Age | Commit message (Collapse) | Author |
|
Allow the Rails cookie to be used for API authentication
Makes the Rails cookie into a valid authentication token for the Grape
API, and uses it instead of token authentication in frontend code that
uses the API.
Rendering the private token into client-side javascript is a security
risk; it may be stolen through XSS or other attacks. In general,
re-using API code in the frontend is more desirable than implementing
endless actions that return JSON.
Closes #18302
See merge request !1995
Signed-off-by: Rémy Coutable <remy@rymai.me>
|
|
Set permissions to admin for importing a project via Import/Export
Fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/20802
In order to import a project, it is now required to be an admin
Moved from https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/5766
See merge request !1983
(cherry picked from commit 966b303802e12204f5d32af24b13bd0ceb5342a1)
|
|
Improve the request / withdraw access button
It implements the design proposed in #18310.
No.
To close #18310.
Closes #18310.
| Medium | Large |
| ----------- | ------- |
| ![request_access_button](/uploads/a1de370dcbb8ac9a63d2df5c68591db7/request_access_button.png) | ![request_access_button-large](/uploads/0a1c70380268e620a6ca4d3e1661d58c/request_access_button-large.png) |
| Medium | Large |
| ----------- | ------- |
| ![withdraw_access_request_button](/uploads/c9df39d04b61566ec143d5e9cc43ada2/withdraw_access_request_button.png) | ![withdraw_access_request_button-large](/uploads/10fdaa94d72956e06bdb995e65b51472/withdraw_access_request_button-large.png) |
| Medium | Large |
| ----------- | ------- |
| ![request_access_button](/uploads/8e71395041a5cea996a35df2083bb723/request_access_button.png) | ![project-request_access_button-large](/uploads/adb2dec0eccec8e5171dc0e26e6b03a6/project-request_access_button-large.png) |
| Medium | Large |
| ----------- | ------- |
| ![withdraw_access_request_button](/uploads/12be06f0a2bf9426a5e043f52c4d1dab/withdraw_access_request_button.png) | ![project-withdraw_access_request_button-large](/uploads/93fda7767ee5f02186c4c954ea346254/project-withdraw_access_request_button-large.png) |
- [x] [CHANGELOG](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CHANGELOG) entry added
- [x] [Documentation created/updated](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/doc_styleguide.md)
- Tests
- [x] All builds are passing
- [x] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides)
- [x] Branch has no merge conflicts with `master` (if you do - rebase it please)
- [x] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits)
See merge request !4860
(cherry picked from commit c578fb064c6a90cbaf60959d7706c0bcc34d87f5)
|
|
Add missing privileges to MySQL database
Closes gitlab-org/gitlab-ce#19321
See merge request !5079
|
|
Fix privilege escalation issue with OAuth external users
Related to https://gitlab.com/gitlab-org/gitlab-ce/issues/19312
This MR fixes a privilege escalation issue, where manually set external users would be reverted back to internal users if they logged in via OAuth and that provider was not in the `external_providers` list.
/cc @douwe
See merge request !1975
(cherry picked from commit 5e6342b7ac08b4b37b233cad54f4aeaf0144b977)
|
|
Update Todos documentation and screenshots to include new functionality.
Updates documentation for todos, includes updated and new screenshots.
See also !4502 and #18906
Closes #18923
[ci skip]
See merge request !4840
|
|
Expand on Award Emoji documentation, update/add screenshots.
Adds documentation for award emoji now that comments can be awarded with emojis.
See also !4291 and #18906
Closes #9091
cc: @virtuacreative @axil
See merge request !4839
Signed-off-by: Rémy Coutable <remy@rymai.me>
|
|
Clarify artifact expiry
## What does this MR do?
Clarifies documentation about artifact expiry.
## Are there points in the code the reviewer needs to double check?
## Why was this MR needed?
## What are the relevant issue numbers?
## Screenshots (if relevant)
See merge request !4831
Signed-off-by: Rémy Coutable <remy@rymai.me>
|
|
Add documentation and examples for configuring cloud storage for registry images.
## What does this MR do?
Adds documentation and examples for configuring cloud storage for registry images.
