diff options
Diffstat (limited to '.gitlab')
21 files changed, 493 insertions, 464 deletions
diff --git a/.gitlab/CODEOWNERS b/.gitlab/CODEOWNERS index e71e74fd4d3..6cd316349c8 100644 --- a/.gitlab/CODEOWNERS +++ b/.gitlab/CODEOWNERS @@ -8,11 +8,15 @@ # Technical writing team are the default reviewers for all markdown docs /doc/ @gl-docsteam -# Dev and Doc guidelines +# Doc subpaths +/doc/administration/monitoring/ @aqualls /doc/development/ @marcia @mjang1 /doc/development/documentation/ @mikelewis /doc/ci @marcel.amirault @sselhorn -/doc/.linting @marcel.amirault @eread @aqualls @mikelewis +/doc/user/clusters @aqualls +/doc/user/infrastructure @aqualls +/doc/user/project/clusters @aqualls +/doc/.vale/ @marcel.amirault @eread @aqualls @mikelewis # Frontend maintainers should see everything in `app/assets/` *.scss @annabeldunstone @gitlab-org/maintainers/frontend @@ -37,7 +41,6 @@ /ee/app/finders/ @gitlab-org/maintainers/database # Feature specific owners -/ee/lib/gitlab/code_owners/ @reprazent @kerrizor /ee/lib/ee/gitlab/auth/ldap/ @dblessing @mkozono /lib/gitlab/auth/ldap/ @dblessing @mkozono /lib/gitlab/ci/templates/ @nolith @zj @@ -46,6 +49,11 @@ /ee/app/models/project_alias.rb @patrickbajao /ee/lib/api/project_aliases.rb @patrickbajao +# Code Owners +# +/ee/lib/gitlab/code_owners/ @reprazent @kerrizor @garyh +/doc/user/project/code_owners.md @reprazent @kerrizor @garyh + # Quality owned files /qa/ @gl-quality diff --git a/.gitlab/ci/docs.gitlab-ci.yml b/.gitlab/ci/docs.gitlab-ci.yml index 50dbef44598..5a6f2aacf93 100644 --- a/.gitlab/ci/docs.gitlab-ci.yml +++ b/.gitlab/ci/docs.gitlab-ci.yml @@ -62,7 +62,7 @@ docs lint: graphql-reference-verify: extends: - .default-retry - - .default-cache + - .rails-cache - .default-before_script - .docs:rules:graphql-reference-verify - .use-pg11 diff --git a/.gitlab/ci/frontend.gitlab-ci.yml b/.gitlab/ci/frontend.gitlab-ci.yml index 6e9119f295a..4403187d422 100644 --- a/.gitlab/ci/frontend.gitlab-ci.yml +++ b/.gitlab/ci/frontend.gitlab-ci.yml @@ -1,157 +1,128 @@ -.assets-compile-cache: - cache: - paths: - - vendor/ruby/ - - public/assets/webpack/ - - assets-hash.txt - - .yarn-cache/ - - tmp/cache/assets/sprockets - - tmp/cache/babel-loader - - tmp/cache/vue-loader - - tmp/cache/webpack-dlls - -.gitlab:assets:compile-metadata: +.frontend-base: extends: - .default-retry - .default-before_script - .assets-compile-cache - image: registry.gitlab.com/gitlab-org/gitlab-build-images:ruby-2.6.6-git-2.26-lfs-2.9-chrome-73.0-node-12.x-yarn-1.21-graphicsmagick-1.3.34-docker-19.03.1 + variables: + SETUP_DB: "false" + # we override the max_old_space_size to prevent OOM errors + NODE_OPTIONS: --max_old_space_size=3584 + WEBPACK_VENDOR_DLL: "true" + +.compile-assets-base: + extends: .frontend-base + image: registry.gitlab.com/gitlab-org/gitlab-build-images:ruby-2.6.6-git-2.27-lfs-2.9-node-12.x-yarn-1.21-graphicsmagick-1.3.34 stage: prepare + script: + - node --version + - run_timed_command "retry yarn install --frozen-lockfile" + - free -m + - run_timed_command "bin/rake gitlab:assets:compile > assets-compile.log 2>&1" + - run_timed_command "scripts/clean-old-cached-assets" + +compile-production-assets: + extends: + - .compile-assets-base + - .frontend:rules:compile-production-assets variables: NODE_ENV: "production" RAILS_ENV: "production" - SETUP_DB: "false" - SKIP_STORAGE_VALIDATION: "true" WEBPACK_REPORT: "true" - # we override the max_old_space_size to prevent OOM errors - NODE_OPTIONS: --max_old_space_size=3584 - cache: - key: "assets-compile:production:v1" artifacts: name: webpack-report expire_in: 31d paths: - - webpack-report/ - assets-compile.log # These assets are used in multiple locations: # - in `build-assets-image` job to create assets image for packaging systems # - GitLab UI for integration tests: https://gitlab.com/gitlab-org/gitlab-ui/-/blob/e88493b3c855aea30bf60baee692a64606b0eb1e/.storybook/preview-head.pug#L1 - - public/assets + - public/assets/ + - webpack-report/ when: always - script: - - node --version - - retry yarn install --frozen-lockfile --production --cache-folder .yarn-cache --prefer-offline - - free -m - - time bin/rake gitlab:assets:compile > assets-compile.log 2>&1 - - scripts/clean-old-cached-assets + after_script: - rm -f /etc/apt/sources.list.d/google*.list # We don't need to update Chrome here -gitlab:assets:compile pull-push-cache: +compile-test-assets: extends: - - .gitlab:assets:compile-metadata - - .frontend:rules:gitlab-assets-compile-pull-push-cache - cache: - policy: pull-push - -gitlab:assets:compile pull-cache: - extends: - - .gitlab:assets:compile-metadata - - .frontend:rules:gitlab-assets-compile-pull-cache - cache: - policy: pull - -build-assets-image: - extends: - - .use-kaniko - - .frontend:rules:gitlab-assets-compile-pull-cache - stage: build-images - needs: ["gitlab:assets:compile pull-cache"] - variables: - GIT_DEPTH: "1" - script: - # TODO: Change the image tag to be the MD5 of assets files and skip image building if the image exists - # We'll also need to pass GITLAB_ASSETS_TAG to the trigerred omnibus-gitlab pipeline similarly to how we do it for trigerred CNG pipelines - # https://gitlab.com/gitlab-org/gitlab/issues/208389 - - scripts/build_assets_image - -.compile-assets-metadata: - extends: - - .default-retry - - .default-before_script - - .assets-compile-cache - stage: prepare - script: - - node --version - - retry yarn install --frozen-lockfile --cache-folder .yarn-cache --prefer-offline - - free -m - - time bin/rake gitlab:assets:compile > assets-compile.log 2>&1 - - scripts/clean-old-cached-assets - variables: - SETUP_DB: "false" - # we override the max_old_space_size to prevent OOM errors - NODE_OPTIONS: --max_old_space_size=3584 - WEBPACK_VENDOR_DLL: "true" - cache: - key: "assets-compile:test:v1" + - .compile-assets-base + - .frontend:rules:compile-test-assets artifacts: expire_in: 7d paths: - - node_modules - - public/assets - assets-compile.log + - public/assets/ + - node_modules/@gitlab/svgs/dist/icons.json # app/helpers/icons_helper.rb uses this file when: always -compile-assets pull-push-cache: +compile-test-assets as-if-foss: extends: - - .compile-assets-metadata - - .frontend:rules:compile-assets-pull-push-cache - cache: - policy: pull-push + - compile-test-assets + - .frontend:rules:compile-test-assets-as-if-foss + - .as-if-foss -compile-assets pull-push-cache as-if-foss: +update-assets-compile-production-cache: extends: - - .compile-assets-metadata - - .frontend:rules:compile-assets-pull-push-cache-as-if-foss - - .as-if-foss + - compile-production-assets + - .shared:rules:update-cache + stage: prepare + artifacts: {} # This job's purpose is only to update the cache. cache: - policy: pull-push - key: "assets-compile:test:as-if-foss:v1" + policy: push # We want to rebuild the cache from scratch to ensure stale dependencies are cleaned up. -compile-assets pull-cache: +update-assets-compile-test-cache: extends: - - .compile-assets-metadata - - .frontend:rules:compile-assets-pull-cache + - compile-test-assets + - .shared:rules:update-cache + stage: prepare + artifacts: {} # This job's purpose is only to update the cache. cache: - policy: pull + policy: push # We want to rebuild the cache from scratch to ensure stale dependencies are cleaned up. -compile-assets pull-cache as-if-foss: +update-yarn-cache: extends: - - .compile-assets-metadata - - .frontend:rules:compile-assets-pull-cache-as-if-foss - - .as-if-foss + - .default-retry + - .yarn-cache + - .shared:rules:update-cache + stage: prepare + script: + - source scripts/utils.sh + - run_timed_command "retry yarn install --frozen-lockfile" cache: - policy: pull - key: "assets-compile:test:as-if-foss:v1" + policy: push + +build-assets-image: + extends: + - .use-kaniko + - .frontend:rules:compile-production-assets + stage: build-images + needs: ["compile-production-assets"] + variables: + GIT_DEPTH: "1" + script: + # TODO: Change the image tag to be the MD5 of assets files and skip image building if the image exists + # We'll also need to pass GITLAB_ASSETS_TAG to the trigerred omnibus-gitlab pipeline similarly to how we do it for trigerred CNG pipelines + # https://gitlab.com/gitlab-org/gitlab/issues/208389 + - run_timed_command "scripts/build_assets_image" + retry: 2 .frontend-fixtures-base: extends: - - .default-retry + - .frontend-base - .rails-cache - - .default-before_script - .use-pg11 stage: fixtures - needs: ["setup-test-env", "compile-assets pull-cache"] + needs: ["setup-test-env", "compile-test-assets"] + variables: + SETUP_DB: "true" script: - run_timed_command "scripts/gitaly-test-build" - run_timed_command "scripts/gitaly-test-spawn" - - run_timed_command "bundle exec rake frontend:fixtures" + - run_timed_command "bin/rake frontend:fixtures" artifacts: name: frontend-fixtures expire_in: 31d when: always paths: - - node_modules - - public/assets - tmp/tests/frontend/ frontend-fixtures: @@ -165,25 +136,27 @@ frontend-fixtures-as-if-foss: - .frontend:rules:default-frontend-jobs-as-if-foss - .as-if-foss -.frontend-job-base: +.frontend-test-base: extends: - .default-retry - - .default-cache - - .default-before_script + - .yarn-cache variables: USE_BUNDLE_INSTALL: "false" SETUP_DB: "false" stage: test + before_script: + - source scripts/utils.sh .karma-base: - extends: .frontend-job-base + extends: .frontend-test-base variables: # we override the max_old_space_size to prevent OOM errors NODE_OPTIONS: --max_old_space_size=3584 script: + - source scripts/utils.sh - export BABEL_ENV=coverage CHROME_LOG_FILE=chrome_debug.log - - date - - yarn karma + - run_timed_command "retry yarn install --frozen-lockfile" + - run_timed_command "yarn karma" karma: extends: @@ -210,15 +183,11 @@ karma-as-if-foss: needs: ["frontend-fixtures-as-if-foss"] .jest-base: - extends: .frontend-job-base + extends: .frontend-test-base script: - - date - - yarn jest --ci --coverage --testSequencer ./scripts/frontend/parallel_ci_sequencer.js - cache: - key: jest - paths: - - tmp/cache/jest/ - policy: pull-push + - source scripts/utils.sh + - run_timed_command "retry yarn install --frozen-lockfile" + - run_timed_command "yarn jest --ci --coverage --testSequencer ./scripts/frontend/parallel_ci_sequencer.js" jest: extends: @@ -235,21 +204,17 @@ jest: - tmp/tests/frontend/ reports: junit: junit_jest.xml - parallel: 2 + parallel: 4 jest-integration: extends: - - .frontend-job-base + - .frontend-test-base - .frontend:rules:default-frontend-jobs script: - - date - - yarn jest:integration --ci + - source scripts/utils.sh + - run_timed_command "retry yarn install --frozen-lockfile" + - run_timed_command "yarn jest:integration --ci" needs: ["frontend-fixtures"] - cache: - key: jest-integration - paths: - - tmp/cache/jest/ - policy: pull-push jest-as-if-foss: extends: @@ -257,8 +222,7 @@ jest-as-if-foss: - .frontend:rules:default-frontend-jobs-as-if-foss - .as-if-foss needs: ["frontend-fixtures-as-if-foss"] - cache: - policy: pull + parallel: 2 coverage-frontend: extends: @@ -269,33 +233,26 @@ coverage-frontend: stage: post-test before_script: - source scripts/utils.sh - - retry yarn install --frozen-lockfile + - run_timed_command "retry yarn install --frozen-lockfile" script: - - yarn node scripts/frontend/merge_coverage_frontend.js + - run_timed_command "yarn node scripts/frontend/merge_coverage_frontend.js" artifacts: name: coverage-frontend expire_in: 31d paths: - coverage-frontend/ - cache: - policy: pull .qa-frontend-node: extends: - .default-retry + - .yarn-cache - .frontend:rules:qa-frontend-node stage: test dependencies: [] - cache: - key: "$CI_JOB_NAME" - paths: - - .yarn-cache/ - policy: pull-push script: - - date - - yarn install --frozen-lockfile --cache-folder .yarn-cache --prefer-offline - - date - - yarn run webpack-prod + - source scripts/utils.sh + - run_timed_command "yarn install --frozen-lockfile" + - run_timed_command "yarn run webpack-prod" qa-frontend-node:10: extends: .qa-frontend-node @@ -310,27 +267,39 @@ qa-frontend-node:latest: webpack-dev-server: extends: - .default-retry + - .yarn-cache - .frontend:rules:default-frontend-jobs stage: test needs: [] variables: WEBPACK_MEMORY_TEST: "true" WEBPACK_VENDOR_DLL: "true" - cache: - key: - files: - - yarn.lock - prefix: "v1" - paths: - - node_modules/ - - tmp/cache/webpack-dlls/ script: - source scripts/utils.sh - - retry yarn install --frozen-lockfile - - retry yarn webpack-vendor - - node --expose-gc node_modules/.bin/webpack-dev-server --config config/webpack.config.js + - run_timed_command "retry yarn install --frozen-lockfile" + - run_timed_command "retry yarn webpack-vendor" + - run_timed_command "node --expose-gc node_modules/.bin/webpack-dev-server --config config/webpack.config.js" artifacts: name: webpack-dev-server expire_in: 31d paths: - webpack-dev-server.json + +bundle-size-review: + extends: + - .default-retry + - .frontend:rules:bundle-size-review + image: registry.gitlab.com/gitlab-org/gitlab-build-images:danger + stage: test + needs: ["compile-production-assets"] + script: + - mkdir -p bundle-size-review + - cp webpack-report/index.html bundle-size-review/bundle-report.html + - yarn global add https://gitlab.com/gitlab-org/frontend/playground/webpack-memory-metrics.git + - danger --dangerfile=danger/bundle_size/Dangerfile --fail-on-errors=true --verbose --danger_id=bundle-size-review + artifacts: + when: always + name: bundle-size-review + expire_in: 31d + paths: + - bundle-size-review diff --git a/.gitlab/ci/global.gitlab-ci.yml b/.gitlab/ci/global.gitlab-ci.yml index e6619ff2b6d..30e3abf13be 100644 --- a/.gitlab/ci/global.gitlab-ci.yml +++ b/.gitlab/ci/global.gitlab-ci.yml @@ -10,49 +10,61 @@ .default-before_script: before_script: - - date - '[ "$FOSS_ONLY" = "1" ] && rm -rf ee/ qa/spec/ee/ qa/qa/specs/features/ee/ qa/qa/ee/ qa/qa/ee.rb' - export GOPATH=$CI_PROJECT_DIR/.go - mkdir -p $GOPATH - source scripts/utils.sh - source scripts/prepare_build.sh - - date -# Jobs that only need to pull cache -.default-cache: +.rails-cache: cache: - key: "debian-stretch-ruby-2.6.6-pg11-node-12.x" + key: "rails-v1" paths: - - .go/pkg/mod - - vendor/ruby - - .yarn-cache/ - - vendor/gitaly-ruby + - vendor/ruby/ + - vendor/gitaly-ruby/ + - .go/pkg/mod/ policy: pull -.rails-cache: +.static-analysis-cache: + cache: + key: "static-analysis-v1" + paths: + - vendor/ruby/ + - node_modules/ + - tmp/rubocop_cache/ + policy: pull + +.qa-cache: cache: - key: - files: - - Gemfile.lock - - GITALY_SERVER_VERSION - prefix: "ruby-go-cache-v1" + key: "qa-v1" paths: - - vendor/ruby - - vendor/gitaly-ruby - - .go/pkg/mod + - qa/vendor/ruby/ policy: pull .yarn-cache: cache: - key: - files: - - yarn.lock - prefix: "v1" + key: "yarn-v1" paths: - node_modules/ + - tmp/cache/webpack-dlls/ + policy: pull + +.assets-compile-cache: + cache: + key: "assets-compile-${NODE_ENV}-v1" + paths: + - vendor/ruby/ + - node_modules/ + - assets-hash.txt + - public/assets/webpack/ + - tmp/cache/assets/sprockets/ + - tmp/cache/babel-loader/ + - tmp/cache/vue-loader/ + - tmp/cache/webpack-dlls/ + policy: pull .use-pg11: - image: "registry.gitlab.com/gitlab-org/gitlab-build-images:ruby-2.6.6-golang-1.14-git-2.26-lfs-2.9-chrome-73.0-node-12.x-yarn-1.21-postgresql-11-graphicsmagick-1.3.34" + image: "registry.gitlab.com/gitlab-org/gitlab-build-images:ruby-2.6.6-golang-1.14-git-2.27-lfs-2.9-chrome-83-node-12.x-yarn-1.21-postgresql-11-graphicsmagick-1.3.34" services: - name: postgres:11.6 command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"] @@ -61,7 +73,7 @@ POSTGRES_HOST_AUTH_METHOD: trust .use-pg11-ee: - image: "registry.gitlab.com/gitlab-org/gitlab-build-images:ruby-2.6.6-golang-1.14-git-2.26-lfs-2.9-chrome-73.0-node-12.x-yarn-1.21-postgresql-11-graphicsmagick-1.3.34" + image: "registry.gitlab.com/gitlab-org/gitlab-build-images:ruby-2.6.6-golang-1.14-git-2.27-lfs-2.9-chrome-83-node-12.x-yarn-1.21-postgresql-11-graphicsmagick-1.3.34" services: - name: postgres:11.6 command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"] @@ -75,6 +87,7 @@ name: gcr.io/kaniko-project/executor:debug-v0.20.0 entrypoint: [""] before_script: + - source scripts/utils.sh - mkdir -p /kaniko/.docker - echo "{\"auths\":{\"$CI_REGISTRY\":{\"username\":\"$CI_REGISTRY_USER\",\"password\":\"$CI_REGISTRY_PASSWORD\"}}}" > /kaniko/.docker/config.json diff --git a/.gitlab/ci/memory.gitlab-ci.yml b/.gitlab/ci/memory.gitlab-ci.yml index 79dfc88d132..ef6c9b9c8ff 100644 --- a/.gitlab/ci/memory.gitlab-ci.yml +++ b/.gitlab/ci/memory.gitlab-ci.yml @@ -1,7 +1,7 @@ .only-code-memory-job-base: extends: - .default-retry - - .default-cache + - .rails-cache - .default-before_script - .memory:rules @@ -39,12 +39,11 @@ memory-on-boot: - .only-code-memory-job-base - .use-pg11 stage: test - needs: ["setup-test-env", "compile-assets pull-cache"] + needs: ["setup-test-env", "compile-test-assets"] variables: NODE_ENV: "production" RAILS_ENV: "production" SETUP_DB: "true" - SKIP_STORAGE_VALIDATION: "true" # we override the max_old_space_size to prevent OOM errors NODE_OPTIONS: --max_old_space_size=3584 script: diff --git a/.gitlab/ci/pages.gitlab-ci.yml b/.gitlab/ci/pages.gitlab-ci.yml index 218ec7043d9..a66e0d88db3 100644 --- a/.gitlab/ci/pages.gitlab-ci.yml +++ b/.gitlab/ci/pages.gitlab-ci.yml @@ -3,11 +3,16 @@ pages: - .default-retry - .pages:rules stage: pages - dependencies: ["rspec:coverage", "karma", "gitlab:assets:compile pull-cache"] + dependencies: + - rspec:coverage + - coverage-frontend + - karma + - compile-production-assets script: - mv public/ .public/ - mkdir public/ - mv coverage/ public/coverage-ruby/ || true + - mv coverage-frontend/ public/coverage-frontend/ || true - mv coverage-javascript/ public/coverage-javascript/ || true - mv webpack-report/ public/webpack-report/ || true - cp .public/assets/application-*.css public/application.css || true diff --git a/.gitlab/ci/qa.gitlab-ci.yml b/.gitlab/ci/qa.gitlab-ci.yml index 40ef13dd92b..20527b690a7 100644 --- a/.gitlab/ci/qa.gitlab-ci.yml +++ b/.gitlab/ci/qa.gitlab-ci.yml @@ -1,12 +1,9 @@ .qa-job-base: extends: - .default-retry + - .qa-cache stage: test needs: [] - cache: - key: "qa-framework-jobs:v1" - paths: - - vendor/ruby before_script: - '[ "$FOSS_ONLY" = "1" ] && rm -rf ee/ qa/spec/ee/ qa/qa/specs/features/ee/ qa/qa/ee/ qa/qa/ee.rb' - cd qa/ @@ -22,11 +19,9 @@ qa:internal: qa:internal-as-if-foss: extends: - - .qa-job-base + - qa:internal - .qa:rules:as-if-foss - .as-if-foss - script: - - bundle exec rspec qa:selectors: extends: @@ -41,6 +36,16 @@ qa:selectors-as-if-foss: - .qa:rules:as-if-foss - .as-if-foss +update-qa-cache: + extends: + - .qa-job-base + - .shared:rules:update-cache + stage: prepare + script: + - echo "Cache has been updated and ready to be uploaded." + cache: + policy: push # We want