diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2020-09-08 09:08:57 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2020-09-08 09:08:57 +0300 |
commit | a69bb17d1e46f2816c3406d24c4dcdcb6d479935 (patch) | |
tree | d8bfa389bf8df6cc3e26a14aa68a2a14ec916e5b | |
parent | 6d266accebb0f79be591005ee5f1fc7c38e29a0a (diff) |
Add latest changes from gitlab-org/gitlab@master
18 files changed, 86 insertions, 100 deletions
diff --git a/app/controllers/projects/pipelines_controller.rb b/app/controllers/projects/pipelines_controller.rb index 10fc5d399b7..4a105c80154 100644 --- a/app/controllers/projects/pipelines_controller.rb +++ b/app/controllers/projects/pipelines_controller.rb @@ -261,7 +261,7 @@ class Projects::PipelinesController < Projects::ApplicationController end def latest_pipeline - @project.latest_pipeline_for_ref(params['ref']) + @project.latest_pipeline(params['ref']) &.present(current_user: current_user) end diff --git a/app/models/merge_request.rb b/app/models/merge_request.rb index 6174fd139b3..ccf9f501799 100644 --- a/app/models/merge_request.rb +++ b/app/models/merge_request.rb @@ -364,7 +364,7 @@ class MergeRequest < ApplicationRecord # when it is fast-forward there is no merge commit, so we must fall back to # either the squash commit (if the MR was squashed) or the diff head commit. sha = merge_commit_sha || squash_commit_sha || diff_head_sha - target_project.pipeline_for(target_branch, sha) + target_project.latest_pipeline(target_branch, sha) end # Pattern used to extract `!123` merge request references from text diff --git a/app/models/project.rb b/app/models/project.rb index a40f3b35add..6f0497d3646 100644 --- a/app/models/project.rb +++ b/app/models/project.rb @@ -956,13 +956,12 @@ class Project < ApplicationRecord latest_successful_build_for_ref(job_name, ref) || raise(ActiveRecord::RecordNotFound.new("Couldn't find job #{job_name}")) end - def latest_pipeline_for_ref(ref = default_branch) + def latest_pipeline(ref = default_branch, sha = nil) ref = ref.presence || default_branch - sha = commit(ref)&.sha - + sha ||= commit(ref)&.sha return unless sha - ci_pipelines.newest_first(ref: ref, sha: sha).first + ci_pipelines.newest_first(ref: ref, sha: sha).take end def merge_base_commit(first_commit_id, second_commit_id) @@ -1671,21 +1670,6 @@ class Project < ApplicationRecord !namespace.share_with_group_lock end - def pipeline_for(ref, sha = nil, id = nil) - sha ||= commit(ref).try(:sha) - return unless sha - - if id.present? - pipelines_for(ref, sha).find_by(id: id) - else - pipelines_for(ref, sha).take - end - end - - def pipelines_for(ref, sha) - ci_pipelines.order(id: :desc).where(sha: sha, ref: ref) - end - def latest_successful_pipeline_for_default_branch if defined?(@latest_successful_pipeline_for_default_branch) return @latest_successful_pipeline_for_default_branch diff --git a/app/services/issues/related_branches_service.rb b/app/services/issues/related_branches_service.rb index 46076218857..98d8412102f 100644 --- a/app/services/issues/related_branches_service.rb +++ b/app/services/issues/related_branches_service.rb @@ -24,7 +24,7 @@ module Issues return unless target - pipeline = project.pipeline_for(branch_name, target.sha) + pipeline = project.latest_pipeline(branch_name, target.sha) pipeline.detailed_status(current_user) if can?(current_user, :read_pipeline, pipeline) end diff --git a/app/views/projects/buttons/_download.html.haml b/app/views/projects/buttons/_download.html.haml index 1d0ad6dcde6..c04687bd846 100644 --- a/app/views/projects/buttons/_download.html.haml +++ b/app/views/projects/buttons/_download.html.haml @@ -17,7 +17,7 @@ %section.border-top.pt-1.mt-1 %h5.m-0.dropdown-bold-header= _('Download artifacts') - unless pipeline.latest? - %span.unclickable= ci_status_for_statuseable(project.pipeline_for(ref)) + %span.unclickable= ci_status_for_statuseable(project.latest_pipeline(ref)) %h6.m-0.dropdown-header= _('Previous Artifacts') %ul - pipeline.latest_builds_with_artifacts.each do |job| diff --git a/doc/user/application_security/dast/index.md b/doc/user/application_security/dast/index.md index 41e51f5d2fd..58f00933c29 100644 --- a/doc/user/application_security/dast/index.md +++ b/doc/user/application_security/dast/index.md @@ -491,8 +491,8 @@ dast: ``` You must then overwrite the `script` command to pass in the appropriate -argument. For example, passive scanning can be delayed using option `-D`. The following -configuration delays passive scanning by five minutes: +argument. For example, vulnerability definitions in alpha can be included with +`-a`. The following configuration includes those definitions: ```yaml include: @@ -501,7 +501,7 @@ include: dast: script: - export DAST_WEBSITE=${DAST_WEBSITE:-$(cat environment_url.txt)} - - /analyze -D 300 -t $DAST_WEBSITE + - /analyze -a -t $DAST_WEBSITE ``` ### Custom ZAProxy configuration diff --git a/doc/user/application_security/security_dashboard/img/instance_security_dashboard_empty_v13_3.png b/doc/user/application_security/security_dashboard/img/instance_security_dashboard_empty_v13_3.png Binary files differdeleted file mode 100644 index 50dd2016e7e..00000000000 --- a/doc/user/application_security/security_dashboard/img/instance_security_dashboard_empty_v13_3.png +++ /dev/null diff --git a/doc/user/application_security/security_dashboard/img/instance_security_dashboard_empty_v13_4.png b/doc/user/application_security/security_dashboard/img/instance_security_dashboard_empty_v13_4.png Binary files differnew file mode 100644 index 00000000000..3c618090be8 --- /dev/null +++ b/doc/user/application_security/security_dashboard/img/instance_security_dashboard_empty_v13_4.png diff --git a/doc/user/application_security/security_dashboard/img/instance_security_dashboard_export_csv_v13_4.png b/doc/user/application_security/security_dashboard/img/instance_security_dashboard_export_csv_v13_4.png Binary files differnew file mode 100644 index 00000000000..9ade24be16f --- /dev/null +++ b/doc/user/application_security/security_dashboard/img/instance_security_dashboard_export_csv_v13_4.png diff --git a/doc/user/application_security/security_dashboard/img/instance_security_dashboard_v13_4.png b/doc/user/application_security/security_dashboard/img/instance_security_dashboard_v13_4.png Binary files differnew file mode 100644 index 00000000000..d010adcc90c --- /dev/null +++ b/doc/user/application_security/security_dashboard/img/instance_security_dashboard_v13_4.png diff --git a/doc/user/application_security/security_dashboard/img/instance_security_dashboard_with_projects_v13_2_sm.png b/doc/user/application_security/security_dashboard/img/instance_security_dashboard_with_projects_v13_2_sm.png Binary files differdeleted file mode 100644 index 75b5ad1d885..00000000000 --- a/doc/user/application_security/security_dashboard/img/instance_security_dashboard_with_projects_v13_2_sm.png +++ /dev/null diff --git a/doc/user/application_security/security_dashboard/img/vulnerability_list_table_v13_1.png b/doc/user/application_security/security_dashboard/img/vulnerability_list_table_v13_1.png Binary files differdeleted file mode 100644 index 2b792727a99..00000000000 --- a/doc/user/application_security/security_dashboard/img/vulnerability_list_table_v13_1.png +++ /dev/null diff --git a/doc/user/application_security/security_dashboard/img/vulnerability_list_table_v13_4.png b/doc/user/application_security/security_dashboard/img/vulnerability_list_table_v13_4.png Binary files differnew file mode 100644 index 00000000000..eb91cfc47ad --- /dev/null +++ b/doc/user/application_security/security_dashboard/img/vulnerability_list_table_v13_4.png diff --git a/doc/user/application_security/security_dashboard/index.md b/doc/user/application_security/security_dashboard/index.md index 25bae6629fa..6535ec71811 100644 --- a/doc/user/application_security/security_dashboard/index.md +++ b/doc/user/application_security/security_dashboard/index.md @@ -122,24 +122,28 @@ branches of all the projects you configure to display on the dashboard. It inclu [group Security Dashboard's](#group-security-dashboard) features. +![Instance Security Dashboard with projects](img/instance_security_dashboard_v13_4.png) + You can access the Instance Security Dashboard from the menu bar at the top of the page. Under **More**, select **Security**. ![Instance Security Dashboard navigation link](img/instance_security_dashboard_link_v12_4.png) +The dashboard is empty before you add projects to it. + +![Uninitialized Instance Security Dashboard](img/instance_security_dashboard_empty_v13_4.png) + ### Adding projects to the dashboard To add projects to the dashboard: -1. Click **Settings** in the left navigation bar. +1. Click **Settings** in the left navigation bar or click the **Add projects** button. 