summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--app/policies/group_policy.rb1
-rw-r--r--changelogs/unreleased/21811-group-list-deploy-tokens.yml5
-rw-r--r--changelogs/unreleased/auto-deploy-image-v0-12-0.yml5
-rw-r--r--doc/administration/gitaly/praefect.md4
-rw-r--r--doc/administration/packages/container_registry.md2
-rw-r--r--doc/api/deploy_tokens.md45
-rw-r--r--doc/ci/jenkins/index.md6
-rw-r--r--doc/development/fe_guide/vuex.md2
-rw-r--r--doc/topics/autodevops/index.md13
-rw-r--r--doc/user/group/subgroups/index.md1
-rw-r--r--doc/user/project/clusters/serverless/aws.md5
-rw-r--r--jest.config.js4
-rw-r--r--lib/api/deploy_tokens.rb23
-rw-r--r--lib/gitlab/ci/templates/Jobs/Deploy.gitlab-ci.yml2
-rw-r--r--qa/Gemfile2
-rw-r--r--qa/Gemfile.lock14
-rwxr-xr-xscripts/lint-doc.sh2
-rw-r--r--spec/frontend/__mocks__/monaco-editor/index.js13
-rw-r--r--spec/requests/api/deploy_tokens_spec.rb65
19 files changed, 188 insertions, 26 deletions
diff --git a/app/policies/group_policy.rb b/app/policies/group_policy.rb
index 2e3abf2b75a..404734ef30a 100644
--- a/app/policies/group_policy.rb
+++ b/app/policies/group_policy.rb
@@ -94,6 +94,7 @@ class GroupPolicy < BasePolicy
enable :update_cluster
enable :admin_cluster
enable :destroy_deploy_token
+ enable :read_deploy_token
end
rule { owner }.policy do
diff --git a/changelogs/unreleased/21811-group-list-deploy-tokens.yml b/changelogs/unreleased/21811-group-list-deploy-tokens.yml
new file mode 100644
index 00000000000..c2cdc65fa53
--- /dev/null
+++ b/changelogs/unreleased/21811-group-list-deploy-tokens.yml
@@ -0,0 +1,5 @@
+---
+title: Add api endpoint for listing deploy tokens for a group
+merge_request: 25219
+author:
+type: added
diff --git a/changelogs/unreleased/auto-deploy-image-v0-12-0.yml b/changelogs/unreleased/auto-deploy-image-v0-12-0.yml
new file mode 100644
index 00000000000..f6a6b5e9f6b
--- /dev/null
+++ b/changelogs/unreleased/auto-deploy-image-v0-12-0.yml
@@ -0,0 +1,5 @@
+---
+title: Bump Auto Deploy image to v0.12.1
+merge_request: 26336
+author:
+type: changed
diff --git a/doc/administration/gitaly/praefect.md b/doc/administration/gitaly/praefect.md
index f9b1fdae056..b0119bd1361 100644
--- a/doc/administration/gitaly/praefect.md
+++ b/doc/administration/gitaly/praefect.md
@@ -490,10 +490,10 @@ Particular attention should be shown to:
1. Configure the `external_url` so that files could be served by GitLab
by proper endpoint access by editing `/etc/gitlab/gitlab.rb`:
-
+
You will need to replace `GITLAB_SERVER_URL` with the real URL on which
current GitLab instance is serving:
-
+
```ruby
external_url 'GITLAB_SERVER_URL'
```
diff --git a/doc/administration/packages/container_registry.md b/doc/administration/packages/container_registry.md
index 7187c97ef13..2b029859447 100644
--- a/doc/administration/packages/container_registry.md
+++ b/doc/administration/packages/container_registry.md
@@ -741,7 +741,7 @@ To enable the read-only mode:
```sh
# Recycling unused tags
sudo /opt/gitlab/embedded/bin/registry garbage-collect /var/opt/gitlab/registry/config.yml
-
+
# Removing unused layers not referenced by manifests
sudo /opt/gitlab/embedded/bin/registry garbage-collect -m /var/opt/gitlab/registry/config.yml
```
diff --git a/doc/api/deploy_tokens.md b/doc/api/deploy_tokens.md
index e1372f714fa..c5c88619aa6 100644
--- a/doc/api/deploy_tokens.md
+++ b/doc/api/deploy_tokens.md
@@ -2,6 +2,8 @@
## List all deploy tokens
+> [Introduced](https://gitlab.com/gitlab-org/gitlab/issues/21811) in GitLab 12.9.
