diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2020-05-20 14:34:42 +0000 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2020-05-20 14:34:42 +0000 |
| commit | 9f46488805e86b1bc341ea1620b866016c2ce5ed (patch) | |
| tree | f9748c7e287041e37d6da49e0a29c9511dc34768 /config | |
| parent | dfc92d081ea0332d69c8aca2f0e745cb48ae5e6d (diff) | |
| download | gitlab-ce-9f46488805e86b1bc341ea1620b866016c2ce5ed.tar.gz | |
Add latest changes from gitlab-org/gitlab@13-0-stable-ee
Diffstat (limited to 'config')
41 files changed, 335 insertions, 238 deletions
diff --git a/config/application.rb b/config/application.rb index a135bef342a..d8f02277527 100644 --- a/config/application.rb +++ b/config/application.rb @@ -131,6 +131,7 @@ module Gitlab encrypted_key hook import_url + elasticsearch_url otp_attempt sentry_dsn trace diff --git a/config/cable.yml.example b/config/cable.yml.example new file mode 100644 index 00000000000..ee3a8da9be8 --- /dev/null +++ b/config/cable.yml.example @@ -0,0 +1,14 @@ +# This file is used for configuring ActionCable in our CI environment +# When using GDK or Omnibus, cable.yml is generated from a different template +development: + adapter: redis + url: redis://localhost:6379 + channel_prefix: gitlab_development +test: + adapter: redis + url: redis://localhost:6379 + channel_prefix: gitlab_test +production: + adapter: redis + url: unix:/var/run/redis/redis.sock + channel_prefix: gitlab_production diff --git a/config/environments/test.rb b/config/environments/test.rb index 71cd5200415..c130eb84baa 100644 --- a/config/environments/test.rb +++ b/config/environments/test.rb @@ -1,12 +1,13 @@ require 'gitlab/testing/request_blocker_middleware' require 'gitlab/testing/request_inspector_middleware' -require 'gitlab/testing/clear_thread_memory_cache_middleware' +require 'gitlab/testing/clear_process_memory_cache_middleware' +require 'gitlab/utils' Rails.application.configure do # Make sure the middleware is inserted first in middleware chain config.middleware.insert_before(ActionDispatch::Static, Gitlab::Testing::RequestBlockerMiddleware) config.middleware.insert_before(ActionDispatch::Static, Gitlab::Testing::RequestInspectorMiddleware) - config.middleware.insert_before(ActionDispatch::Static, Gitlab::Testing::ClearThreadMemoryCacheMiddleware) + config.middleware.insert_before(ActionDispatch::Static, Gitlab::Testing::ClearProcessMemoryCacheMiddleware) # Settings specified here will take precedence over those in config/application.rb @@ -43,7 +44,7 @@ Rails.application.configure do # Print deprecation notices to the stderr config.active_support.deprecation = :stderr - config.eager_load = true + config.eager_load = Gitlab::Utils.to_boolean(ENV['GITLAB_TEST_EAGER_LOAD'], default: true) config.cache_store = :null_store diff --git a/config/feature_categories.yml b/config/feature_categories.yml index f12c0ef466a..010d3d14fcb 100644 --- a/config/feature_categories.yml +++ b/config/feature_categories.yml @@ -8,6 +8,7 @@ # --- - accessibility_testing +- alert_management - analysis - api - attack_emulation @@ -17,11 +18,10 @@ - auto_devops - backup_restore - behavior_analytics -- chaos_engineering +- billing - chatops - cloud_native_installation - cluster_cost_optimization -- cluster_monitoring - code_analytics - code_quality - code_review @@ -71,6 +71,7 @@ - kubernetes_management - language_specific - license_compliance +- live_preview - load_testing - logging - malware_scanning @@ -92,6 +93,7 @@ - runner - secret_detection - secrets_management +- security_benchmarking - serverless - service_desk - snippets diff --git a/config/gitlab.yml.example b/config/gitlab.yml.example index 090ec9265df..9a2e470f852 100644 --- a/config/gitlab.yml.example +++ b/config/gitlab.yml.example @@ -107,6 +107,9 @@ production: &base # S/MIME public certificate key in PEM format, will be attached to signed messages # Default is '.gitlab_smime_cert' relative to Rails.root (i.e. root of the GitLab app). # cert_file: /home/git/gitlab/.gitlab_smime_cert + # S/MIME extra CA public certificates in PEM format, will be attached to signed messages + # Optional + # ca_certs_file: /home/git/gitlab/.gitlab_smime_ca_certs # Email server smtp settings are in config/initializers/smtp_settings.rb.sample @@ -199,6 +202,9 @@ production: &base # # log_path: log/mail_room_json.log + # Whether to expunge (permanently remove) messages from the mailbox when they are deleted after delivery + expunge_deleted: false + ## Build Artifacts artifacts: enabled: true @@ -767,7 +773,7 @@ production: &base # Allow smartcard authentication enabled: false - # Path to a file containing a CA certificate + # Path to a file containing a CA certificate bundle ca_file: '/etc/ssl/certs/CA.pem' # Host and port where the client side certificate is requested by the @@ -1062,6 +1068,11 @@ production: &base # host: localhost # port: 3808 + ## ActionCable settings + action_cable: + # Number of threads used to process ActionCable connection callbacks and channel actions + # worker_pool_size: 4 + ## Monitoring # Built in monitoring settings monitoring: diff --git a/config/helpers/is_eslint.js b/config/helpers/is_eslint.js new file mode 100644 index 00000000000..5dfb7e533e4 --- /dev/null +++ b/config/helpers/is_eslint.js @@ -0,0 +1,18 @@ +/** + * Returns true if the given module is required from eslint + */ +const isESLint = mod => { + let parent = mod.parent; + + while (parent) { + if (parent.filename.includes('/eslint')) { + return true; + } + + parent = parent.parent; + } + + return false; +}; + +module.exports = isESLint; diff --git a/config/initializers/0_thread_cache.rb b/config/initializers/0_thread_cache.rb deleted file mode 100644 index feb8057132e..00000000000 --- a/config/initializers/0_thread_cache.rb +++ /dev/null @@ -1,3 +0,0 @@ -# frozen_string_literal: true - -Gitlab::ThreadMemoryCache.cache_backend diff --git a/config/initializers/1_settings.rb b/config/initializers/1_settings.rb index c3fcd0f8ff0..c0cd491547a 100644 --- a/config/initializers/1_settings.rb +++ b/config/initializers/1_settings.rb @@ -487,6 +487,12 @@ Settings.cron_jobs['namespaces_prune_aggregation_schedules_worker']['job_class'] Settings.cron_jobs['container_expiration_policy_worker'] ||= Settingslogic.new({}) Settings.cron_jobs['container_expiration_policy_worker']['cron'] ||= '50 * * * *' Settings.cron_jobs['container_expiration_policy_worker']['job_class'] = 'ContainerExpirationPolicyWorker' +Settings.cron_jobs['x509_issuer_crl_check_worker'] ||= Settingslogic.new({}) +Settings.cron_jobs['x509_issuer_crl_check_worker']['cron'] ||= '30 1 * * *' +Settings.cron_jobs['x509_issuer_crl_check_worker']['job_class'] = 'X509IssuerCrlCheckWorker' +Settings.cron_jobs['users_create_statistics_worker'] ||= Settingslogic.new({}) +Settings.cron_jobs['users_create_statistics_worker']['cron'] ||= '2 15 * * *' +Settings.cron_jobs['users_create_statistics_worker']['job_class'] = 'Users::CreateStatisticsWorker' Gitlab.ee do Settings.cron_jobs['adjourned_group_deletion_worker'] ||= Settingslogic.new({}) @@ -549,9 +555,6 @@ Gitlab.ee do Settings.cron_jobs['sync_seat_link_worker'] ||= Settingslogic.new({}) Settings.cron_jobs['sync_seat_link_worker']['cron'] ||= "#{rand(60)} 0 * * *" Settings.cron_jobs['sync_seat_link_worker']['job_class'] = 'SyncSeatLinkWorker' - Settings.cron_jobs['users_create_statistics_worker'] ||= Settingslogic.new({}) - Settings.cron_jobs['users_create_statistics_worker']['cron'] ||= '2 15 * * *' - Settings.cron_jobs['users_create_statistics_worker']['job_class'] = 'Users::CreateStatisticsWorker' end # @@ -698,7 +701,6 @@ Settings.rack_attack.git_basic_auth['ip_whitelist'] ||= %w{127.0.0.1} Settings.rack_attack.git_basic_auth['maxretry'] ||= 10 Settings.rack_attack.git_basic_auth['findtime'] ||= 1.minute Settings.rack_attack.git_basic_auth['bantime'] ||= 1.hour -Settings.rack_attack['admin_area_protected_paths_enabled'] ||= false # # Gitaly @@ -715,6 +717,12 @@ Settings.webpack.dev_server['host'] ||= 'localhost' Settings.webpack.dev_server['port'] ||= 3808 # +# ActionCable settings +# +Settings['action_cable'] ||= Settingslogic.new({}) +Settings.action_cable['worker_pool_size'] ||= 4 + +# # Monitoring settings # Settings['monitoring'] ||= Settingslogic.new({}) diff --git a/config/initializers/7_prometheus_metrics.rb b/config/initializers/7_prometheus_metrics.rb index 3ad90ad7d65..267a1f0b1a5 100644 --- a/config/initializers/7_prometheus_metrics.rb +++ b/config/initializers/7_prometheus_metrics.rb @@ -44,6 +44,10 @@ if !Rails.env.test? && Gitlab::Metrics.prometheus_metrics_enabled? Gitlab::Metrics::Samplers::RubySampler.initialize_instance(Settings.monitoring.ruby_sampler_interval).start + if Gitlab::Utils.to_boolean(ENV['ENABLE_DATABASE_CONNECTION_POOL_METRICS']) + Gitlab::Metrics::Samplers::DatabaseSampler.initialize_instance(Gitlab::Metrics::Samplers::DatabaseSampler::SAMPLING_INTERVAL_SECONDS).start + end + if Gitlab.ee? && Gitlab::Runtime.sidekiq? Gitlab::Metrics::Samplers::GlobalSearchSampler.instance(Settings.monitoring.global_search_sampler_interval).start end @@ -61,6 +65,8 @@ if !Rails.env.test? && Gitlab::Metrics.prometheus_metrics_enabled? Gitlab::Metrics::Samplers::PumaSampler.instance(Settings.monitoring.puma_sampler_interval).start end + Gitlab::Metrics.gauge(:deployments, 'GitLab Version', {}, :max).set({ version: Gitlab::VERSION }, 1) + Gitlab::Metrics::RequestsRackMiddleware.initialize_http_request_duration_seconds rescue IOError => e Gitlab::ErrorTracking.track_exception(e) diff --git a/config/initializers/action_cable.rb b/config/initializers/action_cable.rb new file mode 100644 index 00000000000..eb44ff00d09 --- /dev/null +++ b/config/initializers/action_cable.rb @@ -0,0 +1,9 @@ +# frozen_string_literal: true + +Rails.application.configure do + # We only mount the ActionCable engine in tests where we run it in-app + # For other environments, we run it on a standalone Puma server + config.action_cable.mount_path = Rails.env.test? ? '/-/cable' : nil + config.action_cable.url = Gitlab::Utils.append_path(Gitlab.config.gitlab.relative_url_root, '/-/cable') + config.action_cable.worker_pool_size = Gitlab.config.action_cable.worker_pool_size +end diff --git a/config/initializers/actioncable.rb b/config/initializers/actioncable.rb deleted file mode 100644 index ed96f965150..00000000000 --- a/config/initializers/actioncable.rb +++ /dev/null @@ -1,8 +0,0 @@ -# frozen_string_literal: true - -Rails.application.configure do - # Prevents the default engine from being mounted because - # we're running ActionCable as a standalone server - config.action_cable.mount_path = nil - config.action_cable.url = Gitlab::Utils.append_path(Gitlab.config.gitlab.relative_url_root, '/-/cable') -end diff --git a/config/initializers/active_record_fix_insert_all.rb b/config/initializers/active_record_fix_insert_all.rb deleted file mode 100644 index 8ae208dd0e5..00000000000 --- a/config/initializers/active_record_fix_insert_all.rb +++ /dev/null @@ -1,26 +0,0 @@ -# frozen_string_literal: true - -# This fix is needed to properly support -# columns that perform data mutation to a SQL datatype -# ex. would be `jsonb` and `enum` -# -# This is covered by tests in `BulkInsertSafe` -# that validates handling of different data types - -if Rails.gem_version > Gem::Version.new("6.0.2") - raise Gem::DependencyError, - "Remove patch once the https://github.com/rails/rails/pull/38763 is included" -end - -module ActiveRecordInsertAllBuilderMixin - def extract_types_from_columns_on(table_name, keys:) - columns = connection.schema_cache.columns_hash(table_name) - - unknown_column = (keys - columns.keys).first - raise UnknownAttributeError.new(model.new, unknown_column) if unknown_column - - keys.index_with { |key| model.type_for_attribute(key) } - end -end - -ActiveRecord::InsertAll::Builder.prepend(ActiveRecordInsertAllBuilderMixin) diff --git a/config/initializers/cookies_serializer.rb b/config/initializers/cookies_serializer.rb index a04d5044f4e..fa1736dfea6 100644 --- a/config/initializers/cookies_serializer.rb +++ b/config/initializers/cookies_serializer.rb @@ -1,4 +1,4 @@ # Be sure to restart your server when you modify this file. -Rails.application.config.action_dispatch.use_cookies_with_metadata = false +Rails.application.config.action_dispatch.use_cookies_with_metadata = true Rails.application.config.action_dispatch.cookies_serializer = :hybrid diff --git a/config/initializers/gettext_rails_i18n_patch.rb b/config/initializers/gettext_rails_i18n_patch.rb index 714dd505824..09c9b325a04 100644 --- a/config/initializers/gettext_rails_i18n_patch.rb +++ b/config/initializers/gettext_rails_i18n_patch.rb @@ -45,7 +45,7 @@ module GettextI18nRailsJs private def gettext_messages_by_file - @gettext_messages_by_file ||= JSON.parse(load_messages) + @gettext_messages_by_file ||= Gitlab::Json.parse(load_messages) end def load_messages diff --git a/config/initializers/measuring.rb b/config/initializers/measuring.rb new file mode 100644 index 00000000000..79258cda365 --- /dev/null +++ b/config/initializers/measuring.rb @@ -0,0 +1,3 @@ +# frozen_string_literal: true + +Gitlab::Utils::Measuring.logger = Gitlab::Services::Logger.build diff --git a/config/initializers/rack_attack.rb.example b/config/initializers/rack_attack.rb.example deleted file mode 100644 index 69052c029f2..00000000000 --- a/config/initializers/rack_attack.rb.example +++ /dev/null @@ -1,29 +0,0 @@ -# 1. Rename this file to rack_attack.rb -# 2. Review the paths_to_be_protected and add any other path you need protecting -# -# If you change this file in a Merge Request, please also create a Merge Request on https://gitlab.com/gitlab-org/omnibus-gitlab/merge_requests - -paths_to_be_protected = [ - "#{Rails.application.config.relative_url_root}/users/password", - "#{Rails.application.config.relative_url_root}/users/sign_in", - "#{Rails.application.config.relative_url_root}/api/#{API::API.version}/session.json", - "#{Rails.application.config.relative_url_root}/api/#{API::API.version}/session", - "#{Rails.application.config.relative_url_root}/users", - "#{Rails.application.config.relative_url_root}/users/confirmation", - "#{Rails.application.config.relative_url_root}/unsubscribes/", - "#{Rails.application.config.relative_url_root}/import/github/personal_access_token" - -] - -# Create one big regular expression that matches strings starting with any of -# the paths_to_be_protected. -paths_regex = Regexp.union(paths_to_be_protected.map { |path| /\A#{Regexp.escape(path)}/ }) -rack_attack_enabled = Gitlab.config.rack_attack.git_basic_auth['enabled'] - -unless Rails.env.test? || !rack_attack_enabled - Rack::Attack.throttle('protected paths', limit: 10, period: 60.seconds) do |req| - if req.post? && req.path =~ paths_regex - req.ip - end - end -end diff --git a/config/initializers/rack_attack_new.rb b/config/initializers/rack_attack_new.rb index 267d4c1eda9..51b49bec864 100644 --- a/config/initializers/rack_attack_new.rb +++ b/config/initializers/rack_attack_new.rb @@ -8,17 +8,9 @@ module Gitlab::Throttle # Returns true if we should use the Admin Area protected paths throttle def self.protected_paths_enabled? - return false if should_use_omnibus_protected_paths? - self.settings.throttle_protected_paths_enabled? end - # To be removed in 13.0: https://gitlab.com/gitlab-org/gitlab/issues/29952 - def self.should_use_omnibus_protected_paths? - !Settings.rack_attack.admin_area_protected_paths_enabled && - self.omnibus_protected_paths_present? - end - def self.omnibus_protected_paths_present? Rack::Attack.throttles.key?('protected paths') end @@ -168,5 +160,5 @@ class Rack::Attack end end -::Rack::Attack.extend_if_ee('::EE::Gitlab::Rack::Attack') # rubocop: disable Cop/InjectEnterpriseEditionModule +::Rack::Attack.extend_if_ee('::EE::Gitlab::Rack::Attack') ::Rack::Attack::Request.prepend_if_ee('::EE::Gitlab::Rack::Attack::Request') diff --git a/config/initializers/sidekiq.rb b/config/initializers/sidekiq.rb index fa4fc2d2c7b..febcedfee82 100644 --- a/config/initializers/sidekiq.rb +++ b/config/initializers/sidekiq.rb @@ -1,7 +1,5 @@ # frozen_string_literal: true -require 'sidekiq/web' - def enable_reliable_fetch? return true unless Feature::FlipperFeature.table_exists? @@ -14,26 +12,14 @@ def enable_semi_reliable_fetch_mode? Feature.enabled?(:gitlab_sidekiq_enable_semi_reliable_fetcher, default_enabled: true) end -# Disable the Sidekiq Rack session since GitLab already has its own session store. -# CSRF protection still works (https://github.com/mperham/sidekiq/commit/315504e766c4fd88a29b7772169060afc4c40329). -Sidekiq::Web.set :sessions, false - # Custom Queues configuration queues_config_hash = Gitlab::Redis::Queues.params queues_config_hash[:namespace] = Gitlab::Redis::Queues::SIDEKIQ_NAMESPACE -# Default is to retry 25 times with exponential backoff. That's too much. -Sidekiq.default_worker_options = { retry: 3 } - -if Rails.env.development? - Sidekiq.default_worker_options[:backtrace] = true -end - enable_json_logs = Gitlab.config.sidekiq.log_format == 'json' enable_sidekiq_memory_killer = ENV['SIDEKIQ_MEMORY_KILLER_MAX_RSS'].to_i.nonzero? use_sidekiq_daemon_memory_killer = ENV["SIDEKIQ_DAEMON_MEMORY_KILLER"].to_i.nonzero? use_sidekiq_legacy_memory_killer = !use_sidekiq_daemon_memory_killer -use_request_store = ENV.fetch('SIDEKIQ_REQUEST_STORE', 1).to_i.nonzero? Sidekiq.configure_server do |config| if enable_json_logs @@ -50,8 +36,7 @@ Sidekiq.configure_server do |config| config.server_middleware(&Gitlab::SidekiqMiddleware.server_configurator({ metrics: Settings.monitoring.sidekiq_exporter, arguments_logger: ENV['SIDEKIQ_LOG_ARGUMENTS'] && !enable_json_logs, - memory_killer: enable_sidekiq_memory_killer && use_sidekiq_legacy_memory_killer, - request_store: use_request_store + memory_killer: enable_sidekiq_memory_killer && use_sidekiq_legacy_memory_killer })) config.client_middleware(&Gitlab::SidekiqMiddleware.client_configurator) @@ -77,7 +62,7 @@ Sidekiq.configure_server do |config| # Sidekiq-cron: load recurring jobs from gitlab.yml # UGLY Hack to get nested hash from settingslogic - cron_jobs = JSON.parse(Gitlab.config.cron_jobs.to_json) + cron_jobs = Gitlab::Json.parse(Gitlab.config.cron_jobs.to_json) # UGLY hack: Settingslogic doesn't allow 'class' key cron_jobs_required_keys = %w(job_class cron) cron_jobs.each do |k, v| diff --git a/config/initializers/zz_metrics.rb b/config/initializers/zz_metrics.rb index 5bbfb97277c..26f6743f480 100644 --- a/config/initializers/zz_metrics.rb +++ b/config/initializers/zz_metrics.rb @@ -100,7 +100,7 @@ def instrument_classes(instrumentation) instrumentation.instrument_instance_methods(Gitlab::Elastic::ProjectSearchResults) instrumentation.instrument_instance_methods(Gitlab::Elastic::Indexer) instrumentation.instrument_instance_methods(Gitlab::Elastic::SnippetSearchResults) - instrumentation.instrument_methods(Gitlab::Elastic::Helper) + instrumentation.instrument_instance_methods(Gitlab::Elastic::Helper) instrumentation.instrument_instance_methods(Elastic::ApplicationVersionedSearch) instrumentation.instrument_instance_methods(Elastic::ProjectsSearch) @@ -135,7 +135,6 @@ end # loading of our custom migration templates. if Gitlab::Metrics.enabled? && !Rails.env.test? && !(Rails.env.development? && defined?(Rails::Generators)) require 'pathname' - require 'influxdb' require 'connection_pool' require 'method_source' @@ -193,10 +192,6 @@ if Gitlab::Metrics.enabled? && !Rails.env.test? && !(Rails.env.development? && d GC::Profiler.enable - Gitlab::Cluster::LifecycleEvents.on_worker_start do - Gitlab::Metrics::Samplers::InfluxSampler.initialize_instance.start - end - module TrackNewRedisConnections def connect(*args) val = super diff --git a/config/initializers_before_autoloader/002_sidekiq.rb b/config/initializers_before_autoloader/002_sidekiq.rb new file mode 100644 index 00000000000..4ce9127a45d --- /dev/null +++ b/config/initializers_before_autoloader/002_sidekiq.rb @@ -0,0 +1,20 @@ +# frozen_string_literal: true + +# Preloads Sidekiq configurations that don't require application references. +# +# It ensures default settings are loaded before any other file references +# (directly or indirectly) Sidekiq workers. +# + +require 'sidekiq/web' + +# Disable the Sidekiq Rack session since GitLab already has its own session store. +# CSRF protection still works (https://github.com/mperham/sidekiq/commit/315504e766c4fd88a29b7772169060afc4c40329). +Sidekiq::Web.set :sessions, false + +# Default is to retry 25 times with exponential backoff. That's too much. +Sidekiq.default_worker_options = { retry: 3 } + +if Rails.env.development? + Sidekiq.default_worker_options[:backtrace] = true +end diff --git a/config/initializers_before_autoloader/100_patch_omniauth_oauth2.rb b/config/initializers_before_autoloader/100_patch_omniauth_oauth2.rb new file mode 100644 index 00000000000..760fcba5935 --- /dev/null +++ b/config/initializers_before_autoloader/100_patch_omniauth_oauth2.rb @@ -0,0 +1,17 @@ +# frozen_string_literal: true + +module OmniAuth + module Strategies + class OAuth2 + alias_method :original_callback_phase, :callback_phase + + # Monkey patch until PR is merged and released upstream + # https://github.com/omniauth/omniauth-oauth2/pull/129 + def callback_phase + original_callback_phase + rescue ::Faraday::TimeoutError, ::Faraday::ConnectionFailed => e + fail!(:timeout, e) + end + end + end +end diff --git a/config/locales/doorkeeper.en.yml b/config/locales/doorkeeper.en.yml index c9dbde23d35..93293a0236c 100644 --- a/config/locales/doorkeeper.en.yml +++ b/config/locales/doorkeeper.en.yml @@ -88,6 +88,19 @@ en: Grants read-only access to the user's profile data using OpenID Connect. email: Grants read-only access to the user's primary email address using OpenID Connect. + project_access_token_scope_desc: + api: + Grants complete read/write access to the scoped project API. + read_api: + Grants read access to the scoped project API. + read_repository: + Allows read-only access (pull) to the repository. + write_repository: + Allows read-write access (pull, push) to the repository. + read_registry: + Allows read-access (pull) to container registry images if the project is private and authorization is required. + write_registry: + Allows write-access (push) to container registry. flash: applications: create: diff --git a/config/mail_room.yml b/config/mail_room.yml index da37ef60587..23170acbf65 100644 --- a/config/mail_room.yml +++ b/config/mail_room.yml @@ -17,6 +17,7 @@ :name: <%= config[:mailbox].to_json %> :delete_after_delivery: true + :expunge_deleted: <%= config[:expunge_deleted].to_json %> :delivery_method: sidekiq :delivery_options: diff --git a/config/prometheus/common_metrics.yml b/config/prometheus/common_metrics.yml index 4d0ea4a345d..f0491df3db9 100644 --- a/config/prometheus/common_metrics.yml +++ b/config/prometheus/common_metrics.yml @@ -10,7 +10,7 @@ panel_groups: weight: 4 metrics: - id: system_metrics_kubernetes_container_memory_total - query_range: 'avg(sum(container_memory_usage_bytes{container_name!="POD",pod_name=~"^%{ci_environment_slug}-(.*)",namespace="%{kube_namespace}"}) by (job)) without (job) /1024/1024/1024' + query_range: 'avg(sum(container_memory_usage_bytes{container_name!="POD",pod_name=~"^{{ci_environment_slug}}-(.*)",namespace="{{kube_namespace}}"}) by (job)) without (job) /1024/1024/1024' label: Total (GB) unit: GB - title: "Core Usage (Total)" @@ -19,7 +19,7 @@ panel_groups: weight: 3 metrics: - id: system_metrics_kubernetes_container_cores_total - query_range: 'avg(sum(rate(container_cpu_usage_seconds_total{container_name!="POD",pod_name=~"^%{ci_environment_slug}-(.*)",namespace="%{kube_namespace}"}[15m])) by (job)) without (job)' + query_range: 'avg(sum(rate(container_cpu_usage_seconds_total{container_name!="POD",pod_name=~"^{{ci_environment_slug}}-(.*)",namespace="{{kube_namespace}}"}[15m])) by (job)) without (job)' label: Total (cores) unit: "cores" - title: "Memory Usage (Pod average)" @@ -28,7 +28,7 @@ panel_groups: weight: 2 metrics: - id: system_metrics_kubernetes_container_memory_average - query_range: 'avg(sum(container_memory_usage_bytes{container_name!="POD",pod_name=~"^%{ci_environment_slug}-([^c].*|c([^a]|a([^n]|n([^a]|a([^r]|r[^y])))).*|)-(.*)",namespace="%{kube_namespace}"}) by (job)) without (job) / count(avg(container_memory_usage_bytes{container_name!="POD",pod_name=~"^%{ci_environment_slug}-([^c].*|c([^a]|a([^n]|n([^a]|a([^r]|r[^y])))).*|)-(.*)",namespace="%{kube_namespace}"}) without (job)) /1024/1024' + query_range: 'avg(sum(container_memory_usage_bytes{container_name!="POD",pod_name=~"^{{ci_environment_slug}}-([^c].*|c([^a]|a([^n]|n([^a]|a([^r]|r[^y])))).*|)-(.*)",namespace="{{kube_namespace}}"}) by (job)) without (job) / count(avg(container_memory_usage_bytes{container_name!="POD",pod_name=~"^{{ci_environment_slug}}-([^c].*|c([^a]|a([^n]|n([^a]|a([^r]|r[^y])))).*|)-(.*)",namespace="{{kube_namespace}}"}) without (job)) /1024/1024' label: Pod average (MB) unit: MB - title: "Canary: Memory Usage (Pod Average)" @@ -37,7 +37,7 @@ panel_groups: weight: 2 metrics: - id: system_metrics_kubernetes_container_memory_average_canary - query_range: 'avg(sum(container_memory_usage_bytes{container_name!="POD",pod_name=~"^%{ci_environment_slug}-canary-(.*)",namespace="%{kube_namespace}"}) by (job)) without (job) / count(avg(container_memory_usage_bytes{container_name!="POD",pod_name=~"^%{ci_environment_slug}-canary-(.*)",namespace="%{kube_namespace}"}) without (job)) /1024/1024' + query_range: 'avg(sum(container_memory_usage_bytes{container_name!="POD",pod_name=~"^{{ci_environment_slug}}-canary-(.*)",namespace="{{kube_namespace}}"}) by (job)) without (job) / count(avg(container_memory_usage_bytes{container_name!="POD",pod_name=~"^{{ci_environment_slug}}-canary-(.*)",namespace="{{kube_namespace}}"}) without (job)) /1024/1024' label: Pod average (MB) unit: MB track: canary @@ -47,7 +47,7 @@ panel_groups: weight: 1 metrics: - id: system_metrics_kubernetes_container_core_usage - query_range: 'avg(sum(rate(container_cpu_usage_seconds_total{container_name!="POD",pod_name=~"^%{ci_environment_slug}-([^c].*|c([^a]|a([^n]|n([^a]|a([^r]|r[^y])))).*|)-(.*)",namespace="%{kube_namespace}"}[15m])) by (job)) without (job) / count(sum(rate(container_cpu_usage_seconds_total{container_name!="POD",pod_name=~"^%{ci_environment_slug}-([^c].*|c([^a]|a([^n]|n([^a]|a([^r]|r[^y])))).*|)-(.*)",namespace="%{kube_namespace}"}[15m])) by (pod_name))' + query_range: 'avg(sum(rate(container_cpu_usage_seconds_total{container_name!="POD",pod_name=~"^{{ci_environment_slug}}-([^c].*|c([^a]|a([^n]|n([^a]|a([^r]|r[^y])))).*|)-(.*)",namespace="{{kube_namespace}}"}[15m])) by (job)) without (job) / count(sum(rate(container_cpu_usage_seconds_total{container_name!="POD",pod_name=~"^{{ci_environment_slug}}-([^c].*|c([^a]|a([^n]|n([^a]|a([^r]|r[^y])))).*|)-(.*)",namespace="{{kube_namespace}}"}[15m])) by (pod_name))' label: Pod average (cores) unit: "cores" - title: "Canary: Core Usage (Pod Average)" @@ -56,7 +56,7 @@ panel_groups: weight: 1 metrics: - id: system_metrics_kubernetes_container_core_usage_canary - query_range: 'avg(sum(rate(container_cpu_usage_seconds_total{container_name!="POD",pod_name=~"^%{ci_environment_slug}-canary-(.*)",namespace="%{kube_namespace}"}[15m])) by (job)) without (job) / count(sum(rate(container_cpu_usage_seconds_total{container_name!="POD",pod_name=~"^%{ci_environment_slug}-canary-(.*)",namespace="%{kube_namespace}"}[15m])) by (pod_name))' + query_range: 'avg(sum(rate(container_cpu_usage_seconds_total{container_name!="POD",pod_name=~"^{{ci_environment_slug}}-canary-(.*)",namespace="{{kube_namespace}}"}[15m])) by (job)) without (job) / count(sum(rate(container_cpu_usage_seconds_total{container_name!="POD",pod_name=~"^{{ci_environment_slug}}-canary-(.*)",namespace="{{kube_namespace}}"}[15m])) by (pod_name))' label: Pod average (cores) unit: "cores" track: canary @@ -66,7 +66,7 @@ panel_groups: weight: 1 metrics: - id: system_metrics_knative_function_invocation_count - query_range: 'sum(ceil(rate(istio_requests_total{destination_service_namespace="%{kube_namespace}", destination_service=~"%{function_name}.*"}[1m])*60))' + query_range: 'sum(ceil(rate(istio_requests_total{destination_service_namespace="{{kube_namespace}}", destination_service=~"{{function_name}}.*"}[1m])*60))' label: invocations / minute unit: requests # NGINX Ingress metrics for pre-0.16.0 versions @@ -79,7 +79,7 @@ panel_groups: weight: 1 metrics: - id: response_metrics_nginx_ingress_throughput_status_code - query_range: 'sum(rate(nginx_upstream_responses_total{upstream=~"%{kube_namespace}-%{ci_environment_slug}-.*"}[2m])) by (status_code)' + query_range: 'sum(rate(nginx_upstream_responses_total{upstream=~"{{kube_namespace}}-{{ci_environment_slug}}-.*"}[2m])) by (status_code)' unit: req / sec label: Status Code - title: "Latency" @@ -90,7 +90,7 @@ panel_groups: weight: 1 metrics: - id: response_metrics_nginx_ingress_latency_pod_average - query_range: 'avg(nginx_upstream_response_msecs_avg{upstream=~"%{kube_namespace}-%{ci_environment_slug}-.*"})' + query_range: 'avg(nginx_upstream_response_msecs_avg{upstream=~"{{kube_namespace}}-{{ci_environment_slug}}-.