gitolite + gitweb | 'repo #all R = gitweb' not working - gitolite

For some reason the following gitolite.conf does not add any repository to projects.list.
When I set 'R = gitweb' for each repository manually, they get added to projects.list.
[....]
repo aaa
repo bbb
repo #all
RW+ = #admins
R = gitweb
[...]
Any hints for me? I'd really like to allow gitweb access to all repositories and then remove permissions for a single repositories via '- = gitweb' ...

I don't actually need gitweb rules or project.list to be complete in my gitweb setup:
I only make sure I have a gitweb.conf.pl which:
will be called by gitweb (through the gitweb_config.perl file, called if gitweb detects it exists)
will call gitolite to see if the access to a repo can be granted or should be denied.

I just ran into the similar problem, but the resolution was different :
In gitolite3, it seems that if you simply see a gitweb.* property, then your repository is gitweb enabled:
repo foobar
desc = "Foobar repository"
category = "foobar"
Rw+= myself
Or if you prefer :
repo foobar
config gitweb.description = "Foobar repository"
config gitweb.category = "foobar"
Rw+= myself
I don't know if it works with a #all, like:
repo #all
category= "uncategorized"
But since a description or (valid) category is not a bad thing to have, I'd say it works for me.
On the other hand, I tried also making an #almost-all group with all my repositories except gitolite-admin, except I don't know if it works because of gitweb.description/category config.

Related

Terraform gitlab provider changes commit message

Is it expected behavior that gitlab provider on terraform adds [DELETE] if previous commit message was changed in your tf code?
For example I had a tf file with
resource "gitlab-repository-files_gitlab_repository_file" "this" {
project = gitlab_project.foo.id
file_path = "meow.txt"
branch = "main"
content = base64encode("hello world")
author_email = "meow#catnip.com"
author_name = "Meow Meowington"
commit_message = "feature: add meow file*"
}
Then changed it to
commit_message = "[ci skip] terraform templating commit\n\nJob URL: ${local.gitlab_configuration_details.pipeline_job_url}"
After the change my commit message on gitlab was [DELETE]: feature: add meow file
If this is the expected behavior is there any way around it to prevent the provider from adding comments?
Because I expected after the change for the commit to read on git as "[ci skip] terraform templating commit\n\nJob URL: https:url.com"
Thanks!
After further investigating, turns out the [DELETE] gets inserted if you are deleting files. If you just make code changes it will not edit your commit message, this only happens when files are deleted.

Gitlab - fatal: unable to access - Could not resolve host --> due missing slash

I have install new Gitlab instalation on my Ubuntu server with Apache2 websrver. I created here (in web GUI) new repository like "testik.git" and I get http path:
http://git.domain.tld/testovic/testik.git
But, when I put this in git command on my winPC
git clone http://git.domain.tld/testovic/testik.git
Command return
Cloning into 'testik'...
fatal: unable to access 'http://git.domain.tld/testovic/testik.git/': Could not resolve host: git.domain.tldtestovic
I see unnecessary trailing slash in "fatal" information and I see too, that this slash is missing after "TLD" before "username".
And same problem is, when I open project in webGUI and click on leftside menu e.g. to "Security&Compliance" --> "Configuration" and in e.g. first part named "Static Application Securty Testing (SAST)" try to click on button "Configure with a merge request".
I have got error page with URL starting with
https://git.domain.tldtestovic/testik/-/merge_requests/new?merge_request....
I see here missing slash after TLD again ... when I put manually slash after TLD and press enter, everything is fully funtional.
Do you have somebody any good idea, any solution what to do with missing slash after TLD ? Where could be the problem?
I know, that this is not problem of DNS, because ping git.domain.tld is OK. I suppose, that something wrong need to be in configuration.
In \etc\gitlab\gitlab.rh I have done these manuall changes
external_url 'http://git.domain.tld'
gitlab_rails['trusted_proxies'] = ['<my Ubuntu serverIP>']
gitlab_rails['initial_root_password'] = "<some good password>"
gitlab_rails['db_adapter'] = "postgresql"
gitlab_rails['db_encodig'] = "unicode"
gitlab_rails['db_database'] = "<database name>"
gitlab_rails['db_username'] = "<some username>"
gitlab_rails['db_password'] = "<some another good password>"
gitlab_rails['db_host'] = "<correct address to the nonlocalhost DB server>"
gitlab_rails['db_port'] = 5432
gitlab_workhouse['listen_network'] = "tcp"
gitlab_workhouse['listen_addr'] = "127.0.0.1:8181"
postgresql['enable'] = false
web_server['external_users'] = ['www-data']
nginx['enable'] = false
nginx['redirect_http_to_https'] = true
I read a lot of post, pages, etc. But without success. Thank you very much for the way to functional git with Gitlab.

