Age | Commit message (Collapse) | Author |
|
Changes domain field to be on the Cluster page show, removing it from
Auto DevOps setting. Also injects the new environment variable
KUBE_INGRESS_BASE_DOMAIN into kubernetes#predefined_variables.
Migration to move the information from ProjectAutoDevops#domain
to Clusters::Cluster#domain. As well as necessary modifications to qa
selectors
Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/52363
|
|
CE Port of "Extract extension method from mr_widget_options"
See merge request gitlab-org/gitlab-ce!24891
|
|
|
|
Fix Detect Host Keys not working
Closes #56855
See merge request gitlab-org/gitlab-ce!24884
|
|
|
|
|
|
Refactor helper in environments controller for clarity
See merge request gitlab-org/gitlab-ce!24781
|
|
Use ECharts for metrics dashboard graphs
See merge request gitlab-org/gitlab-ce!24648
|
|
|
|
'50521-block-emojis-and-symbol-characters-from-user-s-full-names-2' into 'master'
Resolve "Block emojis and symbol characters from user's full names"
Closes #50521
See merge request gitlab-org/gitlab-ce!24523
|
|
Backport of ee/9235: Add LDAP integration to smartcard authentication
See merge request gitlab-org/gitlab-ce!24704
|
|
Fix ReturnInVoidContext rubocop offense
See merge request gitlab-org/gitlab-ce!24857
|
|
Update UI of admin appearance settings
See merge request gitlab-org/gitlab-ce!24685
|
|
'19745-forms-with-task-lists-can-be-overwritten-when-editing-simultaneously' into 'master'
Forms with task lists can be overwritten when editing simultaneously
See merge request gitlab-org/gitlab-ce!23938
|
|
'master'
Resolve "UI bug adding group members with lower permissions"
Closes #55098
See merge request gitlab-org/gitlab-ce!24820
|
|
**Why?**
- This fixes the CE/EE difference
- More endpoints will be added in https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/9168
|
|
Due to a change in
https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/24245, the Detect
Host Key feature in the SSH mirroring stopped working.
`SshHostKey#primary_key` was being used instead of the hard-coded
`:id`. However, `SshHostKey#find_by` was expecting the symbolized `:id`
rather than the string `id`, so it could never find the host key it was
supposed to update.
Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/56855
|
|
|
|
'57063-implement-new-arguments-iid-for-issuesresolver-in-graphql' into 'master'
Resolve "Implement new arguments `iid` for `IssuesResolver` in GraphQL"
Closes #57063
See merge request gitlab-org/gitlab-ce!24802
|
|
Wait for auto-devops CI jobs on the job page
See merge request gitlab-org/gitlab-ce!24839
|
|
Reduce diff with EE in Groups::CreateService
See merge request gitlab-org/gitlab-ce!24871
|
|
Fix migration when project repository is missing
See merge request gitlab-org/gitlab-ce!24859
|
|
- Use JS regex for emoji validation
- Add test for blocking emojis in full name
- Fix existing tests for user status that failed locally
|
|
Reduce diff with EE in Ci::PipelineTriggerService
See merge request gitlab-org/gitlab-ce!24866
|
|
|
|
|
|
Signed-off-by: Rémy Coutable <remy@rymai.me>
|
|
|
|
Signed-off-by: Rémy Coutable <remy@rymai.me>
|
|
Updates the layout of the admin appearance settings to be consistent
with other settings pages across GitLab
|
|
Update metrics dashboard to support GitLab UI area chart changes
|
|
The data migration looks for code owner file and errs
if repository is missing.
|
|
|
|
|
|
Add CSS helper classes for positioning
See merge request gitlab-org/gitlab-ce!24821
|
|
Add e2e QA test for logging in using Github OAuth
See merge request gitlab-org/gitlab-ce!24817
|
|
|
|
Adds the test itself and the vendor page object model for GitHub
login pages.
|
|
These tests used to wait on the pipeline page which made debugging job
failures difficult
|
|
|
|
|
|
Fix flaky wiki create test
Closes gitlab-org/quality/nightly#24
See merge request gitlab-org/gitlab-ce!24778
|
|
|
|
|
|
|
|
When a user is a guest user, and the "Public Pipeline" is set to false
inside of "Settings > CI/CD > General" the commit status in the project
dashboard should not be shown.
|
|
When moving a project, it's possible that some users who had
access to the project in old path can not access the project
in the new path.
Because `project_authorizations` records are updated asynchronously,
when we send the notification about moved project the list of project
team members contains old project members, we want to notify all these
members except the old users who can not access the new location.
|
|
|
|
To prevent an OAuth2 covert redirect vulnerability, this commit adds and
uses an alias for the GitHub and BitBucket OAuth2 callback URLs to the
following paths:
GitHub: /users/auth/-/import/github
Bitbucket: /users/auth/-/import/bitbucket
This allows admins to put a more restrictive callback URL in the OAuth2
configuration settings. Instead of https://example.com, admins can now use:
https://example.com/users/auth
It's possible but not trivial to change Devise and OmniAuth to use a
different prefix for callback URLs instead of /users/auth. For now,
aliasing the import URLs under the /users/auth namespace should suffice.
Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/56663
|
|
LFS uploads are handled in concert by workhorse and rails. In normal
use, workhorse:
* Authorizes the request with rails (upload_authorize)
* Handles the upload of the file to a tempfile - disk or object storage
* Validates the file size and contents
* Hands off to rails to complete the upload (upload_finalize)
In `upload_finalize`, the LFS object is linked to the project. As LFS
objects are deduplicated across all projects, it may already exist. If
not, the temporary file is copied to the correct place, and will be
used by all future LFS objects with the same OID.
Workhorse uses the Content-Type of the request to decide to follow this
routine, as the URLs are ambiguous. If the Content-Type is anything but
"application/octet-stream", the request is proxied directly to rails,
on the assumption that this is a normal file edit request. If it's an
actual LFS request with a different content-type, however, it is routed
to the Rails `upload_finalize` action, which treats it as an LFS upload
just as it would a workhorse-modified request.
The outcome is that users can upload LFS objects that don't match the
declared size or OID. They can also create links to LFS objects they
don't really own, allowing them to read the contents of files if they
know just the size or OID.
We can close this hole by requiring requests to `upload_finalize` to be
sourced from Workhorse. The mechanism to do this already exists.
|