diff options
88 files changed, 698 insertions, 365 deletions
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 700e2232da1..4f91bdd27b1 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -1,4 +1,4 @@ -image: "registry.gitlab.com/gitlab-org/gitlab-build-images:ruby-2.6.5-golang-1.14-git-2.26-lfs-2.9-chrome-73.0-node-12.x-yarn-1.21-postgresql-9.6-graphicsmagick-1.3.34" +image: "registry.gitlab.com/gitlab-org/gitlab-build-images:ruby-2.6.5-golang-1.14-git-2.26-lfs-2.9-chrome-73.0-node-12.x-yarn-1.21-postgresql-10-graphicsmagick-1.3.34" stages: - sync diff --git a/.gitlab/ci/dev-fixtures.gitlab-ci.yml b/.gitlab/ci/dev-fixtures.gitlab-ci.yml index 0045691873f..f7c4b29169c 100644 --- a/.gitlab/ci/dev-fixtures.gitlab-ci.yml +++ b/.gitlab/ci/dev-fixtures.gitlab-ci.yml @@ -3,9 +3,9 @@ - .default-retry - .default-cache - .default-before_script - - .use-pg9 + - .use-pg10 stage: test - needs: ["setup-test-env"] + needs: ["setup-test-env pg10"] variables: FIXTURE_PATH: "db/fixtures/development" SEED_CYCLE_ANALYTICS: "true" @@ -26,7 +26,7 @@ run-dev-fixtures-ee: extends: - .run-dev-fixtures - .dev-fixtures:rules:ee-only - - .use-pg9-ee + - .use-pg10-ee script: - scripts/gitaly-test-spawn - cp ee/db/fixtures/development/* $FIXTURE_PATH diff --git a/.gitlab/ci/docs.gitlab-ci.yml b/.gitlab/ci/docs.gitlab-ci.yml index 946db0c4be8..1a1076164e1 100644 --- a/.gitlab/ci/docs.gitlab-ci.yml +++ b/.gitlab/ci/docs.gitlab-ci.yml @@ -66,9 +66,9 @@ graphql-reference-verify: - .default-cache - .default-before_script - .docs:rules:graphql-reference-verify - - .use-pg9 + - .use-pg10 stage: test - needs: ["setup-test-env"] + needs: ["setup-test-env pg10"] script: - bundle exec rake gitlab:graphql:check_docs - bundle exec rake gitlab:graphql:check_schema diff --git a/.gitlab/ci/frontend.gitlab-ci.yml b/.gitlab/ci/frontend.gitlab-ci.yml index a02d76c4698..d1fe9c6241d 100644 --- a/.gitlab/ci/frontend.gitlab-ci.yml +++ b/.gitlab/ci/frontend.gitlab-ci.yml @@ -135,13 +135,9 @@ compile-assets pull-cache as-if-foss: - .default-retry - .default-cache - .default-before_script - - .use-pg9 + - .use-pg10 stage: fixtures - needs: - - job: "setup-test-env" - artifacts: true - - job: "compile-assets pull-cache" - artifacts: true + needs: ["setup-test-env pg10", "compile-assets pull-cache"] script: - date - scripts/gitaly-test-spawn @@ -270,7 +266,6 @@ coverage-frontend: .qa-frontend-node: extends: - .default-retry - - .default-cache - .frontend:rules:qa-frontend-node stage: test dependencies: [] @@ -300,7 +295,7 @@ webpack-dev-server: - .default-cache - .frontend:rules:default-frontend-jobs stage: test - needs: ["setup-test-env", "compile-assets pull-cache"] + needs: ["setup-test-env pg10", "compile-assets pull-cache"] variables: WEBPACK_MEMORY_TEST: "true" WEBPACK_VENDOR_DLL: "true" diff --git a/.gitlab/ci/global.gitlab-ci.yml b/.gitlab/ci/global.gitlab-ci.yml index e6b81c9f366..490b8ed60df 100644 --- a/.gitlab/ci/global.gitlab-ci.yml +++ b/.gitlab/ci/global.gitlab-ci.yml @@ -21,7 +21,7 @@ # Jobs that only need to pull cache .default-cache: cache: - key: "debian-stretch-ruby-2.6.5-pg9.6-node-12.x" + key: "debian-stretch-ruby-2.6.5-pg10-node-12.x" paths: - .go/pkg/mod - vendor/ruby @@ -30,12 +30,15 @@ policy: pull .use-pg9: + image: "registry.gitlab.com/gitlab-org/gitlab-build-images:ruby-2.6.5-golang-1.12-git-2.24-lfs-2.9-chrome-73.0-node-12.x-yarn-1.21-postgresql-9.6-graphicsmagick-1.3.34" services: - name: postgres:9.6.17 command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"] - name: redis:alpine variables: POSTGRES_HOST_AUTH_METHOD: trust + cache: + key: "debian-stretch-ruby-2.6.5-pg9-node-12.x" .use-pg10: image: "registry.gitlab.com/gitlab-org/gitlab-build-images:ruby-2.6.5-golang-1.14-git-2.26-lfs-2.9-chrome-73.0-node-12.x-yarn-1.21-postgresql-10-graphicsmagick-1.3.34" @@ -45,6 +48,8 @@ - name: redis:alpine variables: POSTGRES_HOST_AUTH_METHOD: trust + cache: + key: "debian-stretch-ruby-2.6.5-pg10-node-12.x" .use-pg11: image: "registry.gitlab.com/gitlab-org/gitlab-build-images:ruby-2.6.5-golang-1.14-git-2.26-lfs-2.9-chrome-73.0-node-12.x-yarn-1.21-postgresql-11-graphicsmagick-1.3.34" @@ -54,8 +59,11 @@ - name: redis:alpine variables: POSTGRES_HOST_AUTH_METHOD: trust + cache: + key: "debian-stretch-ruby-2.6.5-pg11-node-12.x" .use-pg9-ee: + image: "registry.gitlab.com/gitlab-org/gitlab-build-images:ruby-2.6.5-golang-1.12-git-2.24-lfs-2.9-chrome-73.0-node-12.x-yarn-1.21-postgresql-9.6-graphicsmagick-1.3.34" services: - name: postgres:9.6.17 command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"] @@ -63,6 +71,8 @@ - name: elasticsearch:6.4.2 variables: POSTGRES_HOST_AUTH_METHOD: trust + cache: + key: "debian-stretch-ruby-2.6.5-pg9-node-12.x" .use-pg10-ee: image: "registry.gitlab.com/gitlab-org/gitlab-build-images:ruby-2.6.5-golang-1.14-git-2.26-lfs-2.9-chrome-73.0-node-12.x-yarn-1.21-postgresql-10-graphicsmagick-1.3.34" @@ -73,6 +83,8 @@ - name: elasticsearch:6.4.2 variables: POSTGRES_HOST_AUTH_METHOD: trust + cache: + key: "debian-stretch-ruby-2.6.5-pg10-node-12.x" .use-pg11-ee: image: "registry.gitlab.com/gitlab-org/gitlab-build-images:ruby-2.6.5-golang-1.14-git-2.26-lfs-2.9-chrome-73.0-node-12.x-yarn-1.21-postgresql-11-graphicsmagick-1.3.34" @@ -83,6 +95,8 @@ - name: elasticsearch:6.4.2 variables: POSTGRES_HOST_AUTH_METHOD: trust + cache: + key: "debian-stretch-ruby-2.6.5-pg11-node-12.x" .as-if-foss: variables: diff --git a/.gitlab/ci/memory.gitlab-ci.yml b/.gitlab/ci/memory.gitlab-ci.yml index b2267b03c5f..0f107373ea8 100644 --- a/.gitlab/ci/memory.gitlab-ci.yml +++ b/.gitlab/ci/memory.gitlab-ci.yml @@ -8,9 +8,7 @@ memory-static: extends: .only-code-memory-job-base stage: test - needs: - - job: setup-test-env - artifacts: true + needs: ["setup-test-env pg10"] variables: SETUP_DB: "false" script: @@ -40,11 +38,7 @@ memory-on-boot: - .only-code-memory-job-base - .use-pg10 stage: test - needs: - - job: setup-test-env - artifacts: true - - job: compile-assets pull-cache - artifacts: true + needs: ["setup-test-env pg10", "compile-assets pull-cache"] variables: NODE_ENV: "production" RAILS_ENV: "production" diff --git a/.gitlab/ci/pages.gitlab-ci.yml b/.gitlab/ci/pages.gitlab-ci.yml index 983f675d1d6..38d79ddb090 100644 --- a/.gitlab/ci/pages.gitlab-ci.yml +++ b/.gitlab/ci/pages.gitlab-ci.yml @@ -1,7 +1,6 @@ pages: extends: - .default-retry - - .default-cache - .pages:rules stage: pages dependencies: ["rspec:coverage", "karma", "gitlab:assets:compile pull-cache"] diff --git a/.gitlab/ci/rails.gitlab-ci.yml b/.gitlab/ci/rails.gitlab-ci.yml index 82ce9310ee8..a230880fa7d 100644 --- a/.gitlab/ci/rails.gitlab-ci.yml +++ b/.gitlab/ci/rails.gitlab-ci.yml @@ -1,9 +1,5 @@ .rails:needs:setup-and-assets: - needs: - - job: setup-test-env - artifacts: true - - job: compile-assets pull-cache - artifacts: true + needs: ["setup-test-env pg10", "compile-assets pull-cache"] .rails-job-base: extends: @@ -12,12 +8,10 @@ - .default-before_script #################### -# ee and foss jobs # -setup-test-env: +# EE and FOSS jobs # +.base-setup-test-env: extends: - .rails-job-base - - .rails:rules:default-refs-code-backstage-qa - - .use-pg9 stage: prepare script: - bundle exec ruby -Ispec -e 'require "spec_helper" ; TestEnv.init' @@ -31,6 +25,24 @@ setup-test-env: cache: policy: pull-push +setup-test-env pg10: + extends: + - .base-setup-test-env + - .rails:rules:default-refs-code-backstage-qa + - .use-pg10 + +setup-test-env pg11: + extends: + - .base-setup-test-env + - .rails:rules:master-refs-code-backstage + - .use-pg11 + +setup-test-env pg9: + extends: + - .base-setup-test-env + - .rails:rules:nightly-master-refs-code-backstage + - .use-pg9 + static-analysis: extends: - .rails-job-base @@ -43,7 +55,7 @@ static-analysis: script: - scripts/static-analysis cache: - key: "debian-stretch-ruby-2.6-pg9.6-rubocop" + key: "ruby-2.6.5-pg10-rubocop" paths: - vendor/ruby - tmp/rubocop_cache @@ -63,13 +75,7 @@ downtime_check: .rspec-base: extends: .rails-job-base stage: test - needs: - - job: setup-test-env - artifacts: true - - job: retrieve-tests-metadata - artifacts: true - - job: compile-assets pull-cache - artifacts: true + needs: ["setup-test-env pg10", "retrieve-tests-metadata", "compile-assets pull-cache"] script: - source scripts/rspec_helpers.sh - rspec_paralellized_job "--tag ~quarantine --tag ~geo --tag ~level:migration" @@ -87,10 +93,10 @@ downtime_check: reports: junit: junit_rspec.xml -.rspec-base-quarantine: +.rspec-base-quarantine-pg10: extends: - .rspec-base - - .use-pg9 + - .use-pg10 variables: RSPEC_OPTS: "--tag quarantine -- spec/" script: @@ -98,37 +104,37 @@ downtime_check: - rspec_simple_job "${RSPEC_OPTS}" allow_failure: true -.rspec-base-pg9: +.rspec-base-pg10: extends: - .rspec-base - .rails:rules:ee-and-foss - - .use-pg9 + - .use-pg10 .rspec-base-migration: script: - source scripts/rspec_helpers.sh - rspec_paralellized_job "--tag ~quarantine --tag ~geo --tag level:migration" -rspec migration pg9: +rspec migration pg10: extends: - - .rspec-base-pg9 + - .rspec-base-pg10 - .rspec-base-migration parallel: 5 -rspec unit pg9: - extends: .rspec-base-pg9 +rspec unit pg10: + extends: .rspec-base-pg10 parallel: 20 -rspec integration pg9: - extends: .rspec-base-pg9 +rspec integration pg10: + extends: .rspec-base-pg10 parallel: 8 -rspec system pg9: - extends: .rspec-base-pg9 +rspec system pg10: + extends: .rspec-base-pg10 parallel: 24 rspec fast_spec_helper: - extends: .rspec-base-pg9 + extends: .rspec-base-pg10 script: - bin/rspec spec/fast_spec_helper.rb @@ -136,11 +142,9 @@ rspec fast_spec_helper: extends: - .rails-job-base - .rails:rules:ee-and-foss - - .use-pg9 + - .use-pg10 stage: test - needs: - - job: setup-test-env - artifacts: true + needs: ["setup-test-env pg10"] db:migrate:reset: extends: .db-job-base @@ -209,18 +213,18 @@ rspec:coverage: # We cannot use needs since it would mean needing 84 jobs (since most are parallelized) # so we use `dependencies` here. dependencies: - - setup-test-env - - rspec migration pg9 - - rspec unit pg9 - - rspec integration pg9 - - rspec system pg9 - - rspec-ee migration pg9 - - rspec-ee unit pg9 - - rspec-ee integration pg9 - - rspec-ee system pg9 - - rspec-ee unit pg9 geo - - rspec-ee integration pg9 geo - - rspec-ee system pg9 geo + - setup-test-env pg10 + - rspec migration pg10 + - rspec unit pg10 + - rspec integration pg10 + - rspec system pg10 + - rspec-ee migration pg10 + - rspec-ee unit pg10 + - rspec-ee integration pg10 + - rspec-ee system pg10 + - rspec-ee unit pg10 geo + - rspec-ee integration pg10 geo + - rspec-ee system pg10 geo - memory-static - memory-on-boot variables: @@ -238,170 +242,167 @@ rspec:coverage: - coverage/index.html - coverage/assets/ - tmp/memory_test/ -# ee and foss jobs # +# EE and FOSS jobs # #################### #################### # master-only jobs # -rspec quarantine pg9: +rspec quarantine pg10: extends: - - .rspec-base-quarantine + - .rspec-base-quarantine-pg10 - .rails:rules:master-refs-code-backstage -.rspec-base-pg10: +.rspec-base-pg11: extends: - .rspec-base - .rails:rules:master-refs-code-backstage - - .use-pg10 + - .use-pg11 + needs: ["setup-test-env pg11", "retrieve-tests-metadata", "compile-assets pull-cache"] -rspec migration pg10: +rspec migration pg11: extends: - - .rspec-base-pg10 + - .rspec-base-pg11 - .rspec-base-migration - parallel: 2 + parallel: 5 -rspec unit pg10: - extends: .rspec-base-pg10 +rspec unit pg11: + extends: .rspec-base-pg11 parallel: 20 -rspec integration pg10: - extends: .rspec-base-pg10 +rspec integration pg11: + extends: .rspec-base-pg11 parallel: 8 -rspec system pg10: - extends: .rspec-base-pg10 +rspec system pg11: + extends: .rspec-base-pg11 parallel: 24 # master-only jobs # #################### -############################ -# nightly master-only jobs # -.rspec-base-pg11: +###################### +# nightly-only jobs # +.rspec-base-pg9: extends: - .rspec-base - .rails:rules:nightly-master-refs-code-backstage - - .use-pg11 + - .use-pg9 + needs: ["setup-test-env pg9", "retrieve-tests-metadata", "compile-assets pull-cache"] -rspec migration pg11: +rspec migration pg9: extends: - - .rspec-base-pg11 + - .rspec-base-pg9 - .rspec-base-migration - parallel: 2 + parallel: 5 -rspec unit pg11: - extends: .rspec-base-pg11 +rspec unit pg9: + extends: .rspec-base-pg9 parallel: 20 -rspec integration pg11: - extends: .rspec-base-pg11 +rspec integration pg9: + extends: .rspec-base-pg9 parallel: 8 -rspec system pg11: - extends: .rspec-base-pg11 +rspec system pg9: + extends: .rspec-base-pg9 parallel: 24 -# nightly master-only jobs # -############################ +# nightly-only jobs # +##################### -######################### -# ee + master-only jobs # -rspec-ee quarantine pg9: +####################### +# EE master-only jobs # +rspec-ee quarantine pg10: extends: - - .rspec-base-quarantine + - .rspec-base-quarantine-pg10 - .rails:rules:master-refs-code-backstage-ee-only variables: RSPEC_OPTS: "--tag quarantine -- ee/spec/" -rspec-ee migration pg10: +.rspec-ee-base-pg11: extends: - - .rspec-ee-base-pg10 + - .rspec-base-ee + - .use-pg11-ee + needs: ["setup-test-env pg11", "retrieve-tests-metadata", "compile-assets pull-cache"] + +rspec-ee migration pg11: + extends: + - .rspec-ee-base-pg11 - .rspec-base-migration - .rails:rules:master-refs-code-backstage parallel: 2 -rspec-ee unit pg10: +rspec-ee unit pg11: extends: - - .rspec-ee-base-pg10 + - .rspec-ee-base-pg11 - .rails:rules:master-refs-code-backstage parallel: 10 -rspec-ee integration pg10: +rspec-ee integration pg11: extends: - - .rspec-ee-base-pg10 + - .rspec-ee-base-pg11 - .rails:rules:master-refs-code-backstage parallel: 4 -rspec-ee system pg10: +rspec-ee system pg11: extends: - - .rspec-ee-base-pg10 + - .rspec-ee-base-pg11 - .rails:rules:master-refs-code-backstage parallel: 6 -# ee + master-only jobs # -######################### +# EE master-only jobs # +####################### -################# -# ee-only jobs # +################ +# EE-only jobs # .rspec-base-ee: extends: - .rspec-base - .rails:rules:ee-only -.rspec-base-pg9-as-if-foss: +.rspec-base-pg10-as-if-foss: extends: - .rspec-base-ee - .as-if-foss - - .use-pg9 - needs: - - job: setup-test-env - artifacts: true - - job: retrieve-tests-metadata - artifacts: true - - job: compile-assets pull-cache as-if-foss - artifacts: true - -.rspec-ee-base-pg9: - extends: - - .rspec-base-ee - - .use-pg9-ee + - .use-pg10 + needs: ["setup-test-env pg10", "retrieve-tests-metadata", "compile-assets pull-cache as-if-foss"] .rspec-ee-base-pg10: extends: - .rspec-base-ee - .use-pg10-ee -rspec migration pg9-as-if-foss: +rspec migration pg10-as-if-foss: extends: - - .rspec-base-pg9-as-if-foss + - .rspec-base-pg10-as-if-foss - .rspec-base-migration parallel: 5 -rspec unit pg9-as-if-foss: - extends: .rspec-base-pg9-as-if-foss +rspec unit pg10-as-if-foss: + extends: .rspec-base-pg10-as-if-foss parallel: 20 -rspec integration pg9-as-if-foss: - extends: .rspec-base-pg9-as-if-foss +rspec integration pg10-as-if-foss: + extends: .rspec-base-pg10-as-if-foss parallel: 8 -rspec system pg9-as-if-foss: - extends: .rspec-base-pg9-as-if-foss +rspec system pg10-as-if-foss: + extends: .rspec-base-pg10-as-if-foss parallel: 24 -rspec-ee migration pg9: +rspec-ee migration pg10: extends: - - .rspec-ee-base-pg9 + - .rspec-ee-base-pg10 - .rspec-base-migration parallel: 2 -rspec-ee unit pg9: - extends: .rspec-ee-base-pg9 +rspec-ee unit pg10: + extends: .rspec-ee-base-pg10 parallel: 10 -rspec-ee integration pg9: - extends: .rspec-ee-base-pg9 +rspec-ee integration pg10: + extends: .rspec-ee-base-pg10 parallel: 4 -rspec-ee system pg9: - extends: .rspec-ee-base-pg9 +rspec-ee system pg10: + extends: .rspec-ee-base-pg10 parallel: 6 .rspec-ee-base-geo: @@ -411,26 +412,11 @@ rspec-ee system pg9: - scripts/prepare_postgres_fdw.sh - rspec_paralellized_job "--tag ~quarantine --tag geo" -.rspec-ee-base-geo-pg9: - extends: - - .rspec-ee-base-geo - - .use-pg9-ee - .rspec-ee-base-geo-pg10: extends: - .rspec-ee-base-geo - .use-pg10-ee -rspec-ee unit pg9 geo: - extends: .rspec-ee-base-geo-pg9 - parallel: 2 - -rspec-ee integration pg9 geo: - extends: .rspec-ee-base-geo-pg9 - -rspec-ee system pg9 geo: - extends: .rspec-ee-base-geo-pg9 - rspec-ee unit pg10 geo: extends: .rspec-ee-base-geo-pg10 parallel: 2 @@ -448,5 +434,26 @@ db:rollback geo: script: - bundle exec rake geo:db:migrate VERSION=20170627195211 - bundle exec rake geo:db:migrate -# ee-only jobs # +# EE-only jobs # ################ + +######################## +# EE nightly-only jobs # +.rspec-ee-base-geo-pg9: + extends: + - .rspec-ee-base-geo + - .use-pg9-ee + - .rails:rules:nightly-master-refs-code-backstage-ee-only + needs: ["setup-test-env pg9", "retrieve-tests-metadata", "compile-assets pull-cache"] + +rspec-ee unit pg9 geo: + extends: .rspec-ee-base-geo-pg9 + parallel: 2 + +rspec-ee integration pg9 geo: + extends: .rspec-ee-base-geo-pg9 + +rspec-ee system pg9 geo: + extends: .rspec-ee-base-geo-pg9 +# EE nightly-only jobs # +######################## diff --git a/.gitlab/ci/rules.gitlab-ci.yml b/.gitlab/ci/rules.gitlab-ci.yml index 50207a6bb8d..c5b142a63d7 100644 --- a/.gitlab/ci/rules.gitlab-ci.yml +++ b/.gitlab/ci/rules.gitlab-ci.yml @@ -361,6 +361,7 @@ - <<: *if-master-refs changes: *code-backstage-patterns when: on_success + - changes: [".gitlab/ci/rails.gitlab-ci.yml"] .rails:rules:master-refs-code-backstage-ee-only: rules: @@ -369,12 +370,23 @@ - <<: *if-master-refs changes: *code-backstage-patterns when: on_success + - changes: [".gitlab/ci/rails.gitlab-ci.yml"] .rails:rules:nightly-master-refs-code-backstage: rules: - <<: *if-nightly-master-schedule changes: *code-backstage-patterns when: on_success + - changes: [".gitlab/ci/rails.gitlab-ci.yml"] + +.rails:rules:nightly-master-refs-code-backstage-ee-only: + rules: + - <<: *if-not-ee + when: never + - <<: *if-nightly-master-schedule + changes: *code-backstage-patterns + when: on_success + - changes: [".gitlab/ci/rails.gitlab-ci.yml"] .rails:rules:ee-only: rules: diff --git a/.gitlab/ci/setup.gitlab-ci.yml b/.gitlab/ci/setup.gitlab-ci.yml index 15331cd34aa..8ef7ad2979e 100644 --- a/.gitlab/ci/setup.gitlab-ci.yml +++ b/.gitlab/ci/setup.gitlab-ci.yml @@ -7,9 +7,7 @@ cache gems: - .default-before_script - .setup:rules:cache-gems stage: test - needs: - - job: setup-test-env - artifacts: true + needs: ["setup-test-env pg10"] variables: SETUP_DB: "false" script: diff --git a/.rubocop.yml b/.rubocop.yml index b03aa069ebf..6dd06984de6 100644 --- a/.rubocop.yml +++ b/.rubocop.yml @@ -216,10 +216,8 @@ Gitlab/DuplicateSpecLocation: Exclude: - ee/spec/helpers/auth_helper_spec.rb - ee/spec/lib/gitlab/gl_repository_spec.rb - - ee/spec/models/namespace_spec.rb - ee/spec/services/merge_requests/refresh_service_spec.rb - ee/spec/helpers/ee/auth_helper_spec.rb - - ee/spec/models/ee/namespace_spec.rb - ee/spec/services/ee/merge_requests/refresh_service_spec.rb Cop/InjectEnterpriseEditionModule: @@ -387,5 +385,4 @@ Performance/ChainArrayAllocation: RSpec/RepeatedExample: Exclude: - 'spec/features/merge_request/user_posts_diff_notes_spec.rb' - - 'spec/features/projects/files/template_type_dropdown_spec.rb' - 'spec/services/notification_service_spec.rb' diff --git a/app/assets/javascripts/api.js b/app/assets/javascripts/api.js index 797eaf629bf..75f7fe62a7e 100644 --- a/app/assets/javascripts/api.js +++ b/app/assets/javascripts/api.js @@ -47,6 +47,7 @@ const Api = { adminStatisticsPath: '/api/:version/application/statistics', pipelineSinglePath: '/api/:version/projects/:id/pipelines/:pipeline_id', environmentsPath: '/api/:version/projects/:id/environments', + rawFilePath: '/api/:version/projects/:id/repository/files/:path/raw', group(groupId, callback) { const url = Api.buildUrl(Api.groupPath).replace(':id', groupId); @@ -497,6 +498,14 @@ const Api = { return axios.get(url); }, + getRawFile(id, path, params = { ref: 'master' }) { + const url = Api.buildUrl(this.rawFilePath) + .replace(':id', encodeURIComponent(id)) + .replace(':path', encodeURIComponent(path)); + + return axios.get(url, { params }); + }, + buildUrl(url) { return joinPaths(gon.relative_url_root || '', url.replace(':version', gon.api_version)); }, diff --git a/app/assets/javascripts/static_site_editor/services/load_source_content.js b/app/assets/javascripts/static_site_editor/services/load_source_content.js new file mode 100644 index 00000000000..1af93a8a2bc --- /dev/null +++ b/app/assets/javascripts/static_site_editor/services/load_source_content.js @@ -0,0 +1,15 @@ +import Api from '~/api'; + +const extractTitle = content => { + const matches = content.match(/title: (.+)\n/i); + + return matches ? Array.from(matches)[1] : ''; +}; + +const loadSourceContent = ({ projectId, sourcePath }) => + Api.getRawFile(projectId, sourcePath).then(({ data }) => ({ + title: extractTitle(data), + content: data, + })); + +export default loadSourceContent; diff --git a/app/graphql/resolvers/projects/jira_imports_resolver.rb b/app/graphql/resolvers/projects/jira_imports_resolver.rb index a9bfb7b612e..e7403745bea 100644 --- a/app/graphql/resolvers/projects/jira_imports_resolver.rb +++ b/app/graphql/resolvers/projects/jira_imports_resolver.rb @@ -16,6 +16,8 @@ module Resolvers end def authorized_resource?(project) + return false unless Feature.enabled?(:jira_issue_import, project) + Ability.allowed?(context[:current_user], :admin_project, project) end end diff --git a/app/helpers/ci_variables_helper.rb b/app/helpers/ci_variables_helper.rb index b271f069778..df220effd5d 100644 --- a/app/helpers/ci_variables_helper.rb +++ b/app/helpers/ci_variables_helper.rb @@ -9,6 +9,8 @@ module CiVariablesHelper if entity.is_a?