diff options
13 files changed, 110 insertions, 22 deletions
diff --git a/app/models/concerns/ci/contextable.rb b/app/models/concerns/ci/contextable.rb index 91dda803031..49d6f3d399c 100644 --- a/app/models/concerns/ci/contextable.rb +++ b/app/models/concerns/ci/contextable.rb @@ -78,6 +78,7 @@ module Ci variables.append(key: "CI_JOB_MANUAL", value: 'true') if action? variables.append(key: "CI_NODE_INDEX", value: self.options[:instance].to_s) if self.options&.include?(:instance) variables.append(key: "CI_NODE_TOTAL", value: (self.options&.dig(:parallel) || 1).to_s) + variables.append(key: "CI_DEFAULT_BRANCH", value: project.default_branch) variables.concat(legacy_variables) end end diff --git a/doc/administration/geo/replication/location_aware_git_url.md b/doc/administration/geo/replication/location_aware_git_url.md index bb47031a544..6183a0ad119 100644 --- a/doc/administration/geo/replication/location_aware_git_url.md +++ b/doc/administration/geo/replication/location_aware_git_url.md @@ -95,12 +95,12 @@ on the external URL of the current host. For example:  -You can customize the SSH remote URL to use the location-aware -`git.example.com`. To do so, change the SSH remote URL's host by setting -`gitlab_rails['gitlab_ssh_host']` in `gitlab.rb` of web nodes. +You can customize the: -You can customize the HTTP remote URL as shown in -[Custom Git clone URL for HTTP(S)](../../../user/admin_area/settings/visibility_and_access_controls.md#custom-git-clone-url-for-https). +- SSH remote URL to use the location-aware `git.example.com`. To do so, change the SSH remote URL's + host by setting `gitlab_rails['gitlab_ssh_host']` in `gitlab.rb` of web nodes. +- HTTP remote URL as shown in + [Custom Git clone URL for HTTP(S)](../../../user/admin_area/settings/visibility_and_access_controls.md#custom-git-clone-url-for-https). ## Example Git request handling behavior diff --git a/doc/ci/yaml/README.md b/doc/ci/yaml/README.md index 38687c6e6e2..4569e9ff9b6 100644 --- a/doc/ci/yaml/README.md +++ b/doc/ci/yaml/README.md @@ -245,7 +245,7 @@ jobs, including deploy jobs, but after the restoration of [artifacts](#artifacts This must be an an array. `after_script` is used to define the command that will be run after all -jobs, including failed ones. This has to be an array or a multi-line string. +jobs, including failed ones. This must be an an array. Scripts specified in `before_script` are: diff --git a/doc/development/documentation/styleguide.md b/doc/development/documentation/styleguide.md index efff477eff6..b6ec7a858fa 100644 --- a/doc/development/documentation/styleguide.md +++ b/doc/development/documentation/styleguide.md @@ -1051,6 +1051,38 @@ In this case: - Different highlighting languages are used for each config in the code block. - The [GitLab Restart](#gitlab-restart) section is used to explain a required restart/reconfigure of GitLab. +## Feature flags + +Sometimes features are shipped with feature flags, either: + +- On by default, but providing the option to turn the feature off. +- Off by default, but providing the option to turn the feature on. + +When documenting feature flags for a feature, it's important that users know: + +- Why a feature flag is necessary. Some of the reasons are + [outlined in the handbook](https://about.gitlab.com/handbook/product/#alpha-beta-ga). +- That administrative access is required to make a feature flag change. +- What to ask for when requesting a change to a feature flag's state. + +NOTE: **Note:** +The [Product Manager for the relevant group](https://about.gitlab.com/handbook/product/categories/#devops-stages) +must review and approve the addition or removal of any mentions of using feature flags before the doc change is merged. + +The following is sample text for adding feature flag documentation for a feature: + +````md +### Disabling the feature + +This feature comes with the `:feature_flag` feature flag enabled by default. However, in some cases +this feature is incompatible with old configuration. To turn off the feature while configuration is +migrated, ask a GitLab administrator with Rails console access to run the following command: + +```ruby +Feature.disable(:feature_flag) +``` +```` + ## API Here is a list of must-have items. Use them in the exact order that appears diff --git