Commit 42d31f8f authored by Pawel Chojnacki's avatar Pawel Chojnacki

Remove git annex support

parent a6e5b9a1
......@@ -3,7 +3,6 @@ image: "ruby:2.3"
before_script:
- export PATH=~/bin:/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin
- apt-get update
- apt-get install -y git-annex
- gem install --bindir /usr/local/bin bundler
- cp config.yml.example config.yml
- bundle install
......
......@@ -7,7 +7,7 @@ GitLab Shell is not a Unix shell nor a replacement for Bash or Zsh.
When you access the GitLab server over ssh then GitLab Shell will:
1. Limits you to predefined git commands (git push, git pull, git annex).
1. Limits you to predefined git commands (git push, git pull).
1. Call the GitLab Rails API to check if you are authorized
1. It will execute the pre-receive hooks (called Git Hooks in GitLab Enterprise Edition)
1. It will execute the action you requested
......
......@@ -65,14 +65,6 @@ log_level: INFO
# incurs an extra API call on every gitlab-shell command.
audit_usernames: false
# Enable git-annex support
# git-annex allows managing files with git, without checking the file contents into git
# See https://git-annex.branchable.com/ for documentation
# If enabled, git-annex needs to be installed on the server where gitlab-shell is setup
# For Debian and Ubuntu systems this can be done with: sudo apt-get install git-annex
# For CentOS: sudo yum install epel-release && sudo yum install git-annex
git_annex_enabled: false
# Git trace log file.
# If set, git commands receive GIT_TRACE* environment variables
# See https://git-scm.com/book/es/v2/Git-Internals-Environment-Variables#Debugging for documentation
......
......@@ -54,10 +54,6 @@ class GitlabConfig
@config['audit_usernames'] ||= false
end
def git_annex_enabled?
@config['git_annex_enabled'] ||= false
end
def git_trace_log_file
@config['git_trace_log_file']
end
......
......@@ -9,7 +9,7 @@ class GitlabShell
class DisallowedCommandError < StandardError; end
class InvalidRepositoryPathError < StandardError; end
GIT_COMMANDS = %w(git-upload-pack git-receive-pack git-upload-archive git-annex-shell git-lfs-authenticate).freeze
GIT_COMMANDS = %w(git-upload-pack git-receive-pack git-upload-archive git-lfs-authenticate).freeze
API_COMMANDS = %w(2fa_recovery_codes)
GL_PROTOCOL = 'ssh'.freeze
......@@ -71,10 +71,6 @@ class GitlabShell
raise DisallowedCommandError unless GIT_COMMANDS.include?(@command)
case @command
when 'git-annex-shell'
raise DisallowedCommandError unless @config.git_annex_enabled?
@repo_name = args[2].sub(/\A\/~\//, '')
when 'git-lfs-authenticate'
raise DisallowedCommandError unless args.count >= 2
@repo_name = args[1]
......@@ -103,25 +99,7 @@ class GitlabShell
def process_cmd(args)
return self.send("api_#{@command}") if API_COMMANDS.include?(@command)
if @command == 'git-annex-shell'
raise DisallowedCommandError unless @config.git_annex_enabled?
# Make sure repository has git-annex enabled
init_git_annex unless gcryptsetup?(args)
parsed_args =
args.map do |arg|
# use full repo path
if arg =~ /\A\/.*\.git\Z/
repo_path
else
arg
end
end
$logger.info "gitlab-shell: executing git-annex command <#{parsed_args.join(' ')}> for #{log_username}."
exec_cmd(*parsed_args)
elsif @command == 'git-lfs-authenticate'
if @command == 'git-lfs-authenticate'
GitlabMetrics.measure('lfs-authenticate') do
$logger.info "gitlab-shell: Processing LFS authentication for #{log_username}."
lfs_authenticate
......@@ -150,10 +128,6 @@ class GitlabShell
'GL_PROTOCOL' => GL_PROTOCOL
}
if @config.git_annex_enabled?
env.merge!({ 'GIT_ANNEX_SHELL_LIMITED' => '1' })
end
if git_trace_available?
env.merge!({
'GIT_TRACE' => @config.git_trace_log_file,
......@@ -188,19 +162,6 @@ class GitlabShell
@config.audit_usernames ? username : "user with key #{@key_id}"
end
def init_git_annex
unless File.exists?(File.join(repo_path, 'annex'))
cmd = %W(git --git-dir=#{repo_path} annex init "GitLab")
system(*cmd, err: '/dev/null', out: '/dev/null')
$logger.info "Enable git-annex for repository: #{repo_name}."
end
end
def gcryptsetup?(args)
non_dashed = args.reject { |a| a.start_with?('-') }
non_dashed[0, 2] == %w{git-annex-shell gcryptsetup}
end
def lfs_authenticate
lfs_access = api.lfs_authenticate(@key_id, @repo_name)
......
......@@ -99,20 +99,6 @@ describe GitlabShell do
end
end
describe 'git-annex' do
let(:repo_name) { 'dzaporozhets/gitlab.git' }
let(:ssh_args) { %W(git-annex-shell inannex /~/dzaporozhets/gitlab.git SHA256E) }
before do
GitlabConfig.any_instance.stub(git_annex_enabled?: true)
subject.send :parse_cmd, ssh_args
end
its(:repo_name) { should == 'dzaporozhets/gitlab.git' }
its(:command) { should == 'git-annex-shell' }
end
describe 'git-lfs' do
let(:repo_name) { 'dzaporozhets/gitlab.git' }
let(:ssh_args) { %W(git-lfs-authenticate dzaporozhets/gitlab.git download) }
......@@ -230,58 +216,6 @@ describe GitlabShell do
end
end
describe 'git-annex' do
let(:repo_name) { 'dzaporozhets/gitlab.git' }
before do
GitlabConfig.any_instance.stub(git_annex_enabled?: true)
end
context 'initialization' do
let(:ssh_cmd) { "git-annex-shell inannex /~/gitlab-ci.git SHA256E" }
before do
# Create existing project
FileUtils.mkdir_p(repo_path)
cmd = %W(git --git-dir=#{repo_path} init --bare)
system(*cmd)
subject.exec(ssh_cmd)
end
it 'should init git-annex' do
File.exists?(repo_path).should be_true
end
context 'with git-annex-shell gcryptsetup' do
let(:ssh_cmd) { "git-annex-shell gcryptsetup /~/dzaporozhets/gitlab.git" }
it 'should not init git-annex' do
File.exists?(File.join(tmp_repos_path, 'dzaporozhets/gitlab.git/annex')).should be_false
end
end
context 'with git-annex and relative path without ~/' do
# Using a SSH URL on a custom port will generate /dzaporozhets/gitlab.git
let(:ssh_cmd) { "git-annex-shell inannex dzaporozhets/gitlab.git SHA256E" }
it 'should init git-annex' do
File.exists?(File.join(tmp_repos_path, "dzaporozhets/gitlab.git/annex")).should be_true
end
end
end
context 'execution' do
let(:ssh_cmd) { "git-annex-shell commit /~/gitlab-ci.git SHA256" }
after { subject.exec(ssh_cmd) }
it "should execute the command" do
subject.should_receive(:exec_cmd).with("git-annex-shell", "commit", repo_path, "SHA256")
end
end
end
context 'with an API command' do
before do
allow(subject).to receive(:continue?).and_return(true)
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment