From 3cccd102ba543e02725d247893729e5c73b38295 Mon Sep 17 00:00:00 2001 From: GitLab Bot Date: Wed, 20 Apr 2022 10:00:54 +0000 Subject: Add latest changes from gitlab-org/gitlab@14-10-stable-ee --- .gitlab/CODEOWNERS | 453 ++++++++++++--------- .gitlab/ci/cng.gitlab-ci.yml | 51 --- .gitlab/ci/docs.gitlab-ci.yml | 2 +- .gitlab/ci/frontend.gitlab-ci.yml | 13 +- .gitlab/ci/global.gitlab-ci.yml | 33 +- .gitlab/ci/graphql.gitlab-ci.yml | 2 + .gitlab/ci/qa.gitlab-ci.yml | 20 +- .gitlab/ci/rails.gitlab-ci.yml | 8 +- .gitlab/ci/reports.gitlab-ci.yml | 6 - .gitlab/ci/review-apps/qa.gitlab-ci.yml | 62 +-- .gitlab/ci/review.gitlab-ci.yml | 12 +- .gitlab/ci/rules.gitlab-ci.yml | 91 +++-- .gitlab/ci/setup.gitlab-ci.yml | 9 + .gitlab/ci/static-analysis.gitlab-ci.yml | 23 +- .gitlab/ci/yaml.gitlab-ci.yml | 12 + .gitlab/issue_templates/Default.md | 11 + .gitlab/issue_templates/Doc_cleanup.md | 33 +- .gitlab/issue_templates/Feature Flag Roll Out.md | 15 +- .../issue_templates/Feature proposal - detailed.md | 2 + .../Geo Replicate a new Git repository type.md | 13 +- .../Geo Replicate a new blob type.md | 13 +- .gitlab/issue_templates/Implementation.md | 12 + .../issue_templates/Vulnerability Disclosure.md | 98 +++++ .gitlab/merge_request_templates/Default.md | 44 ++ .gitlab/merge_request_templates/Documentation.md | 18 +- 25 files changed, 631 insertions(+), 425 deletions(-) delete mode 100644 .gitlab/ci/cng.gitlab-ci.yml create mode 100644 .gitlab/issue_templates/Default.md create mode 100644 .gitlab/issue_templates/Vulnerability Disclosure.md create mode 100644 .gitlab/merge_request_templates/Default.md (limited to '.gitlab') diff --git a/.gitlab/CODEOWNERS b/.gitlab/CODEOWNERS index 26ce20e976d..2aee22dbb9e 100644 --- a/.gitlab/CODEOWNERS +++ b/.gitlab/CODEOWNERS @@ -2,11 +2,11 @@ # project here: https://gitlab.com/gitlab-org/gitlab/-/project_members # As described in https://docs.gitlab.com/ee/user/project/code_owners.html -[Backend] +^[Backend] *.rb @gitlab-org/maintainers/rails-backend *.rake @gitlab-org/maintainers/rails-backend -[Frontend] +^[Frontend] *.scss @annabeldunstone @gitlab-org/maintainers/frontend *.js @gitlab-org/maintainers/frontend /app/assets/ @gitlab-org/maintainers/frontend @@ -16,7 +16,7 @@ /spec/frontend_integration/ @gitlab-org/maintainers/frontend /ee/spec/frontend_integration/ @gitlab-org/maintainers/frontend -[Database] +^[Database] /db/ @gitlab-org/maintainers/database /ee/db/ @gitlab-org/maintainers/database /lib/gitlab/background_migration/ @gitlab-org/maintainers/database @@ -28,7 +28,7 @@ /ee/app/finders/ @gitlab-org/maintainers/database /rubocop/rubocop-migrations.yml @gitlab-org/maintainers/database -[Engineering Productivity] +^[Engineering Productivity] /.gitlab-ci.yml @gl-quality/eng-prod /.gitlab/ci/ @gl-quality/eng-prod /.gitlab/ci/docs.gitlab-ci.yml @gl-quality/eng-prod @gl-docsteam @@ -43,33 +43,33 @@ Dangerfile @gl-quality/eng-prod /scripts/review_apps/seed-dast-test-data.sh @dappelt @ngeorge1 @gl-quality/eng-prod .editorconfig @gl-quality/eng-prod -[Backend Static Code Analysis] +^[Backend Static Code Analysis] .rubocop*.yml @dstull @splattael @gl-quality/eng-prod .rubocop_todo.yml @dstull @splattael @gl-quality/eng-prod .rubocop_todo/ @dstull @splattael @gl-quality/eng-prod /rubocop/ @dstull @splattael @gl-quality/eng-prod /spec/rubocop/ @dstull @splattael @gl-quality/eng-prod -[End-to-end] +^[End-to-end] /qa/ @gl-quality -[LDAP] +^[LDAP] /ee/lib/ee/gitlab/auth/ldap/ @dblessing @mkozono /lib/gitlab/auth/ldap/ @dblessing @mkozono -[Templates] +^[Templates] /lib/gitlab/ci/templates/ @gitlab-org/maintainers/cicd-templates /lib/gitlab/ci/templates/Auto-DevOps.gitlab-ci.yml @DylanGriffith @mayra-cabrera @tkuah /lib/gitlab/ci/templates/Security/ @gonzoyumo @twoodham @sethgitlab @thiagocsf /lib/gitlab/ci/templates/Security/Container-Scanning.*.yml @gitlab-org/protect/container-security-backend -[Project Alias] +^[Project Alias] /ee/app/models/project_alias.rb @patrickbajao /ee/lib/api/project_aliases.rb @patrickbajao # Secure & Threat Management ownership delineation # https://about.gitlab.com/handbook/engineering/development/threat-management/delineate-secure-threat-management.html#technical-boundaries -[Threat Insights] +^[Threat Insights] /app/finders/security/ @gitlab-org/secure/threat-insights-backend-team /app/models/vulnerability.rb @gitlab-org/secure/threat-insights-backend-team /ee/app/finders/security/ @gitlab-org/secure/threat-insights-backend-team @@ -83,7 +83,7 @@ Dangerfile @gl-quality/eng-prod /ee/spec/policies/vulnerability*.rb @gitlab-org/secure/threat-insights-backend-team /ee/spec/presenters/projects/security/ @gitlab-org/secure/threat-insights-backend-team -[Secure] +^[Secure] /ee/lib/gitlab/ci/parsers/license_compliance/ @gitlab-org/secure/composition-analysis-be /ee/lib/gitlab/ci/parsers/security/ @gitlab-org/secure/composition-analysis-be @gitlab-org/secure/dynamic-analysis-be @gitlab-org/secure/static-analysis-be @gitlab-org/secure/fuzzing-be /ee/lib/gitlab/ci/reports/coverage_fuzzing/ @gitlab-org/secure/fuzzing-be @@ -92,7 +92,7 @@ Dangerfile @gl-quality/eng-prod /ee/lib/gitlab/ci/reports/security/ @gitlab-org/secure/composition-analysis-be @gitlab-org/secure/dynamic-analysis-be @gitlab-org/secure/static-analysis-be @gitlab-org/secure/fuzzing-be /ee/app/services/app_sec/dast/ @gitlab-org/secure/dynamic-analysis-be -[Container Security] +^[Container Security] /ee/app/views/projects/threat_monitoring/** @gitlab-org/protect/container-security-frontend /ee/app/views/projects/security/policies/** @gitlab-org/protect/container-security-frontend /ee/spec/views/projects/security/policies/** @gitlab-org/protect/container-security-frontend @@ -127,13 +127,13 @@ Dangerfile @gl-quality/eng-prod /ee/lib/gitlab/usage_data_counters/network_policy_counter.rb @gitlab-org/protect/container-security-backend /ee/spec/lib/gitlab/usage_data_counters/network_policy_counter_spec.rb @gitlab-org/protect/container-security-backend -[Code Owners] +^[Code Owners] /ee/lib/gitlab/code_owners.rb @reprazent @kerrizor @garyh /ee/lib/gitlab/code_owners/ @reprazent @kerrizor @garyh /ee/spec/lib/gitlab/code_owners/ @reprazent @kerrizor @garyh /doc/user/project/code_owners.md @reprazent @kerrizor @garyh -[Merge Requests] +^[Merge Requests] /app/controllers/projects/merge_requests/ @garyh @patrickbajao @marc_shaw @kerrizor /app/models/merge_request.rb @dskim_gitlab @garyh @patrickbajao @marc_shaw @kerrizor /app/services/merge_requests/ @dskim_gitlab @garyh @patrickbajao @marc_shaw @kerrizor @@ -164,14 +164,13 @@ Dangerfile @gl-quality/eng-prod /spec/frontend/diffs/ @viktomas @jboyson @iamphill @thomasrandolph /spec/frontend/batch_comments/ @viktomas @jboyson @iamphill @thomasrandolph - -[Product Intelligence] +^[Product Intelligence] /ee/lib/gitlab/usage_data_counters/ @gitlab-org/growth/product-intelligence/engineers /ee/lib/ee/gitlab/usage_data.rb @gitlab-org/growth/product-intelligence/engineers /lib/gitlab/usage_data.rb @gitlab-org/growth/product_intelligence/engineers /lib/gitlab/usage_data_counters/ @gitlab-org/growth/product-intelligence/engineers -[Growth Experiments] +^[Growth Experiments] /app/experiments/ @gitlab-org/growth/experiment-devs /app/models/experiment.rb @gitlab-org/growth/experiment-devs /app/models/experiment_subject.rb @gitlab-org/growth/experiment-devs @@ -186,16 +185,16 @@ Dangerfile @gl-quality/eng-prod /lib/gitlab/experimentation_logger.rb @gitlab-org/growth/experiment-devs /ee/spec/requests/api/experiments_spec.rb @gitlab-org/growth/experiment-devs -[Legal] +^[Legal] /config/dependency_decisions.yml @gitlab-org/legal-reviewers -[Workhorse] +^[Workhorse] /workhorse/ @jacobvosmaer-gitlab @nick.thomas @nolith @patrickbajao -[Application Security] +^[Application Security] /lib/gitlab/content_security_policy/ @gitlab-com/gl-security/appsec -[Gitaly] +^[Gitaly] lib/gitlab/git_access.rb @proglottis @toon @zj-gitlab lib/gitlab/git_access_*.rb @proglottis @toon @zj-gitlab ee/lib/ee/gitlab/git_access.rb @proglottis @toon @zj-gitlab @@ -203,32 +202,21 @@ ee/lib/ee/gitlab/git_access_*.rb @proglottis @toon @zj-gitlab ee/lib/ee/gitlab/checks/** @proglottis @toon @zj-gitlab lib/gitlab/checks/** @proglottis @toon @zj-gitlab -[Documentation Directories] -.markdownlint.yml @marcel.amirault @eread @aqualls @cnorris -/doc/.markdownlint @marcel.amirault @eread @aqualls @cnorris +^[Documentation Directories] +.markdownlint.yml @marcel.amirault @eread @aqualls @dianalogan +/doc/.markdownlint @marcel.amirault @eread @aqualls @dianalogan /doc/ @gl-docsteam -/doc/.vale/ @marcel.amirault @eread @aqualls @cnorris +/doc/.vale/ @marcel.amirault @eread @aqualls @dianalogan -[Documentation Pages] -/doc/administration/application_settings_cache.md @marcel.amirault +^[Documentation Pages] +/doc/administration/application_settings_cache.md @marcia /doc/administration/audit_event_streaming.md @eread /doc/administration/audit_events.md @eread /doc/administration/audit_reports.md @eread -/doc/administration/auditor_users.md @axil -/doc/administration/auth/atlassian.md @eread -/doc/administration/auth/authentiq.md @eread -/doc/administration/auth/cognito.md @eread -/doc/administration/auth/crowd.md @eread -/doc/administration/auth/index.md @eread -/doc/administration/auth/ldap/google_secure_ldap.md @eread -/doc/administration/auth/jwt.md @eread -/doc/administration/auth/ldap/ldap-troubleshooting.md @eread -/doc/administration/auth/ldap/ldap_synchronization.md @eread -/doc/administration/auth/ldap/index.md @eread -/doc/administration/auth/oidc.md @eread -/doc/administration/auth/smartcard.md @eread +/doc/administration/auditor_users.md @eread +/doc/administration/auth/ @eread /doc/administration/cicd.md @marcel.amirault -/doc/administration/clusters/kas.md @sselhorn +/doc/administration/clusters/kas.md @marcia /doc/administration/compliance.md @eread /doc/administration/configure.md @axil /doc/administration/consul.md @axil @@ -252,27 +240,27 @@ lib/gitlab/checks/** @proglottis @toon @zj-gitlab /doc/administration/integration/terminal.md @kpaizee /doc/administration/invalidate_markdown_cache.md @msedlakjakubowski /doc/administration/issue_closing_pattern.md @aqualls -/doc/administration/job_artifacts.md @eread +/doc/administration/job_artifacts.md @marcel.amirault /doc/administration/job_logs.md @sselhorn /doc/administration/lfs/index.md @aqualls /doc/administration/libravatar.md @axil /doc/administration/load_balancer.md @axil -/doc/administration/logs.md @ngaskill +/doc/administration/logs.md @msedlakjakubowski /doc/administration/maintenance_mode/index.md @axil /doc/administration/merge_request_diffs.md @aqualls -/doc/administration/monitoring/ @ngaskill +/doc/administration/monitoring/ @msedlakjakubowski /doc/administration/monitoring/prometheus/index.md @axil /doc/administration/nfs.md @axil /doc/administration/object_storage.md @axil /doc/administration/operations/ @axil /doc/administration/operations/moving_repositories.md @eread -/doc/administration/operations/sidekiq_memory_killer.md @marcel.amirault +/doc/administration/operations/sidekiq_memory_killer.md @marcia /doc/administration/package_information/ @axil -/doc/administration/packages/ @ngaskill -/doc/administration/pages/index.md @rdickenson -/doc/administration/pages/source.md @rdickenson +/doc/administration/packages/ @claytoncornell +/doc/administration/pages/index.md @aqualls +/doc/administration/pages/source.md @aqualls /doc/administration/polling.md @axil -/doc/administration/postgresql/ @aqualls +/doc/administration/postgresql/ @marcia /doc/administration/pseudonymizer.md @axil /doc/administration/raketasks/ @axil /doc/administration/raketasks/praefect.md @eread @@ -291,17 +279,19 @@ lib/gitlab/checks/** @proglottis @toon @zj-gitlab /doc/administration/smime_signing_email.md @axil /doc/administration/snippets/index.md @aqualls /doc/administration/static_objects_external_storage.md @aqualls -/doc/administration/terraform_state.md @sselhorn +/doc/administration/system_hooks.md @kpaizee +/doc/administration/terraform_state.md @marcia /doc/administration/timezone.md @axil /doc/administration/troubleshooting/ @axil /doc/administration/troubleshooting/elasticsearch.md @rdickenson -/doc/administration/troubleshooting/postgresql.md @aqualls +/doc/administration/troubleshooting/postgresql.md @marcia /doc/administration/uploads.md @axil /doc/administration/user_settings.md @eread /doc/administration/whats-new.md @kpaizee /doc/administration/wikis/index.md @aqualls /doc/api/access_requests.md @eread /doc/api/admin_sidekiq_queues.md @axil +/doc/api/alert_management_alerts.md @msedlakjakubowski /doc/api/api_resources.md @kpaizee /doc/api/appearance.md @eread /doc/api/applications.md @eread @@ -311,12 +301,13 @@ lib/gitlab/checks/** @proglottis @toon @zj-gitlab /doc/api/boards.md @msedlakjakubowski /doc/api/branches.md @aqualls /doc/api/broadcast_messages.md @kpaizee -/doc/api/bulk_imports.md @ngaskill +/doc/api/bulk_imports.md @eread +/doc/api/cluster_agents.md @marcia /doc/api/commits.md @aqualls -/doc/api/container_registry.md @ngaskill +/doc/api/container_registry.md @claytoncornell /doc/api/custom_attributes.md @kpaizee /doc/api/dependencies.md @rdickenson -/doc/api/dependency_proxy.md @ngaskill +/doc/api/dependency_proxy.md @claytoncornell /doc/api/deploy_keys.md @rdickenson /doc/api/deploy_tokens.md @rdickenson /doc/api/deployments.md @rdickenson @@ -327,12 +318,11 @@ lib/gitlab/checks/** @proglottis @toon @zj-gitlab /doc/api/epic_issues.md @msedlakjakubowski /doc/api/epic_links.md @msedlakjakubowski /doc/api/epics.md @msedlakjakubowski -/doc/api/error_tracking.md @ngaskill +/doc/api/error_tracking.md @msedlakjakubowski /doc/api/events.md @eread /doc/api/experiments.md @kpaizee /doc/api/feature_flag_specs.md @rdickenson /doc/api/feature_flag_user_lists.md @rdickenson -/doc/api/feature_flags_legacy.md @rdickenson /doc/api/feature_flags.md @rdickenson /doc/api/features.md @rdickenson /doc/api/freeze_periods.md @rdickenson @@ -340,23 +330,25 @@ lib/gitlab/checks/** @proglottis @toon @zj-gitlab /doc/api/graphql/ @kpaizee /doc/api/graphql/custom_emoji.md @msedlakjakubowski /doc/api/graphql/sample_issue_boards.md @msedlakjakubowski +/doc/api/group_access_tokens.md @eread /doc/api/group_activity_analytics.md @fneill -/doc/api/group_badges.md @eread +/doc/api/group_badges.md @fneill /doc/api/group_boards.md @msedlakjakubowski -/doc/api/group_clusters.md @sselhorn -/doc/api/group_import_export.md @ngaskill +/doc/api/group_clusters.md @marcia +/doc/api/group_import_export.md @eread /doc/api/group_iterations.md @msedlakjakubowski /doc/api/group_labels.md @msedlakjakubowski /doc/api/group_level_variables.md @marcel.amirault /doc/api/group_milestones.md @msedlakjakubowski /doc/api/group_protected_environments.md @rdickenson -/doc/api/group_relations_export.md @ngaskill +/doc/api/group_relations_export.md @eread +/doc/api/group_releases.md @rdickenson /doc/api/group_repository_storage_moves.md @aqualls /doc/api/group_wikis.md @aqualls -/doc/api/groups.md @eread -/doc/api/import.md @ngaskill +/doc/api/groups.md @fneill +/doc/api/import.md @eread /doc/api/index.md @kpaizee -/doc/api/instance_clusters.md @sselhorn +/doc/api/instance_clusters.md @marcia /doc/api/instance_level_ci_variables.md @marcel.amirault /doc/api/integrations.md @kpaizee /doc/api/invitations.md @kpaizee @@ -364,11 +356,12 @@ lib/gitlab/checks/** @proglottis @toon @zj-gitlab /doc/api/issues_statistics.md @msedlakjakubowski /doc/api/issues.md @msedlakjakubowski /doc/api/iterations.md @msedlakjakubowski -/doc/api/job_artifacts.md @eread +/doc/api/job_artifacts.md @marcel.amirault /doc/api/jobs.md @marcel.amirault /doc/api/keys.md @aqualls /doc/api/labels.md @msedlakjakubowski /doc/api/license.md @kpaizee +/doc/api/linked_epics.md @msedlakjakubowski /doc/api/lint.md @marcel.amirault /doc/api/managed_licenses.md @kpaizee /doc/api/markdown.md @aqualls @@ -377,29 +370,30 @@ lib/gitlab/checks/** @proglottis @toon @zj-gitlab /doc/api/merge_request_context_commits.md @aqualls /doc/api/merge_requests.md @aqualls /doc/api/merge_trains.md @marcel.amirault -/doc/api/metrics_dashboard_annotations.md @ngaskill -/doc/api/metrics_user_starred_dashboards.md @ngaskill +/doc/api/metrics_dashboard_annotations.md @msedlakjakubowski +/doc/api/metrics_user_starred_dashboards.md @msedlakjakubowski /doc/api/milestones.md @msedlakjakubowski /doc/api/namespaces.md @eread /doc/api/notes.md @msedlakjakubowski /doc/api/notification_settings.md @msedlakjakubowski /doc/api/oauth2.md @eread /doc/api/openapi/openapi_interactive.md @kpaizee -/doc/api/packages.md @ngaskill -/doc/api/packages/ @ngaskill -/doc/api/pages_domains.md @rdickenson -/doc/api/pages.md @rdickenson +/doc/api/packages.md @claytoncornell +/doc/api/packages/ @claytoncornell +/doc/api/pages_domains.md @aqualls +/doc/api/pages.md @aqualls /doc/api/personal_access_tokens.md @eread /doc/api/pipeline_schedules.md @marcel.amirault /doc/api/pipeline_triggers.md @marcel.amirault /doc/api/pipelines.md @marcel.amirault /doc/api/plan_limits.md @eread +/doc/api/project_access_tokens.md @eread /doc/api/project_aliases.md @aqualls /doc/api/project_badges.md @aqualls -/doc/api/project_clusters.md @sselhorn +/doc/api/project_clusters.md @marcia /doc/api/project_import_export.md @aqualls /doc/api/project_level_variables.md @marcel.amirault -/doc/api/project_relations_export.md @ngaskill +/doc/api/project_relations_export.md @eread /doc/api/project_repository_storage_moves.md @eread /doc/api/project_snippets.md @aqualls /doc/api/project_statistics.md @aqualls @@ -440,19 +434,19 @@ lib/gitlab/checks/** @proglottis @toon @zj-gitlab /doc/api/templates/licenses.md @rdickenson /doc/api/todos.md @msedlakjakubowski /doc/api/topics.md @fneill -/doc/api/usage_data.md @fneill +/doc/api/usage_data.md @claytoncornell /doc/api/users.md @eread /doc/api/version.md @kpaizee -/doc/api/visual_review_discussions.md @eread -/doc/api/vulnerabilities.md @fneill -/doc/api/vulnerability_exports.md @fneill -/doc/api/vulnerability_findings.md @fneill +/doc/api/visual_review_discussions.md @marcel.amirault +/doc/api/vulnerabilities.md @claytoncornell +/doc/api/vulnerability_exports.md @claytoncornell +/doc/api/vulnerability_findings.md @claytoncornell /doc/api/wikis.md @aqualls -/doc/architecture/blueprints/container_registry_metadata_database/index.md @ngaskill -/doc/architecture/blueprints/database/scalability/patterns/ @aqualls -/doc/architecture/blueprints/gitlab_to_kubernetes_communication/index.md @sselhorn +/doc/architecture/blueprints/container_registry_metadata_database/index.md @claytoncornell +/doc/architecture/blueprints/database/scalability/patterns/ @marcia +/doc/architecture/blueprints/gitlab_to_kubernetes_communication/index.md @marcia /doc/ci/caching/index.md @marcel.amirault -/doc/ci/chatops/index.md @sselhorn +/doc/ci/chatops/index.md @marcia /doc/ci/ci_cd_for_external_repos/ @marcel.amirault /doc/ci/cloud_deployment/ecs/quick_start_guide.md @rdickenson /doc/ci/cloud_deployment/index.md @rdickenson @@ -467,11 +461,11 @@ lib/gitlab/checks/** @proglottis @toon @zj-gitlab /doc/ci/examples/authenticating-with-hashicorp-vault/index.md @marcel.amirault /doc/ci/examples/deployment/composer-npm-deploy.md @rdickenson /doc/ci/examples/deployment/index.md @rdickenson -/doc/ci/examples/end_to_end_testing_webdriverio/index.md @eread +/doc/ci/examples/end_to_end_testing_webdriverio/index.md @marcel.amirault /doc/ci/examples/index.md @marcel.amirault /doc/ci/examples/laravel_with_gitlab_and_envoy/index.md @marcel.amirault /doc/ci/examples/php.md @marcel.amirault -/doc/ci/examples/semantic-release.md @ngaskill +/doc/ci/examples/semantic-release.md @claytoncornell /doc/ci/git_submodules.md @marcel.amirault /doc/ci/index.md @marcel.amirault /doc/ci/interactive_web_terminal/index.md @sselhorn @@ -481,16 +475,14 @@ lib/gitlab/checks/** @proglottis @toon @zj-gitlab /doc/ci/jobs/job_control.md @marcel.amirault /doc/ci/large_repositories/index.md @sselhorn /doc/ci/lint.md @marcel.amirault -/doc/ci/metrics_reports.md @eread +/doc/ci/metrics_reports.md @marcel.amirault /doc/ci/migration/circleci.md @marcel.amirault /doc/ci/migration/jenkins.md @marcel.amirault /doc/ci/pipeline_editor/index.md @marcel.amirault /doc/ci/pipelines/ @marcel.amirault -/doc/ci/pipelines/job_artifacts.md @eread -/doc/ci/pipelines/pipeline_artifacts.md @eread /doc/ci/quick_start/index.md @marcel.amirault /doc/ci/resource_groups/index.md @rdickenson -/doc/ci/review_apps/index.md @eread +/doc/ci/review_apps/index.md @marcel.amirault /doc/ci/runners/ @sselhorn /doc/ci/secrets/index.md @marcel.amirault /doc/ci/services/ @sselhorn @@ -498,101 +490,123 @@ lib/gitlab/checks/** @proglottis @toon @zj-gitlab /doc/ci/test_cases/index.md @msedlakjakubowski /doc/ci/triggers/index.md @marcel.amirault /doc/ci/troubleshooting.md @marcel.amirault -/doc/ci/unit_test_reports.md @eread +/doc/ci/unit_test_reports.md @marcel.amirault /doc/ci/variables/ @marcel.amirault /doc/ci/yaml/ @marcel.amirault -/doc/ci/yaml/artifacts_reports.md @eread -/doc/development/adding_database_indexes.md @aqualls +/doc/development/adding_database_indexes.md @marcia /doc/development/application_limits.md @axil /doc/development/approval_rules.md @aqualls /doc/development/audit_event_guide/index.md @eread -/doc/development/auto_devops.md @sselhorn -/doc/development/avoiding_downtime_in_migrations.md @aqualls +/doc/development/auto_devops.md @marcia /doc/development/backend/create_source_code_be/index.md @aqualls +/doc/development/backend/ruby_style_guide.md @marcia +/doc/development/batched_background_migrations.md @marcia /doc/development/build_test_package.md @axil -/doc/development/bulk_import.md @ngaskill +/doc/development/bulk_import.md @eread +/doc/development/cached_queries.md @marcia /doc/development/cascading_settings.md @eread -/doc/development/chatops_on_gitlabcom.md @sselhorn +/doc/development/chatops_on_gitlabcom.md @marcia /doc/development/cicd/cicd_reference_documentation_guide.md @marcel.amirault /doc/development/cicd/index.md @marcel.amirault /doc/development/cicd/schema.md @marcel.amirault /doc/development/cicd/templates.md @marcel.amirault /doc/development/code_intelligence/index.md @aqualls -/doc/development/creating_enums.md @aqualls -/doc/development/database_debugging.md @aqualls -/doc/development/database_query_comments.md @aqualls -/doc/development/database_review.md @aqualls -/doc/development/database/ @aqualls -/doc/development/db_dump.md @aqualls +/doc/development/contributing/ @marcia +/doc/development/contributing/merge_request_workflow.md @aqualls +/doc/development/creating_enums.md @marcia +/doc/development/database_debugging.md @marcia +/doc/development/database_query_comments.md @marcia +/doc/development/database_review.md @marcia +/doc/development/database/ @marcia +/doc/development/database/multiple_databases.md @marcia +/doc/development/db_dump.md @marcia /doc/development/developing_with_solargraph.md @aqualls -/doc/development/distributed_tracing.md @ngaskill +/doc/development/diffs.md @aqualls +/doc/development/distributed_tracing.md @msedlakjakubowski /doc/development/documentation/feature_flags.md @sselhorn /doc/development/documentation/graphql_styleguide.md @sselhorn -/doc/development/documentation/index.md @cnorris -/doc/development/documentation/redirects.md @cnorris -/doc/development/documentation/review_apps.md @cnorris +/doc/development/documentation/index.md @dianalogan +/doc/development/documentation/redirects.md @dianalogan +/doc/development/documentation/review_apps.md @dianalogan /doc/development/documentation/structure.md @sselhorn /doc/development/documentation/styleguide/ @sselhorn -/doc/development/documentation/testing.md @cnorris -/doc/development/elasticsearch.md @rdickenson -/doc/development/experiment_guide/ @kpaizee -/doc/development/export_csv.md @ngaskill +/doc/development/documentation/testing.md @dianalogan +/doc/development/elasticsearch.md @marcia +/doc/development/experiment_guide/gitlab_experiment.md @kpaizee +/doc/development/experiment_guide/index.md @kpaizee +/doc/development/export_csv.md @eread /doc/development/fe_guide/content_editor.md @aqualls +/doc/development/fe_guide/dark_mode.md @marcia +/doc/development/fe_guide/graphql.md @marcia /doc/development/fe_guide/source_editor.md @aqualls +/doc/development/feature_categorization/index.md @marcia +/doc/development/feature_flags/controls.md @marcia +/doc/development/feature_flags/index.md @marcia /doc/development/filtering_by_label.md @msedlakjakubowski -/doc/development/foreign_keys.md @aqualls +/doc/development/foreign_keys.md @marcia /doc/development/geo.md @axil /doc/development/geo/framework.md @axil /doc/development/git_object_deduplication.md @eread /doc/development/gitaly.md @eread /doc/development/graphql_guide/ @kpaizee -/doc/development/graphql_guide/batchloader.md @aqualls -/doc/development/hash_indexes.md @aqualls -/doc/development/i18n/ @ngaskill -/doc/development/image_scaling.md @marcel.amirault -/doc/development/import_export.md @ngaskill -/doc/development/insert_into_tables_in_batches.md @aqualls -/doc/development/integrations/jenkins.md @kpaizee -/doc/development/integrations/jira_connect.md @kpaizee +/doc/development/graphql_guide/batchloader.md @marcia +/doc/development/hash_indexes.md @marcia +/doc/development/i18n/ @eread +/doc/development/image_scaling.md @marcia +/doc/development/import_export.md @eread +/doc/development/index.md @marcia +/doc/development/insert_into_tables_in_batches.md @marcia +/doc/development/integrations/ @kpaizee +/doc/development/integrations/codesandbox.md @marcia /doc/development/integrations/secure_partner_integration.md @rdickenson -/doc/development/integrations/secure.md @ngaskill +/doc/development/integrations/secure.md @claytoncornell /doc/development/internal_api/ @aqualls +/doc/development/internal_users.md @marcia /doc/development/issuable-like-models.md @msedlakjakubowski /doc/development/issue_types.md @msedlakjakubowski -/doc/development/iterating_tables_in_batches.md @aqualls -/doc/development/kubernetes.md @sselhorn +/doc/development/iterating_tables_in_batches.md @marcia +/doc/development/kubernetes.md @marcia /doc/development/lfs.md @aqualls /doc/development/licensed_feature_availability.md @sselhorn +/doc/development/logging.md @msedlakjakubowski /doc/development/maintenance_mode.md @axil /doc/development/new_fe_guide/modules/widget_extensions.md @aqualls +/doc/development/new_fe_guide/tips.md @marcia /doc/development/omnibus.md @axil -/doc/development/ordering_table_columns.md @aqualls -/doc/development/packages.md @ngaskill +/doc/development/ordering_table_columns.md @marcia +/doc/development/packages.md @claytoncornell +/doc/development/permissions.md @eread +/doc/development/policies.md @eread /doc/development/product_qualified_lead_guide/index.md @kpaizee -/doc/development/query_performance.md @aqualls +/doc/development/project_templates.md @fneill +/doc/development/prometheus_metrics.md @msedlakjakubowski +/doc/development/query_performance.md @marcia +/doc/development/query_recorder.md @marcia /doc/development/real_time.md @msedlakjakubowski -/doc/development/serializing_data.md @aqualls -/doc/development/service_ping/ @fneill -/doc/development/snowplow/ @fneill -/doc/development/sql.md @aqualls -/doc/development/swapping_tables.md @aqualls -/doc/development/understanding_explain_plans.md @aqualls +/doc/development/secure_coding_guidelines.md @marcia +/doc/development/serializing_data.md @marcia +/doc/development/service_ping/ @claytoncornell +/doc/development/single_table_inheritance.md @marcia +/doc/development/snowplow/ @claytoncornell +/doc/development/spam_protection_and_captcha/ @eread +/doc/development/sql.md @marcia +/doc/development/swapping_tables.md @marcia +/doc/development/testing_guide/best_practices.md @marcia +/doc/development/testing_guide/end_to_end/best_practices.md @marcia +/doc/development/understanding_explain_plans.md @marcia /doc/development/value_stream_analytics.md @fneill /doc/development/value_stream_analytics/value_stream_analytics_aggregated_backend.md @fneill -/doc/development/verifying_database_capabilities.md @aqualls +/doc/development/verifying_database_capabilities.md @marcia /doc/development/wikis.md @aqualls -/doc/development/work_items.md @msedlakjakubowski /doc/development/work_items_widgets.md @msedlakjakubowski +/doc/development/work_items.md @msedlakjakubowski +/doc/development/workhorse/ @aqualls +/doc/development/workspace/index.md @marcia /doc/downgrade_ee_to_ce/index.md @axil -/doc/gitlab-basics/add-file.md @aqualls -/doc/gitlab-basics/command-line-commands.md @aqualls -/doc/gitlab-basics/create-branch.md @aqualls -/doc/gitlab-basics/feature_branch_workflow.md @aqualls -/doc/gitlab-basics/index.md @aqualls -/doc/gitlab-basics/start-using-git.md @aqualls +/doc/gitlab-basics/ @aqualls /doc/install/ @axil /doc/integration/ @kpaizee -/doc/integration/elasticsearch.md @rdickenson +/doc/integration/elasticsearch.md @marcia /doc/integration/gitpod.md @aqualls /doc/integration/kerberos.md @eread /doc/integration/mattermost/index.md @axil @@ -600,42 +614,40 @@ lib/gitlab/checks/** @proglottis @toon @zj-gitlab /doc/integration/saml.md @eread /doc/integration/security_partners/index.md @rdickenson /doc/integration/sourcegraph.md @aqualls -/doc/integration/vault.md @sselhorn -/doc/operations/ @ngaskill +/doc/integration/vault.md @marcia +/doc/operations/ @msedlakjakubowski /doc/operations/feature_flags.md @rdickenson -/doc/operations/product_analytics.md @fneill +/doc/operations/product_analytics.md @claytoncornell /doc/policy/ @axil -/doc/public_access/public_access.md @fneill /doc/raketasks/ @axil -/doc/raketasks/generate_sample_prometheus_data.md @ngaskill +/doc/raketasks/generate_sample_prometheus_data.md @msedlakjakubowski /doc/raketasks/migrate_snippets.md @aqualls /doc/raketasks/spdx.md @rdickenson /doc/raketasks/x509_signatures.md @aqualls /doc/security/ @eread -/doc/ssh/index.md @eread -/doc/subscriptions/ @fneill -/doc/system_hooks/system_hooks.md @kpaizee +/doc/subscriptions/ @sselhorn /doc/topics/authentication/index.md @eread -/doc/topics/autodevops/ @sselhorn +/doc/topics/autodevops/ @marcia /doc/topics/git/ @aqualls /doc/topics/gitlab_flow.md @aqualls /doc/topics/offline/ @axil /doc/topics/plan_and_track.md @msedlakjakubowski /doc/update/ @axil -/doc/update/mysql_to_postgresql.md @aqualls -/doc/update/upgrading_postgresql_using_slony.md @aqualls +/doc/update/mysql_to_postgresql.md @marcia +/doc/update/upgrading_postgresql_using_slony.md @marcia /doc/user/admin_area/analytics/ @fneill /doc/user/admin_area/broadcast_messages.md @kpaizee /doc/user/admin_area/credentials_inventory.md @eread -/doc/user/admin_area/custom_project_templates.md @ngaskill +/doc/user/admin_area/custom_project_templates.md @eread /doc/user/admin_area/diff_limits.md @aqualls /doc/user/admin_area/geo_nodes.md @axil /doc/user/admin_area/labels.md @msedlakjakubowski +/doc/user/admin_area/license_file.md @sselhorn /doc/user/admin_area/license.md @kpaizee /doc/user/admin_area/merge_requests_approvals.md @aqualls /doc/user/admin_area/moderate_users.md @eread -/doc/user/admin_area/monitoring/background_migrations.md @aqualls -/doc/user/admin_area/monitoring/health_check.md @ngaskill +/doc/user/admin_area/monitoring/background_migrations.md @marcia +/doc/user/admin_area/monitoring/health_check.md @msedlakjakubowski /doc/user/admin_area/reporting/spamcheck.md @axil /doc/user/admin_area/review_abuse_reports.md @eread /doc/user/admin_area/settings/account_and_limit_settings.md @aqualls @@ -646,10 +658,10 @@ lib/gitlab/checks/** @proglottis @toon @zj-gitlab /doc/user/admin_area/settings/files_api_rate_limits.md @aqualls /doc/user/admin_area/settings/git_lfs_rate_limits.md @aqualls /doc/user/admin_area/settings/gitaly_timeouts.md @eread -/doc/user/admin_area/settings/import_export_rate_limits.md @ngaskill +/doc/user/admin_area/settings/import_export_rate_limits.md @eread /doc/user/admin_area/settings/index.md @aqualls /doc/user/admin_area/settings/instance_template_repository.md @aqualls -/doc/user/admin_area/settings/package_registry_rate_limits.md @ngaskill +/doc/user/admin_area/settings/package_registry_rate_limits.md @claytoncornell /doc/user/admin_area/settings/project_integration_management.md @kpaizee /doc/user/admin_area/settings/push_event_activities_limit.md @aqualls /doc/user/admin_area/settings/rate_limit_on_issues_creation.md @msedlakjakubowski @@ -657,66 +669,74 @@ lib/gitlab/checks/** @proglottis @toon @zj-gitlab /doc/user/admin_area/settings/rate_limit_on_users_api.md @eread /doc/user/admin_area/settings/third_party_offers.md @fneill /doc/user/admin_area/settings/visibility_and_access_controls.md @aqualls -/doc/user/analytics/ci_cd_analytics.md @rdickenson /doc/user/analytics/ @fneill +/doc/user/analytics/ci_cd_analytics.md @rdickenson /doc/user/application_security/ @rdickenson -/doc/user/application_security/cluster_image_scanning/index.md @ngaskill -/doc/user/application_security/container_scanning/index.md @ngaskill -/doc/user/application_security/cve_id_request.md @fneill -/doc/user/application_security/policies/ @ngaskill -/doc/user/application_security/security_dashboard/index.md @fneill -/doc/user/application_security/threat_monitoring/index.md @ngaskill -/doc/user/application_security/vulnerabilities/ @fneill -/doc/user/application_security/vulnerability_report/index.md @fneill +/doc/user/application_security/cluster_image_scanning/index.md @claytoncornell +/doc/user/application_security/container_scanning/index.md @claytoncornell +/doc/user/application_security/coverage_fuzzing/index.md @rdickenson +/doc/user/application_security/cve_id_request.md @claytoncornell +/doc/user/application_security/policies/ @claytoncornell +/doc/user/application_security/security_dashboard/index.md @claytoncornell +/doc/user/application_security/threat_monitoring/index.md @claytoncornell +/doc/user/application_security/vulnerabilities/index.md @claytoncornell +/doc/user/application_security/vulnerabilities/severities.md @claytoncornell +/doc/user/application_security/vulnerability_report/index.md @claytoncornell /doc/user/asciidoc.md @aqualls /doc/user/award_emojis.md @msedlakjakubowski -/doc/user/clusters/ @sselhorn +/doc/user/clusters/ @marcia /doc/user/compliance/compliance_report/index.md @eread /doc/user/compliance/index.md @eread /doc/user/compliance/license_compliance/index.md @rdickenson /doc/user/crm/index.md @msedlakjakubowski /doc/user/discussions/index.md @aqualls -/doc/user/group/clusters/index.md @sselhorn +/doc/user/feature_flags.md @marcia +/doc/user/group/clusters/index.md @marcia /doc/user/group/contribution_analytics/index.md @fneill -/doc/user/group/custom_project_templates.md @ngaskill +/doc/user/group/custom_project_templates.md @eread /doc/user/group/devops_adoption/index.md @fneill /doc/user/group/epics/epic_boards.md @msedlakjakubowski /doc/user/group/epics/index.md @msedlakjakubowski +/doc/user/group/epics/linked_epics.md @msedlakjakubowski /doc/user/group/epics/manage_epics.md @msedlakjakubowski -/doc/user/group/import/index.md @ngaskill -/doc/user/group/index.md @eread +/doc/user/group/import/index.md @eread +/doc/user/group/index.md @fneill /doc/user/group/insights/index.md @fneill /doc/user/group/issues_analytics/index.md @msedlakjakubowski /doc/user/group/iterations/index.md @msedlakjakubowski /doc/user/group/planning_hierarchy/index.md @msedlakjakubowski -/doc/user/group/repositories_analytics/index.md @eread +/doc/user/group/repositories_analytics/index.md @marcel.amirault /doc/user/group/roadmap/index.md @msedlakjakubowski /doc/user/group/saml_sso/group_managed_accounts.md @eread /doc/user/group/saml_sso/index.md @eread /doc/user/group/saml_sso/scim_setup.md @eread -/doc/user/group/settings/import_export.md @ngaskill -/doc/user/group/subgroups/index.md @eread +/doc/user/group/settings/group_access_tokens.md @eread +/doc/user/group/settings/import_export.md @eread +/doc/user/group/subgroups/index.md @fneill /doc/user/group/value_stream_analytics/index.md @fneill -/doc/user/infrastructure/clusters/ @sselhorn -/doc/user/infrastructure/clusters/manage/management_project_applications/apparmor.md @ngaskill -/doc/user/infrastructure/clusters/manage/management_project_applications/cilium.md @ngaskill -/doc/user/infrastructure/clusters/manage/management_project_applications/elasticstack.md @ngaskill -/doc/user/infrastructure/clusters/manage/management_project_applications/falco.md @ngaskill -/doc/user/infrastructure/clusters/manage/management_project_applications/fluentd.md @ngaskill -/doc/user/infrastructure/iac/ @sselhorn -/doc/user/infrastructure/index.md @ssehorn +/doc/user/infrastructure/clusters/ @marcia +/doc/user/infrastructure/clusters/manage/management_project_applications/apparmor.md @claytoncornell +/doc/user/infrastructure/clusters/manage/management_project_applications/cilium.md @claytoncornell +/doc/user/infrastructure/clusters/manage/management_project_applications/elasticstack.md @msedlakjakubowski +/doc/user/infrastructure/clusters/manage/management_project_applications/falco.md @claytoncornell +/doc/user/infrastructure/clusters/manage/management_project_applications/fluentd.md @claytoncornell +/doc/user/infrastructure/clusters/manage/management_project_applications/prometheus.md @msedlakjakubowski +/doc/user/infrastructure/clusters/manage/management_project_applications/runner.md @marcia +/doc/user/infrastructure/clusters/manage/management_project_applications/sentry.md @msedlakjakubowski +/doc/user/infrastructure/iac/ @marcia +/doc/user/infrastructure/index.md @marcia /doc/user/markdown.md @aqualls -/doc/user/packages/ @ngaskill -/doc/user/packages/infrastructure_registry/index.md @sselhorn -/doc/user/packages/terraform_module_registry/index.md @sselhorn +/doc/user/packages/ @claytoncornell +/doc/user/packages/infrastructure_registry/index.md @marcia +/doc/user/packages/terraform_module_registry/index.md @marcia /doc/user/permissions.md @eread /doc/user/profile/ @eread /doc/user/profile/notifications.md @msedlakjakubowski /doc/user/project/autocomplete_characters.md @aqualls /doc/user/project/badges.md @aqualls -/doc/user/project/clusters/ @sselhorn -/doc/user/project/clusters/kubernetes_pod_logs.md @ngaskill -/doc/user/project/clusters/protect/ @ngaskill +/doc/user/project/clusters/ @marcia +/doc/user/project/clusters/kubernetes_pod_logs.md @msedlakjakubowski +/doc/user/project/clusters/protect/ @claytoncornell /doc/user/project/code_intelligence.md @aqualls /doc/user/project/code_owners.md @aqualls /doc/user/project/deploy_boards.md @rdickenson @@ -726,32 +746,31 @@ lib/gitlab/checks/** @proglottis @toon @zj-gitlab /doc/user/project/file_lock.md @aqualls /doc/user/project/git_attributes.md @aqualls /doc/user/project/highlighting.md @aqualls -/doc/user/project/import/ @ngaskill +/doc/user/project/import/ @eread /doc/user/project/import/jira.md @msedlakjakubowski /doc/user/project/index.md @fneill /doc/user/project/integrations/ @kpaizee -/doc/user/project/integrations/prometheus_library/ @ngaskill -/doc/user/project/integrations/prometheus.md @ngaskill +/doc/user/project/integrations/prometheus_library/ @msedlakjakubowski +/doc/user/project/integrations/prometheus.md @msedlakjakubowski /doc/user/project/issue_board.md @msedlakjakubowski /doc/user/project/issues/ @msedlakjakubowski +/doc/user/project/issues/csv_import.md @eread /doc/user/project/labels.md @msedlakjakubowski -/doc/user/project/members/index.md @eread +/doc/user/project/members/index.md @fneill /doc/user/project/members/share_project_with_groups.md @fneill /doc/user/project/merge_requests/ @aqualls -/doc/user/project/merge_requests/accessibility_testing.md @eread -/doc/user/project/merge_requests/browser_performance_testing.md @eread +/doc/user/project/merge_requests/accessibility_testing.md @marcel.amirault +/doc/user/project/merge_requests/browser_performance_testing.md @marcel.amirault /doc/user/project/merge_requests/code_quality.md @rdickenson /doc/user/project/merge_requests/csv_export.md @eread -/doc/user/project/merge_requests/fail_fast_testing.md @eread -/doc/user/project/merge_requests/load_performance_testing.md @eread +/doc/user/project/merge_requests/fail_fast_testing.md @marcel.amirault +/doc/user/project/merge_requests/load_performance_testing.md @marcel.amirault +/doc/user/project/merge_requests/reviews/index.md @aqualls /doc/user/project/merge_requests/status_checks.md @eread -/doc/user/project/merge_requests/test_coverage_visualization.md @eread -/doc/user/project/merge_requests/testing_and_reports_in_merge_requests.md @eread +/doc/user/project/merge_requests/test_coverage_visualization.md @marcel.amirault +/doc/user/project/merge_requests/testing_and_reports_in_merge_requests.md @marcel.amirault /doc/user/project/milestones/ @msedlakjakubowski -/doc/user/project/pages/ @rdickenson -/doc/user/project/protected_branches.md @aqualls -/doc/user/project/protected_tags.md @aqualls -/doc/user/project/push_options.md @aqualls +/doc/user/project/pages/ @aqualls /doc/user/project/quick_actions.md @msedlakjakubowski /doc/user/project/releases/index.md @rdickenson /doc/user/project/releases/release_cli.md @rdickenson @@ -759,7 +778,7 @@ lib/gitlab/checks/** @proglottis @toon @zj-gitlab /doc/user/project/repository/reducing_the_repo_size_using_git.md @eread /doc/user/project/requirements/index.md @msedlakjakubowski /doc/user/project/service_desk.md @msedlakjakubowski -/doc/user/project/settings/import_export.md @ngaskill +/doc/user/project/settings/import_export.md @eread /doc/user/project/settings/index.md @fneill /doc/user/project/settings/project_access_tokens.md @eread /doc/user/project/static_site_editor/index.md @aqualls @@ -768,12 +787,42 @@ lib/gitlab/checks/** @proglottis @toon @zj-gitlab /doc/user/project/wiki/group.md @aqualls /doc/user/project/wiki/index.md @aqualls /doc/user/project/working_with_projects.md @fneill +/doc/user/public_access.md @fneill /doc/user/reserved_names.md @fneill -/doc/user/search/advanced_search.md @rdickenson +/doc/user/search/advanced_search.md @marcia /doc/user/search/index.md @aqualls /doc/user/shortcuts.md @aqualls /doc/user/snippets.md @aqualls +/doc/user/ssh.md @eread /doc/user/tasks.md @msedlakjakubowski /doc/user/todos.md @msedlakjakubowski -/doc/user/usage_quotas.md @fneill +/doc/user/usage_quotas.md @sselhorn /doc/user/workspace/index.md @fneill + +[Authentication and Authorization] +/app/**/*password* @gitlab-org/manage/authentication-and-authorization +/ee/app/**/*password* @gitlab-org/manage/authentication-and-authorization +/config/**/*password* @gitlab-org/manage/authentication-and-authorization +/ee/config/**/*password* @gitlab-org/manage/authentication-and-authorization +/lib/**/*password* @gitlab-org/manage/authentication-and-authorization +/ee/lib/**/*password* @gitlab-org/manage/authentication-and-authorization +/app/controllers/**/*password* @gitlab-org/manage/authentication-and-authorization +/ee/app/controllers/**/*password* @gitlab-org/manage/authentication-and-authorization + +/app/**/*auth* @gitlab-org/manage/authentication-and-authorization +/ee/app/**/*auth* @gitlab-org/manage/authentication-and-authorization +/config/**/*auth* @gitlab-org/manage/authentication-and-authorization +/ee/config/**/*auth* @gitlab-org/manage/authentication-and-authorization +/lib/**/*auth* @gitlab-org/manage/authentication-and-authorization +/ee/lib/**/*auth* @gitlab-org/manage/authentication-and-authorization +/app/controllers/**/*auth* @gitlab-org/manage/authentication-and-authorization +/ee/app/controllers/**/*auth* @gitlab-org/manage/authentication-and-authorization + +/app/**/*token* @gitlab-org/manage/authentication-and-authorization +/ee/app/**/*token* @gitlab-org/manage/authentication-and-authorization +/config/**/*token* @gitlab-org/manage/authentication-and-authorization +/ee/config/**/*token* @gitlab-org/manage/authentication-and-authorization +/lib/**/*token* @gitlab-org/manage/authentication-and-authorization +/ee/lib/**/*token* @gitlab-org/manage/authentication-and-authorization +/app/controllers/**/*token* @gitlab-org/manage/authentication-and-authorization +/ee/app/controllers/**/*token* @gitlab-org/manage/authentication-and-authorization diff --git a/.gitlab/ci/cng.gitlab-ci.yml b/.gitlab/ci/cng.gitlab-ci.yml deleted file mode 100644 index d720ec5ae45..00000000000 --- a/.gitlab/ci/cng.gitlab-ci.yml +++ /dev/null @@ -1,51 +0,0 @@ -cloud-native-image-env: - extends: - - .default-retry - - .cng:rules - image: ${GITLAB_DEPENDENCY_PROXY}ruby:2.7-alpine3.13 - stage: post-test - before_script: - - source ./scripts/utils.sh - - install_gitlab_gem - script: - - 'ruby -r./scripts/trigger-build.rb -e "puts Trigger.variables_for_env_file(Trigger::CNG.new.variables)" > build.env' - - cat build.env - artifacts: - reports: - dotenv: build.env - paths: - - build.env - expire_in: 7 days - when: always - -cloud-native-image: - extends: .cng:rules - stage: post-test - needs: ["cloud-native-image-env"] - inherit: - variables: false - variables: - TOP_UPSTREAM_SOURCE_PROJECT: "${TOP_UPSTREAM_SOURCE_PROJECT}" - TOP_UPSTREAM_SOURCE_REF: "${TOP_UPSTREAM_SOURCE_REF}" - TOP_UPSTREAM_SOURCE_JOB: "${TOP_UPSTREAM_SOURCE_JOB}" - TOP_UPSTREAM_SOURCE_SHA: "${TOP_UPSTREAM_SOURCE_SHA}" - TOP_UPSTREAM_MERGE_REQUEST_PROJECT_ID: "${TOP_UPSTREAM_MERGE_REQUEST_PROJECT_ID}" - TOP_UPSTREAM_MERGE_REQUEST_IID: "${TOP_UPSTREAM_MERGE_REQUEST_IID}" - GITLAB_REF_SLUG: "${GITLAB_REF_SLUG}" - # CNG pipeline specific variables - GITLAB_VERSION: "${GITLAB_VERSION}" - GITLAB_TAG: "${GITLAB_TAG}" - GITLAB_ASSETS_TAG: "${GITLAB_ASSETS_TAG}" - FORCE_RAILS_IMAGE_BUILDS: "${FORCE_RAILS_IMAGE_BUILDS}" - CE_PIPELINE: "${CE_PIPELINE}" # Based on https://docs.gitlab.com/ee/ci/jobs/job_control.html#check-if-a-variable-exists, `if: '$CE_PIPELINE'` will evaluate to `false` when this variable is empty - EE_PIPELINE: "${EE_PIPELINE}" # Based on https://docs.gitlab.com/ee/ci/jobs/job_control.html#check-if-a-variable-exists, `if: '$EE_PIPELINE'` will evaluate to `false` when this variable is empty - GITLAB_SHELL_VERSION: "${GITLAB_SHELL_VERSION}" - GITLAB_ELASTICSEARCH_INDEXER_VERSION: "${GITLAB_ELASTICSEARCH_INDEXER_VERSION}" - GITLAB_KAS_VERSION: "${GITLAB_KAS_VERSION}" - GITLAB_WORKHORSE_VERSION: "${GITLAB_WORKHORSE_VERSION}" - GITLAB_PAGES_VERSION: "${GITLAB_PAGES_VERSION}" - GITALY_SERVER_VERSION: "${GITALY_SERVER_VERSION}" - trigger: - project: gitlab-org/build/CNG - branch: $TRIGGER_BRANCH - strategy: depend diff --git a/.gitlab/ci/docs.gitlab-ci.yml b/.gitlab/ci/docs.gitlab-ci.yml index 8b7691045cb..217da6506bf 100644 --- a/.gitlab/ci/docs.gitlab-ci.yml +++ b/.gitlab/ci/docs.gitlab-ci.yml @@ -44,7 +44,7 @@ docs-lint markdown: - .default-retry - .docs:rules:docs-lint # When updating the image version here, update it in /scripts/lint-doc.sh too. - image: registry.gitlab.com/gitlab-org/gitlab-docs/lint-markdown:alpine-3.15-vale-2.15.0-markdownlint-0.31.0 + image: registry.gitlab.com/gitlab-org/gitlab-docs/lint-markdown:alpine-3.15-vale-2.15.5-markdownlint-0.31.1 stage: lint needs: [] script: diff --git a/.gitlab/ci/frontend.gitlab-ci.yml b/.gitlab/ci/frontend.gitlab-ci.yml index cb07384676d..6e84d4f3914 100644 --- a/.gitlab/ci/frontend.gitlab-ci.yml +++ b/.gitlab/ci/frontend.gitlab-ci.yml @@ -293,14 +293,14 @@ coverage-frontend: - *yarn-install - run_timed_command "retry yarn run webpack-prod" -qa-frontend-node:12: - extends: .qa-frontend-node - image: ${GITLAB_DEPENDENCY_PROXY}node:12 - qa-frontend-node:14: extends: .qa-frontend-node image: ${GITLAB_DEPENDENCY_PROXY}node:14 +qa-frontend-node:16: + extends: .qa-frontend-node + image: ${GITLAB_DEPENDENCY_PROXY}node:16 + qa-frontend-node:latest: extends: - .qa-frontend-node @@ -335,10 +335,13 @@ bundle-size-review: stage: test needs: ["compile-production-assets"] script: + - source scripts/utils.sh - mkdir -p bundle-size-review - cp webpack-report/index.html bundle-size-review/bundle-report.html - yarn global add https://gitlab.com/gitlab-org/frontend/playground/webpack-memory-metrics.git - - danger --dangerfile=danger/bundle_size/Dangerfile --fail-on-errors=true --verbose --danger_id=bundle-size-review + - | + danger_id=$(echo -n ${DANGER_GITLAB_API_TOKEN} | md5sum | awk '{print $1}' | cut -c5-10) + run_timed_command "danger --dangerfile=danger/Dangerfile-bundle_size --fail-on-errors=true --verbose --danger_id=bundle-size-review-${danger_id}" artifacts: when: always name: bundle-size-review diff --git a/.gitlab/ci/global.gitlab-ci.yml b/.gitlab/ci/global.gitlab-ci.yml index 146a7067acd..4069dfe9a2b 100644 --- a/.gitlab/ci/global.gitlab-ci.yml +++ b/.gitlab/ci/global.gitlab-ci.yml @@ -41,18 +41,19 @@ key: files: - GITALY_SERVER_VERSION + - lib/gitlab/setup_helper.rb prefix: "gitaly-binaries-${DEBIAN-VERSION}" paths: - - tmp/tests/gitaly/_build/bin/ - - tmp/tests/gitaly/_build/deps/git/install/ - - tmp/tests/gitaly/config.toml - - tmp/tests/gitaly/gitaly2.config.toml - - tmp/tests/gitaly/internal/ - - tmp/tests/gitaly/internal_gitaly2/ - - tmp/tests/gitaly/internal_sockets/ - - tmp/tests/gitaly/Makefile - - tmp/tests/gitaly/praefect.config.toml - - tmp/tests/gitaly/ruby/ + - ${TMP_TEST_FOLDER}/gitaly/_build/bin/ + - ${TMP_TEST_FOLDER}/gitaly/_build/deps/git/install/ + - ${TMP_TEST_FOLDER}/gitaly/config.toml + - ${TMP_TEST_FOLDER}/gitaly/gitaly2.config.toml + - ${TMP_TEST_FOLDER}/gitaly/internal/ + - ${TMP_TEST_FOLDER}/gitaly/run/ + - ${TMP_TEST_FOLDER}/gitaly/run2/ + - ${TMP_TEST_FOLDER}/gitaly/Makefile + - ${TMP_TEST_FOLDER}/gitaly/praefect.config.toml + - ${TMP_TEST_FOLDER}/gitaly/ruby/ policy: pull .go-pkg-cache: &go-pkg-cache @@ -213,34 +214,33 @@ - *storybook-node-modules-cache-push .use-pg11: - image: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images:debian-${DEBIAN_VERSION}-ruby-2.7.patched-golang-1.16-git-2.33-lfs-2.9-chrome-97-node-16.14-yarn-1.22-postgresql-11-graphicsmagick-1.3.36 