diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2021-08-26 06:09:01 +0300 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2021-08-26 06:09:01 +0300 |
| commit | baaa5c45c022d394bf1478d462a3b1aea413b7ed (patch) | |
| tree | c18f52b77c9b4a92f504dfd1060e7495e293a937 | |
| parent | b3618e799d30ae6df5c55e47b8ec8ebedb1af5a0 (diff) | |
Add latest changes from gitlab-org/gitlab@master
28 files changed, 661 insertions, 58 deletions
diff --git a/.cross-join-allowlist.yml b/.cross-join-allowlist.yml new file mode 100644 index 00000000000..19be59cc74a --- /dev/null +++ b/.cross-join-allowlist.yml @@ -0,0 +1,418 @@ +- "./ee/spec/controllers/ee/projects/jobs_controller_spec.rb" +- "./ee/spec/controllers/ee/search_controller_spec.rb" +- "./ee/spec/controllers/operations_controller_spec.rb" +- "./ee/spec/controllers/projects/issues_controller_spec.rb" +- "./ee/spec/controllers/projects/security/vulnerabilities_controller_spec.rb" +- "./ee/spec/features/ci/ci_minutes_spec.rb" +- "./ee/spec/features/ci_shared_runner_warnings_spec.rb" +- "./ee/spec/features/groups/analytics/cycle_analytics/filters_and_data_spec.rb" +- "./ee/spec/features/merge_request/sidebar_spec.rb" +- "./ee/spec/features/merge_requests/user_resets_approvers_spec.rb" +- "./ee/spec/features/merge_request/user_approves_with_password_spec.rb" +- "./ee/spec/features/merge_request/user_creates_merge_request_spec.rb" +- "./ee/spec/features/merge_request/user_creates_merge_request_with_blocking_mrs_spec.rb" +- "./ee/spec/features/merge_request/user_edits_merge_request_blocking_mrs_spec.rb" +- "./ee/spec/features/merge_request/user_merges_immediately_spec.rb" +- "./ee/spec/features/merge_request/user_merges_with_push_rules_spec.rb" +- "./ee/spec/features/merge_request/user_sees_approval_widget_spec.rb" +- "./ee/spec/features/merge_request/user_sees_closing_issues_message_spec.rb" +- "./ee/spec/features/merge_request/user_sees_merge_widget_spec.rb" +- "./ee/spec/features/merge_request/user_sees_status_checks_widget_spec.rb" +- "./ee/spec/features/merge_request/user_selects_branches_for_new_mr_spec.rb" +- "./ee/spec/features/merge_request/user_sets_approval_rules_spec.rb" +- "./ee/spec/features/merge_request/user_sets_approvers_spec.rb" +- "./ee/spec/features/merge_request/user_uses_slash_commands_spec.rb" +- "./ee/spec/features/merge_request/user_views_blocked_merge_request_spec.rb" +- "./ee/spec/features/merge_trains/two_merge_requests_on_train_spec.rb" +- "./ee/spec/features/merge_trains/user_adds_merge_request_to_merge_train_spec.rb" +- "./ee/spec/features/merge_trains/user_adds_to_merge_train_when_pipeline_succeeds_spec.rb" +- "./ee/spec/features/projects/jobs_spec.rb" +- "./ee/spec/features/projects/merge_requests/user_approves_merge_request_spec.rb" +- "./ee/spec/features/projects/pipelines/pipeline_spec.rb" +- "./ee/spec/features/projects/settings/auto_rollback_spec.rb" +- "./ee/spec/features/projects/settings/pipeline_subscriptions_spec.rb" +- "./ee/spec/features/projects/settings/protected_environments_spec.rb" +- "./ee/spec/features/search/elastic/group_search_spec.rb" +- "./ee/spec/finders/ee/namespaces/projects_finder_spec.rb" +- "./ee/spec/finders/group_projects_finder_spec.rb" +- "./ee/spec/finders/security/findings_finder_spec.rb" +- "./ee/spec/frontend/fixtures/analytics/metrics.rb" +- "./ee/spec/frontend/fixtures/analytics/value_streams_code_stage.rb" +- "./ee/spec/frontend/fixtures/analytics/value_streams_issue_stage.rb" +- "./ee/spec/frontend/fixtures/analytics/value_streams_plan_stage.rb" +- "./ee/spec/frontend/fixtures/analytics/value_streams.rb" +- "./ee/spec/frontend/fixtures/analytics/value_streams_review_stage.rb" +- "./ee/spec/frontend/fixtures/analytics/value_streams_staging_stage.rb" +- "./ee/spec/frontend/fixtures/merge_requests.rb" +- "./ee/spec/graphql/ee/mutations/ci/runner/update_spec.rb" +- "./ee/spec/graphql/ee/resolvers/namespace_projects_resolver_spec.rb" +- "./ee/spec/lib/analytics/devops_adoption/snapshot_calculator_spec.rb" +- "./ee/spec/lib/ee/gitlab/background_migration/migrate_approver_to_approval_rules_spec.rb" +- "./ee/spec/lib/ee/gitlab/background_migration/migrate_security_scans_spec.rb" +- "./ee/spec/lib/ee/gitlab/background_migration/populate_latest_pipeline_ids_spec.rb" +- "./ee/spec/lib/ee/gitlab/background_migration/populate_resolved_on_default_branch_column_spec.rb" +- "./ee/spec/lib/ee/gitlab/background_migration/populate_uuids_for_security_findings_spec.rb" +- "./ee/spec/lib/ee/gitlab/background_migration/populate_vulnerability_feedback_pipeline_id_spec.rb" +- "./ee/spec/lib/ee/gitlab/usage_data_spec.rb" +- "./ee/spec/lib/gitlab/ci/minutes/build_consumption_spec.rb" +- "./ee/spec/lib/gitlab/ci/minutes/runners_availability_spec.rb" +- "./ee/spec/lib/gitlab/ci/templates/Jobs/browser_performance_testing_gitlab_ci_yaml_spec.rb" +- "./ee/spec/lib/gitlab/ci/templates/Jobs/load_performance_testing_gitlab_ci_yaml_spec.rb" +- "./ee/spec/lib/gitlab/ci/templates/Verify/browser_performance_testing_gitlab_ci_yaml_spec.rb" +- "./ee/spec/lib/gitlab/ci/templates/Verify/load_performance_testing_gitlab_ci_yaml_spec.rb" +- "./ee/spec/migrations/schedule_populate_resolved_on_default_branch_column_spec.rb" +- "./ee/spec/models/analytics/cycle_analytics/group_level_spec.rb" +- "./ee/spec/models/ci/build_spec.rb" +- "./ee/spec/models/ci/minutes/project_monthly_usage_spec.rb" +- "./ee/spec/models/ci/pipeline_spec.rb" +- "./ee/spec/models/ee/ci/runner_spec.rb" +- "./ee/spec/models/ee/vulnerability_spec.rb" +- "./ee/spec/models/merge_request_spec.rb" +- "./ee/spec/models/project_spec.rb" +- "./ee/spec/models/security/finding_spec.rb" +- "./ee/spec/models/security/scan_spec.rb" +- "./ee/spec/presenters/ci/pipeline_presenter_spec.rb" +- "./ee/spec/requests/api/ci/jobs_spec.rb" +- "./ee/spec/requests/api/ci/minutes_spec.rb" +- "./ee/spec/requests/api/ci/runner_spec.rb" +- "./ee/spec/requests/api/graphql/ci/minutes/usage_spec.rb" +- "./ee/spec/requests/api/graphql/mutations/environments/canary_ingress/update_spec.rb" +- "./ee/spec/requests/api/graphql/mutations/vulnerabilities/create_external_issue_link_spec.rb" +- "./ee/spec/requests/api/graphql/project/pipeline/security_report_summary_spec.rb" +- "./ee/spec/requests/api/graphql/vulnerabilities/location_spec.rb" +- "./ee/spec/requests/api/groups_spec.rb" +- "./ee/spec/requests/api/namespaces_spec.rb" +- "./ee/spec/requests/api/search_spec.rb" +- "./ee/spec/requests/api/vulnerability_findings_spec.rb" +- "./ee/spec/serializers/dashboard_environment_entity_spec.rb" +- "./ee/spec/serializers/dashboard_environments_serializer_spec.rb" +- "./ee/spec/serializers/dashboard_operations_project_entity_spec.rb" +- "./ee/spec/serializers/ee/build_details_entity_spec.rb" +- "./ee/spec/serializers/merge_request_poll_widget_entity_spec.rb" +- "./ee/spec/services/auto_merge/add_to_merge_train_when_pipeline_succeeds_service_spec.rb" +- "./ee/spec/services/ci/create_pipeline_service/needs_spec.rb" +- "./ee/spec/services/ci/create_pipeline_service/runnable_builds_spec.rb" +- "./ee/spec/services/ci/minutes/additional_packs/change_namespace_service_spec.rb" +- "./ee/spec/services/ci/minutes/additional_packs/create_service_spec.rb" +- "./ee/spec/services/ci/minutes/refresh_cached_data_service_spec.rb" +- "./ee/spec/services/ci/pipeline_creation/drop_not_runnable_builds_service_spec.rb" +- "./ee/spec/services/ci/process_pipeline_service_spec.rb" +- "./ee/spec/services/ci/register_job_service_spec.rb" +- "./ee/spec/services/ci/retry_build_service_spec.rb" +- "./ee/spec/services/ci/retry_pipeline_service_spec.rb" +- "./ee/spec/services/ci/trigger_downstream_subscription_service_spec.rb" +- "./ee/spec/services/clear_namespace_shared_runners_minutes_service_spec.rb" +- "./ee/spec/services/deployments/auto_rollback_service_spec.rb" +- "./ee/spec/services/ee/ci/job_artifacts/destroy_all_expired_service_spec.rb" +- "./ee/spec/services/ee/ci/job_artifacts/destroy_batch_service_spec.rb" +- "./ee/spec/services/ee/issues/build_from_vulnerability_service_spec.rb" +- "./ee/spec/services/ee/merge_requests/after_create_service_spec.rb" +- "./ee/spec/services/ee/merge_requests/create_pipeline_service_spec.rb" +- "./ee/spec/services/ee/merge_requests/refresh_service_spec.rb" +- "./ee/spec/services/merge_trains/refresh_merge_request_service_spec.rb" +- "./ee/spec/services/search/group_service_spec.rb" +- "./ee/spec/services/security/report_summary_service_spec.rb" +- "./ee/spec/services/security/vulnerability_counting_service_spec.rb" +- "./ee/spec/support/features/redacted_search_results_examples.rb" +- "./ee/spec/support/shared_examples/fixtures/analytics_value_streams_shared_examples.rb" +- "./ee/spec/support/shared_examples/services/build_execute_shared_examples.rb" +- "./ee/spec/support/shared_examples/services/search_service_shared_examples.rb" +- "./ee/spec/workers/ci/initial_pipeline_process_worker_spec.rb" +- "./ee/spec/workers/scan_security_report_secrets_worker_spec.rb" +- "./ee/spec/workers/security/store_scans_worker_spec.rb" +- "./spec/controllers/admin/runners_controller_spec.rb" +- "./spec/controllers/groups/runners_controller_spec.rb" +- "./spec/controllers/groups/settings/ci_cd_controller_spec.rb" +- "./spec/controllers/projects/issues_controller_spec.rb" +- "./spec/controllers/projects/jobs_controller_spec.rb" +- "./spec/controllers/projects/logs_controller_spec.rb" +- "./spec/controllers/projects/merge_requests/content_controller_spec.rb" +- "./spec/controllers/projects/merge_requests_controller_spec.rb" +- "./spec/controllers/projects/pipelines_controller_spec.rb" +- "./spec/controllers/projects/runners_controller_spec.rb" +- "./spec/controllers/projects/serverless/functions_controller_spec.rb" +- "./spec/controllers/projects/settings/ci_cd_controller_spec.rb" +- "./spec/controllers/projects/web_ide_terminals_controller_spec.rb" +- "./spec/features/admin/admin_builds_spec.rb" +- "./spec/features/admin/admin_runners_spec.rb" +- "./spec/features/commits_spec.rb" +- "./spec/features/cycle_analytics_spec.rb" +- "./spec/features/groups/settings/ci_cd_spec.rb" +- "./spec/features/ide/user_opens_merge_request_spec.rb" +- "./spec/features/issuables/markdown_references/internal_references_spec.rb" +- "./spec/features/issuables/markdown_references/jira_spec.rb" +- "./spec/features/issues/create_issue_for_discussions_in_merge_request_spec.rb" +- "./spec/features/issues/create_issue_for_single_discussion_in_merge_request_spec.rb" +- "./spec/features/issues/notes_on_issues_spec.rb" +- "./spec/features/issues/user_creates_branch_and_merge_request_spec.rb" +- "./spec/features/issues/user_creates_confidential_merge_request_spec.rb" +- "./spec/features/markdown/gitlab_flavored_markdown_spec.rb" +- "./spec/features/merge_request/batch_comments_spec.rb" +- "./spec/features/merge_request/close_reopen_report_toggle_spec.rb" +- "./spec/features/merge_request/maintainer_edits_fork_spec.rb" +- "./spec/features/merge_request/merge_request_discussion_lock_spec.rb" +- "./spec/features/merge_request/user_accepts_merge_request_spec.rb" +- "./spec/features/merge_request/user_allows_commits_from_memebers_who_can_merge_spec.rb" +- "./spec/features/merge_request/user_approves_spec.rb" +- "./spec/features/merge_request/user_assigns_themselves_spec.rb" +- "./spec/features/merge_request/user_awards_emoji_spec.rb" +- "./spec/features/merge_request/user_clicks_merge_request_tabs_spec.rb" +- "./spec/features/merge_request/user_comments_on_diff_spec.rb" +- "./spec/features/merge_request/user_comments_on_merge_request_spec.rb" +- "./spec/features/merge_request/user_creates_image_diff_notes_spec.rb" +- "./spec/features/merge_request/user_creates_merge_request_spec.rb" +- "./spec/features/merge_request/user_customizes_merge_commit_message_spec.rb" +- "./spec/features/merge_request/user_edits_assignees_sidebar_spec.rb" +- "./spec/features/merge_request/user_edits_merge_request_spec.rb" +- "./spec/features/merge_request/user_edits_reviewers_sidebar_spec.rb" +- "./spec/features/merge_request/user_expands_diff_spec.rb" +- "./spec/features/merge_request/user_interacts_with_batched_mr_diffs_spec.rb" +- "./spec/features/merge_request/user_invites_from_a_comment_spec.rb" +- "./spec/features/merge_request/user_jumps_to_discussion_spec.rb" +- "./spec/features/merge_request/user_locks_discussion_spec.rb" +- "./spec/features/merge_request/user_manages_subscription_spec.rb" +- "./spec/features/merge_request/user_marks_merge_request_as_draft_spec.rb" +- "./spec/features/merge_request/user_merges_immediately_spec.rb" +- "./spec/features/merge_request/user_merges_merge_request_spec.rb" +- "./spec/features/merge_request/user_merges_only_if_pipeline_succeeds_spec.rb" +- "./spec/features/merge_request/user_merges_when_pipeline_succeeds_spec.rb" +- "./spec/features/merge_request/user_posts_diff_notes_spec.rb" +- "./spec/features/merge_request/user_posts_notes_spec.rb" +- "./spec/features/merge_request/user_rebases_merge_request_spec.rb" +- "./spec/features/merge_request/user_resolves_conflicts_spec.rb" +- "./spec/features/merge_request/user_resolves_diff_notes_and_discussions_resolve_spec.rb" +- "./spec/features/merge_request/user_resolves_outdated_diff_discussions_spec.rb" +- "./spec/features/merge_request/user_resolves_wip_mr_spec.rb" +- "./spec/features/merge_request/user_reverts_merge_request_spec.rb" +- "./spec/features/merge_request/user_reviews_image_spec.rb" +- "./spec/features/merge_request/user_scrolls_to_note_on_load_spec.rb" +- "./spec/features/merge_request/user_sees_avatar_on_diff_notes_spec.rb" +- "./spec/features/merge_request/user_sees_check_out_branch_modal_spec.rb" +- "./spec/features/merge_request/user_sees_cherry_pick_modal_spec.rb" +- "./spec/features/merge_request/user_sees_closing_issues_message_spec.rb" +- "./spec/features/merge_request/user_sees_deleted_target_branch_spec.rb" +- "./spec/features/merge_request/user_sees_deployment_widget_spec.rb" +- "./spec/features/merge_request/user_sees_diff_spec.rb" +- "./spec/features/merge_request/user_sees_discussions_spec.rb" +- "./spec/features/merge_request/user_sees_merge_button_depending_on_unresolved_discussions_spec.rb" +- "./spec/features/merge_request/user_sees_merge_request_pipelines_spec.rb" +- "./spec/features/merge_request/user_sees_merge_widget_spec.rb" +- "./spec/features/merge_request/user_sees_mini_pipeline_graph_spec.rb" +- "./spec/features/merge_request/user_sees_mr_with_deleted_source_branch_spec.