Add latest changes from gitlab-org/gitlab@master
This commit is contained in:
parent
190ad3b237
commit
369de19d79
|
@ -156,7 +156,6 @@ Lint/MissingCopEnableDirective:
|
|||
- 'lib/gitlab/background_migration/migrate_approver_to_approval_rules_check_progress.rb'
|
||||
- 'lib/gitlab/background_migration/migrate_approver_to_approval_rules_in_batch.rb'
|
||||
- 'lib/gitlab/background_migration/migrate_job_artifact_registry_to_ssf.rb'
|
||||
- 'lib/gitlab/background_migration/migrate_stage_status.rb'
|
||||
- 'lib/gitlab/background_migration/migrate_u2f_webauthn.rb'
|
||||
- 'lib/gitlab/background_migration/populate_latest_pipeline_ids.rb'
|
||||
- 'lib/gitlab/background_migration/populate_resolved_on_default_branch_column.rb'
|
||||
|
@ -182,7 +181,6 @@ Lint/MissingCopEnableDirective:
|
|||
- 'lib/gitlab/patch/action_cable_redis_listener.rb'
|
||||
- 'lib/gitlab/patch/prependable.rb'
|
||||
- 'lib/gitlab/project_search_results.rb'
|
||||
- 'lib/gitlab/task_helpers.rb'
|
||||
- 'lib/gitlab/testing/request_blocker_middleware.rb'
|
||||
- 'lib/gitlab/testing/request_inspector_middleware.rb'
|
||||
- 'lib/gitlab/testing/robots_blocker_middleware.rb'
|
||||
|
@ -192,4 +190,4 @@ Lint/MissingCopEnableDirective:
|
|||
- 'spec/support/capybara.rb'
|
||||
- 'spec/support/cycle_analytics_helpers/test_generation.rb'
|
||||
- 'spec/support/google_api/cloud_platform_helpers.rb'
|
||||
- 'tooling/danger/product_intelligence.rb'
|
||||
- 'tooling/danger/product_intelligence.rb'
|
|
@ -10,7 +10,6 @@ Lint/MixedRegexpCaptureTypes:
|
|||
- 'lib/gitlab/diff/suggestions_parser.rb'
|
||||
- 'lib/gitlab/github_import/representation/note.rb'
|
||||
- 'lib/gitlab/metrics/system.rb'
|
||||
- 'lib/gitlab/request_profiler/profile.rb'
|
||||
- 'lib/gitlab/slash_commands/issue_move.rb'
|
||||
- 'lib/gitlab/slash_commands/issue_new.rb'
|
||||
- 'lib/gitlab/slash_commands/run.rb'
|
||||
- 'lib/gitlab/slash_commands/run.rb'
|
|
@ -113,7 +113,7 @@ export default {
|
|||
class="referenced-commands draft-note-commands"
|
||||
></div>
|
||||
|
||||
<p class="draft-note-actions d-flex">
|
||||
<p class="draft-note-actions d-flex" data-qa-selector="draft_note_content">
|
||||
<publish-button
|
||||
:show-count="true"
|
||||
:should-publish="false"
|
||||
|
|
|
@ -51,7 +51,7 @@ Follow the steps below to set up a custom hook:
|
|||
in any language, and ensure the 'shebang' at the top properly reflects the
|
||||
language type. For example, if the script is in Ruby the shebang will
|
||||
probably be `#!/usr/bin/env ruby`.
|
||||
1. The data to the file hook is provided as JSON on STDIN. It is exactly the
|
||||
1. The data to the file hook is provided as JSON on `STDIN`. It is exactly the
|
||||
same as for [system hooks](system_hooks.md).
|
||||
|
||||
That's it! Assuming the file hook code is properly implemented, the hook fires
|
||||
|
|
|
@ -14,7 +14,7 @@ Once Maintenance Mode is enabled, in-progress actions finish relatively quickly
|
|||
In that state, various maintenance tasks are easier, and services can be stopped completely or be
|
||||
further degraded for a much shorter period of time than might otherwise be needed. For example, stopping cron jobs and draining queues should be fairly quick.
|
||||
|
||||
Maintenance Mode allows most external actions that do not change internal state. On a high-level, HTTP POST, PUT, PATCH, and DELETE requests are blocked and a detailed overview of [how special cases are handled](#rest-api) is available.
|
||||
Maintenance Mode allows most external actions that do not change internal state. On a high-level, HTTP `POST`, `PUT`, `PATCH`, and `DELETE` requests are blocked and a detailed overview of [how special cases are handled](#rest-api) is available.
