Add latest changes from gitlab-org/gitlab@master
This commit is contained in:
parent
640007842a
commit
2bb1dbf21f
|
@ -55,23 +55,13 @@ module Clusters
|
|||
private
|
||||
|
||||
def activate_project_integrations
|
||||
if Feature.enabled?(:rename_integrations_workers)
|
||||
::Clusters::Applications::ActivateIntegrationWorker
|
||||
.perform_async(cluster_id, ::Integrations::Prometheus.to_param)
|
||||
else
|
||||
::Clusters::Applications::ActivateServiceWorker
|
||||
.perform_async(cluster_id, ::Integrations::Prometheus.to_param)
|
||||
end
|
||||
::Clusters::Applications::ActivateIntegrationWorker
|
||||
.perform_async(cluster_id, ::Integrations::Prometheus.to_param)
|
||||
end
|
||||
|
||||
def deactivate_project_integrations
|
||||
if Feature.enabled?(:rename_integrations_workers)
|
||||
::Clusters::Applications::DeactivateIntegrationWorker
|
||||
.perform_async(cluster_id, ::Integrations::Prometheus.to_param)
|
||||
else
|
||||
::Clusters::Applications::DeactivateServiceWorker
|
||||
.perform_async(cluster_id, ::Integrations::Prometheus.to_param)
|
||||
end
|
||||
::Clusters::Applications::DeactivateIntegrationWorker
|
||||
.perform_async(cluster_id, ::Integrations::Prometheus.to_param)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -570,11 +570,7 @@ class Integration < ApplicationRecord
|
|||
def async_execute(data)
|
||||
return unless supported_events.include?(data[:object_kind])
|
||||
|
||||
if Feature.enabled?(:rename_integrations_workers)
|
||||
Integrations::ExecuteWorker.perform_async(id, data)
|
||||
else
|
||||
ProjectServiceWorker.perform_async(id, data)
|
||||
end
|
||||
Integrations::ExecuteWorker.perform_async(id, data)
|
||||
end
|
||||
|
||||
# override if needed
|
||||
|
|
|
@ -30,17 +30,10 @@ module Integrations
|
|||
def execute(data)
|
||||
return unless supported_events.include?(data[:object_kind])
|
||||
|
||||
if Feature.enabled?(:rename_integrations_workers)
|
||||
Integrations::IrkerWorker.perform_async(
|
||||
project_id, channels,
|
||||
colorize_messages, data, settings
|
||||
)
|
||||
else
|
||||
::IrkerWorker.perform_async(
|
||||
project_id, channels,
|
||||
colorize_messages, data, settings
|
||||
)
|
||||
end
|
||||
Integrations::IrkerWorker.perform_async(
|
||||
project_id, channels,
|
||||
colorize_messages, data, settings
|
||||
)
|
||||
end
|
||||
|
||||
def settings
|
||||
|
|
|
@ -212,7 +212,7 @@ module Projects
|
|||
# produces smaller and faster queries to the database.
|
||||
def destroy_web_hooks!
|
||||
project.hooks.find_each do |web_hook|
|
||||
result = ::WebHooks::DestroyService.new(current_user).sync_destroy(web_hook)
|
||||
result = ::WebHooks::DestroyService.new(current_user).execute(web_hook)
|
||||
|
||||
unless result[:status] == :success
|
||||
raise_error(s_('DeleteProject|Failed to remove webhooks. Please try again or contact administrator.'))
|
||||
|
|
|
@ -21,8 +21,5 @@ module WebHooks
|
|||
ServiceResponse.error(message: "Unable to destroy #{web_hook.model_name.human}")
|
||||
end
|
||||
end
|
||||
|
||||
# Backwards compatibility with WebHooks::DestroyWorker
|
||||
alias_method :sync_destroy, :execute
|
||||
end
|
||||
end
|
||||
|
|
|
@ -4,7 +4,7 @@
|
|||
.col-sm-10
|
||||
= f.gitlab_ui_checkbox_component :lfs_enabled, checkbox_options: { checked: @group.lfs_enabled? } do |c|
|
||||
= c.label do
|
||||
= _('Allow projects within this group to use Git LFS')
|
||||
= _('Projects in this group can use Git LFS')
|
||||
= link_to sprite_icon('question-o'), help_page_path('topics/git/lfs/index'), class: 'gl-ml-2'
|
||||
= c.help_text do
|
||||
= _('This setting can be overridden in each project.')
|
||||
|
@ -24,7 +24,7 @@
|
|||
.col-sm-2.col-form-label.pt-0
|
||||
= f.label :require_two_factor_authentication, _('Two-factor authentication')
|
||||
.col-sm-10
|
||||
- label = _("Require all users in this group to set up two-factor authentication")
|
||||
- label = _("All users in this group must set up two-factor authentication")
|
||||
- help_link = link_to sprite_icon('question-o'), help_page_path('security/two_factor_authentication', anchor: 'enforce-2fa-for-all-users-in-a-group'), class: 'gl-ml-2'
|
||||
= f.gitlab_ui_checkbox_component :require_two_factor_authentication, '%{label}%{help_link}'.html_safe % { label: label, help_link: help_link }
|
||||
.form-group.row
|
||||
|
|
|
@ -7,27 +7,27 @@
|
|||
- if @group.root?
|
||||
.form-group.gl-mb-3
|
||||
= f.gitlab_ui_checkbox_component :prevent_sharing_groups_outside_hierarchy,
|
||||
s_('GroupSettings|Prevent members from sending invitations to groups outside of %{group} and its subgroups').html_safe % { group: link_to_group(@group) },
|
||||
s_('GroupSettings|Members cannot invite groups outside of %{group} and its subgroups').html_safe % { group: link_to_group(@group) },
|
||||
help_text: prevent_sharing_groups_outside_hierarchy_help_text(@group),
|
||||
checkbox_options: { disabled: !can_change_prevent_sharing_groups_outside_hierarchy?(@group) }
|
||||
|
||||
.form-group.gl-mb-3
|
||||
= f.gitlab_ui_checkbox_component :share_with_group_lock,
|
||||
s_('GroupSettings|Prevent sharing a project within %{group} with other groups').html_safe % { group: link_to_group(@group) },
|
||||
s_('GroupSettings|Projects in %{group} cannot be shared with other groups').html_safe % { group: link_to_group(@group) },
|
||||
checkbox_options: { disabled: !can_change_share_with_group_lock?(@group) },
|
||||
help_text: share_with_group_lock_help_text(@group)
|
||||
|
||||
.form-group.gl-mb-3
|
||||
= f.gitlab_ui_checkbox_component :emails_disabled,
|
||||
s_('GroupSettings|Disable email notifications'),
|
||||
s_('GroupSettings|Email notifications are disabled'),
|
||||
checkbox_options: { checked: @group.emails_disabled?, disabled: !can_disable_group_emails?(@group) },
|
||||
help_text: s_('GroupSettings|Overrides user notification preferences for all members of the group, subgroups, and projects.')
|
||||
|
||||
.form-group.gl-mb-3
|
||||
= f.gitlab_ui_checkbox_component :mentions_disabled,
|
||||
s_('GroupSettings|Disable group mentions'),
|
||||
s_('GroupSettings|Group mentions are disabled'),
|
||||
checkbox_options: { checked: @group.mentions_disabled? },
|
||||
help_text: s_('GroupSettings|Prevents group members from being notified if the group is mentioned.')
|
||||
help_text: s_('GroupSettings|Group members are not notified if the group is mentioned.')
|
||||
|
||||
= render 'groups/settings/resource_access_token_creation', f: f, group: @group
|
||||
= render_if_exists 'groups/settings/delayed_project_removal', f: f, group: @group
|
||||
|
@ -48,8 +48,8 @@
|
|||
%h5= _('Customer relations')
|
||||
.form-group.gl-mb-3
|
||||
= f.gitlab_ui_checkbox_component :crm_enabled,
|
||||
s_('GroupSettings|Enable customer relations'),
|
||||
s_('GroupSettings|Customer relations is enabled'),
|
||||
checkbox_options: { checked: @group.crm_enabled? },
|
||||
help_text: s_('GroupSettings|Allows creating organizations and contacts and associating them with issues.')
|
||||
help_text: s_('GroupSettings|Organizations and contacts can be created and associated with issues.')
|
||||
|
||||
= f.submit _('Save changes'), class: 'btn gl-button btn-confirm gl-mt-3 js-dirty-submit', data: { qa_selector: 'save_permissions_changes_button' }
|
||||
|
|
|
@ -1,3 +1,3 @@
|
|||
.form-group
|
||||
= f.label s_('ProjectCreationLevel|Allowed to create projects'), class: 'label-bold'
|
||||
= f.label s_('ProjectCreationLevel|Roles allowed to create projects'), class: 'label-bold'
|
||||
= f.select :project_creation_level, options_for_select(::Gitlab::Access.project_creation_options, group.project_creation_level), {}, class: 'form-control', data: { qa_selector: 'project_creation_level_dropdown' }
|
||||
|
|
|
@ -6,6 +6,5 @@
|
|||
- link_start_project = '<a href="%{url}" target="_blank" rel="noopener noreferrer">'.html_safe % { url: project_access_tokens_link }
|
||||
- link_start_group = '<a href="%{url}" target="_blank" rel="noopener noreferrer">'.html_safe % { url: group_access_tokens_link }
|
||||
= f.gitlab_ui_checkbox_component :resource_access_token_creation_allowed,
|
||||
s_('GroupSettings|Allow project and group access token creation'),
|
||||
checkbox_options: { checked: group.namespace_settings.resource_access_token_creation_allowed?, data: { qa_selector: 'resource_access_token_creation_allowed_checkbox' } },
|
||||
help_text: s_('GroupSettings|Users can create %{link_start_project}project access tokens%{link_end} and %{link_start_group}group access tokens%{link_end} in this group.').html_safe % { link_start_project: link_start_project, link_start_group: link_start_group, link_end: '</a>'.html_safe }
|
||||
s_('GroupSettings|Users can create %{link_start_project}project access tokens%{link_end} and %{link_start_group}group access tokens%{link_end} in this group').html_safe % { link_start_project: link_start_project, link_start_group: link_start_group, link_end: '</a>'.html_safe },
|
||||
checkbox_options: { checked: group.namespace_settings.resource_access_token_creation_allowed?, data: { qa_selector: 'resource_access_token_creation_allowed_checkbox' } }
|
||||
|
|
|
@ -1,3 +1,3 @@
|
|||
.form-group
|
||||
= f.label s_('SubgroupCreationLevel|Allowed to create subgroups'), class: 'label-bold'
|
||||
= f.label s_('SubgroupCreationLevel|Roles allowed to create subgroups'), class: 'label-bold'
|
||||
= f.select :subgroup_creation_level, options_for_select(::Gitlab::Access.subgroup_creation_options, group.subgroup_creation_level), {}, class: 'form-control'
|
||||
|
|
|
@ -8,14 +8,14 @@
|
|||
|
||||
.form-group
|
||||
= f.gitlab_ui_checkbox_component :require_two_factor_authentication,
|
||||
_('Require all users in this group to set up two-factor authentication'),
|
||||
_('All users in this group must set up two-factor authentication'),
|
||||
checkbox_options: { data: { qa_selector: 'require_2fa_checkbox' } }
|
||||
.form-group
|
||||
= f.label :two_factor_grace_period, _('Time before enforced')
|
||||
= f.label :two_factor_grace_period, _('Delay 2FA enforcement (hours)')
|
||||
= f.text_field :two_factor_grace_period, class: 'form-control form-control-sm w-auto gl-form-input gl-mb-3'
|
||||
.form-text.text-muted= _('Time (in hours) that users are allowed to skip forced configuration of two-factor authentication.')
