diff options
| -rw-r--r-- | app/controllers/omniauth_callbacks_controller.rb | 2 | ||||
| -rw-r--r-- | changelogs/unreleased/add-db-timings-to-sidekiq-logs.yml | 5 | ||||
| -rw-r--r-- | changelogs/unreleased/display-rules-without-approvers.yml | 5 | ||||
| -rw-r--r-- | changelogs/unreleased/link-types-api-rest.yml | 5 | ||||
| -rw-r--r-- | changelogs/unreleased/omniauth-redirect-loop.yml | 5 | ||||
| -rw-r--r-- | changelogs/unreleased/update-set-value-to-2-0-1.yml | 5 | ||||
| -rw-r--r-- | doc/administration/logs.md | 2 | ||||
| -rw-r--r-- | doc/administration/troubleshooting/debug.md | 4 | ||||
| -rw-r--r-- | doc/api/issue_links.md | 9 | ||||
| -rw-r--r-- | lib/gitlab/sidekiq_logging/structured_logger.rb | 7 | ||||
| -rw-r--r-- | spec/controllers/omniauth_callbacks_controller_spec.rb | 28 | ||||
| -rw-r--r-- | spec/frontend/diffs/components/settings_dropdown_spec.js | 2 | ||||
| -rw-r--r-- | spec/frontend/frequent_items/components/frequent_items_search_input_spec.js | 11 | ||||
| -rw-r--r-- | spec/lib/gitlab/sidekiq_logging/structured_logger_spec.rb | 45 | ||||
| -rw-r--r-- | yarn.lock | 28 |
15 files changed, 127 insertions, 36 deletions
diff --git a/app/controllers/omniauth_callbacks_controller.rb b/app/controllers/omniauth_callbacks_controller.rb index 1f1c01c8fcc..bc3308fd6c6 100644 --- a/app/controllers/omniauth_callbacks_controller.rb +++ b/app/controllers/omniauth_callbacks_controller.rb @@ -177,7 +177,7 @@ class OmniauthCallbacksController < Devise::OmniauthCallbacksController message << _("Create a GitLab account first, and then connect it to your %{label} account.") % { label: label } end - flash[:notice] = message.join(' ') + flash[:alert] = message.join(' ') redirect_to new_user_session_path end diff --git a/changelogs/unreleased/add-db-timings-to-sidekiq-logs.yml b/changelogs/unreleased/add-db-timings-to-sidekiq-logs.yml new file mode 100644 index 00000000000..8abb22a1d74 --- /dev/null +++ b/changelogs/unreleased/add-db-timings-to-sidekiq-logs.yml @@ -0,0 +1,5 @@ +--- +title: Log database time in Sidekiq JSON logs +merge_request: 22548 +author: +type: other diff --git a/changelogs/unreleased/display-rules-without-approvers.yml b/changelogs/unreleased/display-rules-without-approvers.yml new file mode 100644 index 00000000000..86bc7c2711c --- /dev/null +++ b/changelogs/unreleased/display-rules-without-approvers.yml @@ -0,0 +1,5 @@ +--- +title: Show regular rules without approvers +merge_request: 21918 +author: +type: fixed diff --git a/changelogs/unreleased/link-types-api-rest.yml b/changelogs/unreleased/link-types-api-rest.yml new file mode 100644 index 00000000000..ead1d36a136 --- /dev/null +++ b/changelogs/unreleased/link-types-api-rest.yml @@ -0,0 +1,5 @@ +--- +title: Expose issue link type in REST API +merge_request: 21375 +author: +type: added diff --git a/changelogs/unreleased/omniauth-redirect-loop.yml b/changelogs/unreleased/omniauth-redirect-loop.yml new file mode 100644 index 00000000000..793245f59d9 --- /dev/null +++ b/changelogs/unreleased/omniauth-redirect-loop.yml @@ -0,0 +1,5 @@ +--- +title: "Prevent omniauth signup redirect loop" +merge_request: 22432 +author: Balazs Nagy +type: fixed diff --git a/changelogs/unreleased/update-set-value-to-2-0-1.yml b/changelogs/unreleased/update-set-value-to-2-0-1.yml new file mode 100644 index 00000000000..a4d64da276c --- /dev/null +++ b/changelogs/unreleased/update-set-value-to-2-0-1.yml @@ -0,0 +1,5 @@ +--- +title: Update set-value from 2.0.0 to 2.0.1 +merge_request: 22366 +author: Takuya Noguchi +type: security diff --git a/doc/administration/logs.md b/doc/administration/logs.md index 81a8f537e08..74ba2123c6e 100644 --- a/doc/administration/logs.md +++ b/doc/administration/logs.md @@ -249,7 +249,7 @@ Instead of the format above, you can opt to generate JSON logs for Sidekiq. For example: ```json -{"severity":"INFO","time":"2018-04-03T22:57:22.071Z","queue":"cronjob:update_all_mirrors","args":[],"class":"UpdateAllMirrorsWorker","retry":false,"queue_namespace":"cronjob","jid":"06aeaa3b0aadacf9981f368e","created_at":"2018-04-03T22:57:21.930Z","enqueued_at":"2018-04-03T22:57:21.931Z","pid":10077,"message":"UpdateAllMirrorsWorker JID-06aeaa3b0aadacf9981f368e: done: 0.139 sec","job_status":"done","duration":0.139,"completed_at":"2018-04-03T22:57:22.071Z"} +{"severity":"INFO","time":"2018-04-03T22:57:22.071Z","queue":"cronjob:update_all_mirrors","args":[],"class":"UpdateAllMirrorsWorker","retry":false,"queue_namespace":"cronjob","jid":"06aeaa3b0aadacf9981f368e","created_at":"2018-04-03T22:57:21.930Z","enqueued_at":"2018-04-03T22:57:21.931Z","pid":10077,"message":"UpdateAllMirrorsWorker JID-06aeaa3b0aadacf9981f368e: done: 0.139 sec","job_status":"done","duration":0.139,"completed_at":"2018-04-03T22:57:22.071Z","db_duration":0.05,"db_duration_s":0.0005,"gitaly_duration":0,"gitaly_calls":0} ``` For Omnibus GitLab installations, add the configuration option: diff --git a/doc/administration/troubleshooting/debug.md b/doc/administration/troubleshooting/debug.md index 3007b711405..b754b954391 100644 --- a/doc/administration/troubleshooting/debug.md +++ b/doc/administration/troubleshooting/debug.md @@ -196,7 +196,7 @@ is a Unicorn worker that is spinning via `top`. Try to use the `gdb` techniques above. In addition, using `strace` may help isolate issues: ```shell -strace -tt -T -f -s 1024 -p <PID of unicorn worker> -o /tmp/unicorn.txt +strace -ttTfyyy -s 1024 -p <PID of unicorn worker> -o /tmp/unicorn.txt ``` If you cannot isolate which Unicorn worker is the issue, try to run `strace` @@ -204,7 +204,7 @@ on all the Unicorn workers to see where the `/internal/allowed` endpoint gets stuck: ```shell -ps auwx | grep unicorn | awk '{ print " -p " $2}' | xargs strace -tt -T -f -s 1024 -o /tmp/unicorn.txt +ps auwx | grep unicorn | awk '{ print " -p " $2}' | xargs strace -ttTfyyy -s 1024 -o /tmp/unicorn.txt ``` The output in `/tmp/unicorn.txt` may help diagnose the root cause. diff --git a/doc/api/issue_links.md b/doc/api/issue_links.md index 9351b3e4dd5..7c7901d5551 100644 --- a/doc/api/issue_links.md +++ b/doc/api/issue_links.md @@ -48,6 +48,7 @@ Parameters: "web_url": "http://example.com/example/example/issues/14", "confidential": false, "weight": null, + "link_type": "relates_to" } ] ``` @@ -66,6 +67,7 @@ POST /projects/:id/issues/:issue_iid/links | `issue_iid` | integer | yes | The internal ID of a project's issue | | `target_project_id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) of a target project | | `target_issue_iid` | integer/string | yes | The internal ID of a target project's issue | +| `link_type` | string | no | The type of the relation ("relates_to", "blocks", "is_blocked_by"), defaults