diff options
| -rw-r--r-- | CHANGELOG | 4 | ||||
| -rw-r--r-- | CONTRIBUTING.md | 3 | ||||
| -rw-r--r-- | Gemfile | 4 | ||||
| -rw-r--r-- | Gemfile.lock | 2 | ||||
| -rw-r--r-- | app/controllers/projects/compare_controller.rb | 3 | ||||
| -rw-r--r-- | app/controllers/uploads_controller.rb | 10 | ||||
| -rw-r--r-- | app/helpers/application_helper.rb | 2 | ||||
| -rw-r--r-- | app/helpers/compare_helper.rb | 25 | ||||
| -rw-r--r-- | app/models/user.rb | 2 | ||||
| -rw-r--r-- | app/views/events/event/_push.html.haml | 14 | ||||
| -rw-r--r-- | app/views/projects/branches/_branch.html.haml | 11 | ||||
| -rw-r--r-- | app/views/projects/commits/_head.html.haml | 2 | ||||
| -rw-r--r-- | app/views/projects/commits/show.html.haml | 16 | ||||
| -rw-r--r-- | app/views/projects/compare/_form.html.haml | 7 | ||||
| -rw-r--r-- | doc/development/README.md | 3 | ||||
| -rw-r--r-- | doc/development/migration_style_guide.md | 42 | ||||
| -rw-r--r-- | doc/install/installation.md | 14 | ||||
| -rw-r--r-- | features/project/deploy_keys.feature | 7 | ||||
| -rw-r--r-- | features/steps/project/commits/commits.rb | 2 | ||||
| -rw-r--r-- | features/steps/project/deploy_keys.rb | 14 | ||||
| -rw-r--r-- | lib/tasks/brakeman.rake | 2 |
21 files changed, 139 insertions, 50 deletions
diff --git a/CHANGELOG b/CHANGELOG index b48ef6ea50d..6c544fc9398 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -1,7 +1,10 @@ Please view this file on the master branch, on stable branches it's out of date. v 7.11.0 (unreleased) + - Don't show duplicate deploy keys + - Fix commit time being displayed in the wrong timezone in some cases (Hannes Rosenögger) - Make the first branch pushed to an empty repository the default HEAD (Stan Hu) + - Fix broken view when using a tag to display a tree that contains git submodules (Stan Hu) - Make Reply-To config apply to change e-mail confirmation and other Devise notifications (Stan Hu) - Add application setting to restrict user signups to e-mail domains (Stan Hu) - Don't allow a merge request to be merged when its title starts with "WIP". @@ -49,6 +52,7 @@ v 7.11.0 (unreleased) - Add footnotes support to Markdown (Guillaume Delbergue) - Add current_sign_in_at to UserFull REST api. - Make Sidekiq MemoryKiller shutdown signal configurable + - Add "Create Merge Request" buttons to commits and branches pages and push event. v 7.10.2 - Fix CI links on MR page diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 3165b7379d3..895202b58e2 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -63,7 +63,7 @@ Merge requests can be filed either at [gitlab.com](https://gitlab.com/gitlab-org If you are new to GitLab development (or web development in general), search for the label `easyfix` ([gitlab.com](https://gitlab.com/gitlab-org/gitlab-ce/issues?label_name=easyfix), [github](https://github.com/gitlabhq/gitlabhq/labels/easyfix)). Those are issues easy to fix, marked by the GitLab core-team. If you are unsure how to proceed but want to help, mention one of the core-team members to give you a hint. -To start with GitLab download the [GitLab Development Kit](https://gitlab.com/gitlab-org/gitlab-development-kit) and see [Development section](doc/development/README.md) in the help file. +To start with GitLab download the [GitLab Development Kit](https://gitlab.com/gitlab-org/gitlab-development-kit) and see [Development section](doc/development/README.md) in the help file. ### Merge request guidelines @@ -161,6 +161,7 @@ If you add a dependency in GitLab (such as an operating system package) please c 1. [Shell commands](doc/development/shell_commands.md) created by GitLab contributors to enhance security 1. [Markdown](http://www.cirosantilli.com/markdown-styleguide) 1. Interface text should be written subjectively instead of objectively. It should be the gitlab core team addressing a person. It should be written in present time and never use past tense (has been/was). For example instead of "prohibited this user from being saved due to the following errors:" the text should be "sorry, we could not create your account because:". Also