diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2023-05-11 15:08:39 +0000 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2023-05-11 15:08:39 +0000 |
| commit | 4564f677f8d71e814e89618e81709c86cf50e3d2 (patch) | |
| tree | 9ba8fffbd8b3ec3d40dc12bfc4132d842f789cfc | |
| parent | 0b54f87a31c23544ca5917bf772ce9c64a61562c (diff) | |
| download | gitlab-ce-4564f677f8d71e814e89618e81709c86cf50e3d2.tar.gz | |
Add latest changes from gitlab-org/gitlab@master
73 files changed, 366 insertions, 531 deletions
diff --git a/.gitlab/ci/preflight.gitlab-ci.yml b/.gitlab/ci/preflight.gitlab-ci.yml index 7dee87ee715..04cb36354a9 100644 --- a/.gitlab/ci/preflight.gitlab-ci.yml +++ b/.gitlab/ci/preflight.gitlab-ci.yml @@ -30,9 +30,12 @@ rails-production-server-boot: needs: [] script: - source scripts/utils.sh - - bundle exec rails server -e production & - - sleep 40 # See https://gitlab.com/gitlab-org/gitlab/-/merge_requests/114124#note_1309506358 - - retry_times_sleep 10 5 "curl http://0.0.0.0:3000" + - cp config/puma.rb.example config/puma.rb + - sed --in-place "s:/home/git/gitlab:${PWD}:" config/puma.rb + - echo 'bind "tcp://127.0.0.1:3000"' >> config/puma.rb + - bundle exec puma --environment production --config config/puma.rb & + - sleep 40 # See https://gitlab.com/gitlab-org/gitlab/-/merge_requests/114124#note_1309506358 + - retry_times_sleep 10 5 "curl http://127.0.0.1:3000" - kill $(jobs -p) no-ee-check: diff --git a/.rubocop_todo/layout/line_length.yml b/.rubocop_todo/layout/line_length.yml index 765a9a81d21..abca9baa4cd 100644 --- a/.rubocop_todo/layout/line_length.yml +++ b/.rubocop_todo/layout/line_length.yml @@ -1462,7 +1462,6 @@ Layout/LineLength: - 'ee/spec/features/groups/security/compliance_dashboards_spec.rb' - 'ee/spec/features/groups/sso_spec.rb' - 'ee/spec/features/integrations/jira/jira_issues_list_spec.rb' - - 'ee/spec/features/invites_spec.rb' - 'ee/spec/features/issues/filtered_search/filter_issues_weight_spec.rb' - 'ee/spec/features/issues/form_spec.rb' - 'ee/spec/features/labels_hierarchy_spec.rb' @@ -3387,7 +3386,6 @@ Layout/LineLength: - 'spec/features/groups/settings/repository_spec.rb' - 'spec/features/groups_spec.rb' - 'spec/features/ide/static_object_external_storage_csp_spec.rb' - - 'spec/features/invites_spec.rb' - 'spec/features/issuables/issuable_list_spec.rb' - 'spec/features/issuables/markdown_references/internal_references_spec.rb' - 'spec/features/issuables/markdown_references/jira_spec.rb' diff --git a/.rubocop_todo/rspec/context_wording.yml b/.rubocop_todo/rspec/context_wording.yml index 8a5c07c8892..a2886ff9679 100644 --- a/.rubocop_todo/rspec/context_wording.yml +++ b/.rubocop_todo/rspec/context_wording.yml @@ -1154,7 +1154,6 @@ RSpec/ContextWording: - 'spec/features/ics/project_issues_spec.rb' - 'spec/features/ide/static_object_external_storage_csp_spec.rb' - 'spec/features/incidents/user_creates_new_incident_spec.rb' - - 'spec/features/invites_spec.rb' - 'spec/features/issuables/markdown_references/internal_references_spec.rb' - 'spec/features/issuables/sorting_list_spec.rb' - 'spec/features/issuables/user_sees_sidebar_spec.rb' diff --git a/GITALY_SERVER_VERSION b/GITALY_SERVER_VERSION index 7befd5a0d5b..0566059822f 100644 --- a/GITALY_SERVER_VERSION +++ b/GITALY_SERVER_VERSION @@ -1 +1 @@ -cf82dc98409a959201de728d2024e80418ea4c2a +2a5e9db06122c8a033bd4989cf99c46604cd2949 diff --git a/app/graphql/mutations/ci/project_ci_cd_settings_update.rb b/app/graphql/mutations/ci/project_ci_cd_settings_update.rb index 90658f05827..d4e55fd1792 100644 --- a/app/graphql/mutations/ci/project_ci_cd_settings_update.rb +++ b/app/graphql/mutations/ci/project_ci_cd_settings_update.rb @@ -31,10 +31,6 @@ module Mutations description: 'Indicates CI/CD job tokens generated in other projects ' \ 'have restricted access to this project.' - argument :opt_in_jwt, GraphQL::Types::Boolean, - required: false, - description: 'When disabled, the JSON Web Token is always available in all jobs in the pipeline.' - field :ci_cd_settings, Types::Ci::CiCdSettingType, null: false, diff --git a/app/graphql/types/ci/ci_cd_setting_type.rb b/app/graphql/types/ci/ci_cd_setting_type.rb index dd6647b749d..f7ef94f58c0 100644 --- a/app/graphql/types/ci/ci_cd_setting_type.rb +++ b/app/graphql/types/ci/ci_cd_setting_type.rb @@ -30,11 +30,7 @@ module Types field :merge_trains_enabled, GraphQL::Types::Boolean, null: true, description: 'Whether merge trains are enabled.', method: :merge_trains_enabled? - field :opt_in_jwt, - GraphQL::Types::Boolean, - null: true, - description: 'When disabled, the JSON Web Token is always available in all jobs in the pipeline.', - method: :opt_in_jwt? + field :project, Types::ProjectType, null: true, description: 'Project the CI/CD settings belong to.' end diff --git a/app/models/ci/build.rb b/app/models/ci/build.rb index d389c59f16b..5680cd2181e 100644 --- a/app/models/ci/build.rb +++ b/app/models/ci/build.rb @@ -1239,10 +1239,10 @@ module Ci end def job_jwt_variables - if project.ci_cd_settings.opt_in_jwt? + if id_tokens? id_tokens_variables else - predefined_jwt_variables.concat(id_tokens_variables) + predefined_jwt_variables end end @@ -1259,8 +1259,6 @@ module Ci end def id_tokens_variables - return [] unless id_tokens? - Gitlab::Ci::Variables::Collection.new.tap do |variables| id_tokens.each do |var_name, token_data| token = Gitlab::Ci::JwtV2.for_build(self, aud: token_data['aud']) diff --git a/app/models/project.rb b/app/models/project.rb index 68ed9ad9f93..d8818d9c174 100644 --- a/app/models/project.rb +++ b/app/models/project.rb @@ -518,7 +518,6 @@ class Project < ApplicationRecord delegate :job_token_scope_enabled, :job_token_scope_enabled=, to: :ci_cd_settings, prefix: :ci_outbound, allow_nil: true delegate :inbound_job_token_scope_enabled, :inbound_job_token_scope_enabled=, to: :ci_cd_settings, prefix: :ci, allow_nil: true delegate :keep_latest_artifact, :keep_latest_artifact=, to: :ci_cd_settings, allow_nil: true - delegate :opt_in_jwt, :opt_in_jwt=, to: :ci_cd_settings, prefix: :ci, allow_nil: true delegate :allow_fork_pipelines_to_run_in_parent_project, :allow_fork_pipelines_to_run_in_parent_project=, to: :ci_cd_settings, prefix: :ci, allow_nil: true delegate :restrict_user_defined_variables, :restrict_user_defined_variables=, to: :ci_cd_settings, allow_nil: true delegate :separated_caches, :separated_caches=, to: :ci_cd_settings, prefix: :ci, allow_nil: true diff --git a/app/models/project_ci_cd_setting.rb b/app/models/project_ci_cd_setting.rb index cc9003423be..aa65f27870d 100644 --- a/app/models/project_ci_cd_setting.rb +++ b/app/models/project_ci_cd_setting.rb @@ -2,6 +2,7 @@ class ProjectCiCdSetting < ApplicationRecord include ChronicDurationAttribute + include IgnorableColumns belongs_to :project, inverse_of: :ci_cd_settings @@ -22,6 +23,8 @@ class ProjectCiCdSetting < ApplicationRecord chronic_duration_attr :runner_token_expiration_interval_human_readable, :runner_token_expiration_interval + ignore_column :opt_in_jwt, remove_with: '16.2', remove_after: '2023-07-01' + def keep_latest_artifacts_available? # The project level feature can only be enabled when the feature is enabled instance wide Gitlab::CurrentSettings.current_application_settings.keep_latest_artifact? && keep_latest_artifact? diff --git a/app/services/members/destroy_service.rb b/app/services/members/destroy_service.rb index b77485ce744..e432016795d 100644 --- a/app/services/members/destroy_service.rb +++ b/app/services/members/destroy_service.rb @@ -4,7 +4,15 @@ module Members class DestroyService < Members::BaseService include Gitlab::ExclusiveLeaseHelpers - def execute(member, skip_authorization: false, skip_subresources: false, unassign_issuables: false, destroy_bot: false) + def execute( + member, + skip_authorization: false, + skip_subresources: false, + unassign_issuables: false, + destroy_bot: false, + skip_saml_identity: false + ) + unless skip_authorization raise Gitlab::Access::AccessDeniedError unless authorized?(member, destroy_bot) @@ -15,10 +23,10 @@ module Members @skip_auth = skip_authorization if a_group_owner?(member) - process_destroy_of_group_owner_member(member, skip_subresources) + process_destroy_of_group_owner_member(member, skip_subresources, skip_saml_identity) else destroy_member(member) - destroy_data_related_to_member(member, skip_subresources) + destroy_data_related_to_member(member, skip_subresources, skip_saml_identity) end enqueue_jobs_that_needs_to_be_run_only_once_per_hierarchy(member, unassign_issuables) @@ -47,7 +55,7 @@ module Members @recursive_call == true end - def process_destroy_of_group_owner_member(member, skip_subresources) + def process_destroy_of_group_owner_member(member, skip_subresources, skip_saml_identity) # Deleting 2 different group owners via the API in quick succession could lead to # wrong results for the `last_owner?` check due to race conditions. To prevent this # we wrap both the last_owner? check and the deletes of owners within a lock. @@ -61,23 +69,23 @@ module Members end # deletion of related data does not have to be within the lock. - destroy_data_related_to_member(member, skip_subresources) unless last_group_owner + destroy_data_related_to_member(member, skip_subresources, skip_saml_identity) unless last_group_owner end def destroy_member(member) member.destroy end - def destroy_data_related_to_member(member, skip_subresources) + def destroy_data_related_to_member(member, skip_subresources, skip_saml_identity) member.user&.invalidate_cache_counts - delete_member_associations(member, skip_subresources) + delete_member_associations(member, skip_subresources, skip_saml_identity) end def a_group_owner?(member) member.is_a?(GroupMember) && member.owner? end - def delete_member_associations(member, skip_subresources) + def delete_member_associations(member, skip_subresources, skip_saml_identity) if member.request? && member.user != current_user notification_service.decline_access_request(member) end @@ -86,7 +94,7 @@ module Members delete_project_invitations_by(member) unless skip_subresources resolve_access_request_todos(member) - after_execute(member: member) + after_execute(member: member, skip_saml_identity: skip_saml_identity) end def authorized?(member, destroy_bot) diff --git a/app/views/projects/branches/_panel.html.haml b/app/views/projects/branches/_panel.html.haml index a2c6c93278b..a632e29d34f 100644 --- a/app/views/projects/branches/_panel.html.haml +++ b/app/views/projects/branches/_panel.html.haml @@ -8,13 +8,13 @@ - return unless branches.any? = render Pajamas::CardComponent.new(card_options: {class: 'gl-mt-5 gl-bg-gray-10'}, header_options: {class: 'gl-px-5 gl-py-4 gl-bg-white'}, body_options: {class: 'gl-px-3 gl-py-0'}, footer_options: {class: 'gl-bg-white'}) do |c| - - c.header do + - c.with_header do %h3.card-title.h5.gl-line-height-24.gl-m-0 = panel_title - - c.body do + - c.with_body do %ul.content-list.branches-list.all-branches{ data: { qa_selector: 'all_branches_container' } } - branches.first(overview_max_branches).each do |branch| = render "projects/branches/branch", branch: branch, merged: project.repository.merged_to_root_ref?