diff options
Diffstat (limited to 'lib')
-rw-r--r-- | lib/api/helpers.rb | 6 | ||||
-rw-r--r-- | lib/api/helpers/authentication.rb | 5 | ||||
-rw-r--r-- | lib/api/internal/base.rb | 2 | ||||
-rw-r--r-- | lib/api/members.rb | 4 | ||||
-rw-r--r-- | lib/api/v3/github.rb | 2 | ||||
-rw-r--r-- | lib/banzai/filter/commit_trailers_filter.rb | 2 | ||||
-rw-r--r-- | lib/bulk_imports/clients/http.rb | 2 | ||||
-rw-r--r-- | lib/csv_builder.rb | 2 | ||||
-rw-r--r-- | lib/gitlab/auth/auth_finders.rb | 4 | ||||
-rw-r--r-- | lib/gitlab/ci/pipeline/chain/validate/external.rb | 28 | ||||
-rw-r--r-- | lib/gitlab/ci/trace.rb | 13 | ||||
-rw-r--r-- | lib/gitlab/conan_token.rb | 2 | ||||
-rw-r--r-- | lib/gitlab/health_checks/gitaly_check.rb | 2 | ||||
-rw-r--r-- | lib/gitlab/http_connection_adapter.rb | 14 | ||||
-rw-r--r-- | lib/gitlab/pages.rb | 2 | ||||
-rw-r--r-- | lib/gitlab/usage_data.rb | 2 | ||||
-rw-r--r-- | lib/gitlab/usage_data_counters/hll_redis_counter.rb | 2 | ||||
-rw-r--r-- | lib/learn_gitlab.rb | 6 |
18 files changed, 64 insertions, 36 deletions
diff --git a/lib/api/helpers.rb b/lib/api/helpers.rb index 1c6ff23dde6..51942088262 100644 --- a/lib/api/helpers.rb +++ b/lib/api/helpers.rb @@ -49,7 +49,11 @@ module API # Returns the job associated with the token provided for # authentication, if any def current_authenticated_job - @current_authenticated_job + if try(:namespace_inheritable, :authentication) + ci_build_from_namespace_inheritable + else + @current_authenticated_job # rubocop:disable Gitlab/ModuleWithInstanceVariables + end end # rubocop:disable Gitlab/ModuleWithInstanceVariables diff --git a/lib/api/helpers/authentication.rb b/lib/api/helpers/authentication.rb index a6cfe930190..da11f07485b 100644 --- a/lib/api/helpers/authentication.rb +++ b/lib/api/helpers/authentication.rb @@ -52,6 +52,11 @@ module API token&.user end + def ci_build_from_namespace_inheritable + token = token_from_namespace_inheritable + token if token.is_a?(::Ci::Build) + end + private def find_token_from_raw_credentials(token_types, raw) diff --git a/lib/api/internal/base.rb b/lib/api/internal/base.rb index 7800a9c0248..6332e5e9a17 100644 --- a/lib/api/internal/base.rb +++ b/lib/api/internal/base.rb @@ -23,7 +23,7 @@ module API helpers ::API::Helpers::InternalHelpers - UNKNOWN_CHECK_RESULT_ERROR = 'Unknown check result'.freeze + UNKNOWN_CHECK_RESULT_ERROR = 'Unknown check result' VALID_PAT_SCOPES = Set.new( Gitlab::Auth::API_SCOPES + Gitlab::Auth::REPOSITORY_SCOPES + Gitlab::Auth::REGISTRY_SCOPES diff --git a/lib/api/members.rb b/lib/api/members.rb index 42f608102b3..7cddeb50a25 100644 --- a/lib/api/members.rb +++ b/lib/api/members.rb @@ -155,6 +155,8 @@ module API desc 'Removes a user from a group or project.' params do requires :user_id, type: Integer, desc: 'The user ID of the member' + optional :skip_subresources, type: Boolean, default: false, + desc: 'Flag indicating if the deletion of direct memberships of the removed member in subgroups and projects should be skipped' optional :unassign_issuables, type: Boolean, default: false, desc: 'Flag indicating if the removed member should be unassigned from any issues or merge requests within given group or project' end @@ -164,7 +166,7 @@ module API member = source_members(source).find_by!