user/gitlab-foss: missing files

user/gitlab-foss/bin-wrapper.in

@@ -0,0 +1,15 @@
+#!/bin/sh
+
+BUNDLE_DIR='/usr/lib/bundles/gitlab'
+export RAILS_ENV='production'
+export NODE_ENV='production'
+export EXECJS_RUNTIME='Disabled'
+
+cd $BUNDLE_DIR
+install -m 700 -o git -g git -d "$(readlink ./tmp)"
+
+if [ "$(id -un)" != 'git' ]; then
+	exec su git -c '"$0" "$@"' -- bin/__COMMAND__ "$@"
+else
+	exec bin/__COMMAND__ "$@"
+fi

user/gitlab-foss/gitlab-foss.post-install

@@ -0,0 +1,113 @@
+#!/bin/sh
+set -eu
+
+group='git'
+data_dir='/var/lib/gitlab'
+secrets_file='/etc/gitlab/secrets.yml'
+shell_secret_file='/etc/gitlab/gitlab_shell_secret'
+workhorse_secret_file='/etc/gitlab/gitlab_workhorse_secret'
+kas_secret_file='/etc/gitlab/gitlab_kas_secret'
+
+gen_random_hex() {
+	local bits="$1"
+	ruby -e "require 'securerandom'; puts SecureRandom.hex($bits)"
+}
+
+gen_random_b64() {
+	local bits="$1"
+	ruby <<-EOF
+		require 'securerandom'
+		require 'base64'
+		puts Base64.strict_encode64(SecureRandom.random_bytes($bits))
+	EOF
+}
+
+
+echo "* Checking $secrets_file" >&2
+
+ruby <<-EOF
+	require 'openssl'
+	require 'securerandom'
+	require 'yaml'
+
+	secrets_file = '$secrets_file'
+	changed = false
+
+	secrets = YAML.load_file(secrets_file) if File.exist?(secrets_file)
+	secrets ||= {}
+	prod = secrets['production'] ||= {}
+	prod['db_key_base'] ||= ( changed = true; SecureRandom.hex(64) )
+	prod['secret_key_base'] ||= ( changed = true; SecureRandom.hex(64) )
+	prod['otp_key_base'] ||= ( changed = true; SecureRandom.hex(64) )
+	prod['encrypted_settings_key_base'] ||= ( changed = true; SecureRandom.hex(64) )
+	prod['openid_connect_signing_key'] ||= begin
+	  changed = true
+	  prod.delete('jws_private_key') || OpenSSL::PKey::RSA.new(2048).to_pem
+	end
+	# db/fixtures/production/010_settings.rb
+	prod['ci_jwt_signing_key'] ||= ( changed = true; OpenSSL::PKey::RSA.new(2048).to_pem )
+
+	if changed
+	  STDERR.puts "* Generating random secrets into #{secrets_file}"
+	  File.write(secrets_file, YAML.dump(secrets), mode: 'w', perm: 0640)
+	end
+EOF
+chown root:$group "$secrets_file"
+
+if [ ! -f "$shell_secret_file" ]; then
+	echo "* Generating random secret in $shell_secret_file" >&2
+
+	gen_random_hex 16 > "$shell_secret_file"
+	chown root:$group "$shell_secret_file"
+	chmod 0640 "$shell_secret_file"
+fi
+
+if [ ! -f "$workhorse_secret_file" ]; then
+	echo "* Generating random secret in $workhorse_secret_file" >&2
+
+	# Sync with lib/gitlab/workhorse.rb.
+	gen_random_b64 32 > "$workhorse_secret_file"
+	chown root:$group "$workhorse_secret_file"
+	chmod 0640 "$workhorse_secret_file"
+fi
+
+if [ ! -f "$kas_secret_file" ]; then
+	echo "* Generating random secret in $kas_secret_file" >&2
+
+	# Sync with lib/gitlab/workhorse.rb.
+	gen_random_b64 32 > "$kas_secret_file"
+	chown root:$group "$kas_secret_file"
+	chmod 0640 "$kas_secret_file"
+fi
+
+# NOTE: We create this symlink in post-install script instead of APKBULD,
+# so user can decide to have tmp dir inside $data_dir (e.g. it's on bigger disk).
+if [ ! -e "$data_dir"/tmp ]; then
+	ln -s /var/tmp/gitlab "$data_dir"/tmp
+fi
+
+
+if [ "${0##*.}" = 'post-upgrade' ]; then
+	cat >&2 <<-EOF
+	*
+	* To finish GitLab upgrade run:
+	*
+	*     gitlab-rake gitlab:db:configure
+	*
+	EOF
+else
+	cat >&2 <<-EOF
+	*
+	* 1. Adjust settings in /etc/gitlab/database.yml and gitlab.yml.
+	*
+	* 2. Create database for GitLab:
+	*
+	*     psql -c "CREATE ROLE gitlab PASSWORD 'top-secret' INHERIT LOGIN;"
+	*     psql -c "CREATE DATABASE gitlab OWNER gitlab ENCODING 'UTF-8';"
+	*     psql -d gitlab -c "CREATE EXTENSION pg_trgm; CREATE EXTENSION btree_gist;"
+	*
+	* 3. Run "gitlab-rake gitlab:setup", or "gitlab-rake gitlab:db:configure" if
+	*    you are updating existing database.
+	*
+	EOF
+fi

