diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2023-11-07 06:10:53 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2023-11-07 06:10:53 +0300 |
commit | 2ce8e7fcf32b18db57a5547fda35044e55cdc1eb (patch) | |
tree | 64bbbdd27d96d158ac1642d496aeaa199dd16dd1 | |
parent | 611897b987d439b0d736eb87415b8ca32bdaa282 (diff) |
Add latest changes from gitlab-org/gitlab@master
87 files changed, 487 insertions, 127 deletions
diff --git a/app/models/packages/tag.rb b/app/models/packages/tag.rb index 9c17a147bf4..0df64bfba54 100644 --- a/app/models/packages/tag.rb +++ b/app/models/packages/tag.rb @@ -1,9 +1,12 @@ # frozen_string_literal: true class Packages::Tag < ApplicationRecord belongs_to :package, inverse_of: :tags + belongs_to :project validates :package, :name, presence: true + before_save :ensure_project_id + FOR_PACKAGES_TAGS_LIMIT = 200 NUGET_TAGS_SEPARATOR = ' ' # https://docs.microsoft.com/en-us/nuget/reference/nuspec#tags @@ -15,4 +18,8 @@ class Packages::Tag < ApplicationRecord .order(updated_at: :desc) .limit(FOR_PACKAGES_TAGS_LIMIT) end + + def ensure_project_id + self.project_id ||= package.project_id + end end diff --git a/app/policies/ci/pipeline_policy.rb b/app/policies/ci/pipeline_policy.rb index bd6e580c33a..c01162a86df 100644 --- a/app/policies/ci/pipeline_policy.rb +++ b/app/policies/ci/pipeline_policy.rb @@ -27,10 +27,14 @@ module Ci prevent :read_pipeline end - rule { protected_ref }.prevent :update_pipeline + rule { protected_ref }.policy do + prevent :update_pipeline + prevent :cancel_pipeline + end rule { can?(:public_access) & branch_allows_collaboration }.policy do enable :update_pipeline + enable :cancel_pipeline end rule { can?(:owner_access) }.policy do @@ -45,15 +49,6 @@ module Ci enable :read_pipeline_variable end - # TODO: splitting out cancel from update in Issue #20207 - rule { can?(:update_pipeline) }.policy do - enable :cancel_pipeline - end - - rule { ~can?(:update_pipeline) }.policy do - prevent :cancel_pipeline - end - rule { project_allows_read_dependency }.policy do enable :read_dependency end diff --git a/app/services/ci/cancel_pipeline_service.rb b/app/services/ci/cancel_pipeline_service.rb index 52d38520fc3..38053b13921 100644 --- a/app/services/ci/cancel_pipeline_service.rb +++ b/app/services/ci/cancel_pipeline_service.rb @@ -24,11 +24,7 @@ module Ci end def execute - unless can?(current_user, :cancel_pipeline, pipeline) - return ServiceResponse.error( - message: 'Insufficient permissions to cancel the pipeline', - reason: :insufficient_permissions) - end + return permission_error_response unless can?(current_user, :cancel_pipeline, pipeline) force_execute end @@ -103,6 +99,13 @@ module Ci job.cancel end + def permission_error_response + ServiceResponse.error( + message: 'Insufficient permissions to cancel the pipeline', + reason: :insufficient_permissions + ) + end + # For parent child-pipelines only (not multi-project) def cancel_children pipeline.all_child_pipelines.each do |child_pipeline| diff --git a/app/services/packages/update_tags_service.rb b/app/services/packages/update_tags_service.rb index cf1acc6ee19..014d5501b76 100644 --- a/app/services/packages/update_tags_service.rb +++ b/app/services/packages/update_tags_service.rb @@ -32,7 +32,8 @@ module Packages package_id: @package.id, name: tag, created_at: now, - updated_at: now + updated_at: now, + project_id: @package.project_id } end end diff --git a/app/views/protected_branches/shared/_create_protected_branch.html.haml b/app/views/protected_branches/shared/_create_protected_branch.html.haml index 96e6990b080..34ffbf498d3 100644 --- a/app/views/protected_branches/shared/_create_protected_branch.html.haml +++ b/app/views/protected_branches/shared/_create_protected_branch.html.haml @@ -14,12 +14,17 @@ = render partial: "protected_branches/shared/dropdown", locals: { f: f, toggle_classes: 'gl-w-full! gl-form-input-lg' } .form-text.text-muted - wildcards_url = help_page_url('user/project/protected_branches', anchor: 'protect-multiple-branches-with-wildcard-rules') - - wildcards_link_start = '<a href="%{url}" target="_blank" rel="noopener noreferrer">'.html_safe % { url: wildcards_url } - - placeholders = { wildcards_link_start: wildcards_link_start, wildcards_link_end: '</a>', code_tag_start: '<code>', code_tag_end: '</code>' } + - wildcards_link_tag_pair = tag_pair(link_to('', wildcards_url, target: '_blank', rel: 'noopener noreferrer'), :wildcards_link_start, :wildcards_link_end) + + - case_sensitive_url = help_page_url('user/project/protected_branches', anchor: 'branch-names-are-case-sensitive') + - case_sensitive_link_tag_pair = tag_pair(link_to('', case_sensitive_url, target: '_blank', rel: 'noopener noreferrer'), :case_sensitive_link_start, :case_sensitive_link_end) + + - code_tag_pair = tag_pair(tag.code, :code_tag_start, :code_tag_end) + - if protected_branch_entity.is_a?(Group) - = (s_("ProtectedBranch|Only %{wildcards_link_start}Wildcards%{wildcards_link_end} such as %{code_tag_start}*-stable%{code_tag_end} or %{code_tag_start}production/*%{code_tag_end} are supported.") % placeholders).html_safe + = safe_format(s_('ProtectedBranch|Only %{wildcards_link_start}Wildcards%{wildcards_link_end} such as %{code_tag_start}*-stable%{code_tag_end} or %{code_tag_start}production/*%{code_tag_end} are supported. %{case_sensitive_link_start}Branch names are case-sensitive.%{case_sensitive_link_end}'), wildcards_link_tag_pair, case_sensitive_link_tag_pair, code_tag_pair) - else - = (s_("ProtectedBranch|%{wildcards_link_start}Wildcards%{wildcards_link_end} such as %{code_tag_start}*-stable%{code_tag_end} or %{code_tag_start}production/*%{code_tag_end} are supported.") % placeholders).html_safe + = safe_format(s_('ProtectedBranch|%{wildcards_link_start}Wildcards%{wildcards_link_end} such as %{code_tag_start}*-stable%{code_tag_end} or %{code_tag_start}production/*%{code_tag_end} are supported. %{case_sensitive_link_start}Branch names are case-sensitive.%{case_sensitive_link_end}'), wildcards_link_tag_pair, case_sensitive_link_tag_pair, code_tag_pair) .form-group.row = f.label :merge_access_levels_attributes, s_("ProtectedBranch|Allowed to merge:"), class: 'col-sm-12' .col-sm-12 diff --git a/app/workers/bulk_imports/entity_worker.rb b/app/workers/bulk_imports/entity_worker.rb index 02eee3094ad..1c426be4545 100644 --- a/app/workers/bulk_imports/entity_worker.rb +++ b/app/workers/bulk_imports/entity_worker.rb @@ -15,7 +15,7 @@ module BulkImports new.perform_failure(exception, msg['args'].first) end - PERFORM_DELAY = 30.seconds + PERFORM_DELAY = 5.seconds # Keep `_current_stage` parameter for backwards compatibility. # The parameter will be remove in https://gitlab.com/gitlab-org/gitlab/-/issues/426311 diff --git a/config/feature_categories.yml b/config/feature_categories.yml index 5ac22ca085e..0c36be00774 100644 --- a/config/feature_categories.yml +++ b/config/feature_categories.yml @@ -16,17 +16,16 @@ - api - api_security - application_instrumentation -- application_performance - attack_emulation - audit_events - auto_devops - backup_restore -- billing_and_payments - build - build_artifacts - capacity_planning - cell - ci-cd_visibility +- cloud_connector - cloud_native_installation - code_quality - code_review_workflow diff --git a/config/feature_flags/development/restrict_pipeline_cancellation_by_role.yml b/config/feature_flags/development/restrict_pipeline_cancellation_by_role.yml new file mode 100644 index 00000000000..0ef8a5d38db --- /dev/null +++ b/config/feature_flags/development/restrict_pipeline_cancellation_by_role.yml @@ -0,0 +1,8 @@ +--- +name: restrict_pipeline_cancellation_by_role +introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/135047 +rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/429699 +milestone: '16.6' +type: development +group: group::pipeline execution +default_enabled: false diff --git a/config/initializers/sprockets_patch.rb b/config/initializers/sprockets_patch.rb new file mode 100644 index 00000000000..76474b370be --- /dev/null +++ b/config/initializers/sprockets_patch.rb @@ -0,0 +1,63 @@ +# frozen_string_literal: true + +# This backports https://github.com/rails/sprockets/pull/759 to Sprockets v3.7.2 to +# fix thread-safety issues with compiling SASS. +# +# This pull request has already been merged in Sprockets v4.2.0, but we +# don't plan on upgrading: https://gitlab.com/gitlab-org/gitlab/-/issues/373997#note_1360248557 + +require 'sprockets/utils' + +unless Gem::Version.new(Sprockets::VERSION) == Gem::Version.new('3.7.2') + raise 'New version of Sprockets detected. This patch can likely be removed.' +end + +# rubocop:disable Style/CombinableLoops -- Keep the format consistent with upstream project +# rubocop:disable Cop/LineBreakAroundConditionalBlock -- Keep the format consistent with upstream project +# rubocop:disable Style/IfUnlessModifier -- Keep the format consistent with upstream project +# rubocop:disable Style/SoleNestedConditional -- Keep the format consistent with upstream project +module Sprockets + module Utils + extend self + + MODULE_INCLUDE_MUTEX = Mutex.new + private_constant :MODULE_INCLUDE_MUTEX + + # Internal: Inject into target module for the duration of the block. + # + # mod - Module + # + # Returns result of block. + def module_include(base, mod) + MODULE_INCLUDE_MUTEX.synchronize do + old_methods = {} + + mod.instance_methods.each do |sym| + old_methods[sym] = base.instance_method(sym) if base.method_defined?