summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAdam Hegyi <ahegyi@gitlab.com>2019-06-19 13:39:52 +0000
committerAdam Hegyi <ahegyi@gitlab.com>2019-06-19 13:39:52 +0000
commite76f12f7e70c5a1d8a30720251ef81a3cacf94d0 (patch)
treeb9fa92446c43784c24cf3293787cfcb38463726b
parent86c08225eb60a909701f9dfc6f767311cc2516c0 (diff)
parent7fa94651f3ac5e9548091eaa59f44c74ebd58473 (diff)
downloadgitlab-ce-e76f12f7e70c5a1d8a30720251ef81a3cacf94d0.tar.gz
Merge branch 'master' into '63406-selecting-a-line-in-ci-job-trace-using-triple-click-selects-the-previous-line-also'63406-selecting-a-line-in-ci-job-trace-using-triple-click-selects-the-previous-line-also
# Conflicts: # spec/lib/gitlab/ci/ansi2html_spec.rb
-rw-r--r--app/controllers/projects/tags_controller.rb3
-rw-r--r--app/models/clusters/applications/knative.rb2
-rw-r--r--app/policies/project_policy.rb1
-rw-r--r--app/services/git/wiki_push_service.rb9
-rw-r--r--app/views/projects/tags/_tag.html.haml8
-rw-r--r--app/views/projects/tags/index.html.haml2
-rw-r--r--app/views/projects/tags/show.html.haml4
-rw-r--r--app/workers/post_receive.rb23
-rw-r--r--changelogs/unreleased/11448-fix-cs-with-k8s-runners.yml5
-rw-r--r--changelogs/unreleased/52954-allow-developers-to-delete-tags.yml5
-rw-r--r--changelogs/unreleased/57918-encrypt-feature-flags-tokens-changelog.yml5
-rw-r--r--changelogs/unreleased/63417-add-missing-class.yml5
-rw-r--r--changelogs/unreleased/knative-0-6.yml5
-rw-r--r--db/migrate/20190607205656_add_wiki_columns_to_index_status.rb12
-rw-r--r--db/schema.rb2
-rw-r--r--doc/development/architecture.md2
-rw-r--r--doc/development/i18n/externalization.md3
-rw-r--r--doc/update/upgrading_from_source.md18
-rw-r--r--doc/user/admin_area/settings/continuous_integration.md6
-rw-r--r--doc/user/admin_area/settings/img/group_pipelines_quota.pngbin7088 -> 21010 bytes
-rw-r--r--doc/user/group/img/group_storage_usage_quota.pngbin0 -> 28896 bytes
-rw-r--r--doc/user/group/index.md8
-rw-r--r--doc/user/permissions.md2
-rw-r--r--doc/user/project/file_lock.md83
-rw-r--r--doc/user/project/img/file_lock.pngbin26973 -> 46281 bytes
-rw-r--r--doc/user/project/img/file_lock_folders.pngbin22900 -> 0 bytes
-rw-r--r--doc/user/project/img/file_lock_list.pngbin18243 -> 0 bytes
-rw-r--r--doc/user/project/img/file_lock_merge_request_error_message.pngbin24573 -> 16254 bytes
-rw-r--r--doc/user/project/img/file_lock_repository_view.pngbin22947 -> 17644 bytes
-rw-r--r--doc/user/project/integrations/mattermost.md4
-rw-r--r--doc/user/project/integrations/mattermost_slash_commands.md3
-rw-r--r--doc/user/project/issues/img/link_zoom_call_in_issue.pngbin0 -> 69554 bytes
-rw-r--r--doc/user/project/issues/issue_data_and_actions.md6
-rw-r--r--lib/api/helpers.rb4
-rw-r--r--lib/api/tags.rb4
-rw-r--r--lib/gitlab/checks/tag_check.rb2
-rw-r--r--lib/gitlab/ci/ansi2html.rb2
-rw-r--r--lib/gitlab/ci/templates/Security/Container-Scanning.gitlab-ci.yml2
-rw-r--r--lib/gitlab/user_access.rb2
-rw-r--r--qa/qa/specs/features/browser_ui/3_create/merge_request/merge_merge_request_from_fork_spec.rb3
-rw-r--r--qa/qa/specs/features/browser_ui/3_create/merge_request/squash_merge_request_spec.rb3
-rw-r--r--qa/qa/specs/features/browser_ui/3_create/repository/add_list_delete_branches_spec.rb3
-rw-r--r--spec/features/tags/developer_creates_tag_spec.rb (renamed from spec/features/tags/master_creates_tag_spec.rb)7
-rw-r--r--spec/features/tags/developer_deletes_tag_spec.rb (renamed from spec/features/tags/master_deletes_tag_spec.rb)7
-rw-r--r--spec/features/tags/developer_updates_tag_spec.rb (renamed from spec/features/tags/master_updates_tag_spec.rb)7
-rw-r--r--spec/features/tags/developer_views_tags_spec.rb (renamed from spec/features/tags/master_views_tags_spec.rb)7
-rw-r--r--spec/lib/gitlab/checks/tag_check_spec.rb5
-rw-r--r--spec/lib/gitlab/ci/ansi2html_spec.rb4
-rw-r--r--spec/lib/gitlab/git_access_spec.rb2
-rw-r--r--spec/models/ci/pipeline_schedule_spec.rb2
-rw-r--r--spec/models/clusters/applications/knative_spec.rb2
-rw-r--r--spec/policies/project_policy_spec.rb2
-rw-r--r--spec/requests/api/tags_spec.rb2
-rw-r--r--spec/support/shared_examples/policies/project_policy_shared_examples.rb1
54 files changed, 198 insertions, 101 deletions
diff --git a/app/controllers/projects/tags_controller.rb b/app/controllers/projects/tags_controller.rb
index a17c050b696..7d9387b1d94 100644
--- a/app/controllers/projects/tags_controller.rb
+++ b/app/controllers/projects/tags_controller.rb
@@ -8,8 +8,7 @@ class Projects::TagsController < Projects::ApplicationController
# Authorize
before_action :require_non_empty_project
before_action :authorize_download_code!