(branch), commit_status: @branch_pipeline_statuses[branch.name], show_commit_status: @branch_pipeline_statuses.any? - if branches.size > overview_max_branches - - c.footer do + - c.with_footer do = link_to show_more_text, project_branches_filtered_path(project, state: state), id: "state-#{state}", data: { state: state } diff --git a/app/views/projects/commits/_commit_list.html.haml b/app/views/projects/commits/_commit_list.html.haml index 23b25b5dcbd..22f4594c1d5 100644 --- a/app/views/projects/commits/_commit_list.html.haml +++ b/app/views/projects/commits/_commit_list.html.haml @@ -3,9 +3,9 @@ - commits = Commit.decorate(commits, @project) = render Pajamas::CardComponent.new(card_options: { class: 'gl-mb-5'}, body_options: { class: 'gl-py-0'}) do |c| - - c.header do + - c.with_header do Commits (#{@total_commit_count}) - - c.body do + - c.with_body do - if hidden > 0 %ul.content-list - commits.each do |commit| diff --git a/app/views/projects/compare/show.html.haml b/app/views/projects/compare/show.html.haml index bc378182057..9185afc0771 100644 --- a/app/views/projects/compare/show.html.haml +++ b/app/views/projects/compare/show.html.haml @@ -18,7 +18,7 @@ paginate_diffs_per_page: Projects::CompareController::COMMIT_DIFFS_PER_PAGE - else = render Pajamas::CardComponent.new(card_options: { class: "gl-bg-gray-50 gl-mb-5 gl-border-none gl-text-center" }) do |c| - - c.body do + - c.with_body do %h4 = s_("CompareBranches|There isn't anything to compare.") %p.gl-mb-4.gl-line-height-24 diff --git a/app/views/projects/issues/_related_branches.html.haml b/app/views/projects/issues/_related_branches.html.haml index d26b0f96992..3d6a266dc4d 100644 --- a/app/views/projects/issues/_related_branches.html.haml +++ b/app/views/projects/issues/_related_branches.html.haml @@ -1,7 +1,7 @@ - if @related_branches.any? - if @related_branches.any? = render Pajamas::CardComponent.new(card_options: { class: 'gl-bg-gray-10 gl-mt-5 gl-mb-0' }, header_options: { class: 'gl-bg-white gl-pl-5 gl-pr-4 gl-py-4' } , body_options: { class: 'gl-py-3 gl-px-4' }) do |c| - - c.header do + - c.with_header do %h3.card-title.h5.gl-my-0.gl-display-flex.gl-align-items-center.gl-flex-grow-1.gl-relative.gl-line-height-24 = link_to "", "#related-branches", class: "gl-link anchor position-absolute gl-text-decoration-none", "aria-hidden": true = _('Related branches') @@ -9,7 +9,7 @@ .gl-display-inline-flex.gl-align-items-center = sprite_icon('branch', css_class: "gl-mr-2 gl-text-gray-500 gl-icon") = @related_branches.size - - c.body do + - c.with_body do %ul.related-merge-requests.content-list.gl-p-3! - @related_branches.each do |branch| %li.list-item{ class: "gl-py-0! gl-border-0!" } diff --git a/app/views/projects/mirrors/_mirror_repos_list.html.haml b/app/views/projects/mirrors/_mirror_repos_list.html.haml index b06aca063fd..185d86245c5 100644 --- a/app/views/projects/mirrors/_mirror_repos_list.html.haml +++ b/app/views/projects/mirrors/_mirror_repos_list.html.haml @@ -4,10 +4,10 @@ .table-responsive - if !@project.mirror? && @project.remote_mirrors.count == 0 = render Pajamas::CardComponent.new(card_options: { class: 'gl-mt-5' }) do |c| - - c.header do + - c.with_header do %strong = _('Mirrored repositories') + ' (0)' - - c.body do + - c.with_body do = _('There are currently no mirrored repositories.') - else %table.table.gl-table.gl-mt-5 diff --git a/app/views/projects/pages/_access.html.haml b/app/views/projects/pages/_access.html.haml index 33e0e45350a..50e48187be3 100644 --- a/app/views/projects/pages/_access.html.haml +++ b/app/views/projects/pages/_access.html.haml @@ -2,9 +2,9 @@ - pages_url = @project.pages_url(with_unique_domain: true) = render Pajamas::CardComponent.new(card_options: { class: 'gl-mb-5', data: { qa_selector: 'access_page_container' } }, footer_options: { class: 'gl-alert-warning' }) do |c| - - c.header do + - c.with_header do = s_('GitLabPages|Access pages') - - c.body do + - c.with_body do %p = external_link(pages_url, pages_url) @@ -12,7 +12,7 @@ %p = external_link(domain.url, domain.url) - unless @project.public_pages? - - c.footer do + - c.with_footer do - help_page = help_page_path('user/project/pages/pages_access_control') - link_start = '<a href="%{url}" target="_blank" class="gl-alert-link" rel="noopener noreferrer">'.html_safe % { url: help_page } - link_end = '</a>'.html_safe diff --git a/app/views/projects/pages/_list.html.haml b/app/views/projects/pages/_list.html.haml index 4cf9efcf519..57371aa49f6 100644 --- a/app/views/projects/pages/_list.html.haml +++ b/app/views/projects/pages/_list.html.haml @@ -3,12 +3,12 @@ - if can?(current_user, :update_pages, @project) = render Pajamas::CardComponent.new(card_options: { class: 'gl-mb-5'}, header_options: { class: 'gl-display-flex gl-align-items-center gl-justify-content-space-between' }) do |c| - - c.header do + - c.with_header do Domains (#{@domains.size}) - if can_add_new_domain = render Pajamas::ButtonComponent.new(variant: :confirm, href: new_project_pages_domain_path(@project)) do = s_('GitLabPages|New Domain') - - c.body do + - c.with_body do - if @domains.any? %ul.list-group.list-group-flush - @domains.each do |domain| diff --git a/app/views/projects/pages/_no_domains.html.haml b/app/views/projects/pages/_no_domains.html.haml index 5f377743439..97c3ad11f1a 100644 --- a/app/views/projects/pages/_no_domains.html.haml +++ b/app/views/projects/pages/_no_domains.html.haml @@ -2,10 +2,10 @@ - if can?(current_user, :update_pages, @project) = render Pajamas::CardComponent.new(card_options: { class: 'gl-mb-5'}, body_options: { class: 'gl-text-center nothing-here-block' }) do |c| - - c.header do + - c.with_header do = s_('GitLabPages|Domains') - if can_add_new_domain = render Pajamas::ButtonComponent.new(variant: :confirm, href: new_project_pages_domain_path(@project)) do = s_('GitLabPages|New Domain') - - c.body do + - c.with_body do = s_("GitLabPages|Support for domains and certificates is disabled. Ask your system's administrator to enable it.") diff --git a/app/views/projects/pages/_use.html.haml b/app/views/projects/pages/_use.html.haml index dccf61c6ec5..4c39c1be060 100644 --- a/app/views/projects/pages/_use.html.haml +++ b/app/views/projects/pages/_use.html.haml @@ -1,8 +1,8 @@ - unless @project.pages_deployed? = render Pajamas::CardComponent.new(card_options: { class: 'gl-border-blue-500' }, header_options: { class: 'gl-bg-blue-500 gl-text-white' }) do |c| - - c.header do + - c.with_header do = s_('GitLabPages|Configure pages') - - c.body do + - c.with_body do - docs_link_start = "<a href='#{help_page_path('user/project/pages/index')}' target='_blank' rel='noopener noreferrer' data-track-action='click_link' data-track-label='pages_docs_link'>".html_safe - samples_link_start = "<a href='https://gitlab.com/pages' target='_blank' rel='noopener noreferrer' data-track-action='click_link' data-track-label='pages_samples_link'>".html_safe - link_end = '</a>'.html_safe diff --git a/app/views/projects/pages_domains/_certificate.html.haml b/app/views/projects/pages_domains/_certificate.html.haml index f3bf07bb487..f80fd495695 100644 --- a/app/views/projects/pages_domains/_certificate.html.haml +++ b/app/views/projects/pages_domains/_certificate.html.haml @@ -31,9 +31,9 @@ .row .col-sm-10.offset-sm-2 = render Pajamas::CardComponent.new(body_options: { class: 'gl-display-flex gl-align-items-center gl-justify-content-space-between gl-p-5' }) do |c| - - c.header do + - c.with_header do = _('Certificate') - - c.body do + - c.with_body do %span = domain_presenter.pages_domain.subject || _('missing') = link_to _('Remove'), diff --git a/app/views/projects/protected_tags/shared/_create_protected_tag.html.haml b/app/views/projects/protected_tags/shared/_create_protected_tag.html.haml index 1db1da5e428..d67c3dc19d7 100644 --- a/app/views/projects/protected_tags/shared/_create_protected_tag.html.haml +++ b/app/views/projects/protected_tags/shared/_create_protected_tag.html.haml @@ -1,9 +1,9 @@ = gitlab_ui_form_for [@project, @protected_tag], html: { class: 'new-protected-tag js-new-protected-tag' } do |f| %input{ type: 'hidden', name: 'update_section', value: 'js-protected-tags-settings' } = render Pajamas::CardComponent.new(card_options: { class: 'gl-mb-5' }) do |c| - - c.header do + - c.with_header do = _('Protect a tag') - - c.body do + - c.with_body do = form_errors(@protected_tag) .form-group.row = f.label :name, _('Tag:'), class: 'col-md-2 text-left text-md-right' @@ -19,5 +19,5 @@ .create_access_levels-container = yield :create_access_levels - - c.footer do + - c.with_footer do = f.submit _('Protect'), pajamas_button: true, disabled: true, data: { qa_selector: 'protect_tag_button' } diff --git a/app/views/projects/settings/ci_cd/_autodevops_form.html.haml b/app/views/projects/settings/ci_cd/_autodevops_form.html.haml index 5afbace3f26..46cfcf20535 100644 --- a/app/views/projects/settings/ci_cd/_autodevops_form.html.haml +++ b/app/views/projects/settings/ci_cd/_autodevops_form.html.haml @@ -21,14 +21,14 @@ .form-group = f.fields_for :auto_devops_attributes, @auto_devops do |form| = render Pajamas::CardComponent.new(card_options: { class: 'gl-mb-3' }, footer_options: { class: auto_devops_enabled || 'hidden' }) do |c| - - c.body do + - c.with_body do - autodevops_help_link = link_to _('Learn more.'), help_page_path('topics/autodevops/index.md'), target: '_blank', rel: 'noopener noreferrer' - auto_devops_badge = auto_devops_enabled ? (gl_badge_tag badge_for_auto_devops_scope(@project), { variant: :info }, { class: 'js-instance-default-badge gl-ml-3 gl-mt-n1'}) : '' = form.gitlab_ui_checkbox_component :enabled, (s_('CICD|Default to Auto DevOps pipeline') + auto_devops_badge).html_safe, checkbox_options: { class: 'js-toggle-extra-settings', checked: auto_devops_enabled, data: { qa_selector: 'enable_autodevops_checkbox' } }, help_text: (s_('CICD|The Auto DevOps pipeline runs if no alternative CI configuration file is found.') + ' ' + autodevops_help_link).html_safe - - c.footer do + - c.with_footer do - if @project.all_clusters.empty? %p.settings-message.text-center = s_('CICD|Add a %{kubernetes_cluster_link_start}Kubernetes cluster integration%{link_end} with a domain, or create an AUTO_DEVOPS_PLATFORM_TARGET CI variable.').html_safe % { kubernetes_cluster_link_start: kubernetes_cluster_link_start, link_end: link_end } diff --git a/app/views/projects/settings/ci_cd/_badge.html.haml b/app/views/projects/settings/ci_cd/_badge.html.haml index 76a7b42e0e5..e9766b36c79 100644 --- a/app/views/projects/settings/ci_cd/_badge.html.haml +++ b/app/views/projects/settings/ci_cd/_badge.html.haml @@ -3,14 +3,14 @@ %h4 = badge.title.capitalize = render Pajamas::CardComponent.new(card_options: { class: 'gl-mb-5' }, header_options: { class: 'gl-display-flex gl-align-items-center' }) do |c| - - c.header do + - c.with_header do .gl-flex-grow-1 %b = badge.title.capitalize · = badge.to_html .js-ref-switcher-badge{ id: "js-project-ci-cd-ref-switcher-#{badge.title.parameterize(separator: '-') }", data: { project_id: @project.id, ref: @ref } } - - c.body do + - c.with_body do .row .col-md-2.gl-text-center Markdown diff --git a/app/views/projects/starrers/_starrer.html.haml b/app/views/projects/starrers/_starrer.html.haml index d9fda2a6e36..16ae003255c 100644 --- a/app/views/projects/starrers/_starrer.html.haml +++ b/app/views/projects/starrers/_starrer.html.haml @@ -2,7 +2,7 @@ .col-lg-3.col-md-4.col-sm-12 = render Pajamas::CardComponent.new(body_options: { class: 'gl-display-flex' }) do |c| - - c.body do + - c.with_body do = render Pajamas::AvatarComponent.new(starrer.user, size: 48, alt: "", class: 'gl-mr-3') .user-info diff --git a/app/views/projects/triggers/_index.html.haml b/app/views/projects/triggers/_index.html.haml index de127d15351..b68aad24b50 100644 --- a/app/views/projects/triggers/_index.html.haml +++ b/app/views/projects/triggers/_index.html.haml @@ -1,13 +1,13 @@ .row.gl-mt-3.gl-mb-3 .col-lg-12 = render Pajamas::CardComponent.new do |c| - - c.header do + - c.with_header do = _("Manage your project's triggers") - - c.body do + - c.with_body do = render 'projects/triggers/form', btn_text: _('Add trigger') .gl-mb-5 #js-ci-pipeline-triggers-list.triggers-list{ data: { triggers: @triggers_json } } - - c.footer do + - c.with_footer do %p = _("These examples show how to trigger this project's pipeline for a branch or tag.") diff --git a/app/workers/pipeline_process_worker.rb b/app/workers/pipeline_process_worker.rb index caa2591f1ba..015b89630a1 100644 --- a/app/workers/pipeline_process_worker.rb +++ b/app/workers/pipeline_process_worker.rb @@ -14,7 +14,7 @@ class PipelineProcessWorker loggable_arguments 1 idempotent! - deduplicate :until_executing # Remove when FF `ci_pipeline_process_worker_dedup_until_executed` is removed + deduplicate :until_executed, if_deduplicated: :reschedule_once, ttl: 1.minute def perform(pipeline_id) Ci::Pipeline.find_by_id(pipeline_id).try do |pipeline| @@ -23,14 +23,4 @@ class PipelineProcessWorker .execute end end - - # When FF `ci_pipeline_process_worker_dedup_until_executed` is removed, remove this method and - # add `deduplicate :until_executed, if_deduplicated: :reschedule_once`, ttl: 1.minute to the class - def self.perform_async(pipeline_id) - return super unless Feature.enabled?