|
||||
.form-text.text-muted= _("The maximum amount of time users have to set up two-factor authentication before it's enforced.")
|
||||
- unless group.has_parent?
|
||||
.form-group
|
||||
= f.gitlab_ui_checkbox_component :allow_mfa_for_subgroups,
|
||||
_('Allow subgroups to set up their own two-factor authentication rules'),
|
||||
_('Subgroups can set up their own two-factor authentication rules'),
|
||||
checkbox_options: { checked: group.namespace_settings&.allow_mfa_for_subgroups }
|
||||
|
|
|
@ -1,3 +1,3 @@
|
|||
= form.gitlab_ui_checkbox_component :request_access_enabled,
|
||||
_('Allow users to request access (if visibility is public or internal)'),
|
||||
_('Users can request access (if visibility is public or internal)'),
|
||||
checkbox_options: { data: { qa_selector: 'request_access_checkbox' } }
|
||||
|
|
|
@ -948,15 +948,6 @@
|
|||
:weight: 1
|
||||
:idempotent: false
|
||||
:tags: []
|
||||
- :name: gcp_cluster:clusters_applications_activate_service
|
||||
:worker_name: Clusters::Applications::ActivateServiceWorker
|
||||
:feature_category: :kubernetes_management
|
||||
:has_external_dependencies: false
|
||||
:urgency: :low
|
||||
:resource_boundary: :unknown
|
||||
:weight: 1
|
||||
:idempotent: false
|
||||
:tags: []
|
||||
- :name: gcp_cluster:clusters_applications_deactivate_integration
|
||||
:worker_name: Clusters::Applications::DeactivateIntegrationWorker
|
||||
:feature_category: :kubernetes_management
|
||||
|
@ -966,15 +957,6 @@
|
|||
:weight: 1
|
||||
:idempotent: false
|
||||
:tags: []
|
||||
- :name: gcp_cluster:clusters_applications_deactivate_service
|
||||
:worker_name: Clusters::Applications::DeactivateServiceWorker
|
||||
:feature_category: :kubernetes_management
|
||||
:has_external_dependencies: false
|
||||
:urgency: :low
|
||||
:resource_boundary: :unknown
|
||||
:weight: 1
|
||||
:idempotent: false
|
||||
:tags: []
|
||||
- :name: gcp_cluster:clusters_applications_uninstall
|
||||
:worker_name: Clusters::Applications::UninstallWorker
|
||||
:feature_category: :kubernetes_management
|
||||
|
@ -2434,15 +2416,6 @@
|
|||
:weight: 2
|
||||
:idempotent: false
|
||||
:tags: []
|
||||
- :name: irker
|
||||
:worker_name: IrkerWorker
|
||||
:feature_category: :integrations
|
||||
:has_external_dependencies: false
|
||||
:urgency: :low
|
||||
:resource_boundary: :unknown
|
||||
:weight: 1
|
||||
:idempotent: false
|
||||
:tags: []
|
||||
- :name: issuable_export_csv
|
||||
:worker_name: IssuableExportCsvWorker
|
||||
:feature_category: :team_planning
|
||||
|
@ -2776,15 +2749,6 @@
|
|||
:weight: 1
|
||||
:idempotent: false
|
||||
:tags: []
|
||||
- :name: project_service
|
||||
:worker_name: ProjectServiceWorker
|
||||
:feature_category: :integrations
|
||||
:has_external_dependencies: true
|
||||
:urgency: :low
|
||||
:resource_boundary: :unknown
|
||||
:weight: 1
|
||||
:idempotent: false
|
||||
:tags: []
|
||||
- :name: projects_after_import
|
||||
:worker_name: Projects::AfterImportWorker
|
||||
:feature_category: :importers
|
||||
|
@ -3101,15 +3065,6 @@
|
|||
:weight: 1
|
||||
:idempotent: false
|
||||
:tags: []
|
||||
- :name: web_hooks_destroy
|
||||
:worker_name: WebHooks::DestroyWorker
|
||||
:feature_category: :integrations
|
||||
:has_external_dependencies: false
|
||||
:urgency: :high
|
||||
:resource_boundary: :unknown
|
||||
:weight: 1
|
||||
:idempotent: true
|
||||
:tags: []
|
||||
- :name: web_hooks_log_destroy
|
||||
:worker_name: WebHooks::LogDestroyWorker
|
||||
:feature_category: :integrations
|
||||
|
|
|
@ -1,12 +0,0 @@
|
|||
# frozen_string_literal: true
|
||||
|
||||
# This worker was renamed in 15.1, we can delete it in 15.2.
|
||||
# See: https://gitlab.com/gitlab-org/gitlab/-/issues/364112
|
||||
#
|
||||
# rubocop:disable Scalability/IdempotentWorker
|
||||
module Clusters
|
||||
module Applications
|
||||
class ActivateServiceWorker < ActivateIntegrationWorker
|
||||
end
|
||||
end
|
||||
end
|
|
@ -1,12 +0,0 @@
|
|||
# frozen_string_literal: true
|
||||
|
||||
# This worker was renamed in 15.1, we can delete it in 15.2.
|
||||
# See: https://gitlab.com/gitlab-org/gitlab/-/issues/364112
|
||||
#
|
||||
# rubocop:disable Scalability/IdempotentWorker
|
||||
module Clusters
|
||||
module Applications
|
||||
class DeactivateServiceWorker < DeactivateIntegrationWorker
|
||||
end
|
||||
end
|
||||
end
|
|
@ -1,9 +0,0 @@
|
|||
# frozen_string_literal: true
|
||||
|
||||
# This worker was renamed in 15.1, we can delete it in 15.2.
|
||||
# See: https://gitlab.com/gitlab-org/gitlab/-/issues/364112
|
||||
#
|
||||
# rubocop: disable Gitlab/NamespacedClass
|
||||
# rubocop:disable Scalability/IdempotentWorker
|
||||
class IrkerWorker < Integrations::IrkerWorker
|
||||
end
|
|
@ -1,16 +0,0 @@
|
|||
# frozen_string_literal: true
|
||||
|
||||
# This worker was renamed in 15.1, we can delete it in 15.2.
|
||||
# See: https://gitlab.com/gitlab-org/gitlab/-/issues/364112
|
||||
#
|
||||
# rubocop: disable Gitlab/NamespacedClass
|
||||
# rubocop: disable Scalability/IdempotentWorker
|
||||
class ProjectServiceWorker < Integrations::ExecuteWorker
|
||||
data_consistency :always
|
||||
sidekiq_options retry: 3
|
||||
sidekiq_options dead: false
|
||||
feature_category :integrations
|
||||
urgency :low
|
||||
|
||||
worker_has_external_dependencies!
|
||||
end
|
|
@ -1,27 +0,0 @@
|
|||
# frozen_string_literal: true
|
||||
|
||||
module WebHooks
|
||||
class DestroyWorker
|
||||
include ApplicationWorker
|
||||
|
||||
DestroyError = Class.new(StandardError)
|
||||
|
||||
data_consistency :always
|
||||
sidekiq_options retry: 3
|
||||
feature_category :integrations
|
||||
urgency :high
|
||||
|
||||
idempotent!
|
||||
|
||||
def perform(user_id, web_hook_id)
|
||||
user = User.find_by_id(user_id)
|
||||
hook = WebHook.find_by_id(web_hook_id)
|
||||
|
||||
return unless user && hook
|
||||
|
||||
result = ::WebHooks::DestroyService.new(user).sync_destroy(hook)
|
||||
|
||||
result.track_and_raise_exception(as: DestroyError, web_hook_id: hook.id)
|
||||
end
|
||||
end
|
||||
end
|
|
@ -1,8 +0,0 @@
|
|||
---
|
||||
name: rename_integrations_workers
|
||||
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/88558
|
||||
rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/364112
|
||||
milestone: '15.1'
|
||||
type: development
|
||||
group: group::integrations
|
||||
default_enabled: true
|
|
@ -241,8 +241,6 @@
|
|||
- 1
|
||||
- - invalid_gpg_signature_update
|
||||
- 2
|
||||
- - irker
|
||||
- 1
|
||||
- - issuable_export_csv
|
||||
- 1
|
||||
- - issuable_label_links_destroy
|
||||
|
@ -357,8 +355,6 @@
|
|||
- 1
|
||||
- - project_import_schedule
|
||||
- 1
|
||||
- - project_service
|
||||
- 1
|
||||
- - project_template_export
|
||||
- 1
|
||||
- - projects_after_import
|
||||
|
@ -471,8 +467,6 @@
|
|||
- 1
|
||||
- - web_hook
|
||||
- 1
|
||||
- - web_hooks_destroy
|
||||
- 1
|
||||
- - web_hooks_log_destroy
|
||||
- 1
|
||||
- - web_hooks_log_execution
|
||||
|
|
|
@ -0,0 +1,59 @@
|
|||
# This is a template for a "Whats New" release.
|
||||
# A release typically contains multiple entries of features that we'd like to highlight.
|
||||
#
|
||||
# Below is an example of what a single entry should look like, it's required attributes,
|
||||
# and what types we expect those attribute values to be. All attributes are required.
|
||||
#
|
||||
# For more information please refer to the handbook documentation here:
|
||||
# https://about.gitlab.com/handbook/marketing/blog/release-posts/index.html#create-mr-for-whats-new-entries
|
||||
#
|
||||
# Please delete this line and above before submitting your merge request.
|
||||
|
||||
- title: SAML Group Sync for self-managed GitLab
|
||||
body: | # Do not modify this line, instead modify the lines below.
|
||||
You can now map a group in your identity provider to a self-managed GitLab group using SAML group links. Previously, this feature was only available for GitLab.com. Group memberships are updated when a user logs into GitLab through their SAML provider. This new functionality decreases the workload for GitLab administrators and reduces onboarding time for group members.