rb" +- "./spec/features/merge_request/user_sees_notes_from_forked_project_spec.rb" +- "./spec/features/merge_request/user_sees_pipelines_from_forked_project_spec.rb" +- "./spec/features/merge_request/user_sees_pipelines_spec.rb" +- "./spec/features/merge_request/user_sees_suggest_pipeline_spec.rb" +- "./spec/features/merge_request/user_sees_system_notes_spec.rb" +- "./spec/features/merge_request/user_sees_versions_spec.rb" +- "./spec/features/merge_request/user_selects_branches_for_new_mr_spec.rb" +- "./spec/features/merge_request/user_squashes_merge_request_spec.rb" +- "./spec/features/merge_request/user_suggests_changes_on_diff_spec.rb" +- "./spec/features/merge_request/user_toggles_whitespace_changes_spec.rb" +- "./spec/features/merge_request/user_views_auto_expanding_diff_spec.rb" +- "./spec/features/merge_request/user_views_diffs_commit_spec.rb" +- "./spec/features/merge_request/user_views_diffs_file_by_file_spec.rb" +- "./spec/features/merge_request/user_views_diffs_spec.rb" +- "./spec/features/merge_request/user_views_merge_request_from_deleted_fork_spec.rb" +- "./spec/features/merge_request/user_views_open_merge_request_spec.rb" +- "./spec/features/participants_autocomplete_spec.rb" +- "./spec/features/project_group_variables_spec.rb" +- "./spec/features/projects/badges/list_spec.rb" +- "./spec/features/projects/badges/pipeline_badge_spec.rb" +- "./spec/features/projects/blobs/edit_spec.rb" +- "./spec/features/projects/environments/environment_spec.rb" +- "./spec/features/projects/environments/environments_spec.rb" +- "./spec/features/projects/environments_pod_logs_spec.rb" +- "./spec/features/projects/infrastructure_registry_spec.rb" +- "./spec/features/projects/issuable_templates_spec.rb" +- "./spec/features/projects/jobs/permissions_spec.rb" +- "./spec/features/projects/jobs_spec.rb" +- "./spec/features/projects/jobs/user_browses_job_spec.rb" +- "./spec/features/projects/jobs/user_browses_jobs_spec.rb" +- "./spec/features/projects/package_files_spec.rb" +- "./spec/features/projects/pipelines/pipeline_spec.rb" +- "./spec/features/projects/pipelines/pipelines_spec.rb" +- "./spec/features/projects/serverless/functions_spec.rb" +- "./spec/features/projects/settings/pipelines_settings_spec.rb" +- "./spec/features/projects/user_sees_user_popover_spec.rb" +- "./spec/features/projects/view_on_env_spec.rb" +- "./spec/features/project_variables_spec.rb" +- "./spec/features/runners_spec.rb" +- "./spec/features/security/project/internal_access_spec.rb" +- "./spec/features/security/project/private_access_spec.rb" +- "./spec/features/security/project/public_access_spec.rb" +- "./spec/features/task_lists_spec.rb" +- "./spec/features/triggers_spec.rb" +- "./spec/features/user_sees_revert_modal_spec.rb" +- "./spec/finders/ci/pipelines_finder_spec.rb" +- "./spec/finders/ci/pipelines_for_merge_request_finder_spec.rb" +- "./spec/finders/ci/runners_finder_spec.rb" +- "./spec/finders/clusters/knative_services_finder_spec.rb" +- "./spec/finders/projects_finder_spec.rb" +- "./spec/finders/projects/serverless/functions_finder_spec.rb" +- "./spec/frontend/fixtures/analytics.rb" +- "./spec/frontend/fixtures/jobs.rb" +- "./spec/frontend/fixtures/merge_requests.rb" +- "./spec/frontend/fixtures/pipelines.rb" +- "./spec/frontend/fixtures/runner.rb" +- "./spec/graphql/mutations/ci/runner/delete_spec.rb" +- "./spec/graphql/mutations/ci/runner/update_spec.rb" +- "./spec/graphql/resolvers/ci/group_runners_resolver_spec.rb" +- "./spec/graphql/resolvers/ci/job_token_scope_resolver_spec.rb" +- "./spec/graphql/resolvers/merge_request_pipelines_resolver_spec.rb" +- "./spec/graphql/resolvers/projects_resolver_spec.rb" +- "./spec/graphql/types/ci/job_token_scope_type_spec.rb" +- "./spec/helpers/packages_helper_spec.rb" +- "./spec/lib/api/entities/package_spec.rb" +- "./spec/lib/gitlab/background_migration/migrate_legacy_artifacts_spec.rb" +- "./spec/lib/gitlab/ci/badge/pipeline/status_spec.rb" +- "./spec/lib/gitlab/ci/templates/Jobs/build_gitlab_ci_yaml_spec.rb" +- "./spec/lib/gitlab/ci/templates/Jobs/code_quality_gitlab_ci_yaml_spec.rb" +- "./spec/lib/gitlab/ci/templates/Jobs/deploy_gitlab_ci_yaml_spec.rb" +- "./spec/lib/gitlab/ci/templates/Jobs/test_gitlab_ci_yaml_spec.rb" +- "./spec/lib/gitlab/ci/templates/Verify/load_performance_testing_gitlab_ci_yaml_spec.rb" +- "./spec/lib/gitlab/prometheus/query_variables_spec.rb" +- "./spec/mailers/emails/pipelines_spec.rb" +- "./spec/migrations/cleanup_legacy_artifact_migration_spec.rb" +- "./spec/migrations/migrate_protected_attribute_to_pending_builds_spec.rb" +- "./spec/migrations/re_schedule_latest_pipeline_id_population_with_all_security_related_artifact_types_spec.rb" +- "./spec/migrations/schedule_migrate_security_scans_spec.rb" +- "./spec/models/ci/build_dependencies_spec.rb" +- "./spec/models/ci/build_spec.rb" +- "./spec/models/ci/build_trace_chunk_spec.rb" +- "./spec/models/ci/job_artifact_spec.rb" +- "./spec/models/ci/job_token/scope_spec.rb" +- "./spec/models/ci/pipeline_spec.rb" +- "./spec/models/ci/runner_spec.rb" +- "./spec/models/clusters/applications/runner_spec.rb" +- "./spec/models/concerns/chronic_duration_attribute_spec.rb" +- "./spec/models/deployment_spec.rb" +- "./spec/models/environment_spec.rb" +- "./spec/models/environment_status_spec.rb" +- "./spec/models/merge_request_spec.rb" +- "./spec/models/project_spec.rb" +- "./spec/models/user_spec.rb" +- "./spec/presenters/ci/build_runner_presenter_spec.rb" +- "./spec/presenters/ci/pipeline_presenter_spec.rb" +- "./spec/presenters/packages/detail/package_presenter_spec.rb" +- "./spec/requests/api/ci/jobs_spec.rb" +- "./spec/requests/api/ci/pipelines_spec.rb" +- "./spec/requests/api/ci/runner/jobs_put_spec.rb" +- "./spec/requests/api/ci/runner/jobs_request_post_spec.rb" +- "./spec/requests/api/ci/runner/jobs_trace_spec.rb" +- "./spec/requests/api/ci/runner/runners_post_spec.rb" +- "./spec/requests/api/ci/runners_spec.rb" +- "./spec/requests/api/commit_statuses_spec.rb" +- "./spec/requests/api/graphql/ci/groups_spec.rb" +- "./spec/requests/api/graphql/ci/job_spec.rb" +- "./spec/requests/api/graphql/ci/runner_spec.rb" +- "./spec/requests/api/graphql/group_query_spec.rb" +- "./spec/requests/api/graphql/merge_request/merge_request_spec.rb" +- "./spec/requests/api/graphql/mutations/ci/job_play_spec.rb" +- "./spec/requests/api/graphql/mutations/ci/job_retry_spec.rb" +- "./spec/requests/api/graphql/mutations/ci/job_token_scope/add_project_spec.rb" +- "./spec/requests/api/graphql/mutations/ci/job_token_scope/remove_project_spec.rb" +- "./spec/requests/api/graphql/mutations/environments/canary_ingress/update_spec.rb" +- "./spec/requests/api/graphql/mutations/merge_requests/create_spec.rb" +- "./spec/requests/api/graphql/packages/composer_spec.rb" +- "./spec/requests/api/graphql/packages/conan_spec.rb" +- "./spec/requests/api/graphql/packages/maven_spec.rb" +- "./spec/requests/api/graphql/packages/nuget_spec.rb" +- "./spec/requests/api/graphql/packages/package_spec.rb" +- "./spec/requests/api/graphql/packages/pypi_spec.rb" +- "./spec/requests/api/graphql/project/merge_request/pipelines_spec.rb" +- "./spec/requests/api/graphql/project/merge_request_spec.rb" +- "./spec/requests/api/graphql/project/merge_requests_spec.rb" +- "./spec/requests/api/graphql/project/pipeline_spec.rb" +- "./spec/requests/api/merge_requests_spec.rb" +- "./spec/requests/api/package_files_spec.rb" +- "./spec/requests/api/projects_spec.rb" +- "./spec/requests/projects/cycle_analytics_events_spec.rb" +- "./spec/serializers/build_details_entity_spec.rb" +- "./spec/serializers/ci/pipeline_entity_spec.rb" +- "./spec/serializers/merge_request_poll_widget_entity_spec.rb" +- "./spec/serializers/merge_request_serializer_spec.rb" +- "./spec/serializers/pipeline_details_entity_spec.rb" +- "./spec/serializers/pipeline_serializer_spec.rb" +- "./spec/serializers/runner_entity_spec.rb" +- "./spec/services/auto_merge/merge_when_pipeline_succeeds_service_spec.rb" +- "./spec/services/auto_merge_service_spec.rb" +- "./spec/services/ci/create_pipeline_service/cross_project_pipeline_spec.rb" +- "./spec/services/ci/create_pipeline_service/needs_spec.rb" +- "./spec/services/ci/create_pipeline_service/parent_child_pipeline_spec.rb" +- "./spec/services/ci/create_pipeline_service_spec.rb" +- "./spec/services/ci/destroy_pipeline_service_spec.rb" +- "./spec/services/ci/drop_pipeline_service_spec.rb" +- "./spec/services/ci/expire_pipeline_cache_service_spec.rb" +- "./spec/services/ci/job_artifacts/destroy_all_expired_service_spec.rb" +- "./spec/services/ci/job_artifacts/destroy_associations_service_spec.rb" +- "./spec/services/ci/job_artifacts/destroy_batch_service_spec.rb" +- "./spec/services/ci/pipeline_processing/shared_processing_service.rb" +- "./spec/services/ci/pipeline_processing/shared_processing_service_tests_with_yaml.rb" +- "./spec/services/ci/play_build_service_spec.rb" +- "./spec/services/ci/register_job_service_spec.rb" +- "./spec/services/ci/retry_build_service_spec.rb" +- "./spec/services/ci/retry_pipeline_service_spec.rb" +- "./spec/services/ci/update_build_queue_service_spec.rb" +- "./spec/services/ci/update_runner_service_spec.rb" +- "./spec/services/clusters/applications/prometheus_config_service_spec.rb" +- "./spec/services/deployments/older_deployments_drop_service_spec.rb" +- "./spec/services/environments/auto_stop_service_spec.rb" +- "./spec/services/environments/stop_service_spec.rb" +- "./spec/services/merge_requests/add_todo_when_build_fails_service_spec.rb" +- "./spec/services/merge_requests/after_create_service_spec.rb" +- "./spec/services/merge_requests/create_from_issue_service_spec.rb" +- "./spec/services/merge_requests/create_pipeline_service_spec.rb" +- "./spec/services/merge_requests/create_service_spec.rb" +- "./spec/services/merge_requests/merge_orchestration_service_spec.rb" +- "./spec/services/merge_requests/post_merge_service_spec.rb" +- "./spec/services/merge_requests/refresh_service_spec.rb" +- "./spec/services/merge_requests/reopen_service_spec.rb" +- "./spec/services/projects/update_pages_service_spec.rb" +- "./spec/services/quick_actions/interpret_service_spec.rb" +- "./spec/support/prometheus/additional_metrics_shared_examples.rb" +- "./spec/support/shared_examples/ci/pipeline_email_shared_examples.rb" +- "./spec/support/shared_examples/controllers/unique_hll_events_examples.rb" +- "./spec/support/shared_examples/features/comments_on_merge_request_files_shared_examples.rb" +- "./spec/support/shared_examples/features/creatable_merge_request_shared_examples.rb" +- "./spec/support/shared_examples/features/discussion_comments_shared_example.rb" +- "./spec/support/shared_examples/features/editable_merge_request_shared_examples.rb" +- "./spec/support/shared_examples/features/issuable_invite_members_shared_examples.rb" +- "./spec/support/shared_examples/features/issuable_sidebar_shared_examples.rb" +- "./spec/support/shared_examples/features/multiple_assignees_mr_shared_examples.rb" +- "./spec/support/shared_examples/features/multiple_reviewers_mr_shared_examples.rb" +- "./spec/support/shared_examples/features/packages_shared_examples.rb" +- "./spec/support/shared_examples/features/page_description_shared_examples.rb" +- "./spec/support/shared_examples/features/reportable_note_shared_examples.rb" +- "./spec/support/shared_examples/features/resolving_discussions_in_issues_shared_examples.rb" +- "./spec/support/shared_examples/features/search_settings_shared_examples.rb" +- "./spec/support/shared_examples/features/showing_user_status_shared_examples.rb" +- "./spec/support/shared_examples/features/variable_list_shared_examples.rb" +- "./spec/support/shared_examples/lib/gitlab/search_results_sorted_shared_examples.rb" +- "./spec/support/shared_examples/models/cluster_application_status_shared_examples.rb" +- "./spec/support/shared_examples/models/concerns/limitable_shared_examples.rb" +- "./spec/support/shared_examples/quick_actions/issuable/close_quick_action_shared_examples.rb" +- "./spec/support/shared_examples/quick_actions/issuable/time_tracking_quick_action_shared_examples.rb" +- "./spec/support/shared_examples/quick_actions/issue/create_merge_request_quick_action_shared_examples.rb" +- "./spec/support/shared_examples/quick_actions/merge_request/merge_quick_action_shared_examples.rb" +- "./spec/support/shared_examples/quick_actions/merge_request/rebase_quick_action_shared_examples.rb" +- "./spec/support/shared_examples/requests/api/graphql/packages/group_and_project_packages_list_shared_examples.rb" +- "./spec/support/shared_examples/requests/api/graphql/packages/package_details_shared_examples.rb" +- "./spec/support/shared_examples/requests/api/logging_application_context_shared_examples.rb" +- "./spec/support/shared_examples/requests/api/status_shared_examples.rb" +- "./spec/support/shared_examples/requests/graphql_shared_examples.rb" +- "./spec/support/shared_examples/services/merge_request_shared_examples.rb" +- "./spec/support/shared_examples/services/onboarding_progress_shared_examples.rb" +- "./spec/support/shared_examples/services/packages_shared_examples.rb" +- "./spec/support/shared_examples/workers/idempotency_shared_examples.rb" +- "./spec/tasks/gitlab/generate_sample_prometheus_data_spec.rb" +- "./spec/views/projects/jobs/_build.html.haml_spec.rb" +- "./spec/workers/ci/drop_pipeline_worker_spec.rb" +- "./spec/workers/ci/initial_pipeline_process_worker_spec.rb" +- "./spec/workers/expire_job_cache_worker_spec.rb" +- "./spec/workers/expire_pipeline_cache_worker_spec.rb" +- "./spec/workers/new_merge_request_worker_spec.rb" +- "./spec/workers/pipeline_process_worker_spec.rb" +- "./spec/workers/pipeline_schedule_worker_spec.rb" +- "./spec/workers/stuck_merge_jobs_worker_spec.rb" +- "./spec/workers/update_head_pipeline_for_merge_request_worker_spec.rb" diff --git a/app/assets/javascripts/pipeline_editor/components/commit/commit_section.vue b/app/assets/javascripts/pipeline_editor/components/commit/commit_section.vue index edc8c126cc8..0308cd9c565 100644 --- a/app/assets/javascripts/pipeline_editor/components/commit/commit_section.vue +++ b/app/assets/javascripts/pipeline_editor/components/commit/commit_section.vue @@ -112,6 +112,9 @@ export default { this.$emit('commit', { type: COMMIT_SUCCESS }); this.updateLastCommitBranch(targetBranch); this.updateCurrentBranch(targetBranch); + if (this.currentBranch === targetBranch) { + this.$emit('updateCommitSha'); + } } } catch (error) { this.