Add latest changes from gitlab-org/gitlab@16-0-stable-eev16.0.0-rc42

author: GitLab Bot <gitlab-bot@gitlab.com> 2023-05-17 19:05:49 +0300
committer: GitLab Bot <gitlab-bot@gitlab.com> 2023-05-17 19:05:49 +0300
commit: 43a25d93ebdabea52f99b05e15b06250cd8f07d7 (patch)
tree: dceebdc68925362117480a5d672bcff122fb625b /lib/api/entities
parent: 20c84b99005abd1c82101dfeff264ac50d2df211 (diff)
20 files changed, 133 insertions, 53 deletions
diff --git a/lib/api/entities/application_setting.rb b/lib/api/entities/application_setting.rb
index 8aace9126d6..91dae5ab825 100644
--- a/lib/api/entities/application_setting.rb
+++ b/lib/api/entities/application_setting.rb
@@ -24,6 +24,7 @@ module API
       expose(:default_project_visibility) { |setting, _options| Gitlab::VisibilityLevel.string_level(setting.default_project_visibility) }
       expose(:default_snippet_visibility) { |setting, _options| Gitlab::VisibilityLevel.string_level(setting.default_snippet_visibility) }
       expose(:default_group_visibility) { |setting, _options| Gitlab::VisibilityLevel.string_level(setting.default_group_visibility) }
+      expose(:valid_runner_registrars) { |setting, _options| setting.valid_runner_registrars }
 
       expose(*::ApplicationSettingsHelper.external_authorization_service_attributes)
 
diff --git a/lib/api/entities/application_with_secret.rb b/lib/api/entities/application_with_secret.rb
index 1d0acee8624..5679ab4253d 100644
--- a/lib/api/entities/application_with_secret.rb
+++ b/lib/api/entities/application_with_secret.rb
@@ -4,8 +4,12 @@ module API
   module Entities
     # Use with care, this exposes the secret
     class ApplicationWithSecret < Entities::Application
-      expose :secret, documentation: { type: 'string',
-                                       example: 'ee1dd64b6adc89cf7e2c23099301ccc2c61b441064e9324d963c46902a85ec34' }
+      expose :secret, documentation: {
+        type: 'string',
+        example: 'ee1dd64b6adc89cf7e2c23099301ccc2c61b441064e9324d963c46902a85ec34'
+      } do |application, _options|
+        application.plaintext_secret
+      end
     end
   end
 end
diff --git a/lib/api/entities/ci/job_request/cache.rb b/lib/api/entities/ci/job_request/cache.rb
index 9820719b4f0..9be2b4c34ce 100644
--- a/lib/api/entities/ci/job_request/cache.rb
+++ b/lib/api/entities/ci/job_request/cache.rb
@@ -5,7 +5,7 @@ module API
     module Ci
       module JobRequest
         class Cache < Grape::Entity
-          expose :key, :untracked, :paths, :policy, :when
+          expose :key, :untracked, :paths, :policy, :when, :fallback_keys
         end
       end
     end
diff --git a/lib/api/entities/ci/job_request/response.rb b/lib/api/entities/ci/job_request/response.rb
index cfdbeed79b6..e07bba1e850 100644
--- a/lib/api/entities/ci/job_request/response.rb
+++ b/lib/api/entities/ci/job_request/response.rb
@@ -23,9 +23,7 @@ module API
 
