diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2024-01-02 18:10:19 +0300 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2024-01-02 18:10:19 +0300 |
| commit | cef74ed0434b53fde0d7dcc2507b6f1639a63e7d (patch) | |
| tree | 300bc30b6c4272cba3ab65297ede18bfffba2bd2 | |
| parent | ecdd26856c46b1e9e0c500701b36b6ae338e18a0 (diff) | |
Add latest changes from gitlab-org/gitlab@master
27 files changed, 542 insertions, 112 deletions
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index cdeadda887a..490d3b3f487 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -27,11 +27,17 @@ default: # Default job timeout doesn't work: https://gitlab.com/gitlab-org/gitlab/-/issues/387528 timeout: 90m -.default-ruby-variables: &default-ruby-variables +.old-ruby-variables: &old-ruby-variables RUBY_VERSION: "3.0" + CACHE_EDITION: "GITLAB_RUBY3_0" -.next-ruby-variables: &next-ruby-variables +.default-ruby-variables: &default-ruby-variables RUBY_VERSION: "3.1" + CACHE_EDITION: "GITLAB_RUBY3_1" + +.next-ruby-variables: &next-ruby-variables + RUBY_VERSION: "3.2" + CACHE_EDITION: "GITLAB_RUBY3_2" .default-branch-pipeline-failure-variables: &default-branch-pipeline-failure-variables CREATE_RAILS_TEST_FAILURE_ISSUES: "true" @@ -51,12 +57,17 @@ workflow: rules: - if: '$CI_PROJECT_PATH == "gitlab-org/gitaly" && $CI_PIPELINE_SOURCE == "parent_pipeline" && $GITALY_TEST' variables: + <<: *default-ruby-variables PIPELINE_NAME: 'Gitaly Rails Test Pipeline' # If `$FORCE_GITLAB_CI` is set, create a pipeline. - if: '$FORCE_GITLAB_CI' variables: <<: *default-ruby-variables PIPELINE_NAME: 'Ruby $RUBY_VERSION forced pipeline' + - if: '$START_AS_IF_FOSS' + variables: + <<: *default-ruby-variables + PIPELINE_NAME: 'Ruby $RUBY_VERSION as-if-foss pipeline' # As part of the process of creating RCs automatically, we update stable # branches with the changes of the most recent production deployment. The # merge requests used for this merge a branch release-tools/X into a stable @@ -64,26 +75,36 @@ workflow: # they serve no purpose and will run anyway when the changes are merged. - if: '$CI_MERGE_REQUEST_SOURCE_BRANCH_NAME =~ /^release-tools\/\d+\.\d+\.\d+-rc\d+$/ && $CI_MERGE_REQUEST_TARGET_BRANCH_NAME =~ /^[\d-]+-stable(-ee)?$/ && $CI_PROJECT_PATH == "gitlab-org/gitlab"' when: never - # For merge requests running exclusively in Ruby 3.0 - if: '$CI_MERGE_REQUEST_LABELS =~ /pipeline:run-in-ruby3_0/' variables: + <<: *old-ruby-variables + PIPELINE_NAME: 'Ruby $RUBY_VERSION $CI_MERGE_REQUEST_EVENT_TYPE MR pipeline' + NO_SOURCEMAPS: 'true' + - if: '$CI_MERGE_REQUEST_LABELS =~ /pipeline:run-in-ruby3_1/' + variables: <<: *default-ruby-variables PIPELINE_NAME: 'Ruby $RUBY_VERSION $CI_MERGE_REQUEST_EVENT_TYPE MR pipeline' NO_SOURCEMAPS: 'true' - - if: '$CI_MERGE_REQUEST_LABELS =~ /Community contribution/' + - if: '$CI_MERGE_REQUEST_LABELS =~ /pipeline:run-in-ruby3_2/' variables: <<: *next-ruby-variables + PIPELINE_NAME: 'Ruby $RUBY_VERSION $CI_MERGE_REQUEST_EVENT_TYPE MR pipeline' + NO_SOURCEMAPS: 'true' + - if: '$CI_MERGE_REQUEST_LABELS =~ /Community contribution/' + variables: + <<: *default-ruby-variables GITLAB_DEPENDENCY_PROXY_ADDRESS: "" PIPELINE_NAME: 'Ruby $RUBY_VERSION $CI_MERGE_REQUEST_EVENT_TYPE MR pipeline (community contribution)' NO_SOURCEMAPS: 'true' - <<: *if-merge-request-security-canonical-sync variables: + <<: *default-ruby-variables PIPELINE_NAME: '$CI_DEFAULT_BRANCH security->canonical sync' SKIP_MESSAGE: 'MR only contains changes from the security mirror, which have already been reviewed, tested and deployed.' # For (detached) merge request pipelines. - if: '$CI_MERGE_REQUEST_IID' variables: - <<: *next-ruby-variables + <<: *default-ruby-variables <<: *default-merge-request-slow-tests-variables PIPELINE_NAME: 'Ruby $RUBY_VERSION $CI_MERGE_REQUEST_EVENT_TYPE MR pipeline' NO_SOURCEMAPS: 'true' @@ -93,8 +114,11 @@ workflow: <<: [*default-ruby-variables, *default-branch-pipeline-failure-variables] CRYSTALBALL: "true" PIPELINE_NAME: 'Scheduled Ruby $RUBY_VERSION $CI_COMMIT_BRANCH branch pipeline' - # Run pipelines for ruby3_1 branch - - if: '$CI_COMMIT_BRANCH == "ruby3_1" && $CI_PIPELINE_SOURCE == "schedule"' + - if: '$CI_COMMIT_BRANCH == "ruby3_0" && $CI_PIPELINE_SOURCE == "schedule"' + variables: + <<: *old-ruby-variables + PIPELINE_NAME: 'Scheduled Ruby $RUBY_VERSION $CI_COMMIT_BRANCH branch pipeline' + - if: '$CI_COMMIT_BRANCH == "ruby3_2" && $CI_PIPELINE_SOURCE == "schedule"' variables: <<: *next-ruby-variables PIPELINE_NAME: 'Scheduled Ruby $RUBY_VERSION $CI_COMMIT_BRANCH branch pipeline' diff --git a/.gitlab/ci/as-if-foss.gitlab-ci.yml b/.gitlab/ci/as-if-foss.gitlab-ci.yml new file mode 100644 index 00000000000..c1ba9d01c77 --- /dev/null +++ b/.gitlab/ci/as-if-foss.gitlab-ci.yml @@ -0,0 +1,70 @@ +prepare-as-if-foss-branch: + extends: + - .as-if-foss:rules:start-as-if-foss + stage: prepare + needs: [] + variables: + AS_IF_FOSS_BRANCH: "as-if-foss/${CI_COMMIT_REF_NAME}" + FOSS_REPOSITORY: "https://dummy:${AS_IF_FOSS_TOKEN}@gitlab.com/gitlab-org/gitlab-foss.git" + before_script: + - git clone --single-branch --branch master "${FOSS_REPOSITORY}" gitlab-foss + - git -C gitlab-foss checkout -b "${AS_IF_FOSS_BRANCH}" master + - rm -r .git/ + - mv gitlab-foss/.git . + - rm -r gitlab-foss + script: + # See: https://gitlab.com/gitlab-org/merge-train/-/blob/041d942ae1b5615703b7a786982340b61620e7c5/bin/merge-train#L228-239 + - git checkout VERSION + - rm -rf ee + - rm -rf qa/spec/ee + - rm -rf qa/qa/specs/features/ee + - rm -rf qa/qa/ee + - rm -f qa/qa/ee.rb + - rm -f CHANGELOG-EE.md + - rm -f changelogs/*-ee.md + - git add -A + - git commit -m 'Update from merge request' # TODO: Mark which SHA we add + - git push -f "${FOSS_REPOSITORY}" "${AS_IF_FOSS_BRANCH}" + +prepare-as-if-foss-env: + extends: + - .as-if-foss:rules:start-as-if-foss + stage: prepare + needs: [] + variables: + BUILD_ENV: build.env + before_script: + - source scripts/utils.sh + - install_gitlab_gem + script: + - scripts/setup/generate-as-if-foss-env.rb | tee $BUILD_ENV + artifacts: + expire_in: 3 days + reports: + dotenv: $BUILD_ENV + paths: + - $BUILD_ENV + +start-as-if-foss: + extends: + - .as-if-foss:rules:start-as-if-foss + stage: prepare + needs: + - prepare-as-if-foss-branch + - prepare-as-if-foss-env + inherit: + variables: false # Otherwise variables will be messed up + variables: + START_AS_IF_FOSS: $START_AS_IF_FOSS + RUBY_VERSION: $RUBY_VERSION + ENABLE_RSPEC: $ENABLE_RSPEC + ENABLE_RSPEC_FAST_SPEC_HELPER: $ENABLE_RSPEC_FAST_SPEC_HELPER + ENABLE_RSPEC_UNIT: $ENABLE_RSPEC_UNIT + ENABLE_RSPEC_INTEGRATION: $ENABLE_RSPEC_INTEGRATION + ENABLE_RSPEC_MIGRATION: $ENABLE_RSPEC_MIGRATION + ENABLE_RSPEC_BACKGROUND_MIGRATION: $ENABLE_RSPEC_BACKGROUND_MIGRATION + ENABLE_RSPEC_SYSTEM: $ENABLE_RSPEC_SYSTEM + trigger: + project: gitlab-org/gitlab-foss + branch: as-if-foss/${CI_COMMIT_REF_NAME} + strategy: depend diff --git a/.gitlab/ci/qa-common/variables.gitlab-ci.yml b/.gitlab/ci/qa-common/variables.gitlab-ci.yml index 2ac1121791d..8f24cf1f5e5 100644 --- a/.gitlab/ci/qa-common/variables.gitlab-ci.yml +++ b/.gitlab/ci/qa-common/variables.gitlab-ci.yml @@ -1,7 +1,6 @@ # Default variables for package-and-test variables: - USE_OLD_RUBY_VERSION: "true" REGISTRY_HOST: "registry.gitlab.com" REGISTRY_GROUP: "gitlab-org" ALLURE_JOB_NAME: $CI_PROJECT_NAME diff --git a/.gitlab/ci/qa.gitlab-ci.yml b/.gitlab/ci/qa.gitlab-ci.yml index d26df15412f..b7716fc280e 100644 --- a/.gitlab/ci/qa.gitlab-ci.yml +++ b/.gitlab/ci/qa.gitlab-ci.yml @@ -90,9 +90,8 @@ trigger-omnibus: TOP_UPSTREAM_SOURCE_PROJECT: $CI_PROJECT_PATH SECURITY_SOURCES: $SECURITY_SOURCES CACHE_UPDATE: $OMNIBUS_GITLAB_CACHE_UPDATE - USE_OLD_RUBY_VERSION: "true" - CACHE_EDITION: "GITLAB_RUBY3_0" - NEXT_RUBY_VERSION: "3.1.4" + CACHE_EDITION: $CACHE_EDITION + NEXT_RUBY_VERSION: $FULL_RUBY_VERSION BUILD_ON_ALL_OS: $OMNIBUS_GITLAB_BUILD_ON_ALL_OS SKIP_QA_TEST: "true" ee: $EE diff --git a/.gitlab/ci/rules.gitlab-ci.yml b/.gitlab/ci/rules.gitlab-ci.yml index 58bd11e3d9e..8817f8707e9 100644 --- a/.gitlab/ci/rules.gitlab-ci.yml +++ b/.gitlab/ci/rules.gitlab-ci.yml @@ -21,7 +21,7 @@ if: '$FORCE_GITLAB_CI' .if-default-refs: &if-default-refs - if: '$CI_COMMIT_REF_NAME == $CI_DEFAULT_BRANCH || $CI_COMMIT_REF_NAME =~ /^[\d-]+-stable(-ee)?$/ || $CI_COMMIT_REF_NAME =~ /^\d+-\d+-auto-deploy-\d+$/ || $CI_COMMIT_REF_NAME =~ /^security\// || $CI_COMMIT_REF_NAME == "ruby3_1" || ($CI_MERGE_REQUEST_EVENT_TYPE == "merged_result" || $CI_MERGE_REQUEST_EVENT_TYPE == "detached") || $CI_COMMIT_TAG || $FORCE_GITLAB_CI' + if: '$CI_COMMIT_REF_NAME == $CI_DEFAULT_BRANCH || $CI_COMMIT_REF_NAME =~ /^[\d-]+-stable(-ee)?$/ || $CI_COMMIT_REF_NAME =~ /^\d+-\d+-auto-deploy-\d+$/ || $CI_COMMIT_REF_NAME =~ /^security\// || $CI_COMMIT_REF_NAME =~ "^ruby\d+(_\d)*$" || ($CI_MERGE_REQUEST_EVENT_TYPE == "merged_result" || $CI_MERGE_REQUEST_EVENT_TYPE == "detached") || $CI_COMMIT_TAG || $FORCE_GITLAB_CI' .if-default-branch-refs: &if-default-branch-refs if: '$CI_COMMIT_REF_NAME == $CI_DEFAULT_BRANCH && $CI_MERGE_REQUEST_IID == null' @@ -59,18 +59,15 @@ .if-merge-request-targeting-stable-branch: &if-merge-request-targeting-stable-branch if: '($CI_MERGE_REQUEST_EVENT_TYPE == "merged_result" || $CI_MERGE_REQUEST_EVENT_TYPE == "detached") && $CI_MERGE_REQUEST_TARGET_BRANCH_NAME =~ /^[\d-]+-stable(-ee|-jh)?$/' -.if-merge-request-labels-run-in-ruby3_0: &if-merge-request-labels-run-in-ruby3_0 - if: '$CI_MERGE_REQUEST_LABELS =~ /pipeline:run-in-ruby3_0/' - -.if-merge-request-labels-run-in-ruby3_1: &if-merge-request-labels-run-in-ruby3_1 - if: '$CI_MERGE_REQUEST_LABELS =~ /pipeline:run-in-ruby3_1/' - -.if-merge-request-labels-run-in-ruby3_2: &if-merge-request-labels-run-in-ruby3_2 - if: '$CI_MERGE_REQUEST_LABELS =~ /pipeline:run-in-ruby3_2/' +.if-merge-request-labels-run-in-ruby: &if-merge-request-labels-run-in-ruby + if: '$CI_MERGE_REQUEST_LABELS =~ /pipeline:run-in-ruby\d+(_\d)*/' .if-merge-request-labels-as-if-foss: &if-merge-request-labels-as-if-foss if: '$CI_MERGE_REQUEST_LABELS =~ /pipeline:run-as-if-foss/' +.if-merge-request-labels-as-if-foss-cross-project: &if-merge-request-labels-as-if-foss-cross-project + if: '$CI_MERGE_REQUEST_LABELS =~ /pipeline:run-as-if-foss-cross-project/' + .if-merge-request-labels-as-if-jh: &if-merge-request-labels-as-if-jh if: '$CI_MERGE_REQUEST_LABELS =~ /pipeline:run-as-if-jh/' @@ -125,8 +122,8 @@ .if-default-branch-schedule-nightly: &if-default-branch-schedule-nightly if: '$CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH && $CI_PIPELINE_SOURCE == "schedule" && $SCHEDULE_TYPE == "nightly"' -.if-ruby3_1-branch-schedule-nightly: &if-ruby3_1-branch-schedule-nightly - if: '$CI_COMMIT_BRANCH == "ruby3_1" && $CI_PIPELINE_SOURCE == "schedule" && $SCHEDULE_TYPE == "nightly"' +.if-ruby-branch-schedule-nightly: &if-ruby-branch-schedule-nightly + if: '$CI_COMMIT_BRANCH =~ "^ruby\d+(_\d)*$" && $CI_PIPELINE_SOURCE == "schedule" && $SCHEDULE_TYPE == "nightly"' .if-security-schedule: &if-security-schedule if: '$CI_PROJECT_NAMESPACE == "gitlab-org/security" && $CI_PIPELINE_SOURCE == "schedule"' @@ -161,8 +158,8 @@ .if-dot-com-gitlab-org-and-security-tag: &if-dot-com-gitlab-org-and-security-tag if: '$CI_SERVER_HOST == "gitlab.com" && $CI_PROJECT_NAMESPACE =~ /^gitlab-org($|\/security$)/ && $CI_COMMIT_TAG' -.if-ruby3_1-branch: &if-ruby3_1-branch - if: '$CI_COMMIT_BRANCH == "ruby3_1" || $CI_MERGE_REQUEST_LABELS =~ /pipeline:run-in-ruby3_1/' +.if-ruby-branch: &if-ruby-branch + if: '$CI_COMMIT_BRANCH =~ "^ruby\d+(_\d)*$" || $CI_MERGE_REQUEST_LABELS =~ /pipeline:run-in-ruby\d+(_\d)*/' #################### # Changes patterns # @@ -911,7 +908,7 @@ - <<: *if-dot-com-gitlab-org-schedule variables: ARCH: amd64,arm64 - - <<: *if-ruby3_1-branch + - <<: *if-ruby-branch - !reference [".releases:rules:canonical-dot-com-gitlab-stable-branch-only-setup-test-env-patterns", rules] .build-images:rules:build-qa-image-as-if-foss: @@ -947,7 +944,7 @@ # The rest are included to be consistent with .qa:rules:e2e:test-on-gdk - <<: *if-merge-request-targeting-stable-branch changes: *setup-test-env-patterns - - <<: *if-ruby3_1-branch + - <<: *if-ruby-branch # We include the job under the matching conditions below, but unlike in .qa:rules:e2e:test-on-gdk we don't need to # set OMNIBUS_GITLAB_BUILD_ON_ALL_OS when testing against GDK - <<: *if-merge-request @@ -979,7 +976,7 @@ when: never - <<: *if-merge-request-targeting-stable-branch changes: *setup-test-env-patterns - - <<: *if-ruby3_1-branch + - <<: *if-ruby-branch - <<: *if-merge-request-labels-run-review-app - <<: *if-auto-deploy-branches - <<: *if-default-refs @@ -1073,8 +1070,10 @@ ###################### .ci-templates:rules:shellcheck: rules: - - changes: *ci-templates-patterns - - changes: + - <<: *if-default-refs + changes: *ci-templates-patterns + - <<: *if-default-refs + changes: - scripts/lint_templates_bash.rb ###################### @@ -1202,7 +1201,7 @@ changes: *setup-test-env-patterns - <<: *if-merge-request-labels-run-review-app - <<: *if-auto-deploy-branches - - <<: *if-ruby3_1-branch + - <<: *if-ruby-branch - <<: *if-default-refs changes: *ci-build-images-patterns - <<: *if-default-refs @@ -1227,6 +1226,7 @@ .frontend:rules:compile-test-assets: rules: + - if: '$ENABLE_RSPEC == "true"' - <<: *if-merge-request-labels-run-all-rspec - <<: *if-merge-request changes: *backend-patterns @@ -1514,7 +1514,7 @@ allow_failure: true - <<: *if-dot-com-gitlab-org-schedule allow_failure: true - - <<: *if-ruby3_1-branch + - <<: *if-ruby-branch # Rules to support .qa:rules:package-and-test-ee - <<: *if-merge-request changes: *dependency-patterns @@ -1543,10 +1543,7 @@ - !reference [".qa:rules:package-and-test-never-run", rules] - <<: *if-merge-request-targeting-stable-branch changes: *setup-test-env-patterns - - <<: *if-ruby3_1-branch - variables: - USE_OLD_RUBY_VERSION: 'false' - CACHE_EDITION: 'GITLAB_RUBY3_1' + - <<: *if-ruby-branch - <<: *if-merge-request changes: *dependency-patterns variables: @@ -1588,10 +1585,7 @@ - <<: *if-merge-request-targeting-stable-branch changes: *setup-test-env-patterns allow_failure: true - - <<: *if-ruby3_1-branch - variables: - USE_OLD_RUBY_VERSION: 'false' - CACHE_EDITION: 'GITLAB_RUBY3_1' + - <<: *if-ruby-branch allow_failure: true - <<: *if-merge-request changes: *dependency-patterns @@ -1639,10 +1633,7 @@ - !reference [".qa:rules:package-and-test-never-run", rules] - <<: *if-merge-request-targeting-stable-branch changes: *setup-test-env-patterns - - <<: *if-ruby3_1-branch - variables: - USE_OLD_RUBY_VERSION: 'false' - CACHE_EDITION: 'GITLAB_RUBY3_1' + - <<: *if-ruby-branch - <<: *if-merge-request # Certain components trigger a rebuild of the e2e GDK image so we want to test it too changes: *gdk-component-patterns @@ -1758,7 +1749,7 @@ - <<: *if-merge-request-targeting-stable-branch changes: *setup-test-env-patterns when: never - - <<: *if-ruby3_1-branch + - <<: *if-ruby-branch when: never - <<: *if-merge-request changes: *dependency-patterns @@ -1805,7 +1796,7 @@ - <<: *if-merge-request-targeting-stable-branch changes: *setup-test-env-patterns when: never - - <<: *if-ruby3_1-branch + - <<: *if-ruby-branch when: never - <<: *if-merge-request changes: *dependency-patterns @@ -1844,7 +1835,7 @@ - <<: *if-merge-request-targeting-stable-branch changes: *setup-test-env-patterns when: never - - <<: *if-ruby3_1-branch + - <<: *if-ruby-branch when: never - <<: *if-merge-request changes: *dependency-patterns @@ -1892,6 +1883,7 @@ ############### .rails:rules:setup-test-env: rules: + - if: '$ENABLE_RSPEC == "true"' - <<: *if-default-refs changes: *setup-test-env-patterns - <<: *if-merge-request-labels-run-all-rspec @@ -2013,6 +2005,7 @@ when: never - <<: *if-merge-request-labels-pipeline-expedite when: never + - if: '$ENABLE_RSPEC_MIGRATION == "true"' - <<: *if-merge-request-labels-run-all-rspec - <<: *if-merge-request changes: *core-backend-patterns @@ -2044,6 +2037,7 @@ .rails:rules:ee-and-foss-background-migration: rules: + - if: '$ENABLE_RSPEC_BACKGROUND_MIGRATION == "true"' - !reference [".rails:rules:ee-and-foss-migration", rules] - <<: *if-default-refs changes: *backend-patterns @@ -2068,6 +2062,7 @@ rules: - <<: *if-fork-merge-request when: never + - if: '$ENABLE_RSPEC_UNIT == "true"' - !reference [".rails:rules:ee-and-foss-default-rules", rules] - <<: *if-default-refs changes: *backend-patterns @@ -2078,6 +2073,7 @@ rules: - <<: *if-fork-merge-request when: never + - if: '$ENABLE_RSPEC_INTEGRATION == "true"' - !reference [".rails:rules:ee-and-foss-default-rules", rules] - <<: *if-default-refs changes: *backend-patterns @@ -2086,12 +2082,14 @@ rules: - <<: *if-fork-merge-request when: never + - if: '$ENABLE_RSPEC_SYSTEM == "true"' - !reference [".rails:rules:system-default-rules", rules] - <<: *if-default-refs changes: *code-backstage-patterns .rails:rules:ee-and-foss-fast_spec_helper: rules: + - if: '$ENABLE_RSPEC_FAST_SPEC_HELPER == "true"' - <<: *if-merge-request-labels-run-all-rspec - <<: *if-merge-request changes: *backend-patterns @@ -2815,7 +2813,7 @@ .setup:rules:verify-default-ruby: rules: - - <<: *if-merge-request-labels-run-in-ruby3_2 + - <<: *if-merge-request-labels-run-in-ruby .setup:rules:verify-tests-yml: rules: @@ -2871,6 +2869,7 @@ ####################### .test-metadata:rules:retrieve-tests-metadata: rules: + - if: '$ENABLE_RSPEC == "true"' - <<: *if-default-refs changes: *code-backstage-patterns - <<: *if-default-refs @@ -2922,6 +2921,16 @@ - <<: *if-default-refs changes: *lint-metrics-yaml-patterns +#################### +# as-if-foss rules # +#################### +.as-if-foss:rules:start-as-if-foss: + rules: + - if: '$AS_IF_FOSS_TOKEN == null' + when: never + - !reference [".strict-ee-only-rules", rules] + - <<: *if-merge-request-labels-as-if-foss-cross-project + ################## # as-if-jh rules # ################## diff --git a/.gitlab/ci/setup.gitlab-ci.yml b/.gitlab/ci/setup.gitlab-ci.yml index 15f36957392..47bc73a9558 100644 --- a/.gitlab/ci/setup.gitlab-ci.yml +++ b/.gitlab/ci/setup.gitlab-ci.yml @@ -71,8 +71,7 @@ verify-default-ruby: - .setup:rules:verify-default-ruby stage: prepare script: - - echo 'Please remove label ~"pipeline:run-in-ruby3_2" so we do test against default Ruby version before merging the merge request' - - echo 'This does not work yet. See https://gitlab.com/gitlab-org/gitlab/-/issues/428537' + - echo 'Please remove label ~"pipeline:run-in-ruby3_2" or ~"pipeline:run-in-ruby3_0" so we do test against default Ruby version before merging the merge request' - exit 1 verify-tests-yml: @@ -207,8 +206,7 @@ trigger-omnibus-env: echo "OMNIBUS_GITLAB_CACHE_UPDATE=${OMNIBUS_GITLAB_CACHE_UPDATE:-false}" >> $BUILD_ENV for version_file in *_VERSION; do echo "$version_file=$(cat $version_file)" >> $BUILD_ENV; done echo "OMNIBUS_GITLAB_BUILD_ON_ALL_OS=${OMNIBUS_GITLAB_BUILD_ON_ALL_OS:-false}" >> $BUILD_ENV - echo "USE_OLD_RUBY_VERSION=${USE_OLD_RUBY_VERSION:-false}" >> $BUILD_ENV - echo "NEXT_RUBY_VERSION=${NEXT_RUBY_VERSION}" >> $BUILD_ENV + ruby -e 'puts "FULL_RUBY_VERSION=#{RUBY_VERSION}"' >> $BUILD_ENV echo "GITLAB_ASSETS_TAG=$(assets_image_tag)" >> $BUILD_ENV echo "EE=$([[ $FOSS_ONLY == '1' ]] && echo 'false' || echo 'true')" >> $BUILD_ENV define_trigger_branch_in_build_env diff --git a/.rubocop.yml b/.rubocop.yml index 