(sym) + end + + unless UNBOUND_METHODS_BIND_TO_ANY_OBJECT + base.send(:include, mod) unless base < mod + end + + mod.instance_methods.each do |sym| + method = mod.instance_method(sym) + base.send(:define_method, sym, method) + end + + yield + ensure + mod.instance_methods.each do |sym| + base.send(:undef_method, sym) if base.method_defined?(sym) + end + old_methods.each do |sym, method| + base.send(:define_method, sym, method) + end + end + end + end +end +# rubocop:enable Style/CombinableLoops +# rubocop:enable Cop/LineBreakAroundConditionalBlock +# rubocop:enable Style/IfUnlessModifier +# rubocop:enable Style/SoleNestedConditional diff --git a/db/docs/batched_background_migrations/backfill_packages_tags_project_id.yml b/db/docs/batched_background_migrations/backfill_packages_tags_project_id.yml new file mode 100644 index 00000000000..b8caef928bb --- /dev/null +++ b/db/docs/batched_background_migrations/backfill_packages_tags_project_id.yml @@ -0,0 +1,9 @@ +--- +migration_job_name: BackfillPackagesTagsProjectId +description: Populates the new `packages_tags.project_id` column after joining with the `packages_packages` table +feature_category: package_registry +introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/135451 +milestone: 16.6 +queued_migration_version: 20231030071209 +finalize_after: '2023-12-23' +finalized_by: # version of the migration that ensured this bbm diff --git a/db/docs/service_access_tokens.yml b/db/docs/service_access_tokens.yml index 2acd0d33c7d..c75b62883b0 100644 --- a/db/docs/service_access_tokens.yml +++ b/db/docs/service_access_tokens.yml @@ -3,7 +3,7 @@ table_name: service_access_tokens classes: - Ai::ServiceAccessToken feature_categories: -- application_performance +- cloud_connector description: Persists JWT tokens for AI features (e.g. Code Suggestions) to authenticate the GitLab instance introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/125383 diff --git a/db/migrate/20231024212214_add_pipeline_cancel_role_restriction_enum.rb b/db/migrate/20231024212214_add_pipeline_cancel_role_restriction_enum.rb new file mode 100644 index 00000000000..ab26a1d783b --- /dev/null +++ b/db/migrate/20231024212214_add_pipeline_cancel_role_restriction_enum.rb @@ -0,0 +1,12 @@ +# frozen_string_literal: true + +class AddPipelineCancelRoleRestrictionEnum < Gitlab::Database::Migration[2.1] + def up + add_column :project_ci_cd_settings, :restrict_pipeline_cancellation_role, + :integer, limit: 2, default: 0, null: false + end + + def down + remove_column :project_ci_cd_settings, :restrict_pipeline_cancellation_role + end +end diff --git a/db/migrate/20231030051837_add_project_id_to_packages_tags.rb b/db/migrate/20231030051837_add_project_id_to_packages_tags.rb new file mode 100644 index 00000000000..b27e15cb648 --- /dev/null +++ b/db/migrate/20231030051837_add_project_id_to_packages_tags.rb @@ -0,0 +1,10 @@ +# frozen_string_literal: true + +class AddProjectIdToPackagesTags < Gitlab::Database::Migration[2.2] + milestone '16.6' + enable_lock_retries! + + def change + add_column :packages_tags, :project_id, :bigint + end +end diff --git a/db/migrate/20231030051838_add_index_to_packages_tags_project_id.rb b/db/migrate/20231030051838_add_index_to_packages_tags_project_id.rb new file mode 100644 index 00000000000..17512137fff --- /dev/null +++ b/db/migrate/20231030051838_add_index_to_packages_tags_project_id.rb @@ -0,0 +1,15 @@ +# frozen_string_literal: true + +class AddIndexToPackagesTagsProjectId < Gitlab::Database::Migration[2.2] + milestone '16.6' + disable_ddl_transaction! + INDEX_NAME = :index_packages_tags_on_project_id + + def up + add_concurrent_index :packages_tags, :project_id, name: INDEX_NAME + end + + def down + remove_concurrent_index_by_name(:packages_tags, INDEX_NAME) + end +end diff --git a/db/migrate/20231030051839_add_foreign_key_to_packages_tags_project_id.rb b/db/migrate/20231030051839_add_foreign_key_to_packages_tags_project_id.rb new file mode 100644 index 00000000000..6e3d6161582 --- /dev/null +++ b/db/migrate/20231030051839_add_foreign_key_to_packages_tags_project_id.rb @@ -0,0 +1,16 @@ +# frozen_string_literal: true + +class AddForeignKeyToPackagesTagsProjectId < Gitlab::Database::Migration[2.2] + milestone '16.6' + disable_ddl_transaction! + + def up + add_concurrent_foreign_key :packages_tags, :projects, column: :project_id, on_delete: :cascade + end + + def down + with_lock_retries do + remove_foreign_key :packages_tags, column: :project_id + end + end +end diff --git a/db/post_migrate/20231030051840_add_not_null_to_packages_tags_project_id.rb b/db/post_migrate/20231030051840_add_not_null_to_packages_tags_project_id.rb new file mode 100644 index 00000000000..6541861cd45 --- /dev/null +++ b/db/post_migrate/20231030051840_add_not_null_to_packages_tags_project_id.rb @@ -0,0 +1,14 @@ +# frozen_string_literal: true + +class AddNotNullToPackagesTagsProjectId < Gitlab::Database::Migration[2.2] + milestone '16.6' + disable_ddl_transaction! + + def up + add_not_null_constraint :packages_tags, :project_id, validate: false + end + + def down + remove_not_null_constraint :packages_tags, :project_id + end +end diff --git a/db/post_migrate/20231030071209_queue_backfill_packages_tags_project_id.rb b/db/post_migrate/20231030071209_queue_backfill_packages_tags_project_id.rb new file mode 100644 index 00000000000..4984eb83263 --- /dev/null +++ b/db/post_migrate/20231030071209_queue_backfill_packages_tags_project_id.rb @@ -0,0 +1,28 @@ +# frozen_string_literal: true + +class QueueBackfillPackagesTagsProjectId < Gitlab::Database::Migration[2.2] + milestone '16.6' + disable_ddl_transaction! + restrict_gitlab_migration gitlab_schema: :gitlab_main + + MIGRATION = "BackfillPackagesTagsProjectId" + DELAY_INTERVAL = 2.minutes + BATCH_SIZE = 1000 + SUB_BATCH_SIZE = 100 + + def up + queue_batched_background_migration( + MIGRATION, + :packages_tags, + :id, + job_interval: DELAY_INTERVAL, + queued_migration_version: '20231030071209', + batch_size: BATCH_SIZE, + sub_batch_size: SUB_BATCH_SIZE + ) + end + + def down + delete_batched_background_migration(MIGRATION, :packages_tags, :id, []) + end +end diff --git a/db/post_migrate/20231031134320_init_conversion_for_p_ci_builds_for_self_host.rb b/db/post_migrate/20231031134320_init_conversion_for_p_ci_builds_for_self_host.rb new file mode 100644 index 00000000000..d70ce00e9df --- /dev/null +++ b/db/post_migrate/20231031134320_init_conversion_for_p_ci_builds_for_self_host.rb @@ -0,0 +1,39 @@ +# frozen_string_literal: true + +class InitConversionForPCiBuildsForSelfHost < Gitlab::Database::Migration[2.2] + include ::Gitlab::Database::SchemaHelpers + + milestone '16.6' + disable_ddl_transaction! + + TABLE_NAME = :p_ci_builds + COLUMN_NAMES = %i[ + auto_canceled_by_id + commit_id + erased_by_id + project_id + runner_id + trigger_request_id + upstream_pipeline_id + user_id + ] + TRIGGER_NAME = :trigger_10ee1357e825 + + def up + return if should_skip? + + initialize_conversion_of_integer_to_bigint(TABLE_NAME, COLUMN_NAMES) + end + + def down + return unless should_skip? + + revert_initialize_conversion_of_integer_to_bigint(TABLE_NAME, COLUMN_NAMES) + end + + private + + def should_skip? + trigger_exists?(TABLE_NAME, TRIGGER_NAME) + end +end diff --git a/db/schema_migrations/20231024212214 b/db/schema_migrations/20231024212214 new file mode 100644 index 00000000000..d3ad27bd4dd --- /dev/null +++ b/db/schema_migrations/20231024212214 @@ -0,0 +1 @@ +c5884c327b3be31122ca36302f8fbd36666ddee07229480884c8c64af825c03f
\ No newline at end of file diff --git a/db/schema_migrations/20231030051837 b/db/schema_migrations/20231030051837 new file mode 100644 index 00000000000..9c9bb912eba --- /dev/null +++ b/db/schema_migrations/20231030051837 @@ -0,0 +1 @@ +ebd61f5c5f74ce00b86aacc996e46c2971deac18d2a6e31bf531576fe3af090f
\ No newline at end of file diff --git a/db/schema_migrations/20231030051838 b/db/schema_migrations/20231030051838 new file mode 100644 index 00000000000..3c15f764cce --- /dev/null +++ b/db/schema_migrations/20231030051838 @@ -0,0 +1 @@ +09129fdab92e39c57f0db400b179eecc1b498249db7b928014eabdcb9af30052
\ No newline at end of file diff --git a/db/schema_migrations/20231030051839 b/db/schema_migrations/20231030051839 new file mode 100644 index 00000000000..144c443f5cc --- /dev/null +++ b/db/schema_migrations/20231030051839 @@ -0,0 +1 @@ +90e0409db7a30b4b531cb0dbbccff7d06c2196e6afdacb88fc5d1ecdc00fcc2f
\ No newline at end of file diff --git a/db/schema_migrations/20231030051840 b/db/schema_migrations/20231030051840 new file mode 100644 index 00000000000..4926ff15f09 --- /dev/null +++ b/db/schema_migrations/20231030051840 @@ -0,0 +1 @@ +6fc7bb7b27a5885890dac96738190bc4157cd8c3b5afd9b47809e0487a8a7b4b
\ No newline at end of file diff --git a/db/schema_migrations/20231030071209 b/db/schema_migrations/20231030071209 new file mode 100644 index 00000000000..5f7b172c22c --- /dev/null +++ b/db/schema_migrations/20231030071209 @@ -0,0 +1 @@ +c3614cda6677dc3afdbb69a95111f39bd4719e1fef683358855a6ff04bebfdac
\ No newline at end of file diff --git a/db/schema_migrations/20231031134320 b/db/schema_migrations/20231031134320 new file mode 100644 index 00000000000..2c27b20bbc6 --- /dev/null +++ b/db/schema_migrations/20231031134320 @@ -0,0 +1 @@ +235c903dcd43c1bf6a3e11154ff0bde3f1a7a3fc5d9129dce8bfb770fd36b75b
