diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2022-11-03 00:09:03 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2022-11-03 00:09:03 +0300 |
commit | 03cd2a56f32310def67fefdc34797833a5daf770 (patch) | |
tree | 1cefc8769ffc7752183cab6dd9974e259295324d /app | |
parent | 983f6954d19f269a059aab1754568737d9ab6f64 (diff) |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'app')
18 files changed, 236 insertions, 4 deletions
diff --git a/app/assets/javascripts/graphql_shared/possible_types.json b/app/assets/javascripts/graphql_shared/possible_types.json index 1a949adc6a2..e8b0174b8f6 100644 --- a/app/assets/javascripts/graphql_shared/possible_types.json +++ b/app/assets/javascripts/graphql_shared/possible_types.json @@ -9,6 +9,10 @@ "CiManualVariable", "CiProjectVariable" ], + "CommitSignature": [ + "GpgSignature", + "X509Signature" + ], "CurrentUserTodos": [ "BoardEpic", "Design", diff --git a/app/assets/javascripts/pages/projects/learn_gitlab/components/learn_gitlab_section_link.vue b/app/assets/javascripts/pages/projects/learn_gitlab/components/learn_gitlab_section_link.vue index 4eab0cccb06..3717d8027c4 100644 --- a/app/assets/javascripts/pages/projects/learn_gitlab/components/learn_gitlab_section_link.vue +++ b/app/assets/javascripts/pages/projects/learn_gitlab/components/learn_gitlab_section_link.vue @@ -86,6 +86,7 @@ export default { :target="openInNewTab ? '_blank' : '_self'" :href="value.url" data-testid="uncompleted-learn-gitlab-link" + data-qa-selector="uncompleted_learn_gitlab_link" data-track-action="click_link" :data-track-label="actionLabelValue('trackLabel')" >{{ actionLabelValue('title') }}</gl-link diff --git a/app/assets/javascripts/pages/projects/shared/permissions/components/settings_panel.vue b/app/assets/javascripts/pages/projects/shared/permissions/components/settings_panel.vue index 3e5c02bbf19..c37b4cc643a 100644 --- a/app/assets/javascripts/pages/projects/shared/permissions/components/settings_panel.vue +++ b/app/assets/javascripts/pages/projects/shared/permissions/components/settings_panel.vue @@ -41,6 +41,8 @@ export default { featureFlagsHelpText: s__( 'ProjectSettings|Roll out new features without redeploying with feature flags.', ), + infrastructureLabel: s__('ProjectSettings|Infrastructure'), + infrastructureHelpText: s__('ProjectSettings|Configure your infrastructure.'), monitorLabel: s__('ProjectSettings|Monitor'), packagesHelpText: s__( 'ProjectSettings|Every project can have its own space to store its packages. Note: The Package Registry is always visible when a project is public.', @@ -157,6 +159,11 @@ export default { required: false, default: '', }, + infrastructureHelpPath: { + type: String, + required: false, + default: '', + }, releasesHelpPath: { type: String, required: false, @@ -245,6 +252,7 @@ export default { operationsAccessLevel: featureAccessLevel.EVERYONE, environmentsAccessLevel: featureAccessLevel.EVERYONE, featureFlagsAccessLevel: featureAccessLevel.PROJECT_MEMBERS, + infrastructureAccessLevel: featureAccessLevel.PROJECT_MEMBERS, releasesAccessLevel: featureAccessLevel.EVERYONE, monitorAccessLevel: featureAccessLevel.EVERYONE, containerRegistryAccessLevel: featureAccessLevel.EVERYONE, @@ -433,6 +441,10 @@ export default { featureAccessLevel.PROJECT_MEMBERS, this.featureFlagsAccessLevel, ); + this.infrastructureAccessLevel = Math.min( + featureAccessLevel.PROJECT_MEMBERS, + this.infrastructureAccessLevel, + ); this.releasesAccessLevel = Math.min( featureAccessLevel.PROJECT_MEMBERS, this.releasesAccessLevel, @@ -981,6 +993,19 @@ export default { name="project[project_feature_attributes][feature_flags_access_level]" /> </project-setting-row> + <project-setting-row + ref="infrastructure-settings" + :label="$options.i18n.infrastructureLabel" + :help-text="$options.i18n.infrastructureHelpText" + :help-path="infrastructureHelpPath" + > + <project-feature-setting + v-model="infrastructureAccessLevel" + :label="$options.i18n.infrastructureLabel" + :options="featureAccessLevelOptions" + name="project[project_feature_attributes][infrastructure_access_level]" + /> + </project-setting-row> </template> <project-setting-row ref="releases-settings" diff --git a/app/assets/javascripts/sidebar/components/assignees/assignee_title.vue b/app/assets/javascripts/sidebar/components/assignees/assignee_title.vue index 6e18cf36690..2a9100f0cb5 100644 --- a/app/assets/javascripts/sidebar/components/assignees/assignee_title.vue +++ b/app/assets/javascripts/sidebar/components/assignees/assignee_title.vue @@ -55,6 +55,7 @@ export default { class="js-sidebar-dropdown-toggle edit-link btn gl-text-gray-900! gl-ml-auto hide-collapsed btn-default btn-sm gl-button btn-default-tertiary float-right" href="#" data-test-id="edit-link" + data-qa-selector="edit_link" data-track-action="click_edit_button" data-track-label="right_sidebar" data-track-property="assignee" diff --git a/app/assets/javascripts/sidebar/components/assignees/assignees.vue b/app/assets/javascripts/sidebar/components/assignees/assignees.vue index 29ea390a81d..cf07752a0b8 100644 --- a/app/assets/javascripts/sidebar/components/assignees/assignees.vue +++ b/app/assets/javascripts/sidebar/components/assignees/assignees.vue @@ -56,6 +56,7 @@ export default { type="button" class="gl-button btn-link gl-reset-color!" data-testid="assign-yourself" + data-qa-selector="assign_yourself_button" @click="assignSelf" > {{ __('assign yourself') }} diff --git a/app/assets/javascripts/sidebar/components/assignees/uncollapsed_assignee_list.vue b/app/assets/javascripts/sidebar/components/assignees/uncollapsed_assignee_list.vue index 0e4d4c74160..d83ae782e26 100644 --- a/app/assets/javascripts/sidebar/components/assignees/uncollapsed_assignee_list.vue +++ b/app/assets/javascripts/sidebar/components/assignees/uncollapsed_assignee_list.vue @@ -91,6 +91,7 @@ export default { <div class="gl-ml-3 gl-line-height-normal gl-display-grid gl-align-items-center" data-testid="username" + data-qa-selector="username" > <user-name-with-status :name="user.name" :availability="userAvailability(user)" /> </div> diff --git a/app/graphql/types/commit_signature_interface.rb b/app/graphql/types/commit_signature_interface.rb new file mode 100644 index 00000000000..6b0c16e538a --- /dev/null +++ b/app/graphql/types/commit_signature_interface.rb @@ -0,0 +1,37 @@ +# frozen_string_literal: true + +module Types + module CommitSignatureInterface + include Types::BaseInterface + + graphql_name 'CommitSignature' + + description 'Represents signing information for a commit' + + field :verification_status, CommitSignatures::VerificationStatusEnum, + null: true, + description: 'Indicates verification status of the associated key or certificate.' + + field :commit_sha, GraphQL::Types::String, + null: true, + description: 'SHA of the associated commit.' + + field :project, Types::ProjectType, + null: true, + description: 'Project of the associated commit.' + + orphan_types Types::CommitSignatures::GpgSignatureType, + Types::CommitSignatures::X509SignatureType + + def self.resolve_type(object, context) + case object + when ::CommitSignatures::GpgSignature + Types::CommitSignatures::GpgSignatureType + when ::CommitSignatures::X509CommitSignature + Types::CommitSignatures::X509SignatureType + else + raise 'Unsupported commit signature type' + end + end + end +end diff --git a/app/graphql/types/commit_signatures/gpg_signature_type.rb b/app/graphql/types/commit_signatures/gpg_signature_type.rb new file mode 100644 index 00000000000..2a845fff3e2 --- /dev/null +++ b/app/graphql/types/commit_signatures/gpg_signature_type.rb @@ -0,0 +1,29 @@ +# frozen_string_literal: true + +module Types + module CommitSignatures + class GpgSignatureType < Types::BaseObject + graphql_name 'GpgSignature' + description 'GPG signature for a signed commit' + + implements Types::CommitSignatureInterface + + authorize :download_code + + field :user, Types::UserType, null: true, + description: 'User associated with the key.' + + field :gpg_key_user_name, GraphQL::Types::String, + null: true, + description: 'User name associated with the GPG key.' + + field :gpg_key_user_email, GraphQL::Types::String, + null: true, + description: 'User email associated with the GPG key.' + + field :gpg_key_primary_keyid, GraphQL::Types::String, + null: true, + description: 'ID of the GPG key.' + end + end +end diff --git a/app/graphql/types/commit_signatures/verification_status_enum.rb b/app/graphql/types/commit_signatures/verification_status_enum.rb new file mode 100644 index 00000000000..9df1b7abd82 --- /dev/null +++ b/app/graphql/types/commit_signatures/verification_status_enum.rb @@ -0,0 +1,18 @@ +# frozen_string_literal: true + +# rubocop:disable Graphql/AuthorizeTypes + +module Types + module CommitSignatures + class VerificationStatusEnum < BaseEnum + graphql_name 'VerificationStatus' + description 'Verification status of a GPG or X.509 signature for a commit.' + + ::CommitSignatures::GpgSignature.verification_statuses.each do |status, _| + value status.upcase, value: status, description: "#{status} verification status." + end + end + end +end + +# rubocop:enable Graphql/AuthorizeTypes diff --git a/app/graphql/types/commit_signatures/x509_signature_type.rb b/app/graphql/types/commit_signatures/x509_signature_type.rb new file mode 100644 index 00000000000..9ac96dbc015 --- /dev/null +++ b/app/graphql/types/commit_signatures/x509_signature_type.rb @@ -0,0 +1,22 @@ +# frozen_string_literal: true + +module Types + module CommitSignatures + class X509SignatureType < Types::BaseObject + graphql_name 'X509Signature' + description 'X.509 signature for a signed commit' + + implements Types::CommitSignatureInterface + + authorize :download_code + + field :user, Types::UserType, null: true, + calls_gitaly: true, + description: 'User associated with the key.' + + field :x509_certificate, Types::X509CertificateType, + null: true, + description: 'Certificate used for the signature.' + end + end +end diff --git a/app/graphql/types/commit_type.rb b/app/graphql/types/commit_type.rb index dfb02f29fb7..1ae88f98a9a 100644 --- a/app/graphql/types/commit_type.rb +++ b/app/graphql/types/commit_type.rb @@ -40,6 +40,11 @@ module Types field :web_path, type: GraphQL::Types::String, null: false, description: 'Web path of the commit.' + field :signature, type: Types::CommitSignatureInterface, + null: true, + calls_gitaly: true, + description: 'Signature of the commit.' + field :signature_html, type: GraphQL::Types::String, null: true, calls_gitaly: true, description: 'Rendered HTML of the commit signature.' diff --git a/app/graphql/types/x509_certificate_type.rb b/app/graphql/types/x509_certificate_type.rb new file mode 100644 index 00000000000..806aa441af7 --- /dev/null +++ b/app/graphql/types/x509_certificate_type.rb @@ -0,0 +1,39 @@ +# frozen_string_literal: true + +# rubocop:disable Graphql/AuthorizeTypes + +module Types + class X509CertificateType < Types::BaseObject + graphql_name 'X509Certificate' + description 'Represents an X.509 certificate.' + + field :certificate_status, GraphQL::Types::String, + null: false, + description: 'Indicates if the certificate is good or revoked.' + + field :created_at, Types::TimeType, null: false, + description: 'Timestamp of when the certificate was saved.' + + field :email, GraphQL::Types::String, null: false, + description: 'Email associated with the cerificate.' + + field :id, GraphQL::Types::ID, null: false, description: 'ID of the certificate.' + + field :serial_number, GraphQL::Types::String, null: false, + description: 'Serial number of the certificate.' + + field :subject, GraphQL::Types::String, null: false, description: 'Subject of the certificate.' + + field :subject_key_identifier, GraphQL::Types::String, + null: false, + description: 'Subject key identifier of the certificate.' + + field :updated_at, Types::TimeType, null: false, + description: 'Timestamp of when the certificate was last updated.' + + field :x509_issuer, Types::X509IssuerType, null: false, + description: 