diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2021-03-25 21:09:07 +0300 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2021-03-25 21:09:07 +0300 |
| commit | e93121b42cb4ca672c893c6be0a8af0c8d9f7987 (patch) | |
| tree | ce7516c91e058ca8d940ea55b2a65a36f0612a1e | |
| parent | c93641ef29cf43b834bb02101ebfe5a9f76bff92 (diff) | |
Add latest changes from gitlab-org/gitlab@master
74 files changed, 795 insertions, 310 deletions
diff --git a/.gitlab/ci/cache-repo.gitlab-ci.yml b/.gitlab/ci/cache-repo.gitlab-ci.yml index 5a4f20eed41..48724f7e65c 100644 --- a/.gitlab/ci/cache-repo.gitlab-ci.yml +++ b/.gitlab/ci/cache-repo.gitlab-ci.yml @@ -41,7 +41,7 @@ cache-repo: cd $CI_PROJECT_NAME; time git repack -d; echo "Archiving $CI_PROJECT_NAME into /tmp/$SHALLOW_CLONE_TAR_FILENAME."; - time git remote rm origin + time git remote rm origin; time tar cf /tmp/$SHALLOW_CLONE_TAR_FILENAME .; echo "GZipping /tmp/$SHALLOW_CLONE_TAR_FILENAME."; time gzip /tmp/$SHALLOW_CLONE_TAR_FILENAME; @@ -53,8 +53,9 @@ cache-repo: echo "Cloning $CI_REPOSITORY_URL into $CI_PROJECT_NAME."; time git clone --progress $CI_REPOSITORY_URL $CI_PROJECT_NAME; cd $CI_PROJECT_NAME; + time git repack -d; echo "Archiving $CI_PROJECT_NAME into /tmp/$FULL_CLONE_TAR_FILENAME."; - time git remote rm origin + time git remote rm origin; time tar cf /tmp/$FULL_CLONE_TAR_FILENAME .; echo "GZipping /tmp/$FULL_CLONE_TAR_FILENAME."; time gzip /tmp/$FULL_CLONE_TAR_FILENAME; diff --git a/.gitlab/ci/rules.gitlab-ci.yml b/.gitlab/ci/rules.gitlab-ci.yml index b8b37c530f2..5464409254a 100644 --- a/.gitlab/ci/rules.gitlab-ci.yml +++ b/.gitlab/ci/rules.gitlab-ci.yml @@ -314,6 +314,7 @@ rules: - <<: *if-not-canonical-namespace when: never + - <<: *if-auto-deploy-branches - changes: *ci-build-images-patterns - changes: *code-qa-patterns @@ -394,8 +395,8 @@ rules: - <<: *if-not-canonical-namespace when: never - - <<: *if-default-refs - changes: *code-qa-patterns + - <<: *if-auto-deploy-branches + - changes: *code-qa-patterns .frontend:rules:compile-test-assets: rules: @@ -514,7 +514,7 @@ gem 'erubi', '~> 1.9.0' gem 'mail', '= 2.7.1' # File encryption -gem 'lockbox', '~> 0.3.3' +gem 'lockbox', '~> 0.6.2' # Email validation gem 'valid_email', '~> 0.1' diff --git a/Gemfile.lock b/Gemfile.lock index 03c652e891c..eff3f2c1cd1 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -707,7 +707,7 @@ GEM rb-fsevent (~> 0.10, >= 0.10.3) rb-inotify (~> 0.9, >= 0.9.10) locale (2.1.3) - lockbox (0.3.3) + lockbox (0.6.2) lograge (0.11.2) actionpack (>= 4) activesupport (>= 4) @@ -1478,7 +1478,7 @@ DEPENDENCIES letter_opener_web (~> 1.3.4) license_finder (~> 6.0) licensee (~> 9.14.1) - lockbox (~> 0.3.3) + lockbox (~> 0.6.2) lograge (~> 0.5) loofah (~> 2.2) lru_redux diff --git a/app/finders/packages/maven/package_finder.rb b/app/finders/packages/maven/package_finder.rb index ba3d4631f55..f175756ca33 100644 --- a/app/finders/packages/maven/package_finder.rb +++ b/app/finders/packages/maven/package_finder.rb @@ -33,7 +33,7 @@ module Packages end def packages_with_path - matching_packages = base.only_maven_packages_with_path(path) + matching_packages = base.only_maven_packages_with_path(path, use_cte: group.present?) matching_packages = matching_packages.order_by_package_file if versionless_package?(matching_packages) matching_packages diff --git a/app/models/packages/package.rb b/app/models/packages/package.rb index 9ed9f3c9285..10c2e2e34f5 100644 --- a/app/models/packages/package.rb +++ b/app/models/packages/package.rb @@ -141,8 +141,19 @@ class Packages::Package < ApplicationRecord where(project_id: projects) end - def self.only_maven_packages_with_path(path) - joins(:maven_metadatum).where(packages_maven_metadata: { path: path }) + def self.only_maven_packages_with_path(path, use_cte: false) + if use_cte && Feature.enabled?(:maven_metadata_by_path_with_optimization_fence) + # This is an optimization fence which assumes that looking up the Metadatum record by path (globally) + # and then filter down the packages (by project or by group and subgroups) will be cheaper than + # looking up all packages within a project or group and filter them by path. + + inner_query = Packages::Maven::Metadatum.where(path: path).select(:id, :package_id) + cte = Gitlab::SQL::CTE.new(:maven_metadata_by_path, inner_query) + with(cte.to_arel) + .joins('INNER JOIN maven_metadata_by_path ON maven_metadata_by_path.package_id=packages_packages.id') + else + joins(:maven_metadatum).where(packages_maven_metadata: { path: path }) + end end def self.by_name_and_file_name(name, file_name) diff --git a/changelogs/unreleased/325503-fix-update-all-mirrors-db-performance.yml b/changelogs/unreleased/325503-fix-update-all-mirrors-db-performance.yml new file mode 100644 index 00000000000..88f964bd28c --- /dev/null +++ b/changelogs/unreleased/325503-fix-update-all-mirrors-db-performance.yml @@ -0,0 +1,5 @@ +--- +title: Add partial index to improve mirrors update +merge_request: 57353 +author: +type: performance diff --git a/changelogs/unreleased/deprecated_but_keep_support_for_klar_up_to_3.yml b/changelogs/unreleased/deprecated_but_keep_support_for_klar_up_to_3.yml new file mode 100644 index 00000000000..0dcdfa9e856 --- /dev/null +++ b/changelogs/unreleased/deprecated_but_keep_support_for_klar_up_to_3.yml @@ -0,0 +1,6 @@ +--- +title: Deprecate but keep support for Klar up to version 3. A new analyzer based on + Trivy will be used from version 4 onwards +merge_request: 57281 +author: +type: changed diff --git a/config/feature_flags/development/maven_metadata_by_path_with_optimization_fence.yml b/config/feature_flags/development/maven_metadata_by_path_with_optimization_fence.yml new file mode 100644 index 00000000000..683083e3dae --- /dev/null +++ b/config/feature_flags/development/maven_metadata_by_path_with_optimization_fence.yml @@ -0,0 +1,8 @@ +--- +name: maven_metadata_by_path_with_optimization_fence +introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/57041 +rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/325460 +milestone: '13.11' +type: development +group: group::optimize +default_enabled: false diff --git a/config/feature_flags/ops/usage_data_queries_api.yml b/config/feature_flags/ops/usage_data_queries_api.yml new file mode 100644 index 00000000000..4b6cdad2521 --- /dev/null +++ b/config/feature_flags/ops/usage_data_queries_api.yml @@ -0,0 +1,8 @@ +--- +name: usage_data_queries_api +introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/57016 +rollout_issue_url: +milestone: '13.11' +type: ops +group: group::product intelligence +default_enabled: false diff --git a/config/metrics/counts_all/20210216180922_duration_s.yml b/config/metrics/counts_all/20210216180922_duration_s.yml deleted file mode 100644 index 2ddbd1f25e8..00000000000 --- a/config/metrics/counts_all/20210216180922_duration_s.yml +++ /dev/null @@ -1,19 +0,0 @@ ---- -key_path: topology.duration_s -description: Time it took to collect topology data -product_section: enablement -product_stage: enablement -product_group: group::memory -product_category: -value_type: number -status: data_available -time_frame: all -data_source: prometheus -distribution: -- ce -- ee -tier: -- free -- premium -- ultimate -skip_validation: true diff --git a/config/metrics/counts_all/20210216180924_failures.yml b/config/metrics/counts_all/20210216180924_failures.yml deleted file mode 100644 index 0706ffc7e7f..00000000000 --- a/config/metrics/counts_all/20210216180924_failures.yml +++ /dev/null @@ -1,19 +0,0 @@ ---- -key_path: topology.failures -description: Contains information about failed queries -product_section: enablement -product_stage: enablement -product_group: group::memory -product_category: -value_type: number -status: data_available -time_frame: all -data_source: prometheus -distribution: -- ce -- ee -tier: -- free -- premium -- ultimate -skip_validation: true diff --git a/config/metrics/objects_schemas/topology_schema.json b/config/metrics/objects_schemas/topology_schema.json new file mode 100644 index 00000000000..c422966c5c5 --- /dev/null +++ b/config/metrics/objects_schemas/topology_schema.json @@ -0,0 +1,43 @@ +{ + "type": "object", + "required": ["duration", "failures"], + "properties": { + "duration": { "type": "number", "description": "The time it took to collect topology data" }, + "failures": { "type": "array", "description": "The information about failed queries" }, + "application_requests_per_hour": { "type": "number", "description": "The number of requests to the web application per hour" }, + "nodes": { + "type": "array", + "items": { + "type": "object", + "properties": { + "node_cpus": { "type": "number", "description": "The number of CPU cores of this node" }, + "node_cpu_utilization": { "type": "number", "description": "The CPU utilization ratio of this node" }, + "node_memory_total_bytes": { "type": "number", "description": "The total available memory of this node" }, + "node_memory_utilization": { "type": "number", "description": "The memory utilization ratio of this node" }, + "node_services": { + "type": "array", + "items": { + "type": "object", + "properties": { + "name": { "type": "string", "description": "The name of the GitLab service running on this node" }, + "server": { "type": "string", "description": "The type of web server used (Unicorn or Puma)" }, + "process_count": { "type": "number", "description": "The number of processes running for this service" }, + "process_memory_rss": { "type": "number", "description": "The average Resident Set Size of a service process" }, + "process_memory_uss": { "type": "number", "description": "The average Unique Set Size of a service process" }, + "process_memory_pss": { "type": "number", "description": "The average Proportional Set Size of a service proces" } + } + } + }, + "node_uname_info": { + "type": "object", + "properties": { + "machine": { "type": "string", "description": "The machine hardware name of this node" }, + "release": { "type": "string", "description": "The operating system release of this node" }, + "sysname": { "type": "string", "description": "The operating system name of this node" } + } + } + } + } + } + } +} diff --git a/config/metrics/settings/20210323120839_topology.yml b/config/metrics/settings/20210323120839_topology.yml new file mode 100644 index 00000000000..9cc32b75790 --- /dev/null +++ b/config/metrics/settings/20210323120839_topology.yml @@ -0,0 +1,21 @@ +--- +key_path: topology +description: Topology data +product_section: enablement +product_stage: enablement +product_group: group::memory +product_category: +value_type: object +status: data_available +milestone: "13.11" +introduced_by_url: https://gitlab.com/groups/gitlab-org/-/epics/3209 +time_frame: none +data_source: prometheus +distribution: +- ce +- ee +tier: +- free +- premium +- ultimate +object_json_schema: 'config/metrics/objects_schemas/topology_schema.json' diff --git a/config/sidekiq_queues.yml b/config/sidekiq_queues.yml index 3f6d919f5e9..f3fcb00fee4 100644 --- a/config/sidekiq_queues.yml +++ b/config/sidekiq_queues.yml @@ -36,6 +36,8 @@ - 1 - - analytics_usage_trends_counter_job - 1 +- - approval_rules_external_approval_rule_payload + - 1 - - approve_blocked_pending_approval_users - 1 - - authorized_keys diff --git a/db/migrate/20210324112439_add_index_mirror_data_on_retry_next_execution_where_status.rb b/db/migrate/20210324112439_add_index_mirror_data_on_retry_next_execution_where_status.rb new file mode 100644 index 00000000000..68ce5363b70 --- /dev/null +++ b/db/migrate/20210324112439_add_index_mirror_data_on_retry_next_execution_where_status.rb @@ -0,0 +1,28 @@ +# frozen_string_literal: true + +# See https://docs.gitlab.com/ee/development/migration_style_guide.html +# for more information on how to write migrations for GitLab. + +class AddIndexMirrorDataOnRetryNextExecutionWhereStatus < ActiveRecord::Migration[6.0] + include Gitlab::Database::MigrationHelpers + + DOWNTIME = false + + INDEX_NAME = 'index_mirror_data_non_scheduled_or_started' + + disable_ddl_transaction! + + def up + add_concurrent_index :project_mirror_data, + [:next_execution_timestamp, :retry_count], + where: "(status)::text <> ALL ('{scheduled,started}'::text[])", + name: INDEX_NAME + end + + def down + remove_concurrent_index :project_mirror_data, + [:next_execution_timestamp, :retry_count], + where: "(status)::text <> ALL ('{scheduled,started}'::text[])", + name: INDEX_NAME + end +end diff --git a/db/schema_migrations/20210324112439 b/db/schema_migrations/20210324112439 new file mode 100644 index 00000000000..e0cf51c3a54 --- /dev/null +++ b/db/schema_migrations/20210324112439 @@ -0,0 +1 @@ +7e6dd4e247ad6b610ebebcf59b4212fd0d2258c8fff008d525b891da872613e5
