diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2023-12-04 15:12:44 +0300 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2023-12-04 15:12:44 +0300 |
| commit | 157061839634d24bdb937316373f35bf1fb1f71e (patch) | |
| tree | cfdf79f0a03d105c7cc2c66805e164f68d77d92c | |
| parent | 6974ffffd292657d8257826b2e09a0a8fff6c6a8 (diff) | |
Add latest changes from gitlab-org/gitlab@master
40 files changed, 345 insertions, 247 deletions
diff --git a/.gitlab/ci/rules.gitlab-ci.yml b/.gitlab/ci/rules.gitlab-ci.yml index 9e9f24d37bc..dc00aa1fe54 100644 --- a/.gitlab/ci/rules.gitlab-ci.yml +++ b/.gitlab/ci/rules.gitlab-ci.yml @@ -2640,9 +2640,9 @@ when: never - <<: *if-merge-request-labels-pipeline-expedite when: never + - <<: *if-merge-request-labels-run-review-app - if: '$CI_REVIEW_APPS_ENABLED != "true"' when: never - - <<: *if-merge-request-labels-run-review-app - <<: *if-merge-request-not-approved when: never - <<: *if-dot-com-gitlab-org-merge-request diff --git a/.rubocop.yml b/.rubocop.yml index 10cd003cabb..dca7ff24008 100644 --- a/.rubocop.yml +++ b/.rubocop.yml @@ -871,7 +871,8 @@ Migration/ReferToIndexByName: Migration/CreateTableWithForeignKeys: # Disable this cop for all the existing migrations Exclude: - - !ruby/regexp /\Adb\/(?:post_)?migrate\/(?:201[0-9]\d+|20200[0-8][0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9])_.+\.rb\z/ + - !ruby/regexp /\Adb\/(post_)?migrate\/201.*\.rb\z/ + - !ruby/regexp /\Adb\/(post_)?migrate\/2022[1-11].*\.rb\z/ Migration/PreventIndexCreation: Exclude: diff --git a/app/assets/javascripts/packages_and_registries/package_registry/components/details/metadata/pypi.vue b/app/assets/javascripts/packages_and_registries/package_registry/components/details/metadata/pypi.vue index 498ddbae7b1..d71773adb9d 100644 --- a/app/assets/javascripts/packages_and_registries/package_registry/components/details/metadata/pypi.vue +++ b/app/assets/javascripts/packages_and_registries/package_registry/components/details/metadata/pypi.vue @@ -8,6 +8,9 @@ import DetailsRow from '~/vue_shared/components/registry/details_row.vue'; export default { i18n: { requiredPython: s__('PackageRegistry|Required Python: %{pythonVersion}'), + summary: s__('PackageRegistry|Summary: %{summary}'), + authorEmail: s__('PackageRegistry|Author email: %{authorEmail}'), + keywords: s__('PackageRegistry|Keywords: %{keywords}'), }, components: { DetailsRow, @@ -24,12 +27,33 @@ export default { <template> <div> - <details-row icon="information-o" padding="gl-p-4" data-testid="pypi-required-python"> + <details-row dashed icon="information-o" padding="gl-p-4" data-testid="pypi-required-python"> <gl-sprintf :message="$options.i18n.requiredPython"> <template #pythonVersion> <strong>{{ packageMetadata.requiredPython }}</strong> </template> </gl-sprintf> </details-row> + <details-row dashed icon="doc-text" padding="gl-p-4" data-testid="pypi-summary"> + <gl-sprintf :message="$options.i18n.summary"> + <template #summary> + <strong>{{ packageMetadata.summary }}</strong> + </template> + </gl-sprintf> + </details-row> + <details-row dashed icon="doc-text" padding="gl-p-4" data-testid="pypi-keywords"> + <gl-sprintf :message="$options.i18n.keywords"> + <template #keywords> + <strong>{{ packageMetadata.keywords }}</strong> + </template> + </gl-sprintf> + </details-row> + <details-row dashed icon="mail" padding="gl-p-4" data-testid="pypi-author-email"> + <gl-sprintf :message="$options.i18n.authorEmail"> + <template #authorEmail> + <strong>{{ packageMetadata.authorEmail }}</strong> + </template> + </gl-sprintf> + </details-row> </div> </template> diff --git a/app/assets/javascripts/packages_and_registries/package_registry/graphql/queries/get_package_metadata.query.graphql b/app/assets/javascripts/packages_and_registries/package_registry/graphql/queries/get_package_metadata.query.graphql index fc8b39b37ab..b95b5c2bc74 100644 --- a/app/assets/javascripts/packages_and_registries/package_registry/graphql/queries/get_package_metadata.query.graphql +++ b/app/assets/javascripts/packages_and_registries/package_registry/graphql/queries/get_package_metadata.query.graphql @@ -12,7 +12,10 @@ query getPackageMetadata($id: PackagesPackageID!) { } ... on PypiMetadata { id + authorEmail + keywords requiredPython + summary } ... on ConanMetadata { id diff --git a/app/assets/javascripts/vue_shared/components/registry/details_row.vue b/app/assets/javascripts/vue_shared/components/registry/details_row.vue index 72e06b45561..85b4ea241ef 100644 --- a/app/assets/javascripts/vue_shared/components/registry/details_row.vue +++ b/app/assets/javascripts/vue_shared/components/registry/details_row.vue @@ -32,12 +32,14 @@ export default { <template> <div - class="gl-display-flex gl-align-items-center gl-font-monospace gl-font-sm gl-word-break-all" + class="gl-display-flex gl-align-items-top gl-font-monospace gl-font-sm gl-word-break-all" :class="[padding, borderClass]" > - <gl-icon v-if="icon" :name="icon" class="gl-mr-4" /> - <span> + <div v-if="icon" class="gl-w-5 gl-mr-4"> + <gl-icon :name="icon" /> + </div> + <div> <slot></slot> - </span> + </div> </div> </template> diff --git a/app/models/ci/catalog/listing.rb b/app/models/ci/catalog/listing.rb index 7a50a8ea94a..3b1edac7b62 100644 --- a/app/models/ci/catalog/listing.rb +++ b/app/models/ci/catalog/listing.rb @@ -60,7 +60,7 @@ module Ci def by_scope(relation, scope) if scope == :namespaces && Feature.enabled?(:ci_guard_for_catalog_resource_scope, current_user) - relation.merge(Project.public_and_internal_only.visible_to_user(current_user)) + relation.merge(Project.visible_to_user(current_user)) else relation.merge(Project.public_or_visible_to_user(current_user)) end diff --git a/config/feature_flags/development/contributions_calendar_refactoring.yml b/config/feature_flags/development/self_managed_code_suggestions.yml index e779939cc28..1c0f636bd8b 100644 --- a/config/feature_flags/development/contributions_calendar_refactoring.yml +++ b/config/feature_flags/development/self_managed_code_suggestions.yml @@ -1,8 +1,8 @@ --- -name: contributions_calendar_refactoring -introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/134991 -rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/429648 -milestone: '16.6' +name: self_managed_code_suggestions +introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/138490 +rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/432983 +milestone: '16.7' type: development -group: group::tenant scale +group: group::purchase default_enabled: false diff --git a/config/routes.rb b/config/routes.rb index babc1ffa3d3..fc6a7a37715 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -6,6 +6,7 @@ require 'sidekiq/cron/web' InitializerConnections.raise_if_new_database_connection do Rails.application.routes.draw do concern :access_requestable do + get :request_access, on: :collection post :request_access, on: :collection post :approve_access_request, on: :member end diff --git a/db/post_migrate/20231127171903_remove_application_settings_columns.rb b/db/post_migrate/20231127171903_remove_application_settings_columns.rb new file mode 100644 index 00000000000..9400c036678 --- /dev/null +++ b/db/post_migrate/20231127171903_remove_application_settings_columns.rb @@ -0,0 +1,23 @@ +# frozen_string_literal: true + +class RemoveApplicationSettingsColumns < Gitlab::Database::Migration[2.2] + milestone '16.7' + + disable_ddl_transaction! + + def up + remove_column :application_settings, :elasticsearch_shards, if_exists: true + remove_column :application_settings, :elasticsearch_replicas, if_exists: true + remove_column :application_settings, :static_objects_external_storage_auth_token, if_exists: true + remove_column :application_settings, :web_ide_clientside_preview_enabled, if_exists: true + end + + def down + add_column :application_settings, :elasticsearch_shards, :integer, default: 5, null: false, if_not_exists: true + add_column :application_settings, :elasticsearch_replicas, :integer, default: 1, null: false, if_not_exists: true + add_column :application_settings, :static_objects_external_storage_auth_token, :string, limit: 