|
||||
stage: manage # String value of the stage that the feature was created in. e.g., Growth
|
||||
self-managed: true
|
||||
gitlab-com: true
|
||||
packages: [Premium, Ultimate]
|
||||
url: https://docs.gitlab.com/ee/user/group/saml_sso/group_sync.html
|
||||
image_url: https://about.gitlab.com/images/15_1/SAML_Group_Sync.png # This should be a full URL, generally taken from the release post content. If a video, use the youtube thumbnail URL with the structure of https://img.youtube.com/vi/UNIQUEID/hqdefault.jpg
|
||||
published_at: 2022-06-22
|
||||
release: 15.1
|
||||
- title: Enhancing visibility into Value Stream with DORA metrics
|
||||
body: | # Do not modify this line, instead modify the lines below.
|
||||
With the addition of the four [DORA metrics](https://docs.gitlab.com/ee/user/analytics/#devops-research-and-assessment-dora-key-metrics) tiles to the [Value Stream Analytics](https://docs.gitlab.com/ee/user/group/value_stream_analytics/) dashboard, you can now track team performance and value flow from ideation to customer delivery. Additionally, we added a new trend chart for the DORA [Time to restore service](https://docs.gitlab.com/ee/user/analytics/ci_cd_analytics.html) metric to provide insights into software stability and reliability trends. This new chart shows information about how long it takes an organization to recover from a failure in production. This is the third DORA chart that's available out of the box in GitLab. We plan to keep improving the visibility into DORA metrics and also add charts for the fourth metric- Change failure rate.
|
||||
stage: manage # String value of the stage that the feature was created in. e.g., Growth
|
||||
self-managed: true
|
||||
gitlab-com: true
|
||||
packages: [Free, Premium, Ultimate]
|
||||
url: https://docs.gitlab.com/ee/user/analytics/ci_cd_analytics.html
|
||||
image_url: https://about.gitlab.com/images/15_1/vsa_dora_n_ttrs.png # This should be a full URL, generally taken from the release post content. If a video, use the youtube thumbnail URL with the structure of https://img.youtube.com/vi/UNIQUEID/hqdefault.jpg
|
||||
published_at: 2022-06-22
|
||||
release: 15.1
|
||||
- title: "SLSA-2 attestation included for build artifacts"
|
||||
body: | # Do not modify this line, instead modify the lines below.
|
||||
[Supply-chain Levels for Software Artifacts (SLSA)](https://github.com/slsa-framework/slsa) is a security framework that helps ensure the security and integrity of your software supply chain. By default, GitLab Runner is now capable of generating and producing SLSA-2 compliant attestation metadata for build artifacts.
|
||||
If the artifact is stored in a registry, then the attestation metadata is stored alongside the artifact in that registry. Otherwise, the metadata is in rendered in a plain text `.json` file that's stored with the artifact.
|
||||
This new attestation information can help you more easily verify that your build artifacts have not been tampered with. To enable this feature, simply set `RUNNER_GENERATE_ARTIFACTS_METADATA = "true"` in your `.gitlab-ci.yml` file.
|
||||
As part of the Limited Availability release, CI jobs that run on the macOS runners will count toward your CI/CD minutes quota at a [cost factor](https://docs.gitlab.com/ee/ci/pipelines/cicd_minutes.html#cost-factor) of 6.
|
||||
stage: verify
|
||||
self-managed: true
|
||||
gitlab-com: true
|
||||
packages: [Free, Premium, Ultimate]
|
||||
url: https://docs.gitlab.com/ee/ci/runners/configure_runners.html#artifact-attestation
|
||||
image_url: https://www.youtube.com/embed/MlIdqrDgI8U
|
||||
published_at: 2022-06-22
|
||||
release: 15.1
|
||||
- title: "Link to included CI/CD configuration from the pipeline editor"
|
||||
body: | # Do not modify this line, instead modify the lines below.
|
||||
A typical CI/CD configuration uses the `include` keyword to import configuration stored in other files or CI/CD templates. When editing or troubleshooting your configuration though, it can be difficult to understand how all the configuration works together because the included configuration is not visible in your `.gitlab-ci-yml`, you only see the `include` entry.
|
||||
In this release, we added links to all included configuration files and templates to the pipeline editor. Now you can easily access and view all the CI/CD configuration your pipeline uses, making it much easier to manage large and complex pipelines.
|
||||
stage: verify
|
||||
self-managed: true
|
||||
gitlab-com: true
|
||||
packages: [Free, Premium, Ultimate]
|
||||
url: https://docs.gitlab.com/ee/ci/pipeline_editor/
|
||||
image_url: https://www.youtube.com/embed/7BNDUYfY_ok
|
||||
published_at: 2022-06-22
|
||||
release: 15.1
|
|
@ -0,0 +1,29 @@
|
|||
# frozen_string_literal: true
|
||||
|
||||
class ScheduleBackfillCiRunnerSemver < Gitlab::Database::Migration[2.0]
|
||||
restrict_gitlab_migration gitlab_schema: :gitlab_ci
|
||||
|
||||
MIGRATION = 'BackfillCiRunnerSemver'
|
||||
INTERVAL = 2.minutes.freeze
|
||||
BATCH_SIZE = 500
|
||||
MAX_BATCH_SIZE = 10_000
|
||||
SUB_BATCH_SIZE = 100
|
||||
|
||||
disable_ddl_transaction!
|
||||
|
||||
def up
|
||||
queue_batched_background_migration(
|
||||
MIGRATION,
|
||||
:ci_runners,
|
||||
:id,
|
||||
job_interval: INTERVAL,
|
||||
batch_size: BATCH_SIZE,
|
||||
max_batch_size: MAX_BATCH_SIZE,
|
||||
sub_batch_size: SUB_BATCH_SIZE
|
||||
)
|
||||
end
|
||||
|
||||
def down
|
||||
delete_batched_background_migration(MIGRATION, :ci_runners, :id, [])
|
||||
end
|
||||
end
|
|
@ -0,0 +1 @@
|
|||
c215c9ef738ab0d466d9244c0596164d6860728ac92fac90bef5a987c2cef6b7
|
|
@ -823,7 +823,7 @@ Parameters:
|
|||
| `subgroup_creation_level` | string | no | Allowed to [create subgroups](../user/group/subgroups/index.md#create-a-subgroup). Can be `owner` (Owners), or `maintainer` (users with the Maintainer role). |
|
||||
| `two_factor_grace_period` | integer | no | Time before Two-factor authentication is enforced (in hours). |
|
||||
| `visibility` | string | no | The group's visibility. Can be `private`, `internal`, or `public`. |
|
||||
| `membership_lock` **(PREMIUM)** | boolean | no | Prevent adding new members to projects within this group. |
|
||||
| `membership_lock` **(PREMIUM)** | boolean | no | Users cannot be added to projects in this group. |
|
||||
| `extra_shared_runners_minutes_limit` **(PREMIUM)** | integer | no | Can be set by administrators only. Additional CI/CD minutes for this group. |
|
||||
| `shared_runners_minutes_limit` **(PREMIUM)** | integer | no | Can be set by administrators only. Maximum number of monthly CI/CD minutes for this group. Can be `nil` (default; inherit system default), `0` (unlimited), or `> 0`. |
|
||||
|
||||
|
@ -930,7 +930,7 @@ PUT /groups/:id
|
|||
| `visibility` | string | no | The visibility level of the group. Can be `private`, `internal`, or `public`. |
|
||||
| `extra_shared_runners_minutes_limit` **(PREMIUM)** | integer | no | Can be set by administrators only. Additional CI/CD minutes for this group. |
|
||||
| `file_template_project_id` **(PREMIUM)** | integer | no | The ID of a project to load custom file templates from. |
|
||||
| `membership_lock` **(PREMIUM)** | boolean | no | Prevent adding new members to projects within this group. |
|
||||
| `membership_lock` **(PREMIUM)** | boolean | no | Users cannot be added to projects in this group. |
|
||||
| `prevent_forking_outside_group` **(PREMIUM)** | boolean | no | When enabled, users can **not** fork projects from this group to external namespaces. |
|
||||
| `shared_runners_minutes_limit` **(PREMIUM)** | integer | no | Can be set by administrators only. Maximum number of monthly CI/CD minutes for this group. Can be `nil` (default; inherit system default), `0` (unlimited), or `> 0`. |
|
||||
|
||||
|
|
|
@ -19,11 +19,11 @@ Geo handles replication for different components:
|
|||
|
||||
- [Database](#database-replication): includes the entire application, except cache and jobs.
|
||||
- [Git repositories](#repository-replication): includes both projects and wikis.
|
||||
- [Uploaded blobs](#uploads-replication): includes anything from images attached on issues
|
||||
- [Blobs](#blob-replication): includes anything from images attached on issues
|
||||
to raw logs and assets from CI.
|
||||
|
||||
With the exception of the Database replication, on a *secondary* site, everything is coordinated
|
||||
by the [Geo Log Cursor](#geo-log-cursor).
|
||||
by the [Geo Log Cursor](#geo-log-cursor-daemon).
|
||||
|
||||
### Geo Log Cursor daemon
|
||||
|
||||
|
@ -66,7 +66,7 @@ the state of every repository in the [tracking database](#tracking-database).
|
|||
There are a few ways a repository gets replicated by the:
|
||||
|
||||
- [Repository Sync worker](#repository-sync-worker).
|
||||
- [Geo Log Cursor](#geo-log-cursor).
|
||||
- [Geo Log Cursor](#geo-log-cursor-daemon).
|
||||
|
||||
#### Project Registry
|
||||
|
||||
|
@ -104,19 +104,204 @@ times, Geo does a so-called _re-download_. It will do a clean clone
|
|||
into the `@geo-temporary` directory in the root of the storage. When
|
||||
it's successful, we replace the main repository with the newly cloned one.
|
||||
|
||||
### Uploads replication
|
||||
### Blob replication
|
||||
|
||||
File uploads are also being replicated to the **secondary** site. To
|
||||
track the state of syncing, the `Geo::UploadRegistry` model is used.
|
||||
Blobs such as [uploads](uploads/index.md), LFS objects, and CI job artifacts, are replicated to the **secondary** site with the [Self-Service Framework](geo/framework.md). To track the state of syncing, each model has a corresponding registry table, for example `Upload` has `Geo::UploadRegistry` in the [PostgreSQL Geo Tracking Database](#tracking-database).
|
||||
|
||||
#### Upload Registry
|
||||
#### Blob replication happy path workflows between services
|
||||
|
||||
Similar to the [Project Registry](#project-registry), there is a
|
||||
`Geo::UploadRegistry` model that tracks the synced uploads.
|
||||
Job artifacts are used in the diagrams below, as one example of a blob.
|
||||
|
||||
CI Job Artifacts and LFS objects are synced in a similar way as uploads,
|
||||
but they are tracked by `Geo::JobArtifactRegistry`, and `Geo::LfsObjectRegistry`
|
||||
models respectively.
