Yeah the iconography has changed from round to square, also the I haven’t seen people using GL with the left bar minimised for a long time so I assumed that default had been changed?
The demo wireframe image (navigation_wireframe.png
) used on blog posts and release announcements is out of date for the new UI.
It's especially confusing as it's used in the section that talks about the new UI!
GitLab 10 release announcement and blog post: https://about.gitlab.com/2017/09/22/gitlab-10-0-released/#new-user-experience
Has the old UI sidebar and iconography.
As it's used to talk about the new UI, it should probably be representative of the new UI.
+1 from Infoxchange for this, we'd find it very useful.
I think what might be helpful is if the commands passing of keyfile
was more explicit.
At present:
# cryptsetup --help|egrep 'keyfile|key-file'
-d, --key-file=STRING Read the key from a file.
--master-key-file=STRING Read the volume (master) key from file.
-l, --keyfile-size=bytes Limits the read from keyfile
--keyfile-offset=bytes Number of bytes to skip in keyfile
--new-keyfile-size=bytes Limits the read from newly added keyfile
--new-keyfile-offset=bytes Number of bytes to skip in newly added
keyfile
'Read the key from a file' is ambiguous and leads me to think that the syntax to add a key would either be:
cryptsetup luksAddKey /dev/sdb --key-file=/keytoadd
or
cryptsetup luksAddKey /dev/sdb --key-file=/existingkey --key-file=/keytoadd
Note: From memory (I could be wrong) we run the command with -v
and it didn't complain about the --key-file=bla
being passed to it or the lack of a key from $1
.
Side note: I wonder if it's worth having a check / test for this that alerts if the authorized_keys file is read only?
Perhaps if we're the only people that have been hit by this it's not worth it?
Note: I have restored a backup of the production database (on the host with this issue) onto our dev / pre-prod testing host and the authorized_keys file does seem to be generating correctly and working as expected in dev.
Interesting point of note:
When running
Prod (broken):
root@int-gitlab-01:~ # sudo gitlab-rake gitlab:shell:setup
This will rebuild an authorized_keys file.
You will lose any data stored in authorized_keys file.
Do you want to continue (yes/no)? yes
root@int-gitlab-01:~ # su - git
Last login: Mon Jul 10 09:12:37 AEST 2017 on pts/3
git@int-gitlab-01:~ # cd .ssh
git@int-gitlab-01:~/.ssh # ls -la authorized_keys
-rw-------. 1 git git 83205 May 22 15:36 authorized_keys
git@int-gitlab-01:~/.ssh #
Note that the file date suggests the authorized_keys file hasn't been updated since May 22.
However,
Dev (working):
root@dev-gitlab:~ # sudo gitlab-rake gitlab:shell:setup
This will rebuild an authorized_keys file.
You will lose any data stored in authorized_keys file.
Do you want to continue (yes/no)? yes
root@dev-gitlab:~ # su - git
Last login: Mon Jul 10 09:02:19 AEST 2017 on pts/1
git@dev-gitlab:~ # cd .ssh
git@dev-gitlab:~/.ssh # ls -la authorized_keys
-rw-------. 1 git git 43286 Jul 10 08:57 authorized_keys
The file is dated today at the time I regenerated the file.
authorized_keys file is not being updated when users add new keys or when new users are added
As an existing GitLab user, add a new SSH key to your account. Try to use this ssh key to pull or push code.
Note: It does not matter if the key is ed25519 or RSA and the key size has impact either.
Private / Self-Hosted Omnibus Install
User should be able to pull/push with new key.
gitlab-rake check
...
# (exits 0)
and no errors
sudo gitlab-rake gitlab:shell:setup
# (exits 0)
However the authorized_keys file is not updated, if you first delete it, it is not recreated.
System information System: Proxy: no Current User: git Using RVM: no Ruby Version: 2.3.3p222 Gem Version: 2.6.6 Bundler Version:1.13.7 Rake Version: 10.5.0 Redis Version: 3.2.5 Git Version: 2.13.0 Sidekiq Version:5.0.0 Go Version: unknown
GitLab information Version: 9.3.5-ee Revision: 44d109d Directory: /opt/gitlab/embedded/service/gitlab-rails DB Adapter: postgresql DB Version: 9.6.3 URL: https://gitlab.office.infoxchange.net.au HTTP Clone URL: https://gitlab.office.infoxchange.net.au/some-group/some-project.git SSH Clone URL: git@gitlab.office.infoxchange.net.au:some-group/some-project.git Elasticsearch: no Geo: no Using LDAP: yes Using Omniauth: no
GitLab Shell Version: 5.1.1 Repository storage paths:
Checking GitLab Shell ...
