d94f25aed3
The init tool offers a mechanism to download a required library like BouncyCastle during installation, and to remove "stale" versions of that library from the lib/ folder if specified in libraries.config. However, init does not check (and in general cannot check) that the library actually is stale, but forcefully replaces it with the version stated in libraries.config. For security critical libraries like BouncyCastle this is dangerous, especially when doing a batch install. In that case, init may silently download a potentially vulnerable library version and replace a more secure version already residing in the lib/ folder. This patch adds two new options to the init program to disable the automatic library download altogether, or selectively: --skip-all-downloads switches the download mechanism off completely; --skip-download <lib> switches the download off for the given library (<lib> being the section name of a library in libraries.config). Change-Id: I1df60b2fd7a4bf519b135e16deebb68a3b9095ef Signed-off-by: Michael Ochmann <michael.ochmann@sap.com>
80 lines
2.2 KiB
Plaintext
80 lines
2.2 KiB
Plaintext
= init
|
|
|
|
== NAME
|
|
init - Initialize a new Gerrit server installation
|
|
|
|
== SYNOPSIS
|
|
--
|
|
'java' -jar gerrit.war 'init'
|
|
-d <SITE_PATH>
|
|
[--batch]
|
|
[--no-auto-start]
|
|
[--list-plugins]
|
|
[--install-plugin=<PLUGIN_NAME>]
|
|
[--dev]
|
|
[--skip-all-downloads]
|
|
[--skip-download=<LIBRARY_NAME>]
|
|
--
|
|
|
|
== DESCRIPTION
|
|
Creates a new Gerrit server installation, interactively prompting
|
|
for some basic setup prior to writing default configuration files
|
|
into a newly created `$site_path`.
|
|
|
|
If run in an existing `$site_path`, init will upgrade some resources
|
|
as necessary.
|
|
|
|
== OPTIONS
|
|
--batch::
|
|
Run in batch mode, skipping interactive prompts. Reasonable
|
|
configuration defaults are chosen based on the whims of
|
|
the Gerrit developers.
|
|
+
|
|
If during a schema migration unused objects (e.g. tables, columns)
|
|
are detected they are *not* automatically dropped, but only a list of
|
|
SQL statements to drop these objects is provided. To drop the unused
|
|
objects these SQL statements have to be executed manually.
|
|
|
|
--no-auto-start::
|
|
Don't automatically start the daemon after initializing a
|
|
newly created site path. This permits the administrator
|
|
to inspect and modify the configuration before the daemon
|
|
is started.
|
|
|
|
-d::
|
|
--site-path::
|
|
Location of the gerrit.config file, and all other per-site
|
|
configuration data, supporting libraries and log files.
|
|
|
|
--list-plugins::
|
|
Print names of plugins that can be installed during init process.
|
|
|
|
--install-plugin::
|
|
Automatically install plugin with given name without asking.
|
|
This option may be supplied more than once to install multiple
|
|
plugins.
|
|
|
|
--dev::
|
|
Install in developer mode. Default configuration settings are
|
|
chosen to run the Gerrit server as a developer.
|
|
|
|
--skip-all-downloads::
|
|
Do not automatically download and install required libraries. The
|
|
administrator must provision the required libraries in the lib/ folder.
|
|
|
|
--skip-download::
|
|
Do not automatically download and install the library with the given name.
|
|
The administrator must provision the required library in the lib/ folder.
|
|
|
|
== CONTEXT
|
|
This command can only be run on a server which has direct
|
|
connectivity to the metadata database, and local access to the
|
|
managed Git repositories.
|
|
|
|
GERRIT
|
|
------
|
|
Part of link:index.html[Gerrit Code Review]
|
|
|
|
SEARCHBOX
|
|
---------
|