diff options
68 files changed, 778 insertions, 333 deletions
diff --git a/.rubocop_todo/rails/include_url_helper.yml b/.rubocop_todo/rails/include_url_helper.yml index 2dedba19c78..6a34c58ecf6 100644 --- a/.rubocop_todo/rails/include_url_helper.yml +++ b/.rubocop_todo/rails/include_url_helper.yml @@ -7,7 +7,6 @@ Rails/IncludeUrlHelper: - app/models/integrations/campfire.rb - app/models/integrations/confluence.rb - app/models/integrations/custom_issue_tracker.rb - - app/models/integrations/datadog.rb - app/models/integrations/discord.rb - app/models/integrations/ewm.rb - app/models/integrations/external_wiki.rb diff --git a/app/assets/javascripts/blob/blob_line_permalink_updater.js b/app/assets/javascripts/blob/blob_line_permalink_updater.js index 11089b299c5..a3dd241604d 100644 --- a/app/assets/javascripts/blob/blob_line_permalink_updater.js +++ b/app/assets/javascripts/blob/blob_line_permalink_updater.js @@ -1,6 +1,6 @@ import { getLocationHash } from '../lib/utils/url_utility'; -const lineNumberRe = /^L[0-9]+/; +const lineNumberRe = /^(L|LC)[0-9]+/; const updateLineNumbersOnBlobPermalinks = (linksToUpdate) => { const hash = getLocationHash(); diff --git a/app/assets/javascripts/blob/components/blob_header.vue b/app/assets/javascripts/blob/components/blob_header.vue index 6c7d963ae39..1645469a218 100644 --- a/app/assets/javascripts/blob/components/blob_header.vue +++ b/app/assets/javascripts/blob/components/blob_header.vue @@ -81,7 +81,7 @@ export default { </blob-filepath> </div> - <div class="gl-display-none gl-sm-display-flex file-actions"> + <div class="gl-sm-display-flex file-actions"> <viewer-switcher v-if="showViewerSwitcher" v-model="viewer" /> <slot name="actions"></slot> diff --git a/app/assets/javascripts/blob/components/blob_header_viewer_switcher.vue b/app/assets/javascripts/blob/components/blob_header_viewer_switcher.vue index a5b594fbd88..b2546d47694 100644 --- a/app/assets/javascripts/blob/components/blob_header_viewer_switcher.vue +++ b/app/assets/javascripts/blob/components/blob_header_viewer_switcher.vue @@ -53,6 +53,8 @@ export default { icon="code" category="primary" variant="default" + class="js-blob-viewer-switch-btn" + data-viewer="simple" @click="switchToViewer($options.SIMPLE_BLOB_VIEWER)" /> <gl-button @@ -63,6 +65,8 @@ export default { icon="document" category="primary" variant="default" + class="js-blob-viewer-switch-btn" + data-viewer="rich" @click="switchToViewer($options.RICH_BLOB_VIEWER)" /> </gl-button-group> diff --git a/app/assets/javascripts/pages/projects/blob/show/index.js b/app/assets/javascripts/pages/projects/blob/show/index.js index b365e039191..508a7ef9128 100644 --- a/app/assets/javascripts/pages/projects/blob/show/index.js +++ b/app/assets/javascripts/pages/projects/blob/show/index.js @@ -41,6 +41,7 @@ if (viewBlobEl) { }); initAuxiliaryViewer(); + initBlob(); } else { new BlobViewer(); // eslint-disable-line no-new initBlob(); diff --git a/app/assets/javascripts/repository/components/blob_content_viewer.vue b/app/assets/javascripts/repository/components/blob_content_viewer.vue index cb007db08cc..9368d7e6058 100644 --- a/app/assets/javascripts/repository/components/blob_content_viewer.vue +++ b/app/assets/javascripts/repository/components/blob_content_viewer.vue @@ -108,6 +108,7 @@ export default { externalStorage: '', canModifyBlob: false, canCurrentUserPushToBranch: false, + archived: false, rawPath: '', externalStorageUrl: '', replacePath: '', @@ -167,7 +168,7 @@ export default { return pushCode && downloadCode; }, pathLockedByUser() { - const pathLock = this.project.pathLocks.nodes.find((node) => node.path === this.path); + const pathLock = this.project?.pathLocks?.nodes.find((node) => node.path === this.path); return pathLock ? pathLock.user : null; }, @@ -250,6 +251,7 @@ export default { > <template #actions> <blob-edit + v-if="!blobInfo.archived" :show-edit-button="!isBinaryFileType" :edit-path="blobInfo.editBlobPath" :web-ide-path="blobInfo.ideEditPath" @@ -269,7 +271,7 @@ export default { </gl-button> <blob-button-group - v-if="isLoggedIn" + v-if="isLoggedIn && !blobInfo.archived" :path="path" :name="blobInfo.name" :replace-path="blobInfo.replacePath" @@ -292,6 +294,7 @@ export default { /> <blob-content v-if="!blobViewer" + class="js-syntax-highlight" :rich-viewer="legacyRichViewer" :blob="blobInfo" :content="legacySimpleViewer" diff --git a/app/assets/javascripts/repository/components/blob_controls.vue b/app/assets/javascripts/repository/components/blob_controls.vue index c36f5201a87..3223ed92fe2 100644 --- a/app/assets/javascripts/repository/components/blob_controls.vue +++ b/app/assets/javascripts/repository/components/blob_controls.vue @@ -55,6 +55,8 @@ export default { blamePath: null, historyPath: null, permalinkPath: null, + storedExternally: null, + externalStorage: null, }, ], }, @@ -72,6 +74,9 @@ export default { blobInfo() { return this.project?.repository?.blobs?.nodes[0] || {}; }, + showBlameButton() { + return !this.blobInfo.storedExternally && this.blobInfo.externalStorage !== 'lfs'; + }, }, watch: { showBlobControls(shouldShow) { @@ -89,7 +94,12 @@ export default { <gl-button data-testid="find" :href="blobInfo.findFilePath" :class="$options.buttonClassList"> {{ $options.i18n.findFile }} </gl-button> - <gl-button data-testid="blame" :href="blobInfo.blamePath" :class="$options.buttonClassList"> + <gl-button + v-if="showBlameButton" + data-testid="blame" + :href="blobInfo.blamePath" + :class="$options.buttonClassList" + > {{ $options.i18n.blame }} </gl-button> diff --git a/app/assets/javascripts/repository/components/blob_edit.vue b/app/assets/javascripts/repository/components/blob_edit.vue index fd377ba1b81..69e2bd563c9 100644 --- a/app/assets/javascripts/repository/components/blob_edit.vue +++ b/app/assets/javascripts/repository/components/blob_edit.vue @@ -50,6 +50,7 @@ export default { :web-ide-url="webIdePath" :needs-to-fork="needsToFork" :is-blob="true" + disable-fork-modal @edit="onEdit" /> <div v-else> diff --git a/app/assets/javascripts/repository/queries/blob_controls.query.graphql b/app/assets/javascripts/repository/queries/blob_controls.query.graphql index f859afd3e3e..fc1cf5f254b 100644 --- a/app/assets/javascripts/repository/queries/blob_controls.query.graphql +++ b/app/assets/javascripts/repository/queries/blob_controls.query.graphql @@ -9,6 +9,8 @@ query getBlobControls($projectPath: ID!, $filePath: String!, $ref: String!) { blamePath historyPath permalinkPath + storedExternally + externalStorage } } } diff --git a/app/assets/javascripts/repository/queries/blob_info.query.graphql b/app/assets/javascripts/repository/queries/blob_info.query.graphql index 2754ed39988..ae20a0f0bc4 100644 --- a/app/assets/javascripts/repository/queries/blob_info.query.graphql +++ b/app/assets/javascripts/repository/queries/blob_info.query.graphql @@ -1,22 +1,14 @@ +#import "ee_else_ce/repository/queries/path_locks.fragment.graphql" + query getBlobInfo($projectPath: ID!, $filePath: String!, $ref: String!) { project(fullPath: $projectPath) { - id userPermissions { pushCode downloadCode createMergeRequestIn forkProject } - pathLocks { - nodes { - id - path - user { - id - username - } - } - } + ...ProjectPathLocksFragment repository { empty blobs(paths: [$filePath], ref: $ref) { @@ -35,6 +27,7 @@ query getBlobInfo($projectPath: ID!, $filePath: String!, $ref: String!) { ideForkAndEditPath canModifyBlob canCurrentUserPushToBranch + archived storedExternally externalStorage rawPath diff --git a/app/assets/javascripts/repository/queries/path_locks.fragment.graphql b/app/assets/javascripts/repository/queries/path_locks.fragment.graphql new file mode 100644 index 00000000000..868a513362d --- /dev/null +++ b/app/assets/javascripts/repository/queries/path_locks.fragment.graphql @@ -0,0 +1,3 @@ +fragment ProjectPathLocksFragment on Project { + id +} diff --git a/app/assets/javascripts/vue_shared/components/source_viewer.vue b/app/assets/javascripts/vue_shared/components/source_viewer.vue index c92ab77b34f..9d1002f7b4a 100644 --- a/app/assets/javascripts/vue_shared/components/source_viewer.vue +++ b/app/assets/javascripts/vue_shared/components/source_viewer.vue @@ -111,7 +111,7 @@ export default { }; </script> <template> - <div class="file-content code" :class="$options.userColorScheme"> + <div class="file-content code js-syntax-highlight" :class="$options.userColorScheme"> <line-numbers :lines="lineNumbers" @select-line="selectLine" /> <pre class="code"><code v-safe-html="highlightedContent"></code> </pre> diff --git a/app/assets/javascripts/vue_shared/components/web_ide_link.vue b/app/assets/javascripts/vue_shared/components/web_ide_link.vue index d6bde261bd7..f02cd5c4e2e 100644 --- a/app/assets/javascripts/vue_shared/components/web_ide_link.vue +++ b/app/assets/javascripts/vue_shared/components/web_ide_link.vue @@ -98,6 +98,11 @@ export default { required: false, default: '', }, + disableForkModal: { + type: Boolean, + required: false, + default: false, + }, }, data() { return { @@ -118,7 +123,11 @@ export default { ? { href: '#modal-confirm-fork-edit', handle: () => { - this.$emit('edit', 'simple'); + if (this.disableForkModal) { + this.$emit('edit', 'simple'); + return; + } + this.showJQueryModal('#modal-confirm-fork-edit'); }, } @@ -157,7 +166,11 @@ export default { ? { href: '#modal-confirm-fork-webide', handle: () => { - this.$emit('edit', 'ide'); + if (this.disableForkModal) { + this.$emit('edit', 'ide'); + return; + } + this.showJQueryModal('#modal-confirm-fork-webide'); }, } diff --git a/app/assets/stylesheets/framework/variables.scss b/app/assets/stylesheets/framework/variables.scss index e179e2cdb3e..21add43ad3f 100644 --- a/app/assets/stylesheets/framework/variables.scss +++ b/app/assets/stylesheets/framework/variables.scss @@ -881,7 +881,6 @@ $security-and-compliance-carousel-image-carousel-width: 1000px; $security-and-compliance-carousel-image-discover-button-width: 45%; $security-and-compliance-carousel-image-discover-buttons-max-width: 280px; $security-and-compliance-carousel-image-discover-footer-max-width: 500px; -$security-and-compliance-carousel-image-discover-feedback-width: 30%; $security-and-compliance-carousel-image-discover-text-carousel-max-width: 650px; $security-and-compliance-carousel-image-discover-text-carousel-caption-height: 100%; $security-and-compliance-carousel-image-discover-text-carousel-caption-max-width: 500px; diff --git a/app/controllers/concerns/integrations/params.rb b/app/controllers/concerns/integrations/params.rb index 201fb1dc83f..945540d1f8c 100644 --- a/app/controllers/concerns/integrations/params.rb +++ b/app/controllers/concerns/integrations/params.rb @@ -11,6 +11,7 @@ module Integrations :api_key, :api_token, :api_url, + :archive_trace_events, :bamboo_url, :branches_to_be_notified, :labels_to_be_notified, diff --git a/app/controllers/projects/tree_controller.rb b/app/controllers/projects/tree_controller.rb index c48f3352530..4f905a2d565 100644 --- a/app/controllers/projects/tree_controller.rb +++ b/app/controllers/projects/tree_controller.rb @@ -21,6 +21,8 @@ class Projects::TreeController < Projects::ApplicationController push_frontend_feature_flag(:new_dir_modal, @project, default_enabled: :yaml) push_frontend_feature_flag(:refactor_blob_viewer, @project, default_enabled: :yaml) push_frontend_feature_flag(:highlight_js, @project, default_enabled: :yaml) + push_licensed_feature(:file_locks) if @project.licensed_feature_available?(:file_locks) + push_frontend_feature_flag(:consolidated_edit_button, @project, default_enabled: :yaml) end feature_category :source_code_management diff --git a/app/controllers/projects_controller.rb b/app/controllers/projects_controller.rb index 369fdbee089..64abcd7cc33 100644 --- a/app/controllers/projects_controller.rb +++ b/app/controllers/projects_controller.rb @@ -40,6 +40,7 @@ class ProjectsController < Projects::ApplicationController push_frontend_feature_flag(:increase_page_size_exponentially, @project, default_enabled: :yaml) push_frontend_feature_flag(:new_dir_modal, @project, default_enabled: :yaml) push_licensed_feature(:file_locks) if @project.present? && @project.licensed_feature_available?(:file_locks) + push_frontend_feature_flag(:consolidated_edit_button, @project, default_enabled: :yaml) end layout :determine_layout diff --git a/app/graphql/types/repository/blob_type.rb b/app/graphql/types/repository/blob_type.rb index 78c01db4d8c..28339093172 100644 --- a/app/graphql/types/repository/blob_type.rb +++ b/app/graphql/types/repository/blob_type.rb @@ -114,6 +114,9 @@ module Types field :can_current_user_push_to_branch, GraphQL::Types::Boolean, null: true, method: :can_current_user_push_to_branch?, description: 'Whether the current user can push to the branch.' + field :archived, GraphQL::Types::Boolean, null: true, method: :archived?, + description: 'Whether the current project is archived.' + def raw_text_blob object.data unless object.binary? end diff --git a/app/helpers/environment_helper.rb b/app/helpers/environment_helper.rb index f57bb600527..1f0bf46097d 100644 --- a/app/helpers/environment_helper.rb +++ b/app/helpers/environment_helper.rb @@ -54,6 +54,8 @@ module EnvironmentHelper s_('Deployment|canceled') when 'skipped' s_('Deployment|skipped') + when 'blocked' + s_('Deployment|blocked') end klass = "ci-status ci-#{status.dasherize}" diff --git a/app/models/integration.rb b/app/models/integration.rb index 29d96650a81..89b34932e20 100644 --- a/app/models/integration.rb +++ b/app/models/integration.rb @@ -92,6 +92,7 @@ class Integration < ApplicationRecord scope :note_hooks, -> { where(note_events: true, active: true) } scope :confidential_note_hooks, -> { where(confidential_note_events: true, active: true) } scope :job_hooks, -> { where(job_events: true, active: true) } + scope :archive_trace_hooks, -> { where(archive_trace_events: true, active: true) } scope :pipeline_hooks, -> { where(pipeline_events: true, active: true) } scope :wiki_page_hooks, -> { where(wiki_page_events: true, active: true) } scope :deployment_hooks, -> { where(deployment_events: true, active: true) } diff --git a/app/models/integrations/datadog.rb b/app/models/integrations/datadog.rb index 72e0ca22ac2..b86f0aaa7ef 100644 --- a/app/models/integrations/datadog.rb +++ b/app/models/integrations/datadog.rb @@ -2,7 +2,6 @@ module Integrations class Datadog < Integration - include ActionView::Helpers::UrlHelper include HasWebHook extend Gitlab::Utils::Override @@ -34,12 +33,21 @@ module Integrations SUPPORTED_EVENTS end + def supported_events + events = super + + return events + ['archive_trace'] if Feature.enabled?