diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2023-05-17 19:05:49 +0300 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2023-05-17 19:05:49 +0300 |
| commit | 43a25d93ebdabea52f99b05e15b06250cd8f07d7 (patch) | |
| tree | dceebdc68925362117480a5d672bcff122fb625b /.gitlab | |
| parent | 20c84b99005abd1c82101dfeff264ac50d2df211 (diff) | |
Add latest changes from gitlab-org/gitlab@16-0-stable-eev16.0.0-rc42
Diffstat (limited to '.gitlab')
60 files changed, 4078 insertions, 2354 deletions
diff --git a/.gitlab/CODEOWNERS b/.gitlab/CODEOWNERS index 02258c366c5..0d6bf442a92 100644 --- a/.gitlab/CODEOWNERS +++ b/.gitlab/CODEOWNERS @@ -2,27 +2,30 @@ # project here: https://gitlab.com/gitlab-org/gitlab/-/project_members # As described in https://docs.gitlab.com/ee/user/project/code_owners.html -* @gitlab-org/maintainers/rails-backend @gitlab-org/maintainers/frontend @gitlab-org/maintainers/database @gl-quality/qe-maintainers @gl-quality/tooling-maintainers @gitlab-org/delivery @gitlab-org/maintainers/cicd-templates @nolith @jacobvosmaer-gitlab @gitlab-org/tw-leadership +* @gitlab-org/maintainers/rails-backend @gitlab-org/maintainers/frontend @gitlab-org/maintainers/database @gl-quality/qe-maintainers @gl-quality/tooling-maintainers @gitlab-org/delivery @gitlab-org/maintainers/cicd-templates @nolith @gitlab-org/tw-leadership -CODEOWNERS @gitlab-org/development-leaders @gitlab-org/tw-leadership -docs/CODEOWNERS @gitlab-org/development-leaders @gitlab-org/tw-leadership .gitlab/CODEOWNERS @gitlab-org/development-leaders @gitlab-org/tw-leadership ## Allows release tooling to update the Gitaly Version GITALY_SERVER_VERSION @project_278964_bot6 @gitlab-org/maintainers/rails-backend @gitlab-org/delivery ## Files that are excluded from required approval +## These rules override the * rule above, so that changes to docs and templates +## can be merged by any user who has maintainer rights, but is not included in +## the * rule (usually technical writers). /.gitlab/issue_templates/*.md /.gitlab/merge_request_templates/*.md /doc/*.md /doc/**/*.md +/doc/**/*.jpg /doc/**/*.png /data/deprecations/*.yml /data/removals/**/*.yml -## Technical writing files that do need approval -/data/deprecations/templates/ @marcel.amirault @gitlab-org/tw-leadership @sarahgerman -/data/removals/templates/ @marcel.amirault @gitlab-org/tw-leadership @sarahgerman +## Technical writing files that do not need `*` rule approval, +## but still require an approval from a TW team DRI for each file. +/data/deprecations/templates/ @marcel.amirault @sarahgerman @gitlab-org/tw-leadership +/data/removals/templates/ @marcel.amirault @sarahgerman @gitlab-org/tw-leadership .markdownlint.yml @marcel.amirault @eread @aqualls @gitlab-org/tw-leadership /doc/.markdownlint/ @marcel.amirault @eread @aqualls @gitlab-org/tw-leadership /doc/.vale/ @marcel.amirault @eread @aqualls @gitlab-org/tw-leadership @@ -31,375 +34,362 @@ GITALY_SERVER_VERSION @project_278964_bot6 @gitlab-org/maintainers/rails-backend ^[Source code editing] .solargraph.yml.example @igor.drozdov -^[Backend] -*.rb @gitlab-org/maintainers/rails-backend -*.rake @gitlab-org/maintainers/rails-backend +^[Backend] @gitlab-org/maintainers/rails-backend +*.rb +*.rake -^[Frontend] -*.scss @gitlab-org/maintainers/frontend -*.js @gitlab-org/maintainers/frontend -/app/assets/ @gitlab-org/maintainers/frontend -/ee/app/assets/ @gitlab-org/maintainers/frontend -/spec/frontend/ @gitlab-org/maintainers/frontend -/ee/spec/frontend/ @gitlab-org/maintainers/frontend -/spec/frontend_integration/ @gitlab-org/maintainers/frontend -/ee/spec/frontend_integration/ @gitlab-org/maintainers/frontend +^[Frontend] @gitlab-org/maintainers/frontend +*.scss +*.js +/app/assets/ +/ee/app/assets/ +/spec/frontend/ +/ee/spec/frontend/ +/spec/frontend_integration/ +/ee/spec/frontend_integration/ -^[Database] -/db/ @gitlab-org/maintainers/database -/ee/db/ @gitlab-org/maintainers/database -/lib/gitlab/background_migration/ @gitlab-org/maintainers/database -/ee/lib/ee/gitlab/background_migration/ @gitlab-org/maintainers/database -/lib/gitlab/database/ @gitlab-org/maintainers/database -/lib/gitlab/sql/ @gitlab-org/maintainers/database -/app/finders/ @gitlab-org/maintainers/database -/ee/app/finders/ @gitlab-org/maintainers/database -/rubocop/rubocop-migrations.yml @gitlab-org/maintainers/database +^[Database] @gitlab-org/maintainers/database +/db/ +/ee/db/ +/lib/gitlab/background_migration/ +/ee/lib/ee/gitlab/background_migration/ +/lib/gitlab/database/ +/lib/gitlab/sql/ +/app/finders/ +/ee/app/finders/ +/rubocop/rubocop-migrations.yml -^[Engineering Productivity] -/.gitlab-ci.yml @gl-quality/eng-prod -/.gitlab/ci/ @gl-quality/eng-prod +[Engineering Productivity] @gl-quality/eng-prod +/.gitlab-ci.yml +/.gitlab/ci/ /.gitlab/ci/docs.gitlab-ci.yml @gl-quality/eng-prod @gl-docsteam +/.gitlab/ci/package-and-test/ @gl-quality/eng-prod @gl-quality/qe-maintainers +/.gitlab/ci/qa.gitlab-ci.yml @gl-quality/eng-prod @gl-quality/qe-maintainers /.gitlab/ci/releases.gitlab-ci.yml @gl-quality/eng-prod @gitlab-org/delivery -/.gitlab/ci/reports.gitlab-ci.yml @gitlab-com/gl-security/appsec @gl-quality/eng-prod -Dangerfile @gl-quality/eng-prod -/danger/ @gl-quality/eng-prod -/tooling/danger/ @gl-quality/eng-prod -/scripts/ @gl-quality/eng-prod +/.gitlab/ci/reports.gitlab-ci.yml @gl-quality/eng-prod @gitlab-com/gl-security/appsec +/.gitlab/ci/review-apps/qa.gitlab-ci.yml @gl-quality/eng-prod @gl-quality/qe-maintainers +/.gitlab/ci/test-on-gdk/ @gl-quality/eng-prod @gl-quality/qe-maintainers +Dangerfile +/danger/ +/tooling/danger/ +/scripts/ /scripts/frontend/ @gl-quality/eng-prod @gitlab-org/maintainers/frontend -/scripts/review_apps/seed-dast-test-data.sh @dappelt @ngeorge1 @gl-quality/eng-prod -.editorconfig @gl-quality/eng-prod +/scripts/review_apps/seed-dast-test-data.sh @gl-quality/eng-prod @dappelt @ngeorge1 +.editorconfig -^[Backend Static Code Analysis] -.rubocop*.yml @dstull @splattael @gl-quality/eng-prod -.rubocop_todo.yml @dstull @splattael @gl-quality/eng-prod -.rubocop_todo/ @dstull @splattael @gl-quality/eng-prod -/rubocop/ @dstull @splattael @gl-quality/eng-prod -/spec/rubocop/ @dstull @splattael @gl-quality/eng-prod +^[Backend Static Code Analysis] @gl-quality/eng-prod @dstull @splattael +.rubocop*.yml +.rubocop_todo/ +/rubocop/ +/spec/rubocop/ -^[End-to-end] -/qa/ @gl-quality +^[End-to-end] @gl-quality +/qa/ -^[LDAP] -/ee/lib/ee/gitlab/auth/ldap/ @dblessing @mkozono -/lib/gitlab/auth/ldap/ @dblessing @mkozono +^[LDAP] @dblessing @mkozono +/ee/lib/ee/gitlab/auth/ldap/ +/lib/gitlab/auth/ldap/ -^[Templates] -/lib/gitlab/ci/templates/ @gitlab-org/maintainers/cicd-templates -/lib/gitlab/ci/templates/Auto-DevOps.gitlab-ci.yml @DylanGriffith @mayra-cabrera @tkuah -/lib/gitlab/ci/templates/Security/ @gonzoyumo @twoodham @sethgitlab @thiagocsf -/lib/gitlab/ci/templates/Security/API-Fuzzing.*.yml @gitlab-org/secure/dynamic-analysis -/lib/gitlab/ci/templates/Security/Container-Scanning.*.yml @gitlab-org/secure/composition-analysis-be -/lib/gitlab/ci/templates/Security/Coverage-Fuzzing.*.yml @gitlab-org/secure/dynamic-analysis -/lib/gitlab/ci/templates/Security/DAST.*.yml @gitlab-org/secure/dynamic-analysis -/lib/gitlab/ci/templates/Security/Dependency-Scanning.*.yml @gitlab-org/secure/composition-analysis-be -/lib/gitlab/ci/templates/Security/License-Scanning.*.yml @gitlab-org/secure/composition-analysis-be -/lib/gitlab/ci/templates/Security/SAST.*.yml @gitlab-org/secure/static-analysis -/lib/gitlab/ci/templates/Security/Secret-Detection.*.yml @gitlab-org/secure/static-analysis -/lib/gitlab/ci/templates/Security/Secure-Binaries.*.yml @gitlab-org/secure/static-analysis @gitlab-org/secure/composition-analysis-be @gitlab-org/secure/dynamic-analysis -# Note: The `Fortify-FoD-sast.gitlab-ci.yml` template is provided and maintained by Fortify, an official Technology Partner with GitLab. -/lib/gitlab/ci/templates/Jobs/Container-Scanning.*.yml @gitlab-org/secure/composition-analysis-be -/lib/gitlab/ci/templates/Jobs/Dependency-Scanning.*.yml @gitlab-org/secure/composition-analysis-be -/lib/gitlab/ci/templates/Jobs/License-Scanning.*.yml @gitlab-org/secure/composition-analysis-be -/lib/gitlab/ci/templates/Jobs/SAST.*.yml @gitlab-org/secure/static-analysis -/lib/gitlab/ci/templates/Jobs/Secret-Detection.*.yml @gitlab-org/secure/static-analysis - -^[Project Alias] -/ee/app/models/project_alias.rb @patrickbajao -/ee/lib/api/project_aliases.rb @patrickbajao +^[Project Alias] @patrickbajao +/ee/app/models/project_alias.rb +/ee/lib/api/project_aliases.rb -^[Distribution] -/lib/support/ @gitlab-org/distribution +^[Distribution] @gitlab-org/distribution +/lib/support/ # Secure & Threat Management ownership delineation # https://about.gitlab.com/handbook/engineering/development/threat-management/delineate-secure-threat-management.html#technical-boundaries -^[Threat Insights] -/app/finders/security/ @gitlab-org/govern/threat-insights-backend-team -/app/models/vulnerability.rb @gitlab-org/govern/threat-insights-backend-team -/app/presenters/projects/security/ @gitlab-org/govern/threat-insights-backend-team -/spec/presenters/projects/security/ @gitlab-org/govern/threat-insights-backend-team -/ee/app/finders/security/ @gitlab-org/govern/threat-insights-backend-team -/ee/app/models/security/ @gitlab-org/govern/threat-insights-backend-team -/ee/app/models/vulnerabilities/ @gitlab-org/govern/threat-insights-backend-team -/ee/app/policies/vulnerabilities/ @gitlab-org/govern/threat-insights-backend-team -/ee/app/policies/vulnerability*.rb @gitlab-org/govern/threat-insights-backend-team -/ee/lib/api/vulnerabilit*.rb @gitlab-org/govern/threat-insights-backend-team -/ee/spec/policies/vulnerabilities/ @gitlab-org/govern/threat-insights-backend-team -/ee/spec/policies/vulnerability*.rb @gitlab-org/govern/threat-insights-backend-team -/ee/app/assets/javascripts/license_compliance/components/detected_licenses_table.vue @gitlab-org/govern/threat-insights-frontend-team -/ee/spec/frontend/license_compliance/components/detected_licenses_table_spec.js @gitlab-org/govern/threat-insights-frontend-team +^[Threat Insights backend] @gitlab-org/govern/threat-insights-backend-team +/app/finders/security/ +/app/models/vulnerability.rb +/app/presenters/projects/security/ +/spec/presenters/projects/security/ +/ee/app/finders/security/ +/ee/app/models/security/ +/ee/app/models/vulnerabilities/ +/ee/app/policies/vulnerabilities/ +/ee/app/policies/vulnerability*.rb +/ee/lib/api/vulnerabilit*.rb +/ee/spec/policies/vulnerabilities/ +/ee/spec/policies/vulnerability*.rb -^[Secure] -/ee/lib/gitlab/ci/parsers/license_compliance/ @gitlab-org/secure/composition-analysis-be -/ee/lib/gitlab/ci/parsers/security/ @gitlab-org/secure/composition-analysis-be @gitlab-org/secure/dynamic-analysis-be @gitlab-org/secure/static-analysis-be @gitlab-org/secure/fuzzing-be -/ee/lib/gitlab/ci/reports/coverage_fuzzing/ @gitlab-org/secure/fuzzing-be -/ee/lib/gitlab/ci/reports/dependency_list/ @gitlab-org/secure/composition-analysis-be -/ee/lib/gitlab/ci/reports/license_scanning/ @gitlab-org/secure/composition-analysis-be -/ee/lib/gitlab/ci/reports/security/ @gitlab-org/secure/composition-analysis-be @gitlab-org/secure/dynamic-analysis-be @gitlab-org/secure/static-analysis-be @gitlab-org/secure/fuzzing-be -/ee/app/services/app_sec/dast/ @gitlab-org/secure/dynamic-analysis-be +^[Threat Insights frontend] @gitlab-org/govern/threat-insights-frontend-team +/ee/app/assets/javascripts/license_compliance/components/detected_licenses_table.vue +/ee/spec/frontend/license_compliance/components/detected_licenses_table_spec.js + +^[Secure] @gitlab-org/secure/dynamic-analysis-be +/ee/app/services/app_sec/dast/ -^[Security Policies] -/ee/app/assets/javascripts/approvals/components/license_compliance/** @gitlab-org/govern/security-policies-frontend -/ee/app/assets/javascripts/approvals/stores/modules/license_compliance/** @gitlab-org/govern/security-policies-frontend -/ee/app/assets/javascripts/license_compliance/** @gitlab-org/govern/security-policies-frontend -/ee/app/assets/javascripts/pages/projects/licenses/** @gitlab-org/govern/security-policies-frontend -/ee/app/assets/javascripts/pages/projects/pipelines/licenses/** @gitlab-org/govern/security-policies-frontend +^[Security Policies frontend] @gitlab-org/govern/security-policies-frontend +/ee/app/assets/javascripts/approvals/components/license_compliance/** +/ee/app/assets/javascripts/approvals/stores/modules/license_compliance/** +/ee/app/assets/javascripts/license_compliance/** +/ee/app/assets/javascripts/pages/projects/licenses/** +/ee/app/assets/javascripts/pages/projects/pipelines/licenses/** /ee/app/assets/javascripts/pages/projects/pipelines/show/license_report.js -/ee/app/assets/javascripts/vue_merge_request_widget/extensions/license_compliance/** @gitlab-org/govern/security-policies-frontend -/ee/app/assets/javascripts/vue_shared/license_compliance/** @gitlab-org/govern/security-policies-frontend -/ee/app/views/projects/licenses/** @gitlab-org/govern/security-policies-frontend -/ee/spec/frontend/approvals/components/license_compliance/** @gitlab-org/govern/security-policies-frontend -/ee/spec/frontend/approvals/stores/modules/license_compliance/** @gitlab-org/govern/security-policies-frontend -/ee/spec/frontend/license_compliance/** @gitlab-org/govern/security-policies-frontend -/ee/spec/frontend/vue_merge_request_widget/extensions/license_compliance/** @gitlab-org/govern/security-policies-frontend -/ee/spec/frontend/vue_shared/license_compliance/** @gitlab-org/govern/security-policies-frontend +/ee/app/assets/javascripts/vue_merge_request_widget/extensions/license_compliance/** +/ee/app/assets/javascripts/vue_shared/license_compliance/** +/ee/app/views/projects/licenses/** +/ee/spec/frontend/approvals/components/license_compliance/** +/ee/spec/frontend/approvals/stores/modules/license_compliance/** +/ee/spec/frontend/license_compliance/** +/ee/spec/frontend/vue_merge_request_widget/extensions/license_compliance/** +/ee/spec/frontend/vue_shared/license_compliance/** -/ee/app/assets/javascripts/approvals/components/security_orchestration/** @gitlab-org/govern/security-policies-frontend -/ee/app/assets/javascripts/approvals/stores/modules/security_orchestration/** @gitlab-org/govern/security-policies-frontend -/ee/app/assets/javascripts/pages/groups/security/policies/** @gitlab-org/govern/security-policies-frontend -/ee/app/assets/javascripts/pages/projects/security/policies/** @gitlab-org/govern/security-policies-frontend -/ee/app/assets/javascripts/security_orchestration/** @gitlab-org/govern/security-policies-frontend -/ee/app/views/groups/security/policies @gitlab-org/govern/security-policies-frontend -/ee/app/views/projects/security/policies/** @gitlab-org/govern/security-policies-frontend -/ee/spec/frontend/approvals/components/security_orchestration/** @gitlab-org/govern/security-policies-frontend -/ee/spec/frontend/approvals/stores/modules/security_orchestration/** @gitlab-org/govern/security-policies-frontend -/ee/spec/frontend/security_orchestration/** @gitlab-org/govern/security-policies-frontend -/ee/spec/views/projects/security/policies/** @gitlab-org/govern/security-policies-frontend +/ee/app/assets/javascripts/approvals/components/security_orchestration/** +/ee/app/assets/javascripts/approvals/stores/modules/security_orchestration/** +/ee/app/assets/javascripts/pages/groups/security/policies/** +/ee/app/assets/javascripts/pages/projects/security/policies/** +/ee/app/assets/javascripts/security_orchestration/** +/ee/app/views/groups/security/policies +/ee/app/views/projects/security/policies/** +/ee/spec/frontend/approvals/components/security_orchestration/** +/ee/spec/frontend/approvals/stores/modules/security_orchestration/** +/ee/spec/frontend/security_orchestration/** +/ee/spec/views/projects/security/policies/** -/app/models/clusters/applications/cilium.rb @gitlab-org/govern/security-policies-backend -/ee/app/controllers/groups/security/policies_controller.rb @gitlab-org/govern/security-policies-backend -/ee/app/controllers/projects/security/policies_controller.rb @gitlab-org/govern/security-policies-backend -/ee/app/graphql/mutations/concerns/mutations/finds_project_or_group_for_security_policies.rb @gitlab-org/govern/security-policies-backend -/ee/app/graphql/mutations/security_policy/** @gitlab-org/govern/security-policies-backend -/ee/app/graphql/resolvers/concerns/resolves_orchestration_policy.rb @gitlab-org/govern/security-policies-backend -/ee/app/graphql/resolvers/security_orchestration/** @gitlab-org/govern/security-policies-backend -/ee/app/graphql/types/security_orchestration/** @gitlab-org/govern/security-policies-backend -/ee/app/helpers/ee/security_orchestration_helper.rb @gitlab-org/govern/security-policies-backend -/ee/app/models/security/orchestration_policy_configuration.rb @gitlab-org/govern/security-policies-backend -/ee/app/models/security/orchestration_policy_rule_schedule.rb @gitlab-org/govern/security-policies-backend -/ee/app/services/security/orchestration/** @gitlab-org/govern/security-policies-backend -/ee/app/services/security/security_orchestration_policies/** @gitlab-org/govern/security-policies-backend -/ee/app/validators/json_schemas/security_orchestration_policy.json @gitlab-org/govern/security-policies-backend -/ee/app/workers/concerns/update_orchestration_policy_configuration.rb @gitlab-org/govern/security-policies-backend -/ee/app/workers/security/create_orchestration_policy_worker.rb @gitlab-org/govern/security-policies-backend -/ee/app/workers/security/orchestration_policy_rule_schedule_namespace_worker.rb @gitlab-org/govern/security-policies-backend -/ee/app/workers/security/orchestration_policy_rule_schedule_worker.rb @gitlab-org/govern/security-policies-backend -/ee/lib/ee/gitlab/ci/pipeline/chain/validate/security_orchestration_policy.rb @gitlab-org/govern/security-policies-backend -/ee/lib/gitlab/ci/config/security_orchestration_policies/** @gitlab-org/govern/security-policies-backend -/ee/lib/gitlab/graphql/aggregations/security_orchestration_policies/** @gitlab-org/govern/security-policies-backend -/ee/spec/controllers/groups/security/policies_controller_spec.rb @gitlab-org/govern/security-policies-backend -/ee/spec/factories/security_orchestration_policy_configurations.rb @gitlab-org/govern/security-policies-backend -/ee/spec/factories/security_orchestration_policy_rule_schedules.rb @gitlab-org/govern/security-policies-backend -/ee/spec/factories/security/policies.rb @gitlab-org/govern/security-policies-backend -/ee/spec/graphql/mutations/security_policy/** @gitlab-org/govern/security-policies-backend -/ee/spec/graphql/resolvers/security_orchestration/** @gitlab-org/govern/security-policies-backend -/ee/spec/graphql/types/security_orchestration/** @gitlab-org/govern/security-policies-backend -/ee/spec/helpers/ee/security_orchestration_helper_spec.rb @gitlab-org/govern/security-policies-backend -/ee/spec/lib/ee/gitlab/ci/pipeline/chain/validate/security_orchestration_policy_spec.rb @gitlab-org/govern/security-policies-backend -/ee/spec/lib/gitlab/ci/config/security_orchestration_policies/** @gitlab-org/govern/security-policies-backend -/ee/spec/lib/gitlab/graphql/aggregations/security_orchestration_policies/** @gitlab-org/govern/security-policies-backend -/ee/spec/models/security/orchestration_policy_configuration_spec.rb @gitlab-org/govern/security-policies-backend -/ee/spec/models/security/orchestration_policy_rule_schedule_spec.rb @gitlab-org/govern/security-policies-backend -/ee/spec/requests/api/graphql/mutations/security_policy/** @gitlab-org/govern/security-policies-backend -/ee/spec/requests/api/graphql/project/security_orchestration/** @gitlab-org/govern/security-policies-backend -/ee/spec/requests/projects/security/policies_controller_spec.rb @gitlab-org/govern/security-policies-backend -/ee/spec/services/security/orchestration/** @gitlab-org/govern/security-policies-backend -/ee/spec/services/security/security_orchestration_policies/** @gitlab-org/govern/security-policies-backend -/ee/spec/support/shared_contexts/graphql/resolvers/security_orchestration/** @gitlab-org/govern/security-policies-backend -/ee/spec/views/projects/security/policies/index.html.haml_spec.rb @gitlab-org/govern/security-policies-backend -/ee/spec/workers/concerns/update_orchestration_policy_configuration_spec.rb @gitlab-org/govern/security-policies-backend -/ee/spec/workers/security/create_orchestration_policy_worker_spec.rb @gitlab-org/govern/security-policies-backend -/ee/spec/workers/security/orchestration_policy_rule_schedule_namespace_worker_spec.rb @gitlab-org/govern/security-policies-backend -/ee/spec/workers/security/orchestration_policy_rule_schedule_worker_spec.rb @gitlab-org/govern/security-policies-backend -/lib/gitlab/ci/pipeline/chain/validate/security_orchestration_policy.rb @gitlab-org/govern/security-policies-backend -/spec/models/clusters/applications/cilium_spec.rb @gitlab-org/govern/security-policies-backend +^[Security Policies backend] @gitlab-org/govern/security-policies-backend +/app/models/clusters/applications/cilium.rb +/ee/app/controllers/groups/security/policies_controller.rb +/ee/app/controllers/projects/security/policies_controller.rb +/ee/app/graphql/mutations/concerns/mutations/finds_project_or_group_for_security_policies.rb +/ee/app/graphql/mutations/security_policy/** +/ee/app/graphql/resolvers/concerns/resolves_orchestration_policy.rb +/ee/app/graphql/resolvers/security_orchestration/** +/ee/app/graphql/types/security_orchestration/** +/ee/app/helpers/ee/security_orchestration_helper.rb +/ee/app/models/security/orchestration_policy_configuration.rb +/ee/app/models/security/orchestration_policy_rule_schedule.rb +/ee/app/services/security/orchestration/** +/ee/app/services/security/security_orchestration_policies/** +/ee/app/validators/json_schemas/security_orchestration_policy.json +/ee/app/workers/concerns/update_orchestration_policy_configuration.rb +/ee/app/workers/security/create_orchestration_policy_worker.rb +/ee/app/workers/security/orchestration_policy_rule_schedule_namespace_worker.rb +/ee/app/workers/security/orchestration_policy_rule_schedule_worker.rb +/ee/lib/ee/gitlab/ci/pipeline/chain/validate/security_orchestration_policy.rb +/ee/lib/gitlab/ci/config/security_orchestration_policies/** +/ee/lib/gitlab/graphql/aggregations/security_orchestration_policies/** +/ee/spec/controllers/groups/security/policies_controller_spec.rb +/ee/spec/factories/security_orchestration_policy_configurations.rb +/ee/spec/factories/security_orchestration_policy_rule_schedules.rb +/ee/spec/factories/security/policies.rb +/ee/spec/graphql/mutations/security_policy/** +/ee/spec/graphql/resolvers/security_orchestration/** +/ee/spec/graphql/types/security_orchestration/** +/ee/spec/helpers/ee/security_orchestration_helper_spec.rb +/ee/spec/lib/ee/gitlab/ci/pipeline/chain/validate/security_orchestration_policy_spec.rb +/ee/spec/lib/gitlab/ci/config/security_orchestration_policies/** +/ee/spec/lib/gitlab/graphql/aggregations/security_orchestration_policies/** +/ee/spec/models/security/orchestration_policy_configuration_spec.rb +/ee/spec/models/security/orchestration_policy_rule_schedule_spec.rb +/ee/spec/requests/api/graphql/mutations/security_policy/** +/ee/spec/requests/api/graphql/project/security_orchestration/** +/ee/spec/requests/projects/security/policies_controller_spec.rb +/ee/spec/services/security/orchestration/** +/ee/spec/services/security/security_orchestration_policies/** +/ee/spec/support/shared_contexts/graphql/resolvers/security_orchestration/** +/ee/spec/views/projects/security/policies/index.html.haml_spec.rb +/ee/spec/workers/concerns/update_orchestration_policy_configuration_spec.rb +/ee/spec/workers/security/create_orchestration_policy_worker_spec.rb +/ee/spec/workers/security/orchestration_policy_rule_schedule_namespace_worker_spec.rb +/ee/spec/workers/security/orchestration_policy_rule_schedule_worker_spec.rb +/lib/gitlab/ci/pipeline/chain/validate/security_orchestration_policy.rb +/spec/models/clusters/applications/cilium_spec.rb -/app/finders/security/license_compliance_jobs_finder.rb @gitlab-org/govern/security-policies-backend -/ee/app/controllers/projects/licenses_controller.rb @gitlab-org/govern/security-policies-backend -/ee/app/finders/software_license_policies_finder.rb @gitlab-org/govern/security-policies-backend +/app/finders/security/license_compliance_jobs_finder.rb +/ee/app/controllers/projects/licenses_controller.rb +/ee/app/finders/software_license_policies_finder.rb /ee/app/models/sca/license_compliance.rb @gitlab-org/govern/security-policies-backend @gitlab-org/secure/composition-analysis-be -/ee/app/models/sca/license_policy.rb @gitlab-org/govern/security-policies-backend -/ee/app/models/software_license_policy.rb @gitlab-org/govern/security-policies-backend -/ee/app/models/software_license.rb @gitlab-org/govern/security-policies-backend -/ee/app/serializers/license_compliance/** @gitlab-org/govern/security-policies-backend -/ee/app/serializers/license_entity.rb @gitlab-org/govern/security-policies-backend -/ee/app/serializers/licenses_list_entity.rb @gitlab-org/govern/security-policies-backend -/ee/app/serializers/licenses_list_serializer.rb @gitlab-org/govern/security-policies-backend -/ee/app/serializers/security/license_policy_entity.rb @gitlab-org/govern/security-policies-backend -/ee/app/services/ci/compare_license_scanning_reports_collapsed_service.rb @gitlab-org/govern/security-policies-backend -/ee/app/services/ci/compare_license_scanning_reports_service.rb @gitlab-org/govern/security-policies-backend -/ee/app/services/software_license_policies/** @gitlab-org/govern/security-policies-backend -/ee/app/services/software_license_policies/update_service.rb @gitlab-org/govern/security-policies-backend -/ee/app/workers/refresh_license_compliance_checks_worker.rb @gitlab-org/govern/security-policies-backend -/ee/lib/api/managed_licenses.rb @gitlab-org/govern/security-policies-backend -/ee/lib/ee/api/entities/managed_license.rb @gitlab-org/govern/security-policies-backend -/ee/lib/gitlab/spdx/license.rb @gitlab-org/govern/security-policies-backend -/ee/spec/factories/software_license_policy.rb @gitlab-org/govern/security-policies-backend -/ee/spec/factories/software_license.rb @gitlab-org/govern/security-policies-backend -/ee/spec/factories/spdx_license.rb @gitlab-org/govern/security-policies-backend -/ee/spec/finders/software_license_policies_finder_spec.rb @gitlab-org/govern/security-policies-backend -/ee/spec/lib/gitlab/ci/parsers/license_compliance/** @gitlab-org/govern/security-policies-backend +/ee/app/models/sca/license_policy.rb +/ee/app/models/software_license_policy.rb +/ee/app/models/software_license.rb +/ee/app/serializers/license_compliance/** +/ee/app/serializers/license_entity.rb +/ee/app/serializers/licenses_list_entity.rb +/ee/app/serializers/licenses_list_serializer.rb +/ee/app/serializers/security/license_policy_entity.rb +/ee/app/services/ci/compare_license_scanning_reports_collapsed_service.rb +/ee/app/services/ci/compare_license_scanning_reports_service.rb +/ee/app/services/software_license_policies/** +/ee/app/services/software_license_policies/update_service.rb +/ee/app/workers/refresh_license_compliance_checks_worker.rb +/ee/lib/api/managed_licenses.rb +/ee/lib/ee/api/entities/managed_license.rb +/ee/lib/gitlab/spdx/license.rb +/ee/spec/factories/software_license_policy.rb +/ee/spec/factories/software_license.rb +/ee/spec/factories/spdx_license.rb +/ee/spec/finders/software_license_policies_finder_spec.rb +/ee/spec/lib/gitlab/ci/parsers/license_compliance/** /ee/spec/models/sca/license_compliance_spec.rb @gitlab-org/govern/security-policies-backend @gitlab-org/secure/composition-analysis-be -/ee/spec/models/sca/license_policy_spec.rb @gitlab-org/govern/security-policies-backend -/ee/spec/models/software_license_policy_spec.rb @gitlab-org/govern/security-policies-backend -/ee/spec/models/software_license_spec.rb @gitlab-org/govern/security-policies-backend -/ee/spec/requests/api/managed_licenses_spec.rb @gitlab-org/govern/security-policies-backend -/ee/spec/serializers/license_compliance/** @gitlab-org/govern/security-policies-backend -/ee/spec/services/ci/compare_license_scanning_reports_collapsed_service_spec.rb @gitlab-org/govern/security-policies-backend -/ee/spec/services/ci/compare_license_scanning_reports_service_spec.rb @gitlab-org/govern/security-policies-backend -/ee/spec/services/software_license_policies/** @gitlab-org/govern/security-policies-backend -/spec/finders/security/license_compliance_jobs_finder_spec.rb @gitlab-org/govern/security-policies-backend +/ee/spec/models/sca/license_policy_spec.rb +/ee/spec/models/software_license_policy_spec.rb +/ee/spec/models/software_license_spec.rb +/ee/spec/requests/api/managed_licenses_spec.rb +/ee/spec/serializers/license_compliance/** +/ee/spec/services/ci/compare_license_scanning_reports_collapsed_service_spec.rb +/ee/spec/services/ci/compare_license_scanning_reports_service_spec.rb +/ee/spec/services/software_license_policies/** +/spec/finders/security/license_compliance_jobs_finder_spec.rb -^[Code Owners] -/ee/lib/gitlab/code_owners.rb @reprazent @kerrizor @garyh -/ee/lib/gitlab/code_owners/ @reprazent @kerrizor @garyh -/ee/spec/lib/gitlab/code_owners/ @reprazent @kerrizor @garyh -/doc/user/project/code_owners.md @reprazent @kerrizor @garyh +^[Code Owners] @reprazent @kerrizor @garyh +/ee/lib/gitlab/code_owners.rb +/ee/lib/gitlab/code_owners/ +/ee/spec/lib/gitlab/code_owners/ +/doc/user/project/code_owners.md -^[Merge Requests] -/app/controllers/projects/merge_requests/ @garyh @patrickbajao @marc_shaw @kerrizor -/app/models/merge_request.rb @dskim_gitlab @garyh @patrickbajao @marc_shaw @kerrizor -/app/services/merge_requests/ @dskim_gitlab @garyh @patrickbajao @marc_shaw @kerrizor -/app/workers/merge_requests/ @dskim_gitlab @garyh @patrickbajao @marc_shaw @kerrizor -/app/workers/merge_request_mergeability_check_worker.rb @dskim_gitlab @garyh @patrickbajao @marc_shaw @kerrizor -/lib/gitlab/diff/ @dskim_gitlab @garyh @patrickbajao @marc_shaw @kerrizor -/lib/gitlab/discussions_diff/ @dskim_gitlab @garyh @patrickbajao @marc_shaw @kerrizor -/lib/gitlab/quick_actions/ @dskim_gitlab @garyh @patrickbajao @marc_shaw @kerrizor +^[Merge Requests backend] @garyh @patrickbajao @marc_shaw @kerrizor +/app/controllers/projects/merge_requests/ +/app/models/merge_request.rb @garyh @patrickbajao @marc_shaw @kerrizor @dskim_gitlab +/app/services/merge_requests/ @garyh @patrickbajao @marc_shaw @kerrizor @dskim_gitlab +/app/workers/merge_requests/ @garyh @patrickbajao @marc_shaw @kerrizor @dskim_gitlab +/app/workers/merge_request_mergeability_check_worker.rb @garyh @patrickbajao @marc_shaw @kerrizor @dskim_gitlab +/lib/gitlab/diff/ @garyh @patrickbajao @marc_shaw @kerrizor @dskim_gitlab +/lib/gitlab/discussions_diff/ @garyh @patrickbajao @marc_shaw @kerrizor @dskim_gitlab +/lib/gitlab/quick_actions/ @garyh @patrickbajao @marc_shaw @kerrizor @dskim_gitlab -/ee/app/models/ee/merge_request.rb @dskim_gitlab @garyh @patrickbajao @marc_shaw @kerrizor -/ee/app/services/merge_requests/ @dskim_gitlab @garyh @patrickbajao @marc_shaw @kerrizor -/ee/app/workers/merge_requests/ @dskim_gitlab @garyh @patrickbajao @marc_shaw @kerrizor -/ee/app/workers/merge_request_reset_approvals_worker.rb @dskim_gitlab @garyh @patrickbajao @marc_shaw @kerrizor +/ee/app/models/ee/merge_request.rb @garyh @patrickbajao @marc_shaw @kerrizor @dskim_gitlab +/ee/app/services/merge_requests/ @garyh @patrickbajao @marc_shaw @kerrizor @dskim_gitlab +/ee/app/workers/merge_requests/ @garyh @patrickbajao @marc_shaw @kerrizor @dskim_gitlab +/ee/app/workers/merge_request_reset_approvals_worker.rb @garyh @patrickbajao @marc_shaw @kerrizor @dskim_gitlab -/app/assets/javascripts/diffs @viktomas @jboyson @iamphill @thomasrandolph -/app/assets/javascripts/batch_comments/ @viktomas @jboyson @iamphill @thomasrandolph -/app/assets/javascripts/notes @viktomas @jboyson @iamphill @thomasrandolph -/app/assets/javascripts/merge_conflicts @viktomas @jboyson @iamphill @thomasrandolph -/app/assets/javascripts/mr_notes @viktomas @jboyson @iamphill @thomasrandolph -/app/assets/javascripts/issuable/popover @viktomas @jboyson @iamphill @thomasrandolph -/app/assets/javascripts/vue_merge_request_widget @viktomas @jboyson @iamphill @thomasrandolph -/app/assets/javascripts/merge_request.js @viktomas @jboyson @iamphill @thomasrandolph -/app/assets/javascripts/merge_request_tabs.js @viktomas @jboyson @iamphill @thomasrandolph -/app/assets/stylesheets/framework/diffs.scss @viktomas @jboyson @iamphill @thomasrandolph -/ee/app/assets/javascripts/diffs/ @viktomas @jboyson @iamphill @thomasrandolph -/ee/app/assets/javascripts/vue_merge_request_widget @viktomas @jboyson @iamphill @thomasrandolph -/spec/frontend/diffs/ @viktomas @jboyson @iamphill @thomasrandolph -/spec/frontend/batch_comments/ @viktomas @jboyson @iamphill @thomasrandolph +^[Merge Requests frontend] @viktomas @jboyson @iamphill @thomasrandolph +/app/assets/javascripts/diffs +/app/assets/javascripts/batch_comments/ +/app/assets/javascripts/notes +/app/assets/javascripts/merge_conflicts +/app/assets/javascripts/mr_notes +/app/assets/javascripts/issuable/popover +/app/assets/javascripts/vue_merge_request_widget +/app/assets/javascripts/merge_request.js +/app/assets/javascripts/merge_request_tabs.js +/app/assets/stylesheets/framework/diffs.scss +/ee/app/assets/javascripts/diffs/ +/ee/app/assets/javascripts/vue_merge_request_widget +/spec/frontend/diffs/ +/spec/frontend/batch_comments/ -^[Product Intelligence] -/ee/lib/gitlab/usage_data_counters/ @gitlab-org/analytics-section/product-intelligence/engineers -/ee/lib/ee/gitlab/usage_data.rb @gitlab-org/analytics-section/product-intelligence/engineers -/lib/gitlab/usage_data.rb @gitlab-org/analytics-section/product-intelligence/engineers -/lib/gitlab/usage_data_counters/ @gitlab-org/analytics-section/product-intelligence/engineers -/lib/gitlab/usage/ @gitlab-org/analytics-section/product-intelligence/engineers -/ee/lib/ee/gitlab/usage_data_counters/ @gitlab-org/analytics-section/product-intelligence/engineers -/ee/lib/ee/gitlab/usage/ @gitlab-org/analytics-section/product-intelligence/engineers -/config/metrics/ @gitlab-org/analytics-section/product-intelligence/engineers -/ee/config/metrics/ @gitlab-org/analytics-section/product-intelligence/engineers -/app/workers/gitlab_service_ping_worker.rb @gitlab-org/analytics-section/product-intelligence/engineers -/spec/workers/gitlab_service_ping_worker_spec.rb @gitlab-org/analytics-section/product-intelligence/engineers -/ee/spec/lib/gitlab/usage_data_counters/ @gitlab-org/analytics-section/product-intelligence/engineers -/ee/spec/lib/ee/gitlab/usage_data_spec.rb @gitlab-org/analytics-section/product-intelligence/engineers -/spec/lib/gitlab/usage_data_spec.rb @gitlab-org/analytics-section/product-intelligence/engineers -/spec/lib/gitlab/usage_data_counters/ @gitlab-org/analytics-section/product-intelligence/engineers -/spec/lib/gitlab/usage/ @gitlab-org/analytics-section/product-intelligence/engineers -/ee/spec/lib/ee/gitlab/usage_data_counters/ @gitlab-org/analytics-section/product-intelligence/engineers -/ee/spec/lib/ee/gitlab/usage/ @gitlab-org/analytics-section/product-intelligence/engineers -/ee/spec/config/metrics/ @gitlab-org/analytics-section/product-intelligence/engineers +^[Product Analytics] @gitlab-org/analytics-section/product-analytics/engineers/frontend +/ee/app/assets/javascripts/analytics/analytics_dashboards/components/analytics_dashboard.vue +/ee/app/assets/javascripts/analytics/analytics_dashboards/components/dashboards_list.vue +/ee/app/assets/javascripts/analytics/analytics_dashboards/data_sources/ +/ee/app/assets/javascripts/vue_shared/components/customizable_dashboard/customizable_dashboard.vue +/ee/app/assets/javascripts/vue_shared/components/customizable_dashboard/panels_base.vue +/ee/app/assets/javascripts/product_analytics/ -^[Growth Experiments] -/app/experiments/ @gitlab-org/growth/experiment-devs -/spec/experiments/ @gitlab-org/growth/experiment-devs -/config/initializers/gitlab_experiment.rb @gitlab-org/growth/experiment-devs -/config/feature_flags/experiment/ @gitlab-org/growth/experiment-devs -/ee/config/feature_flags/experiment/ @gitlab-org/growth/experiment-devs -/ee/lib/api/experiments.rb @gitlab-org/growth/experiment-devs -/ee/spec/requests/api/experiments_spec.rb @gitlab-org/growth/experiment-devs -/ee/lib/ee/api/entities/experiment.rb @gitlab-org/growth/experiment-devs -/ee/spec/lib/ee/api/entities/experiment_spec.rb @gitlab-org/growth/experiment-devs +^[Analytics Instrumentation] @gitlab-org/analytics-section/product-intelligence/engineers +/ee/lib/gitlab/usage_data_counters/ +/ee/lib/ee/gitlab/usage_data.rb +/lib/gitlab/usage_data.rb +/lib/gitlab/usage_data_counters/ +/lib/gitlab/usage/ +/ee/lib/ee/gitlab/usage_data_counters/ +/ee/lib/ee/gitlab/usage/ +/config/metrics/ +/ee/config/metrics/ +/app/workers/gitlab_service_ping_worker.rb +/spec/workers/gitlab_service_ping_worker_spec.rb +/ee/spec/lib/gitlab/usage_data_counters/ +/ee/spec/lib/ee/gitlab/usage_data_spec.rb +/spec/lib/gitlab/usage_data_spec.rb +/spec/lib/gitlab/usage_data_counters/ +/spec/lib/gitlab/usage/ +/ee/spec/lib/ee/gitlab/usage_data_counters/ +/ee/spec/lib/ee/gitlab/usage/ +/ee/spec/config/metrics/ -^[Growth] -/ee/app/workers/onboarding/ @gitlab-org/growth/engineers -/ee/spec/workers/onboarding/ @gitlab-org/growth/engineers -/app/models/onboarding/ @gitlab-org/growth/engineers -/spec/models/onboarding/ @gitlab-org/growth/engineers -/app/services/onboarding/ @gitlab-org/growth/engineers -/spec/services/onboarding/ @gitlab-org/growth/engineers -/ee/app/components/namespaces/free_user_cap/ @gitlab-org/growth/engineers -/ee/spec/components/namespaces/free_user_cap/ @gitlab-org/growth/engineers -/ee/app/models/namespaces/free_user_cap/ @gitlab-org/growth/engineers -/ee/spec/models/namespaces/free_user_cap/ @gitlab-org/growth/engineers -/app/controllers/registrations_controller.rb @gitlab-org/growth/engineers -/spec/controllers/registrations_controller_spec.rb @gitlab-org/growth/engineers -/app/controllers/registrations/ @gitlab-org/growth/engineers -/spec/controllers/registrations/ @gitlab-org/growth/engineers -/app/controllers/confirmations_controller.rb @gitlab-org/growth/engineers -/spec/controllers/confirmations_controller_spec.rb @gitlab-org/growth/engineers -/ee/app/controllers/trial_registrations_controller.rb @gitlab-org/growth/engineers -/ee/spec/controllers/trial_registrations_controller_spec.rb @gitlab-org/growth/engineers -/ee/spec/requests/trial_registrations_controller_spec.rb @gitlab-org/growth/engineers -/ee/app/controllers/registrations/ @gitlab-org/growth/engineers -/ee/spec/controllers/registrations/ @gitlab-org/growth/engineers -/ee/spec/requests/registrations/ @gitlab-org/growth/engineers -/ee/app/controllers/ee/registrations_controller.rb @gitlab-org/growth/engineers -/ee/spec/controllers/ee/registrations_controller_spec.rb @gitlab-org/growth/engineers -/ee/app/controllers/ee/registrations/ @gitlab-org/growth/engineers -/ee/app/controllers/ee/confirmations_controller.rb @gitlab-org/growth/engineers -/ee/app/controllers/subscriptions_controller.rb @gitlab-org/growth/engineers -/ee/spec/controllers/subscriptions_controller_spec.rb @gitlab-org/growth/engineers -/ee/app/controllers/subscriptions/ @gitlab-org/growth/engineers -/ee/spec/controllers/subscriptions/ @gitlab-org/growth/engineers -/app/services/users/in_product_marketing_email_records.rb @gitlab-org/growth/engineers -/spec/services/users/in_product_marketing_email_records_spec.rb @gitlab-org/growth/engineers -/app/workers/namespaces/in_product_marketing_emails_worker.rb @gitlab-org/growth/engineers -/spec/workers/namespaces/in_product_marketing_emails_worker_spec.rb @gitlab-org/growth/engineers -/ee/app/workers/ee/namespaces/in_product_marketing_emails_worker.rb @gitlab-org/growth/engineers -/ee/spec/workers/ee/namespaces/in_product_marketing_emails_worker_spec.rb @gitlab-org/growth/engineers -/app/models/users/in_product_marketing_email.rb @gitlab-org/growth/engineers -/spec/models/users/in_product_marketing_email_spec.rb @gitlab-org/growth/engineers -/app/services/namespaces/in_product_marketing_emails_service.rb @gitlab-org/growth/engineers -/spec/services/namespaces/in_product_marketing_emails_service_spec.rb @gitlab-org/growth/engineers -/ee/app/services/ee/namespaces/in_product_marketing_emails_service.rb @gitlab-org/growth/engineers -/ee/spec/services/namespaces/in_product_marketing_emails_service_spec.rb @gitlab-org/growth/engineers -/app/workers/projects/record_target_platforms_worker.rb @gitlab-org/growth/engineers -/spec/workers/projects/record_target_platforms_worker_spec.rb @gitlab-org/growth/engineers -/ee/app/controllers/groups/feature_discovery_moments_controller.rb @gitlab-org/growth/engineers -/ee/spec/requests/groups/feature_discovery_moments_spec.rb @gitlab-org/growth/engineers +^[Growth Experiments] @gitlab-org/growth/experiment-devs +/app/experiments/ +/spec/experiments/ +/config/initializers/gitlab_experiment.rb +/config/feature_flags/experiment/ +/ee/config/feature_flags/experiment/ +/ee/lib/api/experiments.rb +/ee/spec/requests/api/experiments_spec.rb +/ee/lib/ee/api/entities/experiment.rb +/ee/spec/lib/ee/api/entities/experiment_spec.rb -^[Legal] -/config/dependency_decisions.yml @gitlab-org/legal-reviewers +^[Growth] @gitlab-org/growth/engineers +/ee/app/workers/onboarding/ +/ee/spec/workers/onboarding/ +/app/models/onboarding/ +/spec/models/onboarding/ +/app/services/onboarding/ +/spec/services/onboarding/ +/ee/app/components/namespaces/free_user_cap/ +/ee/spec/components/namespaces/free_user_cap/ +/ee/app/models/namespaces/free_user_cap/ +/ee/spec/models/namespaces/free_user_cap/ +/app/controllers/registrations_controller.rb +/spec/controllers/registrations_controller_spec.rb +/app/controllers/registrations/ +/spec/controllers/registrations/ +/app/controllers/confirmations_controller.rb +/spec/controllers/confirmations_controller_spec.rb +/ee/app/controllers/trial_registrations_controller.rb +/ee/spec/controllers/trial_registrations_controller_spec.rb +/ee/spec/requests/trial_registrations_controller_spec.rb +/ee/app/controllers/registrations/ +/ee/spec/controllers/registrations/ +/ee/spec/requests/registrations/ +/ee/app/controllers/ee/registrations_controller.rb +/ee/spec/controllers/ee/registrations_controller_spec.rb +/ee/app/controllers/ee/registrations/ +/ee/app/controllers/ee/confirmations_controller.rb +/ee/app/controllers/subscriptions_controller.rb +/ee/spec/controllers/subscriptions_controller_spec.rb +/ee/app/controllers/subscriptions/ +/ee/spec/controllers/subscriptions/ +/app/services/users/in_product_marketing_email_records.rb +/spec/services/users/in_product_marketing_email_records_spec.rb +/app/workers/namespaces/in_product_marketing_emails_worker.rb +/spec/workers/namespaces/in_product_marketing_emails_worker_spec.rb +/ee/app/workers/ee/namespaces/in_product_marketing_emails_worker.rb +/ee/spec/workers/ee/namespaces/in_product_marketing_emails_worker_spec.rb +/app/models/users/in_product_marketing_email.rb +/spec/models/users/in_product_marketing_email_spec.rb +/app/services/namespaces/in_product_marketing_emails_service.rb +/spec/services/namespaces/in_product_marketing_emails_service_spec.rb +/ee/app/services/ee/namespaces/in_product_marketing_emails_service.rb +/ee/spec/services/namespaces/in_product_marketing_emails_service_spec.rb +/app/workers/projects/record_target_platforms_worker.rb +/spec/workers/projects/record_target_platforms_worker_spec.rb -^[Workhorse] -/workhorse/ @jacobvosmaer-gitlab @nolith @patrickbajao @igor.drozdov +^[Legal] @gitlab-org/legal-reviewers +/config/dependency_decisions.yml -[Application Security] -/app/assets/javascripts/lib/dompurify.js @gitlab-com/gl-security/appsec -/app/assets/javascripts/gfm_auto_complete.js @gitlab-com/gl-security/appsec -/ee/app/assets/javascripts/gfm_auto_complete.js @gitlab-com/gl-security/appsec -/app/validators/addressable_url_validator.rb @gitlab-com/gl-security/appsec -/app/validators/public_url_validator.rb @gitlab-com/gl-security/appsec -/config/initializers/content_security_policy.rb @gitlab-com/gl-security/appsec -/lib/gitlab/content_security_policy/ @gitlab-com/gl-security/appsec -/lib/gitlab/http.rb @gitlab-com/gl-security/appsec -/lib/gitlab/http_connection_adapter.rb @gitlab-com/gl-security/appsec -/lib/gitlab/sanitizers @gitlab-com/gl-security/appsec -/lib/gitlab/untrusted_regexp.rb @gitlab-com/gl-security/appsec -/lib/gitlab/url_blocker.rb @gitlab-com/gl-security/appsec -/lib/gitlab/url_blockers/ @gitlab-com/gl-security/appsec -/lib/gitlab/utils.rb @gitlab-com/gl-security/appsec +^[Workhorse] @nolith @patrickbajao @igor.drozdov +/workhorse/ -^[Gitaly] -lib/gitlab/git_access.rb @proglottis @toon @zj-gitlab -lib/gitlab/git_access_*.rb @proglottis @toon @zj-gitlab -ee/lib/ee/gitlab/git_access.rb @proglottis @toon @zj-gitlab -ee/lib/ee/gitlab/git_access_*.rb @proglottis @toon @zj-gitlab -ee/lib/ee/gitlab/checks/** @proglottis @toon @zj-gitlab -lib/gitlab/checks/** @proglottis @toon @zj-gitlab +[Application Security] @gitlab-com/gl-security/appsec +/app/assets/javascripts/lib/dompurify.js +/app/assets/javascripts/gfm_auto_complete.js +/ee/app/assets/javascripts/gfm_auto_complete.js +/app/validators/addressable_url_validator.rb +/app/validators/public_url_validator.rb +/config/initializers/content_security_policy.rb +/lib/gitlab/content_security_policy/ +/lib/gitlab/http.rb +/lib/gitlab/http_connection_adapter.rb +/lib/gitlab/sanitizers +/lib/gitlab/untrusted_regexp.rb +/lib/gitlab/url_blocker.rb +/lib/gitlab/url_blockers/ +/lib/gitlab/utils.rb -^[Documentation Directories] -/doc/ @gl-docsteam -/data/deprecations/ @gl-docsteam -/data/removals/ @gl-docsteam +^[Gitaly] @proglottis @toon +lib/gitlab/git_access.rb +lib/gitlab/git_access_*.rb +ee/lib/ee/gitlab/git_access.rb +ee/lib/ee/gitlab/git_access_*.rb +ee/lib/ee/gitlab/checks/** +lib/gitlab/checks/** + +^[Documentation Directories] @gl-docsteam +/doc/ +/data/deprecations/ +/data/removals/ ^[Documentation Pages] # This block is managed by the rake script at lib/tasks/gitlab/tw/codeowners.rake, manual updates will be overwritten! @@ -415,13 +405,15 @@ lib/gitlab/checks/** @proglottis @toon @zj-gitlab /doc/administration/compliance.md @eread /doc/administration/configure.md @axil /doc/administration/consul.md @axil +/doc/administration/dedicated/ @drcatherinepope /doc/administration/docs_self_host.md @axil /doc/administration/encrypted_configuration.md @axil /doc/administration/environment_variables.md @axil /doc/administration/external_pipeline_validation.md @drcatherinepope /doc/administration/feature_flags.md @axil -/doc/administration/file_hooks.md @ashrafkhamis +/doc/administration/file_hooks.md @eread @ashrafkhamis /doc/administration/geo/ @axil +/doc/administration/get_started.md @kpaizee /doc/administration/git_protocol.md @aqualls /doc/administration/gitaly/ @eread /doc/administration/housekeeping.md @eread @@ -429,7 +421,6 @@ lib/gitlab/checks/** @proglottis @toon @zj-gitlab /doc/administration/incoming_email.md @msedlakjakubowski /doc/administration/index.md @axil /doc/administration/instance_limits.md @axil -/doc/administration/instance_review.md @phillipwells /doc/administration/integration/kroki.md @msedlakjakubowski /doc/administration/integration/mailgun.md @msedlakjakubowski /doc/administration/integration/plantuml.md @aqualls @@ -445,11 +436,18 @@ lib/gitlab/checks/** @proglottis @toon @zj-gitlab /doc/administration/logs/index.md @msedlakjakubowski /doc/administration/maintenance_mode/ @axil /doc/administration/merge_request_diffs.md @aqualls -/doc/administration/monitoring/ @msedlakjakubowski +/doc/administration/monitoring/github_imports.md @eread @ashrafkhamis +/doc/administration/monitoring/index.md @msedlakjakubowski /doc/administration/monitoring/ip_allowlist.md @jglassman1 +/doc/administration/monitoring/performance/gitlab_configuration.md @msedlakjakubowski +/doc/administration/monitoring/performance/grafana_configuration.md @msedlakjakubowski +/doc/administration/monitoring/performance/index.md @jglassman1 /doc/administration/monitoring/performance/performance_bar.md @jglassman1 /doc/administration/monitoring/prometheus/gitlab_exporter.md @jglassman1 /doc/administration/monitoring/prometheus/index.md @axil +/doc/administration/monitoring/prometheus/pgbouncer_exporter.md @aqualls +/doc/administration/monitoring/prometheus/postgres_exporter.md @aqualls +/doc/administration/monitoring/prometheus/registry_exporter.md @marcel.amirault /doc/administration/monitoring/prometheus/web_exporter.md @jglassman1 /doc/administration/nfs.md @axil /doc/administration/object_storage.md @axil @@ -458,11 +456,10 @@ lib/gitlab/checks/** @proglottis @toon @zj-gitlab /doc/administration/operations/gitlab_sshd.md @aqualls /doc/administration/operations/moving_repositories.md @eread /doc/administration/package_information/ @axil -/doc/administration/packages/ @dianalogan -/doc/administration/pages/ @ashrafkhamis +/doc/administration/packages/ @marcel.amirault /doc/administration/polling.md @axil /doc/administration/postgresql/ @aqualls -/doc/administration/postgresql/multiple_databases.md @jglassman1 +/doc/administration/postgresql/multiple_databases.md @lciutacu /doc/administration/raketasks/ @axil /doc/administration/raketasks/ldap.md @jglassman1 /doc/administration/raketasks/praefect.md @eread @@ -478,21 +475,21 @@ lib/gitlab/checks/** @proglottis @toon @zj-gitlab /doc/administration/server_hooks.md @eread /doc/administration/sidekiq/ @axil /doc/administration/sidekiq/sidekiq_memory_killer.md @jglassman1 +/doc/administration/silent_mode/ @axil /doc/administration/smime_signing_email.md @axil /doc/administration/snippets/ @aqualls /doc/administration/static_objects_external_storage.md @ashrafkhamis -/doc/administration/system_hooks.md @ashrafkhamis +/doc/administration/system_hooks.md @eread @ashrafkhamis /doc/administration/terraform_state.md @phillipwells /doc/administration/timezone.md @axil /doc/administration/troubleshooting/ @axil /doc/administration/troubleshooting/postgresql.md @aqualls /doc/administration/uploads.md @axil /doc/administration/user_settings.md @jglassman1 -/doc/administration/wikis/ @ashrafkhamis /doc/api/access_requests.md @jglassman1 /doc/api/admin_sidekiq_queues.md @axil /doc/api/alert_management_alerts.md @msedlakjakubowski -/doc/api/api_resources.md @ashrafkhamis +/doc/api/api_resources.md @eread @ashrafkhamis /doc/api/appearance.md @jglassman1 /doc/api/applications.md @jglassman1 /doc/api/audit_events.md @eread @@ -500,39 +497,38 @@ lib/gitlab/checks/** @proglottis @toon @zj-gitlab /doc/api/award_emoji.md @msedlakjakubowski /doc/api/boards.md @msedlakjakubowski /doc/api/branches.md @aqualls -/doc/api/broadcast_messages.md @phillipwells -/doc/api/bulk_imports.md @eread +/doc/api/bulk_imports.md @eread @ashrafkhamis /doc/api/cluster_agents.md @phillipwells /doc/api/commits.md @aqualls -/doc/api/container_registry.md @dianalogan +/doc/api/container_registry.md @marcel.amirault /doc/api/custom_attributes.md @msedlakjakubowski /doc/api/dependencies.md @rdickenson -/doc/api/dependency_proxy.md @dianalogan -/doc/api/deploy_keys.md @rdickenson -/doc/api/deploy_tokens.md @rdickenson -/doc/api/deployments.md @rdickenson +/doc/api/dependency_proxy.md @marcel.amirault +/doc/api/deploy_keys.md @phillipwells +/doc/api/deploy_tokens.md @phillipwells +/doc/api/deployments.md @phillipwells /doc/api/discussions.md @aqualls /doc/api/dora/ @lciutacu /doc/api/draft_notes.md @aqualls -/doc/api/environments.md @rdickenson +/doc/api/environments.md @phillipwells /doc/api/epic_issues.md @msedlakjakubowski /doc/api/epic_links.md @msedlakjakubowski /doc/api/epics.md @msedlakjakubowski /doc/api/error_tracking.md @drcatherinepope /doc/api/events.md @eread -/doc/api/experiments.md @phillipwells -/doc/api/feature_flag_user_lists.md @rdickenson -/doc/api/feature_flags.md @rdickenson -/doc/api/features.md @rdickenson -/doc/api/freeze_periods.md @rdickenson +/doc/api/feature_flag_user_lists.md @phillipwells +/doc/api/feature_flags.md @phillipwells +/doc/api/features.md @phillipwells +/doc/api/freeze_periods.md @phillipwells /doc/api/geo_nodes.md @axil +/doc/api/geo_sites.md @axil /doc/api/graphql/audit_report.md @eread /doc/api/graphql/branch_rules.md @aqualls /doc/api/graphql/custom_emoji.md @msedlakjakubowski -/doc/api/graphql/getting_started.md @ashrafkhamis -/doc/api/graphql/index.md @ashrafkhamis -/doc/api/graphql/reference/ @ashrafkhamis -/doc/api/graphql/removed_items.md @ashrafkhamis +/doc/api/graphql/getting_started.md @eread @ashrafkhamis +/doc/api/graphql/index.md @eread @ashrafkhamis +/doc/api/graphql/reference/ @eread @ashrafkhamis +/doc/api/graphql/removed_items.md @eread @ashrafkhamis /doc/api/graphql/sample_issue_boards.md @msedlakjakubowski /doc/api/graphql/users_example.md @jglassman1 /doc/api/group_access_tokens.md @jglassman1 @@ -541,23 +537,22 @@ lib/gitlab/checks/** @proglottis @toon @zj-gitlab /doc/api/group_boards.md @msedlakjakubowski /doc/api/group_clusters.md @phillipwells /doc/api/group_epic_boards.md @msedlakjakubowski -/doc/api/group_import_export.md @eread +/doc/api/group_import_export.md @eread @ashrafkhamis /doc/api/group_iterations.md @msedlakjakubowski /doc/api/group_labels.md @msedlakjakubowski /doc/api/group_level_variables.md @marcel.amirault /doc/api/group_milestones.md @msedlakjakubowski -/doc/api/group_protected_environments.md @rdickenson -/doc/api/group_relations_export.md @eread -/doc/api/group_releases.md @rdickenson +/doc/api/group_protected_branches.md @aqualls +/doc/api/group_protected_environments.md @phillipwells +/doc/api/group_relations_export.md @eread @ashrafkhamis +/doc/api/group_releases.md @phillipwells /doc/api/group_repository_storage_moves.md @ashrafkhamis -/doc/api/group_wikis.md @ashrafkhamis /doc/api/groups.md @lciutacu -/doc/api/import.md @eread -/doc/api/index.md @ashrafkhamis +/doc/api/import.md @eread @ashrafkhamis +/doc/api/index.md @eread @ashrafkhamis /doc/api/instance_clusters.md @phillipwells /doc/api/instance_level_ci_variables.md @marcel.amirault -/doc/api/integrations.md @ashrafkhamis -/doc/api/invitations.md @phillipwells +/doc/api/integrations.md @eread @ashrafkhamis /doc/api/issue_links.md @msedlakjakubowski /doc/api/issues.md @msedlakjakubowski /doc/api/issues_statistics.md @msedlakjakubowski @@ -585,11 +580,9 @@ lib/gitlab/checks/** @proglottis @toon @zj-gitlab /doc/api/notes.md @msedlakjakubowski /doc/api/notification_settings.md @msedlakjakubowski /doc/api/oauth2.md @jglassman1 -/doc/api/openapi/ @ashrafkhamis -/doc/api/packages.md @dianalogan -/doc/api/packages/ @dianalogan -/doc/api/pages.md @ashrafkhamis -/doc/api/pages_domains.md @ashrafkhamis +/doc/api/openapi/ @eread @ashrafkhamis +/doc/api/packages.md @marcel.amirault +/doc/api/packages/ @marcel.amirault /doc/api/personal_access_tokens.md @eread /doc/api/pipeline_schedules.md @drcatherinepope /doc/api/pipeline_triggers.md @drcatherinepope @@ -602,28 +595,28 @@ lib/gitlab/checks/** @proglottis @toon @zj-gitlab /doc/api/project_clusters.md @phillipwells /doc/api/project_import_export.md @aqualls /doc/api/project_level_variables.md @marcel.amirault -/doc/api/project_relations_export.md @eread +/doc/api/project_relations_export.md @eread @ashrafkhamis /doc/api/project_repository_storage_moves.md @eread /doc/api/project_snippets.md @aqualls /doc/api/project_statistics.md @aqualls /doc/api/project_templates.md @aqualls -/doc/api/project_vulnerabilities.md @aqualls +/doc/api/project_vulnerabilities.md @rdickenson /doc/api/projects.md @lciutacu /doc/api/protected_branches.md @aqualls -/doc/api/protected_environments.md @rdickenson +/doc/api/protected_environments.md @phillipwells /doc/api/protected_tags.md @aqualls -/doc/api/releases/ @rdickenson +/doc/api/releases/ @phillipwells /doc/api/remote_mirrors.md @aqualls /doc/api/repositories.md @aqualls /doc/api/repository_files.md @aqualls /doc/api/repository_submodules.md @aqualls -/doc/api/resource_groups.md @rdickenson +/doc/api/resource_groups.md @phillipwells /doc/api/resource_iteration_events.md @msedlakjakubowski /doc/api/resource_label_events.md @eread /doc/api/resource_milestone_events.md @msedlakjakubowski /doc/api/resource_state_events.md @msedlakjakubowski /doc/api/resource_weight_events.md @msedlakjakubowski -/doc/api/rest/ @ashrafkhamis +/doc/api/rest/ @eread @ashrafkhamis /doc/api/runners.md @fneill /doc/api/saml.md @jglassman1 /doc/api/scim.md @jglassman1 @@ -636,7 +629,7 @@ lib/gitlab/checks/** @proglottis @toon @zj-gitlab /doc/api/statistics.md @jglassman1 /doc/api/status_checks.md @eread /doc/api/suggestions.md @aqualls -/doc/api/system_hooks.md @ashrafkhamis +/doc/api/system_hooks.md @eread @ashrafkhamis /doc/api/tags.md @aqualls /doc/api/templates/dockerfiles.md @aqualls /doc/api/templates/gitignores.md @aqualls @@ -644,82 +637,86 @@ lib/gitlab/checks/** @proglottis @toon @zj-gitlab /doc/api/templates/licenses.md @rdickenson /doc/api/todos.md @msedlakjakubowski /doc/api/topics.md @lciutacu -/doc/api/usage_data.md @dianalogan +/doc/api/usage_data.md @lciutacu /doc/api/users.md @jglassman1 /doc/api/version.md @phillipwells -/doc/api/visual_review_discussions.md @marcel.amirault -/doc/api/vulnerabilities.md @dianalogan -/doc/api/vulnerability_exports.md @dianalogan -/doc/api/vulnerability_findings.md @dianalogan -/doc/api/wikis.md @ashrafkhamis +/doc/api/visual_review_discussions.md @drcatherinepope +/doc/api/vulnerabilities.md @rdickenson +/doc/api/vulnerability_exports.md @rdickenson +/doc/api/vulnerability_findings.md @rdickenson +/doc/architecture/blueprints/cells/ @lciutacu /doc/architecture/blueprints/database/scalability/patterns/ @aqualls /doc/architecture/blueprints/database_scaling/ @aqualls /doc/ci/ @drcatherinepope /doc/ci/caching/ @marcel.amirault -/doc/ci/chatops/ @phillipwells -/doc/ci/cloud_deployment/ @rdickenson +/doc/ci/chatops/ @eread @ashrafkhamis +/doc/ci/cloud_deployment/ @phillipwells /doc/ci/cloud_services/ @marcel.amirault +/doc/ci/components/ @marcel.amirault /doc/ci/directed_acyclic_graph/ @marcel.amirault /doc/ci/docker/using_docker_images.md @fneill -/doc/ci/environments/ @rdickenson +/doc/ci/environments/ @phillipwells /doc/ci/examples/authenticating-with-hashicorp-vault/ @marcel.amirault -/doc/ci/examples/deployment/ @rdickenson -/doc/ci/examples/end_to_end_testing_webdriverio/ @marcel.amirault -/doc/ci/examples/semantic-release.md @dianalogan +/doc/ci/examples/deployment/ @phillipwells +/doc/ci/examples/semantic-release.md @marcel.amirault /doc/ci/interactive_web_terminal/ @fneill -/doc/ci/jobs/job_control.md @marcel.amirault +/doc/ci/introduction/ @marcel.amirault +/doc/ci/jobs/ @marcel.amirault /doc/ci/large_repositories/ @fneill /doc/ci/lint.md @marcel.amirault /doc/ci/migration/ @marcel.amirault /doc/ci/pipeline_editor/ @marcel.amirault /doc/ci/pipelines/downstream_pipelines.md @marcel.amirault /doc/ci/pipelines/index.md @marcel.amirault -/doc/ci/pipelines/job_artifacts.md @marcel.amirault +/doc/ci/pipelines/pipeline_architectures.md @marcel.amirault /doc/ci/pipelines/pipeline_artifacts.md @marcel.amirault /doc/ci/quick_start/ @marcel.amirault -/doc/ci/resource_groups/ @rdickenson -/doc/ci/review_apps/ @marcel.amirault +/doc/ci/resource_groups/ @phillipwells /doc/ci/runners/ @fneill /doc/ci/secrets/ @marcel.amirault /doc/ci/secure_files/ @marcel.amirault /doc/ci/services/ @fneill +/doc/ci/ssh_keys/ @marcel.amirault /doc/ci/test_cases/ @msedlakjakubowski -/doc/ci/testing/ @marcel.amirault /doc/ci/testing/code_quality.md @rdickenson +/doc/ci/triggers/ @marcel.amirault +/doc/ci/troubleshooting.md @marcel.amirault /doc/ci/variables/ @marcel.amirault /doc/ci/yaml/ @marcel.amirault +/doc/ci/yaml/artifacts_reports.md @drcatherinepope +/doc/development/advanced_search.md @ashrafkhamis /doc/development/application_limits.md @axil /doc/development/audit_event_guide/ @eread /doc/development/auto_devops.md @phillipwells /doc/development/backend/ @sselhorn /doc/development/backend/create_source_code_be/ @aqualls /doc/development/build_test_package.md @axil -/doc/development/bulk_import.md @eread +/doc/development/bulk_import.md @eread @ashrafkhamis /doc/development/cached_queries.md @jglassman1 /doc/development/cascading_settings.md @jglassman1 -/doc/development/chatops_on_gitlabcom.md @phillipwells +/doc/development/chatops_on_gitlabcom.md @eread @ashrafkhamis /doc/development/cicd/ @marcel.amirault +/doc/development/cicd/cicd_tables.md @drcatherinepope /doc/development/cicd/index.md @drcatherinepope /doc/development/code_intelligence/ @aqualls +/doc/development/code_owners/ @aqualls /doc/development/contributing/ @sselhorn /doc/development/database/ @aqualls /doc/development/database/filtering_by_label.md @msedlakjakubowski -/doc/development/database/multiple_databases.md @jglassman1 +/doc/development/database/multiple_databases.md @lciutacu /doc/development/database_review.md @aqualls /doc/development/developing_with_solargraph.md @aqualls /doc/development/development_processes.md @sselhorn /doc/development/distributed_tracing.md @msedlakjakubowski +/doc/development/distribution/ @axil /doc/development/documentation/ @sselhorn -/doc/development/elasticsearch.md @ashrafkhamis -/doc/development/experiment_guide/ @phillipwells -/doc/development/export_csv.md @eread -/doc/development/fe_guide/content_editor.md @ashrafkhamis +/doc/development/export_csv.md @eread @ashrafkhamis /doc/development/fe_guide/customizable_dashboards.md @lciutacu /doc/development/fe_guide/dark_mode.md @sselhorn /doc/development/fe_guide/graphql.md @sselhorn /doc/development/fe_guide/merge_request_widget_extensions.md @aqualls -/doc/development/fe_guide/source_editor.md @ashrafkhamis -/doc/development/fe_guide/view_component.md @rdickenson +/doc/development/fe_guide/source_editor.md @aqualls +/doc/development/fe_guide/view_component.md @sselhorn /doc/development/feature_categorization/ @sselhorn /doc/development/feature_development.md @sselhorn /doc/development/feature_flags/ @sselhorn @@ -730,16 +727,13 @@ lib/gitlab/checks/** @proglottis @toon @zj-gitlab /doc/development/gitaly.md @eread /doc/development/gitlab_flavored_markdown/ @ashrafkhamis /doc/development/gitlab_shell/ @aqualls -/doc/development/graphql_guide/ @ashrafkhamis +/doc/development/graphql_guide/ @eread @ashrafkhamis /doc/development/graphql_guide/batchloader.md @aqualls -/doc/development/i18n/ @eread +/doc/development/i18n/ @eread @ashrafkhamis /doc/development/image_scaling.md @lciutacu -/doc/development/import_export.md @eread +/doc/development/import_export.md @eread @ashrafkhamis /doc/development/index.md @sselhorn -/doc/development/integrations/codesandbox.md @sselhorn -/doc/development/integrations/index.md @ashrafkhamis -/doc/development/integrations/jenkins.md @ashrafkhamis -/doc/development/integrations/jira_connect.md @ashrafkhamis +/doc/development/integrations/ @eread @ashrafkhamis /doc/development/integrations/secure.md @rdickenson /doc/development/integrations/secure_partner_integration.md @rdickenson /doc/development/internal_api/ @aqualls @@ -747,35 +741,35 @@ lib/gitlab/checks/** @proglottis @toon @zj-gitlab /doc/development/issuable-like-models.md @msedlakjakubowski /doc/development/issue_types.md @msedlakjakubowski /doc/development/kubernetes.md @phillipwells +/doc/development/labels/ @sselhorn /doc/development/lfs.md @aqualls /doc/development/logging.md @msedlakjakubowski /doc/development/maintenance_mode.md @axil /doc/development/merge_request_concepts/ @aqualls +/doc/development/migration_style_guide.md @aqualls +/doc/development/navigation_sidebar.md @sselhorn /doc/development/omnibus.md @axil -/doc/development/packages/ @dianalogan -/doc/development/pages/ @ashrafkhamis +/doc/development/organization/ @lciutacu +/doc/development/packages/ @marcel.amirault /doc/development/permissions.md @jglassman1 /doc/development/policies.md @jglassman1 -/doc/development/product_qualified_lead_guide/ @phillipwells /doc/development/project_templates.md @aqualls /doc/development/prometheus_metrics.md @msedlakjakubowski -/doc/development/real_time.md @msedlakjakubowski +/doc/development/real_time.md @jglassman1 /doc/development/rubocop_development_guide.md @sselhorn +/doc/development/search/ @ashrafkhamis /doc/development/sec/ @rdickenson -/doc/development/sec/security_report_ingestion_overview.md @dianalogan /doc/development/secure_coding_guidelines.md @sselhorn -/doc/development/service_ping/ @dianalogan -/doc/development/snowplow/ @dianalogan +/doc/development/service_ping/ @lciutacu +/doc/development/snowplow/ @lciutacu /doc/development/spam_protection_and_captcha/ @phillipwells /doc/development/sql.md @aqualls /doc/development/testing_guide/ @sselhorn /doc/development/value_stream_analytics.md @lciutacu /doc/development/value_stream_analytics/ @lciutacu -/doc/development/wikis.md @ashrafkhamis /doc/development/work_items.md @msedlakjakubowski /doc/development/work_items_widgets.md @msedlakjakubowski /doc/development/workhorse/ @aqualls -/doc/development/workspace/ @sselhorn /doc/downgrade_ee_to_ce/ @axil /doc/drawers/ @ashrafkhamis /doc/gitlab-basics/ @aqualls @@ -785,23 +779,24 @@ lib/gitlab/checks/** @proglottis @toon @zj-gitlab /doc/integration/advanced_search/ @ashrafkhamis /doc/integration/akismet.md @phillipwells /doc/integration/arkose.md @phillipwells -/doc/integration/datadog.md @ashrafkhamis -/doc/integration/external-issue-tracker.md @ashrafkhamis +/doc/integration/datadog.md @eread @ashrafkhamis +/doc/integration/external-issue-tracker.md @eread @ashrafkhamis /doc/integration/gitpod.md @ashrafkhamis /doc/integration/glab/ @aqualls -/doc/integration/gmail_action_buttons_for_gitlab.md @ashrafkhamis -/doc/integration/index.md @ashrafkhamis -/doc/integration/jenkins.md @ashrafkhamis -/doc/integration/jira/ @ashrafkhamis +/doc/integration/gmail_action_buttons_for_gitlab.md @eread @ashrafkhamis +/doc/integration/index.md @eread @ashrafkhamis +/doc/integration/jenkins.md @eread @ashrafkhamis +/doc/integration/jira/ @eread @ashrafkhamis /doc/integration/mattermost/ @axil +/doc/integration/partner_marketplace.md @fneill /doc/integration/recaptcha.md @phillipwells /doc/integration/security_partners/ @rdickenson -/doc/integration/slash_commands.md @ashrafkhamis +/doc/integration/slash_commands.md @eread @ashrafkhamis /doc/integration/sourcegraph.md @aqualls -/doc/integration/trello_power_up.md @ashrafkhamis +/doc/integration/trello_power_up.md @eread @ashrafkhamis /doc/integration/vault.md @phillipwells /doc/operations/error_tracking.md @drcatherinepope -/doc/operations/feature_flags.md @rdickenson +/doc/operations/feature_flags.md @phillipwells /doc/operations/incident_management/ @msedlakjakubowski /doc/operations/index.md @msedlakjakubowski /doc/operations/metrics/ @msedlakjakubowski @@ -812,23 +807,28 @@ lib/gitlab/checks/** @proglottis @toon @zj-gitlab /doc/raketasks/spdx.md @rdickenson /doc/raketasks/x509_signatures.md @aqualls /doc/security/ @jglassman1 +/doc/security/email_verification.md @phillipwells /doc/subscriptions/ @fneill -/doc/subscriptions/gitlab_dedicated/ @axil +/doc/subscriptions/gitlab_dedicated/ @drcatherinepope /doc/topics/authentication/ @jglassman1 /doc/topics/autodevops/ @phillipwells -/doc/topics/awesome_co.md @rdickenson +/doc/topics/data_seeder.md @sselhorn /doc/topics/git/ @aqualls /doc/topics/gitlab_flow.md @aqualls /doc/topics/offline/ @axil /doc/topics/plan_and_track.md @msedlakjakubowski -/doc/topics/your_work.md @rdickenson /doc/tutorials/ @kpaizee +/doc/tutorials/boards_for_teams/ @msedlakjakubowski +/doc/tutorials/compliance_pipeline/ @eread +/doc/tutorials/convert_personal_namespace_to_group/ @lciutacu +/doc/tutorials/fuzz_testing/ @rdickenson +/doc/tutorials/move_personal_project_to_group/ @lciutacu +/doc/tutorials/scan_result_policy/ @rdickenson /doc/update/ @axil /doc/update/background_migrations.md @aqualls /doc/user/admin_area/analytics/ @lciutacu -/doc/user/admin_area/broadcast_messages.md @phillipwells /doc/user/admin_area/credentials_inventory.md @jglassman1 -/doc/user/admin_area/custom_project_templates.md @eread +/doc/user/admin_area/custom_project_templates.md @aqualls /doc/user/admin_area/diff_limits.md @aqualls /doc/user/admin_area/external_users.md @jglassman1 /doc/user/admin_area/geo_sites.md @axil @@ -840,7 +840,7 @@ lib/gitlab/checks/** @proglottis @toon @zj-gitlab /doc/user/admin_area/monitoring/ @msedlakjakubowski /doc/user/admin_area/reporting/git_abuse_rate_limit.md @phillipwells /doc/user/admin_area/reporting/spamcheck.md @axil -/doc/user/admin_area/review_abuse_reports.md @jglassman1 +/doc/user/admin_area/review_abuse_reports.md @phillipwells /doc/user/admin_area/settings/account_and_limit_settings.md @aqualls /doc/user/admin_area/settings/continuous_integration.md @drcatherinepope /doc/user/admin_area/settings/deprecated_api_rate_limits.md @aqualls @@ -849,90 +849,100 @@ lib/gitlab/checks/** @proglottis @toon @zj-gitlab /doc/user/admin_area/settings/files_api_rate_limits.md @aqualls /doc/user/admin_area/settings/git_lfs_rate_limits.md @aqualls /doc/user/admin_area/settings/gitaly_timeouts.md @eread -/doc/user/admin_area/settings/import_export_rate_limits.md @eread +/doc/user/admin_area/settings/import_export_rate_limits.md @eread @ashrafkhamis /doc/user/admin_area/settings/incident_management_rate_limits.md @msedlakjakubowski /doc/user/admin_area/settings/index.md @aqualls /doc/user/admin_area/settings/instance_template_repository.md @aqualls -/doc/user/admin_area/settings/package_registry_rate_limits.md @dianalogan -/doc/user/admin_area/settings/project_integration_management.md @ashrafkhamis +/doc/user/admin_area/settings/package_registry_rate_limits.md @marcel.amirault +/doc/user/admin_area/settings/project_integration_management.md @eread @ashrafkhamis /doc/user/admin_area/settings/push_event_activities_limit.md @aqualls /doc/user/admin_area/settings/rate_limit_on_issues_creation.md @msedlakjakubowski /doc/user/admin_area/settings/rate_limit_on_notes_creation.md @msedlakjakubowski /doc/user/admin_area/settings/rate_limit_on_pipelines_creation.md @drcatherinepope +/doc/user/admin_area/settings/rate_limit_on_projects_api.md @lciutacu /doc/user/admin_area/settings/rate_limit_on_users_api.md @jglassman1 /doc/user/admin_area/settings/scim_setup.md @jglassman1 +/doc/user/admin_area/settings/security_and_compliance.md @rdickenson /doc/user/admin_area/settings/terraform_limits.md @phillipwells /doc/user/admin_area/settings/third_party_offers.md @lciutacu -/doc/user/admin_area/settings/usage_statistics.md @dianalogan +/doc/user/admin_area/settings/usage_statistics.md @lciutacu /doc/user/admin_area/settings/visibility_and_access_controls.md @aqualls /doc/user/analytics/ @lciutacu -/doc/user/analytics/ci_cd_analytics.md @rdickenson +/doc/user/analytics/ci_cd_analytics.md @phillipwells /doc/user/application_security/ @rdickenson -/doc/user/application_security/cve_id_request.md @dianalogan -/doc/user/application_security/generate_test_vulnerabilities/ @dianalogan -/doc/user/application_security/policies/ @dianalogan -/doc/user/application_security/security_dashboard/ @dianalogan -/doc/user/application_security/vulnerabilities/ @dianalogan -/doc/user/application_security/vulnerability_report/ @dianalogan /doc/user/asciidoc.md @aqualls /doc/user/award_emojis.md @msedlakjakubowski /doc/user/clusters/ @phillipwells -/doc/user/compliance/ @eread -/doc/user/compliance/license_compliance/ @rdickenson +/doc/user/compliance/ @rdickenson +/doc/user/compliance/compliance_report/ @eread +/doc/user/compliance/index.md @eread /doc/user/crm/ @msedlakjakubowski /doc/user/discussions/ @aqualls /doc/user/enterprise_user/ @jglassman1 /doc/user/feature_flags.md @sselhorn -/doc/user/free_user_limit.md @phillipwells -/doc/user/group/ @lciutacu +/doc/user/group/access_and_permissions.md @lciutacu /doc/user/group/clusters/ @phillipwells /doc/user/group/compliance_frameworks.md @eread -/doc/user/group/custom_project_templates.md @eread +/doc/user/group/contribution_analytics/ @lciutacu +/doc/user/group/custom_project_templates.md @aqualls +/doc/user/group/devops_adoption/ @lciutacu /doc/user/group/epics/ @msedlakjakubowski -/doc/user/group/import/ @eread +/doc/user/group/import/ @eread @ashrafkhamis +/doc/user/group/index.md @lciutacu +/doc/user/group/insights/ @lciutacu /doc/user/group/issues_analytics/ @msedlakjakubowski /doc/user/group/iterations/ @msedlakjakubowski +/doc/user/group/manage.md @lciutacu +/doc/user/group/moderate_users.md @phillipwells /doc/user/group/planning_hierarchy/ @msedlakjakubowski /doc/user/group/reporting/ @phillipwells -/doc/user/group/repositories_analytics/ @marcel.amirault +/doc/user/group/repositories_analytics/ @drcatherinepope /doc/user/group/roadmap/ @msedlakjakubowski /doc/user/group/saml_sso/ @jglassman1 /doc/user/group/settings/ @jglassman1 +/doc/user/group/subgroups/ @lciutacu +/doc/user/group/value_stream_analytics/ @lciutacu /doc/user/infrastructure/ @phillipwells /doc/user/infrastructure/clusters/manage/management_project_applications/runner.md @fneill /doc/user/markdown.md @msedlakjakubowski /doc/user/namespace/ @lciutacu /doc/user/okrs.md @msedlakjakubowski -/doc/user/operations_dashboard/ @rdickenson -/doc/user/packages/ @dianalogan +/doc/user/operations_dashboard/ @phillipwells +/doc/user/organization/ @lciutacu +/doc/user/packages/ @marcel.amirault /doc/user/permissions.md @jglassman1 /doc/user/product_analytics/ @lciutacu -/doc/user/profile/ @jglassman1 +/doc/user/profile/account/ @jglassman1 +/doc/user/profile/achievements.md @lciutacu +/doc/user/profile/comment_templates.md @aqualls /doc/user/profile/contributions_calendar.md @lciutacu +/doc/user/profile/index.md @jglassman1 /doc/user/profile/notifications.md @msedlakjakubowski +/doc/user/profile/personal_access_tokens.md @jglassman1 +/doc/user/profile/user_passwords.md @jglassman1 /doc/user/project/autocomplete_characters.md @aqualls /doc/user/project/badges.md @lciutacu /doc/user/project/changelogs.md @aqualls /doc/user/project/clusters/ @phillipwells /doc/user/project/code_intelligence.md @aqualls -/doc/user/project/code_owners.md @aqualls -/doc/user/project/deploy_boards.md @rdickenson -/doc/user/project/deploy_keys/ @rdickenson -/doc/user/project/deploy_tokens/ @rdickenson +/doc/user/project/codeowners/ @aqualls +/doc/user/project/deploy_boards.md @phillipwells +/doc/user/project/deploy_keys/ @phillipwells +/doc/user/project/deploy_tokens/ @phillipwells /doc/user/project/description_templates.md @msedlakjakubowski /doc/user/project/file_lock.md @aqualls /doc/user/project/git_attributes.md @aqualls /doc/user/project/highlighting.md @aqualls -/doc/user/project/import/ @eread +/doc/user/project/import/ @eread @ashrafkhamis /doc/user/project/import/jira.md @msedlakjakubowski /doc/user/project/index.md @lciutacu /doc/user/project/insights/ @lciutacu -/doc/user/project/integrations/ @ashrafkhamis +/doc/user/project/integrations/ @eread @ashrafkhamis /doc/user/project/integrations/prometheus.md @msedlakjakubowski /doc/user/project/integrations/prometheus_library/ @msedlakjakubowski /doc/user/project/issue_board.md @msedlakjakubowski /doc/user/project/issues/ @msedlakjakubowski -/doc/user/project/issues/csv_import.md @eread +/doc/user/project/issues/csv_import.md @eread @ashrafkhamis /doc/user/project/labels.md @msedlakjakubowski /doc/user/project/members/ @lciutacu /doc/user/project/merge_requests/ @aqualls @@ -940,12 +950,12 @@ lib/gitlab/checks/** @proglottis @toon @zj-gitlab /doc/user/project/merge_requests/status_checks.md @eread /doc/user/project/milestones/ @msedlakjakubowski /doc/user/project/organize_work_with_projects.md @lciutacu -/doc/user/project/pages/ @ashrafkhamis /doc/user/project/protected_branches.md @aqualls /doc/user/project/protected_tags.md @aqualls /doc/user/project/push_options.md @aqualls /doc/user/project/quick_actions.md @msedlakjakubowski -/doc/user/project/releases/ @rdickenson +/doc/user/project/releases/ @phillipwells +/doc/user/project/releases/release_evidence.md @eread /doc/user/project/remote_development/ @ashrafkhamis /doc/user/project/repository/ @aqualls /doc/user/project/repository/file_finder.md @ashrafkhamis @@ -955,17 +965,15 @@ lib/gitlab/checks/** @proglottis @toon @zj-gitlab /doc/user/project/repository/web_editor.md @ashrafkhamis /doc/user/project/requirements/ @msedlakjakubowski /doc/user/project/service_desk.md @msedlakjakubowski -/doc/user/project/settings/import_export.md @eread -/doc/user/project/settings/import_export_troubleshooting.md @eread +/doc/user/project/settings/import_export.md @eread @ashrafkhamis +/doc/user/project/settings/import_export_troubleshooting.md @eread @ashrafkhamis /doc/user/project/settings/index.md @lciutacu /doc/user/project/settings/project_access_tokens.md @jglassman1 +/doc/user/project/system_notes.md @aqualls /doc/user/project/time_tracking.md @msedlakjakubowski /doc/user/project/web_ide/ @ashrafkhamis -/doc/user/project/web_ide_beta/ @ashrafkhamis -/doc/user/project/wiki/ @ashrafkhamis /doc/user/project/working_with_projects.md @lciutacu /doc/user/public_access.md @lciutacu -/doc/user/read_only_namespaces.md @phillipwells /doc/user/report_abuse.md @phillipwells /doc/user/reserved_names.md @lciutacu /doc/user/search/ @ashrafkhamis @@ -975,451 +983,499 @@ lib/gitlab/checks/** @proglottis @toon @zj-gitlab /doc/user/tasks.md @msedlakjakubowski /doc/user/todos.md @msedlakjakubowski /doc/user/usage_quotas.md @fneill -/doc/user/workspace/ @lciutacu +/doc/user/workspace/ @ashrafkhamis # End rake-managed-docs-block -[Authentication and Authorization] -/app/assets/javascripts/access_tokens/ @gitlab-org/manage/authentication-and-authorization/approvers -/app/assets/javascripts/alerts_settings/graphql/mutations/reset_http_token.mutation.graphql @gitlab-org/manage/authentication-and-authorization/approvers -/app/assets/javascripts/authentication/ @gitlab-org/manage/authentication-and-authorization/approvers -/app/assets/javascripts/ide/components/shared/tokened_input.vue @gitlab-org/manage/authentication-and-authorization/approvers -/app/assets/javascripts/packages_and_registries/package_registry/components/list/tokens/ @gitlab-org/manage/authentication-and-authorization/approvers -/app/assets/javascripts/pages/admin/impersonation_tokens/ @gitlab-org/manage/authentication-and-authorization/approvers -/app/assets/javascripts/pages/groups/settings/access_tokens/ @gitlab-org/manage/authentication-and-authorization/approvers -/app/assets/javascripts/pages/ldap/ @gitlab-org/manage/authentication-and-authorization/approvers -/app/assets/javascripts/pages/oauth/ @gitlab-org/manage/authentication-and-authorization/approvers -/app/assets/javascripts/pages/omniauth_callbacks/ @gitlab-org/manage/authentication-and-authorization/approvers -/app/assets/javascripts/pages/profiles/password_prompt/ @gitlab-org/manage/authentication-and-authorization/approvers -/app/assets/javascripts/pages/profiles/personal_access_tokens/ @gitlab-org/manage/authentication-and-authorization/approvers -/app/assets/javascripts/pages/profiles/two_factor_auths/ @gitlab-org/manage/authentication-and-authorization/approvers -/app/assets/javascripts/pages/projects/settings/access_tokens/ @gitlab-org/manage/authentication-and-authorization/approvers -/app/assets/javascripts/pages/sessions/new/oauth_remember_me.js @gitlab-org/manage/authentication-and-authorization/approvers -/app/assets/javascripts/projects/settings/topics/components/ @gitlab-org/manage/authentication-and-authorization/approvers -/app/assets/javascripts/related_issues/components/issue_token.vue @gitlab-org/manage/authentication-and-authorization/approvers -/app/assets/stylesheets/page_bundles/profile_two_factor_auth.scss @gitlab-org/manage/authentication-and-authorization/approvers -/app/controllers/admin/impersonation_tokens_controller.rb @gitlab-org/manage/authentication-and-authorization/approvers -/app/controllers/concerns/access_tokens_actions.rb @gitlab-org/manage/authentication-and-authorization/approvers -/app/controllers/concerns/authenticates_with_two_factor.rb @gitlab-org/manage/authentication-and-authorization/approvers -/app/controllers/concerns/authenticates_with_two_factor_for_admin_mode.rb @gitlab-org/manage/authentication-and-authorization/approvers -/app/controllers/concerns/enforces_admin_authentication.rb @gitlab-org/manage/authentication-and-authorization/approvers -/app/controllers/concerns/enforces_two_factor_authentication.rb @gitlab-org/manage/authentication-and-authorization/approvers -/app/controllers/concerns/oauth_applications.rb @gitlab-org/manage/authentication-and-authorization/approvers -/app/controllers/concerns/project_unauthorized.rb @gitlab-org/manage/authentication-and-authorization/approvers -/app/models/concerns/require_email_verification.rb @gitlab-org/manage/authentication-and-authorization/approvers -/app/controllers/concerns/sessionless_authentication.rb @gitlab-org/manage/authentication-and-authorization/approvers -/app/controllers/concerns/snippet_authorizations.rb @gitlab-org/manage/authentication-and-authorization/approvers -/app/controllers/concerns/verifies_with_email.rb @gitlab-org/manage/authentication-and-authorization/approvers -/app/controllers/concerns/workhorse_authorization.rb @gitlab-org/manage/authentication-and-authorization/approvers -/app/controllers/groups/settings/access_tokens_controller.rb @gitlab-org/manage/authentication-and-authorization/approvers -/app/controllers/ldap/ @gitlab-org/manage/authentication-and-authorization/approvers -/app/controllers/oauth/ @gitlab-org/manage/authentication-and-authorization/approvers -/app/controllers/omniauth_callbacks_controller.rb @gitlab-org/manage/authentication-and-authorization/approvers -/app/controllers/passwords_controller.rb @gitlab-org/manage/authentication-and-authorization/approvers -/app/controllers/profiles/passwords_controller.rb @gitlab-org/manage/authentication-and-authorization/approvers -/app/controllers/profiles/personal_access_tokens_controller.rb @gitlab-org/manage/authentication-and-authorization/approvers -/app/controllers/profiles/two_factor_auths_controller.rb @gitlab-org/manage/authentication-and-authorization/approvers -/app/controllers/profiles/webauthn_registrations_controller.rb @gitlab-org/manage/authentication-and-authorization/approvers -/app/controllers/projects/settings/access_tokens_controller.rb @gitlab-org/manage/authentication-and-authorization/approvers -/app/controllers/sessions_controller.rb @gitlab-org/manage/authentication-and-authorization/approvers -/app/finders/groups/projects_requiring_authorizations_refresh/ @gitlab-org/manage/authentication-and-authorization/approvers -/app/finders/personal_access_tokens_finder.rb @gitlab-org/manage/authentication-and-authorization/approvers -/app/helpers/access_tokens_helper.rb @gitlab-org/manage/authentication-and-authorization/approvers -/app/helpers/auth_helper.rb @gitlab-org/manage/authentication-and-authorization/approvers -/app/models/authentication_event.rb @gitlab-org/manage/authentication-and-authorization/approvers -/app/models/concerns/admin_changed_password_notifier.rb @gitlab-org/manage/authentication-and-authorization/approvers -/app/models/concerns/mirror_authentication.rb @gitlab-org/manage/authentication-and-authorization/approvers -/app/models/concerns/select_for_project_authorization.rb @gitlab-org/manage/authentication-and-authorization/approvers -/app/models/concerns/token_authenticatable.rb @gitlab-org/manage/authentication-and-authorization/approvers -/app/models/concerns/token_authenticatable_strategies/ @gitlab-org/manage/authentication-and-authorization/approvers -/app/models/oauth_access_grant.rb @gitlab-org/manage/authentication-and-authorization/approvers -/app/models/oauth_access_token.rb @gitlab-org/manage/authentication-and-authorization/approvers -/app/models/personal_access_token.rb @gitlab-org/manage/authentication-and-authorization/approvers -/app/models/project_authorization.rb @gitlab-org/manage/authentication-and-authorization/approvers -/app/models/token_with_iv.rb @gitlab-org/manage/authentication-and-authorization/approvers -/app/models/webauthn_registration.rb @gitlab-org/manage/authentication-and-authorization/approvers -/app/policies/personal_access_token_policy.rb @gitlab-org/manage/authentication-and-authorization/approvers -/app/serializers/access_token_entity_base.rb @gitlab-org/manage/authentication-and-authorization/approvers -/app/serializers/group_access_token_entity.rb @gitlab-org/manage/authentication-and-authorization/approvers -/app/serializers/group_access_token_serializer.rb @gitlab-org/manage/authentication-and-authorization/approvers -/app/serializers/impersonation_access_token_entity.rb @gitlab-org/manage/authentication-and-authorization/approvers -/app/serializers/impersonation_access_token_serializer.rb @gitlab-org/manage/authentication-and-authorization/approvers -/app/serializers/personal_access_token_entity.rb @gitlab-org/manage/authentication-and-authorization/approvers -/app/serializers/personal_access_token_serializer.rb @gitlab-org/manage/authentication-and-authorization/approvers -/app/serializers/project_access_token_entity.rb @gitlab-org/manage/authentication-and-authorization/approvers -/app/serializers/project_access_token_serializer.rb @gitlab-org/manage/authentication-and-authorization/approvers -/app/services/access_token_validation_service.rb @gitlab-org/manage/authentication-and-authorization/approvers -/app/services/auth/ @gitlab-org/manage/authentication-and-authorization/approvers -/app/services/authorized_project_update/ @gitlab-org/manage/authentication-and-authorization/approvers -/app/services/chat_names/authorize_user_service.rb @gitlab-org/manage/authentication-and-authorization/approvers -/app/services/personal_access_tokens/ @gitlab-org/manage/authentication-and-authorization/approvers -/app/services/projects/move_project_authorizations_service.rb @gitlab-org/manage/authentication-and-authorization/approvers -/app/services/resource_access_tokens/ @gitlab-org/manage/authentication-and-authorization/approvers -/app/services/todos/destroy/unauthorized_features_service.rb @gitlab-org/manage/authentication-and-authorization/approvers -/app/services/users/authorized_build_service.rb @gitlab-org/manage/authentication-and-authorization/approvers -/app/services/users/authorized_create_service.rb @gitlab-org/manage/authentication-and-authorization/approvers -/app/services/users/email_verification/ @gitlab-org/manage/authentication-and-authorization/approvers -/app/services/users/refresh_authorized_projects_service.rb @gitlab-org/manage/authentication-and-authorization/approvers -/app/services/webauthn/ @gitlab-org/manage/authentication-and-authorization/approvers -/app/validators/json_schemas/cluster_agent_authorization_configuration.json @gitlab-org/manage/authentication-and-authorization/approvers -/app/views/admin/application_settings/_external_authorization_service_form.html.haml @gitlab-org/manage/authentication-and-authorization/approvers -/app/views/admin/impersonation_tokens/ @gitlab-org/manage/authentication-and-authorization/approvers -/app/views/authentication/ @gitlab-org/manage/authentication-and-authorization/approvers -/app/views/dashboard/projects/_zero_authorized_projects.html.haml @gitlab-org/manage/authentication-and-authorization/approvers -/app/views/devise/mailer/password_change.html.haml @gitlab-org/manage/authentication-and-authorization/approvers -/app/views/devise/mailer/password_change.text.erb @gitlab-org/manage/authentication-and-authorization/approvers -/app/views/devise/mailer/password_change_by_admin.html.haml @gitlab-org/manage/authentication-and-authorization/approvers -/app/views/devise/mailer/password_change_by_admin.text.erb @gitlab-org/manage/authentication-and-authorization/approvers -/app/views/devise/mailer/reset_password_instructions.html.haml @gitlab-org/manage/authentication-and-authorization/approvers -/app/views/devise/mailer/reset_password_instructions.text.erb @gitlab-org/manage/authentication-and-authorization/approvers -/app/views/devise/**/ @gitlab-org/manage/authentication-and-authorization/approvers -/app/views/doorkeeper/authorizations/ @gitlab-org/manage/authentication-and-authorization/approvers -/app/views/doorkeeper/authorized_applications/ @gitlab-org/manage/authentication-and-authorization/approvers -/app/views/errors/omniauth_error.html.haml @gitlab-org/manage/authentication-and-authorization/approvers -/app/views/groups/settings/_resource_access_token_creation.html.haml @gitlab-org/manage/authentication-and-authorization/approvers -/app/views/groups/settings/_two_factor_auth.html.haml @gitlab-org/manage/authentication-and-authorization/approvers -/app/views/groups/settings/access_tokens/ @gitlab-org/manage/authentication-and-authorization/approvers -/app/views/layouts/oauth_error.html.haml @gitlab-org/manage/authentication-and-authorization/approvers -/app/views/notify/access_token_about_to_expire_email.html.haml @gitlab-org/manage/authentication-and-authorization/approvers -/app/views/notify/access_token_about_to_expire_email.text.erb @gitlab-org/manage/authentication-and-authorization/approvers -/app/views/notify/access_token_created_email.html.haml @gitlab-org/manage/authentication-and-authorization/approvers -/app/views/notify/access_token_created_email.text.erb @gitlab-org/manage/authentication-and-authorization/approvers -/app/views/notify/access_token_expired_email.html.haml @gitlab-org/manage/authentication-and-authorization/approvers -/app/views/notify/access_token_expired_email.text.erb @gitlab-org/manage/authentication-and-authorization/approvers -/app/views/notify/access_token_revoked_email.html.haml @gitlab-org/manage/authentication-and-authorization/approvers -/app/views/notify/access_token_revoked_email.text.erb @gitlab-org/manage/authentication-and-authorization/approvers -/app/views/profiles/passwords/ @gitlab-org/manage/authentication-and-authorization/approvers -/app/views/profiles/personal_access_tokens/ @gitlab-org/manage/authentication-and-authorization/approvers -/app/views/profiles/two_factor_auths/ @gitlab-org/manage/authentication-and-authorization/approvers -/app/views/projects/mirrors/_authentication_method.html.haml @gitlab-org/manage/authentication-and-authorization/approvers -/app/views/projects/settings/access_tokens/ @gitlab-org/manage/authentication-and-authorization/approvers -/app/views/shared/_no_password.html.haml @gitlab-org/manage/authentication-and-authorization/approvers -/app/views/shared/_two_factor_auth_recovery_settings_check.html.haml @gitlab-org/manage/authentication-and-authorization/approvers -/app/views/shared/access_tokens/ @gitlab-org/manage/authentication-and-authorization/approvers -/app/views/shared/members/_two_factor_auth_badge.html.haml @gitlab-org/manage/authentication-and-authorization/approvers -/app/views/shared/tokens/ @gitlab-org/manage/authentication-and-authorization/approvers -/app/workers/authorized_keys_worker.rb @gitlab-org/manage/authentication-and-authorization/approvers -/app/workers/authorized_project_update/ @gitlab-org/manage/authentication-and-authorization/approvers -/app/workers/authorized_projects_worker.rb @gitlab-org/manage/authentication-and-authorization/approvers -/app/workers/personal_access_tokens/ @gitlab-org/manage/authentication-and-authorization/approvers -/config/initializers/01_secret_token.rb @gitlab-org/manage/authentication-and-authorization/approvers -/config/initializers/devise_dynamic_password_length_validation.rb @gitlab-org/manage/authentication-and-authorization/approvers -/config/initializers/devise_password_length.rb.example @gitlab-org/manage/authentication-and-authorization/approvers -/config/initializers/gitlab_shell_secret_token.rb @gitlab-org/manage/authentication-and-authorization/approvers -/config/initializers/omniauth.rb @gitlab-org/manage/authentication-and-authorization/approvers -/config/initializers/rails_host_authorization.rb @gitlab-org/manage/authentication-and-authorization/approvers -/config/initializers/rails_host_authorization_gitpod.rb @gitlab-org/manage/authentication-and-authorization/approvers -/config/initializers/webauthn.rb @gitlab-org/manage/authentication-and-authorization/approvers -/config/initializers_before_autoloader/100_patch_omniauth_oauth2.rb @gitlab-org/manage/authentication-and-authorization/approvers -/config/initializers_before_autoloader/100_patch_omniauth_saml.rb @gitlab-org/manage/authentication-and-authorization/approvers -/config/weak_password_digests.yml @gitlab-org/manage/authentication-and-authorization/approvers -/ee/app/assets/javascripts/access_tokens/ @gitlab-org/manage/authentication-and-authorization/approvers -/ee/app/assets/javascripts/audit_events/components/tokens/ @gitlab-org/manage/authentication-and-authorization/approvers -/ee/app/assets/javascripts/audit_events/token_utils.js @gitlab-org/manage/authentication-and-authorization/approvers -/ee/app/assets/javascripts/batch_comments/ @gitlab-org/manage/authentication-and-authorization/approvers -/ee/app/assets/javascripts/groups/settings/components/ @gitlab-org/manage/authentication-and-authorization/approvers -/ee/app/assets/javascripts/pages/admin/application_settings/general/components/ @gitlab-org/manage/authentication-and-authorization/approvers -/ee/app/assets/javascripts/pages/groups/omniauth_callbacks/ @gitlab-org/manage/authentication-and-authorization/approvers -/ee/app/assets/javascripts/pages/passwords/ @gitlab-org/manage/authentication-and-authorization/approvers -/ee/app/assets/javascripts/pages/profiles/passwords/ @gitlab-org/manage/authentication-and-authorization/approvers -/ee/app/assets/javascripts/password/ @gitlab-org/manage/authentication-and-authorization/approvers -/ee/app/assets/javascripts/requirements/components/tokens/ @gitlab-org/manage/authentication-and-authorization/approvers -/ee/app/assets/javascripts/saml_providers/scim_token_service.js @gitlab-org/manage/authentication-and-authorization/approvers -/ee/app/assets/javascripts/saml_sso/components/ @gitlab-org/manage/authentication-and-authorization/approvers -/ee/app/assets/javascripts/vue_merge_request_widget/components/approvals/approvals_auth.vue @gitlab-org/manage/authentication-and-authorization/approvers -/ee/app/controllers/concerns/ee/authenticates_with_two_factor.rb @gitlab-org/manage/authentication-and-authorization/approvers -/ee/app/controllers/concerns/ee/enforces_two_factor_authentication.rb @gitlab-org/manage/authentication-and-authorization/approvers -/ee/app/controllers/concerns/saml_authorization.rb @gitlab-org/manage/authentication-and-authorization/approvers -/ee/app/controllers/ee/ldap/ @gitlab-org/manage/authentication-and-authorization/approvers -/ee/app/controllers/ee/omniauth_callbacks_controller.rb @gitlab-org/manage/authentication-and-authorization/approvers -/ee/app/controllers/ee/passwords_controller.rb @gitlab-org/manage/authentication-and-authorization/approvers -/ee/app/controllers/ee/sessions_controller.rb @gitlab-org/manage/authentication-and-authorization/approvers -/ee/app/controllers/groups/omniauth_callbacks_controller.rb @gitlab-org/manage/authentication-and-authorization/approvers -/ee/app/controllers/groups/scim_oauth_controller.rb @gitlab-org/manage/authentication-and-authorization/approvers -/ee/app/controllers/oauth/ @gitlab-org/manage/authentication-and-authorization/approvers -/ee/app/controllers/omniauth_kerberos_controller.rb @gitlab-org/manage/authentication-and-authorization/approvers -/ee/app/controllers/users/identity_verification_controller.rb @gitlab-org/manage/authentication-and-authorization/approvers -/ee/app/finders/auth/ @gitlab-org/manage/authentication-and-authorization/approvers -/ee/app/helpers/ee/access_tokens_helper.rb @gitlab-org/manage/authentication-and-authorization/approvers -/ee/app/helpers/ee/auth_helper.rb @gitlab-org/manage/authentication-and-authorization/approvers -/ee/app/helpers/ee/personal_access_tokens_helper.rb @gitlab-org/manage/authentication-and-authorization/approvers -/ee/app/models/concerns/identity_verifiable.rb @gitlab-org/manage/authentication-and-authorization/approvers -/ee/app/models/concerns/password_complexity.rb @gitlab-org/manage/authentication-and-authorization/approvers -/ee/app/models/ee/personal_access_token.rb @gitlab-org/manage/authentication-and-authorization/approvers -/ee/app/models/ee/project_authorization.rb @gitlab-org/manage/authentication-and-authorization/approvers -/ee/app/models/scim_oauth_access_token.rb @gitlab-org/manage/authentication-and-authorization/approvers -/ee/app/serializers/scim_oauth_access_token_entity.rb @gitlab-org/manage/authentication-and-authorization/approvers -/ee/app/services/arkose/token_verification_service.rb @gitlab-org/manage/authentication-and-authorization/approvers -/ee/app/services/ee/auth/ @gitlab-org/manage/authentication-and-authorization/approvers -/ee/app/services/ee/personal_access_tokens/ @gitlab-org/manage/authentication-and-authorization/approvers -/ee/app/services/ee/resource_access_tokens/ @gitlab-org/manage/authentication-and-authorization/approvers -/ee/app/services/ee/users/authorized_build_service.rb @gitlab-org/manage/authentication-and-authorization/approvers -/ee/app/services/personal_access_tokens/ @gitlab-org/manage/authentication-and-authorization/approvers -/ee/app/services/security/token_revocation_service.rb @gitlab-org/manage/authentication-and-authorization/approvers -/ee/app/services/users/email_verification/ @gitlab-org/manage/authentication-and-authorization/approvers -/ee/app/validators/password/ @gitlab-org/manage/authentication-and-authorization/approvers -/ee/app/views/admin/application_settings/_personal_access_token_expiration_policy.html.haml @gitlab-org/manage/authentication-and-authorization/approvers -/ee/app/views/credentials_inventory_mailer/personal_access_token_revoked_email.html.haml @gitlab-org/manage/authentication-and-authorization/approvers -/ee/app/views/credentials_inventory_mailer/personal_access_token_revoked_email.text.haml @gitlab-org/manage/authentication-and-authorization/approvers -/app/views/devise/**/ @gitlab-org/manage/authentication-and-authorization/approvers -/ee/app/views/groups/_personal_access_token_expiration_policy.html.haml @gitlab-org/manage/authentication-and-authorization/approvers -/ee/app/views/groups/sso/_authorize_pane.html.haml @gitlab-org/manage/authentication-and-authorization/approvers -/ee/app/views/notify/policy_revoked_personal_access_tokens_email.html.haml @gitlab-org/manage/authentication-and-authorization/approvers -/ee/app/views/notify/policy_revoked_personal_access_tokens_email.text.erb @gitlab-org/manage/authentication-and-authorization/approvers -/ee/app/views/oauth/ @gitlab-org/manage/authentication-and-authorization/approvers -/ee/app/views/shared/_password_requirements_list.html.haml @gitlab-org/manage/authentication-and-authorization/approvers -/ee/app/views/shared/credentials_inventory/_personal_access_tokens.html.haml @gitlab-org/manage/authentication-and-authorization/approvers -/ee/app/views/shared/credentials_inventory/personal_access_tokens/ @gitlab-org/manage/authentication-and-authorization/approvers -/ee/app/workers/auth/ @gitlab-org/manage/authentication-and-authorization/approvers -/ee/app/workers/personal_access_tokens/ @gitlab-org/manage/authentication-and-authorization/approvers -/ee/config/routes/oauth.rb @gitlab-org/manage/authentication-and-authorization/approvers -/ee/lib/ee/gitlab/auth/ @gitlab-org/manage/authentication-and-authorization/approvers -/ee/lib/ee/gitlab/omniauth_initializer.rb @gitlab-org/manage/authentication-and-authorization/approvers -/ee/lib/gitlab/auth/ @gitlab-org/manage/authentication-and-authorization/approvers -/ee/lib/gitlab/authority_analyzer.rb @gitlab-org/manage/authentication-and-authorization/approvers -/ee/lib/gitlab/geo/oauth/ @gitlab-org/manage/authentication-and-authorization/approvers -/ee/lib/gitlab/kerberos/ @gitlab-org/manage/authentication-and-authorization/approvers -/ee/lib/omni_auth/ @gitlab-org/manage/authentication-and-authorization/approvers -/ee/lib/system_check/geo/authorized_keys_check.rb @gitlab-org/manage/authentication-and-authorization/approvers -/ee/lib/system_check/geo/authorized_keys_flag_check.rb @gitlab-org/manage/authentication-and-authorization/approvers -/lib/api/entities/impersonation_token.rb @gitlab-org/manage/authentication-and-authorization/approvers -/lib/api/entities/impersonation_token_with_token.rb @gitlab-org/manage/authentication-and-authorization/approvers -/lib/api/entities/personal_access_token.rb @gitlab-org/manage/authentication-and-authorization/approvers -/lib/api/entities/personal_access_token_with_token.rb @gitlab-org/manage/authentication-and-authorization/approvers -/lib/api/entities/resource_access_token.rb @gitlab-org/manage/authentication-and-authorization/approvers -/lib/api/entities/resource_access_token_with_token.rb @gitlab-org/manage/authentication-and-authorization/approvers -/lib/api/helpers/authentication.rb @gitlab-org/manage/authentication-and-authorization/approvers -/lib/api/helpers/packages/basic_auth_helpers.rb @gitlab-org/manage/authentication-and-authorization/approvers -/lib/api/helpers/personal_access_tokens_helpers.rb @gitlab-org/manage/authentication-and-authorization/approvers -/lib/api/personal_access_tokens/ @gitlab-org/manage/authentication-and-authorization/approvers -/lib/api/personal_access_tokens.rb @gitlab-org/manage/authentication-and-authorization/approvers -/lib/api/resource_access_tokens.rb @gitlab-org/manage/authentication-and-authorization/approvers -/lib/api/support/token_with_expiration.rb @gitlab-org/manage/authentication-and-authorization/approvers -/lib/gitlab/api_authentication/ @gitlab-org/manage/authentication-and-authorization/approvers -/lib/gitlab/auth/ @gitlab-org/manage/authentication-and-authorization/approvers -/lib/gitlab/auth.rb @gitlab-org/manage/authentication-and-authorization/approvers -/lib/gitlab/auth_logger.rb @gitlab-org/manage/authentication-and-authorization/approvers -/lib/gitlab/authorized_keys.rb @gitlab-org/manage/authentication-and-authorization/approvers -/lib/gitlab/background_migration/encrypt_static_object_token.rb @gitlab-org/manage/authentication-and-authorization/approvers -/lib/gitlab/background_migration/expire_o_auth_tokens.rb @gitlab-org/manage/authentication-and-authorization/approvers -/lib/gitlab/background_migration/migrate_u2f_webauthn.rb @gitlab-org/manage/authentication-and-authorization/approvers -/lib/gitlab/background_migration/update_users_where_two_factor_auth_required_from_group.rb @gitlab-org/manage/authentication-and-authorization/approvers -/lib/gitlab/chat_name_token.rb @gitlab-org/manage/authentication-and-authorization/approvers -/lib/gitlab/cleanup/personal_access_tokens.rb @gitlab-org/manage/authentication-and-authorization/approvers -/lib/gitlab/external_authorization/ @gitlab-org/manage/authentication-and-authorization/approvers -/lib/gitlab/external_authorization.rb @gitlab-org/manage/authentication-and-authorization/approvers -/lib/gitlab/grape_logging/loggers/token_logger.rb @gitlab-org/manage/authentication-and-authorization/approvers -/lib/gitlab/graphql/authorize/ @gitlab-org/manage/authentication-and-authorization/approvers -/lib/gitlab/jwt_authenticatable.rb @gitlab-org/manage/authentication-and-authorization/approvers -/lib/gitlab/jwt_token.rb @gitlab-org/manage/authentication-and-authorization/approvers -/lib/gitlab/lfs_token.rb @gitlab-org/manage/authentication-and-authorization/approvers -/lib/gitlab/mail_room/ @gitlab-org/manage/authentication-and-authorization/approvers -/lib/gitlab/omniauth_initializer.rb @gitlab-org/manage/authentication-and-authorization/approvers -/lib/gitlab/project_authorizations.rb @gitlab-org/manage/authentication-and-authorization/approvers -/lib/json_web_token/ @gitlab-org/manage/authentication-and-authorization/approvers -/lib/omni_auth/ @gitlab-org/manage/authentication-and-authorization/approvers -/lib/security/weak_passwords.rb @gitlab-org/manage/authentication-and-authorization/approvers -/lib/system_check/app/authorized_keys_permission_check.rb @gitlab-org/manage/authentication-and-authorization/approvers -/lib/system_check/incoming_email/imap_authentication_check.rb @gitlab-org/manage/authentication-and-authorization/approvers -/lib/tasks/gitlab/password.rake @gitlab-org/manage/authentication-and-authorization/approvers -/lib/tasks/tokens.rake @gitlab-org/manage/authentication-and-authorization/approvers +[Authentication and Authorization] @gitlab-org/manage/authentication-and-authorization/approvers +/app/assets/javascripts/access_tokens/ +/app/assets/javascripts/alerts_settings/graphql/mutations/reset_http_token.mutation.graphql +/app/assets/javascripts/authentication/ +/app/assets/javascripts/ide/components/shared/tokened_input.vue +/app/assets/javascripts/packages_and_registries/package_registry/components/list/tokens/ +/app/assets/javascripts/pages/admin/impersonation_tokens/ +/app/assets/javascripts/pages/groups/settings/access_tokens/ +/app/assets/javascripts/pages/ldap/ +/app/assets/javascripts/pages/oauth/ +/app/assets/javascripts/pages/omniauth_callbacks/ +/app/assets/javascripts/pages/profiles/password_prompt/ +/app/assets/javascripts/pages/profiles/personal_access_tokens/ +/app/assets/javascripts/pages/profiles/two_factor_auths/ +/app/assets/javascripts/pages/projects/settings/access_tokens/ +/app/assets/javascripts/pages/sessions/new/oauth_remember_me.js +/app/assets/javascripts/projects/settings/topics/components/ +/app/assets/javascripts/related_issues/components/issue_token.vue +/app/assets/stylesheets/page_bundles/profile_two_factor_auth.scss +/app/controllers/admin/impersonation_tokens_controller.rb +/app/controllers/concerns/access_tokens_actions.rb +/app/controllers/concerns/authenticates_with_two_factor.rb +/app/controllers/concerns/authenticates_with_two_factor_for_admin_mode.rb +/app/controllers/concerns/enforces_admin_authentication.rb +/app/controllers/concerns/enforces_two_factor_authentication.rb +/app/controllers/concerns/oauth_applications.rb +/app/controllers/concerns/project_unauthorized.rb +/app/models/concerns/require_email_verification.rb +/app/controllers/concerns/sessionless_authentication.rb +/app/controllers/concerns/snippet_authorizations.rb +/app/controllers/concerns/verifies_with_email.rb +/app/controllers/concerns/workhorse_authorization.rb +/app/controllers/groups/settings/access_tokens_controller.rb +/app/controllers/ldap/ +/app/controllers/oauth/ +/app/controllers/omniauth_callbacks_controller.rb +/app/controllers/passwords_controller.rb +/app/controllers/profiles/passwords_controller.rb +/app/controllers/profiles/personal_access_tokens_controller.rb +/app/controllers/profiles/two_factor_auths_controller.rb +/app/controllers/profiles/webauthn_registrations_controller.rb +/app/controllers/projects/settings/access_tokens_controller.rb +/app/controllers/sessions_controller.rb +/app/finders/groups/projects_requiring_authorizations_refresh/ +/app/finders/personal_access_tokens_finder.rb +/app/helpers/access_tokens_helper.rb +/app/helpers/auth_helper.rb +/app/models/authentication_event.rb +/app/models/concerns/admin_changed_password_notifier.rb +/app/models/concerns/mirror_authentication.rb +/app/models/concerns/select_for_project_authorization.rb +/app/models/concerns/token_authenticatable.rb +/app/models/concerns/token_authenticatable_strategies/ +/app/models/oauth_access_grant.rb +/app/models/oauth_access_token.rb +/app/models/personal_access_token.rb +/app/models/project_authorization.rb +/app/models/token_with_iv.rb +/app/models/webauthn_registration.rb +/app/policies/personal_access_token_policy.rb +/app/serializers/access_token_entity_base.rb +/app/serializers/group_access_token_entity.rb +/app/serializers/group_access_token_serializer.rb +/app/serializers/impersonation_access_token_entity.rb +/app/serializers/impersonation_access_token_serializer.rb +/app/serializers/personal_access_token_entity.rb +/app/serializers/personal_access_token_serializer.rb +/app/serializers/project_access_token_entity.rb +/app/serializers/project_access_token_serializer.rb +/app/services/access_token_validation_service.rb +/app/services/auth/ +/app/services/authorized_project_update/ +/app/services/chat_names/authorize_user_service.rb +/app/services/personal_access_tokens/ +/app/services/projects/move_project_authorizations_service.rb +/app/services/resource_access_tokens/ +/app/services/todos/destroy/unauthorized_features_service.rb +/app/services/users/authorized_build_service.rb +/app/services/users/authorized_create_service.rb +/app/services/users/email_verification/ +/app/services/users/refresh_authorized_projects_service.rb +/app/services/webauthn/ +/app/validators/json_schemas/cluster_agent_authorization_configuration.json +/app/views/admin/application_settings/_external_authorization_service_form.html.haml +/app/views/admin/impersonation_tokens/ +/app/views/authentication/ +/app/views/dashboard/projects/_zero_authorized_projects.html.haml +/app/views/devise/mailer/password_change.html.haml +/app/views/devise/mailer/password_change.text.erb +/app/views/devise/mailer/password_change_by_admin.html.haml +/app/views/devise/mailer/password_change_by_admin.text.erb +/app/views/devise/mailer/reset_password_instructions.html.haml +/app/views/devise/mailer/reset_password_instructions.text.erb +/app/views/devise/**/ +/app/views/doorkeeper/authorizations/ +/app/views/doorkeeper/authorized_applications/ +/app/views/errors/omniauth_error.html.haml +/app/views/groups/settings/_resource_access_token_creation.html.haml +/app/views/groups/settings/_two_factor_auth.html.haml +/app/views/groups/settings/access_tokens/ +/app/views/layouts/oauth_error.html.haml +/app/views/notify/access_token_about_to_expire_email.html.haml +/app/views/notify/access_token_about_to_expire_email.text.erb +/app/views/notify/access_token_created_email.html.haml +/app/views/notify/access_token_created_email.text.erb +/app/views/notify/access_token_expired_email.html.haml +/app/views/notify/access_token_expired_email.text.erb +/app/views/notify/access_token_revoked_email.html.haml +/app/views/notify/access_token_revoked_email.text.erb +/app/views/profiles/passwords/ +/app/views/profiles/personal_access_tokens/ +/app/views/profiles/two_factor_auths/ +/app/views/projects/mirrors/_authentication_method.html.haml +/app/views/projects/settings/access_tokens/ +/app/views/shared/_no_password.html.haml +/app/views/shared/_two_factor_auth_recovery_settings_check.html.haml +/app/views/shared/access_tokens/ +/app/views/shared/members/_two_factor_auth_badge.html.haml +/app/views/shared/tokens/ +/app/workers/authorized_keys_worker.rb +/app/workers/authorized_project_update/ +/app/workers/authorized_projects_worker.rb +/app/workers/personal_access_tokens/ +/config/initializers/01_secret_token.rb +/config/initializers/devise_dynamic_password_length_validation.rb +/config/initializers/devise_password_length.rb.example +/config/initializers/gitlab_shell_secret_token.rb +/config/initializers/omniauth.rb +/config/initializers/rails_host_authorization.rb +/config/initializers/rails_host_authorization_gitpod.rb +/config/initializers/webauthn.rb +/config/initializers_before_autoloader/100_patch_omniauth_oauth2.rb +/config/initializers_before_autoloader/100_patch_omniauth_saml.rb +/config/weak_password_digests.yml +/ee/app/assets/javascripts/access_tokens/ +/ee/app/assets/javascripts/audit_events/components/tokens/ +/ee/app/assets/javascripts/audit_events/token_utils.js +/ee/app/assets/javascripts/batch_comments/ +/ee/app/assets/javascripts/groups/settings/components/ +/ee/app/assets/javascripts/pages/admin/application_settings/general/components/ +/ee/app/assets/javascripts/pages/groups/omniauth_callbacks/ +/ee/app/assets/javascripts/pages/passwords/ +/ee/app/assets/javascripts/pages/profiles/passwords/ +/ee/app/assets/javascripts/password/ +/ee/app/assets/javascripts/requirements/components/tokens/ +/ee/app/assets/javascripts/saml_providers/scim_token_service.js +/ee/app/assets/javascripts/saml_sso/components/ +/ee/app/assets/javascripts/vue_merge_request_widget/components/approvals/approvals_auth.vue +/ee/app/controllers/concerns/ee/authenticates_with_two_factor.rb +/ee/app/controllers/concerns/ee/enforces_two_factor_authentication.rb +/ee/app/controllers/concerns/saml_authorization.rb +/ee/app/controllers/ee/ldap/ +/ee/app/controllers/ee/omniauth_callbacks_controller.rb +/ee/app/controllers/ee/passwords_controller.rb +/ee/app/controllers/ee/sessions_controller.rb +/ee/app/controllers/groups/omniauth_callbacks_controller.rb +/ee/app/controllers/groups/scim_oauth_controller.rb +/ee/app/controllers/oauth/ +/ee/app/controllers/omniauth_kerberos_controller.rb +/ee/app/controllers/users/identity_verification_controller.rb +/ee/app/finders/auth/ +/ee/app/helpers/ee/access_tokens_helper.rb +/ee/app/helpers/ee/auth_helper.rb +/ee/app/helpers/ee/personal_access_tokens_helper.rb +/ee/app/models/concerns/identity_verifiable.rb +/ee/app/models/concerns/password_complexity.rb +/ee/app/models/ee/personal_access_token.rb +/ee/app/models/ee/project_authorization.rb +/ee/app/models/scim_oauth_access_token.rb +/ee/app/serializers/scim_oauth_access_token_entity.rb +/ee/app/services/arkose/token_verification_service.rb +/ee/app/services/ee/auth/ +/ee/app/services/ee/personal_access_tokens/ +/ee/app/services/ee/resource_access_tokens/ +/ee/app/services/ee/users/authorized_build_service.rb +/ee/app/services/personal_access_tokens/ +/ee/app/services/security/token_revocation_service.rb +/ee/app/services/users/email_verification/ +/ee/app/validators/password/ +/ee/app/views/admin/application_settings/_personal_access_token_expiration_policy.html.haml +/ee/app/views/credentials_inventory_mailer/personal_access_token_revoked_email.html.haml +/ee/app/views/credentials_inventory_mailer/personal_access_token_revoked_email.text.haml +/app/views/devise/**/ +/ee/app/views/groups/_personal_access_token_expiration_policy.html.haml +/ee/app/views/groups/sso/_authorize_pane.html.haml +/ee/app/views/notify/policy_revoked_personal_access_tokens_email.html.haml +/ee/app/views/notify/policy_revoked_personal_access_tokens_email.text.erb +/ee/app/views/oauth/ +/ee/app/views/shared/_password_requirements_list.html.haml +/ee/app/views/shared/credentials_inventory/_personal_access_tokens.html.haml +/ee/app/views/shared/credentials_inventory/personal_access_tokens/ +/ee/app/workers/auth/ +/ee/app/workers/personal_access_tokens/ +/ee/config/routes/oauth.rb +/ee/lib/ee/gitlab/auth/ +/ee/lib/ee/gitlab/omniauth_initializer.rb +/ee/lib/gitlab/auth/ +/ee/lib/gitlab/authority_analyzer.rb +/ee/lib/gitlab/geo/oauth/ +/ee/lib/gitlab/kerberos/ +/ee/lib/omni_auth/ +/ee/lib/system_check/geo/authorized_keys_check.rb +/ee/lib/system_check/geo/authorized_keys_flag_check.rb +/lib/api/entities/impersonation_token.rb +/lib/api/entities/impersonation_token_with_token.rb +/lib/api/entities/personal_access_token.rb +/lib/api/entities/personal_access_token_with_token.rb +/lib/api/entities/resource_access_token.rb +/lib/api/entities/resource_access_token_with_token.rb +/lib/api/helpers/authentication.rb +/lib/api/helpers/packages/basic_auth_helpers.rb +/lib/api/helpers/personal_access_tokens_helpers.rb +/lib/api/personal_access_tokens/ +/lib/api/personal_access_tokens.rb +/lib/api/resource_access_tokens.rb +/lib/api/support/token_with_expiration.rb +/lib/gitlab/api_authentication/ +/lib/gitlab/auth/ +/lib/gitlab/auth.rb +/lib/gitlab/auth_logger.rb +/lib/gitlab/authorized_keys.rb +/lib/gitlab/background_migration/encrypt_static_object_token.rb +/lib/gitlab/background_migration/expire_o_auth_tokens.rb +/lib/gitlab/background_migration/migrate_u2f_webauthn.rb +/lib/gitlab/background_migration/update_users_where_two_factor_auth_required_from_group.rb +/lib/gitlab/chat_name_token.rb +/lib/gitlab/cleanup/personal_access_tokens.rb +/lib/gitlab/external_authorization/ +/lib/gitlab/external_authorization.rb +/lib/gitlab/grape_logging/loggers/token_logger.rb +/lib/gitlab/graphql/authorize/ +/lib/gitlab/jwt_authenticatable.rb +/lib/gitlab/jwt_token.rb +/lib/gitlab/lfs_token.rb +/lib/gitlab/mail_room/ +/lib/gitlab/omniauth_initializer.rb +/lib/gitlab/project_authorizations.rb +/lib/json_web_token/ +/lib/omni_auth/ +/lib/security/weak_passwords.rb +/lib/system_check/app/authorized_keys_permission_check.rb +/lib/system_check/incoming_email/imap_authentication_check.rb +/lib/tasks/gitlab/password.rake +/lib/tasks/tokens.rake -^[Verify] -/app/**/ci/ @gitlab-org/maintainers/cicd-verify -/app/controllers/admin/jobs_controller.rb @gitlab-org/maintainers/cicd-verify -/app/controllers/admin/runner_projects_controller.rb @gitlab-org/maintainers/cicd-verify -/app/controllers/admin/runners_controller.rb @gitlab-org/maintainers/cicd-verify -/app/controllers/projects/artifacts_controller.rb @gitlab-org/maintainers/cicd-verify -/app/controllers/projects/build_artifacts_controller.rb @gitlab-org/maintainers/cicd-verify -/app/controllers/projects/builds_controller.rb @gitlab-org/maintainers/cicd-verify -/app/controllers/projects/jobs_controller.rb @gitlab-org/maintainers/cicd-verify -/app/controllers/runner_setup_controller.rb @gitlab-org/maintainers/cicd-verify -/app/controllers/projects/pipeline_schedules_controller.rb @gitlab-org/maintainers/cicd-verify -/app/controllers/projects/pipelines_controller.rb @gitlab-org/maintainers/cicd-verify -/app/controllers/projects/pipelines_settings_controller.rb @gitlab-org/maintainers/cicd-verify -/app/controllers/projects/runner_projects_controller.rb @gitlab-org/maintainers/cicd-verify -/app/controllers/projects/runners_controller.rb @gitlab-org/maintainers/cicd-verify -/app/controllers/projects/triggers_controller.rb @gitlab-org/maintainers/cicd-verify -/app/controllers/projects/variables_controller.rb @gitlab-org/maintainers/cicd-verify -/app/models/commit_status.rb @gitlab-org/maintainers/cicd-verify -/app/models/external_pull_request.rb @gitlab-org/maintainers/cicd-verify -/app/models/generic_commit_status.rb @gitlab-org/maintainers/cicd-verify -/app/models/namespace_ci_cd_setting.rb @gitlab-org/maintainers/cicd-verify -/app/models/project_ci_cd_setting.rb @gitlab-org/maintainers/cicd-verify -/app/presenters/commit_status_presenter.rb @gitlab-org/maintainers/cicd-verify -/app/presenters/generic_commit_status_presenter.rb @gitlab-org/maintainers/cicd-verify -/app/validators/json_schemas/build_metadata_id_tokens.json @gitlab-org/maintainers/cicd-verify -/app/views/projects/artifacts/ @gitlab-org/maintainers/cicd-verify -/app/views/projects/generic_commit_statuses/ @gitlab-org/maintainers/cicd-verify -/app/views/projects/jobs/ @gitlab-org/maintainers/cicd-verify -/app/views/projects/pipeline_schedules/ @gitlab-org/maintainers/cicd-verify -/app/views/projects/pipelines/ @gitlab-org/maintainers/cicd-verify -/app/views/projects/triggers/ @gitlab-org/maintainers/cicd-verify -/app/workers/build_hooks_worker.rb @gitlab-org/maintainers/cicd-verify -/app/workers/build_queue_worker.rb @gitlab-org/maintainers/cicd-verify -/app/workers/build_success_worker.rb @gitlab-org/maintainers/cicd-verify -/app/workers/ci_platform_metrics_update_cron_worker.rb @gitlab-org/maintainers/cicd-verify -/app/workers/create_pipeline_worker.rb @gitlab-org/maintainers/cicd-verify -/app/workers/expire_build_artifacts_worker.rb @gitlab-org/maintainers/cicd-verify -/app/workers/pipeline_hooks_worker.rb @gitlab-org/maintainers/cicd-verify -/app/workers/pipeline_metrics_worker.rb @gitlab-org/maintainers/cicd-verify -/app/workers/pipeline_notification_worker.rb @gitlab-org/maintainers/cicd-verify -/app/workers/pipeline_process_worker.rb @gitlab-org/maintainers/cicd-verify -/app/workers/pipeline_schedule_worker.rb @gitlab-org/maintainers/cicd-verify -/app/workers/run_pipeline_schedule_worker.rb @gitlab-org/maintainers/cicd-verify -/app/workers/stuck_ci_jobs_worker.rb @gitlab-org/maintainers/cicd-verify -/app/workers/update_external_pull_requests_worker.rb @gitlab-org/maintainers/cicd-verify -/lib/**/ci/ @gitlab-org/maintainers/cicd-verify -/lib/api/commit_statuses.rb @gitlab-org/maintainers/cicd-verify -/ee/app/**/ci/ @gitlab-org/maintainers/cicd-verify -/ee/app/**/merge_trains/ @gitlab-org/maintainers/cicd-verify -/ee/app/models/merge_train.rb @gitlab-org/maintainers/cicd-verify -/ee/app/finders/merge_trains_finder.rb @gitlab-org/maintainers/cicd-verify -/ee/app/services/auto_merge/add_to_merge_train_when_pipeline_succeeds_service.rb @gitlab-org/maintainers/cicd-verify -/ee/app/services/auto_merge/merge_train_service.rb @gitlab-org/maintainers/cicd-verify -/ee/app/services/system_notes/merge_train_service.rb @gitlab-org/maintainers/cicd-verify -/ee/app/controllers/ee/admin/runners_controller.rb @gitlab-org/maintainers/cicd-verify -/ee/app/controllers/ee/projects/pipelines_controller.rb @gitlab-org/maintainers/cicd-verify -/ee/app/controllers/projects/pipelines/ @gitlab-org/maintainers/cicd-verify -/ee/app/controllers/projects/subscriptions_controller.rb @gitlab-org/maintainers/cicd-verify -/ee/app/models/merge_train.rb @gitlab-org/maintainers/cicd-verify -/ee/app/helpers/ee/projects/pipeline_helper.rb @gitlab-org/maintainers/cicd-verify -/ee/app/views/ci_minutes_usage_mailer/ @gitlab-org/maintainers/cicd-verify -/ee/app/views/projects/pipelines/ @gitlab-org/maintainers/cicd-verify -/ee/app/views/projects/settings/ci_cd/ @gitlab-org/maintainers/cicd-verify -/ee/app/workers/clear_shared_runners_minutes_worker.rb @gitlab-org/maintainers/cicd-verify -/ee/lib/**/ci/ @gitlab-org/maintainers/cicd-verify -/ee/lib/ee/api/entities/merge_train.rb @gitlab-org/maintainers/cicd-verify -/spec/**/ci @gitlab-org/maintainers/cicd-verify -/spec/controllers/admin/jobs_controller_spec.rb @gitlab-org/maintainers/cicd-verify -/spec/controllers/admin/runner_projects_controller_spec.rb @gitlab-org/maintainers/cicd-verify -/spec/controllers/admin/runners_controller_spec.rb @gitlab-org/maintainers/cicd-verify -/spec/controllers/projects/artifacts_controller_spec.rb @gitlab-org/maintainers/cicd-verify -/spec/controllers/projects/jobs_controller_spec.rb @gitlab-org/maintainers/cicd-verify -/spec/requests/runner_setup_controller_spec.rb @gitlab-org/maintainers/cicd-verify -/spec/controllers/projects/pipeline_schedules_controller_spec.rb @gitlab-org/maintainers/cicd-verify -/spec/requests/projects/pipelines_controller_spec.rb @gitlab-org/maintainers/cicd-verify -/spec/controllers/projects/pipelines_settings_controller_spec.rb @gitlab-org/maintainers/cicd-verify -/spec/controllers/projects/runners_controller_spec.rb @gitlab-org/maintainers/cicd-verify -/spec/controllers/groups/variables_controller_spec.rb @gitlab-org/maintainers/cicd-verify -/spec/models/commit_status_spec.rb @gitlab-org/maintainers/cicd-verify -/spec/models/external_pull_request_spec.rb @gitlab-org/maintainers/cicd-verify -/spec/models/generic_commit_status_spec.rb @gitlab-org/maintainers/cicd-verify -/spec/models/namespace_ci_cd_setting_spec.rb @gitlab-org/maintainers/cicd-verify -/spec/models/project_ci_cd_setting_spec.rb @gitlab-org/maintainers/cicd-verify -/spec/presenters/commit_status_presenter_spec.rb @gitlab-org/maintainers/cicd-verify -/spec/views/projects/jobs/ @gitlab-org/maintainers/cicd-verify -/spec/views/projects/pipeline_schedules/ @gitlab-org/maintainers/cicd-verify -/spec/views/projects/pipelines/ @gitlab-org/maintainers/cicd-verify -/spec/views/projects/settings/ci_cd/ @gitlab-org/maintainers/cicd-verify -/spec/workers/build_hooks_worker_spec.rb @gitlab-org/maintainers/cicd-verify -/spec/workers/build_queue_worker_spec.rb @gitlab-org/maintainers/cicd-verify -/spec/workers/build_success_worker_spec.rb @gitlab-org/maintainers/cicd-verify -/spec/workers/ci_platform_metrics_update_cron_worker_spec.rb @gitlab-org/maintainers/cicd-verify -/spec/workers/create_pipeline_worker_spec.rb @gitlab-org/maintainers/cicd-verify -/spec/workers/expire_build_artifacts_worker_spec.rb @gitlab-org/maintainers/cicd-verify -/spec/workers/pipeline_hooks_worker_spec.rb @gitlab-org/maintainers/cicd-verify -/spec/workers/pipeline_metrics_worker_spec.rb @gitlab-org/maintainers/cicd-verify -/spec/workers/pipeline_notification_worker_spec.rb @gitlab-org/maintainers/cicd-verify -/spec/workers/pipeline_process_worker_spec.rb @gitlab-org/maintainers/cicd-verify -/spec/workers/pipeline_schedule_worker_spec.rb @gitlab-org/maintainers/cicd-verify -/spec/workers/run_pipeline_schedule_worker_spec.rb @gitlab-org/maintainers/cicd-verify -/spec/workers/stuck_ci_jobs_worker_spec.rb @gitlab-org/maintainers/cicd-verify -/spec/workers/update_external_pull_requests_worker_spec.rb @gitlab-org/maintainers/cicd-verify -/ee/spec/**/ci @gitlab-org/maintainers/cicd-verify -/ee/spec/**/merge_trains @gitlab-org/maintainers/cicd-verify -/ee/spec/models/merge_train_spec.rb @gitlab-org/maintainers/cicd-verify -/ee/spec/finders/merge_trains_finder_spec.rb @gitlab-org/maintainers/cicd-verify -/ee/spec/services/auto_merge/add_to_merge_train_when_pipeline_succeeds_service_spec.rb @gitlab-org/maintainers/cicd-verify -/ee/spec/services/auto_merge/merge_train_service_spec.rb @gitlab-org/maintainers/cicd-verify -/ee/spec/services/system_notes/merge_train_service_spec.rb @gitlab-org/maintainers/cicd-verify -/ee/spec/controllers/projects/subscriptions_controller_spec.rb @gitlab-org/maintainers/cicd-verify -/ee/spec/helpers/ee/projects/pipeline_helper_spec.rb @gitlab-org/maintainers/cicd-verify -/ee/spec/workers/clear_shared_runners_minutes_worker_spec.rb @gitlab-org/maintainers/cicd-verify -/ee/spec/lib/**/ci/ @gitlab-org/maintainers/cicd-verify -/**/javascripts/jobs/ @gitlab-org/ci-cd/verify/frontend +[Verify] @gitlab-org/maintainers/cicd-verify @shinya.maeda @stanhu @ayufan +# With these catch-all rules we will require backend approval and use it as an +# opportunity to refine specific rules defined in this section. +# Note that frontend, CI templates and other concerns should be kept within +# the same section. +/**/app/**/ci/ +/**/lib/**/ci/ +/**/app/**/merge_trains/ +/app/controllers/admin/jobs_controller.rb +/app/controllers/admin/runner_projects_controller.rb +/app/controllers/admin/runners_controller.rb +/app/controllers/projects/artifacts_controller.rb +/app/controllers/projects/build_artifacts_controller.rb +/app/controllers/projects/builds_controller.rb +/app/controllers/projects/jobs_controller.rb +/app/controllers/runner_setup_controller.rb +/app/controllers/projects/pipeline_schedules_controller.rb +/app/controllers/projects/pipelines_controller.rb +/app/controllers/projects/pipelines_settings_controller.rb +/app/controllers/projects/runner_projects_controller.rb +/app/controllers/projects/runners_controller.rb +/app/controllers/projects/triggers_controller.rb +/app/controllers/projects/variables_controller.rb +/app/models/commit_status.rb +/app/models/external_pull_request.rb +/app/models/generic_commit_status.rb +/app/models/namespace_ci_cd_setting.rb +/app/models/project_ci_cd_setting.rb +/app/models/projects/build_artifacts_size_refresh.rb +/app/presenters/commit_status_presenter.rb +/app/presenters/generic_commit_status_presenter.rb +/app/services/projects/refresh_build_artifacts_size_statistics_service.rb +/app/uploaders/job_artifact_uploader.rb +/app/validators/json_schemas/build_metadata_id_tokens.json +/app/views/projects/artifacts/ +/app/views/projects/generic_commit_statuses/ +/app/views/projects/jobs/ +/app/views/projects/pipeline_schedules/ +/app/views/projects/pipelines/ +/app/views/projects/triggers/ +/app/workers/build_hooks_worker.rb +/app/workers/build_queue_worker.rb +/app/workers/build_success_worker.rb +/app/workers/ci_platform_metrics_update_cron_worker.rb +/app/workers/create_pipeline_worker.rb +/app/workers/expire_build_artifacts_worker.rb +/app/workers/pipeline_hooks_worker.rb +/app/workers/pipeline_metrics_worker.rb +/app/workers/pipeline_notification_worker.rb +/app/workers/pipeline_process_worker.rb +/app/workers/pipeline_schedule_worker.rb +/app/workers/projects/refresh_build_artifacts_size_statistics_worker.rb +/app/workers/run_pipeline_schedule_worker.rb +/app/workers/stuck_ci_jobs_worker.rb +/app/workers/update_external_pull_requests_worker.rb +/lib/api/commit_statuses.rb +/ee/app/finders/merge_trains_finder.rb +/ee/app/services/auto_merge/add_to_merge_train_when_pipeline_succeeds_service.rb +/ee/app/services/auto_merge/merge_train_service.rb +/ee/app/services/system_notes/merge_train_service.rb +/ee/app/controllers/ee/admin/runners_controller.rb +/ee/app/controllers/ee/projects/pipelines_controller.rb +/ee/app/controllers/projects/pipelines/ +/ee/app/controllers/projects/subscriptions_controller.rb +/ee/app/helpers/ee/projects/pipeline_helper.rb +/ee/app/views/ci_minutes_usage_mailer/ +/ee/app/views/projects/pipelines/ +/ee/app/views/projects/settings/ci_cd/ +/ee/app/workers/clear_shared_runners_minutes_worker.rb +/ee/lib/api/merge_trains.rb +/ee/lib/ee/api/entities/merge_train.rb + +# Overrides for Verify. These files below require approval from teams outside Verify. +/**/lib/**/ci/reports/**/ @gitlab-org/maintainers/rails-backend +/**/lib/**/ci/parsers/**/ @gitlab-org/maintainers/rails-backend +/ee/lib/gitlab/ci/parsers/license_compliance/ @gitlab-org/secure/composition-analysis-be +/ee/lib/gitlab/ci/parsers/security/ @gitlab-org/govern/threat-insights-backend-team +/ee/lib/gitlab/ci/reports/coverage_fuzzing/ @gitlab-org/secure/fuzzing-be +/ee/lib/gitlab/ci/reports/dependency_list/ @gitlab-org/secure/composition-analysis-be +/ee/lib/gitlab/ci/reports/license_scanning/ @gitlab-org/secure/composition-analysis-be +/ee/lib/gitlab/ci/reports/security/ @gitlab-org/govern/threat-insights-backend-team + +# Verify frontend +/**/javascripts/ci/ @gitlab-org/ci-cd/verify/frontend /**/javascripts/pipelines/ @gitlab-org/ci-cd/verify/frontend -/app/assets/javascripts/ci/ @gitlab-org/ci-cd/verify/frontend -/app/assets/javascripts/ci/pipeline_schedules/ @gitlab-org/ci-cd/verify/frontend -/ee/app/assets/javascripts/ci/ @gitlab-org/ci-cd/verify/frontend -/app/assets/javascripts/token_access/ @gitlab-org/ci-cd/verify/frontend -/app/assets/javascripts/admin/application_settings/runner_token_expiration/ @gitlab-org/ci-cd/verify/frontend -/ee/app/assets/javascripts/usage_quotas/pipelines/ @gitlab-org/ci-cd/verify/frontend @fulfillment-group/utilization-group/fe +/**/javascripts/jobs/ @gitlab-org/ci-cd/verify/frontend +/**/javascripts/token_access/ @gitlab-org/ci-cd/verify/frontend +/**/javascripts/admin/application_settings/runner_token_expiration/ @gitlab-org/ci-cd/verify/frontend +/**/javascripts/usage_quotas/pipelines/ @gitlab-org/ci-cd/verify/frontend @sheldonled @aalakkad @kpalchyk + +## Verify:Runner Fleet Backend + +/app/controllers/admin/runner*.rb @gitlab-org/ci-cd/runner-fleet-team/backend-approvers +/app/controllers/concerns/runner*.rb @gitlab-org/ci-cd/runner-fleet-team/backend-approvers +/app/controllers/groups/runner*.rb @gitlab-org/ci-cd/runner-fleet-team/backend-approvers +/app/controllers/projects/runner*.rb @gitlab-org/ci-cd/runner-fleet-team/backend-approvers +/app/controllers/runner*.rb @gitlab-org/ci-cd/runner-fleet-team/backend-approvers +/app/finders/ci/runner*.rb @gitlab-org/ci-cd/runner-fleet-team/backend-approvers +/app/graphql/mutations/ci/runner/ @gitlab-org/ci-cd/runner-fleet-team/backend-approvers +/app/graphql/resolvers/ci/*_runners_resolver.rb @gitlab-org/ci-cd/runner-fleet-team/backend-approvers +/app/graphql/resolvers/ci/runner*.rb @gitlab-org/ci-cd/runner-fleet-team/backend-approvers +/app/graphql/types/ci/runner_*.rb @gitlab-org/ci-cd/runner-fleet-team/backend-approvers +/app/graphql/types/namespace/shared_runners_setting_enum.rb @gitlab-org/ci-cd/runner-fleet-team/backend-approvers +/app/graphql/types/permission_types/ci/runner*.rb @gitlab-org/ci-cd/runner-fleet-team/backend-approvers +/app/models/ci/build_runner_session.rb @gitlab-org/ci-cd/runner-fleet-team/backend-approvers +/app/models/ci/runner*.rb @gitlab-org/ci-cd/runner-fleet-team/backend-approvers +/app/models/concerns/ci/has_runner_executor.rb @gitlab-org/ci-cd/runner-fleet-team/backend-approvers +/app/models/concerns/runner*.rb @gitlab-org/ci-cd/runner-fleet-team/backend-approvers +/app/models/preloaders/runner*.rb @gitlab-org/ci-cd/runner-fleet-team/backend-approvers +/app/policies/ci/runner*.rb @gitlab-org/ci-cd/runner-fleet-team/backend-approvers +/app/presenters/ci/runner_*.rb @gitlab-org/ci-cd/runner-fleet-team/backend-approvers +/app/serializers/runner*.rb @gitlab-org/ci-cd/runner-fleet-team/backend-approvers +/app/services/ci/runners/ @gitlab-org/ci-cd/runner-fleet-team/backend-approvers +/app/workers/ci/runners/ @gitlab-org/ci-cd/runner-fleet-team/backend-approvers +/db/docs/ci_runner*.yml @gitlab-org/ci-cd/runner-fleet-team/backend-approvers +/ee/app/controllers/ee/admin/runner*.rb @gitlab-org/ci-cd/runner-fleet-team/backend-approvers +/ee/app/controllers/ee/groups/runner*.rb @gitlab-org/ci-cd/runner-fleet-team/backend-approvers +/ee/app/graphql/ee/mutations/ci/runner/ @gitlab-org/ci-cd/runner-fleet-team/backend-approvers +/ee/app/graphql/ee/types/ci/runner*.rb @gitlab-org/ci-cd/runner-fleet-team/backend-approvers +/ee/app/graphql/resolvers/ci/runner*.rb @gitlab-org/ci-cd/runner-fleet-team/backend-approvers +/ee/app/models/ee/ci/runner*.rb @gitlab-org/ci-cd/runner-fleet-team/backend-approvers +/ee/app/policies/ee/ci/runner*.rb @gitlab-org/ci-cd/runner-fleet-team/backend-approvers +/ee/app/services/audit_events/*runner*.rb @gitlab-org/ci-cd/runner-fleet-team/backend-approvers +/ee/app/services/ci/runners/ @gitlab-org/ci-cd/runner-fleet-team/backend-approvers +/ee/app/services/ee/ci/runners/ @gitlab-org/ci-cd/runner-fleet-team/backend-approvers +/ee/app/workers/ci/runners/ @gitlab-org/ci-cd/runner-fleet-team/backend-approvers +/lib/api/ci/helpers/runner.rb @gitlab-org/maintainers/cicd-verify @gitlab-org/ci-cd/runner-fleet-team/backend-approvers +/lib/api/ci/runner*.rb @gitlab-org/ci-cd/runner-fleet-team/backend-approvers +/lib/api/ci/runner.rb @gitlab-org/maintainers/cicd-verify @gitlab-org/ci-cd/runner-fleet-team/backend-approvers +/lib/api/entities/ci/runner*.rb @gitlab-org/ci-cd/runner-fleet-team/backend-approvers +/lib/gitlab/audit/ci_runner_token_author.rb @gitlab-org/ci-cd/runner-fleet-team/backend-approvers +/lib/gitlab/ci/runner*.rb @gitlab-org/ci-cd/runner-fleet-team/backend-approvers +/lib/gitlab/seeders/ci/runner/ @gitlab-org/ci-cd/runner-fleet-team/backend-approvers +/lib/tasks/gitlab/seed/runner_fleet.rake @gitlab-org/ci-cd/runner-fleet-team/backend-approvers +# CI/CD templates require approval from specific owners. +/lib/gitlab/ci/templates/ @gitlab-org/maintainers/cicd-templates +/lib/gitlab/ci/templates/Auto-DevOps.gitlab-ci.yml @DylanGriffith @mayra-cabrera @tkuah +/lib/gitlab/ci/templates/Security/ @gonzoyumo @twoodham @sethgitlab @thiagocsf +/lib/gitlab/ci/templates/Security/API-Fuzzing.*.yml @gitlab-org/secure/dynamic-analysis +/lib/gitlab/ci/templates/Security/Container-Scanning.*.yml @gitlab-org/secure/composition-analysis-be +/lib/gitlab/ci/templates/Security/Coverage-Fuzzing.*.yml @gitlab-org/secure/dynamic-analysis +/lib/gitlab/ci/templates/Security/DAST.*.yml @gitlab-org/secure/dynamic-analysis +/lib/gitlab/ci/templates/Security/Dependency-Scanning.*.yml @gitlab-org/secure/composition-analysis-be +/lib/gitlab/ci/templates/Security/License-Scanning.*.yml @gitlab-org/secure/composition-analysis-be +/lib/gitlab/ci/templates/Security/SAST.*.yml @gitlab-org/secure/static-analysis +/lib/gitlab/ci/templates/Security/Secret-Detection.*.yml @gitlab-org/secure/static-analysis +/lib/gitlab/ci/templates/Security/Secure-Binaries.*.yml @gitlab-org/secure/static-analysis @gitlab-org/secure/composition-analysis-be @gitlab-org/secure/dynamic-analysis +# Note: The `Fortify-FoD-sast.gitlab-ci.yml` template is provided and maintained by Fortify, an official Technology Partner with GitLab. +/lib/gitlab/ci/templates/Jobs/Container-Scanning.*.yml @gitlab-org/secure/composition-analysis-be +/lib/gitlab/ci/templates/Jobs/Dependency-Scanning.*.yml @gitlab-org/secure/composition-analysis-be +/lib/gitlab/ci/templates/Jobs/License-Scanning.*.yml @gitlab-org/secure/composition-analysis-be +/lib/gitlab/ci/templates/Jobs/SAST.*.yml @gitlab-org/secure/static-analysis +/lib/gitlab/ci/templates/Jobs/Secret-Detection.*.yml @gitlab-org/secure/static-analysis + +[Data Stores::Tenant Scale] @abdwdd @alexpooley @manojmj +lib/api/entities/basic_project_details.rb +lib/api/entities/project_with_access.rb +lib/api/entities/project_identity.rb +lib/api/entities/project.rb +ee/lib/ee/api/entities/project.rb + +[Compliance] @gitlab-org/govern/compliance +/app/services/audit_events/build_service.rb +/ee/app/services/ee/audit_events/build_service.rb +/ee/spec/services/audit_events/custom_audit_event_service_spec.rb +/app/models/audit_event.rb +/app/services/audit_event_service.rb +/app/services/concerns/audit_event_save_type.rb +/app/views/profiles/audit_log.html.haml +/ee/app/assets/javascripts/audit_events/ +/ee/app/controllers/admin/audit_log_reports_controller.rb +/ee/app/controllers/admin/audit_logs_controller.rb +/ee/app/controllers/concerns/audit_events/audit_events_params.rb +/ee/app/controllers/groups/audit_events_controller.rb +/ee/app/controllers/projects/audit_events_controller.rb +/ee/app/finders/audit_event_finder.rb +/ee/app/graphql/types/audit_events/ +/ee/app/helpers/audit_events_helper.rb +/ee/app/helpers/auditor_user_helper.rb +/ee/app/models/audit_events/external_audit_event_destination.rb +/ee/app/models/concerns/auditable.rb +/ee/app/models/ee/audit_event.rb +/ee/app/policies/audit_events/external_audit_event_destination_policy.rb +/ee/app/presenters/audit_event_presenter.rb +/ee/app/serializers/audit_event_entity.rb +/ee/app/serializers/audit_event_serializer.rb +/ee/app/services/ci/audit_variable_change_service.rb +/ee/app/services/ee/audit_event_service.rb +/ee/app/views/admin/users/_auditor_access_level_radio.html.haml +/ee/app/views/admin/users/_auditor_user_badge.html.haml +/ee/app/views/shared/icons/_icon_audit_events_purple.svg +/ee/app/views/shared/promotions/_promote_audit_events.html.haml +/ee/app/workers/audit_events/audit_event_streaming_worker.rb +/ee/config/events/1652263097_groups__audit_events__index_click_streams_tab.yml +/ee/config/events/202108302307_admin_audit_logs_index_click_date_range_button.yml +/ee/config/events/202108302307_groups__audit_events_controller_search_audit_event.yml +/ee/config/events/202108302307_profiles_controller_search_audit_event.yml +/ee/config/events/202108302307_projects__audit_events_controller_search_audit_event.yml +/ee/config/events/202111041910_admin__audit_logs_controller_search_audit_event.yml +/ee/config/metrics/counts_28d/20210216183930_g_compliance_audit_events_monthly.yml +/ee/config/metrics/counts_28d/20210216183934_i_compliance_audit_events_monthly.yml +/ee/config/metrics/counts_28d/20210216183942_a_compliance_audit_events_api_monthly.yml +/ee/config/metrics/counts_28d/20211130085433_g_manage_compliance_audit_event_destinations.yml +/ee/config/metrics/counts_7d/20210216183906_g_compliance_audit_events.yml +/ee/config/metrics/counts_7d/20210216183908_i_compliance_audit_events.yml +/ee/config/metrics/counts_7d/20210216183912_a_compliance_audit_events_api.yml +/ee/config/metrics/counts_7d/20210216183928_g_compliance_audit_events_weekly.yml +/ee/config/metrics/counts_7d/20210216183932_i_compliance_audit_events_weekly.yml +/ee/config/metrics/counts_7d/20210216183940_a_compliance_audit_events_api_weekly.yml +/ee/config/metrics/counts_all/20211130085433_g_manage_compliance_audit_event_destinations.yml +/ee/lib/api/audit_events.rb +/ee/lib/audit/ +/ee/lib/ee/api/entities/audit_event.rb +/ee/lib/ee/gitlab/audit/ +/lib/gitlab/audit/auditor.rb +/lib/gitlab/audit_json_logger.rb +/ee/app/graphql/mutations/audit_events/ +/ee/app/models/concerns/audit_events/ +/ee/app/views/projects/audit_events/ +/app/controllers/groups/releases_controller.rb +/app/controllers/projects/releases/evidences_controller.rb +/app/workers/releases/create_evidence_worker.rb +/app/workers/releases/manage_evidence_worker.rb + +[Fulfillment::Utilization] @sheldonled @aalakkad @kpalchyk +/ee/app/assets/javascripts/usage_quotas/components/ +/ee/app/assets/javascripts/usage_quotas/seats/ +/ee/app/assets/javascripts/usage_quotas/storage/ + +[Manage::Foundations] @gitlab-org/manage/foundations/engineering +/lib/sidebars/ +/ee/lib/sidebars/ -[Manage::Workspace] -lib/api/entities/basic_project_details.rb @gitlab-org/manage/manage-workspace/backend-approvers -lib/api/entities/project_with_access.rb @gitlab-org/manage/manage-workspace/backend-approvers -lib/api/entities/project_identity.rb @gitlab-org/manage/manage-workspace/backend-approvers -lib/api/entities/project.rb @gitlab-org/manage/manage-workspace/backend-approvers -ee/lib/ee/api/entities/project.rb @gitlab-org/manage/manage-workspace/backend-approvers +# JiHu GitLab rules. See https://gitlab.com/gitlab-jh/gitlab-jh-enablement/-/issues/213#note_1024367528 -[Compliance] -/app/services/audit_events/build_service.rb @gitlab-org/govern/compliance -/ee/spec/services/audit_events/custom_audit_event_service_spec.rb @gitlab-org/govern/compliance -/app/models/audit_event.rb @gitlab-org/govern/compliance -/app/services/audit_event_service.rb @gitlab-org/govern/compliance -/app/services/concerns/audit_event_save_type.rb @gitlab-org/govern/compliance -/app/views/profiles/audit_log.html.haml @gitlab-org/govern/compliance -/ee/app/assets/javascripts/audit_events/components/audit_events_app.vue @gitlab-org/govern/compliance -/ee/app/assets/javascripts/audit_events/components/audit_events_export_button.vue @gitlab-org/govern/compliance -/ee/app/assets/javascripts/audit_events/components/audit_events_filter.vue @gitlab-org/govern/compliance -/ee/app/assets/javascripts/audit_events/components/audit_events_log.vue @gitlab-org/govern/compliance -/ee/app/assets/javascripts/audit_events/components/audit_events_stream.vue @gitlab-org/govern/compliance -/ee/app/assets/javascripts/audit_events/components/audit_events_table.vue @gitlab-org/govern/compliance -/ee/app/assets/javascripts/audit_events/components/tokens/shared/ @gitlab-org/govern/compliance -/ee/app/assets/javascripts/audit_events/init_audit_events.js @gitlab-org/govern/compliance -/ee/app/controllers/admin/audit_log_reports_controller.rb @gitlab-org/govern/compliance -/ee/app/controllers/admin/audit_logs_controller.rb @gitlab-org/govern/compliance -/ee/app/controllers/concerns/audit_events/audit_events_params.rb @gitlab-org/govern/compliance -/ee/app/controllers/groups/audit_events_controller.rb @gitlab-org/govern/compliance -/ee/app/controllers/projects/audit_events_controller.rb @gitlab-org/govern/compliance -/ee/app/finders/audit_event_finder.rb @gitlab-org/govern/compliance -/ee/app/graphql/types/audit_events/external_audit_event_destination_type.rb @gitlab-org/govern/compliance -/ee/app/helpers/audit_events_helper.rb @gitlab-org/govern/compliance -/ee/app/helpers/auditor_user_helper.rb @gitlab-org/govern/compliance -/ee/app/models/audit_events/external_audit_event_destination.rb @gitlab-org/govern/compliance -/ee/app/models/concerns/auditable.rb @gitlab-org/govern/compliance -/ee/app/models/ee/audit_event.rb @gitlab-org/govern/compliance -/ee/app/policies/audit_events/external_audit_event_destination_policy.rb @gitlab-org/govern/compliance -/ee/app/presenters/audit_event_presenter.rb @gitlab-org/govern/compliance -/ee/app/serializers/audit_event_entity.rb @gitlab-org/govern/compliance -/ee/app/serializers/audit_event_serializer.rb @gitlab-org/govern/compliance -/ee/app/services/ci/audit_variable_change_service.rb @gitlab-org/govern/compliance -/ee/app/services/ee/audit_event_service.rb @gitlab-org/govern/compliance -/ee/app/views/admin/users/_auditor_access_level_radio.html.haml @gitlab-org/govern/compliance -/ee/app/views/admin/users/_auditor_user_badge.html.haml @gitlab-org/govern/compliance -/ee/app/views/shared/icons/_icon_audit_events_purple.svg @gitlab-org/govern/compliance -/ee/app/views/shared/promotions/_promote_audit_events.html.haml @gitlab-org/govern/compliance -/ee/app/workers/audit_events/audit_event_streaming_worker.rb @gitlab-org/govern/compliance -/ee/config/events/1652263097_groups__audit_events__index_click_streams_tab.yml @gitlab-org/govern/compliance -/ee/config/events/202108302307_admin_audit_logs_index_click_date_range_button.yml @gitlab-org/govern/compliance -/ee/config/events/202108302307_groups__audit_events_controller_search_audit_event.yml @gitlab-org/govern/compliance -/ee/config/events/202108302307_profiles_controller_search_audit_event.yml @gitlab-org/govern/compliance -/ee/config/events/202108302307_projects__audit_events_controller_search_audit_event.yml @gitlab-org/govern/compliance -/ee/config/events/202111041910_admin__audit_logs_controller_search_audit_event.yml @gitlab-org/govern/compliance -/ee/config/feature_flags/development/audit_log_group_level.yml @gitlab-org/govern/compliance -/ee/config/metrics/counts_28d/20210216183930_g_compliance_audit_events_monthly.yml @gitlab-org/govern/compliance -/ee/config/metrics/counts_28d/20210216183934_i_compliance_audit_events_monthly.yml @gitlab-org/govern/compliance -/ee/config/metrics/counts_28d/20210216183942_a_compliance_audit_events_api_monthly.yml @gitlab-org/govern/compliance -/ee/config/metrics/counts_28d/20211130085433_g_manage_compliance_audit_event_destinations.yml @gitlab-org/govern/compliance -/ee/config/metrics/counts_7d/20210216183906_g_compliance_audit_events.yml @gitlab-org/govern/compliance -/ee/config/metrics/counts_7d/20210216183908_i_compliance_audit_events.yml @gitlab-org/govern/compliance -/ee/config/metrics/counts_7d/20210216183912_a_compliance_audit_events_api.yml @gitlab-org/govern/compliance -/ee/config/metrics/counts_7d/20210216183928_g_compliance_audit_events_weekly.yml @gitlab-org/govern/compliance -/ee/config/metrics/counts_7d/20210216183932_i_compliance_audit_events_weekly.yml @gitlab-org/govern/compliance -/ee/config/metrics/counts_7d/20210216183940_a_compliance_audit_events_api_weekly.yml @gitlab-org/govern/compliance -/ee/config/metrics/counts_all/20211130085433_g_manage_compliance_audit_event_destinations.yml @gitlab-org/govern/compliance -/ee/lib/api/audit_events.rb @gitlab-org/govern/compliance -/ee/lib/audit/ @gitlab-org/govern/compliance -/ee/lib/ee/api/entities/audit_event.rb @gitlab-org/govern/compliance -/ee/lib/ee/gitlab/audit/ @gitlab-org/govern/compliance -/lib/gitlab/audit/auditor.rb @gitlab-org/govern/compliance -/lib/gitlab/audit_json_logger.rb @gitlab-org/govern/compliance +[JH Frontend] @jihulab/maintainers/frontend +/jh/app/assets/ +/jh/**/*.scss +/jh/**/*.js +/jh/**/*.vue -[Fulfillment::Utilization] -/ee/app/assets/javascripts/usage_quotas/components/ @fulfillment-group/utilization-group/fe -/ee/app/assets/javascripts/usage_quotas/seats/ @fulfillment-group/utilization-group/fe -/ee/app/assets/javascripts/usage_quotas/storage/ @fulfillment-group/utilization-group/fe +[JH Rails Backend] @jihulab/maintainers/rails-backend +/jh/**/*.rb +/jh/**/*.rake +/jh/qa/ @jihulab/maintainers/quality -[Manage::Foundations] -/lib/sidebars/ @gitlab/ @gitlab-org/manage/foundations/engineering -/ee/lib/sidebars/ @gitlab-org/manage/foundations/engineering
\ No newline at end of file +[JH Technical Writer] @jihulab/maintainers/technical-writer +/jh/doc/ diff --git a/.gitlab/ci/as-if-jh.gitlab-ci.yml b/.gitlab/ci/as-if-jh.gitlab-ci.yml index 6bd46bee770..ae589ddfc2c 100644 --- a/.gitlab/ci/as-if-jh.gitlab-ci.yml +++ b/.gitlab/ci/as-if-jh.gitlab-ci.yml @@ -1,9 +1,13 @@ +.as-if-jh-sandbox-variables: + variables: + AS_IF_JH_BRANCH: "as-if-jh/${CI_COMMIT_REF_NAME}" + SANDBOX_REPOSITORY: "https://dummy:${AS_IF_JH_TOKEN}@gitlab.com/gitlab-org-sandbox/gitlab-jh-validation.git" + .shared-as-if-jh: + extends: + - .as-if-jh-sandbox-variables variables: - SANDBOX_PROJECT: "gitlab-org-sandbox/gitlab-jh-validation" - SANDBOX_REPOSITORY: "https://dummy:${AS_IF_JH_TOKEN}@gitlab.com/${SANDBOX_PROJECT}.git" GITLAB_JH_MIRROR_PROJECT: "33019816" - AS_IF_JH_BRANCH: "as-if-jh/${CI_COMMIT_REF_NAME}" JH_FILES_TO_COMMIT: "jh package.json yarn.lock" add-jh-files: @@ -37,27 +41,66 @@ prepare-as-if-jh-branch: stage: prepare needs: - add-jh-files + variables: + # We can't apply --filter=tree:0 for runner to set up the repository, + # so instead we tell runner to not clone anything, and we set up the + # repository by ourselves. + GIT_STRATEGY: "none" + before_script: + - git clone --filter=tree:0 "${CI_REPOSITORY_URL}" gitlab + # We should checkout before moving/changing files + - cd gitlab + - git checkout -b "${AS_IF_JH_BRANCH}" "${CI_COMMIT_SHA}" + - cd .. + - mv ${JH_FILES_TO_COMMIT} gitlab/ script: - # Fetch for the history of the branch so it does not cause the following error: - # ! [remote rejected] ref -> ref (shallow update not allowed) - - git fetch --unshallow --filter=tree:0 origin "${CI_COMMIT_SHA}" - - git checkout -b "${AS_IF_JH_BRANCH}" + - cd gitlab - git add ${JH_FILES_TO_COMMIT} - git commit -m 'Add JH files' # TODO: Mark which SHA we add - git push -f "${SANDBOX_REPOSITORY}" "${AS_IF_JH_BRANCH}" +sync-as-if-jh-branch: + extends: + - .as-if-jh-sandbox-variables + - .as-if-jh:rules:sync-as-if-jh + stage: prepare + needs: ["prepare-as-if-jh-branch"] + inherit: + variables: + # From .gitlab-ci.yml for the default Docker image and cache + - DEFAULT_CI_IMAGE + - REGISTRY_HOST + - REGISTRY_GROUP + - DEBIAN_VERSION + - RUBY_VERSION + - GO_VERSION + - RUST_VERSION + - PG_VERSION + - RUBYGEMS_VERSION + - CHROME_VERSION + - NODE_ENV + variables: + MERGE_FROM: "${CI_COMMIT_SHA}" # This is used in https://jihulab.com/gitlab-cn/gitlab/-/blob/e98bcb37aea4cfe1e78e1daef1b58b5f732cf289/jh/bin/build_packagejson where we run in https://gitlab.com/gitlab-org-sandbox/gitlab-jh-validation + trigger: + # What this runs can be found at: + # https://gitlab.com/gitlab-org-sandbox/gitlab-jh-validation/-/blob/as-if-jh-code-sync/jh/.gitlab-ci.yml + project: gitlab-org-sandbox/gitlab-jh-validation + branch: as-if-jh-code-sync + strategy: depend + start-as-if-jh: extends: - - .shared-as-if-jh - .as-if-jh:rules:start-as-if-jh stage: prepare - needs: ["prepare-as-if-jh-branch"] + needs: + - job: "prepare-as-if-jh-branch" + - job: "sync-as-if-jh-branch" + optional: true inherit: variables: false variables: - AS_IF_EDITION: "jh" FORCE_GITLAB_CI: "true" # TODO: Trigger a merge request pipeline trigger: - project: gitlab-org-sandbox/gitlab-jh-validation # ${SANDBOX_PROJECT} does not work here - branch: as-if-jh/${CI_COMMIT_REF_NAME} # ${AS_IF_JH_BRANCH} does not work here + project: gitlab-org-sandbox/gitlab-jh-validation + branch: as-if-jh/${CI_COMMIT_REF_NAME} strategy: depend diff --git a/.gitlab/ci/build-images.gitlab-ci.yml b/.gitlab/ci/build-images.gitlab-ci.yml index 4ee15ccb311..b866446c6e0 100644 --- a/.gitlab/ci/build-images.gitlab-ci.yml +++ b/.gitlab/ci/build-images.gitlab-ci.yml @@ -1,13 +1,13 @@ .base-image-build: extends: .use-kaniko variables: - GIT_LFS_SKIP_SMUDGE: 1 # disable pulling objects from lfs + GIT_LFS_SKIP_SMUDGE: 1 # disable pulling objects from lfs retry: 2 .base-image-build-buildx: extends: .use-buildx variables: - GIT_LFS_SKIP_SMUDGE: 1 # disable pulling objects from lfs + GIT_LFS_SKIP_SMUDGE: 1 # disable pulling objects from lfs retry: 2 # This image is used by: @@ -71,3 +71,10 @@ build-assets-image: # The `cached-assets-hash.txt` file is used in `review-build-cng-env` (`.gitlab/ci/review-apps/main.gitlab-ci.yml`) # to pass the assets image tag to the CNG downstream pipeline. - cached-assets-hash.txt + +build-assets-image as-if-foss: + extends: + - build-assets-image + - .as-if-foss + - .build-images:rules:build-assets-image-as-if-foss + needs: ["compile-production-assets as-if-foss"] diff --git a/.gitlab/ci/ci-templates.gitlab-ci.yml b/.gitlab/ci/ci-templates.gitlab-ci.yml index d6e2fdf2fbe..c6681db9685 100644 --- a/.gitlab/ci/ci-templates.gitlab-ci.yml +++ b/.gitlab/ci/ci-templates.gitlab-ci.yml @@ -4,7 +4,7 @@ templates-shellcheck: - .default-before_script - .default-retry - .ruby-cache - - .use-pg13 + - .use-pg14 stage: test needs: - setup-test-env diff --git a/.gitlab/ci/database.gitlab-ci.yml b/.gitlab/ci/database.gitlab-ci.yml index ace968ec249..941cb9224fb 100644 --- a/.gitlab/ci/database.gitlab-ci.yml +++ b/.gitlab/ci/database.gitlab-ci.yml @@ -1,13 +1,43 @@ include: - local: .gitlab/ci/rails/shared.gitlab-ci.yml +db:rollback single-db-ci-connection: + extends: + - db:rollback + - .single-db-ci-connection + - .rails:rules:single-db-ci-connection + +db:migrate:reset single-db-ci-connection: + extends: + - db:migrate:reset + - .single-db-ci-connection + - .rails:rules:single-db-ci-connection + +db:check-schema-single-db-ci-connection: + extends: + - db:check-schema + - .single-db-ci-connection + - .rails:rules:single-db-ci-connection + +db:post_deployment_migrations_validator-single-db-ci-connection: + extends: + - db:post_deployment_migrations_validator + - .single-db-ci-connection + - .rails:rules:db:check-migrations-single-db-ci-connection + +db:backup_and_restore single-db-ci-connection: + extends: + - db:backup_and_restore + - .single-db-ci-connection + - .rails:rules:db-backup + db:rollback: extends: - .db-job-base - .rails:rules:db-rollback script: - - scripts/db_tasks db:migrate VERSION=20220502173045 # 14.10 (last 14.x version) - - scripts/db_tasks db:migrate + - bundle exec rake db:migrate VERSION=20220502173045 # 14.10 (last 14.x version) + - bundle exec rake db:migrate db:rollback single-db: extends: @@ -31,8 +61,7 @@ db:check-schema: - .db-job-base - .rails:rules:ee-mr-and-default-branch-only script: - - run_timed_command "bundle exec rake db:drop db:create" - - run_timed_command "scripts/db_tasks db:migrate" + - run_timed_command "bundle exec rake db:drop db:create db:migrate" db:check-schema-single-db: extends: @@ -97,7 +126,7 @@ db:backup_and_restore: GITLAB_ASSUME_YES: "1" script: - . scripts/prepare_build.sh - - bundle exec rake db:drop db:create db:structure:load db:seed_fu + - bundle exec rake db:drop db:create db:schema:load db:seed_fu - mkdir -p tmp/tests/public/uploads tmp/tests/{artifacts,pages,lfs-objects,terraform_state,registry,packages} - bundle exec rake gitlab:backup:create - date diff --git a/.gitlab/ci/dev-fixtures.gitlab-ci.yml b/.gitlab/ci/dev-fixtures.gitlab-ci.yml index 0ff469d7114..891a5dd79ad 100644 --- a/.gitlab/ci/dev-fixtures.gitlab-ci.yml +++ b/.gitlab/ci/dev-fixtures.gitlab-ci.yml @@ -3,7 +3,7 @@ - .default-retry - .rails-cache - .default-before_script - - .use-pg12 + - .use-pg13 stage: test needs: ["setup-test-env"] variables: @@ -15,8 +15,8 @@ # SEED_NESTED_GROUPS: "false" # requires network connection .run-dev-fixtures-script: &run-dev-fixtures-script - - run_timed_command "scripts/gitaly-test-spawn" - - run_timed_command "bundle exec rake db:seed_fu" + - section_start "gitaly-test-spawn" "Spawning Gitaly"; scripts/gitaly-test-spawn; section_end "gitaly-test-spawn"; # Do not use 'bundle exec' here + - section_start "seeding-db" "Seeding DB"; bundle exec rake db:seed_fu; section_end "seeding-db"; run-dev-fixtures: extends: @@ -29,7 +29,7 @@ run-dev-fixtures-ee: extends: - .run-dev-fixtures - .dev-fixtures:rules:ee-only - - .use-pg12-es7-ee + - .use-pg13-es7-ee script: - cp ee/db/fixtures/development/* $FIXTURE_PATH - *run-dev-fixtures-script diff --git a/.gitlab/ci/docs.gitlab-ci.yml b/.gitlab/ci/docs.gitlab-ci.yml index b404444f815..a52372a7bb4 100644 --- a/.gitlab/ci/docs.gitlab-ci.yml +++ b/.gitlab/ci/docs.gitlab-ci.yml @@ -42,7 +42,7 @@ review-docs-cleanup: docs-lint links: extends: - .docs:rules:docs-lint - image: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-docs/lint-html:alpine-3.16-ruby-3.0.5-869cfc5d + image: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-docs/lint-html:alpine-3.17-ruby-3.2.1-f53af000 stage: lint needs: [] script: @@ -58,7 +58,7 @@ docs-lint links: .docs-markdown-lint-image: # When updating the image version here, update it in /scripts/lint-doc.sh too. - image: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-docs/lint-markdown:alpine-3.16-vale-2.22.0-markdownlint-0.32.2-markdownlint2-0.6.0 + image: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-docs/lint-markdown:alpine-3.17-vale-2.24.0-markdownlint-0.33.0-markdownlint2-0.6.0 docs-lint markdown: extends: diff --git a/.gitlab/ci/frontend.gitlab-ci.yml b/.gitlab/ci/frontend.gitlab-ci.yml index 2e0d83187cf..708069d9b61 100644 --- a/.gitlab/ci/frontend.gitlab-ci.yml +++ b/.gitlab/ci/frontend.gitlab-ci.yml @@ -3,7 +3,7 @@ - .default-retry - .default-before_script - .assets-compile-cache - image: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images/debian-${DEBIAN_VERSION}-ruby-${RUBY_VERSION}-node-16.14:rubygems-3.2-git-2.33-lfs-2.9-yarn-1.22-graphicsmagick-1.3.36 + image: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images/debian-${DEBIAN_VERSION}-ruby-${RUBY_VERSION}-node-16.14:rubygems-${RUBYGEMS_VERSION}-git-2.33-lfs-2.9-yarn-1.22-graphicsmagick-1.3.36 variables: SETUP_DB: "false" WEBPACK_VENDOR_DLL: "true" @@ -49,6 +49,12 @@ compile-production-assets: after_script: - rm -f /etc/apt/sources.list.d/google*.list # We don't need to update Chrome here +compile-production-assets as-if-foss: + extends: + - compile-production-assets + - .as-if-foss + - .frontend:rules:compile-production-assets-as-if-foss + compile-test-assets: extends: - .compile-assets-base @@ -96,19 +102,50 @@ update-storybook-yarn-cache: script: - yarn_install_script +retrieve-frontend-fixtures: + variables: + SETUP_DB: "false" + extends: + - .default-retry + - .frontend:rules:default-frontend-jobs + stage: prepare + script: + - source scripts/utils.sh + - source scripts/gitlab_component_helpers.sh + - install_gitlab_gem + - export_fixtures_sha_for_download + - | + if check_fixtures_download; then + run_timed_command "download_and_extract_fixtures" + fi + artifacts: + paths: + - tmp/tests/frontend/ + +# Download fixtures only when a merge request contains changes to only JS files +# and fixtures are present in the package registry. .frontend-fixtures-base: extends: - .default-retry - .default-before_script - .rails-cache - - .use-pg12 + - .use-pg13 stage: fixtures - needs: ["setup-test-env", "retrieve-tests-metadata"] + needs: ["setup-test-env", "retrieve-tests-metadata", "retrieve-frontend-fixtures"] variables: + # Don't add `CRYSTALBALL: "false"` here as we're enabling Crystalball for scheduled pipelines (in `.gitlab-ci.yml`), so that we get coverage data + # for the `frontend fixture RSpec files` that will be added to the Crystalball mapping in `update-tests-metadata`. + # More information in https://gitlab.com/gitlab-org/gitlab/-/merge_requests/74003. WEBPACK_VENDOR_DLL: "true" script: + - source scripts/gitlab_component_helpers.sh + - | + if check_fixtures_reuse; then + echoinfo "INFO: Reusing frontend fixtures from 'retrieve-frontend-fixtures'." + exit 0 + fi - run_timed_command "gem install knapsack --no-document" - - run_timed_command "scripts/gitaly-test-spawn" + - section_start "gitaly-test-spawn" "Spawning Gitaly"; scripts/gitaly-test-spawn; section_end "gitaly-test-spawn"; # Do not use 'bundle exec' here - source ./scripts/rspec_helpers.sh - rspec_paralellized_job artifacts: @@ -137,10 +174,33 @@ rspec-all frontend_fixture as-if-foss: - .frontend-fixtures-base - .frontend:rules:frontend_fixture-as-if-foss - .as-if-foss + variables: + # We explicitely disable Crystalball here so as even in scheduled pipelines we don't need it since it's already