these [excellent writing guidelines](https://github.com/NARKOZ/guides#writing). +1. [Migrations](doc/development/migration_style_guide.md) This is also the style used by linting tools such as [RuboCop](https://github.com/bbatsov/rubocop), [PullReview](https://www.pullreview.com/) and [Hound CI](https://houndci.com). @@ -28,7 +28,7 @@ gem 'omniauth-google-oauth2' gem 'omniauth-twitter' gem 'omniauth-github' gem 'omniauth-shibboleth' -gem 'omniauth-kerberos' +gem 'omniauth-kerberos', group: :kerberos gem 'omniauth-gitlab' gem 'omniauth-bitbucket' gem 'doorkeeper', '2.1.3' @@ -44,7 +44,7 @@ gem "browser" # Extracting information from a git repository # Provide access to Gitlab::Git library -gem "gitlab_git", '~> 7.1.10' +gem "gitlab_git", '~> 7.1.11' # Ruby/Rack Git Smart-HTTP Server Handler gem 'gitlab-grack', '~> 2.0.2', require: 'grack' diff --git a/Gemfile.lock b/Gemfile.lock index 0ea8021815d..14b9a6848ab 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -225,7 +225,7 @@ GEM mime-types (~> 1.19) gitlab_emoji (0.1.0) gemojione (~> 2.0) - gitlab_git (7.1.10) + gitlab_git (7.1.11) activesupport (~> 4.0) charlock_holmes (~> 0.6) gitlab-linguist (~> 3.0) diff --git a/app/controllers/projects/compare_controller.rb b/app/controllers/projects/compare_controller.rb index 7c20b81c0b1..c5f085c236f 100644 --- a/app/controllers/projects/compare_controller.rb +++ b/app/controllers/projects/compare_controller.rb @@ -6,11 +6,12 @@ class Projects::CompareController < Projects::ApplicationController before_action :authorize_download_code! def index + @ref = Addressable::URI.unescape(params[:to]) end def show base_ref = Addressable::URI.unescape(params[:from]) - head_ref = Addressable::URI.unescape(params[:to]) + @ref = head_ref = Addressable::URI.unescape(params[:to]) compare_result = CompareService.new.execute( current_user, diff --git a/app/controllers/uploads_controller.rb b/app/controllers/uploads_controller.rb index 17edff68be2..28536e359e5 100644 --- a/app/controllers/uploads_controller.rb +++ b/app/controllers/uploads_controller.rb @@ -52,13 +52,13 @@ class UploadsController < ApplicationController def upload_model upload_models = { - user: User, - project: Project, - note: Note, - group: Group + "user" => User, + "project" => Project, + "note" => Note, + "group" => Group } - upload_models[params[:model].to_sym] + upload_models[params[:model]] end def upload_mount diff --git a/app/helpers/application_helper.rb b/app/helpers/application_helper.rb index 6e86400a4f6..672be54e66f 100644 --- a/app/helpers/application_helper.rb +++ b/app/helpers/application_helper.rb @@ -214,7 +214,7 @@ module ApplicationHelper def time_ago_with_tooltip(date, placement = 'top', html_class = 'time_ago') capture_haml do haml_tag :time, date.to_s, - class: html_class, datetime: date.getutc.iso8601, title: date.stamp('Aug 21, 2011 9:23pm'), + class: html_class, datetime: date.getutc.iso8601, title: date.in_time_zone.stamp('Aug 21, 2011 9:23pm'), data: { toggle: 'tooltip', placement: placement } haml_tag :script, "$('." + html_class + "').timeago().tooltip()" diff --git a/app/helpers/compare_helper.rb b/app/helpers/compare_helper.rb index 01847c6b807..f1dc906cab4 100644 --- a/app/helpers/compare_helper.rb +++ b/app/helpers/compare_helper.rb @@ -1,21 +1,20 @@ module CompareHelper - def compare_to_mr_button? - @project.merge_requests_enabled && - params[:from].present? && - params[:to].present? && - @repository.branch_names.include?(params[:from]) && - @repository.branch_names.include?(params[:to]) && - params[:from] != params[:to] && - !@refs_are_same + def create_mr_button?(from = params[:from], to = params[:to], project = @project) + from.present? && + to.present? && + from != to && + project.merge_requests_enabled && + project.repository.branch_names.include?(from) && + project.repository.branch_names.include?