Waits for backend config to get merged in:
https://gitlab.com/gitlab-org/omnibus-gitlab/merge_requests/816
## What are the relevant issue numbers?
https://gitlab.com/gitlab-org/omnibus-gitlab/issues/1320
## Does this MR meet the acceptance criteria?
- [ ] ~~[CHANGELOG](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CHANGELOG) entry added~~
- [x] [Documentation created/updated](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/doc_styleguide.md)
- [ ] ~~API support added~~
- [ ] Tests
- [ ] ~~Added for this feature/bug~~
- [x] All builds are passing
- [ ] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides)
- [ ] Branch has no merge conflicts with `master` (if you do - rebase it please)
- [ ] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits)
cc\ @marin
See merge request !4812
Signed-off-by: Rémy Coutable <remy@rymai.me>
|
|
Add some docs for Docker Registry configuration - Relatively important for anyone installing from source
There have been a few issues created because of the lack of documentation for how to configure Docker Registry when installing from source, specifically what the `realm` needs to be and the `service`
These 2 bits of info will stop a lot of headaches :+1:
Issues:
https://gitlab.com/gitlab-org/gitlab-ce/issues/17957
https://gitlab.com/gitlab-org/gitlab-ce/issues/17991
See merge request !4738
Signed-off-by: Rémy Coutable <remy@rymai.me>
|
|
import/export docs
Added documentation for and closes https://gitlab.com/gitlab-org/gitlab-ce/issues/3050
Also added a couple of rake tasks that might be useful.
See merge request !4732
Signed-off-by: Rémy Coutable <remy@rymai.me>
|
|
Document `GIT_STRATEGY` and `GIT_DEPTH`
## What does this MR do?
Documents `GIT_STRATEGY` and `GIT_DEPTH`. Also fixes the TOC since the anchors weren't working.
## Are there points in the code the reviewer needs to double check?
The TOC and the location of the new entries.
## Why was this MR needed?
## What are the relevant issue numbers?
https://gitlab.com/gitlab-org/gitlab-ci-multi-runner/merge_requests/188
## Screenshots (if relevant)
![image](/uploads/eccfd60199d81e6588c13aab817f0eb5/image.png)
![image](/uploads/bbbffe61db64ef17f1fa52907275f3d4/image.png)
/cc @axil @ayufan
See merge request !4720
Signed-off-by: Rémy Coutable <remy@rymai.me>
|
|
* Adds pipelines page to CI docs.
* Adds image of pipelines list (although currently missing border that is on other images).
* Changes CI to CI/CD in `/doc` and `/doc/ci`
* Sorts user documentation in `/doc`
Partially fixes #17733.
See merge request !4660
Signed-off-by: Rémy Coutable <remy@rymai.me>
|
|
Refactor labels docs
Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/18555
See merge request !3347
Signed-off-by: Rémy Coutable <remy@rymai.me>
|
|
Add missing link to sidekiq metrics in API README
See merge request !4837
|
|
Make it possible to lock runner on a specific project
Make it possible to lock runner on a specific project.
![Screen_Shot_2016-06-20_at_4.03.08_PM](/uploads/186378643a20106ff0b67b6fd8bd7f28/Screen_Shot_2016-06-20_at_4.03.08_PM.png)
----
![Screen_Shot_2016-06-20_at_9.54.52_PM](/uploads/c479abdffaf19f383bb6b5a42bdd6cc3/Screen_Shot_2016-06-20_at_9.54.52_PM.png)
----
![Screen_Shot_2016-06-20_at_9.56.26_PM](/uploads/6ad838679b0c28a1fe2e20e9224387ea/Screen_Shot_2016-06-20_at_9.56.26_PM.png)
Closes #3407
See merge request !4093
|
|
Document access request to project & group
## What does this MR do?
Adds documentation that was missing from !3798.
## Are there points in the code the reviewer needs to double check?
I've taken the opportunity to update the images in the "Project users" documentation page, I can remove the commit if it's not welcome!
## What are the relevant issue numbers?
Closes #18584.
## Does this MR meet the acceptance criteria?
- [ ] Tests
- [ ] All builds are passing
- [x] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides)
- [x] Branch has no merge conflicts with `master` (if you do - rebase it please)
- [x] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits)
/cc @DouweM
See merge request !4685
|
|
'lbennett/gitlab-ce-18114-add-up-arrow-edit-shortcut-documentation' into 'master'
Documented the up key shortcut
## What does this MR do?
Documents the `up` key edit note shortcut in the `/help/_shortcuts.html.haml` help pane and the `/doc/workflow/shortcuts.png` screenshot.
## Are there points in the code the reviewer needs to double check?
The issue and MR shortcuts should be merged, they're the same? Shall I open an issue or include here?
This panel also need to be a little more responsive. Shall I open an issue or include here?
Additionally, I have some conflicts regarding the screenshot. This screenshot also needs to update for !4570.