(:ci_pipeline_process_worker_dedup_until_executed) - - set( - deduplicate: { strategy: :until_executed, options: { if_deduplicated: :reschedule_once, ttl: 1.minute } } - ).perform_async(pipeline_id) - end end diff --git a/config/feature_flags/development/ci_pipeline_process_worker_dedup_until_executed.yml b/config/feature_flags/development/ci_pipeline_process_worker_dedup_until_executed.yml deleted file mode 100644 index 34882adcc87..00000000000 --- a/config/feature_flags/development/ci_pipeline_process_worker_dedup_until_executed.yml +++ /dev/null @@ -1,8 +0,0 @@ ---- -name: ci_pipeline_process_worker_dedup_until_executed -introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/115261 -rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/397829 -milestone: '15.11' -type: development -group: group::pipeline authoring -default_enabled: false diff --git a/config/feature_flags/development/disallow_environment_name_update.yml b/config/feature_flags/development/disallow_environment_name_update.yml deleted file mode 100644 index 72b85ae569a..00000000000 --- a/config/feature_flags/development/disallow_environment_name_update.yml +++ /dev/null @@ -1,8 +0,0 @@ ---- -name: disallow_environment_name_update -introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/118146 -rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/408165 -milestone: '16.0' -type: development -group: group::environments -default_enabled: false diff --git a/data/deprecations/16-0-self-monitor-removal.yml b/data/deprecations/16-0-self-monitor-removal.yml new file mode 100644 index 00000000000..3d97d1a417d --- /dev/null +++ b/data/deprecations/16-0-self-monitor-removal.yml @@ -0,0 +1,9 @@ +- title: "Self-monitoring project is removed" + removal_milestone: "16.0" + announcement_milestone: "14.9" + breaking_change: true + reporter: kbychu + stage: monitor + issue_url: https://gitlab.com/groups/gitlab-org/-/epics/10030 + body: | + GitLab self-monitoring project was meant to enable self-hosted GitLab administrators to visualize performance metrics of GitLab within GitLab itself. This feature relied on GitLab Metrics dashboards. With metrics dashboard being removed, self-monitoring project is also removed. We recommended that self-hosted users monitor their GitLab instance with alternative visualization tools, such as Grafana. diff --git a/doc/administration/geo/setup/external_database.md b/doc/administration/geo/setup/external_database.md index f93ef5f5d5e..65ea2e6e5af 100644 --- a/doc/administration/geo/setup/external_database.md +++ b/doc/administration/geo/setup/external_database.md @@ -211,7 +211,7 @@ the tracking database on port 5432. 1. Set up PostgreSQL according to the [database requirements document](../../../install/requirements.md#database). -1. Set up a `gitlab_geo` user with a password of your choice, create the `gitlabhq_geo_production` database, and make the user an owner of the database. You can see an example of this setup in the [installation from source documentation](../../../install/installation.md#6-database). +1. Set up a `gitlab_geo` user with a password of your choice, create the `gitlabhq_geo_production` database, and make the user an owner of the database. You can see an example of this setup in the [installation from source documentation](../../../install/installation.md#7-database). 1. If you are **not** using a cloud-managed PostgreSQL database, ensure that your secondary site can communicate with your tracking database by manually changing the `pg_hba.conf` that is associated with your tracking database. diff --git a/doc/administration/get_started.md b/doc/administration/get_started.md index b11524083b1..0b5de38a78b 100644 --- a/doc/administration/get_started.md +++ b/doc/administration/get_started.md @@ -100,7 +100,6 @@ Unlike other monitoring solutions (for example, Zabbix or New Relic), Prometheus - Prometheus and its exporters are on by default. However, you need to [configure the service](../administration/monitoring/prometheus/index.md#configuring-prometheus). - Learn more about [GitLab architecture](../development/architecture.md). - Find out why [application performance metrics](https://about.gitlab.com/blog/2020/05/07/working-with-performance-metrics/) matter. -- Create a [self-monitoring project](../administration/monitoring/gitlab_self_monitoring_project/index.md) to track the health of your instance. - Integrate Grafana to [build visual dashboards](https://youtu.be/f4R7s0An1qE) based on performance metrics. ### Components of monitoring diff --git a/doc/administration/monitoring/gitlab_self_monitoring_project/img/self_monitoring_overview_dashboard.png b/doc/administration/monitoring/gitlab_self_monitoring_project/img/self_monitoring_overview_dashboard.png Binary files differdeleted file mode 100644 index 1d61823ce41..00000000000 --- a/doc/administration/monitoring/gitlab_self_monitoring_project/img/self_monitoring_overview_dashboard.png +++ /dev/null diff --git a/doc/administration/monitoring/gitlab_self_monitoring_project/index.md b/doc/administration/monitoring/gitlab_self_monitoring_project/index.md index 53b578eb2f3..dbdcdf22007 100644 --- a/doc/administration/monitoring/gitlab_self_monitoring_project/index.md +++ b/doc/administration/monitoring/gitlab_self_monitoring_project/index.md @@ -2,120 +2,11 @@ stage: Monitor group: Respond info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments +remove_date: '2023-08-22' +redirect_to: '../index.md' --- -# Self-monitoring project (deprecated) **(FREE SELF)** +# Self-monitoring project (removed) **(FREE SELF)** -> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/32351) in GitLab 12.7 [with a flag](../../feature_flags.md) named `self_monitoring_project`. Disabled by default. -> - Generally available in GitLab 12.8. [Feature flag `self_monitoring_project`](https://gitlab.com/gitlab-org/gitlab/-/issues/198511) removed. -> - [Deprecated](https://gitlab.com/gitlab-org/gitlab/-/issues/348909) in GitLab 14.9. Planned for removal in GitLab 16.0. - -WARNING: -This feature is in its end-of-life process. It is [deprecated](https://gitlab.com/gitlab-org/gitlab/-/issues/348909) -in GitLab 14.9, and is planned for removal in GitLab 16.0. - -GitLab provides administrators insights into the health of their GitLab instance. - -To provide a native experience (similar interacting with an application deployed using GitLab), a -project called **Monitoring** is created: - -- With [internal visibility](../../../user/public_access.md#internal-projects-and-groups). -- Under a group called **GitLab Instance**. - -The project is created specifically for visualizing and configuring the monitoring of your GitLab -instance. - -When the project and group are created, all administrators are given the [Maintainer role](../../../user/permissions.md). -As an administrator, you can add new members to the group to give them the Maintainer role for the project. - -This project can be used to: - -- Self-monitor your GitLab instance. The metrics dashboard of the project shows some basic resource - usage charts, such as CPU and memory usage of each server in - [Omnibus GitLab](https://docs.gitlab.com/omnibus/) installations. -- Also configure your own [custom metrics](../../../operations/metrics/index.md#adding-custom-metrics) - using metrics exposed by the [GitLab exporter](../prometheus/gitlab_metrics.md#metrics-available). - -## Create the self-monitoring project - -1. On the top bar, select **Main menu > Admin**. -1. On the left sidebar, select **Settings > Metrics and profiling** and expand **Self-monitoring**. -1. Toggle **Self-monitoring** on. -1. After your GitLab instance creates the project, GitLab displays a link to the - project in the text above the **Self-monitoring** toggle. You can also find it - from the top bar by selecting **Main menu > Projects**. - -## Delete the self-monitoring project - -WARNING: -Deleting the self-monitoring project removes any changes made to the project. If -you create the project again, it's created in its default state. - -1. On the top bar, select **Main menu > Admin**. -1. On the left sidebar, go to **Settings > Metrics and profiling** and expand **Self-monitoring**. -1. Toggle **Self-monitoring** off. -1. In the confirmation dialog that opens, select **Delete self-monitoring project**. - It can take a few seconds for it to be deleted. -1. After the project is deleted, GitLab displays a message confirming your action. - -## Dashboards available in Omnibus GitLab - -Omnibus GitLab provides a dashboard that displays CPU and memory usage -of each GitLab server. To select the servers to be displayed in the -panels, provide a regular expression in the **Instance label regex** field. -The dashboard uses metrics available in -[Omnibus GitLab](https://docs.gitlab.com/omnibus/) installations. - - - -You can also -[create your own dashboards](../../../operations/metrics/dashboards/index.md). - -## Connect to Prometheus - -The project is automatically configured to connect to the -[internal Prometheus](../prometheus/index.md) instance if the Prometheus instance is present. -This should be the case if GitLab was installed using Omnibus GitLab and you haven't disabled it. - -If that's not the case, or if you have an external Prometheus instance or a customized setup, -you [configure it manually](../../../user/project/integrations/prometheus.md#manual-configuration-of-prometheus). - -## Take action on Prometheus alerts **(ULTIMATE)** - -You can [add a Prometheus integration](../../../operations/incident_management/integrations.md) -to GitLab to receive notifications of any alerts. - -When the integration is set up, you can -[take action on incoming alerts](../../../operations/metrics/alerts.md#trigger-actions-from-alerts). - -## Add custom metrics to the self-monitoring project - -You can add custom metrics in the self-monitoring project by: - -1. [Duplicating](../../../operations/metrics/dashboards/index.md#duplicate-a-gitlab-defined-dashboard) the overview dashboard. -1. [Editing](../../../operations/metrics/index.md) the newly created dashboard file and configuring it with [dashboard YAML properties](../../../operations/metrics/dashboards/yaml.md). - -## Troubleshooting - -### Error message in logs: `Could not create instance administrators group. Errors: ["You don't have permission to create groups."]` - -A [bug](https://gitlab.com/gitlab-org/gitlab/-/issues/208676) causes project creation to fail with -the following error in the log file when the first administrator user is an -[external user](../../../user/admin_area/external_users.md): - -```plaintext -Could not create instance administrators group. Errors: ["You don't have permission to create groups."] -``` - -Run the following in a Rails console to check if the first administrator user is an external user: - -```ruby -User.admins.active.first.external? -``` - -If this returns true, the first administrator user is an external user. - -If you face this issue, you can temporarily -[make the administrator user a non-external user](../../../user/admin_area/external_users.md) -and then try to create the project. -After the project is created, the administrator user can be changed back to an external user. +This feature was [deprecated](https://gitlab.com/gitlab-org/gitlab/-/issues/348909) +in GitLab 14.9 and [removed](https://gitlab.com/groups/gitlab-org/-/epics/10030) in 16.0. diff --git a/doc/administration/monitoring/index.md b/doc/administration/monitoring/index.md index e57156e6513..1b23d6b7f49 100644 --- a/doc/administration/monitoring/index.md +++ b/doc/administration/monitoring/index.md @@ -8,9 +8,6 @@ info: To determine the technical writer assigned to the Stage/Group associated w Explore our features to monitor your GitLab instance: -- [GitLab self-monitoring](gitlab_self_monitoring_project/index.md): The - GitLab instance administration project helps to monitor the GitLab instance and - take action on alerts. - [Performance monitoring](performance/index.md): GitLab Performance Monitoring makes it possible to measure a wide variety of statistics of your instance. - [Prometheus](prometheus/index.md): Prometheus is a powerful time-series monitoring diff --git a/doc/administration/postgresql/external.md b/doc/administration/postgresql/external.md index 24548f690ff..8f664f9809e 100644 --- a/doc/administration/postgresql/external.md +++ b/doc/administration/postgresql/external.md @@ -17,7 +17,7 @@ If you use a cloud-managed service, or provide your own PostgreSQL instance: 1. Set up PostgreSQL according to the [database requirements document](../../install/requirements.md#database). -1. Set up a `gitlab` user with a password of your choice, create the `gitlabhq_production` database, and make the user an owner of the database. You can see an example of this setup in the [installation from source documentation](../../install/installation.md#6-database). +1. Set up a `gitlab` user with a password of your choice, create the `gitlabhq_production` database, and make the user an owner of the database. You can see an example of this setup in the [installation from source documentation](../../install/installation.md#7-database). 1. If you are using a cloud-managed service, you may need to grant additional roles to your `gitlab` user: - Amazon RDS requires the [`rds_superuser`](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Appendix.PostgreSQL.CommonDBATasks.html#Appendix.PostgreSQL.CommonDBATasks.Roles) role. diff --git a/doc/administration/redis/replication_and_failover_external.md b/doc/administration/redis/replication_and_failover_external.md index 98909dfc001..14378b478da 100644 --- a/doc/administration/redis/replication_and_failover_external.md +++ b/doc/administration/redis/replication_and_failover_external.md @@ -87,7 +87,7 @@ valuable information for the general setup. Assuming that the Redis primary instance IP is `10.0.0.1`: -1. [Install Redis](../../install/installation.md#7-redis). +1. [Install Redis](../../install/installation.md#8-redis). 1. Edit `/etc/redis/redis.conf`: ```conf @@ -113,7 +113,7 @@ Assuming that the Redis primary instance IP is `10.0.0.1`: Assuming that the Redis replica instance IP is `10.0.0.2`: -1. [Install Redis](../../install/installation.md#7-redis). +1. [Install Redis](../../install/installation.md#8-redis). 1. Edit `/etc/redis/redis.conf`: ```conf diff --git a/doc/api/graphql/reference/index.md b/doc/api/graphql/reference/index.md index 9b72c7378b8..263689894ca 100644 --- a/doc/api/graphql/reference/index.md +++ b/doc/api/graphql/reference/index.md @@ -1484,7 +1484,6 @@ Input type: `CiCdSettingsUpdateInput` | <a id="mutationcicdsettingsupdatekeeplatestartifact"></a>`keepLatestArtifact` | [`Boolean`](#boolean) | Indicates if the latest artifact should be kept for the project. | | <a id="mutationcicdsettingsupdatemergepipelinesenabled"></a>`mergePipelinesEnabled` | [`Boolean`](#boolean) | Indicates if merge pipelines are enabled for the project. | | <a id="mutationcicdsettingsupdatemergetrainsenabled"></a>`mergeTrainsEnabled` | [`Boolean`](#boolean) | Indicates if merge trains are enabled for the project. | -| <a id="mutationcicdsettingsupdateoptinjwt"></a>`optInJwt` | [`Boolean`](#boolean) | When disabled, the JSON Web Token is always available in all jobs in the pipeline. | #### Fields @@ -4988,7 +4987,6 @@ Input type: `ProjectCiCdSettingsUpdateInput` | <a id="mutationprojectcicdsettingsupdatekeeplatestartifact"></a>`keepLatestArtifact` | [`Boolean`](#boolean) | Indicates if the latest artifact should be kept for the project. | | <a id="mutationprojectcicdsettingsupdatemergepipelinesenabled"></a>`mergePipelinesEnabled` | [`Boolean`](#boolean) | Indicates if merge pipelines are enabled for the project. | | <a id="mutationprojectcicdsettingsupdatemergetrainsenabled"></a>`mergeTrainsEnabled` | [`Boolean`](#boolean) | Indicates if merge trains are enabled for the project. | -| <a id="mutationprojectcicdsettingsupdateoptinjwt"></a>`optInJwt` | [`Boolean`](#boolean) | When disabled, the JSON Web Token is always available in all jobs in the pipeline. | #### Fields @@ -20408,7 +20406,6 @@ four standard [pagination arguments](#connection-pagination-arguments): | <a id="projectcicdsettingkeeplatestartifact"></a>`keepLatestArtifact` | [`Boolean`](#boolean) | Whether to keep the latest builds artifacts. | | <a id="projectcicdsettingmergepipelinesenabled"></a>`mergePipelinesEnabled` | [`Boolean`](#boolean) | Whether merge pipelines are enabled. | | <a id="projectcicdsettingmergetrainsenabled"></a>`mergeTrainsEnabled` | [`Boolean`](#boolean) | Whether merge trains are enabled. | -| <a id="projectcicdsettingoptinjwt"></a>`optInJwt` | [`Boolean`](#boolean) | When disabled, the JSON Web Token is always available in all jobs in the pipeline. | | <a id="projectcicdsettingproject"></a>`project` | [`Project`](#project) | Project the CI/CD settings belong to. | ### `ProjectConversations` diff --git a/doc/api/graphql/removed_items.md b/doc/api/graphql/removed_items.md index fb4a1a80340..4c506d93436 100644 --- a/doc/api/graphql/removed_items.md +++ b/doc/api/graphql/removed_items.md @@ -30,6 +30,7 @@ Fields removed in GitLab 16.0. | -------------------- | -------------------- |---------------------------------------------------------------------|------------------------------------------------| | - | `vulnerabilityFindingDismiss` | [15.5](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/99170) | `vulnerabilityDismiss` or `securityFindingDismiss` | | - | `apiFuzzingCiConfigurationCreate` | [15.1](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/87241) | `todos` | +| - | `CiCdSettingsUpdate` | [15.0](https://gitlab.com/gitlab-org/gitlab/-/issues/361801) | `ProjectCiCdSettingsUpdate` | ## GitLab 15.0 diff --git a/doc/api/group_access_tokens.md b/doc/api/group_access_tokens.md index 82065590b33..446aa3668d8 100644 --- a/doc/api/group_access_tokens.md +++ b/doc/api/group_access_tokens.md @@ -123,6 +123,34 @@ curl --request POST --header "PRIVATE-TOKEN: <your_access_token>" \ } ``` +## Rotate a group access token + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/403042) in GitLab 16.0 + +Rotate a group access token. Revokes the previous token and creates a new token that expires in one week. + +```plaintext +POST /groups/:id/access_tokens/:token_id/rotate +``` + +| Attribute | Type | required | Description | +|-----------|---------|----------|---------------------| +| `id` | integer or string | yes | ID or [URL-encoded path of the group](rest/index.md#namespaced-path-encoding) | +| `token_id` | integer or string | yes | ID of the project access token | + +```shell +curl --request POST --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/groups/<group_id>/access_tokens/<token_id>/rotate" +``` + +### Responses + +- `200: OK` if existing token is successfully revoked and the new token is created. +- `400: Bad Request` if not rotated successfully. +- `401: Unauthorized` if either the: + - User does not have access to the token with the specified ID. + - Token with the specified ID does not exist. +- `404: Not Found` if the user is an administrator but the token with the specified ID does not exist. + ## Revoke a group access token > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/77236) in GitLab 14.7. diff --git a/doc/api/personal_access_tokens.md b/doc/api/personal_access_tokens.md index 167d3eaedb8..691c094f9eb 100644 --- a/doc/api/personal_access_tokens.md +++ b/doc/api/personal_access_tokens.md @@ -205,6 +205,36 @@ Example response: } ``` +## Rotate a personal access token + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/403042) in GitLab 16.0 + +Rotate a personal access token. Revokes the previous token and creates a new token that expires in one week. + +```plaintext +POST /personal_access_tokens/:id/rotate +``` + +| Attribute | Type | Required | Description | +|-----------|---------|----------|---------------------| +| `id` | integer/string | yes | ID of personal access token | + +NOTE: +Non-administrators can rotate their own tokens. Administrators can rotate tokens of any user. + +```shell +curl --request POST --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/personal_access_tokens/<personal_access_token_id>/rotate" +``` + +### Responses + +- `200: OK` if the existing token is successfully revoked and the new token successfully created. +- `400: Bad Request` if not rotated successfully. +- `401: Unauthorized` if either the: + - User does not have access to the token with the specified ID. + - Token with the specified ID does not exist. +- `404: Not Found` if the user is an administrator but the token with the specified ID does not exist. + ## Revoke a personal access token Revoke a personal access token by either: diff --git a/doc/api/project_access_tokens.md b/doc/api/project_access_tokens.md index 6711d1b0261..437bdaa70f4 100644 --- a/doc/api/project_access_tokens.md +++ b/doc/api/project_access_tokens.md @@ -132,6 +132,34 @@ curl --request POST --header "PRIVATE-TOKEN: <your_access_token>" \ } ``` +## Rotate a project access token + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/403042) in GitLab 16.0 + +Rotate a project access token. Revokes the previous token and creates a new token that expires in one week. + +```plaintext +POST /projects/:id/access_tokens/:token_id/rotate +``` + +| Attribute | Type | required | Description | +|-----------|---------|----------|---------------------| +| `id` | integer or string | yes | ID or [URL-encoded path of the project](rest/index.md#namespaced-path-encoding) | +| `token_id` | integer or string | yes | ID of the project access token | + +```shell +curl --request POST --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/<project_id>/access_tokens/<token_id>/rotate" +``` + +### Responses + +- `200: OK` if the existing token is successfully revoked and the new token is successfully created. +- `400: Bad Request` if not rotated successfully. +- `401: Unauthorized` if either the: + - User does not have access to the token with the specified ID. + - Token with the specified ID does not exist. +- `404: Not Found` if the user is an administrator but the token with the specified ID does not exist. + ## Revoke a project access token > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/238991) in GitLab 13.9. diff --git a/doc/ci/runners/saas/macos/codesigning.md b/doc/ci/runners/saas/macos/codesigning.md index 697f138eec6..809b8faf9df 100644 --- a/doc/ci/runners/saas/macos/codesigning.md +++ b/doc/ci/runners/saas/macos/codesigning.md @@ -8,112 +8,21 @@ info: To determine the technical writer assigned to the Stage/Group associated w Before you can integrate GitLab with Apple services, install to a device, or deploy to the Apple App Store, you must [code sign](https://developer.apple.com/support/code-signing/) your application. -To code sign an iOS project, you need the following files: - -- A certificate issued by Apple. -- A provisioning profile. - ## Code signing iOS Projects with fastlane When you use SaaS runners on macOS, each job runs on a VM. Included in each VM is [fastlane](https://fastlane.tools/), an open-source solution aimed at simplifying mobile app deployment. -These steps outline the minimal setup required to use fastlane to code sign your application. Refer to the fastlane [getting started guide](https://docs.fastlane.tools/), [best practices for integrating with GitLab CI](https://docs.fastlane.tools/best-practices/continuous-integration/gitlab/) and the [fastlane code signing getting started guide](https://docs.fastlane.tools/codesigning/getting-started/) for installation instructions, and an overview of how to use fastlane to handle code signing. - -To use fastlane to code sign your application: - -1. At the root of your project repository, on your local development system, run this command: - - ```plaintext - fastlane match init - ``` - - This command creates the `fastlane` directory and adds two files: `Fastfile` and `Appfile`. - -1. Open `Appfile` and edit it to include your Apple ID and app ID. - - ```plaintext - app_identifier("APP IDENTIFIER") # The bundle identifier of your app - - apple_id("APPLE ID") # Your Apple email address - ``` - -1. Open `Fastfile`, which includes the fastlane build steps. - In the following snippet, the steps `get_certificates`, `get_provisioning_profile,match`, `gym`, and - `upload_to_testflight` are fastlane [actions](https://docs.fastlane.tools/actions/). - - ```plaintext - # This file contains the fastlane.tools configuration - # You can find the documentation at https://docs.fastlane.tools - - default_platform(:ios) - - platform :ios do - desc "Build the application" - lane :beta do - increment_build_number( - build_number: latest_testflight_build_number + 1, - xcodeproj: "${PROJECT_NAME}.xcodeproj" - ) - get_certificates - get_provisioning_profile - # match(type: "appstore",read_only: true) - gym - upload_to_testflight - end - end - ``` - -The example configuration also includes an optional `Gymfile`. This file stores configuration -parameters and is used by the fastlane [`gym`](https://docs.fastlane.tools/actions/gym/) action. - -## Using fastlane match - -To simplify the code signing process and implement the -[Code Signing Best Practices Guide](https://codesigning.guide/) recommendations, -use [fastlane match](https://docs.fastlane.tools/actions/match/). - -- Use one code signing