diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2023-10-19 12:13:30 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2023-10-19 12:13:30 +0300 |
commit | 91a9a020dafedd084aaa72022f0aa72d14e4f20b (patch) | |
tree | 7b7b964568160f4aa0de582ec090235331d1bf2f | |
parent | 270fe378591f24b9a5866990f5c79c817c79b409 (diff) |
Add latest changes from gitlab-org/gitlab@master
16 files changed, 84 insertions, 98 deletions
diff --git a/app/models/user_custom_attribute.rb b/app/models/user_custom_attribute.rb index 728c1f4844a..5a592b425df 100644 --- a/app/models/user_custom_attribute.rb +++ b/app/models/user_custom_attribute.rb @@ -20,6 +20,7 @@ class UserCustomAttribute < ApplicationRecord TRUSTED_BY = 'trusted_by' AUTO_BANNED_BY = 'auto_banned_by' IDENTITY_VERIFICATION_PHONE_EXEMPT = 'identity_verification_phone_exempt' + IDENTITY_VERIFICATION_EXEMPT = 'identity_verification_exempt' class << self def upsert_custom_attributes(custom_attributes) diff --git a/app/views/shared/milestones/_sidebar.html.haml b/app/views/shared/milestones/_sidebar.html.haml index 7d1e9c06966..2e2c0300ae1 100644 --- a/app/views/shared/milestones/_sidebar.html.haml +++ b/app/views/shared/milestones/_sidebar.html.haml @@ -161,11 +161,10 @@ - milestone_ref = milestone.try(:to_reference, full: true) - if milestone_ref.present? .block.reference - .sidebar-collapsed-icon.js-dont-change-state - = deprecated_clipboard_button(text: milestone_ref, title: s_('MilestoneSidebar|Copy reference'), placement: "left", boundary: 'viewport') + = clipboard_button(text: milestone_ref, title: s_('MilestoneSidebar|Copy reference'), placement: "left", boundary: 'viewport', class: 'sidebar-collapsed-icon js-dont-change-state') .gl-display-flex.gl-align-items-center.gl-justify-content-space-between.gl-mb-2.hide-collapsed %span.gl-overflow-hidden.gl-text-overflow-ellipsis.gl-white-space-nowrap = s_('MilestoneSidebar|Reference:') %span{ title: milestone_ref } = milestone_ref - = deprecated_clipboard_button(text: milestone_ref, title: s_('MilestoneSidebar|Copy reference'), placement: "left", boundary: 'viewport') + = clipboard_button(text: milestone_ref, title: s_('MilestoneSidebar|Copy reference'), placement: "left", boundary: 'viewport') diff --git a/data/deprecations/16-1-non-decomposed-mode-deprecation.yml b/data/deprecations/16-1-non-decomposed-mode-deprecation.yml index 83f99fc2dbd..d98c4f65504 100644 --- a/data/deprecations/16-1-non-decomposed-mode-deprecation.yml +++ b/data/deprecations/16-1-non-decomposed-mode-deprecation.yml @@ -1,12 +1,12 @@ - title: "Running a single database is deprecated" - removal_milestone: "17.0" + removal_milestone: "18.0" announcement_milestone: "16.1" breaking_change: true reporter: lohrc stage: data_stores issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/411239 body: | - From GitLab 17.0, we will require a [separate database for CI features](https://gitlab.com/groups/gitlab-org/-/epics/7509). + From GitLab 18.0, we will require a [separate database for CI features](https://gitlab.com/groups/gitlab-org/-/epics/7509). We recommend running both databases on the same Postgres instance(s) due to ease of management for most deployments. We are providing this as an informational advance notice but we do not recommend taking action yet. @@ -14,4 +14,4 @@ This change provides additional scalability for the largest of GitLab instances, like GitLab.com. This change applies to all installation methods: Omnibus GitLab, GitLab Helm chart, GitLab Operator, GitLab Docker images, and installation from source. - Before upgrading to GitLab 17.0, please ensure you have [migrated](https://docs.gitlab.com/ee/administration/postgresql/multiple_databases.html) to two databases. + Before upgrading to GitLab 18.0, please ensure you have [migrated](https://docs.gitlab.com/ee/administration/postgresql/multiple_databases.html) to two databases. diff --git a/doc/administration/instance_limits.md b/doc/administration/instance_limits.md index 8f03a2224ec..dd3f64da2ea 100644 --- a/doc/administration/instance_limits.md +++ b/doc/administration/instance_limits.md @@ -1000,7 +1000,7 @@ The limits for issues, merge requests, wikis, and repositories: - Maximum number of nodes rendered: `50`. - Maximum number of macro expansions: `1000`. -- Maximum user-specified size in em: `20`. +- Maximum user-specified size in [em](https://en.wikipedia.org/wiki/Em_(typography)): `20`. The limits for issues and merge requests: diff --git a/doc/administration/logs/index.md b/doc/administration/logs/index.md index e7277ab3186..b356d67048d 100644 --- a/doc/administration/logs/index.md +++ b/doc/administration/logs/index.md @@ -806,7 +806,7 @@ GraphQL queries are recorded in the file. For example: {"query_string":"query IntrospectionQuery{__schema {queryType { name },mutationType { name }}}...