\ No newline at end of file diff --git a/db/structure.sql b/db/structure.sql index 40659067708..2de7aa4a6ab 100644 --- a/db/structure.sql +++ b/db/structure.sql @@ -20483,7 +20483,8 @@ CREATE TABLE packages_tags ( package_id integer NOT NULL, name character varying(255) NOT NULL, created_at timestamp with time zone NOT NULL, - updated_at timestamp with time zone NOT NULL + updated_at timestamp with time zone NOT NULL, + project_id bigint ); CREATE SEQUENCE packages_tags_id_seq @@ -21369,7 +21370,8 @@ CREATE TABLE project_ci_cd_settings ( allow_fork_pipelines_to_run_in_parent_project boolean DEFAULT true NOT NULL, inbound_job_token_scope_enabled boolean DEFAULT true NOT NULL, forward_deployment_rollback_allowed boolean DEFAULT true NOT NULL, - merge_trains_skip_train_allowed boolean DEFAULT false NOT NULL + merge_trains_skip_train_allowed boolean DEFAULT false NOT NULL, + restrict_pipeline_cancellation_role smallint DEFAULT 0 NOT NULL ); CREATE SEQUENCE project_ci_cd_settings_id_seq @@ -28050,6 +28052,9 @@ ALTER TABLE workspaces ALTER TABLE vulnerability_scanners ADD CONSTRAINT check_37608c9db5 CHECK ((char_length(vendor) <= 255)) NOT VALID; +ALTER TABLE packages_tags + ADD CONSTRAINT check_91b8472153 CHECK ((project_id IS NOT NULL)) NOT VALID; + ALTER TABLE personal_access_tokens ADD CONSTRAINT check_b8d60815eb CHECK ((expires_at IS NOT NULL)) NOT VALID; @@ -33663,6 +33668,8 @@ CREATE INDEX index_packages_tags_on_package_id ON packages_tags USING btree (pac CREATE INDEX index_packages_tags_on_package_id_and_updated_at ON packages_tags USING btree (package_id, updated_at DESC); +CREATE INDEX index_packages_tags_on_project_id ON packages_tags USING btree (project_id); + CREATE INDEX index_pages_deployment_states_failed_verification ON pages_deployment_states USING btree (verification_retry_at NULLS FIRST) WHERE (verification_state = 3); CREATE INDEX index_pages_deployment_states_needs_verification ON pages_deployment_states USING btree (verification_state) WHERE ((verification_state = 0) OR (verification_state = 3)); @@ -37253,6 +37260,9 @@ ALTER TABLE ONLY approval_merge_request_rules ALTER TABLE ONLY deploy_keys_projects ADD CONSTRAINT fk_58a901ca7e FOREIGN KEY (project_id) REFERENCES projects(id) ON DELETE CASCADE; +ALTER TABLE ONLY packages_tags + ADD CONSTRAINT fk_5a230894f6 FOREIGN KEY (project_id) REFERENCES projects(id) ON DELETE CASCADE; + ALTER TABLE ONLY dependency_list_exports ADD CONSTRAINT fk_5b3d11e1ef FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE SET NULL; diff --git a/doc/administration/reference_architectures/10k_users.md b/doc/administration/reference_architectures/10k_users.md index 2d42b8a6be3..2203f4b3a02 100644 --- a/doc/administration/reference_architectures/10k_users.md +++ b/doc/administration/reference_architectures/10k_users.md @@ -1331,7 +1331,7 @@ This is how this would work with a Linux package PostgreSQL setup: 1. Create the new user `praefect`, replacing `<praefect_postgresql_password>`: ```shell - CREATE ROLE praefect WITH LOGIN CREATEDB PASSWORD <praefect_postgresql_password>; + CREATE ROLE praefect WITH LOGIN CREATEDB PASSWORD '<praefect_postgresql_password>'; ``` 1. Reconnect to the PostgreSQL server, this time as the `praefect` user: diff --git a/doc/administration/reference_architectures/25k_users.md b/doc/administration/reference_architectures/25k_users.md index b3c56c371b9..a5d44edf877 100644 --- a/doc/administration/reference_architectures/25k_users.md +++ b/doc/administration/reference_architectures/25k_users.md @@ -1348,7 +1348,7 @@ This is how this would work with a Linux package PostgreSQL setup: 1. Create the new user `praefect`, replacing `<praefect_postgresql_password>`: ```shell - CREATE ROLE praefect WITH LOGIN CREATEDB PASSWORD <praefect_postgresql_password>; + CREATE ROLE praefect WITH LOGIN CREATEDB PASSWORD '<praefect_postgresql_password>'; ``` 1. Reconnect to the PostgreSQL server, this time as the `praefect` user: diff --git a/doc/administration/reference_architectures/3k_users.md b/doc/administration/reference_architectures/3k_users.md index 3de21f21716..73b0291ab95 100644 --- a/doc/administration/reference_architectures/3k_users.md +++ b/doc/administration/reference_architectures/3k_users.md @@ -1262,7 +1262,7 @@ This is how this would work with a Linux package PostgreSQL setup: 1. Create the new user `praefect`, replacing `<praefect_postgresql_password>`: ```shell - CREATE ROLE praefect WITH LOGIN CREATEDB PASSWORD <praefect_postgresql_password>; + CREATE ROLE praefect WITH LOGIN CREATEDB PASSWORD '<praefect_postgresql_password>'; ``` 1. Reconnect to the PostgreSQL server, this time as the `praefect` user: diff --git a/doc/administration/reference_architectures/50k_users.md b/doc/administration/reference_architectures/50k_users.md index 361deaf939d..ca39468a76e 100644 --- a/doc/administration/reference_architectures/50k_users.md +++ b/doc/administration/reference_architectures/50k_users.md @@ -1344,7 +1344,7 @@ This is how this would work with a Linux package PostgreSQL setup: 1. Create the new user `praefect`, replacing `<praefect_postgresql_password>`: ```shell - CREATE ROLE praefect WITH LOGIN CREATEDB PASSWORD <praefect_postgresql_password>; + CREATE ROLE praefect WITH LOGIN CREATEDB PASSWORD '<praefect_postgresql_password>'; ``` 1. Reconnect to the PostgreSQL server, this time as the `praefect` user: diff --git a/doc/administration/reference_architectures/5k_users.md b/doc/administration/reference_architectures/5k_users.md index 663bf9e5216..e908565e27e 100644 --- a/doc/administration/reference_architectures/5k_users.md +++ b/doc/administration/reference_architectures/5k_users.md @@ -1259,7 +1259,7 @@ This is how this would work with a Linux package PostgreSQL setup: 1. Create the new user `praefect`, replacing `<praefect_postgresql_password>`: ```shell - CREATE ROLE praefect WITH LOGIN CREATEDB PASSWORD <praefect_postgresql_password>; + CREATE ROLE praefect WITH LOGIN CREATEDB PASSWORD '<praefect_postgresql_password>'; ``` 1. Reconnect to the PostgreSQL server, this time as the `praefect` user: diff --git a/doc/development/testing_guide/end_to_end/beginners_guide.md b/doc/development/testing_guide/end_to_end/beginners_guide.md index 12f90e0d88c..4a3aec97d29 100644 --- a/doc/development/testing_guide/end_to_end/beginners_guide.md +++ b/doc/development/testing_guide/end_to_end/beginners_guide.md @@ -127,7 +127,7 @@ Assign `product_group` metadata and specify what product group this test belongs module QA RSpec.describe 'Manage' do - describe 'Login', product_group: :authentication_and_authorization do + describe 'Login', product_group: :authentication do end end @@ -142,7 +142,7 @@ writing end-to-end tests is to write test case descriptions as `it` blocks: ```ruby module QA RSpec.describe 'Manage' do - describe 'Login', product_group: :authentication_and_authorization do + describe 'Login', product_group: :authentication do it 'can login' do end @@ -166,7 +166,7 @@ Begin by logging in. module QA RSpec.describe 'Manage' do - describe 'Login', product_group: :authentication_and_authorization do + describe 'Login', product_group: :authentication do it 'can login' do Flow::Login.sign_in @@ -189,7 +189,7 @@ should answer the question "What do we test?" module QA RSpec.describe 'Manage' do - describe 'Login', product_group: :authentication_and_authorization do + describe 'Login', product_group: :authentication do it 'can login' do Flow::Login.sign_in @@ -236,7 +236,7 @@ a call to `sign_in`. module QA RSpec.describe 'Manage' do - describe 'Login', product_group: :authentication_and_authorization do + describe 'Login', product_group: :authentication do before do Flow::Login.sign_in end diff --git a/doc/install/requirements.md b/doc/install/requirements.md index b02b55757dd..2a03d9deeda 100644 --- a/doc/install/requirements.md +++ b/doc/install/requirements.md @@ -46,7 +46,6 @@ Memory requirements are dependent on the number of users and expected workload. The following is the recommended minimum Memory hardware guidance for a handful of example GitLab user base sizes. - **4 GB RAM** is the **required** minimum memory size and supports up to 500 users - - Our [Memory Team](https://about.gitlab.com/handbook/engineering/development/enablement/data_stores/application_performance/) is working to reduce the memory requirement. - 8 GB RAM supports up to 1000 users - More users? Consult the [reference architectures page](../administration/reference_architectures/index.md) diff --git a/doc/integration/jenkins.md b/doc/integration/jenkins.md index 260bb3f7108..0565efb4def 100644 --- a/doc/integration/jenkins.md +++ b/doc/integration/jenkins.md @@ -157,6 +157,7 @@ If you cannot [provide GitLab with your Jenkins server URL and authentication in - [GitLab Jenkins Integration](https://about.gitlab.com/solutions/jenkins/) - [How to set up Jenkins on your local machine](../development/integrations/jenkins.md) - [How to migrate from Jenkins to GitLab CI/CD](../ci/migration/jenkins.md) +- Get more information about how to choose the right migration strategy in [Jenkins to GitLab: The ultimate guide to modernizing your CI/CD environment](https://about.gitlab.com/blog/2023/11/01/jenkins-gitlab-ultimate-guide-to-modernizing-cicd-environment/?utm_campaign=devrel&utm_source=twitter&utm_medium=social&utm_budget=devrel) ## Troubleshooting