kotovalexarian-likes-gitlab
/
gitlab-org--gitlab-foss
1
0
Fork 0
Code Releases Activity

Add latest changes from gitlab-org/gitlab@master

This commit is contained in:
GitLab Bot 2022-06-01 06:09:28 +00:00
parent 190ad3b237
commit 369de19d79
27 changed files with 360 additions and 56 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
.rubocop_todo/lint/missing_cop_enable_directive.yml
View File

@ -156,7 +156,6 @@ Lint/MissingCopEnableDirective:
- 'lib/gitlab/background_migration/migrate_approver_to_approval_rules_check_progress.rb'
- 'lib/gitlab/background_migration/migrate_approver_to_approval_rules_in_batch.rb'
- 'lib/gitlab/background_migration/migrate_job_artifact_registry_to_ssf.rb'
- 'lib/gitlab/background_migration/migrate_stage_status.rb'
- 'lib/gitlab/background_migration/migrate_u2f_webauthn.rb'
- 'lib/gitlab/background_migration/populate_latest_pipeline_ids.rb'
- 'lib/gitlab/background_migration/populate_resolved_on_default_branch_column.rb'
@ -182,7 +181,6 @@ Lint/MissingCopEnableDirective:
- 'lib/gitlab/patch/action_cable_redis_listener.rb'
- 'lib/gitlab/patch/prependable.rb'
- 'lib/gitlab/project_search_results.rb'
- 'lib/gitlab/task_helpers.rb'
- 'lib/gitlab/testing/request_blocker_middleware.rb'
- 'lib/gitlab/testing/request_inspector_middleware.rb'
- 'lib/gitlab/testing/robots_blocker_middleware.rb'
@ -192,4 +190,4 @@ Lint/MissingCopEnableDirective:
- 'spec/support/capybara.rb'
- 'spec/support/cycle_analytics_helpers/test_generation.rb'
- 'spec/support/google_api/cloud_platform_helpers.rb'
- 'tooling/danger/product_intelligence.rb'
- 'tooling/danger/product_intelligence.rb'

3
.rubocop_todo/lint/mixed_regexp_capture_types.yml
View File

@ -10,7 +10,6 @@ Lint/MixedRegexpCaptureTypes:
- 'lib/gitlab/diff/suggestions_parser.rb'
- 'lib/gitlab/github_import/representation/note.rb'
- 'lib/gitlab/metrics/system.rb'
- 'lib/gitlab/request_profiler/profile.rb'
- 'lib/gitlab/slash_commands/issue_move.rb'
- 'lib/gitlab/slash_commands/issue_new.rb'
- 'lib/gitlab/slash_commands/run.rb'
- 'lib/gitlab/slash_commands/run.rb'

2
app/assets/javascripts/batch_comments/components/draft_note.vue
View File

@ -113,7 +113,7 @@ export default {
class="referenced-commands draft-note-commands"
></div>
<p class="draft-note-actions d-flex">
<p class="draft-note-actions d-flex" data-qa-selector="draft_note_content">
<publish-button
:show-count="true"
:should-publish="false"

2
doc/administration/file_hooks.md
View File

@ -51,7 +51,7 @@ Follow the steps below to set up a custom hook:
in any language, and ensure the 'shebang' at the top properly reflects the
language type. For example, if the script is in Ruby the shebang will
probably be `#!/usr/bin/env ruby`.
1. The data to the file hook is provided as JSON on STDIN. It is exactly the
1. The data to the file hook is provided as JSON on `STDIN`. It is exactly the
same as for [system hooks](system_hooks.md).
That's it! Assuming the file hook code is properly implemented, the hook fires