identity shared across your team. -- Store the required certificates and provisioning profiles in a separate GitLab project repository. - -Match automatically syncs iOS and macOS keys and provisioning profiles across all team members with access to the GitLab project. Each team member with access to the project can use the credentials for code signing. - -To use fastlane match: - -1. Initialize match in the project repository: - - ```shell - bundle exec fastlane match init - ``` - -1. Select `git` as your storage node. -1. Enter the URL of the GitLab project you plan to use to store your code signing identities. -1. Optional. To create a new certificate and provisioning profile, run: - - ```shell - bundle exec fastlane match development - ``` - -For different code signing identities' storage options, and for a complete step-by-step guide for using match, -refer to the [match documentation](https://docs.fastlane.tools/actions/match/#usage). - -### Environment variables and authentication - -To complete the setup, you must configure environment variables to use with fastlane. The required variables are outlined in the [fastlane documentation](https://docs.fastlane.tools/best-practices/continuous-integration/#environment-variables-to-set). - -To support Apple's two factor authentication requirement, configure these variables: - -- `FASTLANE_APPLE_APPLICATION_SPECIFIC_PASSWORD` and -- `FASTLANE_SESSION` - -To authenticate fastlane with the App Store for the TestFlight upload, configure these variables: +For information about how to set up code signing for your application, see the instructions in the [Mobile DevOps documentation](../../../../ci/mobile_devops.md#code-sign-ios-projects-with-fastlane). -- `FASTLANE_USER` and -- `FASTLANE_PASSWORD` +These instructions provide the minimal setup to use fastlane to code sign your application. For more information about using fastlane to handle code signing, see the following resources: -View the [fastlane authentication with Apple Services guide](https://docs.fastlane.tools/getting-started/ios/authentication/) for an overview of authentication options. +- [fastlane getting started guide](https://docs.fastlane.tools/) +- [Best practices for integrating with GitLab CI](https://docs.fastlane.tools/best-practices/continuous-integration/gitlab/) +- [fastlane code signing getting started guide](https://docs.fastlane.tools/codesigning/getting-started/) ## Related topics - [Apple Developer Support - Code Signing](https://developer.apple.com/support/code-signing/) - [Code Signing Best Practice Guide](https://codesigning.guide/) +- [fastlane authentication with Apple Services guide](https://docs.fastlane.tools/getting-started/ios/authentication/) diff --git a/doc/development/architecture.md b/doc/development/architecture.md index 0573437b64d..133cf8a2998 100644 --- a/doc/development/architecture.md +++ b/doc/development/architecture.md @@ -636,7 +636,7 @@ MinIO is an object storage server released under the GNU AGPL v3.0. It is compat - Configuration: - [Omnibus](https://docs.gitlab.com/omnibus/settings/) - [Charts](https://docs.gitlab.com/charts/charts/nginx/) - - [Source](../install/installation.md#9-nginx) + - [Source](../install/installation.md#10-nginx) - Layer: Core Service (Processor) - Process: `nginx` - GitLab.com: [Service Architecture](https://about.gitlab.com/handbook/engineering/infrastructure/production/architecture/#service-architecture) @@ -692,7 +692,7 @@ Prometheus exporter for PgBouncer. Exports metrics at 9127/metrics. - Configuration: - [Omnibus](https://docs.gitlab.com/omnibus/settings/database.html) - [Charts](https://docs.gitlab.com/charts/installation/deployment.html#postgresql) - - [Source](../install/installation.md#6-database) + - [Source](../install/installation.md#7-database) - Layer: Core Service (Data) - Process: `postgresql` - GitLab.com: [PostgreSQL](https://about.gitlab.com/handbook/engineering/infrastructure/database/) @@ -729,7 +729,7 @@ Prometheus is a time-series tool that helps GitLab administrators expose metrics - Configuration: - [Omnibus](https://docs.gitlab.com/omnibus/settings/redis.html) - [Charts](https://docs.gitlab.com/charts/installation/deployment.html#redis) - - [Source](../install/installation.md#7-redis) + - [Source](../install/installation.md#8-redis) - Layer: Core Service (Data) - Process: `redis` - GitLab.com: [Service Architecture](https://about.gitlab.com/handbook/engineering/infrastructure/production/architecture/#service-architecture) diff --git a/doc/development/fe_guide/index.md b/doc/development/fe_guide/index.md index ef506f260f7..3d05d395ef1 100644 --- a/doc/development/fe_guide/index.md +++ b/doc/development/fe_guide/index.md @@ -24,7 +24,7 @@ modern ECMAScript standards supported through [Babel](https://babeljs.io/) and E Working with our frontend assets requires Node (v12.22.1 or greater) and Yarn (v1.10.0 or greater). You can find information on how to install these on our -[installation guide](../../install/installation.md#4-node). +[installation guide](../../install/installation.md#5-node). ### Browser Support diff --git a/doc/install/installation.md b/doc/install/installation.md index bb0bffd967a..a8e498674a6 100644 --- a/doc/install/installation.md +++ b/doc/install/installation.md @@ -45,12 +45,13 @@ If the highest number stable branch is unclear, check the [GitLab blog](https:// ## Software requirements -| Software | Minimum version | Notes | -|:-------------------|:----------------|:---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| -| [Ruby](#2-ruby) | `3.0.x` | From GitLab 15.10, Ruby 3.0 is required. You must use the standard MRI implementation of Ruby. We love [JRuby](https://www.jruby.org/) and [Rubinius](https://github.com/rubinius/rubinius#the-rubinius-language-platform), but GitLab needs several Gems that have native extensions. | -| [Go](#3-go) | `1.18.x` | From GitLab 15.6, Go 1.18 or later is required. | -| [Git](#git) | `2.38.x` | From GitLab 15.8, Git 2.38.x and later is required. It's highly recommended that you use the [Git version provided by Gitaly](#git). | -| [Node.js](#4-node) | `16.15.0` | From GitLab 15.7, Node.js 16.15.0 or later is required. | +| Software | Minimum version | Notes | +|:------------------------|:----------------|:---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| [Ruby](#2-ruby) | `3.0.x` | From GitLab 15.10, Ruby 3.0 is required. You must use the standard MRI implementation of Ruby. We love [JRuby](https://www.jruby.org/) and [Rubinius](https://github.com/rubinius/rubinius#the-rubinius-language-platform), but GitLab needs several Gems that have native extensions. | +| [RubyGems](#3-rubygems) | `3.4.x` | A specific RubyGems version is not fully needed, but it's recommended to update so you can enjoy some known performance improvements. | +| [Go](#4-go) | `1.18.x` | From GitLab 15.6, Go 1.18 or later is required. | +| [Git](#git) | `2.38.x` | From GitLab 15.8, Git 2.38.x and later is required. It's highly recommended that you use the [Git version provided by Gitaly](#git). | +| [Node.js](#5-node) | `16.15.0` | From GitLab 15.7, Node.js 16.15.0 or later is required. | ## GitLab directory structure @@ -86,13 +87,14 @@ The GitLab installation consists of setting up the following components: 1. [Packages and dependencies](#1-packages-and-dependencies). 1. [Ruby](#2-ruby). -1. [Go](#3-go). -1. [Node](#4-node). -1. [System users](#5-system-users). -1. [Database](#6-database). -1. [Redis](#7-redis). -1. [GitLab](#8-gitlab). -1. [NGINX](#9-nginx). +1. [RubyGems](#3-rubygems). +1. [Go](#4-go). +1. [Node](#5-node). +1. [System users](#6-system-users). +1. [Database](#7-database). +1. [Redis](#8-redis). +1. [GitLab](#9-gitlab). +1. [NGINX](#10-nginx). ## 1. Packages and dependencies @@ -220,7 +222,23 @@ instructions are designed to install Ruby from the official source code. [Install Ruby](https://www.ruby-lang.org/en/documentation/installation/). -## 3. Go +## 3. RubyGems + +Sometimes, a newer version of RubyGems is required than the one bundled with Ruby. + +To update to a specific version: + +```shell +gem update --system 3.4.12 +``` + +Or the latest version: + +```shell +gem update --system +``` + +## 4. Go GitLab has several daemons written in Go. To install GitLab we need a Go compiler. The instructions below assume you use 64-bit @@ -238,7 +256,7 @@ sudo ln -sf /usr/local/go/bin/{go,gofmt} /usr/local/bin/ rm go1.18.8.linux-amd64.tar.gz ``` -## 4. Node +## 5. Node GitLab requires the use of Node to compile JavaScript assets, and Yarn to manage JavaScript dependencies. The current minimum @@ -262,7 +280,7 @@ npm install --global yarn Visit the official websites for [node](https://nodejs.org/en/download/package-manager/) and [yarn](https://classic.yarnpkg.com/en/docs/install/) if you have any trouble with these steps. -## 5. System users +## 6. System users Create a `git` user for GitLab: @@ -270,7 +288,7 @@ Create a `git` user for GitLab: sudo adduser --disabled-login --gecos 'GitLab' git ``` -## 6. Database +## 7. Database NOTE: In GitLab 12.1 and later, only PostgreSQL is supported. In GitLab 14.0 and later, we [require PostgreSQL 12+](requirements.md#postgresql-requirements). @@ -403,7 +421,7 @@ In GitLab 12.1 and later, only PostgreSQL is supported. In GitLab 14.0 and later gitlabhq_production> \q ``` -## 7. Redis +## 8. Redis See the [requirements page](requirements.md#redis-versions) for the minimum Redis requirements. @@ -486,7 +504,7 @@ fi sudo service redis-server restart ``` -## 8. GitLab +## 9. GitLab ```shell # We'll install GitLab into the home directory of the user "git" @@ -911,7 +929,7 @@ sudo systemctl start gitlab.target sudo service gitlab start ``` -## 9. NGINX +## 10. NGINX NGINX is the officially supported web server for GitLab. If you cannot or do not want to use NGINX as your web server, see [GitLab recipes](https://gitlab.com/gitlab-org/gitlab-recipes/). @@ -1156,7 +1174,7 @@ prometheus: If you see this message when attempting to clone a repository hosted by GitLab, this is likely due to an outdated NGINX or Apache configuration, or a missing or misconfigured GitLab Workhorse instance. Double-check that you've -[installed Go](#3-go), [installed GitLab Workhorse](#install-gitlab-workhorse), +[installed Go](#4-go), [installed GitLab Workhorse](#install-gitlab-workhorse), and correctly [configured NGINX](#site-configuration). ### `google-protobuf` "LoadError: /lib/x86_64-linux-gnu/libc.so.6: version 'GLIBC_2.14' not found" diff --git a/doc/integration/jira/configure.md b/doc/integration/jira/configure.md index 25aafb6089f..3f3511c3838 100644 --- a/doc/integration/jira/configure.md +++ b/doc/integration/jira/configure.md @@ -13,9 +13,11 @@ The Jira issue integration connects one or more GitLab projects to a Jira instan Prerequisites: - Your GitLab installation must not use a [relative URL](https://docs.gitlab.com/omnibus/settings/configuration.html#configure-a-relative-url-for-gitlab). -- **For Jira Server**, you must have a [Jira username and password](jira_server_configuration.md). - **For Jira Cloud**, you must have a [Jira Cloud API token](#create-a-jira-cloud-api-token) and the email address you used to create the token. +- **For Jira Data Center or Jira Server**, you must have one of the following: + - [Jira username and password](jira_server_configuration.md). + - Jira personal access token. You can enable the Jira issue integration by configuring your project settings in GitLab. You can also configure these settings at the: @@ -37,21 +39,21 @@ To configure your project settings in GitLab: [closing reference](../../user/project/issues/managing_issues.md#closing-issues-automatically) is made in GitLab, select **Enable Jira transitions**. 