(user_id: params[:user_id]) destroy_conditionally!(member) do - ::Members::DestroyService.new(current_user).execute(member, unassign_issuables: params[:unassign_issuables]) + ::Members::DestroyService.new(current_user).execute(member, skip_subresources: params[:skip_subresources], unassign_issuables: params[:unassign_issuables]) end end # rubocop: enable CodeReuse/ActiveRecord diff --git a/lib/api/v3/github.rb b/lib/api/v3/github.rb index 2d25e76626a..3a0609651f4 100644 --- a/lib/api/v3/github.rb +++ b/lib/api/v3/github.rb @@ -18,7 +18,7 @@ module API # Used to differentiate Jira Cloud requests from Jira Server requests # Jira Cloud user agent format: Jira DVCS Connector Vertigo/version # Jira Server user agent format: Jira DVCS Connector/version - JIRA_DVCS_CLOUD_USER_AGENT = 'Jira DVCS Connector Vertigo'.freeze + JIRA_DVCS_CLOUD_USER_AGENT = 'Jira DVCS Connector Vertigo' include PaginationParams diff --git a/lib/banzai/filter/commit_trailers_filter.rb b/lib/banzai/filter/commit_trailers_filter.rb index 5288db3b0cb..a615abc1989 100644 --- a/lib/banzai/filter/commit_trailers_filter.rb +++ b/lib/banzai/filter/commit_trailers_filter.rb @@ -36,7 +36,7 @@ module Banzai next if html == content - node.replace(html) + node.replace("\n\n#{html}") end doc diff --git a/lib/bulk_imports/clients/http.rb b/lib/bulk_imports/clients/http.rb index 2e81863e53a..acc94d5ff2e 100644 --- a/lib/bulk_imports/clients/http.rb +++ b/lib/bulk_imports/clients/http.rb @@ -3,7 +3,7 @@ module BulkImports module Clients class Http - API_VERSION = 'v4'.freeze + API_VERSION = 'v4' DEFAULT_PAGE = 1.freeze DEFAULT_PER_PAGE = 30.freeze diff --git a/lib/csv_builder.rb b/lib/csv_builder.rb index 6116009f171..43ceed9519b 100644 --- a/lib/csv_builder.rb +++ b/lib/csv_builder.rb @@ -14,7 +14,7 @@ # CsvBuilder.new(@posts, columns).render # class CsvBuilder - DEFAULT_ORDER_BY = 'id'.freeze + DEFAULT_ORDER_BY = 'id' DEFAULT_BATCH_SIZE = 1000 PREFIX_REGEX = /^[=\+\-@;]/.freeze diff --git a/lib/gitlab/auth/auth_finders.rb b/lib/gitlab/auth/auth_finders.rb index 4c6254c9e69..6f6ac79c16b 100644 --- a/lib/gitlab/auth/auth_finders.rb +++ b/lib/gitlab/auth/auth_finders.rb @@ -24,9 +24,9 @@ module Gitlab PRIVATE_TOKEN_HEADER = 'HTTP_PRIVATE_TOKEN' PRIVATE_TOKEN_PARAM = :private_token - JOB_TOKEN_HEADER = 'HTTP_JOB_TOKEN'.freeze + JOB_TOKEN_HEADER = 'HTTP_JOB_TOKEN' JOB_TOKEN_PARAM = :job_token - DEPLOY_TOKEN_HEADER = 'HTTP_DEPLOY_TOKEN'.freeze + DEPLOY_TOKEN_HEADER = 'HTTP_DEPLOY_TOKEN' RUNNER_TOKEN_PARAM = :token RUNNER_JOB_TOKEN_PARAM = :token diff --git a/lib/gitlab/ci/pipeline/chain/validate/external.rb b/lib/gitlab/ci/pipeline/chain/validate/external.rb index d056501a6d3..b2fbe43aa77 100644 --- a/lib/gitlab/ci/pipeline/chain/validate/external.rb +++ b/lib/gitlab/ci/pipeline/chain/validate/external.rb @@ -11,8 +11,13 @@ module Gitlab InvalidResponseCode = Class.new(StandardError) VALIDATION_REQUEST_TIMEOUT = 5 + ACCEPTED_STATUS = 200 + DOT_COM_REJECTED_STATUS = 406 + GENERAL_REJECTED_STATUS = (400..499).freeze def perform! + return unless enabled? + pipeline_authorized = validate_external log_message = pipeline_authorized ? 