diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2023-03-03 06:08:29 +0000 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2023-03-03 06:08:29 +0000 |
| commit | 829c7542e8927a832df7a39ef241882c39c93399 (patch) | |
| tree | aaaae42f1e43f15d6ab0641d11720644a59473e3 | |
| parent | 173b547fb98ab12ae41f295915453e598be3a647 (diff) | |
| download | gitlab-ce-829c7542e8927a832df7a39ef241882c39c93399.tar.gz | |
Add latest changes from gitlab-org/gitlab@master
41 files changed, 483 insertions, 415 deletions
diff --git a/app/assets/javascripts/boards/components/board_content.vue b/app/assets/javascripts/boards/components/board_content.vue index 7baa821402a..6ed617acf30 100644 --- a/app/assets/javascripts/boards/components/board_content.vue +++ b/app/assets/javascripts/boards/components/board_content.vue @@ -6,6 +6,7 @@ import Draggable from 'vuedraggable'; import { mapState, mapGetters, mapActions } from 'vuex'; import { contentTop } from '~/lib/utils/common_utils'; import { s__ } from '~/locale'; +import eventHub from '~/boards/eventhub'; import { formatBoardLists } from 'ee_else_ce/boards/boards_util'; import BoardAddNewColumn from 'ee_else_ce/boards/components/board_add_new_column.vue'; import { defaultSortableOptions } from '~/sortable/constants'; @@ -130,6 +131,12 @@ export default { return this.isApolloBoard ? this.apolloError : this.error; }, }, + created() { + eventHub.$on('updateBoard', this.refetchLists); + }, + beforeDestroy() { + eventHub.$off('updateBoard', this.refetchLists); + }, mounted() { this.setBoardHeight(); @@ -156,6 +163,9 @@ export default { this.boardHeight = `${window.innerHeight - this.$el.getBoundingClientRect().top}px`; } }, + refetchLists() { + this.$apollo.queries.boardListsApollo.refetch(); + }, }, }; </script> diff --git a/app/assets/javascripts/boards/components/board_filtered_search.vue b/app/assets/javascripts/boards/components/board_filtered_search.vue index 24c4917bf7e..2e14afad963 100644 --- a/app/assets/javascripts/boards/components/board_filtered_search.vue +++ b/app/assets/javascripts/boards/components/board_filtered_search.vue @@ -351,6 +351,7 @@ export default { eventHub.$on('updateTokens', this.updateTokens); if (!isEmpty(this.eeFilters)) { this.filterParams = this.eeFilters; + this.$emit('setFilters', this.formattedFilterParams); } }, beforeDestroy() { @@ -361,6 +362,7 @@ export default { updateTokens() { const rawFilterParams = queryToObject(window.location.search, { gatherArrays: true }); this.filterParams = convertObjectPropsToCamelCase(rawFilterParams, {}); + this.$emit('setFilters', this.formattedFilterParams); this.filteredSearchKey += 1; }, handleFilter(filters) { diff --git a/app/assets/javascripts/boards/components/board_form.vue b/app/assets/javascripts/boards/components/board_form.vue index b396686f477..896810bfb3a 100644 --- a/app/assets/javascripts/boards/components/board_form.vue +++ b/app/assets/javascripts/boards/components/board_form.vue @@ -4,6 +4,7 @@ import { mapActions, mapState } from 'vuex'; import { getIdFromGraphQLId } from '~/graphql_shared/utils'; import { visitUrl, updateHistory, getParameterByName } from '~/lib/utils/url_utility'; import { __, s__ } from '~/locale'; +import eventHub from '~/boards/eventhub'; import { formType } from '../constants'; import createBoardMutation from '../graphql/board_create.mutation.graphql'; @@ -217,16 +218,22 @@ export default { try { const board = await this.createOrUpdateBoard(); if (this.isApolloBoard) { - this.$emit('addBoard', board); + if (this.board.id) { + eventHub.$emit('updateBoard', board); + } else { + this.$emit('addBoard', board); + } } else { this.setBoard(board); } this.cancel(); - const param = getParameterByName('group_by') - ? `?group_by=${getParameterByName('group_by')}` - : ''; - updateHistory({ url: `${this.boardBaseUrl}/${getIdFromGraphQLId(board.id)}${param}` }); + if (!this.isApolloBoard) { + const param = getParameterByName('group_by') + ? `?group_by=${getParameterByName('group_by')}` + : ''; + updateHistory({ url: `${this.boardBaseUrl}/${getIdFromGraphQLId(board.id)}${param}` }); + } } catch { this.setError({ message: this.$options.i18n.saveErrorMessage }); } finally { diff --git a/app/assets/javascripts/boards/components/board_top_bar.vue b/app/assets/javascripts/boards/components/board_top_bar.vue index cf745d98541..7892eed6143 100644 --- a/app/assets/javascripts/boards/components/board_top_bar.vue +++ b/app/assets/javascripts/boards/components/board_top_bar.vue @@ -56,10 +56,28 @@ export default { return !this.isApolloBoard; }, update(data) { - return data.workspace.board; + const { board } = data.workspace; + return { + ...board, + labels: board.labels?.nodes, + }; }, }, }, + computed: { + hasScope() { + if (this.board.labels?.length > 0) { + return true; + } + let hasScope = false; + ['assignee', 'iterationCadence', 'iteration', 'milestone', 'weight'].forEach((attr) => { + if (this.board[attr] !== null && this.board[attr] !== undefined) { + hasScope = true; + } + }); + return hasScope; + }, + }, }; </script> @@ -75,16 +93,21 @@ export default { <new-board-button /> <issue-board-filtered-search v-if="isIssueBoard" + :board="board" + @setFilters="$emit('setFilters', $event)" + /> + <epic-board-filtered-search + v-else + :board="board" @setFilters="$emit('setFilters', $event)" /> - <epic-board-filtered-search v-else @setFilters="$emit('setFilters', $event)" /> </div> <div class="filter-dropdown-container gl-md-display-flex gl-flex-direction-column gl-md-flex-direction-row gl-align-items-flex-start" > <toggle-labels /> <toggle-epics-swimlanes v-if="swimlanesFeatureAvailable && isSignedIn" /> - <config-toggle /> + <config-toggle :board-has-scope="hasScope" /> <board-add-new-column-trigger v-if="canAdminList" /> <toggle-focus /> </div> diff --git a/app/assets/javascripts/boards/components/config_toggle.vue b/app/assets/javascripts/boards/components/config_toggle.vue index 7002fd44294..dd3b9472879 100644 --- a/app/assets/javascripts/boards/components/config_toggle.vue +++ b/app/assets/javascripts/boards/components/config_toggle.vue @@ -16,6 +16,13 @@ export default { }, mixins: [Tracking.mixin()], inject: ['canAdminList'], + props: { + boardHasScope: { + type: Boolean, + required: false, + default: false, + }, + }, computed: { ...mapGetters(['hasScope']), buttonText() { @@ -40,7 +47,7 @@ export default { v-gl-modal-directive="'board-config-modal'" v-gl-tooltip :title="tooltipTitle" - :class="{ 'dot-highlight': hasScope }" + :class="{ 'dot-highlight': hasScope || boardHasScope }" data-qa-selector="boards_config_button" @click.prevent="showPage" > diff --git a/app/assets/javascripts/boards/components/issue_board_filtered_search.vue b/app/assets/javascripts/boards/components/issue_board_filtered_search.vue index 0e1a94ec740..cdcc7b8e5a6 100644 --- a/app/assets/javascripts/boards/components/issue_board_filtered_search.vue +++ b/app/assets/javascripts/boards/components/issue_board_filtered_search.vue @@ -46,6 +46,13 @@ export default { }, components: { BoardFilteredSearch }, inject: ['isSignedIn', 'releasesFetchPath', 'fullPath', 'isGroupBoard'], + props: { + board: { + type: Object, + required: false, + default: () => {}, + }, + }, computed: { tokensCE() { const { issue, incident } = this.