diff options
-rw-r--r-- | app/policies/group_policy.rb | 1 | ||||
-rw-r--r-- | changelogs/unreleased/21811-group-list-deploy-tokens.yml | 5 | ||||
-rw-r--r-- | changelogs/unreleased/auto-deploy-image-v0-12-0.yml | 5 | ||||
-rw-r--r-- | doc/administration/gitaly/praefect.md | 4 | ||||
-rw-r--r-- | doc/administration/packages/container_registry.md | 2 | ||||
-rw-r--r-- | doc/api/deploy_tokens.md | 45 | ||||
-rw-r--r-- | doc/ci/jenkins/index.md | 6 | ||||
-rw-r--r-- | doc/development/fe_guide/vuex.md | 2 | ||||
-rw-r--r-- | doc/topics/autodevops/index.md | 13 | ||||
-rw-r--r-- | doc/user/group/subgroups/index.md | 1 | ||||
-rw-r--r-- | doc/user/project/clusters/serverless/aws.md | 5 | ||||
-rw-r--r-- | jest.config.js | 4 | ||||
-rw-r--r-- | lib/api/deploy_tokens.rb | 23 | ||||
-rw-r--r-- | lib/gitlab/ci/templates/Jobs/Deploy.gitlab-ci.yml | 2 | ||||
-rw-r--r-- | qa/Gemfile | 2 | ||||
-rw-r--r-- | qa/Gemfile.lock | 14 | ||||
-rwxr-xr-x | scripts/lint-doc.sh | 2 | ||||
-rw-r--r-- | spec/frontend/__mocks__/monaco-editor/index.js | 13 | ||||
-rw-r--r-- | spec/requests/api/deploy_tokens_spec.rb | 65 |
19 files changed, 188 insertions, 26 deletions
diff --git a/app/policies/group_policy.rb b/app/policies/group_policy.rb index 2e3abf2b75a..404734ef30a 100644 --- a/app/policies/group_policy.rb +++ b/app/policies/group_policy.rb @@ -94,6 +94,7 @@ class GroupPolicy < BasePolicy enable :update_cluster enable :admin_cluster enable :destroy_deploy_token + enable :read_deploy_token end rule { owner }.policy do diff --git a/changelogs/unreleased/21811-group-list-deploy-tokens.yml b/changelogs/unreleased/21811-group-list-deploy-tokens.yml new file mode 100644 index 00000000000..c2cdc65fa53 --- /dev/null +++ b/changelogs/unreleased/21811-group-list-deploy-tokens.yml @@ -0,0 +1,5 @@ +--- +title: Add api endpoint for listing deploy tokens for a group +merge_request: 25219 +author: +type: added diff --git a/changelogs/unreleased/auto-deploy-image-v0-12-0.yml b/changelogs/unreleased/auto-deploy-image-v0-12-0.yml new file mode 100644 index 00000000000..f6a6b5e9f6b --- /dev/null +++ b/changelogs/unreleased/auto-deploy-image-v0-12-0.yml @@ -0,0 +1,5 @@ +--- +title: Bump Auto Deploy image to v0.12.1 +merge_request: 26336 +author: +type: changed diff --git a/doc/administration/gitaly/praefect.md b/doc/administration/gitaly/praefect.md index f9b1fdae056..b0119bd1361 100644 --- a/doc/administration/gitaly/praefect.md +++ b/doc/administration/gitaly/praefect.md @@ -490,10 +490,10 @@ Particular attention should be shown to: 1. Configure the `external_url` so that files could be served by GitLab by proper endpoint access by editing `/etc/gitlab/gitlab.rb`: - + You will need to replace `GITLAB_SERVER_URL` with the real URL on which current GitLab instance is serving: - + ```ruby external_url 'GITLAB_SERVER_URL' ``` diff --git a/doc/administration/packages/container_registry.md b/doc/administration/packages/container_registry.md index 7187c97ef13..2b029859447 100644 --- a/doc/administration/packages/container_registry.md +++ b/doc/administration/packages/container_registry.md @@ -741,7 +741,7 @@ To enable the read-only mode: ```sh # Recycling unused tags sudo /opt/gitlab/embedded/bin/registry garbage-collect /var/opt/gitlab/registry/config.yml - + # Removing unused layers not referenced by manifests sudo /opt/gitlab/embedded/bin/registry garbage-collect -m /var/opt/gitlab/registry/config.yml ``` diff --git a/doc/api/deploy_tokens.md b/doc/api/deploy_tokens.md index e1372f714fa..c5c88619aa6 100644 --- a/doc/api/deploy_tokens.md +++ b/doc/api/deploy_tokens.md @@ -2,6 +2,8 @@ ## List all deploy tokens +> [Introduced](https://gitlab.com/gitlab-org/gitlab/issues/21811) in GitLab 12.9. + Get a list of all deploy tokens across the GitLab instance. This endpoint requires admin access. ```plaintext @@ -37,6 +39,8 @@ Project deploy token API endpoints require project maintainer access or higher. ### List