'authorized' : 'not authorized' @@ -27,27 +32,42 @@ module Gitlab private + def enabled? + return true unless Gitlab.com? + + ::Feature.enabled?(:ci_external_validation_service, project, default_enabled: :yaml) + end + def validate_external return true unless validation_service_url # 200 - accepted - # 4xx - not accepted + # 406 - not accepted on GitLab.com + # 4XX - not accepted for other installations # everything else - accepted and logged response_code = validate_service_request.code case response_code - when 200 + when ACCEPTED_STATUS true - when 400..499 + when rejected_status false else raise InvalidResponseCode, "Unsupported response code received from Validation Service: #{response_code}" end rescue => ex - Gitlab::ErrorTracking.track_exception(ex) + Gitlab::ErrorTracking.track_exception(ex, project_id: project.id) true end + def rejected_status + if Gitlab.com? + DOT_COM_REJECTED_STATUS + else + GENERAL_REJECTED_STATUS + end + end + def validate_service_request Gitlab::HTTP.post( validation_service_url, timeout: VALIDATION_REQUEST_TIMEOUT, diff --git a/lib/gitlab/ci/trace.rb b/lib/gitlab/ci/trace.rb index 3258d965c93..a177f56f434 100644 --- a/lib/gitlab/ci/trace.rb +++ b/lib/gitlab/ci/trace.rb @@ -11,7 +11,8 @@ module Gitlab LOCK_SLEEP = 0.001.seconds WATCH_FLAG_TTL = 10.seconds - UPDATE_FREQUENCY_DEFAULT = 30.seconds + LEGACY_UPDATE_FREQUENCY_DEFAULT = 30.seconds + UPDATE_FREQUENCY_DEFAULT = 60.seconds UPDATE_FREQUENCY_WHEN_BEING_WATCHED = 3.seconds ArchiveError = Class.new(StandardError) @@ -114,7 +115,15 @@ module Gitlab end def update_interval - being_watched? ? UPDATE_FREQUENCY_WHEN_BEING_WATCHED : UPDATE_FREQUENCY_DEFAULT + if being_watched? + UPDATE_FREQUENCY_WHEN_BEING_WATCHED + else + if Feature.enabled?(:ci_lower_frequency_trace_update, job.project, default_enabled: :yaml) + UPDATE_FREQUENCY_DEFAULT + else + LEGACY_UPDATE_FREQUENCY_DEFAULT + end + end end def being_watched! diff --git a/lib/gitlab/conan_token.rb b/lib/gitlab/conan_token.rb index d03997b4158..c3d90aa78fb 100644 --- a/lib/gitlab/conan_token.rb +++ b/lib/gitlab/conan_token.rb @@ -7,7 +7,7 @@ module Gitlab class ConanToken - HMAC_KEY = 'gitlab-conan-packages'.freeze + HMAC_KEY = 'gitlab-conan-packages' attr_reader :access_token_id, :user_id diff --git a/lib/gitlab/health_checks/gitaly_check.rb b/lib/gitlab/health_checks/gitaly_check.rb index e780bf8a986..f5f142c251f 100644 --- a/lib/gitlab/health_checks/gitaly_check.rb +++ b/lib/gitlab/health_checks/gitaly_check.rb @@ -5,7 +5,7 @@ module Gitlab class GitalyCheck extend BaseAbstractCheck - METRIC_PREFIX = 'gitaly_health_check'.freeze + METRIC_PREFIX = 'gitaly_health_check' class << self def readiness diff --git a/lib/gitlab/http_connection_adapter.rb b/lib/gitlab/http_connection_adapter.rb index 37f618ae879..f7a3da53fdb 100644 --- a/lib/gitlab/http_connection_adapter.rb +++ b/lib/gitlab/http_connection_adapter.rb @@ -17,14 +17,6 @@ module Gitlab def connection @uri, hostname = validate_url!