Merge branch 'remove-gitlab-ci' into 'master'
Remove all of GitLab CI for GitLab 9.0 Closes #792 See merge request !1324
This commit is contained in:
commit
ad126ba202
|
@ -160,10 +160,6 @@ See [doc/common_installation_problems/README.md](doc/common_installation_problem
|
|||
|
||||
See [doc/common_installation_problems/README.md](doc/common_installation_problems/README.md#gitlab-is-unreachable-in-my-browser).
|
||||
|
||||
##### GitLab CI shows GitLab login page
|
||||
|
||||
See [doc/common_installation_problems/README.md](doc/common_installation_problems/README.md#gitlab-ci-shows-gitlab-login-page).
|
||||
|
||||
##### Emails are not being delivered
|
||||
|
||||
See [doc/common_installation_problems/README.md](doc/common_installation_problems/README.md#emails-are-not-being-delivered).
|
||||
|
|
|
@ -23,13 +23,13 @@ ee = system("#{Omnibus::Config.project_root}/support/is_gitlab_ee.sh")
|
|||
|
||||
if ee
|
||||
name 'gitlab-ee'
|
||||
description 'GitLab Enterprise Edition and GitLab CI '\
|
||||
description 'GitLab Enterprise Edition '\
|
||||
'(including NGINX, Postgres, Redis)'
|
||||
replace 'gitlab-ce'
|
||||
conflict 'gitlab-ce'
|
||||
else
|
||||
name 'gitlab-ce'
|
||||
description 'GitLab Community Edition and GitLab CI '\
|
||||
description 'GitLab Community Edition '\
|
||||
'(including NGINX, Postgres, Redis)'
|
||||
replace 'gitlab-ee'
|
||||
conflict 'gitlab-ee'
|
||||
|
|
|
@ -18,7 +18,7 @@ else
|
|||
fi
|
||||
|
||||
cleanup_symlinks() {
|
||||
binaries="gitlab-ctl gitlab-rake gitlab-rails gitlab-ci-rake gitlab-ci-rails gitlab-psql"
|
||||
binaries="gitlab-ctl gitlab-rake gitlab-rails gitlab-psql"
|
||||
for binary in $binaries; do
|
||||
rm -f $PREFIX/bin/$binary
|
||||
done
|
||||
|
|
|
@ -6,7 +6,6 @@ Omnibus is a way to package different services and tools required to run GitLab,
|
|||
|
||||
- [Package downloads page](https://about.gitlab.com/downloads/)
|
||||
- [Installation Requirements](https://docs.gitlab.com/ce/install/requirements.html)
|
||||
- [GitLab CI](gitlab-ci/README.md) Set up the GitLab CI coordinator that ships with Omnibus GitLab package.
|
||||
- [GitLab Mattermost](gitlab-mattermost/README.md) Set up the Mattermost messaging app that ships with Omnibus GitLab package.
|
||||
- [GitLab Prometheus](https://docs.gitlab.com/ce/administration/monitoring/performance/prometheus.html) Set up the Prometheus
|
||||
monitoring included in the Omnibus GitLab package.
|
||||
|
@ -66,7 +65,6 @@ Omnibus is a way to package different services and tools required to run GitLab,
|
|||
- [Hash Sum mismatch when installing packages](common_installation_problems/README.md#hash-sum-mismatch-when-installing-packages)
|
||||
- [Apt error: 'The requested URL returned error: 403'](common_installation_problems/README.md#apt-error-the-requested-url-returned-error-403).
|
||||
- [GitLab is unreachable in my browser](common_installation_problems/README.md#gitlab-is-unreachable-in-my-browser).
|
||||
- [GitLab CI shows GitLab login page](common_installation_problems/README.md#gitlab-ci-shows-gitlab-login-page).
|
||||
- [Emails are not being delivered](common_installation_problems/README.md#emails-are-not-being-delivered).
|
||||
- [Reconfigure freezes at ruby_block[supervise_redis_sleep] action run](common_installation_problems/README.md#reconfigure-freezes-at-ruby_blocksupervise_redis_sleep-action-run).
|
||||
- [TCP ports for GitLab services are already taken](common_installation_problems/README.md#tcp-ports-for-gitlab-services-are-already-taken).
|
||||
|
|
|
@ -33,10 +33,6 @@ Try [specifying](#configuring-the-external-url-for-gitlab) an `external_url` in
|
|||
`/etc/gitlab/gitlab.rb`. Also check your firewall settings; port 80 (HTTP) or
|
||||
443 (HTTPS) might be closed on your GitLab server.
|
||||
|
||||
### GitLab CI shows GitLab login page
|
||||
|
||||
This section is deprecated for GitLab 8.0 and later versions.
|
||||
|
||||
### Emails are not being delivered
|
||||
|
||||
To test email delivery you can create a new GitLab account for an email that is
|
||||
|
@ -367,7 +363,7 @@ If you are installing GitLab in an isolated network with custom certificate auth
|
|||
Faraday::SSLError (SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed)
|
||||
```
|
||||
|
||||
when GitLab tries to connect with the internal services like gitlab-shell or GitLab CI.
|
||||
when GitLab tries to connect with the internal services like gitlab-shell.
|
||||
|
||||
#### Install custom certificate authorities:
|
||||
|
||||
|
@ -405,12 +401,6 @@ and run `sudo gitlab-ctl reconfigure`.
|
|||
|
||||
If you are using self-signed certificate do not forget to set `self_signed_cert: true` for gitlab-shell, see [gitlab.rb.template][] for more details.
|
||||
|
||||
### Error executing action create on resource cron[gitlab-ci schedule builds]
|
||||
|
||||
1. Double check if you have cron package installed: For Debian like systems `sudo apt-get install cron` or RHEL-like systems `sudo yum install cronie`
|
||||
1. Check if user `gitlab-ci` is in `/etc/cron.deny` and if yes remove it. You can add the `gitlab-ci` user to `/etc/cron.allow``.
|
||||
1. Check if you have PAM enabled and if gitlab-ci user is allowed to access crontab. If yes, try changing your `/etc/security/access.conf` to allow the user access to the resource, for example `+:gitlab-ci:ALL`.