to rebuild the cache from scratch to ensure stale dependencies are cleaned up. + .package-and-qa-base: image: ruby:2.6-alpine stage: qa diff --git a/.gitlab/ci/rails.gitlab-ci.yml b/.gitlab/ci/rails.gitlab-ci.yml index e8087aebcef..f73e0c1d503 100644 --- a/.gitlab/ci/rails.gitlab-ci.yml +++ b/.gitlab/ci/rails.gitlab-ci.yml @@ -1,6 +1,3 @@ -.rails:needs:setup-and-assets: - needs: ["setup-test-env", "compile-assets pull-cache"] - .rails-job-base: extends: - .default-retry @@ -35,32 +32,54 @@ setup-test-env: - tmp/tests/repositories - tmp/tests/second_storage when: always + +update-rails-cache: + extends: + - setup-test-env + - .shared:rules:update-cache + artifacts: {} # This job's purpose is only to update the cache. + cache: + policy: push # We want to rebuild the cache from scratch to ensure stale dependencies are cleaned up. + +.static-analysis-base: + extends: + - .default-retry + - .default-before_script + - .static-analysis-cache + needs: [] + variables: + SETUP_DB: "false" + ENABLE_SPRING: "1" + +update-static-analysis-cache: + extends: + - .static-analysis-base + - .shared:rules:update-cache + stage: prepare + script: + - rm -rf ./node_modules # We remove node_modules because there's no mechanism to remove stall entries. + - run_timed_command "retry yarn install --frozen-lockfile" + - bundle exec rubocop --parallel # For the moment we only cache `vendor/ruby/`, `node_modules/`, and `tmp/rubocop_cache` so we don't need to run all the tasks, cache: + # We want to rebuild the cache from scratch to ensure stale dependencies are cleaned up but RuboCop has a mechanism + # for keeping only the N latest cache files, so we take advantage of it with `pull-push` and removing `node_modules` at the start of the job. policy: pull-push static-analysis: extends: - - .rails-job-base + - .static-analysis-base - .rails:rules:default-refs-code-backstage-qa - - .rails:needs:setup-and-assets stage: test - variables: - SETUP_DB: "false" - parallel: 2 + parallel: 4 script: + - run_timed_command "retry yarn install --frozen-lockfile" - scripts/static-analysis - cache: - key: "ruby-2.6.6-pg11-rubocop" - paths: - - vendor/ruby - - tmp/rubocop_cache - policy: pull-push downtime_check: extends: - .rails-job-base - .rails:rules:downtime_check - needs: ["setup-test-env"] + needs: [] stage: test variables: SETUP_DB: "false" @@ -70,7 +89,7 @@ downtime_check: .rspec-base: extends: .rails-job-base stage: test - needs: ["setup-test-env", "retrieve-tests-metadata", "compile-assets pull-cache"] + needs: ["setup-test-env", "retrieve-tests-metadata", "compile-test-assets"] script: - run_timed_command "scripts/gitaly-test-build" - run_timed_command "scripts/gitaly-test-spawn" @@ -173,7 +192,7 @@ db:migrate-from-v12.10.0: db:rollback: extends: .db-job-base script: - - bundle exec rake db:migrate VERSION=20180101160629 + - bundle exec rake db:migrate VERSION=20181228175414 - bundle exec rake db:migrate SKIP_SCHEMA_VERSION_CHECK=true gitlab:setup: @@ -218,8 +237,6 @@ rspec:coverage: - memory-on-boot variables: SETUP_DB: "false" - cache: - policy: pull script: - bundle exec scripts/merge-simplecov - bundle exec scripts/gather-test-memory-data @@ -247,7 +264,7 @@ rspec:coverage: - .rails:rules:as-if-foss - .as-if-foss - .use-pg11 - needs: ["setup-test-env", "retrieve-tests-metadata", "compile-assets pull-cache as-if-foss"] + needs: ["setup-test-env", "retrieve-tests-metadata", "compile-test-assets as-if-foss"] .rspec-ee-base-pg11: extends: @@ -323,3 +340,26 @@ db:rollback geo: - bundle exec rake geo:db:migrate # EE: default refs (MRs, master, schedules) jobs # ################################################## + +################################################## +# EE: Canonical MR pipelines +rspec foss-impact: + extends: + - .rspec-base + - .as-if-foss + - .rails:rules:ee-mr-only + - .use-pg11 + script: + - install_gitlab_gem + - run_timed_command "scripts/gitaly-test-build" + - run_timed_command "scripts/gitaly-test-spawn" + - source scripts/rspec_helpers.sh + - tooling/bin/find_foss_tests tmp/matching_foss_tests.txt + - rspec_matched_tests tmp/matching_foss_tests.txt "--tag ~quarantine --tag ~geo --tag ~level:migration" + artifacts: + expire_in: 7d + paths: + - tmp/matching_foss_tests.txt + - tmp/capybara/ +# EE: Merge Request pipelines +################################################## diff --git a/.gitlab/ci/reports.gitlab-ci.yml b/.gitlab/ci/reports.gitlab-ci.yml index 153334e1aff..65abb6c5cba 100644 --- a/.gitlab/ci/reports.gitlab-ci.yml +++ b/.gitlab/ci/reports.gitlab-ci.yml @@ -94,9 +94,9 @@ dependency_scanning: stage: test needs: [] variables: + DS_MAJOR_VERSION: 2 DS_EXCLUDED_PATHS: "qa/qa/ee/fixtures/secure_premade_reports,spec,ee/spec" # GitLab-specific script: - - export DS_VERSION=${SP_VERSION:-$(echo "$CI_SERVER_VERSION" | sed 's/^\([0-9]*\)\.\([0-9]*\).*/\1-\2-stable/')} - | if ! docker info &>/dev/null; then if [ -z "$DOCKER_HOST" -a "$KUBERNETES_PORT" ]; then @@ -138,7 +138,7 @@ dependency_scanning: ) \ --volume "$PWD:/code" \ --volume /var/run/docker.sock:/var/run/docker.sock \ - "registry.gitlab.com/gitlab-org/security-products/dependency-scanning:$DS_VERSION" /code + "registry.gitlab.com/gitlab-org/security-products/dependency-scanning:$DS_MAJOR_VERSION" /code artifacts: paths: - gl-dependency-scanning-report.json # GitLab-specific @@ -146,37 +146,38 @@ dependency_scanning: dependency_scanning: gl-dependency-scanning-report.json expire_in: 1 week # GitLab-specific -# We need to duplicate this job's definition because it seems it's impossible to -# override an included `only.refs`. -# See https://gitlab.com/gitlab-org/gitlab/issues/31371. -dast: - extends: - - .default-retry - - .reports:rules:dast - # This is needed so that manual jobs with needs don't block the pipeline. - # See https://gitlab.com/gitlab-org/gitlab/-/issues/199979. - dependencies: ["review-deploy"] - stage: qa # GitLab-specific - image: - name: "registry.gitlab.com/gitlab-org/security-products/dast:$DAST_VERSION" - variables: - # To be done in a later iteration - # DAST_USERNAME: "root" - # DAST_USERNAME_FIELD: "user[login]" - # DAST_PASSWORD_FIELD: "user[passowrd]" - DAST_VERSION: 1 - script: - - 'export DAST_WEBSITE="${DAST_WEBSITE:-$(cat environment_url.txt)}"' - # To be