diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2022-09-19 23:18:09 +0000 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2022-09-19 23:18:09 +0000 |
| commit | 6ed4ec3e0b1340f96b7c043ef51d1b33bbe85fde (patch) | |
| tree | dc4d20fe6064752c0bd323187252c77e0a89144b /.gitlab | |
| parent | 9868dae7fc0655bd7ce4a6887d4e6d487690eeed (diff) | |
| download | gitlab-ce-6ed4ec3e0b1340f96b7c043ef51d1b33bbe85fde.tar.gz | |
Add latest changes from gitlab-org/gitlab@15-4-stable-eev15.4.0-rc42
Diffstat (limited to '.gitlab')
32 files changed, 1831 insertions, 839 deletions
diff --git a/.gitlab/CODEOWNERS b/.gitlab/CODEOWNERS index 6019fe636a8..03fcfc4dd53 100644 --- a/.gitlab/CODEOWNERS +++ b/.gitlab/CODEOWNERS @@ -2,6 +2,24 @@ # project here: https://gitlab.com/gitlab-org/gitlab/-/project_members # As described in https://docs.gitlab.com/ee/user/project/code_owners.html +* @gitlab-org/maintainers/rails-backend @gitlab-org/maintainers/frontend @gitlab-org/maintainers/database @gl-quality/qe-maintainers @gitlab-org/delivery @gitlab-org/maintainers/cicd-templates @kwiebers @nolith @jacobvosmaer-gitlab + +CODEOWNERS @clefelhocz1 @timzallmann @cdu1 @wayne @dsatcher @sgoldstein @jeromezng @stanhu @susantacker @dianalogan @kpaizee @sselhorn +docs/CODEOWNERS @clefelhocz1 @timzallmann @cdu1 @wayne @dsatcher @sgoldstein @jeromezng @stanhu @susantacker @dianalogan @kpaizee @sselhorn +.gitlab/CODEOWNERS @clefelhocz1 @timzallmann @cdu1 @wayne @dsatcher @sgoldstein @jeromezng @stanhu @susantacker @dianalogan @kpaizee @sselhorn + +## Allows release tooling to update the Gitaly Version +GITALY_SERVER_VERSION @project_278964_bot6 @gitlab-org/maintainers/rails-backend @gitlab-org/delivery + +## Files that are excluded from required approval +/.gitlab/issue_templates/*.md +/.gitlab/merge_request_templates/*.md +/doc/*.md +/doc/**/*.md +/doc/**/*.png +/data/deprecations/*.yml +/data/removals/*.yml + ^[Backend] *.rb @gitlab-org/maintainers/rails-backend *.rake @gitlab-org/maintainers/rails-backend @@ -34,7 +52,6 @@ /.gitlab/ci/docs.gitlab-ci.yml @gl-quality/eng-prod @gl-docsteam /.gitlab/ci/releases.gitlab-ci.yml @gl-quality/eng-prod @gitlab-org/delivery /.gitlab/ci/reports.gitlab-ci.yml @gitlab-com/gl-security/appsec @gl-quality/eng-prod -/.gitlab/CODEOWNERS @gl-quality/eng-prod Dangerfile @gl-quality/eng-prod /danger/ @gl-quality/eng-prod /tooling/danger/ @gl-quality/eng-prod @@ -57,11 +74,89 @@ Dangerfile @gl-quality/eng-prod /ee/lib/ee/gitlab/auth/ldap/ @dblessing @mkozono /lib/gitlab/auth/ldap/ @dblessing @mkozono +^[Verify] +/app/**/ci/ @gitlab-org/maintainers/cicd-verify +/app/controllers/admin/jobs_controller.rb @gitlab-org/maintainers/cicd-verify +/app/controllers/admin/runner_projects_controller.rb @gitlab-org/maintainers/cicd-verify +/app/controllers/admin/runners_controller.rb @gitlab-org/maintainers/cicd-verify +/app/controllers/projects/artifacts_controller.rb @gitlab-org/maintainers/cicd-verify +/app/controllers/projects/build_artifacts_controller.rb @gitlab-org/maintainers/cicd-verify +/app/controllers/projects/builds_controller.rb @gitlab-org/maintainers/cicd-verify +/app/controllers/projects/jobs_controller.rb @gitlab-org/maintainers/cicd-verify +/app/controllers/runner_setup_controller.rb @gitlab-org/maintainers/cicd-verify +/app/controllers/projects/pipeline_schedules_controller.rb @gitlab-org/maintainers/cicd-verify +/app/controllers/projects/pipelines_controller.rb @gitlab-org/maintainers/cicd-verify +/app/controllers/projects/pipelines_settings_controller.rb @gitlab-org/maintainers/cicd-verify +/app/controllers/projects/runner_projects_controller.rb @gitlab-org/maintainers/cicd-verify +/app/controllers/projects/runners_controller.rb @gitlab-org/maintainers/cicd-verify +/app/controllers/projects/triggers_controller.rb @gitlab-org/maintainers/cicd-verify +/app/controllers/projects/usage_quotas_controller.rb @gitlab-org/maintainers/cicd-verify +/app/controllers/projects/variables_controller.rb @gitlab-org/maintainers/cicd-verify +/app/models/commit_status.rb @gitlab-org/maintainers/cicd-verify +/app/models/external_pull_request.rb @gitlab-org/maintainers/cicd-verify +/app/models/generic_commit_status.rb @gitlab-org/maintainers/cicd-verify +/app/models/namespace_ci_cd_setting.rb @gitlab-org/maintainers/cicd-verify +/app/models/project_ci_cd_setting.rb @gitlab-org/maintainers/cicd-verify +/app/presenters/commit_status_presenter.rb @gitlab-org/maintainers/cicd-verify +/app/presenters/generic_commit_status_presenter.rb @gitlab-org/maintainers/cicd-verify +/app/views/projects/artifacts/ @gitlab-org/maintainers/cicd-verify +/app/views/projects/generic_commit_statuses/ @gitlab-org/maintainers/cicd-verify +/app/views/projects/jobs/ @gitlab-org/maintainers/cicd-verify +/app/views/projects/pipeline_schedules/ @gitlab-org/maintainers/cicd-verify +/app/views/projects/pipelines/ @gitlab-org/maintainers/cicd-verify +/app/views/projects/triggers/ @gitlab-org/maintainers/cicd-verify +/app/workers/build_hooks_worker.rb @gitlab-org/maintainers/cicd-verify +/app/workers/build_queue_worker.rb @gitlab-org/maintainers/cicd-verify +/app/workers/build_success_worker.rb @gitlab-org/maintainers/cicd-verify +/app/workers/ci_platform_metrics_update_cron_worker.rb @gitlab-org/maintainers/cicd-verify +/app/workers/create_pipeline_worker.rb @gitlab-org/maintainers/cicd-verify +/app/workers/expire_build_artifacts_worker.rb @gitlab-org/maintainers/cicd-verify +/app/workers/pipeline_hooks_worker.rb @gitlab-org/maintainers/cicd-verify +/app/workers/pipeline_metrics_worker.rb @gitlab-org/maintainers/cicd-verify +/app/workers/pipeline_notification_worker.rb @gitlab-org/maintainers/cicd-verify +/app/workers/pipeline_process_worker.rb @gitlab-org/maintainers/cicd-verify +/app/workers/pipeline_schedule_worker.rb @gitlab-org/maintainers/cicd-verify +/app/workers/run_pipeline_schedule_worker.rb @gitlab-org/maintainers/cicd-verify +/app/workers/stuck_ci_jobs_worker.rb @gitlab-org/maintainers/cicd-verify +/app/workers/update_external_pull_requests_worker.rb @gitlab-org/maintainers/cicd-verify +/lib/**/ci/ @gitlab-org/maintainers/cicd-verify +/lib/api/commit_statuses.rb @gitlab-org/maintainers/cicd-verify +/ee/app/**/ci/ @gitlab-org/maintainers/cicd-verify +/ee/app/**/merge_trains/ @gitlab-org/maintainers/cicd-verify +/ee/app/models/merge_train.rb @gitlab-org/maintainers/cicd-verify +/ee/app/finders/merge_trains_finder.rb @gitlab-org/maintainers/cicd-verify +/ee/app/services/auto_merge/add_to_merge_train_when_pipeline_succeeds_service.rb @gitlab-org/maintainers/cicd-verify +/ee/app/services/auto_merge/merge_train_service.rb @gitlab-org/maintainers/cicd-verify +/ee/app/services/system_notes/merge_train_service.rb @gitlab-org/maintainers/cicd-verify +/ee/app/controllers/ee/admin/runners_controller.rb @gitlab-org/maintainers/cicd-verify +/ee/app/controllers/ee/projects/pipelines_controller.rb @gitlab-org/maintainers/cicd-verify +/ee/app/controllers/projects/pipelines/ @gitlab-org/maintainers/cicd-verify +/ee/app/controllers/projects/subscriptions_controller.rb @gitlab-org/maintainers/cicd-verify +/ee/app/models/merge_train.rb @gitlab-org/maintainers/cicd-verify +/ee/app/helpers/ee/projects/pipeline_helper.rb @gitlab-org/maintainers/cicd-verify +/ee/app/views/ci_minutes_usage_mailer/ @gitlab-org/maintainers/cicd-verify +/ee/app/views/projects/pipelines/ @gitlab-org/maintainers/cicd-verify +/ee/app/views/projects/settings/ci_cd/ @gitlab-org/maintainers/cicd-verify +/ee/app/workers/clear_shared_runners_minutes_worker.rb @gitlab-org/maintainers/cicd-verify +/ee/lib/**/ci/ @gitlab-org/maintainers/cicd-verify +/ee/lib/ee/api/entities/merge_train.rb @gitlab-org/maintainers/cicd-verify +/**/javascripts/jobs/ @pburdette @jivanvl +/**/javascripts/pipelines/ @pburdette @f_caplette @jivanvl @mfluharty @bsandlin @mgandres +/app/assets/javascripts/pipeline_new/ @pburdette @f_caplette @jivanvl @mfluharty @bsandlin @mgandres +/app/assets/javascripts/ci_lint/ @f_caplette @bsandlin @mgandres +/app/assets/javascripts/ci_variable_list/ @pburdette @f_caplette @jivanvl @mfluharty @bsandlin @mgandres +/app/assets/javascripts/pipeline_schedules/ @pburdette @jivanvl +/app/assets/javascripts/pipeline_editor/ @f_caplette @bsandlin @mgandres +/ee/app/assets/javascripts/ci_minutes_usage/ @pburdette @jivanvl +/ee/app/assets/javascripts/usage_quotas/ci_minutes_usage/ @pburdette @jivanvl +/ee/app/assets/javascripts/usage_quotas/pipelines/ @pburdette @jivanvl +/ee/app/assets/javascripts/reports/ @mfluharty + ^[Templates] /lib/gitlab/ci/templates/ @gitlab-org/maintainers/cicd-templates /lib/gitlab/ci/templates/Auto-DevOps.gitlab-ci.yml @DylanGriffith @mayra-cabrera @tkuah /lib/gitlab/ci/templates/Security/ @gonzoyumo @twoodham @sethgitlab @thiagocsf -/lib/gitlab/ci/templates/Security/Container-Scanning.*.yml @gitlab-org/protect/container-security-backend +/lib/gitlab/ci/templates/Security/Container-Scanning.*.yml @gitlab-org/govern/security-policies-backend ^[Project Alias] /ee/app/models/project_alias.rb @patrickbajao @@ -70,18 +165,18 @@ Dangerfile @gl-quality/eng-prod # Secure & Threat Management ownership delineation # https://about.gitlab.com/handbook/engineering/development/threat-management/delineate-secure-threat-management.html#technical-boundaries ^[Threat Insights] -/app/finders/security/ @gitlab-org/secure/threat-insights-backend-team -/app/models/vulnerability.rb @gitlab-org/secure/threat-insights-backend-team -/ee/app/finders/security/ @gitlab-org/secure/threat-insights-backend-team -/ee/app/models/security/ @gitlab-org/secure/threat-insights-backend-team -/ee/app/models/vulnerabilities/ @gitlab-org/secure/threat-insights-backend-team -/ee/app/policies/vulnerabilities/ @gitlab-org/secure/threat-insights-backend-team -/ee/app/policies/vulnerability*.rb @gitlab-org/secure/threat-insights-backend-team -/ee/app/presenters/projects/security/ @gitlab-org/secure/threat-insights-backend-team -/ee/lib/api/vulnerabilit*.rb @gitlab-org/secure/threat-insights-backend-team -/ee/spec/policies/vulnerabilities/ @gitlab-org/secure/threat-insights-backend-team -/ee/spec/policies/vulnerability*.rb @gitlab-org/secure/threat-insights-backend-team -/ee/spec/presenters/projects/security/ @gitlab-org/secure/threat-insights-backend-team +/app/finders/security/ @gitlab-org/govern/threat-insights-backend-team +/app/models/vulnerability.rb @gitlab-org/govern/threat-insights-backend-team +/ee/app/finders/security/ @gitlab-org/govern/threat-insights-backend-team +/ee/app/models/security/ @gitlab-org/govern/threat-insights-backend-team +/ee/app/models/vulnerabilities/ @gitlab-org/govern/threat-insights-backend-team +/ee/app/policies/vulnerabilities/ @gitlab-org/govern/threat-insights-backend-team +/ee/app/policies/vulnerability*.rb @gitlab-org/govern/threat-insights-backend-team +/ee/app/presenters/projects/security/ @gitlab-org/govern/threat-insights-backend-team +/ee/lib/api/vulnerabilit*.rb @gitlab-org/govern/threat-insights-backend-team +/ee/spec/policies/vulnerabilities/ @gitlab-org/govern/threat-insights-backend-team +/ee/spec/policies/vulnerability*.rb @gitlab-org/govern/threat-insights-backend-team +/ee/spec/presenters/projects/security/ @gitlab-org/govern/threat-insights-backend-team ^[Secure] /ee/lib/gitlab/ci/parsers/license_compliance/ @gitlab-org/secure/composition-analysis-be @@ -93,23 +188,23 @@ Dangerfile @gl-quality/eng-prod /ee/app/services/app_sec/dast/ @gitlab-org/secure/dynamic-analysis-be ^[Container Security] -/ee/app/views/projects/threat_monitoring/** @gitlab-org/protect/container-security-frontend -/ee/app/views/projects/security/policies/** @gitlab-org/protect/container-security-frontend -/ee/spec/views/projects/security/policies/** @gitlab-org/protect/container-security-frontend -/ee/app/assets/javascripts/pages/projects/threat_monitoring/** @gitlab-org/protect/container-security-frontend -/ee/app/assets/javascripts/threat_monitoring/** @gitlab-org/protect/container-security-frontend -/ee/spec/frontend/threat_monitoring/** @gitlab-org/protect/container-security-frontend +/ee/app/views/projects/threat_monitoring/** @gitlab-org/govern/security-policies-frontend +/ee/app/views/projects/security/policies/** @gitlab-org/govern/security-policies-frontend +/ee/spec/views/projects/security/policies/** @gitlab-org/govern/security-policies-frontend +/ee/app/assets/javascripts/pages/projects/threat_monitoring/** @gitlab-org/govern/security-policies-frontend +/ee/app/assets/javascripts/threat_monitoring/** @gitlab-org/govern/security-policies-frontend +/ee/spec/frontend/threat_monitoring/** @gitlab-org/govern/security-policies-frontend -/ee/app/controllers/projects/threat_monitoring_controller.rb @gitlab-org/protect/container-security-backend -/ee/spec/controllers/projects/threat_monitoring_controller_spec.rb @gitlab-org/protect/container-security-backend -/ee/app/controllers/projects/security/policies_controller.rb @gitlab-org/protect/container-security-backend -/ee/spec/requests/projects/security/policies_controller_spec.rb @gitlab-org/protect/container-security-backend -/ee/app/models/security/orchestration_policy_configuration.rb @gitlab-org/protect/container-security-backend -/ee/spec/models/security/orchestration_policy_configuration_spec.rb @gitlab-org/protect/container-security-backend -/app/models/clusters/applications/cilium.rb @gitlab-org/protect/container-security-backend -/spec/models/clusters/applications/cilium_spec.rb @gitlab-org/protect/container-security-backend -/ee/app/services/security/orchestration/** @gitlab-org/protect/container-security-backend -/ee/spec/services/security/orchestration/** @gitlab-org/protect/container-security-backend +/ee/app/controllers/projects/threat_monitoring_controller.rb @gitlab-org/govern/security-policies-backend +/ee/spec/controllers/projects/threat_monitoring_controller_spec.rb @gitlab-org/govern/container-security-backend +/ee/app/controllers/projects/security/policies_controller.rb @gitlab-org/govern/security-policies-backend +/ee/spec/requests/projects/security/policies_controller_spec.rb @gitlab-org/govern/security-policies-backend +/ee/app/models/security/orchestration_policy_configuration.rb @gitlab-org/govern/security-policies-backend +/ee/spec/models/security/orchestration_policy_configuration_spec.rb @gitlab-org/govern/security-policies-backend +/app/models/clusters/applications/cilium.rb @gitlab-org/govern/security-policies-backend +/spec/models/clusters/applications/cilium_spec.rb @gitlab-org/govern/security-policies-backend +/ee/app/services/security/orchestration/** @gitlab-org/govern/security-policies-backend +/ee/spec/services/security/orchestration/** @gitlab-org/govern/security-policies-backend ^[Code Owners] /ee/lib/gitlab/code_owners.rb @reprazent @kerrizor @garyh @@ -156,18 +251,56 @@ Dangerfile @gl-quality/eng-prod ^[Growth Experiments] /app/experiments/ @gitlab-org/growth/experiment-devs +/spec/experiments/ @gitlab-org/growth/experiment-devs /app/models/experiment.rb @gitlab-org/growth/experiment-devs +/spec/models/experiment.rb @gitlab-org/growth/experiment-devs /app/models/experiment_subject.rb @gitlab-org/growth/experiment-devs +/spec/models/experiment_subject.rb @gitlab-org/growth/experiment-devs /app/models/experiment_user.rb @gitlab-org/growth/experiment-devs +/spec/models/experiment_user.rb @gitlab-org/growth/experiment-devs /app/workers/experiments/ @gitlab-org/growth/experiment-devs +/spec/workers/experiments/ @gitlab-org/growth/experiment-devs +/config/initializers/gitlab_experiment.rb @gitlab-org/growth/experiment-devs /config/feature_flags/experiment/ @gitlab-org/growth/experiment-devs /ee/config/feature_flags/experiment/ @gitlab-org/growth/experiment-devs /ee/lib/api/experiments.rb @gitlab-org/growth/experiment-devs +/ee/spec/requests/api/experiments_spec.rb @gitlab-org/growth/experiment-devs /ee/lib/ee/api/entities/experiment.rb @gitlab-org/growth/experiment-devs +/ee/spec/lib/ee/api/entities/experiment_spec.rb @gitlab-org/growth/experiment-devs /lib/gitlab/experimentation/ @gitlab-org/growth/experiment-devs +/spec/lib/gitlab/experimentation/ @gitlab-org/growth/experiment-devs /lib/gitlab/experimentation.rb @gitlab-org/growth/experiment-devs +/spec/lib/gitlab/experimentation_spec.rb @gitlab-org/growth/experiment-devs /lib/gitlab/experimentation_logger.rb @gitlab-org/growth/experiment-devs -/ee/spec/requests/api/experiments_spec.rb @gitlab-org/growth/experiment-devs + +^[Growth] +/ee/app/workers/onboarding/ @gitlab-org/growth/engineers +/ee/spec/workers/onboarding/ @gitlab-org/growth/engineers +/app/models/onboarding/ @gitlab-org/growth/engineers +/spec/models/onboarding/ @gitlab-org/growth/engineers +/app/services/onboarding/ @gitlab-org/growth/engineers +/spec/services/onboarding/ @gitlab-org/growth/engineers +/ee/app/controllers/registrations/ @gitlab-org/growth/engineers +/ee/app/components/namespaces/free_user_cap/ @gitlab-org/growth/engineers +/ee/spec/components/namespaces/free_user_cap/ @gitlab-org/growth/engineers +/ee/app/models/namespaces/free_user_cap/ @gitlab-org/growth/engineers +/ee/spec/models/namespaces/free_user_cap/ @gitlab-org/growth/engineers +/app/services/users/in_product_marketing_email_records.rb @gitlab-org/growth/engineers +/spec/services/users/in_product_marketing_email_records_spec.rb @gitlab-org/growth/engineers +/app/workers/namespaces/in_product_marketing_emails_worker.rb @gitlab-org/growth/engineers +/spec/workers/namespaces/in_product_marketing_emails_worker_spec.rb @gitlab-org/growth/engineers +/ee/app/workers/ee/namespaces/in_product_marketing_emails_worker.rb @gitlab-org/growth/engineers +/ee/spec/workers/ee/namespaces/in_product_marketing_emails_worker_spec.rb @gitlab-org/growth/engineers +/app/models/users/in_product_marketing_email.rb @gitlab-org/growth/engineers +/spec/models/users/in_product_marketing_email_spec.rb @gitlab-org/growth/engineers +/app/services/namespaces/in_product_marketing_emails_service.rb @gitlab-org/growth/engineers +/spec/services/namespaces/in_product_marketing_emails_service_spec.rb @gitlab-org/growth/engineers +/ee/app/services/ee/namespaces/in_product_marketing_emails_service.rb @gitlab-org/growth/engineers +/ee/spec/services/namespaces/in_product_marketing_emails_service_spec.rb @gitlab-org/growth/engineers +/app/workers/projects/record_target_platforms_worker.rb @gitlab-org/growth/engineers +/spec/workers/projects/record_target_platforms_worker_spec.rb @gitlab-org/growth/engineers +/ee/app/controllers/groups/feature_discovery_moments_controller.rb @gitlab-org/growth/engineers +/ee/spec/requests/groups/feature_discovery_moments_spec.rb @gitlab-org/growth/engineers ^[Legal] /config/dependency_decisions.yml @gitlab-org/legal-reviewers @@ -200,10 +333,10 @@ ee/lib/ee/gitlab/checks/** @proglottis @toon @zj-gitlab lib/gitlab/checks/** @proglottis @toon @zj-gitlab ^[Documentation Directories] -.markdownlint.yml @marcel.amirault @eread @aqualls @dianalogan -/doc/.markdownlint @marcel.amirault @eread @aqualls @dianalogan +.markdownlint.yml @marcel.amirault @eread @aqualls @dianalogan @kpaizee /doc/ @gl-docsteam -/doc/.vale/ @marcel.amirault @eread @aqualls @dianalogan +/doc/.markdownlint/ @marcel.amirault @eread @aqualls @dianalogan @kpaizee +/doc/.vale/ @marcel.amirault @eread @aqualls @dianalogan @kpaizee ^[Documentation Pages] /doc/administration/application_settings_cache.md @sselhorn @@ -212,8 +345,9 @@ lib/gitlab/checks/** @proglottis @toon @zj-gitlab /doc/administration/audit_reports.md @eread /doc/administration/auditor_users.md @eread /doc/administration/auth/ @eread +/doc/administration/auth/ldap/ @eread /doc/administration/cicd.md @marcel.amirault -/doc/administration/clusters/kas.md @sselhorn +/doc/administration/clusters/ @phillipwells /doc/administration/compliance.md @eread /doc/administration/configure.md @axil /doc/administration/consul.md @axil @@ -224,74 +358,81 @@ lib/gitlab/checks/** @proglottis @toon @zj-gitlab /doc/administration/feature_flags.md @axil /doc/administration/file_hooks.md @aqualls /doc/administration/geo/ @axil +/doc/administration/geo/disaster_recovery/ @axil +/doc/administration/geo/disaster_recovery/runbooks/ @axil +/doc/administration/geo/replication/ @axil +/doc/administration/geo/secondary_proxy/ @axil +/doc/administration/geo/setup/ @axil /doc/administration/git_protocol.md @aqualls /doc/administration/gitaly/ @eread /doc/administration/housekeeping.md @axil +/doc/administration/inactive_project_deletion.md @eread /doc/administration/incoming_email.md @msedlakjakubowski /doc/administration/index.md @axil /doc/administration/instance_limits.md @axil -/doc/administration/instance_review.md @kpaizee +/doc/administration/instance_review.md @phillipwells /doc/administration/integration/kroki.md @msedlakjakubowski -/doc/administration/integration/mailgun.md @kpaizee +/doc/administration/integration/mailgun.md @msedlakjakubowski /doc/administration/integration/plantuml.md @aqualls -/doc/administration/integration/terminal.md @kpaizee +/doc/administration/integration/terminal.md @ashrafkhamis /doc/administration/invalidate_markdown_cache.md @msedlakjakubowski /doc/administration/issue_closing_pattern.md @aqualls /doc/administration/job_artifacts.md @marcel.amirault /doc/administration/job_logs.md @sselhorn -/doc/administration/lfs/index.md @aqualls +/doc/administration/lfs/ @aqualls /doc/administration/libravatar.md @axil /doc/administration/load_balancer.md @axil /doc/administration/logs/index.md @msedlakjakubowski -/doc/administration/maintenance_mode/index.md @axil +/doc/administration/logs/log_parsing.md @axil +/doc/administration/logs/tracing_correlation_id.md @axil +/doc/administration/maintenance_mode/ @axil /doc/administration/merge_request_diffs.md @aqualls /doc/administration/monitoring/ @msedlakjakubowski +/doc/administration/monitoring/gitlab_self_monitoring_project/ @msedlakjakubowski +/doc/administration/monitoring/ip_allowlist.md @sselhorn +/doc/administration/monitoring/performance/ @msedlakjakubowski +/doc/administration/monitoring/prometheus/ @msedlakjakubowski /doc/administration/monitoring/prometheus/index.md @axil +/doc/administration/monitoring/prometheus/web_exporter.md @sselhorn /doc/administration/nfs.md @axil /doc/administration/object_storage.md @axil /doc/administration/operations/ @axil -/doc/administration/operations/moving_repositories.md @eread /doc/administration/operations/fast_ssh_key_lookup.md @aqualls -/doc/administration/operations/sidekiq_memory_killer.md @sselhorn +/doc/administration/operations/moving_repositories.md @eread /doc/administration/package_information/ @axil /doc/administration/packages/ @claytoncornell -/doc/administration/pages/index.md @aqualls -/doc/administration/pages/source.md @aqualls +/doc/administration/pages/ @aqualls /doc/administration/polling.md @axil /doc/administration/postgresql/ @aqualls -/doc/administration/pseudonymizer.md @axil /doc/administration/raketasks/ @axil /doc/administration/raketasks/ldap.md @eread /doc/administration/raketasks/praefect.md @eread /doc/administration/read_only_gitlab.md @axil /doc/administration/redis/ @axil /doc/administration/reference_architectures/ @axil -/doc/administration/reply_by_email_postfix_setup.md @axil /doc/administration/reply_by_email.md @msedlakjakubowski +/doc/administration/reply_by_email_postfix_setup.md @axil /doc/administration/repository_checks.md @eread /doc/administration/repository_storage_paths.md @eread /doc/administration/repository_storage_types.md @eread /doc/administration/restart_gitlab.md @axil /doc/administration/server_hooks.md @eread -/doc/administration/sidekiq_health_check.md @axil -/doc/administration/sidekiq.md @axil +/doc/administration/sidekiq/ @axil /doc/administration/smime_signing_email.md @axil -/doc/administration/snippets/index.md @aqualls +/doc/administration/snippets/ @aqualls /doc/administration/static_objects_external_storage.md @aqualls -/doc/administration/system_hooks.md @kpaizee -/doc/administration/terraform_state.md @sselhorn +/doc/administration/system_hooks.md @ashrafkhamis +/doc/administration/terraform_state.md @phillipwells /doc/administration/timezone.md @axil /doc/administration/troubleshooting/ @axil -/doc/administration/troubleshooting/elasticsearch.md @sselhorn /doc/administration/troubleshooting/postgresql.md @aqualls /doc/administration/uploads.md @axil /doc/administration/user_settings.md @eread -/doc/administration/whats-new.md @kpaizee -/doc/administration/wikis/index.md @aqualls +/doc/administration/wikis/ @aqualls /doc/api/access_requests.md @eread /doc/api/admin_sidekiq_queues.md @axil /doc/api/alert_management_alerts.md @msedlakjakubowski -/doc/api/api_resources.md @kpaizee +/doc/api/api_resources.md @ashrafkhamis /doc/api/appearance.md @eread /doc/api/applications.md @eread /doc/api/audit_events.md @eread @@ -299,41 +440,40 @@ lib/gitlab/checks/** @proglottis @toon @zj-gitlab /doc/api/award_emoji.md @msedlakjakubowski /doc/api/boards.md @msedlakjakubowski /doc/api/branches.md @aqualls -/doc/api/broadcast_messages.md @kpaizee +/doc/api/broadcast_messages.md @phillipwells /doc/api/bulk_imports.md @eread -/doc/api/cluster_agents.md @sselhorn +/doc/api/cluster_agents.md @phillipwells /doc/api/commits.md @aqualls /doc/api/container_registry.md @claytoncornell -/doc/api/custom_attributes.md @kpaizee +/doc/api/custom_attributes.md @ashrafkhamis /doc/api/dependencies.md @rdickenson /doc/api/dependency_proxy.md @claytoncornell /doc/api/deploy_keys.md @rdickenson /doc/api/deploy_tokens.md @rdickenson /doc/api/deployments.md @rdickenson /doc/api/discussions.md @aqualls -/doc/api/dora/metrics.md @fneill -/doc/api/dora4_project_analytics.md @fneill +/doc/api/dora/ @fneill /doc/api/environments.md @rdickenson /doc/api/epic_issues.md @msedlakjakubowski /doc/api/epic_links.md @msedlakjakubowski /doc/api/epics.md @msedlakjakubowski /doc/api/error_tracking.md @msedlakjakubowski /doc/api/events.md @eread -/doc/api/experiments.md @kpaizee +/doc/api/experiments.md @phillipwells /doc/api/feature_flag_specs.md @rdickenson /doc/api/feature_flag_user_lists.md @rdickenson /doc/api/feature_flags.md @rdickenson /doc/api/features.md @rdickenson /doc/api/freeze_periods.md @rdickenson /doc/api/geo_nodes.md @axil -/doc/api/graphql/ @kpaizee +/doc/api/graphql/ @ashrafkhamis /doc/api/graphql/custom_emoji.md @msedlakjakubowski /doc/api/graphql/sample_issue_boards.md @msedlakjakubowski /doc/api/group_access_tokens.md @eread /doc/api/group_activity_analytics.md @fneill /doc/api/group_badges.md @fneill /doc/api/group_boards.md @msedlakjakubowski -/doc/api/group_clusters.md @sselhorn +/doc/api/group_clusters.md @phillipwells /doc/api/group_import_export.md @eread /doc/api/group_iterations.md @msedlakjakubowski /doc/api/group_labels.md @msedlakjakubowski @@ -346,29 +486,30 @@ lib/gitlab/checks/** @proglottis @toon @zj-gitlab /doc/api/group_wikis.md @aqualls /doc/api/groups.md @fneill /doc/api/import.md @eread -/doc/api/index.md @kpaizee -/doc/api/instance_clusters.md @sselhorn +/doc/api/index.md @ashrafkhamis +/doc/api/instance_clusters.md @phillipwells /doc/api/instance_level_ci_variables.md @marcel.amirault -/doc/api/integrations.md @kpaizee -/doc/api/invitations.md @kpaizee +/doc/api/integrations.md @ashrafkhamis +/doc/api/invitations.md @phillipwells /doc/api/issue_links.md @msedlakjakubowski -/doc/api/issues_statistics.md @msedlakjakubowski /doc/api/issues.md @msedlakjakubowski +/doc/api/issues_statistics.md @msedlakjakubowski /doc/api/iterations.md @msedlakjakubowski /doc/api/job_artifacts.md @marcel.amirault /doc/api/jobs.md @marcel.amirault /doc/api/keys.md @aqualls /doc/api/labels.md @msedlakjakubowski -/doc/api/license.md @kpaizee +/doc/api/license.md @fneill /doc/api/linked_epics.md @msedlakjakubowski /doc/api/lint.md @marcel.amirault -/doc/api/managed_licenses.md @kpaizee -/doc/api/markdown.md @aqualls +/doc/api/managed_licenses.md @fneill +/doc/api/markdown.md @msedlakjakubowski /doc/api/members.md @eread /doc/api/merge_request_approvals.md @aqualls /doc/api/merge_request_context_commits.md @aqualls /doc/api/merge_requests.md @aqualls /doc/api/merge_trains.md @marcel.amirault +/doc/api/metadata.md @ashrafkhamis /doc/api/metrics_dashboard_annotations.md @msedlakjakubowski /doc/api/metrics_user_starred_dashboards.md @msedlakjakubowski /doc/api/milestones.md @msedlakjakubowski @@ -376,11 +517,11 @@ lib/gitlab/checks/** @proglottis @toon @zj-gitlab /doc/api/notes.md @msedlakjakubowski /doc/api/notification_settings.md @msedlakjakubowski /doc/api/oauth2.md @eread -/doc/api/openapi/openapi_interactive.md @kpaizee +/doc/api/openapi/ @ashrafkhamis /doc/api/packages.md @claytoncornell /doc/api/packages/ @claytoncornell -/doc/api/pages_domains.md @aqualls /doc/api/pages.md @aqualls +/doc/api/pages_domains.md @aqualls /doc/api/personal_access_tokens.md @eread /doc/api/pipeline_schedules.md @marcel.amirault /doc/api/pipeline_triggers.md @marcel.amirault @@ -389,7 +530,7 @@ lib/gitlab/checks/** @proglottis @toon @zj-gitlab /doc/api/project_access_tokens.md @eread /doc/api/project_aliases.md @aqualls /doc/api/project_badges.md @aqualls -/doc/api/project_clusters.md @sselhorn +/doc/api/project_clusters.md @phillipwells /doc/api/project_import_export.md @aqualls /doc/api/project_level_variables.md @marcel.amirault /doc/api/project_relations_export.md @eread @@ -402,8 +543,7 @@ lib/gitlab/checks/** @proglottis @toon @zj-gitlab /doc/api/protected_branches.md @aqualls /doc/api/protected_environments.md @rdickenson /doc/api/protected_tags.md @aqualls -/doc/api/releases/index.md @rdickenson -/doc/api/releases/links.md @rdickenson +/doc/api/releases/ @rdickenson /doc/api/remote_mirrors.md @aqualls /doc/api/repositories.md @aqualls /doc/api/repository_files.md @aqualls @@ -425,7 +565,7 @@ lib/gitlab/checks/** @proglottis @toon @zj-gitlab /doc/api/statistics.md @eread /doc/api/status_checks.md @eread /doc/api/suggestions.md @aqualls -/doc/api/system_hooks.md @kpaizee +/doc/api/system_hooks.md @ashrafkhamis /doc/api/tags.md @aqualls /doc/api/templates/dockerfiles.md @aqualls /doc/api/templates/gitignores.md @aqualls @@ -435,202 +575,244 @@ lib/gitlab/checks/** @proglottis @toon @zj-gitlab /doc/api/topics.md @fneill /doc/api/usage_data.md @claytoncornell /doc/api/users.md @eread -/doc/api/version.md @kpaizee +/doc/api/version.md @ashrafkhamis /doc/api/visual_review_discussions.md @marcel.amirault /doc/api/vulnerabilities.md @claytoncornell /doc/api/vulnerability_exports.md @claytoncornell /doc/api/vulnerability_findings.md @claytoncornell /doc/api/wikis.md @aqualls -/doc/architecture/blueprints/container_registry_metadata_database/index.md @claytoncornell +/doc/architecture/blueprints/container_registry_metadata_database/ @claytoncornell /doc/architecture/blueprints/database/scalability/patterns/ @aqualls -/doc/architecture/blueprints/gitlab_to_kubernetes_communication/index.md @sselhorn -/doc/ci/caching/index.md @marcel.amirault -/doc/ci/chatops/index.md @sselhorn +/doc/architecture/blueprints/database_scaling/ @aqualls +/doc/architecture/blueprints/gitlab_to_kubernetes_communication/ @phillipwells +/doc/ci/ @marcel.amirault +/doc/ci/caching/ @marcel.amirault +/doc/ci/chatops/ @phillipwells /doc/ci/ci_cd_for_external_repos/ @marcel.amirault -/doc/ci/cloud_deployment/ecs/quick_start_guide.md @rdickenson -/doc/ci/cloud_deployment/index.md @rdickenson +/doc/ci/cloud_deployment/ @rdickenson +/doc/ci/cloud_deployment/ecs/ @rdickenson /doc/ci/cloud_services/ @marcel.amirault -/doc/ci/directed_acyclic_graph/index.md @marcel.amirault +/doc/ci/cloud_services/aws/ @marcel.amirault +/doc/ci/cloud_services/azure/ @marcel.amirault +/doc/ci/cloud_services/google_cloud/ @marcel.amirault +/doc/ci/directed_acyclic_graph/ @marcel.amirault /doc/ci/docker/index.md @marcel.amirault /doc/ci/docker/using_docker_build.md @marcel.amirault /doc/ci/docker/using_docker_images.md @sselhorn /doc/ci/docker/using_kaniko.md @marcel.amirault -/doc/ci/enable_or_disable_ci.md @marcel.amirault /doc/ci/environments/ @rdickenson -/doc/ci/examples/authenticating-with-hashicorp-vault/index.md @marcel.amirault -/doc/ci/examples/deployment/composer-npm-deploy.md @rdickenson -/doc/ci/examples/deployment/index.md @rdickenson -/doc/ci/examples/end_to_end_testing_webdriverio/index.md @marcel.amirault +/doc/ci/examples/authenticating-with-hashicorp-vault/ @marcel.amirault +/doc/ci/examples/deployment/ @rdickenson +/doc/ci/examples/end_to_end_testing_webdriverio/ @marcel.amirault /doc/ci/examples/index.md @marcel.amirault -/doc/ci/examples/laravel_with_gitlab_and_envoy/index.md @marcel.amirault +/doc/ci/examples/laravel_with_gitlab_and_envoy/ @marcel.amirault /doc/ci/examples/php.md @marcel.amirault /doc/ci/examples/semantic-release.md @claytoncornell -/doc/ci/git_submodules.md @marcel.amirault -/doc/ci/index.md @marcel.amirault -/doc/ci/interactive_web_terminal/index.md @sselhorn -/doc/ci/introduction/index.md @marcel.amirault -/doc/ci/jobs/ci_job_token.md @marcel.amirault -/doc/ci/jobs/index.md @marcel.amirault -/doc/ci/jobs/job_control.md @marcel.amirault -/doc/ci/large_repositories/index.md @sselhorn -/doc/ci/lint.md @marcel.amirault -/doc/ci/metrics_reports.md @marcel.amirault -/doc/ci/migration/circleci.md @marcel.amirault -/doc/ci/migration/jenkins.md @marcel.amirault -/doc/ci/pipeline_editor/index.md @marcel.amirault +/doc/ci/interactive_web_terminal/ @sselhorn +/doc/ci/introduction/ @marcel.amirault +/doc/ci/jobs/ @marcel.amirault +/doc/ci/large_repositories/ @sselhorn +/doc/ci/migration/ @marcel.amirault +/doc/ci/pipeline_editor/ @marcel.amirault /doc/ci/pipelines/ @marcel.amirault -/doc/ci/quick_start/index.md @marcel.amirault -/doc/ci/resource_groups/index.md @rdickenson -/doc/ci/review_apps/index.md @marcel.amirault +/doc/ci/quick_start/ @marcel.amirault +/doc/ci/resource_groups/ @rdickenson +/doc/ci/review_apps/ @marcel.amirault /doc/ci/runners/ @sselhorn -/doc/ci/secrets/index.md @marcel.amirault -/doc/ci/secure_files/index.md @marcel.amirault +/doc/ci/runners/saas/ @sselhorn +/doc/ci/runners/saas/macos/ @sselhorn +/doc/ci/secrets/ @marcel.amirault +/doc/ci/secure_files/ @marcel.amirault /doc/ci/services/ @sselhorn -/doc/ci/ssh_keys/index.md @marcel.amirault -/doc/ci/test_cases/index.md @msedlakjakubowski -/doc/ci/triggers/index.md @marcel.amirault -/doc/ci/troubleshooting.md @marcel.amirault -/doc/ci/unit_test_reports.md @marcel.amirault +/doc/ci/ssh_keys/ @marcel.amirault +/doc/ci/test_cases/ @msedlakjakubowski +/doc/ci/testing/ @marcel.amirault +/doc/ci/testing/code_quality.md @rdickenson +/doc/ci/triggers/ @marcel.amirault /doc/ci/variables/ @marcel.amirault /doc/ci/yaml/ @marcel.amirault /doc/development/application_limits.md @axil /doc/development/approval_rules.md @aqualls -/doc/development/audit_event_guide/index.md @eread -/doc/development/auto_devops.md @sselhorn +/doc/development/audit_event_guide/ @eread +/doc/development/auto_devops.md @phillipwells +/doc/development/backend/ @sselhorn /doc/development/backend/create_source_code_be/ @aqualls -/doc/development/backend/ruby_style_guide.md @sselhorn /doc/development/build_test_package.md @axil /doc/development/bulk_import.md @eread /doc/development/cached_queries.md @sselhorn /doc/development/cascading_settings.md @eread -/doc/development/chatops_on_gitlabcom.md @sselhorn -/doc/development/cicd/cicd_reference_documentation_guide.md @marcel.amirault -/doc/development/cicd/index.md @marcel.amirault -/doc/development/cicd/schema.md @marcel.amirault -/doc/development/cicd/templates.md @marcel.amirault -/doc/development/code_intelligence/index.md @aqualls +/doc/development/chatops_on_gitlabcom.md @phillipwells +/doc/development/cicd/ @marcel.amirault +/doc/development/code_intelligence/ @aqualls /doc/development/contributing/ @sselhorn -/doc/development/contributing/merge_request_workflow.md @aqualls -/doc/development/database_review.md @aqualls /doc/development/database/ @aqualls +/doc/development/database/filtering_by_label.md @msedlakjakubowski +/doc/development/database/multiple_databases.md @sselhorn +/doc/development/database_review.md @aqualls /doc/development/developing_with_solargraph.md @aqualls +/doc/development/development_processes.md @sselhorn /doc/development/diffs.md @aqualls /doc/development/distributed_tracing.md @msedlakjakubowski /doc/development/documentation/ @sselhorn -/doc/development/documentation/index.md @dianalogan -/doc/development/documentation/redirects.md @dianalogan -/doc/development/documentation/review_apps.md @dianalogan -/doc/development/documentation/testing.md @dianalogan -/doc/development/elasticsearch.md @sselhorn -/doc/development/experiment_guide/gitlab_experiment.md @kpaizee -/doc/development/experiment_guide/index.md @kpaizee +/doc/development/documentation/styleguide/ @sselhorn +/doc/development/documentation/topic_types/ @sselhorn +/doc/development/elasticsearch.md @ashrafkhamis +/doc/development/experiment_guide/ @phillipwells /doc/development/export_csv.md @eread /doc/development/fe_guide/content_editor.md @aqualls /doc/development/fe_guide/dark_mode.md @sselhorn /doc/development/fe_guide/graphql.md @sselhorn +/doc/development/fe_guide/merge_request_widget_extensions.md @aqualls /doc/development/fe_guide/source_editor.md @aqualls -/doc/development/feature_categorization/index.md @sselhorn -/doc/development/feature_flags/controls.md @sselhorn -/doc/development/feature_flags/index.md @sselhorn -/doc/development/filtering_by_label.md @msedlakjakubowski +/doc/development/fe_guide/view_component.md @rdickenson +/doc/development/feature_categorization/ @sselhorn +/doc/development/feature_development.md @sselhorn +/doc/development/feature_flags/ @sselhorn +/doc/development/fips_compliance.md @aqualls /doc/development/geo.md @axil -/doc/development/geo/framework.md @axil +/doc/development/geo/ @axil /doc/development/git_object_deduplication.md @eread /doc/development/gitaly.md @eread -/doc/development/gitlab_flavored_markdown/index.md @aqualls -/doc/development/gitlab_flavored_markdown/specification_guide/index.md @aqualls -/doc/development/graphql_guide/ @kpaizee +/doc/development/gitlab_flavored_markdown/ @aqualls +/doc/development/gitlab_flavored_markdown/specification_guide/ @aqualls /doc/development/graphql_guide/batchloader.md @aqualls -/doc/development/hash_indexes.md @aqualls +/doc/development/graphql_guide/graphql_pro.md @ashrafkhamis +/doc/development/graphql_guide/index.md @ashrafkhamis +/doc/development/graphql_guide/monitoring.md @ashrafkhamis +/doc/development/graphql_guide/pagination.md @ashrafkhamis /doc/development/i18n/ @eread /doc/development/image_scaling.md @sselhorn /doc/development/import_export.md @eread /doc/development/index.md @sselhorn -/doc/development/integrations/ @kpaizee -/doc/development/integrations/codesandbox.md @sselhorn -/doc/development/integrations/secure_partner_integration.md @rdickenson +/doc/development/integrations/ @ashrafkhamis /doc/development/integrations/secure.md @claytoncornell +/doc/development/integrations/secure_partner_integration.md @rdickenson /doc/development/internal_api/ @aqualls /doc/development/internal_users.md @sselhorn /doc/development/issuable-like-models.md @msedlakjakubowski /doc/development/issue_types.md @msedlakjakubowski -/doc/development/kubernetes.md @sselhorn +/doc/development/kubernetes.md @phillipwells /doc/development/lfs.md @aqualls -/doc/development/ee_features.md @fneill /doc/development/logging.md @msedlakjakubowski /doc/development/maintenance_mode.md @axil +/doc/development/merge_request_concepts/ @aqualls /doc/development/omnibus.md @axil /doc/development/packages/ @claytoncornell +/doc/development/pages/ @aqualls /doc/development/permissions.md @eread /doc/development/policies.md @eread -/doc/development/product_qualified_lead_guide/index.md @kpaizee +/doc/development/product_qualified_lead_guide/ @phillipwells /doc/development/project_templates.md @fneill /doc/development/prometheus_metrics.md @msedlakjakubowski /doc/development/real_time.md @msedlakjakubowski +/doc/development/sec/ @rdickenson /doc/development/secure_coding_guidelines.md @sselhorn /doc/development/service_ping/ @claytoncornell /doc/development/snowplow/ @claytoncornell /doc/development/spam_protection_and_captcha/ @eread /doc/development/sql.md @aqualls -/doc/development/testing_guide/best_practices.md @sselhorn -/doc/development/testing_guide/end_to_end/best_practices.md @sselhorn +/doc/development/testing_guide/ @sselhorn +/doc/development/testing_guide/contract/ @sselhorn +/doc/development/testing_guide/end_to_end/ @sselhorn /doc/development/value_stream_analytics.md @fneill -/doc/development/value_stream_analytics/value_stream_analytics_aggregated_backend.md @fneill +/doc/development/value_stream_analytics/ @fneill /doc/development/wikis.md @aqualls -/doc/development/work_items_widgets.md @msedlakjakubowski /doc/development/work_items.md @msedlakjakubowski +/doc/development/work_items_widgets.md @msedlakjakubowski /doc/development/workhorse/ @aqualls -/doc/development/workspace/index.md @sselhorn -/doc/downgrade_ee_to_ce/index.md @axil +/doc/development/workspace/ @sselhorn +/doc/downgrade_ee_to_ce/ @axil +/doc/drawers/ @ashrafkhamis /doc/gitlab-basics/ @aqualls /doc/install/ @axil -/doc/integration/ @kpaizee -/doc/integration/advanced_search/ @sselhorn -/doc/integration/elasticsearch.md @sselhorn +/doc/install/aws/ @axil +/doc/install/azure/ @axil +/doc/install/cloud_native/ @axil +/doc/install/google_cloud_platform/ @axil +/doc/install/openshift_and_gitlab/ @axil +/doc/integration/advanced_search/ @ashrafkhamis +/doc/integration/akismet.md @ashrafkhamis +/doc/integration/alicloud.md @eread +/doc/integration/arkose.md @phillipwells +/doc/integration/auth0.md @eread +/doc/integration/azure.md @eread +/doc/integration/bitbucket.md @eread +/doc/integration/cas.md @eread +/doc/integration/datadog.md @ashrafkhamis +/doc/integration/ding_talk.md @eread +/doc/integration/external-issue-tracker.md @ashrafkhamis +/doc/integration/facebook.md @eread +/doc/integration/github.md @eread +/doc/integration/gitlab.md @eread /doc/integration/gitpod.md @aqualls +/doc/integration/gmail_action_buttons_for_gitlab.md @ashrafkhamis +/doc/integration/google.md @eread +/doc/integration/index.md @ashrafkhamis +/doc/integration/jenkins.md @ashrafkhamis +/doc/integration/jira/ @ashrafkhamis /doc/integration/kerberos.md @eread -/doc/integration/mattermost/index.md @axil +/doc/integration/mattermost/ @axil +/doc/integration/oauth2_generic.md @eread /doc/integration/oauth_provider.md @eread +/doc/integration/omniauth.md @eread +/doc/integration/openid_connect_provider.md @eread +/doc/integration/recaptcha.md @ashrafkhamis +/doc/integration/salesforce.md @eread /doc/integration/saml.md @eread -/doc/integration/security_partners/index.md @rdickenson +/doc/integration/security_partners/ @rdickenson +/doc/integration/slash_commands.md @ashrafkhamis /doc/integration/sourcegraph.md @aqualls -/doc/integration/vault.md @sselhorn -/doc/operations/ @msedlakjakubowski +/doc/integration/trello_power_up.md @ashrafkhamis +/doc/integration/twitter.md @eread +/doc/integration/vault.md @phillipwells +/doc/operations/error_tracking.md msedlakjakubowski /doc/operations/feature_flags.md @rdickenson +/doc/operations/incident_management/ @msedlakjakubowski +/doc/operations/index.md @msedlakjakubowski +/doc/operations/metrics/ @msedlakjakubowski +/doc/operations/metrics/dashboards/ @msedlakjakubowski /doc/operations/product_analytics.md @claytoncornell -/doc/policy/alpha-beta-support.md @axil -/doc/policy/maintenance.md @axil @gitlab-org/delivery +/doc/operations/tracing.md @msedlakjakubowski +/doc/policy/ @axil /doc/raketasks/ @axil /doc/raketasks/generate_sample_prometheus_data.md @msedlakjakubowski /doc/raketasks/migrate_snippets.md @aqualls /doc/raketasks/spdx.md @rdickenson /doc/raketasks/x509_signatures.md @aqualls /doc/security/ @eread -/doc/subscriptions/ @sselhorn -/doc/topics/authentication/index.md @eread -/doc/topics/autodevops/ @sselhorn +/doc/subscriptions/ @fneill +/doc/subscriptions/gitlab_com/ @fneill +/doc/subscriptions/gitlab_dedicated/ @axil +/doc/subscriptions/self_managed/ @fneill +/doc/topics/authentication/ @eread +/doc/topics/autodevops/ @phillipwells +/doc/topics/autodevops/cloud_deployments/ @phillipwells /doc/topics/git/ @aqualls +/doc/topics/git/how_to_install_git/ @aqualls +/doc/topics/git/lfs/ @aqualls +/doc/topics/git/numerous_undo_possibilities_in_git/ @aqualls /doc/topics/gitlab_flow.md @aqualls -/doc/topics/offline/index.md @axil -/doc/topics/offline/quick_start_guide.md @axil +/doc/topics/offline/ @axil /doc/topics/plan_and_track.md @msedlakjakubowski /doc/tutorials/ @kpaizee /doc/update/ @axil /doc/update/mysql_to_postgresql.md @aqualls +/doc/update/package/ @axil /doc/update/upgrading_postgresql_using_slony.md @aqualls /doc/user/admin_area/analytics/ @fneill -/doc/user/admin_area/broadcast_messages.md @kpaizee +/doc/user/admin_area/broadcast_messages.md @phillipwells /doc/user/admin_area/credentials_inventory.md @eread /doc/user/admin_area/custom_project_templates.md @eread /doc/user/admin_area/diff_limits.md @aqualls /doc/user/admin_area/geo_sites.md @axil /doc/user/admin_area/labels.md @msedlakjakubowski -/doc/user/admin_area/license_file.md @sselhorn -/doc/user/admin_area/license.md @sselhorn +/doc/user/admin_area/license.md @fneill +/doc/user/admin_area/license_file.md @fneill /doc/user/admin_area/merge_requests_approvals.md @aqualls /doc/user/admin_area/moderate_users.md @eread /doc/user/admin_area/monitoring/background_migrations.md @aqualls /doc/user/admin_area/monitoring/health_check.md @msedlakjakubowski +/doc/user/admin_area/reporting/git_abuse_rate_limit.md @phillipwells /doc/user/admin_area/reporting/spamcheck.md @axil /doc/user/admin_area/review_abuse_reports.md @eread /doc/user/admin_area/settings/account_and_limit_settings.md @aqualls @@ -642,89 +824,120 @@ lib/gitlab/checks/** @proglottis @toon @zj-gitlab /doc/user/admin_area/settings/git_lfs_rate_limits.md @aqualls /doc/user/admin_area/settings/gitaly_timeouts.md @eread /doc/user/admin_area/settings/import_export_rate_limits.md @eread +/doc/user/admin_area/settings/incident_management_rate_limits.md @msedlakjakubowski /doc/user/admin_area/settings/index.md @aqualls /doc/user/admin_area/settings/instance_template_repository.md @aqualls /doc/user/admin_area/settings/package_registry_rate_limits.md @claytoncornell -/doc/user/admin_area/settings/project_integration_management.md @kpaizee +/doc/user/admin_area/settings/project_integration_management.md @ashrafkhamis /doc/user/admin_area/settings/push_event_activities_limit.md @aqualls /doc/user/admin_area/settings/rate_limit_on_issues_creation.md @msedlakjakubowski /doc/user/admin_area/settings/rate_limit_on_notes_creation.md @msedlakjakubowski +/doc/user/admin_area/settings/rate_limit_on_pipelines_creation.md @marcel.amirault +/doc/user/admin_area/settings/rate_limit_on_users_api.md @eread /doc/user/admin_area/settings/third_party_offers.md @fneill /doc/user/admin_area/settings/usage_statistics.md @claytoncornell /doc/user/admin_area/settings/visibility_and_access_controls.md @aqualls -/doc/user/analytics/ @fneill /doc/user/analytics/ci_cd_analytics.md @rdickenson -/doc/user/application_security/ @rdickenson -/doc/user/application_security/cluster_image_scanning/index.md @claytoncornell -/doc/user/application_security/container_scanning/index.md @claytoncornell +/doc/user/analytics/ @fneill +/doc/user/application_security/api_fuzzing/ @rdickenson +/doc/user/application_security/configuration/ @rdickenson +/doc/user/application_security/container_scanning/ @claytoncornell +/doc/user/application_security/coverage_fuzzing/ @rdickenson /doc/user/application_security/cve_id_request.md @claytoncornell +/doc/user/application_security/dast/ @rdickenson +/doc/user/application_security/dast/checks/ @rdickenson +/doc/user/application_security/dast_api/ @rdickenson +/doc/user/application_security/dependency_list/ @rdickenson +/doc/user/application_security/dependency_scanning/ @rdickenson +/doc/user/application_security/generate_test_vulnerabilities/ @claytoncornell +/doc/user/application_security/iac_scanning/ @rdickenson +/doc/user/application_security/index.md @rdickenson +/doc/user/application_security/offline_deployments/ @rdickenson /doc/user/application_security/policies/ @claytoncornell -/doc/user/application_security/security_dashboard/index.md @claytoncornell -/doc/user/application_security/vulnerabilities/index.md @claytoncornell -/doc/user/application_security/vulnerabilities/severities.md @claytoncornell -/doc/user/application_security/vulnerability_report/index.md @claytoncornell +/doc/user/application_security/sast/ @rdickenson +/doc/user/application_security/secret_detection/ @rdickenson +/doc/user/application_security/security_dashboard/ @claytoncornell +/doc/user/application_security/terminology/ @rdickenson +/doc/user/application_security/vulnerabilities/ @claytoncornell +/doc/user/application_security/vulnerability_report/ @claytoncornell /doc/user/asciidoc.md @aqualls /doc/user/award_emojis.md @msedlakjakubowski -/doc/user/clusters/ @sselhorn -/doc/user/compliance/compliance_report/index.md @eread -/doc/user/compliance/index.md @eread -/doc/user/compliance/license_compliance/index.md @rdickenson -/doc/user/crm/index.md @msedlakjakubowski -/doc/user/discussions/index.md @aqualls +/doc/user/clusters/ @phillipwells +/doc/user/clusters/agent/ @phillipwells +/doc/user/clusters/agent/gitops/ @phillipwells +/doc/user/clusters/agent/install/ @phillipwells +/doc/user/clusters/create/ @phillipwells +/doc/user/compliance/ @eread +/doc/user/compliance/compliance_report/ @eread +/doc/user/compliance/license_compliance/ @rdickenson +/doc/user/crm/ @msedlakjakubowski +/doc/user/discussions/ @aqualls /doc/user/feature_flags.md @sselhorn -/doc/user/group/clusters/index.md @sselhorn -/doc/user/group/contribution_analytics/index.md @fneill +/doc/user/free_user_limit.md @phillipwells +/doc/user/group/access_and_permissions.md @fneill +/doc/user/group/clusters/ @phillipwells +/doc/user/group/contribution_analytics/ @fneill /doc/user/group/custom_project_templates.md @eread -/doc/user/group/devops_adoption/index.md @fneill -/doc/user/group/epics/epic_boards.md @msedlakjakubowski -/doc/user/group/epics/index.md @msedlakjakubowski -/doc/user/group/epics/linked_epics.md @msedlakjakubowski -/doc/user/group/epics/manage_epics.md @msedlakjakubowski -/doc/user/group/import/index.md @eread +/doc/user/group/devops_adoption/ @fneill +/doc/user/group/epics/ @msedlakjakubowski +/doc/user/group/import/ @eread /doc/user/group/index.md @fneill -/doc/user/group/insights/index.md @fneill -/doc/user/group/issues_analytics/index.md @msedlakjakubowski -/doc/user/group/iterations/index.md @msedlakjakubowski -/doc/user/group/planning_hierarchy/index.md @msedlakjakubowski -/doc/user/group/repositories_analytics/index.md @marcel.amirault -/doc/user/group/roadmap/index.md @msedlakjakubowski -/doc/user/group/saml_sso/group_managed_accounts.md @eread -/doc/user/group/saml_sso/index.md @eread -/doc/user/group/saml_sso/scim_setup.md @eread -/doc/user/group/saml_sso/example_saml_config.md @eread -/doc/user/group/settings/group_access_tokens.md @eread -/doc/user/group/settings/import_export.md @eread -/doc/user/group/subgroups/index.md @fneill -/doc/user/group/value_stream_analytics/index.md @fneill -/doc/user/infrastructure/clusters/ @sselhorn -/doc/user/infrastructure/clusters/manage/management_project_applications/apparmor.md @claytoncornell -/doc/user/infrastructure/clusters/manage/management_project_applications/cilium.md @claytoncornell -/doc/user/infrastructure/clusters/manage/management_project_applications/elasticstack.md @msedlakjakubowski -/doc/user/infrastructure/clusters/manage/management_project_applications/falco.md @claytoncornell -/doc/user/infrastructure/clusters/manage/management_project_applications/fluentd.md @claytoncornell -/doc/user/infrastructure/clusters/manage/management_project_applications/prometheus.md @msedlakjakubowski +/doc/user/group/insights/ @fneill +/doc/user/group/issues_analytics/ @msedlakjakubowski +/doc/user/group/iterations/ @msedlakjakubowski +/doc/user/group/manage.md @fneill +/doc/user/group/planning_hierarchy/ @msedlakjakubowski +/doc/user/group/repositories_analytics/ @marcel.amirault +/doc/user/group/roadmap/ @msedlakjakubowski +/doc/user/group/saml_sso/ @eread +/doc/user/group/settings/ @eread +/doc/user/group/subgroups/ @fneill +/doc/user/group/value_stream_analytics/ @fneill +/doc/user/infrastructure/ @phillipwells +/doc/user/infrastructure/clusters/ @phillipwells +/doc/user/infrastructure/clusters/connect/ @phillipwells +/doc/user/infrastructure/clusters/deploy/ @phillipwells +/doc/user/infrastructure/clusters/manage/ @phillipwells +/doc/user/infrastructure/clusters/manage/management_project_applications/certmanager.md @phillipwells +/doc/user/infrastructure/clusters/manage/management_project_applications/ingress.md @phillipwells /doc/user/infrastructure/clusters/manage/management_project_applications/runner.md @sselhorn -/doc/user/infrastructure/clusters/manage/management_project_applications/sentry.md @msedlakjakubowski -/doc/user/infrastructure/clusters/manage/management_project_applications/vault.md @sselhorn -/doc/user/infrastructure/iac/ @sselhorn -/doc/user/infrastructure/index.md @sselhorn +/doc/user/infrastructure/clusters/manage/management_project_applications/vault.md @phillipwells +/doc/user/infrastructure/iac/ @phillipwells /doc/user/markdown.md @aqualls +/doc/user/namespace/ @fneill /doc/user/packages/ @claytoncornell -/doc/user/packages/infrastructure_registry/index.md @sselhorn -/doc/user/packages/terraform_module_registry/index.md @sselhorn +/doc/user/packages/composer_repository/ @claytoncornell +/doc/user/packages/conan_repository/ @claytoncornell +/doc/user/packages/container_registry/ @claytoncornell +/doc/user/packages/debian_repository/ @claytoncornell +/doc/user/packages/dependency_proxy/ @claytoncornell +/doc/user/packages/generic_packages/ @claytoncornell +/doc/user/packages/go_proxy/ @claytoncornell +/doc/user/packages/helm_repository/ @claytoncornell +/doc/user/packages/infrastructure_registry/ @phillipwells +/doc/user/packages/maven_repository/ @claytoncornell +/doc/user/packages/npm_registry/ @claytoncornell +/doc/user/packages/nuget_repository/ @claytoncornell +/doc/user/packages/package_registry/ @claytoncornell +/doc/user/packages/pypi_repository/ @claytoncornell +/doc/user/packages/rubygems_registry/ @claytoncornell +/doc/user/packages/terraform_module_registry/ @phillipwells +/doc/user/packages/workflows/ @claytoncornell /doc/user/permissions.md @eread -/doc/user/profile/ @eread +/doc/user/profile/account/ @eread +/doc/user/profile/index.md @eread /doc/user/profile/notifications.md @msedlakjakubowski +/doc/user/profile/personal_access_tokens.md @eread +/doc/user/profile/unknown_sign_in_notification.md @eread /doc/user/project/autocomplete_characters.md @aqualls /doc/user/project/badges.md @aqualls -/doc/user/project/clusters/ @sselhorn -/doc/user/project/clusters/kubernetes_pod_logs.md @msedlakjakubowski -/doc/user/project/clusters/protect/ @claytoncornell +/doc/user/project/clusters/ @phillipwells +/doc/user/project/clusters/runbooks/ @phillipwells /doc/user/project/code_intelligence.md @aqualls /doc/user/project/code_owners.md @aqualls /doc/user/project/deploy_boards.md @rdickenson -/doc/user/project/deploy_keys/index.md @rdickenson -/doc/user/project/deploy_tokens/index.md @rdickenson +/doc/user/project/deploy_keys/ @rdickenson +/doc/user/project/deploy_tokens/ @rdickenson /doc/user/project/description_templates.md @msedlakjakubowski /doc/user/project/file_lock.md @aqualls /doc/user/project/git_attributes.md @aqualls @@ -732,58 +945,50 @@ lib/gitlab/checks/** @proglottis @toon @zj-gitlab /doc/user/project/import/ @eread /doc/user/project/import/jira.md @msedlakjakubowski /doc/user/project/index.md @fneill -/doc/user/project/integrations/ @kpaizee -/doc/user/project/integrations/prometheus_library/ @msedlakjakubowski +/doc/user/project/integrations/ @ashrafkhamis /doc/user/project/integrations/prometheus.md @msedlakjakubowski +/doc/user/project/integrations/prometheus_library/ @msedlakjakubowski /doc/user/project/issue_board.md @msedlakjakubowski /doc/user/project/issues/ @msedlakjakubowski /doc/user/project/issues/csv_import.md @eread -/doc/user/project/labels.md @msedlakjakubowski -/doc/user/project/members/index.md @fneill -/doc/user/project/members/share_project_with_groups.md @fneill +/doc/user/project/members/ @fneill /doc/user/project/merge_requests/ @aqualls -/doc/user/project/merge_requests/accessibility_testing.md @marcel.amirault -/doc/user/project/merge_requests/browser_performance_testing.md @marcel.amirault -/doc/user/project/merge_requests/code_quality.md @rdickenson +/doc/user/project/merge_requests/approvals/ @aqualls /doc/user/project/merge_requests/csv_export.md @eread -/doc/user/project/merge_requests/fail_fast_testing.md @marcel.amirault -/doc/user/project/merge_requests/load_performance_testing.md @marcel.amirault /doc/user/project/merge_requests/status_checks.md @eread -/doc/user/project/merge_requests/test_coverage_visualization.md @marcel.amirault -/doc/user/project/merge_requests/testing_and_reports_in_merge_requests.md @marcel.amirault -/doc/user/project/milestones/burndown_and_burnup_charts.md @msedlakjakubowski -/doc/user/project/milestones/index.md @msedlakjakubowski +/doc/user/project/milestones/ @msedlakjakubowski /doc/user/project/pages/ @aqualls +/doc/user/project/pages/custom_domains_ssl_tls_certification/ @aqualls +/doc/user/project/pages/getting_started/ @aqualls /doc/user/project/protected_branches.md @aqualls /doc/user/project/protected_tags.md @aqualls /doc/user/project/push_options.md @aqualls /doc/user/project/quick_actions.md @msedlakjakubowski -/doc/user/project/releases/index.md @rdickenson -/doc/user/project/releases/release_cli.md @rdickenson +/doc/user/project/releases/ @rdickenson /doc/user/project/repository/ @aqualls +/doc/user/project/repository/branches/ @aqualls +/doc/user/project/repository/managing_large_repositories.md @axil /doc/user/project/repository/reducing_the_repo_size_using_git.md @eread -/doc/user/project/requirements/index.md @msedlakjakubowski +/doc/user/project/requirements/ @msedlakjakubowski /doc/user/project/service_desk.md @msedlakjakubowski /doc/user/project/settings/import_export.md @eread /doc/user/project/settings/index.md @fneill /doc/user/project/settings/project_access_tokens.md @eread /doc/user/project/time_tracking.md @msedlakjakubowski -/doc/user/project/web_ide/index.md @aqualls -/doc/user/project/wiki/group.md @aqualls -/doc/user/project/wiki/index.md @aqualls +/doc/user/project/web_ide/ @aqualls +/doc/user/project/wiki/ @aqualls /doc/user/project/working_with_projects.md @fneill /doc/user/public_access.md @fneill /doc/user/reserved_names.md @fneill -/doc/user/search/advanced_search.md @sselhorn -/doc/user/search/global_search/advanced_search_syntax.md @sselhorn -/doc/user/search/index.md @sselhorn +/doc/user/search/ @ashrafkhamis +/doc/user/search/global_search/ @ashrafkhamis /doc/user/shortcuts.md @aqualls /doc/user/snippets.md @aqualls /doc/user/ssh.md @eread /doc/user/tasks.md @msedlakjakubowski /doc/user/todos.md @msedlakjakubowski -/doc/user/usage_quotas.md @sselhorn -/doc/user/workspace/index.md @fneill +/doc/user/usage_quotas.md @fneill +/doc/user/workspace/ @fneill [Authentication and Authorization] /app/assets/javascripts/access_tokens/ @gitlab-org/manage/authentication-and-authorization/approvers @@ -853,6 +1058,14 @@ lib/gitlab/checks/** @proglottis @toon @zj-gitlab /app/models/token_with_iv.rb @gitlab-org/manage/authentication-and-authorization/approvers /app/models/webauthn_registration.rb @gitlab-org/manage/authentication-and-authorization/approvers /app/policies/personal_access_token_policy.rb @gitlab-org/manage/authentication-and-authorization/approvers +/app/serializers/group_access_token_entity.rb @gitlab-org/manage/authentication-and-authorization/approvers +/app/serializers/group_access_token_serializer.rb @gitlab-org/manage/authentication-and-authorization/approvers +/app/serializers/impersonation_access_token_entity.rb @gitlab-org/manage/authentication-and-authorization/approvers +/app/serializers/impersonation_access_token_serializer.rb @gitlab-org/manage/authentication-and-authorization/approvers +/app/serializers/personal_access_token_entity.rb @gitlab-org/manage/authentication-and-authorization/approvers +/app/serializers/personal_access_token_serializer.rb @gitlab-org/manage/authentication-and-authorization/approvers +/app/serializers/project_access_token_entity.rb @gitlab-org/manage/authentication-and-authorization/approvers +/app/serializers/project_access_token_serializer.rb @gitlab-org/manage/authentication-and-authorization/approvers /app/services/access_token_validation_service.rb @gitlab-org/manage/authentication-and-authorization/approvers /app/services/auth/ @gitlab-org/manage/authentication-and-authorization/approvers /app/services/authorized_project_update/ @gitlab-org/manage/authentication-and-authorization/approvers @@ -863,8 +1076,11 @@ lib/gitlab/checks/** @proglottis @toon @zj-gitlab /app/services/todos/destroy/unauthorized_features_service.rb @gitlab-org/manage/authentication-and-authorization/approvers /app/services/users/authorized_build_service.rb @gitlab-org/manage/authentication-and-authorization/approvers /app/services/users/authorized_create_service.rb @gitlab-org/manage/authentication-and-authorization/approvers +/app/services/users/email_verification/generate_token_service.rb @gitlab-org/manage/authentication-and-authorization/approvers +/app/services/users/email_verification/validate_token_service.rb @gitlab-org/manage/authentication-and-authorization/approvers /app/services/users/refresh_authorized_projects_service.rb @gitlab-org/manage/authentication-and-authorization/approvers /app/services/webauthn/ @gitlab-org/manage/authentication-and-authorization/approvers +/app/validators/json_schemas/build_metadata_id_tokens.json @gitlab-org/manage/authentication-and-authorization/approvers /app/validators/json_schemas/cluster_agent_authorization_configuration.json @gitlab-org/manage/authentication-and-authorization/approvers /app/views/admin/application_settings/_external_authorization_service_form.html.haml @gitlab-org/manage/authentication-and-authorization/approvers /app/views/admin/impersonation_tokens/ @gitlab-org/manage/authentication-and-authorization/approvers @@ -909,20 +1125,6 @@ lib/gitlab/checks/** @proglottis @toon @zj-gitlab /app/workers/authorized_project_update/ @gitlab-org/manage/authentication-and-authorization/approvers /app/workers/authorized_projects_worker.rb @gitlab-org/manage/authentication-and-authorization/approvers /app/workers/personal_access_tokens/ @gitlab-org/manage/authentication-and-authorization/approvers -/config/feature_flags/development/access_token_pagination.yml @gitlab-org/manage/authentication-and-authorization/approvers -/config/feature_flags/development/application_settings_tokens_optional_encryption.yml @gitlab-org/manage/authentication-and-authorization/approvers -/config/feature_flags/development/enforce_auth_checks_on_uploads.yml @gitlab-org/manage/authentication-and-authorization/approvers -/config/feature_flags/development/forti_authenticator.yml @gitlab-org/manage/authentication-and-authorization/approvers -/config/feature_flags/development/forti_token_cloud.yml @gitlab-org/manage/authentication-and-authorization/approvers -/config/feature_flags/development/groups_tokens_optional_encryption.yml @gitlab-org/manage/authentication-and-authorization/approvers -/config/feature_flags/development/pbkdf2_password_encryption.yml @gitlab-org/manage/authentication-and-authorization/approvers -/config/feature_flags/development/pbkdf2_password_encryption_write.yml @gitlab-org/manage/authentication-and-authorization/approvers -/config/feature_flags/development/projects_tokens_optional_encryption.yml @gitlab-org/manage/authentication-and-authorization/approvers -/config/feature_flags/development/skip_group_share_unlink_auth_refresh.yml @gitlab-org/manage/authentication-and-authorization/approvers -/config/feature_flags/development/specialized_worker_for_group_lock_update_auth_recalculation.yml @gitlab-org/manage/authentication-and-authorization/approvers -/config/feature_flags/development/update_oauth_registration_flow.yml @gitlab-org/manage/authentication-and-authorization/approvers -/config/feature_flags/development/webauthn.yml @gitlab-org/manage/authentication-and-authorization/approvers -/config/feature_flags/ops/block_password_auth_for_saml_users.yml @gitlab-org/manage/authentication-and-authorization/approvers /config/initializers/01_secret_token.rb @gitlab-org/manage/authentication-and-authorization/approvers /config/initializers/devise_dynamic_password_length_validation.rb @gitlab-org/manage/authentication-and-authorization/approvers /config/initializers/devise_password_length.rb.example @gitlab-org/manage/authentication-and-authorization/approvers @@ -936,6 +1138,7 @@ lib/gitlab/checks/** @proglottis @toon @zj-gitlab /ee/app/assets/javascripts/access_tokens/ @gitlab-org/manage/authentication-and-authorization/approvers /ee/app/assets/javascripts/audit_events/components/tokens/ @gitlab-org/manage/authentication-and-authorization/approvers /ee/app/assets/javascripts/audit_events/token_utils.js @gitlab-org/manage/authentication-and-authorization/approvers +/ee/app/assets/javascripts/batch_comments/ @gitlab-org/manage/authentication-and-authorization/approvers /ee/app/assets/javascripts/groups/settings/components/ @gitlab-org/manage/authentication-and-authorization/approvers /ee/app/assets/javascripts/pages/admin/application_settings/general/components/ @gitlab-org/manage/authentication-and-authorization/approvers /ee/app/assets/javascripts/pages/groups/omniauth_callbacks/ @gitlab-org/manage/authentication-and-authorization/approvers @@ -957,7 +1160,7 @@ lib/gitlab/checks/** @proglottis @toon @zj-gitlab /ee/app/controllers/groups/omniauth_callbacks_controller.rb @gitlab-org/manage/authentication-and-authorization/approvers /ee/app/controllers/groups/scim_oauth_controller.rb @gitlab-org/manage/authentication-and-authorization/approvers /ee/app/controllers/oauth/ @gitlab-org/manage/authentication-and-authorization/approvers -/ee/app/controllers/omniauth_kerberos_spnego_controller.rb @gitlab-org/manage/authentication-and-authorization/approvers +/ee/app/controllers/omniauth_kerberos_controller.rb @gitlab-org/manage/authentication-and-authorization/approvers /ee/app/finders/auth/ @gitlab-org/manage/authentication-and-authorization/approvers /ee/app/helpers/ee/access_tokens_helper.rb @gitlab-org/manage/authentication-and-authorization/approvers /ee/app/helpers/ee/auth_helper.rb @gitlab-org/manage/authentication-and-authorization/approvers @@ -1023,6 +1226,7 @@ lib/gitlab/checks/** @proglottis @toon @zj-gitlab /lib/gitlab/background_migration/update_users_where_two_factor_auth_required_from_group.rb @gitlab-org/manage/authentication-and-authorization/approvers /lib/gitlab/chat_name_token.rb @gitlab-org/manage/authentication-and-authorization/approvers /lib/gitlab/ci/pipeline/expression/token.rb @gitlab-org/manage/authentication-and-authorization/approvers +/lib/gitlab/cleanup/unused_personal_access_tokens.rb @gitlab-org/manage/authentication-and-authorization/approvers /lib/gitlab/external_authorization/ @gitlab-org/manage/authentication-and-authorization/approvers /lib/gitlab/external_authorization.rb @gitlab-org/manage/authentication-and-authorization/approvers /lib/gitlab/grape_logging/loggers/token_logger.rb @gitlab-org/manage/authentication-and-authorization/approvers @@ -1040,6 +1244,13 @@ lib/gitlab/checks/** @proglottis @toon @zj-gitlab /lib/tasks/gitlab/password.rake @gitlab-org/manage/authentication-and-authorization/approvers /lib/tasks/tokens.rake @gitlab-org/manage/authentication-and-authorization/approvers +[Manage::Workspace] +lib/api/entities/basic_project_details.rb @gitlab-org/manage/manage-workspace/backend-approvers +lib/api/entities/project_with_access.rb @gitlab-org/manage/manage-workspace/backend-approvers +lib/api/entities/project_identity.rb @gitlab-org/manage/manage-workspace/backend-approvers +lib/api/entities/project.rb @gitlab-org/manage/manage-workspace/backend-approvers +ee/lib/ee/api/entities/project.rb @gitlab-org/manage/manage-workspace/backend-approvers + [Compliance] /ee/app/services/audit_events/build_service.rb @gitlab-org/manage/compliance /ee/spec/services/audit_events/custom_audit_event_service_spec.rb @gitlab-org/manage/compliance @@ -1047,21 +1258,6 @@ lib/gitlab/checks/** @proglottis @toon @zj-gitlab /app/services/audit_event_service.rb @gitlab-org/manage/compliance /app/services/concerns/audit_event_save_type.rb @gitlab-org/manage/compliance /app/views/profiles/audit_log.html.haml @gitlab-org/manage/compliance -/data/deprecations/14-3-repository-push-audit-events.yml @gitlab-org/manage/compliance -/data/removals/15_0/removal_manage_repository_push_audit_event.yml @gitlab-org/manage/compliance -/db/docs/audit_events.yml @gitlab-org/manage/compliance -/db/docs/audit_events_external_audit_event_destinations.yml @gitlab-org/manage/compliance -/db/docs/audit_events_streaming_headers.yml @gitlab-org/manage/compliance -/db/migrate/20210819185500_create_external_audit_event_destinations_table.rb @gitlab-org/manage/compliance -/db/migrate/20220524141800_create_audit_events_streaming_headers.rb @gitlab-org/manage/compliance -/db/post_migrate/20210331105335_drop_non_partitioned_audit_events.rb @gitlab-org/manage/compliance -/db/post_migrate/20220119094503_populate_audit_event_streaming_verification_token.rb @gitlab-org/manage/compliance -/doc/administration/audit_event_streaming.md @gitlab-org/manage/compliance -/doc/administration/audit_events.md @gitlab-org/manage/compliance -/doc/administration/audit_reports.md @gitlab-org/manage/compliance -/doc/administration/auditor_users.md @gitlab-org/manage/compliance -/doc/api/audit_events.md @gitlab-org/manage/compliance -/doc/api/graphql/audit_report.md @gitlab-org/manage/compliance /ee/app/assets/javascripts/audit_events/components/audit_events_app.vue @gitlab-org/manage/compliance /ee/app/assets/javascripts/audit_events/components/audit_events_export_button.vue @gitlab-org/manage/compliance /ee/app/assets/javascripts/audit_events/components/audit_events_filter.vue @gitlab-org/manage/compliance @@ -1119,58 +1315,5 @@ lib/gitlab/checks/** @proglottis @toon @zj-gitlab /ee/lib/ee/api/entities/audit_event.rb @gitlab-org/manage/compliance /ee/lib/ee/audit/ @gitlab-org/manage/compliance /ee/lib/ee/gitlab/audit/ @gitlab-org/manage/compliance -/ee/spec/controllers/admin/audit_log_reports_controller_spec.rb @gitlab-org/manage/compliance -/ee/spec/controllers/admin/audit_logs_controller_spec.rb @gitlab-org/manage/compliance -/ee/spec/controllers/groups/audit_events_controller_spec.rb @gitlab-org/manage/compliance -/ee/spec/controllers/projects/audit_events_controller_spec.rb @gitlab-org/manage/compliance -/ee/spec/factories/audit_events/external_audit_event_destinations.rb @gitlab-org/manage/compliance -/ee/spec/features/admin/admin_audit_logs_spec.rb @gitlab-org/manage/compliance -/ee/spec/features/groups/audit_events_spec.rb @gitlab-org/manage/compliance -/ee/spec/features/projects/audit_events_spec.rb @gitlab-org/manage/compliance -/ee/spec/finders/audit_event_finder_spec.rb @gitlab-org/manage/compliance -/ee/spec/fixtures/api/schemas/public_api/v4/audit_event.json @gitlab-org/manage/compliance -/ee/spec/fixtures/api/schemas/public_api/v4/audit_events.json @gitlab-org/manage/compliance -/ee/spec/frontend/audit_events/components/__snapshots__/ @gitlab-org/manage/compliance -/ee/spec/frontend/audit_events/components/audit_events_app_spec.js @gitlab-org/manage/compliance -/ee/spec/frontend/audit_events/components/audit_events_export_button_spec.js @gitlab-org/manage/compliance -/ee/spec/frontend/audit_events/components/audit_events_filter_spec.js @gitlab-org/manage/compliance -/ee/spec/frontend/audit_events/components/audit_events_logs_spec.js @gitlab-org/manage/compliance -/ee/spec/frontend/audit_events/components/audit_events_stream_spec.js @gitlab-org/manage/compliance -/ee/spec/frontend/audit_events/components/audit_events_table_spec.js @gitlab-org/manage/compliance -/ee/spec/frontend/audit_events/components/tokens/shared/ @gitlab-org/manage/compliance -/ee/spec/graphql/types/audit_events/exterrnal_audit_event_destination_type_spec.rb @gitlab-org/manage/compliance -/ee/spec/helpers/audit_events_helper_spec.rb @gitlab-org/manage/compliance -/ee/spec/lib/audit/external_status_check_changes_auditor_spec.rb @gitlab-org/manage/compliance -/ee/spec/lib/audit/group_merge_request_approval_setting_changes_auditor_spec.rb @gitlab-org/manage/compliance -/ee/spec/lib/audit/group_push_rules_changes_auditor_spec.rb @gitlab-org/manage/compliance -/ee/spec/lib/ee/audit/ @gitlab-org/manage/compliance -/ee/spec/lib/gitlab/audit/auditor_spec.rb @gitlab-org/manage/compliance -/ee/spec/models/audit_events/external_audit_event_destination_spec.rb @gitlab-org/manage/compliance -/ee/spec/models/concerns/auditable_spec.rb @gitlab-org/manage/compliance -/ee/spec/models/ee/audit_event_spec.rb @gitlab-org/manage/compliance -/ee/spec/presenters/audit_event_presenter_spec.rb @gitlab-org/manage/compliance -/ee/spec/requests/admin/audit_events_spec.rb @gitlab-org/manage/compliance -/ee/spec/requests/api/audit_events_spec.rb @gitlab-org/manage/compliance -/ee/spec/requests/api/graphql/group/external_audit_event_destinations_spec.rb @gitlab-org/manage/compliance -/ee/spec/requests/groups/audit_events_spec.rb @gitlab-org/manage/compliance -/ee/spec/requests/projects/audit_events_spec.rb @gitlab-org/manage/compliance -/ee/spec/serializers/audit_event_entity_spec.rb @gitlab-org/manage/compliance -/ee/spec/serializers/audit_event_serializer_spec.rb @gitlab-org/manage/compliance -/ee/spec/services/audit_event_service_spec.rb @gitlab-org/manage/compliance -/ee/spec/support/shared_contexts/audit_event_not_licensed_shared_context.rb @gitlab-org/manage/compliance -/ee/spec/support/shared_contexts/audit_event_queue_shared_context.rb @gitlab-org/manage/compliance -/ee/spec/support/shared_examples/audit/ @gitlab-org/manage/compliance -/ee/spec/support/shared_examples/features/audit_events_filter_shared_examples.rb @gitlab-org/manage/compliance -/ee/spec/support/shared_examples/services/audit_event_logging_shared_examples.rb @gitlab-org/manage/compliance -/ee/spec/workers/audit_events/audit_event_streaming_worker_spec.rb @gitlab-org/manage/compliance /lib/gitlab/audit/auditor.rb @gitlab-org/manage/compliance /lib/gitlab/audit_json_logger.rb @gitlab-org/manage/compliance -/spec/factories/audit_events.rb @gitlab-org/manage/compliance -/spec/lib/gitlab/audit/auditor_spec.rb @gitlab-org/manage/compliance -/spec/migrations/populate_audit_event_streaming_verification_token_spec.rb @gitlab-org/manage/compliance -/spec/models/audit_event_spec.rb @gitlab-org/manage/compliance -/spec/services/audit_event_service_spec.rb @gitlab-org/manage/compliance -/spec/services/concerns/audit_event_save_type_spec.rb @gitlab-org/manage/compliance -/spec/support/shared_examples/sends_git_audit_streaming_event_shared_examples.rb @gitlab-org/manage/compliance -/spec/views/profiles/audit_log.html.haml_spec.rb @gitlab-org/manage/compliance -/vendor/project_templates/hipaa_audit_protocol.tar.gz @gitlab-org/manage/compliance diff --git a/.gitlab/agents/review-apps/config.yaml b/.gitlab/agents/review-apps/config.yaml new file mode 100644 index 00000000000..945b3a18d30 --- /dev/null +++ b/.gitlab/agents/review-apps/config.yaml @@ -0,0 +1 @@ +# This empty file is used for agent-based integration with Kubernetes diff --git a/.gitlab/ci/_skip.yml b/.gitlab/ci/_skip.yml new file mode 100644 index 00000000000..27a3ff5b836 --- /dev/null +++ b/.gitlab/ci/_skip.yml @@ -0,0 +1,11 @@ +# no-op pipeline template for skipping whole child pipeline execution + +no-op: + image: ${GITLAB_DEPENDENCY_PROXY}alpine:latest + stage: test + variables: + GIT_STRATEGY: none + script: + - echo "${SKIP_MESSAGE:-no-op run, nothing will be executed!}" + rules: + - when: always diff --git a/.gitlab/ci/build-images.gitlab-ci.yml b/.gitlab/ci/build-images.gitlab-ci.yml index 3b360d66b7f..1b041c9af38 100644 --- a/.gitlab/ci/build-images.gitlab-ci.yml +++ b/.gitlab/ci/build-images.gitlab-ci.yml @@ -2,15 +2,11 @@ extends: .use-kaniko variables: GIT_LFS_SKIP_SMUDGE: 1 - script: - - scripts/checkout-mr-source-sha retry: 2 # This image is used by: # - The `review-qa-*` jobs -# - The downstream `omnibus-gitlab-mirror` pipeline triggered by `package-and-qa` so that it doesn't have to rebuild it again. -# The downstream `omnibus-gitlab-mirror` pipeline itself passes the image name to the `gitlab-qa-mirror` pipeline so that -# it can use it instead of inferring an end-to-end imag from the GitLab image built by the downstream `omnibus-gitlab-mirror` pipeline. +# - The `e2e:package-and-test` child pipeline test stage jobs # See https://docs.gitlab.com/ee/development/testing_guide/end_to_end/index.html#testing-code-in-merge-requests for more details. build-qa-image: extends: @@ -19,15 +15,23 @@ build-qa-image: stage: build-images needs: [] script: - - !reference [.base-image-build, script] + # Tag with commit SHA by default + - export QA_IMAGE="${CI_REGISTRY}/${CI_PROJECT_PATH}/gitlab-ee-qa:${CI_COMMIT_SHA}" + # For branches, tag with slugified branch name. For tags, use the tag directly + - export QA_IMAGE_BRANCH="${CI_REGISTRY}/${CI_PROJECT_PATH}/gitlab-ee-qa:${CI_COMMIT_TAG:-$CI_COMMIT_REF_SLUG}" + # Auto-deploy tag format uses first 12 letters of commit SHA. Tag with that + # reference also + - export QA_IMAGE_FOR_AUTO_DEPLOY="${CI_REGISTRY}/${CI_PROJECT_PATH}/gitlab-ee-qa:${CI_COMMIT_SHA:0:11}" - echo $QA_IMAGE - echo $QA_IMAGE_BRANCH + - echo $QA_IMAGE_FOR_AUTO_DEPLOY - | /kaniko/executor \ --context=${CI_PROJECT_DIR} \ --dockerfile=${CI_PROJECT_DIR}/qa/Dockerfile \ --destination=${QA_IMAGE} \ --destination=${QA_IMAGE_BRANCH} \ + --destination=${QA_IMAGE_FOR_AUTO_DEPLOY} \ --build-arg=CHROME_VERSION=${CHROME_VERSION} \ --build-arg=DOCKER_VERSION=${DOCKER_VERSION} \ --build-arg=QA_BUILD_TARGET=${QA_BUILD_TARGET:-qa} \ @@ -35,7 +39,7 @@ build-qa-image: # This image is used by: # - The `CNG` pipelines (via the `review-build-cng` job): https://gitlab.com/gitlab-org/build/CNG/-/blob/cfc67136d711e1c8c409bf8e57427a644393da2f/.gitlab-ci.yml#L335 -# - The `omnibus-gitlab` pipelines (via the `package-and-qa` job): https://gitlab.com/gitlab-org/omnibus-gitlab/-/blob/dfd1ad475868fc84e91ab7b5706aa03e46dc3a86/.gitlab-ci.yml#L130 +# - The `omnibus-gitlab` pipelines (via the `e2e:package-and-test` job): https://gitlab.com/gitlab-org/omnibus-gitlab/-/blob/dfd1ad475868fc84e91ab7b5706aa03e46dc3a86/.gitlab-ci.yml#L130 build-assets-image: extends: - .base-image-build @@ -43,7 +47,6 @@ build-assets-image: stage: build-images needs: ["compile-production-assets"] script: - - !reference [.base-image-build, script] # TODO: Change the image tag to be the MD5 of assets files and skip image building if the image exists # We'll also need to pass GITLAB_ASSETS_TAG to the trigerred omnibus-gitlab pipeline similarly to how we do it for trigerred CNG pipelines # https://gitlab.com/gitlab-org/gitlab/issues/208389 diff --git a/.gitlab/ci/docs.gitlab-ci.yml b/.gitlab/ci/docs.gitlab-ci.yml index 3af156e9bd0..7e157171183 100644 --- a/.gitlab/ci/docs.gitlab-ci.yml +++ b/.gitlab/ci/docs.gitlab-ci.yml @@ -44,7 +44,7 @@ docs-lint markdown: - .default-retry - .docs:rules:docs-lint # When updating the image version here, update it in /scripts/lint-doc.sh too. - image: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-docs/lint-markdown:alpine-3.16-vale-2.17.0-markdownlint-0.31.1 + image: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-docs/lint-markdown:alpine-3.16-vale-2.20.1-markdownlint-0.32.2 stage: lint needs: [] script: diff --git a/.gitlab/ci/frontend.gitlab-ci.yml b/.gitlab/ci/frontend.gitlab-ci.yml index 1d0218f4bd7..3bd65b565e4 100644 --- a/.gitlab/ci/frontend.gitlab-ci.yml +++ b/.gitlab/ci/frontend.gitlab-ci.yml @@ -18,6 +18,7 @@ # Disable warnings in browserslist which can break on backports # https://github.com/browserslist/browserslist/blob/a287ec6/node.js#L367-L384 BROWSERSLIST_IGNORE_OLD_DATA: "true" + WEBPACK_COMPILE_LOG_PATH: "tmp/webpack-output.log" stage: prepare script: - *yarn-install @@ -31,7 +32,6 @@ compile-production-assets: variables: NODE_ENV: "production" RAILS_ENV: "production" - WEBPACK_REPORT: "true" artifacts: name: webpack-report expire_in: 31d @@ -40,10 +40,9 @@ compile-production-assets: # - in `build-assets-image` job to create assets image for packaging systems # - GitLab UI for integration tests: https://gitlab.com/gitlab-org/gitlab-ui/-/blob/e88493b3c855aea30bf60baee692a64606b0eb1e/.storybook/preview-head.pug#L1 - public/assets/ - - webpack-report/ + - "${WEBPACK_COMPILE_LOG_PATH}" when: always before_script: - - scripts/checkout-mr-source-sha - !reference [.default-before_script, before_script] after_script: - rm -f /etc/apt/sources.list.d/google*.list # We don't need to update Chrome here @@ -57,6 +56,7 @@ compile-test-assets: paths: - public/assets/ - node_modules/@gitlab/svgs/dist/icons.json # app/helpers/icons_helper.rb uses this file + - "${WEBPACK_COMPILE_LOG_PATH}" when: always compile-test-assets as-if-foss: @@ -213,7 +213,15 @@ jest minimal: - !reference [jest, needs] - "detect-tests" script: - - run_timed_command "yarn jest:ci:minimal" + - if [[ -s "$RSPEC_CHANGED_FILES_PATH" ]]; then run_timed_command "yarn jest:ci:minimal"; fi + +jest as-if-foss: + extends: + - .jest-base + - .frontend:rules:jest:as-if-foss + - .as-if-foss + needs: ["rspec-all frontend_fixture as-if-foss"] + parallel: 2 jest minimal as-if-foss: extends: @@ -224,7 +232,7 @@ jest minimal as-if-foss: - "rspec-all frontend_fixture as-if-foss" - "detect-tests" script: - - run_timed_command "yarn jest:ci:minimal" + - if [[ -s "$RSPEC_CHANGED_FILES_PATH" ]]; then run_timed_command "yarn jest:ci:minimal"; fi jest-integration: extends: @@ -236,19 +244,11 @@ jest-integration: - job: "rspec-all frontend_fixture" - job: "graphql-schema-dump" -jest-as-if-foss: - extends: - - .jest-base - - .frontend:rules:default-frontend-jobs-as-if-foss - - .as-if-foss - needs: ["rspec-all frontend_fixture as-if-foss"] - parallel: 2 - coverage-frontend: extends: - .default-retry - .yarn-cache - - .frontend:rules:ee-mr-and-default-branch-only + - .frontend:rules:coverage-frontend needs: - job: "jest" optional: true @@ -260,7 +260,9 @@ coverage-frontend: script: - run_timed_command "yarn node scripts/frontend/merge_coverage_frontend.js" # Removing the individual coverage results, as we just merged them. - - rm -r coverage-frontend/jest-* + - if ls coverage-frontend/jest-* > /dev/null 2>&1; then + rm -r coverage-frontend/jest-*; + fi coverage: '/^Statements\s*:\s*?(\d+(?:\.\d+)?)%/' artifacts: name: coverage-frontend @@ -320,24 +322,20 @@ webpack-dev-server: bundle-size-review: extends: - .default-retry + - .assets-compile-cache - .frontend:rules:bundle-size-review image: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images:danger stage: test - needs: ["compile-production-assets"] + needs: [] script: - - source scripts/utils.sh - - mkdir -p bundle-size-review - - cp webpack-report/index.html bundle-size-review/bundle-report.html - - yarn global add https://gitlab.com/gitlab-org/frontend/playground/webpack-memory-metrics.git - - | - danger_id=$(echo -n ${DANGER_GITLAB_API_TOKEN} | md5sum | awk '{print $1}' | cut -c5-10) - run_timed_command "danger --dangerfile=danger/Dangerfile-bundle_size --fail-on-errors=true --verbose --danger_id=bundle-size-review-${danger_id}" + - *yarn-install + - scripts/bundle_size_review artifacts: when: always name: bundle-size-review expire_in: 31d paths: - - bundle-size-review + - bundle-size-review/ .startup-css-check-base: extends: diff --git a/.gitlab/ci/global.gitlab-ci.yml b/.gitlab/ci/global.gitlab-ci.yml index 9c92b11d4fd..7bdca62b68e 100644 --- a/.gitlab/ci/global.gitlab-ci.yml +++ b/.gitlab/ci/global.gitlab-ci.yml @@ -290,7 +290,7 @@ - name: postgres:12 command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"] - name: redis:6.0-alpine - - name: elasticsearch:8.2.0 + - name: elasticsearch:8.3.3 variables: POSTGRES_HOST_AUTH_METHOD: trust PG_VERSION: "12" diff --git a/.gitlab/ci/notify.gitlab-ci.yml b/.gitlab/ci/notify.gitlab-ci.yml index a8c156c7dba..95318d5ce08 100644 --- a/.gitlab/ci/notify.gitlab-ci.yml +++ b/.gitlab/ci/notify.gitlab-ci.yml @@ -7,6 +7,8 @@ MERGE_REQUEST_URL: ${CI_MERGE_REQUEST_PROJECT_URL}/-/merge_requests/${CI_MERGE_REQUEST_IID} before_script: - apk update && apk add git curl bash + - echo "NOTIFY_CHANNEL is ${NOTIFY_CHANNEL}" + - echo "CI_PIPELINE_URL is ${CI_PIPELINE_URL}" notify-update-gitaly: extends: @@ -16,11 +18,9 @@ notify-update-gitaly: when: on_failure allow_failure: true variables: - NOTIFY_CHANNEL: g_create_gitaly + NOTIFY_CHANNEL: g_gitaly GITALY_UPDATE_BRANCH: release-tools/update-gitaly script: - - echo "NOTIFY_CHANNEL is ${NOTIFY_CHANNEL}" - - echo "CI_PIPELINE_URL is ${CI_PIPELINE_URL}" - scripts/slack ${NOTIFY_CHANNEL} "☠️ \`${GITALY_UPDATE_BRANCH}\` failed! ☠️ See ${CI_PIPELINE_URL} (triggered from ${MERGE_REQUEST_URL})" ci_failing "GitLab QA Bot" notify-security-pipeline: @@ -30,7 +30,17 @@ notify-security-pipeline: variables: NOTIFY_CHANNEL: f_upcoming_release script: - - echo "NOTIFY_CHANNEL is ${NOTIFY_CHANNEL}" - - echo "CI_PIPELINE_URL is ${CI_PIPELINE_URL}" # <!subteam^S0127FU8PDE> mentions the `@release-managers` group - scripts/slack ${NOTIFY_CHANNEL} "<!subteam^S0127FU8PDE> ☠️ Pipeline for merged result failed! ☠️ See ${CI_PIPELINE_URL} (triggered from ${MERGE_REQUEST_URL})" ci_failing "GitLab Release Tools Bot" + +notify-pipeline-failure: + extends: + - .notify-slack + rules: + - if: '$NOTIFY_PIPELINE_FAILURE_CHANNEL' + when: on_failure + allow_failure: true + variables: + NOTIFY_CHANNEL: "${NOTIFY_PIPELINE_FAILURE_CHANNEL}" + script: + - scripts/slack ${NOTIFY_CHANNEL} "❌ \`${CI_COMMIT_REF_NAME}\` pipeline failed! See ${CI_PIPELINE_URL}" ci_failing "notify-pipeline-failure" diff --git a/.gitlab/ci/package-and-test/main.gitlab-ci.yml b/.gitlab/ci/package-and-test/main.gitlab-ci.yml new file mode 100644 index 00000000000..d96da7744ab --- /dev/null +++ b/.gitlab/ci/package-and-test/main.gitlab-ci.yml @@ -0,0 +1,600 @@ +# E2E tests pipeline loaded dynamically by script: scripts/generate-e2e-pipeline + +include: + - local: .gitlab/ci/global.gitlab-ci.yml + - local: .gitlab/ci/package-and-test/rules.gitlab-ci.yml + - local: .gitlab/ci/package-and-test/variables.gitlab-ci.yml + - project: gitlab-org/quality/pipeline-common + ref: 1.2.1 + file: + - /ci/base.gitlab-ci.yml + - /ci/allure-report.yml + - /ci/knapsack-report.yml + +stages: + - test + - report + - notify + +# ========================================== +# Templates +# ========================================== +.parallel: + parallel: 5 + variables: + QA_KNAPSACK_REPORT_PATH: $CI_PROJECT_DIR/qa/knapsack + +.ruby-image: + image: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images/debian-bullseye-ruby-${RUBY_VERSION}:bundler-2.3 + +.bundle-install: + extends: + - .gitlab-qa-install + - .qa-cache + variables: + RUN_WITH_BUNDLE: "true" # installs and runs gitlab-qa via bundler + QA_PATH: qa + +.omnibus-env: + variables: + BUILD_ENV: build.env + script: + - | + SECURITY_SOURCES=$([[ ! "$CI_PROJECT_NAMESPACE" =~ ^gitlab-org\/security ]] || echo "true") + echo "SECURITY_SOURCES=${SECURITY_SOURCES:-false}" > $BUILD_ENV + echo "OMNIBUS_GITLAB_CACHE_UPDATE=${OMNIBUS_GITLAB_CACHE_UPDATE:-false}" >> $BUILD_ENV + for version_file in *_VERSION; do echo "$version_file=$(cat $version_file)" >> $BUILD_ENV; done + echo "Built environment file for omnibus build:" + cat $BUILD_ENV + artifacts: + reports: + dotenv: $BUILD_ENV + +.update-script: + script: + - export QA_COMMAND="bundle exec gitlab-qa Test::Omnibus::UpdateFromPrevious $RELEASE $GITLAB_VERSION $UPDATE_TYPE -- $QA_RSPEC_TAGS $RSPEC_REPORT_OPTS" + - echo "Running - '$QA_COMMAND'" + - eval "$QA_COMMAND" + +.qa: + extends: + - .qa-base + - .bundle-install + - .gitlab-qa-report + stage: test + tags: + - e2e + needs: + - trigger-omnibus + - download-knapsack-report + variables: + QA_GENERATE_ALLURE_REPORT: "true" + QA_CAN_TEST_PRAEFECT: "false" + QA_INTERCEPT_REQUESTS: "true" + QA_RUN_TYPE: e2e-package-and-test + TEST_LICENSE_MODE: $QA_TEST_LICENSE_MODE + EE_LICENSE: $QA_EE_LICENSE + GITHUB_ACCESS_TOKEN: $QA_GITHUB_ACCESS_TOKEN + GITLAB_QA_ADMIN_ACCESS_TOKEN: $QA_ADMIN_ACCESS_TOKEN + +# ========================================== +# Prepare stage +# ========================================== +trigger-omnibus-env: + extends: + - .omnibus-env + - .rules:prepare + stage: .pre + +trigger-omnibus: + extends: .rules:prepare + stage: .pre + needs: + - trigger-omnibus-env + inherit: + variables: false + variables: + GITALY_SERVER_VERSION: $GITALY_SERVER_VERSION + GITLAB_ELASTICSEARCH_INDEXER_VERSION: $GITLAB_ELASTICSEARCH_INDEXER_VERSION + GITLAB_KAS_VERSION: $GITLAB_KAS_VERSION + GITLAB_METRICS_EXPORTER_VERSION: $GITLAB_METRICS_EXPORTER_VERSION + GITLAB_PAGES_VERSION: $GITLAB_PAGES_VERSION + GITLAB_SHELL_VERSION: $GITLAB_SHELL_VERSION + GITLAB_WORKHORSE_VERSION: $GITLAB_WORKHORSE_VERSION + GITLAB_VERSION: $CI_COMMIT_SHA + IMAGE_TAG: $CI_COMMIT_SHA + TOP_UPSTREAM_SOURCE_PROJECT: $CI_PROJECT_PATH + SECURITY_SOURCES: $SECURITY_SOURCES + CACHE_UPDATE: $OMNIBUS_GITLAB_CACHE_UPDATE + SKIP_QA_DOCKER: "true" + SKIP_QA_TEST: "true" + ee: "true" + trigger: + project: gitlab-org/build/omnibus-gitlab-mirror + strategy: depend + +download-knapsack-report: + extends: + - .bundle-install + - .ruby-image + - .rules:prepare + stage: .pre + script: + - bundle exec rake "knapsack:download[test]" + allow_failure: true + artifacts: + paths: + - qa/knapsack/ee-*.json + expire_in: 1 day + +# e2e test jobs run on separate runner which has separate cache setup +cache-gems: + extends: + - .bundle-install + - .ruby-image + - .qa-cache-push + - .rules:prepare + stage: .pre + tags: + - e2e + script: + - echo "Populated qa cache" + +# ========================================== +# Test stage +# ========================================== + +# ------------------------------------------ +# Manual jobs +# ------------------------------------------ + +# Run manual quarantine job +# this job requires passing QA_SCENARIO variable +# and optionally QA_TESTS to run specific quarantined tests +_ee:quarantine: + extends: + - .qa + - .rules:test:quarantine + needs: + - trigger-omnibus + stage: test + allow_failure: true + variables: + QA_RSPEC_TAGS: --tag quarantine + +# ------------------------------------------ +# FF changes +# ------------------------------------------ + +# Run specs with feature flags set to the opposite of the default state +ee:instance-parallel-ff-inverse: + extends: + - .qa + - .parallel + variables: + QA_SCENARIO: Test::Instance::Image + QA_KNAPSACK_REPORT_NAME: ee-instance-parallel + GITLAB_QA_OPTS: --set-feature-flags $QA_FEATURE_FLAGS + rules: + - !reference [.rules:test:feature-flags-deleted, rules] # skip job when only change is ff deletion + - !reference [.rules:test:feature-flags-set, rules] + +# ------------------------------------------ +# Jobs with parallel variant +# ------------------------------------------ +ee:instance: + extends: .qa + variables: + QA_SCENARIO: Test::Instance::Image + rules: + - !reference [.rules:test:qa-non-parallel, rules] + - if: $QA_SUITES =~ /Test::Instance::All/ +ee:instance-parallel: + extends: + - .parallel + - ee:instance + rules: + - !reference [.rules:test:feature-flags-set, rules] # always run instance-parallel to validate ff change + - !reference [.rules:test:qa-parallel, rules] + - if: $QA_SUITES =~ /Test::Instance::All/ + +ee:praefect: + extends: .qa + variables: + QA_SCENARIO: Test::Integration::Praefect + QA_CAN_TEST_PRAEFECT: "true" + rules: + - !reference [.rules:test:qa-non-parallel, rules] + - if: $QA_SUITES =~ /Test::Instance::All/ +ee:praefect-parallel: + extends: + - .parallel + - ee:praefect + rules: + - !reference [.rules:test:qa-parallel, rules] + - if: $QA_SUITES =~ /Test::Instance::All/ + +ee:relative-url: + extends: .qa + variables: + QA_SCENARIO: Test::Instance::RelativeUrl + rules: + - !reference [.rules:test:qa-non-parallel, rules] + - if: $QA_SUITES =~ /Test::Instance::All/ +ee:relative-url-parallel: + extends: + - .parallel + - ee:relative-url + rules: + - !reference [.rules:test:qa-parallel, rules] + - if: $QA_SUITES =~ /Test::Instance::All/ + +ee:decomposition-single-db: + extends: .qa + variables: + QA_SCENARIO: Test::Instance::Image + GITLAB_QA_OPTS: --omnibus-config decomposition_single_db + rules: + - !reference [.rules:test:qa-non-parallel, rules] + - if: $QA_SUITES =~ /Test::Instance::All/ +ee:decomposition-single-db-parallel: + extends: + - .parallel + - ee:decomposition-single-db + rules: + - !reference [.rules:test:qa-parallel, rules] + - if: $QA_SUITES =~ /Test::Instance::All/ + +ee:decomposition-multiple-db: + extends: .qa + variables: + QA_SCENARIO: Test::Instance::Image + GITLAB_QA_OPTS: --omnibus-config decomposition_multiple_db + rules: + - !reference [.rules:test:qa-non-parallel, rules] + - if: $QA_SUITES =~ /Test::Instance::All/ +ee:decomposition-multiple-db-parallel: + extends: + - .parallel + - ee:decomposition-multiple-db + rules: + - !reference [.rules:test:qa-parallel, rules] + - if: $QA_SUITES =~ /Test::Instance::All/ + +ee:object-storage: + extends: .qa + variables: + QA_SCENARIO: Test::Instance::Image + QA_RSPEC_TAGS: --tag object_storage + GITLAB_QA_OPTS: --omnibus-config object_storage + rules: + - !reference [.rules:test:qa-non-parallel, rules] + - if: $QA_SUITES =~ /Test::Instance::ObjectStorage/ +ee:object-storage-parallel: + extends: ee:object-storage + parallel: 2 + rules: + - !reference [.rules:test:qa-parallel, rules] + - if: $QA_SUITES =~ /Test::Instance::ObjectStorage/ + +ee:object-storage-aws: + extends: ee:object-storage + variables: + AWS_S3_ACCESS_KEY: $QA_AWS_S3_ACCESS_KEY + AWS_S3_BUCKET_NAME: $QA_AWS_S3_BUCKET_NAME + AWS_S3_KEY_ID: $QA_AWS_S3_KEY_ID + AWS_S3_REGION: $QA_AWS_S3_REGION + GITLAB_QA_OPTS: --omnibus-config object_storage_aws +ee:object-storage-aws-parallel: + extends: ee:object-storage-aws + parallel: 2 + rules: + - !reference [ee:object-storage-parallel, rules] + +ee:object-storage-gcs: + extends: ee:object-storage + variables: + GCS_BUCKET_NAME: $QA_GCS_BUCKET_NAME + GOOGLE_PROJECT: $QA_GOOGLE_PROJECT + GOOGLE_JSON_KEY: $QA_GOOGLE_JSON_KEY + GOOGLE_CLIENT_EMAIL: $QA_GOOGLE_CLIENT_EMAIL + GITLAB_QA_OPTS: --omnibus-config object_storage_gcs +ee:object-storage-gcs-parallel: + extends: ee:object-storage-gcs + parallel: 2 + rules: + - !reference [ee:object-storage-parallel, rules] + +ee:packages: + extends: .qa + variables: + QA_SCENARIO: Test::Instance::Image + QA_RSPEC_TAGS: --tag packages + GITLAB_QA_OPTS: --omnibus-config packages + rules: + - !reference [.rules:test:qa-non-parallel, rules] + - if: $QA_SUITES =~ /Test::Instance::Packages/ +ee:packages-parallel: + extends: ee:packages + parallel: 2 + rules: + - !reference [.rules:test:qa-parallel, rules] + - if: $QA_SUITES =~ /Test::Instance::Packages/ + +# ------------------------------------------ +# Non parallel jobs +# ------------------------------------------ +ee:update-minor: + extends: + - .qa + - .update-script + variables: + UPDATE_TYPE: minor + QA_RSPEC_TAGS: --tag smoke + rules: + - !reference [.rules:test:qa, rules] + - if: $QA_SUITES =~ /Test::Instance::Smoke/ + +ee:update-major: + extends: + - .qa + - .update-script + variables: + UPDATE_TYPE: major + QA_RSPEC_TAGS: --tag smoke + rules: + - !reference [.rules:test:qa, rules] + - if: $QA_SUITES =~ /Test::Instance::Smoke/ + +ee:gitaly-cluster: + extends: .qa + variables: + QA_SCENARIO: Test::Integration::GitalyCluster + rules: + - !reference [.rules:test:qa, rules] + - if: $QA_SUITES =~ /Test::Integration::GitalyCluster/ + +ee:group-saml: + extends: .qa + variables: + QA_SCENARIO: Test::Integration::GroupSAML + rules: + - !reference [.rules:test:qa, rules] + - if: $QA_SUITES =~ /Test::Integration::GroupSAML/ + +ee:instance-saml: + extends: .qa + variables: + QA_SCENARIO: Test::Integration::InstanceSAML + rules: + - !reference [.rules:test:qa, rules] + - if: $QA_SUITES =~ /Test::Integration::InstanceSAML/ + +ee:jira: + extends: .qa + variables: + QA_SCENARIO: Test::Integration::Jira + JIRA_ADMIN_USERNAME: $QA_JIRA_ADMIN_USERNAME + JIRA_ADMIN_PASSWORD: $QA_JIRA_ADMIN_PASSWORD + rules: + - !reference [.rules:test:qa, rules] + - if: $QA_SUITES =~ /Test::Integration::Jira/ + +ee:ldap-no-server: + extends: .qa + variables: + QA_SCENARIO: Test::Integration::LDAPNoServer + rules: + - !reference [.rules:test:qa, rules] + - if: $QA_SUITES =~ /Test::Integration::LDAPNoServer/ + +ee:ldap-tls: + extends: .qa + variables: + QA_SCENARIO: Test::Integration::LDAPTLS + rules: + - !reference [.rules:test:qa, rules] + - if: $QA_SUITES =~ /Test::Integration::LDAPTLS/ + +ee:ldap-no-tls: + extends: .qa + variables: + QA_SCENARIO: Test::Integration::LDAPNoTLS + rules: + - !reference [.rules:test:qa, rules] + - if: $QA_SUITES =~ /Test::Integration::LDAPNoTLS/ + +ee:mtls: + extends: .qa + variables: + QA_SCENARIO: Test::Integration::MTLS + rules: + - !reference [.rules:test:qa, rules] + - if: $QA_SUITES =~ /Test::Integration::MTLS/ + +ee:mattermost: + extends: .qa + variables: + QA_SCENARIO: Test::Integration::Mattermost + rules: + - !reference [.rules:test:qa, rules] + - if: $QA_SUITES =~ /Test::Integration::Mattermost/ + +ee:registry: + extends: .qa + variables: + QA_SCENARIO: Test::Integration::Registry + rules: + - !reference [.rules:test:qa, rules] + - if: $QA_SUITES =~ /Test::Integration::Registry/ + +ee:registry-with-cdn: + extends: .qa + variables: + QA_SCENARIO: Test::Integration::RegistryWithCDN + GCS_CDN_BUCKET_NAME: $QA_GCS_CDN_BUCKET_NAME + GOOGLE_CDN_LB: $QA_GOOGLE_CDN_LB + GOOGLE_CDN_JSON_KEY: $QA_GOOGLE_CDN_JSON_KEY + GOOGLE_CDN_SIGNURL_KEY: $QA_GOOGLE_CDN_SIGNURL_KEY + GOOGLE_CDN_SIGNURL_KEY_NAME: $QA_GOOGLE_CDN_SIGNURL_KEY_NAME + before_script: + - unset GITLAB_QA_ADMIN_ACCESS_TOKEN + - !reference [.qa, before_script] + rules: + - !reference [.rules:test:qa, rules] + - if: $QA_SUITES =~ /Test::Integration::RegistryWithCDN/ + +ee:repository-storage: + extends: .qa + variables: + QA_SCENARIO: Test::Instance::RepositoryStorage + rules: + - !reference [.rules:test:qa, rules] + - if: $QA_SUITES =~ /Test::Instance::RepositoryStorage/ + +ee:service-ping-disabled: + extends: .qa + variables: + QA_SCENARIO: Test::Integration::ServicePingDisabled + rules: + - !reference [.rules:test:qa, rules] + - if: $QA_SUITES =~ /Test::Integration::ServicePingDisabled/ + +ee:smtp: + extends: .qa + variables: + QA_SCENARIO: Test::Integration::SMTP + rules: + - !reference [.rules:test:qa, rules] + - if: $QA_SUITES =~ /Test::Integration::SMTP/ + +ee:cloud-activation: + extends: .qa + variables: + QA_SCENARIO: Test::Instance::Image + QA_RSPEC_TAGS: --tag cloud_activation + rules: + - !reference [.rules:test:qa, rules] + - if: $QA_SUITES =~ /Test::Integration::CloudActivation/ + +ee:large-setup: + extends: .qa + variables: + QA_SCENARIO: Test::Instance::Image + QA_RSPEC_TAGS: --tag can_use_large_setup + rules: + - !reference [.rules:test:qa, rules] + - if: $QA_SUITES =~ /Test::Instance::LargeSetup/ + +ee:metrics: + extends: .qa + variables: + QA_SCENARIO: Test::Integration::Metrics + rules: + - !reference [.rules:test:qa, rules] + - if: $QA_SUITES =~ /Test::Instance::Metrics/ + +ee:elasticsearch: + extends: .qa + variables: + QA_SCENARIO: "Test::Integration::Elasticsearch" + before_script: + - unset ELASTIC_URL # unset url which is globally defined in .gitlab-ci.yml + - !reference [.qa, before_script] + rules: + - !reference [.rules:test:qa, rules] + - if: $QA_SUITES =~ /Test::Integration::Elasticsearch/ + +ee:registry-object-storage-tls: + extends: ee:object-storage-aws + variables: + QA_SCENARIO: Test::Integration::RegistryTLS + QA_RSPEC_TAGS: "" + GITLAB_TLS_CERTIFICATE: $QA_GITLAB_TLS_CERTIFICATE + GITLAB_QA_OPTS: --omnibus-config registry_object_storage + +# ========================================== +# Post test stage +# ========================================== +e2e-test-report: + extends: + - .generate-allure-report-base + - .rules:report:allure-report + stage: report + variables: + GITLAB_AUTH_TOKEN: $GITLAB_QA_MR_ALLURE_REPORT_TOKEN + ALLURE_PROJECT_PATH: $CI_PROJECT_PATH + ALLURE_MERGE_REQUEST_IID: $CI_MERGE_REQUEST_IID + ALLURE_JOB_NAME: e2e-package-and-test + GIT_STRATEGY: none + artifacts: # save rspec results for displaying in parent pipeline + expire_in: 1 day + when: always + paths: + - gitlab-qa-run-*/**/rspec-*.xml + +upload-knapsack-report: + extends: + - .generate-knapsack-report-base + - .bundle-install + - .ruby-image + - .rules:report:process-results + stage: report + when: always + +relate-test-failures: + extends: + - .bundle-install + - .ruby-image + - .rules:report:process-results + stage: report + variables: + QA_FAILURES_REPORTING_PROJECT: gitlab-org/gitlab + QA_FAILURES_MAX_DIFF_RATIO: "0.15" + GITLAB_QA_ACCESS_TOKEN: $GITLAB_QA_PRODUCTION_ACCESS_TOKEN + when: on_failure + script: + - | + bundle exec gitlab-qa-report \ + --relate-failure-issue "$CI_PROJECT_DIR/gitlab-qa-run-*/**/rspec-*.json" \ + --project "$QA_FAILURES_REPORTING_PROJECT" \ + --max-diff-ratio "$QA_FAILURES_MAX_DIFF_RATIO" + +generate-test-session: + extends: + - .bundle-install + - .ruby-image + - .rules:report:process-results + stage: report + variables: + QA_TESTCASE_SESSIONS_PROJECT: gitlab-org/quality/testcase-sessions + GITLAB_QA_ACCESS_TOKEN: $QA_TEST_SESSION_TOKEN + GITLAB_CI_API_TOKEN: $QA_GITLAB_CI_TOKEN + when: always + script: + - | + bundle exec gitlab-qa-report \ + --generate-test-session "$CI_PROJECT_DIR/gitlab-qa-run-*/**/rspec-*.json" \ + --project "$QA_TESTCASE_SESSIONS_PROJECT" + artifacts: + when: always + expire_in: 1d + paths: + - qa/REPORT_ISSUE_URL + +notify-slack: + extends: + - .notify-slack-qa + - .bundle-install + - .ruby-image + - .rules:report:process-results + stage: notify + variables: + ALLURE_JOB_NAME: e2e-package-and-test + SLACK_ICON_EMOJI: ci_failing + STATUS_SYM: ☠️ + STATUS: failed + when: on_failure + script: + - bundle exec gitlab-qa-report --prepare-stage-reports "$CI_PROJECT_DIR/gitlab-qa-run-*/**/rspec-*.xml" # generate summary + - !reference [.notify-slack-qa, script] diff --git a/.gitlab/ci/package-and-test/rules.gitlab-ci.yml b/.gitlab/ci/package-and-test/rules.gitlab-ci.yml new file mode 100644 index 00000000000..d866dec1cd0 --- /dev/null +++ b/.gitlab/ci/package-and-test/rules.gitlab-ci.yml @@ -0,0 +1,99 @@ +# Specific specs passed +.specific-specs: &specific-specs + if: $QA_TESTS != "" + +# No specific specs passed +.all-specs: &all-specs + if: $QA_TESTS == "" + +# FF changes +.feature-flags-set: &feature-flags-set + if: $QA_FEATURE_FLAGS != "" + +# Only deleted feature flags +.feature-flags-deleted: &feature-flags-deleted + if: $QA_FEATURE_FLAGS != "" && $QA_FEATURE_FLAGS !~ /enabled|disabled/ + +# Manually trigger job on ff changes but with default ff state instead of inverted +.feature-flags-set-manual: &feature-flags-set-manual + <<: *feature-flags-set + when: manual + allow_failure: true + +# QA framework changes present +.qa-framework-changes: &qa-framework-changes + if: $QA_FRAMEWORK_CHANGES == "true" + +# Process test results (notify failure to slack, create test session report, relate test failures) +.process-test-results: &process-test-results + if: $PROCESS_TEST_RESULTS == "true" + +# Selective test execution against omnibus instance have following execution scenarios: +# * only e2e spec files changed - runs only changed specs +# * qa framework changes - runs full test suite +# * feature flag changed - runs full test suite with base gitlab instance configuration with both ff states +# * quarantined e2e spec - skips execution of e2e tests by creating a no-op pipeline + +# ------------------------------------------ +# Prepare +# ------------------------------------------ +.rules:prepare: + rules: + - when: always + +# ------------------------------------------ +# Test +# ------------------------------------------ +.rules:test:quarantine: + rules: + - when: manual + variables: + QA_TESTS: "" + +.rules:test:feature-flags-set: + rules: + # unset specific specs if pipeline has feature flag changes and run full suite + - <<: *feature-flags-set + variables: + QA_TESTS: "" + +.rules:test:feature-flags-deleted: + rules: + - <<: *feature-flags-deleted + when: never + +# parallel and non parallel rules are used for jobs that require parallel execution and thus need to switch +# between parallel and non parallel when only certain specs are executed +.rules:test:qa-non-parallel: + rules: + # always run parallel with full suite when framework changes present or ff state changed + - <<: *qa-framework-changes + when: never + - <<: *all-specs + when: never + - <<: *feature-flags-set + when: never + +.rules:test:qa-parallel: + rules: + - *qa-framework-changes + - <<: *specific-specs + when: never + - *feature-flags-set-manual + +# general qa job rule for jobs without the need to run in parallel +.rules:test:qa: + rules: + - *qa-framework-changes + - *feature-flags-set-manual + +# ------------------------------------------ +# Report +# ------------------------------------------ +.rules:report:allure-report: + rules: + - when: always + +.rules:report:process-results: + rules: + - *process-test-results diff --git a/.gitlab/ci/package-and-test/variables.gitlab-ci.yml b/.gitlab/ci/package-and-test/variables.gitlab-ci.yml new file mode 100644 index 00000000000..324092c80f4 --- /dev/null +++ b/.gitlab/ci/package-and-test/variables.gitlab-ci.yml @@ -0,0 +1,9 @@ +# Default variables for package-and-test + +variables: + RELEASE: "${REGISTRY_HOST}/${REGISTRY_GROUP}/build/omnibus-gitlab-mirror/gitlab-ee:${CI_COMMIT_SHA}" + SKIP_REPORT_IN_ISSUES: "true" + OMNIBUS_GITLAB_CACHE_UPDATE: "false" + QA_LOG_LEVEL: "info" + QA_TESTS: "" + QA_FEATURE_FLAGS: "" diff --git a/.gitlab/ci/qa.gitlab-ci.yml b/.gitlab/ci/qa.gitlab-ci.yml index a71aac4225e..c5a182b055a 100644 --- a/.gitlab/ci/qa.gitlab-ci.yml +++ b/.gitlab/ci/qa.gitlab-ci.yml @@ -1,5 +1,5 @@ .qa-job-base: - image: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images/debian-bullseye-ruby-2.7:bundler-2.3-chrome-103-docker-20.10.14 + image: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images/debian-bullseye-ruby-${RUBY_VERSION}:bundler-2.3-chrome-${CHROME_VERSION}-docker-${DOCKER_VERSION} extends: - .default-retry - .qa-cache @@ -57,7 +57,7 @@ qa:selectors-as-if-foss: - .qa:rules:as-if-foss - .as-if-foss -update-qa-cache: +qa:update-qa-cache: extends: - .qa-job-base - .qa-cache-push @@ -66,103 +66,40 @@ update-qa-cache: script: - echo "Cache has been updated and ready to be uploaded." -populate-qa-tests-var: +e2e:package-and-test: extends: - - .qa:rules:determine-qa-tests - image: ${GITLAB_DEPENDENCY_PROXY}ruby:2.7-alpine - stage: prepare - script: - - export QA_TESTS=$(scripts/determine-qa-tests --files $CHANGES_FILE --labels "$CI_MERGE_REQUEST_LABELS") - - 'echo "QA_TESTS=$QA_TESTS" >> qa_tests_var.env' - - 'echo "QA_TESTS: $QA_TESTS"' - artifacts: - expire_in: 2d - reports: - dotenv: qa_tests_var.env - paths: - - ${CHANGES_FILE} - - qa_tests_var.env - variables: - CHANGES_FILE: tmp/changed_files.txt - needs: - - detect-tests - -.package-and-qa-base: - image: ${GITLAB_DEPENDENCY_PROXY}ruby:${RUBY_VERSION}-alpine + - .qa:rules:package-and-test stage: qa - retry: 0 - before_script: - - source scripts/utils.sh - - install_gitlab_gem - - tooling/bin/find_change_diffs ${CHANGES_DIFFS_DIR} - script: - - 'echo "QA_TESTS: $QA_TESTS"' - - exit_code=0 && tooling/bin/qa/run_qa_check ${CHANGES_DIFFS_DIR} || exit_code=$? - - echo $exit_code - - | - if [ $exit_code -eq 0 ]; then - ./scripts/trigger-build.rb omnibus - elif [ $exit_code -eq 1 ]; then - exit 1 - else - echo "Downstream jobs will not be triggered because run_qa_check exited with code: $exit_code" - fi - # These jobs often time out, so temporarily use private runners and a long timeout: https://gitlab.com/gitlab-org/gitlab/-/issues/238563 - tags: - - prm - timeout: 4h needs: - - job: build-qa-image - artifacts: false - - job: build-assets-image - artifacts: false - - job: populate-qa-tests-var - - detect-tests - artifacts: - expire_in: 7d - paths: - - ${CHANGES_DIFFS_DIR}/* + - build-assets-image + - build-qa-image + - e2e-test-pipeline-generate variables: - CHANGES_DIFFS_DIR: tmp/diffs - ALLURE_JOB_NAME: $CI_JOB_NAME - -.package-and-qa-ff-base: - script: - - | - feature_flags=$(scripts/changed-feature-flags --files $CHANGES_DIFFS_DIR --state $QA_FF_STATE) - if [[ $feature_flags ]]; then - export GITLAB_QA_OPTIONS="--set-feature-flags $feature_flags" - echo $GITLAB_QA_OPTIONS - ./scripts/trigger-build.rb omnibus - else - echo "No changed feature flag