(etc)","variables":{"a":1,"b":2},"complexity":181,"depth":1,"duration_s":7} ``` -## `clickhouse.log` **(SAAS)** +## `clickhouse.log` > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/133371) in GitLab 16.5. diff --git a/doc/update/deprecations.md b/doc/update/deprecations.md index 3bb7f9816b4..746d87bebc3 100644 --- a/doc/update/deprecations.md +++ b/doc/update/deprecations.md @@ -102,6 +102,28 @@ This change is a breaking change. You should [create a runner in the UI](../ci/r <div class="deprecation breaking-change" data-milestone="18.0"> +### Running a single database is deprecated + +<div class="deprecation-notes"> +- Announced in GitLab <span class="milestone">16.1</span> +- Removal in GitLab <span class="milestone">18.0</span> ([breaking change](https://docs.gitlab.com/ee/update/terminology.html#breaking-change)) +- To discuss this change or learn more, see the [deprecation issue](https://gitlab.com/gitlab-org/gitlab/-/issues/411239). +</div> + +From GitLab 18.0, we will require a [separate database for CI features](https://gitlab.com/groups/gitlab-org/-/epics/7509). +We recommend running both databases on the same Postgres instance(s) due to ease of management for most deployments. + +We are providing this as an informational advance notice but we do not recommend taking action yet. +We will have another update communicated (as well as the deprecation note) when we recommend admins to start the migration process. + +This change provides additional scalability for the largest of GitLab instances, like GitLab.com. +This change applies to all installation methods: Omnibus GitLab, GitLab Helm chart, GitLab Operator, GitLab Docker images, and installation from source. +Before upgrading to GitLab 18.0, please ensure you have [migrated](https://docs.gitlab.com/ee/administration/postgresql/multiple_databases.html) to two databases. + +</div> + +<div class="deprecation breaking-change" data-milestone="18.0"> + ### Support for REST API endpoints that reset runner registration tokens <div class="deprecation-notes"> @@ -822,28 +844,6 @@ that is available now. We recommend this alternative solution because it provide <div class="deprecation breaking-change" data-milestone="17.0"> -### Running a single database is deprecated - -<div class="deprecation-notes"> -- Announced in GitLab <span class="milestone">16.1</span> -- Removal in GitLab <span class="milestone">17.0</span> ([breaking change](https://docs.gitlab.com/ee/update/terminology.html#breaking-change)) -- To discuss this change or learn more, see the [deprecation issue](https://gitlab.com/gitlab-org/gitlab/-/issues/411239). -</div> - -From GitLab 17.0, we will require a [separate database for CI features](https://gitlab.com/groups/gitlab-org/-/epics/7509). -We recommend running both databases on the same Postgres instance(s) due to ease of management for most deployments. - -We are providing this as an informational advance notice but we do not recommend taking action yet. -We will have another update communicated (as well as the deprecation note) when we recommend admins to start the migration process. - -This change provides additional scalability for the largest of GitLab instances, like GitLab.com. -This change applies to all installation methods: Omnibus GitLab, GitLab Helm chart, GitLab Operator, GitLab Docker images, and installation from source. -Before upgrading to GitLab 17.0, please ensure you have [migrated](https://docs.gitlab.com/ee/administration/postgresql/multiple_databases.html) to two databases. - -</div> - -<div class="deprecation breaking-change" data-milestone="17.0"> - ### Security policy field `newly_detected` is deprecated <div class="deprecation-notes"> diff --git a/doc/user/infrastructure/iac/mr_integration.md b/doc/user/infrastructure/iac/mr_integration.md index 24ae3c998f8..8fe639bb453 100644 --- a/doc/user/infrastructure/iac/mr_integration.md +++ b/doc/user/infrastructure/iac/mr_integration.md @@ -16,10 +16,13 @@ enabling you to see statistics about the resources that Terraform creates, modifies, or destroys. WARNING: -Like any other job artifact, Terraform Plan data is viewable by anyone with the Guest role for the repository. -Neither Terraform nor GitLab encrypts the plan file by default. If your Terraform Plan -includes sensitive data such as passwords, access tokens, or certificates, we strongly -recommend encrypting plan output or modifying the project visibility settings. +Like any other job artifact, Terraform plan data is viewable by anyone with the Guest role on the repository. +Neither Terraform nor GitLab encrypts the plan file by default. If your Terraform `plan.json` or `plan.cache` +files include sensitive data like passwords, access tokens, or certificates, you should +encrypt the plan output or modify the project visibility settings. You should also **disable** +[public pipelines](../../../ci/pipelines/settings.md#change-pipeline-visibility-for-non-project-members-in-public-projects) +and set the [artifact's public flag to false](../../../ci/yaml/index.md#artifactspublic) (`public: false`). +This setting ensures artifacts are accessible only to GitLab administrators and project members with at least the Reporter role. ## Configure Terraform report artifacts diff --git a/doc/user/infrastructure/iac/terraform_state.md b/doc/user/infrastructure/iac/terraform_state.md index 081e20b158e..876300a7794 100644 --- a/doc/user/infrastructure/iac/terraform_state.md +++ b/doc/user/infrastructure/iac/terraform_state.md @@ -54,12 +54,12 @@ Prerequisites: WARNING: Like any other job artifact, Terraform plan data is viewable by anyone with the Guest role on the repository. -Neither Terraform nor GitLab encrypts the plan file by default. If your Terraform plan -includes sensitive data, like passwords, access tokens, or certificates, you should -encrypt plan output or modify the project visibility settings. We also strongly recommend that you **disable** +Neither Terraform nor GitLab encrypts the plan file by default. If your Terraform `plan.json` or `plan.cache` +files include sensitive data like passwords, access tokens, or certificates, you should +encrypt the plan output or modify the project visibility settings. You should also **disable** [public pipelines](../../../ci/pipelines/settings.md#change-pipeline-visibility-for-non-project-members-in-public-projects) -by setting the artifact's public flag to false (`public: false`). This setting ensures artifacts are -accessible only to GitLab Administrators and project members with the Reporter role and above. +and set the [artifact's public flag to false](../../../ci/yaml/index.md#artifactspublic) (`public: false`). +This setting ensures artifacts are accessible only to GitLab administrators and project members with at least the Reporter role. To configure GitLab CI/CD as a backend: diff --git a/locale/gitlab.pot b/locale/gitlab.pot index c45287f3f90..f4e362f05d1 100644 --- a/locale/gitlab.pot +++ b/locale/gitlab.pot @@ -13999,6 +13999,9 @@ msgstr "" msgid "Create group label" msgstr "" +msgid "Create identity verification exemption" +msgstr "" + msgid "Create issue" msgstr "" @@ -14062,9 +14065,6 @@ msgstr "" msgid "Create or import your first project" msgstr "" -msgid "Create phone verification exemption" -msgstr "" - msgid "Create pipeline trigger token" msgstr "" @@ -24015,6 +24015,15 @@ msgstr "" msgid "Identities" msgstr "" +msgid "Identity verification exemption" +msgstr "" + +msgid "Identity verification exemption has been created." +msgstr "" + +msgid "Identity verification exemption has been removed." +msgstr "" + msgid "IdentityVerification|%d country found" msgid_plural "IdentityVerification|%d countries found" msgstr[0] "" @@ -34254,15 +34263,6 @@ msgstr "" msgid "Phone" msgstr "" -msgid "Phone verification exemption" -msgstr "" - -msgid "Phone verification exemption has been created." -msgstr "" - -msgid "Phone verification exemption has been removed." -msgstr "" - msgid "PhoneVerification|Enter a valid code." msgstr "" @@ -39383,6 +39383,9 @@ msgstr "" msgid "Remove icon" msgstr "" +msgid "Remove identity verification exemption" +msgstr "" + msgid "Remove issue reference" msgstr "" @@ -39422,9 +39425,6 @@ msgstr "" msgid "Remove parent epic from an epic" msgstr "" -msgid "Remove phone verification exemption" -msgstr "" - msgid "Remove priority" msgstr "" @@ -45268,10 +45268,10 @@ msgstr "" msgid "Something went wrong. Try again later." msgstr "" -msgid "Something went wrong. Unable to create phone exemption." +msgid "Something