diff --git a/app/models/clusters/agent_token.rb b/app/models/clusters/agent_token.rb index 8266f40133d..9d79887b574 100644 --- a/app/models/clusters/agent_token.rb +++ b/app/models/clusters/agent_token.rb @@ -13,5 +13,6 @@ module Clusters before_save :ensure_token validates :description, length: { maximum: 1024 } + validates :name, presence: true, length: { maximum: 255 }, on: :create end end diff --git a/app/views/groups/settings/_advanced.html.haml b/app/views/groups/settings/_advanced.html.haml index 627807841c5..fddb83114f3 100644 --- a/app/views/groups/settings/_advanced.html.haml +++ b/app/views/groups/settings/_advanced.html.haml @@ -8,7 +8,7 @@ %p = s_('GroupSettings|Changing group URL can have unintended side effects.') = succeed '.' do - = link_to _('Learn more'), help_page_path('user/group/index', anchor: 'changing-a-groups-path'), target: '_blank' + = link_to _('Learn more'), help_page_path('user/group/index', anchor: 'change-a-groups-path'), target: '_blank' .input-group.gl-field-error-anchor .group-root-path.input-group-prepend.has-tooltip{ title: group_path(@group), :'data-placement' => 'bottom' } diff --git a/app/views/shared/_group_form.html.haml b/app/views/shared/_group_form.html.haml index c3fac5cd464..eea0c5f37de 100644 --- a/app/views/shared/_group_form.html.haml +++ b/app/views/shared/_group_form.html.haml @@ -39,7 +39,7 @@ .gl-alert-body = _('Changing group URL can have unintended side effects.') = succeed '.' do - = link_to _('Learn more'), help_page_path('user/group/index', anchor: 'changing-a-groups-path'), target: '_blank', class: 'gl-link' + = link_to _('Learn more'), help_page_path('user/group/index', anchor: 'change-a-groups-path'), target: '_blank', class: 'gl-link' - if @group.persisted? .row diff --git a/changelogs/unreleased/emilyring-clustertoken-name.yml b/changelogs/unreleased/emilyring-clustertoken-name.yml new file mode 100644 index 00000000000..887a88b3b29 --- /dev/null +++ b/changelogs/unreleased/emilyring-clustertoken-name.yml @@ -0,0 +1,5 @@ +--- +title: Add name field to cluster agent token +merge_request: 53920 +author: +type: changed diff --git a/db/migrate/20210224133337_add_name_field_to_cluster_agent_token.rb b/db/migrate/20210224133337_add_name_field_to_cluster_agent_token.rb new file mode 100644 index 00000000000..2cec37f8477 --- /dev/null +++ b/db/migrate/20210224133337_add_name_field_to_cluster_agent_token.rb @@ -0,0 +1,12 @@ +# frozen_string_literal: true + +class AddNameFieldToClusterAgentToken < ActiveRecord::Migration[6.0] + DOWNTIME = false + + # rubocop:disable Migration/AddLimitToTextColumns + # limit is added in LimitClusterTokenSize + def change + add_column :cluster_agent_tokens, :name, :text + end + # rubocop:enable Migration/AddLimitToTextColumns +end diff --git a/db/migrate/20210225135533_limit_cluster_token_size.rb b/db/migrate/20210225135533_limit_cluster_token_size.rb new file mode 100644 index 00000000000..6a1b6b7b4e8 --- /dev/null +++ b/db/migrate/20210225135533_limit_cluster_token_size.rb @@ -0,0 +1,17 @@ +# frozen_string_literal: true + +class LimitClusterTokenSize < ActiveRecord::Migration[6.0] + include Gitlab::Database::MigrationHelpers + + DOWNTIME = false + + disable_ddl_transaction! + + def up + add_text_limit :cluster_agent_tokens, :name, 255 + end + + def down + remove_text_limit :cluster_agent_tokens, :name + end +end diff --git a/db/schema_migrations/20210224133337 b/db/schema_migrations/20210224133337 new file mode 100644 index 00000000000..d5dafb9fb56 --- /dev/null +++ b/db/schema_migrations/20210224133337 @@ -0,0 +1 @@ +964e9f88018b2ab72fd370f6a8dccde218cfd4ffa3ccedf4f142ab341f5e858f \ No newline at end of file diff --git a/db/schema_migrations/20210225135533 b/db/schema_migrations/20210225135533 new file mode 100644 index 00000000000..e7c24096aac --- /dev/null +++ b/db/schema_migrations/20210225135533 @@ -0,0 +1 @@ +526174bd42327e0212b15ffbad99541887de1dec35cc4c592d4f02065026b3ca \ No newline at end of file diff --git a/db/structure.sql b/db/structure.sql index 2f2c8cd588d..38f79b4810f 100644 --- a/db/structure.sql +++ b/db/structure.sql @@ -11029,6 +11029,8 @@ CREATE TABLE cluster_agent_tokens ( token_encrypted text NOT NULL, created_by_user_id bigint, description text, + name text, + CONSTRAINT check_2b79dbb315 CHECK ((char_length(name) <= 255)), CONSTRAINT check_4e4ec5070a CHECK ((char_length(description) <= 1024)), CONSTRAINT check_c60daed227 CHECK ((char_length(token_encrypted) <= 255)) ); diff --git a/doc/administration/compliance.md b/doc/administration/compliance.md index 721b0dbb957..04369a76fb3 100644 --- a/doc/administration/compliance.md +++ b/doc/administration/compliance.md @@ -20,7 +20,7 @@ relevant compliance standards. |**[Enforce TOS acceptance](../user/admin_area/settings/terms.md)**
Enforce your users accepting new terms of service by blocking GitLab traffic.|Free+||Instance| |**[Email all users of a project, group, or entire server](../tools/email.md)**
An administrator can email groups of users based on project or group membership, or email everyone using the GitLab instance. This is great for scheduled maintenance or upgrades.|Premium+||Instance| |**[Omnibus package supports log forwarding](https://docs.gitlab.com/omnibus/settings/logs.html#udp-log-forwarding)**
