root
/
gitlab-ce
mirror of https://gitlab.com/free-releases/gitlab-ce.git
1
0
Fork 0
Code Issues Actions Packages Projects Releases Wiki Activity

Add latest changes from gitlab-org/gitlab@master

This commit is contained in:
GitLab Bot 2024-07-27 03:07:12 +00:00
parent 8b795165d1
commit e9256e4e1d
12 changed files with 975 additions and 30 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
bin/gitlab-backup-cli
View File

@ -3,12 +3,12 @@
$:.unshift File.expand_path("../../lib", __FILE__)
# We require APP_PATH when the rails environment is required only,
# this allows for faster CLI execution when rails is not needed
APP_PATH = File.expand_path('../config/application', __dir__)
# GITLAB_PATH points to the Rails.root, which the tool can use to load
# the Rails environment when necessary or to help find configuration files
# when used with GDK
GITLAB_PATH = File.expand_path('../', __dir__)
require_relative '../config/boot'
require 'gitlab/backup/cli'
Gitlab::Backup::Cli::Runner.start(ARGV)

12
config/initializers/1_settings.rb
View File

@ -6,6 +6,7 @@ require_relative '../smime_signature_settings'
# Default settings
Settings['shared'] ||= {}
# If you are changing default storage paths, then you must change them in the gitlab-backup-cli gem as well
Settings.shared['path'] = Settings.absolute(Settings.shared['path'] || "shared")
Settings['encrypted_settings'] ||= {}
@ -265,6 +266,7 @@ end
#
Settings['gitlab_ci'] ||= {}
Settings.gitlab_ci['shared_runners_enabled'] = true if Settings.gitlab_ci['shared_runners_enabled'].nil?
# If you are changing default storage paths, then you must change them in the gitlab-backup-cli gem as well
Settings.gitlab_ci['builds_path'] = Settings.absolute(Settings.gitlab_ci['builds_path'] || "builds/")
Settings.gitlab_ci['url'] ||= Settings.__send__(:build_gitlab_ci_url)
Settings.gitlab_ci['server_fqdn'] ||= Settings.__send__(:build_ci_server_fqdn)
@ -274,6 +276,7 @@ Settings.gitlab_ci['server_fqdn'] ||= Settings.__send__(:build_ci_server
#
Settings['ci_secure_files'] ||= {}
Settings.ci_secure_files['enabled'] = true if Settings.ci_secure_files['enabled'].nil?
# If you are changing default storage paths, then you must change them in the gitlab-backup-cli gem as well
Settings.ci_secure_files['storage_path'] = Settings.absolute(Settings.ci_secure_files['storage_path'] || File.join(Settings.shared['path'], "ci_secure_files"))
Settings.ci_secure_files['object_store'] = ObjectStoreSettings.legacy_parse(Settings.ci_secure_files['object_store'], 'secure_files')
@ -297,6 +300,7 @@ Settings.service_desk_email['encrypted_secret_file'] = Settings.absolute(Setting
#
Settings['artifacts'] ||= {}
Settings.artifacts['enabled'] = true if Settings.artifacts['enabled'].nil?
# If you are changing default storage paths, then you must change them in the gitlab-backup-cli gem as well
Settings.artifacts['storage_path'] = Settings.absolute(Settings.artifacts.values_at('path', 'storage_path').compact.first || File.join(Settings.shared['path'], "artifacts"))
# Settings.artifact['path'] is deprecated, use `storage_path` instead
Settings.artifacts['path'] = Settings.artifacts['storage_path']
@ -314,6 +318,7 @@ Settings.registry['api_url'] ||= "http://localhost:5000/"
Settings.registry['key'] ||= nil
Settings.registry['issuer'] ||= nil
Settings.registry['host_port'] ||= [Settings.registry['host'], Settings.registry['port']].compact.join(':')
# If you are changing default storage paths, then you must change them in the gitlab-backup-cli gem as well
Settings.registry['path'] = Settings.absolute(Settings.registry['path'] || File.join(Settings.shared['path'], 'registry'))
Settings.registry['notifications'] ||= []
@ -333,6 +338,7 @@ Settings['pages'] ||= {}
Settings['pages'] = ::Gitlab::Pages::Settings.new(Settings.pages) # For path access detection https://gitlab.com/gitlab-org/gitlab/-/issues/230702
Settings.pages['enabled'] = false if Settings.pages['enabled'].nil?
Settings.pages['access_control'] = false if Settings.pages['access_control'].nil?