(Group) create_deploy_token_group_settings_ci_cd_path(entity, opts) else + # TODO: change this path to 'create_deploy_token_project_settings_ci_cd_path' + # See MR comment for more detail: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/27059#note_311585356 create_deploy_token_project_settings_repository_path(entity, opts) end end diff --git a/app/models/concerns/has_repository.rb b/app/models/concerns/has_repository.rb index 01f1aa1758f..35faa87e876 100644 --- a/app/models/concerns/has_repository.rb +++ b/app/models/concerns/has_repository.rb @@ -11,6 +11,7 @@ module HasRepository extend ActiveSupport::Concern include AfterCommitQueue include Referable + include Gitlab::ShellAdapter include Gitlab::Utils::StrongMemoize delegate :base_dir, :disk_path, to: :storage diff --git a/app/models/project.rb b/app/models/project.rb index cc7a732d94a..eb4412decba 100644 --- a/app/models/project.rb +++ b/app/models/project.rb @@ -4,7 +4,6 @@ require 'carrierwave/orm/activerecord' class Project < ApplicationRecord include Gitlab::ConfigHelper - include Gitlab::ShellAdapter include Gitlab::VisibilityLevel include AccessRequestable include Avatarable diff --git a/app/models/user.rb b/app/models/user.rb index 62624f8eec1..68c52751804 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -109,7 +109,6 @@ class User < ApplicationRecord # Groups has_many :members - has_one :max_access_level_membership, -> { select(:id, :user_id, :access_level).order(access_level: :desc).readonly }, class_name: 'Member' has_many :group_members, -> { where(requested_at: nil) }, source: 'GroupMember' has_many :groups, through: :group_members has_many :owned_groups, -> { where(members: { access_level: Gitlab::Access::OWNER }) }, through: :group_members, source: :group @@ -1080,7 +1079,7 @@ class User < ApplicationRecord end def highest_role - max_access_level_membership&.access_level || Gitlab::Access::NO_ACCESS + user_highest_role&.highest_access_level || Gitlab::Access::NO_ACCESS end def accessible_deploy_keys diff --git a/app/views/layouts/nav/sidebar/_profile.html.haml b/app/views/layouts/nav/sidebar/_profile.html.haml index 9be39d14169..15f1067f0d9 100644 --- a/app/views/layouts/nav/sidebar/_profile.html.haml +++ b/app/views/layouts/nav/sidebar/_profile.html.haml @@ -153,6 +153,9 @@ %strong.fly-out-top-item-name = _('Authentication Log') - = render_if_exists 'layouts/nav/sidebar/profile_pipeline_quota_link' + - if Feature.enabled?(:user_usage_quota) + = render_if_exists 'layouts/nav/sidebar/profile_usage_quotas_link' + - else + = render_if_exists 'layouts/nav/sidebar/profile_pipeline_quota_link' = render 'shared/sidebar_toggle_button' diff --git a/app/workers/all_queues.yml b/app/workers/all_queues.yml index 4c8b703d60e..e37fa52f5ff 100644 --- a/app/workers/all_queues.yml +++ b/app/workers/all_queues.yml @@ -1021,7 +1021,7 @@ - :name: emails_on_push :feature_category: :source_code_management :has_external_dependencies: - :urgency: :high + :urgency: :low :resource_boundary: :cpu :weight: 2 :idempotent: diff --git a/app/workers/emails_on_push_worker.rb b/app/workers/emails_on_push_worker.rb index cc114acf7e9..2f0d7fecf19 100644 --- a/app/workers/emails_on_push_worker.rb +++ b/app/workers/emails_on_push_worker.rb @@ -6,7 +6,7 @@ class EmailsOnPushWorker # rubocop:disable Scalability/IdempotentWorker attr_reader :email, :skip_premailer feature_category :source_code_management - urgency :high + urgency :low worker_resource_boundary :cpu weight 2 diff --git a/changelogs/unreleased/low-urgency-idempotent-email-worker.yml b/changelogs/unreleased/low-urgency-idempotent-email-worker.yml new file mode 100644 index 00000000000..f9df32fff0a --- /dev/null +++ b/changelogs/unreleased/low-urgency-idempotent-email-worker.yml @@ -0,0 +1,5 @@ +--- +title: Reduce urgency of EmailsOnPushWorker +merge_request: 28783 +author: +type: other diff --git a/changelogs/unreleased/rc-filter_health_endpoint_metrics.yml b/changelogs/unreleased/rc-filter_health_endpoint_metrics.yml new file mode 100644 index 00000000000..3e1c5df7205 --- /dev/null +++ b/changelogs/unreleased/rc-filter_health_endpoint_metrics.yml @@ -0,0 +1,5 @@ +--- +title: Filter health endpoint metrics +merge_request: 27847 +author: +type: added diff --git a/changelogs/unreleased/replace_max_access_level_membership.yml b/changelogs/unreleased/replace_max_access_level_membership.yml new file mode 100644 index 00000000000..8b02e61bab7 --- /dev/null +++ b/changelogs/unreleased/replace_max_access_level_membership.yml @@ -0,0 +1,5 @@ +--- +title: Remove User's association max_access_level_membership +merge_request: 28757 +author: +type: other diff --git a/changelogs/unreleased/template-dropdown-spec.yml b/changelogs/unreleased/template-dropdown-spec.yml new file mode 100644 index 00000000000..9e585fa01e6 --- /dev/null +++ b/changelogs/unreleased/template-dropdown-spec.yml @@ -0,0 +1,5 @@ +--- +title: Fix duplicate spec in template dropdown spec +merge_request: 28858 +author: Rajendra Kadam +type: added diff --git a/config/routes/project.rb b/config/routes/project.rb index 9bae328cde6..51084cb0e7e 100644 --- a/config/routes/project.rb +++ b/config/routes/project.rb @@ -73,6 +73,7 @@ constraints(::Constraints::ProjectUrlConstrainer.new) do resource :ci_cd, only: [:show, :update], controller: 'ci_cd' do post :reset_cache put :reset_registration_token + post :create_deploy_token, path: 'deploy_token/create' end resource :operations, only: [:show, :update] do @@ -84,8 +85,8 @@ constraints(::Constraints::ProjectUrlConstrainer.new) do resource :integrations, only: [:show] resource :repository, only: [:show], controller: :repository do - # TODO: Move 'create_deploy_token' here to the ':ci_cd' resource above during 12.9. - # More details here: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/24102#note_287572556 + # TODO: Removed this "create_deploy_token" route after change was made in app/helpers/ci_variables_helper.rb:14 + # See MR comment for more detail: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/27059#note_311585356 post :create_deploy_token, path: 'deploy_token/create', to: 'ci_cd#create_deploy_token' post :cleanup end diff --git a/doc/administration/auth/ldap-troubleshooting.md b/doc/administration/auth/ldap-troubleshooting.md index 01c22711efc..b852140e80a 100644 --- a/doc/administration/auth/ldap-troubleshooting.md +++ b/doc/administration/auth/ldap-troubleshooting.md @@ -634,7 +634,7 @@ The rails console is a valuable tool to help debug LDAP problems. It allows you directly interact with the application by running commands and seeing how GitLab responds to them. -Please refer to [this guide](https://docs.gitlab.com/omnibus/maintenance/#starting-a-rails-console-session) +Please refer to [this guide](../troubleshooting/debug.md#starting-a-rails-console-session) for instructions on how to use the rails console. #### Enable debug output diff --git a/doc/administration/img/repository_storages_admin_ui_v12_10.png b/doc/administration/img/repository_storages_admin_ui_v12_10.png Binary files differindex b66e2c598bc..e5ac09524b8 100644 --- a/doc/administration/img/repository_storages_admin_ui_v12_10.png +++ b/doc/administration/img/repository_storages_admin_ui_v12_10.png diff --git a/doc/administration/instance_limits.md b/doc/administration/instance_limits.md index c53c46bf0cb..22f2d6ca0b9 100644 --- a/doc/administration/instance_limits.md +++ b/doc/administration/instance_limits.md @@ -70,7 +70,7 @@ There is a limit when embedding metrics in GFM for performance reasons. On GitLab.com, the [maximum number of webhooks](../user/gitlab_com/index.md#maximum-number-of-webhooks) per project, and per group, is limited. To set this limit on a self-managed installation, run the following in the -[GitLab Rails console](https://docs.gitlab.com/omnibus/maintenance/#starting-a-rails-console-session): +[GitLab Rails console](troubleshooting/debug.md#starting-a-rails-console-session): ```ruby # If limits don't exist for the default plan, you can create one with: @@ -120,7 +120,7 @@ will fail with a `job_activity_limit_exceeded` error. This limit is disabled by default. To set this limit on a self-managed installation, run the following in the -[GitLab Rails console](https://docs.gitlab.com/omnibus/maintenance/#starting-a-rails-console-session): +[GitLab Rails console](troubleshooting/debug.md#starting-a-rails-console-session): ```ruby # If limits don't exist for the default plan, you can create one with: @@ -145,7 +145,7 @@ limit, the subscription will be considered invalid. - On [GitLab Starter](https://about.gitlab.com/pricing/#self-managed) tier or higher self-managed installations, this limit is defined for the `default` plan that affects all projects. To set this limit on a self-managed installation, run the following in the -[GitLab Rails console](https://docs.gitlab.com/omnibus/maintenance/#starting-a-rails-console-session): +[GitLab Rails console](troubleshooting/debug.md#starting-a-rails-console-session): ```ruby Plan.default.limits.update!(ci_project_subscriptions: 500) @@ -170,7 +170,7 @@ or higher tiers), this limit is defined for the `default` plan that affects all projects. By default, there is no limit. To set this limit on a self-managed installation, run the following in the -[GitLab Rails console](https://docs.gitlab.com/omnibus/maintenance/#starting-a-rails-console-session): +[GitLab Rails console](troubleshooting/debug.md#starting-a-rails-console-session): ```ruby Plan.default.limits.update!(ci_pipeline_schedules: 100) diff --git a/doc/administration/repository_storage_types.md b/doc/administration/repository_storage_types.md index 29b4179a3f7..562f653765a 100644 --- a/doc/administration/repository_storage_types.md +++ b/doc/administration/repository_storage_types.md @@ -100,7 +100,7 @@ The "Gitaly relative path" is shown there, for example: This is the path under `/var/opt/gitlab/git-data/repositories/` on a default Omnibus installation. -In a [Rails console](troubleshooting/debug.md#starting-a-rails-console), +In a [Rails console](troubleshooting/debug.md#starting-a-rails-console-session), get this information using either the numeric project ID or the full path: ```ruby @@ -112,7 +112,7 @@ Project.find_by_full_path('group/project').disk_path To translate from a hashed storage path to a project name: -1. Start a [Rails console](troubleshooting/debug.md#starting-a-rails-console). +1. Start a [Rails console](troubleshooting/debug.md#starting-a-rails-console-session). 