diff options
author | Ryan Cobb <rcobb@gitlab.com> | 2019-05-29 10:56:38 -0600 |
---|---|---|
committer | Ryan Cobb <rcobb@gitlab.com> | 2019-05-29 10:56:38 -0600 |
commit | 0393c5059de2ce03f706fbf28056e1d80304b73a (patch) | |
tree | f47c4daaf9315c89cc6b039988d57e1fbd14c322 /lib | |
parent | 4fae62b9efa985e4cf6a09cb6bd4b9cf665e6b32 (diff) | |
parent | 70d1537dda66da8b319ceefde36195047b26a8fd (diff) | |
download | gitlab-ce-0393c5059de2ce03f706fbf28056e1d80304b73a.tar.gz |
Merge branch 'master' into 61964-unicorn-instrumentation
Diffstat (limited to 'lib')
46 files changed, 426 insertions, 305 deletions
diff --git a/lib/api/api.rb b/lib/api/api.rb index f4a96b9711b..20f8c637274 100644 --- a/lib/api/api.rb +++ b/lib/api/api.rb @@ -98,7 +98,6 @@ module API mount ::API::Boards mount ::API::Branches mount ::API::BroadcastMessages - mount ::API::CircuitBreakers mount ::API::Commits mount ::API::CommitStatuses mount ::API::ContainerRegistry diff --git a/lib/api/circuit_breakers.rb b/lib/api/circuit_breakers.rb deleted file mode 100644 index da756daadcc..00000000000 --- a/lib/api/circuit_breakers.rb +++ /dev/null @@ -1,39 +0,0 @@ -# frozen_string_literal: true - -module API - class CircuitBreakers < Grape::API - before { authenticated_as_admin! } - - resource :circuit_breakers do - params do - requires :type, - type: String, - desc: "The type of circuitbreaker", - values: ['repository_storage'] - end - resource ':type' do - namespace '', requirements: { type: 'repository_storage' } do - desc 'Get all git storages' do - detail 'This feature was introduced in GitLab 9.5' - end - get do - present [] - end - - desc 'Get all failing git storages' do - detail 'This feature was introduced in GitLab 9.5' - end - get 'failing' do - present [] - end - - desc 'Reset all storage failures and open circuitbreaker' do - detail 'This feature was introduced in GitLab 9.5' - end - delete do - end - end - end - end - end -end diff --git a/lib/api/entities.rb b/lib/api/entities.rb index 625fada4f08..3d7cf2c0bb1 100644 --- a/lib/api/entities.rb +++ b/lib/api/entities.rb @@ -239,6 +239,7 @@ module API end end + expose :empty_repo?, as: :empty_repo expose :archived?, as: :archived expose :visibility expose :owner, using: Entities::UserBasic, unless: ->(project, options) { project.group } @@ -1266,7 +1267,7 @@ module API end class JobBasic < Grape::Entity - expose :id, :status, :stage, :name, :ref, :tag, :coverage + expose :id, :status, :stage, :name, :ref, :tag, :coverage, :allow_failure expose :created_at, :started_at, :finished_at expose :duration expose :user, with: User @@ -1303,6 +1304,7 @@ module API class Variable < Grape::Entity expose :variable_type, :key, :value expose :protected?, as: :protected, if: -> (entity, _) { entity.respond_to?(:protected?) } + expose :masked?, as: :masked, if: -> (entity, _) { entity.respond_to?(:masked?) } end class Pipeline < PipelineBasic diff --git a/lib/api/groups.rb b/lib/api/groups.rb index 6893c8c40be..ec1020c7c78 100644 --- a/lib/api/groups.rb +++ b/lib/api/groups.rb @@ -7,34 +7,9 @@ module API before { authenticate_non_get! } - helpers do - params :optional_params_ce do - optional :description, type: String, desc: 'The description of the group' - optional :visibility, type: String, - values: Gitlab::VisibilityLevel.string_values, - default: Gitlab::VisibilityLevel.string_level( - Gitlab::CurrentSettings.current_application_settings.default_group_visibility), - desc: 'The visibility of the group' - optional :lfs_enabled, type: Boolean, desc: 'Enable/disable LFS for the projects in this group' - optional :request_access_enabled, type: Boolean, desc: 'Allow users to request member access' - optional :share_with_group_lock, type: Boolean, desc: 'Prevent sharing a project with another group within this group' - end - - params :optional_params_ee do - end - - params :optional_update_params_ee do - end - end - - include ::API::Helpers::GroupsHelpers + helpers Helpers::GroupsHelpers helpers do - params :optional_params do - use :optional_params_ce - use :optional_params_ee - end - params :statistics_params do optional :statistics, type: Boolean, default: false, desc: 'Include project statistics' end diff --git a/lib/api/helpers/groups_helpers.rb b/lib/api/helpers/groups_helpers.rb index ae677547760..2c33d79f6c8 100644 --- a/lib/api/helpers/groups_helpers.rb +++ b/lib/api/helpers/groups_helpers.rb @@ -4,6 +4,30 @@ module API module Helpers module GroupsHelpers extend ActiveSupport::Concern + extend Grape::API::Helpers + + params :optional_params_ce do + optional :description, type: String, desc: 'The description of the group' + optional :visibility, type: String, + values: Gitlab::VisibilityLevel.string_values, + default: Gitlab::VisibilityLevel.string_level( + Gitlab::CurrentSettings.current_application_settings.default_group_visibility), + desc: 'The visibility of the group' + optional :lfs_enabled, type: Boolean, desc: 'Enable/disable LFS for the projects in this group' + optional :request_access_enabled, type: Boolean, desc: 'Allow users to request member access' + optional :share_with_group_lock, type: Boolean, desc: 'Prevent sharing a project with another group within this group' + end + + params :optional_params_ee do + end + + params :optional_update_params_ee do + end + + params :optional_params do + use :optional_params_ce + use :optional_params_ee + end end end end diff --git a/lib/api/helpers/internal_helpers.rb b/lib/api/helpers/internal_helpers.rb index 