\ No newline at end of file diff --git a/db/structure.sql b/db/structure.sql index cfb660ea346..dd8c2a2d0f6 100644 --- a/db/structure.sql +++ b/db/structure.sql @@ -23082,6 +23082,8 @@ CREATE INDEX index_milestones_on_title ON milestones USING btree (title); CREATE INDEX index_milestones_on_title_trigram ON milestones USING gin (title gin_trgm_ops); +CREATE INDEX index_mirror_data_non_scheduled_or_started ON project_mirror_data USING btree (next_execution_timestamp, retry_count) WHERE ((status)::text <> ALL ('{scheduled,started}'::text[])); + CREATE INDEX index_mirror_data_on_next_execution_and_retry_count ON project_mirror_data USING btree (next_execution_timestamp, retry_count); CREATE UNIQUE INDEX index_mr_blocks_on_blocking_and_blocked_mr_ids ON merge_request_blocks USING btree (blocking_merge_request_id, blocked_merge_request_id); diff --git a/doc/administration/maintenance_mode/img/maintenance_mode_error_message.png b/doc/administration/maintenance_mode/img/maintenance_mode_error_message.png Binary files differnew file mode 100644 index 00000000000..b2044f9717d --- /dev/null +++ b/doc/administration/maintenance_mode/img/maintenance_mode_error_message.png diff --git a/doc/administration/maintenance_mode/index.md b/doc/administration/maintenance_mode/index.md index 1cdbda05749..437f59247f6 100644 --- a/doc/administration/maintenance_mode/index.md +++ b/doc/administration/maintenance_mode/index.md @@ -67,7 +67,7 @@ The banner can be customized with a specific message. An error is displayed when a user tries to perform a write operation that isn't allowed. - + NOTE: In some cases, the visual feedback from an action could be misleading, for example when starring a project, the **Star** button changes to show the **Unstar** action, however, this is only the frontend update, and it doesn't take into account the failed status of the POST request. These visual bugs are to be fixed [in follow-up iterations](https://gitlab.com/gitlab-org/gitlab/-/issues/295197). diff --git a/doc/administration/maintenance_mode/maintenance_mode_error_message.png b/doc/administration/maintenance_mode/maintenance_mode_error_message.png Binary files differdeleted file mode 100644 index 4b422a719ca..00000000000 --- a/doc/administration/maintenance_mode/maintenance_mode_error_message.png +++ /dev/null diff --git a/doc/ci/jobs/index.md b/doc/ci/jobs/index.md index 10a9b9a886b..b41c2123b98 100644 --- a/doc/ci/jobs/index.md +++ b/doc/ci/jobs/index.md @@ -227,6 +227,9 @@ job1: - echo -e "\e[0Ksection_end:`date +%s`:my_first_section\r\e[0K" ``` +Depending on the shell that your runner uses, for example if it is using ZSH, you may need to +escape the special characters like so: `\\e` and `\\r`. + In the example above: - `date +%s`: The Unix timestamp (for example `1560896352`). diff --git a/doc/development/cicd/templates.md b/doc/development/cicd/templates.md index ed0d217c247..fd1456a1676 100644 --- a/doc/development/cicd/templates.md +++ b/doc/development/cicd/templates.md @@ -1,6 +1,6 @@ --- -stage: Release -group: Release +stage: Verify +group: Pipeline Authoring info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments type: index, concepts, howto --- @@ -9,27 +9,214 @@ type: index, concepts, howto This document explains how to develop [GitLab CI/CD templates](../../ci/examples/README.md). -## Place the template file in a relevant directory +## Requirements for CI/CD templates + +Before submitting a merge request with a new or updated CI/CD template, you must: + +- Place the template in the correct [directory](#template-directories). +- Follow the [CI/CD template authoring guidelines](#template-authoring-guidelines). +- Name the template following the `*.gitlab-ci.yml` format. +- Use valid [`.gitlab-ci.yml` syntax](../../ci/yaml/README.md). Verify it's valid + with the [CI/CD lint tool](../../ci/lint.md). +- Include [a changelog](../changelog.md) if the merge request introduces a user-facing change. +- Follow the [template review process](#contribute-cicd-template-merge-requests). +- (Optional but highly recommended) Test the template in an example GitLab project + that reviewers can access. Reviewers might not be able to create the data or configuration + that the template requires, so an example project helps the reviewers ensure the + template is correct. The example project pipeline should succeed before submitting + the merge request for review. + +## Template directories + +All template files are saved in `lib/gitlab/ci/templates`. Save general templates +in this directory, but certain template types have a specific directory reserved for +them. The ability to [select a template in new file UI](#make-sure-the-new-template-can-be-selected-in-ui) +is determined by the directory it is in: + +| Sub-directory | Selectable in UI | Template type | +|----------------|------------------|---------------| +| `/*` (root) | Yes | General templates. | +| `/AWS/*` | No | Templates related to Cloud Deployment (AWS). | +| `/Jobs/*` | No | Templates related to Auto DevOps. | +| `/Pages/*` | Yes | Sample templates for using Static site generators with GitLab Pages. | +| `/Security/*` | Yes | Templates related to Security scanners. | +| `/Terraform/*` | No | Templates related to infrastructure as Code (Terraform). | +| `/Verify/*` | Yes | Templates related to Testing features. | +| `/Workflows/*` | No | Sample templates for using the `workflow:` keyword. | + +## Template authoring guidelines + +Use the following guidelines to ensure your template submission follows standards: + +### Template types + +Templates have two different types that impact the way the template should be written +and used. The style in a template should match one of these two types: + +A **pipeline template** provides an end-to-end CI/CD workflow that matches a project's +structure, language, and so on. It usually should be used by itself in projects that +don't have any other `.gitlab-ci.yml` files. + +When authoring pipeline templates: + +- Place any [global keywords](../../ci/yaml/README.md#global-keywords) like `image` + or `before_script` in a [`default`](../../ci/yaml/README.md#custom-default-keyword-values) + section at the top of the template. +- Note clearly in the [code comments](#explain-the-template-with-comments) if the + template is designed to be used with the `includes` keyword in an existing + `.gitlab-ci.yml` file or not. + +A **job template** provides specific jobs that can be added to an existing CI/CD +workflow to accomplish specific tasks. It usually should be used by adding it to +an existing `.gitlab-ci.yml` file by using the [`includes`](../../ci/yaml/README.md#global-keywords) +keyword. You can also copy and paste the contents into an existing `.gitlab-ci.yml` file. + +Configure job templates so that users can add them to their current pipeline with very +few or no modifications. It must be configured to reduce the risk of conflicting with +other pipeline configuration. + +When authoring job templates: + +- Do not use [global](../../ci/yaml/README.md#global-keywords) or [`default`](../../ci/yaml/README.md#custom-default-keyword-values) + keywords. When a root `.gitlab-ci.yml` includes a template, global or default keywords + might be overridden and cause unexpected behavior. If a job template requires a + specific stage, explain in the code comments that users must manually add the stage + to the main `.gitlab-ci.yml` configuration. +- Note clearly in [code comments](#explain-the-template-with-comments) that the template + is designed to be used with the `includes` keyword or copied into an existing configuration. +- Consider [versioning](#versioning) the template with latest and stable versions + to avoid [backward compatibility](#backward-compatibility) problems. + Maintenance of this type of template is more complex, because changes to templates + imported with `includes` can break pipelines for all projects using the template. + +Additional points to keep in mind when authoring templates: + +| Template design points | Pipeline templates | Job templates | +|------------------------------------------------------|--------------------|---------------| +| Can use global keywords, including `stages`. | Yes | No | +| Can define jobs. | Yes | Yes | +| Can be selected in the new file UI | Yes | Yes | +| Can include other job templates with `include` | Yes | No | +| Can include other pipeline templates with `include`. | No | No | + +### Syntax guidelines + +To make templates easier to follow, templates should all use clear syntax styles, +with a consistent format. + +#### Do not hardcode the default branch + +Use [`$CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH`](../../ci/variables/predefined_variables.md) +instead of a hardcoded `main` branch, and never use `master`: -All template files reside in the `lib/gitlab/ci/templates` directory, and are categorized by the following sub-directories: +```yaml +job1: + rules: + if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH + script: + echo "example job 1" + +job2: + only: + variables: + - $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH + script: + echo "example job 2" + +``` + +#### Use `rules` instead of `only` or `except` + +Avoid using [`only` or `except`](../../ci/yaml/README.md#onlyexcept-basic) if possible. +Only and except is not being developed any more, and [`rules`](../../ci/yaml/README.md#rules) +is now the preferred syntax: + +```yaml +job2: + script: + - echo + rules: + - if: $CI_COMMIT_BRANCH +``` + +#### Break up long commands + +If a command is very long, or has many command line flags, like `-o` or `--option`: + +- Split these up into a multi-line command to make it easier to see every part of the command. +- Use the long name for the flags, when available. + +For example, with a long command with short CLI flags like +`docker run --e SOURCE_CODE="$PWD" -v "$PWD":/code -v /var/run/docker.sock:/var/run/docker.sock "$CODE_QUALITY_IMAGE" /code`: + +```yaml +job1: + script: + - docker run + --env SOURCE_CODE="$PWD" + --volume "$PWD":/code + --volume /var/run/docker.sock:/var/run/docker.sock + "$CODE_QUALITY_IMAGE" /code +``` -| Sub-directory | Content | [Selectable in UI](#make-sure-the-new-template-can-be-selected-in-ui) | -|----------------|----------------------------------------------------|-----------------------------------------------------------------------| -| `/AWS/*` | Cloud Deployment (AWS) related jobs | No | -| `/Jobs/*` | Auto DevOps related jobs | No | -| `/Pages/*` | Static site generators for GitLab Pages (for example Jekyll) | Yes | -| `/Security/*` | Security related jobs | Yes | -| `/Terraform/*` | Infrastructure as Code related templates | No | -| `/Verify/*` | Verify/testing related jobs | Yes | -| `/Workflows/*` | Common uses of the `workflow:` keyword | No | -| `/*` (root) | General templates | Yes | +You can also use the `|` and `>` YAML operators to [split up multi-line commands](../../ci/yaml/script.md#split-long-commands). -## Criteria +### Explain the template with comments -The file must follow the [`.gitlab-ci.yml` syntax](../../ci/yaml/README.md). -Verify it's valid by pasting it into the CI lint tool at `https://gitlab.com/gitlab-org/gitlab/-/ci/lint`. +You can access template contents from the new file menu, and this might be the only +place users see information about the template. It's important to clearly document +the behavior of the template directly in the template itself. -Also, all templates must be named with the `*.gitlab-ci.yml` suffix. +The following guidelines cover the basic comments expected in all template submissions. +Add additional comments as needed if you think the comments can help users or +[template reviewers](#contribute-cicd-template-merge-requests). + +#### Explain requirements and expectations + +Give the details on how to use the template in `#` comments at the top of the file. +This includes: + +- Repository/project requirements. +- Expected behavior. +- Any places that need to be edited by users before using the template. +- If the template should be used by copy pasting it into a configuration file, or + by using it with the `include` keyword in an existing pipeline. +- If any variables need to be saved in the project's CI/CD settings. + +```yaml +# Use this template to publish an application that uses the ABC server. +# You can copy and paste this template into a new `.gitlab-ci.yml` file. +# You should not add this template to an existing `.gitlab-ci.yml` file by using the `include:` keyword. +# +# Requirements: +# - An ABC project with content saved in /content and tests in /test +# - A CI/CD variable named ABC-PASSWORD saved in the project CI/CD settings. The value +# should be the password used to deploy to your ABC server. +# - An ABC server configured to listen on port 12345. +# +# You must change the URL on line 123 to point to your ABC server and port. +# +# For more information, see https://gitlab.com/example/abcserver/README.md + +job1: + ... +``` + +#### Explain how variables affect template behavior + +If the template uses variables, explain them in `#` comments where they are first +defined. You can skip the comment when the variable is trivially clear: + +```yaml +variables: # Good to have a comment here, for example: + TEST_CODE_PATH: <path/to/code> # Update this variable with the relative path to your Ruby specs + +job1: + variables: + ERROR_MESSAGE: "The $TEST_CODE_PATH path is invalid" # (No need for a comment here, it's already clear) + script: + - echo ${ERROR_MESSAGE} +``` ### Backward compatibility @@ -65,18 +252,6 @@ users have to fix their `.gitlab-ci.yml` that could annoy their workflow. Please read [versioning](#versioning) section for introducing breaking change safely. -### Best practices - -- Avoid using [global keywords](../../ci/yaml/README.md#global-keywords), - such as `image`, `stages` and `variables` at top-level. - When a root `.gitlab-ci.yml` [includes](../../ci/yaml/README.md#include) - multiple templates, these global keywords could be overridden by the - others and cause an unexpected behavior. -- Include [a changelog](../changelog.md) if your merge request introduces a user-facing change. -- Use [`$CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH`](../../ci/variables/predefined_variables.md) - instead of a hardcoded `main` branch, and never use `master`. -- Use [`rules`](../../ci/yaml/README.md#rules) instead of [`only` or `except`](../../ci/yaml/README.md#onlyexcept-basic), if possible. - ## Versioning Versioning allows you to introduce a new template without modifying the existing @@ -135,7 +310,7 @@ include: ### Further reading There is an [open issue](https://gitlab.com/gitlab-org/gitlab/-/issues/17716) about -introducing versioning concepts in GitLab CI Templates. You can check that issue to +introducing versioning concepts in GitLab CI/CD templates. You can check that issue to follow the progress. ## Testing @@ -157,7 +332,7 @@ This is useful information for reviewers to make sure the template is safe to be ### Make sure the new template can be selected in UI -Templates located under some directories are also [selectable in the **New file** UI](#place-the-template-file-in-a-relevant-directory). +Templates located under some directories are also [selectable in the **New file** UI](#template-directories). When you add a template into one of those directories, make sure that it correctly appears in the dropdown:  @@ -187,6 +362,10 @@ A template could contain malicious code. For example, a template that contains t might accidentally expose secret project CI/CD variables in a job log. If you're unsure if it's secure or not, you need to ask security experts for cross-validation. -## Contribute CI/CD Template Merge Requests +## Contribute CI/CD template merge requests -After your CI/CD Template MR is created and labeled with `ci::templates`, DangerBot suggests one reviewer and one maintainer that can review your code. When your merge request is ready for review, please `@mention` the reviewer and ask them to review your CI/CD Template changes. See details in the merge request that added [a DangerBot task for CI/CD Template MRs](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/44688). +After your CI/CD template MR is created and labeled with `ci::templates`, DangerBot +suggests one reviewer and one maintainer that can review your code. When your merge +request is ready for review, please `@mention` the reviewer and ask them to review +your CI/CD template changes. See details in the merge request that added +[a DangerBot task for CI/CD template MRs](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/44688). diff --git a/doc/development/code_review.md b/doc/development/code_review.md index cbfa63ee560..083398a840d 100644 --- a/doc/development/code_review.md +++ b/doc/development/code_review.md @@ -38,14 +38,15 @@ Depending on the areas your merge request touches, it must be **approved** by on or more [maintainers](https://about.gitlab.com/handbook/engineering/workflow/code-review/#maintainer): For approvals, we use the approval functionality found in the merge request -widget. Reviewers can add their approval by [approving additionally](../user/project/merge_requests/merge_request_approvals.md#adding-or-removing-an-approval). +widget. For reviewers, we use the [reviewer functionality](../user/project/merge_requests/getting_started.md#reviewer) in the sidebar. +Reviewers can add their approval by [approving additionally](../user/project/merge_requests/merge_request_approvals.md#adding-or-removing-an-approval). Getting your merge request **merged** also requires a maintainer. If it requires more than one approval, the last maintainer to review and approve merges it. ### Domain experts -Domain experts are team members who have substantial experience with a specific technology, product feature or area of the codebase. Team members are encouraged to self-identify as domain experts and add it to their [team profile](https://gitlab.com/gitlab-com/www-gitlab-com/-/blob/master/data/team.yml) +Domain experts are team members who have substantial experience with a specific technology, product feature or area of the codebase. Team members are encouraged to self-identify as domain experts and add it to their [team profile](https://gitlab.com/gitlab-com/www-gitlab-com/-/blob/master/data/team.yml). When self-identifying as a domain expert, it is recommended to assign the MR changing the `team.yml` to be merged by an already established Domain Expert or a corresponding Engineering Manager. @@ -137,9 +138,11 @@ View the updated documentation regarding [internal application security reviews] ### The responsibility of the merge request author The responsibility to find the best solution and implement it lies with the -merge request author. +merge request author. The author or [directly responsible individual](https://about.gitlab.com/handbook/people-group/directly-responsible-individuals/) +will stay assigned to the merge request as the assignee throughout +the code review lifecycle. If you are unable to set yourself as an assignee, ask a [reviewer](https://about.gitlab.com/handbook/engineering/workflow/code-review/#reviewer) to do this for you. -Before assigning a merge request to a maintainer for approval and merge, they +Before requesting a review from a maintainer to approve and merge, they should be confident that: - It actually solves the problem it was meant to solve. @@ -184,9 +187,9 @@ Avoid: [include a link to the relevant issue](code_comments.md). - Adding comments which only explain what the code is doing. If non-TODO comments are added, they should [_explain why, not what_](https://blog.codinghorror.com/code-tells-you-how-comments-tell-you-why/). -- Assigning merge requests with failed tests to maintainers. If the tests are failing and you have to assign, ensure you leave a comment with an explanation. +- Requesting maintainer reviews of merge requests with failed tests. If the tests are failing and you have to request a review, ensure you leave a comment with an explanation. - Excessively mentioning maintainers through email or Slack (if the maintainer is reachable -through Slack). If you can't assign a merge request, `@` mentioning a maintainer in a comment is acceptable and in all other cases assigning the merge request is sufficient. +through Slack). If you can't add a reviewer for a merge request, `@` mentioning a maintainer in a comment is acceptable and in all other cases adding a