1. Run the following: ```ruby diff --git a/doc/administration/troubleshooting/debug.md b/doc/administration/troubleshooting/debug.md index 6a22b22a5be..295dab2be38 100644 --- a/doc/administration/troubleshooting/debug.md +++ b/doc/administration/troubleshooting/debug.md @@ -3,9 +3,10 @@ Sometimes things don't work the way they should. Here are some tips on debugging issues out in production. -## Starting a Rails console +## Starting a Rails console session -Troubleshooting and debugging often requires a rails console. +Troubleshooting and debugging your GitLab instance often requires a +[Rails console](https://guides.rubyonrails.org/command_line.html#rails-console). **For Omnibus installations** @@ -13,22 +14,81 @@ Troubleshooting and debugging often requires a rails console. sudo gitlab-rails console ``` ---- - **For installations from source** ```shell -bundle exec rails console production +sudo -u git -H bundle exec rails console -e production ``` Kubernetes: the console is in the task-runner pod, refer to our [Kubernetes cheat sheet](kubernetes_cheat_sheet.md#gitlab-specific-kubernetes-information) for details. +### Enabling Active Record logging + +You can enable output of Active Record debug logging in the Rails console +session by running: + +```ruby +ActiveRecord::Base.logger = Logger.new(STDOUT) +``` + +This will show information about database queries triggered by any Ruby code +you may run in the console. To turn off logging again, run: + +```ruby +ActiveRecord::Base.logger = nil +``` + +### Disabling database statement timeout + +You can disable the PostgreSQL statement timeout for the current Rails console +session by running: + +```ruby +ActiveRecord::Base.connection.execute('SET statement_timeout TO 0') +``` + +Note that this change only affects the current Rails console session and will +not be persisted in the GitLab production environment or in the next Rails +console session. + +### Output Rails console session history + +If you'd like to output your Rails console command history in a format that's +easy to copy and save for future reference, you can run: + +```ruby +puts Readline::HISTORY.to_a +``` + +## Using the Rails Runner + +If you need to run some Ruby code in thex context of your GitLab production +environment, you can do so using the [Rails Runner](https://guides.rubyonrails.org/command_line.html#rails-runner). + +**For Omnibus installations** + +```shell +sudo gitlab-rails runner "RAILS_COMMAND" + +# Example with a two-line Ruby script +sudo gitlab-rails runner "user = User.first; puts user.username" +``` + +**For installations from source** + +```shell +sudo -u git -H bundle exec rails runner -e production "RAILS_COMMAND" + +# Example with a two-line Ruby script +sudo -u git -H bundle exec rails runner -e production "user = User.first; puts user.username" +``` + ## Mail not working A common problem is that mails are not being sent for some reason. Suppose you configured an SMTP server, but you're not seeing mail delivered. Here's how to check the settings: -1. Run a [Rails console.](#starting-a-rails-console) +1. Run a [Rails console](#starting-a-rails-console-session). 1. Look at the ActionMailer `delivery_method` to make sure it matches what you intended. If you configured SMTP, it should say `:smtp`. If you're using @@ -168,7 +228,7 @@ separate Rails process to debug the issue: 1. Log in to your GitLab account. 1. Copy the URL that is causing problems (e.g. `https://gitlab.com/ABC`). 1. Create a Personal Access Token for your user (Profile Settings -> Access Tokens). -1. Bring up the [GitLab Rails console.](#starting-a-rails-console) +1. Bring up the [GitLab Rails console.](#starting-a-rails-console-session) 1. At the Rails console, run: ```ruby diff --git a/doc/administration/troubleshooting/gitlab_rails_cheat_sheet.md b/doc/administration/troubleshooting/gitlab_rails_cheat_sheet.md index 15ed436fb34..0471c7b7ffd 100644 --- a/doc/administration/troubleshooting/gitlab_rails_cheat_sheet.md +++ b/doc/administration/troubleshooting/gitlab_rails_cheat_sheet.md @@ -25,36 +25,6 @@ mentioned above, we recommend running these scripts under the supervision of a Support Engineer, who can also verify that they will continue to work as they should and, if needed, update the script for the latest version of GitLab. -## Use the Rails Runner - -If the script you want to run is short, you can use the Rails Runner to avoid -entering the rails console in the first place. Here's an example of its use: - -```shell -gitlab-rails runner "RAILS_COMMAND" - -# Example with a 2-line script -gitlab-rails runner "user = User.first; puts user.username" -``` - -## Enable debug logging on rails console - -```ruby -Rails.logger.level = 0 -``` - -## Enable debug logging for ActiveRecord (db issues) - -```ruby -ActiveRecord::Base.logger = Logger.new(STDOUT) -``` - -## Temporarily Disable Timeout - -```ruby -ActiveRecord::Base.connection.execute('SET statement_timeout TO 0') -``` - ## Find specific methods for an object ```ruby @@ -85,12 +55,6 @@ o = Object.where('attribute like ?', 'ex') Rails.cache.instance_variable_get(:@data).keys ``` -## Rails console history - -```ruby -puts Readline::HISTORY.to_a -``` - ## Profile a page ```ruby diff --git a/doc/administration/troubleshooting/img/Okta-SAMLsetup.png b/doc/administration/troubleshooting/img/Okta-SAMLsetup.png Binary files differindex 8171febb5bc..1bd9bf4d7e9 100644 --- a/doc/administration/troubleshooting/img/Okta-SAMLsetup.png +++ b/doc/administration/troubleshooting/img/Okta-SAMLsetup.png diff --git a/doc/administration/troubleshooting/img/Okta-advancedsettings.png b/doc/administration/troubleshooting/img/Okta-advancedsettings.png Binary files differindex 43eb546f238..45e378d1d12 100644 --- a/doc/administration/troubleshooting/img/Okta-advancedsettings.png +++ b/doc/administration/troubleshooting/img/Okta-advancedsettings.png diff --git a/doc/administration/troubleshooting/img/Okta-attributes.png b/doc/administration/troubleshooting/img/Okta-attributes.png Binary files differindex e4a7b33fe55..a3405e4de9b 100644 --- a/doc/administration/troubleshooting/img/Okta-attributes.png +++ b/doc/administration/troubleshooting/img/Okta-attributes.png diff --git a/doc/administration/troubleshooting/img/Okta-linkscert.png b/doc/administration/troubleshooting/img/Okta-linkscert.png Binary files differindex 33e6b3cc53e..38cae415f7e 100644 --- a/doc/administration/troubleshooting/img/Okta-linkscert.png +++ b/doc/administration/troubleshooting/img/Okta-linkscert.png diff --git a/doc/administration/troubleshooting/navigating_gitlab_via_rails_console.md b/doc/administration/troubleshooting/navigating_gitlab_via_rails_console.md index 01c3da80481..b78d5490cd2 100644 --- a/doc/administration/troubleshooting/navigating_gitlab_via_rails_console.md +++ b/doc/administration/troubleshooting/navigating_gitlab_via_rails_console.md @@ -3,7 +3,7 @@ At the heart of GitLab is a web application [built using the Ruby on Rails framework](https://about.gitlab.com/blog/2018/10/29/why-we-use-rails-to-build-gitlab/). Thanks to this, we also get access to the amazing tools built right into Rails. -In this guide, we'll introduce the [Rails console](https://docs.gitlab.com/omnibus/maintenance/#starting-a-rails-console-session) +In this guide, we'll introduce the [Rails console](debug.md#starting-a-rails-console-session) and the basics of interacting with your GitLab instance from the command line. CAUTION: **CAUTION:** diff --git a/doc/administration/troubleshooting/ssl.md b/doc/administration/troubleshooting/ssl.md index 9474126e5c8..475b7d44eac 100644 --- a/doc/administration/troubleshooting/ssl.md +++ b/doc/administration/troubleshooting/ssl.md @@ -23,7 +23,7 @@ After configuring a GitLab instance with an internal CA certificate, you might n More details here: https://curl.haxx.se/docs/sslcerts.html ``` -- Testing via the [rails console](https://docs.gitlab.com/omnibus/maintenance/#starting-a-rails-console-session) also fails: +- Testing via the [rails console](debug.md#starting-a-rails-console-session) also fails: ```ruby uri = URI.parse("https://gitlab.domain.tld") diff --git a/doc/api/groups.md b/doc/api/groups.md index 57c71f1ea50..33a3c2305d5 100644 --- a/doc/api/groups.md +++ b/doc/api/groups.md @@ -552,7 +552,6 @@ PUT /groups/:id | `membership_lock` | boolean | no | **(STARTER)** Prevent adding new members to project membership within this group. | | `share_with_group_lock` | boolean | no | Prevent sharing a project with another group within this group. | | `visibility` | string | no | The visibility level of the group. Can be `private`, `internal`, or `public`. | -| `share_with_group_lock` | boolean | no | Prevent sharing a project with another group within this group. | | `require_two_factor_authentication` | boolean | no | Require all users in this group to setup Two-factor authentication. | | `two_factor_grace_period` | integer | no | Time before Two-factor authentication is enforced (in hours). | | `project_creation_level` | string | no | Determine if developers can create projects in the group. Can be `noone` (No one), `maintainer` (Maintainers), or `developer` (Developers + Maintainers). | diff --git a/doc/api/merge_request_approvals.md b/doc/api/merge_request_approvals.md index 8fee23a74e8..84f5e41496c 100644 --- a/doc/api/merge_request_approvals.md +++ b/doc/api/merge_request_approvals.md @@ -676,7 +676,8 @@ This includes additional information about the users who have already approved } ], "source_rule": null, - "approved": true + "approved": true, + "overridden": false } ] } @@ -753,7 +754,8 @@ GET /projects/:id/merge_requests/:merge_request_iid/approval_rules "ldap_access": null } ], - "contains_hidden_groups": false + "contains_hidden_groups": false, + "overridden": false } ] ``` @@ -837,7 +839,8 @@ will be used. "ldap_access": null } ], - "contains_hidden_groups": false + "contains_hidden_groups": false, + "overridden": false } ``` @@ -921,7 +924,8 @@ These are system generated rules. "ldap_access": null } ], - "contains_hidden_groups": false + "contains_hidden_groups": false, + "overridden": false } ``` diff --git a/doc/api/projects.md b/doc/api/projects.md index 39293b28b79..959b263c301 100644 --- a/doc/api/projects.md +++ b/doc/api/projects.md @@ -970,6 +970,7 @@ GET /projects/:id/users | Attribute | Type | Required | Description | | ------------ | ------------- | -------- | ----------- | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) | | `search` | string | no | Search for specific users | | `skip_users` | integer array | no | Filter out users with the specified IDs | @@ -1515,6 +1516,7 @@ GET /projects/:id/starrers | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) | | `search` | string | no | Search for specific users. | ```shell @@ -1558,6 +1560,10 @@ Get languages used in a project with percentage value. GET /projects/:id/languages ``` +| Attribute | Type | Required | Description | +| --------- | ---- | -------- | ----------- | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) | + ```shell curl --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/5/languages" ``` @@ -2183,6 +2189,7 @@ PUT /projects/:id/transfer | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) | | `namespace` | integer/string | yes | The ID or path of the namespace to transfer to project to | ## Branches diff --git a/doc/ci/img/ecs_dashboard_v12_9.png b/doc/ci/img/ecs_dashboard_v12_9.png Binary files differindex bebd6f7903c..62b85c75ec2 100644 --- a/doc/ci/img/ecs_dashboard_v12_9.png +++ b/doc/ci/img/ecs_dashboard_v12_9.png diff --git a/doc/ci/yaml/README.md b/doc/ci/yaml/README.md index 85a2e91682d..b72cf25282b 100644 --- a/doc/ci/yaml/README.md +++ b/doc/ci/yaml/README.md @@ -2549,7 +2549,7 @@ This example creates four paths of execution: The maximum number of jobs that can be defined within `needs:` defaults to 10, but can be changed to 50 via a feature flag. To change the limit to 50, -[start a Rails console session](https://docs.gitlab.com/omnibus/maintenance/#starting-a-rails-console-session) +[start a Rails console session](../../administration/troubleshooting/debug.md#starting-a-rails-console-session) and run: ```ruby diff --git a/doc/development/pipelines.md b/doc/development/pipelines.md index 8e13c5e7efc..c123722dc4e 100644 --- a/doc/development/pipelines.md +++ b/doc/development/pipelines.md @@ -176,7 +176,7 @@ graph RL; O[coverage-frontend]; N["pages (master only)"]; Q[package-and-qa]; - S["RSpec<br/>(e.g. rspec unit pg9)"] + S["RSpec<br/>(e.g. rspec unit pg10)"] T[retrieve-tests-metadata]; QA["qa:internal, qa:selectors"]; QA2["qa:internal-as-if-foss, qa:selectors-as-if-foss<br/>(EE default refs only)"]; diff --git a/doc/install/aws/img/aws_ha_architecture_diagram.png b/doc/install/aws/img/aws_ha_architecture_diagram.png Binary files differindex b3f4d5b2bd8..e019ed61abf 100644 --- a/doc/install/aws/img/aws_ha_architecture_diagram.png +++ b/doc/install/aws/img/aws_ha_architecture_diagram.png diff --git a/doc/install/aws/index.md b/doc/install/aws/index.md index ee4f759be3a..c2b1198940b 100644 --- a/doc/install/aws/index.md +++ b/doc/install/aws/index.md @@ -315,10 +315,8 @@ persistence and is used for certain types of the GitLab application. 