255, + if_not_exists: true + add_column :application_settings, :web_ide_clientside_preview_enabled, :boolean, default: false, null: false, + if_not_exists: true + end +end diff --git a/db/post_migrate/20231202175941_index_projects_on_organization_id_and_id.rb b/db/post_migrate/20231202175941_index_projects_on_organization_id_and_id.rb new file mode 100644 index 00000000000..a536def7ff3 --- /dev/null +++ b/db/post_migrate/20231202175941_index_projects_on_organization_id_and_id.rb @@ -0,0 +1,19 @@ +# frozen_string_literal: true + +class IndexProjectsOnOrganizationIdAndId < Gitlab::Database::Migration[2.2] + milestone '16.7' + disable_ddl_transaction! + + INDEX_NAME = "index_projects_on_organization_id_and_id" + + def up + # rubocop:disable Migration/PreventIndexCreation -- Replacing existing index + # on organization_id with an index on (organization_id, id) + add_concurrent_index :projects, [:organization_id, :id], name: INDEX_NAME + # rubocop:enable Migration/PreventIndexCreation + end + + def down + remove_concurrent_index :projects, [:organization_id, :id], name: INDEX_NAME + end +end diff --git a/db/post_migrate/20231202180101_remove_index_on_organization_id_projects_table.rb b/db/post_migrate/20231202180101_remove_index_on_organization_id_projects_table.rb new file mode 100644 index 00000000000..ec5a6d33ca3 --- /dev/null +++ b/db/post_migrate/20231202180101_remove_index_on_organization_id_projects_table.rb @@ -0,0 +1,16 @@ +# frozen_string_literal: true + +class RemoveIndexOnOrganizationIdProjectsTable < Gitlab::Database::Migration[2.2] + milestone '16.7' + disable_ddl_transaction! + + INDEX_NAME = 'index_projects_on_organization_id' + + def up + remove_concurrent_index_by_name :projects, INDEX_NAME + end + + def down + add_concurrent_index :projects, :organization_id, name: INDEX_NAME + end +end diff --git a/db/schema_migrations/20231127171903 b/db/schema_migrations/20231127171903 new file mode 100644 index 00000000000..6053f0eee23 --- /dev/null +++ b/db/schema_migrations/20231127171903 @@ -0,0 +1 @@ +af73341ffb326a6e9d4f6b6aa836f5888182278626f51cc193f5ca906c4ccf4e
\ No newline at end of file diff --git a/db/schema_migrations/20231202175941 b/db/schema_migrations/20231202175941 new file mode 100644 index 00000000000..2474832a918 --- /dev/null +++ b/db/schema_migrations/20231202175941 @@ -0,0 +1 @@ +8d752179a1544a0dad7c1df99ed332002b8ebd0191d3ae7434366267e227987f
\ No newline at end of file diff --git a/db/schema_migrations/20231202180101 b/db/schema_migrations/20231202180101 new file mode 100644 index 00000000000..66c6cb84ffd --- /dev/null +++ b/db/schema_migrations/20231202180101 @@ -0,0 +1 @@ +432843177f4e67613b94bd24de3ab6903d4295a591545247ca7c264c18720ad6
\ No newline at end of file diff --git a/db/structure.sql b/db/structure.sql index 270c6508743..d10eb687c32 100644 --- a/db/structure.sql +++ b/db/structure.sql @@ -11873,7 +11873,6 @@ CREATE TABLE application_settings ( snowplow_enabled boolean DEFAULT false NOT NULL, snowplow_collector_hostname character varying, snowplow_cookie_domain character varying, - web_ide_clientside_preview_enabled boolean DEFAULT false NOT NULL, user_show_add_ssh_key_message boolean DEFAULT true NOT NULL, custom_project_templates_group_id integer, usage_stats_set_by_user_id integer, @@ -11890,8 +11889,6 @@ CREATE TABLE application_settings ( lets_encrypt_notification_email character varying, lets_encrypt_terms_of_service_accepted boolean DEFAULT false NOT NULL, geo_node_allowed_ips character varying DEFAULT '0.0.0.0/0, ::/0'::character varying, - elasticsearch_shards integer DEFAULT 5 NOT NULL, - elasticsearch_replicas integer DEFAULT 1 NOT NULL, encrypted_lets_encrypt_private_key text, encrypted_lets_encrypt_private_key_iv text, required_instance_ci_template character varying, @@ -11912,7 +11909,6 @@ CREATE TABLE application_settings ( encrypted_asset_proxy_secret_key text, encrypted_asset_proxy_secret_key_iv character varying, static_objects_external_storage_url character varying(255), - static_objects_external_storage_auth_token character varying(255), max_personal_access_token_lifetime integer, throttle_protected_paths_enabled boolean DEFAULT false NOT NULL, throttle_protected_paths_requests_per_period integer DEFAULT 10 NOT NULL, @@ -34198,7 +34194,7 @@ CREATE INDEX index_projects_on_namespace_id_and_id ON projects USING btree (name CREATE INDEX index_projects_on_namespace_id_and_repository_size_limit ON projects USING btree (namespace_id, repository_size_limit); -CREATE INDEX index_projects_on_organization_id ON projects USING btree (organization_id); +CREATE INDEX index_projects_on_organization_id_and_id ON projects USING btree (organization_id, id); CREATE INDEX index_projects_on_path_trigram ON projects USING gin (path gin_trgm_ops); diff --git a/doc/administration/audit_event_streaming/index.md b/doc/administration/audit_event_streaming/index.md index 2c3ec2aafc3..b9e747d2725 100644 --- a/doc/administration/audit_event_streaming/index.md +++ b/doc/administration/audit_event_streaming/index.md @@ -49,7 +49,7 @@ To add streaming destinations to a top-level group: 1. On the left sidebar, select **Search or go to** and find your group. 1. Select **Secure > Audit events**. -1. On the main area, select **Streams** tab. +1. On the main area, select the **Streams** tab. 1. Select **Add streaming destination** and select **HTTP endpoint** to show the section for adding destinations. 1. In the **Name** and **Destination URL** fields, add a destination name and URL. 1. Optional. Locate the **Custom HTTP headers** table. @@ -68,7 +68,7 @@ To list the streaming destinations for a top-level group: 1. On the left sidebar, select **Search or go to** and find your group. 1. Select **Secure > Audit events**. -1. On the main area, select **Streams** tab. +1. On the main area, select the **Streams** tab. 1. Select the stream to expand it and see all the custom HTTP headers. #### Update an HTTP destination @@ -81,7 +81,7 @@ To update a streaming destination's name: 1. On the left sidebar, select **Search or go to** and find your group. 1. Select **Secure > Audit events**. -1. On the main area, select **Streams** tab. +1. On the main area, select the **Streams** tab. 1. Select the stream to expand. 1. In the **Name** fields, add a destination name to update. 1. Select **Save** to update the streaming destination. @@ -90,7 +90,7 @@ To update a streaming destination's custom HTTP headers: 1. On the left sidebar, select **Search or go to** and find your group. 1. Select **Secure > Audit events**. -1. On the main area, select **Streams** tab. +1. On the main area, select the **Streams** tab. 1. Select the stream to expand. 1. Locate the **Custom HTTP headers** table. 1. Locate the header that you wish to update. @@ -146,7 +146,7 @@ To list streaming destinations and see the verification tokens: 1. On the left sidebar, select **Search or go to** and find your group. 1. Select **Secure > Audit events**. -1. On the main area, select the **Streams**. +1. On the main area, select the **Streams** tab. 1. Select the stream to expand. 1. Locate the **Verification token** input. @@ -204,7 +204,7 @@ To add Google Cloud Logging streaming destinations to a top-level group: 1. On the left sidebar, select **Search or go to** and find your group. 1. Select **Secure > Audit events**. -1. On the main area, select **Streams** tab. +1. On the main area, select the **Streams** tab. 1. Select **Add streaming destination** and select **Google Cloud Logging** to show the section for adding destinations. 1. Enter a random string to use as a name for the new destination. 1. Enter the Google project ID, Google client email, and Google private key from previously-created Google Cloud service account key to add to the new destination. @@ -221,7 +221,7 @@ To list Google Cloud Logging streaming destinations for a top-level group: 1. On the left sidebar, select **Search or go to** and find your group. 1. Select **Secure > Audit events**. -1. On the main area, select **Streams** tab. +1. On the main area, select the **Streams** tab. 1. Select the Google Cloud Logging stream to expand and see all the fields. #### Update a Google Cloud Logging destination @@ -236,7 +236,7 @@ To update Google Cloud Logging streaming destinations to a top-level group: 1. On the left sidebar, select **Search or go to** and find your group. 1. Select **Secure > Audit events**. -1. On the main area, select **Streams** tab. +1. On the main area, select the **Streams** tab. 1. Select the Google Cloud Logging stream to expand. 1. Enter a random string to use as a name for the destination. 1. Enter the Google project ID and Google client email from previously-created Google Cloud service account key to update the destination. @@ -284,7 +284,7 @@ To add AWS S3 streaming destinations to a top-level group: 1. On the left sidebar, select **Search or go to** and find your group. 1. Select **Secure > Audit events**. -1. On the main area, select **Streams** tab. +1. On the main area, select the **Streams** tab. 1. Select **Add streaming destination** and select **AWS S3** to show the section for adding destinations. 1. Enter a random string to use as a name for the new destination. 1. Enter the Access Key ID, Secret Access Key, Bucket Name, and AWS Region from previously-created AWS access key and bucket to add to the new destination. @@ -300,7 +300,7 @@ To list AWS S3 streaming destinations for a top-level group: 1. On the left sidebar, select **Search or go to** and find your group. 1. Select **Secure > Audit events**. -1. On the main area, select **Streams** tab. +1. On the main area, select the **Streams** tab. 1. Select the AWS S3 stream to expand and see all the fields. #### Update a AWS S3 destination @@ -313,7 +313,7 @@ To update AWS S3 streaming destinations to a top-level group: 1. On the left sidebar, select **Search or go to** and find your group. 1. Select **Secure > Audit events**. -1. On the main area, select **Streams** tab. +1. On the main area, select the **Streams** tab. 1. Select the AWS S3 stream to expand. 1. Enter a random string to use as a name for the destination. 1. Enter the Access Key ID, Secret Access Key, Bucket Name, and AWS Region from previously-created AWS access key and bucket to update the destination. @@ -358,8 +358,8 @@ Prerequisites: To add a streaming destination for an instance: 1. On the left sidebar, at the bottom, select **Admin Area**. -1. On the left sidebar, select **Monitoring > Audit Events**. -1. On the main area, select **Streams** tab. +1. Select **Monitoring > Audit Events**. +1. On the main area, select the **Streams** tab. 1. Select **Add streaming destination** and select **HTTP endpoint** to show the section for adding destinations. 1. In the **Name** and **Destination URL** fields, add a destination name and URL. 1. Optional. To add custom HTTP headers, select **Add header** to create a new name and value pair, and input their values. Repeat this step for as many name and value pairs are required. You can add up to 20 headers per streaming destination. @@ -377,8 +377,8 @@ Prerequisites: To list the streaming destinations for an instance: 1. On the left sidebar, at the bottom, select **Admin Area**. -1. On the left sidebar, select **Monitoring > Audit Events**. -1. On the main area, select **Streams** tab. +1. Select **Monitoring > Audit Events**. +1. On the main area, select the **Streams** tab. 1. Select the stream to expand it and see all the custom HTTP headers. #### Update an HTTP destination @@ -390,8 +390,8 @@ Prerequisites: To update a instance streaming destination's name: 1. On the left sidebar, at the bottom, select **Admin Area**. -1. On the left sidebar, select **Monitoring > Audit Events**. -1. On the main area, select **Streams** tab. +1. Select **Monitoring > Audit Events**. +1. On the main area, select the **Streams** tab. 1. Select the stream to expand. 1. In the **Name** fields, add a destination name to update. 1. Select **Save** to update the streaming destination. @@ -399,8 +399,8 @@ To update a instance streaming destination's name: To update a instance streaming destination's custom HTTP headers: 1. On the left sidebar, at the bottom, select **Admin Area**. -1. On the left sidebar, select **Monitoring > Audit Events**. -1. On the main area, select **Streams** tab. +1. Select **Monitoring > Audit Events**. +1. On the main area, select the **Streams** tab. 1. Select the stream to expand. 1. Locate the **Custom HTTP headers** table. 1. Locate the header that you wish to update. @@ -421,7 +421,7 @@ Prerequisites: To delete the streaming destinations for an instance: 1. On the left sidebar, at the bottom, select **Admin Area**. -1. On the left sidebar, select **Monitoring > Audit Events**. +1. Select **Monitoring > Audit Events**. 1. On the main area, select the **Streams** tab. 1. Select the stream to expand. 1. Select **Delete destination**. @@ -430,7 +430,7 @@ To delete the streaming destinations for an instance: To delete only the custom HTTP headers for a streaming destination: 1. On the left sidebar, at the bottom, select **Admin Area**. -1. On the left sidebar, select **Monitoring > Audit Events**. +1. Select **Monitoring > Audit Events**. 1. On the main area, select the **Streams** tab. 1. To the right of the item, **Edit** (**{pencil}**). 1. Locate the **Custom HTTP headers** table. @@ -457,7 +457,7 @@ Prerequisites: To list streaming destinations for an instance and see the verification tokens: 1. On the left sidebar, at the bottom, select **Admin Area**. -1. On the left sidebar, select **Monitoring > Audit Events**. +1. Select **Monitoring > Audit Events**. 1. On the main area, select the **Streams** tab. 1. View the verification token on the right side of each item. @@ -473,7 +473,7 @@ A streaming destination that has an event type filter set has a **filtered** (** To update a streaming destination's event filters: 1. On the left sidebar, at the bottom, select **Admin Area**. -1. On the left sidebar, select **Monitoring > Audit Events**. +1. Select **Monitoring > Audit Events**. 1. On the main area, select the **Streams** tab. 1. Select the stream to expand. 1. Locate the **Filter by audit event type** dropdown list. @@ -514,8 +514,8 @@ Prerequisites: To add Google Cloud Logging streaming destinations to an instance: 1. On the left sidebar, at the bottom, select **Admin Area**. -1. On the left sidebar, select **Monitoring > Audit Events**. -1. On the main area, select **Streams** tab. +1. Select **Monitoring > Audit Events**. +1. On the main area, select the **Streams** tab. 1. Select **Add streaming destination** and select **Google Cloud Logging** to show the section for adding destinations. 1. Enter a random string to use as a name for the new destination. 1. Enter the Google project ID, Google client email, and Google private key from previously-created Google Cloud service account key to add to the new destination. @@ -531,8 +531,8 @@ Prerequisites: To list Google Cloud Logging streaming destinations for an instance: 1. On the left sidebar, at the bottom, select **Admin Area**. -1. On the left sidebar, select **Monitoring > Audit Events**. -1. On the main area, select **Streams** tab. +1. Select **Monitoring > Audit Events**. +1. On the main area, select the **Streams** tab. 1. Select the Google Cloud Logging stream to expand and see all the fields. #### Update a Google Cloud Logging destination @@ -544,8 +544,8 @@ Prerequisites: To update Google Cloud Logging streaming destinations to an instance: 1. On the left sidebar, at the bottom, select **Admin Area**. -1. On the left sidebar, select **Monitoring > Audit Events**. -1. On the main area, select **Streams** tab. +1. Select **Monitoring > Audit Events**. +1. On the main area, select the **Streams** tab. 1. Select the Google Cloud Logging stream to expand. 1. Enter a random string to use as a name for the destination. 1. Enter the Google project ID and Google client email from previously-created Google Cloud service account key to update the destination. @@ -562,8 +562,8 @@ Prerequisites: To delete Google Cloud Logging streaming destinations to an instance: 1. On the left sidebar, at the bottom, select **Admin Area**. -1. On the left sidebar, select **Monitoring > Audit Events**. -1. On the main area, select **Streams** tab. +1. Select **Monitoring > Audit Events**. +1. On the main area, select the **Streams** tab. 1. Select the Google Cloud Logging stream to expand. 1. Select **Delete destination**. 1. Confirm by selecting **Delete destination** in the dialog. diff --git a/doc/administration/geo/setup/database.md b/doc/administration/geo/setup/database.md index 471bae72c5b..6835231ab70 100644 --- a/doc/administration/geo/setup/database.md +++ b/doc/administration/geo/setup/database.md @@ -952,8 +952,7 @@ If you want to run the Geo tracking database on a single node, see [Configure th A production-ready and secure setup for the tracking PostgreSQL DB requires at least three Consul nodes: two Patroni nodes, and one PgBouncer node on the secondary site. -Because of [issue 6587](https://gitlab.com/gitlab-org/omnibus-gitlab/-/issues/6587), Consul can't track multiple -services, so these must be different than the nodes used for the Standby Cluster database. +Consul can track multiple services, so you can choose to reuse the nodes used for the Standby Cluster database, though the instructions below do not show how to combine configurations when reusing Consul nodes. Be sure to use [password credentials](../../postgresql/replication_and_failover.md#database-authorization-for-patroni) and other database best practices. diff --git a/doc/administration/pages/index.md b/doc/administration/pages/index.md index d37469a076a..64ec9b11763 100644 --- a/doc/administration/pages/index.md +++ b/doc/administration/pages/index.md @@ -502,6 +502,9 @@ To do that: 1. Select the **Disable public access to Pages sites** checkbox. 1. Select **Save changes**. +NOTE: +You must enable [Access Control](#access-control) first for the setting to show in the Admin Area. + ### Running behind a proxy Like the rest of GitLab, Pages can be used in those environments where external diff --git a/doc/administration/reference_architectures/index.md b/doc/administration/reference_architectures/index.md index 12bb8c3bc46..a1d68abc874 100644 --- a/doc/administration/reference_architectures/index.md +++ b/doc/administration/reference_architectures/index.md @@ -73,7 +73,7 @@ load of what each architecture has been tested against under the "Testing Method comparing those values with what load you are expecting against your existing GitLab environment to help select the right Reference Architecture size. -Load is given in terms of Requests per Section (RPS) for each endpoint type (API, Web, Git). This information on your existing infrastructure +Load is given in terms of Requests per Second (RPS) for each endpoint type (API, Web, Git). This information on your existing infrastructure can typically be surfaced by most reputable monitoring solutions or in some other ways such as load balancer metrics. For example, on existing GitLab environments, [Prometheus metrics](../monitoring/prometheus/gitlab_metrics.md) such as `gitlab_transaction_duration_seconds` can be used to see this data. diff --git a/doc/architecture/blueprints/ai_gateway/index.md b/doc/architecture/blueprints/ai_gateway/index.md index 79387152978..c09f8aaa621 100644 --- a/doc/architecture/blueprints/ai_gateway/index.md +++ b/doc/architecture/blueprints/ai_gateway/index.md @@ -86,6 +86,14 @@ The AI Gateway communication protocol shall only expect a rudimentary envelope t **This means that all clients regardless of their versions use the same set of AI-Gateway API feature endpoints. The AI-gateway feature endpoints have to support different client versions, instead of creating multiple feature endpoints per different supported client versions**. +We can however add a version to the path in case we do want to evolve +a certain endpoint. It's not expected that we'll need to do this +often, but having a version in the path keeps the option open. The +benefit of this is that individual GitLab milestone releases will +continue pointing to the endpoint version it was tested against at the +time of release, while allowing us to iterate quickly by introducing +new endpoint versions. + We also considered gRPC as a protocol for communication between GitLab instances, JSON API, and gRPC differ on these items: @@ -263,7 +271,7 @@ A good practise that might help support backwards compatibility is to provide bu For example, a rough Code Suggestions service could look like this: ```plaintext -POST /internal/code-suggestions/completions +POST /v3/code/completions ``` ```json diff --git a/doc/ci/yaml/inputs.md b/doc/ci/yaml/inputs.md index d32b949495c..a6c2497de3a 100644 --- a/doc/ci/yaml/inputs.md +++ b/doc/ci/yaml/inputs.md @@ -9,6 +9,11 @@ info: To determine the technical writer assigned to the Stage/Group associated w > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/391331) in GitLab 15.11 as a Beta feature. > - Made generally available in GitLab 16.6. +Use inputs to increase the flexibility of CI/CD configuration files that are designed +to be reused. + +Inputs can use CI/CD variables, but have the same [variable limitations as the `include` keyword](includes.md#use-variables-with-include). + ## Define input parameters with `spec:inputs` Use `spec:inputs` to define input parameters for CI/CD configuration intended to be added diff --git a/doc/update/versions/gitlab_16_changes.md b/doc/update/versions/gitlab_16_changes.md index a9289c53e92..0227eb8b8a9 100644 --- a/doc/update/versions/gitlab_16_changes.md +++ b/doc/update/versions/gitlab_16_changes.md @@ -16,6 +16,7 @@ For more information about upgrading GitLab Helm Chart, see [the release notes f ## Issues to be aware of when upgrading from 15.11 +- [PostgreSQL 12 is not supported from v16](../../update/deprecations.md#postgresql-12-deprecated). Upgrade your PostgreSQL to at least 13.6 before upgrading to GitLab v16.0 or higher. - Some GitLab installations must upgrade to GitLab 16.0 before upgrading to any other version. For more information, see [Long-running user type data change](#long-running-user-type-data-change). - Other installations can skip 16.0, 16.1, and 16.2 as the first required stop on the upgrade path is 16.3. Review the notes for those intermediate diff --git a/doc/user/group/saml_sso/troubleshooting_scim.md b/doc/user/group/saml_sso/troubleshooting_scim.md index 5140e121bfb..1a8a719f98b 100644 --- a/doc/user/group/saml_sso/troubleshooting_scim.md +++ b/doc/user/group/saml_sso/troubleshooting_scim.md @@ -127,6 +127,47 @@ For example, use these values as a definitive source on why an account was provi details. This information can help where an account was SCIM provisioned with details that do not match the SCIM app configuration. +## Member's email address is not linked error in SCIM log + +When you attempt to provision a SCIM user on GitLab.com, GitLab checks to see if +a user with that email address already exists. You might see the following error +when the: + +- User exists, but does not have a SAML identity linked. +- User exists, has a SAML identity, **and** has a SCIM identity that is set to `active: false`. + +```plaintext +The member's email address is not linked to a SAML account or has an inactive +SCIM identity. +``` + +This error message is returned with the status `412`. + +This might prevent the affected end user from accessing their account correctly. + +The first workaround is: + +1. Have the end user [link SAML to their existing GitLab.com account](index.md#link-saml-to-your-existing-gitlabcom-account). +1. After the user has done this, initiate a SCIM sync from your identity provider. +If the SCIM sync completes without the same error, GitLab has +successfully linked the SCIM identity to the existing user account, and the user +should now be able to sign in using SAML SSO. + +If the error persists, the user most likely already exists, has both a SAML and +SCIM identity, and a SCIM identity that is set to `active: false`. To resolve +this: + +1. Optional. If you did not save your SCIM token when you first configured SCIM, [generate a new token](scim_setup.md#configure-gitlab). If you generate a new SCIM token, you **must** update the token in your identity provider's SCIM configuration, or SCIM will stop working. +1. Locate your SCIM token. +1. Use the API to [get a single SCIM provisioned user](/ee/development/internal_api/index.md#get-a-single-scim-provisioned-user). +1. Check the returned information to make sure that: + - The user's identifier (`id`) and email match what your identity provider is sending. + - `active` is set to `false`. + If any of this information does not match, [contact GitLab Support](https://support.gitlab.com/). +1. Use the API to [update the SCIM provisioned user's `active` value to `true`](/ee/development/internal_api/index.md#update-a-single-scim-provisioned-user). +1. If the update returns a status code `204`, have the user attempt to sign in +using SAML SSO. + ## Azure Active Directory The following troubleshooting information is specifically for SCIM provisioned through Azure Active Directory. diff --git a/doc/user/workspace/configuration.md b/doc/user/workspace/configuration.md index a1308d04653..ae49b866bbd 100644 --- a/doc/user/workspace/configuration.md +++ b/doc/user/workspace/configuration.md @@ -30,12 +30,7 @@ which you can customize to meet the specific needs of each project. that controller accessible over a domain. For example, point `*.workspaces.example.dev` and `workspaces.example.dev` to the load balancer exposed by the Ingress controller. - [Install `gitlab-workspaces-proxy`](https://gitlab.com/gitlab-org/remote-development/gitlab-workspaces-proxy#installation-instructions). - - [Install the GitLab agent](../clusters/agent/install/index.md). -- Configure [remote development settings for the GitLab agent](gitlab_agent_configuration.md). - - You can use any agent defined under the root group of your project, - provided that remote development is properly configured for that agent. - + - [Install](../clusters/agent/install/index.md) and [configure](gitlab_agent_configuration.md) the GitLab agent. - You must have at least the Developer role in the root group. - In each project you want to use this feature for, create a [devfile](index.md#devfile): 1. On the left sidebar, select **Search or go to** and find your project. diff --git a/doc/user/workspace/gitlab_agent_configuration.md b/doc/user/workspace/gitlab_agent_configuration.md index d74014e9f1f..8f8ae397f5d 100644 --- a/doc/user/workspace/gitlab_agent_configuration.md +++ b/doc/user/workspace/gitlab_agent_configuration.md @@ -4,11 +4,16 @@ group: IDE info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments --- -# GitLab agent configuration +# GitLab agent configuration **(PREMIUM ALL)** + +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/112397) in GitLab 15.11 [with a flag](../../administration/feature_flags.md) named `remote_development_feature_flag`. Disabled by default. +> - [Enabled on GitLab.com and self-managed](https://gitlab.com/gitlab-org/gitlab/-/issues/391543) in GitLab 16.0. +> - [Generally available](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/136744) in GitLab 16.7. Feature flag `remote_development_feature_flag` removed. When you [set up a workspace](configuration.md#set-up-a-workspace), -you must configure remote development settings for the GitLab agent. -These settings are available in the agent configuration file under `remote_development`. +you must configure remote development for the GitLab agent. +The remote development settings are available in the agent +configuration file under `remote_development`. You can use any agent defined under the root group of your project, provided that remote development is properly configured for that agent. @@ -23,7 +28,7 @@ provided that remote development is properly configured for that agent. | [`network_policy`](#network_policy) | Firewall rules for workspaces | NOTE: -If any setting has an invalid value, all settings cannot be updated until you fix that value. +If a setting has an invalid value, it's not possible to update any setting until you fix that value. ### `enabled` @@ -109,12 +114,12 @@ Use this setting to define a list of IP CIDR ranges to allow as egress destinati Define egress rules when: -- The GitLab instance is available on a private IP. -- Workspace users must access a cloud resource available on a private IP. +- The GitLab instance is on a private IP range. +- Workspace users must access a cloud resource on a private IP range. Each element of the list defines an `allow` attribute with an optional `except` attribute. -The `allow` attribute defines an IP CIDR range to allow traffic from. -The `except` attribute lists IP CIDR ranges to exclude from the `allow` range. +`allow` defines an IP range to allow traffic from. +`except` lists IP ranges to exclude from the `allow` range. **Example configuration:** @@ -132,5 +137,5 @@ remote_development: In this example, traffic from the workspace is allowed if: -- The destination IP is any IP except `10.0.0.0/8`, `172.16.0.0/12`, or `192.168.0.0/16`. +- The destination IP is any range except `10.0.0.0/8`, `172.16.0.0/12`, or `192.168.0.0/16`. - The destination IP is `172.16.123.1/32`. diff --git a/lib/gitlab/contributions_calendar.rb b/lib/gitlab/contributions_calendar.rb index 87b336af64d..a0bb37fb097 100644 --- a/lib/gitlab/contributions_calendar.rb +++ b/lib/gitlab/contributions_calendar.rb @@ -25,34 +25,7 @@ module Gitlab date_interval = "INTERVAL '#{@contributor_time_instance.utc_offset} seconds'" - if Feature.enabled?(:contributions_calendar_refactoring, contributor) - return contributions_between(start_time, end_time).count_by_dates(date_interval) - end - - # TODO: Remove after feature flag `contributions_calendar_refactoring` is rolled out - # See https://gitlab.com/gitlab-org/gitlab/-/issues/429648 - # rubocop: disable CodeReuse/ActiveRecord -- will be removed - # Can't use Event.contributions here because we need to check 3 different - # project_features for the (currently) 4 different contribution types - repo_events = events_created_between(start_time, end_time, :repository) - .where(action: :pushed) - issue_events = events_created_between(start_time, end_time, :issues) - .where(action: [:created, :closed], target_type: %w[Issue WorkItem]) - mr_events = events_created_between(start_time, end_time, :merge_requests) - .where(action: [:merged, :created, :closed], target_type: "MergeRequest") - note_events = events_created_between(start_time, end_time, :merge_requests) - .where(action: :commented) - - events = Event - .select("date(created_at + #{date_interval}) AS date", 'COUNT(*) AS num_events') - .from_union([repo_events, issue_events, mr_events, note_events], remove_duplicates: false) - .group(:date) - .map(&:attributes) - # rubocop: enable CodeReuse/ActiveRecord - - events.each_with_object(Hash.new { |h, k| h[k] = 0 }) do |event, activities| - activities[event["date"]] += event["num_events"] - end + contributions_between(start_time, end_time).count_by_dates(date_interval) end def events_by_date(date) @@ -60,18 +33,7 @@ module Gitlab date_in_time_zone = date.in_time_zone(@contributor_time_instance.time_zone) - if Feature.enabled?(:contributions_calendar_refactoring, contributor) - return contributions_between(date_in_time_zone.beginning_of_day, date_in_time_zone.end_of_day).with_associations - end - - # TODO: Remove after feature flag `contributions_calendar_refactoring` is rolled out - # See https://gitlab.com/gitlab-org/gitlab/-/issues/429648 - # rubocop: disable CodeReuse/ActiveRecord -- will be removed - Event.contributions.where(author_id: contributor.id) - .where(created_at: date_in_time_zone.beginning_of_day..date_in_time_zone.end_of_day) - .where(project_id: projects) - .with_associations - # rubocop: enable CodeReuse/ActiveRecord + contributions_between(date_in_time_zone.beginning_of_day, date_in_time_zone.end_of_day).with_associations end private @@ -139,31 +101,5 @@ module Gitlab def contribution_events(start_time, end_time) contributor.events.created_between(start_time, end_time) end - - # TODO: Remove after feature flag `contributions_calendar_refactoring` is rolled out - # See https://gitlab.com/gitlab-org/gitlab/-/issues/429648 - # rubocop: disable CodeReuse/ActiveRecord -- will be removed - def events_created_between(start_time, end_time, feature) - # no need to check feature access of current user, if the contributor opted-in - # to show all private events anyway - otherwise they would get filtered out again - authed_projects = if contributor.include_private_contributions? - contributed_project_ids - else - ProjectFeature - .with_feature_available_for_user(feature, current_user) - .where(project_id: contributed_project_ids) - .reorder(nil) - .select(:project_id) - end - - Event.reorder(nil) - .select(:created_at) - .where( - author_id: contributor.id, - created_at: start_time..end_time, - events: { project_id: authed_projects } - ) - end - # rubocop: enable CodeReuse/ActiveRecord end end diff --git a/lib/gitlab/middleware/path_traversal_check.rb b/lib/gitlab/middleware/path_traversal_check.rb index 6fef247b708..d1260c81925 100644 --- a/lib/gitlab/middleware/path_traversal_check.rb +++ b/lib/gitlab/middleware/path_traversal_check.rb @@ -32,20 +32,24 @@ module Gitlab end def call(env) - if Feature.enabled?(:check_path_traversal_middleware, Feature.current_request) - log_params = {} + return @app.call(env) unless Feature.enabled?(:check_path_traversal_middleware, Feature.current_request) - execution_time = measure_execution_time do - request = ::Rack::Request.new(env.dup) - check(request, log_params) unless excluded?(request) - end + log_params = {} - log_params[:duration_ms] = execution_time.round(5) if execution_time + execution_time = measure_execution_time do + request = ::Rack::Request.new(env.dup) + check(request, log_params) unless excluded?(request) + end + log_params[:duration_ms] = execution_time.round(5) if execution_time + + result = @app.call(env) - log(log_params) unless log_params.empty? + unless log_params.empty? + log_params[:status] = result.first + log(log_params) end - @app.call(env) + result end private diff --git a/locale/gitlab.pot b/locale/gitlab.pot index 2ebe97ba74b..741e1b41a12 100644 --- a/locale/gitlab.pot +++ b/locale/gitlab.pot @@ -33966,6 +33966,9 @@ msgstr "" msgid "PackageRegistry|App name: %{name}" msgstr "" +msgid "PackageRegistry|Author email: %{authorEmail}" +msgstr "" + msgid "PackageRegistry|Built by pipeline %{link} triggered %{datetime} by %{author}" msgstr "" @@ -34176,6 +34179,9 @@ msgstr "" msgid "PackageRegistry|Invalid Package: failed metadata extraction" msgstr "" +msgid "PackageRegistry|Keywords: %{keywords}" +msgstr "" + msgid "PackageRegistry|Last downloaded %{dateTime}" msgstr "" @@ -34343,6 +34349,9 @@ msgstr "" msgid "PackageRegistry|Source project located at %{link}" msgstr "" +msgid "PackageRegistry|Summary: %{summary}" +msgstr "" + msgid "PackageRegistry|Target SHA: %{sha}" msgstr "" diff --git a/package.json b/package.json index 62cc20220fe..fa47c65ca4b 100644 --- a/package.json +++ b/package.json @@ -255,7 +255,7 @@ "chokidar": "^3.5.3", "commander": "^2.20.3", "custom-jquery-matchers": "^2.1.0", - "eslint": "8.54.0", + "eslint": "8.55.0", "eslint-import-resolver-jest": "3.0.2", "eslint-import-resolver-webpack": "0.13.8", "eslint-plugin-import": "^2.29.0", diff --git a/rubocop/rubocop-migrations.yml b/rubocop/rubocop-migrations.yml index 36ef17ad6a3..c5f5adef68c 100644 --- a/rubocop/rubocop-migrations.yml +++ b/rubocop/rubocop-migrations.yml @@ -3,6 +3,7 @@ Migration/UpdateLargeTable: Enabled: true HighTrafficTables: &high_traffic_tables # size in GB (>= 10 GB on GitLab.com as of 06/2022) and/or number of records - :alert_management_alerts + - :approvals - :approval_merge_request_rules_users - :audit_events - :authentication_events @@ -22,11 +23,14 @@ Migration/UpdateLargeTable: - :ci_refs - :ci_stages - :deployments + - :deployment_merge_requests - :description_versions + - :diff_note_positions - :error_tracking_error_events - :events - :gitlab_subscriptions - :gpg_signatures + - :pm_package_version_licenses - :issues - :label_links - :lfs_objects @@ -37,24 +41,32 @@ Migration/UpdateLargeTable: - :merge_request_diff_files - :merge_request_diffs - :merge_request_metrics + - :merge_request_user_mentions - :merge_requests - :namespaces - :namespace_settings - :note_diff_files - :notes + - :oauth_access_grants + - :oauth_access_tokens - :packages_package_files + - :pm_package_versions + - :pm_package_version_licenses - :project_authorizations - :project_ci_cd_settings - :project_daily_statistics - :project_features - :projects - :project_settings + - :project_statistics - :protected_branches - :push_event_payloads - :resource_label_events - :resource_state_events - :routes + - :sbom_occurrences - :security_findings + - :security_scans - :sent_notifications - :system_note_metadata - :taggings @@ -63,7 +75,9 @@ Migration/UpdateLargeTable: - :user_details - :user_preferences - :users + - :user_agent_details - :vulnerabilities + - :vulnerability_finding_links - :vulnerability_occurrence_identifiers - :vulnerability_occurrence_pipelines - :vulnerability_occurrences diff --git a/spec/frontend/packages_and_registries/infrastructure_registry/components/details/components/__snapshots__/file_sha_spec.js.snap b/spec/frontend/packages_and_registries/infrastructure_registry/components/details/components/__snapshots__/file_sha_spec.js.snap index 8e757c136ec..a544a679ff4 100644 --- a/spec/frontend/packages_and_registries/infrastructure_registry/components/details/components/__snapshots__/file_sha_spec.js.snap +++ b/spec/frontend/packages_and_registries/infrastructure_registry/components/details/components/__snapshots__/file_sha_spec.js.snap @@ -2,9 +2,9 @@ exports[`FileSha renders 1`] = ` <div - class="gl-align-items-center gl-border-b-1 gl-border-b-solid gl-border-gray-100 gl-display-flex gl-font-monospace gl-font-sm gl-py-2 gl-word-break-all" + class="gl-align-items-top gl-border-b-1 gl-border-b-solid gl-border-gray-100 gl-display-flex gl-font-monospace gl-font-sm gl-py-2 gl-word-break-all" > - <span> + <div> <div class="gl-px-4" > @@ -23,6 +23,6 @@ exports[`FileSha renders 1`] = ` variant="default" /> </div> - </span> + </div> </div> `; diff --git a/spec/frontend/packages_and_registries/package_registry/components/details/__snapshots__/file_sha_spec.js.snap b/spec/frontend/packages_and_registries/package_registry/components/details/__snapshots__/file_sha_spec.js.snap index 8e757c136ec..a544a679ff4 100644 --- a/spec/frontend/packages_and_registries/package_registry/components/details/__snapshots__/file_sha_spec.js.snap +++ b/spec/frontend/packages_and_registries/package_registry/components/details/__snapshots__/file_sha_spec.js.snap @@ -2,9 +2,9 @@ exports[`FileSha renders 1`] = ` <div - class="gl-align-items-center gl-border-b-1 gl-border-b-solid gl-border-gray-100 gl-display-flex gl-font-monospace gl-font-sm gl-py-2 gl-word-break-all" + class="gl-align-items-top gl-border-b-1 gl-border-b-solid gl-border-gray-100 gl-display-flex gl-font-monospace gl-font-sm gl-py-2 gl-word-break-all" > - <span> + <div> <div class="gl-px-4" > @@ -23,6 +23,6 @@ exports[`FileSha renders 1`] = ` variant="default" /> </div> - </span> + </div> </div> `; diff --git a/spec/frontend/packages_and_registries/package_registry/components/details/metadata/pypi_spec.js b/spec/frontend/packages_and_registries/package_registry/components/details/metadata/pypi_spec.js index 67f5fbc9e80..39b525efdbc 100644 --- a/spec/frontend/packages_and_registries/package_registry/components/details/metadata/pypi_spec.js +++ b/spec/frontend/packages_and_registries/package_registry/components/details/metadata/pypi_spec.js @@ -21,14 +21,20 @@ describe('Package Additional Metadata', () => { }; const findPypiRequiredPython = () => wrapper.findByTestId('pypi-required-python'); + const findPypiAuthorEmail = () => wrapper.findByTestId('pypi-author-email'); + const findPypiSummary = () => wrapper.findByTestId('pypi-summary'); + const findPypiKeywords = () => wrapper.findByTestId('pypi-keywords'); beforeEach(() => { mountComponent(); }); it.each` - name | finderFunction | text | icon - ${'pypi-required-python'} | ${findPypiRequiredPython} | ${'Required Python: 1.0.0'} | ${'information-o'} + name | finderFunction | text | icon + ${'pypi-required-python'} | ${findPypiRequiredPython} | ${'Required Python: 1.0.0'} | ${'information-o'} + ${'pypi-author-email'} | ${findPypiAuthorEmail} | ${'Author email: "C. Schultz" <cschultz@example.com>'} | ${'mail'} + ${'pypi-summary'} | ${findPypiSummary} | ${'Summary: A module for collecting votes from beagles.'