diff options
45 files changed, 195 insertions, 41 deletions
diff --git a/GITALY_SERVER_VERSION b/GITALY_SERVER_VERSION index 940541c67ee..ef57bf3dfa9 100644 --- a/GITALY_SERVER_VERSION +++ b/GITALY_SERVER_VERSION @@ -1 +1 @@ -2177ee1ccbc6f2ae8b7c03b192a2a328443a3512 +8c09007d6a340364eda51476ab99a3d27c720713 diff --git a/app/assets/javascripts/vue_merge_request_widget/index.js b/app/assets/javascripts/vue_merge_request_widget/index.js index e8b97098a2b..5e9b72e13cf 100644 --- a/app/assets/javascripts/vue_merge_request_widget/index.js +++ b/app/assets/javascripts/vue_merge_request_widget/index.js @@ -29,6 +29,8 @@ export default () => { gl.mrWidgetData.gitlabLogo = gon.gitlab_logo; gl.mrWidgetData.defaultAvatarUrl = gon.default_avatar_url; + const dismissalDescriptions = JSON.parse(gl.mrWidgetData.dismissal_descriptions || '{}'); + // This is a false violation of @gitlab/no-runtime-template-compiler, since it // creates a new Vue instance by spreading a _valid_ Vue component definition // into the Vue constructor. @@ -43,6 +45,8 @@ export default () => { canCreatePipelineInTargetProject: parseBoolean( gl.mrWidgetData.can_create_pipeline_in_target_project, ), + commitPathTemplate: gl.mrWidgetData.commit_path_template, + dismissalDescriptions, }, ...MrWidgetOptions, apolloProvider, diff --git a/app/assets/stylesheets/_page_specific_files.scss b/app/assets/stylesheets/_page_specific_files.scss index a6377480fa7..be9a06d7bb5 100644 --- a/app/assets/stylesheets/_page_specific_files.scss +++ b/app/assets/stylesheets/_page_specific_files.scss @@ -8,6 +8,5 @@ @import './pages/notes'; @import './pages/pipelines'; @import './pages/profile'; -@import './pages/projects'; @import './pages/registry'; @import './pages/settings'; diff --git a/app/assets/stylesheets/pages/projects.scss b/app/assets/stylesheets/page_bundles/projects.scss index 9ce470dbcf2..68139c55f5a 100644 --- a/app/assets/stylesheets/pages/projects.scss +++ b/app/assets/stylesheets/page_bundles/projects.scss @@ -1,3 +1,5 @@ +@import 'mixins_and_variables_and_functions'; + .new_project, .edit-project, .import-project { @@ -6,7 +8,7 @@ } .project-path .form-control { - border-radius: $border-radius-base; + border-radius: $gl-border-radius-base; } .input-group { @@ -47,7 +49,7 @@ } + .btn-default { - border-radius: 0 $border-radius-base $border-radius-base 0; + border-radius: 0 $gl-border-radius-base $gl-border-radius-base 0; } } } diff --git a/app/models/integrations/base_chat_notification.rb b/app/models/integrations/base_chat_notification.rb index 2c929dc2cb3..e6936318f42 100644 --- a/app/models/integrations/base_chat_notification.rb +++ b/app/models/integrations/base_chat_notification.rb @@ -13,6 +13,8 @@ module Integrations tag_push pipeline wiki_page deployment incident ].freeze + GROUP_ONLY_SUPPORTED_EVENTS = %w[group_mention group_confidential_mention].freeze + SUPPORTED_EVENTS_FOR_LABEL_FILTER = %w[issue confidential_issue merge_request note confidential_note].freeze EVENT_CHANNEL = proc { |event| "#{event}_channel" } @@ -30,6 +32,7 @@ module Integrations # Custom serialized properties initialization prop_accessor(*SUPPORTED_EVENTS.map { |event| EVENT_CHANNEL[event] }) + prop_accessor(*GROUP_ONLY_SUPPORTED_EVENTS.map { |event| EVENT_CHANNEL[event] }) boolean_accessor :notify_only_default_branch @@ -251,6 +254,8 @@ module Integrations Integrations::ChatMessage::DeploymentMessage.new(data) if notify_for_ref?(data) when "incident" Integrations::ChatMessage::IssueMessage.new(data) unless update?(data) + when "group_mention" + Integrations::ChatMessage::GroupMentionMessage.new(data) end end # rubocop:enable Metrics/CyclomaticComplexity diff --git a/app/models/integrations/base_slack_notification.rb b/app/models/integrations/base_slack_notification.rb index 65aec8b278f..09a0c9ba361 100644 --- a/app/models/integrations/base_slack_notification.rb +++ b/app/models/integrations/base_slack_notification.rb @@ -7,8 +7,6 @@ module Integrations ].freeze prop_accessor EVENT_CHANNEL['alert'] - prop_accessor EVENT_CHANNEL['group_mention'] - prop_accessor EVENT_CHANNEL['group_confidential_mention'] override :default_channel_placeholder def default_channel_placeholder @@ -18,7 +16,6 @@ module Integrations override :get_message def get_message(object_kind, data) return Integrations::ChatMessage::AlertMessage.new(data) if object_kind == 'alert' - return Integrations::ChatMessage::GroupMentionMessage.new(data) if