From 08c975cb5d563f887d55e2fda91ec7803ae6fc4f Mon Sep 17 00:00:00 2001 From: GitLab Bot Date: Mon, 12 Apr 2021 03:09:13 +0000 Subject: [PATCH] Add latest changes from gitlab-org/gitlab@master --- app/models/issue.rb | 2 +- app/serializers/build_artifact_entity.rb | 12 ------ .../sast_ui_schema.json | 40 +++++++++---------- ...0712-fix-n-1-queries-for-issues-search.yml | 5 +++ ...ll-text-updates-on-sast-config-ui-page.yml | 5 +++ ...dc-remove-artifact-fields-feature-flag.yml | 5 +++ .../georgekoltsov-fix-epics-pipeline.yml | 5 +++ ...move_duplicate_artifact_exposure_paths.yml | 8 ---- doc/administration/gitaly/praefect.md | 2 +- doc/ci/yaml/README.md | 2 +- .../site_architecture/release_process.md | 4 +- .../user_reference_transformer.rb | 2 +- lib/gitlab/ci/features.rb | 4 -- spec/graphql/types/project_type_spec.rb | 4 +- .../user_reference_transformer_spec.rb | 25 +++++++----- .../serializers/build_artifact_entity_spec.rb | 22 ---------- .../sast_parser_service_spec.rb | 4 +- 17 files changed, 66 insertions(+), 85 deletions(-) create mode 100644 changelogs/unreleased/230712-fix-n-1-queries-for-issues-search.yml create mode 100644 changelogs/unreleased/326417-small-text-updates-on-sast-config-ui-page.yml create mode 100644 changelogs/unreleased/dc-remove-artifact-fields-feature-flag.yml create mode 100644 changelogs/unreleased/georgekoltsov-fix-epics-pipeline.yml delete mode 100644 config/feature_flags/development/remove_duplicate_artifact_exposure_paths.yml diff --git a/app/models/issue.rb b/app/models/issue.rb index e345f45b6eb..907329f6991 100644 --- a/app/models/issue.rb +++ b/app/models/issue.rb @@ -114,7 +114,7 @@ class Issue < ApplicationRecord scope :order_severity_desc, -> { includes(:issuable_severity).order('issuable_severities.severity DESC NULLS LAST') } scope :preload_associated_models, -> { preload(:assignees, :labels, project: :namespace) } - scope :with_web_entity_associations, -> { preload(:author, :project) } + scope :with_web_entity_associations, -> { preload(:author, project: [:project_feature, :route, namespace: :route]) } scope :with_label_attributes, ->(label_attributes) { joins(:labels).where(labels: label_attributes) } scope :with_alert_management_alerts, -> { joins(:alert_management_alert) } scope :with_prometheus_alert_events, -> { joins(:issues_prometheus_alert_events) } diff --git a/app/serializers/build_artifact_entity.rb b/app/serializers/build_artifact_entity.rb index f522e98b448..3c2c548d049 100644 --- a/app/serializers/build_artifact_entity.rb +++ b/app/serializers/build_artifact_entity.rb @@ -21,20 +21,8 @@ class BuildArtifactEntity < Grape::Entity ) end - expose :keep_path, if: -> (*) { artifact.expiring? && show_duplicated_paths?(project) } do |artifact| - fast_keep_project_job_artifacts_path(project, artifact.job) - end - - expose :browse_path, if: -> (*) { show_duplicated_paths?(project) } do |artifact| - fast_browse_project_job_artifacts_path(project, artifact.job) - end - private - def show_duplicated_paths?(project) - !Gitlab::Ci::Features.remove_duplicate_artifact_exposure_paths?