- before_action :authorize_push_code!, only: [:new, :create]
- before_action :authorize_admin_project!, only: [:destroy]
+ before_action :authorize_admin_tag!, only: [:new, :create, :destroy]
# rubocop: disable CodeReuse/ActiveRecord
def index
diff --git a/app/models/clusters/applications/knative.rb b/app/models/clusters/applications/knative.rb
index d5a3bd62e3d..5df4812bd25 100644
--- a/app/models/clusters/applications/knative.rb
+++ b/app/models/clusters/applications/knative.rb
@@ -3,7 +3,7 @@
module Clusters
module Applications
class Knative < ApplicationRecord
- VERSION = '0.5.0'.freeze
+ VERSION = '0.6.0'.freeze
REPOSITORY = 'https://storage.googleapis.com/triggermesh-charts'.freeze
METRICS_CONFIG = 'https://storage.googleapis.com/triggermesh-charts/istio-metrics.yaml'.freeze
FETCH_IP_ADDRESS_DELAY = 30.seconds
diff --git a/app/policies/project_policy.rb b/app/policies/project_policy.rb
index b3e29e775fc..08bfe5d14ee 100644
--- a/app/policies/project_policy.rb
+++ b/app/policies/project_policy.rb
@@ -297,6 +297,7 @@ class ProjectPolicy < BasePolicy
end
rule { (mirror_available & can?(:admin_project)) | admin }.enable :admin_remote_mirror
+ rule { can?(:push_code) }.enable :admin_tag
rule { archived }.policy do
prevent :push_code
diff --git a/app/services/git/wiki_push_service.rb b/app/services/git/wiki_push_service.rb
new file mode 100644
index 00000000000..a053f133016
--- /dev/null
+++ b/app/services/git/wiki_push_service.rb
@@ -0,0 +1,9 @@
+# frozen_string_literal: true
+
+module Git
+ class WikiPushService < ::BaseService
+ def execute
+ # This is used in EE
+ end
+ end
+end
diff --git a/app/views/projects/tags/_tag.html.haml b/app/views/projects/tags/_tag.html.haml
index 8bfface3f5a..b1432917f1d 100644
--- a/app/views/projects/tags/_tag.html.haml
+++ b/app/views/projects/tags/_tag.html.haml
@@ -26,10 +26,8 @@
.row-fixed-content.controls.flex-row
= render 'projects/buttons/download', project: @project, ref: tag.name, pipeline: @tags_pipelines[tag.name]
- - if can?(current_user, :push_code, @project)
+ - if can?(current_user, :admin_tag, @project)
= link_to edit_project_tag_release_path(@project, tag.name), class: 'btn btn-edit has-tooltip', title: s_('TagsPage|Edit release notes'), data: { container: "body" } do
= icon("pencil")
-
- - if can?(current_user, :admin_project, @project)
- = link_to project_tag_path(@project, tag.name), class: "btn btn-remove remove-row has-tooltip prepend-left-10 #{protected_tag?(@project, tag) ? 'disabled' : ''}", title: s_('TagsPage|Delete tag'), method: :delete, data: { confirm: s_('TagsPage|Deleting the %{tag_name} tag cannot be undone. Are you sure?') % { tag_name: tag.name }, container: 'body' }, remote: true do
- = icon("trash-o")
+ = link_to project_tag_path(@project, tag.name), class: "btn btn-remove remove-row has-tooltip prepend-left-10 #{protected_tag?(@project, tag) ? 'disabled' : ''}", title: s_('TagsPage|Delete tag'), method: :delete, data: { confirm: s_('TagsPage|Deleting the %{tag_name} tag cannot be undone. Are you sure?') % { tag_name: tag.name }, container: 'body' }, remote: true do
+ = icon("trash-o")
diff --git a/app/views/projects/tags/index.html.haml b/app/views/projects/tags/index.html.haml
index 2e78b0bff3e..1f0de1e2603 100644
--- a/app/views/projects/tags/index.html.haml
+++ b/app/views/projects/tags/index.html.haml
@@ -24,7 +24,7 @@
- tags_sort_options_hash.each do |value, title|
%li
= link_to title, filter_tags_path(sort: value), class: ("is-active" if @sort == value)
- - if can?(current_user, :push_code, @project)
+ - if can?(current_user, :admin_tag, @project)
= link_to new_project_tag_path(@project), class: 'btn btn-success new-tag-btn' do
= s_('TagsPage|New tag')
= link_to project_tags_path(@project, rss_url_options), title: _("Tags feed"), class: 'btn d-none d-sm-inline-block has-tooltip' do
diff --git a/app/views/projects/tags/show.html.haml b/app/views/projects/tags/show.html.haml
index 59232372150..02f6ef02843 100644
--- a/app/views/projects/tags/show.html.haml
+++ b/app/views/projects/tags/show.html.haml
@@ -19,7 +19,7 @@
= s_("TagsPage|Can't find HEAD commit for this tag")
.nav-controls
- - if can?(current_user, :push_code, @project)
+ - if can?(current_user, :admin_tag, @project)
= link_to edit_project_tag_release_path(@project, @tag.name), class: 'btn btn-edit controls-item has-tooltip', title: s_('TagsPage|Edit release notes') do
= icon("pencil")
= link_to project_tree_path(@project, @tag.name), class: 'btn controls-item has-tooltip', title: s_('TagsPage|Browse files') do
@@ -28,7 +28,7 @@
= icon('history')
.btn-container.controls-item
= render 'projects/buttons/download', project: @project, ref: @tag.name
- - if can?(current_user, :push_code, @project) && can?(current_user, :admin_project, @project)
+ - if can?(current_user, :admin_tag, @project)
.btn-container.controls-item-full
= link_to project_tag_path(@project, @tag.name), class: "btn btn-remove remove-row has-tooltip #{protected_tag?(@project, @tag) ? 'disabled' : ''}", title: s_('TagsPage|Delete tag'), method: :delete, data: { confirm: s_('TagsPage|Deleting the %{tag_name} tag cannot be undone. Are you sure?') % { tag_name: @tag.name } } do