# If you are changing default storage paths, then you must change them in the gitlab-backup-cli gem as well
Settings.pages['path'] = Settings.absolute(Settings.pages['path'] || File.join(Settings.shared['path'], "pages"))
Settings.pages['https'] = false if Settings.pages['https'].nil?
Settings.pages['host'] ||= "example.com"
@ -348,6 +354,7 @@ Settings.pages['secret_file'] ||= Rails.root.join('.gitlab_pages_secret')
Settings.pages['storage_path'] = Settings.pages['path']
Settings.pages['object_store'] = ObjectStoreSettings.legacy_parse(Settings.pages['object_store'], 'pages')
Settings.pages['local_store'] ||= {}
# If you are changing default storage paths, then you must change them in the gitlab-backup-cli gem as well
Settings.pages['local_store']['path'] = Settings.absolute(Settings.pages['local_store']['path'] || File.join(Settings.shared['path'], "pages"))
Settings.pages['local_store']['enabled'] = true if Settings.pages['local_store']['enabled'].nil?
Settings.pages['namespace_in_path'] = false if Settings.pages['namespace_in_path'].nil?
@ -387,6 +394,7 @@ Settings.feature_flags.unleash['enabled'] = false if Settings.feature_flags.unle
Settings['external_diffs'] ||= {}
Settings.external_diffs['enabled'] = false if Settings.external_diffs['enabled'].nil?
Settings.external_diffs['when'] = 'always' if Settings.external_diffs['when'].nil?
# If you are changing default storage paths, then you must change them in the gitlab-backup-cli gem as well
Settings.external_diffs['storage_path'] = Settings.absolute(Settings.external_diffs['storage_path'] || File.join(Settings.shared['path'], 'external-diffs'))
Settings.external_diffs['object_store'] = ObjectStoreSettings.legacy_parse(Settings.external_diffs['object_store'], 'external_diffs')
@ -395,6 +403,7 @@ Settings.external_diffs['object_store'] = ObjectStoreSettings.legacy_parse(Setti
#
Settings['lfs'] ||= {}
Settings.lfs['enabled'] = true if Settings.lfs['enabled'].nil?
# If you are changing default storage paths, then you must change them in the gitlab-backup-cli gem as well
Settings.lfs['storage_path'] = Settings.absolute(Settings.lfs['storage_path'] || File.join(Settings.shared['path'], "lfs-objects"))
Settings.lfs['object_store'] = ObjectStoreSettings.legacy_parse(Settings.lfs['object_store'], 'lfs')
@ -413,6 +422,7 @@ Settings.uploads['object_store']['remote_directory'] ||= 'uploads'
Settings['packages'] ||= {}
Settings.packages['enabled'] = true if Settings.packages['enabled'].nil?
Settings.packages['dpkg_deb_path'] = '/usr/bin/dpkg-deb' if Settings.packages['dpkg_deb_path'].nil?
# If you are changing default storage paths, then you must change them in the gitlab-backup-cli gem as well
Settings.packages['storage_path'] = Settings.absolute(Settings.packages['storage_path'] || File.join(Settings.shared['path'], "packages"))
Settings.packages['object_store'] = ObjectStoreSettings.legacy_parse(Settings.packages['object_store'], 'packages')
@ -421,6 +431,7 @@ Settings.packages['object_store'] = ObjectStoreSettings.legacy_parse(Settings.p
#
Settings['dependency_proxy'] ||= {}
Settings.dependency_proxy['enabled'] = true if Settings.dependency_proxy['enabled'].nil?
# If you are changing default storage paths, then you must change them in the gitlab-backup-cli gem as well
Settings.dependency_proxy['storage_path'] = Settings.absolute(Settings.dependency_proxy['storage_path'] || File.join(Settings.shared['path'], "dependency_proxy"))
Settings.dependency_proxy['object_store'] = ObjectStoreSettings.legacy_parse(Settings.dependency_proxy['object_store'], 'dependency_proxy')
@ -435,6 +446,7 @@ Settings.dependency_proxy['enabled'] = false unless Gitlab::Runtime.puma?
#
Settings['terraform_state'] ||= {}
Settings.terraform_state['enabled'] = true if Settings.terraform_state['enabled'].nil?
# If you are changing default storage paths, then you must change them in the gitlab-backup-cli gem as well
Settings.terraform_state['storage_path'] = Settings.absolute(Settings.terraform_state['storage_path'] || File.join(Settings.shared['path'], "terraform_state"))
Settings.terraform_state['object_store'] = ObjectStoreSettings.legacy_parse(Settings.terraform_state['object_store'], 'terraform_state')