diff --git a/doc/user/project/protected_branches.md b/doc/user/project/protected_branches.md index cfa210faab8..f8f44d344d1 100644 --- a/doc/user/project/protected_branches.md +++ b/doc/user/project/protected_branches.md @@ -27,12 +27,12 @@ The [default branch](repository/branches/default.md) for your repository is prot When a branch is protected, the default behavior enforces these restrictions on the branch. -| Action | Who can do it | -|:-------------------------|:------------------------------------------------------------------| -| Protect a branch | At least the Maintainer role. | +| Action | Who can do it | +|:-------------------------|:----------------------------------------| +| Protect a branch | At least the Maintainer role. | | Push to the branch | Anyone with **Allowed** permission. (1) | -| Force push to the branch | No one. (3) | -| Delete the branch | No one. (2) | +| Force push to the branch | No one. (3) | +| Delete the branch | No one. (2) | 1. Users with the Developer role can create a project in a group, but might not be allowed to initially push to the [default branch](repository/branches/default.md). @@ -50,12 +50,12 @@ level of protection for the branch. For example, consider these rules, which inc [wildcards](#protect-multiple-branches-with-wildcard-rules): | Branch name pattern | Allowed to merge | Allowed to push and merge | -|---------------------|------------------------|-----------------| -| `v1.x` | Maintainer | Maintainer | -| `v1.*` | Maintainer + Developer | Maintainer | -| `v*` | No one | No one | +|---------------------|------------------------|---------------------------| +| `v1.x` | Maintainer | Maintainer | +| `v1.*` | Maintainer + Developer | Maintainer | +| `v*` | No one | No one | -A branch named `v1.x` matches all three branch name patterns: `v1.x`, `v1.*`, and `v*`. +A branch named `v1.x` is a case-sensitive match for all three branch name patterns: `v1.x`, `v1.*`, and `v*`. As the most permissive option determines the behavior, the resulting permissions for branch `v1.x` are: - **Allowed to merge:** Of the three settings, `Maintainer + Developer` is most permissive, @@ -72,10 +72,10 @@ If you want to ensure that `No one` is allowed to push to branch `v1.x`, every p that matches `v1.x` must set `Allowed to push and merge` to `No one`, like this: | Branch name pattern | Allowed to merge | Allowed to push and merge | -|---------------------|------------------------|-----------------| -| `v1.x` | Maintainer | No one | -| `v1.*` | Maintainer + Developer | No one | -| `v*` | No one | No one | +|---------------------|------------------------|---------------------------| +| `v1.x` | Maintainer | No one | +| `v1.*` | Maintainer + Developer | No one | +| `v*` | No one | No one | ### Set the default branch protection level @@ -139,6 +139,7 @@ To protect a branch for all the projects in a group: 1. Expand **Protected branches**. 1. Select **Add protected branch**. 1. In the **Branch** text box, type the branch name or a wildcard. + Branch names and wildcards [are case-sensitive](repository/branches/index.md#name-your-branch). 1. From the **Allowed to merge** list, select a role that can merge into this branch. 1. From the **Allowed to push and merge** list, select a role that can push to this branch. 1. Select **Protect**. @@ -163,7 +164,7 @@ To protect multiple branches at the same time: 1. Expand **Protected branches**. 1. Select **Add protected branch**. 1. From the **Branch** dropdown list, type the branch name and a wildcard. - For example: + Branch names and wildcards [are case-sensitive](repository/branches/index.md#name-your-branch). For example: | Wildcard protected branch | Matching branches | |---------------------------|--------------------------------------------------------| @@ -371,6 +372,7 @@ branches by using the GitLab web interface: 1. Select **Code > Branches**. 1. Next to the branch you want to delete, select **Delete** (**{remove}**). 1. On the confirmation dialog, enter the branch name and select **Yes, delete protected branch**. + Branch names [are case-sensitive](repository/branches/index.md#name-your-branch). Protected branches can only be deleted by using GitLab either from the UI or API. This prevents accidentally deleting a branch through local Git commands or @@ -382,14 +384,10 @@ third-party Git clients. - [Branches](repository/branches/index.md) - [Branches API](../../api/branches.md) -<!-- ## Troubleshooting +## Troubleshooting -Include any troubleshooting steps that you can foresee. If you know beforehand what issues -one might have when setting this up, or when something is changed, or on upgrading, it's -important to describe those, too. Think of things that may go wrong and include them here. -This is important to minimize requests for support, and to avoid doc comments with -questions that you know someone might ask. +### Branch names are case-sensitive -Each scenario can be a third-level heading, for example `### Getting error message X`. -If you have none to add when creating a doc, leave this section in place -but commented out to help encourage others to add to it in the future. --> +Branch names in `git` are case-sensitive. When configuring your protected branch +or [target branch rule](repository/branches/index.md#configure-rules-for-target-branches), +`dev` is not the same `DEV` or `Dev`. diff --git a/doc/user/project/repository/branches/index.md b/doc/user/project/repository/branches/index.md index 84383c4bf49..3640beebdfb 100644 --- a/doc/user/project/repository/branches/index.md +++ b/doc/user/project/repository/branches/index.md @@ -176,6 +176,7 @@ GitLab enforces these additional rules on all branches: - No spaces are allowed in branch names. - Branch names with 40 hexadecimal characters are prohibited, because they are similar to Git commit hashes. +- Branch names are case-sensitive. Common software packages, like Docker, can enforce [additional branch naming restrictions](../../../../administration/packages/container_registry.md#docker-connection-error). diff --git a/lib/gitlab/background_migration/backfill_packages_tags_project_id.rb b/lib/gitlab/background_migration/backfill_packages_tags_project_id.rb new file mode 100644 index 00000000000..04fd09f81f0 --- /dev/null +++ b/lib/gitlab/background_migration/backfill_packages_tags_project_id.rb @@ -0,0 +1,30 @@ +# frozen_string_literal: true + +module Gitlab + module BackgroundMigration + # This migration populates the new `packages_tags.project_id` column from joining with `packages_packages` table + class BackfillPackagesTagsProjectId < BatchedMigrationJob + operation_name :update_all # This is used as the key on collecting metrics + scope_to ->(relation) { relation.where(project_id: nil) } + feature_category :package_registry + + def perform + each_sub_batch do |sub_batch| + joined = sub_batch + .joins('INNER JOIN packages_packages ON packages_tags.package_id = packages_packages.id') + .select('packages_tags.id, packages_packages.project_id') + + ApplicationRecord.connection.execute <<~SQL + WITH joined_cte(packages_tag_id, project_id) AS MATERIALIZED ( + #{joined.to_sql} + ) + UPDATE packages_tags + SET project_id = joined_cte.project_id + FROM joined_cte + WHERE id = joined_cte.packages_tag_id + SQL + end + end + end + end +end diff --git a/locale/gitlab.pot b/locale/gitlab.pot index ceddbcdc74c..753a91ea0d4 100644 --- a/locale/gitlab.pot +++ b/locale/gitlab.pot @@ -1816,6 +1816,9 @@ msgstr "" msgid "A management, operational, or technical control (that is, safeguard or countermeasure) employed by an organization that provides equivalent or comparable protection for an information system." msgstr "" +msgid "A maximum of %{limit} projects can be searched for at one time." +msgstr "" + msgid "A member of the abuse team will review your report as soon as possible." msgstr "" @@ -8693,7 +8696,7 @@ msgstr "" msgid "Branches" msgstr "" -msgid "Branches matching this string are retargeted. Wildcards are supported." +msgid "Branches matching this string are retargeted. Wildcards are supported, and names are case-sensitive." msgstr "" msgid "Branches: %{source_branch} to %{target_branch}" @@ -38565,7 +38568,7 @@ msgstr "" msgid "Protected tags" msgstr "" -msgid "ProtectedBranch|%{wildcards_link_start}Wildcards%{wildcards_link_end} such as %{code_tag_start}*-stable%{code_tag_end} or %{code_tag_start}production/*%{code_tag_end} are supported." +msgid "ProtectedBranch|%{wildcards_link_start}Wildcards%{wildcards_link_end} such as %{code_tag_start}*-stable%{code_tag_end} or %{code_tag_start}production/*%{code_tag_end} are supported. %{case_sensitive_link_start}Branch names are case-sensitive.%{case_sensitive_link_end}" msgstr "" msgid "ProtectedBranch|After you configure a protected branch, merge request approval, or status check, it appears here." @@ -38649,7 +38652,7 @@ msgstr "" msgid "ProtectedBranch|No tags are protected." msgstr "" -msgid "ProtectedBranch|Only %{wildcards_link_start}Wildcards%{wildcards_link_end} such as %{code_tag_start}*-stable%{code_tag_end} or %{code_tag_start}production/*%{code_tag_end} are supported." +msgid "ProtectedBranch|Only %{wildcards_link_start}Wildcards%{wildcards_link_end} such as %{code_tag_start}*-stable%{code_tag_end} or %{code_tag_start}production/*%{code_tag_end} are supported. %{case_sensitive_link_start}Branch names are case-sensitive.