Add latest changes from gitlab-org/gitlab@master

author: GitLab Bot <gitlab-bot@gitlab.com> 2021-02-10 12:09:38 +0300
committer: GitLab Bot <gitlab-bot@gitlab.com> 2021-02-10 12:09:38 +0300
commit: b6e10aaed70a798a57a40987b3aafcbb5b2a1f78 (patch)
tree: 91272a06b09f5bc31252f7fc02ac96b92e81bcf6 /app
parent: a4f3904124120f62c8be87142de87a0ed2b7f352 (diff)
12 files changed, 92 insertions, 16 deletions
diff --git a/app/assets/javascripts/vue_merge_request_widget/components/states/mr_widget_rebase.vue b/app/assets/javascripts/vue_merge_request_widget/components/states/mr_widget_rebase.vue
index 5127ab3d400..6d66a45f382 100644
--- a/app/assets/javascripts/vue_merge_request_widget/components/states/mr_widget_rebase.vue
+++ b/app/assets/javascripts/vue_merge_request_widget/components/states/mr_widget_rebase.vue
@@ -181,17 +181,12 @@ export default {
           >
             {{ __('Rebase') }}
           </gl-button>
-          <span
-            v-if="!rebasingError"
-            class="gl-font-weight-bold gl-ml-0!"
-            data-testid="rebase-message"
-            >{{
-              __(
-                'Fast-forward merge is not possible. Rebase the source branch onto the target branch.',
-              )
-            }}</span
-          >
-          <span v-else class="gl-font-weight-bold danger gl-ml-0!" data-testid="rebase-message">{{
+          <span v-if="!rebasingError" class="gl-font-weight-bold" data-testid="rebase-message">{{
+            __(
+              'Fast-forward merge is not possible. Rebase the source branch onto the target branch.',
+            )
+          }}</span>
+          <span v-else class="gl-font-weight-bold danger" data-testid="rebase-message">{{
             rebasingError
           }}</span>
         </div>
diff --git a/app/controllers/projects/commit_controller.rb b/app/controllers/projects/commit_controller.rb
index b694efbc1eb..ffdd9fca95b 100644
--- a/app/controllers/projects/commit_controller.rb
+++ b/app/controllers/projects/commit_controller.rb
@@ -23,6 +23,7 @@ class Projects::CommitController < Projects::ApplicationController
   end
 
   BRANCH_SEARCH_LIMIT = 1000
+  COMMIT_DIFFS_PER_PAGE = 75
 
   feature_category :source_code_management
 
diff --git a/app/controllers/projects/merge_requests_controller.rb b/app/controllers/projects/merge_requests_controller.rb
index 973e43831f1..efbb958cbae 100644
--- a/app/controllers/projects/merge_requests_controller.rb
+++ b/app/controllers/projects/merge_requests_controller.rb
@@ -168,6 +168,14 @@ class Projects::MergeRequestsController < Projects::MergeRequests::ApplicationCo
     }
   end
 
+  def sast_reports
+    reports_response(merge_request.compare_sast_reports(current_user), head_pipeline)
+  end
+
+  def secret_detection_reports
+    reports_response(merge_request.compare_secret_detection_reports(current_user), head_pipeline)
+  end
+
   def context_commits
     return render_404 unless project.context_commits_enabled?
 
diff --git a/app/helpers/commits_helper.rb b/app/helpers/commits_helper.rb
index 2d4ace5a5bf..f5c75d62097 100644
--- a/app/helpers/commits_helper.rb
+++ b/app/helpers/commits_helper.rb
@@ -126,6 +126,14 @@ module CommitsHelper
     %w(btn gpg-status-box) + Array(additional_classes)
   end
 
+  def conditionally_paginate_diff_files(diffs, paginate:, per: Projects::CommitController::COMMIT_DIFFS_PER_PAGE)
+    if paginate && Feature.enabled?(:paginate_commit_view, @project, type: :development)
+      Kaminari.paginate_array(diffs.diff_files.to_a).page(params[:page]).per(per)
+    else
+      diffs.diff_files
+    end
+  end
+
   protected
 