} | ${'doc-text'} + ${'pypi-keywords'} | ${findPypiKeywords} | ${'Keywords: dog,puppy,voting,election'} | ${'doc-text'} `('$name element', ({ finderFunction, text, icon }) => { const element = finderFunction(); expect(element.exists()).toBe(true); diff --git a/spec/frontend/packages_and_registries/package_registry/mock_data.js b/spec/frontend/packages_and_registries/package_registry/mock_data.js index 6c03f91b73d..fdd64cbe6a5 100644 --- a/spec/frontend/packages_and_registries/package_registry/mock_data.js +++ b/spec/frontend/packages_and_registries/package_registry/mock_data.js @@ -183,7 +183,10 @@ export const composerMetadata = () => ({ export const pypiMetadata = () => ({ __typename: 'PypiMetadata', id: 'pypi-1', + authorEmail: '"C. Schultz" <cschultz@example.com>', + keywords: 'dog,puppy,voting,election', requiredPython: '1.0.0', + summary: 'A module for collecting votes from beagles.', }); export const mavenMetadata = () => ({ diff --git a/spec/graphql/resolvers/ci/catalog/resources_resolver_spec.rb b/spec/graphql/resolvers/ci/catalog/resources_resolver_spec.rb index 224af664ea1..a55724b5611 100644 --- a/spec/graphql/resolvers/ci/catalog/resources_resolver_spec.rb +++ b/spec/graphql/resolvers/ci/catalog/resources_resolver_spec.rb @@ -12,7 +12,7 @@ RSpec.describe Resolvers::Ci::Catalog::ResourcesResolver, feature_category: :pip create(:project, :public, name: 'public', description: 'Test', namespace: namespace) end - let_it_be(:internal_project) { create(:project, :internal, :private, name: 'internal') } + let_it_be(:internal_project) { create(:project, :internal, name: 'internal') } let_it_be(:private_resource) { create(:ci_catalog_resource, :published, project: private_namespace_project) } let_it_be(:private_resource_2) { create(:ci_catalog_resource, project: private_namespace_project_2) } let_it_be(:public_resource) { create(:ci_catalog_resource, :published, project: public_namespace_project) } @@ -40,7 +40,7 @@ RSpec.describe Resolvers::Ci::Catalog::ResourcesResolver, feature_category: :pip context 'with an authorized user' do before_all do namespace.add_reporter(user) - internal_project.add_owner(user) + internal_project.add_reporter(user) end context 'when the project path argument is provided' do @@ -83,13 +83,14 @@ RSpec.describe Resolvers::Ci::Catalog::ResourcesResolver, feature_category: :pip context 'when the scope argument is :namespaces' do let(:scope) { 'NAMESPACES' } - it 'returns only internal and public projects of the namespaces the user is a member of' do + it 'returns projects of the namespaces the user is a member of' do namespace = create(:namespace, owner: user) internal_public_project = create(:project, :internal, name: 'internal public', namespace: namespace) create(:ci_catalog_resource, :published, project: internal_public_project) - expect(result.items.count).to be(2) - expect(result.items.pluck(:name)).to contain_exactly('public', 'internal public') + expect(result.items.count).to be(4) + expect(result.items.pluck(:name)).to contain_exactly('public', 'internal public', 'internal', + 'z private test') end end @@ -115,7 +116,9 @@ RSpec.describe Resolvers::Ci::Catalog::ResourcesResolver, feature_category: :pip end end - context 'when the current user cannot read the namespace catalog' do + context 'when the user is anonymous' do + let_it_be(:user) { nil } + it 'returns only public projects' do expect(result.items.count).to be(1) expect(result.items.pluck(:name)).to contain_exactly('public') diff --git a/spec/lib/gitlab/contributions_calendar_spec.rb b/spec/lib/gitlab/contributions_calendar_spec.rb index 732b7cb3e59..d1dbd167d48 100644 --- a/spec/lib/gitlab/contributions_calendar_spec.rb +++ b/spec/lib/gitlab/contributions_calendar_spec.rb @@ -63,65 +63,49 @@ RSpec.describe Gitlab::ContributionsCalendar, feature_category: :user_profile do end describe '#activity_dates', :aggregate_failures do - shared_examples_for 'returns a hash of date => count' do - specify do - create_event(public_project, last_week) - create_event(public_project, last_week) - create_event(public_project, today) - work_item_event = create_event(private_project, today, 0, :created, :work_item) + it 'returns a hash of date => count' do + create_event(public_project, last_week) + create_event(public_project, last_week) + create_event(public_project, today) + work_item_event = create_event(private_project, today, 0, :created, :work_item) - # make sure the target is a work item as we want to include those in the count - expect(work_item_event.target_type).to eq('WorkItem') - expect(calendar(contributor).activity_dates).to eq(last_week => 2, today => 2) - end + # make sure the target is a work item as we want to include those in the count + expect(work_item_event.target_type).to eq('WorkItem') + expect(calendar(contributor).activity_dates).to eq(last_week => 2, today => 2) end - shared_examples 'private contribution events' do - context "when the user has opted-in for private contributions" do - before do - contributor.update_column(:include_private_contributions, true) - end - - it "shows private and public events to all users" do - create_event(private_project, today) - create_event(public_project, today) + context "when the user has opted-in for private contributions" do + before do + contributor.update_column(:include_private_contributions, true) + end - expect(calendar.activity_dates[today]).to eq(2) - expect(calendar(user).activity_dates[today]).to eq(2) - expect(calendar(contributor).activity_dates[today]).to eq(2) - end + it "shows private and public events to all users" do + create_event(private_project, today) + create_event(public_project, today) - # tests for bug https://gitlab.com/gitlab-org/gitlab/-/merge_requests/74826 - it "still counts correct with feature access levels set to private" do - create_event(private_project, today) + expect(calendar.activity_dates[today]).to eq(2) + expect(calendar(user).activity_dates[today]).to eq(2) + expect(calendar(contributor).activity_dates[today]).to eq(2) + end - private_project.project_feature.update_attribute(:issues_access_level, ProjectFeature::PRIVATE) - private_project.project_feature.update_attribute(:repository_access_level, ProjectFeature::PRIVATE) - private_project.project_feature.update_attribute(:merge_requests_access_level, ProjectFeature::PRIVATE) + # tests for bug https://gitlab.com/gitlab-org/gitlab/-/merge_requests/74826 + it "still counts correct with feature access levels set to private" do + create_event(private_project, today) - expect(calendar.activity_dates[today]).to eq(1) - expect(calendar(user).activity_dates[today]).to eq(1) - expect(calendar(contributor).activity_dates[today]).to eq(1) - end + private_project.project_feature.update_attribute(:issues_access_level, ProjectFeature::PRIVATE) + private_project.project_feature.update_attribute(:repository_access_level, ProjectFeature::PRIVATE) + private_project.project_feature.update_attribute(:merge_requests_access_level, ProjectFeature::PRIVATE) - it "does not fail if there are no contributed projects" do - expect(calendar.activity_dates[today]).to eq(nil) - end + expect(calendar.activity_dates[today]).to eq(1) + expect(calendar(user).activity_dates[today]).to eq(1) + expect(calendar(contributor).activity_dates[today]).to eq(1) end - end - context 'when contributions_calendar_refactoring feature flag is disabled' do - before do - stub_feature_flags(contributions_calendar_refactoring: false) + it "does not fail if there are no contributed projects" do + expect(calendar.activity_dates[today]).to eq(nil) end - - it_behaves_like 'returns a hash of date => count' - include_examples 