(:datadog_integration_logs_collection, parent) + + events + end + def self.default_test_event 'pipeline' end def configurable_events [] # do not allow to opt out of required hooks + # archive_trace is opt-in but we handle it with a more detailed field below end def title @@ -51,7 +59,11 @@ module Integrations end def help - docs_link = link_to s_('DatadogIntegration|How do I set up this integration?'), Rails.application.routes.url_helpers.help_page_url('integration/datadog'), target: '_blank', rel: 'noopener noreferrer' + docs_link = ActionController::Base.helpers.link_to( + s_('DatadogIntegration|How do I set up this integration?'), + Rails.application.routes.url_helpers.help_page_url('integration/datadog'), + target: '_blank', rel: 'noopener noreferrer' + ) s_('DatadogIntegration|Send CI/CD pipeline information to Datadog to monitor for job failures and troubleshoot performance issues. %{docs_link}').html_safe % { docs_link: docs_link.html_safe } end @@ -60,7 +72,7 @@ module Integrations end def fields - [ + f = [ { type: 'text', name: 'datadog_site', @@ -93,7 +105,21 @@ module Integrations linkClose: '</a>'.html_safe }, required: true - }, + } + ] + + if Feature.enabled?(:datadog_integration_logs_collection, parent) + f.append({ + type: 'checkbox', + name: 'archive_trace_events', + title: s_('Logs'), + checkbox_label: s_('Enable logs collection'), + help: s_('When enabled, job logs are collected by Datadog and displayed along with pipeline execution traces.'), + required: false + }) + end + + f += [ { type: 'text', name: 'datadog_service', @@ -116,6 +142,8 @@ module Integrations } } ] + + f end override :hook_url @@ -136,8 +164,7 @@ module Integrations object_kind = 'job' if object_kind == 'build' return unless supported_events.include?(object_kind) - data = data.with_retried_builds if data.respond_to?(:with_retried_builds) - + data = hook_data(data, object_kind) execute_web_hook!(data, "#{object_kind} hook") end @@ -158,5 +185,13 @@ module Integrations # US3 needs to keep a prefix but other datacenters cannot have the listed "app" prefix datadog_site.delete_prefix("app.") end + + def hook_data(data, object_kind) + if object_kind == 'pipeline' && data.respond_to?(:with_retried_builds) + return data.with_retried_builds + end + + data + end end end diff --git a/app/presenters/blob_presenter.rb b/app/presenters/blob_presenter.rb index e525d1d6a62..2577fcaf303 100644 --- a/app/presenters/blob_presenter.rb +++ b/app/presenters/blob_presenter.rb @@ -102,6 +102,10 @@ class BlobPresenter < Gitlab::View::Presenter::Delegated user_access(project).can_push_to_branch?(blob.commit_id) end + def archived? + project.archived + end + def ide_edit_path super(project, blob.commit_id, blob.path) end diff --git a/app/services/ci/archive_trace_service.rb b/app/services/ci/archive_trace_service.rb index 17cac38ace2..7b1d2207460 100644 --- a/app/services/ci/archive_trace_service.rb +++ b/app/services/ci/archive_trace_service.rb @@ -27,6 +27,10 @@ module Ci job.trace.archive! job.remove_pending_state! + if Feature.enabled?(:datadog_integration_logs_collection, job.project) && job.job_artifacts_trace.present? + job.project.execute_integrations(Gitlab::DataBuilder::ArchiveTrace.build(job), :archive_trace_hooks) + end + # TODO: Remove this logging once we confirmed new live trace architecture is functional. # See https://gitlab.com/gitlab-com/gl-infra/infrastructure/issues/4667. unless job.has_archived_trace? diff --git a/config/feature_flags/development/datadog_integration_logs_collection.yml b/config/feature_flags/development/datadog_integration_logs_collection.yml new file mode 100644 index 00000000000..5bd155eece9 --- /dev/null +++ b/config/feature_flags/development/datadog_integration_logs_collection.yml @@ -0,0 +1,8 @@ +--- +name: datadog_integration_logs_collection +introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/74725 +rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/346339 +milestone: '14.8' +type: development +group: group::integrations +default_enabled: false diff --git a/data/deprecations/14-7-deprecate-merged_by-api-field.yml b/data/deprecations/14-7-deprecate-merged_by-api-field.yml new file mode 100644 index 00000000000..caf56516eaa --- /dev/null +++ b/data/deprecations/14-7-deprecate-merged_by-api-field.yml @@ -0,0 +1,26 @@ +# This is a template for a feature deprecation +# A deprecation typically occurs when a feature or capability is planned to be removed in a future release. +# Deprecations should be announced at least two releases prior to removal. Any breaking changes should only be done in major releases. +# +# Below is an example of what a single entry should look like, it's required attributes, +# and what types we expect those attribute values to be. +# +# For more information please refer to the handbook documentation here: +# https://about.gitlab.com/handbook/marketing/blog/release-posts/#deprecations +# +# Please delete this line and above before submitting your merge request. + +- name: "merged_by API field" # The name of the feature to be deprecated + announcement_milestone: "14.7" # The milestone when this feature was first announced as deprecated. + announcement_date: "2022-01-22" # The date of the milestone release when this feature was first announced as deprecated. This should almost always be the 22nd of a month (YYYY-MM-22), unless you did an out of band blog post. + removal_milestone: "15.0" # The milestone when this feature is planned to be removed + breaking_change: false # If this deprecation is a breaking change, set this value to true + body: | # Do not modify this line, instead modify the lines below. + The `merged_by` field in the [merge request API](https://docs.gitlab.com/ee/api/merge_requests.html#list-merge-requests) is being deprecated and will be removed in GitLab 15.0. This field is being replaced with the `merge_user` field (already present in GraphQL) which more correctly identifies who merged a merge request when performing actions (merge when pipeline succeeds, add to merge train) other than a simple merge. +# The following items are not published on the docs page, but may be used in the future. + stage: create # (optional - may be required in the future) String value of the stage that the feature was created in. e.g., Growth + tiers: # (optional - may be required in the future) An array of tiers that the feature is available in currently. e.g., [Free, Silver, Gold, Core, Premium, Ultimate] + issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/350534 # (optional) This is a link to the deprecation issue in GitLab + documentation_url: # (optional) This is a link to the current documentation page + image_url: # (optional) This is a link to a thumbnail image depicting the feature + video_url: # (optional) Use the youtube thumbnail URL with the structure of https://img.youtube.com/vi/UNIQUEID/hqdefault.jpg diff --git a/data/deprecations/templates/_deprecation_template.md.erb b/data/deprecations/templates/_deprecation_template.md.erb index d1a91eedd64..70169ef5c5c 100644 --- a/data/deprecations/templates/_deprecation_template.md.erb +++ b/data/deprecations/templates/_deprecation_template.md.erb @@ -40,10 +40,17 @@ For deprecation reviewers (Technical Writers only): ## <%= milestone %> <%- entries.select{|d| d["announcement_milestone"] == milestone}.each do |deprecation| %> ### <%= deprecation["name"]%> +<% if deprecation["breaking_change"] -%> -<%= deprecation["body"] -%> +WARNING: +This feature will be changed or removed in <%= deprecation["removal_milestone"]%> +as a [breaking change](https://docs.gitlab.com/ee/development/contributing/#breaking-changes). +Before updating GitLab, review the details carefully to determine if you need to make any +changes to your code, settings, or workflow. -Planned removal milestone: <%= deprecation["removal_milestone"]%> (<%= deprecation["removal_date"]%>) +<%= deprecation["body"] -%><% else %> +<%= deprecation["body"] -%><% end %> +**Planned removal milestone: <%= deprecation["removal_milestone"]%> (<%= deprecation["removal_date"]%>)** <%- end -%> <%- end -%> <%- else -%> diff --git a/data/removals/templates/_removal_template.md.erb b/data/removals/templates/_removal_template.md.erb index 7c4171034d4..e227c6aa6e6 100644 --- a/data/removals/templates/_removal_template.md.erb +++ b/data/removals/templates/_removal_template.md.erb @@ -6,14 +6,6 @@ info: "See the Technical Writers assigned to Development Guidelines: https://abo # Removals by milestone -DISCLAIMER: -This page contains information related to upcoming products, features, and functionality. -It is important to note that the information presented is for informational purposes only. -Please do not rely on this information for purchasing or planning purposes. -As with all projects, the items mentioned on this page are subject to change or delay. -The development, release, and timing of any products, features, or functionality remain at the -sole discretion of GitLab Inc. - <!-- vale off --> <!-- @@ -40,11 +32,15 @@ For removal reviewers (Technical Writers only): ## <%= milestone %> <%- entries.select{|entry| entry["removal_milestone"] == milestone}.each do |removal| %> ### <%= removal["name"]%> - -<%= removal["body"] -%> - <%- end -%> - <%- end -%> +<% if removal["breaking_change"] -%> +WARNING: +This feature was changed or removed in <%= removal["removal_milestone"]%> +as a [breaking change](https://docs.gitlab.com/ee/development/contributing/#breaking-changes). +Before updating GitLab, review the details carefully to determine if you need to make any +changes to your code, settings, or workflow. + +<%= removal["body"] -%><% else %> +<%= removal["body"] -%><% end %><%- end -%><%- end -%> <%- else -%> - Features scheduled for removal will be listed here, sorted by GitLab milestone. <% end -%> diff --git a/db/migrate/20211026124336_add_archive_trace_events_to_integrations.rb b/db/migrate/20211026124336_add_archive_trace_events_to_integrations.rb new file mode 100644 index 00000000000..90e68f6a0ac --- /dev/null +++ b/db/migrate/20211026124336_add_archive_trace_events_to_integrations.rb @@ -0,0 +1,7 @@ +# frozen_string_literal: true + +class AddArchiveTraceEventsToIntegrations < Gitlab::Database::Migration[1.0] + def change + add_column :integrations, :archive_trace_events, :boolean, null: false, default: false + end +end diff --git a/db/schema_migrations/20211026124336 b/db/schema_migrations/20211026124336 new file mode 100644 index 00000000000..dc6663e81a8 --- /dev/null +++ b/db/schema_migrations/20211026124336 @@ -0,0 +1 @@ +a6807d2c17c4efdc759f39101856d7a082ae4d531ca3ced525de10e3de808b9d
\ No newline at end of file diff --git a/db/structure.sql b/db/structure.sql index 258597a21a4..8dae363278b 100644 --- a/db/structure.sql +++ b/db/structure.sql @@ -15273,6 +15273,7 @@ CREATE TABLE integrations ( group_id bigint, type_new text, vulnerability_events boolean DEFAULT false NOT NULL, + archive_trace_events boolean DEFAULT false NOT NULL, CONSTRAINT check_a948a0aa7e CHECK ((char_length(type_new) <= 255)) ); diff --git a/doc/api/graphql/reference/index.md b/doc/api/graphql/reference/index.md index 86d88215431..738732f111a 100644 --- a/doc/api/graphql/reference/index.md +++ b/doc/api/graphql/reference/index.md @@ -14513,6 +14513,7 @@ Returns [`Tree`](#tree). | Name | Type | Description | | ---- | ---- | ----------- | +| <a id="repositoryblobarchived"></a>`archived` | [`Boolean`](#boolean) | Whether the current project is archived. | | <a id="repositoryblobblamepath"></a>`blamePath` | [`String`](#string) | Web path to blob blame page. | | <a id="repositoryblobcancurrentuserpushtobranch"></a>`canCurrentUserPushToBranch` | [`Boolean`](#boolean) | Whether the current user can push to the branch. | | <a id="repositoryblobcanmodifyblob"></a>`canModifyBlob` | [`Boolean`](#boolean) | Whether the current user can modify the blob. | diff --git a/doc/api/integrations.md b/doc/api/integrations.md index 8f57e915b4e..dd5a8c568fb 100644 --- a/doc/api/integrations.md +++ b/doc/api/integrations.md @@ -314,13 +314,15 @@ PUT /projects/:id/integrations/datadog Parameters: -| Parameter | Type | Required | Description | -| --------- | ---- | -------- | ----------- | -| `api_key` | string | true | API key used for authentication with Datadog | -| `api_url` | string | false | (Advanced) Define the full URL for your Datadog site directly | -| `datadog_site` | string | false | Choose the Datadog site to send data to. Set to `datadoghq.eu` to send data to the EU site | -| `datadog_service` | string | false | Name of this GitLab instance that all data will be tagged with | -| `datadog_env` | string | false | The environment tag that traces will be tagged with | +| Parameter | Type | Required | Description | +| ---------------------- | ------- | -------- | ----------- | +| `api_key` | string | true | API key used for authentication with Datadog | +| `api_url` | string | false | (Advanced) The full URL for your Datadog site | +<!-- | `archive_trace_events` | boolean | false | When enabled, job logs are collected by Datadog and displayed along with pipeline execution traces ([introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/346339) in GitLab 14.7) | --> +<!-- TODO: uncomment the archive_trace_events field once :datadog_integration_logs_collection is rolled out. Rollout issue: https://gitlab.com/gitlab-org/gitlab/-/issues/346339 --> +| `datadog_env` | string | false | For self-managed deployments, set the env% tag for all the data sent to Datadog. | +| `datadog_service` | string | false | Tag all data from this GitLab instance in Datadog. Useful when managing several self-managed deployments | +| `datadog_site` | string | false | The Datadog site to send data to. To send data to the EU site, use `datadoghq.eu` | ### Disable Datadog integration diff --git a/doc/development/documentation/styleguide/index.md b/doc/development/documentation/styleguide/index.md index eff34e77c7a..648e418e9ae 100644 --- a/doc/development/documentation/styleguide/index.md +++ b/doc/development/documentation/styleguide/index.md @@ -394,33 +394,16 @@ especially in tutorials, instructional documentation, and Some contractions, however, should be avoided: -- Do not use the word "GitLab" in a contraction. +<!-- vale gitlab.Possessive = NO --> -- Do not use contractions with a proper noun and a verb. For example: +| Do not use a contraction | Example | Use instead | +|-------------------------------|--------------------------------------------------|------------------------------------------------------------------| +| With a proper noun and a verb | The **Container Registry's** a powerful feature. | The **Container Registry** is a powerful feature. | +| To emphasize a negative | **Don't** install X with Y. | **Do not** install X with Y. | +| In reference documentation | **Don't** set a limit. | **Do not** set a limit. | +| In error messages | Requests to localhost **aren't** allowed. | Requests to localhost **are not** allowed. | - | Do | Don't | - |------------------------------------------|-----------------------------------------| - | Canada is establishing X. | Canada's establishing X. | - -- Do not use contractions when you need to emphasize a negative. For example: - - | Do | Don't | - |------------------------------------------|-----------------------------------------| - | Do not install X with Y. | Don't install X with Y. | - -- Do not use contractions in reference documentation. For example: - - | Do | Don't | - |------------------------------------------|-----------------------------------------| - | Do not set a limit greater than 1000. | Don't set a limit greater than 1000. | - | For `parameter1`, the default is 10. | For `parameter1`, the default's 10. | - -- Avoid contractions in error messages. Examples: - - | Do | Don't | - |------------------------------------------|-----------------------------------------| - | Requests to localhost are not allowed. | Requests to localhost aren't allowed. | - | Specified URL cannot be used. | Specified URL can't be used. | +<!