Forward your logs to a central system.|Premium+||Instance| -|**[Lock project membership to group](../user/group/index.md#member-lock)**
Group owners can prevent new members from being added to projects within a group.|Premium+|✓|Group| +|**[Lock project membership to group](../user/group/index.md#prevent-members-from-being-added-to-a-group)**
Group owners can prevent new members from being added to projects within a group.|Premium+|✓|Group| |**[LDAP group sync](auth/ldap/index.md#group-sync)**
GitLab Enterprise Edition gives administrators the ability to automatically sync groups and manage SSH keys, permissions, and authentication, so you can focus on building your product, not configuring your tools.|Premium+||Instance| |**[LDAP group sync filters](auth/ldap/index.md#group-sync)**
GitLab Enterprise Edition Premium gives more flexibility to synchronize with LDAP based on filters, meaning you can leverage LDAP attributes to map GitLab permissions.|Premium+||Instance| |**[Audit events](audit_events.md)**
To maintain the integrity of your code, GitLab Enterprise Edition Premium gives administrators the ability to view any modifications made within the GitLab server in an advanced audit events system, so you can control, analyze, and track every change.|Premium+|✓|Instance, Group, Project| diff --git a/doc/administration/packages/container_registry.md b/doc/administration/packages/container_registry.md index 63bb969afce..c3cefb8ed96 100644 --- a/doc/administration/packages/container_registry.md +++ b/doc/administration/packages/container_registry.md @@ -1144,7 +1144,7 @@ project or branch name. Special characters can include: - Trailing hyphen/dash - Double hyphen/dash -To get around this, you can [change the group path](../../user/group/index.md#changing-a-groups-path), +To get around this, you can [change the group path](../../user/group/index.md#change-a-groups-path), [change the project path](../../user/project/settings/index.md#renaming-a-repository) or change the branch name. Another option is to create a [push rule](../../push_rules/push_rules.md) to prevent this at the instance level. diff --git a/doc/api/graphql/reference/index.md b/doc/api/graphql/reference/index.md index 0d9984abadc..059c2985d8b 100644 --- a/doc/api/graphql/reference/index.md +++ b/doc/api/graphql/reference/index.md @@ -865,6 +865,7 @@ Autogenerated return type of ClusterAgentDelete. | `createdByUser` | User | The user who created the token. | | `description` | String | Description of the token. | | `id` | ClustersAgentTokenID! | Global ID of the token. | +| `name` | String | Name given to the token. | ### ClusterAgentTokenCreatePayload @@ -1244,6 +1245,7 @@ Represents a DAST Profile. | Field | Type | Description | | ----- | ---- | ----------- | +| `branch` | DastProfileBranch | The associated branch. Will always return `null` if `dast_branch_selection` feature flag is disabled. | | `dastScannerProfile` | DastScannerProfile | The associated scanner profile. | | `dastSiteProfile` | DastSiteProfile | The associated site profile. | | `description` | String | The description of the scan. | @@ -1251,6 +1253,15 @@ Represents a DAST Profile. | `id` | DastProfileID! | ID of the profile. | | `name` | String | The name of the profile. | +### DastProfileBranch + +Represents a DAST Profile Branch. + +| Field | Type | Description | +| ----- | ---- | ----------- | +| `exists` | Boolean | Indicates whether or not the branch exists. | +| `name` | String | The name of the branch. | + ### DastProfileCreatePayload Autogenerated return type of DastProfileCreate. diff --git a/doc/api/merge_requests.md b/doc/api/merge_requests.md index b3647131ec8..60fdd34ebc0 100644 --- a/doc/api/merge_requests.md +++ b/doc/api/merge_requests.md @@ -44,7 +44,10 @@ is fetched from its project, `relative` format would be the same as `short` form diffs associated with the set of changes have the same size limitations applied as other diffs returned by the API or viewed via the UI. When these limits impact the results, the `overflow` field contains a value of `true`. Diff data without these limits applied can be retrieved by -adding the `access_raw_diffs` parameter, but it is slower and more resource-intensive. +adding the `access_raw_diffs` parameter, accessing diffs not from the database but from Gitaly directly. +This approach is generally slower and more resource-intensive, but isn't subject to size limits +placed on database-backed diffs. [Limits inherent to Gitaly](../development/diffs.md#diff-limits) +still apply. ## List merge requests @@ -846,7 +849,7 @@ Parameters: |----------------------------------|----------------|----------|------------------------------------------------------------------------------------------------------------------| | `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user. | | `merge_request_iid` | integer | yes | The internal ID of the merge request. | -| `access_raw_diffs` | boolean | no | Retrieve change diffs without size limitations. | +| `access_raw_diffs` | boolean | no | Retrieve change diffs via Gitaly. | ```json { diff --git a/doc/api/releases/index.md