|
||||
|
||||
### error: proxyRoundTripper: XXX failed with: "net/http: timeout awaiting response headers"
|
||||
|
||||
Starting with version 8.3, gitlab-workorse is the default router for any requests
|
||||
|
|
|
@ -1,41 +1,5 @@
|
|||
# GitLab CI
|
||||
|
||||
You can run a [GitLab CI](https://about.gitlab.com/gitlab-ci/) Coordinator
|
||||
service on your GitLab server.
|
||||
|
||||
## Documentation version
|
||||
|
||||
Make sure you view this guide from the tag (version) of GitLab you would like
|
||||
to install. In most cases this should be the highest numbered production tag
|
||||
(without rc in it). You can select the tag in the version dropdown in the top
|
||||
left corner of GitLab (below the menu bar).
|
||||
|
||||
If the highest number stable branch is unclear please check the
|
||||
[GitLab Blog](https://about.gitlab.com/blog/) for installation guide links by
|
||||
version.
|
||||
|
||||
## Getting started
|
||||
|
||||
Starting with GitLab 8.0, GitLab CI is integrated into GitLab.
|
||||
|
||||
To see how to configure your project with GitLab CI, see the [GitLab CI quickstart documentation](https://docs.gitlab.com/ce/ci/quick_start/README.html).
|
||||
|
||||
## Running GitLab CI on its own server
|
||||
|
||||
This section is deprecated for GitLab 8.0 and later versions.
|
||||
See [getting started](#getting-started).
|
||||
|
||||
## Manually (re)authorising GitLab CI with GitLab
|
||||
|
||||
This section is deprecated for GitLab 8.0 and later versions.
|
||||
See [getting started](#getting-started).
|
||||
|
||||
### Authorise GitLab CI
|
||||
|
||||
This section is deprecated for GitLab 8.0 and later versions.
|
||||
See [getting started](#getting-started).
|
||||
|
||||
### Reauthorise GitLab CI
|
||||
|
||||
This section is deprecated for GitLab 8.0 and later versions.
|
||||
See [getting started](#getting-started).
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
# Configuration options
|
||||
|
||||
GitLab and GitLab CI are configured by setting their relevant options in
|
||||
GitLab is configured by setting the relevant options in
|
||||
`/etc/gitlab/gitlab.rb`. See [package defaults](../package-information/defaults.md)
|
||||
for a list of default settings and visit the
|
||||
[gitlab.rb.template](https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/files/gitlab-config-template/gitlab.rb.template)
|
||||
|
@ -306,7 +306,7 @@ redis['username'] = "redis-gitlab"
|
|||
redis['shell'] = "/bin/false"
|
||||
redis['home'] = "/var/opt/redis-gitlab"
|
||||
|
||||
# And so on for users/groups for GitLab CI GitLab Mattermost
|
||||
# And so on for users/groups for GitLab Mattermost
|
||||
```
|
||||
|
||||
## Disable storage directories management
|
||||
|
|
|
@ -11,10 +11,4 @@ example:
|
|||
gitlab_rails['env'] = {"http_proxy" => "my_proxy", "https_proxy" => "my_proxy"}
|
||||
```
|
||||
|
||||
For GitLab CI, use `gitlab_ci['env']`:
|
||||
|
||||
```ruby
|
||||
gitlab_ci['env'] = {"my_var" => "my value"}
|
||||
```
|
||||
|
||||
Run `sudo gitlab-ctl reconfigure` for the change to take effect.
|
||||
|
|
|
@ -33,7 +33,7 @@ groupadd -g 998 git
|
|||
groupadd -g 999 gitlab-www
|
||||
groupadd -g 997 gitlab-redis
|
||||
groupadd -g 996 gitlab-psql
|
||||
# groupadd -g 995 gitlab-ci
|
||||
|
||||
groupadd -g 994 mattermost
|
||||
groupadd -g 993 registry
|
||||
groupadd -g 992 gitlab-prometheus
|
||||
|
@ -43,7 +43,6 @@ useradd -m -u 998 -g git -m -s /bin/sh -d /var/opt/gitlab git
|
|||
useradd -m -u 999 -g gitlab-www -m -s /bin/false -d /var/opt/gitlab/nginx gitlab-www
|
||||
useradd -m -u 997 -g gitlab-redis -m -s /bin/false -d /var/opt/gitlab/redis gitlab-redis
|
||||
useradd -m -u 996 -g gitlab-psql -m -s /bin/sh -d /var/opt/gitlab/postgresql gitlab-psql
|
||||
# useradd -m -u 995 -g gitlab-ci -m -s /bin/sh -d /var/opt/gitlab/gitlab-ci gitlab-ci
|
||||
useradd -m -u 994 -g mattermost -m -s /bin/sh -d /var/opt/gitlab/mattermost mattermost
|
||||
useradd -m -u 993 -g registry -m -s /bin/sh -d /var/opt/gitlab/registry registry
|
||||
useradd -m -u 992 -g gitlab-prometheus -m -s /bin/sh -d /var/opt/gitlab/prometheus gitlab-prometheus
|
||||
|
|
|
@ -572,7 +572,6 @@ external_url 'GENERATED_EXTERNAL_URL'
|
|||
# postgresql['home'] = "/var/opt/gitlab/postgresql"
|
||||
# postgresql['user_path'] = "/opt/gitlab/embedded/bin:/opt/gitlab/bin:$PATH"
|
||||
# postgresql['sql_user'] = "gitlab"
|
||||
# postgresql['sql_ci_user'] = "gitlab_ci"
|
||||
# postgresql['max_connections'] = 200
|
||||
# postgresql['md5_auth_cidr_addresses'] = []
|
||||
# postgresql['trust_auth_cidr_addresses'] = []
|
||||
|
@ -927,15 +926,13 @@ external_url 'GENERATED_EXTERNAL_URL'
|
|||
|
||||
################################################################################
|
||||
## GitLab CI
|
||||
##! Docs: https://docs.gitlab.com/omnibus/gitlab-ci/README.html
|
||||
##! Docs: https://docs.gitlab.com/ce/ci/quick_start/README.html
|
||||
################################################################################
|
||||
|
||||
# gitlab_ci['gitlab_ci_all_broken_builds'] = true
|
||||
# gitlab_ci['gitlab_ci_add_pusher'] = true
|
||||
# gitlab_ci['builds_directory'] = '/var/opt/gitlab/gitlab-ci/builds'
|
||||
|
||||
### DEPRECATED: ci_external_url 'http://ci.example.com'
|
||||
|
||||
################################################################################
|
||||
## GitLab Mattermost
|
||||
##! Docs: https://docs.gitlab.com/omnibus/gitlab-mattermost
|
||||
|
|
|
@ -350,7 +350,6 @@ default['gitlab']['postgresql']['home'] = "/var/opt/gitlab/postgresql"
|
|||
# defaults to /opt/gitlab/embedded/bin:/opt/gitlab/bin/$PATH. The install-dir path is set at build time
|
||||
default['gitlab']['postgresql']['user_path'] = "#{node['package']['install-dir']}/embedded/bin:#{node['package']['install-dir']}/bin:$PATH"
|
||||
default['gitlab']['postgresql']['sql_user'] = "gitlab"
|
||||
default['gitlab']['postgresql']['sql_ci_user'] = "gitlab_ci"
|
||||
default['gitlab']['postgresql']['sql_mattermost_user'] = "gitlab_mattermost"