$options.i18n; @@ -195,6 +202,7 @@ export default { <board-filtered-search data-testid="issue-board-filtered-search" :tokens="tokens" + :board="board" @setFilters="$emit('setFilters', $event)" /> </template> diff --git a/app/assets/stylesheets/_page_specific_files.scss b/app/assets/stylesheets/_page_specific_files.scss index fa5d2bf7972..1a998f89c68 100644 --- a/app/assets/stylesheets/_page_specific_files.scss +++ b/app/assets/stylesheets/_page_specific_files.scss @@ -7,7 +7,6 @@ @import './pages/issues'; @import './pages/labels'; @import './pages/login'; -@import './pages/ml_experiment_tracking'; @import './pages/merge_requests'; @import './pages/note_form'; @import './pages/notes'; diff --git a/app/assets/stylesheets/pages/ml_experiment_tracking.scss b/app/assets/stylesheets/page_bundles/ml_experiment_tracking.scss index 3c025b5d23f..d6aae61cb7e 100644 --- a/app/assets/stylesheets/pages/ml_experiment_tracking.scss +++ b/app/assets/stylesheets/page_bundles/ml_experiment_tracking.scss @@ -1,20 +1,5 @@ @import '../page_bundles/mixins_and_variables_and_functions'; -.ml-experiment-row { - .title { - margin-bottom: $gl-spacing-scale-1; - font-weight: $gl-font-weight-bold; - } - - .ml-experiment-info { - color: $gl-text-color-secondary; - } - - a { - color: $gl-text-color; - } -} - table.ml-candidate-table { table-layout: fixed; diff --git a/app/finders/ci/pipelines_finder.rb b/app/finders/ci/pipelines_finder.rb index a2d1805286d..e52fc510628 100644 --- a/app/finders/ci/pipelines_finder.rb +++ b/app/finders/ci/pipelines_finder.rb @@ -2,6 +2,8 @@ module Ci class PipelinesFinder + include UpdatedAtFilter + attr_reader :project, :pipelines, :params, :current_user ALLOWED_INDEXED_COLUMNS = %w[id status ref updated_at user_id].freeze @@ -146,13 +148,6 @@ module Ci end # rubocop: enable CodeReuse/ActiveRecord - def by_updated_at(items) - items = items.updated_before(params[:updated_before]) if params[:updated_before].present? - items = items.updated_after(params[:updated_after]) if params[:updated_after].present? - - items - end - def by_name(items) return items unless Feature.enabled?(:pipeline_name_search, project) && diff --git a/app/finders/deployments_finder.rb b/app/finders/deployments_finder.rb index 21869f6f31d..c5f8510ca16 100644 --- a/app/finders/deployments_finder.rb +++ b/app/finders/deployments_finder.rb @@ -14,6 +14,8 @@ # order_by: String (see ALLOWED_SORT_VALUES constant) # sort: String (asc | desc) class DeploymentsFinder + include UpdatedAtFilter + attr_reader :params # Warning: @@ -109,13 +111,6 @@ class DeploymentsFinder items.order(sort_params) # rubocop: disable CodeReuse/ActiveRecord end - def by_updated_at(items) - items = items.updated_before(params[:updated_before]) if params[:updated_before].present? - items = items.updated_after(params[:updated_after]) if params[:updated_after].present? - - items - end - def by_finished_at(items) items = items.finished_before(params[:finished_before]) if params[:finished_before].present? items = items.finished_after(params[:finished_after]) if params[:finished_after].present? diff --git a/app/finders/issuable_finder.rb b/app/finders/issuable_finder.rb index 159836062cb..478a2ba622c 100644 --- a/app/finders/issuable_finder.rb +++ b/app/finders/issuable_finder.rb @@ -43,6 +43,7 @@ class IssuableFinder include FinderMethods include CreatedAtFilter include Gitlab::Utils::StrongMemoize + include UpdatedAtFilter requires_cross_project_access unless: -> { params.project? } @@ -289,13 +290,6 @@ class IssuableFinder end # rubocop: enable CodeReuse/ActiveRecord - def by_updated_at(items) - items = items.updated_after(params[:updated_after]) if params[:updated_after].present? - items = items.updated_before(params[:updated_before]) if params[:updated_before].present? - - items - end - def by_closed_at(items) items = items.closed_after(params[:closed_after]) if params[:closed_after].present? items = items.closed_before(params[:closed_before]) if params[:closed_before].present? diff --git a/app/views/projects/ml/candidates/show.html.haml b/app/views/projects/ml/candidates/show.html.haml index 77262243efb..aea74ecfb48 100644 --- a/app/views/projects/ml/candidates/show.html.haml +++ b/app/views/projects/ml/candidates/show.html.haml @@ -2,5 +2,6 @@ - add_to_breadcrumbs _("Experiments"), project_ml_experiments_path(@project) - add_to_breadcrumbs experiment.name, project_ml_experiment_path(@project, experiment.iid) - breadcrumb_title "Candidate #{@candidate.iid}" +- add_page_specific_style 'page_bundles/ml_experiment_tracking' #js-show-ml-candidate{ data: { view_model: show_candidate_view_model(@candidate) } } diff --git a/app/views/projects/ml/experiments/_experiment.html.haml b/app/views/projects/ml/experiments/_experiment.html.haml deleted file mode 100644 index 42823f47469..00000000000 --- a/app/views/projects/ml/experiments/_experiment.html.haml +++ /dev/null @@ -1,3 +0,0 @@ -%li.ml-experiment-row.py-3 - = link_to project_ml_experiment_path(@project, experiment.iid), class: "title" do - = experiment.name diff --git a/app/views/projects/ml/experiments/_experiment_list.html.haml b/app/views/projects/ml/experiments/_experiment_list.html.haml deleted file mode 100644 index a25e814b2b5..00000000000 --- a/app/views/projects/ml/experiments/_experiment_list.html.haml +++ /dev/null @@ -1,7 +0,0 @@ -- if experiments.blank? - .nothing-here-block= s_('MlExperimentsEmptyState|No Experiments to Show') -- else - .ml-experiments-list-holder - %ul.content-list - = render partial: 'experiment', collection: experiments, as: :experiment - = paginate_collection @experiments diff --git a/app/views/projects/ml/experiments/show.html.haml b/app/views/projects/ml/experiments/show.html.haml index 4433d1fafe9..52145eb0964 100644 --- a/app/views/projects/ml/experiments/show.html.haml +++ b/app/views/projects/ml/experiments/show.html.haml @@ -1,6 +1,8 @@ - add_to_breadcrumbs _("Experiments"), project_ml_experiments_path(@project) - breadcrumb_title @experiment.name - page_title @experiment.name +- add_page_specific_style 'page_bundles/ml_experiment_tracking' + - items = candidates_table_items(@candidates) - metrics = unique_logged_names(@candidates, &:latest_metrics) - params = unique_logged_names(@candidates, &:params) diff --git a/config/application.rb b/config/application.rb index 71e3076057d..8dded7bed4e 100644 --- a/config/application.rb +++ b/config/application.rb @@ -301,6 +301,7 @@ module Gitlab config.assets.precompile << "page_bundles/merge_request_analytics.css" config.assets.precompile << "page_bundles/merge_requests.css" config.assets.precompile << "page_bundles/milestone.css" + config.assets.precompile << "page_bundles/ml_experiment_tracking.css" config.assets.precompile << "page_bundles/new_namespace.css" config.assets.precompile << "page_bundles/notifications.css" config.assets.precompile << "page_bundles/oncall_schedules.css" diff --git a/config/feature_flags/development/incident_event_tags.yml b/config/feature_flags/development/incident_event_tags.yml index 68101b21569..69a7b67a186 100644 --- a/config/feature_flags/development/incident_event_tags.yml +++ b/config/feature_flags/development/incident_event_tags.yml @@ -5,4 +5,4 @@ rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/387647 milestone: '15.8' type: development group: group::respond -default_enabled: false +default_enabled: true diff --git a/doc/administration/packages/container_registry.md b/doc/administration/packages/container_registry.md index fa12246b147..576917a40d5 100644 --- a/doc/administration/packages/container_registry.md +++ b/doc/administration/packages/container_registry.md @@ -610,7 +610,7 @@ registry['storage'] = { 'accountkey' => 'base64encodedaccountkey', 'container' => 'containername', 'rootdirectory' => '/azure/virtual/container', - 'trimlegacyrootprefix' => 'true' + 'trimlegacyrootprefix' => true } } ``` diff --git a/doc/ci/environments/external_deployment_tools.md b/doc/ci/environments/external_deployment_tools.md index 1c547c8e4ea..89a1f8565a9 100644 --- a/doc/ci/environments/external_deployment_tools.md +++ b/doc/ci/environments/external_deployment_tools.md @@ -42,45 +42,45 @@ Here is an example setup that creates a `success` deployment record in GitLab wh 1. Create a new webhook. You can save the following manifest file and apply it by `kubectl apply -n argocd -f <manifiest-file-path>`: - ```yaml - apiVersion: v1 - kind: ConfigMap - metadata: - name: argocd-notifications-cm - data: - trigger.on-deployed: | - - description: Application is synced and healthy. Triggered once per commit. - oncePer: app.status.sync.revision - send: - - gitlab-deployment-status - when: app.status.operationState.phase in ['Succeeded'] and app.status.health.status == 'Healthy' - template.gitlab-deployment-status: | - webhook: - gitlab: - method: POST - path: /projects/<your-project-id>/deployments - body: | - { - "status": "success", - "environment": "production", - "sha": "{{.app.status.operationState.operation.sync.revision}}", - "ref": "main", - "tag": "false" - } - service.webhook.gitlab: | - url: https://gitlab.com/api/v4 - headers: - - name: PRIVATE-TOKEN - value: <your-access-token> - - name: Content-type - value: application/json - ``` + ```yaml + apiVersion: v1 + kind: ConfigMap + metadata: + name: argocd-notifications-cm + data: + trigger.on-deployed: | + - description: Application is synced and healthy. Triggered once per commit. + oncePer: app.status.sync.revision + send: + - gitlab-deployment-status + when: app.status.operationState.phase in ['Succeeded'] and app.status.health.status == 'Healthy' + template.gitlab-deployment-status: | + webhook: + gitlab: + method: POST + path: /projects/<your-project-id>/deployments + body: | + { + "status": "success", + "environment": "production", + "sha": "{{.app.status.operationState.operation.sync.revision}}", + "ref": "main", + "tag": "false" + } + service.webhook.gitlab: | + url: https://gitlab.com/api/v4 + headers: + - name: PRIVATE-TOKEN + value: <your-access-token> + - name: Content-type + value: application/json + ``` 1. Create a new subscription in your application: - ```shell - kubectl patch app <your-app-name> -n argocd -p '{"metadata": {"annotations": {"notifications.argoproj.io/subscribe.on-deployed.gitlab":""}}}' --type merge - ``` + ```shell + kubectl patch app <your-app-name> -n argocd -p '{"metadata": {"annotations": {"notifications.argoproj.io/subscribe.on-deployed.gitlab":""}}}' --type merge + ``` NOTE: If a deployment wasn't created as expected, you can troubleshoot with [`argocd-notifications` tool](https://argocd-notifications.readthedocs.io/en/stable/troubleshooting/). diff --git a/doc/development/sec/index.md b/doc/development/sec/index.md index 5ac5118aae8..9d9a4752cc2 100644 --- a/doc/development/sec/index.md +++ b/doc/development/sec/index.md @@ -88,7 +88,7 @@ In most other cases, the `identifiers` collection is unordered, where the remain Any time the primary identifier changes and a project pipeline is re-run, ingestion of the new report will "orphan" the previous DB record. Because our processing logic relies on generating a delta of two different vulnerabilities, it can end up looking rather confusing. For example: -[!Screenshot of primary identifier mismatch in MR widget](img/primary_identifier_changed_v15_6.png) + After being [merged](../integrations/secure.md#tracking-and-merging-vulnerabilities), the previous vulnerability is listed as "remediated" and the introduced as ["detected"](../../user/application_security/vulnerabilities/index.md#vulnerability-status-values). diff --git a/doc/operations/incident_management/incident_timeline_events.md b/doc/operations/incident_management/incident_timeline_events.md index d23797c6d1d..7913e4668eb 100644 --- a/doc/operations/incident_management/incident_timeline_events.md +++ b/doc/operations/incident_management/incident_timeline_events.md @@ -112,9 +112,10 @@ Alternatively: > - [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/8741) in GitLab 15.9 [with a flag](../../administration/feature_flags.md) named `incident_event_tags`. Disabled by default. > - [Enabled on GitLab.com](https://gitlab.com/gitlab-org/gitlab/-/issues/387647) in GitLab 15.9. +> - [Enabled on self-managed](https://gitlab.com/gitlab-org/gitlab/-/issues/387647) in GitLab 15.10. FLAG: -On self-managed GitLab, by default this feature is not available. To make it available, ask an administrator to [enable the feature flag](../../administration/feature_flags.md) named `incident_event_tags`. +On self-managed GitLab, by default this feature is available. To hide the feature, ask an administrator to [disable the feature flag](../../administration/feature_flags.md) named `incident_event_tags`. On GitLab.com, this feature is available. [When creating an event using the form](#using-the-form) or editing it, diff --git a/doc/security/reset_user_password.md b/doc/security/reset_user_password.md index 38c52912d5c..f8ba3953379 100644 --- a/doc/security/reset_user_password.md +++ b/doc/security/reset_user_password.md @@ -96,7 +96,7 @@ If you know the username, user ID, or email address, you can use the Rails conso user.password = new_password user.password_confirmation = new_password ``` - + To set a specific value for the new password: ```ruby @@ -113,9 +113,9 @@ If you know the username, user ID, or email address, you can use the Rails conso 1. Save the changes: - ```ruby - user.save! - ``` + ```ruby + user.save! + ``` 1. Exit the console: @@ -145,10 +145,10 @@ attempt to fix this issue in a Rails console. For example, if a new `root` passw 1. Start a [Rails console](../administration/operations/rails_console.md). 1. Find the user and skip reconfirmation: - ```ruby - user = User.find(1) - user.skip_reconfirmation! - ``` + ```ruby + user = User.find(1) + user.skip_reconfirmation! + ``` 1. Attempt to sign in again. diff --git a/doc/topics/autodevops/upgrading_postgresql.md b/doc/topics/autodevops/upgrading_postgresql.md index f18d5c49be5..daf1d5341d3 100644 --- a/doc/topics/autodevops/upgrading_postgresql.md +++ b/doc/topics/autodevops/upgrading_postgresql.md @@ -49,12 +49,12 @@ being modified after the database dump is created. 1. Get the Kubernetes namespace for the environment. It typically looks like `<project-name>-<project-id>-<environment>`. In our example, the namespace is called `minimal-ruby-app-4349298-production`. - ```shell - $ kubectl get ns + ```shell + $ kubectl get ns - NAME STATUS AGE - minimal-ruby-app-4349298-production Active 7d14h - ``` + NAME STATUS AGE + minimal-ruby-app-4349298-production Active 7d14h + ``` 1. For ease of use, export the namespace name: @@ -64,20 +64,20 @@ being modified after the database dump is created. 1. Get the deployment name for your application with the following command. In our example, the deployment name is `production`. - ```shell - $ kubectl get deployment --namespace "$APP_NAMESPACE" - NAME READY UP-TO-DATE AVAILABLE AGE - production 2/2 2 2 7d21h - production-postgres 1/1 1 1 7d21h - ``` + ```shell + $ kubectl get deployment --namespace "$APP_NAMESPACE" + NAME READY UP-TO-DATE AVAILABLE AGE + production 2/2 2 2 7d21h + production-postgres 1/1 1 1 7d21h + ``` 1. To prevent the database from being modified, set replicas to 0 for the deployment with the following command. We use the deployment name from the previous step (`deployments/<DEPLOYMENT_NAME>`). - ```shell - $ kubectl scale --replicas=0 deployments/production --namespace "$APP_NAMESPACE" - deployment.extensions/production scaled - ``` + ```shell + $ kubectl scale --replicas=0 deployments/production --namespace "$APP_NAMESPACE" + deployment.extensions/production scaled + ``` 1. You must also set replicas to zero for workers if you have any. @@ -85,26 +85,26 @@ being modified after the database dump is created. 