This introduces `#run_thread` method.

The `#start_working` is executed in lock context,
the same as `#stop_working`. This allows safe
initialisation of resources before `#run_thread`
consumes them.

This was never finished and not in use, see
gitlab-org/omnibus-gitlab/merge_requests/3444#note_194217889 for more
details.

Done as part of https://gitlab.com/gitlab-org/gitlab/issues/28781 in
order to simplify Pages related code.

This allows to export /metrics
directly from the master process
instead of exporting from worker process.

Add rake tasksto install golang indexer for installation from source

This will allow to use a SubjectAlternateName (SAN) to identify the
user of the certificate, by matching a SAN entry from the it, that
contains at least the RFC822Name (email of the user) and an
uniformResourceIdentifier (URI).

Like:
`subjectAltName=email:some@email.com,URI:https://gitlab.email.com`

In this case the URI is the fully qualified name used for the GitLab
instance and the email is the identity of the user within the instance.

JSON logs include arguments by default, and they're easier to
parse/filter.

Basic `/internal/pages` endpoint that will be used for Pages virtual
domains internal API. The endpoint is currently behind feature flag and
provides authetication similar to how Workhorse is authenticating with
the GitLab.

allow_bypass_two_factor configration dose not work with saml provider

This enables CSP in dev and CI

This enables CSP in dev and CI

- Add mail interceptor the signs outgoing email with SMIME
- Add lib and helpers to work with SMIME data
- New configuration params for setting up SMIME key and cert files

A nonce-based Content-Security-Policy thwarts XSS attacks by allowing
inline JavaScript to execute if the script nonce matches the header
value. Rails 5.2 supports nonce-based Content-Security-Policy headers,
so provide configuration to enable this and make it work.

To support this, we need to change all `:javascript` HAML filters to the
following form:

```
= javascript_tag nonce: true do
  :plain
    ...
```

We use `%script` throughout our HAML to store JSON and other text, but
since this doesn't execute, browsers don't appear to block this content
from being used and require the nonce value to be present.

A nonce-based Content-Security-Policy thwarts XSS attacks by allowing
inline JavaScript to execute if the script nonce matches the header
value. Rails 5.2 supports nonce-based Content-Security-Policy headers,
so provide configuration to enable this and make it work.

To support this, we need to change all `:javascript` HAML filters to the
following form:

```
= javascript_tag nonce: true do
  :plain
    ...
```

We use `%script` throughout our HAML to store JSON and other text, but
since this doesn't execute, browsers don't appear to block this content
from being used and require the nonce value to be present.

Introducing Docker Registry replication

Replicate Docker images from primary to secondary node

This is the first part of Docker Registry replication
for secondary Geo node.

This is the first part of Docker Registry replication
    for secondary Geo node.

Instead return error objects.

- The project will be used to monitor the gitlab instance.
- Add admins as maintainers to the project.
- Raise exception when no active admin user is found or there is no
prometheus setting in gitlab.yml.
- Also add specs.

This copies over EE-specific changes to shared configuration files in
CE.

We want the ability to restrict access for Git activity when smartcard
authentication is used. Git does not support smartcards yet but we can
check if the user has a valid browser session where smartcard
authentication was used.

https://community.atlassian.com/t5/Jira-questions/Is-it-quot-JIRA-quot-or-quot-Jira-quot/qaq-p/681163Signed-off-by: Takuya Noguchi <takninnovationresearch@gmail.com>

To make this happen, we need to conditionally add the group_saml
strategy when running tests, but only on EE. This requires some changes
to Gitlab.ee? so that it can be used before/without loading the Rails
environment. We also have to change how we require a few files, so this
can run outside of Rails.

To make this happen, we need to conditionally add the group_saml
strategy when running tests, but only on EE. This requires some changes
to Gitlab.ee? so that it can be used before/without loading the Rails
environment. We also have to change how we require a few files, so this
can run outside of Rails.

This sampler gathers Puma-specific metrics which can be used by
Prometheus then.

Add comment to clarify intended usage of `artifacts_server`.

Related to https://gitlab.com/gitlab-org/gitlab-ce/issues/49475.

Remove puts

Remove puts

Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>

Since external diffs are likely to be a bit slower than in-database
ones, add a mode that makes diffs external after they've been obsoleted
by events. This should strike a balance between performance and disk
space.

A background cron drives the majority of migrations, since diffs become
outdated through user actions.

Since external diffs are likely to be a bit slower than in-database
ones, add a mode that makes diffs external after they've been obsoleted
by events. This should strike a balance between performance and disk
space.

A background cron drives the majority of migrations, since diffs become
outdated through user actions.