|
||||
default['gitlab']['postgresql']['port'] = 5432
|
||||
# Postgres allow multi listen_address, comma-separated values.
|
||||
|
@ -664,116 +663,14 @@ default['gitlab']['high-availability']['mountpoint'] = nil
|
|||
####
|
||||
# GitLab CI Rails app
|
||||
####
|
||||
default['gitlab']['gitlab-ci']['enable'] = false
|
||||
default['gitlab']['gitlab-ci']['dir'] = "/var/opt/gitlab/gitlab-ci"
|
||||
default['gitlab']['gitlab-ci']['log_directory'] = "/var/log/gitlab/gitlab-ci"
|
||||
default['gitlab']['gitlab-ci']['builds_directory'] = "/var/opt/gitlab/gitlab-ci/builds"
|
||||
default['gitlab']['gitlab-ci']['environment'] = 'production'
|
||||
default['gitlab']['gitlab-ci']['env'] = {
|
||||
# Path the the GitLab CI Gemfile
|
||||
# defaults to /opt/gitlab/embedded/service/gitlab-ci/Gemfile. The install-dir path is set at build time
|
||||
'BUNDLE_GEMFILE' => "#{node['package']['install-dir']}/embedded/service/gitlab-ci/Gemfile",
|
||||
# Path variable set in the environment for the GitLab CI processes
|
||||
# defaults to /opt/gitlab/bin:/opt/gitlab/embedded/bin:/bin:/usr/bin. The install-dir path is set at build time
|
||||
'PATH' => "#{node['package']['install-dir']}/bin:#{node['package']['install-dir']}/embedded/bin:/bin:/usr/bin"
|
||||
}
|
||||
|
||||
default['gitlab']['gitlab-ci']['schedule_builds_minute'] = "0"
|
||||
|
||||
default['gitlab']['gitlab-ci']['username'] = "gitlab-ci"
|
||||
default['gitlab']['gitlab-ci']['uid'] = nil
|
||||
default['gitlab']['gitlab-ci']['gid'] = nil
|
||||
default['gitlab']['gitlab-ci']['shell'] = "/bin/false"
|
||||
|
||||
# application.yml top-level settings
|
||||
default['gitlab']['gitlab-ci']['gitlab_server'] = nil
|
||||
|
||||
# application.yml, gitlab_ci section
|
||||
default['gitlab']['gitlab-ci']['gitlab_ci_host'] = nil
|
||||
default['gitlab']['gitlab-ci']['gitlab_ci_port'] = 80
|
||||
default['gitlab']['gitlab-ci']['gitlab_ci_https'] = false
|
||||
default['gitlab']['gitlab-ci']['gitlab_ci_email_from'] = nil
|
||||
default['gitlab']['gitlab-ci']['gitlab_ci_support_email'] = nil
|
||||
default['gitlab']['gitlab-ci']['gitlab_ci_all_broken_builds'] = nil
|
||||
default['gitlab']['gitlab-ci']['gitlab_ci_add_pusher'] = nil
|
||||
|
||||
default['gitlab']['gitlab-ci']['gitlab_ci_add_committer'] = nil # Deprecated, will be removed in the next release
|
||||
|
||||
# application.yml, gravatar section
|
||||
default['gitlab']['gitlab-ci']['gravatar_enabled'] = true
|
||||
default['gitlab']['gitlab-ci']['gravatar_plain_url'] = nil
|
||||
default['gitlab']['gitlab-ci']['gravatar_ssl_url'] = nil
|
||||
|
||||
# application.yml, backup section
|
||||
default['gitlab']['gitlab-ci']['backup_path'] = "/var/opt/gitlab/ci-backups"
|
||||
default['gitlab']['gitlab-ci']['backup_keep_time'] = nil
|
||||
default['gitlab']['gitlab-ci']['backup_upload_connection'] = nil
|
||||
default['gitlab']['gitlab-ci']['backup_upload_remote_directory'] = nil
|
||||
default['gitlab']['gitlab-ci']['backup_multipart_chunk_size'] = nil
|
||||
|
||||
# database.yml settings
|
||||
default['gitlab']['gitlab-ci']['db_adapter'] = "postgresql"
|
||||
default['gitlab']['gitlab-ci']['db_encoding'] = "unicode"
|
||||
default['gitlab']['gitlab-ci']['db_database'] = "gitlab_ci_production"
|
||||
default['gitlab']['gitlab-ci']['db_pool'] = 10
|
||||
default['gitlab']['gitlab-ci']['db_username'] = "gitlab_ci"
|
||||
default['gitlab']['gitlab-ci']['db_password'] = nil
|
||||
# Path to postgresql socket directory
|
||||
default['gitlab']['gitlab-ci']['db_host'] = "/var/opt/gitlab/postgresql"
|
||||
default['gitlab']['gitlab-ci']['db_port'] = 5432
|
||||
default['gitlab']['gitlab-ci']['db_socket'] = nil
|
||||
|
||||
# resque.yml settings
|
||||
default['gitlab']['gitlab-ci']['redis_host'] = "127.0.0.1"
|
||||
default['gitlab']['gitlab-ci']['redis_port'] = nil
|
||||
default['gitlab']['gitlab-ci']['redis_socket'] = "/var/opt/gitlab/ci-redis/redis.socket"
|
||||
|
||||
# config/initializers/smtp_settings.rb settings
|
||||
default['gitlab']['gitlab-ci']['smtp_enable'] = false
|
||||
default['gitlab']['gitlab-ci']['smtp_address'] = nil
|
||||
default['gitlab']['gitlab-ci']['smtp_port'] = nil
|
||||
default['gitlab']['gitlab-ci']['smtp_user_name'] = nil