user/gitlab-foss/gitlab-foss.post-upgrade

@@ -0,0 +1 @@
+gitlab-foss.post-install

user/gitlab-foss/gitlab-foss.pre-install

@@ -0,0 +1,53 @@
+#!/bin/sh
+# It's very important to set user/group correctly.
+
+git_dir='/var/lib/gitlab'
+
+if ! getent group git 1>/dev/null; then
+	echo '* Creating group git' 1>&2
+
+	addgroup -S git
+fi
+
+if ! id git 2>/dev/null 1>&2; then
+	echo '* Creating user git' 1>&2
+
+	adduser -DHS -G git -h "$git_dir" -s /bin/sh  \
+		-g "added by apk for gitlab-foss" git
+	passwd -u git 1>/dev/null  # unlock
+fi
+
+if ! id -Gn git | grep -Fq redis; then
+	echo '* Adding user git to group redis' 1>&2
+
+	addgroup git redis
+fi
+
+if [ "$(id -gn git)" != 'git' ]; then
+	cat >&2 <<-EOF
+	!!
+	!! User git has primary group $(id -gn git). We strongly recommend to change
+	!! git's primary group to git, otherwise GitLab may not work correctly.
+	!!
+	EOF
+
+	# Add it at least as a supplementary group.
+	adduser git git
+fi
+
+user_home="$(getent passwd git | cut -d: -f6)"
+
+if [ "$user_home" != "$git_dir" ]; then
+	cat >&2 <<-EOF
+	!!
+	!! User git has home directory in $user_home, but this package assumes
+	!! $git_dir. Although it's possible to use a different directory,
+	!! it's really not easy.
+	!!
+	!! Please change git's home directory to $git_dir, or adjust settings
+	!! and move files yourself. Otherwise GitLab will not work!
+	!!
+	EOF
+fi
+
+exit 0

user/gitlab-foss/gitlab-rails.confd

@@ -0,0 +1,20 @@
+# Configuration for /etc/init.d/gitlab.rails
+
+# Path to the Puma configuration file.
+#puma_config="/etc/gitlab/puma.rb"
+
+# IP address and port for Puma server to listen on.
+#puma_listen_tcp="127.0.0.1:8080"
+
+# Absolute path of unix socket for Puma server to listen on.
+#puma_listen_unix="/run/gitlab/gitlab.socket"
+
+# Path to the file to redirect stdout from Puma server to.
+#puma_stdout_file="/var/log/gitlab/puma_stdout.log"
+
+# Path to the file to redirect stderr from Puma server to.
+#puma_stderr_file="/var/log/gitlab/puma_stderr.log"
+
+# Action Cable uses a separate thread pool per Puma worker. This configures
+# number of threads in the pool.
+#action_cable_worker_pool_size=4

