artin/sourcegraph
1
0
Fork 0
mirror of https://github.com/sourcegraph/sourcegraph.git synced 2026-02-06 19:21:50 +00:00
Code Issues Packages Projects Releases Wiki Activity

remove unused/deprecated site config options (#2171)

Browse Source 
* inline JSON Schema defs for SMTP/IMAP

* remove deprecated site config auth.disableAccessTokens

This was renamed to auth.accessTokens in 2.11.

* remove unused reviewBoard site config property

There was no code that used this.

* remove disableBrowserExtension site config

This was not known to be used by any instances, and this functionality (if needed) is better handled by nginx.
This commit is contained in:
Quinn Slack 2019-02-06 00:21:46 -08:00 committed by GitHub
parent fea4cb070a
commit 7e4159cd43
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
10 changed files with 225 additions and 294 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
CHANGELOG.md
View File

@ -15,6 +15,9 @@ All notable changes to Sourcegraph are documented in this file.
### Removed
- The deprecated `auth.disableAccessTokens` site config property was removed. Use `auth.accessTokens` instead.
- The `disableBrowserExtension` site config property was removed. [Configure nginx](https://docs.sourcegraph.com/admin/nginx) instead to block clients (if needed).
## 3.0.0
See the changelog entries for 3.0.0 beta releases and our [3.0](doc/admin/migration/3_0.md) upgrade guide if you are upgrading from 2.x.
@ -592,7 +595,7 @@ See the changelog entries for 3.0.0 beta releases and our [3.0](doc/admin/migrat
### Added
- Users (and site admins) may now create and manage access tokens to authenticate API clients. The site config `auth.disableAccessTokens` disables this new feature. Access tokens are currently only supported when using the `builtin` and `http-header` authentication providers (not OpenID Connect or SAML).
- Users (and site admins) may now create and manage access tokens to authenticate API clients. The site config `auth.disableAccessTokens` (renamed to `auth.accessTokens` in 2.11) disables this new feature. Access tokens are currently only supported when using the `builtin` and `http-header` authentication providers (not OpenID Connect or SAML).
- User and site admin management capabilities for user email addresses are improved.
- The user and organization management UI has been greatly improved. Site admins may now administer all organizations (even those they aren't a member of) and may edit profile info and configuration for all users.
- If SSO is enabled (via OpenID Connect or SAML) and the SSO system provides user avatar images and/or display names, those are now used by Sourcegraph.

4
cmd/frontend/graphqlbackend/client_configuration.go
View File

@ -67,10 +67,6 @@ func (r *schemaResolver) ClientConfiguration(ctx context.Context) (*clientConfig
contentScriptUrls = append(contentScriptUrls, ph.Url)
}
for _, rb := range cfg.ReviewBoard {
contentScriptUrls = append(contentScriptUrls, rb.Url)
}
var parentSourcegraph parentSourcegraphResolver
if cfg.ParentSourcegraph != nil {
parentSourcegraph.url = cfg.ParentSourcegraph.Url

7
cmd/frontend/internal/cli/http.go
View File

@ -137,7 +137,7 @@ func secureHeadersMiddleware(next http.Handler) http.Handler {
// If the headerOrigin is the development or production Chrome Extension explicitly set the Allow-Control-Allow-Origin
// to the incoming header URL. Otherwise use the configured CORS origin.
headerOrigin := r.Header.Get("Origin")
isExtensionRequest := (headerOrigin == devExtension || headerOrigin == prodExtension) && !conf.Get().DisableBrowserExtension
isExtensionRequest := headerOrigin == devExtension || headerOrigin == prodExtension
if corsOrigin := conf.Get().CorsOrigin; corsOrigin != "" || isExtensionRequest {
w.Header().Set("Access-Control-Allow-Credentials", "true")
@ -165,10 +165,7 @@ func secureHeadersMiddleware(next http.Handler) http.Handler {
func isTrustedOrigin(r *http.Request) bool {
requestOrigin := r.Header.Get("Origin")
var isExtensionRequest bool
if !conf.Get().DisableBrowserExtension {
isExtensionRequest = requestOrigin == devExtension || requestOrigin == prodExtension
}
isExtensionRequest := requestOrigin == devExtension || requestOrigin == prodExtension
var isCORSAllowedRequest bool
if corsOrigin := conf.Get().CorsOrigin; corsOrigin != "" {

