| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
| |
Add a test to make sure the help page UI path doesn't break in the future.
Fix #19972 and #19889.
|
|\
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Add support for manual CI actions
## What does this MR do?
This implements a `when: manual` which allows a jobs to be marked as manual actions.
Manual actions have to be explicitly executed by developers.
## What are the relevant issue numbers?
This is to solve: https://gitlab.com/gitlab-org/gitlab-ce/issues/17010
See merge request !5297
|
| |
| |
| |
| |
| |
| |
| |
| | |
Manual actions are accessible from:
- Pipelines
- Builds
- Environments
- Deployments
|
| | |
|
|\ \
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Upgrade gemojione to 3.0.0
Upgrades gemojione to 3.0.0, see the Changelog: https://github.com/jonathanwiesel/gemojione/blob/b98aa8b07eef815d4d3f52ff3c8714b28932b0de/CHANGELOG.md#v300-2016-07-12
[Here are all the new 2016 emoji](http://emojione.com/releases/2.2.4/) :tada:
This update has new emoji and more sensical categories.
See merge request !5237
|
| |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This adds the 2016 emoji as well as support for using SVG images instead of PNGs.
It also fixes a number of incorrectly categorized emoji and other minor issues.
Upgrade Rake task for Gemojione 3.0.0 and generate sprites.
Upgrade aliases.json by pulling down index.json from the gemojione repository and running the generate_aliases.rb file.
Changelog: https://github.com/jonathanwiesel/gemojione/blob/master/CHANGELOG.md#v301-2016-07-16
For the specific emoji added to the Unicode standard, see: http://emojione.com/releases/2.2.4/
Huge kudos to Jonathan Wiesel (@jonathanwiesel) for his work on the gemojione gem!
|
| | |
|
| | |
|
| | |
|
| |
| |
| |
| | |
Gravatar, Google Analytics, Piwik, Recaptcha, etc.
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
|/ |
|
|\
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Allow U2F devices to be used in Firefox
- Adds U2F support for Firefox
- Improve U2F feature detection logic
- Have authentication flow be closer to the spec (single challenge instead of a challenge for each `signRequest`)
- Closes #17341
- Related to #15337
See merge request !5177
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
1. Only on supported Chrome versions
2. Mainly, this lets us simplify the javascript-based U2F check to
`window.u2f`, where `window.u2f` can either be loaded from the GitLab
server (for Chrome) or from the Firefox extension.
3. This is a better way to provide browser detection for U2F.
|
|\ \
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Remove Hound CI and Teatro config
## What does this MR do?
Since we moved to gitlab.com we don't use Hound CI and Teatro anymore. Instead we have rubocop.
See merge request !5089
|
| | | |
|
|\ \ \
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Update the health_check gem to the latest release
## What does this MR do?
Update the health_check gem to the latest release, which allows us to drop some of our code for overwriting the email check
## Does this MR meet the acceptance criteria?
- [x] [CHANGELOG](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CHANGELOG) entry added
- [ ] ~~[Documentation created/updated](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/doc_styleguide.md)~~
- [ ] ~~API support added~~
- Tests
- [ ] ~~Added for this feature/bug~~
- [ ] All builds are passing
- [ ] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides)
- [ ] Branch has no merge conflicts with `master` (if you do - rebase it please)
- [ ] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits)
See merge request !5186
|
| | |/
| |/|
| | |
| | | |
This allows us to drop our disable email config override
|
| | |
| | |
| | |
| | | |
parameters.
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This is probably a horrible way of fixing this issue, but it does work.
I can’t find much information on linking this deeply with Rails routes.
Resolves #14872.
|
|\ \ \
| |/ / |
|
| |\ \
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Split Cropper.js from the main JavaScript manifest.
## What does this MR do?
Splits Cropper.js from the main JavaScript file.
## Are there points in the code the reviewer needs to double check?
That the avatar uploader works. (It did in my testing)
## Why was this MR needed?
Smaller JS payload.