reviewer is sufficient. This saves reviewers time and helps authors catch mistakes earlier. @@ -196,9 +199,10 @@ This saves reviewers time and helps authors catch mistakes earlier. that it meets all requirements, you should: - Click the Approve button. -- Advise the author their merge request has been reviewed and approved. -- Assign the merge request to a maintainer. Default to assigning it to a maintainer with [domain expertise](#domain-experts), +- `@` mention the author to generate a to-do notification, and advise them that their merge request has been reviewed and approved. +- Request a review from a maintainer. Default to requests for a maintainer with [domain expertise](#domain-experts), however, if one isn't available or you think the merge request doesn't need a review by a [domain expert](#domain-experts), feel free to follow the [Reviewer roulette](#reviewer-roulette) suggestion. +- Remove yourself as a reviewer. ### The responsibility of the maintainer @@ -226,7 +230,7 @@ If a developer who happens to also be a maintainer was involved in a merge reque as a reviewer, it is recommended that they are not also picked as the maintainer to ultimately approve and merge it. Maintainers should check before merging if the merge request is approved by the -required approvers. +required approvers. If still awaiting further approvals from others, remove yourself as a reviewer then `@` mention the author and explain why in a comment. Stay as reviewer if you're merging the code. Maintainers must check before merging if the merge request is introducing new vulnerabilities, by inspecting the list in the Merge Request @@ -244,6 +248,19 @@ Note that certain Merge Requests may target a stable branch. These are rare events. These types of Merge Requests cannot be merged by the Maintainer. Instead these should be sent to the [Release Manager](https://about.gitlab.com/community/release-managers/). +After merging, a maintainer should stay as the reviewer listed on the merge request. + +### Dogfooding the Reviewers feature + +In March 18th 2021, an updated process was put in place aimed at efficiently and consistently dogfooding the Reviewers feature. + +Here is a summary of the changes, also reflected in this section above. + +- Merge request authors and DRIs stay as Assignees +- Authors request a review from Reviewers when they are expected to review +- Reviewers remove themselves after they're done reviewing/approving +- The last approver stays as Reviewer upon merging + ## Best practices ### Everyone @@ -303,11 +320,11 @@ first time. - Push commits based on earlier rounds of feedback as isolated commits to the branch. Do not squash until the branch is ready to merge. Reviewers should be able to read individual updates based on their earlier feedback. -- Assign the merge request back to the reviewer once you are ready for another round of - review. If you do not have the ability to assign merge requests, `@` +- Request a new review from the reviewer once you are ready for another round of + review. If you do not have the ability to request a review, `@` mention the reviewer instead. -### Assigning a merge request for a review +### Requesting a review When you are ready to have your merge request reviewed, you should request an initial review by assigning it to a reviewer from your group or team. @@ -321,11 +338,11 @@ Sometimes, a maintainer may not be available for review. They could be out of th You can and should check the maintainer's availability in their profile. If the maintainer recommended by the roulette is not available, choose someone else from that list. -It is responsibility of the author of a merge request that the merge request is reviewed. If it stays in `ready for review` state too long it is recommended to assign it to a specific reviewer. +It is the responsibility of the author for the merge request to be reviewed. If it stays in the `ready for review` state too long it is recommended to request a review from a specific reviewer. #### List of merge requests ready for review -Developers who have capacity can regularly check the list of [merge requests to review](https://gitlab.com/groups/gitlab-org/-/merge_requests?state=opened&label_name%5B%5D=workflow%3A%3Aready%20for%20review) and assign any merge request they want to review. +Developers who have capacity can regularly check the list of [merge requests to review](https://gitlab.com/groups/gitlab-org/-/merge_requests?state=opened&label_name%5B%5D=workflow%3A%3Aready%20for%20review) and add themselves as a reviewer for any merge request they want to review. ### Reviewing a merge request @@ -350,8 +367,7 @@ experience, refactors the existing code). Then: if necessary. If blocked by one or more open MRs, set an [MR dependency](../user/project/merge_requests/merge_request_dependencies.md). - After a round of line notes, it can be helpful to post a summary note such as "Looks good to me", or "Just a couple things to address." -- Assign the merge request to the author if changes are required following your - review. +- Let the author know if changes are required following your review. ### Merging a merge request @@ -370,8 +386,7 @@ those changes directly without going back to the author. You can do this by using the [suggest changes](../user/discussions/index.md#suggest-changes) feature to apply your own suggestions to the merge request. Note that: -- If the changes are not straightforward, please prefer assigning the merge request back - to the author. +- If the changes are not straightforward, please prefer allowing the author to make the change. - **Before applying suggestions**, edit the merge request to make sure [squash and merge](../user/project/merge_requests/squash_and_merge.md#squash-and-merge) @@ -499,7 +514,7 @@ Enterprise Edition instance. This has some implications: ### Review turnaround time Because [unblocking others is always a top priority](https://about.gitlab.com/handbook/values/#global-optimization), -reviewers are expected to review assigned merge requests in a timely manner, +reviewers are expected to review merge requests in a timely manner, even when this may negatively impact their other tasks and priorities. Doing so allows everyone involved in the merge request to iterate faster as the @@ -514,7 +529,7 @@ To ensure swift feedback to ready-to-review code, we maintain a `Review-response If you don't think you can review a merge request in the `Review-response` SLO time frame, let the author know as soon as possible and try to help them find another reviewer or maintainer who is able to, so that they can be unblocked -and get on with their work quickly. +and get on with their work quickly. Remove yourself as a reviewer. If you think you are at capacity and are unable to accept any more reviews until some have been completed, communicate this through your GitLab status by setting @@ -528,7 +543,7 @@ this through your GitLab.com Status, authors are expected to realize this and find a different reviewer themselves. When a merge request author has been blocked for longer than -the `Review-response` SLO, they are free to remind the reviewer through Slack or assign +the `Review-response` SLO, they are free to remind the reviewer through Slack or add another reviewer. ### Customer critical merge requests @@ -538,7 +553,7 @@ A merge request may benefit from being considered a customer critical priority b Properties of customer critical merge requests: - The [Senior Director of Development](https://about.gitlab.com/job-families/engineering/engineering-management/#senior-director-engineering) ([@clefelhocz1](https://gitlab.com/clefelhocz1)) is the DRI for deciding if a merge request is customer critical. -- The DRI assigns the `customer-critical-merge-request` label to the merge request. +- The DRI applies the `customer-critical-merge-request` label to the merge request. - It is required that the reviewer(s) and maintainer(s) involved with a customer critical merge request are engaged as soon as this decision is made. - It is required to prioritize work for those involved on a customer critical merge request so that they have the time available necessary to focus on it. - It is required to adhere to GitLab [values](https://about.gitlab.com/handbook/values/) and processes when working on customer critical merge requests, taking particular note of family and friends first/work second, definition of done, iteration, and release when it's ready. diff --git a/doc/development/database_review.md b/doc/development/database_review.md index a19f46b2198..3cc593be500 100644 --- a/doc/development/database_review.md +++ b/doc/development/database_review.md @@ -67,8 +67,8 @@ A database **reviewer**'s role is to: - Ensure the [required](#required) artifacts are provided and in the proper format. If they are not, reassign the merge request back to the author. - Perform a first-pass review on the MR and suggest improvements to the author. - Once satisfied, relabel the MR with ~"database::reviewed", approve it, and - reassign MR to the database **maintainer** suggested by Reviewer - Roulette. + request a review from the database **maintainer** suggested by Reviewer + Roulette. Remove yourself as a reviewer once this has been done. A database **maintainer**'s role is to: @@ -78,12 +78,13 @@ A database **maintainer**'s role is to: - Finally approve the MR and relabel the MR with ~"database::approved" - Merge the MR if no other approvals are pending or pass it on to other maintainers as required (frontend, backend, docs). + - If not merging, remove yourself as a reviewer. ### Distributing review workload Review workload is distributed using [reviewer roulette](code_review.md#reviewer-roulette) ([example](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/25181#note_147551725)). -The MR author should then co-assign the suggested database +The MR author should request a review from the suggested database **reviewer**. When they give their sign-off, they will hand over to the suggested database **maintainer**. diff --git a/doc/development/fe_guide/img/editor_lite_create_ext.png b/doc/development/fe_guide/img/editor_lite_create_ext.png Binary files differindex 73941cf5d62..9092c4b725c 100644 --- a/doc/development/fe_guide/img/editor_lite_create_ext.png +++ b/doc/development/fe_guide/img/editor_lite_create_ext.png diff --git a/doc/development/usage_ping/dictionary.md b/doc/development/usage_ping/dictionary.md index bd915f9d1e2..571f5149d24 100644 --- a/doc/development/usage_ping/dictionary.md +++ b/doc/development/usage_ping/dictionary.md @@ -14000,23 +14000,13 @@ Status: `data_available` Tiers: `free`, `premium`, `ultimate` -### `topology.duration_s` +### `topology` -Time it took to collect topology data +Topology data -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180922_duration_s.yml) +[Object JSON schema](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/objects_schemas/topology_schema.json) -Group: `group::memory` - -Status: `data_available` - -Tiers: `free`, `premium`, `ultimate` - -### `topology.failures` - -Contains information about failed queries - -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180924_failures.