diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2023-11-02 00:13:36 +0300 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2023-11-02 00:13:36 +0300 |
| commit | e415571a6e766e961cd49a0ac92576c460a49e4d (patch) | |
| tree | ac24a689ea599cb1ef4ff2dcea38984e8b5502c8 | |
| parent | 68ce709bef9bc89bbb9869e24508777bbe0a1a1d (diff) | |
Add latest changes from gitlab-org/gitlab@master
38 files changed, 320 insertions, 108 deletions
diff --git a/.gitlab/ci/docs.gitlab-ci.yml b/.gitlab/ci/docs.gitlab-ci.yml index 25d974b1580..0c39fac84e9 100644 --- a/.gitlab/ci/docs.gitlab-ci.yml +++ b/.gitlab/ci/docs.gitlab-ci.yml @@ -58,7 +58,7 @@ docs-lint links: .docs-markdown-lint-image: # When updating the image version here, update it in /scripts/lint-doc.sh too. - image: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-docs/lint-markdown:alpine-3.18-vale-2.27.0-markdownlint-0.35.0-markdownlint2-0.8.1 + image: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-docs/lint-markdown:alpine-3.18-vale-2.29.6-markdownlint-0.37.0-markdownlint2-0.10.0 docs-lint markdown: extends: @@ -71,6 +71,7 @@ docs-lint markdown: script: - source ./scripts/utils.sh - yarn_install_script + - install_gitlab_gem - scripts/lint-doc.sh docs-lint blueprint: diff --git a/.gitlab/ci/package-and-test-nightly/main.gitlab-ci.yml b/.gitlab/ci/package-and-test-nightly/main.gitlab-ci.yml index bb0de4a79e2..019bfde9379 100644 --- a/.gitlab/ci/package-and-test-nightly/main.gitlab-ci.yml +++ b/.gitlab/ci/package-and-test-nightly/main.gitlab-ci.yml @@ -2,16 +2,6 @@ include: - local: .gitlab/ci/qa-common/main.gitlab-ci.yml - local: .gitlab/ci/qa-common/rules.gitlab-ci.yml - local: .gitlab/ci/qa-common/variables.gitlab-ci.yml - - component: "gitlab.com/gitlab-org/quality/pipeline-common/allure-report@7.3.0" - inputs: - job_name: "e2e-test-report" - job_stage: "report" - aws_access_key_id_variable_name: "QA_ALLURE_AWS_ACCESS_KEY_ID" - aws_secret_access_key_variable_name: "QA_ALLURE_AWS_SECRET_ACCESS_KEY" - gitlab_auth_token_variable_name: "PROJECT_TOKEN_FOR_CI_SCRIPTS_API_USAGE" - allure_results_glob: "gitlab-qa-run-*/**/allure-results" - allure_job_name: "${QA_RUN_TYPE}" - allure_ref_slug: "${CI_COMMIT_REF_SLUG}" workflow: rules: @@ -123,6 +113,8 @@ relative-url: # ========================================== e2e-test-report: extends: .rules:report:allure-report + variables: + ALLURE_RESULTS_GLOB: "gitlab-qa-run-*/**/allure-results" upload-knapsack-report: extends: diff --git a/.gitlab/ci/package-and-test/main.gitlab-ci.yml b/.gitlab/ci/package-and-test/main.gitlab-ci.yml index c616fe3de82..79f31a46d3e 100644 --- a/.gitlab/ci/package-and-test/main.gitlab-ci.yml +++ b/.gitlab/ci/package-and-test/main.gitlab-ci.yml @@ -4,16 +4,6 @@ include: - local: .gitlab/ci/qa-common/main.gitlab-ci.yml - local: .gitlab/ci/qa-common/rules.gitlab-ci.yml - local: .gitlab/ci/qa-common/variables.gitlab-ci.yml - - component: "gitlab.com/gitlab-org/quality/pipeline-common/allure-report@7.3.1" - inputs: - job_name: "e2e-test-report" - job_stage: "report" - aws_access_key_id_variable_name: "QA_ALLURE_AWS_ACCESS_KEY_ID" - aws_secret_access_key_variable_name: "QA_ALLURE_AWS_SECRET_ACCESS_KEY" - gitlab_auth_token_variable_name: "PROJECT_TOKEN_FOR_CI_SCRIPTS_API_USAGE" - allure_results_glob: "gitlab-qa-run-*/**/allure-results" - allure_job_name: "${QA_RUN_TYPE}" - allure_ref_slug: "${CI_COMMIT_REF_SLUG}" # ========================================== # Prepare stage @@ -643,6 +633,8 @@ update-ee-to-ce: # ========================================== e2e-test-report: extends: .rules:report:allure-report + variables: + ALLURE_RESULTS_GLOB: "gitlab-qa-run-*/**/allure-results" upload-knapsack-report: extends: diff --git a/.gitlab/ci/qa-common/main.gitlab-ci.yml b/.gitlab/ci/qa-common/main.gitlab-ci.yml index 4f491018b02..f368287b1e7 100644 --- a/.gitlab/ci/qa-common/main.gitlab-ci.yml +++ b/.gitlab/ci/qa-common/main.gitlab-ci.yml @@ -5,8 +5,16 @@ workflow: name: $PIPELINE_NAME include: + - component: "gitlab.com/gitlab-org/quality/pipeline-common/allure-report@7.10.0" + inputs: + job_name: "e2e-test-report" + job_stage: "report" + aws_access_key_id_variable_name: "QA_ALLURE_AWS_ACCESS_KEY_ID" + aws_secret_access_key_variable_name: "QA_ALLURE_AWS_SECRET_ACCESS_KEY" + gitlab_auth_token_variable_name: "PROJECT_TOKEN_FOR_CI_SCRIPTS_API_USAGE" + allure_job_name: "${QA_RUN_TYPE}" - project: gitlab-org/quality/pipeline-common - ref: 7.5.2 + ref: 7.10.0 file: - /ci/base.gitlab-ci.yml - /ci/knapsack-report.yml diff --git a/.gitlab/ci/review-apps/main.gitlab-ci.yml b/.gitlab/ci/review-apps/main.gitlab-ci.yml index 5cab1e2f493..e1408252056 100644 --- a/.gitlab/ci/review-apps/main.gitlab-ci.yml +++ b/.gitlab/ci/review-apps/main.gitlab-ci.yml @@ -6,7 +6,7 @@ stages: - deploy - post-deploy - qa - - post-qa + - report - dast include: diff --git a/.gitlab/ci/review-apps/qa.gitlab-ci.yml b/.gitlab/ci/review-apps/qa.gitlab-ci.yml index a9ab031e115..264763c882f 100644 --- a/.gitlab/ci/review-apps/qa.gitlab-ci.yml +++ b/.gitlab/ci/review-apps/qa.gitlab-ci.yml @@ -1,18 +1,6 @@ include: - local: .gitlab/ci/qa-common/main.gitlab-ci.yml - template: Verify/Browser-Performance.gitlab-ci.yml - - component: "gitlab.com/gitlab-org/quality/pipeline-common/allure-report@7.3.0" - inputs: - job_name: "e2e-test-report" - job_stage: "post-qa" - aws_access_key_id_variable_name: "QA_ALLURE_AWS_ACCESS_KEY_ID" - aws_secret_access_key_variable_name: "QA_ALLURE_AWS_SECRET_ACCESS_KEY" - gitlab_auth_token_variable_name: "PROJECT_TOKEN_FOR_CI_SCRIPTS_API_USAGE" - allure_results_glob: "qa/tmp/allure-results" - allure_ref_slug: "${CI_COMMIT_REF_SLUG}" - allure_project_path: "${CI_PROJECT_PATH}" - allure_merge_request_iid: "${CI_MERGE_REQUEST_IID}" - allure_job_name: "${QA_RUN_TYPE}" .test-variables: variables: @@ -121,12 +109,15 @@ browser_performance: e2e-test-report: extends: .rules:prepare-report + stage: report + variables: + ALLURE_RESULTS_GLOB: "qa/tmp/allure-results" upload-knapsack-report: extends: - .generate-knapsack-report-base - .bundle-base - stage: post-qa + stage: report variables: QA_KNAPSACK_REPORT_FILE_PATTERN: $CI_PROJECT_DIR/qa/tmp/knapsack/*/*.json @@ -134,7 +125,7 @@ delete-test-resources: extends: - .bundle-base - .rules:prepare-report - stage: post-qa + stage: report variables: GITLAB_QA_ACCESS_TOKEN: $REVIEW_APPS_ROOT_TOKEN script: @@ -146,7 +137,7 @@ notify-slack: extends: - .notify-slack - .rules:main-run - stage: post-qa + stage: report variables: QA_RSPEC_XML_FILE_PATTERN: ${CI_PROJECT_DIR}/qa/tmp/rspec-*.xml RUN_WITH_BUNDLE: "true" @@ -157,7 +148,7 @@ export-test-metrics: - .export-test-metrics - .bundle-base - .rules:main-run - stage: post-qa + stage: report variables: QA_METRICS_REPORT_FILE_PATTERN: tmp/test-metrics-*.json when: always diff --git a/.gitlab/ci/test-on-gdk/main.gitlab-ci.yml b/.gitlab/ci/test-on-gdk/main.gitlab-ci.yml index aa24eafda66..b8db2aa8957 100644 --- a/.gitlab/ci/test-on-gdk/main.gitlab-ci.yml +++ b/.gitlab/ci/test-on-gdk/main.gitlab-ci.yml @@ -3,24 +3,6 @@ include: - local: .gitlab/ci/qa-common/main.gitlab-ci.yml - local: .gitlab/ci/qa-common/rules.gitlab-ci.yml - local: .gitlab/ci/qa-common/variables.gitlab-ci.yml - - component: "gitlab.com/gitlab-org/quality/pipeline-common/allure-report@7.3.0" - inputs: - job_name: "e2e-test-report" - job_stage: "report" - aws_access_key_id_variable_name: "QA_ALLURE_AWS_ACCESS_KEY_ID" - aws_secret_access_key_variable_name: "QA_ALLURE_AWS_SECRET_ACCESS_KEY" - gitlab_auth_token_variable_name: "PROJECT_TOKEN_FOR_CI_SCRIPTS_API_USAGE" - allure_results_glob: "qa/tmp/allure-results" - allure_ref_slug: "${CI_COMMIT_REF_SLUG}" - allure_project_path: "${CI_PROJECT_PATH}" - allure_merge_request_iid: "${CI_MERGE_REQUEST_IID}" - allure_job_name: "${QA_RUN_TYPE}" - -variables: - COLORIZED_LOGS: "true" - GIT_DEPTH: "20" - GIT_STRATEGY: "clone" # 'GIT_STRATEGY: clone' optimizes the pack-objects cache hit ratio - GIT_SUBMODULE_STRATEGY: "none" .gdk-qa-base: image: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images/debian-${DEBIAN_VERSION}-ruby-${RUBY_VERSION}:bundler-2.3-git-2.36-lfs-2.9-chrome-${CHROME_VERSION}-docker-${DOCKER_VERSION}-gcloud-383-kubectl-1.23 @@ -202,6 +184,8 @@ gdk-qa-non-blocking: # ========================================== e2e-test-report: extends: .rules:report:allure-report + variables: + ALLURE_REPORT_RESULTS_GLOB: "qa/tmp/allure-results" upload-knapsack-report: extends: diff --git a/app/assets/javascripts/ci/ci_variable_list/components/ci_variable_drawer.vue b/app/assets/javascripts/ci/ci_variable_list/components/ci_variable_drawer.vue index c628981717e..ccfe773b01f 100644 --- a/app/assets/javascripts/ci/ci_variable_list/components/ci_variable_drawer.vue +++ b/app/assets/javascripts/ci/ci_variable_list/components/ci_variable_drawer.vue @@ -190,6 +190,11 @@ export default { deep: true, }, }, + beforeMount() { + // reset to default environments list every time we open the drawer + // and re-render the environments scope dropdown + this.$emit('search-environment-scope', ''); + }, mounted() { if (this.isProtectedByDefault && !this.isEditing) { this.variable = { ...this.variable, protected: true }; diff --git a/app/graphql/mutations/ci/job/cancel.rb b/app/graphql/mutations/ci/job/cancel.rb index dc9f4d19779..44a7772019d 100644 --- a/app/graphql/mutations/ci/job/cancel.rb +++ b/app/graphql/mutations/ci/job/cancel.rb @@ -11,7 +11,7 @@ module Mutations null: true, description: 'Job after the mutation.' - authorize :update_build + authorize :cancel_build def resolve(id:) job = authorized_find!(id: id) diff --git a/app/graphql/types/packages/protection/rule_type.rb b/app/graphql/types/packages/protection/rule_type.rb index 1e969d39ce2..e2ea2d89d2d 100644 --- a/app/graphql/types/packages/protection/rule_type.rb +++ b/app/graphql/types/packages/protection/rule_type.rb @@ -10,6 +10,11 @@ module Types authorize :admin_package + field :id, + ::Types::GlobalIDType[::Packages::Protection::Rule], + null: false, + description: 'ID of the package protection rule.' + field :package_name_pattern, GraphQL::Types::String, null: false, diff --git a/app/graphql/types/permission_types/ci/job.rb b/app/graphql/types/permission_types/ci/job.rb index c9a85317e67..35904fb1fc3 100644 --- a/app/graphql/types/permission_types/ci/job.rb +++ b/app/graphql/types/permission_types/ci/job.rb @@ -8,6 +8,7 @@ module Types abilities :read_job_artifacts, :read_build ability_field :update_build, calls_gitaly: true + ability_field :cancel_build, calls_gitaly: true end end end diff --git a/app/policies/ci/build_policy.rb b/app/policies/ci/build_policy.rb index bce7ceafe17..71ea42e1f23 100644 --- a/app/policies/ci/build_policy.rb +++ b/app/policies/ci/build_policy.rb @@ -81,6 +81,7 @@ module Ci end rule { ~can?(:jailbreak) & (archived | protected_ref) }.policy do + prevent :cancel_build prevent :update_build prevent :erase_build end @@ -88,6 +89,7 @@ module Ci rule { can?(:admin_build) | (can?(:update_build) & owner_of_job & unprotected_ref) }.enable :erase_build rule { can?(:public_access) & branch_allows_collaboration }.policy do + enable :cancel_build enable :update_build enable :update_commit_status end diff --git a/app/policies/ci/deployable_policy.rb b/app/policies/ci/deployable_policy.rb index f0105b001f2..e83bdd5361a 100644 --- a/app/policies/ci/deployable_policy.rb +++ b/app/policies/ci/deployable_policy.rb @@ -11,7 +11,10 @@ module Ci @subject.outdated_deployment? end - rule { outdated_deployment }.prevent :update_build + rule { outdated_deployment }.policy do + prevent :cancel_build + prevent :update_build + end end end end diff --git a/app/policies/project_policy.rb b/app/policies/project_policy.rb index 3a70f0f196e..bbb0e3df500 100644 --- a/app/policies/project_policy.rb +++ b/app/policies/project_policy.rb @@ -491,6 +491,7 @@ class ProjectPolicy < BasePolicy enable :update_commit_status enable :create_build enable :update_build + enable :cancel_build enable :read_resource_group enable :update_resource_group enable :create_merge_request_from @@ -663,6 +664,7 @@ class ProjectPolicy < BasePolicy rule { builds_disabled | repository_disabled }.policy do prevent(*create_read_update_admin_destroy(:build)) + prevent :cancel_build prevent(*create_read_update_admin_destroy(:pipeline_schedule)) prevent(*create_read_update_admin_destroy(:environment)) prevent(*create_read_update_admin_destroy(:deployment)) diff --git a/app/services/ci/build_cancel_service.rb b/app/services/ci/build_cancel_service.rb index a23418ed738..834d4febd10 100644 --- a/app/services/ci/build_cancel_service.rb +++ b/app/services/ci/build_cancel_service.rb @@ -21,7 +21,7 @@ module Ci attr_reader :build, :user def allowed? - user.can?(:update_build, build) + user.can?(:cancel_build, build) end def forbidden diff --git a/app/views/projects/ci/builds/_build.html.haml b/app/views/projects/ci/builds/_build.html.haml index a622895b4de..6ec9b4a233d 100644 --- a/app/views/projects/ci/builds/_build.html.haml +++ b/app/views/projects/ci/builds/_build.html.haml @@ -105,7 +105,7 @@ - if can?(current_user, :read_job_artifacts, job) && job.artifacts? = link_button_to nil, download_project_job_artifacts_path(job.project, job), rel: 'nofollow', download: '', title: _('Download artifacts'), icon: 'download' - if can?(current_user, :update_build, job) - - if job.active? + - if job.active? && can?(current_user, :cancel_build, job) = link_button_to nil, cancel_project_job_path(job.project, job, continue: { to: request.fullpath }), method: :post, title: _('Cancel'), icon: 'cancel' - elsif job.scheduled? = render Pajamas::ButtonComponent.new(disabled: true, icon: 'planning') do diff --git a/doc/api/graphql/reference/index.md b/doc/api/graphql/reference/index.md index b041635860f..fe5ec23dcaf 100644 --- a/doc/api/graphql/reference/index.md +++ b/doc/api/graphql/reference/index.md @@ -20000,6 +20000,7 @@ Represents the Geo replication and verification state of a job_artifact. | Name | Type | Description | | ---- | ---- | ----------- | +| <a id="jobpermissionscancelbuild"></a>`cancelBuild` | [`Boolean!`](#boolean) | If `true`, the user can perform `cancel_build` on this resource. | | <a id="jobpermissionsreadbuild"></a>`readBuild` | [`Boolean!`](#boolean) | If `true`, the user can perform `read_build` on this resource. | | <a id="jobpermissionsreadjobartifacts"></a>`readJobArtifacts` | [`Boolean!`](#boolean) | If `true`, the user can perform `read_job_artifacts` on this resource. | | <a id="jobpermissionsupdatebuild"></a>`updateBuild` | [`Boolean!`](#boolean) | If `true`, the user can perform `update_build` on this resource. | @@ -22356,6 +22357,7 @@ A packages protection rule designed to protect packages from being pushed by use | Name | Type | Description | | ---- | ---- | ----------- | +| <a id="packagesprotectionruleid"></a>`id` | [`PackagesProtectionRuleID!`](#packagesprotectionruleid) | ID of the package protection rule. | | <a id="packagesprotectionrulepackagenamepattern"></a>`packageNamePattern` | [`String!`](#string) | Package name protected by the protection rule. For example `@my-scope/my-package-*`. Wildcard character `*` allowed. | | <a id="packagesprotectionrulepackagetype"></a>`packageType` | [`PackagesProtectionRulePackageType!`](#packagesprotectionrulepackagetype) | Package type protected by the protection rule. For example `NPM`. | | <a id="packagesprotectionrulepushprotecteduptoaccesslevel"></a>`pushProtectedUpToAccessLevel` | [`PackagesProtectionRuleAccessLevel!`](#packagesprotectionruleaccesslevel) | Max GitLab access level unable to push a package. For example `DEVELOPER`, `MAINTAINER`, `OWNER`. | @@ -24472,7 +24474,13 @@ Represents the source of a security policy belonging to a project. | <a id="projectstatisticsbuildartifactssize"></a>`buildArtifactsSize` | [`Float!`](#float) | Build artifacts size of the project in bytes. | | <a id="projectstatisticscommitcount"></a>`commitCount` | [`Float!`](#float) | Commit count of the project. | | <a id="projectstatisticscontainerregistrysize"></a>`containerRegistrySize` | [`Float`](#float) | Container Registry size of the project in bytes. | +| <a id="projectstatisticscostfactoredbuildartifactssize"></a>`costFactoredBuildArtifactsSize` **{warning-solid}** | [`Float!`](#float) | **Introduced** in 16.6. This feature is an Experiment. It can be changed or removed at any time. Build artifacts size in bytes with any applicable cost factor for forks applied. This will equal build_artifacts_size if there is no applicable cost factor. | +| <a id="projectstatisticscostfactoredlfsobjectssize"></a>`costFactoredLfsObjectsSize` **{warning-solid}** | [`Float!`](#float) | **Introduced** in 16.6. This feature is an Experiment. It can be changed or removed at any time. LFS objects size in bytes with any applicable cost factor for forks applied. This will equal lfs_objects_size if there is no applicable cost factor. | +| <a id="projectstatisticscostfactoredpackagessize"></a>`costFactoredPackagesSize` **{warning-solid}** | [`Float!`](#float) | **Introduced** in 16.6. This feature is an Experiment. It can be changed or removed at any time. Packages size in bytes with any applicable cost factor for forks applied. This will equal packages_size if there is no applicable cost factor. | +| <a id="projectstatisticscostfactoredrepositorysize"></a>`costFactoredRepositorySize` **{warning-solid}** | [`Float!`](#float) | **Introduced** in 16.6. This feature is an Experiment. It can be changed or removed at any time. Repository size in bytes with any applicable cost factor for forks applied. This will equal repository_size if there is no applicable cost factor. | +| <a id="projectstatisticscostfactoredsnippetssize"></a>`costFactoredSnippetsSize` **{warning-solid}** | [`Float!`](#float) | **Introduced** in 16.6. This feature is an Experiment. It can be changed or removed at any time. Snippets size in bytes with any applicable cost factor for forks applied. This will equal snippets_size if there is no applicable cost factor. | | <a id="projectstatisticscostfactoredstoragesize"></a>`costFactoredStorageSize` **{warning-solid}** | [`Float!`](#float) | **Introduced** in 16.2. This feature is an Experiment. It can be changed or removed at any time. Storage size in bytes with any applicable cost factor for forks applied. This will equal storage_size if there is no applicable cost factor. | +| <a id="projectstatisticscostfactoredwikisize"></a>`costFactoredWikiSize` **{warning-solid}** | [`Float!`](#float) | **Introduced** in 16.6. This feature is an Experiment. It can be changed or removed at any time. Wiki size in bytes with any applicable cost factor for forks applied. This will equal wiki_size if there is no applicable cost factor. | | <a id="projectstatisticslfsobjectssize"></a>`lfsObjectsSize` | [`Float!`](#float) | Large File Storage (LFS) object size of the project in bytes. | | <a id="projectstatisticspackagessize"></a>`packagesSize` | [`Float!`](#float) | Packages size of the project in bytes. | | <a id="projectstatisticspipelineartifactssize"></a>`pipelineArtifactsSize` | [`Float`](#float) | CI Pipeline artifacts size in bytes. | diff --git a/doc/update/versions/gitlab_16_changes.md b/doc/update/versions/gitlab_16_changes.md index 39660a910a2..148cab3e023 100644 --- a/doc/update/versions/gitlab_16_changes.md +++ b/doc/update/versions/gitlab_16_changes.md @@ -34,6 +34,30 @@ For more information about upgrading GitLab Helm Chart, see [the release notes f - Git 2.42.0 and later is required by Gitaly. For self-compiled installations, you should use the [Git version provided by Gitaly](../../install/installation.md#git). +### Geo installations + +Specific information applies to installations using Geo: + +- A number of Prometheus metrics were incorrectly removed in 16.3.0, which can break dashboards and alerting: + + | Affected metric | Metric restored in 16.5.2 and later | Replacement available in 16.3+ | + | ---------------------------------------- | ------------------------------------ | ---------------------------------------------- | + | `geo_repositories_synced` | Yes | `geo_project_repositories_synced` | + | `geo_repositories_failed` | Yes | `geo_project_repositories_failed` | + | `geo_repositories_checksummed` | Yes | `geo_project_repositories_checksummed` | + | `geo_repositories_checksum_failed` | Yes | `geo_project_repositories_checksum_failed` | + | `geo_repositories_verified` | Yes | `geo_project_repositories_verified` | + | `geo_repositories_verification_failed` | Yes | `geo_project_repositories_verification_failed` | + | `geo_repositories_checksum_mismatch` | No | None available | + | `geo_repositories_retrying_verification` | No | None available | + + - Impacted versions: + - 16.3.0 to 16.5.1 + - Versions containing fix: + - 16.5.2 and later + + For more information, see [issue 429617](https://gitlab.com/gitlab-org/gitlab/-/issues/429617). + ## 16.4.0 - Updating a group path [received a bug fix](https://gitlab.com/gitlab-org/gitlab/-/issues/419289) that uses a database index introduced in 16.3. @@ -86,6 +110,30 @@ For more information about upgrading GitLab Helm Chart, see [the release notes f server-side custom hooks. 1. Remove the `[gitlab-shell] dir` configuration. +### Geo installations + +Specific information applies to installations using Geo: + +- A number of Prometheus metrics were incorrectly removed in 16.3.0, which can break dashboards and alerting: + + | Affected metric | Metric restored in 16.5.2 and later | Replacement available in 16.3+ | + | ---------------------------------------- | ------------------------------------ | ---------------------------------------------- | + | `geo_repositories_synced` | Yes | `geo_project_repositories_synced` | + | `geo_repositories_failed` | Yes | `geo_project_repositories_failed` | + | `geo_repositories_checksummed` | Yes | `geo_project_repositories_checksummed` | + | `geo_repositories_checksum_failed` | Yes | `geo_project_repositories_checksum_failed` | + | `geo_repositories_verified` | Yes | `geo_project_repositories_verified` | + | `geo_repositories_verification_failed` | Yes | `geo_project_repositories_verification_failed` | + | `geo_repositories_checksum_mismatch` | No | None available | + | `geo_repositories_retrying_verification` | No | None available | + + - Impacted versions: + - 16.3.0 to 16.5.1 + - Versions containing fix: + - 16.5.2 and later + + For more information, see [issue 429617](https://gitlab.com/gitlab-org/gitlab/-/issues/429617). + ## 16.3.0 - **Update to GitLab 16.3.5 or later**. This avoids [issue 425971](https://gitlab.com/gitlab-org/gitlab/-/issues/425971) that causes an excessive use of database disk space for GitLab 16.3.3 and 16.3.4. @@ -153,6 +201,26 @@ Specific information applies to installations using Geo: For more information, see [issue 425224](https://gitlab.com/gitlab-org/gitlab/-/issues/425224). +- A number of Prometheus metrics were incorrectly removed in 16.3.0, which can break dashboards and alerting: + + | Affected metric | Metric restored in 16.5.2 and later | Replacement available in 16.3+ | + | ---------------------------------------- | ------------------------------------ | ---------------------------------------------- | + | `geo_repositories_synced` | Yes | `geo_project_repositories_synced` | + | `geo_repositories_failed` | Yes | `geo_project_repositories_failed` | + | `geo_repositories_checksummed` | Yes | `geo_project_repositories_checksummed` | + | `geo_repositories_checksum_failed` | Yes | `geo_project_repositories_checksum_failed` | + | `geo_repositories_verified` | Yes | `geo_project_repositories_verified` | + | `geo_repositories_verification_failed` | Yes | `geo_project_repositories_verification_failed` | + | `geo_repositories_checksum_mismatch` | No | None available | + | `geo_repositories_retrying_verification` | No | None available | + + - Impacted versions: + - 16.3.0 to 16.5.1 + - Versions containing fix: + - 16.5.2 and later + + For more information, see [issue 429617](https://gitlab.com/gitlab-org/gitlab/-/issues/429617). + ## 16.2.0 - Legacy LDAP configuration settings may cause diff --git a/doc/user/compliance/license_list.md b/doc/user/compliance/license_list.md index f315f319b71..7ad19775509 100644 --- a/doc/user/compliance/license_list.md +++ b/doc/user/compliance/license_list.md @@ -16,7 +16,7 @@ For the licenses to appear under the license list, the following requirements must be met: 1. You must be generating an SBOM file with components from one of our [one of our supported languages](license_scanning_of_cyclonedx_files/index.md#supported-languages-and-package-managers). -1. If using our [`Dependency-Scanning.gitlab-ci.yml` template](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Jobs/License-Scanning.gitlab-ci.yml) to generate the SBOM file, then your project must use at least one of the [supported languages and package managers](license_scanning_of_cyclonedx_files/index.md#supported-languages-and-package-managers). +1. If using our [`Dependency-Scanning.gitlab-ci.yml` template](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Jobs/Dependency-Scanning.gitlab-ci.yml) to generate the SBOM file, then your project must use at least one of the [supported languages and package managers](license_scanning_of_cyclonedx_files/index.md#supported-languages-and-package-managers). Alternatively, licenses will also appear under the license list when using our deprecated [`License-Scanning.gitlab-ci.yml` template](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Jobs/License-Scanning.gitlab-ci.yml) as long as the following requirements are met: diff --git a/doc/user/project/merge_requests/dependencies.md b/doc/user/project/merge_requests/dependencies.md index 89305e65dfb..8fb5230c497 100644 --- a/doc/user/project/merge_requests/dependencies.md +++ b/doc/user/project/merge_requests/dependencies.md @@ -145,6 +145,12 @@ information, read [issue #12549](https://gitlab.com/gitlab-org/gitlab/-/issues/1 ### Complex merge order dependencies are unsupported +- Support [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/11393) in GitLab 16.6 [with a flag](../../../administration/feature_flags.md) named `remove_mr_blocking_constraints`. Disabled by default. + +FLAG: +On self-managed GitLab, by default this feature is not available. To make it available, an administrator can [enable the feature flag](../../../administration/feature_flags.md) named `remove_mr_blocking_constraints`. +On GitLab.com, this feature is available. + If you attempt to create an indirect, nested dependency, GitLab shows the error message: - Dependencies failed to save: Dependency chains are not supported diff --git a/lib/api/ci/jobs.rb b/lib/api/ci/jobs.rb index 47e4135db27..250fe249489 100644 --- a/lib/api/ci/jobs.rb +++ b/lib/api/ci/jobs.rb @@ -122,10 +122,10 @@ module API requires :job_id, type: Integer, desc: 'The ID of a job', documentation: { example: 88 } end post ':id/jobs/:job_id/cancel', urgency: :low, feature_category: :continuous_integration do - authorize_update_builds! + authorize_cancel_builds! build = find_build!(params[:job_id]) - authorize!(:update_build, build) + authorize!(:cancel_build, build) build.cancel diff --git a/lib/api/helpers.rb b/lib/api/helpers.rb index a7e0a551283..f17474394e2 100644 --- a/lib/api/helpers.rb +++ b/lib/api/helpers.rb @@ -397,6 +397,10 @@ module API authorize! :update_build, user_project end + def authorize_cancel_builds! + authorize! :cancel_build, user_project + end + def require_repository_enabled!(subject = :global) not_found!("Repository") unless user_project.feature_available?(:repository, current_user) end diff --git a/lib/gitlab/ci/status/build/cancelable.rb b/lib/gitlab/ci/status/build/cancelable.rb index 43fb5cdbbe6..b8c8cfa802c 100644 --- a/lib/gitlab/ci/status/build/cancelable.rb +++ b/lib/gitlab/ci/status/build/cancelable.rb @@ -6,7 +6,7 @@ module Gitlab module Build class Cancelable < Status::Extended def has_action? - can?(user, :update_build, subject) + can?(user, :cancel_build, subject) end def action_icon diff --git a/scripts/lint-doc.sh b/scripts/lint-doc.sh index b16d9042f75..57664240c11 100755 --- a/scripts/lint-doc.sh +++ b/scripts/lint-doc.sh @@ -137,33 +137,39 @@ then MD_DOC_PATH="$@" # shellcheck disable=2059 printf "${COLOR_GREEN}INFO: List of files specified on command line. Running Markdownlint and Vale for only those files...${COLOR_RESET}\n" -elif [ -z "${CI_MERGE_REQUEST_TARGET_BRANCH_SHA}" ] +elif [ -n "${CI_MERGE_REQUEST_IID}" ] then - MD_DOC_PATH=${MD_DOC_PATH:-doc} - # shellcheck disable=2059 - printf "${COLOR_GREEN}INFO: Merge request pipeline (detached) detected. Running Markdownlint and Vale on all files...${COLOR_RESET}\n" -else - MERGE_BASE=$(git merge-base "${CI_MERGE_REQUEST_TARGET_BRANCH_SHA}" "${CI_MERGE_REQUEST_SOURCE_BRANCH_SHA}") - if git diff --diff-filter=d --name-only "${MERGE_BASE}..${CI_MERGE_REQUEST_SOURCE_BRANCH_SHA}" | grep -E "\.vale|\.markdownlint|lint-doc\.sh|docs\.gitlab-ci\.yml" + DOC_CHANGES_FILE=$(mktemp) + ruby -r './tooling/lib/tooling/find_changes' -e "Tooling::FindChanges.new( + from: :api, + changed_files_pathname: '${DOC_CHANGES_FILE}', + file_filter: ->(file) { !file['deleted_file'] && file['new_path'] =~ %r{doc/.*|lint-doc\.sh|docs\.gitlab-ci\.yml} } + ).execute" + if grep -E "\.vale|\.markdownlint|lint-doc\.sh|docs\.gitlab-ci\.yml" < $DOC_CHANGES_FILE then MD_DOC_PATH=${MD_DOC_PATH:-doc} # shellcheck disable=2059 printf "${COLOR_GREEN}INFO: Vale, Markdownlint, lint-doc.sh, or pipeline configuration changed. Testing all files.${COLOR_RESET}\n" else - MD_DOC_PATH=$(git diff --diff-filter=d --name-only "${MERGE_BASE}..${CI_MERGE_REQUEST_SOURCE_BRANCH_SHA}" -- 'doc/*.md') + MD_DOC_PATH=$(cat $DOC_CHANGES_FILE) if [ -n "${MD_DOC_PATH}" ] then # shellcheck disable=2059 - printf "${COLOR_GREEN}INFO: Merged results pipeline detected. Testing only the following files:${COLOR_RESET}\n${MD_DOC_PATH}\n" + printf "${COLOR_GREEN}INFO: Merge request pipeline detected. Testing only the following files:${COLOR_RESET}\n${MD_DOC_PATH}\n" fi fi + rm $DOC_CHANGES_FILE +else + MD_DOC_PATH=${MD_DOC_PATH:-doc} + # shellcheck disable=2059 + printf "${COLOR_GREEN}INFO: No merge request pipeline detected. Running Markdownlint and Vale on all files...${COLOR_RESET}\n" fi function run_locally_or_in_container() { local cmd=$1 local args=$2 local files=$3 - local registry_url="registry.gitlab.com/gitlab-org/gitlab-docs/lint-markdown:alpine-3.16-vale-2.22.0-markdownlint-0.32.2-markdownlint2-0.6.0" + local registry_url="registry.gitlab.com/gitlab-org/gitlab-docs/lint-markdown:alpine-3.18-vale-2.29.6-markdownlint-0.37.0-markdownlint2-0.10.0" if hash "${cmd}" 2>/dev/null then @@ -201,7 +207,7 @@ printf "${COLOR_GREEN}INFO: Linting markdown style...${COLOR_RESET}\n" if [ -z "${MD_DOC_PATH}" ] then # shellcheck disable=2059 - printf "${COLOR_GREEN}INFO: Merged results pipeline detected, but no markdown files found. Skipping.${COLOR_RESET}\n" + printf "${COLOR_GREEN}INFO: Merge request pipeline detected, but no markdown files found. Skipping.${COLOR_RESET}\n" else if ! yarn markdownlint --rules doc/.markdownlint/rules ${MD_DOC_PATH}; then diff --git a/spec/features/group_variables_spec.rb b/spec/features/group_variables_spec.rb index 6011b24b632..841cc1726a0 100644 --- a/spec/features/group_variables_spec.rb +++ b/spec/features/group_variables_spec.rb @@ -18,6 +18,7 @@ RSpec.describe 'Group variables', :js, feature_category: :secrets_management do context 'when ci_variables_pages FF is enabled' do it_behaves_like 'variable list drawer' + it_behaves_like 'variable list env scope' it_behaves_like 'variable list pagination', :ci_group_variable end @@ -27,5 +28,6 @@ RSpec.describe 'Group variables', :js, feature_category: :secrets_management do end it_behaves_like 'variable list drawer' + it_behaves_like 'variable list env scope' end end diff --git a/spec/features/project_variables_spec.rb b/spec/features/project_variables_spec.rb index ffed9eacd89..9a1aa41b982 100644 --- a/spec/features/project_variables_spec.rb +++ b/spec/features/project_variables_spec.rb @@ -19,6 +19,7 @@ RSpec.describe 'Project variables', :js, feature_category: :secrets_management d context 'when ci_variables_pages FF is enabled' do it_behaves_like 'variable list drawer' + it_behaves_like 'variable list env scope' it_behaves_like 'variable list pagination', :ci_variable end @@ -28,28 +29,6 @@ RSpec.describe 'Project variables', :js, feature_category: :secrets_management d end it_behaves_like 'variable list drawer' - end - - it 'adds a new variable with an environment scope' do - page.within('[data-testid="ci-variable-table"]') do - click_button('Add variable') - end - - page.within('[data-testid="ci-variable-drawer"]') do - fill_in 'Key', with: 'akey' - fill_in 'Value', with: 'akey_value' - - click_button('All (default)') - fill_in 'Search', with: 'review/*' - find('[data-testid="create-wildcard-button"]').click - - click_button('Add variable') - end - - wait_for_requests - - page.within('[data-testid="ci-variable-table"]') do - expect(find('.js-ci-variable-row:first-child [data-label="Environments"]').text).to eq('review/*') - end + it_behaves_like 'variable list env scope' end end diff --git a/spec/frontend/ci/ci_variable_list/components/ci_variable_drawer_spec.js b/spec/frontend/ci/ci_variable_list/components/ci_variable_drawer_spec.js index 802433c7036..610aae3946f 100644 --- a/spec/frontend/ci/ci_variable_list/components/ci_variable_drawer_spec.js +++ b/spec/frontend/ci/ci_variable_list/components/ci_variable_drawer_spec.js @@ -350,6 +350,13 @@ describe('CI Variable Drawer', () => { }); describe('drawer events', () => { + it('emits `search-environment-scope` before mounting', () => { + createComponent(); + + expect(wrapper.emitted('search-environment-scope')).toHaveLength(1); + expect(wrapper.emitted('search-environment-scope')).toEqual([['']]); + }); + it('emits `close-form` when closing the drawer', async () => { createComponent(); @@ -477,7 +484,7 @@ describe('CI Variable Drawer', () => { it('bubbles up the search event', async () => { await findEnvironmentScopeDropdown().vm.$emit('search-environment-scope', 'staging'); - expect(wrapper.emitted('search-environment-scope')).toEqual([['staging']]); + expect(wrapper.emitted('search-environment-scope')[1]).toEqual(['staging']); }); }); }); diff --git a/spec/graphql/types/packages/protection/rule_type_spec.rb b/spec/graphql/types/packages/protection/rule_type_spec.rb index a4a458d3568..bc5a052796d 100644 --- a/spec/graphql/types/packages/protection/rule_type_spec.rb +++ b/spec/graphql/types/packages/protection/rule_type_spec.rb @@ -9,6 +9,12 @@ RSpec.describe GitlabSchema.types['PackagesProtectionRule'], feature_category: : specify { expect(described_class).to require_graphql_authorizations(:admin_package) } + describe 'id' do + subject { described_class.fields['id'] } + + it { is_expected.to have_non_null_graphql_type(::Types::GlobalIDType[::Packages::Protection::Rule]) } + end + describe 'package_name_pattern' do subject { described_class.fields['packageNamePattern'] } diff --git a/spec/graphql/types/permission_types/ci/job_spec.rb b/spec/graphql/types/permission_types/ci/job_spec.rb index e4bc5419070..238f086c7ee 100644 --- a/spec/graphql/types/permission_types/ci/job_spec.rb +++ b/spec/graphql/types/permission_types/ci/job_spec.rb @@ -5,7 +5,7 @@ require 'spec_helper' RSpec.describe Types::PermissionTypes::Ci::Job do it 'has expected permission fields' do expected_permissions = [ - :read_job_artifacts, :read_build, :update_build + :read_job_artifacts, :read_build, :update_build, :cancel_build ] expect(described_class).to have_graphql_fields(expected_permissions).only diff --git a/spec/policies/ci/build_policy_spec.rb b/spec/policies/ci/build_policy_spec.rb index 6ab89daff82..ab92936440c 100644 --- a/spec/policies/ci/build_policy_spec.rb +++ b/spec/policies/ci/build_policy_spec.rb @@ -110,6 +110,7 @@ RSpec.describe Ci::BuildPolicy, feature_category: :continuous_integration do end it 'enables update_build if user is maintainer' do + expect(policy).to be_allowed :cancel_build expect(policy).to be_allowed :update_build expect(policy).to be_allowed :update_commit_status end @@ -130,6 +131,7 @@ RSpec.describe Ci::BuildPolicy, feature_category: :continuous_integration do end it 'does not include ability to update build' do + expect(policy).to be_disallowed :cancel_build expect(policy).to be_disallowed :update_build end @@ -139,6 +141,7 @@ RSpec.describe Ci::BuildPolicy, feature_category: :continuous_integration do end it 'does not include ability to update build' do + expect(policy).to be_disallowed :cancel_build expect(policy).to be_disallowed :update_build end end @@ -150,6 +153,7 @@ RSpec.describe Ci::BuildPolicy, feature_category: :continuous_integration do end it 'includes ability to update build' do + expect(policy).to be_allowed :cancel_build expect(policy).to be_allowed :update_build end end @@ -162,6 +166,7 @@ RSpec.describe Ci::BuildPolicy, feature_category: :continuous_integration do end it 'does not include ability to update build' do + expect(policy).to be_disallowed :cancel_build expect(policy).to be_disallowed :update_build end end @@ -172,6 +177,7 @@ RSpec.describe Ci::BuildPolicy, feature_category: :continuous_integration do end it 'includes ability to update build' do + expect(policy).to be_allowed :cancel_build expect(policy).to be_allowed :update_build end end diff --git a/spec/policies/project_policy_spec.rb b/spec/policies/project_policy_spec.rb index 9d4ee2890bd..7cd8879e114 100644 --- a/spec/policies/project_policy_spec.rb +++ b/spec/policies/project_policy_spec.rb @@ -287,7 +287,7 @@ RSpec.describe ProjectPolicy, feature_category: :system_access do it 'disallows all permissions except pipeline when the feature is disabled' do builds_permissions = [ - :create_build, :read_build, :update_build, :admin_build, :destroy_build, + :create_build, :read_build, :update_build, :cancel_build, :admin_build, :destroy_build, :create_pipeline_schedule, :read_pipeline_schedule_variables, :update_pipeline_schedule, :admin_pipeline_schedule, :destroy_pipeline_schedule, :create_environment, :read_environment, :update_environment, :admin_environment, :destroy_environment, :create_deployment, :read_deployment, :update_deployment, :admin_deployment, :destroy_deployment @@ -319,7 +319,7 @@ RSpec.describe ProjectPolicy, feature_category: :system_access do let(:repository_permissions) do [ :create_pipeline, :update_pipeline, :cancel_pipeline, :admin_pipeline, :destroy_pipeline, - :create_build, :read_build, :update_build, :admin_build, :destroy_build, + :create_build, :read_build, :cancel_build, :update_build, :admin_build, :destroy_build, :create_pipeline_schedule, :read_pipeline_schedule, :update_pipeline_schedule, :admin_pipeline_schedule, :destroy_pipeline_schedule, :create_environment, :read_environment, :update_environment, :admin_environment, :destroy_environment, :create_cluster, :read_cluster, :update_cluster, :admin_cluster, diff --git a/spec/requests/api/graphql/mutations/packages/protection/rule/create_spec.rb b/spec/requests/api/graphql/mutations/packages/protection/rule/create_spec.rb index aff398d66e2..ae5b6a5af95 100644 --- a/spec/requests/api/graphql/mutations/packages/protection/rule/create_spec.rb +++ b/spec/requests/api/graphql/mutations/packages/protection/rule/create_spec.rb @@ -23,6 +23,7 @@ RSpec.describe 'Creating the packages protection rule', :aggregate_failures, fea graphql_mutation(:create_packages_protection_rule, kwargs, <<~QUERY packageProtectionRule { + id packageNamePattern packageType pushProtectedUpToAccessLevel @@ -52,6 +53,7 @@ RSpec.describe 'Creating the packages protection rule', :aggregate_failures, fea subject expect(mutation_response_package_protection_rule).to include( + 'id' => be_present, 'packageNamePattern' => kwargs[:package_name_pattern], 'packageType' => kwargs[:package_type], 'pushProtectedUpToAccessLevel' => kwargs[:push_protected_up_to_access_level] diff --git a/spec/requests/api/graphql/mutations/packages/protection/rule/delete_spec.rb b/spec/requests/api/graphql/mutations/packages/protection/rule/delete_spec.rb index d5b602d4664..1d94d520674 100644 --- a/spec/requests/api/graphql/mutations/packages/protection/rule/delete_spec.rb +++ b/spec/requests/api/graphql/mutations/packages/protection/rule/delete_spec.rb @@ -26,11 +26,13 @@ RSpec.describe 'Deleting a package protection rule', :aggregate_failures, featur subject expect(mutation_response).to include( + 'errors' => be_blank, 'packageProtectionRule' => { + 'id' => package_protection_rule.to_global_id.to_s, 'packageNamePattern' => package_protection_rule.package_name_pattern, 'packageType' => package_protection_rule.package_type.upcase, 'pushProtectedUpToAccessLevel' => package_protection_rule.push_protected_up_to_access_level.upcase - }, 'errors' => be_blank + } ) end diff --git a/spec/support/shared_examples/ci/deployable_policy_shared_examples.rb b/spec/support/shared_examples/ci/deployable_policy_shared_examples.rb index 73bdc094237..1f164a66026 100644 --- a/spec/support/shared_examples/ci/deployable_policy_shared_examples.rb +++ b/spec/support/shared_examples/ci/deployable_policy_shared_examples.rb @@ -20,6 +20,7 @@ RSpec.shared_examples 'a deployable job policy' do |factory_type| end it { expect(policy).not_to be_allowed :update_build } + it { expect(policy).not_to be_allowed :cancel_build } end end end diff --git a/spec/support/shared_examples/ci/deployable_policy_shared_examples_ee.rb b/spec/support/shared_examples/ci/deployable_policy_shared_examples_ee.rb index b1057b3f67a..10f334a6e23 100644 --- a/spec/support/shared_examples/ci/deployable_policy_shared_examples_ee.rb +++ b/spec/support/shared_examples/ci/deployable_policy_shared_examples_ee.rb @@ -20,6 +20,12 @@ RSpec.shared_examples 'a deployable job policy in EE' do |factory_type| it_behaves_like 'protected environments access', direct_access: true end + describe '#cancel_build?' do + subject { user.can?