$emit('showError', { type: COMMIT_FAILURE, reasons: [error?.message] }); diff --git a/app/assets/javascripts/pipeline_editor/constants.js b/app/assets/javascripts/pipeline_editor/constants.js index d05b06d16db..bb03fa126a5 100644 --- a/app/assets/javascripts/pipeline_editor/constants.js +++ b/app/assets/javascripts/pipeline_editor/constants.js @@ -43,3 +43,5 @@ export const pipelineEditorTrackingOptions = { export const TEMPLATE_REPOSITORY_URL = 'https://gitlab.com/gitlab-org/gitlab-foss/tree/master/lib/gitlab/ci/templates'; + +export const COMMIT_SHA_POLL_INTERVAL = 1000; diff --git a/app/assets/javascripts/pipeline_editor/pipeline_editor_app.vue b/app/assets/javascripts/pipeline_editor/pipeline_editor_app.vue index 8650db42076..dcbfa431126 100644 --- a/app/assets/javascripts/pipeline_editor/pipeline_editor_app.vue +++ b/app/assets/javascripts/pipeline_editor/pipeline_editor_app.vue @@ -10,6 +10,7 @@ import ConfirmUnsavedChangesDialog from './components/ui/confirm_unsaved_changes import PipelineEditorEmptyState from './components/ui/pipeline_editor_empty_state.vue'; import PipelineEditorMessages from './components/ui/pipeline_editor_messages.vue'; import { + COMMIT_SHA_POLL_INTERVAL, EDITOR_APP_STATUS_EMPTY, EDITOR_APP_STATUS_ERROR, EDITOR_APP_STATUS_LOADING, @@ -48,6 +49,7 @@ export default { failureType: null, failureReasons: [], initialCiFileContent: '', + isFetchingCommitSha: false, isNewCiConfigFile: false, lastCommittedContent: '', currentCiFileContent: '', @@ -170,15 +172,22 @@ export default { // in this case, we start polling until we get a commit sha. if (pipelineNodes.length === 0) { if (![EDITOR_APP_STATUS_LOADING, EDITOR_APP_STATUS_EMPTY].includes(this.appStatus)) { - this.$apollo.queries.commitSha.startPolling(1000); + this.$apollo.queries.commitSha.startPolling(COMMIT_SHA_POLL_INTERVAL); return this.commitSha; } return ''; } + const latestCommitSha = pipelineNodes[0].sha; + if (this.isFetchingCommitSha && latestCommitSha === this.commitSha) { + this.$apollo.queries.commitSha.startPolling(COMMIT_SHA_POLL_INTERVAL); + return this.commitSha; + } + + this.isFetchingCommitSha = false; this.$apollo.queries.commitSha.stopPolling(); - return pipelineNodes[0].sha; + return latestCommitSha; }, }, currentBranch: { @@ -280,6 +289,10 @@ export default { updateCiConfig(ciFileContent) { this.currentCiFileContent = ciFileContent; }, + updateCommitSha() { + this.isFetchingCommitSha = true; + this.$apollo.queries.commitSha.refetch(); + }, updateOnCommit({ type }) { this.reportSuccess(type); @@ -333,6 +346,7 @@ export default { @showError="showErrorAlert" @refetchContent="refetchContent" @updateCiConfig="updateCiConfig" + @updateCommitSha="updateCommitSha" /> <confirm-unsaved-changes-dialog :has-unsaved-changes="hasUnsavedChanges" /> </div> diff --git a/app/controllers/projects/merge_requests_controller.rb b/app/controllers/projects/merge_requests_controller.rb index 3133f24b2c8..d420dc4b8a2 100644 --- a/app/controllers/projects/merge_requests_controller.rb +++ b/app/controllers/projects/merge_requests_controller.rb @@ -175,7 +175,7 @@ class Projects::MergeRequestsController < Projects::MergeRequests::ApplicationCo # or from cache if already merged @commits = set_commits_for_rendering( - @merge_request.recent_commits.with_latest_pipeline(@merge_request.source_branch).with_markdown_cache, + @merge_request.recent_commits(load_from_gitaly: true).with_latest_pipeline(@merge_request.source_branch).with_markdown_cache, commits_count: @merge_request.commits_count ) diff --git a/app/models/merge_request.rb b/app/models/merge_request.rb index cf1468c5c53..156540d455c 100644 --- a/app/models/merge_request.rb +++ b/app/models/merge_request.rb @@ -615,8 +615,8 @@ class MergeRequest < ApplicationRecord context_commits.count end - def commits(limit: nil) - return merge_request_diff.commits(limit: limit) if merge_request_diff.persisted? + def commits(limit: nil, load_from_gitaly: false) + return merge_request_diff.commits(limit: limit, load_from_gitaly: load_from_gitaly) if merge_request_diff.persisted? commits_arr = if compare_commits reversed_commits = compare_commits.reverse @@ -628,8 +628,8 @@ class MergeRequest < ApplicationRecord CommitCollection.new(source_project, commits_arr, source_branch) end - def recent_commits - commits(limit: MergeRequestDiff::COMMITS_SAFE_SIZE) + def recent_commits(load_from_gitaly: false) + commits(limit: MergeRequestDiff::COMMITS_SAFE_SIZE, load_from_gitaly: load_from_gitaly) end def commits_count diff --git a/app/models/merge_request_diff.rb b/app/models/merge_request_diff.rb index bea75927b2c..d2b3ca753b1 100644 --- a/app/models/merge_request_diff.rb +++ b/app/models/merge_request_diff.rb @@ -288,9 +288,9 @@ class MergeRequestDiff < ApplicationRecord end end - def commits(limit: nil) - strong_memoize(:"commits_#{limit || 'all'}") do - load_commits(limit: limit) + def commits(limit: nil, load_from_gitaly: false) + strong_memoize(:"commits_#{limit || 'all'}_#{load_from_gitaly}") do + load_commits(limit: limit, load_from_gitaly: load_from_gitaly) end end @@ -700,9 +700,14 @@ class MergeRequestDiff < ApplicationRecord end end - def load_commits(limit: nil) - commits = merge_request_diff_commits.with_users.limit(limit) - .map { |commit| Commit.from_hash(commit.to_hash, project) } + def load_commits(limit: nil, load_from_gitaly: false) + if load_from_gitaly + commits = Gitlab::Git::Commit.batch_by_oid(repository, merge_request_diff_commits.limit(limit).map(&:sha)) + commits = Commit.decorate(commits, project) + else + commits = merge_request_diff_commits.with_users.limit(limit) + .map { |commit| Commit.from_hash(commit.to_hash, project) } + end CommitCollection .new(merge_request.source_project, commits, merge_request.source_branch) diff --git a/db/post_migrate/20210819183128_reset_severity_levels_to_new_default.rb b/db/post_migrate/20210819183128_reset_severity_levels_to_new_default.rb new file mode 100644 index 00000000000..cdfd92ac0d7 --- /dev/null +++ b/db/post_migrate/20210819183128_reset_severity_levels_to_new_default.rb @@ -0,0 +1,17 @@ +# frozen_string_literal: true + +class ResetSeverityLevelsToNewDefault < ActiveRecord::Migration[6.1] + ALL_SEVERITY_LEVELS = 6 # ::Enums::Vulnerability::SEVERITY_LEVELS.count + + def up + execute(<<~SQL.squish) + UPDATE approval_project_rules + SET severity_levels = '{unknown, high, critical}' + WHERE array_length(severity_levels, 1) = #{ALL_SEVERITY_LEVELS}; + SQL + end + + def down + # no-op + end +end diff --git a/db/schema_migrations/20210819183128 b/db/schema_migrations/20210819183128 new file mode 100644 index 00000000000..84b8b3780e3 --- /dev/null +++ b/db/schema_migrations/20210819183128 @@ -0,0 +1 @@ +d57791945f0d21da90a5b1d75db9add6c7e916ad3c13df2522c7d71d572baa47