GitLab Shell version >= 5.1.1 ? ... OK (5.1.1) Repo base directory exists? default... yes Repo storage directories are symlinks? default... no Repo paths owned by git:root, or git:git? default... yes Repo paths access is drwxrws---? default... yes hooks directories in repos are links: ... 3/2 ... ok 4/3 ... ok 3/4 ... ok 3/5 ... ok 3/6 ... ok 3/7 ... ok 2/8 ... ok 3/9 ... ok 4/12 ... ok 4/13 ... ok 21/14 ... ok 4/16 ... ok 4/17 ... ok 21/18 ... ok 4/20 ... ok 2/22 ... ok 4/24 ... ok 4/25 ... ok 4/27 ... ok 4/29 ... ok 4/30 ... ok 4/32 ... ok 4/34 ... ok 4/35 ... ok 4/36 ... ok 14/37 ... repository is empty 4/38 ... ok 4/40 ... ok 4/41 ... ok 4/42 ... ok 4/43 ... ok 4/44 ... ok 3/47 ... ok 4/48 ... ok 3/50 ... ok 3/51 ... ok 21/53 ... repository is empty 4/55 ... ok 4/56 ... ok 4/57 ... ok 36/59 ... repository is empty 35/60 ... ok 4/61 ... ok 4/65 ... ok 4/66 ... ok 4/68 ... ok 4/69 ... ok 3/71 ... ok 39/72 ... ok 35/74 ... ok 39/77 ... ok 4/78 ... ok 14/79 ... ok 4/81 ... ok 4/84 ... ok 4/85 ... ok 4/86 ... ok 46/90 ... ok 46/91 ... ok 4/92 ... ok 4/93 ... ok 3/96 ... ok 3/97 ... ok 14/98 ... ok 3/100 ... ok 2/101 ... ok 3/104 ... ok 3/105 ... ok 3/106 ... ok 3/108 ... ok 4/109 ... ok 4/111 ... ok 4/112 ... ok 4/113 ... ok 4/114 ... ok 3/115 ... ok 39/116 ... ok 39/117 ... ok 48/118 ... ok 4/119 ... ok 39/120 ... ok 39/121 ... ok 4/122 ... ok 4/124 ... ok 4/131 ... ok 48/133 ... ok 4/134 ... ok 4/135 ... ok 21/136 ... ok 4/139 ... ok 21/140 ... ok 4/144 ... ok 21/145 ... repository is empty 4/146 ... ok 2/147 ... ok 3/149 ... ok 4/150 ... ok 21/151 ... ok 35/152 ... ok 14/153 ... ok 21/155 ... ok 7/156 ... ok 21/158 ... ok 4/163 ... ok 82/167 ... ok 82/168 ... ok 82/169 ... ok 4/170 ... ok 4/171 ... ok 3/173 ... ok 4/178 ... ok 35/179 ... ok 35/181 ... ok 35/182 ... ok 35/183 ... ok 35/184 ... ok 35/185 ... ok 35/186 ... ok 35/187 ... ok 35/188 ... ok 35/189 ... ok 35/190 ... ok 35/191 ... ok 35/192 ... ok 35/193 ... ok 35/194 ... ok 35/195 ... ok 35/196 ... ok 35/197 ... ok 35/198 ... ok 35/199 ... ok 35/200 ... ok 5/201 ... ok 35/202 ... ok 35/203 ... ok 29/204 ... ok 35/205 ... ok 46/206 ... ok 35/207 ... ok 35/208 ... ok 3/210 ... ok 35/212 ... ok 35/213 ... ok 29/215 ... ok 29/216 ... ok 35/217 ... ok 35/218 ... ok 4/219 ... ok 35/220 ... ok 4/221 ... ok 35/222 ... ok 35/223 ... ok 4/224 ... ok 3/225 ... ok 35/226 ... ok 35/227 ... ok 35/228 ... ok 35/229 ... ok 93/230 ... ok 35/232 ... ok 35/233 ... ok 35/234 ... ok 35/235 ... ok 35/238 ... ok 35/241 ... ok 35/242 ... ok 35/243 ... ok 3/244 ... ok 35/245 ... ok 35/246 ... ok 14/247 ... ok 35/249 ... ok 64/250 ... ok 35/251 ... ok 4/253 ... ok 5/259 ... ok 5/260 ... ok 64/264 ... ok 35/274 ... ok 35/275 ... ok 4/281 ... ok 35/283 ... ok 35/285 ... ok 35/286 ... ok 35/288 ... ok 35/290 ... ok 3/291 ... ok 35/292 ... ok 35/293 ... ok 35/294 ... ok 3/295 ... ok 3/300 ... ok 3/301 ... ok 4/302 ... ok 35/303 ... ok 35/304 ... ok 35/305 ... ok 35/306 ... ok 35/307 ... ok 103/308 ... ok 3/309 ... ok 35/310 ... ok 35/311 ... ok 5/312 ... ok 3/313 ... ok 3/314 ... ok 14/317 ... ok 5/318 ... ok 3/319 ... ok 35/321 ... ok 35/322 ... ok 103/323 ... ok 4/324 ... ok 7/325 ... ok 4/326 ... ok 35/327 ... ok 2/328 ... repository is empty 103/329 ... ok 3/331 ... repository is empty 103/332 ... repository is empty 35/339 ... ok 35/340 ... ok 35/342 ... ok 35/343 ... ok 35/351 ... ok Running /opt/gitlab/embedded/service/gitlab-shell/bin/check Check GitLab API access: OK Access to /var/opt/gitlab/.ssh/authorized_keys: OK Send ping to redis server: OK gitlab-shell self-check successful
Checking GitLab Shell ... Finished
Checking Sidekiq ...
Running? ... yes Number of Sidekiq processes ... 1
Checking Sidekiq ... Finished
Checking Reply by email ...
IMAP server credentials are correct? ... yes Init.d configured correctly? ... skipped (omnibus-gitlab has no init script) MailRoom running? ... can't check because of previous errors
Checking Reply by email ... Finished
Checking LDAP ...
Server: ldapmain LDAP authentication... Success LDAP users with access to your GitLab server (only showing the first 100 results)
< REDACTED >
Checking LDAP ... Finished
Checking GitLab ...
Git configured correctly? ... yes Database config exists? ... yes All migrations up? ... yes Database contains orphaned GroupMembers? ... no GitLab config exists? ... yes GitLab config up to date? ... yes Log directory writable? ... yes Tmp directory writable? ... yes Uploads directory exists? ... yes Uploads directory has correct permissions? ... yes Uploads directory tmp has correct permissions? ... yes Init script exists? ... skipped (omnibus-gitlab has no init script) Init script up-to-date? ... skipped (omnibus-gitlab has no init script) Projects have namespace: ... 3/2 ... yes 4/3 ... yes 3/4 ... yes 3/5 ... yes 3/6 ... yes 3/7 ... yes 2/8 ... yes 3/9 ... yes 4/12 ... yes 4/13 ... yes 21/14 ... yes 4/16 ... yes 4/17 ... yes 21/18 ... yes 4/20 ... yes 2/22 ... yes 4/24 ... yes 4/25 ... yes 4/27 ... yes 4/29 ... yes 4/30 ... yes 4/32 ... yes 4/34 ... yes 4/35 ... yes 4/36 ... yes 14/37 ... yes 4/38 ... yes 4/40 ... yes 4/41 ... yes 4/42 ... yes 4/43 ... yes 4/44 ... yes 3/47 ... yes 4/48 ... yes 3/50 ... yes 3/51 ... yes 21/53 ... yes 4/55 ... yes 4/56 ... yes 4/57 ... yes 36/59 ... yes 35/60 ... yes 4/61 ... yes 4/65 ... yes 4/66 ... yes 4/68 ... yes 4/69 ... yes 3/71 ... yes 39/72 ... yes 35/74 ... yes 39/77 ... yes 4/78 ... yes 14/79 ... yes 4/81 ... yes 4/84 ... yes 