(:cancel_build, job) } + + it_behaves_like 'protected environments access', direct_access: true + end + describe '#update_commit_status?' do subject { user.can?(:update_commit_status, job) } diff --git a/spec/support/shared_examples/features/variable_list_env_scope_shared_examples.rb b/spec/support/shared_examples/features/variable_list_env_scope_shared_examples.rb new file mode 100644 index 00000000000..c40d70b85d3 --- /dev/null +++ b/spec/support/shared_examples/features/variable_list_env_scope_shared_examples.rb @@ -0,0 +1,87 @@ +# frozen_string_literal: true + +RSpec.shared_examples 'variable list env scope' do + include ListboxHelpers + + let(:user) { create(:user) } + let(:project) { build(:project) } + let(:page_path) { project_settings_ci_cd_path(project) } + + before do + sign_in(user) + project.add_maintainer(user) + + visit page_path + wait_for_requests + end + + it 'adds a new variable with an environment scope' do + open_drawer + + page.within('[data-testid="ci-variable-drawer"]') do + fill_in 'Key', with: 'akey' + fill_in 'Value', with: 'akey_value' + + click_button('All (default)') + fill_in 'Search', with: 'review/*' + find('[data-testid="create-wildcard-button"]').click + + click_button('Add variable') + end + + wait_for_requests + + page.within('[data-testid="ci-variable-table"]') do + expect(find('.js-ci-variable-row:first-child [data-label="Environments"]').text).to eq('review/*') + end + end + + it 'resets environment scope list after closing the form' do + project.environments.create!(name: 'dev') + project.environments.create!(name: 'env_1') + project.environments.create!(name: 'env_2') + + open_drawer + + page.within('[data-testid="ci-variable-drawer"]') do + click_button('All (default)') + + # default list of env scopes + expect_env_scope_items(['*', 'dev', 'env_1', 'env_2']) + + fill_in 'Search', with: 'env' + sleep 0.5 # wait for debounce + wait_for_requests + + # search filters the list of env scopes + expect_env_scope_items(%w[env_1 env_2]) + + find('.gl-drawer-close-button').click + end + + # Re-open drawer + open_drawer + + page.within('[data-testid="ci-variable-drawer"]') do + click_button('All (default)') + + # dropdown should reset back to default list of env scopes + expect_env_scope_items(['*', 'dev', 'env_1', 'env_2']) + end + end + + private + + def open_drawer + page.within('[data-testid="ci-variable-table"]') do + click_button('Add variable') + wait_for_requests + end + end + + def expect_env_scope_items(items) + page.within('[data-testid="environment-scope"]') do + expect_listbox_items(items) + end + end +end diff --git a/spec/tooling/lib/tooling/find_changes_spec.rb b/spec/tooling/lib/tooling/find_changes_spec.rb index fef29ad3f2c..85e3eadac6f 100644 --- a/spec/tooling/lib/tooling/find_changes_spec.rb +++ b/spec/tooling/lib/tooling/find_changes_spec.rb @@ -15,7 +15,8 @@ RSpec.describe Tooling::FindChanges, feature_category: :tooling do changed_files_pathname: changed_files_pathname, predictive_tests_pathname: predictive_tests_pathname, frontend_fixtures_mapping_pathname: frontend_fixtures_mapping_pathname, - from: from) + from: from, + file_filter: file_filter) end let(:changed_files_pathname) { changed_files_file.path } @@ -23,6 +24,7 @@ RSpec.describe Tooling::FindChanges, feature_category: :tooling do let(:frontend_fixtures_mapping_pathname) { frontend_fixtures_mapping_file.path } let(:from) { :api } let(:gitlab_client) { double('GitLab') } # rubocop:disable RSpec/VerifiedDoubles + let(:file_filter) { ->(_) { true } } around do |example| self.changed_files_file = Tempfile.new('changed_files_file') @@ -89,6 +91,37 @@ RSpec.describe Tooling::FindChanges, feature_category: :tooling do subject end + + context 'when used with file_filter' do + let(:file_filter) { ->(file) { file['new_path'] =~ %r{doc/.*} } } + + let(:mr_changes_array) do + [ + { + "new_path" => "scripts/test.js", + "old_path" => "scripts/test.js" + }, + { + "new_path" => "doc/index.md", + "old_path" => "doc/index.md" + } + ] + end + + before do + # rubocop:disable RSpec/VerifiedDoubles -- The class from the GitLab gem isn't public, so we cannot use verified doubles for it. + allow(gitlab_client).to receive(:merge_request_changes) + .with('dummy-project', '1234') + .and_return(double(changes: mr_changes_array)) + # rubocop:enable RSpec/VerifiedDoubles + end + + it 'only writes matching files to output' do + subject + + expect(File.read(changed_files_file)).to eq('doc/index.md') + end + end end context 'when fetching changes from changed files' do diff --git a/tooling/lib/tooling/find_changes.rb b/tooling/lib/tooling/find_changes.rb index c498c83d24b..f6fdf042c15 100755 --- a/tooling/lib/tooling/find_changes.rb +++ b/tooling/lib/tooling/find_changes.rb @@ -14,7 +14,8 @@ module Tooling from:, changed_files_pathname: nil, predictive_tests_pathname: nil, - frontend_fixtures_mapping_pathname: nil + frontend_fixtures_mapping_pathname: nil, + file_filter: ->(_) { true } ) raise ArgumentError, ':from can only be :api or :changed_files' unless @@ -28,6 +29,7 @@ module Tooling @predictive_tests_pathname = predictive_tests_pathname @frontend_fixtures_mapping_pathname = frontend_fixtures_mapping_pathname @from = from + @file_filter = file_filter end def execute @@ -50,7 +52,8 @@ module Tooling private attr_reader :gitlab_token, :gitlab_endpoint, :mr_project_path, - :mr_iid, :changed_files_pathname, :predictive_tests_pathname, :frontend_fixtures_mapping_pathname + :mr_iid, :changed_files_pathname, :predictive_tests_pathname, + :frontend_fixtures_mapping_pathname, :file_filter def gitlab @gitlab ||= begin @@ -82,7 +85,7 @@ module Tooling @file_changes ||= case @from when :api - mr_changes.changes.flat_map do |change| + mr_changes.changes.select(&file_filter).flat_map do |change| change.to_h.values_at('old_path', 'new_path') end.uniq else |