mirror of
https://github.com/sourcegraph/sourcegraph.git
synced 2026-02-06 16:51:55 +00:00
83d0f6876c
Historically, sourcegraph.com has been the only instance. It was connected to GitHub.com and GitLab.com only. Configuration should be as simple as possible, and we wanted everyone to try it on any repo. So public repos were added on-demand when browsed from these code hosts. Since, dotcom is no longer the only instance, and this is a special case that only exists for sourcegraph.com. This causes a bunch of additional complexity and various extra code paths that we don't test well enough today. We want to make dotcom simpler to understand, so we've made the decision to disable that feature, and instead we will maintain a list of repositories that we have on the instance. We already disallowed several repos half a year ago, by restricting size of repos with few stars heavily. This is basically just a continuation of that. In the diff, you'll mostly find deletions. This PR does not do much other than removing the code paths that were only enabled in dotcom mode in the repo syncer, and then removes code that became unused as a result of that. ## Test plan Ran a dotcom mode instance locally, it did not behave differently than a regular instance wrt. repo cloning. We will need to verify during the rollout that we're not suddenly hitting code paths that don't scale to the dotcom size. ## Changelog Dotcom no longer clones repos on demand.
297 lines
13 KiB
JSON
297 lines
13 KiB
JSON
{
|
|
"$schema": "http://json-schema.org/draft-07/schema#",
|
|
"$id": "gitlab.schema.json#",
|
|
"title": "GitLabConnection",
|
|
"description": "Configuration for a connection to GitLab (GitLab.com or GitLab self-managed).",
|
|
"allowComments": true,
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"required": ["url", "token", "projectQuery"],
|
|
"properties": {
|
|
"url": {
|
|
"description": "URL of a GitLab instance, such as https://gitlab.example.com or (for GitLab.com) https://gitlab.com.",
|
|
"type": "string",
|
|
"pattern": "^https?://",
|
|
"not": {
|
|
"type": "string",
|
|
"pattern": "example\\.com"
|
|
},
|
|
"format": "uri",
|
|
"examples": ["https://gitlab.com", "https://gitlab.example.com"]
|
|
},
|
|
"token": {
|
|
"description": "A GitLab access token with \"api\" scope. Can be a personal access token (PAT) or an OAuth token. If you are enabling permissions with identity provider type \"external\", this token should also have \"sudo\" scope.",
|
|
"type": "string",
|
|
"minLength": 1
|
|
},
|
|
"token.type": {
|
|
"description": "The type of the token",
|
|
"type": "string",
|
|
"enum": ["pat", "oauth"],
|
|
"default": "pat"
|
|
},
|
|
"token.oauth.refresh": {
|
|
"description": "The OAuth refresh token",
|
|
"type": "string"
|
|
},
|
|
"token.oauth.expiry": {
|
|
"description": "The OAuth token expiry (Unix timestamp in seconds)",
|
|
"type": "integer"
|
|
},
|
|
"rateLimit": {
|
|
"description": "Rate limit applied when making background API requests to GitLab.",
|
|
"title": "GitLabRateLimit",
|
|
"type": "object",
|
|
"required": ["enabled", "requestsPerHour"],
|
|
"properties": {
|
|
"enabled": {
|
|
"description": "true if rate limiting is enabled.",
|
|
"type": "boolean",
|
|
"default": true
|
|
},
|
|
"requestsPerHour": {
|
|
"description": "Requests per hour permitted. This is an average, calculated per second. Internally the burst limit is set to 100, which implies that for a requests per hour limit as low as 1, users will continue to be able to send a maximum of 100 requests immediately, provided that the complexity cost of each request is 1.",
|
|
"type": "number",
|
|
"default": 36000,
|
|
"minimum": 0
|
|
}
|
|
},
|
|
"default": {
|
|
"enabled": true,
|
|
"requestsPerHour": 36000
|
|
}
|
|
},
|
|
"gitURLType": {
|
|
"description": "The type of Git URLs to use for cloning and fetching Git repositories on this GitLab instance.\n\nIf \"http\", Sourcegraph will access GitLab repositories using Git URLs of the form http(s)://gitlab.example.com/myteam/myproject.git (using https: if the GitLab instance uses HTTPS).\n\nIf \"ssh\", Sourcegraph will access GitLab repositories using Git URLs of the form git@example.gitlab.com:myteam/myproject.git. See the documentation for how to provide SSH private keys and known_hosts: https://sourcegraph.com/docs/admin/repo/auth#repositories-that-need-http-s-or-ssh-authentication.",
|
|
"type": "string",
|
|
"enum": ["http", "ssh"],
|
|
"default": "http"
|
|
},
|
|
"certificate": {
|
|
"description": "TLS certificate of the GitLab instance. This is only necessary if the certificate is self-signed or signed by an internal CA. To get the certificate run `openssl s_client -connect HOST:443 -showcerts < /dev/null 2> /dev/null | openssl x509 -outform PEM`. To escape the value into a JSON string, you may want to use a tool like https://json-escape-text.now.sh.",
|
|
"type": "string",
|
|
"pattern": "^-----BEGIN CERTIFICATE-----\n",
|
|
"examples": ["-----BEGIN CERTIFICATE-----\n..."]