7c24b1f4e87..8f847d26230 100644 --- a/.rubocop.yml +++ b/.rubocop.yml @@ -1035,7 +1035,6 @@ Cop/FeatureFlagUsage: Style/ArgumentsForwarding: Enabled: true - AllowOnlyRestArgument: false Search/NamespacedClass: Enabled: true diff --git a/app/assets/javascripts/boards/components/board_card_move_to_position.vue b/app/assets/javascripts/boards/components/board_card_move_to_position.vue index 9173503c888..398dcc494f7 100644 --- a/app/assets/javascripts/boards/components/board_card_move_to_position.vue +++ b/app/assets/javascripts/boards/components/board_card_move_to_position.vue @@ -1,6 +1,7 @@ <script> -import { GlDisclosureDropdown } from '@gitlab/ui'; +import { GlDisclosureDropdown, GlTooltipDirective } from '@gitlab/ui'; import Tracking from '~/tracking'; +import { s__ } from '~/locale'; import { BOARD_CARD_MOVE_TO_POSITIONS_OPTIONS, BOARD_CARD_MOVE_TO_POSITIONS_START_OPTION, @@ -12,6 +13,9 @@ export default { components: { GlDisclosureDropdown, }, + directives: { + GlTooltip: GlTooltipDirective, + }, mixins: [Tracking.mixin()], props: { item: { @@ -87,6 +91,9 @@ export default { } }, }, + i18n: { + moveCardText: s__('Boards|Card options'), + }, }; </script> @@ -94,12 +101,16 @@ export default { <gl-disclosure-dropdown ref="dropdown" :key="itemIdentifier" + v-gl-tooltip.hover.focus.top="{ + title: $options.i18n.moveCardText, + boundary: 'viewport', + }" class="move-to-position gl-display-block gl-mb-2 gl-ml-auto gl-mt-n3 gl-mr-n3 js-no-trigger" category="tertiary" :items="$options.BOARD_CARD_MOVE_TO_POSITIONS_OPTIONS" icon="ellipsis_v" :tabindex="index" - :toggle-text="s__('Boards|Move card')" + :aria-label="$options.i18n.moveCardText" :text-sr-only="true" no-caret data-testid="board-move-to-position" diff --git a/app/assets/javascripts/invite_members/components/invite_modal_base.vue b/app/assets/javascripts/invite_members/components/invite_modal_base.vue index 00b7c3f4bdd..574bbacc498 100644 --- a/app/assets/javascripts/invite_members/components/invite_modal_base.vue +++ b/app/assets/javascripts/invite_members/components/invite_modal_base.vue @@ -215,6 +215,7 @@ export default { this.$emit('reset'); }, onShowModal() { + this.$emit('shown'); if (this.usersLimitDataset.reachedLimit) { this.track('render', { category: 'default', label: ON_SHOW_TRACK_LABEL }); } diff --git a/app/assets/javascripts/super_sidebar/components/pinned_section.vue b/app/assets/javascripts/super_sidebar/components/pinned_section.vue index 05040218164..2be9f9e9f7d 100644 --- a/app/assets/javascripts/super_sidebar/components/pinned_section.vue +++ b/app/assets/javascripts/super_sidebar/components/pinned_section.vue @@ -116,7 +116,11 @@ export default { @pin-remove="onPinRemove(item.id, item.title)" /> </draggable> - <li v-else class="gl-text-secondary gl-font-sm gl-py-3" style="margin-left: 2.5rem"> + <li + v-else + class="gl-text-secondary gl-font-sm gl-py-3 super-sidebar-empty-pinned-text" + style="margin-left: 2.5rem" + > {{ $options.i18n.emptyHint }} </li> </menu-section> diff --git a/app/assets/stylesheets/framework/super_sidebar.scss b/app/assets/stylesheets/framework/super_sidebar.scss index d8bccc49e29..5fcc24a1827 100644 --- a/app/assets/stylesheets/framework/super_sidebar.scss +++ b/app/assets/stylesheets/framework/super_sidebar.scss @@ -408,6 +408,13 @@ $super-sidebar-transition-hint-duration: $super-sidebar-transition-duration / 4; } } +.super-sidebar-empty-pinned-text { + mix-blend-mode: multiply; + + .gl-dark & { + mix-blend-mode: screen; + } +} // Styles for the ScrollScrim component. // Should eventually be moved to gitlab-ui. diff --git a/db/docs/batched_background_migrations/drop_vulnerabilities_without_finding_id.yml b/db/docs/batched_background_migrations/drop_vulnerabilities_without_finding_id.yml new file mode 100644 index 00000000000..37e7fae2ea6 --- /dev/null +++ b/db/docs/batched_background_migrations/drop_vulnerabilities_without_finding_id.yml @@ -0,0 +1,9 @@ +--- +migration_job_name: DropVulnerabilitiesWithoutFindingId +description: Remove Vulnerabilities without associated finding_id +feature_category: vulnerability_management +introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/140532 +milestone: '16.8' +queued_migration_version: 20231221223259 +finalize_after: '2024-01-22' +finalized_by: # version of the migration that finalized this BBM diff --git a/db/post_migrate/20231221223259_queue_drop_vulnerabilities_without_finding_id.rb b/db/post_migrate/20231221223259_queue_drop_vulnerabilities_without_finding_id.rb new file mode 100644 index 00000000000..25aa2912767 --- /dev/null +++ b/db/post_migrate/20231221223259_queue_drop_vulnerabilities_without_finding_id.rb @@ -0,0 +1,27 @@ +# frozen_string_literal: true + +class QueueDropVulnerabilitiesWithoutFindingId < Gitlab::Database::Migration[2.2] + milestone '16.8' + + MIGRATION = "DropVulnerabilitiesWithoutFindingId" + DELAY_INTERVAL = 2.minutes + BATCH_SIZE = 1000 + SUB_BATCH_SIZE = 100 + + restrict_gitlab_migration gitlab_schema: :gitlab_main + + def up + queue_batched_background_migration( + MIGRATION, + :vulnerabilities, + :id, + job_interval: DELAY_INTERVAL, + batch_size: BATCH_SIZE, + sub_batch_size: SUB_BATCH_SIZE + ) + end + + def down + delete_batched_background_migration(MIGRATION, :vulnerabilities, :id, []) + end +end diff --git a/db/schema_migrations/20231221223259 b/db/schema_migrations/20231221223259 new file mode 100644 index 00000000000..bad7426d672 --- /dev/null +++ b/db/schema_migrations/20231221223259 @@ -0,0 +1 @@ +8486c7e03ce00647f110c03d912728dd140911179da871af0ae8bf521b22dccb
