diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2019-11-19 22:11:55 +0000 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2019-11-19 22:11:55 +0000 |
commit | 5a8431feceba47fd8e1804d9aa1b1730606b71d5 (patch) | |
tree | e5df8e0ceee60f4af8093f5c4c2f934b8abced05 /.gitlab | |
parent | 4d477238500c347c6553d335d920bedfc5a46869 (diff) | |
download | gitlab-ce-5a8431feceba47fd8e1804d9aa1b1730606b71d5.tar.gz |
Add latest changes from gitlab-org/gitlab@12-5-stable-ee
Diffstat (limited to '.gitlab')
-rw-r--r-- | .gitlab/CODEOWNERS | 8 | ||||
-rw-r--r-- | .gitlab/ci/cng.gitlab-ci.yml | 3 | ||||
-rw-r--r-- | .gitlab/ci/docs.gitlab-ci.yml | 15 | ||||
-rw-r--r-- | .gitlab/ci/frontend.gitlab-ci.yml | 10 | ||||
-rw-r--r-- | .gitlab/ci/global.gitlab-ci.yml | 163 | ||||
-rw-r--r-- | .gitlab/ci/memory.gitlab-ci.yml | 2 | ||||
-rw-r--r-- | .gitlab/ci/notifications.gitlab-ci.yml | 29 | ||||
-rw-r--r-- | .gitlab/ci/pages.gitlab-ci.yml | 5 | ||||
-rw-r--r-- | .gitlab/ci/qa.gitlab-ci.yml | 29 | ||||
-rw-r--r-- | .gitlab/ci/rails.gitlab-ci.yml | 14 | ||||
-rw-r--r-- | .gitlab/ci/releases.gitlab-ci.yml | 22 | ||||
-rw-r--r-- | .gitlab/ci/reports.gitlab-ci.yml | 8 | ||||
-rw-r--r-- | .gitlab/ci/review.gitlab-ci.yml | 100 | ||||
-rw-r--r-- | .gitlab/ci/setup.gitlab-ci.yml | 7 | ||||
-rw-r--r-- | .gitlab/ci/test-metadata.gitlab-ci.yml | 4 | ||||
-rw-r--r-- | .gitlab/issue_templates/Security developer workflow.md | 2 | ||||
-rw-r--r-- | .gitlab/merge_request_templates/Documentation.md | 2 |
17 files changed, 236 insertions, 187 deletions
diff --git a/.gitlab/CODEOWNERS b/.gitlab/CODEOWNERS index a02740373da..c8283326533 100644 --- a/.gitlab/CODEOWNERS +++ b/.gitlab/CODEOWNERS @@ -3,11 +3,12 @@ *.rake @gitlab-org/maintainers/rails-backend # Technical writing team are the default reviewers for everything in `doc/` -/doc/ @axil @marcia @eread @mikelewis +/doc/ @gl-docsteam # Frontend maintainers should see everything in `app/assets/` -app/assets/ @ClemMakesApps @fatihacet @filipa @mikegreiling @timzallmann @kushalpandya @pslaughter @wortschi @ntepluhina -*.scss @annabeldunstone @ClemMakesApps @fatihacet @filipa @mikegreiling @timzallmann @kushalpandya @pslaughter @wortschi @ntepluhina +app/assets/ @gitlab-org/maintainers/frontend +*.scss @annabeldunstone @gitlab-org/maintainers/frontend +/scripts/frontend/ @gitlab-org/maintainers/frontend # Database maintainers should review changes in `db/` db/ @gitlab-org/maintainers/database @@ -32,4 +33,5 @@ lib/gitlab/github_import/ @gitlab-org/maintainers/database /.gitlab/ci/ @gl-quality/eng-prod Dangerfile @gl-quality/eng-prod /danger/ @gl-quality/eng-prod +/lib/gitlab/danger/ @gl-quality/eng-prod /scripts/ @gl-quality/eng-prod diff --git a/.gitlab/ci/cng.gitlab-ci.yml b/.gitlab/ci/cng.gitlab-ci.yml index 35859a1ab33..bd11042eb11 100644 --- a/.gitlab/ci/cng.gitlab-ci.yml +++ b/.gitlab/ci/cng.gitlab-ci.yml @@ -1,4 +1,5 @@ cloud-native-image: + extends: .only:variables-canonical-dot-com image: ruby:2.6-alpine dependencies: [] stage: post-test @@ -12,5 +13,3 @@ cloud-native-image: only: refs: - tags - variables: - - $CI_SERVER_HOST == "gitlab.com" && $CI_PROJECT_NAMESPACE == "gitlab-org" diff --git a/.gitlab/ci/docs.gitlab-ci.yml b/.gitlab/ci/docs.gitlab-ci.yml index 14eeebb9db9..07375fca611 100644 --- a/.gitlab/ci/docs.gitlab-ci.yml +++ b/.gitlab/ci/docs.gitlab-ci.yml @@ -2,12 +2,11 @@ extends: - .default-tags - .default-retry - - .only-docs-changes + - .only:variables-canonical-dot-com + - .only:changes-docs only: refs: - merge_requests - variables: - - $CI_SERVER_HOST == "gitlab.com" && $CI_PROJECT_NAMESPACE == "gitlab-org" image: ruby:2.6-alpine stage: review dependencies: [] @@ -50,7 +49,7 @@ docs lint: - .default-tags - .default-retry - .default-only - - .only-docs-changes + - .only:changes-docs image: "registry.gitlab.com/gitlab-org/gitlab-build-images:gitlab-docs-lint" stage: test dependencies: [] @@ -68,7 +67,7 @@ docs lint: # Check the internal anchor links - bundle exec nanoc check internal_anchors -graphql-docs-verify: +graphql-reference-verify: extends: - .only-ee - .default-tags @@ -76,10 +75,10 @@ graphql-docs-verify: - .default-cache - .default-only - .default-before_script - - .only-graphql-changes - variables: - SETUP_DB: "false" + - .only:changes-code-backstage-qa + - .use-pg9 stage: test needs: ["setup-test-env"] script: - bundle exec rake gitlab:graphql:check_docs + - bundle exec rake gitlab:graphql:check_schema diff --git a/.gitlab/ci/frontend.gitlab-ci.yml b/.gitlab/ci/frontend.gitlab-ci.yml index 2f457bc0ee2..0b72461a9fd 100644 --- a/.gitlab/ci/frontend.gitlab-ci.yml +++ b/.gitlab/ci/frontend.gitlab-ci.yml @@ -12,7 +12,7 @@ - .default-only - .default-before_script - .assets-compile-cache - - .only-code-qa-changes + - .only:changes-code-backstage-qa image: registry.gitlab.com/gitlab-org/gitlab-build-images:ruby-2.6.3-git-2.22-chrome-73.0-node-12.x-yarn-1.16-graphicsmagick-1.3.33-docker-18.06.1 stage: test dependencies: ["setup-test-env"] @@ -73,7 +73,7 @@ gitlab:assets:compile pull-cache: - .default-only - .default-before_script - .assets-compile-cache - - .only-code-qa-changes + - .only:changes-code-backstage-qa - .use-pg9 stage: prepare script: @@ -128,7 +128,7 @@ compile-assets pull-cache foss: - .default-cache - .default-only - .default-before_script - - .only-code-changes + - .only:changes-code-backstage - .use-pg9 stage: test needs: ["setup-test-env", "compile-assets pull-cache"] @@ -205,7 +205,7 @@ jest-foss: - .default-retry - .default-cache - .default-only - - .only-code-changes + - .only:changes-code-backstage stage: test dependencies: [] cache: @@ -238,7 +238,7 @@ webpack-dev-server: - .default-retry - .default-cache - .default-only - - .only-code-changes + - .only:changes-code-backstage stage: test needs: ["setup-test-env", "compile-assets pull-cache"] dependencies: ["setup-test-env", "compile-assets pull-cache"] diff --git a/.gitlab/ci/global.gitlab-ci.yml b/.gitlab/ci/global.gitlab-ci.yml index fc9b00b5d3c..d746d8fe030 100644 --- a/.gitlab/ci/global.gitlab-ci.yml +++ b/.gitlab/ci/global.gitlab-ci.yml @@ -40,14 +40,97 @@ - merge_requests - tags -.only-code-changes: +.only:variables-canonical-dot-com: + only: + variables: + - $CI_SERVER_HOST == "gitlab.com" && $CI_PROJECT_NAMESPACE =~ /^gitlab-org($|\/)/ # Matches the gitlab-org group or its subgroups + +.only:variables_refs-canonical-dot-com-schedules: + extends: .only:variables-canonical-dot-com + only: + refs: + - schedules + +.except:refs-deploy: + except: + refs: + - /^\d+-\d+-auto-deploy-\d+$/ + +.except:refs-master-tags-stable-deploy: + except: + refs: + - master + - tags + - /^[\d-]+-stable(-ee)?