## What are the relevant issue numbers?
#14372
## Does this MR meet the acceptance criteria?
- Tests
- [x] All builds are passing
- [x] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides)
- [x] Branch has no merge conflicts with `master` (if you do - rebase it please)
- [x] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits)
See merge request !4978
|
| | | | |
|
| | | | |
|
|/ / /
| | |
| | |
| | |
| | | |
When rendering a list of diff files, skip those where the diff is over
10 KB and provide an endpoint to render individually instead.
|
|\ \ \
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Allow specifying protected branches using wildcards
Closes #18627
# Tasks
- [ ] #18627 !4665 Allow specifying protected branches using wildcards
- [x] Find existing usages of protected branches
- Protecting branches
- `ProtectedBranchesController` is used to mark a branch protected/unprotected
- `API::Branches` can be used to mark a branch protected/unprotected
- Enforcing branch protection
- `Gitlab::GitAccess` has helpers (`can_push_to_branch?`, `check`) that are used to deny pushes if a branch is protected
- Over SSH: `gitlab-shell` receives a push, and calls `/allowed` on the GitLab API, which calls `GitAccess.check`
- Over HTTP:
- `gitlab-workhorse` receives the request, and forwards it to rails
- Rails (in the `GitHttpController#git-recieve-pack`) runs basic checks (is the user logged in, not protected branch checks) and returns ok with `GL_ID` and `RepoPath`
- `gitlab-workhorse` looks at the response, and calls the relevant `gitlab-shell` action from `git-http/handlePostRPC`
- Rest of this flow is the same as the SSH flow above
- [x] Implementation
- [x] Backend
- [x] Change `project#protected_branch?` to look at wildcard protected branches
- [x] Change `project#developers_can_push_to_protected_branch?`
- [x] Change `project#open_branches`
- [x] Better error message when creating a disallowed branch from the Web UI
- [x] Frontend
- [x] Protected branches page should allow typing out a wildcard pattern
- [x] Add help text explaining the use of wildcards
- [x] Show matching branches for each protected branch
- [x] ~~On the index page~~
- [x] On a show page
- [x] Index?
- [x] Can't have the "last commit" column for wildcard protected branches
- [x] Fix / write tests
- [x] What happens if a hook is missing in dev?
- [x] Refactor
- [x] Test workflows
- Create a branch matching a wildcard pattern
- Push to a branch matching a wildcard pattern
- Force push to a branch matching a wildcard pattern
- Delete a branch matching a wildcard pattern
- [x] Test using Web UI
- [x] Test over SSH
- [x] Test over HTTP
- [x] Test as developer and master
- [x] Investigate performance
- [x] Test with a large number of protected branches / branches
- [x] Paginate list of protected branches
- [x] ~~Possibly rewrite `open_branches`~~
- [x] Add `iid`s to existing `ProtectedBranch`es
- [x] Add documentation
- [x] Add CHANGELOG entry
- [x] Add screenshots
- [x] Make sure [build](https://gitlab.com/gitlab-org/gitlab-ce/commit/2f753e3ed2ce681b4444944d521f4419e8ed37f7/builds) passes
- [x] Assign to endboss for review
- [x] Address @DouweM's comments
- [x] `protected_branch_params`
- [x] `exact_match` instead of `explicit_match`
- [x] When would self.name be blank?
