diff options
Diffstat (limited to '.gitlab')
23 files changed, 654 insertions, 591 deletions
diff --git a/.gitlab/CODEOWNERS b/.gitlab/CODEOWNERS index 777c5c54ea5..6019fe636a8 100644 --- a/.gitlab/CODEOWNERS +++ b/.gitlab/CODEOWNERS @@ -7,7 +7,7 @@ *.rake @gitlab-org/maintainers/rails-backend ^[Frontend] -*.scss @annabeldunstone @gitlab-org/maintainers/frontend +*.scss @gitlab-org/maintainers/frontend *.js @gitlab-org/maintainers/frontend /app/assets/ @gitlab-org/maintainers/frontend /ee/app/assets/ @gitlab-org/maintainers/frontend @@ -173,7 +173,7 @@ Dangerfile @gl-quality/eng-prod /config/dependency_decisions.yml @gitlab-org/legal-reviewers ^[Workhorse] -/workhorse/ @jacobvosmaer-gitlab @nick.thomas @nolith @patrickbajao +/workhorse/ @jacobvosmaer-gitlab @nolith @patrickbajao [Application Security] /app/assets/javascripts/lib/dompurify.js @gitlab-com/gl-security/appsec @@ -242,7 +242,7 @@ lib/gitlab/checks/** @proglottis @toon @zj-gitlab /doc/administration/lfs/index.md @aqualls /doc/administration/libravatar.md @axil /doc/administration/load_balancer.md @axil -/doc/administration/logs.md @msedlakjakubowski +/doc/administration/logs/index.md @msedlakjakubowski /doc/administration/maintenance_mode/index.md @axil /doc/administration/merge_request_diffs.md @aqualls /doc/administration/monitoring/ @msedlakjakubowski @@ -283,7 +283,6 @@ lib/gitlab/checks/** @proglottis @toon @zj-gitlab /doc/administration/timezone.md @axil /doc/administration/troubleshooting/ @axil /doc/administration/troubleshooting/elasticsearch.md @sselhorn -/doc/administration/troubleshooting/group_saml_scim.md @eread /doc/administration/troubleshooting/postgresql.md @aqualls /doc/administration/uploads.md @axil /doc/administration/user_settings.md @eread @@ -494,7 +493,6 @@ lib/gitlab/checks/** @proglottis @toon @zj-gitlab /doc/ci/unit_test_reports.md @marcel.amirault /doc/ci/variables/ @marcel.amirault /doc/ci/yaml/ @marcel.amirault -/doc/development/adding_database_indexes.md @aqualls /doc/development/application_limits.md @axil /doc/development/approval_rules.md @aqualls /doc/development/audit_event_guide/index.md @eread @@ -513,12 +511,8 @@ lib/gitlab/checks/** @proglottis @toon @zj-gitlab /doc/development/code_intelligence/index.md @aqualls /doc/development/contributing/ @sselhorn /doc/development/contributing/merge_request_workflow.md @aqualls -/doc/development/creating_enums.md @aqualls -/doc/development/database_debugging.md @aqualls -/doc/development/database_query_comments.md @aqualls /doc/development/database_review.md @aqualls /doc/development/database/ @aqualls -/doc/development/db_dump.md @aqualls /doc/development/developing_with_solargraph.md @aqualls /doc/development/diffs.md @aqualls /doc/development/distributed_tracing.md @msedlakjakubowski @@ -539,7 +533,6 @@ lib/gitlab/checks/** @proglottis @toon @zj-gitlab /doc/development/feature_flags/controls.md @sselhorn /doc/development/feature_flags/index.md @sselhorn /doc/development/filtering_by_label.md @msedlakjakubowski -/doc/development/foreign_keys.md @aqualls /doc/development/geo.md @axil /doc/development/geo/framework.md @axil /doc/development/git_object_deduplication.md @eread @@ -553,7 +546,6 @@ lib/gitlab/checks/** @proglottis @toon @zj-gitlab /doc/development/image_scaling.md @sselhorn /doc/development/import_export.md @eread /doc/development/index.md @sselhorn -/doc/development/insert_into_tables_in_batches.md @aqualls /doc/development/integrations/ @kpaizee /doc/development/integrations/codesandbox.md @sselhorn /doc/development/integrations/secure_partner_integration.md @rdickenson @@ -562,39 +554,28 @@ lib/gitlab/checks/** @proglottis @toon @zj-gitlab /doc/development/internal_users.md @sselhorn /doc/development/issuable-like-models.md @msedlakjakubowski /doc/development/issue_types.md @msedlakjakubowski -/doc/development/iterating_tables_in_batches.md @aqualls /doc/development/kubernetes.md @sselhorn /doc/development/lfs.md @aqualls -/doc/development/licensed_feature_availability.md @sselhorn +/doc/development/ee_features.md @fneill /doc/development/logging.md @msedlakjakubowski /doc/development/maintenance_mode.md @axil -/doc/development/new_fe_guide/modules/widget_extensions.md @aqualls -/doc/development/new_fe_guide/tips.md @sselhorn /doc/development/omnibus.md @axil -/doc/development/ordering_table_columns.md @aqualls /doc/development/packages/ @claytoncornell /doc/development/permissions.md @eread /doc/development/policies.md @eread /doc/development/product_qualified_lead_guide/index.md @kpaizee /doc/development/project_templates.md @fneill /doc/development/prometheus_metrics.md @msedlakjakubowski -/doc/development/query_performance.md @aqualls -/doc/development/query_recorder.md @aqualls /doc/development/real_time.md @msedlakjakubowski /doc/development/secure_coding_guidelines.md @sselhorn -/doc/development/serializing_data.md @aqualls /doc/development/service_ping/ @claytoncornell -/doc/development/single_table_inheritance.md @aqualls /doc/development/snowplow/ @claytoncornell /doc/development/spam_protection_and_captcha/ @eread /doc/development/sql.md @aqualls -/doc/development/swapping_tables.md @aqualls /doc/development/testing_guide/best_practices.md @sselhorn /doc/development/testing_guide/end_to_end/best_practices.md @sselhorn -/doc/development/understanding_explain_plans.md @aqualls /doc/development/value_stream_analytics.md @fneill /doc/development/value_stream_analytics/value_stream_analytics_aggregated_backend.md @fneill -/doc/development/verifying_database_capabilities.md @aqualls /doc/development/wikis.md @aqualls /doc/development/work_items_widgets.md @msedlakjakubowski /doc/development/work_items.md @msedlakjakubowski @@ -618,7 +599,7 @@ lib/gitlab/checks/** @proglottis @toon @zj-gitlab /doc/operations/feature_flags.md @rdickenson /doc/operations/product_analytics.md @claytoncornell /doc/policy/alpha-beta-support.md @axil -/doc/policy/maintenance.md @axil +/doc/policy/maintenance.md @axil @gitlab-org/delivery /doc/raketasks/ @axil /doc/raketasks/generate_sample_prometheus_data.md @msedlakjakubowski /doc/raketasks/migrate_snippets.md @aqualls @@ -710,6 +691,7 @@ lib/gitlab/checks/** @proglottis @toon @zj-gitlab /doc/user/group/saml_sso/group_managed_accounts.md @eread /doc/user/group/saml_sso/index.md @eread /doc/user/group/saml_sso/scim_setup.md @eread +/doc/user/group/saml_sso/example_saml_config.md @eread /doc/user/group/settings/group_access_tokens.md @eread /doc/user/group/settings/import_export.md @eread /doc/user/group/subgroups/index.md @fneill @@ -804,250 +786,391 @@ lib/gitlab/checks/** @proglottis @toon @zj-gitlab /doc/user/workspace/index.md @fneill [Authentication and Authorization] -/app/assets/javascripts/access_tokens/ @gitlab-org/manage/authentication-and-authorization -/app/assets/javascripts/alerts_settings/graphql/mutations/reset_http_token.mutation.graphql @gitlab-org/manage/authentication-and-authorization -/app/assets/javascripts/authentication/ @gitlab-org/manage/authentication-and-authorization -/app/assets/javascripts/ide/components/shared/tokened_input.vue @gitlab-org/manage/authentication-and-authorization -/app/assets/javascripts/invite_members/components/members_token_select.vue @gitlab-org/manage/authentication-and-authorization -/app/assets/javascripts/packages_and_registries/package_registry/components/list/tokens/ @gitlab-org/manage/authentication-and-authorization -/app/assets/javascripts/pages/admin/impersonation_tokens/ @gitlab-org/manage/authentication-and-authorization -/app/assets/javascripts/pages/groups/settings/access_tokens/ @gitlab-org/manage/authentication-and-authorization -/app/assets/javascripts/pages/ldap/ @gitlab-org/manage/authentication-and-authorization -/app/assets/javascripts/pages/oauth/ @gitlab-org/manage/authentication-and-authorization -/app/assets/javascripts/pages/omniauth_callbacks/ @gitlab-org/manage/authentication-and-authorization -/app/assets/javascripts/pages/profiles/password_prompt/ @gitlab-org/manage/authentication-and-authorization -/app/assets/javascripts/pages/profiles/personal_access_tokens/ @gitlab-org/manage/authentication-and-authorization -/app/assets/javascripts/pages/profiles/two_factor_auths/ @gitlab-org/manage/authentication-and-authorization -/app/assets/javascripts/pages/projects/settings/access_tokens/ @gitlab-org/manage/authentication-and-authorization -/app/assets/javascripts/pages/sessions/new/oauth_remember_me.js @gitlab-org/manage/authentication-and-authorization -/app/assets/javascripts/pipelines/components/pipelines_list/tokens/constants.js @gitlab-org/manage/authentication-and-authorization -/app/assets/javascripts/pipelines/components/pipelines_list/tokens/pipeline_branch_name_token.vue @gitlab-org/manage/authentication-and-authorization -/app/assets/javascripts/pipelines/components/pipelines_list/tokens/pipeline_source_token.vue @gitlab-org/manage/authentication-and-authorization -/app/assets/javascripts/pipelines/components/pipelines_list/tokens/pipeline_status_token.vue @gitlab-org/manage/authentication-and-authorization -/app/assets/javascripts/pipelines/components/pipelines_list/tokens/pipeline_tag_name_token.vue @gitlab-org/manage/authentication-and-authorization -/app/assets/javascripts/projects/settings/topics/components/ @gitlab-org/manage/authentication-and-authorization -/app/assets/javascripts/related_issues/components/issue_token.vue @gitlab-org/manage/authentication-and-authorization -/app/assets/javascripts/runner/components/registration/registration_token.vue @gitlab-org/manage/authentication-and-authorization -/app/assets/javascripts/runner/components/registration/registration_token_reset_dropdown_item.vue @gitlab-org/manage/authentication-and-authorization -/app/assets/javascripts/runner/components/search_tokens/ @gitlab-org/manage/authentication-and-authorization -/app/assets/javascripts/token_access/components/ @gitlab-org/manage/authentication-and-authorization -/app/assets/javascripts/token_access/index.js @gitlab-org/manage/authentication-and-authorization -/app/assets/stylesheets/page_bundles/profile_two_factor_auth.scss @gitlab-org/manage/authentication-and-authorization -/app/controllers/admin/impersonation_tokens_controller.rb @gitlab-org/manage/authentication-and-authorization -/app/controllers/concerns/access_tokens_actions.rb @gitlab-org/manage/authentication-and-authorization -/app/controllers/concerns/authenticates_with_two_factor.rb @gitlab-org/manage/authentication-and-authorization -/app/controllers/concerns/authenticates_with_two_factor_for_admin_mode.rb @gitlab-org/manage/authentication-and-authorization -/app/controllers/concerns/enforces_admin_authentication.rb @gitlab-org/manage/authentication-and-authorization -/app/controllers/concerns/enforces_two_factor_authentication.rb @gitlab-org/manage/authentication-and-authorization -/app/controllers/concerns/oauth_applications.rb @gitlab-org/manage/authentication-and-authorization -/app/controllers/concerns/project_unauthorized.rb @gitlab-org/manage/authentication-and-authorization -/app/controllers/concerns/sessionless_authentication.rb @gitlab-org/manage/authentication-and-authorization -/app/controllers/concerns/snippet_authorizations.rb @gitlab-org/manage/authentication-and-authorization -/app/controllers/concerns/workhorse_authorization.rb @gitlab-org/manage/authentication-and-authorization -/app/controllers/groups/settings/access_tokens_controller.rb @gitlab-org/manage/authentication-and-authorization -/app/controllers/ldap/ @gitlab-org/manage/authentication-and-authorization -/app/controllers/oauth/ @gitlab-org/manage/authentication-and-authorization -/app/controllers/omniauth_callbacks_controller.rb @gitlab-org/manage/authentication-and-authorization -/app/controllers/passwords_controller.rb @gitlab-org/manage/authentication-and-authorization -/app/controllers/profiles/passwords_controller.rb @gitlab-org/manage/authentication-and-authorization -/app/controllers/profiles/personal_access_tokens_controller.rb @gitlab-org/manage/authentication-and-authorization -/app/controllers/profiles/two_factor_auths_controller.rb @gitlab-org/manage/authentication-and-authorization -/app/controllers/profiles/webauthn_registrations_controller.rb @gitlab-org/manage/authentication-and-authorization -/app/controllers/projects/settings/access_tokens_controller.rb @gitlab-org/manage/authentication-and-authorization -/app/finders/groups/projects_requiring_authorizations_refresh/ @gitlab-org/manage/authentication-and-authorization -/app/finders/personal_access_tokens_finder.rb @gitlab-org/manage/authentication-and-authorization -/app/helpers/access_tokens_helper.rb @gitlab-org/manage/authentication-and-authorization -/app/helpers/auth_helper.rb @gitlab-org/manage/authentication-and-authorization -/app/models/authentication_event.rb @gitlab-org/manage/authentication-and-authorization -/app/models/concerns/admin_changed_password_notifier.rb @gitlab-org/manage/authentication-and-authorization -/app/models/concerns/mirror_authentication.rb @gitlab-org/manage/authentication-and-authorization -/app/models/concerns/select_for_project_authorization.rb @gitlab-org/manage/authentication-and-authorization -/app/models/concerns/token_authenticatable.rb @gitlab-org/manage/authentication-and-authorization -/app/models/concerns/token_authenticatable_strategies/ @gitlab-org/manage/authentication-and-authorization -/app/models/oauth_access_grant.rb @gitlab-org/manage/authentication-and-authorization -/app/models/oauth_access_token.rb @gitlab-org/manage/authentication-and-authorization -/app/models/personal_access_token.rb @gitlab-org/manage/authentication-and-authorization -/app/models/project_authorization.rb @gitlab-org/manage/authentication-and-authorization -/app/models/token_with_iv.rb @gitlab-org/manage/authentication-and-authorization -/app/models/webauthn_registration.rb @gitlab-org/manage/authentication-and-authorization -/app/policies/personal_access_token_policy.rb @gitlab-org/manage/authentication-and-authorization -/app/services/access_token_validation_service.rb @gitlab-org/manage/authentication-and-authorization -/app/services/auth/ @gitlab-org/manage/authentication-and-authorization -/app/services/authorized_project_update/ @gitlab-org/manage/authentication-and-authorization -/app/services/chat_names/authorize_user_service.rb @gitlab-org/manage/authentication-and-authorization -/app/services/personal_access_tokens/ @gitlab-org/manage/authentication-and-authorization -/app/services/projects/move_project_authorizations_service.rb @gitlab-org/manage/authentication-and-authorization -/app/services/resource_access_tokens/ @gitlab-org/manage/authentication-and-authorization -/app/services/todos/destroy/unauthorized_features_service.rb @gitlab-org/manage/authentication-and-authorization -/app/services/users/authorized_build_service.rb @gitlab-org/manage/authentication-and-authorization -/app/services/users/authorized_create_service.rb @gitlab-org/manage/authentication-and-authorization -/app/services/users/refresh_authorized_projects_service.rb @gitlab-org/manage/authentication-and-authorization -/app/services/webauthn/ @gitlab-org/manage/authentication-and-authorization -/app/validators/json_schemas/cluster_agent_authorization_configuration.json @gitlab-org/manage/authentication-and-authorization -/app/views/admin/application_settings/_external_authorization_service_form.html.haml @gitlab-org/manage/authentication-and-authorization -/app/views/admin/impersonation_tokens/ @gitlab-org/manage/authentication-and-authorization -/app/views/authentication/ @gitlab-org/manage/authentication-and-authorization -/app/views/ci/token_access/ @gitlab-org/manage/authentication-and-authorization -/app/views/dashboard/projects/_zero_authorized_projects.html.haml @gitlab-org/manage/authentication-and-authorization -/app/views/devise/mailer/password_change.html.haml @gitlab-org/manage/authentication-and-authorization -/app/views/devise/mailer/password_change.text.erb @gitlab-org/manage/authentication-and-authorization -/app/views/devise/mailer/password_change_by_admin.html.haml @gitlab-org/manage/authentication-and-authorization -/app/views/devise/mailer/password_change_by_admin.text.erb @gitlab-org/manage/authentication-and-authorization -/app/views/devise/mailer/reset_password_instructions.html.haml @gitlab-org/manage/authentication-and-authorization -/app/views/devise/mailer/reset_password_instructions.text.erb @gitlab-org/manage/authentication-and-authorization -/app/views/devise/passwords/ @gitlab-org/manage/authentication-and-authorization -/app/views/devise/shared/_omniauth_box.html.haml @gitlab-org/manage/authentication-and-authorization -/app/views/devise/shared/_signup_omniauth_provider_list.haml @gitlab-org/manage/authentication-and-authorization -/app/views/devise/shared/_signup_omniauth_providers.haml @gitlab-org/manage/authentication-and-authorization -/app/views/devise/shared/_signup_omniauth_providers_top.haml @gitlab-org/manage/authentication-and-authorization -/app/views/doorkeeper/authorizations/ @gitlab-org/manage/authentication-and-authorization -/app/views/doorkeeper/authorized_applications/ @gitlab-org/manage/authentication-and-authorization -/app/views/errors/omniauth_error.html.haml @gitlab-org/manage/authentication-and-authorization -/app/views/groups/settings/_resource_access_token_creation.html.haml @gitlab-org/manage/authentication-and-authorization -/app/views/groups/settings/_two_factor_auth.html.haml @gitlab-org/manage/authentication-and-authorization -/app/views/groups/settings/access_tokens/ @gitlab-org/manage/authentication-and-authorization -/app/views/layouts/oauth_error.html.haml @gitlab-org/manage/authentication-and-authorization -/app/views/notify/access_token_about_to_expire_email.html.haml @gitlab-org/manage/authentication-and-authorization -/app/views/notify/access_token_about_to_expire_email.text.erb @gitlab-org/manage/authentication-and-authorization -/app/views/notify/access_token_created_email.html.haml @gitlab-org/manage/authentication-and-authorization -/app/views/notify/access_token_created_email.text.erb @gitlab-org/manage/authentication-and-authorization -/app/views/notify/access_token_expired_email.html.haml @gitlab-org/manage/authentication-and-authorization -/app/views/notify/access_token_expired_email.text.erb @gitlab-org/manage/authentication-and-authorization -/app/views/profiles/passwords/ @gitlab-org/manage/authentication-and-authorization -/app/views/profiles/personal_access_tokens/ @gitlab-org/manage/authentication-and-authorization -/app/views/profiles/two_factor_auths/ @gitlab-org/manage/authentication-and-authorization -/app/views/projects/mirrors/_authentication_method.html.haml @gitlab-org/manage/authentication-and-authorization -/app/views/projects/settings/access_tokens/ @gitlab-org/manage/authentication-and-authorization -/app/views/shared/_no_password.html.haml @gitlab-org/manage/authentication-and-authorization -/app/views/shared/_two_factor_auth_recovery_settings_check.html.haml @gitlab-org/manage/authentication-and-authorization -/app/views/shared/access_tokens/ @gitlab-org/manage/authentication-and-authorization -/app/views/shared/members/_two_factor_auth_badge.html.haml @gitlab-org/manage/authentication-and-authorization -/app/views/shared/tokens/ @gitlab-org/manage/authentication-and-authorization -/app/workers/authorized_keys_worker.rb @gitlab-org/manage/authentication-and-authorization -/app/workers/authorized_project_update/ @gitlab-org/manage/authentication-and-authorization -/app/workers/authorized_projects_worker.rb @gitlab-org/manage/authentication-and-authorization -/app/workers/personal_access_tokens/ @gitlab-org/manage/authentication-and-authorization -/config/feature_flags/development/application_settings_tokens_optional_encryption.yml @gitlab-org/manage/authentication-and-authorization -/config/feature_flags/development/async_only_project_authorizations_refresh.yml @gitlab-org/manage/authentication-and-authorization -/config/feature_flags/development/enforce_auth_checks_on_uploads.yml @gitlab-org/manage/authentication-and-authorization -/config/feature_flags/development/forti_authenticator.yml @gitlab-org/manage/authentication-and-authorization -/config/feature_flags/development/forti_token_cloud.yml @gitlab-org/manage/authentication-and-authorization -/config/feature_flags/development/groups_tokens_optional_encryption.yml @gitlab-org/manage/authentication-and-authorization -/config/feature_flags/development/omniauth_login_minimal_scopes.yml @gitlab-org/manage/authentication-and-authorization -/config/feature_flags/development/personal_access_tokens_scoped_to_projects.yml @gitlab-org/manage/authentication-and-authorization -/config/feature_flags/development/projects_tokens_optional_encryption.yml @gitlab-org/manage/authentication-and-authorization -/config/feature_flags/development/refresh_authorizations_via_affected_projects_on_group_membership.yml @gitlab-org/manage/authentication-and-authorization -/config/feature_flags/development/skip_group_share_unlink_auth_refresh.yml @gitlab-org/manage/authentication-and-authorization -/config/feature_flags/development/specialized_worker_for_group_lock_update_auth_recalculation.yml @gitlab-org/manage/authentication-and-authorization -/config/feature_flags/development/update_oauth_registration_flow.yml @gitlab-org/manage/authentication-and-authorization -/config/feature_flags/development/webauthn.yml @gitlab-org/manage/authentication-and-authorization -/config/feature_flags/ops/block_password_auth_for_saml_users.yml @gitlab-org/manage/authentication-and-authorization -/config/initializers/01_secret_token.rb @gitlab-org/manage/authentication-and-authorization -/config/initializers/devise_dynamic_password_length_validation.rb @gitlab-org/manage/authentication-and-authorization -/config/initializers/devise_password_length.rb.example @gitlab-org/manage/authentication-and-authorization -/config/initializers/gitlab_shell_secret_token.rb @gitlab-org/manage/authentication-and-authorization -/config/initializers/omniauth.rb @gitlab-org/manage/authentication-and-authorization -/config/initializers/rails_host_authorization.rb @gitlab-org/manage/authentication-and-authorization -/config/initializers/rails_host_authorization_gitpod.rb @gitlab-org/manage/authentication-and-authorization -/config/initializers/webauthn.rb @gitlab-org/manage/authentication-and-authorization -/config/initializers_before_autoloader/100_patch_omniauth_oauth2.rb @gitlab-org/manage/authentication-and-authorization -/config/initializers_before_autoloader/100_patch_omniauth_saml.rb @gitlab-org/manage/authentication-and-authorization -/ee/app/assets/javascripts/access_tokens/ @gitlab-org/manage/authentication-and-authorization -/ee/app/assets/javascripts/audit_events/components/tokens/ @gitlab-org/manage/authentication-and-authorization -/ee/app/assets/javascripts/audit_events/token_utils.js @gitlab-org/manage/authentication-and-authorization -/ee/app/assets/javascripts/groups/settings/components/ @gitlab-org/manage/authentication-and-authorization -/ee/app/assets/javascripts/pages/groups/omniauth_callbacks/ @gitlab-org/manage/authentication-and-authorization -/ee/app/assets/javascripts/pipelines/components/pipelines_list/ @gitlab-org/manage/authentication-and-authorization -/ee/app/assets/javascripts/requirements/components/tokens/ @gitlab-org/manage/authentication-and-authorization -/ee/app/assets/javascripts/saml_providers/scim_token_service.js @gitlab-org/manage/authentication-and-authorization -/ee/app/assets/javascripts/saml_sso/components/ @gitlab-org/manage/authentication-and-authorization -/ee/app/assets/javascripts/vue_merge_request_widget/components/approvals/approvals_auth.vue @gitlab-org/manage/authentication-and-authorization -/ee/app/controllers/concerns/ee/authenticates_with_two_factor.rb @gitlab-org/manage/authentication-and-authorization -/ee/app/controllers/concerns/ee/enforces_two_factor_authentication.rb @gitlab-org/manage/authentication-and-authorization -/ee/app/controllers/concerns/saml_authorization.rb @gitlab-org/manage/authentication-and-authorization -/ee/app/controllers/ee/ldap/ @gitlab-org/manage/authentication-and-authorization -/ee/app/controllers/ee/omniauth_callbacks_controller.rb @gitlab-org/manage/authentication-and-authorization -/ee/app/controllers/ee/passwords_controller.rb @gitlab-org/manage/authentication-and-authorization -/ee/app/controllers/groups/omniauth_callbacks_controller.rb @gitlab-org/manage/authentication-and-authorization -/ee/app/controllers/groups/scim_oauth_controller.rb @gitlab-org/manage/authentication-and-authorization -/ee/app/controllers/oauth/ @gitlab-org/manage/authentication-and-authorization -/ee/app/controllers/omniauth_kerberos_spnego_controller.rb @gitlab-org/manage/authentication-and-authorization -/ee/app/finders/auth/ @gitlab-org/manage/authentication-and-authorization -/ee/app/helpers/ee/access_tokens_helper.rb @gitlab-org/manage/authentication-and-authorization -/ee/app/helpers/ee/auth_helper.rb @gitlab-org/manage/authentication-and-authorization -/ee/app/helpers/ee/personal_access_tokens_helper.rb @gitlab-org/manage/authentication-and-authorization -/ee/app/models/concerns/password_complexity.rb @gitlab-org/manage/authentication-and-authorization -/ee/app/models/ee/personal_access_token.rb @gitlab-org/manage/authentication-and-authorization -/ee/app/models/ee/project_authorization.rb @gitlab-org/manage/authentication-and-authorization -/ee/app/models/scim_oauth_access_token.rb @gitlab-org/manage/authentication-and-authorization -/ee/app/serializers/scim_oauth_access_token_entity.rb @gitlab-org/manage/authentication-and-authorization -/ee/app/services/ee/auth/ @gitlab-org/manage/authentication-and-authorization -/ee/app/services/ee/personal_access_tokens/ @gitlab-org/manage/authentication-and-authorization -/ee/app/services/ee/resource_access_tokens/ @gitlab-org/manage/authentication-and-authorization -/ee/app/services/personal_access_tokens/ @gitlab-org/manage/authentication-and-authorization -/ee/app/services/security/token_revocation_service.rb @gitlab-org/manage/authentication-and-authorization -/ee/app/validators/password/ @gitlab-org/manage/authentication-and-authorization -/ee/app/views/admin/application_settings/_personal_access_token_expiration_policy.html.haml @gitlab-org/manage/authentication-and-authorization -/ee/app/views/credentials_inventory_mailer/personal_access_token_revoked_email.html.haml @gitlab-org/manage/authentication-and-authorization -/ee/app/views/credentials_inventory_mailer/personal_access_token_revoked_email.text.haml @gitlab-org/manage/authentication-and-authorization -/ee/app/views/groups/_personal_access_token_expiration_policy.html.haml @gitlab-org/manage/authentication-and-authorization -/ee/app/views/groups/sso/_authorize_pane.html.haml @gitlab-org/manage/authentication-and-authorization -/ee/app/views/notify/policy_revoked_personal_access_tokens_email.html.haml @gitlab-org/manage/authentication-and-authorization -/ee/app/views/notify/policy_revoked_personal_access_tokens_email.text.erb @gitlab-org/manage/authentication-and-authorization -/ee/app/views/oauth/ @gitlab-org/manage/authentication-and-authorization -/ee/app/views/shared/credentials_inventory/_personal_access_tokens.html.haml @gitlab-org/manage/authentication-and-authorization -/ee/app/views/shared/credentials_inventory/_project_access_tokens.html.haml @gitlab-org/manage/authentication-and-authorization -/ee/app/views/shared/credentials_inventory/personal_access_tokens/ @gitlab-org/manage/authentication-and-authorization -/ee/app/views/shared/credentials_inventory/project_access_tokens/ @gitlab-org/manage/authentication-and-authorization -/ee/app/workers/auth/ @gitlab-org/manage/authentication-and-authorization -/ee/app/workers/personal_access_tokens/ @gitlab-org/manage/authentication-and-authorization -/ee/config/routes/oauth.rb @gitlab-org/manage/authentication-and-authorization -/ee/lib/ee/gitlab/auth/ @gitlab-org/manage/authentication-and-authorization -/ee/lib/ee/gitlab/omniauth_initializer.rb @gitlab-org/manage/authentication-and-authorization -/ee/lib/gitlab/auth/ @gitlab-org/manage/authentication-and-authorization -/ee/lib/gitlab/auth_logger.rb @gitlab-org/manage/authentication-and-authorization -/ee/lib/gitlab/authority_analyzer.rb @gitlab-org/manage/authentication-and-authorization -/ee/lib/gitlab/geo/oauth/ @gitlab-org/manage/authentication-and-authorization -/ee/lib/gitlab/kerberos/ @gitlab-org/manage/authentication-and-authorization -/ee/lib/omni_auth/ @gitlab-org/manage/authentication-and-authorization -/ee/lib/system_check/geo/authorized_keys_check.rb @gitlab-org/manage/authentication-and-authorization -/ee/lib/system_check/geo/authorized_keys_flag_check.rb @gitlab-org/manage/authentication-and-authorization -/lib/api/entities/ci/reset_token_result.rb @gitlab-org/manage/authentication-and-authorization -/lib/api/entities/impersonation_token.rb @gitlab-org/manage/authentication-and-authorization -/lib/api/entities/impersonation_token_with_token.rb @gitlab-org/manage/authentication-and-authorization -/lib/api/entities/personal_access_token.rb @gitlab-org/manage/authentication-and-authorization -/lib/api/entities/personal_access_token_with_details.rb @gitlab-org/manage/authentication-and-authorization -/lib/api/entities/personal_access_token_with_token.rb @gitlab-org/manage/authentication-and-authorization -/lib/api/entities/resource_access_token.rb @gitlab-org/manage/authentication-and-authorization -/lib/api/entities/resource_access_token_with_token.rb @gitlab-org/manage/authentication-and-authorization -/lib/api/helpers/authentication.rb @gitlab-org/manage/authentication-and-authorization -/lib/api/helpers/packages/basic_auth_helpers.rb @gitlab-org/manage/authentication-and-authorization -/lib/api/personal_access_tokens.rb @gitlab-org/manage/authentication-and-authorization -/lib/api/resource_access_tokens.rb @gitlab-org/manage/authentication-and-authorization -/lib/api/support/token_with_expiration.rb @gitlab-org/manage/authentication-and-authorization -/lib/gitlab/api_authentication/ @gitlab-org/manage/authentication-and-authorization -/lib/gitlab/auth/ @gitlab-org/manage/authentication-and-authorization -/lib/gitlab/auth.rb @gitlab-org/manage/authentication-and-authorization -/lib/gitlab/auth_logger.rb @gitlab-org/manage/authentication-and-authorization -/lib/gitlab/authorized_keys.rb @gitlab-org/manage/authentication-and-authorization -/lib/gitlab/background_migration/encrypt_static_object_token.rb @gitlab-org/manage/authentication-and-authorization -/lib/gitlab/background_migration/expire_o_auth_tokens.rb @gitlab-org/manage/authentication-and-authorization -/lib/gitlab/background_migration/migrate_u2f_webauthn.rb @gitlab-org/manage/authentication-and-authorization -/lib/gitlab/background_migration/update_users_where_two_factor_auth_required_from_group.rb @gitlab-org/manage/authentication-and-authorization -/lib/gitlab/chat_name_token.rb @gitlab-org/manage/authentication-and-authorization -/lib/gitlab/ci/pipeline/expression/token.rb @gitlab-org/manage/authentication-and-authorization -/lib/gitlab/external_authorization/ @gitlab-org/manage/authentication-and-authorization -/lib/gitlab/external_authorization.rb @gitlab-org/manage/authentication-and-authorization -/lib/gitlab/graphql/authorize/ @gitlab-org/manage/authentication-and-authorization -/lib/gitlab/jwt_authenticatable.rb @gitlab-org/manage/authentication-and-authorization -/lib/gitlab/jwt_token.rb @gitlab-org/manage/authentication-and-authorization -/lib/gitlab/lfs_token.rb @gitlab-org/manage/authentication-and-authorization -/lib/gitlab/mail_room/ @gitlab-org/manage/authentication-and-authorization -/lib/gitlab/omniauth_initializer.rb @gitlab-org/manage/authentication-and-authorization -/lib/gitlab/project_authorizations.rb @gitlab-org/manage/authentication-and-authorization -/lib/json_web_token/ @gitlab-org/manage/authentication-and-authorization -/lib/omni_auth/ @gitlab-org/manage/authentication-and-authorization -/lib/system_check/app/authorized_keys_permission_check.rb @gitlab-org/manage/authentication-and-authorization -/lib/system_check/incoming_email/imap_authentication_check.rb @gitlab-org/manage/authentication-and-authorization -/lib/tasks/gitlab/password.rake @gitlab-org/manage/authentication-and-authorization -/lib/tasks/tokens.rake @gitlab-org/manage/authentication-and-authorization +/app/assets/javascripts/access_tokens/ @gitlab-org/manage/authentication-and-authorization/approvers +/app/assets/javascripts/alerts_settings/graphql/mutations/reset_http_token.mutation.graphql @gitlab-org/manage/authentication-and-authorization/approvers +/app/assets/javascripts/authentication/ @gitlab-org/manage/authentication-and-authorization/approvers +/app/assets/javascripts/ide/components/shared/tokened_input.vue @gitlab-org/manage/authentication-and-authorization/approvers +/app/assets/javascripts/invite_members/components/members_token_select.vue @gitlab-org/manage/authentication-and-authorization/approvers +/app/assets/javascripts/packages_and_registries/package_registry/components/list/tokens/ @gitlab-org/manage/authentication-and-authorization/approvers +/app/assets/javascripts/pages/admin/impersonation_tokens/ @gitlab-org/manage/authentication-and-authorization/approvers +/app/assets/javascripts/pages/groups/settings/access_tokens/ @gitlab-org/manage/authentication-and-authorization/approvers +/app/assets/javascripts/pages/ldap/ @gitlab-org/manage/authentication-and-authorization/approvers +/app/assets/javascripts/pages/oauth/ @gitlab-org/manage/authentication-and-authorization/approvers +/app/assets/javascripts/pages/omniauth_callbacks/ @gitlab-org/manage/authentication-and-authorization/approvers +/app/assets/javascripts/pages/profiles/password_prompt/ @gitlab-org/manage/authentication-and-authorization/approvers +/app/assets/javascripts/pages/profiles/personal_access_tokens/ @gitlab-org/manage/authentication-and-authorization/approvers +/app/assets/javascripts/pages/profiles/two_factor_auths/ @gitlab-org/manage/authentication-and-authorization/approvers +/app/assets/javascripts/pages/projects/settings/access_tokens/ @gitlab-org/manage/authentication-and-authorization/approvers +/app/assets/javascripts/pages/sessions/new/oauth_remember_me.js @gitlab-org/manage/authentication-and-authorization/approvers +/app/assets/javascripts/pipelines/components/pipelines_list/tokens/constants.js @gitlab-org/manage/authentication-and-authorization/approvers +/app/assets/javascripts/pipelines/components/pipelines_list/tokens/pipeline_branch_name_token.vue @gitlab-org/manage/authentication-and-authorization/approvers +/app/assets/javascripts/pipelines/components/pipelines_list/tokens/pipeline_source_token.vue @gitlab-org/manage/authentication-and-authorization/approvers +/app/assets/javascripts/pipelines/components/pipelines_list/tokens/pipeline_status_token.vue @gitlab-org/manage/authentication-and-authorization/approvers +/app/assets/javascripts/pipelines/components/pipelines_list/tokens/pipeline_tag_name_token.vue @gitlab-org/manage/authentication-and-authorization/approvers +/app/assets/javascripts/projects/settings/topics/components/ @gitlab-org/manage/authentication-and-authorization/approvers +/app/assets/javascripts/related_issues/components/issue_token.vue @gitlab-org/manage/authentication-and-authorization/approvers +/app/assets/javascripts/runner/components/registration/registration_token.vue @gitlab-org/manage/authentication-and-authorization/approvers +/app/assets/javascripts/runner/components/registration/registration_token_reset_dropdown_item.vue @gitlab-org/manage/authentication-and-authorization/approvers +/app/assets/javascripts/runner/components/search_tokens/ @gitlab-org/manage/authentication-and-authorization/approvers +/app/assets/javascripts/token_access/components/ @gitlab-org/manage/authentication-and-authorization/approvers +/app/assets/javascripts/token_access/index.js @gitlab-org/manage/authentication-and-authorization/approvers +/app/assets/stylesheets/page_bundles/profile_two_factor_auth.scss @gitlab-org/manage/authentication-and-authorization/approvers +/app/controllers/admin/impersonation_tokens_controller.rb @gitlab-org/manage/authentication-and-authorization/approvers +/app/controllers/concerns/access_tokens_actions.rb @gitlab-org/manage/authentication-and-authorization/approvers +/app/controllers/concerns/authenticates_with_two_factor.rb @gitlab-org/manage/authentication-and-authorization/approvers +/app/controllers/concerns/authenticates_with_two_factor_for_admin_mode.rb @gitlab-org/manage/authentication-and-authorization/approvers +/app/controllers/concerns/enforces_admin_authentication.rb @gitlab-org/manage/authentication-and-authorization/approvers +/app/controllers/concerns/enforces_two_factor_authentication.rb @gitlab-org/manage/authentication-and-authorization/approvers +/app/controllers/concerns/oauth_applications.rb @gitlab-org/manage/authentication-and-authorization/approvers +/app/controllers/concerns/project_unauthorized.rb @gitlab-org/manage/authentication-and-authorization/approvers +/app/controllers/concerns/sessionless_authentication.rb @gitlab-org/manage/authentication-and-authorization/approvers +/app/controllers/concerns/snippet_authorizations.rb @gitlab-org/manage/authentication-and-authorization/approvers +/app/controllers/concerns/workhorse_authorization.rb @gitlab-org/manage/authentication-and-authorization/approvers +/app/controllers/groups/settings/access_tokens_controller.rb @gitlab-org/manage/authentication-and-authorization/approvers +/app/controllers/ldap/ @gitlab-org/manage/authentication-and-authorization/approvers +/app/controllers/oauth/ @gitlab-org/manage/authentication-and-authorization/approvers +/app/controllers/omniauth_callbacks_controller.rb @gitlab-org/manage/authentication-and-authorization/approvers +/app/controllers/passwords_controller.rb @gitlab-org/manage/authentication-and-authorization/approvers +/app/controllers/profiles/passwords_controller.rb @gitlab-org/manage/authentication-and-authorization/approvers +/app/controllers/profiles/personal_access_tokens_controller.rb @gitlab-org/manage/authentication-and-authorization/approvers +/app/controllers/profiles/two_factor_auths_controller.rb @gitlab-org/manage/authentication-and-authorization/approvers +/app/controllers/profiles/webauthn_registrations_controller.rb @gitlab-org/manage/authentication-and-authorization/approvers +/app/controllers/projects/settings/access_tokens_controller.rb @gitlab-org/manage/authentication-and-authorization/approvers +/app/finders/groups/projects_requiring_authorizations_refresh/ @gitlab-org/manage/authentication-and-authorization/approvers +/app/finders/personal_access_tokens_finder.rb @gitlab-org/manage/authentication-and-authorization/approvers +/app/helpers/access_tokens_helper.rb @gitlab-org/manage/authentication-and-authorization/approvers +/app/helpers/auth_helper.rb @gitlab-org/manage/authentication-and-authorization/approvers +/app/models/authentication_event.rb @gitlab-org/manage/authentication-and-authorization/approvers +/app/models/concerns/admin_changed_password_notifier.rb @gitlab-org/manage/authentication-and-authorization/approvers +/app/models/concerns/mirror_authentication.rb @gitlab-org/manage/authentication-and-authorization/approvers +/app/models/concerns/select_for_project_authorization.rb @gitlab-org/manage/authentication-and-authorization/approvers +/app/models/concerns/token_authenticatable.rb @gitlab-org/manage/authentication-and-authorization/approvers +/app/models/concerns/token_authenticatable_strategies/ @gitlab-org/manage/authentication-and-authorization/approvers +/app/models/oauth_access_grant.rb @gitlab-org/manage/authentication-and-authorization/approvers +/app/models/oauth_access_token.rb @gitlab-org/manage/authentication-and-authorization/approvers +/app/models/personal_access_token.rb @gitlab-org/manage/authentication-and-authorization/approvers +/app/models/project_authorization.rb @gitlab-org/manage/authentication-and-authorization/approvers +/app/models/token_with_iv.rb @gitlab-org/manage/authentication-and-authorization/approvers +/app/models/webauthn_registration.rb @gitlab-org/manage/authentication-and-authorization/approvers +/app/policies/personal_access_token_policy.rb @gitlab-org/manage/authentication-and-authorization/approvers +/app/services/access_token_validation_service.rb @gitlab-org/manage/authentication-and-authorization/approvers +/app/services/auth/ @gitlab-org/manage/authentication-and-authorization/approvers +/app/services/authorized_project_update/ @gitlab-org/manage/authentication-and-authorization/approvers +/app/services/chat_names/authorize_user_service.rb @gitlab-org/manage/authentication-and-authorization/approvers +/app/services/personal_access_tokens/ @gitlab-org/manage/authentication-and-authorization/approvers +/app/services/projects/move_project_authorizations_service.rb @gitlab-org/manage/authentication-and-authorization/approvers +/app/services/resource_access_tokens/ @gitlab-org/manage/authentication-and-authorization/approvers +/app/services/todos/destroy/unauthorized_features_service.rb @gitlab-org/manage/authentication-and-authorization/approvers +/app/services/users/authorized_build_service.rb @gitlab-org/manage/authentication-and-authorization/approvers +/app/services/users/authorized_create_service.rb @gitlab-org/manage/authentication-and-authorization/approvers +/app/services/users/refresh_authorized_projects_service.rb @gitlab-org/manage/authentication-and-authorization/approvers +/app/services/webauthn/ @gitlab-org/manage/authentication-and-authorization/approvers +/app/validators/json_schemas/cluster_agent_authorization_configuration.json @gitlab-org/manage/authentication-and-authorization/approvers +/app/views/admin/application_settings/_external_authorization_service_form.html.haml @gitlab-org/manage/authentication-and-authorization/approvers +/app/views/admin/impersonation_tokens/ @gitlab-org/manage/authentication-and-authorization/approvers +/app/views/authentication/ @gitlab-org/manage/authentication-and-authorization/approvers +/app/views/ci/token_access/ @gitlab-org/manage/authentication-and-authorization/approvers +/app/views/dashboard/projects/_zero_authorized_projects.html.haml @gitlab-org/manage/authentication-and-authorization/approvers +/app/views/devise/mailer/password_change.html.haml @gitlab-org/manage/authentication-and-authorization/approvers +/app/views/devise/mailer/password_change.text.erb @gitlab-org/manage/authentication-and-authorization/approvers +/app/views/devise/mailer/password_change_by_admin.html.haml @gitlab-org/manage/authentication-and-authorization/approvers +/app/views/devise/mailer/password_change_by_admin.text.erb @gitlab-org/manage/authentication-and-authorization/approvers +/app/views/devise/mailer/reset_password_instructions.html.haml @gitlab-org/manage/authentication-and-authorization/approvers +/app/views/devise/mailer/reset_password_instructions.text.erb @gitlab-org/manage/authentication-and-authorization/approvers +/app/views/devise/passwords/ @gitlab-org/manage/authentication-and-authorization/approvers +/app/views/devise/shared/_omniauth_box.html.haml @gitlab-org/manage/authentication-and-authorization/approvers +/app/views/devise/shared/_signup_omniauth_provider_list.haml @gitlab-org/manage/authentication-and-authorization/approvers +/app/views/devise/shared/_signup_omniauth_providers.haml @gitlab-org/manage/authentication-and-authorization/approvers +/app/views/devise/shared/_signup_omniauth_providers_top.haml @gitlab-org/manage/authentication-and-authorization/approvers +/app/views/doorkeeper/authorizations/ @gitlab-org/manage/authentication-and-authorization/approvers +/app/views/doorkeeper/authorized_applications/ @gitlab-org/manage/authentication-and-authorization/approvers +/app/views/errors/omniauth_error.html.haml @gitlab-org/manage/authentication-and-authorization/approvers +/app/views/groups/settings/_resource_access_token_creation.html.haml @gitlab-org/manage/authentication-and-authorization/approvers +/app/views/groups/settings/_two_factor_auth.html.haml @gitlab-org/manage/authentication-and-authorization/approvers +/app/views/groups/settings/access_tokens/ @gitlab-org/manage/authentication-and-authorization/approvers +/app/views/layouts/oauth_error.html.haml @gitlab-org/manage/authentication-and-authorization/approvers +/app/views/notify/access_token_about_to_expire_email.html.haml @gitlab-org/manage/authentication-and-authorization/approvers +/app/views/notify/access_token_about_to_expire_email.text.erb @gitlab-org/manage/authentication-and-authorization/approvers +/app/views/notify/access_token_created_email.html.haml @gitlab-org/manage/authentication-and-authorization/approvers +/app/views/notify/access_token_created_email.text.erb @gitlab-org/manage/authentication-and-authorization/approvers +/app/views/notify/access_token_expired_email.html.haml @gitlab-org/manage/authentication-and-authorization/approvers +/app/views/notify/access_token_expired_email.text.erb @gitlab-org/manage/authentication-and-authorization/approvers +/app/views/profiles/passwords/ @gitlab-org/manage/authentication-and-authorization/approvers +/app/views/profiles/personal_access_tokens/ @gitlab-org/manage/authentication-and-authorization/approvers +/app/views/profiles/two_factor_auths/ @gitlab-org/manage/authentication-and-authorization/approvers +/app/views/projects/mirrors/_authentication_method.html.haml @gitlab-org/manage/authentication-and-authorization/approvers +/app/views/projects/settings/access_tokens/ @gitlab-org/manage/authentication-and-authorization/approvers +/app/views/shared/_no_password.html.haml @gitlab-org/manage/authentication-and-authorization/approvers +/app/views/shared/_two_factor_auth_recovery_settings_check.html.haml @gitlab-org/manage/authentication-and-authorization/approvers +/app/views/shared/access_tokens/ @gitlab-org/manage/authentication-and-authorization/approvers +/app/views/shared/members/_two_factor_auth_badge.html.haml @gitlab-org/manage/authentication-and-authorization/approvers +/app/views/shared/tokens/ @gitlab-org/manage/authentication-and-authorization/approvers +/app/workers/authorized_keys_worker.rb @gitlab-org/manage/authentication-and-authorization/approvers +/app/workers/authorized_project_update/ @gitlab-org/manage/authentication-and-authorization/approvers +/app/workers/authorized_projects_worker.rb @gitlab-org/manage/authentication-and-authorization/approvers +/app/workers/personal_access_tokens/ @gitlab-org/manage/authentication-and-authorization/approvers +/config/feature_flags/development/access_token_pagination.yml @gitlab-org/manage/authentication-and-authorization/approvers +/config/feature_flags/development/application_settings_tokens_optional_encryption.yml @gitlab-org/manage/authentication-and-authorization/approvers +/config/feature_flags/development/enforce_auth_checks_on_uploads.yml @gitlab-org/manage/authentication-and-authorization/approvers +/config/feature_flags/development/forti_authenticator.yml @gitlab-org/manage/authentication-and-authorization/approvers +/config/feature_flags/development/forti_token_cloud.yml @gitlab-org/manage/authentication-and-authorization/approvers +/config/feature_flags/development/groups_tokens_optional_encryption.yml @gitlab-org/manage/authentication-and-authorization/approvers +/config/feature_flags/development/pbkdf2_password_encryption.yml @gitlab-org/manage/authentication-and-authorization/approvers +/config/feature_flags/development/pbkdf2_password_encryption_write.yml @gitlab-org/manage/authentication-and-authorization/approvers +/config/feature_flags/development/projects_tokens_optional_encryption.yml @gitlab-org/manage/authentication-and-authorization/approvers +/config/feature_flags/development/skip_group_share_unlink_auth_refresh.yml @gitlab-org/manage/authentication-and-authorization/approvers +/config/feature_flags/development/specialized_worker_for_group_lock_update_auth_recalculation.yml @gitlab-org/manage/authentication-and-authorization/approvers +/config/feature_flags/development/update_oauth_registration_flow.yml @gitlab-org/manage/authentication-and-authorization/approvers +/config/feature_flags/development/webauthn.yml @gitlab-org/manage/authentication-and-authorization/approvers +/config/feature_flags/ops/block_password_auth_for_saml_users.yml @gitlab-org/manage/authentication-and-authorization/approvers +/config/initializers/01_secret_token.rb @gitlab-org/manage/authentication-and-authorization/approvers +/config/initializers/devise_dynamic_password_length_validation.rb @gitlab-org/manage/authentication-and-authorization/approvers +/config/initializers/devise_password_length.rb.example @gitlab-org/manage/authentication-and-authorization/approvers +/config/initializers/gitlab_shell_secret_token.rb @gitlab-org/manage/authentication-and-authorization/approvers +/config/initializers/omniauth.rb @gitlab-org/manage/authentication-and-authorization/approvers +/config/initializers/rails_host_authorization.rb @gitlab-org/manage/authentication-and-authorization/approvers +/config/initializers/rails_host_authorization_gitpod.rb @gitlab-org/manage/authentication-and-authorization/approvers +/config/initializers/webauthn.rb @gitlab-org/manage/authentication-and-authorization/approvers +/config/initializers_before_autoloader/100_patch_omniauth_oauth2.rb @gitlab-org/manage/authentication-and-authorization/approvers +/config/initializers_before_autoloader/100_patch_omniauth_saml.rb @gitlab-org/manage/authentication-and-authorization/approvers +/ee/app/assets/javascripts/access_tokens/ @gitlab-org/manage/authentication-and-authorization/approvers +/ee/app/assets/javascripts/audit_events/components/tokens/ @gitlab-org/manage/authentication-and-authorization/approvers +/ee/app/assets/javascripts/audit_events/token_utils.js @gitlab-org/manage/authentication-and-authorization/approvers +/ee/app/assets/javascripts/groups/settings/components/ @gitlab-org/manage/authentication-and-authorization/approvers +/ee/app/assets/javascripts/pages/admin/application_settings/general/components/ @gitlab-org/manage/authentication-and-authorization/approvers +/ee/app/assets/javascripts/pages/groups/omniauth_callbacks/ @gitlab-org/manage/authentication-and-authorization/approvers +/ee/app/assets/javascripts/pages/passwords/ @gitlab-org/manage/authentication-and-authorization/approvers +/ee/app/assets/javascripts/pages/profiles/passwords/ @gitlab-org/manage/authentication-and-authorization/approvers +/ee/app/assets/javascripts/password/ @gitlab-org/manage/authentication-and-authorization/approvers +/ee/app/assets/javascripts/pipelines/components/pipelines_list/ @gitlab-org/manage/authentication-and-authorization/approvers +/ee/app/assets/javascripts/requirements/components/tokens/ @gitlab-org/manage/authentication-and-authorization/approvers +/ee/app/assets/javascripts/runner/components/search_tokens/ @gitlab-org/manage/authentication-and-authorization/approvers +/ee/app/assets/javascripts/saml_providers/scim_token_service.js @gitlab-org/manage/authentication-and-authorization/approvers +/ee/app/assets/javascripts/saml_sso/components/ @gitlab-org/manage/authentication-and-authorization/approvers +/ee/app/assets/javascripts/vue_merge_request_widget/components/approvals/approvals_auth.vue @gitlab-org/manage/authentication-and-authorization/approvers +/ee/app/controllers/concerns/ee/authenticates_with_two_factor.rb @gitlab-org/manage/authentication-and-authorization/approvers +/ee/app/controllers/concerns/ee/enforces_two_factor_authentication.rb @gitlab-org/manage/authentication-and-authorization/approvers +/ee/app/controllers/concerns/saml_authorization.rb @gitlab-org/manage/authentication-and-authorization/approvers +/ee/app/controllers/ee/ldap/ @gitlab-org/manage/authentication-and-authorization/approvers +/ee/app/controllers/ee/omniauth_callbacks_controller.rb @gitlab-org/manage/authentication-and-authorization/approvers +/ee/app/controllers/ee/passwords_controller.rb @gitlab-org/manage/authentication-and-authorization/approvers +/ee/app/controllers/groups/omniauth_callbacks_controller.rb @gitlab-org/manage/authentication-and-authorization/approvers +/ee/app/controllers/groups/scim_oauth_controller.rb @gitlab-org/manage/authentication-and-authorization/approvers +/ee/app/controllers/oauth/ @gitlab-org/manage/authentication-and-authorization/approvers +/ee/app/controllers/omniauth_kerberos_spnego_controller.rb @gitlab-org/manage/authentication-and-authorization/approvers +/ee/app/finders/auth/ @gitlab-org/manage/authentication-and-authorization/approvers +/ee/app/helpers/ee/access_tokens_helper.rb @gitlab-org/manage/authentication-and-authorization/approvers +/ee/app/helpers/ee/auth_helper.rb @gitlab-org/manage/authentication-and-authorization/approvers +/ee/app/helpers/ee/personal_access_tokens_helper.rb @gitlab-org/manage/authentication-and-authorization/approvers +/ee/app/models/concerns/password_complexity.rb @gitlab-org/manage/authentication-and-authorization/approvers +/ee/app/models/ee/personal_access_token.rb @gitlab-org/manage/authentication-and-authorization/approvers +/ee/app/models/ee/project_authorization.rb @gitlab-org/manage/authentication-and-authorization/approvers +/ee/app/models/scim_oauth_access_token.rb @gitlab-org/manage/authentication-and-authorization/approvers +/ee/app/serializers/scim_oauth_access_token_entity.rb @gitlab-org/manage/authentication-and-authorization/approvers +/ee/app/services/ee/auth/ @gitlab-org/manage/authentication-and-authorization/approvers +/ee/app/services/ee/personal_access_tokens/ @gitlab-org/manage/authentication-and-authorization/approvers +/ee/app/services/ee/resource_access_tokens/ @gitlab-org/manage/authentication-and-authorization/approvers +/ee/app/services/personal_access_tokens/ @gitlab-org/manage/authentication-and-authorization/approvers +/ee/app/services/security/token_revocation_service.rb @gitlab-org/manage/authentication-and-authorization/approvers +/ee/app/validators/password/ @gitlab-org/manage/authentication-and-authorization/approvers +/ee/app/views/admin/application_settings/_personal_access_token_expiration_policy.html.haml @gitlab-org/manage/authentication-and-authorization/approvers +/ee/app/views/credentials_inventory_mailer/personal_access_token_revoked_email.html.haml @gitlab-org/manage/authentication-and-authorization/approvers +/ee/app/views/credentials_inventory_mailer/personal_access_token_revoked_email.text.haml @gitlab-org/manage/authentication-and-authorization/approvers +/ee/app/views/groups/_personal_access_token_expiration_policy.html.haml @gitlab-org/manage/authentication-and-authorization/approvers +/ee/app/views/groups/sso/_authorize_pane.html.haml @gitlab-org/manage/authentication-and-authorization/approvers +/ee/app/views/notify/policy_revoked_personal_access_tokens_email.html.haml @gitlab-org/manage/authentication-and-authorization/approvers +/ee/app/views/notify/policy_revoked_personal_access_tokens_email.text.erb @gitlab-org/manage/authentication-and-authorization/approvers +/ee/app/views/oauth/ @gitlab-org/manage/authentication-and-authorization/approvers +/ee/app/views/shared/_password_requirements_list.html.haml @gitlab-org/manage/authentication-and-authorization/approvers +/ee/app/views/shared/credentials_inventory/_personal_access_tokens.html.haml @gitlab-org/manage/authentication-and-authorization/approvers +/ee/app/views/shared/credentials_inventory/_project_access_tokens.html.haml @gitlab-org/manage/authentication-and-authorization/approvers +/ee/app/views/shared/credentials_inventory/personal_access_tokens/ @gitlab-org/manage/authentication-and-authorization/approvers +/ee/app/views/shared/credentials_inventory/project_access_tokens/ @gitlab-org/manage/authentication-and-authorization/approvers +/ee/app/workers/auth/ @gitlab-org/manage/authentication-and-authorization/approvers +/ee/app/workers/personal_access_tokens/ @gitlab-org/manage/authentication-and-authorization/approvers +/ee/config/routes/oauth.rb @gitlab-org/manage/authentication-and-authorization/approvers +/ee/lib/ee/gitlab/auth/ @gitlab-org/manage/authentication-and-authorization/approvers +/ee/lib/ee/gitlab/omniauth_initializer.rb @gitlab-org/manage/authentication-and-authorization/approvers +/ee/lib/gitlab/auth/ @gitlab-org/manage/authentication-and-authorization/approvers +/ee/lib/gitlab/auth_logger.rb @gitlab-org/manage/authentication-and-authorization/approvers +/ee/lib/gitlab/authority_analyzer.rb @gitlab-org/manage/authentication-and-authorization/approvers +/ee/lib/gitlab/geo/oauth/ @gitlab-org/manage/authentication-and-authorization/approvers +/ee/lib/gitlab/kerberos/ @gitlab-org/manage/authentication-and-authorization/approvers +/ee/lib/omni_auth/ @gitlab-org/manage/authentication-and-authorization/approvers +/ee/lib/system_check/geo/authorized_keys_check.rb @gitlab-org/manage/authentication-and-authorization/approvers +/ee/lib/system_check/geo/authorized_keys_flag_check.rb @gitlab-org/manage/authentication-and-authorization/approvers +/lib/api/entities/ci/reset_token_result.rb @gitlab-org/manage/authentication-and-authorization/approvers +/lib/api/entities/impersonation_token.rb @gitlab-org/manage/authentication-and-authorization/approvers +/lib/api/entities/impersonation_token_with_token.rb @gitlab-org/manage/authentication-and-authorization/approvers +/lib/api/entities/personal_access_token.rb @gitlab-org/manage/authentication-and-authorization/approvers +/lib/api/entities/personal_access_token_with_details.rb @gitlab-org/manage/authentication-and-authorization/approvers +/lib/api/entities/personal_access_token_with_token.rb @gitlab-org/manage/authentication-and-authorization/approvers +/lib/api/entities/resource_access_token.rb @gitlab-org/manage/authentication-and-authorization/approvers +/lib/api/entities/resource_access_token_with_token.rb @gitlab-org/manage/authentication-and-authorization/approvers +/lib/api/helpers/authentication.rb @gitlab-org/manage/authentication-and-authorization/approvers +/lib/api/helpers/packages/basic_auth_helpers.rb @gitlab-org/manage/authentication-and-authorization/approvers +/lib/api/personal_access_tokens.rb @gitlab-org/manage/authentication-and-authorization/approvers +/lib/api/resource_access_tokens.rb @gitlab-org/manage/authentication-and-authorization/approvers +/lib/api/support/token_with_expiration.rb @gitlab-org/manage/authentication-and-authorization/approvers +/lib/gitlab/api_authentication/ @gitlab-org/manage/authentication-and-authorization/approvers +/lib/gitlab/auth/ @gitlab-org/manage/authentication-and-authorization/approvers +/lib/gitlab/auth.rb @gitlab-org/manage/authentication-and-authorization/approvers +/lib/gitlab/auth_logger.rb @gitlab-org/manage/authentication-and-authorization/approvers +/lib/gitlab/authorized_keys.rb @gitlab-org/manage/authentication-and-authorization/approvers +/lib/gitlab/background_migration/encrypt_static_object_token.rb @gitlab-org/manage/authentication-and-authorization/approvers +/lib/gitlab/background_migration/expire_o_auth_tokens.rb @gitlab-org/manage/authentication-and-authorization/approvers +/lib/gitlab/background_migration/migrate_u2f_webauthn.rb @gitlab-org/manage/authentication-and-authorization/approvers +/lib/gitlab/background_migration/update_users_where_two_factor_auth_required_from_group.rb @gitlab-org/manage/authentication-and-authorization/approvers +/lib/gitlab/chat_name_token.rb @gitlab-org/manage/authentication-and-authorization/approvers +/lib/gitlab/ci/pipeline/expression/token.rb @gitlab-org/manage/authentication-and-authorization/approvers +/lib/gitlab/external_authorization/ @gitlab-org/manage/authentication-and-authorization/approvers +/lib/gitlab/external_authorization.rb @gitlab-org/manage/authentication-and-authorization/approvers +/lib/gitlab/grape_logging/loggers/token_logger.rb @gitlab-org/manage/authentication-and-authorization/approvers +/lib/gitlab/graphql/authorize/ @gitlab-org/manage/authentication-and-authorization/approvers +/lib/gitlab/jwt_authenticatable.rb @gitlab-org/manage/authentication-and-authorization/approvers +/lib/gitlab/jwt_token.rb @gitlab-org/manage/authentication-and-authorization/approvers +/lib/gitlab/lfs_token.rb @gitlab-org/manage/authentication-and-authorization/approvers +/lib/gitlab/mail_room/ @gitlab-org/manage/authentication-and-authorization/approvers +/lib/gitlab/omniauth_initializer.rb @gitlab-org/manage/authentication-and-authorization/approvers +/lib/gitlab/project_authorizations.rb @gitlab-org/manage/authentication-and-authorization/approvers +/lib/json_web_token/ @gitlab-org/manage/authentication-and-authorization/approvers +/lib/omni_auth/ @gitlab-org/manage/authentication-and-authorization/approvers +/lib/system_check/app/authorized_keys_permission_check.rb @gitlab-org/manage/authentication-and-authorization/approvers +/lib/system_check/incoming_email/imap_authentication_check.rb @gitlab-org/manage/authentication-and-authorization/approvers +/lib/tasks/gitlab/password.rake @gitlab-org/manage/authentication-and-authorization/approvers +/lib/tasks/tokens.rake @gitlab-org/manage/authentication-and-authorization/approvers + +[Compliance] +/ee/app/services/audit_events/build_service.rb @gitlab-org/manage/compliance +/ee/spec/services/audit_events/custom_audit_event_service_spec.rb @gitlab-org/manage/compliance +/app/models/audit_event.rb @gitlab-org/manage/compliance +/app/services/audit_event_service.rb @gitlab-org/manage/compliance +/app/services/concerns/audit_event_save_type.rb @gitlab-org/manage/compliance +/app/views/profiles/audit_log.html.haml @gitlab-org/manage/compliance +/data/deprecations/14-3-repository-push-audit-events.yml @gitlab-org/manage/compliance +/data/removals/15_0/removal_manage_repository_push_audit_event.yml @gitlab-org/manage/compliance +/db/docs/audit_events.yml @gitlab-org/manage/compliance +/db/docs/audit_events_external_audit_event_destinations.yml @gitlab-org/manage/compliance +/db/docs/audit_events_streaming_headers.yml @gitlab-org/manage/compliance +/db/migrate/20210819185500_create_external_audit_event_destinations_table.rb @gitlab-org/manage/compliance +/db/migrate/20220524141800_create_audit_events_streaming_headers.rb @gitlab-org/manage/compliance +/db/post_migrate/20210331105335_drop_non_partitioned_audit_events.rb @gitlab-org/manage/compliance +/db/post_migrate/20220119094503_populate_audit_event_streaming_verification_token.rb @gitlab-org/manage/compliance +/doc/administration/audit_event_streaming.md @gitlab-org/manage/compliance +/doc/administration/audit_events.md @gitlab-org/manage/compliance +/doc/administration/audit_reports.md @gitlab-org/manage/compliance +/doc/administration/auditor_users.md @gitlab-org/manage/compliance +/doc/api/audit_events.md @gitlab-org/manage/compliance +/doc/api/graphql/audit_report.md @gitlab-org/manage/compliance +/ee/app/assets/javascripts/audit_events/components/audit_events_app.vue @gitlab-org/manage/compliance +/ee/app/assets/javascripts/audit_events/components/audit_events_export_button.vue @gitlab-org/manage/compliance +/ee/app/assets/javascripts/audit_events/components/audit_events_filter.vue @gitlab-org/manage/compliance +/ee/app/assets/javascripts/audit_events/components/audit_events_log.vue @gitlab-org/manage/compliance +/ee/app/assets/javascripts/audit_events/components/audit_events_stream.vue @gitlab-org/manage/compliance +/ee/app/assets/javascripts/audit_events/components/audit_events_table.vue @gitlab-org/manage/compliance +/ee/app/assets/javascripts/audit_events/components/tokens/shared/ @gitlab-org/manage/compliance +/ee/app/assets/javascripts/audit_events/init_audit_events.js @gitlab-org/manage/compliance +/ee/app/controllers/admin/audit_log_reports_controller.rb @gitlab-org/manage/compliance +/ee/app/controllers/admin/audit_logs_controller.rb @gitlab-org/manage/compliance +/ee/app/controllers/concerns/audit_events/audit_events_params.rb @gitlab-org/manage/compliance +/ee/app/controllers/groups/audit_events_controller.rb @gitlab-org/manage/compliance +/ee/app/controllers/projects/audit_events_controller.rb @gitlab-org/manage/compliance +/ee/app/finders/audit_event_finder.rb @gitlab-org/manage/compliance +/ee/app/graphql/types/audit_events/external_audit_event_destination_type.rb @gitlab-org/manage/compliance +/ee/app/helpers/audit_events_helper.rb @gitlab-org/manage/compliance +/ee/app/helpers/auditor_user_helper.rb @gitlab-org/manage/compliance +/ee/app/models/audit_events/external_audit_event_destination.rb @gitlab-org/manage/compliance +/ee/app/models/concerns/auditable.rb @gitlab-org/manage/compliance +/ee/app/models/ee/audit_event.rb @gitlab-org/manage/compliance +/ee/app/policies/audit_events/external_audit_event_destination_policy.rb @gitlab-org/manage/compliance +/ee/app/presenters/audit_event_presenter.rb @gitlab-org/manage/compliance +/ee/app/serializers/audit_event_entity.rb @gitlab-org/manage/compliance +/ee/app/serializers/audit_event_serializer.rb @gitlab-org/manage/compliance +/ee/app/services/ci/audit_variable_change_service.rb @gitlab-org/manage/compliance +/ee/app/services/ee/audit_event_service.rb @gitlab-org/manage/compliance +/ee/app/views/admin/users/_auditor_access_level_radio.html.haml @gitlab-org/manage/compliance +/ee/app/views/admin/users/_auditor_user_badge.html.haml @gitlab-org/manage/compliance +/ee/app/views/shared/icons/_icon_audit_events_purple.svg @gitlab-org/manage/compliance +/ee/app/views/shared/promotions/_promote_audit_events.html.haml @gitlab-org/manage/compliance +/ee/app/workers/audit_events/audit_event_streaming_worker.rb @gitlab-org/manage/compliance +/ee/config/events/1652263097_groups__audit_events__index_click_streams_tab.yml @gitlab-org/manage/compliance +/ee/config/events/202108302307_admin_audit_logs_index_click_date_range_button.yml @gitlab-org/manage/compliance +/ee/config/events/202108302307_groups__audit_events_controller_search_audit_event.yml @gitlab-org/manage/compliance +/ee/config/events/202108302307_profiles_controller_search_audit_event.yml @gitlab-org/manage/compliance +/ee/config/events/202108302307_projects__audit_events_controller_search_audit_event.yml @gitlab-org/manage/compliance +/ee/config/events/202111041910_admin__audit_logs_controller_search_audit_event.yml @gitlab-org/manage/compliance +/ee/config/feature_flags/development/audit_event_streaming_git_operations.yml @gitlab-org/manage/compliance +/ee/config/feature_flags/development/audit_log_group_level.yml @gitlab-org/manage/compliance +/ee/config/metrics/counts_28d/20210216183930_g_compliance_audit_events_monthly.yml @gitlab-org/manage/compliance +/ee/config/metrics/counts_28d/20210216183934_i_compliance_audit_events_monthly.yml @gitlab-org/manage/compliance +/ee/config/metrics/counts_28d/20210216183942_a_compliance_audit_events_api_monthly.yml @gitlab-org/manage/compliance +/ee/config/metrics/counts_28d/20211130085433_g_manage_compliance_audit_event_destinations.yml @gitlab-org/manage/compliance +/ee/config/metrics/counts_7d/20210216183906_g_compliance_audit_events.yml @gitlab-org/manage/compliance +/ee/config/metrics/counts_7d/20210216183908_i_compliance_audit_events.yml @gitlab-org/manage/compliance +/ee/config/metrics/counts_7d/20210216183912_a_compliance_audit_events_api.yml @gitlab-org/manage/compliance +/ee/config/metrics/counts_7d/20210216183928_g_compliance_audit_events_weekly.yml @gitlab-org/manage/compliance +/ee/config/metrics/counts_7d/20210216183932_i_compliance_audit_events_weekly.yml @gitlab-org/manage/compliance +/ee/config/metrics/counts_7d/20210216183940_a_compliance_audit_events_api_weekly.yml @gitlab-org/manage/compliance +/ee/config/metrics/counts_all/20211130085433_g_manage_compliance_audit_event_destinations.yml @gitlab-org/manage/compliance +/ee/lib/api/audit_events.rb @gitlab-org/manage/compliance +/ee/lib/audit/external_status_check_changes_auditor.rb @gitlab-org/manage/compliance +/ee/lib/audit/group_merge_request_approval_setting_changes_auditor.rb @gitlab-org/manage/compliance +/ee/lib/audit/group_push_rules_changes_auditor.rb @gitlab-org/manage/compliance +/ee/lib/ee/api/entities/audit_event.rb @gitlab-org/manage/compliance +/ee/lib/ee/audit/ @gitlab-org/manage/compliance +/ee/lib/ee/gitlab/audit/ @gitlab-org/manage/compliance +/ee/spec/controllers/admin/audit_log_reports_controller_spec.rb @gitlab-org/manage/compliance +/ee/spec/controllers/admin/audit_logs_controller_spec.rb @gitlab-org/manage/compliance +/ee/spec/controllers/groups/audit_events_controller_spec.rb @gitlab-org/manage/compliance +/ee/spec/controllers/projects/audit_events_controller_spec.rb @gitlab-org/manage/compliance +/ee/spec/factories/audit_events/external_audit_event_destinations.rb @gitlab-org/manage/compliance +/ee/spec/features/admin/admin_audit_logs_spec.rb @gitlab-org/manage/compliance +/ee/spec/features/groups/audit_events_spec.rb @gitlab-org/manage/compliance +/ee/spec/features/projects/audit_events_spec.rb @gitlab-org/manage/compliance +/ee/spec/finders/audit_event_finder_spec.rb @gitlab-org/manage/compliance +/ee/spec/fixtures/api/schemas/public_api/v4/audit_event.json @gitlab-org/manage/compliance +/ee/spec/fixtures/api/schemas/public_api/v4/audit_events.json @gitlab-org/manage/compliance +/ee/spec/frontend/audit_events/components/__snapshots__/ @gitlab-org/manage/compliance +/ee/spec/frontend/audit_events/components/audit_events_app_spec.js @gitlab-org/manage/compliance +/ee/spec/frontend/audit_events/components/audit_events_export_button_spec.js @gitlab-org/manage/compliance +/ee/spec/frontend/audit_events/components/audit_events_filter_spec.js @gitlab-org/manage/compliance +/ee/spec/frontend/audit_events/components/audit_events_logs_spec.js @gitlab-org/manage/compliance +/ee/spec/frontend/audit_events/components/audit_events_stream_spec.js @gitlab-org/manage/compliance +/ee/spec/frontend/audit_events/components/audit_events_table_spec.js @gitlab-org/manage/compliance +/ee/spec/frontend/audit_events/components/tokens/shared/ @gitlab-org/manage/compliance +/ee/spec/graphql/types/audit_events/exterrnal_audit_event_destination_type_spec.rb @gitlab-org/manage/compliance +/ee/spec/helpers/audit_events_helper_spec.rb @gitlab-org/manage/compliance +/ee/spec/lib/audit/external_status_check_changes_auditor_spec.rb @gitlab-org/manage/compliance +/ee/spec/lib/audit/group_merge_request_approval_setting_changes_auditor_spec.rb @gitlab-org/manage/compliance +/ee/spec/lib/audit/group_push_rules_changes_auditor_spec.rb @gitlab-org/manage/compliance +/ee/spec/lib/ee/audit/ @gitlab-org/manage/compliance +/ee/spec/lib/gitlab/audit/auditor_spec.rb @gitlab-org/manage/compliance +/ee/spec/models/audit_events/external_audit_event_destination_spec.rb @gitlab-org/manage/compliance +/ee/spec/models/concerns/auditable_spec.rb @gitlab-org/manage/compliance +/ee/spec/models/ee/audit_event_spec.rb @gitlab-org/manage/compliance +/ee/spec/presenters/audit_event_presenter_spec.rb @gitlab-org/manage/compliance +/ee/spec/requests/admin/audit_events_spec.rb @gitlab-org/manage/compliance +/ee/spec/requests/api/audit_events_spec.rb @gitlab-org/manage/compliance +/ee/spec/requests/api/graphql/group/external_audit_event_destinations_spec.rb @gitlab-org/manage/compliance +/ee/spec/requests/groups/audit_events_spec.rb @gitlab-org/manage/compliance +/ee/spec/requests/projects/audit_events_spec.rb @gitlab-org/manage/compliance +/ee/spec/serializers/audit_event_entity_spec.rb @gitlab-org/manage/compliance +/ee/spec/serializers/audit_event_serializer_spec.rb @gitlab-org/manage/compliance +/ee/spec/services/audit_event_service_spec.rb @gitlab-org/manage/compliance +/ee/spec/support/shared_contexts/audit_event_not_licensed_shared_context.rb @gitlab-org/manage/compliance +/ee/spec/support/shared_contexts/audit_event_queue_shared_context.rb @gitlab-org/manage/compliance +/ee/spec/support/shared_examples/audit/ @gitlab-org/manage/compliance +/ee/spec/support/shared_examples/features/audit_events_filter_shared_examples.rb @gitlab-org/manage/compliance +/ee/spec/support/shared_examples/services/audit_event_logging_shared_examples.rb @gitlab-org/manage/compliance +/ee/spec/workers/audit_events/audit_event_streaming_worker_spec.rb @gitlab-org/manage/compliance +/lib/gitlab/audit/auditor.rb @gitlab-org/manage/compliance +/lib/gitlab/audit_json_logger.rb @gitlab-org/manage/compliance +/spec/factories/audit_events.rb @gitlab-org/manage/compliance +/spec/lib/gitlab/audit/auditor_spec.rb @gitlab-org/manage/compliance +/spec/migrations/populate_audit_event_streaming_verification_token_spec.rb @gitlab-org/manage/compliance +/spec/models/audit_event_spec.rb @gitlab-org/manage/compliance +/spec/services/audit_event_service_spec.rb @gitlab-org/manage/compliance +/spec/services/concerns/audit_event_save_type_spec.rb @gitlab-org/manage/compliance +/spec/support/shared_examples/sends_git_audit_streaming_event_shared_examples.rb @gitlab-org/manage/compliance +/spec/views/profiles/audit_log.html.haml_spec.rb @gitlab-org/manage/compliance +/vendor/project_templates/hipaa_audit_protocol.tar.gz @gitlab-org/manage/compliance diff --git a/.gitlab/ci/frontend.gitlab-ci.yml b/.gitlab/ci/frontend.gitlab-ci.yml index 8c49d5c212a..1d0218f4bd7 100644 --- a/.gitlab/ci/frontend.gitlab-ci.yml +++ b/.gitlab/ci/frontend.gitlab-ci.yml @@ -65,12 +65,6 @@ compile-test-assets as-if-foss: - .frontend:rules:compile-test-assets-as-if-foss - .as-if-foss -compile-test-assets as-if-jh: - extends: - - compile-test-assets - - .frontend:rules:compile-test-assets-as-if-jh - needs: ["add-jh-folder"] - update-assets-compile-production-cache: extends: - compile-production-assets @@ -144,24 +138,12 @@ rspec-all frontend_fixture: rspec-all frontend_fixture as-if-foss: extends: - .frontend-fixtures-base - - .frontend:rules:default-frontend-jobs-as-if-foss + - .frontend:rules:frontend_fixture-as-if-foss - .as-if-foss needs: - !reference [.frontend-fixtures-base, needs] - "compile-test-assets as-if-foss" -# Builds FOSS, EE, and JH fixtures in the EE project, with the `jh/` folder added (due to `as-if-jh`). -rspec-all frontend_fixture as-if-jh: - extends: - - .frontend-fixtures-base - - .frontend:rules:default-frontend-jobs-as-if-jh - needs: - - !reference [.frontend-fixtures-base, needs] - - "compile-test-assets as-if-jh" - - "add-jh-folder" - script: - - echo "This job is currently doing nothing since there's no specific JH fixtures yet. To enable this job, remove this line." - graphql-schema-dump: variables: SETUP_DB: "false" @@ -194,7 +176,10 @@ graphql-schema-dump as-if-foss: # Disable warnings in browserslist which can break on backports # https://github.com/browserslist/browserslist/blob/a287ec6/node.js#L367-L384 BROWSERSLIST_IGNORE_OLD_DATA: "true" + USE_BUNDLE_INSTALL: "false" + SETUP_DB: "false" before_script: + - !reference [.default-before_script, before_script] - *yarn-install stage: test @@ -230,6 +215,17 @@ jest minimal: script: - run_timed_command "yarn jest:ci:minimal" +jest minimal as-if-foss: + extends: + - .jest-base + - .frontend:rules:jest:minimal:as-if-foss + - .as-if-foss + needs: + - "rspec-all frontend_fixture as-if-foss" + - "detect-tests" + script: + - run_timed_command "yarn jest:ci:minimal" + jest-integration: extends: - .frontend-test-base @@ -248,14 +244,6 @@ jest-as-if-foss: needs: ["rspec-all frontend_fixture as-if-foss"] parallel: 2 -jest-as-if-jh: - extends: - - .jest-base - - .frontend:rules:default-frontend-jobs-as-if-jh - needs: ["rspec-all frontend_fixture as-if-jh", "add-jh-folder"] - script: - - echo "This job is currently doing nothing since there's no specific JH Jest tests yet. To enable this job, remove this line." - coverage-frontend: extends: - .default-retry diff --git a/.gitlab/ci/qa.gitlab-ci.yml b/.gitlab/ci/qa.gitlab-ci.yml index 12275260c0c..a71aac4225e 100644 --- a/.gitlab/ci/qa.gitlab-ci.yml +++ b/.gitlab/ci/qa.gitlab-ci.yml @@ -1,5 +1,5 @@ .qa-job-base: - image: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images/debian-bullseye-ruby-2.7:bundler-2.3-git-2.33-chrome-${CHROME_VERSION} + image: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images/debian-bullseye-ruby-2.7:bundler-2.3-chrome-103-docker-20.10.14 extends: - .default-retry - .qa-cache @@ -97,7 +97,7 @@ populate-qa-tests-var: - tooling/bin/find_change_diffs ${CHANGES_DIFFS_DIR} script: - 'echo "QA_TESTS: $QA_TESTS"' - - exit_code=0 && tooling/bin/qa/package_and_qa_check ${CHANGES_DIFFS_DIR} || exit_code=$? + - exit_code=0 && tooling/bin/qa/run_qa_check ${CHANGES_DIFFS_DIR} || exit_code=$? - echo $exit_code - | if [ $exit_code -eq 0 ]; then @@ -105,7 +105,7 @@ populate-qa-tests-var: elif [ $exit_code -eq 1 ]; then exit 1 else - echo "Downstream jobs will not be triggered because package_and_qa_check exited with code: $exit_code" + echo "Downstream jobs will not be triggered because run_qa_check exited with code: $exit_code" fi # These jobs often time out, so temporarily use private runners and a long timeout: https://gitlab.com/gitlab-org/gitlab/-/issues/238563 tags: diff --git a/.gitlab/ci/rails.gitlab-ci.yml b/.gitlab/ci/rails.gitlab-ci.yml index 6fa9d14d47b..50c86313d29 100644 --- a/.gitlab/ci/rails.gitlab-ci.yml +++ b/.gitlab/ci/rails.gitlab-ci.yml @@ -84,12 +84,6 @@ - .use-pg12 needs: ["setup-test-env", "retrieve-tests-metadata", "compile-test-assets as-if-foss", "detect-tests"] -.rspec-base-pg12-as-if-jh: - extends: - - .rspec-base - - .use-pg12 - needs: ["setup-test-env", "retrieve-tests-metadata", "compile-test-assets as-if-jh", "detect-tests", "add-jh-folder"] - .rspec-base-pg13: extends: - .rspec-base @@ -117,11 +111,6 @@ - .use-pg12-opensearch1-ee - .rails:rules:run-search-tests -.rspec-jh-base-pg12: - extends: - - .rspec-base-pg12-as-if-jh - - .use-pg12-ee - .rspec-ee-base-pg13: extends: - .rspec-base @@ -503,6 +492,12 @@ db:backup_and_restore: - "lib/backup/**/*" - "lib/tasks/gitlab/backup.rake" +db:backup_and_restore single-db: + extends: + - db:backup_and_restore + - .single-db + - .rails:rules:single-db + rspec:deprecations: extends: - .default-retry @@ -738,31 +733,6 @@ rspec system pg12-as-if-foss single-db: - .single-db-rspec - .rails:rules:single-db -rspec migration pg12-as-if-jh: - extends: - - .rspec-base-pg12-as-if-jh - - .rspec-base-migration - - .rails:rules:as-if-jh-rspec - - .rspec-migration-parallel - -rspec unit pg12-as-if-jh: - extends: - - .rspec-base-pg12-as-if-jh - - .rails:rules:as-if-jh-rspec - - .rspec-unit-parallel - -rspec integration pg12-as-if-jh: - extends: - - .rspec-base-pg12-as-if-jh - - .rails:rules:as-if-jh-rspec - - .rspec-integration-parallel - -rspec system pg12-as-if-jh: - extends: - - .rspec-base-pg12-as-if-jh - - .rails:rules:as-if-jh-rspec - - .rspec-system-parallel - rspec-ee migration pg12: extends: - .rspec-ee-base-pg12 @@ -866,52 +836,6 @@ rspec-ee system pg12 single-db: - .single-db-rspec - .rails:rules:single-db -rspec-ee migration pg12-as-if-jh: - extends: - - .rspec-jh-base-pg12 - - .rspec-base-migration - - .rails:rules:as-if-jh-rspec - - .rspec-ee-migration-parallel - -rspec-ee unit pg12-as-if-jh: - extends: - - .rspec-jh-base-pg12 - - .rails:rules:as-if-jh-rspec - - .rspec-ee-unit-parallel - -rspec-ee integration pg12-as-if-jh: - extends: - - .rspec-jh-base-pg12 - - .rails:rules:as-if-jh-rspec - - .rspec-ee-integration-parallel - -rspec-ee system pg12-as-if-jh: - extends: - - .rspec-jh-base-pg12 - - .rails:rules:as-if-jh-rspec - - .rspec-ee-system-parallel - -rspec-jh migration pg12-as-if-jh: - extends: - - .rspec-jh-base-pg12 - - .rspec-base-migration - - .rails:rules:as-if-jh-rspec - -rspec-jh unit pg12-as-if-jh: - extends: - - .rspec-jh-base-pg12 - - .rails:rules:as-if-jh-rspec - -rspec-jh integration pg12-as-if-jh: - extends: - - .rspec-jh-base-pg12 - - .rails:rules:as-if-jh-rspec - -rspec-jh system pg12-as-if-jh: - extends: - - .rspec-jh-base-pg12 - - .rails:rules:as-if-jh-rspec - db:rollback geo: extends: - db:rollback diff --git a/.gitlab/ci/reports.gitlab-ci.yml b/.gitlab/ci/reports.gitlab-ci.yml index 68c71b359c2..52ed85190ec 100644 --- a/.gitlab/ci/reports.gitlab-ci.yml +++ b/.gitlab/ci/reports.gitlab-ci.yml @@ -13,6 +13,8 @@ code_quality: artifacts: paths: - gl-code-quality-report.json # GitLab-specific + # extends generated values cannot overwrite values from included files + # Use !reference as a workaround here rules: !reference [".reports:rules:code_quality", rules] allow_failure: true diff --git a/.gitlab/ci/review-apps/main.gitlab-ci.yml b/.gitlab/ci/review-apps/main.gitlab-ci.yml index 7f3ae70da8c..37ccecc0562 100644 --- a/.gitlab/ci/review-apps/main.gitlab-ci.yml +++ b/.gitlab/ci/review-apps/main.gitlab-ci.yml @@ -14,7 +14,7 @@ include: .base-before_script: &base-before_script - source ./scripts/utils.sh - source ./scripts/review_apps/review-apps.sh - - install_api_client_dependencies_with_apk + - apt-get update && apt-get install -y jq review-build-cng-env: extends: @@ -72,8 +72,7 @@ review-build-cng: .review-workflow-base: extends: - .default-retry - image: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images:gitlab-helm3.5-kubectl1.17 - resource_group: "review/${CI_COMMIT_REF_NAME}" + image: ${REVIEW_APPS_IMAGE} variables: HOST_SUFFIX: "${CI_ENVIRONMENT_SLUG}" DOMAIN: "-${CI_ENVIRONMENT_SLUG}.${REVIEW_APPS_DOMAIN}" @@ -139,6 +138,7 @@ review-stop: extends: - .review-stop-base - .review:rules:review-stop + resource_group: review/${CI_COMMIT_REF_SLUG}${SCHEDULE_TYPE} # CI_ENVIRONMENT_SLUG is not available here and we want this to be the same as the environment stage: deploy needs: [] script: diff --git a/.gitlab/ci/review-apps/qa.gitlab-ci.yml b/.gitlab/ci/review-apps/qa.gitlab-ci.yml index 8c48e803ad3..631fe7fef30 100644 --- a/.gitlab/ci/review-apps/qa.gitlab-ci.yml +++ b/.gitlab/ci/review-apps/qa.gitlab-ci.yml @@ -88,10 +88,8 @@ download-knapsack-report: - .bundle-base - .review:rules:review-qa-reliable stage: prepare - variables: - QA_KNAPSACK_REPORTS: review-qa-reliable,review-qa-all script: - - bundle exec rake "knapsack:download" + - bundle exec rake "knapsack:download[qa]" allow_failure: true artifacts: paths: diff --git a/.gitlab/ci/review-apps/skip-qa.gitlab-ci.yml b/.gitlab/ci/review-apps/skip-qa.gitlab-ci.yml new file mode 100644 index 00000000000..1305673a4d8 --- /dev/null +++ b/.gitlab/ci/review-apps/skip-qa.gitlab-ci.yml @@ -0,0 +1,13 @@ +stages: + - review + +include: + - local: .gitlab/ci/global.gitlab-ci.yml + - local: .gitlab/ci/rules.gitlab-ci.yml + +no-op: + extends: + - .review:rules:start-review-app-pipeline + stage: review + script: + - echo "Skip Review App because the MR includes only quarantine changes" diff --git a/.gitlab/ci/review.gitlab-ci.yml b/.gitlab/ci/review.gitlab-ci.yml index b2cd9d61fd8..4f51409d6a8 100644 --- a/.gitlab/ci/review.gitlab-ci.yml +++ b/.gitlab/ci/review.gitlab-ci.yml @@ -5,7 +5,8 @@ review-cleanup: extends: - .default-retry - .review:rules:review-cleanup - image: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images/ruby-3.0:gcloud-383-kubectl-1.23-helm-3.5 + image: ${REVIEW_APPS_IMAGE} + resource_group: review/${CI_COMMIT_REF_SLUG}${SCHEDULE_TYPE} # CI_ENVIRONMENT_SLUG is not available here and we want this to be the same as the environment stage: prepare environment: name: review/${CI_COMMIT_REF_SLUG}${SCHEDULE_TYPE} # No separator for SCHEDULE_TYPE so it's compatible as before and looks nice without it @@ -22,11 +23,42 @@ review-cleanup: - ruby -rrubygems scripts/review_apps/automated_cleanup.rb - gcp_cleanup +review-app-pipeline-generate: + image: ${GITLAB_DEPENDENCY_PROXY}ruby:${RUBY_VERSION} + stage: prepare + extends: + - .review:rules:start-review-app-pipeline + artifacts: + expire_in: 7d + paths: + - ${CHANGES_DIFFS_DIR}/* + - review-app-pipeline.yml + variables: + CHANGES_DIFFS_DIR: tmp/diffs + before_script: + - source scripts/utils.sh + - install_gitlab_gem + - tooling/bin/find_change_diffs ${CHANGES_DIFFS_DIR} + script: + - exit_code=0 && tooling/bin/qa/run_qa_check ${CHANGES_DIFFS_DIR} || exit_code=$? + - | + if [ $exit_code -eq 0 ]; then + echo "Review App will use the full pipeline" + cp .gitlab/ci/review-apps/main.gitlab-ci.yml review-app-pipeline.yml + elif [ $exit_code -eq 2 ]; then + echo "Skip Review App because the MR includes only quarantine changes" + cp .gitlab/ci/review-apps/skip-qa.gitlab-ci.yml review-app-pipeline.yml + else + exit $exit_code + fi + start-review-app-pipeline: extends: - .review:rules:start-review-app-pipeline + resource_group: review/${CI_COMMIT_REF_SLUG}${SCHEDULE_TYPE} # CI_ENVIRONMENT_SLUG is not available here and we want this to be the same as the environment stage: review needs: + - review-app-pipeline-generate - job: build-assets-image artifacts: false # These variables are set in the pipeline schedules. @@ -37,7 +69,8 @@ start-review-app-pipeline: DAST_RUN: $DAST_RUN trigger: include: - - local: .gitlab/ci/review-apps/main.gitlab-ci.yml + - artifact: review-app-pipeline.yml + job: review-app-pipeline-generate strategy: depend danger-review: @@ -52,12 +85,13 @@ danger-review: - bundle_install_script "--with danger" - run_timed_command "retry yarn install --frozen-lockfile" script: + # ${DANGER_DANGERFILE} is used by Jihulab for customizing danger support: https://jihulab.com/gitlab-cn/gitlab/-/blob/main-jh/jh/.gitlab-ci.yml - > if [ -z "$DANGER_GITLAB_API_TOKEN" ]; then run_timed_command danger_as_local else danger_id=$(echo -n ${DANGER_GITLAB_API_TOKEN} | md5sum | awk '{print $1}' | cut -c5-10) - run_timed_command "bundle exec danger --fail-on-errors=true --verbose --danger_id=${danger_id}" + run_timed_command "bundle exec danger --fail-on-errors=true --verbose --danger_id=\"${danger_id}\" --dangerfile=\"${DANGER_DANGERFILE:-Dangerfile}\"" fi danger-review-local: @@ -70,6 +104,8 @@ danger-review-local: reviewers-recommender: extends: - .default-retry - - .review:rules:reviewers-recommender + # extends generated values cannot overwrite values from included files + # Use !reference as a workaround here + rules: !reference [".review:rules:reviewers-recommender", rules] stage: test needs: [] diff --git a/.gitlab/ci/rules.gitlab-ci.yml b/.gitlab/ci/rules.gitlab-ci.yml index 93790f431dd..fcb853a7bd2 100644 --- a/.gitlab/ci/rules.gitlab-ci.yml +++ b/.gitlab/ci/rules.gitlab-ci.yml @@ -252,7 +252,7 @@ - "vendor/assets/**/*" - "{,ee/,jh/}app/assets/**/*" -.frontend-patterns: &frontend-patterns +.frontend-patterns-for-as-if-foss: &frontend-patterns-for-as-if-foss - "{package.json,yarn.lock}" - ".browserslistrc" - "babel.config.js" @@ -261,7 +261,7 @@ - "Dockerfile.assets" - "config/**/*.js" - "vendor/assets/**/*" - - "{,ee/,jh/}{app/assets,app/helpers,app/presenters,app/views,locale,public,symbol}/**/*" + - "{app/assets,app/helpers,app/presenters,app/views,locale,public,spec/frontend,symbol}/**/*" .controllers-patterns: &controllers-patterns - "{,ee/,jh/}{app/controllers}/**/*" @@ -369,7 +369,6 @@ - "Dockerfile.assets" - "vendor/assets/**/*" - ".