$/ + - /^\d+-\d+-auto-deploy-\d+$/ + +.only:kubernetes: + only: + kubernetes: active + +.only-review: + extends: + - .only:variables-canonical-dot-com + - .only:kubernetes + - .except:refs-master-tags-stable-deploy + +.only-review-schedules: + extends: + - .only:variables_refs-canonical-dot-com-schedules + - .only:kubernetes + - .except:refs-deploy + +.code-patterns: &code-patterns + - ".gitlab/ci/**/*" + - ".{eslintignore,gitattributes,nvmrc,prettierrc,stylelintrc,yamllint}" + - ".{codeclimate,eslintrc,gitlab-ci,haml-lint,haml-lint_todo,rubocop,rubocop_todo,scss-lint}.yml" + - ".csscomb.json" + - "Dockerfile.assets" + - "*_VERSION" + - "Gemfile{,.lock}" + - "Rakefile" + - "{babel.config,jest.config}.js" + - "config.ru" + - "{package.json,yarn.lock}" + - "{,ee/}{app,bin,config,db,haml_lint,lib,locale,public,scripts,symbol,vendor}/**/*" + - "doc/api/graphql/**/*" + +.backstage-patterns: &backstage-patterns + - "Dangerfile" + - "danger/**/*" + - "{,ee/}fixtures/**/*" + - "{,ee/}rubocop/**/*" + - "{,ee/}spec/**/*" + - "doc/README.md" # Some RSpec test rely on this file + +.qa-patterns: &qa-patterns + - ".dockerignore" + - "qa/**/*" + +.docs-patterns: &docs-patterns + - ".gitlab/route-map.yml" + - "doc/**/*" + - ".markdownlint.json" + +.only:changes-code: + only: + changes: *code-patterns + +.only:changes-qa: + only: + changes: *qa-patterns + +.only:changes-docs: + only: + changes: *docs-patterns + +.only:changes-code-backstage: only: changes: - ".gitlab/ci/**/*" - ".{eslintignore,gitattributes,nvmrc,prettierrc,stylelintrc,yamllint}" - ".{codeclimate,eslintrc,gitlab-ci,haml-lint,haml-lint_todo,rubocop,rubocop_todo,scss-lint}.yml" - ".csscomb.json" - - "Dangerfile" - "Dockerfile.assets" - "*_VERSION" - "Gemfile{,.lock}" @@ -55,36 +138,43 @@ - "{babel.config,jest.config}.js" - "config.ru" - "{package.json,yarn.lock}" - - "{app,bin,config,danger,db,ee,fixtures,haml_lint,lib,locale,public,rubocop,scripts,spec,symbol,vendor}/**/*" + - "{,ee/}{app,bin,config,db,haml_lint,lib,locale,public,scripts,symbol,vendor}/**/*" + - "doc/api/graphql/**/*" + # Backstage changes + - "Dangerfile" + - "danger/**/*" + - "{,ee/}fixtures/**/*" + - "{,ee/}rubocop/**/*" + - "{,ee/}spec/**/*" - "doc/README.md" # Some RSpec test rely on this file -.only-qa-changes: +.only:changes-code-qa: only: changes: + - ".gitlab/ci/**/*" + - ".{eslintignore,gitattributes,nvmrc,prettierrc,stylelintrc,yamllint}" + - ".{codeclimate,eslintrc,gitlab-ci,haml-lint,haml-lint_todo,rubocop,rubocop_todo,scss-lint}.yml" + - ".csscomb.json" + - "Dockerfile.assets" + - "*_VERSION" + - "Gemfile{,.lock}" + - "Rakefile" + - "{babel.config,jest.config}.js" + - "config.ru" + - "{package.json,yarn.lock}" + - "{,ee/}{app,bin,config,db,haml_lint,lib,locale,public,scripts,symbol,vendor}/**/*" + - "doc/api/graphql/**/*" + # QA changes - ".dockerignore" - "qa/**/*" -.only-docs-changes: - only: - changes: - - ".gitlab/route-map.yml" - - "doc/**/*" - - ".markdownlint.json" - -.only-graphql-changes: - only: - changes: - - "{,ee/}app/graphql/**/*" - - "{,ee/}lib/gitlab/graphql/**/*" - -.only-code-qa-changes: +.only:changes-code-backstage-qa: only: changes: - ".gitlab/ci/**/*" - ".{eslintignore,gitattributes,nvmrc,prettierrc,stylelintrc,yamllint}" - ".