'Issuer of the certificate.' + end +end + +# rubocop:enable Graphql/AuthorizeTypes diff --git a/app/graphql/types/x509_issuer_type.rb b/app/graphql/types/x509_issuer_type.rb new file mode 100644 index 00000000000..a5759e48ee0 --- /dev/null +++ b/app/graphql/types/x509_issuer_type.rb @@ -0,0 +1,29 @@ +# frozen_string_literal: true + +# rubocop:disable Graphql/AuthorizeTypes + +module Types + class X509IssuerType < Types::BaseObject + graphql_name 'X509Issuer' + description 'Issuer of an X.509 certificate.' + + field :created_at, Types::TimeType, null: true, + description: 'Timestamp of when the issuer was created.' + + field :crl_url, GraphQL::Types::String, null: true, + description: 'Certificate revokation list of the issuer.' + + field :id, GraphQL::Types::ID, null: true, description: 'ID of the issuer.' + + field :subject, GraphQL::Types::String, null: true, description: 'Subject of the issuer.' + + field :subject_key_identifier, GraphQL::Types::String, + null: true, + description: 'Subject key identifier of the issuer.' + + field :updated_at, Types::TimeType, null: true, + description: 'Timestamp of when the issuer was last updated.' + end +end + +# rubocop:enable Graphql/AuthorizeTypes diff --git a/app/helpers/projects_helper.rb b/app/helpers/projects_helper.rb index 53c29a3c8b4..50890489de2 100644 --- a/app/helpers/projects_helper.rb +++ b/app/helpers/projects_helper.rb @@ -395,7 +395,8 @@ module ProjectsHelper membersPagePath: project_project_members_path(project), environmentsHelpPath: help_page_path('ci/environments/index'), featureFlagsHelpPath: help_page_path('operations/feature_flags'), - releasesHelpPath: help_page_path('user/project/releases/index') + releasesHelpPath: help_page_path('user/project/releases/index'), + infrastructureHelpPath: help_page_path('user/infrastructure/index') } end @@ -664,7 +665,8 @@ module ProjectsHelper containerRegistryAccessLevel: feature.container_registry_access_level, environmentsAccessLevel: feature.environments_access_level, featureFlagsAccessLevel: feature.feature_flags_access_level, - releasesAccessLevel: feature.releases_access_level + releasesAccessLevel: feature.releases_access_level, + infrastructureAccessLevel: feature.infrastructure_access_level } end diff --git a/app/models/commit_signatures/gpg_signature.rb b/app/models/commit_signatures/gpg_signature.rb index 1ce76b53da4..2ae59853520 100644 --- a/app/models/commit_signatures/gpg_signature.rb +++ b/app/models/commit_signatures/gpg_signature.rb @@ -49,5 +49,9 @@ module CommitSignatures Gitlab::Gpg::Commit.new(commit) end + + def user + gpg_key&.user + end end end diff --git a/app/policies/commit_signatures/gpg_signature_policy.rb b/app/policies/commit_signatures/gpg_signature_policy.rb new file mode 100644 index 00000000000..518a289c1f3 --- /dev/null +++ b/app/policies/commit_signatures/gpg_signature_policy.rb @@ -0,0 +1,7 @@ +# frozen_string_literal: true + +module CommitSignatures + class GpgSignaturePolicy < BasePolicy + delegate { @subject.project } + end +end diff --git a/app/policies/commit_signatures/x509_commit_signature_policy.rb b/app/policies/commit_signatures/x509_commit_signature_policy.rb new file mode 100644 index 00000000000..6b2477797fc --- /dev/null +++ b/app/policies/commit_signatures/x509_commit_signature_policy.rb @@ -0,0 +1,7 @@ +# frozen_string_literal: true + +module CommitSignatures + class X509CommitSignaturePolicy < BasePolicy + delegate { @subject.project } + end +end diff --git a/app/uploaders/object_storage/cdn.rb b/app/uploaders/object_storage/cdn.rb index e49e2780147..63c155f9210 100644 --- a/app/uploaders/object_storage/cdn.rb +++ b/app/uploaders/object_storage/cdn.rb @@ -12,8 +12,8 @@ module ObjectStorage UrlResult = Struct.new(:url, :used_cdn) - def cdn_enabled_url(project, ip_address) - if Feature.enabled?(:ci_job_artifacts_cdn, project) && use_cdn?(ip_address) + def cdn_enabled_url(ip_address) + if use_cdn?(ip_address) UrlResult.new(cdn_signed_url, true) else UrlResult.new(url, false) |