project deploy tokens +> [Introduced](https://gitlab.com/gitlab-org/gitlab/issues/21811) in GitLab 12.9. + Get a list of a project's deploy tokens. ```plaintext @@ -113,8 +117,49 @@ Example response: These endpoints require group maintainer access or higher. +### List group deploy deploy tokens + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/issues/21811) in GitLab 12.9. + +Get a list of a group's deploy tokens + +``` +GET /groups/:id/deploy_tokens +``` + +Parameters: + +| Attribute | Type | Required | Description | +|:---------------|:---------------|:---------|:-----------------------------------------------------------------------------| +| `id` | integer/string | yes | ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). | + +Example request: + +```shell +curl --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/groups/1/deploy_tokens" +``` + +Example response: + +```json +[ + { + "id": 1, + "name": "MyToken", + "username": "gitlab+deploy-token-1", + "expires_at": "2020-02-14T00:00:00.000Z", + "scopes": [ + "read_repository", + "read_registry" + ] + } +] +``` + ### Delete a group deploy token +> [Introduced](https://gitlab.com/gitlab-org/gitlab/issues/21811) in GitLab 12.9. + Removes a deploy token from the group. ``` diff --git a/doc/ci/jenkins/index.md b/doc/ci/jenkins/index.md index de2b1956292..4b5f93fa1a2 100644 --- a/doc/ci/jenkins/index.md +++ b/doc/ci/jenkins/index.md @@ -7,7 +7,7 @@ type: index, howto A lot of GitLab users have successfully migrated to GitLab CI/CD from Jenkins. To make this easier if you're just getting started, we've collected several resources here that you might find useful -before diving in. +before diving in. Think of this page as a "GitLab CI/CD for Jenkins Users" guide. First of all, our [Quick Start Guide](../quick_start/README.md) contains a good overview of how GitLab CI/CD works. You may also be interested in [Auto DevOps](../../topics/autodevops/index.md) which can potentially be used to build, test, @@ -16,6 +16,9 @@ and deploy your applications with little to no configuration needed at all. Otherwise, read on for important information that will help you get the ball rolling. Welcome to GitLab! +If you have questions that are not answered here, the [GitLab community forum](https://forum.gitlab.com/) +can be a great resource. + ## Important differences There are some high level differences between the products worth mentioning: @@ -29,6 +32,7 @@ There are some high level differences between the products worth mentioning: analogous to the declarative Jenkinsfile format. - GitLab comes with a [container registry](../../user/packages/container_registry/index.md), and we recommend using container images to set up your build environment. +- Totally stuck and not sure where to turn for advice? The [GitLab community forum](https://forum.gitlab.com/) can be a great resource. ## Groovy vs. YAML diff --git a/doc/development/fe_guide/vuex.md b/doc/development/fe_guide/vuex.md index b69bbb8b527..675f30feba6 100644 --- a/doc/development/fe_guide/vuex.md +++ b/doc/development/fe_guide/vuex.md @@ -3,12 +3,12 @@ When there's a clear benefit to separating state management from components (e.g. due to state complexity) we recommend using [Vuex][vuex-docs] over any other Flux pattern. Otherwise, feel free to manage state within the components. Vuex should be strongly considered when: + - You expect multiple parts of the application to react to state changes - There's a need to share data between multiple components - There are complex interactions with Backend, e.g. multiple API calls - The app involves interacting with backend via both traditional REST API and GraphQL (especially when moving the REST API over to GraphQL is a pending backend task) - _Note:_ All of the below is explained in more detail in the official [Vuex documentation][vuex-docs]. ## Separation of concerns diff --git a/doc/topics/autodevops/index.md