Age | Commit message (Collapse) | Author |
|
|
|
|
|
'43681-display-last-activity-and-created-at-datetimes-for-users-in-admin-users' into 'master'
Resolve "Display last activity and created at datetimes for users"
Closes #43681
See merge request gitlab-org/gitlab-ce!24181
|
|
Add changelog
Rename word to query
User hash for limit
Do not allow control limit
Rename pluck names and add more specs
|
|
Allow merge request diffs to be placed into an object store
Closes #52568
See merge request gitlab-org/gitlab-ce!24276
|
|
The columns 'Created on' and 'Last activity' have been
added to the admin -> users view.
Sorting options have also been added for last activity
and the search bar has been moved to match the issues
page.
|
|
|
|
Signed-off-by: Rémy Coutable <remy@rymai.me>
|
|
Users may specify an OAuth2 callback with a custom name, such as
AWSCognito, but Rails will reject this with the following message:
```
'import/AWSCognito' is not a supported controller name. This can
lead to potential routing problems. See
http://guides.rubyonrails.org/routing.html#specifying-a-controller-to-use
```
To avoid these errors, we can just downcase all the provider names.
Note that this will make it impossible to specify a duplicate name with
different cases.
Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/57156
|
|
To prevent an OAuth2 covert redirect vulnerability, this commit adds and
uses an alias for the GitHub and BitBucket OAuth2 callback URLs to the
following paths:
GitHub: /users/auth/-/import/github
Bitbucket: /users/auth/-/import/bitbucket
This allows admins to put a more restrictive callback URL in the OAuth2
configuration settings. Instead of https://example.com, admins can now use:
https://example.com/users/auth
It's possible but not trivial to change Devise and OmniAuth to use a
different prefix for callback URLs instead of /users/auth. For now,
aliasing the import URLs under the /users/auth namespace should suffice.
Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/56663
|
|
(cherry picked from commit da3cd00f5a31f762eb67c2824233ad2b275b2ba8)
Conflicts:
config/webpack.config.js
|
|
This change adds three new instrumentations, driven through rails
notifications: render_template.action_view,
render_collection.action_view and render_partial.action_view.
These can help developers understand why renders are taking a long
time which may in turn help them to improve their performance.
|
|
Specs were reviewed and improved to better cover the current behavior.
There was some standardization done as well to facilitate the
implementation of the rollback functionality.
StorageMigratorWorker was extracted to HashedStorage namespace were
RollbackerWorker will live one as well.
|
|
Container repository cleanup API
Closes #55978
See merge request gitlab-org/gitlab-ce!24303
|
|
This includes a set of APIs to manipulate container registry.
This includes also an ability to delete tags based on requested
criteria, like keep-last-n, matching-name, older-than.
|
|
Use http_max_redirects opt to replace monkeypatch
Closes #54250
See merge request gitlab-org/gitlab-ce!24284
|
|
Adds tracing support for ActiveRecord notifications
See merge request gitlab-org/gitlab-ce!24604
|
|
http_max_redirects was introduced in 4.2.2, so upgrade kubeclient.
The monkey-patch was global so we will have to check that all instances
of Kubeclient::Client are handled.
Spec all methods of KubeClient
This should provide better confidence that we are indeed disallowing
redirection in all cases
|
|
Signed-off-by: Rémy Coutable <remy@rymai.me>
|
|
This change will publish distributed tracing spans related to
SQL ActiveRecord queries. These queries are unbound, so will still
contain parameter substitution strings in place of actual parameter
values.
This ensures that the SQL strings do not need to be scrubbed, since the
values are not included in the SQL.
More details of rails instrumentation can be found here:
https://guides.rubyonrails.org/active_support_instrumentation.html
|
|
'52674-api-v4-projects-project_id-jobs-endpoint-hits-statement-timeout' into 'master'
[API] Omit `X-Total` and `X-Total-Pages` headers when items count is more than 10,000
Closes #42194 and #52674
See merge request gitlab-org/gitlab-ce!23931
|
|
Adds inter-service OpenTracing propagation
See merge request gitlab-org/gitlab-ce!24239
|
|
Signed-off-by: Rémy Coutable <remy@rymai.me>
|
|
This change allows the GitLab rails and sidekiq components to receive
tracing spans from upstream services such as Workhorse and pass these
spans on to downstream services including Gitaly and Sidekiq.
This change will also emit traces for incoming and outgoing requests
using the propagated trace information. This will allow operators and
engineers to view traces across the Workhorse, GitLab Rails, Sidekiq and
Gitaly components.
Additional intra-service instrumentation will be added in future
changes.
|
|
By visiting `projects/:id` you will be redirected to project page with
path in it.
projects/123 => foo/bar
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
|
|
Set ActionController raise_on_unfiltered_parameters to true
See merge request gitlab-org/gitlab-ce!24443
|
|
This change will instantiate an OpenTracing tracer and configure it
as the global tracer when the GITLAB_TRACING environment variable is
configured. GITLAB_TRACING takes a "connection string"-like value,
encapsulating the driver (eg jaeger, etc) and options for the driver.
Since each service, whether it's written in Ruby or Golang, uses the
same connection-string, it should be very easy to configure all
services in a cluster, or even a single development machine to be
setup to use tracing.
Note that this change does not include instrumentation or propagation
changes as this is a way of breaking a previous larger change into
components. The instrumentation and propagation changes will follow
in separate changes.
|
|
|
|
GitLab::Sentry has a program_context method to determine whether a
Sentry exception occurred in Sidekiq or rails. Since we will need
similar functionality for distributed tracing, this change extracts the
program_context method into GitLab.process_name for more general
consumption.
|
|
Remove cancel all jobs button in general jobs list view
Closes #34665
See merge request gitlab-org/gitlab-ce!24010
|
|
|
|
Initial Serverless Functions detailed view
See merge request gitlab-org/gitlab-ce!23863
|
|
|
|
|
|
|
|
|
|
|
|
Process CSV uploads async using a worker then email results
|
|
Added button and modal to accept CSV file for uploading
|
|
This commit prepares the structure for the upcoming feature error
tracking.
|
|
Use BuildMetadata to store build configuration in JSONB form
See merge request gitlab-org/gitlab-ce!21499
|
|
Fix deprecation: returning false in Active Record and Active Model callbacks
See merge request gitlab-org/gitlab-ce!24134
|
|
These are data columns that store runtime configuration
of build needed to execute it on runner and within pipeline.
The definition of this data is that once used, and when no longer
needed (due to retry capability) they can be freely removed.
They use `jsonb` on PostgreSQL, and `text` on MySQL (due to lacking
support for json datatype on old enough version).
|
|
will not implicitly halt a callback chain
|
|
ActiveRecord supports `:order` natively, but it is skipped because of
our specific patch to support opclasses.
Relevant AR code:
https://github.com/rails/rails/blob/5-0-stable/activerecord/lib/active_record/connection_adapters/abstract/schema_statements.rb#L1167
|
|
|
|
|
|
Use system paths for appearance logos
Closes gitlab-ee#6778
See merge request gitlab-org/gitlab-ce!24024
|
|
When object storage is enabled, the logos used to customize a GitLab
appearance causes the time-limited URLs to be used. We fix this
by forcing all of these URLs to use the /uploads/-/system prefix
so that they will always be proxied through GitLab.
Closes https://gitlab.com/gitlab-org/gitlab-ee/issues/6778
|
|
Full list of changes:
https://github.com/carrierwaveuploader/carrierwave/blob/master/CHANGELOG.md
|