b/doc/api/releases/index.md index be9512ed0e0..67e441ee7e4 100644 --- a/doc/api/releases/index.md +++ b/doc/api/releases/index.md @@ -350,7 +350,7 @@ Example response: ## Create a release -Create a Release. You need push access to the repository to create a Release. +Create a release. Developer level access to the project is required to create a release. ```plaintext POST /projects/:id/releases @@ -524,7 +524,7 @@ Example response: ## Update a release -Update a Release. +Update a release. Developer level access to the project is required to update a release. ```plaintext PUT /projects/:id/releases/:tag_name @@ -631,7 +631,7 @@ Example response: ## Delete a Release -Delete a Release. Deleting a Release doesn't delete the associated tag. +Delete a release. Deleting a release doesn't delete the associated tag. Maintainer level access to the project is required to delete a release. ```plaintext DELETE /projects/:id/releases/:tag_name diff --git a/doc/development/contributing/style_guides.md b/doc/development/contributing/style_guides.md index aad24663118..444a067a780 100644 --- a/doc/development/contributing/style_guides.md +++ b/doc/development/contributing/style_guides.md @@ -56,7 +56,7 @@ The current Lefthook configuration can be found in [`lefthook.yml`](https://gitl Before you push your changes, Lefthook automatically runs the following checks: - Danger: Runs a subset of checks that `danger-review` runs on your merge requests. -- ES lint: Run `yarn run internal:eslint` checks (with the [`.eslintrc.yml`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/.eslintrc.yml) configuration) on the modified `*.{js,vue}` files. Tags: `frontend`, `style`. +- ES lint: Run `yarn run lint:eslint` checks (with the [`.eslintrc.yml`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/.eslintrc.yml) configuration) on the modified `*.{js,vue}` files. Tags: `frontend`, `style`. - HAML lint: Run `bundle exec haml-lint` checks (with the [`.haml-lint.yml`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/.haml-lint.yml) configuration) on the modified `*.html.haml` files. Tags: `view`, `haml`, `style`. - Markdown lint: Run `yarn markdownlint` checks on the modified `*.md` files. Tags: `documentation`, `style`. - SCSS lint: Run `yarn lint:stylelint` checks (with the [`.stylelintrc`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/.stylelintrc) configuration) on the modified `*.scss{,.css}` files. Tags: `stylesheet`, `css`, `style`. diff --git a/doc/development/fe_guide/style/javascript.md b/doc/development/fe_guide/style/javascript.md index 87054f7db86..460d8f58312 100644 --- a/doc/development/fe_guide/style/javascript.md +++ b/doc/development/fe_guide/style/javascript.md @@ -14,7 +14,7 @@ In addition to the style guidelines set by Airbnb, we also have a few specific r listed below. NOTE: -You can run ESLint locally by running `yarn run lint:eslint` +You can run ESLint locally by running `yarn run lint:eslint:all` or `yarn run lint:eslint $PATH_TO_FILE`. ## Avoid forEach diff --git a/doc/development/fe_guide/tooling.md b/doc/development/fe_guide/tooling.md index c493ab9a206..1ab97d8a1f5 100644 --- a/doc/development/fe_guide/tooling.md +++ b/doc/development/fe_guide/tooling.md @@ -30,10 +30,16 @@ yarn run lint:eslint:staged:fix If manual changes are required, a list of changes are sent to the console. +To check a specific file in the repository with ESLINT, run the following script (replacing $PATH_TO_FILE): + +```shell +yarn run lint:eslint $PATH_TO_FILE +``` + To check **all** files in the repository with ESLint, run the following script: ```shell -yarn run lint:eslint +yarn run lint:eslint:all ``` A list of problems found are logged to the console. @@ -41,7 +47,7 @@ A list of problems found are logged to the console. To apply automatic ESLint fixes to **all** files in the repository, run the following script: ```shell -yarn run lint:eslint:fix +yarn run lint:eslint:all:fix ``` If manual changes are required, a list of changes are sent to the console. diff --git a/doc/development/testing_guide/frontend_testing.md b/doc/development/testing_guide/frontend_testing.md index 5509833dc71..c765e214804 100644 --- a/doc/development/testing_guide/frontend_testing.md +++ b/doc/development/testing_guide/frontend_testing.md @@ -1168,6 +1168,95 @@ You can download any older version of Firefox from the releases FTP server, { + expect(prettifyName('Homer Simpson')).toMatchSnapshot() +}) +``` + +When this test runs the first time a fresh `.snap` file will be created. It will look something like this: + +```txt +// Jest Snapshot v1, https://goo.gl/fbAQLP + +exports[`makes the name look pretty`] = ` +Sir Homer Simpson the Third +` +``` + +Now, every time you call this test, the new snapshot will be evaluated against the previously created version. This should highlight the fact that it's important to understand the content of your snapshot file and treat it with care. Snapshots will lose their value if the output of the snapshot is too big or complex to read, this means keeping snapshots isolated to human-readable items that can be either evaluated in a merge request review or are guaranteed to never change. +The same can be done for `wrappers` or `elements` + +```javascript +it('renders the component correctly', () => { + expect(wrapper).toMatchSnapshot() + expect(wrapper.element).toMatchSnapshot(); +}) +``` + +The above test will create two snapshots, what's important is to decide which of the snapshots provide more value for the codebase safety i.e. if one of these snapshots changes, does that highlight a possible un-wanted break in the codebase? This can help catch unexpected changes if something in an underlying dependency changes without our knowledge. + +### Pros and Cons + +**Pros** + +- Speed up the creation of unit tests +- Easy to maintain +- Provides a good safety net to protect against accidental breakage of important HTML structures + +**Cons** + +- Is not a catch-all solution that replaces the work of integration or unit tests +- No meaningful assertions or expectations within snapshots +- When carelessly used with [GitLab UI](https://gitlab.com/gitlab-org/gitlab-ui) it can create fragility in tests when the underlying library changes the HTML of a component we are testing + +A good guideline to follow: the more complex the component you may want to steer away from just snapshot testing. But that's not to say you can't still snapshot test and test your component as normal. + +### When to use + +**Use snapshots when** + +- to capture a components rendered output +- to fully or partially match templates +- to match readable data structures +- to verify correctly composed native HTML elements +- as a safety net for critical structures so others don't break it by accident +- Template heavy component +- Not a lot of logic in the component +- Composed of native HTML elements + +### When not to use + +**Don't use snapshots when** + +- To capture large data structures just to have something +- To just have some kind of test written +- To capture highly volatile ui elements without stubbing them (Think of GitLab UI version updates) + --- [Return to Testing documentation](index.md) diff --git a/doc/security/two_factor_authentication.md b/doc/security/two_factor_authentication.md index 6762becec2d..ded10e2f498 100644 --- a/doc/security/two_factor_authentication.md +++ b/doc/security/two_factor_authentication.md @@ -61,7 +61,7 @@ The following are important notes about 2FA: 2FA for the project. For example, if project *P* belongs to 2FA-enabled group *A* and is shared with 2FA-disabled group *B*, members of group *B* can access project *P* without 2FA. To ensure this scenario doesn't occur, - [prevent sharing of projects](../user/group/index.md#share-with-group-lock) + [prevent sharing of projects](../user/group/index.md#prevent-a-project-from-being-shared-with-groups) for the 2FA-enabled group. - If you add additional members to a project within a group or subgroup that has 2FA enabled, 2FA is **not** required for those individually added members. diff --git a/doc/subscriptions/bronze_starter.md b/doc/subscriptions/bronze_starter.md index a43bb4498de..7c80c7c336b 100644 --- a/doc/subscriptions/bronze_starter.md +++ b/doc/subscriptions/bronze_starter.md @@ -26,7 +26,7 @@ the tiers are no longer mentioned in GitLab documentation: - [Creating group memberships via CN](../user/group/index.md#creating-group-links-via-cn) - [Group push rules](../user/group/index.md#group-push-rules) - [Managing group memberships via LDAP](../user/group/index.md#manage-group-memberships-via-ldap) - - [Member locking](../user/group/index.md#member-lock) + - [Member locking](../user/group/index.md#prevent-members-from-being-added-to-a-group) - [Overriding user permissions](../user/group/index.md#overriding-user-permissions) - [User contribution analysis](../user/group/index.md#user-contribution-analysis) - [Kerberos integration](../integration/kerberos.md) diff --git a/doc/user/admin_area/settings/continuous_integration.md b/doc/user/admin_area/settings/continuous_integration.md index 761fc6477d6..f14241bb663 100644 --- a/doc/user/admin_area/settings/continuous_integration.md +++ b/doc/user/admin_area/settings/continuous_integration.md @@ -50,13 +50,13 @@ To change it at the: 1. Change the value of maximum artifacts size (in MB). 1. Click **Save changes** for the changes to take effect. -- [Group level](../../group/index.md#group-settings) (this will override the instance setting): +- Group level (this will override the instance setting): 1. Go to the group's **Settings > CI / CD > General Pipelines**. 1. Change the value of **maximum artifacts size (in MB)**. 1. Click **Save changes** for the changes to take effect. -- [Project level](../../../ci/pipelines/settings.md) (this will override the instance and group settings): +- Project level (this will override the instance and group settings): 1. Go to the project's **Settings > CI / CD > General Pipelines**. 