{codeclimate,eslintrc,gitlab-ci,haml-lint,haml-lint_todo,rubocop,rubocop_todo,scss-lint}.yml" - ".csscomb.json" - - "Dangerfile" - "Dockerfile.assets" - "*_VERSION" - "Gemfile{,.lock}" @@ -92,36 +182,19 @@ - "{babel.config,jest.config}.js" - "config.ru" - "{package.json,yarn.lock}" - - "{app,bin,config,danger,db,ee,fixtures,haml_lint,lib,locale,public,rubocop,scripts,spec,symbol,vendor}/**/*" + - "{,ee/}{app,bin,config,db,haml_lint,lib,locale,public,scripts,symbol,vendor}/**/*" + - "doc/api/graphql/**/*" + # Backstage changes + - "Dangerfile" + - "danger/**/*" + - "{,ee/}fixtures/**/*" + - "{,ee/}rubocop/**/*" + - "{,ee/}spec/**/*" - "doc/README.md" # Some RSpec test rely on this file + # QA changes - ".dockerignore" - "qa/**/*" -.only-review: - only: - variables: - - $CI_SERVER_HOST == "gitlab.com" && $CI_PROJECT_NAMESPACE == "gitlab-org" - kubernetes: active - except: - refs: - - master - - /^\d+-\d+-auto-deploy-\d+$/ - - /^[\d-]+-stable(-ee)?$/ - -.only-review-schedules: - only: - refs: - - schedules - variables: - - $CI_SERVER_HOST == "gitlab.com" && $CI_PROJECT_NAMESPACE == "gitlab-org" - kubernetes: active - -.only-canonical-schedules: - only: - refs: - - schedules@gitlab-org/gitlab - - schedules@gitlab-org/gitlab-foss - .use-pg9: services: - name: postgres:9.6 diff --git a/.gitlab/ci/memory.gitlab-ci.yml b/.gitlab/ci/memory.gitlab-ci.yml index 93bf87b24b2..ba14024df34 100644 --- a/.gitlab/ci/memory.gitlab-ci.yml +++ b/.gitlab/ci/memory.gitlab-ci.yml @@ -5,7 +5,7 @@ - .default-cache - .default-only - .default-before_script - - .only-code-changes + - .only:changes-code memory-static: extends: .only-code-memory-job-base diff --git a/.gitlab/ci/notifications.gitlab-ci.yml b/.gitlab/ci/notifications.gitlab-ci.yml deleted file mode 100644 index 8e00ba022d0..00000000000 --- a/.gitlab/ci/notifications.gitlab-ci.yml +++ /dev/null @@ -1,29 +0,0 @@ -.notify: - image: alpine - stage: notification - dependencies: [] - cache: {} - before_script: - - apk update && apk add git curl bash - -schedule:package-and-qa:notify-success: - extends: - - .only-canonical-schedules - - .notify - variables: - COMMIT_NOTES_URL: "https://$CI_SERVER_HOST/$CI_PROJECT_PATH/commit/$CI_COMMIT_SHA#notes-list" - script: - - 'scripts/notify-slack qa-master ":tada: Scheduled QA against master passed! :tada: See $CI_PIPELINE_URL. For downstream pipelines, see $COMMIT_NOTES_URL" ci_passing' - needs: ["schedule:package-and-qa"] - when: on_success - -schedule:package-and-qa:notify-failure: - extends: - - .only-canonical-schedules - - .notify - variables: - COMMIT_NOTES_URL: "https://$CI_SERVER_HOST/$CI_PROJECT_PATH/commit/$CI_COMMIT_SHA#notes-list" - script: - - 'scripts/notify-slack qa-master ":skull_and_crossbones: Scheduled QA against master failed! :skull_and_crossbones: See $CI_PIPELINE_URL. For downstream pipelines, see $COMMIT_NOTES_URL" ci_failing' - needs: ["schedule:package-and-qa"] - when: on_failure diff --git a/.gitlab/ci/pages.gitlab-ci.yml b/.gitlab/ci/pages.gitlab-ci.yml index a30772d5664..6a2d3702bdd 100644 --- a/.gitlab/ci/pages.gitlab-ci.yml +++ b/.gitlab/ci/pages.gitlab-ci.yml @@ -4,12 +4,11 @@ pages: - .default-retry - .default-cache - .default-only - - .only-code-qa-changes + - .only:variables-canonical-dot-com + - .only:changes-code-backstage-qa only: refs: - master - variables: - - $CI_SERVER_HOST == "gitlab.com" && $CI_PROJECT_NAMESPACE == "gitlab-org" stage: pages dependencies: ["coverage", "karma", "gitlab:assets:compile pull-cache"] script: diff --git a/.gitlab/ci/qa.gitlab-ci.yml b/.gitlab/ci/qa.gitlab-ci.yml index 1194948a76f..3cb5a40a8b5 100644 --- a/.gitlab/ci/qa.gitlab-ci.yml +++ b/.gitlab/ci/qa.gitlab-ci.yml @@ -3,7 +3,7 @@ - .default-tags - .default-retry - .default-only - - .only-code-qa-changes + - .only:changes-code-qa stage: test dependencies: [] cache: @@ -31,7 +31,6 @@ qa:selectors-foss: - .only-ee-as-if-foss .package-and-qa-base: - extends: .default-only image: ruby:2.6-alpine stage: qa dependencies: [] @@ -40,35 +39,31 @@ qa:selectors-foss: - source scripts/utils.sh - install_gitlab_gem - ./scripts/trigger-build omnibus - only: - variables: - - $CI_SERVER_HOST == "gitlab.com" && $CI_PROJECT_NAMESPACE =~ /^gitlab-org($|\/)/ # Matches the gitlab-org group or its subgroups package-and-qa-manual: extends: - .package-and-qa-base - - .only-code-changes - except: - refs: - - master - - /^\d+-\d+-auto-deploy-\d+$/ + - .default-only + - .only:variables-canonical-dot-com + - .except:refs-deploy + - .only:changes-code when: manual needs: ["build-qa-image", "gitlab:assets:compile pull-cache"] package-and-qa: extends: - .package-and-qa-base - - .only-qa-changes - except: - refs: - - master - - /^\d+-\d+-auto-deploy-\d+$/ + - .default-only + - .only:variables-canonical-dot-com + - .except:refs-master-tags-stable-deploy + - .only:changes-qa needs: ["build-qa-image", "gitlab:assets:compile pull-cache"] allow_failure: true schedule:package-and-qa: extends: - .package-and-qa-base - - .only-code-qa-changes - - .only-canonical-schedules + - .default-only + - .only:variables_refs-canonical-dot-com-schedules needs: ["build-qa-image", "gitlab:assets:compile pull-cache"] + allow_failure: true diff --git a/.gitlab/ci/rails.gitlab-ci.yml b/.gitlab/ci/rails.gitlab-ci.yml index bf478b68765..acee30867d9 100644 --- a/.gitlab/ci/rails.gitlab-ci.yml +++ b/.gitlab/ci/rails.gitlab-ci.yml @@ -22,7 +22,7 @@ - .default-cache - .default-only - .default-before_script - - .only-code-changes + - .only:changes-code-backstage .only-code-qa-rails-job-base: extends: @@ -31,7 +31,7 @@ - .default-cache - .default-only - .default-before_script - - .only-code-qa-changes + - .only:changes-code-backstage-qa setup-test-env: extends: @@ -239,6 +239,7 @@ static-analysis: dependencies: ["setup-test-env", "compile-assets pull-cache"] variables: SETUP_DB: "false" + parallel: 2 script: - scripts/static-analysis cache: @@ -251,13 +252,8 @@ static-analysis: downtime_check: extends: - .rake-exec - - .only-code-changes - except: - refs: - - master - - tags - variables: - - $CI_COMMIT_REF_NAME =~ /^[\d-]+-stable(-ee)?$/ + - .only:changes-code-backstage + - .except:refs-master-tags-stable-deploy stage: test needs: ["setup-test-env"] dependencies: ["setup-test-env"] diff --git a/.gitlab/ci/releases.gitlab-ci.yml b/.gitlab/ci/releases.gitlab-ci.yml new file mode 100644 index 00000000000..1ddc4e90fcf --- /dev/null +++ b/.gitlab/ci/releases.gitlab-ci.yml @@ -0,0 +1,22 @@ +--- + +# Syncs any changes pushed to a stable branch to the corresponding CE stable +# branch. We run this prior to any tests so that random failures don't prevent a +# sync. +sync-stable-branch: + # We don't need/want any global before/after commands, so we overwrite these + # settings. + image: alpine:edge + stage: sync + # This job should only run on EE stable branches on the canonical GitLab.com + # repository. + only: + variables: + - $CI_SERVER_HOST == "gitlab.com" + refs: + - /^[\d-]+-stable-ee$/@gitlab-org/gitlab + before_script: + - apk add --no-cache --update curl bash + after_script: [] + script: + - bash scripts/sync-stable-branch.sh diff --git a/.gitlab/ci/reports.gitlab-ci.yml