1. Get the service name for PostgreSQL. The name of the service should end with `-postgres`. In our example the service name is `production-postgres`. - ```shell - $ kubectl get svc --namespace "$APP_NAMESPACE" - NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE - production-auto-deploy ClusterIP 10.30.13.90 <none> 5000/TCP 7d14h - production-postgres ClusterIP 10.30.4.57 <none> 5432/TCP 7d14h - ``` + ```shell + $ kubectl get svc --namespace "$APP_NAMESPACE" + NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE + production-auto-deploy ClusterIP 10.30.13.90 <none> 5000/TCP 7d14h + production-postgres ClusterIP 10.30.4.57 <none> 5432/TCP 7d14h + ``` 1. Get the pod name for PostgreSQL with the following command. In our example, the pod name is `production-postgres-5db86568d7-qxlxv`. - ```shell - $ kubectl get pod --namespace "$APP_NAMESPACE" -l app=production-postgres - NAME READY STATUS RESTARTS AGE - production-postgres-5db86568d7-qxlxv 1/1 Running 0 7d14h - ``` + ```shell + $ kubectl get pod --namespace "$APP_NAMESPACE" -l app=production-postgres + NAME READY STATUS RESTARTS AGE + production-postgres-5db86568d7-qxlxv 1/1 Running 0 7d14h + ``` 1. Connect to the pod with: - ```shell - kubectl exec -it production-postgres-5db86568d7-qxlxv --namespace "$APP_NAMESPACE" -- bash - ``` + ```shell + kubectl exec -it production-postgres-5db86568d7-qxlxv --namespace "$APP_NAMESPACE" -- bash + ``` 1. Once, connected, create a dump file with the following command. @@ -114,20 +114,20 @@ being modified after the database dump is created. - When prompted for the database password, the default is `testing-password`. - ```shell - ## Format is: - # pg_dump -h SERVICE_NAME -U USERNAME DATABASE_NAME > /tmp/backup.sql + ```shell + ## Format is: + # pg_dump -h SERVICE_NAME -U USERNAME DATABASE_NAME > /tmp/backup.sql - pg_dump -h production-postgres -U user production > /tmp/backup.sql - ``` + pg_dump -h production-postgres -U user production > /tmp/backup.sql + ``` 1. Once the backup dump is complete, exit the Kubernetes exec process with `Control-D` or `exit`. 1. Download the dump file with the following command: - ```shell - kubectl cp --namespace "$APP_NAMESPACE" production-postgres-5db86568d7-qxlxv:/tmp/backup.sql backup.sql - ``` + ```shell + kubectl cp --namespace "$APP_NAMESPACE" production-postgres-5db86568d7-qxlxv:/tmp/backup.sql backup.sql + ``` ## Retain persistent volumes @@ -184,8 +184,7 @@ You can also 1. Set `AUTO_DEVOPS_POSTGRES_DELETE_V1` to a non-empty value. This flag is a safeguard to prevent accidental deletion of databases. <!-- DO NOT REPLACE when upgrading GitLab's supported version. This is NOT related to GitLab's PostgreSQL version support, but the one deployed by Auto DevOps. --> -1. If you have a `POSTGRES_VERSION` set, make sure it is set to `9.6.16` *or -higher*. This is the +1. If you have a `POSTGRES_VERSION` set, make sure it is set to `9.6.16` *or higher*. This is the minimum PostgreSQL version supported by Auto DevOps. See also the list of [tags available](https://hub.docker.com/r/bitnami/postgresql/tags). 1. Set `PRODUCTION_REPLICAS` to `0`. For other environments, use @@ -205,11 +204,11 @@ higher*. This is the 1. Get the pod name for the new PostgreSQL, in our example, the pod name is `production-postgresql-0`: - ```shell - $ kubectl get pod --namespace "$APP_NAMESPACE" -l app=postgresql - NAME READY STATUS RESTARTS AGE - production-postgresql-0 1/1 Running 0 19m - ```` + ```shell + $ kubectl get pod --namespace "$APP_NAMESPACE" -l app=postgresql + NAME READY STATUS RESTARTS AGE + production-postgresql-0 1/1 Running 0 19m + ```` 1. Copy the dump file from the backup steps to the pod: diff --git a/doc/update/index.md b/doc/update/index.md index 48ec98e5370..bfaffc2d193 100644 --- a/doc/update/index.md +++ b/doc/update/index.md @@ -819,13 +819,13 @@ A [license caching issue](https://gitlab.com/gitlab-org/gitlab/-/issues/376706) [background migration `PopulateTopicsNonPrivateProjectsCount`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/79140) that may remain stuck permanently in a **pending** state. - To clean up this stuck job, run the following in the [GitLab Rails Console](../administration/operations/rails_console.md): + To clean up this stuck job, run the following in the [GitLab Rails Console](../administration/operations/rails_console.md): - ```ruby - Gitlab::Database::BackgroundMigrationJob.pending.where(class_name: "PopulateTopicsNonPrivateProjectsCount").find_each do |job| - puts Gitlab::Database::BackgroundMigrationJob.mark_all_as_succeeded("PopulateTopicsNonPrivateProjectsCount", job.arguments) - end - ``` + ```ruby + Gitlab::Database::BackgroundMigrationJob.pending.where(class_name: "PopulateTopicsNonPrivateProjectsCount").find_each do |job| + puts Gitlab::Database::BackgroundMigrationJob.mark_all_as_succeeded("PopulateTopicsNonPrivateProjectsCount", job.arguments) + end + ``` - If upgrading from a version earlier than 14.3.0, to avoid [an issue with job retries](https://gitlab.com/gitlab-org/gitlab/-/issues/357822), first upgrade @@ -898,11 +898,11 @@ or [init scripts](upgrading_from_source.md#configure-sysv-init-script) by [follo To clean up this stuck job, run the following in the [GitLab Rails Console](../administration/operations/rails_console.md): - ```ruby - Gitlab::Database::BackgroundMigrationJob.pending.where(class_name: "UpdateVulnerabilityOccurrencesLocation").find_each do |job| - puts Gitlab::Database::BackgroundMigrationJob.mark_all_as_succeeded("UpdateVulnerabilityOccurrencesLocation", job.arguments) - end - ``` + ```ruby + Gitlab::Database::BackgroundMigrationJob.pending.where(class_name: "UpdateVulnerabilityOccurrencesLocation").find_each do |job| + puts Gitlab::Database::BackgroundMigrationJob.mark_all_as_succeeded("UpdateVulnerabilityOccurrencesLocation", job.arguments) + end + ``` - Upgrading to 14.5 (or later) [might encounter a one hour timeout](https://gitlab.com/gitlab-org/gitlab/-/issues/354211) owing to a long running database data change. @@ -943,13 +943,13 @@ or [init scripts](upgrading_from_source.md#configure-sysv-init-script) by [follo [background migration `PopulateTopicsTotalProjectsCountCache`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/71033) that may remain stuck permanently in a **pending** state when the instance lacks records that match the migration's target. - To clean up this stuck job, run the following in the [GitLab Rails Console](../administration/operations/rails_console.md): + To clean up this stuck job, run the following in the [GitLab Rails Console](../administration/operations/rails_console.md): - ```ruby - Gitlab::Database::BackgroundMigrationJob.pending.where(class_name: "PopulateTopicsTotalProjectsCountCache").find_each do |job| - puts Gitlab::Database::BackgroundMigrationJob.mark_all_as_succeeded("PopulateTopicsTotalProjectsCountCache", job.arguments) - end - ``` + ```ruby + Gitlab::Database::BackgroundMigrationJob.pending.where(class_name: "PopulateTopicsTotalProjectsCountCache").find_each do |job| + puts Gitlab::Database::BackgroundMigrationJob.mark_all_as_succeeded("PopulateTopicsTotalProjectsCountCache", job.arguments) + end + ``` ### 14.3.0 diff --git a/doc/user/admin_area/reporting/spamcheck.md b/doc/user/admin_area/reporting/spamcheck.md index 5c305eff4fa..16c144d2469 100644 --- a/doc/user/admin_area/reporting/spamcheck.md +++ b/doc/user/admin_area/reporting/spamcheck.md @@ -21,15 +21,15 @@ Spamcheck is only available for package-based installations: 1. Edit `/etc/gitlab/gitlab.rb` and enable Spamcheck: - ```ruby - spamcheck['enable'] = true - ``` + ```ruby + spamcheck['enable'] = true + ``` 1. Reconfigure GitLab: - ```shell - sudo gitlab-ctl reconfigure - ``` + ```shell + sudo