|
||||
|
||||
## Enable Maintenance Mode
|
||||
|
||||
|
@ -107,22 +107,22 @@ Notification emails continue to arrive, but emails that require database writes,
|
|||
|
||||
### REST API
|
||||
|
||||
For most JSON requests, POST, PUT, PATCH, and DELETE are blocked, and the API returns a 403 response with the error message: `You cannot perform write operations on a read-only instance`. Only the following requests are allowed:
|
||||
For most JSON requests, `POST`, `PUT`, `PATCH`, and `DELETE` are blocked, and the API returns a 403 response with the error message: `You cannot perform write operations on a read-only instance`. Only the following requests are allowed:
|
||||
|
||||
|HTTP request | Allowed routes | Notes |
|
||||
|:----:|:--------------------------------------:|:----:|
|
||||
| POST | `/admin/application_settings/general` | To allow updating application settings in the administrator UI |
|
||||
| PUT | `/api/v4/application/settings` | To allow updating application settings with the API |
|
||||
| POST | `/users/sign_in` | To allow users to log in. |
|
||||
| POST | `/users/sign_out`| To allow users to log out. |
|
||||
| POST | `/oauth/token` | To allow users to log in to a Geo secondary for the first time. |
|
||||
| POST | `/admin/session`, `/admin/session/destroy` | To allow [Admin Mode for GitLab administrators](https://gitlab.com/groups/gitlab-org/-/epics/2158) |
|
||||
| POST | Paths ending with `/compare`| Git revision routes. |
|
||||
| POST | `.git/git-upload-pack` | To allow Git pull/clone. |
|
||||
| POST | `/api/v4/internal` | [internal API routes](../../development/internal_api/index.md) |
|
||||
| POST | `/admin/sidekiq` | To allow management of background jobs in the Admin Area |
|
||||
| POST | `/admin/geo` | To allow updating Geo Nodes in the administrator UI |
|
||||
| POST | `/api/v4/geo_replication`| To allow certain Geo-specific administrator UI actions on secondary sites |
|
||||
| `POST` | `/admin/application_settings/general` | To allow updating application settings in the administrator UI |
|
||||
| `PUT` | `/api/v4/application/settings` | To allow updating application settings with the API |
|
||||
| `POST` | `/users/sign_in` | To allow users to log in. |
|
||||
| `POST` | `/users/sign_out`| To allow users to log out. |
|
||||
| `POST` | `/oauth/token` | To allow users to log in to a Geo secondary for the first time. |
|
||||
| `POST` | `/admin/session`, `/admin/session/destroy` | To allow [Admin Mode for GitLab administrators](https://gitlab.com/groups/gitlab-org/-/epics/2158) |
|
||||
| `POST` | Paths ending with `/compare`| Git revision routes. |
|
||||
| `POST` | `.git/git-upload-pack` | To allow Git pull/clone. |
|
||||
| `POST` | `/api/v4/internal` | [internal API routes](../../development/internal_api/index.md) |
|
||||
| `POST` | `/admin/sidekiq` | To allow management of background jobs in the Admin Area |
|
||||
| `POST` | `/admin/geo` | To allow updating Geo Nodes in the administrator UI |
|
||||
| `POST` | `/api/v4/geo_replication`| To allow certain Geo-specific administrator UI actions on secondary sites |
|
||||
|
||||
### GraphQL API
|
||||
|
||||
|
|
|
@ -14,11 +14,11 @@ at [bundling dependencies document](omnibus_packages.md).
|
|||
|
||||
The released package versions are in the format `MAJOR.MINOR.PATCH-EDITION.OMNIBUS_RELEASE`
|
||||
|
||||
| Component | Meaning | Example |
|
||||
|-------------------|---------|---------|
|
||||
| MAJOR.MINOR.PATCH | The GitLab version this corresponds to. | 13.3.0 |
|
||||
| EDITION | The edition of GitLab this corresponds to. | ee |
|
||||
| OMNIBUS_RELEASE | The Omnibus GitLab release. Usually, this is 0. This is incremented if we need to build a new package without changing the GitLab version. | 0 |
|
||||
| Component | Meaning | Example |
|
||||
|---------------------|---------|---------|
|
||||
| `MAJOR.MINOR.PATCH` | The GitLab version this corresponds to. | 13.3.0 |
|
||||
| `EDITION` | The edition of GitLab this corresponds to. | ee |
|
||||
| `OMNIBUS_RELEASE` | The Omnibus GitLab release. Usually, this is 0. This is incremented if we need to build a new package without changing the GitLab version. | 0 |
|
||||
|
||||
## Licenses
|
||||
|
||||
|
|
|
@ -12,7 +12,7 @@ which becomes the owner of the project. You can resume an import
|
|||
with the same command.
|
||||
|
||||
Bear in mind that the syntax is very specific. Remove any spaces within the argument block and
|
||||
before/after the brackets. Also, some shells (for example, `zsh`) can interpret the open/close brackets
|
||||
before/after the brackets. Also, some shells (for example, Zsh) can interpret the open/close brackets
|
||||
(`[]`) separately. You may need to either escape the brackets or use double quotes.