done in a later iteration - # - 'export DAST_AUTH_URL="${DAST_WEBSITE}/users/sign_in"' - # - 'export DAST_PASSWORD="${REVIEW_APPS_ROOT_PASSWORD}"' - - /analyze -t $DAST_WEBSITE - artifacts: - paths: - - gl-dast-report.json # GitLab-specific - reports: - dast: gl-dast-report.json - expire_in: 1 week # GitLab-specific +# Temporarily disabling review apps +## We need to duplicate this job's definition because it seems it's impossible to +## override an included `only.refs`. +## See https://gitlab.com/gitlab-org/gitlab/issues/31371. +#dast: +# extends: +# - .default-retry +# - .reports:rules:dast +# # This is needed so that manual jobs with needs don't block the pipeline. +# # See https://gitlab.com/gitlab-org/gitlab/-/issues/199979. +# dependencies: ["review-deploy"] +# stage: qa # GitLab-specific +# image: +# name: "registry.gitlab.com/gitlab-org/security-products/dast:$DAST_VERSION" +# variables: +# # To be done in a later iteration +# # DAST_USERNAME: "root" +# # DAST_USERNAME_FIELD: "user[login]" +# # DAST_PASSWORD_FIELD: "user[passowrd]" +# DAST_VERSION: 1 +# script: +# - 'export DAST_WEBSITE="${DAST_WEBSITE:-$(cat environment_url.txt)}"' +# # To be done in a later iteration +# # - 'export DAST_AUTH_URL="${DAST_WEBSITE}/users/sign_in"' +# # - 'export DAST_PASSWORD="${REVIEW_APPS_ROOT_PASSWORD}"' +# - /analyze -t $DAST_WEBSITE +# artifacts: +# paths: +# - gl-dast-report.json # GitLab-specific +# reports: +# dast: gl-dast-report.json +# expire_in: 1 week # GitLab-specific # To be done in a later iteration: https://gitlab.com/gitlab-org/gitlab/issues/31160#note_278188255 # schedule:dast: diff --git a/.gitlab/ci/review.gitlab-ci.yml b/.gitlab/ci/review.gitlab-ci.yml index 46a281cd48f..6898da95c15 100644 --- a/.gitlab/ci/review.gitlab-ci.yml +++ b/.gitlab/ci/review.gitlab-ci.yml @@ -1,13 +1,13 @@ build-qa-image: extends: - .use-kaniko - - .default-retry - .review:rules:build-qa-image stage: build-images needs: [] script: - export QA_IMAGE="${CI_REGISTRY}/${CI_PROJECT_PATH}/gitlab-ee-qa:${CI_COMMIT_REF_SLUG}" - /kaniko/executor --context=${CI_PROJECT_DIR} --dockerfile=${CI_PROJECT_DIR}/qa/Dockerfile --destination=${QA_IMAGE} --cache=true + retry: 2 review-cleanup: extends: @@ -27,24 +27,25 @@ review-cleanup: - ruby -rrubygems scripts/review_apps/automated_cleanup.rb - gcp_cleanup -review-build-cng: - extends: - - .default-retry - - .review:rules:review-build-cng - image: ruby:2.6-alpine - stage: review-prepare - before_script: - - source scripts/utils.sh - - install_api_client_dependencies_with_apk - - install_gitlab_gem - needs: - - job: gitlab:assets:compile pull-cache - artifacts: false - script: - - BUILD_TRIGGER_TOKEN=$REVIEW_APPS_BUILD_TRIGGER_TOKEN ./scripts/trigger-build cng - # When the job is manual, review-deploy is also manual and we don't want people - # to have to manually start the jobs in sequence, so we do it for them. - - '[ -z $CI_JOB_MANUAL ] || play_job "review-deploy"' +# Temporarily disabling review apps +#review-build-cng: +# extends: +# - .default-retry +# - .review:rules:review-build-cng +# image: ruby:2.6-alpine +# stage: review-prepare +# before_script: +# - source scripts/utils.sh +# - install_api_client_dependencies_with_apk +# - install_gitlab_gem +# needs: +# - job: compile-production-assets +# artifacts: false +# script: +# - BUILD_TRIGGER_TOKEN=$REVIEW_APPS_BUILD_TRIGGER_TOKEN ./scripts/trigger-build cng +# # When the job is manual, review-deploy is also manual and we don't want people +# # to have to manually start the jobs in sequence, so we do it for them. +# - '[ -z $CI_JOB_MANUAL ] || play_job "review-deploy"' .review-workflow-base: extends: @@ -53,43 +54,44 @@ review-build-cng: variables: HOST_SUFFIX: "${CI_ENVIRONMENT_SLUG}" DOMAIN: "-${CI_ENVIRONMENT_SLUG}.${REVIEW_APPS_DOMAIN}" - GITLAB_HELM_CHART_REF: "v3.3.3" + GITLAB_HELM_CHART_REF: "master" environment: name: review/${CI_COMMIT_REF_NAME} url: https://gitlab-${CI_ENVIRONMENT_SLUG}.${REVIEW_APPS_DOMAIN} on_stop: review-stop auto_stop_in: 48 hours -review-deploy: - extends: - - .review-workflow-base - - .review:rules:mr-and-schedule-auto-if-frontend-manual-otherwise - stage: review - dependencies: [] - resource_group: "review/${CI_COMMIT_REF_NAME}" - before_script: - - export GITLAB_SHELL_VERSION=$(<GITLAB_SHELL_VERSION) - - export GITALY_VERSION=$(<GITALY_SERVER_VERSION) - - export GITLAB_WORKHORSE_VERSION=$(<GITLAB_WORKHORSE_VERSION) - - echo "${CI_ENVIRONMENT_URL}" > environment_url.txt - - source ./scripts/utils.sh - - install_api_client_dependencies_with_apk - - source scripts/review_apps/review-apps.sh - script: - - check_kube_domain - - ensure_namespace - - install_external_dns - - download_chart - - date - - deploy || (display_deployment_debug && exit 1) - # When the job is manual, review-qa-smoke is also manual and we don't want people - # to have to manually start the jobs in sequence, so we do it for them. - - '[ -z $CI_JOB_MANUAL ] || play_job "review-qa-smoke"' - - '[ -z $CI_JOB_MANUAL ] || play_job "review-performance"' - artifacts: - paths: [environment_url.txt] - expire_in: 2 days - when: always +# Temporarily disabling review apps +#review-deploy: +# extends: +# - .review-workflow-base +# - .review:rules:mr-and-schedule-auto-if-frontend-manual-otherwise +# stage: review +# dependencies: [] +# resource_group: "review/${CI_COMMIT_REF_NAME}" +# before_script: +# - export GITLAB_SHELL_VERSION=$(<GITLAB_SHELL_VERSION) +# - export GITALY_VERSION=$(<GITALY_SERVER_VERSION) +# - export GITLAB_WORKHORSE_VERSION=$(<GITLAB_WORKHORSE_VERSION) +# - echo "${CI_ENVIRONMENT_URL}" > environment_url.txt +# - source ./scripts/utils.sh +# - install_api_client_dependencies_with_apk +# - source scripts/review_apps/review-apps.sh +# script: +# - check_kube_domain +# - ensure_namespace +# - install_external_dns +# - download_chart +# - date +# - deploy || (display_deployment_debug && exit 1) +# # When the job is manual, review-qa-smoke is also manual and we don't want people +# # to have to manually start the jobs in sequence, so we do it for them. +# - '[ -z $CI_JOB_MANUAL ] || play_job "review-qa-smoke"' +# - '[ -z $CI_JOB_MANUAL ] || play_job "review-performance"' +# artifacts: +# paths: [environment_url.txt] +# expire_in: 2 days +# when: always .review-stop-base: extends: .review-workflow-base @@ -122,109 +124,110 @@ review-stop: script: - delete_release -.review-qa-base: - extends: - - .default-retry - - .use-docker-in-docker - image: registry.gitlab.com/gitlab-org/gitlab-build-images:gitlab-qa-alpine-ruby-2.6 - stage: qa - # This is needed so that manual jobs with needs don't block the pipeline. - # See https://gitlab.com/gitlab-org/gitlab/-/issues/199979. - dependencies: ["review-deploy"] - variables: - QA_ARTIFACTS_DIR: "${CI_PROJECT_DIR}/qa" - QA_CAN_TEST_GIT_PROTOCOL_V2: "false" - QA_DEBUG: "true" - GITLAB_USERNAME: "root" - GITLAB_PASSWORD: "${REVIEW_APPS_ROOT_PASSWORD}" - GITLAB_ADMIN_USERNAME: "root" - GITLAB_ADMIN_PASSWORD: "${REVIEW_APPS_ROOT_PASSWORD}" - GITHUB_ACCESS_TOKEN: "${REVIEW_APPS_QA_GITHUB_ACCESS_TOKEN}" - EE_LICENSE: "${REVIEW_APPS_EE_LICENSE}" - before_script: - - export QA_IMAGE="${CI_REGISTRY}/${CI_PROJECT_PATH}/gitlab-ee-qa:${CI_COMMIT_REF_SLUG}" - - export CI_ENVIRONMENT_URL="$(cat environment_url.txt)" - - echo "${CI_ENVIRONMENT_URL}" - - echo "${QA_IMAGE}" - - source scripts/utils.sh - - install_api_client_dependencies_with_apk - - gem install gitlab-qa --no-document ${GITLAB_QA_VERSION:+ --version ${GITLAB_QA_VERSION}} - artifacts: - paths: - - ./qa/gitlab-qa-run-* - expire_in: 7 days - when: always - -review-qa-smoke: - extends: - - .review-qa-base - - .review:rules:review-qa-smoke - script: - - gitlab-qa Test::Instance::Smoke "${QA_IMAGE}" "${CI_ENVIRONMENT_URL}" - -review-qa-all: - extends: - - .review-qa-base - - .review:rules:mr-only-manual - parallel: 5 - script: - - export KNAPSACK_REPORT_PATH=knapsack/master_report.json - - export KNAPSACK_TEST_FILE_PATTERN=qa/specs/features/**/*_spec.rb - - gitlab-qa Test::Instance::Any "${QA_IMAGE}" "${CI_ENVIRONMENT_URL}" -- --format RspecJunitFormatter --out tmp/rspec-${CI_JOB_ID}.xml --format html --out tmp/rspec.htm --color --format documentation - -review-performance: - extends: - - .default-retry - - .review:rules:mr-and-schedule-auto-if-frontend-manual-otherwise - image: - name: sitespeedio/sitespeed.io:6.3.1 - entrypoint: [""] - stage: qa - # This is needed so that manual jobs with needs don't block the pipeline. - # See https://gitlab.com/gitlab-org/gitlab/-/issues/199979. - dependencies: ["review-deploy"] - before_script: - - export CI_ENVIRONMENT_URL="$(cat environment_url.txt)" - - echo "${CI_ENVIRONMENT_URL}" - - mkdir -p gitlab-exporter - - wget -O ./gitlab-exporter/index.js https://gitlab.com/gitlab-org/gl-performance/raw/master/index.js - - mkdir -p sitespeed-results - script: - - /start.sh --plugins.add ./gitlab-exporter --outputFolder sitespeed-results "${CI_ENVIRONMENT_URL}" - after_script: - - mv sitespeed-results/data/performance.json performance.json - artifacts: - paths: - - sitespeed-results/ - reports: - performance: performance.json - expire_in: 31d - -parallel-spec-reports: - extends: - - .review:rules:mr-only-manual - image: ruby:2.6-alpine - stage: post-qa - dependencies: ["review-qa-all"] - variables: - NEW_PARALLEL_SPECS_REPORT: qa/report-new.html - BASE_ARTIFACT_URL: "${CI_PROJECT_URL}/-/jobs/${CI_JOB_ID}/artifacts/file/qa/" - script: - - apk add --update build-base libxml2-dev libxslt-dev && rm -rf /var/cache/apk/* - - gem install nokogiri --no-document - - cd qa/gitlab-qa-run-*/gitlab-* - - ARTIFACT_DIRS=$(pwd |rev| awk -F / '{print $1,$2}' | rev | sed s_\ _/_) - - cd - - - '[[ -f $NEW_PARALLEL_SPECS_REPORT ]] || echo "{}" > ${NEW_PARALLEL_SPECS_REPORT}' - - scripts/merge-html-reports ${NEW_PARALLEL_SPECS_REPORT} ${BASE_ARTIFACT_URL}${ARTIFACT_DIRS} qa/gitlab-qa-run-*/**/rspec.htm - artifacts: - when: always - paths: - - qa/report-new.html - - qa/gitlab-qa-run-* - reports: - junit: qa/gitlab-qa-run-*/**/rspec-*.xml - expire_in: 31d +# Temporarily disabling review apps +#.review-qa-base: +# extends: +# - .default-retry +# - .use-docker-in-docker +# image: registry.gitlab.com/gitlab-org/gitlab-build-images:gitlab-qa-alpine-ruby-2.6 +# stage: qa +# # This is needed so that manual jobs with needs don't block the pipeline. +# # See https://gitlab.com/gitlab-org/gitlab/-/issues/199979. +# dependencies: ["review-deploy"] +# variables: +# QA_ARTIFACTS_DIR: "${CI_PROJECT_DIR}/qa" +# QA_CAN_TEST_GIT_PROTOCOL_V2: "false" +# QA_DEBUG: "true" +# GITLAB_USERNAME: "root" +# GITLAB_PASSWORD: "${REVIEW_APPS_ROOT_PASSWORD}" +# GITLAB_ADMIN_USERNAME: "root" +# GITLAB_ADMIN_PASSWORD: "${REVIEW_APPS_ROOT_PASSWORD}" +# GITHUB_ACCESS_TOKEN: "${REVIEW_APPS_QA_GITHUB_ACCESS_TOKEN}" +# EE_LICENSE: "${REVIEW_APPS_EE_LICENSE}" +# before_script: +# - export QA_IMAGE="${CI_REGISTRY}/${CI_PROJECT_PATH}/gitlab-ee-qa:${CI_COMMIT_REF_SLUG}" +# - export CI_ENVIRONMENT_URL="$(cat environment_url.txt)" +# - echo "${CI_ENVIRONMENT_URL}" +# - echo "${QA_IMAGE}" +# - source scripts/utils.sh +# - install_api_client_dependencies_with_apk +# - gem install gitlab-qa --no-document ${GITLAB_QA_VERSION:+ --version ${GITLAB_QA_VERSION}} +# artifacts: +# paths: +# - ./qa/gitlab-qa-run-* +# expire_in: 7 days +# when: always +# +#review-qa-smoke: +# extends: +# - .review-qa-base +# - .review:rules:review-qa-smoke +# script: +# - gitlab-qa Test::Instance::Smoke "${QA_IMAGE}" "${CI_ENVIRONMENT_URL}" +# +#review-qa-all: +# extends: +# - .review-qa-base +# - .review:rules:mr-only-manual +# parallel: 5 +# script: +# - export KNAPSACK_REPORT_PATH=knapsack/master_report.json +# - export KNAPSACK_TEST_FILE_PATTERN=qa/specs/features/**/*_spec.rb +# - gitlab-qa Test::Instance::Any "${QA_IMAGE}" "${CI_ENVIRONMENT_URL}" -- --format RspecJunitFormatter --out tmp/rspec-${CI_JOB_ID}.xml --format html --out tmp/rspec.htm --color --format documentation +# +#review-performance: +# extends: +# - .default-retry +# - .review:rules:mr-and-schedule-auto-if-frontend-manual-otherwise +# image: +# name: sitespeedio/sitespeed.io:6.3.1 +# entrypoint: [""] +# stage: qa +# # This is needed so that manual jobs with needs don't block the pipeline. +# # See https://gitlab.com/gitlab-org/gitlab/-/issues/199979. +# dependencies: ["review-deploy"] +# before_script: +# - export CI_ENVIRONMENT_URL="$(cat environment_url.txt)" +# - echo "${CI_ENVIRONMENT_URL}" +# - mkdir -p gitlab-exporter +# - wget -O ./gitlab-exporter/index.js