enabled for `rspec-all frontend_fixture` there. + CRYSTALBALL: "false" + WEBPACK_VENDOR_DLL: "true" + KNAPSACK_GENERATE_REPORT: "" + FLAKY_RSPEC_GENERATE_REPORT: "" needs: - !reference [.frontend-fixtures-base, needs] - "compile-test-assets as-if-foss" +# Uploads EE fixtures in the EE project. +# Uploads FOSS fixtures in the FOSS project. +upload-frontend-fixtures: + extends: + - .frontend-fixtures-base + - .frontend:rules:upload-frontend-fixtures + stage: fixtures + needs: ["rspec-all frontend_fixture"] + script: + - source scripts/utils.sh + - source scripts/gitlab_component_helpers.sh + - export_fixtures_sha_for_upload + - 'fixtures_archive_doesnt_exist || { echoinfo "INFO: Exiting early as package exists."; exit 0; }' + - run_timed_command "create_fixtures_package" + - run_timed_command "upload_fixtures_package" + artifacts: {} + graphql-schema-dump: variables: SETUP_DB: "false" @@ -237,9 +297,7 @@ jest-integration: - .frontend:rules:default-frontend-jobs script: - run_timed_command "yarn jest:integration --ci" - needs: - - job: "rspec-all frontend_fixture" - - job: "graphql-schema-dump" + needs: ["rspec-all frontend_fixture", "graphql-schema-dump"] coverage-frontend: extends: @@ -322,9 +380,7 @@ startup-css-check: extends: - .startup-css-check-base - .frontend:rules:default-frontend-jobs - needs: - - job: "compile-test-assets" - - job: "rspec-all frontend_fixture" + needs: ["compile-test-assets", "rspec-all frontend_fixture"] startup-css-check as-if-foss: extends: diff --git a/.gitlab/ci/glfm.gitlab-ci.yml b/.gitlab/ci/glfm.gitlab-ci.yml index 6ff60f24730..008bb03de25 100644 --- a/.gitlab/ci/glfm.gitlab-ci.yml +++ b/.gitlab/ci/glfm.gitlab-ci.yml @@ -2,7 +2,7 @@ glfm-verify: extends: - .rails-job-base - .glfm:rules:glfm-verify - - .use-pg12 + - .use-pg13 stage: test needs: ["setup-test-env"] script: diff --git a/.gitlab/ci/global.gitlab-ci.yml b/.gitlab/ci/global.gitlab-ci.yml index ba623ef4cbe..4362269103b 100644 --- a/.gitlab/ci/global.gitlab-ci.yml +++ b/.gitlab/ci/global.gitlab-ci.yml @@ -2,11 +2,13 @@ retry: max: 2 # This is confusing but this means "3 runs at max". when: - - unknown_failure - api_failure - - runner_system_failure + - data_integrity_failure - job_execution_timeout + - runner_system_failure + - scheduler_failure - stuck_or_timeout_failure + - unknown_failure .default-utils-before_script: before_script: @@ -37,22 +39,12 @@ <<: *ruby-gems-cache policy: push # We want to rebuild the cache from scratch to ensure stale dependencies are cleaned up. -.gitaly-ruby-gems-cache: &gitaly-ruby-gems-cache - key: "gitaly-ruby-gems-debian-${DEBIAN_VERSION}-ruby-${RUBY_VERSION}" - paths: - - vendor/gitaly-ruby/ - policy: pull - -.gitaly-ruby-gems-cache-push: &gitaly-ruby-gems-cache-push - <<: *gitaly-ruby-gems-cache - policy: push # We want to rebuild the cache from scratch to ensure stale dependencies are cleaned up. - .gitaly-binaries-cache: &gitaly-binaries-cache key: files: - GITALY_SERVER_VERSION - lib/gitlab/setup_helper.rb - prefix: "gitaly-binaries-debian-${DEBIAN_VERSION}-ruby-${RUBY_VERSION}" + prefix: "gitaly-binaries-debian-${DEBIAN_VERSION}" paths: - ${TMP_TEST_FOLDER}/gitaly/_build/bin/ - ${TMP_TEST_FOLDER}/gitaly/_build/deps/git/install/ @@ -64,7 +56,6 @@ - ${TMP_TEST_FOLDER}/gitaly/Makefile - ${TMP_TEST_FOLDER}/gitaly/praefect.config.toml - ${TMP_TEST_FOLDER}/gitaly/praefect-db.config.toml - - ${TMP_TEST_FOLDER}/gitaly/ruby/ policy: pull .go-pkg-cache: &go-pkg-cache @@ -138,14 +129,12 @@ .setup-test-env-cache: cache: - *ruby-gems-cache - - *gitaly-ruby-gems-cache - *gitaly-binaries-cache - *go-pkg-cache .setup-test-env-cache-push: cache: - *ruby-gems-cache-push - - *gitaly-ruby-gems-cache-push - *go-pkg-cache-push .gitaly-binaries-cache-push: @@ -160,7 +149,6 @@ .rails-cache: cache: - *ruby-gems-cache - - *gitaly-ruby-gems-cache .static-analysis-cache: cache: @@ -229,19 +217,11 @@ - *node-modules-cache # We don't push this cache as it's already rebuilt by `update-assets-compile-*-cache` - *storybook-node-modules-cache-push -.use-pg11: - services: - - name: postgres:11.6 - command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"] - - name: redis:5.0-alpine - variables: - POSTGRES_HOST_AUTH_METHOD: trust - PG_VERSION: "11" - .use-pg12: services: - - name: postgres:12 + - name: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images:postgres-12-pgvector-0.4.1 command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"] + alias: postgres - name: redis:6.0-alpine variables: POSTGRES_HOST_AUTH_METHOD: trust @@ -249,47 +229,61 @@ .use-pg13: services: - - name: postgres:13 + - name: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images:postgres-13-pgvector-0.4.1 command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"] + alias: postgres - name: redis:6.2-alpine variables: POSTGRES_HOST_AUTH_METHOD: trust PG_VERSION: "13" -.use-pg11-es7-ee: +.use-pg14: services: - - name: postgres:11.6 + - name: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images:postgres-14-pgvector-0.4.1 command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"] - - name: redis:5.0-alpine + alias: postgres + - name: redis:6.2-alpine + variables: + POSTGRES_HOST_AUTH_METHOD: trust + PG_VERSION: "14" + +.use-pg12-es7-ee: + services: + - name: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images:postgres-12-pgvector-0.4.1 + command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"] + alias: postgres + - name: redis:6.0-alpine - name: elasticsearch:7.17.6 command: ["elasticsearch", "-E", "discovery.type=single-node", "-E", "xpack.security.enabled=false"] - name: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images:zoekt-ci-image-1.0 alias: zoekt-ci-image variables: POSTGRES_HOST_AUTH_METHOD: trust - PG_VERSION: "11" + PG_VERSION: "12" ZOEKT_INDEX_BASE_URL: http://zoekt-ci-image:6060 ZOEKT_SEARCH_BASE_URL: http://zoekt-ci-image:6070 -.use-pg12-es7-ee: +.use-pg13-es7-ee: services: - - name: postgres:12 + - name: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images:postgres-13-pgvector-0.4.1 command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"] - - name: redis:6.0-alpine + alias: postgres + - name: redis:6.2-alpine - name: elasticsearch:7.17.6 command: ["elasticsearch", "-E", "discovery.type=single-node", "-E", "xpack.security.enabled=false"] - name: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images:zoekt-ci-image-1.0 alias: zoekt-ci-image variables: POSTGRES_HOST_AUTH_METHOD: trust - PG_VERSION: "12" + PG_VERSION: "13" ZOEKT_INDEX_BASE_URL: http://zoekt-ci-image:6060 ZOEKT_SEARCH_BASE_URL: http://zoekt-ci-image:6070 -.use-pg13-es7-ee: +.use-pg14-es7-ee: services: - - name: postgres:13 + - name: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images:postgres-14-pgvector-0.4.1 command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"] + alias: postgres - name: redis:6.2-alpine - name: elasticsearch:7.17.6 command: ["elasticsearch", "-E", "discovery.type=single-node", "-E", "xpack.security.enabled=false"] @@ -297,30 +291,49 @@ alias: zoekt-ci-image variables: POSTGRES_HOST_AUTH_METHOD: trust + PG_VERSION: "14" + ZOEKT_INDEX_BASE_URL: http://zoekt-ci-image:6060 + ZOEKT_SEARCH_BASE_URL: http://zoekt-ci-image:6070 + +.use-pg13-es8-ee: + services: + - name: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images:postgres-13-pgvector-0.4.1 + command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"] + alias: postgres + - name: redis:6.0-alpine + - name: elasticsearch:8.6.2 + - name: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images:zoekt-ci-image-1.0 + alias: zoekt-ci-image + variables: + POSTGRES_HOST_AUTH_METHOD: trust PG_VERSION: "13" + ES_SETTING_DISCOVERY_TYPE: "single-node" + ES_SETTING_XPACK_SECURITY_ENABLED: "false" ZOEKT_INDEX_BASE_URL: http://zoekt-ci-image:6060 ZOEKT_SEARCH_BASE_URL: http://zoekt-ci-image:6070 -.use-pg12-es8-ee: +.use-pg14-es8-ee: services: - - name: postgres:12 + - name: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images:postgres-14-pgvector-0.4.1 command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"] + alias: postgres - name: redis:6.0-alpine - - name: elasticsearch:8.5.3 + - name: elasticsearch:8.6.2 - name: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images:zoekt-ci-image-1.0 alias: zoekt-ci-image variables: POSTGRES_HOST_AUTH_METHOD: trust - PG_VERSION: "12" + PG_VERSION: "14" ES_SETTING_DISCOVERY_TYPE: "single-node" ES_SETTING_XPACK_SECURITY_ENABLED: "false" ZOEKT_INDEX_BASE_URL: http://zoekt-ci-image:6060 ZOEKT_SEARCH_BASE_URL: http://zoekt-ci-image:6070 -.use-pg12-opensearch1-ee: +.use-pg13-opensearch1-ee: services: - - name: postgres:12 + - name: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images:postgres-13-pgvector-0.4.1 command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"] + alias: postgres - name: redis:6.0-alpine - name: opensearchproject/opensearch:1.3.5 alias: elasticsearch @@ -329,14 +342,15 @@ alias: zoekt-ci-image variables: POSTGRES_HOST_AUTH_METHOD: trust - PG_VERSION: "12" + PG_VERSION: "13" ZOEKT_INDEX_BASE_URL: http://zoekt-ci-image:6060 ZOEKT_SEARCH_BASE_URL: http://zoekt-ci-image:6070 -.use-pg12-opensearch2-ee: +.use-pg13-opensearch2-ee: services: - - name: postgres:12 + - name: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images:postgres-13-pgvector-0.4.1 command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"] + alias: postgres - name: redis:6.0-alpine - name: opensearchproject/opensearch:2.2.1 alias: elasticsearch @@ -345,7 +359,41 @@ alias: zoekt-ci-image variables: POSTGRES_HOST_AUTH_METHOD: trust - PG_VERSION: "12" + PG_VERSION: "13" + ZOEKT_INDEX_BASE_URL: http://zoekt-ci-image:6060 + ZOEKT_SEARCH_BASE_URL: http://zoekt-ci-image:6070 + +.use-pg14-opensearch1-ee: + services: + - name: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images:postgres-14-pgvector-0.4.1 + command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"] + alias: postgres + - name: redis:6.0-alpine + - name: opensearchproject/opensearch:1.3.5 + alias: elasticsearch + command: ["bin/opensearch", "-E", "discovery.type=single-node", "-E", "plugins.security.disabled=true"] + - name: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images:zoekt-ci-image-1.0 + alias: zoekt-ci-image + variables: + POSTGRES_HOST_AUTH_METHOD: trust + PG_VERSION: "14" + ZOEKT_INDEX_BASE_URL: http://zoekt-ci-image:6060 + ZOEKT_SEARCH_BASE_URL: http://zoekt-ci-image:6070 + +.use-pg14-opensearch2-ee: + services: + - name: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images:postgres-14-pgvector-0.4.1 + command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"] + alias: postgres + - name: redis:6.0-alpine + - name: opensearchproject/opensearch:2.2.1 + alias: elasticsearch + command: ["bin/opensearch", "-E", "discovery.type=single-node", "-E", "plugins.security.disabled=true"] + - name: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images:zoekt-ci-image-1.0 + alias: zoekt-ci-image + variables: + POSTGRES_HOST_AUTH_METHOD: trust + PG_VERSION: "14" ZOEKT_INDEX_BASE_URL: http://zoekt-ci-image:6060 ZOEKT_SEARCH_BASE_URL: http://zoekt-ci-image:6070 @@ -376,7 +424,7 @@ .use-buildx: extends: .use-docker-in-docker - image: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images/debian-bullseye-slim:docker-${DOCKER_VERSION}-buildx-0.8 + image: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images/debian-bullseye-slim:docker-${DOCKER_VERSION} variables: QEMU_IMAGE: tonistiigi/binfmt:qemu-v7.0.0 before_script: @@ -389,7 +437,7 @@ docker run --rm --privileged ${QEMU_IMAGE} --uninstall qemu-*; docker run --rm --privileged ${QEMU_IMAGE} --install all; fi - - docker buildx create --use # creates and set's to active buildkit builder + - docker buildx create --use # creates and set's to active buildkit builder .use-kube-context: before_script: diff --git a/.gitlab/ci/memory.gitlab-ci.yml b/.gitlab/ci/memory.gitlab-ci.yml index 5d6b90d107d..afef2b11ee7 100644 --- a/.gitlab/ci/memory.gitlab-ci.yml +++ b/.gitlab/ci/memory.gitlab-ci.yml @@ -20,7 +20,7 @@ memory-on-boot: extends: - .only-code-memory-job-base - .production - - .use-pg12 + - .use-pg13 stage: test needs: ["setup-test-env", "compile-test-assets"] variables: diff --git a/.gitlab/ci/notify.gitlab-ci.yml b/.gitlab/ci/notify.gitlab-ci.yml index 20f19978022..1afc4eb8c97 100644 --- a/.gitlab/ci/notify.gitlab-ci.yml +++ b/.gitlab/ci/notify.gitlab-ci.yml @@ -3,70 +3,39 @@ dependencies: [] cache: {} -.notify-slack: +create-issues-for-failing-tests: extends: - .notify-defaults - image: ${GITLAB_DEPENDENCY_PROXY_ADDRESS}alpine/curl + - .notify:rules:create-issues-for-failing-tests + image: ${GITLAB_DEPENDENCY_PROXY_ADDRESS}ruby:${RUBY_VERSION} variables: - MERGE_REQUEST_URL: ${CI_MERGE_REQUEST_PROJECT_URL}/-/merge_requests/${CI_MERGE_REQUEST_IID} + FAILED_TESTS_DIR: "${CI_PROJECT_DIR}/tmp/failed_tests" + FAILING_ISSUES_PROJECT: "gitlab-org/quality/engineering-productivity/flaky-tests-playground" + FAILING_ISSUE_JSON_DIR: "${CI_PROJECT_DIR}/tmp/issues" before_script: - - apk update && apk add git bash - - echo "NOTIFY_CHANNEL is ${NOTIFY_CHANNEL}" - - echo "CI_PIPELINE_URL is ${CI_PIPELINE_URL}" - -notify-update-gitaly: - extends: - - .notify-slack - rules: - - if: '$CI_MERGE_REQUEST_SOURCE_BRANCH_NAME == $GITALY_UPDATE_BRANCH' - when: on_failure - allow_failure: true - variables: - NOTIFY_CHANNEL: g_gitaly - GITALY_UPDATE_BRANCH: release-tools/update-gitaly - script: - - scripts/slack ${NOTIFY_CHANNEL} "☠️ \`${GITALY_UPDATE_BRANCH}\` failed! ☠️ See ${CI_PIPELINE_URL} (triggered from ${MERGE_REQUEST_URL})" ci_failing "GitLab QA Bot" - -notify-security-pipeline: - extends: - - .notify-slack - - .delivery:rules:security-pipeline-merge-result-failure - variables: - NOTIFY_CHANNEL: f_upcoming_release + - source ./scripts/utils.sh + - source ./scripts/rspec_helpers.sh + - install_gitlab_gem script: - # <!subteam^S0127FU8PDE> mentions the `@release-managers` group - - scripts/slack ${NOTIFY_CHANNEL} "<!subteam^S0127FU8PDE> ☠️ Pipeline for merged result failed! ☠️ See ${CI_PIPELINE_URL} (triggered from ${MERGE_REQUEST_URL})" ci_failing "GitLab Release Tools Bot" + - mkdir -p "${FAILING_ISSUE_JSON_DIR}" + - retrieve_failed_tests "${FAILED_TESTS_DIR}" "json" "latest" + - scripts/pipeline/create_test_failure_issues.rb --project "${FAILING_ISSUES_PROJECT}" --tests-report-file "${FAILED_TESTS_DIR}/rspec_failed_tests.json" --issues-json-folder "${FAILING_ISSUE_JSON_DIR}" --api-token "${FAILING_ISSUES_PROJECT_TOKEN}" + - scripts/pipeline/create_test_failure_issues.rb --project "${FAILING_ISSUES_PROJECT}" --tests-report-file "${FAILED_TESTS_DIR}/rspec_ee_failed_tests.json" --issues-json-folder "${FAILING_ISSUE_JSON_DIR}" --api-token "${FAILING_ISSUES_PROJECT_TOKEN}" + artifacts: + paths: + - ${FAILED_TESTS_DIR}/ + - ${FAILING_ISSUE_JSON_DIR}/ + when: always + expire_in: 2 days -notify-pipeline-failure: +notify-package-and-test-failure: extends: - .notify-defaults - - .notify:rules:notify-pipeline-failure + - .notify:rules:notify-package-and-test-failure image: ${GITLAB_DEPENDENCY_PROXY_ADDRESS}ruby:${RUBY_VERSION} - variables: - INCIDENT_PROJECT: "${BROKEN_BRANCH_INCIDENTS_PROJECT}" - BROKEN_BRANCH_PROJECT_TOKEN: "${BROKEN_BRANCH_INCIDENTS_PROJECT_TOKEN}" - INCIDENT_JSON: "${CI_PROJECT_DIR}/incident.json" - SLACK_CHANNEL: "${NOTIFY_PIPELINE_FAILURE_CHANNEL}" - FAILED_PIPELINE_SLACK_MESSAGE_FILE: "${CI_PROJECT_DIR}/failed_pipeline_slack_message.json" before_script: - source scripts/utils.sh - - apt-get update && apt-get install -y jq + - apt-get update - install_gitlab_gem script: - - | - if [[ "${CREATE_INCIDENT_FOR_PIPELINE_FAILURE}" == "true" ]]; then - scripts/create-pipeline-failure-incident.rb -p ${INCIDENT_PROJECT} -f ${INCIDENT_JSON} -t ${BROKEN_BRANCH_PROJECT_TOKEN} || - scripts/slack ${SLACK_CHANNEL} "☠️ Broken pipeline incident creation failed! ☠️ See ${CI_JOB_URL}" ci_failing "Failed pipeline reporter"; - echosuccess "Created incident $(jq '.web_url' ${INCIDENT_JSON})"; - fi - - | - scripts/generate-failed-pipeline-slack-message.rb -i ${INCIDENT_JSON} -f ${FAILED_PIPELINE_SLACK_MESSAGE_FILE}; - curl -X POST -H 'Content-Type: application/json' --data @${FAILED_PIPELINE_SLACK_MESSAGE_FILE} "$CI_SLACK_WEBHOOK_URL" || - scripts/slack ${SLACK_CHANNEL} "☠️ Broken pipeline notification failed! ☠️ See ${CI_JOB_URL}" ci_failing "Failed pipeline reporter"; - - artifacts: - paths: - - ${INCIDENT_JSON} - - ${FAILED_PIPELINE_SLACK_MESSAGE_FILE} - when: always - expire_in: 2 days + - scripts/generate-failed-package-and-test-mr-message.rb diff --git a/.gitlab/ci/package-and-test-nightly/main.gitlab-ci.yml b/.gitlab/ci/package-and-test-nightly/main.gitlab-ci.yml new file mode 100644 index 00000000000..a5474d00cb6 --- /dev/null +++ b/.gitlab/ci/package-and-test-nightly/main.gitlab-ci.yml @@ -0,0 +1,87 @@ +include: + - local: .gitlab/ci/qa-common/main.gitlab-ci.yml + - local: .gitlab/ci/qa-common/rules.gitlab-ci.yml + - local: .gitlab/ci/qa-common/variables.gitlab-ci.yml + +workflow: + rules: + - if: '$CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH && $CI_PIPELINE_SOURCE == "schedule" && $SCHEDULE_TYPE == "nightly"' + +.ce: + variables: + RELEASE: ${REGISTRY_HOST}/${REGISTRY_GROUP}/build/omnibus-gitlab-mirror/gitlab-ce:${CI_COMMIT_SHA} + +.ee: + variables: + RELEASE: ${REGISTRY_HOST}/${REGISTRY_GROUP}/build/omnibus-gitlab-mirror/gitlab-ee:${CI_COMMIT_SHA} + +# ========================================== +# Prepare stage +# ========================================== +# TODO: enable once ee jobs are added +# trigger-omnibus-env: +# extends: +# - .trigger-omnibus-env + +trigger-omnibus-env-ce: + extends: + - .trigger-omnibus-env-ce + variables: + FOSS_ONLY: "1" # set FOSS_ONLY because we don't pass it via trigger job + +# TODO: enable once ee jobs are added +# trigger-omnibus: +# extends: +# - .trigger-omnibus +# needs: +# - trigger-omnibus-env + +trigger-omnibus-ce: + extends: + - .trigger-omnibus-ce + needs: + - trigger-omnibus-env-ce + +# TODO: enable when first parallel job is added +# download-knapsack-report: +# extends: +# - .download-knapsack-report +# - .rules:download-knapsack + +# ========================================== +# Test stage +# ========================================== +update-ee-to-ce: + extends: + - .qa + - .update-script + - .ce + variables: + UPDATE_TYPE: minor + UPDATE_FROM_EDITION: ee + QA_RSPEC_TAGS: --tag smoke + +# ========================================== +# Post test stage +# ========================================== +e2e-test-report: + extends: + - .e2e-test-report + +# TODO: enable when first parallel job is added +# upload-knapsack-report: +# extends: +# - .upload-knapsack-report +# - .rules:report:process-results + +export-test-metrics: + extends: + - .export-test-metrics + +relate-test-failures: + extends: + - .relate-test-failures + +notify-slack: + extends: + - .notify-slack diff --git a/.gitlab/ci/package-and-test/main.gitlab-ci.yml b/.gitlab/ci/package-and-test/main.gitlab-ci.yml index b1c04ba8a1c..e90c0bbc7c4 100644 --- a/.gitlab/ci/package-and-test/main.gitlab-ci.yml +++ b/.gitlab/ci/package-and-test/main.gitlab-ci.yml @@ -1,73 +1,9 @@ # E2E tests pipeline loaded dynamically by script: scripts/generate-e2e-pipeline # For adding new tests, refer to: doc/development/testing_guide/end_to_end/package_and_test_pipeline.md - -default: - interruptible: true - include: - - local: .gitlab/ci/package-and-test/rules.gitlab-ci.yml - - local: .gitlab/ci/package-and-test/variables.gitlab-ci.yml - - project: gitlab-org/quality/pipeline-common - ref: 2.0.0 - file: - - /ci/base.gitlab-ci.yml - - /ci/allure-report.yml - - /ci/knapsack-report.yml - -stages: - - test - - report - - notify - -# ========================================== -# Templates -# ========================================== -.parallel: - parallel: 5 - variables: - QA_KNAPSACK_REPORT_PATH: $CI_PROJECT_DIR/qa/knapsack - -.ruby-image: - # Because this pipeline template can be included directly in other projects, - # image path and registry needs to be defined explicitly - image: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images/debian-bullseye-ruby-${RUBY_VERSION}:bundler-2.3 - -.qa-install: - variables: - BUNDLE_SUPPRESS_INSTALL_USING_MESSAGES: "true" - BUNDLE_SILENCE_ROOT_WARNING: "true" - extends: - - .gitlab-qa-install - -.update-script: - script: - - export QA_COMMAND="bundle exec gitlab-qa Test::Omnibus::UpdateFromPrevious $RELEASE $GITLAB_VERSION $UPDATE_TYPE -- $QA_RSPEC_TAGS $RSPEC_REPORT_OPTS" - - echo "Running - '$QA_COMMAND'" - - eval "$QA_COMMAND" - -.qa: - extends: - - .qa-base - - .qa-install - - .gitlab-qa-report - stage: test - tags: - - e2e - needs: - - job: trigger-omnibus - optional: true - - job: download-knapsack-report - artifacts: true - optional: true - variables: - QA_GENERATE_ALLURE_REPORT: "true" - QA_CAN_TEST_PRAEFECT: "false" - QA_INTERCEPT_REQUESTS: "true" - QA_RUN_TYPE: e2e-package-and-test - EE_LICENSE: $QA_EE_LICENSE - GITHUB_ACCESS_TOKEN: $QA_GITHUB_ACCESS_TOKEN - GITLAB_QA_ADMIN_ACCESS_TOKEN: $QA_ADMIN_ACCESS_TOKEN - GITLAB_LICENSE_MODE: test + - local: .gitlab/ci/qa-common/main.gitlab-ci.yml + - local: .gitlab/ci/qa-common/rules.gitlab-ci.yml + - local: .gitlab/ci/qa-common/variables.gitlab-ci.yml # ========================================== # Prepare stage @@ -84,103 +20,34 @@ check-release-set: echo "Omnibus installation image is set to '$RELEASE'" fi -dont-interrupt-me: - extends: .rules:dont-interrupt - stage: .pre - interruptible: false - script: - - echo "This jobs makes sure this pipeline won't be interrupted! See https://docs.gitlab.com/ee/ci/yaml/#interruptible." - trigger-omnibus-env: extends: + - .trigger-omnibus-env - .rules:omnibus-build - stage: .pre - needs: - # We need this job because we need its `cached-assets-hash.txt` artifact, so that we can pass the assets image tag to the downstream omnibus-gitlab pipeline. - - pipeline: $PARENT_PIPELINE_ID - job: build-assets-image - variables: - BUILD_ENV: build.env - before_script: - - | - # This is duplicating the function from `scripts/utils.sh` since `.gitlab/ci/package-and-test/main.gitlab-ci.yml` can be included in other projects. - function assets_image_tag() { - local cache_assets_hash_file="cached-assets-hash.txt" - - if [[ -n "${CI_COMMIT_TAG}" ]]; then - echo -n "${CI_COMMIT_REF_NAME}" - elif [[ -f "${cache_assets_hash_file}" ]]; then - echo -n "assets-hash-$(cat ${cache_assets_hash_file} | cut -c1-10)" - else - echo -n "${CI_COMMIT_SHA}" - fi - } - script: - - | - SECURITY_SOURCES=$([[ ! "$CI_PROJECT_NAMESPACE" =~ ^gitlab-org\/security ]] || echo "true") - echo "SECURITY_SOURCES=${SECURITY_SOURCES:-false}" > $BUILD_ENV - echo "OMNIBUS_GITLAB_CACHE_UPDATE=${OMNIBUS_GITLAB_CACHE_UPDATE:-false}" >> $BUILD_ENV - for version_file in *_VERSION; do echo "$version_file=$(cat $version_file)" >> $BUILD_ENV; done - echo "OMNIBUS_GITLAB_RUBY3_BUILD=${OMNIBUS_GITLAB_RUBY3_BUILD:-false}" >> $BUILD_ENV - echo "OMNIBUS_GITLAB_CACHE_EDITION=${OMNIBUS_GITLAB_CACHE_EDITION:-GITLAB}" >> $BUILD_ENV - echo "GITLAB_ASSETS_TAG=$(assets_image_tag)" >> $BUILD_ENV - echo "EE=$([[ $FOSS_ONLY == '1' ]] && echo 'false' || echo 'true')" >> $BUILD_ENV - target_branch_name="${CI_MERGE_REQUEST_TARGET_BRANCH_NAME:-${CI_COMMIT_REF_NAME}}" - echo "TRIGGER_BRANCH=$([[ "${target_branch_name}" =~ ^[0-9-]+-stable(-ee)?$ ]] && echo ${target_branch_name%-ee} || echo 'master')" >> $BUILD_ENV - echo "Built environment file for omnibus build:" - cat $BUILD_ENV - artifacts: - reports: - dotenv: $BUILD_ENV + +trigger-omnibus-env-ce: + extends: + - .trigger-omnibus-env-ce + - .rules:omnibus-build-ce trigger-omnibus: - extends: .rules:omnibus-build - stage: .pre + extends: + - .trigger-omnibus + - .rules:omnibus-build needs: - trigger-omnibus-env - inherit: - variables: false - variables: - GITALY_SERVER_VERSION: $GITALY_SERVER_VERSION - GITLAB_ELASTICSEARCH_INDEXER_VERSION: $GITLAB_ELASTICSEARCH_INDEXER_VERSION - GITLAB_KAS_VERSION: $GITLAB_KAS_VERSION - GITLAB_METRICS_EXPORTER_VERSION: $GITLAB_METRICS_EXPORTER_VERSION - GITLAB_PAGES_VERSION: $GITLAB_PAGES_VERSION - GITLAB_SHELL_VERSION: $GITLAB_SHELL_VERSION - GITLAB_WORKHORSE_VERSION: $GITLAB_WORKHORSE_VERSION - GITLAB_VERSION: $CI_COMMIT_SHA - GITLAB_ASSETS_TAG: $GITLAB_ASSETS_TAG - IMAGE_TAG: $CI_COMMIT_SHA - TOP_UPSTREAM_SOURCE_PROJECT: $CI_PROJECT_PATH - SECURITY_SOURCES: $SECURITY_SOURCES - CACHE_UPDATE: $OMNIBUS_GITLAB_CACHE_UPDATE - RUBY3_BUILD: $OMNIBUS_GITLAB_RUBY3_BUILD - CACHE_EDITION: $OMNIBUS_GITLAB_CACHE_EDITION - SKIP_QA_DOCKER: "true" - SKIP_QA_TEST: "true" - ee: $EE - trigger: - project: gitlab-org/build/omnibus-gitlab-mirror - branch: $TRIGGER_BRANCH - strategy: depend + +trigger-omnibus-ce: + extends: + - .trigger-omnibus-ce + - .rules:omnibus-build-ce + needs: + - trigger-omnibus-env-ce download-knapsack-report: extends: - - .gitlab-qa-image + - .download-knapsack-report - .rules:download-knapsack - stage: .pre - variables: - KNAPSACK_DIR: ${CI_PROJECT_DIR}/qa/knapsack - GIT_STRATEGY: none - script: - # when using qa-image, code runs in /home/gitlab/qa folder - - bundle exec rake "knapsack:download[test]" - - mkdir -p "$KNAPSACK_DIR" && cp knapsack/*.json "${KNAPSACK_DIR}/" - allow_failure: true - artifacts: - paths: - - qa/knapsack/*.json - expire_in: 1 day cache-gems: extends: @@ -206,7 +73,7 @@ cache-gems: # Run manual quarantine job # this job requires passing QA_SCENARIO variable # and optionally QA_TESTS to run specific quarantined tests -_ee:quarantine: +_quarantine: extends: - .qa - .rules:test:manual @@ -222,7 +89,7 @@ _ee:quarantine: # ------------------------------------------ # Run specs with feature flags set to the opposite of the default state -ee:instance-ff-inverse: +instance-ff-inverse: extends: - .qa - .parallel @@ -236,23 +103,23 @@ ee:instance-ff-inverse: # ------------------------------------------ # Jobs with parallel variant # ------------------------------------------ -ee:instance-selective: +instance-selective: extends: .qa variables: QA_SCENARIO: Test::Instance::Image rules: - !reference [.rules:test:qa-selective, rules] - if: $QA_SUITES =~ /Test::Instance::All/ -ee:instance: +instance: extends: - .parallel - - ee:instance-selective + - instance-selective rules: - - !reference [.rules:test:feature-flags-set, rules] # always run ee:instance to validate ff change + - !reference [.rules:test:feature-flags-set, rules] # always run instance to validate ff change - !reference [.rules:test:qa-parallel, rules] - if: $QA_SUITES =~ /Test::Instance::All/ -ee:praefect-selective: +praefect-selective: extends: .qa variables: QA_SCENARIO: Test::Integration::Praefect @@ -260,117 +127,117 @@ ee:praefect-selective: rules: - !reference [.rules:test:qa-selective, rules] - if: $QA_SUITES =~ /Test::Instance::All/ -ee:praefect: +praefect: extends: - .parallel - - ee:praefect-selective + - praefect-selective rules: - !reference [.rules:test:qa-parallel, rules] - if: $QA_SUITES =~ /Test::Instance::All/ -ee:relative-url-selective: +relative-url-selective: extends: .qa variables: QA_SCENARIO: Test::Instance::RelativeUrl rules: - !reference [.rules:test:qa-selective, rules] - if: $QA_SUITES =~ /Test::Instance::All/ -ee:relative-url: +relative-url: extends: - .parallel - - ee:relative-url-selective + - relative-url-selective rules: - !reference [.rules:test:qa-parallel, rules] - if: $QA_SUITES =~ /Test::Instance::All/ -ee:decomposition-single-db-selective: +decomposition-single-db-selective: extends: .qa variables: QA_SCENARIO: Test::Instance::Image - GITLAB_QA_OPTS: --omnibus-config decomposition_single_db + GITLAB_QA_OPTS: --omnibus-config decomposition_single_db $EXTRA_GITLAB_QA_OPTS rules: - !reference [.rules:test:qa-selective, rules] - if: $QA_SUITES =~ /Test::Instance::All/ -ee:decomposition-single-db: +decomposition-single-db: extends: - .parallel - - ee:decomposition-single-db-selective + - decomposition-single-db-selective rules: - !reference [.rules:test:qa-parallel, rules] - if: $QA_SUITES =~ /Test::Instance::All/ -ee:decomposition-multiple-db-selective: +decomposition-multiple-db-selective: extends: .qa variables: QA_SCENARIO: Test::Instance::Image GITLAB_ALLOW_SEPARATE_CI_DATABASE: "true" - GITLAB_QA_OPTS: --omnibus-config decomposition_multiple_db + GITLAB_QA_OPTS: --omnibus-config decomposition_multiple_db $EXTRA_GITLAB_QA_OPTS rules: - !reference [.rules:test:qa-selective, rules] - if: $QA_SUITES =~ /Test::Instance::All/ -ee:decomposition-multiple-db: +decomposition-multiple-db: extends: - .parallel - - ee:decomposition-multiple-db-selective + - decomposition-multiple-db-selective rules: - !reference [.rules:test:qa-parallel, rules] - if: $QA_SUITES =~ /Test::Instance::All/ -ee:object-storage-selective: +object-storage-selective: extends: .qa variables: QA_SCENARIO: Test::Instance::Image QA_RSPEC_TAGS: --tag object_storage - GITLAB_QA_OPTS: --omnibus-config object_storage + GITLAB_QA_OPTS: --omnibus-config object_storage $EXTRA_GITLAB_QA_OPTS rules: - !reference [.rules:test:qa-selective, rules] - if: $QA_SUITES =~ /Test::Instance::ObjectStorage/ -ee:object-storage: - extends: ee:object-storage-selective +object-storage: + extends: object-storage-selective parallel: 2 rules: - !reference [.rules:test:qa-parallel, rules] - if: $QA_SUITES =~ /Test::Instance::ObjectStorage/ -ee:object-storage-aws-selective: - extends: ee:object-storage-selective +object-storage-aws-selective: + extends: object-storage-selective variables: AWS_S3_ACCESS_KEY: $QA_AWS_S3_ACCESS_KEY AWS_S3_BUCKET_NAME: $QA_AWS_S3_BUCKET_NAME AWS_S3_KEY_ID: $QA_AWS_S3_KEY_ID AWS_S3_REGION: $QA_AWS_S3_REGION - GITLAB_QA_OPTS: --omnibus-config object_storage_aws -ee:object-storage-aws: - extends: ee:object-storage-aws-selective + GITLAB_QA_OPTS: --omnibus-config object_storage_aws $EXTRA_GITLAB_QA_OPTS +object-storage-aws: + extends: object-storage-aws-selective parallel: 2 rules: - - !reference [ee:object-storage, rules] + - !reference [object-storage, rules] -ee:object-storage-gcs-selective: - extends: ee:object-storage-selective +object-storage-gcs-selective: + extends: object-storage-selective variables: GCS_BUCKET_NAME: $QA_GCS_BUCKET_NAME GOOGLE_PROJECT: $QA_GOOGLE_PROJECT GOOGLE_JSON_KEY: $QA_GOOGLE_JSON_KEY GOOGLE_CLIENT_EMAIL: $QA_GOOGLE_CLIENT_EMAIL - GITLAB_QA_OPTS: --omnibus-config object_storage_gcs -ee:object-storage-gcs: - extends: ee:object-storage-gcs-selective + GITLAB_QA_OPTS: --omnibus-config object_storage_gcs $EXTRA_GITLAB_QA_OPTS +object-storage-gcs: + extends: object-storage-gcs-selective parallel: 2 rules: - - !reference [ee:object-storage, rules] + - !reference [object-storage, rules] -ee:packages-selective: +packages-selective: extends: .qa variables: QA_SCENARIO: Test::Instance::Image QA_RSPEC_TAGS: --tag packages - GITLAB_QA_OPTS: --omnibus-config packages + GITLAB_QA_OPTS: --omnibus-config packages $EXTRA_GITLAB_QA_OPTS rules: - !reference [.rules:test:qa-selective, rules] - if: $QA_SUITES =~ /Test::Instance::Packages/ -ee:packages: - extends: ee:packages-selective +packages: + extends: packages-selective parallel: 2 rules: - !reference [.rules:test:qa-parallel, rules] @@ -379,7 +246,7 @@ ee:packages: # ------------------------------------------ # Non parallel jobs # ------------------------------------------ -ee:update-minor: +update-minor: extends: - .qa - .update-script @@ -391,7 +258,7 @@ ee:update-minor: - if: $QA_SUITES =~ /Test::Instance::Smoke/ - !reference [.rules:test:manual, rules] -ee:update-major: +update-major: extends: - .qa - .update-script @@ -403,7 +270,7 @@ ee:update-major: - if: $QA_SUITES =~ /Test::Instance::Smoke/ - !reference [.rules:test:manual, rules] -ee:gitlab-pages: +gitlab-pages: extends: .qa variables: QA_SCENARIO: Test::Integration::GitlabPages @@ -412,7 +279,7 @@ ee:gitlab-pages: - if: $QA_SUITES =~ /Test::Instance::GitlabPages/ - !reference [.rules:test:manual, rules] -ee:gitaly-cluster: +gitaly-cluster: extends: .qa variables: QA_SCENARIO: Test::Integration::GitalyCluster @@ -421,16 +288,26 @@ ee:gitaly-cluster: - if: $QA_SUITES =~ /Test::Integration::GitalyCluster/ - !reference [.rules:test:manual, rules] -ee:group-saml: +group-saml: extends: .qa variables: QA_SCENARIO: Test::Integration::GroupSAML rules: + - !reference [.rules:test:ee-only, rules] - !reference [.rules:test:qa, rules] - if: $QA_SUITES =~ /Test::Integration::GroupSAML/ - !reference [.rules:test:manual, rules] -ee:instance-saml: +oauth: + extends: .qa + variables: + QA_SCENARIO: Test::Integration::OAuth + rules: + - !reference [.rules:test:qa-default-branch, rules] + - if: $QA_SUITES =~ /Test::Integration::OAuth/ + - !reference [.rules:test:manual, rules] + +instance-saml: extends: .qa variables: QA_SCENARIO: Test::Integration::InstanceSAML @@ -439,18 +316,16 @@ ee:instance-saml: - if: $QA_SUITES =~ /Test::Integration::InstanceSAML/ - !reference [.rules:test:manual, rules] -ee:jira: +jira: extends: .qa variables: QA_SCENARIO: Test::Integration::Jira - JIRA_ADMIN_USERNAME: $QA_JIRA_ADMIN_USERNAME - JIRA_ADMIN_PASSWORD: $QA_JIRA_ADMIN_PASSWORD rules: - !reference [.rules:test:qa, rules] - if: $QA_SUITES =~ /Test::Integration::Jira/ - !reference [.rules:test:manual, rules] -ee:integrations: +integrations: extends: .qa variables: QA_SCENARIO: Test::Integration::Integrations @@ -459,7 +334,7 @@ ee:integrations: - if: $QA_SUITES =~ /Test::Integration::Integrations/ - !reference [.rules:test:manual, rules] -ee:ldap-no-server: +ldap-no-server: extends: .qa variables: QA_SCENARIO: Test::Integration::LDAPNoServer @@ -468,7 +343,7 @@ ee:ldap-no-server: - if: $QA_SUITES =~ /Test::Integration::LDAPNoServer/ - !reference [.rules:test:manual, rules] -ee:ldap-tls: +ldap-tls: extends: .qa variables: QA_SCENARIO: Test::Integration::LDAPTLS @@ -477,7 +352,7 @@ ee:ldap-tls: - if: $QA_SUITES =~ /Test::Integration::LDAPTLS/ - !reference [.rules:test:manual, rules] -ee:ldap-no-tls: +ldap-no-tls: extends: .qa variables: QA_SCENARIO: Test::Integration::LDAPNoTLS @@ -486,7 +361,7 @@ ee:ldap-no-tls: - if: $QA_SUITES =~ /Test::Integration::LDAPNoTLS/ - !reference [.rules:test:manual, rules] -ee:mtls: +mtls: extends: .qa variables: QA_SCENARIO: Test::Integration::MTLS @@ -495,7 +370,7 @@ ee:mtls: - if: $QA_SUITES =~ /Test::Integration::Mtls/ - !reference [.rules:test:manual, rules] -ee:mattermost: +mattermost: extends: .qa variables: QA_SCENARIO: Test::Integration::Mattermost @@ -504,7 +379,7 @@ ee:mattermost: - if: $QA_SUITES =~ /Test::Integration::Mattermost/ - !reference [.rules:test:manual, rules] -ee:registry: +registry: extends: .qa variables: QA_SCENARIO: Test::Integration::Registry @@ -513,7 +388,7 @@ ee:registry: - if: $QA_SUITES =~ /Test::Integration::Registry/ - !reference [.rules:test:manual, rules] -ee:registry-with-cdn: +registry-with-cdn: extends: .qa variables: QA_SCENARIO: Test::Integration::RegistryWithCDN @@ -530,7 +405,7 @@ ee:registry-with-cdn: - if: $QA_SUITES =~ /Test::Integration::RegistryWithCDN/ - !reference [.rules:test:manual, rules] -ee:repository-storage: +repository-storage: extends: .qa variables: QA_SCENARIO: Test::Instance::RepositoryStorage @@ -539,7 +414,7 @@ ee:repository-storage: - if: $QA_SUITES =~ /Test::Instance::RepositoryStorage/ - !reference [.rules:test:manual, rules] -ee:service-ping-disabled: +service-ping-disabled: extends: .qa variables: QA_SCENARIO: Test::Integration::ServicePingDisabled @@ -548,7 +423,7 @@ ee:service-ping-disabled: - if: $QA_SUITES =~ /Test::Integration::ServicePingDisabled/ - !reference [.rules:test:manual, rules] -ee:smtp: +smtp: extends: .qa variables: QA_SCENARIO: Test::Integration::SMTP @@ -557,7 +432,7 @@ ee:smtp: - if: $QA_SUITES =~ /Test::Integration::SMTP/ - !reference [.rules:test:manual, rules] -ee:cloud-activation: +cloud-activation: extends: .qa variables: QA_SCENARIO: Test::Instance::Image @@ -567,7 +442,7 @@ ee:cloud-activation: - if: $QA_SUITES =~ /Test::Instance::CloudActivation/ - !reference [.rules:test:manual, rules] -ee:large-setup: +large-setup: extends: .qa variables: QA_SCENARIO: Test::Instance::Image @@ -577,7 +452,7 @@ ee:large-setup: - if: $QA_SUITES =~ /Test::Instance::LargeSetup/ - !reference [.rules:test:manual, rules] -ee:metrics: +metrics: extends: .qa variables: QA_SCENARIO: Test::Integration::Metrics @@ -586,31 +461,31 @@ ee:metrics: - if: $QA_SUITES =~ /Test::Instance::Metrics/ - !reference [.rules:test:manual, rules] -ee:elasticsearch: +elasticsearch: extends: .qa variables: QA_SCENARIO: "Test::Integration::Elasticsearch" before_script: - !reference [.qa, before_script] rules: + - !reference [.rules:test:ee-only, rules] - !reference [.rules:test:qa, rules] - if: $QA_SUITES =~ /Test::Integration::Elasticsearch/ - !reference [.rules:test:manual, rules] -ee:registry-object-storage-tls: - extends: ee:object-storage-aws-selective +registry-object-storage-tls: + extends: object-storage-aws-selective variables: QA_SCENARIO: Test::Integration::RegistryTLS QA_RSPEC_TAGS: "" GITLAB_TLS_CERTIFICATE: $QA_GITLAB_TLS_CERTIFICATE - GITLAB_QA_OPTS: --omnibus-config registry_object_storage + GITLAB_QA_OPTS: --omnibus-config registry_object_storage $EXTRA_GITLAB_QA_OPTS -ee:importers: +importers: extends: .qa variables: QA_SCENARIO: Test::Integration::Import QA_MOCK_GITHUB: "true" - GITLAB_QA_OPTS: --set-feature-flags bulk_import_projects=enabled rules: - !reference [.rules:test:qa, rules] - if: $QA_SUITES =~ /Test::Integration::Import/ @@ -621,89 +496,30 @@ ee:importers: # ========================================== e2e-test-report: extends: - - .generate-allure-report-base + - .e2e-test-report - .rules:report:allure-report - stage: report - variables: - GITLAB_AUTH_TOKEN: $PROJECT_TOKEN_FOR_CI_SCRIPTS_API_USAGE - ALLURE_PROJECT_PATH: $CI_PROJECT_PATH - ALLURE_MERGE_REQUEST_IID: $CI_MERGE_REQUEST_IID - ALLURE_JOB_NAME: e2e-package-and-test - GIT_STRATEGY: none upload-knapsack-report: extends: - - .generate-knapsack-report-base - - .qa-install - - .ruby-image + - .upload-knapsack-report - .rules:report:process-results - stage: report - when: always export-test-metrics: extends: - - .qa-install - - .ruby-image + - .export-test-metrics - .rules:report:process-results - stage: report - when: always - script: - - bundle exec rake "ci:export_test_metrics[$CI_PROJECT_DIR/gitlab-qa-run-*/**/test-metrics-*.json]" relate-test-failures: extends: - - .qa-install - - .ruby-image + - .relate-test-failures - .rules:report:process-results - stage: report - variables: - QA_FAILURES_REPORTING_PROJECT: gitlab-org/gitlab - QA_FAILURES_MAX_DIFF_RATIO: "0.15" - GITLAB_QA_ACCESS_TOKEN: $QA_GITLAB_CI_TOKEN - when: on_failure - script: - - | - bundle exec gitlab-qa-report \ - --relate-failure-issue "$CI_PROJECT_DIR/gitlab-qa-run-*/**/rspec-*.json" \ - --project "$QA_FAILURES_REPORTING_PROJECT" \ - --max-diff-ratio "$QA_FAILURES_MAX_DIFF_RATIO" generate-test-session: extends: - - .qa-install - - .ruby-image + - .generate-test-session - .rules:report:process-results - stage: report - variables: - QA_TESTCASE_SESSIONS_PROJECT: gitlab-org/quality/testcase-sessions - GITLAB_QA_ACCESS_TOKEN: $QA_TEST_SESSION_TOKEN - GITLAB_CI_API_TOKEN: $QA_GITLAB_CI_TOKEN - when: always - script: - - | - bundle exec gitlab-qa-report \ - --generate-test-session "$CI_PROJECT_DIR/gitlab-qa-run-*/**/rspec-*.json" \ - --project "$QA_TESTCASE_SESSIONS_PROJECT" - artifacts: - when: always - expire_in: 1d - paths: - - qa/REPORT_ISSUE_URL notify-slack: extends: - - .notify-slack-qa - - .qa-install - - .ruby-image + - .notify-slack - .rules:report:process-results - stage: notify - variables: - ALLURE_JOB_NAME: e2e-package-and-test - SLACK_ICON_EMOJI: ci_failing - STATUS_SYM: ☠️ - STATUS: failed - TYPE: "(package-and-test) " - when: on_failure - script: - - bundle exec gitlab-qa-report --prepare-stage-reports "$CI_PROJECT_DIR/gitlab-qa-run-*/**/rspec-*.xml" # generate summary - - !reference [.notify-slack-qa, script] diff --git a/.gitlab/ci/preflight.gitlab-ci.yml b/.gitlab/ci/preflight.gitlab-ci.yml index 05b05fde53b..e477466e5f3 100644 --- a/.gitlab/ci/preflight.gitlab-ci.yml +++ b/.gitlab/ci/preflight.gitlab-ci.yml @@ -1,14 +1,66 @@ -rails-production-environment: +.preflight-job-base: + stage: preflight + extends: + - .default-retry + needs: [] + +.qa-preflight-job: + image: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images/debian-bullseye-ruby-${RUBY_VERSION}:bundler-2.3-chrome-${CHROME_VERSION}-docker-${DOCKER_VERSION} extends: + - .preflight-job-base + - .qa-cache + variables: + USE_BUNDLE_INSTALL: "false" + SETUP_DB: "false" + before_script: + - !reference [.default-before_script, before_script] + - cd qa && bundle install + +rails-production-server-boot: + extends: + - .preflight-job-base - .default-before_script - .production - .ruby-cache - - .setup:rules:rails-production-environment - - .use-pg12 - stage: preflight + - .setup:rules:rails-production-server-boot + - .use-pg13 variables: BUNDLE_WITHOUT: "development:test" BUNDLE_WITH: "production" needs: [] script: - - bundle exec rails runner --environment=production 'puts Rails.env' + - source scripts/utils.sh + - cp config/puma.rb.example config/puma.rb + - sed --in-place "s:/home/git/gitlab:${PWD}:" config/puma.rb + - echo 'bind "tcp://127.0.0.1:3000"' >> config/puma.rb + - bundle exec puma --environment production --config config/puma.rb & + - sleep 40 # See https://gitlab.com/gitlab-org/gitlab/-/merge_requests/114124#note_1309506358 + - retry_times_sleep 10 5 "curl http://127.0.0.1:3000" + - kill $(jobs -p) + +no-ee-check: + extends: + - .preflight-job-base + - .setup:rules:no-ee-check + script: + - scripts/no-dir-check ee + +no-jh-check: + extends: + - .preflight-job-base + - .setup:rules:no-jh-check + script: + - scripts/no-dir-check jh + +qa:selectors: + extends: + - .qa-preflight-job + - .qa:rules:ee-and-foss + script: + - bundle exec bin/qa Test::Sanity::Selectors + +qa:selectors-as-if-foss: + extends: + - qa:selectors + - .qa:rules:as-if-foss + - .as-if-foss diff --git a/.gitlab/ci/qa-common/main.gitlab-ci.yml b/.gitlab/ci/qa-common/main.gitlab-ci.yml new file mode 100644 index 00000000000..21fd7c77573 --- /dev/null +++ b/.gitlab/ci/qa-common/main.gitlab-ci.yml @@ -0,0 +1,280 @@ +default: + interruptible: true + +workflow: + name: $PIPELINE_NAME + +include: + - project: gitlab-org/quality/pipeline-common + ref: 3.1.5 + file: + - /ci/base.gitlab-ci.yml + - /ci/allure-report.yml + - /ci/knapsack-report.yml + +stages: + - test + - report + - notify + +# ========================================== +# Templates +# ========================================== +.parallel: + parallel: 5 + variables: + QA_KNAPSACK_REPORT_PATH: $CI_PROJECT_DIR/qa/knapsack + +.ruby-image: + # Because this pipeline template can be included directly in other projects, + # image path and registry needs to be defined explicitly + image: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images/debian-bullseye-ruby-${RUBY_VERSION}:bundler-2.3 + +.qa-install: + variables: + BUNDLE_SUPPRESS_INSTALL_USING_MESSAGES: "true" + BUNDLE_SILENCE_ROOT_WARNING: "true" + extends: + - .gitlab-qa-install + +.update-script: + script: + - !reference [.bundle-prefix] + - export QA_COMMAND="$BUNDLE_PREFIX gitlab-qa Test::Omnibus::UpdateFromPrevious $RELEASE $GITLAB_SEMVER_VERSION $UPDATE_TYPE $UPDATE_FROM_EDITION -- $QA_RSPEC_TAGS $RSPEC_REPORT_OPTS" + - echo "Running - '$QA_COMMAND'" + - eval "$QA_COMMAND" + +.qa: + extends: + - .qa-base + - .qa-install + - .gitlab-qa-report + stage: test + tags: + - e2e + variables: + QA_GENERATE_ALLURE_REPORT: "true" + QA_CAN_TEST_PRAEFECT: "false" + QA_INTERCEPT_REQUESTS: "true" + GITLAB_LICENSE_MODE: test + GITLAB_QA_ADMIN_ACCESS_TOKEN: $QA_ADMIN_ACCESS_TOKEN + GITLAB_QA_OPTS: $EXTRA_GITLAB_QA_OPTS + # todo: remove in 16.1 milestone when not needed for backwards compatibility anymore + EE_LICENSE: $QA_EE_LICENSE + GITHUB_ACCESS_TOKEN: $QA_GITHUB_ACCESS_TOKEN + # Allow QA jobs to fail as they are flaky. The top level `package-and-e2e:ee` + # pipeline is not allowed to fail, so without allowing QA to fail, we will be + # blocking merges due to flaky tests. + allow_failure: true + +.trigger-omnibus-env: + stage: .pre + needs: + # We need this job because we need its `cached-assets-hash.txt` artifact, so that we can pass the assets image tag to the downstream omnibus-gitlab pipeline. + - pipeline: $PARENT_PIPELINE_ID + job: build-assets-image + variables: + BUILD_ENV: build.env + before_script: + - | + # This is duplicating the function from `scripts/utils.sh` since `.gitlab/ci/package-and-test/main.gitlab-ci.yml` can be included in other projects. + function assets_image_tag() { + local cache_assets_hash_file="cached-assets-hash.txt" + + if [[ -n "${CI_COMMIT_TAG}" ]]; then + echo -n "${CI_COMMIT_REF_NAME}" + elif [[ -f "${cache_assets_hash_file}" ]]; then + echo -n "assets-hash-$(cat ${cache_assets_hash_file} | cut -c1-10)" + else + echo -n "${CI_COMMIT_SHA}" + fi + } + script: + - | + SECURITY_SOURCES=$([[ ! "$CI_PROJECT_NAMESPACE" =~ ^gitlab-org\/security ]] || echo "true") + echo "SECURITY_SOURCES=${SECURITY_SOURCES:-false}" > $BUILD_ENV + echo "OMNIBUS_GITLAB_CACHE_UPDATE=${OMNIBUS_GITLAB_CACHE_UPDATE:-false}" >> $BUILD_ENV + for version_file in *_VERSION; do echo "$version_file=$(cat $version_file)" >> $BUILD_ENV; done + echo "OMNIBUS_GITLAB_RUBY3_BUILD=${OMNIBUS_GITLAB_RUBY3_BUILD:-false}" >> $BUILD_ENV + echo "OMNIBUS_GITLAB_RUBY2_BUILD=${OMNIBUS_GITLAB_RUBY2_BUILD:-false}" >> $BUILD_ENV + echo "OMNIBUS_GITLAB_CACHE_EDITION=${OMNIBUS_GITLAB_CACHE_EDITION:-GITLAB}" >> $BUILD_ENV + echo "OMNIBUS_GITLAB_BUILD_ON_ALL_OS=${OMNIBUS_GITLAB_BUILD_ON_ALL_OS:-false}" >> $BUILD_ENV + echo "GITLAB_ASSETS_TAG=$(assets_image_tag)" >> $BUILD_ENV + echo "EE=$([[ $FOSS_ONLY == '1' ]] && echo 'false' || echo 'true')" >> $BUILD_ENV + target_branch_name="${CI_MERGE_REQUEST_TARGET_BRANCH_NAME:-${CI_COMMIT_REF_NAME}}" + echo "TRIGGER_BRANCH=$([[ "${target_branch_name}" =~ ^[0-9-]+-stable(-ee)?$ ]] && echo ${target_branch_name%-ee} || echo 'master')" >> $BUILD_ENV + - | + echo "Built environment file for omnibus build:" + cat $BUILD_ENV + artifacts: + expire_in: 3 days + reports: + dotenv: $BUILD_ENV + paths: + - $BUILD_ENV + +.trigger-omnibus-env-ce: + extends: .trigger-omnibus-env + needs: + - pipeline: $PARENT_PIPELINE_ID + job: build-assets-image as-if-foss + +.trigger-omnibus: + stage: .pre + inherit: + variables: false + variables: + GITALY_SERVER_VERSION: $GITALY_SERVER_VERSION + GITLAB_ELASTICSEARCH_INDEXER_VERSION: $GITLAB_ELASTICSEARCH_INDEXER_VERSION + GITLAB_KAS_VERSION: $GITLAB_KAS_VERSION + GITLAB_METRICS_EXPORTER_VERSION: $GITLAB_METRICS_EXPORTER_VERSION + GITLAB_PAGES_VERSION: $GITLAB_PAGES_VERSION + GITLAB_SHELL_VERSION: $GITLAB_SHELL_VERSION + GITLAB_WORKHORSE_VERSION: $GITLAB_WORKHORSE_VERSION + GITLAB_VERSION: $CI_COMMIT_SHA + GITLAB_ASSETS_TAG: $GITLAB_ASSETS_TAG + IMAGE_TAG: $CI_COMMIT_SHA + TOP_UPSTREAM_SOURCE_PROJECT: $CI_PROJECT_PATH + SECURITY_SOURCES: $SECURITY_SOURCES + CACHE_UPDATE: $OMNIBUS_GITLAB_CACHE_UPDATE + RUBY3_BUILD: $OMNIBUS_GITLAB_RUBY3_BUILD + RUBY2_BUILD: $OMNIBUS_GITLAB_RUBY2_BUILD + CACHE_EDITION: $OMNIBUS_GITLAB_CACHE_EDITION + BUILD_ON_ALL_OS: $OMNIBUS_GITLAB_BUILD_ON_ALL_OS + SKIP_QA_TEST: "true" + ee: $EE + trigger: + project: gitlab-org/build/omnibus-gitlab-mirror + branch: $TRIGGER_BRANCH + strategy: depend + +.trigger-omnibus-ce: + extends: + - .trigger-omnibus + variables: + # Override gitlab repository so that omnibus doesn't use foss repository for CE build + GITLAB_ALTERNATIVE_REPO: $CI_PROJECT_URL + +.download-knapsack-report: + extends: + - .gitlab-qa-image + stage: .pre + variables: + KNAPSACK_DIR: ${CI_PROJECT_DIR}/qa/knapsack + GIT_STRATEGY: none + script: + # when using qa-image, code runs in /home/gitlab/qa folder + - bundle exec rake "knapsack:download[test]" + - mkdir -p "$KNAPSACK_DIR" && cp knapsack/*.json "${KNAPSACK_DIR}/" + allow_failure: true + artifacts: + paths: + - qa/knapsack/*.json + expire_in: 1 day + +.e2e-test-report: + extends: + - .generate-allure-report-base + stage: report + variables: + GITLAB_AUTH_TOKEN: $PROJECT_TOKEN_FOR_CI_SCRIPTS_API_USAGE + ALLURE_PROJECT_PATH: $CI_PROJECT_PATH + ALLURE_MERGE_REQUEST_IID: $CI_MERGE_REQUEST_IID + +.upload-knapsack-report: + extends: + - .generate-knapsack-report-base + - .qa-install + - .ruby-image + stage: report + when: always + +.export-test-metrics: + extends: + - .qa-install + - .ruby-image + stage: report + when: always + variables: + QA_METRICS_REPORT_FILE_PATTERN: $CI_PROJECT_DIR/gitlab-qa-run-*/**/test-metrics-*.json + script: + - bundle exec rake "ci:export_test_metrics[$QA_METRICS_REPORT_FILE_PATTERN]" + +.relate-test-failures: + extends: + - .qa-install + - .ruby-image + stage: report + when: always + variables: + QA_RSPEC_JSON_FILE_PATTERN: "${CI_PROJECT_DIR}/gitlab-qa-run-*/**/rspec-*.json" + script: + - | + if [ "$SUITE_FAILED" != "true" ] && [ "$SUITE_RAN" == "true" ]; then + echo "Test suite passed. Exiting..." + exit 0 + fi + - | + bundle exec relate-failure-issue \ + --input-files "${QA_RSPEC_JSON_FILE_PATTERN}" \ + --project "gitlab-org/gitlab" \ + --token "${QA_RELATE_FAILURE_ISSUE_TOKEN}" + +.generate-test-session: + extends: + - .qa-install + - .ruby-image + stage: report + when: always + variables: + QA_RSPEC_JSON_FILE_PATTERN: "${CI_PROJECT_DIR}/gitlab-qa-run-*/**/rspec-*.json" + script: + - | + bundle exec generate-test-session \ + --input-files "${QA_RSPEC_JSON_FILE_PATTERN}" \ + --project "gitlab-org/quality/testcase-sessions" \ + --token "${QA_TEST_SESSION_TOKEN}" \ + --ci-project-token "${GENERATE_TEST_SESSION_READ_API_REPORTER_TOKEN}" \ + --issue-url-file REPORT_ISSUE_URL + artifacts: + when: always + expire_in: 1d + paths: + - qa/REPORT_ISSUE_URL + +.notify-slack: + extends: + - .notify-slack-qa + - .qa-install + - .ruby-image + stage: notify + variables: + QA_RSPEC_XML_FILE_PATTERN: "${CI_PROJECT_DIR}/gitlab-qa-run-*/**/rspec-*.xml" + SLACK_ICON_EMOJI: ci_failing + STATUS_SYM: ☠️ + STATUS: failed + TYPE: "($QA_RUN_TYPE) " + when: always + script: + - | + if [ "$SUITE_FAILED" != "true" ] && [ "$SUITE_RAN" == "true" ]; then + echo "Test suite passed. Exiting..." + exit 0 + fi + - bundle exec prepare-stage-reports --input-files "${QA_RSPEC_XML_FILE_PATTERN}" + - !reference [.notify-slack-qa, script] + +# ========================================== +# Pre stage +# ========================================== +dont-interrupt-me: + stage: .pre + interruptible: false + script: + - echo "This jobs makes sure this pipeline won't be interrupted! See https://docs.gitlab.com/ee/ci/yaml/#interruptible." + rules: + - if: '$CI_COMMIT_REF_NAME == $CI_DEFAULT_BRANCH && $CI_MERGE_REQUEST_IID == null' + allow_failure: true + - if: '$CI_MERGE_REQUEST_EVENT_TYPE == "merged_result" || $CI_MERGE_REQUEST_EVENT_TYPE == "detached"' + when: manual + allow_failure: true diff --git a/.gitlab/ci/package-and-test/rules.gitlab-ci.yml b/.gitlab/ci/qa-common/rules.gitlab-ci.yml index 50b07589040..3580339921d 100644 --- a/.gitlab/ci/package-and-test/rules.gitlab-ci.yml +++ b/.gitlab/ci/qa-common/rules.gitlab-ci.yml @@ -10,16 +10,23 @@ .feature-flags-set: &feature-flags-set if: $QA_FEATURE_FLAGS =~ /enabled|disabled/ - # Manually trigger job on ff changes but with default ff state instead of inverted .feature-flags-set-manual: &feature-flags-set-manual <<: *feature-flags-set when: manual allow_failure: true -# Run all tests when framework changes present, full suite execution is explicitly enabled or a feature flag file is removed +# Run the job on master pipeline +.default-branch: &default-branch + if: '$CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH' + +# Run all tests when QA framework changes present, full suite execution is explicitly enabled or a feature flag file is removed .qa-run-all-tests: &qa-run-all-tests - if: $QA_FRAMEWORK_CHANGES == "true" || $QA_RUN_ALL_TESTS == "true" || $QA_FEATURE_FLAGS =~ /deleted/ + if: $QA_FRAMEWORK_CHANGES == "true" || $QA_RUN_ALL_TESTS == "true" || $QA_RUN_ALL_E2E_LABEL == "true" || $QA_FEATURE_FLAGS =~ /deleted/ + +# Run job when MR has pipeline:run-all-e2e label +.qa-run-all-e2e-label: &qa-run-all-e2e-label + if: $QA_RUN_ALL_E2E_LABEL == "true" # Process test results (notify failure to slack, create test session report, relate test failures) .process-test-results: &process-test-results @@ -41,33 +48,24 @@ rules: - when: always -.rules:dont-interrupt: +.rules:omnibus-build: rules: - - if: '$CI_COMMIT_REF_NAME == $CI_DEFAULT_BRANCH && $CI_MERGE_REQUEST_IID == null' - allow_failure: true - - if: '$CI_MERGE_REQUEST_EVENT_TYPE == "merged_result" || $CI_MERGE_REQUEST_EVENT_TYPE == "detached"' - when: manual - allow_failure: true + - if: $SKIP_OMNIBUS_TRIGGER == "true" + when: never + - if: $FOSS_ONLY != "1" -.rules:omnibus-build: +.rules:omnibus-build-ce: rules: - if: $SKIP_OMNIBUS_TRIGGER == "true" when: never - - when: always + - if: $FOSS_ONLY == "1" .rules:update-cache: rules: - - <<: *not-canonical-project - when: never - - when: always + - if: '$UPDATE_QA_CACHE == "true"' -# This job requires project access token with api permissions to detect parallel jobs, -# it is problematic to set for every project that would include this template -# Because parallel jobs themselves can download knapsack report, skip for non canonical runs .rules:download-knapsack: rules: - - <<: *not-canonical-project - when: never - when: always # ------------------------------------------ @@ -115,14 +113,31 @@ - *qa-run-all-tests - *feature-flags-set-manual +.rules:test:ee-only: + rules: + - if: $FOSS_ONLY == "1" + when: never + .rules:test:update: rules: - # skip upgrade jobs if gitlab version is not provided + # skip upgrade jobs if gitlab version is not in semver compatible format # these jobs need gitlab version because we can't reliably detect it from just the image - - if: $GITLAB_VERSION == null + - if: $GITLAB_SEMVER_VERSION !