\ No newline at end of file diff --git a/doc/administration/instance_limits.md b/doc/administration/instance_limits.md index 6c18f416e89..e6ad263b429 100644 --- a/doc/administration/instance_limits.md +++ b/doc/administration/instance_limits.md @@ -515,17 +515,23 @@ Plan.default.actual_limits.update!(ci_jobs_trace_size_limit: 125) ## Instance monitoring and metrics -### Incident Management inbound alert limits +### Limit inbound incident management alerts > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/17859) in GitLab 12.5. -Limiting inbound alerts for an incident reduces the number of alerts (issues) -that can be created within a period of time, which can help prevent overloading -your incident responders with duplicate issues. You can reduce the volume of -alerts in the following ways: +You can limit the number of inbound alerts for [incidents](../operations/incident_management/incidents.md) +that can be created in a period of time. The inbound [incident management](../operations/incident_management/index.md) +alert limit can help prevent overloading your incident responders by reducing the +number of alerts or duplicate issues. -- Max requests per period per project, 3600 seconds by default. -- Rate limit period in seconds, 3600 seconds by default. +To set inbound incident management alert limits: + +1. On the top bar, select **Menu >** **{admin}** **Admin**. +1. On the left sidebar, select **Settings > Network**. +1. Expand General **Incident Management Limits**. +1. Select the **Enable Incident Management inbound alert limit** checkbox. +1. Optional. Input a custom value for **Maximum requests per project per rate limit period**. Default is 3600. +1. Optional. Input a custom value for **Rate limit period**. Default is 3600 seconds. ### Prometheus Alert JSON payloads diff --git a/doc/api/pipeline_triggers.md b/doc/api/pipeline_triggers.md index 2fe3f487ebc..5472e5bc334 100644 --- a/doc/api/pipeline_triggers.md +++ b/doc/api/pipeline_triggers.md @@ -38,6 +38,9 @@ curl --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/a ] ``` +The trigger token is displayed in full if the trigger token was created by the authenticated +user. Trigger tokens created by other users are shortened to four characters. + ## Get trigger details Get details of project's build trigger. diff --git a/doc/api/users.md b/doc/api/users.md index 6ba751bd292..e09eb0d8144 100644 --- a/doc/api/users.md +++ b/doc/api/users.md @@ -261,7 +261,7 @@ GET /users?with_custom_attributes=true ## Single user -Get a single user. +Get a single user. This endpoint can be accessed without authentication. ### For user @@ -668,7 +668,7 @@ Example response: ## Get the status of a user -Get the status of a user. +Get the status of a user. This endpoint can be accessed without authentication. ```plaintext GET /users/:id_or_username/status @@ -812,7 +812,7 @@ Example response: ### Followers and following -Get the followers of a user. +Get the followers of a user. This endpoint can be accessed without authentication. ```plaintext GET /users/:id/followers diff --git a/doc/ci/caching/index.md b/doc/ci/caching/index.md index 87c7af2030d..21ee332f2fa 100644 --- a/doc/ci/caching/index.md +++ b/doc/ci/caching/index.md @@ -37,9 +37,9 @@ can't link to files outside it. - Define artifacts per job. - Subsequent jobs in later stages of the same pipeline can use artifacts. - Different projects cannot share artifacts. - -Artifacts expire after 30 days unless you define an [expiration time](../yaml/index.md#artifactsexpire_in). -Use [dependencies](../yaml/index.md#dependencies) to control which jobs fetch the artifacts. +- Artifacts expire after 30 days by default. You can define a custom [expiration time](../yaml/index.md#artifactsexpire_in). +- The latest artifacts do not expire if [keep latest artifacts](../pipelines/job_artifacts.md#keep-artifacts-from-most-recent-successful-jobs) is enabled. +- Use [dependencies](../yaml/index.md#dependencies) to control which jobs fetch the artifacts. ## Good caching practices diff --git a/doc/ci/quick_start/index.md b/doc/ci/quick_start/index.md index 257e170b0a5..7d106641819 100644 --- a/doc/ci/quick_start/index.md +++ b/doc/ci/quick_start/index.md @@ -141,8 +141,22 @@ The pipeline starts when the commit is committed. [CI Lint tool](../lint.md), which is available in every project. - You can also use [CI/CD configuration visualization](../pipeline_editor/index.md#visualize-ci-configuration) to view a graphical representation of your `.gitlab-ci.yml` file. -- For the complete `.gitlab-ci.yml` syntax, see - [the `.gitlab-ci.yml` reference topic](../yaml/index.md). +- Each job contains scripts and stages: + - The [`default`](../yaml/index.md#custom-default-keyword-values) keyword is for + custom defaults, for example with [`before_script`](../yaml/index.md#before_script) + and [`after_script`](../yaml/index.md#after_script). + - [`stage`](../yaml/index.md#stage) describes the sequential execution of jobs. + Jobs in a single stage run in parallel as long as there are available runners. + - Use [Directed Acyclic Graphs (DAG)](../directed_acyclic_graph/index.md) keywords + to run jobs out of stage order. +- You can set additional configuration to customize how your jobs and stages perform: + - Use the [`rules`](../yaml/index.md#rules) keyword to specify when to run or skip jobs. + The `only` and `except` legacy keywords are still supported, but can't be used + with `rules` in the same job. + - Keep information across jobs and stages persistent in a pipeline with [`cache`](../yaml/index.md#cache)) + and [`artifacts`](../yaml/index.md#artifacts). These keywords are ways to store + dependencies and job output, even when using ephemeral runners for each job. +- For the complete `.gitlab-ci.yml` syntax, see [the full `.gitlab-ci.yml` reference topic](../yaml/index.md). ### View the status of your pipeline and jobs diff --git a/doc/development/database/multiple_databases.md b/doc/development/database/multiple_databases.md index 71dcc5bb866..a9d53d5ee45 100644 --- a/doc/development/database/multiple_databases.md +++ b/doc/development/database/multiple_databases.md @@ -109,6 +109,10 @@ already many such examples that need to be fixed in The following are some real examples that have resulted from this and these patterns may apply to future cases. +[Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/68620) in GitLab 14.3, any +queries detected that join across databases raises an error (except +for pre-existing queries). + #### Remove the code The simplest solution we've seen several times now has been an existing scope diff --git a/doc/security/ssh_keys_restrictions.md b/doc/security/ssh_keys_restrictions.md index f2e11385ff2..7a17d2f22ff 100644 --- a/doc/security/ssh_keys_restrictions.md +++ b/doc/security/ssh_keys_restrictions.md @@ -36,6 +36,16 @@ An icon is visible to the user of a restricted key in the SSH keys section of th Hovering over this icon tells you why the key is restricted. +## Default settings + +By default, the GitLab.com and self-managed settings for the +[supported key types](../ssh/index.md#supported-ssh-key-types) are: + +- RSA SSH keys are allowed. +- DSA SSH keys are forbidden ([since GitLab 11.0](https://about.gitlab.com/releases/2018/06/22/gitlab-11-0-released/#support-for-dsa-ssh-keys)). +- ECDSA SSH keys are allowed. +- ED25519 SSH keys are allowed. + <!