diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2023-10-25 03:10:30 +0300 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2023-10-25 03:10:30 +0300 |
| commit | e4d18499293fbc9510a87611acb7d9787a581b78 (patch) | |
| tree | d9e5a7a87dd96dbe5473a3636f4e67b042d6b422 | |
| parent | 774f6e6e9824de147c12dcec745b16a049f86146 (diff) | |
Add latest changes from gitlab-org/gitlab@master
30 files changed, 239 insertions, 130 deletions
diff --git a/app/services/groups/ssh_certificates/create_service.rb b/app/services/groups/ssh_certificates/create_service.rb index 6890901c306..e4570078395 100644 --- a/app/services/groups/ssh_certificates/create_service.rb +++ b/app/services/groups/ssh_certificates/create_service.rb @@ -3,9 +3,10 @@ module Groups module SshCertificates class CreateService - def initialize(group, params) + def initialize(group, params, current_user) @group = group @params = params + @current_user = current_user end def execute @@ -41,7 +42,7 @@ module Groups private - attr_reader :group, :params + attr_reader :group, :params, :current_user def generate_fingerprint(key) Gitlab::SSHPublicKey.new(key).fingerprint_sha256&.delete_prefix('SHA256:') @@ -49,3 +50,5 @@ module Groups end end end + +Groups::SshCertificates::CreateService.prepend_mod_with('Groups::SshCertificates::CreateService') diff --git a/app/services/groups/ssh_certificates/destroy_service.rb b/app/services/groups/ssh_certificates/destroy_service.rb index 7a450d5bee6..5f7bba12878 100644 --- a/app/services/groups/ssh_certificates/destroy_service.rb +++ b/app/services/groups/ssh_certificates/destroy_service.rb @@ -3,16 +3,17 @@ module Groups module SshCertificates class DestroyService - def initialize(group, params) + def initialize(group, params, current_user) @group = group @params = params + @current_user = current_user end def execute ssh_certificate = group.ssh_certificates.find(params[:ssh_certificates_id]) ssh_certificate.destroy! - ServiceResponse.success + ServiceResponse.success(payload: { ssh_certificate: ssh_certificate }) rescue ActiveRecord::RecordNotFound ServiceResponse.error( @@ -29,7 +30,9 @@ module Groups private - attr_reader :group, :params + attr_reader :group, :params, :current_user end end end + +Groups::SshCertificates::DestroyService.prepend_mod_with('Groups::SshCertificates::DestroyService') diff --git a/data/deprecations/17-0-github-rake-task.yml b/data/deprecations/17-0-github-rake-task.yml new file mode 100644 index 00000000000..d1e11973993 --- /dev/null +++ b/data/deprecations/17-0-github-rake-task.yml @@ -0,0 +1,14 @@ +- title: "The GitHub importer Rake task" + removal_milestone: "17.0" + announcement_milestone: "16.6" + breaking_change: true + reporter: wortschi + stage: manage + issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/428225 + body: | # (required) Do not modify this line, instead modify the lines below. + In GitLab 16.6 the [GitHub importer Rake task](https://docs.gitlab.com/ee/administration/raketasks/github_import.html) is deprecated. The Rake task lacks several features that are supported by the API and is not actively maintained. + + In GitLab 17.0, the Rake task will be removed. + + Instead, GitHub repositories can be imported by using the [API](https://docs.gitlab.com/ee/api/import.html#import-repository-from-github) or the [UI](https://docs.gitlab.com/ee/user/project/import/github.html). + documentation_url: https://docs.gitlab.com/ee/administration/raketasks/github_import.html diff --git a/db/migrate/20231017181403_add_generated_to_diff_files.rb b/db/migrate/20231017181403_add_generated_to_diff_files.rb new file mode 100644 index 00000000000..f93669381ef --- /dev/null +++ b/db/migrate/20231017181403_add_generated_to_diff_files.rb @@ -0,0 +1,9 @@ +# frozen_string_literal: true + +class AddGeneratedToDiffFiles < Gitlab::Database::Migration[2.1] + enable_lock_retries! + + def change + add_column :merge_request_diff_files, :generated, :boolean + end +end diff --git a/db/post_migrate/20231020082425_remove_force_full_reconciliation_from_workspaces.rb b/db/post_migrate/20231020082425_remove_force_full_reconciliation_from_workspaces.rb new file mode 100644 index 00000000000..85283183323 --- /dev/null +++ b/db/post_migrate/20231020082425_remove_force_full_reconciliation_from_workspaces.rb @@ -0,0 +1,9 @@ +# frozen_string_literal: true + +class RemoveForceFullReconciliationFromWorkspaces < Gitlab::Database::Migration[2.1] + enable_lock_retries! + + def change + remove_column :workspaces, :force_full_reconciliation, :boolean, default: false, null: false + end +end diff --git a/db/schema_migrations/20231017181403 b/db/schema_migrations/20231017181403 new file mode 100644 index 00000000000..e8e1d282897 --- /dev/null +++ b/db/schema_migrations/20231017181403 @@ -0,0 +1 @@ +6d34316fdbe5a2c7e825e7abd9a817313c36ff7d6ef29f1bbee40f805e279ee3
\ No newline at end of file diff --git a/db/schema_migrations/20231020082425 b/db/schema_migrations/20231020082425 new file mode 100644 index 00000000000..7e72d043d05 --- /dev/null +++ b/db/schema_migrations/20231020082425 @@ -0,0 +1 @@ +9d808ab1739e61d1c80f8b0563191ce31e7766fdb24c993791be4850f7164041