-- vale gitlab.Possessive = YES --> ### Acronyms diff --git a/doc/integration/datadog.md b/doc/integration/datadog.md index 89e08d330e8..4be0089703a 100644 --- a/doc/integration/datadog.md +++ b/doc/integration/datadog.md @@ -32,9 +32,11 @@ project, group, or instance level: 1. Scroll to **Add an integration**, and select **Datadog**. 1. Select **Active** to enable the integration. 1. Specify the [**Datadog site**](https://docs.datadoghq.com/getting_started/site/) to send data to. +1. Provide your Datadog **API key**. +<!-- 1. Optional. Select **Enable logs collection** to enable logs collection for the output of jobs. ([Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/346339) in GitLab 14.8.) --> +<!-- TODO: uncomment the archive_trace_events field once :datadog_integration_logs_collection is rolled out. Rollout issue: https://gitlab.com/gitlab-org/gitlab/-/issues/346339 --> 1. Optional. To override the API URL used to send data directly, provide an **API URL**. Used only in advanced scenarios. -1. Provide your Datadog **API key**. 1. Optional. If you use more than one GitLab instance, provide a unique **Service** name to differentiate between your GitLab instances. 1. Optional. If you use groups of GitLab instances (such as staging and production diff --git a/doc/update/deprecations.md b/doc/update/deprecations.md index 2aa012c9a73..2a674207ab8 100644 --- a/doc/update/deprecations.md +++ b/doc/update/deprecations.md @@ -40,6 +40,12 @@ For deprecation reviewers (Technical Writers only): ### NFS for Git repository storage deprecated +WARNING: +This feature will be changed or removed in 15.0 +as a [breaking change](https://docs.gitlab.com/ee/development/contributing/#breaking-changes). +Before updating GitLab, review the details carefully to determine if you need to make any +changes to your code, settings, or workflow. + With the general availability of Gitaly Cluster ([introduced in GitLab 13.0](https://about.gitlab.com/releases/2020/05/22/gitlab-13-0-released/)), we have deprecated development (bugfixes, performance improvements, etc) for NFS for Git repository storage in GitLab 14.0. We will continue to provide technical support for NFS for Git repositories throughout 14.x, but we will remove all support for NFS in GitLab 15.0. Please see our official [Statement of Support](https://about.gitlab.com/support/statement-of-support.html#gitaly-and-nfs) for further information. Gitaly Cluster offers tremendous benefits for our customers such as: @@ -50,7 +56,7 @@ Gitaly Cluster offers tremendous benefits for our customers such as: We encourage customers currently using NFS for Git repositories to plan their migration by reviewing our documentation on [migrating to Gitaly Cluster](https://docs.gitlab.com/ee/administration/gitaly/index.html#migrate-to-gitaly-cluster). -Planned removal milestone: 15.0 (2022-05-22) +**Planned removal milestone: 15.0 (2022-05-22)** ## 14.2 @@ -58,7 +64,7 @@ Planned removal milestone: 15.0 (2022-05-22) The [release-cli](https://gitlab.com/gitlab-org/release-cli) will be released as a [generic package](https://gitlab.com/gitlab-org/release-cli/-/packages) starting in GitLab 14.2. We will continue to deploy it as a binary to S3 until GitLab 14.5 and stop distributing it in S3 in GitLab 14.6. -Planned removal milestone: 14.6 (2021-12-22) +**Planned removal milestone: 14.6 (2021-12-22)** ### Rename Task Runner pod to Toolbox @@ -66,52 +72,82 @@ The Task Runner pod is used to execute periodic housekeeping tasks within the Gi This will result in the rename of the sub-chart: `gitlab/task-runner` to `gitlab/toolbox`. Resulting pods will be named along the lines of `{{ .Release.Name }}-toolbox`, which will often be `gitlab-toolbox`. They will be locatable with the label `app=toolbox`. -Planned removal milestone: 14.5 (2021-11-22) +**Planned removal milestone: 14.5 (2021-11-22)** ## 14.3 ### Audit events for repository push events +WARNING: +This feature will be changed or removed in 15.0 +as a [breaking change](https://docs.gitlab.com/ee/development/contributing/#breaking-changes). +Before updating GitLab, review the details carefully to determine if you need to make any +changes to your code, settings, or workflow. + Audit events for [repository events](https://docs.gitlab.com/ee/administration/audit_events.html#repository-push) are now deprecated and will be removed in GitLab 15.0. These events have always been disabled by default and had to be manually enabled with a feature flag. Enabling them can cause too many events to be generated which can dramatically slow down GitLab instances. For this reason, they are being removed. -Planned removal milestone: 15.0 (2022-05-22) +**Planned removal milestone: 15.0 (2022-05-22)** ### GitLab Serverless +WARNING: +This feature will be changed or removed in 15.0 +as a [breaking change](https://docs.gitlab.com/ee/development/contributing/#breaking-changes). +Before updating GitLab, review the details carefully to determine if you need to make any +changes to your code, settings, or workflow. + [GitLab Serverless](https://docs.gitlab.com/ee/user/project/clusters/serverless/) is a feature set to support Knative-based serverless development with automatic deployments and monitoring. We decided to remove the GitLab Serverless features as they never really resonated with our users. Besides, given the continuous development of Kubernetes and Knative, our current implementations do not even work with recent versions. -Planned removal milestone: 15.0 (2022-05-22) +**Planned removal milestone: 15.0 (2022-05-22)** ### Legacy database configuration +WARNING: +This feature will be changed or removed in 15.0 +as a [breaking change](https://docs.gitlab.com/ee/development/contributing/#breaking-changes). +Before updating GitLab, review the details carefully to determine if you need to make any +changes to your code, settings, or workflow. + The syntax of [GitLabs database](https://docs.gitlab.com/omnibus/settings/database.html) configuration located in `database.yml` is changing and the legacy format is deprecated. The legacy format supported using a single PostgreSQL adapter, whereas the new format is changing to support multiple databases. The `main:` database needs to be defined as a first configuration item. This deprecation mainly impacts users compiling GitLab from source because Omnibus will handle this configuration automatically. -Planned removal milestone: 15.0 (2022-05-22) +**Planned removal milestone: 15.0 (2022-05-22)** ### OmniAuth Kerberos gem +WARNING: +This feature will be changed or removed in 15.0 +as a [breaking change](https://docs.gitlab.com/ee/development/contributing/#breaking-changes). +Before updating GitLab, review the details carefully to determine if you need to make any +changes to your code, settings, or workflow. + The `omniauth-kerberos` gem will be removed in our next major release, GitLab 15.0. This gem has not been maintained and has very little usage. We therefore plan to remove support for this authentication method and recommend using the Kerberos [SPNEGO](https://en.wikipedia.org/wiki/SPNEGO) integration instead. You can follow the [upgrade instructions](https://docs.gitlab.com/ee/integration/kerberos.html#upgrading-from-password-based-to-ticket-based-kerberos-sign-ins) to upgrade from the `omniauth-kerberos` integration to the supported one. Note that we are not deprecating the Kerberos SPNEGO integration, only the old password-based Kerberos integration. -Planned removal milestone: 15.0 (2022-05-22) +**Planned removal milestone: 15.0 (2022-05-22)** ## 14.5 ### Certificate-based integration with Kubernetes +WARNING: +This feature will be changed or removed in 15.0 +as a [breaking change](https://docs.gitlab.com/ee/development/contributing/#breaking-changes). +Before updating GitLab, review the details carefully to determine if you need to make any +changes to your code, settings, or workflow. + [We are deprecating the certificate-based integration with Kubernetes](https://about.gitlab.com/blog/2021/11/15/deprecating-the-cert-based-kubernetes-integration/). The timeline of removal of the integration from the product is not yet planned and we will communicate more details as they emerge. The certificate-based integration will continue to receive security and @@ -122,54 +158,96 @@ For updates and details, follow this [epic](https://gitlab.com/groups/gitlab-org For a more robust, secure, forthcoming, and reliable integration with Kubernetes, we recommend the use of the [Kubernetes Agent](https://docs.gitlab.com/ee/user/clusters/agent/) to connect Kubernetes clusters with GitLab. -Planned removal milestone: 15.0 (2022-05-22) +**Planned removal milestone: 15.0 (2022-05-22)** ### Converting an instance (shared) runner to a project (specific) runner is deprecated +WARNING: +This feature will be changed or removed in 15.0 +as a [breaking change](https://docs.gitlab.com/ee/development/contributing/#breaking-changes). +Before updating GitLab, review the details carefully to determine if you need to make any +changes to your code, settings, or workflow. + In GitLab 15.0, we will remove the feature that enables you to convert an instance (shared) runner to a project (specific) runner. Users who need to add a runner to only a particular project can register a runner to the project directly. -Planned removal milestone: 15.0 (2022-05-22) +**Planned removal milestone: 15.0 (2022-05-22)** ### Deprecate `Versions` on base `PackageType` +WARNING: +This feature will be changed or removed in 15.0 +as a [breaking change](https://docs.gitlab.com/ee/development/contributing/#breaking-changes). +Before updating GitLab, review the details carefully to determine if you need to make any +changes to your code, settings, or workflow. + As part of the work to create a [Package Registry GraphQL API](https://gitlab.com/groups/gitlab-org/-/epics/6318), the Package group deprecated the `Version` type for the basic `PackageType` type and moved it to [`PackageDetailsType`](https://docs.gitlab.com/ee/api/graphql/reference/index.html#packagedetailstype). In milestone 15.0, we will completely remove `Version` from `PackageType`. -Planned removal milestone: 15.0 (2022-05-22) +**Planned removal milestone: 15.0 (2022-05-22)** ### Deprecate support for SLES 12 SP2 +WARNING: +This feature will be changed or removed in 15.0 +as a [breaking change](https://docs.gitlab.com/ee/development/contributing/#breaking-changes). +Before updating GitLab, review the details carefully to determine if you need to make any +changes to your code, settings, or workflow. + Long term service and support (LTSS) for SUSE Linux Enterprise Server (SLES) 12 SP2 [ended on March 31, 2021](https://www.suse.com/lifecycle/). The CA certificates on SP2 include the expired DST root certificate, and it's not getting new CA certificate package updates. We have implemented some [workarounds](https://gitlab.com/gitlab-org/gitlab-omnibus-builder/-/merge_requests/191), but we will not be able to continue to keep the build running properly. -Planned removal milestone: 15.0 (2022-05-22) +**Planned removal milestone: 15.0 (2022-05-22)** ### Known host required for GitLab Runner SSH executor +WARNING: +This feature will be changed or removed in 15.0 +as a [breaking change](https://docs.gitlab.com/ee/development/contributing/#breaking-changes). +Before updating GitLab, review the details carefully to determine if you need to make any +changes to your code, settings, or workflow. + In [GitLab 14.3](https://gitlab.com/gitlab-org/gitlab-runner/-/merge_requests/3074), we added a configuration setting in the GitLab Runner `config.toml` file. This setting, [`[runners.ssh.disable_strict_host_key_checking]`](https://docs.gitlab.com/runner/executors/ssh.html#security), controls whether or not to use strict host key checking with the SSH executor. In GitLab 15.0 and later, the default value for this configuration option will change from `true` to `false`. This means that strict host key checking will be enforced when using the GitLab Runner SSH executor. -Planned removal milestone: 15.0 (2022-05-22) +**Planned removal milestone: 15.0 (2022-05-22)** ### Must explicitly assign `AuthenticationType` for `[runners.cache.s3]` +WARNING: +This feature will be changed or removed in 15.0 +as a [breaking change](https://docs.gitlab.com/ee/development/contributing/#breaking-changes). +Before updating GitLab, review the details carefully to determine if you need to make any +changes to your code, settings, or workflow. + In GitLab 15.0 and later, to access the AWS S3 cache, you must specify the `AuthenticationType` for [`[runners.cache.s3]`](https://docs.gitlab.com/runner/configuration/advanced-configuration.html#the-runnerscaches3-section). The `AuthenticationType` must be `IAM` or `credentials`. Prior to 14.5, if you did not define the `AuthenticationType`, GitLab Runner chose a type for you. -Planned removal milestone: 15.0 (2022-05-22) +**Planned removal milestone: 15.0 (2022-05-22)** ### Package pipelines in API payload is paginated +WARNING: +This feature will be changed or removed in 15.0 +as a [breaking change](https://docs.gitlab.com/ee/development/contributing/#breaking-changes). +Before updating GitLab, review the details carefully to determine if you need to make any +changes to your code, settings, or workflow. + A request to the API for `/api/v4/projects/:id/packages` returns a paginated result of packages. Each package lists all of its pipelines in this response. This is a performance concern, as it's possible for a package to have hundreds or thousands of associated pipelines. In milestone 15.0, we will remove the `pipelines` attribute from the API response. -Planned removal milestone: 15.0 (2022-05-22) +**Planned removal milestone: 15.0 (2022-05-22)** ### REST API Runner will not contain `paused` +WARNING: +This feature will be changed or removed in 15.0 +as a [breaking change](https://docs.gitlab.com/ee/development/contributing/#breaking-changes). +Before updating GitLab, review the details carefully to determine if you need to make any +changes to your code, settings, or workflow. + The GitLab Runner REST and GraphQL API endpoints will not return `paused` or `active` as a status in GitLab 15.0. A runner's status will only relate to runner contact status, such as: @@ -178,36 +256,66 @@ A runner's status will only relate to runner contact status, such as: When checking if a runner is `paused`, API users are advised to check the boolean attribute `active` to be `false` instead. When checking if a runner is `active`, check if `active` is `true`. -Planned removal milestone: 15.0 (2022-05-22) +**Planned removal milestone: 15.0 (2022-05-22)** ### Removal of `defaultMergeCommitMessageWithDescription` GraphQL API field +WARNING: +This feature will be changed or removed in 15.0 +as a [breaking change](https://docs.gitlab.com/ee/development/contributing/#breaking-changes). +Before updating GitLab, review the details carefully to determine if you need to make any +changes to your code, settings, or workflow. + The GraphQL API field `defaultMergeCommitMessageWithDescription` has been deprecated and will be removed in GitLab 15.0. For projects with a commit message template set, it will ignore the template. -Planned removal milestone: 15.0 (2022-05-22) +**Planned removal milestone: 15.0 (2022-05-22)** ### Removal of `promote-db` command from `gitlab-ctl` +WARNING: +This feature will be changed or removed in 15.0 +as a [breaking change](https://docs.gitlab.com/ee/development/contributing/#breaking-changes). +Before updating GitLab, review the details carefully to determine if you need to make any +changes to your code, settings, or workflow. + In GitLab 14.5, we introduced the command `gitlab-ctl promote` to promote any Geo secondary node to a primary during a failover. This command replaces `gitlab-ctl promote-db` which is used to promote database nodes in multi-node Geo secondary sites. `gitlab-ctl promote-db` will continue to function as-is and be available until GitLab 15.0. We recommend that Geo customers begin testing the new `gitlab-ctl promote` command in their staging environments and incorporating the new command in their failover procedures. -Planned removal milestone: 15.0 (2022-05-22) +**Planned removal milestone: 15.0 (2022-05-22)** ### Removal of `promote-to-primary-node` command from `gitlab-ctl` +WARNING: +This feature will be changed or removed in 15.0 +as a [breaking change](https://docs.gitlab.com/ee/development/contributing/#breaking-changes). +Before updating GitLab, review the details carefully to determine if you need to make any +changes to your code, settings, or workflow. + In GitLab 14.5, we introduced the command `gitlab-ctl promote` to promote any Geo secondary node to a primary during a failover. This command replaces `gitlab-ctl promote-to-primary-node` which was only usable for single-node Geo sites. `gitlab-ctl promote-to-primary-node` will continue to function as-is and be available until GitLab 15.0. We recommend that Geo customers begin testing the new `gitlab-ctl promote` command in their staging environments and incorporating the new command in their failover procedures. -Planned removal milestone: 15.0 (2022-05-22) +**Planned removal milestone: 15.0 (2022-05-22)** ### Remove the `:dependency_proxy_for_private_groups` feature flag +WARNING: +This feature will be changed or removed in 15.0 +as a [breaking change](https://docs.gitlab.com/ee/development/contributing/#breaking-changes). +Before updating GitLab, review the details carefully to determine if you need to make any +changes to your code, settings, or workflow. + We added a feature flag because [GitLab-#11582](https://gitlab.com/gitlab-org/gitlab/-/issues/11582) changed how public groups use the Dependency Proxy. Prior to this change, you could use the Dependency Proxy without authentication. The change requires authentication to use the Dependency Proxy. In milestone 15.0, we will remove the feature flag entirely. Moving forward, you must authenticate when using the Dependency Proxy. -Planned removal milestone: 15.0 (2022-05-22) +**Planned removal milestone: 15.0 (2022-05-22)** ### Remove the `pipelines` field from the `version` field +WARNING: +This feature will be changed or removed in 15.0 +as a [breaking change](https://docs.gitlab.com/ee/development/contributing/#breaking-changes). +Before updating GitLab, review the details carefully to determine if you need to make any +changes to your code, settings, or workflow. + In GraphQL, there are two `pipelines` fields that you can use in a [`PackageDetailsType`](https://docs.gitlab.com/ee/api/graphql/reference/#packagedetailstype) to get the pipelines for package versions: - The `versions` field's `pipelines` field. This returns all the pipelines associated with all the package's versions, which can pull an unbounded number of objects in memory and create performance concerns. @@ -215,23 +323,35 @@ In GraphQL, there are two `pipelines` fields that you can use in a [`PackageDeta To mitigate possible performance problems, we will remove the `versions` field's `pipelines` field in milestone 15.0. Although you will no longer be able to get all pipelines for all versions of a package, you can still get the pipelines of a single version through the remaining `pipelines` field for that version. -Planned removal milestone: 15.0 (2022-05-22) +**Planned removal milestone: 15.0 (2022-05-22)** ### Update to the Container Registry group-level API +WARNING: +This feature will be changed or removed in 15.0 +as a [breaking change](https://docs.gitlab.com/ee/development/contributing/#breaking-changes). +Before updating GitLab, review the details carefully to determine if you need to make any +changes to your code, settings, or workflow. + In milestone 15.0, support for the `tags` and `tags_count` parameters will be removed from the Container Registry API that [gets registry repositories from a group](../api/container_registry.md#within-a-group). The `GET /groups/:id/registry/repositories` endpoint will remain, but won't return any info about tags. To get the info about tags, you can use the existing `GET /registry/repositories/:id` endpoint, which will continue to support the `tags` and `tag_count` options as it does today. The latter must be called once per image repository. -Planned removal milestone: 15.0 (2022-05-22) +**Planned removal milestone: 15.0 (2022-05-22)** ### Value Stream Analytics filtering calculation change +WARNING: +This feature will be changed or removed in 15.0 +as a [breaking change](https://docs.gitlab.com/ee/development/contributing/#breaking-changes). +Before updating GitLab, review the details carefully to determine if you need to make any +changes to your code, settings, or workflow. + We are changing how the date filter works in Value Stream Analytics. Instead of filtering by the time that the issue or merge request was created, the date filter will filter by the end event time of the given stage. This will result in completely different figures after this change has rolled out. If you monitor Value Stream Analytics metrics and rely on the date filter, to avoid losing data, you must save the data prior to this change. -Planned removal milestone: 15.0 (2022-05-22) +**Planned removal milestone: 15.0 (2022-05-22)** ### openSUSE Leap 15.2 packages @@ -239,70 +359,118 @@ Distribution support and security updates for openSUSE Leap 15.2 are [ending Dec Starting in 14.5 we are providing packages for openSUSE Leap 15.3, and will stop providing packages for openSUSE Leap 15.2 in the 14.8 milestone. -Planned removal milestone: 14.8 (2022-02-22) +**Planned removal milestone: 14.8 (2022-02-22)** ## 14.6 ### API: `stale` status returned instead of `offline` or `not_connected` +WARNING: +This feature will be changed or removed in 15.0 +as a [breaking change](https://docs.gitlab.com/ee/development/contributing/#breaking-changes). +Before updating GitLab, review the details carefully to determine if you need to make any +changes to your code, settings, or workflow. + A breaking change will occur for the Runner [API](https://docs.gitlab.com/ee/api/runners.html#runners-api) endpoints in 15.0. Instead of the GitLab Runner API endpoints returning `offline` and `not_connected` for runners that have not contacted the GitLab instance in the past three months, the API endpoints will return the `stale` value, which was introduced in 14.6. -Planned removal milestone: 15.0 (2022-05-22) +**Planned removal milestone: 15.0 (2022-05-22)** ### CI/CD job name length limit +WARNING: +This feature will be changed or removed in 15.0 +as a [breaking change](https://docs.gitlab.com/ee/development/contributing/#breaking-changes). +Before updating GitLab, review the details carefully to determine if you need to make any +changes to your code, settings, or workflow. + In GitLab 15.0 we are going to limit the number of characters in CI/CD job names to 255. Any pipeline with job names that exceed the 255 character limit will stop working after the 15.0 release. -Planned removal milestone: 15.0 (2022-05-22) +**Planned removal milestone: 15.0 (2022-05-22)** ### Deprecate `pipelines` fields in the Package GraphQL types +WARNING: +This feature will be changed or removed in 15.0 +as a [breaking change](https://docs.gitlab.com/ee/development/contributing/#breaking-changes). +Before updating GitLab, review the details carefully to determine if you need to make any +changes to your code, settings, or workflow. + As part of the work to create a [Package Registry GraphQL API](https://gitlab.com/groups/gitlab-org/-/epics/6318), the Package group deprecated the `pipelines` fields in all Package-related GraphQL types. As of GitLab 14.6, the `pipelines` field is deprecated in [`Package`](https://docs.gitlab.com/ee/api/graphql/reference/index.html#package) and [`PackageDetailsType`](https://docs.gitlab.com/ee/api/graphql/reference/index.html#packagedetailstype) due to scalability and performance concerns. In milestone 15.0, we will completely remove `pipelines` from `Package` and `PackageDetailsType`. You can follow and contribute to work on a replacement in the epic [GitLab-#7214](https://gitlab.com/groups/gitlab-org/-/epics/7214). -Planned removal milestone: 15.0 (2022-05-22) +**Planned removal milestone: 15.0 (2022-05-22)** ### Deprecate legacy approval status names from License Compliance API +WARNING: +This feature will be changed or removed in 15.0 +as a [breaking change](https://docs.gitlab.com/ee/development/contributing/#breaking-changes). +Before updating GitLab, review the details carefully to determine if you need to make any +changes to your code, settings, or workflow. + We deprecated legacy names for approval status of license policy (blacklisted, approved) in the `managed_licenses` API but they are still used in our API queries and responses. They will be removed in 15.0. If you are using our License Compliance API you should stop using the `approved` and `blacklisted` query parameters, they are now `allowed` and `denied`. In 15.0 the responses will also stop using `approved` and `blacklisted` so you need to adjust any of your custom tools to use the old and new values so they do not break with the 15.0 release. -Planned removal milestone: 15.0 (2022-05-22) +**Planned removal milestone: 15.0 (2022-05-22)** ### Deprecation of Runner status `not_connected` API value +WARNING: +This feature will be changed or removed in 15.0 +as a [breaking change](https://docs.gitlab.com/ee/development/contributing/#breaking-changes). +Before updating GitLab, review the details carefully to determine if you need to make any +changes to your code, settings, or workflow. + The GitLab Runner REST and GraphQL [API](https://docs.gitlab.com/ee/api/runners.html#runners-api) endpoints will return `never_contacted` instead of `not_connected` as the status values in 15.0. Runners that have never contacted the GitLab instance will also return `stale` if created more than 3 months ago. -Planned removal milestone: 15.0 (2022-05-22) +**Planned removal milestone: 15.0 (2022-05-22)** ### Deprecation of bundler-audit Dependency Scanning tool +WARNING: +This feature will be changed or removed in 15.0 +as a [breaking change](https://docs.gitlab.com/ee/development/contributing/#breaking-changes). +Before updating GitLab, review the details carefully to determine if you need to make any +changes to your code, settings, or workflow. + As of 14.6 bundler-audit is being deprecated from Dependency Scanning. It will continue to be in our CI/CD template while deprecated. We are removing bundler-audit from Dependency Scanning on May 22, 2022 in 15.0. After this removal Ruby scanning functionality will not be affected as it is still being covered by Gemnasium. If you have explicitly excluded bundler-audit using DS_EXCLUDED_ANALYZERS you will need to clean up (remove the reference) in 15.0. If you have customized your pipeline's Dependency Scanning configuration, for example to edit the `bundler-audit-dependency_scanning` job, you will want to switch to gemnasium-dependency_scanning before removal in 15.0, to prevent your pipeline from failing. If you have not used the DS_EXCLUDED_ANALYZERS to reference bundler-audit, or customized your template specifically for bundler-audit, you will not need to take action. -Planned removal milestone: 15.0 (2022-05-22) +**Planned removal milestone: 15.0 (2022-05-22)** ### Remove `type` and `types` keyword in CI/CD configuration +WARNING: +This feature will be changed or removed in 15.0 +as a [breaking change](https://docs.gitlab.com/ee/development/contributing/#breaking-changes). +Before updating GitLab, review the details carefully to determine if you need to make any +changes to your code, settings, or workflow. + The `type` and `types` CI/CD keywords will be removed in GitLab 15.0. Pipelines that use these keywords will stop working, so you must switch to `stage` and `stages`, which have the same behavior. -Planned removal milestone: 15.0 (2022-05-22) +**Planned removal milestone: 15.0 (2022-05-22)** ### apiFuzzingCiConfigurationCreate GraphQL mutation +WARNING: +This feature will be changed or removed in 15.0 +as a [breaking change](https://docs.gitlab.com/ee/development/contributing/#breaking-changes). +Before updating GitLab, review the details carefully to determine if you need to make any +changes to your code, settings, or workflow. + The API Fuzzing configuration snippet is now being generated client-side and does not require an API request anymore. We are therefore deprecating the `apiFuzzingCiConfigurationCreate` mutation which isn't being used in GitLab anymore. -Planned removal milestone: 15.0 (2022-05-22) +**Planned removal milestone: 15.0 (2022-05-22)** ## 14.7 @@ -319,7 +487,7 @@ To help with the transition, from GitLab 14.10, non-compliant reports will displ [warning](https://gitlab.com/gitlab-org/gitlab/-/issues/335789#note_672853791) in the Vulnerability Report. -Planned