1. Navigate back to the ElastiCache dashboard. 1. Select **Redis** on the left menu and click **Create** to create a new - Redis cluster. Depending on your load, you can choose whether to enable - cluster mode or not. Even without cluster mode on, you still get the - chance to deploy Redis in multi availability zones. In this guide, we chose - not to enable it. + Redis cluster. Do not enable **Cluster Mode** as it is [not supported](../../administration/high_availability/redis.md#provide-your-own-redis-instance-core-only). Even without cluster mode on, you still get the + chance to deploy Redis in multiple availability zones. 1. In the settings section: 1. Give the cluster a name (`gitlab-redis`) and a description. 1. For the version, select the latest of `5.0` series (e.g., `5.0.6`). @@ -383,6 +381,37 @@ EC2 instances running Linux use private key files for SSH authentication. You'll Storing private key files on your bastion host is a bad idea. To get around this, use SSH agent forwarding on your client. See [Securely Connect to Linux Instances Running in a Private Amazon VPC](https://aws.amazon.com/blogs/security/securely-connect-to-linux-instances-running-in-a-private-amazon-vpc/) for a step-by-step guide on how to use SSH agent forwarding. +## Setting up Gitaly + +CAUTION: **Caution:** In this architecture, having a single Gitaly server creates a single point of failure. This limitation will be removed once [Gitaly HA](https://gitlab.com/groups/gitlab-org/-/epics/842) is released. + +Gitaly is a service that provides high-level RPC access to Git repositories. +It should be enabled and configured on a separate EC2 instance in one of the +[private subnets](#subnets) we configured previously. + +Let's create an EC2 instance where we'll install Gitaly: + +1. From the EC2 dashboard, click **Launch instance**. +1. Choose an AMI. In this example, we'll select the **Ubuntu Server 18.04 LTS (HVM), SSD Volume Type**. +1. Choose an instance type. We'll pick a **c5.xlarge**. +1. Click **Configure Instance Details**. + 1. In the **Network** dropdown, select `gitlab-vpc`, the VPC we created earlier. + 1. In the **Subnet** dropdown, select `gitlab-private-10.0.1.0` from the list of subnets we created earlier. + 1. Double check that **Auto-assign Public IP** is set to `Use subnet setting (Disable)`. + 1. Click **Add Storage**. +1. Increase the Root volume size to `20 GiB` and change the **Volume Type** to `Provisoned IOPS SSD (io1)`. (This is an arbitrary size. Create a volume big enough for your repository storage requirements.) + 1. For **IOPS** set `1000` (20 GiB x 50 IOPS). You can provision up to 50 IOPS per GiB. If you select a larger volume, increase the IOPS accordingly. Workloads where many small files are written in a serialized manner, like `git`, requires performant storage, hence the choice of `Provisoned IOPS SSD (io1)`. +1. Click on **Add Tags** and add your tags. In our case, we'll only set `Key: Name` and `Value: Gitaly`. +1. Click on **Configure Security Group** and let's **Create a new security group**. + 1. Give your security group a name and description. We'll use `gitlab-gitaly-sec-group` for both. + 1. Create a **Custom TCP** rule and add port `8075` to the **Port Range**. For the **Source**, select the `gitlab-loadbalancer-sec-group`. +1. Click **Review and launch** followed by **Launch** if you're happy with your settings. +1. Finally, acknowledge that you have access to the selected private key file or create a new one. Click **Launch Instances**. + + > **Optional:** Instead of storing configuration _and_ repository data on the root volume, you can also choose to add an additional EBS volume for repository storage. Follow the same guidance as above. See the [Amazon EBS pricing](https://aws.amazon.com/ebs/pricing/). + +Now that we have our EC2 instance ready, follow the [documentation to install GitLab and set up Gitaly on its own server](../../administration/gitaly/index.md#running-gitaly-on-its-own-server). + ## Deploying GitLab inside an auto scaling group We'll use AWS's wizard to deploy GitLab and then SSH into the instance to @@ -551,37 +580,6 @@ sudo gitlab-ctl status If everything looks good, you should be able to reach GitLab in your browser. -### Setting up Gitaly - -CAUTION: **Caution:** In this architecture, having a single Gitaly server creates a single point of failure. This limitation will be removed once [Gitaly HA](https://gitlab.com/groups/gitlab-org/-/epics/842) is released. - -Gitaly is a service that provides high-level RPC access to Git repositories. -It should be enabled and configured on a separate EC2 instance in one of the -[private subnets](#subnets) we configured previously. - -Let's create an EC2 instance where we'll install Gitaly: - -1. From the EC2 dashboard, click **Launch instance**. -1. Choose an AMI. In this example, we'll select the **Ubuntu Server 18.04 LTS (HVM), SSD Volume Type**. -1. Choose an instance type. We'll pick a **c5.xlarge**. -1. Click **Configure Instance Details**. - 1. In the **Network** dropdown, select `gitlab-vpc`, the VPC we created earlier. - 1. In the **Subnet** dropdown, select `gitlab-private-10.0.1.0` from the list of subnets we created earlier. - 1. Double check that **Auto-assign Public IP** is set to `Use subnet setting (Disable)`. - 1. Click **Add Storage**. -1. Increase the Root volume size to `20 GiB` and change the **Volume Type** to `Provisoned IOPS SSD (io1)`. (This is an arbitrary size. Create a volume big enough for your repository storage requirements.) - 1. For **IOPS** set `1000` (20 GiB x 50 IOPS). You can provision up to 50 IOPS per GiB. If you select a larger volume, increase the IOPS accordingly. Workloads where many small files are written in a serialized manner, like `git`, requires performant storage, hence the choice of `Provisoned IOPS SSD (io1)`. -1. Click on **Add Tags** and add your tags. In our case, we'll only set `Key: Name` and `Value: Gitaly`. -1. Click on **Configure Security Group** and let's **Create a new security group**. - 1. Give your security group a name and description. We'll use `gitlab-gitaly-sec-group` for both. - 1. Create a **Custom TCP** rule and add port `8075` to the **Port Range**. For the **Source**, select the `gitlab-loadbalancer-sec-group`. -1. Click **Review and launch** followed by **Launch** if you're happy with your settings. -1. Finally, acknowledge that you have access to the selected private key file or create a new one. Click **Launch Instances**. - - > **Optional:** Instead of storing configuration _and_ repository data on the root volume, you can also choose to add an additional EBS volume for repository storage. Follow the same guidance as above. See the [Amazon EBS pricing](https://aws.amazon.com/ebs/pricing/). - -Now that we have our EC2 instance ready, follow the [documentation to install GitLab and set up Gitaly on its own server](../../administration/gitaly/index.md#running-gitaly-on-its-own-server). - ### Using Amazon S3 object storage GitLab stores many objects outside the Git repository, many of which can be diff --git a/doc/integration/github.md b/doc/integration/github.md index f95159731aa..c957fc24eb8 100644 --- a/doc/integration/github.md +++ b/doc/integration/github.md @@ -151,7 +151,7 @@ via Omnibus, or [restart GitLab] if you installed from source. Check the [`production.log`](../administration/logs.md#productionlog) on your GitLab server to obtain further details. If you are getting the error like `Faraday::ConnectionFailed (execution expired)` in the log, there may be a connectivity issue -between your GitLab instance and GitHub Enterprise. To verify it, [start the rails console](https://docs.gitlab.com/omnibus/maintenance/#starting-a-rails-console-session) +between your GitLab instance and GitHub Enterprise. To verify it, [start the rails console](../administration/troubleshooting/debug.md#starting-a-rails-console-session) and run the commands below replacing `<github_url>` with the URL of your GitHub Enterprise instance: ```ruby diff --git a/doc/raketasks/import.md b/doc/raketasks/import.md index 09d919d0120..cda742b6077 100644 --- a/doc/raketasks/import.md +++ b/doc/raketasks/import.md @@ -125,7 +125,7 @@ There is an [open issue to add a migration to make all bare repositories importable](https://gitlab.com/gitlab-org/gitlab-foss/issues/41776). Until then, you may wish to manually migrate repositories yourself. You can use -[Rails console](https://docs.gitlab.com/omnibus/maintenance/#starting-a-rails-console-session) +[Rails console](../administration/troubleshooting/debug.md#starting-a-rails-console-session) to do so. In a Rails console session, run the following to migrate a project: ```ruby diff --git a/doc/update/README.md b/doc/update/README.md index a72e0e1e6ae..c7be3f3cb2b 100644 --- a/doc/update/README.md +++ b/doc/update/README.md @@ -122,7 +122,7 @@ If using GitLab 12.9 and newer, run: sudo gitlab-rails runner -e production 'puts Gitlab::BackgroundMigration.remaining' ``` -If using GitLab 12.8 and older, run the following using a [Rails console](../administration/troubleshooting/debug.md#starting-a-rails-console): +If using GitLab 12.8 and older, run the following using a [Rails console](../administration/troubleshooting/debug.md#starting-a-rails-console-session): ```ruby puts