\ No newline at end of file diff --git a/db/structure.sql b/db/structure.sql index 77ebaf4641a..d5c455c5423 100644 --- a/db/structure.sql +++ b/db/structure.sql @@ -18411,7 +18411,8 @@ CREATE TABLE merge_request_diff_files ( diff text, "binary" boolean, external_diff_offset integer, - external_diff_size integer + external_diff_size integer, + generated boolean ); CREATE TABLE merge_request_diff_llm_summaries ( @@ -25319,7 +25320,6 @@ CREATE TABLE workspaces ( deployment_resource_version text, personal_access_token_id bigint, config_version integer DEFAULT 1 NOT NULL, - force_full_reconciliation boolean DEFAULT false NOT NULL, force_include_all_resources boolean DEFAULT true NOT NULL, CONSTRAINT check_15543fb0fa CHECK ((char_length(name) <= 64)), CONSTRAINT check_157d5f955c CHECK ((char_length(namespace) <= 64)), diff --git a/doc/administration/audit_event_streaming/audit_event_types.md b/doc/administration/audit_event_streaming/audit_event_types.md index 2d1249e2b6c..6e1436284d0 100644 --- a/doc/administration/audit_event_streaming/audit_event_types.md +++ b/doc/administration/audit_event_streaming/audit_event_types.md @@ -228,6 +228,8 @@ Audit event types belong to the following product categories. | Name | Description | Saved to database | Streamed | Introduced in | |:-----|:------------|:------------------|:---------|:--------------| +| [`create_ssh_certificate`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/134556) | Event triggered when an SSH certificate is created.| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [16.6](https://gitlab.com/gitlab-org/gitlab/-/issues/427413) | +| [`delete_ssh_certificate`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/134556) | Event triggered when an SSH certificate is deleted.| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [16.6](https://gitlab.com/gitlab-org/gitlab/-/issues/427413) | | [`group_created`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/121005) | Event triggered when a group is created.| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [16.3](https://gitlab.com/gitlab-org/gitlab/-/issues/411595) | | [`group_lfs_enabled_updated`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/106079) | Event triggered when a groups lfs enabled is updated.| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [15.7](https://gitlab.com/gitlab-org/gitlab/-/issues/369323) | | [`group_membership_lock_updated`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/106079) | Event triggered when a groups membership lock is updated.| **{check-circle}** Yes | **{check-circle}** Yes | GitLab [15.7](https://gitlab.com/gitlab-org/gitlab/-/issues/369323) | diff --git a/doc/administration/backup_restore/backup_gitlab.md b/doc/administration/backup_restore/backup_gitlab.md index 05a330bf3f5..117d3f2f080 100644 --- a/doc/administration/backup_restore/backup_gitlab.md +++ b/doc/administration/backup_restore/backup_gitlab.md @@ -853,7 +853,7 @@ For the Linux package (Omnibus): ## If you have CNAME buckets (foo.example.com), you might run into SSL issues ## when uploading backups ("hostname foo.example.com.storage.googleapis.com - ## does not match the server certificate"). In that case, uncomnent the following + ## does not match the server certificate"). In that case, uncomment the following ## setting. See: https://github.com/fog/fog/issues/2834 #'path_style' => true } diff --git a/doc/administration/geo/index.md b/doc/administration/geo/index.md index 78bd685e06f..bcf04651078 100644 --- a/doc/administration/geo/index.md +++ b/doc/administration/geo/index.md @@ -208,6 +208,7 @@ This list of limitations only reflects the latest version of GitLab. If you are - For Git over SSH, to make the project clone URL display correctly regardless of which site you are browsing, secondary sites must use the same port as the primary. [GitLab issue #339262](https://gitlab.com/gitlab-org/gitlab/-/issues/339262) proposes to remove this limitation. - Git push over SSH against a secondary site does not work for pushes over 1.86 GB. [GitLab issue #413109](https://gitlab.com/gitlab-org/gitlab/-/issues/413109) tracks this bug. - Backups [cannot be run on secondaries](replication/troubleshooting.md#message-error-canceling-statement-due-to-conflict-with-recovery). +- Git clone and fetch requests with option `--depth` over SSH against a secondary site does not work and hangs indefinitely if the secondary site is not up to date at the time the request is initiated. For more information, see [issue 391980](https://gitlab.com/gitlab-org/gitlab/-/issues/391980). ### Limitations on replication/verification diff --git a/doc/administration/geo/setup/index.md b/doc/administration/geo/setup/index.md index ea3bb5afc24..f59dec17f8b 100644 --- a/doc/administration/geo/setup/index.md +++ b/doc/administration/geo/setup/index.md @@ -31,6 +31,8 @@ a single-node Geo site or a multi-node Geo site. If both Geo sites are based on the [1K reference architecture](../../reference_architectures/1k_users.md), follow [Set up Geo for two single-node sites](two_single_node_sites.md). +If using external PostgreSQL services, for example Amazon RDS, follow [Set up Geo for two single-node sites (with external PostgreSQL services)](two_single_node_external_services.md). + Depending on your GitLab deployment, [additional configuration](#additional-configuration) for LDAP, object storage, and the Container Registry might be required. ### Multi-node Geo sites diff --git a/doc/administration/monitoring/prometheus/index.md b/doc/administration/monitoring/prometheus/index.md index df6dd87c896..01b1851ab7f 100644 --- a/doc/administration/monitoring/prometheus/index.md +++ b/doc/administration/monitoring/prometheus/index.md @@ -302,6 +302,10 @@ update the firewall on the instance to only allow traffic from your Prometheus I static_configs: - targets: - 1.1.1.1:9236 + - job_name: registry + static_configs: + - targets: + - 1.1.1.1:5001 ``` WARNING: diff --git a/doc/administration/reference_architectures/10k_users.md b/doc/administration/reference_architectures/10k_users.md index 2e208c4eca1..16f1f11a6b1 100644 --- a/doc/administration/reference_architectures/10k_users.md +++ b/doc/administration/reference_architectures/10k_users.md @@ -1763,7 +1763,8 @@ Updates to example must be made at: --> ```ruby - roles ["sidekiq_role"] + # https://docs.gitlab.com/omnibus/roles/#sidekiq-roles + roles(["sidekiq_role"]) # External URL ## This should match the URL of the external load balancer diff --git a/doc/administration/reference_architectures/25k_users.md b/doc/administration/reference_architectures/25k_users.md index 355fe45cc2f..1745fb55b22 100644 --- a/doc/administration/reference_architectures/25k_users.md +++ b/doc/administration/reference_architectures/25k_users.md @@ -1780,7 +1780,8 @@ Updates to example must be made at: --> ```ruby - roles ["sidekiq_role"] + # https://docs.gitlab.com/omnibus/roles/#sidekiq-roles + roles(["sidekiq_role"]) # External URL ## This should match the URL of the external load balancer diff --git a/doc/administration/reference_architectures/2k_users.md b/doc/administration/reference_architectures/2k_users.md index 5814d6c1e2d..6528301ae14 100644 --- a/doc/administration/reference_architectures/2k_users.md +++ b/doc/administration/reference_architectures/2k_users.md @@ -609,7 +609,8 @@ Updates to example must be made at: --> ```ruby - roles ["sidekiq_role"] + # https://docs.gitlab.com/omnibus/roles/#sidekiq-roles + roles(["sidekiq_role"]) # External URL external_url 'https://gitlab.example.com' diff --git a/doc/administration/reference_architectures/3k_users.md b/doc/administration/reference_architectures/3k_users.md index 1fd8239c93f..80e2ed76839 100644 --- a/doc/administration/reference_architectures/3k_users.md +++ b/doc/administration/reference_architectures/3k_users.md @@ -1708,7 +1708,8 @@ Updates to example must be made at: --> ```ruby - roles ["sidekiq_role"] + # https://docs.gitlab.com/omnibus/roles/#sidekiq-roles + roles(["sidekiq_role"]) # External URL ## This should match the URL of the external load balancer diff --git a/doc/administration/reference_architectures/50k_users.md b/doc/administration/reference_architectures/50k_users.md index 72ddd347856..b0ca172893e 100644 --- a/doc/administration/reference_architectures/50k_users.md +++ b/doc/administration/reference_architectures/50k_users.md @@ -1776,7 +1776,8 @@ Updates to example must be made at: --> ```ruby - roles ["sidekiq_role"] + # https://docs.gitlab.com/omnibus/roles/#sidekiq-roles + roles(["sidekiq_role"]) # External URL ## This should match the URL of the external load balancer diff --git a/doc/administration/reference_architectures/5k_users.md b/doc/administration/reference_architectures/5k_users.md index e2bf0aa59f4..5e6387359d8 100644 --- a/doc/administration/reference_architectures/5k_users.md +++ b/doc/administration/reference_architectures/5k_users.md @@ -1696,7 +1696,8 @@ Updates to example must be made at: --> ```ruby - roles ["sidekiq_role"] + # https://docs.gitlab.com/omnibus/roles/#sidekiq-roles + roles(["sidekiq_role"]) # External URL ## This should match the URL of the external load balancer diff --git a/doc/administration/sidekiq/index.md b/doc/administration/sidekiq/index.md index 10fadc40a82..a27723faa4a 100644 --- a/doc/administration/sidekiq/index.md +++ b/doc/administration/sidekiq/index.md @@ -95,27 +95,8 @@ Updates to example must be made at: --> ```ruby - ######################################## - ##### Services Disabled ### - ######################################## - # - # When running GitLab on just one server, you have a single `gitlab.rb` - # to enable all services you want to run. - # When running GitLab on N servers, you have N `gitlab.rb` files. - # Enable only the services you want to run on each - # specific server, while disabling all others. - # - gitaly['enable'] = false - postgresql['enable'] = false - redis['enable'] = false - nginx['enable'] = false - puma['enable'] = false - gitlab_workhorse['enable'] = false - prometheus['enable'] = false - alertmanager['enable'] = false - grafana['enable'] = false - gitlab_exporter['enable'] = false - gitlab_kas['enable'] = false + # https://docs.gitlab.com/omnibus/roles/#sidekiq-roles + roles(["sidekiq_role"]) ## ## To maintain uniformity of links across nodes, the diff --git a/doc/administration/sidekiq/sidekiq_troubleshooting.md b/doc/administration/sidekiq/sidekiq_troubleshooting.md index 9ae2a59251a..2990110150f 100644 --- a/doc/administration/sidekiq/sidekiq_troubleshooting.md +++ b/doc/administration/sidekiq/sidekiq_troubleshooting.md @@ -536,6 +536,28 @@ The list of available jobs can be found in the [workers](https://gitlab.com/gitl For more information about Sidekiq jobs, see the [Sidekiq-cron](https://github.com/sidekiq-cron/sidekiq-cron#work-with-job) documentation. +## Disabling cron jobs + +You can disable any Sidekiq cron jobs by visiting the [Monitoring section in the Admin area](../admin_area.md#monitoring-section). You can also perform the same action using the command line and [Rails Runner](../operations/rails_console.md#using-the-rails-runner). + +To disable all cron jobs: + +```shell +sudo gitlab-rails runner 'Sidekiq::Cron::Job.all.map(&:disable!)' +``` + +To enable all cron jobs: + +```shell +sudo gitlab-rails runner 'Sidekiq::Cron::Job.all.map(&:enable!)' +``` + +If you wish to enable only a subset of the jobs at a time you can use name matching. For example, to enable only jobs with `geo` in the name: + +```shell + sudo gitlab-rails runner 'Sidekiq::Cron::Job.all.select{ |j| j.name.match("geo") }.map(&:disable!)' +``` + ## Clearing a Sidekiq job deduplication idempotency key Occasionally, jobs that are expected to run (for example, cron jobs) are observed to