*"})' label: Pod average (ms) unit: ms - title: "HTTP Error Rate" @@ -101,7 +101,7 @@ panel_groups: weight: 1 metrics: - id: response_metrics_nginx_ingress_http_error_rate - query_range: 'sum(rate(nginx_upstream_responses_total{status_code="5xx", upstream=~"%{kube_namespace}-%{ci_environment_slug}-.*"}[2m])) / sum(rate(nginx_upstream_responses_total{upstream=~"%{kube_namespace}-%{ci_environment_slug}-.*"}[2m])) * 100' + query_range: 'sum(rate(nginx_upstream_responses_total{status_code="5xx", upstream=~"{{kube_namespace}}-{{ci_environment_slug}}-.*"}[2m])) / sum(rate(nginx_upstream_responses_total{upstream=~"{{kube_namespace}}-{{ci_environment_slug}}-.*"}[2m])) * 100' label: 5xx Errors (%) unit: "%" # NGINX Ingress metrics for post-0.16.0 versions @@ -114,7 +114,7 @@ panel_groups: weight: 1 metrics: - id: response_metrics_nginx_ingress_16_throughput_status_code - query_range: 'sum(label_replace(rate(nginx_ingress_controller_requests{namespace="%{kube_namespace}",ingress=~".*%{ci_environment_slug}.*"}[2m]), "status_code", "${1}xx", "status", "(.)..")) by (status_code)' + query_range: 'sum(label_replace(rate(nginx_ingress_controller_requests{namespace="{{kube_namespace}}",ingress=~".*{{ci_environment_slug}}.*"}[2m]), "status_code", "${1}xx", "status", "(.)..")) by (status_code)' unit: req / sec label: Status Code - title: "Latency" @@ -123,7 +123,7 @@ panel_groups: weight: 1 metrics: - id: response_metrics_nginx_ingress_16_latency_pod_average - query_range: 'sum(rate(nginx_ingress_controller_ingress_upstream_latency_seconds_sum{namespace="%{kube_namespace}",ingress=~".*%{ci_environment_slug}.*"}[2m])) / sum(rate(nginx_ingress_controller_ingress_upstream_latency_seconds_count{namespace="%{kube_namespace}",ingress=~".*%{ci_environment_slug}.*"}[2m])) * 1000' + query_range: 'sum(rate(nginx_ingress_controller_ingress_upstream_latency_seconds_sum{namespace="{{kube_namespace}}",ingress=~".*{{ci_environment_slug}}.*"}[2m])) / sum(rate(nginx_ingress_controller_ingress_upstream_latency_seconds_count{namespace="{{kube_namespace}}",ingress=~".*{{ci_environment_slug}}.*"}[2m])) * 1000' label: Pod average (ms) unit: ms - title: "HTTP Error Rate" @@ -132,7 +132,7 @@ panel_groups: weight: 1 metrics: - id: response_metrics_nginx_ingress_16_http_error_rate - query_range: 'sum(rate(nginx_ingress_controller_requests{status=~"5.*",namespace="%{kube_namespace}",ingress=~".*%{ci_environment_slug}.*"}[2m])) / sum(rate(nginx_ingress_controller_requests{namespace="%{kube_namespace}",ingress=~".*%{ci_environment_slug}.*"}[2m])) * 100' + query_range: 'sum(rate(nginx_ingress_controller_requests{status=~"5.*",namespace="{{kube_namespace}}",ingress=~".*{{ci_environment_slug}}.*"}[2m])) / sum(rate(nginx_ingress_controller_requests{namespace="{{kube_namespace}}",ingress=~".*{{ci_environment_slug}}.*"}[2m])) * 100' label: 5xx Errors (%) unit: "%" - group: Response metrics (HA Proxy) @@ -144,7 +144,7 @@ panel_groups: weight: 1 metrics: - id: response_metrics_ha_proxy_throughput_status_code - query_range: 'sum(rate(haproxy_frontend_http_requests_total{%{environment_filter}}[2m])) by (code)' + query_range: 'sum(rate(haproxy_frontend_http_requests_total{ {{environment_filter}} }[2m])) by (code)' unit: req / sec label: Status Code - title: "HTTP Error Rate" @@ -153,7 +153,7 @@ panel_groups: weight: 1 metrics: - id: response_metrics_ha_proxy_http_error_rate - query_range: 'sum(rate(haproxy_frontend_http_responses_total{code="5xx",%{environment_filter}}[2m])) / sum(rate(haproxy_frontend_http_responses_total{%{environment_filter}}[2m]))' + query_range: 'sum(rate(haproxy_frontend_http_responses_total{code="5xx",{{environment_filter}} }[2m])) / sum(rate(haproxy_frontend_http_responses_total{ {{environment_filter}} }[2m]))' label: HTTP Errors (%) unit: "%" - group: Response metrics (AWS ELB) @@ -165,7 +165,7 @@ panel_groups: weight: 1 metrics: - id: response_metrics_aws_elb_throughput_requests - query_range: 'sum(aws_elb_request_count_sum{%{environment_filter}}) / 60' + query_range: 'sum(aws_elb_request_count_sum{ {{environment_filter}} }) / 60' label: Total (req/sec) unit: req / sec - title: "Latency" @@ -174,7 +174,7 @@ panel_groups: weight: 1 metrics: - id: response_metrics_aws_elb_latency_average - query_range: 'avg(aws_elb_latency_average{%{environment_filter}}) * 1000' + query_range: 'avg(aws_elb_latency_average{ {{environment_filter}} }) * 1000' label: Average (ms) unit: ms - title: "HTTP Error Rate" @@ -183,7 +183,7 @@ panel_groups: weight: 1 metrics: - id: response_metrics_aws_elb_http_error_rate - query_range: 'sum(aws_elb_httpcode_backend_5_xx_sum{%{environment_filter}}) / sum(aws_elb_request_count_sum{%{environment_filter}})' + query_range: 'sum(aws_elb_httpcode_backend_5_xx_sum{ {{environment_filter}} }) / sum(aws_elb_request_count_sum{ {{environment_filter}} })' label: HTTP Errors (%) unit: "%" - group: Response metrics (NGINX) @@ -195,7 +195,7 @@ panel_groups: weight: 1 metrics: - id: response_metrics_nginx_throughput_status_code - query_range: 'sum(rate(nginx_server_requests{server_zone!="*", server_zone!="_", %{environment_filter}}[2m])) by (code)' + query_range: 'sum(rate(nginx_server_requests{server_zone!="*", server_zone!="_", {{environment_filter}} }[2m])) by (code)' unit: req / sec label: Status Code - title: "Latency" @@ -204,7 +204,7 @@ panel_groups: weight: 1 metrics: - id: response_metrics_nginx_latency - query_range: 'avg(nginx_server_requestMsec{%{environment_filter}})' + query_range: 'avg(nginx_server_requestMsec{ {{environment_filter}} })' label: Upstream (ms) unit: ms - title: "HTTP Error Rate (Errors / Sec)" @@ -215,7 +215,7 @@ panel_groups: weight: 1 metrics: - id: response_metrics_nginx_http_error_rate - query_range: 'sum(rate(nginx_server_requests{code="5xx", %{environment_filter}}[2m]))' + query_range: 'sum(rate(nginx_server_requests{code="5xx", {{environment_filter}} }[2m]))' label: HTTP Errors unit: "errors / sec" - title: "HTTP Error Rate" @@ -224,7 +224,6 @@ panel_groups: weight: 1 metrics: - id: response_metrics_nginx_http_error_percentage - query_range: 'sum(rate(nginx_server_requests{code=~"5.*", host="*", %{environment_filter}}[2m])) / sum(rate(nginx_server_requests{code="total", host="*", %{environment_filter}}[2m])) * 100' + query_range: 'sum(rate(nginx_server_requests{code=~"5.*", host="*", {{environment_filter}} }[2m])) / sum(rate(nginx_server_requests{code="total", host="*", {{environment_filter}} }[2m])) * 100' label: 5xx Errors (%) unit: "%" - diff --git a/config/pseudonymizer.yml b/config/pseudonymizer.yml index 195506ac4a1..e9d5fd5623f 100644 --- a/config/pseudonymizer.yml +++ b/config/pseudonymizer.yml @@ -469,7 +469,6 @@ tables: - last_activity_on - notified_of_own_activity - user_type - - bot_type - preferred_language - theme_id diff --git a/config/puma_actioncable.example.development.rb b/config/puma_actioncable.example.development.rb index aef15da54f9..c975f9e4f9b 100644 --- a/config/puma_actioncable.example.development.rb +++ b/config/puma_actioncable.example.development.rb @@ -43,7 +43,7 @@ queue_requests false # accepted protocols. bind 'unix:///home/git/gitlab_actioncable.socket' -workers 2 +workers 1 require_relative "/home/git/gitlab/lib/gitlab/cluster/lifecycle_events" diff --git a/config/redis.cache.yml.example b/config/redis.cache.yml.example index 27478f0a93e..b20f1dd2122 100644 --- a/config/redis.cache.yml.example +++ b/config/redis.cache.yml.example @@ -10,7 +10,7 @@ development: # host: localhost # port: 26380 # point to sentinel, not to redis port # - - # host: slave2 + # host: replica2 # port: 26380 # point to sentinel, not to redis port test: url: redis://localhost:6379/10 @@ -31,8 +31,8 @@ production: # url: redis://master:6380 # sentinels: # - - # host: slave1 + # host: replica1 # port: 26380 # point to sentinel, not to redis port # - - # host: slave2 + # host: replica2 # port: 26380 # point to sentinel, not to redis port diff --git a/config/redis.queues.yml.example b/config/redis.queues.yml.example index dab1f26b096..46ab39729c4 100644 --- a/config/redis.queues.yml.example +++ b/config/redis.queues.yml.example @@ -10,7 +10,7 @@ development: # host: localhost # port: 26381 # point to sentinel, not to redis port # - - # host: slave2 + # host: replica2 # port: 26381 # point to sentinel, not to redis port test: url: redis://localhost:6379/11 @@ -31,8 +31,8 @@ production: # url: redis://master:6381 # sentinels: # - - # host: slave1 + # host: replica1 # port: 26381 # point to sentinel, not to redis port # - - # host: slave2 + # host: replica2 # port: 26381 # point to sentinel, not to redis port diff --git a/config/redis.shared_state.yml.example b/config/redis.shared_state.yml.example index 9371e3619b7..05fed947f52 100644 --- a/config/redis.shared_state.yml.example +++ b/config/redis.shared_state.yml.example @@ -10,7 +10,7 @@ development: # host: localhost # port: 26382 # point to sentinel, not to redis port # - - # host: slave2 + # host: replica2 # port: 26382 # point to sentinel, not to redis port test: url: redis://localhost:6379/12 @@ -31,8 +31,8 @@ production: # url: redis://master:6382 # sentinels: # - - # host: slave1 + # host: replica1 # port: 26382 # point to sentinel, not to redis port # - - # host: slave2 + # host: replica2 # port: 26382 # point to sentinel, not to redis port diff --git a/config/resque.yml.example b/config/resque.yml.example index 0c19d8bc1d3..932c1553dfb 100644 --- a/config/resque.yml.example +++ b/config/resque.yml.example @@ -8,7 +8,7 @@ development: # host: localhost # port: 26380 # point to sentinel, not to redis port # - - # host: slave2 + # host: replica2 # port: 26381 # point to sentinel, not to redis port test: url: redis://localhost:6379 @@ -27,8 +27,8 @@ production: # url: redis://master:6379 # sentinels: # - - # host: slave1 + # host: replica1 # port: 26379 # point to sentinel, not to redis port # - - # host: slave2 + # host: replica2 # port: 26379 # point to sentinel, not to redis port diff --git a/config/routes.rb b/config/routes.rb index 097814d90a7..86f42822299 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -44,19 +44,6 @@ Rails.application.routes.draw do use_doorkeeper_openid_connect - # Autocomplete - get '/autocomplete/users' => 'autocomplete#users' - get '/autocomplete/users/:id' => 'autocomplete#user' - get '/autocomplete/projects' => 'autocomplete#projects' - get '/autocomplete/award_emojis' => 'autocomplete#award_emojis' - get '/autocomplete/merge_request_target_branches' => 'autocomplete#merge_request_target_branches' - - Gitlab.ee do - get '/autocomplete/project_groups' => 'autocomplete#project_groups' - get '/autocomplete/project_routes' => 'autocomplete#project_routes' - get '/autocomplete/namespace_routes' => 'autocomplete#namespace_routes' - end - # Sign up get 'users/sign_up/welcome' => 'registrations#welcome' patch 'users/sign_up/update_registration' => 'registrations#update_registration' @@ -75,6 +62,19 @@ Rails.application.routes.draw do # Begin of the /-/ scope. # Use this scope for all new global routes. scope path: '-' do + # Autocomplete + get '/autocomplete/users' => 'autocomplete#users' + get '/autocomplete/users/:id' => 'autocomplete#user' + get '/autocomplete/projects' => 'autocomplete#projects' + get '/autocomplete/award_emojis' => 'autocomplete#award_emojis' + get '/autocomplete/merge_request_target_branches' => 'autocomplete#merge_request_target_branches' + + Gitlab.ee do + get '/autocomplete/project_groups' => 'autocomplete#project_groups' + get '/autocomplete/project_routes' => 'autocomplete#project_routes' + get '/autocomplete/namespace_routes' => 'autocomplete#namespace_routes' + end + # '/-/health' implemented by BasicHealthCheck middleware get 'liveness' => 'health#liveness' get 'readiness' => 'health#readiness' @@ -129,6 +129,9 @@ Rails.application.routes.draw do scope '/push_from_secondary/:geo_node_id' do draw :git_http end + + # Used for survey responses + resources :survey_responses, only: :index end if ENV['GITLAB_CHAOS_SECRET'] || Rails.env.development? || Rails.env.test? @@ -199,6 +202,19 @@ Rails.application.routes.draw do # Deprecated routes. # Will be removed as part of https://gitlab.com/gitlab-org/gitlab/-/issues/210024 scope as: :deprecated do + # Autocomplete + get '/autocomplete/users' => 'autocomplete#users' + get '/autocomplete/users/:id' => 'autocomplete#user' + get '/autocomplete/projects' => 'autocomplete#projects' + get '/autocomplete/award_emojis' => 'autocomplete#award_emojis' + get '/autocomplete/merge_request_target_branches' => 'autocomplete#merge_request_target_branches' + + Gitlab.ee do + get '/autocomplete/project_groups' => 'autocomplete#project_groups' + get '/autocomplete/project_routes' => 'autocomplete#project_routes' + get '/autocomplete/namespace_routes' => 'autocomplete#namespace_routes' + end + resources :invites, only: [:show], constraints: { id: /[A-Za-z0-9_-]+/ } do member do post :accept diff --git a/config/routes/admin.rb b/config/routes/admin.rb index 96cd6e5f587..f3b7fb5ed45 100644 --- a/config/routes/admin.rb +++ b/config/routes/admin.rb @@ -81,7 +81,6 @@ namespace :admin do post :preview, on: :collection end - resource :logs, only: [:show] resource :health_check, controller: 'health_check', only: [:show] resource :background_jobs, controller: 'background_jobs', only: [:show] @@ -116,10 +115,6 @@ namespace :admin do end resource :application_settings, only: :update do - # This redirect should be removed with 13.0 release. - # https://gitlab.com/gitlab-org/gitlab/issues/199427 - get '/', to: redirect('admin/application_settings/general'), as: nil - resources :services, only: [:index, :edit, :update] resources :integrations, only: [:edit, :update] do member do @@ -159,6 +154,10 @@ namespace :admin do end end + namespace :ci do + resource :variables, only: [:show, :update] + end + concerns :clusterable get '/dashboard/stats', to: 'dashboard#stats' diff --git a/config/routes/issues.rb b/config/routes/issues.rb index 51b4637b89f..04a935c1016 100644 --- a/config/routes/issues.rb +++ b/config/routes/issues.rb @@ -13,6 +13,7 @@ resources :issues, concerns: :awardable, constraints: { id: /\d+/ } do get :realtime_changes post :create_merge_request get :discussions, format: :json + get '/designs(/*vueroute)', to: 'issues#designs', as: :designs, format: false end collection do diff --git a/config/routes/merge_requests.rb b/config/routes/merge_requests.rb index fe58649b684..f6c45081ce0 100644 --- a/config/routes/merge_requests.rb +++ b/config/routes/merge_requests.rb @@ -14,7 +14,9 @@ resources :merge_requests, concerns: :awardable, except: [:new, :create, :show], post :rebase get :test_reports get :exposed_artifacts + get :accessibility_reports get :coverage_reports + get :terraform_reports