services: - name: postgres:11.6 command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"] - name: redis:5.0-alpine variables: POSTGRES_HOST_AUTH_METHOD: trust + PG_VERSION: "11" .use-pg12: - image: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images:debian-${DEBIAN_VERSION}-ruby-2.7.patched-golang-1.16-git-2.33-lfs-2.9-chrome-97-node-16.14-yarn-1.22-postgresql-12-graphicsmagick-1.3.36 services: - name: postgres:12 command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"] - name: redis:6.0-alpine variables: POSTGRES_HOST_AUTH_METHOD: trust + PG_VERSION: "12" .use-pg13: - image: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images:debian-${DEBIAN_VERSION}-ruby-2.7.patched-golang-1.16-git-2.33-lfs-2.9-chrome-97-node-16.14-yarn-1.22-postgresql-13-graphicsmagick-1.3.36 services: - name: postgres:13 command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"] - name: redis:5.0-alpine variables: POSTGRES_HOST_AUTH_METHOD: trust + PG_VERSION: "13" .use-pg11-ee: - image: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images:debian-${DEBIAN_VERSION}-ruby-2.7.patched-golang-1.16-git-2.33-lfs-2.9-chrome-97-node-16.14-yarn-1.22-postgresql-11-graphicsmagick-1.3.36 services: - name: postgres:11.6 command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"] @@ -249,9 +249,9 @@ command: ["elasticsearch", "-E", "discovery.type=single-node"] variables: POSTGRES_HOST_AUTH_METHOD: trust + PG_VERSION: "11" .use-pg12-ee: - image: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images:debian-${DEBIAN_VERSION}-ruby-2.7.patched-golang-1.16-git-2.33-lfs-2.9-chrome-97-node-16.14-yarn-1.22-postgresql-12-graphicsmagick-1.3.36 services: - name: postgres:12 command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"] @@ -260,9 +260,9 @@ command: ["elasticsearch", "-E", "discovery.type=single-node"] variables: POSTGRES_HOST_AUTH_METHOD: trust + PG_VERSION: "12" .use-pg13-ee: - image: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images:debian-${DEBIAN_VERSION}-ruby-2.7.patched-golang-1.16-git-2.33-lfs-2.9-chrome-97-node-16.14-yarn-1.22-postgresql-13-graphicsmagick-1.3.36 services: - name: postgres:13 command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"] @@ -271,6 +271,7 @@ command: ["elasticsearch", "-E", "discovery.type=single-node"] variables: POSTGRES_HOST_AUTH_METHOD: trust + PG_VERSION: "13" .use-kaniko: image: diff --git a/.gitlab/ci/graphql.gitlab-ci.yml b/.gitlab/ci/graphql.gitlab-ci.yml index 1a05f68b178..c4c4d500fb5 100644 --- a/.gitlab/ci/graphql.gitlab-ci.yml +++ b/.gitlab/ci/graphql.gitlab-ci.yml @@ -11,3 +11,5 @@ graphql-verify: script: - bundle exec rake gitlab:graphql:validate - bundle exec rake gitlab:graphql:check_docs + - bundle exec rake gitlab:graphql:schema:dump + - node scripts/frontend/graphql_possible_types_extraction.js --check diff --git a/.gitlab/ci/qa.gitlab-ci.yml b/.gitlab/ci/qa.gitlab-ci.yml index 77d12a3e848..8881a4c486d 100644 --- a/.gitlab/ci/qa.gitlab-ci.yml +++ b/.gitlab/ci/qa.gitlab-ci.yml @@ -16,14 +16,14 @@ qa:internal: extends: - .qa-job-base - - .qa:rules:ee-and-foss + - .qa:rules:internal script: - - bundle exec rspec + - bundle exec rspec -O .rspec_internal qa:internal-as-if-foss: extends: - qa:internal - - .qa:rules:as-if-foss + - .qa:rules:internal-as-if-foss - .as-if-foss qa:selectors: @@ -33,15 +33,25 @@ qa:selectors: script: - bundle exec bin/qa Test::Sanity::Selectors -qa:auto_quarantine: +qa:master-auto-quarantine-dequarantine: + extends: + - .qa-job-base + rules: + - if: '$QA_TRIGGER_AUTO_QUARANTINE =~ /true|yes|1/i' + script: + - bundle exec confiner -r .confiner/master.yml + allow_failure: true + +qa:nightly-auto-quarantine-dequarantine: extends: - .qa-job-base rules: - if: '$QA_TRIGGER_AUTO_QUARANTINE =~ /true|yes|1/i' script: - - bundle exec confiner -r .confiner/quarantine.yml + - bundle exec confiner -r .confiner/nightly.yml allow_failure: true + qa:selectors-as-if-foss: extends: - qa:selectors diff --git a/.gitlab/ci/rails.gitlab-ci.yml b/.gitlab/ci/rails.gitlab-ci.yml index 1c745e6d986..9ca125a0b2a 100644 --- a/.gitlab/ci/rails.gitlab-ci.yml +++ b/.gitlab/ci/rails.gitlab-ci.yml @@ -24,8 +24,6 @@ .single-db-rspec: extends: .single-db - variables: - GITLAB_USE_MODEL_LOAD_BALANCING: "false" .rspec-base: extends: @@ -208,8 +206,8 @@ setup-test-env: - ${TMP_TEST_FOLDER}/gitaly/config.toml - ${TMP_TEST_FOLDER}/gitaly/gitaly2.config.toml - ${TMP_TEST_FOLDER}/gitaly/internal/ - - ${TMP_TEST_FOLDER}/gitaly/internal_gitaly2/ - - ${TMP_TEST_FOLDER}/gitaly/internal_sockets/ + - ${TMP_TEST_FOLDER}/gitaly/run/ + - ${TMP_TEST_FOLDER}/gitaly/run2/ - ${TMP_TEST_FOLDER}/gitaly/Makefile - ${TMP_TEST_FOLDER}/gitaly/praefect.config.toml - ${TMP_TEST_FOLDER}/gitaly/ruby/ @@ -387,8 +385,6 @@ db:migrate-from-previous-major-version: SETUP_DB: "false" PROJECT_TO_CHECKOUT: "gitlab-foss" TAG_TO_CHECKOUT: "v13.12.9" - # FIXME: make this job work with `GITLAB_USE_MODEL_LOAD_BALANCING: true`, see https://gitlab.com/gitlab-org/gitlab/-/issues/355573 - GITLAB_USE_MODEL_LOAD_BALANCING: "false" before_script: - !reference [.default-before_script, before_script] - '[[ -d "ee/" ]] || export PROJECT_TO_CHECKOUT="gitlab"' diff --git a/.gitlab/ci/reports.gitlab-ci.yml b/.gitlab/ci/reports.gitlab-ci.yml index d040abfe902..3628013fc9b 100644 --- a/.gitlab/ci/reports.gitlab-ci.yml +++ b/.gitlab/ci/reports.gitlab-ci.yml @@ -87,12 +87,6 @@ gemnasium-dependency_scanning: - apk add git-lfs rules: !reference [".reports:rules:gemnasium-dependency_scanning", rules] -bundler-audit-dependency_scanning: - rules: !reference [".reports:rules:bundler-audit-dependency_scanning", rules] - -retire-js-dependency_scanning: - rules: !reference [".reports:rules:retire-js-dependency_scanning", rules] - gemnasium-python-dependency_scanning: rules: !reference [".reports:rules:gemnasium-python-dependency_scanning", rules] diff --git a/.gitlab/ci/review-apps/qa.gitlab-ci.yml b/.gitlab/ci/review-apps/qa.gitlab-ci.yml index a955096992f..d2192a7511a 100644 --- a/.gitlab/ci/review-apps/qa.gitlab-ci.yml +++ b/.gitlab/ci/review-apps/qa.gitlab-ci.yml @@ -1,3 +1,10 @@ +include: + - project: gitlab-org/quality/pipeline-common + ref: 0.3.6 + file: + - /ci/allure-report.yml + - /ci/knapsack-report.yml + .review-qa-base: extends: - .use-docker-in-docker @@ -43,27 +50,13 @@ when: always .allure-report-base: - image: - name: ${GITLAB_DEPENDENCY_PROXY}andrcuns/allure-report-publisher:0.4.2 - entrypoint: [""] + extends: .generate-allure-report-base stage: post-qa variables: - GIT_STRATEGY: none - STORAGE_CREDENTIALS: $QA_ALLURE_REPORT_GCS_CREDENTIALS GITLAB_AUTH_TOKEN: $GITLAB_QA_MR_ALLURE_REPORT_TOKEN ALLURE_PROJECT_PATH: $CI_PROJECT_PATH ALLURE_MERGE_REQUEST_IID: $CI_MERGE_REQUEST_IID - allow_failure: true - script: - - | - allure-report-publisher upload gcs \ - --results-glob="qa/tmp/allure-results/*" \ - --bucket="gitlab-qa-allure-reports" \ - --prefix="$ALLURE_REPORT_PATH_PREFIX/$CI_COMMIT_REF_SLUG" \ - --update-pr="comment" \ - --copy-latest \ - --ignore-missing-results \ - --color + ALLURE_RESULTS_GLOB: qa/tmp/allure-results/* review-qa-smoke: extends: @@ -121,23 +114,19 @@ review-performance: performance: performance.json expire_in: 31d -allure-report-qa-smoke: - extends: - - .allure-report-base - - .review:rules:review-qa-smoke-report - needs: ["review-qa-smoke"] - variables: - ALLURE_REPORT_PATH_PREFIX: gitlab-review-smoke - ALLURE_JOB_NAME: review-qa-smoke - -allure-report-qa-reliable: +# Generate single report for both smoke and reliable test jobs +# Both job types are essentially the same: +# * always executed +# * always blocking +allure-report-qa-blocking: extends: - .allure-report-base - - .review:rules:review-qa-reliable-report - needs: ["review-qa-reliable"] + - .review:rules:review-qa-blocking-report + needs: + - review-qa-smoke + - review-qa-reliable variables: - ALLURE_REPORT_PATH_PREFIX: gitlab-review-reliable - ALLURE_JOB_NAME: review-qa-reliable + ALLURE_JOB_NAME: review-qa-blocking allure-report-qa-all: extends: @@ -145,18 +134,11 @@ allure-report-qa-all: - .review:rules:review-qa-all-report needs: ["review-qa-all"] variables: - ALLURE_REPORT_PATH_PREFIX: gitlab-review-all ALLURE_JOB_NAME: review-qa-all knapsack-report: extends: - - .review:rules:knapsack-report - image: - name: ${QA_IMAGE} - entrypoint: [""] + - .generate-knapsack-report-base stage: post-qa - allow_failure: true - before_script: - - cd qa - script: - - bundle exec rake 'knapsack:upload[tmp/knapsack/*/*.json]' + variables: + QA_KNAPSACK_REPORT_FILE_PATTERN: $CI_PROJECT_DIR/tmp/knapsack/*/*.json diff --git a/.gitlab/ci/review.gitlab-ci.yml b/.gitlab/ci/review.gitlab-ci.yml index b90af076a56..03223e64b23 100644 --- a/.gitlab/ci/review.gitlab-ci.yml +++ b/.gitlab/ci/review.gitlab-ci.yml @@ -1,3 +1,6 @@ +include: + - remote: 'https://gitlab.com/gitlab-org/modelops/applied-ml/review-recommender/ci-templates/-/raw/v0.2.1/recommender/Reviewers.gitlab-ci.yml' + review-cleanup: extends: - .default-retry @@ -55,7 +58,8 @@ danger-review: if [ -z "$DANGER_GITLAB_API_TOKEN" ]; then run_timed_command danger_as_local else - run_timed_command "bundle exec danger --fail-on-errors=true --verbose" + danger_id=$(echo -n ${DANGER_GITLAB_API_TOKEN} | md5sum | awk '{print $1}' | cut -c5-10) + run_timed_command "bundle exec danger --fail-on-errors=true --verbose --danger_id=${danger_id}" fi danger-review-local: @@ -64,3 +68,9 @@ danger-review-local: - .review:rules:danger-local script: - run_timed_command danger_as_local + +reviewers-recommender: + extends: + - .default-retry + stage: test + needs: [] diff --git a/.gitlab/ci/rules.gitlab-ci.yml b/.gitlab/ci/rules.gitlab-ci.yml index 70b532b97f4..142341e5741 100644 --- a/.gitlab/ci/rules.gitlab-ci.yml +++ b/.gitlab/ci/rules.gitlab-ci.yml @@ -13,6 +13,9 @@ .if-jh: &if-jh if: '$CI_PROJECT_PATH =~ /^gitlab-(jh|cn)\/.