not run at all. When checking the logs, there might be instances where jobs are seen to not run with a `"job_status": "deduplicated"`. diff --git a/doc/development/distributed_tracing.md b/doc/development/distributed_tracing.md index da6af8b95ef..56c114ba8de 100644 --- a/doc/development/distributed_tracing.md +++ b/doc/development/distributed_tracing.md @@ -221,8 +221,8 @@ This configuration string uses the Jaeger driver `opentracing://jaeger` with the | Name | Example | Description | |------|-------|-------------| | `udp_endpoint` | `localhost:6831` | This is the default. Configures Jaeger to send trace information to the UDP listener on port `6831` using compact thrift protocol. Note that we've experienced some issues with the [Jaeger Client for Ruby](https://github.com/salemove/jaeger-client-ruby) when using this protocol. | -| `sampler` | `probabalistic` | Configures Jaeger to use a probabilistic random sampler. The rate of samples is configured by the `sampler_param` value. | -| `sampler_param` | `0.01` | Use a ratio of `0.01` to configure the `probabalistic` sampler to randomly sample _1%_ of traces. | +| `sampler` | `probabilistic` | Configures Jaeger to use a probabilistic random sampler. The rate of samples is configured by the `sampler_param` value. | +| `sampler_param` | `0.01` | Use a ratio of `0.01` to configure the `probabilistic` sampler to randomly sample _1%_ of traces. | | `service_name` | `api` | Override the service name used by the Jaeger backend. This parameter takes precedence over the application-supplied value. | NOTE: diff --git a/doc/update/deprecations.md b/doc/update/deprecations.md index 8dcb9f056ff..8fa9cb1168f 100644 --- a/doc/update/deprecations.md +++ b/doc/update/deprecations.md @@ -944,6 +944,24 @@ we'll be introducing support in [this epic](https://gitlab.com/groups/gitlab-org <div class="deprecation breaking-change" data-milestone="17.0"> +### The GitHub importer Rake task + +<div class="deprecation-notes"> +- Announced in GitLab <span class="milestone">16.6</span> +- Removal in GitLab <span class="milestone">17.0</span> ([breaking change](https://docs.gitlab.com/ee/update/terminology.html#breaking-change)) +- To discuss this change or learn more, see the [deprecation issue](https://gitlab.com/gitlab-org/gitlab/-/issues/428225). +</div> + +In GitLab 16.6 the [GitHub importer Rake task](https://docs.gitlab.com/ee/administration/raketasks/github_import.html) is deprecated. The Rake task lacks several features that are supported by the API and is not actively maintained. + +In GitLab 17.0, the Rake task will be removed. + +Instead, GitHub repositories can be imported by using the [API](https://docs.gitlab.com/ee/api/import.html#import-repository-from-github) or the [UI](https://docs.gitlab.com/ee/user/project/import/github.html). + +</div> + +<div class="deprecation breaking-change" data-milestone="17.0"> + ### The GitLab legacy requirement IID is deprecated in favor of work item IID <div class="deprecation-notes"> diff --git a/doc/update/versions/gitlab_15_changes.md b/doc/update/versions/gitlab_15_changes.md index 019b8929a45..bd5efef8f1b 100644 --- a/doc/update/versions/gitlab_15_changes.md +++ b/doc/update/versions/gitlab_15_changes.md @@ -136,6 +136,7 @@ if you can't upgrade to 15.11.12 and later. - `pg_upgrade` fails to upgrade the bundled PostregSQL database to version 13. See [the details and workaround](#pg_upgrade-fails-to-upgrade-the-bundled-postregsql-database-to-version-13). +- Cloning LFS objects from secondary site downloads from the primary site even when secondary is fully synced. See [the details and workaround](gitlab_16_changes.md#cloning-lfs-objects-from-secondary-site-downloads-from-the-primary-site-even-when-secondary-is-fully-synced). ## 15.9.0 @@ -181,6 +182,7 @@ if you can't upgrade to 15.11.12 and later. - `pg_upgrade` fails to upgrade the bundled PostregSQL database to version 13. See [the details and workaround](#pg_upgrade-fails-to-upgrade-the-bundled-postregsql-database-to-version-13). +- Cloning LFS objects from secondary site downloads from the primary site even when secondary is fully synced. See [the details and workaround](gitlab_16_changes.md#cloning-lfs-objects-from-secondary-site-downloads-from-the-primary-site-even-when-secondary-is-fully-synced). ## 15.8.2 @@ -212,6 +214,7 @@ if you can't upgrade to 15.11.12 and later. - We discovered an issue where [replication and verification of projects and wikis was not keeping up](https://gitlab.com/gitlab-org/gitlab/-/issues/387980) on small number of Geo installations. Your installation may be affected if you see some projects and/or wikis persistently in the "Queued" state for verification. This can lead to data loss after a failover. - Affected versions: GitLab versions 15.6.x, 15.7.x, and 15.8.0 - 15.8.2. - Versions containing fix: GitLab 15.8.3 and later. +- Cloning LFS objects from secondary site downloads from the primary site even when secondary is fully synced. See [the details and workaround](gitlab_16_changes.md#cloning-lfs-objects-from-secondary-site-downloads-from-the-primary-site-even-when-secondary-is-fully-synced). ## 15.7.6 @@ -324,6 +327,7 @@ if you can't upgrade to 15.11.12 and later. contents printed. For example, if they were printed in an echo output. For more information, see [Understanding the file type variable expansion change in GitLab 15.7](https://about.gitlab.com/blog/2023/02/13/impact-of-the-file-type-variable-change-15-7/). - Due to [a bug introduced in GitLab 15.4](https://gitlab.com/gitlab-org/gitlab/-/issues/390155), if one or more Git repositories in Gitaly Cluster is [unavailable](../../administration/gitaly/recovery.md#unavailable-repositories), then [Repository checks](../../administration/repository_checks.md#repository-checks) and [Geo replication and verification](../../administration/geo/index.md) stop running for all project or project wiki repositories in the affected Gitaly Cluster. The bug was fixed by [reverting the change in GitLab 15.9.0](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/110823). Before upgrading to this version, check if you have any "unavailable" repositories. See [the bug issue](https://gitlab.com/gitlab-org/gitlab/-/issues/390155) for more information. +- Cloning LFS objects from secondary site downloads from the primary site even when secondary is fully synced. See [the details and workaround](gitlab_16_changes.md#cloning-lfs-objects-from-secondary-site-downloads-from-the-primary-site-even-when-secondary-is-fully-synced). ### Geo installations **(PREMIUM SELF)** @@ -441,6 +445,7 @@ potentially cause downtime. - Affected versions: GitLab versions 15.6.x, 15.7.x, and 15.8.0 - 15.8.2. - Versions containing fix: GitLab 15.8.3 and later. - Due to [a bug introduced in GitLab 15.4](https://gitlab.com/gitlab-org/gitlab/-/issues/390155), if one or more Git repositories in Gitaly Cluster is [unavailable](../../administration/gitaly/recovery.md#unavailable-repositories), then [Repository checks](../../administration/repository_checks.md#repository-checks) and [Geo replication and verification](../../administration/geo/index.md) stop running for all project or project wiki repositories in the affected Gitaly Cluster. The bug was fixed by [reverting the change in GitLab 15.9.0](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/110823). Before upgrading to this version, check if you have any "unavailable" repositories. See [the bug issue](https://gitlab.com/gitlab-org/gitlab/-/issues/390155) for more information. +- Cloning LFS objects from secondary site downloads from the primary site even when secondary is fully synced. See [the details and workaround](gitlab_16_changes.md#cloning-lfs-objects-from-secondary-site-downloads-from-the-primary-site-even-when-secondary-is-fully-synced). ## 15.5.5 @@ -502,6 +507,7 @@ potentially cause downtime. - `pg_upgrade` fails to upgrade the bundled PostregSQL database to version 13. See [the details and workaround](#pg_upgrade-fails-to-upgrade-the-bundled-postregsql-database-to-version-13). +- Cloning LFS objects from secondary site downloads from the primary site even when secondary is fully synced. See [the details and workaround](gitlab_16_changes.md#cloning-lfs-objects-from-secondary-site-downloads-from-the-primary-site-even-when-secondary-is-fully-synced). ## 15.4.6 @@ -576,6 +582,7 @@ potentially cause downtime. - `pg_upgrade` fails to upgrade the bundled PostregSQL database to version 13. See [the details and workaround](#pg_upgrade-fails-to-upgrade-the-bundled-postregsql-database-to-version-13). +- Cloning LFS objects from secondary site downloads from the primary site even when secondary is fully synced. See [the details and workaround](gitlab_16_changes.md#cloning-lfs-objects-from-secondary-site-downloads-from-the-primary-site-even-when-secondary-is-fully-synced). ## 15.3.4 @@ -666,6 +673,7 @@ This issue is resolved in GitLab 15.3.3, so customers with the following configu - LFS is enabled. - LFS objects are being replicated across Geo sites. - Repositories are being pulled by using a Geo secondary site. +- Cloning LFS objects from secondary site downloads from the primary site even when secondary is fully synced. See [the details and workaround](gitlab_16_changes.md#cloning-lfs-objects-from-secondary-site-downloads-from-the-primary-site-even-when-secondary-is-fully-synced). #### Incorrect object storage LFS file deletion on secondary sites @@ -722,6 +730,7 @@ A [license caching issue](https://gitlab.com/gitlab-org/gitlab/-/issues/376706) [the details and workaround](#lfs-transfers-redirect-to-primary-from-secondary-site-mid-session). - Incorrect object storage LFS files deletion on Geo secondary sites. See [the details and workaround](#incorrect-object-storage-lfs-file-deletion-on-secondary-sites). +- Cloning LFS objects from secondary site downloads from the primary site even when secondary is fully synced. See [the details and workaround](gitlab_16_changes.md#cloning-lfs-objects-from-secondary-site-downloads-from-the-primary-site-even-when-secondary-is-fully-synced). ## 15.1.0 @@ -760,6 +769,7 @@ A [license caching issue](https://gitlab.com/gitlab-org/gitlab/-/issues/376706) [the details and workaround](#lfs-transfers-redirect-to-primary-from-secondary-site-mid-session). - Incorrect object storage LFS files deletion on Geo secondary sites. See [the details and workaround](#incorrect-object-storage-lfs-file-deletion-on-secondary-sites). +- Cloning LFS objects from secondary site downloads from the primary site even when secondary is fully synced. See [the details and workaround](gitlab_16_changes.md#cloning-lfs-objects-from-secondary-site-downloads-from-the-primary-site-even-when-secondary-is-fully-synced). ## 15.0.0 diff --git a/doc/update/versions/gitlab_16_changes.md b/doc/update/versions/gitlab_16_changes.md index 7c5dd8ae6ae..48a60267bf0 100644 --- a/doc/update/versions/gitlab_16_changes.md +++ b/doc/update/versions/gitlab_16_changes.md @@ -227,6 +227,24 @@ Specific information applies to installations using Geo: Affected artifacts are automatically resynced upon upgrade to 16.1.5, 16.2.5, 16.3.1, 16.4.0, or later. You can [manually resync affected job artifacts](https://gitlab.com/gitlab-org/gitlab/-/issues/419742#to-fix-data) if