|
|
},
|
|
"projects": {
|
|
"description": "A list of projects to mirror from this GitLab instance. Supports including by name ({\"name\": \"group/name\"}) or by ID ({\"id\": 42}).",
|
|
"type": "array",
|
|
"minItems": 1,
|
|
"items": {
|
|
"type": "object",
|
|
"title": "GitLabProject",
|
|
"additionalProperties": false,
|
|
"oneOf": [{ "required": ["name"] }, { "required": ["id"] }],
|
|
"properties": {
|
|
"name": {
|
|
"description": "The name of a GitLab project (\"group/name\") to mirror.",
|
|
"type": "string",
|
|
"pattern": "^[\\w.-]+(/[\\w.-]+)+$"
|
|
},
|
|
"id": {
|
|
"description": "The ID of a GitLab project (as returned by the GitLab instance's API) to mirror.",
|
|
"type": "integer"
|
|
}
|
|
}
|
|
},
|
|
"examples": [
|
|
[{ "name": "group/name" }, { "id": 42 }],
|
|
[{ "name": "gnachman/iterm2" }, { "name": "gitlab-org/gitlab-ce" }]
|
|
]
|
|
},
|
|
"exclude": {
|
|
"description": "A list of projects to never mirror from this GitLab instance. Takes precedence over \"projects\" and \"projectQuery\" configuration. Supports excluding by name ({\"name\": \"group/name\"}) or by ID ({\"id\": 42}).",
|
|
"type": "array",
|
|
"items": {
|
|
"type": "object",
|
|
"title": "ExcludedGitLabProject",
|
|
"additionalProperties": false,
|
|
"anyOf": [
|
|
{ "required": ["name"] },
|
|
{ "required": ["id"] },
|
|
{ "required": ["emptyRepos"] },
|
|
{ "required": ["pattern"] }
|
|
],
|
|
"properties": {
|
|
"name": {
|
|
"description": "The name of a GitLab project (\"group/name\") to exclude from mirroring.",
|
|
"type": "string",
|
|
"pattern": "^[\\w.-]+(/[\\w.-]+)+$"
|
|
},
|
|
"id": {
|
|
"description": "The ID of a GitLab project (as returned by the GitLab instance's API) to exclude from mirroring.",
|
|
"type": "integer"
|
|
},
|
|
"emptyRepos": {
|
|
"description": "Whether to exclude empty repositories.",
|
|
"type": "boolean"
|
|
},
|
|
"pattern": {
|
|
"description": "Regular expression which matches against the name of a GitLab project (\"group/name\").",
|
|
"type": "string",
|
|
"format": "regex"
|
|
}
|
|
}
|
|
},
|
|
"examples": [
|
|
[{ "name": "group/name" }, { "id": 42 }, { "emptyRepos": true }],
|
|
[{ "name": "gitlab-org/gitlab-ee" }, { "name": "gitlab-com/www-gitlab-com" }]
|
|
]
|
|
},
|
|
"projectQuery": {
|
|
"description": "An array of strings specifying which GitLab projects to mirror on Sourcegraph. Each string is a URL path and query that targets a GitLab API endpoint returning a list of projects. If the string only contains a query, then \"projects\" is used as the path. Examples: \"?membership=true&search=foo\", \"groups/mygroup/projects\".\n\nThe special string \"none\" can be used as the only element to disable this feature. Projects matched by multiple query strings are only imported once. Here are a few endpoints that return a list of projects: https://docs.gitlab.com/ee/api/projects.html#list-all-projects, https://docs.gitlab.com/ee/api/groups.html#list-a-groups-projects, https://docs.gitlab.com/ee/api/search.html#scope-projects.",
|
|
"type": "array",
|
|
"default": ["none"],
|
|
"items": {
|
|
"type": "string",
|
|
"minLength": 1
|
|
},
|
|
"minItems": 1,
|
|
"examples": [["?membership=true&search=foo", "groups/mygroup/projects"]]
|
|
},
|
|
"repositoryPathPattern": {
|
|
"description": "The pattern used to generate a the corresponding Sourcegraph repository name for a GitLab project. In the pattern, the variable \"{host}\" is replaced with the GitLab URL's host (such as gitlab.example.com), and \"{pathWithNamespace}\" is replaced with the GitLab project's \"namespace/path\" (such as \"myteam/myproject\").\n\nFor example, if your GitLab is https://gitlab.example.com and your Sourcegraph is https://src.example.com, then a repositoryPathPattern of \"{host}/{pathWithNamespace}\" would mean that a GitLab project at https://gitlab.example.com/myteam/myproject is available on Sourcegraph at https://src.example.com/gitlab.example.com/myteam/myproject.\n\nIt is important that the Sourcegraph repository name generated with this pattern be unique to this code host. If different code hosts generate repository names that collide, Sourcegraph's behavior is undefined.",
|
|
"type": "string",
|
|
"default": "{host}/{pathWithNamespace}"
|
|
},
|
|
"nameTransformations": {
|
|
"description": "An array of transformations will apply to the repository name. Currently, only regex replacement is supported. All transformations happen after \"repositoryPathPattern\" is processed.",