found to test as $QA_FF_STATE." - fi - -package-and-qa: - extends: - - .package-and-qa-base - - .qa:rules:package-and-qa + SKIP_MESSAGE: Skipping package-and-test due to mr containing only quarantine changes! + trigger: + strategy: depend + include: + - artifact: package-and-test-pipeline.yml + job: e2e-test-pipeline-generate -package-and-qa-ff-enabled: +# Fetch child pipeline test results and store in parent pipeline +# workaround until natively implemented: https://gitlab.com/groups/gitlab-org/-/epics/8205 +e2e:package-and-test-results: + image: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images/debian-bullseye-ruby-${RUBY_VERSION}:bundler-2.3 extends: - - .package-and-qa-base - - .package-and-qa-ff-base - - .qa:rules:package-and-qa:feature-flags - variables: - QA_FF_STATE: "enabled" - -package-and-qa-ff-disabled: - extends: - - .package-and-qa-base - - .package-and-qa-ff-base - - .qa:rules:package-and-qa:feature-flags - variables: - QA_FF_STATE: "disabled" - -package-and-qa-ff-deleted: - extends: - - .package-and-qa-base - - .package-and-qa-ff-base - - .qa:rules:package-and-qa:feature-flags + - .qa-job-base + - .qa:rules:package-and-test + stage: qa + needs: + - e2e:package-and-test variables: - QA_FF_STATE: "deleted" + COLORIZED_LOGS: "true" + QA_LOG_LEVEL: "debug" + when: always + allow_failure: true + script: + - bundle exec rake "ci:download_test_results[e2e:package-and-test,e2e-test-report,${CI_PROJECT_DIR}]" + artifacts: + when: always + reports: + junit: gitlab-qa-run-*/**/rspec-*.xml diff --git a/.gitlab/ci/rails.gitlab-ci.yml b/.gitlab/ci/rails.gitlab-ci.yml index 50c86313d29..0f524f03188 100644 --- a/.gitlab/ci/rails.gitlab-ci.yml +++ b/.gitlab/ci/rails.gitlab-ci.yml @@ -8,11 +8,13 @@ .base-script: script: + - source ./scripts/rspec_helpers.sh # Only install knapsack after bundle install! Otherwise oddly some native # gems could not be found under some circumstance. No idea why, hours wasted. - run_timed_command "gem install knapsack --no-document" - - run_timed_command "scripts/gitaly-test-spawn" - - source ./scripts/rspec_helpers.sh + - echo -e "\e[0Ksection_start:`date +%s`:gitaly-test-spawn[collapsed=true]\r\e[0KStarting Gitaly" + - run_timed_command "scripts/gitaly-test-spawn" # Do not use 'bundle exec' here + - echo -e "\e[0Ksection_end:`date +%s`:gitaly-test-spawn\r\e[0K" .minimal-rspec-tests: variables: @@ -129,28 +131,28 @@ ############################ # rspec job parallel configs .rspec-migration-parallel: - parallel: 9 + parallel: 12 .rspec-ee-migration-parallel: - parallel: 3 + parallel: 4 .rspec-unit-parallel: - parallel: 22 + parallel: 28 .rspec-ee-unit-parallel: - parallel: 16 + parallel: 18 .rspec-integration-parallel: - parallel: 10 + parallel: 12 .rspec-ee-integration-parallel: - parallel: 4 + parallel: 6 .rspec-system-parallel: - parallel: 24 + parallel: 28 .rspec-ee-system-parallel: - parallel: 6 + parallel: 10 # rspec job parallel configs ############################ @@ -165,6 +167,7 @@ setup-test-env: variables: SETUP_DB: "false" script: + - echo $CI_MERGE_REQUEST_APPROVED - source scripts/gitlab_workhorse_component_helpers.sh - run_timed_command "download_and_extract_gitlab_workhorse_package" || true - run_timed_command "scripts/setup-test-env" @@ -175,14 +178,10 @@ setup-test-env: artifacts: expire_in: 7d paths: - - config/secrets.yml - ${TMP_TEST_FOLDER}/gitaly/_build/bin/ - - ${TMP_TEST_FOLDER}/gitaly/_build/deps/git/install - ${TMP_TEST_FOLDER}/gitaly/config.toml - ${TMP_TEST_FOLDER}/gitaly/gitaly2.config.toml - ${TMP_TEST_FOLDER}/gitaly/internal/ - - ${TMP_TEST_FOLDER}/gitaly/run/ - - ${TMP_TEST_FOLDER}/gitaly/run2/ - ${TMP_TEST_FOLDER}/gitaly/Makefile - ${TMP_TEST_FOLDER}/gitaly/praefect.config.toml - ${TMP_TEST_FOLDER}/gitaly/praefect-db.config.toml @@ -379,51 +378,19 @@ db:migrate:reset single-db: - .single-db - .rails:rules:single-db -db:migrate-from-previous-major-version: - extends: .db-job-base - variables: - USE_BUNDLE_INSTALL: "false" - SETUP_DB: "false" - PROJECT_TO_CHECKOUT: "gitlab-foss" - TAG_TO_CHECKOUT: "v14.10.2" - before_script: - - !reference [.default-before_script, before_script] - - '[[ -d "ee/" ]] || export PROJECT_TO_CHECKOUT="gitlab"' - - '[[ -d "ee/" ]] || export TAG_TO_CHECKOUT="${TAG_TO_CHECKOUT}-ee"' - - retry 'git fetch https://gitlab.com/gitlab-org/$PROJECT_TO_CHECKOUT.git $TAG_TO_CHECKOUT' - - git checkout -f FETCH_HEAD - - SETUP_DB=false USE_BUNDLE_INSTALL=true ENABLE_BOOTSNAP=false bash scripts/prepare_build.sh - - run_timed_command "ENABLE_BOOTSNAP=false bundle exec rake db:drop db:create db:structure:load db:migrate db:seed_fu" - - git checkout -f $CI_COMMIT_SHA - - SETUP_DB=false USE_BUNDLE_INSTALL=true bash scripts/prepare_build.sh - script: - - run_timed_command "scripts/db_tasks db:migrate" - -db:migrate-from-previous-major-version-single-db: - extends: - - db:migrate-from-previous-major-version - - .single-db - - .rails:rules:single-db - -.db:check-schema-base: +db:check-schema: extends: + - .db-job-base - .rails:rules:ee-mr-and-default-branch-only - variables: - TAG_TO_CHECKOUT: "v14.7.0" # this version updated grpc to 1.42.0, which supports Ruby 2 & 3 script: + - run_timed_command "bundle exec rake db:drop db:create" - run_timed_command "scripts/db_tasks db:migrate" - - scripts/schema_changed.sh - - scripts/validate_migration_timestamps - -db:check-schema: - extends: - - db:migrate-from-previous-major-version - - .db:check-schema-base db:check-schema-single-db: extends: - - db:migrate-from-previous-major-version-single-db - - .db:check-schema-base + - db:check-schema + - .single-db + - .rails:rules:single-db db:check-migrations: extends: @@ -624,7 +591,7 @@ rspec:feature-flags: stage: post-test needs: - job: "feature-flags-usage" - - job: "haml-lint foss" + - job: "haml-lint" - job: "haml-lint ee" optional: true script: @@ -970,7 +937,7 @@ rspec fail-fast: needs: ["setup-test-env", "retrieve-tests-metadata", "compile-test-assets", "detect-tests"] script: - !reference [.base-script, script] - - rspec_fail_fast tmp/matching_tests.txt "--tag ~quarantine" + - rspec_fail_fast "${RSPEC_MATCHING_TESTS_PATH}" "--tag ~quarantine" artifacts: expire_in: 7d paths: @@ -980,10 +947,10 @@ rspec foss-impact: extends: - .rspec-base-pg12-as-if-foss - .rails:rules:rspec-foss-impact - needs: ["setup-test-env", "retrieve-tests-metadata", "compile-test-assets as-if-foss", "detect-tests as-if-foss"] + needs: ["setup-test-env", "retrieve-tests-metadata", "compile-test-assets as-if-foss", "detect-tests"] script: - !reference [.base-script, script] - - rspec_matched_foss_tests tmp/matching_foss_tests.txt "--tag ~quarantine" + - rspec_matched_foss_tests "${RSPEC_MATCHING_TESTS_PATH}" "--tag ~quarantine" artifacts: expire_in: 7d paths: diff --git a/.gitlab/ci/review-apps/main.gitlab-ci.yml b/.gitlab/ci/review-apps/main.gitlab-ci.yml index 37ccecc0562..e28ffc82811 100644 --- a/.gitlab/ci/review-apps/main.gitlab-ci.yml +++ b/.gitlab/ci/review-apps/main.gitlab-ci.yml @@ -8,6 +8,7 @@ stages: include: - local: .gitlab/ci/global.gitlab-ci.yml - local: .gitlab/ci/rules.gitlab-ci.yml + - local: .gitlab/ci/review-apps/rules.gitlab-ci.yml - local: .gitlab/ci/review-apps/qa.gitlab-ci.yml - local: .gitlab/ci/review-apps/dast.gitlab-ci.yml @@ -94,6 +95,7 @@ review-deploy: - export GITALY_VERSION=$(<GITALY_SERVER_VERSION) - export GITLAB_WORKHORSE_VERSION=$(<GITLAB_WORKHORSE_VERSION) - echo "${CI_ENVIRONMENT_URL}" > environment_url.txt + - echo "QA_GITLAB_URL=${CI_ENVIRONMENT_URL}" > environment.env - *base-before_script script: - check_kube_domain @@ -102,7 +104,6 @@ review-deploy: - deploy || (display_deployment_debug && exit 1) - verify_deploy || exit 1 - disable_sign_ups || (delete_release && exit 1) - - create_sample_projects after_script: # Run seed-dast-test-data.sh only when DAST_RUN is set to true. This is to pupulate review app with data for DAST scan. # Set DAST_RUN to true when jobs are manually scheduled. @@ -110,9 +111,27 @@ review-deploy: artifacts: paths: - environment_url.txt + reports: + dotenv: environment.env expire_in: 7 days when: always +review-deploy-sample-projects: + extends: + - .review-workflow-base + - .review:rules:review-deploy + stage: deploy + needs: ["review-deploy"] + before_script: + - export GITLAB_SHELL_VERSION=$(<GITLAB_SHELL_VERSION) + - export GITALY_VERSION=$(<GITALY_SERVER_VERSION) + - export GITLAB_WORKHORSE_VERSION=$(<GITLAB_WORKHORSE_VERSION) + - echo "${CI_ENVIRONMENT_URL}" > environment_url.txt + - *base-before_script + script: + - date + - create_sample_projects + .review-stop-base: extends: .review-workflow-base environment: diff --git a/.gitlab/ci/review-apps/qa.gitlab-ci.yml b/.gitlab/ci/review-apps/qa.gitlab-ci.yml index 631fe7fef30..21e6a8e42fb 100644 --- a/.gitlab/ci/review-apps/qa.gitlab-ci.yml +++ b/.gitlab/ci/review-apps/qa.gitlab-ci.yml @@ -1,6 +1,6 @@ include: - project: gitlab-org/quality/pipeline-common - ref: 0.13.0 + ref: 1.2.2 file: - /ci/allure-report.yml - /ci/knapsack-report.yml @@ -8,85 +8,57 @@ include: .test-variables: variables: QA_GENERATE_ALLURE_REPORT: "true" - COLORIZED_LOGS: "true" + QA_CAN_TEST_PRAEFECT: "false" GITLAB_USERNAME: "root" GITLAB_PASSWORD: "${REVIEW_APPS_ROOT_PASSWORD}" GITLAB_ADMIN_USERNAME: "root" GITLAB_ADMIN_PASSWORD: "${REVIEW_APPS_ROOT_PASSWORD}" GITLAB_QA_ADMIN_ACCESS_TOKEN: "${REVIEW_APPS_ROOT_TOKEN}" - GITHUB_ACCESS_TOKEN: "${REVIEW_APPS_QA_GITHUB_ACCESS_TOKEN}" + GITHUB_ACCESS_TOKEN: "${QA_GITHUB_ACCESS_TOKEN}" .bundle-base: extends: - .qa-cache image: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images/debian-bullseye-ruby-${RUBY_VERSION}:bundler-2.3 before_script: - - export QA_GITLAB_URL="$(cat environment_url.txt)" - cd qa && bundle install .review-qa-base: + image: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images/debian-bullseye-ruby-${RUBY_VERSION}:bundler-2.3-git-2.33-lfs-2.9-chrome-${CHROME_VERSION}-docker-${DOCKER_VERSION}-gcloud-383-kubectl-1.23 extends: - .use-docker-in-docker - .bundle-base - .test-variables - image: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images/debian-bullseye-ruby-${RUBY_VERSION}:bundler-2.3-git-2.33-lfs-2.9-chrome-${CHROME_VERSION}-docker-${DOCKER_VERSION}-gcloud-383-kubectl-1.23 stage: qa needs: - review-deploy - download-knapsack-report variables: - DOCKER_HOST: tcp://docker:2376 - DOCKER_TLS_CERTDIR: /certs - DOCKER_CERT_PATH: /certs/client - DOCKER_TLS_VERIFY: 1 GIT_LFS_SKIP_SMUDGE: 1 WD_INSTALL_DIR: /usr/local/bin - before_script: - - scripts/checkout-mr-source-sha - - !reference [.bundle-base, before_script] + RSPEC_REPORT_OPTS: --force-color --order random --format documentation --format RspecJunitFormatter --out tmp/rspec-${CI_JOB_ID}.xml script: - export EE_LICENSE="$(cat $REVIEW_APPS_EE_LICENSE_FILE)" - - qa_run_status=0 + - QA_COMMAND="bundle exec bin/qa ${QA_SCENARIO} ${QA_GITLAB_URL} -- ${QA_TESTS} ${RSPEC_REPORT_OPTS}" + - echo "Running - '${QA_COMMAND}'" + - eval "$QA_COMMAND" + after_script: - | - bundle exec rake "knapsack:rspec[\ - ${RSPEC_TAGS} \ - --tag ~orchestrated \ - --tag ~transient \ - --tag ~skip_signup_disabled \ - --tag ~requires_git_protocol_v2 \ - --tag ~requires_praefect \ - --force-color \ - --order random \ - --format documentation \ - --format RspecJunitFormatter --out tmp/rspec.xml \ - ]" || qa_run_status=$? - - if [ ${qa_run_status} -ne 0 ]; then - release_sha=$(echo "${CI_MERGE_REQUEST_SOURCE_BRANCH_SHA:-${CI_COMMIT_SHA}}" | cut -c1-11); - echo "Errors can be found at https://sentry.gitlab.net/gitlab/gitlab-review-apps/releases/${release_sha}/all-events/."; - fi - - exit ${qa_run_status} + echo "Sentry errors for the current review-app test run can be found via following url:" + echo "https://sentry.gitlab.net/gitlab/gitlab-review-apps/releases/$(echo "${CI_COMMIT_SHA}" | cut -c1-11)/all-events/." artifacts: paths: - qa/tmp reports: - junit: qa/tmp/rspec.xml + junit: qa/tmp/rspec-*.xml expire_in: 7 days when: always -.allure-report-base: - extends: .generate-allure-report-base - stage: post-qa - variables: - GITLAB_AUTH_TOKEN: $GITLAB_QA_MR_ALLURE_REPORT_TOKEN - ALLURE_PROJECT_PATH: $CI_PROJECT_PATH - ALLURE_MERGE_REQUEST_IID: $CI_MERGE_REQUEST_IID - ALLURE_RESULTS_GLOB: qa/tmp/allure-results/* - # Store knapsack report as artifact so the same report is reused across all jobs download-knapsack-report: extends: - .bundle-base - - .review:rules:review-qa-reliable + - .rules:app-or-qa-framework-changes-or-review-scenarios stage: prepare script: - bundle exec rake "knapsack:download[qa]" @@ -99,30 +71,39 @@ download-knapsack-report: review-qa-smoke: extends: - .review-qa-base - - .review:rules:review-qa-smoke - retry: 1 + - .rules:qa-smoke variables: + QA_SCENARIO: Test::Instance::Smoke QA_RUN_TYPE: review-qa-smoke - RSPEC_TAGS: --tag smoke + retry: 1 -review-qa-reliable: +review-qa-blocking: extends: - .review-qa-base - - .review:rules:review-qa-reliable + - .rules:qa-blocking + variables: + QA_SCENARIO: Test::Instance::ReviewBlocking + QA_RUN_TYPE: review-qa-blocking retry: 1 +review-qa-blocking-parallel: + extends: + - review-qa-blocking + - .rules:qa-blocking-parallel parallel: 10 - variables: - QA_RUN_TYPE: review-qa-reliable - RSPEC_TAGS: --tag reliable --tag sanity_feature_flags -review-qa-all: +review-qa-non-blocking: extends: - .review-qa-base - - .review:rules:review-qa-all - parallel: 5 + - .rules:qa-non-blocking variables: - QA_RUN_TYPE: review-qa-all - RSPEC_TAGS: --tag ~reliable --tag ~smoke --tag ~sanity_feature_flags + QA_SCENARIO: Test::Instance::ReviewNonBlocking + QA_RUN_TYPE: review-qa-non-blocking + allow_failure: true +review-qa-non-blocking-parallel: + extends: + - review-qa-non-blocking + - .rules:qa-non-blocking-parallel + parallel: 5 review-performance: extends: @@ -150,27 +131,25 @@ review-performance: performance: performance.json expire_in: 31d -# Generate single report for both smoke and reliable test jobs -# Both job types are essentially the same: -# * always executed -# * always blocking -allure-report-qa-blocking: - extends: - - .allure-report-base - - .review:rules:review-qa-blocking-report - needs: - - review-qa-smoke - - review-qa-reliable - variables: - ALLURE_JOB_NAME: review-qa-blocking - -allure-report-qa-all: +e2e-test-report: extends: - - .allure-report-base - - .review:rules:review-qa-all-report - needs: ["review-qa-all"] + - .generate-allure-report-base + - .rules:app-or-qa-framework-changes-or-review-scenarios + stage: post-qa variables: - ALLURE_JOB_NAME: review-qa-all + ALLURE_JOB_NAME: e2e-review-qa + ALLURE_PROJECT_PATH: $CI_PROJECT_PATH + ALLURE_RESULTS_GLOB: qa/tmp/allure-results/* + ALLURE_MERGE_REQUEST_IID: $CI_MERGE_REQUEST_IID + GITLAB_AUTH_TOKEN: $GITLAB_QA_MR_ALLURE_REPORT_TOKEN + GIT_STRATEGY: none + allow_failure: true + when: always + artifacts: # re-save rspec results for displaying in parent pipeline + expire_in: 1 day + when: always + paths: + - qa/tmp/rspec-*.xml upload-knapsack-report: extends: @@ -183,13 +162,13 @@ upload-knapsack-report: delete-test-resources: extends: - .bundle-base - - .review:rules:review-qa-cleanup + - .rules:app-or-qa-framework-changes-or-review-scenarios stage: post-qa variables: QA_TEST_RESOURCES_FILE_PATTERN: $CI_PROJECT_DIR/qa/tmp/test-resources-*.json GITLAB_QA_ACCESS_TOKEN: $REVIEW_APPS_ROOT_TOKEN - COLORIZED_LOGS: "true" script: - export GITLAB_ADDRESS="$QA_GITLAB_URL" - bundle exec rake "test_resources:delete[$QA_TEST_RESOURCES_FILE_PATTERN]" allow_failure: true + when: always diff --git a/.gitlab/ci/review-apps/rules.gitlab-ci.yml b/.gitlab/ci/review-apps/rules.gitlab-ci.yml new file mode 100644 index 00000000000..56d3731bb56 --- /dev/null +++ b/.gitlab/ci/review-apps/rules.gitlab-ci.yml @@ -0,0 +1,81 @@ +# Specific specs passed +.specific-specs: &specific-specs + if: $QA_TESTS != "" + +# No specific specs passed +.all-specs: &all-specs + if: $QA_TESTS == "" + +# No specific specs in mr pipeline +.all-specs-mr: &all-specs-mr + if: $CI_MERGE_REQUEST_IID && $QA_TESTS == "" + when: manual + +# Triggered by change pattern +.app-changes: &app-changes + if: $APP_CHANGE_TRIGGER == "true" + +# QA framework changes present +.qa-framework-changes: &qa-framework-changes + if: $QA_FRAMEWORK_CHANGES == "true" + +.never-when-qa-framework-changes-or-no-specific-specs: + - <<: *qa-framework-changes + when: never + - <<: *all-specs + when: never + +.never-when-specific-specs-always-when-qa-framework-changes: + - <<: *specific-specs + when: never + - *qa-framework-changes + +# ------------------------------------------ +# Test +# ------------------------------------------ +.rules:qa-smoke: + rules: + # always trigger smoke suite if review pipeline got triggered by specific changes in application code + - <<: *app-changes + variables: + QA_TESTS: "" # unset QA_TESTS even if specific tests were inferred from stage label + - *qa-framework-changes + - if: $QA_SUITES =~ /Test::Instance::Smoke/ + +.rules:qa-blocking: + rules: + - <<: *app-changes + when: never + - !reference [.never-when-qa-framework-changes-or-no-specific-specs] + - if: $QA_SUITES =~ /Test::Instance::ReviewBlocking/ +.rules:qa-blocking-parallel: + rules: + # always trigger blocking suite if review pipeline got triggered by specific changes in application code + - <<: *app-changes + variables: + QA_TESTS: "" # unset QA_TESTS even if specific tests were inferred from stage label + - !reference [.never-when-specific-specs-always-when-qa-framework-changes] + - if: $QA_SUITES =~ /Test::Instance::ReviewBlocking/ + +.rules:qa-non-blocking: + rules: + - !reference [.never-when-qa-framework-changes-or-no-specific-specs] + - if: $QA_SUITES =~ /Test::Instance::ReviewNonBlocking/ +.rules:qa-non-blocking-parallel: + rules: + - !reference [.never-when-specific-specs-always-when-qa-framework-changes] + - *all-specs-mr # set full suite to manual when no specific specs passed in mr + - if: $QA_SUITES =~ /Test::Instance::ReviewNonBlocking/ + +# ------------------------------------------ +# Prepare/Report +# ------------------------------------------ +# if no rules for test execution are matched, pipeline will not have e2e test jobs +# so we need to skip knapsack, allure and test resource deletion jobs as well +.rules:app-or-qa-framework-changes-or-review-scenarios: + rules: + - *app-changes + - *qa-framework-changes + - if: $QA_SUITES =~ /Test::Instance::Smoke/ + - if: $QA_SUITES =~ /Test::Instance::ReviewBlocking/ + - if: $QA_SUITES =~ /Test::Instance::ReviewNonBlocking/ diff --git a/.gitlab/ci/review-apps/skip-qa.gitlab-ci.yml b/.gitlab/ci/review-apps/skip-qa.gitlab-ci.yml deleted file mode 100644 index 1305673a4d8..00000000000 --- a/.gitlab/ci/review-apps/skip-qa.gitlab-ci.yml +++ /dev/null @@ -1,13 +0,0 @@ -stages: - - review - -include: - - local: .gitlab/ci/global.gitlab-ci.yml - - local: .gitlab/ci/rules.gitlab-ci.yml - -no-op: - extends: - - .review:rules:start-review-app-pipeline - stage: review - script: - - echo "Skip Review App because the MR includes only quarantine changes" diff --git a/.gitlab/ci/review.gitlab-ci.yml b/.gitlab/ci/review.gitlab-ci.yml index 4f51409d6a8..46e62829394 100644 --- a/.gitlab/ci/review.gitlab-ci.yml +++ b/.gitlab/ci/review.gitlab-ci.yml @@ -23,42 +23,13 @@ review-cleanup: - ruby -rrubygems scripts/review_apps/automated_cleanup.rb - gcp_cleanup -review-app-pipeline-generate: - image: ${GITLAB_DEPENDENCY_PROXY}ruby:${RUBY_VERSION} - stage: prepare - extends: - - .review:rules:start-review-app-pipeline - artifacts: - expire_in: 7d - paths: - - ${CHANGES_DIFFS_DIR}/* - - review-app-pipeline.yml - variables: - CHANGES_DIFFS_DIR: tmp/diffs - before_script: - - source scripts/utils.sh - - install_gitlab_gem - - tooling/bin/find_change_diffs ${CHANGES_DIFFS_DIR} - script: - - exit_code=0 && tooling/bin/qa/run_qa_check ${CHANGES_DIFFS_DIR} || exit_code=$? - - | - if [ $exit_code -eq 0 ]; then - echo "Review App will use the full pipeline" - cp .gitlab/ci/review-apps/main.gitlab-ci.yml review-app-pipeline.yml - elif [ $exit_code -eq 2 ]; then - echo "Skip Review App because the MR includes only quarantine changes" - cp .gitlab/ci/review-apps/skip-qa.gitlab-ci.yml review-app-pipeline.yml - else - exit $exit_code - fi - start-review-app-pipeline: extends: - .review:rules:start-review-app-pipeline resource_group: review/${CI_COMMIT_REF_SLUG}${SCHEDULE_TYPE} # CI_ENVIRONMENT_SLUG is not available here and we want this to be the same as the environment stage: review needs: - - review-app-pipeline-generate + - job: e2e-test-pipeline-generate - job: build-assets-image artifacts: false # These variables are set in the pipeline schedules. @@ -67,11 +38,36 @@ start-review-app-pipeline: variables: SCHEDULE_TYPE: $SCHEDULE_TYPE DAST_RUN: $DAST_RUN + SKIP_MESSAGE: Skipping review-app due to mr containing only quarantine changes! trigger: + strategy: depend include: - artifact: review-app-pipeline.yml - job: review-app-pipeline-generate - strategy: depend + job: e2e-test-pipeline-generate + +# Fetch child pipeline test results and store in parent pipeline +# workaround until natively implemented: https://gitlab.com/groups/gitlab-org/-/epics/8205 +review-app-test-results: + image: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images/debian-bullseye-ruby-${RUBY_VERSION}:bundler-2.3 + stage: review + extends: + - .qa-cache + - .review:rules:start-review-app-pipeline + needs: + - start-review-app-pipeline + variables: + COLORIZED_LOGS: "true" + QA_LOG_LEVEL: "debug" + before_script: + - cd qa && bundle install + script: + - bundle exec rake "ci:download_test_results[start-review-app-pipeline,e2e-test-report,${CI_PROJECT_DIR}]" + when: always + allow_failure: true + artifacts: + when: always + reports: + junit: qa/tmp/rspec-*.xml danger-review: extends: diff --git a/.gitlab/ci/rules.gitlab-ci.yml b/.gitlab/ci/rules.gitlab-ci.yml index fcb853a7bd2..9dc2f5eff23 100644 --- a/.gitlab/ci/rules.gitlab-ci.yml +++ b/.gitlab/ci/rules.gitlab-ci.yml @@ -20,13 +20,7 @@ if: '$CI_COMMIT_REF_NAME == $CI_DEFAULT_BRANCH || $CI_COMMIT_REF_NAME =~ /^[\d-]+-stable(-ee)?