gitlab-ctl reconfigure + ``` 1. Verify that the new services `spamcheck` and `spam-classifier` are up and running: diff --git a/doc/user/application_security/api_fuzzing/index.md b/doc/user/application_security/api_fuzzing/index.md index e52d1755956..5ed78a1995f 100644 --- a/doc/user/application_security/api_fuzzing/index.md +++ b/doc/user/application_security/api_fuzzing/index.md @@ -330,6 +330,8 @@ This example is a minimal configuration for API Fuzzing. From here you can: #### API Fuzzing with a GraphQL Schema file +API Fuzzing can use a GraphQL schema file to understand and test a GraphQL endpoint that has introspection disabled. To use a GraphQL schema file, it must be in the introspection JSON format. A GraphQL schema can be converted to a the introspection JSON format using an online 3rd party tool: [https://transform.tools/graphql-to-introspection-json](https://transform.tools/graphql-to-introspection-json). + To configure API Fuzzing to use a GraphQl schema file that provides information about the target API to test: 1. [Include](../../../ci/yaml/index.md#includetemplate) diff --git a/doc/user/application_security/api_security/api_discovery/index.md b/doc/user/application_security/api_security/api_discovery/index.md index 6e475311663..a74dc8dbd4d 100644 --- a/doc/user/application_security/api_security/api_discovery/index.md +++ b/doc/user/application_security/api_security/api_discovery/index.md @@ -48,77 +48,77 @@ When running in this method, you provide a container image that has the required 1. In a job in the `build` stage, build your application and configure the resulting Spring Boot executable JAR as a job artifact. 1. Include the API Discovery template in your `.gitlab-ci.yml` file. - ```yaml - include: - - template: API-Discovery.gitlab-ci.yml - ``` + ```yaml + include: + - template: API-Discovery.gitlab-ci.yml + ``` - Only a single `include` statement is allowed per `.gitlab-ci.yml` file. If you are including other files, combine them into a single `include` statement. + Only a single `include` statement is allowed per `.gitlab-ci.yml` file. If you are including other files, combine them into a single `include` statement. - ```yaml - include: - - template: API-Discovery.gitlab-ci.yml - - template: DAST-API.gitlab-ci.yml - ``` + ```yaml + include: + - template: API-Discovery.gitlab-ci.yml + - template: DAST-API.gitlab-ci.yml + ``` 1. Create a new job that extends from `.api_discovery_java_spring_boot`. The default stage is `test` which can be optionally changed to any value. - ```yaml - api_discovery: - extends: .api_discovery_java_spring_boot - ``` + ```yaml + api_discovery: + extends: .api_discovery_java_spring_boot + ``` 1. Configure the `image` for the job. - ```yaml - api_discovery: - extends: .api_discovery_java_spring_boot - image: openjdk:11-jre-slim - ``` + ```yaml + api_discovery: + extends: .api_discovery_java_spring_boot + image: openjdk:11-jre-slim + ``` 1. Provide the Java classpath needed by your application. This includes your compatible build artifact from step 2, along with any additional dependencies. For this example, the build artifact is `build/libs/spring-boot-app-0.0.0.jar` and contains all needed dependencies. The variable `API_DISCOVERY_JAVA_CLASSPATH` is used to provide the classpath. - ```yaml - api_discovery: - extends: .api_discovery_java_spring_boot - image: openjdk:11-jre-slim - variables: - API_DISCOVERY_JAVA_CLASSPATH: build/libs/spring-boot-app-0.0.0.jar - ``` + ```yaml + api_discovery: + extends: .api_discovery_java_spring_boot + image: openjdk:11-jre-slim + variables: + API_DISCOVERY_JAVA_CLASSPATH: build/libs/spring-boot-app-0.0.0.jar + ``` 1. [Optional] If the image provided is missing a dependency needed by API Discovery, it can be added using a `before_script`. In this example, the `openjdk:11-jre-slim` container doesn't include `curl` which is required by API Discovery. The dependency can be installed using the Debian package manager `apt` as shown below. - ```yaml - api_discovery: - extends: .api_discovery_java_spring_boot - image: openjdk:11-jre-slim - variables: - API_DISCOVERY_JAVA_CLASSPATH: build/libs/spring-boot-app-0.0.0.jar - before_script: - - apt-get update && apt-get install -y curl - ``` + ```yaml + api_discovery: + extends: .api_discovery_java_spring_boot + image: openjdk:11-jre-slim + variables: + API_DISCOVERY_JAVA_CLASSPATH: build/libs/spring-boot-app-0.0.0.jar + before_script: + - apt-get update && apt-get install -y curl + ``` 1. [Optional] If the image provided doesn't automatically set the `JAVA_HOME` environment variable, or include `java` in the path, the `API_DISCOVERY_JAVA_HOME` variable can be used. - ```yaml - api_discovery: - extends: .api_discovery_java_spring_boot - image: openjdk:11-jre-slim - variables: - API_DISCOVERY_JAVA_CLASSPATH: build/libs/spring-boot-app-0.0.0.jar - API_DISCOVERY_JAVA_HOME: /opt/java - ``` + ```yaml + api_discovery: + extends: .api_discovery_java_spring_boot + image: openjdk:11-jre-slim + variables: + API_DISCOVERY_JAVA_CLASSPATH: build/libs/spring-boot-app-0.0.0.jar + API_DISCOVERY_JAVA_HOME: /opt/java + ``` 1. [Optional] If the package registry at `API_DISCOVERY_PACKAGES` is not public, provide a token that has read access to the GitLab API and registry using the `API_DISCOVERY_PACKAGE_TOKEN` variable. This is not required if you are using `gitlab.com` and have not customized the `API_DISCOVERY_PACKAGES` variable. This example uses a [custom CI/CD variable](../../../../ci/variables/index.md#define-a-cicd-variable-in-the-ui) named `GITLAB_READ_TOKEN` to store the token. - ```yaml - api_discovery: - extends: .api_discovery_java_spring_boot - image: openjdk:8-jre-alpine - variables: - API_DISCOVERY_JAVA_CLASSPATH: build/libs/spring-boot-app-0.0.0.jar - API_DISCOVERY_PACKAGE_TOKEN: $GITLAB_READ_TOKEN - ``` + ```yaml + api_discovery: + extends: .api_discovery_java_spring_boot + image: openjdk:8-jre-alpine + variables: + API_DISCOVERY_JAVA_CLASSPATH: build/libs/spring-boot-app-0.0.0.jar + API_DISCOVERY_PACKAGE_TOKEN: $GITLAB_READ_TOKEN + ``` #### Image requirements diff --git a/doc/user/application_security/dast_api/index.md b/doc/user/application_security/dast_api/index.md index ff2a5b3a069..96c0b76dbec 100644 --- a/doc/user/application_security/dast_api/index.md +++ b/doc/user/application_security/dast_api/index.md @@ -264,6 +264,8 @@ This example is a minimal configuration for DAST API. From here you can: #### DAST API scanning with a GraphQL Schema file +DAST API can use a GraphQL schema file to understand and test a GraphQL endpoint that has introspection disabled. To use a GraphQL schema file, it must be in the introspection JSON format. A GraphQL schema can be converted to a the introspection JSON format using an online 3rd party tool: [https://transform.tools/graphql-to-introspection-json](https://transform.tools/graphql-to-introspection-json). + To configure DAST API to use a GraphQL schema file that provides information about the target API to test: 1. [Include](../../../ci/yaml/index.md#includetemplate) diff --git a/doc/user/application_security/secret_detection/index.md b/doc/user/application_security/secret_detection/index.md index bb4fa7f914c..f1a42989769 100644 --- a/doc/user/application_security/secret_detection/index.md +++ b/doc/user/application_security/secret_detection/index.md @@ -414,18 +414,16 @@ In the following example `secret-detection-ruleset.toml` file, rules are matched ### Synthesize a custom configuration -To create a custom configuration, you can use passthrough chains. Passthroughs can also be chained -to build more complex configurations. For more details, see -[SAST Customize ruleset](../sast/customize_rulesets.md). +You