155
doc/admin/site_config/all.md
View File

@ -19,8 +19,6 @@ For more information, see ["Configuration overview"](index.md).
- [corsOrigin](all.md#corsorigin-string)
- [disableBrowserExtension](all.md#disablebrowserextension-boolean)
- [disableAutoGitUpdates](all.md#disableautogitupdates-boolean)
- [disablePublicRepoRedirects](all.md#disablepublicreporedirects-boolean)
@ -45,8 +43,6 @@ For more information, see ["Configuration overview"](index.md).
- [gitMaxConcurrentClones](all.md#gitmaxconcurrentclones-integer)
- [reviewBoard](all.md#reviewboard-array)
- [lightstepAccessToken](all.md#lightstepaccesstoken-string)
- [lightstepProject](all.md#lightstepproject-string)
@ -73,17 +69,15 @@ For more information, see ["Configuration overview"](index.md).
- [auth.providers](all.md#auth-providers-array)
- [auth.disableAccessTokens](all.md#auth-disableaccesstokens-boolean)
- [auth.accessTokens](all.md#auth-accesstokens-object)
- [auth.public](all.md#auth-public-boolean)
- [auth.sessionExpiry](all.md#auth-sessionexpiry-string)
- [email.smtp](all.md#email-smtp-smtpserverconfig-smtpserverconfig-object)
- [email.smtp](all.md#email-smtp)
- [email.imap](all.md#email-imap-imapserverconfig-imapserverconfig-object)
- [email.imap](all.md#email-imap)
- [email.address](all.md#email-address-string)
@ -123,10 +117,6 @@ For more information, see ["Configuration overview"](index.md).
- [AuthProviderCommon](all.md#authprovidercommon-object)
- [SMTPServerConfig](all.md#smtpserverconfig-object)
- [IMAPServerConfig](all.md#imapserverconfig-object)
- [SiteConfigSearchScope](all.md#siteconfigsearchscope-array)
<hr />
@ -215,14 +205,6 @@ Value for the Access-Control-Allow-Origin header returned with all requests.
<br/>
## disableBrowserExtension (boolean)
Disable incoming connections from the Sourcegraph browser extension.
Default: `false`
<br/>
## disableAutoGitUpdates (boolean)
Disable periodically fetching git contents for existing repositories.
@ -453,16 +435,6 @@ The elements of the array must be of the following types:
<br/>
## auth.disableAccessTokens (boolean)
DEPRECATED. Use "auth.accessTokens.restrict" with value "disable" instead.
Prevents users from creating access tokens, which enable external tools to access the Sourcegraph API with the privileges of the user.
Default: `false`
<br/>
## auth.accessTokens (object)
Settings for access tokens, which enable external tools to access the Sourcegraph API with the privileges of the user.
@ -514,11 +486,68 @@ Default: `"2160h"`
<br/>
## email.smtp ([SMTPServerConfig](all.md#smtpserverconfig-object))
## email.smtp
The SMTP server used to send transactional emails (such as email verifications, reset-password emails, and notifications).
Properties of the `SMTPServerConfig` object:
### host (string, required)
The SMTP server host.
### port (integer, required)
The SMTP server port.
### username (string)
The username to use when communicating with the SMTP server.
### password (string)
The username to use when communicating with the SMTP server.
### authentication (string, enum, required)
The type of authentication to use for the SMTP server.
This property must be one of the following enum values:
- `none`
- `PLAIN`
- `CRAM-MD5`
### domain (string)
The HELO domain to provide to the SMTP server (if needed).
<br/>
## email.imap ([IMAPServerConfig](all.md#imapserverconfig-object))
## email.imap
Optional. The IMAP server used to retrieve emails (such as code discussion reply emails).
Properties of the `IMAPServerConfig` object:
### host (string, required)
The IMAP server host.
### port (integer, required)
The IMAP server port.
### username (string)
The username to use when communicating with the IMAP server.
### password (string)
The username to use when communicating with the IMAP server.
<hr />
<br/>
@ -1228,68 +1257,6 @@ The name to use when displaying this authentication provider in the UI. Defaults
<hr />
## SMTPServerConfig (object)
The SMTP server used to send transactional emails (such as email verifications, reset-password emails, and notifications).
Properties of the `SMTPServerConfig` object:
### host (string, required)
The SMTP server host.
### port (integer, required)
The SMTP server port.
### username (string)
The username to use when communicating with the SMTP server.
### password (string)
The username to use when communicating with the SMTP server.
### authentication (string, enum, required)
The type of authentication to use for the SMTP server.
This property must be one of the following enum values:
- `none`
- `PLAIN`
- `CRAM-MD5`
### domain (string)
The HELO domain to provide to the SMTP server (if needed).
<hr />
## IMAPServerConfig (object)
Optional. The IMAP server used to retrieve emails (such as code discussion reply emails).
Properties of the `IMAPServerConfig` object:
### host (string, required)
The IMAP server host.
### port (integer, required)
The IMAP server port.
### username (string)
The username to use when communicating with the IMAP server.
### password (string)
The username to use when communicating with the IMAP server.
<hr />
## SiteConfigSearchScope (array)
Predefined search scopes