%{case_sensitive_link_end}" msgstr "" msgid "ProtectedBranch|Protect" diff --git a/qa/qa/specs/features/api/10_govern/group_access_token_spec.rb b/qa/qa/specs/features/api/10_govern/group_access_token_spec.rb index 40c8adc8822..a3b14566153 100644 --- a/qa/qa/specs/features/api/10_govern/group_access_token_spec.rb +++ b/qa/qa/specs/features/api/10_govern/group_access_token_spec.rb @@ -2,7 +2,7 @@ module QA RSpec.describe 'Govern' do - describe 'Group access token', product_group: :authentication_and_authorization do + describe 'Group access token', product_group: :authentication do let(:group_access_token) { create(:group_access_token) } let(:api_client) { Runtime::API::Client.new(:gitlab, personal_access_token: group_access_token.token) } let(:project) do diff --git a/qa/qa/specs/features/api/10_govern/project_access_token_spec.rb b/qa/qa/specs/features/api/10_govern/project_access_token_spec.rb index 686eb5968c7..cb7e4849d0f 100644 --- a/qa/qa/specs/features/api/10_govern/project_access_token_spec.rb +++ b/qa/qa/specs/features/api/10_govern/project_access_token_spec.rb @@ -2,7 +2,7 @@ module QA RSpec.describe 'Govern' do - describe 'Project access token', product_group: :authentication_and_authorization do + describe 'Project access token', product_group: :authentication do let!(:project) { create(:project, name: "project-to-test-project-access-token-#{SecureRandom.hex(4)}") } let!(:project_access_token) { create(:project_access_token, project: project) } let!(:user_api_client) { Runtime::API::Client.new(:gitlab, personal_access_token: project_access_token.token) } diff --git a/qa/qa/specs/features/browser_ui/10_govern/group/group_access_token_spec.rb b/qa/qa/specs/features/browser_ui/10_govern/group/group_access_token_spec.rb index 0c57bb7fa3f..525b22c8a7d 100644 --- a/qa/qa/specs/features/browser_ui/10_govern/group/group_access_token_spec.rb +++ b/qa/qa/specs/features/browser_ui/10_govern/group/group_access_token_spec.rb @@ -2,7 +2,7 @@ module QA RSpec.describe 'Govern' do - describe 'Group access tokens', product_group: :authentication_and_authorization do + describe 'Group access tokens', product_group: :authentication do let(:group_access_token) { QA::Resource::GroupAccessToken.fabricate_via_browser_ui! } it( diff --git a/qa/qa/specs/features/browser_ui/10_govern/login/2fa_recovery_spec.rb b/qa/qa/specs/features/browser_ui/10_govern/login/2fa_recovery_spec.rb index e1afdf823b8..f5defaf75a8 100644 --- a/qa/qa/specs/features/browser_ui/10_govern/login/2fa_recovery_spec.rb +++ b/qa/qa/specs/features/browser_ui/10_govern/login/2fa_recovery_spec.rb @@ -2,7 +2,7 @@ module QA RSpec.describe 'Govern', :requires_admin, :skip_live_env, :reliable do - describe '2FA', product_group: :authentication_and_authorization do + describe '2FA', product_group: :authentication do let(:owner_user) { create(:user, api_client: admin_api_client) } let(:developer_user) { create(:user, api_client: admin_api_client) } diff --git a/qa/qa/specs/features/browser_ui/10_govern/login/2fa_ssh_recovery_spec.rb b/qa/qa/specs/features/browser_ui/10_govern/login/2fa_ssh_recovery_spec.rb index 1570ca24c96..8c9bb170925 100644 --- a/qa/qa/specs/features/browser_ui/10_govern/login/2fa_ssh_recovery_spec.rb +++ b/qa/qa/specs/features/browser_ui/10_govern/login/2fa_ssh_recovery_spec.rb @@ -2,7 +2,7 @@ module QA RSpec.describe 'Govern', :reliable, :requires_admin, :skip_live_env, - product_group: :authentication_and_authorization do + product_group: :authentication do describe '2FA' do let!(:user) { create(:user) } let!(:user_api_client) { Runtime::API::Client.new(:gitlab, user: user) } diff --git a/qa/qa/specs/features/browser_ui/10_govern/login/log_in_spec.rb b/qa/qa/specs/features/browser_ui/10_govern/login/log_in_spec.rb index ab7cbc0743c..c289852d2cc 100644 --- a/qa/qa/specs/features/browser_ui/10_govern/login/log_in_spec.rb +++ b/qa/qa/specs/features/browser_ui/10_govern/login/log_in_spec.rb @@ -1,7 +1,7 @@ # frozen_string_literal: true module QA - RSpec.describe 'Govern', :smoke, :mobile, product_group: :authentication_and_authorization do + RSpec.describe 'Govern', :smoke, :mobile, product_group: :authentication do describe 'basic user login' do it 'user logs in using basic credentials and logs out', testcase: 'https://gitlab.com/gitlab-org/gitlab/-/quality/test_cases/347880' do diff --git a/qa/qa/specs/features/browser_ui/10_govern/login/log_in_with_2fa_spec.rb b/qa/qa/specs/features/browser_ui/10_govern/login/log_in_with_2fa_spec.rb index 20570300d4f..b0e8c367924 100644 --- a/qa/qa/specs/features/browser_ui/10_govern/login/log_in_with_2fa_spec.rb +++ b/qa/qa/specs/features/browser_ui/10_govern/login/log_in_with_2fa_spec.rb @@ -1,7 +1,7 @@ # frozen_string_literal: true module QA - RSpec.describe 'Govern', :requires_admin, product_group: :authentication_and_authorization do + RSpec.describe 'Govern', :requires_admin, product_group: :authentication do describe '2FA' do let(:admin_api_client) { Runtime::API::Client.as_admin } let(:owner_api_client) { Runtime::API::Client.new(:gitlab, user: owner_user) } diff --git a/qa/qa/specs/features/browser_ui/10_govern/login/log_into_gitlab_via_ldap_spec.rb b/qa/qa/specs/features/browser_ui/10_govern/login/log_into_gitlab_via_ldap_spec.rb index f9b9dbb0f2b..c5cd11cd8a0 100644 --- a/qa/qa/specs/features/browser_ui/10_govern/login/log_into_gitlab_via_ldap_spec.rb +++ b/qa/qa/specs/features/browser_ui/10_govern/login/log_into_gitlab_via_ldap_spec.rb @@ -1,7 +1,7 @@ # frozen_string_literal: true module QA - RSpec.describe 'Govern', :orchestrated, :ldap_no_tls, :ldap_tls, product_group: :authentication_and_authorization do + RSpec.describe 'Govern', :orchestrated, :ldap_no_tls, :ldap_tls, product_group: :authentication do describe 'LDAP login' do it 'user logs into GitLab using LDAP credentials', testcase: 'https://gitlab.com/gitlab-org/gitlab/-/quality/test_cases/347892' do diff --git a/qa/qa/specs/features/browser_ui/10_govern/login/log_into_mattermost_via_gitlab_spec.rb b/qa/qa/specs/features/browser_ui/10_govern/login/log_into_mattermost_via_gitlab_spec.rb index 276e502e19c..ea7bad5205a 100644 --- a/qa/qa/specs/features/browser_ui/10_govern/login/log_into_mattermost_via_gitlab_spec.rb +++ b/qa/qa/specs/features/browser_ui/10_govern/login/log_into_mattermost_via_gitlab_spec.rb @@ -1,7 +1,7 @@ # frozen_string_literal: true module QA - RSpec.describe 'Govern', :orchestrated, :mattermost, product_group: :authentication_and_authorization do + RSpec.describe 'Govern', :orchestrated, :mattermost, product_group: :authentication do describe 'Mattermost login' do it 'user logs into Mattermost using GitLab OAuth', testcase: 'https://gitlab.com/gitlab-org/gitlab/-/quality/test_cases/347891' do diff --git a/qa/qa/specs/features/browser_ui/10_govern/login/login_via_instance_wide_saml_sso_spec.rb b/qa/qa/specs/features/browser_ui/10_govern/login/login_via_instance_wide_saml_sso_spec.rb index 5528e733852..df2ea63c650 100644 --- a/qa/qa/specs/features/browser_ui/10_govern/login/login_via_instance_wide_saml_sso_spec.rb +++ b/qa/qa/specs/features/browser_ui/10_govern/login/login_via_instance_wide_saml_sso_spec.rb @@ -1,7 +1,7 @@ # frozen_string_literal: true module QA - RSpec.describe 'Govern', :orchestrated, :instance_saml, product_group: :authentication_and_authorization do + RSpec.describe 'Govern', :orchestrated, :instance_saml, product_group: :authentication do describe 'Instance wide SAML SSO' do it( 'user logs in to gitlab with SAML SSO', diff --git a/qa/qa/specs/features/browser_ui/10_govern/login/login_via_oauth_and_oidc_with_gitlab_as_idp_spec.rb b/qa/qa/specs/features/browser_ui/10_govern/login/login_via_oauth_and_oidc_with_gitlab_as_idp_spec.rb index a7781d265c7..7ac34d86b62 100644 --- a/qa/qa/specs/features/browser_ui/10_govern/login/login_via_oauth_and_oidc_with_gitlab_as_idp_spec.rb +++ b/qa/qa/specs/features/browser_ui/10_govern/login/login_via_oauth_and_oidc_with_gitlab_as_idp_spec.rb @@ -2,7 +2,7 @@ module QA RSpec.describe 'Govern', :skip_live_env, requires_admin: 'creates users and instance OAuth application', - product_group: :authentication_and_authorization do + product_group: :authentication do let!(:user) { create(:user) } let(:consumer_host) { "http://#{consumer_name}.#{Runtime::Env.running_in_ci? ? 