4/85 ... yes 4/86 ... yes 46/90 ... yes 46/91 ... yes 4/92 ... yes 4/93 ... yes 3/96 ... yes 3/97 ... yes 14/98 ... yes 3/100 ... yes 2/101 ... yes 3/104 ... yes 3/105 ... yes 3/106 ... yes 3/108 ... yes 4/109 ... yes 4/111 ... yes 4/112 ... yes 4/113 ... yes 4/114 ... yes 3/115 ... yes 39/116 ... yes 39/117 ... yes 48/118 ... yes 4/119 ... yes 39/120 ... yes 39/121 ... yes 4/122 ... yes 4/124 ... yes 4/131 ... yes 48/133 ... yes 4/134 ... yes 4/135 ... yes 21/136 ... yes 4/139 ... yes 21/140 ... yes 4/144 ... yes 21/145 ... yes 4/146 ... yes 2/147 ... yes 3/149 ... yes 4/150 ... yes 21/151 ... yes 35/152 ... yes 14/153 ... yes 21/155 ... yes 7/156 ... yes 21/158 ... yes 4/163 ... yes 82/167 ... yes 82/168 ... yes 82/169 ... yes 4/170 ... yes 4/171 ... yes 3/173 ... yes 4/178 ... yes 35/179 ... yes 35/181 ... yes 35/182 ... yes 35/183 ... yes 35/184 ... yes 35/185 ... yes 35/186 ... yes 35/187 ... yes 35/188 ... yes 35/189 ... yes 35/190 ... yes 35/191 ... yes 35/192 ... yes 35/193 ... yes 35/194 ... yes 35/195 ... yes 35/196 ... yes 35/197 ... yes 35/198 ... yes 35/199 ... yes 35/200 ... yes 5/201 ... yes 35/202 ... yes 35/203 ... yes 29/204 ... yes 35/205 ... yes 46/206 ... yes 35/207 ... yes 35/208 ... yes 3/210 ... yes 35/212 ... yes 35/213 ... yes 29/215 ... yes 29/216 ... yes 35/217 ... yes 35/218 ... yes 4/219 ... yes 35/220 ... yes 4/221 ... yes 35/222 ... yes 35/223 ... yes 4/224 ... yes 3/225 ... yes 35/226 ... yes 35/227 ... yes 35/228 ... yes 35/229 ... yes 93/230 ... yes 35/232 ... yes 35/233 ... yes 35/234 ... yes 35/235 ... yes 35/238 ... yes 35/241 ... yes 35/242 ... yes 35/243 ... yes 3/244 ... yes 35/245 ... yes 35/246 ... yes 14/247 ... yes 35/249 ... yes 64/250 ... yes 35/251 ... yes 4/253 ... yes 5/259 ... yes 5/260 ... yes 64/264 ... yes 35/274 ... yes 35/275 ... yes 4/281 ... yes 35/283 ... yes 35/285 ... yes 35/286 ... yes 35/288 ... yes 35/290 ... yes 3/291 ... yes 35/292 ... yes 35/293 ... yes 35/294 ... yes 3/295 ... yes 3/300 ... yes 3/301 ... yes 4/302 ... yes 35/303 ... yes 35/304 ... yes 35/305 ... yes 35/306 ... yes 35/307 ... yes 103/308 ... yes 3/309 ... yes 35/310 ... yes 35/311 ... yes 5/312 ... yes 3/313 ... yes 3/314 ... yes 14/317 ... yes 5/318 ... yes 3/319 ... yes 35/321 ... yes 35/322 ... yes 103/323 ... yes 4/324 ... yes 7/325 ... yes 4/326 ... yes 35/327 ... yes 2/328 ... yes 103/329 ... yes 3/331 ... yes 103/332 ... yes 35/339 ... yes 35/340 ... yes 35/342 ... yes 35/343 ... yes 35/351 ... yes Redis version >= 2.8.0? ... yes Ruby version >= 2.3.3 ? ... yes (2.3.3) Git version >= 2.7.3 ? ... yes (2.13.0) Active users: ... 60 Elasticsearch version 5.1 - 5.3? ... skipped (elasticsearch is disabled)
Checking GitLab ... Finished
Note: I have tried: