diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2021-10-06 12:11:39 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2021-10-06 12:11:39 +0300 |
commit | b02d831a00f9f87b95174806b4d04a800001dc38 (patch) | |
tree | 6f140cfbb51e6f48ce73d297dd9a7bc5928166f2 | |
parent | b6fd4f66153660e126eae62ff7eb2cfa761eb47c (diff) |
Add latest changes from gitlab-org/gitlab@master
24 files changed, 258 insertions, 151 deletions
diff --git a/app/models/customer_relations/contact.rb b/app/models/customer_relations/contact.rb index d4a18bdfa04..c632f8e2efa 100644 --- a/app/models/customer_relations/contact.rb +++ b/app/models/customer_relations/contact.rb @@ -7,6 +7,7 @@ class CustomerRelations::Contact < ApplicationRecord belongs_to :group, -> { where(type: Group.sti_name) }, foreign_key: 'group_id' belongs_to :organization, optional: true + has_and_belongs_to_many :issues, join_table: :issue_customer_relations_contacts # rubocop: disable Rails/HasAndBelongsToMany strip_attributes! :phone, :first_name, :last_name diff --git a/app/models/issue.rb b/app/models/issue.rb index 1cf9af7bb45..2265a92662e 100644 --- a/app/models/issue.rb +++ b/app/models/issue.rb @@ -81,6 +81,7 @@ class Issue < ApplicationRecord has_and_belongs_to_many :self_managed_prometheus_alert_events, join_table: :issues_self_managed_prometheus_alert_events # rubocop: disable Rails/HasAndBelongsToMany has_and_belongs_to_many :prometheus_alert_events, join_table: :issues_prometheus_alert_events # rubocop: disable Rails/HasAndBelongsToMany has_many :prometheus_alerts, through: :prometheus_alert_events + has_and_belongs_to_many :customer_relations_contacts, join_table: :issue_customer_relations_contacts, class_name: 'CustomerRelations::Contact' # rubocop: disable Rails/HasAndBelongsToMany accepts_nested_attributes_for :issuable_severity, update_only: true accepts_nested_attributes_for :sentry_issue diff --git a/app/views/help/instance_configuration/_gitlab_pages.html.haml b/app/views/help/instance_configuration/_gitlab_pages.html.haml index 51835c202d6..1d8958c93e8 100644 --- a/app/views/help/instance_configuration/_gitlab_pages.html.haml +++ b/app/views/help/instance_configuration/_gitlab_pages.html.haml @@ -7,7 +7,7 @@ = _('GitLab Pages') %p - - link_to_gitlab_pages = link_to(_('GitLab Pages'), gitlab_pages[:url], target: '_blank') + - link_to_gitlab_pages = link_to(_('GitLab Pages'), gitlab_pages[:url], target: '_blank', rel: 'noopener noreferrer') = _('Below are the settings for %{link_to_gitlab_pages}.').html_safe % { link_to_gitlab_pages: link_to_gitlab_pages } .table-responsive %table diff --git a/config/feature_flags/development/ci_scoped_job_token.yml b/config/feature_flags/development/ci_scoped_job_token.yml index a7fa0244839..a885a1e6391 100644 --- a/config/feature_flags/development/ci_scoped_job_token.yml +++ b/config/feature_flags/development/ci_scoped_job_token.yml @@ -5,4 +5,4 @@ rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/332272 milestone: '14.0' type: development group: group::pipeline execution -default_enabled: false +default_enabled: true diff --git a/config/feature_flags/development/security_orchestration_policies_configuration.yml b/config/feature_flags/development/security_orchestration_policies_configuration.yml deleted file mode 100644 index 2570743c101..00000000000 --- a/config/feature_flags/development/security_orchestration_policies_configuration.yml +++ /dev/null @@ -1,8 +0,0 @@ ---- -name: security_orchestration_policies_configuration -introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/54220 -rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/321258 -milestone: '13.9' -type: development -group: group::container security -default_enabled: true diff --git a/config/metrics/counts_all/20210216182112_sast_jobs.yml b/config/metrics/counts_all/20210216182112_sast_jobs.yml index 1012910675b..e14d89c3fdb 100644 --- a/config/metrics/counts_all/20210216182112_sast_jobs.yml +++ b/config/metrics/counts_all/20210216182112_sast_jobs.yml @@ -7,7 +7,8 @@ product_stage: secure product_group: group::static analysis product_category: static_application_security_testing value_type: number -status: active +status: broken +repair_issue_url: tbd time_frame: all data_source: database distribution: diff --git a/config/metrics/counts_all/20210216182114_secret_detection_jobs.yml b/config/metrics/counts_all/20210216182114_secret_detection_jobs.yml index 8a3d1ef15f3..2278fea0b6a 100644 --- a/config/metrics/counts_all/20210216182114_secret_detection_jobs.yml +++ b/config/metrics/counts_all/20210216182114_secret_detection_jobs.yml @@ -7,7 +7,8 @@ product_stage: secure product_group: group::static analysis product_category: secret_detection value_type: number -status: active +status: broken +repair_issue_url: tbd time_frame: all data_source: database distribution: diff --git a/db/migrate/20210922215740_create_issue_customer_relations_contacts.rb b/db/migrate/20210922215740_create_issue_customer_relations_contacts.rb new file mode 100644 index 00000000000..2d89d295608 --- /dev/null +++ b/db/migrate/20210922215740_create_issue_customer_relations_contacts.rb @@ -0,0 +1,14 @@ +# frozen_string_literal: true + +class CreateIssueCustomerRelationsContacts < Gitlab::Database::Migration[1.0] + def change + create_table :issue_customer_relations_contacts do |t| + t.bigint :issue_id, null: false + t.bigint :contact_id, null: false + t.timestamps_with_timezone null: false + + t.index :contact_id + t.index [:issue_id, :contact_id], unique: true, name: :index_issue_crm_contacts_on_issue_id_and_contact_id + end + end +end diff --git a/db/migrate/20210922220104_add_issue_customer_relations_contacts_foreign_keys.rb b/db/migrate/20210922220104_add_issue_customer_relations_contacts_foreign_keys.rb new file mode 100644 index 00000000000..7be465ca31a --- /dev/null +++ b/db/migrate/20210922220104_add_issue_customer_relations_contacts_foreign_keys.rb @@ -0,0 +1,20 @@ +# frozen_string_literal: true + +class AddIssueCustomerRelationsContactsForeignKeys < Gitlab::Database::Migration[1.0] + disable_ddl_transaction! + + def up + add_concurrent_foreign_key :issue_customer_relations_contacts, :issues, column: :issue_id + add_concurrent_foreign_key :issue_customer_relations_contacts, :customer_relations_contacts, column: :contact_id + end + + def down + with_lock_retries do + remove_foreign_key_if_exists :issue_customer_relations_contacts, column: :issue_id + end + + with_lock_retries do + remove_foreign_key_if_exists :issue_customer_relations_contacts, column: :contact_id + end + end +end diff --git a/db/schema_migrations/20210922215740 b/db/schema_migrations/20210922215740 new file mode 100644 index 00000000000..b7fdf9b4dfe --- /dev/null +++ b/db/schema_migrations/20210922215740 @@ -0,0 +1 @@ +7b343a5e1fd2600585d8fe4ef7585f91fb4c72da329b6f9474384f7217381d12
\ No newline at end of file diff --git a/db/schema_migrations/20210922220104 b/db/schema_migrations/20210922220104 new file mode 100644 index 00000000000..0cacca67f8f --- /dev/null +++ b/db/schema_migrations/20210922220104 @@ -0,0 +1 @@ +ced8a8373bdbf07b2be23701f243f3a9f338776eeaec0a6c4e5cc0e68572a16e
\ No newline at end of file diff --git a/db/structure.sql b/db/structure.sql index e2acf112331..f1c78f64d93 100644 --- a/db/structure.sql +++ b/db/structure.sql @@ -15077,6 +15077,23 @@ CREATE TABLE issue_assignees ( issue_id integer NOT NULL ); +CREATE TABLE issue_customer_relations_contacts ( + id bigint NOT NULL, + issue_id bigint NOT NULL, + contact_id bigint NOT NULL, + created_at timestamp with time zone NOT NULL, + updated_at timestamp with time zone NOT NULL +); + +CREATE SEQUENCE issue_customer_relations_contacts_id_seq + START WITH 1 + INCREMENT BY 1 + NO MINVALUE + NO MAXVALUE + CACHE 1; + +ALTER SEQUENCE issue_customer_relations_contacts_id_seq OWNED BY issue_customer_relations_contacts.id; + CREATE TABLE issue_email_participants ( id bigint NOT NULL, issue_id bigint NOT NULL, @@ -21342,6 +21359,8 @@ ALTER TABLE ONLY issuable_severities ALTER COLUMN id SET DEFAULT nextval('issuab ALTER TABLE ONLY issuable_slas ALTER COLUMN id SET DEFAULT nextval('issuable_slas_id_seq'::regclass); +ALTER TABLE ONLY issue_customer_relations_contacts ALTER COLUMN id SET DEFAULT nextval('issue_customer_relations_contacts_id_seq'::regclass); + ALTER TABLE ONLY issue_email_participants ALTER COLUMN id SET DEFAULT nextval('issue_email_participants_id_seq'::regclass); ALTER TABLE ONLY issue_links ALTER COLUMN id SET DEFAULT nextval('issue_links_id_seq'::regclass); @@ -22995,6 +23014,9 @@ ALTER TABLE ONLY issuable_slas ALTER TABLE ONLY issue_assignees ADD CONSTRAINT issue_assignees_pkey PRIMARY KEY (issue_id, user_id); +ALTER TABLE ONLY issue_customer_relations_contacts + ADD CONSTRAINT issue_customer_relations_contacts_pkey PRIMARY KEY (id); + ALTER TABLE ONLY issue_email_participants ADD CONSTRAINT issue_email_participants_pkey PRIMARY KEY (id); @@ -25355,6 +25377,10 @@ CREATE UNIQUE INDEX index_issuable_slas_on_issue_id ON issuable_slas USING btree CREATE INDEX index_issue_assignees_on_user_id ON issue_assignees USING btree (user_id); +CREATE UNIQUE INDEX index_issue_crm_contacts_on_issue_id_and_contact_id ON issue_customer_relations_contacts USING btree (issue_id, contact_id); + +CREATE INDEX index_issue_customer_relations_contacts_on_contact_id ON issue_customer_relations_contacts USING btree (contact_id); + CREATE UNIQUE INDEX index_issue_email_participants_on_issue_id_and_lower_email ON issue_email_participants USING btree (issue_id, lower(email)); CREATE INDEX index_issue_links_on_source_id ON issue_links USING btree (source_id); @@ -27400,6 +27426,9 @@ ALTER TABLE ONLY user_interacted_projects ALTER TABLE ONLY dast_sites ADD CONSTRAINT fk_0a57f2271b FOREIGN KEY (dast_site_validation_id) REFERENCES dast_site_validations(id) ON DELETE SET NULL; +ALTER TABLE ONLY issue_customer_relations_contacts + ADD CONSTRAINT fk_0c0037f723 FOREIGN KEY (issue_id) REFERENCES issues(id) ON DELETE CASCADE; + ALTER TABLE ONLY web_hooks ADD CONSTRAINT fk_0c8ca6d9d1 FOREIGN KEY (project_id) REFERENCES projects(id) ON DELETE CASCADE; @@ -27712,6 +27741,9 @@ ALTER TABLE ONLY protected_branches ALTER TABLE ONLY vulnerabilities ADD CONSTRAINT fk_7ac31eacb9 FOREIGN KEY (updated_by_id) REFERENCES users(id) ON DELETE SET NULL; +ALTER TABLE ONLY issue_customer_relations_contacts + ADD CONSTRAINT fk_7b92f835bb FOREIGN KEY (contact_id) REFERENCES customer_relations_contacts(id) ON DELETE CASCADE; + ALTER TABLE ONLY vulnerabilities ADD CONSTRAINT fk_7c5bb22a22 FOREIGN KEY (due_date_sourcing_milestone_id) REFERENCES milestones(id) ON DELETE SET NULL; diff --git a/doc/administration/geo/replication/geo_validation_tests.md b/doc/administration/geo/replication/geo_validation_tests.md index c6b1078ddf0..a4c2f156216 100644 --- a/doc/administration/geo/replication/geo_validation_tests.md +++ b/doc/administration/geo/replication/geo_validation_tests.md @@ -114,6 +114,13 @@ The following are GitLab upgrade validation tests we performed. The following are PostgreSQL upgrade validation tests we performed. +### September 2021 + +[Verify Geo installation with PostgreSQL 13](https://gitlab.com/gitlab-org/omnibus-gitlab/-/issues/6131): + +- Description: With PostgreSQL 13 available as an opt-in version in GitLab 14.1, we tested fresh installations of GitLab with Geo when PostgreSQL 13 is enabled. +- Outcome: Successfully built an environment with Geo and PostgreSQL 13 using [GitLab Environment Toolkit](https://gitlab.com/gitlab-org/quality/gitlab-environment-toolkit) and performed Geo QA tests against the environment without failures. + ### September 2020 [Verify PostgreSQL 12 upgrade for Geo installations](https://gitlab.com/gitlab-org/omnibus-gitlab/-/issues/5454): diff --git a/doc/api/graphql/reference/index.md b/doc/api/graphql/reference/index.md index cb49f112c89..f924eac904a 100644 --- a/doc/api/graphql/reference/index.md +++ b/doc/api/graphql/reference/index.md @@ -25,9 +25,13 @@ Items (fields, enums, etc) that have been removed according to our [deprecation in [Removed Items](../removed_items.md). <!-- vale off --> -<!-- Docs linting disabled after this line. --> +<!-- Vale linting disabled after this line. --> <!-- See https://docs.gitlab.com/ee/development/documentation/testing.html#disable-vale-tests --> +<!-- markdownlint-disable MD044 --> +<!-- MD044/proper-names test disabled after this line to make page compatible with markdownlint-cli 0.29.0. --> +<!-- See https://docs.gitlab.com/ee/development/documentation/testing.html#disable-markdownlint-tests --> + ## `Query` type The `Query` type contains the API's top-level entry points for all executable queries. diff --git a/doc/ci/jobs/ci_job_token.md b/doc/ci/jobs/ci_job_token.md index 91b8bcfd337..308f38b22b7 100644 --- a/doc/ci/jobs/ci_job_token.md +++ b/doc/ci/jobs/ci_job_token.md @@ -59,20 +59,20 @@ tries to steal tokens from other jobs. ## Limit GitLab CI/CD job token access -> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/328553) in GitLab 14.1. -> - [Deployed behind a feature flag](../../user/feature_flags.md), disabled by default. -> - Disabled on GitLab.com. -> - Not recommended for production use. -> - To use in GitLab self-managed instances, ask a GitLab administrator to [enable it](#enable-or-disable-ci-job-token-scope-limit). **(FREE SELF)** +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/328553) in GitLab 14.1. [Deployed behind the `:ci_scoped_job_token` feature flag](../../user/feature_flags.md), disabled by default. +> - [Enabled on GitLab.com and self-managed](https://gitlab.com/gitlab-org/gitlab/-/issues/332272) in GitLab 14.4. -This in-development feature might not be available for your use. There can be -[risks when enabling features still in development](../../administration/feature_flags.md#risks-when-enabling-features-still-in-development). -Refer to this feature's version history for more details. +FLAG: +On self-managed GitLab, by default this feature is available. To hide the feature, +ask an administrator to [disable the `ci_scoped_job_token` flag](../../administration/feature_flags.md). +On GitLab.com, this feature is available. You can limit the access scope of a project's CI/CD job token to increase the job token's security. A job token might give extra permissions that aren't necessary -to access specific private resources. Limiting the job token access scope reduces the risk of a leaked -token being used to access private data that the user associated to the job can access. +to access specific private resources. +If a job token is leaked it could potentially be used to access data that is private +to the job token's user. By limiting the job token access scope, private data cannot +be accessed unless projects are explicitly authorized. Control the job token access scope with an allowlist of other projects authorized to be accessed by authenticating with the current project's job token. By default @@ -86,7 +86,7 @@ setting at all times, and configure the allowlist for cross-project access if ne For example, when the setting is enabled, jobs in a pipeline in project `A` have a `CI_JOB_TOKEN` scope limited to project `A`. If the job needs to use the token to make an API request to a private project `B`, then `B` must be added to the allowlist for `A`. -If project `B` is public or internal, it doesn't need to be added to the allowlist. +If project `B` is public or internal, it's not required to be added to the allowlist. The job token scope is only for controlling access to private projects. ### Configure the job token scope limit @@ -98,31 +98,9 @@ The job token scope is only for controlling access to private projects. 1. (Optional) Add existing projects to the token's access scope. The user adding a project must have the [maintainer role](../../user/permissions.md) in both projects. -If the job token scope limit is disabled, the token can potentially be used to authenticate -API requests to all projects accessible to the user that triggered the job. - There is [a proposal](https://gitlab.com/groups/gitlab-org/-/epics/3559) to improve the feature with more strategic control of the access permissions. -### Enable or disable CI job token scope limit **(FREE SELF)** - -The GitLab CI/CD job token access scope limit is under development and not ready for production -use. It is deployed behind a feature flag that is **disabled by default**. -[GitLab administrators with access to the GitLab Rails console](../../administration/feature_flags.md) -can enable it. - -To enable it: - -```ruby -Feature.enable(:ci_scoped_job_token) -``` - -To disable it: - -```ruby -Feature.disable(:ci_scoped_job_token) -``` - ## Trigger a multi-project pipeline by using a CI job token > `CI_JOB_TOKEN` for multi-project pipelines was [moved](https://gitlab.com/gitlab-org/gitlab/-/issues/31573) from GitLab Premium to GitLab Free in 12.4. diff --git a/doc/development/documentation/styleguide/word_list.md b/doc/development/documentation/styleguide/word_list.md index 0f1f9f7467d..d68b68613d8 100644 --- a/doc/development/documentation/styleguide/word_list.md +++ b/doc/development/documentation/styleguide/word_list.md @@ -29,6 +29,12 @@ Try to avoid using **above** when referring to an example or table in a document - In the previous example, the dog had fleas. +Do not use **above** when referring to versions of the product. Use [**later**](#later) instead. + +- Do: In GitLab 14.4 and later... +- Do not: In GitLab 14.4 and above... +- Do not: In GitLab 14.4 and higher... + ## admin, admin area Use **administration**, **administrator**, **administer**, or **Admin Area** instead. ([Vale](../testing.md#vale) rule: [`Admin.yml`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/doc/.vale/gitlab/Admin.yml)) @@ -150,8 +156,8 @@ When writing about the Developer role: - Do not use the phrase, **if you are a developer** to mean someone who is assigned the Developer role. Instead, write it out. For example, **if you are assigned the Developer role**. - To describe a situation where the Developer role is the minimum required: - - Avoid: the Developer role or higher - - Use instead: at least the Developer role + - Do: at least the Developer role + - Do not: the Developer role or higher Do not use **Developer permissions**. A user who is assigned the Developer role has a set of associated permissions. @@ -220,8 +226,8 @@ Use **expand** instead of **open** when you are talking about expanding or colla Use **box** instead of **field** or **text box**. -- Avoid: In the **Variable name** field, enter `my text`. -- Use instead: In the **Variable name** box, enter `my text`. +- Do: In the **Variable name** box, enter `my text`. +- Do not: In the **Variable name** field, enter `my text`. ## foo @@ -265,8 +271,8 @@ When writing about the Guest role: - Do not use the phrase, **if you are a guest** to mean someone who is assigned the Guest role. Instead, write it out. For example, **if you are assigned the Guest role**. - To describe a situation where the Guest role is the minimum required: - - Avoid: the Guest role or higher - - Use instead: at least the Guest role + - Do: at least the Guest role + - Do not: the Guest role or higher Do not use **Guest permissions**. A user who is assigned the Guest role has a set of associated permissions. @@ -282,15 +288,16 @@ Do not use **high availability** or **HA**. Instead, direct readers to the GitLa Do not use **higher** when talking about version numbers. -- Do: In GitLab 14.1 and later. -- Do not: In GitLab 14.1 and higher. +- Do: In GitLab 14.4 and later... +- Do not: In GitLab 14.4 and higher... +- Do not: In GitLab 14.4 and above... ## hit Don't use **hit** to mean **press**. -- Avoid: Hit the **ENTER** button. -- Use instead: Press **ENTER**. +- Do: Press **ENTER**. +- Do not: Hit the **ENTER** button. ## I @@ -326,8 +333,9 @@ If you want to use **CI** with the word **job**, use **CI/CD job** rather than * Use **later** when talking about version numbers. -- Avoid: In GitLab 14.1 and higher. -- Use instead: In GitLab 14.1 and later. +- Do: In GitLab 14.1 and later... +- Do not: In GitLab 14.1 and higher... +- Do not: In GitLab 14.1 and above... ## list @@ -354,8 +362,8 @@ When writing about the Maintainer role: - Do not use the phrase, **if you are a maintainer** to mean someone who is assigned the Maintainer role. Instead, write it out. For example, **if you are assigned the Maintainer role**. - To describe a situation where the Maintainer role is the minimum required: - - Avoid: the Maintainer role or higher - - Use instead: at least the Maintainer role + - Do: at least the Maintainer role + - Do not: the Maintainer role or higher Do not use **Maintainer permissions**. A user who is assigned the Maintainer role has a set of associated permissions. @@ -461,8 +469,8 @@ When writing about the Reporter role: - Do not use the phrase, **if you are a reporter** to mean someone who is assigned the Reporter role. Instead, write it out. For example, **if you are assigned the Reporter role**. - To describe a situation where the Reporter role is the minimum required: - - Avoid: the Reporter role or higher - - Use instead: at least the Reporter role + - Do: at least the Reporter role + - Do not: the Reporter role or higher Do not use **Reporter permissions**. A user who is assigned the Reporter role has a set of associated permissions. diff --git a/doc/system_hooks/system_hooks.md b/doc/system_hooks/system_hooks.md index 68d19365bbf..fbeee7b96bc 100644 --- a/doc/system_hooks/system_hooks.md +++ b/doc/system_hooks/system_hooks.md @@ -173,7 +173,7 @@ Please refer to `group_rename` and `user_rename` for that case. "user_name": "John Smith", "user_username": "johnsmith", "user_id": 41, - "project_visibility": "visibilitylevel|private" + "project_visibility": "private" } ``` @@ -193,7 +193,7 @@ Please refer to `group_rename` and `user_rename` for that case. "user_name": "John Smith", "user_username": "johnsmith", "user_id": 41, - "project_visibility": "visibilitylevel|private" + "project_visibility": "private" } ``` @@ -213,7 +213,7 @@ Please refer to `group_rename` and `user_rename` for that case. "user_name": "John Smith", "user_username": "johnsmith", "user_id": 41, - "project_visibility": "visibilitylevel|private" + "project_visibility": "private" } ``` @@ -519,7 +519,7 @@ X-Gitlab-Event: System Hook } ``` -### Merge request events +## Merge request events Triggered when a new merge request is created, an existing merge request was updated/merged/closed or a commit is added in the source branch. @@ -533,101 +533,89 @@ X-Gitlab-Event: System Hook ```json { "object_kind": "merge_request", + "event_type": "merge_request", "user": { "id": 1, "name": "Administrator", "username": "root", - "avatar_url": "http://www.gravatar.com/avatar/e64c7d89f26bd1972efa854d13d7dd61?s=80&d=identicon", + "avatar_url": "http://www.gravatar.com/avatar/e64c7d89f26bd1972efa854d13d7dd61?s=40\u0026d=identicon", "email": "admin@example.com" }, "project": { - "name": "Example", - "description": "", - "web_url": "http://example.com/jsmith/example", - "avatar_url": null, - "git_ssh_url": "git@example.com:jsmith/example.git", - "git_http_url": "http://example.com/jsmith/example.git", - "namespace": "Jsmith", - "visibility_level": 