Add latest changes from gitlab-org/gitlab@master
This commit is contained in:
parent
415153114a
commit
0fb607f556
|
@ -22,7 +22,7 @@ class Namespace::PackageSetting < ApplicationRecord
|
|||
duplicates_allowed = package.package_settings["#{package.package_type}_duplicates_allowed"]
|
||||
regex = ::Gitlab::UntrustedRegexp.new("\\A#{package.package_settings["#{package.package_type}_duplicate_exception_regex"]}\\z")
|
||||
|
||||
duplicates_allowed || regex.match?(package.name)
|
||||
duplicates_allowed || regex.match?(package.name) || regex.match?(package.version)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -0,0 +1,5 @@
|
|||
---
|
||||
title: Check duplicate package regex against version as well as name
|
||||
merge_request: 60760
|
||||
author:
|
||||
type: fixed
|
|
@ -874,6 +874,27 @@ Particular attention should be shown to:
|
|||
repository that viewed. If the project is created, and you can see the
|
||||
README file, it works!
|
||||
|
||||
#### Use TCP for existing GitLab instances
|
||||
|
||||
When adding Gitaly Cluster to an existing Gitaly instance, the existing Gitaly storage
|
||||
must use a TCP address. If `gitaly_address` is not specified, then a Unix socket is used,
|
||||
which will prevent the communication with the cluster.
|
||||
|
||||
For example:
|
||||
|
||||
```ruby
|
||||
git_data_dirs({
|
||||
'default' => { 'gitaly_address' => 'tcp://old-gitaly.internal:8075' },
|
||||
'cluster' => {
|
||||
'gitaly_address' => 'tcp://<load_balancer_server_address>:2305',
|
||||
'gitaly_token' => '<praefect_external_token>'
|
||||
}
|
||||
})
|
||||
```
|
||||
|
||||
See [Mixed Configuration](configure_gitaly.md#mixed-configuration) for further information on
|
||||
running multiple Gitaly storages.
|
||||
|
||||
### Grafana
|
||||
|
||||
Grafana is included with GitLab, and can be used to monitor your Praefect
|
||||
|
|
|
@ -106,3 +106,15 @@ This table shows available scopes per token. Scopes can be limited further on to
|
|||
1. Limited to the one project.
|
||||
1. Runner registration and authentication token don't provide direct access to repositories, but can be used to register and authenticate a new runner that may execute jobs which do have access to the repository
|
||||
1. Limited to certain [endpoints](../api/README.md#gitlab-cicd-job-token).
|
||||
|
||||
## Security considerations
|
||||
|
||||
Access tokens should be treated like passwords and kept secure.
|
||||
|
||||
Adding them to URLs is a security risk. This is especially true when cloning or adding a remote, as Git then writes the URL to its `.git/config` file in plain text. URLs are also generally logged by proxies and application servers, which makes those credentials visible to system administrators.
|
||||
|
||||
Instead, API calls can be passed an access token using headers, like [the `Private-Token` header](../api/README.md#personalproject-access-tokens).
|
||||
|
||||
Tokens can also be stored using a [Git credential storage](https://git-scm.com/book/en/v2/Git-Tools-Credential-Storage).
|
||||
|
||||
When creating a scoped token, consider using the most limited scope possible to reduce the impact of accidentally leaking the token.
|
||||
|
|
|
@ -10,10 +10,11 @@ info: To determine the technical writer assigned to the Stage/Group associated w
|
|||
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/10075) in GitLab Ultimate 12.0.
|
||||
|
||||
Use the dependency list to review your project's dependencies and key
|
||||
details about those dependencies, including their known vulnerabilities. To see the dependency list,
|
||||
in your project, go to **Security & Compliance > Dependency List**.
|
||||
details about those dependencies, including their known vulnerabilities. It is a collection of dependencies in your project, including existing and new findings. To see the dependency list, go to your project and select **Security & Compliance > Dependency List**.
|
||||
This information is sometimes referred to as a Software Bill of Materials or SBoM / BOM.
|
||||
|
||||
The dependency list only shows the results of the last successful pipeline to run on the default branch. This is why we recommend not changing the default behavior of allowing the secure jobs to fail.