object_kind == 'group_mention' super end diff --git a/app/models/integrations/discord.rb b/app/models/integrations/discord.rb index 7917d17eb62..33b2b52fa62 100644 --- a/app/models/integrations/discord.rb +++ b/app/models/integrations/discord.rb @@ -42,6 +42,13 @@ module Integrations s_('DiscordService|Override the default webhook (e.g. https://discord.com/api/webhooks/…)') end + override :supported_events + def supported_events + additional = group_level? ? %w[group_mention group_confidential_mention] : [] + + (self.class.supported_events + additional).freeze + end + def self.supported_events %w[push issue confidential_issue merge_request note confidential_note tag_push pipeline wiki_page deployment] end diff --git a/app/models/users/callout.rb b/app/models/users/callout.rb index 0136cc6bb2d..60dd89c3ee7 100644 --- a/app/models/users/callout.rb +++ b/app/models/users/callout.rb @@ -75,7 +75,8 @@ module Users namespace_over_storage_users_combined_alert: 73, # EE-only # 74 removed in https://gitlab.com/gitlab-org/gitlab/-/merge_requests/132751 vsd_feedback_banner: 75, # EE-only - security_policy_protected_branch_modification: 76 # EE-only + security_policy_protected_branch_modification: 76, # EE-only + vulnerability_report_grouping: 77 # EE-only } validates :feature_name, diff --git a/app/views/admin/projects/index.html.haml b/app/views/admin/projects/index.html.haml index 31ec4935f64..412d8e64e89 100644 --- a/app/views/admin/projects/index.html.haml +++ b/app/views/admin/projects/index.html.haml @@ -1,5 +1,6 @@ - page_title _('Projects') - add_page_specific_style 'page_bundles/search' +- add_page_specific_style 'page_bundles/projects' - params[:visibility_level] ||= [] .top-area.gl-flex-direction-column-reverse diff --git a/app/views/admin/projects/show.html.haml b/app/views/admin/projects/show.html.haml index 85dce00752b..6be5aa003fc 100644 --- a/app/views/admin/projects/show.html.haml +++ b/app/views/admin/projects/show.html.haml @@ -1,4 +1,5 @@ - add_page_specific_style 'page_bundles/members' +- add_page_specific_style 'page_bundles/projects' - add_to_breadcrumbs _("Projects"), admin_projects_path - breadcrumb_title @project.full_name - page_title @project.full_name, _("Projects") diff --git a/app/views/dashboard/projects/index.html.haml b/app/views/dashboard/projects/index.html.haml index 140bc6e06c3..c74a9f4cbe6 100644 --- a/app/views/dashboard/projects/index.html.haml +++ b/app/views/dashboard/projects/index.html.haml @@ -5,6 +5,7 @@ - page_title _("Projects") - add_page_specific_style 'page_bundles/dashboard_projects' +- add_page_specific_style 'page_bundles/projects' = render "projects/last_push" - if show_projects?(@projects, params) diff --git a/app/views/groups/projects.html.haml b/app/views/groups/projects.html.haml index 22e9f9f5071..76758769d01 100644 --- a/app/views/groups/projects.html.haml +++ b/app/views/groups/projects.html.haml @@ -1,5 +1,6 @@ - breadcrumb_title _("Projects") - page_title _("Projects") +- add_page_specific_style 'page_bundles/projects' - @force_desktop_expanded_sidebar = true = render Pajamas::CardComponent.new(card_options: { class: 'gl-new-card js-search-settings-section' }, header_options: { class: 'gl-new-card-header gl-display-flex' }, body_options: { class: 'gl-new-card-body' }) do |c| diff --git a/app/views/layouts/_head.html.haml b/app/views/layouts/_head.html.haml index bb492913346..37d03bde72e 100644 --- a/app/views/layouts/_head.html.haml +++ b/app/views/layouts/_head.html.haml @@ -4,7 +4,7 @@ -# This is a temporary place for the page specific style migrations to be included on all pages like page_specific_files - if Feature.disabled?(:page_specific_styles, current_user) - - add_page_specific_style('page_bundles/labels') + - add_page_specific_style('page_bundles/projects') %head{ omit_og ? { } : { prefix: "og: http://ogp.me/ns#" } } %meta{ charset: "utf-8" } diff --git a/app/views/layouts/project_settings.html.haml b/app/views/layouts/project_settings.html.haml index 29e30c4434f..7e5dd0d37c9 100644 --- a/app/views/layouts/project_settings.html.haml +++ b/app/views/layouts/project_settings.html.haml @@ -1,6 +1,7 @@ - page_title _("Settings") - nav "project" - add_page_specific_style 'page_bundles/settings' +- add_page_specific_style 'page_bundles/projects' - enable_search_settings locals: { container_class: 'gl-my-5' } diff --git a/app/views/profiles/keys/_key_details.html.haml b/app/views/profiles/keys/_key_details.html.haml