user/gitlab-foss/gitlab.confd

@@ -0,0 +1,85 @@
+# Configuration file for /etc/init.d/gitlab and
+# /etc/init.d/gitlab.{mailroom,rails,sidekiq,workhorse}
+
+
+# Path to the base directory for the Prometheus metrics used by Puma and
+# Sidekiq.
+#metrics_dir=/dev/shm/gitlab
+
+
+# How many Puma worker processes to create (0 to disable cluster mode).
+#puma_workers=3
+
+# IP address and port for Puma server to listen on.
+#puma_listen_tcp="127.0.0.1:8080"
+
+# Absolute path of unix socket for Puma server to listen on.
+#puma_listen_unix="/run/gitlab/gitlab.socket"
+
+# Action Cable uses a separate thread pool per Puma worker. This configures
+# number of threads in the pool.
+#action_cable_worker_pool_size=4
+
+
+# IP address and port, or absolute path of the unix socket, where should
+# Workhorse listen on for connections from a web server.
+#workhorse_listen="/run/gitlab/workhorse.socket"
+
+# How long to wait for response headers when proxying the request.
+#workhorse_proxy_header_timeout="1m0s"
+
+# Number of API requests allowed at single time.
+#workhorse_api_limit=
+
+# Maximum queueing duration of requests (default 30s).
+#workhorse_api_queue_duration=
+
+# Number of API requests allowed to be queued.
+#workhorse_api_queue_limit=
+
+# Long polling duration for job requesting for runners (default 0s - disabled)
+#workhorse_ci_long_polling_duration=
+
+# Log format to use: text, json, structured, none. Defaults to "text".
+#workhorse_log_format=
+
+# Prometheus listening address.
+#workhorse_prometheus_listen=
+
+# Sentry DSN for Workhorse.
+#workhorse_sentry_dsn=
+
+
+# Specify how many processes to create using sidekiq-cluster and which queue
+# they should handle. Each whitespace-separated item equates to one additional
+# Sidekiq process, and comma-separated values in each item determine the queues
+# it works on. The special queue name "*" means all queues.
+# Example: "* gitlab_shell process_commit,post_receive"
+# See https://docs.gitlab.com/ee/administration/sidekiq/extra_sidekiq_processes.html.
+#sidekiq_queue_groups="*"
+
+# Maximum threads to use with Sidekiq (default: 50, 0 to disable).
+#sidekiq_max_concurrency=
+
+# Minimum threads to use with Sidekiq (default: 0).
+#sidekiq_min_concurrency=
+
+# The number of seconds to wait between worker checks.
+#sidekiq_interval=
+
+# Graceful timeout for all running processes.
+#sidekiq_shutdown_timeout=
+
+# Run workers for all queues in sidekiq_queues.yml except the given ones.
+#sidekiq_negate=no
+
+# Run workers based on the provided selector.
+#sidekiq_queue_selector=no
+
+# Memory limit (in MiB) for the Sidekiq process. If the RSS (Resident Set Size)
+# of the Sidekiq process exceeds this limit, a delayed shutdown is triggered.
+#sidekiq_memkiller_max_rss=2000
+
+
+# Enable mail_room to handle incoming mails?
+#mailroom_enabled="no"

user/gitlab-foss/gitlab.initd

@@ -0,0 +1,49 @@
+#!/sbin/openrc-run
+
+name="GitLab"
+description="Meta script for starting/stopping all the GitLab components"
+
+: ${mailroom_enabled:="no"}
+: ${pages_enabled:="yes"}
+
+subservices="gitlab.rails gitlab.gitaly gitlab.sidekiq gitlab.workhorse"
+if yesno "$mailroom_enabled"; then
+	subservices="$subservices gitlab.mailroom"
+fi
+if yesno "$pages_enabled" && [ -e /etc/init.d/gitlab.pages ]; then
+	subservices="$subservices gitlab.pages"
+fi
+
+depend() {
+	use net
+}
+
+start() {
+	local ret=0
+
+	ebegin "Starting all GitLab components"
+	local svc; for svc in $subservices; do
+		service $svc start || ret=1
+	done
+	eend $ret
+}
+
+stop() {
+	local ret=0
+
+	ebegin "Stopping all GitLab components"
+	local svc; for svc in $subservices; do
+		service $svc stop || ret=1
+	done
+	eend $ret
+}
+
+status() {
+	local ret=0
+
+	local svc; for svc in $subservices; do
+		echo "$svc:"
+		service $svc status || ret=1
+	done
+	eend $ret
+}

user/gitlab-foss/gitlab.logrotate

@@ -0,0 +1,24 @@
+/var/log/gitlab/workhorse.log {
+	compress
+	maxsize 10M
+	minsize 1M
+	missingok
+	postrotate
+		/etc/init.d/gitlab.workhorse --quiet --ifstarted reopen
+	endscript
+	sharedscripts
+	rotate 5
+	weekly
+}
+
+/var/log/gitlab/*.log {
+	compress
+	copytruncate
+	delaycompress
+	maxsize 10M
+	minsize 1M
+	missingok
+	sharedscripts
+	rotate 10
+	weekly
+}