|
||||
default['gitlab']['gitlab-ci']['smtp_password'] = nil
|
||||
default['gitlab']['gitlab-ci']['smtp_domain'] = nil
|
||||
default['gitlab']['gitlab-ci']['smtp_authentication'] = nil
|
||||
default['gitlab']['gitlab-ci']['smtp_enable_starttls_auto'] = nil
|
||||
default['gitlab']['gitlab-ci']['smtp_tls'] = nil
|
||||
default['gitlab']['gitlab-ci']['smtp_openssl_verify_mode'] = nil
|
||||
|
||||
####
|
||||
# CI Unicorn
|
||||
####
|
||||
default['gitlab']['ci-unicorn'] = default['gitlab']['unicorn'].dup
|
||||
default['gitlab']['ci-unicorn']['enable'] = false
|
||||
default['gitlab']['ci-unicorn']['log_directory'] = "/var/log/gitlab/ci-unicorn"
|
||||
default['gitlab']['ci-unicorn']['port'] = 8181
|
||||
default['gitlab']['ci-unicorn']['socket'] = '/var/opt/gitlab/gitlab-ci/sockets/gitlab.socket'
|
||||
# Path to the GitLab CI's Unicorn Process ID file
|
||||
# defaults to /opt/gitlab/var/ci-unicorn/unicorn.pid. The install-dir path is set at build time
|
||||
default['gitlab']['ci-unicorn']['pidfile'] = "#{node['package']['install-dir']}/var/ci-unicorn/unicorn.pid"
|
||||
|
||||
####
|
||||
# CI Sidekiq
|
||||
####
|
||||
default['gitlab']['ci-sidekiq'] = default['gitlab']['sidekiq'].dup
|
||||
default['gitlab']['ci-sidekiq']['enable'] = false
|
||||
default['gitlab']['ci-sidekiq']['log_directory'] = "/var/log/gitlab/ci-sidekiq"
|
||||
|
||||
####
|
||||
# CI Redis
|
||||
####
|
||||
default['gitlab']['ci-redis'] = default['gitlab']['redis'].dup
|
||||
default['gitlab']['ci-redis']['enable'] = false
|
||||
default['gitlab']['ci-redis']['dir'] = "/var/opt/gitlab/ci-redis"
|
||||
default['gitlab']['ci-redis']['log_directory'] = "/var/log/gitlab/ci-redis"
|
||||
default['gitlab']['ci-redis']['unixsocket'] = "/var/opt/gitlab/ci-redis/redis.socket"
|
||||
|
||||
####
|
||||
# CI NGINX
|
||||
####
|
||||
default['gitlab']['ci-nginx'] = default['gitlab']['nginx'].dup
|
||||
default['gitlab']['ci-nginx']['enable'] = false
|
||||
default['gitlab']['ci-nginx']['resolver'] = "8.8.8.8 8.8.4.4"
|
||||
|
||||
####
|
||||
# Mattermost
|
||||
####
|
||||
|
|
|
@ -54,22 +54,6 @@ class AccountHelper
|
|||
node['gitlab']['postgresql']['username']
|
||||
end
|
||||
|
||||
def gitlab_ci_user
|
||||
node['gitlab']['gitlab-ci']['username']
|
||||
end
|
||||
|
||||
def gitlab_ci_group
|
||||
node['gitlab']['gitlab-ci']['username']
|
||||
end
|
||||
|
||||
def ci_redis_user
|
||||
node['gitlab']['ci-redis']['username']
|
||||
end
|
||||
|
||||
def ci_redis_group
|
||||
node['gitlab']['ci-redis']['username']
|
||||
end
|
||||
|
||||
def mattermost_user
|
||||
node['gitlab']['mattermost']['username']
|
||||
end
|
||||
|
@ -100,8 +84,6 @@ class AccountHelper
|
|||
#{web_server_user}
|
||||
#{redis_user}
|
||||
#{postgresgl_user}
|
||||
#{gitlab_ci_user}
|
||||
#{ci_redis_user}
|
||||
#{mattermost_user}
|
||||
#{registry_user}
|
||||
#{prometheus_user}
|
||||
|
@ -114,8 +96,6 @@ class AccountHelper
|
|||
#{web_server_group}
|
||||
#{redis_group}
|
||||
#{postgresgl_group}
|
||||
#{gitlab_ci_group}
|
||||
#{ci_redis_group}
|
||||
#{mattermost_group}
|
||||
#{registry_group}
|
||||
#{prometheus_group}
|
||||
|
|
|
@ -31,7 +31,6 @@ require 'chef/mixin/deep_merge'
|
|||
require 'securerandom'
|
||||
require 'uri'
|
||||
|
||||
require_relative 'gitlab_ci.rb'
|
||||
require_relative 'gitlab_mattermost.rb'
|
||||
require_relative 'gitlab_pages.rb'
|
||||
require_relative 'gitlab_rails.rb'
|
||||
|
@ -56,22 +55,18 @@ module Gitlab
|
|||
user Mash.new
|
||||
postgresql Mash.new
|
||||
redis Mash.new
|
||||
ci_redis Mash.new
|
||||
gitlab_rails Mash.new
|
||||
gitlab_ci Mash.new
|
||||
gitlab_shell Mash.new
|
||||
unicorn Mash.new
|
||||
ci_unicorn Mash.new
|
||||
sidekiq Mash.new
|
||||
sidekiq_cluster Mash.new
|
||||
ci_sidekiq Mash.new
|
||||
gitlab_workhorse Mash.new
|
||||
gitlab_git_http_server Mash.new # legacy from GitLab 7.14, 8.0, 8.1
|
||||
pages_nginx Mash.new
|
||||
registry_nginx Mash.new
|
||||
mailroom Mash.new
|
||||
nginx Mash.new
|
||||
ci_nginx Mash.new
|
||||
mattermost_nginx Mash.new
|
||||
logging Mash.new
|
||||
remote_syslog Mash.new
|
||||
|
@ -90,7 +85,6 @@ module Gitlab
|
|||
node nil
|
||||
external_url nil
|
||||