4
pkg/conf/computed.go
View File

@ -156,10 +156,6 @@ const (
// AccessTokensAllow returns whether access tokens are enabled, disabled, or restricted to creation by admin users.
func AccessTokensAllow() AccessTokAllow {
if Get().AuthDisableAccessTokens {
return AccessTokensNone
}
cfg := Get().AuthAccessTokens
if cfg == nil {
return AccessTokensAll

16
pkg/conf/diff_test.go
View File

@ -29,37 +29,37 @@ func TestDiff(t *testing.T) {
{
name: "slice_diff",
before: &Unified{
SiteConfiguration: schema.SiteConfiguration{ReviewBoard: []*schema.ReviewBoard{{Url: "a"}}},
SiteConfiguration: schema.SiteConfiguration{GitCloneURLToRepositoryName: []*schema.CloneURLToRepositoryName{{From: "a"}}},
Critical: schema.CriticalConfiguration{ExternalURL: "a"},
},
after: &Unified{
SiteConfiguration: schema.SiteConfiguration{ReviewBoard: []*schema.ReviewBoard{{Url: "b"}}},
SiteConfiguration: schema.SiteConfiguration{GitCloneURLToRepositoryName: []*schema.CloneURLToRepositoryName{{From: "b"}}},
Critical: schema.CriticalConfiguration{ExternalURL: "a"},
},
want: []string{"reviewBoard"},
want: []string{"git.cloneURLToRepositoryName"},
},
{
name: "slice_nodiff",
before: &Unified{
SiteConfiguration: schema.SiteConfiguration{ReviewBoard: []*schema.ReviewBoard{{Url: "a"}}},
SiteConfiguration: schema.SiteConfiguration{GitCloneURLToRepositoryName: []*schema.CloneURLToRepositoryName{{From: "a"}}},
Critical: schema.CriticalConfiguration{ExternalURL: "a"},
},
after: &Unified{
SiteConfiguration: schema.SiteConfiguration{ReviewBoard: []*schema.ReviewBoard{{Url: "a"}}},
SiteConfiguration: schema.SiteConfiguration{GitCloneURLToRepositoryName: []*schema.CloneURLToRepositoryName{{From: "a"}}},
Critical: schema.CriticalConfiguration{ExternalURL: "a"},
},
},
{
name: "multi_diff",
before: &Unified{
SiteConfiguration: schema.SiteConfiguration{ReviewBoard: []*schema.ReviewBoard{{Url: "b"}}},
SiteConfiguration: schema.SiteConfiguration{GitCloneURLToRepositoryName: []*schema.CloneURLToRepositoryName{{From: "b"}}},
Critical: schema.CriticalConfiguration{ExternalURL: "a"},
},
after: &Unified{
SiteConfiguration: schema.SiteConfiguration{ReviewBoard: []*schema.ReviewBoard{{Url: "a"}}},
SiteConfiguration: schema.SiteConfiguration{GitCloneURLToRepositoryName: []*schema.CloneURLToRepositoryName{{From: "a"}}},
Critical: schema.CriticalConfiguration{ExternalURL: "b"},
},
want: []string{"critical::externalURL", "reviewBoard"},
want: []string{"critical::externalURL", "git.cloneURLToRepositoryName"},
},
{
name: "experimental_features",