|
||||
|
||||
## Caveats
|
||||
|
|
|
@ -9281,6 +9281,7 @@ four standard [pagination arguments](#connection-pagination-arguments):
|
|||
| <a id="boardepicancestorsstartdate"></a>`startDate` **{warning-solid}** | [`Time`](#time) | **Deprecated** in 13.5. Use timeframe.start. |
|
||||
| <a id="boardepicancestorsstate"></a>`state` | [`EpicState`](#epicstate) | Filter epics by state. |
|
||||
| <a id="boardepicancestorstimeframe"></a>`timeframe` | [`Timeframe`](#timeframe) | List items overlapping the given timeframe. |
|
||||
| <a id="boardepicancestorstoplevelhierarchyonly"></a>`topLevelHierarchyOnly` | [`Boolean`](#boolean) | Filter epics with a top-level hierarchy. |
|
||||
| <a id="boardepicancestorsupdatedafter"></a>`updatedAfter` | [`Time`](#time) | Epics updated after this date. |
|
||||
| <a id="boardepicancestorsupdatedbefore"></a>`updatedBefore` | [`Time`](#time) | Epics updated before this date. |
|
||||
|
||||
|
@ -9318,6 +9319,7 @@ four standard [pagination arguments](#connection-pagination-arguments):
|
|||
| <a id="boardepicchildrenstartdate"></a>`startDate` **{warning-solid}** | [`Time`](#time) | **Deprecated** in 13.5. Use timeframe.start. |
|
||||
| <a id="boardepicchildrenstate"></a>`state` | [`EpicState`](#epicstate) | Filter epics by state. |
|
||||
| <a id="boardepicchildrentimeframe"></a>`timeframe` | [`Timeframe`](#timeframe) | List items overlapping the given timeframe. |
|
||||
| <a id="boardepicchildrentoplevelhierarchyonly"></a>`topLevelHierarchyOnly` | [`Boolean`](#boolean) | Filter epics with a top-level hierarchy. |
|
||||
| <a id="boardepicchildrenupdatedafter"></a>`updatedAfter` | [`Time`](#time) | Epics updated after this date. |
|
||||
| <a id="boardepicchildrenupdatedbefore"></a>`updatedBefore` | [`Time`](#time) | Epics updated before this date. |
|
||||
|
||||
|
@ -10858,6 +10860,7 @@ four standard [pagination arguments](#connection-pagination-arguments):
|
|||
| <a id="epicancestorsstartdate"></a>`startDate` **{warning-solid}** | [`Time`](#time) | **Deprecated** in 13.5. Use timeframe.start. |
|
||||
| <a id="epicancestorsstate"></a>`state` | [`EpicState`](#epicstate) | Filter epics by state. |
|
||||
| <a id="epicancestorstimeframe"></a>`timeframe` | [`Timeframe`](#timeframe) | List items overlapping the given timeframe. |
|
||||
| <a id="epicancestorstoplevelhierarchyonly"></a>`topLevelHierarchyOnly` | [`Boolean`](#boolean) | Filter epics with a top-level hierarchy. |
|
||||
| <a id="epicancestorsupdatedafter"></a>`updatedAfter` | [`Time`](#time) | Epics updated after this date. |
|
||||
| <a id="epicancestorsupdatedbefore"></a>`updatedBefore` | [`Time`](#time) | Epics updated before this date. |
|
||||
|
||||
|
@ -10895,6 +10898,7 @@ four standard [pagination arguments](#connection-pagination-arguments):
|
|||
| <a id="epicchildrenstartdate"></a>`startDate` **{warning-solid}** | [`Time`](#time) | **Deprecated** in 13.5. Use timeframe.start. |
|
||||
| <a id="epicchildrenstate"></a>`state` | [`EpicState`](#epicstate) | Filter epics by state. |
|
||||
| <a id="epicchildrentimeframe"></a>`timeframe` | [`Timeframe`](#timeframe) | List items overlapping the given timeframe. |
|
||||
| <a id="epicchildrentoplevelhierarchyonly"></a>`topLevelHierarchyOnly` | [`Boolean`](#boolean) | Filter epics with a top-level hierarchy. |
|
||||
| <a id="epicchildrenupdatedafter"></a>`updatedAfter` | [`Time`](#time) | Epics updated after this date. |
|
||||
| <a id="epicchildrenupdatedbefore"></a>`updatedBefore` | [`Time`](#time) | Epics updated before this date. |
|
||||
|
||||
|
@ -11629,6 +11633,7 @@ Returns [`Epic`](#epic).
|
|||
| <a id="groupepicstartdate"></a>`startDate` **{warning-solid}** | [`Time`](#time) | **Deprecated** in 13.5. Use timeframe.start. |
|
||||
| <a id="groupepicstate"></a>`state` | [`EpicState`](#epicstate) | Filter epics by state. |
|
||||
| <a id="groupepictimeframe"></a>`timeframe` | [`Timeframe`](#timeframe) | List items overlapping the given timeframe. |
|
||||
| <a id="groupepictoplevelhierarchyonly"></a>`topLevelHierarchyOnly` | [`Boolean`](#boolean) | Filter epics with a top-level hierarchy. |
|
||||
| <a id="groupepicupdatedafter"></a>`updatedAfter` | [`Time`](#time) | Epics updated after this date. |
|
||||
| <a id="groupepicupdatedbefore"></a>`updatedBefore` | [`Time`](#time) | Epics updated before this date. |
|
||||
|
||||
|
@ -11678,6 +11683,7 @@ four standard [pagination arguments](#connection-pagination-arguments):
|
|||
| <a id="groupepicsstartdate"></a>`startDate` **{warning-solid}** | [`Time`](#time) | **Deprecated** in 13.5. Use timeframe.start. |
|
||||
| <a id="groupepicsstate"></a>`state` | [`EpicState`](#epicstate) | Filter epics by state. |
|
||||
| <a id="groupepicstimeframe"></a>`timeframe` | [`Timeframe`](#timeframe) | List items overlapping the given timeframe. |
|
||||
| <a id="groupepicstoplevelhierarchyonly"></a>`topLevelHierarchyOnly` | [`Boolean`](#boolean) | Filter epics with a top-level hierarchy. |
|
||||
| <a id="groupepicsupdatedafter"></a>`updatedAfter` | [`Time`](#time) | Epics updated after this date. |
|
||||
| <a id="groupepicsupdatedbefore"></a>`updatedBefore` | [`Time`](#time) | Epics updated before this date. |
|
||||
|
||||
|
|
|
@ -328,7 +328,7 @@ job1:
|
|||
- echo -e "\e[0Ksection_end:`date +%s`:my_first_section\r\e[0K"
|
||||
```
|
||||
|
||||
Depending on the shell that your runner uses, for example if it is using ZSH, you may need to
|
||||
Depending on the shell that your runner uses, for example if it is using Zsh, you may need to
|
||||
escape the special characters like so: `\\e` and `\\r`.