pages_external_url nil
|
||||
ci_external_url nil
|
||||
mattermost_external_url nil
|
||||
registry_external_url nil
|
||||
git_data_dirs Mash.new
|
||||
|
@ -131,8 +125,8 @@ module Gitlab
|
|||
end
|
||||
|
||||
# Transform legacy key names to new key names
|
||||
Gitlab['gitlab_rails']['db_key_base'] ||= Gitlab['gitlab_ci']['db_key_base']
|
||||
Gitlab['gitlab_rails']['secret_key_base'] ||= Gitlab['gitlab_ci']['db_key_base']
|
||||
Gitlab['gitlab_rails']['db_key_base'] ||= Gitlab['gitlab_ci']['db_key_base'] # Changed in 8.11
|
||||
Gitlab['gitlab_rails']['secret_key_base'] ||= Gitlab['gitlab_ci']['db_key_base'] # Changed in 8.11
|
||||
Gitlab['gitlab_rails']['otp_key_base'] ||= Gitlab['gitlab_rails']['secret_token']
|
||||
|
||||
# Note: If you add another secret to generate here make sure it gets written to disk in SecretsHelper.write_to_gitlab_secrets
|
||||
|
@ -155,8 +149,6 @@ module Gitlab
|
|||
Gitlab['mattermost']['email_password_reset_salt'] ||= generate_hex(16)
|
||||
Gitlab['mattermost']['sql_at_rest_encrypt_key'] ||= generate_hex(16)
|
||||
|
||||
# Note: Besides the section below, gitlab-secrets.json will also change
|
||||
# in CiHelper in libraries/helper.rb
|
||||
SecretsHelper.write_to_gitlab_secrets
|
||||
end
|
||||
|
||||
|
@ -172,19 +164,15 @@ module Gitlab
|
|||
"manage_storage_directories",
|
||||
"user",
|
||||
"redis",
|
||||
"ci_redis",
|
||||
"gitlab_rails",
|
||||
"gitlab_ci",
|
||||
"gitlab_shell",
|
||||
"unicorn",
|
||||
"ci_unicorn",
|
||||
"sidekiq",
|
||||
"sidekiq-cluster",
|
||||
"ci_sidekiq",
|
||||
"gitlab_workhorse",
|
||||
"mailroom",
|
||||
"nginx",
|
||||
"ci_nginx",
|
||||
"mattermost_nginx",
|
||||
"pages_nginx",
|
||||
"registry_nginx",
|
||||
|
@ -196,7 +184,6 @@ module Gitlab
|
|||
"web_server",
|
||||
"mattermost",
|
||||
"external_url",
|
||||
"ci_external_url",
|
||||
"mattermost_external_url",
|
||||
"pages_external_url",
|
||||
"gitlab_pages",
|
||||
|
@ -231,7 +218,6 @@ module Gitlab
|
|||
Redis.parse_variables
|
||||
Postgresql.parse_variables
|
||||
Unicorn.parse_variables
|
||||
GitlabCi.parse_variables
|
||||
IncomingEmail.parse_variables
|
||||
GitlabMattermost.parse_variables
|
||||
GitlabPages.parse_variables
|
||||
|
|
|
@ -1,67 +0,0 @@
|
|||
#
|
||||
# Copyright:: Copyright (c) 2016 GitLab Inc.
|
||||
# License:: Apache License, Version 2.0
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
module GitlabCi
|
||||
class << self
|
||||
# Standalone GitLab CI is deprected.
|
||||
# The code below will be removed in the next major release.
|
||||
def parse_variables
|
||||
parse_ci_external_url
|
||||
parse_gitlab_ci
|
||||
end
|
||||
|
||||
def parse_ci_external_url
|
||||
return unless Gitlab['ci_external_url']
|
||||
# Disable gitlab_ci. This setting will be picked up by parse_gitlab_ci
|
||||
Gitlab['gitlab_ci']['enable'] = false
|
||||
|
||||
uri = URI(Gitlab['ci_external_url'].to_s)
|
||||
|
||||
unless uri.host
|
||||
raise "GitLab CI external URL must include a schema and FQDN, e.g. http://ci.example.com/"
|
||||
end
|
||||
Gitlab['gitlab_ci']['gitlab_ci_host'] = uri.host
|
||||
Gitlab['gitlab_ci']['gitlab_ci_email_from'] ||= "gitlab-ci@#{uri.host}"
|
||||
|
||||
case uri.scheme
|
||||
when "http"
|
||||
Gitlab['gitlab_ci']['gitlab_ci_https'] = false
|
||||
when "https"
|
||||
Gitlab['gitlab_ci']['gitlab_ci_https'] = true
|
||||
Gitlab['ci_nginx']['ssl_certificate'] ||= "/etc/gitlab/ssl/#{uri.host}.crt"
|
||||
Gitlab['ci_nginx']['ssl_certificate_key'] ||= "/etc/gitlab/ssl/#{uri.host}.key"
|
||||
else
|
||||
raise "Unsupported external URL scheme: #{uri.scheme}"
|
||||
end
|
||||
|
||||
unless ["", "/"].include?(uri.path)
|
||||
raise "Unsupported CI external URL path: #{uri.path}"
|
||||
end
|
||||
|
||||
Gitlab['gitlab_ci']['gitlab_ci_port'] = uri.port
|
||||
end
|
||||
|
||||
def parse_gitlab_ci
|
||||
return unless Gitlab['gitlab_ci']['enable']
|
||||
|
||||
Gitlab['ci_unicorn']['enable'] = true if Gitlab['ci_unicorn']['enable'].nil?
|
||||
Gitlab['ci_sidekiq']['enable'] = true if Gitlab['ci_sidekiq']['enable'].nil?
|
||||
Gitlab['ci_redis']['enable'] = true if Gitlab['ci_redis']['enable'].nil?
|
||||
Gitlab['ci_nginx']['enable'] = true if Gitlab['ci_nginx']['enable'].nil?