user/gitlab-foss/gitlab.mailroom.initd

@@ -0,0 +1,40 @@
+#!/sbin/openrc-run
+
+supervisor=supervise-daemon
+
+name="GitLab (mailroom)"
+description="GitLab service for processing incoming mails."
+
+: ${gitlab_base:="/usr/lib/bundles/gitlab"}
+: ${gitlab_config:="/etc/gitlab/gitlab.yml"}
+: ${mailroom_logfile:="/var/log/gitlab/mail_room.log"}
+: ${mailroom_config:="$gitlab_base/config/mail_room.yml"}
+
+command="$gitlab_base/bin/mail_room"
+command_args="-c $mailroom_config"
+command_background="yes"
+command_user="git"
+
+directory="$gitlab_base"
+error_log="$mailroom_logfile"
+output_log="$mailroom_logfile"
+
+supervise_daemon_args="
+	--env RAILS_ENV=production
+	--env TZ=:/etc/localtime
+	--env MAIL_ROOM_GITLAB_CONFIG_FILE=$gitlab_config
+	"
+start_stop_daemon_args="--interpreted $supervise_daemon_args"
+pidfile="/run/gitlab/mail_room.pid"
+
+required_files="$mailroom_config $gitlab_config"
+
+depend() {
+	need redis
+	use net
+}
+
+start_pre() {
+	checkpath -d -m 755 -o $command_user -q "${pidfile%/*}" || return 1
+	checkpath -f -m 640 -o $command_user "$mailroom_logfile"
+}

user/gitlab-foss/gitlab.rails.initd

@@ -0,0 +1,114 @@
+#!/sbin/openrc-run
+
+name="GitLab Rails"
+description="GitLab application"
+
+extra_started_commands="reload reopen"
+description_reload="Reload configuration"
+description_reopen="Reopen log files"
+
+: ${gitlab_base:="/usr/lib/bundles/gitlab"}
+: ${metrics_dir:="/dev/shm/gitlab"}
+
+: ${action_cable_worker_pool_size:=4}
+: ${gitlab_config:="/etc/gitlab/gitlab.yml"}
+: ${puma_workers:=3}
+: ${puma_listen_unix:="/run/gitlab/gitlab.socket"}
+: ${puma_listen_tcp:="127.0.0.1:8080"}
+: ${puma_stdout_file:="/var/log/gitlab/puma_stdout.log"}
+: ${puma_stderr_file:="/var/log/gitlab/puma_stderr.log"}
+: ${puma_config:="/etc/gitlab/puma.rb"}
+: ${puma_metrics_dir:="$metrics_dir/puma"}
+
+command="$gitlab_base/bin/puma"
+command_args="
+	--config $puma_config
+	--workers $puma_workers
+	--bind tcp://$puma_listen_tcp
+	--bind unix://$puma_listen_unix
+	--redirect-stdout $puma_stdout_file
+	--redirect-stderr $puma_stderr_file
+	--redirect-append
+	--state /run/gitlab/puma.state
+	"
+command_background="yes"
+command_user="git"
+directory="$gitlab_base"
+
+supervise_daemon_args="
+	--env ACTION_CABLE_WORKER_POOL_SIZE=$action_cable_worker_pool_size
+	--env RAILS_ENV=production
+	--env NODE_ENV=production
+	--env EXECJS_RUNTIME=Disabled
+	--env GITLAB_BASE=$gitlab_base
+	--env TZ=:/etc/localtime
+	--env prometheus_multiproc_dir=$puma_metrics_dir
+	${supervise_daemon_args:-}
+	"
+start_stop_daemon_args="
+	--interpreted
+	$supervise_daemon_args
+	$start_stop_daemon_args
+	"
+pidfile="/run/gitlab/puma.pid"
+
+required_files="$gitlab_config $puma_config"
+
+depend() {
+	need redis
+	want sshd postgresql docker-registry
+	use net
+}
+
+start_pre() {
+	checkpath -d -m 755 -o $command_user -q "${pidfile%/*}" || return 1
+	checkpath -d -m 700 -o $command_user -q "$(readlink -f "$gitlab_base"/tmp)" || return 1
+	checkpath -d -m 700 -o $command_user -q "$metrics_dir" || return 1
+	checkpath -d -m 700 -o $command_user --directory-truncate "$puma_metrics_dir" || return 1
+	checkpath -f -m 644 -o $command_user "$puma_stdout_file" || return 1
+	checkpath -f -m 644 -o $command_user "$puma_stderr_file" || return 1
+
+	# Ruby requires sticky bit on TMP directory.
+	checkpath -d -m 1777 /tmp
+
+	local downloads_path="$(_parse_yaml "$gitlab_config" \
+		production.gitlab.repository_downloads_path)"
+
+	if [ -n "$downloads_path" ]; then
+		checkpath -d -m 700 -o $command_user -q "$downloads_path"
+	fi
+}
+
+reload() {
+	ebegin "Reloading $name"
+
+	if [ "$supervisor" ]; then
+		$supervisor "$RC_SVCNAME" --signal USR2
+	else
+		start-stop-daemon --pidfile "$pidfile" --signal USR2
+	fi
+	eend $?
+}
+
+reopen() {
+	ebegin "Telling $name to reopen log files"
+
+	if [ "$supervisor" ]; then
+		$supervisor "$RC_SVCNAME" --signal USR1
+	else
+		start-stop-daemon --pidfile "$pidfile" --signal USR1
+	fi
+	eend $?
+}
+
+_parse_yaml() {
+	local file="$1"
+	local key="$2"
+	local default="${3:-}"
+	local key_path="$(echo "[\"$key\"]" | sed 's/\./"]["/g')"
+
+	ruby <<-EOF
+	require "yaml"
+	puts YAML.load_file("$file")$key_path rescue puts "$default"
+	EOF
+}

