Commit 8b0e73ec authored by Yorick Peterse's avatar Yorick Peterse

Merge branch 'master' into 8-8-stable-ee

parents e6bbf577 bf7efbbd
......@@ -85,6 +85,7 @@ v 8.7.4
- Running rake gitlab:db:drop_tables now drops tables with cascade !4020
- Running rake gitlab:db:drop_tables uses "IF EXISTS" as a precaution !4100
- Use a case-insensitive comparison in sanitizing URI schemes
- Bump GitLab Pages to 0.2.4 to fix Content-Type for predefined 404
v 8.7.3
- Emails, Gitlab::Email::Message, Gitlab::Diff, and Premailer::Adapter::Nokogiri are now instrumented
......@@ -4,9 +4,13 @@ v 8.8.0 (unreleased)
- [Elastic] Database indexer prints its status
- [Elastic][Fix] Database indexer skips projects with invalid HEAD reference
- Fix skipping pages when restoring backups
- Add EE license via API !400
- [Elastic] More efficient snippets search
- [Elastic] Add rake task for removing all indexes
- [Elastic] Add rake task for clearing indexing status
- [Elastic] Improve code search
- [Elastic] Fix encoding issues during indexing
- Warn admin if current active count exceeds license
- Set KRB5 as default clone protocol when Kerberos is enabled and user is logged in (Borja Aparicio)
- Reduce emails-on-push HTML size by using a simple monospace font
- API requests to /internal/authorized_keys are now tagged properly
......@@ -102,7 +102,7 @@ gem "seed-fu", '~> 2.3.5'
# Search
gem 'elasticsearch-model'
gem 'elasticsearch-rails'
gem 'gitlab-elasticsearch-git', '~> 0.0.12', require: "elasticsearch/git"
gem 'gitlab-elasticsearch-git', '~> 0.0.14', require: "elasticsearch/git"
# Markdown and HTML processing
gem 'html-pipeline', '~> 1.11.0'
......@@ -352,14 +352,14 @@ GEM
mime-types (>= 1.19)
rugged (>= 0.24.0b13)
github-markup (1.3.3)
gitlab-elasticsearch-git (0.0.12)
gitlab-elasticsearch-git (0.0.14)
activemodel (~> 4.2)
activesupport (~> 4.2)
charlock_holmes (~> 0.7)
elasticsearch-api (~> 1.0)
elasticsearch-model (~> 0.1.8)
github-linguist (~> 4.7)
rugged (~> 0.24.0b13)
rugged (~> 0.24)
gitlab-flowdock-git-hook (1.0.1)
flowdock (~> 0.7)
gitlab-grit (>= 2.4.1)
......@@ -965,7 +965,7 @@ DEPENDENCIES
gemnasium-gitlab-service (~> 0.2)
github-linguist (~> 4.7.0)
github-markup (~> 1.3.1)
gitlab-elasticsearch-git (~> 0.0.12)
gitlab-elasticsearch-git (~> 0.0.14)
gitlab-flowdock-git-hook (~> 1.0.1)
gitlab-license (~> 0.0.4)
gitlab_emoji (~> 0.3.0)
module LicenseHelper
def current_active_user_count
def license_message(signed_in: signed_in?, is_admin: (current_user && current_user.is_admin?))
@license_message ||=
if License.current
......@@ -33,13 +37,15 @@ module LicenseHelper
return unless signed_in
return unless (license.notify_admins? && is_admin) || license.notify_users?
return unless ((license.notify_admins? || license.warn_upgrade_license_message?) && is_admin) || license.notify_users?
message = []
unless license.warn_upgrade_license_message?
message << "The GitLab Enterprise Edition license"
message << (license.expired? ? "expired" : "will expire")
message << "on #{license.expires_at}."
if license.expired? && license.will_block_changes?
message << "Pushing code and creation of issues and merge requests"
......@@ -50,7 +56,6 @@ module LicenseHelper
"will be disabled on #{license.block_changes_at}."
message <<
if is_admin
......@@ -62,6 +67,13 @@ module LicenseHelper
message << "to"
message << (license.block_changes? ? "restore" : "ensure uninterrupted")
message << "service."
elsif license.warn_upgrade_license_message?
message << "Your GitLab license currently covers #{license.user_count}"
message << "users, but it looks like your site has grown to"
message << "#{current_active_user_count} users. Please contact"
message << " to increase the seats on your license."