           expose :runner_variables, as: :variables
           expose :steps, using: Entities::Ci::JobRequest::Step
-          expose :runtime_hooks, as: :hooks,
-                                 using: Entities::Ci::JobRequest::Hook,
-                                 if: ->(job) { ::Feature.enabled?(:ci_hooks_pre_get_sources_script, job.project) }
+          expose :runtime_hooks, as: :hooks, using: Entities::Ci::JobRequest::Hook
           expose :image, using: Entities::Ci::JobRequest::Image
           expose :services, using: Entities::Ci::JobRequest::Service
           expose :artifacts, using: Entities::Ci::JobRequest::Artifacts
diff --git a/lib/api/entities/ci/pipeline_basic_with_metadata.rb b/lib/api/entities/ci/pipeline_basic_with_metadata.rb
new file mode 100644
index 00000000000..4eeba3aec41
--- /dev/null
+++ b/lib/api/entities/ci/pipeline_basic_with_metadata.rb
@@ -0,0 +1,13 @@
+# frozen_string_literal: true
+
+module API
+  module Entities
+    module Ci
+      class PipelineBasicWithMetadata < PipelineBasic
+        expose :name,
+          documentation: { type: 'string', example: 'Build pipeline' },
+          if: ->(pipeline, _) { ::Feature.enabled?(:pipeline_name_in_api, pipeline.project) }
+      end
+    end
+  end
+end
diff --git a/lib/api/entities/ci/pipeline_with_metadata.rb b/lib/api/entities/ci/pipeline_with_metadata.rb
new file mode 100644
index 00000000000..a8b1d81a053
--- /dev/null
+++ b/lib/api/entities/ci/pipeline_with_metadata.rb
@@ -0,0 +1,13 @@
+# frozen_string_literal: true
+
+module API
+  module Entities
+    module Ci
+      class PipelineWithMetadata < Pipeline
+        expose :name,
+          documentation: { type: 'string', example: 'Build pipeline' },
+          if: ->(pipeline, _) { ::Feature.enabled?(:pipeline_name_in_api, pipeline.project) }
+      end
+    end
+  end
+end
diff --git a/lib/api/entities/ci/secure_file.rb b/lib/api/entities/ci/secure_file.rb
index bf8d2776db1..614fd49aa30 100644
--- a/lib/api/entities/ci/secure_file.rb
+++ b/lib/api/entities/ci/secure_file.rb
@@ -10,7 +10,7 @@ module API
 documentation: { type: 'string', example: '16630b189ab34b2e3504f4758e1054d2e478deda510b2b08cc0ef38d12e80aac' }
         expose :checksum_algorithm, documentation: { type: 'string', example: 'sha256' }
         expose :created_at, documentation: { type: 'dateTime', example: '2022-02-22T22:22:22.222Z' }
-        expose :expires_at, documentation: { type: 'dateTime', example: '2022-09-21T14:56:00.000Z' }
+        expose :expires_at, documentation: { type: 'dateTime', example: '2023-09-21T14:55:59.000Z' }
         expose :metadata, documentation: { type: 'Hash', example: { "id" => "75949910542696343243264405377658443914" } }
         expose :file_extension, documentation: { type: 'string', example: 'jks' }
       end
diff --git a/lib/api/entities/clusters/agent_authorization.rb b/lib/api/entities/clusters/agent_authorization.rb
deleted file mode 100644
index 7bbe0f1ec45..00000000000
--- a/lib/api/entities/clusters/agent_authorization.rb
+++ /dev/null
@@ -1,13 +0,0 @@
-# frozen_string_literal: true
-
-module API
-  module Entities
-    module Clusters
-      class AgentAuthorization < Grape::Entity
-        expose :agent_id, as: :id
-        expose :config_project, with: Entities::ProjectIdentity
-        expose :config, as: :configuration
-      end
-    end
-  end
-end
diff --git a/lib/api/entities/clusters/agents/authorizations/ci_access.rb b/lib/api/entities/clusters/agents/authorizations/ci_access.rb
new file mode 100644
index 00000000000..2eefc4361b1
--- /dev/null
+++ b/lib/api/entities/clusters/agents/authorizations/ci_access.rb
@@ -0,0 +1,17 @@
+# frozen_string_literal: true
+
+module API
+  module Entities
+    module Clusters
+      module Agents
+        module Authorizations
+          class CiAccess < Grape::Entity
+            expose :agent_id, as: :id
+            expose :config_project, with: Entities::ProjectIdentity
+            expose :config, as: :configuration
+          end
+        end
+      end
+    end
+  end
+end
diff --git a/lib/api/entities/internal/pages/lookup_path.rb b/lib/api/entities/internal/pages/lookup_path.rb
index 1bf94f74fb4..3d16864e587 100644
--- a/lib/api/entities/internal/pages/lookup_path.rb
+++ b/lib/api/entities/internal/pages/lookup_path.rb
@@ -5,8 +5,13 @@ module API
     module Internal
       module Pages
         class LookupPath < Grape::Entity
-          expose :project_id, :access_control,
-            :source, :https_only, :prefix
+          expose :access_control,
+            :https_only,
+            :prefix,
+            :project_id,
+            :source,
+            :unique_host,
+            :root_directory
         end
       end
     end
diff --git a/lib/api/entities/merge_request_basic.rb b/lib/api/entities/merge_request_basic.rb
index 16afc6c1f6a..f796aeba17f 100644
--- a/lib/api/entities/merge_request_basic.rb
+++ b/lib/api/entities/merge_request_basic.rb
@@ -55,7 +55,10 @@ module API
       #
       # For list endpoints, we skip the recheck by default, since it's expensive
       expose :merge_status do |merge_request, options|
-        merge_request.check_mergeability(async: true) unless options[:skip_merge_status_recheck]
+        if !options[:skip_merge_status_recheck] && can_check_mergeability?(merge_request.project)
+          merge_request.check_mergeability(async: true)
+        end
+
         merge_request.public_merge_status
       end
       expose :detailed_merge_status
@@ -101,6 +104,12 @@ module API
       def detailed_merge_status
         ::MergeRequests::Mergeability::DetailedMergeStatusService.new(merge_request: object).execute
       end
+
+      def can_check_mergeability?(project)
+        return true if ::Feature.disabled?(:restrict_merge_status_recheck, project)
+
+        Ability.allowed?(options[:current_user], :update_merge_request, project)
+      end
     end
   end
 end
diff --git a/lib/api/entities/ml/mlflow/run_info.rb b/lib/api/entities/ml/mlflow/run_info.rb
index 60e4416e011..6133b3a9d4b 100644
--- a/lib/api/entities/ml/mlflow/run_info.rb
+++ b/lib/api/entities/ml/mlflow/run_info.rb
@@ -19,7 +19,7 @@ module API
           private
 