28
doc/administration/maintenance_mode/index.md
View File

@ -14,7 +14,7 @@ Once Maintenance Mode is enabled, in-progress actions finish relatively quickly
In that state, various maintenance tasks are easier, and services can be stopped completely or be
further degraded for a much shorter period of time than might otherwise be needed. For example, stopping cron jobs and draining queues should be fairly quick.
Maintenance Mode allows most external actions that do not change internal state. On a high-level, HTTP POST, PUT, PATCH, and DELETE requests are blocked and a detailed overview of [how special cases are handled](#rest-api) is available.
Maintenance Mode allows most external actions that do not change internal state. On a high-level, HTTP `POST`, `PUT`, `PATCH`, and `DELETE` requests are blocked and a detailed overview of [how special cases are handled](#rest-api) is available.
## Enable Maintenance Mode
@ -107,22 +107,22 @@ Notification emails continue to arrive, but emails that require database writes,
### REST API
For most JSON requests, POST, PUT, PATCH, and DELETE are blocked, and the API returns a 403 response with the error message: `You cannot perform write operations on a read-only instance`. Only the following requests are allowed:
For most JSON requests, `POST`, `PUT`, `PATCH`, and `DELETE` are blocked, and the API returns a 403 response with the error message: `You cannot perform write operations on a read-only instance`. Only the following requests are allowed:
|HTTP request | Allowed routes | Notes |
|:----:|:--------------------------------------:|:----:|
| POST | `/admin/application_settings/general` | To allow updating application settings in the administrator UI |
| PUT | `/api/v4/application/settings` | To allow updating application settings with the API |
| POST | `/users/sign_in` | To allow users to log in. |
| POST | `/users/sign_out`| To allow users to log out. |
| POST | `/oauth/token` | To allow users to log in to a Geo secondary for the first time. |
| POST | `/admin/session`, `/admin/session/destroy` | To allow [Admin Mode for GitLab administrators](https://gitlab.com/groups/gitlab-org/-/epics/2158) |
| POST | Paths ending with `/compare`| Git revision routes. |
| POST | `.git/git-upload-pack` | To allow Git pull/clone. |
| POST | `/api/v4/internal` | [internal API routes](../../development/internal_api/index.md) |
| POST | `/admin/sidekiq` | To allow management of background jobs in the Admin Area |
| POST | `/admin/geo` | To allow updating Geo Nodes in the administrator UI |
| POST | `/api/v4/geo_replication`| To allow certain Geo-specific administrator UI actions on secondary sites |
| `POST` | `/admin/application_settings/general` | To allow updating application settings in the administrator UI |
| `PUT` | `/api/v4/application/settings` | To allow updating application settings with the API |
| `POST` | `/users/sign_in` | To allow users to log in. |
| `POST` | `/users/sign_out`| To allow users to log out. |
| `POST` | `/oauth/token` | To allow users to log in to a Geo secondary for the first time. |
| `POST` | `/admin/session`, `/admin/session/destroy` | To allow [Admin Mode for GitLab administrators](https://gitlab.com/groups/gitlab-org/-/epics/2158) |
| `POST` | Paths ending with `/compare`| Git revision routes. |
| `POST` | `.git/git-upload-pack` | To allow Git pull/clone. |
| `POST` | `/api/v4/internal` | [internal API routes](../../development/internal_api/index.md) |
| `POST` | `/admin/sidekiq` | To allow management of background jobs in the Admin Area |
| `POST` | `/admin/geo` | To allow updating Geo Nodes in the administrator UI |
| `POST` | `/api/v4/geo_replication`| To allow certain Geo-specific administrator UI actions on secondary sites |
### GraphQL API

10
doc/administration/package_information/index.md
View File

@ -14,11 +14,11 @@ at [bundling dependencies document](omnibus_packages.md).
The released package versions are in the format `MAJOR.MINOR.PATCH-EDITION.OMNIBUS_RELEASE`
| Component | Meaning | Example |
|-------------------|---------|---------|
| MAJOR.MINOR.PATCH | The GitLab version this corresponds to. | 13.3.0 |
| EDITION | The edition of GitLab this corresponds to. | ee |
| OMNIBUS_RELEASE | The Omnibus GitLab release. Usually, this is 0. This is incremented if we need to build a new package without changing the GitLab version. | 0 |
| Component | Meaning | Example |
|---------------------|---------|---------|
| `MAJOR.MINOR.PATCH` | The GitLab version this corresponds to. | 13.3.0 |
| `EDITION` | The edition of GitLab this corresponds to. | ee |
| `OMNIBUS_RELEASE` | The Omnibus GitLab release. Usually, this is 0. This is incremented if we need to build a new package without changing the GitLab version. | 0 |
## Licenses

