diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2023-01-18 19:00:14 +0000 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2023-01-18 19:00:14 +0000 |
| commit | 05f0ebba3a2c8ddf39e436f412dc2ab5bf1353b2 (patch) | |
| tree | 11d0f2a6ec31c7793c184106cedc2ded3d9a2cc5 /vendor | |
| parent | ec73467c23693d0db63a797d10194da9e72a74af (diff) | |
| download | gitlab-ce-05f0ebba3a2c8ddf39e436f412dc2ab5bf1353b2.tar.gz | |
Add latest changes from gitlab-org/gitlab@15-8-stable-eev15.8.0-rc42
Diffstat (limited to 'vendor')
14 files changed, 46 insertions, 409 deletions
diff --git a/vendor/aws/cloudformation/eks_cluster.yaml b/vendor/aws/cloudformation/eks_cluster.yaml deleted file mode 100644 index 8d93734fd46..00000000000 --- a/vendor/aws/cloudformation/eks_cluster.yaml +++ /dev/null @@ -1,342 +0,0 @@ ---- -AWSTemplateFormatVersion: "2010-09-09" -Description: GitLab EKS Cluster - -Parameters: - - KubernetesVersion: - Description: The Kubernetes version to install - Type: String - Default: "1.20" - AllowedValues: - - "1.16" - - "1.17" - - "1.18" - - "1.19" - - "1.20" - - KeyName: - Description: The EC2 Key Pair to allow SSH access to the node instances - Type: AWS::EC2::KeyPair::KeyName - - NodeImageIdSSMParam: - Type: "AWS::SSM::Parameter::Value<AWS::EC2::Image::Id>" - Default: /aws/service/eks/optimized-ami/1.17/amazon-linux-2/recommended/image_id - Description: AWS Systems Manager Parameter Store parameter of the AMI ID for the worker node instances. - - NodeInstanceType: - Description: EC2 instance type for the node instances - Type: String - Default: t3.medium - ConstraintDescription: Must be a valid EC2 instance type - AllowedValues: - - t2.small - - t2.medium - - t2.large - - t2.xlarge - - t2.2xlarge - - t3.nano - - t3.micro - - t3.small - - t3.medium - - t3.large - - t3.xlarge - - t3.2xlarge - - m3.medium - - m3.large - - m3.xlarge - - m3.2xlarge - - m4.large - - m4.xlarge - - m4.2xlarge - - m4.4xlarge - - m4.10xlarge - - m5.large - - m5.xlarge - - m5.2xlarge - - m5.4xlarge - - m5.12xlarge - - m5.24xlarge - - c4.large - - c4.xlarge - - c4.2xlarge - - c4.4xlarge - - c4.8xlarge - - c5.large - - c5.xlarge - - c5.2xlarge - - c5.4xlarge - - c5.9xlarge - - c5.18xlarge - - i3.large - - i3.xlarge - - i3.2xlarge - - i3.4xlarge - - i3.8xlarge - - i3.16xlarge - - r3.xlarge - - r3.2xlarge - - r3.4xlarge - - r3.8xlarge - - r4.large - - r4.xlarge - - r4.2xlarge - - r4.4xlarge - - r4.8xlarge - - r4.16xlarge - - x1.16xlarge - - x1.32xlarge - - p2.xlarge - - p2.8xlarge - - p2.16xlarge - - p3.2xlarge - - p3.8xlarge - - p3.16xlarge - - p3dn.24xlarge - - r5.large - - r5.xlarge - - r5.2xlarge - - r5.4xlarge - - r5.12xlarge - - r5.24xlarge - - r5d.large - - r5d.xlarge - - r5d.2xlarge - - r5d.4xlarge - - r5d.12xlarge - - r5d.24xlarge - - z1d.large - - z1d.xlarge - - z1d.2xlarge - - z1d.3xlarge - - z1d.6xlarge - - z1d.12xlarge - - NodeAutoScalingGroupDesiredCapacity: - Description: Desired capacity of Node Group ASG. - Type: Number - Default: 3 - - NodeVolumeSize: - Description: Node volume size - Type: Number - Default: 20 - - ClusterName: - Description: Unique name for your Amazon EKS cluster. - Type: String - - ClusterRole: - Description: The IAM Role to allow Amazon EKS and the Kubernetes control plane to manage AWS resources on your behalf. - Type: String - - ClusterControlPlaneSecurityGroup: - Description: The security groups to apply to the EKS-managed Elastic Network Interfaces that are created in your worker node subnets. - Type: AWS::EC2::SecurityGroup::Id - - VpcId: - Description: The VPC to use for your EKS Cluster resources. - Type: AWS::EC2::VPC::Id - - Subnets: - Description: The subnets in your VPC where your worker nodes will run. - Type: List<AWS::EC2::Subnet::Id> - -Metadata: - - AWS::CloudFormation::Interface: - ParameterGroups: - - Label: - default: EKS Cluster - Parameters: - - ClusterName - - ClusterRole - - KubernetesVersion - - ClusterControlPlaneSecurityGroup - - Label: - default: Worker Node Configuration - Parameters: - - NodeAutoScalingGroupDesiredCapacity - - NodeInstanceType - - NodeImageIdSSMParam - - NodeVolumeSize - - KeyName - - Label: - default: Worker Network Configuration - Parameters: - - VpcId - - Subnets - -Resources: - - Cluster: - Type: AWS::EKS::Cluster - Properties: - Name: !Sub ${ClusterName} - Version: !Sub ${KubernetesVersion} - RoleArn: !Sub ${ClusterRole} - ResourcesVpcConfig: - SecurityGroupIds: - - !Ref ClusterControlPlaneSecurityGroup - SubnetIds: !Ref Subnets - - NodeInstanceProfile: - Type: AWS::IAM::InstanceProfile - Properties: - Path: "/" - Roles: - - !Ref NodeInstanceRole - - NodeInstanceRole: - Type: AWS::IAM::Role - Properties: - AssumeRolePolicyDocument: - Version: "2012-10-17" - Statement: - - Effect: Allow - Principal: - Service: ec2.amazonaws.com - Action: sts:AssumeRole - Path: "/" - ManagedPolicyArns: - - arn:aws:iam::aws:policy/AmazonEKSWorkerNodePolicy - - arn:aws:iam::aws:policy/AmazonEKS_CNI_Policy - - arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryReadOnly - - NodeSecurityGroup: - Type: AWS::EC2::SecurityGroup - Properties: - GroupDescription: Security group for all nodes in the cluster - VpcId: !Ref VpcId - Tags: - - Key: !Sub kubernetes.io/cluster/${ClusterName} - Value: owned - - NodeSecurityGroupIngress: - Type: AWS::EC2::SecurityGroupIngress - DependsOn: NodeSecurityGroup - Properties: - Description: Allow nodes to communicate with each other - GroupId: !Ref NodeSecurityGroup - SourceSecurityGroupId: !Ref NodeSecurityGroup - IpProtocol: -1 - FromPort: 0 - ToPort: 65535 - - NodeSecurityGroupFromControlPlaneIngress: - Type: AWS::EC2::SecurityGroupIngress - DependsOn: NodeSecurityGroup - Properties: - Description: Allow worker Kubelets and pods to receive communication from the cluster control plane - GroupId: !Ref NodeSecurityGroup - SourceSecurityGroupId: !Ref ClusterControlPlaneSecurityGroup - IpProtocol: tcp - FromPort: 1025 - ToPort: 65535 - - ControlPlaneEgressToNodeSecurityGroup: - Type: AWS::EC2::SecurityGroupEgress - DependsOn: NodeSecurityGroup - Properties: - Description: Allow the cluster control plane to communicate with worker Kubelet and pods - GroupId: !Ref ClusterControlPlaneSecurityGroup - DestinationSecurityGroupId: !Ref NodeSecurityGroup - IpProtocol: tcp - FromPort: 1025 - ToPort: 65535 - - NodeSecurityGroupFromControlPlaneOn443Ingress: - Type: AWS::EC2::SecurityGroupIngress - DependsOn: NodeSecurityGroup - Properties: - Description: Allow pods running extension API servers on port 443 to receive communication from cluster control plane - GroupId: !Ref NodeSecurityGroup - SourceSecurityGroupId: !Ref ClusterControlPlaneSecurityGroup - IpProtocol: tcp - FromPort: 443 - ToPort: 443 - - ControlPlaneEgressToNodeSecurityGroupOn443: - Type: AWS::EC2::SecurityGroupEgress - DependsOn: NodeSecurityGroup - Properties: - Description: Allow the cluster control plane to communicate with pods running extension API servers on port 443 - GroupId: !Ref ClusterControlPlaneSecurityGroup - DestinationSecurityGroupId: !Ref NodeSecurityGroup - IpProtocol: tcp - FromPort: 443 - ToPort: 443 - - ClusterControlPlaneSecurityGroupIngress: - Type: AWS::EC2::SecurityGroupIngress - DependsOn: NodeSecurityGroup - Properties: - Description: Allow pods to communicate with the cluster API Server - GroupId: !Ref ClusterControlPlaneSecurityGroup - SourceSecurityGroupId: !Ref NodeSecurityGroup - IpProtocol: tcp - ToPort: 443 - FromPort: 443 - - NodeGroup: - Type: AWS::AutoScaling::AutoScalingGroup - DependsOn: Cluster - Properties: - DesiredCapacity: !Ref NodeAutoScalingGroupDesiredCapacity - LaunchConfigurationName: !Ref NodeLaunchConfig - MinSize: !Ref NodeAutoScalingGroupDesiredCapacity - MaxSize: !Ref NodeAutoScalingGroupDesiredCapacity - VPCZoneIdentifier: !Ref Subnets - Tags: - - Key: Name - Value: !Sub ${ClusterName}-node - PropagateAtLaunch: true - - Key: !Sub kubernetes.io/cluster/${ClusterName} - Value: owned - PropagateAtLaunch: true - UpdatePolicy: - AutoScalingRollingUpdate: - MaxBatchSize: 1 - MinInstancesInService: !Ref NodeAutoScalingGroupDesiredCapacity - PauseTime: PT5M - - NodeLaunchConfig: - Type: AWS::AutoScaling::LaunchConfiguration - Properties: - AssociatePublicIpAddress: true - IamInstanceProfile: !Ref NodeInstanceProfile - ImageId: !Ref NodeImageIdSSMParam - InstanceType: !Ref NodeInstanceType - KeyName: !Ref KeyName - SecurityGroups: - - !Ref NodeSecurityGroup - BlockDeviceMappings: - - DeviceName: /dev/xvda - Ebs: - VolumeSize: !Ref NodeVolumeSize - VolumeType: gp2 - DeleteOnTermination: true - UserData: - Fn::Base64: - !Sub | - #!/bin/bash - set -o xtrace - /etc/eks/bootstrap.sh "${ClusterName}" - /opt/aws/bin/cfn-signal --exit-code $? \ - --stack ${AWS::StackName} \ - --resource NodeGroup \ - --region ${AWS::Region} - -Outputs: - - NodeInstanceRole: - Description: The node instance role - Value: !GetAtt NodeInstanceRole.Arn - - ClusterCertificate: - Description: The cluster certificate - Value: !GetAtt Cluster.CertificateAuthorityData - - ClusterEndpoint: - Description: The cluster endpoint - Value: !GetAtt Cluster.Endpoint diff --git a/vendor/aws/iam/eks_cluster_read_only_policy.json b/vendor/aws/iam/eks_cluster_read_only_policy.json deleted file mode 100644 index 425b9a3eff9..00000000000 --- a/vendor/aws/iam/eks_cluster_read_only_policy.json +++ /dev/null @@ -1,17 +0,0 @@ -{ - "Version": "2012-10-17", - "Statement": [ - { - "Effect": "Allow", - "Action": [ - "iam:ListRoles", - "ec2:DescribeKeyPairs", - "ec2:DescribeRegions", - "ec2:DescribeSecurityGroups", - "ec2:DescribeSubnets", - "ec2:DescribeVpcs" - ], - "Resource": "*" - } - ] -} diff --git a/vendor/gems/bundler-checksum/README.md b/vendor/gems/bundler-checksum/README.md index 1420dc49b94..675c3ad2ee8 100644 --- a/vendor/gems/bundler-checksum/README.md +++ b/vendor/gems/bundler-checksum/README.md @@ -9,7 +9,7 @@ Add the following to your Gemfile: ``` if ENV['BUNDLER_CHECKSUM_VERIFICATION_OPT_IN'] # this verification is still experimental require 'bundler-checksum' - Bundler::Checksum.patch! + BundlerChecksum.patch! end ``` diff --git a/vendor/gems/bundler-checksum/bin/bundler-checksum b/vendor/gems/bundler-checksum/bin/bundler-checksum index 2d0aea827bc..0ef2748a518 100755 --- a/vendor/gems/bundler-checksum/bin/bundler-checksum +++ b/vendor/gems/bundler-checksum/bin/bundler-checksum @@ -1,6 +1,6 @@ #!