b/doc/topics/autodevops/index.md index 77e35eee76d..c23d3517183 100644 --- a/doc/topics/autodevops/index.md +++ b/doc/topics/autodevops/index.md @@ -639,7 +639,8 @@ as it will be attempting to fetch the image using #### Kubernetes 1.16+ -> [Introduced](https://gitlab.com/gitlab-org/charts/auto-deploy-app/-/merge_requests/51) in GitLab 12.8. +> - [Introduced](https://gitlab.com/gitlab-org/charts/auto-deploy-app/-/merge_requests/51) in GitLab 12.8. +> - Support for deploying a PostgreSQL version that supports Kubernetes 1.16+ was [introduced](https://gitlab.com/gitlab-org/cluster-integration/auto-deploy-image/-/merge_requests/49) in GitLab 12.9. CAUTION: **Deprecation** The default value of `extensions/v1beta1` for the `deploymentApiVersion` setting is @@ -657,9 +658,13 @@ To use Auto Deploy on a Kubernetes 1.16+ cluster, you must: deploymentApiVersion: apps/v1 ``` -1. Set the `POSTGRES_ENABLED` variable to `false`. This will disable Auto Deploy's deployment of PostgreSQL. -Support for enabling Auto Deploy's deployment of PostgreSQL in a Kubernetes 1.16+ cluster -is [planned](https://gitlab.com/gitlab-org/charts/auto-deploy-app/issues/28). +1. Set the: + + - `AUTO_DEVOPS_POSTGRES_CHANNEL` variable to `2`. + - `POSTGRES_VERSION` variable to `9.6.16` or higher. + + This will opt-in to using a version of the PostgreSQL chart that supports Kubernetes + 1.16 and higher. #### Migrations diff --git a/doc/user/group/subgroups/index.md b/doc/user/group/subgroups/index.md index 5ff8243136e..e73623a2f0e 100644 --- a/doc/user/group/subgroups/index.md +++ b/doc/user/group/subgroups/index.md @@ -64,7 +64,6 @@ Another example of GitLab as a company would be the following: --- - When performing actions such as transferring or importing a project between subgroups, the behavior is the same as when performing these actions at the `group/project` level. diff --git a/doc/user/project/clusters/serverless/aws.md b/doc/user/project/clusters/serverless/aws.md index 30ed82e45b6..cb35e598803 100644 --- a/doc/user/project/clusters/serverless/aws.md +++ b/doc/user/project/clusters/serverless/aws.md @@ -2,11 +2,10 @@ GitLab allows users to easily deploy AWS Lambda functions and create rich serverless applications. -GitLab supports deployment of functions to AWS Lambda using a combination of: +GitLab supports deployment of AWS Lambda functions through GitLab CI/CD using the following Serverless frameworks: - [Serverless Framework with AWS](#serverless-framework) - [AWS' Serverless Application Model (SAM)](#aws-serverless-application-model) -- GitLab CI/CD ## Serverless Framework @@ -362,7 +361,7 @@ sam init -h ### Setting up your AWS credentials with your GitLab account -In order to interact with your AWS account, the GitLab CI/CD pipelines require both +In order to interact with your AWS account, the GitLab CI/CD pipelines require both `AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY` to be set in the project's CI/CD variables. diff --git a/jest.config.js b/jest.config.js index 102d0fb8b4c..e9e1a598608 100644 --- a/jest.config.js +++ b/jest.config.js @@ -35,7 +35,7 @@ const moduleNameMapper = { '^ee_else_ce(/.*)$': '<rootDir>/app/assets/javascripts$1', '^helpers(/.*)$': '<rootDir>/spec/frontend/helpers$1', '^vendor(/.*)$': '<rootDir>/vendor/assets/javascripts$1', - '\\.(jpg|jpeg|png|svg)$': '<rootDir>/spec/frontend/__mocks__/file_mock.js', + '\\.(jpg|jpeg|png|svg|css)$': '<rootDir>/spec/frontend/__mocks__/file_mock.js', 'emojis(/.*).json': '<rootDir>/fixtures/emojis$1.json', '^spec/test_constants$': '<rootDir>/spec/frontend/helpers/test_constants', '^jest/(.*)$': '<rootDir>/spec/frontend/$1', @@ -82,7 +82,7 @@ module.exports = { '^.+\\.js$': 'babel-jest', '^.+\\.vue$': 'vue-jest', }, - transformIgnorePatterns: ['node_modules/(?!(@gitlab/ui|bootstrap-vue|three)/)'], + transformIgnorePatterns: ['node_modules/(?!