|
||||
|
||||
In the example above:
|
||||
|
|
|
@ -14,6 +14,17 @@ new audit events.
|
|||
Audit Events are a tool for GitLab owners and administrators to view records of important
|
||||
actions performed across the application.
|
||||
|
||||
## What should NOT be Audit Events?
|
||||
|
||||
While any events could trigger an Audit Event, not all events should. In general, events that are not good candidates for audit events are:
|
||||
|
||||
- Not attributable to one specific user.
|
||||
- Not of specific interest to an admin or owner persona.
|
||||
- Are tracking information for product feature adoption.
|
||||
- Are covered in the direction page's discussion on [what is not planned](https://about.gitlab.com/direction/manage/compliance/audit-events/#what-is-not-planned-right-now).
|
||||
|
||||
If you have any questions, please reach out to `@gitlab-org/manage/compliance` to see if an Audit Event, or some other approach, may be best for your event.
|
||||
|
||||
## Audit Event Schemas
|
||||
|
||||
To instrument an audit event, the following attributes should be provided:
|
||||
|
|
|
@ -31,7 +31,7 @@ consists of 2-3 steps, for a total of 3-4 steps visible to the user.
|
|||
<script>
|
||||
import PipelineWizard from '~/pipeline_wizard/pipeline_wizard.vue'
|
||||
import template from '~/pipeline_wizard/templates/my_template.yml';
|
||||
|
||||
|
||||
export default {
|
||||
name: "MyComponent",
|
||||
components: { PipelineWizard },
|
||||
|
@ -73,7 +73,7 @@ steps:
|
|||
required: true
|
||||
pattern: "^(?:(?=[^:\/]{1,253})(?!-)[a-zA-Z0-9-]{1,63}(?<!-)(?:\.(?!-)[a-zA-Z0-9-]{1,63}(?<!-))*(?::[0-9]{1,5})?\/)?((?![._-])(?:[a-z0-9._-]*)(?<![._-])(?:\/(?![._-])[a-z0-9._-]*(?<![._-]))*)(?::(?![.-])[a-zA-Z0-9_.-]{1,128})?$"
|
||||
invalid-feedback: Please enter a valid docker image
|
||||
|
||||
|
||||
# Second input widget
|
||||
- label: Installation Steps
|
||||
description: "Enter the steps that need to run to set up a local build
|
||||
|
@ -90,11 +90,11 @@ steps:
|
|||
image: $BUILD_IMAGE
|
||||
|
||||
before_script: $INSTALLATION_STEPS
|
||||
|
||||
|
||||
artifacts:
|
||||
paths:
|
||||
- foo
|
||||
|
||||
|
||||
# Step 2
|
||||
- inputs:
|
||||
# This is the only input widget for this step
|
||||
|
@ -104,7 +104,7 @@ steps:
|
|||
placeholder: npm ci
|
||||
widget: list
|
||||
target: $INSTALLATION_STEPS
|
||||
|
||||
|
||||
template:
|
||||
# Functions that should be executed before the build script runs
|
||||
before_script: $INSTALLATION_STEPS
|
||||
|
@ -127,13 +127,13 @@ is planned to add the ability to create a MR from here.
|
|||
|
||||
### Props
|
||||
|
||||
- `template` (required): The template content as an unparsed String. See
|
||||
- `template` (required): The template content as an unparsed String. See
|
||||
[Template file location](#template-file-location) for more information.
|
||||
- `project-path` (required): The full path of the project the final file
|
||||
- `project-path` (required): The full path of the project the final file
|
||||
should be committed to
|
||||
- `default-branch` (required): The branch that will be pre-selected during
|
||||
- `default-branch` (required): The branch that will be pre-selected during
|
||||
the commit step. This can be changed by the user.
|
||||
- `default-filename` (optional, default: `.gitlab-ci.yml`): The Filename
|
||||
- `default-filename` (optional, default: `.gitlab-ci.yml`): The Filename
|
||||
to be used for the file. This can be overridden in the template file.
|
||||
|
||||
### Events
|
||||
|
@ -181,12 +181,12 @@ Each step can contain one or more `inputs`. For an ideal user experience, it sho
|
|||
contain more than three.
|
||||
|
||||
The look and feel of the input, as well as the YAML type it produces (string, list, and so on)
|
||||
depends on the [`widget`](#widgets) used. [`widget: text`](#text) displays a
|
||||
depends on the [`widget`](#widgets) used. [`widget: text`](#text) displays a
|
||||
text input
|
||||
and inserts the user's input as a string into the template. [`widget: list`](#list)
|
||||
displays one or more input fields and inserts a list.
|
||||
|
||||
All `inputs` must have a `label`, `widget`, and optionally `target`, but
|
||||
All `inputs` must have a `label`, `widget`, and optionally `target`, but
|
||||
most properties
|
||||
are dependent on the widget being used:
|
||||
|
||||
|
|
|
@ -90,7 +90,7 @@ page, with these behaviors:
|
|||
1. People whose [GitLab status](../user/profile/index.md#set-your-current-status) emoji
|
||||
is 🔶 `:large_orange_diamond:` or 🔸 `:small_orange_diamond:` are half as likely to be picked.