%i.fa.fa-trash-o
diff --git a/app/workers/post_receive.rb b/app/workers/post_receive.rb
index 3f1639ec2ed..dba7837bd12 100644
--- a/app/workers/post_receive.rb
+++ b/app/workers/post_receive.rb
@@ -30,15 +30,17 @@ class PostReceive
private
+ def identify_user(post_received)
+ post_received.identify.tap do |user|
+ log("Triggered hook for non-existing user \"#{post_received.identifier}\"") unless user
+ end
+ end
+
def process_project_changes(post_received)
changes = []
refs = Set.new
- @user = post_received.identify
-
- unless @user
- log("Triggered hook for non-existing user \"#{post_received.identifier}\"")
- return false
- end
+ user = identify_user(post_received)
+ return false unless user
post_received.enum_for(:changes_refs).with_index do |(oldrev, newrev, ref), index|
service_klass =
@@ -51,7 +53,7 @@ class PostReceive
if service_klass
service_klass.new(
post_received.project,
- @user,
+ user,
oldrev: oldrev,
newrev: newrev,
ref: ref,
@@ -64,7 +66,7 @@ class PostReceive
refs << ref
end
- after_project_changes_hooks(post_received, @user, refs.to_a, changes)
+ after_project_changes_hooks(post_received, user, refs.to_a, changes)
end
def after_project_changes_hooks(post_received, user, refs, changes)
@@ -76,6 +78,11 @@ class PostReceive
post_received.project.touch(:last_activity_at, :last_repository_updated_at)
post_received.project.wiki.repository.expire_statistics_caches
ProjectCacheWorker.perform_async(post_received.project.id, [], [:wiki_size])
+
+ user = identify_user(post_received)
+ return false unless user
+
+ ::Git::WikiPushService.new(post_received.project, user, changes: post_received.enum_for(:changes_refs)).execute
end
def log(message)
diff --git a/changelogs/unreleased/11448-fix-cs-with-k8s-runners.yml b/changelogs/unreleased/11448-fix-cs-with-k8s-runners.yml
new file mode 100644
index 00000000000..191e64df4f1
--- /dev/null
+++ b/changelogs/unreleased/11448-fix-cs-with-k8s-runners.yml
@@ -0,0 +1,5 @@
+---
+title: Fix Container Scanning job timeout when using the kubernetes executor
+merge_request: 29706
+author:
+type: fixed
diff --git a/changelogs/unreleased/52954-allow-developers-to-delete-tags.yml b/changelogs/unreleased/52954-allow-developers-to-delete-tags.yml
new file mode 100644
index 00000000000..38c65a67f2a
--- /dev/null
+++ b/changelogs/unreleased/52954-allow-developers-to-delete-tags.yml
@@ -0,0 +1,5 @@
+---
+title: Allow developers to delete tags
+merge_request: 29668
+author:
+type: changed
diff --git a/changelogs/unreleased/57918-encrypt-feature-flags-tokens-changelog.yml b/changelogs/unreleased/57918-encrypt-feature-flags-tokens-changelog.yml
new file mode 100644
index 00000000000..9701c8bc4a5
--- /dev/null
+++ b/changelogs/unreleased/57918-encrypt-feature-flags-tokens-changelog.yml
@@ -0,0 +1,5 @@
+---
+title: Add token_encrypted column to operations_feature_flags_clients table
+merge_request:
+author:
+type: other
diff --git a/changelogs/unreleased/63417-add-missing-class.yml b/changelogs/unreleased/63417-add-missing-class.yml
new file mode 100644
index 00000000000..3030f5c57e4
--- /dev/null
+++ b/changelogs/unreleased/63417-add-missing-class.yml
@@ -0,0 +1,5 @@
+---
+title: Indent collapsible sections
+merge_request: 29804
+author:
+type: other
diff --git a/changelogs/unreleased/knative-0-6.yml b/changelogs/unreleased/knative-0-6.yml
new file mode 100644
index 00000000000..66c5c7f343d
--- /dev/null
+++ b/changelogs/unreleased/knative-0-6.yml
@@ -0,0 +1,5 @@
+---
+title: Knative version bump 0.5 -> 0.6
+merge_request: 28798
+author: Chris Baumbauer
+type: changed
diff --git a/db/migrate/20190607205656_add_wiki_columns_to_index_status.rb b/db/migrate/20190607205656_add_wiki_columns_to_index_status.rb
new file mode 100644
index 00000000000..0910d425212
--- /dev/null
+++ b/db/migrate/20190607205656_add_wiki_columns_to_index_status.rb
@@ -0,0 +1,12 @@
+# frozen_string_literal: true
+
+class AddWikiColumnsToIndexStatus < ActiveRecord::Migration[5.1]
+ include Gitlab::Database::MigrationHelpers
+
+ DOWNTIME = false
+
+ def change
+ add_column :index_statuses, :last_wiki_commit, :binary
+ add_column :index_statuses, :wiki_indexed_at, :datetime_with_timezone
+ end
+end
diff --git a/db/schema.rb b/db/schema.rb
index a9643d70966..7a7319c132e 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -1572,6 +1572,8 @@ ActiveRecord::Schema.define(version: 20190613030606) do
t.string "last_commit"
t.datetime "created_at", null: false
t.datetime "updated_at", null: false
+ t.binary "last_wiki_commit"
+ t.datetime_with_timezone "wiki_indexed_at"
t.index ["project_id"], name: "index_index_statuses_on_project_id", unique: true, using: :btree
end
diff --git a/doc/development/architecture.md b/doc/development/architecture.md
index 5f32cd7eba2..d817d513173 100644
--- a/doc/development/architecture.md
+++ b/doc/development/architecture.md
@@ -149,7 +149,7 @@ Component statuses are linked to configuration documentation for each component.