1. Provide Jira configuration information: - - **Web URL**: The base URL for the Jira instance web interface you're linking to + - **Web URL**: Base URL for the Jira instance web interface you're linking to this GitLab project (for example, `https://jira.example.com`). - - **Jira API URL**: The base URL for the Jira instance API (for example, `https://jira-api.example.com`). - If this URL is not set, the **Web URL** value is used by default. Leave blank if you use **Jira Cloud**. + - **Jira API URL**: Base URL for the Jira instance API (for example, `https://jira-api.example.com`). + If this URL is not set, the **Web URL** value is used by default. For Jira Cloud, leave **Jira API URL** blank. - **Authentication type**: From the dropdown list, select: - **Basic** - **Jira personal access token (Jira Data Center and Jira Server only)** - **Email or username** (relevant to **Basic** authentication only): - For Jira Cloud, enter an email. - - For Jira Data Center and Jira Server, enter a username. + - For Jira Data Center or Jira Server, enter a username. - **New API token, password, or Jira personal access token**: - For **Basic** authentication: - For Jira Cloud, enter an API token. - - For Jira Data Center and Jira Server, enter a password. - - For **Jira personal access token** authentication, enter the token. + - For Jira Data Center or Jira Server, enter a password. + - For **Jira personal access token** authentication, enter a personal access token. 1. To enable users to [view Jira issues](issues.md#view-jira-issues) inside the GitLab project, select **Enable Jira issues** and enter a Jira project key. diff --git a/doc/integration/jira/dvcs/index.md b/doc/integration/jira/dvcs/index.md index 6a197ce5c76..0406fef3f1e 100644 --- a/doc/integration/jira/dvcs/index.md +++ b/doc/integration/jira/dvcs/index.md @@ -9,7 +9,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w WARNING: The Jira DVCS connector for Jira Cloud was [deprecated](https://gitlab.com/gitlab-org/gitlab/-/issues/362168) in GitLab 15.1 and [removed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/118126) in 16.0. Use the [GitLab for Jira Cloud app](../connect-app.md) instead. -The Jira DVCS connector was also deprecated for Jira 8.13 and earlier. You can only use the Jira DVCS connector with Jira Data Center or Jira Server in Jira 8.14 and later. Upgrade your Jira instance to Jira 8.14 or later, and reconfigure the Jira integration in your GitLab instance. +The Jira DVCS connector was also deprecated and removed for Jira 8.13 and earlier. You can only use the Jira DVCS connector with Jira Data Center or Jira Server in Jira 8.14 and later. Upgrade your Jira instance to Jira 8.14 or later, and reconfigure the Jira integration in your GitLab instance. Use the Jira DVCS (distributed version control system) connector if you self-host your Jira instance with Jira Data Center or Jira Server and want to use the [Jira development panel](../development_panel.md). diff --git a/doc/security/token_overview.md b/doc/security/token_overview.md index b349eee9837..8acd4a125ce 100644 --- a/doc/security/token_overview.md +++ b/doc/security/token_overview.md @@ -89,7 +89,7 @@ You can use the runner registration token to add runners that execute jobs in a ## Runner authentication tokens (also called runner tokens) -After registration, the runner receives an authentication token, which it uses to authenticate with GitLab when picking up jobs from the job queue. The authentication token is stored locally in the runner's [`config.toml`](https://docs.gitlab.com/runner/configuration/advanced-configuration.html) file. +Once created, the runner receives an authentication token, which it uses to authenticate with GitLab when picking up jobs from the job queue. The authentication token is stored locally in the runner's [`config.toml`](https://docs.gitlab.com/runner/configuration/advanced-configuration.html) file. After authentication with GitLab, the runner receives a [job token](../ci/jobs/ci_job_token.md), which it uses to execute the job. @@ -97,6 +97,17 @@ In case of Docker Machine/Kubernetes/VirtualBox/Parallels/SSH executors, the exe Malicious access to a runner's file system may expose the `config.toml` file and thus the authentication token, allowing an attacker to [clone the runner](https://docs.gitlab.com/runner/security/#cloning-a-runner). +In GitLab 16.0 and later, you can use an authentication token to register runners instead of a +registration token. Runner registration tokens have been [deprecated](../update/deprecations.md#registration-tokens-and-server-side-runner-arguments-in-gitlab-runner-register-command). + +To generate an authentication token, you create a runner in the GitLab UI and use the authentication token +instead of the registration token. + +| Process | Registration command | +| ------------------ | --------------------- | +| Registration token (deprecated) | `gitlab-runner register --registration-token $RUNNER_REGISTRATION_TOKEN <runner configuration arguments>` | +| Authentication token | `gitlab-runner register --token $RUNNER_AUTHENTICATION_TOKEN` | + ## CI/CD job tokens The [CI/CD](../ci/jobs/ci_job_token.md) job token diff --git a/doc/update/deprecations.md b/doc/update/deprecations.md index cc9b7f786c0..81195db0781 100644 --- a/doc/update/deprecations.md +++ b/doc/update/deprecations.md @@ -1894,6 +1894,20 @@ For more information, refer to [security report validation](https://docs.gitlab. <div class="deprecation breaking-change" data-milestone="16.0"> +### Self-monitoring project is removed + +<div class="deprecation-notes"> +- Announced in: GitLab <span class="milestone">14.9</span> +- This is a [breaking change](https://docs.gitlab.com/ee/development/deprecation_guidelines/). +- To discuss this change or learn more, see the [deprecation issue](https://gitlab.com/groups/gitlab-org/-/epics/10030). +</div> + +GitLab self-monitoring project was meant to enable self-hosted GitLab administrators to visualize performance metrics of GitLab within GitLab itself. This feature relied on GitLab Metrics dashboards. With metrics dashboard being removed, self-monitoring project is also removed. We recommended that self-hosted users monitor their GitLab instance with alternative visualization tools, such as Grafana. + +</div> + +<div class="deprecation breaking-change" data-milestone="16.0"> + ### Shimo integration <div class="deprecation-notes"> diff --git a/doc/user/admin_area/settings/index.md b/doc/user/admin_area/settings/index.md index 11c14102efb..2091191b889 100644 --- a/doc/user/admin_area/settings/index.md +++ b/doc/user/admin_area/settings/index.md @@ -112,8 +112,6 @@ The **Metrics and profiling** settings contain: Enable and configure Grafana. - [Profiling - Performance bar](../../../administration/monitoring/performance/performance_bar.md#enable-the-performance-bar-for-non-administrators) - Enable access to the Performance Bar for non-administrator users in a given group. -- [Self-monitoring](../../../administration/monitoring/gitlab_self_monitoring_project/index.md#create-the-self-monitoring-project) - - Enable or disable instance self-monitoring. - [Usage statistics](usage_statistics.md) - Enable or disable version check and Service Ping. ### Network diff --git a/doc/user/admin_area/settings/security_and_compliance.md b/doc/user/admin_area/settings/security_and_compliance.md index f70088a8eb6..c7f4d6a3ede 100644 --- a/doc/user/admin_area/settings/security_and_compliance.md +++ b/doc/user/admin_area/settings/security_and_compliance.md @@ -12,7 +12,7 @@ The settings for package metadata synchronization are located in the [Admin Area ## Choose package registry metadata to sync WARNING: -The full package metadata sync can take up to 30 GB of data. Ensure you have provisioned enough disk space before enabling this feature. +The full package metadata sync can add up to 30 GB to the PostgreSQL database. Ensure you have provisioned enough disk space for the database before enabling this feature. We are actively working on reducing this data size in [epic 10415](https://gitlab.com/groups/gitlab-org/-/epics/10415). To choose the packages you want to synchronize with the GitLab License Database for [License Compliance](../../compliance/license_scanning_of_cyclonedx_files/index.md): diff --git a/lib/api/entities/project.rb b/lib/api/entities/project.rb index 06e636d0301..61feacd6586 100644 --- a/lib/api/entities/project.rb +++ b/lib/api/entities/project.rb @@ -112,7 +112,6 @@ module API expose :ci_forward_deployment_enabled, documentation: { type: 'boolean' } expose(:ci_job_token_scope_enabled, documentation: { type: 'boolean' }) { |p, _| p.ci_outbound_job_token_scope_enabled? } expose :ci_separated_caches, documentation: { type: 'boolean' } - expose :ci_opt_in_jwt, documentation: { type: 'boolean' } expose :ci_allow_fork_pipelines_to_run_in_parent_project, documentation: { type: 'boolean' } expose :build_git_strategy, documentation: { type: 'string', example: 'fetch' } do |project, options| project.build_allow_git_fetch ? 'fetch' : 'clone' diff --git a/lib/api/environments.rb b/lib/api/environments.rb index 24339a1fe30..bb261079d2a 100644 --- a/lib/api/environments.rb +++ b/lib/api/environments.rb @@ -13,13 +13,6 @@ module API urgency :low MIN_SEARCH_LENGTH = 3 - # rubocop:disable Gitlab/DocUrl - ENVIRONMENT_NAME_UPDATE_ERROR = <<~DESC - Updating environment name was deprecated in GitLab 15.9 and to be removed in GitLab 16.0. - For workaround, see [the documentation](https://docs.gitlab.com/ee/ci/environments/#rename-an-environment). - For more information, see [this issue](https://gitlab.com/gitlab-org/gitlab/-/issues/338897) - DESC - # rubocop:enable Gitlab/DocUrl params do requires :id, types: [String, Integer], desc: 'The ID or URL-encoded path of the project owned by the authenticated user' @@ -108,16 +101,8 @@ module API update_params = declared_params(include_missing: false).extract!(:external_url, :tier) - # For the transition period, we implicitly extract `:name` field. - # This line should be removed when disallow_environment_name_update feature flag is removed. - update_params[:name] = params[:name] if params[:name].present? - environment.assign_attributes(update_params) - if environment.name_changed? && ::Feature.enabled?(:disallow_environment_name_update, user_project) - render_api_error!(ENVIRONMENT_NAME_UPDATE_ERROR, 400) - end - if environment.save present environment, with: Entities::Environment, current_user: current_user else diff --git a/lib/api/metrics/user_starred_dashboards.rb b/lib/api/metrics/user_starred_dashboards.rb index 0a91e914d52..b7fba2b6459 100644 --- a/lib/api/metrics/user_starred_dashboards.rb +++ b/lib/api/metrics/user_starred_dashboards.rb @@ -25,6 +25,8 @@ module API end post ':id/metrics/user_starred_dashboards' do + not_found! if Feature.enabled?(:remove_monitor_metrics) + result = ::Metrics::UsersStarredDashboards::CreateService.new(current_user, user_project, params[:dashboard_path]).execute if result.success? @@ -50,6 +52,8 @@ module API end delete ':id/metrics/user_starred_dashboards' do + not_found! if Feature.enabled?(:remove_monitor_metrics) + result = ::Metrics::UsersStarredDashboards::DeleteService.new(current_user, user_project, params[:dashboard_path]).execute if result.success? diff --git a/lib/gitlab/database/load_balancing/service_discovery.rb b/lib/gitlab/database/load_balancing/service_discovery.rb index 5059b3b5c93..57a588db8a8 100644 --- a/lib/gitlab/database/load_balancing/service_discovery.rb +++ b/lib/gitlab/database/load_balancing/service_discovery.rb @@ -103,6 +103,15 @@ module Gitlab # Slightly randomize the retry delay so that, in the case of a total # dns outage, all starting services do not pressure the dns server at the same time. sleep(rand(RETRY_DELAY_RANGE)) + rescue Exception => error # rubocop:disable Lint/RescueException + # All exceptions are logged to find any pattern and solve https://gitlab.com/gitlab-org/gitlab/-/issues/364370 + # This will be removed in https://gitlab.com/gitlab-org/gitlab/-/merge_requests/120173 + Gitlab::Database::LoadBalancing::Logger.error( + event: :service_discovery_unexpected_exception, + message: "Service discovery encountered an uncaught error: #{error.message}" + ) + + raise end interval diff --git a/lib/gitlab/sidekiq_middleware/duplicate_jobs/duplicate_job.rb b/lib/gitlab/sidekiq_middleware/duplicate_jobs/duplicate_job.rb index 2ca8cca363c..bb87104630c 100644 --- a/lib/gitlab/sidekiq_middleware/duplicate_jobs/duplicate_job.rb +++ b/lib/gitlab/sidekiq_middleware/duplicate_jobs/duplicate_job.rb @@ -159,8 +159,6 @@ module Gitlab end def options - # Remove line below when FF `ci_pipeline_process_worker_dedup_until_executed` is removed - return job_deduplication[:options] if job_deduplication[:options] return {} unless worker_klass return {} unless worker_klass.respond_to?(:get_deduplication_options) @@ -202,8 +200,6 @@ module Gitlab end def strategy - # Remove line below when FF `ci_pipeline_process_worker_dedup_until_executed` is removed - return job_deduplication[:strategy] if job_deduplication[:strategy] return DEFAULT_STRATEGY unless worker_klass return DEFAULT_STRATEGY unless worker_klass.respond_to?