removal milestone: 15.0 () +**Planned removal milestone: 15.0 ()** ### Coverage guided fuzzing schemas below 14.0.0 @@ -337,7 +505,7 @@ To help with the transition, from GitLab 14.10, non-compliant reports will displ [warning](https://gitlab.com/gitlab-org/gitlab/-/issues/335789#note_672853791) in the Vulnerability Report. -Planned removal milestone: 15.0 () +**Planned removal milestone: 15.0 ()** ### DAST schemas below 14.0.0 @@ -355,7 +523,7 @@ To help with the transition, from GitLab 14.10, non-compliant reports will cause [warning to be displayed](https://gitlab.com/gitlab-org/gitlab/-/issues/335789#note_672853791) in the Vulnerability Report. -Planned removal milestone: 15.0 () +**Planned removal milestone: 15.0 ()** ### Dependency scanning schemas below 14.0.0 @@ -373,7 +541,7 @@ To help with the transition, from GitLab 14.10, non-compliant reports will cause [warning to be displayed](https://gitlab.com/gitlab-org/gitlab/-/issues/335789#note_672853791) in the Vulnerability Report. -Planned removal milestone: 15.0 () +**Planned removal milestone: 15.0 ()** ### Enforced validation of security report schemas @@ -391,7 +559,7 @@ To help with the transition, from GitLab 14.10, non-compliant reports will displ [warning](https://gitlab.com/gitlab-org/gitlab/-/issues/335789#note_672853791) in the Vulnerability Report. -Planned removal milestone: 15.0 () +**Planned removal milestone: 15.0 ()** ### Godep support in License Compliance @@ -400,20 +568,32 @@ has been replaced with Go modules. To reduce our maintenance cost we are deprecating License Compliance for Godep projects as of 14.7 and will remove it in GitLab 15.0 -Planned removal milestone: 15.0 (2022-05-22) +**Planned removal milestone: 15.0 (2022-05-22)** ### Logging in GitLab +WARNING: +This feature will be changed or removed in 15.0 +as a [breaking change](https://docs.gitlab.com/ee/development/contributing/#breaking-changes). +Before updating GitLab, review the details carefully to determine if you need to make any +changes to your code, settings, or workflow. + The logging features in GitLab allow users to install the ELK stack (Elasticsearch, Logstash, and Kibana) to aggregate and manage application logs. Users can search for relevant logs in GitLab. However, since deprecating certificate-based integration with Kubernetes clusters and GitLab Managed Apps, we don't have a recommended solution for logging within GitLab. For more information, you can follow the issue for [integrating Opstrace with GitLab](https://gitlab.com/groups/gitlab-org/-/epics/6976). -Planned removal milestone: 15.0 (2022-05-22) +**Planned removal milestone: 15.0 (2022-05-22)** ### Monitor performance metrics through Prometheus +WARNING: +This feature will be changed or removed in 15.0 +as a [breaking change](https://docs.gitlab.com/ee/development/contributing/#breaking-changes). +Before updating GitLab, review the details carefully to determine if you need to make any +changes to your code, settings, or workflow. + By displaying data stored in a Prometheus instance, GitLab allows users to view performance metrics. GitLab also displays visualizations of these metrics in dashboards. The user can connect to a previously-configured external Prometheus instance, or set up Prometheus as a GitLab Managed App. However, since certificate-based integration with Kubernetes clusters is deprecated in GitLab, the metrics functionality in GitLab that relies on Prometheus is also deprecated. This includes the metrics visualizations in dashboards. GitLab is working to develop a single user experience based on [Opstrace](https://about.gitlab.com/press/releases/2021-12-14-gitlab-acquires-opstrace-to-expand-its-devops-platform-with-open-source-observability-solution.html). An [issue exists](https://gitlab.com/groups/gitlab-org/-/epics/6976) for you to follow work on the Opstrace integration. -Planned removal milestone: 15.0 (2022-05-22) +**Planned removal milestone: 15.0 (2022-05-22)** ### Pseudonymizer @@ -422,13 +602,13 @@ can cause production issues with large databases, and can interfere with object storage development. It is now considered deprecated, and will be removed in GitLab 15.0. -Planned removal milestone: 15.0 (2022-05-22) +**Planned removal milestone: 15.0 (2022-05-22)** ### Removal of Static Site Editor The Static Site Editor will no longer be available starting in GitLab 15.0. Improvements to the Markdown editing experience across GitLab will deliver smiliar benefit but with a wider reach. Incoming requests to the Static Site Editor will be redirected to the Web IDE. Current users of the Static Site Editor can view the [documentation](https://docs.gitlab.com/ee/user/project/static_site_editor/) for more information, including how to remove the configuration files from existing projects. -Planned removal milestone: 15.0 (2022-05-22) +**Planned removal milestone: 15.0 (2022-05-22)** ### Removal of `artifacts:report:cobertura` keyword @@ -437,7 +617,7 @@ Currently, test coverage visualizations in GitLab only support Cobertura reports [`artifacts:reports:coverage_report`](https://gitlab.com/gitlab-org/gitlab/-/issues/344533). Cobertura will be the only supported report file in 15.0, but this is the first step towards GitLab supporting other report types. -Planned removal milestone: 15.0 (2022-05-22) +**Planned removal milestone: 15.0 (2022-05-22)** ### SAST schemas below 14.0.0 @@ -455,7 +635,7 @@ To help with the transition, from GitLab 14.10, non-compliant reports will displ [warning](https://gitlab.com/gitlab-org/gitlab/-/issues/335789#note_672853791) in the Vulnerability Report. -Planned removal milestone: 15.0 () +**Planned removal milestone: 15.0 ()** ### Secret detection schemas below 14.0.0 @@ -473,10 +653,16 @@ To help with the transition, from GitLab 14.10, non-compliant reports will displ [warning](https://gitlab.com/gitlab-org/gitlab/-/issues/335789#note_672853791) in the Vulnerability Report. -Planned removal milestone: 15.0 () +**Planned removal milestone: 15.0 ()** ### Sidekiq metrics and health checks configuration +WARNING: +This feature will be changed or removed in 15.0 +as a [breaking change](https://docs.gitlab.com/ee/development/contributing/#breaking-changes). +Before updating GitLab, review the details carefully to determine if you need to make any +changes to your code, settings, or workflow. + Exporting Sidekiq metrics and health checks using a single process and port is deprecated. Support will be removed in 15.0. @@ -497,10 +683,22 @@ and only run one server (not changing the current behaviour). Only if they are both set and a different port is provided, a separate metrics server will spin up to serve the Sidekiq metrics, similar to the way Sidekiq will behave in 15.0. -Planned removal milestone: 15.0 (2022-05-22) +**Planned removal milestone: 15.0 (2022-05-22)** ### Tracing in GitLab +WARNING: +This feature will be changed or removed in 15.0 +as a [breaking change](https://docs.gitlab.com/ee/development/contributing/#breaking-changes). +Before updating GitLab, review the details carefully to determine if you need to make any +changes to your code, settings, or workflow. + Tracing in GitLab is an integration with Jaeger, an open-source end-to-end distributed tracing system. GitLab users can navigate to their Jaeger instance to gain insight into the performance of a deployed application, tracking each function or microservice that handles a given request. Tracing in GitLab is deprecated in GitLab 14.7, and scheduled for removal in 15.0. To track work on a possible replacement, see the issue for [Opstrace integration with GitLab](https://gitlab.com/groups/gitlab-org/-/epics/6976). -Planned removal milestone: 15.0 (2022-05-22) +**Planned removal milestone: 15.0 (2022-05-22)** + +### merged_by API field + +The `merged_by` field in the [merge request API](https://docs.gitlab.com/ee/api/merge_requests.html#list-merge-requests) is being deprecated and will be removed in GitLab 15.0. This field is being replaced with the `merge_user` field (already present in GraphQL) which more correctly identifies who merged a merge request when performing actions (merge when pipeline succeeds, add to merge train) other than a simple merge. + +**Planned removal milestone: 15.0 ()** diff --git a/doc/update/removals.md b/doc/update/removals.md index e66e2397b73..94ce815a110 100644 --- a/doc/update/removals.md +++ b/doc/update/removals.md @@ -6,14 +6,6 @@ info: "See the Technical Writers assigned to Development Guidelines: https://abo # Removals by milestone -DISCLAIMER: -This page contains information related to upcoming products, features, and functionality. -It is important to note that the information presented is for informational purposes only. -Please do not rely on this information for purchasing or planning purposes. -As with all projects, the items mentioned on this page are subject to change or delay. -The development, release, and timing of any products, features, or functionality remain at the -sole discretion of GitLab Inc. - <!-- vale off --> <!-- diff --git a/doc/user/application_security/coverage_fuzzing/index.md b/doc/user/application_security/coverage_fuzzing/index.md index b35c2ed79cf..89b4cdcc34d 100644 --- a/doc/user/application_security/coverage_fuzzing/index.md +++ b/doc/user/application_security/coverage_fuzzing/index.md @@ -7,14 +7,14 @@ type: reference, howto # Coverage-guided fuzz testing **(ULTIMATE)** -Coverage-guided fuzzing sends random inputs to an instrumented version of your application in an -effort to cause unexpected behavior. Such behavior indicates a bug that you should address. +Coverage-guided fuzz testing sends random inputs to an instrumented version of your application in +an effort to cause unexpected behavior. Such behavior indicates a bug that you should address. GitLab allows you to add coverage-guided fuzz testing to your pipelines. This helps you discover bugs and potential security issues that other QA processes may miss. We recommend that you use fuzz testing in addition to the other security scanners in [GitLab Secure](../index.md) and your own test processes. If you're using [GitLab CI/CD](../../../ci/index.md), -you can run your coverage-guided fuzz tests as part your CI/CD workflow. +you can run your coverage-guided fuzz testing as part your CI/CD workflow. ## Coverage-guided fuzz testing process @@ -30,30 +30,40 @@ The results of the coverage-guided fuzz testing are available in the CI/CD pipel ## Supported fuzzing engines and languages -GitLab supports these languages through the fuzzing engine listed for each. We currently provide a -Docker image for apps written in Go, but you can test the other languages below by providing a -Docker image with the fuzz engine to run your app. - -| Language | Fuzzing Engine | Example | -|----------|----------------|---------| -| C/C++ | [libFuzzer](https://llvm.org/docs/LibFuzzer.html) | [c-cpp-example](https://gitlab.com/gitlab-org/security-products/demos/coverage-fuzzing/c-cpp-fuzzing-example) | -| GoLang | [go-fuzz (libFuzzer support)](https://github.com/dvyukov/go-fuzz) | [go-fuzzing-example](https://gitlab.com/gitlab-org/security-products/demos/coverage-fuzzing/go-fuzzing-example) | -| Swift | [libFuzzer](https://github.com/apple/swift/blob/master/docs/libFuzzerIntegration.md) | [swift-fuzzing-example](https://gitlab.com/gitlab-org/security-products/demos/coverage-fuzzing/swift-fuzzing-example) | -| Rust | [cargo-fuzz (libFuzzer support)](https://github.com/rust-fuzz/cargo-fuzz) | [rust-fuzzing-example](https://gitlab.com/gitlab-org/security-products/demos/coverage-fuzzing/rust-fuzzing-example) | -| Java | [Javafuzz](https://gitlab.com/gitlab-org/security-products/analyzers/fuzzers/javafuzz) (recommended) | [javafuzz-fuzzing-example](https://gitlab.com/gitlab-org/security-products/demos/coverage-fuzzing/javafuzz-fuzzing-example) | -| Java | [JQF](https://github.com/rohanpadhye/JQF) (not preferred) | [jqf-fuzzing-example](https://gitlab.com/gitlab-org/security-products/demos/coverage-fuzzing/java-fuzzing-example) | -| JavaScript | [`jsfuzz`](https://gitlab.com/gitlab-org/security-products/analyzers/fuzzers/jsfuzz)| [jsfuzz-fuzzing-example](https://gitlab.com/gitlab-org/security-products/demos/coverage-fuzzing/jsfuzz-fuzzing-example) | -| Python | [`pythonfuzz`](https://gitlab.com/gitlab-org/security-products/analyzers/fuzzers/pythonfuzz)| [pythonfuzz-fuzzing-example](https://gitlab.com/gitlab-org/security-products/demos/coverage-fuzzing/pythonfuzz-fuzzing-example) | -| AFL (any language that works on top of AFL) | [AFL](https://lcamtuf.coredump.cx/afl/)| [afl-fuzzing-example](https://gitlab.com/gitlab-org/security-products/demos/coverage-fuzzing/afl-fuzzing-example) | +You can use the following fuzzing engines to test the specified languages. + +| Language | Fuzzing Engine | Example | +|---------------------------------------------|------------------------------------------------------------------------------------------------------|---------------------------------------------------------------------------------------------------------------------------------| +| C/C++ | [libFuzzer](https://llvm.org/docs/LibFuzzer.html) | [c-cpp-example](https://gitlab.com/gitlab-org/security-products/demos/coverage-fuzzing/c-cpp-fuzzing-example) | +| GoLang | [go-fuzz (libFuzzer support)](https://github.com/dvyukov/go-fuzz) | [go-fuzzing-example](https://gitlab.com/gitlab-org/security-products/demos/coverage-fuzzing/go-fuzzing-example) | +| Swift | [libFuzzer](https://github.com/apple/swift/blob/master/docs/libFuzzerIntegration.md) | [swift-fuzzing-example](https://gitlab.com/gitlab-org/security-products/demos/coverage-fuzzing/swift-fuzzing-example) | +| Rust | [cargo-fuzz (libFuzzer support)](https://github.com/rust-fuzz/cargo-fuzz) | [rust-fuzzing-example](https://gitlab.com/gitlab-org/security-products/demos/coverage-fuzzing/rust-fuzzing-example) | +| Java | [Javafuzz](https://gitlab.com/gitlab-org/security-products/analyzers/fuzzers/javafuzz) (recommended) | [javafuzz-fuzzing-example](https://gitlab.com/gitlab-org/security-products/demos/coverage-fuzzing/javafuzz-fuzzing-example) | +| Java | [JQF](https://github.com/rohanpadhye/JQF) (not preferred) | [jqf-fuzzing-example](https://gitlab.com/gitlab-org/security-products/demos/coverage-fuzzing/java-fuzzing-example) | +| JavaScript | [`jsfuzz`](https://gitlab.com/gitlab-org/security-products/analyzers/fuzzers/jsfuzz) | [jsfuzz-fuzzing-example](https://gitlab.com/gitlab-org/security-products/demos/coverage-fuzzing/jsfuzz-fuzzing-example) | +| Python | [`pythonfuzz`](https://gitlab.com/gitlab-org/security-products/analyzers/fuzzers/pythonfuzz) | [pythonfuzz-fuzzing-example](https://gitlab.com/gitlab-org/security-products/demos/coverage-fuzzing/pythonfuzz-fuzzing-example) | +| AFL (any language that works on top of