index 1307c388041..94671b69b5e 100644 --- a/app/views/profiles/keys/_key_details.html.haml +++ b/app/views/profiles/keys/_key_details.html.haml @@ -46,7 +46,7 @@ .gl-display-flex %pre.well-pre.gl-pl-5.gl-mb-0.gl-border-0 = @key.key - = deprecated_clipboard_button(title: s_('Profiles|Copy SSH key'), text: @key.key, class: 'gl-bg-gray-10 gl-px-3! gl-border-none! gl-rounded-top-left-none! gl-rounded-bottom-left-none!') + = clipboard_button(title: s_('Profiles|Copy SSH key'), text: @key.key, category: :tertiary, size: :medium) = render Pajamas::CardComponent.new(card_options: { class: 'gl-new-card' }, header_options: { class: 'gl-new-card-header' }, body_options: { class: 'gl-new-card-body gl-px-0'}) do |c| - c.with_header do diff --git a/app/views/projects/blame/show.html.haml b/app/views/projects/blame/show.html.haml index e2cad2fb3d7..bd0f4577a32 100644 --- a/app/views/projects/blame/show.html.haml +++ b/app/views/projects/blame/show.html.haml @@ -1,5 +1,6 @@ - page_title _("Blame"), @blob.path, @ref - add_page_specific_style 'page_bundles/tree' +- add_page_specific_style 'page_bundles/projects' - blame_streaming_url = blame_pages_streaming_url(@id, @project) - if @blame_mode.streaming? && @blame_pagination.total_extra_pages > 0 diff --git a/app/views/projects/blob/_blob.html.haml b/app/views/projects/blob/_blob.html.haml index 543bdaf46df..2d9b7ada015 100644 --- a/app/views/projects/blob/_blob.html.haml +++ b/app/views/projects/blob/_blob.html.haml @@ -2,6 +2,7 @@ - project = @project.present(current_user: current_user) - ref = local_assigns[:ref] || @ref - expanded = params[:expanded].present? +- add_page_specific_style 'page_bundles/projects' -# If the blob has a RichViewer we preload the content except for GeoJSON since it is handled by Vue - if blob.rich_viewer && blob.extension != 'geojson' - add_page_startup_api_call local_assigns.fetch(:viewer_url) { url_for(safe_params.merge(viewer: blob.rich_viewer.type, format: :json)) } diff --git a/app/views/projects/buttons/_clone.html.haml b/app/views/projects/buttons/_clone.html.haml index b5679bc512c..0e645eda678 100644 --- a/app/views/projects/buttons/_clone.html.haml +++ b/app/views/projects/buttons/_clone.html.haml @@ -15,7 +15,7 @@ .input-group.btn-group = text_field_tag :ssh_project_clone, ssh_clone_url_to_repo(project), class: "js-select-on-focus form-control", readonly: true, aria: { label: _('Repository clone URL') }, data: { qa_selector: 'ssh_clone_url_content' } .input-group-append - = deprecated_clipboard_button(target: '#ssh_project_clone', title: _("Copy URL"), class: "input-group-text gl-button btn btn-icon btn-default") + = clipboard_button(target: '#ssh_project_clone', title: _("Copy URL"), category: :primary, size: :medium) = render_if_exists 'projects/buttons/geo' - if http_enabled? %li.pt-2{ class: 'gl-px-4!' } @@ -24,7 +24,7 @@ .input-group.btn-group = text_field_tag :http_project_clone, http_clone_url_to_repo(project), class: "js-select-on-focus form-control", readonly: true, aria: { label: _('Repository clone URL') }, data: { qa_selector: 'http_clone_url_content' } .input-group-append - = deprecated_clipboard_button(target: '#http_project_clone', title: _("Copy URL"), class: "input-group-text gl-button btn btn-icon btn-default") + = clipboard_button(target: '#http_project_clone', title: _("Copy URL"), category: :primary, size: :medium) = render_if_exists 'projects/buttons/geo' = render_if_exists 'projects/buttons/kerberos_clone_field' %li.divider.mt-2 diff --git a/app/views/projects/commits/show.html.haml b/app/views/projects/commits/show.html.haml index 1034f06f722..be2bf43cbb9 100644 --- a/app/views/projects/commits/show.html.haml +++ b/app/views/projects/commits/show.html.haml @@ -1,6 +1,7 @@ - breadcrumb_title _("Commits") - add_page_specific_style 'page_bundles/tree' - add_page_specific_style 'page_bundles/merge_request' +- add_page_specific_style 'page_bundles/projects' - page_title _("Commits"), @ref = content_for :meta_tags do diff --git a/app/views/projects/find_file/show.html.haml b/app/views/projects/find_file/show.html.haml index 021c40214fc..0c760ab82c9 100644 --- a/app/views/projects/find_file/show.html.haml +++ b/app/views/projects/find_file/show.html.haml @@ -1,5 +1,6 @@ - page_title _("Find File"), @ref - add_page_specific_style 'page_bundles/tree' +- add_page_specific_style 'page_bundles/projects' - tree_path = project_tree_path(@project, @ref) - blob_path = project_blob_path(@project, @ref) diff --git a/app/views/projects/new.html.haml b/app/views/projects/new.html.haml index bf288d3601b..40acd123aaa 100644 --- a/app/views/projects/new.html.haml +++ b/app/views/projects/new.html.haml @@ -3,6 +3,7 @@ - page_title _('New Project') - header_title _("Projects"), dashboard_projects_path - add_page_specific_style 'page_bundles/new_namespace' +- add_page_specific_style 'page_bundles/projects' .project-edit-container .project-edit-errors diff --git a/app/views/projects/tree/_tree_header.html.haml b/app/views/projects/tree/_tree_header.html.haml index 44b16ba2d89..37f27aa7caf 100644 --- a/app/views/projects/tree/_tree_header.html.haml +++ b/app/views/projects/tree/_tree_header.html.haml @@ -1,3 +1,5 @@ +- add_page_specific_style 'page_bundles/projects' + .tree-ref-container.gl-display-flex.gl-flex-wrap.gl-gap-2.mb-2.mb-md-0 .tree-ref-holder.gl-max-w-26{ data: { testid: 'ref-dropdown-container' } } #js-tree-ref-switcher{ data: { project_id: @project.id, ref_type: @ref_type.to_s, project_root_path: project_path(@project) } } diff --git a/app/views/shared/projects/_list.html.haml b/app/views/shared/projects/_list.html.haml index 17bf2e822cf..14785870dc0 100644 --- a/app/views/shared/projects/_list.html.haml +++ b/app/views/shared/projects/_list.html.haml @@ -1,3 +1,4 @@ +- add_page_specific_style 'page_bundles/projects' - projects_limit = 20 unless local_assigns[:projects_limit] - avatar = true unless local_assigns[:avatar] == false - use_creator_avatar = false unless local_assigns[:use_creator_avatar] == true diff --git a/app/views/users/show.html.haml b/app/views/users/show.html.haml index ac7c40095a7..0881c5bba54 100644 --- a/app/views/users/show.html.haml +++ b/app/views/users/show.html.haml @@ -5,6 +5,7 @@ - page_description @user.bio unless @user.blocked? || !@user.confirmed? - page_itemtype 'http://schema.org/Person' - add_page_specific_style 'page_bundles/profile' +- add_page_specific_style 'page_bundles/projects' - if show_super_sidebar? - @left_sidebar = true - @force_desktop_expanded_sidebar = true diff --git a/app/workers/gitlab/import/advance_stage.rb b/app/workers/gitlab/import/advance_stage.rb index 18f8ab46dde..180c08905ff 100644 --- a/app/workers/gitlab/import/advance_stage.rb +++ b/app/workers/gitlab/import/advance_stage.rb @@ -30,7 +30,6 @@ module Gitlab return end - project = Project.find_by_id(project_id) new_waiters = wait_for_jobs(waiters) new_job_count = new_waiters.values.sum @@ -42,8 +41,7 @@ module Gitlab if new_waiters.empty? proceed_to_next_stage(import_state_jid, next_stage, project_id) - elsif Feature.enabled?(:advance_stage_timeout, project) && timeout_reached?(timeout_timer) && - new_job_count == previous_job_count + elsif timeout_reached?(timeout_timer) && new_job_count == previous_job_count handle_timeout(import_state_jid, next_stage, project_id, new_waiters, new_job_count) else diff --git a/config/application.rb b/config/application.rb index 4d62e39b931..57ec7052e93 100644 --- a/config/application.rb +++ b/config/application.rb @@ -339,6 +339,7 @@ module Gitlab config.assets.precompile << "page_bundles/profile_two_factor_auth.css" config.assets.precompile << "page_bundles/profiles/preferences.css" config.assets.precompile << "page_bundles/project.css" + config.assets.precompile << "page_bundles/projects.css" config.assets.precompile << "page_bundles/projects_edit.css" config.assets.precompile << "page_bundles/promotions.css" config.assets.precompile << "page_bundles/releases.css" diff --git a/config/feature_flags/development/advance_stage_timeout.yml b/config/feature_flags/development/advance_stage_timeout.yml deleted file mode 100644 index 9bedf0b39f4..00000000000 --- a/config/feature_flags/development/advance_stage_timeout.yml +++ /dev/null @@ -1,8 +0,0 @@ ---- -name: advance_stage_timeout -introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/131312 -rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/425490 -milestone: '16.5' -type: development -group: group::import and integrate -default_enabled: false diff --git a/config/locales/doorkeeper.en.yml b/config/locales/doorkeeper.en.yml index ddbd4380d8f..ae8eea3bbda 100644 --- a/config/locales/doorkeeper.en.yml +++ b/config/locales/doorkeeper.en.yml @@ -162,6 +162,10 @@ en: Grants read access (pull) to the Container Registry images if a project is private and authorization is required. write_registry: Grants write access (push) to the Container Registry. + read_observability: + Grants read-only access to GitLab Observability. + write_observability: + Grants write access to GitLab Observability. create_runner: Grants create access to the runners. k8s_proxy: diff --git a/db/migrate/20231011150241_add_external_participants_from_cc_to_service_desk_settings.rb b/db/migrate/20231011150241_add_external_participants_from_cc_to_service_desk_settings.rb new file mode 100644 index 00000000000..7e313657265 --- /dev/null +++ b/db/migrate/20231011150241_add_external_participants_from_cc_to_service_desk_settings.rb @@ -0,0 +1,9 @@ +# frozen_string_literal: true + +class AddExternalParticipantsFromCcToServiceDeskSettings < Gitlab::Database::Migration[2.1] + enable_lock_retries! + + def change + add_column :service_desk_settings, :add_external_participants_from_cc, :boolean, null: false, default: false + end +end diff --git a/db/schema_migrations/20231011150241 b/db/schema_migrations/20231011150241 new file mode 100644 index 00000000000..f6fad411bf9 --- /dev/null +++ b/db/schema_migrations/20231011150241 @@ -0,0 +1 @@ +92e1c02f769e19e0a0eb6a5e23d2ae54cb02d4d1e1d6d2532dca736ae3d97cee
\ No newline at end of file diff --git a/db/structure.sql b/db/structure.sql index ae28b95708c..48b25ae3cfc 100644 --- a/db/structure.sql +++ b/db/structure.sql @@ -23119,6 +23119,7 @@ CREATE TABLE service_desk_settings ( encrypted_custom_email_smtp_password bytea, encrypted_custom_email_smtp_password_iv bytea, service_desk_enabled boolean DEFAULT true NOT NULL, + add_external_participants_from_cc boolean DEFAULT false NOT NULL, CONSTRAINT check_57a79552e1 CHECK ((char_length(custom_email) <= 255)), CONSTRAINT check_b283637a9e CHECK ((char_length(custom_email_smtp_address) <= 255)), CONSTRAINT check_e3535d46ee CHECK ((char_length(custom_email_smtp_username) <= 255)) diff --git a/doc/api/graphql/reference/index.md b/doc/api/graphql/reference/index.md index 3d0e9c113d7..4668fb6dcc0 100644 --- a/doc/api/graphql/reference/index.md +++ b/doc/api/graphql/reference/index.md @@ -29527,6 +29527,7 @@ Name of the feature that the callout is for. | <a id="usercalloutfeaturenameenumuser_reached_limit_free_plan_alert"></a>`USER_REACHED_LIMIT_FREE_PLAN_ALERT` | Callout feature name for user_reached_limit_free_plan_alert. | | <a id="usercalloutfeaturenameenumverification_reminder"></a>`VERIFICATION_REMINDER` | Callout feature name for verification_reminder. | | <a id="usercalloutfeaturenameenumvsd_feedback_banner"></a>`VSD_FEEDBACK_BANNER` | Callout feature name for vsd_feedback_banner. | +| <a id="usercalloutfeaturenameenumvulnerability_report_grouping"></a>`VULNERABILITY_REPORT_GROUPING` | Callout feature name for vulnerability_report_grouping. | | <a id="usercalloutfeaturenameenumweb_ide_alert_dismissed"></a>`WEB_IDE_ALERT_DISMISSED` | Callout feature name for web_ide_alert_dismissed. | | <a id="usercalloutfeaturenameenumweb_ide_ci_environments_guidance"></a>`WEB_IDE_CI_ENVIRONMENTS_GUIDANCE` | Callout feature name for web_ide_ci_environments_guidance. | diff --git a/doc/api/integrations.md b/doc/api/integrations.md index 47ab7ab805c..35ec97ced05 100644 --- a/doc/api/integrations.md +++ b/doc/api/integrations.md @@ -485,6 +485,10 @@ Parameters: | `confidential_note_channel` | string | false | The webhook override to receive notifications for confidential note events. | | `deployment_events` | boolean | false | Enable notifications for deployment events. | | `deployment_channel` | string | false | The webhook override to receive notifications for deployment events. | +| `group_confidential_mentions_events` | boolean | false | Enable notifications for group confidential mention events. | +| `group_confidential_mentions_channel` | string | false | The webhook override to receive notifications for group confidential mention events. | +| `group_mentions_events` | boolean | false | Enable notifications for group mention events. | +| `group_mentions_channel` | string | false | The webhook override to receive notifications for group mention events. | | `issues_events` | boolean | false | Enable notifications for issue events. | | `issue_channel` | string | false | The webhook override to receive notifications for issue events. | | `merge_requests_events` | boolean | false | Enable notifications for merge request events. | diff --git a/doc/architecture/blueprints/new_diffs.md b/doc/architecture/blueprints/new_diffs.md