~ /^\d+\.\d+\.\d+/ + when: never + # update type tests are used to check if gitlab upgrade can be performed correctly (mainly migrations) + # there isn't much benefit in running tests after update with new sidebar enabled and there + # is also an issue to properly pass feature toggle to this job due to how gitlab-qa parses cli args + - if: $QA_SUPER_SIDEBAR_ENABLED == "true" when: never + - !reference [.rules:test:ee-only, rules] - !reference [.rules:test:qa, rules] +.rules:test:qa-default-branch: + rules: + - *qa-run-all-e2e-label + - *default-branch + - *feature-flags-set-manual + # ------------------------------------------ # Report # ------------------------------------------ diff --git a/.gitlab/ci/package-and-test/variables.gitlab-ci.yml b/.gitlab/ci/qa-common/variables.gitlab-ci.yml index c45807e5a23..0322247a89d 100644 --- a/.gitlab/ci/package-and-test/variables.gitlab-ci.yml +++ b/.gitlab/ci/qa-common/variables.gitlab-ci.yml @@ -4,9 +4,14 @@ variables: REGISTRY_HOST: "registry.gitlab.com" REGISTRY_GROUP: "gitlab-org" SKIP_REPORT_IN_ISSUES: "true" + SKIP_OMNIBUS_TRIGGER: "true" OMNIBUS_GITLAB_CACHE_UPDATE: "false" OMNIBUS_GITLAB_RUBY3_BUILD: "false" + OMNIBUS_GITLAB_RUBY2_BUILD: "false" OMNIBUS_GITLAB_CACHE_EDITION: "GITLAB" + OMNIBUS_GITLAB_BUILD_ON_ALL_OS: "false" + ALLURE_JOB_NAME: $CI_PROJECT_NAME + COLORIZED_LOGS: "true" QA_LOG_LEVEL: "info" QA_TESTS: "" QA_FEATURE_FLAGS: "" diff --git a/.gitlab/ci/qa.gitlab-ci.yml b/.gitlab/ci/qa.gitlab-ci.yml index a72e6fc0137..81127b7c113 100644 --- a/.gitlab/ci/qa.gitlab-ci.yml +++ b/.gitlab/ci/qa.gitlab-ci.yml @@ -12,6 +12,40 @@ - !reference [.default-before_script, before_script] - cd qa && bundle install +.e2e-trigger-base: + extends: .production # this makes sure GITLAB_ALLOW_SEPARATE_CI_DATABASE is passed to the child pipeline + stage: qa + needs: + - build-assets-image + - build-qa-image + - e2e-test-pipeline-generate + variables: + # This is needed by `trigger-omnibus-env` (`.gitlab/ci/package-and-test/main.gitlab-ci.yml`). + PARENT_PIPELINE_ID: $CI_PIPELINE_ID + SKIP_MESSAGE: Skipping package-and-test due to mr containing only quarantine changes! + GITLAB_QA_IMAGE: "${CI_REGISTRY_IMAGE}/gitlab-ee-qa:${CI_COMMIT_SHA}" + RUN_WITH_BUNDLE: "true" # instructs pipeline to install and run gitlab-qa gem via bundler + QA_PATH: qa # sets the optional path for bundler to run from + DYNAMIC_PIPELINE_YML: package-and-test-pipeline.yml # yml files are generated by scripts/generate-e2e-pipeline script + inherit: + variables: + - CHROME_VERSION + - RUBY_VERSION + - DOCKER_VERSION + - REGISTRY_GROUP + - REGISTRY_HOST + - OMNIBUS_GITLAB_CACHE_EDITION + - OMNIBUS_GITLAB_RUBY3_BUILD + - OMNIBUS_GITLAB_RUBY2_BUILD + trigger: + strategy: depend + forward: + yaml_variables: true + pipeline_variables: true + include: + - artifact: $DYNAMIC_PIPELINE_YML + job: e2e-test-pipeline-generate + qa:internal: extends: - .qa-job-base @@ -25,13 +59,6 @@ qa:internal-as-if-foss: - .qa:rules:internal-as-if-foss - .as-if-foss -qa:selectors: - extends: - - .qa-job-base - - .qa:rules:ee-and-foss - script: - - bundle exec bin/qa Test::Sanity::Selectors - qa:master-auto-quarantine-dequarantine: extends: - .qa-job-base @@ -50,12 +77,6 @@ qa:nightly-auto-quarantine-dequarantine: - bundle exec confiner -r .confiner/nightly.yml allow_failure: true -qa:selectors-as-if-foss: - extends: - - qa:selectors - - .qa:rules:as-if-foss - - .as-if-foss - qa:update-qa-cache: extends: - .qa-job-base @@ -65,41 +86,68 @@ qa:update-qa-cache: script: - echo "Cache has been updated and ready to be uploaded." -e2e:package-and-test: +e2e:package-and-test-ee: extends: - - .production # this makes sure GITLAB_ALLOW_SEPARATE_CI_DATABASE is passed to the child pipeline - - .qa:rules:package-and-test - stage: qa + - .e2e-trigger-base + - .qa:rules:package-and-test-ee needs: - build-assets-image - build-qa-image - e2e-test-pipeline-generate variables: - # This is needed by `trigger-omnibus-env` (`.gitlab/ci/package-and-test/main.gitlab-ci.yml`). - PARENT_PIPELINE_ID: $CI_PIPELINE_ID - SKIP_MESSAGE: Skipping package-and-test due to mr containing only quarantine changes! RELEASE: "${REGISTRY_HOST}/${REGISTRY_GROUP}/build/omnibus-gitlab-mirror/gitlab-ee:${CI_COMMIT_SHA}" - GITLAB_QA_IMAGE: "${CI_REGISTRY_IMAGE}/gitlab-ee-qa:${CI_COMMIT_SHA}" - RUN_WITH_BUNDLE: "true" # instructs pipeline to install and run gitlab-qa gem via bundler - QA_PATH: qa # sets the optional path for bundler to run from - inherit: - variables: - - CHROME_VERSION - - RUBY_VERSION - - DOCKER_VERSION - - REGISTRY_GROUP - - REGISTRY_HOST - trigger: - strategy: depend - forward: - yaml_variables: true - pipeline_variables: true - include: - - artifact: package-and-test-pipeline.yml - job: e2e-test-pipeline-generate + QA_RUN_TYPE: e2e-package-and-test + ALLURE_JOB_NAME: e2e-package-and-test + PIPELINE_NAME: E2E Omnibus GitLab EE + +e2e:package-and-test-ce: + extends: + - e2e:package-and-test-ee + - .qa:rules:package-and-test-ce + needs: + - build-assets-image as-if-foss + - build-qa-image as-if-foss + - e2e-test-pipeline-generate + variables: + FOSS_ONLY: "1" + RELEASE: ${REGISTRY_HOST}/${REGISTRY_GROUP}/build/omnibus-gitlab-mirror/gitlab-ce:${CI_COMMIT_SHA} + GITLAB_QA_IMAGE: ${CI_REGISTRY_IMAGE}/gitlab-ce-qa:${CI_COMMIT_SHA} + QA_RUN_TYPE: e2e-package-and-test-ce + ALLURE_JOB_NAME: e2e-package-and-test-ce + PIPELINE_NAME: E2E Omnibus GitLab CE + +e2e:package-and-test-super-sidebar: + extends: + - e2e:package-and-test-ee + - .qa:rules:package-and-test-sidebar + when: manual + variables: + QA_SUPER_SIDEBAR_ENABLED: "true" + EXTRA_GITLAB_QA_OPTS: --set-feature-flags super_sidebar_nav=enabled + QA_RUN_TYPE: e2e-package-and-test-super-sidebar + ALLURE_JOB_NAME: e2e-package-and-test-super-sidebar + PIPELINE_NAME: E2E Omnibus Super Sidebar + +e2e:package-and-test-nightly: + extends: + - .e2e-trigger-base + - .qa:rules:package-and-test-nightly + needs: + - build-assets-image + - build-assets-image as-if-foss + - build-qa-image + - build-qa-image as-if-foss + - e2e-test-pipeline-generate + variables: + GITLAB_SEMVER_VERSION: $GITLAB_SEMVER_VERSION + QA_RUN_TYPE: nightly + ALLURE_JOB_NAME: nightly + PIPELINE_NAME: E2E Omnibus GitLab Nightly + DYNAMIC_PIPELINE_YML: package-and-test-nightly-pipeline.yml e2e:test-on-gdk: extends: + - .e2e-trigger-base - .qa:rules:e2e:test-on-gdk stage: qa needs: @@ -107,10 +155,12 @@ e2e:test-on-gdk: # In MRs we assume the last scheduled master pipeline built the image already. - job: build-qa-on-gdk-master-image optional: true + - job: e2e-test-pipeline-generate + artifacts: true + variables: + ALLURE_JOB_NAME: e2e-test-on-gdk + QA_RUN_TYPE: e2e-test-on-gdk + PIPELINE_NAME: E2E GDK + DYNAMIC_PIPELINE_YML: test-on-gdk-pipeline.yml + SKIP_MESSAGE: Skipping test-on-gdk due to mr containing only quarantine changes! allow_failure: true - trigger: - strategy: depend - forward: - yaml_variables: true - pipeline_variables: true - include: .gitlab/ci/test-on-gdk/main.gitlab-ci.yml diff --git a/.gitlab/ci/rails.gitlab-ci.yml b/.gitlab/ci/rails.gitlab-ci.yml index 23f38fddb80..a4041f771d9 100644 --- a/.gitlab/ci/rails.gitlab-ci.yml +++ b/.gitlab/ci/rails.gitlab-ci.yml @@ -15,11 +15,9 @@ setup-test-env: - echo $CI_MERGE_REQUEST_APPROVED - source scripts/gitlab_component_helpers.sh - run_timed_command "download_and_extract_gitlab_workhorse_package" || true - - run_timed_command "scripts/setup-test-env" - - run_timed_command "select_gitlab_workhorse_essentials" - - echo -e "\e[0Ksection_start:`date +%s`:gitaly-test-build[collapsed=true]\r\e[0KCompiling Gitaly binaries" - - run_timed_command "scripts/gitaly-test-build" # Do not use 'bundle exec' here - - echo -e "\e[0Ksection_end:`date +%s`:gitaly-test-build\r\e[0K" + - section_start "setup-test-env" "Setting up testing environment"; scripts/setup-test-env; section_end "setup-test-env"; + - select_gitlab_workhorse_essentials + - section_start "gitaly-test-build" "Compiling Gitaly binaries"; scripts/gitaly-test-build; section_end "gitaly-test-build"; # Do not use 'bundle exec' here artifacts: expire_in: 7d paths: @@ -30,7 +28,6 @@ setup-test-env: - ${TMP_TEST_FOLDER}/gitaly/Makefile - ${TMP_TEST_FOLDER}/gitaly/praefect.config.toml - ${TMP_TEST_FOLDER}/gitaly/praefect-db.config.toml - - ${TMP_TEST_FOLDER}/gitaly/ruby/ - ${TMP_TEST_FOLDER}/gitlab-elasticsearch-indexer/bin/gitlab-elasticsearch-indexer - ${TMP_TEST_FOLDER}/gitlab-shell/ - ${TMP_TEST_FOLDER}/gitlab-test-fork/ @@ -67,135 +64,135 @@ update-gitaly-binaries-cache: - export BUNDLE_WITHOUT="${BUNDLE_WITHOUT}:default:test:puma:kerberos:metrics:omnibus:ed25519" - bundle_install_script -rspec migration pg12: +rspec migration pg13: extends: - - .rspec-base-pg12 + - .rspec-base-pg13 - .rspec-base-migration - .rails:rules:ee-and-foss-migration - .rspec-migration-parallel -rspec migration pg12 predictive: - extends: - - rspec migration pg12 - - .predictive-rspec-tests - - .rails:rules:ee-and-foss-migration:predictive - -rspec background_migration pg12: +rspec background_migration pg13: extends: - - .rspec-base-pg12 + - .rspec-base-pg13 - .rspec-base-migration - .rails:rules:ee-and-foss-background-migration - .rspec-background-migration-parallel -rspec background_migration pg12 predictive: +rspec migration pg13 single-db: extends: - - rspec background_migration pg12 - - .predictive-rspec-tests - - .rails:rules:ee-and-foss-background-migration:predictive - -rspec migration pg12 single-db: - extends: - - rspec migration pg12 + - rspec migration pg13 - .single-db-rspec - .rails:rules:single-db -rspec background_migration pg12 single-db: +rspec background_migration pg13 single-db: extends: - - rspec background_migration pg12 + - rspec background_migration pg13 - .single-db-rspec - .rails:rules:single-db -rspec migration pg12 praefect: +rspec migration pg13 single-db-ci-connection: + extends: + - rspec migration pg13 + - .single-db-ci-connection-rspec + - .rails:rules:single-db-ci-connection + +rspec background_migration pg13 single-db-ci-connection: extends: - - rspec migration pg12 + - rspec background_migration pg13 + - .single-db-ci-connection-rspec + - .rails:rules:single-db-ci-connection + +rspec migration pg13 praefect: + extends: + - rspec migration pg13 - .praefect-with-db - .rails:rules:praefect-with-db -rspec background_migration pg12 praefect: +rspec background_migration pg13 praefect: extends: - - rspec background_migration pg12 + - rspec background_migration pg13 - .praefect-with-db - .rails:rules:praefect-with-db -rspec unit pg12: +rspec unit pg13: extends: - - .rspec-base-pg12 + - .rspec-base-pg13 - .rails:rules:ee-and-foss-unit - .rspec-unit-parallel -rspec unit pg12 predictive: +rspec unit pg13 single-db: extends: - - rspec unit pg12 - - .predictive-rspec-tests - - .rails:rules:ee-and-foss-unit:predictive - -rspec unit pg12 single-db: - extends: - - rspec unit pg12 + - rspec unit pg13 - .single-db-rspec - .rails:rules:single-db -rspec unit pg12 praefect: +rspec unit pg13 single-db-ci-connection: + extends: + - rspec unit pg13 + - .single-db-ci-connection-rspec + - .rails:rules:single-db-ci-connection + +rspec unit pg13 praefect: extends: - - rspec unit pg12 + - rspec unit pg13 - .praefect-with-db - .rails:rules:praefect-with-db -rspec integration pg12: +rspec integration pg13: extends: - - .rspec-base-pg12 + - .rspec-base-pg13 - .rails:rules:ee-and-foss-integration - .rspec-integration-parallel -rspec integration pg12 predictive: - extends: - - rspec integration pg12 - - .predictive-rspec-tests - - .rails:rules:ee-and-foss-integration:predictive - -rspec integration pg12 single-db: +rspec integration pg13 single-db: extends: - - rspec integration pg12 + - rspec integration pg13 - .single-db-rspec - .rails:rules:single-db -rspec integration pg12 praefect: +rspec integration pg13 single-db-ci-connection: extends: - - rspec integration pg12 + - rspec integration pg13 + - .single-db-ci-connection-rspec + - .rails:rules:single-db-ci-connection + +rspec integration pg13 praefect: + extends: + - rspec integration pg13 - .praefect-with-db - .rails:rules:praefect-with-db -rspec system pg12: +rspec system pg13: extends: - - .rspec-base-pg12 + - .rspec-base-pg13 - .rails:rules:ee-and-foss-system - .rspec-system-parallel variables: DEBUG_GITLAB_TRANSACTION_STACK: "true" -rspec system pg12 predictive: - extends: - - rspec system pg12 - - .predictive-rspec-tests - - .rails:rules:ee-and-foss-system:predictive - -rspec system pg12 single-db: +rspec system pg13 single-db: extends: - - rspec system pg12 + - rspec system pg13 - .single-db-rspec - .rails:rules:single-db -rspec system pg12 praefect: +rspec system pg13 single-db-ci-connection: + extends: + - rspec system pg13 + - .single-db-ci-connection-rspec + - .rails:rules:single-db-ci-connection + +rspec system pg13 praefect: extends: - - rspec system pg12 + - rspec system pg13 - .praefect-with-db - .rails:rules:praefect-with-db -# Dedicated job to test DB library code against PG11. +# Dedicated job to test DB library code against PG12. # Note that these are already tested against PG12 in the `rspec unit pg12` / `rspec-ee unit pg12` jobs. -rspec db-library-code pg11: +rspec db-library-code pg12: extends: - - .rspec-base-pg11 + - .rspec-base-pg12 - .rails:rules:ee-and-foss-db-library-code script: - !reference [.base-script, script] @@ -203,7 +200,7 @@ rspec db-library-code pg11: rspec fast_spec_helper: extends: - - .rspec-base-pg12 + - .rspec-base-pg13 - .rails:rules:ee-and-foss-fast_spec_helper script: - fast_spec_helper_specs=$(git grep -l -E '^require.*fast_spec_helper') @@ -238,16 +235,16 @@ rspec:deprecations: # We cannot use needs since it would mean needing 84 jobs (since most are parallelized) # so we use `dependencies` here. dependencies: - - rspec migration pg12 - - rspec background_migration pg12 - - rspec unit pg12 - - rspec integration pg12 - - rspec system pg12 - - rspec-ee migration pg12 - - rspec-ee background_migration pg12 - - rspec-ee unit pg12 - - rspec-ee integration pg12 - - rspec-ee system pg12 + - rspec migration pg13 + - rspec background_migration pg13 + - rspec unit pg13 + - rspec integration pg13 + - rspec system pg13 + - rspec-ee migration pg13 + - rspec-ee background_migration pg13 + - rspec-ee unit pg13 + - rspec-ee integration pg13 + - rspec-ee system pg13 variables: SETUP_DB: "false" script: @@ -270,59 +267,25 @@ rspec:coverage: dependencies: - setup-test-env # FOSS/EE jobs - - rspec migration pg12 - - rspec background_migration pg12 - - rspec unit pg12 - - rspec integration pg12 - - rspec system pg12 - # FOSS/EE predictive jobs - - rspec migration pg12 predictive - - rspec background_migration pg12 predictive - - rspec unit pg12 predictive - - rspec integration pg12 predictive - - rspec system pg12 predictive - # FOSS/EE single-db jobs - - rspec migration pg12 single-db - - rspec background_migration pg12 single-db - - rspec unit pg12 single-db - - rspec integration pg12 single-db - - rspec system pg12 single-db + - rspec migration pg13 + - rspec background_migration pg13 + - rspec unit pg13 + - rspec integration pg13 + - rspec system pg13 + # as-if-foss jobs + - rspec migration pg13-as-if-foss + - rspec background_migration pg13-as-if-foss + - rspec unit pg13-as-if-foss + - rspec integration pg13-as-if-foss + - rspec system pg13-as-if-foss # EE jobs - - rspec-ee migration pg12 - - rspec-ee background_migration pg12 - - rspec-ee unit pg12 - - rspec-ee integration pg12 - - rspec-ee system pg12 - # EE predictive jobs - - rspec-ee migration pg12 predictive - - rspec-ee background_migration pg12 predictive - - rspec-ee unit pg12 predictive - - rspec-ee integration pg12 predictive - - rspec-ee system pg12 predictive - # EE single-db jobs - - rspec-ee migration pg12 single-db - - rspec-ee background_migration pg12 single-db - - rspec-ee unit pg12 single-db - - rspec-ee integration pg12 single-db - - rspec-ee system pg12 single-db + - rspec-ee migration pg13 + - rspec-ee background_migration pg13 + - rspec-ee unit pg13 + - rspec-ee integration pg13 + - rspec-ee system pg13 # Memory jobs - memory-on-boot - # As-if-FOSS jobs - - rspec migration pg12-as-if-foss - - rspec migration pg12-as-if-foss predictive - - rspec migration pg12-as-if-foss single-db - - rspec background_migration pg12-as-if-foss - - rspec background_migration pg12-as-if-foss predictive - - rspec background_migration pg12-as-if-foss single-db - - rspec unit pg12-as-if-foss - - rspec unit pg12-as-if-foss predictive - - rspec unit pg12-as-if-foss single-db - - rspec integration pg12-as-if-foss - - rspec integration pg12-as-if-foss predictive - - rspec integration pg12-as-if-foss single-db - - rspec system pg12-as-if-foss - - rspec system pg12-as-if-foss predictive - - rspec system pg12-as-if-foss single-db script: - run_timed_command "bundle exec scripts/merge-simplecov" coverage: '/LOC \((\d+\.\d+%)\) covered.$/' @@ -383,7 +346,7 @@ rspec:flaky-tests-report: # so we use `dependencies` here. dependencies: !reference ["rspec:coverage", "dependencies"] variables: - SKIPPED_FLAKY_TESTS_REPORT_PATH: rspec/flaky/skipped_flaky_tests_report.txt + SKIPPED_TESTS_REPORT_PATH: rspec/skipped_tests_report.txt RETRIED_TESTS_REPORT_PATH: rspec/flaky/retried_tests_report.txt before_script: - source scripts/utils.sh @@ -400,285 +363,335 @@ rspec:flaky-tests-report: ################################################## # EE: default refs (MRs, default branch, schedules) jobs # -rspec migration pg12-as-if-foss: +rspec-predictive:pipeline-generate: + extends: + - .rails:rules:rspec-predictive + stage: prepare + needs: ["detect-tests", "retrieve-tests-metadata"] + script: + - scripts/generate_rspec_pipeline.rb -t "${RSPEC_PREDICTIVE_PIPELINE_TEMPLATE_YML}" -k "${KNAPSACK_RSPEC_SUITE_REPORT_PATH}" -f "${RSPEC_MATCHING_TESTS_FOSS_PATH}" -o "${RSPEC_PREDICTIVE_PIPELINE_TEMPLATE_YML}.yml" + - scripts/generate_rspec_pipeline.rb -t "${RSPEC_PREDICTIVE_PIPELINE_TEMPLATE_YML}" -k "${KNAPSACK_RSPEC_SUITE_REPORT_PATH}" -f "${RSPEC_MATCHING_TESTS_EE_PATH}" -o "${RSPEC_PREDICTIVE_PIPELINE_TEMPLATE_YML}-ee.yml" -p "ee/" + - echo "Content of ${RSPEC_PREDICTIVE_PIPELINE_TEMPLATE_YML}.yml:" + - cat "${RSPEC_PREDICTIVE_PIPELINE_TEMPLATE_YML}.yml" + - echo "\n================================================\n" + - echo "Content of ${RSPEC_PREDICTIVE_PIPELINE_TEMPLATE_YML}-ee.yml:" + - cat "${RSPEC_PREDICTIVE_PIPELINE_TEMPLATE_YML}-ee.yml" + artifacts: + expire_in: 1 day + paths: + - "${RSPEC_PREDICTIVE_PIPELINE_TEMPLATE_YML}.yml" + - "${RSPEC_PREDICTIVE_PIPELINE_TEMPLATE_YML}-ee.yml" + +rspec:predictive:trigger: + extends: + - .rails:rules:rspec-predictive + stage: test + needs: + - job: "setup-test-env" + artifacts: false + - job: "retrieve-tests-metadata" + artifacts: false + - job: "compile-test-assets" + artifacts: false + - job: "rspec-predictive:pipeline-generate" + artifacts: true + variables: + PARENT_PIPELINE_ID: $CI_PIPELINE_ID + trigger: + strategy: depend + forward: + yaml_variables: true + pipeline_variables: true + include: + - artifact: "${RSPEC_PREDICTIVE_PIPELINE_TEMPLATE_YML}.yml" + job: rspec-predictive:pipeline-generate + +rspec-ee:predictive:trigger: + extends: rspec:predictive:trigger + trigger: + include: + - artifact: "${RSPEC_PREDICTIVE_PIPELINE_TEMPLATE_YML}-ee.yml" + job: rspec-predictive:pipeline-generate + +rspec migration pg13-as-if-foss: extends: - - .rspec-base-pg12-as-if-foss + - .rspec-base-pg13-as-if-foss - .rspec-base-migration - .rails:rules:as-if-foss-migration - .rspec-migration-parallel -rspec migration pg12-as-if-foss predictive: +rspec background_migration pg13-as-if-foss: extends: - - rspec migration pg12-as-if-foss - - .predictive-rspec-tests - - .rails:rules:as-if-foss-migration:predictive - -rspec background_migration pg12-as-if-foss: - extends: - - .rspec-base-pg12-as-if-foss + - .rspec-base-pg13-as-if-foss - .rspec-base-migration - .rails:rules:as-if-foss-background-migration - .rspec-background-migration-parallel -rspec background_migration pg12-as-if-foss predictive: +rspec migration pg13-as-if-foss single-db: extends: - - rspec background_migration pg12-as-if-foss - - .predictive-rspec-tests - - .rails:rules:as-if-foss-background-migration:predictive - -rspec migration pg12-as-if-foss single-db: - extends: - - rspec migration pg12-as-if-foss + - rspec migration pg13-as-if-foss - .single-db-rspec - .rails:rules:single-db -rspec background_migration pg12-as-if-foss single-db: +rspec background_migration pg13-as-if-foss single-db: extends: - - rspec background_migration pg12-as-if-foss + - rspec background_migration pg13-as-if-foss - .single-db-rspec - .rails:rules:single-db -rspec unit pg12-as-if-foss: +rspec migration pg13-as-if-foss single-db-ci-connection: extends: - - .rspec-base-pg12-as-if-foss - - .rails:rules:as-if-foss-unit - - .rspec-unit-parallel + - rspec migration pg13-as-if-foss + - .single-db-ci-connection-rspec + - .rails:rules:single-db-ci-connection -rspec unit pg12-as-if-foss predictive: +rspec background_migration pg13-as-if-foss single-db-ci-connection: extends: - - rspec unit pg12-as-if-foss - - .predictive-rspec-tests - - .rails:rules:as-if-foss-unit:predictive + - rspec background_migration pg13-as-if-foss + - .single-db-ci-connection-rspec + - .rails:rules:single-db-ci-connection -rspec unit pg12-as-if-foss single-db: +rspec unit pg13-as-if-foss: extends: - - rspec unit pg12-as-if-foss + - .rspec-base-pg13-as-if-foss + - .rails:rules:as-if-foss-unit + - .rspec-unit-parallel + +rspec unit pg13-as-if-foss single-db: + extends: + - rspec unit pg13-as-if-foss - .single-db-rspec - .rails:rules:single-db -rspec integration pg12-as-if-foss: +rspec unit pg13-as-if-foss single-db-ci-connection: extends: - - .rspec-base-pg12-as-if-foss - - .rails:rules:as-if-foss-integration - - .rspec-integration-parallel + - rspec unit pg13-as-if-foss + - .single-db-ci-connection-rspec + - .rails:rules:single-db-ci-connection -rspec integration pg12-as-if-foss predictive: +rspec integration pg13-as-if-foss: extends: - - rspec integration pg12-as-if-foss - - .predictive-rspec-tests - - .rails:rules:as-if-foss-integration:predictive + - .rspec-base-pg13-as-if-foss + - .rails:rules:as-if-foss-integration + - .rspec-integration-parallel -rspec integration pg12-as-if-foss single-db: +rspec integration pg13-as-if-foss single-db: extends: - - rspec integration pg12-as-if-foss + - rspec integration pg13-as-if-foss - .single-db-rspec - .rails:rules:single-db -rspec system pg12-as-if-foss: +rspec integration pg13-as-if-foss single-db-ci-connection: extends: - - .rspec-base-pg12-as-if-foss - - .rails:rules:as-if-foss-system - - .rspec-system-parallel + - rspec integration pg13-as-if-foss + - .single-db-ci-connection-rspec + - .rails:rules:single-db-ci-connection -rspec system pg12-as-if-foss predictive: +rspec system pg13-as-if-foss: extends: - - rspec system pg12-as-if-foss - - .predictive-rspec-tests - - .rails:rules:as-if-foss-system:predictive + - .rspec-base-pg13-as-if-foss + - .rails:rules:as-if-foss-system + - .rspec-system-parallel -rspec system pg12-as-if-foss single-db: +rspec system pg13-as-if-foss single-db: extends: - - rspec system pg12-as-if-foss + - rspec system pg13-as-if-foss - .single-db-rspec - .rails:rules:single-db -rspec-ee migration pg12: +rspec system pg13-as-if-foss single-db-ci-connection: extends: - - .rspec-ee-base-pg12 + - rspec system pg13-as-if-foss + - .single-db-ci-connection-rspec + - .rails:rules:single-db-ci-connection + +rspec-ee migration pg13: + extends: + - .rspec-ee-base-pg13 - .rspec-base-migration - .rails:rules:ee-only-migration - .rspec-ee-migration-parallel -rspec-ee migration pg12 predictive: - extends: - - rspec-ee migration pg12 - - .predictive-rspec-tests - - .rails:rules:ee-only-migration:predictive - -rspec-ee background_migration pg12: +rspec-ee background_migration pg13: extends: - - .rspec-ee-base-pg12 + - .rspec-ee-base-pg13 - .rspec-base-migration - .rails:rules:ee-only-background-migration - .rspec-ee-background-migration-parallel -rspec-ee background_migration pg12 predictive: - extends: - - rspec-ee background_migration pg12 - - .predictive-rspec-tests - - .rails:rules:ee-only-background-migration:predictive - -rspec-ee migration pg12 single-db: +rspec-ee migration pg13 single-db: extends: - - rspec-ee migration pg12 + - rspec-ee migration pg13 - .single-db-rspec - .rails:rules:single-db -rspec-ee background_migration pg12 single-db: +rspec-ee background_migration pg13 single-db: extends: - - rspec-ee background_migration pg12 + - rspec-ee background_migration pg13 - .single-db-rspec - .rails:rules:single-db -rspec-ee migration pg12 praefect: +rspec-ee migration pg13 single-db-ci-connection: + extends: + - rspec-ee migration pg13 + - .single-db-ci-connection-rspec + - .rails:rules:single-db-ci-connection + +rspec-ee background_migration pg13 single-db-ci-connection: + extends: + - rspec-ee background_migration pg13 + - .single-db-ci-connection-rspec + - .rails:rules:single-db-ci-connection + +rspec-ee migration pg13 praefect: extends: - - rspec migration pg12 + - rspec migration pg13 - .praefect-with-db - .rails:rules:praefect-with-db -rspec-ee background_migration pg12 praefect: +rspec-ee background_migration pg13 praefect: extends: - - rspec background_migration pg12 + - rspec background_migration pg13 - .praefect-with-db - .rails:rules:praefect-with-db -rspec-ee unit pg12: +rspec-ee unit pg13: extends: - - .rspec-ee-base-pg12 + - .rspec-ee-base-pg13 - .rails:rules:ee-only-unit - .rspec-ee-unit-parallel -rspec-ee unit pg12 es8: +rspec-ee unit pg13 es8: extends: - - .rspec-ee-base-pg12-es8 + - .rspec-ee-base-pg13-es8 - .rspec-ee-unit-parallel -rspec-ee unit pg12 predictive: - extends: - - rspec-ee unit pg12 - - .predictive-rspec-tests - - .rails:rules:ee-only-unit:predictive - -rspec-ee unit pg12 single-db: +rspec-ee unit pg13 single-db: extends: - - rspec-ee unit pg12 + - rspec-ee unit pg13 - .single-db-rspec - .rails:rules:single-db -rspec-ee integration pg12: +rspec-ee unit pg13 single-db-ci-connection: extends: - - .rspec-ee-base-pg12 - - .rails:rules:ee-only-integration - - .rspec-ee-integration-parallel + - rspec-ee unit pg13 + - .single-db-ci-connection-rspec + - .rails:rules:single-db-ci-connection -rspec-ee integration pg12 es8: +rspec-ee integration pg13: extends: - - .rspec-ee-base-pg12-es8 + - .rspec-ee-base-pg13 + - .rails:rules:ee-only-integration - .rspec-ee-integration-parallel -rspec-ee integration pg12 predictive: +rspec-ee integration pg13 es8: extends: - - rspec-ee integration pg12 - - .predictive-rspec-tests - - .rails:rules:ee-only-integration:predictive + - .rspec-ee-base-pg13-es8 + - .rspec-ee-integration-parallel -rspec-ee integration pg12 single-db: +rspec-ee integration pg13 single-db: extends: - - rspec-ee integration pg12 + - rspec-ee integration pg13 - .single-db-rspec - .rails:rules:single-db -rspec-ee system pg12: +rspec-ee integration pg13 single-db-ci-connection: extends: - - .rspec-ee-base-pg12 - - .rails:rules:ee-only-system - - .rspec-ee-system-parallel + - rspec-ee integration pg13 + - .single-db-ci-connection-rspec + - .rails:rules:single-db-ci-connection -rspec-ee system pg12 es8: +rspec-ee system pg13: extends: - - .rspec-ee-base-pg12-es8 + - .rspec-ee-base-pg13 + - .rails:rules:ee-only-system - .rspec-ee-system-parallel -rspec-ee system pg12 predictive: +rspec-ee system pg13 es8: extends: - - rspec-ee system pg12 - - .predictive-rspec-tests - - .rails:rules:ee-only-system:predictive + - .rspec-ee-base-pg13-es8 + - .rspec-ee-system-parallel -rspec-ee system pg12 single-db: +rspec-ee system pg13 single-db: extends: - - rspec-ee system pg12 + - rspec-ee system pg13 - .single-db-rspec - .rails:rules:single-db + +rspec-ee system pg13 single-db-ci-connection: + extends: + - rspec-ee system pg13 + - .single-db-ci-connection-rspec + - .rails:rules:single-db-ci-connection # EE: default refs (MRs, default branch, schedules) jobs # ################################################## ########################################## # EE/FOSS: default branch nightly scheduled jobs # -# PG11 -rspec migration pg11: +# PG12 +rspec migration pg12: extends: - - .rspec-base-pg11 + - .rspec-base-pg12 - .rspec-base-migration - - .rails:rules:rspec-on-pg11 + - .rails:rules:rspec-on-pg12 - .rspec-migration-parallel -rspec background_migration pg11: +rspec background_migration pg12: extends: - - .rspec-base-pg11 + - .rspec-base-pg12 - .rspec-base-migration - - .rails:rules:rspec-on-pg11 + - .rails:rules:rspec-on-pg12 - .rspec-background-migration-parallel -rspec unit pg11: +rspec unit pg12: extends: - - .rspec-base-pg11 - - .rails:rules:rspec-on-pg11 + - .rspec-base-pg12 + - .rails:rules:rspec-on-pg12 - .rspec-unit-parallel -rspec integration pg11: +rspec integration pg12: extends: - - .rspec-base-pg11 - - .rails:rules:rspec-on-pg11 + - .rspec-base-pg12 + - .rails:rules:rspec-on-pg12 - .rspec-integration-parallel -rspec system pg11: +rspec system pg12: extends: - - .rspec-base-pg11 - - .rails:rules:rspec-on-pg11 + - .rspec-base-pg12 + - .rails:rules:rspec-on-pg12 - .rspec-system-parallel -# PG13 -rspec migration pg13: +# PG14 +rspec migration pg14: extends: - - .rspec-base-pg13 + - .rspec-base-pg14 - .rspec-base-migration - .rails:rules:default-branch-schedule-nightly--code-backstage - .rspec-migration-parallel -rspec background_migration pg13: +rspec background_migration pg14: extends: - - .rspec-base-pg13 + - .rspec-base-pg14 - .rspec-base-migration - .rails:rules:default-branch-schedule-nightly--code-backstage - .rspec-background-migration-parallel -rspec unit pg13: +rspec unit pg14: extends: - - .rspec-base-pg13 + - .rspec-base-pg14 - .rails:rules:default-branch-schedule-nightly--code-backstage - .rspec-unit-parallel -rspec integration pg13: +rspec integration pg14: extends: - - .rspec-base-pg13 + - .rspec-base-pg14 - .rails:rules:default-branch-schedule-nightly--code-backstage - .rspec-integration-parallel -rspec system pg13: +rspec system pg14: extends: - - .rspec-base-pg13 + - .rspec-base-pg14 - .rails:rules:default-branch-schedule-nightly--code-backstage - .rspec-system-parallel # EE/FOSS: default branch nightly scheduled jobs # @@ -687,108 +700,153 @@ rspec system pg13: ##################################### # EE: default branch nightly scheduled jobs # -# PG11 -rspec-ee migration pg11: +# PG12 +rspec-ee migration pg12: extends: - - .rspec-ee-base-pg11 + - .rspec-ee-base-pg12 - .rspec-base-migration - .rails:rules:default-branch-schedule-nightly--code-backstage-ee-only - .rspec-ee-migration-parallel -rspec-ee background_migration pg11: +rspec-ee background_migration pg12: extends: - - .rspec-ee-base-pg11 + - .rspec-ee-base-pg12 - .rspec-base-migration - .rails:rules:default-branch-schedule-nightly--code-backstage-ee-only - .rspec-ee-background-migration-parallel -rspec-ee unit pg11: +rspec-ee unit pg12: extends: - - .rspec-ee-base-pg11 + - .rspec-ee-base-pg12 - .rails:rules:default-branch-schedule-nightly--code-backstage-ee-only - .rspec-ee-unit-parallel -rspec-ee integration pg11: +rspec-ee integration pg12: extends: - - .rspec-ee-base-pg11 + - .rspec-ee-base-pg12 - .rails:rules:default-branch-schedule-nightly--code-backstage-ee-only - .rspec-ee-integration-parallel -rspec-ee system pg11: +rspec-ee system pg12: extends: - - .rspec-ee-base-pg11 + - .rspec-ee-base-pg12 - .rails:rules:default-branch-schedule-nightly--code-backstage-ee-only - .rspec-ee-system-parallel -# PG12 -rspec-ee unit pg12 opensearch1: +# PG13 +rspec-ee unit pg13 opensearch1: extends: - - .rspec-ee-base-pg12-opensearch1 + - .rspec-ee-base-pg13-opensearch1 + - .rspec-ee-unit-parallel + +rspec-ee unit pg13 opensearch2: + extends: + - .rspec-ee-base-pg13-opensearch2 + - .rspec-ee-unit-parallel + +rspec-ee integration pg13 opensearch1: + extends: + - .rspec-ee-base-pg13-opensearch1 + - .rspec-ee-integration-parallel + +rspec-ee integration pg13 opensearch2: + extends: + - .rspec-ee-base-pg13-opensearch2 + - .rspec-ee-integration-parallel + +rspec-ee system pg13 opensearch1: + extends: + - .rspec-ee-base-pg13-opensearch1 + - .rspec-ee-system-parallel + +rspec-ee system pg13 opensearch2: + extends: + - .rspec-ee-base-pg13-opensearch2 + - .rspec-ee-system-parallel + +# PG14 +rspec-ee unit pg14 opensearch1: + extends: + - .rspec-ee-base-pg14-opensearch1 - .rspec-ee-unit-parallel - .rails:rules:default-branch-schedule-nightly--code-backstage-ee-only -rspec-ee unit pg12 opensearch2: +rspec-ee unit pg14 opensearch2: extends: - - .rspec-ee-base-pg12-opensearch2 + - .rspec-ee-base-pg14-opensearch2 - .rspec-ee-unit-parallel - .rails:rules:default-branch-schedule-nightly--code-backstage-ee-only -rspec-ee integration pg12 opensearch1: +rspec-ee integration pg14 opensearch1: extends: - - .rspec-ee-base-pg12-opensearch1 + - .rspec-ee-base-pg14-opensearch1 - .rspec-ee-integration-parallel - .rails:rules:default-branch-schedule-nightly--code-backstage-ee-only -rspec-ee integration pg12 opensearch2: +rspec-ee integration pg14 opensearch2: extends: - - .rspec-ee-base-pg12-opensearch2 + - .rspec-ee-base-pg14-opensearch2 - .rspec-ee-integration-parallel - .rails:rules:default-branch-schedule-nightly--code-backstage-ee-only -rspec-ee system pg12 opensearch1: +rspec-ee system pg14 opensearch1: extends: - - .rspec-ee-base-pg12-opensearch1 + - .rspec-ee-base-pg14-opensearch1 - .rspec-ee-system-parallel - .rails:rules:default-branch-schedule-nightly--code-backstage-ee-only -rspec-ee system pg12 opensearch2: +rspec-ee system pg14 opensearch2: extends: - - .rspec-ee-base-pg12-opensearch2 + - .rspec-ee-base-pg14-opensearch2 - .rspec-ee-system-parallel - .rails:rules:default-branch-schedule-nightly--code-backstage-ee-only -# PG13 -rspec-ee migration pg13: +rspec-ee migration pg14: extends: - - .rspec-ee-base-pg13 + - .rspec-ee-base-pg14 - .rspec-base-migration - .rails:rules:default-branch-schedule-nightly--code-backstage-ee-only - .rspec-ee-migration-parallel -rspec-ee background_migration pg13: +rspec-ee background_migration pg14: extends: - - .rspec-ee-base-pg13 + - .rspec-ee-base-pg14 - .rspec-base-migration - .rails:rules:default-branch-schedule-nightly--code-backstage-ee-only - .rspec-ee-background-migration-parallel -rspec-ee unit pg13: +rspec-ee unit pg14: extends: - - .rspec-ee-base-pg13 + - .rspec-ee-base-pg14 - .rails:rules:default-branch-schedule-nightly--code-backstage-ee-only - .rspec-ee-unit-parallel -rspec-ee integration pg13: +rspec-ee unit pg14 es8: extends: - - .rspec-ee-base-pg13 + - .rspec-ee-base-pg14-es8 + - .rspec-ee-unit-parallel + +rspec-ee integration pg14: + extends: + - .rspec-ee-base-pg14 - .rails:rules:default-branch-schedule-nightly--code-backstage-ee-only - .rspec-ee-integration-parallel -rspec-ee system pg13: +rspec-ee integration pg14 es8: extends: - - .rspec-ee-base-pg13 + - .rspec-ee-base-pg14-es8 + - .rspec-ee-integration-parallel + +rspec-ee system pg14: + extends: + - .rspec-ee-base-pg14 - .rails:rules:default-branch-schedule-nightly--code-backstage-ee-only - .rspec-ee-system-parallel + +rspec-ee system pg14 es8: + extends: + - .rspec-ee-base-pg14-es8 + - .rspec-ee-system-parallel # EE: default branch nightly scheduled jobs # ##################################### @@ -805,15 +863,15 @@ rspec-ee system pg13: rspec fail-fast: extends: - - .rspec-base-pg12 - - .rspec-fail-fast # extends from .rspec-fail-fast last to override script from .rspec-base-pg12 + - .rspec-base-pg13 + - .rspec-fail-fast # extends from .rspec-fail-fast last to override script from .rspec-base-pg13 variables: MATCHING_TESTS_PATH: "${RSPEC_MATCHING_TESTS_FOSS_PATH}" rspec-ee fail-fast: extends: - - .rspec-ee-base-pg12 - - .rspec-fail-fast # extends from .rspec-fail-fast last to override script from .rspec-ee-base-pg12 + - .rspec-ee-base-pg13 + - .rspec-fail-fast # extends from .rspec-fail-fast last to override script from .rspec-ee-base-pg13 variables: MATCHING_TESTS_PATH: "${RSPEC_MATCHING_TESTS_EE_PATH}" @@ -821,13 +879,14 @@ rspec-foss-impact:pipeline-generate: extends: - .rails:rules:rspec-foss-impact stage: prepare - needs: ["detect-tests"] + needs: ["detect-tests", "retrieve-tests-metadata"] script: - - scripts/generate-rspec-foss-impact-pipeline "${RSPEC_MATCHING_TESTS_FOSS_PATH}" "${RSPEC_FOSS_IMPACT_PIPELINE_YML}" + - scripts/generate_rspec_pipeline.rb -f "${RSPEC_MATCHING_TESTS_FOSS_PATH}" -t "${RSPEC_FOSS_IMPACT_PIPELINE_TEMPLATE_YML}" -k "${KNAPSACK_RSPEC_SUITE_REPORT_PATH}" + - cat "${RSPEC_FOSS_IMPACT_PIPELINE_TEMPLATE_YML}.yml" artifacts: expire_in: 1 day paths: - - $RSPEC_FOSS_IMPACT_PIPELINE_YML + - "${RSPEC_FOSS_IMPACT_PIPELINE_TEMPLATE_YML}.yml" rspec-foss-impact:trigger: extends: @@ -850,7 +909,7 @@ rspec-foss-impact:trigger: yaml_variables: true pipeline_variables: true include: - - artifact: $RSPEC_FOSS_IMPACT_PIPELINE_YML + - artifact: "${RSPEC_FOSS_IMPACT_PIPELINE_TEMPLATE_YML}.yml" job: rspec-foss-impact:pipeline-generate fail-pipeline-early: @@ -868,7 +927,7 @@ fail-pipeline-early: script: - fail_pipeline_early -.base-rspec-pg12-rerun-previous-failed-tests: +.base-rspec-pg13-rerun-previous-failed-tests: extends: - .rails:rules:rerun-previous-failed-tests stage: test @@ -877,17 +936,17 @@ fail-pipeline-early: - !reference [.base-script, script] - rspec_rerun_previous_failed_tests "${PREVIOUS_FAILED_TESTS_FILE}" -rspec rspec-pg12-rerun-previous-failed-tests: +rspec rspec-pg13-rerun-previous-failed-tests: extends: - - .rspec-base-pg12 - - .base-rspec-pg12-rerun-previous-failed-tests + - .rspec-base-pg13 + - .base-rspec-pg13-rerun-previous-failed-tests variables: PREVIOUS_FAILED_TESTS_FILE: tmp/previous_failed_tests/rspec_failed_tests.txt -rspec rspec-ee-pg12-rerun-previous-failed-tests: +rspec rspec-ee-pg13-rerun-previous-failed-tests: extends: - - .rspec-ee-base-pg12 - - .base-rspec-pg12-rerun-previous-failed-tests + - .rspec-ee-base-pg13 + - .base-rspec-pg13-rerun-previous-failed-tests variables: PREVIOUS_FAILED_TESTS_FILE: tmp/previous_failed_tests/rspec_ee_failed_files.txt # EE: Canonical MR pipelines diff --git a/.gitlab/ci/rails/rspec-foss-impact.gitlab-ci.yml.erb b/.gitlab/ci/rails/rspec-foss-impact.gitlab-ci.yml.erb index eb54fa25875..84aa67de4c9 100644 --- a/.gitlab/ci/rails/rspec-foss-impact.gitlab-ci.yml.erb +++ b/.gitlab/ci/rails/rspec-foss-impact.gitlab-ci.yml.erb @@ -1,4 +1,4 @@ -# RSpec FOSS impact pipeline loaded dynamically by script: scripts/generate-rspec-foss-impact-pipeline +# RSpec FOSS impact pipeline loaded dynamically by script: scripts/generate_rspec_pipeline.rb include: - local: .gitlab/ci/rails/shared.gitlab-ci.yml @@ -21,8 +21,8 @@ dont-interrupt-me: script: - echo "This jobs makes sure this pipeline won't be interrupted! See https://docs.gitlab.com/ee/ci/yaml/#interruptible." -rspec foss-impact: - extends: .rspec-base-pg12-as-if-foss +.base-rspec-foss-impact: + extends: .rspec-base-pg13-as-if-foss needs: - pipeline: $PARENT_PIPELINE_ID job: detect-tests @@ -37,14 +37,54 @@ rspec foss-impact: variables: RSPEC_TESTS_FILTER_FILE: "${RSPEC_MATCHING_TESTS_FOSS_PATH}" RSPEC_TESTS_MAPPING_ENABLED: "true" -<% if Integer(parallel_value) > 1 %> - parallel: <%= parallel_value %> -<% end %> script: - !reference [.base-script, script] - - rspec_paralellized_job "--tag ~quarantine --tag ~level:migration --tag ~zoekt" + - rspec_paralellized_job "--tag ~quarantine --tag ~level:background_migration --tag ~zoekt" artifacts: expire_in: 7d paths: - "${RSPEC_MATCHING_TESTS_FOSS_PATH}" - tmp/capybara/ + +<% if rspec_files_per_test_level[:migration][:files].size > 0 %> +rspec migration foss-impact: + extends: .base-rspec-foss-impact +<% if rspec_files_per_test_level[:migration][:parallelization] > 1 %> + parallel: <%= rspec_files_per_test_level[:migration][:parallelization] %> +<% end %> + script: + - !reference [.base-script, script] + - rspec_paralellized_job "--tag ~quarantine --tag ~zoekt" +<% end %> + +<% if rspec_files_per_test_level[:background_migration][:files].size > 0 %> +rspec background_migration foss-impact: + extends: .base-rspec-foss-impact +<% if rspec_files_per_test_level[:background_migration][:parallelization] > 1 %> + parallel: <%= rspec_files_per_test_level[:background_migration][:parallelization] %> +<% end %> +<% end %> + +<% if rspec_files_per_test_level[:unit][:files].size > 0 %> +rspec unit foss-impact: + extends: .base-rspec-foss-impact +<% if rspec_files_per_test_level[:unit][:parallelization] > 1 %> + parallel: <%= rspec_files_per_test_level[:unit][:parallelization] %> +<% end %> +<% end %> + +<% if rspec_files_per_test_level[:integration][:files].size > 0 %> +rspec integration foss-impact: + extends: .base-rspec-foss-impact +<% if rspec_files_per_test_level[:integration][:parallelization] > 1 %> + parallel: <%= rspec_files_per_test_level[:integration][:parallelization] %> +<% end %> +<% end %> + +<% if rspec_files_per_test_level[:system][:files].size > 0 %> +rspec system foss-impact: + extends: .base-rspec-foss-impact +<% if rspec_files_per_test_level[:system][:parallelization] > 1 %> + parallel: <%= rspec_files_per_test_level[:system][:parallelization] %> +<% end %> +<% end %> diff --git a/.gitlab/ci/rails/rspec-predictive.gitlab-ci.yml.erb b/.gitlab/ci/rails/rspec-predictive.gitlab-ci.yml.erb new file mode 100644 index 00000000000..fcd8754c76a --- /dev/null +++ b/.gitlab/ci/rails/rspec-predictive.gitlab-ci.yml.erb @@ -0,0 +1,153 @@ +# RSpec preditive pipeline loaded dynamically by script: scripts/generate_rspec_pipeline.rb + +include: + - local: .gitlab/ci/rails/shared.gitlab-ci.yml + +default: + image: $DEFAULT_CI_IMAGE + tags: + - gitlab-org + # Default job timeout set to 90m https://gitlab.com/gitlab-com/gl-infra/infrastructure/-/issues/10520 + timeout: 90m + interruptible: true + +stages: + - test + +dont-interrupt-me: + extends: .rules:dont-interrupt + stage: .pre + interruptible: false + script: + - echo "This jobs makes sure this pipeline won't be interrupted! See https://docs.gitlab.com/ee/ci/yaml/#interruptible." + +.base-predictive: + needs: + - pipeline: $PARENT_PIPELINE_ID + job: detect-tests + - pipeline: $PARENT_PIPELINE_ID + job: setup-test-env + - pipeline: $PARENT_PIPELINE_ID + job: retrieve-tests-metadata + - pipeline: $PARENT_PIPELINE_ID + job: compile-test-assets + rules: + - when: always + variables: + RSPEC_TESTS_MAPPING_ENABLED: "true" + +<% if test_suite_prefix.nil? %> +.base-rspec-predictive: + extends: + - .rspec-base-pg12 + - .base-predictive + variables: + # We're using the FOSS one here because we want to exclude EE-only ones + # For EE-only ones, we have EE-only jobs. + RSPEC_TESTS_FILTER_FILE: "${RSPEC_MATCHING_TESTS_FOSS_PATH}" + +<% if rspec_files_per_test_level.dig(:migration, :files).size > 0 %> +rspec migration predictive: + extends: + - .base-rspec-predictive + - .rspec-base-migration +<% if rspec_files_per_test_level.dig(:migration, :parallelization) > 1 %> + parallel: <%= rspec_files_per_test_level.dig(:migration, :parallelization) %> +<% end %> +<% end %> + +<% if rspec_files_per_test_level.dig(:background_migration, :files).size > 0 %> +rspec background_migration predictive: + extends: + - .base-rspec-predictive + - .rspec-base-migration +<% if rspec_files_per_test_level.dig(:background_migration, :parallelization) > 1 %> + parallel: <%= rspec_files_per_test_level.dig(:background_migration, :parallelization) %> +<% end %> +<% end %> + +<% if rspec_files_per_test_level.dig(:unit, :files).size > 0 %> +rspec unit predictive: + extends: + - .base-rspec-predictive +<% if rspec_files_per_test_level.dig(:unit, :parallelization) > 1 %> + parallel: <%= rspec_files_per_test_level.dig(:unit, :parallelization) %> +<% end %> +<% end %> + +<% if rspec_files_per_test_level.dig(:integration, :files).size > 0 %> +rspec integration predictive: + extends: + - .base-rspec-predictive +<% if rspec_files_per_test_level.dig(:integration, :parallelization) > 1 %> + parallel: <%= rspec_files_per_test_level.dig(:integration, :parallelization) %> +<% end %> +<% end %> + +<% if rspec_files_per_test_level.dig(:system, :files).size > 0 %> +rspec system predictive: + extends: + - .base-rspec-predictive +<% if rspec_files_per_test_level.dig(:system, :parallelization) > 1 %> + parallel: <%= rspec_files_per_test_level.dig(:system, :parallelization) %> +<% end %> +<% end %> + +<% end %> + +<% if test_suite_prefix == 'ee/' %> +.base-rspec-ee-predictive: + extends: + - .rspec-ee-base-pg12 + - .base-predictive + variables: + RSPEC_TESTS_FILTER_FILE: "${RSPEC_MATCHING_TESTS_EE_PATH}" + +<% if rspec_files_per_test_level.dig(:migration, :files).size > 0 %> +rspec-ee migration predictive: + extends: + - .base-rspec-ee-predictive + - .rspec-base-migration +<% if rspec_files_per_test_level.dig(:migration, :parallelization) > 1 %> + parallel: <%= rspec_files_per_test_level.dig(:migration, :parallelization) %> +<% end %> +<% end %> + +<% if rspec_files_per_test_level.dig(:background_migration, :files).size > 0 %> +rspec-ee background_migration predictive: + extends: + - .base-rspec-ee-predictive + - .rspec-base-migration +<% if rspec_files_per_test_level.dig(:background_migration, :parallelization) > 1 %> + parallel: <%= rspec_files_per_test_level.dig(:background_migration, :parallelization) %> +<% end %> +<% end %> + +<% if rspec_files_per_test_level.dig(:unit, :files).size > 0 %> +rspec-ee unit predictive: + extends: + - .base-rspec-ee-predictive +<% if rspec_files_per_test_level.dig(:unit, :parallelization) > 1 %> + parallel: <%= rspec_files_per_test_level.dig(:unit, :parallelization) %> +<% end %> +<% end %> + +<% if rspec_files_per_test_level.dig(:integration, :files).size > 0 %> +rspec-ee integration predictive: + extends: + - .base-rspec-ee-predictive +<% if rspec_files_per_test_level.dig(:integration, :parallelization) > 1 %> + parallel: <%= rspec_files_per_test_level.dig(:integration, :parallelization) %> +<% end %> +<% end %> + +<% if rspec_files_per_test_level.dig(:system, :files).size > 0 %> +rspec-ee system predictive: + extends: + - .base-rspec-ee-predictive +<% if rspec_files_per_test_level.dig(:system, :parallelization) > 1 %> + parallel: <%= rspec_files_per_test_level.dig(:system, :parallelization) %> +<% end %> +<% end %> + +<% end %> diff --git a/.gitlab/ci/rails/shared.gitlab-ci.yml b/.gitlab/ci/rails/shared.gitlab-ci.yml index 4943f7c2e28..33aef166afd 100644 --- a/.gitlab/ci/rails/shared.gitlab-ci.yml +++ b/.gitlab/ci/rails/shared.gitlab-ci.yml @@ -25,20 +25,24 @@ include: # gems could not be found under some circumstance. No idea why, hours wasted. - run_timed_command "gem install knapsack --no-document" - echo -e "\e[0Ksection_start:`date +%s`:gitaly-test-spawn[collapsed=true]\r\e[0KStarting Gitaly" - - run_timed_command "scripts/gitaly-test-spawn" # Do not use 'bundle exec' here + - section_start "gitaly-test-spawn" "Spawning Gitaly"; scripts/gitaly-test-spawn; section_end "gitaly-test-spawn" # Do not use 'bundle exec' here - echo -e "\e[0Ksection_end:`date +%s`:gitaly-test-spawn\r\e[0K" -.predictive-rspec-tests: - variables: - RSPEC_TESTS_MAPPING_ENABLED: "true" - .single-db: variables: DECOMPOSED_DB: "false" +.single-db-ci-connection: + extends: .single-db + variables: + CI_CONNECTION_DB: "true" + .single-db-rspec: extends: .single-db +.single-db-ci-connection-rspec: + extends: .single-db-ci-connection + .praefect-with-db: variables: GITALY_PRAEFECT_WITH_DB: '1' @@ -53,7 +57,6 @@ include: RUBY_GC_MALLOC_LIMIT_MAX: 134217728 RECORD_DEPRECATIONS: "true" GEO_SECONDARY_PROXY: 0 - RSPEC_TESTS_FILTER_FILE: "${RSPEC_MATCHING_TESTS_PATH}" SUCCESSFULLY_RETRIED_TEST_EXIT_CODE: 137 needs: - job: "setup-test-env" @@ -92,21 +95,21 @@ include: - !reference [.base-script, script] - rspec_paralellized_job "--tag ~quarantine --tag ~zoekt" -.rspec-base-pg11: +.rspec-base-pg12: extends: - .rspec-base - - .use-pg11 + - .use-pg12 -.rspec-base-pg12: +.rspec-base-pg13: extends: - .rspec-base - - .use-pg12 + - .use-pg13 -.rspec-base-pg12-as-if-foss: +.rspec-base-pg13-as-if-foss: extends: - .rspec-base - .as-if-foss - - .use-pg12 + - .use-pg13 needs: - job: "setup-test-env" - job: "retrieve-tests-metadata" @@ -114,49 +117,67 @@ include: - job: "detect-tests" optional: true -.rspec-base-pg13: +.rspec-base-pg14: extends: - .rspec-base - - .use-pg13 + - .use-pg14 -.rspec-ee-base-pg11: +.rspec-ee-base-pg12: extends: - .rspec-base - - .use-pg11-es7-ee + - .use-pg12-es7-ee -.rspec-ee-base-pg12: +.rspec-ee-base-pg13: extends: - .rspec-base - - .use-pg12-es7-ee + - .use-pg13-es7-ee -.rspec-ee-base-pg12-es8: +.rspec-ee-base-pg13-es8: extends: - .rspec-base - - .use-pg12-es8-ee + - .use-pg13-es8-ee - .rails:rules:run-search-tests -.rspec-ee-base-pg12-opensearch1: +.rspec-ee-base-pg13-opensearch1: extends: - .rspec-base - - .use-pg12-opensearch1-ee + - .use-pg13-opensearch1-ee - .rails:rules:run-search-tests -.rspec-ee-base-pg12-opensearch2: +.rspec-ee-base-pg13-opensearch2: extends: - .rspec-base - - .use-pg12-opensearch2-ee + - .use-pg13-opensearch2-ee - .rails:rules:run-search-tests -.rspec-ee-base-pg13: +.rspec-ee-base-pg14: extends: - .rspec-base - - .use-pg13-es7-ee + - .use-pg14-es7-ee + +.rspec-ee-base-pg14-es8: + extends: + - .rspec-base + - .use-pg14-es8-ee + - .rails:rules:run-search-tests + +.rspec-ee-base-pg14-opensearch1: + extends: + - .rspec-base + - .use-pg14-opensearch1-ee + - .rails:rules:run-search-tests + +.rspec-ee-base-pg14-opensearch2: + extends: + - .rspec-base + - .use-pg14-opensearch2-ee + - .rails:rules:run-search-tests .db-job-base: extends: - .rails-job-base - .rails:rules:ee-and-foss-migration - - .use-pg12 + - .use-pg13 stage: test needs: ["setup-test-env"] # rspec job base specs diff --git a/.gitlab/ci/release-environments/main.gitlab-ci.yml b/.gitlab/ci/release-environments/main.gitlab-ci.yml index e2fed0a6dbd..aa6afee57ae 100644 --- a/.gitlab/ci/release-environments/main.gitlab-ci.yml +++ b/.gitlab/ci/release-environments/main.gitlab-ci.yml @@ -4,6 +4,7 @@ default: stages: - prepare + - deploy include: - local: .gitlab/ci/global.gitlab-ci.yml @@ -56,7 +57,38 @@ release-environments-build-cng: GITLAB_SHELL_VERSION: "${GITLAB_SHELL_VERSION}" GITALY_SERVER_VERSION: "${GITALY_SERVER_VERSION}" RUBY_VERSION: "${FULL_RUBY_VERSION}" + IMAGE_TAG_EXT: "-${CI_COMMIT_SHORT_SHA}" trigger: project: gitlab-org/build/CNG-mirror branch: $TRIGGER_BRANCH strategy: depend + +release-environments-deploy-env: + allow_failure: true + stage: deploy + needs: ["release-environments-build-cng"] + variables: + DEPLOY_ENV: deploy.env + script: + - ./scripts/construct-release-environments-versions.rb > $DEPLOY_ENV + artifacts: + reports: + dotenv: $DEPLOY_ENV + paths: + - $DEPLOY_ENV + expire_in: 7 days + when: always + +release-environments-deploy: + allow_failure: true + stage: deploy + needs: ["release-environments-deploy-env"] + inherit: + variables: false + variables: + VERSIONS: "${VERSIONS}" + ENVIRONMENT: "${ENVIRONMENT}" + trigger: + project: gitlab-com/gl-infra/release-environments + branch: main + strategy: depend diff --git a/.gitlab/ci/reports.gitlab-ci.yml b/.gitlab/ci/reports.gitlab-ci.yml index 3242ca29d75..b072b3dc772 100644 --- a/.gitlab/ci/reports.gitlab-ci.yml +++ b/.gitlab/ci/reports.gitlab-ci.yml @@ -3,7 +3,6 @@ include: - template: Jobs/SAST.gitlab-ci.yml - template: Jobs/Secret-Detection.gitlab-ci.yml - template: Jobs/Dependency-Scanning.gitlab-ci.yml - - template: Jobs/License-Scanning.gitlab-ci.yml code_quality: extends: @@ -32,7 +31,7 @@ code_quality: variables: SAST_BRAKEMAN_LEVEL: 2 # GitLab-specific SAST_EXCLUDED_PATHS: "qa, spec, doc, ee/spec, config/gitlab.yml.example, tmp" # GitLab-specific - SAST_EXCLUDED_ANALYZERS: bandit, flawfinder, phpcs-security-audit, pmd-apex, security-code-scan, spotbugs, eslint, nodejs-scan + SAST_EXCLUDED_ANALYZERS: bandit, flawfinder, phpcs-security-audit, pmd-apex, security-code-scan, spotbugs, eslint, nodejs-scan, sobelow brakeman-sast: rules: !reference [".reports:rules:brakeman-sast", rules] @@ -126,11 +125,3 @@ package_hunter-bundler: - .reports:rules:package_hunter-bundler variables: PACKAGE_MANAGER: bundler - -license_scanning: - extends: .default-retry - stage: lint - needs: [] - artifacts: - expire_in: 1 week # GitLab-specific - rules: !reference [".reports:rules:license_scanning", rules] diff --git a/.gitlab/ci/review-apps/dast.gitlab-ci.yml b/.gitlab/ci/review-apps/dast.gitlab-ci.yml index 8f0c6b60190..d3019577ab4 100644 --- a/.gitlab/ci/review-apps/dast.gitlab-ci.yml +++ b/.gitlab/ci/review-apps/dast.gitlab-ci.yml @@ -5,14 +5,14 @@ extends: - .reports:rules:schedule-dast image: - name: "${REGISTRY_HOST}/security-products/dast:$DAST_VERSION" + name: "${CI_TEMPLATE_REGISTRY_HOST}/security-products/dast:$DAST_VERSION" resource_group: dast_scan variables: - DAST_USERNAME_FIELD: "user[login]" - DAST_PASSWORD_FIELD: "user[password]" - DAST_SUBMIT_FIELD: "name:button" + DAST_USERNAME_FIELD: "name:user[login]" + DAST_PASSWORD_FIELD: "name:user[password]" + DAST_SUBMIT_FIELD: "css:.js-sign-in-button" DAST_FULL_SCAN_ENABLED: "true" - DAST_VERSION: 2 + DAST_VERSION: 3 GIT_STRATEGY: none # -Xmx is used to set the JVM memory to 6GB to prevent DAST OutOfMemoryError. DAST_ZAP_CLI_OPTIONS: "-Xmx6144m" diff --git a/.gitlab/ci/review-apps/main.gitlab-ci.yml b/.gitlab/ci/review-apps/main.gitlab-ci.yml index 369330f8189..680254a6640 100644 --- a/.gitlab/ci/review-apps/main.gitlab-ci.yml +++ b/.gitlab/ci/review-apps/main.gitlab-ci.yml @@ -4,6 +4,7 @@ default: stages: - prepare - deploy + - post-deploy - qa - post-qa - dast @@ -89,13 +90,13 @@ review-build-cng: strategy: depend .review-workflow-base: - extends: - - .default-retry image: ${REVIEW_APPS_IMAGE} + retry: + max: 2 # This is confusing but this means "3 runs at max" variables: HOST_SUFFIX: "${CI_ENVIRONMENT_SLUG}" DOMAIN: "-${CI_ENVIRONMENT_SLUG}.