message << "Thank you for choosing GitLab."
message.join(" ")
......@@ -66,6 +66,7 @@ module Emails
# used in notify layout
@target_url = @message.target_url
@project = Project.find(project_id)
@diff_notes_disabled = true
......@@ -86,6 +86,24 @@ class License < ActiveRecord::Base
add_ons[code].to_i > 0
def user_count
return unless self.license? && self.restricted?(:active_user_count)
def warn_upgrade_license_message?
restricted_user_count = user_count
return unless restricted_user_count
return false unless >= self.starts_at + 3.months
active_user_count =
restricted_user_count && active_user_count > restricted_user_count
def reset_current
......@@ -103,9 +121,9 @@ class License < ActiveRecord::Base
def active_user_count
return unless self.license? && self.restricted?(:active_user_count)
restricted_user_count = user_count
restricted_user_count = self.restrictions[:active_user_count]
return unless restricted_user_count
date_range = (self.starts_at - 1.year)..self.starts_at
active_user_count = HistoricalData.during(date_range).maximum(:active_user_count) || 0
- page_title "Git Hooks"
Git hooks
Rules that define what git pushes are accepted for this project. Request new rules for free by creating an issue on the <a href="">GitLab EE issue tracker</a> and labeling it 'Feature proposal'. Or if you can please contribute a tested merge request.
= page_title
Git Hooks outline what is accepted for this project. You can request new rules (for free) by creating an issue on our
= succeed '.' do
%a{ href: "" }GitLab EE issue tracker
Alternatively, submit a merge request to GitLab EE.
Add new web hook
= form_for [@project.namespace.becomes(Namespace), @project, @git_hook] do |f|
= form_errors(@git_hook)
= form_for [@project.namespace.becomes(Namespace), @project, @git_hook], html: { class: 'form-horizontal' } do |f|
-if @git_hook.errors.any?
- @git_hook.errors.full_messages.each do |msg|
%p= msg
= render "shared/git_hooks_form", f: f
= f.label :deny_delete_tag do
= f.check_box :deny_delete_tag
= f.check_box :deny_delete_tag, class: "pull-left"
= f.label :deny_delete_tag, class: "label-light append-bottom-0" do
Do not allow users to remove git tags with
%code git push
.help-block Tags can still be deleted through the web UI.
Tags can still be deleted through the web UI.
= f.label :member_check do
= f.check_box :member_check
Check whether author is a GitLab user
.help-block Restrict commits by author (email) to existing GitLab users
= f.check_box :member_check, class: "pull-left"
= f.label :member_check, "Check whether author is a GitLab user", class: "label-light append-bottom-0"
Restrict commits by author (email) to existing GitLab users
= f.label :commit_message_regex, "Commit message", class: 'control-label'
= f.label :commit_message_regex, "Commit message", class: 'label-light'
= f.text_field :commit_message_regex, class: "form-control", placeholder: 'Example: Fixes \d+\..*'
All commit messages must match this
......@@ -29,8 +25,7 @@
For example you can require that an issue number is always mentioned in the commit message.
= f.label :author_email_regex, "Commit author's email", class: 'control-label'
= f.label :author_email_regex, "Commit author's email", class: 'label-light'
= f.text_field :author_email_regex, class: "form-control", placeholder: 'Example: Fixes$'
All commit author's email must match this
......@@ -39,8 +34,7 @@
If this field is empty it allows any email.
= f.label :file_name_regex, "Prohibited file names", class: 'control-label'
= f.label :file_name_regex, "Prohibited file names", class: 'label-light'
= f.text_field :file_name_regex, class: "form-control", placeholder: 'Example: (jar|exe)$'
All commited filenames must not match this
......@@ -49,12 +43,10 @@
If this field is empty it allows any filenames.
= f.label :max_file_size, "Maximum file size (MB)", class: 'control-label'
= f.label :max_file_size, "Maximum file size (MB)", class: 'label-light'
= f.number_field :max_file_size, class: "form-control", min: 0
Pushes that contain added or updated files that exceed this file size are rejected.
Set to 0 to allow files of any size.
= f.submit "Save Git hooks", class: "btn btn-create"
= f.submit "Save Git hooks", class: "btn btn-create"
......@@ -137,6 +137,44 @@ To make sure you didn't miss anything run a more thorough check:
If all items are green, then congratulations, the upgrade is complete!