(project) - end - def project options[:project] || artifact.project end diff --git a/app/validators/json_schemas/security_ci_configuration_schemas/sast_ui_schema.json b/app/validators/json_schemas/security_ci_configuration_schemas/sast_ui_schema.json index 99961d7264b..dc4880946b2 100644 --- a/app/validators/json_schemas/security_ci_configuration_schemas/sast_ui_schema.json +++ b/app/validators/json_schemas/security_ci_configuration_schemas/sast_ui_schema.json @@ -50,23 +50,6 @@ } ], "analyzers": [ - { - "name": "brakeman", - "label": "Brakeman", - "enabled" : true, - "description": "Ruby on Rails", - "variables": [ - { - "field" : "SAST_BRAKEMAN_LEVEL", - "label" : "Brakeman confidence level.", - "type": "string", - "default_value": "1", - "value": "", - "size": "SMALL", - "description": "Ignore Brakeman vulnerabilities under given confidence level. Integer, 1=Low, 2=Medium, 3=High." - } - ] - }, { "name": "bandit", "label": "Bandit", @@ -75,7 +58,7 @@ "variables": [ { "field" : "SAST_BANDIT_EXCLUDED_PATHS", - "label" : "Paths to exclude from scan.", + "label" : "Paths to exclude from scan", "type": "string", "default_value": "", "value": "", @@ -84,6 +67,23 @@ } ] }, + { + "name": "brakeman", + "label": "Brakeman", + "enabled" : true, + "description": "Ruby on Rails", + "variables": [ + { + "field" : "SAST_BRAKEMAN_LEVEL", + "label" : "Brakeman confidence level", + "type": "string", + "default_value": "1", + "value": "", + "size": "SMALL", + "description": "Ignore Brakeman vulnerabilities under given confidence level. Integer, 1=Low, 2=Medium, 3=High." + } + ] + }, { "name": "eslint", "label": "ESLint", @@ -110,7 +110,7 @@ }, { "name": "kubesec", - "label": "kubesec", + "label": "Kubesec", "enabled" : true, "description": "Kubernetes manifests, Helm Charts", "variables": [] @@ -124,7 +124,7 @@ }, { "name": "gosec", - "label": "Golang Security Checker", + "label": "Gosec", "enabled" : true, "description": "Go", "variables": [ diff --git a/changelogs/unreleased/230712-fix-n-1-queries-for-issues-search.yml b/changelogs/unreleased/230712-fix-n-1-queries-for-issues-search.yml new file mode 100644 index 00000000000..54b75dbaf60 --- /dev/null +++ b/changelogs/unreleased/230712-fix-n-1-queries-for-issues-search.yml @@ -0,0 +1,5 @@ +--- +title: Fix N+1 queries for issues search +merge_request: 58915 +author: +type: performance diff --git a/changelogs/unreleased/326417-small-text-updates-on-sast-config-ui-page.yml b/changelogs/unreleased/326417-small-text-updates-on-sast-config-ui-page.yml new file mode 100644 index 00000000000..eb5aebc3cee --- /dev/null +++ b/changelogs/unreleased/326417-small-text-updates-on-sast-config-ui-page.yml @@ -0,0 +1,5 @@ +--- +title: Small text updates on the SAST Config UI page +merge_request: 58188 +author: +type: changed diff --git a/changelogs/unreleased/dc-remove-artifact-fields-feature-flag.yml b/changelogs/unreleased/dc-remove-artifact-fields-feature-flag.yml new file mode 100644 index 00000000000..486b7975968 --- /dev/null +++ b/changelogs/unreleased/dc-remove-artifact-fields-feature-flag.yml @@ -0,0 +1,5 @@ +--- +title: Remove paths from BuildArtifactEntity +merge_request: 58818 +author: +type: performance diff --git a/changelogs/unreleased/georgekoltsov-fix-epics-pipeline.yml b/changelogs/unreleased/georgekoltsov-fix-epics-pipeline.yml new file mode 100644 index 00000000000..cbff94d2ffd --- /dev/null +++ b/changelogs/unreleased/georgekoltsov-fix-epics-pipeline.yml @@ -0,0 +1,5 @@ +--- +title: Fix user reference transformation in EpicsPipeline +merge_request: 58913 +author: +type: fixed diff --git a/config/feature_flags/development/remove_duplicate_artifact_exposure_paths.yml b/config/feature_flags/development/remove_duplicate_artifact_exposure_paths.yml deleted file mode 100644 index 3913590a6be..00000000000 --- a/config/feature_flags/development/remove_duplicate_artifact_exposure_paths.yml +++ /dev/null @@ -1,8 +0,0 @@ ---- -name: remove_duplicate_artifact_exposure_paths -introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/54611 -rollout_issue_url: -milestone: '13.10' -type: development -group: group::testing -default_enabled: false diff --git a/doc/administration/gitaly/praefect.md b/doc/administration/gitaly/praefect.md index 49172917c72..9ed439cb861 100644 --- a/doc/administration/gitaly/praefect.md +++ b/doc/administration/gitaly/praefect.md @@ -89,7 +89,7 @@ with secure tokens as you complete the setup process. We note in the instructions below where these secrets are required. NOTE: -Omnibus GitLab installations can use `gitlab-secrets.json`. +Omnibus GitLab installations can use `gitlab-secrets.json` for `GITLAB_SHELL_SECRET_TOKEN`. ### PostgreSQL diff --git a/doc/ci/yaml/README.md b/doc/ci/yaml/README.md index 67e0c2b6377..8313c7e05e2 100644 --- a/doc/ci/yaml/README.md +++ b/doc/ci/yaml/README.md @@ -2782,7 +2782,7 @@ To follow progress on support for GitLab-managed clusters, see the #### `environment:deployment_tier` -> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/27630) in GitLab 13.10. +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/300741) in GitLab 13.10. Use the `deployment_tier` keyword to specify the tier of the deployment environment: diff --git a/doc/development/documentation/site_architecture/release_process.md b/doc/development/documentation/site_architecture/release_process.md index 2a6c6e32a2c..4776a41aadb 100644 --- a/doc/development/documentation/site_architecture/release_process.md +++ b/doc/development/documentation/site_architecture/release_process.md @@ -36,13 +36,13 @@ For example: To minimize problems during the documentation release process, use the following timeline: -- Before the 20nd of the month: +- Any time before the 17th of the month: [Add the charts version](#add-chart-version), so that the documentation is built using the [version of the charts project that maps to](https://docs.gitlab.com/charts/installation/version_mappings.html) the GitLab release. This step may have been completed already. -- On or near the 20th of the month: +- Between the 17th and the 20th of the month: 1. [Create a stable branch and Docker image](#create-stable-branch-and-docker-image-for-release) for the new version. diff --git a/lib/bulk_imports/common/transformers/user_reference_transformer.rb b/lib/bulk_imports/common/transformers/user_reference_transformer.rb index ca077b4ef43..c330ea59113 100644 --- a/lib/bulk_imports/common/transformers/user_reference_transformer.rb +++ b/lib/bulk_imports/common/transformers/user_reference_transformer.rb @@ -12,7 +12,7 @@ module BulkImports DEFAULT_REFERENCE = 'user' def initialize(options = {}) - @reference = options[:reference] || DEFAULT_REFERENCE + @reference = options[:reference].to_s.presence || DEFAULT_REFERENCE @suffixed_reference = "#{@reference}_id" end diff --git a/lib/gitlab/ci/features.rb b/lib/gitlab/ci/features.rb index 9fa4fa1d7b7..320f3a959fa 100644 --- a/lib/gitlab/ci/features.rb +++ b/lib/gitlab/ci/features.rb @@ -63,10 +63,6 @@ module Gitlab def self.multiple_cache_per_job? ::Feature.enabled?(:multiple_cache_per_job, default_enabled: :yaml) end - - def self.remove_duplicate_artifact_exposure_paths?(project) - ::Feature.enabled?