(uri) - if options.key?(:http_proxyaddr) - proxy_uri_with_port = uri_with_port(options[:http_proxyaddr], options[:http_proxyport]) - proxy_uri_validated = validate_url!(proxy_uri_with_port).first - - @options[:http_proxyaddr] = proxy_uri_validated.omit(:port).to_s - @options[:http_proxyport] = proxy_uri_validated.port - end - super.tap do |http| http.hostname_override = hostname if hostname end @@ -53,11 +45,5 @@ module Gitlab def allow_settings_local_requests? Gitlab::CurrentSettings.allow_local_requests_from_web_hooks_and_services? end - - def uri_with_port(address, port) - uri = Addressable::URI.parse(address) - uri.port = port if port.present? - uri - end end end diff --git a/lib/gitlab/pages.rb b/lib/gitlab/pages.rb index 33e709360ad..98e87e9e915 100644 --- a/lib/gitlab/pages.rb +++ b/lib/gitlab/pages.rb @@ -3,7 +3,7 @@ module Gitlab module Pages VERSION = File.read(Rails.root.join("GITLAB_PAGES_VERSION")).strip.freeze - INTERNAL_API_REQUEST_HEADER = 'Gitlab-Pages-Api-Request'.freeze + INTERNAL_API_REQUEST_HEADER = 'Gitlab-Pages-Api-Request' MAX_SIZE = 1.terabyte include JwtAuthenticatable diff --git a/lib/gitlab/usage_data.rb b/lib/gitlab/usage_data.rb index 5dc3f71329d..2b84789afc4 100644 --- a/lib/gitlab/usage_data.rb +++ b/lib/gitlab/usage_data.rb @@ -711,6 +711,8 @@ module Gitlab end def redis_hll_counters + return {} unless Feature.enabled?(:redis_hll_tracking, type: :ops, default_enabled: :yaml) + { redis_hll_counters: ::Gitlab::UsageDataCounters::HLLRedisCounter.unique_events_data } end diff --git a/lib/gitlab/usage_data_counters/hll_redis_counter.rb b/lib/gitlab/usage_data_counters/hll_redis_counter.rb index 336bef081a6..0249d1a12cd 100644 --- a/lib/gitlab/usage_data_counters/hll_redis_counter.rb +++ b/lib/gitlab/usage_data_counters/hll_redis_counter.rb @@ -157,7 +157,7 @@ module Gitlab def feature_enabled?(event) return true if event[:feature_flag].blank? - Feature.enabled?(event[:feature_flag], default_enabled: :yaml) + Feature.enabled?(event[:feature_flag], default_enabled: :yaml) && Feature.enabled?(:redis_hll_tracking, type: :ops, default_enabled: :yaml) end # Allow to add totals for events that are in the same redis slot, category and have the same aggregation level diff --git a/lib/learn_gitlab.rb b/lib/learn_gitlab.rb index 771083193d1..abceb80bd30 100644 --- a/lib/learn_gitlab.rb +++ b/lib/learn_gitlab.rb @@ -1,9 +1,9 @@ # frozen_string_literal: true class LearnGitlab - PROJECT_NAME = 'Learn GitLab'.freeze - BOARD_NAME = 'GitLab onboarding'.freeze - LABEL_NAME = 'Novice'.freeze + PROJECT_NAME = 'Learn GitLab' + BOARD_NAME = 'GitLab onboarding' + LABEL_NAME = 'Novice' def initialize(current_user) @current_user = current_user |