1. Change the value of **maximum artifacts size (in MB)**. diff --git a/doc/user/clusters/agent/index.md b/doc/user/clusters/agent/index.md index 0f30d09829a..619fc4fb090 100644 --- a/doc/user/clusters/agent/index.md +++ b/doc/user/clusters/agent/index.md @@ -205,7 +205,13 @@ the Agent in subsequent steps. You can create an Agent record either: } mutation createToken { - clusterAgentTokenCreate(input: { clusterAgentId: }) { + clusterAgentTokenCreate( + input: { + clusterAgentId: "" + description: "" + name: "" + } + ) { secret # This is the value you need to use on the next step token { createdAt @@ -459,7 +465,7 @@ There are several components that work in concert for the Agent to generate the - One or more network policies through any of these options: - Use the [Container Network Policy editor](../../application_security/threat_monitoring/index.md#container-network-policy-editor) to create and manage policies. - Use an [AutoDevOps](../../application_security/threat_monitoring/index.md#container-network-policy-management) configuration. - - Add the required labels and annotations to existing network policies. + - Add the required labels and annotations to existing network policies. - Use a configuration repository to inform the Agent through a `config.yaml` file, which repositories can synchronize with. This repository might be the same, or a separate GitLab project. diff --git a/doc/user/group/img/group_settings.png b/doc/user/group/img/group_settings.png deleted file mode 100644 index f3a75f1bde8..00000000000 Binary files a/doc/user/group/img/group_settings.png and /dev/null differ diff --git a/doc/user/group/index.md b/doc/user/group/index.md index 6fb98c02902..e0361f6033c 100644 --- a/doc/user/group/index.md +++ b/doc/user/group/index.md @@ -293,7 +293,7 @@ Learn how to [transfer a project into a group](../project/settings/index.md#tran You can [share your projects with a group](../project/members/share_project_with_groups.md) and give all group members access to the project at once. -Alternatively, you can [lock the sharing with group feature](#share-with-group-lock). +Alternatively, you can [lock the sharing with group feature](#prevent-a-project-from-being-shared-with-groups). ## Sharing a group with another group @@ -418,9 +418,9 @@ to explore data such as: [Learn more about Insights](insights/index.md). -## Transferring groups +## Transfer a group -From GitLab 10.5, you can transfer groups in the following ways: +You can transfer groups in the following ways: - Transfer a subgroup to a new parent group. - Convert a top-level group into a subgroup by transferring it to the desired group. @@ -435,20 +435,7 @@ When transferring groups, note: - Only explicit group membership is transferred, not inherited membership. If the group's owners have only inherited membership, this leaves the group without an owner. In this case, the user transferring the group becomes the group's owner. - Transfers will fail if [packages](../packages/index.md) exist in any of the projects within the group, or in any of its subgroups. -## Group settings - -After creating a group, you can manage its settings by navigating to -the group's dashboard, and clicking **Settings**. - -![group settings](img/group_settings.png) - -### General settings - -In addition to editing any settings you previously -set when [creating the group](#create-a-group), you can also -access further configurations for your group. - -#### Changing a group's path +## Change a group's path Changing a group's path (group URL) can have unintended side effects. Read [how redirects will behave](../project/repository/index.md#redirects-when-changing-repository-paths) @@ -475,11 +462,7 @@ If you want to retain ownership over the original namespace and protect the URL redirects, then instead of changing a group's path or renaming a username, you can create a new group and transfer projects to it. -### Group repository settings - -You can change settings that are specific to repositories in your group. - -#### Custom initial branch name +## Use a custom name for the initial branch > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/43290) in GitLab 13.6. @@ -492,7 +475,7 @@ else. This way, every new project created under that group from then on will sta 1. Change the default initial branch to a custom name of your choice. 1. **Save Changes**. -### Remove a group +## Remove a group To remove a group and its contents: @@ -509,7 +492,7 @@ This action either: Since [GitLab 13.6](https://gitlab.com/gitlab-org/gitlab/-/issues/39504), if the user who sets up the deletion leaves or is otherwise removed from the group before the actual deletion happens, the job is cancelled, and the group is no longer scheduled for deletion. -### Restore a group **(PREMIUM)** +## Restore a group **(PREMIUM)** > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/33257) in GitLab 12.8. @@ -519,13 +502,13 @@ To restore a group that is marked for deletion: 1. Expand the **Path, transfer, remove** section. 