8
gems/gitlab-backup-cli/bin/console
View File

@ -1,11 +1,13 @@
#!/usr/bin/env ruby
# frozen_string_literal: true
# GITLAB_PATH points to the Rails.root, which the tool can use to load
# the Rails environment when necessary or to help find configuration files
# when used with GDK
GITLAB_PATH = File.expand_path(File.join(__dir__, '../../../'))
require "bundler/setup"
require "gitlab/backup/cli"
# You can add fixtures and/or initialization code here to make experimenting
# with your gem easier. You can also use a different console, if you like.
require "irb"
IRB.start(__FILE__)

4
gems/gitlab-backup-cli/lib/gitlab/backup/cli.rb
View File

@ -5,6 +5,7 @@
# want to use the Rainbow refinement in the gem code going forward, but
# while we have this dependency, we need this external require
require "rainbow/ext/string"
require 'active_support/all'
module Gitlab
module Backup
@ -13,6 +14,7 @@ module Gitlab
autoload :BackupExecutor, 'gitlab/backup/cli/backup_executor'
autoload :Commands, 'gitlab/backup/cli/commands'
autoload :Dependencies, 'gitlab/backup/cli/dependencies'
autoload :GitlabConfig, 'gitlab/backup/cli/gitlab_config'
autoload :Metadata, 'gitlab/backup/cli/metadata'
autoload :Output, 'gitlab/backup/cli/output'
autoload :RestoreExecutor, 'gitlab/backup/cli/restore_executor'
@ -27,7 +29,7 @@ module Gitlab
Error = Class.new(StandardError)
def self.rails_environment!
require APP_PATH
require File.join(GITLAB_PATH, 'config/application')
Rails.application.require_environment!
Rails.application.autoloaders

57
gems/gitlab-backup-cli/lib/gitlab/backup/cli/gitlab_config.rb Normal file
View File