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/settings/20210323120839_topology.yml) Group: `group::memory` diff --git a/doc/development/usage_ping/index.md b/doc/development/usage_ping/index.md index 630bb6ccf90..c8bc995f40c 100644 --- a/doc/development/usage_ping/index.md +++ b/doc/development/usage_ping/index.md @@ -785,6 +785,16 @@ end Please refer to [the `PrometheusClient` definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/prometheus_client.rb) for how to use its API to query for data. +### Fallback values for UsagePing + +We return fallback values in these cases: + +| Case | Value | +|-----------------------------|-------| +| Deprecated Metric | -1000 | +| Timeouts, general failures | -1 | +| Standard errors in counters | -2 | + ## Developing and testing Usage Ping ### 1. Naming and placing the metrics diff --git a/doc/integration/jira/connect-app.md b/doc/integration/jira/connect-app.md new file mode 100644 index 00000000000..2e6e4753f9e --- /dev/null +++ b/doc/integration/jira/connect-app.md @@ -0,0 +1,58 @@ +--- +stage: Create +group: Ecosystem +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +--- + +# GitLab for Jira app **(FREE SAAS)** + +You can integrate GitLab.com and Jira Cloud using the +[GitLab for Jira](https://marketplace.atlassian.com/apps/1221011/gitlab-com-for-jira-cloud) +app in the Atlassian Marketplace. The user configuring GitLab for Jira must have +[Maintainer](../../user/permissions.md) permissions in the GitLab namespace. + +This method is recommended when using GitLab.com and Jira Cloud because data is synchronized in real-time. The DVCS connector updates data only once per hour. If you are not using both of these environments, use the [Jira DVCS Connector](dvcs.md) method. + +<i class="fa fa-youtube-play youtube" aria-hidden="true"></i> +For a walkthrough of the integration with GitLab for Jira, watch [Configure GitLab Jira Integration using Marketplace App](https://youtu.be/SwR-g1s1zTo) on YouTube. + +1. Go to **Jira Settings > Apps > Find new apps**, then search for GitLab. +1. Click **GitLab for Jira**, then click **Get it now**, or go to the + [App in the marketplace directly](https://marketplace.atlassian.com/apps/1221011/gitlab-com-for-jira-cloud). + +  +1. After installing, click **Get started** to go to the configurations page. + This page is always available under **Jira Settings > Apps > Manage apps**. + +  +1. If not already signed in to GitLab.com, you must sign in as a user with + [Maintainer](../../user/permissions.md) permissions to add namespaces. + +  +1. Select **Add namespace** to open the list of available namespaces. + +1. Identify the namespace you want to link, and select **Link**. + +  + +NOTE: +The GitLab user only needs access when adding a new namespace. For syncing with +Jira, we do not depend on the user's token. + +After a namespace is added: + +- All future commits, branches, and merge requests of all projects under that namespace + are synced to Jira. +- From GitLab 13.8, past merge request data is synced to Jira. + +Support for syncing past branch and commit data [is planned](https://gitlab.com/gitlab-org/gitlab/-/issues/263240). + +For more information, see [Usage](index.md#usage). + +## Troubleshooting GitLab for Jira + +The GitLab for Jira App uses an iframe to add namespaces on the settings page. Some browsers block cross-site cookies. This can lead to a message saying that the user needs to log in on GitLab.com even though the user is already logged in. + +> "You need to sign in or sign up before continuing." + +In this case, use [Firefox](https://www.mozilla.org/en-US/firefox/) or enable cross-site cookies in your browser. diff --git a/doc/integration/jira/dvcs.md b/doc/integration/jira/dvcs.md index 8c2549fae07..c16823325ec 100644 --- a/doc/integration/jira/dvcs.md +++ b/doc/integration/jira/dvcs.md @@ -7,7 +7,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w # Jira DVCS connector If you're using GitLab.com and Jira Cloud, use the -[GitLab for Jira app](index.md#gitlab-for-jira-app) unless you have a specific need for the DVCS Connector. +[GitLab for Jira app](connect-app.md) unless you have a specific need for the DVCS Connector. When configuring Jira DVCS Connector: @@ -46,7 +46,7 @@ create and use a single-purpose `jira` user in GitLab. ## Jira DVCS Connector setup If you're using GitLab.com and Jira Cloud, use the -[GitLab for Jira app](index.md#gitlab-for-jira-app) unless you have a specific need for the DVCS Connector. +[GitLab for Jira app](connect-app.md) unless you have a specific need for the DVCS Connector. 1. Ensure you have completed the [GitLab configuration](#gitlab-account-configuration-for-dvcs). 1. If you're using Jira Server, go to **Settings (gear) > Applications > DVCS accounts**. diff --git a/doc/integration/jira/index.md b/doc/integration/jira/index.md index 494a95fa1f0..86bda729c8a 100644 --- a/doc/integration/jira/index.md +++ b/doc/integration/jira/index.md @@ -49,59 +49,6 @@ self-managed GitLab) set up the integration to simplify administration. | [Atlassian cloud](https://www.atlassian.com/cloud) | The [GitLab.com for Jira Cloud](https://marketplace.atlassian.com/apps/1221011/gitlab-com-for-jira-cloud?hosting=cloud&tab=overview) application installed from the [Atlassian Marketplace](https://marketplace.atlassian.com). This offers real-time sync between GitLab and Jira. | The [GitLab.com for Jira Cloud](https://marketplace.atlassian.com/apps/1221011/gitlab-com-for-jira-cloud?hosting=cloud&tab=overview), using a workaround process. See a [relevant issue](https://gitlab.com/gitlab-org/gitlab/-/issues/268278) for more information. | | Your own server | The Jira DVCS (distributed version control system) connector. This syncs data hourly. | The [Jira DVCS Connector](dvcs.md). | -### GitLab for Jira app **(FREE SAAS)** - -You can integrate GitLab.com and Jira Cloud using the -[GitLab for Jira](https://marketplace.atlassian.com/apps/1221011/gitlab-com-for-jira-cloud) -app in the Atlassian Marketplace. The user configuring GitLab for Jira must have -[Maintainer](../../user/permissions.md) permissions in the GitLab namespace. - -This method is recommended when using GitLab.com and Jira Cloud because data is synchronized in real-time. The DVCS connector updates data only once per hour. If you are not using both of these environments, use the [Jira DVCS Connector](dvcs.md) method. - -<i class="fa fa-youtube-play youtube" aria-hidden="true"></i> -For a walkthrough of the integration with GitLab for Jira, watch [Configure GitLab Jira Integration using Marketplace App](https://youtu.be/SwR-g1s1zTo) on YouTube. - -1. Go to **Jira Settings > Apps > Find new apps**, then search for GitLab. -1. Click **GitLab for Jira**, then click **Get it now**, or go to the - [App in the marketplace directly](https://marketplace.atlassian.com/apps/1221011/gitlab-com-for-jira-cloud). - -  -1. After installing, click **Get started** to go to the configurations page. - This page is always available under **Jira Settings > Apps > Manage apps**. - -  -1. If not already signed in to GitLab.com, you must sign in as a user with - [Maintainer](../../user/permissions.md) permissions to add namespaces. - -  -1. Select **Add namespace** to open the list of available namespaces. - -1. Identify the namespace you want to link, and select **Link**. - -  - -NOTE: -The GitLab user only needs access when adding a new namespace. For syncing with -Jira, we do not depend on the user's token. - -After a namespace is added: - -- All future commits, branches, and merge requests of all projects under that namespace - are synced to Jira. -- From GitLab 13.8, past merge request data is synced to Jira. - -Support for syncing past branch and commit data [is planned](https://gitlab.com/gitlab-org/gitlab/-/issues/263240). - -For more information, see [Usage](#usage). - -#### Troubleshooting GitLab for Jira - -The GitLab for Jira App uses an iframe to add namespaces on the settings page. Some browsers block cross-site cookies. This can lead to a message saying that the user needs to log in on GitLab.com even though the user is already logged in. - -> "You need to sign in or sign up before continuing." - -In this case, use [Firefox](https://www.mozilla.org/en-US/firefox/) or enable cross-site cookies in your browser. - ## Usage After the integration is set up on GitLab and Jira, you can: diff --git a/doc/user/admin_area/img/license_details_v13_8.png b/doc/user/admin_area/img/license_details_v13_8.png Binary files differdeleted file mode 100644 index 00421d8a41d..00000000000 --- a/doc/user/admin_area/img/license_details_v13_8.png +++ /dev/null diff --git a/doc/user/admin_area/license.md b/doc/user/admin_area/license.md index 89417de4bab..d7ff6fafcc2 100644 --- a/doc/user/admin_area/license.md +++ b/doc/user/admin_area/license.md @@ -89,10 +89,7 @@ is active until the end of the license period. When that period ends, the instance will [fall back](#what-happens-when-your-license-expires) to Free-only functionality. -You can review the license details at any time in the **License** section of the -**Admin Area**. - - +You can review the license details at any time by going to **Admin Area > License**. ## Notification before the license expires diff --git a/doc/user/project/img/project_repository_settings.png b/doc/user/project/img/project_repository_settings.png Binary files differdeleted file mode 100644 index 69d36753a58..00000000000 --- a/doc/user/project/img/project_repository_settings.png +++ /dev/null diff --git a/doc/user/project/issues/managing_issues.md b/doc/user/project/issues/managing_issues.md index 26f393bfb4b..be5075d8230 100644 --- a/doc/user/project/issues/managing_issues.md +++ b/doc/user/project/issues/managing_issues.md @@ -361,8 +361,6 @@ Up to five similar issues, sorted by most recently updated, are displayed below To help you track issue statuses, you can assign a status to each issue. This marks issues as progressing as planned or needs attention to keep on schedule: -- **On track** (green) -- **Needs attention** (amber) - On track (green) - Needs attention (amber) - At risk (red) diff --git a/doc/user/project/merge_requests/merge_request_approvals.md b/doc/user/project/merge_requests/merge_request_approvals.md index 00f209bff78..4f243805188 100644 --- a/doc/user/project/merge_requests/merge_request_approvals.md +++ b/doc/user/project/merge_requests/merge_request_approvals.md @@ -23,6 +23,39 @@ This provides a consistent mechanism for reviewers to approve merge requests, an maintainers know a change is ready to merge. Approvals in Free are optional, and do not prevent a merge request from being merged when there is no approval. +## External approvals **(ULTIMATE)** + +> - [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/3869) in GitLab Ultimate 13.10. +> - It's [deployed behind a feature flag](../../feature_flags.md), disabled by default. +> - It's disabled on