           def run_id
-            object.iid.to_s
+            object.eid.to_s
           end
         end
       end
diff --git a/lib/api/entities/note.rb b/lib/api/entities/note.rb
index a92f534bbdc..cac4a8280e3 100644
--- a/lib/api/entities/note.rb
+++ b/lib/api/entities/note.rb
@@ -14,6 +14,7 @@ module API
       expose :created_at, :updated_at
       expose :system?, as: :system
       expose :noteable_id, :noteable_type
+      expose :project_id
       expose :commit_id, if: ->(note, options) { note.noteable_type == "MergeRequest" && note.is_a?(DiffNote) }
 
       expose :position, if: ->(note, options) { note.is_a?(DiffNote) } do |note|
diff --git a/lib/api/entities/plan_limit.rb b/lib/api/entities/plan_limit.rb
index d69be0077f2..b5cff2bb73c 100644
--- a/lib/api/entities/plan_limit.rb
+++ b/lib/api/entities/plan_limit.rb
@@ -5,7 +5,6 @@ module API
     class PlanLimit < Grape::Entity
       expose :ci_pipeline_size, documentation: { type: 'integer', example: 0 }
       expose :ci_active_jobs, documentation: { type: 'integer', example: 0 }
-      expose :ci_active_pipelines, documentation: { type: 'integer', example: 0 }
       expose :ci_project_subscriptions, documentation: { type: 'integer', example: 2 }
       expose :ci_pipeline_schedules, documentation: { type: 'integer', example: 10 }
       expose :ci_needs_size_limit, documentation: { type: 'integer', example: 50 }
diff --git a/lib/api/entities/project.rb b/lib/api/entities/project.rb
index fcb7ddb9567..61feacd6586 100644
--- a/lib/api/entities/project.rb
+++ b/lib/api/entities/project.rb
@@ -76,7 +76,6 @@ module API
       expose(:builds_access_level, documentation: { type: 'string', example: 'enabled' }) { |project, options| project_feature_string_access_level(project, :builds) }
       expose(:snippets_access_level, documentation: { type: 'string', example: 'enabled' }) { |project, options| project_feature_string_access_level(project, :snippets) }
       expose(:pages_access_level, documentation: { type: 'string', example: 'enabled' }) { |project, options| project_feature_string_access_level(project, :pages) }
-      expose(:operations_access_level, documentation: { type: 'string', example: 'enabled' }) { |project, options| project_feature_string_access_level(project, :operations) }
       expose(:analytics_access_level, documentation: { type: 'string', example: 'enabled' }) { |project, options| project_feature_string_access_level(project, :analytics) }
       expose(:container_registry_access_level, documentation: { type: 'string', example: 'enabled' }) { |project, options| project_feature_string_access_level(project, :container_registry) }
       expose(:security_and_compliance_access_level, documentation: { type: 'string', example: 'enabled' }) { |project, options| project_feature_string_access_level(project, :security_and_compliance) }
@@ -88,7 +87,6 @@ module API
 