a/doc/user/admin_area/settings/img/clone_panel.png b/doc/user/admin_area/settings/img/clone_panel_v12_4.png Binary files differindex 8aa0bd2f7d8..8aa0bd2f7d8 100644 --- a/doc/user/admin_area/settings/img/clone_panel.png +++ b/doc/user/admin_area/settings/img/clone_panel_v12_4.png diff --git a/doc/user/admin_area/settings/img/custom_git_clone_url_for_https.png b/doc/user/admin_area/settings/img/custom_git_clone_url_for_https_v12_4.png Binary files differindex 22cdd15cc0c..22cdd15cc0c 100644 --- a/doc/user/admin_area/settings/img/custom_git_clone_url_for_https.png +++ b/doc/user/admin_area/settings/img/custom_git_clone_url_for_https_v12_4.png diff --git a/doc/user/admin_area/settings/visibility_and_access_controls.md b/doc/user/admin_area/settings/visibility_and_access_controls.md index 63d3dd9ffe3..f718e31e8bd 100644 --- a/doc/user/admin_area/settings/visibility_and_access_controls.md +++ b/doc/user/admin_area/settings/visibility_and_access_controls.md @@ -137,18 +137,21 @@ from CI/CD jobs, even if _Only SSH_ was selected. ## Custom Git clone URL for HTTP(S) +> [Introduced](https://gitlab.com/gitlab-org/gitlab/merge_requests/18422) in GitLab 12.4. + You can customize project Git clone URLs for HTTP(S). This will affect the clone panel: - + + +For example, if: -For example, if your -GitLab instance is at `https://example.com`, then project clone URLs look like -`https://example.com/foo/bar.git`. If you'd to provide clone URLs that look like -`https://git.example.com/gitlab/foo/bar.git` instead, then you can set this -setting to `https://git.example.com/gitlab/`. +- Your GitLab instance is at `https://example.com`, then project clone URLs are like + `https://example.com/foo/bar.git`. +- You want clone URLs that look like `https://git.example.com/gitlab/foo/bar.git` instead, + you can set this setting to `https://git.example.com/gitlab/`. - + To specify a custom Git clone URL for HTTP(S): @@ -156,8 +159,8 @@ To specify a custom Git clone URL for HTTP(S): 1. Click on **Save changes**. NOTE: **Note:** -SSH clone URLs can be customized in `gitlab.rb` by setting -`gitlab_rails["gitlab_ssh_host"]` and other related settings. +SSH clone URLs can be customized in `gitlab.rb` by setting `gitlab_rails['gitlab_ssh_host']` and +other related settings. ## RSA, DSA, ECDSA, ED25519 SSH keys diff --git a/doc/user/project/clusters/img/kubernetes_pod_logs.png b/doc/user/project/clusters/img/kubernetes_pod_logs.png Binary files differindex e664a47386a..73c2ecd182a 100644 --- a/doc/user/project/clusters/img/kubernetes_pod_logs.png +++ b/doc/user/project/clusters/img/kubernetes_pod_logs.png diff --git a/doc/user/project/clusters/kubernetes_pod_logs.md b/doc/user/project/clusters/kubernetes_pod_logs.md index 82f658ce724..910ebb8a503 100644 --- a/doc/user/project/clusters/kubernetes_pod_logs.md +++ b/doc/user/project/clusters/kubernetes_pod_logs.md @@ -17,7 +17,7 @@ Everything you need to build, test, deploy, and run your app at scale. 1. On the **Environments** page, you should see the status of the environment's pods with [Deploy Boards](../deploy_boards.md). 1. When mousing over the list of pods, a tooltip will appear with the exact pod name and status.  -1. Click on the desired pod to bring up the logs view, which will contain the last 500 lines for that pod. Support for pods with multiple containers is coming [in a future release](https://gitlab.com/gitlab-org/gitlab/issues/6502). +1. Click on the desired pod to bring up the logs view, which will contain the last 500 lines for that pod. You may switch between pods and environments in this view. Support for pods with multiple containers is coming [in a future release](https://gitlab.com/gitlab-org/gitlab/issues/6502).  ## Requirements diff --git a/lib/gitlab/ci/templates/Auto-DevOps.gitlab-ci.yml b/lib/gitlab/ci/templates/Auto-DevOps.gitlab-ci.yml index 1ad9dd2913e..5a7642d24ee 100644 --- a/lib/gitlab/ci/templates/Auto-DevOps.gitlab-ci.yml +++ b/lib/gitlab/ci/templates/Auto-DevOps.gitlab-ci.yml @@ -77,15 +77,10 @@ include: - template: Jobs/Test.gitlab-ci.yml # https://gitlab.com/gitlab-org/gitlab-foss/blob/master/lib/gitlab/ci/templates/Jobs/Test.gitlab-ci.yml - template: Jobs/Code-Quality.gitlab-ci.yml # https://gitlab.com/gitlab-org/gitlab-foss/blob/master/lib/gitlab/ci/templates/Jobs/Code-Quality.gitlab-ci.yml - template: Jobs/Deploy.gitlab-ci.yml # https://gitlab.com/gitlab-org/gitlab-foss/blob/master/lib/gitlab/ci/templates/Jobs/Deploy.gitlab-ci.yml + - template: Jobs/DAST-Default-Branch-Deploy.gitlab-ci.yml # https://gitlab.com/gitlab-org/gitlab-foss/blob/master/lib/gitlab/ci/templates/Jobs/DAST-Default-Branch-Deploy.gitlab-ci.yml - template: Jobs/Browser-Performance-Testing.gitlab-ci.yml # https://gitlab.com/gitlab-org/gitlab-foss/blob/master/lib/gitlab/ci/templates/Jobs/Browser-Performance-Testing.gitlab-ci.yml - template: Security/DAST.gitlab-ci.yml # https://gitlab.com/gitlab-org/gitlab-foss/blob/master/lib/gitlab/ci/templates/Security/DAST.gitlab-ci.yml - template: Security/Container-Scanning.gitlab-ci.yml # https://gitlab.com/gitlab-org/gitlab-foss/blob/master/lib/gitlab/ci/templates/Security/Container-Scanning.gitlab-ci.yml - template: Security/Dependency-Scanning.gitlab-ci.yml # https://gitlab.com/gitlab-org/gitlab-foss/blob/master/lib/gitlab/ci/templates/Security/Dependency-Scanning.gitlab-ci.yml - template: Security/License-Management.gitlab-ci.yml # https://gitlab.com/gitlab-org/gitlab-foss/blob/master/lib/gitlab/ci/templates/Security/License-Management.gitlab-ci.yml - template: Security/SAST.gitlab-ci.yml # https://gitlab.com/gitlab-org/gitlab-foss/blob/master/lib/gitlab/ci/templates/Security/SAST.gitlab-ci.yml - -# Override DAST job to exclude master branch -dast: - except: - refs: - - master diff --git a/lib/gitlab/ci/templates/Jobs/DAST-Default-Branch-Deploy.gitlab-ci.yml b/lib/gitlab/ci/templates/Jobs/DAST-Default-Branch-Deploy.gitlab-ci.yml new file mode 100644 index 00000000000..ae2ff9992f9 --- /dev/null +++ b/lib/gitlab/ci/templates/Jobs/DAST-Default-Branch-Deploy.gitlab-ci.yml @@ -0,0 +1,55 @@ +.auto-deploy: + image: "registry.gitlab.com/gitlab-org/cluster-integration/auto-deploy-image:v0.1.0" + +dast_environment_deploy: + extends: .auto-deploy + stage: review + script: + - auto-deploy check_kube_domain + - auto-deploy download_chart + - auto-deploy ensure_namespace + - auto-deploy initialize_tiller + - auto-deploy create_secret + - auto-deploy deploy + - auto-deploy persist_environment_url + environment: + name: dast-default + url: http://dast-$CI_PROJECT_ID-$CI_ENVIRONMENT_SLUG.$KUBE_INGRESS_BASE_DOMAIN + on_stop: stop_dast_environment + artifacts: + paths: [environment_url.txt] + only: + refs: + - branches + variables: + - $GITLAB_FEATURES =~ /\bdast\b/ + kubernetes: active + except: + variables: + - $CI_DEFAULT_BRANCH != $CI_COMMIT_REF_NAME + - $DAST_DISABLED || $DAST_DISABLED_FOR_DEFAULT_BRANCH + - $DAST_WEBSITE # we don't need to create a review app if a URL is already given + +stop_dast_environment: + extends: .auto-deploy + stage: cleanup + variables: + GIT_STRATEGY: none + script: + - auto-deploy initialize_tiller + - auto-deploy delete + environment: + name: dast-default + action: stop + needs: ["dast"] + only: + refs: + - branches + variables: + - $GITLAB_FEATURES =~ /\bdast\b/ + kubernetes: active + except: + variables: + - $CI_DEFAULT_BRANCH != $CI_COMMIT_REF_NAME + - $DAST_DISABLED || $DAST_DISABLED_FOR_DEFAULT_BRANCH + - $DAST_WEBSITE diff --git a/lib/gitlab/ci/templates/Security/DAST.gitlab-ci.yml b/lib/gitlab/ci/templates/Security/DAST.gitlab-ci.yml index 4b55ffd3771..23c65a0cb67 100644 --- a/lib/gitlab/ci/templates/Security/DAST.gitlab-ci.yml +++ b/lib/gitlab/ci/templates/Security/DAST.gitlab-ci.yml @@ -46,3 +46,4 @@ dast: except: variables: - $DAST_DISABLED + - $DAST_DISABLED_FOR_DEFAULT_BRANCH && $CI_DEFAULT_BRANCH == $CI_COMMIT_REF_NAME diff --git a/spec/models/ci/build_spec.rb b/spec/models/ci/build_spec.rb index cd923f50e02..da8ea00b2f6 100644 --- a/spec/models/ci/build_spec.rb +++ b/spec/models/ci/build_spec.rb @@ -2195,6 +2195,7 @@ describe Ci::Build do { key: 'CI_COMMIT_REF_NAME', value: build.ref, public: true, masked: false }, { key: 'CI_COMMIT_REF_SLUG', value: build.ref_slug, public: true, masked: false }, { key: 'CI_NODE_TOTAL', value: '1', public: true, masked: false }, + { key: 'CI_DEFAULT_BRANCH', value: project.default_branch, public: true, masked: false }, { key: 'CI_BUILD_REF', value: build.sha, public: true, masked: false }, { key: 'CI_BUILD_BEFORE_SHA', value: build.before_sha, public: true, masked: false }, { key: 'CI_BUILD_REF_NAME', value: build.ref, public: true, masked: false }, |