to "relates_to"). Ignored unless `issue_link_types` feature flag is enabled. | ```bash curl --request POST --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/4/issues/1/links?target_project_id=5&target_issue_iid=1" @@ -134,7 +136,8 @@ Example response: "web_url": "http://example.com/example/example/issues/14", "confidential": false, "weight": null, - } + }, + "link_type": "relates_to" } ``` @@ -151,6 +154,7 @@ DELETE /projects/:id/issues/:issue_iid/links/:issue_link_id | `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | | `issue_iid` | integer | yes | The internal ID of a project's issue | | `issue_link_id` | integer/string | yes | The ID of an issue relationship | +| `link_type` | string | no | The type of the relation ('relates_to', 'blocks', 'is_blocked_by'), defaults to 'relates_to' | ```json { @@ -213,6 +217,7 @@ DELETE /projects/:id/issues/:issue_iid/links/:issue_link_id "web_url": "http://example.com/example/example/issues/14", "confidential": false, "weight": null, - } + }, + "link_type": "relates_to" } ``` diff --git a/lib/gitlab/sidekiq_logging/structured_logger.rb b/lib/gitlab/sidekiq_logging/structured_logger.rb index bcc2e77714d..2baa16abe27 100644 --- a/lib/gitlab/sidekiq_logging/structured_logger.rb +++ b/lib/gitlab/sidekiq_logging/structured_logger.rb @@ -1,5 +1,8 @@ # frozen_string_literal: true +require 'active_record' +require 'active_record/log_subscriber' + module Gitlab module SidekiqLogging class StructuredLogger @@ -10,6 +13,7 @@ module Gitlab def call(job, queue) started_time = get_time base_payload = parse_job(job) + ActiveRecord::LogSubscriber.reset_runtime Sidekiq.logger.info log_job_start(base_payload) @@ -63,6 +67,9 @@ module Gitlab convert_to_iso8601(payload, DONE_TIMESTAMP_FIELDS) + payload['db_duration'] = ActiveRecord::LogSubscriber.runtime + payload['db_duration_s'] = payload['db_duration'] / 1000 + payload end diff --git a/spec/controllers/omniauth_callbacks_controller_spec.rb b/spec/controllers/omniauth_callbacks_controller_spec.rb index 6c5f36804e8..8b92976252c 100644 --- a/spec/controllers/omniauth_callbacks_controller_spec.rb +++ b/spec/controllers/omniauth_callbacks_controller_spec.rb @@ -287,6 +287,34 @@ describe OmniauthCallbacksController, type: :controller, do_not_mock_admin_mode: request.env['omniauth.auth'] = Rails.application.env_config['omniauth.auth'] end + context 'sign up' do + before do + user.destroy + end + + it 'denies login if sign up is enabled, but block_auto_created_users is set' do + post :saml, params: { SAMLResponse: mock_saml_response } + + expect(flash[:alert]).to start_with 'Your account has been blocked.' + end + + it 'accepts login if sign up is enabled' do + stub_omniauth_setting(block_auto_created_users: false) + + post :saml, params: { SAMLResponse: mock_saml_response } + + expect(request.env['warden']).to be_authenticated + end + + it 'denies login if sign up is not enabled' do + stub_omniauth_setting(allow_single_sign_on: false, block_auto_created_users: false) + + post :saml, params: { SAMLResponse: mock_saml_response } + + expect(flash[:alert]).to start_with 'Signing in using your saml account without a pre-existing GitLab account is not allowed.' + end + end + context 'with GitLab initiated request' do before do post :saml, params: { SAMLResponse: mock_saml_response } diff --git