needed. +#### Cloning LFS objects from secondary site downloads from the primary site even when secondary is fully synced + +A [bug](https://gitlab.com/gitlab-org/gitlab/-/issues/410413) in the Geo proxying logic for LFS objects meant that all LFS clone requests against a secondary site are proxied to the primary even if the secondary site is up-to-date. This can result in increased load on the primary site and longer access times for LFS objects for users cloning from the secondary site. + +In GitLab 15.1 proxying was enabled by default. + +You are not impacted: + +- If your installation is not configured to use LFS objects +- If you do not use Geo to accelerate remote users +- If you are using Geo to accelerate remote users but have disabled proxying + +| Affected minor releases | Affected patch releases | Fixed in | +|-------------------------|-------------------------|----------| +| 15.1 - 16.2 | All | 16.3 and later | + +Workaround: A possible workaround is to [disable proxying](../../administration/geo/secondary_proxy/index.md#disable-geo-proxying). Note that the secondary site fails to serve LFS files that have not been replicated at the time of cloning. + ## 16.1.0 - A `BackfillPreparedAtMergeRequests` background migration is finalized with @@ -273,6 +291,7 @@ Specific information applies to installations using Geo: - While running an affected version, artifacts which appeared to become synced may actually be missing on the secondary site. Affected artifacts are automatically resynced upon upgrade to 16.1.5, 16.2.5, 16.3.1, 16.4.0, or later. You can [manually resync affected job artifacts](https://gitlab.com/gitlab-org/gitlab/-/issues/419742#to-fix-data) if needed. + - Cloning LFS objects from secondary site downloads from the primary site even when secondary is fully synced. See [the details and workaround](#cloning-lfs-objects-from-secondary-site-downloads-from-the-primary-site-even-when-secondary-is-fully-synced). #### Wiki repositories not initialized on project creation @@ -334,6 +353,7 @@ Specific information applies to installations using Geo: - Some project imports do not initialize wiki repositories on project creation. See [the details and workaround](#wiki-repositories-not-initialized-on-project-creation). +- Cloning LFS objects from secondary site downloads from the primary site even when secondary is fully synced. See [the details and workaround](#cloning-lfs-objects-from-secondary-site-downloads-from-the-primary-site-even-when-secondary-is-fully-synced). ### Gitaly configuration structure change diff --git a/doc/user/storage_management_automation.md b/doc/user/storage_management_automation.md index 96f9ecd11a8..6edc695ffc3 100644 --- a/doc/user/storage_management_automation.md +++ b/doc/user/storage_management_automation.md @@ -14,6 +14,10 @@ You can also manage your storage usage by improving [pipeline efficiency](../ci/ For more help with API automation, you can also use the [GitLab community forum and Discord](https://about.gitlab.com/community/). +WARNING: +The script examples in this page are for demonstration purposes only and should not +be used in production. You can use the examples to design and test your own scripts for storage automation. + ## API requirements To automate storage management, your GitLab.com SaaS or self-managed instance must have access to the [GitLab REST API](../api/api_resources.md). @@ -567,11 +571,17 @@ Support for creating a retention policy for job logs is proposed in [issue 37471 ### Delete old pipelines -Pipelines do not add to the overall storage consumption, but if required you can delete them with the following methods. +Pipelines do not add to the overall storage usage, but if required you can automate their deletion. -Automatic deletion of old pipelines is proposed in [issue 338480](https://gitlab.com/gitlab-org/gitlab/-/issues/338480). +To delete pipelines based on a specific date, specify the `created_at` key. +You can use the date to calculate the difference between the current date and +when the pipeline was created. If the age is larger than the threshold, the pipeline is deleted. -Example with the GitLab CLI: +NOTE: +The `created_at` key must be converted from a timestamp to Unix epoch time, +for example with `date -d '2023-08-08T18:59:47.581Z' +%s`. + +Example with GitLab CLI: ```shell export GL_PROJECT_ID=48349590 @@ -589,12 +599,10 @@ glab api --method GET projects/$GL_PROJECT_ID/pipelines | jq --compact-output '. "2023-08-08T18:59:47.581Z" ``` -The `created_at` key must be converted from a timestamp to Unix epoch time, -for example with `date -d '2023-08-08T18:59:47.581Z' +%s`. In the next step, the -age can be calculated with the difference between now, and the pipeline creation -date. If the age is larger than the threshold, the pipeline should be deleted. +In the following example that uses a Bash script: -The following example uses a Bash script that expects `jq` and the GitLab CLI installed, and authorized, and the exported environment variable `GL_PROJECT_ID`. +- `jq` and the GitLab CLI are installed and authorized. +- The exported environment variable `GL_PROJECT_ID`. The full script `get_cicd_pipelines_compare_age_threshold_example.sh` is located in the [GitLab API with Linux Shell](https://gitlab.com/gitlab-de/use-cases/gitlab-api/gitlab-api-linux-shell) project. @@ -624,7 +632,7 @@ do done ``` -You can use the [`python-gitlab` API library](https://python-gitlab.readthedocs.io/en/stable/gl_objects/pipelines_and_jobs.html#project-pipelines) and +You can also use the [`python-gitlab` API library](https://python-gitlab.readthedocs.io/en/stable/gl_objects/pipelines_and_jobs.html#project-pipelines) and