@ -0,0 +1,57 @@
# frozen_string_literal: true
module Gitlab
module Backup
module Cli
class GitlabConfig
extend Forwardable
def_delegators :@config,
:count,
:deep_stringify_keys,
:deep_symbolize_keys,
:default_proc,
:dig,
:each_key,
:each_pair,
:each_value,
:each,
:empty?,
:fetch_values,
:fetch,
:filter,
:keys,
:length,
:map,
:member?,
:merge,
:reject,
:select,
:size,
:slice,
:stringify_keys,
:symbolize_keys,
:transform_keys,
:transform_values,
:value?,
:values_at,
:values,
:[]
def initialize(source)
@source = source
@config = nil
load!
end
def load!
yaml = ActiveSupport::ConfigurationFile.parse(@source)
all_configs = yaml.deep_stringify_keys
@config = all_configs
end
end
end
end
end

108
gems/gitlab-backup-cli/lib/gitlab/backup/cli/source_context.rb
View File

@ -8,74 +8,138 @@ module Gitlab
# Any specific information from the GitLab installation will be
# automatically discovered from the current machine
class SourceContext
# Defaults defined in `config/initializers/1_settings.rb`
DEFAULT_SHARED_PATH = 'shared'
DEFAULT_CI_BUILDS_PATH = 'builds'
DEFAULT_JOBS_ARTIFACTS_PATH = 'artifacts'
DEFAULT_SECURE_FILES_PATH = 'ci_secure_files'
DEFAULT_CI_LFS_PATH = 'lfs-objects'
DEFAULT_PACKAGES = 'packages'
DEFAULT_PAGES = 'pages'
DEFAULT_REGISTRY_PATH = 'registry'
DEFAULT_TERRAFORM_STATE_PATH = 'terraform_state'
DEFAULT_UPLOADS_PATH = 'public' # based on GitLab's root folder
def gitlab_version
# TODO: decouple from Rails codebase
Gitlab::VERSION
File.read(gitlab_basepath.join("VERSION")).strip.freeze
end
def backup_basedir
# TODO: decouple from Rails codebase, load from gitlab.yml file
Rails.root.join('tmp/backups')
path = gitlab_config[env]['backup']['path']
absolute_path(path)
end
# CI Builds basepath
def ci_builds_path
# TODO: Use configuration solver
Settings.gitlab_ci.builds_path
path = gitlab_config.dig(env, 'gitlab_ci', 'builds_path') || DEFAULT_CI_BUILDS_PATH
absolute_path(path)
end
# Job Artifacts basepath
def ci_job_artifacts_path
# TODO: Use configuration solver
JobArtifactUploader.root
path = gitlab_config.dig(env, 'artifacts', 'path') ||
gitlab_config.dig(env, 'artifacts', 'storage_path') ||
gitlab_shared_path.join(DEFAULT_JOBS_ARTIFACTS_PATH)
absolute_path(path)
end
# CI Secure Files basepath
def ci_secure_files_path
# TODO: Use configuration solver
Settings.ci_secure_files.storage_path
path = gitlab_config.dig(env, 'ci_secure_files', 'storage_path') ||
gitlab_shared_path.join(DEFAULT_SECURE_FILES_PATH)
absolute_path(path)
end
# CI LFS basepath
def ci_lfs_path
# TODO: Use configuration solver
Settings.lfs.storage_path
path = gitlab_config.dig(env, 'lfs', 'storage_path') ||
gitlab_shared_path.join(DEFAULT_CI_LFS_PATH)
absolute_path(path)
end
# Packages basepath
def packages_path
# TODO: Use configuration solver
Settings.packages.storage_path
path = gitlab_config.dig(env, 'packages', 'storage_path') ||
gitlab_shared_path.join(DEFAULT_PACKAGES)
absolute_path(path)
end
# GitLab Pages basepath
def pages_path
# TODO: Use configuration solver
Gitlab.config.pages.path
path = gitlab_config.dig(env, 'pages', 'path') ||
gitlab_shared_path.join(DEFAULT_PAGES)
absolute_path(path)
end
# Registry basepath
def registry_path
# TODO: Use configuration solver
Settings.registry.path
path = gitlab_config.dig(env, 'registry', 'path') ||
gitlab_shared_path.join(DEFAULT_REGISTRY_PATH)
absolute_path(path)
end
# Terraform State basepath
def terraform_state_path
# TODO: Use configuration solver
Settings.terraform_state.storage_path
path = gitlab_config.dig(env, 'terraform_state', 'storage_path') ||
gitlab_shared_path.join(DEFAULT_TERRAFORM_STATE_PATH)
absolute_path(path)
end
# Upload basepath
def upload_path
# TODO: Use configuration solver
File.join(Gitlab.config.uploads.storage_path, 'uploads')
path = gitlab_config.dig(env, 'uploads', 'storage_path') ||
gitlab_basepath.join(DEFAULT_UPLOADS_PATH)
absolute_path(path).join('uploads')
end
def env
@env ||= ActiveSupport::EnvironmentInquirer.new(
ENV["RAILS_ENV"].presence || ENV["RACK_ENV"].presence || "development")
end
private
# Return the shared path used as a fallback base location to each blob type
# We use this to determine the storage location when everything else fails
# @return [Pathname]
def gitlab_shared_path
shared_path = gitlab_config.dig(env, 'shared', 'path') || DEFAULT_SHARED_PATH
Pathname(shared_path)
end
# Return a fullpath for a given path
#
# When the path is already a full one return itself as a Pathname
# otherwise uses gitlab_basepath as its base
# @param [String|Pathname] path
# @return [Pathname]
def absolute_path(path)
# Joins with gitlab_basepath when relative, otherwise return full path
Pathname(File.expand_path(path, gitlab_basepath))
end
# Return the GitLab base directory
# @return [Pathname]
def gitlab_basepath
return Pathname.new(GITLAB_PATH) if GITLAB_PATH
raise ::Gitlab::Backup::Cli::Error, 'GITLAB_PATH is missing'
end
def gitlab_config
@gitlab_config ||= Gitlab::Backup::Cli::GitlabConfig.new(gitlab_basepath.join('config/gitlab.yml'))
end
end
end
end