a/spec/frontend/diffs/components/settings_dropdown_spec.js b/spec/frontend/diffs/components/settings_dropdown_spec.js index c360f5584ca..6aed445ad71 100644 --- a/spec/frontend/diffs/components/settings_dropdown_spec.js +++ b/spec/frontend/diffs/components/settings_dropdown_spec.js @@ -25,7 +25,7 @@ describe('Diff settiings dropdown component', () => { extendStore(store); - vm = mount(localVue.extend(SettingsDropdown), { + vm = mount(SettingsDropdown, { localVue, store, sync: false, diff --git a/spec/frontend/frequent_items/components/frequent_items_search_input_spec.js b/spec/frontend/frequent_items/components/frequent_items_search_input_spec.js index e5f1ab21c7f..b708fd4cf68 100644 --- a/spec/frontend/frequent_items/components/frequent_items_search_input_spec.js +++ b/spec/frontend/frequent_items/components/frequent_items_search_input_spec.js @@ -1,13 +1,10 @@ -import { shallowMount, createLocalVue } from '@vue/test-utils'; +import { shallowMount } from '@vue/test-utils'; import searchComponent from '~/frequent_items/components/frequent_items_search_input.vue'; import eventHub from '~/frequent_items/event_hub'; -const localVue = createLocalVue(); - const createComponent = (namespace = 'projects') => - shallowMount(localVue.extend(searchComponent), { + shallowMount(searchComponent, { propsData: { namespace }, - localVue, sync: false, }); @@ -42,7 +39,7 @@ describe('FrequentItemsSearchInputComponent', () => { jest.spyOn(eventHub, '$on').mockImplementation(() => {}); const vmX = createComponent().vm; - localVue.nextTick(() => { + vmX.$nextTick(() => { expect(eventHub.$on).toHaveBeenCalledWith( `${vmX.namespace}-dropdownOpen`, expect.any(Function), @@ -60,7 +57,7 @@ describe('FrequentItemsSearchInputComponent', () => { vmX.$mount(); vmX.$destroy(); - localVue.nextTick(() => { + vmX.$nextTick(() => { expect(eventHub.$off).toHaveBeenCalledWith( `${vmX.namespace}-dropdownOpen`, expect.any(Function), diff --git a/spec/lib/gitlab/sidekiq_logging/structured_logger_spec.rb b/spec/lib/gitlab/sidekiq_logging/structured_logger_spec.rb index 772b0168a2a..20adfe7091c 100644 --- a/spec/lib/gitlab/sidekiq_logging/structured_logger_spec.rb +++ b/spec/lib/gitlab/sidekiq_logging/structured_logger_spec.rb @@ -1,6 +1,6 @@ # frozen_string_literal: true -require 'fast_spec_helper' +require 'spec_helper' describe Gitlab::SidekiqLogging::StructuredLogger do describe '#call' do @@ -40,8 +40,10 @@ describe Gitlab::SidekiqLogging::StructuredLogger do 'message' => 'TestWorker JID-da883554ee4fe414012f5f42: done: 0.0 sec', 'job_status' => 'done', 'duration' => 0.0, - "completed_at" => timestamp.iso8601(3), - "cpu_s" => 1.111112 + 'completed_at' => timestamp.iso8601(3), + 'cpu_s' => 1.111112, + 'db_duration' => 0, + 'db_duration_s' => 0 ) end let(:exception_payload) do @@ -183,6 +185,43 @@ describe Gitlab::SidekiqLogging::StructuredLogger do end end end + + context 'when the job performs database queries' do + before do + allow(Time).to receive(:now).and_return(timestamp) + allow(Process).to receive(:clock_gettime).and_call_original + end + + let(:expected_start_payload) { start_payload.except('args') } + + let(:expected_end_payload) do + end_payload.except('args').merge('cpu_s' => a_value > 0) + end + + let(:expected_end_payload_with_db) do + expected_end_payload.merge( + 'db_duration' => a_value >= 100, + 