GitLab.com. +> - It's not recommended for production use. +> - To use it in GitLab self-managed instances, ask a GitLab administrator to [enable it](../../../api/merge_request_approvals.md#enable-or-disable-external-project-level-mr-approvals). **(ULTIMATE SELF)** + +WARNING: +This feature might not be available to you. Check the **version history** note above for details. + +When you create an external approval rule, the following merge request actions sends information +about a merge request to a third party service: + +- Create +- Change +- Close + +This action enables use-cases such as: + +- Integration with 3rd party workflow tools, such as [ServiceNow](https://www.servicenow.co.uk/). +- Integration with custom tools designed to approve merge requests from outside of GitLab. + +You can find more information about use-cases, development timelines and the feature discovery in +the [External API approval rules epic](https://gitlab.com/groups/gitlab-org/-/epics/3869). + +The intention for this feature is to allow those 3rd party tools to approve a merge request similarly to how users current do. + +NOTE: +The lack of an external approval does not block the merging of a merge request. + +You can modify external approval rules through the [REST API](../../../api/merge_request_approvals.md#external-project-level-mr-approvals). + ## Required Approvals **(PREMIUM)** > - [Introduced](https://about.gitlab.com/releases/2015/06/22/gitlab-7-12-released/#merge-request-approvers-ee-only) in GitLab Enterprise Edition 7.12. diff --git a/doc/user/project/protected_tags.md b/doc/user/project/protected_tags.md index 3ea0bb62c0b..260f355349d 100644 --- a/doc/user/project/protected_tags.md +++ b/doc/user/project/protected_tags.md @@ -23,9 +23,7 @@ anyone without Maintainer [permissions](../permissions.md) is prevented from cre To protect a tag, you need to have at least Maintainer [permissions](../permissions.md). -1. Navigate to the project's **Settings > Repository**: - -  +1. Go to the project's **Settings > Repository**. 1. From the **Tag** dropdown menu, select the tag you want to protect or type and click **Create wildcard**. In the screenshot below, we chose to protect all tags matching `v*`: diff --git a/doc/user/project/repository/file_finder.md b/doc/user/project/repository/file_finder.md index 3af7a5045c4..42b82f2c360 100644 --- a/doc/user/project/repository/file_finder.md +++ b/doc/user/project/repository/file_finder.md @@ -7,17 +7,13 @@ disqus_identifier: 'https://docs.gitlab.com/ee/workflow/file_finder.html' # File finder **(FREE)** -> [Introduced](https://github.com/gitlabhq/gitlabhq/pull/9889) in GitLab 8.4. - The file finder feature allows you to search for a file in a repository using the -GitLab UI. - -You can find the **Find File** button when in the **Files** section of a -project. +GitLab UI. To use it: - +1. Go to your project's **Repository > Files**. +1. In the upper right corner, select **Find File**. -If you prefer to keep their fingers on the keyboard, use the +If you prefer to keep your fingers on the keyboard, use the [shortcut button](../../shortcuts.md), which you can invoke from anywhere in a project. diff --git a/doc/user/project/repository/git_blame.md b/doc/user/project/repository/git_blame.md index 0f49932d0c6..198993e21f3 100644 --- a/doc/user/project/repository/git_blame.md +++ b/doc/user/project/repository/git_blame.md @@ -8,17 +8,15 @@ description: "Documentation on Git file blame." # Git file blame **(FREE)** -> [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/commit/39c657930625ddc3ac8a921f01ffc83acadce68f) in GitLab 2.5. - [Git blame](https://git-scm.com/docs/git-blame) provides more information about every line in a file, including the last modified time, author, and -commit hash. - -You can find the **Blame** button with each file in a project. +commit hash. To view it for a file: - +1. Go to your project's **Repository > Files**. +1. Select the file you want to review. +1. In the upper right corner, select **Blame**. -When you select the **Blame** button, this information is shown: +When you select **Blame**, this information is displayed:  diff --git a/doc/user/project/repository/git_history.md b/doc/user/project/repository/git_history.md index 1b30a0b0f5f..356f02a4902 100644 --- a/doc/user/project/repository/git_history.md +++ b/doc/user/project/repository/git_history.md @@ -8,16 +8,13 @@ description: "Documentation on Git file history." # Git file history **(FREE)** -> [Introduced](https://gitlab.com/gitlab-org/gitlab/blob/9ba1224867665844b117fa037e1465bb706b3685/app/controllers/commits_controller.rb) in GitLab 0.8.0 - Git file History provides information about the commit history associated -with a file. - -You can find the **History** button with each file in a project. +with a file. To use it: - +1. Go to your project's **Repository > Files**. +1. In the upper right corner, select **History**. -When you select the **History** button, this information displays: +When you select **History**, this information is displayed:  diff --git a/doc/user/project/repository/img/contributors_graph.png b/doc/user/project/repository/img/contributors_graph.png Binary files differindex c31da7aa1ff..83fdf1fc41f 100644 --- a/doc/user/project/repository/img/contributors_graph.png +++ b/doc/user/project/repository/img/contributors_graph.png diff --git a/doc/user/project/repository/img/download_source_code.png b/doc/user/project/repository/img/download_source_code.png Binary files differindex 56808061980..8d62d19b291 100644 --- a/doc/user/project/repository/img/download_source_code.png +++ b/doc/user/project/repository/img/download_source_code.png diff --git a/doc/user/project/repository/img/file_blame_button_v12_6.png b/doc/user/project/repository/img/file_blame_button_v12_6.png Binary files differdeleted file mode 100644 index e7aa0d1ea3f..00000000000 --- a/doc/user/project/repository/img/file_blame_button_v12_6.png +++ /dev/null diff --git a/doc/user/project/repository/img/file_finder_find_button_v12_10.png b/doc/user/project/repository/img/file_finder_find_button_v12_10.png Binary files differdeleted file mode 100644 index 51545f63fde..00000000000 --- a/doc/user/project/repository/img/file_finder_find_button_v12_10.png +++ /dev/null diff --git a/doc/user/project/repository/img/file_history_button_v12_6.png b/doc/user/project/repository/img/file_history_button_v12_6.png Binary files differdeleted file mode 100644 index e7aa0d1ea3f..00000000000 --- a/doc/user/project/repository/img/file_history_button_v12_6.png +++ /dev/null diff --git a/doc/user/project/repository/img/forking_workflow_choose_namespace_v13_2.png b/doc/user/project/repository/img/forking_workflow_choose_namespace_v13_2.png Binary files differindex 4843cc671ae..f48cf176ba1 100644 --- a/doc/user/project/repository/img/forking_workflow_choose_namespace_v13_2.png +++ b/doc/user/project/repository/img/forking_workflow_choose_namespace_v13_2.png diff --git a/doc/user/project/repository/img/repo_graph.png b/doc/user/project/repository/img/repo_graph.png Binary files differindex 28da8ad9589..fcccedbc436 100644 --- a/doc/user/project/repository/img/repo_graph.png +++ b/doc/user/project/repository/img/repo_graph.png diff --git a/doc/user/project/repository/jupyter_notebooks/img/jupyter_notebook.png b/doc/user/project/repository/jupyter_notebooks/img/jupyter_notebook.png Binary files differindex 52c5c5aea32..a12fabcdd2a 100644 --- a/doc/user/project/repository/jupyter_notebooks/img/jupyter_notebook.png +++ b/doc/user/project/repository/jupyter_notebooks/img/jupyter_notebook.png diff --git a/doc/user/project/repository/jupyter_notebooks/index.md b/doc/user/project/repository/jupyter_notebooks/index.md index 72b2251e6dc..4b649bab4d9 100644 --- a/doc/user/project/repository/jupyter_notebooks/index.md +++ b/doc/user/project/repository/jupyter_notebooks/index.md @@ -13,7 +13,7 @@ interactive computing in many fields and contain a complete record of the user's sessions and include code, narrative text, equations, and rich output. When added to a repository, Jupyter Notebooks with a `.ipynb` extension are -rendered to HTML when viewed. +rendered to HTML when viewed:  diff --git a/doc/user/project/settings/img/general_settings.png b/doc/user/project/settings/img/general_settings.png Binary files differdeleted file mode 100644 index f88a158d2be..00000000000 --- a/doc/user/project/settings/img/general_settings.png +++ /dev/null diff --git a/doc/user/project/settings/img/general_settings_v13_11.png b/doc/user/project/settings/img/general_settings_v13_11.png Binary files differnew file mode 100644 index 00000000000..9da5acdf82e --- /dev/null +++ b/doc/user/project/settings/img/general_settings_v13_11.png diff --git a/doc/user/project/settings/img/merge_requests_settings.png b/doc/user/project/settings/img/merge_requests_settings.png Binary files differdeleted file mode 100644 index b1f2dfa7376..00000000000 --- a/doc/user/project/settings/img/merge_requests_settings.png +++ /dev/null diff --git a/doc/user/project/settings/index.md b/doc/user/project/settings/index.md index 73baab76c8e..849829dc937 100644 --- a/doc/user/project/settings/index.md +++ b/doc/user/project/settings/index.md @@ -23,7 +23,7 @@ functionality of a project. Adjust your project's name, description, avatar, [default branch](../repository/branches/default.md), and topics: - + The project description also partially supports [standard Markdown](../../markdown.md#standard-markdown-and-extensions-in-gitlab). You can use [emphasis](../../markdown.md#emphasis), [links](../../markdown.md#links), and [line-breaks](../../markdown.md#line-breaks) to add more context to the project description. @@ -146,8 +146,6 @@ Set up your project's merge request settings: - Enable [`delete source branch after merge` option by default](../merge_requests/getting_started.md#deleting-the-source-branch) - Configure [suggested changes commit messages](../../discussions/index.md#configure-the-commit-message-for-applied-suggestions) - - ### Service Desk Enable [Service Desk](../service_desk.md) for your project to offer customer support. diff --git a/doc/user/project/web_ide/img/commit_changes_v12_9.png b/doc/user/project/web_ide/img/commit_changes_v12_9.png Binary files differdeleted file mode 100644 index 9a8bb214b3d..00000000000 --- a/doc/user/project/web_ide/img/commit_changes_v12_9.png +++ /dev/null diff --git a/doc/user/project/web_ide/img/commit_changes_v13_11.png b/doc/user/project/web_ide/img/commit_changes_v13_11.png Binary files differnew file mode 100644 index 00000000000..6cd270a6112 --- /dev/null +++ b/doc/user/project/web_ide/img/commit_changes_v13_11.png diff --git a/doc/user/project/web_ide/img/live_preview_v13_0.png b/doc/user/project/web_ide/img/live_preview_v13_0.png Binary files differindex bd04d3d644b..f701e137a6b 100644 --- a/doc/user/project/web_ide/img/live_preview_v13_0.png +++ b/doc/user/project/web_ide/img/live_preview_v13_0.png diff --git a/doc/user/project/web_ide/index.md b/doc/user/project/web_ide/index.md index ac108fddea5..73aed1244db 