1
gems/gitlab-backup-cli/spec/fixtures/VERSION vendored Normal file
View File

@ -0,0 +1 @@
17.0.3-ee

9
gems/gitlab-backup-cli/spec/fixtures/gitlab-missingconfigs.yml vendored Normal file
View File

@ -0,0 +1,9 @@
# # # # # # # # # # # # # # # # # #
# GitLab application config file #
# # # # # # # # # # # # # # # # # #
test:
gravatar:
enabled: true
shared:
path: 'test-shared'

233
gems/gitlab-backup-cli/spec/fixtures/gitlab-relativepaths.yml vendored Normal file
View File

@ -0,0 +1,233 @@
# # # # # # # # # # # # # # # # # #
# GitLab application config file #
# # # # # # # # # # # # # # # # # #
test:
object_store:
enabled: false
gravatar:
enabled: true
gitlab_ci:
builds_path: tests/builds
shared:
path: 'shared-tests'
external_diffs:
enabled: false
# Diffs may be `always` external (the default), or they can be made external
# after they have become `outdated` (i.e., the MR is closed or a new version
# has been pushed).
# when: always
# The location where external diffs are stored (default: shared/external-diffs).
storage_path: tmp/tests/external-diffs
object_store:
enabled: false
remote_directory: external-diffs # The bucket name
connection:
provider: AWS # Only AWS supported at the moment
aws_access_key_id: AWS_ACCESS_KEY_ID
aws_secret_access_key: AWS_SECRET_ACCESS_KEY
region: us-east-1
lfs:
enabled: false
# The location where LFS objects are stored (default: shared/lfs-objects).
storage_path: tmp/tests/lfs-objects
object_store:
enabled: false
remote_directory: lfs-objects # The bucket name
connection:
provider: AWS # Only AWS supported at the moment
aws_access_key_id: AWS_ACCESS_KEY_ID
aws_secret_access_key: AWS_SECRET_ACCESS_KEY
region: us-east-1
artifacts:
path: tmp/tests/artifacts
enabled: true
# The location where build artifacts are stored (default: shared/artifacts).
# path: shared/artifacts
object_store:
enabled: false
remote_directory: artifacts # The bucket name
connection:
provider: AWS # Only AWS supported at the moment
aws_access_key_id: AWS_ACCESS_KEY_ID
aws_secret_access_key: AWS_SECRET_ACCESS_KEY
region: us-east-1
uploads:
storage_path: tmp/tests/public
object_store:
enabled: false
connection:
provider: AWS # Only AWS supported at the moment
aws_access_key_id: AWS_ACCESS_KEY_ID
aws_secret_access_key: AWS_SECRET_ACCESS_KEY
region: us-east-1
packages:
enabled: true
storage_path: tmp/tests/packages
terraform_state:
enabled: true
storage_path: tmp/tests/terraform_state
object_store:
enabled: false
remote_directory: terraform
connection:
provider: AWS # Only AWS supported at the moment
aws_access_key_id: AWS_ACCESS_KEY_ID
aws_secret_access_key: AWS_SECRET_ACCESS_KEY
region: us-east-1
ci_secure_files:
enabled: true
storage_path: tmp/tests/ci_secure_files
object_store:
enabled: false
remote_directory: ci-secure-files
connection:
provider: AWS # Only AWS supported at the moment
aws_access_key_id: AWS_ACCESS_KEY_ID
aws_secret_access_key: AWS_SECRET_ACCESS_KEY
region: us-east-1
registry:
enabled: true
path: tmp/tests/registry
gitlab:
host: localhost
port: 80
content_security_policy:
enabled: true
report_only: false
directives:
base_uri:
child_src:
connect_src:
default_src: "'self'"
font_src:
form_action:
frame_ancestors: "'self'"
frame_src: "'self' https://www.google.com/recaptcha/ https://www.recaptcha.net/ https://content.googleapis.com https://content-compute.googleapis.com https://content-cloudbilling.googleapis.com https://content-cloudresourcemanager.googleapis.com"
img_src: "* data: blob:"
manifest_src:
media_src:
object_src: "'none'"
script_src: "'self' 'unsafe-eval' http://localhost:* https://www.google.com/recaptcha/ https://www.recaptcha.net/ https://www.gstatic.com/recaptcha/ https://apis.google.com"
style_src: "'self' 'unsafe-inline'"
worker_src: "'self' blob:"
report_uri:
# When you run tests we clone and set up gitlab-shell
# In order to set it up correctly you need to specify
# your system username you use to run GitLab
# user: YOUR_USERNAME
pages:
path: tmp/tests/pages
object_store:
enabled: false
remote_directory: pages # The bucket name
connection:
provider: AWS
aws_access_key_id: AWS_ACCESS_KEY_ID
aws_secret_access_key: AWS_SECRET_ACCESS_KEY
region: us-east-1
local_store:
enabled: true
path: tmp/tests/pages
repositories:
storages:
default:
path: tmp/tests/repositories/
gitaly_address: unix:tmp/tests/gitaly/praefect.socket
gitaly:
client_path: tmp/tests/gitaly/_build/bin
token: secret
workhorse:
secret_file: tmp/gitlab_workhorse_test_secret
backup:
path: /tmp/gitlab/full/backups
gitaly_backup_path: tmp/tests/gitaly/_build/bin/gitaly-backup
gitlab_shell:
path: tmp/tests/gitlab-shell/
authorized_keys_file: tmp/tests/authorized_keys
issues_tracker:
redmine:
title: "Redmine"
project_url: "http://redmine/projects/:issues_tracker_id"
issues_url: "http://redmine/:project_id/:issues_tracker_id/:id"
new_issue_url: "http://redmine/projects/:issues_tracker_id/issues/new"
jira:
title: "Jira"
url: https://sample_company.atlassian.net
project_key: PROJECT
omniauth:
# enabled: true
allow_single_sign_on: true
external_providers: []
providers:
- { name: 'alicloud',
app_id: 'YOUR_APP_ID',
app_secret: 'YOUR_APP_SECRET' }
- { name: 'github',
app_id: 'YOUR_APP_ID',
app_secret: 'YOUR_APP_SECRET',
url: "https://github.com/",
verify_ssl: false,
args: { scope: 'user:email' } }
- { name: 'bitbucket',
app_id: 'YOUR_APP_ID',
app_secret: 'YOUR_APP_SECRET' }
- { name: 'gitlab',
app_id: 'YOUR_APP_ID',
app_secret: 'YOUR_APP_SECRET',
args: { scope: 'api' } }
- { name: 'google_oauth2',
app_id: 'YOUR_APP_ID',
app_secret: 'YOUR_APP_SECRET',
args: { access_type: 'offline', approval_prompt: '' } }
- { name: 'jwt',
app_secret: 'YOUR_APP_SECRET',
args: {
algorithm: 'HS256',
uid_claim: 'email',
required_claims: ["name", "email"],
info_map: { name: "name", email: "email" },
auth_url: 'https://example.com/',
valid_within: null,
}
}
- { name: 'auth0',
args: {
client_id: 'YOUR_AUTH0_CLIENT_ID',
client_secret: 'YOUR_AUTH0_CLIENT_SECRET',
domain: 'YOUR_AUTH0_DOMAIN',
scope: 'openid profile email' } }
- { name: 'salesforce',
app_id: 'YOUR_CLIENT_ID',
app_secret: 'YOUR_CLIENT_SECRET'
}
- { name: 'atlassian_oauth2',
app_id: 'YOUR_CLIENT_ID',
app_secret: 'YOUR_CLIENT_SECRET',
args: { scope: 'offline_access read:jira-user read:jira-work', prompt: 'consent' }
}
ldap:
enabled: false
servers:
main:
label: ldap
host: 127.0.0.1
port: 3890
uid: 'uid'
encryption: 'plain' # "start_tls" or "simple_tls" or "plain"
base: 'dc=example,dc=com'
user_filter: ''
group_base: 'ou=groups,dc=example,dc=com'
admin_group: ''
prometheus:
enabled: true
server_address: 'localhost:9090'

