Add latest changes from gitlab-org/gitlab@master

author: GitLab Bot <gitlab-bot@gitlab.com> 2023-01-30 15:07:29 +0300
committer: GitLab Bot <gitlab-bot@gitlab.com> 2023-01-30 15:07:29 +0300
commit: 7cf8c080eda823e7e2577eeed1f96e168c37ee8f (patch)
tree: 25777ab1b8883dd4cff80005a2edc5e385e16714 /app/models
parent: 4381702a8509383c7158a4d89a0ed187532604f2 (diff)
8 files changed, 80 insertions, 45 deletions
diff --git a/app/models/ci/runner.rb b/app/models/ci/runner.rb
index bac85b6095e..5c4512c5f72 100644
--- a/app/models/ci/runner.rb
+++ b/app/models/ci/runner.rb
@@ -15,6 +15,8 @@ module Ci
     include EachBatch
     include Ci::HasRunnerExecutor
 
+    extend ::Gitlab::Utils::Override
+
     add_authentication_token_field :token, encrypted: :optional, expires_at: :compute_token_expiration
 
     enum access_level: {
@@ -28,6 +30,9 @@ module Ci
       project_type: 3
     }
 
+    # Prefix assigned to runners created from the UI, instead of registered via the command line
+    CREATED_RUNNER_TOKEN_PREFIX = 'glrt-'
+
     # This `ONLINE_CONTACT_TIMEOUT` needs to be larger than
     #   `RUNNER_QUEUE_EXPIRY_TIME+UPDATE_CONTACT_COLUMN_EVERY`
     #
@@ -191,6 +196,8 @@ module Ci
 
     cached_attr_reader :version, :revision, :platform, :architecture, :ip_address, :contacted_at, :executor_type
 
+    attr_writer :legacy_registered
+
     chronic_duration_attr :maximum_timeout_human_readable, :maximum_timeout,
         error_message: 'Maximum job timeout has a value which could not be accepted'
 
@@ -290,6 +297,13 @@ module Ci
       end
     end
 
+    def initialize(params)
+      @legacy_registered = params&.delete(:legacy_registered)
+      @legacy_registered = true if @legacy_registered.nil?
+
+      super(params)
+    end
+
     def assign_to(project, current_user = nil)
       if instance_type?
         raise ArgumentError, 'Transitioning an instance runner to a project runner is not supported'
@@ -474,6 +488,13 @@ module Ci
       end
     end
 
+    override :format_token
+    def format_token(token)
+      return token if @legacy_registered
+
+      "#{CREATED_RUNNER_TOKEN_PREFIX}#{token}"
+    end
+
     private
 
     scope :with_upgrade_status, ->(upgrade_status) do
diff --git a/app/models/clusters/cluster.rb b/app/models/clusters/cluster.rb
index 84e9b6a8df7..55dbaf9c6b7 100644
--- a/app/models/clusters/cluster.rb
+++ b/app/models/clusters/cluster.rb
@@ -89,15 +89,7 @@ module Clusters
 
     delegate :status, to: :provider, allow_nil: true
     delegate :status_reason, to: :provider, allow_nil: true
-    delegate :on_creation?, to: :provider, allow_nil: true
-    delegate :knative_pre_installed?, to: :provider, allow_nil: true
-
-    delegate :active?, to: :platform_kubernetes, prefix: true, allow_nil: true
-    delegate :rbac?, to: :platform_kubernetes, prefix: true, allow_nil: true
-    delegate :available?, to: :application_helm, prefix: true, allow_nil: true
-    delegate :available?, to: :application_ingress, prefix: true, allow_nil: true
-    delegate :available?, to: :application_knative, prefix: true, allow_nil: true
-    delegate :available?, to: :integration_prometheus, prefix: true, allow_nil: true
+
     delegate :external_ip, to: :application_ingress, prefix: true, allow_nil: true
     delegate :external_hostname, to: :application_ingress, prefix: true, allow_nil: true
 
@@ -264,6 +256,38 @@ module Clusters
       integration_prometheus || build_integration_prometheus
     end
 