1. Search for and add one or more projects using the **Search your projects** field. 1. Click the **Add projects** button. After you add projects, the Security Dashboard displays the vulnerabilities found in those projects' default branches. -![Uninitialized Instance Security Dashboard](img/instance_security_dashboard_empty_v13_3.png) - ## Export vulnerabilities > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/213014) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 12.10. @@ -150,6 +154,8 @@ is built, the CSV report downloads to your local machine. The report contains al vulnerabilities for the projects defined in the **Security Dashboard**, as filters don't apply to the export function. +![Export vulnerabilities](img/instance_security_dashboard_export_csv_v13_4.png) + NOTE: **Note:** It may take several minutes for the download to start if your project contains thousands of vulnerabilities. Do not close the page until the download finishes. @@ -208,7 +214,7 @@ To create an issue associated with the vulnerability, click the **Create Issue** Once you create the issue, the vulnerability list contains a link to the issue and an icon whose color indicates the issue's status (green for open issues, blue for closed issues). -![Display attached issues](img/vulnerability_list_table_v13_1.png) +![Display attached issues](img/vulnerability_list_table_v13_4.png) <!-- ## Troubleshooting diff --git a/lib/api/ci/pipelines.rb b/lib/api/ci/pipelines.rb index a010e0dd761..55089045e80 100644 --- a/lib/api/ci/pipelines.rb +++ b/lib/api/ci/pipelines.rb @@ -178,7 +178,7 @@ module API def latest_pipeline strong_memoize(:latest_pipeline) do - user_project.latest_pipeline_for_ref(params[:ref]) + user_project.latest_pipeline(params[:ref]) end end end diff --git a/spec/lib/gitlab/ci/reports/test_case_spec.rb b/spec/lib/gitlab/ci/reports/test_case_spec.rb index 8882defbd9e..7fb208213c1 100644 --- a/spec/lib/gitlab/ci/reports/test_case_spec.rb +++ b/spec/lib/gitlab/ci/reports/test_case_spec.rb @@ -4,7 +4,7 @@ require 'spec_helper' RSpec.describe Gitlab::Ci::Reports::TestCase do describe '#initialize' do - let(:test_case) { described_class.new(params)} + let(:test_case) { described_class.new(params) } context 'when both classname and name are given' do context 'when test case is passed' do @@ -62,7 +62,9 @@ RSpec.describe Gitlab::Ci::Reports::TestCase do end context 'when attachment is present' do - let(:attachment_test_case) { build(:test_case, :failed_with_attachment) } + let_it_be(:job) { create(:ci_build) } + + let(:attachment_test_case) { build(:test_case, :failed_with_attachment, job: job) } it "initializes the attachment if present" do expect(attachment_test_case.attachment).to eq("some/path.png") diff --git a/spec/models/project_spec.rb b/spec/models/project_spec.rb index efa2353259c..89772a651c2 100644 --- a/spec/models/project_spec.rb +++ b/spec/models/project_spec.rb @@ -1269,60 +1269,6 @@ RSpec.describe Project do end end - describe '#pipeline_for' do - let(:project) { create(:project, :repository) } - - shared_examples 'giving the correct pipeline' do - it { is_expected.to eq(pipeline) } - - context 'return latest' do - let!(:pipeline2) { create_pipeline(project) } - - it { is_expected.to eq(pipeline2) } - end - end - - context 'with a matching pipeline' do - let!(:pipeline) { create_pipeline(project) } - - context 'with explicit sha' do - subject { project.pipeline_for('master', pipeline.sha) } - - it_behaves_like 'giving the correct pipeline' - - context 'with supplied id' do - let!(:other_pipeline) { create_pipeline(project) } - - subject { project.pipeline_for('master', pipeline.sha, other_pipeline.id) } - - it { is_expected.to eq(other_pipeline) } - end - end - - context 'with implicit sha' do - subject { project.pipeline_for('master') } - - it_behaves_like 'giving the correct pipeline' - end - end - - context 'when there is no matching pipeline' do - subject { project.pipeline_for('master') } - - it { is_expected.to be_nil } - end - end - - describe '#pipelines_for' do - let(:project) { create(:project, :repository) } - let!