(:remove_duplicate_artifact_exposure_paths, project, default_enabled: :yaml) - end end end end diff --git a/spec/graphql/types/project_type_spec.rb b/spec/graphql/types/project_type_spec.rb index 7a8c6464acc..f2c4068f048 100644 --- a/spec/graphql/types/project_type_spec.rb +++ b/spec/graphql/types/project_type_spec.rb @@ -125,8 +125,8 @@ RSpec.describe GitlabSchema.types['Project'] do it "returns the project's sast configuration for analyzer variables" do analyzer = subject.dig('data', 'project', 'sastCiConfiguration', 'analyzers', 'nodes').first - expect(analyzer['name']).to eq('brakeman') - expect(analyzer['label']).to eq('Brakeman') + expect(analyzer['name']).to eq('bandit') + expect(analyzer['label']).to eq('Bandit') expect(analyzer['enabled']).to eq(true) end diff --git a/spec/lib/bulk_imports/common/transformers/user_reference_transformer_spec.rb b/spec/lib/bulk_imports/common/transformers/user_reference_transformer_spec.rb index e86a584d38a..ba74c173794 100644 --- a/spec/lib/bulk_imports/common/transformers/user_reference_transformer_spec.rb +++ b/spec/lib/bulk_imports/common/transformers/user_reference_transformer_spec.rb @@ -52,19 +52,26 @@ RSpec.describe BulkImports::Common::Transformers::UserReferenceTransformer do end context 'when custom reference is provided' do - it 'updates provided reference' do - hash = { - 'author' => { - 'public_email' => user.email + shared_examples 'updates provided reference' do |reference| + let(:hash) do + { + 'author' => { + 'public_email' => user.email + } } - } + end - transformer = described_class.new(reference: 'author') - result = transformer.transform(context, hash) + it 'updates provided reference' do + transformer = described_class.new(reference: reference) + result = transformer.transform(context, hash) - expect(result['author']).to be_nil - expect(result['author_id']).to eq(user.id) + expect(result['author']).to be_nil + expect(result['author_id']).to eq(user.id) + end end + + include_examples 'updates provided reference', 'author' + include_examples 'updates provided reference', :author end end end diff --git a/spec/serializers/build_artifact_entity_spec.rb b/spec/serializers/build_artifact_entity_spec.rb index 3d4dc3f69c9..8835d4d834e 100644 --- a/spec/serializers/build_artifact_entity_spec.rb +++ b/spec/serializers/build_artifact_entity_spec.rb @@ -27,28 +27,6 @@ RSpec.describe BuildArtifactEntity do expect(subject[:path]).to include "jobs/#{job.id}/artifacts/download?file_type=codequality" end - context 'with remove_duplicate_artifact_exposure_paths enabled' do - before do - stub_feature_flags(remove_duplicate_artifact_exposure_paths: true) - end - - it 'has no keep or browse path' do - expect(subject).not_to include(:keep_path) - expect(subject).not_to include(:browse_path) - end - end - - context 'with remove_duplicate_artifact_exposure_paths disabled' do - before do - stub_feature_flags(remove_duplicate_artifact_exposure_paths: false) - end - - it 'has keep and browse paths' do - expect(subject[:keep_path]).to be_present - expect(subject[:browse_path]).to be_present - end - end - context 'when project is specified in options' do let(:options) { super().merge(project: job.project) } diff --git a/spec/services/security/ci_configuration/sast_parser_service_spec.rb b/spec/services/security/ci_configuration/sast_parser_service_spec.rb index 21490f993c7..4ebaddcfa4e 100644 --- a/spec/services/security/ci_configuration/sast_parser_service_spec.rb +++ b/spec/services/security/ci_configuration/sast_parser_service_spec.rb @@ -12,8 +12,8 @@ RSpec.describe Security::CiConfiguration::SastParserService do let(:sast_analyzer_image_tag) { configuration['global'][2] } let(:sast_pipeline_stage) { configuration['pipeline'][0] } let(:sast_search_max_depth) { configuration['pipeline'][1] } - let(:brakeman) { configuration['analyzers'][0] } - let(:bandit) { configuration['analyzers'][1] } + let(:bandit) { configuration['analyzers'][0] } + let(:brakeman) { configuration['analyzers'][1] } let(:sast_brakeman_level) { brakeman['variables'][0] } it 'parses the configuration for SAST' do