|
||||
end
|
||||
end
|
||||
end
|
|
@ -134,49 +134,6 @@ module AuthorizeHelper
|
|||
end
|
||||
end
|
||||
|
||||
class CiHelper
|
||||
extend ShellOutHelper
|
||||
extend AuthorizeHelper
|
||||
|
||||
def self.authorize_with_gitlab(gitlab_external_url)
|
||||
redirect_uri = "#{Gitlab['ci_external_url']}/user_sessions/callback"
|
||||
app_name = "GitLab CI"
|
||||
|
||||
o = query_gitlab_rails(redirect_uri, app_name)
|
||||
|
||||
app_id, app_secret = nil
|
||||
if o.exitstatus == 0
|
||||
app_id, app_secret = o.stdout.chomp.split(" ")
|
||||
|
||||
Gitlab['gitlab_ci']['gitlab_server'] = { 'url' => gitlab_external_url,
|
||||
'app_id' => app_id,
|
||||
'app_secret' => app_secret
|
||||
}
|
||||
|
||||
SecretsHelper.write_to_gitlab_secrets
|
||||
info("Updated the gitlab-secrets.json file.")
|
||||
else
|
||||
warn("Something went wrong while trying to update gitlab-secrets.json. Check the file permissions and try reconfiguring again.")
|
||||
end
|
||||
|
||||
{ 'url' => gitlab_external_url, 'app_id' => app_id, 'app_secret' => app_secret }
|
||||
end
|
||||
|
||||
def self.gitlab_server
|
||||
return unless Gitlab['gitlab_ci']['gitlab_server']
|
||||
Gitlab['gitlab_ci']['gitlab_server']
|
||||
end
|
||||
|
||||
def self.gitlab_server_fqdn
|
||||
if gitlab_server && gitlab_server['url']
|
||||
uri = URI(gitlab_server['url'].to_s)
|
||||
uri.host
|
||||
else
|
||||
Gitlab['gitlab_rails']['gitlab_host']
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
class MattermostHelper
|
||||
extend ShellOutHelper
|
||||
extend AuthorizeHelper
|
||||
|
@ -252,15 +209,6 @@ class SecretsHelper
|
|||
}
|
||||
}
|
||||
|
||||
if Gitlab['gitlab_ci']['gitlab_server']
|
||||
warning = [
|
||||
"Legacy config value gitlab_ci['gitlab_server'] found; value will be REMOVED. For reference, it was:",
|
||||
Gitlab['gitlab_ci']['gitlab_server'].to_json
|
||||
]
|
||||
|
||||
warn(warning.join("\n\n"))
|
||||
end
|
||||
|
||||
if Gitlab['mattermost']['gitlab_enable']
|
||||
gitlab_oauth = {
|
||||
'gitlab_enable' => Gitlab['mattermost']['gitlab_enable'],
|
||||
|
|
|
@ -37,12 +37,9 @@ module Logging
|
|||
|
||||
%w{
|
||||
redis
|
||||
ci-redis
|
||||
nginx
|
||||
sidekiq
|
||||
ci-sidekiq
|
||||
unicorn
|
||||
ci-unicorn
|
||||
postgresql
|
||||
remote-syslog
|
||||
gitlab-workhorse
|
||||
|
|
|
@ -35,7 +35,6 @@ module Nginx
|
|||
def parse_nginx_listen_ports
|
||||
[
|
||||
[%w{nginx listen_port}, %w{gitlab_rails gitlab_port}],
|
||||
[%w{ci_nginx listen_port}, %w{gitlab_ci gitlab_ci_port}],
|
||||
[%w{mattermost_nginx listen_port}, %w{mattermost port}],
|
||||
[%w{pages_nginx listen_port}, %w{gitlab_rails pages_port}],
|
||||
|
||||
|
|
|
@ -26,16 +26,13 @@ module Postgresql
|
|||
def parse_postgresql_settings
|
||||
# If the user wants to run the internal Postgres service using an alternative
|
||||
# DB username, host or port, then those settings should also be applied to
|
||||
# gitlab-rails and gitlab-ci.
|
||||
# gitlab-rails.
|
||||
[
|
||||
# %w{gitlab_rails db_username} corresponds to
|
||||
# Gitlab['gitlab_rails']['db_username'], etc.
|
||||
[%w{gitlab_rails db_username}, %w{postgresql sql_user}],
|
||||
[%w{gitlab_rails db_host}, %w{postgresql listen_address}],
|
||||
[%w{gitlab_rails db_port}, %w{postgresql port}],
|
||||
[%w{gitlab_ci db_username}, %w{postgresql sql_ci_user}],
|
||||
[%w{gitlab_ci db_host}, %w{postgresql listen_address}],
|
||||
[%w{gitlab_ci db_port}, %w{postgresql port}],
|
||||
].each do |left, right|
|
||||
if ! Gitlab[left.first][left.last].nil?
|
||||
# If the user explicitly sets a value for e.g.
|
||||
|
|
|
@ -1,21 +0,0 @@
|
|||
#
|
||||
# Copyright:: Copyright (c) 2012 Opscode, Inc.
|
||||
# Copyright:: Copyright (c) 2014 GitLab B.V.
|
||||
# License:: Apache License, Version 2.0
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
redis_service 'ci-redis' do
|
||||
socket_group AccountHelper.new(node).gitlab_ci_user
|
||||
end
|
|
@ -1,21 +0,0 @@
|
|||
#
|
||||
# Copyright:: Copyright (c) 2012 Opscode, Inc.
|
||||
# Copyright:: Copyright (c) 2014 GitLab B.V.
|
||||
# License:: Apache License, Version 2.0
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
runit_service "ci-redis" do
|
||||
action :disable
|
||||
end
|
|
@ -1,22 +0,0 @@
|
|||
#
|
||||
# Copyright:: Copyright (c) 2012 Opscode, Inc.
|
||||
# Copyright:: Copyright (c) 2014 GitLab B.V.
|
||||
# License:: Apache License, Version 2.0
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
sidekiq_service 'ci-sidekiq' do
|
||||
rails_app 'gitlab-ci'