the `created_at` attribute to implement a similar algorithm that compares the job artifact age: ```python @@ -645,6 +653,8 @@ the `created_at` attribute to implement a similar algorithm that compares the jo pipeline_obj.delete() ``` +Automatic deletion of old pipelines is proposed in [issue 338480](https://gitlab.com/gitlab-org/gitlab/-/issues/338480). + ### List expiry settings for job artifacts To manage artifact storage, you can update or configure when an artifact expires. @@ -818,8 +828,6 @@ glab api --method GET projects/$GL_PROJECT_ID/registry/repositories/4435617/tags ::EndTabs -A similar automation shell script is created in the [delete old pipelines](#delete-old-pipelines) section. - ### Delete container images in bulk When you [delete container image tags in bulk](../api/container_registry.md#delete-registry-repository-tags-in-bulk), diff --git a/spec/features/help_dropdown_spec.rb b/spec/features/help_dropdown_spec.rb index 08d7dba4d79..3e4c0bc55fe 100644 --- a/spec/features/help_dropdown_spec.rb +++ b/spec/features/help_dropdown_spec.rb @@ -3,24 +3,19 @@ require 'spec_helper' RSpec.describe "Help Dropdown", :js, feature_category: :shared do - let_it_be(:user) { create(:user, :no_super_sidebar) } - let_it_be(:admin) { create(:admin, :no_super_sidebar) } + let_it_be(:user) { create(:user) } + let_it_be(:admin) { create(:admin) } before do stub_application_setting(version_check_enabled: true) end - context 'when logged in as non-admin' do - before do - sign_in(user) - visit root_path - end - - it 'does not render version data' do - page.within '.header-help' do - find('.header-help-dropdown-toggle').click + shared_examples 'no version check badge' do + it 'does not render version check badge' do + within_testid('super-sidebar') do + click_on 'Help' - expect(page).not_to have_text('Your GitLab Version') + expect(page).not_to have_text('Your GitLab version') expect(page).not_to have_text("#{Gitlab.version_info.major}.#{Gitlab.version_info.minor}") expect(page).not_to have_selector('.version-check-badge') expect(page).not_to have_text('Up to date') @@ -28,45 +23,53 @@ RSpec.describe "Help Dropdown", :js, feature_category: :shared do end end - context 'when logged in as admin' do - before do - sign_in(admin) - gitlab_enable_admin_mode_sign_in(admin) - end + shared_examples 'correct version check badge' do |ui_text, severity| + context "when severity is #{severity}" do + before do + sign_in(admin) + gitlab_enable_admin_mode_sign_in(admin) - describe 'does render version data' do - where(:response, :ui_text) do - [ - [{ "severity" => "success" }, 'Up to date'], - [{ "severity" => "warning" }, 'Update available'], - [{ "severity" => "danger" }, 'Update ASAP'] - ] + allow_next_instance_of(VersionCheck) do |instance| + allow(instance).to receive(:response).and_return({ "severity" => severity }) + end + visit root_path end - with_them do - before do - allow_next_instance_of(VersionCheck) do |instance| - allow(instance).to receive(:response).and_return(response) - end - visit root_path - end + it 'renders correct version check badge variant' do + within_testid('super-sidebar') do + click_on 'Help' - it 'renders correct version badge variant', - quarantine: 'https://gitlab.com/gitlab-org/gitlab/-/issues/369850' do - page.within '.header-help' do - find('.header-help-dropdown-toggle').click + expect(page).to have_text('Your GitLab version') + expect(page).to have_text("#{Gitlab.version_info.major}.#{Gitlab.version_info.minor}") - expect(page).to have_text('Your GitLab Version') - expect(page).to have_text("#{Gitlab.version_info.major}.#{Gitlab.version_info.minor}") - expect(page).to have_selector('.version-check-badge') - expect(page).to have_selector( - 'a[data-testid="gitlab-version-container"][href="/help/update/index"]' - ) - expect(page).to have_selector('.version-check-badge[href="/help/update/index"]') - expect(page).to have_text(ui_text) + within page.find_link(href: help_page_path('update/index')) do + expect(page).to have_selector(".version-check-badge.badge-#{severity}", text: ui_text) end end end end end + + context 'when anonymous user' do + before do + visit user_path(user) + end + + include_examples 'no version check badge' + end + + context 'when logged in as non-admin' do + before do + sign_in(user) + visit root_path + end + + include_examples 'no version check badge' + end + + context 'when logged in as admin' do + include_examples 'correct version check badge', 'Up to date', 'success' + include_examples 'correct version check badge', 'Update available', 'warning' + include_examples 'correct version check badge', 'Update ASAP', 'danger' + end end diff --git a/spec/features/users/snippets_spec.rb b/spec/features/users/snippets_spec.rb index 98ac9fa5f92..3a56b371a8c 100644 --- a/spec/features/users/snippets_spec.rb +++ b/spec/features/users/snippets_spec.rb @@ -4,10 +4,10 @@ require 'spec_helper' RSpec.describe 'Snippets tab on a user profile', :js, feature_category: :source_code_management do context 'when the user has snippets' do - let(:user) { create(:user, :no_super_sidebar) } + let(:user) { create(:user) } before do - stub_feature_flags(profile_tabs_vue: false, super_sidebar_logged_out: false) + stub_feature_flags(profile_tabs_vue: false) end context 'pagination' do @@ -16,7 +16,7 @@ RSpec.describe 'Snippets tab on a user profile', :js, feature_category: :source_ before do allow(Snippet).to receive(:default_per_page).and_return(1) visit user_path(user) - page.within('.user-profile-nav') { click_link 'Snippets' } + within_testid('super-sidebar') { click_link 'Snippets' } wait_for_requests end @@ -30,9 +30,9 @@ RSpec.describe 'Snippets tab on a user profile', :js, feature_category: :source_ let!