https://gitlab.com/gitlab-org/gl-performance/raw/master/index.js +# - mkdir -p sitespeed-results +# script: +# - /start.sh --plugins.add ./gitlab-exporter --outputFolder sitespeed-results "${CI_ENVIRONMENT_URL}" +# after_script: +# - mv sitespeed-results/data/performance.json performance.json +# artifacts: +# paths: +# - sitespeed-results/ +# reports: +# performance: performance.json +# expire_in: 31d +# +#parallel-spec-reports: +# extends: +# - .review:rules:mr-only-manual +# image: ruby:2.6-alpine +# stage: post-qa +# dependencies: ["review-qa-all"] +# variables: +# NEW_PARALLEL_SPECS_REPORT: qa/report-new.html +# BASE_ARTIFACT_URL: "${CI_PROJECT_URL}/-/jobs/${CI_JOB_ID}/artifacts/file/qa/" +# script: +# - apk add --update build-base libxml2-dev libxslt-dev && rm -rf /var/cache/apk/* +# - gem install nokogiri --no-document +# - cd qa/gitlab-qa-run-*/gitlab-* +# - ARTIFACT_DIRS=$(pwd |rev| awk -F / '{print $1,$2}' | rev | sed s_\ _/_) +# - cd - +# - '[[ -f $NEW_PARALLEL_SPECS_REPORT ]] || echo "{}" > ${NEW_PARALLEL_SPECS_REPORT}' +# - scripts/merge-html-reports ${NEW_PARALLEL_SPECS_REPORT} ${BASE_ARTIFACT_URL}${ARTIFACT_DIRS} qa/gitlab-qa-run-*/**/rspec.htm +# artifacts: +# when: always +# paths: +# - qa/report-new.html +# - qa/gitlab-qa-run-* +# reports: +# junit: qa/gitlab-qa-run-*/**/rspec-*.xml +# expire_in: 31d danger-review: extends: @@ -238,5 +241,3 @@ danger-review: - source scripts/utils.sh - retry yarn install --frozen-lockfile - danger --fail-on-errors=true --verbose - cache: - policy: pull diff --git a/.gitlab/ci/rules.gitlab-ci.yml b/.gitlab/ci/rules.gitlab-ci.yml index 383aca0043b..fbbb0391ec5 100644 --- a/.gitlab/ci/rules.gitlab-ci.yml +++ b/.gitlab/ci/rules.gitlab-ci.yml @@ -37,6 +37,9 @@ .if-merge-request-title-as-if-foss: &if-merge-request-title-as-if-foss if: '$CI_MERGE_REQUEST_TITLE =~ /RUN AS-IF-FOSS/' +.if-merge-request-title-update-caches: &if-merge-request-title-update-caches + if: '$CI_MERGE_REQUEST_TITLE =~ /UPDATE CACHE/' + .if-security-merge-request: &if-security-merge-request if: '$CI_PROJECT_NAMESPACE == "gitlab-org/security" && $CI_MERGE_REQUEST_IID' @@ -49,6 +52,9 @@ .if-dot-com-gitlab-org-merge-request: &if-dot-com-gitlab-org-merge-request if: '$CI_SERVER_HOST == "gitlab.com" && $CI_PROJECT_NAMESPACE == "gitlab-org" && $CI_MERGE_REQUEST_IID' +.if-dot-com-gitlab-org-and-security-merge-request: &if-dot-com-gitlab-org-and-security-merge-request + if: '$CI_SERVER_HOST == "gitlab.com" && $CI_PROJECT_NAMESPACE =~ /^gitlab-org($|\/security$)/ && $CI_MERGE_REQUEST_IID' + .if-dot-com-gitlab-org-and-security-tag: &if-dot-com-gitlab-org-and-security-tag if: '$CI_SERVER_HOST == "gitlab.com" && $CI_PROJECT_NAMESPACE =~ /^gitlab-org($|\/security$)/ && $CI_COMMIT_TAG' @@ -78,9 +84,11 @@ .frontend-patterns: &frontend-patterns - "{package.json,yarn.lock}" - - "{babel.config,jest.config}.js" + - "babel.config.js" + - "jest.config.{base,integration,unit}.js" - ".csscomb.json" - "Dockerfile.assets" + - "config/**/*.js" - "vendor/assets/**/*" - "{,ee/}{app/assets,app/helpers,app/presenters,app/views,locale,public,symbol}/**/*" @@ -93,7 +101,8 @@ .code-patterns: &code-patterns - "{package.json,yarn.lock}" - - "{babel.config,jest.config}.js" + - "babel.config.js" + - "jest.config.{base,integration,unit}.js" - ".csscomb.json" - "Dockerfile.assets" - "vendor/assets/**/*" @@ -113,7 +122,8 @@ .code-backstage-patterns: &code-backstage-patterns - "{package.json,yarn.lock}" - - "{babel.config,jest.config}.js" + - "babel.config.js" + - "jest.config.{base,integration,unit}.js" - ".csscomb.json" - "Dockerfile.assets" - "vendor/assets/**/*" @@ -135,7 +145,8 @@ .code-qa-patterns: &code-qa-patterns - "{package.json,yarn.lock}" - - "{babel.config,jest.config}.js" + - "babel.config.js" + - "jest.config.{base,integration,unit}.js" - ".csscomb.json" - "Dockerfile.assets" - "vendor/assets/**/*" @@ -154,7 +165,8 @@ .code-backstage-qa-patterns: &code-backstage-qa-patterns - "{package.json,yarn.lock}" - - "{babel.config,jest.config}.js" + - "babel.config.js" + - "jest.config.{base,integration,unit}.js" - ".csscomb.json" - "Dockerfile.assets" - "vendor/assets/**/*" @@ -177,6 +189,14 @@ - ".dockerignore" - "qa/**/*" +################ +# Shared rules # +################ +.shared:rules:update-cache: + rules: + - <<: *if-master-schedule-2-hourly + - <<: *if-merge-request-title-update-caches + #################### # Cache repo rules # #################### @@ -238,51 +258,21 @@ ################## # Frontend rules # ################## -# This job only runs on `master` since it pushes to the cache. -.frontend:rules:gitlab-assets-compile-pull-push-cache: - rules: - - <<: *if-not-canonical-namespace - when: never - - <<: *if-master-refs - changes: *code-backstage-qa-patterns - when: on_success - -.frontend:rules:gitlab-assets-compile-pull-cache: +.frontend:rules:compile-production-assets: rules: - <<: *if-not-canonical-namespace when: never - <<: *if-default-refs changes: *code-backstage-qa-patterns - when: on_success -.frontend:rules:compile-assets-pull-push-cache: +.frontend:rules:compile-test-assets: rules: - - <<: *if-master-refs - changes: *code-backstage-qa-patterns - when: on_success - -# This job only runs on `master` since it pushes to the cache. -.frontend:rules:compile-assets-pull-push-cache-as-if-foss: - rules: - - <<: *if-not-ee - when: never - - <<: *if-master-push - changes: *code-backstage-qa-patterns - - <<: *if-master-schedule-2-hourly - -.frontend:rules:compile-assets-pull-cache: - rules: - - <<: *if-default-refs - changes: *code-backstage-qa-patterns - when: on_success + - changes: *code-backstage-qa-patterns -.frontend:rules:compile-assets-pull-cache-as-if-foss: +.frontend:rules:compile-test-assets-as-if-foss: rules: - <<: *if-not-ee when: never - - <<: *if-master-push - changes: *code-backstage-qa-patterns - - <<: *if-master-schedule-2-hourly - <<: *if-security-merge-request changes: *code-backstage-qa-patterns - <<: *if-merge-request-title-as-if-foss @@ -293,15 +283,11 @@ rules: - <<: *if-default-refs changes: *code-backstage-patterns - when: on_success .frontend:rules:default-frontend-jobs-as-if-foss: rules: - <<: *if-not-ee when: never - - <<: *if-master-push - changes: *code-backstage-patterns - - <<: *if-master-schedule-2-hourly - <<: *if-security-merge-request changes: *code-backstage-patterns - <<: *if-merge-request-title-as-if-foss @@ -321,10 +307,8 @@ rules: - <<: *if-master-refs changes: *frontend-dependency-patterns - when: on_success - <<: *if-merge-request changes: *frontend-dependency-patterns - when: on_success .frontend:rules:qa-frontend-node-latest: rules: @@ -335,6 +319,12 @@ changes: *frontend-dependency-patterns allow_failure: true +.frontend:rules:bundle-size-review: + rules: + - if: '$DANGER_GITLAB_API_TOKEN && $CI_MERGE_REQUEST_IID && $CI_MERGE_REQUEST_TARGET_BRANCH_NAME == "master"' + changes: *frontend-patterns + allow_failure: true + ################ # Memory rules # ################ @@ -368,9 +358,6 @@ rules: - <<: *if-not-ee when: never - - <<: *if-master-push - changes: *code-qa-patterns - - <<: *if-master-schedule-2-hourly - <<: *if-security-merge-request changes: *code-qa-patterns - <<: *if-merge-request-title-as-if-foss @@ -379,13 +366,13 @@ .qa:rules:package-and-qa: rules: - - <<: *if-dot-com-gitlab-org-merge-request + - <<: *if-dot-com-gitlab-org-and-security-merge-request changes: *ci-patterns allow_failure: true - - <<: *if-dot-com-gitlab-org-merge-request + - <<: *if-dot-com-gitlab-org-and-security-merge-request changes: *qa-patterns allow_failure: true - - <<: *if-dot-com-gitlab-org-merge-request + - <<: *if-dot-com-gitlab-org-and-security-merge-request changes: *code-patterns when: manual allow_failure: true @@ -416,9 +403,6 @@ rules: - <<: *if-not-ee when: never - - <<: *if-master-push - changes: *code-backstage-patterns - - <<: *if-master-schedule-2-hourly - <<: *if-security-merge-request changes: *code-backstage-patterns - <<: *if-merge-request-title-as-if-foss @@ -434,6 +418,17 @@ - <<: *if-master-refs changes: *code-backstage-patterns +.rails:rules:ee-mr-only: + rules: + - <<: *if-not-ee + when: never + - <<: *if-merge-request-title-as-if-foss + when: never + - <<: *if-security-merge-request + changes: *code-backstage-patterns + - <<: *if-dot-com-gitlab-org-merge-request + changes: *code-backstage-patterns + .rails:rules:downtime_check: rules: - <<: *if-merge-request @@ -505,7 +500,7 @@ rules: - <<: *if-not-ee when: never - - <<: *if-dot-com-gitlab-org-merge-request + - <<: *if-dot-com-gitlab-org-and-security-merge-request changes: *code-qa-patterns - <<: *if-dot-com-gitlab-org-schedule diff --git a/.gitlab/ci/setup.gitlab-ci.yml b/.gitlab/ci/setup.gitlab-ci.yml index 9be495f1ef2..b878bec3751 100644 --- a/.gitlab/ci/setup.gitlab-ci.yml +++ b/.gitlab/ci/setup.gitlab-ci.yml @@ -3,7 +3,7 @@ cache gems: extends: - .default-retry - - .default-cache + - .rails-cache - .default-before_script - .setup:rules:cache-gems stage: test diff --git a/.gitlab/ci/test-metadata.gitlab-ci.yml b/.gitlab/ci/test-metadata.gitlab-ci.yml index 65cce76fc48..1764e9136a1 100644 --- a/.gitlab/ci/test-metadata.gitlab-ci.yml +++ b/.gitlab/ci/test-metadata.gitlab-ci.yml @@ -3,11 +3,6 @@ TESTS_METADATA_S3_BUCKET: "gitlab-ce-cache" before_script: - source scripts/utils.sh - cache: - key: tests_metadata - paths: - - knapsack/ - - rspec_flaky/ artifacts: expire_in: 31d paths: @@ -20,8 +15,6 @@ retrieve-tests-metadata: - .tests-metadata-state - .test-metadata:rules:retrieve-tests-metadata stage: prepare - cache: - policy: pull script: - source scripts/rspec_helpers.sh - retrieve_tests_metadata @@ -44,8 +37,6 @@ update-tests-metadata: - rspec-ee unit pg11 geo - rspec-ee integration pg11 geo - rspec-ee system pg11 geo - cache: - policy: push script: - retry gem install fog-aws mime-types activesupport rspec_profiling postgres-copy --no-document - source scripts/rspec_helpers.sh diff --git a/.gitlab/issue_templates/Acceptance_Testing.md b/.gitlab/issue_templates/Acceptance Testing.md index 5a6c35f28ad..5a6c35f28ad 100644 --- a/.gitlab/issue_templates/Acceptance_Testing.md +++ b/.gitlab/issue_templates/Acceptance Testing.md diff --git a/.gitlab/issue_templates/Problem_Validation.md b/.gitlab/issue_templates/Problem Validation.md index f7515c07218..f7515c07218 100644 --- a/.gitlab/issue_templates/Problem_Validation.md +++ b/.gitlab/issue_templates/Problem Validation.md diff --git a/.gitlab/issue_templates/QA failure.md b/.gitlab/issue_templates/QA Failure.md index 2a8b1b2d2f9..2a8b1b2d2f9 100644 --- a/.gitlab/issue_templates/QA failure.md +++ b/.gitlab/issue_templates/QA Failure.md diff --git a/.gitlab/issue_templates/Solution_validation b/.gitlab/issue_templates/Solution Validation.md index 27f97d8dd12..27f97d8dd12 100644 --- a/.gitlab/issue_templates/Solution_validation +++ b/.gitlab/issue_templates/Solution Validation.md diff --git a/.gitlab/issue_templates/Test plan.md b/.gitlab/issue_templates/Test Plan.md index a202c0bf546..a202c0bf546 100644 --- a/.gitlab/issue_templates/Test plan.md +++ b/.gitlab/issue_templates/Test Plan.md diff --git a/.gitlab/merge_request_templates/Change documentation location.md b/.gitlab/merge_request_templates/Change Documentation Location.md index f18957fdaaa..f18957fdaaa 100644 --- a/.gitlab/merge_request_templates/Change documentation location.md +++ b/.gitlab/merge_request_templates/Change Documentation Location.md diff --git a/.gitlab/merge_request_templates/Documentation.md b/.gitlab/merge_request_templates/Documentation.md index 72bfd2cdec4..282e80d700a 100644 --- a/.gitlab/merge_request_templates/Documentation.md +++ b/.gitlab/merge_request_templates/Documentation.md @@ -24,6 +24,8 @@ - ~"development guidelines" and ~"Description templates (.gitlab/\*)" when creating/updating issue and MR description templates. - [ ] Assign the [designated Technical Writer](https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments). +Do not add the ~"feature", ~"frontend", ~"backend", ~"bug", or ~"database" labels if you are only updating documentation. These labels will cause the MR to be added to code verification QA issues. + When applicable: - [ ] Update the [permissions table](https://docs.gitlab.com/ee/user/permissions.html). diff --git a/.gitlab/merge_request_templates/New static analysis check.md b/.gitlab/merge_request_templates/New Static Analysis Check.md index 8bbb3effb1c..8bbb3effb1c 100644 --- a/.gitlab/merge_request_templates/New static analysis check.md +++ b/.gitlab/merge_request_templates/New Static Analysis Check.md |