user/gitlab-foss/gitlab.sidekiq.initd

@@ -0,0 +1,76 @@
+#!/sbin/openrc-run
+
+extra_started_commands="finish"
+
+name="GitLab Sidekiq"
+description="GitLab backgroud workers"
+description_finish="Stop fetching new jobs and finish current ones"
+
+: ${gitlab_base:="/usr/lib/bundles/gitlab"}
+: ${metrics_dir:="/dev/shm/gitlab"}
+
+: ${sidekiq_logfile:="/var/log/gitlab/sidekiq.log"}
+: ${sidekiq_memkiller_max_rss:="2000"}  # default per Omnibus
+: ${sidekiq_metrics_dir:="$metrics_dir/sidekiq"}
+: ${sidekiq_negate:="no"}
+: ${sidekiq_queue_groups:="*"}
+: ${sidekiq_queue_selector:="no"}
+
+command="$gitlab_base/bin/sidekiq-cluster"
+# Note: The rest of the options is set in start_pre().
+command_args="-r $gitlab_base -e production ${command_args:-}"
+command_background="yes"
+command_user="git"
+
+directory="$gitlab_base"
+error_log="$sidekiq_logfile"
+output_log="$sidekiq_logfile"
+
+supervise_daemon_args="
+	--env RAILS_ENV=production
+	--env NODE_ENV=production
+	--env EXECJS_RUNTIME=Disabled
+	--env TZ=:/etc/localtime
+	--env SIDEKIQ_MEMORY_KILLER_MAX_RSS=$(( sidekiq_memkiller_max_rss * 1024 ))
+	--env prometheus_multiproc_dir=$sidekiq_metrics_dir
+	"
+start_stop_daemon_args="--interpreted $supervise_daemon_args"
+pidfile="/run/gitlab/sidekiq.pid"
+
+depend() {
+	need redis
+	use net postgresql
+}
+
+start_pre() {
+	yesno "$sidekiq_queue_selector" && command_args="$command_args --queue-selector"
+
+	command_args="$command_args
+		$(optif --max-concurrency ${sidekiq_max_concurrency:-})
+		$(optif --min-concurrency ${sidekiq_min_concurrency:-})
+		$(optif --interval ${sidekiq_interval:-})
+		$(optif --timeout ${sidekiq_shutdown_timeout:-})
+		$(set -f; printf "'%s' " $sidekiq_queue_groups)
+		"
+	yesno "$sidekiq_negate" && command_args="$command_args --negate"
+
+	checkpath -d -m 755 -o $command_user -q "${pidfile%/*}" || return 1
+	checkpath -d -m 700 -o $command_user -q "$metrics_dir" || return 1
+	checkpath -d -m 700 -o $command_user --directory-truncate "$sidekiq_metrics_dir" || return 1
+	checkpath -f -m 644 -o $command_user "$sidekiq_logfile"
+}
+
+finish() {
+	ebegin "Telling $name to stop fetching new jobs"
+
+	if [ "$supervisor" ]; then
+		$supervisor "$RC_SVCNAME" --signal TSTP
+	else
+		start-stop-daemon --pidfile "$pidfile" --signal TSTP
+	fi
+	eend $?
+}
+
+optif() {
+	test -n "$2" && printf '%s/n' "$1=$2" || true
+}