${REVIEW_APPS_DOMAIN}" - GITLAB_HELM_CHART_REF: "afcef7854ac72c5ff958035ef210ba6c68ec800b" # 6.8.0: https://gitlab.com/gitlab-org/charts/gitlab/-/commit/afcef7854ac72c5ff958035ef210ba6c68ec800b + GITLAB_HELM_CHART_REF: "febc4ad69acb7bba0eeb4a62daa577d0b7c3ee71" # 6.9.1: https://gitlab.com/gitlab-org/charts/gitlab/-/commit/febc4ad69acb7bba0eeb4a62daa577d0b7c3ee71 environment: name: review/${CI_COMMIT_REF_SLUG}${SCHEDULE_TYPE} # No separator for SCHEDULE_TYPE so it's compatible as before and looks nice without it url: https://gitlab-${CI_ENVIRONMENT_SLUG}.${REVIEW_APPS_DOMAIN} @@ -109,7 +110,7 @@ review-deploy: image: ${GITLAB_DEPENDENCY_PROXY_ADDRESS}dtzar/helm-kubectl:3.9.3 needs: - review-build-cng - - review-delete-deployment # We always want to start from a clean slate (i.e. no helm release, no k8s namespace) + - review-delete-deployment # We always want to start from a clean slate (i.e. no helm release, no k8s namespace) cache: key: "review-deploy-dependencies-charts-${GITLAB_HELM_CHART_REF}-v1" paths: @@ -125,6 +126,7 @@ review-deploy: - *base-before_script - !reference [".use-kube-context", before_script] script: + - run_timed_command "retry delete_helm_release" - run_timed_command "check_kube_domain" - run_timed_command "download_chart" - run_timed_command "deploy" || (display_deployment_debug && exit 1) diff --git a/.gitlab/ci/review-apps/qa.gitlab-ci.yml b/.gitlab/ci/review-apps/qa.gitlab-ci.yml index edca2cae1c6..c01317ad9bd 100644 --- a/.gitlab/ci/review-apps/qa.gitlab-ci.yml +++ b/.gitlab/ci/review-apps/qa.gitlab-ci.yml @@ -1,10 +1,11 @@ include: - project: gitlab-org/quality/pipeline-common - ref: 2.0.0 + ref: 3.1.3 file: - /ci/base.gitlab-ci.yml - /ci/allure-report.yml - /ci/knapsack-report.yml + - template: Verify/Browser-Performance.gitlab-ci.yml .test-variables: variables: @@ -39,7 +40,6 @@ include: WD_INSTALL_DIR: /usr/local/bin RSPEC_REPORT_OPTS: --force-color --order random --format documentation --format RspecJunitFormatter --out tmp/rspec-${CI_JOB_ID}.xml script: - - export EE_LICENSE="$(cat $REVIEW_APPS_EE_LICENSE_FILE)" - QA_COMMAND="bundle exec bin/qa ${QA_SCENARIO} ${QA_GITLAB_URL} -- ${QA_TESTS} ${RSPEC_REPORT_OPTS}" - echo "Running - '${QA_COMMAND}'" - eval "$QA_COMMAND" @@ -107,31 +107,14 @@ review-qa-non-blocking-parallel: - .rules:qa-non-blocking-parallel parallel: 5 -review-performance: +browser_performance: extends: - .default-retry - .review:rules:review-performance - image: - name: sitespeedio/sitespeed.io - entrypoint: [""] stage: qa needs: ["review-deploy"] - before_script: - - export CI_ENVIRONMENT_URL="$(cat environment_url.txt)" - - echo "${CI_ENVIRONMENT_URL}" - - mkdir -p gitlab-exporter - - wget -O ./gitlab-exporter/index.js https://gitlab.com/gitlab-org/gl-performance/raw/master/index.js - - mkdir -p sitespeed-results - script: - - /start.sh --plugins.add ./gitlab-exporter --outputFolder sitespeed-results "${CI_ENVIRONMENT_URL}" - after_script: - - mv sitespeed-results/data/performance.json performance.json - artifacts: - paths: - - sitespeed-results/ - reports: - performance: performance.json - expire_in: 31d + variables: + URL: environment_url.txt e2e-test-report: extends: @@ -186,7 +169,7 @@ notify-slack: TYPE: "(review-app) " when: on_failure script: - - bundle exec gitlab-qa-report --prepare-stage-reports "$CI_PROJECT_DIR/qa/tmp/rspec-*.xml" # generate summary + - bundle exec prepare-stage-reports --input-files "${CI_PROJECT_DIR}/qa/tmp/rspec-*.xml" - !reference [.notify-slack-qa, script] export-test-metrics: diff --git a/.gitlab/ci/review-apps/rules.gitlab-ci.yml b/.gitlab/ci/review-apps/rules.gitlab-ci.yml index a3ae31cb14c..a4b667c6645 100644 --- a/.gitlab/ci/review-apps/rules.gitlab-ci.yml +++ b/.gitlab/ci/review-apps/rules.gitlab-ci.yml @@ -20,7 +20,7 @@ # Run all tests when framework changes present or explicitly enabled full suite execution .qa-run-all-tests: &qa-run-all-tests - if: $QA_FRAMEWORK_CHANGES == "true" || $QA_RUN_ALL_TESTS == "true" + if: $QA_FRAMEWORK_CHANGES == "true" || $QA_RUN_ALL_TESTS == "true" || $QA_RUN_ALL_E2E_LABEL == "true" .default-branch: &default-branch if: $CI_COMMIT_REF_NAME == $CI_DEFAULT_BRANCH diff --git a/.gitlab/ci/review.gitlab-ci.yml b/.gitlab/ci/review.gitlab-ci.yml index f0e87e0161a..6d38c651985 100644 --- a/.gitlab/ci/review.gitlab-ci.yml +++ b/.gitlab/ci/review.gitlab-ci.yml @@ -16,7 +16,7 @@ review-cleanup: - install_gitlab_gem - setup_gcloud script: - - scripts/review_apps/automated_cleanup.rb || (scripts/slack review-apps-monitoring "☠️ \`${CI_JOB_NAME}\` failed! ☠️ See ${CI_JOB_URL} - <https://gitlab.com/gitlab-org/quality/engineering-productivity/team/-/blob/main/runbooks/review-apps.md#review-cleanup-job-failed|📗 RUNBOOK 📕>" warning "GitLab Bot" && exit 1); + - scripts/review_apps/automated_cleanup.rb --dry-run="${DRY_RUN:-false}" || (scripts/slack review-apps-monitoring "☠️ \`${CI_JOB_NAME}\` failed! ☠️ See ${CI_JOB_URL} - <https://gitlab.com/gitlab-org/quality/engineering-productivity/team/-/blob/main/runbooks/review-apps.md#review-cleanup-job-failed|📗 RUNBOOK 📕>" warning "GitLab Bot" && exit 1); review-stop: extends: diff --git a/.gitlab/ci/rules.gitlab-ci.yml b/.gitlab/ci/rules.gitlab-ci.yml index 2762b4e5137..8fcea840cfe 100644 --- a/.gitlab/ci/rules.gitlab-ci.yml +++ b/.gitlab/ci/rules.gitlab-ci.yml @@ -41,16 +41,11 @@ # Once https://gitlab.com/gitlab-org/gitlab/-/issues/373904 is implemented, we should be able to change this back to # if: '($CI_MERGE_REQUEST_EVENT_TYPE == "merged_result" || $CI_MERGE_REQUEST_EVENT_TYPE == "detached") && $CI_MERGE_REQUEST_APPROVALS_COUNT > 0' # or any similar condition to check that the MR has *any* approval (not just required approval). -# -# Temprorarily adding || $CI_MERGE_REQUEST_LABELS =~ /pipeline:run-full-rspec/ for backward compatibility, -# remove once https://gitlab.com/gitlab-org/quality/quality-engineering/team-tasks/-/issues/1557 is fully rolled out .if-merge-request-approved: &if-merge-request-approved - if: '($CI_MERGE_REQUEST_EVENT_TYPE == "merged_result" || $CI_MERGE_REQUEST_EVENT_TYPE == "detached") && $CI_MERGE_REQUEST_LABELS =~ /pipeline:mr-approved/ || $CI_MERGE_REQUEST_LABELS =~ /pipeline:run-full-rspec/' + if: '($CI_MERGE_REQUEST_EVENT_TYPE == "merged_result" || $CI_MERGE_REQUEST_EVENT_TYPE == "detached") && $CI_MERGE_REQUEST_LABELS =~ /pipeline:mr-approved/' -# Temprorarily adding && $CI_MERGE_REQUEST_LABELS !~ /pipeline:run-full-rspec/ for backward compatibility, -# remove once https://gitlab.com/gitlab-org/quality/quality-engineering/team-tasks/-/issues/1557 is fully rolled out .if-merge-request-not-approved: &if-merge-request-not-approved - if: '($CI_MERGE_REQUEST_EVENT_TYPE == "merged_result" || $CI_MERGE_REQUEST_EVENT_TYPE == "detached") && $CI_MERGE_REQUEST_LABELS !~ /pipeline:mr-approved/ && $CI_MERGE_REQUEST_LABELS !~ /pipeline:run-full-rspec/' + if: '($CI_MERGE_REQUEST_EVENT_TYPE == "merged_result" || $CI_MERGE_REQUEST_EVENT_TYPE == "detached") && $CI_MERGE_REQUEST_LABELS !~ /pipeline:mr-approved/' .if-automated-merge-request: &if-automated-merge-request if: '$CI_MERGE_REQUEST_SOURCE_BRANCH_NAME == "release-tools/update-gitaly" || $CI_MERGE_REQUEST_TARGET_BRANCH_NAME =~ /stable-ee$/' @@ -85,8 +80,8 @@ .if-merge-request-labels-run-review-app: &if-merge-request-labels-run-review-app if: '$CI_MERGE_REQUEST_LABELS =~ /pipeline:run-review-app/' -.if-merge-request-labels-run-on-pg11: &if-merge-request-labels-run-on-pg11 - if: '$CI_MERGE_REQUEST_LABELS =~ /pipeline:run-on-pg11/' +.if-merge-request-labels-run-on-pg12: &if-merge-request-labels-run-on-pg12 + if: '$CI_MERGE_REQUEST_LABELS =~ /pipeline:run-on-pg12/' .if-merge-request-labels-skip-undercoverage: &if-merge-request-labels-skip-undercoverage if: '$CI_MERGE_REQUEST_LABELS =~ /pipeline:skip-undercoverage/' @@ -98,7 +93,7 @@ if: '$CI_MERGE_REQUEST_LABELS =~ /group::global search/' .if-merge-request-labels-pipeline-expedite: &if-merge-request-labels-pipeline-expedite - if: '($CI_MERGE_REQUEST_LABELS =~ /master:(foss-)?broken/ || $CI_MERGE_REQUEST_TITLE =~ /^[Rr]evert/) && $CI_MERGE_REQUEST_LABELS =~ /pipeline:expedite/' + if: '($CI_MERGE_REQUEST_LABELS =~ /master:(foss-)?broken/ || $CI_MERGE_REQUEST_LABELS =~ /quarantine/) && $CI_MERGE_REQUEST_LABELS =~ /pipeline:expedite/' .if-merge-request-labels-frontend-and-feature-flag: &if-merge-request-labels-frontend-and-feature-flag if: '$CI_MERGE_REQUEST_LABELS =~ /frontend/ && $CI_MERGE_REQUEST_LABELS =~ /feature flag/' @@ -127,6 +122,9 @@ .if-foss-schedule: &if-foss-schedule if: '$CI_PROJECT_PATH == "gitlab-org/gitlab-foss" && $CI_PIPELINE_SOURCE == "schedule"' +.if-foss-default-branch: &if-foss-default-branch + if: '$CI_PROJECT_PATH == "gitlab-org/gitlab-foss" && $CI_COMMIT_REF_NAME == $CI_DEFAULT_BRANCH' + .if-dot-com-gitlab-org-schedule: &if-dot-com-gitlab-org-schedule if: '$CI_SERVER_HOST == "gitlab.com" && $CI_PROJECT_NAMESPACE == "gitlab-org" && $CI_PIPELINE_SOURCE == "schedule"' @@ -154,12 +152,6 @@ .if-ruby2-branch: &if-ruby2-branch if: '$CI_COMMIT_BRANCH == "ruby2"' -# For Security merge requests, the gitlab-release-tools-bot triggers a new -# pipeline for the "Pipelines for merged results" feature. If the pipeline -# fails, we notify release managers. -.if-security-pipeline-merge-result: &if-security-pipeline-merge-result - if: '$CI_PIPELINE_SOURCE == "merge_request_event" && $CI_MERGE_REQUEST_TARGET_BRANCH_NAME == $CI_DEFAULT_BRANCH && $CI_PROJECT_NAMESPACE == "gitlab-org/security" && $GITLAB_USER_LOGIN == "gitlab-release-tools-bot"' - #################### # Changes patterns # #################### @@ -280,6 +272,7 @@ # This list should match the list in Tasks::Gitlab::Assets.assets_impacting_compilation .assets-compilation-patterns: &assets-compilation-patterns - "{package.json,yarn.lock}" + - "{Gemfile,Gemfile.lock}" - ".browserslistrc" - "babel.config.js" - "config/webpack.config.js" @@ -310,6 +303,9 @@ .models-patterns: &models-patterns - "{,ee/,jh/}{app/models}/**/*" +.decomposed-db-models-patterns: &decomposed-db-models-patterns + - "{,ee/,jh/}app/models/{ci,geo}/**/*" + .lib-gitlab-patterns: &lib-gitlab-patterns - "{,ee/,jh/}lib/{,ee/,jh/}gitlab/**/*" @@ -349,11 +345,13 @@ - "{,ee/,jh/}{,spec/}lib/{,ee/,jh/}gitlab/background_migration/**/*" - "{,ee/,jh/}{,spec/}lib/{,ee/,jh/}gitlab/database{,_spec}.rb" - "{,ee/,jh/}{,spec/}lib/{,ee/,jh/}gitlab/database/**/*" + - "{,ee/,jh/}spec/support/db_cleaner.rb" - "{,ee/,jh/}spec/support/helpers/database/**/*" - "{,ee/,jh/}spec/support/helpers/migrations_helpers/**/*" - "lib/api/admin/batched_background_migrations.rb" - "lib/gitlab/markdown_cache/active_record/**/*" - "spec/requests/api/admin/batched_background_migrations_spec.rb" + - "spec/support/database_cleaner.rb" - "config/prometheus/common_metrics.yml" # Used by Gitlab::DatabaseImporters::CommonMetrics::Importer - "{,ee/,jh/}app/models/project_statistics.rb" # Used to calculate sizes in migration specs # Gitaly has interactions with background migrations: https://gitlab.com/gitlab-org/gitlab/-/issues/336538 @@ -419,7 +417,7 @@ - ".stylelintrc" - "Dockerfile.assets" - "vendor/assets/**/*" - - ".{eslintignore,gitattributes,nvmrc,prettierrc,stylelintrc,yamllint}" + - ".{eslintrc.yml,eslintignore,gitattributes,nvmrc,prettierrc,stylelintrc,yamllint}" - "*_VERSION" - "{,jh/}Gemfile{,.lock}" - "Rakefile" @@ -590,7 +588,6 @@ ################## # Conditions set # ################## - .strict-ee-only-rules: rules: - <<: *if-not-ee @@ -607,17 +604,9 @@ - <<: *if-merge-request-labels-pipeline-expedite when: never -.rails:rules:predictive-default-rules: - rules: - - <<: *if-merge-request-approved - when: never - - <<: *if-automated-merge-request - when: never - - <<: *if-security-merge-request - when: never - .rails:rules:run-search-tests: rules: + - !reference [".rails:rules:default-branch-schedule-nightly--code-backstage-ee-only", rules] - <<: *if-merge-request-labels-group-global-search changes: *search-backend-patterns - <<: *if-merge-request-labels-group-global-search @@ -625,6 +614,8 @@ .rails:rules:ee-and-foss-default-rules: rules: + - <<: *if-merge-request-labels-pipeline-expedite + when: never - <<: *if-merge-request-labels-run-all-rspec - <<: *if-merge-request changes: *core-backend-patterns @@ -635,6 +626,44 @@ - <<: *if-merge-request-not-approved when: never +.rails:rules:system-default-rules: + rules: + - <<: *if-merge-request-labels-pipeline-expedite + when: never + - <<: *if-merge-request-labels-run-all-rspec + - <<: *if-merge-request + changes: *core-backend-patterns + - <<: *if-merge-request + changes: *workhorse-patterns + - <<: *if-automated-merge-request + changes: *code-backstage-patterns + - <<: *if-security-merge-request + changes: *code-backstage-patterns + - <<: *if-merge-request-not-approved + when: never + +.rails:rules:previous-failed-tests-default-rules: + rules: + - <<: *if-merge-request-labels-pipeline-expedite + when: never + - <<: *if-security-merge-request + when: never + - <<: *if-merge-request-labels-run-all-rspec + - <<: *if-merge-request + changes: *code-backstage-patterns + +########################### +# Conditions set for JiHu # +########################### +.rails:rules:predictive-default-rules: + rules: + - <<: *if-merge-request-approved + when: never + - <<: *if-automated-merge-request + when: never + - <<: *if-security-merge-request + when: never + .rails:rules:as-if-foss-migration-unit-integration:predictive-default-rules: rules: - <<: *if-merge-request @@ -650,43 +679,115 @@ when: never - !reference [".rails:rules:as-if-foss-migration-unit-integration:predictive-default-rules", rules] -.rails:rules:system-default-rules: +.rails:rules:system:predictive-default-rules: rules: - <<: *if-merge-request-labels-run-all-rspec + when: never - <<: *if-merge-request changes: *core-backend-patterns + when: never - <<: *if-merge-request changes: *workhorse-patterns - - <<: *if-automated-merge-request - changes: *code-backstage-patterns - - <<: *if-security-merge-request - changes: *code-backstage-patterns - - <<: *if-merge-request-not-approved when: never + - <<: *if-merge-request + changes: *ci-patterns + when: never + - <<: *if-merge-request + changes: *code-backstage-patterns -.rails:rules:system:predictive-default-rules: +.rails:rules:ee-and-foss-migration:predictive: rules: - - <<: *if-merge-request-labels-run-all-rspec + - <<: *if-fork-merge-request + changes: *db-patterns + - !reference [".rails:rules:predictive-default-rules", rules] + - !reference [".rails:rules:unit-integration:predictive-default-rules", rules] + # When DB schema changes, many migrations spec may be affected. However, the test mapping from Crystalball does not map db change to a specific migration spec well. + # See https://gitlab.com/gitlab-org/gitlab/-/merge_requests/68840. + - <<: *if-merge-request + changes: *db-patterns when: never + +.rails:rules:ee-and-foss-background-migration:predictive: + rules: + - !reference [".rails:rules:ee-and-foss-migration:predictive", rules] - <<: *if-merge-request - changes: *core-backend-patterns + changes: *backend-patterns + +.rails:rules:ee-and-foss-unit:predictive: + rules: + - <<: *if-fork-merge-request + changes: *backend-patterns + - !reference [".rails:rules:predictive-default-rules", rules] + - !reference [".rails:rules:unit-integration:predictive-default-rules", rules] + - <<: *if-merge-request + changes: *backend-patterns + - <<: *if-merge-request + changes: *backstage-patterns + +.rails:rules:ee-and-foss-integration:predictive: + rules: + - <<: *if-fork-merge-request + changes: *backend-patterns + - !reference [".rails:rules:predictive-default-rules", rules] + - !reference [".rails:rules:unit-integration:predictive-default-rules", rules] + - <<: *if-merge-request + changes: *backend-patterns + +.rails:rules:ee-and-foss-system:predictive: + rules: + - <<: *if-fork-merge-request + changes: *code-backstage-patterns + - !reference [".rails:rules:predictive-default-rules", rules] + - !reference [".rails:rules:system:predictive-default-rules", rules] + +.rails:rules:ee-only-migration:predictive: + rules: + - <<: *if-not-ee when: never + - !reference [".rails:rules:predictive-default-rules", rules] + - !reference [".rails:rules:unit-integration:predictive-default-rules", rules] + # When DB schema changes, many migrations spec may be affected. However, the test mapping from Crystalball does not map db change to a specific migration spec well. + # See https://gitlab.com/gitlab-org/gitlab/-/merge_requests/68840. - <<: *if-merge-request - changes: *workhorse-patterns + changes: *db-patterns when: never + +.rails:rules:ee-only-background-migration:predictive: + rules: + - !reference [".rails:rules:ee-only-migration:predictive", rules] - <<: *if-merge-request - changes: *ci-patterns + changes: *backend-patterns + +.rails:rules:ee-only-unit:predictive: + rules: + - <<: *if-not-ee when: never + - <<: *if-fork-merge-request + changes: *backend-patterns + - !reference [".rails:rules:predictive-default-rules", rules] + - !reference [".rails:rules:unit-integration:predictive-default-rules", rules] - <<: *if-merge-request - changes: *code-backstage-patterns + changes: *backend-patterns -.rails:rules:previous-failed-tests-default-rules: +.rails:rules:ee-only-integration:predictive: rules: - - <<: *if-security-merge-request + - <<: *if-not-ee when: never - - <<: *if-merge-request-labels-run-all-rspec + - <<: *if-fork-merge-request + changes: *backend-patterns + - !reference [".rails:rules:predictive-default-rules", rules] + - !reference [".rails:rules:unit-integration:predictive-default-rules", rules] - <<: *if-merge-request + changes: *backend-patterns + +.rails:rules:ee-only-system:predictive: + rules: + - <<: *if-not-ee + when: never + - <<: *if-fork-merge-request changes: *code-backstage-patterns + - !reference [".rails:rules:predictive-default-rules", rules] + - !reference [".rails:rules:system:predictive-default-rules", rules] ################ # Shared rules # @@ -711,12 +812,27 @@ rules: - <<: *if-not-canonical-namespace when: never + - <<: *if-merge-request-labels-pipeline-expedite + when: never - <<: *if-merge-request-targeting-stable-branch - <<: *if-merge-request-labels-run-review-app - - <<: *if-dot-com-gitlab-org-and-security-merge-request + - <<: *if-merge-request changes: *ci-build-images-patterns - - <<: *if-dot-com-gitlab-org-and-security-merge-request + - <<: *if-merge-request changes: *code-qa-patterns + # Rules to support .qa:rules:package-and-test-ee + - <<: *if-merge-request + changes: *dependency-patterns + - <<: *if-merge-request-labels-run-all-e2e + - <<: *if-dot-com-gitlab-org-and-security-merge-request-manual-ff-package-and-e2e + changes: *feature-flag-development-config-patterns + - <<: *if-merge-request + changes: *feature-flag-development-config-patterns + - <<: *if-merge-request + changes: *nodejs-patterns + - <<: *if-merge-request + changes: *ci-qa-patterns + - <<: *if-force-ci .build-images:rules:build-qa-image: rules: @@ -735,7 +851,6 @@ - <<: *if-dot-com-gitlab-org-schedule variables: ARCH: amd64,arm64 - - <<: *if-force-ci - <<: *if-ruby2-branch .build-images:rules:build-qa-image-as-if-foss: @@ -759,14 +874,37 @@ rules: - <<: *if-not-canonical-namespace when: never + - <<: *if-merge-request-labels-pipeline-expedite + when: never - <<: *if-merge-request-targeting-stable-branch + - <<: *if-ruby2-branch - <<: *if-merge-request-labels-run-review-app - <<: *if-auto-deploy-branches - - <<: *if-ruby2-branch - <<: *if-default-refs changes: *ci-build-images-patterns - <<: *if-default-refs changes: *code-qa-patterns + # Rules to support .qa:rules:package-and-test-ee + - <<: *if-merge-request + changes: *dependency-patterns + - <<: *if-merge-request-labels-run-all-e2e + - <<: *if-dot-com-gitlab-org-and-security-merge-request-manual-ff-package-and-e2e + changes: *feature-flag-development-config-patterns + - <<: *if-merge-request + changes: *feature-flag-development-config-patterns + - <<: *if-merge-request + changes: *nodejs-patterns + - <<: *if-merge-request + changes: *ci-qa-patterns + - <<: *if-force-ci + +.build-images:rules:build-assets-image-as-if-foss: + rules: + - <<: *if-not-ee + when: never + - <<: *if-merge-request-labels-pipeline-expedite + when: never + - !reference [".build-images:rules:build-assets-image", "rules"] ################# # Caching rules # @@ -827,19 +965,13 @@ - changes: - scripts/lint_templates_bash.rb -################## -# Delivery rules # -################## -.delivery:rules:security-pipeline-merge-result-failure: - rules: - - <<: *if-security-pipeline-merge-result - when: on_failure - ###################### # Dev fixtures rules # ###################### .dev-fixtures:rules:ee-and-foss: rules: + - <<: *if-merge-request-labels-pipeline-expedite + when: never - <<: *if-default-refs changes: *code-backstage-patterns @@ -847,6 +979,8 @@ rules: - <<: *if-not-ee when: never + - <<: *if-merge-request-labels-pipeline-expedite + when: never - <<: *if-default-refs changes: *code-backstage-patterns @@ -892,6 +1026,8 @@ rules: # The `glfm-verify` job has dependencies on EE, so only run it for EE - !reference [".strict-ee-only-rules", rules] + - <<: *if-merge-request-labels-pipeline-expedite + when: never # If any of the files that are DIRECTLY related to generating or managing the GLFM specification change, # run `glfm-verify` to get quick feedback on any needed updates, even if the MR is not yet approved - changes: *glfm-patterns @@ -918,7 +1054,6 @@ ################## # Frontend rules # ################## - .frontend:rules:predictive-default-rules: rules: - <<: *if-merge-request-approved @@ -927,13 +1062,18 @@ when: never - <<: *if-security-merge-request when: never + - <<: *if-merge-request-labels-pipeline-expedite + when: never .frontend:rules:compile-production-assets: rules: - <<: *if-not-canonical-namespace when: never + - <<: *if-merge-request-labels-pipeline-expedite + when: never - <<: *if-merge-request-targeting-stable-branch - <<: *if-merge-request-labels-run-review-app + - <<: *if-merge-request-labels-run-all-e2e - <<: *if-auto-deploy-branches - <<: *if-ruby2-branch - <<: *if-default-refs @@ -943,6 +1083,14 @@ - <<: *if-default-refs changes: *workhorse-patterns +.frontend:rules:compile-production-assets-as-if-foss: + rules: + - <<: *if-not-canonical-namespace + when: never + - <<: *if-not-ee + when: never + - !reference [.frontend:rules:compile-production-assets, rules] + .frontend:rules:compile-test-assets: rules: - <<: *if-merge-request-labels-run-all-rspec @@ -967,13 +1115,18 @@ .frontend:rules:default-frontend-jobs: rules: + - <<: *if-merge-request-labels-pipeline-expedite + when: never - <<: *if-merge-request-labels-run-all-rspec + - <<: *if-merge-request-labels-frontend-and-feature-flag - <<: *if-default-refs changes: *code-backstage-patterns .frontend:rules:default-frontend-jobs-as-if-foss: rules: - !reference [".strict-ee-only-rules", rules] + - <<: *if-merge-request-labels-pipeline-expedite + when: never - <<: *if-security-merge-request changes: *code-backstage-patterns - <<: *if-merge-request-labels-as-if-foss @@ -992,8 +1145,28 @@ - <<: *if-merge-request changes: *frontend-patterns-for-as-if-foss +.frontend:rules:upload-frontend-fixtures: + rules: + # The new strategy to upload fixtures as generic packages is experimental and can be disabled by removing the `REUSE_FRONTEND_FIXTURES_ENABLED` variable + - if: '$REUSE_FRONTEND_FIXTURES_ENABLED != "true"' + when: never + - <<: *if-merge-request-labels-pipeline-expedite + when: never + - <<: *if-dot-com-gitlab-org-default-branch + changes: *code-backstage-patterns + - <<: *if-foss-default-branch + changes: *code-backstage-patterns + - <<: *if-dot-com-gitlab-org-merge-request + changes: + - ".gitlab/ci/frontend.gitlab-ci.yml" + - "scripts/gitlab_component_helpers.sh" + when: manual + allow_failure: true + .frontend:rules:jest: rules: + - <<: *if-merge-request-labels-pipeline-expedite + when: never - <<: *if-fork-merge-request when: never - <<: *if-merge-request-labels-run-all-jest @@ -1033,6 +1206,8 @@ rules: - !reference [".strict-ee-only-rules", rules] - <<: *if-merge-request-labels-as-if-foss + - <<: *if-merge-request-labels-pipeline-expedite + when: never - <<: *if-merge-request-labels-run-all-jest - <<: *if-merge-request changes: *frontend-dependency-patterns @@ -1063,6 +1238,8 @@ rules: - !reference [".strict-ee-only-rules", rules] - <<: *if-merge-request-labels-as-if-foss + - <<: *if-merge-request-labels-pipeline-expedite + when: never - <<: *if-merge-request changes: *frontend-patterns-for-as-if-foss @@ -1081,6 +1258,8 @@ rules: - <<: *if-not-canonical-namespace when: never + - <<: *if-merge-request-labels-pipeline-expedite + when: never - <<: *if-default-branch-refs changes: *frontend-build-patterns allow_failure: true @@ -1093,21 +1272,32 @@ ################ .memory:rules: rules: + - <<: *if-merge-request-labels-pipeline-expedite + when: never - <<: *if-default-refs changes: *code-patterns ########## # Notify # ########## -.notify:rules:notify-pipeline-failure: +.notify:rules:create-issues-for-failing-tests: rules: + - <<: *if-not-canonical-namespace + when: never # Don't report child pipeline failures - if: '$CI_PIPELINE_SOURCE == "parent_pipeline"' when: never - - if: '$CI_SLACK_WEBHOOK_URL && $NOTIFY_PIPELINE_FAILURE_CHANNEL' + - if: '$CREATE_ISSUES_FOR_FAILING_TESTS == "true"' when: on_failure allow_failure: true +.notify:rules:notify-package-and-test-failure: + rules: + - <<: *if-not-canonical-namespace + when: never + - <<: *if-merge-request-targeting-stable-branch + when: always + ############### # Pages rules # ############### @@ -1146,18 +1336,38 @@ rules: - <<: *if-not-ee when: never + - <<: *if-merge-request-labels-pipeline-expedite + when: never - <<: *if-merge-request-targeting-stable-branch allow_failure: true - - <<: *if-dot-com-gitlab-org-and-security-merge-request + - <<: *if-merge-request changes: *code-backstage-qa-patterns allow_failure: true - <<: *if-dot-com-gitlab-org-schedule allow_failure: true + - <<: *if-ruby2-branch + # Rules to support .qa:rules:package-and-test-ee + - <<: *if-merge-request + changes: *dependency-patterns + allow_failure: true + - <<: *if-merge-request-labels-run-all-e2e + allow_failure: true + - <<: *if-dot-com-gitlab-org-and-security-merge-request-manual-ff-package-and-e2e + changes: *feature-flag-development-config-patterns + allow_failure: true + - <<: *if-merge-request + changes: *feature-flag-development-config-patterns + allow_failure: true + - <<: *if-merge-request + changes: *nodejs-patterns + allow_failure: true + - <<: *if-merge-request + changes: *ci-qa-patterns + allow_failure: true - <<: *if-force-ci allow_failure: true - - <<: *if-ruby2-branch -.qa:rules:package-and-test-mrs: +.qa:rules:package-and-test-common: rules: - <<: *if-not-canonical-namespace when: never @@ -1169,55 +1379,116 @@ allow_failure: true - <<: *if-ruby2-branch allow_failure: true + - <<: *if-merge-request + changes: *dependency-patterns + variables: + OMNIBUS_GITLAB_BUILD_ON_ALL_OS: 'true' - <<: *if-merge-request-labels-run-all-e2e allow_failure: true - <<: *if-dot-com-gitlab-org-and-security-merge-request-manual-ff-package-and-e2e changes: *feature-flag-development-config-patterns when: manual allow_failure: true - - <<: *if-dot-com-gitlab-org-and-security-merge-request + - <<: *if-merge-request changes: *feature-flag-development-config-patterns allow_failure: true - - <<: *if-dot-com-gitlab-org-and-security-merge-request + - <<: *if-merge-request changes: *initializers-patterns allow_failure: true - - <<: *if-dot-com-gitlab-org-and-security-merge-request + - <<: *if-merge-request changes: *nodejs-patterns allow_failure: true - - <<: *if-dot-com-gitlab-org-and-security-merge-request + - <<: *if-merge-request changes: *ci-qa-patterns allow_failure: true - - <<: *if-dot-com-gitlab-org-and-security-merge-request + - <<: *if-merge-request + changes: + - qa/Gemfile.lock # qa/Gemfile.lock is a part of *qa-patterns, so this rule must be placed before the one with *qa-patterns changes + variables: + UPDATE_QA_CACHE: "true" + - <<: *if-merge-request changes: *qa-patterns allow_failure: true - <<: *if-dot-com-gitlab-org-and-security-merge-request-and-qa-tests-specified changes: *code-patterns allow_failure: true - - <<: *if-dot-com-gitlab-org-and-security-merge-request - changes: *code-patterns + - <<: *if-force-ci when: manual allow_failure: true - - <<: *if-force-ci + - <<: *if-merge-request + changes: *code-patterns when: manual allow_failure: true -.qa:rules:package-and-test: +.qa:rules:package-and-test-schedule: rules: - - !reference [".qa:rules:package-and-test-mrs", rules] - <<: *if-dot-com-gitlab-org-schedule allow_failure: true variables: SKIP_REPORT_IN_ISSUES: "false" PROCESS_TEST_RESULTS: "true" KNAPSACK_GENERATE_REPORT: "true" + UPDATE_QA_CACHE: "true" QA_SAVE_TEST_METRICS: "true" - QA_EXPORT_TEST_METRICS: "false" # on main runs, metrics are exported to separate bucket via rake task for better consistency + QA_EXPORT_TEST_METRICS: "false" # on main runs, metrics are exported to separate bucket via rake task for better consistency + +.qa:rules:package-and-test-ee: + rules: + - !reference [".qa:rules:package-and-test-common", rules] + - !reference [".qa:rules:package-and-test-schedule", rules] + +.qa:rules:package-and-test-ce: + rules: + - <<: *if-not-canonical-namespace + when: never + - <<: *if-not-ee + when: never + - <<: *if-merge-request-labels-pipeline-expedite + when: never + - <<: *if-dot-com-gitlab-org-and-security-merge-request + changes: *ci-build-images-patterns + when: manual + allow_failure: true + - <<: *if-dot-com-gitlab-org-and-security-merge-request + changes: *code-qa-patterns + when: manual + allow_failure: true .qa:rules:e2e:test-on-gdk: rules: - if: '$QA_RUN_TESTS_ON_GDK !~ /true|yes|1/i' when: never - - !reference [".qa:rules:package-and-test", rules] + - !reference [".qa:rules:package-and-test-common", rules] + - !reference [".qa:rules:package-and-test-schedule", rules] + +.qa:rules:package-and-test-sidebar: + rules: + - <<: *if-not-canonical-namespace + when: never + - <<: *if-not-ee + when: never + - <<: *if-merge-request-labels-pipeline-expedite + when: never + - <<: *if-merge-request + changes: *code-patterns + when: manual + allow_failure: true + - <<: *if-default-branch-schedule-nightly + allow_failure: true + variables: + SKIP_REPORT_IN_ISSUES: "false" + PROCESS_TEST_RESULTS: "true" + QA_SAVE_TEST_METRICS: "true" + QA_EXPORT_TEST_METRICS: "false" + +.qa:rules:package-and-test-nightly: + rules: + - <<: *if-default-branch-schedule-nightly + variables: + KNAPSACK_GENERATE_REPORT: "true" + SKIP_REPORT_IN_ISSUES: "false" + QA_SAVE_TEST_METRICS: "true" + QA_EXPORT_TEST_METRICS: "false" ############### # Rails rules # @@ -1231,18 +1502,49 @@ .rails:rules:single-db: rules: - <<: *if-merge-request-labels-run-single-db + - <<: *if-merge-request-labels-pipeline-expedite + when: never - <<: *if-merge-request changes: *db-patterns + - <<: *if-merge-request + changes: *decomposed-db-models-patterns - <<: *if-default-branch-schedule-nightly .rails:rules:db:check-migrations-single-db: rules: - <<: *if-merge-request-labels-run-single-db + - <<: *if-merge-request-labels-pipeline-expedite + when: never - <<: *if-merge-request changes: *db-patterns + - <<: *if-merge-request + changes: *decomposed-db-models-patterns + +.rails:rules:single-db-ci-connection: + rules: + - <<: *if-merge-request-labels-run-single-db + - <<: *if-merge-request-labels-pipeline-expedite + when: never + - <<: *if-merge-request + changes: *db-patterns + - <<: *if-merge-request + changes: *decomposed-db-models-patterns + - <<: *if-default-branch-schedule-nightly + +.rails:rules:db:check-migrations-single-db-ci-connection: + rules: + - <<: *if-merge-request-labels-run-single-db + - <<: *if-merge-request-labels-pipeline-expedite + when: never + - <<: *if-merge-request + changes: *db-patterns + - <<: *if-merge-request + changes: *decomposed-db-models-patterns .rails:rules:db-backup: rules: + - <<: *if-merge-request-labels-pipeline-expedite + when: never - <<: *if-merge-request-labels-run-all-rspec - <<: *if-default-refs changes: *db-backup-patterns @@ -1269,6 +1571,8 @@ rules: - <<: *if-fork-merge-request when: never + - <<: *if-merge-request-labels-pipeline-expedite + when: never - <<: *if-merge-request-labels-run-all-rspec - <<: *if-merge-request changes: *core-backend-patterns @@ -1281,17 +1585,22 @@ - <<: *if-default-refs changes: *db-patterns -.rails:rules:ee-and-foss-migration:predictive: +.rails:rules:rspec-predictive: rules: - <<: *if-fork-merge-request - changes: *db-patterns - - !reference [".rails:rules:predictive-default-rules", rules] - - !reference [".rails:rules:unit-integration:predictive-default-rules", rules] - # When DB schema changes, many migrations spec may be affected. However, the test mapping from Crystalball does not map db change to a specific migration spec well. - # See https://gitlab.com/gitlab-org/gitlab/-/merge_requests/68840. - - <<: *if-merge-request - changes: *db-patterns + changes: *code-backstage-patterns + - <<: *if-merge-request-labels-pipeline-expedite + when: never + - <<: *if-merge-request-approved + when: never + - <<: *if-automated-merge-request + when: never + - <<: *if-security-merge-request + when: never + - <<: *if-merge-request-labels-run-all-rspec when: never + - <<: *if-merge-request + changes: *code-backstage-patterns .rails:rules:ee-and-foss-background-migration: rules: @@ -1299,14 +1608,10 @@ - <<: *if-default-refs changes: *backend-patterns -.rails:rules:ee-and-foss-background-migration:predictive: - rules: - - !reference [".rails:rules:ee-and-foss-migration:predictive", rules] - - <<: *if-merge-request - changes: *backend-patterns - .rails:rules:ee-and-foss-mr-with-migration: rules: + - <<: *if-merge-request-labels-pipeline-expedite + when: never - <<: *if-merge-request changes: *db-patterns - <<: *if-merge-request-labels-run-all-rspec @@ -1326,15 +1631,8 @@ - !reference [".rails:rules:ee-and-foss-default-rules", rules] - <<: *if-default-refs changes: *backend-patterns - -.rails:rules:ee-and-foss-unit:predictive: - rules: - - <<: *if-fork-merge-request - changes: *backend-patterns - - !reference [".rails:rules:predictive-default-rules", rules] - - !reference [".rails:rules:unit-integration:predictive-default-rules", rules] - - <<: *if-merge-request - changes: *backend-patterns + - <<: *if-default-refs + changes: *backstage-patterns .rails:rules:ee-and-foss-integration: rules: @@ -1344,15 +1642,6 @@ - <<: *if-default-refs changes: *backend-patterns -.rails:rules:ee-and-foss-integration:predictive: - rules: - - <<: *if-fork-merge-request - changes: *backend-patterns - - !reference [".rails:rules:predictive-default-rules", rules] - - !reference [".rails:rules:unit-integration:predictive-default-rules", rules] - - <<: *if-merge-request - changes: *backend-patterns - .rails:rules:ee-and-foss-system: rules: - <<: *if-fork-merge-request @@ -1361,13 +1650,6 @@ - <<: *if-default-refs changes: *code-backstage-patterns -.rails:rules:ee-and-foss-system:predictive: - rules: - - <<: *if-fork-merge-request - changes: *code-backstage-patterns - - !reference [".rails:rules:predictive-default-rules", rules] - - !reference [".rails:rules:system:predictive-default-rules", rules] - .rails:rules:ee-and-foss-fast_spec_helper: rules: - <<: *if-merge-request-labels-run-all-rspec @@ -1386,6 +1668,10 @@ rules: - <<: *if-not-ee when: never + - <<: *if-fork-merge-request + when: never + - <<: *if-merge-request-labels-pipeline-expedite + when: never - <<: *if-merge-request-labels-run-all-rspec - <<: *if-merge-request changes: *core-backend-patterns @@ -1402,30 +1688,12 @@ - <<: *if-default-refs changes: *db-patterns -.rails:rules:ee-only-migration:predictive: - rules: - - <<: *if-not-ee - when: never - - !reference [".rails:rules:predictive-default-rules", rules] - - !reference [".rails:rules:unit-integration:predictive-default-rules", rules] - # When DB schema changes, many migrations spec may be affected. However, the test mapping from Crystalball does not map db change to a specific migration spec well. - # See https://gitlab.com/gitlab-org/gitlab/-/merge_requests/68840. - - <<: *if-merge-request - changes: *db-patterns - when: never - .rails:rules:ee-only-background-migration: rules: - !reference [".rails:rules:ee-only-migration", rules] - <<: *if-default-refs changes: *backend-patterns -.rails:rules:ee-only-background-migration:predictive: - rules: - - !reference [".rails:rules:ee-only-migration:predictive", rules] - - <<: *if-merge-request - changes: *backend-patterns - .rails:rules:ee-only-unit: rules: - <<: *if-not-ee @@ -1436,17 +1704,6 @@ - <<: *if-default-refs changes: *backend-patterns -.rails:rules:ee-only-unit:predictive: - rules: - - <<: *if-not-ee - when: never - - <<: *if-fork-merge-request - changes: *backend-patterns - - !reference [".rails:rules:predictive-default-rules", rules] - - !reference [".rails:rules:unit-integration:predictive-default-rules", rules] - - <<: *if-merge-request - changes: *backend-patterns - .rails:rules:ee-only-integration: rules: - <<: *if-not-ee @@ -1457,17 +1714,6 @@ - <<: *if-default-refs changes: *backend-patterns -.rails:rules:ee-only-integration:predictive: - rules: - - <<: *if-not-ee - when: never - - <<: *if-fork-merge-request - changes: *backend-patterns - - !reference [".rails:rules:predictive-default-rules", rules] - - !reference [".rails:rules:unit-integration:predictive-default-rules", rules] - - <<: *if-merge-request - changes: *backend-patterns - .rails:rules:ee-only-system: rules: - <<: *if-not-ee @@ -1478,19 +1724,12 @@ - <<: *if-default-refs changes: *code-backstage-patterns -.rails:rules:ee-only-system:predictive: - rules: - - <<: *if-not-ee - when: never - - <<: *if-fork-merge-request - changes: *code-backstage-patterns - - !reference [".rails:rules:predictive-default-rules", rules] - - !reference [".rails:rules:system:predictive-default-rules", rules] - .rails:rules:as-if-foss-migration: rules: - <<: *if-not-ee when: never + - <<: *if-merge-request-labels-pipeline-expedite + when: never - <<: *if-merge-request-labels-run-all-rspec - <<: *if-merge-request changes: *core-backend-patterns @@ -1505,48 +1744,21 @@ - <<: *if-merge-request-not-approved when: never -.rails:rules:as-if-foss-migration:predictive: - rules: - - <<: *if-not-ee - when: never - - !reference [".rails:rules:predictive-default-rules", rules] - - !reference [".rails:rules:as-if-foss-migration-unit-integration:predictive-default-rules", rules] - # When DB schema changes, many migrations spec may be affected. However, the test mapping from Crystalball does not map db change to a specific migration spec well. - # See https://gitlab.com/gitlab-org/gitlab/-/merge_requests/68840. - - <<: *if-merge-request-labels-as-if-foss - changes: *db-patterns - when: never - .rails:rules:as-if-foss-background-migration: rules: - !reference [".rails:rules:as-if-foss-migration", rules] - <<: *if-merge-request-labels-as-if-foss changes: *backend-patterns -.rails:rules:as-if-foss-background-migration:predictive: - rules: - - !reference [".rails:rules:as-if-foss-migration:predictive", rules] - - <<: *if-merge-request-labels-as-if-foss - changes: *backend-patterns - .rails:rules:as-if-foss-unit: rules: - <<: *if-not-ee when: never - <<: *if-fork-merge-request when: never - - !reference [".rails:rules:ee-and-foss-default-rules", rules] - - <<: *if-merge-request-labels-as-if-foss - changes: *backend-patterns - -.rails:rules:as-if-foss-unit:predictive: - rules: - - <<: *if-not-ee - when: never - - <<: *if-fork-merge-request + - <<: *if-merge-request-labels-pipeline-expedite when: never - - !reference [".rails:rules:predictive-default-rules", rules] - - !reference [".rails:rules:as-if-foss-migration-unit-integration:predictive-default-rules", rules] + - !reference [".rails:rules:ee-and-foss-default-rules", rules] - <<: *if-merge-request-labels-as-if-foss changes: *backend-patterns @@ -1556,18 +1768,9 @@ when: never - <<: *if-fork-merge-request when: never - - !reference [".rails:rules:ee-and-foss-default-rules", rules] - - <<: *if-merge-request-labels-as-if-foss - changes: *backend-patterns - -.rails:rules:as-if-foss-integration:predictive: - rules: - - <<: *if-not-ee - when: never - - <<: *if-fork-merge-request + - <<: *if-merge-request-labels-pipeline-expedite when: never - - !reference [".rails:rules:predictive-default-rules", rules] - - !reference [".rails:rules:as-if-foss-migration-unit-integration:predictive-default-rules", rules] + - !reference [".rails:rules:ee-and-foss-default-rules", rules] - <<: *if-merge-request-labels-as-if-foss changes: *backend-patterns @@ -1577,40 +1780,27 @@ when: never - <<: *if-fork-merge-request when: never - - !reference [".rails:rules:system-default-rules", rules] - - <<: *if-merge-request-labels-as-if-foss - changes: *code-backstage-patterns - -.rails:rules:as-if-foss-system:predictive: - rules: - - <<: *if-not-ee - when: never - - <<: *if-fork-merge-request - when: never - - !reference [".rails:rules:predictive-default-rules", rules] - - <<: *if-merge-request - changes: *core-backend-patterns - when: never - - <<: *if-merge-request - changes: *workhorse-patterns - when: never - - <<: *if-merge-request - changes: *ci-patterns + - <<: *if-merge-request-labels-pipeline-expedite when: never + - !reference [".rails:rules:system-default-rules", rules] - <<: *if-merge-request-labels-as-if-foss changes: *code-backstage-patterns .rails:rules:ee-and-foss-db-library-code: rules: + - <<: *if-merge-request-labels-pipeline-expedite + when: never - <<: *if-default-refs changes: *db-library-patterns - <<: *if-merge-request-labels-run-all-rspec - - <<: *if-merge-request-labels-run-on-pg11 + - <<: *if-merge-request-labels-run-on-pg12 .rails:rules:ee-mr-and-default-branch-only: rules: - <<: *if-not-ee when: never + - <<: *if-merge-request-labels-pipeline-expedite + when: never - <<: *if-merge-request-labels-run-all-rspec - <<: *if-merge-request changes: *code-backstage-patterns @@ -1639,6 +1829,8 @@ when: never - <<: *if-merge-request-labels-as-if-foss when: never + - <<: *if-merge-request-labels-pipeline-expedite + when: never - <<: *if-security-merge-request changes: *code-backstage-patterns - <<: *if-dot-com-gitlab-org-merge-request @@ -1668,6 +1860,8 @@ rules: - <<: *if-not-ee when: never + - <<: *if-merge-request-labels-pipeline-expedite + when: never - <<: *if-default-branch-schedule-nightly - <<: *if-ruby2-branch-schedule-nightly - <<: *if-merge-request-labels-run-all-rspec @@ -1691,17 +1885,23 @@ when: never - <<: *if-merge-request-labels-skip-undercoverage when: never + # We cannot get the coverage data from child pipeline so we only run undercoverage on full pipelines for now + # See https://gitlab.com/gitlab-org/gitlab/-/merge_requests/113410#note_1335422806 + - <<: *if-merge-request-not-approved + when: never - <<: *if-merge-request-labels-run-all-rspec - <<: *if-merge-request changes: *backend-patterns -.rails:rules:rspec-on-pg11: +.rails:rules:rspec-on-pg12: rules: - - <<: *if-merge-request-labels-run-on-pg11 + - <<: *if-merge-request-labels-run-on-pg12 - !reference [".rails:rules:default-branch-schedule-nightly--code-backstage-default-rules", rules] .rails:rules:default-branch-schedule-nightly--code-backstage-default-rules: rules: + - <<: *if-merge-request-labels-pipeline-expedite + when: never - <<: *if-default-branch-schedule-nightly - <<: *if-merge-request changes: [".gitlab/ci/rails.gitlab-ci.yml"] @@ -1720,6 +1920,8 @@ rules: - <<: *if-not-ee when: never + - <<: *if-merge-request-labels-pipeline-expedite + when: never - <<: *if-default-refs changes: *code-backstage-patterns @@ -1729,7 +1931,12 @@ when: never - <<: *if-merge-request-labels-pipeline-expedite when: never - - if: '$SKIP_FLAKY_TESTS_AUTOMATICALLY == "true" || $RETRY_FAILED_TESTS_IN_NEW_PROCESS == "true"' + - if: '$FAST_QUARANTINE == "false" && $RETRY_FAILED_TESTS_IN_NEW_PROCESS != "true"' + when: never + - <<: *if-merge-request + changes: *code-backstage-patterns + when: always + - <<: *if-default-branch-refs changes: *code-backstage-patterns when: always @@ -1850,12 +2057,6 @@ changes: ["vendor/gems/omniauth-azure-oauth2/**/*"] - <<: *if-merge-request-labels-run-all-rspec -.vendor:rules:omniauth-cas3: - rules: - - <<: *if-merge-request - changes: ["vendor/gems/omniauth-cas3/**/*"] - - <<: *if-merge-request-labels-run-all-rspec - .vendor:rules:omniauth_crowd: rules: - <<: *if-merge-request @@ -1892,6 +2093,18 @@ changes: ["vendor/gems/bundler-checksum/**/*"] - <<: *if-merge-request-labels-run-all-rspec +.vendor:rules:cloud_profiler_agent: + rules: + - <<: *if-merge-request + changes: ["vendor/gems/cloud_profiler_agent/**/*"] + - <<: *if-merge-request-labels-run-all-rspec + +.vendor:rules:sidekiq-reliable-fetch: + rules: + - <<: *if-merge-request + changes: ["vendor/gems/sidekiq-reliable-fetch/**/*"] + - <<: *if-merge-request-labels-run-all-rspec + ################## # Releases rules # ################## @@ -1919,6 +2132,8 @@ ################# .reports:rules:code_quality: rules: + - <<: *if-merge-request-labels-pipeline-expedite + when: never - if: '$CODE_QUALITY_DISABLED' when: never # Run code_quality on master until https://gitlab.com/gitlab-org/gitlab/-/issues/363747 is resolved @@ -1930,6 +2145,8 @@ .reports:rules:brakeman-sast: rules: + - <<: *if-merge-request-labels-pipeline-expedite + when: never - if: $SAST_DISABLED when: never - if: $SAST_EXCLUDED_ANALYZERS =~ /brakeman/ @@ -1941,6 +2158,8 @@ .reports:rules:semgrep-sast: rules: + - <<: *if-merge-request-labels-pipeline-expedite + when: never - if: $SAST_DISABLED when: never - if: $SAST_EXCLUDED_ANALYZERS =~ /semgrep/ @@ -1958,6 +2177,8 @@ .reports:rules:secret_detection: rules: + - <<: *if-merge-request-labels-pipeline-expedite + when: never - if: '$SECRET_DETECTION_DISABLED' when: never # Scan each commit on master to feed the Vulnerability Reports with detected secrets @@ -1967,6 +2188,8 @@ .reports:rules:gemnasium-dependency_scanning: rules: + - <<: *if-merge-request-labels-pipeline-expedite + when: never - if: '$DEPENDENCY_SCANNING_DISABLED || $GITLAB_FEATURES !~ /\bdependency_scanning\b/ || $DS_EXCLUDED_ANALYZERS =~ /gemnasium([^-]|$)/' when: never # Run Dependency Scanning on master until https://gitlab.com/gitlab-org/gitlab/-/issues/361657 is resolved @@ -1976,6 +2199,8 @@ .reports:rules:gemnasium-python-dependency_scanning: rules: + - <<: *if-merge-request-labels-pipeline-expedite + when: never - if: '$DEPENDENCY_SCANNING_DISABLED || $GITLAB_FEATURES !~ /\bdependency_scanning\b/ || $DS_EXCLUDED_ANALYZERS =~ /gemnasium-python/' when: never # Run Dependency Scanning on master until https://gitlab.com/gitlab-org/gitlab/-/issues/361657 is resolved @@ -1985,6 +2210,8 @@ .reports:rules:yarn-audit-dependency_scanning: rules: + - <<: *if-merge-request-labels-pipeline-expedite + when: never - if: '$DEPENDENCY_SCANNING_DISABLED || $GITLAB_FEATURES !~ /\bdependency_scanning\b/' when: never # Run Dependency Scanning on master until https://gitlab.com/gitlab-org/gitlab/-/issues/361657 is resolved @@ -1994,6 +2221,8 @@ .reports:rules:test-dast: rules: + - <<: *if-merge-request-labels-pipeline-expedite + when: never - if: '$DAST_DISABLED || $GITLAB_FEATURES !~ /\bdast\b/' when: never - <<: *if-merge-request @@ -2014,13 +2243,6 @@ - <<: *if-merge-request changes: ["Gemfile.lock"] -.reports:rules:license_scanning: - rules: - - if: '$LICENSE_MANAGEMENT_DISABLED || $GITLAB_FEATURES !