|
||||
##### Replicating a new job artifact
|
||||
|
||||
Primary site:
|
||||
|
||||
```mermaid
|
||||
sequenceDiagram
|
||||
participant R as Runner
|
||||
participant P as Puma
|
||||
participant DB as PostgreSQL
|
||||
participant SsP as Secondary site PostgreSQL
|
||||
R->>P: Upload artifact
|
||||
P->>DB: Insert `ci_job_artifacts` row
|
||||
P->>DB: Insert `geo_events` row
|
||||
P->>DB: Insert `geo_event_log` row
|
||||
DB->>SsP: Replicate rows
|
||||
```
|
||||
|
||||
- A [Runner](https://docs.gitlab.com/runner/) uploads an artifact
|
||||
- [Puma](architecture.md#puma) inserts `ci_job_artifacts` row
|
||||
- Puma inserts `geo_events` row with data like "Job Artifact with ID 123 was updated"
|
||||
- Puma inserts `geo_event_log` row pointing to the `geo_events` row (because we built SSF on top of some legacy logic)
|
||||
- [PostgreSQL](architecture.md#postgresql) streaming replication inserts the rows in the read replica
|
||||
|
||||
Secondary site, after the PostgreSQL DB rows have been replicated:
|
||||
|
||||
```mermaid
|
||||
sequenceDiagram
|
||||
participant DB as PostgreSQL
|
||||
participant GLC as Geo Log Cursor
|
||||
participant R as Redis
|
||||
participant S as Sidekiq
|
||||
participant TDB as PostgreSQL Tracking DB
|
||||
participant PP as Primary site Puma
|
||||
GLC->>DB: Query `geo_event_log`
|
||||
GLC->>DB: Query `geo_events`
|
||||
GLC->>R: Enqueue `Geo::EventWorker`
|
||||
S->>R: Pick up `Geo::EventWorker`
|
||||
S->>TDB: Insert to `job_artifact_registry`, "starting sync"
|
||||
S->>PP: GET <primary site internal URL>/geo/retrieve/job_artifact/123
|
||||
S->>TDB: Update `job_artifact_registry`, "synced"
|
||||
```
|
||||
|
||||
- [Geo Log Cursor](#geo-log-cursor-daemon) loop finds the new `geo_event_log` row
|
||||
- Geo Log Cursor processes the `geo_events` row
|
||||
- Geo Log Cursor enqueues `Geo::EventWorker` job passing through the `geo_events` row data
|
||||
- [Sidekiq](architecture.md#sidekiq) picks up `Geo::EventWorker` job
|
||||
- Sidekiq inserts `job_artifact_registry` row in the [PostgreSQL Geo Tracking Database](#tracking-database) because it doesn't exist, and marks it "started sync"
|
||||
- Sidekiq does a GET request on an API endpoint at the primary Geo site and downloads the file
|
||||
- Sidekiq marks the `job_artifact_registry` row as "synced" and "pending verification"
|
||||
|
||||
##### Backfilling existing job artifacts
|
||||
|
||||
- Sysadmin has an existing GitLab site without Geo
|
||||
- There are existing CI jobs and job artifacts
|
||||
- Sysadmin sets up a new GitLab site and configures it to be a secondary Geo site
|
||||
|
||||
Secondary site:
|
||||
|
||||
There are two cronjobs running every minute: `Geo::Secondary::RegistryConsistencyWorker` and `Geo::RegistrySyncWorker`. The workflow below is split into two, along those lines.
|
||||
|
||||
```mermaid
|
||||
sequenceDiagram
|
||||
participant SC as Sidekiq-cron
|
||||
participant R as Redis
|
||||
participant S as Sidekiq
|
||||
participant DB as PostgreSQL
|
||||
participant TDB as PostgreSQL Tracking DB
|
||||
SC->>R: Enqueue `Geo::Secondary::RegistryConsistencyWorker`
|
||||
S->>R: Pick up `Geo::Secondary::RegistryConsistencyWorker`
|
||||
S->>DB: Query `ci_job_artifacts`
|
||||
S->>TDB: Query `job_artifact_registry`
|
||||
S->>TDB: Insert to `job_artifact_registry`
|
||||
```
|
||||
|
||||
- [Sidekiq-cron](https://github.com/ondrejbartas/sidekiq-cron) enqueues a `Geo::Secondary::RegistryConsistencyWorker` job every minute. As long as it is actively doing work (creating and deleting rows), this job immediately reenqueues itself. This job uses an exclusive lease to prevent multiple instances of itself from running simultaneously.
|
||||
- [Sidekiq](architecture.md#sidekiq) picks up `Geo::Secondary::RegistryConsistencyWorker` job
|
||||
- Sidekiq queries `ci_job_artifacts` table for up to 10000 rows
|
||||
- Sidekiq queries `job_artifact_registry` table for up to 10000 rows
|
||||
- Sidekiq inserts a `job_artifact_registry` row in the [PostgreSQL Geo Tracking Database](#tracking-database) corresponding to the existing Job Artifact
|
||||
|
||||
```mermaid
|
||||
sequenceDiagram
|
||||
participant SC as Sidekiq-cron
|
||||
participant R as Redis
|
||||
participant S as Sidekiq
|
||||
participant DB as PostgreSQL
|
||||
participant TDB as PostgreSQL Tracking DB
|
||||
participant PP as Primary site Puma
|
||||
SC->>R: Enqueue `Geo::RegistrySyncWorker`
|
||||
S->>R: Pick up `Geo::RegistrySyncWorker`
|
||||
S->>TDB: Query `*_registry` tables
|
||||
S->>R: Enqueue `Geo::EventWorker`s
|
||||
S->>R: Pick up `Geo::EventWorker`
|
||||
S->>TDB: Insert to `job_artifact_registry`, "starting sync"
|
||||
S->>PP: GET <primary site internal URL>/geo/retrieve/job_artifact/123
|
||||
S->>TDB: Update `job_artifact_registry`, "synced"
|
||||
```
|
||||
|
||||
- [Sidekiq-cron](https://github.com/ondrejbartas/sidekiq-cron) enqueues a `Geo::RegistrySyncWorker` job every minute. As long as it is actively doing work, this job loops for up to an hour scheduling sync jobs. This job uses an exclusive lease to prevent multiple instances of itself from running simultaneously.
|
||||
- [Sidekiq](architecture.md#sidekiq) picks up `Geo::RegistrySyncWorker` job
|
||||
- Sidekiq queries all `registry` tables in the [PostgreSQL Geo Tracking Database](#tracking-database) for "never attempted sync" rows. It interleaves rows from each table and adds them to an in-memory queue.
|
||||
- If the previous step yielded less than 1000 rows, then Sidekiq queries all `registry` tables for "failed sync and ready to retry" rows and interleaves those and adds them to the in-memory queue.
|
||||
- Sidekiq enqueues `Geo::EventWorker` jobs with arguments like "Job Artifact with ID 123 was updated" for each item in the queue, and tracks the enqueued Sidekiq job IDs.
|
||||
- Sidekiq stops enqueuing `Geo::EventWorker` jobs when "maximum concurrency limit" settings are reached
|
||||
- Sidekiq loops doing this kind of work until it has no more to do
|
||||
- Sidekiq picks up `Geo::EventWorker` job
|
||||
- Sidekiq marks the `job_artifact_registry` row as "started sync"
|
||||
- Sidekiq does a GET request on an API endpoint at the primary Geo site and downloads the file
|
||||
- Sidekiq marks the `job_artifact_registry` row as "synced" and "pending verification"
|
||||
|
||||
##### Verifying a new job artifact
|
||||
|
||||
Primary site:
|
||||
|
||||
```mermaid
|
||||
sequenceDiagram
|
||||
participant Ru as Runner
|
||||
participant P as Puma
|
||||
participant DB as PostgreSQL
|
||||
participant SC as Sidekiq-cron
|
||||
participant Rd as Redis
|
||||
participant S as Sidekiq
|
||||
participant F as Filesystem
|
||||
Ru->>P: Upload artifact
|
||||
P->>DB: Insert `ci_job_artifacts`
|
||||
P->>DB: Insert `ci_job_artifact_states`
|
||||
SC->>Rd: Enqueue `Geo::VerificationCronWorker`
|
||||
S->>Rd: Pick up `Geo::VerificationCronWorker`
|
||||
S->>DB: Query `ci_job_artifact_states`
|
||||
S->>Rd: Enqueue `Geo::VerificationBatchWorker`
|
||||
S->>Rd: Pick up `Geo::VerificationBatchWorker`
|
||||
S->>DB: Query `ci_job_artifact_states`
|
||||
S->>DB: Update `ci_job_artifact_states` row, "started"
|
||||
S->>F: Checksum file
|
||||
S->>DB: Update `ci_job_artifact_states` row, "succeeded"
|
||||
```
|
||||
|
||||
- A [Runner](https://docs.gitlab.com/runner/) uploads an artifact
|
||||
- [Puma](architecture.md#puma) creates a `ci_job_artifacts` row
|
||||
- Puma creates a `ci_job_artifact_states` row to store verification state.