|
||||
1. It always picks the same reviewers and maintainers for the same
|
||||
branch name (unless their out-of-office (OOO) status changes, as in point 1). It
|
||||
branch name (unless their out-of-office (`OOO`) status changes, as in point 1). It
|
||||
removes leading `ce-` and `ee-`, and trailing `-ce` and `-ee`, so
|
||||
that it can be stable for backport branches.
|
||||
|
||||
|
|
|
@ -175,7 +175,7 @@ copying over indexes and foreign keys.
|
|||
|
||||
If a column contains one or more indexes that don't contain the name of the
|
||||
original column, the previously described procedure will fail. In that case,
|
||||
you'll first need to rename these indexes.
|
||||
you need to rename these indexes.
|
||||
|
||||
### Step 2: Add A Post-Deployment Migration
|
||||
|
||||
|
|
|
@ -406,9 +406,8 @@ variable).
|
|||
|
||||
Since daemons are long-running applications, they should have mechanisms to
|
||||
manage cancellations, and avoid unnecessary resources consumption (which could
|
||||
lead to DDOS vulnerabilities). [Go
|
||||
Context](https://github.com/golang/go/wiki/CodeReviewComments#contexts) should
|
||||
be used in functions that can block and passed as the first parameter.
|
||||
lead to DDoS vulnerabilities). [Go Context](https://github.com/golang/go/wiki/CodeReviewComments#contexts)
|
||||
should be used in functions that can block and passed as the first parameter.
|
||||
|
||||
## Dockerfiles
|
||||
|
||||
|
|
|
@ -763,7 +763,7 @@ Example response:
|
|||
|
||||
### Moving additional packs
|
||||
|
||||
Use a PATCH to move additional packs from one namespace to another.
|
||||
Use a `PATCH` to move additional packs from one namespace to another.
|
||||
|
||||
```plaintext
|
||||
PATCH /namespaces/:id/minutes/move/:target_id
|
||||
|
|
|
@ -34,7 +34,7 @@ prompt, command shell, and command line). Here are some options:
|
|||
|
||||
- For macOS users:
|
||||
- Built-in [Terminal](https://blog.teamtreehouse.com/introduction-to-the-mac-os-x-command-line). Press <kbd>⌘ command</kbd> + <kbd>space</kbd> and type `terminal`.
|
||||
- [iTerm2](https://iterm2.com/). You can integrate it with [zsh](https://git-scm.com/book/id/v2/Appendix-A%3A-Git-in-Other-Environments-Git-in-Zsh) and [oh my zsh](https://ohmyz.sh/) for color highlighting and other advanced features.
|
||||
- [iTerm2](https://iterm2.com/). You can integrate it with [Zsh](https://git-scm.com/book/id/v2/Appendix-A%3A-Git-in-Other-Environments-Git-in-Zsh) and [Oh My Zsh](https://ohmyz.sh/) for color highlighting and other advanced features.
|
||||
- For Windows users:
|
||||
- Built-in command line. On the Windows taskbar, select the search icon and type `cmd`.
|
||||
- [PowerShell](https://docs.microsoft.com/en-us/powershell/scripting/windows-powershell/install/installing-windows-powershell?view=powershell-7).
|
||||
|
|
|
@ -15,7 +15,7 @@ Enterprise Edition in a single Virtual Machine (VM).
|
|||
|
||||
## Prerequisite
|
||||
|
||||
You'll need an account on Azure. Use of the following methods to obtain an account:
|
||||
You need an account on Azure. Use of the following methods to obtain an account:
|
||||
|
||||
- If you or your company already have an account with a subscription, use that account.
|
||||
If not, you can [open your own Azure account for free](https://azure.microsoft.com/en-us/free/).
|
||||
|
|
|
@ -386,7 +386,7 @@ above error message.
|
|||
|
||||
To fix this, ensure that the forward and reverse DNS for your GitLab server
|
||||
match. So for instance, if you access GitLab as `gitlab.example.com`, resolving
|
||||
to IP address `1.2.3.4`, then `4.3.2.1.in-addr.arpa` must be a PTR record for
|
||||
to IP address `1.2.3.4`, then `4.3.2.1.in-addr.arpa` must be a `PTR` record for
|
||||
`gitlab.example.com`.
|
||||
|
||||
Finally, it's possible that the browser or client machine lack Kerberos support
|
||||
|
|
|
@ -240,7 +240,7 @@ cd /opt/gitlab/embedded/service/mattermost
|
|||
sudo /opt/gitlab/embedded/bin/chpst -e /opt/gitlab/etc/mattermost/env -P -U mattermost:mattermost -u mattermost:mattermost /opt/gitlab/embedded/bin/mattermost --config=/var/opt/gitlab/mattermost/config.json version
|
||||
```
|
||||
|
||||
Until [#4745](https://gitlab.com/gitlab-org/omnibus-gitlab/-/issues/4745) has been implemented, the command requires quite of bit typing and is hard to remember, so let's make a bash/zsh alias to make it a bit easier to remember. Add the following to your `~/.bashrc` or `~/.zshrc` file:
|
||||
Until [#4745](https://gitlab.com/gitlab-org/omnibus-gitlab/-/issues/4745) has been implemented, the command requires quite of bit typing and is hard to remember, so let's make a bash or Zsh alias to make it a bit easier to remember. Add the following to your `~/.bashrc` or `~/.zshrc` file:
|
||||
|
||||
```shell
|
||||
alias mattermost-cli="cd /opt/gitlab/embedded/service/mattermost && sudo /opt/gitlab/embedded/bin/chpst -e /opt/gitlab/etc/mattermost/env -P -U mattermost:mattermost -u mattermost:mattermost /opt/gitlab/embedded/bin/mattermost --config=/var/opt/gitlab/mattermost/config.json $1"
|
||||
|
|
|
@ -180,7 +180,7 @@ the operation you want to perform in each commit. To do so, edit
|
|||
the commits in your terminal's text editor.