|
||||
|
||||
## Prerequisites
|
||||
|
||||
To view your project's dependencies, ensure you meet the following requirements:
|
||||
|
|
|
@ -625,7 +625,7 @@ In the UI:
|
|||
1. For your group, go to **Settings > Packages & Registries**.
|
||||
1. Expand the **Package Registry** section.
|
||||
1. Turn on the **Reject duplicates** toggle.
|
||||
1. Optional. To allow some duplicate packages, in the **Exceptions** box, enter a regex pattern that matches the names of packages you want to allow.
|
||||
1. Optional. To allow some duplicate packages, in the **Exceptions** box, enter a regex pattern that matches the names and/or versions of packages you want to allow.
|
||||
|
||||
Your changes are automatically saved.
|
||||
|
||||
|
|
|
@ -58,7 +58,7 @@ module Banzai
|
|||
end
|
||||
|
||||
def data_attributes_for(text, parent, object, **data)
|
||||
super.merge(project_path: current_parent_path, iid: object.iid, mr_title: object.title)
|
||||
super.merge(project_path: parent.full_path, iid: object.iid, mr_title: object.title)
|
||||
end
|
||||
|
||||
private
|
||||
|
|
|
@ -3,7 +3,7 @@
|
|||
module Gitlab
|
||||
module MarkdownCache
|
||||
# Increment this number every time the renderer changes its output
|
||||
CACHE_COMMONMARK_VERSION = 27
|
||||
CACHE_COMMONMARK_VERSION = 28
|
||||
CACHE_COMMONMARK_VERSION_START = 10
|
||||
|
||||
BaseError = Class.new(StandardError)
|
||||
|
|
|
@ -142,6 +142,17 @@ RSpec.describe Banzai::Filter::References::MergeRequestReferenceFilter do
|
|||
expect(doc.text).to eq("Merge (#{reference}.)")
|
||||
end
|
||||
|
||||
it 'has correct data attributes' do
|
||||
doc = reference_filter("Merge (#{reference}.)")
|
||||
|
||||
link = doc.css('a').first
|
||||
|
||||
expect(link.attr('data-project')).to eq project2.id.to_s
|
||||
expect(link.attr('data-project-path')).to eq project2.full_path
|
||||
expect(link.attr('data-iid')).to eq merge.iid.to_s
|
||||
expect(link.attr('data-mr-title')).to eq merge.title
|
||||
end
|
||||
|
||||
it 'ignores invalid merge IDs on the referenced project' do
|
||||
exp = act = "Merge #{invalidate_reference(reference)}"
|
||||
|
||||
|
|
|
@ -42,7 +42,7 @@ RSpec.describe Namespace::PackageSetting do
|
|||
context 'package types with package_settings' do
|
||||
# As more package types gain settings they will be added to this list
|
||||
[:maven_package].each do |format|
|
||||
let_it_be(:package) { create(format) } # rubocop:disable Rails/SaveBang
|
||||
let_it_be(:package) { create(format, name: 'foo', version: 'beta') } # rubocop:disable Rails/SaveBang
|
||||
let_it_be(:package_type) { package.package_type }
|
||||
let_it_be(:package_setting) { package.project.namespace.package_settings }
|
||||
|
||||
|
@ -50,6 +50,8 @@ RSpec.describe Namespace::PackageSetting do
|
|||
true | '' | true
|
||||
false | '' | false
|
||||
false | '.*' | true
|
||||
false | 'fo.*' | true
|
||||
false | 'be.*' | true
|
||||
end
|
||||
|
||||
with_them do
|
||||
|
|
|
@ -130,7 +130,15 @@ RSpec.describe Packages::Maven::FindOrCreatePackageService do
|
|||
|
||||
context 'when the package name matches the exception regex' do
|
||||
before do
|
||||
package_settings.update!(maven_duplicate_exception_regex: '.*')
|
||||
package_settings.update!(maven_duplicate_exception_regex: existing_package.name)
|
||||
end
|
||||
|
||||
it_behaves_like 'reuse existing package'
|
||||
end
|
||||
|
||||
context 'when the package version matches the exception regex' do
|
||||
before do
|
||||
package_settings.update!(maven_duplicate_exception_regex: existing_package.version)
|
||||
end
|
||||
|
||||
it_behaves_like 'reuse existing package'
|
||||
|
|
Loading…
Reference in New Issue