100644 --- a/doc/user/project/web_ide/index.md +++ b/doc/user/project/web_ide/index.md @@ -190,7 +190,7 @@ To discard a change in a particular file, click the **Discard changes** button o file in the changes tab. To discard all the changes, click the trash icon on the top-right corner of the changes sidebar. - + ## Reviewing changes diff --git a/doc/user/search/img/basic_search.png b/doc/user/search/img/basic_search.png Binary files differindex 234805d5a4f..86aab68f1f0 100644 --- a/doc/user/search/img/basic_search.png +++ b/doc/user/search/img/basic_search.png diff --git a/doc/user/search/img/dashboard_links.png b/doc/user/search/img/dashboard_links.png Binary files differdeleted file mode 100644 index d784ba8018e..00000000000 --- a/doc/user/search/img/dashboard_links.png +++ /dev/null diff --git a/doc/user/search/img/dashboard_links_v13_11.png b/doc/user/search/img/dashboard_links_v13_11.png Binary files differnew file mode 100644 index 00000000000..5f2e61eee1e --- /dev/null +++ b/doc/user/search/img/dashboard_links_v13_11.png diff --git a/doc/user/search/img/issues_mrs_shortcut.png b/doc/user/search/img/issues_mrs_shortcut.png Binary files differindex 2fe1350c806..5be8079030a 100644 --- a/doc/user/search/img/issues_mrs_shortcut.png +++ b/doc/user/search/img/issues_mrs_shortcut.png diff --git a/doc/user/search/img/project_search_dropdown.png b/doc/user/search/img/project_search_dropdown.png Binary files differdeleted file mode 100644 index e0b922a186b..00000000000 --- a/doc/user/search/img/project_search_dropdown.png +++ /dev/null diff --git a/doc/user/search/index.md b/doc/user/search/index.md index 92b616c5549..db89dddaf14 100644 --- a/doc/user/search/index.md +++ b/doc/user/search/index.md @@ -12,9 +12,14 @@ type: index, reference, howto To search through issues and merge requests in multiple projects, use the **Issues** or **Merge Requests** links in the top-right part of your screen. These instructions are valid for both. -The number displayed on their right represents the number of issues and merge requests assigned to you: +The numbers in the right-hand side of the top menu indicate how many issues, merge requests, +and to-do items are assigned to you: - + + +- **(issues)** **Issues**: The open issues assigned to you. +- **(merge-request-open)** **Merge requests**: The [merge requests](../project/merge_requests/index.md) assigned to you. +- **(todo-done)** **To-do items**: The [to-do items](../todos.md) assigned to you. When you click **Issues**, GitLab shows the opened issues assigned to you: @@ -282,7 +287,6 @@ search, or choose a specific group or project. To search through code or other documents in a single project, you can use the search field on the top-right of your screen while the project page is open. -  ### SHA search diff --git a/lib/api/api.rb b/lib/api/api.rb index fda2d76160f..07924c527a7 100644 --- a/lib/api/api.rb +++ b/lib/api/api.rb @@ -293,6 +293,7 @@ module API mount ::API::Triggers mount ::API::Unleash mount ::API::UsageData + mount ::API::UsageDataQueries mount ::API::UserCounts mount ::API::Users mount ::API::Variables diff --git a/lib/api/usage_data_queries.rb b/lib/api/usage_data_queries.rb new file mode 100644 index 00000000000..c8a83d1b75d --- /dev/null +++ b/lib/api/usage_data_queries.rb @@ -0,0 +1,27 @@ +# frozen_string_literal: true + +module API + class UsageDataQueries < ::API::Base + before { authenticated_as_admin! } + + feature_category :usage_ping + + namespace 'usage_data' do + before do + not_found! unless Feature.enabled?(:usage_data_queries_api, default_enabled: false, type: :ops) + end + + desc 'Get raw SQL queries for usage data SQL metrics' do + detail 'This feature was introduced in GitLab 13.11.' + end + + get 'queries' do + Gitlab::QueryLimiting.disable!('https://gitlab.com/gitlab-org/gitlab/-/issues/325534') + + queries = Gitlab::UsageDataQueries.uncached_data + + present queries + end + end + end +end diff --git a/lib/gitlab/ci/templates/Security/Container-Scanning.gitlab-ci.yml b/lib/gitlab/ci/templates/Security/Container-Scanning.gitlab-ci.yml index 64001c2828a..953ca62e511 100644 --- a/lib/gitlab/ci/templates/Security/Container-Scanning.gitlab-ci.yml +++ b/lib/gitlab/ci/templates/Security/Container-Scanning.gitlab-ci.yml @@ -6,14 +6,10 @@ variables: SECURE_ANALYZERS_PREFIX: "registry.gitlab.com/gitlab-org/security-products/analyzers" CS_MAJOR_VERSION: 3 -container_scanning: +.cs_common: stage: test image: "$CS_ANALYZER_IMAGE" variables: - # By default, use the latest clair vulnerabilities database, however, allow it to be overridden here with a specific image - # to enable container scanning to run offline, or to provide a consistent list of vulnerabilities for integration testing purposes - CLAIR_DB_IMAGE_TAG: "latest" - CLAIR_DB_IMAGE: "$SECURE_ANALYZERS_PREFIX/clair-vulnerabilities-db:$CLAIR_DB_IMAGE_TAG" # Override the GIT_STRATEGY variable in your `.gitlab-ci.yml` file and set it to `fetch` if you want to provide a `clair-whitelist.yml` # file. See https://docs.gitlab.com/ee/user/application_security/container_scanning/index.html#overriding-the-container-scanning-template # for details @@ -21,19 +17,44 @@ container_scanning: # CS_ANALYZER_IMAGE is an undocumented variable used internally to allow QA to # override the analyzer image with a custom value. This may be subject to change or # breakage across GitLab releases. - CS_ANALYZER_IMAGE: $SECURE_ANALYZERS_PREFIX/klar:$CS_MAJOR_VERSION + CS_ANALYZER_IMAGE: $SECURE_ANALYZERS_PREFIX/$CS_PROJECT:$CS_MAJOR_VERSION allow_failure: true + artifacts: + reports: + container_scanning: gl-container-scanning-report.json + dependencies: [] + +container_scanning_deprecated: + extends: .cs_common + variables: + # By default, use the latest clair vulnerabilities database, however, allow it to be overridden here with a specific image + # to enable container scanning to run offline, or to provide a consistent list of vulnerabilities for integration testing purposes + CLAIR_DB_IMAGE_TAG: "latest" + CLAIR_DB_IMAGE: "$SECURE_ANALYZERS_PREFIX/clair-vulnerabilities-db:$CLAIR_DB_IMAGE_TAG" + CS_PROJECT: 'klar' services: - name: $CLAIR_DB_IMAGE alias: clair-vulnerabilities-db script: - /analyzer run + rules: + - if: $CONTAINER_SCANNING_DISABLED + when: never + - if: $CI_COMMIT_BRANCH && + $GITLAB_FEATURES =~ /\bcontainer_scanning\b/ && + $CS_MAJOR_VERSION =~ /^[0-3]$/ + +container_scanning: + extends: .cs_common + variables: + CS_PROJECT: 'container-scanning' + script: + - gtcs scan artifacts: - reports: - container_scanning: gl-container-scanning-report.json - dependencies: [] + paths: [gl-container-scanning-report.json] rules: - if: $CONTAINER_SCANNING_DISABLED when: never - if: $CI_COMMIT_BRANCH && - $GITLAB_FEATURES =~ /\bcontainer_scanning\b/ + $GITLAB_FEATURES =~ /\bcontainer_scanning\b/ && + $CS_MAJOR_VERSION !~ /^[0-3]$/ diff --git a/lib/gitlab/usage/docs/helper.rb b/lib/gitlab/usage/docs/helper.rb index 1dc660e574b..6b185a5a1e9 100644 --- a/lib/gitlab/usage/docs/helper.rb +++ b/lib/gitlab/usage/docs/helper.rb @@ -33,6 +33,10 @@ module Gitlab object[:description] end + def render_object_schema(object) + "[Object JSON schema](#{object.json_schema_path})" + end + def render_yaml_link(yaml_path) "[YAML definition](#{yaml_path})" end diff --git a/lib/gitlab/usage/docs/templates/default.md.haml b/lib/gitlab/usage/docs/templates/default.md.haml index 19ad668019e..26f1aa4396d 100644 --- a/lib/gitlab/usage/docs/templates/default.md.haml +++ b/lib/gitlab/usage/docs/templates/default.md.haml @@ -27,6 +27,9 @@ = render_name(name) \ = render_description(object.attributes) + - if object.has_json_schema? + \ + = render_object_schema(object) \ = render_yaml_link(object.yaml_path) \ diff --git a/lib/gitlab/usage/metric_definition.rb b/lib/gitlab/usage/metric_definition.rb index 513ad4a4769..a134b7bf37c 100644 --- a/lib/gitlab/usage/metric_definition.rb +++ b/lib/gitlab/usage/metric_definition.rb @@ -22,6 +22,16 @@ module Gitlab attributes end + def json_schema_path + return '' unless has_json_schema? + + "#{BASE_REPO_PATH}/#{attributes[:object_json_schema]}" + end + + def has_json_schema? + attributes[:value_type] == 'object' && attributes[:object_json_schema].present? + end + def yaml_path "#{BASE_REPO_PATH}#{path.delete_prefix(Rails.root.to_s)}" end diff --git a/spec/finders/packages/maven/package_finder_spec.rb b/spec/finders/packages/maven/package_finder_spec.rb index b955c331f28..7a18733d1cf 100644 --- a/spec/finders/packages/maven/package_finder_spec.rb +++ b/spec/finders/packages/maven/package_finder_spec.rb @@ -17,65 +17,89 @@ RSpec.describe ::Packages::Maven::PackageFinder do group.add_developer(user) end - describe '#execute!' do - subject { finder.execute! } + shared_examples 'Packages::Maven::PackageFinder examples' do + describe '#execute!' do + subject { finder.execute! } - shared_examples 'handling valid and invalid paths' do - context 'with a valid path' do - let(:param_path) { package.maven_metadatum.path } + shared_examples 'handling valid and invalid paths' do + context 'with a valid path' do + let(:param_path) { package.maven_metadatum.path } - it { is_expected.to eq(package) } + it { is_expected.to eq(package) } + end + + context 'with an invalid path' do + let(:param_path) { 'com/example/my-app/1.0-SNAPSHOT' } + + it 'raises an error' do + expect { subject }.to raise_error(ActiveRecord::RecordNotFound) + end + end + end + + context 'within the project' do + let(:param_project) { project } + + it_behaves_like 'handling valid and invalid paths' end - context 'with an invalid path' do - let(:param_path) { 'com/example/my-app/1.0-SNAPSHOT' } + context 'within a group' do + let(:param_group) { group } + it_behaves_like 'handling valid and invalid paths' + end + + context 'across all projects' do it 'raises an error' do expect { subject }.to raise_error(ActiveRecord::RecordNotFound) end end - end - context 'within the project' do - let(:param_project) { project } + context 'versionless maven-metadata.xml package' do + let_it_be(:sub_group1) { create(:group, parent: group) } + let_it_be(:sub_group2) { create(:group, parent: group) } + let_it_be(:project1) { create(:project, group: sub_group1) } + let_it_be(:project2) { create(:project, group: sub_group2) } + let_it_be(:project3) { create(:project, group: sub_group1) } + let_it_be(:package_name) { 'foo' } + let_it_be(:package1) { create(:maven_package, project: project1, name: package_name, version: nil) } + let_it_be(:package2) { create(:maven_package, project: project2, name: package_name, version: nil) } + let_it_be(:package3) { create(:maven_package, project: project3, name: package_name, version: nil) } + + let(:param_group) { group } + let(:param_path) { package_name } + + before do + sub_group1.add_developer(user) + sub_group2.add_developer(user) + # the package with the most recently published file should be returned + create(:package_file, :xml, package: package2) + end - it_behaves_like 'handling valid and invalid paths' + it { is_expected.to eq(package2) } + end end + end - context 'within a group' do - let(:param_group) { group } - - it_behaves_like 'handling valid and invalid paths' + context 'when the maven_metadata_by_path_with_optimization_fence feature flag is off' do + before do + stub_feature_flags(maven_metadata_by_path_with_optimization_fence: false) end - context 'across all projects' do - it 'raises an error' do - expect { subject }.to raise_error(ActiveRecord::RecordNotFound) - end + it_behaves_like 'Packages::Maven::PackageFinder examples' + end + + context 'when the maven_metadata_by_path_with_optimization_fence feature flag is on' do + before do + stub_feature_flags(maven_metadata_by_path_with_optimization_fence: true) end - context 'versionless maven-metadata.xml package' do - let_it_be(:sub_group1) { create(:group, parent: group) } - let_it_be(:sub_group2) { create(:group, parent: group) } - let_it_be(:project1) { create(:project, group: sub_group1) } - let_it_be(:project2) { create(:project, group: sub_group2) } - let_it_be(:project3) { create(:project, group: sub_group1) } - let_it_be(:package_name) { 'foo' } - let_it_be(:package1) { create(:maven_package, project: project1, name: package_name, version: nil) } - let_it_be(:package2) { create(:maven_package, project: project2, name: package_name, version: nil) } - let_it_be(:package3) { create(:maven_package, project: project3, name: package_name, version: nil) } - - let(:param_group) { group } - let(:param_path) { package_name } - - before do - sub_group1.add_developer(user) - sub_group2.add_developer(user) - # the package with the most recently published file should be returned - create(:package_file, :xml, package: package2) - end + it_behaves_like 'Packages::Maven::PackageFinder examples' + + it 'uses CTE in the query' do + sql = described_class.new('some_path', user, group: group).send(:packages_with_path).to_sql - it { is_expected.to eq(package2) } + expect(sql).to include('WITH "maven_metadata_by_path" AS') end end end diff --git a/spec/helpers/groups_helper_spec.rb b/spec/helpers/groups_helper_spec.rb index 0d2af464902..0dcfa30bc1b 100644 --- a/spec/helpers/groups_helper_spec.rb +++ b/spec/helpers/groups_helper_spec.rb @@ -5,33 +5,31 @@ require 'spec_helper' RSpec.describe GroupsHelper do include ApplicationHelper - describe 'group_icon_url' do + describe '#group_icon_url' do it 'returns an url for the avatar' do - avatar_file_path = File.join('spec', 'fixtures', 'banana_sample.gif') + group = create(:group, :with_avatar) - group = create(:group) - group.avatar = fixture_file_upload(avatar_file_path) - group.save! - expect(group_icon_url(group.path).to_s) - .to match(group.avatar.url) + expect(group_icon_url(group.path).to_s).to match(group.avatar.url) end it 'gives default avatar_icon when no avatar is present' do - group = create(:group) + group = build_stubbed(:group) + expect(group_icon_url(group.path)).to match_asset_path('group_avatar.png') end end - describe 'group_dependency_proxy_url' do + describe '#group_dependency_proxy_url' do it 'converts uppercase letters to lowercase' do - group = create(:group, path: 'GroupWithUPPERcaseLetters') + group = build_stubbed(:group, path: 'GroupWithUPPERcaseLetters') + expect(group_dependency_proxy_url(group)).to end_with("/groupwithuppercaseletters#{DependencyProxy::URL_SUFFIX}") end end - describe 'group_lfs_status' do - let(:group) { create(:group) } - let!(:project) { create(:project, namespace_id: group.id) } + describe '#group_lfs_status' do + let_it_be_with_reload(:group) { create(:group) } + let_it_be_with_reload(:project) { create(:project, namespace_id: group.id) } before do allow(Gitlab.config.lfs).to receive(:enabled).and_return(true) @@ -54,9 +52,7 @@ RSpec.describe GroupsHelper do end context 'more than one project in group' do - before do - create(:project, namespace_id: group.id) - end + let_it_be_with_reload(:another_project) { create(:project, namespace_id: group.id) } context 'LFS enabled in group' do before do @@ -92,7 +88,7 @@ RSpec.describe GroupsHelper do end end - describe 'group_title' do + describe '#group_title' do let_it_be(:group) { create(:group) } let_it_be(:nested_group) { create(:group, parent: group) } let_it_be(:deep_nested_group) { create(:group, parent: nested_group) } @@ -115,14 +111,14 @@ RSpec.describe GroupsHelper do end end - # rubocop:disable Layout/SpaceBeforeComma describe '#share_with_group_lock_help_text' do - let!(:root_group) { create(:group) } - let!(:subgroup) { create(:group, parent: root_group) } - let!(:sub_subgroup) { create(:group, parent: subgroup) } - let(:root_owner) { create(:user) } - let(:sub_owner) { create(:user) } - let(:sub_sub_owner) { create(:user) } + let_it_be_with_reload(:root_group) { create(:group) } + let_it_be_with_reload(:subgroup) { create(:group, parent: root_group) } + let_it_be_with_reload(:sub_subgroup) { create(:group, parent: subgroup) } + let_it_be(:root_owner) { create(:user) } + let_it_be(:sub_owner) { create(:user) } + let_it_be(:sub_sub_owner) { create(:user) } + let(:possible_help_texts) do { default_help: "This setting will be applied to all subgroups unless overridden by a group owner", @@ -149,6 +145,13 @@ RSpec.describe GroupsHelper do subject { helper.share_with_group_lock_help_text(sub_subgroup) } + before_all do + root_group.add_owner(root_owner) + subgroup.add_owner(sub_owner) + sub_subgroup.add_owner(sub_sub_owner) + end + + # rubocop:disable Layout/SpaceBeforeComma where(:root_share_with_group_locked, :subgroup_share_with_group_locked, :sub_subgroup_share_with_group_locked, :current_user, :help_text, :linked_ancestor) do [ [false , false , false , :root_owner , :default_help , nil], @@ -177,13 +180,10 @@ RSpec.describe GroupsHelper do [true , true , true , :sub_sub_owner , :ancestor_locked_so_ask_the_owner , :root_group] ] end + # rubocop:enable Layout/SpaceBeforeComma with_them do before do - root_group.add_owner(root_owner) - subgroup.add_owner(sub_owner) - sub_subgroup.add_owner(sub_sub_owner) - root_group.update_column(:share_with_group_lock, true) if root_share_with_group_locked subgroup.update_column(:share_with_group_lock, true) if subgroup_share_with_group_locked sub_subgroup.update_column(:share_with_group_lock, true) if sub_subgroup_share_with_group_locked @@ -212,8 +212,8 @@ RSpec.describe GroupsHelper do end describe '#group_container_registry_nav' do - let(:group) { create(:group, :public) } - let(:user) { create(:user) } + let_it_be(:group) { create(:group, :public) } + let_it_be(:user) { create(:user) } before do stub_container_registry_config(enabled: true) @@ -248,8 +248,8 @@ RSpec.describe GroupsHelper do end describe '#group_sidebar_links' do - let(:group) { create(:group, :public) } - let(:user) { create(:user) } + let_it_be(:group) { create(:group, :public) } + let_it_be(:user) { create(:user) } before do group.add_owner(user) @@ -287,10 +287,10 @@ RSpec.describe GroupsHelper do end end - describe 'parent_group_options' do - let(:current_user) { create(:user) } - let(:group) { create(:group, name: 'group') } - let(:group2) { create(:group, name: 'group2') } + describe '#parent_group_options' do + let_it_be(:current_user) { create(:user) } + let_it_be(:group) { create(:group, name: 'group') } + let_it_be(:group2) { create(:group, name: 'group2') } before do group.add_owner(current_user) @@ -321,9 +321,9 @@ RSpec.describe GroupsHelper do end describe '#can_disable_group_emails?' do - let(:current_user) { create(:user) } - let(:group) { create(:group, name: 'group') } - let(:subgroup) { create(:group, name: 'subgroup', parent: group) } + let_it_be(:current_user) { create(:user) } + let_it_be(:group) { create(:group, name: 'group') } + let_it_be(:subgroup) { create(:group, name: 'subgroup', parent: group) } before do allow(helper).to receive(:current_user) { current_user } @@ -361,8 +361,8 @@ RSpec.describe GroupsHelper do end describe '#can_update_default_branch_protection?' do - let(:current_user) { create(:user) } - let(:group) { create(:group) } + let_it_be(:current_user) { create(:user) } + let_it_be(:group) { create(:group) } subject { helper.can_update_default_branch_protection?(group) } diff --git a/spec/lib/gitlab/sql/cte_spec.rb b/spec/lib/gitlab/sql/cte_spec.rb index d1e099c9f00..4cf94f4dcab 100644 --- a/spec/lib/gitlab/sql/cte_spec.rb +++ b/spec/lib/gitlab/sql/cte_spec.rb @@ -4,7 +4,7 @@ require 'spec_helper' RSpec.describe Gitlab::SQL::CTE do describe '#to_arel' do - it 'generates an Arel relation for the CTE body', quarantine: 'https://gitlab.com/gitlab-org/gitlab/-/issues/325916' do + it 'generates an Arel relation for the CTE body' do relation = User.where(id: 1) cte = described_class.new(:cte_name, relation) sql = cte.to_arel.to_sql @@ -14,7 +14,14 @@ RSpec.describe Gitlab::SQL::CTE do relation.except(:order).to_sql end - expect(sql).to eq("#{name} AS (#{sql1})") + expected = [ + "#{name} AS ", + Gitlab::Database::AsWithMaterialized.materialized_if_supported, + (' ' unless Gitlab::Database::AsWithMaterialized.materialized_if_supported.blank?), + "(#{sql1})" + ].join + + expect(sql).to eq(expected) end end diff --git a/spec/requests/api/usage_data_queries_spec.rb b/spec/requests/api/usage_data_queries_spec.rb new file mode 100644 index 00000000000..0ba4a37bc9b --- /dev/null +++ b/spec/requests/api/usage_data_queries_spec.rb @@ -0,0 +1,67 @@ +# frozen_string_literal: true + +require 'spec_helper' + +RSpec.describe API::UsageDataQueries do + include UsageDataHelpers + + let_it_be(:admin) { create(:user, admin: true) } + let_it_be(:user) { create(:user) } + + before do + stub_usage_data_connections + end + + describe 'GET /usage_data/usage_data_queries' do + let(:endpoint) { '/usage_data/queries' } + + context 'with authentication' do + before do + stub_feature_flags(usage_data_queries_api: true) + end + + it 'returns queries if user is admin' do + get api(endpoint, admin) + + expect(response).to have_gitlab_http_status(:ok) + expect(json_response['active_user_count']).to start_with('SELECT COUNT("users"."id") FROM "users"') + end + + it 'returns forbidden if user is not admin' do + get api(endpoint, user) + + expect(response).to have_gitlab_http_status(:forbidden) + end + end + + context 'without authentication' do + before do + stub_feature_flags(usage_data_queries_api: true) + end + + it 'returns unauthorized' do + get api(endpoint) + + expect(response).to have_gitlab_http_status(:unauthorized) + end + end + + context 'when feature_flag is disabled' do + before do + stub_feature_flags(usage_data_queries_api: false) + end + + it 'returns not_found for admin' do + get api(endpoint, admin) + + expect(response).to have_gitlab_http_status(:not_found) + end + + it 'returns forbidden for non-admin' do + get api(endpoint, user) + + expect(response).to have_gitlab_http_status(:forbidden) + end + end + end +end diff --git a/vendor/project_templates/learn_gitlab_ultimate_trial.tar.gz b/vendor/project_templates/learn_gitlab_ultimate_trial.tar.gz Binary files differindex 2ec47956706..89d69de52dc 100644 --- a/vendor/project_templates/learn_gitlab_ultimate_trial.tar.gz +++ b/vendor/project_templates/learn_gitlab_ultimate_trial.tar.gz |