+
Get a list of all deploy tokens across the GitLab instance. This endpoint requires admin access.
```plaintext
@@ -37,6 +39,8 @@ Project deploy token API endpoints require project maintainer access or higher.
### List project deploy tokens
+> [Introduced](https://gitlab.com/gitlab-org/gitlab/issues/21811) in GitLab 12.9.
+
Get a list of a project's deploy tokens.
```plaintext
@@ -113,8 +117,49 @@ Example response:
These endpoints require group maintainer access or higher.
+### List group deploy deploy tokens
+
+> [Introduced](https://gitlab.com/gitlab-org/gitlab/issues/21811) in GitLab 12.9.
+
+Get a list of a group's deploy tokens
+
+```
+GET /groups/:id/deploy_tokens
+```
+
+Parameters:
+
+| Attribute | Type | Required | Description |
+|:---------------|:---------------|:---------|:-----------------------------------------------------------------------------|
+| `id` | integer/string | yes | ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). |
+
+Example request:
+
+```shell
+curl --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/groups/1/deploy_tokens"
+```
+
+Example response:
+
+```json
+[
+ {
+ "id": 1,
+ "name": "MyToken",
+ "username": "gitlab+deploy-token-1",
+ "expires_at": "2020-02-14T00:00:00.000Z",
+ "scopes": [
+ "read_repository",
+ "read_registry"
+ ]
+ }
+]
+```
+
### Delete a group deploy token
+> [Introduced](https://gitlab.com/gitlab-org/gitlab/issues/21811) in GitLab 12.9.
+
Removes a deploy token from the group.
```
diff --git a/doc/ci/jenkins/index.md b/doc/ci/jenkins/index.md
index de2b1956292..4b5f93fa1a2 100644
--- a/doc/ci/jenkins/index.md
+++ b/doc/ci/jenkins/index.md
@@ -7,7 +7,7 @@ type: index, howto
A lot of GitLab users have successfully migrated to GitLab CI/CD from Jenkins. To make this
easier if you're just getting started, we've collected several resources here that you might find useful
-before diving in.
+before diving in. Think of this page as a "GitLab CI/CD for Jenkins Users" guide.
First of all, our [Quick Start Guide](../quick_start/README.md) contains a good overview of how GitLab CI/CD works.
You may also be interested in [Auto DevOps](../../topics/autodevops/index.md) which can potentially be used to build, test,
@@ -16,6 +16,9 @@ and deploy your applications with little to no configuration needed at all.
Otherwise, read on for important information that will help you get the ball rolling. Welcome
to GitLab!
+If you have questions that are not answered here, the [GitLab community forum](https://forum.gitlab.com/)
+can be a great resource.
+
## Important differences
There are some high level differences between the products worth mentioning:
@@ -29,6 +32,7 @@ There are some high level differences between the products worth mentioning:
analogous to the declarative Jenkinsfile format.
- GitLab comes with a [container registry](../../user/packages/container_registry/index.md), and we recommend using
container images to set up your build environment.
+- Totally stuck and not sure where to turn for advice? The [GitLab community forum](https://forum.gitlab.com/) can be a great resource.
## Groovy vs. YAML
diff --git a/doc/development/fe_guide/vuex.md b/doc/development/fe_guide/vuex.md
index b69bbb8b527..675f30feba6 100644
--- a/doc/development/fe_guide/vuex.md
+++ b/doc/development/fe_guide/vuex.md
@@ -3,12 +3,12 @@
When there's a clear benefit to separating state management from components (e.g. due to state complexity) we recommend using [Vuex][vuex-docs] over any other Flux pattern. Otherwise, feel free to manage state within the components.
