Merge branch 'ce-7-6' into 'master'

Changes from CE 7.6 See merge request !270

Merge branch 'ce-7-6' into 'master'
Changes from CE 7.6 See merge request !270
db49b2d8 · Dmitriy Zaporozhets · 7b928de0 · dc0e6d06 · db49b2d8 · db49b2d8
Commit db49b2d8 authored Dec 16, 2014 by Dmitriy Zaporozhets
17 changed files
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -3,25 +3,24 @@ v 7.6.0
  - New rugged version
  - Add CRON=1 backup setting for quiet backups
  - Fix failing wiki restore
-  -
  - Add optional Sidekiq MemoryKiller middleware (enabled via SIDEKIQ_MAX_RSS env variable)
-  -
-  -
  - Monokai highlighting style now more faithful to original design (Mark Riedesel)
  - Create project with repository in synchrony
  - Added ability to create empty repo or import existing one if project does not have repository
-  -
-  -
  - Reactivate highlight.js language autodetection
  - Mobile UI improvements
-  -
  - Change maximum avatar file size from 100KB to 200KB
-  -
+  - Strict validation for snippet file names
  - Enable Markdown preview for issues, merge requests, milestones, and notes (Vinnie Okada)
  - In the docker directory is a container template based on the Omnibus packages.
  - Update Sidekiq to version 2.17.8
  - Add author filter to project issues and merge requests pages
  - Atom feed for user activity
+  - Support multiple omniauth providers for the same user
+  - Rendering cross reference in issue title and tooltip for merge request
+  - Show username in comments
+  - Possibility to create Milestones or Labels when Issues are disabled
+  - Fix bug with showing gpg signature in tag
 v 7.5.2
  - Don't log Sidekiq arguments by default

--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -142,3 +142,17 @@ Please ensure you support the feature you contribute through all of these steps.
 1.  [Markdown](http://www.cirosantilli.com/markdown-styleguide)
 This is also the style used by linting tools such as [RuboCop](https://github.com/bbatsov/rubocop), [PullReview](https://www.pullreview.com/) and [Hound CI](https://houndci.com).
+## Code of conduct
+As contributors and maintainers of this project, we pledge to respect all people who contribute through reporting issues, posting feature requests, updating documentation, submitting pull requests or patches, and other activities.
+We are committed to making participation in this project a harassment-free experience for everyone, regardless of level of experience, gender, gender identity and expression, sexual orientation, disability, personal appearance, body size, race, age, or religion.
+Examples of unacceptable behavior by participants include the use of sexual language or imagery, derogatory comments or personal attacks, trolling, public or private harassment, insults, or other unprofessional conduct.
+Project maintainers have the right and responsibility to remove, edit, or reject comments, commits, code, wiki edits, issues, and other contributions that are not aligned to this Code of Conduct. Project maintainers who do not follow the Code of Conduct may be removed from the project team.
+Instances of abusive, harassing, or otherwise unacceptable behavior can be
+reported by emailing contact@gitlab.com
+This Code of Conduct is adapted from the [Contributor Covenant](http:contributor-covenant.org), version 1.0.0, available at [http://contributor-covenant.org/version/1/0/0/](http://contributor-covenant.org/version/1/0/0/)
--- a/PROCESS.md
+++ b/PROCESS.md
@@ -104,3 +104,10 @@ This merge request has been closed because a request for more information has no
 ### Accepting merge requests
 Is there a request on [the feature request forum](http://feedback.gitlab.com/forums/176466-general) that is similar to this? If so, can you make a comment with a link to it? Please be aware that new functionality that is not marked [accepting merge/pull requests](http://feedback.gitlab.com/forums/176466-general/status/796455) on the forum might not make it into GitLab. You might be asked to make changes and even after implementing them your feature might still be declined. If you want to reduce the chance of this happening please have a discussion in the forum first.
+### Only accepting merge requests with green tests
+We can only accept a merge request if all the tests are green. I've just
+restarted the build. When the tests are still not passing after this restart and
+you're sure that is does not have anything to do with your code changes, please
+rebase with master to see if that solves the issue.
--- a/app/controllers/projects/snippets_controller.rb
+++ b/app/controllers/projects/snippets_controller.rb
@@ -68,7 +68,7 @@ class Projects::SnippetsController < Projects::ApplicationController
      @snippet.content,
      type: 'text/plain; charset=utf-8',
      disposition: 'inline',
-      filename: @snippet.file_name
+      filename: @snippet.sanitized_file_name
    )
  end