can use passthroughs to override the default Secret Detection ruleset. The +following passthrough types are supported by the `secrets` analyzer: -Only the following passthrough types are supported by the `secrets` analyzer: - -- `file` - `raw` +- `file` -In the `secret-detection-ruleset.toml` file, do one of the following: +To define a passthrough, add _one_ of the following to the +`secret-detection-ruleset.toml` file: -- Define a custom ruleset, for example: +- Using an inline (`raw`) value: ```toml [secrets] @@ -443,7 +441,7 @@ In the `secret-detection-ruleset.toml` file, do one of the following: """ ``` -- Provide the name of the file containing a custom ruleset, for example: +- Using an external `file` committed to the current repository: ```toml [secrets] @@ -455,6 +453,10 @@ In the `secret-detection-ruleset.toml` file, do one of the following: value = "config/gitleaks.toml" ``` +For more information on the syntax of passthroughs, see the +[passthroughs section on the SAST customize rulesets](../sast/customize_rulesets.md#the-analyzerpassthrough-section) +page. + ## Running Secret Detection in an offline environment **(PREMIUM SELF)** An offline environment has limited, restricted, or intermittent access to external resources through diff --git a/doc/user/clusters/agent/gitops/secrets_management.md b/doc/user/clusters/agent/gitops/secrets_management.md index dc1cbe3009d..8a47dcfaf72 100644 --- a/doc/user/clusters/agent/gitops/secrets_management.md +++ b/doc/user/clusters/agent/gitops/secrets_management.md @@ -50,9 +50,9 @@ To deploy containers from the GitLab Container Registry, you must configure the 1. Generate a GitLab token with at least `read-registry` rights. The token can be either a Personal or a Project Access Token. 1. Create a Kubernetes secret manifest YAML file. Update the values as needed: - ```shell - kubectl create secret docker-registry gitlab-credentials --docker-server=registry.gitlab.example.com --docker-username=<gitlab-username> --docker-password=<gitlab-token> --docker-email=<gitlab-user-email> -n <namespace> --dry-run=client -o yaml > gitlab-credentials.yaml - ``` + ```shell + kubectl create secret docker-registry gitlab-credentials --docker-server=registry.gitlab.example.com --docker-username=<gitlab-username> --docker-password=<gitlab-token> --docker-email=<gitlab-user-email> -n <namespace> --dry-run=client -o yaml > gitlab-credentials.yaml + ``` 1. Encrypt the secret into a `SealedSecret` manifest: diff --git a/doc/user/infrastructure/clusters/connect/new_civo_cluster.md b/doc/user/infrastructure/clusters/connect/new_civo_cluster.md index df785cce406..569f876f36c 100644 --- a/doc/user/infrastructure/clusters/connect/new_civo_cluster.md +++ b/doc/user/infrastructure/clusters/connect/new_civo_cluster.md @@ -117,18 +117,18 @@ To remove all resources: 1. Add the following to your `.gitlab-ci.yml` file: - ```yaml - stages: - - init - - validate - - build - - deploy - - cleanup - - destroy: - extends: .destroy - needs: [] - ``` + ```yaml + stages: + - init + - validate + - build + - deploy + - cleanup + + destroy: + extends: .destroy + needs: [] + ``` 1. On the left sidebar, select **CI/CD > Pipelines** and select the most recent pipeline. 1. For the `destroy` job, select **Play** (**{play}**). diff --git a/doc/user/infrastructure/clusters/connect/new_eks_cluster.md b/doc/user/infrastructure/clusters/connect/new_eks_cluster.md index cefa8885bfe..befd793c949 100644 --- a/doc/user/infrastructure/clusters/connect/new_eks_cluster.md +++ b/doc/user/infrastructure/clusters/connect/new_eks_cluster.md @@ -67,42 +67,42 @@ Set up your AWS credentials when you want to authenticate AWS with GitLab. 1. Create an [IAM User](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_users.html) or [IAM Role](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles.html). 1. Make sure that your IAM user or role has the appropriate permissions for your project. For this example project, you must have the permissions shown below. You can expand this when you set up your own project. - ```json - // IAM custom Policy definition - { - "Version": "2012-10-17", - "Statement": [ - { - "Sid": "VisualEditor0", - "Effect": "Allow", - "Action": [ - "ec2:*", - "eks:*", - "elasticloadbalancing:*", - "autoscaling:*", - "cloudwatch:*", - "logs:*", - "kms:DescribeKey", - "iam:AddRoleToInstanceProfile", - "iam:AttachRolePolicy", - "iam:CreateInstanceProfile", - "iam:CreateRole", - "iam:CreateServiceLinkedRole", - "iam:GetRole", - "iam:ListAttachedRolePolicies", - "iam:ListRolePolicies", - "iam:ListRoles", - "iam:PassRole", - // required for destroy step - "iam:DetachRolePolicy", - "iam:ListInstanceProfilesForRole", - "iam:DeleteRole" - ], - "Resource": "*" - } - ] - } - ``` + ```json + // IAM custom Policy definition + { + "Version": "2012-10-17", + "Statement": [ + { + "Sid": "VisualEditor0", + "Effect": "Allow", + "Action": [ + "ec2:*", + "eks:*", + "elasticloadbalancing:*", + "autoscaling:*", + "cloudwatch:*", + "logs:*", + "kms:DescribeKey", + "iam:AddRoleToInstanceProfile", + "iam:AttachRolePolicy", + "iam:CreateInstanceProfile", + "iam:CreateRole", + "iam:CreateServiceLinkedRole", + "iam:GetRole", + "iam:ListAttachedRolePolicies", + "iam:ListRolePolicies", + "iam:ListRoles", + "iam:PassRole", + // required for destroy step + "iam:DetachRolePolicy", + "iam:ListInstanceProfilesForRole", + "iam:DeleteRole" + ], + "Resource": "*" + } + ] + } + ``` 1. [Create an access key for the user or role](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_access-keys.html). 1. Save your access key and secret. You need these to authenticate AWS with GitLab. @@ -165,19 +165,19 @@ To remove all resources: 1. Add the following to your `.gitlab-ci.yml` file: - ```yaml - stages: - - init - - validate - - test - - build - - deploy - - cleanup - - destroy: - extends: .terraform:destroy - needs: [] - ``` + ```yaml + stages: + - init + - validate + - test + - build + - deploy + - cleanup + + destroy: + extends: .terraform:destroy + needs: [] + ``` 1. On the left sidebar, select **CI/CD > Pipelines** and select the most recent pipeline. 1. For the `destroy` job, select **Play** (**{play}**). diff --git a/doc/user/infrastructure/clusters/connect/new_gke_cluster.md b/doc/user/infrastructure/clusters/connect/new_gke_cluster.md index 7e6a0495d90..ecfd086d254 100644 --- a/doc/user/infrastructure/clusters/connect/new_gke_cluster.md +++ b/doc/user/infrastructure/clusters/connect/new_gke_cluster.md @@ -143,19 +143,19 @@ To remove all resources: 1. Add the following to your `.gitlab-ci.yml` file: - ```yaml - stages: - - init - - validate - - build - - test - - deploy - - cleanup - - destroy: - extends: .terraform:destroy - needs: [] - ``` + ```yaml + stages: + - init + - validate + - build + - test + - deploy + - cleanup + + destroy: + extends: .terraform:destroy + needs: [] + ``` 1. On the left sidebar, select **CI/CD > Pipelines** and select the most recent pipeline. 