(:idempotent?) return STRATEGY_NONE unless worker_klass.deduplication_enabled? @@ -211,22 +207,6 @@ module Gitlab worker_klass.get_deduplicate_strategy end - # Returns the deduplicate settings stored in the job itself; remove this method - # when FF `ci_pipeline_process_worker_dedup_until_executed` is removed - def job_deduplication - return {} unless job['deduplicate'] - - # Sometimes this setting is returned with all string keys/values; we need - # to ensure the keys and values of the hash are fully symbolized or numeric - job['deduplicate'].deep_symbolize_keys.tap do |hash| - hash[:strategy] = hash[:strategy]&.to_sym - hash[:options]&.each do |k, v| - hash[:options][k] = k == :ttl ? v.to_i : v.to_sym - end - end.compact - end - strong_memoize_attr :job_deduplication - def worker_class_name job['class'] end diff --git a/spec/features/invites_spec.rb b/spec/features/invites_spec.rb index a4cb8a37e93..a3d4b30b59c 100644 --- a/spec/features/invites_spec.rb +++ b/spec/features/invites_spec.rb @@ -28,14 +28,10 @@ RSpec.describe 'Group or Project invitations', :aggregate_failures, feature_cate fill_in 'new_user_username', with: new_user.username fill_in 'new_user_email', with: new_user.email fill_in 'new_user_password', with: new_user.password - click_button submit_button_text - end - def fill_in_sign_in_form(user) - fill_in 'user_login', with: user.email - fill_in 'user_password', with: user.password - check 'user_remember_me' - click_button 'Sign in' + wait_for_all_requests + + click_button submit_button_text end def fill_in_welcome_form @@ -73,7 +69,7 @@ RSpec.describe 'Group or Project invitations', :aggregate_failures, feature_cate end end - context 'when invite is sent before account is created - ldap or service sign in for manual acceptance edge case' do + context 'when invite is sent before account is created;ldap or service sign in for manual acceptance edge case' do let(:user) { create(:user, email: 'user@example.com') } context 'when invite clicked and not signed in' do @@ -84,7 +80,7 @@ RSpec.describe 'Group or Project invitations', :aggregate_failures, feature_cate it 'sign in, grants access and redirects to group activity page' do click_link 'Sign in' - fill_in_sign_in_form(user) + gitlab_sign_in(user, remember: true, visit: false) expect(page).to have_current_path(activity_group_path(group), ignore_query: true) end @@ -175,17 +171,19 @@ RSpec.describe 'Group or Project invitations', :aggregate_failures, feature_cate fill_in_sign_up_form(new_user) expect(page).to have_current_path(new_user_session_path, ignore_query: true) - expect(page).to have_content('You have signed up successfully. However, we could not sign you in because your account is awaiting approval from your GitLab administrator') + sign_up_message = 'You have signed up successfully. However, we could not sign you in because your account ' \ + 'is awaiting approval from your GitLab administrator.' + expect(page).to have_content(sign_up_message) end end - context 'email confirmation disabled' do + context 'with email confirmation disabled' do before do stub_application_setting_enum('email_confirmation_setting', 'off') end - context 'the user signs up for an account with the invitation email address' do - it 'redirects to the most recent membership activity page with all the projects/groups invitations automatically accepted' do + context 'when the user signs up for an account with the invitation email address' do + it 'redirects to the most recent membership activity page with all invitations automatically accepted' do fill_in_sign_up_form(new_user) fill_in_welcome_form @@ -194,7 +192,7 @@ RSpec.describe 'Group or Project invitations', :aggregate_failures, feature_cate end end - context 'the user sign-up using a different email address' do + context 'when the user sign-up using a different email address' do let(:invite_email) { build_stubbed(:user).email } it 'signs up and redirects to the activity page' do @@ -206,7 +204,7 @@ RSpec.describe 'Group or Project invitations', :aggregate_failures, feature_cate end end - context 'email confirmation enabled' do + context 'with email confirmation enabled' do context 'when user is not valid in sign up form' do let(:new_user) { build_stubbed(:user, password: '11111111') } @@ -232,8 +230,8 @@ RSpec.describe 'Group or Project invitations', :aggregate_failures, feature_cate end end - context 'the user signs up for an account with the invitation email address' do - it 'redirects to the most recent membership activity page with all the projects/groups invitations automatically accepted' do + context 'when the user signs up for an account with the invitation email address' do + it 'redirects to the most recent membership activity page with all invitations automatically accepted' do fill_in_sign_up_form(new_user) fill_in_welcome_form @@ -241,7 +239,7 @@ RSpec.describe 'Group or Project invitations', :aggregate_failures, feature_cate end end - context 'the user sign-up using a different email address' do + context 'when the user signs up using a different email address' do let(:invite_email) { build_stubbed(:user).email } context 'when email confirmation is not set to `soft`' do @@ -253,7 +251,7 @@ RSpec.describe 'Group or Project invitations', :aggregate_failures, feature_cate it 'signs up and redirects to the group activity page' do fill_in_sign_up_form(new_user) confirm_email(new_user) - fill_in_sign_in_form(new_user) + gitlab_sign_in(new_user, remember: true, visit: false) fill_in_welcome_form expect(page).to have_current_path(activity_group_path(group), ignore_query: true) diff --git a/spec/frontend/ci/runner/components/runner_bulk_delete_spec.js b/spec/frontend/ci/runner/components/runner_bulk_delete_spec.js index f609c6be41a..7bd4b701002 100644 --- a/spec/frontend/ci/runner/components/runner_bulk_delete_spec.js +++ b/spec/frontend/ci/runner/components/runner_bulk_delete_spec.js @@ -8,6 +8,7 @@ import { shallowMountExtended } from 'helpers/vue_test_utils_helper'; import { s__ } from '~/locale'; import RunnerBulkDelete from '~/ci/runner/components/runner_bulk_delete.vue'; import createMockApollo from 'helpers/mock_apollo_helper'; +import { stubComponent } from 'helpers/stub_component'; import BulkRunnerDeleteMutation from '~/ci/runner/graphql/list/bulk_runner_delete.mutation.graphql'; import { createLocalState } from '~/ci/runner/graphql/list/local_state'; import waitForPromises from 'helpers/wait_for_promises'; @@ -34,7 +35,7 @@ describe('RunnerBulkDelete', () => { const bulkRunnerDeleteHandler = jest.fn(); - const createComponent = () => { + const createComponent = ({ stubs } = {}) => { const { cacheConfig, localMutations } = mockState; const apolloProvider = createMockApollo( [[BulkRunnerDeleteMutation, bulkRunnerDeleteHandler]], @@ -56,6 +57,7 @@ describe('RunnerBulkDelete', () => { stubs: { GlSprintf, GlModal, + ...stubs, }, }); @@ -135,11 +137,15 @@ describe('RunnerBulkDelete', () => { beforeEach(() => { mockCheckedRunnerIds([mockId1, mockId2]); + mockHideModal = jest.fn(); - createComponent(); + createComponent({ + stubs: { + GlModal: stubComponent(GlModal, { methods: { hide: mockHideModal } }), + }, + }); jest.spyOn(mockState.localMutations, 'clearChecked').mockImplementation(() => {}); - mockHideModal = jest.spyOn(findModal().vm, 'hide').mockImplementation(() => {}); }); describe('when deletion is confirmed', () => { diff --git a/spec/lib/gitlab/database/load_balancing/service_discovery_spec.rb b/spec/lib/gitlab/database/load_balancing/service_discovery_spec.rb index bfd9c644ffa..9a559c7ccb4 100644 --- a/spec/lib/gitlab/database/load_balancing/service_discovery_spec.rb +++ b/spec/lib/gitlab/database/load_balancing/service_discovery_spec.rb @@ -90,7 +90,7 @@ RSpec.describe Gitlab::Database::LoadBalancing::ServiceDiscovery, feature_catego end end - context 'with failures' do + context 'with StandardError' do before do allow(Gitlab::ErrorTracking).to receive(:track_exception) allow(service).to receive(:sleep) @@ -142,6 +142,21 @@ RSpec.describe Gitlab::Database::LoadBalancing::ServiceDiscovery, feature_catego service.perform_service_discovery end end + + context 'with Exception' do + it 'logs error and re-raises the exception' do + error = Exception.new('uncaught-test-error') + + expect(service).to receive(:refresh_if_necessary).and_raise(error) + + expect(Gitlab::Database::LoadBalancing::Logger).to receive(:error).with( + event: :service_discovery_unexpected_exception, + message: "Service discovery encountered an uncaught error: uncaught-test-error" + ) + + expect { service.perform_service_discovery }.to raise_error(Exception, error.message) + end + end end describe '#refresh_if_necessary' do diff --git a/spec/lib/gitlab/sidekiq_middleware/duplicate_jobs/duplicate_job_spec.rb b/spec/lib/gitlab/sidekiq_middleware/duplicate_jobs/duplicate_job_spec.rb index 8e6aea96c58..a46275d90b6 100644 --- a/spec/lib/gitlab/sidekiq_middleware/duplicate_jobs/duplicate_job_spec.rb +++ b/spec/lib/gitlab/sidekiq_middleware/duplicate_jobs/duplicate_job_spec.rb @@ -64,15 +64,6 @@ RSpec.describe Gitlab::SidekiqMiddleware::DuplicateJobs::DuplicateJob, :clean_gi it_behaves_like 'scheduling with deduplication class', 'None' end end - - # This context is to be removed when FF `ci_pipeline_process_worker_dedup_until_executed` is removed - context 'when deduplication strategy is provided in the job options' do - before do - job['deduplicate'] = { 'strategy' => 'until_executed' } - end - - it_behaves_like 'scheduling with deduplication class', 'UntilExecuted' - end end describe '#perform' do @@ -490,15 +481,6 @@ RSpec.describe Gitlab::SidekiqMiddleware::DuplicateJobs::DuplicateJob, :clean_gi expect(duplicate_job.options).to eq(worker_options) end - - # This context is to be removed when FF `ci_pipeline_process_worker_dedup_until_executed` is removed - context 'when deduplication options are provided in the job options' do - it "returns the job's deduplication options" do - job['deduplicate'] = { 'options' => { 'if_deduplicated' => 'reschedule_once', 'ttl' => '60' } } - - expect(duplicate_job.options).to eq({ if_deduplicated: :reschedule_once, ttl: 60 }) - end - end end describe '#idempotent?' do diff --git a/spec/models/ci/build_spec.rb b/spec/models/ci/build_spec.rb index 4657a95a7ac..7c32c6d74c8 100644 --- a/spec/models/ci/build_spec.rb +++ b/spec/models/ci/build_spec.rb @@ -2955,14 +2955,6 @@ RSpec.describe Ci::Build, feature_category: :continuous_integration, factory_def end end - context 'when the opt_in_jwt project setting is true' do - it 'does not include the JWT variables' do - project.ci_cd_settings.update!(opt_in_jwt: true) - - expect(subject.pluck(:key)).not_to include('CI_JOB_JWT', 'CI_JOB_JWT_V1', 'CI_JOB_JWT_V2') - end - end - describe 'variables ordering' do context 'when variables hierarchy is stubbed' do let(:build_pre_var) { { key: 'build', value: 'value', public: true, masked: false } } @@ -3153,6 +3145,23 @@ RSpec.describe Ci::Build, feature_category: :continuous_integration, factory_def end end end + + context 'when the build has ID tokens' do + before do + build.update!