~ /\blicense_scanning\b/' - when: never - - <<: *if-default-refs - changes: *dependency-patterns - ################ # Review rules # ################ @@ -2072,7 +2294,7 @@ variables: KNAPSACK_GENERATE_REPORT: "true" QA_SAVE_TEST_METRICS: "true" - QA_EXPORT_TEST_METRICS: "false" # on main runs, metrics are exported to separate bucket via rake task for better consistency + QA_EXPORT_TEST_METRICS: "false" # on main runs, metrics are exported to separate bucket via rake task for better consistency # The following rules needs to be the same as the one for .review:rules:start-review-app-pipeline # except that: @@ -2182,10 +2404,12 @@ .setup:rules:gitlab_git_test: rules: + - <<: *if-merge-request-labels-pipeline-expedite + when: never - <<: *if-default-refs changes: *code-backstage-patterns -.setup:rules:rails-production-environment: +.setup:rules:rails-production-server-boot: rules: - <<: *if-default-refs changes: *code-patterns @@ -2212,6 +2436,8 @@ rules: - <<: *if-not-ee when: never + - <<: *if-merge-request-labels-pipeline-expedite + when: never - <<: *if-default-refs changes: *code-backstage-patterns @@ -2242,6 +2468,7 @@ - <<: *if-default-refs changes: *workhorse-patterns - <<: *if-merge-request-labels-run-all-rspec + - <<: *if-merge-request-labels-frontend-and-feature-flag .test-metadata:rules:update-tests-metadata: rules: @@ -2292,6 +2519,33 @@ changes: *feature-flag-development-config-patterns # This rule should share the same logic with .as-if-jh:rules:prepare-as-if-jh +# in additionally that there are changes in dependency-patterns +# Unfortunately, we can't say it has changes in +# feature-flag-development-config-patterns +# And in +# dependency-patterns +# At the same time. Note that this can't be using OR so using a union pattern +# doesn't work either. Given that we cannot specify this, there's a gap can +# happen when: +# * The merge request does not have ~"pipeline:run-as-if-jh" +# * The merge request changes a feature flag +# * The merge request also changes dependencies +# In this case, we expect that we do run `sync-as-if-jh-branch` but it won't, +# meaning that dependencies in the JH validation pipeline will be outdated. +# To work around this issue, apply ~"pipeline:run-as-if-jh" to the merge +# request so we can force it to run `sync-as-if-jh-branch` when there are +# dependencies changes. +.as-if-jh:rules:sync-as-if-jh: + rules: + - !reference [".strict-ee-only-rules", rules] + - !reference [".as-if-jh-default-exclusion-rules", rules] + - <<: *if-merge-request-labels-as-if-jh + changes: *dependency-patterns + # Ideally, we should be able to do this: + # - <<: *if-dot-com-gitlab-org-merge-request + # changes: *feature-flag-development-config-patterns && *dependency-patterns + +# This rule should share the same logic with .as-if-jh:rules:prepare-as-if-jh # Because the jobs using this need jobs using the preparation rules .as-if-jh:rules:start-as-if-jh: rules: diff --git a/.gitlab/ci/setup.gitlab-ci.yml b/.gitlab/ci/setup.gitlab-ci.yml index 298d5c4ae08..36e2c338748 100644 --- a/.gitlab/ci/setup.gitlab-ci.yml +++ b/.gitlab/ci/setup.gitlab-ci.yml @@ -51,22 +51,6 @@ gitlab_git_test: script: - spec/support/prepare-gitlab-git-test-for-commit --check-for-changes -no-ee-check: - extends: - - .predictive-job - - .setup:rules:no-ee-check - stage: test - script: - - scripts/no-dir-check ee - -no-jh-check: - extends: - - .predictive-job - - .setup:rules:no-jh-check - stage: test - script: - - scripts/no-dir-check jh - verify-ruby-3.0: extends: - .absolutely-predictive-job @@ -79,7 +63,7 @@ verify-ruby-3.0: verify-tests-yml: extends: - .setup:rules:verify-tests-yml - image: ${GITLAB_DEPENDENCY_PROXY_ADDRESS}ruby:${RUBY_VERSION}-alpine3.13 + image: ${GITLAB_DEPENDENCY_PROXY_ADDRESS}ruby:${RUBY_VERSION}-alpine3.16 stage: test needs: [] script: @@ -99,14 +83,14 @@ verify-approvals: generate-frontend-fixtures-mapping: extends: - .setup:rules:generate-frontend-fixtures-mapping - - .use-pg12 + - .use-pg13 - .rails-cache needs: ["setup-test-env"] stage: prepare before_script: - !reference [.default-before_script, before_script] - source ./scripts/rspec_helpers.sh - - run_timed_command "scripts/gitaly-test-spawn" + - section_start "gitaly-test-spawn" "Spawning Gitaly"; scripts/gitaly-test-spawn; section_end "gitaly-test-spawn"; # Do not use 'bundle exec' here script: - generate_frontend_fixtures_mapping artifacts: @@ -122,7 +106,7 @@ detect-tests: variables: RSPEC_TESTS_MAPPING_ENABLED: "true" before_script: - - apt-get update && apt-get install -y curl # Not present in ruby-slim, so we add it manually + - apt-get update && apt-get install -y curl # Not present in ruby-slim, so we add it manually script: - source ./scripts/utils.sh - source ./scripts/rspec_helpers.sh @@ -134,13 +118,12 @@ detect-tests: - | if [ -n "$CI_MERGE_REQUEST_IID" ]; then mkdir -p $(dirname "$RSPEC_CHANGED_FILES_PATH") - tooling/bin/find_changes ${RSPEC_CHANGED_FILES_PATH}; - tooling/bin/find_tests ${RSPEC_CHANGED_FILES_PATH} ${RSPEC_MATCHING_TESTS_PATH}; - tooling/bin/js_to_system_specs_mappings ${RSPEC_CHANGED_FILES_PATH} ${RSPEC_MATCHING_TESTS_PATH}; - tooling/bin/find_changes ${RSPEC_CHANGED_FILES_PATH} ${RSPEC_MATCHING_TESTS_PATH} ${FRONTEND_FIXTURES_MAPPING_PATH}; + + tooling/bin/predictive_tests + filter_rspec_matched_foss_tests ${RSPEC_MATCHING_TESTS_PATH} ${RSPEC_MATCHING_TESTS_FOSS_PATH}; filter_rspec_matched_ee_tests ${RSPEC_MATCHING_TESTS_PATH} ${RSPEC_MATCHING_TESTS_EE_PATH}; - tooling/bin/view_to_js_mappings ${RSPEC_CHANGED_FILES_PATH} ${RSPEC_MATCHING_JS_FILES_PATH}; + echoinfo "Changed files: $(cat $RSPEC_CHANGED_FILES_PATH)"; echoinfo "Related FOSS RSpec tests: $(cat $RSPEC_MATCHING_TESTS_FOSS_PATH)"; echoinfo "Related EE RSpec tests: $(cat $RSPEC_MATCHING_TESTS_EE_PATH)"; @@ -152,9 +135,10 @@ detect-tests: - ${FRONTEND_FIXTURES_MAPPING_PATH} - ${RSPEC_CHANGED_FILES_PATH} - ${RSPEC_MATCHING_JS_FILES_PATH} - - ${RSPEC_MATCHING_TESTS_PATH} - - ${RSPEC_MATCHING_TESTS_FOSS_PATH} - ${RSPEC_MATCHING_TESTS_EE_PATH} + - ${RSPEC_MATCHING_TESTS_FOSS_PATH} + - ${RSPEC_MATCHING_TESTS_PATH} + - ${RSPEC_VIEWS_INCLUDING_PARTIALS_PATH} detect-previous-failed-tests: extends: @@ -179,8 +163,6 @@ e2e-test-pipeline-generate: stage: prepare variables: ENV_FILE: $CI_PROJECT_DIR/qa_tests_vars.env - OMNIBUS_PIPELINE_YML: package-and-test-pipeline.yml - REVIEW_PIPELINE_YML: review-app-pipeline.yml COLORIZED_LOGS: "true" script: - bundle exec rake "ci:detect_changes[$ENV_FILE]" @@ -188,5 +170,4 @@ e2e-test-pipeline-generate: artifacts: expire_in: 1 day paths: - - $OMNIBUS_PIPELINE_YML - - $REVIEW_PIPELINE_YML + - '*-pipeline.yml' diff --git a/.gitlab/ci/static-analysis.gitlab-ci.yml b/.gitlab/ci/static-analysis.gitlab-ci.yml index d546c79aab9..b9c9200d78b 100644 --- a/.gitlab/ci/static-analysis.gitlab-ci.yml +++ b/.gitlab/ci/static-analysis.gitlab-ci.yml @@ -45,7 +45,7 @@ static-verification-with-database: - .static-analysis-base - .rubocop-job-cache - .static-analysis:rules:static-verification-with-database - - .use-pg12 + - .use-pg13 script: - bundle exec rake lint:static_verification_with_database variables: diff --git a/.gitlab/ci/test-metadata.gitlab-ci.yml b/.gitlab/ci/test-metadata.gitlab-ci.yml index 176a0b67d66..41fd0b49173 100644 --- a/.gitlab/ci/test-metadata.gitlab-ci.yml +++ b/.gitlab/ci/test-metadata.gitlab-ci.yml @@ -18,7 +18,7 @@ retrieve-tests-metadata: image: ${GITLAB_DEPENDENCY_PROXY_ADDRESS}ruby:${RUBY_VERSION}-slim stage: prepare script: - - apt-get update && apt-get install -y curl # Not present in ruby-slim, so we add it manually + - apt-get update && apt-get install -y curl # Not present in ruby-slim, so we add it manually - install_gitlab_gem - source ./scripts/rspec_helpers.sh - retrieve_tests_metadata @@ -32,17 +32,17 @@ update-tests-metadata: - retrieve-tests-metadata - generate-frontend-fixtures-mapping - setup-test-env - - rspec migration pg12 + - rspec migration pg13 - rspec-all frontend_fixture - - rspec unit pg12 - - rspec integration pg12 - - rspec system pg12 - - rspec background_migration pg12 - - rspec-ee migration pg12 - - rspec-ee unit pg12 - - rspec-ee integration pg12 - - rspec-ee system pg12 - - rspec-ee background_migration pg12 + - rspec unit pg13 + - rspec integration pg13 + - rspec system pg13 + - rspec background_migration pg13 + - rspec-ee migration pg13 + - rspec-ee unit pg13 + - rspec-ee integration pg13 + - rspec-ee system pg13 + - rspec-ee background_migration pg13 script: - run_timed_command "retry gem install fog-aws mime-types activesupport rspec_profiling postgres-copy --no-document" - source ./scripts/rspec_helpers.sh diff --git a/.gitlab/ci/test-on-gdk/main.gitlab-ci.yml b/.gitlab/ci/test-on-gdk/main.gitlab-ci.yml index a04d81fb342..6073098ef06 100644 --- a/.gitlab/ci/test-on-gdk/main.gitlab-ci.yml +++ b/.gitlab/ci/test-on-gdk/main.gitlab-ci.yml @@ -1,15 +1,7 @@ -default: - interruptible: true - include: - - local: .gitlab/ci/package-and-test/rules.gitlab-ci.yml - -dont-interrupt-me: - extends: .rules:dont-interrupt - stage: test - interruptible: false - script: - - echo "This jobs makes sure this pipeline won't be interrupted! See https://docs.gitlab.com/ee/ci/yaml/#interruptible." + - local: .gitlab/ci/qa-common/main.gitlab-ci.yml + - local: .gitlab/ci/qa-common/rules.gitlab-ci.yml + - local: .gitlab/ci/qa-common/variables.gitlab-ci.yml .run-tests: stage: test @@ -21,19 +13,19 @@ dont-interrupt-me: before_script: - docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY - sysctl -n -w fs.inotify.max_user_watches=524288 + - echo "SUITE_RAN=true" > suite_status.env variables: DOCKER_DRIVER: overlay2 DOCKER_HOST: tcp://docker:2375 QA_GDK_IMAGE: "${CI_REGISTRY}/${CI_PROJECT_PATH}/gitlab-qa-gdk:master" - QA_GENERATE_ALLURE_REPORT: "false" + QA_GENERATE_ALLURE_REPORT: "true" QA_CAN_TEST_PRAEFECT: "false" QA_INTERCEPT_REQUESTS: "false" - QA_RUN_TYPE: e2e-test-on-gdk TEST_LICENSE_MODE: $QA_TEST_LICENSE_MODE EE_LICENSE: $QA_EE_LICENSE GITHUB_ACCESS_TOKEN: $QA_GITHUB_ACCESS_TOKEN GITLAB_QA_ADMIN_ACCESS_TOKEN: $QA_ADMIN_ACCESS_TOKEN - QA_KNAPSACK_REPORTS: qa-smoke,ee-instance-parallel + RSPEC_REPORT_OPTS: "--format QA::Support::JsonFormatter --out tmp/rspec-${CI_JOB_ID}.json --format RspecJunitFormatter --out tmp/rspec-${CI_JOB_ID}.xml --format html --out tmp/rspec-${CI_JOB_ID}.htm --color --format documentation" timeout: 2 hours artifacts: when: always @@ -41,6 +33,9 @@ dont-interrupt-me: - test_output - logs expire_in: 7 days + reports: + junit: test_output/**/rspec-*.xml + dotenv: suite_status.env script: - echo -e "\e[0Ksection_start:`date +%s`:pull_image\r\e[0KPull GDK QA image" - docker pull ${QA_GDK_IMAGE} @@ -49,7 +44,7 @@ dont-interrupt-me: - cd qa && bundle install --jobs=$(nproc) --retry=3 --quiet - mkdir -p $CI_PROJECT_DIR/test_output $CI_PROJECT_DIR/logs/gdk $CI_PROJECT_DIR/logs/gitlab # This command matches the permissions of the user that runs GDK inside the container. - - chown -R 1000:1000 $CI_PROJECT_DIR/test_output $CI_PROJECT_DIR/logs + - chown -R 1000:1000 $CI_PROJECT_DIR/test_output $CI_PROJECT_DIR/logs $CI_PROJECT_DIR/qa/knapsack - | docker run --rm --name gdk --add-host gdk.test:127.0.0.1 --shm-size=2gb \ --env-file <(bundle exec rake ci:env_var_name_list) \ @@ -57,9 +52,20 @@ dont-interrupt-me: --volume $CI_PROJECT_DIR/test_output:/home/gdk/gdk/gitlab/qa/tmp:z \ --volume $CI_PROJECT_DIR/logs/gdk:/home/gdk/gdk/log \ --volume $CI_PROJECT_DIR/logs/gitlab:/home/gdk/gdk/gitlab/log \ - ${QA_GDK_IMAGE} "${CI_COMMIT_REF_SLUG}" "$TEST_GDK_TAGS --tag ~requires_praefect" || true - - echo -e "\e[0Ksection_end:`date +%s`:launch_gdk_and_tests\r\e[0K" + --volume $CI_PROJECT_DIR/qa/knapsack:/home/gdk/gdk/gitlab/qa/knapsack \ + ${QA_GDK_IMAGE} "${CI_COMMIT_SHA}" "$RSPEC_REPORT_OPTS $TEST_GDK_TAGS --tag ~requires_praefect" + # The above image's launch script takes two arguments only - first one is the commit sha and the second one Rspec Args allow_failure: true + after_script: + - | + if [ "$CI_JOB_STATUS" == "failed" ]; then + echo "SUITE_FAILED=true" >> suite_status.env + fi + +download-knapsack-report: + extends: + - .download-knapsack-report + - .rules:download-knapsack test-on-gdk-smoke: extends: @@ -67,7 +73,6 @@ test-on-gdk-smoke: parallel: 2 variables: TEST_GDK_TAGS: "--tag smoke" - QA_KNAPSACK_REPORT_NAME: qa-smoke rules: - when: always @@ -75,7 +80,50 @@ test-on-gdk-full: extends: - .run-tests parallel: 5 - variables: - QA_KNAPSACK_REPORT_NAME: ee-instance-parallel rules: - when: manual + +# ========================================== +# Post test stage +# ========================================== +e2e-test-report: + extends: + - .e2e-test-report + - .rules:report:allure-report + variables: + ALLURE_RESULTS_GLOB: test_output/allure-results + +upload-knapsack-report: + extends: + - .upload-knapsack-report + - .rules:report:process-results + variables: + QA_KNAPSACK_REPORT_FILE_PATTERN: $CI_PROJECT_DIR/test_output/knapsack/*/*.json + +export-test-metrics: + extends: + - .export-test-metrics + - .rules:report:process-results + variables: + QA_METRICS_REPORT_FILE_PATTERN: $CI_PROJECT_DIR/test_output/test-metrics-*.json + +relate-test-failures: + extends: + - .relate-test-failures + - .rules:report:process-results + variables: + QA_RSPEC_JSON_FILE_PATTERN: $CI_PROJECT_DIR/test_output/rspec-*.json + +generate-test-session: + extends: + - .generate-test-session + - .rules:report:process-results + variables: + QA_RSPEC_JSON_FILE_PATTERN: $CI_PROJECT_DIR/test_output/rspec-*.json + +notify-slack: + extends: + - .notify-slack + - .rules:report:process-results + variables: + QA_RSPEC_XML_FILE_PATTERN: $CI_PROJECT_DIR/test_output/rspec-*.xml diff --git a/.gitlab/ci/vendored-gems.gitlab-ci.yml b/.gitlab/ci/vendored-gems.gitlab-ci.yml index 1086d9074d2..3773a343d6d 100644 --- a/.gitlab/ci/vendored-gems.gitlab-ci.yml +++ b/.gitlab/ci/vendored-gems.gitlab-ci.yml @@ -38,14 +38,6 @@ vendor omniauth-azure-oauth2: include: vendor/gems/omniauth-azure-oauth2/.gitlab-ci.yml strategy: depend -vendor omniauth-cas3: - extends: - - .vendor:rules:omniauth-cas3 - needs: [] - trigger: - include: vendor/gems/omniauth-cas3/.gitlab-ci.yml - strategy: depend - vendor omniauth_crowd: extends: - .vendor:rules:omniauth_crowd @@ -93,3 +85,19 @@ vendor gitlab_active_record: trigger: include: vendor/gems/gitlab_active_record/.gitlab-ci.yml strategy: depend + +vendor cloud_profiler_agent: + extends: + - .vendor:rules:cloud_profiler_agent + needs: [] + trigger: + include: vendor/gems/cloud_profiler_agent/.gitlab-ci.yml + strategy: depend + +vendor sidekiq-reliable-fetch: + extends: + - .vendor:rules:sidekiq-reliable-fetch + needs: [] + trigger: + include: vendor/gems/sidekiq-reliable-fetch/.gitlab-ci.yml + strategy: depend diff --git a/.gitlab/ci/workhorse.gitlab-ci.yml b/.gitlab/ci/workhorse.gitlab-ci.yml index 389906dbbff..ae0b15bbdb8 100644 --- a/.gitlab/ci/workhorse.gitlab-ci.yml +++ b/.gitlab/ci/workhorse.gitlab-ci.yml @@ -10,7 +10,7 @@ workhorse:verify: .workhorse:test: extends: .workhorse:rules:workhorse - image: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images/debian-${DEBIAN_VERSION}-ruby-${RUBY_VERSION}-golang-${GO_VERSION}:git-2.36 + image: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images/debian-${DEBIAN_VERSION}-ruby-${RUBY_VERSION}-golang-${GO_VERSION}-rust-${RUST_VERSION}:rubygems-${RUBYGEMS_VERSION}-git-2.36-exiftool-12.60 variables: GITALY_ADDRESS: "tcp://127.0.0.1:8075" stage: test @@ -18,7 +18,6 @@ workhorse:verify: - setup-test-env before_script: - go version - - apt-get update && apt-get -y install libimage-exiftool-perl - scripts/gitaly-test-build script: - make -C workhorse test @@ -37,7 +36,10 @@ workhorse:test go: workhorse:test fips: extends: .workhorse:test - image: registry.gitlab.com/gitlab-org/gitlab-omnibus-builder/ubuntu_20.04_fips:4.0.0 + parallel: + matrix: + - GO_VERSION: ["1.18", "1.19"] + image: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images/ubi-${UBI_VERSION}-ruby-${RUBY_VERSION}-golang-${GO_VERSION}-rust-${RUST_VERSION}:rubygems-${RUBYGEMS_VERSION}-git-2.36-exiftool-12.60 variables: FIPS_MODE: 1 diff --git a/.gitlab/issue_templates/AI Project Proposal.md b/.gitlab/issue_templates/AI Project Proposal.md new file mode 100644 index 00000000000..072e7ed9ed3 --- /dev/null +++ b/.gitlab/issue_templates/AI Project Proposal.md @@ -0,0 +1,147 @@ +<!-- +HOW TO USE THIS TEMPLATE +To propose an AI experiment, focus on completing the “Experiment” section first. As you refine the idea and gather feedback on your experiment, use the “Feature release” section to define how it will evolve as a Beta or GA capability. It's important that we link experiment to feature release. Feel free to add sections, but keep the existing ones. + +You can choose how to get started with this template. For example, the proposal can start as an issue, and then be promoted to an epic to house all the work related to the experiment/prototype and feature release. If you prefer to start with an epic, you have to manually apply the proposal template. Regardless, if the experiment is eventually prioritized for development, the template content will need to appear in a top-level epic so it can be tracked alongside other prioritized AI experiments. + +TITLE FORMAT +🤖 [AI Proposal] {Need/outcome} {Beneficiary} {Job/Small Job} + +The title should be something that is easily understood that quickly communicates the intent of the project allowing team members to easily understand and recognize the expected work that will be done. A proposal title should combine the beneficiary of the feature/UI, the job it will allow them to accomplish (see https://about.gitlab.com/handbook/product/ux/jobs-to-be-done/#how-to-write-a-jtbd), and their expected outcome when the work is delivered. Well-defined statements are concise without sacrificing the substance of the proposal so that anyone can understand it at a glance. (e.g. {Reduce the effort} {for security teams} {when prioritizing business-critical risks in their assets}). +--> + +# Experiment + +This section should be completed prior to work on the Experiment beginning. + +# [Experiment](https://docs.gitlab.com/ee/policy/alpha-beta-support.html#experiment) + +## Problem to be solved + +### User problem +_What user problem will this solve?_ + +### Solution hypothesis +_Why do you believe this AI solution is a good way to solve this problem?_ + +### Assumption +_What assumptions are you making about this problem and the solution?_ + +### Personas +_What [personas](https://about.gitlab.com/handbook/product/personas/#list-of-user-personas) have this problem, who is the intended user?_ + +## Proposal +<!-- Explain the proposed changes, including details around usage and business drivers. --> + +### Success +_How will you measure whether this experiment is a success?_ + + +# Feature release +<!-- DO NOT REMOVE THIS SECTION +Although the initial focus is on the “Experiment” section, do not remove this “Feature release” section. It's important that we link experiment to feature release. Fill this section as you progress. +--> +### Main Job story +_What job to be done will this solve?_ +<!-- What is the [Main Job story](https://about.gitlab.com/handbook/product/ux/jobs-to-be-done/#how-to-write-a-jtbd) that this proposal was derived from? (e.g. When I am on triage rotation, I want to address all the business-critical risks in my assets, So I can minimize the likelihood of my organization being compromised by a security breach.) --> + +## Proposal updates/additions +<!-- Explain any changes or updates to the original proposal from the experiment, including details around usage, business drivers, and reasonings that drove the updates/additions. --> + +### Problem validation +_What validation exists that customers have this problem?_ +<!-- Refer to https://about.gitlab.com/handbook/product/ux/ux-research/research-in-the-AI-space/#guideline-1-problem-validation --- to help identify and understand user needs --> + +### Business objective +_What business objective will be achieved with this proposal?_ +<!-- Objectives (from a business point of view) that will be achieved upon completion. (For instance, Increase engagement by making the experience efficient while reducing the chances of users overlooking high-priority items. --> + +### Confidence +_Has this proposal been derived from research?_ +<!-- How well do we understand the user's problem and their need? Refer to https://about.gitlab.com/handbook/product/ux/product-design/ux-roadmaps/#confidence to assess confidence --> + +| Confidence | Research | +| ----------------- | ------------------------------ | +| [High/Medium/Low] | [research/insight issue](Link) | + +### Requirements +_What tasks or actions should the user be capable of performing with this feature?_ +<!-- Requirements can be taken from existing features or design issues used to build this proposal. Any related issues should be linked with this issue in the Feature/solution issues section below. They are more granular validated needs, goals, and additional details that the proposal encompasses. --> + +> ⚠️ Related feature and research issues should be linked in the related issues section (Delete this line when this is done) + +#### The user needs to be able to: +- ... +- ... + +## Checklist + +### Experiment +<details> <summary> Issue information </summary> + +- [ ] Add information to the issue body about: + - [ ] The user problem being solved + - [ ] Your assumptions + - [ ] Who it's for, list of personas impacted + - [ ] Your proposal +- [ ] Add relevant designs to the Design Management area of the issue if available +- [ ] Confirm that an unexpected outage of this feature will not negatively impact the application or other features +- [ ] Add a feature flag so that this feature can be quickly disabled if/when needed +- [ ] If this experiment introduces a new service or data store, ensure it is not processing or storing [red data](https://about.gitlab.com/handbook/security/data-classification-standard.html#data-classification-levels) without a security and if needed legal review + - *NOTE*: We recommend using one of the already adopted models or data stores. If you need to use something else, be aware that using other models or data stores will require additional review during the feature stage for operational fitness and compliance. +- [ ] Ensure this issue has the ~wg-ai-integration label to ensure visibility to various teams working on this + +</details> + +### Feature release +<details> <summary> Issue information </summary> + +- [ ] Add information to the issue body about: + - [ ] Your proposal + - [ ] The Job Statement it's expected to satisfy + - [ ] Details about the user problem and provide any research or problem validation + - [ ] List the personas impacted by the proposal. +- [ ] Add all relevant solution validation issues to the Linked items section that shows this proposal will solve the customer problem, or details explaining why it's not possible to provide that validation. +- [ ] Add relevant designs to the Design Management area of the issue. +- [ ] You have adhered to our [Definition of Done](https://docs.gitlab.com/ee/development/contributing/merge_request_workflow.html#definition-of-done) standards +- [ ] Ensure this issue has the ~wg-ai-integration label to ensure visibility to various teams working on this + +</details> + +<details> <summary> Technical needs </summary> + +- [ ] Please consider the operational aspects of the feature you are creating. A list of things to think about is in: https://gitlab.com/gitlab-org/gitlab/-/issues/403859. We will be improving this process in the future: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/117637#note_1353253349. +- [ ] @ mention your [AppSec Stable Counterpart](https://about.gitlab.com/handbook/product/categories/) and read the [AI secure coding guidelines](https://docs.gitlab.com/ee/development/secure_coding_guidelines.html#artificial-intelligence-ai-features) + +1. Work estimate and skills needs to build an ML viable feature: To build any ML feature depending on the work, there are many personas that contribute including, Data Scientist, NLP engineer, ML Engineer, MLOps Engineer, ML Infra engineers, and Fullstack engineer to integrate the ML Services with Gitlab. Post-prototype we would assess the skills needed to build a production-grade ML feature for the prototype. +2. Data Limitation: We would like to upfront validate if we have viable data for the feature including whether we can use the DataOps pipeline of ModelOps or create a custom one. We would want to understand the training data, test data, and feedback data to dial up the accuracy and the limitations of the data. +3. Model Limitation: We would want to understand if we can use an open-source pre-trained model, tune and customize it or start a model from scratch as well. Further, we would assess based on the ModelOps model evaluation framework which would be the right model to use based on the use case. +4. Cost, Scalability, Reliability: We would want to estimate the cost of hosting, serving, inference of the model, and the full end-to-end infrastructure including monitoring and observability. +5. Legal and Ethical Framework: We would want to align with legal and ethical framework like any other ModelOps features to cover across the nine principles of responsible ML and any legal support needed. + +</details> + +<details> <summary> Dependency needs </summary> + +- [ ] Please consider the operational aspects of the service you are creating. A list of things to think about is in: https://gitlab.com/gitlab-org/gitlab/-/issues/403859. We will be improving this process in the future: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/117637#note_1353253349. + +</details> + +<details> <summary> Legal needs </summary> + +- [ ] TBD + +</details> + +## Additional resources +- If you'd like help with technical validation, or would like to discuss UX considerations for AI mention the AI Assisted group using `@gitlab-org/modelops/applied-ml`. +- Read about our [AI Integration strategy](https://internal-handbook.gitlab.io/handbook/product/ai-strategy/ai-integration-effort/) +- Slack channels + - `#wg_ai_integration` - Slack channel for the working group and the high level alignment on getting AI ready for Production (Development, Product, UX, Legal, etc.) But from the other channels fell free to reach out and post progress here + - `#ai_integration_dev_lobby` - Channel for all implementation related topics and discussions of actual AI features (e.g. explain the code) + - `#ai_enablement_team` - Channel for the AI Enablement Team which is building the base for all features (experimentation API, Abstraction Layer, Embeddings, etc.) + + +/label ~wg-ai-integration +/cc @tmccaslin @hbenson @wayne @pedroms @jmandell +/confidential diff --git a/.gitlab/issue_templates/Deprecations.md b/.gitlab/issue_templates/Deprecations.md index 49f1129fe89..30d01c5f5c4 100644 --- a/.gitlab/issue_templates/Deprecations.md +++ b/.gitlab/issue_templates/Deprecations.md @@ -49,9 +49,9 @@ Which tier is this feature available in? Please add links to the relevant merge requests. - As soon as possible, but no later than the third milestone preceding the major release (for example, given the following release schedule: `14.8, 14.9, 14.10, 15.0` – `14.8` is the third milestone preceding the major release): - - [ ] A [deprecation announcement entry](https://about.gitlab.com/handbook/marketing/blog/release-posts/#creating-a-deprecation-announcement) has been created so the deprecation will appear in release posts and on the [general deprecation page](https://docs.gitlab.com/ee/update/deprecations). + - [ ] A [deprecation announcement entry](https://about.gitlab.com/handbook/marketing/blog/release-posts/#creating-the-announcement) has been created so the deprecation will appear in release posts and on the [general deprecation page](https://docs.gitlab.com/ee/update/deprecations). - [ ] Documentation has been updated to mark the feature as [deprecated](https://docs.gitlab.com/ee/development/documentation/versions.html#deprecations-and-removals). -- [ ] On or before the major milestone: A [removal entry](https://about.gitlab.com/handbook/marketing/blog/release-posts/#removals) has been created so the removal will appear on the [removals by milestones](https://docs.gitlab.com/ee/update/removals) page and be announced in the release post. +- [ ] On or before the major milestone: A [removal entry](https://about.gitlab.com/handbook/marketing/blog/release-posts/#creating-the-announcement-1) has been created so the removal will appear on the [removals by milestones](https://docs.gitlab.com/ee/update/removals) page and be announced in the release post. - On the major milestone: - [ ] The deprecated item has been removed. - [ ] If the removal of the deprecated item is a [breaking change](https://about.gitlab.com/handbook/product/gitlab-the-product/#examples-of-breaking-changes), the merge request is labeled ~"breaking change". diff --git a/.gitlab/issue_templates/Feature Flag Cleanup.md b/.gitlab/issue_templates/Feature Flag Cleanup.md index d32b0c874d4..f96165fd359 100644 --- a/.gitlab/issue_templates/Feature Flag Cleanup.md +++ b/.gitlab/issue_templates/Feature Flag Cleanup.md @@ -48,4 +48,4 @@ Are there any other stages or teams involved that need to be kept in the loop? - [ ] Close this rollout issue. -/label ~"feature flag" ~"type::feature" ~"feature::addition" +/label ~"feature flag" ~"type::maintenance" ~"maintenance::removal" diff --git a/.gitlab/issue_templates/Feature Flag Roll Out.md b/.gitlab/issue_templates/Feature Flag Roll Out.md index 5791eca11ff..5efc9304a4e 100644 --- a/.gitlab/issue_templates/Feature Flag Roll Out.md +++ b/.gitlab/issue_templates/Feature Flag Roll Out.md @@ -43,9 +43,9 @@ Are there any other stages or teams involved that need to be kept in the loop? <!-- What are the settings we need to configure in order to have this feature viable? --> -<!-- +<!-- Example below: - + 1. Enable service ping collection `ApplicationSetting.first.update(usage_ping_enabled: true)` --> @@ -57,7 +57,7 @@ Example below: ### What can we monitor to detect problems with this? <!-- Which dashboards from https://dashboards.gitlab.net are most relevant? --> -_Consider mentioning checks for 5xx errors or other anomalies like an increase in redirects +_Consider mentioning checks for 5xx errors or other anomalies like an increase in redirects (302 HTTP response status)_ ### What can we check for monitoring production after rollouts? @@ -66,7 +66,7 @@ _Consider adding links to check for Sentry errors, Production logs for 5xx, 302s ## Rollout Steps -Note: Please make sure to run the chatops commands in the slack channel that gets impacted by the command. +Note: Please make sure to run the chatops commands in the slack channel that gets impacted by the command. ### Rollout on non-production environments @@ -75,11 +75,15 @@ Note: Please make sure to run the chatops commands in the slack channel that get - [ ] `/chatops run auto_deploy status <merge-commit-of-your-feature>` - [ ] Enable the feature globally on non-production environments. - [ ] `/chatops run feature set <feature-flag-name> true --dev --staging --staging-ref` + - If the feature flag causes QA end-to-end tests to fail: + - [ ] Disable the feature flag on staging to avoid blocking [deployments](https://about.gitlab.com/handbook/engineering/deployments-and-releases/deployments/). - [ ] Verify that the feature works as expected. Posting the QA result in this issue is preferable. The best environment to validate the feature in is [staging-canary](https://about.gitlab.com/handbook/engineering/infrastructure/environments/#staging-canary) as this is the first environment deployed to. Note you will need to make sure you are configured to use canary as outlined [here](https://about.gitlab.com/handbook/engineering/infrastructure/environments/canary-stage/) when accessing the staging environment in order to make sure you are testing appropriately. +For assistance with QA end-to-end test failures, please reach out via the `#quality` Slack channel. Note that QA test failures on staging-ref [don't block deployments](https://about.gitlab.com/handbook/engineering/infrastructure/environments/staging-ref/#how-to-use-staging-ref). + ### Specific rollout on production For visibility, all `/chatops` commands that target production should be executed in the `#production` slack channel and cross-posted (with the command results) to the responsible team's slack channel (`#g_TEAM_NAME`). @@ -104,7 +108,7 @@ For visibility, all `/chatops` commands that target production should be execute - [ ] Ensure that you or a representative in development can be available for at least 2 hours after feature flag updates in production. If a different developer will be covering, or an exception is needed, please inform the oncall SRE by using the `@sre-oncall` Slack alias. - [ ] Ensure that documentation has been updated ([More info](https://docs.gitlab.com/ee/development/documentation/feature_flags.html#features-that-became-enabled-by-default)). -- [ ] Leave a comment on [the feature issue][main-issue] announcing estimated time when this feature flag will be enabled on GitLab.com. +- [ ] Leave a comment on [the feature issue][main-issue] announcing estimated time when this feature flag will be enabled on GitLab.com. - [ ] Ensure that any breaking changes have been announced following the [release post process](https://about.gitlab.com/handbook/marketing/blog/release-posts/#deprecations-removals-and-breaking-changes) to ensure GitLab customers are aware. - [ ] Notify `#support_gitlab-com` and your team channel ([more guidance when this is necessary in the dev docs](https://docs.gitlab.com/ee/development/feature_flags/controls.html#communicate-the-change)). - [ ] Ensure that the feature flag rollout plan is reviewed by another developer familiar with the domain. diff --git a/.gitlab/issue_templates/Geo Replicate a new Git repository type.md b/.gitlab/issue_templates/Geo Replicate a new Git repository type.md index eee989ed21e..05a643c967c 100644 --- a/.gitlab/issue_templates/Geo Replicate a new Git repository type.md +++ b/.gitlab/issue_templates/Geo Replicate a new Git repository type.md @@ -54,7 +54,7 @@ Geo secondary sites have a [Geo tracking database](https://gitlab.com/gitlab-org ```ruby # frozen_string_literal: true - class CreateCoolWidgetRegistry < Gitlab::Database::Migration[2.0] + class CreateCoolWidgetRegistry < Gitlab::Database::Migration[2.1] def change create_table :cool_widget_registry, id: :bigserial, force: :cascade do |t| t.bigint :cool_widget_id, null: false @@ -80,11 +80,19 @@ Geo secondary sites have a [Geo tracking database](https://gitlab.com/gitlab-org t.index :retry_at t.index :state # To optimize performance of CoolWidgetRegistry.verification_failed_batch - t.index :verification_retry_at, name: :cool_widget_registry_failed_verification, order: "NULLS FIRST", where: "((state = 2) AND (verification_state = 3))" + t.index :verification_retry_at, + name: :cool_widget_registry_failed_verification, + order: "NULLS FIRST", + where: "((state = 2) AND (verification_state = 3))" # To optimize performance of CoolWidgetRegistry.needs_verification_count - t.index :verification_state, name: :cool_widget_registry_needs_verification, where: "((state = 2) AND (verification_state = ANY (ARRAY[0, 3])))" + t.index :verification_state, + name: :cool_widget_registry_needs_verification, + where: "((state = 2) AND (verification_state = ANY (ARRAY[0, 3])))" # To optimize performance of CoolWidgetRegistry.verification_pending_batch - t.index :verified_at, name: :cool_widget_registry_pending_verification, order: "NULLS FIRST", where: "((state = 2) AND (verification_state = 0))" + t.index :verified_at, + name: :cool_widget_registry_pending_verification, + order: "NULLS FIRST", + where: "((state = 2) AND (verification_state = 0))" end end end @@ -92,7 +100,7 @@ Geo secondary sites have a [Geo tracking database](https://gitlab.com/gitlab-org - [ ] If deviating from the above example, then be sure to order columns according to [our guidelines](https://gitlab.com/gitlab-org/gitlab/-/blob/master/doc/development/ordering_table_columns.md). -- [ ] Add the new table to the [database dictionary](database_dictionary.md) defined in [`ee/db/docs/`](https://gitlab.com/gitlab-org/gitlab/-/tree/master/ee/db/docs): +- [ ] Add the new table to the [database dictionary](https://gitlab.com/gitlab-org/gitlab/-/blob/master/doc/development/database/database_dictionary.md) defined in [`ee/db/geo/docs/`](https://gitlab.com/gitlab-org/gitlab/-/tree/master/ee/db/geo/docs): ```yaml table_name: cool_widget_registry @@ -129,7 +137,7 @@ The Geo primary site needs to checksum every replicable so secondaries can verif ```ruby # frozen_string_literal: true - class CreateCoolWidgetStates < Gitlab::Database::Migration[2.0] + class CreateCoolWidgetStates < Gitlab::Database::Migration[2.1] VERIFICATION_STATE_INDEX_NAME = "index_cool_widget_states_on_verification_state" PENDING_VERIFICATION_INDEX_NAME = "index_cool_widget_states_pending_verification" FAILED_VERIFICATION_INDEX_NAME = "index_cool_widget_states_failed_verification" @@ -149,9 +157,17 @@ The Geo primary site needs to checksum every replicable so secondaries can verif t.text :verification_failure, limit: 255 t.index :verification_state, name: VERIFICATION_STATE_INDEX_NAME - t.index :verified_at, where: "(verification_state = 0)", order: { verified_at: 'ASC NULLS FIRST' }, name: PENDING_VERIFICATION_INDEX_NAME - t.index :verification_retry_at, where: "(verification_state = 3)", order: { verification_retry_at: 'ASC NULLS FIRST' }, name: FAILED_VERIFICATION_INDEX_NAME - t.index :verification_state, where: "(verification_state = 0 OR verification_state = 3)", name: NEEDS_VERIFICATION_INDEX_NAME + t.index :verified_at, + where: "(verification_state = 0)", + order: { verified_at: 'ASC NULLS FIRST' }, + name: PENDING_VERIFICATION_INDEX_NAME + t.index :verification_retry_at, + where: "(verification_state = 3)", + order: { verification_retry_at: 'ASC NULLS FIRST' }, + name: FAILED_VERIFICATION_INDEX_NAME + t.index :verification_state, + where: "(verification_state = 0 OR verification_state = 3)", + name: NEEDS_VERIFICATION_INDEX_NAME end end @@ -163,17 +179,20 @@ The Geo primary site needs to checksum every replicable so secondaries can verif - [ ] If deviating from the above example, then be sure to order columns according to [our guidelines](https://gitlab.com/gitlab-org/gitlab/-/blob/master/doc/development/ordering_table_columns.md). -- [ ] Add the new table to the [database dictionary](database_dictionary.md) defined in [`db/docs/`](https://gitlab.com/gitlab-org/gitlab/-/tree/master/db/docs): +- [ ] If `cool_widgets` is a high-traffic table, follow [the database documentation to use `with_lock_retries`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/doc/development/migration_style_guide.md#when-to-use-the-helper-method) + +- [ ] Add the new table to the [database dictionary](https://gitlab.com/gitlab-org/gitlab/-/blob/master/doc/development/database/database_dictionary.md) defined in [`db/docs/`](https://gitlab.com/gitlab-org/gitlab/-/tree/master/db/docs): ```yaml + --- table_name: cool_widget_states - description: Description example - introduced_by_url: Merge request link - milestone: Milestone example + description: Separate table for cool widget verification states + introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/XXXXX + milestone: 'XX.Y' feature_categories: - - Feature category example + - geo_replication classes: - - Class example + - Geo::CoolWidgetState gitlab_schema: gitlab_main ``` @@ -185,20 +204,6 @@ The Geo primary site needs to checksum every replicable so secondaries can verif - [ ] Be sure to commit the relevant changes in `db/structure.sql` and the file under `db/schema_migrations` -- [ ] Add an entry for the state table in `db/docs/cool_widget_states.yml` - - ```yaml - --- - table_name: cool_widget_states - classes: - - Geo::CoolWidgetState - feature_categories: - - geo_replication - description: Separate table for cool widget verification states - introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/XXXXX - milestone: 'XX.Y' - ``` - That's all of the required database changes. ### Implement Geo support of Cool Widgets behind a feature flag @@ -230,23 +235,30 @@ That's all of the required database changes. with_replicator Geo::CoolWidgetReplicator - mount_uploader :file, CoolWidgetUploader - has_one :cool_widget_state, autosave: false, inverse_of: :cool_widget, class_name: 'Geo::CoolWidgetState' after_save :save_verification_details - scope :with_verification_state, ->(state) { joins(:cool_widget_state).where(cool_widget_states: { verification_state: verification_state_value(state) }) } - scope :checksummed, -> { joins(:cool_widget_state).where.not(cool_widget_states: { verification_checksum: nil } ) } - scope :not_checksummed, -> { joins(:cool_widget_state).where(cool_widget_states: { verification_checksum: nil } ) } - - scope :available_verifiables, -> { joins(:cool_widget_state) } - # Override the `all` default if not all records can be replicated. For an # example of an existing Model that needs to do this, see # `EE::MergeRequestDiff`. # scope :available_replicables, -> { all } + scope :available_verifiables, -> { joins(:cool_widget_state) } + + scope :checksummed, -> { + joins(:cool_widget_state).where.not(cool_widget_states: { verification_checksum: nil }) + } + + scope :not_checksummed, -> { + joins(:cool_widget_state).where(cool_widget_states: { verification_checksum: nil }) + } + + scope :with_verification_state, ->(state) { + joins(:cool_widget_state) + .where(cool_widget_states: { verification_state: verification_state_value(state) }) + } + def verification_state_object cool_widget_state end @@ -257,7 +269,8 @@ That's all of the required database changes. ... # @param primary_key_in [Range, CoolWidget] arg to pass to primary_key_in scope - # @return [ActiveRecord::Relation<CoolWidget>] everything that should be synced to this node, restricted by primary key + # @return [ActiveRecord::Relation<CoolWidget>] everything that should be synced + # to this node, restricted by primary key def replicables_for_current_secondary(primary_key_in) # This issue template does not help you write this method. # @@ -265,7 +278,8 @@ That's all of the required database changes. # we want to know which records to replicate. This is not easy to automate # because for example: # - # * The "selective sync" feature allows admins to choose which namespaces # to replicate, per secondary site. Most Models are scoped to a + # * The "selective sync" feature allows admins to choose which namespaces + # to replicate, per secondary site. Most Models are scoped to a # namespace, but the nature of the relationship to a namespace varies # between Models. # * The "selective sync" feature allows admins to choose which shards to @@ -304,8 +318,8 @@ That's all of the required database changes. ```ruby include_examples 'a replicable model with a separate table for verification state' do - let(:verifiable_model_record) { build(:cool_widget) } # add extra params if needed to make sure the record is included in `available_verifiables` - let(:unverifiable_model_record) { build(:cool_widget) } # add extra params if needed to make sure the record is NOT included in `available_verifiables` + let(:verifiable_model_record) { build(:cool_widget) } # add extra params if needed to make sure the record is in `Geo::ReplicableModel.verifiables` scope + let(:unverifiable_model_record) { build(:cool_widget) } # add extra params if needed to make sure the record is NOT included in `Geo::ReplicableModel.verifiables` scope end ``` @@ -323,10 +337,6 @@ That's all of the required database changes. ::CoolWidget end - def repository - model_record.repository - end - def self.git_access_class ::Gitlab::GitAccessCoolWidget end @@ -353,6 +363,10 @@ That's all of the required database changes. # (see `RepositoryReplicatorStrategy#before_housekeeping`) false end + + def repository + model_record.repository + end end end ``` @@ -402,7 +416,7 @@ That's all of the required database changes. require 'spec_helper' - RSpec.describe Geo::CoolWidgetReplicator do + RSpec.describe Geo::CoolWidgetReplicator, feature_category: :geo_replication do let(:model_record) { build(:cool_widget) } include_examples 'a repository replicator' @@ -451,6 +465,7 @@ That's all of the required database changes. state { Geo::CoolWidgetRegistry.state_value(:failed) } last_synced_at { 1.day.ago } retry_count { 2 } + retry_at { 2.hours.from_now } last_sync_failure { 'Random error' } end @@ -476,7 +491,7 @@ That's all of the required database changes. require 'spec_helper' - RSpec.describe Geo::CoolWidgetRegistry, :geo, type: :model do + RSpec.describe Geo::CoolWidgetRegistry, :geo, type: :model, feature_category: :geo_replication do let_it_be(:registry) { create(:geo_cool_widget_registry) } specify 'factory is valid' do @@ -491,17 +506,21 @@ That's all of the required database changes. - [ ] Add the following to `ee/spec/factories/cool_widgets.rb`: ```ruby + # frozen_string_literal: true + FactoryBot.modify do - trait :verification_succeeded do - with_file - verification_checksum { 'abc' } - verification_state { CoolWidget.verification_state_value(:verification_succeeded) } - end + factory :cool_widget do + trait :verification_succeeded do + with_file + verification_checksum { 'abc' } + verification_state { CoolWidget.verification_state_value(:verification_succeeded) } + end - trait :verification_failed do - with_file - verification_failure { 'Could not calculate the checksum' } - verification_state { CoolWidget.verification_state_value(:verification_failed) } + trait :verification_failed do + with_file + verification_failure { 'Could not calculate the checksum' } + verification_state { CoolWidget.verification_state_value(:verification_failed) } + end end end ``` @@ -549,7 +568,7 @@ That's all of the required database changes. end ``` -- [ ] Add `[:cool_widget, :remote_store]` and `[:geo_cool_widget_state, any]` to `skipped` in `spec/models/factories_spec.rb` +- [ ] Add `[:geo_cool_widget_state, any]` to `skipped` in `spec/models/factories_spec.rb` #### Step 2. Implement metrics gathering @@ -573,18 +592,19 @@ Metrics are gathered by `Geo::MetricsUpdateWorker`, persisted in `GeoNodeStatus` - [ ] Add the following fields to the `Sidekiq metrics` table in `doc/administration/monitoring/prometheus/gitlab_metrics.md`: ```markdown | `geo_cool_widgets` | Gauge | XX.Y | Number of Cool Widgets on primary | `url` | - | `geo_cool_widgets_checksum_total` | Gauge | XX.Y | Number of Cool Widgets checksummed successfully on primary | `url` | - | `geo_cool_widgets_checksummed` | Gauge | XX.Y | Number of Cool Widgets failed to calculate the checksum on primary | `url` | - | `geo_cool_widgets_checksum_failed` | Gauge | XX.Y | Number of Cool Widgets tried to checksum on primary | `url` | + | `geo_cool_widgets_checksum_total` | Gauge | XX.Y | Number of Cool Widgets to checksum on primary | `url` | + | `geo_cool_widgets_checksummed` | Gauge | XX.Y | Number of Cool Widgets that successfully calculated the checksum on primary | `url` | + | `geo_cool_widgets_checksum_failed` | Gauge | XX.Y | Number of Cool Widgets that failed to calculate the checksum on primary | `url` | | `geo_cool_widgets_synced` | Gauge | XX.Y | Number of syncable Cool Widgets synced on secondary | `url` | | `geo_cool_widgets_failed` | Gauge | XX.Y | Number of syncable Cool Widgets failed to sync on secondary | `url` | | `geo_cool_widgets_registry` | Gauge | XX.Y | Number of Cool Widgets in the registry | `url` | - | `geo_cool_widgets_verification_total` | Gauge | XX.Y | Number of Cool Widgets verified on secondary | `url` | - | `geo_cool_widgets_verified` | Gauge | XX.Y | Number of Cool Widgets' verifications failed on secondary | `url` | - | `geo_cool_widgets_verification_failed` | Gauge | XX.Y | Number of Cool Widgets' verifications tried on secondary | `url` | + | `geo_cool_widgets_verification_total` | Gauge | XX.Y | Number of Cool Widgets to attempt to verify on secondary | `url` | + | `geo_cool_widgets_verified` | Gauge | XX.Y | Number of Cool Widgets successfully verified on secondary | `url` | + | `geo_cool_widgets_verification_failed` | Gauge | XX.Y | Number of Cool Widgets that failed verification on secondary | `url` | ``` +- [ ] Run the rake task `geo:dev:ssf_metrics` and commit the changes to `ee/config/metrics/object_schemas/geo_node_usage.json` -Cool Widget replication and verification metrics should now be available in the API, the `Admin > Geo > Nodes` view, and Prometheus. +Cool Widget replication and verification metrics should now be available in the API, the `Admin > Geo > Sites` view, and Prometheus. #### Step 3. Implement the GraphQL API @@ -625,7 +645,7 @@ The GraphQL API is used by `Admin > Geo > Replication Details` views, and is dir require 'spec_helper' - RSpec.describe Resolvers::Geo::CoolWidgetRegistriesResolver do + RSpec.describe Resolvers::Geo::CoolWidgetRegistriesResolver, feature_category: :geo_replication do it_behaves_like 'a Geo registries resolver', :geo_cool_widget_registry end ``` @@ -649,7 +669,7 @@ The GraphQL API is used by `Admin > Geo > Replication Details` views, and is dir require 'spec_helper' - RSpec.describe Geo::CoolWidgetRegistryFinder do + RSpec.describe Geo::CoolWidgetRegistryFinder, feature_category: :geo_replication do it_behaves_like 'a framework registry finder', :geo_cool_widget_registry end ``` @@ -683,7 +703,7 @@ The GraphQL API is used by `Admin > Geo > Replication Details` views, and is dir require 'spec_helper' - RSpec.describe GitlabSchema.types['CoolWidgetRegistry'] do + RSpec.describe GitlabSchema.types['CoolWidgetRegistry'], feature_category: :geo_replication do it_behaves_like 'a Geo registry type' it 'has the expected fields (other than those included in RegistryType)' do diff --git a/.gitlab/issue_templates/Geo Replicate a new blob type.md b/.gitlab/issue_templates/Geo Replicate a new blob type.md index 88a7fad4975..fc454919cec 100644 --- a/.gitlab/issue_templates/Geo Replicate a new blob type.md +++ b/.gitlab/issue_templates/Geo Replicate a new blob type.md @@ -56,7 +56,7 @@ Geo secondary sites have a [Geo tracking database](https://gitlab.com/gitlab-org ```ruby # frozen_string_literal: true - class CreateCoolWidgetRegistry < Gitlab::Database::Migration[2.0] + class CreateCoolWidgetRegistry < Gitlab::Database::Migration[2.1] def change create_table :cool_widget_registry, id: :bigserial, force: :cascade do |t| t.bigint :cool_widget_id, null: false @@ -80,11 +80,19 @@ Geo secondary sites have a [Geo tracking database](https://gitlab.com/gitlab-org t.index :retry_at t.index :state # To optimize performance of CoolWidgetRegistry.verification_failed_batch - t.index :verification_retry_at, name: :cool_widget_registry_failed_verification, order: "NULLS FIRST", where: "((state = 2) AND (verification_state = 3))" + t.index :verification_retry_at, + name: :cool_widget_registry_failed_verification, + order: "NULLS FIRST", + where: "((state = 2) AND (verification_state = 3))" # To optimize performance of CoolWidgetRegistry.needs_verification_count - t.index :verification_state, name: :cool_widget_registry_needs_verification, where: "((state = 2) AND (verification_state = ANY (ARRAY[0, 3])))" + t.index :verification_state, + name: :cool_widget_registry_needs_verification, + where: "((state = 2) AND (verification_state = ANY (ARRAY[0, 3])))" # To optimize performance of CoolWidgetRegistry.verification_pending_batch - t.index :verified_at, name: :cool_widget_registry_pending_verification, order: "NULLS FIRST", where: "((state = 2) AND (verification_state = 0))" + t.index :verified_at, + name: :cool_widget_registry_pending_verification, + order: "NULLS FIRST", + where: "((state = 2) AND (verification_state = 0))" end end end @@ -92,7 +100,7 @@ Geo secondary sites have a [Geo tracking database](https://gitlab.com/gitlab-org - [ ] If deviating from the above example, then be sure to order columns according to [our guidelines](https://gitlab.com/gitlab-org/gitlab/-/blob/master/doc/development/ordering_table_columns.md). -- [ ] Add the new table to the [database dictionary](database_dictionary.md) defined in [`ee/db/docs/`](https://gitlab.com/gitlab-org/gitlab/-/tree/master/ee/db/docs): +- [ ] Add the new table to the [database dictionary](https://gitlab.com/gitlab-org/gitlab/-/blob/master/doc/development/database/database_dictionary.md) defined in [`ee/db/geo/docs/`](https://gitlab.com/gitlab-org/gitlab/-/tree/master/ee/db/geo/docs): ```yaml table_name: cool_widget_registry @@ -131,7 +139,7 @@ The Geo primary site needs to checksum every replicable so secondaries can verif ```ruby # frozen_string_literal: true - class CreateCoolWidgetStates < Gitlab::Database::Migration[2.0] + class CreateCoolWidgetStates < Gitlab::Database::Migration[2.1] VERIFICATION_STATE_INDEX_NAME = "index_cool_widget_states_on_verification_state" PENDING_VERIFICATION_INDEX_NAME = "index_cool_widget_states_pending_verification" FAILED_VERIFICATION_INDEX_NAME = "index_cool_widget_states_failed_verification" @@ -144,16 +152,28 @@ The Geo primary site needs to checksum every replicable so secondaries can verif t.datetime_with_timezone :verification_started_at t.datetime_with_timezone :verification_retry_at t.datetime_with_timezone :verified_at - t.references :cool_widget, primary_key: true, default: nil, index: false, foreign_key: { on_delete: :cascade } + t.references :cool_widget, + primary_key: true, + default: nil, + index: false, + foreign_key: { on_delete: :cascade } t.integer :verification_state, default: 0, limit: 2, null: false t.integer :verification_retry_count, default: 0, limit: 2, null: false t.binary :verification_checksum, using: 'verification_checksum::bytea' t.text :verification_failure, limit: 255 t.index :verification_state, name: VERIFICATION_STATE_INDEX_NAME - t.index :verified_at, where: "(verification_state = 0)", order: { verified_at: 'ASC NULLS FIRST' }, name: PENDING_VERIFICATION_INDEX_NAME - t.index :verification_retry_at, where: "(verification_state = 3)", order: { verification_retry_at: 'ASC NULLS FIRST' }, name: FAILED_VERIFICATION_INDEX_NAME - t.index :verification_state, where: "(verification_state = 0 OR verification_state = 3)", name: NEEDS_VERIFICATION_INDEX_NAME + t.index :verified_at, + where: "(verification_state = 0)", + order: { verified_at: 'ASC NULLS FIRST' }, + name: PENDING_VERIFICATION_INDEX_NAME + t.index :verification_retry_at, + where: "(verification_state = 3)", + order: { verification_retry_at: 'ASC NULLS FIRST' }, + name: FAILED_VERIFICATION_INDEX_NAME + t.index :verification_state, + where: "(verification_state = 0 OR verification_state = 3)", + name: NEEDS_VERIFICATION_INDEX_NAME end end @@ -165,17 +185,20 @@ The Geo primary site needs to checksum every replicable so secondaries can verif - [ ] If deviating from the above example, then be sure to order columns according to [our guidelines](https://gitlab.com/gitlab-org/gitlab/-/blob/master/doc/development/ordering_table_columns.md). -- [ ] Add the new table to the database dictionary defined in [`db/docs/`](https://gitlab.com/gitlab-org/gitlab/-/tree/master/db/docs): +- [ ] If `cool_widgets` is a high-traffic table, follow [the database documentation to use `with_lock_retries`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/doc/development/migration_style_guide.md#when-to-use-the-helper-method) + +- [ ] Add the new table to the [database dictionary](https://gitlab.com/gitlab-org/gitlab/-/blob/master/doc/development/database/database_dictionary.md) defined in [`db/docs/`](https://gitlab.com/gitlab-org/gitlab/-/tree/master/db/docs): ```yaml + --- table_name: cool_widget_states - description: Description example - introduced_by_url: Merge request link - milestone: Milestone example + description: Separate table for cool widget verification states + introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/XXXXX + milestone: 'XX.Y' feature_categories: - - Feature category example + - geo_replication classes: - - Class example + - Geo::CoolWidgetState gitlab_schema: gitlab_main ``` @@ -185,24 +208,8 @@ The Geo primary site needs to checksum every replicable so secondaries can verif bin/rake db:migrate ``` -- [ ] If `cool_widgets` is a high-traffic table, follow [the database documentation to use `with_lock_retries`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/doc/development/migration_style_guide.md#when-to-use-the-helper-method) - - [ ] Be sure to commit the relevant changes in `db/structure.sql` and the file under `db/schema_migrations` -- [ ] Add an entry for the state table in `db/docs/cool_widget_states.yml` - - ```yaml - --- - table_name: cool_widget_states - classes: - - Geo::CoolWidgetState - feature_categories: - - geo_replication - description: Separate table for cool widget verification states - introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/XXXXX - milestone: 'XX.Y' - ``` - That's all of the required database changes. ### Implement Geo support of Cool Widgets behind a feature flag @@ -238,17 +245,26 @@ That's all of the required database changes. after_save :save_verification_details - scope :with_verification_state, ->(state) { joins(:cool_widget_state).where(cool_widget_states: { verification_state: verification_state_value(state) }) } - scope :checksummed, -> { joins(:cool_widget_state).where.not(cool_widget_states: { verification_checksum: nil } ) } - scope :not_checksummed, -> { joins(:cool_widget_state).where(cool_widget_states: { verification_checksum: nil } ) } - - scope :available_verifiables, -> { joins(:cool_widget_state) } - # Override the `all` default if not all records can be replicated. For an # example of an existing Model that needs to do this, see # `EE::MergeRequestDiff`. # scope :available_replicables, -> { all } + scope :available_verifiables, -> { joins(:cool_widget_state) } + + scope :checksummed, -> { + joins(:cool_widget_state).where.not(cool_widget_states: { verification_checksum: nil }) + } + + scope :not_checksummed, -> { + joins(:cool_widget_state).where(cool_widget_states: { verification_checksum: nil }) + } + + scope :with_verification_state, ->(state) { + joins(:cool_widget_state) + .where(cool_widget_states: { verification_state: verification_state_value(state) }) + } + def verification_state_object cool_widget_state end @@ -259,7 +275,8 @@ That's all of the required database changes. ... # @param primary_key_in [Range, CoolWidget] arg to pass to primary_key_in scope - # @return [ActiveRecord::Relation<CoolWidget>] everything that should be synced to this node, restricted by primary key + # @return [ActiveRecord::Relation<CoolWidget>] everything that should be synced + # to this node, restricted by primary key def replicables_for_current_secondary(primary_key_in) # This issue template does not help you write this method. # @@ -301,8 +318,8 @@ That's all of the required database changes. ```ruby include_examples 'a replicable model with a separate table for verification state' do - let(:verifiable_model_record) { build(:cool_widget) } # add extra params if needed to make sure the record is included in `available_verifiables` - let(:unverifiable_model_record) { build(:cool_widget) } # add extra params if needed to make sure the record is NOT included in `available_verifiables` + let(:verifiable_model_record) { build(:cool_widget) } # add extra params if needed to make sure the record is in `Geo::ReplicableModel.verifiables` scope + let(:unverifiable_model_record) { build(:cool_widget) } # add extra params if needed to make sure the record is NOT included in `Geo::ReplicableModel.verifiables` scope end ``` @@ -332,7 +349,6 @@ That's all of the required database changes. # (see `VerifiableReplicator.verification_enabled?