- [x] Move `protected_branches.each` to a partial
- [x] Move `matching_branches.each` to a partial
- [x] If the branch is in @matching_branches, it's not been removed
- [x] move this regex to a method and memoize it
- [x] `commit_sha` directly for exact matches
- [x] Number of matches for wildcard matches, with a link
- [x] Wait for [build](https://gitlab.com/gitlab-org/gitlab-ce/commit/43f9ce0e88194b8f719bb1c1e656b7fc13278d56/builds) to pass
- [x] Respond to @DouweM's comments
- [x] Don't use iid
- [x] Controller should use `@project.protected_branches.new`
- [x] move the memoization to `def wildcard_regex`
- [x] render with `collection: @protected_branches`
- [x] Wait for [build](https://gitlab.com/gitlab-org/gitlab-ce/commit/f7beedf122fa0c7aa89e86181fe7499321fb10ca/builds) to pass
- [x] Wait for @DouweM's review
- [x] Wait for @jschatz1's review
- [x] Respond to @jschatz1's comments
- [x] Use the new dropdown style
- [x] description should be moved to the description section without the styling
- [x] Protect button should be disabled when no branch is selected
- [x] Update screenshots
- [x] Merge conflicts
- [x] Make sure [build](https://gitlab.com/gitlab-org/gitlab-ce/commit/20f3cfe8d5540eab64c2ba548043d600b28c61ba/builds) passes
- [ ] Revisit performance, possibly with staging/production data
- [ ] Get a dump of staging / run against staging live
- [ ] Get SSH access to staging
- [ ] Wait for review/merge
# Screenshots
## Creating wildcard protected branches
![1](/uploads/9446afccfdf6fa381e00c800dd2cc82e/1.png)
![2](/uploads/0b154503b297a818d3577488c575d845/2.png)
![3](/uploads/36217f79df9e41cc1550601f02627fe8/3.png)
![4](/uploads/041ca9bd529bcfa5373fca67e917cbcb/4.png)
### Using the `GLDropdown` component
![2016-06-30_14-16-15](/uploads/508afc2a5e2463c2954641409a560d88/2016-06-30_14-16-15.gif)
## Enforcing wildcard protected branches
### From the Web UI
![Screen_Shot_2016-06-20_at_1.21.18_PM](/uploads/8b5d4b1911e9152698a0488daf1880bc/Screen_Shot_2016-06-20_at_1.21.18_PM.png)
### Over SSH
![SSH](/uploads/7365989d7e4c406ef37b6ae5106442c9/SSH.gif)
### Over HTTPS
![HTTPS](/uploads/a7c0f56ae58efcffc75e6700fa2f4ac0/HTTPS.gif)
## Listing matching branches
![Screen_Shot_2016-06-20_at_1.33.44_PM](/uploads/d054113022f5d7ec64c0e57e501ac104/Screen_Shot_2016-06-20_at_1.33.44_PM.png)
See merge request !4665
|
| | |/
| |/|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
1. Allow entering any branch name for a protected branch.
- Either pick from a list of options, or enter it manually
- You can enter wildcards.
2. Display branches matching a protected branch.
- Add a `ProtectedBranches#show` page that displays the branches
matching the given protected branch, or a message if there are no
matches.
- On the `index` page, display the last commit for an exact match,
or the number of matching branches for a wildcard match.
- Add an `iid` column to `protected_branches` - this is what we use for
the `show` page URL.
- On the off chance that this feature is unnecessary, this commit
encapsulates it neatly, so it can be removed without affecting
anything else.
3. Remove the "Last Commit" column from the list of protected branches.
- There's no way to pull these for wildcard protected branches, so it's
best left for the `show` page.
- Rename the `@branches` instance variable to `@protected_branches`
- Minor styling changes with the "Unprotect" button - floated right
like the "Revoke" button for personal access tokens
4. Paginate the list of protected branches.
5. Move the instructions to the left side of the page.
|
|/ / |
|
| | |
|
|\ \
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Upgrade sprockets and sprockets rails, remove quiet_assets
## What does this MR do?
Upgrade Sprockets from 3.6.0 to 3.6.2.
Changelog: https://github.com/rails/sprockets/blob/3.x/CHANGELOG.md
Upgrade Sprockets Rails from 3.0.4 to 3.1.1.
Changelog: https://github.com/rails/sprockets-rails/compare/v3.0.4...v3.1.1
quiet_assets has been seemingly abandoned, and now sprockets-rails has the feature built-in!
The config was added in this PR: https://github.com/rails/sprockets-rails/pull/355
Working towards #14286.