AFL) | [AFL](https://lcamtuf.coredump.cx/afl/) | [afl-fuzzing-example](https://gitlab.com/gitlab-org/security-products/demos/coverage-fuzzing/afl-fuzzing-example) | ## Configuration -To enable fuzzing, you must -[include](../../../ci/yaml/index.md#includetemplate) -the [`Coverage-Fuzzing.gitlab-ci.yml` template](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Security/Coverage-Fuzzing.gitlab-ci.yml) -provided as part of your GitLab installation. +To enable coverage-guided fuzz testing, edit the `.gitlab-ci.yml` file: + +1. Add the `fuzz` stage to the list of stages. + +1. If your application is not written in Go, [provide a Docker image](../../../ci/yaml/index.md#image) using the matching fuzzing + engine. For example: + + ```yaml + image: python:latest + ``` + +1. [Include](../../../ci/yaml/index.md#includetemplate) the + [`Coverage-Fuzzing.gitlab-ci.yml` template](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Security/Coverage-Fuzzing.gitlab-ci.yml) + provided as part of your GitLab installation. -To do so, add the following to your `.gitlab-ci.yml` file: +1. Customize the `my_fuzz_target` job to meet your requirements. + +### Example extract of coverage-guided fuzzing configuration ```yaml stages: @@ -65,96 +75,62 @@ include: my_fuzz_target: extends: .fuzz_base script: - # Build your fuzz target binary in these steps, then run it with gitlab-cov-fuzz> + # Build your fuzz target binary in these steps, then run it with gitlab-cov-fuzz # See our example repos for how you could do this with any of our supported languages - ./gitlab-cov-fuzz run --regression=$REGRESSION -- <your fuzz target> ``` -The included template makes available the [hidden job](../../../ci/jobs/index.md#hide-jobs) -`.fuzz_base`, which you must [extend](../../../ci/yaml/index.md#extends) for each of your fuzz -targets. Each fuzz target **must** have a separate job. For example, the +The `Coverage-Fuzzing` template includes the [hidden job](../../../ci/jobs/index.md#hide-jobs) +`.fuzz_base`, which you must [extend](../../../ci/yaml/index.md#extends) for each of your fuzzing +targets. Each fuzzing target **must** have a separate job. For example, the [go-fuzzing-example project](https://gitlab.com/gitlab-org/security-products/demos/go-fuzzing-example) -contains one job that extends `.fuzz_base` for its single fuzz target. +contains one job that extends `.fuzz_base` for its single fuzzing target. Note that the hidden job `.fuzz_base` uses several YAML keys that you must not override in your own -job. If you include these keys in your own job, you must copy their original content. These keys -are: +job. If you include these keys in your own job, you must copy their original content: - `before_script` - `artifacts` - `rules` -The `my_fuzz_target` job (the separate job for your fuzz target) does the following: +### Available CI/CD variables + +Use the following variables to configure coverage-guided fuzz testing in your CI/CD pipeline. -- Extends `.fuzz_base`. -- Compiles the fuzz target with [go-fuzz](https://github.com/dvyukov/go-fuzz). -- Runs the target with the `gitlab-cov-fuzz` command, which is available to each job that extends - `.fuzz_base`. -- Runs on a fuzz stage that usually comes after a test stage. +| CI/CD variable | Description | +|---------------------------|---------------------------------------------------------------------------------| +| `COVFUZZ_ADDITIONAL_ARGS` | Arguments passed to `gitlab-cov-fuzz`. Used to customize the behavior of the underlying fuzzing engine. Read the fuzzing engine's documentation for a complete list of arguments. | +| `COVFUZZ_BRANCH` | The branch on which long-running fuzzing jobs are to be run. On all other branches, only fuzzing regression tests are run. Default: Repository's default branch. | +| `COVFUZZ_SEED_CORPUS` | Path to a seed corpus directory. Default: empty. | +| `COVFUZZ_URL_PREFIX` | Path to the `gitlab-cov-fuzz` repository cloned for use with an offline environment. You should only change this value when using an offline environment. Default: `https://gitlab.com/gitlab-org/security-products/analyzers/gitlab-cov-fuzz/-/raw`. | -The `gitlab-cov-fuzz` is a command-line tool that runs the instrumented application. It parses and -analyzes the exception information that the fuzzer outputs. It also downloads the [corpus](../terminology/index.md#corpus) -and crash events from previous pipelines automatically. This helps your fuzz targets build on the -progress of previous fuzzing jobs. The parsed crash events and data are written to -`gl-coverage-fuzzing-report.json`. +#### Seed corpus -### Artifacts +Files in the [seed corpus](../terminology/index.md#seed-corpus) must be updated manually. They are +not updated or overwritten by the coverage-guide fuzz testing job. + +## Output Each fuzzing step outputs these artifacts: -- `gl-coverage-fuzzing-report.json`: This file's format may change in future releases. +- `gl-coverage-fuzzing-report.json`: A report containing details of the coverage-guided fuzz testing + and its results. - `artifacts.zip`: This file contains two directories: - - `corpus`: Holds all test cases generated by the current and all previous jobs. - - `crashes`: Holds all crash events the current job encountered as well as those not fixed in + - `corpus`: Contains all test cases generated by the current and all previous jobs. + - `crashes`: Contains all crash events the current job found and those not fixed in previous jobs. -### Types of fuzzing jobs - -There are two types of jobs: - -- Fuzzing: Standard fuzzing session. You can configure a long session through a user defined - timeout. -- Regression: Run the fuzz targets through the accumulated test cases generated by previous fuzzing - sessions plus fixed crashes from previous sessions. This is usually very quick. - -Here's our current suggestion for configuring your fuzz target's timeout: - -- Set `COVFUZZ_BRANCH` to the branch where you want to run long-running (asynchronous) fuzzing - jobs. This is normally the default branch. -- Use regression or short-running fuzzing jobs for other branches or merge requests. - -This suggestion helps find new bugs on the development branch and catch old bugs in merge requests -(like unit tests). - -You can configure this by passing `--regression=false/true` to `gitlab-cov-fuzz` as the [Go example](https://gitlab.com/gitlab-org/security-products/demos/go-fuzzing-example/-/blob/master/.gitlab-ci.yml) -shows. Also note that `gitlab-cov-fuzz` is a wrapper, so you can pass those arguments to configure -any option available in the underlying fuzzing engine. - -### Available CI/CD variables - -| CI/CD variable | Description | -|-----------------------|--------------------------------------------------------------------------------| -| `COVFUZZ_BRANCH` | The branch for long-running fuzzing jobs. This is normally the default branch. | -| `COVFUZZ_SEED_CORPUS` | Path to a seed corpus directory. The default is empty. | -| `COVFUZZ_URL_PREFIX` | Path to the `gitlab-cov-fuzz` repository cloned for use with an offline environment. You should only change this when using an offline environment. The default value is `https://gitlab.com/gitlab-org/security-products/analyzers/gitlab-cov-fuzz/-/raw`. | - -The files in the [seed corpus](../terminology/index.md#seed-corpus) (`COVFUZZ_SEED_CORPUS`), if provided, aren't updated unless you commit new -files to your Git repository. There's usually no need to frequently update the seed corpus. As part -of the GitLab artifacts system, GitLab saves in a corpus directory the new test cases that every run -generates. In any subsequent runs, GitLab also reuses the generated corpus together with the seed -corpus. +You can download the JSON report file from the CI/CD pipelines page. For more information, see +[Downloading artifacts](../../../ci/pipelines/job_artifacts.md#download-job-artifacts). -### Reports JSON format +### Coverage-guided fuzz testing report > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/220062) in GitLab 13.3 as an [Alpha feature](https://about.gitlab.com/handbook/product/gitlab-the-product/#alpha). -The `gitlab-cov-fuzz` tool emits a JSON report file. For more information, see the -[schema for this report](https://gitlab.com/gitlab-org/security-products/security-report-schemas/-/blob/master/dist/coverage-fuzzing-report-format.json). - -You can download the JSON report file from the CI pipelines page. For more information, see -[Downloading artifacts](../../../ci/pipelines/job_artifacts.md#download-job-artifacts). +For detailed information about the `gl-coverage-fuzzing-report.json` file's format, read the +[schema](https://gitlab.com/gitlab-org/security-products/security-report-schemas/-/blob/master/dist/coverage-fuzzing-report-format.json). -Here's an example coverage fuzzing report: +Example coverage-guided fuzzing report: ```json-doc { @@ -183,38 +159,30 @@ Here's an example coverage fuzzing report: } ``` -### Additional configuration - -The `gitlab-cov-fuzz` command passes all arguments it receives to the underlying fuzzing engine. You -can therefore use all the options available in that fuzzing engine. For more information on these -options, see the underlying fuzzing engine's documentation. - -### Offline environment +## Duration of coverage-guided fuzz testing -To use coverage fuzzing in an offline environment, follow these steps: +The available durations for coverage-guided fuzz testing are: 10 minutes (default) and 60 minutes. -1. Clone [`gitlab-cov-fuzz`](https://gitlab.com/gitlab-org/security-products/analyzers/gitlab-cov-fuzz) - to a private repository that your offline GitLab instance can access. +- 10-minute duration: Recommended for the default branch. +- 60-minute duration: Recommended for the development branch and merge requests. The longer duration provides greater coverage. + In the `COVFUZZ_ADDITIONAL_ARGS` variable set the value `--regression=true`. -1. For each fuzzing step, set `COVFUZZ_URL_PREFIX` to `${NEW_URL_GITLAB_COV_FUZ}/-/raw`, where - `NEW_URL_GITLAB_COV_FUZ` is the URL of the private `gitlab-cov-fuzz` clone that you set up in the - first step. +For a complete example, read the [Go coverage-guided fuzzing example](https://gitlab.com/gitlab-org/security-products/demos/coverage-fuzzing/go-fuzzing-example/-/blob/master/.gitlab-ci.yml). -### Continuous fuzzing (long-running asynchronous fuzzing jobs) +### Continuous coverage-guided fuzz testing -It's also possible to run the fuzzing jobs longer and without blocking your main pipeline. This -configuration uses the GitLab [parent-child pipelines](../../../ci/pipelines/parent_child_pipelines.md). -The full example is available in the [repository](https://gitlab.com/gitlab-org/security-products/demos/coverage-fuzzing/go-fuzzing-example/-/tree/continuous_fuzzing#running-go-fuzz-from-ci). -This example uses Go, but is applicable for any other supported languages. +It's also possible to run the coverage-guided fuzzing jobs longer and without blocking your main +pipeline. This configuration uses the GitLab +[parent-child pipelines](../../../ci/pipelines/parent_child_pipelines.md). -The suggested workflow in this scenario is to have long-running, asynchronous fuzzing jobs on a -main/development branch, and short, blocking sync fuzzing jobs on all other branches and MRs. This -is a good way to balance the needs of letting a developer's per-commit pipeline complete quickly, -and also giving the fuzzer a large amount of time to fully explore and test the app. +The suggested workflow in this scenario is to have long-running, asynchronous fuzzing jobs on the +main or development branch, and short synchronous fuzzing jobs on all other branches and MRs. This +balances the needs of completing the per-commit pipeline complete quickly, while also giving the +fuzzer a large amount of time to fully explore and test the app. Long-running fuzzing jobs are +usually necessary for the coverage-guided fuzzer to find deeper bugs in your codebase. -Long-running fuzzing jobs are usually necessary for the coverage guided fuzzer to find deeper bugs -in your latest codebase. The following is an example of what `.gitlab-ci.yml` looks like in this -workflow (for the full example, see the [repository](https://gitlab.com/gitlab-org/security-products/demos/coverage-fuzzing/go-fuzzing-example/-/tree/continuous_fuzzing)): +The following is an extract of the `.gitlab-ci.yml` file for this +workflow. For the full example, see the [Go fuzzing example's repository](https://gitlab.com/gitlab-org/security-products/demos/coverage-fuzzing/go-fuzzing-example/-/tree/continuous_fuzzing): ```yaml @@ -236,7 +204,7 @@ async_fuzzing: - if: $CI_COMMIT_BRANCH == 'continuous_fuzzing' && $CI_PIPELINE_SOURCE != 'merge_request_event' ``` -This essentially creates two steps: +This creates two jobs: 1. `sync_fuzzing`: Runs all your fuzz targets for a short period of time in a blocking configuration. This finds simple bugs and allows you to be confident that your MRs aren't @@ -246,6 +214,17 @@ This essentially creates two steps: The `covfuzz-ci.yml` is the same as that in the [original synchronous example](https://gitlab.com/gitlab-org/security-products/demos/coverage-fuzzing/go-fuzzing-example#running-go-fuzz-from-ci). +## Offline environment + +To use coverage fuzzing in an offline environment: + +1. Clone [`gitlab-cov-fuzz`](https://gitlab.com/gitlab-org/security-products/analyzers/gitlab-cov-fuzz) + to a private repository that your offline GitLab instance can access. + +1. For each fuzzing step, set `COVFUZZ_URL_PREFIX` to `${NEW_URL_GITLAB_COV_FUZ}/-/raw`, where + `NEW_URL_GITLAB_COV_FUZ` is the URL of the private `gitlab-cov-fuzz` clone that you set up in the + first step. + ## Interacting with the vulnerabilities After a vulnerability is found, you can [address it](../vulnerabilities/index.md). diff --git a/doc/user/packages/container_registry/index.md b/doc/user/packages/container_registry/index.md index 9a37d9a027e..c77fc5a0f4b 100644 --- a/doc/user/packages/container_registry/index.md +++ b/doc/user/packages/container_registry/index.md @@ -724,3 +724,55 @@ Use your own URLs to complete the following steps: ``` Follow [this issue](https://gitlab.com/gitlab-org/gitlab/-/issues/18383) for details. + +### Tags on S3 backend remain after successful deletion requests + +With S3 as your storage backend, tags may remain even though: + +- In the UI, you see that the tags are scheduled for deletion. +- In the API, you get an HTTP `200` response. +- The registry log shows a successful `Delete` request. + +An example `DELETE` request in the registry log: + +```shell +{"content_type":"","correlation_id":"01FQGNSKVMHQEAVE21KYTJN2P4","duration_ms":62,"host":"localhost:5000","level":"info","method":"DELETE","msg":"access","proto":"HTTP/1.1","referrer":"","remote_addr":"127.0.0.1:47498","remote_ip":"127.0.0.1","status":202,"system":"http","time":"2021-12-22T08:58:15Z","ttfb_ms":62,"uri":"/v2/<path to