Add latest changes from gitlab-org/gitlab@master

13 files changed, 188 insertions, 197 deletions

diff --git a/lib/gitlab/bitbucket_server_import/importers/pull_request_importer.rb b/lib/gitlab/bitbucket_server_import/importers/pull_request_importer.rb
index 99f4adbe317..8fd602c851c 100644
--- a/lib/gitlab/bitbucket_server_import/importers/pull_request_importer.rb
+++ b/lib/gitlab/bitbucket_server_import/importers/pull_request_importer.rb
@@ -10,7 +10,7 @@ module Gitlab
           @project = project
           @formatter = Gitlab::ImportFormatter.new
           @user_finder = UserFinder.new(project)
-          @mentions_converter = Gitlab::BitbucketServerImport::MentionsConverter.new(project.id)
+          @mentions_converter = Gitlab::Import::MentionsConverter.new('bitbucket_server', project.id)
 
           # Object should behave as a object so we can remove object.is_a?(Hash) check
           # This will be fixed in https://gitlab.com/gitlab-org/gitlab/-/issues/412328
diff --git a/lib/gitlab/bitbucket_server_import/importers/pull_request_notes_importer.rb b/lib/gitlab/bitbucket_server_import/importers/pull_request_notes_importer.rb
index 19e5cdcbdc2..4b7c5568dd6 100644
--- a/lib/gitlab/bitbucket_server_import/importers/pull_request_notes_importer.rb
+++ b/lib/gitlab/bitbucket_server_import/importers/pull_request_notes_importer.rb
@@ -11,7 +11,7 @@ module Gitlab
           @project = project
           @user_finder = UserFinder.new(project)
           @formatter = Gitlab::ImportFormatter.new
-          @mentions_converter = Gitlab::BitbucketServerImport::MentionsConverter.new(project.id)
+          @mentions_converter = Gitlab::Import::MentionsConverter.new('bitbucket_server', project.id)
           @object = hash.with_indifferent_access
         end
 
diff --git a/lib/gitlab/bitbucket_server_import/importers/users_importer.rb b/lib/gitlab/bitbucket_server_import/importers/users_importer.rb
index 156d89c2732..8b0b059b397 100644
--- a/lib/gitlab/bitbucket_server_import/importers/users_importer.rb
+++ b/lib/gitlab/bitbucket_server_import/importers/users_importer.rb
@@ -5,7 +5,7 @@ module Gitlab
     module Importers
       class UsersImporter
         include Loggable
-        include UserFromMention
+        include Gitlab::Import::UserFromMention
 
         BATCH_SIZE = 100
 
@@ -46,7 +46,7 @@ module Gitlab
 
         def cache_users(users)
           users_hash = users.each_with_object({}) do |user, hash|
-            cache_key = source_user_cache_key(project_id, user.username)
+            cache_key = source_user_cache_key('bitbucket_server', project_id, user.username)
             hash[cache_key] = user.email
           end
 
diff --git a/lib/gitlab/checks/lfs_check.rb b/lib/gitlab/checks/lfs_check.rb
index 1d1d24c8fcc..f2c4b28470d 100644
--- a/lib/gitlab/checks/lfs_check.rb
+++ b/lib/gitlab/checks/lfs_check.rb
@@ -7,10 +7,6 @@ module Gitlab
       ERROR_MESSAGE = 'LFS objects are missing. Ensure LFS is properly set up or try a manual "git lfs push --all".'
 
       def validate!
-        # This feature flag is used for disabling integrity check on some envs
-        # because these costy calculations may cause performance issues
-        return unless Feature.enabled?(:lfs_check, project)
-
         return unless project.lfs_enabled?
 
         logger.log_timed(LOG_MESSAGE) do
diff --git a/lib/gitlab/bitbucket_server_import/mentions_converter.rb b/lib/gitlab/import/mentions_converter.rb
index 8b1eeb6e007..180a9f069e3 100644
--- a/lib/gitlab/bitbucket_server_import/mentions_converter.rb
+++ b/lib/gitlab/import/mentions_converter.rb
@@ -1,16 +1,17 @@
 # frozen_string_literal: true
 
 module Gitlab
-  module BitbucketServerImport
+  module Import
     class MentionsConverter
       include UserFromMention
 
       MENTIONS_REGEX = User.reference_pattern
       MENTION_PLACEHOLDER = '~GITLAB_MENTION_PLACEHOLDER~'
 
