Revision - 78a2026 - Use read_api scope for GitLab OAuth (#27976)

Revision 78a2026a822c557c6abda15171e4dc38d9259e5c authored by vin01 on 01 October 2020, 18:29:48 UTC, committed by GitHub on 01 October 2020, 18:29:48 UTC

Use read_api scope for GitLab OAuth (#27976)

`read_api` seems to be the minimal scope currently which can be used, it shall be preferred over `api` which grants complete read/write access.

- https://gitlab.com/gitlab-org/gitlab/-/merge_requests/28944#note_322904691
- https://gitlab.com/gitlab-org/gitlab/-/issues/21909

1 parent 1854421

Files
Changes

Permalinks

Dockerfile.ubuntu

FROM node:12.18.3-slim AS js-builder

WORKDIR /usr/src/app/

COPY package.json yarn.lock ./
COPY packages packages

RUN yarn install --pure-lockfile

COPY Gruntfile.js tsconfig.json .eslintrc .editorconfig .browserslistrc .prettierrc.js ./
COPY public public
COPY tools tools
COPY scripts scripts
COPY emails emails

ENV NODE_ENV production
RUN ./node_modules/.bin/grunt build

FROM golang:1.15.1 AS go-builder

WORKDIR /src/grafana

COPY go.mod go.sum ./

RUN go mod verify

COPY build.go package.json ./
COPY pkg pkg/

RUN go run build.go build

FROM ubuntu:20.04

LABEL maintainer="Grafana team <hello@grafana.com>"
EXPOSE 3000

ARG GF_UID="472"
ARG GF_GID="472"

ENV PATH="/usr/share/grafana/bin:$PATH" \
    GF_PATHS_CONFIG="/etc/grafana/grafana.ini" \
    GF_PATHS_DATA="/var/lib/grafana" \
    GF_PATHS_HOME="/usr/share/grafana" \
    GF_PATHS_LOGS="/var/log/grafana" \
    GF_PATHS_PLUGINS="/var/lib/grafana/plugins" \
    GF_PATHS_PROVISIONING="/etc/grafana/provisioning"

WORKDIR $GF_PATHS_HOME

COPY conf conf

# curl should be part of the image
RUN apt-get update && apt-get install -y ca-certificates curl

RUN mkdir -p "$GF_PATHS_HOME/.aws" && \
  addgroup --system --gid $GF_GID grafana && \
  adduser --uid $GF_UID --system --ingroup grafana grafana && \
  mkdir -p "$GF_PATHS_PROVISIONING/datasources" \
             "$GF_PATHS_PROVISIONING/dashboards" \
             "$GF_PATHS_PROVISIONING/notifiers" \
             "$GF_PATHS_LOGS" \
             "$GF_PATHS_PLUGINS" \
             "$GF_PATHS_DATA" && \
    cp conf/sample.ini "$GF_PATHS_CONFIG" && \
    cp conf/ldap.toml /etc/grafana/ldap.toml && \
    chown -R grafana:grafana "$GF_PATHS_DATA" "$GF_PATHS_HOME/.aws" "$GF_PATHS_LOGS" "$GF_PATHS_PLUGINS" "$GF_PATHS_PROVISIONING" && \
    chmod -R 777 "$GF_PATHS_DATA" "$GF_PATHS_HOME/.aws" "$GF_PATHS_LOGS" "$GF_PATHS_PLUGINS" "$GF_PATHS_PROVISIONING"

COPY --from=go-builder /src/grafana/bin/linux-amd64/grafana-server /src/grafana/bin/linux-amd64/grafana-cli bin/
COPY --from=js-builder /usr/src/app/public public
COPY --from=js-builder /usr/src/app/tools tools

COPY packaging/docker/run.sh /

USER grafana
ENTRYPOINT [ "/run.sh" ]

Showing with 0 additions and 0 deletions (0 / 0 diffs computed)

Computing file changes ...