   # Private: Returns a link to a person. If the person has a matching user and
diff --git a/app/models/ci/build.rb b/app/models/ci/build.rb
index a9bd890aa4b..db151126caf 100644
--- a/app/models/ci/build.rb
+++ b/app/models/ci/build.rb
@@ -786,7 +786,9 @@ module Ci
     end
 
     def artifacts_file_for_type(type)
-      job_artifacts.find_by(file_type: Ci::JobArtifact.file_types[type])&.file
+      file_types = Ci::JobArtifact.associated_file_types_for(type)
+      file_types_ids = file_types&.map { |file_type| Ci::JobArtifact.file_types[file_type] }
+      job_artifacts.find_by(file_type: file_types_ids)&.file
     end
 
     def coverage_regex
diff --git a/app/models/ci/job_artifact.rb b/app/models/ci/job_artifact.rb
index f13be3b3c86..f927111758a 100644
--- a/app/models/ci/job_artifact.rb
+++ b/app/models/ci/job_artifact.rb
@@ -19,6 +19,8 @@ module Ci
     NON_ERASABLE_FILE_TYPES = %w[trace].freeze
     TERRAFORM_REPORT_FILE_TYPES = %w[terraform].freeze
     UNSUPPORTED_FILE_TYPES = %i[license_management].freeze
+    SAST_REPORT_TYPES = %w[sast].freeze
+    SECRET_DETECTION_REPORT_TYPES = %w[secret_detection].freeze
     DEFAULT_FILE_NAMES = {
       archive: nil,
       metadata: nil,
@@ -150,6 +152,14 @@ module Ci
       with_file_types(REPORT_TYPES.keys.map(&:to_s))
     end
 
+    scope :sast_reports, -> do
+      with_file_types(SAST_REPORT_TYPES)
+    end
+
+    scope :secret_detection_reports, -> do
+      with_file_types(SECRET_DETECTION_REPORT_TYPES)
+    end
+
     scope :test_reports, -> do
       with_file_types(TEST_REPORT_FILE_TYPES)
     end
diff --git a/app/models/ci/pipeline.rb b/app/models/ci/pipeline.rb
index 54d7e92f782..58aaadd5d49 100644
--- a/app/models/ci/pipeline.rb
+++ b/app/models/ci/pipeline.rb
@@ -1219,6 +1219,16 @@ module Ci
       false
     end
 
+    def security_reports(report_types: [])
+      reports_scope = report_types.empty? ? ::Ci::JobArtifact.security_reports : ::Ci::JobArtifact.security_reports(file_types: report_types)
+
+      ::Gitlab::Ci::Reports::Security::Reports.new(self).tap do |security_reports|
+        latest_report_builds(reports_scope).each do |build|
+          build.collect_security_reports!(security_reports)
+        end
+      end
+    end
+
     private
 
     def add_message(severity, content)
diff --git a/app/models/merge_request.rb b/app/models/merge_request.rb
index e41781dce4f..5fad876d3fb 100644
--- a/app/models/merge_request.rb
+++ b/app/models/merge_request.rb
@@ -1554,6 +1554,26 @@ class MergeRequest < ApplicationRecord
     end || { status: :parsing }
   end
 
+  def has_sast_reports?
+    !!actual_head_pipeline&.has_reports?(::Ci::JobArtifact.sast_reports)
+  end
+
+  def has_secret_detection_reports?
+    !!actual_head_pipeline&.has_reports?(::Ci::JobArtifact.secret_detection_reports)
+  end
+
+  def compare_sast_reports(current_user)
+    return missing_report_error("SAST") unless has_sast_reports?
+
+    compare_reports(::Ci::CompareSecurityReportsService, current_user, 'sast')
+  end
+
+  def compare_secret_detection_reports(current_user)
+    return missing_report_error("secret detection") unless has_secret_detection_reports?
+
+    compare_reports(::Ci::CompareSecurityReportsService, current_user, 'secret_detection')
+  end
+
   def calculate_reactive_cache(identifier, current_user_id = nil, report_type = nil, *args)
     service_class = identifier.constantize
 
@@ -1799,8 +1819,19 @@ class MergeRequest < ApplicationRecord
     merge_request_reviewers.find_by(user_id: user.id)
   end
 
+  def enabled_reports
+    {
+      sast: report_type_enabled?(:sast),
+      secret_detection: report_type_enabled?(:secret_detection)
+    }
+  end
+
   private
 
+  def missing_report_error(report_type)
+    { status: :error, status_reason: "This merge request does not have #{report_type} reports" }
+  end
+
   def with_rebase_lock
     if Feature.enabled?(:merge_request_rebase_nowait_lock, default_enabled: true)
       with_retried_nowait_lock { yield }
@@ -1842,6 +1873,10 @@ class MergeRequest < ApplicationRecord
     key = Gitlab::Routing.url_helpers.cached_widget_project_json_merge_request_path(project, self, format: :json)
     Gitlab::EtagCaching::Store.new.touch(key)
   end
+
+  def report_type_enabled?(report_type)
+    !!actual_head_pipeline&.batch_lookup_report_artifact_for_file_type(report_type)
+  end
 end
 