Registry tab does not work

I have installed gitlab on AWS server and it is working as expected.
http://ec2-54-167-34-63.compute-1.amazonaws.com/
But when I click on "Registry" tab, I am shown page not found error (500)
The relevant part from /etc/gitlab/gitlab.rb
gitlab_rails['gitlab_default_projects_features_container_registry'] = true
# registry_external_url 'https://registry.gitlab.example.com'
registry_external_url 'http://ec2-54-167-34-63.compute-1.amazonaws.com:4567'
# Settings used by GitLab application
gitlab_rails['registry_enabled'] = true
gitlab_rails['registry_host'] = "http://ec2-54-167-34-63.compute-1.amazonaws.com"
gitlab_rails['registry_port'] = "5005"
gitlab_rails['registry_api_url'] = "http://localhost:5000"
gitlab_rails['registry_key_path'] = "/var/opt/gitlab/gitlab-rails/certificate.key"
gitlab_rails['registry_path'] = "/var/opt/gitlab/gitlab-rails/shared/registry"
gitlab_rails['registry_issuer'] = "omnibus-gitlab-issuer"
# Settings used by Registry application
registry['enable'] = true
registry['username'] = "registry"
registry['group'] = "registry"
registry['uid'] = nil
registry['gid'] = nil
registry['dir'] = "/var/opt/gitlab/registry"
registry['log_directory'] = "/var/log/gitlab/registry"
registry['log_level'] = "info"
registry['rootcertbundle'] = "/var/opt/gitlab/registry/certificate.crt"
registry['storage_delete_enabled'] = true
Update
As per the logs below, I need gitlab-registry.key file in the correct location. What is this file and how do I generate one?
tail /var/log/gitlab/gitlab-rails/production.log
Started GET "/root/test/container_registry" for 125.99.49.46 at 2016-10-24 08:29:27 +0000
Processing by Projects::ContainerRegistryController#index as HTML
Parameters: {"namespace_id"=>"root", "project_id"=>"test"}
Completed 500 Internal Server Error in 23ms (ActiveRecord: 3.5ms)
Errno::ENOENT (No such file or directory # rb_sysopen - /var/opt/gitlab/gitlab-rails/etc/gitlab-registry.key):
lib/json_web_token/rsa_token.rb:20:in `read'
lib/json_web_token/rsa_token.rb:20:in `key_data'
lib/json_web_token/rsa_token.rb:24:in `key'
lib/json_web_token/rsa_token.rb:28:in `public_key'
lib/json_web_token/rsa_token.rb:33:in `kid'
lib/json_web_token/rsa_token.rb:12:in `encoded'
app/services/auth/container_registry_authentication_service.rb:30:in `full_access_token'
app/models/project.rb:421:in `container_registry_repository'
app/controllers/projects/container_registry_controller.rb:28:in `container_registry_repository'
app/controllers/projects/container_registry_controller.rb:8:in `index'
lib/gitlab/request_profiler/middleware.rb:15:in `call'
lib/gitlab/middleware/go.rb:16:in `call'
Update 2
I guess I need to generate a certificate as explained here...
http://www.bonusbits.com/wiki/HowTo:Setup_HTTPS_for_Gitlab
Check the GitLab server log (since it is an error 500. Example of such logs: issue 23019)
There is an issue pending with GitLab 8.13: 23575: No way to enable container registry, with a merge request 7037: Fix typo in project settings that prevents users from enabling container registry.
They might be related with your issue.
Issue 23339 mentions also "sorting out self signed certs problem (my registry is under different domain than gitlab itself)": that should not be the case here.
Issue 23181 (Pushing to Registry Still Frequently Encounters unauthorized: authentication required) suggests that the error is gone ofr docker 1.11+ (so it depends on which version of docker you are using on AWS)
Regarding gitlab-registry.key mentioned by the OP's edit, it should be created by a simple reconfigure, if declared properly.
So double-check:
1316
It turns out it was a typo on my part.
The config key is registry_nginx["ssl_certificate"] not registry_nginx[ssl_certificate].
1218 and merge request 3787 which show how this feature was added.
Try to set only few of the registry settings like :
registry_external_url 'http://ec2-54-167-34-63.compute1.amazonaws.com:4567'
Don't set the gitlab_rail['registry'] and registry['xxxxx'] if you want to keep the default values, and don't set values if you don't know what you are modifying.
About the certificates, check at the very bottom of the gitlab.rb file, and here you can set your certificates for the registry:
registry_nginx['ssl_certificate'] = "/path/to/my/cert.crt"
registry_nginx['ssl_certificate_key'] = "/path/to/my/key.key"
Also check the output of this commands to make a check of your GitLab instance:
sudo gitlab-rake gitlab:check
Just like deporclick did, Set your certificates for the registry as:
registry_nginx['ssl_certificate'] = "/path/to/my/cert.crt"
registry_nginx['ssl_certificate_key'] = "/path/to/my/key.key"

