| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |\
| |
| |
| |
| |
| |
| | |
'get-rid-of-water-from-notification_service_spec-to-make-it-DRY' into 'master'
Make notification_service spec DRYer by making some tests reusable
See merge request !7794
|
| | |
| |
| |
| |
| |
| |
| |
| | |
The spec for 'participatns' notifications in notification_service for both
issue and merge_request is pretty simple but it was fully copied without sagnificant changes
8 times (!!!) for EVERY situation you need to notify this group of user which caused to file
to extra growth and not being very DRY. And I love DRY. Since the spec is already too messy and
most likely gonna to increase the size nearest time, I decided to refactor those parts.
|
| | |
| |
| |
| |
| |
| |
| | |
This sends a project_update hook when a repo is updated. This does not include
renaming or transferring a project. Those are covered by project_rename and
project_transfer. This will get called, however, when the visibility is
changed.
|
| |\ \
| | |
| | |
| | |
| | |
| | |
| | | |
Fix race conditions for AuthorizedProjectsWorker
Closes #26194 and #26310
See merge request !8701
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
There were two cases that could be problematic:
1. Because sometimes AuthorizedProjectsWorker would be scheduled in a
transaction it was possible for a job to run/complete before a
COMMIT; resulting in it either producing an error, or producing no
new data.
2. When scheduling jobs the code would not wait until completion. This
could lead to a user creating a project and then immediately trying
to push to it. Usually this will work fine, but given enough load it
might take a few seconds before a user has access.
The first one is problematic, the second one is mostly just annoying
(but annoying enough to warrant a solution).
This commit changes two things to deal with this:
1. Sidekiq scheduling now takes places after a COMMIT, this is ensured
by scheduling using Rails' after_commit hook instead of doing so in
an arbitrary method.
2. When scheduling jobs the calling thread now waits for all jobs to
complete.
Solution 2 requires tracking of job completions. Sidekiq provides a way
to find a job by its ID, but this involves scanning over the entire
queue; something that is very in-efficient for large queues. As such a
more efficient solution is necessary. There are two main Gems that can
do this in a more efficient manner:
* sidekiq-status
* sidekiq_status
No, this is not a joke. Both Gems do a similar thing (but slightly
different), and the only difference in their name is a dash vs an
underscore. Both Gems however provide far more than just checking if a
job has been completed, and both have their problems. sidekiq-status
does not appear to be actively maintained, with the last release being
in 2015. It also has some issues during testing as API calls are not
stubbed in any way. sidekiq_status on the other hand does not appear to
be very popular, and introduces a similar amount of code.
Because of this I opted to write a simple home grown solution. After
all, all we need is storing a job ID somewhere so we can efficiently
look it up; we don't need extra web UIs (as provided by sidekiq-status)
or complex APIs to update progress, etc.
This is where Gitlab::SidekiqStatus comes in handy. This namespace
contains some code used for tracking, removing, and looking up job IDs;
all without having to scan over an entire queue. Data is removed
explicitly, but also expires automatically just in case.
Using this API we can now schedule jobs in a fork-join like manner: we
schedule the jobs in Sidekiq, process them in parallel, then wait for
completion. By using Sidekiq we can leverage all the benefits such as
being able to scale across multiple cores and hosts, retrying failed
jobs, etc.
The one downside is that we need to make sure we can deal with
unexpected increases in job processing timings. To deal with this the
class Gitlab::JobWaiter (used for waiting for jobs to complete) will
only wait a number of seconds (30 by default). Once this timeout is
reached it will simply return.
For GitLab.com almost all AuthorizedProjectWorker jobs complete in
seconds, only very rarely do we spike to job timings of around a minute.
These in turn seem to be the result of external factors (e.g. deploys),
in which case a user is most likely not able to use the system anyway.
In short, this new solution should ensure that jobs are processed
properly and that in almost all cases a user has access to their
resources whenever they need to have access.
|
| |\ \ \
| | | |
| | | |
| | | |
| | | | |
Fix CI requests concurrency
See merge request !8760
|
| | | | | |
|
| | | | | |
|
| |\ \ \ \
| |/ / /
| | | |
| | | |
| | | | |
Backport changes introduced by https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/1078
See merge request !8657
|
| | |\ \ \
| | | | |
| | | | |
| | | | | |
backport-ee-changes-for-build-minutes
|
| | | | | |
| | | | |
| | | | |
| | | | | |
https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/1083
|
| |\ \ \ \ \
| |_|/ / /
|/| | | |
| | | | |
| | | | | |
Support notes without a project (personal snippets notes)
See merge request !8468
|
| | | | | | |
|
| | | | | | |
|
| | | | | | |
|
| |\ \ \ \ \
| |_|_|/ /
|/| | | |
| | | | |
| | | | | |
Backport EE changes on approvals reset for closed MRs
See merge request !8559
|
| | | |/ /
| |/| | |
|
| |/ / / |
|
| | | | |
|
| |\ \ \
| |/ /
|/| |
| | |
| | |
| | |
| | | |
Notify the user who set auto-merge when merge is not possible
Closes #23524
See merge request !8056
|
| | | | |
|
| | | | |
|
| |\ \ \
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Time tracking API
Closes #25861
See merge request !8483
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
New endpoints are:
POST :project_id/(issues|merge_requests)/(:issue_id|:merge_request_id)/time_estimate"
POST :project_id/(issues|merge_requests)/(:issue_id|:merge_request_id)/reset_time_estimate"
POST :project_id/(issues|merge_requests)/(:issue_id|:merge_request_id)/add_spent_time"
POST :project_id/(issues|merge_requests)/(:issue_id|:merge_request_id)/reset_spent_time"
GET :project_id/(issues|merge_requests)/(:issue_id|:merge_request_id)/time_stats"
|
| |\ \ \ \
| |/ / /
| | | |
| | | |
| | | | |
Backport timetracking to CE
See merge request !8195
|
| | | | | |
|
| |\ \ \ \
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Support `/merge` slash command for MRs
Closes #24915
See merge request !7746
|
| | | | | | |
|
| | |/ / / |
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Previously a lease would only be obtained to update data. This could
lead to duplicate data being inserted, triggering a UNIQUE constraint
error. To work around this we now acquire a lease before performing
_any_ project authorization work, releasing it at the very end.
