preparing for gitlab-shell

2013-02-04 14:28:10 +02:00 · 2013-02-04 14:28:10 +02:00 · 6b9a609044
commit 6b9a609044
parent 85de55a120
4 changed files with 16 additions and 302 deletions
--- a/3
+++ b/3
@ -32,9 +32,6 @@ gem 'gitlab_omniauth-ldap', '1.0.2', require: "omniauth-ldap"
 # Dump db to yml file. Mostly used to migrate from sqlite to mysql
 gem 'gitlab_yaml_db', '1.0.0', require: "yaml_db"
 # Gitolite client (for work with gitolite-admin repo)
 gem "gitolite", '1.1.0'
 # Syntax highlighter
 gem "pygments.rb",  git: "https://github.com/gitlabhq/pygments.rb.git", branch: "master"
--- a/Gemfile.lock
+++ b/Gemfile.lock
@ -107,7 +107,6 @@ GEM
      coderay (>= 1.0.0)
      erubis (>= 2.7.0)
    binding_of_caller (0.6.8)
    blankslate (3.1.2)
    bootstrap-sass (2.2.1.1)
      sass (~> 3.2)
    builder (3.0.4)
@ -195,10 +194,6 @@ GEM
      pyu-ruby-sasl (~> 0.0.3.1)
      rubyntlm (~> 0.1.1)
    gitlab_yaml_db (1.0.0)
    gitolite (1.1.0)
      gratr19 (~> 0.4.4.1)
      grit (~> 2.5.0)
      hashery (~> 1.5.0)
    grape (0.2.2)
      activesupport
      hashie (~> 1.2)
@ -208,7 +203,6 @@ GEM
      rack-accept
      rack-mount
      virtus
    gratr19 (0.4.4.1)
    growl (1.0.3)
    guard (1.5.4)
      listen (>= 0.4.2)
@ -227,8 +221,6 @@ GEM
      activesupport (>= 3.1, < 4.1)
      haml (~> 3.1)
      railties (>= 3.1, < 4.1)
    hashery (1.5.0)
      blankslate
    hashie (1.2.0)
    hike (1.2.1)
    http_parser.rb (0.5.3)
@ -497,7 +489,6 @@ DEPENDENCIES
  gitlab_meta (= 4.0)
  gitlab_omniauth-ldap (= 1.0.2)
  gitlab_yaml_db (= 1.0.0)
  gitolite (= 1.1.0)
  grack!
  grape (~> 0.2.1)
  grit!
--- a/lib/gitlab/backend/gitolite.rb
+++ b/lib/gitlab/backend/gitolite.rb
@ -1,5 +1,3 @@
 require_relative 'gitolite_config'
 module Gitlab
  class Gitolite
    class AccessDenied < StandardError; end
@ -8,52 +6,25 @@ module Gitlab
      Gitlab::GitoliteConfig.new
    end
-    # Update gitolite config with new key
+    # Add new key to gitlab-shell
    #
    # Ex.
-    #   set_key("m_gitlab_com_12343", "sha-rsa ...", [2, 3, 6])
+    #   add_key("randx", "sha-rsa ...")
    #
-    def set_key(key_id, key_content, project_ids)
+    def add_key(username, key_content)
-      projects = Project.where(id: project_ids)
+      # TODO: implement
      config.apply do |config|
        config.write_key(key_id, key_content)
        config.update_projects(projects)
      end
    end
-    # Remove ssh key from gitolite config
+    # Remove ssh key from gitlab shell
    #
    # Ex.
-    #   remove_key("m_gitlab_com_12343", [2, 3, 6])
+    #   remove_key("sha-rsa")
    #
-    def remove_key(key_id, project_ids)
+    def remove_key(key_content)
-      projects = Project.where(id: project_ids)
+      # TODO: implement
      config.apply do |config|
        config.rm_key(key_id)
        config.update_projects(projects)
