Add latest changes from gitlab-org/gitlab@master

author: GitLab Bot <gitlab-bot@gitlab.com> 2022-10-18 12:11:01 +0300
committer: GitLab Bot <gitlab-bot@gitlab.com> 2022-10-18 12:11:01 +0300
commit: 7bbc9509dc0567d2a2d8314e99179aaad33ba361 (patch)
tree: baa7501af6efe7a0f2f6e20f683e9da39fa96607 /lib
parent: f6d22c8ba7c3f900a3843b1336e2ade1d8d90c1f (diff)
10 files changed, 23 insertions, 37 deletions
diff --git a/lib/api/ci/variables.rb b/lib/api/ci/variables.rb
index f9707960b9d..c9e1d115d03 100644
--- a/lib/api/ci/variables.rb
+++ b/lib/api/ci/variables.rb
@@ -33,6 +33,9 @@ module API
         end
         params do
           requires :key, type: String, desc: 'The key of the variable'
+          optional :filter, type: Hash, desc: 'Available filters: [environment_scope]. Example: filter[environment_scope]=production' do
+            optional :environment_scope, type: String, desc: 'The environment scope of the variable'
+          end
         end
         # rubocop: disable CodeReuse/ActiveRecord
         get ':id/variables/:key', urgency: :low do
@@ -78,7 +81,9 @@ module API
           optional :masked, type: Boolean, desc: 'Whether the variable is masked'
           optional :variable_type, type: String, values: ::Ci::Variable.variable_types.keys, desc: 'The type of variable, must be one of env_var or file'
           optional :environment_scope, type: String, desc: 'The environment_scope of the variable'
-          optional :filter, type: Hash, desc: 'Available filters: [environment_scope]. Example: filter[environment_scope]=production'
+          optional :filter, type: Hash, desc: 'Available filters: [environment_scope]. Example: filter[environment_scope]=production' do
+            optional :environment_scope, type: String, desc: 'The environment scope of the variable'
+          end
         end
         # rubocop: disable CodeReuse/ActiveRecord
         put ':id/variables/:key' do
@@ -104,7 +109,9 @@ module API
         end
         params do
           requires :key, type: String, desc: 'The key of the variable'
-          optional :filter, type: Hash, desc: 'Available filters: [environment_scope]. Example: filter[environment_scope]=production'
+          optional :filter, type: Hash, desc: 'Available filters: [environment_scope]. Example: filter[environment_scope]=production' do
+            optional :environment_scope, type: String, desc: 'The environment scope of the variable'
+          end
         end
         # rubocop: disable CodeReuse/ActiveRecord
         delete ':id/variables/:key' do
diff --git a/lib/api/helpers.rb b/lib/api/helpers.rb
index bf1da849cf1..0eb4fbb196c 100644
--- a/lib/api/helpers.rb
+++ b/lib/api/helpers.rb
@@ -287,22 +287,11 @@ module API
     end
 
     def authenticate_by_gitlab_shell_token!
-      if Feature.enabled?(:gitlab_shell_jwt_token)
-        begin
-          payload, _ = JSONWebToken::HMACToken.decode(headers[GITLAB_SHELL_API_HEADER], secret_token)
-          unauthorized! unless payload['iss'] == GITLAB_SHELL_JWT_ISSUER
-        rescue JWT::DecodeError, JWT::ExpiredSignature, JWT::ImmatureSignature => ex
-          Gitlab::ErrorTracking.track_exception(ex)
-          unauthorized!
-        end
-      else
-        input = params['secret_token']
-        input ||= Base64.decode64(headers[GITLAB_SHARED_SECRET_HEADER]) if headers.key?(GITLAB_SHARED_SECRET_HEADER)
-
-        input&.chomp!
-
-        unauthorized! unless Devise.secure_compare(secret_token, input)
-      end
+      payload, _ = JSONWebToken::HMACToken.decode(headers[GITLAB_SHELL_API_HEADER], secret_token)
+      unauthorized! unless payload['iss'] == GITLAB_SHELL_JWT_ISSUER
+    rescue JWT::DecodeError, JWT::ExpiredSignature, JWT::ImmatureSignature => ex
+      Gitlab::ErrorTracking.track_exception(ex)
+      unauthorized!
     end
 