(to) end - def compare_mr_path + def create_mr_path(from = params[:from], to = params[:to], project = @project) new_namespace_project_merge_request_path( - @project.namespace, - @project, + project.namespace, + project, merge_request: { - source_branch: params[:to], - target_branch: params[:from] + source_branch: to, + target_branch: from } ) end diff --git a/app/models/user.rb b/app/models/user.rb index aeab503297c..d088d2d8630 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -449,7 +449,7 @@ class User < ActiveRecord::Base end def project_deploy_keys - DeployKey.in_projects(self.authorized_projects.pluck(:id)) + DeployKey.unscoped.in_projects(self.authorized_projects.pluck(:id)).distinct(:id) end def accessible_deploy_keys diff --git a/app/views/events/event/_push.html.haml b/app/views/events/event/_push.html.haml index 60d7978b13f..1da702be384 100644 --- a/app/views/events/event/_push.html.haml +++ b/app/views/events/event/_push.html.haml @@ -17,15 +17,27 @@ - few_commits.each do |commit| = render "events/commit", commit: commit, project: project + - create_mr = current_user == event.author && event.new_ref? && create_mr_button?(event.project.default_branch, event.ref_name, event.project) - if event.commits_count > 1 %li.commits-stat - if event.commits_count > 2 %span ... and #{event.commits_count - 2} more commits. + - if event.md_ref? - from = event.commit_from - from_label = truncate_sha(from) - else - from = event.project.default_branch - from_label = from + = link_to namespace_project_compare_path(event.project.namespace, event.project, from: from, to: event.commit_to) do - %strong Compare → #{from_label}...#{truncate_sha(event.commit_to)} + Compare #{from_label}...#{truncate_sha(event.commit_to)} + + - if create_mr + or + = link_to create_mr_path(event.project.default_branch, event.ref_name, event.project) do + create a merge request + - elsif create_mr + %li.commits-stat + = link_to create_mr_path(event.project.default_branch, event.ref_name, event.project) do + Create Merge Request diff --git a/app/views/projects/branches/_branch.html.haml b/app/views/projects/branches/_branch.html.haml index 4e7415be4aa..43412624da6 100644 --- a/app/views/projects/branches/_branch.html.haml +++ b/app/views/projects/branches/_branch.html.haml @@ -10,16 +10,19 @@ %i.fa.fa-lock protected .pull-right - - if can?(current_user, :download_code, @project) - = render 'projects/repositories/download_archive', ref: branch.name, btn_class: 'btn-grouped btn-group-xs' + - if create_mr_button?(@repository.root_ref, branch.name) + = link_to create_mr_path(@repository.root_ref, branch.name), class: 'btn btn-grouped btn-xs' do + = icon('plus') + Merge Request + - if branch.name != @repository.root_ref = link_to namespace_project_compare_index_path(@project.namespace, @project, from: @repository.root_ref, to: branch.name), class: 'btn btn-grouped btn-xs', method: :post, title: "Compare" do - %i.fa.fa-files-o + = icon("exchange") Compare - if can_remove_branch?(@project, branch.name) = link_to namespace_project_branch_path(@project.namespace, @project, branch.name), class: 'btn btn-grouped btn-xs btn-remove remove-row', method: :delete, data: { confirm: 'Removed branch cannot be restored. Are you sure?'}, remote: true do - %i.fa.fa-trash-o + = icon("trash-o") - if commit %ul.list-unstyled diff --git a/app/views/projects/commits/_head.html.haml b/app/views/projects/commits/_head.html.haml index a714f5f79e0..66101f3f0da 100644 --- a/app/views/projects/commits/_head.html.haml +++ b/app/views/projects/commits/_head.html.haml @@ -1,6 +1,6 @@ %ul.nav.nav-tabs = nav_link(controller: [:commit, :commits]) do - = link_to namespace_project_commits_path(@project.namespace, @project, @repository.root_ref) do + = link_to namespace_project_commits_path(@project.namespace, @project, @ref || @repository.root_ref) do Commits %span.badge= number_with_precision(@repository.commit_count, precision: 0, delimiter: ',') = nav_link(controller: :compare) do diff --git a/app/views/projects/commits/show.html.haml b/app/views/projects/commits/show.html.haml index c8531b090a6..9682100a54c 100644 --- a/app/views/projects/commits/show.html.haml +++ b/app/views/projects/commits/show.html.haml @@ -8,11 +8,17 @@ .tree-ref-holder = render 'shared/ref_switcher', destination: 'commits' -- if current_user && current_user.private_token - .commits-feed-holder.hidden-xs.hidden-sm - = link_to namespace_project_commits_path(@project.namespace, @project, @ref, {format: :atom, private_token: current_user.private_token}), title: "Feed", class: 'btn' do - %i.fa.fa-rss - Commits feed +.commits-feed-holder.hidden-xs.hidden-sm + - if create_mr_button?