|
|
"type": "array",
|
|
"items": {
|
|
"$ref": "#/definitions/NameTransformation"
|
|
},
|
|
"examples": [
|
|
[
|
|
{
|
|
"regex": "\\.d/",
|
|
"replacement": "/"
|
|
},
|
|
{
|
|
"regex": "-git$",
|
|
"replacement": ""
|
|
}
|
|
]
|
|
]
|
|
},
|
|
"initialRepositoryEnablement": {
|
|
"description": "Deprecated and ignored field which will be removed entirely in the next release. GitLab repositories can no longer be enabled or disabled explicitly.",
|
|
"type": "boolean"
|
|
},
|
|
"markInternalReposAsPublic": {
|
|
"description": "If true, internal repositories will be accessible to all users on Sourcegraph as if they were public, and user permission syncs will no longer check for public repositories. This overrides repository permissions but allows easier discovery and access to internal repositories, and may be desirable if all users on the Sourcegraph instance should have access to all internal repositories anyways. Defaults to false.",
|
|
"type": "boolean",
|
|
"default": false
|
|
},
|
|
"authorization": {
|
|
"title": "GitLabAuthorization",
|
|
"description": "If non-null, enforces GitLab repository permissions. This requires that there be an item in the `auth.providers` field of type \"gitlab\" with the same `url` field as specified in this `GitLabConnection`.",
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"required": ["identityProvider"],
|
|
"properties": {
|
|
"identityProvider": {
|
|
"description": "The source of identity to use when computing permissions. This defines how to compute the GitLab identity to use for a given Sourcegraph user.",
|
|
"type": "object",
|
|
"required": ["type"],
|
|
"properties": {
|
|
"type": {
|
|
"type": "string",
|
|
"enum": ["oauth", "username", "external"]
|
|
}
|
|
},
|
|
"oneOf": [
|
|
{ "$ref": "#/definitions/OAuthIdentity" },
|
|
{ "$ref": "#/definitions/UsernameIdentity" },
|
|
{ "$ref": "#/definitions/ExternalIdentity" }
|
|
],
|
|
"!go": {
|
|
"taggedUnionType": true
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"webhooks": {
|
|
"description": "An array of webhook configurations",
|
|
"deprecationMessage": "Deprecated in favour of first class webhooks. See https://sourcegraph.com/docs/admin/config/webhooks/incoming#deprecation-notice",
|
|
"type": "array",
|
|
"items": {
|
|
"type": "object",
|
|
"title": "GitLabWebhook",
|
|
"required": ["secret"],
|
|
"additionalProperties": false,
|
|
"properties": {
|
|
"secret": {
|
|
"description": "The secret used to authenticate incoming webhook requests",
|
|
"type": "string",
|
|
"minLength": 1
|
|
}
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"definitions": {
|
|
"OAuthIdentity": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"required": ["type"],
|
|
"properties": {
|
|
"type": {
|
|
"type": "string",
|
|
"const": "oauth"
|
|
}
|
|
}
|
|
},
|
|
"UsernameIdentity": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"required": ["type"],
|
|
"properties": {
|
|
"type": {
|
|
"type": "string",
|
|
"const": "username"
|
|
}
|
|
}
|
|
},
|
|
"ExternalIdentity": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"required": ["type", "authProviderID", "authProviderType", "gitlabProvider"],
|
|
"properties": {
|
|
"type": {
|
|
"type": "string",
|
|
"const": "external"
|
|
},
|
|
"authProviderID": {
|
|
"type": "string",
|
|
"description": "The value of the `configID` field of the targeted authentication provider."
|
|
},
|
|
"authProviderType": {
|
|
"type": "string",
|
|
"description": "The `type` field of the targeted authentication provider."
|
|
},
|
|
"gitlabProvider": {
|
|
"type": "string",
|
|
"description": "The name that identifies the authentication provider to GitLab. This is passed to the `?provider=` query parameter in calls to the GitLab Users API. If you're not sure what this value is, you can look at the `identities` field of the GitLab Users API result (`curl -H 'PRIVATE-TOKEN: $YOUR_TOKEN' $GITLAB_URL/api/v4/users`)."
|
|
}
|
|
}
|
|
},
|
|
"NameTransformation": {
|
|
"title": "GitLabNameTransformation",
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"anyOf": [{ "required": ["regex", "replacement"] }],
|
|
"properties": {
|
|
"regex": {
|
|
"type": "string",
|
|
"format": "regex",
|
|
"description": "The regex to match for the occurrences of its replacement."
|
|
},
|
|
"replacement": {
|
|
"type": "string",
|
|
"description": "The replacement used to replace all matched occurrences by the regex."
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|