'private contribution events' end - it_behaves_like 'returns a hash of date => count' - include_examples 'private contribution events' - it "counts the diff notes on merge request" do create_event(public_project, today, 0, :commented, :diff_note_on_merge_request) @@ -226,22 +210,6 @@ RSpec.describe Gitlab::ContributionsCalendar, feature_category: :user_profile do expect(calendar(contributor).events_by_date(today)).to contain_exactly(e1, e2, e3) end - context 'when contributions_calendar_refactoring feature flag is disabled' do - before do - stub_feature_flags(contributions_calendar_refactoring: false) - end - - it "only shows private events to authorized users" do - e1 = create_event(public_project, today) - e2 = create_event(private_project, today) - e3 = create_event(public_project_with_private_issues, today, 0, :created, :issue) - create_event(public_project, last_week) - - expect(calendar.events_by_date(today)).to contain_exactly(e1, e3) - expect(calendar(contributor).events_by_date(today)).to contain_exactly(e1, e2, e3) - end - end - it "includes diff notes on merge request" do e1 = create_event(public_project, today, 0, :commented, :diff_note_on_merge_request) diff --git a/spec/lib/gitlab/middleware/path_traversal_check_spec.rb b/spec/lib/gitlab/middleware/path_traversal_check_spec.rb index 91081cc88ea..a0d7711c881 100644 --- a/spec/lib/gitlab/middleware/path_traversal_check_spec.rb +++ b/spec/lib/gitlab/middleware/path_traversal_check_spec.rb @@ -5,7 +5,8 @@ require 'spec_helper' RSpec.describe ::Gitlab::Middleware::PathTraversalCheck, feature_category: :shared do using RSpec::Parameterized::TableSyntax - let(:fake_response) { [200, { 'Content-Type' => 'text/plain' }, ['OK']] } + let(:fake_response_status) { 200 } + let(:fake_response) { [fake_response_status, { 'Content-Type' => 'text/plain' }, ['OK']] } let(:fake_app) { ->(_) { fake_response } } let(:middleware) { described_class.new(fake_app) } @@ -31,8 +32,11 @@ RSpec.describe ::Gitlab::Middleware::PathTraversalCheck, feature_category: :shar .and_call_original expect(::Gitlab::AppLogger) .to receive(:warn) - .with({ class_name: described_class.name, duration_ms: instance_of(Float) }) - .and_call_original + .with({ + class_name: described_class.name, + duration_ms: instance_of(Float), + status: fake_response_status + }).and_call_original expect(subject).to eq(fake_response) end @@ -61,8 +65,11 @@ RSpec.describe ::Gitlab::Middleware::PathTraversalCheck, feature_category: :shar .not_to receive(:check_path_traversal!) expect(::Gitlab::AppLogger) .to receive(:warn) - .with({ class_name: described_class.name, duration_ms: instance_of(Float) }) - .and_call_original + .with({ + class_name: described_class.name, + duration_ms: instance_of(Float), + status: fake_response_status + }).and_call_original expect(subject).to eq(fake_response) end @@ -99,7 +106,8 @@ RSpec.describe ::Gitlab::Middleware::PathTraversalCheck, feature_category: :shar duration_ms: instance_of(Float), message: described_class::PATH_TRAVERSAL_MESSAGE, fullpath: fullpath, - method: method.upcase + method: method.upcase, + status: fake_response_status }).and_call_original expect(subject).to eq(fake_response) @@ -124,7 +132,8 @@ RSpec.describe ::Gitlab::Middleware::PathTraversalCheck, feature_category: :shar class_name: described_class.name, message: described_class::PATH_TRAVERSAL_MESSAGE, fullpath: fullpath, - method: method.upcase + method: method.upcase, + status: fake_response_status }).and_call_original expect(subject).to eq(fake_response) diff --git a/spec/models/application_setting_spec.rb b/spec/models/application_setting_spec.rb index 68915515818..5a91553a923 100644 --- a/spec/models/application_setting_spec.rb +++ b/spec/models/application_setting_spec.rb @@ -1660,17 +1660,17 @@ RSpec.describe ApplicationSetting, feature_category: :shared, type: :model do end context 'with plaintext token only' do - let(:token) { '' } + let(:plaintext_token) { Devise.friendly_token(20) } - it 'ignores the plaintext token' do + it 'encrypts the plaintext token' do subject - described_class.update_all(static_objects_external_storage_auth_token: 'Test') + described_class.update!(static_objects_external_storage_auth_token: plaintext_token) setting.reload expect(setting[:static_objects_external_storage_auth_token]).to be_nil - expect(setting[:static_objects_external_storage_auth_token_encrypted]).to be_nil - expect(setting.static_objects_external_storage_auth_token).to be_nil + expect(setting[:static_objects_external_storage_auth_token_encrypted]).not_to be_nil + expect(setting.static_objects_external_storage_auth_token).to eq(plaintext_token) end end end diff --git a/spec/models/ci/catalog/listing_spec.rb b/spec/models/ci/catalog/listing_spec.rb index 75188232dba..2d20acd4091 100644 --- a/spec/models/ci/catalog/listing_spec.rb +++ b/spec/models/ci/catalog/listing_spec.rb @@ -76,7 +76,8 @@ RSpec.describe Ci::Catalog::Listing, feature_category: :pipeline_composition do context 'when the `ci_guard_query_for_catalog_resource_scope` ff is enabled' do it "returns the catalog resources belonging to the user's authorized namespaces" do - is_expected.to contain_exactly(public_resource_a, public_resource_b, internal_resource) + is_expected.to contain_exactly(public_resource_a, public_resource_b, internal_resource, + private_namespace_resource) end end diff --git a/yarn.lock b/yarn.lock index 4b7870a8eb8..eab7f35d71c 100644 --- a/yarn.lock +++ b/yarn.lock @@ -1179,10 +1179,10 @@ resolved "https://registry.yarnpkg.com/@eslint-community/regexpp/-/regexpp-4.6.2.tgz#1816b5f6948029c5eaacb0703b850ee0cb37d8f8" integrity sha512-pPTNuaAG3QMH+buKyBIGJs3g/S5y0caxw0ygM3YyE6yJFySwiGGSzA+mM3KJ8QQvzeLh3blwgSonkFjgQdxzMw== -"@eslint/eslintrc@^2.1.3": - version "2.1.3" - resolved "https://registry.yarnpkg.com/@eslint/eslintrc/-/eslintrc-2.1.3.tgz#797470a75fe0fbd5a53350ee715e85e87baff22d" - integrity sha512-yZzuIG+jnVu6hNSzFEN07e8BxF3uAzYtQb6uDkaYZLo6oYZDCq454c5kB8zxnzfCYyP4MIuyBn10L0DqwujTmA== +"@eslint/eslintrc@^2.1.4": + version "2.1.4" + resolved "https://registry.yarnpkg.com/@eslint/eslintrc/-/eslintrc-2.1.4.tgz#388a269f0f25c1b6adc317b5a2c55714894c70ad" + integrity sha512-269Z39MS6wVJtsoUl10L60WdkhJVdPG24Q4eZTH3nnF6lpvSShEK3wQjDX9JRWAUPvPh7COouPpU9IrqaZFvtQ== dependencies: ajv "^6.12.4" debug "^4.3.2" @@ -1194,10 +1194,10 @@ minimatch "^3.1.2" strip-json-comments "^3.1.1" -"@eslint/js@8.54.0": - version "8.54.0" - resolved "https://registry.yarnpkg.com/@eslint/js/-/js-8.54.0.tgz#4fab9a2ff7860082c304f750e94acd644cf984cf" - integrity sha512-ut5V+D+fOoWPgGGNj83GGjnntO39xDy6DWxO0wb7Jp3DcMX0TfIqdzHF85VTQkerdyGmuuMD9AKAo5KiNlf/AQ== +"@eslint/js@8.55.0": + version "8.55.0" + resolved "https://registry.yarnpkg.com/@eslint/js/-/js-8.55.0.tgz#b721d52060f369aa259cf97392403cb9ce892ec6" + integrity sha512-qQfo2mxH5yVom1kacMtZZJFVdW+E70mqHMJvVg6WTLo+VBuQJ4TojZlfWBjK0ve5BdEeNAVxOsl/nvNMpJOaJA== "@floating-ui/core@^1.2.6": version "1.2.6" @@ -6302,15 +6302,15 @@ eslint-visitor-keys@^3.3.0, eslint-visitor-keys@^3.4.1, eslint-visitor-keys@^3.4 resolved "https://registry.yarnpkg.com/eslint-visitor-keys/-/eslint-visitor-keys-3.4.3.tgz#0cd72fe8550e3c2eae156a96a4dddcd1c8ac5800" integrity sha512-wpc+LXeiyiisxPlEkUzU6svyS1frIO3Mgxj1fdy7Pm8Ygzguax2N3Fa/D/ag1WqbOprdI+uY6wMUl8/a2G+iag== -eslint@8.54.0: - version "8.54.0" - resolved "https://registry.yarnpkg.com/eslint/-/eslint-8.54.0.tgz#588e0dd4388af91a2e8fa37ea64924074c783537" - integrity sha512-NY0DfAkM8BIZDVl6PgSa1ttZbx3xHgJzSNJKYcQglem6CppHyMhRIQkBVSSMaSRnLhig3jsDbEzOjwCVt4AmmA== +eslint@8.55.0: + version "8.55.0" + resolved "https://registry.yarnpkg.com/eslint/-/eslint-8.55.0.tgz#078cb7b847d66f2c254ea1794fa395bf8e7e03f8" + integrity sha512-iyUUAM0PCKj5QpwGfmCAG9XXbZCWsqP/eWAWrG/W0umvjuLRBECwSFdt+rCntju0xEH7teIABPwXpahftIaTdA== dependencies: "@eslint-community/eslint-utils" "^4.2.0" "@eslint-community/regexpp" "^4.6.1" - "@eslint/eslintrc" "^2.1.3" - "@eslint/js" "8.54.0" + "@eslint/eslintrc" "^2.1.4" + "@eslint/js" "8.55.0" "@humanwhocodes/config-array" "^0.11.13" "@humanwhocodes/module-importer" "^1.0.1" "@nodelib/fs.walk" "^1.2.8" |