+    def on_creation?
+      !!provider&.on_creation?
+    end
+
+    def knative_pre_installed?
+      !!provider&.knative_pre_installed?
+    end
+
+    def platform_kubernetes_active?
+      !!platform_kubernetes&.active?
+    end
+
+    def platform_kubernetes_rbac?
+      !!platform_kubernetes&.rbac?
+    end
+
+    def application_helm_available?
+      !!application_helm&.available?
+    end
+
+    def application_ingress_available?
+      !!application_ingress&.available?
+    end
+
+    def application_knative_available?
+      !!application_knative&.available?
+    end
+
+    def integration_prometheus_available?
+      !!integration_prometheus&.available?
+    end
+
     def provider
       if gcp?
         provider_gcp
diff --git a/app/models/group.rb b/app/models/group.rb
index c7ad4d61ddb..f48484f04f7 100644
--- a/app/models/group.rb
+++ b/app/models/group.rb
@@ -422,15 +422,14 @@ class Group < Namespace
     )
   end
 
-  def add_member(user, access_level, current_user: nil, expires_at: nil, ldap: false, blocking_refresh: true)
+  def add_member(user, access_level, current_user: nil, expires_at: nil, ldap: false)
     Members::Groups::CreatorService.add_member( # rubocop:disable CodeReuse/ServiceClass
       self,
       user,
       access_level,
       current_user: current_user,
       expires_at: expires_at,
-      ldap: ldap,
-      blocking_refresh: blocking_refresh
+      ldap: ldap
     )
   end
 
@@ -539,7 +538,6 @@ class Group < Namespace
 
   # rubocop: disable CodeReuse/ServiceClass
   def refresh_members_authorized_projects(
-    blocking: true,
     priority: UserProjectAccessChangedService::HIGH_PRIORITY,
     direct_members_only: false
   )
@@ -552,7 +550,7 @@ class Group < Namespace
 
     UserProjectAccessChangedService
       .new(user_ids)
-      .execute(blocking: blocking, priority: priority)
+      .execute(priority: priority)
   end
   # rubocop: enable CodeReuse/ServiceClass
 
@@ -748,7 +746,7 @@ class Group < Namespace
   end
 
   def refresh_project_authorizations
-    refresh_members_authorized_projects(blocking: false)
+    refresh_members_authorized_projects
   end
 
   # each existing group needs to have a `runners_token`.
diff --git a/app/models/member.rb b/app/models/member.rb
index ecf9013f197..e97c9e929ac 100644
--- a/app/models/member.rb
+++ b/app/models/member.rb
@@ -22,7 +22,6 @@ class Member < ApplicationRecord
   STATE_AWAITING = 1
 
   attr_accessor :raw_invite_token
-  attr_writer :blocking_refresh
 
   belongs_to :created_by, class_name: "User"
   belongs_to :user
@@ -279,12 +278,8 @@ class Member < ApplicationRecord
   after_save :log_invitation_token_cleanup
 
   after_commit :send_request, if: :request?, unless: :importing?, on: [:create]
-  after_commit on: [:create, :update], unless: :importing? do
-    refresh_member_authorized_projects(blocking: blocking_refresh)
-  end
-
-  after_commit on: [:destroy], unless: :importing? do
-    refresh_member_authorized_projects(blocking: false)
+  after_commit on: [:create, :update, :destroy], unless: :importing? do
+    refresh_member_authorized_projects
   end
 
   attribute :notification_level, default: -> { NotificationSetting.levels[:global] }
@@ -555,8 +550,8 @@ class Member < ApplicationRecord
   # rubocop: disable CodeReuse/ServiceClass
 
   # This method is overridden in the test environment, see stubbed_member.rb
-  def refresh_member_authorized_projects(blocking:)
-    UserProjectAccessChangedService.new(user_id).execute(blocking: blocking)
+  def refresh_member_authorized_projects
+    UserProjectAccessChangedService.new(user_id).execute
   end
   # rubocop: enable CodeReuse/ServiceClass
 
@@ -642,12 +637,6 @@ class Member < ApplicationRecord
     error = StandardError.new("Invitation token is present but invite was already accepted!")
     Gitlab::ErrorTracking.track_exception(error, attributes.slice(%w["invite_accepted_at created_at source_type source_id user_id id"]))
   end
-
-  def blocking_refresh
-    return true if @blocking_refresh.nil?
-
-    @blocking_refresh
-  end
 end
 