scope constraints: ->(req) { req.format == :json }, as: :json do get :commits diff --git a/config/routes/pipelines.rb b/config/routes/pipelines.rb new file mode 100644 index 00000000000..cc3c3400526 --- /dev/null +++ b/config/routes/pipelines.rb @@ -0,0 +1,37 @@ +# frozen_string_literal: true + +resources :pipelines, only: [:index, :new, :create, :show, :destroy] do + collection do + resource :pipelines_settings, path: 'settings', only: [:show, :update] + get :charts + scope '(*ref)', constraints: { ref: Gitlab::PathRegex.git_reference_regex } do + get :latest, action: :show, defaults: { latest: true } + end + end + + member do + get :stage + get :stage_ajax + post :cancel + post :retry + get :builds + get :dag + get :failures + get :status + get :test_report + get :test_reports_count + end + + member do + resources :stages, only: [], param: :name do + post :play_manual + end + end +end + +resources :pipeline_schedules, except: [:show] do + member do + post :play + post :take_ownership + end +end diff --git a/config/routes/project.rb b/config/routes/project.rb index 29e83b8dd5d..020bfa7687d 100644 --- a/config/routes/project.rb +++ b/config/routes/project.rb @@ -65,6 +65,7 @@ constraints(::Constraints::ProjectUrlConstrainer.new) do namespace :ci do resource :lint, only: [:show, :create] + resources :daily_build_group_report_results, only: [:index], constraints: { format: 'csv' } end namespace :settings do @@ -90,6 +91,12 @@ constraints(::Constraints::ProjectUrlConstrainer.new) do post :create_deploy_token, path: 'deploy_token/create' post :cleanup end + + resources :access_tokens, only: [:index, :create] do + member do + put :revoke + end + end end resources :autocomplete_sources, only: [] do @@ -277,6 +284,10 @@ constraints(::Constraints::ProjectUrlConstrainer.new) do end end + resources :alert_management, only: [:index] do + get 'details', on: :member + end + namespace :error_tracking do resources :projects, only: :index end @@ -295,6 +306,13 @@ constraints(::Constraints::ProjectUrlConstrainer.new) do end end + namespace :design_management do + namespace :designs, path: 'designs/:design_id(/:sha)', constraints: -> (params) { params[:sha].nil? || Gitlab::Git.commit_id?(params[:sha]) } do + resource :raw_image, only: :show + resources :resized_image, only: :show, constraints: -> (params) { DesignManagement::DESIGN_IMAGE_SIZES.include?(params[:id]) } + end + end + draw :issues draw :merge_requests @@ -314,7 +332,6 @@ constraints(::Constraints::ProjectUrlConstrainer.new) do # All new routes should go under /-/ scope. # Look for scope '-' at the top of the file. - # rubocop: disable Cop/PutProjectRoutesUnderScope # # Templates @@ -330,8 +347,8 @@ constraints(::Constraints::ProjectUrlConstrainer.new) do defaults: { format: 'json' }, constraints: { template_type: %r{issue|merge_request}, format: 'json' } - resource :pages, only: [:show, :update, :destroy] do - resources :domains, except: :index, controller: 'pages_domains', constraints: { id: %r{[^/]+} } do + resource :pages, only: [:show, :update, :destroy] do # rubocop: disable Cop/PutProjectRoutesUnderScope + resources :domains, except: :index, controller: 'pages_domains', constraints: { id: %r{[^/]+} } do # rubocop: disable Cop/PutProjectRoutesUnderScope member do post :verify post :retry_auto_ssl @@ -340,7 +357,7 @@ constraints(::Constraints::ProjectUrlConstrainer.new) do end end - resources :snippets, concerns: :awardable, constraints: { id: /\d+/ } do + resources :snippets, concerns: :awardable, constraints: { id: /\d+/ } do # rubocop: disable Cop/PutProjectRoutesUnderScope member do get :raw post :mark_as_spam @@ -348,14 +365,14 @@ constraints(::Constraints::ProjectUrlConstrainer.new) do end namespace :prometheus do - resources :alerts, constraints: { id: /\d+/ }, only: [:index, :create, :show, :update, :destroy] do + resources :alerts, constraints: { id: /\d+/ }, only: [:index, :create, :show, :update, :destroy] do # rubocop: disable Cop/PutProjectRoutesUnderScope post :notify, on: :collection member do get :metrics_dashboard end end - resources :metrics, constraints: { id: %r{[^\/]+} }, only: [:index, :new, :create, :edit, :update, :destroy] do + resources :metrics, constraints: { id: %r{[^\/]+} }, only: [:index, :new, :create, :edit, :update, :destroy] do # rubocop: disable Cop/PutProjectRoutesUnderScope get :active_common, on: :collection post :validate_query, on: :collection end @@ -363,65 +380,41 @@ constraints(::Constraints::ProjectUrlConstrainer.new) do post 'alerts/notify', to: 'alerting/notifications#create' - resources :pipelines, only: [:index, :new, :create, :show, :destroy] do - collection do - resource :pipelines_settings, path: 'settings', only: [:show, :update] - get :charts - scope '(*ref)', constraints: { ref: Gitlab::PathRegex.git_reference_regex } do - get :latest, action: :show, defaults: { latest: true } - end - end - - member do - get :stage - get :stage_ajax - post :cancel - post :retry - get :builds - get :failures - get :status - get :test_report - get :test_reports_count - end - - member do - resources :stages, only: [], param: :name do - post :play_manual - end - end - end + # Unscoped route. It will be replaced with redirect to /-/pipelines/ + # Issue https://gitlab.com/gitlab-org/gitlab/issues/118849 + draw :pipelines - resources :pipeline_schedules, except: [:show] do - member do - post :play - post :take_ownership - end + # To ensure an old unscoped routing is used for the UI we need to + # add prefix 'as' to the scope routing and place it below original routing. + # Issue https://gitlab.com/gitlab-org/gitlab/issues/118849 + scope '-', as: 'scoped' do + draw :pipelines end draw :legacy_builds - resources :hooks, only: [:index, :create, :edit, :update, :destroy], constraints: { id: /\d+/ } do + resources :hooks, only: [:index, :create, :edit, :update, :destroy], constraints: { id: /\d+/ } do # rubocop: disable Cop/PutProjectRoutesUnderScope member do post :test end - resources :hook_logs, only: [:show] do + resources :hook_logs, only: [:show] do # rubocop: disable Cop/PutProjectRoutesUnderScope member do post :retry end end end - resources :container_registry, only: [:index, :destroy, :show], + resources :container_registry, only: [:index, :destroy, :show], # rubocop: disable Cop/PutProjectRoutesUnderScope controller: 'registry/repositories' namespace :registry do - resources :repository, only: [] do + resources :repository, only: [] do # rubocop: disable Cop/PutProjectRoutesUnderScope # We default to JSON format in the controller to avoid ambiguity. # `latest.json` could either be a request for a tag named `latest` # in JSON format, or a request for tag named `latest.json`. scope format: false do - resources :tags, only: [:index, :destroy], + resources :tags, only: [:index, :destroy], # rubocop: disable Cop/PutProjectRoutesUnderScope constraints: { id: Gitlab::Regex.container_registry_tag_regex } do collection do delete :bulk_destroy @@ -431,13 +424,7 @@ constraints(::Constraints::ProjectUrlConstrainer.new) do end end - # Unscoped route. It will be replaced with redirect to /-/issues/ - # Issue https://gitlab.com/gitlab-org/gitlab/issues/118849 - scope as: 'deprecated' do - draw :issues - end - - resources :notes, only: [:create, :destroy, :update], concerns: :awardable, constraints: { id: /\d+/ } do + resources :notes, only: [:create, :destroy, :update], concerns: :awardable, constraints: { id: /\d+/ } do # rubocop: disable Cop/PutProjectRoutesUnderScope member do delete :delete_attachment post :resolve @@ -447,16 +434,16 @@ constraints(::Constraints::ProjectUrlConstrainer.new) do get 'noteable/:target_type/:target_id/notes' => 'notes#index', as: 'noteable_notes' - resources :todos, only: [:create] + resources :todos, only: [:create] # rubocop: disable Cop/PutProjectRoutesUnderScope - resources :uploads, only: [:create] do + resources :uploads, only: [:create] do # rubocop: disable Cop/PutProjectRoutesUnderScope collection do get ":secret/:filename", action: :show, as: :show, constraints: { filename: %r{[^/]+} }, format: false, defaults: { format: nil } post :authorize end end - resources :runners, only: [:index, :edit, :update, :destroy, :show] do + resources :runners, only: [:index, :edit, :update, :destroy, :show] do # rubocop: disable Cop/PutProjectRoutesUnderScope member do post :resume post :pause @@ -468,8 +455,8 @@ constraints(::Constraints::ProjectUrlConstrainer.new) do end end - resources :runner_projects, only: [:create, :destroy] - resources :badges, only: [:index] do + resources :runner_projects, only: [:create, :destroy] # rubocop: disable Cop/PutProjectRoutesUnderScope + resources :badges, only: [:index] do # rubocop: disable Cop/PutProjectRoutesUnderScope collection do scope '*ref', constraints: { ref: Gitlab::PathRegex.git_reference_regex } do constraints format: /svg/ do @@ -482,6 +469,7 @@ constraints(::Constraints::ProjectUrlConstrainer.new) do scope :usage_ping, controller: :usage_ping do post :web_ide_clientside_preview + post :web_ide_pipelines_count end # Deprecated unscoped routing. @@ -492,20 +480,15 @@ constraints(::Constraints::ProjectUrlConstrainer.new) do # All new routes should go under /-/ scope. # Look for scope '-' at the top of the file. - # rubocop: enable Cop/PutProjectRoutesUnderScope # Legacy routes. # Introduced in 12.0. # Should be removed with https://gitlab.com/gitlab-org/gitlab/issues/28848. - Gitlab::Routing.redirect_legacy_paths(self, :settings, :branches, :tags, - :network, :graphs, :autocomplete_sources, - :project_members, :deploy_keys, :deploy_tokens, - :labels, :milestones, :services, :boards, :releases, - :forks, :group_links, :import, :avatar, :mirror, + Gitlab::Routing.redirect_legacy_paths(self, :mirror, :tags, :cycle_analytics, :mattermost, :variables, :triggers, - :environments, :protected_environments, :error_tracking, + :environments, :protected_environments, :error_tracking, :alert_management, :serverless, :clusters, :audit_events, :wikis, :merge_requests, - :vulnerability_feedback, :security, :dependencies) + :vulnerability_feedback, :security, :dependencies, :issues) end # rubocop: disable Cop/PutProjectRoutesUnderScope diff --git a/config/routes/repository_scoped.rb b/config/routes/repository_scoped.rb index 42ec8ca1806..865a5bdb5a9 100644 --- a/config/routes/repository_scoped.rb +++ b/config/routes/repository_scoped.rb @@ -31,9 +31,9 @@ scope format: false do resources :protected_branches, only: [:index, :show, :create, :update, :destroy, :patch], constraints: { id: Gitlab::PathRegex.git_reference_regex } resources :protected_tags, only: [:index, :show, :create, :update, :destroy] - scope constraints: { id: /[^\0]+/ } do + scope constraints: { id: /[^\0]+?/ } do scope controller: :static_site_editor do - get '/sse/*id', action: :show, as: :show_sse + get '/sse/:id(/*vueroute)', action: :show, as: :show_sse end end end diff --git a/config/sidekiq_queues.yml b/config/sidekiq_queues.yml index 9e446cd1b9a..e6e0b4b4409 100644 --- a/config/sidekiq_queues.yml +++ b/config/sidekiq_queues.yml @@ -32,6 +32,8 @@ - 1 - - authorized_keys - 2 +- - authorized_project_update + - 1 - - authorized_projects - 2 - - auto_devops @@ -100,6 +102,8 @@ - 1 - - export_csv - 1 +- - external_service_reactive_caching + - 1 - - file_hook - 1 - - gcp_cluster diff --git a/config/smime_signature_settings.rb b/config/smime_signature_settings.rb index 3d19db84c19..4a8cf1a06f7 100644 --- a/config/smime_signature_settings.rb +++ b/config/smime_signature_settings.rb @@ -5,6 +5,7 @@ class SmimeSignatureSettings email_smime['enabled'] = false unless email_smime['enabled'] email_smime['key_file'] ||= Rails.root.join('.gitlab_smime_key') email_smime['cert_file'] ||= Rails.root.join('.gitlab_smime_cert') + email_smime['ca_certs_file'] ||= nil email_smime end diff --git a/config/webpack.config.js b/config/webpack.config.js index e220482d769..7c130b010b6 100644 --- a/config/webpack.config.js +++ b/config/webpack.config.js @@ -141,8 +141,8 @@ module.exports = { output: { path: path.join(ROOT_PATH, 'public/assets/webpack'), publicPath: '/assets/webpack/', - filename: IS_PRODUCTION ? '[name].[chunkhash:8].bundle.js' : '[name].bundle.js', - chunkFilename: IS_PRODUCTION ? '[name].[chunkhash:8].chunk.js' : '[name].chunk.js', + filename: IS_PRODUCTION ? '[name].[contenthash:8].bundle.js' : '[name].bundle.js', + chunkFilename: IS_PRODUCTION ? '[name].[contenthash:8].chunk.js' : '[name].chunk.js', globalObject: 'this', // allow HMR and web workers to play nice }, @@ -191,7 +191,7 @@ module.exports = { test: /icons\.svg$/, loader: 'file-loader', options: { - name: '[name].[hash:8].[ext]', + name: '[name].[contenthash:8].[ext]', }, }, { @@ -210,7 +210,7 @@ module.exports = { { loader: 'worker-loader', options: { - name: '[name].[hash:8].worker.js', + name: '[name].[contenthash:8].worker.js', inline: IS_DEV_SERVER, }, }, @@ -222,7 +222,7 @@ module.exports = { exclude: /node_modules/, loader: 'file-loader', options: { - name: '[name].[hash:8].[ext]', + name: '[name].[contenthash:8].[ext]', }, }, { @@ -232,7 +232,8 @@ module.exports = { { loader: 'css-loader', options: { - name: '[name].[hash:8].[ext]', + modules: 'global', + localIdentName: '[name].[contenthash:8].[ext]', }, }, ], @@ -242,13 +243,15 @@ module.exports = { include: /node_modules\/katex\/dist\/fonts/, loader: 'file-loader', options: { - name: '[name].[hash:8].[ext]', + name: '[name].[contenthash:8].[ext]', }, }, ], }, optimization: { + // Replace 'hashed' with 'deterministic' in webpack 5 + moduleIds: 'hashed', runtimeChunk: 'single', splitChunks: { maxInitialRequests: 4, @@ -260,6 +263,30 @@ module.exports = { chunks: 'initial', minChunks: autoEntriesCount * 0.9, }), + monaco: { + priority: 15, + name: 'monaco', + chunks: 'initial', + test: /[\\/]node_modules[\\/]monaco-editor[\\/]/, + minChunks: 2, + reuseExistingChunk: true, + }, + echarts: { + priority: 14, + name: 'echarts', + chunks: 'all', + test: /[\\/]node_modules[\\/](echarts|zrender)[\\/]/, + minChunks: 2, + reuseExistingChunk: true, + }, + security_reports: { + priority: 13, + name: 'security_reports', + chunks: 'initial', + test: /[\\/](vue_shared[\\/](security_reports|license_compliance)|security_dashboard)[\\/]/, + minChunks: 2, + reuseExistingChunk: true, + }, vendors: { priority: 10, chunks: 'async', diff --git a/config/webpack.vendor.config.js b/config/webpack.vendor.config.js index 7ecb9b06fdd..bebd1d656b5 100644 --- a/config/webpack.vendor.config.js +++ b/config/webpack.vendor.config.js @@ -29,7 +29,6 @@ module.exports = { 'core-js', 'echarts', 'lodash', - 'underscore', 'vuex', 'pikaday', 'vue/dist/vue.esm.js', |