233
gems/gitlab-backup-cli/spec/fixtures/gitlab.yml vendored Normal file
View File

@ -0,0 +1,233 @@
# # # # # # # # # # # # # # # # # #
# GitLab application config file #
# # # # # # # # # # # # # # # # # #
test:
object_store:
enabled: false
gravatar:
enabled: true
gitlab_ci:
builds_path: /tmp/gitlab/full/builds
shared:
path: /tmp/gitlab/full/shared
external_diffs:
enabled: false
# Diffs may be `always` external (the default), or they can be made external
# after they have become `outdated` (i.e., the MR is closed or a new version
# has been pushed).
# when: always
# The location where external diffs are stored (default: shared/external-diffs).
storage_path: tmp/tests/external-diffs
object_store:
enabled: false
remote_directory: external-diffs # The bucket name
connection:
provider: AWS # Only AWS supported at the moment
aws_access_key_id: AWS_ACCESS_KEY_ID
aws_secret_access_key: AWS_SECRET_ACCESS_KEY
region: us-east-1
lfs:
enabled: false
# The location where LFS objects are stored (default: shared/lfs-objects).
storage_path: /tmp/gitlab/full/lfs-objects
object_store:
enabled: false
remote_directory: lfs-objects # The bucket name
connection:
provider: AWS # Only AWS supported at the moment
aws_access_key_id: AWS_ACCESS_KEY_ID
aws_secret_access_key: AWS_SECRET_ACCESS_KEY
region: us-east-1
artifacts:
path: /tmp/gitlab/full/artifacts
enabled: true
# The location where build artifacts are stored (default: shared/artifacts).
# path: shared/artifacts
object_store:
enabled: false
remote_directory: artifacts # The bucket name
connection:
provider: AWS # Only AWS supported at the moment
aws_access_key_id: AWS_ACCESS_KEY_ID
aws_secret_access_key: AWS_SECRET_ACCESS_KEY
region: us-east-1
uploads:
storage_path: /tmp/gitlab/full/public
object_store:
enabled: false
connection:
provider: AWS # Only AWS supported at the moment
aws_access_key_id: AWS_ACCESS_KEY_ID
aws_secret_access_key: AWS_SECRET_ACCESS_KEY
region: us-east-1
packages:
enabled: true
storage_path: /tmp/gitlab/full/packages
terraform_state:
enabled: true
storage_path: /tmp/gitlab/full/terraform_state
object_store:
enabled: false
remote_directory: terraform
connection:
provider: AWS # Only AWS supported at the moment
aws_access_key_id: AWS_ACCESS_KEY_ID
aws_secret_access_key: AWS_SECRET_ACCESS_KEY
region: us-east-1
ci_secure_files:
enabled: true
storage_path: /tmp/gitlab/full/ci_secure_files
object_store:
enabled: false
remote_directory: ci-secure-files
connection:
provider: AWS # Only AWS supported at the moment
aws_access_key_id: AWS_ACCESS_KEY_ID
aws_secret_access_key: AWS_SECRET_ACCESS_KEY
region: us-east-1
registry:
enabled: true
path: /tmp/gitlab/full/registry
gitlab:
host: localhost
port: 80
content_security_policy:
enabled: true
report_only: false
directives:
base_uri:
child_src:
connect_src:
default_src: "'self'"
font_src:
form_action:
frame_ancestors: "'self'"
frame_src: "'self' https://www.google.com/recaptcha/ https://www.recaptcha.net/ https://content.googleapis.com https://content-compute.googleapis.com https://content-cloudbilling.googleapis.com https://content-cloudresourcemanager.googleapis.com"
img_src: "* data: blob:"
manifest_src:
media_src:
object_src: "'none'"
script_src: "'self' 'unsafe-eval' http://localhost:* https://www.google.com/recaptcha/ https://www.recaptcha.net/ https://www.gstatic.com/recaptcha/ https://apis.google.com"
style_src: "'self' 'unsafe-inline'"
worker_src: "'self' blob:"
report_uri:
# When you run tests we clone and set up gitlab-shell
# In order to set it up correctly you need to specify
# your system username you use to run GitLab
# user: YOUR_USERNAME
pages:
path: /tmp/gitlab/full/pages
object_store:
enabled: false
remote_directory: pages # The bucket name
connection:
provider: AWS
aws_access_key_id: AWS_ACCESS_KEY_ID
aws_secret_access_key: AWS_SECRET_ACCESS_KEY
region: us-east-1
local_store:
enabled: true
path: /tmp/gitlab/full/pages
repositories:
storages:
default:
path: tmp/tests/repositories/
gitaly_address: unix:tmp/tests/gitaly/praefect.socket
gitaly:
client_path: tmp/tests/gitaly/_build/bin
token: secret
workhorse:
secret_file: tmp/gitlab_workhorse_test_secret
backup:
path: tmp/tests/backups
gitaly_backup_path: tmp/tests/gitaly/_build/bin/gitaly-backup
gitlab_shell:
path: tmp/tests/gitlab-shell/
authorized_keys_file: tmp/tests/authorized_keys
issues_tracker:
redmine:
title: "Redmine"
project_url: "http://redmine/projects/:issues_tracker_id"
issues_url: "http://redmine/:project_id/:issues_tracker_id/:id"
new_issue_url: "http://redmine/projects/:issues_tracker_id/issues/new"
jira:
title: "Jira"
url: https://sample_company.atlassian.net
project_key: PROJECT
omniauth:
# enabled: true
allow_single_sign_on: true
external_providers: []
providers:
- { name: 'alicloud',
app_id: 'YOUR_APP_ID',
app_secret: 'YOUR_APP_SECRET' }
- { name: 'github',
app_id: 'YOUR_APP_ID',
app_secret: 'YOUR_APP_SECRET',
url: "https://github.com/",
verify_ssl: false,
args: { scope: 'user:email' } }
- { name: 'bitbucket',
app_id: 'YOUR_APP_ID',
app_secret: 'YOUR_APP_SECRET' }
- { name: 'gitlab',
app_id: 'YOUR_APP_ID',
app_secret: 'YOUR_APP_SECRET',
args: { scope: 'api' } }
- { name: 'google_oauth2',
app_id: 'YOUR_APP_ID',
app_secret: 'YOUR_APP_SECRET',
args: { access_type: 'offline', approval_prompt: '' } }
- { name: 'jwt',
app_secret: 'YOUR_APP_SECRET',
args: {
algorithm: 'HS256',
uid_claim: 'email',
required_claims: ["name", "email"],
info_map: { name: "name", email: "email" },
auth_url: 'https://example.com/',
valid_within: null,
}
}
- { name: 'auth0',
args: {
client_id: 'YOUR_AUTH0_CLIENT_ID',
client_secret: 'YOUR_AUTH0_CLIENT_SECRET',
domain: 'YOUR_AUTH0_DOMAIN',
scope: 'openid profile email' } }
- { name: 'salesforce',
app_id: 'YOUR_CLIENT_ID',
app_secret: 'YOUR_CLIENT_SECRET'
}
- { name: 'atlassian_oauth2',
app_id: 'YOUR_CLIENT_ID',
app_secret: 'YOUR_CLIENT_SECRET',
args: { scope: 'offline_access read:jira-user read:jira-work', prompt: 'consent' }
}
ldap:
enabled: false
servers:
main:
label: ldap
host: 127.0.0.1
port: 3890
uid: 'uid'
encryption: 'plain' # "start_tls" or "simple_tls" or "plain"
base: 'dc=example,dc=com'
user_filter: ''
group_base: 'ou=groups,dc=example,dc=com'
admin_group: ''
prometheus:
enabled: true
server_address: 'localhost:9090'

330
gems/gitlab-backup-cli/spec/gitlab/backup/cli/source_context_spec.rb Normal file
View File