{eslintignore,gitattributes,nvmrc,prettierrc,stylelintrc,yamllint}" - - ".gitlab-ci.yml" - "*_VERSION" - "{,jh/}Gemfile{,.lock}" - "Rakefile" @@ -400,7 +399,6 @@ - "Dockerfile.assets" - "vendor/assets/**/*" - ".{eslintignore,gitattributes,nvmrc,prettierrc,stylelintrc,yamllint}" - - ".gitlab-ci.yml" - "*_VERSION" - "{,jh/}Gemfile{,.lock}" - "Rakefile" @@ -526,17 +524,6 @@ - <<: *if-jh when: never -.as-if-jh-default-exclusion-rules: - rules: - - <<: *if-security-merge-request - when: never - - <<: *if-merge-request-targeting-stable-branch - when: never - - <<: *if-stable-branch-refs - when: never - - <<: *if-merge-request-labels-as-if-jh - allow_failure: true - .rails:rules:minimal-default-rules: rules: - <<: *if-merge-request-approved @@ -734,6 +721,7 @@ - <<: *if-merge-request-targeting-stable-branch - <<: *if-merge-request-labels-run-review-app - <<: *if-auto-deploy-branches + - changes: *ci-build-images-patterns - changes: *code-qa-patterns - changes: *workhorse-patterns @@ -753,18 +741,6 @@ - changes: *startup-css-patterns - changes: *workhorse-patterns -.frontend:rules:compile-test-assets-as-if-jh: - rules: - - !reference [".strict-ee-only-rules", rules] - - !reference [".as-if-jh-default-exclusion-rules", rules] - - <<: *if-merge-request-labels-run-all-rspec - allow_failure: true - - changes: *code-backstage-qa-patterns - allow_failure: true - - changes: *startup-css-patterns - allow_failure: true - - changes: *workhorse-patterns - .frontend:rules:default-frontend-jobs: rules: - <<: *if-merge-request-labels-run-all-rspec @@ -782,18 +758,11 @@ - <<: *if-merge-request changes: *ci-patterns -.frontend:rules:default-frontend-jobs-as-if-jh: +.frontend:rules:frontend_fixture-as-if-foss: rules: - !reference [".strict-ee-only-rules", rules] - - !reference [".as-if-jh-default-exclusion-rules", rules] - - <<: *if-merge-request-labels-run-all-rspec - allow_failure: true - - <<: *if-merge-request - changes: *startup-css-patterns - allow_failure: true - - <<: *if-merge-request - changes: *ci-patterns - allow_failure: true + - !reference [".frontend:rules:default-frontend-jobs-as-if-foss", rules] + - !reference [".frontend:rules:jest:minimal:as-if-foss", rules] .frontend:rules:jest: rules: @@ -828,12 +797,37 @@ - <<: *if-merge-request changes: *code-backstage-patterns +.frontend:rules:jest:minimal:as-if-foss: + rules: + - !reference [".strict-ee-only-rules", rules] + - <<: *if-security-merge-request + changes: *code-backstage-patterns + when: never + - <<: *if-merge-request-labels-as-if-foss + when: never + - <<: *if-merge-request-labels-run-all-jest + when: never + - <<: *if-merge-request-labels-run-all-rspec + when: never + - <<: *if-merge-request + changes: *startup-css-patterns + when: never + - <<: *if-merge-request + changes: *ci-patterns + when: never + - <<: *if-fork-merge-request + when: never + - <<: *if-merge-request + changes: *core-frontend-patterns + - <<: *if-merge-request + changes: *code-backstage-patterns + .frontend:rules:eslint-as-if-foss: rules: - !reference [".strict-ee-only-rules", rules] - <<: *if-merge-request-labels-as-if-foss - <<: *if-merge-request - changes: *frontend-patterns + changes: *frontend-patterns-for-as-if-foss .frontend:rules:ee-mr-and-default-branch-only: rules: @@ -1300,14 +1294,6 @@ - <<: *if-merge-request-labels-as-if-foss changes: *code-backstage-patterns -.rails:rules:as-if-jh-rspec: - rules: - - !reference [".strict-ee-only-rules", rules] - - !reference [".as-if-jh-default-exclusion-rules", rules] - - <<: *if-merge-request - changes: *ci-patterns - allow_failure: true - .rails:rules:ee-and-foss-db-library-code: rules: - changes: *db-library-patterns @@ -1481,13 +1467,24 @@ changes: ["vendor/gems/ipynbdiff/**/*"] - <<: *if-merge-request-labels-run-all-rspec +.vendor:rules:omniauth-azure-oauth2: + rules: + - <<: *if-merge-request + changes: ["vendor/gems/omniauth-azure-oauth2/**/*"] + - <<: *if-merge-request-labels-run-all-rspec + +.vendor:rules:omniauth-cas3: + rules: + - <<: *if-merge-request + changes: ["vendor/gems/omniauth-cas3/**/*"] + - <<: *if-merge-request-labels-run-all-rspec + .vendor:rules:omniauth_crowd: rules: - <<: *if-merge-request changes: ["vendor/gems/omniauth_crowd/**/*"] - <<: *if-merge-request-labels-run-all-rspec - .vendor:rules:omniauth-gitlab: rules: - <<: *if-merge-request @@ -1633,7 +1630,7 @@ - <<: *if-dot-com-gitlab-org-merge-request changes: *ci-review-patterns - <<: *if-dot-com-gitlab-org-merge-request - changes: *frontend-patterns + changes: *frontend-build-patterns - <<: *if-dot-com-gitlab-org-merge-request changes: *controllers-patterns - <<: *if-dot-com-gitlab-org-merge-request @@ -1813,19 +1810,6 @@ - ".gitlab/ci/test-metadata.gitlab-ci.yml" - "scripts/rspec_helpers.sh" -.setup:rules:add-jh-folder: - rules: - - !reference [".strict-ee-only-rules", rules] - - !reference [".as-if-jh-default-exclusion-rules", rules] - - <<: *if-merge-request-labels-run-all-rspec - allow_failure: true - - changes: *code-backstage-qa-patterns - allow_failure: true - - changes: *startup-css-patterns - allow_failure: true - - changes: *workhorse-patterns - allow_failure: true - ####################### # Test metadata rules # ####################### diff --git a/.gitlab/ci/setup.gitlab-ci.yml b/.gitlab/ci/setup.gitlab-ci.yml index 2da397aaab8..17113b1245c 100644 --- a/.gitlab/ci/setup.gitlab-ci.yml +++ b/.gitlab/ci/setup.gitlab-ci.yml @@ -172,22 +172,3 @@ detect-previous-failed-tests: expire_in: 7d paths: - ${PREVIOUS_FAILED_TESTS_DIR} - -add-jh-folder: - extends: .setup:rules:add-jh-folder - image: ${GITLAB_DEPENDENCY_PROXY}ruby:${RUBY_VERSION} - stage: prepare - before_script: - - source ./scripts/utils.sh - - install_gitlab_gem - script: - - JH_BRANCH=$(./scripts/setup/find-jh-branch.rb) - - 'echo "JH_BRANCH: ${JH_BRANCH}"' - - curl --location -o "jh-folder.tar.gz" "https://gitlab.com/gitlab-org/gitlab-jh-mirrors/gitlab/-/archive/${JH_BRANCH}/gitlab-${JH_BRANCH}.tar.gz?path=jh" - - tar -xf "jh-folder.tar.gz" - - mv "gitlab-${JH_BRANCH}-jh/jh/" ./ - - ls -l jh/ - artifacts: - expire_in: 2d - paths: - - jh/ diff --git a/.gitlab/ci/vendored-gems.gitlab-ci.yml b/.gitlab/ci/vendored-gems.gitlab-ci.yml index 8596d770a87..4408a6e4624 100644 --- a/.gitlab/ci/vendored-gems.gitlab-ci.yml +++ b/.gitlab/ci/vendored-gems.gitlab-ci.yml @@ -14,6 +14,22 @@ vendor ipynbdiff: include: vendor/gems/ipynbdiff/.gitlab-ci.yml strategy: depend +vendor omniauth-azure-oauth2: + extends: + - .vendor:rules:omniauth-azure-oauth2 + needs: [] + trigger: + include: vendor/gems/omniauth-azure-oauth2/.gitlab-ci.yml + strategy: depend + +vendor omniauth-cas3: + extends: + - .vendor:rules:omniauth-cas3 + needs: [] + trigger: + include: vendor/gems/omniauth-cas3/.gitlab-ci.yml + strategy: depend + vendor omniauth_crowd: extends: - .vendor:rules:omniauth_crowd diff --git a/.gitlab/issue_templates/Geo Replicate a new Git repository type.md b/.gitlab/issue_templates/Geo Replicate a new Git repository type.md index e1c5928b950..7ef5287aba8 100644 --- a/.gitlab/issue_templates/Geo Replicate a new Git repository type.md +++ b/.gitlab/issue_templates/Geo Replicate a new Git repository type.md @@ -392,7 +392,7 @@ That's all of the required database changes. ``` - [ ] Update `REGISTRY_CLASSES` in `ee/app/workers/geo/secondary/registry_consistency_worker.rb`. -- [ ] Add a custom factory name if needed in `def model_class_factory_name` in `ee/spec/services/geo/registry_consistency_service_spec.rb`. +- [ ] Add a custom factory name if needed in `def model_class_factory_name` in `ee/spec/support/helpers/ee/geo_helpers.rb`. - [ ] Update `it 'creates missing registries for each registry class'` in `ee/spec/workers/geo/secondary/registry_consistency_worker_spec.rb`. - [ ] Add `cool_widget_registry` to `ActiveSupport::Inflector.inflections` in `config/initializers_before_autoloader/000_inflections.rb`. - [ ] Create `ee/spec/factories/geo/cool_widget_registry.rb`: @@ -539,11 +539,6 @@ Metrics are gathered by `Geo::MetricsUpdateWorker`, persisted in `GeoNodeStatus` - `geo_cool_widgets_verification_total` - `geo_cool_widgets_verified` - `geo_cool_widgets_verification_failed` -- [ ] Add the following to the parameterized table in the `context 'Replicator stats' do` block in `ee/spec/models/geo_node_status_spec.rb`: - - ```ruby - Geo::CoolWidgetReplicator | :cool_widget | :geo_cool_widget_registry - ``` Cool Widget replication and verification metrics should now be available in the API, the `Admin > Geo > Nodes` view, and Prometheus. diff --git a/.gitlab/issue_templates/Geo Replicate a new blob type.md b/.gitlab/issue_templates/Geo Replicate a new blob type.md index 9158885262d..17a4dd4bc3e 100644 --- a/.gitlab/issue_templates/Geo Replicate a new blob type.md +++ b/.gitlab/issue_templates/Geo Replicate a new blob type.md @@ -358,7 +358,7 @@ That's all of the required database changes. ``` - [ ] Update `REGISTRY_CLASSES` in `ee/app/workers/geo/secondary/registry_consistency_worker.rb`. -- [ ] Add a custom factory name if needed in `def model_class_factory_name` in `ee/spec/services/geo/registry_consistency_service_spec.rb`. +- [ ] Add a custom factory name if needed in `def model_class_factory_name` in `ee/spec/support/helpers/ee/geo_helpers.rb`. - [ ] Update `it 'creates missing registries for each registry class'` in `ee/spec/workers/geo/secondary/registry_consistency_worker_spec.rb`. - [ ] Add `cool_widget_registry` to `ActiveSupport::Inflector.inflections` in `config/initializers_before_autoloader/000_inflections.rb`. - [ ] Create `ee/spec/factories/geo/cool_widget_registry.rb`: @@ -503,11 +503,6 @@ Metrics are gathered by `Geo::MetricsUpdateWorker`, persisted in `GeoNodeStatus` - `geo_cool_widgets_verification_total` - `geo_cool_widgets_verified` - `geo_cool_widgets_verification_failed` -- [ ] Add the following to the parameterized table in the `context 'Replicator stats' do` block in `ee/spec/models/geo_node_status_spec.rb`: - - ```ruby - Geo::CoolWidgetReplicator | :cool_widget | :geo_cool_widget_registry - ``` Cool Widget replication and verification metrics should now be available in the API, the `Admin > Geo > Nodes` view, and Prometheus. diff --git a/.gitlab/issue_templates/Implementation.md b/.gitlab/issue_templates/Implementation.md index f57bfae4da3..e09f807d3d9 100644 --- a/.gitlab/issue_templates/Implementation.md +++ b/.gitlab/issue_templates/Implementation.md @@ -37,13 +37,20 @@ Add details for required items and delete others. ## Implementation plan <!-- -Steps and the parts of the code that will need to get updated. The plan can also -call-out responsibilities for other team members or teams. +Steps and the parts of the code that will need to get updated. +The plan can also call-out responsibilities for other team members or teams and +can be split into smaller MRs to simplify the code review process. e.g.: +- MR 1: Part 1 +- [ ] ~frontend Step 1 +- [ ] ~frontend Step 2 +- MR 2: Part 2 +- [ ] ~backend Step 1 +- [ ] ~backend Step 2 +- MR 3: Part 3 - [ ] ~frontend Step 1 - - [ ] `@person` Step 1a - [ ] ~frontend Step 2 --> diff --git a/.gitlab/issue_templates/Navigation - Left Sidebar Proposals.md b/.gitlab/issue_templates/Navigation - Left Sidebar Proposals.md index e9e510da11e..3939fca44f1 100644 --- a/.gitlab/issue_templates/Navigation - Left Sidebar Proposals.md +++ b/.gitlab/issue_templates/Navigation - Left Sidebar Proposals.md @@ -6,7 +6,7 @@ ### Checklist -- [ ] If your proposal includes changes to the top-level menu items within the left sidebar, engage the [Foundations Product Design Manager](https://about.gitlab.com/handbook/product/categories/#foundations-group) for approval. The Foundations DRI will work with UX partners in product design, research, and technical writing, as applicable. +- [ ] If your proposal includes changes to the menu items within the left sidebar, engage the [Foundations Product Manager](https://about.gitlab.com/handbook/product/categories/#foundations-group) for approval. The Foundations DRI will work with UX partners in product design, research, and technical writing, as applicable. - [ ] Follow the [product development workflow](https://about.gitlab.com/handbook/product-development-flow/#validation-phase-2-problem-validation) validation process to ensure you are solving a well understood problem and that the proposed change is understandable and non-disruptive to users. Navigation-specific research is strongly encouraged. - [ ] Engage the [Foundations](https://about.gitlab.com/handbook/product/categories/#foundations-group) team to ensure your proposal is in alignment with holistic changes happening to the left side bar. - [ ] Consider whether you need to communicate the change somehow, or if you will have an interim period in the UI where your nav item will live in more than one place. diff --git a/.gitlab/issue_templates/OSS_Partner.md b/.gitlab/issue_templates/OSS_Partner.md deleted file mode 100644 index d9c05026e7c..00000000000 --- a/.gitlab/issue_templates/OSS_Partner.md +++ /dev/null @@ -1,68 +0,0 @@ -<!