1. For the `destroy` job, select **Play** (**{play}**). diff --git a/doc/user/packages/debian_repository/index.md b/doc/user/packages/debian_repository/index.md index 7ec20e3d036..3e04e105c39 100644 --- a/doc/user/packages/debian_repository/index.md +++ b/doc/user/packages/debian_repository/index.md @@ -176,39 +176,39 @@ To install a package: 1. Configure the repository: - If you are using a private project, add your [credentials](#authenticate-to-the-debian-package-repositories) to your apt configuration: - - ```shell - echo 'machine gitlab.example.com login <username> password <password>' \ - | sudo tee /etc/apt/auth.conf.d/gitlab_project.conf - ``` - - Download your distribution key using your [credentials](#authenticate-to-the-debian-distributions-apis): - - ```shell - sudo mkdir -p /usr/local/share/keyrings - curl --header "PRIVATE-TOKEN: <your_access_token>" \ - "https://gitlab.example.com/api/v4/projects/<project_id>/debian_distributions/<codename>/key.asc" \ - | \ - gpg --dearmor \ - | \ - sudo tee /usr/local/share/keyrings/<codename>-archive-keyring.gpg \ - > /dev/null - ``` - - Add your project as a source: - - ```shell - echo 'deb [ signed-by=/usr/local/share/keyrings/<codename>-archive-keyring.gpg ] https://gitlab.example.com/api/v4/projects/<project_id>/packages/debian <codename> <component1> <component2>' \ - | sudo tee /etc/apt/sources.list.d/gitlab_project.list - sudo apt-get update - ``` + If you are using a private project, add your [credentials](#authenticate-to-the-debian-package-repositories) to your apt configuration: + + ```shell + echo 'machine gitlab.example.com login <username> password <password>' \ + | sudo tee /etc/apt/auth.conf.d/gitlab_project.conf + ``` + + Download your distribution key using your [credentials](#authenticate-to-the-debian-distributions-apis): + + ```shell + sudo mkdir -p /usr/local/share/keyrings + curl --header "PRIVATE-TOKEN: <your_access_token>" \ + "https://gitlab.example.com/api/v4/projects/<project_id>/debian_distributions/<codename>/key.asc" \ + | \ + gpg --dearmor \ + | \ + sudo tee /usr/local/share/keyrings/<codename>-archive-keyring.gpg \ + > /dev/null + ``` + + Add your project as a source: + + ```shell + echo 'deb [ signed-by=/usr/local/share/keyrings/<codename>-archive-keyring.gpg ] https://gitlab.example.com/api/v4/projects/<project_id>/packages/debian <codename> <component1> <component2>' \ + | sudo tee /etc/apt/sources.list.d/gitlab_project.list + sudo apt-get update + ``` 1. Install the package: - ```shell - sudo apt-get -y install -t <codename> <package-name> - ``` + ```shell + sudo apt-get -y install -t <codename> <package-name> + ``` ## Download a source package @@ -216,36 +216,36 @@ To download a source package: 1. Configure the repository: - If you are using a private project, add your [credentials](#authenticate-to-the-debian-package-repositories) to your apt configuration: + If you are using a private project, add your [credentials](#authenticate-to-the-debian-package-repositories) to your apt configuration: - ```shell - echo 'machine gitlab.example.com login <username> password <password>' \ - | sudo tee /etc/apt/auth.conf.d/gitlab_project.conf - ``` + ```shell + echo 'machine gitlab.example.com login <username> password <password>' \ + | sudo tee /etc/apt/auth.conf.d/gitlab_project.conf + ``` - Download your distribution key using your [credentials](#authenticate-to-the-debian-distributions-apis): + Download your distribution key using your [credentials](#authenticate-to-the-debian-distributions-apis): - ```shell - sudo mkdir -p /usr/local/share/keyrings - curl --header "PRIVATE-TOKEN: <your_access_token>" \ - "https://gitlab.example.com/api/v4/projects/<project_id>/debian_distributions/<codename>/key.asc" \ - | \ - gpg --dearmor \ - | \ - sudo tee /usr/local/share/keyrings/<codename>-archive-keyring.gpg \ - > /dev/null - ``` + ```shell + sudo mkdir -p /usr/local/share/keyrings + curl --header "PRIVATE-TOKEN: <your_access_token>" \ + "https://gitlab.example.com/api/v4/projects/<project_id>/debian_distributions/<codename>/key.asc" \ + | \ + gpg --dearmor \ + | \ + sudo tee /usr/local/share/keyrings/<codename>-archive-keyring.gpg \ + > /dev/null + ``` - Add your project as a source: + Add your project as a source: - ```shell - echo 'deb-src [ signed-by=/usr/local/share/keyrings/<codename>-archive-keyring.gpg ] https://gitlab.example.com/api/v4/projects/<project_id>/packages/debian <codename> <component1> <component2>' \ - | sudo tee /etc/apt/sources.list.d/gitlab_project-sources.list - sudo apt-get update - ``` + ```shell + echo 'deb-src [ signed-by=/usr/local/share/keyrings/<codename>-archive-keyring.gpg ] https://gitlab.example.com/api/v4/projects/<project_id>/packages/debian <codename> <component1> <component2>' \ + | sudo tee /etc/apt/sources.list.d/gitlab_project-sources.list + sudo apt-get update + ``` 1. Download the source package: - ```shell - sudo apt-get source -t <codename> <package-name> - ``` + ```shell + sudo apt-get source -t <codename> <package-name> + ``` diff --git a/doc/user/permissions.md b/doc/user/permissions.md index aa292ca18a3..a18e72539ea 100644 --- a/doc/user/permissions.md +++ b/doc/user/permissions.md @@ -495,9 +495,9 @@ the Owner role: 1. Associates the group member with the Guest+1 role using the [Group and Project Members API endpoint](../api/members.md#edit-a-member-of-a-group-or-project) - ```shell - curl --request PUT --header "Content-Type: application/json" --header "Authorization: Bearer $YOUR_ACCESS_TOKEN" --data '{"member_role_id": '$MEMBER_ROLE_ID', "access_level": 10}' "https://example.gitlab.com/api/v4/groups/$GROUP_PATH/members/$GUEST_USER_ID" - ``` + ```shell + curl --request PUT --header "Content-Type: application/json" --header "Authorization: Bearer $YOUR_ACCESS_TOKEN" --data '{"member_role_id": '$MEMBER_ROLE_ID', "access_level": 10}' "https://example.gitlab.com/api/v4/groups/$GROUP_PATH/members/$GUEST_USER_ID" + ``` Where: - `$MEMBER_ROLE_ID`: The `ID` of the member role created in the previous section. diff --git a/doc/user/project/settings/import_export_troubleshooting.md b/doc/user/project/settings/import_export_troubleshooting.md index 00edeef5cfa..82412a1dcbf 100644 --- a/doc/user/project/settings/import_export_troubleshooting.md +++ b/doc/user/project/settings/import_export_troubleshooting.md @@ -48,41 +48,41 @@ reduce the repository size for another import attempt: 1. Create a temporary working directory from the export: - ```shell - EXPORT=<filename-without-extension> + ```shell + EXPORT=<filename-without-extension> - mkdir "$EXPORT" - tar -xf "$EXPORT".tar.gz --directory="$EXPORT"/ - cd "$EXPORT"/ - git clone project.bundle + mkdir "$EXPORT" + tar -xf "$EXPORT".tar.gz --directory="$EXPORT"/ + cd "$EXPORT"/ + git clone project.bundle - # Prevent interference with recreating an importable file later - mv project.bundle ../"$EXPORT"-original.bundle - mv ../"$EXPORT".tar.gz ../"$EXPORT"-original.tar.gz + # Prevent interference with recreating an importable file later + mv project.bundle ../"$EXPORT"-original.bundle + mv ../"$EXPORT".tar.gz ../"$EXPORT"-original.tar.gz - git switch --create smaller-tmp-main - ``` + git switch --create smaller-tmp-main + ``` 1. To reduce the repository size, work on this `smaller-tmp-main` branch: [identify and remove large files](../repository/reducing_the_repo_size_using_git.md) or [interactively rebase and fixup](../../../topics/git/git_rebase.md#interactive-rebase) to reduce the number of commits. - ```shell - # Reduce the .git/objects/pack/ file size - cd project - git reflog expire --expire=now --all - git gc --prune=now --aggressive - - # Prepare recreating an importable file - git bundle create ../project.bundle <default-branch-name> - cd .. - mv project/ ../"$EXPORT"-project - cd .. - - # Recreate an importable file - tar -czf "$EXPORT"-smaller.tar.gz --directory="$EXPORT"/ . - ``` + ```shell + # Reduce the .git/objects/pack/ file size + cd project + git reflog expire --expire=now --all + git gc --prune=now --aggressive + + # Prepare recreating an importable file + git bundle create ../project.bundle <default-branch-name> + cd .. + mv project/ ../"$EXPORT"-project + cd .. + + # Recreate an importable file + tar -czf "$EXPORT"-smaller.tar.gz --directory="$EXPORT"/ . + ``` 1. Import this new, smaller file into GitLab. 