      end
    end
-    # Update project config in gitolite by project id
+    # Remove repository from file system
    #
    # Ex.
    #   update_repository(23)
    #
    def update_repository(project_id)
      project = Project.find(project_id)
      config.update_project!(project)
    end
    def move_repository(old_repo, project)
      config.apply do |config|
        config.clean_repo(old_repo)
        config.update_project(project)
      end
    end
    # Remove repository from gitolite
    #
    # name - project path with namespace
    #
@ -61,20 +32,18 @@ module Gitlab
    #   remove_repository("gitlab/gitlab-ci")
    #
    def remove_repository(name)
-      config.destroy_project!(name)
+      # TODO: implement
    end
-    # Update projects configs in gitolite by project ids
+    # Init new repository
    #
    # name - project path with namespace
    #
    # Ex.
-    #   update_repositories([1, 4, 6])
+    #   add_repository("gitlab/gitlab-ci")
    #
-    def update_repositories(project_ids)
+    def add_repository(name)
-      projects = Project.where(id: project_ids)
+      # TODO: implement
      config.apply do |config|
        config.update_projects(projects)
      end
    end
    def url_to_repo path
@ -84,7 +53,5 @@ module Gitlab
    def enable_automerge
      config.admin_all_repo!
    end
    alias_method :create_repository, :update_repository
  end
 end
--- a/lib/gitlab/backend/gitolite_config.rb
+++ b/lib/gitlab/backend/gitolite_config.rb
@ -1,241 +0,0 @@
 require 'gitolite'
 require 'timeout'
 require 'fileutils'
 module Gitlab
  class GitoliteConfig
    include Gitlab::Popen
    class PullError < StandardError; end
    class PushError < StandardError; end
    class BrokenGitolite < StandardError; end
    attr_reader :config_tmp_dir, :tmp_dir, :ga_repo, :conf
    def initialize
      @tmp_dir = Rails.root.join("tmp").to_s
      @config_tmp_dir = File.join(@tmp_dir,"gitlabhq-gitolite-#{Time.now.to_i}")
    end
    def ga_repo
      @ga_repo ||= ::Gitolite::GitoliteAdmin.new(
        File.join(config_tmp_dir,'gitolite'),
        conf: Gitlab.config.gitolite.config_file
      )
    end
    def apply
      Timeout::timeout(30) do
        File.open(File.join(tmp_dir, "gitlabhq-gitolite.lock"), "w+") do |f|
          begin
            # Set exclusive lock
            # to prevent race condition
            f.flock(File::LOCK_EX)
            # Pull gitolite-admin repo
            # in tmp dir before do any changes
            pull
            # Build ga_repo object and @conf
            # to access gitolite-admin configuration
            @conf = ga_repo.config
            # Do any changes
            # in gitolite-admin
            # config here
            yield(self)