Sidekiq::Queue.new("background_migration").size @@ -140,7 +140,7 @@ cd /home/git/gitlab sudo -u git -H bundle exec rails runner -e production 'puts Gitlab::BackgroundMigration.remaining' ``` -If using GitLab 12.8 and older, run the following using a [Rails console](../administration/troubleshooting/debug.md#starting-a-rails-console): +If using GitLab 12.8 and older, run the following using a [Rails console](../administration/troubleshooting/debug.md#starting-a-rails-console-session): ```ruby puts Sidekiq::Queue.new("background_migration").size diff --git a/doc/user/admin_area/img/broadcast_messages_banner_v12_10.png b/doc/user/admin_area/img/broadcast_messages_banner_v12_10.png Binary files differindex f3c468d158e..2e893476bc6 100644 --- a/doc/user/admin_area/img/broadcast_messages_banner_v12_10.png +++ b/doc/user/admin_area/img/broadcast_messages_banner_v12_10.png diff --git a/doc/user/admin_area/img/broadcast_messages_notification_v12_10.png b/doc/user/admin_area/img/broadcast_messages_notification_v12_10.png Binary files differindex 98ea48ccd3c..fb03748c892 100644 --- a/doc/user/admin_area/img/broadcast_messages_notification_v12_10.png +++ b/doc/user/admin_area/img/broadcast_messages_notification_v12_10.png diff --git a/doc/user/analytics/img/label_based_stage_vsm_v12_9.png b/doc/user/analytics/img/label_based_stage_vsm_v12_9.png Binary files differindex f1cbd9e1a8e..84ce33aece5 100644 --- a/doc/user/analytics/img/label_based_stage_vsm_v12_9.png +++ b/doc/user/analytics/img/label_based_stage_vsm_v12_9.png diff --git a/doc/user/analytics/img/vsm_stage_list_v12_9.png b/doc/user/analytics/img/vsm_stage_list_v12_9.png Binary files differindex 3775cdeddb4..3b50dd48543 100644 --- a/doc/user/analytics/img/vsm_stage_list_v12_9.png +++ b/doc/user/analytics/img/vsm_stage_list_v12_9.png diff --git a/doc/user/application_security/container_scanning/img/container_scanning_v12_9.png b/doc/user/application_security/container_scanning/img/container_scanning_v12_9.png Binary files differindex dd96fc7aacb..13cacc6a489 100644 --- a/doc/user/application_security/container_scanning/img/container_scanning_v12_9.png +++ b/doc/user/application_security/container_scanning/img/container_scanning_v12_9.png diff --git a/doc/user/application_security/dast/img/dast_all_v12_9.png b/doc/user/application_security/dast/img/dast_all_v12_9.png Binary files differindex 9871d1e6a43..548cea3f7f9 100644 --- a/doc/user/application_security/dast/img/dast_all_v12_9.png +++ b/doc/user/application_security/dast/img/dast_all_v12_9.png diff --git a/doc/user/application_security/dependency_scanning/index.md b/doc/user/application_security/dependency_scanning/index.md index b4fdf307d8b..c83e69ed6c4 100644 --- a/doc/user/application_security/dependency_scanning/index.md +++ b/doc/user/application_security/dependency_scanning/index.md @@ -160,6 +160,7 @@ The following variables are used for configuring specific analyzers (used for a | `GEMNASIUM_DB_LOCAL_PATH` | `gemnasium` | `/gemnasium-db` | Path to local gemnasium database. | | `GEMNASIUM_DB_REMOTE_URL` | `gemnasium` | `https://gitlab.com/gitlab-org/security-products/gemnasium-db.git` | Repository URL for fetching the gemnasium database. | | `GEMNASIUM_DB_REF_NAME` | `gemnasium` | `master` | Branch name for remote repository database. `GEMNASIUM_DB_REMOTE_URL` is required. | +| `DS_REMEDIATE` | `gemnasium` | `"true"` | Enable automatic remediation of vulnerable dependencies. | | `PIP_INDEX_URL` | `gemnasium-python` | `https://pypi.org/simple` | Base URL of Python Package Index. | | `PIP_EXTRA_INDEX_URL` | `gemnasium-python` | | Array of [extra URLs](https://pip.pypa.io/en/stable/reference/pip_install/#cmdoption-extra-index-url) of package indexes to use in addition to `PIP_INDEX_URL`. Comma separated. | | `PIP_REQUIREMENTS_FILE` | `gemnasium-python` | | Pip requirements file to be scanned. | @@ -167,7 +168,7 @@ The following variables are used for configuring specific analyzers (used for a | `DS_PIP_DEPENDENCY_PATH` | `gemnasium-python` | | Path to load Python pip dependencies from. ([Introduced](https://gitlab.com/gitlab-org/gitlab/issues/12412) in GitLab 12.2) | | `DS_PYTHON_VERSION` | `retire.js` | | Version of Python. If set to 2, dependencies are installed using Python 2.7 instead of Python 3.6. ([Introduced](https://gitlab.com/gitlab-org/gitlab/issues/12296) in GitLab 12.1)| | `MAVEN_CLI_OPTS` | `gemnasium-maven` | `"-DskipTests --batch-mode"` | List of command line arguments that will be passed to `maven` by the analyzer. See an example for [using private repos](#using-private-maven-repos). | -| `BUNDLER_AUDIT_UPDATE_DISABLED` | `bundler-audit` | `false` | Disable automatic updates for the `bundler-audit` analyzer. Useful if you're running Dependency Scanning in an offline environment. | +| `BUNDLER_AUDIT_UPDATE_DISABLED` | `bundler-audit` | `"false"` | Disable automatic updates for the `bundler-audit` analyzer. Useful if you're running Dependency Scanning in an offline, air-gapped environment.| | `BUNDLER_AUDIT_ADVISORY_DB_URL` | `bundler-audit` | `https://github.com/rubysec/ruby-advisory-db` | URL of the advisory database used by bundler-audit. | | `BUNDLER_AUDIT_ADVISORY_DB_REF_NAME` | `bundler-audit` | `master` | Git ref for the advisory database specified by `BUNDLER_AUDIT_ADVISORY_DB_URL`. | | `RETIREJS_JS_ADVISORY_DB` | `retire.js` | `https://raw.githubusercontent.com/RetireJS/retire.js/master/repository/jsrepository.json` | Path or URL to Retire.js js vulnerability data file. | diff --git a/doc/user/application_security/img/multi_select_v12_9.png b/doc/user/application_security/img/multi_select_v12_9.png Binary files differindex b2b171e13d0..ec3648bff08 100644 --- a/doc/user/application_security/img/multi_select_v12_9.png +++ b/doc/user/application_security/img/multi_select_v12_9.png diff --git a/doc/user/application_security/sast/img/sast_v12_9.png b/doc/user/application_security/sast/img/sast_v12_9.png Binary files differindex 91f4b8a8e2e..3c6ee7a276b 100644 --- a/doc/user/application_security/sast/img/sast_v12_9.png +++ b/doc/user/application_security/sast/img/sast_v12_9.png diff --git a/doc/user/application_security/threat_monitoring/index.md b/doc/user/application_security/threat_monitoring/index.md index 07427af7c7d..3a3e2b36133 100644 --- a/doc/user/application_security/threat_monitoring/index.md +++ b/doc/user/application_security/threat_monitoring/index.md @@ -13,6 +13,7 @@ navigating to your project's **Security & Compliance > Threat Monitoring** page. GitLab supports statistics for the following security features: - [Web Application Firewall](../../clusters/applications.md#web-application-firewall-modsecurity) +- [Container Network Policies](../../../topics/autodevops/index.md#network-policy) ## Web Application Firewall @@ -38,3 +39,38 @@ about your Ingress traffic: If a significant percentage of traffic is anomalous, you should investigate it for potential threats by [examining the application logs](../../clusters/applications.md#web-application-firewall-modsecurity). + +## Container Network Policy + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/issues/32365) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 12.9. + +The **Container Network Policy** section provides packet flow metrics for +your application's Kubernetes namespace. This section has the following +prerequisites: + +- Your project contains at least one [environment](../../../ci/environments.md) +- You've [installed Cilium](../../clusters/applications.md#install-cilium-using-gitlab-cicd) +- You've configured the [Prometheus service](../../project/integrations/prometheus.md#enabling-prometheus-integration) + +If you're using custom Helm values for Cilium, you must enable Hubble +with flow metrics for each namespace by adding the following lines to +your [Hubble values](../../clusters/applications.md#install-cilium-using-gitlab-cicd): + +```yaml +metrics: + enabled: + - 'flow:sourceContext=namespace;destinationContext=namespace' +``` + +The **Container Network Policy** section displays the following information +about your packet flow: + +- The total amount of the inbound and outbound packets +- The proportion of packets dropped according to the configured + policies +- The per-second average rate of the forwarded and dropped packets + accumulated over time window for the requested time interval + +If a significant percentage of packets is dropped, you should +investigate it for potential threats by +[examining the Cilium logs](../../clusters/applications.md#install-cilium-using-gitlab-cicd). diff --git a/doc/user/clusters/applications.md b/doc/user/clusters/applications.md index 0aff09910d2..08ac82ed781 100644 --- a/doc/user/clusters/applications.md +++ b/doc/user/clusters/applications.md @@ -825,6 +825,28 @@ agent: enabled: false ``` +The [Hubble](https://github.com/cilium/hubble) monitoring daemon is +enabled by default and it's set to collect per namespace flow +metrics. This metrics are accessible on the [Threat Monitoring](../application_security/threat_monitoring/index.md) +dashboard. You can disable Hubble by adding the following to +`.gitlab/managed-apps/config.yaml`: + +```yaml +cilium: + installed: true + hubble: + installed: false +``` + +You can also adjust Helm values for Hubble via +`.gitlab/managed-apps/cilium/hubble-values.yaml`: + +```yaml +metrics: + enabled: + - 'flow:sourceContext=namespace;destinationContext=namespace' +``` + ### Install Vault using GitLab CI/CD > [Introduced](https://gitlab.com/gitlab-org/gitlab/issues/9982) in GitLab 12.9. diff --git a/doc/user/compliance/license_compliance/img/policies_maintainer_add_v12_9.png b/doc/user/compliance/license_compliance/img/policies_maintainer_add_v12_9.png Binary files differindex 6dc7d3a0924..ad5a49eebe5 100644 --- a/doc/user/compliance/license_compliance/img/policies_maintainer_add_v12_9.png +++ b/doc/user/compliance/license_compliance/img/policies_maintainer_add_v12_9.png diff --git a/doc/user/compliance/license_compliance/img/policies_maintainer_edit_v12_9.png b/doc/user/compliance/license_compliance/img/policies_maintainer_edit_v12_9.png Binary files differindex 31abbcf2d44..4f2380a0bf6 100644 --- a/doc/user/compliance/license_compliance/img/policies_maintainer_edit_v12_9.png +++ b/doc/user/compliance/license_compliance/img/policies_maintainer_edit_v12_9.png diff --git a/doc/user/compliance/license_compliance/img/policies_v12_9.png b/doc/user/compliance/license_compliance/img/policies_v12_9.png Binary files differindex 6c6247320dc..b3bca716ae5 100644 --- a/doc/user/compliance/license_compliance/img/policies_v12_9.png +++ b/doc/user/compliance/license_compliance/img/policies_v12_9.png diff --git a/doc/user/group/roadmap/img/roadmap_view_v12_10.png b/doc/user/group/roadmap/img/roadmap_view_v12_10.png Binary files differindex 7fc888ec2ca..69579fd1c1e 100644 --- a/doc/user/group/roadmap/img/roadmap_view_v12_10.png +++ b/doc/user/group/roadmap/img/roadmap_view_v12_10.png diff --git a/doc/user/packages/container_registry/img/container_registry_group_repositories_v12_10.png b/doc/user/packages/container_registry/img/container_registry_group_repositories_v12_10.png Binary files differnew file mode 100644 index 00000000000..e2b606d024f --- /dev/null +++ b/doc/user/packages/container_registry/img/container_registry_group_repositories_v12_10.png diff --git a/doc/user/packages/container_registry/img/container_registry_repositories_with_quickstart_v12_10.png b/doc/user/packages/container_registry/img/container_registry_repositories_with_quickstart_v12_10.png Binary files differnew file mode 100644 index 00000000000..e94aab58a1d --- /dev/null +++ b/doc/user/packages/container_registry/img/container_registry_repositories_with_quickstart_v12_10.png diff --git a/doc/user/packages/container_registry/img/container_registry_repository_details_v12.10.png b/doc/user/packages/container_registry/img/container_registry_repository_details_v12.10.png Binary files differnew file mode 100644 index 00000000000..b911ffea935 --- /dev/null +++ b/doc/user/packages/container_registry/img/container_registry_repository_details_v12.10.png diff --git a/doc/user/packages/container_registry/index.md b/doc/user/packages/container_registry/index.md index 37072eea39e..f5b8bd82a2b 100644 --- a/doc/user/packages/container_registry/index.md +++ b/doc/user/packages/container_registry/index.md @@ -7,6 +7,7 @@ > to pass a [personal access token](../../profile/personal_access_tokens.md) instead of your password in order to > login to GitLab's Container Registry. > - Multiple level image names support was added in GitLab 9.1. +> - The group level Container Registry was [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/23315) in GitLab 12.10. NOTE: **Note:** This document is the user guide. To learn how to enable GitLab Container @@ -47,11 +48,51 @@ project: ## Control Container Registry from within GitLab -GitLab offers a simple Container Registry management panel. Go to your project -and click **Packages > Container Registry** in the project menu. +GitLab offers a simple Container Registry management panel. This management panel is available +for both projects and groups. -This view will show you all Docker images in your project and will easily allow you to -delete them. +### Control Container Registry for your project + +Navigate to your project's **{package}** **Packages > Container Registry**. + + + +This view will: + +- Show all the image repositories that belong to the project. +- Allow you to [delete](#delete-images-from-within-gitlab) one or more image repository. +- Allow you to navigate to the image repository details page. +- Show a **Quick start** dropdown with the most common commands to log in, build and push +- Optionally, a banner will be visible if the [expiration policy](#expiration-policy) is enabled for this project. + +### Control Container Registry for your group + +Navigate to your groups's **{package}** **Packages > Container Registry**. + + + +This view will: + +- Show all the image repositories of the projects that belong to this group. +- Allow to [delete](#delete-images-from-within-gitlab) one or more image repositories. +- Allow to navigate to a specific image repository details page. + +### Image Repository details page + +Clicking on the name of any image repository will navigate to the details. + + + +NOTE: **Note:** +The following page has the same functionalities both in the **Group level container registry** +and in the **Project level container registry**. + +This view: + +- Shows all the image repository details. +- Shows all the tags of the image repository. +- Allows you to quickly copy the tag path (by clicking on the clipboard button near the tag name). +- Allows you to [delete one or more tags](#delete-images-from-within-gitlab). ## Use images from GitLab Container Registry diff --git a/doc/user/packages/nuget_repository/index.md b/doc/user/packages/nuget_repository/index.md index 15772d1303d..ed936b546d2 100644 --- a/doc/user/packages/nuget_repository/index.md +++ b/doc/user/packages/nuget_repository/index.md @@ -18,7 +18,7 @@ NuGet CLI is probably already installed. Alternatively, you can use [.NET SDK 3.0 or later](https://dotnet.microsoft.com/download/dotnet-core/3.0), which installs NuGet CLI. -You can confirm that [nuget CLI](https://www.nuget.org/) is properly installed with: +You can confirm that [NuGet CLI](https://www.nuget.org/) is properly installed with: ```shell nuget help @@ -36,6 +36,18 @@ Available commands: [output truncated] ``` +### macOS support + +For macOS, you can also use [Mono](https://www.mono-project.com/) to run +the NuGet CLI. For Homebrew users, run `brew install mono` to install +Mono. Then you should be able to download the Windows C# binary +`nuget.exe` from the [NuGet CLI page](https://www.nuget.org/downloads) +and run: + +```shell +mono nuget.exe +``` + ## Enabling the NuGet Repository NOTE: **Note:** diff --git a/doc/user/project/issues/img/csv_export_button_v12_9.png b/doc/user/project/issues/img/csv_export_button_v12_9.png Binary files differindex 88083cacbfb..702b6439d7c 100644 --- a/doc/user/project/issues/img/csv_export_button_v12_9.png +++ b/doc/user/project/issues/img/csv_export_button_v12_9.png diff --git a/doc/user/project/issues/img/design_drag_and_drop_uploads_v12_9.png b/doc/user/project/issues/img/design_drag_and_drop_uploads_v12_9.png Binary files differindex 61ce3692808..6680c792063 100644 --- a/doc/user/project/issues/img/design_drag_and_drop_uploads_v12_9.png +++ b/doc/user/project/issues/img/design_drag_and_drop_uploads_v12_9.png diff --git a/doc/user/project/issues/img/issue_health_status_v12_10.png b/doc/user/project/issues/img/issue_health_status_v12_10.png Binary files differindex bcd6af144fb..dd6becbb970 100644 --- a/doc/user/project/issues/img/issue_health_status_v12_10.png +++ b/doc/user/project/issues/img/issue_health_status_v12_10.png diff --git a/doc/user/project/merge_requests/img/test_coverage_visualization_v12_9.png b/doc/user/project/merge_requests/img/test_coverage_visualization_v12_9.png Binary files differindex c2cd28adc95..1922a566dd5 100644 --- a/doc/user/project/merge_requests/img/test_coverage_visualization_v12_9.png +++ b/doc/user/project/merge_requests/img/test_coverage_visualization_v12_9.png diff --git a/doc/user/project/pages/img/change_path_v12_10.png b/doc/user/project/pages/img/change_path_v12_10.png Binary files differindex 79c6432707a..7ca09bd21a3 100644 --- a/doc/user/project/pages/img/change_path_v12_10.png +++ b/doc/user/project/pages/img/change_path_v12_10.png diff --git a/doc/user/project/web_ide/img/commit_changes_v12_9.png b/doc/user/project/web_ide/img/commit_changes_v12_9.png Binary files differindex 48491360626..d26c9cc82e1 100644 --- a/doc/user/project/web_ide/img/commit_changes_v12_9.png +++ b/doc/user/project/web_ide/img/commit_changes_v12_9.png diff --git a/lib/gitlab/metrics/requests_rack_middleware.rb b/lib/gitlab/metrics/requests_rack_middleware.rb index b57f9a19f8e..15db3999fa4 100644 --- a/lib/gitlab/metrics/requests_rack_middleware.rb +++ b/lib/gitlab/metrics/requests_rack_middleware.rb @@ -15,6 +15,8 @@ module Gitlab "report" => %w(404) }.freeze + HEALTH_ENDPOINT = /^\/-\/(liveness|readiness|health|metrics)\/?$/.freeze + def initialize(app) @app = app end @@ -32,6 +34,10 @@ module Gitlab {}, [0.05, 0.1, 0.25, 0.5, 0.7, 1, 2.5, 5, 10, 25]) end + def self.http_health_requests_total + @http_health_requests_total ||= ::Gitlab::Metrics.counter(:http_health_requests_total, 'Health endpoint request count') + end + def self.initialize_http_request_duration_seconds HTTP_METHODS.each do |method, statuses| statuses.each do |status| @@ -43,8 +49,13 @@ module Gitlab def call(env) method = env['REQUEST_METHOD'].downcase started = Time.now.to_f + begin - RequestsRackMiddleware.http_request_total.increment(method: method) + if health_endpoint?(env['PATH_INFO']) + RequestsRackMiddleware.http_health_requests_total.increment(method: method) + else + RequestsRackMiddleware.http_request_total.increment(method: method) + end status, headers, body = @app.call(env) @@ -57,6 +68,12 @@ module Gitlab raise end end + + def health_endpoint?(path) + return false if path.blank? + + HEALTH_ENDPOINT.match?(CGI.unescape(path)) + end end end end diff --git a/locale/gitlab.pot b/locale/gitlab.pot index 8c6a1f54b9c..917e2226982 100644 --- a/locale/gitlab.pot +++ b/locale/gitlab.pot @@ -21969,6 +21969,9 @@ msgstr "" msgid "UsageQuota|Usage of group resources across the projects in the %{strong_start}%{group_name}%{strong_end} group" msgstr "" +msgid "UsageQuota|Usage of resources across your projects" +msgstr "" + msgid "UsageQuota|Usage since" msgstr "" diff --git a/package.json b/package.json index 56356002bd3..33938ac5469 100644 --- a/package.json +++ b/package.json @@ -40,7 +40,7 @@ "@babel/preset-env": "^7.8.4", "@gitlab/at.js": "1.5.5", "@gitlab/svgs": "1.117.0", - "@gitlab/ui": "11.0.1", + "@gitlab/ui": "11.0.3", "@gitlab/visual-review-tools": "1.5.1", "@sentry/browser": "^5.10.2", "@sourcegraph/code-host-integration": "0.0.34", diff --git a/spec/features/projects/files/template_type_dropdown_spec.rb b/spec/features/projects/files/template_type_dropdown_spec.rb index 03b4b9b4517..5ea0b9b015f 100644 --- a/spec/features/projects/files/template_type_dropdown_spec.rb +++ b/spec/features/projects/files/template_type_dropdown_spec.rb @@ -40,10 +40,6 @@ describe 'Projects > Files > Template type dropdown selector', :js do check_type_selector_display(true) end - it 'is displayed when input matches' do - check_type_selector_display(true) - end - it 'selects every template type correctly' do try_selecting_all_types end diff --git a/spec/frontend/api_spec.js b/spec/frontend/api_spec.js index 179aa3a49d7..fdefa16ac19 100644 --- a/spec/frontend/api_spec.js +++ b/spec/frontend/api_spec.js @@ -631,4 +631,32 @@ describe('Api', () => { }); }); }); + + describe('getRawFile', () => { + const dummyProjectPath = 'gitlab-org/gitlab'; + const dummyFilePath = 'doc/CONTRIBUTING.md'; + const expectedUrl = `${dummyUrlRoot}/api/${dummyApiVersion}/projects/${encodeURIComponent( + dummyProjectPath, + )}/repository/files/${encodeURIComponent(dummyFilePath)}/raw`; + + describe('when the raw file is successfully fetched', () => { + it('resolves the Promise', () => { + mock.onGet(expectedUrl).replyOnce(200); + + return Api.getRawFile(dummyProjectPath, dummyFilePath).then(() => { + expect(mock.history.get).toHaveLength(1); + }); + }); + }); + + describe('when an error occurs while getting a raw file', () => { + it('rejects the Promise', () => { + mock.onDelete(expectedUrl).replyOnce(500); + + return Api.getRawFile(dummyProjectPath, dummyFilePath).catch(() => { + expect(mock.history.get).toHaveLength(1); + }); + }); + }); + }); }); diff --git a/spec/frontend/static_site_editor/mock_data.js b/spec/frontend/static_site_editor/mock_data.js