b/.gitlab/ci/reports.gitlab-ci.yml index 16c3f0e4f8c..fbb7826b6f2 100644 --- a/.gitlab/ci/reports.gitlab-ci.yml +++ b/.gitlab/ci/reports.gitlab-ci.yml @@ -11,7 +11,7 @@ code_quality: extends: - .default-retry - .default-only - - .only-code-changes + - .only:changes-code-backstage stage: test image: docker:stable allow_failure: true @@ -50,7 +50,7 @@ sast: extends: - .default-retry - .default-only - - .only-code-changes + - .only:changes-code-backstage-qa stage: test image: docker:stable variables: @@ -132,7 +132,7 @@ dependency_scanning: extends: - .default-retry - .default-only - - .only-code-changes + - .only:changes-code-backstage-qa stage: test image: docker:stable variables: @@ -195,7 +195,7 @@ dast: extends: - .default-retry - .default-only - - .only-code-qa-changes + - .only:changes-code-qa - .only-review stage: qa needs: ["review-deploy"] diff --git a/.gitlab/ci/review.gitlab-ci.yml b/.gitlab/ci/review.gitlab-ci.yml index c78c6a82815..4ed9ac03d0c 100644 --- a/.gitlab/ci/review.gitlab-ci.yml +++ b/.gitlab/ci/review.gitlab-ci.yml @@ -1,14 +1,8 @@ -.except-deploys: - except: - refs: - - /^\d+-\d+-auto-deploy-\d+$/ - .review-docker: extends: - .default-tags - .default-retry - .default-only - - .except-deploys image: registry.gitlab.com/gitlab-org/gitlab-build-images:gitlab-qa-alpine services: - docker:19.03.0-dind @@ -23,10 +17,9 @@ build-qa-image: extends: - .review-docker - - .only-code-qa-changes - only: - variables: - - $CI_SERVER_HOST == "gitlab.com" && $CI_PROJECT_NAMESPACE == "gitlab-org" + - .only:variables-canonical-dot-com + - .except:refs-deploy + - .only:changes-code-qa stage: prepare script: - '[[ ! -d "ee/" ]] || export GITLAB_EDITION="ee"' @@ -35,14 +28,11 @@ build-qa-image: - echo "${CI_JOB_TOKEN}" | docker login --username gitlab-ci-token --password-stdin ${CI_REGISTRY} - time docker push ${QA_IMAGE} -schedule:review-cleanup: +.base-review-cleanup: extends: - .default-tags - .default-retry - .default-only - - .only-code-qa-changes - - .only-review-schedules - - .except-deploys stage: prepare image: registry.gitlab.com/gitlab-org/gitlab-build-images:gitlab-charts-build-base allow_failure: true @@ -55,11 +45,22 @@ schedule:review-cleanup: script: - ruby -rrubygems scripts/review_apps/automated_cleanup.rb +schedule:review-cleanup: + extends: + - .base-review-cleanup + - .only-review-schedules + +manual:review-cleanup: + extends: + - .base-review-cleanup + - .only:changes-code-qa + when: manual + .review-build-cng-base: extends: + - .default-tags + - .default-retry - .default-only - - .only-code-qa-changes - - .except-deploys image: ruby:2.6-alpine stage: review-prepare before_script: @@ -74,6 +75,7 @@ review-build-cng: extends: - .review-build-cng-base - .only-review + - .only:changes-code-qa needs: ["gitlab:assets:compile pull-cache"] schedule:review-build-cng: @@ -82,26 +84,30 @@ schedule:review-build-cng: - .only-review-schedules needs: ["gitlab:assets:compile pull-cache"] -.review-deploy-base: +.review-workflow-base: extends: - .default-tags - .default-retry - .default-only - - .only-code-qa-changes - - .except-deploys - stage: review image: registry.gitlab.com/gitlab-org/gitlab-build-images:gitlab-charts-build-base dependencies: [] - allow_failure: true variables: HOST_SUFFIX: "${CI_ENVIRONMENT_SLUG}" DOMAIN: "-${CI_ENVIRONMENT_SLUG}.