2
doc/administration/raketasks/github_import.md
View File

@ -12,7 +12,7 @@ which becomes the owner of the project. You can resume an import
with the same command.
Bear in mind that the syntax is very specific. Remove any spaces within the argument block and
before/after the brackets. Also, some shells (for example, `zsh`) can interpret the open/close brackets
before/after the brackets. Also, some shells (for example, Zsh) can interpret the open/close brackets
(`[]`) separately. You may need to either escape the brackets or use double quotes.
## Caveats

6
doc/api/graphql/reference/index.md
View File

@ -9281,6 +9281,7 @@ four standard [pagination arguments](#connection-pagination-arguments):
| <a id="boardepicancestorsstartdate"></a>`startDate` **{warning-solid}** | [`Time`](#time) | **Deprecated** in 13.5. Use timeframe.start. |
| <a id="boardepicancestorsstate"></a>`state` | [`EpicState`](#epicstate) | Filter epics by state. |
| <a id="boardepicancestorstimeframe"></a>`timeframe` | [`Timeframe`](#timeframe) | List items overlapping the given timeframe. |
| <a id="boardepicancestorstoplevelhierarchyonly"></a>`topLevelHierarchyOnly` | [`Boolean`](#boolean) | Filter epics with a top-level hierarchy. |
| <a id="boardepicancestorsupdatedafter"></a>`updatedAfter` | [`Time`](#time) | Epics updated after this date. |
| <a id="boardepicancestorsupdatedbefore"></a>`updatedBefore` | [`Time`](#time) | Epics updated before this date. |
@ -9318,6 +9319,7 @@ four standard [pagination arguments](#connection-pagination-arguments):
| <a id="boardepicchildrenstartdate"></a>`startDate` **{warning-solid}** | [`Time`](#time) | **Deprecated** in 13.5. Use timeframe.start. |
| <a id="boardepicchildrenstate"></a>`state` | [`EpicState`](#epicstate) | Filter epics by state. |
| <a id="boardepicchildrentimeframe"></a>`timeframe` | [`Timeframe`](#timeframe) | List items overlapping the given timeframe. |
| <a id="boardepicchildrentoplevelhierarchyonly"></a>`topLevelHierarchyOnly` | [`Boolean`](#boolean) | Filter epics with a top-level hierarchy. |
| <a id="boardepicchildrenupdatedafter"></a>`updatedAfter` | [`Time`](#time) | Epics updated after this date. |
| <a id="boardepicchildrenupdatedbefore"></a>`updatedBefore` | [`Time`](#time) | Epics updated before this date. |
@ -10858,6 +10860,7 @@ four standard [pagination arguments](#connection-pagination-arguments):
| <a id="epicancestorsstartdate"></a>`startDate` **{warning-solid}** | [`Time`](#time) | **Deprecated** in 13.5. Use timeframe.start. |
| <a id="epicancestorsstate"></a>`state` | [`EpicState`](#epicstate) | Filter epics by state. |
| <a id="epicancestorstimeframe"></a>`timeframe` | [`Timeframe`](#timeframe) | List items overlapping the given timeframe. |
| <a id="epicancestorstoplevelhierarchyonly"></a>`topLevelHierarchyOnly` | [`Boolean`](#boolean) | Filter epics with a top-level hierarchy. |
| <a id="epicancestorsupdatedafter"></a>`updatedAfter` | [`Time`](#time) | Epics updated after this date. |
| <a id="epicancestorsupdatedbefore"></a>`updatedBefore` | [`Time`](#time) | Epics updated before this date. |
@ -10895,6 +10898,7 @@ four standard [pagination arguments](#connection-pagination-arguments):
| <a id="epicchildrenstartdate"></a>`startDate` **{warning-solid}** | [`Time`](#time) | **Deprecated** in 13.5. Use timeframe.start. |
| <a id="epicchildrenstate"></a>`state` | [`EpicState`](#epicstate) | Filter epics by state. |
| <a id="epicchildrentimeframe"></a>`timeframe` | [`Timeframe`](#timeframe) | List items overlapping the given timeframe. |
| <a id="epicchildrentoplevelhierarchyonly"></a>`topLevelHierarchyOnly` | [`Boolean`](#boolean) | Filter epics with a top-level hierarchy. |
| <a id="epicchildrenupdatedafter"></a>`updatedAfter` | [`Time`](#time) | Epics updated after this date. |
| <a id="epicchildrenupdatedbefore"></a>`updatedBefore` | [`Time`](#time) | Epics updated before this date. |
@ -11629,6 +11633,7 @@ Returns [`Epic`](#epic).
| <a id="groupepicstartdate"></a>`startDate` **{warning-solid}** | [`Time`](#time) | **Deprecated** in 13.5. Use timeframe.start. |
| <a id="groupepicstate"></a>`state` | [`EpicState`](#epicstate) | Filter epics by state. |
| <a id="groupepictimeframe"></a>`timeframe` | [`Timeframe`](#timeframe) | List items overlapping the given timeframe. |
| <a id="groupepictoplevelhierarchyonly"></a>`topLevelHierarchyOnly` | [`Boolean`](#boolean) | Filter epics with a top-level hierarchy. |
| <a id="groupepicupdatedafter"></a>`updatedAfter` | [`Time`](#time) | Epics updated after this date. |
| <a id="groupepicupdatedbefore"></a>`updatedBefore` | [`Time`](#time) | Epics updated before this date. |
@ -11678,6 +11683,7 @@ four standard [pagination arguments](#connection-pagination-arguments):
| <a id="groupepicsstartdate"></a>`startDate` **{warning-solid}** | [`Time`](#time) | **Deprecated** in 13.5. Use timeframe.start. |
| <a id="groupepicsstate"></a>`state` | [`EpicState`](#epicstate) | Filter epics by state. |
| <a id="groupepicstimeframe"></a>`timeframe` | [`Timeframe`](#timeframe) | List items overlapping the given timeframe. |
| <a id="groupepicstoplevelhierarchyonly"></a>`topLevelHierarchyOnly` | [`Boolean`](#boolean) | Filter epics with a top-level hierarchy. |
| <a id="groupepicsupdatedafter"></a>`updatedAfter` | [`Time`](#time) | Epics updated after this date. |
| <a id="groupepicsupdatedbefore"></a>`updatedBefore` | [`Time`](#time) | Epics updated before this date. |