|
||||
|
||||
For example, with [Vim](https://www.vim.org/) as the text editor in
|
||||
a macOS's `ZSH` shell, you can `squash` or `fixup` (combine) all three commits:
|
||||
a macOS's Zsh shell, you can `squash` or `fixup` (combine) all three commits:
|
||||
|
||||
<!-- vale gitlab.FirstPerson = NO -->
|
||||
|
||||
|
|
|
@ -160,7 +160,7 @@ For more details, see the Git documentation for
|
|||
```
|
||||
|
||||
WARNING:
|
||||
Git integrations with `bash`, `zsh`, etc and editors that automatically
|
||||
Git integrations with `bash`, Zsh, etc and editors that automatically
|
||||
show Git status information often run `git fetch` which fetches the
|
||||
entire repository. Disabling or reconfiguring these integrations might be required.
|
||||
|
||||
|
|
|
@ -381,9 +381,9 @@ comment - content which is not included in the output document
|
|||
It's possible to have color written in `HEX`, `RGB`, or `HSL` format rendered with a color indicator.
|
||||
Supported formats (named colors are not supported):
|
||||
|
||||
- HEX: `` `#RGB[A]` `` or `` `#RRGGBB[AA]` ``
|
||||
- RGB: `` `RGB[A](R, G, B[, A])` ``
|
||||
- HSL: `` `HSL[A](H, S, L[, A])` ``
|
||||
- `HEX`: `` `#RGB[A]` `` or `` `#RRGGBB[AA]` ``
|
||||
- `RGB`: `` `RGB[A](R, G, B[, A])` ``
|
||||
- `HSL`: `` `HSL[A](H, S, L[, A])` ``
|
||||
|
||||
Color written inside backticks is followed by a color "chip":
|
||||
|
||||
|
|
|
@ -102,7 +102,7 @@ These bot users do not count as licensed seats.
|
|||
The bot users for projects have [permissions](../../permissions.md#project-members-permissions) that correspond with the
|
||||
selected role and [scope](#scopes-for-a-project-access-token) of the project access token.
|
||||
|
||||
**Note** Project maintainers cannot select Owner role for bot users.
|
||||
**Note** Project maintainers cannot select Owner role for bot users.
|
||||
|
||||
- The name is set to the name of the token.
|
||||
- The username is set to `project_{project_id}_bot` for the first access token. For example, `project_123_bot`.
|
||||
|
|
|
@ -170,7 +170,7 @@ You can filter the **Issues** list to individual instances by their ID. For exam
|
|||
|
||||
> Moved to GitLab Premium in 13.9.
|
||||
|
||||
To filter merge requests by an individual eligible approver ([Codeowner](../project/code_owners.md)), you can type (or select from
|
||||
To filter merge requests by an individual eligible approver ([Code owner](../project/code_owners.md)), you can type (or select from
|
||||
the dropdown list) **Approver** and select the user.
|
||||
|
||||
![Filter MRs by an approver](img/filter_approver_merge_requests_v14_6.png)
|
||||
|
|
|
@ -19,6 +19,10 @@ module QA
|
|||
element :review_bar_content
|
||||
end
|
||||
|
||||
view 'app/assets/javascripts/batch_comments/components/draft_note.vue' do
|
||||
element :draft_note_content
|
||||
end
|
||||
|
||||
view 'app/assets/javascripts/diffs/components/compare_dropdown_layout.vue' do
|
||||
element :dropdown_content
|
||||
end
|
||||
|
@ -150,6 +154,8 @@ module QA
|
|||
has_element?(:submit_review_button)
|
||||
within_element(:review_bar_content) do
|
||||
click_element(:review_preview_dropdown)
|
||||
end
|
||||
within_element(:draft_note_content) do
|
||||
click_element(:submit_review_button)
|
||||
end
|
||||
# After clicking the button, wait for it to disappear
|
||||
|
|
|
@ -0,0 +1,176 @@
|
|||
# frozen_string_literal: true
|
||||
|
||||
module QA
|
||||
RSpec.describe 'Manage' do
|
||||
describe 'User', :requires_admin do
|
||||
let(:admin_api_client) { Runtime::API::Client.as_admin }
|
||||
|
||||
let!(:sub_group) do
|
||||
QA::Resource::Group.fabricate_via_api! do |group|
|
||||
group.path = "sub-group-to-test-user-access-#{SecureRandom.hex(8)}"
|
||||
end
|
||||
end
|
||||
|
||||
context 'when added to parent group' do
|
||||
let!(:parent_group_user) do
|
||||
Resource::User.fabricate_via_api! do |user|
|
||||
user.api_client = admin_api_client
|
||||
end
|
||||
end
|
||||
|
||||
let!(:parent_group_user_api_client) do
|
||||
Runtime::API::Client.new(:gitlab, user: parent_group_user)
|
||||
end
|
||||
|
||||
let!(:sub_group_project) do
|
||||
Resource::Project.fabricate_via_api! do |project|
|
||||
project.group = sub_group
|
||||
project.name = "sub-group-project-to-test-user-access"
|
||||
project.initialize_with_readme = true
|
||||
end
|
||||
end
|
||||
|
||||
before do
|
||||
sub_group.sandbox.add_member(parent_group_user)
|
||||
end
|
||||
|
||||
it(
|
||||
'is allowed to push code to sub-group project via the CLI',
|
||||
testcase: 'https://gitlab.com/gitlab-org/gitlab/-/quality/test_cases/363345'
|
||||
) do
|
||||
expect do
|
||||
Resource::Repository::Push.fabricate! do |push|
|
||||
