kotovalexarian-likes-gitlab
/
gitlab-org--gitlab-foss
1
0
Fork 0
Code Releases Activity

Add latest changes from gitlab-org/gitlab@master

This commit is contained in:
GitLab Bot 2021-12-16 21:14:09 +00:00
parent cab5a484fe
commit 040df42a88
9 changed files with 110 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
app/policies/group_policy.rb
View File

@ -77,6 +77,11 @@ class GroupPolicy < Namespaces::GroupProjectNamespaceSharedPolicy
condition(:crm_enabled, score: 0, scope: :subject) { Feature.enabled?(:customer_relations, @subject) }
with_scope :subject
condition(:group_runner_registration_allowed, score: 0, scope: :subject) do
Feature.disabled?(:runner_registration_control) || Gitlab::CurrentSettings.valid_runner_registrars.include?('group')
end
rule { can?(:read_group) & design_management_enabled }.policy do
enable :read_design_activity
end
@ -200,6 +205,10 @@ class GroupPolicy < Namespaces::GroupProjectNamespaceSharedPolicy
enable :read_nested_project_resources
end
rule { can?(:admin_group_runners) }.policy do
enable :register_group_runners
end
rule { owner }.enable :create_subgroup
rule { maintainer & maintainer_can_create_group }.enable :create_subgroup
@ -262,6 +271,10 @@ class GroupPolicy < Namespaces::GroupProjectNamespaceSharedPolicy
prevent :admin_crm_organization
end
rule { ~group_runner_registration_allowed }.policy do
prevent :register_group_runners
end
def access_level(for_any_session: false)
return GroupMember::NO_ACCESS if @user.nil?
return GroupMember::NO_ACCESS unless user_is_user?

2
app/views/groups/runners/_group_runners.html.haml
View File

@ -10,7 +10,7 @@
= _('These runners are shared across projects in this group.')
= _('Group runners can be managed with the %{link}.').html_safe % { link: link }
- if can?(current_user, :admin_pipeline, @group) && valid_runner_registrars.include?('group')
- if can?(current_user, :register_group_runners, @group)
- if params[:ci_runner_templates]
%hr
= render partial: 'ci/runner/setup_runner_in_aws',

6
app/views/projects/merge_requests/creations/_new_submit.html.haml
View File

@ -26,16 +26,16 @@
%li.commits-tab.new-tab
= link_to url_for(safe_params), data: {target: 'div#commits', action: 'new', toggle: 'tabvue'} do
Commits
%span.badge.gl-tab-counter-badge.badge-muted.badge-pill.gl-badge.sm= @total_commit_count
= gl_badge_tag @total_commit_count, { size: :sm }, { class: 'gl-tab-counter-badge' }
- if @pipelines.any?
%li.builds-tab
= link_to url_for(safe_params.merge(action: 'pipelines')), data: {target: 'div#pipelines', action: 'pipelines', toggle: 'tabvue'} do
Pipelines
%span.badge.gl-tab-counter-badge.badge-muted.badge-pill.gl-badge.sm= @pipelines.size
= gl_badge_tag @pipelines.size, { size: :sm }, { class: 'gl-tab-counter-badge' }
%li.diffs-tab
= link_to url_for(safe_params.merge(action: 'diffs')), data: {target: 'div#diffs', action: 'diffs', toggle: 'tabvue', qa_selector: 'diffs_tab'} do
Changes
%span.badge.gl-tab-counter-badge.badge-muted.badge-pill.gl-badge.sm= @merge_request.diff_size
= gl_badge_tag @merge_request.diff_size, { size: :sm }, { class: 'gl-tab-counter-badge' }
#diff-notes-app.tab-content
#new.commits.tab-pane.active

8
app/views/projects/merge_requests/show.html.haml
View File

@ -25,21 +25,21 @@
= render "projects/merge_requests/tabs/tab", class: "notes-tab", qa_selector: "notes_tab" do
= tab_link_for @merge_request, :show, force_link: @commit.present? do
= _("Overview")
%span.badge.badge-pill.gl-badge.badge-muted.sm= @merge_request.related_notes.user.count
= gl_badge_tag @merge_request.related_notes.user.count, { size: :sm }
- if @merge_request.source_project
= render "projects/merge_requests/tabs/tab", name: "commits", class: "commits-tab", qa_selector: "commits_tab" do
= tab_link_for @merge_request, :commits do
= _("Commits")
%span.badge.badge-pill.gl-badge.badge-muted.sm= @commits_count
= gl_badge_tag @commits_count, { size: :sm }
- if @number_of_pipelines.nonzero?
= render "projects/merge_requests/tabs/tab", name: "pipelines", class: "pipelines-tab" do
= tab_link_for @merge_request, :pipelines do
= _("Pipelines")
%span.badge.badge-pill.gl-badge.badge-muted.sm.js-pipelines-mr-count= @number_of_pipelines
= gl_badge_tag @number_of_pipelines, { size: :sm }, { class: 'js-pipelines-mr-count' }
= render "projects/merge_requests/tabs/tab", name: "diffs", class: "diffs-tab", id: "diffs-tab", qa_selector: "diffs_tab" do
= tab_link_for @merge_request, :diffs do
= _("Changes")
%span.badge.badge-pill.gl-badge.badge-muted.sm= @diffs_count
= gl_badge_tag @diffs_count, { size: :sm }
.d-flex.flex-wrap.align-items-center.justify-content-lg-end
#js-vue-discussion-counter