-- ## Troubleshooting Include any troubleshooting steps that you can foresee. If you know beforehand what issues diff --git a/doc/user/admin_area/settings/index.md b/doc/user/admin_area/settings/index.md index 21ca1c573fe..b912c6209a1 100644 --- a/doc/user/admin_area/settings/index.md +++ b/doc/user/admin_area/settings/index.md @@ -98,7 +98,7 @@ To access the default page for Admin Area settings: | [Package Registry Rate Limits](package_registry_rate_limits.md) | Configure specific limits for Packages API requests that supersede the user and IP rate limits. | | [Outbound requests](../../../security/webhooks.md) | Allow requests to the local network from hooks and services. | | [Protected Paths](protected_paths.md) | Configure paths to be protected by Rack Attack. | -| [Incident Management](../../../operations/incident_management/index.md) Limits | Configure limits on the number of inbound alerts able to be sent to a project. | +| [Incident Management](../../../operations/incident_management/index.md) Limits | Limit the number of inbound alerts that can be sent to a project. | | [Notes creation limit](rate_limit_on_notes_creation.md)| Set a rate limit on the note creation requests. | ## Geo diff --git a/doc/user/gitlab_com/index.md b/doc/user/gitlab_com/index.md index 024ab86a1b7..26dfca70221 100644 --- a/doc/user/gitlab_com/index.md +++ b/doc/user/gitlab_com/index.md @@ -9,6 +9,10 @@ info: To determine the technical writer assigned to the Stage/Group associated w This page contains information about the settings that are used on GitLab.com, available to [GitLab SaaS](https://about.gitlab.com/pricing/) customers. +## SSH key restrictions + +GitLab.com uses the default [SSH key restrictions](../../security/ssh_keys_restrictions.md). + ## SSH host keys fingerprints Below are the fingerprints for SSH host keys on GitLab.com. The first time you diff --git a/locale/gitlab.pot b/locale/gitlab.pot index 3cc6342f6d5..bd7883f94f9 100644 --- a/locale/gitlab.pot +++ b/locale/gitlab.pot @@ -8497,9 +8497,6 @@ msgstr "" msgid "Configure limits for web and API requests." msgstr "" -msgid "Configure limits on the number of inbound alerts able to be sent to a project." -msgstr "" - msgid "Configure paths to be protected by Rack Attack." msgstr "" @@ -12350,9 +12347,6 @@ msgstr "" msgid "Enable Gitpod?" msgstr "" -msgid "Enable Incident Management inbound alert limit" -msgstr "" - msgid "Enable Invisible Captcha during sign up" msgstr "" @@ -12440,6 +12434,9 @@ msgstr "" msgid "Enable in-product marketing emails" msgstr "" +msgid "Enable incident management inbound alert limit" +msgstr "" + msgid "Enable integration" msgstr "" @@ -16499,9 +16496,6 @@ msgstr "" msgid "Helps prevent malicious users hide their activity" msgstr "" -msgid "Helps reduce alert volume (e.g. if creating too many issues)" -msgstr "" - msgid "Helps reduce request volume (e.g. from crawlers or abusive bots)" msgstr "" @@ -20065,6 +20059,9 @@ msgstr "" msgid "Limit the number of concurrent operations this secondary node can run in the background." msgstr "" +msgid "Limit the number of inbound incident management alerts that can be sent to a project." +msgstr "" + msgid "Limit the number of issues and epics per minute a user can create through web and API requests." msgstr "" @@ -27558,6 +27555,9 @@ msgstr "" msgid "Redis" msgstr "" +msgid "Reduce incident management alert volume (for example, if too many issues are being created)." +msgstr "" + msgid "Reduce project visibility" msgstr "" @@ -33538,6 +33538,9 @@ msgstr "" msgid "The tag name can't be changed for an existing release." msgstr "" +msgid "The time period in seconds that the maximum requests per project limit applies to." +msgstr "" + msgid "The update action will time out after %{number_of_minutes} minutes. For big repositories, use a clone/push combination." msgstr "" diff --git a/qa/Gemfile b/qa/Gemfile index f3090154085..039eaddc166 100644 --- a/qa/Gemfile +++ b/qa/Gemfile @@ -14,7 +14,7 @@ gem 'airborne', '~> 0.3.4', require: false # airborne is messing with rspec sand gem 'rest-client', '~> 2.1.0' gem 'rspec-retry', '~> 0.6.1', require: 'rspec/retry' gem 'rspec_junit_formatter', '~> 0.4.1' -gem 'faker', '~> 1.6', '>= 1.6.6' +gem 'faker', '~> 2.19', '>= 2.19.0' gem 'knapsack', '~> 1.17' gem 'parallel_tests', '~> 2.29' gem 'rotp', '~> 3.1.0' diff --git a/qa/Gemfile.lock b/qa/Gemfile.lock index 79ca921dccf..940a91d7cc5 100644 --- a/qa/Gemfile.lock +++ b/qa/Gemfile.lock @@ -62,8 +62,8 @@ GEM domain_name (0.5.20190701) unf (>= 0.0.5, < 1.0.0) equalizer (0.0.11) - faker (1.9.3) - i18n (>= 0.7) + faker (2.19.0) + i18n (>= 1.6, < 2) faraday (1.5.1) faraday-em_http (~> 1.0) faraday-em_synchrony (~> 1.0) @@ -218,7 +218,7 @@ DEPENDENCIES chemlab (~> 0.7) chemlab-library-www-gitlab-com (~> 0.1) deprecation_toolkit (~> 1.5.1) - faker (~> 1.6, >= 1.6.6) + faker (~> 2.19, >= 2.19.0) gitlab-qa knapsack (~> 1.17) octokit (~> 4.21) diff --git a/spec/frontend/pipeline_editor/components/commit/commit_section_spec.js b/spec/frontend/pipeline_editor/components/commit/commit_section_spec.js index 20c4a0fbf6a..2f934898ef1 100644 --- a/spec/frontend/pipeline_editor/components/commit/commit_section_spec.js +++ b/spec/frontend/pipeline_editor/components/commit/commit_section_spec.js @@ -177,6 +177,10 @@ describe('Pipeline Editor | Commit section', () => { expect(wrapper.emitted('commit')[0]).toEqual([{ type: COMMIT_SUCCESS }]); }); + it('emits an event to refetch the commit sha', () => { + expect(wrapper.emitted('updateCommitSha')).toHaveLength(1); + }); + it('shows no saving state', () => { expect(findCommitBtnLoadingIcon().exists()).toBe(false); }); @@ -216,6 +220,10 @@ describe('Pipeline Editor | Commit section', () => { }, }); }); + + it('does not emit an event to refetch the commit sha', () => { + expect(wrapper.emitted('updateCommitSha')).toBeUndefined(); + }); }); describe('when the user commits changes to open a new merge request', () => { diff --git a/spec/frontend/pipeline_editor/mock_data.js b/spec/frontend/pipeline_editor/mock_data.js index 19ad4f051ba..310727212a9 100644 --- a/spec/frontend/pipeline_editor/mock_data.js +++ b/spec/frontend/pipeline_editor/mock_data.js @@ -173,6 +173,29 @@ export const mockCommitShaResults = { }, }; +export const mockNewCommitShaResults = { + data: { + project: { + pipelines: { + nodes: [ + { + id: 'gid://gitlab/Ci::Pipeline/2', + sha: 'eeff1122', + path: `/${mockProjectFullPath}/-/pipelines/489`, + commitPath: `/${mockProjectFullPath}/-/commit/bb1abcfe3d8a3f67a8ab9fc00207d468f3022bee`, + }, + { + id: 'gid://gitlab/Ci::Pipeline/1', + sha: mockCommitSha, + path: `/${mockProjectFullPath}/-/pipelines/488`, + commitPath: `/${mockProjectFullPath}/-/commit/d0d56d363d8a3f67a8ab9fc00207d468f30032ca`, + }, + ], + }, + }, + }, +}; + export const mockEmptyCommitShaResults = { data: { project: { diff --git a/spec/frontend/pipeline_editor/pipeline_editor_app_spec.js b/spec/frontend/pipeline_editor/pipeline_editor_app_spec.js index affe45f1b1d..2c9bedc6e76 100644 --- a/spec/frontend/pipeline_editor/pipeline_editor_app_spec.js +++ b/spec/frontend/pipeline_editor/pipeline_editor_app_spec.js @@ -29,6 +29,7 @@ import { mockCommitShaResults, mockDefaultBranch, mockEmptyCommitShaResults, + mockNewCommitShaResults, mockProjectFullPath, } from './mock_data'; @@ -282,7 +283,7 @@ describe('Pipeline editor app component', () => { expect(window.scrollTo).toHaveBeenCalledWith({ top: 0, behavior: 'smooth' }); }); - it('polls for commit sha while pipeline data is not yet available', async () => { + it('polls for commit sha while pipeline data is not yet available for newly committed branch', async () => { jest .spyOn(wrapper.vm.