1. In a full clone of the original repository, @@ -265,12 +265,12 @@ Marked stuck import jobs as failed. JIDs: xyz | Problem | Possible solutions | | -------- | -------- | | [Slow JSON](https://gitlab.com/gitlab-org/gitlab/-/issues/25251) loading/dumping models from the database | [split the worker](https://gitlab.com/gitlab-org/gitlab/-/issues/25252) | -| | Batch export -| | Optimize SQL -| | Move away from `ActiveRecord` callbacks (difficult) -| High memory usage (see also some [analysis](https://gitlab.com/gitlab-org/gitlab/-/issues/18857) | DB Commit sweet spot that uses less memory | +| | Batch export | +| | Optimize SQL | +| | Move away from `ActiveRecord` callbacks (difficult) | +| High memory usage (see also some [analysis](https://gitlab.com/gitlab-org/gitlab/-/issues/18857)) | DB Commit sweet spot that uses less memory | | | [Netflix Fast JSON API](https://github.com/Netflix/fast_jsonapi) may help | -| | Batch reading/writing to disk and any SQL +| | Batch reading/writing to disk and any SQL | ### Temporary solutions diff --git a/doc/user/project/working_with_projects.md b/doc/user/project/working_with_projects.md index dc005cf88a5..81494ab7a5a 100644 --- a/doc/user/project/working_with_projects.md +++ b/doc/user/project/working_with_projects.md @@ -241,15 +241,15 @@ Configure Git to either: - Embed credentials in the request URL: - ```shell - git config --global url."https://${user}:${personal_access_token}@gitlab.example.com".insteadOf "https://gitlab.example.com" - ``` + ```shell + git config --global url."https://${user}:${personal_access_token}@gitlab.example.com".insteadOf "https://gitlab.example.com" + ``` - Use SSH instead of HTTPS: - ```shell - git config --global url."git@gitlab.example.com:".insteadOf "https://gitlab.example.com/" - ``` + ```shell + git config --global url."git@gitlab.example.com:".insteadOf "https://gitlab.example.com/" + ``` ### Disable Go module fetching for private projects @@ -263,8 +263,8 @@ the [environment variables](../../development/go_guide/dependencies.md#proxies): To disable fetching: 1. Disable `GOPRIVATE`: - - To disable queries for one project, disable `GOPRIVATE=gitlab.example.com/my/private/project`. - - To disable queries for all projects on GitLab.com, disable `GOPRIVATE=gitlab.example.com`. + - To disable queries for one project, disable `GOPRIVATE=gitlab.example.com/my/private/project`. + - To disable queries for all projects on GitLab.com, disable `GOPRIVATE=gitlab.example.com`. 1. Disable proxy queries in `GONOPROXY`. 1. Disable checksum queries in `GONOSUMDB`. @@ -291,8 +291,8 @@ To access the Geo secondary server with SSH: git config --global url."git@gitlab-secondary.example.com".insteadOf "http://gitlab.example.com" ``` - - For `gitlab.example.com`, use the primary site domain name. - - For `gitlab-secondary.example.com`, use the secondary site domain name. + - For `gitlab.example.com`, use the primary site domain name. + - For `gitlab-secondary.example.com`, use the secondary site domain name. 1. Ensure the client is set up for SSH access to GitLab repositories. You can test this on the primary, and GitLab replicates the public key to the secondary. diff --git a/locale/gitlab.pot b/locale/gitlab.pot index fb98636e856..fbb92f4b14e 100644 --- a/locale/gitlab.pot +++ b/locale/gitlab.pot @@ -27698,9 +27698,6 @@ msgstr "" msgid "MlExperimentTracking|User" msgstr "" -msgid "MlExperimentsEmptyState|No Experiments to Show" -msgstr "" - msgid "Modal updated" msgstr "" diff --git a/spec/frontend/boards/components/board_content_spec.js b/spec/frontend/boards/components/board_content_spec.js index 14bf31d9f55..1bc2a41481d 100644 --- a/spec/frontend/boards/components/board_content_spec.js +++ b/spec/frontend/boards/components/board_content_spec.js @@ -4,6 +4,8 @@ import Vue, { nextTick } from 'vue'; import VueApollo from 'vue-apollo'; import Draggable from 'vuedraggable'; import Vuex from 'vuex'; + +import eventHub from '~/boards/eventhub'; import waitForPromises from 'helpers/wait_for_promises'; import createMockApollo from 'helpers/mock_apollo_helper'; import EpicsSwimlanes from 'ee_component/boards/components/epics_swimlanes.vue'; @@ -204,5 +206,14 @@ describe('BoardContent', () => { it('renders BoardContentSidebar', () => { expect(wrapper.findComponent(BoardContentSidebar).exists()).toBe(true); }); + + it('refetches lists when updateBoard event is received', async () => { + jest.spyOn(eventHub, '$on').mockImplementation(() => {}); + + createComponent({ isApolloBoard: true }); + await waitForPromises(); + + expect(eventHub.$on).toHaveBeenCalledWith('updateBoard', wrapper.vm.refetchLists); + }); }); }); diff --git a/spec/frontend/boards/components/board_form_spec.js b/spec/frontend/boards/components/board_form_spec.js index 3302fb2ce43..984d15210fa 100644 --- a/spec/frontend/boards/components/board_form_spec.js +++ b/spec/frontend/boards/components/board_form_spec.js @@ -10,12 +10,14 @@ import { formType } from '~/boards/constants'; import createBoardMutation from '~/boards/graphql/board_create.mutation.graphql'; import destroyBoardMutation from '~/boards/graphql/board_destroy.mutation.graphql'; import updateBoardMutation from '~/boards/graphql/board_update.mutation.graphql'; +import eventHub from '~/boards/eventhub'; import { visitUrl } from '~/lib/utils/url_utility'; jest.mock('~/lib/utils/url_utility', () => ({ ...jest.requireActual('~/lib/utils/url_utility'), visitUrl: jest.fn().mockName('visitUrlMock'), })); +jest.mock('~/boards/eventhub'); Vue.use(Vuex); @@ -207,7 +209,7 @@ describe('BoardForm', () => { }); describe('when Apollo boards FF is on', () => { - it('calls a correct GraphQL mutation and emits addBoard event', async () => { + it('calls a correct GraphQL mutation and emits addBoard event when creating a board', async () => { createComponent( { canAdminBoard: true, currentPage: formType.new }, { isApolloBoard: true }, @@ -328,6 +330,41 @@ describe('BoardForm', () => { expect(setBoardMock).not.toHaveBeenCalled(); expect(setErrorMock).toHaveBeenCalled(); }); + + describe('when Apollo boards FF is on', () => { + it('calls a correct GraphQL mutation and emits updateBoard event when updating a board', async () => { + mutate = jest.fn().mockResolvedValue({ + data: { + updateBoard: { board: { id: 'gid://gitlab/Board/321', webPath: 'test-path' } }, + }, + }); + setWindowLocation('https://test/boards/1'); + + createComponent( + { canAdminBoard: true, currentPage: formType.edit }, + { isApolloBoard: true }, + ); + findInput().trigger('keyup.enter', { metaKey: true }); + + await waitForPromises(); + + expect(mutate).toHaveBeenCalledWith({ + mutation: updateBoardMutation, + variables: { + input: expect.objectContaining({ + id: currentBoard.id, + }), + }, + }); + + await waitForPromises(); + expect(eventHub.$emit).toHaveBeenCalledTimes(1); + expect(eventHub.$emit).toHaveBeenCalledWith('updateBoard', { + id: 'gid://gitlab/Board/321', + webPath: 'test-path', + }); + }); + }); }); describe('when deleting a board', () => { diff --git a/spec/frontend/notebook/index_spec.js b/spec/frontend/notebook/index_spec.js index b79000a3505..3c73d420703 100644 --- a/spec/frontend/notebook/index_spec.js +++ b/spec/frontend/notebook/index_spec.js @@ -1,16 +1,14 @@ import { mount } from '@vue/test-utils'; -import Vue, { nextTick } from 'vue'; +import { nextTick } from 'vue'; import json from 'test_fixtures/blob/notebook/basic.json'; import jsonWithWorksheet from 'test_fixtures/blob/notebook/worksheets.json'; import Notebook from '~/notebook/index.vue'; -const Component = Vue.extend(Notebook); - describe('Notebook component', () => { let vm; function buildComponent(notebook) { - return mount(Component, { + return mount(Notebook, { propsData: { notebook }, provide: { relativeRawPath: '' }, }).vm; |