index f8adcda573b..b5aeb9b8aa8 100644 --- a/doc/architecture/blueprints/new_diffs.md +++ b/doc/architecture/blueprints/new_diffs.md @@ -37,6 +37,22 @@ optional. - What is out of scope for this blueprint? --> +### Priority of Goals + +In an effort to provide guidance on which goals are more important than others to assist in making +consistent choices, despite all goals being important, we defined the following order. + +**Perceived performance** is above **improved maintainability** is above **consistent coverage**. + +Examples: + +- a proposal improves maintainability at the cost of perceived performance: ❌ we should consider an alternative. +- a proposal removes a feature from certain contexts, hurting coverage, and has no impact on perceived performance or maintanability: ❌ we should re-consider. +- a proposal improves perceived performance but removes features from certain contexts of usage: ✅ it's valid and should be discussed with Product/UX. +- a proposal guarantees consistent coverage and has no impact on perceived performance or maintainability: ✅ it's valid. + +In essence, we'll strive to meet every goal at each decision but prioritise the higher ones. + ## Proposal <!-- diff --git a/lib/gitlab/auth.rb b/lib/gitlab/auth.rb index 110422f677a..fc1f7a1583c 100644 --- a/lib/gitlab/auth.rb +++ b/lib/gitlab/auth.rb @@ -431,7 +431,8 @@ module Gitlab end def unavailable_observability_scopes_for_resource(resource) - return [] if resource.is_a?(Group) && Gitlab::Observability.should_enable_observability_auth_scopes?(resource) + return [] if (resource.is_a?(Project) || resource.is_a?(Group)) && + Gitlab::Observability.should_enable_observability_auth_scopes?(resource) OBSERVABILITY_SCOPES end diff --git a/lib/gitlab/ci/templates/Jobs/Build.gitlab-ci.yml b/lib/gitlab/ci/templates/Jobs/Build.gitlab-ci.yml index 969884048f3..2d04c97b32e 100644 --- a/lib/gitlab/ci/templates/Jobs/Build.gitlab-ci.yml +++ b/lib/gitlab/ci/templates/Jobs/Build.gitlab-ci.yml @@ -1,5 +1,5 @@ variables: - AUTO_BUILD_IMAGE_VERSION: 'v1.42.0' + AUTO_BUILD_IMAGE_VERSION: 'v1.44.0' build: stage: build diff --git a/lib/gitlab/ci/templates/Jobs/Build.latest.gitlab-ci.yml b/lib/gitlab/ci/templates/Jobs/Build.latest.gitlab-ci.yml index 969884048f3..2d04c97b32e 100644 --- a/lib/gitlab/ci/templates/Jobs/Build.latest.gitlab-ci.yml +++ b/lib/gitlab/ci/templates/Jobs/Build.latest.gitlab-ci.yml @@ -1,5 +1,5 @@ variables: - AUTO_BUILD_IMAGE_VERSION: 'v1.42.0' + AUTO_BUILD_IMAGE_VERSION: 'v1.44.0' build: stage: build diff --git a/lib/gitlab/observability.rb b/lib/gitlab/observability.rb index d2795a33b08..d42d10cd0f4 100644 --- a/lib/gitlab/observability.rb +++ b/lib/gitlab/observability.rb @@ -22,9 +22,14 @@ module Gitlab "#{Gitlab::Observability.observability_url}/v3/tenant/#{project.id}" end - def should_enable_observability_auth_scopes?(group) - # Enable the needed auth scopes if tracing is enabled. - Feature.enabled?(:observability_tracing, group.root_ancestor) + def should_enable_observability_auth_scopes?(resource) + # Enable the needed oauth scopes if tracing is enabled. + if resource.is_a?(Group) || resource.is_a?(Project) + return Feature.enabled?(:observability_tracing, + resource.root_ancestor) + end + + false end end end diff --git a/locale/gitlab.pot b/locale/gitlab.pot index 72c4bc58d40..bb9f7e019ff 100644 --- a/locale/gitlab.pot +++ b/locale/gitlab.pot @@ -43125,6 +43125,9 @@ msgstr "" msgid "SecurityReports|Failed updating vulnerabilities with the following IDs: %{ids}" msgstr "" +msgid "SecurityReports|Group your vulnerabilities by one of the provided categories. Leave feedback or suggestions in %{feedbackIssueStart}this issue%{feedbackIssueEnd}." +msgstr "" + msgid "SecurityReports|Has issue" msgstr "" @@ -43182,6 +43185,9 @@ msgstr "" msgid "SecurityReports|More info" msgstr "" +msgid "SecurityReports|New feature: Grouping" +msgstr "" + msgid "SecurityReports|No longer detected" msgstr "" diff --git a/spec/lib/gitlab/auth_spec.rb b/spec/lib/gitlab/auth_spec.rb index 6994d3021f2..f5b9555916c 100644 --- a/spec/lib/gitlab/auth_spec.rb +++ b/spec/lib/gitlab/auth_spec.rb @@ -55,8 +55,8 @@ RSpec.describe Gitlab::Auth, :use_clean_rails_memory_store_caching, feature_cate expect(subject.available_scopes_for(user)).to match_array %i[api read_user read_api read_repository write_repository read_registry write_registry sudo admin_mode create_runner k8s_proxy] end - it 'contains for project all resource bot scopes without observability scopes and ai_features' do - expect(subject.available_scopes_for(project)).to match_array %i[api read_api read_repository write_repository read_registry write_registry create_runner k8s_proxy] + it 'contains for project all resource bot scopes without ai_features' do + expect(subject.available_scopes_for(project)).to match_array %i[api read_api read_repository write_repository read_registry write_registry read_observability write_observability create_runner k8s_proxy] end it 'contains for group all resource bot scopes' do @@ -114,6 +114,15 @@ RSpec.describe Gitlab::Auth, :use_clean_rails_memory_store_caching, feature_cate expect(subject.available_scopes_for(group)).to match_array %i[api read_api read_repository write_repository read_registry write_registry create_runner k8s_proxy] end + + it 'contains for project all resource bot scopes without observability scopes' do + group = build_stubbed(:group).tap do |g| + g.namespace_settings = build_stubbed(:namespace_settings, namespace: g) + end + project = build_stubbed(:project, namespace: group) + + expect(subject.available_scopes_for(project)).to match_array %i[api read_api read_repository write_repository read_registry write_registry create_runner k8s_proxy] + end end context 'when enabled for specific root group' do @@ -122,11 +131,13 @@ RSpec.describe Gitlab::Auth, :use_clean_rails_memory_store_caching, feature_cate build_stubbed(:group, parent: parent).tap { |g| g.namespace_settings = build_stubbed(:namespace_settings, namespace: g) } end + let(:project) { build_stubbed(:project, namespace: group) } + before do stub_feature_flags(observability_tracing: parent) end - it 'contains for other group all resource bot scopes including observability scopes' do + it 'contains for group all resource bot scopes including observability scopes' do expect(subject.available_scopes_for(group)).to match_array %i[api read_api read_repository write_repository read_registry write_registry read_observability write_observability create_runner k8s_proxy] end @@ -136,8 +147,8 @@ RSpec.describe Gitlab::Auth, :use_clean_rails_memory_store_caching, feature_cate expect(subject.available_scopes_for(user)).to match_array %i[api read_user read_api read_repository write_repository read_registry write_registry sudo admin_mode create_runner k8s_proxy] end - it 'contains for project all resource bot scopes without observability scopes' do - expect(subject.available_scopes_for(project)).to match_array %i[api read_api read_repository write_repository read_registry write_registry create_runner k8s_proxy] + it 'contains for project all resource bot scopes including observability scopes' do + expect(subject.available_scopes_for(project)).to match_array %i[api read_api read_repository write_repository read_registry write_registry read_observability write_observability create_runner k8s_proxy] end it 'contains for other group all resource bot scopes without observability scopes' do @@ -148,6 +159,16 @@ RSpec.describe Gitlab::Auth, :use_clean_rails_memory_store_caching, feature_cate expect(subject.available_scopes_for(other_group)).to match_array %i[api read_api read_repository write_repository read_registry write_registry create_runner k8s_proxy] end + + it 'contains for other project all resource bot scopes without observability scopes' do + other_parent = build_stubbed(:group) + other_group = build_stubbed(:group, parent: other_parent).tap do |g| + g.namespace_settings = build_stubbed(:namespace_settings, namespace: g) + end + other_project = build_stubbed(:project, namespace: other_group) + + expect(subject.available_scopes_for(other_project)).to match_array %i[api read_api read_repository write_repository read_registry write_registry create_runner k8s_proxy] + end end end diff --git a/spec/lib/gitlab/observability_spec.rb b/spec/lib/gitlab/observability_spec.rb index 10e3e74f499..7af2daea11c 100644 --- a/spec/lib/gitlab/observability_spec.rb +++ b/spec/lib/gitlab/observability_spec.rb @@ -47,10 +47,10 @@ RSpec.describe Gitlab::Observability, feature_category: :error_tracking do end describe '.should_enable_observability_auth_scopes?' do - subject { described_class.should_enable_observability_auth_scopes?(group) } + subject { described_class.should_enable_observability_auth_scopes?