-      attr_reader :project_id
+      attr_reader :importer, :project_id
 
-      def initialize(project_id)
+      def initialize(importer, project_id)
+        @importer = importer
         @project_id = project_id
       end
 
diff --git a/lib/gitlab/bitbucket_server_import/user_from_mention.rb b/lib/gitlab/import/user_from_mention.rb
index 907db245760..9e3489f91b4 100644
--- a/lib/gitlab/bitbucket_server_import/user_from_mention.rb
+++ b/lib/gitlab/import/user_from_mention.rb
@@ -1,9 +1,9 @@
 # frozen_string_literal: true
 
 module Gitlab
-  module BitbucketServerImport
+  module Import
     module UserFromMention
-      SOURCE_USER_CACHE_KEY = 'bitbucket_server/project/%s/source/username/%s'
+      SOURCE_USER_CACHE_KEY = '%s/project/%s/source/username/%s'
 
       def user_from_cache(mention)
         cached_email = read(mention)
@@ -17,14 +17,14 @@ module Gitlab
         ::Gitlab::Cache::Import::Caching.write_multiple(hash, timeout: timeout)
       end
 
-      def source_user_cache_key(project_id, username)
-        format(SOURCE_USER_CACHE_KEY, project_id, username)
+      def source_user_cache_key(importer, project_id, username)
+        format(SOURCE_USER_CACHE_KEY, importer, project_id, username)
       end
 
       private
 
       def read(mention)
-        ::Gitlab::Cache::Import::Caching.read(source_user_cache_key(project_id, mention))
+        ::Gitlab::Cache::Import::Caching.read(source_user_cache_key(importer, project_id, mention))
       end
 
       def find_user(email)
diff --git a/lib/gitlab/observability.rb b/lib/gitlab/observability.rb
index d42d10cd0f4..9dd6632aeeb 100644
--- a/lib/gitlab/observability.rb
+++ b/lib/gitlab/observability.rb
@@ -25,8 +25,8 @@ module Gitlab
     def should_enable_observability_auth_scopes?(resource)
       # Enable the needed oauth scopes if tracing is enabled.
       if resource.is_a?(Group) || resource.is_a?(Project)
-        return Feature.enabled?(:observability_tracing,
-          resource.root_ancestor)
+        return Feature.enabled?(:observability_tracing, resource.root_ancestor) ||
+            Feature.enabled?(:observability_metrics, resource.root_ancestor)
       end
 