|
||||
- The row is marked "pending verification"
|
||||
- [Sidekiq-cron](https://github.com/ondrejbartas/sidekiq-cron) enqueues a `Geo::VerificationCronWorker` job every minute
|
||||
- [Sidekiq](architecture.md#sidekiq) picks up the `Geo::VerificationCronWorker` job
|
||||
- Sidekiq queries `ci_job_artifact_states` for the number of rows marked "pending verification" or "failed verification and ready to retry"
|
||||
- Sidekiq enqueues one or more `Geo::VerificationBatchWorker` jobs, limited by the "maximum verification concurrency" setting
|
||||
- Sidekiq picks up `Geo::VerificationBatchWorker` job
|
||||
- Sidekiq queries `ci_job_artifact_states` for rows marked "pending verification"
|
||||
- If the previous step yielded less than 10 rows, then Sidekiq queries `ci_job_artifact_states` for rows marked "failed verification and ready to retry"
|
||||
- For each row
|
||||
- Sidekiq marks it "started verification"
|
||||
- Sidekiq gets the SHA256 checksum of the file
|
||||
- Sidekiq saves the checksum in the row and marks it "succeeded verification"
|
||||
- Now secondary Geo sites can compare against this checksum
|
||||
|
||||
Secondary site:
|
||||
|
||||
```mermaid
|
||||
sequenceDiagram
|
||||
participant SC as Sidekiq-cron
|
||||
participant R as Redis
|
||||
participant S as Sidekiq
|
||||
participant TDB as PostgreSQL Tracking DB
|
||||
participant F as Filesystem
|
||||
participant DB as PostgreSQL
|
||||
SC->>R: Enqueue `Geo::VerificationCronWorker`
|
||||
S->>R: Pick up `Geo::VerificationCronWorker`
|
||||
S->>TDB: Query `job_artifact_registry`
|
||||
S->>R: Enqueue `Geo::VerificationBatchWorker`
|
||||
S->>R: Pick up `Geo::VerificationBatchWorker`
|
||||
S->>TDB: Query `job_artifact_registry`
|
||||
S->>TDB: Update `job_artifact_registry` row, "started"
|
||||
S->>F: Checksum file
|
||||
S->>DB: Query `ci_job_artifact_states`
|
||||
S->>TDB: Update `job_artifact_registry` row, "succeeded"
|
||||
```
|
||||
|
||||
- After the artifact is successfully synced, it becomes "pending verification"
|
||||
- [Sidekiq-cron](https://github.com/ondrejbartas/sidekiq-cron) enqueues a `Geo::VerificationCronWorker` job every minute
|
||||
- [Sidekiq](architecture.md#sidekiq) picks up the `Geo::VerificationCronWorker` job
|
||||
- Sidekiq queries `job_artifact_registry` in the [PostgreSQL Geo Tracking Database](#tracking-database) for the number of rows marked "pending verification" or "failed verification and ready to retry"
|
||||
- Sidekiq enqueues one or more `Geo::VerificationBatchWorker` jobs, limited by the "maximum verification concurrency" setting
|
||||
- Sidekiq picks up `Geo::VerificationBatchWorker` job
|
||||
- Sidekiq queries `job_artifact_registry` in the PostgreSQL Geo Tracking Databasef for rows marked "pending verification"
|
||||
- If the previous step yielded less than 10 rows, then Sidekiq queries `job_artifact_registry` for rows marked "failed verification and ready to retry"
|
||||
- For each row
|
||||
- Sidekiq marks it "started verification"
|
||||
- Sidekiq gets the SHA256 checksum of the file
|
||||
- Sidekiq saves the checksum in the row
|
||||
- Sidekiq compares the checksum against the checksum in the `ci_job_artifact_states` row which was replicated by PostgreSQL
|
||||
- If the checksum matches, then Sidekiq marks the `job_artifact_registry` row "succeeded verification"
|
||||
|
||||
## Authentication
|
||||
|
||||
|
@ -303,10 +488,7 @@ events include:
|
|||
- Job Artifact Deleted event
|
||||
- Upload Deleted event
|
||||
|
||||
### Geo Log Cursor
|
||||
|
||||
The process running on the **secondary** site that looks for new
|
||||
`Geo::EventLog` rows.
|
||||
See [Geo Log Cursor daemon](#geo-log-cursor-daemon).
|
||||
|
||||
## Code features
|
||||
|
||||
|
@ -415,7 +597,7 @@ We switch and filter from each event by the `event_name` field.
|
|||
### Geo Log Cursor (GitLab 10.0 and up)
|
||||
|
||||
In GitLab 10.0 and later, [System Webhooks](#system-hooks-gitlab-87-to-95) are no longer
|
||||
used and Geo Log Cursor is used instead. The Log Cursor traverses the
|
||||
used and [Geo Log Cursor](#geo-log-cursor-daemon) is used instead. The Log Cursor traverses the
|
||||
`Geo::EventLog` rows to see if there are changes since the last time
|
||||
the log was checked and will handle repository updates, deletes,
|
||||
changes, and renames.
|
||||
|
|
|
@ -46,19 +46,22 @@ Gitlab::CurrentSettings.update!('require_two_factor_authentication': false)
|
|||
|
||||
> [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/24965) in GitLab 12.0, 2FA settings for a group are also applied to subgroups.
|
||||
|
||||
Prerequisites:
|
||||
|
||||
- You must have the Maintainer or Owner role for the group.
|
||||
|
||||
To enforce 2FA only for certain groups:
|
||||
|
||||
1. Go to the group's **Settings > General** page.
|
||||
1. Expand the **Permissions and group features** section.
|
||||
1. Select the **Require all users in this group to set up two-factor authentication** option.
|
||||
1. On the top bar, select **Menu > Groups** and find your group.
|
||||
1. On the left sidebar, select **Settings > General**.
|
||||
1. Expand **Permissions and group features**.
|
||||
1. Select **All users in this group must set up two-factor authentication**.
|
||||
1. Select **Save changes**.
|
||||
|
||||
You can also specify a grace period in the **Time before enforced** option.
|
||||
|
||||
To change this setting, you must be an administrator or owner of the group.
|
||||
You can also specify a grace period in the **Delay 2FA enforcement** option.
|
||||
|
||||
If you want to enforce 2FA only for certain groups, you can enable it in the
|
||||
group settings and specify a grace period as above. To change this setting you
|
||||
must be administrator or owner of the group.
|
||||
group settings and specify a grace period as above.
|
||||
|
||||
The following are important notes about 2FA:
|
||||
|
||||
|
|
|
@ -460,10 +460,11 @@ and [Helm Chart deployments](https://docs.gitlab.com/charts/). They come with ap
|
|||
|
||||
### 15.2.0 (unreleased)
|
||||
|
||||
GitLab installations that have multiple web nodes should be
|
||||
[upgraded to 15.1](#1510) before upgrading to 15.2 (and later) due to a
|
||||
configuration change in Rails that can result in inconsistent ETag key
|
||||
generation.
|
||||
- GitLab installations that have multiple web nodes should be
|
||||
[upgraded to 15.1](#1510) before upgrading to 15.2 (and later) due to a
|
||||
configuration change in Rails that can result in inconsistent ETag key
|
||||
generation.
|
||||
- Some Sidekiq workers were renamed in this release. To avoid any disruption, [run the Rake tasks to migrate any pending jobs](../raketasks/sidekiq_job_migration.md#future-jobs) before starting the upgrade to GitLab 15.2.0.
|
||||
|
||||
### 15.1.0
|
||||
|
||||
|
|
|
@ -39,7 +39,7 @@ To enable customer relations management in a group or subgroup:
|
|||
1. On the top bar, select **Menu > Groups** and find your group or subgroup.
|
||||
1. On the left sidebar, select **Settings > General**.
|
||||
1. Expand the **Permissions and group features** section.
|
||||
1. Select **Enable customer relations**.
|
||||
1. Select **Customer relations is enabled**.
|
||||
1. Select **Save changes**.
|
||||
|
||||
## Contacts
|
||||
|
|
|
@ -240,7 +240,7 @@ To change this setting for a specific group:
|
|||
1. Find the group and select it.
|
||||
1. From the left menu, select **Settings > General**.
|
||||
1. Expand the **Permissions and group features** section.
|
||||
1. Select the desired option in the **Allowed to create projects** dropdown list.
|
||||
1. Select the desired option in the **Roles allowed to create projects** dropdown list.
|
||||
1. Select **Save changes**.
|
||||
|
||||
To change this setting globally, see [Default project creation protection](../admin_area/settings/visibility_and_access_controls.md#define-which-roles-can-create-projects).
|
||||
|
@ -478,7 +478,7 @@ To prevent sharing outside of the group's hierarchy:
|
|||
1. On the top bar, select **Menu > Groups** and find your group.
|
||||
1. On the left sidebar, select **Settings > General**.
|
||||
1. Expand **Permissions and group features**.
|
||||
1. Select **Prevent members from sending invitations to groups outside of `<group_name>` and its subgroups**.
|
||||
1. Select **Members cannot invite groups outside of `<group_name>` and its subgroups**.
|
||||
1. Select **Save changes**.
|
||||
|
||||
## Prevent a project from being shared with groups
|
||||
|
@ -490,7 +490,7 @@ To prevent a project from being shared with other groups:
|
|||
|
||||
1. Go to the group's **Settings > General** page.
|
||||
1. Expand the **Permissions and group features** section.
|
||||
1. Select **Prevent sharing a project in `<group_name>` with other groups**.
|
||||
1. Select **Projects in `<group_name>` cannot be shared with other groups**.
|
||||
1. Select **Save changes**.
|
||||
|
||||
This setting applies to all subgroups unless overridden by a group owner. Groups already
|
||||
|
@ -582,7 +582,7 @@ To prevent members from being added to projects in a group:
|
|||
|
||||
1. Go to the group's **Settings > General** page.
|
||||
1. Expand the **Permissions and group features** section.
|
||||
1. Under **Membership**, select **Prevent adding new members to projects within this group**.
|
||||
1. Under **Membership**, select **Users cannot be added to projects in this group**.
|
||||
1. Select **Save changes**.
|
||||
|
||||
All users who previously had permissions can no longer add members to a group.
|
||||
|
@ -636,7 +636,7 @@ To restrict group access by IP address:
|
|||
|
||||
1. Go to the group's **Settings > General** page.
|
||||
1. Expand the **Permissions and group features** section.
|
||||
1. In the **Allow access to the following IP addresses** field, enter IPv4 or IPv6 address ranges in CIDR notation.
|
||||
1. In the **Restrict access by IP address** field, enter IPv4 or IPv6 address ranges in CIDR notation.
|
||||
1. Select **Save changes**.
|
||||
|
||||
In self-managed installations of GitLab 15.1 and later, you can also configure
|
||||
|
@ -729,7 +729,7 @@ To disable email notifications:
|
|||
|
||||
1. Go to the group's **Settings > General** page.
|
||||
1. Expand the **Permissions and group features** section.
|
||||
1. Select **Disable email notifications**.
|
||||
1. Select **Email notifications are disabled**.
|
||||
1. Select **Save changes**.
|
||||
|
||||
## Disable group mentions
|
||||
|
@ -748,7 +748,7 @@ To disable group mentions:
|
|||
|
||||
1. Go to the group's **Settings > General** page.
|
||||
1. Expand the **Permissions and group features** section.
|
||||
1. Select **Disable group mentions**.
|
||||
1. Select **Group mentions are disabled**.
|
||||
1. Select **Save changes**.
|
||||
|
||||
## Enable delayed project deletion **(PREMIUM)**
|
||||
|
@ -760,7 +760,7 @@ To disable group mentions:
|
|||
> - [User interface changed](https://gitlab.com/gitlab-org/gitlab/-/issues/352961) in GitLab 15.1.
|
||||
|
||||
[Delayed project deletion](../project/settings/index.md#delayed-project-deletion) is locked and disabled unless the instance-level settings for
|
||||
[deletion protection](../admin_area/settings/visibility_and_access_controls.md#deletion-protection) is enabled for either groups only or groups and projects.
|
||||
[deletion protection](../admin_area/settings/visibility_and_access_controls.md#deletion-protection) are enabled for either groups only or groups and projects.
|
||||
When enabled on groups, projects in the group are deleted after a period of delay. During this period, projects are in a read-only state and can be restored.
|
||||
The default period is seven days but [is configurable at the instance level](../admin_area/settings/visibility_and_access_controls.md#retention-period).