${REVIEW_APPS_DOMAIN}" - GITLAB_HELM_CHART_REF: "v2.3.7" + # v2.4.4 + two improvements: + # - Allow to pass an EE license when installing the chart: https://gitlab.com/gitlab-org/charts/gitlab/merge_requests/1008 + # - Allow to customize the livenessProbe for `gitlab-shell`: https://gitlab.com/gitlab-org/charts/gitlab/merge_requests/1021 + GITLAB_HELM_CHART_REF: "6c655ed77e60f1f7f533afb97bef8c9cb7dc61eb" GITLAB_EDITION: "ce" environment: name: review/${CI_COMMIT_REF_NAME} url: https://gitlab-${CI_ENVIRONMENT_SLUG}.${REVIEW_APPS_DOMAIN} on_stop: review-stop + +.review-deploy-base: + extends: .review-workflow-base + stage: review + allow_failure: true before_script: - '[[ ! -d "ee/" ]] || export GITLAB_EDITION="ee"' - export GITLAB_SHELL_VERSION=$(<GITLAB_SHELL_VERSION) @@ -112,21 +118,13 @@ schedule:review-build-cng: - install_api_client_dependencies_with_apk - source scripts/review_apps/review-apps.sh script: - - date - check_kube_domain - - date - ensure_namespace - - date - install_tiller - - date - install_external_dns - - date - download_chart - date - deploy || (display_deployment_debug && exit 1) - - date - - add_license - - date artifacts: paths: [review_app_url.txt] expire_in: 2 days @@ -136,6 +134,7 @@ review-deploy: extends: - .review-deploy-base - .only-review + - .only:changes-code-qa needs: ["review-build-cng"] schedule:review-deploy: @@ -144,11 +143,11 @@ schedule:review-deploy: - .only-review-schedules needs: ["schedule:review-build-cng"] -review-stop: +.base-review-stop: extends: - - .review-deploy-base + - .review-workflow-base - .only-review - when: manual + - .only:changes-code-qa environment: action: stop variables: @@ -161,24 +160,26 @@ review-stop: - wget $CI_PROJECT_URL/raw/$CI_COMMIT_SHA/scripts/utils.sh - source utils.sh - source review-apps.sh - script: - - delete_release - artifacts: - paths: [] -review-cleanup-failed-deployment: - extends: review-stop +review-stop-failed-deployment: + extends: .base-review-stop stage: prepare - when: on_success - allow_failure: false script: - delete_failed_release +review-stop: + extends: .base-review-stop + stage: review + when: manual + allow_failure: true + script: + - delete_release + .review-qa-base: extends: - .review-docker - .only-review - - .only-code-qa-changes + - .only:changes-code-qa stage: qa allow_failure: true variables: @@ -223,9 +224,7 @@ review-qa-all: - gitlab-qa Test::Instance::Any "${QA_IMAGE}" "${CI_ENVIRONMENT_URL}" -- --format RspecJunitFormatter --out tmp/rspec-${CI_JOB_ID}.xml --format html --out tmp/rspec.htm --color --format documentation .review-performance-base: - extends: - - .review-docker - - .only-code-qa-changes + extends: .review-docker stage: qa allow_failure: true before_script: @@ -248,6 +247,7 @@ review-performance: extends: - .review-performance-base - .only-review + - .only:changes-code-qa needs: ["review-deploy"] dependencies: ["review-deploy"] before_script: @@ -277,9 +277,8 @@ parallel-spec-reports: extends: - .default-tags - .default-only - - .only-code-qa-changes - .only-review - - .except-deploys + - .only:changes-code-qa image: ruby:2.6-alpine stage: post-test dependencies: ["review-qa-all"] @@ -310,18 +309,13 @@ danger-review: - .default-retry - .default-cache - .default-only + - .except:refs-master-tags-stable-deploy image: registry.gitlab.com/gitlab-org/gitlab-build-images:danger stage: test dependencies: [] only: variables: - $DANGER_GITLAB_API_TOKEN - except: - refs: - - master - variables: - - $CI_COMMIT_REF_NAME =~ /^\d+-\d+-auto-deploy-\d+$/ - - $CI_COMMIT_REF_NAME =~ /^[\d-]+-stable(-ee)?