 Member.prepend_mod_with('Member')
diff --git a/app/models/members/group_member.rb b/app/models/members/group_member.rb
index 796b05b7fff..f23d7208b6e 100644
--- a/app/models/members/group_member.rb
+++ b/app/models/members/group_member.rb
@@ -64,7 +64,7 @@ class GroupMember < Member
   private
 
   override :refresh_member_authorized_projects
-  def refresh_member_authorized_projects(blocking:)
+  def refresh_member_authorized_projects
     # Here, `destroyed_by_association` will be present if the
     # GroupMember is being destroyed due to the `dependent: :destroy`
     # callback on Group. In this case, there is no need to refresh the
diff --git a/app/models/members/project_member.rb b/app/models/members/project_member.rb
index 6aa6afb595d..733b7c4bc87 100644
--- a/app/models/members/project_member.rb
+++ b/app/models/members/project_member.rb
@@ -109,28 +109,24 @@ class ProjectMember < Member
     end
   end
 
+  # This method is overridden in the test environment, see stubbed_member.rb
   override :refresh_member_authorized_projects
-  def refresh_member_authorized_projects(blocking:)
+  def refresh_member_authorized_projects
     return unless user
 
-    # rubocop:disable CodeReuse/ServiceClass
-    if blocking
-      blocking_project_authorizations_refresh
-    else
-      AuthorizedProjectUpdate::ProjectRecalculatePerUserWorker.perform_async(project.id, user.id)
-    end
+    execute_project_authorizations_refresh
 
+    # rubocop:disable CodeReuse/ServiceClass
     # Until we compare the inconsistency rates of the new, specialized service and
     # the old approach, we still run AuthorizedProjectsWorker
     # but with some delay and lower urgency as a safety net.
     UserProjectAccessChangedService.new(user_id)
-                                   .execute(blocking: false, priority: UserProjectAccessChangedService::LOW_PRIORITY)
+                                   .execute(priority: UserProjectAccessChangedService::LOW_PRIORITY)
     # rubocop:enable CodeReuse/ServiceClass
   end
 
-  # This method is overridden in the test environment, see stubbed_member.rb
-  def blocking_project_authorizations_refresh
-    AuthorizedProjectUpdate::ProjectRecalculatePerUserWorker.bulk_perform_and_wait([[project.id, user.id]])
+  def execute_project_authorizations_refresh
+    AuthorizedProjectUpdate::ProjectRecalculatePerUserWorker.perform_async(project.id, user.id)
   end
 
   # TODO: https://gitlab.com/groups/gitlab-org/-/epics/7054
diff --git a/app/models/namespace.rb b/app/models/namespace.rb
index 053989d8eb1..a0d44bcc26e 100644
--- a/app/models/namespace.rb
+++ b/app/models/namespace.rb
@@ -660,7 +660,6 @@ class Namespace < ApplicationRecord
 
     groups_requiring_authorizations_refresh.find_each do |group|
       group.refresh_members_authorized_projects(
-        blocking: false,
         priority: priority
       )
     end
diff --git a/app/models/repository.rb b/app/models/repository.rb
index 3fd7b6126d8..4100218944f 100644
--- a/app/models/repository.rb
+++ b/app/models/repository.rb
@@ -696,14 +696,22 @@ class Repository
   end
 
   def head_tree(skip_flat_paths: true)
-    if head_commit
+    if Feature.enabled?(:optimized_head_tree)
+      return if empty? || root_ref.nil?
+
+      @head_tree ||= Tree.new(self, root_ref, nil, skip_flat_paths: skip_flat_paths)
+    elsif head_commit
       @head_tree ||= Tree.new(self, head_commit.sha, nil, skip_flat_paths: skip_flat_paths)
     end
   end
 
   def tree(sha = :head, path = nil, recursive: false, skip_flat_paths: true, pagination_params: nil)
     if sha == :head
-      return unless head_commit
+      if Feature.enabled?(:optimized_head_tree)
+        return if empty? || root_ref.nil?
+      else
+        return unless head_commit
+      end
 
       if path.nil?
         return head_tree(skip_flat_paths: skip_flat_paths)
author	GitLab Bot <gitlab-bot@gitlab.com>	2023-01-30 15:07:29 +0300
committer	GitLab Bot <gitlab-bot@gitlab.com>	2023-01-30 15:07:29 +0300
commit	7cf8c080eda823e7e2577eeed1f96e168c37ee8f (patch)
tree	25777ab1b8883dd4cff80005a2edc5e385e16714 /app/models
parent	4381702a8509383c7158a4d89a0ed187532604f2 (diff)