--- a/app/controllers/snippets_controller.rb
+++ b/app/controllers/snippets_controller.rb
@@ -79,7 +79,7 @@ class SnippetsController < ApplicationController
      @snippet.content,
      type: 'text/plain; charset=utf-8',
      disposition: 'inline',
-      filename: @snippet.file_name
+      filename: @snippet.sanitized_file_name
    )
  end

--- a/app/models/commit.rb
+++ b/app/models/commit.rb
@@ -10,12 +10,12 @@ class Commit
  # Used to prevent 500 error on huge commits by suppressing diff
  #
  # User can force display of diff above this size
-  DIFF_SAFE_FILES  = 100
+  DIFF_SAFE_FILES  = 100 unless defined?(DIFF_SAFE_FILES)
-  DIFF_SAFE_LINES  = 5000
+  DIFF_SAFE_LINES  = 5000 unless defined?(DIFF_SAFE_LINES)
  # Commits above this size will not be rendered in HTML
-  DIFF_HARD_LIMIT_FILES = 1000
+  DIFF_HARD_LIMIT_FILES = 1000 unless defined?(DIFF_HARD_LIMIT_FILES)
-  DIFF_HARD_LIMIT_LINES = 50000
+  DIFF_HARD_LIMIT_LINES = 50000 unless defined?(DIFF_HARD_LIMIT_LINES)
  class << self
    def decorate(commits)

--- a/app/models/note.rb
+++ b/app/models/note.rb
@@ -502,6 +502,6 @@ class Note < ActiveRecord::Base
  end
  def editable?
-    !system
+    !read_attribute(:system)
  end
 end
--- a/app/models/project_wiki.rb
+++ b/app/models/project_wiki.rb
@@ -5,7 +5,7 @@ class ProjectWiki
    'Markdown' => :markdown,
    'RDoc'     => :rdoc,
    'AsciiDoc' => :asciidoc
-  }
+  } unless defined?(MARKUPS)
  class CouldNotCreateWikiError < StandardError; end

--- a/app/models/snippet.rb
+++ b/app/models/snippet.rb
@@ -29,7 +29,9 @@ class Snippet < ActiveRecord::Base
  validates :author, presence: true
  validates :title, presence: true, length: { within: 0..255 }
-  validates :file_name, presence: true, length: { within: 0..255 }
+  validates :file_name, presence: true, length: { within: 0..255 },
+            format: { with: Gitlab::Regex.path_regex,
+                      message: Gitlab::Regex.path_regex_message }
  validates :content, presence: true
  validates :visibility_level, inclusion: { in: Gitlab::VisibilityLevel.values }
@@ -62,6 +64,10 @@ class Snippet < ActiveRecord::Base
    file_name
  end
+  def sanitized_file_name
+    file_name.gsub(/[^a-zA-Z0-9_\-\.]+/, '')
+  end
  def mode
    nil
  end

--- a/doc/install/installation.md
+++ b/doc/install/installation.md
@@ -54,7 +54,7 @@ up-to-date and install it.
 Install the required packages (needed to compile Ruby and native extensions to Ruby gems):
-    sudo apt-get install -y build-essential zlib1g-dev libyaml-dev libssl-dev libgdbm-dev libreadline-dev libncurses5-dev libffi-dev curl openssh-server redis-server checkinstall libxml2-dev libxslt-dev libcurl4-openssl-dev libicu-dev logrotate python-docutils pkg-config cmake
+    sudo apt-get install -y build-essential zlib1g-dev libyaml-dev libssl-dev libgdbm-dev libreadline-dev libncurses5-dev libffi-dev curl openssh-server redis-server checkinstall libxml2-dev libxslt-dev libcurl4-openssl-dev libicu-dev logrotate python-docutils pkg-config cmake libkrb5-dev
 Make sure you have the right version of Git installed

--- a/doc/raketasks/backup_restore.md
+++ b/doc/raketasks/backup_restore.md
@@ -137,7 +137,7 @@ with the name of your bucket:
 Please be informed that a backup does not store your configuration files.
 If you use an Omnibus package please see the [instructions in the readme to backup your configuration](https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/README.md#backup-and-restore-omnibus-gitlab-configuration).
 If you have a cookbook installation there should be a copy of your configuration in Chef.
-If you have a manual installation please consider backing up your gitlab.yml file and any SSL keys and certificates.
+If you have a manual installation please consider backing up your `gitlab.yml` file, any SSL keys and certificates, and your [SSH host keys](https://superuser.com/questions/532040/copy-ssh-keys-from-one-server-to-another-server/532079#532079).
 ## Restore a previously created backup

