diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2024-01-24 06:09:32 +0300 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2024-01-24 06:09:32 +0300 |
| commit | 3f29b140ab13fd23ed35e759fd2bb6f41ba788ac (patch) | |
| tree | 14038bc12e68f9d39d0893db406d8b4fcbe78dd0 | |
| parent | 3b0fd281ca3a8b1d88f3bbfc00a4d3e56a1c3870 (diff) | |
Add latest changes from gitlab-org/gitlab@master
60 files changed, 271 insertions, 279 deletions
diff --git a/app/assets/javascripts/lib/graphql.js b/app/assets/javascripts/lib/graphql.js index 7ae78eb72c9..b1b095234e3 100644 --- a/app/assets/javascripts/lib/graphql.js +++ b/app/assets/javascripts/lib/graphql.js @@ -62,6 +62,15 @@ export const typePolicies = { }, }, }, + Dora: { + merge: true, + }, + GroupValueStreamAnalyticsFlowMetrics: { + merge: true, + }, + ProjectValueStreamAnalyticsFlowMetrics: { + merge: true, + }, }; export const stripWhitespaceFromQuery = (url, path) => { diff --git a/app/assets/javascripts/observability/client.js b/app/assets/javascripts/observability/client.js index d3ed168b68e..bbe306dec28 100644 --- a/app/assets/javascripts/observability/client.js +++ b/app/assets/javascripts/observability/client.js @@ -345,6 +345,42 @@ async function fetchMetric(searchUrl, name, type) { } } +async function fetchMetricSearchMetadata(searchMetadataUrl, name, type) { + try { + if (!name) { + throw new Error('fetchMetric() - metric name is required.'); + } + if (!type) { + throw new Error('fetchMetric() - metric type is required.'); + } + + // TODO remove mocks once API has been implemented https://gitlab.com/gitlab-org/opstrace/opstrace/-/work_items/2624 + // const params = new URLSearchParams({ + // mname: name, + // mtype: type, + // }); + // const { data } = await axios.get(searchMetadataUrl, { + // params, + // withCredentials: true, + // }); + // return data; + + return { + name: 'cpu_seconds_total', + type: 'sum', + description: 'some_description', + last_ingested_at: 1705374438711900000, + attribute_keys: ['host.name', 'host.dc', 'host.type'], + supported_aggregations: ['1m', '1h'], + supported_functions: ['min', 'max', 'avg', 'sum', 'count'], + default_group_by_attributes: ['host.name'], + default_group_by_function: ['avg'], + }; + } catch (e) { + return reportErrorAndThrow(e); + } +} + export function buildClient(config) { if (!config) { throw new Error('No options object provided'); // eslint-disable-line @gitlab/require-i18n-strings @@ -358,6 +394,7 @@ export function buildClient(config) { operationsUrl, metricsUrl, metricsSearchUrl, + metricsSearchMetadataUrl, } = config; if (typeof provisioningUrl !== 'string') { @@ -388,6 +425,10 @@ export function buildClient(config) { throw new Error('metricsSearchUrl param must be a string'); } + if (typeof metricsSearchMetadataUrl !== 'string') { + throw new Error('metricsSearchMetadataUrl param must be a string'); + } + return { enableObservability: () => enableObservability(provisioningUrl), isObservabilityEnabled: () => isObservabilityEnabled(provisioningUrl), @@ -398,5 +439,7 @@ export function buildClient(config) { fetchOperations: (serviceName) => fetchOperations(operationsUrl, serviceName), fetchMetrics: (options) => fetchMetrics(metricsUrl, options), fetchMetric: (metricName, metricType) => fetchMetric(metricsSearchUrl, metricName, metricType), + fetchMetricSearchMetadata: (metricName, metricType) => + fetchMetricSearchMetadata(metricsSearchMetadataUrl, metricName, metricType), }; } diff --git a/app/assets/javascripts/set_status_modal/set_status_form.vue b/app/assets/javascripts/set_status_modal/set_status_form.vue index b6d609ab1fa..19062e10758 100644 --- a/app/assets/javascripts/set_status_modal/set_status_form.vue +++ b/app/assets/javascripts/set_status_modal/set_status_form.vue @@ -218,7 +218,7 @@ export default { <gl-form-checkbox :checked="availability" - class="gl-mb-5" + class="gl-mb-3" data-testid="user-availability-checkbox" @input="$emit('availability-input', $event)" > diff --git a/app/models/concerns/ci/partitionable/switch.rb b/app/models/concerns/ci/partitionable/switch.rb index 6195f92114f..c4af4d646c6 100644 --- a/app/models/concerns/ci/partitionable/switch.rb +++ b/app/models/concerns/ci/partitionable/switch.rb @@ -2,8 +2,6 @@ module Ci module Partitionable - MUTEX = Mutex.new - module Switch extend ActiveSupport::Concern @@ -16,39 +14,18 @@ module Ci predicate_builder cached_find_by_statement].freeze included do |base| - install_partitioned_class(base) - end - - class_methods do - # `Class.new(partitionable_model)` triggers `partitionable_model.inherited` - # and we need the mutex to break the recursion without adding extra accessors - # on the model. This will be used during code loading, not runtime. - # - def install_partitioned_class(partitionable_model) - Partitionable::MUTEX.synchronize do - partitioned = Class.new(partitionable_model) do - self.table_name = partitionable_model.routing_table_name - - def self.routing_class? - true - end - - def self.sti_name - superclass.sti_name - end - end + partitioned = Class.new(base) do + self.table_name = base.routing_table_name - partitionable_model.const_set(:Partitioned, partitioned) + def self.routing_class? + true end end - def inherited(child_class) - super - return if Partitionable::MUTEX.owned? - - install_partitioned_class(child_class) - end + base.const_set(:Partitioned, partitioned) + end + class_methods do def routing_class? false end @@ -57,7 +34,7 @@ module Ci return false if routing_class? Gitlab::SafeRequestStore.fetch(routing_table_name_flag) do - ::Feature.enabled?(routing_table_name_flag) + ::Feature.enabled?(routing_table_name_flag, :request) end end @@ -74,13 +51,6 @@ module Ci end end end - - def type_condition(table = arel_table) - sti_column = table[inheritance_column] - sti_names = ([self] + descendants).map(&:sti_name).uniq - - predicate_builder.build(sti_column, sti_names) - end end end end diff --git a/app/models/concerns/issuable.rb b/app/models/concerns/issuable.rb index a9a00ab1c44..6913f889828 100644 --- a/app/models/concerns/issuable.rb +++ b/app/models/concerns/issuable.rb @@ -105,6 +105,7 @@ module Issuable scope :not_authored, ->(user) { where.not(author_id: user) } scope :recent, -> { reorder(id: :desc) } scope :of_projects, ->(ids) { where(project_id: ids) } + scope :with_state, ->(*states) { where(state_id: states.flatten.map { |s| STATE_ID_MAP[s] }) } scope :opened, -> { with_state(:opened) } scope :closed, -> { with_state(:closed) } diff --git a/app/models/issue.rb b/app/models/issue.rb index 1c9a8d65e3d..831e618c5f1 100644 --- a/app/models/issue.rb +++ b/app/models/issue.rb @@ -274,11 +274,6 @@ class Issue < ApplicationRecord class << self extend ::Gitlab::Utils::Override - # Alias to state machine .with_state_id method - # This needs to be defined after the state machine block to avoid errors - alias_method :with_state, :with_state_id - alias_method :with_states, :with_state_ids - override :order_upvotes_desc def order_upvotes_desc reorder(upvotes_count: :desc) diff --git a/app/models/merge_request.rb b/app/models/merge_request.rb index 39b147cfd3f..4be280a1bfa 100644 --- a/app/models/merge_request.rb +++ b/app/models/merge_request.rb @@ -215,13 +215,6 @@ class MergeRequest < ApplicationRecord state :locked, value: MergeRequest.available_states[:locked] end - # Alias to state machine .with_state_id method - # This needs to be defined after the state machine block to avoid errors - class << self - alias_method :with_state, :with_state_id - alias_method :with_states, :with_state_ids - end - state_machine :merge_status, initial: :unchecked do event :mark_as_preparing do transition unchecked: :preparing @@ -319,7 +312,7 @@ class MergeRequest < ApplicationRecord from_fork.where('source_project_id = ? OR target_project_id = ?', project.id, project.id) end scope :merged, -> { with_state(:merged) } - scope :open_and_closed, -> { with_states(:opened, :closed) } + scope :open_and_closed, -> { with_state(:opened, :closed) } scope :drafts, -> { where(draft: true) } scope :from_source_branches, ->(branches) { where(source_branch: branches) } scope :by_sorted_source_branches, ->(branches) do diff --git a/app/models/preloaders/project_root_ancestor_preloader.rb b/app/models/preloaders/project_root_ancestor_preloader.rb index 1e96e139f94..9baa469e60d 100644 --- a/app/models/preloaders/project_root_ancestor_preloader.rb +++ b/app/models/preloaders/project_root_ancestor_preloader.rb @@ -12,7 +12,7 @@ module Preloaders return unless @projects.is_a?(ActiveRecord::Relation) root_query = Namespace.joins("INNER JOIN (#{join_sql}) as root_query ON root_query.root_id = namespaces.id") - .select('namespaces.*, root_query.id as source_id') + .select('namespaces.*, root_query.project_id as source_id') root_query = root_query.preload(*@root_ancestor_preloads) if @root_ancestor_preloads.any? @@ -30,7 +30,7 @@ module Preloaders def join_sql @projects .joins(@namespace_sti_name) - .select('projects.id, namespaces.traversal_ids[1] as root_id') + .select('projects.id as project_id, namespaces.traversal_ids[1] as root_id') .to_sql end end diff --git a/app/views/profiles/_email_settings.html.haml b/app/views/profiles/_email_settings.html.haml index 0fde7fd4f19..6c50be5b702 100644 --- a/app/views/profiles/_email_settings.html.haml +++ b/app/views/profiles/_email_settings.html.haml @@ -27,7 +27,7 @@ .form-group.gl-form-group - commit_email_link_url = help_page_path('user/profile/index', anchor: 'change-the-email-displayed-on-your-commits') - commit_email_link_start = '<a href="%{url}" target="_blank" rel="noopener noreferrer">'.html_safe % { url: commit_email_link_url } - - commit_email_docs_link = s_('Profiles|This email will be used for web based operations, such as edits and merges. %{commit_email_link_start}Learn more.%{commit_email_link_end}').html_safe % { commit_email_link_start: commit_email_link_start, commit_email_link_end: '</a>'.html_safe } + - commit_email_docs_link = s_('Profiles|This email will be used for web based operations, such as edits and merges. %{commit_email_link_start}Learn more%{commit_email_link_end}.').html_safe % { commit_email_link_start: commit_email_link_start, commit_email_link_end: '</a>'.html_safe } = form.label :commit_email, s_('Profiles|Commit email') .gl-md-form-input-lg = form.select :commit_email, diff --git a/app/views/profiles/show.html.haml b/app/views/profiles/show.html.haml index 9f33ad0c2d4..6d8755718ad 100644 --- a/app/views/profiles/show.html.haml +++ b/app/views/profiles/show.html.haml @@ -108,7 +108,7 @@ .form-group.gl-form-group - external_accounts_help_url = help_page_path('user/profile/index', anchor: 'add-external-accounts-to-your-user-profile-page') - external_accounts_link = link_to '', external_accounts_help_url, target: "_blank", rel: "noopener noreferrer" - - external_accounts_docs_link = safe_format(s_('Profiles|Your Discord user ID. %{external_accounts_link_start}Learn more.%{external_accounts_link_end}'), tag_pair(external_accounts_link, :external_accounts_link_start, :external_accounts_link_end)) + - external_accounts_docs_link = safe_format(s_('Profiles|Your Discord user ID. %{external_accounts_link_start}Learn more%{external_accounts_link_end}.'), tag_pair(external_accounts_link, :external_accounts_link_start, :external_accounts_link_end)) - min_discord_length = 17 - max_discord_length = 20 = f.label :discord @@ -154,9 +154,9 @@ %fieldset.form-group.gl-form-group %legend.col-form-label = _('Private profile') - - private_profile_label = s_("Profiles|Don't display activity-related personal information on your profile.") - - private_profile_help_link = link_to sprite_icon('question-o'), help_page_path('user/profile/index', anchor: 'make-your-user-profile-page-private') - = f.gitlab_ui_checkbox_component :private_profile, '%{private_profile_label} %{private_profile_help_link}'.html_safe % { private_profile_label: private_profile_label, private_profile_help_link: private_profile_help_link.html_safe } + - private_profile_help_link = link_to _("Learn more"), help_page_path('user/profile/index', anchor: 'make-your-user-profile-page-private') + - private_profile_label = safe_format(s_("Profiles|Don't display activity-related personal information on your profile. %{private_profile_help_link_start}Learn more%{private_profile_help_link_end}."), tag_pair(private_profile_help_link, :private_profile_help_link_start, :private_profile_help_link_end)) + = f.gitlab_ui_checkbox_component :private_profile, private_profile_label %fieldset.form-group.gl-form-group %legend.col-form-label = s_("Profiles|Private contributions") diff --git a/doc/administration/gitaly/troubleshooting.md b/doc/administration/gitaly/troubleshooting.md index 2266d3ad1b2..28e117c9dab 100644 --- a/doc/administration/gitaly/troubleshooting.md +++ b/doc/administration/gitaly/troubleshooting.md @@ -499,6 +499,20 @@ Execution traces can be viewed by running: go tool trace heap.bin ``` +### Profile Git operations + +> [Introduced](https://gitlab.com/gitlab-org/gitaly/-/issues/5700) in GitLab 16.9 [with a flag](../../administration/feature_flags.md) named `log_git_traces`. Disabled by default. + +FLAG: +On self-managed GitLab, by default this feature is not available. To make it available, an administrator can [enable the feature flag](../../administration/feature_flags.md) +named `log_git_traces`. On GitLab.com, this feature is available but can be configured by GitLab.com administrators only. + +You can profile Git operations that Gitaly performs by sending additional information about Git operations to Gitaly logs. With this information, users have more insight +for performance optimization, debugging, and general telemetry collection. For more information, see the [Git Trace2 API reference](https://git-scm.com/docs/api-trace2). + +To prevent system overload, the additional information logging is rate limited. If the rate limit is exceeded, traces are skipped. However, after the rate returns to a healthy +state, the traces are processed again automatically. Rate limiting ensures that the system remains stable and avoids any adverse impact because of excessive trace processing. + ## Repositories are shown as empty after a GitLab restore When using `fapolicyd` for increased security, GitLab can report that a restore from a GitLab backup file was successful but: diff --git a/doc/api/settings.md b/doc/api/settings.md index a2854a14320..edc5962b509 100644 --- a/doc/api/settings.md +++ b/doc/api/settings.md @@ -292,7 +292,7 @@ these parameters: - `delete_unconfirmed_users` - `unconfirmed_users_delete_after_days` -Example responses: **(PREMIUM SELF)** +Example responses: ```json "file_template_project_id": 1, @@ -321,8 +321,8 @@ listed in the descriptions of the relevant settings. | `after_sign_up_text` | string | no | Text shown to the user after signing up. | | `akismet_api_key` | string | required by: `akismet_enabled` | API key for Akismet spam protection. | | `akismet_enabled` | boolean | no | (**If enabled, requires:** `akismet_api_key`) Enable or disable Akismet spam protection. | -| `allow_account_deletion` **(PREMIUM ALL)** | boolean | no | Set to `true` to allow users to delete their accounts. | -| `allow_group_owners_to_manage_ldap` **(PREMIUM ALL)** | boolean | no | Set to `true` to allow group owners to manage LDAP. | +| `allow_account_deletion` | boolean | no | Set to `true` to allow users to delete their accounts. Premium and Ultimate only. | +| `allow_group_owners_to_manage_ldap` | boolean | no | Set to `true` to allow group owners to manage LDAP. Premium and Ultimate only. | | `allow_local_requests_from_hooks_and_services` | boolean | no | (Deprecated: Use `allow_local_requests_from_web_hooks_and_services` instead) Allow requests to the local network from webhooks and integrations. | | `allow_local_requests_from_system_hooks` | boolean | no | Allow requests to the local network from system hooks. | | `allow_local_requests_from_web_hooks_and_services` | boolean | no | Allow requests to the local network from webhooks and integrations. | @@ -340,7 +340,7 @@ listed in the descriptions of the relevant settings. | `bulk_import_enabled` | boolean | no | Enable migrating GitLab groups by direct transfer. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/383268) in GitLab 15.8. Setting also [available](../administration/settings/import_and_export_settings.md#enable-migration-of-groups-and-projects-by-direct-transfer) in the Admin Area. | | `bulk_import_max_download_file_size` | integer | no | Maximum download file size when importing from source GitLab instances by direct transfer. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/384976) in GitLab 16.3. | | `can_create_group` | boolean | no | Indicates whether users can create top-level groups. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/367754) in GitLab 15.5. Defaults to `true`. | -| `check_namespace_plan` **(PREMIUM ALL)** | boolean | no | Enabling this makes only licensed EE features available to projects if the project namespace's plan includes the feature or if the project is public. | +| `check_namespace_plan` | boolean | no | Enabling this makes only licensed EE features available to projects if the project namespace's plan includes the feature or if the project is public. Premium and Ultimate only. | | `ci_max_total_yaml_size_bytes` | integer | no | The maximum amount of memory, in bytes, that can be allocated for the pipeline configuration, with all included YAML configuration files. | | `ci_max_includes` | integer | no | The [maximum number of includes](../administration/settings/continuous_integration.md#maximum-includes) per pipeline. Default is `150`. | | `commit_email_hostname` | string | no | Custom hostname (for private commit emails). | @@ -367,9 +367,9 @@ listed in the descriptions of the relevant settings. | `default_projects_limit` | integer | no | Project limit per user. Default is `100000`. | | `default_snippet_visibility` | string | no | What visibility level new snippets receive. Can take `private`, `internal` and `public` as a parameter. Default is `private`. | | `default_syntax_highlighting_theme` | integer | no | Default syntax highlighting theme for users who are new or not signed in. See [IDs of available themes](https://gitlab.com/gitlab-org/gitlab/blob/master/lib/gitlab/themes.rb#L16). | -| `default_project_deletion_protection` **(PREMIUM SELF)** | boolean | no | Enable default project deletion protection so only administrators can delete projects. Default is `false`. | -| `delete_unconfirmed_users` **(PREMIUM SELF)** | boolean | no | Specifies whether users who have not confirmed their email should be deleted. Default is `false`. When set to `true`, unconfirmed users are deleted after `unconfirmed_users_delete_after_days` days. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/352514) in GitLab 16.1. | -| `deletion_adjourned_period` **(PREMIUM SELF)** | integer | no | Number of days to wait before deleting a project or group that is marked for deletion. Value must be between `1` and `90`. Defaults to `7`. | +| `default_project_deletion_protection` | boolean | no | Enable default project deletion protection so only administrators can delete projects. Default is `false`. Self-managed, Premium and Ultimate only. | +| `delete_unconfirmed_users` | boolean | no | Specifies whether users who have not confirmed their email should be deleted. Default is `false`. When set to `true`, unconfirmed users are deleted after `unconfirmed_users_delete_after_days` days. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/352514) in GitLab 16.1. Self-managed, Premium and Ultimate only. | +| `deletion_adjourned_period` | integer | no | Number of days to wait before deleting a project or group that is marked for deletion. Value must be between `1` and `90`. Defaults to `7`. Self-managed, Premium and Ultimate only. | | `diagramsnet_enabled` | boolean | no | (If enabled, requires `diagramsnet_url`) Enable [Diagrams.net integration](../administration/integration/diagrams_net.md). Default is `true`. | | `diagramsnet_url` | string | required by: `diagramsnet_enabled` | The Diagrams.net instance URL for integration. | | `diff_max_patch_bytes` | integer | no | Maximum [diff patch size](../administration/diff_limits.md), in bytes. | @@ -377,7 +377,7 @@ listed in the descriptions of the relevant settings. | `diff_max_lines` | integer | no | Maximum [lines in a diff](../administration/diff_limits.md). | | `disable_admin_oauth_scopes` | boolean | no | Stops administrators from connecting their GitLab accounts to non-trusted OAuth 2.0 applications that have the `api`, `read_api`, `read_repository`, `write_repository`, `read_registry`, `write_registry`, or `sudo` scopes. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/375043) in GitLab 15.6. | | `disable_feed_token` | boolean | no | Disable display of RSS/Atom and calendar feed tokens. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/231493) in GitLab 13.7. | -| `disable_personal_access_token` **(PREMIUM SELF)** | boolean | no | Disable personal access tokens. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/384201) in GitLab 15.7. | +| `disable_personal_access_token` | boolean | no | Disable personal access tokens. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/384201) in GitLab 15.7. Self-managed, Premium and Ultimate only. | | `disabled_oauth_sign_in_sources` | array of strings | no | Disabled OAuth sign-in sources. | | `dns_rebinding_protection_enabled` | boolean | no | Enforce DNS-rebinding attack protection. | | `domain_denylist_enabled` | boolean | no | (**If enabled, requires:** `domain_denylist`) Allows blocking sign-ups from emails from specific domains. | @@ -392,26 +392,26 @@ listed in the descriptions of the relevant settings. | `eks_account_id` | string | no | Amazon account ID. | | `eks_integration_enabled` | boolean | no | Enable integration with Amazon EKS. | | `eks_secret_access_key` | string | no | AWS IAM secret access key. | -| `elasticsearch_aws_access_key` **(PREMIUM ALL)** | string | no | AWS IAM access key. | -| `elasticsearch_aws_region` **(PREMIUM ALL)** | string | no | The AWS region the Elasticsearch domain is configured. | -| `elasticsearch_aws_secret_access_key` **(PREMIUM ALL)** | string | no | AWS IAM secret access key. | -| `elasticsearch_aws` **(PREMIUM ALL)** | boolean | no | Enable the use of AWS hosted Elasticsearch. | -| `elasticsearch_indexed_field_length_limit` **(PREMIUM ALL)** | integer | no | Maximum size of text fields to index by Elasticsearch. 0 value means no limit. This does not apply to repository and wiki indexing. | -| `elasticsearch_indexed_file_size_limit_kb` **(PREMIUM ALL)** | integer | no | Maximum size of repository and wiki files that are indexed by Elasticsearch. | -| `elasticsearch_indexing` **(PREMIUM ALL)** | boolean | no | Enable Elasticsearch indexing. | -| `elasticsearch_requeue_workers` **(PREMIUM ALL)** | boolean | no | Enable automatic requeuing of indexing workers. This improves non-code indexing throughput by enqueuing Sidekiq jobs until all documents are processed. | -| `elasticsearch_limit_indexing` **(PREMIUM ALL)** | boolean | no | Limit Elasticsearch to index certain namespaces and projects. | -| `elasticsearch_max_bulk_concurrency` **(PREMIUM ALL)** | integer | no | Maximum concurrency of Elasticsearch bulk requests per indexing operation. This only applies to repository indexing operations. | -| `elasticsearch_max_code_indexing_concurrency` **(PREMIUM ALL)** | integer | no | Maximum concurrency of Elasticsearch code indexing background jobs. This only applies to repository indexing operations. | -| `elasticsearch_worker_number_of_shards` **(PREMIUM ALL)** | integer | no | Number of indexing worker shards. This improves non-code indexing throughput by enqueuing more parallel Sidekiq jobs. Default is `2`. | -| `elasticsearch_max_bulk_size_mb` **(PREMIUM ALL)** | integer | no | Maximum size of Elasticsearch bulk indexing requests in MB. This only applies to repository indexing operations. | -| `elasticsearch_namespace_ids` **(PREMIUM ALL)** | array of integers | no | The namespaces to index via Elasticsearch if `elasticsearch_limit_indexing` is enabled. | -| `elasticsearch_project_ids` **(PREMIUM ALL)** | array of integers | no | The projects to index via Elasticsearch if `elasticsearch_limit_indexing` is enabled. | -| `elasticsearch_search` **(PREMIUM ALL)** | boolean | no | Enable Elasticsearch search. | -| `elasticsearch_url` **(PREMIUM ALL)** | string | no | The URL to use for connecting to Elasticsearch. Use a comma-separated list to support cluster (for example, `http://localhost:9200, http://localhost:9201"`). | -| `elasticsearch_username` **(PREMIUM ALL)** | string | no | The `username` of your Elasticsearch instance. | -| `elasticsearch_password` **(PREMIUM ALL)** | string | no | The password of your Elasticsearch instance. | -| `email_additional_text` **(PREMIUM ALL)** | string | no | Additional text added to the bottom of every email for legal/auditing/compliance reasons. | +| `elasticsearch_aws_access_key` | string | no | AWS IAM access key. Premium and Ultimate only. | +| `elasticsearch_aws_region` | string | no | The AWS region the Elasticsearch domain is configured. Premium and Ultimate only. | +| `elasticsearch_aws_secret_access_key` | string | no | AWS IAM secret access key. Premium and Ultimate only. | +| `elasticsearch_aws` | boolean | no | Enable the use of AWS hosted Elasticsearch. Premium and Ultimate only. | +| `elasticsearch_indexed_field_length_limit` | integer | no | Maximum size of text fields to index by Elasticsearch. 0 value means no limit. This does not apply to repository and wiki indexing. Premium and Ultimate only. | +| `elasticsearch_indexed_file_size_limit_kb` | integer | no | Maximum size of repository and wiki files that are indexed by Elasticsearch. Premium and Ultimate only. | +| `elasticsearch_indexing` | boolean | no | Enable Elasticsearch indexing. Premium and Ultimate only. | +| `elasticsearch_requeue_workers` | boolean | no | Enable automatic requeuing of indexing workers. This improves non-code indexing throughput by enqueuing Sidekiq jobs until all documents are processed. Premium and Ultimate only. | +| `elasticsearch_limit_indexing` | boolean | no | Limit Elasticsearch to index certain namespaces and projects. Premium and Ultimate only. | +| `elasticsearch_max_bulk_concurrency` | integer | no | Maximum concurrency of Elasticsearch bulk requests per indexing operation. This only applies to repository indexing operations. Premium and Ultimate only. | +| `elasticsearch_max_code_indexing_concurrency` | integer | no | Maximum concurrency of Elasticsearch code indexing background jobs. This only applies to repository indexing operations. Premium and Ultimate only. | +| `elasticsearch_worker_number_of_shards` | integer | no | Number of indexing worker shards. This improves non-code indexing throughput by enqueuing more parallel Sidekiq jobs. Default is `2`. Premium and Ultimate only. | +| `elasticsearch_max_bulk_size_mb` | integer | no | Maximum size of Elasticsearch bulk indexing requests in MB. This only applies to repository indexing operations. Premium and Ultimate only. | +| `elasticsearch_namespace_ids` | array of integers | no | The namespaces to index via Elasticsearch if `elasticsearch_limit_indexing` is enabled. Premium and Ultimate only. | +| `elasticsearch_project_ids` | array of integers | no | The projects to index via Elasticsearch if `elasticsearch_limit_indexing` is enabled. Premium and Ultimate only. | +| `elasticsearch_search` | boolean | no | Enable Elasticsearch search. Premium and Ultimate only. | +| `elasticsearch_url` | string | no | The URL to use for connecting to Elasticsearch. Use a comma-separated list to support cluster (for example, `http://localhost:9200, http://localhost:9201"`). Premium and Ultimate only. | +| `elasticsearch_username` | string | no | The `username` of your Elasticsearch instance. Premium and Ultimate only. | +| `elasticsearch_password` | string | no | The password of your Elasticsearch instance. Premium and Ultimate only. | +| `email_additional_text` | string | no | Additional text added to the bottom of every email for legal/auditing/compliance reasons. Premium and Ultimate only. | | `email_author_in_body` | boolean | no | Some email servers do not support overriding the email sender name. Enable this option to include the name of the author of the issue, merge request or comment in the email body instead. | | `email_confirmation_setting` | string | no | Specifies whether users must confirm their email before sign in. Possible values are `off`, `soft`, and `hard`. | | `custom_http_clone_url_root` | string | no | Set a custom Git clone URL for HTTP(S). | @@ -431,12 +431,12 @@ listed in the descriptions of the relevant settings. | `static_objects_external_storage_url` | string | no | URL to an external storage for repository static objects. | | `static_objects_external_storage_auth_token` | string | required by: `static_objects_external_storage_url` | Authentication token for the external storage linked in `static_objects_external_storage_url`. | | `failed_login_attempts_unlock_period_in_minutes` | integer | no | Time period in minutes after which the user is unlocked when maximum number of failed sign-in attempts reached. | -| `file_template_project_id` **(PREMIUM ALL)** | integer | no | The ID of a project to load custom file templates from. | +| `file_template_project_id` | integer | no | The ID of a project to load custom file templates from. Premium and Ultimate only. | | `first_day_of_week` | integer | no | Start day of the week for calendar views and date pickers. Valid values are `0` (default) for Sunday, `1` for Monday, and `6` for Saturday. | | `globally_allowed_ips` | string | no | Comma-separated list of IP addresses and CIDRs always allowed for inbound traffic. For example, `1.1.1.1, 2.2.2.0/24`. | -| `geo_node_allowed_ips` **(PREMIUM ALL)** | string | yes | Comma-separated list of IPs and CIDRs of allowed secondary nodes. For example, `1.1.1.1, 2.2.2.0/24`. | -| `geo_status_timeout` **(PREMIUM ALL)** | integer | no | The amount of seconds after which a request to get a secondary node status times out. | -| `git_two_factor_session_expiry` **(PREMIUM ALL)** | integer | no | Maximum duration (in minutes) of a session for Git operations when 2FA is enabled. | +| `geo_node_allowed_ips` | string | yes | Comma-separated list of IPs and CIDRs of allowed secondary nodes. For example, `1.1.1.1, 2.2.2.0/24`. Self-managed, Premium and Ultimate only. | +| `geo_status_timeout` | integer | no | The amount of seconds after which a request to get a secondary node status times out. Self-managed, Premium and Ultimate only. | +| `git_two_factor_session_expiry` | integer | no | Maximum duration (in minutes) of a session for Git operations when 2FA is enabled. Premium and Ultimate only. | | `gitaly_timeout_default` | integer | no | Default Gitaly timeout, in seconds. This timeout is not enforced for Git fetch/push operations or Sidekiq jobs. Set to `0` to disable timeouts. | | `gitaly_timeout_fast` | integer | no | Gitaly fast operation timeout, in seconds. Some Gitaly operations are expected to be fast. If they exceed this threshold, there may be a problem with a storage shard and 'failing fast' can help maintain the stability of the GitLab instance. Set to `0` to disable timeouts. | | `gitaly_timeout_medium` | integer | no | Medium Gitaly timeout, in seconds. This should be a value between the Fast and the Default timeout. Set to `0` to disable timeouts. | @@ -445,12 +445,12 @@ listed in the descriptions of the relevant settings. | `grafana_enabled` | boolean | no | Enable Grafana. | | `grafana_url` | string | no | Grafana URL. | | `gravatar_enabled` | boolean | no | Enable Gravatar. | -| `group_owners_can_manage_default_branch_protection` **(PREMIUM SELF)** | boolean | no | Prevent overrides of default branch protection. | +| `group_owners_can_manage_default_branch_protection` | boolean | no | Prevent overrides of default branch protection. Self-managed, Premium and Ultimate only.| | `hashed_storage_enabled` | boolean | no | Create new projects using hashed storage paths: Enable immutable, hash-based paths and repository names to store repositories on disk. This prevents repositories from having to be moved or renamed when the Project URL changes and may improve disk I/O performance. (Always enabled in GitLab versions 13.0 and later, configuration is scheduled for removal in 14.0) | | `help_page_hide_commercial_content` | boolean | no | Hide marketing-related entries from help. | | `help_page_support_url` | string | no | Alternate support URL for help page and help dropdown list. | | `help_page_text` | string | no | Custom text displayed on the help page. | -| `help_text` **(PREMIUM ALL)** | string | no | Deprecated: Use `description` parameter in the [Appearance API](../api/appearance.md). Custom text in sign-in page. | +| `help_text` | string | no | Deprecated: Use `description` parameter in the [Appearance API](../api/appearance.md). Custom text in sign-in page. Premium and Ultimate only. | | `hide_third_party_offers` | boolean | no | Do not display offers from third parties in GitLab. | | `home_page_url` | string | no | Redirect to this URL when not logged in. | | `housekeeping_bitmaps_enabled` | boolean | no | Deprecated. Git packfile bitmap creation is always enabled and cannot be changed via API and UI. Always returns `true`. | @@ -469,8 +469,8 @@ listed in the descriptions of the relevant settings. | `local_markdown_version` | integer | no | Increase this value when any cached Markdown should be invalidated. | | `mailgun_signing_key` | string | no | The Mailgun HTTP webhook signing key for receiving events from webhook. | | `mailgun_events_enabled` | boolean | no | Enable Mailgun event receiver. | -| `maintenance_mode_message` **(PREMIUM ALL)** | string | no | Message displayed when instance is in maintenance mode. | -| `maintenance_mode` **(PREMIUM ALL)** | boolean | no | When instance is in maintenance mode, non-administrative users can sign in with read-only access and make read-only API requests. | +| `maintenance_mode_message` | string | no | Message displayed when instance is in maintenance mode. Premium and Ultimate only. | +| `maintenance_mode` | boolean | no | When instance is in maintenance mode, non-administrative users can sign in with read-only access and make read-only API requests. Premium and Ultimate only. | | `max_artifacts_size` | integer | no | Maximum artifacts size in MB. | | `max_attachment_size` | integer | no | Limit attachment size in MB. | | `max_decompressed_archive_size` | integer | no | Maximum decompressed file size for imported archives in MB. Set to `0` for unlimited. Default is `25600`. | @@ -479,35 +479,35 @@ listed in the descriptions of the relevant settings. | `max_import_remote_file_size` | integer | no | Maximum remote file size for imports from external object storages. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/384976) in GitLab 16.3. | | `max_login_attempts` | integer | no | Maximum number of sign-in attempts before locking out the user. | | `max_pages_size` | integer | no | Maximum size of pages repositories in MB. | -| `max_personal_access_token_lifetime` **(ULTIMATE SELF)** | integer | no | Maximum allowable lifetime for access tokens in days. When left blank, default value of 365 is applied. When set, value must be 365 or less. When changed, existing access tokens with an expiration date beyond the maximum allowable lifetime are revoked.| -| `max_ssh_key_lifetime` **(ULTIMATE SELF)** | integer | no | Maximum allowable lifetime for SSH keys in days. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/1007) in GitLab 14.6. | +| `max_personal_access_token_lifetime` | integer | no | Maximum allowable lifetime for access tokens in days. When left blank, default value of 365 is applied. When set, value must be 365 or less. When changed, existing access tokens with an expiration date beyond the maximum allowable lifetime are revoked. Self-managed, Ultimate only.| +| `max_ssh_key_lifetime` | integer | no | Maximum allowable lifetime for SSH keys in days. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/1007) in GitLab 14.6. Self-managed, Ultimate only.| | `max_terraform_state_size_bytes` | integer | no | Maximum size in bytes of the [Terraform state](../administration/terraform_state.md) files. Set this to 0 for unlimited file size. | | `metrics_method_call_threshold` | integer | no | A method call is only tracked when it takes longer than the given amount of milliseconds. | -| `max_number_of_repository_downloads` **(ULTIMATE SELF)** | integer | no | Maximum number of unique repositories a user can download in the specified time period before they are banned. Default: 0, Maximum: 10,000 repositories. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/87980) in GitLab 15.1. | -| `max_number_of_repository_downloads_within_time_period` **(ULTIMATE SELF)** | integer | no | Reporting time period (in seconds). Default: 0, Maximum: 864000 seconds (10 days). [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/87980) in GitLab 15.1. | +| `max_number_of_repository_downloads` | integer | no | Maximum number of unique repositories a user can download in the specified time period before they are banned. Default: 0, Maximum: 10,000 repositories. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/87980) in GitLab 15.1. Self-managed, Ultimate only. | +| `max_number_of_repository_downloads_within_time_period` | integer | no | Reporting time period (in seconds). Default: 0, Maximum: 864000 seconds (10 days). [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/87980) in GitLab 15.1. Self-managed, Ultimate only. | | `max_yaml_depth` | integer | no | The maximum depth of nested CI/CD configuration added with the [`include` keyword](../ci/yaml/index.md#include). Default: `100`. | | `max_yaml_size_bytes` | integer | no | The maximum size in bytes of a single CI/CD configuration file. Default: `1048576`. | -| `git_rate_limit_users_allowlist` **(ULTIMATE SELF)** | array of strings | no | List of usernames excluded from Git anti-abuse rate limits. Default: `[]`, Maximum: 100 usernames. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/90815) in GitLab 15.2. | -| `git_rate_limit_users_alertlist` **(ULTIMATE SELF)** | array of integers | no | List of user IDs that are emailed when the Git abuse rate limit is exceeded. Default: `[]`, Maximum: 100 user IDs. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/110201) in GitLab 15.9. | -| `auto_ban_user_on_excessive_projects_download` **(ULTIMATE SELF)** | boolean | no | When enabled, users will get automatically banned from the application when they download more than the maximum number of unique projects in the time period specified by `max_number_of_repository_downloads` and `max_number_of_repository_downloads_within_time_period` respectively. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/94153) in GitLab 15.4 | +| `git_rate_limit_users_allowlist` | array of strings | no | List of usernames excluded from Git anti-abuse rate limits. Default: `[]`, Maximum: 100 usernames. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/90815) in GitLab 15.2. Self-managed, Ultimate only. | +| `git_rate_limit_users_alertlist` | array of integers | no | List of user IDs that are emailed when the Git abuse rate limit is exceeded. Default: `[]`, Maximum: 100 user IDs. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/110201) in GitLab 15.9. Self-managed, Ultimate only. | +| `auto_ban_user_on_excessive_projects_download` | boolean | no | When enabled, users will get automatically banned from the application when they download more than the maximum number of unique projects in the time period specified by `max_number_of_repository_downloads` and `max_number_of_repository_downloads_within_time_period` respectively. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/94153) in GitLab 15.4. Self-managed, Ultimate only. | | `mirror_available` | boolean | no | Allow repository mirroring to configured by project Maintainers. If disabled, only Administrators can configure repository mirroring. | -| `mirror_capacity_threshold` **(PREMIUM ALL)** | integer | no | Minimum capacity to be available before scheduling more mirrors preemptively. | -| `mirror_max_capacity` **(PREMIUM ALL)** | integer | no | Maximum number of mirrors that can be synchronizing at the same time. | -| `mirror_max_delay` **(PREMIUM ALL)** | integer | no | Maximum time (in minutes) between updates that a mirror can have when scheduled to synchronize. | -| `maven_package_requests_forwarding` **(PREMIUM ALL)** | boolean | no | Use repo.maven.apache.org as a default remote repository when the package is not found in the GitLab Package Registry for Maven. | -| `npm_package_requests_forwarding` **(PREMIUM ALL)** | boolean | no | Use npmjs.org as a default remote repository when the package is not found in the GitLab Package Registry for npm. | -| `pypi_package_requests_forwarding` **(PREMIUM ALL)** | boolean | no | Use pypi.org as a default remote repository when the package is not found in the GitLab Package Registry for PyPI. | +| `mirror_capacity_threshold` | integer | no | Minimum capacity to be available before scheduling more mirrors preemptively. Premium and Ultimate only. | +| `mirror_max_capacity` | integer | no | Maximum number of mirrors that can be synchronizing at the same time. Premium and Ultimate only. | +| `mirror_max_delay` | integer | no | Maximum time (in minutes) between updates that a mirror can have when scheduled to synchronize. Premium and Ultimate only. | +| `maven_package_requests_forwarding` | boolean | no | Use repo.maven.apache.org as a default remote repository when the package is not found in the GitLab Package Registry for Maven. Premium and Ultimate only. | +| `npm_package_requests_forwarding` | boolean | no | Use npmjs.org as a default remote repository when the package is not found in the GitLab Package Registry for npm. Premium and Ultimate only. | +| `pypi_package_requests_forwarding` | boolean | no | Use pypi.org as a default remote repository when the package is not found in the GitLab Package Registry for PyPI. Premium and Ultimate only. | | `outbound_local_requests_whitelist` | array of strings | no | Define a list of trusted domains or IP addresses to which local requests are allowed when local requests for webhooks and integrations are disabled. | `package_registry_allow_anyone_to_pull_option` | boolean | no | Enable to [allow anyone to pull from Package Registry](../user/packages/package_registry/index.md#allow-anyone-to-pull-from-package-registry) visible and changeable. -| `package_metadata_purl_types` **(ULTIMATE SELF)** | array of integers | no | List of [package registry metadata to sync](../administration/settings/security_and_compliance.md#choose-package-registry-metadata-to-sync). See [the list](https://gitlab.com/gitlab-org/gitlab/-/blob/ace16c20d5da7c4928dd03fb139692638b557fe3/app/models/concerns/enums/package_metadata.rb#L5) of the available values. +| `package_metadata_purl_types` | array of integers | no | List of [package registry metadata to sync](../administration/settings/security_and_compliance.md#choose-package-registry-metadata-to-sync). See [the list](https://gitlab.com/gitlab-org/gitlab/-/blob/ace16c20d5da7c4928dd03fb139692638b557fe3/app/models/concerns/enums/package_metadata.rb#L5) of the available values. Self-managed, Ultimate only. | | `pages_domain_verification_enabled` | boolean | no | Require users to prove ownership of custom domains. Domain verification is an essential security measure for public GitLab sites. Users are required to demonstrate they control a domain before it is enabled. | | `password_authentication_enabled_for_git` | boolean | no | Enable authentication for Git over HTTP(S) via a GitLab account password. Default is `true`. | | `password_authentication_enabled_for_web` | boolean | no | Enable authentication for the web interface via a GitLab account password. Default is `true`. | -| `minimum_password_length` **(PREMIUM ALL)** | integer | no | Indicates whether passwords require a minimum length. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/85763) in GitLab 15.1. | -| `password_number_required` **(PREMIUM ALL)** | boolean | no | Indicates whether passwords require at least one number. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/85763) in GitLab 15.1. | -| `password_symbol_required` **(PREMIUM ALL)** | boolean | no | Indicates whether passwords require at least one symbol character. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/85763) in GitLab 15.1. | -| `password_uppercase_required` **(PREMIUM ALL)** | boolean | no | Indicates whether passwords require at least one uppercase letter. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/85763) in GitLab 15.1. | -| `password_lowercase_required` **(PREMIUM ALL)** | boolean | no | Indicates whether passwords require at least one lowercase letter. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/85763) in GitLab 15.1. | +| `minimum_password_length` | integer | no | Indicates whether passwords require a minimum length. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/85763) in GitLab 15.1. Premium and Ultimate only. | +| `password_number_required` | boolean | no | Indicates whether passwords require at least one number. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/85763) in GitLab 15.1. Premium and Ultimate only. | +| `password_symbol_required` | boolean | no | Indicates whether passwords require at least one symbol character. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/85763) in GitLab 15.1. Premium and Ultimate only. | +| `password_uppercase_required` | boolean | no | Indicates whether passwords require at least one uppercase letter. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/85763) in GitLab 15.1. Premium and Ultimate only. | +| `password_lowercase_required` | boolean | no | Indicates whether passwords require at least one lowercase letter. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/85763) in GitLab 15.1. Premium and Ultimate only. | | `performance_bar_allowed_group_id` | string | no | (Deprecated: Use `performance_bar_allowed_group_path` instead) Path of the group that is allowed to toggle the performance bar. | | `performance_bar_allowed_group_path` | string | no | Path of the group that is allowed to toggle the performance bar. | | `performance_bar_enabled` | boolean | no | (Deprecated: Pass `performance_bar_allowed_group_path: nil` instead) Allow enabling the performance bar. | @@ -541,7 +541,7 @@ listed in the descriptions of the relevant settings. | `recaptcha_site_key` | string | required by: `recaptcha_enabled` | Site key for reCAPTCHA. | | `receive_max_input_size` | integer | no | Maximum push size (MB). | | `repository_checks_enabled` | boolean | no | GitLab periodically runs `git fsck` in all project and wiki repositories to look for silent disk corruption issues. | -| `repository_size_limit` **(PREMIUM ALL)** | integer | no | Size limit per repository (MB) | +| `repository_size_limit` | integer | no | Size limit per repository (MB). Premium and Ultimate only. | | `repository_storages_weighted` | hash of strings to integers | no | (GitLab 13.1 and later) Hash of names of taken from `gitlab.yml` to [weights](../administration/repository_storage_paths.md#configure-where-new-repositories-are-stored). New projects are created in one of these stores, chosen by a weighted random selection. | | `require_admin_approval_after_user_signup` | boolean | no | When enabled, any user that signs up for an account using the registration form is placed under a **Pending approval** state and has to be explicitly [approved](../administration/moderate_users.md) by an administrator. | | `require_two_factor_authentication` | boolean | no | (**If enabled, requires:** `two_factor_grace_period`) Require all users to set up Two-factor authentication. | @@ -552,7 +552,7 @@ listed in the descriptions of the relevant settings. | `security_txt_content` | string | no | [Public security contact information](../administration/settings/security_contact_information.md). [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/433210) in GitLab 16.7. | | `service_access_tokens_expiration_enforced` | boolean | no | Flag to indicate if token expiry date can be optional for service account users | | `shared_runners_enabled` | boolean | no | (**If enabled, requires:** `shared_runners_text` and `shared_runners_minutes`) Enable shared runners for new projects. | -| `shared_runners_minutes` **(PREMIUM ALL)** | integer | required by: `shared_runners_enabled` | Set the maximum number of compute minutes that a group can use on shared runners per month. | +| `shared_runners_minutes` | integer | required by: `shared_runners_enabled` | Set the maximum number of compute minutes that a group can use on shared runners per month. Premium and Ultimate only. | | `shared_runners_text` | string | required by: `shared_runners_enabled` | Shared runners text. | | `runner_token_expiration_interval` | integer | no | Set the expiration time (in seconds) of authentication tokens of newly registered instance runners. Minimum value is 7200 seconds. For more information, see [Automatically rotate authentication tokens](../ci/runners/configure_runners.md#automatically-rotate-runner-authentication-tokens). | | `group_runner_token_expiration_interval` | integer | no | Set the expiration time (in seconds) of authentication tokens of newly registered group runners. Minimum value is 7200 seconds. For more information, see [Automatically rotate authentication tokens](../ci/runners/configure_runners.md#automatically-rotate-runner-authentication-tokens). | @@ -608,7 +608,7 @@ listed in the descriptions of the relevant settings. | `throttle_unauthenticated_web_requests_per_period` | integer | required by:<br>`throttle_unauthenticated_web_enabled` | Max requests per period per IP. | | `time_tracking_limit_to_hours` | boolean | no | Limit display of time tracking units to hours. Default is `false`. | | `two_factor_grace_period` | integer | required by: `require_two_factor_authentication` | Amount of time (in hours) that users are allowed to skip forced configuration of two-factor authentication. | -| `unconfirmed_users_delete_after_days` **(PREMIUM SELF)** | integer | no | Specifies how many days after sign-up to delete users who have not confirmed their email. Only applicable if `delete_unconfirmed_users` is set to `true`. Must be `1` or greater. Default is `7`. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/352514) in GitLab 16.1. | +| `unconfirmed_users_delete_after_days` | integer | no | Specifies how many days after sign-up to delete users who have not confirmed their email. Only applicable if `delete_unconfirmed_users` is set to `true`. Must be `1` or greater. Default is `7`. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/352514) in GitLab 16.1. Self-managed, Premium and Ultimate only.| | `unique_ips_limit_enabled` | boolean | no | (**If enabled, requires:** `unique_ips_limit_per_user` and `unique_ips_limit_time_window`) Limit sign in from multiple IPs. | | `unique_ips_limit_per_user` | integer | required by: `unique_ips_limit_enabled` | Maximum number of IPs per user. | | `unique_ips_limit_time_window` | integer | required by: `unique_ips_limit_enabled` | How many seconds an IP is counted towards the limit. | diff --git a/doc/api/users.md b/doc/api/users.md index c7282b01285..e0ffe69e8ef 100644 --- a/doc/api/users.md +++ b/doc/api/users.md @@ -151,9 +151,9 @@ You can use all [parameters available for everyone](#for-non-administrator-users | `two_factor` | string | no | Filter users by Two-factor authentication. Filter values are `enabled` or `disabled`. By default it returns all users | | `without_projects` | boolean | no | Filter users without projects. Default is `false`, which means that all users are returned, with and without projects. | | `admins` | boolean | no | Return only administrators. Default is `false` | -| `auditors` **(PREMIUM ALL)** | boolean | no | Return only auditor users. Default is `false`. If not included, it returns all users. | -| `saml_provider_id` **(PREMIUM ALL)** | number | no | Return only users created by the specified SAML provider ID. If not included, it returns all users. | -| `skip_ldap` **(PREMIUM ALL)** | boolean | no | Skip LDAP users. | +| `auditors` | boolean | no | Return only auditor users. Default is `false`. If not included, it returns all users. Premium and Ultimate only. | +| `saml_provider_id` | number | no | Return only users created by the specified SAML provider ID. If not included, it returns all users. Premium and Ultimate only. | +| `skip_ldap` | boolean | no | Skip LDAP users. Premium and Ultimate only. | ```json [ @@ -549,7 +549,7 @@ Parameters: | Attribute | Required | Description | | :----------------------------------- | :------- | :------------------------------------------------------------------------------------------------------------------------------------------------------ | | `admin` | No | User is an administrator. Valid values are `true` or `false`. Defaults to false. -| `auditor` **(PREMIUM ALL)** | No | User is an auditor. Valid values are `true` or `false`. Defaults to false. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/366404) in GitLab 15.3. | +| `auditor` | No | User is an auditor. Valid values are `true` or `false`. Defaults to false. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/366404) in GitLab 15.3. Premium and Ultimate only. | | `avatar` | No | Image file for user's avatar | | `bio` | No | User's biography | | `can_create_group` | No | User can create top-level groups - true or false | @@ -558,7 +558,7 @@ Parameters: | `email` | Yes | Email | | `extern_uid` | No | External UID | | `external` | No | Flags the user as external - true or false (default) | -| `extra_shared_runners_minutes_limit` **(PREMIUM ALL)** | No | Can be set by administrators only. Additional compute minutes for this user. | +| `extra_shared_runners_minutes_limit` | No | Can be set by administrators only. Additional compute minutes for this user. Premium and Ultimate only. | | `force_random_password` | No | Set user password to a random value - true or false (default) | | `group_id_for_saml` | No | ID of group where SAML has been configured | | `linkedin` | No | LinkedIn | @@ -573,7 +573,7 @@ Parameters: | `provider` | No | External provider name | | `public_email` | No | User's public email address | | `reset_password` | No | Send user password reset link - true or false(default) | -| `shared_runners_minutes_limit` **(PREMIUM ALL)** | No | Can be set by administrators only. Maximum number of monthly compute minutes for this user. Can be `nil` (default; inherit system default), `0` (unlimited), or `> 0`. | +| `shared_runners_minutes_limit` | No | Can be set by administrators only. Maximum number of monthly compute minutes for this user. Can be `nil` (default; inherit system default), `0` (unlimited), or `> 0`. Premium and Ultimate only. | | `skip_confirmation` | No | Skip confirmation - true or false (default) | | `skype` | No | Skype ID | | `theme_id` | No | GitLab theme for the user (for more information, see the [user preference documentation](../user/profile/preferences.md#change-the-color-theme) for more information) | @@ -601,7 +601,7 @@ Parameters: | Attribute | Required | Description | | :----------------------------------- | :------- | :------------------------------------------------------------------------------------------------------------------------------------------------------ | | `admin` | No |User is an administrator. Valid values are `true` or `false`. Defaults to false. -| `auditor` **(PREMIUM ALL)** | No | User is an auditor. Valid values are `true` or `false`. Defaults to false. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/366404) in GitLab 15.3.(default) | +| `auditor` | No | User is an auditor. Valid values are `true` or `false`. Defaults to false. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/366404) in GitLab 15.3.(default) Premium and Ultimate only. | | `avatar` | No | Image file for user's avatar | | `bio` | No | User's biography | | `can_create_group` | No | User can create groups - true or false | @@ -610,7 +610,7 @@ Parameters: | `email` | No | Email | | `extern_uid` | No | External UID | | `external` | No | Flags the user as external - true or false (default) | -| `extra_shared_runners_minutes_limit` **(PREMIUM ALL)** | No | Can be set by administrators only. Additional compute minutes for this user. | +| `extra_shared_runners_minutes_limit` | No | Can be set by administrators only. Additional compute minutes for this user. Premium and Ultimate only. | | `group_id_for_saml` | No | ID of group where SAML has been configured | | `id` | Yes | ID of the user | | `linkedin` | No | LinkedIn | @@ -624,7 +624,7 @@ Parameters: | `pronouns` | No | Pronouns | | `provider` | No | External provider name | | `public_email` | No | Public email of the user (must be already verified) | -| `shared_runners_minutes_limit` **(PREMIUM ALL)** | No | Can be set by administrators only. Maximum number of monthly compute minutes for this user. Can be `nil` (default; inherit system default), `0` (unlimited) or `> 0`. | +| `shared_runners_minutes_limit` | No | Can be set by administrators only. Maximum number of monthly compute minutes for this user. Can be `nil` (default; inherit system default), `0` (unlimited) or `> 0`. Premium and Ultimate only. | | `skip_reconfirmation` | No | Skip reconfirmation - true or false (default) | | `skype` | No | Skype ID | | `theme_id` | No | GitLab theme for the user (for more information, see the [user preference documentation](../user/profile/preferences.md#change-the-color-theme) for more information) | @@ -1292,7 +1292,7 @@ error occurs a `400 Bad Request` is returned with a message explaining the error ``` NOTE: -This also adds an audit event. **(PREMIUM ALL)** +This also adds an audit event. ## Delete SSH key for current user diff --git a/doc/ci/jobs/job_artifacts.md b/doc/ci/jobs/job_artifacts.md index 34da3be9370..29a542668c1 100644 --- a/doc/ci/jobs/job_artifacts.md +++ b/doc/ci/jobs/job_artifacts.md @@ -245,7 +245,8 @@ For example: Files returned by this endpoint always have the `plain/text` content type. -In both examples, replace `<project-id>` with a valid project ID, found at the top of the project details page. +In both examples, replace `<project-id>` with a valid project ID. You can find the project ID on the, +[project overview page](../../user/project/working_with_projects.md#access-the-project-overview-page-by-using-the-project-id). Artifacts for [parent and child pipelines](../pipelines/downstream_pipelines.md#parent-child-pipelines) are searched in hierarchical order from parent to child. For example, if both parent and diff --git a/doc/integration/jira/dvcs/troubleshooting.md b/doc/integration/jira/dvcs/troubleshooting.md index 04113975f06..15f35d9089c 100644 --- a/doc/integration/jira/dvcs/troubleshooting.md +++ b/doc/integration/jira/dvcs/troubleshooting.md @@ -23,7 +23,8 @@ Error obtaining access token. Cannot access https://gitlab.example.com from Jira When you use GitLab 15.0 and later with Jira Server, you might encounter a [session token bug in Jira](https://jira.atlassian.com/browse/JSWSERVER-21389). -To resolve this issue, ensure Jira Server is version 9.1.0 and later or 8.20.11 and later. +This bug affects Jira Server versions 8.20.8, 8.22.3, 8.22.4, 9.4.6, and 9.4.14. +To resolve this issue, ensure you use Jira Server version 9.1.0 and later or 8.20.11 and later. ## SSL and TLS problems diff --git a/doc/user/application_security/api_fuzzing/index.md b/doc/user/application_security/api_fuzzing/index.md index cab8c926def..3005e220f8b 100644 --- a/doc/user/application_security/api_fuzzing/index.md +++ b/doc/user/application_security/api_fuzzing/index.md @@ -24,13 +24,6 @@ Web API fuzzing runs in the `fuzz` stage of the CI/CD pipeline. To ensure API fu latest code, your CI/CD pipeline should deploy changes to a test environment in one of the stages preceding the `fuzz` stage. -Note the following changes have been made to the API fuzzing template: - -- In GitLab 14.0 and later, you must define a `fuzz` stage in your `.gitlab-ci.yml` file. -- In GitLab 13.12 and earlier, the API fuzzing template defines `build`, `test`, `deploy`, and - `fuzz` stages. The `fuzz` stage runs last by default. The predefined stages were deprecated, and removed from the `API-Fuzzing.latest.gitlab-ci.yml` template. We plan to remove them in a future GitLab - version. - If your pipeline is configured to deploy to the same web server on each run, running a pipeline while another is still running could cause a race condition in which one pipeline overwrites the code from another. The API to scan should be excluded from changes for the duration diff --git a/doc/user/application_security/dast/browser_based.md b/doc/user/application_security/dast/browser_based.md index c0d71a95f91..70c331f8840 100644 --- a/doc/user/application_security/dast/browser_based.md +++ b/doc/user/application_security/dast/browser_based.md @@ -302,8 +302,14 @@ The browser-based analyzer does not have an equivalent for proxy-based checks th ## Managing scan time -It is expected that running the browser-based crawler results in better coverage for many web applications, when compared to the standard GitLab DAST solution. -This can come at a cost of increased scan time. +Running the browser-based crawler results in better coverage for many web applications when compared to the proxy-based scanner, and this increased coverage can come at a cost of increased scan time. + +Scan time is affected by: + +- The response time of the target site +- The number of browsers concurrently running scans +- The number and complexity of pages that are crawled +- The number and complexity of security checks that are run You can manage the trade-off between coverage and scan time with the following measures: @@ -315,6 +321,7 @@ You can manage the trade-off between coverage and scan time with the following m - Prevent pages from being crawled using the [variable](#available-cicd-variables) `DAST_EXCLUDE_URLS`. - Prevent elements being selected using the [variable](#available-cicd-variables) `DAST_BROWSER_EXCLUDED_ELEMENTS`. Use with caution, as defining this variable causes an extra lookup for each page crawled. - If the target application has minimal or fast rendering, consider reducing the [variable](#available-cicd-variables) `DAST_BROWSER_DOM_READY_AFTER_TIMEOUT` to a smaller value. The default is `500ms`. +- Selectively include only specific security checks. Use this, for example, to target a vulnerability type, such as cross-site scripting. Consider using the [variable](#available-cicd-variables) `DAST_EXCLUDE_RULES` to exclude security checks your team is not concerned about or `DAST_BROWSER_INCLUDE_ONLY_RULES` to run only security checks your team is concerned about. ## Timeouts diff --git a/doc/user/packages/composer_repository/index.md b/doc/user/packages/composer_repository/index.md index c116a43293b..ffa8a8a71c5 100644 --- a/doc/user/packages/composer_repository/index.md +++ b/doc/user/packages/composer_repository/index.md @@ -40,7 +40,7 @@ Prerequisites: error (`Validation failed: Version is invalid`) occurs when you publish. - A valid `composer.json` file at the project root directory. - The Packages feature is enabled in a GitLab repository. -- The project ID, which is on the project's home page. +- The project ID, which is displayed on the [project overview page](../../project/working_with_projects.md#access-the-project-overview-page-by-using-the-project-id). - One of the following token types: - A [personal access token](../../../user/profile/personal_access_tokens.md) with the scope set to `api`. - A [deploy token](../../project/deploy_tokens/index.md) diff --git a/doc/user/packages/conan_repository/index.md b/doc/user/packages/conan_repository/index.md index 72f36ca4e80..f3d89051efa 100644 --- a/doc/user/packages/conan_repository/index.md +++ b/doc/user/packages/conan_repository/index.md @@ -185,7 +185,7 @@ Prerequisites: - A local [Conan package](https://docs.conan.io/en/latest/creating_packages/getting_started.html) must exist. - For an instance remote, the package must meet the [naming convention](#package-recipe-naming-convention-for-instance-remotes). -- You must have the project ID, which is on the project's homepage. +- You must have the project ID, which is displayed on the [project overview page](../../project/working_with_projects.md#access-the-project-overview-page-by-using-the-project-id). To publish the package, use the `conan upload` command: diff --git a/doc/user/packages/maven_repository/index.md b/doc/user/packages/maven_repository/index.md index bd5311276c6..419e9c81666 100644 --- a/doc/user/packages/maven_repository/index.md +++ b/doc/user/packages/maven_repository/index.md @@ -289,7 +289,7 @@ For the instance-level endpoint, ensure the relevant section of your `pom.xml` i | Endpoint | Endpoint URL for `pom.xml` | Additional information | |----------|--------------------------------------------------------------------------|------------------------| -| Project | `https://gitlab.example.com/api/v4/projects/<project_id>/packages/maven` | Replace `gitlab.example.com` with your domain name. Replace `<project_id>` with your project ID, found on your project's homepage. | +| Project | `https://gitlab.example.com/api/v4/projects/<project_id>/packages/maven` | Replace `gitlab.example.com` with your domain name. Replace `<project_id>` with your project ID, found on your [project overview page](../../project/working_with_projects.md#access-the-project-overview-page-by-using-the-project-id). | | Group | `https://gitlab.example.com/api/v4/groups/<group_id>/-/packages/maven` | Replace `gitlab.example.com` with your domain name. Replace `<group_id>` with your group ID, found on your group's homepage. | | Instance | `https://gitlab.example.com/api/v4/packages/maven` | Replace `gitlab.example.com` with your domain name. | diff --git a/doc/user/packages/npm_registry/index.md b/doc/user/packages/npm_registry/index.md index 7a94db939cc..b229721feab 100644 --- a/doc/user/packages/npm_registry/index.md +++ b/doc/user/packages/npm_registry/index.md @@ -66,7 +66,7 @@ Create or edit the `.npmrc` file in the same directory as your `package.json`. I - Replace `@scope` with the [root level group](#naming-convention) of the project you're publishing to the package to. - Replace `your_domain_name` with your domain name, for example, `gitlab.com`. -- Replace `your_project_id` is your project ID, found on the project's home page. +- Replace `your_project_id` is your project ID, found on the [project overview page](../../project/working_with_projects.md#access-the-project-overview-page-by-using-the-project-id). - `"${NPM_TOKEN}"` is associated with the token you created later in the process. WARNING: @@ -158,7 +158,7 @@ In these examples: - Replace `your_domain_name` with your domain name, for example, `gitlab.com`. - Replace `your_group_id` with your group ID, found on the group's home page. -- Replace `your_project_id` is your project ID, found on the project's home page. +- Replace `your_project_id` is your project ID, found on the [project overview page](../../project/working_with_projects.md#access-the-project-overview-page-by-using-the-project-id). - Replace `your_token` with a deploy token, group access token, project access token, or personal access token. NOTE: @@ -224,7 +224,7 @@ To install a package from the instance level, the package must have been publish - Replace `@scope` with the [root level group](#naming-convention) of the project you're installing to the package from. - Replace `your_domain_name` with your domain name, for example, `gitlab.com`. - - Replace `your_project_id` is your project ID, found on the project's home page. + - Replace `your_project_id` is your project ID, found on the [project overview page](../../project/working_with_projects.md#access-the-project-overview-page-by-using-the-project-id). 1. Install the package diff --git a/doc/user/packages/nuget_repository/index.md b/doc/user/packages/nuget_repository/index.md index 76a97834a73..6df4f5b80c4 100644 --- a/doc/user/packages/nuget_repository/index.md +++ b/doc/user/packages/nuget_repository/index.md @@ -61,7 +61,7 @@ Prerequisites: both. - A name for your source. - Depending on the [endpoint level](#use-the-gitlab-endpoint-for-nuget-packages) you use, either: - - Your project ID, which is found on your project's home page. + - Your project ID, which is found on your [project overview page](../../project/working_with_projects.md#access-the-project-overview-page-by-using-the-project-id). - Your group ID, which is found on your group's home page. You can now add a new source to NuGet with: diff --git a/doc/user/packages/rubygems_registry/index.md b/doc/user/packages/rubygems_registry/index.md index f9017d9b5a7..cb522fee2b4 100644 --- a/doc/user/packages/rubygems_registry/index.md +++ b/doc/user/packages/rubygems_registry/index.md @@ -71,7 +71,7 @@ https://gitlab.example.com/api/v4/projects/<project_id>/packages/rubygems: '<you ``` - `<your token>` must be the token value of either your personal access token or deploy token. -- Your project ID is on your project's home page. +- Your project ID is displayed on the [project overview page](../../project/working_with_projects.md#access-the-project-overview-page-by-using-the-project-id). ### Authenticate with a CI job token diff --git a/doc/user/packages/yarn_repository/index.md b/doc/user/packages/yarn_repository/index.md index 99f456bc1cb..6ef206c1a60 100644 --- a/doc/user/packages/yarn_repository/index.md +++ b/doc/user/packages/yarn_repository/index.md @@ -9,7 +9,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w You can publish packages with [Yarn 1 (Classic)](https://classic.yarnpkg.com) and [Yarn 2+](https://yarnpkg.com). To find the Yarn version used in the deployment container, run `yarn --version` in the `script` block of the CI -script job block that is responsible for calling `yarn publish`**`. The Yarn version is shown in the pipeline output. +script job block that is responsible for calling `yarn publish`. The Yarn version is shown in the pipeline output. Learn how to build a [Yarn](../workflows/build_packages.md#yarn) package. @@ -48,7 +48,7 @@ In this configuration: - Replace `<my-org>` with your organization scope, exclude the `@` symbol. - Replace `<your_domain>` with your domain name. -- Replace `<your_project_id>` with your project's ID, which you can find on the project's home page. +- Replace `<your_project_id>` with your project's ID, which you can find on the [project overview page](../../project/working_with_projects.md#access-the-project-overview-page-by-using-the-project-id). - Replace `<your_token>` with a deployment token, group access token, project access token, or personal access token. Scoped registry does not work in Yarn Classic in `package.json` file, based on @@ -251,7 +251,7 @@ Use these steps for each project in the `.yarnrc.yml` file: - Replace `<my-org>` with the root level group of the project you're installing to the package from excluding the `@` symbol. - Replace `<your_domain_name>` with your domain name, for example, `gitlab.com`. -- Replace `<your_project_id>` with your project ID, found on the project's home page. +- Replace `<your_project_id>` with your project ID, found on the [project overview page](../../project/working_with_projects.md#access-the-project-overview-page-by-using-the-project-id). #### Set the registry (project level) @@ -266,7 +266,7 @@ npmRegistries: - Replace `<your_domain_name>` with your domain name, for example, `gitlab.com`. - Replace `<your_token>` with a deployment token (recommended), group access token, project access token, or personal access token. -- Replace `<your_project_id>` with your project ID, found on the project's home page. +- Replace `<your_project_id>` with your project ID, found on the [project overview page](../../project/working_with_projects.md#access-the-project-overview-page-by-using-the-project-id). ### Install the package diff --git a/lib/gitlab/graphql/query_analyzers/ast/logger_analyzer.rb b/lib/gitlab/graphql/query_analyzers/ast/logger_analyzer.rb index 9a7069249ec..dcc0ea0a965 100644 --- a/lib/gitlab/graphql/query_analyzers/ast/logger_analyzer.rb +++ b/lib/gitlab/graphql/query_analyzers/ast/logger_analyzer.rb @@ -32,6 +32,7 @@ module Gitlab results[:duration_s] = duration(results[:time_started]) results[:used_fields] = field_usages[:used_fields] results[:used_deprecated_fields] = field_usages[:used_deprecated_fields] + results[:used_deprecated_arguments] = field_usages[:used_deprecated_arguments] push_to_request_store(results) diff --git a/locale/gitlab.pot b/locale/gitlab.pot index 1fd9195a114..4becc3dc9f4 100644 --- a/locale/gitlab.pot +++ b/locale/gitlab.pot @@ -37684,7 +37684,7 @@ msgstr "" msgid "Profiles|Do not show on profile" msgstr "" -msgid "Profiles|Don't display activity-related personal information on your profile." +msgid "Profiles|Don't display activity-related personal information on your profile. %{private_profile_help_link_start}Learn more%{private_profile_help_link_end}." msgstr "" msgid "Profiles|Edit Profile" @@ -37861,7 +37861,7 @@ msgstr "" msgid "Profiles|This email will be displayed on your public profile." msgstr "" -msgid "Profiles|This email will be used for web based operations, such as edits and merges. %{commit_email_link_start}Learn more.%{commit_email_link_end}" +msgid "Profiles|This email will be used for web based operations, such as edits and merges. %{commit_email_link_start}Learn more%{commit_email_link_end}." msgstr "" msgid "Profiles|This emoji and message will appear on your profile and throughout the interface." @@ -37939,7 +37939,7 @@ msgstr "" msgid "Profiles|You must transfer ownership or delete these groups before you can delete your account." msgstr "" -msgid "Profiles|Your Discord user ID. %{external_accounts_link_start}Learn more.%{external_accounts_link_end}" +msgid "Profiles|Your Discord user ID. %{external_accounts_link_start}Learn more%{external_accounts_link_end}." msgstr "" msgid "Profiles|Your LinkedIn profile name from linkedin.com/in/profilename" diff --git a/spec/controllers/graphql_controller_spec.rb b/spec/controllers/graphql_controller_spec.rb index bc73168ff1a..e568c0b713c 100644 --- a/spec/controllers/graphql_controller_spec.rb +++ b/spec/controllers/graphql_controller_spec.rb @@ -684,6 +684,7 @@ RSpec.describe GraphqlController, feature_category: :integrations do operation_name: 'getProject_1', complexity: 3, depth: 2, + used_deprecated_arguments: [], used_deprecated_fields: [], used_fields: ['Project.id', 'Project.name', 'Query.project'], variables: '{}' @@ -692,6 +693,7 @@ RSpec.describe GraphqlController, feature_category: :integrations do operation_name: 'getProject_2', complexity: 2, depth: 2, + used_deprecated_arguments: [], used_deprecated_fields: [], used_fields: ['Project.id', 'Query.project'], variables: '{}' diff --git a/spec/frontend/__helpers__/mock_observability_client.js b/spec/frontend/__helpers__/mock_observability_client.js index 571ee68f9bf..38664fba731 100644 --- a/spec/frontend/__helpers__/mock_observability_client.js +++ b/spec/frontend/__helpers__/mock_observability_client.js @@ -9,6 +9,7 @@ export function createMockClient() { operationsUrl: 'operations-url', metricsUrl: 'metrics-url', metricsSearchUrl: 'metrics-search-url', + metricsSearchMetadataUrl: 'metrics-search-metadata-url', }); Object.getOwnPropertyNames(mockClient) diff --git a/spec/frontend/observability/client_spec.js b/spec/frontend/observability/client_spec.js index e3196861659..0e80953b470 100644 --- a/spec/frontend/observability/client_spec.js +++ b/spec/frontend/observability/client_spec.js @@ -20,6 +20,7 @@ describe('buildClient', () => { const operationsUrl = 'https://example.com/services/$SERVICE_NAME$/operations'; const metricsUrl = 'https://example.com/metrics'; const metricsSearchUrl = 'https://example.com/metrics/search'; + const metricsSearchMetadataUrl = 'https://example.com/metrics/searchmetadata'; const FETCHING_TRACES_ERROR = 'traces are missing/invalid in the response'; const apiConfig = { @@ -30,6 +31,7 @@ describe('buildClient', () => { operationsUrl, metricsUrl, metricsSearchUrl, + metricsSearchMetadataUrl, }; const getQueryParam = () => decodeURIComponent(axios.get.mock.calls[0][1].params.toString()); diff --git a/spec/lib/bulk_imports/common/graphql/get_members_query_spec.rb b/spec/lib/bulk_imports/common/graphql/get_members_query_spec.rb index 4a97e092141..f8dd73cdf16 100644 --- a/spec/lib/bulk_imports/common/graphql/get_members_query_spec.rb +++ b/spec/lib/bulk_imports/common/graphql/get_members_query_spec.rb @@ -9,16 +9,7 @@ RSpec.describe BulkImports::Common::Graphql::GetMembersQuery, feature_category: subject(:query) { described_class.new(context: context) } - it 'has a valid query' do - parsed_query = GraphQL::Query.new( - GitlabSchema, - query.to_s, - variables: query.variables - ) - result = GitlabSchema.static_validator.validate(parsed_query) - - expect(result[:errors]).to be_empty - end + it_behaves_like 'a valid Direct Transfer GraphQL query' describe '#data_path' do it 'returns data path' do diff --git a/spec/lib/bulk_imports/groups/graphql/get_group_query_spec.rb b/spec/lib/bulk_imports/groups/graphql/get_group_query_spec.rb index d03b8d8b5b2..95bb417c8b1 100644 --- a/spec/lib/bulk_imports/groups/graphql/get_group_query_spec.rb +++ b/spec/lib/bulk_imports/groups/graphql/get_group_query_spec.rb @@ -2,22 +2,13 @@ require 'spec_helper' -RSpec.describe BulkImports::Groups::Graphql::GetGroupQuery do +RSpec.describe BulkImports::Groups::Graphql::GetGroupQuery, feature_category: :importers do let_it_be(:tracker) { create(:bulk_import_tracker) } let_it_be(:context) { BulkImports::Pipeline::Context.new(tracker) } subject(:query) { described_class.new(context: context) } - it 'has a valid query' do - parsed_query = GraphQL::Query.new( - GitlabSchema, - query.to_s, - variables: query.variables - ) - result = GitlabSchema.static_validator.validate(parsed_query) - - expect(result[:errors]).to be_empty - end + it_behaves_like 'a valid Direct Transfer GraphQL query' describe '#variables' do it 'returns query variables based on entity information' do diff --git a/spec/lib/bulk_imports/groups/graphql/get_projects_query_spec.rb b/spec/lib/bulk_imports/groups/graphql/get_projects_query_spec.rb index fe28e3959a0..fdbb44c3ec3 100644 --- a/spec/lib/bulk_imports/groups/graphql/get_projects_query_spec.rb +++ b/spec/lib/bulk_imports/groups/graphql/get_projects_query_spec.rb @@ -2,22 +2,13 @@ require 'spec_helper' -RSpec.describe BulkImports::Groups::Graphql::GetProjectsQuery do +RSpec.describe BulkImports::Groups::Graphql::GetProjectsQuery, feature_category: :importers do let_it_be(:tracker) { create(:bulk_import_tracker) } let_it_be(:context) { BulkImports::Pipeline::Context.new(tracker) } subject(:query) { described_class.new(context: context) } - it 'has a valid query' do - parsed_query = GraphQL::Query.new( - GitlabSchema, - query.to_s, - variables: query.variables - ) - result = GitlabSchema.static_validator.validate(parsed_query) - - expect(result[:errors]).to be_empty - end + it_behaves_like 'a valid Direct Transfer GraphQL query' context 'with invalid variables' do it 'raises an error' do diff --git a/spec/lib/bulk_imports/projects/graphql/get_project_query_spec.rb b/spec/lib/bulk_imports/projects/graphql/get_project_query_spec.rb index 6593aa56506..75d52977054 100644 --- a/spec/lib/bulk_imports/projects/graphql/get_project_query_spec.rb +++ b/spec/lib/bulk_imports/projects/graphql/get_project_query_spec.rb @@ -2,22 +2,13 @@ require 'spec_helper' -RSpec.describe BulkImports::Projects::Graphql::GetProjectQuery do +RSpec.describe BulkImports::Projects::Graphql::GetProjectQuery, feature_category: :importers do let_it_be(:tracker) { create(:bulk_import_tracker) } let_it_be(:context) { BulkImports::Pipeline::Context.new(tracker) } subject(:query) { described_class.new(context: context) } - it 'has a valid query' do - parsed_query = GraphQL::Query.new( - GitlabSchema, - query.to_s, - variables: query.variables - ) - result = GitlabSchema.static_validator.validate(parsed_query) - - expect(result[:errors]).to be_empty - end + it_behaves_like 'a valid Direct Transfer GraphQL query' it 'queries project based on source_full_path' do expected = { full_path: tracker.entity.source_full_path } diff --git a/spec/lib/bulk_imports/projects/graphql/get_repository_query_spec.rb b/spec/lib/bulk_imports/projects/graphql/get_repository_query_spec.rb index 8ed105bc0c9..cc2030fd40b 100644 --- a/spec/lib/bulk_imports/projects/graphql/get_repository_query_spec.rb +++ b/spec/lib/bulk_imports/projects/graphql/get_repository_query_spec.rb @@ -2,22 +2,13 @@ require 'spec_helper' -RSpec.describe BulkImports::Projects::Graphql::GetRepositoryQuery do +RSpec.describe BulkImports::Projects::Graphql::GetRepositoryQuery, feature_category: :importers do let_it_be(:tracker) { create(:bulk_import_tracker) } let_it_be(:context) { BulkImports::Pipeline::Context.new(tracker) } subject(:query) { described_class.new(context: context) } - it 'has a valid query' do - parsed_query = GraphQL::Query.new( - GitlabSchema, - query.to_s, - variables: query.variables - ) - result = GitlabSchema.static_validator.validate(parsed_query) - - expect(result[:errors]).to be_empty - end + it_behaves_like 'a valid Direct Transfer GraphQL query' it 'returns project repository url' do expect(subject.to_s).to include('httpUrlToRepo') diff --git a/spec/lib/bulk_imports/projects/graphql/get_snippet_repository_query_spec.rb b/spec/lib/bulk_imports/projects/graphql/get_snippet_repository_query_spec.rb index 1bd4106297d..f949895aaf9 100644 --- a/spec/lib/bulk_imports/projects/graphql/get_snippet_repository_query_spec.rb +++ b/spec/lib/bulk_imports/projects/graphql/get_snippet_repository_query_spec.rb @@ -2,23 +2,14 @@ require 'spec_helper' -RSpec.describe BulkImports::Projects::Graphql::GetSnippetRepositoryQuery do +RSpec.describe BulkImports::Projects::Graphql::GetSnippetRepositoryQuery, feature_category: :importers do let_it_be(:entity) { create(:bulk_import_entity) } let_it_be(:tracker) { create(:bulk_import_tracker, entity: entity) } let_it_be(:context) { BulkImports::Pipeline::Context.new(tracker) } subject(:query) { described_class.new(context: context) } - it 'has a valid query' do - parsed_query = GraphQL::Query.new( - GitlabSchema, - query.to_s, - variables: query.variables - ) - result = GitlabSchema.static_validator.validate(parsed_query) - - expect(result[:errors]).to be_empty - end + it_behaves_like 'a valid Direct Transfer GraphQL query' it 'returns snippet httpUrlToRepo' do expect(subject.to_s).to include('httpUrlToRepo') diff --git a/spec/lib/gitlab/graphql/query_analyzers/ast/logger_analyzer_spec.rb b/spec/lib/gitlab/graphql/query_analyzers/ast/logger_analyzer_spec.rb index a5274d49fdb..bcdb7965276 100644 --- a/spec/lib/gitlab/graphql/query_analyzers/ast/logger_analyzer_spec.rb +++ b/spec/lib/gitlab/graphql/query_analyzers/ast/logger_analyzer_spec.rb @@ -39,6 +39,7 @@ RSpec.describe Gitlab::Graphql::QueryAnalyzers::AST::LoggerAnalyzer do expect(result[:complexity]).to eq 3 expect(result[:used_fields]).to eq ['Note.id', 'CreateNotePayload.note', 'Mutation.createNote'] expect(result[:used_deprecated_fields]).to eq [] + expect(result[:used_deprecated_arguments]).to eq [] request = result.except(:duration_s).merge({ operation_name: 'createNote', diff --git a/spec/lib/gitlab/graphql/tracers/logger_tracer_spec.rb b/spec/lib/gitlab/graphql/tracers/logger_tracer_spec.rb index 20792fb4554..6eef6827f10 100644 --- a/spec/lib/gitlab/graphql/tracers/logger_tracer_spec.rb +++ b/spec/lib/gitlab/graphql/tracers/logger_tracer_spec.rb @@ -35,6 +35,7 @@ RSpec.describe Gitlab::Graphql::Tracers::LoggerTracer do "query_analysis.complexity" => 1, "query_analysis.depth" => 1, "query_analysis.used_deprecated_fields" => [], + "query_analysis.used_deprecated_arguments" => [], "query_analysis.used_fields" => ["FakeQuery.helloWorld"], duration_s: be > 0, is_mutation: false, diff --git a/spec/models/concerns/ci/partitionable/switch_spec.rb b/spec/models/concerns/ci/partitionable/switch_spec.rb index c6e2ed265bd..2750d52067f 100644 --- a/spec/models/concerns/ci/partitionable/switch_spec.rb +++ b/spec/models/concerns/ci/partitionable/switch_spec.rb @@ -97,25 +97,6 @@ RSpec.describe Ci::Partitionable::Switch, :aggregate_failures do it { expect(partitioned_model.sequence_name).to eq('_test_ci_jobs_metadata_id_seq') } - context 'with singe table inheritance' do - let(:child_model) do - Class.new(model) do - def self.name - 'TestSwitchJobMetadataChild' - end - end - end - - it 'adds a Partitioned model for each descendant' do - expect(model::Partitioned).not_to eq(child_model::Partitioned) - end - - it 'uses the parent name in STI queries' do - recorder = ActiveRecord::QueryRecorder.new { child_model.all.load } - expect(recorder.log).to include(/"type" = 'TestSwitchJobMetadataChild'/) - end - end - context 'when switching the tables' do before do stub_feature_flags(table_rollout_flag => false) diff --git a/spec/requests/api/graphql/gitlab_schema_spec.rb b/spec/requests/api/graphql/gitlab_schema_spec.rb index 060a1b42cb6..48342ba9a57 100644 --- a/spec/requests/api/graphql/gitlab_schema_spec.rb +++ b/spec/requests/api/graphql/gitlab_schema_spec.rb @@ -199,6 +199,7 @@ RSpec.describe 'GitlabSchema configurations', feature_category: :integrations do "query_analysis.complexity" => 181, "query_analysis.depth" => 13, "query_analysis.used_deprecated_fields" => an_instance_of(Array), + "query_analysis.used_deprecated_arguments" => an_instance_of(Array), "query_analysis.used_fields" => an_instance_of(Array) ) ) diff --git a/spec/requests/api/graphql_spec.rb b/spec/requests/api/graphql_spec.rb index 2e6ec6d02e7..bdc3d0acdf7 100644 --- a/spec/requests/api/graphql_spec.rb +++ b/spec/requests/api/graphql_spec.rb @@ -24,6 +24,7 @@ RSpec.describe 'GraphQL', feature_category: :shared do "query_analysis.complexity" => 1, "query_analysis.used_fields" => ['Query.echo'], "query_analysis.used_deprecated_fields" => [], + "query_analysis.used_deprecated_arguments" => [], # query_fingerprint starts with operation name query_fingerprint: %r{^anonymous/}, duration_s: kind_of(Numeric), diff --git a/spec/support/shared_examples/bulk_imports/graphql_query_shared_examples.rb b/spec/support/shared_examples/bulk_imports/graphql_query_shared_examples.rb new file mode 100644 index 00000000000..e32a0669ac5 --- /dev/null +++ b/spec/support/shared_examples/bulk_imports/graphql_query_shared_examples.rb @@ -0,0 +1,43 @@ +# frozen_string_literal: true + +RSpec.shared_examples 'a valid Direct Transfer GraphQL query' do + let(:graphql_log) do + GitlabSchema.execute( + query.to_s, + variables: query.variables + ) + + RequestStore.store[:graphql_logs].first + end + + it 'has a valid query' do + parsed_query = GraphQL::Query.new( + GitlabSchema, + query.to_s, + variables: query.variables + ) + + result = GitlabSchema.static_validator.validate(parsed_query) + + expect(result[:errors]).to be_empty + end + + it 'does not use any deprecated GraphQL schema' do + expect(graphql_log.keys).to include( + :used_deprecated_fields, + :used_deprecated_arguments + ) + expect(graphql_log[:used_deprecated_fields]).to be_empty + expect(graphql_log[:used_deprecated_arguments]).to be_empty + end + + it 'does not exceed max authenticated complexity' do + expect(graphql_log).to have_key(:complexity) + expect(graphql_log[:complexity]).to be < GitlabSchema::AUTHENTICATED_MAX_COMPLEXITY + end + + it 'does not exceed max depth' do + expect(graphql_log).to have_key(:depth) + expect(graphql_log[:depth]).to be < GitlabSchema::DEFAULT_MAX_DEPTH + end +end diff --git a/spec/views/profiles/show.html.haml_spec.rb b/spec/views/profiles/show.html.haml_spec.rb index e88b1bf4053..0c5c17c5e3e 100644 --- a/spec/views/profiles/show.html.haml_spec.rb +++ b/spec/views/profiles/show.html.haml_spec.rb @@ -20,9 +20,9 @@ RSpec.describe 'profiles/show' do expect(rendered).to have_field('user_name', with: user.name) expect(rendered).to have_field('user_id', with: user.id) - expectd_link = help_page_path('user/profile/index', anchor: 'change-the-email-displayed-on-your-commits') - expected_link_html = "<a href=\"#{expectd_link}\" target=\"_blank\" " \ - "rel=\"noopener noreferrer\">#{_('Learn more.')}</a>" + expected_link = help_page_path('user/profile/index', anchor: 'change-the-email-displayed-on-your-commits') + expected_link_html = "<a href=\"#{expected_link}\" target=\"_blank\" " \ + "rel=\"noopener noreferrer\">#{_('Learn more')}</a>." expect(rendered.include?(expected_link_html)).to eq(true) end diff --git a/spec/workers/onboarding/progress_worker_spec.rb b/spec/workers/onboarding/progress_worker_spec.rb index da760c23367..1eb44c57769 100644 --- a/spec/workers/onboarding/progress_worker_spec.rb +++ b/spec/workers/onboarding/progress_worker_spec.rb @@ -7,9 +7,11 @@ RSpec.describe Onboarding::ProgressWorker, '#perform', feature_category: :onboar let_it_be(:action) { 'git_pull' } it_behaves_like 'records an onboarding progress action', :git_pull do - include_examples 'an idempotent worker' do - subject { described_class.new.perform(namespace.id, action) } - end + subject { described_class.new.perform(namespace.id, action) } + end + + it_behaves_like 'an idempotent worker' do + let(:job_args) { [namespace.id, action] } end it_behaves_like 'does not record an onboarding progress action' do diff --git a/spec/workers/packages/cleanup/execute_policy_worker_spec.rb b/spec/workers/packages/cleanup/execute_policy_worker_spec.rb index fc3ed1f3a05..78561c1de45 100644 --- a/spec/workers/packages/cleanup/execute_policy_worker_spec.rb +++ b/spec/workers/packages/cleanup/execute_policy_worker_spec.rb @@ -39,7 +39,7 @@ RSpec.describe Packages::Cleanup::ExecutePolicyWorker, feature_category: :packag let_it_be(:package_file1) { create(:package_file, file_name: 'test1', package: package) } let_it_be(:package_file2) { create(:package_file, file_name: 'test1', package: package) } - include_examples 'an idempotent worker' do + it_behaves_like 'an idempotent worker' do it 'executes the policy' do expect(::Packages::Cleanup::ExecutePolicyService) .to receive(:new).with(policy).and_call_original diff --git a/spec/workers/packages/cleanup_package_registry_worker_spec.rb b/spec/workers/packages/cleanup_package_registry_worker_spec.rb index 0d2f9629327..7742d76a151 100644 --- a/spec/workers/packages/cleanup_package_registry_worker_spec.rb +++ b/spec/workers/packages/cleanup_package_registry_worker_spec.rb @@ -83,7 +83,7 @@ RSpec.describe Packages::CleanupPackageRegistryWorker, feature_category: :packag context 'with nuget symbols pending destruction' do let_it_be(:nuget_symbol) { create(:nuget_symbol, :stale) } - include_examples 'an idempotent worker' do + it_behaves_like 'an idempotent worker' do it 'queues the cleanup job' do expect(Packages::Nuget::CleanupStaleSymbolsWorker).to receive(:perform_with_capacity) @@ -93,7 +93,7 @@ RSpec.describe Packages::CleanupPackageRegistryWorker, feature_category: :packag end context 'with no nuget symbols pending destruction' do - include_examples 'an idempotent worker' do + it_behaves_like 'an idempotent worker' do it 'does not queue the cleanup job' do expect(Packages::Nuget::CleanupStaleSymbolsWorker).not_to receive(:perform_with_capacity) diff --git a/spec/workers/packages/composer/cache_update_worker_spec.rb b/spec/workers/packages/composer/cache_update_worker_spec.rb index cc3047895d4..1612b04af13 100644 --- a/spec/workers/packages/composer/cache_update_worker_spec.rb +++ b/spec/workers/packages/composer/cache_update_worker_spec.rb @@ -19,7 +19,7 @@ RSpec.describe Packages::Composer::CacheUpdateWorker, type: :worker, feature_cat stub_composer_cache_object_storage end - include_examples 'an idempotent worker' do + it_behaves_like 'an idempotent worker' do context 'creating a package' do it 'does nothing' do expect { subject }.to change { Packages::Composer::CacheFile.count }.by(0) diff --git a/spec/workers/packages/npm/deprecate_package_worker_spec.rb b/spec/workers/packages/npm/deprecate_package_worker_spec.rb index 100a8a3af73..295610fe921 100644 --- a/spec/workers/packages/npm/deprecate_package_worker_spec.rb +++ b/spec/workers/packages/npm/deprecate_package_worker_spec.rb @@ -18,7 +18,7 @@ RSpec.describe Packages::Npm::DeprecatePackageWorker, feature_category: :package } end - include_examples 'an idempotent worker' do + it_behaves_like 'an idempotent worker' do let(:job_args) { [project.id, params] } it 'calls the deprecation service' do diff --git a/spec/workers/pipeline_process_worker_spec.rb b/spec/workers/pipeline_process_worker_spec.rb index 6ee91b4579d..d7d790af381 100644 --- a/spec/workers/pipeline_process_worker_spec.rb +++ b/spec/workers/pipeline_process_worker_spec.rb @@ -13,7 +13,7 @@ RSpec.describe PipelineProcessWorker, feature_category: :continuous_integration expect(described_class.get_deduplication_options).to include({ if_deduplicated: :reschedule_once, ttl: 1.minute }) end - include_examples 'an idempotent worker' do + it_behaves_like 'an idempotent worker' do let(:pipeline) { create(:ci_pipeline, :created) } let(:job_args) { [pipeline.id] } diff --git a/spec/workers/process_commit_worker_spec.rb b/spec/workers/process_commit_worker_spec.rb index 956e29ec7f4..afd8158536b 100644 --- a/spec/workers/process_commit_worker_spec.rb +++ b/spec/workers/process_commit_worker_spec.rb @@ -49,7 +49,7 @@ RSpec.describe ProcessCommitWorker, feature_category: :source_code_management do end end - include_examples 'an idempotent worker' do + it_behaves_like 'an idempotent worker' do before do allow(commit).to receive(:safe_message).and_return("Closes #{issue.to_reference}") issue.metrics.update!(first_mentioned_in_commit_at: nil) diff --git a/spec/workers/project_destroy_worker_spec.rb b/spec/workers/project_destroy_worker_spec.rb index d699393d7a0..5473f3419f9 100644 --- a/spec/workers/project_destroy_worker_spec.rb +++ b/spec/workers/project_destroy_worker_spec.rb @@ -10,7 +10,7 @@ RSpec.describe ProjectDestroyWorker, feature_category: :source_code_management d subject(:worker) { described_class.new } - include_examples 'an idempotent worker' do + it_behaves_like 'an idempotent worker' do let(:job_args) { [project.id, user.id, {}] } it 'does not change projects when run twice' do diff --git a/spec/workers/projects/process_sync_events_worker_spec.rb b/spec/workers/projects/process_sync_events_worker_spec.rb index 7047d8e8653..eb2d8222acf 100644 --- a/spec/workers/projects/process_sync_events_worker_spec.rb +++ b/spec/workers/projects/process_sync_events_worker_spec.rb @@ -8,7 +8,7 @@ RSpec.describe Projects::ProcessSyncEventsWorker, feature_category: :cell do subject(:worker) { described_class.new } - include_examples 'an idempotent worker' + it_behaves_like 'an idempotent worker' it 'has the `until_executed` deduplicate strategy' do expect(described_class.get_deduplicate_strategy).to eq(:until_executed) diff --git a/spec/workers/projects/schedule_refresh_build_artifacts_size_statistics_worker_spec.rb b/spec/workers/projects/schedule_refresh_build_artifacts_size_statistics_worker_spec.rb index b2111b2efb0..0d5d46afab0 100644 --- a/spec/workers/projects/schedule_refresh_build_artifacts_size_statistics_worker_spec.rb +++ b/spec/workers/projects/schedule_refresh_build_artifacts_size_statistics_worker_spec.rb @@ -6,7 +6,7 @@ RSpec.describe Projects::ScheduleRefreshBuildArtifactsSizeStatisticsWorker, feat subject(:worker) { described_class.new } describe '#perform' do - include_examples 'an idempotent worker' do + it_behaves_like 'an idempotent worker' do it 'schedules Projects::RefreshBuildArtifactsSizeStatisticsWorker to be performed with capacity' do expect(Projects::RefreshBuildArtifactsSizeStatisticsWorker).to receive(:perform_with_capacity).twice diff --git a/spec/workers/purge_dependency_proxy_cache_worker_spec.rb b/spec/workers/purge_dependency_proxy_cache_worker_spec.rb index 49ef73bad53..d8be6cdd1a1 100644 --- a/spec/workers/purge_dependency_proxy_cache_worker_spec.rb +++ b/spec/workers/purge_dependency_proxy_cache_worker_spec.rb @@ -22,7 +22,7 @@ RSpec.describe PurgeDependencyProxyCacheWorker, feature_category: :dependency_pr context 'an admin user' do context 'when admin mode is enabled', :enable_admin_mode do - include_examples 'an idempotent worker' do + it_behaves_like 'an idempotent worker' do let(:job_args) { [user.id, group_id] } it 'marks the blobs as pending_destruction and returns ok', :aggregate_failures do diff --git a/spec/workers/repository_update_remote_mirror_worker_spec.rb b/spec/workers/repository_update_remote_mirror_worker_spec.rb index 61b9441ec27..9ec37563f32 100644 --- a/spec/workers/repository_update_remote_mirror_worker_spec.rb +++ b/spec/workers/repository_update_remote_mirror_worker_spec.rb @@ -72,7 +72,7 @@ RSpec.describe RepositoryUpdateRemoteMirrorWorker, :clean_gitlab_redis_shared_st end end - include_examples 'an idempotent worker' do + it_behaves_like 'an idempotent worker' do let(:job_args) { [remote_mirror.id, scheduled_time] } end end diff --git a/spec/workers/schedule_merge_request_cleanup_refs_worker_spec.rb b/spec/workers/schedule_merge_request_cleanup_refs_worker_spec.rb index 173374b02a5..0688dc6bd8c 100644 --- a/spec/workers/schedule_merge_request_cleanup_refs_worker_spec.rb +++ b/spec/workers/schedule_merge_request_cleanup_refs_worker_spec.rb @@ -19,7 +19,7 @@ RSpec.describe ScheduleMergeRequestCleanupRefsWorker, feature_category: :code_re worker.perform end - include_examples 'an idempotent worker' do + it_behaves_like 'an idempotent worker' do it 'schedules MergeRequestCleanupRefsWorker to be performed with capacity' do expect(MergeRequestCleanupRefsWorker).to receive(:perform_with_capacity).twice diff --git a/spec/workers/ssh_keys/expired_notification_worker_spec.rb b/spec/workers/ssh_keys/expired_notification_worker_spec.rb index f3ba586c21e..ec86091b6c1 100644 --- a/spec/workers/ssh_keys/expired_notification_worker_spec.rb +++ b/spec/workers/ssh_keys/expired_notification_worker_spec.rb @@ -43,7 +43,7 @@ RSpec.describe SshKeys::ExpiredNotificationWorker, type: :worker, feature_catego expect { worker.perform }.to change { expired_today.reload.expiry_notification_delivered_at } end - include_examples 'an idempotent worker' do + it_behaves_like 'an idempotent worker' do subject do perform_multiple(worker: worker) end diff --git a/spec/workers/ssh_keys/expiring_soon_notification_worker_spec.rb b/spec/workers/ssh_keys/expiring_soon_notification_worker_spec.rb index f6eaf76b54d..fac5fa94739 100644 --- a/spec/workers/ssh_keys/expiring_soon_notification_worker_spec.rb +++ b/spec/workers/ssh_keys/expiring_soon_notification_worker_spec.rb @@ -29,7 +29,7 @@ RSpec.describe SshKeys::ExpiringSoonNotificationWorker, type: :worker, feature_c expect { worker.perform }.to change { expiring_soon.reload.before_expiry_notification_delivered_at } end - include_examples 'an idempotent worker' do + it_behaves_like 'an idempotent worker' do subject do perform_multiple(worker: worker) end diff --git a/spec/workers/user_status_cleanup/batch_worker_spec.rb b/spec/workers/user_status_cleanup/batch_worker_spec.rb index e2ad12672de..7a3f376f416 100644 --- a/spec/workers/user_status_cleanup/batch_worker_spec.rb +++ b/spec/workers/user_status_cleanup/batch_worker_spec.rb @@ -3,7 +3,7 @@ require 'spec_helper' RSpec.describe UserStatusCleanup::BatchWorker, feature_category: :user_profile do - include_examples 'an idempotent worker' do + it_behaves_like 'an idempotent worker' do subject do perform_multiple([], worker: described_class.new) end diff --git a/spec/workers/users/migrate_records_to_ghost_user_in_batches_worker_spec.rb b/spec/workers/users/migrate_records_to_ghost_user_in_batches_worker_spec.rb index fbbfd44bba6..cfb3ef55bbe 100644 --- a/spec/workers/users/migrate_records_to_ghost_user_in_batches_worker_spec.rb +++ b/spec/workers/users/migrate_records_to_ghost_user_in_batches_worker_spec.rb @@ -20,7 +20,7 @@ RSpec.describe Users::MigrateRecordsToGhostUserInBatchesWorker, feature_category end end - include_examples 'an idempotent worker' do + it_behaves_like 'an idempotent worker' do let_it_be(:user) { create(:user) } let_it_be(:project) { create(:project, namespace: create(:group)) } let_it_be(:issue) { create(:issue, project: project, author: user, last_edited_by: user) } diff --git a/spec/workers/x509_certificate_revoke_worker_spec.rb b/spec/workers/x509_certificate_revoke_worker_spec.rb index badeff25b34..508feecbcbe 100644 --- a/spec/workers/x509_certificate_revoke_worker_spec.rb +++ b/spec/workers/x509_certificate_revoke_worker_spec.rb @@ -5,31 +5,14 @@ require 'spec_helper' RSpec.describe X509CertificateRevokeWorker, feature_category: :source_code_management do describe '#perform' do context 'with a revoked certificate' do - subject { described_class.new } + subject { described_class.new.perform(job_args) } let(:x509_certificate) { create(:x509_certificate, certificate_status: :revoked) } let(:job_args) { x509_certificate.id } - include_examples 'an idempotent worker' do - it 'executes the revoke service' do - spy_service = X509CertificateRevokeService.new - - allow(X509CertificateRevokeService).to receive(:new) { spy_service } - - expect(spy_service).to receive(:execute) - .exactly(IdempotentWorkerHelper::WORKER_EXEC_TIMES).times - .with(x509_certificate) - .and_call_original - - subject - end - end + it_behaves_like 'an idempotent worker' it 'executes the revoke service' do - spy_service = X509CertificateRevokeService.new - - allow(X509CertificateRevokeService).to receive(:new) { spy_service } - expect_next_instance_of(X509CertificateRevokeService) do |service| expect(service).to receive(:execute).with(x509_certificate) end |