*/' +.if-force-ci: &if-force-ci + if: '$FORCE_GITLAB_CI' + .if-default-refs: &if-default-refs if: '$CI_COMMIT_REF_NAME == $CI_DEFAULT_BRANCH || $CI_COMMIT_REF_NAME =~ /^[\d-]+-stable(-ee)?$/ || $CI_COMMIT_REF_NAME =~ /^\d+-\d+-auto-deploy-\d+$/ || $CI_COMMIT_REF_NAME =~ /^security\// || $CI_MERGE_REQUEST_IID || $CI_COMMIT_TAG || $FORCE_GITLAB_CI' @@ -70,6 +73,9 @@ .if-merge-request-labels-skip-undercoverage: &if-merge-request-labels-skip-undercoverage if: '$CI_MERGE_REQUEST_LABELS =~ /pipeline:skip-undercoverage/' +.if-merge-request-labels-jh-contribution: &if-merge-request-labels-jh-contribution + if: '$CI_MERGE_REQUEST_LABELS =~ /JiHu contribution/' + .if-security-merge-request: &if-security-merge-request if: '$CI_PROJECT_NAMESPACE == "gitlab-org/security" && $CI_MERGE_REQUEST_IID' @@ -158,6 +164,7 @@ .gitaly-patterns: &gitaly-patterns - "GITALY_SERVER_VERSION" + - "lib/gitlab/setup_helper.rb" .workhorse-patterns: &workhorse-patterns - "GITLAB_WORKHORSE_VERSION" @@ -257,6 +264,8 @@ - ".gitlab/ci/**/*" - "*_VERSION" - "scripts/rspec_helpers.sh" + # Mapped patterns (see tests.yml) + - "data/whats_new/*.yml" # DB patterns + .ci-patterns .db-patterns: &db-patterns @@ -269,7 +278,9 @@ - "lib/gitlab/markdown_cache/active_record/**/*" - "config/prometheus/common_metrics.yml" # Used by Gitlab::DatabaseImporters::CommonMetrics::Importer - "{,ee/,jh/}app/models/project_statistics.rb" # Used to calculate sizes in migration specs - - "GITALY_SERVER_VERSION" # Has interactions with background migrations:https://gitlab.com/gitlab-org/gitlab/-/issues/336538 + # Gitaly has interactions with background migrations: https://gitlab.com/gitlab-org/gitlab/-/issues/336538 + - "GITALY_SERVER_VERSION" + - "lib/gitlab/setup_helper.rb" # CI changes - ".gitlab-ci.yml" - ".gitlab/ci/**/*" @@ -311,10 +322,11 @@ - "config.ru" - "{,ee/,jh/}{app,bin,config,db,generator_templates,haml_lint,lib,locale,public,scripts,symbol,vendor}/**/*" - "doc/api/graphql/reference/*" # Files in this folder are auto-generated - - "data/whats_new/*.yml" # CI changes - ".gitlab-ci.yml" - ".gitlab/ci/**/*" + # Mapped patterns (see tests.yml) + - "data/whats_new/*.yml" # .code-patterns + .backstage-patterns .code-backstage-patterns: &code-backstage-patterns @@ -335,7 +347,6 @@ - "config.ru" - "{,ee/,jh/}{app,bin,config,db,generator_templates,haml_lint,lib,locale,public,scripts,symbol,vendor}/**/*" - "doc/api/graphql/reference/*" # Files in this folder are auto-generated - - "data/whats_new/*.yml" # CI changes - ".gitlab-ci.yml" - ".gitlab/ci/**/*" @@ -346,6 +357,8 @@ - "{,ee/,jh/}rubocop/**/*" - "{,ee/,jh/}spec/**/*" - "{,spec/}tooling/**/*" + # Mapped patterns (see tests.yml) + - "data/whats_new/*.yml" # .code-patterns + .qa-patterns .code-qa-patterns: &code-qa-patterns @@ -366,13 +379,14 @@ - "config.ru" - "{,ee/,jh/}{app,bin,config,db,generator_templates,haml_lint,lib,locale,public,scripts,symbol,vendor}/**/*" - "doc/api/graphql/reference/*" # Files in this folder are auto-generated - - "data/whats_new/*.yml" # CI changes - ".gitlab-ci.yml" - ".gitlab/ci/**/*" # QA changes - ".dockerignore" - "qa/**/*" + # Mapped patterns (see tests.yml) + - "data/whats_new/*.yml" # .code-patterns + .backstage-patterns + .qa-patterns .code-backstage-qa-patterns: &code-backstage-qa-patterns @@ -393,7 +407,6 @@ - "config.ru" - "{,ee/,jh/}{app,bin,config,db,generator_templates,haml_lint,lib,locale,public,scripts,symbol,vendor}/**/*" - "doc/api/graphql/reference/*" # Files in this folder are auto-generated - - "data/whats_new/*.yml" # CI changes - ".gitlab-ci.yml" - ".gitlab/ci/**/*" @@ -407,6 +420,8 @@ # QA changes - ".dockerignore" - "qa/**/*" + # Mapped patterns (see tests.yml) + - "data/whats_new/*.yml" # .code-backstage-qa-patterns + .workhorse-patterns .setup-test-env-patterns: &setup-test-env-patterns @@ -597,6 +612,7 @@ - <<: *if-dot-com-gitlab-org-default-branch changes: *code-qa-patterns - <<: *if-dot-com-gitlab-org-schedule + - <<: *if-force-ci .build-images:rules:build-assets-image: rules: @@ -607,15 +623,6 @@ - changes: *ci-build-images-patterns - changes: *code-qa-patterns -############# -# CNG rules # -############# -.cng:rules: - rules: - - <<: *if-dot-com-gitlab-org-and-security-tag - when: manual - allow_failure: true - ###################### # CI Templates Rules # ###################### @@ -842,6 +849,11 @@ ############ # QA rules # ############ +.qa:rules:internal: + rules: + - <<: *if-default-refs + changes: *qa-patterns + .qa:rules:ee-and-foss: rules: - <<: *if-default-refs @@ -857,6 +869,12 @@ - <<: *if-merge-request changes: *ci-patterns +.qa:rules:internal-as-if-foss: + rules: + - !reference [".strict-ee-only-rules", rules] + - <<: *if-default-refs + changes: *qa-patterns + .qa:rules:package-and-qa: rules: - <<: *if-not-ee @@ -864,6 +882,9 @@ - <<: *if-dot-com-gitlab-org-and-security-merge-request changes: *feature-flag-development-config-patterns when: never + - <<: *if-dot-com-gitlab-org-and-security-merge-request + changes: *nodejs-patterns + allow_failure: true - <<: *if-dot-com-gitlab-org-and-security-merge-request changes: *ci-qa-patterns allow_failure: true @@ -876,6 +897,9 @@ allow_failure: true - <<: *if-dot-com-gitlab-org-schedule allow_failure: true + - <<: *if-force-ci + when: manual + allow_failure: true .qa:rules:package-and-qa:feature-flags: rules: @@ -1352,6 +1376,10 @@ rules: - changes: *code-backstage-qa-patterns +.static-analysis:rules:ee-and-foss-qa: + rules: + - changes: *qa-patterns + .static-analysis:rules:ee: rules: - <<: *if-not-ee @@ -1450,18 +1478,6 @@ when: never - changes: *dependency-patterns -.reports:rules:bundler-audit-dependency_scanning: - rules: - - if: '$DEPENDENCY_SCANNING_DISABLED || $GITLAB_FEATURES !~ /\bdependency_scanning\b/ || $DS_EXCLUDED_ANALYZERS =~ /bundler-audit/ || $DS_DEFAULT_ANALYZERS !~ /bundler-audit/' - when: never - - changes: *bundler-patterns - -.reports:rules:retire-js-dependency_scanning: - rules: - - if: '$DEPENDENCY_SCANNING_DISABLED || $GITLAB_FEATURES !~ /\bdependency_scanning\b/ || $DS_EXCLUDED_ANALYZERS =~ /retire.js/ || $DS_DEFAULT_ANALYZERS !~ /retire.js/' - when: never - - changes: *nodejs-patterns - .reports:rules:gemnasium-python-dependency_scanning: rules: - if: '$DEPENDENCY_SCANNING_DISABLED || $GITLAB_FEATURES !~ /\bdependency_scanning\b/ || $DS_EXCLUDED_ANALYZERS =~ /gemnasium-python/ || $DS_DEFAULT_ANALYZERS !~ /gemnasium-python/' @@ -1565,17 +1581,12 @@ # # See https://gitlab.com/gitlab-org/gitlab/-/merge_requests/76756 -# Since `review-qa-smoke` isn't allowed to fail, we need to use `when: always` for `review-qa-smoke-report`. -.review:rules:review-qa-smoke-report: - rules: - - when: always - .review:rules:review-qa-reliable: rules: - when: on_success # Since `review-qa-reliable` isn't allowed to fail, we need to use `when: always`for `review-qa-reliable-report`. -.review:rules:review-qa-reliable-report: +.review:rules:review-qa-blocking-report: rules: - when: always @@ -1595,19 +1606,10 @@ - when: on_success - when: on_failure -.review:rules:knapsack-report: - rules: - - if: '$KNAPSACK_GENERATE_REPORT == "true"' - when: always - .review:rules:review-cleanup: rules: - <<: *if-not-ee when: never - - <<: *if-dot-com-gitlab-org-merge-request - changes: *code-qa-patterns - when: manual - allow_failure: true - <<: *if-dot-com-gitlab-org-schedule allow_failure: true @@ -1670,6 +1672,13 @@ - <<: *if-default-refs changes: *code-backstage-patterns +.setup:rules:jh-contribution: + rules: + - <<: *if-jh + when: never + - <<: *if-merge-request-labels-jh-contribution + + .setup:rules:generate-frontend-fixtures-mapping: rules: - <<: *if-not-ee diff --git a/.gitlab/ci/setup.gitlab-ci.yml b/.gitlab/ci/setup.gitlab-ci.yml index ad500fe0ddc..4339251897c 100644 --- a/.gitlab/ci/setup.gitlab-ci.yml +++ b/.gitlab/ci/setup.gitlab-ci.yml @@ -68,6 +68,15 @@ verify-tests-yml: - install_tff_gem - scripts/verify-tff-mapping +verify-approvals: + extends: + - .setup:rules:jh-contribution + needs: [] + script: + - source scripts/utils.sh + - install_gitlab_gem + - tooling/bin/find_app_sec_approval + generate-frontend-fixtures-mapping: extends: - .setup:rules:generate-frontend-fixtures-mapping diff --git a/.gitlab/ci/static-analysis.gitlab-ci.yml b/.gitlab/ci/static-analysis.gitlab-ci.yml index a5cc02303f3..f5f0dcfe7f8 100644 --- a/.gitlab/ci/static-analysis.gitlab-ci.yml +++ b/.gitlab/ci/static-analysis.gitlab-ci.yml @@ -114,10 +114,27 @@ rubocop: qa:testcases: extends: - .static-analysis-base - - .rubocop-job-cache - - .static-analysis:rules:ee-and-foss + - .static-analysis:rules:ee-and-foss-qa + before_script: + - !reference [.default-before_script, before_script] + - cd qa/ + - bundle_install_script script: - - run_timed_command "bundle exec rubocop qa/qa/specs/features/**/* --only QA/DuplicateTestcaseLink" + - run_timed_command "bundle exec bin/qa Test::Instance::All http://localhost:3000 --test-metadata-only" + - cd .. + - run_timed_command "./scripts/qa/testcases-check qa/tmp/test-metadata.json" + variables: + USE_BUNDLE_INSTALL: "false" + SETUP_DB: "false" + QA_EXPORT_TEST_METRICS: "false" + # Disable warnings in browserslist which can break on backports + # https://github.com/browserslist/browserslist/blob/a287ec6/node.js#L367-L384 + BROWSERSLIST_IGNORE_OLD_DATA: "true" + artifacts: + expire_in: 31d + when: always + paths: + - qa/tmp/ feature-flags-usage: extends: diff --git a/.gitlab/ci/yaml.gitlab-ci.yml b/.gitlab/ci/yaml.gitlab-ci.yml index 606bb385325..ac32e4226e2 100644 --- a/.gitlab/ci/yaml.gitlab-ci.yml +++ b/.gitlab/ci/yaml.gitlab-ci.yml @@ -11,3 +11,15 @@ lint-yaml: LINT_PATHS: .gitlab-ci.yml .gitlab/ci lib/gitlab/ci/templates data/deprecations data/removals data/whats_new script: - yamllint --strict -f colored $LINT_PATHS + +lint-metrics-yaml: + extends: + - .default-retry + - .yaml-lint:rules + image: pipelinecomponents/yamllint:latest + stage: lint + needs: [] + variables: + LINT_PATHS: config/metrics + script: + - 'yamllint --strict -f colored -d "{extends: default, rules: {line-length: disable, document-start: disable, indentation: {spaces: 2, indent-sequences: whatever}}}" $LINT_PATHS' diff --git a/.gitlab/issue_templates/Default.md b/.gitlab/issue_templates/Default.md new file mode 100644 index 00000000000..f87b82e341b --- /dev/null +++ b/.gitlab/issue_templates/Default.md @@ -0,0 +1,11 @@ +Before raising an issue to the GitLab issue tracker, please read through our guide for finding help to determine the best place to post: + +* https://about.gitlab.com/getting-help/ + +If you are experiencing an issue when using GitLab.com, your first port of call should be the Community Forum. Your issue may have already been reported there by another user. Please check: + +* https://forum.gitlab.com/ + +If you feel that your issue can be categorized as a reproducible bug or a feature proposal, please use one of the issue templates provided and include as much information as possible. + +Thank you for helping to make GitLab a better product. diff --git a/.gitlab/issue_templates/Doc_cleanup.md b/.gitlab/issue_templates/Doc_cleanup.md index 69caea1ae1e..58a51e15803 100644 --- a/.gitlab/issue_templates/Doc_cleanup.md +++ b/.gitlab/issue_templates/Doc_cleanup.md @@ -7,6 +7,26 @@ * feature development should use the Feature Request template. --> +If you are a community contributor: + +1. To work on an issue, type `@gl-docsteam I would like to work on this issue.