1. In the Restore group section, click the **Restore group** button. -#### Enforce 2FA to group members +## Enforce two-factor authentication for group members Add a security layer to your group by [enforcing two-factor authentication (2FA)](../../security/two_factor_authentication.md#enforcing-2fa-for-all-users-in-a-group) for all group members. -#### Share with group lock +## Prevent a project from being shared with groups Prevent projects in a group from [sharing a project with another group](../project/members/share_project_with_groups.md) to enable tighter control over project access. @@ -540,7 +523,7 @@ To enable this feature, navigate to the group settings page. Select ![Checkbox for share with group lock](img/share_with_group_lock.png) -#### Member Lock **(PREMIUM)** +## Prevent members from being added to a group **(PREMIUM)** Member lock lets a group owner prevent any new project membership to all of the projects within a group, allowing tighter control over project membership. @@ -560,7 +543,7 @@ This will disable the option for all users who previously had permissions to operate project memberships, so no new users can be added. Furthermore, any request to add a new user to a project through API will not be possible. -#### IP access restriction **(PREMIUM)** +## Restrict group access by IP address **(PREMIUM)** > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/1985) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 12.0. > - [Moved](https://gitlab.com/gitlab-org/gitlab/-/issues/215410) to [GitLab Premium](https://about.gitlab.com/pricing/) in 13.1. @@ -598,7 +581,7 @@ To enable this feature: ![Domain restriction by IP address](img/restrict-by-ip.gif) -#### Allowed domain restriction **(PREMIUM)** +## Restrict group access by domain **(PREMIUM)** >- [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/7297) in [GitLab Premium](https://about.gitlab.com/pricing/) 12.2. >- Support for specifying multiple email domains [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/33143) in GitLab 13.1 @@ -633,7 +616,7 @@ This will enable the domain-checking for all new users added to the group from t NOTE: Domain restrictions only apply to groups and do not prevent users from being added as members of projects owned by the restricted group. -#### Group file templates **(PREMIUM)** +## Group file templates **(PREMIUM)** Group file templates allow you to share a set of templates for common file types with every project in a group. It is analogous to the @@ -660,12 +643,12 @@ To enable this feature, navigate to the group settings page, expand the To learn how to create templates for issues and merge requests, visit [Description templates](../project/description_templates.md). -#### Group-level project templates **(PREMIUM)** +### Group-level project templates **(PREMIUM)** Define project templates at a group level by setting a group as the template source. [Learn more about group-level project templates](custom_project_templates.md). -#### Disabling email notifications +## Disabling email notifications > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/23585) in GitLab 12.2. @@ -677,7 +660,7 @@ To enable this feature: 1. Expand the **Permissions, LFS, 2FA** section, and select **Disable email notifications**. 1. Click **Save changes**. -#### Disabling group mentions +## Disabling group mentions > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/21301) in GitLab 12.6. @@ -694,7 +677,7 @@ To enable this feature: 1. Expand the **Permissions, LFS, 2FA** section, and select **Disable group mentions**. 1. Click **Save changes**. -#### Enabling delayed project removal **(PREMIUM)** +## Enabling delayed project removal **(PREMIUM)** > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/220382) in GitLab 13.2. @@ -714,7 +697,7 @@ To enable delayed deletion of projects: NOTE: The group setting for delayed deletion is not inherited by subgroups and has to be individually defined for each group. -#### Prevent project forking outside group **(PREMIUM)** +## Prevent project forking outside group **(PREMIUM)** > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/216987) in GitLab 13.3. @@ -731,7 +714,7 @@ To enable prevent project forking: 1. Expand the **Permissions, LFS, 2FA** section, and check **Prevent project forking outside current group**. 1. Click **Save changes**. -### Advanced settings +## Advanced settings - **Projects**: View all projects within that group, add members to each project, access each project's settings, and remove any project, all from the same screen. @@ -742,7 +725,7 @@ To enable prevent project forking: - **Pipelines quota**: Keep track of the [pipeline quota](../admin_area/settings/continuous_integration.md) for the group. - **Integrations**: Configure [integrations](../admin_area/settings/project_integration_management.md) for your group. -#### Group push rules **(PREMIUM)** +## Group push rules **(PREMIUM)** > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/34370) in [GitLab Starter](https://about.gitlab.com/pricing/) 12.8. > - [Feature flag removed](https://gitlab.com/gitlab-org/gitlab/-/issues/224129) in GitLab 13.4. @@ -758,7 +741,7 @@ When set, new subgroups have push rules set for them based on either: - The closest parent group with push rules defined. - Push rules set at the instance level, if no parent groups have push rules defined. -### Maximum artifacts size **(FREE SELF)** +## Maximum artifacts size **(FREE SELF)** For information about setting a maximum artifact size for a group, see [Maximum artifacts size](../admin_area/settings/continuous_integration.md#maximum-artifacts-size). diff --git a/doc/user/packages/container_registry/index.md b/doc/user/packages/container_registry/index.md index e3a469c4b6c..ffe2f12e9d8 100644 --- a/doc/user/packages/container_registry/index.md +++ b/doc/user/packages/container_registry/index.md @@ -699,7 +699,7 @@ project or branch name. Special characters can include: - Leading underscore - Trailing hyphen/dash -To get around this, you can [change the group path](../../group/index.md#changing-a-groups-path), +To get around this, you can [change the group path](../../group/index.md#change-a-groups-path), [change the project path](../../project/settings/index.md#renaming-a-repository) or change the branch name. diff --git a/doc/user/permissions.md b/doc/user/permissions.md index 6a05d355fcc..699ba645e87 100644 --- a/doc/user/permissions.md +++ b/doc/user/permissions.md @@ -104,7 +104,8 @@ The following table depicts the various user permission levels in a project. | Publish [packages](packages/index.md) | | | ✓ | ✓ | ✓ | | Create/edit/delete a Cleanup policy | | | ✓ | ✓ | ✓ | | Upload [Design Management](project/issues/design_management.md) files | | | ✓ | ✓ | ✓ | -| Create/edit/delete [Releases](project/releases/index.md)| | | ✓ | ✓ | ✓ | +| Create/edit [releases](project/releases/index.md)| | | ✓ | ✓ | ✓ | +| Delete [releases](project/releases/index.md)| | | | ✓ | ✓ | | Create new branches | | | ✓ | ✓ | ✓ | | Push to non-protected branches | | | ✓ | ✓ | ✓ | | Force push to non-protected branches | | | ✓ | ✓ | ✓ | @@ -195,7 +196,7 @@ The following table depicts the various user permission levels in a project. 1. If the [branch is protected](project/protected_branches.md#using-the-allowed-to-merge-and-allowed-to-push-settings), this depends on the access Developers and Maintainers are given. 1. Guest users can access GitLab [**Releases**](project/releases/index.md) for downloading assets but are not allowed to download the source code nor see repository information like tags and commits. 1. Actions are limited only to records owned (referenced) by user. -1. When [Share Group Lock](group/index.md#share-with-group-lock) is enabled the project can't be shared with other groups. It does not affect group with group sharing. +1. When [Share Group Lock](group/index.md#prevent-a-project-from-being-shared-with-groups) is enabled the project can't be shared with other groups. It does not affect group with group sharing. 1. For information on eligible approvers for merge requests, see [Eligible approvers](project/merge_requests/merge_request_approvals.md#eligible-approvers). 1. Owner permission is only available at the group or personal namespace level (and for instance admins) and is inherited by its projects. diff --git a/doc/user/project/integrations/webhooks.md b/doc/user/project/integrations/webhooks.md index 92e8c67c01c..bf289c9707c 100644 --- a/doc/user/project/integrations/webhooks.md +++ b/doc/user/project/integrations/webhooks.md @@ -1566,7 +1566,7 @@ X-Gitlab-Event: Subgroup Hook ``` NOTE: -Webhooks for when a [subgroup is removed from a group](#subgroup-removed-from-a-group) are not triggered when a [subgroup is transferred to a new parent group](../../group/index.md#transferring-groups) +Webhooks for when a [subgroup is removed from a group](#subgroup-removed-from-a-group) are not triggered when a [subgroup is transferred to a new parent group](../../group/index.md#transfer-a-group) ### Feature Flag events diff --git a/doc/user/project/members/share_project_with_groups.md b/doc/user/project/members/share_project_with_groups.md index 7000988d9bf..8ca403783cb 100644 --- a/doc/user/project/members/share_project_with_groups.md +++ b/doc/user/project/members/share_project_with_groups.md @@ -62,4 +62,4 @@ It is possible to prevent projects in a group from [sharing a project with another group](../members/share_project_with_groups.md). This allows for tighter control over project access. -Learn more about [Share with group lock](../../group/index.md#share-with-group-lock). +Learn more about [Share with group lock](../../group/index.md#prevent-a-project-from-being-shared-with-groups). diff --git a/doc/user/project/repository/index.md b/doc/user/project/repository/index.md index 5a915ebef89..d330e4d2d94 100644 --- a/doc/user/project/repository/index.md +++ b/doc/user/project/repository/index.md @@ -298,7 +298,7 @@ and Git push/pull redirects. Depending on the situation, different things apply. When [renaming a user](../../profile/index.md#changing-your-username), -[changing a group path](../../group/index.md#changing-a-groups-path) or [renaming a repository](../settings/index.md#renaming-a-repository): +[changing a group path](../../group/index.md#change-a-groups-path) or [renaming a repository](../settings/index.md#renaming-a-repository): - Existing web URLs for the namespace and anything under it (such as projects) will redirect to the new URLs. diff --git a/lefthook.yml b/lefthook.yml index f6e3fb68b0e..8791cf61231 100644 --- a/lefthook.yml +++ b/lefthook.yml @@ -7,7 +7,7 @@ pre-push: tags: frontend style files: git diff --name-only $(git merge-base origin/master HEAD)..HEAD glob: "*.