### 10. Elasticsearch indexes update (if you currently use Elasticsearch)
When index mapping is changed the whole index should be removed and built from the scratch.
1. Delete old indexes:
# Omnibus installations
sudo gitlab-rake gitlab:elastic:delete_indexes
# Installations from source
bundle exec rake gitlab:elastic:delete_indexes
1. Create new, empty indexes:
# Omnibus installations
sudo gitlab-rake gitlab:elastic:create_empty_indexes
# Installations from source
bundle exec rake gitlab:elastic:create_empty_indexes
1. Fill newly created indexes. The following command is acceptable for not very big GitLab instances (storage size no more than few gigabytes)
# Omnibus installations
sudo gitlab-rake gitlab:elastic:index
# Installations from source
bundle exec rake gitlab:elastic:index
If your instance is big we recommend to follow [Add GitLab's data to the Elasticsearch index](../integration/
## Things went south? Revert to previous version (8.6)
### 1. Revert the code to the previous version
......@@ -56,12 +56,12 @@ module API
mount ::API::Settings
mount ::API::Keys
mount ::API::Tags
mount ::API::LicenseInfo
mount ::API::License
mount ::API::Triggers
mount ::API::Builds
mount ::API::Variables
mount ::API::Runners
mount ::API::Licenses
mount ::API::LicenseTemplates
mount ::API::Subscriptions
module API
class License < Grape::API
before { authenticated_as_admin! }
resource :license do
# Get information on the currently active license
# Example request:
# GET /license
get do
license = ::License.current
present license, with: Entities::License
# Add a new license
# Parameters:
# license (required) - The license text
# Example request:
# POST /license
post do
required_attributes! [:license]
license = params[:license])
present license, with: Entities::License
render_api_error!(license.errors.full_messages.first, 400)
module API
class LicenseInfo < Grape::API
before { authenticated_as_admin! }
resource :license do
# Get information on the currently active license
# Example request:
# GET /license
get do
@license = License.current
present @license, with: Entities::License
module API
# Licenses API
class Licenses < Grape::API
class LicenseTemplates < Grape::API
require 'spec_helper'
describe LicenseHelper do
describe '#license_message' do
context 'no license installed' do
before do
expect(License).to receive(:current).and_return(nil)
it 'admin user' do
admin_msg = 'No GitLab Enterprise Edition license has been provided yet. Pushing code and creation of issues and merge requests has been disabled. Upload a license in the admin area to activate this functionality.'
expect(license_message(signed_in: true, is_admin: true)).to eq(admin_msg)
it 'normal user' do
user_msg = 'No GitLab Enterprise Edition license has been provided yet. Pushing code and creation of issues and merge requests has been disabled. Ask an admin to upload a license to activate this functionality.'
expect(license_message(signed_in: true, is_admin: false)).to eq(user_msg)
context 'license available' do
let(:license) { create(:license) }
before do
allow(License).to receive(:current).and_return(license)
it 'warn for overusage' do
allow(license).to receive(:starts_at).and_return( - 3.months)
allow(license).to receive(:expired?).and_return(false)
allow(license).to receive(:restricted?).and_return(true)
allow(license).to receive(:notify_admins?).and_return(true)
allow(license).to receive(:restrictions).and_return({ active_user_count: 50 })
allow(User).to receive(:active).and_return(
warn_msg = 'Your GitLab license currently covers 50 users, but it looks like your site has grown to 100 users. Please contact to increase the seats on your license. Thank you for choosing GitLab.'
expect(license_message(signed_in: true, is_admin: true)).to eq(warn_msg)
......@@ -24,4 +24,29 @@ describe API::API, api: true do
expect(response.status).to eq 403
describe 'POST /license' do
it 'adds a new license if admin is logged in' do
post api('/license', admin), license: gl_license.export
expect(response.status).to eq 201
expect(json_response['user_limit']).to eq 0
expect(Date.parse(json_response['starts_at'])).to eq - 1.month
expect(Date.parse(json_response['expires_at'])).to eq + 11.months
expect(json_response['active_users']).to eq 1
expect(json_response['licensee']).to_not be_empty
it 'denies access if not admin' do
post api('/license', user), license: license
expect(response.status).to eq 403
it 'returns 400 if the license cannot be saved' do
post api('/license', admin), license: 'foo'
expect(response.status).to eq(400)
require 'spec_helper'
describe API::Licenses, api: true do
describe API::API, api: true do
include ApiHelpers
describe 'Entity' do