( + id_tokens: { 'TEST_ID_TOKEN' => { 'aud' => 'https://client.test' } } + ) + end + + it 'includes the tokens and excludes the predefined JWT variables' do + runner_vars = subject.to_runner_variables.pluck(:key) + + expect(runner_vars).to include('TEST_ID_TOKEN') + expect(runner_vars).not_to include('CI_JOB_JWT') + expect(runner_vars).not_to include('CI_JOB_JWT_V1') + expect(runner_vars).not_to include('CI_JOB_JWT_V2') + end + end end context 'when build has user' do diff --git a/spec/models/project_spec.rb b/spec/models/project_spec.rb index b5b7a283e39..855c5f66554 100644 --- a/spec/models/project_spec.rb +++ b/spec/models/project_spec.rb @@ -1095,7 +1095,6 @@ RSpec.describe Project, factory_default: :keep, feature_category: :projects do 'restrict_user_defined_variables' => '', 'runner_token_expiration_interval' => '', 'separated_caches' => 'ci_', - 'opt_in_jwt' => 'ci_', 'allow_fork_pipelines_to_run_in_parent_project' => 'ci_', 'inbound_job_token_scope_enabled' => 'ci_', 'job_token_scope_enabled' => 'ci_outbound_' diff --git a/spec/requests/api/environments_spec.rb b/spec/requests/api/environments_spec.rb index 01fffb9db24..9a435b3bce9 100644 --- a/spec/requests/api/environments_spec.rb +++ b/spec/requests/api/environments_spec.rb @@ -220,14 +220,6 @@ RSpec.describe API::Environments, feature_category: :continuous_delivery do expect(json_response['external_url']).to eq(url) end - it 'returns a 400 if name is changed' do - put api("/projects/#{project.id}/environments/#{environment.id}", user), - params: { name: 'Mepmep' } - - expect(response).to have_gitlab_http_status(:bad_request) - expect(json_response['message']).to eq(described_class::ENVIRONMENT_NAME_UPDATE_ERROR) - end - it 'returns a 200 if tier is changed' do put api("/projects/#{project.id}/environments/#{environment.id}", user), params: { tier: 'production' } @@ -251,33 +243,6 @@ RSpec.describe API::Environments, feature_category: :continuous_delivery do expect(response).to have_gitlab_http_status(:not_found) end - - context 'when disallow_environment_name_update feature flag is disabled' do - before do - stub_feature_flags(disallow_environment_name_update: false) - end - - it 'returns a 200 if name and external_url are changed' do - url = 'https://mepmep.whatever.ninja' - put api("/projects/#{project.id}/environments/#{environment.id}", user), - params: { name: 'Mepmep', external_url: url } - - expect(response).to have_gitlab_http_status(:ok) - expect(response).to match_response_schema('public_api/v4/environment') - expect(json_response['name']).to eq('Mepmep') - expect(json_response['external_url']).to eq(url) - end - - it "won't update the external_url if only the name is passed" do - url = environment.external_url - put api("/projects/#{project.id}/environments/#{environment.id}", user), - params: { name: 'Mepmep' } - - expect(response).to have_gitlab_http_status(:ok) - expect(json_response['name']).to eq('Mepmep') - expect(json_response['external_url']).to eq(url) - end - end end describe 'DELETE /projects/:id/environments/:environment_id' do diff --git a/spec/requests/api/graphql/ci/ci_cd_setting_spec.rb b/spec/requests/api/graphql/ci/ci_cd_setting_spec.rb index 95cabfea2fc..0437a30eccd 100644 --- a/spec/requests/api/graphql/ci/ci_cd_setting_spec.rb +++ b/spec/requests/api/graphql/ci/ci_cd_setting_spec.rb @@ -50,7 +50,6 @@ RSpec.describe 'Getting Ci Cd Setting', feature_category: :continuous_integratio expect(settings_data['jobTokenScopeEnabled']).to eql project.ci_cd_settings.job_token_scope_enabled? expect(settings_data['inboundJobTokenScopeEnabled']).to eql( project.ci_cd_settings.inbound_job_token_scope_enabled?) - expect(settings_data['optInJwt']).to eql project.ci_cd_settings.opt_in_jwt? end end end diff --git a/spec/requests/api/graphql/mutations/ci/project_ci_cd_settings_update_spec.rb b/spec/requests/api/graphql/mutations/ci/project_ci_cd_settings_update_spec.rb index bc979105c27..aa00069b241 100644 --- a/spec/requests/api/graphql/mutations/ci/project_ci_cd_settings_update_spec.rb +++ b/spec/requests/api/graphql/mutations/ci/project_ci_cd_settings_update_spec.rb @@ -22,8 +22,7 @@ RSpec.describe 'ProjectCiCdSettingsUpdate', feature_category: :continuous_integr full_path: project.full_path, keep_latest_artifact: false, job_token_scope_enabled: false, - inbound_job_token_scope_enabled: false, - opt_in_jwt: true + inbound_job_token_scope_enabled: false } end @@ -109,8 +108,7 @@ RSpec.describe 'ProjectCiCdSettingsUpdate', feature_category: :continuous_integr full_path: project.full_path, keep_latest_artifact: false, job_token_scope_enabled: true, - inbound_job_token_scope_enabled: false, - opt_in_jwt: true + inbound_job_token_scope_enabled: false } end @@ -181,15 +179,6 @@ RSpec.describe 'ProjectCiCdSettingsUpdate', feature_category: :continuous_integr end end - it 'updates ci_opt_in_jwt' do - post_graphql_mutation(mutation, current_user: user) - - project.reload - - expect(response).to have_gitlab_http_status(:success) - expect(project.ci_opt_in_jwt).to eq(true) - end - context 'when bad arguments are provided' do let(:variables) { { full_path: '', keep_latest_artifact: false } } diff --git a/spec/requests/api/metrics/user_starred_dashboards_spec.rb b/spec/requests/api/metrics/user_starred_dashboards_spec.rb index 38d3c0be8b2..6fc98de0777 100644 --- a/spec/requests/api/metrics/user_starred_dashboards_spec.rb +++ b/spec/requests/api/metrics/user_starred_dashboards_spec.rb @@ -15,6 +15,10 @@ RSpec.describe API::Metrics::UserStarredDashboards, feature_category: :metrics d } end + before do + stub_feature_flags(remove_monitor_metrics: false) + end + describe 'POST /projects/:id/metrics/user_starred_dashboards' do before do project.add_reporter(user) @@ -84,6 +88,18 @@ RSpec.describe API::Metrics::UserStarredDashboards, feature_category: :metrics d expect(response).to have_gitlab_http_status(:not_found) end end + + context 'when metrics dashboard feature is unavailable' do + before do + stub_feature_flags(remove_monitor_metrics: true) + end + + it 'returns 404 not found' do + post api(url, user), params: params + + expect(response).to have_gitlab_http_status(:not_found) + end + end end describe 'DELETE /projects/:id/metrics/user_starred_dashboards' do @@ -161,5 +177,17 @@ RSpec.describe API::Metrics::UserStarredDashboards, feature_category: :metrics d expect(response).to have_gitlab_http_status(:not_found) end end + + context 'when metrics dashboard feature is unavailable' do + before do + stub_feature_flags(remove_monitor_metrics: true) + end + + it 'returns 404 not found' do + delete api(url, user), params: params + + expect(response).to have_gitlab_http_status(:not_found) + end + end end end diff --git a/spec/requests/api/project_attributes.yml b/spec/requests/api/project_attributes.yml index 91d4dcd2572..e9581265bb0 100644 --- a/spec/requests/api/project_attributes.yml +++ b/spec/requests/api/project_attributes.yml @@ -99,7 +99,6 @@ ci_cd_settings: forward_deployment_enabled: ci_forward_deployment_enabled job_token_scope_enabled: ci_job_token_scope_enabled separated_caches: ci_separated_caches - opt_in_jwt: ci_opt_in_jwt allow_fork_pipelines_to_run_in_parent_project: ci_allow_fork_pipelines_to_run_in_parent_project build_import_state: # import_state diff --git a/spec/requests/api/projects_spec.rb b/spec/requests/api/projects_spec.rb index 725268d9b6a..17a6eec2a8e 100644 --- a/spec/requests/api/projects_spec.rb +++ b/spec/requests/api/projects_spec.rb @@ -3049,7 +3049,6 @@ RSpec.describe API::Projects, :aggregate_failures, feature_category: :projects d 'ci_forward_deployment_enabled', 'ci_job_token_scope_enabled', 'ci_separated_caches', - 'ci_opt_in_jwt', 'ci_allow_fork_pipelines_to_run_in_parent_project', 'build_git_strategy', 'keep_latest_artifact', diff --git a/spec/support/helpers/login_helpers.rb b/spec/support/helpers/login_helpers.rb index 6bbee6a7926..67315b9d81e 100644 --- a/spec/support/helpers/login_helpers.rb +++ b/spec/support/helpers/login_helpers.rb @@ -94,8 +94,8 @@ module LoginHelpers # remember - Whether or not to check "Remember me" (default: false) # two_factor_auth - If two-factor authentication is enabled (default: false) # password - password to attempt to login with (default: user.password) - def gitlab_sign_in_with(user, remember: false, two_factor_auth: false, password: nil) - visit new_user_session_path + def gitlab_sign_in_with(user, remember: false, two_factor_auth: false, password: nil, visit: true) + visit new_user_session_path if visit fill_in "user_login", with: user.email fill_in "user_password", with: (password || user.password) diff --git a/spec/support/rspec_order_todo.yml b/spec/support/rspec_order_todo.yml index a451ab27f21..1d6620f0bc8 100644 --- a/spec/support/rspec_order_todo.yml +++ b/spec/support/rspec_order_todo.yml @@ -325,7 +325,6 @@ - './ee/spec/features/groups/wiki/user_views_wiki_empty_spec.rb' - './ee/spec/features/ide/user_opens_ide_spec.rb' - './ee/spec/features/integrations/jira/jira_issues_list_spec.rb' -- './ee/spec/features/invites_spec.rb' - './ee/spec/features/issues/blocking_issues_spec.rb' - './ee/spec/features/issues/epic_in_issue_sidebar_spec.rb' - './ee/spec/features/issues/filtered_search/filter_issues_by_iteration_spec.rb' @@ -3748,7 +3747,6 @@ - './spec/features/ide/static_object_external_storage_csp_spec.rb' - './spec/features/ide/user_opens_merge_request_spec.rb' - './spec/features/import/manifest_import_spec.rb' -- './spec/features/invites_spec.rb' - './spec/features/issuables/issuable_list_spec.rb' - './spec/features/issuables/markdown_references/internal_references_spec.rb' - './spec/features/issuables/markdown_references/jira_spec.rb' diff --git a/spec/workers/pipeline_process_worker_spec.rb b/spec/workers/pipeline_process_worker_spec.rb index 1c76cdca347..6ee91b4579d 100644 --- a/spec/workers/pipeline_process_worker_spec.rb +++ b/spec/workers/pipeline_process_worker_spec.rb @@ -5,46 +5,12 @@ require 'spec_helper' RSpec.describe PipelineProcessWorker, feature_category: :continuous_integration do let_it_be(:pipeline) { create(:ci_pipeline) } - # The two examples below are to be added when FF `ci_pipeline_process_worker_dedup_until_executed` is removed - # it 'has the `until_executed` deduplicate strategy' do - # expect(described_class.get_deduplicate_strategy).to eq(:until_executed) - # end - - # it 'has the option to reschedule once if deduplicated and a TTL of 1 minute' do - # expect(described_class.get_deduplication_options).to include({ if_deduplicated: :reschedule_once, ttl: 1.minute }) - # end - - # This context is to be removed when FF `ci_pipeline_process_worker_dedup_until_executed` is removed - describe '#perform_async', :sidekiq_inline do - around do |example| - Sidekiq::Testing.fake! { example.run } - end - - let_it_be(:project) { create(:project, :repository) } - let_it_be(:pipeline) { create(:ci_empty_pipeline, project: project) } - - subject { described_class.perform_async(pipeline.id) } - - it 'sets the deduplication settings in the job options' do - subject - - job = described_class.jobs.last - expect(job['deduplicate']).to eq({ 'strategy' => 'until_executed', - 'options' => { 'if_deduplicated' => 'reschedule_once', 'ttl' => '60' } }) - end - - context 'when FF `ci_pipeline_process_worker_dedup_until_executed` is disabled' do - before do - stub_feature_flags(ci_pipeline_process_worker_dedup_until_executed: false) - end - - it 'does not set the deduplication settings in the job options' do - subject + it 'has the `until_executed` deduplicate strategy' do + expect(described_class.get_deduplicate_strategy).to eq(:until_executed) + end - job = described_class.jobs.last - expect(job['deduplicate']).to be_nil - end - end + it 'has the option to reschedule once if deduplicated and a TTL of 1 minute' do + expect(described_class.get_deduplication_options).to include({ if_deduplicated: :reschedule_once, ttl: 1.minute }) end include_examples 'an idempotent worker' do diff --git a/workhorse/go.mod b/workhorse/go.mod index 7c7a92824df..20daa9e4843 100644 --- a/workhorse/go.mod +++ b/workhorse/go.mod @@ -20,7 +20,7 @@ require ( github.com/johannesboyne/gofakes3 v0.0.0-20230310080033-c0edf658332b github.com/jpillora/backoff v1.0.0 github.com/mitchellh/copystructure v1.2.0 - github.com/prometheus/client_golang v1.15.0 + github.com/prometheus/client_golang v1.15.1 github.com/rafaeljusto/redigomock/v3 v3.1.2 github.com/sebest/xff v0.0.0-20210106013422-671bd2870b3a github.com/sirupsen/logrus v1.9.0 diff --git a/workhorse/go.sum b/workhorse/go.sum index a0ec0e19366..6ab1ff99c4c 100644 --- a/workhorse/go.sum +++ b/workhorse/go.sum @@ -1692,8 +1692,8 @@ github.com/prometheus/client_golang v1.11.1/go.mod h1:Z6t4BnS23TR94PD6BsDNk8yVqr github.com/prometheus/client_golang v1.12.1/go.mod h1:3Z9XVyYiZYEO+YQWt3RD2R3jrbd179Rt297l4aS6nDY= github.com/prometheus/client_golang v1.13.0/go.mod h1:vTeo+zgvILHsnnj/39Ou/1fPN5nJFOEMgftOUOmlvYQ= github.com/prometheus/client_golang v1.14.0/go.mod h1:8vpkKitgIVNcqrRBWh1C4TIUQgYNtG/XQE4E/Zae36Y= -github.com/prometheus/client_golang v1.15.0 h1:5fCgGYogn0hFdhyhLbw7hEsWxufKtY9klyvdNfFlFhM= -github.com/prometheus/client_golang v1.15.0/go.mod h1:e9yaBhRPU2pPNsZwE+JdQl0KEt1N9XgF6zxWmaC0xOk= +github.com/prometheus/client_golang v1.15.1 h1:8tXpTmJbyH5lydzFPoxSIJ0J46jdh3tylbvM1xCv0LI= +github.com/prometheus/client_golang v1.15.1/go.mod h1:e9yaBhRPU2pPNsZwE+JdQl0KEt1N9XgF6zxWmaC0xOk= github.com/prometheus/client_model v0.0.0-20171117100541-99fa1f4be8e5/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo= github.com/prometheus/client_model v0.0.0-20180712105110-5c3871d89910/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo= github.com/prometheus/client_model v0.0.0-20190129233127-fd36f4220a90/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= |