| [PgBouncer Exporter](#pgbouncer-exporter) | Prometheus endpoint with PgBouncer metrics | [⚙][pgbouncer-exporter-omnibus] | [❌][pgbouncer-exporter-charts] | [❌][pgbouncer-exporter-charts] | [✅](https://about.gitlab.com/handbook/engineering/monitoring/) | ❌ | ❌ | CE & EE |
| [GitLab Monitor](#gitlab-monitor) | Generates a variety of GitLab metrics | [✅][gitlab-monitor-omnibus] | [❌][gitab-monitor-charts] | [❌][gitab-monitor-charts] | [✅](https://about.gitlab.com/handbook/engineering/monitoring/) | ❌ | ❌ | CE & EE |
| [Node Exporter](#node-exporter) | Prometheus endpoint with system metrics | [✅][node-exporter-omnibus] | [❌][node-exporter-charts] | [❌][node-exporter-charts] | [✅](https://about.gitlab.com/handbook/engineering/monitoring/) | ❌ | ❌ | CE & EE |
-| [Mattermost](#mattermost) | Open-source Slack alternative | [⚙][mattermost-omnibus] | [⤓][mattermost-charts] | [⤓][mattermost-charts] | [⤓](../user/project/integrations/mattermost_slash_commands.md#manual-configuration), [⤓](../user/project/integrations/mattermost.html) | ❌ | ❌ | CE & EE |
+| [Mattermost](#mattermost) | Open-source Slack alternative | [⚙][mattermost-omnibus] | [⤓][mattermost-charts] | [⤓][mattermost-charts] | [⤓](../user/project/integrations/mattermost.md) | ❌ | ❌ | CE & EE |
| [MinIO](#minio) | Object storage service | [⤓][minio-omnibus] | [✅][minio-charts] | [✅][minio-charts] | [✅](https://about.gitlab.com/handbook/engineering/infrastructure/production-architecture/#storage-architecture) | ❌ | [⚙][minio-gdk] | CE & EE |
| [Runner](#gitlab-runner) | Executes GitLab CI jobs | [⤓][runner-omnibus] | [✅][runner-charts] | [⚙][runner-charts] | [✅](../user/gitlab_com/index.md#shared-runners) | [⚙][runner-source] | [⚙][runner-gdk] | CE & EE |
| [Database Migrations](#database-migrations) | Database migrations | [✅][database-migrations-omnibus] | [✅][database-migrations-charts] | [✅][database-migrations-charts] | ✅ | [⚙][database-migrations-source] | ✅ | CE & EE |
diff --git a/doc/development/i18n/externalization.md b/doc/development/i18n/externalization.md
index 9fb8ea542d9..ce310672dad 100644
--- a/doc/development/i18n/externalization.md
+++ b/doc/development/i18n/externalization.md
@@ -77,6 +77,9 @@ Or:
hello = _("Hello world!")
```
+NOTE: **Note:** Messages in the API (`lib/api/` or `app/graphql`) do
+not need to be externalised.
+
### HAML files
Given the following content in HAML:
diff --git a/doc/update/upgrading_from_source.md b/doc/update/upgrading_from_source.md
index bc8e5fed774..a05af7350de 100644
--- a/doc/update/upgrading_from_source.md
+++ b/doc/update/upgrading_from_source.md
@@ -4,6 +4,10 @@ comments: false
# Upgrading Community Edition and Enterprise Edition from source
+NOTE: **Note:**
+Users wishing to upgrade to 12.0.0 will have to take some extra steps. See the
+version specific upgrade instructions for 12.0.0 for more details.
+
Make sure you view this update guide from the branch (version) of GitLab you
would like to install (e.g., `11.8`. You can select the version in the version
dropdown at the top left corner of GitLab (below the menu bar).
@@ -404,6 +408,20 @@ Example:
Additional instructions here.
-->
+### 12.0.0
+
+In 12.0.0 we made various database related changes. These changes require that
+users first upgrade to the latest 11.11 patch release. Once upgraded to 11.11.x,
+users can upgrade to 12.x. Failure to do so may result in database migrations
+not being applied, which could lead to application errors.
+
+Example 1: you are currently using GitLab 11.11.3, which is the latest patch
+release for 11.11.x. You can upgrade as usual to 12.0.0, 12.1.0, etc.
+
+Example 2: you are currently using a version of GitLab 10.x. To upgrade, first
+upgrade to 11.11.3. Once upgraded to 11.11.3 you can safely upgrade to 12.0.0
+or future versions.
+
## Things went south? Revert to previous version
### 1. Revert the code to the previous version
diff --git a/doc/user/admin_area/settings/continuous_integration.md b/doc/user/admin_area/settings/continuous_integration.md
index d2605cbfb5e..fde7d1aeaf7 100644
--- a/doc/user/admin_area/settings/continuous_integration.md
+++ b/doc/user/admin_area/settings/continuous_integration.md
@@ -89,10 +89,8 @@ are enabled.
![Project admin info](img/admin_project_quota_view.png)
-When the pipeline minutes quota for a group is set to a value different than 0,
-the **Pipelines quota** page is available to the group page settings list.
-You can see there an overview of the pipeline minutes quota of all projects of
-the group.
+You can see an overview of the pipeline minutes quota of all projects of
+a group in the **Usage Quotas** page available to the group page settings list.
![Group pipelines quota](img/group_pipelines_quota.png)
diff --git a/doc/user/admin_area/settings/img/group_pipelines_quota.png b/doc/user/admin_area/settings/img/group_pipelines_quota.png
index d94b609ad6f..318527426bd 100644
--- a/doc/user/admin_area/settings/img/group_pipelines_quota.png
+++ b/doc/user/admin_area/settings/img/group_pipelines_quota.png
Binary files differ
diff --git a/doc/user/group/img/group_storage_usage_quota.png b/doc/user/group/img/group_storage_usage_quota.png
new file mode 100644
index 00000000000..c5d81ad7a8b
--- /dev/null
+++ b/doc/user/group/img/group_storage_usage_quota.png
Binary files differ
diff --git a/doc/user/group/index.md b/doc/user/group/index.md
index 95e10be9974..abd95eddf63 100644
--- a/doc/user/group/index.md
+++ b/doc/user/group/index.md
@@ -381,6 +381,14 @@ Define project templates at a group level by setting a group as the template sou
for the group. **[STARTER ONLY]**
- **Pipelines quota**: Keep track of the [pipeline quota](../admin_area/settings/continuous_integration.md) for the group.
+#### Storage usage quota **[STARTER]**
+
+> [Introduced](https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/13294) in [GitLab Starter](https://about.gitlab.com/pricing/) 12.0.
+
+A group owner can check the aggregated storage usage for all the project in a group, sub-groups included, in the **Storage** tab of the **Usage Quotas** page available to the group page settings list.
