debian-mirror-gitlab/lib/tasks/gitlab/shell.rake

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

135 lines
4 KiB
Ruby
Raw Normal View History

2021-03-11 19:13:27 +05:30
# frozen_string_literal: true
2014-09-02 18:07:02 +05:30
namespace :gitlab do
namespace :shell do
2020-03-13 15:44:24 +05:30
desc "GitLab | Shell | Install or upgrade gitlab-shell"
2018-03-17 18:26:18 +05:30
task :install, [:repo] => :gitlab_environment do |t, args|
2014-09-02 18:07:02 +05:30
warn_user_is_not_gitlab
2015-04-26 12:48:37 +05:30
default_version = Gitlab::Shell.version_required
2017-08-17 22:00:37 +05:30
args.with_defaults(repo: 'https://gitlab.com/gitlab-org/gitlab-shell.git')
2014-09-02 18:07:02 +05:30
2015-04-26 12:48:37 +05:30
gitlab_url = Gitlab.config.gitlab.url
2014-09-02 18:07:02 +05:30
# gitlab-shell requires a / at the end of the url
2015-04-26 12:48:37 +05:30
gitlab_url += '/' unless gitlab_url.end_with?('/')
2014-09-02 18:07:02 +05:30
target_dir = Gitlab.config.gitlab_shell.path
2020-05-24 23:13:21 +05:30
checkout_or_clone_version(version: default_version, repo: args.repo, target_dir: target_dir, clone_opts: %w[--depth 1])
2014-09-02 18:07:02 +05:30
# Make sure we're on the right tag
Dir.chdir(target_dir) do
config = {
2017-08-17 22:00:37 +05:30
user: Gitlab.config.gitlab.user,
2014-09-02 18:07:02 +05:30
gitlab_url: gitlab_url,
2017-08-17 22:00:37 +05:30
auth_file: File.join(user_home, ".ssh", "authorized_keys"),
2014-09-02 18:07:02 +05:30
log_level: "INFO",
audit_usernames: false
}.stringify_keys
# Generate config.yml based on existing gitlab settings
2022-08-27 11:52:29 +05:30
File.open("config.yml", "w+") { |f| f.puts config.to_yaml }
2014-09-02 18:07:02 +05:30
2017-08-17 22:00:37 +05:30
[
%w(bin/install) + repository_storage_paths_args,
2019-12-26 22:10:19 +05:30
%w(make build)
2017-08-17 22:00:37 +05:30
].each do |cmd|
unless Kernel.system(*cmd)
raise "command failed: #{cmd.join(' ')}"
end
end
2014-09-02 18:07:02 +05:30
end
2016-11-03 12:29:30 +05:30
Gitlab::Shell.ensure_secret_token!
2014-09-02 18:07:02 +05:30
end
2020-03-13 15:44:24 +05:30
desc "GitLab | Shell | Setup gitlab-shell"
2018-03-17 18:26:18 +05:30
task setup: :gitlab_environment do
2014-09-02 18:07:02 +05:30
setup
end
2020-03-13 15:44:24 +05:30
desc "GitLab | Shell | Build missing projects"
2018-03-17 18:26:18 +05:30
task build_missing_projects: :gitlab_environment do
2014-09-02 18:07:02 +05:30
Project.find_each(batch_size: 1000) do |project|
2015-04-26 12:48:37 +05:30
path_to_repo = project.repository.path_to_repo
2016-09-13 17:45:13 +05:30
if File.exist?(path_to_repo)
2014-09-02 18:07:02 +05:30
print '-'
else
2018-05-09 12:01:36 +05:30
if Gitlab::Shell.new.create_repository(project.repository_storage,
2017-09-10 17:25:29 +05:30
project.disk_path)
2014-09-02 18:07:02 +05:30
print '.'
else
print 'F'
end
end
end
end
end
def setup
warn_user_is_not_gitlab
2018-12-05 23:21:45 +05:30
ensure_write_to_authorized_keys_is_enabled
2014-09-02 18:07:02 +05:30
unless ENV['force'] == 'yes'
2018-12-05 23:21:45 +05:30
puts "This task will now rebuild the authorized_keys file."
puts "You will lose any data stored in the authorized_keys file."
2014-09-02 18:07:02 +05:30
ask_to_continue
puts ""
end
2020-04-08 14:13:33 +05:30
authorized_keys = Gitlab::AuthorizedKeys.new
authorized_keys.clear
2014-09-02 18:07:02 +05:30
2019-07-07 11:18:12 +05:30
Key.find_in_batches(batch_size: 1000) do |keys|
2020-04-08 14:13:33 +05:30
unless authorized_keys.batch_add_keys(keys)
2019-07-07 11:18:12 +05:30
puts "Failed to add keys...".color(:red)
exit 1
2014-09-02 18:07:02 +05:30
end
end
rescue Gitlab::TaskAbortedByUserError
puts "Quitting...".color(:red)
2014-09-02 18:07:02 +05:30
exit 1
end
2018-12-05 23:21:45 +05:30
def ensure_write_to_authorized_keys_is_enabled
2020-04-08 14:13:33 +05:30
return if Gitlab::CurrentSettings.authorized_keys_enabled?
2018-12-05 23:21:45 +05:30
puts authorized_keys_is_disabled_warning
unless ENV['force'] == 'yes'
puts 'Do you want to permanently enable the "Write to authorized_keys file" setting now?'
ask_to_continue
end
puts 'Enabling the "Write to authorized_keys file" setting...'
2020-04-08 14:13:33 +05:30
Gitlab::CurrentSettings.update!(authorized_keys_enabled: true)
2018-12-05 23:21:45 +05:30
puts 'Successfully enabled "Write to authorized_keys file"!'
puts ''
end
def authorized_keys_is_disabled_warning
<<-MSG.strip_heredoc
WARNING
The "Write to authorized_keys file" setting is disabled, which prevents
the file from being rebuilt!
It should be enabled for most GitLab installations. Large installations
may wish to disable it as part of speeding up SSH operations.
See https://docs.gitlab.com/ee/administration/operations/fast_ssh_key_lookup.html
If you did not intentionally disable this option in Admin Area > Settings,
then you may have been affected by the 9.3.0 bug in which the new setting
was disabled by default.
2019-12-04 20:38:33 +05:30
https://gitlab.com/gitlab-org/gitlab/issues/2738
2018-12-05 23:21:45 +05:30
It was reverted in 9.3.1 and fixed in 9.3.3, however, if Settings were
saved while the setting was unchecked, then it is still disabled.
MSG
end
2014-09-02 18:07:02 +05:30
end