Can't get CtrlP to set working dir as root folder

Im working on project that is in fact composed of several subproject, under a common git repository:
Project
- Sub Project A
- Sub Project B
- ...
I never work on the main folder, and always start from one of the sub projects, the problem is no matter what I try CtrlP always does the search starting from the main folder where the repo is.
I've tried a few settings from the project repo but no matter, such as bellow, but still can't get it to make any effect.
let g:ctrlp_working_path_mode = 'ca'
Any tips please?
Looking at the CtrlP docs suggests that you have three options:
Disable CtrlP's working directory searching: let g:ctrlp_working_path_mode = ''. It will then only search under Vim's current working directory, so just :cd to one of your sub projects' directories.
Ignore the sub project directories that you are not interested in: let g:ctrlp_custom_ignore = { 'dir': '\v[\/]Sub Project [AB]$' } (untested).
Add Sub Project A, Sub Project B, etc. as root markers: let g:ctrlp_root_markers = ['Sub Project A', 'Sub Project B']. This should stop CtrlP from traversing up beyond those sub directories.
I would suggest the first option since the others are a bit too hacky for my taste. The last option also didn't work for me in a quick test.
If you're used to CtrlP starting in your current working directory, and it suddenly seems to have stopped, it's probably a side effect of g:ctrlp_working_path_mode that is a bit unintuitive: it searches up the directory tree until it finds a source control root (like a .git folder), and treats that as the top level directory.
I'm used to it always being the top level of my current project, so when I started a new project, and it was using my home directory as the root, I was confused. It's because I hadn't yet initialized Git for the new project, so the first .git directory it found was in my home directory.
Initializing a Git repo for the new project made it behave as expected.
Here's the relevant section of the plugin help:
'g:ctrlp_working_path_mode'
When starting up, CtrlP sets its local working directory according to this
variable:
let g:ctrlp_working_path_mode = 'ra'
c - the directory of the current file.
a - like "c", but only applies when the current working directory outside of
CtrlP isn't a direct ancestor of the directory of the current file.
r - the nearest ancestor that contains one of these directories or files:
.git .hg .svn .bzr _darcs
w - begin finding a root from the current working directory outside of CtrlP
instead of from the directory of the current file (default). Only applies
when "r" is also present.
0 or <empty> - disable this feature.
Note #1: if "a" or "c" is included with "r", use the behavior of "a" or "c" (as
a fallback) when a root can't be found.
Note #2: you can use a b:var to set this option on a per buffer basis.

Why Chef do not find my files?

I'm developing a Ganglia recipe in Chef.
Is very simple, I build four different configurations files, I already tried to use as template, but to keep it simple, I build these configuration files.
This is my recipe:
return if tagged?('norun::ganglia')
case node[:platform]
when "ubuntu", "debian"
pkg = "ganglia-monitor"
when "redhat", "centos", "fedora"
pkg = "ganglia-gmond"
end
package "#{pkg}" do
action :install
end
cookbook_file "/etc/ganglia/gmond.conf" do
owner "root"
group "root"
mode "0644"
source "gmond/" + node['base']['dc'] + "/node/gmond.conf"
end
# Adding ganglia-gmond as service
service "gmond" do
supports :status => true,
:restart => true
action [ :enable, :start ]
end
And this is how my recipe is structured:
cookbooks/ganglia/
cookbooks/ganglia/files/default/gmond/* // I have others sub-folders here too
cookbooks/ganglia/files/default/gmond/diveo/node/gmond.conf
cookbooks/ganglia/recipes/default.rb
But when I tried to run my recipe, it gives the follow error:
[2013-05-14T14:23:38+00:00] FATAL: Chef::Exceptions::FileNotFound: cookbook_file[/etc/ganglia/gmond.conf] (ganglia::default line 25) had an error: Chef::Exceptions::FileNotFound: Cookbook 'ganglia' (0.1.0) does not contain a file at any of these locations:
files/centos-5.7/gmond/diveo/node/gmond.conf
files/centos/gmond/diveo/node/gmond.conf
files/default/gmond/diveo/node/gmond.conf
This cookbook _does_ contain: ['diveo/monitor/gmond.conf','diveo/node/gmond.conf','awsvir/monitor/gmond.conf','awsvir/node/gmond.conf','awssp/monitor/gmond.conf','awssp/node/gmond.conf','alog/monitor/gmond.conf','alog/node/gmond.conf']
Basically it says that I not have the file, but I do, in the right path, right ?
If node['base']['dc'] is a platform name, then cookbook_file statement should look like
cookbook_file "/etc/ganglia/gmond.conf" do
owner "root"
group "root"
mode "0644"
source "gmond.conf"
end
and structure of your conf files should be like that
cookbooks/ganglia/
cookbooks/ganglia/files/default/gmond.conf
cookbooks/ganglia/files/centos-5.7/gmond.conf
...
And a little advice - use template instead of cookbook_file. One day you'll want to add some parameters to your gmane.conf anyway.
Also, here is a cookbook_file doc page from opscode.com -

Resources