       expose :emails_disabled, documentation: { type: 'boolean' }
       expose :shared_runners_enabled, documentation: { type: 'boolean' }
-      expose :group_runners_enabled, documentation: { type: 'boolean' }
       expose :lfs_enabled?, as: :lfs_enabled, documentation: { type: 'boolean' }
       expose :creator_id, documentation: { type: 'integer', example: 1 }
       expose :forked_from_project, using: Entities::BasicProjectDetails, if: ->(project, options) do
@@ -104,30 +102,44 @@ module API
       expose :import_error, documentation: { type: 'string', example: 'Import error' }, if: lambda { |_project, options| options[:user_can_admin_project] } do |project|
         project.import_state&.last_error
       end
-
       expose :open_issues_count, documentation: { type: 'integer', example: 1 }, if: lambda { |project, options| project.feature_available?(:issues, options[:current_user]) }
-      expose :runners_token, documentation: { type: 'string', example: 'b8547b1dc37721d05889db52fa2f02' }, if: lambda { |_project, options| options[:user_can_admin_project] }
-      expose :ci_default_git_depth, documentation: { type: 'integer', example: 20 }
-      expose :ci_forward_deployment_enabled, documentation: { type: 'boolean' }
-      expose(:ci_job_token_scope_enabled, documentation: { type: 'boolean' }) { |p, _| p.ci_outbound_job_token_scope_enabled? }
-      expose :ci_separated_caches, documentation: { type: 'boolean' }
-      expose :ci_opt_in_jwt, documentation: { type: 'boolean' }
-      expose :ci_allow_fork_pipelines_to_run_in_parent_project, documentation: { type: 'boolean' }
-      expose :public_builds, as: :public_jobs, documentation: { type: 'boolean' }
-      expose :build_git_strategy, documentation: { type: 'string', example: 'fetch' }, if: lambda { |project, options| options[:user_can_admin_project] } do |project, options|
-        project.build_allow_git_fetch ? 'fetch' : 'clone'
+      expose :description_html, documentation: { type: 'string' }
+      expose :updated_at, documentation: { type: 'dateTime', example: '2020-05-07T04:27:17.016Z' }
+
+      with_options if: ->(_, _) { Ability.allowed?(options[:current_user], :admin_project, project) } do
+        # CI/CD Settings
+        expose :ci_default_git_depth, documentation: { type: 'integer', example: 20 }
+        expose :ci_forward_deployment_enabled, documentation: { type: 'boolean' }
+        expose(:ci_job_token_scope_enabled, documentation: { type: 'boolean' }) { |p, _| p.ci_outbound_job_token_scope_enabled? }
+        expose :ci_separated_caches, documentation: { type: 'boolean' }
+        expose :ci_allow_fork_pipelines_to_run_in_parent_project, documentation: { type: 'boolean' }
+        expose :build_git_strategy, documentation: { type: 'string', example: 'fetch' } do |project, options|
+          project.build_allow_git_fetch ? 'fetch' : 'clone'
+        end
+        expose :keep_latest_artifacts_available?, as: :keep_latest_artifact, documentation: { type: 'boolean' }
+        expose :restrict_user_defined_variables, documentation: { type: 'boolean' }
+        expose :runners_token, documentation: { type: 'string', example: 'b8547b1dc37721d05889db52fa2f02' }
+        expose :runner_token_expiration_interval, documentation: { type: 'integer', example: 3600 }
+        expose :group_runners_enabled, documentation: { type: 'boolean' }
+        expose :auto_cancel_pending_pipelines, documentation: { type: 'string', example: 'enabled' }
+        expose :build_timeout, documentation: { type: 'integer', example: 3600 }
+        expose :auto_devops_enabled?, as: :auto_devops_enabled, documentation: { type: 'boolean' }
+        expose :auto_devops_deploy_strategy, documentation: { type: 'string', example: 'continuous' } do |project, options|
+          project.auto_devops.nil? ? 'continuous' : project.auto_devops.deploy_strategy
+        end
       end
-      expose :build_timeout, documentation: { type: 'integer', example: 3600 }
-      expose :auto_cancel_pending_pipelines, documentation: { type: 'string', example: 'enabled' }
+
       expose :ci_config_path, documentation: { type: 'string', example: '' }, if: -> (project, options) { Ability.allowed?(options[:current_user], :read_code, project) }
+      expose :public_builds, as: :public_jobs, documentation: { type: 'boolean' }
+
       expose :shared_with_groups, documentation: { is_array: true } do |project, options|
         user = options[:current_user]
 