'test' : 'bridge'}" } let(:instance_oauth_app) do diff --git a/qa/qa/specs/features/browser_ui/10_govern/login/oauth_login_with_facebook_spec.rb b/qa/qa/specs/features/browser_ui/10_govern/login/oauth_login_with_facebook_spec.rb index 361d87ac72c..06204895601 100644 --- a/qa/qa/specs/features/browser_ui/10_govern/login/oauth_login_with_facebook_spec.rb +++ b/qa/qa/specs/features/browser_ui/10_govern/login/oauth_login_with_facebook_spec.rb @@ -1,7 +1,7 @@ # frozen_string_literal: true module QA - RSpec.describe 'Govern', :orchestrated, :oauth, product_group: :authentication_and_authorization do + RSpec.describe 'Govern', :orchestrated, :oauth, product_group: :authentication do describe 'OAuth' do it 'logs in with Facebook credentials', testcase: 'https://gitlab.com/gitlab-org/gitlab/-/quality/test_cases/417115' do diff --git a/qa/qa/specs/features/browser_ui/10_govern/login/oauth_login_with_github_spec.rb b/qa/qa/specs/features/browser_ui/10_govern/login/oauth_login_with_github_spec.rb index 872b7a7d87f..4fa3201d7fa 100644 --- a/qa/qa/specs/features/browser_ui/10_govern/login/oauth_login_with_github_spec.rb +++ b/qa/qa/specs/features/browser_ui/10_govern/login/oauth_login_with_github_spec.rb @@ -1,7 +1,7 @@ # frozen_string_literal: true module QA - RSpec.describe 'Govern', :orchestrated, :oauth, product_group: :authentication_and_authorization do + RSpec.describe 'Govern', :orchestrated, :oauth, product_group: :authentication do describe 'OAuth' do it 'connects and logs in with GitHub OAuth', testcase: 'https://gitlab.com/gitlab-org/gitlab/-/quality/test_cases/402405' do diff --git a/qa/qa/specs/features/browser_ui/10_govern/login/register_spec.rb b/qa/qa/specs/features/browser_ui/10_govern/login/register_spec.rb index e200c7d3f87..7ff6e484b1e 100644 --- a/qa/qa/specs/features/browser_ui/10_govern/login/register_spec.rb +++ b/qa/qa/specs/features/browser_ui/10_govern/login/register_spec.rb @@ -15,7 +15,7 @@ module QA end end - RSpec.describe 'Govern', :skip_signup_disabled, :requires_admin, product_group: :authentication_and_authorization do + RSpec.describe 'Govern', :skip_signup_disabled, :requires_admin, product_group: :authentication do describe 'while LDAP is enabled', :orchestrated, :ldap_no_tls, testcase: 'https://gitlab.com/gitlab-org/gitlab/-/quality/test_cases/347934', quarantine: { diff --git a/qa/qa/specs/features/browser_ui/10_govern/project/project_access_token_spec.rb b/qa/qa/specs/features/browser_ui/10_govern/project/project_access_token_spec.rb index e61ab7cb9c6..aeae42b2a4a 100644 --- a/qa/qa/specs/features/browser_ui/10_govern/project/project_access_token_spec.rb +++ b/qa/qa/specs/features/browser_ui/10_govern/project/project_access_token_spec.rb @@ -2,7 +2,7 @@ module QA RSpec.describe 'Govern' do - describe 'Project access tokens', :reliable, product_group: :authentication_and_authorization do + describe 'Project access tokens', :reliable, product_group: :authentication do let(:project_access_token) { QA::Resource::ProjectAccessToken.fabricate_via_browser_ui! } after do diff --git a/qa/qa/specs/features/browser_ui/10_govern/user/impersonation_token_spec.rb b/qa/qa/specs/features/browser_ui/10_govern/user/impersonation_token_spec.rb index 5f175508bbd..142d4857d10 100644 --- a/qa/qa/specs/features/browser_ui/10_govern/user/impersonation_token_spec.rb +++ b/qa/qa/specs/features/browser_ui/10_govern/user/impersonation_token_spec.rb @@ -2,7 +2,7 @@ module QA RSpec.describe 'Govern' do - describe 'Impersonation tokens', :requires_admin, product_group: :authentication_and_authorization do + describe 'Impersonation tokens', :requires_admin, product_group: :authentication do let(:admin_api_client) { Runtime::API::Client.as_admin } let!(:user) { create(:user, :hard_delete, api_client: admin_api_client) } diff --git a/qa/qa/specs/features/browser_ui/10_govern/user/user_access_termination_spec.rb b/qa/qa/specs/features/browser_ui/10_govern/user/user_access_termination_spec.rb index 895d577e9bd..6636a2c6220 100644 --- a/qa/qa/specs/features/browser_ui/10_govern/user/user_access_termination_spec.rb +++ b/qa/qa/specs/features/browser_ui/10_govern/user/user_access_termination_spec.rb @@ -3,7 +3,7 @@ module QA RSpec.describe 'Govern' do # TODO: `:reliable` should be added back once https://gitlab.com/gitlab-org/gitlab/-/issues/359278 is resolved - describe 'User', :requires_admin, product_group: :authentication_and_authorization do + describe 'User', :requires_admin, product_group: :authentication do # rubocop:disable RSpec/InstanceVariable before(:all) do admin_api_client = Runtime::API::Client.as_admin diff --git a/spec/features/user_can_display_performance_bar_spec.rb b/spec/features/user_can_display_performance_bar_spec.rb index caf13c4111b..a22418760aa 100644 --- a/spec/features/user_can_display_performance_bar_spec.rb +++ b/spec/features/user_can_display_performance_bar_spec.rb @@ -2,7 +2,7 @@ require 'spec_helper' -RSpec.describe 'User can display performance bar', :js, feature_category: :application_performance do +RSpec.describe 'User can display performance bar', :js, feature_category: :cloud_connector do shared_examples 'performance bar cannot be displayed' do it 'does not show the performance bar by default' do expect(page).not_to have_css('#js-peek') diff --git a/spec/initializers/active_record_transaction_observer_spec.rb b/spec/initializers/active_record_transaction_observer_spec.rb index a834037dce5..124bfe2eb48 100644 --- a/spec/initializers/active_record_transaction_observer_spec.rb +++ b/spec/initializers/active_record_transaction_observer_spec.rb @@ -2,7 +2,7 @@ require 'spec_helper' -RSpec.describe 'ActiveRecord Transaction Observer', feature_category: :application_performance do +RSpec.describe 'ActiveRecord Transaction Observer', feature_category: :cloud_connector do def load_initializer load Rails.root.join('config/initializers/active_record_transaction_observer.rb') end diff --git a/spec/initializers/diagnostic_reports_spec.rb b/spec/initializers/diagnostic_reports_spec.rb index dc989efe809..ce184ecee29 100644 --- a/spec/initializers/diagnostic_reports_spec.rb +++ b/spec/initializers/diagnostic_reports_spec.rb @@ -2,7 +2,7 @@ require 'spec_helper' -RSpec.describe 'diagnostic reports', :aggregate_failures, feature_category: :application_performance do +RSpec.describe 'diagnostic reports', :aggregate_failures, feature_category: :cloud_connector do subject(:load_initializer) do load Rails.root.join('config/initializers/diagnostic_reports.rb') end diff --git a/spec/initializers/google_cloud_profiler_spec.rb b/spec/initializers/google_cloud_profiler_spec.rb index 493d1e0bea5..d9b871fd1f0 100644 --- a/spec/initializers/google_cloud_profiler_spec.rb +++ b/spec/initializers/google_cloud_profiler_spec.rb @@ -2,7 +2,7 @@ require 'spec_helper' -RSpec.describe 'google cloud profiler', :aggregate_failures, feature_category: :application_performance do +RSpec.describe 'google cloud profiler', :aggregate_failures, feature_category: :cloud_connector do subject(:load_initializer) do load rails_root_join('config/initializers/google_cloud_profiler.rb') end diff --git a/spec/initializers/memory_watchdog_spec.rb b/spec/initializers/memory_watchdog_spec.rb index ef24da0071b..d1dfb198818 100644 --- a/spec/initializers/memory_watchdog_spec.rb +++ b/spec/initializers/memory_watchdog_spec.rb @@ -2,7 +2,7 @@ require 'fast_spec_helper' -RSpec.describe 'memory watchdog', feature_category: :application_performance do +RSpec.describe 'memory watchdog', feature_category: :cloud_connector do shared_examples 'starts configured watchdog' do |configure_monitor_method| shared_examples 'configures and starts watchdog' do it "correctly configures and starts watchdog", :aggregate_failures do diff --git a/spec/lib/gitlab/background_migration/backfill_packages_tags_project_id_spec.rb b/spec/lib/gitlab/background_migration/backfill_packages_tags_project_id_spec.rb new file mode 100644 index 00000000000..423d9fe76ac --- /dev/null +++ b/spec/lib/gitlab/background_migration/backfill_packages_tags_project_id_spec.rb @@ -0,0 +1,42 @@ +# frozen_string_literal: true + +require 'spec_helper' + +RSpec.describe Gitlab::BackgroundMigration::BackfillPackagesTagsProjectId, + feature_category: :package_registry, + schema: 20231030051837 do # schema before we introduced the invalid not-null constraint + let!(:tags_without_project_id) do + (0...13).map do |i| + namespace = table(:namespaces).create!(name: 'my namespace', path: 'my-namespace') + project = table(:projects).create!(name: 'my project', path: 'my-project', namespace_id: namespace.id, + project_namespace_id: namespace.id) + package = table(:packages_packages).create!(project_id: project.id, created_at: Time.current, + updated_at: Time.current, name: "Package #{i}", package_type: 1, status: 1) + table(:packages_tags).create!(package_id: package.id, name: "Tag #{i}", created_at: Time.current, + updated_at: Time.current, project_id: nil) + end + end + + let!(:starting_id) { table(:packages_tags).pluck(:id).min } + let!(:end_id) { table(:packages_tags).pluck(:id).max } + + let!