2
pkg/conf/parse.go
View File

@ -52,11 +52,9 @@ func ParseConfig(data conftypes.RawUnified) (*Unified, error) {
var requireRestart = []string{
"auth.accessTokens",
"auth.sessionExpiry",
"auth.disableAccessTokens",
"git.cloneURLToRepositoryName",
"searchScopes",
"extensions",
"disableBrowserExtension",
"disablePublicRepoRedirects",
// Options defined in critical.schema.json are prefixed with "critical::"

6
schema/schema.go
View File

@ -254,9 +254,6 @@ type Repos struct {
Callsign string `json:"callsign"`
Path string `json:"path"`
}
type ReviewBoard struct {
Url string `json:"url,omitempty"`
}
// SAMLAuthProvider description: Configures the SAML authentication provider for SSO.
//
@ -317,10 +314,8 @@ type Settings struct {
// SiteConfiguration description: Configuration for a Sourcegraph site.
type SiteConfiguration struct {
AuthAccessTokens *AuthAccessTokens `json:"auth.accessTokens,omitempty"`
AuthDisableAccessTokens bool `json:"auth.disableAccessTokens,omitempty"`
CorsOrigin string `json:"corsOrigin,omitempty"`
DisableAutoGitUpdates bool `json:"disableAutoGitUpdates,omitempty"`
DisableBrowserExtension bool `json:"disableBrowserExtension,omitempty"`
DisableBuiltInSearches bool `json:"disableBuiltInSearches,omitempty"`
DisablePublicRepoRedirects bool `json:"disablePublicRepoRedirects,omitempty"`
Discussions *Discussions `json:"discussions,omitempty"`
@ -337,7 +332,6 @@ type SiteConfiguration struct {
MaxReposToSearch int `json:"maxReposToSearch,omitempty"`
ParentSourcegraph *ParentSourcegraph `json:"parentSourcegraph,omitempty"`
RepoListUpdateInterval int `json:"repoListUpdateInterval,omitempty"`
ReviewBoard []*ReviewBoard `json:"reviewBoard,omitempty"`
SearchIndexEnabled *bool `json:"search.index.enabled,omitempty"`
}