$/ || $CI_COMMIT_REF_NAME =~ /^\d+-\d+-auto-deploy-\d+$/ || $CI_COMMIT_REF_NAME =~ /^security\// || $CI_MERGE_REQUEST_IID || $CI_COMMIT_TAG || $FORCE_GITLAB_CI' .if-default-branch-refs: &if-default-branch-refs - if: '$CI_COMMIT_REF_NAME == $CI_DEFAULT_BRANCH' - -.if-stable-branch-refs: &if-stable-branch-refs - if: '$CI_COMMIT_REF_NAME =~ /^[\d-]+-stable(-ee)?$/' - -.if-default-branch-push: &if-default-branch-push - if: '$CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH && $CI_PIPELINE_SOURCE == "push"' + if: '$CI_COMMIT_REF_NAME == $CI_DEFAULT_BRANCH && $CI_MERGE_REQUEST_IID == null' .if-auto-deploy-branches: &if-auto-deploy-branches if: '$CI_COMMIT_BRANCH =~ /^\d+-\d+-auto-deploy-\d+$/' @@ -130,7 +124,7 @@ .if-dot-com-gitlab-org-and-security-merge-request-and-qa-tests-specified: &if-dot-com-gitlab-org-and-security-merge-request-and-qa-tests-specified if: '$CI_SERVER_HOST == "gitlab.com" && $CI_PROJECT_NAMESPACE =~ /^gitlab-org($|\/security$)/ && $CI_MERGE_REQUEST_IID && $QA_TESTS' -.if-dot-com-gitlab-org-and-security-merge-request-manual-ff-package-and-qa: &if-dot-com-gitlab-org-and-security-merge-request-manual-ff-package-and-qa +.if-dot-com-gitlab-org-and-security-merge-request-manual-ff-package-and-e2e: &if-dot-com-gitlab-org-and-security-merge-request-manual-ff-package-and-e2e if: '$CI_SERVER_HOST == "gitlab.com" && $CI_PROJECT_NAMESPACE =~ /^gitlab-org($|\/security$)/ && $CI_MERGE_REQUEST_IID && $QA_MANUAL_FF_PACKAGE_AND_QA' .if-dot-com-gitlab-org-and-security-tag: &if-dot-com-gitlab-org-and-security-tag @@ -173,6 +167,9 @@ - ".gitlab/ci/frontend.gitlab-ci.yml" - ".gitlab/ci/build-images.gitlab-ci.yml" - ".gitlab/ci/qa.gitlab-ci.yml" + - ".gitlab/ci/package-and-test/*.yml" + - ".gitlab/ci/review-apps/qa.gitlab-ci.yml" + - ".gitlab/ci/review-apps/rules.gitlab-ci.yml" .gitaly-patterns: &gitaly-patterns - "GITALY_SERVER_VERSION" @@ -261,7 +258,7 @@ - "Dockerfile.assets" - "config/**/*.js" - "vendor/assets/**/*" - - "{app/assets,app/helpers,app/presenters,app/views,locale,public,spec/frontend,symbol}/**/*" + - "{app/assets,app/components,app/helpers,app/presenters,app/views,locale,public,spec/frontend,symbol}/**/*" .controllers-patterns: &controllers-patterns - "{,ee/,jh/}{app/controllers}/**/*" @@ -281,7 +278,7 @@ - "Rakefile" - "config.ru" # List explicitly all the app/ dirs that are backend (i.e. all except app/assets). - - "{,ee/,jh/}{app/channels,app/controllers,app/finders,app/graphql,app/helpers,app/mailers,app/models,app/policies,app/presenters,app/serializers,app/services,app/uploaders,app/validators,app/views,app/workers}/**/*" + - "{,ee/,jh/}{app/channels,app/components,app/controllers,app/finders,app/graphql,app/helpers,app/mailers,app/models,app/policies,app/presenters,app/serializers,app/services,app/uploaders,app/validators,app/views,app/workers}/**/*" - "{,ee/,jh/}{bin,config,db,generator_templates,lib}/**/*" - "{,ee/,jh/}spec/**/*" # CI changes @@ -296,7 +293,7 @@ - "{,jh/}Gemfile.lock" - "GITLAB_ELASTICSEARCH_INDEXER_VERSION" # List explicitly all the app/ dirs that are backend (i.e. all except app/assets). - - "{,ee/,jh/}{app/channels,app/controllers,app/finders,app/graphql,app/helpers,app/mailers,app/models,app/policies,app/presenters,app/serializers,app/services,app/uploaders,app/validators,app/views,app/workers}/**/*" + - "{,ee/,jh/}{app/channels,app/components,app/controllers,app/finders,app/graphql,app/helpers,app/mailers,app/models,app/policies,app/presenters,app/serializers,app/services,app/uploaders,app/validators,app/views,app/workers}/**/*" - "{,ee/,jh/}{bin,config,db,generator_templates,lib}/**/*" - "{,ee/,jh/}spec/**/*" @@ -309,6 +306,8 @@ - "{,ee/,jh/}{,spec/}lib/{,ee/,jh/}gitlab/background_migration{,_spec}.rb" - "{,ee/,jh/}spec/support/helpers/database/**/*" - "lib/gitlab/markdown_cache/active_record/**/*" + - "lib/api/admin/batched_background_migrations.rb" + - "spec/requests/api/admin/batched_background_migrations_spec.rb" - "config/prometheus/common_metrics.yml" # Used by Gitlab::DatabaseImporters::CommonMetrics::Importer - "{,ee/,jh/}app/models/project_statistics.rb" # Used to calculate sizes in migration specs # Gitaly has interactions with background migrations: https://gitlab.com/gitlab-org/gitlab/-/issues/336538 @@ -333,7 +332,7 @@ .qa-patterns: &qa-patterns - ".dockerignore" - - "qa/**/*" + - "{,jh/}qa/**/*" # Code patterns + .ci-patterns .code-patterns: &code-patterns @@ -411,7 +410,7 @@ - ".gitlab/ci/**/*" # QA changes - ".dockerignore" - - "qa/**/*" + - "{,jh/}qa/**/*" # Mapped patterns (see tests.yml) - "data/whats_new/*.yml" @@ -445,7 +444,7 @@ - "{,spec/}tooling/**/*" # QA changes - ".dockerignore" - - "qa/**/*" + - "{,jh/}qa/**/*" # Mapped patterns (see tests.yml) - "data/whats_new/*.yml" @@ -480,7 +479,7 @@ - "{,spec/}tooling/**/*" # QA changes - ".dockerignore" - - "qa/**/*" + - "{,jh/}qa/**/*" # Workhorse changes - "GITLAB_WORKHORSE_VERSION" - "workhorse/**/*" @@ -491,9 +490,14 @@ .static-analysis-patterns: &static-analysis-patterns - ".{codeclimate,eslintrc,haml-lint,haml-lint_todo}.yml" - - ".rubocop.yml" - - ".rubocop_todo.yml" + +.rubocop-patterns: &rubocop-patterns + - ".{rubocop,rubocop_todo}.yml" - ".rubocop_todo/**/*.yml" + - "{,ee/,jh/}rubocop/**/*" # We might be changing custom cops + - "{,ee/,jh/}Gemfile.lock" # This should include gitlab-styles, rubocop itself, and any plugins we might be using + - "lib/gitlab_edition.rb" # This is required in RuboCop::CodeReuseHelpers + - ".gitlab/ci/static-analysis.gitlab-ci.yml" .danger-patterns: &danger-patterns - "Dangerfile" @@ -528,6 +532,9 @@ rules: - <<: *if-merge-request-approved when: never + # Temporarily disabled minimal rspec jobs before and after approval because of https://gitlab.com/gitlab-org/gitlab/-/issues/373064. + - <<: *if-merge-request-not-approved + when: never - <<: *if-automated-merge-request when: never - <<: *if-security-merge-request @@ -549,8 +556,6 @@ changes: *backend-patterns - <<: *if-security-merge-request changes: *backend-patterns - - <<: *if-merge-request-not-approved - when: never .rails:rules:as-if-foss-migration-unit-integration:minimal-default-rules: rules: @@ -580,8 +585,6 @@ changes: *code-backstage-patterns - <<: *if-security-merge-request changes: *code-backstage-patterns - - <<: *if-merge-request-not-approved - when: never .rails:rules:system:minimal-default-rules: rules: @@ -628,14 +631,16 @@ rules: - <<: *if-not-ee when: never + - <<: *if-not-canonical-namespace + when: never - <<: *if-merge-request-targeting-stable-branch - <<: *if-merge-request-labels-run-review-app - <<: *if-dot-com-gitlab-org-and-security-merge-request changes: *ci-build-images-patterns - <<: *if-dot-com-gitlab-org-and-security-merge-request changes: *code-qa-patterns - - <<: *if-dot-com-gitlab-org-default-branch - changes: *code-qa-patterns + - <<: *if-auto-deploy-branches + - <<: *if-default-branch-or-tag - <<: *if-dot-com-gitlab-org-schedule - <<: *if-force-ci @@ -714,6 +719,14 @@ ################## # Frontend rules # ################## + +.frontend:rules:minimal-default-rules: + rules: + - <<: *if-automated-merge-request + when: never + - <<: *if-security-merge-request + when: never + .frontend:rules:compile-production-assets: rules: - <<: *if-not-canonical-namespace @@ -762,31 +775,28 @@ rules: - !reference [".strict-ee-only-rules", rules] - !reference [".frontend:rules:default-frontend-jobs-as-if-foss", rules] - - !reference [".frontend:rules:jest:minimal:as-if-foss", rules] + - <<: *if-merge-request + changes: *frontend-patterns-for-as-if-foss .frontend:rules:jest: rules: - <<: *if-fork-merge-request when: never - <<: *if-merge-request-labels-run-all-jest - - <<: *if-default-refs - changes: *core-frontend-patterns - <<: *if-merge-request - changes: *ci-patterns + changes: [".gitlab/ci/rules.gitlab-ci.yml", ".gitlab/ci/frontend.gitlab-ci.yml"] - <<: *if-automated-merge-request changes: *code-backstage-patterns - <<: *if-security-merge-request changes: *code-backstage-patterns - - <<: *if-merge-request-not-approved - when: never - - <<: *if-default-refs + - <<: *if-default-branch-refs changes: *code-backstage-patterns .frontend:rules:jest:minimal: rules: - <<: *if-fork-merge-request changes: *code-backstage-patterns - - !reference [".rails:rules:minimal-default-rules", rules] + - !reference [".frontend:rules:minimal-default-rules", rules] - <<: *if-merge-request-labels-run-all-jest when: never - changes: *core-frontend-patterns @@ -797,30 +807,24 @@ - <<: *if-merge-request changes: *code-backstage-patterns -.frontend:rules:jest:minimal:as-if-foss: +.frontend:rules:jest:as-if-foss: rules: - !reference [".strict-ee-only-rules", rules] + - <<: *if-merge-request-labels-as-if-foss + - <<: *if-merge-request-labels-run-all-jest - <<: *if-security-merge-request changes: *code-backstage-patterns - when: never - - <<: *if-merge-request-labels-as-if-foss - when: never + +.frontend:rules:jest:minimal:as-if-foss: + rules: + - !reference [".strict-ee-only-rules", rules] + - !reference [".frontend:rules:minimal-default-rules", rules] - <<: *if-merge-request-labels-run-all-jest when: never - - <<: *if-merge-request-labels-run-all-rspec - when: never - - <<: *if-merge-request - changes: *startup-css-patterns - when: never - - <<: *if-merge-request - changes: *ci-patterns - when: never - <<: *if-fork-merge-request when: never - <<: *if-merge-request - changes: *core-frontend-patterns - - <<: *if-merge-request - changes: *code-backstage-patterns + changes: *frontend-patterns-for-as-if-foss .frontend:rules:eslint-as-if-foss: rules: @@ -829,13 +833,14 @@ - <<: *if-merge-request changes: *frontend-patterns-for-as-if-foss -.frontend:rules:ee-mr-and-default-branch-only: +.frontend:rules:coverage-frontend: rules: - <<: *if-not-ee when: never + - <<: *if-merge-request-labels-pipeline-revert + when: never - <<: *if-merge-request changes: *code-backstage-patterns - when: always - <<: *if-default-branch-refs changes: *code-backstage-patterns @@ -859,6 +864,9 @@ rules: - <<: *if-not-canonical-namespace when: never + - <<: *if-default-branch-refs + changes: *frontend-build-patterns + allow_failure: true - if: '$DANGER_GITLAB_API_TOKEN && $CI_MERGE_REQUEST_IID && $CI_MERGE_REQUEST_TARGET_BRANCH_NAME == $CI_DEFAULT_BRANCH' changes: *frontend-build-patterns allow_failure: true @@ -907,7 +915,7 @@ - <<: *if-default-refs changes: *qa-patterns -.qa:rules:determine-qa-tests: +.qa:rules:determine-e2e-tests: rules: - <<: *if-not-ee when: never @@ -921,14 +929,23 @@ - <<: *if-force-ci allow_failure: true -.qa:rules:package-and-qa: +.qa:rules:package-and-test: rules: + - <<: *if-not-canonical-namespace + when: never - <<: *if-not-ee when: never - <<: *if-merge-request-labels-pipeline-revert when: never - <<: *if-merge-request-targeting-stable-branch allow_failure: true + - <<: *if-dot-com-gitlab-org-and-security-merge-request-manual-ff-package-and-e2e + changes: *feature-flag-development-config-patterns + when: manual + allow_failure: true + - <<: *if-dot-com-gitlab-org-and-security-merge-request + changes: *feature-flag-development-config-patterns + allow_failure: true - <<: *if-dot-com-gitlab-org-and-security-merge-request changes: *nodejs-patterns allow_failure: true @@ -947,24 +964,14 @@ allow_failure: true - <<: *if-dot-com-gitlab-org-schedule allow_failure: true + variables: + SKIP_REPORT_IN_ISSUES: "false" + PROCESS_TEST_RESULTS: "true" + KNAPSACK_GENERATE_REPORT: "true" - <<: *if-force-ci when: manual allow_failure: true -.qa:rules:package-and-qa:feature-flags: - rules: - - <<: *if-not-ee - when: never - - <<: *if-merge-request-labels-pipeline-revert - when: never - - <<: *if-dot-com-gitlab-org-and-security-merge-request-manual-ff-package-and-qa - changes: *feature-flag-development-config-patterns - when: manual - allow_failure: true - - <<: *if-dot-com-gitlab-org-and-security-merge-request - changes: *feature-flag-development-config-patterns - allow_failure: true - ############### # Rails rules # ############### @@ -1012,8 +1019,6 @@ changes: *db-patterns - <<: *if-security-merge-request changes: *db-patterns - - <<: *if-merge-request-not-approved - when: never - changes: *db-patterns .rails:rules:ee-and-foss-migration:minimal: @@ -1117,8 +1122,6 @@ changes: *db-patterns - <<: *if-security-merge-request changes: *db-patterns - - <<: *if-merge-request-not-approved - when: never - changes: *db-patterns .rails:rules:ee-only-migration:minimal: @@ -1208,8 +1211,6 @@ changes: *db-patterns - <<: *if-security-merge-request changes: *db-patterns - - <<: *if-merge-request-not-approved - when: never .rails:rules:as-if-foss-migration:minimal: rules: @@ -1365,12 +1366,12 @@ rules: - <<: *if-not-ee when: never + - <<: *if-merge-request-labels-pipeline-revert + when: never - <<: *if-merge-request changes: *code-backstage-patterns - when: always - <<: *if-default-branch-schedule-maintenance - <<: *if-merge-request-labels-run-all-rspec - when: always .rails:rules:rspec-undercoverage: rules: @@ -1410,6 +1411,8 @@ rules: - <<: *if-not-ee when: never + - <<: *if-merge-request-labels-pipeline-revert + when: never - if: '$SKIP_FLAKY_TESTS_AUTOMATICALLY == "true" || $RETRY_FAILED_TESTS_IN_NEW_PROCESS == "true"' changes: *code-backstage-patterns when: always @@ -1421,24 +1424,42 @@ # Static analysis rules # ######################### -.static-analysis:rules:ee-and-foss: +.static-analysis:rules:static-analysis: rules: - changes: *code-backstage-qa-patterns - changes: *static-analysis-patterns -.static-analysis:rules:ee-and-foss-qa: +.static-analysis:rules:static-verification-with-database: + rules: + - changes: *code-backstage-qa-patterns + +.static-analysis:rules:rubocop: + rules: + - changes: *rubocop-patterns + variables: + RUN_ALL_RUBOCOP: "true" + - changes: *code-backstage-qa-patterns + +.static-analysis:rules:qa:metadata-lint: rules: - changes: *qa-patterns + - changes: [".gitlab/ci/static-analysis.gitlab-ci.yml"] + +.static-analysis:rules:haml-lint: + rules: + - changes: *rubocop-patterns - changes: *static-analysis-patterns + - changes: *code-backstage-qa-patterns -.static-analysis:rules:ee: +.static-analysis:rules:haml-lint-ee: rules: - <<: *if-not-ee when: never - - changes: *code-backstage-qa-patterns + - changes: *rubocop-patterns - changes: *static-analysis-patterns + - changes: *code-backstage-qa-patterns -.static-analysis:rules:as-if-foss: +.static-analysis:rules:static-analysis-as-if-foss: rules: - <<: *if-not-ee when: never @@ -1447,7 +1468,7 @@ - <<: *if-security-merge-request changes: *code-backstage-qa-patterns - <<: *if-merge-request - changes: *ci-patterns + changes: [".gitlab/ci/static-analysis.gitlab-ci.yml"] - <<: *if-merge-request changes: *static-analysis-patterns @@ -1461,6 +1482,12 @@ changes: ["vendor/gems/mail-smtp_pool/**/*"] - <<: *if-merge-request-labels-run-all-rspec +.vendor:rules:microsoft_graph_mailer: + rules: + - <<: *if-merge-request + changes: ["vendor/gems/microsoft_graph_mailer/**/*"] + - <<: *if-merge-request-labels-run-all-rspec + .vendor:rules:ipynbdiff: rules: - <<: *if-merge-request @@ -1491,12 +1518,30 @@ changes: ["vendor/gems/omniauth-gitlab/**/*"] - <<: *if-merge-request-labels-run-all-rspec +.vendor:rules:omniauth-google-oauth2: + rules: + - <<: *if-merge-request + changes: ["vendor/gems/omniauth-google-oauth2/**/*"] + - <<: *if-merge-request-labels-run-all-rspec + +.vendor:rules:omniauth-salesforce: + rules: + - <<: *if-merge-request + changes: ["vendor/gems/omniauth-salesforce/**/*"] + - <<: *if-merge-request-labels-run-all-rspec + .vendor:rules:devise-pbkdf2-encryptable: rules: - <<: *if-merge-request changes: ["vendor/gems/devise-pbkdf2-encryptable/**/*"] - <<: *if-merge-request-labels-run-all-rspec +.vendor:rules:bundler-checksum: + rules: + - <<: *if-merge-request + changes: ["vendor/gems/bundler-checksum/**/*"] + - <<: *if-merge-request-labels-run-all-rspec + ################## # Releases rules # ################## @@ -1620,6 +1665,13 @@ ################ # Review rules # ################ +.review-change-pattern: &review-change-pattern + APP_CHANGE_TRIGGER: "true" + +# The following rules needs to be the same as the one for .review:rules:review-cleanup +# except that: +# - most rules re automatic here (i.e. no `when: manual`) and not allowed to fail (i.e. no `allow_failure: true`) here +# - several rules have `variables: *review-change-pattern` here .review:rules:start-review-app-pipeline: rules: - <<: *if-not-ee @@ -1631,12 +1683,16 @@ changes: *ci-review-patterns - <<: *if-dot-com-gitlab-org-merge-request changes: *frontend-build-patterns + variables: *review-change-pattern - <<: *if-dot-com-gitlab-org-merge-request changes: *controllers-patterns + variables: *review-change-pattern - <<: *if-dot-com-gitlab-org-merge-request changes: *models-patterns + variables: *review-change-pattern - <<: *if-dot-com-gitlab-org-merge-request changes: *lib-gitlab-patterns + variables: *review-change-pattern - <<: *if-dot-com-gitlab-org-merge-request changes: *qa-patterns - <<: *if-dot-com-gitlab-org-merge-request @@ -1670,54 +1726,44 @@ rules: - when: on_success -.review:rules:review-qa-smoke: - rules: - - when: on_success - -# If the needed job isn't allowed to fail, we need to use `when: always` in -# order to keep the job always running after it. -# -# If the needed job is allowed to fail, we need to use both -# `when: on_success` and `when: on_failure` in order to keep -# the job always running after it. -# Not that if the needed job has `when: on_success` we can use `when: always` -# for the depending job. -# -# See https://gitlab.com/gitlab-org/gitlab/-/merge_requests/76756 - -.review:rules:review-qa-reliable: - rules: - - when: on_success - -# Since `review-qa-reliable` isn't allowed to fail, we need to use `when: always`for `review-qa-reliable-report`. -.review:rules:review-qa-blocking-report: - rules: - - when: always - -.review:rules:review-qa-all: - rules: - - <<: *if-dot-com-gitlab-org-merge-request - changes: *code-patterns - when: manual - allow_failure: true # manual jobs needs to be allowed to fail, otherwise they block the pipeline - - when: on_success - allow_failure: true - -# Since `review-qa-all` is allowed to fail (and potentially manual), we need to use `when: on_success` and `when: on_failure` for `review-qa-all-report`. -.review:rules:review-qa-all-report: - rules: - - when: on_success - - when: on_failure - -.review:rules:review-qa-cleanup: - rules: - - when: always - +# The following rules needs to be the same as the one for .review:rules:start-review-app-pipeline +# except that: +# - all rules have `when: manual` and `allow_failure: true` here .review:rules:review-cleanup: rules: - <<: *if-not-ee when: never + - <<: *if-merge-request-labels-pipeline-revert + when: never + - <<: *if-merge-request-labels-run-review-app + when: manual + allow_failure: true + - <<: *if-dot-com-gitlab-org-merge-request + changes: *ci-review-patterns + when: manual + allow_failure: true + - <<: *if-dot-com-gitlab-org-merge-request + changes: *frontend-build-patterns + when: manual + allow_failure: true + - <<: *if-dot-com-gitlab-org-merge-request + changes: *controllers-patterns + when: manual + allow_failure: true + - <<: *if-dot-com-gitlab-org-merge-request + changes: *models-patterns + when: manual + allow_failure: true + - <<: *if-dot-com-gitlab-org-merge-request + changes: *lib-gitlab-patterns + when: manual + allow_failure: true - <<: *if-dot-com-gitlab-org-merge-request + changes: *qa-patterns + when: manual + allow_failure: true + - <<: *if-dot-com-gitlab-org-merge-request + changes: *code-patterns when: manual allow_failure: true - <<: *if-dot-com-gitlab-org-schedule @@ -1754,6 +1800,10 @@ when: never - <<: *if-default-branch-or-tag changes: *code-backstage-qa-patterns + - <<: *if-dot-com-gitlab-org-merge-request + changes: [".gitlab/ci/setup.gitlab-ci.yml"] + when: manual + allow_failure: true .setup:rules:dont-interrupt-me: rules: diff --git a/.gitlab/ci/setup.gitlab-ci.yml b/.gitlab/ci/setup.gitlab-ci.yml index 17113b1245c..4f3111de2bf 100644 --- a/.gitlab/ci/setup.gitlab-ci.yml +++ b/.gitlab/ci/setup.gitlab-ci.yml @@ -3,16 +3,20 @@ cache gems: extends: - .default-retry - - .rails-cache + - .ruby-cache - .default-before_script - .setup:rules:cache-gems - stage: test - needs: ["setup-test-env"] + stage: prepare + needs: [] variables: - BUNDLE_INSTALL_FLAGS: --with=production --with=development --with=test --jobs=2 --path=vendor --retry=3 --quiet + BUNDLE_WITHOUT: "" + BUNDLE_WITH: "production:development:test" SETUP_DB: "false" script: - - bundle package --all --all-platforms + - echo -e "\e[0Ksection_start:`date +%s`:bundle-package[collapsed=true]\r\e[0KPackaging gems" + - bundle config set cache_all true + - run_timed_command "bundle package --all-platforms" + - echo -e "\e[0Ksection_end:`date +%s`:bundle-package\r\e[0K" artifacts: paths: - vendor/cache @@ -110,10 +114,13 @@ generate-frontend-fixtures-mapping: paths: - ${FRONTEND_FIXTURES_MAPPING_PATH} -.detect-test-base: +detect-tests: + extends: .rails:rules:detect-tests image: ${GITLAB_DEPENDENCY_PROXY}ruby:${RUBY_VERSION} needs: [] stage: prepare + variables: + RSPEC_TESTS_MAPPING_ENABLED: "true" script: - source ./scripts/utils.sh - source ./scripts/rspec_helpers.sh @@ -123,42 +130,23 @@ generate-frontend-fixtures-mapping: - retrieve_frontend_fixtures_mapping - | if [ -n "$CI_MERGE_REQUEST_IID" ]; then - tooling/bin/find_changes ${CHANGES_FILE}; - tooling/bin/find_tests ${CHANGES_FILE} ${MATCHED_TESTS_FILE}; - tooling/bin/find_changes ${CHANGES_FILE} ${MATCHED_TESTS_FILE} ${FRONTEND_FIXTURES_MAPPING_PATH}; - echo "Changed files: $(cat $CHANGES_FILE)"; - echo "Related rspec tests: $(cat $MATCHED_TESTS_FILE)"; + mkdir -p $(dirname "$RSPEC_CHANGED_FILES_PATH") + tooling/bin/find_changes ${RSPEC_CHANGED_FILES_PATH}; + tooling/bin/find_tests ${RSPEC_CHANGED_FILES_PATH} ${RSPEC_MATCHING_TESTS_PATH}; + tooling/bin/find_changes ${RSPEC_CHANGED_FILES_PATH} ${RSPEC_MATCHING_TESTS_PATH} ${FRONTEND_FIXTURES_MAPPING_PATH}; + echo "Changed files: $(cat $RSPEC_CHANGED_FILES_PATH)"; + echo "Related rspec tests: $(cat $RSPEC_MATCHING_TESTS_PATH)"; fi artifacts: expire_in: 7d paths: - - ${CHANGES_FILE} - - ${MATCHED_TESTS_FILE} + - ${RSPEC_CHANGED_FILES_PATH} + - ${RSPEC_MATCHING_TESTS_PATH} - ${FRONTEND_FIXTURES_MAPPING_PATH} -detect-tests: - extends: - - .detect-test-base - - .rails:rules:detect-tests - variables: - RSPEC_TESTS_MAPPING_ENABLED: "true" - CHANGES_FILE: tmp/changed_files.txt - MATCHED_TESTS_FILE: tmp/matching_tests.txt - -detect-tests as-if-foss: - extends: - - .detect-test-base - - .rails:rules:detect-tests - - .as-if-foss - variables: - CHANGES_FILE: tmp/changed_foss_files.txt - MATCHED_TESTS_FILE: tmp/matching_foss_tests.txt - before_script: - - '[ "$FOSS_ONLY" = "1" ] && rm -rf ee/ qa/spec/ee/ qa/qa/specs/features/ee/ qa/qa/ee/ qa/qa/ee.rb' - detect-previous-failed-tests: extends: - - .detect-test-base + - detect-tests - .rails:rules:detect-previous-failed-tests variables: PREVIOUS_FAILED_TESTS_DIR: tmp/previous_failed_tests/ @@ -172,3 +160,23 @@ detect-previous-failed-tests: expire_in: 7d paths: - ${PREVIOUS_FAILED_TESTS_DIR} + +e2e-test-pipeline-generate: + extends: + - .qa-job-base + - .minimal-job + - .qa:rules:determine-e2e-tests + stage: prepare + variables: + ENV_FILE: $CI_PROJECT_DIR/qa_tests_vars.env + OMNIBUS_PIPELINE_YML: package-and-test-pipeline.yml + REVIEW_PIPELINE_YML: review-app-pipeline.yml + COLORIZED_LOGS: "true" + script: + - bundle exec rake "ci:detect_changes[$ENV_FILE]" + - cd $CI_PROJECT_DIR && scripts/generate-e2e-pipeline + artifacts: + expire_in: 1 day + paths: + - $OMNIBUS_PIPELINE_YML + - $REVIEW_PIPELINE_YML diff --git a/.gitlab/ci/static-analysis.gitlab-ci.yml b/.gitlab/ci/static-analysis.gitlab-ci.yml index b4efd9e49bf..e845e7eb88b 100644 --- a/.gitlab/ci/static-analysis.gitlab-ci.yml +++ b/.gitlab/ci/static-analysis.gitlab-ci.yml @@ -19,13 +19,16 @@ update-static-analysis-cache: - .shared:rules:update-cache stage: prepare script: - - run_timed_command "bundle exec rubocop --parallel" # For the moment we only cache `tmp/rubocop_cache` so we don't need to run all the tasks. + # Silence cop offenses for rules with "grace period". + # This will notify Slack if offenses were silenced. + # For the moment we only cache `tmp/rubocop_cache` so we don't need to run all the tasks. + - run_timed_command "bundle exec rake rubocop:check:graceful" static-analysis: extends: - .static-analysis-base - .static-analysis-cache - - .static-analysis:rules:ee-and-foss + - .static-analysis:rules:static-analysis parallel: 2 script: - run_timed_command "retry yarn install --frozen-lockfile" @@ -34,14 +37,14 @@ static-analysis: static-analysis as-if-foss: extends: - static-analysis - - .static-analysis:rules:as-if-foss + - .static-analysis:rules:static-analysis-as-if-foss - .as-if-foss static-verification-with-database: extends: - .static-analysis-base - .rubocop-job-cache - - .static-analysis:rules:ee-and-foss + - .static-analysis:rules:static-verification-with-database - .use-pg12 script: - bundle exec rake lint:static_verification_with_database @@ -91,13 +94,13 @@ eslint as-if-foss: - .as-if-foss needs: ['generate-apollo-graphql-schema as-if-foss'] -haml-lint foss: +haml-lint: extends: - .static-analysis-base - .ruby-cache - - .static-analysis:rules:ee-and-foss + - .static-analysis:rules:haml-lint script: - - run_timed_command "bin/rake 'haml_lint[app/views]'" + - run_timed_command "bundle exec haml-lint --parallel app/views" artifacts: expire_in: 31d when: always @@ -106,23 +109,37 @@ haml-lint foss: haml-lint ee: extends: - - "haml-lint foss" - - .static-analysis:rules:ee + - "haml-lint" + - .static-analysis:rules:haml-lint-ee script: - - run_timed_command "bin/rake 'haml_lint[ee/app/views]'" + - run_timed_command "bundle exec haml-lint --parallel ee/app/views" rubocop: extends: - .static-analysis-base - .rubocop-job-cache - - .static-analysis:rules:ee-and-foss + - .static-analysis:rules:rubocop + needs: + - job: detect-tests + optional: true script: - - run_timed_command "bundle exec rubocop --parallel" + - | + # For non-merge request, or when RUN_ALL_RUBOCOP is 'true', run all RuboCop rules + if [ -z "${CI_MERGE_REQUEST_IID}" ] || [ "${RUN_ALL_RUBOCOP}" == "true" ]; then + # Silence cop offenses for rules with "grace period". + # We won't notify Slack if offenses were silenced to avoid frequent messages. + # Job `update-static-analysis-cache` takes care of Slack notifications every 2 hours. + unset CI_SLACK_WEBHOOK_URL + run_timed_command "bundle exec rake rubocop:check:graceful" + else + cat ${RSPEC_CHANGED_FILES_PATH} | ruby -e 'puts $stdin.read.split(" ").select { |f| File.exist?(f) }.join(" ")' > tmp/rubocop_target_files.txt + run_timed_command "bundle exec rubocop --parallel --force-exclusion $(cat tmp/rubocop_target_files.txt)" + fi qa:metadata-lint: extends: - .static-analysis-base - - .static-analysis:rules:ee-and-foss-qa + - .static-analysis:rules:qa:metadata-lint before_script: - !reference [.default-before_script, before_script] - cd qa/ @@ -149,7 +166,7 @@ feature-flags-usage: extends: - .static-analysis-base - .rubocop-job-cache - - .static-analysis:rules:ee-and-foss + - .static-analysis:rules:rubocop script: # We need to disable the cache for this cop since it creates files under tmp/feature_flags/*.used, # the cache would prevent these files from being created. diff --git a/.gitlab/ci/vendored-gems.gitlab-ci.yml b/.gitlab/ci/vendored-gems.gitlab-ci.yml index 4408a6e4624..577bd37ca9e 100644 --- a/.gitlab/ci/vendored-gems.gitlab-ci.yml +++ b/.gitlab/ci/vendored-gems.gitlab-ci.yml @@ -6,6 +6,14 @@ vendor mail-smtp_pool: include: vendor/gems/mail-smtp_pool/.gitlab-ci.yml strategy: depend +vendor microsoft_graph_mailer: + extends: + - .vendor:rules:microsoft_graph_mailer + needs: [] + trigger: + include: vendor/gems/microsoft_graph_mailer/.gitlab-ci.yml + strategy: depend + vendor ipynbdiff: extends: - .vendor:rules:ipynbdiff @@ -46,6 +54,22 @@ vendor omniauth-gitlab: include: vendor/gems/omniauth-gitlab/.gitlab-ci.yml strategy: depend +vendor omniauth-google-oauth2: + extends: + - .vendor:rules:omniauth-google-oauth2 + needs: [] + trigger: + include: vendor/gems/omniauth-google-oauth2/.gitlab-ci.yml + strategy: depend + +vendor omniauth-salesforce: + extends: + - .vendor:rules:omniauth-salesforce + needs: [] + trigger: + include: vendor/gems/omniauth-salesforce/.gitlab-ci.yml + strategy: depend + vendor devise-pbkdf2-encryptable: extends: - .vendor:rules:devise-pbkdf2-encryptable @@ -53,3 +77,11 @@ vendor devise-pbkdf2-encryptable: trigger: include: vendor/gems/devise-pbkdf2-encryptable/.gitlab-ci.yml strategy: depend + +vendor bundler-checksum: + extends: + - .vendor:rules:bundler-checksum + needs: [] + trigger: + include: vendor/gems/bundler-checksum/.gitlab-ci.yml + strategy: depend diff --git a/.gitlab/ci/workhorse.gitlab-ci.yml b/.gitlab/ci/workhorse.gitlab-ci.yml index ade2f65441f..efd37b2247b 100644 --- a/.gitlab/ci/workhorse.gitlab-ci.yml +++ b/.gitlab/ci/workhorse.gitlab-ci.yml @@ -9,23 +9,38 @@ workhorse:verify: .workhorse:test: extends: .workhorse:rules:workhorse + image: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images/debian-${DEBIAN_VERSION}-ruby-${RUBY_VERSION}-golang-${GO_VERSION}:git-2.36 variables: GITALY_ADDRESS: "tcp://127.0.0.1:8075" + GO_VERSION: "1.17" stage: test needs: - setup-test-env - script: + before_script: - go version - apt-get update && apt-get -y install libimage-exiftool-perl - scripts/gitaly-test-build + script: - make -C workhorse test -workhorse:test using go 1.17: +workhorse:test go: extends: .workhorse:test - image: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images:debian-${DEBIAN_VERSION}-ruby-${RUBY_VERSION}-golang-1.17-git-2.31 + parallel: + matrix: + - GO_VERSION: ["1.17", "1.18"] + script: + - make -C workhorse test-coverage + coverage: '/\d+.\d+%/' + artifacts: + paths: + - workhorse/coverage.html -workhorse:test using go 1.17 with FIPS: +workhorse:test fips: extends: .workhorse:test variables: WORKHORSE_TEST_FIPS_ENABLED: 1 - image: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images:debian-${DEBIAN_VERSION}-ruby-${RUBY_VERSION}-golang-1.17-git-2.31 + +workhorse:test race: + extends: .workhorse:test + script: + - make -C workhorse test-race diff --git a/.gitlab/issue_templates/Audit Event Proposal.md b/.gitlab/issue_templates/Audit Event Proposal.md index af32845bd9a..09b0a6761bc 100644 --- a/.gitlab/issue_templates/Audit Event Proposal.md +++ b/.gitlab/issue_templates/Audit Event Proposal.md @@ -1,4 +1,5 @@ <!-- Audit Event documentation: See https://docs.gitlab.com/ee/administration/audit_events.html --> +<!-- Streaming Audit Event documentation: See https://docs.gitlab.com/ee/administration/audit_event_streaming.html --> ## Audit need @@ -8,6 +9,11 @@ <!-- Describe the audit event you are proposing should be added, including any details of what should be captured, how, and why. --> +### Streaming-only event or normal event? + +<!-- Should this event be a streaming-only audit event or also logged to GitLab's database? Consider the +volume of data that will be generated by the event when answering this. --> + /label ~"Category:Audit Events" /label ~"type::feature" /label ~"group::compliance" diff --git a/.gitlab/issue_templates/Deprecations.md b/.gitlab/issue_templates/Deprecations.md index 3dfed1a1fc1..76c66a3a891 100644 --- a/.gitlab/issue_templates/Deprecations.md +++ b/.gitlab/issue_templates/Deprecations.md @@ -46,7 +46,7 @@ Which tier is this feature available in? Please add links to the relevant merge requests. - As soon as possible, but no later than the third milestone preceding the major release (for example, given the following release schedule: `14.8, 14.9, 14.10, 15.0` – `14.8` is the third milestone preceding the major release): - - [ ] A [deprecation entry](https://about.gitlab.com/handbook/marketing/blog/release-posts/#creating-a-deprecation-entry) has been created so the deprecation will appear in release posts and on the [general deprecation page](https://docs.gitlab.com/ee/update/deprecations). + - [ ] A [deprecation announcement entry](https://about.gitlab.com/handbook/marketing/blog/release-posts/#creating-a-deprecation-announcement) has been created so the deprecation will appear in release posts and on the [general deprecation page](https://docs.gitlab.com/ee/update/deprecations). - [ ] Documentation has been updated to mark the feature as [deprecated](https://docs.gitlab.com/ee/development/documentation/versions.html#deprecations-and-removals). - [ ] On or before the major milestone: A [removal entry](https://about.gitlab.com/handbook/marketing/blog/release-posts/#removals) has been created so the removal will appear on the [removals by milestones](https://docs.gitlab.com/ee/update/removals) page and be announced in the release post. - On the major milestone: diff --git a/.gitlab/issue_templates/Doc_cleanup.md b/.gitlab/issue_templates/Doc_cleanup.md index 58a51e15803..79cf2662b07 100644 --- a/.gitlab/issue_templates/Doc_cleanup.md +++ b/.gitlab/issue_templates/Doc_cleanup.md @@ -7,18 +7,27 @@ * feature development should use the Feature Request template. --> -If you are a community contributor: +If you are a community contributor, **do not work on the issue if it is not assigned to you yet**. -1. To work on an issue, type `@gl-docsteam I would like to work on this issue.` - in a comment. A technical writer - will assign the issue to you. Do not work on the issue before it is assigned to you. - If someone has already chosen the issue, pick another or view docs [in the docs directory](https://gitlab.com/gitlab-org/gitlab/-/tree/master/doc) +Additionally, please review these points before working on this issue: + +1. If you would like to work on the issue, type `@gl-docsteam I would like to work on this issue.` + in a comment. A technical writer will assign the issue to you. If someone has already chosen this issue, + pick another issue, or view docs [in the docs directory](https://gitlab.com/gitlab-org/gitlab/-/tree/master/doc) and open a merge request for any page you feel can be improved. -1. Create a merge request for the issue. If this is for a Hackathon, do not create the merge request - before the Hackathon has started or it will not be counted towards the Hackathon. If you were not - assigned the issue, do not create a merge request. It will not be accepted. -1. Copy the link to this issue and add it to the merge request's description, which will link - the merge request and the issue together. +1. Carefully review the [merge request guidelines for contributors](https://docs.gitlab.com/ee/development/contributing/merge_request_workflow.html#merge-request-guidelines-for-contributors). +1. Carefully review the [commit message guidelines](https://docs.gitlab.com/ee/development/contributing/merge_request_workflow.html#commit-messages-guidelines). +1. Create a merge request for the issue: + - If you were not assigned the issue, do not create a merge request. It will not be accepted. + - If this is for a Hackathon, do not create the merge request before the Hackathon has started + or it will not be counted towards the Hackathon. + - Unless otherwise stated below, we expect one merge request per issue, so combine + all changes together. If there is too much work for you to handle in one merge request, + you can create more, but try to keep the number of merge requests as small as possible. + - Select the **Documentation** merge request description template, and fill it out + with the details of your work. + - Copy the link to this issue and add it to the merge request's description, + which links the merge request and the issue together. 1. After your merge request is accepted and merged, close this issue. If you notice things you'd like to fix that are not part of the issue, open separate merge requests for those issues. @@ -37,6 +46,9 @@ Thank you again for contributing to the GitLab documentation! * several moderate changes on one page, a few intermediate changes across five pages, or several very small * changes for up to 10 pages. Larger items should be broken out into other issues to better distribute * the opportunities for contributors. +* +* If you expect the work to take more than one MR to resolve, explain approximately +* how many MRs you expect to receive for the issue. --> ## Additional information diff --git a/.gitlab/issue_templates/Service Ping reporting and monitoring.md b/.gitlab/issue_templates/Service Ping reporting and monitoring.md index 9a30f71e42b..baa384a8aa2 100644 --- a/.gitlab/issue_templates/Service Ping reporting and monitoring.md +++ b/.gitlab/issue_templates/Service Ping reporting and monitoring.md @@ -27,7 +27,7 @@ Broken metrics issues are marked with the ~"broken metric" label. 1. Note which bastion host machine was assigned. For example: `<username>@bastion-01-inf-gprd.c.gitlab-production.internal:~$` shows that you are connected to `bastion-01-inf-gprd.c.gitlab-production.internal`. 1. Create a named screen: `screen -S $USER-service-ping-$(date +%F)`. 1. Connect to the console host: `ssh $USER-rails@console-01-sv-gprd.c.gitlab-production.internal`. -1. Run: `ServicePing::SubmitService.new.execute`. +1. Run: `GitlabServicePingWorker.new.perform('triggered_from_cron' => false)`. 1. Press <kbd>Control</kbd>+<kbd>a</kbd> followed by <kbd>Control</kbd>+<kbd>d</kbd> to detach from the screen session. 1. Exit from the bastion: `exit`. @@ -58,12 +58,12 @@ OR ## Service Ping process triggering (through a long-running SSH session) 1. Connect to the `gprd` Rails console. -1. Run `SubmitUsagePingService.new.execute`. This process requires more than 30 hours to complete. +1. Run `GitlabServicePingWorker.new.perform('triggered_from_cron' => false)`. This process requires more than 30 hours to complete. 1. Find the last payload in the `raw_usage_data` table: `RawUsageData.last.payload`. 1. Check the when the payload was sent: `RawUsageData.last.sent_at`. ```plaintext -ServicePing::SubmitService.new.execute +GitlabServicePingWorker.new.perform('triggered_from_cron' => false) # Get the payload RawUsageData.last.payload diff --git a/.gitlab/merge_request_templates/Deprecations.md b/.gitlab/merge_request_templates/Deprecations.md index fc803152efb..dcd5d79e0d0 100644 --- a/.gitlab/merge_request_templates/Deprecations.md +++ b/.gitlab/merge_request_templates/Deprecations.md @@ -30,8 +30,12 @@ Deprecation announcements can and should be created and merged into Docs at any --- -Please review the [guidelines for deprecations](https://about.gitlab.com/handbook/marketing/blog/release-posts/#deprecations), -as well as the process for [creating a deprecation entry](https://about.gitlab.com/handbook/marketing/blog/release-posts/#creating-a-deprecation-entry). +Please review: + +- The definitions of ["Deprecation", "End of Support", and "Removal"](https://docs.gitlab.com/ee/development/deprecation_guidelines/#terminology). +- The [guidelines for deprecations](https://about.gitlab.com/handbook/marketing/blog/release-posts/#deprecations). +- The process for [creating a deprecation entry](https://about.gitlab.com/handbook/marketing/blog/release-posts/#creating-a-deprecation-entry). + They are frequently updated, and everyone should make sure they are aware of the current standards (PM, PMM, EM, and TW). ## EM/PM release post item checklist diff --git a/.gitlab/merge_request_templates/Quarantine End to End Test.md b/.gitlab/merge_request_templates/Quarantine End to End Test.md index a8d2378eee0..c088fde857a 100644 --- a/.gitlab/merge_request_templates/Quarantine End to End Test.md +++ b/.gitlab/merge_request_templates/Quarantine End to End Test.md @@ -26,7 +26,6 @@ the noise (due to constantly failing tests, flaky tests, and so on) so that new - [ ] Dequarantine test check-list - [ ] Follow the [Dequarantining Tests guide](https://about.gitlab.com/handbook/engineering/quality/quality-engineering/debugging-qa-test-failures/#dequarantining-tests). - [ ] Confirm the test consistently passes on the target GitLab environment(s). - - [ ] (Optionally) [Trigger a manual GitLab-QA pipeline](https://about.gitlab.com/handbook/engineering/quality/quality-engineering/tips-and-tricks/#running-gitlab-qa-pipeline-against-a-specific-gitlab-release) against a specific GitLab environment using the `RELEASE` variable from the `package-and-qa` job of the current merge request. - [ ] To ensure a faster turnaround, ask in the `#quality` Slack channel for someone to review and merge the merge request, rather than assigning it directly. <!-- Base labels. --> diff --git a/.gitlab/merge_request_templates/Removals.md b/.gitlab/merge_request_templates/Removals.md index 0b7f1efe006..4801af2a123 100644 --- a/.gitlab/merge_request_templates/Removals.md +++ b/.gitlab/merge_request_templates/Removals.md @@ -36,7 +36,10 @@ If the removal creates a [breaking change](https://about.gitlab.com/handbook/pro --- -Please review the [guidelines for removals](https://about.gitlab.com/handbook/marketing/blog/release-posts/#removals). +Please review: + +- The definitions of ["Deprecation", "End of Support", and "Removal"](https://docs.gitlab.com/ee/development/deprecation_guidelines/#terminology). +- The [guidelines for removals](https://about.gitlab.com/handbook/marketing/blog/release-posts/#removals). ## EM/PM release post item checklist diff --git a/.gitlab/merge_request_templates/Security Release.md b/.gitlab/merge_request_templates/Security Release.md index f43bddaa46e..14130ca42c2 100644 --- a/.gitlab/merge_request_templates/Security Release.md +++ b/.gitlab/merge_request_templates/Security Release.md @@ -21,7 +21,7 @@ See [the general developer security release guidelines](https://gitlab.com/gitla - [ ] Ensure it's approved according to our [Approval Guidelines]. - [ ] Ensure it's approved by an AppSec engineer. - Please see the security release [Code reviews and Approvals] documentation for details on which AppSec team member to ping for approval. - - Trigger the [`package-and-qa` build]. The docker image generated will be used by the AppSec engineer to validate the security vulnerability has been remediated. + - Trigger the [`e2e:package-and-test` job]. The docker image generated will be used by the AppSec engineer to validate the security vulnerability has been remediated. - [ ] For a backport MR targeting a versioned stable branch (`X-Y-stable-ee`). - [ ] Milestone is set to the version this backport applies to. A closed milestone can be assigned via [quick actions]. - [ ] Ensure it's approved by a maintainer. @@ -42,4 +42,4 @@ See [the general developer security release guidelines](https://gitlab.com/gitla [Code reviews and Approvals]: (https://gitlab.com/gitlab-org/release/docs/blob/master/general/security/developer.md#code-reviews-and-approvals) [Approval Guidelines]: https://docs.gitlab.com/ee/development/code_review.html#approval-guidelines [Canonical repository]: https://gitlab.com/gitlab-org/gitlab -[`package-and-qa` build]: https://docs.gitlab.com/ee/development/testing_guide/end_to_end/#using-the-package-and-qa-job +[`e2e:package-and-test` job]: https://docs.gitlab.com/ee/development/testing_guide/end_to_end/#using-the-package-and-test-job diff --git a/.gitlab/secret-detection-ruleset.toml b/.gitlab/secret-detection-ruleset.toml new file mode 100644 index 00000000000..5fcde57cad7 --- /dev/null +++ b/.gitlab/secret-detection-ruleset.toml @@ -0,0 +1,6 @@ +[secrets] + [[secrets.ruleset]] + disable = true + [secrets.ruleset.identifier] + type = "gitleaks_rule_id" + value = "Password in URL" |