|
Name |
|
Date |
Size |
#Lines |
LOC |
| .. | | 03-May-2022 | - |
| .gitlab/ | H | 24-Nov-2021 | - | 2 | 1 |
| bin/ | H | 24-Nov-2021 | - | 31 | 22 |
| client/ | H | 24-Nov-2021 | - | 1,069 | 848 |
| cmd/ | H | 24-Nov-2021 | - | 1,562 | 1,281 |
| internal/ | H | 24-Nov-2021 | - | 8,250 | 6,679 |
| spec/ | H | 24-Nov-2021 | - | 1,095 | 841 |
| support/ | H | 24-Nov-2021 | - | 36 | 22 |
| vendor/ | H | 03-May-2022 | - | 14,218,113 | 9,801,951 |
| .codeclimate.yml | H A D | 24-Nov-2021 | 184 | 15 | 14 |
| .gitignore | H A D | 24-Nov-2021 | 282 | 21 | 20 |
| .gitlab-ci.yml | H A D | 24-Nov-2021 | 2.5 KiB | 102 | 87 |
| .ruby-version | H A D | 24-Nov-2021 | 6 | 2 | 1 |
| .tool-versions | H A D | 24-Nov-2021 | 26 | 3 | 2 |
| CHANGELOG | H A D | 24-Nov-2021 | 18.8 KiB | 738 | 522 |
| CONTRIBUTING.md | H A D | 24-Nov-2021 | 2.5 KiB | 52 | 37 |
| Gemfile | H A D | 24-Nov-2021 | 90 | 6 | 4 |
| Gemfile.lock | H A D | 24-Nov-2021 | 512 | 27 | 23 |
| LICENSE | H A D | 24-Nov-2021 | 1.2 KiB | 26 | 20 |
| Makefile | H A D | 03-May-2022 | 1.8 KiB | 63 | 41 |
| PROCESS.md | H A D | 24-Nov-2021 | 3 KiB | 45 | 30 |
| README.md | H A D | 24-Nov-2021 | 4.1 KiB | 127 | 78 |
| VERSION | H A D | 24-Nov-2021 | 8 | 2 | 1 |
| config.yml | H A D | 03-May-2022 | 3.1 KiB | 81 | 67 |
| config.yml.sample | H A D | 03-May-2022 | 3.1 KiB | 81 | 67 |
| docker-compose.yml | H A D | 24-Nov-2021 | 187 | 9 | 8 |
| go.mod | H A D | 24-Nov-2021 | 676 | 21 | 18 |
| go.sum | H A D | 24-Nov-2021 | 110.4 KiB | 1,135 | 1,134 |
README.md
1# GitLab Shell
2
3## GitLab Shell handles git SSH sessions for GitLab
4
5GitLab Shell handles git SSH sessions for GitLab and modifies the list of authorized keys.
6GitLab Shell is not a Unix shell nor a replacement for Bash or Zsh.
7
8When you access the GitLab server over SSH then GitLab Shell will:
9
101. Limit you to predefined git commands (git push, git pull).
111. Call the GitLab Rails API to check if you are authorized, and what Gitaly server your repository is on
121. Copy data back and forth between the SSH client and the Gitaly server
13
14If you access a GitLab server over HTTP(S) you end up in [gitlab-workhorse](https://gitlab.com/gitlab-org/gitlab-workhorse).
15
16An overview of the four cases described above:
17
181. git pull over SSH -> gitlab-shell -> API call to gitlab-rails (Authorization) -> accept or decline -> establish Gitaly session
191. git push over SSH -> gitlab-shell (git command is not executed yet) -> establish Gitaly session -> (in Gitaly) gitlab-shell pre-receive hook -> API call to gitlab-rails (authorization) -> accept or decline push
20
21## Code status
22
23[](https://gitlab.com/gitlab-org/gitlab-shell/-/pipelines?ref=main)
24[](https://gitlab.com/gitlab-org/gitlab-shell/-/pipelines?ref=main)
25[](https://codeclimate.com/github/gitlabhq/gitlab-shell)
26
27## Requirements
28
29GitLab Shell is written in Go, and needs a Go compiler to build. It still requires
30Ruby to build and test, but not to run.
31
32Download and install the current version of Go from https://golang.org/dl/
33
34We follow the [Golang Release Policy](https://golang.org/doc/devel/release.html#policy)
35of supporting the current stable version and the previous two major versions.
36
37## Check
38
39Checks if GitLab API access and redis via internal API can be reached:
40
41 make check
42
43## Compile
44
45Builds the `gitlab-shell` binaries, placing them into `bin/`.
46
47 make compile
48
49## Install
50
51Builds the `gitlab-shell` binaries and installs them onto the filesystem. The
52default location is `/usr/local`, but can be controlled by use of the `PREFIX`
53and `DESTDIR` environment variables.
54
55 make install
56
57## Setup
58
59This command is intended for use when installing GitLab from source on a single
60machine. In addition to compiling the gitlab-shell binaries, it ensures that
61various paths on the filesystem exist with the correct permissions. Do not run
62it unless instructed to by your installation method documentation.
63
64 make setup
65
66
67## Testing
68
69Run tests:
70
71 bundle install
72 make test
73
74Run gofmt:
75
76 make verify
77
78Run both test and verify (the default Makefile target):
79
80 bundle install
81 make validate
82
83### Gitaly
84
85Some tests need a Gitaly server. The
86[`docker-compose.yml`](./docker-compose.yml) file will run Gitaly on
87port 8075. To tell the tests where Gitaly is, set
88`GITALY_CONNECTION_INFO`:
89
90 export GITALY_CONNECTION_INFO='{"address": "tcp://localhost:8075", "storage": "default"}'
91 make test
92
93If no `GITALY_CONNECTION_INFO` is set, the test suite will still run, but any
94tests requiring Gitaly will be skipped. They will always run in the CI
95environment.
96
97## Git LFS remark
98
99Starting with GitLab 8.12, GitLab supports Git LFS authentication through SSH.
100
101## Logging Guidelines
102
103In general, it should be possible to determine the structure, but not content,
104of a gitlab-shell or gitlab-sshd session just from inspecting the logs. Some
105guidelines:
106
107- We use [`gitlab.com/gitlab-org/labkit/log`](https://pkg.go.dev/gitlab.com/gitlab-org/labkit/log)
108 for logging functionality
109- **Always** include a correlation ID
110- Log messages should be invariant and unique. Include accessory information in
111 fields, using `log.WithField`, `log.WithFields`, or `log.WithError`.
112- Log success cases as well as error cases
113- Logging too much is better than not logging enough. If a message seems too
114 verbose, consider reducing the log level before removing the message.
115
116## Releasing
117
118See [PROCESS.md](./PROCESS.md)
119
120## Contributing
121
122See [CONTRIBUTING.md](./CONTRIBUTING.md).
123
124## License
125
126See [LICENSE](./LICENSE).
127
){kind=link}
){kind=link}
){kind=link}