$/ script: - git version - node --version diff --git a/.gitlab/ci/setup.gitlab-ci.yml b/.gitlab/ci/setup.gitlab-ci.yml index 861f3f1af5b..24267584393 100644 --- a/.gitlab/ci/setup.gitlab-ci.yml +++ b/.gitlab/ci/setup.gitlab-ci.yml @@ -6,7 +6,8 @@ cache gems: - .default-retry - .default-cache - .default-before_script - - .only-code-qa-changes + - .only:variables-canonical-dot-com + - .only:changes-code-backstage-qa stage: test dependencies: ["setup-test-env"] needs: ["setup-test-env"] @@ -21,15 +22,13 @@ cache gems: refs: - master - tags - variables: - - $CI_SERVER_HOST == "gitlab.com" && $CI_PROJECT_NAMESPACE == "gitlab-org" .minimal-job: extends: - .default-tags - .default-retry - .default-only - - .only-code-changes + - .only:changes-code-backstage dependencies: [] gitlab_git_test: diff --git a/.gitlab/ci/test-metadata.gitlab-ci.yml b/.gitlab/ci/test-metadata.gitlab-ci.yml index 6a7f3157d59..21af0d373bc 100644 --- a/.gitlab/ci/test-metadata.gitlab-ci.yml +++ b/.gitlab/ci/test-metadata.gitlab-ci.yml @@ -1,7 +1,7 @@ .tests-metadata-state: extends: - .default-only - - .only-code-changes + - .only:changes-code-backstage variables: TESTS_METADATA_S3_BUCKET: "gitlab-ce-cache" before_script: @@ -48,7 +48,7 @@ flaky-examples-check: - .default-tags - .default-retry - .default-only - - .only-code-changes + - .only:changes-code-backstage image: ruby:2.6-alpine stage: post-test variables: diff --git a/.gitlab/issue_templates/Security developer workflow.md b/.gitlab/issue_templates/Security developer workflow.md index 3e634de4f0c..e06a6fb0cff 100644 --- a/.gitlab/issue_templates/Security developer workflow.md +++ b/.gitlab/issue_templates/Security developer workflow.md @@ -29,7 +29,7 @@ Set the title to: `Description of the original issue` #### Documentation and final details -- [ ] Check the topic on #security to see when the next release is going to happen and add a link to the [links section](#links) +- [ ] Check the topic on #releases to see when the next release is going to happen and add a link to the [links section](#links) - [ ] Add links to this issue and your MRs in the description of the security release issue - [ ] Find out the versions affected (the Git history of the files affected may help you with this) and add them to the [details section](#details) - [ ] Fill in any upgrade notes that users may need to take into account in the [details section](#details) diff --git a/.gitlab/merge_request_templates/Documentation.md b/.gitlab/merge_request_templates/Documentation.md index a2dd79ed1ab..2a7da2a436f 100644 --- a/.gitlab/merge_request_templates/Documentation.md +++ b/.gitlab/merge_request_templates/Documentation.md @@ -34,7 +34,7 @@ All reviewers can help ensure accuracy, clarity, completeness, and adherence to **3. Maintainer** 1. [ ] Review by assigned maintainer, who can always request/require the above reviews. Maintainer's review can occur before or after a technical writer review. -1. [ ] Ensure a release milestone is set and that you merge the equivalent EE MR before the CE MR if both exist. +1. [ ] Ensure a release milestone is set. 1. [ ] If there has not been a technical writer review, [create an issue for one using the Doc Review template](https://gitlab.com/gitlab-org/gitlab/issues/new?issuable_template=Doc%20Review). /label ~documentation |