See merge request !5029
|
| | |
| | |
| | |
| | |
| | |
| | | |
quiet_assets has been seemingly abandoned, and now sprockets-rails has the feature built-in!
From this PR: https://github.com/rails/sprockets-rails/pull/355
|
|/ / |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This stands as an alternative to using OAuth to access a user's Github
repositories. This is setup in such a way that it can be used without OAuth
configuration.
From a UI perspective, the how to import modal has been replaced by a full
page, which includes a form for posting a personal access token back to the
Import::GithubController.
If the user has logged in via GitHub, skip the Personal Access Token and go
directly to Github for an access token via OAuth.
|
|\ \
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Make Rack::Request use our trusted proxies when filtering IP addresses
## What does this MR do?
This allows us to control the trusted proxies while deployed in a private network.
## Are there points in the code the reviewer needs to double check?
If we want to limit what is impacted, we can do this specifically for the rack_attack request object.
## Why was this MR needed?
Normally Rack::Request will trust all private IPs as trusted proxies, which can cause problems if your users are connection on you network via private IP ranges.
Normally in a rails app this is handled by action_dispatch request, but rack_attack is specifically using the Rack::Request object instead.
## What are the relevant issue numbers?
Fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/17550
## Does this MR meet the acceptance criteria?
- [x] [CHANGELOG](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CHANGELOG) entry added
- [ ] ~~[Documentation created/updated](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/doc_styleguide.md)~~
- [ ] ~~API support added~~
- Tests
- [x] Added for this feature/bug
- [x] All builds are passing
- [x] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides)
- [ ] Branch has no merge conflicts with `master` (if you do - rebase it please)
- [ ] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits)
\cc @stanhu
See merge request !4958
|
| | |
| | |
| | |
| | |
| | |
| | | |
This allows us to control the trusted proxies while deployed in a private network. Normally Rack::Request will trust all private IPs as trusted proxies, which can caue problems if your users are connection on you network via private IP ranges.
Normally in a rails app this is handled by action_dispatch request, but rack_attack is specifically using the Rack::Request object instead.
|
|\ \ \
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Loop all disks when displaying system info. Closes #18886
See merge request !4983
|
| | | | |
|
| | | |
| | | |
| | | |
| | | | |
install task
|
| |/ /
|/| | |
|
| | | |
|
|/ / |
|
|/ |
|
|\
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Re-implement page-specific JS in a better way.
## What does this MR do?
This rebuilds the way we do page-specific JavaScript assets for a few reasons:
- The current implementation does not work with Subresource Integrity (!4808)
- The current implementation doesn't allow caching of libraries because each page we hook up with this system will have a separate application.js. Meaning that for every page that uses Ace Editor, we'd have to load Ace Editor plus any GitLab-specific scripts in the same file, making local caching of just Ace Editor impossible.
- The current implementation is rather hacky.
## Are there points in the code the reviewer needs to double check?
That Sprockets doesn't choke on this when we use precompiled assets.
## What are the relevant issue numbers?
#14372
## Does this MR meet the acceptance criteria?
- [x] [CHANGELOG](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CHANGELOG) entry added
- [x] [Documentation created/updated](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/doc_styleguide.md)
- [x] API support added
- Tests
- [x] Added for this feature/bug
- [x] All builds are passing
- [x] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides)
- [x] Branch has no merge conflicts with `master` (if you do - rebase it please)
- [x] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits)
cc: @jschatz1 @pavelloz
Thanks to @pavelloz for his example implementation which was very useful.
See merge request !4883
|
| | |
|
|\ \
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Add SMTP as default delivery method to match gitlab-org/omnibus-gitlab!826
Something happened after upgrading to 8.9RC5 that caused mail settings to be set to sendmail by default. gitlab-com/infrastructure#128 describes the issue in more detail. This MR mirrors the change in omnibus with gitlab-org/omnibus-gitlab!826.
Closes #19132
See merge request !4915
|