repo>/tags/reference/<tag_name>","user_agent":"GitLab/<version>","written_bytes":0} +``` + +There may be some errors not properly cached. Follow these steps to investigate further: + +1. In your configuration file, set the registry's log level to `debug`, and the S3 driver's log + level to `logdebugwithhttpbody`. For Omnibus, make these edits in the `gitlab.rb` file: + + ```shell + # Change the registry['log_level'] to debug + registry['log_level'] = 'debug' + + # Set log level for registry log from storage side + registry['storage'] = { + 's3' => { + 'bucket' => 'your-s3-bucket', + 'region' => 'your-s3-region' + }, + + 'loglevel' = "logdebugwithhttpbody" + } + ``` + + Then save and reconfigure GitLab: + + ```shell + sudo gitlab-ctl reconfigure + ``` + +1. Attempt to delete one or more tags using the GitLab UI or API. + +1. Inspect the registry logs and look for a response from S3. Although the response could be + `200 OK`, the body might have the error `AccessDenied`. This indicates a permission problem from + the S3 side. + +1. Ensure your S3 configuration has the `deleteObject` permisson scope. Here's an + [example role for an S3 bucket](../../../administration/object_storage.md#iam-permissions). + Once adjusted, trigger another tag deletion. You should be able to successfully delete tags. + +Follow [this issue](https://gitlab.com/gitlab-org/container-registry/-/issues/551) for details. diff --git a/doc/user/packages/container_registry/reduce_container_registry_storage.md b/doc/user/packages/container_registry/reduce_container_registry_storage.md index d9e97010ef7..e2242a85b75 100644 --- a/doc/user/packages/container_registry/reduce_container_registry_storage.md +++ b/doc/user/packages/container_registry/reduce_container_registry_storage.md @@ -35,9 +35,6 @@ To delete the underlying layers and images that aren't associated with any tags, Cleanup policies can be run on all projects, with these exceptions: -- For GitLab.com, the project must have been created after 2020-02-22. - Support for projects created earlier is tracked - [in this issue](https://gitlab.com/gitlab-org/gitlab/-/issues/196124). - For self-managed GitLab instances, the project must have been created in GitLab 12.8 or later. However, an administrator can enable the cleanup policy for all projects (even those created before 12.8) in diff --git a/lib/api/helpers/integrations_helpers.rb b/lib/api/helpers/integrations_helpers.rb index e7fdb6645a5..3af0dd4c532 100644 --- a/lib/api/helpers/integrations_helpers.rb +++ b/lib/api/helpers/integrations_helpers.rb @@ -314,25 +314,33 @@ module API required: false, name: :datadog_site, type: String, - desc: 'Choose the Datadog site to send data to. Set to "datadoghq.eu" to send data to the EU site' + desc: 'The Datadog site to send data to. To send data to the EU site, use datadoghq.eu' }, { required: false, name: :api_url, type: String, - desc: '(Advanced) Define the full URL for your Datadog site directly' + desc: '(Advanced) The full URL for your Datadog site' }, + # TODO: uncomment this field once :datadog_integration_logs_collection is rolled out + # https://gitlab.com/gitlab-org/gitlab/-/issues/346339 + # { + # required: false, + # name: :archive_trace_events, + # type: Boolean, + # desc: 'When enabled, job logs will be collected by Datadog and shown along pipeline execution traces' + # }, { required: false, name: :datadog_service, type: String, - desc: 'Name of this GitLab instance that all data will be tagged with' + desc: 'Tag all data from this GitLab instance in Datadog. Useful when managing several self-managed deployments' }, { required: false, name: :datadog_env, type: String, - desc: 'The environment tag that traces will be tagged with' + desc: 'For self-managed deployments, set the env tag for all the data sent to Datadog. How do I use tags?' } ], 'discord' => [ diff --git a/lib/api/integrations.rb b/lib/api/integrations.rb index bab8e556a73..ff1d88e35f0 100644 --- a/lib/api/integrations.rb +++ b/lib/api/integrations.rb @@ -111,7 +111,14 @@ module API integration = user_project.find_or_initialize_integration(params[:slug].underscore) destroy_conditionally!(integration) do - attrs = integration_attributes(integration).index_with { nil }.merge(active: false) + attrs = integration_attributes(integration).index_with do |attr| + column = integration.column_for_attribute(attr) + if column.is_a?(ActiveRecord::ConnectionAdapters::NullColumn) + nil + else + column.default + end + end.merge(active: false) render_api_error!('400 Bad Request', 400) unless integration.update(attrs) end diff --git a/lib/gitlab/data_builder/archive_trace.rb b/lib/gitlab/data_builder/archive_trace.rb new file mode 100644 index 00000000000..f6dd6130104 --- /dev/null +++ b/lib/gitlab/data_builder/archive_trace.rb @@ -0,0 +1,19 @@ +# frozen_string_literal: true + +module Gitlab + module DataBuilder + module ArchiveTrace + extend self + + def build(job) + { + object_kind: 'archive_trace', + trace_url: job.job_artifacts_trace.file.url, + build_id: job.id, + pipeline_id: job.pipeline_id, + project: job.project.hook_attrs + } + end + end + end +end diff --git a/locale/gitlab.pot b/locale/gitlab.pot index e3596b766d3..ef081320925 100644 --- a/locale/gitlab.pot +++ b/locale/gitlab.pot @@ -6284,9 +6284,21 @@ msgstr "" msgid "CICDAnalytics|Releases" msgstr "" +msgid "CICDAnalytics|Shared Runners Usage" +msgstr "" + +msgid "CICDAnalytics|Shared runner usage" +msgstr "" + +msgid "CICDAnalytics|Shared runner usage is the total runtime of all jobs that ran on shared runners" +msgstr "" + msgid "CICDAnalytics|Something went wrong while fetching release statistics" msgstr "" +msgid "CICDAnalytics|What is shared runner usage?" +msgstr "" + msgid "CICD|Add a %{base_domain_link_start}base domain%{link_end} to your %{kubernetes_cluster_link_start}Kubernetes cluster%{link_end} for your deployment strategy to work." msgstr "" @@ -11976,6 +11988,9 @@ msgstr "" msgid "Deployment|This deployment was created using the API" msgstr "" +msgid "Deployment|blocked" +msgstr "" + msgid "Deployment|canceled" msgstr "" @@ -12536,9 +12551,6 @@ msgstr "" msgid "Discover|See the other features of the %{linkStart}ultimate plan%{linkEnd}" msgstr "" -msgid "Discover|Send feedback" -msgstr "" - msgid "Discover|Start a free trial" msgstr "" @@ -13234,6 +13246,9 @@ msgstr "" msgid "Enable kuromoji custom analyzer: Search" msgstr "" +msgid "Enable logs collection" +msgstr "" + msgid "Enable maintenance mode" msgstr "" @@ -40193,6 +40208,9 @@ msgstr "" msgid "When enabled, existing personal access tokens may be revoked. Leave blank for no limit." msgstr "" +msgid "When enabled, job logs are collected by Datadog and displayed along with pipeline execution traces." +msgstr "" + msgid "When inactive, an external authentication provider must be used." msgstr "" diff --git a/spec/features/markdown/copy_as_gfm_spec.rb b/spec/features/markdown/copy_as_gfm_spec.rb index d3aaf339421..0e5a20fe24a 100644 --- a/spec/features/markdown/copy_as_gfm_spec.rb +++ b/spec/features/markdown/copy_as_gfm_spec.rb @@ -7,6 +7,10 @@ RSpec.describe 'Copy as GFM', :js do include RepoHelpers include ActionView::Helpers::JavaScriptHelper + before do + stub_feature_flags(refactor_blob_viewer: false) # This stub will be removed in https://gitlab.com/gitlab-org/gitlab/-/issues/350454 + end + describe 'Copying rendered GFM' do before do @feat = MarkdownFeature.new diff --git a/spec/features/projects/blobs/blob_line_permalink_updater_spec.rb b/spec/features/projects/blobs/blob_line_permalink_updater_spec.rb index 1a368676a5e..11e2d24c36a 100644 --- a/spec/features/projects/blobs/blob_line_permalink_updater_spec.rb +++ b/spec/features/projects/blobs/blob_line_permalink_updater_spec.rb @@ -34,26 +34,23 @@ RSpec.describe 'Blob button line permalinks (BlobLinePermalinkUpdater)', :js do end it 'changes fragment hash if line number clicked' do - ending_fragment = "L5" - visit_blob find('#L3').click - find("##{ending_fragment}").click + find("#L5").click - expect(find('.js-data-file-blob-permalink-url')['href']).to eq(get_absolute_url(project_blob_path(project, tree_join(sha, path), anchor: ending_fragment))) + expect(find('.js-data-file-blob-permalink-url')['href']).to eq(get_absolute_url(project_blob_path(project, tree_join(sha, path), anchor: "LC5"))) end it 'with initial fragment hash, changes fragment hash if line number clicked' do fragment = "L1" - ending_fragment = "L5" visit_blob(fragment) find('#L3').click - find("##{ending_fragment}").click + find("#L5").click - expect(find('.js-data-file-blob-permalink-url')['href']).to eq(get_absolute_url(project_blob_path(project, tree_join(sha, path), anchor: ending_fragment))) + expect(find('.js-data-file-blob-permalink-url')['href']).to eq(get_absolute_url(project_blob_path(project, tree_join(sha, path), anchor: "LC5"))) end end @@ -73,26 +70,23 @@ RSpec.describe 'Blob button line permalinks (BlobLinePermalinkUpdater)', :js do end it 'changes fragment hash if line number clicked' do - ending_fragment = "L5" - visit_blob find('#L3').click - find("##{ending_fragment}").click + find("#L5").click - expect(find('.js-blob-blame-link')['href']).to eq(get_absolute_url(project_blame_path(project, tree_join('master', path), anchor: ending_fragment))) + expect(find('.js-blob-blame-link')['href']).to eq(get_absolute_url(project_blame_path(project, tree_join('master', path), anchor: "LC5"))) end it 'with initial fragment hash, changes fragment hash if line number clicked' do fragment = "L1" - ending_fragment = "L5" visit_blob(fragment) find('#L3').click - find("##{ending_fragment}").click + find("#L5").click - expect(find('.js-blob-blame-link')['href']).to eq(get_absolute_url(project_blame_path(project, tree_join('master', path), anchor: ending_fragment))) + expect(find('.js-blob-blame-link')['href']).to eq(get_absolute_url(project_blame_path(project, tree_join('master', path), anchor: "LC5"))) end end end diff --git a/spec/features/projects/blobs/blob_show_spec.rb b/spec/features/projects/blobs/blob_show_spec.rb index 9d05c985af1..62994d19fc0 100644 --- a/spec/features/projects/blobs/blob_show_spec.rb +++ b/spec/features/projects/blobs/blob_show_spec.rb @@ -29,6 +29,10 @@ RSpec.describe 'File blob', :js do ).execute end + before do + stub_feature_flags(refactor_blob_viewer: false) # This stub will be removed in https://gitlab.com/gitlab-org/gitlab/-/issues/350455 + end + context 'Ruby file' do before do visit_blob('files/ruby/popen.rb') diff --git a/spec/features/projects/files/user_browses_files_spec.rb b/spec/features/projects/files/user_browses_files_spec.rb index 4e9e129042c..508dec70db6 100644 --- a/spec/features/projects/files/user_browses_files_spec.rb +++ b/spec/features/projects/files/user_browses_files_spec.rb @@ -340,6 +340,7 @@ RSpec.describe "User browses files" do let(:newrev) { project.repository.commit('master').sha } before do + stub_feature_flags(refactor_blob_viewer: false) # This stub will be removed in https://gitlab.com/gitlab-org/gitlab/-/issues/350456 create_file_in_repo(project, 'master', 'master', filename, 'Test file') path = File.join('master', filename) @@ -355,6 +356,7 @@ RSpec.describe "User browses files" do context "when browsing a raw file" do before do + stub_feature_flags(refactor_blob_viewer: false) # This stub will be removed in https://gitlab.com/gitlab-org/gitlab/-/issues/350456 path = File.join(RepoHelpers.sample_commit.id, RepoHelpers.sample_blob.path) visit(project_blob_path(project, path)) diff --git a/spec/features/projects/files/user_browses_lfs_files_spec.rb b/spec/features/projects/files/user_browses_lfs_files_spec.rb index 3be5ab64834..17699847704 100644 --- a/spec/features/projects/files/user_browses_lfs_files_spec.rb +++ b/spec/features/projects/files/user_browses_lfs_files_spec.rb @@ -35,7 +35,7 @@ RSpec.describe 'Projects > Files > User browses LFS files' do expect(page).to have_content 'version https://git-lfs.github.com/spec/v1' expect(page).to have_content 'oid sha256:91eff75a492a3ed0dfcb544d7f31326bc4014c8551849c192fd1e48d4dd2c897' expect(page).to have_content 'size 1575078' - expect(page).not_to have_content 'Download (1.5 MB)' + expect(page).not_to have_content 'Download (1.50 MiB)' end end @@ -56,7 +56,7 @@ RSpec.describe 'Projects > Files > User browses LFS files' do click_link('lfs') click_link('lfs_object.iso') - expect(page).to have_content('Download (1.5 MB)') + expect(page).to have_content('Download (1.50 MiB)') expect(page).not_to have_content('version https://git-lfs.github.com/spec/v1') expect(page).not_to have_content('oid sha256:91eff75a492a3ed0dfcb544d7f31326bc4014c8551849c192fd1e48d4dd2c897') expect(page).not_to have_content('size 1575078') @@ -88,7 +88,7 @@ RSpec.describe 'Projects > Files > User browses LFS files' do it 'does not show single file edit link' do page.within('.content') do expect(page).to have_selector(:link_or_button, 'Web IDE') - expect(page).not_to have_selector(:link_or_button, 'Edit') + expect(page).not_to have_css('button[data-testid="edit"') end end end diff --git a/spec/features/projects/files/user_deletes_files_spec.rb b/spec/features/projects/files/user_deletes_files_spec.rb index b6e300e9e59..c508b2ddba9 100644 --- a/spec/features/projects/files/user_deletes_files_spec.rb +++ b/spec/features/projects/files/user_deletes_files_spec.rb @@ -15,6 +15,7 @@ RSpec.describe 'Projects > Files > User deletes files', :js do let(:user) { create(:user) } before do + stub_feature_flags(refactor_blob_viewer: false) # This stub will be removed in https://gitlab.com/gitlab-org/gitlab/-/issues/349953 sign_in(user) end diff --git a/spec/features/projects/files/user_edits_files_spec.rb b/spec/features/projects/files/user_edits_files_spec.rb index 453cc14c267..2b4ac3dc1d8 100644 --- a/spec/features/projects/files/user_edits_files_spec.rb +++ b/spec/features/projects/files/user_edits_files_spec.rb @@ -150,7 +150,7 @@ RSpec.describe 'Projects > Files > User edits files', :js do expect_fork_prompt - click_link_or_button('Fork project') + click_link_or_button('Fork') expect_fork_status @@ -169,7 +169,7 @@ RSpec.describe 'Projects > Files > User edits files', :js do expect_fork_prompt - click_link_or_button('Fork project') + click_link_or_button('Fork') expect_fork_status @@ -183,7 +183,7 @@ RSpec.describe 'Projects > Files > User edits files', :js do click_link_or_button('Edit') expect_fork_prompt - click_link_or_button('Fork project') + click_link_or_button('Fork') find('.file-editor', match: :first) @@ -214,7 +214,7 @@ RSpec.describe 'Projects > Files > User edits files', :js do click_link('.gitignore') click_link_or_button('Edit') - expect(page).not_to have_link('Fork project') + expect(page).not_to have_link('Fork') find('#editor') set_editor_value('*.rbca') diff --git a/spec/features/projects/files/user_replaces_files_spec.rb b/spec/features/projects/files/user_replaces_files_spec.rb index c9b472260bd..fe9520fffc8 100644 --- a/spec/features/projects/files/user_replaces_files_spec.rb +++ b/spec/features/projects/files/user_replaces_files_spec.rb @@ -17,6 +17,7 @@ RSpec.describe 'Projects > Files > User replaces files', :js do let(:user) { create(:user) } before do + stub_feature_flags(refactor_blob_viewer: false) # This stub will be removed in https://gitlab.com/gitlab-org/gitlab/-/issues/349953 sign_in(user) end diff --git a/spec/features/projects/view_on_env_spec.rb b/spec/features/projects/view_on_env_spec.rb index 5dd30f59e3d..94085b075aa 100644 --- a/spec/features/projects/view_on_env_spec.rb +++ b/spec/features/projects/view_on_env_spec.rb @@ -9,6 +9,7 @@ RSpec.describe 'View on environment', :js do let(:user) { project.creator } before do + stub_feature_flags(refactor_blob_viewer: false) # This stub will be removed in https://gitlab.com/gitlab-org/gitlab/-/issues/350457 project.add_maintainer(user) end diff --git a/spec/frontend/blob/components/__snapshots__/blob_header_spec.js.snap b/spec/frontend/blob/components/__snapshots__/blob_header_spec.js.snap index ad2f8aca55c..22bec77276b 100644 --- a/spec/frontend/blob/components/__snapshots__/blob_header_spec.js.snap +++ b/spec/frontend/blob/components/__snapshots__/blob_header_spec.js.snap @@ -17,7 +17,7 @@ exports[`Blob Header Default Actions rendering matches the snapshot 1`] = ` </div> <div - class="gl-display-none gl-sm-display-flex file-actions" + class="gl-sm-display-flex file-actions" > <viewer-switcher-stub value="simple" diff --git a/spec/frontend/blob/viewer/index_spec.js b/spec/frontend/blob/viewer/index_spec.js index 061ac7ad167..9e9f866d40c 100644 --- a/spec/frontend/blob/viewer/index_spec.js +++ b/spec/frontend/blob/viewer/index_spec.js @@ -21,6 +21,7 @@ describe('Blob viewer', () => { setTestTimeout(2000); beforeEach(() => { + window.gon.features = { refactorBlobViewer: false }; // This file is based on the old (non-refactored) blob viewer jest.spyOn(window, 'requestIdleCallback').mockImplementation(execImmediately); $.fn.extend(jQueryMock); mock = new MockAdapter(axios); diff --git a/spec/frontend/fixtures/blob.rb b/spec/frontend/fixtures/blob.rb index bfdeee0881b..35a7ff4eb07 100644 --- a/spec/frontend/fixtures/blob.rb +++ b/spec/frontend/fixtures/blob.rb @@ -12,6 +12,7 @@ RSpec.describe Projects::BlobController, '(JavaScript fixtures)', type: :control render_views before do + stub_feature_flags(refactor_blob_viewer: false) # This fixture is only used by the legacy (non-refactored) blob viewer sign_in(user) allow(SecureRandom).to receive(:hex).and_return('securerandomhex:thereisnospoon') end diff --git a/spec/frontend/repository/components/blob_content_viewer_spec.js b/spec/frontend/repository/components/blob_content_viewer_spec.js index 54bc4a61e0d..d3b60ec3768 100644 --- a/spec/frontend/repository/components/blob_content_viewer_spec.js +++ b/spec/frontend/repository/components/blob_content_viewer_spec.js @@ -338,35 +338,11 @@ describe('Blob content viewer component', () => { deletePath: webPath, canPushCode: pushCode, canLock: true, - isLocked: true, + isLocked: false, emptyRepo: empty, }); }); - it.each` - canPushCode | canDownloadCode | username | canLock - ${true} | ${true} | ${'root'} | ${true} - ${false} | ${true} | ${'root'} | ${false} - ${true} | ${false} | ${'root'} | ${false} - ${true} | ${true} | ${'peter'} | ${false} - `( - 'passes the correct lock states', - async ({ canPushCode, canDownloadCode, username, canLock }) => { - gon.current_username = username; - - await createComponent( - { - pushCode: canPushCode, - downloadCode: canDownloadCode, - empty, - }, - mount, - ); - - expect(findBlobButtonGroup().props('canLock')).toBe(canLock); - }, - ); - it('does not render if not logged in', async () => { isLoggedIn.mockReturnValueOnce(false); diff --git a/spec/frontend/repository/mock_data.js b/spec/frontend/repository/mock_data.js index ce28de13184..a5ee17ba672 100644 --- a/spec/frontend/repository/mock_data.js +++ b/spec/frontend/repository/mock_data.js @@ -13,6 +13,7 @@ export const simpleViewerMock = { ideForkAndEditPath: 'some_file.js/fork/ide', canModifyBlob: true, canCurrentUserPushToBranch: true, + archived: false, storedExternally: false, externalStorage: 'lfs', rawPath: 'some_file.js', @@ -51,7 +52,7 @@ export const projectMock = { nodes: [ { id: 'test', - path: simpleViewerMock.path, + path: 'locked_file.js', user: { id: '123', username: 'root' }, }, ], @@ -76,6 +77,8 @@ export const blobControlsDataMock = { blamePath: 'blame/file.js', historyPath: 'history/file.js', permalinkPath: 'permalink/file.js', + storedExternally: false, + externalStorage: '', }, ], }, diff --git a/spec/frontend/vue_shared/components/web_ide_link_spec.js b/spec/frontend/vue_shared/components/web_ide_link_spec.js index 40f4b25344a..659d93d6597 100644 --- a/spec/frontend/vue_shared/components/web_ide_link_spec.js +++ b/spec/frontend/vue_shared/components/web_ide_link_spec.js @@ -243,7 +243,7 @@ describe('Web IDE link component', () => { ])( 'emits the correct event when an action handler is called', async ({ props, expectedEventPayload }) => { - createComponent({ ...props, needsToFork: true }); + createComponent({ ...props, needsToFork: true, disableForkModal: true }); findActionsButton().props('actions')[0].handle(); diff --git a/spec/graphql/types/repository/blob_type_spec.rb b/spec/graphql/types/repository/blob_type_spec.rb index a888b58dc6c..8d845e5d814 100644 --- a/spec/graphql/types/repository/blob_type_spec.rb +++ b/spec/graphql/types/repository/blob_type_spec.rb @@ -35,6 +35,7 @@ RSpec.describe Types::Repository::BlobType do :plain_data, :can_modify_blob, :can_current_user_push_to_branch, + :archived, :ide_edit_path, :external_storage_url, :fork_and_edit_path, diff --git a/spec/helpers/environment_helper_spec.rb b/spec/helpers/environment_helper_spec.rb index 49937a3b53a..8e5f38cd95a 100644 --- a/spec/helpers/environment_helper_spec.rb +++ b/spec/helpers/environment_helper_spec.rb @@ -21,6 +21,16 @@ RSpec.describe EnvironmentHelper do expect(html).to have_css('a.ci-status.ci-success') end end + + context 'for a blocked deployment' do + subject { helper.render_deployment_status(deployment) } + + let(:deployment) { build(:deployment, :blocked) } + + it 'indicates the status' do + expect(subject).to have_text('blocked') + end + end end describe '#environments_detail_data_json' do diff --git a/spec/lib/gitlab/data_builder/archive_trace_spec.rb b/spec/lib/gitlab/data_builder/archive_trace_spec.rb new file mode 100644 index 00000000000..a310b0f0a94 --- /dev/null +++ b/spec/lib/gitlab/data_builder/archive_trace_spec.rb @@ -0,0 +1,19 @@ +# frozen_string_literal: true + +require 'spec_helper' + +RSpec.describe Gitlab::DataBuilder::ArchiveTrace do + let_it_be(:build) { create(:ci_build, :trace_artifact) } + + describe '.build' do + let(:data) { described_class.build(build) } + + it 'has correct attributes', :aggregate_failures do + expect(data[:object_kind]).to eq 'archive_trace' + expect(data[:trace_url]).to eq build.job_artifacts_trace.file.url + expect(data[:build_id]).to eq build.id + expect(data[:pipeline_id]).to eq build.pipeline_id + expect(data[:project]).to eq build.project.hook_attrs + end + end +end diff --git a/spec/models/integration_spec.rb b/spec/models/integration_spec.rb index 6e9dfb04057..7bc670302f1 100644 --- a/spec/models/integration_spec.rb +++ b/spec/models/integration_spec.rb @@ -107,33 +107,25 @@ RSpec.describe Integration do end end - describe '.confidential_note_hooks' do - it 'includes integrations where confidential_note_events is true' do - create(:integration, active: true, confidential_note_events: true) + shared_examples 'hook scope' do |hook_type| + describe ".#{hook_type}_hooks" do + it "includes services where #{hook_type}_events is true" do + create(:integration, active: true, "#{hook_type}_events": true) - expect(described_class.confidential_note_hooks.count).to eq 1 - end + expect(described_class.send("#{hook_type}_hooks").count).to eq 1 + end - it 'excludes integrations where confidential_note_events is false' do - create(:integration, active: true, confidential_note_events: false) + it "excludes services where #{hook_type}_events is false" do + create(:integration, active: true, "#{hook_type}_events": false) - expect(described_class.confidential_note_hooks.count).to eq 0 + expect(described_class.send("#{hook_type}_hooks").count).to eq 0 + end end end - describe '.alert_hooks' do - it 'includes integrations where alert_events is true' do - create(:integration, active: true, alert_events: true) - - expect(described_class.alert_hooks.count).to eq 1 - end - - it 'excludes integrations where alert_events is false' do - create(:integration, active: true, alert_events: false) - - expect(described_class.alert_hooks.count).to eq 0 - end - end + include_examples 'hook scope', 'confidential_note' + include_examples 'hook scope', 'alert' + include_examples 'hook scope', 'archive_trace' end describe '#operating?' do diff --git a/spec/models/integrations/datadog_spec.rb b/spec/models/integrations/datadog_spec.rb index 0607505e7d5..9856c53a390 100644 --- a/spec/models/integrations/datadog_spec.rb +++ b/spec/models/integrations/datadog_spec.rb @@ -38,6 +38,11 @@ RSpec.describe Integrations::Datadog do let(:pipeline_data) { Gitlab::DataBuilder::Pipeline.build(pipeline) } let(:build_data) { Gitlab::DataBuilder::Build.build(build) } + let(:archive_trace_data) do + create(:ci_job_artifact, :trace, job: build) + + Gitlab::DataBuilder::ArchiveTrace.build(build) + end it_behaves_like Integrations::HasWebHook do let(:integration) { instance } @@ -100,6 +105,13 @@ RSpec.describe Integrations::Datadog do end end + describe '#help' do + subject { instance.help } + + it { is_expected.to be_a(String) } + it { is_expected.not_to be_empty } + end + describe '#hook_url' do subject { instance.hook_url } @@ -161,10 +173,13 @@ RSpec.describe Integrations::Datadog do end before do + stub_feature_flags(datadog_integration_logs_collection: enable_logs_collection) stub_request(:post, expected_hook_url) saved_instance.execute(data) end + let(:enable_logs_collection) { true } + context 'with pipeline data' do let(:data) { pipeline_data } let(:expected_headers) { { ::Gitlab::WebHooks::GITLAB_EVENT_HEADER => 'Pipeline Hook' } } @@ -180,5 +195,19 @@ RSpec.describe Integrations::Datadog do it { expect(a_request(:post, expected_hook_url).with(headers: expected_headers, body: expected_body)).to have_been_made } end + + context 'with archive trace data' do + let(:data) { archive_trace_data } + let(:expected_headers) { { ::Gitlab::WebHooks::GITLAB_EVENT_HEADER => 'Archive Trace Hook' } } + let(:expected_body) { data.to_json } + + it { expect(a_request(:post, expected_hook_url).with(headers: expected_headers, body: expected_body)).to have_been_made } + + context 'but feature flag disabled' do + let(:enable_logs_collection) { false } + + it { expect(a_request(:post, expected_hook_url)).not_to have_been_made } + end + end end end diff --git a/spec/policies/blob_policy_spec.rb b/spec/policies/blob_policy_spec.rb index daabcd844af..2b0465f3615 100644 --- a/spec/policies/blob_policy_spec.rb +++ b/spec/policies/blob_policy_spec.rb @@ -5,9 +5,9 @@ require 'spec_helper' RSpec.describe BlobPolicy do include_context 'ProjectPolicyTable context' include ProjectHelpers - using RSpec::Parameterized::TableSyntax - let(:project) { create(:project, :repository, project_level) } + let_it_be_with_reload(:project) { create(:project, :repository) } + let(:user) { create_user_from_membership(project, membership) } let(:blob) { project.repository.blob_at(SeedRepo::FirstCommit::ID, 'README.md') } @@ -18,8 +18,9 @@ RSpec.describe BlobPolicy do end with_them do - it "grants permission" do + it 'grants permission' do enable_admin_mode!(user) if admin_mode + project.update!(visibility_level: Gitlab::VisibilityLevel.level_value(project_level.to_s)) update_feature_access_level(project, feature_access_level) if expected_count == 1 diff --git a/spec/presenters/blob_presenter_spec.rb b/spec/presenters/blob_presenter_spec.rb index 36bf09141e8..3bf592ed2b9 100644 --- a/spec/presenters/blob_presenter_spec.rb +++ b/spec/presenters/blob_presenter_spec.rb @@ -53,6 +53,10 @@ RSpec.describe BlobPresenter do end end + describe '#archived?' do + it { expect(presenter.archived?).to eq(project.archived) } + end + describe '#pipeline_editor_path' do context 'when blob is .gitlab-ci.yml' do before do diff --git a/spec/requests/api/integrations_spec.rb b/spec/requests/api/integrations_spec.rb index 649647804c0..033c80a5696 100644 --- a/spec/requests/api/integrations_spec.rb +++ b/spec/requests/api/integrations_spec.rb @@ -55,8 +55,10 @@ RSpec.describe API::Integrations do current_integration = project.integrations.first events = current_integration.event_names.empty? ? ["foo"].freeze : current_integration.event_names query_strings = [] - events.each do |event| - query_strings << "#{event}=#{!current_integration[event]}" + events.map(&:to_sym).each do |event| + event_value = !current_integration[event] + query_strings << "#{event}=#{event_value}" + integration_attrs[event] = event_value if integration_attrs[event].present? end query_strings = query_strings.join('&') diff --git a/spec/services/ci/archive_trace_service_spec.rb b/spec/services/ci/archive_trace_service_spec.rb index b08ba6fd5e5..bf2e5302d2e 100644 --- a/spec/services/ci/archive_trace_service_spec.rb +++ b/spec/services/ci/archive_trace_service_spec.rb @@ -15,6 +15,25 @@ RSpec.describe Ci::ArchiveTraceService, '#execute' do expect(job.trace_metadata.trace_artifact).to eq(job.job_artifacts_trace) end + context 'integration hooks' do + it do + stub_feature_flags(datadog_integration_logs_collection: [job.project]) + + expect(job.project).to receive(:execute_integrations) do |data, hook_type| + expect(data).to eq Gitlab::DataBuilder::ArchiveTrace.build(job) + expect(hook_type).to eq :archive_trace_hooks + end + expect { subject }.not_to raise_error + end + + it 'with feature flag disabled' do + stub_feature_flags(datadog_integration_logs_collection: false) + + expect(job.project).not_to receive(:execute_integrations) + expect { subject }.not_to raise_error + end + end + context 'when trace is already archived' do let!(:job) { create(:ci_build, :success, :trace_artifact) } diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index 7bfd455fedc..6d5036365e1 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -294,11 +294,6 @@ RSpec.configure do |config| # once the Vue issues page has feature parity with the current Haml page stub_feature_flags(vue_issues_list: false) - # Disable `refactor_blob_viewer` as we refactor - # the blob viewer. See the follwing epic for more: - # https://gitlab.com/groups/gitlab-org/-/epics/5531 - stub_feature_flags(refactor_blob_viewer: false) - # Disable `main_branch_over_master` as we migrate # from `master` to `main` accross our codebase. # It's done in order to preserve the concistency in tests |