user/gitlab-foss/gitlab.workhorse.initd

@@ -0,0 +1,75 @@
+#!/sbin/openrc-run
+
+extra_started_commands="reopen"
+
+name="GitLab Workhorse"
+description="A reverse proxy for GitLab."
+description_reopen="Reopen log files"
+
+: ${gitlab_base:="/usr/lib/bundles/gitlab"}
+: ${workhorse_logfile:="/var/log/gitlab/workhorse.log"}
+: ${workhorse_access_log:="no"}
+
+command="/usr/bin/gitlab-workhorse"
+# Note: The rest of the options is set in start_pre().
+command_args="
+	-authBackend=http://${puma_listen_tcp:="127.0.0.1:8080"}
+	-config=${workhorse_config:="/etc/gitlab/workhorse.toml"}
+	-documentRoot=${gitlab_public_dir:="$gitlab_base/public"}
+	-listenAddr=${workhorse_listen:="/run/gitlab/workhorse.socket"}
+	-listenUmask=${workhorse_listen_umask:="000"}
+	-logFile=$workhorse_logfile
+	-secretPath=${workhorse_secret_path:="/etc/gitlab/gitlab_workhorse_secret"}
+	"
+command_background="yes"
+command_user="git"
+directory="$gitlab_base"
+pidfile="/run/gitlab/workhorse.pid"
+
+depend() {
+	use net
+}
+
+start_pre() {
+	local listen_net="tcp"
+	[ "${workhorse_listen:0:1}" = '/' ] && listen_net="unix"
+
+	command_args="$command_args
+		-listenNetwork=$listen_net
+		$(optif -apiCiLongPollingDuration "$workhorse_ci_long_polling_duration")
+		$(optif -apiLimit "$workhorse_api_limit")
+		$(optif -apiQueueDuration "$workhorse_api_queue_duration")
+		$(optif -apiQueueLimit "$workhorse_api_queue_limit")
+		$(optif -authSocket "$puma_listen_unix")
+		$(optif -logFormat "$workhorse_log_format")
+		$(optif -prometheusListenAddr "$workhorse_prometheus_listen_addr")
+		$(optif -proxyHeadersTimeout "$workhorse_proxy_header_timeout")"
+	# FIXME: not implemented
+	#yesno "$workhorse_access_log" || command_args="$command_args -disableAccessLog"
+
+	start_stop_daemon_args="$start_stop_daemon_args
+		$(optif '--env GITLAB_WORKHORSE_SENTRY_DSN' "$workhorse_sentry_dns")"
+	supervise_daemon_args="$supervise_daemon_args
+		$(optif '--env GITLAB_WORKHORSE_SENTRY_DSN' "$workhorse_sentry_dns")"
+
+	checkpath -d -m 755 -o $command_user -q "${pidfile%/*}" || return 1
+	if [ "$listen_net" = "unix" ]; then
+		checkpath -d -m 755 -o $command_user -q "${workhorse_listen%/*}" || return 1
+	fi
+	checkpath -f -m 640 -o $command_user "$workhorse_logfile"
+}
+
+reopen() {
+	ebegin "Telling $name to reopen log files"
+
+	if [ "$supervisor" ]; then
+		$supervisor "$RC_SVCNAME" --signal HUP
+	else
+		start-stop-daemon --pidfile "$pidfile" --signal HUP
+	fi
+	eend $?
+}
+
+optif() {
+	test -n "$2" && printf '%s/n' "$1=$2" || true
+}

user/gitlab-foss/libgit-1.4-compat.patch

@@ -0,0 +1,11 @@
+--- a/Gemfile.lock
++++ b/Gemfile.lock
+@@ -1215 +1215 @@
+-    rugged (1.2.0)
++    rugged (1.4.4)
+@@ -1411 +1411 @@
+-    undercover (0.4.4)
++    undercover (0.4.5)
+@@ -1414 +1414 @@
+-      rugged (>= 0.27, < 1.3)
++      rugged (>= 0.27, < 1.6)