'db_duration_s' => a_value >= 0.1 + ) + end + + it 'logs the database time' do + expect(logger).to receive(:info).with(expected_start_payload).ordered + expect(logger).to receive(:info).with(expected_end_payload_with_db).ordered + + subject.call(job, 'test_queue') { ActiveRecord::Base.connection.execute('SELECT pg_sleep(0.1);') } + end + + it 'prevents database time from leaking to the next job' do + expect(logger).to receive(:info).with(expected_start_payload).ordered + expect(logger).to receive(:info).with(expected_end_payload_with_db).ordered + expect(logger).to receive(:info).with(expected_start_payload).ordered + expect(logger).to receive(:info).with(expected_end_payload).ordered + + subject.call(job, 'test_queue') { ActiveRecord::Base.connection.execute('SELECT pg_sleep(0.1);') } + subject.call(job, 'test_queue') { } + end + end end describe '#add_time_keys!' do diff --git a/yarn.lock b/yarn.lock index decb9e3e5d6..27a5b97a3d8 100644 --- a/yarn.lock +++ b/yarn.lock @@ -6118,7 +6118,7 @@ is-plain-obj@^1.1.0: resolved "https://registry.yarnpkg.com/is-plain-obj/-/is-plain-obj-1.1.0.tgz#71a50c8429dfca773c92a390a4a03b39fcd51d3e" integrity sha1-caUMhCnfync8kqOQpKA7OfzVHT4= -is-plain-object@^2.0.1, is-plain-object@^2.0.3, is-plain-object@^2.0.4: +is-plain-object@^2.0.3, is-plain-object@^2.0.4: version "2.0.4" resolved "https://registry.yarnpkg.com/is-plain-object/-/is-plain-object-2.0.4.tgz#2c163b3fafb1b606d9d17928f05c2a1c38e07677" integrity sha512-h5PpgXkWitc38BBMYawTYMWJHFZJVnBquFE57xFpjB8pJFiF6gZ+bU+WyI/yqXiFR5mdLsgYNaPe8uao6Uv9Og== @@ -10076,20 +10076,10 @@ set-blocking@^2.0.0, set-blocking@~2.0.0: resolved "https://registry.yarnpkg.com/set-blocking/-/set-blocking-2.0.0.tgz#045f9782d011ae9a6803ddd382b24392b3d890f7" integrity sha1-BF+XgtARrppoA93TgrJDkrPYkPc= -set-value@^0.4.3: - version "0.4.3" - resolved "https://registry.yarnpkg.com/set-value/-/set-value-0.4.3.tgz#7db08f9d3d22dc7f78e53af3c3bf4666ecdfccf1" - integrity sha1-fbCPnT0i3H945Trzw79GZuzfzPE= - dependencies: - extend-shallow "^2.0.1" - is-extendable "^0.1.1" - is-plain-object "^2.0.1" - to-object-path "^0.3.0" - -set-value@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/set-value/-/set-value-2.0.0.tgz#71ae4a88f0feefbbf52d1ea604f3fb315ebb6274" - integrity sha512-hw0yxk9GT/Hr5yJEYnHNKYXkIA8mVJgd9ditYZCe16ZczcaELYYcfvaXesNACk2O8O0nTiPQcQhGUQj8JLzeeg== +set-value@^2.0.0, set-value@^2.0.1: + version "2.0.1" + resolved "https://registry.yarnpkg.com/set-value/-/set-value-2.0.1.tgz#a18d40530e6f07de4228c7defe4227af8cad005b" + integrity sha512-JxHc1weCN68wRY0fhCoXpyK55m/XPHafOmK4UWD7m2CI14GMcFypt4w/0+NV5f/ZMby2F6S2wwA7fgynh9gWSw== dependencies: extend-shallow "^2.0.1" is-extendable "^0.1.1" @@ -11349,14 +11339,14 @@ unified@^7.0.0: x-is-string "^0.1.0" union-value@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/union-value/-/union-value-1.0.0.tgz#5c71c34cb5bad5dcebe3ea0cd08207ba5aa1aea4" - integrity sha1-XHHDTLW61dzr4+oM0IIHulqhrqQ= + version "1.0.1" + resolved "https://registry.yarnpkg.com/union-value/-/union-value-1.0.1.tgz#0b6fe7b835aecda61c6ea4d4f02c14221e109847" + integrity sha512-tJfXmxMeWYnczCVs7XAEvIV7ieppALdyepWMkHkwciRpZraG/xwT+s2JN8+pr1+8jCRf80FFzvr+MpQeeoF4Xg== dependencies: arr-union "^3.1.0" get-value "^2.0.6" is-extendable "^0.1.1" - set-value "^0.4.3" + set-value "^2.0.1" uniq@^1.0.1: version "1.0.1" |