/usr/bin/env ruby require 'bundler-checksum' -require 'bundler/checksum/command' +require 'bundler_checksum/command' -Bundler::Checksum::Command.execute(ARGV) +BundlerChecksum::Command.execute(ARGV) diff --git a/vendor/gems/bundler-checksum/bundler-checksum.gemspec b/vendor/gems/bundler-checksum/bundler-checksum.gemspec index c04312480b6..b9667570549 100644 --- a/vendor/gems/bundler-checksum/bundler-checksum.gemspec +++ b/vendor/gems/bundler-checksum/bundler-checksum.gemspec @@ -1,10 +1,10 @@ # frozen_string_literal: true -require_relative 'lib/bundler/checksum/version' +require_relative 'lib/bundler_checksum/version' Gem::Specification.new do |spec| spec.name = 'bundler-checksum' - spec.version = Bundler::Checksum::VERSION + spec.version = BundlerChecksum::VERSION spec.authors = ['dustinmm80'] spec.email = ['dcollins@gitlab.com'] diff --git a/vendor/gems/bundler-checksum/lib/bundler-checksum.rb b/vendor/gems/bundler-checksum/lib/bundler-checksum.rb index 600cd4f7107..c2abf1b41d6 100644 --- a/vendor/gems/bundler-checksum/lib/bundler-checksum.rb +++ b/vendor/gems/bundler-checksum/lib/bundler-checksum.rb @@ -1 +1 @@ -require 'bundler/checksum' +require 'bundler_checksum' diff --git a/vendor/gems/bundler-checksum/lib/bundler/checksum/version.rb b/vendor/gems/bundler-checksum/lib/bundler/checksum/version.rb deleted file mode 100644 index 41e958b2db9..00000000000 --- a/vendor/gems/bundler-checksum/lib/bundler/checksum/version.rb +++ /dev/null @@ -1,8 +0,0 @@ -# frozen_string_literal: true - -module Bundler - module Checksum - # bundler-checksum version - VERSION = '0.1.0' - end -end diff --git a/vendor/gems/bundler-checksum/lib/bundler/checksum.rb b/vendor/gems/bundler-checksum/lib/bundler_checksum.rb index 40c42644964..b3d36521f24 100644 --- a/vendor/gems/bundler-checksum/lib/bundler/checksum.rb +++ b/vendor/gems/bundler-checksum/lib/bundler_checksum.rb @@ -1,7 +1,7 @@ # frozen_string_literal: true require 'bundler' -require 'bundler/checksum/version' +require 'bundler_checksum/version' require 'json' module Bundler @@ -27,7 +27,7 @@ module Bundler end def fetch_checksum_from_file(spec) - ::Bundler::Checksum.checksum_for(spec.name, spec.version.to_s, spec.platform.to_s) + ::BundlerChecksum.checksum_for(spec.name, spec.version.to_s, spec.platform.to_s) end # Modified from @@ -74,37 +74,35 @@ module Bundler end end -module Bundler - module Checksum - class << self - def checksum_file - @checksum_file ||= File.join(File.dirname(Bundler.default_gemfile), 'Gemfile.checksum') - end - - def checksums_from_file - @checksums_from_file ||= JSON.parse(File.open(checksum_file).read, symbolize_names: true) - rescue JSON::ParserError => e - raise "Invalid checksum file: #{e.message}" - end +module BundlerChecksum + class << self + def checksum_file + @checksum_file ||= File.join(File.dirname(Bundler.default_gemfile), 'Gemfile.checksum') + end - def checksum_for(gem_name, gem_version, gem_platform) - item = checksums_from_file.detect do |item| - item[:name] == gem_name && - item[:platform] == gem_platform && - item[:version] == gem_version - end + def checksums_from_file + @checksums_from_file ||= JSON.parse(File.open(checksum_file).read, symbolize_names: true) + rescue JSON::ParserError => e + raise "Invalid checksum file: #{e.message}" + end - item&.fetch(:checksum) + def checksum_for(gem_name, gem_version, gem_platform) + item = checksums_from_file.detect do |item| + item[:name] == gem_name && + item[:platform] == gem_platform && + item[:version] == gem_version end - def patch! - return if defined?(@patched) && @patched - @patched = true + item&.fetch(:checksum) + end - Bundler.ui.info "Patching bundler with bundler-checksum..." - require 'bundler/rubygems_gem_installer' - ::Bundler::RubyGemsGemInstaller.prepend(Bundler::Patches::RubyGemsInstallerPatch) - end + def patch! + return if defined?