Vuex should be strongly considered when:
+
- You expect multiple parts of the application to react to state changes
- There's a need to share data between multiple components
- There are complex interactions with Backend, e.g. multiple API calls
- The app involves interacting with backend via both traditional REST API and GraphQL (especially when moving the REST API over to GraphQL is a pending backend task)
-
_Note:_ All of the below is explained in more detail in the official [Vuex documentation][vuex-docs].
## Separation of concerns
diff --git a/doc/topics/autodevops/index.md b/doc/topics/autodevops/index.md
index 77e35eee76d..c23d3517183 100644
--- a/doc/topics/autodevops/index.md
+++ b/doc/topics/autodevops/index.md
@@ -639,7 +639,8 @@ as it will be attempting to fetch the image using
#### Kubernetes 1.16+
-> [Introduced](https://gitlab.com/gitlab-org/charts/auto-deploy-app/-/merge_requests/51) in GitLab 12.8.
+> - [Introduced](https://gitlab.com/gitlab-org/charts/auto-deploy-app/-/merge_requests/51) in GitLab 12.8.
+> - Support for deploying a PostgreSQL version that supports Kubernetes 1.16+ was [introduced](https://gitlab.com/gitlab-org/cluster-integration/auto-deploy-image/-/merge_requests/49) in GitLab 12.9.
CAUTION: **Deprecation**
The default value of `extensions/v1beta1` for the `deploymentApiVersion` setting is
@@ -657,9 +658,13 @@ To use Auto Deploy on a Kubernetes 1.16+ cluster, you must:
deploymentApiVersion: apps/v1
```
-1. Set the `POSTGRES_ENABLED` variable to `false`. This will disable Auto Deploy's deployment of PostgreSQL.
-Support for enabling Auto Deploy's deployment of PostgreSQL in a Kubernetes 1.16+ cluster
-is [planned](https://gitlab.com/gitlab-org/charts/auto-deploy-app/issues/28).
+1. Set the:
+
+ - `AUTO_DEVOPS_POSTGRES_CHANNEL` variable to `2`.
+ - `POSTGRES_VERSION` variable to `9.6.16` or higher.
+
+ This will opt-in to using a version of the PostgreSQL chart that supports Kubernetes
+ 1.16 and higher.
#### Migrations
diff --git a/doc/user/group/subgroups/index.md b/doc/user/group/subgroups/index.md
index 5ff8243136e..e73623a2f0e 100644
--- a/doc/user/group/subgroups/index.md
+++ b/doc/user/group/subgroups/index.md
@@ -64,7 +64,6 @@ Another example of GitLab as a company would be the following:
---
-
When performing actions such as transferring or importing a project between
subgroups, the behavior is the same as when performing these actions at the
`group/project` level.
diff --git a/doc/user/project/clusters/serverless/aws.md b/doc/user/project/clusters/serverless/aws.md
index 30ed82e45b6..cb35e598803 100644
--- a/doc/user/project/clusters/serverless/aws.md
+++ b/doc/user/project/clusters/serverless/aws.md
@@ -2,11 +2,10 @@
GitLab allows users to easily deploy AWS Lambda functions and create rich serverless applications.
-GitLab supports deployment of functions to AWS Lambda using a combination of:
+GitLab supports deployment of AWS Lambda functions through GitLab CI/CD using the following Serverless frameworks:
- [Serverless Framework with AWS](#serverless-framework)
- [AWS' Serverless Application Model (SAM)](#aws-serverless-application-model)
-- GitLab CI/CD
## Serverless Framework
@@ -362,7 +361,7 @@ sam init -h
### Setting up your AWS credentials with your GitLab account
-In order to interact with your AWS account, the GitLab CI/CD pipelines require both
+In order to interact with your AWS account, the GitLab CI/CD pipelines require both
`AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY` to be set in the project's CI/CD
variables.
diff --git a/jest.config.js b/jest.config.js
index 102d0fb8b4c..e9e1a598608 100644
--- a/jest.config.js
+++ b/jest.config.js
@@ -35,7 +35,7 @@ const moduleNameMapper = {
'^ee_else_ce(/.*)$': '<rootDir>/app/assets/javascripts$1',
'^helpers(/.*)$': '<rootDir>/spec/frontend/helpers$1',
'^vendor(/.*)$': '<rootDir>/vendor/assets/javascripts$1',
- '\\.(jpg|jpeg|png|svg)$': '<rootDir>/spec/frontend/__mocks__/file_mock.js',
+ '\\.(jpg|jpeg|png|svg|css)$': '<rootDir>/spec/frontend/__mocks__/file_mock.js',
'emojis(/.*).json': '<rootDir>/fixtures/emojis$1.json',
'^spec/test_constants$': '<rootDir>/spec/frontend/helpers/test_constants',
'^jest/(.*)$': '<rootDir>/spec/frontend/$1',
@@ -82,7 +82,7 @@ module.exports = {
'^.+\\.js$': 'babel-jest',
'^.+\\.vue$': 'vue-jest',
},
- transformIgnorePatterns: ['node_modules/(?!(@gitlab/ui|bootstrap-vue|three)/)'],
+ transformIgnorePatterns: ['node_modules/(?!(@gitlab/ui|bootstrap-vue|three|monaco-editor)/)'],
timers: 'fake',
testEnvironment: '<rootDir>/spec/frontend/environment.js',
testEnvironmentOptions: {
diff --git a/lib/api/deploy_tokens.rb b/lib/api/deploy_tokens.rb
index 1631425ec1b..bc58cf0dd32 100644
--- a/lib/api/deploy_tokens.rb
+++ b/lib/api/deploy_tokens.rb
@@ -23,6 +23,8 @@ module API
use :pagination
end
get 'deploy_tokens' do
+ service_unavailable! unless Feature.enabled?(:deploy_tokens_api, default_enabled: true)
+
authenticated_as_admin!
present paginate(DeployToken.all), with: Entities::DeployToken
@@ -32,6 +34,10 @@ module API
requires :id, type: Integer, desc: 'The ID of a project'
end
resource :projects, requirements: API::NAMESPACE_OR_PROJECT_REQUIREMENTS do
+ before do
+ service_unavailable! unless Feature.enabled?(:deploy_tokens_api, user_project, default_enabled: true)
+ end
+
params do
use :pagination
end
@@ -71,6 +77,23 @@ module API
requires :id, type: Integer, desc: 'The ID of a group'
end
resource :groups, requirements: API::NAMESPACE_OR_PROJECT_REQUIREMENTS do
+ before do
+ service_unavailable! unless Feature.enabled?(:deploy_tokens_api, user_group, default_enabled: true)
+ end
+
+ params do
+ use :pagination
+ end
+ desc 'List deploy tokens for a group' do
+ detail 'This feature was introduced in GitLab 12.9'
+ success Entities::DeployToken
+ end
+ get ':id/deploy_tokens' do
+ authorize!(:read_deploy_token, user_group)
+
+ present paginate(user_group.deploy_tokens), with: Entities::DeployToken
+ end
+
desc 'Delete a group deploy token' do
detail 'This feature was introduced in GitLab 12.9'
end
diff --git a/lib/gitlab/ci/templates/Jobs/Deploy.gitlab-ci.yml b/lib/gitlab/ci/templates/Jobs/Deploy.gitlab-ci.yml
index 8eb56f3991b..bbfcf53b3d4 100644
--- a/lib/gitlab/ci/templates/Jobs/Deploy.gitlab-ci.yml
+++ b/lib/gitlab/ci/templates/Jobs/Deploy.gitlab-ci.yml
@@ -1,5 +1,5 @@
.auto-deploy:
- image: "registry.gitlab.com/gitlab-org/cluster-integration/auto-deploy-image:v0.10.0"
+ image: "registry.gitlab.com/gitlab-org/cluster-integration/auto-deploy-image:v0.12.1"