9
app/views/shared/runners/_runner_type_badge.html.haml
View File

@ -1,10 +1,7 @@
- if runner.instance_type?
%span.badge.badge-pill.gl-badge.badge-success
= s_('Runners|shared')
= gl_badge_tag s_('Runners|shared'), variant: :success
- elsif runner.group_type?
%span.badge.badge-pill.gl-badge.badge-success
= s_('Runners|group')
= gl_badge_tag s_('Runners|group'), variant: :success
- else
%span.badge.badge-pill.gl-badge.badge-info
= s_('Runners|specific')
= gl_badge_tag s_('Runners|specific'), variant: :info

2
doc/administration/postgresql/replication_and_failover.md
View File

@ -761,7 +761,7 @@ Run `gitlab-ctl patroni members` to query Patroni for a summary of the cluster s
To verify the status of replication:
```shell
echo 'select * from pg_stat_wal_receiver\x\g\x \n select * from pg_stat_replication\x\g\x' | gitlab-psql
echo -e 'select * from pg_stat_wal_receiver\x\g\x \n select * from pg_stat_replication\x\g\x' | gitlab-psql
```
The same command can be run on all three database servers. It returns any information

5
doc/user/compliance/license_compliance/index.md
View File

@ -26,8 +26,9 @@ You can take advantage of License Compliance by either:
[Auto License Compliance](../../../topics/autodevops/stages.md#auto-license-compliance),
provided by [Auto DevOps](../../../topics/autodevops/index.md).
The [License Finder](https://github.com/pivotal/LicenseFinder) scan tool runs as part of the CI/CD
pipeline, and detects the licenses in use. GitLab checks the License Compliance report, compares the
To detect the licenses in use, License Compliance uses the [License Finder](https://github.com/pivotal/LicenseFinder) scan tool that runs as part of the CI/CD pipeline.
For the job to activate, License Finder needs to find a compatible package definition in the project directory. For details, see the [Activation on License Finder documentation](https://github.com/pivotal/LicenseFinder#activation).
GitLab checks the License Compliance report, compares the
licenses between the source and target branches, and shows the information right on the merge
request. Denied licenses are indicated by a `x` red icon next to them as well as new licenses that
need a decision from you. In addition, you can [manually allow or deny](#policies) licenses in your

80
spec/policies/group_policy_spec.rb
View File

@ -1033,6 +1033,86 @@ RSpec.describe GroupPolicy do
end
end
describe 'register_group_runners' do
shared_examples 'expected outcome based on runner registration control' do
context 'with runner_registration_control FF disabled' do
before do
stub_feature_flags(runner_registration_control: false)
end
it { is_expected.to be_allowed(:register_group_runners) }
end
context 'with runner_registration_control FF enabled' do
before do
stub_feature_flags(runner_registration_control: true)
end
context 'with group runner registration disabled' do
before do
stub_application_setting(valid_runner_registrars: ['project'])
end
it { is_expected.to be_disallowed(:register_group_runners) }
end
end
end
context 'admin' do
let(:current_user) { admin }
context 'when admin mode is enabled', :enable_admin_mode do
it { is_expected.to be_allowed(:register_group_runners) }
it_behaves_like 'expected outcome based on runner registration control'
end
context 'when admin mode is disabled' do
it { is_expected.to be_disallowed(:register_group_runners) }
end
end
context 'with owner' do
let(:current_user) { owner }
it { is_expected.to be_allowed(:register_group_runners) }
it_behaves_like 'expected outcome based on runner registration control'
end
context 'with maintainer' do
let(:current_user) { maintainer }
it { is_expected.to be_allowed(:register_group_runners) }
it_behaves_like 'expected outcome based on runner registration control'
end
context 'with reporter' do
let(:current_user) { reporter }
it { is_expected.to be_disallowed(:register_group_runners) }
end
context 'with guest' do
let(:current_user) { guest }
it { is_expected.to be_disallowed(:register_group_runners) }
end
context 'with non member' do
let(:current_user) { create(:user) }
it { is_expected.to be_disallowed(:register_group_runners) }
end
context 'with anonymous' do
let(:current_user) { nil }
it { is_expected.to be_disallowed(:register_group_runners) }
end
end
context 'with customer_relations feature flag disabled' do
let(:current_user) { owner }

5
spec/views/groups/runners/_group_runners.html.haml_spec.rb
View File

@ -11,12 +11,11 @@ RSpec.describe 'groups/runners/group_runners.html.haml' do
@group = group
allow(view).to receive(:current_user).and_return(user)
allow(view).to receive(:reset_registration_token_group_settings_ci_cd_path).and_return('banana_url')
allow(view).to receive(:can?).with(user, :admin_pipeline, group).and_return(true)
end
context 'when group runner registration is allowed' do
before do
stub_application_setting(valid_runner_registrars: ['group'])
allow(view).to receive(:can?).with(user, :register_group_runners, group).and_return(true)
end
it 'enables the Remove group button for a group' do
@ -29,7 +28,7 @@ RSpec.describe 'groups/runners/group_runners.html.haml' do
context 'when group runner registration is not allowed' do
before do
stub_application_setting(valid_runner_registrars: ['project'])
allow(view).to receive(:can?).with(user, :register_group_runners, group).and_return(false)
end
it 'does not enable the the Remove group button for a group' do