Kubeclient uses rest-client. We hack into to access the net/http object
so that we can patch to connect to the resolved IP + set
hostname_override.
Add specs for discord. The discord integration also uses rest-client, so
since we patched rest-client, spec that the DNS rebinding protection
works
- Add mail interceptor the signs outgoing email with SMIME
- Add lib and helpers to work with SMIME data
- New configuration params for setting up SMIME key and cert files
The circuit breaker itself got removed a while ago, when that happened
some parts got left behind. Using grep old stale settings and
validations were found and are now removed.
Storing this key in secrets.yml was a bad idea,
it would require users using HA setups to manually
replicate secrets across nodes during update,
it also needed support from omnibus package
* Revert "Generate Let's Encrypt private key"
This reverts commit 444959bfa0.
* Add Let's Encrypt private key to settings
as encrypted attribute
* Generate Let's Encrypt private key
in database migration
Updates specs to use new rails5 format.
The old format:
`get :show, { some: params }, { some: headers }`
The new format:
`get :show, params: { some: params }, headers: { some: headers }`
The Correlation ID is taken or generated from received X-Request-ID.
Then it is being passed to all executed services (sidekiq workers
or gitaly calls).
The Correlation ID is logged in all structured logs as `correlation_id`.
If the EncryptColumns background migration runs in a sidekiq with a
stale view of the database schema, or when the purported destination
columns don't actually exist, data loss can result. Attempt to work
around these issues by reloading schema information before running
the migration, and raising errors if the model reports that any of its
source or destination columns are missing.
Fixes that make this work:
* A change in Ruby (ce635262f5)
requires passing in the exact required length for OpenSSL keys and IVs.
* Ensure the secrets.yml is generated before any prepended modules are
loaded. This is done by renaming the `secret_token.rb` initializer to
`01_secret_token.rb`, which is a bit ugly but involves the least impact on
other files.
Besides improving the error message to specify what exactly you
need to do to solve the error, we now don't skip all storage
validations on the test environment, so that you also get a nice error
message if you're running tests. Now if conditions are met to skip
valitaions (test env or env variable) we still make sure the settings
_look_ sane, we just skip verifying the paths exists and meet the given
conditions.
GitLab Release Tools Bot
Brett Walker
Thong Kuah
Diego Louzán
Zeger-Jan van de Weg
Vladimir Shushlin
Stan Hu
Douwe Maan
Lin Jen-Shin
blackst0ne
Kamil Trzciński
Nick Thomas
Takuya Noguchi
Jacob Vosmaer (GitLab)
Francisco Javier López
Sean McGivern
Mario de la Ossa
Achilleas Pipinellis
Pawel Chojnacki
Bob Van Landuyt
Markus Koller
Robin Bobbitt
Michael Kozono
Bob Van Landuyt
Rémy Coutable
Sean McGivern
mhasbini
Alejandro Rodríguez