\ No newline at end of file diff --git a/doc/administration/backup_restore/backup_gitlab.md b/doc/administration/backup_restore/backup_gitlab.md index f38358810e3..707b209faf3 100644 --- a/doc/administration/backup_restore/backup_gitlab.md +++ b/doc/administration/backup_restore/backup_gitlab.md @@ -656,7 +656,8 @@ sudo -u git -H bundle exec rake gitlab:backup:create REPOSITORIES_STORAGES=stora #### Back up specific repositories -> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/88094) in GitLab 15.1. +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/88094) in GitLab 15.1. +> - [Skipping specific repositories added](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/121865) in GitLab 16.1. You can back up specific repositories using the `REPOSITORIES_PATHS` option. Similarly, you can use `SKIP_REPOSITORIES_PATHS` to skip certain repositories. diff --git a/doc/api/groups.md b/doc/api/groups.md index 938cd9dbab1..e168adef6e2 100644 --- a/doc/api/groups.md +++ b/doc/api/groups.md @@ -1704,6 +1704,7 @@ To delete the LDAP group link, provide either a `cn` or a `filter`, but not both > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/290367) in GitLab 15.3.0. > - `access_level` type [changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/95607) from `string` to `integer` in GitLab 15.3.3. > - `member_role_id` type [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/417201) in GitLab 16.7 [with a flag](../administration/feature_flags.md) named `custom_roles_for_saml_group_links`. Disabled by default. +> - `member_role_id` type [Generally available](https://gitlab.com/gitlab-org/gitlab/-/issues/417201) in GitLab 16.8. Feature flag `custom_roles_for_saml_group_links` removed. List, get, add, and delete SAML group links. diff --git a/doc/development/pipelines/index.md b/doc/development/pipelines/index.md index 072fb6382b4..aebb0f9076d 100644 --- a/doc/development/pipelines/index.md +++ b/doc/development/pipelines/index.md @@ -300,6 +300,23 @@ set and get the `ee/` folder removed before the tests start running. The intent is to ensure that a change doesn't introduce a failure after `gitlab-org/gitlab` is synced to `gitlab-org/gitlab-foss`. +#### As-if-FOSS cross project downstream pipeline + +As an alternative to the `* as-if-foss` jobs, we can also run a cross project +FOSS pipeline exactly in the `gitlab-org/gitlab-foss` project. We trigger it +in the following cases: + +- when the `pipeline:run-as-if-foss-cross-project` label is set on the merge request + +This is still working-in-progress to replace the `* as-if-foss` jobs. The +goal is to simplify pipeline rules and make it more clear about the intention. + +##### Tokens set in the project variables + +- `AS_IF_FOSS_TOKEN`: This is a [GitLab FOSS](https://gitlab.com/gitlab-org/gitlab-foss) + project token with `developer` role and `write_repository` permission, + to push generated `as-if-foss/*` branch. + ### As-if-JH cross project downstream pipeline #### What it is @@ -399,7 +416,8 @@ flowchart TD - `ADD_JH_FILES_TOKEN`: This is a [GitLab JH mirror](https://gitlab.com/gitlab-org/gitlab-jh-mirrors/gitlab) project token with `read_api` permission, to be able to download JiHu files. - `AS_IF_JH_TOKEN`: This is a [GitLab JH validation](https://gitlab.com/gitlab-org-sandbox/gitlab-jh-validation) - project token with `write_repository` permission, to push generated `as-if-jh/*` branch. + project token with `developer` role and `write_repository` permission, + to push generated `as-if-jh/*` branch. ##### How we generate the as-if-JH branch @@ -613,30 +631,30 @@ Exceptions to this general guideline should be motivated and documented. ### Ruby versions testing -We're running Ruby 3.0 on GitLab.com, as well as for the default branch. -To prepare for the next Ruby version, we run merge requests in Ruby 3.1. +We're running Ruby 3.1 on GitLab.com, as well as for the default branch. +To prepare for the next Ruby version, we will run merge requests in Ruby 3.2, +starting on February 2024. Please see the roadmap at +[Ruby 3.2 epic](https://gitlab.com/groups/gitlab-org/-/epics/9684#plan) +for more details. -This takes effects at the time when -[Run merge requests in Ruby 3.1 by default](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/134290) -is merged. See -[Ruby 3.1 epic](https://gitlab.com/groups/gitlab-org/-/epics/10034) -for the roadmap to fully make Ruby 3.1 the default. +To make sure all supported Ruby versions are working, we also run our test +suite on dedicated 2-hourly scheduled pipelines for each supported versions. -To make sure both Ruby versions are working, we also run our test suite -against both Ruby 3.0 and Ruby 3.1 on dedicated 2-hourly scheduled pipelines. +For merge requests, you can add the following labels to run the respective +Ruby version only: -For merge requests, you can add the `pipeline:run-in-ruby3_0` label to switch -the Ruby version to 3.0. When you do this, the test suite will no longer run -in Ruby 3.1 (default for merge requests). +- `pipeline:run-in-ruby3_0` +- `pipeline:run-in-ruby3_1` +- `pipeline:run-in-ruby3_2` -When the pipeline is running in a Ruby version not considered default, an -additional job `verify-default-ruby` will also run and always fail to remind -us to remove the label and run in default Ruby before merging the merge -request. At the moment both Ruby 3.0 and Ruby 3.1 are considered default. +Note that when you do this, the test suite will no longer run in the default +Ruby version for merge requests. In this case, an additional job +`verify-default-ruby` will also run and always fail to remind us to remove +the label and run in default Ruby before merging the merge request. This should let us: -- Test changes for Ruby 3.1 +- Test changes for any supported Ruby versions - Make sure it will not break anything when it's merged into the default branch ### PostgreSQL versions testing @@ -652,24 +670,27 @@ We also run our test suite against PostgreSQL 13 upon specific database library | Where? | PostgreSQL version | Ruby version | |--------------------------------------------------------------------------------------------------|-------------------------------------------------|-----------------------| -| Merge requests | 14 (default version), 13 for DB library changes | 3.1 | -| `master` branch commits | 14 (default version), 13 for DB library changes | 3.0 (default version) | -| `maintenance` scheduled pipelines for the `master` branch (every even-numbered hour) | 14 (default version), 13 for DB library changes | 3.0 (default version) | -| `maintenance` scheduled pipelines for the `ruby3_1` branch (every odd-numbered hour), see below. | 14 (default version), 13 for DB library changes | 3.1 | -| `nightly` scheduled pipelines for the `master` branch | 14 (default version), 13, 15 | 3.0 (default version) | - -There are 2 pipeline schedules used for testing Ruby 3.1. One is triggering a -pipeline in `ruby3_1-sync` branch, which updates the `ruby3_1` branch with latest -`master`, and no pipelines will be triggered by this push. The other schedule -is triggering a pipeline in `ruby3_1` 5 minutes after it, which is considered -the maintenance schedule to run test suites and update cache. - -The `ruby3_1` branch must not have any