(:other_snippet) { create(:snippet, :public) } it 'contains only internal and public snippets of a user when a user is logged in' do - sign_in(create(:user, :no_super_sidebar)) + sign_in(create(:user)) visit user_path(user) - page.within('.user-profile-nav') { click_link 'Snippets' } + within_testid('super-sidebar') { click_link 'Snippets' } wait_for_requests expect(page).to have_selector('.snippet-row', count: 2) @@ -43,7 +43,7 @@ RSpec.describe 'Snippets tab on a user profile', :js, feature_category: :source_ it 'contains only public snippets of a user when a user is not logged in' do visit user_path(user) - page.within('.user-profile-nav') { click_link 'Snippets' } + within_testid('super-sidebar') { click_link 'Snippets' } wait_for_requests expect(page).to have_selector('.snippet-row', count: 1) diff --git a/spec/features/users/user_browses_projects_on_user_page_spec.rb b/spec/features/users/user_browses_projects_on_user_page_spec.rb index 5e047192e7b..039b1bbe5b1 100644 --- a/spec/features/users/user_browses_projects_on_user_page_spec.rb +++ b/spec/features/users/user_browses_projects_on_user_page_spec.rb @@ -3,7 +3,7 @@ require 'spec_helper' RSpec.describe 'Users > User browses projects on user page', :js, feature_category: :groups_and_projects do - let!(:user) { create(:user, :no_super_sidebar) } + let!(:user) { create(:user) } let!(:private_project) do create :project, :private, name: 'private', namespace: user.namespace do |project| project.add_maintainer(user) @@ -23,13 +23,13 @@ RSpec.describe 'Users > User browses projects on user page', :js, feature_catego end def click_nav_link(name) - page.within '.nav-links' do + within_testid('super-sidebar') do click_link name end end before do - stub_feature_flags(profile_tabs_vue: false, super_sidebar_logged_out: false) + stub_feature_flags(profile_tabs_vue: false) end it 'hides loading spinner after load', :js do @@ -87,7 +87,7 @@ RSpec.describe 'Users > User browses projects on user page', :js, feature_catego end context 'when signed in as another user' do - let(:another_user) { create(:user, :no_super_sidebar) } + let(:another_user) { create(:user) } before do sign_in(another_user) diff --git a/spec/features/whats_new_spec.rb b/spec/features/whats_new_spec.rb index c8bcf5f6ef0..887994106b6 100644 --- a/spec/features/whats_new_spec.rb +++ b/spec/features/whats_new_spec.rb @@ -2,36 +2,28 @@ require "spec_helper" -RSpec.describe "renders a `whats new` dropdown item", feature_category: :onboarding do - let_it_be(:user) { create(:user, :no_super_sidebar) } +RSpec.describe "renders a `whats new` dropdown item", :js, feature_category: :onboarding do + let_it_be(:user) { create(:user) } context 'when not logged in' do - before do - stub_feature_flags(super_sidebar_logged_out: false) - end - it 'and on SaaS it renders', :saas do visit user_path(user) - page.within '.header-help' do - find('.header-help-dropdown-toggle').click + within_testid('super-sidebar') { click_on 'Help' } - expect(page).to have_button(text: "What's new") - end + expect(page).to have_button(text: "What's new") end it "doesn't render what's new" do visit user_path(user) - page.within '.header-help' do - find('.header-help-dropdown-toggle').click + within_testid('super-sidebar') { click_on 'Help' } - expect(page).not_to have_button(text: "What's new") - end + expect(page).not_to have_button(text: "What's new") end end - context 'when logged in', :js do + context 'when logged in' do before do sign_in(user) end @@ -40,7 +32,7 @@ RSpec.describe "renders a `whats new` dropdown item", feature_category: :onboard Gitlab::CurrentSettings.update!(whats_new_variant: ApplicationSetting.whats_new_variants[:all_tiers]) visit root_dashboard_path - find('.header-help-dropdown-toggle').click + within_testid('super-sidebar') { click_on 'Help' } expect(page).to have_button(text: "What's new") end @@ -49,7 +41,7 @@ RSpec.describe "renders a `whats new` dropdown item", feature_category: :onboard Gitlab::CurrentSettings.update!(whats_new_variant: ApplicationSetting.whats_new_variants[:disabled]) visit root_dashboard_path - find('.header-help-dropdown-toggle').click + within_testid('super-sidebar') { click_on 'Help' } expect(page).not_to have_button(text: "What's new") end @@ -57,24 +49,24 @@ RSpec.describe "renders a `whats new` dropdown item", feature_category: :onboard it 'shows notification dot and count and removes it once viewed' do visit root_dashboard_path - page.within '.header-help' do - expect(page).to have_selector('.notification-dot', visible: true) + within_testid('super-sidebar') do + click_on 'Help' + button = find_button(text: "What's new") - find('.header-help-dropdown-toggle').click + has_testid?('notification-dot', visible: true) + expect(button).to have_selector('.badge-pill') - expect(page).to have_button(text: "What's new") - expect(page).to have_selector('.js-whats-new-notification-count') - - find('button', text: "What's new").click + button.click end find('.whats-new-drawer .gl-drawer-close-button').click - find('.header-help-dropdown-toggle').click - page.within '.header-help' do - expect(page).not_to have_selector('.notification-dot', visible: true) - expect(page).to have_button(text: "What's new") - expect(page).not_to have_selector('.js-whats-new-notification-count') + within_testid('super-sidebar') do + click_on 'Help' + button = find_button(text: "What's new") + + has_testid?('notification-dot', visible: false) + expect(button).not_to have_selector('.badge-pill') end end end |