(@gitlab/ui|bootstrap-vue|three|monaco-editor)/)'], timers: 'fake', testEnvironment: '<rootDir>/spec/frontend/environment.js', testEnvironmentOptions: { diff --git a/lib/api/deploy_tokens.rb b/lib/api/deploy_tokens.rb index 1631425ec1b..bc58cf0dd32 100644 --- a/lib/api/deploy_tokens.rb +++ b/lib/api/deploy_tokens.rb @@ -23,6 +23,8 @@ module API use :pagination end get 'deploy_tokens' do + service_unavailable! unless Feature.enabled?(:deploy_tokens_api, default_enabled: true) + authenticated_as_admin! present paginate(DeployToken.all), with: Entities::DeployToken @@ -32,6 +34,10 @@ module API requires :id, type: Integer, desc: 'The ID of a project' end resource :projects, requirements: API::NAMESPACE_OR_PROJECT_REQUIREMENTS do + before do + service_unavailable! unless Feature.enabled?(:deploy_tokens_api, user_project, default_enabled: true) + end + params do use :pagination end @@ -71,6 +77,23 @@ module API requires :id, type: Integer, desc: 'The ID of a group' end resource :groups, requirements: API::NAMESPACE_OR_PROJECT_REQUIREMENTS do + before do + service_unavailable! unless Feature.enabled?(:deploy_tokens_api, user_group, default_enabled: true) + end + + params do + use :pagination + end + desc 'List deploy tokens for a group' do + detail 'This feature was introduced in GitLab 12.9' + success Entities::DeployToken + end + get ':id/deploy_tokens' do + authorize!(:read_deploy_token, user_group) + + present paginate(user_group.deploy_tokens), with: Entities::DeployToken + end + desc 'Delete a group deploy token' do detail 'This feature was introduced in GitLab 12.9' end diff --git a/lib/gitlab/ci/templates/Jobs/Deploy.gitlab-ci.yml b/lib/gitlab/ci/templates/Jobs/Deploy.gitlab-ci.yml index 8eb56f3991b..bbfcf53b3d4 100644 --- a/lib/gitlab/ci/templates/Jobs/Deploy.gitlab-ci.yml +++ b/lib/gitlab/ci/templates/Jobs/Deploy.gitlab-ci.yml @@ -1,5 +1,5 @@ .auto-deploy: - image: "registry.gitlab.com/gitlab-org/cluster-integration/auto-deploy-image:v0.10.0" + image: "registry.gitlab.com/gitlab-org/cluster-integration/auto-deploy-image:v0.12.1" review: extends: .auto-deploy diff --git a/qa/Gemfile b/qa/Gemfile index 58118340f24..86d8aa5c025 100644 --- a/qa/Gemfile +++ b/qa/Gemfile @@ -1,7 +1,7 @@ source 'https://rubygems.org' gem 'gitlab-qa' -gem 'activesupport', '5.2.3' # This should stay in sync with the root's Gemfile +gem 'activesupport', '6.0.2' # This should stay in sync with the root's Gemfile gem 'capybara', '~> 3.29.0' gem 'capybara-screenshot', '~> 1.0.23' gem 'rake', '~> 12.3.0' diff --git a/qa/Gemfile.lock b/qa/Gemfile.lock index cd73e1b6539..ececdab80d5 100644 --- a/qa/Gemfile.lock +++ b/qa/Gemfile.lock @@ -1,11 +1,12 @@ GEM remote: https://rubygems.org/ specs: - activesupport (5.2.3) + activesupport (6.0.2) concurrent-ruby (~> 1.0, >= 1.0.2) i18n (>= 0.7, < 2) minitest (~> 5.1) tzinfo (~> 1.1) + zeitwerk (~> 2.2) addressable (2.7.0) public_suffix (>= 2.0.2, < 5.0) airborne (0.2.13) @@ -28,7 +29,7 @@ GEM launchy childprocess (3.0.0) coderay (1.1.2) - concurrent-ruby (1.1.5) + concurrent-ruby (1.1.6) debase (0.2.4.1) debase-ruby_core_source (>= 0.10.2) debase-ruby_core_source (0.10.6) @@ -40,7 +41,7 @@ GEM gitlab-qa (4.0.0) http-cookie (1.0.3) domain_name (~> 0.5) - i18n (1.6.0) + i18n (1.8.2) concurrent-ruby (~> 1.0) knapsack (1.17.1) rake @@ -52,7 +53,7 @@ GEM mime-types-data (3.2016.0521) mini_mime (1.0.2) mini_portile2 (2.4.0) - minitest (5.11.3) + minitest (5.14.0) netrc (0.11.0) nokogiri (1.10.5) mini_portile2 (~> 2.4.0) @@ -100,19 +101,20 @@ GEM rubyzip (>= 1.2.2) thread_safe (0.3.6) timecop (0.9.1) - tzinfo (1.2.5) + tzinfo (1.2.6) thread_safe (~> 0.1) unf (0.1.4) unf_ext unf_ext (0.0.7.4) xpath (3.2.0) nokogiri (~> 1.8) + zeitwerk (2.3.0) PLATFORMS ruby DEPENDENCIES - activesupport (= 5.2.3) + activesupport (= 6.0.2) airborne (~> 0.2.13) capybara (~> 3.29.0) capybara-screenshot (~> 1.0.23) diff --git a/scripts/lint-doc.sh b/scripts/lint-doc.sh index 5477002eb43..3959b8b510e 100755 --- a/scripts/lint-doc.sh +++ b/scripts/lint-doc.sh @@ -48,7 +48,7 @@ then exit 1 fi -MD_DOC_PATH=${MD_DOC_PATH:-doc/**/*.md} +MD_DOC_PATH=${MD_DOC_PATH:-doc} function run_locally_or_in_docker() { local cmd=$1 diff --git a/spec/frontend/__mocks__/monaco-editor/index.js b/spec/frontend/__mocks__/monaco-editor/index.js new file mode 100644 index 00000000000..18cc3a7c377 --- /dev/null +++ b/spec/frontend/__mocks__/monaco-editor/index.js @@ -0,0 +1,13 @@ +// NOTE: +// These imports are pulled from 'monaco-editor/esm/vs/editor/editor.main.js' +// We don't want to include 'monaco-editor/esm/vs/editor/edcore' because it causes +// lots of compatability issues with Jest +// Issue: https://gitlab.com/gitlab-org/gitlab/-/issues/209863 +import 'monaco-editor/esm/vs/language/typescript/monaco.contribution'; +import 'monaco-editor/esm/vs/language/css/monaco.contribution'; +import 'monaco-editor/esm/vs/language/json/monaco.contribution'; +import 'monaco-editor/esm/vs/language/html/monaco.contribution'; +import 'monaco-editor/esm/vs/basic-languages/monaco.contribution'; + +export * from 'monaco-editor/esm/vs/editor/editor.api'; +export default global.monaco; diff --git a/spec/requests/api/deploy_tokens_spec.rb b/spec/requests/api/deploy_tokens_spec.rb index 8076b0958a4..01810e333c1 100644 --- a/spec/requests/api/deploy_tokens_spec.rb +++ b/spec/requests/api/deploy_tokens_spec.rb @@ -10,12 +10,24 @@ describe API::DeployTokens do let!(:deploy_token) { create(:deploy_token, projects: [project]) } let!(:group_deploy_token) { create(:deploy_token, :group, groups: [group]) } + shared_examples 'with feature flag disabled' do + context 'disabled feature flag' do + before do + stub_feature_flags(deploy_tokens_api: false) + end + + it { is_expected.to have_gitlab_http_status(:service_unavailable) } + end + end + describe 'GET /deploy_tokens' do subject do get api('/deploy_tokens', user) response end + it_behaves_like 'with feature flag disabled' + context 'when unauthenticated' do let(:user) { nil } @@ -69,6 +81,8 @@ describe API::DeployTokens do project.add_maintainer(user) end + it_behaves_like 'with feature flag disabled' + it { is_expected.to have_gitlab_http_status(:ok) } it 'returns all deploy tokens for the project' do @@ -87,6 +101,53 @@ describe API::DeployTokens do end end + describe 'GET /groups/:id/deploy_tokens' do + subject do + get api("/groups/#{group.id}/deploy_tokens", user) + response + end + + context 'when unauthenticated' do + let(:user) { nil } + + it { is_expected.to have_gitlab_http_status(:forbidden) } + end + + context 'when authenticated as non-admin user' do + before do + group.add_developer(user) + end + + it { is_expected.to have_gitlab_http_status(:forbidden) } + end + + context 'when authenticated as maintainer' do + let!(:other_deploy_token) { create(:deploy_token, :group) } + + before do + group.add_maintainer(user) + end + + it_behaves_like 'with feature flag disabled' + + it { is_expected.to have_gitlab_http_status(:ok) } + + it 'returns all deploy tokens for the group' do + subject + + expect(response).to include_pagination_headers + expect(response).to match_response_schema('public_api/v4/deploy_tokens') + end + + it 'does not return deploy tokens for other groups' do + subject + + token_ids = json_response.map { |token| token['id'] } + expect(token_ids).not_to include(other_deploy_token.id) + end + end + end + describe 'DELETE /groups/:id/deploy_tokens/:token_id' do subject do delete api("/groups/#{group.id}/deploy_tokens/#{group_deploy_token.id}", user) @@ -119,10 +180,10 @@ describe API::DeployTokens do end context 'invalid request' do - it 'returns bad request with invalid group id' do + it 'returns not found with invalid group id' do delete api("/groups/bad_id/deploy_tokens/#{group_deploy_token.id}", user) - expect(response).to have_gitlab_http_status(:bad_request) + expect(response).to have_gitlab_http_status(:not_found) end it 'returns not found with invalid deploy token id' do |