@ -0,0 +1,330 @@
# frozen_string_literal: true
require 'spec_helper'
RSpec.describe Gitlab::Backup::Cli::SourceContext do
subject(:context) { described_class.new }
let(:fake_gitlab_basepath) { Pathname.new(Dir.mktmpdir('gitlab', temp_path)) }
before do
allow(context).to receive(:gitlab_basepath).and_return(fake_gitlab_basepath)
FileUtils.mkdir fake_gitlab_basepath.join('config')
end
after do
fake_gitlab_basepath.rmtree
end
describe '#gitlab_version' do
it 'returns the GitLab version from the VERSION file' do
version_fixture = fixtures_path.join('VERSION')
FileUtils.copy(version_fixture, fake_gitlab_basepath)
expect(context.gitlab_version).to eq('17.0.3-ee')
end
end
describe '#backup_basedir' do
context 'with a relative path configured in gitlab.yml' do
it 'returns a full path based on gitlab basepath' do
use_gitlab_config_fixture('gitlab.yml')
expect(context.backup_basedir).to eq(fake_gitlab_basepath.join('tmp/tests/backups'))
end
end
context 'with full path configure in gitlab.yml' do
it 'returns a full path as configured in gitlab.yml' do
use_gitlab_config_fixture('gitlab-relativepaths.yml')
expect(context.backup_basedir).to eq(Pathname('/tmp/gitlab/full/backups'))
end
end
end
describe '#ci_builds_path' do
context 'with a missing configuration value' do
it 'returns the default value in full path' do
use_gitlab_config_fixture('gitlab-missingconfigs.yml')
expect(context.ci_builds_path).to eq(fake_gitlab_basepath.join('builds'))
end
end
context 'with a relative path configured in gitlab.yml' do
it 'returns a full path based on gitlab basepath' do
use_gitlab_config_fixture('gitlab-relativepaths.yml')
expect(context.ci_builds_path).to eq(fake_gitlab_basepath.join('tests/builds'))
end
end
context 'with a full path configured in gitlab.yml' do
it 'returns a full path as configured in gitlab.yml' do
use_gitlab_config_fixture('gitlab.yml')
expect(context.ci_builds_path).to eq(Pathname('/tmp/gitlab/full/builds'))
end
end
end
describe '#ci_jobs_artifacts_path' do
context 'with a missing configuration value' do
it 'returns the default value in full path' do
use_gitlab_config_fixture('gitlab-missingconfigs.yml')
expect(context.ci_job_artifacts_path).to eq(fake_gitlab_basepath.join('test-shared/artifacts'))
end
end
context 'with a relative path configured in gitlab.yml' do
it 'returns a full path based on gitlab basepath' do
use_gitlab_config_fixture('gitlab-relativepaths.yml')
expect(context.ci_job_artifacts_path).to eq(fake_gitlab_basepath.join('tmp/tests/artifacts'))
end
end
context 'with a full path configured in gitlab.yml' do
it 'returns a full path as configured in gitlab.yml' do
use_gitlab_config_fixture('gitlab.yml')
expect(context.ci_job_artifacts_path).to eq(Pathname('/tmp/gitlab/full/artifacts'))
end
end
end
describe '#ci_secure_files_path' do
context 'with a missing configuration value' do
it 'returns the default value in full path' do
use_gitlab_config_fixture('gitlab-missingconfigs.yml')
expect(context.ci_secure_files_path).to eq(fake_gitlab_basepath.join('test-shared/ci_secure_files'))
end
end
context 'with a relative path configured in gitlab.yml' do
it 'returns a full path based on gitlab basepath' do
use_gitlab_config_fixture('gitlab-relativepaths.yml')
expect(context.ci_secure_files_path).to eq(fake_gitlab_basepath.join('tmp/tests/ci_secure_files'))
end
end
context 'with a full path configured in gitlab.yml' do
it 'returns a full path as configured in gitlab.yml' do
use_gitlab_config_fixture('gitlab.yml')
expect(context.ci_secure_files_path).to eq(Pathname('/tmp/gitlab/full/ci_secure_files'))
end
end
end
describe '#ci_lfs_path' do
context 'with a missing configuration value' do
it 'returns the default value in full path' do
use_gitlab_config_fixture('gitlab-missingconfigs.yml')
expect(context.ci_lfs_path).to eq(fake_gitlab_basepath.join('test-shared/lfs-objects'))
end
end
context 'with a relative path configured in gitlab.yml' do
it 'returns a full path based on gitlab basepath' do
use_gitlab_config_fixture('gitlab-relativepaths.yml')
expect(context.ci_lfs_path).to eq(fake_gitlab_basepath.join('tmp/tests/lfs-objects'))
end
end
context 'with a full path configured in gitlab.yml' do
it 'returns a full path as configured in gitlab.yml' do
use_gitlab_config_fixture('gitlab.yml')
expect(context.ci_lfs_path).to eq(Pathname('/tmp/gitlab/full/lfs-objects'))
end
end
end
describe '#packages_path' do
context 'with a missing configuration value' do
it 'returns the default value in full path' do
use_gitlab_config_fixture('gitlab-missingconfigs.yml')
expect(context.packages_path).to eq(fake_gitlab_basepath.join('test-shared/packages'))
end
end
context 'with a relative path configured in gitlab.yml' do
it 'returns a full path based on gitlab basepath' do
use_gitlab_config_fixture('gitlab-relativepaths.yml')
expect(context.packages_path).to eq(fake_gitlab_basepath.join('tmp/tests/packages'))
end
end
context 'with a full path configured in gitlab.yml' do