push.repository_http_uri = sub_group_project.repository_http_location.uri
|
||||
push.file_name = 'test.txt'
|
||||
push.file_content = "# This is a test project named #{sub_group_project.name}"
|
||||
push.commit_message = 'Add test.txt'
|
||||
push.branch_name = "new_branch_#{SecureRandom.hex(8)}"
|
||||
push.user = parent_group_user
|
||||
end
|
||||
end.not_to raise_error
|
||||
end
|
||||
|
||||
it(
|
||||
'is allowed to create a file in sub-group project via the API',
|
||||
testcase: 'https://gitlab.com/gitlab-org/gitlab/-/quality/test_cases/363348'
|
||||
) do
|
||||
expect do
|
||||
Resource::File.fabricate_via_api! do |file|
|
||||
file.api_client = parent_group_user_api_client
|
||||
file.project = sub_group_project
|
||||
file.branch = "new_branch_#{SecureRandom.hex(8)}"
|
||||
file.commit_message = 'Add new file'
|
||||
file.name = 'test.txt'
|
||||
file.content = "New file"
|
||||
end
|
||||
end.not_to raise_error
|
||||
end
|
||||
|
||||
it(
|
||||
'is allowed to commit to sub-group project via the API',
|
||||
testcase: 'https://gitlab.com/gitlab-org/gitlab/-/quality/test_cases/363349'
|
||||
) do
|
||||
expect do
|
||||
Resource::Repository::Commit.fabricate_via_api! do |commit|
|
||||
commit.api_client = parent_group_user_api_client
|
||||
commit.project = sub_group_project
|
||||
commit.branch = "new_branch_#{SecureRandom.hex(8)}"
|
||||
commit.start_branch = sub_group_project.default_branch
|
||||
commit.commit_message = 'Add new file'
|
||||
commit.add_files([
|
||||
{ file_path: 'test.txt', content: 'new file' }
|
||||
])
|
||||
end
|
||||
end.not_to raise_error
|
||||
end
|
||||
|
||||
after do
|
||||
parent_group_user.remove_via_api!
|
||||
sub_group_project.remove_via_api!
|
||||
sub_group.remove_via_api!
|
||||
end
|
||||
end
|
||||
|
||||
context 'when added to sub-group' do
|
||||
let!(:parent_group_project) do
|
||||
Resource::Project.fabricate_via_api! do |project|
|
||||
project.group = sub_group.sandbox
|
||||
project.name = "sub-group-project-to-test-user-access"
|
||||
project.initialize_with_readme = true
|
||||
end
|
||||
end
|
||||
|
||||
let!(:sub_group_user) do
|
||||
Resource::User.fabricate_via_api! do |user|
|
||||
user.api_client = admin_api_client
|
||||
end
|
||||
end
|
||||
|
||||
let!(:sub_group_user_api_client) do
|
||||
Runtime::API::Client.new(:gitlab, user: sub_group_user)
|
||||
end
|
||||
|
||||
before do
|
||||
sub_group.add_member(sub_group_user)
|
||||
end
|
||||
|
||||
it(
|
||||
'is not allowed to push code to parent group project via the CLI',
|
||||
testcase: 'https://gitlab.com/gitlab-org/gitlab/-/quality/test_cases/363344'
|
||||
) do
|
||||
expect do
|
||||
Resource::Repository::Push.fabricate! do |push|
|
||||
push.repository_http_uri = parent_group_project.repository_http_location.uri
|
||||
push.file_name = 'test.txt'
|
||||
push.file_content = "# This is a test project named #{parent_group_project.name}"
|
||||
push.commit_message = 'Add test.txt'
|
||||
push.branch_name = "new_branch_#{SecureRandom.hex(8)}"
|
||||
push.user = sub_group_user
|
||||
end
|
||||
end.to raise_error(QA::Support::Run::CommandError, /You are not allowed to push code to this project/)
|
||||
end
|
||||
|
||||
it(
|
||||
'is not allowed to create a file in parent group project via the API',
|
||||
testcase: 'https://gitlab.com/gitlab-org/gitlab/-/quality/test_cases/363343'
|
||||
) do
|
||||
expect do
|
||||
Resource::File.fabricate_via_api! do |file|
|
||||
file.api_client = sub_group_user_api_client
|
||||
file.project = parent_group_project
|
||||
file.branch = "new_branch_#{SecureRandom.hex(8)}"
|
||||
file.commit_message = 'Add new file'
|
||||
file.name = 'test.txt'
|
||||
file.content = "New file"
|
||||
end
|
||||
end.to raise_error(Resource::ApiFabricator::ResourceFabricationFailedError, /403 Forbidden/)
|
||||
end
|
||||
|
||||
it(
|
||||
'is not allowed to commit to parent group project via the API',
|
||||
testcase: 'https://gitlab.com/gitlab-org/gitlab/-/quality/test_cases/363342'
|
||||
) do
|
||||
expect do
|
||||
Resource::Repository::Commit.fabricate_via_api! do |commit|
|
||||
commit.api_client = sub_group_user_api_client
|
||||
commit.project = parent_group_project
|
||||
commit.branch = "new_branch_#{SecureRandom.hex(8)}"
|
||||
commit.start_branch = parent_group_project.default_branch
|
||||
commit.commit_message = 'Add new file'
|
||||
commit.add_files([
|
||||
{ file_path: 'test.txt', content: 'new file' }
|
||||
])
|
||||
end
|
||||
end.to raise_error(Resource::ApiFabricator::ResourceFabricationFailedError,
|
||||
/403 Forbidden - You are not allowed to push into this branch/)
|
||||
end
|
||||
|
||||
after do
|
||||
sub_group_user.remove_via_api!