            # Save changes in
            # gitolite-admin repo
            # before push it
            ga_repo.save
            # Push gitolite-admin repo
            # to apply all changes
            push
          ensure
            # Remove tmp dir
            # removing the gitolite folder first is important to avoid
            # NFS issues.
            FileUtils.rm_rf(File.join(config_tmp_dir, 'gitolite'))
            # Remove parent tmp dir
            FileUtils.rm_rf(config_tmp_dir)
            # Unlock so other task can access
            # gitolite configuration
            f.flock(File::LOCK_UN)
          end
        end
      end
    rescue PullError => ex
      log("Pull error ->  " + ex.message)
      raise Gitolite::AccessDenied, ex.message
    rescue PushError => ex
      log("Push error ->  " + " " + ex.message)
      raise Gitolite::AccessDenied, ex.message
    rescue BrokenGitolite => ex
      log("Gitolite error ->  " + " " + ex.message)
      raise Gitolite::AccessDenied, ex.message
    rescue Exception => ex
      log(ex.class.name + " " + ex.message)
      raise Gitolite::AccessDenied.new("gitolite timeout")
    end
    def log message
      Gitlab::GitLogger.error(message)
    end
    def path_to_repo(name)
      File.join(Gitlab.config.gitolite.repos_path, "#{name}.git")
    end
    def destroy_project(name)
      full_path = path_to_repo(name)
      FileUtils.rm_rf(full_path) if File.exists?(full_path)
      conf.rm_repo(name)
    end
    def clean_repo repo_name
      conf.rm_repo(repo_name)
    end
    def destroy_project!(project)
      apply do |config|
        config.destroy_project(project)
      end
    end
    def write_key(id, key)
      File.open(File.join(config_tmp_dir, 'gitolite/keydir',"#{id}.pub"), 'w') do |f|
        f.write(key.gsub(/\n/,''))
      end
    end
    def rm_key(user)
      key_path = File.join(config_tmp_dir, 'gitolite/keydir', "#{user}.pub")
      ga_key = ::Gitolite::SSHKey.from_file(key_path)
      ga_repo.rm_key(ga_key)
    end
    # update or create
    def update_project(project)
      repo = update_project_config(project, conf)
      conf.add_repo(repo, true)
    end
    def update_project!( project)
      apply do |config|
        config.update_project(project)
      end
    end
    # Updates many projects and uses project.path_with_namespace as the repo path
    # An order of magnitude faster than update_project
    def update_projects(projects)
      projects.each do |project|
        repo = update_project_config(project, conf)
        conf.add_repo(repo, true)
      end
    end
    def update_project_config(project, conf)
      repo_name = project.path_with_namespace
      repo = if conf.has_repo?(repo_name)
               conf.get_repo(repo_name)
             else
               ::Gitolite::Config::Repo.new(repo_name)
             end
      name_readers = project.team.repository_readers
      name_writers = project.team.repository_writers
      name_masters = project.team.repository_masters
      pr_br = project.protected_branches.map(&:name).join("$ ")
      repo.clean_permissions
      # Deny access to protected branches for writers
      unless name_writers.blank? || pr_br.blank?
        repo.add_permission("-", pr_br.strip + "$ ", name_writers)
      end
      # Add read permissions
      repo.add_permission("R", "", name_readers) unless name_readers.blank?
      # Add write permissions
      repo.add_permission("RW+", "", name_writers) unless name_writers.blank?
      repo.add_permission("RW+", "", name_masters) unless name_masters.blank?
      # Add sharedRepository config
      repo.set_git_config("core.sharedRepository", "0660")
      repo
    end
    # Enable access to all repos for gitolite admin.
    # We use it for accept merge request feature
    def admin_all_repo
      owner_name = Gitlab.config.gitolite.admin_key
      # @ALL repos premission for gitolite owner
      repo_name = "@all"
      repo = if conf.has_repo?(repo_name)
               conf.get_repo(repo_name)
             else
               ::Gitolite::Config::Repo.new(repo_name)
             end
      repo.add_permission("RW+", "", owner_name)
      conf.add_repo(repo, true)
    end
    def admin_all_repo!
      apply { |config| config.admin_all_repo }
    end
    private
    def pull
      # Create config tmp dir like "RAILS_ROOT/tmp/gitlabhq-gitolite-132545"
      Dir.mkdir config_tmp_dir
      # Clone gitolite-admin repo into tmp dir
      popen("git clone #{Gitlab.config.gitolite.admin_uri} #{config_tmp_dir}/gitolite", tmp_dir)
      # Ensure file with config presents after cloning
      unless File.exists?(File.join(config_tmp_dir, 'gitolite', 'conf', 'gitolite.conf'))
        raise PullError, "unable to clone gitolite-admin repo"
      end
    end
    def push
      output, status = popen('git add -A', tmp_conf_path)
      raise "Git add failed." unless status.zero?
      # git commit returns 0 on success, and 1 if there is nothing to commit
      output, status = popen('git commit -m "GitLab"', tmp_conf_path)
      raise "Git add failed." unless [0,1].include?(status)
      output, status = popen('git push', tmp_conf_path)
      if output =~ /remote\: FATAL/
        raise BrokenGitolite, output
      end
      if status.zero? || output =~ /Everything up\-to\-date/
        return true
      else
        raise PushError, "unable to push gitolite-admin repo"
      end
    end
    def tmp_conf_path
      File.join(config_tmp_dir,'gitolite')
    end
  end
 end