it 'returns a full path as configured in gitlab.yml' do
use_gitlab_config_fixture('gitlab.yml')
expect(context.packages_path).to eq(Pathname('/tmp/gitlab/full/packages'))
end
end
end
describe '#pages_path' do
context 'with a missing configuration value' do
it 'returns the default value in full path' do
use_gitlab_config_fixture('gitlab-missingconfigs.yml')
expect(context.pages_path).to eq(fake_gitlab_basepath.join('test-shared/pages'))
end
end
context 'with a relative path configured in gitlab.yml' do
it 'returns a full path based on gitlab basepath' do
use_gitlab_config_fixture('gitlab-relativepaths.yml')
expect(context.pages_path).to eq(fake_gitlab_basepath.join('tmp/tests/pages'))
end
end
context 'with a full path configured in gitlab.yml' do
it 'returns a full path as configured in gitlab.yml' do
use_gitlab_config_fixture('gitlab.yml')
expect(context.pages_path).to eq(Pathname('/tmp/gitlab/full/pages'))
end
end
end
describe '#registry_path' do
context 'with a missing configuration value' do
it 'returns the default value in full path' do
use_gitlab_config_fixture('gitlab-missingconfigs.yml')
expect(context.registry_path).to eq(fake_gitlab_basepath.join('test-shared/registry'))
end
end
context 'with a relative path configured in gitlab.yml' do
it 'returns a full path based on gitlab basepath' do
use_gitlab_config_fixture('gitlab-relativepaths.yml')
expect(context.registry_path).to eq(fake_gitlab_basepath.join('tmp/tests/registry'))
end
end
context 'with a full path configured in gitlab.yml' do
it 'returns a full path as configured in gitlab.yml' do
use_gitlab_config_fixture('gitlab.yml')
expect(context.registry_path).to eq(Pathname('/tmp/gitlab/full/registry'))
end
end
end
describe '#terraform_state_path' do
context 'with a missing configuration value' do
it 'returns the default value in full path' do
use_gitlab_config_fixture('gitlab-missingconfigs.yml')
expect(context.terraform_state_path).to eq(fake_gitlab_basepath.join('test-shared/terraform_state'))
end
end
context 'with a relative path configured in gitlab.yml' do
it 'returns a full path based on gitlab basepath' do
use_gitlab_config_fixture('gitlab-relativepaths.yml')
expect(context.terraform_state_path).to eq(fake_gitlab_basepath.join('tmp/tests/terraform_state'))
end
end
context 'with a full path configured in gitlab.yml' do
it 'returns a full path as configured in gitlab.yml' do
use_gitlab_config_fixture('gitlab.yml')
expect(context.terraform_state_path).to eq(Pathname('/tmp/gitlab/full/terraform_state'))
end
end
end
describe '#upload_path' do
context 'with a missing configuration value' do
it 'returns the default value in full path' do
use_gitlab_config_fixture('gitlab-missingconfigs.yml')
expect(context.upload_path).to eq(fake_gitlab_basepath.join('public/uploads'))
end
end
context 'with a relative path configured in gitlab.yml' do
it 'returns a full path based on gitlab basepath' do
use_gitlab_config_fixture('gitlab-relativepaths.yml')
expect(context.upload_path).to eq(fake_gitlab_basepath.join('tmp/tests/public/uploads'))
end
end
context 'with a full path configured in gitlab.yml' do
it 'returns a full path as configured in gitlab.yml' do
use_gitlab_config_fixture('gitlab.yml')
expect(context.upload_path).to eq(Pathname('/tmp/gitlab/full/public/uploads'))
end
end
end
describe '#env' do
it 'returns content from RAILS_ENV when its defined' do
stub_const('ENV', { 'RAILS_ENV' => 'railstest', 'RACK_ENV' => 'racktest' })
expect(context.env).to eq('railstest')
end
it 'returns content from RACK_ENV when its the next one defined' do
stub_const('ENV', { 'RACK_ENV' => 'racktest' })
expect(context.env).to eq('racktest')
end
it 'returns the default value when no other ENV is defined' do
stub_const('ENV', {})
expect(context.env).to eq('development')
end
end
describe '#gitlab_shared_path' do
context 'with shared path not configured in gitlab.yml' do
it 'returns the default value' do
FileUtils.touch(fake_gitlab_basepath.join('config/gitlab.yml'))
expect(context.send(:gitlab_shared_path)).to eq(Pathname('shared'))
end
end
context 'with shared path configured in gitlab.yml' do
it 'returns a relative path' do
use_gitlab_config_fixture('gitlab-relativepaths.yml')
expect(context.send(:gitlab_shared_path)).to eq(Pathname('shared-tests'))
end
end
context 'with a full path configured in gitlab.yml' do
it 'returns a full path as configured in gitlab.yml' do
use_gitlab_config_fixture('gitlab.yml')
expect(context.send(:gitlab_shared_path)).to eq(Pathname('/tmp/gitlab/full/shared'))
end
end
end
def use_gitlab_config_fixture(fixture)
gitlab_yml_fixture = fixtures_path.join(fixture)
FileUtils.copy(gitlab_yml_fixture, fake_gitlab_basepath.join('config/gitlab.yml'))
end
end

2
gems/gitlab-backup-cli/spec/spec_helper.rb
View File

@ -7,6 +7,8 @@ require 'fileutils'
require 'factory_bot'
require 'gitlab/rspec/next_instance_of'
ENV["RAILS_ENV"] ||= "test"
# Load spec support code
Dir['spec/support/**/*.rb'].each { |f| load f }