` + in a comment. A technical writer + will assign the issue to you. Do not work on the issue before it is assigned to you. + If someone has already chosen the issue, pick another or view docs [in the docs directory](https://gitlab.com/gitlab-org/gitlab/-/tree/master/doc) + and open a merge request for any page you feel can be improved. +1. Create a merge request for the issue. If this is for a Hackathon, do not create the merge request + before the Hackathon has started or it will not be counted towards the Hackathon. If you were not + assigned the issue, do not create a merge request. It will not be accepted. +1. Copy the link to this issue and add it to the merge request's description, which will link + the merge request and the issue together. +1. After your merge request is accepted and merged, close this issue. + +If you notice things you'd like to fix that are not part of the issue, open separate merge requests for those issues. + +We're sorry for all the rules but we want everyone to have a good experience, and it can be hard when we get an influx of contributions. + +Thank you again for contributing to the GitLab documentation! + ## Identified documentation issue -## Process - -If you, as a contributor, decide to take this work on, assign this issue to yourself, and create one or more linked -merge requests that resolve this issue. Be sure to close this issue after all linked merge requests are completed. - -The work for this issue should involve only what's listed in the previous section. If you identify other work that -needs to be done, create separate, unlinked MRs as needed to address those items. - -When using automated test results for identified work, use this issue to work only on the listed lines. For -example, if the tests list several lines that show the word "admin" as needing to possibly be "administrator," -do not modify other parts of the page that may also include "admin," as the testing may have excluded those lines -(for example, they may be part of the **Admin Area** of GitLab). - ## Additional information +### What is the competitive advantage or differentiation for this feature? + ### Links / references +## Verification steps + + /label ~"workflow::refinement" /milestone %Backlog diff --git a/.gitlab/issue_templates/Vulnerability Disclosure.md b/.gitlab/issue_templates/Vulnerability Disclosure.md new file mode 100644 index 00000000000..9f143a76e0e --- /dev/null +++ b/.gitlab/issue_templates/Vulnerability Disclosure.md @@ -0,0 +1,98 @@ + + +### Summary + + + +### Steps to reproduce + + + +### Example Project + + + +### What is the current *bug* behavior? + + + +### What is the expected *correct* behavior? + + + +### Relevant logs and/or screenshots + + + +### Output of checks + + + +#### Results of GitLab environment info + + + +
+Expand for output related to GitLab environment info + +
+
+(For installations with omnibus-gitlab package run and paste the output of:
+`sudo gitlab-rake gitlab:env:info`)
+
+(For installations from source run and paste the output of:
+`sudo -u git -H bundle exec rake gitlab:env:info RAILS_ENV=production`)
+
+
+
+ +#### Results of GitLab application Check + + + +
+Expand for output related to the GitLab application check +
+
+(For installations with omnibus-gitlab package run and paste the output of:
+`sudo gitlab-rake gitlab:check SANITIZE=true`)
+
+(For installations from source run and paste the output of:
+`sudo -u git -H bundle exec rake gitlab:check RAILS_ENV=production SANITIZE=true`)
+
+(we will only investigate if the tests are passing)
+
+
+
+ +### Possible fixes + + + + +--- + + + +cc @gitlab-com/gl-security/appsec + +/label ~"type::bug" ~"bug::vulnerability" +/confidential diff --git a/.gitlab/merge_request_templates/Default.md b/.gitlab/merge_request_templates/Default.md new file mode 100644 index 00000000000..9d5ab41afbe --- /dev/null +++ b/.gitlab/merge_request_templates/Default.md @@ -0,0 +1,44 @@ +## What does this MR do and why? + +_Describe in detail what your merge request does and why._ + + + +## Screenshots or screen recordings + +_These are strongly recommended to assist reviewers and reduce the time to merge your change._ + + + +## How to set up and validate locally + +_Numbered steps to set up and validate the change are strongly suggested._ + + + +## MR acceptance checklist + +This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability. + +* [ ] I have evaluated the [MR acceptance checklist](https://docs.gitlab.com/ee/development/code_review.html#acceptance-checklist) for this MR. diff --git a/.gitlab/merge_request_templates/Documentation.md b/.gitlab/merge_request_templates/Documentation.md index d3ea9682d34..49d1d0f79bf 100644 --- a/.gitlab/merge_request_templates/Documentation.md +++ b/.gitlab/merge_request_templates/Documentation.md @@ -8,17 +8,17 @@ ## Author's checklist -- [ ] Consider taking [the GitLab Technical Writing Fundamentals course](https://gitlab.edcast.com/pathways/ECL-02528ee2-c334-4e16-abf3-e9d8b8260de4). +- [ ] Optional. Consider taking [the GitLab Technical Writing Fundamentals course](https://gitlab.edcast.com/pathways/ECL-02528ee2-c334-4e16-abf3-e9d8b8260de4). - [ ] Follow the: - [Documentation process](https://docs.gitlab.com/ee/development/documentation/workflow.html). - [Documentation guidelines](https://docs.gitlab.com/ee/development/documentation/). - [Style Guide](https://docs.gitlab.com/ee/development/documentation/styleguide/). -- [ ] Ensure that the [product tier badge](https://docs.gitlab.com/ee/development/documentation/styleguide/index.html#product-tier-badges) is added to topic's `h1`. -- [ ] [Request a review](https://docs.gitlab.com/ee/development/code_review.html#dogfooding-the-reviewers-feature) based on: - - The documentation page's [metadata](https://docs.gitlab.com/ee/development/documentation/#metadata). - - The [associated Technical Writer](https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments). +- [ ] If you're adding or changing the main heading of the page (H1), ensure that the [product tier badge](https://docs.gitlab.com/ee/development/documentation/styleguide/index.html#product-tier-badges) is added. +- [ ] If you are a GitLab team member, [request a review](https://docs.gitlab.com/ee/development/code_review.html#dogfooding-the-attention-request-feature) based on: + - The documentation page's [metadata](https://docs.gitlab.com/ee/development/documentation/#metadata). + - The [associated Technical Writer](https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments). -If you are only adding documentation, do not add any of the following labels: +If you are a GitLab team member and only adding documentation, do not add any of the following labels: - `~"frontend"` - `~"backend"` @@ -27,7 +27,7 @@ If you are only adding documentation, do not add any of the following labels: These labels cause the MR to be added to code verification QA issues. -## Review checklist +## Reviewer's checklist Documentation-related MRs should be reviewed by a Technical Writer for a non-blocking review, based on [Documentation Guidelines](https://docs.gitlab.com/ee/development/documentation/) and the [Style Guide](https://docs.gitlab.com/ee/development/documentation/styleguide/). @@ -35,13 +35,13 @@ Documentation-related MRs should be reviewed by a Technical Writer for a non-blo - Technical writer review items: - [ ] Ensure docs metadata is present and up-to-date. - [ ] Ensure the appropriate [labels](https://about.gitlab.com/handbook/engineering/ux/technical-writing/workflow/#labels) are added to this MR. + - [ ] Ensure a release milestone is set. - If relevant to this MR, ensure [content topic type](https://docs.gitlab.com/ee/development/documentation/structure.html) principles are in use, including: - [ ] The headings should be something you'd do a Google search for. Instead of `Default behavior`, say something like `Default behavior when you close an issue`. - [ ] The headings (other than the page title) should be active. Instead of `Configuring GDK`, say something like `Configure GDK`. - [ ] Any task steps should be written as a numbered list. - If the content still needs to be edited for topic types, you can create a follow-up issue with the ~"docs-technical-debt" label. - [ ] Review by assigned maintainer, who can always request/require the reviews above. Maintainer's review can occur before or after a technical writer review. -- [ ] Ensure a release milestone is set. -/label ~documentation ~"type::maintenance" +/label ~documentation ~"type::maintenance" ~"docs::improvement" /assign me -- cgit v1.2.3