(resource) } let(:parent) { build_stubbed(:group) } - let(:group) do + let(:resource) do build_stubbed(:group, parent: parent).tap do |g| g.namespace_settings = build_stubbed(:namespace_settings, namespace: g) end @@ -60,15 +60,39 @@ RSpec.describe Gitlab::Observability, feature_category: :error_tracking do stub_feature_flags(observability_tracing: parent) end - context 'if observability_tracing FF enabled' do - it { is_expected.to be true } + describe 'when resource is group' do + context 'if observability_tracing FF enabled' do + it { is_expected.to be true } + end + + context 'if observability_tracing FF disabled' do + before do + stub_feature_flags(observability_tracing: false) + end + + it { is_expected.to be false } + end end - context 'if observability_tracing FF disabled' do - before do - stub_feature_flags(observability_tracing: false) + describe 'when resource is project' do + let(:resource) { build_stubbed(:project, namespace: parent) } + + context 'if observability_tracing FF enabled' do + it { is_expected.to be true } end + context 'if observability_tracing FF disabled' do + before do + stub_feature_flags(observability_tracing: false) + end + + it { is_expected.to be false } + end + end + + describe 'when resource is not a group or project' do + let(:resource) { build_stubbed(:user) } + it { is_expected.to be false } end end diff --git a/spec/models/integrations/discord_spec.rb b/spec/models/integrations/discord_spec.rb index bff4529211f..89c4dcd7e0e 100644 --- a/spec/models/integrations/discord_spec.rb +++ b/spec/models/integrations/discord_spec.rb @@ -18,6 +18,8 @@ RSpec.describe Integrations::Discord, feature_category: :integrations do ] } end + + it_behaves_like 'supports group mentions', :discord_integration end describe 'validations' do diff --git a/spec/models/integrations/slack_spec.rb b/spec/models/integrations/slack_spec.rb index 59ee3746d8f..0d82abd9e3d 100644 --- a/spec/models/integrations/slack_spec.rb +++ b/spec/models/integrations/slack_spec.rb @@ -9,4 +9,6 @@ RSpec.describe Integrations::Slack, feature_category: :integrations do stub_request(:post, integration.webhook) end end + + it_behaves_like 'supports group mentions', :integrations_slack end diff --git a/spec/requests/api/project_attributes.yml b/spec/requests/api/project_attributes.yml index c1270685575..ec98df22af7 100644 --- a/spec/requests/api/project_attributes.yml +++ b/spec/requests/api/project_attributes.yml @@ -193,5 +193,6 @@ build_service_desk_setting: # service_desk_setting - encrypted_custom_email_smtp_password - encrypted_custom_email_smtp_password_iv - custom_email_smtp_password + - add_external_participants_from_cc remapped_attributes: project_key: service_desk_address diff --git a/spec/support/shared_examples/models/chat_integration_shared_examples.rb b/spec/support/shared_examples/models/chat_integration_shared_examples.rb index 27b9ca901ef..0ff2c135972 100644 --- a/spec/support/shared_examples/models/chat_integration_shared_examples.rb +++ b/spec/support/shared_examples/models/chat_integration_shared_examples.rb @@ -389,3 +389,39 @@ RSpec.shared_examples "chat integration" do |integration_name, supports_deployme end end end + +RSpec.shared_examples 'supports group mentions' do |integration_factory| + it 'supports group mentions' do + allow(subject).to receive(:webhook).and_return('http://example.com') + allow(subject).to receive(:group_id).and_return(1) + expect(subject).to receive(:notify).with(an_instance_of(Integrations::ChatMessage::GroupMentionMessage), {}) + + subject.execute( + object_kind: 'group_mention', + object_attributes: { action: 'new', object_kind: 'issue' }, + mentioned: { name: 'John Doe', url: 'http://example.com' } + ) + end + + describe '#supported_events' do + context 'when used in a project' do + let_it_be(:project) { create(:project) } + let_it_be(:integration) { build(integration_factory, project: project) } + + it 'does not support group mentions', :aggregate_failures do + expect(integration.supported_events).not_to include('group_mention') + expect(integration.supported_events).not_to include('group_confidential_mention') + end + end + + context 'when used in a group' do + let_it_be(:group) { create(:group) } + let_it_be(:integration) { build(integration_factory, group: group) } + + it 'supports group mentions', :aggregate_failures do + expect(integration.supported_events).to include('group_mention') + expect(integration.supported_events).to include('group_confidential_mention') + end + end + end +end |