+
+![Group storage usage quota](img/group_storage_usage_quota.png)
+
## User contribution analysis **[STARTER]**
With [GitLab Contribution Analytics](contribution_analytics/index.md),
diff --git a/doc/user/permissions.md b/doc/user/permissions.md
index 4b2dfdfc32e..7af3d4a0ac3 100644
--- a/doc/user/permissions.md
+++ b/doc/user/permissions.md
@@ -95,6 +95,7 @@ The following table depicts the various user permission levels in a project.
| Dismiss vulnerability **[ULTIMATE]** | | | ✓ | ✓ | ✓ |
| Apply code change suggestions | | | ✓ | ✓ | ✓ |
| Create and edit wiki pages | | | ✓ | ✓ | ✓ |
+| Rewrite/remove Git tags | | | ✓ | ✓ | ✓ |
| Use environment terminals | | | | ✓ | ✓ |
| Run Web IDE's Interactive Web Terminals **[ULTIMATE ONLY]** | | | | ✓ | ✓ |
| Add new team members | | | | ✓ | ✓ |
@@ -102,7 +103,6 @@ The following table depicts the various user permission levels in a project.
| Push to protected branches | | | | ✓ | ✓ |
| Turn on/off protected branch push for devs | | | | ✓ | ✓ |
| Enable/disable tag protections | | | | ✓ | ✓ |
-| Rewrite/remove Git tags | | | | ✓ | ✓ |
| Edit project | | | | ✓ | ✓ |
| Add deploy keys to project | | | | ✓ | ✓ |
| Configure project hooks | | | | ✓ | ✓ |
diff --git a/doc/user/project/file_lock.md b/doc/user/project/file_lock.md
index 3386eb9d0d4..40603790c12 100644
--- a/doc/user/project/file_lock.md
+++ b/doc/user/project/file_lock.md
@@ -1,8 +1,6 @@
# File Locking **[PREMIUM]**
-> - [Introduced](https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/440) in [GitLab Premium](https://about.gitlab.com/pricing/) 8.9.
-> - This feature needs to have a license with the "File Lock" option enabled.
-> - If you are using Premium but you don't see the "Lock" button, ask your GitLab administrator.
+> [Introduced](https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/440) in [GitLab Premium](https://about.gitlab.com/pricing/) 8.9.
File Locking helps you avoid merge conflicts and better manage your binary files.
Lock any file or directory, make your changes, and then unlock it so another
@@ -30,12 +28,51 @@ The file locking feature is useful in situations when:
Locked directories are locked recursively, which means that everything that
lies under them is also locked.
+## Locking a file or a directory
+
+NOTE: **Note:**
+Locking only works for the default branch you have set in the project's settings
+(usually `master`).
+
+To lock a file:
+
+1. Navigate to your project's **Repository > Files**.
+1. Pick the file you want to lock.
+1. Click the "Lock" button.
+
+ ![Locking file](img/file_lock.png)
+
+To lock an entire directory, look for the "Lock" link next to "History".
+
+After you lock a file or directory, it will appear as locked in the repository
+view.
+
+![Repository view](img/file_lock_repository_view.png)
+
+Once locked, any merge request to the default branch will fail
+to merge until the file becomes unlocked.
+
+## Unlocking a file or a directory
+
+To unlock a file or a directory, follow the same procedure as when you locked
+them. For a detailed view of every existing lock, see the next section on
+"Viewing and managing existing locks".
+
+You can unlock a file that yourself or someone else previously locked as long
+as you have Maintainer or above [permissions](../permissions.md) to the project.
+
+## Viewing and managing existing locks
+
+To view or manage every existing lock, navigate to the
+**Project > Repository > Locked Files** area. There, you can view all existing
+locks and [remove the ones you have permission for](#permissions-on-file-locking).
+
## Permissions on file locking
The user that locks a file or directory **is the only one** that can edit and
push their changes back to the repository where the locked objects are located.
-Locks can be created by any person who has [push access](../../user/permissions.md) to the repository; i.e.,
+Locks can be created by any person who has [push access](../permissions.md) to the repository; i.e.,
Developer and higher level, and can be removed solely by their author and any
user with Maintainer permissions and above.
@@ -61,41 +98,3 @@ accepts a merge request, an error message will appear stating that the file
is locked.
![Merge request error message](img/file_lock_merge_request_error_message.png)
-
-## Locking a file or a directory
-
->**Note:**
-Locking only works for the default branch you have set in the project's settings
-(usually `master`).
-
-To lock a file, navigate to the repository tree under the **Repository > Files** tab,
-pick the file you want to lock and hit the "Lock" button.
-
-![Locking file](img/file_lock.png)
-
----
-
-To lock an entire directory, look for the "Lock" link next to "History".
-
-![Locking directory](img/file_lock_folders.png)
-
----
-
-After you lock a file or directory, it will appear as locked in the repository
-view.
-
-![Repository view](img/file_lock_repository_view.png)
-
-## Unlocking a file or a directory
-
-To unlock a file or a directory, follow the same procedure as when you locked
-them. For a detailed view of every existing lock, see the next section on
-"Viewing and managing existing locks".
-
-## Viewing and managing existing locks
-
-To view or manage every existing lock, navigate to the
-**Project > Repository > Locked Files** area. There, you can view all existing
-locks and [remove the ones you have permission for](#permissions-on-file-locking).
-
-![Locked Files](img/file_lock_list.png)
diff --git a/doc/user/project/img/file_lock.png b/doc/user/project/img/file_lock.png
index 33f96f20e91..82699a12ffd 100644
--- a/doc/user/project/img/file_lock.png
+++ b/doc/user/project/img/file_lock.png
Binary files differ
diff --git a/doc/user/project/img/file_lock_folders.png b/doc/user/project/img/file_lock_folders.png
deleted file mode 100644
index 5ff3d4d9dbd..00000000000
--- a/doc/user/project/img/file_lock_folders.png
+++ /dev/null
Binary files differ
diff --git a/doc/user/project/img/file_lock_list.png b/doc/user/project/img/file_lock_list.png
deleted file mode 100644
index 2c276335c83..00000000000
--- a/doc/user/project/img/file_lock_list.png
+++ /dev/null
Binary files differ
diff --git a/doc/user/project/img/file_lock_merge_request_error_message.png b/doc/user/project/img/file_lock_merge_request_error_message.png
index 65bc3692da0..4ef04b15bef 100644
--- a/doc/user/project/img/file_lock_merge_request_error_message.png
+++ b/doc/user/project/img/file_lock_merge_request_error_message.png
Binary files differ
diff --git a/doc/user/project/img/file_lock_repository_view.png b/doc/user/project/img/file_lock_repository_view.png
index 8f4ef52aacd..a2cab0decab 100644
--- a/doc/user/project/img/file_lock_repository_view.png
+++ b/doc/user/project/img/file_lock_repository_view.png
Binary files differ
diff --git a/doc/user/project/integrations/mattermost.md b/doc/user/project/integrations/mattermost.md
index d7fd75fd728..ea58a08e127 100644
--- a/doc/user/project/integrations/mattermost.md
+++ b/doc/user/project/integrations/mattermost.md
@@ -1,5 +1,9 @@
# Mattermost Notifications Service
+The Mattermost Notifications Service allows your GitLab project to send events (e.g., `issue created`) to your existing Mattermost team as notifications. This requires configurations in both Mattermost and GitLab.