(@repository.root_ref, @ref) + = link_to create_mr_path(@repository.root_ref, @ref), class: 'btn btn-success' do + = icon('plus') + Create Merge Request + + - if current_user && current_user.private_token + = link_to namespace_project_commits_path(@project.namespace, @project, @ref, {format: :atom, private_token: current_user.private_token}), title: "Feed", class: 'prepend-left-10 btn' do + = icon("rss") + Commits Feed + %ul.breadcrumb.repo-breadcrumb = commits_breadcrumbs diff --git a/app/views/projects/compare/_form.html.haml b/app/views/projects/compare/_form.html.haml index dfb1dded9ea..a0e904cfd8b 100644 --- a/app/views/projects/compare/_form.html.haml +++ b/app/views/projects/compare/_form.html.haml @@ -13,9 +13,10 @@ = text_field_tag :to, params[:to], class: "form-control" = button_tag "Compare", class: "btn btn-create commits-compare-btn" - - if compare_to_mr_button? - = link_to compare_mr_path, class: 'prepend-left-10 btn' do - %strong Make a merge request + - if create_mr_button? + = link_to create_mr_path, class: 'prepend-left-10 btn' do + = icon("plus") + Create Merge Request :javascript diff --git a/doc/development/README.md b/doc/development/README.md index d5d264be19d..16df0b40c47 100644 --- a/doc/development/README.md +++ b/doc/development/README.md @@ -1,4 +1,4 @@ -# Development +# Development - [Architecture](architecture.md) of GitLab - [Shell commands](shell_commands.md) in the GitLab codebase @@ -6,3 +6,4 @@ - [CI setup](ci_setup.md) for testing GitLab - [Sidekiq debugging](sidekiq_debugging.md) - [UI guide](ui_guide.md) for building GitLab with existing css styles and elements +- [Migration Style Guide](migration_style_guide.md) for creating safe migrations diff --git a/doc/development/migration_style_guide.md b/doc/development/migration_style_guide.md new file mode 100644 index 00000000000..a102d7987de --- /dev/null +++ b/doc/development/migration_style_guide.md @@ -0,0 +1,42 @@ +# Migration Style Guide + +When writing migrations for GitLab, you have to take into account that +these will be ran by hundreds of thousands of organizations of all sizes, some with +many years of data in their database. + +In addition, having to take a server offline for a an upgrade small or big is +a big burden for most organizations. For this reason it is important that your +migrations are written carefully, can be applied online and adhere to the style guide below. + +When writing your migrations, also consider that databases might have stale data +or inconsistencies and guard for that. Try to make as little assumptions as possible +about the state of the database. + +Please don't depend on GitLab specific code since it can change in future versions. +If needed copy-paste GitLab code into the migration to make make it forward compatible. + +## Comments in the migration + +Each migration you write needs to have the two following pieces of information +as comments. + +### Online, Offline, errors? + +First, you need to provide information on whether the migration can be applied: + +1. online without errors (works on previous version and new one) +2. online with errors on old instances after migrating +3. online with errors on new instances while migrating +4. offline (needs to happen without app servers to prevent db corruption) + +It is always preferable to have a migration run online. If you expect the migration +to take particularly long (for instance, if it loops through all notes), +this is valuable information to add. + +### Reversibility + +Your migration should be reversible. This is very important, as it should +be possible to downgrade in case of a vulnerability or bugs. + +In your migration, add a comment describing how the reversibility of the +migration was tested.