## Why was this MR needed?
Everyone should know about this awesome shortcut.
## What are the relevant issue numbers?
Closes #18114.
## Screenshots (if relevant)
View the [updated screenshot](https://gitlab.com/gitlab-org/gitlab-ce/blob/e7221ad66efeb0f7d263ead7ed523d194243fb09/doc/workflow/shortcuts.png)
## Does this MR meet the acceptance criteria?
- [x] [CHANGELOG](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CHANGELOG) entry added
- [x] [Documentation created/updated](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/doc_styleguide.md)
- [ ] API support added
- [ ] Tests
- [ ] Added for this feature/bug
- [ ] All builds are passing
- [x] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides)
- [x] Branch has no merge conflicts with `master` (if you do - rebase it please)
- [x] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits)
See merge request !4758
|
|
Document email on push service
Addresses https://gitlab.com/gitlab-org/gitlab-ee/issues/80
See merge request !4698
|
|
Document environments and deployments
## What does this MR do?
Adds an introduction to environments and deployments and tweaks the `environments` entry in `.gitlab-ci.yml` documentation.
## Are there points in the code the reviewer needs to double check?
## Why was this MR needed?
## What are the relevant issue numbers?
Closes #18683.
## Screenshots (if relevant)
![image](/uploads/1e3355c543abaf7b358f3c37596b1f0b/image.png)
![image](/uploads/58a51505674bcf605039db46833a8ae6/image.png)
/cc @ayufan @axil
See merge request !4725
|
|
Grammar tweaks
## What does this MR do?
* Updates grammar in recent CI documentation.
## Are there points in the code the reviewer needs to double check?
## Why was this MR needed?
Because grammar.
## What are the relevant issue numbers?
Needed because of !4200 and !4201.
## Screenshots (if relevant)
See merge request !4772
|
|
Ci scala example
## What does this MR do?
Add a scala CI example.
## Why was this MR needed?
Supersedes https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/2984
See merge request !4774
|
|
API endpoints for award emoji
Closes #10884
See merge request !4575
|
|
Implement custom notification level options
![Screen_Shot_2016-06-17_at_15.31.43](/uploads/3fc47d2f461b3e8b67bb8acaa304cf99/Screen_Shot_2016-06-17_at_15.31.43.png)
![Screenshot_from_2016-06-15_10-52-27](/uploads/88dbdd21d97e80ee772fe08fa0c9b393/Screenshot_from_2016-06-15_10-52-27.png)
part of #12758
See merge request !4389
|
|
Track method call times/counts as a single metric
This changes method call tracking so only a single metric is emitted regardless of the number of calls. This allows us to more accurately measure the total execution time of a method as well as the number of times a method is called. See 851e3ff7578973c2206628424eac3b951a3c656d for more details.
Method call tracking tracked calls individually meaning the end statistics may not always be accurate enough to get a good understanding of where time is spent.
See merge request !4754
|
|
Allow creating Personal Access Tokens through the website
Related to #2979
- Allow a user to create personal access tokens, and use them to authenticate
- Refactor `API::Helpers` into `API::Helpers::Core` and `API::Helpers::Authentication`
# Tasks
- [ ] #2979 (!3749) - Personal Access Tokens
- [x] Basic Implementation
- [x] Add UI to add "Personal Access Tokens"
- [x] Reload `lib/api` on every request
- [x] Respect these tokens for API requests
- [x] Just a param or a header too?
- [x] Allow revoking tokens
- [x] Expire tokens
- [x] Left bar should have a "PAT" icon
- [x] Scopes?
- [x] Copy to Clipboard
- [x] Show active/inactive tokens separately
- [x] No need to check for expired/revoked in the appropriate places
- [x] Why does regular ApplicationController check for private token?