+
+You can also use Mattermost slash commands to control GitLab inside Mattermost. This is the separately configured [Mattermost slash commands](mattermost_slash_commands.md).
+
## On Mattermost
To enable Mattermost integration you must create an incoming webhook integration:
diff --git a/doc/user/project/integrations/mattermost_slash_commands.md b/doc/user/project/integrations/mattermost_slash_commands.md
index 9c69437537a..41be26c1d30 100644
--- a/doc/user/project/integrations/mattermost_slash_commands.md
+++ b/doc/user/project/integrations/mattermost_slash_commands.md
@@ -6,6 +6,9 @@ Mattermost commands give users an extra interface to perform common operations
from the chat environment. This allows one to, for example, create an issue as
soon as the idea was discussed in Mattermost.
+GitLab can also send events (e.g., `issue created`) to Mattermost as notifications.
+This is the separately configured [Mattermost Notifications Service](mattermost.md).
+
## Prerequisites
Mattermost 3.4 and up is required.
diff --git a/doc/user/project/issues/img/link_zoom_call_in_issue.png b/doc/user/project/issues/img/link_zoom_call_in_issue.png
new file mode 100644
index 00000000000..3153a0a9b07
--- /dev/null
+++ b/doc/user/project/issues/img/link_zoom_call_in_issue.png
Binary files differ
diff --git a/doc/user/project/issues/issue_data_and_actions.md b/doc/user/project/issues/issue_data_and_actions.md
index da585022263..ac26b672d99 100644
--- a/doc/user/project/issues/issue_data_and_actions.md
+++ b/doc/user/project/issues/issue_data_and_actions.md
@@ -149,6 +149,12 @@ The plain text title and description of the issue fill the top center of the iss
The description fully supports [GitLab Flavored Markdown](../../markdown.md#gitlab-flavored-markdown-gfm),
allowing many formatting options.
+##### 16.1 Zoom Call Links
+
+Including a link to a Zoom call in the description of an issue will result in a "Join Zoom meeting" button at the top of the issue, just under the header. To remove the button, edit the description and remove the Zoom call link.
+
+![Link Zoom Call in Issue](img/link_zoom_call_in_issue.png)
+
#### 17. Mentions
You can mention a user or a group present in your GitLab instance with `@username` or
diff --git a/lib/api/helpers.rb b/lib/api/helpers.rb
index 00bcf6b055b..fd258e3edbc 100644
--- a/lib/api/helpers.rb
+++ b/lib/api/helpers.rb
@@ -235,6 +235,10 @@ module API
authorize! :push_code, user_project
end
+ def authorize_admin_tag
+ authorize! :admin_tag, user_project
+ end
+
def authorize_admin_project
authorize! :admin_project, user_project
end
diff --git a/lib/api/tags.rb b/lib/api/tags.rb
index f5359fd316c..796b1450602 100644
--- a/lib/api/tags.rb
+++ b/lib/api/tags.rb
@@ -55,7 +55,7 @@ module API
optional :release_description, type: String, desc: 'Specifying release notes stored in the GitLab database (deprecated in GitLab 11.7)'
end
post ':id/repository/tags' do
- authorize_push_project
+ authorize_admin_tag
result = ::Tags::CreateService.new(user_project, current_user)
.execute(params[:tag_name], params[:ref], params[:message])
@@ -87,7 +87,7 @@ module API
requires :tag_name, type: String, desc: 'The name of the tag'
end
delete ':id/repository/tags/:tag_name', requirements: TAG_ENDPOINT_REQUIREMENTS do
- authorize_push_project
+ authorize_admin_tag
tag = user_project.repository.find_tag(params[:tag_name])
not_found!('Tag') unless tag
diff --git a/lib/gitlab/checks/tag_check.rb b/lib/gitlab/checks/tag_check.rb
index 2a75c8059bd..ced0612a7a3 100644
--- a/lib/gitlab/checks/tag_check.rb
+++ b/lib/gitlab/checks/tag_check.rb
@@ -19,7 +19,7 @@ module Gitlab
return unless tag_name
logger.log_timed(LOG_MESSAGES[:tag_checks]) do
- if tag_exists? && user_access.cannot_do_action?(:admin_project)
+ if tag_exists? && user_access.cannot_do_action?(:admin_tag)
raise GitAccess::UnauthorizedError, ERROR_MESSAGES[:change_existing_tags]
end
end
diff --git a/lib/gitlab/ci/ansi2html.rb b/lib/gitlab/ci/ansi2html.rb
index 10d8c326c9a..55411b5a8c4 100644
--- a/lib/gitlab/ci/ansi2html.rb
+++ b/lib/gitlab/ci/ansi2html.rb
@@ -312,7 +312,7 @@ module Gitlab
if @sections.any?
css_classes << "section"
- css_classes << "js-section-header" if @lineno_in_section == 0
+ css_classes << "js-section-header section-header" if @lineno_in_section == 0
css_classes += sections.map { |section| "js-s-#{section}" }
end
diff --git a/lib/gitlab/ci/templates/Security/Container-Scanning.gitlab-ci.yml b/lib/gitlab/ci/templates/Security/Container-Scanning.gitlab-ci.yml
index 5372ec6cceb..d1a34c515fa 100644
--- a/lib/gitlab/ci/templates/Security/Container-Scanning.gitlab-ci.yml
+++ b/lib/gitlab/ci/templates/Security/Container-Scanning.gitlab-ci.yml
@@ -30,7 +30,7 @@ container_scanning:
services:
- docker:stable-dind
script:
- - if [ -z "$DOCKER_HOST" -a "$KUBERNETES_PORT" ]; then { export DOCKER_SERVICE="localhost" ; export DOCKER_HOST="tcp://${DOCKER_SERVICE}:2375" ; } fi
+ - if [[ -n "$KUBERNETES_PORT" ]]; then { export DOCKER_SERVICE="localhost" ; export DOCKER_HOST="tcp://${DOCKER_SERVICE}:2375" ; } fi
- |
if [[ -n "$CI_REGISTRY_USER" ]]; then
echo "Logging to GitLab Container Registry with CI credentials..."