160
schema/site.schema.json
View File

@ -44,11 +44,6 @@
"description": "Value for the Access-Control-Allow-Origin header returned with all requests.",
"type": "string"
},
"disableBrowserExtension": {
"type": "boolean",
"default": false,
"description": "Disable incoming connections from the Sourcegraph browser extension."
},
"disableAutoGitUpdates": {
"description": "Disable periodically fetching git contents for existing repositories.",
"type": "boolean",
@ -80,20 +75,6 @@
"type": "integer",
"default": 5
},
"reviewBoard": {
"description": "JSON array of configuration for Review Board.",
"type": "array",
"items": {
"type": "object",
"additionalProperties": false,
"properties": {
"url": {
"description": "URL to Review Board homepage.",
"type": "string"
}
}
}
},
"repoListUpdateInterval": {
"description":
"Interval (in minutes) for checking code hosts (such as GitHub, Gitolite, etc.) for new repositories.",
@ -117,12 +98,6 @@
}
}
},
"auth.disableAccessTokens": {
"description":
"DEPRECATED. Use \"auth.accessTokens.restrict\" with value \"disable\" instead.\n\nPrevents users from creating access tokens, which enable external tools to access the Sourcegraph API with the privileges of the user.",
"type": "boolean",
"default": false
},
"auth.accessTokens": {
"description":
"Settings for access tokens, which enable external tools to access the Sourcegraph API with the privileges of the user.",
@ -139,10 +114,83 @@
}
},
"email.smtp": {
"$ref": "#/definitions/SMTPServerConfig"
"title": "SMTPServerConfig",
"description":
"The SMTP server used to send transactional emails (such as email verifications, reset-password emails, and notifications).",
"type": "object",
"additionalProperties": false,
"required": ["host", "port", "authentication"],
"properties": {
"host": {
"description": "The SMTP server host.",
"type": "string"
},
"port": {
"description": "The SMTP server port.",
"type": "integer"
},
"username": {
"description": "The username to use when communicating with the SMTP server.",
"type": "string"
},
"password": {
"description": "The username to use when communicating with the SMTP server.",
"type": "string"
},
"authentication": {
"description": "The type of authentication to use for the SMTP server.",
"type": "string",
"enum": ["none", "PLAIN", "CRAM-MD5"]
},
"domain": {
"description": "The HELO domain to provide to the SMTP server (if needed).",
"type": "string"
}
},
"default": null,
"examples": [
{
"host": "smtp.example.com",
"port": 465,
"username": "alice",
"password": "mypassword",
"authentication": "PLAIN"
}
]
},
"email.imap": {
"$ref": "#/definitions/IMAPServerConfig"
"title": "IMAPServerConfig",
"description": "Optional. The IMAP server used to retrieve emails (such as code discussion reply emails).",
"type": "object",
"additionalProperties": false,
"required": ["host", "port"],
"properties": {
"host": {
"description": "The IMAP server host.",
"type": "string"
},
"port": {
"description": "The IMAP server port.",
"type": "integer"
},
"username": {
"description": "The username to use when communicating with the IMAP server.",
"type": "string"
},
"password": {
"description": "The username to use when communicating with the IMAP server.",
"type": "string"
}
},
"default": null,
"examples": [
{
"host": "imap.example.com",
"port": 993,
"username": "alice",
"password": "mypassword"
}
]
},
"email.address": {
"description": "The \"from\" address for emails sent by this server.",
@ -617,64 +665,6 @@
"type": "string"
}
}
},
"SMTPServerConfig": {
"description":
"The SMTP server used to send transactional emails (such as email verifications, reset-password emails, and notifications).",
"type": "object",
"additionalProperties": false,
"required": ["host", "port", "authentication"],
"properties": {
"host": {
"description": "The SMTP server host.",
"type": "string"
},
"port": {
"description": "The SMTP server port.",
"type": "integer"
},
"username": {
"description": "The username to use when communicating with the SMTP server.",
"type": "string"
},
"password": {
"description": "The username to use when communicating with the SMTP server.",
"type": "string"
},
"authentication": {
"description": "The type of authentication to use for the SMTP server.",
"type": "string",
"enum": ["none", "PLAIN", "CRAM-MD5"]
},
"domain": {
"description": "The HELO domain to provide to the SMTP server (if needed).",
"type": "string"
}
}
},
"IMAPServerConfig": {
"description": "Optional. The IMAP server used to retrieve emails (such as code discussion reply emails).",
"type": "object",
"additionalProperties": false,
"required": ["host", "port"],
"properties": {
"host": {
"description": "The IMAP server host.",
"type": "string"
},
"port": {
"description": "The IMAP server port.",
"type": "integer"
},
"username": {
"description": "The username to use when communicating with the IMAP server.",
"type": "string"
},
"password": {
"description": "The username to use when communicating with the IMAP server.",
"type": "string"
}
}
}
}
}