0, - "path_with_namespace": "jsmith/example", - "default_branch": "master", - "ci_config_path": "", - "homepage": "http://example.com/jsmith/example", - "url": "git@example.com:jsmith/example.git", - "ssh_url": "git@example.com:jsmith/example.git", - "http_url": "http://example.com/jsmith/example.git" + "id": 1, + "name":"Gitlab Test", + "description":"Aut reprehenderit ut est.", + "web_url":"http://example.com/gitlabhq/gitlab-test", + "avatar_url":null, + "git_ssh_url":"git@example.com:gitlabhq/gitlab-test.git", + "git_http_url":"http://example.com/gitlabhq/gitlab-test.git", + "namespace":"GitlabHQ", + "visibility_level":20, + "path_with_namespace":"gitlabhq/gitlab-test", + "default_branch":"master", + "homepage":"http://example.com/gitlabhq/gitlab-test", + "url":"http://example.com/gitlabhq/gitlab-test.git", + "ssh_url":"git@example.com:gitlabhq/gitlab-test.git", + "http_url":"http://example.com/gitlabhq/gitlab-test.git" + }, + "repository": { + "name": "Gitlab Test", + "url": "http://example.com/gitlabhq/gitlab-test.git", + "description": "Aut reprehenderit ut est.", + "homepage": "http://example.com/gitlabhq/gitlab-test" }, "object_attributes": { - "id": 90, + "id": 99, "target_branch": "master", "source_branch": "ms-viewport", "source_project_id": 14, "author_id": 51, "assignee_id": 6, "title": "MS-Viewport", - "created_at": "2017-09-20T08:31:45.944Z", - "updated_at": "2017-09-28T12:23:42.365Z", + "created_at": "2013-12-03T17:23:34Z", + "updated_at": "2013-12-03T17:23:34Z", "milestone_id": null, "state": "opened", "merge_status": "unchecked", "target_project_id": 14, "iid": 1, "description": "", - "updated_by_id": 1, - "merge_error": null, - "merge_params": { - "force_remove_source_branch": "0" - }, - "merge_when_pipeline_succeeds": false, - "merge_user_id": null, - "merge_commit_sha": null, - "deleted_at": null, - "in_progress_merge_commit_sha": null, - "lock_version": 5, - "time_estimate": 0, - "last_edited_at": "2017-09-27T12:43:37.558Z", - "last_edited_by_id": 1, - "head_pipeline_id": 61, - "ref_fetched": true, - "merge_jid": null, "source": { - "name": "Awesome Project", - "description": "", - "web_url": "http://example.com/awesome_space/awesome_project", - "avatar_url": null, - "git_ssh_url": "git@example.com:awesome_space/awesome_project.git", - "git_http_url": "http://example.com/awesome_space/awesome_project.git", - "namespace": "root", - "visibility_level": 0, - "path_with_namespace": "awesome_space/awesome_project", - "default_branch": "master", - "ci_config_path": "", - "homepage": "http://example.com/awesome_space/awesome_project", - "url": "http://example.com/awesome_space/awesome_project.git", - "ssh_url": "git@example.com:awesome_space/awesome_project.git", - "http_url": "http://example.com/awesome_space/awesome_project.git" + "name":"Awesome Project", + "description":"Aut reprehenderit ut est.", + "web_url":"http://example.com/awesome_space/awesome_project", + "avatar_url":null, + "git_ssh_url":"git@example.com:awesome_space/awesome_project.git", + "git_http_url":"http://example.com/awesome_space/awesome_project.git", + "namespace":"Awesome Space", + "visibility_level":20, + "path_with_namespace":"awesome_space/awesome_project", + "default_branch":"master", + "homepage":"http://example.com/awesome_space/awesome_project", + "url":"http://example.com/awesome_space/awesome_project.git", + "ssh_url":"git@example.com:awesome_space/awesome_project.git", + "http_url":"http://example.com/awesome_space/awesome_project.git" }, "target": { - "name": "Awesome Project", - "description": "Aut reprehenderit ut est.", - "web_url": "http://example.com/awesome_space/awesome_project", - "avatar_url": null, - "git_ssh_url": "git@example.com:awesome_space/awesome_project.git", - "git_http_url": "http://example.com/awesome_space/awesome_project.git", - "namespace": "Awesome Space", - "visibility_level": 0, - "path_with_namespace": "awesome_space/awesome_project", - "default_branch": "master", - "ci_config_path": "", - "homepage": "http://example.com/awesome_space/awesome_project", - "url": "http://example.com/awesome_space/awesome_project.git", - "ssh_url": "git@example.com:awesome_space/awesome_project.git", - "http_url": "http://example.com/awesome_space/awesome_project.git" + "name":"Awesome Project", + "description":"Aut reprehenderit ut est.", + "web_url":"http://example.com/awesome_space/awesome_project", + "avatar_url":null, + "git_ssh_url":"git@example.com:awesome_space/awesome_project.git", + "git_http_url":"http://example.com/awesome_space/awesome_project.git", + "namespace":"Awesome Space", + "visibility_level":20, + "path_with_namespace":"awesome_space/awesome_project", + "default_branch":"master", + "homepage":"http://example.com/awesome_space/awesome_project", + "url":"http://example.com/awesome_space/awesome_project.git", + "ssh_url":"git@example.com:awesome_space/awesome_project.git", + "http_url":"http://example.com/awesome_space/awesome_project.git" }, "last_commit": { - "id": "ba3e0d8ff79c80d5b0bbb4f3e2e343e0aaa662b7", + "id": "da1560886d4f094c3e6c9ef40349f7d38b5d27d7", "message": "fixed readme", - "timestamp": "2017-09-26T16:12:57Z", + "timestamp": "2012-01-03T23:36:29+02:00", "url": "http://example.com/awesome_space/awesome_project/commits/da1560886d4f094c3e6c9ef40349f7d38b5d27d7", "author": { "name": "GitLab dev user", @@ -635,16 +623,61 @@ X-Gitlab-Event: System Hook } }, "work_in_progress": false, - "total_time_spent": 0, - "human_total_time_spent": null, - "human_time_estimate": null + "url": "http://example.com/diaspora/merge_requests/1", + "action": "open", + "assignee": { + "name": "User1", + "username": "user1", + "avatar_url": "http://www.gravatar.com/avatar/e64c7d89f26bd1972efa854d13d7dd61?s=40\u0026d=identicon" + } }, - "labels": null, - "repository": { - "name": "git-gpg-test", - "url": "git@example.com:awesome_space/awesome_project.git", - "description": "", - "homepage": "http://example.com/awesome_space/awesome_project" + "labels": [{ + "id": 206, + "title": "API", + "color": "#ffffff", + "project_id": 14, + "created_at": "2013-12-03T17:15:43Z", + "updated_at": "2013-12-03T17:15:43Z", + "template": false, + "description": "API related issues", + "type": "ProjectLabel", + "group_id": 41 + }], + "changes": { + "updated_by_id": { + "previous": null, + "current": 1 + }, + "updated_at": { + "previous": "2017-09-15 16:50:55 UTC", + "current":"2017-09-15 16:52:00 UTC" + }, + "labels": { + "previous": [{ + "id": 206, + "title": "API", + "color": "#ffffff", + "project_id": 14, + "created_at": "2013-12-03T17:15:43Z", + "updated_at": "2013-12-03T17:15:43Z", + "template": false, + "description": "API related issues", + "type": "ProjectLabel", + "group_id": 41 + }], + "current": [{ + "id": 205, + "title": "Platform", + "color": "#123123", + "project_id": 14, + "created_at": "2013-12-03T17:15:43Z", + "updated_at": "2013-12-03T17:15:43Z", + "template": false, + "description": "Platform related issues", + "type": "ProjectLabel", + "group_id": 41 + }] + } } } ``` diff --git a/doc/user/application_security/policies/index.md b/doc/user/application_security/policies/index.md index 4d71919299c..b1914ad61cb 100644 --- a/doc/user/application_security/policies/index.md +++ b/doc/user/application_security/policies/index.md @@ -6,13 +6,9 @@ info: To determine the technical writer assigned to the Stage/Group associated w # Policies **(ULTIMATE)** -> - [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/5329) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 13.10. Deployed behind a feature flag, disabled by default. +> - [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/5329) in GitLab Ultimate 13.10 with a [feature flag](../../../administration/feature_flags.md) named `security_orchestration_policies_configuration`. Disabled by default. > - [Enabled on self-managed](https://gitlab.com/gitlab-org/gitlab/-/issues/321258) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 14.3. - -FLAG: -On self-managed GitLab, by default this feature is available. To hide the feature, -ask an administrator to [disable the `security_orchestration_policies_configuration` flag](../../../administration/feature_flags.md). -On GitLab.com, this feature is available. +> - [Feature flag `security_orchestration_policies_configuration` removed](https://gitlab.com/gitlab-org/gitlab/-/issues/321258) in GitLab 14.4. Policies in GitLab provide security teams a way to require scans of their choice to be run whenever a project pipeline runs according to the configuration specified. Security teams can diff --git a/doc/user/project/integrations/webhooks.md b/doc/user/project/integrations/webhooks.md index e2f51ad5506..a6e6b1a3d50 100644 --- a/doc/user/project/integrations/webhooks.md +++ b/doc/user/project/integrations/webhooks.md @@ -131,6 +131,7 @@ X-Gitlab-Event: Push Hook ```json { "object_kind": "push", + "event_name": "push", "before": "95790bf891e76fee5e1747ab589903a6a1f80f22", "after": "da1560886d4f094c3e6c9ef40349f7d38b5d27d7", "ref": "refs/heads/master", @@ -221,6 +222,7 @@ X-Gitlab-Event: Tag Push Hook ```json { "object_kind": "tag_push", + "event_name": "tag_push", "before": "0000000000000000000000000000000000000000", "after": "82b3d5ae55f7080f1e6022629cdb57bfae7cccc7", "ref": "refs/tags/v1.0.0", @@ -449,6 +451,7 @@ X-Gitlab-Event: Note Hook ```json { "object_kind": "note", + "event_type": "note", "user": { "id": 1, "name": "Administrator", @@ -531,6 +534,7 @@ X-Gitlab-Event: Note Hook ```json { "object_kind": "note", + "event_type": "note", "user": { "id": 1, "name": "Administrator", @@ -660,6 +664,7 @@ X-Gitlab-Event: Note Hook ```json { "object_kind": "note", + "event_type": "note", "user": { "id": 1, "name": "Administrator", @@ -755,6 +760,9 @@ X-Gitlab-Event: Note Hook NOTE: `assignee_id` field is deprecated and now shows the first assignee only. +NOTE: +`event_type` is set to `confidential_note` for confidential issues. + #### Comment on code snippet **Request header**: @@ -768,6 +776,7 @@ X-Gitlab-Event: Note Hook ```json { "object_kind": "note", + "event_type": "note", "user": { "id": 1, "name": "Administrator", @@ -856,6 +865,7 @@ X-Gitlab-Event: Merge Request Hook ```json { "object_kind": "merge_request", + "event_type": "merge_request", "user": { "id": 1, "name": "Administrator", diff --git a/scripts/review_apps/automated_cleanup.rb b/scripts/review_apps/automated_cleanup.rb index 71e95a043e0..e6efbca9e86 100755 --- a/scripts/review_apps/automated_cleanup.rb +++ b/scripts/review_apps/automated_cleanup.rb @@ -194,7 +194,7 @@ class AutomatedCleanup def delete_stopped_environments(environment_type:, checked_environments:, last_updated_threshold:) gitlab.environments(project_path, per_page: DEPLOYMENTS_PER_PAGE, sort: 'desc', states: 'stopped', search: ENVIRONMENT_PREFIX[environment_type]).auto_paginate do |environment| - next if skip_environment?(environment: environment, checked_environments: checked_environments, last_updated_threshold: delete_threshold, environment_type: environment_type) + next if skip_environment?(environment: environment, checked_environments: checked_environments, last_updated_threshold: last_updated_threshold, environment_type: environment_type) yield environment if delete_environment(environment) diff --git a/spec/lib/gitlab/import_export/all_models.yml b/spec/lib/gitlab/import_export/all_models.yml index 46f5c8ed7d3..10f0e687077 100644 --- a/spec/lib/gitlab/import_export/all_models.yml +++ b/spec/lib/gitlab/import_export/all_models.yml @@ -59,6 +59,7 @@ issues: - requirement - incident_management_issuable_escalation_status - pending_escalations +- customer_relations_contacts work_item_type: - issues events: diff --git a/spec/models/customer_relations/contact_spec.rb b/spec/models/customer_relations/contact_spec.rb index b19554dd67e..298d5db3ab9 100644 --- a/spec/models/customer_relations/contact_spec.rb +++ b/spec/models/customer_relations/contact_spec.rb @@ -6,6 +6,7 @@ RSpec.describe CustomerRelations::Contact, type: :model do describe 'associations' do it { is_expected.to belong_to(:group) } it { is_expected.to belong_to(:organization).optional } + it { is_expected.to have_and_belong_to_many(:issues) } end describe 'validations' do diff --git a/spec/models/issue_spec.rb b/spec/models/issue_spec.rb index 3f5a0c364a5..4319407706e 100644 --- a/spec/models/issue_spec.rb +++ b/spec/models/issue_spec.rb @@ -34,6 +34,7 @@ RSpec.describe Issue do it { is_expected.to have_many(:issue_email_participants) } it { is_expected.to have_many(:timelogs).autosave(true) } it { is_expected.to have_one(:incident_management_issuable_escalation_status) } + it { is_expected.to have_and_belong_to_many(:customer_relations_contacts) } describe 'versions.most_recent' do it 'returns the most recent version' do diff --git a/tooling/graphql/docs/templates/default.md.haml b/tooling/graphql/docs/templates/default.md.haml index 7d42fb3a9f8..fad954ebb01 100644 --- a/tooling/graphql/docs/templates/default.md.haml +++ b/tooling/graphql/docs/templates/default.md.haml @@ -18,8 +18,12 @@ in [Removed Items](../removed_items.md). <!-- vale off --> - <!-- Docs linting disabled after this line. --> + <!-- Vale linting disabled after this line. --> <!-- See https://docs.gitlab.com/ee/development/documentation/testing.html#disable-vale-tests --> + + <!-- markdownlint-disable MD044 --> + <!-- MD044/proper-names test disabled after this line to make page compatible with markdownlint-cli 0.29.0. --> + <!-- See https://docs.gitlab.com/ee/development/documentation/testing.html#disable-markdownlint-tests --> \ :plain |