--- a/doc/update/7.4-to-7.5.md
+++ b/doc/update/7.4-to-7.5.md
@@ -71,21 +71,10 @@ There are new configuration options available for gitlab.yml. View them with the
 git diff origin/7-4-stable:config/gitlab.yml.example origin/7-5-stable:config/gitlab.yml.example
 ```
-#### Change timeout for unicorn
+#### Change Nginx settings
-```
-# set timeout to 60
-sudo -u git -H editor config/unicorn.rb
-```
-#### Change nginx https settings
-* HTTPS setups: Make `/etc/nginx/sites-available/gitlab-ssl` the same as https://gitlab.com/gitlab-org/gitlab-ce/blob/7-5-stable/lib/support/nginx/gitlab-ssl but with your setting
-#### MySQL Databases: Update database.yml config file
-* Add `collation: utf8_general_ci` to config/database.yml as seen in [config/database.yml.mysql](config/database.yml.mysql)
+* HTTP setups: Make `/etc/nginx/sites-available/gitlab` the same as [`lib/support/nginx/gitlab`](/lib/support/nginx/gitlab) but with your settings
+* HTTPS setups: Make `/etc/nginx/sites-available/gitlab-ssl` the same as [`lib/support/nginx/gitlab-ssl`](/lib/support/nginx/gitlab-ssl) but with your setting
 ### 6. Start application
@@ -104,82 +93,6 @@ To make sure you didn't miss anything run a more thorough check with:
 If all items are green, then congratulations upgrade is complete!
-### 8. Optional optimizations for GitLab setups with MySQL databases
-Only applies if running MySQL database created with GitLab 6.7 or earlier. If you are not experiencing any issues you may not need the following instructions however following them will bring your database in line with the latest recommended installation configuration and help avoid future issues. Be sure to follow these directions exactly. These directions should be safe for any MySQL instance but to be sure make a current MySQL database backup beforehand.
-```
-# Stop GitLab
-sudo service gitlab stop
-# Secure your MySQL installation (added in GitLab 6.2)
-sudo mysql_secure_installation
-# Login to MySQL
-mysql -u root -p
-# do not type the 'mysql>', this is part of the prompt
-# Convert all tables to use the InnoDB storage engine (added in GitLab 6.8)
-SELECT CONCAT('ALTER TABLE gitlabhq_production.', table_name, ' ENGINE=InnoDB;') AS 'Copy & run these SQL statements:' FROM information_schema.tables WHERE table_schema = 'gitlabhq_production' AND `ENGINE` <> 'InnoDB' AND `TABLE_TYPE` = 'BASE TABLE';
-# If previous query returned results, copy & run all outputed SQL statements
-# Convert all tables to correct character set
-SET foreign_key_checks = 0;
-SELECT CONCAT('ALTER TABLE gitlabhq_production.', table_name, ' CONVERT TO CHARACTER SET utf8 COLLATE utf8_general_ci;') AS 'Copy & run these SQL statements:' FROM information_schema.tables WHERE table_schema = 'gitlabhq_production' AND `TABLE_COLLATION` <> 'utf8_unicode_ci' AND `TABLE_TYPE` = 'BASE TABLE';
-# If previous query returned results, copy & run all outputed SQL statements
-# turn foreign key checks back on
-SET foreign_key_checks = 1;
-# Find MySQL users
-mysql> SELECT user FROM mysql.user WHERE user LIKE '%git%';
-# If git user exists and gitlab user does not exist
-# you are done with the database cleanup tasks
-mysql> \q
-# If both users exist skip to Delete gitlab user
-# Create new user for GitLab (changed in GitLab 6.4)
-# change $password in the command below to a real password you pick
-mysql> CREATE USER 'git'@'localhost' IDENTIFIED BY '$password';
-# Grant the git user necessary permissions on the database
-mysql> GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, INDEX, ALTER, LOCK TABLES ON `gitlabhq_production`.* TO 'git'@'localhost';
-# Delete the old gitlab user
-mysql> DELETE FROM mysql.user WHERE user='gitlab';
-# Quit the database session
-mysql> \q
-# Try connecting to the new database with the new user
-sudo -u git -H mysql -u git -p -D gitlabhq_production
-# Type the password you replaced $password with earlier
-# You should now see a 'mysql>' prompt
-# Quit the database session
-mysql> \q
-# Update database configuration details
-# See config/database.yml.mysql for latest recommended configuration details
-#   Remove the reaping_frequency setting line if it exists (removed in GitLab 6.8)
-#   Set production -> pool: 10 (updated in GitLab 5.3)
-#   Set production -> username: git
-#   Set production -> password: the password your replaced $password with earlier
-sudo -u git -H editor /home/git/gitlab/config/database.yml
-# Run thorough check
-sudo -u git -H bundle exec rake gitlab:check RAILS_ENV=production
-```
 ## Things went south? Revert to previous version (7.4)
 ### 1. Revert the code to the previous version

--- a/doc/update/7.5-to-7.6.md
+++ b/doc/update/7.5-to-7.6.md
@@ -45,6 +45,8 @@ sudo -u git -H git checkout v2.2.0
 ### 4. Install libs, migrations, etc.
 ```bash
+sudo apt-get install libkrb5-dev
 cd /home/git/gitlab
 # MySQL installations (note: the line below states '--without ... postgres')