changes. The branch is only there to set -`RUBY_VERSION` to `3.1` in the maintenance pipeline schedule. - -The `gitlab` job in the `ruby3_1-sync` branch uses a `gitlab-org/gitlab` project -token with `write_repository` scope and `Maintainer` role with no expiration. -The token is stored in the `RUBY3_1_SYNC_TOKEN` variable in `gitlab-org/gitlab`. +| Merge requests | 14 (default version), 13 for DB library changes | 3.1 (default version) | +| `master` branch commits | 14 (default version), 13 for DB library changes | 3.1 (default version) | +| `maintenance` scheduled pipelines for the `master` branch (every even-numbered hour at XX:05) | 14 (default version), 13 for DB library changes | 3.1 (default version) | +| `maintenance` scheduled pipelines for the `ruby3_0` branch (every odd-numbered hour at XX:40) | 14 (default version), 13 for DB library changes | 3.0 | +| `maintenance` scheduled pipelines for the `ruby3_2` branch (every odd-numbered hour at XX:10) | 14 (default version), 13 for DB library changes | 3.2 | +| `nightly` scheduled pipelines for the `master` branch | 14 (default version), 13, 15 | 3.1 (default version) | + +For each current Ruby versions we're testing against with, we run +maintenance scheduled pipelines every 2 hours on their respective `ruby\d_\d` +branches. All these branches must not have any changes. These branches are +only there to run pipelines with their respective Ruby versions in the +scheduled maintenance pipelines. + +Additionally, we have scheduled pipelines running on `ruby-sync` branch also +every 2 hours, updating all the `ruby\d_\d` branches to be up-to-date with +the default branch `master`. No pipelines will be triggered by this push. + +The `gitlab` job in the `ruby-sync` branch uses a `gitlab-org/gitlab` project +token named `RUBY_SYNC` with `write_repository` scope and `Maintainer` role, +expiring on 2024-12-01. The token is stored in the `RUBY_SYNC_TOKEN` variable +in the pipeline schedule for `ruby-sync` branch. ### Redis versions testing diff --git a/doc/development/pipelines/internals.md b/doc/development/pipelines/internals.md index b3b4cbec02d..a81eb6f656b 100644 --- a/doc/development/pipelines/internals.md +++ b/doc/development/pipelines/internals.md @@ -48,6 +48,25 @@ from using `$FORCE_GITLAB_CI`. - [JiHu validation pipeline](https://about.gitlab.com/handbook/ceo/chief-of-staff-team/jihu-support/jihu-validation-pipelines.html) - [Gitaly downstream GitLab pipeline](https://gitlab.com/gitlab-org/gitaly/-/issues/4615) +See the next section for how we can enable pipelines without using +`$FORCE_GITLAB_CI`. + +#### Alternative to `$FORCE_GITLAB_CI` + +Essentially, we use different variables to enable different pipelines. +An example doing this is `$START_AS_IF_FOSS`. When we want to trigger a +cross project FOSS pipeline, we set `$START_AS_IF_FOSS`, along with a set of +other variables like `$ENABLE_RSPEC_UNIT`, `$ENABLE_RSPEC_SYSTEM`, and so on +so forth to enable each jobs we want to run in the as-if-foss cross project +downstream pipeline. + +The advantage of this over `$FORCE_GITLAB_CI` is that we have full control +over how we want to run the pipeline because `$START_AS_IF_FOSS` is only used +for this purpose, and changing how the pipeline behaves under this variable +will not affect other types of pipelines, while using `$FORCE_GITLAB_CI` we +do not know what exactly the pipeline is because it's used for multiple +purposes. + ## Default image The default image is defined in [`.gitlab-ci.yml`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/.gitlab-ci.yml). diff --git a/doc/update/index.md b/doc/update/index.md index c0a6b64a1ac..0c43af3b925 100644 --- a/doc/update/index.md +++ b/doc/update/index.md @@ -192,12 +192,13 @@ When upgrading: - GitLab 15: [`15.0.5`](versions/gitlab_15_changes.md#1500) > [`15.1.6`](versions/gitlab_15_changes.md#1510) (for GitLab instances with multiple web nodes) > [`15.4.6`](versions/gitlab_15_changes.md#1540) > [`15.11.13`](versions/gitlab_15_changes.md#15110). - - GitLab 16: [`16.0.x`](versions/gitlab_16_changes.md#1600) (only + - GitLab 16: [`16.0.8`](versions/gitlab_16_changes.md#1600) (only instances with [lots of users](versions/gitlab_16_changes.md#long-running-user-type-data-change) or [large pipeline variables history](versions/gitlab_16_changes.md#1610)) > - [`16.1`](versions/gitlab_16_changes.md#1610) (instances with NPM packages in their package registry) > - [`16.2.x`](versions/gitlab_16_changes.md#1620) (only instances with [large pipeline variables history](versions/gitlab_16_changes.md#1630)) > - [`16.3`](versions/gitlab_16_changes.md#1630) > [latest `16.Y.Z`](https://gitlab.com/gitlab-org/gitlab/-/releases). + [`16.1.5`](versions/gitlab_16_changes.md#1610) (instances with NPM packages in their package registry) > + [`16.2.8`](versions/gitlab_16_changes.md#1620) (only instances with [large pipeline variables history](versions/gitlab_16_changes.md#1630)) > + [`16.3.6`](versions/gitlab_16_changes.md#1630) > [`16.7.z`](versions/gitlab_16_changes.md#1670) + > [latest `16.Y.Z`](https://gitlab.com/gitlab-org/gitlab/-/releases). 1. Check for [required upgrade stops](#required-upgrade-stops). 1. Consult the [version-specific upgrade instructions](#version-specific-upgrading-instructions). diff --git a/doc/update/versions/gitlab_16_changes.md b/doc/update/versions/gitlab_16_changes.md index 7108f0eaa3f..a350ec88b0e 100644 --- a/doc/update/versions/gitlab_16_changes.md +++ b/doc/update/versions/gitlab_16_changes.md @@ -17,22 +17,55 @@ For more information about upgrading GitLab Helm Chart, see [the release notes f ## Issues to be aware of when upgrading from 15.11 - [PostgreSQL 12 is not supported starting from GitLab 16](../../update/deprecations.md#postgresql-12-deprecated). Upgrade PostgreSQL to at least version 13.6 before upgrading to GitLab 16.0 or later. -- Some GitLab installations must upgrade to GitLab 16.0 before upgrading to any other version. For more information, see - [Long-running user type data change](#long-running-user-type-data-change). -- Other installations can skip 16.0, 16.1, and 16.2 as the first required stop on the upgrade path is 16.3. Review the notes for those intermediate - versions. - If your GitLab instance upgraded first to 15.11.0, 15.11.1, or 15.11.2 the database schema is incorrect. - Recommended: perform the workaround before upgrading to 16.x. - See [the details and