1. 12 Jul, 2019 4 commits
  2. 11 Jul, 2019 5 commits
  3. 09 Jul, 2019 2 commits
  4. 08 Jul, 2019 1 commit
    • Emanuele Aina's avatar
      Fix HTTPS detection when running behind a proxy · 75b6f9ca
      Emanuele Aina authored
      In production the application is currently run behind a TLS-terminating nginx
      proxy which forces the `Host` header and sets the `X-Forwarded-For` and
      `X-Forwarded-Proto` headers.
      
      However, nothing on the application side handles the `X-Forwarded-*` headers,
      causing authentication against GitLab through OAUth2 to fail since the
      generated callback URL uses plain `http://` while OAuth2 requires it to
      be `https://`, yielding the `The redirect URI included is not valid`
      error message.
      
      This adds a `PROXY_COUNT` environment variable to be set to the number of
      trusted proxies in front of the application. It defaults to zero to to avoid
      issues if malicious actors set the headers above in a non-proxied setup.
      Signed-off-by: Emanuele Aina's avatarEmanuele Aina <emanuele.aina@collabora.com>
      75b6f9ca
  5. 05 Jul, 2019 1 commit
  6. 02 Jul, 2019 1 commit
  7. 01 Jul, 2019 1 commit
    • Luis Araujo's avatar
      Add page to submit manual tests results for image type · af728d53
      Luis Araujo authored
      Add the page to submit the manual tests results for specific images types.
      
      It renames some routes and methods to clearly state the function of the
      pages and also adds a 'submitted' page to show a message after the tests
      results submission.
      
      The commit only includes the pages and forms but it doesn't enable the
      functionality to submit tests results yet.
      Signed-off-by: Luis Araujo's avatarLuis Araujo <luis.araujo@collabora.co.uk>
      af728d53
  8. 26 Jun, 2019 2 commits
  9. 25 Jun, 2019 2 commits
  10. 24 Jun, 2019 4 commits
  11. 20 Jun, 2019 1 commit
  12. 14 Jun, 2019 5 commits
  13. 13 Jun, 2019 6 commits
  14. 08 Jun, 2019 1 commit
  15. 06 Jun, 2019 1 commit
  16. 05 Jun, 2019 2 commits
    • Emanuele Aina's avatar
      docker-compose: Move PGDATA to a subdir to make permissions work out-of-the-box · 9cf9983c
      Emanuele Aina authored
      We currently bind mount `/var/lib/postgresql/data` to a local folder
      which is assumed to exist with the right permissions, owned by the user
      under which the `postgres` container is run (uid 1000 or the one
      configured with the `RUN_USER` environment variable).
      
      If that's not the case (on a fresh checkout, for instance), you'll
      be left staring at the following error, after the container failed
      to start:
      
          fixing permissions on existing directory /var/lib/postgresql/data ... initdb: could not change permissions of directory "/var/lib/postgresql/data": Operation not permitted
      
      Having things not work out of the box with weird errors is annoying and
      can easily lead to a non-trivial amount of wasted time (hello!).
      
      This is because Docker creates the mount point directories as owned by
      root, so when the Postgres' `initdb` runs as the `postgres` user it
      fails to change the ownership of the directory.
      
      Shipping the empty directory in the repository would work, but git does
      not really understand empty directories.
      
      Sadly, even only putting a `.gitignore` there would make `initdb` complain:
      
          initdb: directory "/var/lib/postgresql/data" exists but is not empty
          It contains a dot-prefixed/invisible file, perhaps due to it being a mount point.
          Using a mount point directly as the data directory is not recommended.
          Create a subdirectory under the mount point.
      
      A solution avoiding the above issues is to ship some files to
      ensure the mount point directory is created with the user permissions
      (assuming the user doing the checkout is uid 1000 or `RUN_USER` is set
      to the right uid) and then set `PGDATA` to point to a subdirectory of
      the user-writable volume mount point, making `initdb` happy.
      Signed-off-by: Emanuele Aina's avatarEmanuele Aina <emanuele.aina@collabora.com>
      9cf9983c
    • Emanuele Aina's avatar
      run-qa-report: Exit when wait-for-it times out · f0d770da
      Emanuele Aina authored
      When passing a command to wait-for-it it will return the exit value of
      the command: passing `echo` means that it will always succeed and the
      script will happily go on even if the server was actually unreachable.
      
      Move the `echo` after `wait-for-it` and let everything die if we could
      not connect to the database before the timeout.
      Signed-off-by: Emanuele Aina's avatarEmanuele Aina <emanuele.aina@collabora.com>
      f0d770da
  17. 29 May, 2019 1 commit