       false
diff --git a/lib/google_cloud_platform/artifact_registry/client.rb b/lib/google_cloud_platform/artifact_registry/client.rb
new file mode 100644
index 00000000000..f371a3ce9c7
--- /dev/null
+++ b/lib/google_cloud_platform/artifact_registry/client.rb
@@ -0,0 +1,57 @@
+# frozen_string_literal: true
+
+module GoogleCloudPlatform
+  module ArtifactRegistry
+    class Client < GoogleCloudPlatform::BaseClient
+      PAGE_SIZE = 10
+
+      def initialize(project:, user:, gcp_project_id:, gcp_location:, gcp_repository:, gcp_wlif:)
+        super(project: project, user: user)
+        @gcp_project_id = gcp_project_id
+        @gcp_location = gcp_location
+        @gcp_repository = gcp_repository
+        @gcp_wlif = gcp_wlif
+      end
+
+      def list_docker_images(page_token: nil)
+        url = list_docker_images_url
+        response = ::Gitlab::HTTP.get(
+          url,
+          headers: headers,
+          query: query_params(page_token: page_token),
+          format: :plain, # disable httparty json parsing
+          extra_allowed_uris: [URI(GLGO_BASE_URL)]
+        )
+
+        if response.success?
+          ::Gitlab::Json.parse(response.body, symbolize_keys: true)
+        else
+          {}
+        end
+      end
+
+      private
+
+      def list_docker_images_url
+        "#{GLGO_BASE_URL}/gcp/ar/" \
+          "projects/#{@gcp_project_id}/" \
+          "locations/#{@gcp_location}/" \
+          "repositories/#{@gcp_repository}/docker"
+      end
+
+      def query_params(page_token: nil)
+        {
+          page_token: page_token,
+          page_size: PAGE_SIZE
+        }.compact
+      end
+
+      def headers
+        jwt = encoded_jwt(wlif: @gcp_wlif)
+        {
+          'Authorization' => "Bearer #{jwt}"
+        }
+      end
+    end
+  end
+end
diff --git a/lib/google_cloud_platform/base_client.rb b/lib/google_cloud_platform/base_client.rb
new file mode 100644
index 00000000000..a1a13e1e0e9
--- /dev/null
+++ b/lib/google_cloud_platform/base_client.rb
@@ -0,0 +1,30 @@
+# frozen_string_literal: true
+
+module GoogleCloudPlatform
+  class BaseClient
+    GLGO_BASE_URL = if Gitlab.staging?
+                      'https://glgo.staging.runway.gitlab.net'
+                    else
+                      'https://glgo.runway.gitlab.net'
+                    end
+
+    def initialize(project:, user:)
+      @project = project
+      @user = user
+    end
+
+    private
+
+    def encoded_jwt(wlif:)
+      jwt = ::GoogleCloudPlatform::Jwt.new(
+        project: @project,
+        user: @user,
+        claims: {
+          audience: GLGO_BASE_URL,
+          wlif: wlif
+        }
+      )
+      jwt.encoded
+    end
+  end
+end
diff --git a/lib/google_cloud_platform/jwt.rb b/lib/google_cloud_platform/jwt.rb
new file mode 100644
index 00000000000..128dd5ae6f1
--- /dev/null
+++ b/lib/google_cloud_platform/jwt.rb
@@ -0,0 +1,86 @@
+# frozen_string_literal: true
+
+module GoogleCloudPlatform
+  class Jwt < ::JSONWebToken::RSAToken
+    extend ::Gitlab::Utils::Override
+
+    JWT_OPTIONS_ERROR = 'This jwt needs jwt claims audience and wlif to be set.'
+
+    NoSigningKeyError = Class.new(StandardError)
+
+    def initialize(project:, user:, claims:)
+      super
+
+      raise ArgumentError, JWT_OPTIONS_ERROR if claims[:audience].blank? || claims[:wlif].blank?
+
+      @claims = claims
+      @project = project
+      @user = user
+    end
+
+    def encoded
+      @custom_payload.merge!(custom_claims)
+
+      super
+    end
+
+    private
+
+    override :subject
+    def subject
+      "project_#{@project.id}_user_#{@user.id}"
+    end
+
+    override :key_data
+    def key_data
+      @key_data ||= begin
+        # TODO Feels strange to use the CI signing key but do
+        # we have a different signing key?
+        key_data = Gitlab::CurrentSettings.ci_jwt_signing_key
+
+        raise NoSigningKeyError unless key_data
+
+        key_data
+      end
+    end
+
+    def custom_claims
+      {
+        namespace_id: namespace.id.to_s,
+        namespace_path: namespace.full_path,
+        root_namespace_path: root_namespace.full_path,
+        root_namespace_id: root_namespace.id.to_s,
+        project_id: @project.id.to_s,
+        project_path: @project.full_path,
+        user_id: @user&.id.to_s,
+        user_login: @user&.username,
+        user_email: @user&.email,
+        wlif: @claims[:wlif]
+      }
+    end
+
+    def namespace
+      @project.namespace
+    end
+
+    def root_namespace
+      @project.root_namespace
+    end
+
+    override :issuer
+    def issuer
+      Feature.enabled?(:oidc_issuer_url) ? Gitlab.config.gitlab.url : Settings.gitlab.base_url
+    end
+
+    override :audience
+    def audience
+      @claims[:audience]
+    end
+
+    override :kid
+    def kid
+      rsa_key = OpenSSL::PKey::RSA.new(key_data)
+      rsa_key.public_key.to_jwk[:kid]
+    end
+  end
+end
diff --git a/lib/integrations/google_cloud_platform/artifact_registry/client.rb b/lib/integrations/google_cloud_platform/artifact_registry/client.rb
deleted file mode 100644
index 32e09821814..00000000000
--- a/lib/integrations/google_cloud_platform/artifact_registry/client.rb