`) true end - end end ``` @@ -360,7 +376,7 @@ That's all of the required database changes. require 'spec_helper' - RSpec.describe Geo::CoolWidgetReplicator do + RSpec.describe Geo::CoolWidgetReplicator, feature_category: :geo_replication do let(:model_record) { build(:cool_widget) } include_examples 'a blob replicator' @@ -409,6 +425,7 @@ That's all of the required database changes. state { Geo::CoolWidgetRegistry.state_value(:failed) } last_synced_at { 1.day.ago } retry_count { 2 } + retry_at { 2.hours.from_now } last_sync_failure { 'Random error' } end @@ -434,7 +451,7 @@ That's all of the required database changes. require 'spec_helper' - RSpec.describe Geo::CoolWidgetRegistry, :geo, type: :model do + RSpec.describe Geo::CoolWidgetRegistry, :geo, type: :model, feature_category: :geo_replication do let_it_be(:registry) { create(:geo_cool_widget_registry) } specify 'factory is valid' do @@ -449,17 +466,21 @@ That's all of the required database changes. - [ ] Add the following to `spec/factories/cool_widgets.rb`: ```ruby + # frozen_string_literal: true + FactoryBot.modify do - trait :verification_succeeded do - with_file - verification_checksum { 'abc' } - verification_state { CoolWidget.verification_state_value(:verification_succeeded) } - end + factory :cool_widget do + trait :verification_succeeded do + with_file + verification_checksum { 'abc' } + verification_state { CoolWidget.verification_state_value(:verification_succeeded) } + end - trait :verification_failed do - with_file - verification_failure { 'Could not calculate the checksum' } - verification_state { CoolWidget.verification_state_value(:verification_failed) } + trait :verification_failed do + with_file + verification_failure { 'Could not calculate the checksum' } + verification_state { CoolWidget.verification_state_value(:verification_failed) } + end end end ``` @@ -539,18 +560,19 @@ Metrics are gathered by `Geo::MetricsUpdateWorker`, persisted in `GeoNodeStatus` ```markdown | `geo_cool_widgets` | Gauge | XX.Y | Number of Cool Widgets on primary | `url` | - | `geo_cool_widgets_checksum_total` | Gauge | XX.Y | Number of Cool Widgets checksummed successfully on primary | `url` | - | `geo_cool_widgets_checksummed` | Gauge | XX.Y | Number of Cool Widgets failed to calculate the checksum on primary | `url` | - | `geo_cool_widgets_checksum_failed` | Gauge | XX.Y | Number of Cool Widgets tried to checksum on primary | `url` | + | `geo_cool_widgets_checksum_total` | Gauge | XX.Y | Number of Cool Widgets to checksum on primary | `url` | + | `geo_cool_widgets_checksummed` | Gauge | XX.Y | Number of Cool Widgets that successfully calculated the checksum on primary | `url` | + | `geo_cool_widgets_checksum_failed` | Gauge | XX.Y | Number of Cool Widgets that failed to calculate the checksum on primary | `url` | | `geo_cool_widgets_synced` | Gauge | XX.Y | Number of syncable Cool Widgets synced on secondary | `url` | | `geo_cool_widgets_failed` | Gauge | XX.Y | Number of syncable Cool Widgets failed to sync on secondary | `url` | | `geo_cool_widgets_registry` | Gauge | XX.Y | Number of Cool Widgets in the registry | `url` | - | `geo_cool_widgets_verification_total` | Gauge | XX.Y | Number of Cool Widgets verified on secondary | `url` | - | `geo_cool_widgets_verified` | Gauge | XX.Y | Number of Cool Widgets' verifications failed on secondary | `url` | - | `geo_cool_widgets_verification_failed` | Gauge | XX.Y | Number of Cool Widgets' verifications tried on secondary | `url` | + | `geo_cool_widgets_verification_total` | Gauge | XX.Y | Number of Cool Widgets to attempt to verify on secondary | `url` | + | `geo_cool_widgets_verified` | Gauge | XX.Y | Number of Cool Widgets successfully verified on secondary | `url` | + | `geo_cool_widgets_verification_failed` | Gauge | XX.Y | Number of Cool Widgets that failed verification on secondary | `url` | ``` +- [ ] Run the rake task `geo:dev:ssf_metrics` and commit the changes to `ee/config/metrics/object_schemas/geo_node_usage.json` - Cool Widget replication and verification metrics should now be available in the API, the `Admin > Geo > Nodes` view, and Prometheus. + Cool Widget replication and verification metrics should now be available in the API, the `Admin > Geo > Sites` view, and Prometheus. #### Step 3. Implement the GraphQL API @@ -591,7 +613,7 @@ The GraphQL API is used by `Admin > Geo > Replication Details` views, and is dir require 'spec_helper' - RSpec.describe Resolvers::Geo::CoolWidgetRegistriesResolver do + RSpec.describe Resolvers::Geo::CoolWidgetRegistriesResolver, feature_category: :geo_replication do it_behaves_like 'a Geo registries resolver', :geo_cool_widget_registry end ``` @@ -615,7 +637,7 @@ The GraphQL API is used by `Admin > Geo > Replication Details` views, and is dir require 'spec_helper' - RSpec.describe Geo::CoolWidgetRegistryFinder do + RSpec.describe Geo::CoolWidgetRegistryFinder, feature_category: :geo_replication do it_behaves_like 'a framework registry finder', :geo_cool_widget_registry end ``` @@ -649,7 +671,7 @@ The GraphQL API is used by `Admin > Geo > Replication Details` views, and is dir require 'spec_helper' - RSpec.describe GitlabSchema.types['CoolWidgetRegistry'] do + RSpec.describe GitlabSchema.types['CoolWidgetRegistry'], feature_category: :geo_replication do it_behaves_like 'a Geo registry type' it 'has the expected fields (other than those included in RegistryType)' do diff --git a/.gitlab/issue_templates/Navigation Proposals.md b/.gitlab/issue_templates/Navigation Proposals.md index 72c8f43cc97..934cf440006 100644 --- a/.gitlab/issue_templates/Navigation Proposals.md +++ b/.gitlab/issue_templates/Navigation Proposals.md @@ -4,12 +4,23 @@ <!-- Use this section to explain the proposed changes, including details around usage and business drivers. --> + +#### Other locations that were considered + + <!-- Include other design patterns or places you considered for this feature besides navigation. --> + ### Checklist +- [ ] Review the handbook page for [navigation changes](https://about.gitlab.com/handbook/product/ux/navigation/#when-to-consider-making-a-change-to-the-navigation) - [ ] Add relevant information to the issue description detailing your proposal, including usage and business drivers. -- [ ] Follow the [product development workflow](https://about.gitlab.com/handbook/product-development-flow/#validation-phase-2-problem-validation) validation process to ensure you are solving a well understood problem and that the proposed change is understandable and non-disruptive to users. Navigation-specific research is strongly encouraged. -- [ ] Engage the [Foundations Product Manager](https://about.gitlab.com/handbook/product/categories/#foundations-group) for approval. The Foundations DRI will work with UX partners in product design, research, and technical writing, as applicable. -- [ ] Engage the [Foundations](https://about.gitlab.com/handbook/product/categories/#foundations-group) team to ensure your proposal is in alignment with holistic changes happening to the left side bar. -- [ ] Consider whether you need to communicate the change somehow, or if you will have an interim period in the UI where your nav item will live in more than one place. +- [ ] List at least two other places you considered to introduce your feature +- [ ] Add relevant designs to the Design Management area of the issue +- [ ] Ensure your UI suggestion align with the [Documentation Style Guide](https://docs.gitlab.com/ee/development/documentation/styleguide/) +- [ ] Engage ~"Technical Writing". They can help craft a term that best describes the feature(s) you’re proposing. +- [ ] Follow the [product development workflow](https://about.gitlab.com/handbook/product-development-flow/#validation-phase-2-problem-validation) validation process to ensure you are solving a well understood problem and that the proposed change is understandable and non-disruptive to users. Navigation-specific research is mandatory for additions or when restructuring. +- [ ] Engage the [Foundations Product Manager](https://about.gitlab.com/handbook/product/categories/#foundations-group) for approval. The Foundations DRI (@cdybenko) will work with UX partners in product design, research, and technical writing, as applicable. +- [ ] Consider whether you need to [communicate the change somehow](https://design.gitlab.com/patterns/navigation#messaging-changes-to-users), or if you will have an interim period in the UI where your item will live in more than one place. +- [ ] Ensure engineers are familiar with the [implementation steps for navigation](https://docs.gitlab.com/ee/development/navigation_sidebar.html#navigation-sidebar). -/label ~UX ~"UI text" ~"documentation" ~"documentation" ~"Category:Navigation & Settings" ~"Category:Foundations" ~navigation +/label ~UX ~"UI text" ~"documentation" ~"Category:Navigation & Settings" ~navigation ~type::ignore +/label ~"Nav request::Start" diff --git a/.gitlab/issue_templates/Pipeline Authoring Issue Implementation.md b/.gitlab/issue_templates/Pipeline Authoring Issue Implementation.md index 7bb602feed2..26dc1c97a99 100644 --- a/.gitlab/issue_templates/Pipeline Authoring Issue Implementation.md +++ b/.gitlab/issue_templates/Pipeline Authoring Issue Implementation.md @@ -20,6 +20,7 @@ _NOTE: If the issue has addressed all of these questions, this separate section Some relevant technical details, if applicable, such as: - Does this need a ~"feature flag"? +- Does there need to be an associated ~"instrumentation" issue created related to this work? - Is there an example response showing the data structure that should be returned (new endpoints only)? - What permissions should be used? - Is this EE or CE? diff --git a/.gitlab/issue_templates/Security developer workflow.md b/.gitlab/issue_templates/Security developer workflow.md index 3857303f2c4..294d699ea2f 100644 --- a/.gitlab/issue_templates/Security developer workflow.md +++ b/.gitlab/issue_templates/Security developer workflow.md @@ -13,6 +13,7 @@ Set the title to: `Description of the original issue` - [ ] Add a `~severity::x` label to the issue and all associated merge requests. - [ ] **IMPORTANT**: Mark this [issue as linked] to the Security Release Tracking Issue. You can find it [here](https://gitlab.com/gitlab-org/gitlab/-/issues?sort=created_date&state=opened&label_name[]=upcoming+security+release). This issue MUST be linked for the release bot to know that the associated merge requests should be merged for this security release. +- [ ] Mark this [issue as linked] to the `gitlab-org/gitlab` issue that describes the security vulnerability. - Fill out the [Links section](#links): - [ ] Next to **Issue on GitLab**, add a link to the `gitlab-org/gitlab` issue that describes the security vulnerability. - [ ] If this change affects the public interface (public API or UI) of the product, post in the `#support_gitlab-com` Slack channel to explain the impact and discuss a mitigation plan for users that might be affected. If you need Support feedback or approval, reach out in `#spt_managers` Slack channel or mention `@gitlab-com/support/managers`. diff --git a/.gitlab/issue_templates/UX Theme.md b/.gitlab/issue_templates/UX Theme.md index b015c3d44e6..32e771735b1 100644 --- a/.gitlab/issue_templates/UX Theme.md +++ b/.gitlab/issue_templates/UX Theme.md @@ -1,39 +1,25 @@ -<!-- A majority of the work designers do will be on themes in the (Now) Next 1-3 milestone column of their UX Roadmap. These themes are comprised of high-confidence outcomes and validated needs. The UX theme issue is where collaboration should occur, including plans and discussion on subthemes, research, and design feedback. Related issues for design exploration and solution validation should stem from the theme issue. +<!-- Most of the work designers do will be on themes in the (Now) Next 1-3 milestone column of their UX Roadmap. These themes are comprised of high-confidence outcomes and validated needs. The UX theme issue is where collaboration should occur, including plans and discussion on subthemes, research, and design feedback. Related design exploration and solution validation issues should stem from the theme issue. -One of the advantages of working with UX themes is that it allows us to think and design holistically by designing the theme as a whole as opposed to a single issue at a time trying to piece them together as you go. For more details please refer to this section of the handbook when creating UX Themes: https://about.gitlab.com/handbook/product/ux/product-design/ux-roadmaps/#theme-structure --> +One of the advantages of working with UX themes is that it allows us to think and design holistically by designing the theme as a whole instead of a single issue at a time, trying to piece them together as we go. For more details, please refer to this section of the handbook when creating UX Themes: https://about.gitlab.com/handbook/product/ux/product-design/ux-roadmaps/#ux-theme-structure --> -<!-- Theme Issue Title {UX Theme: <theme statement here>} --> -<!-- Theme Statement: A theme is written as a statement that combines the beneficiary, their need, and the expected outcome when the work is delivered. Well-defined statements are concise without sacrificing the substance of the theme so that anyone can understand it at a glance. (For instance; Reduce the effort for security teams to identify and escalate business-critical risks) - -!!Note: The theme statement is the defacto title that will be used to reference the theme and serve as the theme issue title.!! It should be something that is easily understood, that quickly communicates the intent of the theme allowing team members to easily understand and recognize the expected work that will be done. +<!-- +!!Note: The theme statement is the defacto title that will reference the theme and serve as the theme issue title.!! It should be something that is easily understood that quickly communicates the intent of the theme allowing team members to easily understand and recognize the expected work that will be done. --> ---- -### Problem to solve -<!-- In a brief statement, summerize the problem we are intending to address with this theme. For instance, users are unable to complete [task], or, users struggle with the amount of steps required to complete [task] --> - +### Theme statement +<!-- A theme statement combines the beneficiary, their job, and their expected outcome when the work is delivered and serves as the design goal for the team who owns the theme. Well-defined statements are concise without sacrificing the substance of the theme so that anyone can understand it at a glance. Well-defined statements are concise without sacrificing the substance of the theme so that anyone can understand it at a glance. (For instance, Reduce the effort for security teams when prioritizing business-critical risks in their assets.) --> -### Beneficiary -<!-- Who is the recipient(s) of the value this theme provides; a customer, end-user, or buyer. Who benefits from this theme being executed? This can be a role, a team, or a persona. For instance: "Development teams, [or] Developers, [or], Sasha the Software Engineer". --> +<!-- Also Theme issue tile --> +{`Need/outcome` } + {`Beneficiary`} + {`Job/Small Job`} -- **[Direct beneficiary]** - -#### Need & Primary JTBD -<!-- What is the JTBD and what are the needs related to the beneficiary and theme? -- JTBD: The JTBD statement, for instance, (When I am triaging vulns, I want to address business-critical risks, So I can ensure there is no unattended risk in my orgs assets.) -- Need: Abstracted from the JTBD, for instance, (Identify and escalate business-critical risks detected in my orgs assets.) ---> - -- **JTBD:** -- **Need:** - -#### Expected outcome -<!-- What will the user be able to achieve when this theme is executed? For instance, (Users will be able to effectively triage vulnerabilities at scale across all their orgs assets.) --> +#### Main Job story +<!-- What is the [Main Job story](https://about.gitlab.com/handbook/product/ux/jobs-to-be-done/#how-to-write-a-jtbd) that this theme was derived from? (For instance, When I am on triage rotation, I want to address all the business-critical risks in my assets, So I can minimize the likelihood of my organization being compromised by a security breach.) --> #### Business objective -<!-- What business objective will result from delivering this theme? This answers why we are working on this theme from a business perspective. Examples of objectives are but are not limited to: Sales rate / conversion rate, Success rate / completion rate, Traffic / visitor count, Engagement, or other business-oriented goals. --> +<!-- Objectives (from a business point of view) that will be achieved upon completion. (For instance, Increase engagement by making the experience efficient while reducing the chances of users overlooking high-priority items. --> #### Confidence @@ -42,43 +28,24 @@ One of the advantages of working with UX themes is that it allows us to think an | Confidence | Research | | --- | --- | -| [High/Medium/Low] | [research/insight issue](Link) | - -### User-stories -<!-- Product designers should work with their PMs to gather up all of the relevant user stories. Look for alignment with the JTBD added above. Overall, the solution you and your team come up with should help to support the user stories. --> +| [High/Medium/Low] | [research/insight issue](Link) | -- [user-story here] -- [user-story here] -- [user-story here] -- [etc.] ### Requirements -<!-- Requirements can be taken from existing features or design issues that were used to build this theme. Any related issues should be linked with this issue in the Feature/solution issues section below. They are more granular validated needs, goals, and additional details that the theme encompasses. These are typically reserved for themes in the next (1-3 milestones) column. Requirements should answer “what” the beneficiary of this theme needs from the solution. - -Note: This is not a backlog. If the issue can not be delivered in the theme timeframe then the theme is too big and needs to be broken down into multiple themes. --> - -The beneficieray needs to be able to: -- [need here] -- [need here] -- [need here] -- [etc.] +<!-- Requirements can be taken from existing features or design issues used to build this theme. Any related issues should be linked with this issue in the Feature/solution issues section below. They are more granular validated needs, goals, and additional details that the theme encompasses. These are typically reserved for themes in the next (1-3 milestones) column. Requirements should answer “what” the beneficiary of this theme needs from the solution. -#### Feature/solution issues -<!-- Use this table to track feature issues related to this theme (if applicable). Not all themes require sub-issues as they are typically discovered while working on the theme itself. Think of these issues as if they were the result of breaking down the design into discrete work items. +Note: This is not a backlog. If the issue can not be delivered in the theme timeframe, then the theme is too big and needs to be broken down into multiple themes. --> -Note: if feature issues already exist then you can add them to this table. Keep in mind that these issues will require validation if they are being added to a Theme that's in the Next (1-3 milestones) container and are assumptive. +>⚠️ Related feature and research issues should be linked in the related issues section (Delete this line when this is done) -Refer to https://about.gitlab.com/handbook/product/ux/product-designer/#ux-issue-weights for calculating UX weights. ---> - -| Issue | UX Weight | -| ---------- | --------- | -| [Issue](link) | `0 - 10` | -| [Issue](link) | `0 - 10` | -| [Issue](link) | `0 - 10` | +#### The beneficiary needs to be able to: +- [Small job statement] + - [Micro job statement] + - [Micro job statement] +- [etc.] #### Research -<!-- Use this table to track UX research related to this theme. This may include, problem validation and/or solution validation activities. +<!-- Researchers and Designers; Use this table to track UX research related to this theme. This may include problem validation and solution validation activities. --> | Issue | Research type | Research status | @@ -87,16 +54,35 @@ Refer to https://about.gitlab.com/handbook/product/ux/product-designer/#ux-issue | [Issue]() | <!--Solution validation, Problem validation, etc., --> | <!-- Planned, In Progress, Complete, etc.,--> | #### Ready for design checklist -The items are self-check suggestions; they could be contributed by designers, product managers or researchers -* [ ] The stated `Problem to solve` has high confidence (derived from research or other data-gathering techniques) -* [ ] Relevant issues, research, and other background information are linked to the Related issues section -* [ ] The stated `Beneficiary` has been defined -* [ ] There is high confidence in the stated `Need & Primary JTBD` (derived from research or other data gathering techniques) -* [ ] The `Expected outcome` has been defined +The items are self-check suggestions; they could be contributed by designers, product managers, or researchers +* [ ] The `theme` has high confidence (derived from research or other data-gathering techniques) +* [ ] The `Related issues`, features, research, and other background information are linked to the related issues section * [ ] The `Business objective` has been defined -* [ ] The theme `Confidence` has been defined as High -* [ ] `User-stories` have been defined -* [ ] The `Requirements` have been defined and the scope has been agreed upon -* [ ] This UX Theme contains everyhting necessary to complete a design solution and is ready for design +* [ ] The `Requirements` have been defined, and the scope has been agreed upon +* [ ] This UX Theme contains everything necessary to complete a design solution and is ready for design + +#### [Thematic design workflow checklist](https://about.gitlab.com/handbook/product/ux/product-design/ux-roadmaps/#suggested-workflow) +<!-- please refer to the [suggested workflow](https://about.gitlab.com/handbook/product/ux/product-design/ux-roadmaps/#suggested-workflow) when working on UX themes--> +* [ ] **Theme assessed** Ready for design checklist complete +* [ ] **Ideate and Iterate** + * [ ] User flow diagram generated + * [ ] Low-fidelity wireframes of the entire theme created + * [ ] [Feedback requested](https://about.gitlab.com/handbook/product/ux/product-designer/#design-reviews) and incorporated into flow diagram and wireframes +* [ ] **Validate** + * [ ] [Solution validation](https://about.gitlab.com/handbook/product/ux/ux-research/solution-validation-and-methods/) conducted on Low/mid-fidelity flow +* [ ] **Refine** + * [ ] Resaerch findings incorporated into design + * [ ] All micro-interactions are defined + * [ ] All edge-cases are accounted for and defined + * [ ] All copy has been reviewed by tech writing + * [ ] Accessibnility guidelines have been considered + * [ ] High-fidelity designs posted + * [ ] Feedback requested from counterparts + * [ ] (If necessary) Validate high-fidelity flow in a 2nd round of user testing + * [ ] Refine final design from feedback and user research +* [ ] **Hand-off** + * [ ] Designs broken down based on the their ability to stand alone and that they provide value to the user. + * [ ] MVC plan agreement reached + * [ ] Planning breakdown complete /label ~"UX" ~"UX Theme" diff --git a/.gitlab/issue_templates/Utilization group - bug.md b/.gitlab/issue_templates/Utilization group - bug.md new file mode 100644 index 00000000000..03fed78189e --- /dev/null +++ b/.gitlab/issue_templates/Utilization group - bug.md @@ -0,0 +1,166 @@ +<!--- +Please read this! + +Before opening a new issue, make sure to search for keywords in the issues +filtered by the "regression" or "type::bug" label: + +- https://gitlab.com/gitlab-org/gitlab/-/merge_requests?scope=all&label_name[]=group%3A%3Autilization&label_name[]=section%3A%3Afulfillment&label_name%5B%5D=type::regression +- https://gitlab.com/gitlab-org/gitlab/-/merge_requests?scope=all&label_name[]=group%3A%3Autilization&label_name[]=section%3A%3Afulfillment&label_name%5B%5D=type::bug + +and verify the issue you're about to submit isn't a duplicate. +---> +Utilization group: Bug Report Template + +## Bug Summary + +<!-- Provide a brief overview of the issue. What is the problem that needs to be addressed? --> + +## Steps to reproduce + +<!-- Provide a clear and detailed description of the steps needed to reproduce the bug. This should include any specific inputs, expected outputs, and observed outputs. --> + +1. [Step 1] +1. [Step 2] +1. [Step 3] +1. [Step 4] +1. [Step 5] + +## Example Project + +<!-- If possible, please create an example project here on GitLab.com that exhibits the problematic +behavior, and link to it here in the bug report. If you are using an older version of GitLab, this +will also determine whether the bug is fixed in a more recent version. --> + +## What is the current *bug* behavior? + +<!-- Describe the current behavior of the system or application in response to the actions described in the steps above. --> + +## What is the expected *correct* behavior? + +<!-- Describe the expected behavior of the system or application in response to the actions described in the steps above. --> + +## Reproducibility + +<!-- Describe how frequently the bug occurs. --> + +## Impact Assessment + +<!-- Describe the impact of this bug on the user experience and/or the product as a whole. --> + +## Severity + +<!-- Provide an assessment of the severity of the bug, based on its impact on the user experience and/or the product as a whole. --> + +## Environment + +<!-- List the relevant environment information, including the operating system, web browser, device, etc. --> + +## Screenshots and/or Relevant logs + +<!-- Include any relevant screenshots to help illustrate the bug. --> +<!-- Paste any relevant logs - please use code blocks (```) to format console output, logs, and code + as it's tough to read otherwise. --> + +## Output of checks (GitLab.com) + +<!-- If you are reporting a bug on GitLab.com, uncomment below, if not, delete this section --> + +<!-- This bug happens on GitLab.com --> +<!-- /label ~"reproduced on GitLab.com" --> + +## Results of GitLab environment info + +<!-- Input any relevant GitLab environment information if needed. --> + +<details> +<summary>Expand for output related to GitLab environment info</summary> + +<pre> + +(For installations with omnibus-gitlab package run and paste the output of: +`sudo gitlab-rake gitlab:env:info`) + +(For installations from source run and paste the output of: +`sudo -u git -H bundle exec rake gitlab:env:info RAILS_ENV=production`) + +</pre> +</details> + +## Results of GitLab application Check + +<!-- Input any relevant GitLab application check information if needed. --> + +<details> +<summary>Expand for output related to the GitLab application check</summary> +<pre> + +(For installations with omnibus-gitlab package run and paste the output of: +`sudo gitlab-rake gitlab:check SANITIZE=true`) + +(For installations from source run and paste the output of: +`sudo -u git -H bundle exec rake gitlab:check RAILS_ENV=production SANITIZE=true`) + +(we will only investigate if the tests are passing) + +</pre> +</details> + +## Possible fixes + +<!-- If you can, link to the line of code that might be responsible for the problem. --> +<!-- If you have any suggestions for how to fix the bug, provide them here. --> +<!-- If you are unsure about the subtype of this bug, please check our SSOT https://about.gitlab.com/handbook/engineering/metrics/?_gl=1*920mnx*_ga*ODQ3OTI1Mjk1LjE2NzA0MDg0NjU.*_ga_ENFH3X7M5Y*MTY4MTM3OTA3My4yNzkuMS4xNjgxMzc5MTI0LjAuMC4w#work-type-classification --> + +/label ~"type::bug" +/label ~"Category:Consumables Cost Management" +/label ~"group::utilization" +/label ~"section::fulfillment" + +--- +<details> +<summary>Illustrative Description: (This is not an actual issue, but rather a sample report that demonstrates how a bug could be presented)</summary> +## Bug Summary + +When attempting to log in to GitLab using a new account, the system does not recognize the account and returns an error message. + +## Steps to Reproduce + +1. Navigate to the GitLab login page. +1. Enter the email and password for a new account. +1. Click the "Log In" button. +1. Observe the error message: "The email or password you entered is incorrect. Please try again." + +## What is the current *bug* behavior? + +The system does not recognize the new account and returns an error message. + +## What is the expected *correct* behavior? + +The system should recognize the new account and allow the user to log in. + +## Reproducibility + +This bug occurs consistently when attempting to log in with a new account. + +## Impact Assessment + +This bug prevents new users from accessing GitLab and may result in frustration and lost productivity. + +## Severity + +This bug is of medium severity, as it prevents new users from accessing the system, but does not affect the functionality of existing users. + +## Environment + +- Operating System: macOS Ventura +- Browser: Google Chrome 111.0.5563.146 + +## Screenshots and/or Relevant logs + +[Insert screenshot of the error message.] + +## Possible Fix + +It is unclear what may be causing this bug. Further investigation is required to identify a possible fix. + +</details> diff --git a/.gitlab/issue_templates/Utilization group - feature.md b/.gitlab/issue_templates/Utilization group - feature.md new file mode 100644 index 00000000000..57a4d4128c0 --- /dev/null +++ b/.gitlab/issue_templates/Utilization group - feature.md @@ -0,0 +1,65 @@ +Utilization group: Feature Template + +## Description + +<!-- As a [user or stakeholder], I want [goal or objective] so that [reason or benefit]. --> + +## Acceptance Criteria +<!-- +- [ ] [Describe what must be achieved to complete this issue.] +- [ ] [Describe another requirement needed to complete this issue.] +- [ ] [Add additional acceptance criteria as needed.] + --> +## Technical Requirements + +<!-- [If applicable, please list out any technical requirements for this feature/enhancement.] --> + +## Design Requirements + +<!-- [If applicable, please provide a link to the design specifications for this feature/enhancement.] --> + +## Impact Assessment + +<!-- [Please describe the impact this feature/enhancement will have on the user experience and/or the product as a whole.] --> + +## User Story + +<!-- [Provide a user story to illustrate the use case for this feature/enhancement. Include examples to help communicate the intended functionality.] --> +/label ~"type::feature" +/label ~"Category:Consumables Cost Management" +/label ~"group::utilization" +/label ~"section::fulfillment" + +<details> +<summary>Illustrative Description: (This is not an actual issue, but rather a sample report that demonstrates how a feature could be presented) </summary> + +## Description + +As a developer, I want to be able to easily create and manage merge requests, so that I can collaborate effectively with my team and ensure that code changes are reviewed and merged efficiently. + +## Acceptance Criteria + +- [ ] The merge request feature should allow developers to create a new merge request from a branch. +- [ ] The merge request feature should allow developers to assign the merge request to another team member for review. +- [ ] The merge request feature should provide a clear and easy-to-use interface for managing merge requests. +- [ ] The merge request feature should integrate with other GitLab features, such as issue tracking and continuous integration. + +## Technical Requirements + +- The merge request feature should be implemented using GitLab's API. +- The merge request feature should be integrated with GitLab's existing authentication and authorization system. +- The merge request feature should be optimized for performance and scalability. + +## Design Requirements + +- [Design specifications for this feature can be found here.](insert_design_link_here) + +## Impact Assessment + +This feature will significantly enhance the collaboration and code review process for developers using GitLab. By providing an intuitive and easy-to-use interface for managing merge requests, developers will be able to work more efficiently and effectively as a team. Additionally, integrating the merge request feature with other GitLab features will further streamline the development process. + +## User Story + +As a developer working on a new feature branch, I want to be able to create a new merge request and assign it to a team member for review, so that I can ensure that my code changes are thoroughly reviewed before being merged into the main codebase. With the new merge request feature, I can easily create a new merge request, assign it to a team member for review, and track its status throughout the review process. This will help me work more efficiently and effectively as a team, while also maintaining high code quality and reliability. + +</details> diff --git a/.gitlab/issue_templates/Utilization group - maintenance.md b/.gitlab/issue_templates/Utilization group - maintenance.md new file mode 100644 index 00000000000..e25c80e26c7 --- /dev/null +++ b/.gitlab/issue_templates/Utilization group - maintenance.md @@ -0,0 +1,69 @@ +Utilization Group: Maintenance Template + +## Description +<!-- Briefly describe the maintenance issue. --> + +## Acceptance Criteria +<!-- +- [ ] [Describe the completion requirements.] +- [ ] [Add additional acceptance criteria as necessary.] + --> + +## Technical Requirements +<!-- [List any technical requirements for this maintenance issue.] --> + +## Impact Assessment +<!-- [Describe the impact of this maintenance issue on the user experience and/or the product as a whole.] --> + +## Steps to Reproduce +<!-- [Provide detailed steps on how to reproduce the maintenance issue.] --> + +## Expected Results +<!-- [Describe the expected outcome when the maintenance issue is resolved.] --> + +## Actual Results +<!-- [Describe the current outcome of the maintenance issue.] --> + +/label ~type::maintenance +/label ~"Category:Consumables Cost Management" +/label ~"group::utilization" +/label ~"section::fulfillment" + +<details> +<summary>Illustrative Description: (This is not an actual maintenance issue, but rather a sample report that demonstrates how a maintenance issue could be presented) </summary> + +## Description + +The login page is taking longer than expected to load, which is impacting the user experience. + +## Acceptance Criteria + +- [ ] The login page should load in less than 3 seconds on both desktop and mobile devices. +- [ ] The login page should be tested on different browsers to ensure compatibility. +- [ ] The login page should not display any errors or warnings in the console. + +## Technical Requirements + +- [ ] The login page should be optimized for performance. +- [ ] The login page should be tested on different browsers. +- [ ] The login page should be updated to use the latest version of the authentication library. + +## Impact Assessment + +This maintenance issue is impacting the user experience by causing delays in the login process. By resolving this issue, users will be able to log in faster and have a better overall experience. + +## Steps to Reproduce + +1. Open the login page. +1. Wait for the page to load. +1. Measure the time it takes for the page to fully load. + +## Expected Results + +The login page should load in less than 3 seconds on both desktop and mobile devices. + +## Actual Results + +The login page is currently taking more than 5 seconds to load on desktop devices and more than 7 seconds on mobile devices. This is causing frustration and delays for users. + +</details> diff --git a/.gitlab/issue_templates/rca.md b/.gitlab/issue_templates/rca.md new file mode 100644 index 00000000000..238039bd712 --- /dev/null +++ b/.gitlab/issue_templates/rca.md @@ -0,0 +1,125 @@ +**Please note:** if the incident relates to sensitive data or is security-related, consider +labeling this issue with ~security and mark it confidential, or create it in a private repository. + +There is now a separate internal-only RCA template for SIRT issues referenced https://about.gitlab.com/handbook/security/root-cause-analysis.html +*** + +## Summary + +A brief summary of what happened. Try to make it as executive-friendly as possible. + +- Service(s) affected: +- Team attribution: +- Minutes downtime or degradation: + +## Impact & Metrics + +Start with the following: + +| Question | Answer | +| ----- | ----- | +| What was the impact? | (i.e. service outage, sub-service brown-out, exposure of sensitive data, ...) | +| Who was impacted? | (i.e. external customers, internal customers, specific teams, ...) | +| How did this impact customers? | (i.e. preventing them from doing X, incorrect display of Y, ...) | +| How many attempts made to access? | | +| How many customers affected? | | +| How many customers tried to access? | | + +Include any additional metrics that are of relevance. + +Provide any relevant graphs that could help understand the impact of the incident and its dynamics. + +## Detection & Response + +Start with the following: + +| Question | Answer | +| ----- | ----- | +| When was the incident detected? | YYYY-MM-DD UTC | +| How was the incident detected? | (i.e. DELKE, H1 Report, ...) | +| Did alarming work as expected? | | +| How long did it take from the start of the incident to its detection? | | +| How long did it take from detection to remediation? | | +| What steps were taken to remediate? | | +| Were there any issues with the response? | (i.e. bastion host used to access the service was not available, relevant team member wasn't page-able, ...) | + +## MR Checklist + +Consider these questions if a code change introduced the issue. + +| Question | Answer | +| ----- | ----- | +| Was the [MR acceptance checklist](https://docs.gitlab.com/ee/development/code_review.html#acceptance-checklist) marked as reviewed in the MR? | | +| Should the checklist be updated to help reduce chances of future recurrences? If so, who is the DRI to do so? | | + +## Timeline + +YYYY-MM-DD + +- 00:00 UTC - something happened +- 00:01 UTC - something else happened +- ... + +YYYY-MM-DD+1 + +- 00:00 UTC - and then this happened +- 00:01 UTC - and more happened +- ... + + +## Root Cause Analysis + +The purpose of this document is to understand the reasons that caused an incident, and to create mechanisms to prevent it from recurring in the future. A root cause can **never be a person**, the way of writing has to refer to the system and the context rather than the specific actors. + +Follow the "**5 whys**" in a **blameless** manner as the core of the root cause analysis. + +For this, it is necessary to start with the incident and question why it happened. Keep iterating asking "why?" 5 times. While it's not a hard rule that it has to be 5 times, it helps to keep questions get deeper in finding the actual root cause. + +Keep in mind that from one "why?" there may come more than one answer, consider following the different branches. + +### Example of the usage of "5 whys" + +The vehicle will not start. (the problem) + +1. Why? - The battery is dead. +2. Why? - The alternator is not functioning. +3. Why? - The alternator belt has broken. +4. Why? - The alternator belt was well beyond its useful service life and not replaced. +5. Why? - The vehicle was not maintained according to the recommended service schedule. (Fifth why, a root cause) + +## What went well + +Start with the following: + +- Identify the things that worked well or as expected. +- Any additional call-outs for what went particularly well. + +## What can be improved + +Start with the following: + +- Using the root cause analysis, explain what can be improved to prevent this from happening again. +- Is there anything that could have been done to improve the detection or time to detection? +- Is there anything that could have been done to improve the response or time to response? +- Is there an existing issue that would have either prevented this incident or reduced the impact? +- Did we have any indication or beforehand knowledge that this incident might take place? +- Was the [MR acceptance checklist](https://docs.gitlab.com/ee/development/code_review.html#acceptance-checklist) marked as reviewed in the MR? +- Should the checklist be updated to help reduce chances of future recurrences? + + + +## Corrective actions + +- List issues that have been created as corrective actions from this incident. +- For each issue, include the following: + - `<Bare issue link>` - Issue labeled as ~"corrective action". + - An estimated date of completion of the corrective action. + - The named individual who owns the delivery of the corrective action. + +## Guidelines + +- [Blameless RCA Guideline](https://about.gitlab.com/handbook/customer-success/professional-services-engineering/workflows/internal/root-cause-analysis.html) +- [5 whys](https://en.wikipedia.org/wiki/5_Whys) + +/confidential +/label ~RCA diff --git a/.gitlab/merge_request_templates/Change Documentation Location.md b/.gitlab/merge_request_templates/Change Documentation Location.md index 36678c44d70..5e4f289c1f1 100644 --- a/.gitlab/merge_request_templates/Change Documentation Location.md +++ b/.gitlab/merge_request_templates/Change Documentation Location.md @@ -14,17 +14,14 @@ ## Moving docs to a new location? -Read the guidelines: -https://docs.gitlab.com/ee/development/documentation/index.html#move-or-rename-a-page +Read the [redirect guidelines](https://docs.gitlab.com/ee/development/documentation/redirects.html) first. - [ ] Make sure the old link is not removed and has its contents replaced with a link to the new location. - [ ] Make sure internal links pointing to the document in question are not broken. - [ ] Search and replace any links referring to old docs in GitLab Rails app, specifically under the `app/views/` and `ee/app/views` (for GitLab EE) directories. -- [ ] Make sure to add [`redirect_from`](https://docs.gitlab.com/ee/development/documentation/index.html#redirections-for-pages-with-disqus-comments) - to the new document if there are any Disqus comments on the old document thread. -- [ ] Update the link in `features.yml` (if applicable). +- [ ] Update the link in [`features.yml`](https://gitlab.com/gitlab-com/www-gitlab-com/-/blob/master/data/features.yml) (if applicable). - [ ] Assign one of the technical writers for review. -/label ~documentation ~"Technical Writing" +/label ~documentation ~"Technical Writing" ~"type::maintenance" ~"maintenance::refactor" diff --git a/.gitlab/merge_request_templates/Default.md b/.gitlab/merge_request_templates/Default.md index f670882a72f..404a18ad074 100644 --- a/.gitlab/merge_request_templates/Default.md +++ b/.gitlab/merge_request_templates/Default.md @@ -8,6 +8,8 @@ that reviewers can understand your intent. Keeping the description updated is especially important if they didn't participate in the discussion. --> +%{first_multiline_commit} + ## Screenshots or screen recordings _Screenshots are required for UI changes, and strongly recommended for all other merge requests._ @@ -25,10 +27,6 @@ _Numbered steps to set up and validate the change are strongly suggested._ <!-- Example below: -1. Enable the invite modal - ```ruby - Feature.enable(:invite_members_group_modal) - ``` 1. In rails console enable the experiment fully ```ruby Feature.enable(:member_areas_of_focus) diff --git a/.gitlab/merge_request_templates/Deprecations.md b/.gitlab/merge_request_templates/Deprecations.md index 841ef70d92a..9e02e047efa 100644 --- a/.gitlab/merge_request_templates/Deprecations.md +++ b/.gitlab/merge_request_templates/Deprecations.md @@ -106,4 +106,4 @@ If you have trouble running the Rake task, check the [troubleshooting steps](htt /label ~"release post" ~"release post item" ~"Technical Writing" ~"release post item::deprecation" /label ~"type::maintenance" -/label ~"maintenance::refactor" +/label ~"maintenance::removal" diff --git a/.gitlab/merge_request_templates/New End To End Test.md b/.gitlab/merge_request_templates/New End To End Test.md index 46ccdb1cb0c..9a42cf2a6d9 100644 --- a/.gitlab/merge_request_templates/New End To End Test.md +++ b/.gitlab/merge_request_templates/New End To End Test.md @@ -4,6 +4,26 @@ Please link to the respective test case in the testcases project --> +## How to set up and validate locally + +<!-- +In most cases this will be the command to run the test, e.g.: + +From the `qa` directory: +``` +bundle install +export WEBDRIVER_HEADLESS=false # If you'd like to watch the test in action +export QA_GITLAB_URL="http://gdk.test:3000" # Only needed if GDK is not running on http://127.0.0.1:3000 +bundle exec rspec <path/to/spec.rb> +``` + +This may be particularly helpful if you're requesting reviews from engineers who aren't familiar with GitLab's E2E tests. + +Any other necessary setup should be included here as well, especially if it's an orchestrated test that requires a +[special setup](https://docs.gitlab.com/ee/development/testing_guide/end_to_end/running_tests_that_require_special_setup.html) +to run locally against GDK. +--> + ### Checklist - [ ] Confirm the test has a [`testcase:` tag linking to an existing test case](https://docs.gitlab.com/ee/development/testing_guide/end_to_end/best_practices.html#link-a-test-to-its-test-case-issue) in the test case project. diff --git a/.gitlab/merge_request_templates/New Static Analysis Check.md b/.gitlab/merge_request_templates/New Static Analysis Check.md index 6ad56cd5cd0..9cf21fa49e8 100644 --- a/.gitlab/merge_request_templates/New Static Analysis Check.md +++ b/.gitlab/merge_request_templates/New Static Analysis Check.md @@ -1,6 +1,6 @@ <!-- When creating a new cop that could be applied to multiple applications, -we encourage you to add it to https://gitlab.com/gitlab-org/gitlab-styles gem. +we encourage you to add it to https://gitlab.com/gitlab-org/ruby/gems/gitlab-styles gem. --> ## Description of the proposal diff --git a/.gitlab/merge_request_templates/Removals.md b/.gitlab/merge_request_templates/Removals.md index e212893d10d..39b99c00314 100644 --- a/.gitlab/merge_request_templates/Removals.md +++ b/.gitlab/merge_request_templates/Removals.md @@ -1,7 +1,7 @@ <!-- Set the correct label and milestone using autocomplete for guidance. Please @mention only the DRI(s) for each stage or group rather than an entire department. --> /label ~"release post" ~"release post item" ~"Technical Writing" ~devops:: ~group:: ~"release post item::removal" -/label ~"type::maintenance" +/label ~"type::maintenance" ~"maintenance::removal" /milestone % /assign `@EM/PM` (choose the DRI; remove backticks here, and below) @@ -46,7 +46,6 @@ Please review: - [ ] Set yourself as the Assignee, meaning you are the DRI. - [ ] If the removal is a [breaking change](https://about.gitlab.com/handbook/product/gitlab-the-product/#breaking-change), add label `breaking change`. - [ ] Follow the process to [create a removal YAML file](https://about.gitlab.com/handbook/marketing/blog/release-posts/#creating-a-removal-entry). -- [ ] Make sure that the milestone dates are based on the dates in [Product milestone creation](https://about.gitlab.com/handbook/product/milestones/#product-milestone-creation). - [ ] Add reviewers by the 10th. - [ ] When ready to be merged and not later than the 15th, add the ~ready label and @ message the TW for final review and merge. - Removal notices should not be merged before the code is removed from the product. Do not mark ~ready until the removal is complete, or you are certain it will be completed within the current milestone and released. If PMs are not sure, they should confirm with their Engineering Manager. diff --git a/.gitlab/merge_request_templates/Revert To Resolve Incident.md b/.gitlab/merge_request_templates/Revert To Resolve Incident.md index 4e77846575a..c1980d70768 100644 --- a/.gitlab/merge_request_templates/Revert To Resolve Incident.md +++ b/.gitlab/merge_request_templates/Revert To Resolve Incident.md @@ -12,6 +12,7 @@ - [ ] Create an issue to reinstate the merge request and assign it to the author of the reverted merge request. - [ ] If the revert is to resolve a [broken 'master' incident](https://about.gitlab.com/handbook/engineering/workflow/#broken-master), please read through the [Responsibilities of the Broken `master` resolution DRI](https://about.gitlab.com/handbook/engineering/workflow/#responsibilities-of-the-resolution-dri). +- [ ] If the revert involves a database migration, please read through [Deleting existing migrations](https://docs.gitlab.com/ee/development/database/deleting_migrations.html). - [ ] Add the appropriate labels **before** the MR is created. We can skip CI/CD jobs only if the labels are added **before** the CI/CD pipeline is created. ### Milestone info diff --git a/.gitlab/merge_request_templates/Stable Branch.md b/.gitlab/merge_request_templates/Stable Branch.md index 2196af1a214..f8fc85f5bd2 100644 --- a/.gitlab/merge_request_templates/Stable Branch.md +++ b/.gitlab/merge_request_templates/Stable Branch.md @@ -18,18 +18,18 @@ This checklist encourages us to confirm any changes have been analyzed to reduce * [ ] This MR is backporting a bug fix, documentation update, or spec fix, previously merged in the default branch. * [ ] The original MR has been deployed to GitLab.com (not applicable for documentation or spec changes). * [ ] This MR has a [severity label] assigned (if applicable). -* [ ] Ensure the `e2e:package-and-test` job has either succeeded or been approved by a Software Engineer in Test. +* [ ] This MR has been approved by a maintainer (only one approval is required). +* [ ] Ensure the `e2e:package-and-test-ee` job has either succeeded or been approved by a Software Engineer in Test. #### Note to the merge request author and maintainer -The process of backporting bug fixes into stable branches is tracked as part of an -[internal pilot]. If you have questions about this process, please: +If you have questions about the patch release process, please: -* Refer to the [internal pilot] issue for feedback or questions. * Refer to the [patch release runbook for engineers and maintainers] for guidance. +* Ask questions on the [`#releases`] Slack channel (internal only). [severity label]: https://about.gitlab.com/handbook/engineering/quality/issue-triage/#severity -[internal pilot]: https://gitlab.com/gitlab-com/gl-infra/delivery/-/issues/2886 -[patch release runbook for engineers and maintainers]: https://gitlab.com/gitlab-org/release/docs/-/blob/master/general/patch/process_new.md +[patch release runbook for engineers and maintainers]: https://gitlab.com/gitlab-org/release/docs/-/blob/master/general/patch/engineers.md +[`#releases`]: https://gitlab.slack.com/archives/C0XM5UU6B /assign me diff --git a/.gitlab/secret-detection-ruleset.toml b/.gitlab/secret-detection-ruleset.toml index 5fcde57cad7..4a76fb22d00 100644 --- a/.gitlab/secret-detection-ruleset.toml +++ b/.gitlab/secret-detection-ruleset.toml @@ -4,3 +4,8 @@ [secrets.ruleset.identifier] type = "gitleaks_rule_id" value = "Password in URL" + [[secrets.passthrough]] + type = "file" + # note this must be gitleaks.toml + target = "gitleaks.toml" + value = "config/gitleaks.toml" |