new file mode 100644 index 00000000000..0b2a69420d8 --- /dev/null +++ b/spec/frontend/static_site_editor/mock_data.js @@ -0,0 +1,18 @@ +export const sourceContent = ` +--- +layout: handbook-page-toc +title: Handbook +twitter_image: '/images/tweets/handbook-gitlab.png' +--- + +## On this page +{:.no_toc .hidden-md .hidden-lg} + +- TOC +{:toc .hidden-md .hidden-lg} +`; + +export const sourceContentTitle = 'Handbook'; + +export const projectId = '123456'; +export const sourcePath = 'foobar.md.html'; diff --git a/spec/frontend/static_site_editor/services/load_source_content_spec.js b/spec/frontend/static_site_editor/services/load_source_content_spec.js new file mode 100644 index 00000000000..87893bb7a6e --- /dev/null +++ b/spec/frontend/static_site_editor/services/load_source_content_spec.js @@ -0,0 +1,31 @@ +import Api from '~/api'; + +import loadSourceContent from '~/static_site_editor/services/load_source_content'; + +import { sourceContent, sourceContentTitle, projectId, sourcePath } from '../mock_data'; + +describe('loadSourceContent', () => { + describe('requesting source content succeeds', () => { + let result; + + beforeEach(() => { + jest.spyOn(Api, 'getRawFile').mockResolvedValue({ data: sourceContent }); + + return loadSourceContent({ projectId, sourcePath }).then(_result => { + result = _result; + }); + }); + + it('calls getRawFile API with project id and source path', () => { + expect(Api.getRawFile).toHaveBeenCalledWith(projectId, sourcePath); + }); + + it('extracts page title from source content', () => { + expect(result.title).toBe(sourceContentTitle); + }); + + it('returns raw content', () => { + expect(result.content).toBe(sourceContent); + }); + }); +}); diff --git a/spec/graphql/resolvers/projects/jira_imports_resolver_spec.rb b/spec/graphql/resolvers/projects/jira_imports_resolver_spec.rb index 54d51292919..a5f17acce91 100644 --- a/spec/graphql/resolvers/projects/jira_imports_resolver_spec.rb +++ b/spec/graphql/resolvers/projects/jira_imports_resolver_spec.rb @@ -14,6 +14,16 @@ describe Resolvers::Projects::JiraImportsResolver do data end + context 'when feature flag disabled' do + let_it_be(:project) { create(:project, :private, import_data: jira_import_data) } + + before do + stub_feature_flags(jira_issue_import: false) + end + + it_behaves_like 'no jira import access' + end + context 'when project does not have Jira import data' do let_it_be(:project) { create(:project, :private, import_data: nil) } diff --git a/spec/lib/gitlab/metrics/requests_rack_middleware_spec.rb b/spec/lib/gitlab/metrics/requests_rack_middleware_spec.rb index 1fc6fdcf622..6ee8acbf6fd 100644 --- a/spec/lib/gitlab/metrics/requests_rack_middleware_spec.rb +++ b/spec/lib/gitlab/metrics/requests_rack_middleware_spec.rb @@ -36,6 +36,74 @@ describe Gitlab::Metrics::RequestsRackMiddleware do Timecop.scale(3600) { subject.call(env) } end + + context 'request is a health check endpoint' do + it 'increments health endpoint counter' do + env['PATH_INFO'] = '/-/liveness' + + expect(described_class).to receive_message_chain(:http_health_requests_total, :increment).with(method: 'get') + + subject.call(env) + end + + context 'with trailing slash' do + before do + env['PATH_INFO'] = '/-/liveness/' + end + + it 'increments health endpoint counter' do + expect(described_class).to receive_message_chain(:http_health_requests_total, :increment).with(method: 'get') + + subject.call(env) + end + end + + context 'with percent encoded values' do + before do + env['PATH_INFO'] = '/-/%6D%65%74%72%69%63%73' # /-/metrics + end + + it 'increments health endpoint counter' do + expect(described_class).to receive_message_chain(:http_health_requests_total, :increment).with(method: 'get') + + subject.call(env) + end + end + end + + context 'request is not a health check endpoint' do + it 'does not increment health endpoint counter' do + env['PATH_INFO'] = '/-/ordinary-requests' + + expect(described_class).not_to receive(:http_health_requests_total) + + subject.call(env) + end + + context 'path info is a root path' do + before do + env['PATH_INFO'] = '/-/' + end + + it 'does not increment health endpoint counter' do + expect(described_class).not_to receive(:http_health_requests_total) + + subject.call(env) + end + end + + context 'path info is a subpath' do + before do + env['PATH_INFO'] = '/-/health/subpath' + end + + it 'does not increment health endpoint counter' do + expect(described_class).not_to receive(:http_health_requests_total) + + subject.call(env) + end + end + end end context '@app.call throws exception' do diff --git a/spec/models/user_spec.rb b/spec/models/user_spec.rb index e69d4e18c1e..679f4a19f5b 100644 --- a/spec/models/user_spec.rb +++ b/spec/models/user_spec.rb @@ -28,7 +28,6 @@ describe User, :do_not_mock_admin_mode do describe 'associations' do it { is_expected.to have_one(:namespace) } it { is_expected.to have_one(:status) } - it { is_expected.to have_one(:max_access_level_membership) } it { is_expected.to have_one(:user_detail) } it { is_expected.to have_one(:user_highest_role) } it { is_expected.to have_many(:snippets).dependent(:destroy) } @@ -1000,91 +999,42 @@ describe User, :do_not_mock_admin_mode do end describe '#highest_role' do - let(:user) { create(:user) } - let(:group) { create(:group) } - - context 'with association :max_access_level_membership' do - let(:another_user) { create(:user) } - - before do - create(:project, group: group) do |project| - group.add_user(user, GroupMember::GUEST) - group.add_user(another_user, GroupMember::DEVELOPER) - end - - create(:project, group: create(:group)) do |project| - project.add_guest(another_user) - end - - create(:project, group: create(:group)) do |project| - project.add_maintainer(user) - end - end - - it 'returns the correct highest role' do - users = User.includes(:max_access_level_membership).where(id: [user.id, another_user.id]) - - expect(users.collect { |u| [u.id, u.highest_role] }).to contain_exactly( - [user.id, Gitlab::Access::MAINTAINER], - [another_user.id, Gitlab::Access::DEVELOPER] - ) - end - end - - it 'returns NO_ACCESS if none has been set' do - expect(user.highest_role).to eq(Gitlab::Access::NO_ACCESS) - end - - it 'returns MAINTAINER if user is maintainer of a project' do - create(:project, group: group) do |project| - project.add_maintainer(user) - end - - expect(user.highest_role).to eq(Gitlab::Access::MAINTAINER) - end + let_it_be(:user) { create(:user) } - it 'returns the highest role if user is member of multiple projects' do - create(:project, group: group) do |project| - project.add_maintainer(user) + context 'when user_highest_role does not exist' do + it 'returns NO_ACCESS' do + expect(user.highest_role).to eq(Gitlab::Access::NO_ACCESS) end - - create(:project, group: group) do |project| - project.add_developer(user) - end - - expect(user.highest_role).to eq(Gitlab::Access::MAINTAINER) end - it 'returns MAINTAINER if user is maintainer of a group' do - create(:group) do |group| - group.add_user(user, GroupMember::MAINTAINER) - end - - expect(user.highest_role).to eq(Gitlab::Access::MAINTAINER) - end + context 'when user_highest_role exists' do + context 'stored highest access level is nil' do + it 'returns Gitlab::Access::NO_ACCESS' do + create(:user_highest_role, user: user) - it 'returns the highest role if user is member of multiple groups' do - create(:group) do |group| - group.add_user(user, GroupMember::MAINTAINER) + expect(user.highest_role).to eq(Gitlab::Access::NO_ACCESS) + end end - create(:group) do |group| - group.add_user(user, GroupMember::DEVELOPER) - end + context 'stored highest access level present' do + context 'with association :user_highest_role' do + let(:another_user) { create(:user) } - expect(user.highest_role).to eq(Gitlab::Access::MAINTAINER) - end + before do + create(:user_highest_role, :maintainer, user: user) + create(:user_highest_role, :developer, user: another_user) + end - it 'returns the highest role if user is member of multiple groups and projects' do - create(:group) do |group| - group.add_user(user, GroupMember::DEVELOPER) - end + it 'returns the correct highest role' do + users = User.includes(:user_highest_role).where(id: [user.id, another_user.id]) - create(:project, group: group) do |project| - project.add_maintainer(user) + expect(users.collect { |u| [u.id, u.highest_role] }).to contain_exactly( + [user.id, Gitlab::Access::MAINTAINER], + [another_user.id, Gitlab::Access::DEVELOPER] + ) + end + end end - - expect(user.highest_role).to eq(Gitlab::Access::MAINTAINER) end end diff --git a/spec/routing/project_routing_spec.rb b/spec/routing/project_routing_spec.rb index 1a43342d278..0272d269aa4 100644 --- a/spec/routing/project_routing_spec.rb +++ b/spec/routing/project_routing_spec.rb @@ -802,7 +802,7 @@ describe 'project routing' do # TODO: remove this test as part of https://gitlab.com/gitlab-org/gitlab/issues/207079 (12.9) it 'to ci_cd#create_deploy_token' do - expect(post('gitlab/gitlabhq/-/settings/repository/deploy_token/create')).to route_to('projects/settings/ci_cd#create_deploy_token', namespace_id: 'gitlab', project_id: 'gitlabhq') + expect(post('gitlab/gitlabhq/-/settings/ci_cd/deploy_token/create')).to route_to('projects/settings/ci_cd#create_deploy_token', namespace_id: 'gitlab', project_id: 'gitlabhq') end end diff --git a/spec/support/shared_examples/models/concerns/has_repository_shared_examples.rb b/spec/support/shared_examples/models/concerns/has_repository_shared_examples.rb index 5a5d7c8f038..368ec0694fd 100644 --- a/spec/support/shared_examples/models/concerns/has_repository_shared_examples.rb +++ b/spec/support/shared_examples/models/concerns/has_repository_shared_examples.rb @@ -167,6 +167,7 @@ RSpec.shared_examples 'model with repository' do describe 'Respond to' do it { is_expected.to respond_to(:base_dir) } it { is_expected.to respond_to(:disk_path) } + it { is_expected.to respond_to(:gitlab_shell) } end describe '.pick_repository_storage' do diff --git a/yarn.lock b/yarn.lock index 79a8892a499..6f014b22440 100644 --- a/yarn.lock +++ b/yarn.lock @@ -786,10 +786,10 @@ resolved "https://registry.yarnpkg.com/@gitlab/svgs/-/svgs-1.117.0.tgz#05239ddcf529c62ca29e1ec1a25a7e24efb98207" integrity sha512-dGy/VWuRAFCTZX3Yqu1+RnAHTSUWafteIk/RMfUCN9B/EMbYzjhYsNy0NLVoZ23Rj/KGv1bUGHvyQCoPP6VzpA== -"@gitlab/ui@11.0.1": - version "11.0.1" - resolved "https://registry.yarnpkg.com/@gitlab/ui/-/ui-11.0.1.tgz#7d9fdb823590c72c232b7dee06b86c3e8766ba28" - integrity sha512-JlZULrpmm2jELsVHfcMpE0uiam+hA+5tL4+xZxiHoG+i9UlTQCAteMHOgJVT7pQYvjPAoSnw9XzTATEEcHVcOw== +"@gitlab/ui@11.0.3": + version "11.0.3" + resolved "https://registry.yarnpkg.com/@gitlab/ui/-/ui-11.0.3.tgz#7ef5aa78e8b3226c189487cb1d131859180bf539" + integrity sha512-BCV0+3xJCiBOvdpDlDm6YMnsAP1l4L03e5y0Nqtw8T6hITCL86eGTs0IEPzmE/v2x+03sK4QSHa6rf0dqlvwDg== dependencies: "@babel/standalone" "^7.0.0" "@gitlab/vue-toasted" "^1.3.0" |