- [x] Support non-API requests
- [x] Revert (or work on) `lib/api` eager loading
- [x] Create MR
- [x] Refactoring
- [x] Fix tests
- [x] Write more tests
- [x] Add screenshots to MR
- [x] Add description of query performance to MR
- [x] Limit the number of queries in the `personal_access_tokens` page
- [x] Wait for CI to pass
- [x] Fix merge issues in schema.rb
- [x] Assign MR to endboss
- [x] Wait for feedback
- [x] Fix feedback
- [x] Wait for CI to pass
- [x] Assign to @rspeicher
- [x] Fix @rspeicher's comments
- [x] Wait for CI to pass
- [x] Assign back to @rspeicher
- [x] Write documentation and ping @axil
- [x] Wait for Axil to respond
- [x] Assign to endboss
- [x] Address Douwe's feedback
- [x] Use the `private_token` or `authentication_token` param instead of `personal_access_token`
- [x] Ditto for the header
- [x] Assign to endboss
- [x] Make sure CI is green
- [x] Address Douwe's feedback
- [x] Don't go through the `authenticate_user_from_private_token!` method, if a private token is supplied (or combine them)
- [x] In `authenticate_user_from_personal_access_token!` don't hit DB if `token_string` is `nil`
- [x] Use `current_user.personal_access_tokens.build` in the controller
- [x] Remove the "We aren't using `personal_access_token` as the root param" comment
- [x] `No need for = "...", we can just have the Inactive ... #{...} on the next line` in the view
- [x] Render dates in a (more) human format
- [x] CSS issue with table
- [x] Don't show the tokens in the UI indefinitely
- [x] How to implement scopes? Add-on to current impl? Doorkeeper?
- [x] Wait for @DouweM's comments about scopes
- [x] Address @DouweM's second review
- [x] Try not using `native['innerHTML']`
- [x] use contexts for all "when ..."
- [x] Ensure consistency (styling) with other pages for "You don't have any tokens" message
- [x] "Actions" table column doesn't need a label
- [x] %td can be moved outside of the if/else statement
- [x] The header title should be "Profile Settings"
- [x] Can this be a `before_create`, so we don't need to use `generate`?
- [x] If it couldn't be revoked, will we show an error?
- [x] If it couldn't be saved, will we show an error?
- [x] Merge master
- [x] Update CHANGELOG entry
- [x] Add tests for form errors?
- [x] Post screenshots
- [x] Tag @jschatz1 for review
- [x] Wait for [build](https://gitlab.com/gitlab-org/gitlab-ce/commit/0dff6fd/builds) to pass
- [x] Respond to @jschatz1's comments
- [x] Hardcoded colors should be variables
- [x] Should not be allowed to chose a date in the past
- [x] Use the same table as in the Applications tab
- [x] button should say "Create Personal Access Token"
- [x] Float the revoke to the right on the `a`
- [x] Change revocation message. "Are you sure you want to revoke this certificate? This action cannot be undone."
- [x] Date stays selected and looks selected even though date is set as "never".
- [x] ~~hover on the calendar button shifts~~ (not caused by this MR - happens on `milestones#new` as well)
- [x] Don't use the panel for the created token
- [x] Use a normal flash for "Your new personal access token has been created"
- [x] Show the input (with the token) below it full width.
- [x] Put the "Make sure you save it - you won't be able to access it again." message near the input
- [x] Have the input highlight all on single click
- [x] Update screenshots
- [x] Merge master in + conflicts
- [x] Assign to @jschatz1 again
- [x] Respond to @jschatz1's comments
- [x] No button for clipboard, only link
- [x] text-danger
- [x] highlight fade on that area where the token was created
- [x] Make sure [build](https://gitlab.com/gitlab-org/gitlab-ce/commit/d754d99179f1ffe846fcc1d8e858163b39efc5dc/builds) is green
- [x] Assign to @jschatz1
- [x] Wait for [build](https://gitlab.com/gitlab-org/gitlab-ce/commit/faa0e3f7580bc38d4d12916b4589c64d6c2678a7/builds) to pass
- [x] Respond to @DouweM's feedback
- [x] move the redirect_to out of the if/else
- [x] certificate -> token
- [x] datepicker back to text field
- [x] combine the get_user_from_private_token and get_user_from_personal_access_token methods in ApplicationController
- [x] combine the get_user_from_private_token and get_user_from_personal_access_token methods in `lib/api/helpers`
- [x] don't need the new constants
- [x] Wait for [build](https://gitlab.com/gitlab-org/gitlab-ce/commit/9d7cda3ddce52baad9618466a5d00319b333be57/builds) to pass
- [ ] Wait for merge
# Screenshots
![Screen_Shot_2016-06-16_at_8.30.33_AM](/uploads/30a168964b7c5e0eb322705747829fb6/Screen_Shot_2016-06-16_at_8.30.33_AM.png)
![Screen_Shot_2016-06-16_at_8.30.44_AM](/uploads/7a8202885df6120071bbe81b215aaead/Screen_Shot_2016-06-16_at_8.30.44_AM.png)
![Screen_Shot_2016-06-16_at_8.31.02_AM](/uploads/6905c0848864e390138b771389c7a1b2/Screen_Shot_2016-06-16_at_8.31.02_AM.png)
![Screen_Shot_2016-06-16_at_8.31.29_AM](/uploads/0bc92369fb2f9bc335773f6abec421c3/Screen_Shot_2016-06-16_at_8.31.29_AM.png)
See merge request !3749
|
|
Added API endpoint for Sidekiq Metrics.