|
||||
|
||||
|
|
|
@ -141,7 +141,7 @@ To enable or disable group access token creation for all sub-groups in a top-lev
|
|||
1. On the top bar, select **Menu > Groups** and find your group.
|
||||
1. On the left sidebar, select **Settings > General**.
|
||||
1. Expand **Permissions and group features**.
|
||||
1. Under **Permissions**, turn on or off **Allow project and group access token creation**.
|
||||
1. Under **Permissions**, turn on or off **Users can create project access tokens and group access tokens in this group**.
|
||||
|
||||
Even when creation is disabled, you can still use and revoke existing group access tokens.
|
||||
|
||||
|
|
|
@ -73,21 +73,20 @@ To create a subgroup:
|
|||
To create a subgroup, you must have at least the Maintainer role on the group, depending on the group's setting. By
|
||||
default:
|
||||
|
||||
- In GitLab 12.2 or later, users with at least the Maintainer role can create subgroups.
|
||||
- In GitLab 12.1 or earlier, only users with the Owner role can create subgroups.
|
||||
|
||||
To change who can create subgroups on a group:
|
||||
|
||||
- As a user with the Owner role on the group:
|
||||
1. On the top bar, select **Menu > Groups** and find the group.
|
||||
1. On the top bar, select **Menu > Groups** and find your group.
|
||||
1. On the left sidebar, select **Settings > General**.
|
||||
1. Expand **Permissions and group features**.
|
||||
1. Select a role from the **Allowed to create subgroups** dropdown.
|
||||
1. Select a role from **Roles allowed to create subgroups**.
|
||||
1. Select **Save changes**.
|
||||
- As an administrator:
|
||||
1. On the top bar, select **Menu > Admin**.
|
||||
1. On the left sidebar, select **Overview > Groups**.
|
||||
1. Select the group, and select **Edit**.
|
||||
1. Select a role from the **Allowed to create subgroups** dropdown.
|
||||
1. In the group's row select **Edit**.
|
||||
1. Select a role from **Allowed to create subgroups**.
|
||||
1. Select **Save changes**.
|
||||
|
||||
For more information, view the [permissions table](../../permissions.md#group-members-permissions).
|
||||
|
||||
|
|
|
@ -0,0 +1,31 @@
|
|||
# frozen_string_literal: true
|
||||
|
||||
module Gitlab
|
||||
module BackgroundMigration
|
||||
# A job to update semver column in ci_runners in batches based on existing version values
|
||||
class BackfillCiRunnerSemver < Gitlab::BackgroundMigration::BatchedMigrationJob
|
||||
def perform
|
||||
each_sub_batch(
|
||||
operation_name: :backfill_ci_runner_semver,
|
||||
batching_scope: ->(relation) { relation.where('semver::cidr IS NULL') }
|
||||
) do |sub_batch|
|
||||
ranged_query = sub_batch.select(
|
||||
%q(id AS r_id,
|
||||
substring(ci_runners.version FROM 'v?(\d+\.\d+\.\d+)') AS extracted_semver)
|
||||
)
|
||||
|
||||
update_sql = <<~SQL
|
||||
UPDATE
|
||||
ci_runners
|
||||
SET semver = extracted_semver
|
||||
FROM (#{ranged_query.to_sql}) v
|
||||
WHERE id = v.r_id
|
||||
AND v.extracted_semver IS NOT NULL
|
||||
SQL
|
||||
|
||||
connection.execute(update_sql)
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
|
@ -39,7 +39,8 @@ namespace :gitlab do
|
|||
web_hooks.find_each do |hook|
|
||||
next unless hook.url == web_hook_url
|
||||
|
||||
result = WebHooks::DestroyService.new(nil).sync_destroy(hook)
|
||||
user = hook.parent.owners.first
|
||||
result = WebHooks::DestroyService.new(user).execute(hook)
|
||||
|
||||
raise "Unable to destroy Web hook" unless result[:status] == :success
|
||||
|
||||
|
|
|
@ -3768,6 +3768,9 @@ msgstr ""
|
|||
msgid "All threads resolved!"
|
||||
msgstr ""
|
||||
|
||||
msgid "All users in this group must set up two-factor authentication"
|
||||
msgstr ""
|
||||
|
||||
msgid "All users must accept the Terms of Service and Privacy Policy to access GitLab"
|
||||
msgstr ""
|
||||
|
||||
|
@ -3780,12 +3783,6 @@ msgstr ""
|
|||
msgid "Allow \"%{group_name}\" to sign you in"
|
||||
msgstr ""
|
||||
|
||||
msgid "Allow access only to members of this group"
|
||||
msgstr ""
|
||||
|
||||
msgid "Allow access to everyone"
|
||||
msgstr ""
|
||||
|
||||
msgid "Allow access to members of the following group"
|
||||
msgstr ""
|
||||
|
||||
|
@ -3828,9 +3825,6 @@ msgstr ""
|
|||
msgid "Allow public access to pipelines and job details, including output logs and artifacts."
|
||||
msgstr ""
|
||||
|
||||
msgid "Allow subgroups to set up their own two-factor authentication rules"
|
||||
msgstr ""
|
||||
|
||||
msgid "Allow this key to push to this repository"
|
||||
msgstr ""
|
||||
|
||||
|
@ -3843,9 +3837,6 @@ msgstr ""
|
|||
msgid "Allow users to register any application to use GitLab as an OAuth provider"
|
||||
msgstr ""
|
||||
|
||||
msgid "Allow users to request access (if visibility is public or internal)"
|
||||
msgstr ""
|
||||
|
||||
msgid "Allowed"
|
||||
msgstr ""
|
||||
|
||||
|
@ -12023,6 +12014,9 @@ msgstr ""
|
|||
msgid "Definition"
|
||||
msgstr ""
|
||||
|
||||
msgid "Delay 2FA enforcement (hours)"
|
||||
msgstr ""
|
||||
|
||||
msgid "DelayedJobs|Are you sure you want to run %{jobName} immediately? Otherwise this job will run automatically after its timer finishes."
|
||||
msgstr ""
|
||||
|
||||
|
@ -13314,9 +13308,6 @@ msgstr ""
|
|||
msgid "Disable group runners"
|
||||
msgstr ""
|
||||
|
||||
msgid "Disable the group-level wiki"
|
||||
msgstr ""
|
||||
|
||||
msgid "Disable two-factor authentication"
|
||||
msgstr ""
|
||||
|
||||
|
@ -15196,6 +15187,9 @@ msgstr ""
|
|||
msgid "Everyone With Access"
|
||||
msgstr ""
|
||||
|
||||
msgid "Everyone can access the wiki."
|
||||
msgstr ""
|
||||
|
||||
msgid "Everyone can contribute"
|
||||
msgstr ""
|
||||
|
||||
|
@ -18000,6 +17994,9 @@ msgstr ""
|
|||
msgid "Group wikis"
|
||||
msgstr ""
|
||||
|
||||
msgid "Group-level wiki is disabled."
|
||||
msgstr ""
|
||||
|
||||
msgid "Group: %{group_name}"
|
||||
msgstr ""
|
||||
|
||||
|
@ -18276,12 +18273,6 @@ msgstr ""
|
|||
msgid "GroupSelect|Select a group"
|
||||
msgstr ""
|
||||
|
||||
msgid "GroupSettings|Allow project and group access token creation"
|
||||
msgstr ""
|
||||
|
||||
msgid "GroupSettings|Allows creating organizations and contacts and associating them with issues."
|
||||
msgstr ""
|
||||
|
||||
msgid "GroupSettings|Applied to all subgroups unless overridden by a group owner. Groups already added to the project lose access."
|
||||
msgstr ""
|
||||
|
||||
|
@ -18318,30 +18309,39 @@ msgstr ""
|
|||
msgid "GroupSettings|Custom project templates"
|
||||
msgstr ""
|
||||
|
||||
msgid "GroupSettings|Customer relations is enabled"
|
||||
msgstr ""
|
||||
|
||||
msgid "GroupSettings|Customize this group's badges."
|
||||
msgstr ""
|
||||
|
||||
msgid "GroupSettings|Default to Auto DevOps pipeline for all projects within this group"
|
||||
msgstr ""
|
||||
|
||||
msgid "GroupSettings|Disable email notifications"
|
||||
msgstr ""
|
||||
|
||||
msgid "GroupSettings|Disable group mentions"
|
||||
msgstr ""
|
||||
|
||||
msgid "GroupSettings|Enable customer relations"
|
||||
msgid "GroupSettings|Email notifications are disabled"
|
||||
msgstr ""
|
||||
|
||||
msgid "GroupSettings|Export group"
|
||||
msgstr ""
|
||||
|
||||
msgid "GroupSettings|Group members are not notified if the group is mentioned."
|
||||
msgstr ""
|
||||
|
||||
msgid "GroupSettings|Group mentions are disabled"
|
||||
msgstr ""
|
||||
|
||||
msgid "GroupSettings|If not specified at the group or instance level, the default is %{default_initial_branch_name}. Does not affect existing repositories."
|
||||
msgstr ""
|
||||
|
||||
msgid "GroupSettings|If the parent group's visibility is lower than the group's current visibility, visibility levels for subgroups and projects will be changed to match the new parent group's visibility."
|
||||
msgstr ""
|
||||
|
||||
msgid "GroupSettings|Members cannot invite groups outside of %{group} and its subgroups"
|
||||
msgstr ""
|
||||
|
||||
msgid "GroupSettings|Organizations and contacts can be created and associated with issues."
|
||||
msgstr ""
|
||||
|
||||
msgid "GroupSettings|Overrides user notification preferences for all members of the group, subgroups, and projects."
|
||||
msgstr ""
|
||||
|
||||
|
@ -18357,13 +18357,7 @@ msgstr ""
|
|||
msgid "GroupSettings|Prevent forking setting was not saved"
|
||||
msgstr ""
|
||||
|
||||
msgid "GroupSettings|Prevent members from sending invitations to groups outside of %{group} and its subgroups"
|
||||
msgstr ""
|
||||
|
||||
msgid "GroupSettings|Prevent sharing a project within %{group} with other groups"
|
||||
msgstr ""
|
||||
|
||||
msgid "GroupSettings|Prevents group members from being notified if the group is mentioned."
|
||||
msgid "GroupSettings|Projects in %{group} cannot be shared with other groups"
|
||||
msgstr ""
|
||||
|
||||
msgid "GroupSettings|Select a subgroup to use as the source for custom project templates for this group."
|
||||
|
@ -18408,7 +18402,7 @@ msgstr ""
|
|||
msgid "GroupSettings|Transfer group"
|
||||
msgstr ""
|
||||
|
||||
msgid "GroupSettings|Users can create %{link_start_project}project access tokens%{link_end} and %{link_start_group}group access tokens%{link_end} in this group."
|
||||
msgid "GroupSettings|Users can create %{link_start_project}project access tokens%{link_end} and %{link_start_group}group access tokens%{link_end} in this group"
|
||||
msgstr ""
|
||||
|
||||
msgid "GroupSettings|What are badges?"