workaround](#undefined-column-error-upgrading-to-162-or-later). -- Linux package installations must change Gitaly and Praefect configuration structure before upgrading to GitLab 16. + Perform the [workaround](#undefined-column-error-upgrading-to-162-or-later) before upgrading to 16.x. +- Most installations can skip 16.0, 16.1, and 16.2, as the first required stop on the upgrade path is 16.3. + In all cases, you should review the notes for those intermediate versions. + + Some GitLab installations must stop at those intermediate versions depending on which features are used + and the size of the environment: + + - 16.0.8: Instances with lots of records in the users table. + For more information, see [long-running user type data change](#long-running-user-type-data-change). + - [16.1.5](#1610): Instances that use the NPM package registry. + - [16.2.8](#1620): Instances with lots of pipeline variables (including historical pipelines). + + If your instance is affected and you skip these stops: + + - The upgrade can take hours to complete. + - The instance generates 500 errors until all the database changes are finished, after which + Puma and Sidekiq must restarted. + - For Linux package installations, a timeout occurs and a + [manual workaround to complete the migrations](../package/package_troubleshooting.md#mixlibshelloutcommandtimeout-rails_migrationgitlab-rails--command-timed-out-after-3600s) + is necessary. + +- GitLab 16.0 introduced changes around enforcing limits on project sizes. On self-managed, if you use + these limits, projects that have reached their limit causes error messages when pushing to unaffected Git + repositories in the same group. The errors often refer to exceeding a limit of zero bytes (`limit of 0 B`). + + The pushes succeed, but the errors imply otherwise and might cause issues with automation. + [Read more in the issue](https://gitlab.com/gitlab-org/gitlab/-/issues/416646). + The [bug is fixed in GitLab 16.5 and later](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/131122). + +### Linux package installations + +- Gitaly and Praefect configuration structure must be changed before upgrading to GitLab 16. **To avoid data loss** reconfigure Praefect first, and as part of the new configuration, disable metadata verification. Read more: - [Praefect configuration structure change](#praefect-configuration-structure-change). - [Gitaly configuration structure change](#gitaly-configuration-structure-change). +- If you reconfigure Gitaly to store Git data in a location other than `/var/opt/gitlab/git-data/repositories`, + packaged GitLab 16.0 and later does not automatically create the directory structure. + [Read the issue for more details and the workaround](https://gitlab.com/gitlab-org/omnibus-gitlab/-/issues/8320). + ## 16.7.0 +- GitLab 16.7 is a required upgrade stop. This ensures that all database changes introduced + in GitLab 16.7 and earlier have been implemented on all self-managed instances. Dependent changes can then be released + in GitLab 16.8 and later. [Issue 429611](https://gitlab.com/gitlab-org/gitlab/-/issues/429611) provides more details. + ### Linux package installations Specific information applies to Linux package installations: diff --git a/doc/user/custom_roles.md b/doc/user/custom_roles.md index 3ab4e31859c..99e8b8b5d52 100644 --- a/doc/user/custom_roles.md +++ b/doc/user/custom_roles.md @@ -223,8 +223,8 @@ To remove a custom role from a group member: 1. Select the **Max role** dropdown list for the member you want to remove a custom role from. 1. On the **Change role** dialog, select a static role. -You can update or remove a custom role from a group member also with the [Group and Project Members API endpoint](../api/members.md#edit-a-member-of-a-group-or-project). -and pass an empty `member_role_id` value: +You can also use the [Group and Project Members API endpoint](../api/members.md#edit-a-member-of-a-group-or-project) +to update or remove a custom role from a group member by passing an empty `member_role_id` value: ```shell # to update a project membership diff --git a/lib/gitlab/background_migration/drop_vulnerabilities_without_finding_id.rb b/lib/gitlab/background_migration/drop_vulnerabilities_without_finding_id.rb new file mode 100644 index 00000000000..783bf0e2bda --- /dev/null +++ b/lib/gitlab/background_migration/drop_vulnerabilities_without_finding_id.rb @@ -0,0 +1,15 @@ +# frozen_string_literal: true + +module Gitlab + module BackgroundMigration + class DropVulnerabilitiesWithoutFindingId < BatchedMigrationJob + operation_name :drop_vulnerabilities_without_finding_id + scope_to ->(relation) { relation.where(finding_id: nil) } + feature_category :vulnerability_management + + def perform + each_sub_batch(&:delete_all) + end + end + end +end diff --git a/locale/gitlab.pot b/locale/gitlab.pot index 0449c70c992..e1f0ea53cb9 100644 --- a/locale/gitlab.pot +++ b/locale/gitlab.pot @@ -8456,6 +8456,9 @@ msgid_plural "Boards|Blocked by %{blockedByCount} %{issuableType}s" msgstr[0] "" msgstr[1] "" +msgid "Boards|Card options" +msgstr "" + msgid "Boards|Collapse" msgstr "" @@ -8477,9 +8480,6 @@ msgstr "" msgid "Boards|Failed to fetch blocking %{issuableType}s" msgstr "" -msgid "Boards|Move card" -msgstr "" - msgid "Boards|Move to end of list" msgstr "" diff --git a/scripts/setup/generate-as-if-foss-env.rb b/scripts/setup/generate-as-if-foss-env.rb new file mode 100755 index 00000000000..68b869287a6 --- /dev/null +++ b/scripts/setup/generate-as-if-foss-env.rb @@ -0,0 +1,22 @@ +#!