71c30ec99a5..c318f5b9127 100644 --- a/lib/api/helpers/internal_helpers.rb +++ b/lib/api/helpers/internal_helpers.rb @@ -46,6 +46,8 @@ module API def process_mr_push_options(push_options, project, user, changes) output = {} + Gitlab::QueryLimiting.whitelist('https://gitlab.com/gitlab-org/gitlab-ce/issues/61359') + service = ::MergeRequests::PushOptionsHandlerService.new( project, user, diff --git a/lib/api/helpers/issues_helpers.rb b/lib/api/helpers/issues_helpers.rb index fc66cec5341..5b7199fddb0 100644 --- a/lib/api/helpers/issues_helpers.rb +++ b/lib/api/helpers/issues_helpers.rb @@ -3,6 +3,14 @@ module API module Helpers module IssuesHelpers + extend Grape::API::Helpers + + params :optional_issue_params_ee do + end + + params :optional_issues_params_ee do + end + def self.update_params_at_least_one_of [ :assignee_id, diff --git a/lib/api/helpers/members_helpers.rb b/lib/api/helpers/members_helpers.rb index 73d58ee7f37..1395ffadab9 100644 --- a/lib/api/helpers/members_helpers.rb +++ b/lib/api/helpers/members_helpers.rb @@ -19,28 +19,13 @@ module API .non_request end - # rubocop: disable CodeReuse/ActiveRecord def find_all_members_for_project(project) - shared_group_ids = project.project_group_links.pluck(:group_id) - project_group_ids = project.group&.self_and_ancestors&.pluck(:id) - source_ids = [project.id, project_group_ids, shared_group_ids] - .flatten - .compact - Member.includes(:user) - .joins(user: :project_authorizations) - .where(project_authorizations: { project_id: project.id }) - .where(source_id: source_ids) + MembersFinder.new(project, current_user).execute(include_invited_groups_members: true) end - # rubocop: enable CodeReuse/ActiveRecord - # rubocop: disable CodeReuse/ActiveRecord def find_all_members_for_group(group) - source_ids = group.self_and_ancestors.pluck(:id) - Member.includes(:user) - .where(source_id: source_ids) - .where(source_type: 'Namespace') + GroupMembersFinder.new(group).execute end - # rubocop: enable CodeReuse/ActiveRecord end end end diff --git a/lib/api/helpers/protected_branches_helpers.rb b/lib/api/helpers/protected_branches_helpers.rb new file mode 100644 index 00000000000..0fc6841d79a --- /dev/null +++ b/lib/api/helpers/protected_branches_helpers.rb @@ -0,0 +1,13 @@ +# frozen_string_literal: true + +module API + module Helpers + module ProtectedBranchesHelpers + extend ActiveSupport::Concern + extend Grape::API::Helpers + + params :optional_params_ee do + end + end + end +end diff --git a/lib/api/helpers/services_helpers.rb b/lib/api/helpers/services_helpers.rb index 953be7f3798..44c577204b8 100644 --- a/lib/api/helpers/services_helpers.rb +++ b/lib/api/helpers/services_helpers.rb @@ -563,6 +563,12 @@ module API name: :notify_only_broken_pipelines, type: Boolean, desc: 'Notify only broken pipelines' + }, + { + required: false, + name: :notify_only_default_branch, + type: Boolean, + desc: 'Send notifications only for the default branch' } ], 'pivotaltracker' => [ diff --git a/lib/api/helpers/users_helpers.rb b/lib/api/helpers/users_helpers.rb new file mode 100644 index 00000000000..56fd3c6602d --- /dev/null +++ b/lib/api/helpers/users_helpers.rb @@ -0,0 +1,16 @@ +# frozen_string_literal: true + +module API + module Helpers + module UsersHelpers + extend ActiveSupport::Concern + extend Grape::API::Helpers + + params :optional_params_ee do + end + + params :optional_index_params_ee do + end + end + end +end diff --git a/lib/api/helpers/variables_helpers.rb b/lib/api/helpers/variables_helpers.rb new file mode 100644 index 00000000000..78a92d0f5a6 --- /dev/null +++ b/lib/api/helpers/variables_helpers.rb @@ -0,0 +1,13 @@ +# frozen_string_literal: true + +module API + module Helpers + module VariablesHelpers + extend ActiveSupport::Concern + extend Grape::API::Helpers + + params :optional_params_ee do + end + end + end +end diff --git a/lib/api/internal.rb b/lib/api/internal.rb index c82fd230d7a..224aaaaf006 100644 --- a/lib/api/internal.rb +++ b/lib/api/internal.rb @@ -264,12 +264,8 @@ module API PostReceive.perform_async(params[:gl_repository], params[:identifier], params[:changes], push_options.as_json) - if Feature.enabled?(:mr_push_options, default_enabled: true) - Gitlab::QueryLimiting.whitelist('https://gitlab.com/gitlab-org/gitlab-ce/issues/61359') - - mr_options = push_options.get(:merge_request) - output.merge!(process_mr_push_options(mr_options, project, user, params[:changes])) if mr_options.present? - end + mr_options = push_options.get(:merge_request) + output.merge!(process_mr_push_options(mr_options, project, user, params[:changes])) if mr_options.present? broadcast_message = BroadcastMessage.current&.last&.message reference_counter_decreased = Gitlab::ReferenceCounter.new(params[:gl_repository]).decrease diff --git a/lib/api/issues.rb b/lib/api/issues.rb index 0b4da01f3c8..56960a2eb64 100644 --- a/lib/api/issues.rb +++ b/lib/api/issues.rb @@ -9,16 +9,6 @@ module API before { authenticate_non_get! } helpers do - if Gitlab.ee? - params :issues_params_ee do - optional :weight, types: [Integer, String], integer_none_any: true, desc: 'The weight of the issue' - end - - params :issue_params_ee do - optional :weight, type: Integer, desc: 'The weight of the issue' - end - end - params :issues_stats_params do optional :labels, type: Array[String], coerce_with: Validations::Types::LabelsList.coerce, desc: 'Comma-separated list of label names' optional :milestone, type: String, desc: 'Milestone title' @@ -47,7 +37,7 @@ module API