review:
extends: .auto-deploy
diff --git a/qa/Gemfile b/qa/Gemfile
index 58118340f24..86d8aa5c025 100644
--- a/qa/Gemfile
+++ b/qa/Gemfile
@@ -1,7 +1,7 @@
source 'https://rubygems.org'
gem 'gitlab-qa'
-gem 'activesupport', '5.2.3' # This should stay in sync with the root's Gemfile
+gem 'activesupport', '6.0.2' # This should stay in sync with the root's Gemfile
gem 'capybara', '~> 3.29.0'
gem 'capybara-screenshot', '~> 1.0.23'
gem 'rake', '~> 12.3.0'
diff --git a/qa/Gemfile.lock b/qa/Gemfile.lock
index cd73e1b6539..ececdab80d5 100644
--- a/qa/Gemfile.lock
+++ b/qa/Gemfile.lock
@@ -1,11 +1,12 @@
GEM
remote: https://rubygems.org/
specs:
- activesupport (5.2.3)
+ activesupport (6.0.2)
concurrent-ruby (~> 1.0, >= 1.0.2)
i18n (>= 0.7, < 2)
minitest (~> 5.1)
tzinfo (~> 1.1)
+ zeitwerk (~> 2.2)
addressable (2.7.0)
public_suffix (>= 2.0.2, < 5.0)
airborne (0.2.13)
@@ -28,7 +29,7 @@ GEM
launchy
childprocess (3.0.0)
coderay (1.1.2)
- concurrent-ruby (1.1.5)
+ concurrent-ruby (1.1.6)
debase (0.2.4.1)
debase-ruby_core_source (>= 0.10.2)
debase-ruby_core_source (0.10.6)
@@ -40,7 +41,7 @@ GEM
gitlab-qa (4.0.0)
http-cookie (1.0.3)
domain_name (~> 0.5)
- i18n (1.6.0)
+ i18n (1.8.2)
concurrent-ruby (~> 1.0)
knapsack (1.17.1)
rake
@@ -52,7 +53,7 @@ GEM
mime-types-data (3.2016.0521)
mini_mime (1.0.2)
mini_portile2 (2.4.0)
- minitest (5.11.3)
+ minitest (5.14.0)
netrc (0.11.0)
nokogiri (1.10.5)
mini_portile2 (~> 2.4.0)
@@ -100,19 +101,20 @@ GEM
rubyzip (>= 1.2.2)
thread_safe (0.3.6)
timecop (0.9.1)
- tzinfo (1.2.5)
+ tzinfo (1.2.6)
thread_safe (~> 0.1)
unf (0.1.4)
unf_ext
unf_ext (0.0.7.4)
xpath (3.2.0)
nokogiri (~> 1.8)
+ zeitwerk (2.3.0)
PLATFORMS
ruby
DEPENDENCIES
- activesupport (= 5.2.3)
+ activesupport (= 6.0.2)
airborne (~> 0.2.13)
capybara (~> 3.29.0)
capybara-screenshot (~> 1.0.23)
diff --git a/scripts/lint-doc.sh b/scripts/lint-doc.sh
index 5477002eb43..3959b8b510e 100755
--- a/scripts/lint-doc.sh
+++ b/scripts/lint-doc.sh
@@ -48,7 +48,7 @@ then
exit 1
fi
-MD_DOC_PATH=${MD_DOC_PATH:-doc/**/*.md}
+MD_DOC_PATH=${MD_DOC_PATH:-doc}
function run_locally_or_in_docker() {
local cmd=$1
diff --git a/spec/frontend/__mocks__/monaco-editor/index.js b/spec/frontend/__mocks__/monaco-editor/index.js
new file mode 100644
index 00000000000..18cc3a7c377
--- /dev/null
+++ b/spec/frontend/__mocks__/monaco-editor/index.js
@@ -0,0 +1,13 @@
+// NOTE:
+// These imports are pulled from 'monaco-editor/esm/vs/editor/editor.main.js'
+// We don't want to include 'monaco-editor/esm/vs/editor/edcore' because it causes
+// lots of compatability issues with Jest
+// Issue: https://gitlab.com/gitlab-org/gitlab/-/issues/209863
+import 'monaco-editor/esm/vs/language/typescript/monaco.contribution';
+import 'monaco-editor/esm/vs/language/css/monaco.contribution';
+import 'monaco-editor/esm/vs/language/json/monaco.contribution';
+import 'monaco-editor/esm/vs/language/html/monaco.contribution';