went wrong. Unable to create identity verification exemption." msgstr "" -msgid "Something went wrong. Unable to remove phone exemption." +msgid "Something went wrong. Unable to remove identity verification exemption." msgstr "" msgid "Sorry, no projects matched your search" @@ -48991,7 +48991,7 @@ msgstr "" msgid "This user has the %{access} role in the %{name} project." msgstr "" -msgid "This user is currently exempt from phone verification. Remove the exemption using the button below." +msgid "This user is currently exempt from identity verification. Remove the exemption using the button below." msgstr "" msgid "This user is the author of this %{noteable}." @@ -49451,6 +49451,9 @@ msgstr "" msgid "To add the entry manually, provide the following details to the application on your phone." msgstr "" +msgid "To allow the user to confirm their identity by only confirming an email address and skip phone number and/or credit card verification, create an identity verification exemption using the button below." +msgstr "" + msgid "To approve this merge request, please enter your password. This project requires all approvals to be authenticated." msgstr "" @@ -49567,9 +49570,6 @@ msgstr "" msgid "To remove the %{link_start}read-only%{link_end} state and regain write access, you can reduce the number of users in your top-level group to %{free_limit} users or less. You can also upgrade to a paid tier, which do not have user limits. If you need additional time, you can start a free 30-day trial which includes unlimited users." msgstr "" -msgid "To replace phone verification with credit card verification, create a phone verification exemption using the button below." -msgstr "" - msgid "To resolve this, try to:" msgstr "" diff --git a/qa/qa/specs/features/api/1_manage/migration/gitlab_migration_large_project_spec.rb b/qa/qa/specs/features/api/1_manage/migration/gitlab_migration_large_project_spec.rb index 5e453043ead..8fe04305083 100644 --- a/qa/qa/specs/features/api/1_manage/migration/gitlab_migration_large_project_spec.rb +++ b/qa/qa/specs/features/api/1_manage/migration/gitlab_migration_large_project_spec.rb @@ -34,18 +34,12 @@ module QA let!(:source_api_client) { source_admin_api_client } let!(:source_group) do - Resource::Sandbox.fabricate_via_api! do |group| - group.api_client = source_api_client - group.path = gitlab_source_group - end + create(:sandbox, api_client: source_api_client, path: gitlab_source_group) end # generate unique target group because source group has a static name let!(:target_sandbox) do - Resource::Sandbox.fabricate_via_api! do |group| - group.api_client = admin_api_client - group.path = "qa-sandbox-#{SecureRandom.hex(4)}" - end + create(:sandbox, api_client: admin_api_client, path: "qa-sandbox-#{SecureRandom.hex(4)}") end # Source objects diff --git a/qa/qa/specs/features/api/3_create/repository/default_branch_name_setting_spec.rb b/qa/qa/specs/features/api/3_create/repository/default_branch_name_setting_spec.rb index a512bb76560..3a6874cd587 100644 --- a/qa/qa/specs/features/api/3_create/repository/default_branch_name_setting_spec.rb +++ b/qa/qa/specs/features/api/3_create/repository/default_branch_name_setting_spec.rb @@ -41,11 +41,7 @@ module QA repository.push_changes('trunk') end - project = Resource::Project.fabricate_via_api! do |project| - project.add_name_uuid = false - project.name = project_name - project.group = group - end + project = create(:project, add_name_uuid: false, name: project_name, group: group) expect(project.default_branch).to eq('trunk') expect(project).to have_file('README.md') diff --git a/qa/qa/specs/features/api/4_verify/file_variable_downstream_pipeline_spec.rb b/qa/qa/specs/features/api/4_verify/file_variable_downstream_pipeline_spec.rb index c95a1f9fcd0..f0707420b3b 100644 --- a/qa/qa/specs/features/api/4_verify/file_variable_downstream_pipeline_spec.rb +++ b/qa/qa/specs/features/api/4_verify/file_variable_downstream_pipeline_spec.rb @@ -170,12 +170,7 @@ module QA 'TEST_PROJECT_FILE' => "hello, this is test\n", 'DOCKER_CA_CERT' => "This is secret\n" }.each do |file_name, content| - Resource::CiVariable.fabricate_via_api! do |ci_variable| - ci_variable.project = upstream_project - ci_variable.key = file_name - ci_variable.value = content - ci_variable.variable_type = 'file' - end + create(:ci_variable, project: upstream_project, key: file_name, value: content, variable_type: 'file') end end diff --git