optional :my_reaction_emoji, type: String, desc: 'Return issues reacted by the authenticated user by the given emoji' optional :confidential, type: Boolean, desc: 'Filter confidential or public issues' - use :issues_params_ee if Gitlab.ee? + use :optional_issues_params_ee end params :issues_params do @@ -73,7 +63,7 @@ module API optional :confidential, type: Boolean, desc: 'Boolean parameter if the issue should be confidential' optional :discussion_locked, type: Boolean, desc: " Boolean parameter indicating if the issue's discussion is locked" - use :issue_params_ee if Gitlab.ee? + use :optional_issue_params_ee end end diff --git a/lib/api/merge_requests.rb b/lib/api/merge_requests.rb index daa98c22e5e..ce85772e4ed 100644 --- a/lib/api/merge_requests.rb +++ b/lib/api/merge_requests.rb @@ -367,10 +367,6 @@ module API merge_request = find_project_merge_request(params[:merge_request_iid]) merge_when_pipeline_succeeds = to_boolean(params[:merge_when_pipeline_succeeds]) - if merge_when_pipeline_succeeds || merge_request.merge_when_pipeline_succeeds - render_api_error!('Not allowed: pipeline does not exist', 405) unless merge_request.head_pipeline - end - # Merge request can not be merged # because user dont have permissions to push into target branch unauthorized! unless merge_request.can_be_merged_by?(current_user) diff --git a/lib/api/protected_branches.rb b/lib/api/protected_branches.rb index f8cce1ed784..33dea25289a 100644 --- a/lib/api/protected_branches.rb +++ b/lib/api/protected_branches.rb @@ -8,6 +8,8 @@ module API before { authorize_admin_project } + helpers Helpers::ProtectedBranchesHelpers + params do requires :id, type: String, desc: 'The ID of a project' end @@ -52,29 +54,7 @@ module API values: ProtectedBranch::MergeAccessLevel.allowed_access_levels, desc: 'Access levels allowed to merge (defaults: `40`, maintainer access level)' - if Gitlab.ee? - optional :unprotect_access_level, type: Integer, - values: ProtectedBranch::UnprotectAccessLevel.allowed_access_levels, - desc: 'Access levels allowed to unprotect (defaults: `40`, maintainer access level)' - - optional :allowed_to_push, type: Array, desc: 'An array of users/groups allowed to push' do - optional :access_level, type: Integer, values: ProtectedBranch::PushAccessLevel.allowed_access_levels - optional :user_id, type: Integer - optional :group_id, type: Integer - end - - optional :allowed_to_merge, type: Array, desc: 'An array of users/groups allowed to merge' do - optional :access_level, type: Integer, values: ProtectedBranch::MergeAccessLevel.allowed_access_levels - optional :user_id, type: Integer - optional :group_id, type: Integer - end - - optional :allowed_to_unprotect, type: Array, desc: 'An array of users/groups allowed to unprotect' do - optional :access_level, type: Integer, values: ProtectedBranch::UnprotectAccessLevel.allowed_access_levels - optional :user_id, type: Integer - optional :group_id, type: Integer - end - end + use :optional_params_ee end # rubocop: disable CodeReuse/ActiveRecord post ':id/protected_branches' do diff --git a/lib/api/users.rb b/lib/api/users.rb index 2f23e33bd4a..6afeebb6890 100644 --- a/lib/api/users.rb +++ b/lib/api/users.rb @@ -15,6 +15,8 @@ module API authenticate_non_get! end + helpers Helpers::UsersHelpers + helpers do # rubocop: disable CodeReuse/ActiveRecord def find_user_by_id(params) @@ -52,10 +54,7 @@ module API optional :private_profile, type: Boolean, desc: 'Flag indicating the user has a private profile' all_or_none_of :extern_uid, :provider - if Gitlab.ee? - optional :shared_runners_minutes_limit, type: Integer, desc: 'Pipeline minutes quota for this user' - optional :extra_shared_runners_minutes_limit, type: Integer, desc: '(admin-only) Extra pipeline minutes quota for this user' - end + use :optional_params_ee end params :sort_params do @@ -85,10 +84,7 @@ module API use :sort_params use :pagination use :with_custom_attributes - - if Gitlab.ee? - optional :skip_ldap, type: Boolean, default: false, desc: 'Skip LDAP users' - end + use :optional_index_params_ee end # rubocop: disable CodeReuse/ActiveRecord get do diff --git a/lib/api/variables.rb b/lib/api/variables.rb index a1bb21b3a06..af1d7936556 100644 --- a/lib/api/variables.rb +++ b/lib/api/variables.rb @@ -7,6 +7,8 @@ module API before { authenticate! } before { authorize! :admin_build, user_project } + helpers Helpers::VariablesHelpers + helpers do def filter_variable_parameters(params) # This method exists so that EE can more easily filter out certain @@ -54,12 +56,11 @@ module API params do requires :key, type: String, desc: 'The key of the variable' requires :value, type: String, desc: 'The value of the variable' - optional :protected, type: String, desc: 'Whether the variable is protected' + optional :protected, type: Boolean, desc: 'Whether the variable is protected' + optional :masked, type: Boolean, desc: 'Whether the variable is masked' optional :variable_type, type: String, values: Ci::Variable.variable_types.keys, desc: 'The type of variable, must be one of env_var or file. Defaults to env_var' - if Gitlab.ee? - optional :environment_scope, type: String, desc: 'The environment_scope of the variable' - end + use :optional_params_ee end post ':id/variables' do variable_params = declared_params(include_missing: false) @@ -80,12 +81,11 @@ module API params do optional :key, type: String, desc: 'The key of the variable' optional :value, type: String, desc: 'The value of the variable' - optional :protected, type: String, desc: 'Whether the variable is protected' + optional :protected, type: Boolean, desc: 'Whether the variable is protected' + optional :masked, type: Boolean, desc: 'Whether the variable is masked' optional :variable_type, type: String, values: Ci::Variable.variable_types.keys, desc: 'The type of variable, must be one of env_var or file' - if Gitlab.ee? - optional :environment_scope, type: String, desc: 'The environment_scope of the variable' - end + use :optional_params_ee end # rubocop: disable CodeReuse/ActiveRecord put ':id/variables/:key' do diff --git a/lib/banzai/filter/abstract_reference_filter.rb b/lib/banzai/filter/abstract_reference_filter.rb index 44b151d01e7..0224dd8fcd1 100644 --- a/lib/banzai/filter/abstract_reference_filter.rb +++ b/lib/banzai/filter/abstract_reference_filter.rb @@ -363,6 +363,14 @@ module Banzai group_ref end + + def unescape_html_entities(text) + CGI.unescapeHTML(text.to_s) + end + + def escape_html_entities(text) + CGI.escapeHTML(text.to_s) + end end end end diff --git a/lib/banzai/filter/label_reference_filter.rb b/lib/banzai/filter/label_reference_filter.rb index 4d67140b0a1..4892668fc22 100644 --- a/lib/banzai/filter/label_reference_filter.rb +++ b/lib/banzai/filter/label_reference_filter.rb @@ -104,14 +104,6 @@ module Banzai matches[:namespace] && matches[:project] end - def unescape_html_entities(text) - CGI.unescapeHTML(text.to_s) - end - - def escape_html_entities(text) - CGI.escapeHTML(text.to_s) - end - def object_link_title(object, matches) # use title of wrapped element instead nil diff --git a/lib/banzai/filter/milestone_reference_filter.rb b/lib/banzai/filter/milestone_reference_filter.rb index fce042e8946..08969753d75 100644 --- a/lib/banzai/filter/milestone_reference_filter.rb +++ b/lib/banzai/filter/milestone_reference_filter.rb @@ -51,13 +51,13 @@ module Banzai # default implementation. return super(text, pattern) if pattern != Milestone.reference_pattern - text.gsub(pattern) do |match| + unescape_html_entities(text).gsub(pattern) do |match| milestone = find_milestone($~[:project], $~[:namespace], $~[:milestone_iid], $~[:milestone_name]) if milestone yield match, milestone.id, $~[:project], $~[:namespace], $~ else - match + escape_html_entities(match) end end end diff --git a/lib/gitlab/auth/o_auth/auth_hash.rb b/lib/gitlab/auth/o_auth/auth_hash.rb index 36fc8061d92..72a187377d0 100644 --- a/lib/gitlab/auth/o_auth/auth_hash.rb +++ b/lib/gitlab/auth/o_auth/auth_hash.rb @@ -55,7 +55,7 @@ module Gitlab private def info - auth_hash.info + auth_hash['info'] end def get_info(key) diff --git a/lib/gitlab/auth_logger.rb b/lib/gitlab/auth_logger.rb new file mode 100644 index 00000000000..6d3edba02b0 --- /dev/null +++ b/lib/gitlab/auth_logger.rb @@ -0,0 +1,9 @@ +# frozen_string_literal: true + +module Gitlab + class AuthLogger < Gitlab::JsonLogger + def self.file_name_noext + 'auth' + end + end +end diff --git a/lib/gitlab/ci/templates/Auto-DevOps.gitlab-ci.yml b/lib/gitlab/ci/templates/Auto-DevOps.gitlab-ci.yml index 939112e6e41..87cd62ef2d4 100644 --- a/lib/gitlab/ci/templates/Auto-DevOps.gitlab-ci.yml +++ b/lib/gitlab/ci/templates/Auto-DevOps.gitlab-ci.yml @@ -50,7 +50,7 @@ variables: POSTGRES_DB: $CI_ENVIRONMENT_SLUG POSTGRES_VERSION: 9.6.2 - KUBERNETES_VERSION: 1.11.9 + KUBERNETES_VERSION: 1.11.10 HELM_VERSION: 2.13.1 DOCKER_DRIVER: overlay2 diff --git a/lib/gitlab/ci/templates/Docker.gitlab-ci.yml b/lib/gitlab/ci/templates/Docker.gitlab-ci.yml index eeefadaa019..f6d240b7b6d 100644 --- a/lib/gitlab/ci/templates/Docker.gitlab-ci.yml +++ b/lib/gitlab/ci/templates/Docker.gitlab-ci.yml @@ -1,14 +1,11 @@ -# Official docker image. -image: docker:latest - -services: - - docker:dind - -before_script: - - docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" $CI_REGISTRY - build-master: + # Official docker image. + image: docker:latest stage: build + services: + - docker:dind + before_script: + - docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" $CI_REGISTRY script: - docker build --pull -t "$CI_REGISTRY_IMAGE" . - docker push "$CI_REGISTRY_IMAGE" @@ -16,7 +13,13 @@ build-master: - master build: + # Official docker image. + image: docker:latest stage: build + services: + - docker:dind + before_script: + - docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" $CI_REGISTRY script: - docker build --pull -t "$CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG" . - docker push "$CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG" diff --git a/lib/gitlab/ci/templates/Jobs/Deploy.gitlab-ci.yml b/lib/gitlab/ci/templates/Jobs/Deploy.gitlab-ci.yml index 5f7af2ffc20..1d55c64ec56 100644 --- a/lib/gitlab/ci/templates/Jobs/Deploy.gitlab-ci.yml +++ b/lib/gitlab/ci/templates/Jobs/Deploy.gitlab-ci.yml @@ -382,7 +382,7 @@ rollout 100%: --set application.database_url="$DATABASE_URL" \ --set application.secretName="$APPLICATION_SECRET_NAME" \ --set application.secretChecksum="$APPLICATION_SECRET_CHECKSUM" \ - --set service.commonName="le.$KUBE_INGRESS_BASE_DOMAIN" \ + --set service.commonName="le-$CI_PROJECT_ID.$KUBE_INGRESS_BASE_DOMAIN" \ --set service.url="$CI_ENVIRONMENT_URL" \ --set service.additionalHosts="$additional_hosts" \ --set replicaCount="$replicas" \ @@ -423,7 +423,7 @@ rollout 100%: --set application.database_url="$DATABASE_URL" \ --set application.secretName="$APPLICATION_SECRET_NAME" \ --set application.secretChecksum="$APPLICATION_SECRET_CHECKSUM" \ - --set service.commonName="le.$KUBE_INGRESS_BASE_DOMAIN" \ + --set service.commonName="le-$CI_PROJECT_ID.$KUBE_INGRESS_BASE_DOMAIN" \ --set service.url="$CI_ENVIRONMENT_URL" \ --set service.additionalHosts="$additional_hosts" \ --set replicaCount="$replicas" \ @@ -432,6 +432,7 @@ rollout 100%: --set postgresql.postgresUser="$POSTGRES_USER" \ --set postgresql.postgresPassword="$POSTGRES_PASSWORD" \ --set postgresql.postgresDatabase="$POSTGRES_DB" \ + --set postgresql.imageTag="$POSTGRES_VERSION" \ --set application.migrateCommand="$DB_MIGRATE" \ $HELM_UPGRADE_EXTRA_ARGS \ --namespace="$KUBE_NAMESPACE" \ @@ -507,23 +508,13 @@ rollout 100%: kubectl describe namespace "$KUBE_NAMESPACE" || kubectl create namespace "$KUBE_NAMESPACE" } - # Function to ensure backwards compatibility with AUTO_DEVOPS_DOMAIN - function ensure_kube_ingress_base_domain() { - if [ -z ${KUBE_INGRESS_BASE_DOMAIN+x} ] && [ -n "$AUTO_DEVOPS_DOMAIN" ] ; then - export KUBE_INGRESS_BASE_DOMAIN=$AUTO_DEVOPS_DOMAIN - fi - } - function check_kube_domain() { - ensure_kube_ingress_base_domain - if [[ -z "$KUBE_INGRESS_BASE_DOMAIN" ]]; then echo "In order to deploy or use Review Apps," - echo "AUTO_DEVOPS_DOMAIN or KUBE_INGRESS_BASE_DOMAIN variables must be set" + echo "KUBE_INGRESS_BASE_DOMAIN variables must be set" echo "From 11.8, you can set KUBE_INGRESS_BASE_DOMAIN in cluster settings" echo "or by defining a variable at group or project level." echo "You can also manually add it in .gitlab-ci.yml" - echo "AUTO_DEVOPS_DOMAIN support will be dropped on 12.0" false else true diff --git a/lib/gitlab/ci/templates/Security/Container-Scanning.gitlab-ci.yml b/lib/gitlab/ci/templates/Security/Container-Scanning.gitlab-ci.yml index 324e39c7747..5372ec6cceb 100644 --- a/lib/gitlab/ci/templates/Security/Container-Scanning.gitlab-ci.yml +++ b/lib/gitlab/ci/templates/Security/Container-Scanning.gitlab-ci.yml @@ -23,6 +23,9 @@ container_scanning: DOCKER_HOST: tcp://${DOCKER_SERVICE}:2375/ # https://hub.docker.com/r/arminc/clair-local-scan/tags CLAIR_LOCAL_SCAN_VERSION: v2.0.8_fe9b059d930314b54c78f75afe265955faf4fdc1 + ## Disable the proxy for clair-local-scan, otherwise Container Scanning will + ## fail when a proxy is used. + NO_PROXY: ${DOCKER_SERVICE},localhost allow_failure: true services: - docker:stable-dind diff --git a/lib/gitlab/ci/templates/Security/DAST.gitlab-ci.yml b/lib/gitlab/ci/templates/Security/DAST.gitlab-ci.yml index fd7fac5dcab..27a498b2daf 100644 --- a/lib/gitlab/ci/templates/Security/DAST.gitlab-ci.yml +++ b/lib/gitlab/ci/templates/Security/DAST.gitlab-ci.yml @@ -1,4 +1,4 @@ -# Read more about this feature here: https://docs.gitlab.com/ee/user/project/merge_requests/dast.html +# Read more about this feature here: https://docs.gitlab.com/ee/user/application_security/dast/ # Configure the scanning tool through the environment variables. # List of the variables: https://gitlab.com/gitlab-org/security-products/dast#settings @@ -12,46 +12,29 @@ stages: dast: stage: dast - image: docker:stable + image: + name: "registry.gitlab.com/gitlab-org/security-products/dast:$CI_SERVER_VERSION_MAJOR-$CI_SERVER_VERSION_MINOR-stable" variables: - DOCKER_DRIVER: overlay2 + # URL to scan: + # DAST_WEBSITE: https://example.com/ + # + # Time limit for target availability (scan is attempted even when timeout): + # DAST_TARGET_AVAILABILITY_TIMEOUT: 60 + # + # Set these variables to scan with an authenticated user: + # DAST_AUTH_URL: https://example.com/sign-in + # DAST_USERNAME: john.doe@example.com + # DAST_PASSWORD: john-doe-password + # DAST_USERNAME_FIELD: session[user] # the name of username field at the sign-in HTML form + # DAST_PASSWORD_FIELD: session[password] # the name of password field at the sign-in HTML form + # DAST_AUTH_EXCLUDE_URLS: http://example.com/sign-out,http://example.com/sign-out-2 # optional: URLs to skip during the authenticated scan; comma-separated, no spaces in between + # + # Perform ZAP Full Scan, which includes both passive and active scanning: + # DAST_FULL_SCAN_ENABLED: "true" allow_failure: true - services: - - docker:stable-dind script: - export DAST_WEBSITE=${DAST_WEBSITE:-$(cat environment_url.txt)} - - export DAST_VERSION=${SP_VERSION:-$(echo "$CI_SERVER_VERSION" | sed 's/^\([0-9]*\)\.\([0-9]*\).*/\1-\2-stable/')} - - | - if ! docker info &>/dev/null; then - if [ -z "$DOCKER_HOST" -a "$KUBERNETES_PORT" ]; then - export DOCKER_HOST='tcp://localhost:2375' - fi - fi - - | - function dast_run() { - docker run \ - --env DAST_FULL_SCAN_ENABLED \ - --env DAST_TARGET_AVAILABILITY_TIMEOUT \ - --volume "$PWD:/output" \ - --volume /var/run/docker.sock:/var/run/docker.sock \ - -w /output \ - "registry.gitlab.com/gitlab-org/security-products/dast:$DAST_VERSION" \ - /analyze -t $DAST_WEBSITE \ - "$@" - } - - | - if [ -n "$DAST_AUTH_URL" ] - then - dast_run \ - --auth-url $DAST_AUTH_URL \ - --auth-username $DAST_USERNAME \ - --auth-password $DAST_PASSWORD \ - --auth-username-field $DAST_USERNAME_FIELD \ - --auth-password-field $DAST_PASSWORD_FIELD \ - --auth-exclude-urls $DAST_AUTH_EXCLUDE_URLS - else - dast_run - fi + - /analyze -t $DAST_WEBSITE artifacts: reports: dast: gl-dast-report.json diff --git a/lib/gitlab/ci/templates/Security/SAST.gitlab-ci.yml b/lib/gitlab/ci/templates/Security/SAST.gitlab-ci.yml index 706692e063b..abf16e5b2e7 100644 --- a/lib/gitlab/ci/templates/Security/SAST.gitlab-ci.yml +++ b/lib/gitlab/ci/templates/Security/SAST.gitlab-ci.yml @@ -40,6 +40,7 @@ sast: SAST_BRAKEMAN_LEVEL \ SAST_GOSEC_LEVEL \ SAST_FLAWFINDER_LEVEL \ + SAST_GITLEAKS_ENTROPY_LEVEL \ SAST_DOCKER_CLIENT_NEGOTIATION_TIMEOUT \ SAST_PULL_ANALYZER_IMAGE_TIMEOUT \ SAST_RUN_ANALYZER_TIMEOUT \ diff --git a/lib/gitlab/cluster/lifecycle_events.rb b/lib/gitlab/cluster/lifecycle_events.rb index b05dca409d1..e0f9eb59924 100644 --- a/lib/gitlab/cluster/lifecycle_events.rb +++ b/lib/gitlab/cluster/lifecycle_events.rb @@ -44,6 +44,14 @@ module Gitlab (@master_restart_hooks ||= []) << block end + def on_master_start(&block) + if in_clustered_environment? + on_before_fork(&block) + else + on_worker_start(&block) + end + end + # # Lifecycle integration methods (called from unicorn.rb, puma.rb, etc.) # diff --git a/lib/gitlab/data_builder/pipeline.rb b/lib/gitlab/data_builder/pipeline.rb index fa06fb935f7..e1e813849bf 100644 --- a/lib/gitlab/data_builder/pipeline.rb +++ b/lib/gitlab/data_builder/pipeline.rb @@ -19,7 +19,7 @@ module Gitlab def hook_attrs(pipeline) { id: pipeline.id, - ref: pipeline.ref, + ref: pipeline.source_ref, tag: pipeline.tag, sha: pipeline.sha, before_sha: pipeline.before_sha, diff --git a/lib/gitlab/diff/suggestion.rb b/lib/gitlab/diff/suggestion.rb index 027c7a31bcf..4a3ac2106e2 100644 --- a/lib/gitlab/diff/suggestion.rb +++ b/lib/gitlab/diff/suggestion.rb @@ -33,6 +33,8 @@ module Gitlab end def to_content + return "" if @text.blank? + # The parsed suggestion doesn't have information about the correct # ending characters (we may have a line break, or not), so we take # this information from the last line being changed (last diff --git a/lib/gitlab/git/rugged_impl/tree.rb b/lib/gitlab/git/rugged_impl/tree.rb index bb13d114d46..9c37bb01961 100644 --- a/lib/gitlab/git/rugged_impl/tree.rb +++ b/lib/gitlab/git/rugged_impl/tree.rb @@ -43,6 +43,8 @@ module Gitlab ordered_entries.concat(tree_entries_from_rugged(repository, sha, entry.path, true)) end end + + ordered_entries end def rugged_populate_flat_path(repository, sha, path, entries) diff --git a/lib/gitlab/import_export/members_mapper.rb b/lib/gitlab/import_export/members_mapper.rb index 6be95a16513..a154de5419e 100644 --- a/lib/gitlab/import_export/members_mapper.rb +++ b/lib/gitlab/import_export/members_mapper.rb @@ -59,7 +59,11 @@ module Gitlab end def member_hash(member) - parsed_hash(member).merge('source_id' => @project.id, 'importing' => true) + parsed_hash(member).merge( + 'source_id' => @project.id, + 'importing' => true, + 'access_level' => [member['access_level'], ProjectMember::MAINTAINER].min + ).except('user_id') end def parsed_hash(member) diff --git a/lib/gitlab/import_export/project_tree_restorer.rb b/lib/gitlab/import_export/project_tree_restorer.rb index 51001750a6c..20caadb89c0 100644 --- a/lib/gitlab/import_export/project_tree_restorer.rb +++ b/lib/gitlab/import_export/project_tree_restorer.rb @@ -129,7 +129,7 @@ module Gitlab def visibility_level level = override_params['visibility_level'] || json_params['visibility_level'] || @project.visibility_level - level = @project.group.visibility_level if @project.group && level > @project.group.visibility_level + level = @project.group.visibility_level if @project.group && level.to_i > @project.group.visibility_level { 'visibility_level' => level } end diff --git a/lib/gitlab/kubernetes/errors.rb b/lib/gitlab/kubernetes/errors.rb new file mode 100644 index 00000000000..81bf636eef7 --- /dev/null +++ b/lib/gitlab/kubernetes/errors.rb @@ -0,0 +1,23 @@ +# frozen_string_literal: true + +module Gitlab + module Kubernetes + module Errors + CONNECTION = [ + SocketError, + OpenSSL::SSL::SSLError, + Errno::ECONNRESET, + Errno::ENETUNREACH, + Errno::ECONNREFUSED, + Errno::EHOSTUNREACH, + Net::OpenTimeout, + Net::ReadTimeout, + IPAddr::InvalidAddressError + ].freeze + + AUTHENTICATION = [ + OpenSSL::X509::CertificateError + ].freeze + end + end +end diff --git a/lib/gitlab/lets_encrypt/client.rb b/lib/gitlab/lets_encrypt/client.rb index d7468b06767..5501f7981ec 100644 --- a/lib/gitlab/lets_encrypt/client.rb +++ b/lib/gitlab/lets_encrypt/client.rb @@ -45,7 +45,7 @@ module Gitlab end def private_key - @private_key ||= OpenSSL::PKey.read(Gitlab::Application.secrets.lets_encrypt_private_key) + @private_key ||= OpenSSL::PKey.read(Gitlab::CurrentSettings.lets_encrypt_private_key) end def admin_email diff --git a/lib/gitlab/lfs_token.rb b/lib/gitlab/lfs_token.rb index 31e6fc9d8c7..124e34562c1 100644 --- a/lib/gitlab/lfs_token.rb +++ b/lib/gitlab/lfs_token.rb @@ -35,8 +35,7 @@ module Gitlab end def token_valid?(token_to_check) - HMACToken.new(actor).token_valid?(token_to_check) || - LegacyRedisDeviseToken.new(actor).token_valid?(token_to_check) + HMACToken.new(actor).token_valid?(token_to_check) end def deploy_key_pushable?(project) @@ -103,44 +102,5 @@ module Gitlab Settings.attr_encrypted_db_key_base.first(16) end end - - # TODO: LegacyRedisDeviseToken and references need to be removed after - # next released milestone - # - class LegacyRedisDeviseToken - TOKEN_LENGTH = 50 - DEFAULT_EXPIRY_TIME = 1800 * 1000 # 30 mins - - def initialize(actor) - @actor = actor - end - - def token_valid?(token_to_check) - Devise.secure_compare(stored_token, token_to_check) - end - - def stored_token - Gitlab::Redis::SharedState.with { |redis| redis.get(state_key) } - end - - # This method exists purely to facilitate legacy testing to ensure the - # same redis key is used. - # - def store_new_token(expiry_time_in_ms = DEFAULT_EXPIRY_TIME) - Gitlab::Redis::SharedState.with do |redis| - new_token = Devise.friendly_token(TOKEN_LENGTH) - redis.set(state_key, new_token, px: expiry_time_in_ms) - new_token - end - end - - private - - attr_reader :actor - - def state_key - "gitlab:lfs_token:#{actor.class.name.underscore}_#{actor.id}" - end - end end end diff --git a/lib/gitlab/metrics/samplers/puma_sampler.rb b/lib/gitlab/metrics/samplers/puma_sampler.rb new file mode 100644 index 00000000000..87669b253bc --- /dev/null +++ b/lib/gitlab/metrics/samplers/puma_sampler.rb @@ -0,0 +1,92 @@ +# frozen_string_literal: true + +require 'puma/state_file' + +module Gitlab + module Metrics + module Samplers + class PumaSampler < BaseSampler + def metrics + @metrics ||= init_metrics + end + + def init_metrics + { + puma_workers: ::Gitlab::Metrics.gauge(:puma_workers, 'Total number of workers'), + puma_running_workers: ::Gitlab::Metrics.gauge(:puma_running_workers, 'Number of active workers'), + puma_stale_workers: ::Gitlab::Metrics.gauge(:puma_stale_workers, 'Number of stale workers'), + puma_phase: ::Gitlab::Metrics.gauge(:puma_phase, 'Phase number (increased during phased restarts)'), + puma_running: ::Gitlab::Metrics.gauge(:puma_running, 'Number of running threads'), + puma_queued_connections: ::Gitlab::Metrics.gauge(:puma_queued_connections, 'Number of connections in that worker\'s "todo" set waiting for a worker thread'), + puma_active_connections: ::Gitlab::Metrics.gauge(:puma_active_connections, 'Number of threads processing a request'), + puma_pool_capacity: ::Gitlab::Metrics.gauge(:puma_pool_capacity, 'Number of requests the worker is capable of taking right now'), + puma_max_threads: ::Gitlab::Metrics.gauge(:puma_max_threads, 'Maximum number of worker threads'), + puma_idle_threads: ::Gitlab::Metrics.gauge(:puma_idle_threads, 'Number of spawned threads which are not processing a request') + } + end + + def sample + json_stats = puma_stats + return unless json_stats + + stats = JSON.parse(json_stats) + + if cluster?(stats) + sample_cluster(stats) + else + sample_single_worker(stats) + end + end + + private + + def puma_stats + Puma.stats + rescue NoMethodError + Rails.logger.info "PumaSampler: stats are not available yet, waiting for Puma to boot" + nil + end + + def sample_cluster(stats) + set_master_metrics(stats) + + stats['worker_status'].each do |worker| + labels = { worker: "worker_#{worker['index']}" } + + metrics[:puma_phase].set(labels, worker['phase']) + set_worker_metrics(worker['last_status'], labels) + end + end + + def sample_single_worker(stats) + metrics[:puma_workers].set({}, 1) + metrics[:puma_running_workers].set({}, 1) + + set_worker_metrics(stats) + end + + def cluster?(stats) + stats['worker_status'].present? + end + + def set_master_metrics(stats) + labels = { worker: "master" } + + metrics[:puma_workers].set(labels, stats['workers']) + metrics[:puma_running_workers].set(labels, stats['booted_workers']) + metrics[:puma_stale_workers].set(labels, stats['old_workers']) + metrics[:puma_phase].set(labels, stats['phase']) + end + + def set_worker_metrics(stats, labels = {}) + metrics[:puma_running].set(labels, stats['running']) + metrics[:puma_queued_connections].set(labels, stats['backlog']) + metrics[:puma_active_connections].set(labels, stats['max_threads'] - stats['pool_capacity']) + metrics[:puma_pool_capacity].set(labels, stats['pool_capacity']) + metrics[:puma_max_threads].set(labels, stats['max_threads']) + metrics[:puma_idle_threads].set(labels, stats['running'] + stats['pool_capacity'] - stats['max_threads']) + end + end + end + end +end diff --git a/lib/gitlab/omniauth_initializer.rb b/lib/gitlab/omniauth_initializer.rb index e0ac9eec1f2..2a2083ebae0 100644 --- a/lib/gitlab/omniauth_initializer.rb +++ b/lib/gitlab/omniauth_initializer.rb @@ -36,12 +36,25 @@ module Gitlab hash_arguments = provider['args'].merge(provider_defaults(provider)) # A Hash from the configuration will be passed as is. - provider_arguments << hash_arguments.symbolize_keys + provider_arguments << normalize_hash_arguments(hash_arguments) end provider_arguments end + def normalize_hash_arguments(args) + args.symbolize_keys! + + # Rails 5.1 deprecated the use of string names in the middleware + # (https://github.com/rails/rails/commit/83b767ce), so we need to + # pass in the actual class to Devise. + if args[:strategy_class].is_a?(String) + args[:strategy_class] = args[:strategy_class].constantize + end + + args + end + def provider_defaults(provider) case provider['name'] when 'cas3' diff --git a/lib/gitlab/prometheus/query_variables.rb b/lib/gitlab/prometheus/query_variables.rb index dca09aef47d..9cc21129547 100644 --- a/lib/gitlab/prometheus/query_variables.rb +++ b/lib/gitlab/prometheus/query_variables.rb @@ -5,8 +5,7 @@ module Gitlab module QueryVariables def self.call(environment) deployment_platform = environment.deployment_platform - namespace = deployment_platform&.namespace_for(environment.project) || - deployment_platform&.actual_namespace || '' + namespace = deployment_platform&.kubernetes_namespace_for(environment.project) || '' { ci_environment_slug: environment.slug, diff --git a/lib/gitlab/quick_actions/issue_and_merge_request_actions.rb b/lib/gitlab/quick_actions/issue_and_merge_request_actions.rb index 1cd158db2b0..e1579cfddc0 100644 --- a/lib/gitlab/quick_actions/issue_and_merge_request_actions.rb +++ b/lib/gitlab/quick_actions/issue_and_merge_request_actions.rb @@ -102,7 +102,7 @@ module Gitlab @updates[:milestone_id] = nil end - desc _('Copy labels and milestone from other issue or merge request') + desc _('Copy labels and milestone from other issue or merge request in this project') explanation do |source_issuable| _("Copy labels and milestone from %{source_issuable_reference}.") % { source_issuable_reference: source_issuable.to_reference } end diff --git a/lib/haml_lint/inline_javascript.rb b/lib/haml_lint/inline_javascript.rb deleted file mode 100644 index 1b17162f71d..00000000000 --- a/lib/haml_lint/inline_javascript.rb +++ /dev/null @@ -1,25 +0,0 @@ -# frozen_string_literal: true - -unless Rails.env.production? - require_dependency 'haml_lint/haml_visitor' - require_dependency 'haml_lint/linter' - require_dependency 'haml_lint/linter_registry' - - module HamlLint - class Linter::InlineJavaScript < Linter - include LinterRegistry - - def visit_filter(node) - return unless node.filter_type == 'javascript' - - record_lint(node, 'Inline JavaScript is discouraged (https://docs.gitlab.com/ee/development/gotchas.html#do-not-use-inline-javascript-in-views)') - end - - def visit_tag(node) - return unless node.tag_name == 'script' - - record_lint(node, 'Inline JavaScript is discouraged (https://docs.gitlab.com/ee/development/gotchas.html#do-not-use-inline-javascript-in-views)') - end - end - end -end diff --git a/lib/quality/test_level.rb b/lib/quality/test_level.rb new file mode 100644 index 00000000000..24d8eac200c --- /dev/null +++ b/lib/quality/test_level.rb @@ -0,0 +1,75 @@ +# frozen_string_literal: true + +module Quality + class TestLevel + UnknownTestLevelError = Class.new(StandardError) + + TEST_LEVEL_FOLDERS = { + unit: %w[ + bin + config + db + dependencies + factories + finders + frontend + graphql + helpers + initializers + javascripts + lib + migrations + models + policies + presenters + rack_servers + routing + rubocop + serializers + services + sidekiq + tasks + uploaders + validators + views + workers + elastic_integration + ], + integration: %w[ + controllers + mailers + requests + ], + system: ['features'] + }.freeze + + attr_reader :prefix + + def initialize(prefix = nil) + @prefix = prefix + @patterns = {} + @regexps = {} + end + + def pattern(level) + @patterns[level] ||= "#{prefix}spec/{#{TEST_LEVEL_FOLDERS.fetch(level).join(',')}}{,/**/}*_spec.rb".freeze + end + + def regexp(level) + @regexps[level] ||= Regexp.new("#{prefix}spec/(#{TEST_LEVEL_FOLDERS.fetch(level).join('|')})").freeze + end + + def level_for(file_path) + case file_path + when regexp(:unit) + :unit + when regexp(:integration) + :integration + when regexp(:system) + :system + else + raise UnknownTestLevelError, "Test level for #{file_path} couldn't be set. Please rename the file properly or change the test level detection regexes in #{__FILE__}." + end + end + end +end diff --git a/lib/tasks/haml-lint.rake b/lib/tasks/haml-lint.rake index 786efd14b1a..305e15d69d5 100644 --- a/lib/tasks/haml-lint.rake +++ b/lib/tasks/haml-lint.rake @@ -1,6 +1,6 @@ unless Rails.env.production? require 'haml_lint/rake_task' - require 'haml_lint/inline_javascript' + require Rails.root.join('haml_lint/inline_javascript') # Workaround for warnings from parser/current # Keep it even if it no longer emits any warnings, diff --git a/lib/tasks/spec.rake b/lib/tasks/spec.rake index 2eddcb3c777..c881ad4cf12 100644 --- a/lib/tasks/spec.rake +++ b/lib/tasks/spec.rake @@ -1,7 +1,32 @@ +# frozen_string_literal: true + +return if Rails.env.production? + Rake::Task["spec"].clear if Rake::Task.task_defined?('spec') namespace :spec do - desc 'GitLab | Rspec | Run request specs' + desc 'GitLab | RSpec | Run unit tests' + RSpec::Core::RakeTask.new(:unit, :rspec_opts) do |t, args| + require_dependency 'quality/test_level' + t.pattern = Quality::TestLevel.new.pattern(:unit) + t.rspec_opts = args[:rspec_opts] + end + + desc 'GitLab | RSpec | Run integration tests' + RSpec::Core::RakeTask.new(:integration, :rspec_opts) do |t, args| + require_dependency 'quality/test_level' + t.pattern = Quality::TestLevel.new.pattern(:integration) + t.rspec_opts = args[:rspec_opts] + end + + desc 'GitLab | RSpec | Run system tests' + RSpec::Core::RakeTask.new(:system, :rspec_opts) do |t, args| + require_dependency 'quality/test_level' + t.pattern = Quality::TestLevel.new.pattern(:system) + t.rspec_opts = args[:rspec_opts] + end + + desc '[Deprecated] Use the "bin/rspec --tag api" instead' task :api do cmds = [ %w(rake gitlab:setup), @@ -10,7 +35,7 @@ namespace :spec do run_commands(cmds) end - desc 'GitLab | Rspec | Run feature specs' + desc '[Deprecated] Use the "spec:system" task instead' task :feature do cmds = [ %w(rake gitlab:setup), @@ -19,7 +44,7 @@ namespace :spec do run_commands(cmds) end - desc 'GitLab | Rspec | Run model specs' + desc '[Deprecated] Use "bin/rspec spec/models" instead' task :models do cmds = [ %w(rake gitlab:setup), @@ -28,7 +53,7 @@ namespace :spec do run_commands(cmds) end - desc 'GitLab | Rspec | Run service specs' + desc '[Deprecated] Use "bin/rspec spec/services" instead' task :services do cmds = [ %w(rake gitlab:setup), @@ -37,7 +62,7 @@ namespace :spec do run_commands(cmds) end - desc 'GitLab | Rspec | Run lib specs' + desc '[Deprecated] Use "bin/rspec spec/lib" instead' task :lib do cmds = [ %w(rake gitlab:setup), @@ -45,15 +70,6 @@ namespace :spec do ] run_commands(cmds) end - - desc 'GitLab | Rspec | Run other specs' - task :other do - cmds = [ - %w(rake gitlab:setup), - %w(rspec spec --tag ~@api --tag ~@feature --tag ~@models --tag ~@lib --tag ~@services) - ] - run_commands(cmds) - end end desc "GitLab | Run specs" |