|
||||
user AccountHelper.new(node).gitlab_ci_user
|
||||
end
|
|
@ -1,21 +0,0 @@
|
|||
#
|
||||
# Copyright:: Copyright (c) 2012 Opscode, Inc.
|
||||
# Copyright:: Copyright (c) 2014 GitLab B.V.
|
||||
# License:: Apache License, Version 2.0
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
runit_service "ci-sidekiq" do
|
||||
action :disable
|
||||
end
|
|
@ -1,22 +0,0 @@
|
|||
#
|
||||
# Copyright:: Copyright (c) 2012 Opscode, Inc.
|
||||
# Copyright:: Copyright (c) 2014 GitLab B.V.
|
||||
# License:: Apache License, Version 2.0
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
unicorn_service 'ci-unicorn' do
|
||||
rails_app 'gitlab-ci'
|
||||
user AccountHelper.new(node).gitlab_ci_user
|
||||
end
|
|
@ -1,21 +0,0 @@
|
|||
#
|
||||
# Copyright:: Copyright (c) 2012 Opscode, Inc.
|
||||
# Copyright:: Copyright (c) 2014 GitLab B.V.
|
||||
# License:: Apache License, Version 2.0
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
runit_service "ci-unicorn" do
|
||||
action :disable
|
||||
end
|
|
@ -1,28 +0,0 @@
|
|||
#
|
||||
# Copyright:: Copyright (c) 2014 GitLab B.V.
|
||||
# License:: Apache License, Version 2.0
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
# Remove all cronjobs for gitlab-ci builds
|
||||
|
||||
cron 'gitlab-ci schedule builds' do
|
||||
user 'root'
|
||||
action :delete
|
||||
end
|
||||
|
||||
cron 'gitlab-ci schedule builds' do
|
||||
user AccountHelper.new(node).gitlab_ci_user
|
||||
action :delete
|
||||
end
|
|
@ -69,8 +69,6 @@ if node['gitlab']['gitlab-rails']['enable']
|
|||
include_recipe "gitlab::gitlab-rails"
|
||||
end
|
||||
|
||||
include_recipe "gitlab::gitlab-ci-proxying"
|
||||
|
||||
include_recipe "gitlab::selinux"
|
||||
|
||||
# add trusted certs recipe
|
||||
|
@ -80,9 +78,7 @@ include_recipe "gitlab::add_trusted_certs"
|
|||
# the corresponding service recipe is not loaded below.
|
||||
[
|
||||
"unicorn",
|
||||
"ci-unicorn",
|
||||
"sidekiq",
|
||||
"ci-sidekiq",
|
||||
"mailroom"
|
||||
].each do |dummy|
|
||||
service "create a temporary #{dummy} service" do
|
||||
|
|
|
@ -1,60 +0,0 @@
|
|||
#
|
||||
# Copyright:: Copyright (c) 2012 Opscode, Inc.
|
||||
# Copyright:: Copyright (c) 2015 GitLab B.V.
|
||||
# License:: Apache License, Version 2.0
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
omnibus_helper = OmnibusHelper.new(node)
|
||||
ci_nginx_vars = node['gitlab']['ci-nginx'].to_hash
|
||||
|
||||
if ci_nginx_vars['listen_https'].nil?
|
||||
ci_nginx_vars['https'] = node['gitlab']['gitlab-ci']['gitlab_ci_https']
|
||||
else
|
||||
ci_nginx_vars['https'] = ci_nginx_vars['listen_https']
|
||||
end
|
||||
|
||||
nginx_conf_dir = File.join(node['gitlab']['nginx']['dir'], "conf")
|
||||
gitlab_ci_http_config = File.join(nginx_conf_dir, "gitlab-ci-http.conf")
|
||||
|
||||
if node["gitlab"]['gitlab-ci']['gitlab_ci_host']
|
||||
template gitlab_ci_http_config do
|
||||
source "nginx-gitlab-ci-http.conf.erb"
|
||||
owner "root"
|
||||
group "root"
|
||||
mode "0644"
|
||||
variables(ci_nginx_vars.merge(
|
||||
{
|
||||
:fqdn => node['gitlab']['gitlab-ci']['gitlab_ci_host'],
|
||||
:port => node['gitlab']['gitlab-ci']['gitlab_ci_port'],
|
||||
:socket => node['gitlab']['ci-unicorn']['socket'],
|
||||
:gitlab_fqdn => CiHelper.gitlab_server_fqdn
|
||||
}
|
||||
))
|
||||
notifies :restart, 'service[nginx]' if omnibus_helper.should_notify?("nginx")
|
||||
end
|
||||
|
||||
node.override["gitlab"]['nginx']["gitlab_ci_http_config"] = gitlab_ci_http_config
|
||||
else
|
||||
template gitlab_ci_http_config do
|
||||
source "nginx-gitlab-ci-http.conf.erb"
|
||||
action :delete
|
||||
end
|
||||
|
||||
node.override["gitlab"]['nginx']["gitlab_ci_http_config"] = nil
|
||||
end
|
||||
|
||||
if node["gitlab"]['gitlab-ci']["enable"]
|
||||
node.override["gitlab"]['gitlab-ci']["enable"] = false
|
||||
end
|
|
@ -213,7 +213,6 @@ template nginx_status_conf do
|
|||
end
|
||||
|
||||
nginx_vars['gitlab_access_log_format'] = node['gitlab']['nginx']['log_format']
|
||||
nginx_vars['gitlab_ci_access_log_format'] = node['gitlab']['ci-nginx']['log_format']
|
||||
nginx_vars['gitlab_mattermost_access_log_format'] = node['gitlab']['mattermost-nginx']['log_format']
|
||||
|
||||
template nginx_config do
|
||||
|
|
|
@ -1 +0,0 @@
|
|||
gitlab_ci_user='<%= node['gitlab']['gitlab-ci']['username'] %>'