(:pipeline) { create_pipeline(project) } - let!(:other_pipeline) { create_pipeline(project) } - - subject { project.pipelines_for(project.default_branch, project.commit.sha) } - - it { is_expected.to contain_exactly(pipeline, other_pipeline) } - end - describe '#builds_enabled' do let(:project) { create(:project) } @@ -2369,42 +2315,90 @@ RSpec.describe Project do end end - describe '#latest_pipeline_for_ref' do + describe '#latest_pipeline' do let(:project) { create(:project, :repository) } let(:second_branch) { project.repository.branches[2] } let!(:pipeline_for_default_branch) do - create(:ci_empty_pipeline, project: project, sha: project.commit.id, - ref: project.default_branch) + create(:ci_pipeline, project: project, sha: project.commit.id, + ref: project.default_branch) end let!(:pipeline_for_second_branch) do - create(:ci_empty_pipeline, project: project, sha: second_branch.target, - ref: second_branch.name) + create(:ci_pipeline, project: project, sha: second_branch.target, + ref: second_branch.name) end - before do - create(:ci_empty_pipeline, project: project, sha: project.commit.parent.id, - ref: project.default_branch) + let!(:other_pipeline_for_default_branch) do + create(:ci_pipeline, project: project, sha: project.commit.parent.id, + ref: project.default_branch) end context 'default repository branch' do - subject { project.latest_pipeline_for_ref(project.default_branch) } + context 'when explicitly provided' do + subject { project.latest_pipeline(project.default_branch) } + + it { is_expected.to eq(pipeline_for_default_branch) } + end + + context 'when not provided' do + subject { project.latest_pipeline } + + it { is_expected.to eq(pipeline_for_default_branch) } + end - it { is_expected.to eq(pipeline_for_default_branch) } + context 'with provided sha' do + subject { project.latest_pipeline(project.default_branch, project.commit.parent.id) } + + it { is_expected.to eq(other_pipeline_for_default_branch) } + end end context 'provided ref' do - subject { project.latest_pipeline_for_ref(second_branch.name) } + subject { project.latest_pipeline(second_branch.name) } it { is_expected.to eq(pipeline_for_second_branch) } + + context 'with provided sha' do + let!(:latest_pipeline_for_ref) do + create(:ci_pipeline, project: project, sha: pipeline_for_second_branch.sha, + ref: pipeline_for_second_branch.ref) + end + + subject { project.latest_pipeline(second_branch.name, second_branch.target) } + + it { is_expected.to eq(latest_pipeline_for_ref) } + end end context 'bad ref' do - subject { project.latest_pipeline_for_ref(SecureRandom.uuid) } + before do + # ensure we don't skip the filter by ref by mistakenly return this pipeline + create(:ci_pipeline, project: project) + end + + subject { project.latest_pipeline(SecureRandom.uuid) } it { is_expected.to be_nil } end + + context 'on deleted ref' do + let(:branch) { project.repository.branches.last } + + let!(:pipeline_on_deleted_ref) do + create(:ci_pipeline, project: project, sha: branch.target, ref: branch.name) + end + + before do + project.repository.rm_branch(project.owner, branch.name) + end + + subject { project.latest_pipeline(branch.name) } + + it 'always returns nil despite a pipeline exists' do + expect(subject).to be_nil + end + end end describe '#latest_successful_build_for_sha' do diff --git a/spec/services/issues/related_branches_service_spec.rb b/spec/services/issues/related_branches_service_spec.rb index d79132d98db..1780023803a 100644 --- a/spec/services/issues/related_branches_service_spec.rb +++ b/spec/services/issues/related_branches_service_spec.rb @@ -57,7 +57,7 @@ RSpec.describe Issues::RelatedBranchesService do unreadable_branch_name => unreadable_pipeline }.each do |name, pipeline| allow(repo).to receive(:find_branch).with(name).and_return(make_branch) - allow(project).to receive(:pipeline_for).with(name, sha).and_return(pipeline) + allow(project).to receive(:latest_pipeline).with(name, sha).and_return(pipeline) end allow(repo).to receive(:find_branch).with(missing_branch).and_return(nil) |