/usr/bin/env ruby +# frozen_string_literal: true + +require 'gitlab' +require 'set' + +client = Gitlab.client(endpoint: ENV['CI_API_V4_URL'], private_token: '') + +rspec_jobs = Set.new + +client.pipeline_jobs(ENV['CI_PROJECT_ID'], ENV['CI_PIPELINE_ID']).auto_paginate do |job| + rspec_type = job.name[/^rspec ([\w\-]+)/, 1] + + rspec_jobs << rspec_type if rspec_type +end + +puts 'START_AS_IF_FOSS=true', "RUBY_VERSION=#{ENV['RUBY_VERSION']}" +puts 'ENABLE_RSPEC=true' if rspec_jobs.any? + +rspec_jobs.each do |rspec| + puts "ENABLE_RSPEC_#{rspec.upcase.tr('-', '_')}=true" +end diff --git a/spec/frontend/invite_members/components/invite_modal_base_spec.js b/spec/frontend/invite_members/components/invite_modal_base_spec.js index c26d1d921a5..4f4288196ab 100644 --- a/spec/frontend/invite_members/components/invite_modal_base_spec.js +++ b/spec/frontend/invite_members/components/invite_modal_base_spec.js @@ -70,6 +70,7 @@ describe('InviteModalBase', () => { const findDisabledInput = () => wrapper.findByTestId('disabled-input'); const findCancelButton = () => wrapper.findByTestId('invite-modal-cancel'); const findActionButton = () => wrapper.findByTestId('invite-modal-submit'); + const findModal = () => wrapper.findComponent(GlModal); describe('rendering the modal', () => { let trackingSpy; @@ -82,7 +83,7 @@ describe('InviteModalBase', () => { }); it('renders the modal with the correct title', () => { - expect(wrapper.findComponent(GlModal).props('title')).toBe(propsData.modalTitle); + expect(findModal().props('title')).toBe(propsData.modalTitle); }); it('displays the introText', () => { @@ -200,9 +201,7 @@ describe('InviteModalBase', () => { }); trackingSpy = mockTracking(undefined, wrapper.element, jest.spyOn); - const modal = wrapper.findComponent(GlModal); - - modal.vm.$emit('shown'); + findModal().vm.$emit('shown'); expectTracking('render', ON_SHOW_TRACK_LABEL, 'default'); unmockTracking(); @@ -280,4 +279,14 @@ describe('InviteModalBase', () => { state: false, }); }); + + it('emits the shown event when the modal is shown', () => { + createComponent(); + // Verify that the shown event isn't emitted when the component is first created. + expect(wrapper.emitted('shown')).toBeUndefined(); + + findModal().vm.$emit('shown'); + + expect(wrapper.emitted('shown')).toHaveLength(1); + }); }); diff --git a/spec/lib/gitlab/background_migration/drop_vulnerabilities_without_finding_id_spec.rb b/spec/lib/gitlab/background_migration/drop_vulnerabilities_without_finding_id_spec.rb new file mode 100644 index 00000000000..05817001395 --- /dev/null +++ b/spec/lib/gitlab/background_migration/drop_vulnerabilities_without_finding_id_spec.rb @@ -0,0 +1,124 @@ +# frozen_string_literal: true + +require 'spec_helper' + +RSpec.describe Gitlab::BackgroundMigration::DropVulnerabilitiesWithoutFindingId, feature_category: :vulnerability_management do # rubocop:disable Layout/LineLength -- autogenerated + let(:namespaces) { table(:namespaces) } + let(:projects) { table(:projects) } + let(:users) { table(:users) } + let(:members) { table(:members) } + let(:vulnerability_identifiers) { table(:vulnerability_identifiers) } + let(:vulnerability_scanners) { table(:vulnerability_scanners) } + let(:vulnerability_findings) { table(:vulnerability_occurrences) } + let(:vulnerabilities) { table(:vulnerabilities) } + let!(:user) { create_user(email: "test1@example.com", username: "test1") } + let!(:namespace) { namespaces.create!(name: "test-1", path: "test-1", owner_id: user.id) } + let!(:project) do + projects.create!( + id: 9999, namespace_id: namespace.id, + project_namespace_id: namespace.id, + creator_id: user.id + ) + end + + let!(:membership) do + members.create!(access_level: 50, source_id: project.id, source_type: "Project", user_id: user.id, state: 0, + notification_level: 3, type: "ProjectMember", member_namespace_id: namespace.id) + end + + let(:migration_attrs) do + { + start_id: vulnerabilities.first.id, + end_id: vulnerabilities.last.id, + batch_table: :vulnerabilities, + batch_column: :id, + sub_batch_size: 100, + pause_ms: 0, + connection: ApplicationRecord.connection + } + end + + describe "#perform" do + subject(:background_migration) { described_class.new(**migration_attrs).perform } + + let!(:vulnerability_without_finding_id) { create_vulnerability } + + let!(:vulnerabilities_finding) { create_finding(project) } + let!(:vulnerability_with_finding_id) { create_vulnerability(finding_id: vulnerabilities_finding.id) } + + it 'removes all Vulnerabilities without a finding_id' do + expect { background_migration }.to change { vulnerabilities.count }.from(2).to(1) + end + end + + private + + def create_scanner(project, overrides = {}) + attrs = { + project_id: project.id, + external_id: "test_vulnerability_scanner", + name: "Test Vulnerabilities::Scanner" + }.merge(overrides) + + vulnerability_scanners.create!(attrs) + end + + def create_identifier(project, overrides = {}) + attrs = { + project_id: project.id, + external_id: "CVE-2018-1234", + external_type: "CVE", + name: "CVE-2018-1234", + fingerprint: SecureRandom.hex(20) + }.merge(overrides) + + vulnerability_identifiers.create!(attrs) + end + + def create_finding(project, overrides = {}) + attrs = { + project_id: project.id, + scanner_id: create_scanner(project).id, + severity: 5, # medium + confidence: 2, # unknown, + report_type: 99, # generic + primary_identifier_id: create_identifier(project).id, + project_fingerprint: SecureRandom.hex(20), + location_fingerprint: SecureRandom.hex(20), + uuid: SecureRandom.uuid, + name: "CVE-2018-1234", + raw_metadata: "{}", + metadata_version: "test:1.0" + }.merge(overrides) + + vulnerability_findings.create!(attrs) + end + + def create_vulnerability(overrides = {}) + attrs = { + project_id: project.id, + author_id: user.id, + title: 'test', + severity: 1, + confidence: 1, + report_type: 1, + state: 1, + detected_at: Time.zone.now + }.merge(overrides) + + vulnerabilities.create!(attrs) + end + + def create_user(overrides = {}) + attrs = { + email: "test@example.com", + notification_email: "test@example.com", + name: "test", + username: "test", + state: "active", + projects_limit: 10 + }.merge(overrides) + + users.create!(attrs) + end +end diff --git a/spec/migrations/20231221223259_queue_drop_vulnerabilities_without_finding_id_spec.rb b/spec/migrations/20231221223259_queue_drop_vulnerabilities_without_finding_id_spec.rb new file mode 100644 index 00000000000..473b9b065bc --- /dev/null +++ b/spec/migrations/20231221223259_queue_drop_vulnerabilities_without_finding_id_spec.rb @@ -0,0 +1,26 @@ +# frozen_string_literal: true + +require 'spec_helper' +require_migration! + +RSpec.describe QueueDropVulnerabilitiesWithoutFindingId, feature_category: :vulnerability_management do + let!(:batched_migration) { described_class::MIGRATION } + + it 'schedules a new batched migration' do + reversible_migration do |migration| + migration.before -> { + expect(batched_migration).not_to have_scheduled_batched_migration + } + + migration.after -> { + expect(batched_migration).to have_scheduled_batched_migration( + table_name: :vulnerabilities, + column_name: :id, + interval: described_class::DELAY_INTERVAL, + batch_size: described_class::BATCH_SIZE, + sub_batch_size: described_class::SUB_BATCH_SIZE + ) + } + end + end +end |