$apollo.queries.commitSha, 'startPolling') .mockImplementation(jest.fn()); @@ -295,7 +296,19 @@ describe('Pipeline editor app component', () => { expect(wrapper.vm.$apollo.queries.commitSha.startPolling).toHaveBeenCalledTimes(1); }); - it('stops polling for commit sha when pipeline data is available', async () => { + it('polls for commit sha while pipeline data is not yet available for current branch', async () => { + jest + .spyOn(wrapper.vm.$apollo.queries.commitSha, 'startPolling') + .mockImplementation(jest.fn()); + + // simulate a commit to the current branch + findEditorHome().vm.$emit('updateCommitSha'); + await waitForPromises(); + + expect(wrapper.vm.$apollo.queries.commitSha.startPolling).toHaveBeenCalledTimes(1); + }); + + it('stops polling for commit sha when pipeline data is available for newly committed branch', async () => { jest .spyOn(wrapper.vm.$apollo.queries.commitSha, 'stopPolling') .mockImplementation(jest.fn()); @@ -305,6 +318,18 @@ describe('Pipeline editor app component', () => { expect(wrapper.vm.$apollo.queries.commitSha.stopPolling).toHaveBeenCalledTimes(1); }); + + it('stops polling for commit sha when pipeline data is available for current branch', async () => { + jest + .spyOn(wrapper.vm.$apollo.queries.commitSha, 'stopPolling') + .mockImplementation(jest.fn()); + + mockLatestCommitShaQuery.mockResolvedValue(mockNewCommitShaResults); + findEditorHome().vm.$emit('updateCommitSha'); + await waitForPromises(); + + expect(wrapper.vm.$apollo.queries.commitSha.stopPolling).toHaveBeenCalledTimes(1); + }); }); describe('and the commit mutation fails', () => { diff --git a/spec/migrations/reset_severity_levels_to_new_default_spec.rb b/spec/migrations/reset_severity_levels_to_new_default_spec.rb new file mode 100644 index 00000000000..18dc001db16 --- /dev/null +++ b/spec/migrations/reset_severity_levels_to_new_default_spec.rb @@ -0,0 +1,33 @@ +# frozen_string_literal: true + +require 'spec_helper' + +require_migration! + +RSpec.describe ResetSeverityLevelsToNewDefault do + let(:approval_project_rules) { table(:approval_project_rules) } + let(:projects) { table(:projects)} + let(:namespaces) { table(:namespaces)} + let(:namespace) { namespaces.create!(name: 'namespace', path: 'namespace')} + let(:project) { projects.create!(name: 'project', path: 'project', namespace_id: namespace.id)} + let(:approval_project_rule) { approval_project_rules.create!(name: 'rule', project_id: project.id, severity_levels: severity_levels) } + + context 'without having all severity levels selected' do + let(:severity_levels) { ['high'] } + + it 'does not change severity_levels' do + expect(approval_project_rule.severity_levels).to eq(severity_levels) + expect { migrate! }.not_to change { approval_project_rule.reload.severity_levels } + end + end + + context 'with all scanners selected' do + let(:severity_levels) { ::Enums::Vulnerability::SEVERITY_LEVELS.keys } + let(:default_levels) { %w(unknown high critical) } + + it 'changes severity_levels to the default value' do + expect(approval_project_rule.severity_levels).to eq(severity_levels) + expect { migrate! }.to change {approval_project_rule.reload.severity_levels}.from(severity_levels).to(default_levels) + end + end +end diff --git a/spec/support/database/prevent_cross_joins.rb b/spec/support/database/prevent_cross_joins.rb index 22e1885ffb9..8ec946997fb 100644 --- a/spec/support/database/prevent_cross_joins.rb +++ b/spec/support/database/prevent_cross_joins.rb @@ -24,12 +24,17 @@ module Database def self.validate_cross_joins!(sql) return if Thread.current[:allow_cross_joins_across_databases] + # Allow spec/support/database_cleaner.rb queries to disable/enable triggers for many tables + # See https://gitlab.com/gitlab-org/gitlab/-/issues/339396 + return if sql.include?("DISABLE TRIGGER") || sql.include?("ENABLE TRIGGER") + # PgQuery might fail in some cases due to limited nesting: # https://github.com/pganalyze/pg_query/issues/209 tables = PgQuery.parse(sql).tables schemas = Database::GitlabSchema.table_schemas(tables) - if schemas.many? + if schemas.include?(:gitlab_ci) && schemas.include?(:gitlab_main) + Thread.current[:has_cross_join_exception] = true raise CrossJoinAcrossUnsupportedTablesError, "Unsupported cross-join across '#{tables.join(", ")}' modifying '#{schemas.to_a.join(", ")}' discovered " \ "when executing query '#{sql}'" @@ -62,11 +67,18 @@ end Gitlab::Database.singleton_class.prepend( Database::PreventCrossJoins::GitlabDatabaseMixin) +ALLOW_LIST = Set.new(YAML.load_file(Rails.root.join('.cross-join-allowlist.yml'))).freeze + RSpec.configure do |config| config.include(::Database::PreventCrossJoins::SpecHelpers) - # TODO: remove `:prevent_cross_joins` to enable the check by default - config.around(:each, :prevent_cross_joins) do |example| - with_cross_joins_prevented { example.run } + config.around do |example| + Thread.current[:has_cross_join_exception] = false + + if ALLOW_LIST.include?(example.file_path) + example.run + else + with_cross_joins_prevented { example.run } + end end end diff --git a/spec/support_specs/database/prevent_cross_joins_spec.rb b/spec/support_specs/database/prevent_cross_joins_spec.rb index dd4ed9c40b8..b26b862b34b 100644 --- a/spec/support_specs/database/prevent_cross_joins_spec.rb +++ b/spec/support_specs/database/prevent_cross_joins_spec.rb @@ -3,7 +3,7 @@ require 'spec_helper' RSpec.describe Database::PreventCrossJoins do - context 'when running in :prevent_cross_joins scope', :prevent_cross_joins do + context 'when running in a default scope' do context 'when only non-CI tables are used' do it 'does not raise exception' do expect { main_only_query }.not_to raise_error @@ -32,14 +32,6 @@ RSpec.describe Database::PreventCrossJoins do end end - context 'when running in a default scope' do - context 'when CI and non-CI tables are used' do - it 'does not raise exception' do - expect { main_and_ci_query }.not_to raise_error - end - end - end - private def main_only_query diff --git a/spec/views/projects/merge_requests/_commits.html.haml_spec.rb b/spec/views/projects/merge_requests/_commits.html.haml_spec.rb index fd77c4eb372..f0273c1716f 100644 --- a/spec/views/projects/merge_requests/_commits.html.haml_spec.rb +++ b/spec/views/projects/merge_requests/_commits.html.haml_spec.rb @@ -21,7 +21,7 @@ RSpec.describe 'projects/merge_requests/_commits.html.haml', :sidekiq_might_not_ controller.prepend_view_path('app/views/projects') assign(:merge_request, merge_request) - assign(:commits, merge_request.commits) + assign(:commits, merge_request.commits(load_from_gitaly: true)) assign(:hidden_commit_count, 0) end @@ -34,6 +34,12 @@ RSpec.describe 'projects/merge_requests/_commits.html.haml', :sidekiq_might_not_ expect(rendered).to have_link(href: href) end + it 'shows signature verification badge' do + render + + expect(rendered).to have_css('.gpg-status-box') + end + context 'when there are hidden commits' do before do assign(:hidden_commit_count, 1) |