-- Please title your issue with the following format: "Project Name | Issue Tracker". --> - -## Background - -<!-- -Please add information here about why your project is considering a migration to GitLab, or why it decided to do so. Include any initial announcements that have been / were made about the decision or status. ---> - -### Goals - -<!-- What are some of the goals of your migration to GitLab? Delete this section if you don't want to enumerate goals. --> - -## Quick Facts - -<!-- Please complete as many items in this list as possible. If you're not sure yet, add "TBD" (To be Decided) or "Unknown" --> - - * **Timeline.** - - * **Product.** - SaaS-Ultimate/Self-Managed-Ultimate or Community Edition - * **Project's License.** What kind of OSI-approved license does your project use? - -## Current Tooling and Replacements - -<!-- -Please fill in the table to give an overview of your current tooling. Here's a description of what to include in each column: - -- Tool: which tool or platform you are currently using -- Feature: which particular feature you are using in that tool or platform -- GitLab feature: equivalent GitLab feature (the GitLab team can help fill this in, as well as the info in the next column) -- GitLab edition: in which GitLab edition (CE or EE) is this feature available? - -Here's an example of a replacements overview from one of the projects which migrated to GitLab: https://gitlab.com/gitlab-org/gitlab/-/issues/25657#gitlab-replacements - -Consider deleting the table below if you are unable to expand upon your current tooling. - ---> - -| Tool | Feature | GitLab feature | GitLab edition | -| --- | --- | --- | --- | -| | | | | - -## Collaborators - -<!-- Please add names of collaborators in the format: Name, Title, Role (what will you be helping to do, or how should you be involved), GitLab username --> - -## Related Issues - -<!-- Add any related issues that are important for your project by adding the title of the issue and a link to it (preferably as an embedded link). You will probably keep editing this section as the migration progresses, so don't worry if it's mostly blank for now. - -Here is an example of what this list might look like once populated: https://gitlab.com/gitlab-org/gitlab-foss/-/issues/55039#outstanding-issues ---> - -### Blockers - * [ ] ADD_LINK_TO_ISSUE_HERE - -### Urgent - * [ ] - -### Important but not urgent - * [ ] - -### Nice to have - * [ ] - - ------- - -/label ~"Open Source Partners" -/cc @nuritzi @greg diff --git a/.gitlab/issue_templates/Performance Indicator Metric.md b/.gitlab/issue_templates/Performance Indicator Metric.md deleted file mode 100644 index 8019be8cad5..00000000000 --- a/.gitlab/issue_templates/Performance Indicator Metric.md +++ /dev/null @@ -1,23 +0,0 @@ -<!-- -Performance Indicator Metric issues are used for adding, updating, or removing performance indicator type in Service Ping metrics. - -Please title your issue with the following format: "{action}(Add|Update|Remove) Metric name as performance indicator" - -Example of title: "Add some_feature_views as gmau" - ---> - -## Summary - -<!-- -Summary of the changes ---> - -## Tasks - -- [ ] [Link to metric definition]() -- [ ] Create issue in GitLab Data Team project using [Product Performance Indicator template](https://gitlab.com/gitlab-data/analytics/-/issues/new?issuable_template=Product%20Performance%20Indicator%20Template) - -See [Product Intelligence Guide](https://docs.gitlab.com/ee/development/service_ping/performance_indicator_metrics.html) for details - -/label ~"product intelligence" ~"Data Warehouse::Impact Check" diff --git a/.gitlab/issue_templates/Pipeline Authoring Issue Implementation.md b/.gitlab/issue_templates/Pipeline Authoring Issue Implementation.md index 4544e675256..523a50dfdf8 100644 --- a/.gitlab/issue_templates/Pipeline Authoring Issue Implementation.md +++ b/.gitlab/issue_templates/Pipeline Authoring Issue Implementation.md @@ -12,6 +12,21 @@ ## Proposal +## Additional details +<!-- +_NOTE: If the issue has addressed all of these questions, this separate section can be removed._ +--> + +Some relevant technical details, if applicable, such as: + +- Does this need a ~"feature flag"? +- Is there an example response showing the data structure that should be returned (new endpoints only)? +- What permissions should be used? +- Is this EE or CE? + - [ ] EE + - [ ] CE +- Additional comments: + ## Implementation Table <!-- diff --git a/.gitlab/issue_templates/Service Ping reporting and monitoring.md b/.gitlab/issue_templates/Service Ping reporting and monitoring.md index 1c0d221318b..9a30f71e42b 100644 --- a/.gitlab/issue_templates/Service Ping reporting and monitoring.md +++ b/.gitlab/issue_templates/Service Ping reporting and monitoring.md @@ -1,6 +1,6 @@ -<!-- This issue template is used by https://about.gitlab.com/handbook/engineering/development/growth/product-intelligence/ for tracking effort around Service Ping reporting for GitLab.com --> +<!-- This issue template is used by https://about.gitlab.com/handbook/engineering/development/analytics-section/product-intelligence/ for tracking effort around Service Ping reporting for GitLab.com --> -The [Product Intelligence group](https://about.gitlab.com/handbook/engineering/development/growth/product-intelligence/) runs manual reporting of ServicePing for GitLab.com on a weekly basis. This issue captures: +The [Product Intelligence group](https://about.gitlab.com/handbook/engineering/development/analytics/product-intelligence/) runs manual reporting of ServicePing for GitLab.com on a weekly basis. This issue: - Captures the work required to complete the reporting process,. - Captures the follow-up tasks that are focused on metrics performance verification. @@ -123,7 +123,7 @@ If you get mentioned, check the failing metric and open an optimization issue. <!-- Do not edit below this line --> /confidential -/label ~"group::product intelligence" ~"devops::growth" ~backend ~"section::growth" ~"Category:Service Ping" +/label ~"group::product intelligence" ~"devops::analytics" ~backend ~"section::analytics" ~"Category:Service Ping" /epic https://gitlab.com/groups/gitlab-org/-/epics/6000 /weight 5 /title Monitor and Generate GitLab.com Service Ping diff --git a/.gitlab/issue_templates/UX Theme.md b/.gitlab/issue_templates/UX Theme.md new file mode 100644 index 00000000000..043cb705352 --- /dev/null +++ b/.gitlab/issue_templates/UX Theme.md @@ -0,0 +1,77 @@ +<!-- A majority of the work designers do will be on themes in the (Now) Next 1-3 milestone column. These themes are comprised of high-confidence outcomes and validated needs. The UX theme issue is where collaboration should occur, including plans and discussion on subthemes, research, and design feedback. Related issues for design exploration and solution validation should stem from the theme issue. + +One of the advantages of working with UX themes is that it allows us to think and design holistically by designing the theme as a whole as opposed to a single issue at a time trying to piece them together as you go. For more details please refer to this section of the handbook when creating UX Themes: https://about.gitlab.com/handbook/engineering/ux/product-design/ux-roadmaps/#theme-structure --> + +### UX Theme +<!-- A theme is written as a statement that combines the beneficiary, their need, and the expected outcome when the work is delivered. Well-defined statements are concise without sacrificing the substance of the theme so that anyone can understand it at a glance. (For instance; Reduce the effort for security teams to identify and escalate business-critical risks) + +!!Note: The theme statement is the defacto title that will be used to reference the theme and serve as the theme issue title.!! +--> + +---- + +### Problem to solve +<!-- In a brief statement, summerize the problem we are intending to address with this theme. For instance, users are unable to complete [task], or, users struggle with the amount of steps required to complete [task] --> + + +### Beneficiary +<!-- Who is the recipient(s) of the value this theme provides; a customer, end-user, or buyer. Who benefits from this theme being executed? This can be a role, a team, or a persona. For instance: "Development teams, [or] Developers, [or], Sasha the Software Engineer". --> + +- **[Direct beneficiary]** + +#### Need & Primary JTBD +<!-- What is the JTBD and what are the needs related to the beneficiary and theme? +- JTBD = The JTBD statement, for instance, (When I am triaging vulns, I want to address business-critical risks, So I can ensure there is no unattended risk in my orgs assets.) +- Need = Abstracted from the JTBD, for instance, (Identify and escalate business-critical risks detected in my orgs assets.) +--> + +- **JTBD:** +- **Need:** + +#### Expected outcome +<!-- What will the user be able to achieve when this theme is executed? For instance, (Users will be able to effectively triage vulnerabilities at scale across all their orgs assets.) --> + + +#### Business objective +<!-- What business objective will result from delivering this theme? This answers why we are working on this theme from a business perspective. Examples of objectives are but are not limited to: Sales rate / conversion rate, Success rate / completion rate, Traffic / visitor count, Engagement, or other business-oriented goals. --> + + +#### Confidence +<!-- How well do we understand the user's problem and their need? Refer to https://about.gitlab.com/handbook/engineering/ux/product-design/ux-roadmaps/#confidence to assess confidence --> + + +| Confidence | Research | +| --- | --- | +| [High/Medium/Low] | [research/insight issue](Link) | + + +### Subthemes & Requirements +<!-- Subthemes are more granular validated needs, goals, and additional details that the theme encompasses. These are typically reserved for themes in the next (1-3 milestones) column. Subthemes may also consist of existing feature or design issues that exist in GitLab and directly relate to the theme. Subthemes answer “how” we are going to solve the user need while the theme itself answers “what” the need is and “who” will be benefiting from the solution. + +Note: This is not a backlog. If the subthemes can not be delivered in the theme timeframe then the theme is too big and needs to be broken down into multiple themes. --> + +#### Feature/solution subthemes +<!-- Use this table to track feature issues related to this theme (if applicable). Not all themes require subthemes as subthemes are typically discovered while working on the theme itself. Think of subthemes as if they were the result of design breaking down the issue into discrete work items. + +Note: if feature issues already exist then you can add them to this table. Keep in mind that subthemes require validation if they are assumptive + +Refer to https://about.gitlab.com/handbook/engineering/ux/product-designer/#ux-issue-weights for calculating UX weights. +--> + +| Issue | UX Weight | +| ---------- | --------- | +| [Issue](link) | `0 - 10` | +| [Issue](link) | `0 - 10` | +| [Issue](link) | `0 - 10` | + +#### Research subthemes +<!-- Use this table to track UX research related to this theme. This may include, problem validation and/or solution validation activities. +--> + +| Issue | Research type | Research status | +| ---------- | --------- | --------- | +| [Issue]() | <!--Solution validation, Problem validation, etc., --> | <!-- Planned, In Progress, Complete, etc.,--> | +| [Issue]() | <!--Solution validation, Problem validation, etc., --> | <!-- Planned, In Progress, Complete, etc.,--> | + + +/label ~"UX" ~"UX Theme" diff --git a/.gitlab/merge_request_templates/Default.md b/.gitlab/merge_request_templates/Default.md index 90d3c37d6c0..ecb8505e0df 100644 --- a/.gitlab/merge_request_templates/Default.md +++ b/.gitlab/merge_request_templates/Default.md @@ -8,23 +8,23 @@ that reviewers can understand your intent. Keeping the description updated is especially important if they didn't participate in the discussion. --> -## Screenshots or screen recordings +## Screenshots or screen recordings -_These are strongly recommended to assist reviewers and reduce the time to merge your change._ +_Screenshots are required for UI changes, and strongly recommended for all other merge requests._ -<!-- +<!-- Please include any relevant screenshots or screen recordings that will assist reviewers and future readers. If you need help visually verifying the change, please leave a comment and ping a GitLab reviewer, maintainer, or MR coach. --> -## How to set up and validate locally +## How to set up and validate locally _Numbered steps to set up and validate the change are strongly suggested._ -<!-- +<!-- Example below: - + 1. Enable the invite modal ```ruby Feature.enable(:invite_members_group_modal) @@ -39,7 +39,7 @@ Example below: ## MR acceptance checklist -This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability. +This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability. * [ ] I have evaluated the [MR acceptance checklist](https://docs.gitlab.com/ee/development/code_review.html#acceptance-checklist) for this MR. diff --git a/.gitlab/merge_request_templates/Documentation.md b/.gitlab/merge_request_templates/Documentation.md index cdc33b8aacb..4932fbd7f26 100644 --- a/.gitlab/merge_request_templates/Documentation.md +++ b/.gitlab/merge_request_templates/Documentation.md @@ -43,5 +43,5 @@ Documentation-related MRs should be reviewed by a Technical Writer for a non-blo - If the content still needs to be edited for topic types, you can create a follow-up issue with the ~"docs-technical-debt" label. - [ ] Review by assigned maintainer, who can always request/require the reviews above. Maintainer's review can occur before or after a technical writer review. -/label ~documentation ~"type::maintenance" ~"docs::improvement" +/label ~documentation ~"type::maintenance" ~"docs::improvement" ~"maintenance::refactor" /assign me |