--- a/doc/web_hooks/web_hooks.md
+++ b/doc/web_hooks/web_hooks.md
@@ -54,6 +54,29 @@ Triggered when you push to the repository except when pushing tags.
 }
 ```
+## Tag events
+Triggered when you create (or delete) tags to the repository.
+**Request body:**
+```json
+{
+  "ref": "refs/tags/v1.0.0",
+  "before": "0000000000000000000000000000000000000000",
+  "after": "82b3d5ae55f7080f1e6022629cdb57bfae7cccc7",
+  "user_id": 1,
+  "user_name": "John Smith",
+  "project_id": 1,
+  "repository": {
+    "name": "jsmith",
+    "url": "ssh://git@example.com/jsmith/example.git",
+    "description": "",
+    "homepage": "http://example.com/jsmith/example"
+  }
+}
+```
 ## Issues events
 Triggered when a new issue is created or an existing issue was updated/closed/reopened.

--- a/docker/README.md
+++ b/docker/README.md
@@ -39,7 +39,7 @@ After creating this run GitLab:
 sudo docker run --detach --name gitlab_app --publish 8080:80 --publish 2222:22 --volumes-from gitlab_data gitlab_image
 ```
-It might take a while before the docker container is responding to queries. You can follow the configuration process with `docker logs -f gitlab`.
+It might take a while before the docker container is responding to queries. You can follow the configuration process with `docker logs -f gitlab_app`.
 You can then go to `http://localhost:8080/` (or `http://192.168.59.103:8080/` if you use boot2docker).
 You can login with username `root` and password `5iveL!fe`.

--- a/lib/tasks/gitlab/shell.rake
+++ b/lib/tasks/gitlab/shell.rake
@@ -17,15 +17,19 @@ namespace :gitlab do
      # Clone if needed
      unless File.directory?(target_dir)
-        sh(*%W(git clone #{args.repo} #{target_dir}))
+        system(*%W(git clone -- #{args.repo} #{target_dir}))
      end
      # Make sure we're on the right tag
      Dir.chdir(target_dir) do
        # First try to checkout without fetching
        # to avoid stalling tests if the Internet is down.
-        reset = "git reset --hard $(git describe #{args.tag} || git describe origin/#{args.tag})"
+        reseted = reset_to_commit(args)
-        sh "#{reset} || git fetch origin && #{reset}"
+        unless reseted
+          system(*%W(git fetch origin))
+          reset_to_commit(args)
+        end
        config = {
          user: user,
@@ -54,7 +58,7 @@ namespace :gitlab do
        File.open("config.yml", "w+") {|f| f.puts config.to_yaml}
        # Launch installation process
-        sh "bin/install"
+        system(*%W(bin/install))
      end
      # Required for debian packaging with PKGR: Setup .ssh/environment with
@@ -118,5 +122,16 @@ namespace :gitlab do
    puts "Quitting...".red
    exit 1
  end
+  def reset_to_commit(args)
+    tag, status = Gitlab::Popen.popen(%W(git describe -- #{args.tag}))
+    unless status.zero?
+      tag, status = Gitlab::Popen.popen(%W(git describe -- origin/#{args.tag}))
+    end
+    tag = tag.strip
+    system(*%W(git reset --hard #{tag}))
+  end
 end
--- a/spec/factories.rb
+++ b/spec/factories.rb
@@ -5,10 +5,14 @@ FactoryGirl.define do
    Faker::Lorem.sentence
  end
-  sequence :name, aliases: [:file_name] do
+  sequence :name do
    Faker::Name.name
  end
+  sequence :file_name do
+    Faker::Internet.user_name
+  end
  sequence(:url) { Faker::Internet.uri('http') }
  factory :user, aliases: [:author, :assignee, :owner, :creator] do