## What does this MR do?
It adds an API endpoint to gather metrics about Sidekiq, it's jobs, queues, and processes.
## Why was this MR needed?
There was no API endpoint for Sidekiq information.
## What are the relevant issue numbers?
Fixes #7171
## Does this MR meet the acceptance criteria?
- [x] [CHANGELOG](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CHANGELOG) entry added
- [x] [Documentation created/updated](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/doc_styleguide.md)
- [x] API support added
- [x] Tests
- [x] Added for this feature/bug
- [x] All builds are passing
See merge request !4653
|
|
Update migration_style_guide.md with new details
See merge request !4693
|
|
Add environments and deployments
This MR is a continuation of https://gitlab.com/gitlab-org/gitlab-ce/issues/17009.
The current implementation is as follow:
1. We have two new tables: `environments` and `deployments`.
2. We have a new tab: `Environments` under `Pipelines` where you can see all you environments and add a new one.
3. We add a new option to `.gitlab-ci.yml` to track where we should create a deployment for environment.
4. If environment in `.gitlab-ci.yml` is specified it will create a deployment. **If environment does not exist it will be created.** (this got changed)
5. The deployment is always successful and shows the time of the action, in that case a build that presumably should do deployment. In the future we could extend deployment with statuses: success, failure. We could extend deployments with information that this is partial or full deployment.
6. User have to create environments that he will track first.
7. User can remove environments.
8. User can retry/rollback past deployment (in that case we retry past build). The new build when succeeds it will create a new deployment.
9. Currently environment have only one parameter: `name`. In the future it should have: `variables`, `credentials` and possibly `runners` and maybe other resources.
10. Currently deployment have this parameters: `sha`, `ref`, `deployable (in this case a build)`, `user (who triggered a deployment)`, `created_at`.
The `.gitlab-ci.yml`:
```
deploy to production:
stage: deploy
script: dpl travis...
environment: production
```
What needs to be done:
- [x] Write initial implementation
- [x] Improve implementation (@ayufan)
- [x] Write tests (@ayufan)
- [x] Improve UX of the forms (cc @markpundsack) - reviewed by @markpundsack
- [x] Improve implementation of the views (cc @jschatz1) - done by @iamphill
- [x] Write .gitlab-ci.yml documentation for `environments` - done by @ayufan
- [ ] Write user documentation (@ayufan and @markpundsack)
See merge request !4605
|
|
Add docs for assigning labels/milestone when moving issue
Extends https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/3934
See merge request !4069
|
|
[ci skip]
|
|
|
|
Fix typo in obtaining a backtrace from all threads in gdb
See merge request !4612
|
|
This reverts commit 06e0ef07bcb92925e6819cbe1e33cdcf645b736b
|
|
|
|
|
|
Instrument private methods and instance private methods
See merge request !4639
|
|
# Conflicts:
# db/schema.rb
|
|
Artifacts expire date
What do you think @grzesiek?
The syntax will be simple:
```
job:
artifacts:
expire_in: 7d
```
- [x] Implement `expire_in`
- [x] Check current design of expiry information with @jschatz1 and @markpundsack
- [x] Add tests in GitLab application for a `ExpireBuildArtifactsWorker` and for `ArtifactsController::keep`
- [x] Add user documentation how to use `artifacts:expire_in`
- [x] Prepare GitLab Runner changes to pass `expire_in`: gitlab-org/gitlab-ci-multi-runner!191
- [x] Fix `timeago` with help of @jschatz1
- [x] Merge latest master after builds view changes @iamphill
- [ ] Add Omnibus support for `expire_build_artifacts_worker` cron job
- [ ] Add documentation how to configure `expire_build_artifacts_worker`
This is based on https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/4201.
See merge request !4200
|
|
By default instrumentation will instrument public,
protected and private methods, because usually
heavy work is done on private method or at least
that’s what facts is showing
|
|
# Conflicts:
# lib/ci/gitlab_ci_yaml_processor.rb
|
|
|
|
|
|
- Move ci/api under api/ci
- Clean up builds.md and runners.md
- Replace old links with new ones
- Add CI API links in ci/README.md
|
|
|
|
|
|
Measure CPU time for instrumented methods
See merge request !4640
|
|
|
|
|
|
|