|
|
@ -1,86 +0,0 @@
|
|||
# This file is managed by gitlab-ctl. Manual changes will be
|
||||
# erased! To change the contents below, edit /etc/gitlab/gitlab.rb
|
||||
# and run `sudo gitlab-ctl reconfigure`.
|
||||
|
||||
## GitLab CI
|
||||
|
||||
<% if @https && @redirect_http_to_https %>
|
||||
server {
|
||||
<% @listen_addresses.each do |listen_address| %>
|
||||
listen <%= listen_address %>:<%= @redirect_http_to_https_port %>;
|
||||
<% end %>
|
||||
server_name <%= @fqdn %>;
|
||||
server_tokens off;
|
||||
rewrite ^(.*) https://<%= @fqdn %>:<%= @port %>$1 permanent;
|
||||
access_log <%= @log_directory %>/gitlab_ci_access.log gitlab_ci_access;
|
||||
error_log <%= @log_directory %>/gitlab_ci_error.log;
|
||||
}
|
||||
<% end %>
|
||||
|
||||
server {
|
||||
<% @listen_addresses.each do |listen_address| %>
|
||||
listen <%= listen_address %>:<%= @listen_port %><% if @https %> ssl<% end %>;
|
||||
<% end %>
|
||||
server_name <%= @fqdn %>;
|
||||
server_tokens off; # don't show the version number, a security best practice
|
||||
|
||||
<% if @https %>
|
||||
ssl on;
|
||||
ssl_certificate <%= @ssl_certificate %>;
|
||||
ssl_certificate_key <%= @ssl_certificate_key %>;
|
||||
<% if @ssl_client_certificate %>
|
||||
ssl_client_certificate <%= @ssl_client_certificate%>;
|
||||
<% end %>
|
||||
<% if @ssl_verify_client %>
|
||||
ssl_verify_client <%= @ssl_verify_client%>;
|
||||
ssl_verify_depth <%= @ssl_verify_depth%>;
|
||||
<% end %>
|
||||
ssl_ciphers '<%= @ssl_ciphers %>';
|
||||
ssl_prefer_server_ciphers <%= @ssl_prefer_server_ciphers %>;
|
||||
ssl_protocols <%= @ssl_protocols %>;
|
||||
ssl_session_cache <%= @ssl_session_cache %>;
|
||||
ssl_session_timeout <%= @ssl_session_timeout %>;
|
||||
<% if @ssl_dhparam %>
|
||||
ssl_dhparam <%= @ssl_dhparam %>;
|
||||
<% end %>
|
||||
<% end %>
|
||||
|
||||
## Individual nginx logs for this GitLab CI vhost
|
||||
access_log <%= @log_directory %>/gitlab_ci_access.log gitlab_ci_access;
|
||||
error_log <%= @log_directory %>/gitlab_ci_error.log;
|
||||
|
||||
# expose API to fix runners
|
||||
location /api {
|
||||
proxy_read_timeout <%= @proxy_read_timeout %>;
|
||||
proxy_connect_timeout <%= @proxy_connect_timeout %>;
|
||||
proxy_redirect off;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
|
||||
# You need to specify your DNS servers that are able to resolve YOUR_GITLAB_SERVER_FQDN
|
||||
resolver <%= @resolver %>;
|
||||
proxy_pass <%= @https ? "https" : "http" %>://<%= @gitlab_fqdn %>/ci$request_uri;
|
||||
}
|
||||
|
||||
# expose build endpoint to allow trigger builds
|
||||
location ~ ^/projects/\d+/build$ {
|
||||
proxy_read_timeout <%= @proxy_read_timeout %>;
|
||||
proxy_connect_timeout <%= @proxy_connect_timeout %>;
|
||||
proxy_redirect off;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
|
||||
# You need to specify your DNS servers that are able to resolve YOUR_GITLAB_SERVER_FQDN
|
||||
resolver <%= @resolver %>;
|
||||
proxy_pass <%= @https ? "https" : "http" %>://<%= @gitlab_fqdn %>/ci$request_uri;
|
||||
}
|
||||
|
||||
# redirect all other CI requests
|
||||
location / {
|
||||
return 301 <%= @https ? "https" : "http" %>://<%= @gitlab_fqdn %>/ci$request_uri;
|
||||
}
|
||||
|
||||
# adjust this to match the largest build log your runners might submit,
|
||||
# set to 0 to disable limit
|
||||
client_max_body_size <%= @client_max_body_size %>;
|
||||
|
||||
<%= @custom_gitlab_ci_server_config %>
|
||||
}
|
|
@ -15,7 +15,6 @@ events {
|
|||
|
||||
http {
|
||||
log_format gitlab_access '<%= @gitlab_access_log_format %>';
|
||||
log_format gitlab_ci_access '<%= @gitlab_ci_access_log_format %>';
|
||||
log_format gitlab_mattermost_access '<%= @gitlab_mattermost_access_log_format %>';
|
||||
|
||||
server_names_hash_bucket_size <%= @server_names_hash_bucket_size %>;
|
||||
|
@ -46,10 +45,6 @@ http {
|
|||
include <%= @gitlab_http_config %>;
|
||||
<% end %>
|
||||
|
||||
<% if @gitlab_ci_http_config %>
|
||||
include <%= @gitlab_ci_http_config %>;
|
||||
<% end %>
|
||||
|
||||
<% if @gitlab_pages_http_config %>
|
||||
include <%= @gitlab_pages_http_config %>;
|
||||
<% end %>
|
||||
|
|
|
@ -41,7 +41,6 @@
|
|||
|
||||
# MAPNAME SYSTEM-USERNAME PG-USERNAME
|
||||
gitlab <%= node['gitlab']['user']['username'] %> <%= node['gitlab']['postgresql']['sql_user'] %>
|
||||
gitlab <%= node['gitlab']['gitlab-ci']['username'] %> <%= node['gitlab']['postgresql']['sql_ci_user'] %>
|
||||
gitlab <%= node['gitlab']['mattermost']['username'] %> <%= node['gitlab']['postgresql']['sql_mattermost_user'] %>
|
||||
# Default to a 1-1 mapping between system usernames and Postgres usernames
|
||||
gitlab /^(.*)$ \1
|
||||
|
|
|
@ -184,29 +184,6 @@ describe 'secrets' do
|
|||
end
|
||||
end
|
||||
|
||||
context 'when there is a legacy CI gitlab_server key' do
|
||||
before do
|
||||
stub_gitlab_secrets_json(gitlab_ci: { gitlab_server: { url: 'json_ci_gitlab_server' } })
|
||||
allow_any_instance_of(Object).to receive(:warn)
|
||||
end
|
||||
|
||||
it 'warns that this value is no longer used, and prints the value' do
|
||||
expect_any_instance_of(Object).to receive(:warn) do |value|
|
||||
expect(value).to include('gitlab_server')
|
||||
expect(value).to include('json_ci_gitlab_server')
|
||||
end
|
||||
|
||||
chef_run
|
||||
end
|
||||
|
||||
it 'does not write the value to the new file' do
|
||||
chef_run
|
||||
|
||||
expect(new_secrets).not_to have_key('gitlab_ci')
|
||||
expect(new_secrets.to_json).not_to include('json_ci_gitlab_server')
|
||||
end
|
||||
end
|
||||
|
||||
context 'when secrets are ambiguous and cannot be migrated automatically' do
|
||||
before { stub_gitlab_secrets_json({}) }
|
||||
|
||||
|
|
Loading…
Reference in New Issue