\ No newline at end of file diff --git a/doc/install/installation.md b/doc/install/installation.md index ca25eaea799..e777f6bbb47 100644 --- a/doc/install/installation.md +++ b/doc/install/installation.md @@ -62,7 +62,13 @@ up-to-date and install it. Install the required packages (needed to compile Ruby and native extensions to Ruby gems): - sudo apt-get install -y build-essential zlib1g-dev libyaml-dev libssl-dev libgdbm-dev libreadline-dev libncurses5-dev libffi-dev curl openssh-server redis-server checkinstall libxml2-dev libxslt-dev libcurl4-openssl-dev libicu-dev logrotate python-docutils pkg-config cmake libkrb5-dev nodejs + sudo apt-get install -y build-essential zlib1g-dev libyaml-dev libssl-dev libgdbm-dev libreadline-dev libncurses5-dev libffi-dev curl openssh-server redis-server checkinstall libxml2-dev libxslt-dev libcurl4-openssl-dev libicu-dev logrotate python-docutils pkg-config cmake nodejs + +If you want to use Kerberos for user authentication, then install libkrb5-dev: + + sudo apt-get install libkrb5-dev + +**Note:** If you don't know what Kerberos is, then you certainly don't need it. Make sure you have the right version of Git installed @@ -276,10 +282,12 @@ We recommend using a PostgreSQL database. For MySQL check [MySQL setup guide](da **Note:** As of bundler 1.5.2, you can invoke `bundle install -jN` (where `N` the number of your processor cores) and enjoy the parallel gems installation with measurable difference in completion time (~60% faster). Check the number of your cores with `nproc`. For more information check this [post](http://robots.thoughtbot.com/parallel-gem-installing-using-bundler). First make sure you have bundler >= 1.5.2 (run `bundle -v`) as it addresses some [issues](https://devcenter.heroku.com/changelog-items/411) that were [fixed](https://github.com/bundler/bundler/pull/2817) in 1.5.2. # For PostgreSQL (note, the option says "without ... mysql") - sudo -u git -H bundle install --deployment --without development test mysql aws + sudo -u git -H bundle install --deployment --without development test mysql aws kerberos # Or if you use MySQL (note, the option says "without ... postgres") - sudo -u git -H bundle install --deployment --without development test postgres aws + sudo -u git -H bundle install --deployment --without development test postgres aws kerberos + +**Note:** If you want to use Kerberos for user authentication, then omit `kerberos` in the `--without` option above. ### Install GitLab Shell diff --git a/features/project/deploy_keys.feature b/features/project/deploy_keys.feature index a71f6124d9c..47cf774094f 100644 --- a/features/project/deploy_keys.feature +++ b/features/project/deploy_keys.feature @@ -9,9 +9,10 @@ Feature: Project Deploy Keys Then I should see project deploy key Scenario: I should see project deploy keys - Given other project has deploy key + Given other projects have deploy keys When I visit project deploy keys page - Then I should see other project deploy key + Then I should see other project deploy key + And I should only see the same deploy key once Scenario: I should see public deploy keys Given public deploy key exists @@ -26,7 +27,7 @@ Feature: Project Deploy Keys And I should see newly created deploy key Scenario: I attach other project deploy key to project - Given other project has deploy key + Given other projects have deploy keys And I visit project deploy keys page When I click attach deploy key Then I should be on deploy keys page diff --git a/features/steps/project/commits/commits.rb b/features/steps/project/commits/commits.rb index 30b1934b363..c888e82e207 100644 --- a/features/steps/project/commits/commits.rb +++ b/features/steps/project/commits/commits.rb @@ -12,7 +12,7 @@ class Spinach::Features::ProjectCommits < Spinach::FeatureSteps end step 'I click atom feed link' do - click_link "Feed" + click_link "Commits Feed" end step 'I see commits atom feed' do diff --git a/features/steps/project/deploy_keys.rb b/features/steps/project/deploy_keys.rb index 50e14513a7a..81d1182cd1b 100644 --- a/features/steps/project/deploy_keys.rb +++ b/features/steps/project/deploy_keys.rb @@ -45,10 +45,20 @@ class Spinach::Features::ProjectDeployKeys < Spinach::FeatureSteps end end - step 'other project has deploy key' do - @second_project = create :project, namespace: create(:group) + step 'other projects have deploy keys' do + @second_project = create(:project, namespace: create(:group)) @second_project.team << [current_user, :master] create(:deploy_keys_project, project: @second_project) + + @third_project = create(:project, namespace: create(:group)) + @third_project.team << [current_user, :master] + create(:deploy_keys_project, project: @third_project, deploy_key: @second_project.deploy_keys.first) + end + + step 'I should only see the same deploy key once' do + within '.available-keys' do + page.should have_selector('ul li', count: 1) + end end step 'public deploy key exists' do diff --git a/lib/tasks/brakeman.rake b/lib/tasks/brakeman.rake index 3a225801ff2..52a9b017e79 100644 --- a/lib/tasks/brakeman.rake +++ b/lib/tasks/brakeman.rake @@ -1,6 +1,6 @@ desc 'Security check via brakeman' task :brakeman do - if system("brakeman --skip-files lib/backup/repository.rb -w3 -z") + if system(*%W(brakeman --skip-files lib/backup/repository.rb -w3 -z)) puts 'Security check succeed' else puts 'Security check failed' |