(@patched) && @patched + @patched = true + + Bundler.ui.info "Patching bundler with bundler-checksum..." + require 'bundler/rubygems_gem_installer' + ::Bundler::RubyGemsGemInstaller.prepend(Bundler::Patches::RubyGemsInstallerPatch) end end end diff --git a/vendor/gems/bundler-checksum/lib/bundler/checksum/command.rb b/vendor/gems/bundler-checksum/lib/bundler_checksum/command.rb index 438f41f6e69..c6c71431538 100644 --- a/vendor/gems/bundler-checksum/lib/bundler/checksum/command.rb +++ b/vendor/gems/bundler-checksum/lib/bundler_checksum/command.rb @@ -1,6 +1,6 @@ # frozen_string_literal: true -module Bundler::Checksum +module BundlerChecksum module Command autoload :Init, File.expand_path("command/init", __dir__) autoload :Verify, File.expand_path("command/verify", __dir__) diff --git a/vendor/gems/bundler-checksum/lib/bundler/checksum/command/helper.rb b/vendor/gems/bundler-checksum/lib/bundler_checksum/command/helper.rb index fa06bfe3da4..515f5926106 100644 --- a/vendor/gems/bundler-checksum/lib/bundler/checksum/command/helper.rb +++ b/vendor/gems/bundler-checksum/lib/bundler_checksum/command/helper.rb @@ -3,7 +3,7 @@ require 'json' require 'net/http' -module Bundler::Checksum::Command +module BundlerChecksum::Command module Helper extend self diff --git a/vendor/gems/bundler-checksum/lib/bundler/checksum/command/init.rb b/vendor/gems/bundler-checksum/lib/bundler_checksum/command/init.rb index 47a9b676f1d..1d8db7d78fa 100644 --- a/vendor/gems/bundler-checksum/lib/bundler/checksum/command/init.rb +++ b/vendor/gems/bundler-checksum/lib/bundler_checksum/command/init.rb @@ -2,7 +2,7 @@ require 'openssl' -module Bundler::Checksum::Command +module BundlerChecksum::Command module Init extend self @@ -65,14 +65,14 @@ module Bundler::Checksum::Command def previous_checksums @previous_checksums ||= if File.exist?(checksum_file) - ::Bundler::Checksum.checksums_from_file + ::BundlerChecksum.checksums_from_file else [] end end def checksum_file - ::Bundler::Checksum.checksum_file + ::BundlerChecksum.checksum_file end def lockfile diff --git a/vendor/gems/bundler-checksum/lib/bundler/checksum/command/verify.rb b/vendor/gems/bundler-checksum/lib/bundler_checksum/command/verify.rb index ba2eea6ea0c..e6a52ded42c 100644 --- a/vendor/gems/bundler-checksum/lib/bundler/checksum/command/verify.rb +++ b/vendor/gems/bundler-checksum/lib/bundler_checksum/command/verify.rb @@ -1,6 +1,6 @@ # frozen_string_literal: true -module Bundler::Checksum::Command +module BundlerChecksum::Command module Verify extend self @@ -27,7 +27,7 @@ module Bundler::Checksum::Command private def local_checksums - ::Bundler::Checksum.checksums_from_file + ::BundlerChecksum.checksums_from_file end def validate_gem_checksum(gem_name, gem_version, gem_platform, local_checksum) diff --git a/vendor/gems/bundler-checksum/lib/bundler_checksum/version.rb b/vendor/gems/bundler-checksum/lib/bundler_checksum/version.rb new file mode 100644 index 00000000000..367a9e49a47 --- /dev/null +++ b/vendor/gems/bundler-checksum/lib/bundler_checksum/version.rb @@ -0,0 +1,6 @@ +# frozen_string_literal: true + +module BundlerChecksum + # bundler-checksum version + VERSION = '0.1.0' +end diff --git a/vendor/gems/bundler-checksum/test/project_with_checksum_lock/Gemfile b/vendor/gems/bundler-checksum/test/project_with_checksum_lock/Gemfile index 238bd09669f..503cf4587fa 100644 --- a/vendor/gems/bundler-checksum/test/project_with_checksum_lock/Gemfile +++ b/vendor/gems/bundler-checksum/test/project_with_checksum_lock/Gemfile @@ -5,7 +5,7 @@ source 'https://rubygems.org' if ENV['BUNDLER_CHECKSUM_VERIFICATION_OPT_IN'] # this verification is still experimental $:.unshift(File.expand_path('../../lib', __dir__)) require 'bundler-checksum' - Bundler::Checksum.patch! + BundlerChecksum.patch! end gem 'rails', '~> 6.1.6.1' |