diff --git a/lib/gitlab/user_access.rb b/lib/gitlab/user_access.rb
index 9ef23cf849f..097b502316e 100644
--- a/lib/gitlab/user_access.rb
+++ b/lib/gitlab/user_access.rb
@@ -45,7 +45,7 @@ module Gitlab
if protected?(ProtectedTag, project, ref)
protected_tag_accessible_to?(ref, action: :create)
else
- user.can?(:push_code, project)
+ user.can?(:admin_tag, project)
end
end
diff --git a/qa/qa/specs/features/browser_ui/3_create/merge_request/merge_merge_request_from_fork_spec.rb b/qa/qa/specs/features/browser_ui/3_create/merge_request/merge_merge_request_from_fork_spec.rb
index c7db595284e..6ca7af8a3af 100644
--- a/qa/qa/specs/features/browser_ui/3_create/merge_request/merge_merge_request_from_fork_spec.rb
+++ b/qa/qa/specs/features/browser_ui/3_create/merge_request/merge_merge_request_from_fork_spec.rb
@@ -1,8 +1,7 @@
# frozen_string_literal: true
module QA
- # Failure issue: https://gitlab.com/gitlab-org/quality/nightly/issues/94
- context 'Create', :quarantine do
+ context 'Create' do
describe 'Merge request creation from fork' do
it 'user forks a project, submits a merge request and maintainer merges it' do
Runtime::Browser.visit(:gitlab, Page::Main::Login)
diff --git a/qa/qa/specs/features/browser_ui/3_create/merge_request/squash_merge_request_spec.rb b/qa/qa/specs/features/browser_ui/3_create/merge_request/squash_merge_request_spec.rb
index 86692623790..a93f2695ec2 100644
--- a/qa/qa/specs/features/browser_ui/3_create/merge_request/squash_merge_request_spec.rb
+++ b/qa/qa/specs/features/browser_ui/3_create/merge_request/squash_merge_request_spec.rb
@@ -1,8 +1,7 @@
# frozen_string_literal: true
module QA
- # Failure issue: https://gitlab.com/gitlab-org/quality/nightly/issues/93
- context 'Create', :quarantine do
+ context 'Create' do
describe 'Merge request squashing' do
it 'user squashes commits while merging' do
Runtime::Browser.visit(:gitlab, Page::Main::Login)
diff --git a/qa/qa/specs/features/browser_ui/3_create/repository/add_list_delete_branches_spec.rb b/qa/qa/specs/features/browser_ui/3_create/repository/add_list_delete_branches_spec.rb
index 37a784248d4..2b3d9b1711d 100644
--- a/qa/qa/specs/features/browser_ui/3_create/repository/add_list_delete_branches_spec.rb
+++ b/qa/qa/specs/features/browser_ui/3_create/repository/add_list_delete_branches_spec.rb
@@ -1,8 +1,7 @@
# frozen_string_literal: true
module QA
- # Failure issue: https://gitlab.com/gitlab-org/quality/nightly/issues/62
- context 'Create', :quarantine do
+ context 'Create' do
describe 'Create, list, and delete branches via web' do
master_branch = 'master'
second_branch = 'second-branch'
diff --git a/spec/features/tags/master_creates_tag_spec.rb b/spec/features/tags/developer_creates_tag_spec.rb
index f80ddd050d7..b2ad7ed8f3f 100644
--- a/spec/features/tags/master_creates_tag_spec.rb
+++ b/spec/features/tags/developer_creates_tag_spec.rb
@@ -1,11 +1,12 @@
require 'spec_helper'
-describe 'Maintainer creates tag' do
+describe 'Developer creates tag' do
let(:user) { create(:user) }
- let(:project) { create(:project, :repository, namespace: user.namespace) }
+ let(:group) { create(:group) }
+ let(:project) { create(:project, :repository, namespace: group) }
before do
- project.add_maintainer(user)
+ project.add_developer(user)
sign_in(user)
end
diff --git a/spec/features/tags/master_deletes_tag_spec.rb b/spec/features/tags/developer_deletes_tag_spec.rb
index bdbbe645779..dc4c7a4fb0a 100644
--- a/spec/features/tags/master_deletes_tag_spec.rb
+++ b/spec/features/tags/developer_deletes_tag_spec.rb
@@ -1,11 +1,12 @@
require 'spec_helper'
-describe 'Maintainer deletes tag' do
+describe 'Developer deletes tag' do
let(:user) { create(:user) }
- let(:project) { create(:project, :repository, namespace: user.namespace) }
+ let(:group) { create(:group) }
+ let(:project) { create(:project, :repository, namespace: group) }
before do
- project.add_maintainer(user)
+ project.add_developer(user)
sign_in(user)
visit project_tags_path(project)
end
diff --git a/spec/features/tags/master_updates_tag_spec.rb b/spec/features/tags/developer_updates_tag_spec.rb
index d8b5b3c4cc4..1e11fc9e5d5 100644
--- a/spec/features/tags/master_updates_tag_spec.rb
+++ b/spec/features/tags/developer_updates_tag_spec.rb
@@ -1,11 +1,12 @@
require 'spec_helper'
-describe 'Maintainer updates tag' do
+describe 'Developer updates tag' do
let(:user) { create(:user) }
- let(:project) { create(:project, :repository, namespace: user.namespace) }
+ let(:group) { create(:group) }
+ let(:project) { create(:project, :repository, namespace: group) }
before do
- project.add_maintainer(user)
+ project.add_developer(user)
sign_in(user)
visit project_tags_path(project)
end
diff --git a/spec/features/tags/master_views_tags_spec.rb b/spec/features/tags/developer_views_tags_spec.rb
index 36cfeb5ed84..09e644c6b97 100644
--- a/spec/features/tags/master_views_tags_spec.rb
+++ b/spec/features/tags/developer_views_tags_spec.rb
@@ -1,7 +1,8 @@
require 'spec_helper'
-describe 'Maintainer views tags' do
+describe 'Developer views tags' do
let(:user) { create(:user) }
+ let(:group) { create(:group) }
before do
project.add_maintainer(user)
@@ -9,7 +10,7 @@ describe 'Maintainer views tags' do
end
context 'when project has no tags' do
- let(:project) { create(:project_empty_repo) }
+ let(:project) { create(:project_empty_repo, namespace: group) }
before do
visit project_path(project)
@@ -25,7 +26,7 @@ describe 'Maintainer views tags' do
end
context 'when project has tags' do
- let(:project) { create(:project, :repository, namespace: user.namespace) }
+ let(:project) { create(:project, :repository, namespace: group) }
let(:repository) { project.repository }
before do
diff --git a/spec/lib/gitlab/checks/tag_check_spec.rb b/spec/lib/gitlab/checks/tag_check_spec.rb
index b1258270611..80e9eb504ad 100644
--- a/spec/lib/gitlab/checks/tag_check_spec.rb
+++ b/spec/lib/gitlab/checks/tag_check_spec.rb
@@ -8,9 +8,8 @@ describe Gitlab::Checks::TagCheck do
describe '#validate!' do
let(:ref) { 'refs/tags/v1.0.0' }
- it 'raises an error' do
- allow(user_access).to receive(:can_do_action?).with(:push_code).and_return(true)
- expect(user_access).to receive(:can_do_action?).with(:admin_project).and_return(false)
+ it 'raises an error when user does not have access' do
+ allow(user_access).to receive(:can_do_action?).with(:admin_tag).and_return(false)
expect { subject.validate! }.to raise_error(Gitlab::GitAccess::UnauthorizedError, 'You are not allowed to change existing tags on this project.')