|
||||
|
@ -25156,9 +25150,6 @@ msgstr ""
|
|||
msgid "Multiple Prometheus integrations are not supported"
|
||||
msgstr ""
|
||||
|
||||
msgid "Multiple domains are supported."
|
||||
msgstr ""
|
||||
|
||||
msgid "Multiple model types found: %{model_types}"
|
||||
msgstr ""
|
||||
|
||||
|
@ -26777,6 +26768,9 @@ msgstr ""
|
|||
msgid "Only include features new to your current subscription tier."
|
||||
msgstr ""
|
||||
|
||||
msgid "Only members of this group can access the wiki."
|
||||
msgstr ""
|
||||
|
||||
msgid "Only policy:"
|
||||
msgstr ""
|
||||
|
||||
|
@ -26798,10 +26792,10 @@ msgstr ""
|
|||
msgid "Only use lowercase letters, numbers, and underscores."
|
||||
msgstr ""
|
||||
|
||||
msgid "Only users from the specified IP address ranges are able to reach this group, including all subgroups, projects, and Git repositories."
|
||||
msgid "Only users from the specified IP address ranges can reach this group, including all subgroups, projects, and Git repositories."
|
||||
msgstr ""
|
||||
|
||||
msgid "Only verified users with an email address in any of these domains can be added to the group."
|
||||
msgid "Only verified users with an email address in any of these domains can be added to the group. Multiple domains are supported."
|
||||
msgstr ""
|
||||
|
||||
msgid "Only ‘Reporter’ roles and above on tiers Premium and above can see Productivity Analytics."
|
||||
|
@ -28999,9 +28993,6 @@ msgstr ""
|
|||
msgid "Prev"
|
||||
msgstr ""
|
||||
|
||||
msgid "Prevent adding new members to projects within this group"
|
||||
msgstr ""
|
||||
|
||||
msgid "Prevent auto-stopping"
|
||||
msgstr ""
|
||||
|
||||
|
@ -29746,6 +29737,9 @@ msgstr ""
|
|||
msgid "ProjectCreationLevel|No one"
|
||||
msgstr ""
|
||||
|
||||
msgid "ProjectCreationLevel|Roles allowed to create projects"
|
||||
msgstr ""
|
||||
|
||||
msgid "ProjectFileTree|Name"
|
||||
msgstr ""
|
||||
|
||||
|
@ -30478,6 +30472,9 @@ msgstr ""
|
|||
msgid "Projects help you organize your work. They contain your file repository, issues, merge requests, and so much more."
|
||||
msgstr ""
|
||||
|
||||
msgid "Projects in this group can use Git LFS"
|
||||
msgstr ""
|
||||
|
||||
msgid "Projects shared with %{group_name}"
|
||||
msgstr ""
|
||||
|
||||
|
@ -32524,9 +32521,6 @@ msgstr ""
|
|||
msgid "Require additional authentication for administrative tasks."
|
||||
msgstr ""
|
||||
|
||||
msgid "Require all users in this group to set up two-factor authentication"
|
||||
msgstr ""
|
||||
|
||||
msgid "Required approvals (%{approvals_given} given)"
|
||||
msgstr ""
|
||||
|
||||
|
@ -32708,6 +32702,9 @@ msgstr ""
|
|||
msgid "Restoring the project will prevent the project from being removed on this date and restore people's ability to make changes to it."
|
||||
msgstr ""
|
||||
|
||||
msgid "Restrict access by IP address"
|
||||
msgstr ""
|
||||
|
||||
msgid "Restrict membership by email domain"
|
||||
msgstr ""
|
||||
|
||||
|
@ -36834,7 +36831,7 @@ msgstr ""
|
|||
msgid "Subgroup navigation"
|
||||
msgstr ""
|
||||
|
||||
msgid "SubgroupCreationLevel|Allowed to create subgroups"
|
||||
msgid "SubgroupCreationLevel|Roles allowed to create subgroups"
|
||||
msgstr ""
|
||||
|
||||
msgid "SubgroupCreationlevel|Allowed to create subgroups"
|
||||
|
@ -36852,6 +36849,9 @@ msgstr ""
|
|||
msgid "Subgroups and projects"
|
||||
msgstr ""
|
||||
|
||||
msgid "Subgroups can set up their own two-factor authentication rules"
|
||||
msgstr ""
|
||||
|
||||
msgid "Subject Key Identifier:"
|
||||
msgstr ""
|
||||
|
||||
|
@ -38411,6 +38411,9 @@ msgstr ""
|
|||
msgid "The list creation wizard is already open"
|
||||
msgstr ""
|
||||
|
||||
msgid "The maximum amount of time users have to set up two-factor authentication before it's enforced."
|
||||
msgstr ""
|
||||
|
||||
msgid "The maximum file size allowed is %{size}."
|
||||
msgstr ""
|
||||
|
||||
|
@ -39620,9 +39623,6 @@ msgstr ""
|
|||
msgid "Time before an issue starts implementation"
|
||||
msgstr ""
|
||||
|
||||
msgid "Time before enforced"
|
||||
msgstr ""
|
||||
|
||||
msgid "Time between merge request creation and merge/close"
|
||||
msgstr ""
|
||||
|
||||
|
@ -41868,6 +41868,12 @@ msgstr ""
|
|||
msgid "Users can render diagrams in AsciiDoc, Markdown, reStructuredText, and Textile documents using Kroki."
|
||||
msgstr ""
|
||||
|
||||
msgid "Users can request access (if visibility is public or internal)"
|
||||
msgstr ""
|
||||
|
||||
msgid "Users cannot be added to projects in this group"
|
||||
msgstr ""
|
||||
|
||||
msgid "Users in License"
|
||||
msgstr ""
|
||||
|
||||
|
|
|
@ -89,7 +89,7 @@ RSpec.describe 'Edit group settings' do
|
|||
it 'shows the selection menu' do
|
||||
visit edit_group_path(group)
|
||||
|
||||
expect(page).to have_content('Allowed to create projects')
|
||||
expect(page).to have_content('Roles allowed to create projects')
|
||||
end
|
||||
end
|
||||
|
||||
|
@ -97,7 +97,7 @@ RSpec.describe 'Edit group settings' do
|
|||
it 'shows the selection menu' do
|
||||
visit edit_group_path(group)
|
||||
|
||||
expect(page).to have_content('Allowed to create subgroups')
|
||||
expect(page).to have_content('Roles allowed to create subgroups')
|
||||
end
|
||||
end
|
||||
|
||||
|
|
|
@ -0,0 +1,54 @@
|
|||
# frozen_string_literal: true
|
||||
|
||||
require 'spec_helper'
|
||||
|
||||
RSpec.describe Gitlab::BackgroundMigration::BackfillCiRunnerSemver, :migration, schema: 20220601151900 do
|
||||
let(:ci_runners) { table(:ci_runners, database: :ci) }
|
||||
|
||||
subject do
|
||||
described_class.new(
|
||||
start_id: 10,
|
||||
end_id: 15,
|
||||
batch_table: :ci_runners,
|
||||
batch_column: :id,
|
||||
sub_batch_size: 10,
|
||||
pause_ms: 0,
|
||||
connection: Ci::ApplicationRecord.connection)
|
||||
end
|
||||
|
||||
describe '#perform' do
|
||||
it 'populates semver column on all runners in range' do
|
||||
ci_runners.create!(id: 10, runner_type: 1, version: %q(HEAD-fd84d97))
|
||||
ci_runners.create!(id: 11, runner_type: 1, version: %q(v1.2.3))
|
||||
ci_runners.create!(id: 12, runner_type: 1, version: %q(2.1.0))
|
||||
ci_runners.create!(id: 13, runner_type: 1, version: %q(11.8.0~beta.935.g7f6d2abc))
|
||||
ci_runners.create!(id: 14, runner_type: 1, version: %q(13.2.2/1.1.0))
|
||||
ci_runners.create!(id: 15, runner_type: 1, version: %q('14.3.4'))
|
||||
|
||||
subject.perform
|
||||
|
||||
expect(ci_runners.all).to contain_exactly(
|
||||
an_object_having_attributes(id: 10, semver: nil),
|
||||
an_object_having_attributes(id: 11, semver: '1.2.3'),
|
||||
an_object_having_attributes(id: 12, semver: '2.1.0'),
|
||||
an_object_having_attributes(id: 13, semver: '11.8.0'),
|
||||
an_object_having_attributes(id: 14, semver: '13.2.2'),
|
||||
an_object_having_attributes(id: 15, semver: '14.3.4')
|
||||
)
|
||||
end
|
||||
|
||||
it 'skips runners that already have semver value' do
|
||||
ci_runners.create!(id: 10, runner_type: 1, version: %q(1.2.4), semver: '1.2.3')
|
||||
ci_runners.create!(id: 11, runner_type: 1, version: %q(1.2.5))
|
||||
ci_runners.create!(id: 12, runner_type: 1, version: %q(HEAD), semver: '1.2.4')
|
||||
|
||||
subject.perform
|
||||
|
||||
expect(ci_runners.all).to contain_exactly(
|
||||
an_object_having_attributes(id: 10, semver: '1.2.3'),
|
||||
an_object_having_attributes(id: 11, semver: '1.2.5'),
|
||||
an_object_having_attributes(id: 12, semver: '1.2.4')
|
||||
)
|
||||
end
|
||||
end
|
||||
end
|
|
@ -26,19 +26,6 @@ RSpec.describe Clusters::Integrations::Prometheus do
|
|||
|
||||
integration.destroy!
|
||||
end
|
||||
|
||||
context 'when the FF :rename_integrations_workers is disabled' do
|
||||
before do
|
||||
stub_feature_flags(rename_integrations_workers: false)
|
||||
end
|
||||
|
||||
it 'uses the old worker' do
|
||||
expect(Clusters::Applications::DeactivateServiceWorker)
|
||||
.to receive(:perform_async).with(cluster.id, 'prometheus')
|
||||
|
||||
integration.destroy!