Fixes #25987
|
| |/ / /
| | |
| | |
| | | |
Signed-off-by: Rémy Coutable <remy@rymai.me>
|
| |\ \ \
| | | |
| | | |
| | | |
| | | | |
Remove the project_authorizations.id column
See merge request !8479
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
This column used to be a 32 bits integer, allowing for only a maximum of
2 147 483 647 rows. Given enough users one can hit this limit pretty
quickly, as was the case for GitLab.com.
Changing this type to bigint (= 64 bits) would give us more space, but
we'd eventually hit the same limit given enough users and projects. A
much more sustainable solution is to simply drop the "id" column.
There were only 2 lines of code depending on this column being present,
and neither truly required it to be present. Instead the code now uses
the "project_id" column combined with the "user_id" column. This means
that instead of something like this:
DELETE FROM project_authorizations
WHERE user_id = X
AND id = Y;
We now run the following when removing rows:
DELETE FROM project_authorizations
WHERE user_id = X
AND project_id = Y;
Since both user_id and project_id are indexed this should not slow down
the DELETE query.
This commit also removes the "dependent: destroy" clause from the
"project_authorizations" relation in the User and Project models.
Keeping this prevents Rails from being able to remove data as it relies
on an "id" column being present. Since the "project_authorizations"
table has proper foreign keys set up (with cascading removals) we don't
need to depend on any Rails logic.
|
| |/ / / |
|
| | | | |
|
| |\ \ \
| | | |
| | | |
| | | |
| | | | |
Miscellaneous improvements to the nested groups feature
See merge request !8308
|
| | | | |
| | | |
| | | |
| | | | |
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
|
| |\ \ \ \
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Check if user can read project before being assigned to issue
Closes #22664
See merge request !7980
|
| | | | | | |
|
| | | | | | |
|
| | | | | |
| | | | |
| | | | |
| | | | | |
Don't try to highlight and cache files hidden by .gitattributes entries.
|
| |\ \ \ \ \
| |_|/ / /
|/| | | |
| | | | |
| | | | | |
Add more storage statistics
See merge request !7754
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
This adds counters for build artifacts and LFS objects, and moves
the preexisting repository_size and commit_count from the projects
table into a new project_statistics table.
The counters are displayed in the administration area for projects
and groups, and also available through the API for admins (on */all)
and normal users (on */owned)
The statistics are updated through ProjectCacheWorker, which can now
do more granular updates with the new :statistics argument.
|
| |/ / / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
When processing push payloads we now schedule at most the 100 most
recent commits, instead of all commits that were in a payload. This
prevents one from overloading the system by pushing thousands if not
millions of commits in a single go.
Fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/25827
|
| |\ \ \ \
| |/ / /
|/| | |
| | | |
| | | |
| | | |
| | | | |
Fix error 500 renaming group. Also added specs and changelog.
Closes #17922 and #23223
See merge request !8201
|
| | | | | |
|
| | |/ / |
|
| |/ /
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Prior to this commit the refreshing of authorized projects was done in
two steps:
1. Remove existing authorizations
2. Insert a new list of all authorizations
This can lead to a high amount of dead tuples as every time all rows are
being replaced. For example, if a user with 100 authorizations is given
access to a new project this would lead to:
* 100 rows being removed
* 101 new rows being inserted
This commit changes the way this system works so it only removes/inserts
what is necessary. Using the above example this would lead to only 1 new
row being inserted, with the initial 100 being left untouched.
Fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/25257
|
| |\ \
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Resolve "Add a doorkeeper scope suitable for authentication"
## What does this MR do?
- Add a single new scope (in addition to the `api` scope we've had) - `read_user`
- Allow creating OAuth applications and Personal access tokens with a scope selected
- Enforce scopes in the API
## What are the relevant issue numbers?
- Closes #20492
- EE counterpart for this MR: gitlab-org/gitlab-ee!946
See merge request !5951
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
- Previously, AccessTokenValidationService was a module, and all its public
methods accepted a token. It makes sense to convert it to a class which accepts
a token during initialization.
- Also rename the `sufficient_scope?` method to `include_any_scope?`
- Based on feedback from @rymai
|