160
schema/site_stringdata.go
View File

@ -49,11 +49,6 @@ const SiteSchemaJSON = `{
"description": "Value for the Access-Control-Allow-Origin header returned with all requests.",
"type": "string"
},
"disableBrowserExtension": {
"type": "boolean",
"default": false,
"description": "Disable incoming connections from the Sourcegraph browser extension."
},
"disableAutoGitUpdates": {
"description": "Disable periodically fetching git contents for existing repositories.",
"type": "boolean",
@ -85,20 +80,6 @@ const SiteSchemaJSON = `{
"type": "integer",
"default": 5
},
"reviewBoard": {
"description": "JSON array of configuration for Review Board.",
"type": "array",
"items": {
"type": "object",
"additionalProperties": false,
"properties": {
"url": {
"description": "URL to Review Board homepage.",
"type": "string"
}
}
}
},
"repoListUpdateInterval": {
"description":
"Interval (in minutes) for checking code hosts (such as GitHub, Gitolite, etc.) for new repositories.",
@ -122,12 +103,6 @@ const SiteSchemaJSON = `{
}
}
},
"auth.disableAccessTokens": {
"description":
"DEPRECATED. Use \"auth.accessTokens.restrict\" with value \"disable\" instead.\n\nPrevents users from creating access tokens, which enable external tools to access the Sourcegraph API with the privileges of the user.",
"type": "boolean",
"default": false
},
"auth.accessTokens": {
"description":
"Settings for access tokens, which enable external tools to access the Sourcegraph API with the privileges of the user.",
@ -144,10 +119,83 @@ const SiteSchemaJSON = `{
}
},
"email.smtp": {
"$ref": "#/definitions/SMTPServerConfig"
"title": "SMTPServerConfig",
"description":
"The SMTP server used to send transactional emails (such as email verifications, reset-password emails, and notifications).",
"type": "object",
"additionalProperties": false,
"required": ["host", "port", "authentication"],
"properties": {
"host": {
"description": "The SMTP server host.",
"type": "string"
},
"port": {
"description": "The SMTP server port.",
"type": "integer"
},
"username": {
"description": "The username to use when communicating with the SMTP server.",
"type": "string"
},
"password": {
"description": "The username to use when communicating with the SMTP server.",
"type": "string"
},
"authentication": {
"description": "The type of authentication to use for the SMTP server.",
"type": "string",
"enum": ["none", "PLAIN", "CRAM-MD5"]
},
"domain": {
"description": "The HELO domain to provide to the SMTP server (if needed).",
"type": "string"
}
},
"default": null,
"examples": [
{
"host": "smtp.example.com",
"port": 465,
"username": "alice",
"password": "mypassword",
"authentication": "PLAIN"
}
]
},
"email.imap": {
"$ref": "#/definitions/IMAPServerConfig"
"title": "IMAPServerConfig",
"description": "Optional. The IMAP server used to retrieve emails (such as code discussion reply emails).",
"type": "object",
"additionalProperties": false,
"required": ["host", "port"],
"properties": {
"host": {
"description": "The IMAP server host.",
"type": "string"
},
"port": {
"description": "The IMAP server port.",
"type": "integer"
},
"username": {
"description": "The username to use when communicating with the IMAP server.",
"type": "string"
},
"password": {
"description": "The username to use when communicating with the IMAP server.",
"type": "string"
}
},
"default": null,
"examples": [
{
"host": "imap.example.com",
"port": 993,
"username": "alice",
"password": "mypassword"
}
]
},
"email.address": {
"description": "The \"from\" address for emails sent by this server.",
@ -622,64 +670,6 @@ const SiteSchemaJSON = `{
"type": "string"
}
}
},
"SMTPServerConfig": {
"description":
"The SMTP server used to send transactional emails (such as email verifications, reset-password emails, and notifications).",
"type": "object",
"additionalProperties": false,
"required": ["host", "port", "authentication"],
"properties": {
"host": {
"description": "The SMTP server host.",
"type": "string"
},
"port": {
"description": "The SMTP server port.",
"type": "integer"
},
"username": {
"description": "The username to use when communicating with the SMTP server.",
"type": "string"
},
"password": {
"description": "The username to use when communicating with the SMTP server.",
"type": "string"
},
"authentication": {
"description": "The type of authentication to use for the SMTP server.",
"type": "string",
"enum": ["none", "PLAIN", "CRAM-MD5"]
},
"domain": {
"description": "The HELO domain to provide to the SMTP server (if needed).",
"type": "string"
}
}
},
"IMAPServerConfig": {
"description": "Optional. The IMAP server used to retrieve emails (such as code discussion reply emails).",
"type": "object",
"additionalProperties": false,
"required": ["host", "port"],
"properties": {
"host": {
"description": "The IMAP server host.",
"type": "string"
},
"port": {
"description": "The IMAP server port.",
"type": "integer"
},
"username": {
"description": "The username to use when communicating with the IMAP server.",
"type": "string"
},
"password": {
"description": "The username to use when communicating with the IMAP server.",
"type": "string"
}
}
}
}
}