sessions" makes more sense.
|
|
|
|
|
|
Introduce two new configuration options -tls-min-version and
-tls-max-version to control which TLS versions will be supported by the
server. Accepted values are ssl3, tls1.0, tls1.1, tls1.2, and tls1.3.
Closing https://gitlab.com/gitlab-org/gitlab-pages/issues/187
|
|
Supported cipher suites:
tls.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305
tls.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305
tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
tls.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
Closes https://gitlab.com/gitlab-org/gitlab-pages/issues/150.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
increasing, fixed to work with custom ports and TLS enabled or not
|
|
where root pages domain is not handled with pages daemon
|
|
|