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
describe 'after_save' do
|
||||
|
@ -70,19 +57,6 @@ RSpec.describe Clusters::Integrations::Prometheus do
|
|||
|
||||
integration.update!(enabled: true)
|
||||
end
|
||||
|
||||
context 'when the FF :rename_integrations_workers is disabled' do
|
||||
before do
|
||||
stub_feature_flags(rename_integrations_workers: false)
|
||||
end
|
||||
|
||||
it 'uses the old worker' do
|
||||
expect(Clusters::Applications::ActivateServiceWorker)
|
||||
.to receive(:perform_async).with(cluster.id, 'prometheus')
|
||||
|
||||
integration.update!(enabled: true)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
context 'when disabling' do
|
||||
|
|
|
@ -1218,7 +1218,6 @@ RSpec.describe Integration do
|
|||
|
||||
it 'queues a Integrations::ExecuteWorker' do
|
||||
expect(Integrations::ExecuteWorker).to receive(:perform_async).with(integration.id, data)
|
||||
expect(ProjectServiceWorker).not_to receive(:perform_async)
|
||||
|
||||
async_execute
|
||||
end
|
||||
|
@ -1232,18 +1231,5 @@ RSpec.describe Integration do
|
|||
async_execute
|
||||
end
|
||||
end
|
||||
|
||||
context 'when the FF :rename_integration_workers is disabled' do
|
||||
before do
|
||||
stub_feature_flags(rename_integrations_workers: false)
|
||||
end
|
||||
|
||||
it 'queues a ProjectServiceWorker' do
|
||||
expect(ProjectServiceWorker).to receive(:perform_async).with(integration.id, data)
|
||||
expect(Integrations::ExecuteWorker).not_to receive(:perform_async)
|
||||
|
||||
async_execute
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -76,19 +76,5 @@ RSpec.describe Integrations::Irker do
|
|||
ensure
|
||||
conn.close if conn
|
||||
end
|
||||
|
||||
context 'when the FF :rename_integrations_workers is disabled' do
|
||||
before do
|
||||
stub_feature_flags(rename_integrations_workers: false)
|
||||
end
|
||||
|
||||
it 'queues a IrkerWorker' do
|
||||
expect(::IrkerWorker).to receive(:perform_async)
|
||||
.with(project.id, irker.channels, colorize_messages, sample_data, irker.settings)
|
||||
expect(Integrations::IrkerWorker).not_to receive(:perform_async)
|
||||
|
||||
irker.execute(sample_data)
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -454,10 +454,10 @@ RSpec.describe Projects::DestroyService, :aggregate_failures, :event_store_publi
|
|||
|
||||
it 'deletes webhooks and logs related to project' do
|
||||
expect_next_instance_of(WebHooks::DestroyService, user) do |instance|
|
||||
expect(instance).to receive(:sync_destroy).with(web_hook1).and_call_original
|
||||
expect(instance).to receive(:execute).with(web_hook1).and_call_original
|
||||
end
|
||||
expect_next_instance_of(WebHooks::DestroyService, user) do |instance|
|
||||
expect(instance).to receive(:sync_destroy).with(web_hook2).and_call_original
|
||||
expect(instance).to receive(:execute).with(web_hook2).and_call_original
|
||||
end
|
||||
|
||||
expect do
|
||||
|
@ -468,7 +468,7 @@ RSpec.describe Projects::DestroyService, :aggregate_failures, :event_store_publi
|
|||
context 'when an error is raised deleting webhooks' do
|
||||
before do
|
||||
allow_next_instance_of(WebHooks::DestroyService) do |instance|
|
||||
allow(instance).to receive(:sync_destroy).and_return(message: 'foo', status: :error)
|
||||
allow(instance).to receive(:execute).and_return(message: 'foo', status: :error)
|
||||
end
|
||||
end
|
||||
|
||||
|
|
|
@ -24,7 +24,7 @@ RSpec.describe 'groups/edit.html.haml' do
|
|||
|
||||
render
|
||||
|
||||
expect(rendered).to have_content("Prevent sharing a project within #{test_group.name} with other groups")
|
||||
expect(rendered).to have_content("Projects in #{test_group.name} cannot be shared with other groups")
|
||||
expect(rendered).to have_content('help text here')
|
||||
expect(rendered).to have_field('group_share_with_group_lock', **checkbox_options)
|
||||
end
|
||||
|
|
|
@ -40,15 +40,6 @@ RSpec.describe Clusters::Applications::ActivateIntegrationWorker, '#perform' do
|
|||
expect { described_class.new.perform(cluster.id, integration_name) }
|
||||
.to change { project.reload.prometheus_integration&.active }.from(nil).to(true)
|
||||
end
|
||||
|
||||
context 'when using the old worker class' do
|
||||
let(:described_class) { Clusters::Applications::ActivateServiceWorker }
|
||||
|
||||
it 'ensures Prometheus integration is activated' do
|
||||
expect { described_class.new.perform(cluster.id, integration_name) }
|
||||
.to change { project.reload.prometheus_integration&.active }.from(nil).to(true)
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -46,15 +46,6 @@ RSpec.describe Clusters::Applications::DeactivateIntegrationWorker, '#perform' d
|
|||
expect { described_class.new.perform(cluster.id, integration_name) }
|
||||
.to change { prometheus_integration.reload.active }.from(true).to(false)
|
||||
end
|
||||
|
||||
context 'when using the old worker class' do
|
||||
let(:described_class) { Clusters::Applications::ActivateServiceWorker }
|
||||
|
||||
it 'ensures Prometheus integration is deactivated' do
|
||||
expect { described_class.new.perform(cluster.id, integration_name) }
|
||||
.to change { prometheus_integration.reload.active }.from(true).to(false)
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
|
|
|
@ -181,9 +181,7 @@ RSpec.describe 'Every Sidekiq worker' do
|
|||
'ClusterWaitForAppUpdateWorker' => 3,
|
||||
'ClusterWaitForIngressIpAddressWorker' => 3,
|
||||
'Clusters::Applications::ActivateIntegrationWorker' => 3,
|
||||
'Clusters::Applications::ActivateServiceWorker' => 3,
|
||||
'Clusters::Applications::DeactivateIntegrationWorker' => 3,
|
||||
'Clusters::Applications::DeactivateServiceWorker' => 3,
|
||||
'Clusters::Applications::UninstallWorker' => 3,
|
||||
'Clusters::Applications::WaitForUninstallAppWorker' => 3,
|
||||
'Clusters::Cleanup::AppWorker' => 3,
|
||||
|
@ -310,7 +308,6 @@ RSpec.describe 'Every Sidekiq worker' do
|
|||
'Integrations::ExecuteWorker' => 3,
|
||||
'Integrations::IrkerWorker' => 3,
|
||||
'InvalidGpgSignatureUpdateWorker' => 3,
|
||||
'IrkerWorker' => 3,
|
||||
'IssuableExportCsvWorker' => 3,
|
||||
'Issues::PlacementWorker' => 3,
|
||||
'Issues::RebalancingWorker' => 3,
|
||||
|
@ -381,7 +378,6 @@ RSpec.describe 'Every Sidekiq worker' do
|
|||
'ProjectExportWorker' => false,
|
||||
'ProjectImportScheduleWorker' => 1,
|
||||
'ProjectScheduleBulkRepositoryShardMovesWorker' => 3,
|
||||
'ProjectServiceWorker' => 3,
|
||||
'ProjectTemplateExportWorker' => false,
|
||||
'ProjectUpdateRepositoryStorageWorker' => 3,
|
||||
'Projects::GitGarbageCollectWorker' => false,
|
||||
|
|
|
@ -36,26 +36,4 @@ RSpec.describe Integrations::ExecuteWorker, '#perform' do
|
|||
end.not_to raise_error
|
||||
end
|
||||
end
|
||||
|
||||
context 'when using the old worker class' do
|
||||
let(:described_class) { ProjectServiceWorker }
|
||||
|
||||
it 'uses the correct worker attributes', :aggregate_failures do
|
||||
expect(described_class.sidekiq_options).to include('retry' => 3, 'dead' => false)
|
||||
expect(described_class.get_data_consistency).to eq(:always)
|
||||
expect(described_class.get_feature_category).to eq(:integrations)
|
||||
expect(described_class.get_urgency).to eq(:low)
|
||||
expect(described_class.worker_has_external_dependencies?).to be(true)
|
||||
end
|
||||
|
||||
it 'executes integration with given data' do
|
||||
data = { test: 'test' }
|
||||
|
||||
expect_next_found_instance_of(integration.class) do |integration|
|
||||
expect(integration).to receive(:execute).with(data)
|
||||
end
|
||||
|
||||
worker.perform(integration.id, data)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -101,12 +101,6 @@ RSpec.describe Integrations::IrkerWorker, '#perform' do
|
|||
subject.perform(*arguments)
|
||||
end
|
||||
end
|
||||
|
||||
context 'when using the old worker class' do
|
||||
let(:described_class) { ::IrkerWorker }
|
||||
|
||||
it { expect(subject.perform(*arguments)).to be_truthy }
|
||||
end
|
||||
end
|
||||
|
||||
def wrap_message(text)
|
||||
|
|
|
@ -1,64 +0,0 @@
|
|||
# frozen_string_literal: true
|
||||
|
||||
require 'spec_helper'
|
||||
|
||||
RSpec.describe WebHooks::DestroyWorker do
|
||||
include AfterNextHelpers
|
||||
|
||||
let_it_be(:project) { create(:project) }
|
||||
let_it_be(:user) { create(:user) }
|
||||
|
||||
before_all do
|
||||
project.add_maintainer(user)
|
||||
end
|
||||
|
||||
subject { described_class.new }
|
||||
|
||||
describe "#perform" do
|
||||
context 'with a Web hook' do
|
||||
let!(:hook) { create(:project_hook, project: project) }
|
||||
let!(:other_hook) { create(:project_hook, project: project) }
|
||||
let!(:log) { create(:web_hook_log, web_hook: hook) }
|
||||
let!(:other_log) { create(:web_hook_log, web_hook: other_hook) }
|
||||
|
||||
it "deletes the Web hook and logs", :aggregate_failures do
|
||||
expect(WebHooks::LogDestroyWorker).to receive(:perform_async)
|
||||
|
||||
expect { subject.perform(user.id, hook.id) }
|
||||
.to change { WebHook.count }.from(2).to(1)
|
||||
|
||||
expect(WebHook.find(other_hook.id)).to be_present
|
||||
expect(WebHookLog.find(other_log.id)).to be_present
|
||||
end
|
||||
|
||||
it "raises and tracks an error if destroy failed" do
|
||||
expect_next(::WebHooks::DestroyService)
|
||||
.to receive(:sync_destroy).with(anything)
|
||||
.and_return(ServiceResponse.error(message: "failed"))
|
||||
|
||||
expect(Gitlab::ErrorTracking)
|
||||
.to receive(:track_and_raise_exception)
|
||||
.with(an_instance_of(described_class::DestroyError), { web_hook_id: hook.id })
|
||||
.and_call_original
|
||||
|
||||
expect { subject.perform(user.id, hook.id) }.to raise_error(described_class::DestroyError)
|
||||
end
|
||||
|
||||
context 'with unknown hook' do
|
||||
it 'does not raise an error' do
|
||||
expect { subject.perform(user.id, non_existing_record_id) }.not_to raise_error
|
||||
|
||||
expect(WebHook.count).to eq(2)
|
||||
end
|
||||
end
|
||||
|
||||
context 'with unknown user' do
|
||||
it 'does not raise an error' do
|
||||
expect { subject.perform(non_existing_record_id, hook.id) }.not_to raise_error
|
||||
|
||||
expect(WebHook.count).to eq(2)
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
Loading…
Reference in New Issue