end
diff --git a/spec/lib/gitlab/ci/ansi2html_spec.rb b/spec/lib/gitlab/ci/ansi2html_spec.rb
index 655c5d20d7f..aa4e358b148 100644
--- a/spec/lib/gitlab/ci/ansi2html_spec.rb
+++ b/spec/lib/gitlab/ci/ansi2html_spec.rb
@@ -231,8 +231,8 @@ describe Gitlab::Ci::Ansi2html do
it 'prints light red' do
text = "#{section_start}\e[91mHello\e[0m\n#{section_end}"
- header = %{<span class="term-fg-l-red section js-section-header js-s-#{class_name(section_name)}">Hello</span>}
- line_break = %{<span class="section js-section-header js-s-#{class_name(section_name)}"></span><br/>}
+ header = %{<span class="term-fg-l-red section js-section-header section-header js-s-#{class_name(section_name)}">Hello</span>}
+ line_break = %{<span class="section js-section-header section-header js-s-#{class_name(section_name)}"></span><br/>}
line = %{<span class="section line s_#{class_name(section_name)}"></span>}
empty_line = %{<span class="section js-s-#{class_name(section_name)}"></span>}
html = "#{section_start_html}#{header}#{line_break}#{line}#{empty_line}#{section_end_html}"
diff --git a/spec/lib/gitlab/git_access_spec.rb b/spec/lib/gitlab/git_access_spec.rb
index 634c370d211..b9c21b3a7bd 100644
--- a/spec/lib/gitlab/git_access_spec.rb
+++ b/spec/lib/gitlab/git_access_spec.rb
@@ -831,7 +831,7 @@ describe Gitlab::GitAccess do
push_master: true,
push_protected_branch: false,
push_remove_protected_branch: false,
- push_tag: false,
+ push_tag: true,
push_new_tag: true,
push_all: false,
merge_into_protected_branch: false
diff --git a/spec/models/ci/pipeline_schedule_spec.rb b/spec/models/ci/pipeline_schedule_spec.rb
index c4d8ad5317a..d7b81caddf5 100644
--- a/spec/models/ci/pipeline_schedule_spec.rb
+++ b/spec/models/ci/pipeline_schedule_spec.rb
@@ -129,7 +129,7 @@ describe Ci::PipelineSchedule do
let(:pipeline_schedule) { create(:ci_pipeline_schedule, :every_minute) }
it "updates next_run_at to the sidekiq worker's execution time" do
- Timecop.freeze do
+ Timecop.freeze(2019, 06, 19, 12, 00) do
expect(pipeline_schedule.next_run_at).to eq(cron_worker_next_run_at)
end
end
diff --git a/spec/models/clusters/applications/knative_spec.rb b/spec/models/clusters/applications/knative_spec.rb
index b38cf96de7e..7f4819cbb9a 100644
--- a/spec/models/clusters/applications/knative_spec.rb
+++ b/spec/models/clusters/applications/knative_spec.rb
@@ -112,7 +112,7 @@ describe Clusters::Applications::Knative do
subject { knative.install_command }
it 'is initialized with latest version' do
- expect(subject.version).to eq('0.5.0')
+ expect(subject.version).to eq('0.6.0')
end
it_behaves_like 'a command'
diff --git a/spec/policies/project_policy_spec.rb b/spec/policies/project_policy_spec.rb
index 4b723a52b51..fd82150c12a 100644
--- a/spec/policies/project_policy_spec.rb
+++ b/spec/policies/project_policy_spec.rb
@@ -36,7 +36,7 @@ describe ProjectPolicy do
let(:developer_permissions) do
%i[
- admin_milestone admin_merge_request update_merge_request create_commit_status
+ admin_tag admin_milestone admin_merge_request update_merge_request create_commit_status
update_commit_status create_build update_build create_pipeline
update_pipeline create_merge_request_from create_wiki push_code
resolve_note create_container_image update_container_image destroy_container_image
diff --git a/spec/requests/api/tags_spec.rb b/spec/requests/api/tags_spec.rb
index d898319e709..c4f4a2cb889 100644
--- a/spec/requests/api/tags_spec.rb
+++ b/spec/requests/api/tags_spec.rb
@@ -10,7 +10,7 @@ describe API::Tags do
let(:current_user) { nil }
before do
- project.add_maintainer(user)
+ project.add_developer(user)
end
describe 'GET /projects/:id/repository/tags' do
diff --git a/spec/support/shared_examples/policies/project_policy_shared_examples.rb b/spec/support/shared_examples/policies/project_policy_shared_examples.rb
index 7a71e2ee370..13b7ade658b 100644
--- a/spec/support/shared_examples/policies/project_policy_shared_examples.rb
+++ b/spec/support/shared_examples/policies/project_policy_shared_examples.rb
@@ -17,6 +17,7 @@ RSpec.shared_examples 'archived project policies' do
upload_file
resolve_note
award_emoji
+ admin_tag
]
end