diff options
Diffstat (limited to 'lib')
-rw-r--r-- | lib/api/protected_branches.rb | 7 | ||||
-rw-r--r-- | lib/api/users.rb | 2 | ||||
-rw-r--r-- | lib/gitlab/alerting/alert.rb | 167 | ||||
-rw-r--r-- | lib/gitlab/alerting/alert_annotation.rb | 11 | ||||
-rw-r--r-- | lib/gitlab/ci/templates/Security/Dependency-Scanning.gitlab-ci.yml | 2 |
5 files changed, 187 insertions, 2 deletions
diff --git a/lib/api/protected_branches.rb b/lib/api/protected_branches.rb index c7665c20234..1fd86d1e720 100644 --- a/lib/api/protected_branches.rb +++ b/lib/api/protected_branches.rb @@ -19,10 +19,15 @@ module API end params do use :pagination + optional :search, type: String, desc: 'Search for a protected branch by name' end # rubocop: disable CodeReuse/ActiveRecord get ':id/protected_branches' do - protected_branches = user_project.protected_branches.preload(:push_access_levels, :merge_access_levels) + protected_branches = + ProtectedBranchesFinder + .new(user_project, params) + .execute + .preload(:push_access_levels, :merge_access_levels) present paginate(protected_branches), with: Entities::ProtectedBranch, project: user_project end diff --git a/lib/api/users.rb b/lib/api/users.rb index eba7c50435c..da64ff7e306 100644 --- a/lib/api/users.rb +++ b/lib/api/users.rb @@ -52,7 +52,7 @@ module API optional :external, type: Boolean, desc: 'Flag indicating the user is an external user' # TODO: remove rubocop disable - https://gitlab.com/gitlab-org/gitlab/issues/14960 optional :avatar, type: File, desc: 'Avatar image for user' # rubocop:disable Scalability/FileUploads - optional :private_profile, type: Boolean, default: false, desc: 'Flag indicating the user has a private profile' + optional :private_profile, type: Boolean, desc: 'Flag indicating the user has a private profile' all_or_none_of :extern_uid, :provider use :optional_params_ee diff --git a/lib/gitlab/alerting/alert.rb b/lib/gitlab/alerting/alert.rb new file mode 100644 index 00000000000..531307b93d4 --- /dev/null +++ b/lib/gitlab/alerting/alert.rb @@ -0,0 +1,167 @@ +# frozen_string_literal: true + +module Gitlab + module Alerting + class Alert + include ActiveModel::Model + include Gitlab::Utils::StrongMemoize + include Presentable + + attr_accessor :project, :payload + + def gitlab_alert + strong_memoize(:gitlab_alert) do + parse_gitlab_alert_from_payload + end + end + + def metric_id + strong_memoize(:metric_id) do + payload&.dig('labels', 'gitlab_alert_id') + end + end + + def title + strong_memoize(:title) do + gitlab_alert&.title || parse_title_from_payload + end + end + + def description + strong_memoize(:description) do + parse_description_from_payload + end + end + + def environment + strong_memoize(:environment) do + gitlab_alert&.environment || parse_environment_from_payload + end + end + + def annotations + strong_memoize(:annotations) do + parse_annotations_from_payload || [] + end + end + + def starts_at + strong_memoize(:starts_at) do + parse_datetime_from_payload('startsAt') + end + end + + def starts_at_raw + strong_memoize(:starts_at_raw) do + payload&.dig('startsAt') + end + end + + def ends_at + strong_memoize(:ends_at) do + parse_datetime_from_payload('endsAt') + end + end + + def full_query + strong_memoize(:full_query) do + gitlab_alert&.full_query || parse_expr_from_payload + end + end + + def alert_markdown + strong_memoize(:alert_markdown) do + parse_alert_markdown_from_payload + end + end + + def status + strong_memoize(:status) do + payload&.dig('status') + end + end + + def firing? + status == 'firing' + end + + def resolved? + status == 'resolved' + end + + def gitlab_managed? + metric_id.present? + end + + def valid? + payload.respond_to?(:dig) && project && title && starts_at + end + + def present + super(presenter_class: Projects::Prometheus::AlertPresenter) + end + + private + + def parse_environment_from_payload + environment_name = payload&.dig('labels', 'gitlab_environment_name') + + return unless environment_name + + EnvironmentsFinder.new(project, nil, { name: environment_name }) + .find + &.first + end + + def parse_gitlab_alert_from_payload + return unless metric_id + + Projects::Prometheus::AlertsFinder + .new(project: project, metric: metric_id) + .execute + .first + end + + def parse_title_from_payload + payload&.dig('annotations', 'title') || + payload&.dig('annotations', 'summary') || + payload&.dig('labels', 'alertname') + end + + def parse_description_from_payload + payload&.dig('annotations', 'description') + end + + def parse_annotations_from_payload + payload&.dig('annotations')&.map do |label, value| + Alerting::AlertAnnotation.new(label: label, value: value) + end + end + + def parse_datetime_from_payload(field) + value = payload&.dig(field) + return unless value + + Time.rfc3339(value) + rescue ArgumentError + end + + # Parses `g0.expr` from `generatorURL`. + # + # Example: http://localhost:9090/graph?g0.expr=vector%281%29&g0.tab=1 + def parse_expr_from_payload + url = payload&.dig('generatorURL') + return unless url + + uri = URI(url) + + Rack::Utils.parse_query(uri.query).fetch('g0.expr') + rescue URI::InvalidURIError, KeyError + end + + def parse_alert_markdown_from_payload + payload&.dig('annotations', 'gitlab_incident_markdown') + end + end + end +end diff --git a/lib/gitlab/alerting/alert_annotation.rb b/lib/gitlab/alerting/alert_annotation.rb new file mode 100644 index 00000000000..a4b3a97b08c --- /dev/null +++ b/lib/gitlab/alerting/alert_annotation.rb @@ -0,0 +1,11 @@ +# frozen_string_literal: true + +module Gitlab + module Alerting + class AlertAnnotation + include ActiveModel::Model + + attr_accessor :label, :value + end + end +end diff --git a/lib/gitlab/ci/templates/Security/Dependency-Scanning.gitlab-ci.yml b/lib/gitlab/ci/templates/Security/Dependency-Scanning.gitlab-ci.yml index 225fb7e5606..5ff6413898f 100644 --- a/lib/gitlab/ci/templates/Security/Dependency-Scanning.gitlab-ci.yml +++ b/lib/gitlab/ci/templates/Security/Dependency-Scanning.gitlab-ci.yml @@ -57,6 +57,8 @@ dependency_scanning: PIP_REQUIREMENTS_FILE \ MAVEN_CLI_OPTS \ BUNDLER_AUDIT_UPDATE_DISABLED \ + BUNDLER_AUDIT_ADVISORY_DB_URL \ + BUNDLER_AUDIT_ADVISORY_DB_REF_NAME \ ) \ --volume "$PWD:/code" \ --volume /var/run/docker.sock:/var/run/docker.sock \ |