+import 'monaco-editor/esm/vs/basic-languages/monaco.contribution';
+
+export * from 'monaco-editor/esm/vs/editor/editor.api';
+export default global.monaco;
diff --git a/spec/requests/api/deploy_tokens_spec.rb b/spec/requests/api/deploy_tokens_spec.rb
index 8076b0958a4..01810e333c1 100644
--- a/spec/requests/api/deploy_tokens_spec.rb
+++ b/spec/requests/api/deploy_tokens_spec.rb
@@ -10,12 +10,24 @@ describe API::DeployTokens do
let!(:deploy_token) { create(:deploy_token, projects: [project]) }
let!(:group_deploy_token) { create(:deploy_token, :group, groups: [group]) }
+ shared_examples 'with feature flag disabled' do
+ context 'disabled feature flag' do
+ before do
+ stub_feature_flags(deploy_tokens_api: false)
+ end
+
+ it { is_expected.to have_gitlab_http_status(:service_unavailable) }
+ end
+ end
+
describe 'GET /deploy_tokens' do
subject do
get api('/deploy_tokens', user)
response
end
+ it_behaves_like 'with feature flag disabled'
+
context 'when unauthenticated' do
let(:user) { nil }
@@ -69,6 +81,8 @@ describe API::DeployTokens do
project.add_maintainer(user)
end
+ it_behaves_like 'with feature flag disabled'
+
it { is_expected.to have_gitlab_http_status(:ok) }
it 'returns all deploy tokens for the project' do
@@ -87,6 +101,53 @@ describe API::DeployTokens do
end
end
+ describe 'GET /groups/:id/deploy_tokens' do
+ subject do
+ get api("/groups/#{group.id}/deploy_tokens", user)
+ response
+ end
+
+ context 'when unauthenticated' do
+ let(:user) { nil }
+
+ it { is_expected.to have_gitlab_http_status(:forbidden) }
+ end
+
+ context 'when authenticated as non-admin user' do
+ before do
+ group.add_developer(user)
+ end
+
+ it { is_expected.to have_gitlab_http_status(:forbidden) }
+ end
+
+ context 'when authenticated as maintainer' do
+ let!(:other_deploy_token) { create(:deploy_token, :group) }
+
+ before do
+ group.add_maintainer(user)
+ end
+
+ it_behaves_like 'with feature flag disabled'
+
+ it { is_expected.to have_gitlab_http_status(:ok) }
+
+ it 'returns all deploy tokens for the group' do
+ subject
+
+ expect(response).to include_pagination_headers
+ expect(response).to match_response_schema('public_api/v4/deploy_tokens')
+ end
+
+ it 'does not return deploy tokens for other groups' do
+ subject
+
+ token_ids = json_response.map { |token| token['id'] }
+ expect(token_ids).not_to include(other_deploy_token.id)
+ end
+ end
+ end
+
describe 'DELETE /groups/:id/deploy_tokens/:token_id' do
subject do
delete api("/groups/#{group.id}/deploy_tokens/#{group_deploy_token.id}", user)
@@ -119,10 +180,10 @@ describe API::DeployTokens do
end
context 'invalid request' do
- it 'returns bad request with invalid group id' do
+ it 'returns not found with invalid group id' do
delete api("/groups/bad_id/deploy_tokens/#{group_deploy_token.id}", user)
- expect(response).to have_gitlab_http_status(:bad_request)
+ expect(response).to have_gitlab_http_status(:not_found)
end
it 'returns not found with invalid deploy token id' do