         SharedGroupWithProject.represent(project.visible_group_links(for_user: user), options)
       end
+
       expose :only_allow_merge_if_pipeline_succeeds, documentation: { type: 'boolean' }
       expose :allow_merge_on_skipped_pipeline, documentation: { type: 'boolean' }
-      expose :restrict_user_defined_variables, documentation: { type: 'boolean' }
       expose :request_access_enabled, documentation: { type: 'boolean' }
       expose :only_allow_merge_if_all_discussions_are_resolved, documentation: { type: 'boolean' }
       expose :remove_source_branch_after_merge, documentation: { type: 'boolean' }
@@ -142,20 +154,15 @@ module API
       expose :statistics, using: 'API::Entities::ProjectStatistics', if: -> (project, options) {
         options[:statistics] && Ability.allowed?(options[:current_user], :read_statistics, project)
       }
-      expose :auto_devops_enabled?, as: :auto_devops_enabled, documentation: { type: 'boolean' }
-      expose :auto_devops_deploy_strategy, documentation: { type: 'string', example: 'continuous' } do |project, options|
-        project.auto_devops.nil? ? 'continuous' : project.auto_devops.deploy_strategy
-      end
+
       expose :autoclose_referenced_issues, documentation: { type: 'boolean' }
       expose :repository_storage, documentation: { type: 'string', example: 'default' }, if: ->(project, options) {
         Ability.allowed?(options[:current_user], :change_repository_storage, project)
       }
-      expose :keep_latest_artifacts_available?, as: :keep_latest_artifact, documentation: { type: 'boolean' }
-      expose :runner_token_expiration_interval, documentation: { type: 'integer', example: 3600 }
 
       # rubocop: disable CodeReuse/ActiveRecord
       def self.preload_resource(project)
-        ActiveRecord::Associations::Preloader.new.preload(project, project_group_links: { group: :route })
+        ActiveRecord::Associations::Preloader.new(records: [project], associations: { project_group_links: { group: :route } }).call
       end
 