     def authenticated_with_can_read_all_resources!
diff --git a/lib/api/projects.rb b/lib/api/projects.rb
index 8c58cc585d8..bb97f4fa7ce 100644
--- a/lib/api/projects.rb
+++ b/lib/api/projects.rb
@@ -375,7 +375,7 @@ module API
         optional :name, type: String, desc: 'The name that will be assigned to the fork'
         optional :description, type: String, desc: 'The description that will be assigned to the fork'
         optional :visibility, type: String, values: Gitlab::VisibilityLevel.string_values, desc: 'The visibility of the fork'
-        optional :mr_default_target_self, Boolean, desc: 'Merge requests of this forked project targets itself by default'
+        optional :mr_default_target_self, type: Boolean, desc: 'Merge requests of this forked project targets itself by default'
       end
       post ':id/fork', feature_category: :source_code_management do
         Gitlab::QueryLimiting.disable!('https://gitlab.com/gitlab-org/gitlab/-/issues/20759')
diff --git a/lib/api/settings.rb b/lib/api/settings.rb
index f393f862f55..8c8b6c0a1ba 100644
--- a/lib/api/settings.rb
+++ b/lib/api/settings.rb
@@ -132,7 +132,7 @@ module API
         requires :recaptcha_private_key, type: String, desc: 'Generate private key at http://www.google.com/recaptcha'
       end
       optional :repository_checks_enabled, type: Boolean, desc: "GitLab will periodically run 'git fsck' in all project and wiki repositories to look for silent disk corruption issues."
-      optional :repository_storages_weighted, type: Hash, coerce_with: Validations::Types::HashOfIntegerValues.coerce, desc: 'Storage paths for new projects with a weighted value ranging from 0 to 100'
+      optional :repository_storages_weighted, type: Hash, coerce_with: Validations::Types::HashOfIntegerValues.coerce, desc: 'Storage paths for new projects with a weighted value ranging from 0 to 100', documentation: { type: 'Object', additional_properties: Integer }
       optional :require_two_factor_authentication, type: Boolean, desc: 'Require all users to set up Two-factor authentication'
       given require_two_factor_authentication: ->(val) { val } do
         requires :two_factor_grace_period, type: Integer, desc: 'Amount of time (in hours) that users are allowed to skip forced configuration of two-factor authentication'
diff --git a/lib/api/users.rb b/lib/api/users.rb
index 0654c6540f6..7f44e46f1ca 100644
--- a/lib/api/users.rb
+++ b/lib/api/users.rb
@@ -56,7 +56,7 @@ module API
           optional :admin, type: Boolean, desc: 'Flag indicating the user is an administrator'
           optional :can_create_group, type: Boolean, desc: 'Flag indicating the user can create groups'
           optional :external, type: Boolean, desc: 'Flag indicating the user is an external user'
-          optional :avatar, type: ::API::Validations::Types::WorkhorseFile, desc: 'Avatar image for user'
+          optional :avatar, type: ::API::Validations::Types::WorkhorseFile, desc: 'Avatar image for user', documentation: { type: 'file' }
           optional :theme_id, type: Integer, desc: 'The GitLab theme for the user'
           optional :color_scheme_id, type: Integer, desc: 'The color scheme for the file viewer'
           optional :private_profile, type: Boolean, desc: 'Flag indicating the user has a private profile'
@@ -890,7 +890,7 @@ module API
           params do
             requires :name, type: String, desc: 'The name of the impersonation token'
             optional :expires_at, type: Date, desc: 'The expiration date in the format YEAR-MONTH-DAY of the impersonation token'
-            optional :scopes, type: Array, desc: 'The array of scopes of the impersonation token'
+            optional :scopes, type: Array[String], coerce_with: ::API::Validations::Types::CommaSeparatedToArray.coerce, desc: 'The array of scopes of the impersonation token'
           end
           post feature_category: :authentication_and_authorization do
             impersonation_token = finder.build(declared_params(include_missing: false))
diff --git a/lib/api/wikis.rb b/lib/api/wikis.rb
index 082be1f7e11..bb8ad5c4285 100644
--- a/lib/api/wikis.rb
+++ b/lib/api/wikis.rb
@@ -133,7 +133,7 @@ module API
           success Entities::WikiAttachment
         end
         params do
-          requires :file, types: [Rack::Multipart::UploadedFile, ::API::Validations::Types::WorkhorseFile], desc: 'The attachment file to be uploaded'
+          requires :file, types: [Rack::Multipart::UploadedFile, ::API::Validations::Types::WorkhorseFile], desc: 'The attachment file to be uploaded', documentation: { type: 'file' }
           optional :branch, type: String, desc: 'The name of the branch'
         end
         post ":id/wikis/attachments" do
diff --git a/lib/gitlab/auth/o_auth/user.rb b/lib/gitlab/auth/o_auth/user.rb
index 1fed2b263da..26be7c8aa60 100644
--- a/lib/gitlab/auth/o_auth/user.rb
+++ b/lib/gitlab/auth/o_auth/user.rb
@@ -217,11 +217,7 @@ module Gitlab
 
         def build_new_user(skip_confirmation: true)
           user_params = user_attributes.merge(skip_confirmation: skip_confirmation)
-          new_user = Users::AuthorizedBuildService.new(nil, user_params).execute
-
-          persist_accepted_terms_if_required(new_user)
-
-          new_user
+          Users::AuthorizedBuildService.new(nil, user_params).execute
         end
 
         def user_attributes
@@ -249,15 +245,6 @@ module Gitlab
           }
         end
 
-        def persist_accepted_terms_if_required(new_user)
-          if Feature.enabled?(:update_oauth_registration_flow) &&
-            Gitlab::CurrentSettings.current_application_settings.enforce_terms?
-
-            terms = ApplicationSetting::Term.latest
-            Users::RespondToTermsService.new(new_user, terms).execute(accepted: true)
-          end
-        end
-
         def sync_profile_from_provider?
           Gitlab::Auth::OAuth::Provider.sync_profile_from_provider?(auth_hash.provider)
         end
diff --git a/lib/gitlab/ci/templates/Pages/Brunch.gitlab-ci.yml b/lib/gitlab/ci/templates/Pages/Brunch.gitlab-ci.yml
index 55cf22b6601..51d2273d41d 100644
--- a/lib/gitlab/ci/templates/Pages/Brunch.gitlab-ci.yml
+++ b/lib/gitlab/ci/templates/Pages/Brunch.gitlab-ci.yml
@@ -18,3 +18,4 @@ pages:
       - public
   rules:
     - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
+  environment: production
diff --git a/lib/gitlab/ci/templates/Pages/Jigsaw.gitlab-ci.yml b/lib/gitlab/ci/templates/Pages/Jigsaw.gitlab-ci.yml
index 26fac92d0dc..ad083fcc5db 100644
--- a/lib/gitlab/ci/templates/Pages/Jigsaw.gitlab-ci.yml
+++ b/lib/gitlab/ci/templates/Pages/Jigsaw.gitlab-ci.yml
@@ -40,3 +40,4 @@ pages:
       - public
   rules:
     - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
+  environment: production
diff --git a/lib/gitlab/ci/templates/Pages/SwaggerUI.gitlab-ci.yml b/lib/gitlab/ci/templates/Pages/SwaggerUI.gitlab-ci.yml
index 961941ac4d0..00efcfa1b32 100644
--- a/lib/gitlab/ci/templates/Pages/SwaggerUI.gitlab-ci.yml
+++ b/lib/gitlab/ci/templates/Pages/SwaggerUI.gitlab-ci.yml
@@ -32,3 +32,4 @@ pages:
       - public
   rules:
     - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
+  environment: production
author	GitLab Bot <gitlab-bot@gitlab.com>	2022-10-18 12:11:01 +0300
committer	GitLab Bot <gitlab-bot@gitlab.com>	2022-10-18 12:11:01 +0300
commit	7bbc9509dc0567d2a2d8314e99179aaad33ba361 (patch)
tree	baa7501af6efe7a0f2f6e20f683e9da39fa96607 /lib
parent	f6d22c8ba7c3f900a3843b1336e2ade1d8d90c1f (diff)