 MergeRequest.prepend_if_ee('::EE::MergeRequest')
diff --git a/app/serializers/merge_request_widget_entity.rb b/app/serializers/merge_request_widget_entity.rb
index ca4e16bc5ff..560dd2ea08b 100644
--- a/app/serializers/merge_request_widget_entity.rb
+++ b/app/serializers/merge_request_widget_entity.rb
@@ -133,6 +133,10 @@ class MergeRequestWidgetEntity < Grape::Entity
     help_page_path('user/application_security/index.md', anchor: 'viewing-security-scan-information-in-merge-requests')
   end
 
+  expose :enabled_reports do |merge_request|
+    merge_request.enabled_reports
+  end
+
   private
 
   delegate :current_user, to: :request
diff --git a/app/views/groups/settings/packages_and_registries/index.html.haml b/app/views/groups/settings/packages_and_registries/index.html.haml
index b6bd16d51a6..1a12ad4902b 100644
--- a/app/views/groups/settings/packages_and_registries/index.html.haml
+++ b/app/views/groups/settings/packages_and_registries/index.html.haml
@@ -2,4 +2,4 @@
 - page_title _('Packages & Registries')
 - @content_class = 'limit-container-width' unless fluid_layout
 
-%section#js-packages-and-registries-settings{ data: { default_expanded: expanded_by_default?.to_s, group_path: @group.path } }
+%section#js-packages-and-registries-settings{ data: { default_expanded: expanded_by_default?.to_s, group_path: @group.full_path } }
diff --git a/app/views/projects/commit/show.html.haml b/app/views/projects/commit/show.html.haml
index afe97a06400..5652b503a6d 100644
--- a/app/views/projects/commit/show.html.haml
+++ b/app/views/projects/commit/show.html.haml
@@ -12,7 +12,7 @@
 .container-fluid{ class: [limited_container_width, container_class] }
   = render "commit_box"
   = render "ci_menu"
-  = render "projects/diffs/diffs", diffs: @diffs, environment: @environment, diff_page_context: "is-commit"
+  = render "projects/diffs/diffs", diffs: @diffs, environment: @environment, diff_page_context: "is-commit", paginate_diffs: true
 
   .limited-width-notes
     = render "shared/notes/notes_with_form", :autocomplete => true
diff --git a/app/views/projects/diffs/_diffs.html.haml b/app/views/projects/diffs/_diffs.html.haml
index 8364311796f..2f533b5848d 100644
--- a/app/views/projects/diffs/_diffs.html.haml
+++ b/app/views/projects/diffs/_diffs.html.haml
@@ -1,9 +1,10 @@
 - environment = local_assigns.fetch(:environment, nil)
 - show_whitespace_toggle = local_assigns.fetch(:show_whitespace_toggle, true)
 - can_create_note = !@diff_notes_disabled && can?(current_user, :create_note, diffs.project)
-- diff_files = diffs.diff_files
 - diff_page_context = local_assigns.fetch(:diff_page_context, nil)
 - load_diff_files_async = Feature.enabled?(:async_commit_diff_files, @project) && diff_page_context == "is-commit"
+- paginate_diffs = local_assigns.fetch(:paginate_diffs, false) && !load_diff_files_async && Feature.enabled?(:paginate_commit_view, @project, type: :development)
+- diff_files = conditionally_paginate_diff_files(diffs, paginate: paginate_diffs)
 
 .content-block.oneline-block.files-changed.diff-files-changed.js-diff-files-changed
   .files-changed-inner
@@ -27,7 +28,6 @@
 - if render_overflow_warning?(diffs)
   = render 'projects/diffs/warning', diff_files: diffs
 
-
 .files{ data: { can_create_note: can_create_note } }
   - if load_diff_files_async
     - url = url_for(safe_params.merge(action: 'diff_files'))
@@ -36,3 +36,6 @@
         %span.spinner.spinner-md
   - else
     = render partial: 'projects/diffs/file', collection: diff_files, as: :diff_file, locals: { project: diffs.project, environment: environment, diff_page_context: diff_page_context }
+
+    - if paginate_diffs
+      = paginate(diff_files, theme: "gitlab")
author	GitLab Bot <gitlab-bot@gitlab.com>	2021-02-10 12:09:38 +0300
committer	GitLab Bot <gitlab-bot@gitlab.com>	2021-02-10 12:09:38 +0300
commit	b6e10aaed70a798a57a40987b3aafcbb5b2a1f78 (patch)
tree	91272a06b09f5bc31252f7fc02ac96b92e81bcf6 /app
parent	a4f3904124120f62c8be87142de87a0ed2b7f352 (diff)