       def self.preload_relation(projects_relation, options = {})
diff --git a/lib/api/entities/project_job_token_scope.rb b/lib/api/entities/project_job_token_scope.rb
new file mode 100644
index 00000000000..0954db3a2fc
--- /dev/null
+++ b/lib/api/entities/project_job_token_scope.rb
@@ -0,0 +1,14 @@
+# frozen_string_literal: true
+
+module API
+  module Entities
+    class ProjectJobTokenScope < Grape::Entity
+      expose(:inbound_enabled, documentation: { type: 'boolean' }) do |project, _|
+        project.ci_inbound_job_token_scope_enabled?
+      end
+      expose(:outbound_enabled, documentation: { type: 'boolean' }) do |project, _|
+        project.ci_outbound_job_token_scope_enabled?
+      end
+    end
+  end
+end
diff --git a/lib/api/entities/protected_ref_access.rb b/lib/api/entities/protected_ref_access.rb
index ba28c724448..28e0ef540d5 100644
--- a/lib/api/entities/protected_ref_access.rb
+++ b/lib/api/entities/protected_ref_access.rb
@@ -9,6 +9,8 @@ module API
         documentation: { type: 'string', example: 'Maintainers' } do |protected_ref_access|
           protected_ref_access.humanize
         end
+      expose :deploy_key_id, documentation: { type: 'integer', example: 1 },
+        if: ->(access) { access.has_attribute?(:deploy_key_id) && access.deploy_key_id }
     end
   end
 end
diff --git a/lib/api/entities/releases/link.rb b/lib/api/entities/releases/link.rb
index 534510ec7e6..0f49440d43b 100644
--- a/lib/api/entities/releases/link.rb
+++ b/lib/api/entities/releases/link.rb
@@ -18,7 +18,6 @@ module API
           } do |link|
           ::Releases::LinkPresenter.new(link).direct_asset_url
         end
-        expose :external?, documentation: { type: 'boolean' }, as: :external # @deprecated
         expose :link_type, documentation: { type: 'string', example: 'other' }
       end
     end
diff --git a/lib/api/entities/user.rb b/lib/api/entities/user.rb
index 884f0f75d7a..689996be7fc 100644
--- a/lib/api/entities/user.rb
+++ b/lib/api/entities/user.rb
@@ -5,6 +5,7 @@ module API
     class User < UserBasic
       include UsersHelper
       include TimeZoneHelper
+      include Gitlab::Utils::StrongMemoize
 
       expose :created_at, if: ->(user, opts) { Ability.allowed?(opts[:current_user], :read_user_profile, user) }
       expose :bio, :location, :public_email, :skype, :linkedin, :twitter, :discord, :website_url, :organization, :job_title, :pronouns
@@ -12,18 +13,28 @@ module API
       expose :work_information do |user|
         work_information(user)
       end
-      expose :followers, if: ->(user, opts) { Ability.allowed?(opts[:current_user], :read_user_profile, user) } do |user|
+      expose :followers, if: ->(user, opts) { Ability.allowed?(opts[:current_user], :read_user_profile, user) && following_users_allowed(opts[:current_user], user) } do |user|
         user.followers.size
       end
-      expose :following, if: ->(user, opts) { Ability.allowed?(opts[:current_user], :read_user_profile, user) } do |user|
+      expose :following, if: ->(user, opts) { Ability.allowed?(opts[:current_user], :read_user_profile, user) && following_users_allowed(opts[:current_user], user) } do |user|
         user.followees.size
       end
-      expose :is_followed, if: ->(user, opts) { Ability.allowed?(opts[:current_user], :read_user_profile, user) && opts[:current_user] } do |user, opts|
+      expose :is_followed, if: ->(user, opts) { Ability.allowed?(opts[:current_user], :read_user_profile, user) && opts[:current_user] && following_users_allowed(opts[:current_user], user) } do |user, opts|
         user.followed_by?(opts[:current_user])
       end
       expose :local_time do |user|
         local_time(user.timezone)
       end
+
+      def following_users_allowed(current_user, user)
+        strong_memoize(:following_users_allowed) do
+          if current_user
+            current_user.following_users_allowed?(user)
+          else
+            true
+          end
+        end
+      end
     end
   end
 end
diff --git a/lib/api/entities/user_preferences.rb b/lib/api/entities/user_preferences.rb
index ceee6c610d3..e66e83549b2 100644
--- a/lib/api/entities/user_preferences.rb
+++ b/lib/api/entities/user_preferences.rb
@@ -3,7 +3,7 @@
 module API
   module Entities
     class UserPreferences < Grape::Entity
-      expose :id, :user_id, :view_diffs_file_by_file, :show_whitespace_in_diffs
+      expose :id, :user_id, :view_diffs_file_by_file, :show_whitespace_in_diffs, :pass_user_identities_to_ci_jwt
     end
   end
 end
author	GitLab Bot <gitlab-bot@gitlab.com>	2023-05-17 19:05:49 +0300
committer	GitLab Bot <gitlab-bot@gitlab.com>	2023-05-17 19:05:49 +0300
commit	43a25d93ebdabea52f99b05e15b06250cd8f07d7 (patch)
tree	dceebdc68925362117480a5d672bcff122fb625b /lib/api/entities
parent	20c84b99005abd1c82101dfeff264ac50d2df211 (diff)