+++ /dev/null
@@ -1,59 +0,0 @@
-# frozen_string_literal: true
-
-module Integrations
-  module GoogleCloudPlatform
-    module ArtifactRegistry
-      class Client < Integrations::GoogleCloudPlatform::BaseClient
-        PAGE_SIZE = 10
-
-        def initialize(project:, user:, gcp_project_id:, gcp_location:, gcp_repository:, gcp_wlif:)
-          super(project: project, user: user)
-          @gcp_project_id = gcp_project_id
-          @gcp_location = gcp_location
-          @gcp_repository = gcp_repository
-          @gcp_wlif = gcp_wlif
-        end
-
-        def list_docker_images(page_token: nil)
-          url = list_docker_images_url
-          response = ::Gitlab::HTTP.get(
-            url,
-            headers: headers,
-            query: query_params(page_token: page_token),
-            format: :plain, # disable httparty json parsing
-            extra_allowed_uris: [URI(GLGO_BASE_URL)]
-          )
-
-          if response.success?
-            ::Gitlab::Json.parse(response.body, symbolize_keys: true)
-          else
-            {}
-          end
-        end
-
-        private
-
-        def list_docker_images_url
-          "#{GLGO_BASE_URL}/gcp/ar/" \
-            "projects/#{@gcp_project_id}/" \
-            "locations/#{@gcp_location}/" \
-            "repositories/#{@gcp_repository}/docker"
-        end
-
-        def query_params(page_token: nil)
-          {
-            page_token: page_token,
-            page_size: PAGE_SIZE
-          }.compact
-        end
-
-        def headers
-          jwt = encoded_jwt(wlif: @gcp_wlif)
-          {
-            'Authorization' => "Bearer #{jwt}"
-          }
-        end
-      end
-    end
-  end
-end
diff --git a/lib/integrations/google_cloud_platform/base_client.rb b/lib/integrations/google_cloud_platform/base_client.rb
deleted file mode 100644
index 937454cda43..00000000000
--- a/lib/integrations/google_cloud_platform/base_client.rb
+++ /dev/null
@@ -1,32 +0,0 @@
-# frozen_string_literal: true
-
-module Integrations
-  module GoogleCloudPlatform
-    class BaseClient
-      GLGO_BASE_URL = if Gitlab.staging?
-                        'https://glgo.staging.runway.gitlab.net'
-                      else
-                        'https://glgo.runway.gitlab.net'
-                      end
-
-      def initialize(project:, user:)
-        @project = project
-        @user = user
-      end
-
-      private
-
-      def encoded_jwt(wlif:)
-        jwt = ::Integrations::GoogleCloudPlatform::Jwt.new(
-          project: @project,
-          user: @user,
-          claims: {
-            audience: GLGO_BASE_URL,
-            wlif: wlif
-          }
-        )
-        jwt.encoded
-      end
-    end
-  end
-end
diff --git a/lib/integrations/google_cloud_platform/jwt.rb b/lib/integrations/google_cloud_platform/jwt.rb
deleted file mode 100644
index 26343a3a9db..00000000000
--- a/lib/integrations/google_cloud_platform/jwt.rb
+++ /dev/null
@@ -1,88 +0,0 @@
-# frozen_string_literal: true
-
-module Integrations
-  module GoogleCloudPlatform
-    class Jwt < ::JSONWebToken::RSAToken
-      extend ::Gitlab::Utils::Override
-
-      JWT_OPTIONS_ERROR = 'This jwt needs jwt claims audience and wlif to be set.'
-
-      NoSigningKeyError = Class.new(StandardError)
-
-      def initialize(project:, user:, claims:)
-        super
-
-        raise ArgumentError, JWT_OPTIONS_ERROR if claims[:audience].blank? || claims[:wlif].blank?
-
-        @claims = claims
-        @project = project
-        @user = user
-      end
-
-      def encoded
-        @custom_payload.merge!(custom_claims)
-
-        super
-      end
-
-      private
-
-      override :subject
-      def subject
-        "project_#{@project.id}_user_#{@user.id}"
-      end
-
-      override :key_data
-      def key_data
-        @key_data ||= begin
-          # TODO Feels strange to use the CI signing key but do
-          # we have a different signing key?
-          key_data = Gitlab::CurrentSettings.ci_jwt_signing_key
-
-          raise NoSigningKeyError unless key_data
-
-          key_data
-        end
-      end
-
-      def custom_claims
-        {
-          namespace_id: namespace.id.to_s,
-          namespace_path: namespace.full_path,
-          root_namespace_path: root_namespace.full_path,
-          root_namespace_id: root_namespace.id.to_s,
-          project_id: @project.id.to_s,
-          project_path: @project.full_path,
-          user_id: @user&.id.to_s,
-          user_login: @user&.username,
-          user_email: @user&.email,
-          wlif: @claims[:wlif]
-        }
-      end
-
-      def namespace
-        @project.namespace
-      end
-
-      def root_namespace
-        @project.root_namespace
-      end
-
-      override :issuer
-      def issuer
-        Feature.enabled?(:oidc_issuer_url) ? Gitlab.config.gitlab.url : Settings.gitlab.base_url
-      end
-
-      override :audience
-      def audience
-        @claims[:audience]
-      end
-
-      override :kid
-      def kid
-        rsa_key = OpenSSL::PKey::RSA.new(key_data)
-        rsa_key.public_key.to_jwk[:kid]
-      end
-    end
-  end
-end