(:migration) do + described_class.new( + start_id: starting_id, + end_id: end_id, + batch_table: :packages_tags, + batch_column: :id, + sub_batch_size: 10, + pause_ms: 2, + connection: ::ApplicationRecord.connection + ) + end + + it 'backfills the missing project_id for the batch' do + expect do + migration.perform + end.to change { table(:packages_tags).where(project_id: nil).count } + .from(13) + .to(0) + end +end diff --git a/spec/lib/gitlab/bullet/exclusions_spec.rb b/spec/lib/gitlab/bullet/exclusions_spec.rb index ccedfee28c7..2cb824674dc 100644 --- a/spec/lib/gitlab/bullet/exclusions_spec.rb +++ b/spec/lib/gitlab/bullet/exclusions_spec.rb @@ -3,7 +3,7 @@ require 'fast_spec_helper' require 'tempfile' -RSpec.describe Gitlab::Bullet::Exclusions, feature_category: :application_performance do +RSpec.describe Gitlab::Bullet::Exclusions, feature_category: :cloud_connector do let(:config_file) do file = Tempfile.new('bullet.yml') File.basename(file) diff --git a/spec/lib/gitlab/instrumentation_helper_spec.rb b/spec/lib/gitlab/instrumentation_helper_spec.rb index 9e69566df36..07a06025c0f 100644 --- a/spec/lib/gitlab/instrumentation_helper_spec.rb +++ b/spec/lib/gitlab/instrumentation_helper_spec.rb @@ -258,15 +258,12 @@ RSpec.describe Gitlab::InstrumentationHelper, :clean_gitlab_redis_repository_cac end end - describe 'duration calculations' do - where(:end_time, :start_time, :time_now, :expected_duration) do + describe '.queue_duration_for_job' do + where(:enqueued_at, :created_at, :time_now, :expected_duration) do "2019-06-01T00:00:00.000+0000" | nil | "2019-06-01T02:00:00.000+0000" | 2.hours.to_f - "2019-06-01T02:00:00.000+0000" | nil | "2019-06-01T02:00:00.001+0000" | 0.001 "2019-06-01T02:00:00.000+0000" | "2019-05-01T02:00:00.000+0000" | "2019-06-01T02:00:01.000+0000" | 1 - nil | "2019-06-01T02:00:00.000+0000" | "2019-06-01T02:00:00.001+0000" | 0.001 nil | nil | "2019-06-01T02:00:00.001+0000" | nil "2019-06-01T02:00:00.000+0200" | nil | "2019-06-01T02:00:00.000-0200" | 4.hours.to_f - 1571825569.998168 | nil | "2019-10-23T12:13:16.000+0200" | 26.001832 1571825569 | nil | "2019-10-23T12:13:16.000+0200" | 27 "invalid_date" | nil | "2019-10-23T12:13:16.000+0200" | nil "" | nil | "2019-10-23T12:13:16.000+0200" | nil @@ -276,27 +273,30 @@ RSpec.describe Gitlab::InstrumentationHelper, :clean_gitlab_redis_repository_cac Time.at(1571999233).utc | nil | "2019-10-25T12:29:16.000+0200" | 123 end - describe '.queue_duration_for_job' do - with_them do - let(:job) { { 'enqueued_at' => end_time, 'created_at' => start_time } } + with_them do + let(:job) { { 'enqueued_at' => enqueued_at, 'created_at' => created_at } } - it "returns the correct duration" do - travel_to(Time.iso8601(time_now)) do - expect(described_class.queue_duration_for_job(job)).to eq(expected_duration) - end + it "returns the correct duration" do + travel_to(Time.iso8601(time_now)) do + expect(described_class.queue_duration_for_job(job)).to eq(expected_duration) end end end + end + + describe '.enqueue_latency_for_scheduled_job' do + where(:scheduled_at, :enqueued_at, :expected_duration) do + "2019-06-01T02:00:00.000+0000" | "2019-06-01T02:00:00.001+0000" | 0.001 + "2019-06-01T02:00:00.000+0000" | "2019-06-01T02:00:01.000+0000" | 1 + "2019-06-01T02:00:00.000+0000" | nil | nil + nil | "2019-06-01T02:00:01.000+0000" | nil + end - describe '.enqueue_latency_for_scheduled_job' do - with_them do - let(:job) { { 'enqueued_at' => end_time, 'scheduled_at' => start_time } } + with_them do + let(:job) { { 'enqueued_at' => enqueued_at, 'scheduled_at' => scheduled_at } } - it "returns the correct duration" do - travel_to(Time.iso8601(time_now)) do - expect(described_class.enqueue_latency_for_scheduled_job(job)).to eq(expected_duration) - end - end + it "returns the correct duration" do + expect(described_class.enqueue_latency_for_scheduled_job(job)).to eq(expected_duration) end end end diff --git a/spec/lib/gitlab/memory/instrumentation_spec.rb b/spec/lib/gitlab/memory/instrumentation_spec.rb index f287edb7da3..059bcad37e7 100644 --- a/spec/lib/gitlab/memory/instrumentation_spec.rb +++ b/spec/lib/gitlab/memory/instrumentation_spec.rb @@ -2,7 +2,7 @@ require 'spec_helper' -RSpec.describe Gitlab::Memory::Instrumentation, feature_category: :application_performance do +RSpec.describe Gitlab::Memory::Instrumentation, feature_category: :cloud_connector do include MemoryInstrumentationHelper before do diff --git a/spec/lib/gitlab/memory/reporter_spec.rb b/spec/lib/gitlab/memory/reporter_spec.rb index 1d19d7129cf..5ba429ae6bc 100644 --- a/spec/lib/gitlab/memory/reporter_spec.rb +++ b/spec/lib/gitlab/memory/reporter_spec.rb @@ -2,7 +2,7 @@ require 'spec_helper' -RSpec.describe Gitlab::Memory::Reporter, :aggregate_failures, feature_category: :application_performance do +RSpec.describe Gitlab::Memory::Reporter, :aggregate_failures, feature_category: :cloud_connector do let(:fake_report) do Class.new do def name diff --git a/spec/lib/gitlab/memory/reports/heap_dump_spec.rb b/spec/lib/gitlab/memory/reports/heap_dump_spec.rb index 4e235a71bdb..7888f8b0c79 100644 --- a/spec/lib/gitlab/memory/reports/heap_dump_spec.rb +++ b/spec/lib/gitlab/memory/reports/heap_dump_spec.rb @@ -2,7 +2,7 @@ require 'spec_helper' -RSpec.describe Gitlab::Memory::Reports::HeapDump, feature_category: :application_performance do +RSpec.describe Gitlab::Memory::Reports::HeapDump, feature_category: :cloud_connector do # Copy this class so we do not mess with its state. let(:klass) { described_class.dup } diff --git a/spec/lib/gitlab/memory/watchdog/configurator_spec.rb b/spec/lib/gitlab/memory/watchdog/configurator_spec.rb index 035652abfe6..cd9ac0d7a8d 100644 --- a/spec/lib/gitlab/memory/watchdog/configurator_spec.rb +++ b/spec/lib/gitlab/memory/watchdog/configurator_spec.rb @@ -2,7 +2,7 @@ require 'spec_helper' -RSpec.describe Gitlab::Memory::Watchdog::Configurator, feature_category: :application_performance do +RSpec.describe Gitlab::Memory::Watchdog::Configurator, feature_category: :cloud_connector do shared_examples 'as configurator' do |handler_class, event_reporter_class, sleep_time_env, sleep_time| it 'configures the correct handler' do configurator.call(configuration) diff --git a/spec/lib/gitlab/memory/watchdog/event_reporter_spec.rb b/spec/lib/gitlab/memory/watchdog/event_reporter_spec.rb index f1d241249e2..e27f842bc71 100644 --- a/spec/lib/gitlab/memory/watchdog/event_reporter_spec.rb +++ b/spec/lib/gitlab/memory/watchdog/event_reporter_spec.rb @@ -3,7 +3,7 @@ require 'fast_spec_helper' require 'prometheus/client' -RSpec.describe Gitlab::Memory::Watchdog::EventReporter, feature_category: :application_performance do +RSpec.describe Gitlab::Memory::Watchdog::EventReporter, feature_category: :cloud_connector do let(:logger) { instance_double(::Logger) } let(:violations_counter) { instance_double(::Prometheus::Client::Counter) } let(:violations_handled_counter) { instance_double(::Prometheus::Client::Counter) } diff --git a/spec/lib/gitlab/memory/watchdog/handlers/null_handler_spec.rb b/spec/lib/gitlab/memory/watchdog/handlers/null_handler_spec.rb index 09c76de9611..96cb02393f9 100644 --- a/spec/lib/gitlab/memory/watchdog/handlers/null_handler_spec.rb +++ b/spec/lib/gitlab/memory/watchdog/handlers/null_handler_spec.rb @@ -2,7 +2,7 @@ require 'fast_spec_helper' -RSpec.describe Gitlab::Memory::Watchdog::Handlers::NullHandler, feature_category: :application_performance do +RSpec.describe Gitlab::Memory::Watchdog::Handlers::NullHandler, feature_category: :cloud_connector do subject(:handler) { described_class.instance } describe '#call' do diff --git a/spec/lib/gitlab/memory/watchdog/handlers/puma_handler_spec.rb b/spec/lib/gitlab/memory/watchdog/handlers/puma_handler_spec.rb index 7df95c1722e..4c2fd5a3283 100644 --- a/spec/lib/gitlab/memory/watchdog/handlers/puma_handler_spec.rb +++ b/spec/lib/gitlab/memory/watchdog/handlers/puma_handler_spec.rb @@ -2,7 +2,7 @@ require 'fast_spec_helper' -RSpec.describe Gitlab::Memory::Watchdog::Handlers::PumaHandler, feature_category: :application_performance do +RSpec.describe Gitlab::Memory::Watchdog::Handlers::PumaHandler, feature_category: :cloud_connector do # rubocop: disable RSpec/VerifiedDoubles # In tests, the Puma constant is not loaded so we cannot make this an instance_double. let(:puma_worker_handle_class) { double('Puma::Cluster::WorkerHandle') } diff --git a/spec/lib/gitlab/memory/watchdog/handlers/sidekiq_handler_spec.rb b/spec/lib/gitlab/memory/watchdog/handlers/sidekiq_handler_spec.rb index d1f303e7731..68dd784fb7e 100644 --- a/spec/lib/gitlab/memory/watchdog/handlers/sidekiq_handler_spec.rb +++ b/spec/lib/gitlab/memory/watchdog/handlers/sidekiq_handler_spec.rb @@ -3,7 +3,7 @@ require 'fast_spec_helper' require 'sidekiq' -RSpec.describe Gitlab::Memory::Watchdog::Handlers::SidekiqHandler, feature_category: :application_performance do +RSpec.describe Gitlab::Memory::Watchdog::Handlers::SidekiqHandler, feature_category: :cloud_connector do let(:sleep_time) { 3 } let(:shutdown_timeout_seconds) { 30 } let(:handler_iterations) { 0 } diff --git a/spec/lib/gitlab/memory/watchdog/monitor/rss_memory_limit_spec.rb b/spec/lib/gitlab/memory/watchdog/monitor/rss_memory_limit_spec.rb index 67d185fd2f1..552736a55ef 100644 --- a/spec/lib/gitlab/memory/watchdog/monitor/rss_memory_limit_spec.rb +++ b/spec/lib/gitlab/memory/watchdog/monitor/rss_memory_limit_spec.rb @@ -4,7 +4,7 @@ require 'fast_spec_helper' require 'prometheus/client' require 'support/shared_examples/lib/gitlab/memory/watchdog/monitor_result_shared_examples' -RSpec.describe Gitlab::Memory::Watchdog::Monitor::RssMemoryLimit, feature_category: :application_performance do +RSpec.describe Gitlab::Memory::Watchdog::Monitor::RssMemoryLimit, feature_category: :cloud_connector do let(:max_rss_limit_gauge) { instance_double(::Prometheus::Client::Gauge) } let(:memory_limit_bytes) { 2_097_152_000 } let(:worker_memory_bytes) { 1_048_576_000 } diff --git a/spec/lib/gitlab/memory/watchdog/sidekiq_event_reporter_spec.rb b/spec/lib/gitlab/memory/watchdog/sidekiq_event_reporter_spec.rb index 48595c3f172..06b1646d418 100644 --- a/spec/lib/gitlab/memory/watchdog/sidekiq_event_reporter_spec.rb +++ b/spec/lib/gitlab/memory/watchdog/sidekiq_event_reporter_spec.rb @@ -2,7 +2,7 @@ require 'spec_helper' -RSpec.describe Gitlab::Memory::Watchdog::SidekiqEventReporter, feature_category: :application_performance do +RSpec.describe Gitlab::Memory::Watchdog::SidekiqEventReporter, feature_category: :cloud_connector do let(:counter) { instance_double(::Prometheus::Client::Counter) } before do diff --git a/spec/lib/gitlab/memory/watchdog_spec.rb b/spec/lib/gitlab/memory/watchdog_spec.rb index dd6bfb6da2c..c442208617f 100644 --- a/spec/lib/gitlab/memory/watchdog_spec.rb +++ b/spec/lib/gitlab/memory/watchdog_spec.rb @@ -2,7 +2,7 @@ require 'spec_helper' -RSpec.describe Gitlab::Memory::Watchdog, :aggregate_failures, feature_category: :application_performance do +RSpec.describe Gitlab::Memory::Watchdog, :aggregate_failures, feature_category: :cloud_connector do context 'watchdog' do let(:configuration) { instance_double(described_class::Configuration) } let(:handler) { instance_double(described_class::Handlers::NullHandler) } diff --git a/spec/lib/gitlab/metrics/exporter/base_exporter_spec.rb b/spec/lib/gitlab/metrics/exporter/base_exporter_spec.rb index 6673cc50d67..4184c674823 100644 --- a/spec/lib/gitlab/metrics/exporter/base_exporter_spec.rb +++ b/spec/lib/gitlab/metrics/exporter/base_exporter_spec.rb @@ -2,7 +2,7 @@ require 'spec_helper' -RSpec.describe Gitlab::Metrics::Exporter::BaseExporter, feature_category: :application_performance do +RSpec.describe Gitlab::Metrics::Exporter::BaseExporter, feature_category: :cloud_connector do let(:settings) { double('settings') } let(:log_enabled) { false } let(:exporter) { described_class.new(settings, log_enabled: log_enabled, log_file: 'test_exporter.log') } diff --git a/spec/lib/gitlab/metrics/subscribers/action_cable_spec.rb b/spec/lib/gitlab/metrics/subscribers/action_cable_spec.rb index 54868bb6ca4..8fbfcdc3bd5 100644 --- a/spec/lib/gitlab/metrics/subscribers/action_cable_spec.rb +++ b/spec/lib/gitlab/metrics/subscribers/action_cable_spec.rb @@ -2,7 +2,7 @@ require 'spec_helper' -RSpec.describe Gitlab::Metrics::Subscribers::ActionCable, :request_store, feature_category: :application_performance do +RSpec.describe Gitlab::Metrics::Subscribers::ActionCable, :request_store, feature_category: :cloud_connector do let(:subscriber) { described_class.new } let(:counter) { double(:counter) } let(:transmitted_bytes_counter) { double(:counter) } diff --git a/spec/lib/gitlab/process_supervisor_spec.rb b/spec/lib/gitlab/process_supervisor_spec.rb index 8c18bbb758d..94535e96843 100644 --- a/spec/lib/gitlab/process_supervisor_spec.rb +++ b/spec/lib/gitlab/process_supervisor_spec.rb @@ -2,7 +2,7 @@ require_relative '../../../lib/gitlab/process_supervisor' -RSpec.describe Gitlab::ProcessSupervisor, feature_category: :application_performance do +RSpec.describe Gitlab::ProcessSupervisor, feature_category: :cloud_connector do let(:health_check_interval_seconds) { 0.1 } let(:check_terminate_interval_seconds) { 1 } let(:forwarded_signals) { [] } diff --git a/spec/lib/gitlab/runtime_spec.rb b/spec/lib/gitlab/runtime_spec.rb index 01cfa91bb59..05bcdf2fc96 100644 --- a/spec/lib/gitlab/runtime_spec.rb +++ b/spec/lib/gitlab/runtime_spec.rb @@ -2,7 +2,7 @@ require 'spec_helper' -RSpec.describe Gitlab::Runtime, feature_category: :application_performance do +RSpec.describe Gitlab::Runtime, feature_category: :cloud_connector do shared_examples "valid runtime" do |runtime, max_threads| it "identifies itself" do expect(subject.identify).to eq(runtime) diff --git a/spec/metrics_server/metrics_server_spec.rb b/spec/metrics_server/metrics_server_spec.rb index b5e1fb3dbad..1d53ba194b5 100644 --- a/spec/metrics_server/metrics_server_spec.rb +++ b/spec/metrics_server/metrics_server_spec.rb @@ -4,7 +4,7 @@ require 'spec_helper' require_relative '../../metrics_server/metrics_server' -RSpec.describe MetricsServer, feature_category: :application_performance do # rubocop:disable RSpec/FilePath +RSpec.describe MetricsServer, feature_category: :cloud_connector do let(:prometheus_config) { ::Prometheus::Client.configuration } let(:metrics_dir) { Dir.mktmpdir } diff --git a/spec/migrations/20231030071209_queue_backfill_packages_tags_project_id_spec.rb b/spec/migrations/20231030071209_queue_backfill_packages_tags_project_id_spec.rb new file mode 100644 index 00000000000..98ce121c03b --- /dev/null +++ b/spec/migrations/20231030071209_queue_backfill_packages_tags_project_id_spec.rb @@ -0,0 +1,26 @@ +# frozen_string_literal: true + +require 'spec_helper' +require_migration! + +RSpec.describe QueueBackfillPackagesTagsProjectId, feature_category: :package_registry do + let!(:batched_migration) { described_class::MIGRATION } + + it 'schedules a new batched migration' do + reversible_migration do |migration| + migration.before -> { + expect(batched_migration).not_to have_scheduled_batched_migration + } + + migration.after -> { + expect(batched_migration).to have_scheduled_batched_migration( + table_name: :packages_tags, + column_name: :id, + interval: described_class::DELAY_INTERVAL, + batch_size: described_class::BATCH_SIZE, + sub_batch_size: described_class::SUB_BATCH_SIZE + ) + } + end + end +end diff --git a/spec/models/ai/service_access_token_spec.rb b/spec/models/ai/service_access_token_spec.rb index 919492803cb..d491735e604 100644 --- a/spec/models/ai/service_access_token_spec.rb +++ b/spec/models/ai/service_access_token_spec.rb @@ -2,7 +2,7 @@ require 'spec_helper' -RSpec.describe Ai::ServiceAccessToken, type: :model, feature_category: :application_performance do +RSpec.describe Ai::ServiceAccessToken, type: :model, feature_category: :cloud_connector do describe '.expired', :freeze_time do let_it_be(:expired_token) { create(:service_access_token, :expired) } let_it_be(:active_token) { create(:service_access_token, :active) } diff --git a/spec/models/packages/tag_spec.rb b/spec/models/packages/tag_spec.rb index 8a6b88f966d..6842d1946e5 100644 --- a/spec/models/packages/tag_spec.rb +++ b/spec/models/packages/tag_spec.rb @@ -5,6 +5,23 @@ RSpec.describe Packages::Tag, type: :model, feature_category: :package_registry let!(:project) { create(:project) } let!(:package) { create(:npm_package, version: '1.0.2', project: project, updated_at: 3.days.ago) } + describe '#ensure_project_id' do + it 'sets the project_id before saving' do + tag = build(:packages_tag) + expect(tag.project_id).to be_nil + tag.save! + expect(tag.project_id).not_to be_nil + expect(tag.project_id).to eq(tag.package.project_id) + end + + it 'does not override the project_id if set' do + another_project = create(:project) + tag = build(:packages_tag, project_id: another_project.id) + tag.save! + expect(tag.project_id).to eq(another_project.id) + end + end + describe 'relationships' do it { is_expected.to belong_to(:package).inverse_of(:tags) } end diff --git a/spec/models/project_spec.rb b/spec/models/project_spec.rb index 5f1054a35bb..290f557cdd6 100644 --- a/spec/models/project_spec.rb +++ b/spec/models/project_spec.rb @@ -1182,6 +1182,7 @@ RSpec.describe Project, factory_default: :keep, feature_category: :groups_and_pr merge_trains_enabled auto_rollback_enabled merge_trains_skip_train_allowed + restrict_pipeline_cancellation_role ] end end diff --git a/spec/requests/api/project_attributes.yml b/spec/requests/api/project_attributes.yml index ec98df22af7..165ea7bf66e 100644 --- a/spec/requests/api/project_attributes.yml +++ b/spec/requests/api/project_attributes.yml @@ -98,6 +98,7 @@ ci_cd_settings: - merge_pipelines_enabled - auto_rollback_enabled - inbound_job_token_scope_enabled + - restrict_pipeline_cancellation_role remapped_attributes: default_git_depth: ci_default_git_depth forward_deployment_enabled: ci_forward_deployment_enabled diff --git a/spec/services/application_settings/update_service_spec.rb b/spec/services/application_settings/update_service_spec.rb index 0b5ba1db9d4..1619e1db6c6 100644 --- a/spec/services/application_settings/update_service_spec.rb +++ b/spec/services/application_settings/update_service_spec.rb @@ -144,7 +144,7 @@ RSpec.describe ApplicationSettings::UpdateService, feature_category: :shared do end end - describe 'performance bar settings', feature_category: :application_performance do + describe 'performance bar settings', feature_category: :cloud_connector do using RSpec::Parameterized::TableSyntax where( diff --git a/vendor/gems/cloud_profiler_agent/spec/cloud_profiler_agent/looper_spec.rb b/vendor/gems/cloud_profiler_agent/spec/cloud_profiler_agent/looper_spec.rb index 6150fd8b1ea..3019b6ce9f7 100644 --- a/vendor/gems/cloud_profiler_agent/spec/cloud_profiler_agent/looper_spec.rb +++ b/vendor/gems/cloud_profiler_agent/spec/cloud_profiler_agent/looper_spec.rb @@ -2,7 +2,7 @@ require 'cloud_profiler_agent' -RSpec.describe CloudProfilerAgent::Looper, feature_category: :application_performance do +RSpec.describe CloudProfilerAgent::Looper, feature_category: :cloud_connector do # rubocop:disable RSpec/InstanceVariable before do @now = 0.0 diff --git a/vendor/gems/cloud_profiler_agent/spec/cloud_profiler_agent/pprof_builder_spec.rb b/vendor/gems/cloud_profiler_agent/spec/cloud_profiler_agent/pprof_builder_spec.rb index 5c94a8e1e44..d5f9e2a42d9 100644 --- a/vendor/gems/cloud_profiler_agent/spec/cloud_profiler_agent/pprof_builder_spec.rb +++ b/vendor/gems/cloud_profiler_agent/spec/cloud_profiler_agent/pprof_builder_spec.rb @@ -2,7 +2,7 @@ require 'cloud_profiler_agent' -RSpec.describe CloudProfilerAgent::PprofBuilder, feature_category: :application_performance do +RSpec.describe CloudProfilerAgent::PprofBuilder, feature_category: :cloud_connector do subject { described_class.new(profile, start_time, end_time) } # load_profile loads one of the example profiles created by |