{js,vue}" - run: yarn run internal:eslint {files} + run: yarn run lint:eslint {files} haml-lint: tags: view haml style files: git diff --name-only $(git merge-base origin/master HEAD)..HEAD diff --git a/lib/tasks/eslint.rake b/lib/tasks/eslint.rake index 35c3e834258..529f17d4d27 100644 --- a/lib/tasks/eslint.rake +++ b/lib/tasks/eslint.rake @@ -3,7 +3,7 @@ unless Rails.env.production? desc "GitLab | Run ESLint" task eslint: ['yarn:check'] do - unless system('yarn run lint:eslint') + unless system('yarn run lint:eslint:all') abort('rake eslint failed') end end diff --git a/package.json b/package.json index 7814aa04964..1860e87b070 100644 --- a/package.json +++ b/package.json @@ -5,7 +5,7 @@ "block-dependencies": "node scripts/frontend/block_dependencies.js", "clean": "rm -rf public/assets tmp/cache/*-loader", "dev-server": "NODE_OPTIONS=\"--max-old-space-size=3584\" node scripts/frontend/webpack_dev_server.js", - "eslint-fix": "echo 'Please use `yarn lint:eslint:fix` instead' && exit 1", + "eslint-fix": "echo 'Please use `yarn lint:eslint:all:fix` instead' && exit 1", "eslint-staged": "echo 'Please use `yarn lint:eslint:staged` instead' && exit 1", "eslint-staged-fix": "echo 'Please use `yarn lint:eslint:staged:fix` instead' && exit 1", "eslint-report": "echo 'Please use `yarn lint:eslint:report` instead' && exit 1", @@ -21,8 +21,10 @@ "karma": "BABEL_ENV=${BABEL_ENV:=karma} karma start --single-run true config/karma.config.js", "karma-coverage": "BABEL_ENV=coverage karma start --single-run true config/karma.config.js", "karma-start": "BABEL_ENV=karma karma start config/karma.config.js", - "lint:eslint": "yarn run internal:eslint .", - "lint:eslint:fix": "yarn run lint:eslint --fix", + "lint:eslint": "yarn run internal:eslint", + "lint:eslint:fix": "yarn run internal:eslint --fix", + "lint:eslint:all": "yarn run internal:eslint .", + "lint:eslint:all:fix": "yarn run lint:eslint:all --fix", "lint:eslint:report": "yarn run internal:eslint --format html --output-file ./eslint-report.html --no-inline-config .", "lint:eslint:staged": "scripts/frontend/execute-on-staged-files.sh internal:eslint '(js|vue)'", "lint:eslint:staged:fix": "yarn run lint:eslint:staged --fix", diff --git a/qa/qa/resource/clusters/agent_token.rb b/qa/qa/resource/clusters/agent_token.rb index 6a5e861b650..3286f46cdb2 100644 --- a/qa/qa/resource/clusters/agent_token.rb +++ b/qa/qa/resource/clusters/agent_token.rb @@ -32,7 +32,7 @@ module QA def api_post_body <<~GQL mutation createToken { - clusterAgentTokenCreate(input: { clusterAgentId: "gid://gitlab/Clusters::Agent/#{agent.id}" }) { + clusterAgentTokenCreate(input: { clusterAgentId: "gid://gitlab/Clusters::Agent/#{agent.id}" name: "token-#{agent.id}" }) { secret # This is the value you need to use on the next step token { createdAt diff --git a/qa/qa/specs/features/browser_ui/non_devops/performance_bar_spec.rb b/qa/qa/specs/features/browser_ui/non_devops/performance_bar_spec.rb index a0f613cfda2..302fec55c53 100644 --- a/qa/qa/specs/features/browser_ui/non_devops/performance_bar_spec.rb +++ b/qa/qa/specs/features/browser_ui/non_devops/performance_bar_spec.rb @@ -20,7 +20,7 @@ module QA end end - it 'shows results for the original request and AJAX requests', testcase: 'https://gitlab.com/gitlab-org/quality/testcases/-/issues/478' do + it 'shows results for the original request and AJAX requests', testcase: 'https://gitlab.com/gitlab-org/quality/testcases/-/issues/478', quarantine: { only: { pipeline: :master }, issue: 'https://gitlab.com/gitlab-org/gitlab/-/issues/323051', type: :bug } do # Issue pages always make AJAX requests Resource::Issue.fabricate_via_browser_ui! do |issue| issue.title = 'Performance bar test' diff --git a/scripts/static-analysis b/scripts/static-analysis index f0134b3df18..2442455e630 100755 --- a/scripts/static-analysis +++ b/scripts/static-analysis @@ -25,7 +25,7 @@ class StaticAnalysis # Most of the time, RuboCop finishes in 30 seconds, but sometimes it can take around 1200 seconds so we set a # duration of 300 to lower the likelihood that it will run in the same job as another long task... %w[bundle exec rubocop --parallel] => 300, - %w[yarn run lint:eslint] => 197, + %w[yarn run lint:eslint:all] => 197, %w[yarn run lint:prettier] => 124, %w[bin/rake gettext:lint] => 96, %w[bundle exec license_finder] => 49, diff --git a/spec/factories/clusters/agent_tokens.rb b/spec/factories/clusters/agent_tokens.rb index 6f92f2217b3..c49d197c3cd 100644 --- a/spec/factories/clusters/agent_tokens.rb +++ b/spec/factories/clusters/agent_tokens.rb @@ -5,5 +5,7 @@ FactoryBot.define do association :agent, factory: :cluster_agent token_encrypted { Gitlab::CryptoHelper.aes256_gcm_encrypt(SecureRandom.hex(50)) } + + sequence(:name) { |n| "agent-token-#{n}" } end end diff --git a/spec/models/clusters/agent_token_spec.rb b/spec/models/clusters/agent_token_spec.rb index 8107b5b1388..a1b45df1970 100644 --- a/spec/models/clusters/agent_token_spec.rb +++ b/spec/models/clusters/agent_token_spec.rb @@ -6,6 +6,8 @@ RSpec.describe Clusters::AgentToken do it { is_expected.to belong_to(:agent).class_name('Clusters::Agent').required } it { is_expected.to belong_to(:created_by_user).class_name('User').optional } it { is_expected.to validate_length_of(:description).is_at_most(1024) } + it { is_expected.to validate_length_of(:name).is_at_most(255) } + it { is_expected.to validate_presence_of(:name) } describe '#token' do it 'is generated on save' do