a/qa/qa/specs/features/api/4_verify/file_variable_spec.rb b/qa/qa/specs/features/api/4_verify/file_variable_spec.rb index 4dcff9d270e..820505a4610 100644 --- a/qa/qa/specs/features/api/4_verify/file_variable_spec.rb +++ b/qa/qa/specs/features/api/4_verify/file_variable_spec.rb @@ -96,12 +96,7 @@ module QA private def add_file_variable_to_project(key, value) - Resource::CiVariable.fabricate_via_api! do |ci_variable| - ci_variable.project = project - ci_variable.key = key - ci_variable.value = value - ci_variable.variable_type = 'file' - end + create(:ci_variable, project: project, key: key, value: value, variable_type: 'file') end def trigger_pipeline diff --git a/qa/qa/specs/features/shared_contexts/import/gitlab_group_migration_common.rb b/qa/qa/specs/features/shared_contexts/import/gitlab_group_migration_common.rb index 19d9f9ad94f..b6ea046fd59 100644 --- a/qa/qa/specs/features/shared_contexts/import/gitlab_group_migration_common.rb +++ b/qa/qa/specs/features/shared_contexts/import/gitlab_group_migration_common.rb @@ -10,7 +10,6 @@ module QA let!(:import_wait_duration) { { max_duration: 120, sleep_interval: 2 } } # source instance objects - # let!(:source_gitlab_address) { ENV["QA_IMPORT_SOURCE_URL"] || raise("QA_IMPORT_SOURCE_URL is required!") } let!(:source_admin_api_client) do Runtime::API::Client.new( @@ -19,42 +18,42 @@ module QA is_new_session: false ) end + let!(:source_bulk_import_enabled) do Runtime::ApplicationSettings.get_application_settings(api_client: source_admin_api_client)[:bulk_import_enabled] end + let!(:source_admin_user) do create(:user, :set_public_email, api_client: source_admin_api_client, username: Runtime::Env.admin_username || 'root') end + let!(:source_group) do - Resource::Sandbox.fabricate_via_api! do |group| - group.api_client = source_admin_api_client - group.path = "source-group-for-import-#{SecureRandom.hex(4)}" - group.avatar = File.new(Runtime::Path.fixture('designs', 'tanuki.jpg'), "r") - end + create(:sandbox, + api_client: source_admin_api_client, + path: "source-group-for-import-#{SecureRandom.hex(4)}", + avatar: File.new(Runtime::Path.fixture('designs', 'tanuki.jpg'), "r")) end # target instance objects - # let!(:admin_api_client) { Runtime::API::Client.as_admin } + let!(:target_bulk_import_enabled) do Runtime::ApplicationSettings.get_application_settings(api_client: admin_api_client)[:bulk_import_enabled] end + let!(:admin_user) do create(:user, :set_public_email, api_client: admin_api_client, username: Runtime::Env.admin_username || 'root') end + let!(:user) { create(:user, api_client: admin_api_client, username: "target-user-#{SecureRandom.hex(6)}") } let!(:api_client) { Runtime::API::Client.new(user: user) } - let!(:target_sandbox) do - Resource::Sandbox.fabricate_via_api! do |group| - group.api_client = admin_api_client - end - end + let!(:target_sandbox) { create(:sandbox, api_client: admin_api_client) } let(:destination_group_path) { source_group.path } let(:imported_group) do diff --git a/spec/requests/api/graphql/mutations/admin/sidekiq_queues/delete_jobs_spec.rb b/spec/requests/api/graphql/mutations/admin/sidekiq_queues/delete_jobs_spec.rb index e3a7442ffe6..b3d25155a6f 100644 --- a/spec/requests/api/graphql/mutations/admin/sidekiq_queues/delete_jobs_spec.rb +++ b/spec/requests/api/graphql/mutations/admin/sidekiq_queues/delete_jobs_spec.rb @@ -43,7 +43,7 @@ RSpec.describe 'Deleting Sidekiq jobs', :clean_gitlab_redis_queues, feature_cate raise 'Not enqueued!' if Sidekiq::Queue.new(queue).size.zero? end - it 'returns info about the deleted jobs', quarantine: 'https://gitlab.com/gitlab-org/gitlab/-/issues/425824' do + it 'returns info about the deleted jobs' do add_job(admin, [1]) add_job(admin, [2]) add_job(create(:user), [3]) diff --git a/spec/support/redis.rb b/spec/support/redis.rb index d5ae0bf1582..ee6f00e4b63 100644 --- a/spec/support/redis.rb +++ b/spec/support/redis.rb @@ -6,6 +6,8 @@ RSpec.configure do |config| Sidekiq.redis do |connection| connection.redis.flushdb end + + redis_queues_metadata_cleanup! end Gitlab::Redis::ALL_CLASSES.each do |instance_class| @@ -13,10 +15,12 @@ RSpec.configure do |config| config.around(:each, :"clean_gitlab_redis_#{underscored_name}") do |example| public_send("redis_#{underscored_name}_cleanup!") + redis_queues_metadata_cleanup! if underscored_name == 'queues' example.run public_send("redis_#{underscored_name}_cleanup!") + redis_queues_metadata_cleanup! if underscored_name == 'queues' end end |