|
||||
parent_group_project.remove_via_api!
|
||||
sub_group.remove_via_api!
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
|
@ -0,0 +1,109 @@
|
|||
# frozen_string_literal: true
|
||||
|
||||
module QA
|
||||
RSpec.describe 'Manage' do
|
||||
describe 'User', :requires_admin do
|
||||
let(:admin_api_client) { Runtime::API::Client.as_admin }
|
||||
|
||||
let!(:sub_group) do
|
||||
QA::Resource::Group.fabricate_via_api! do |group|
|
||||
group.path = "sub-group-to-test-user-access-#{SecureRandom.hex(8)}"
|
||||
end
|
||||
end
|
||||
|
||||
context 'when added to parent group' do
|
||||
let!(:parent_group_user) do
|
||||
Resource::User.fabricate_via_api! do |user|
|
||||
user.api_client = admin_api_client
|
||||
end
|
||||
end
|
||||
|
||||
let!(:parent_group_user_api_client) do
|
||||
Runtime::API::Client.new(:gitlab, user: parent_group_user)
|
||||
end
|
||||
|
||||
let!(:sub_group_project) do
|
||||
Resource::Project.fabricate_via_api! do |project|
|
||||
project.group = sub_group
|
||||
project.name = "sub-group-project-to-test-user-access"
|
||||
project.initialize_with_readme = true
|
||||
end
|
||||
end
|
||||
|
||||
before do
|
||||
sub_group.sandbox.add_member(parent_group_user)
|
||||
end
|
||||
|
||||
it(
|
||||
'is allowed to edit the sub-group project files',
|
||||
testcase: 'https://gitlab.com/gitlab-org/gitlab/-/quality/test_cases/363467'
|
||||
) do
|
||||
Flow::Login.sign_in(as: parent_group_user)
|
||||
sub_group_project.visit!
|
||||
|
||||
Page::Project::Show.perform do |project|
|
||||
project.click_file('README.md')
|
||||
end
|
||||
|
||||
Page::File::Show.perform(&:click_edit)
|
||||
|
||||
Page::File::Form.perform do |file_form|
|
||||
expect(file_form).to have_element(:commit_button)
|
||||
end
|
||||
end
|
||||
|
||||
after do
|
||||
parent_group_user.remove_via_api!
|
||||
sub_group_project.remove_via_api!
|
||||
sub_group.remove_via_api!
|
||||
end
|
||||
end
|
||||
|
||||
context 'when added to sub-group' do
|
||||
let!(:parent_group_project) do
|
||||
Resource::Project.fabricate_via_api! do |project|
|
||||
project.group = sub_group.sandbox
|
||||
project.name = "sub-group-project-to-test-user-access"
|
||||
project.initialize_with_readme = true
|
||||
end
|
||||
end
|
||||
|
||||
let!(:sub_group_user) do
|
||||
Resource::User.fabricate_via_api! do |user|
|
||||
user.api_client = admin_api_client
|
||||
end
|
||||
end
|
||||
|
||||
let!(:sub_group_user_api_client) do
|
||||
Runtime::API::Client.new(:gitlab, user: sub_group_user)
|
||||
end
|
||||
|
||||
before do
|
||||
sub_group.add_member(sub_group_user)
|
||||
end
|
||||
|
||||
it(
|
||||
'is not allowed to edit the parent group project files',
|
||||
testcase: 'https://gitlab.com/gitlab-org/gitlab/-/quality/test_cases/363466'
|
||||
) do
|
||||
Flow::Login.sign_in(as: sub_group_user)
|
||||
parent_group_project.visit!
|
||||
|
||||
Page::Project::Show.perform do |project|
|
||||
project.click_file('README.md')
|
||||
end
|
||||
|
||||
Page::File::Show.perform(&:click_edit)
|
||||
|
||||
expect(page).to have_text("You can’t edit files directly in this project.")
|
||||
end
|
||||
|
||||
after do
|
||||
sub_group_user.remove_via_api!
|
||||
parent_group_project.remove_via_api!
|
||||
sub_group.remove_via_api!
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
Loading…
Reference in New Issue