2
doc/ci/jobs/index.md
View File

@ -328,7 +328,7 @@ job1:
- echo -e "\e[0Ksection_end:`date +%s`:my_first_section\r\e[0K"
```
Depending on the shell that your runner uses, for example if it is using ZSH, you may need to
Depending on the shell that your runner uses, for example if it is using Zsh, you may need to
escape the special characters like so: `\\e` and `\\r`.
In the example above:

11
doc/development/audit_event_guide/index.md
View File

@ -14,6 +14,17 @@ new audit events.
Audit Events are a tool for GitLab owners and administrators to view records of important
actions performed across the application.
## What should NOT be Audit Events?
While any events could trigger an Audit Event, not all events should. In general, events that are not good candidates for audit events are:
- Not attributable to one specific user.
- Not of specific interest to an admin or owner persona.
- Are tracking information for product feature adoption.
- Are covered in the direction page's discussion on [what is not planned](https://about.gitlab.com/direction/manage/compliance/audit-events/#what-is-not-planned-right-now).
If you have any questions, please reach out to `@gitlab-org/manage/compliance` to see if an Audit Event, or some other approach, may be best for your event.
## Audit Event Schemas
To instrument an audit event, the following attributes should be provided:

22
doc/development/cicd/pipeline_wizard.md
View File

@ -31,7 +31,7 @@ consists of 2-3 steps, for a total of 3-4 steps visible to the user.
<script>
import PipelineWizard from '~/pipeline_wizard/pipeline_wizard.vue'
import template from '~/pipeline_wizard/templates/my_template.yml';
export default {
name: "MyComponent",
components: { PipelineWizard },
@ -73,7 +73,7 @@ steps:
required: true
pattern: "^(?:(?=[^:\/]{1,253})(?!-)[a-zA-Z0-9-]{1,63}(?<!-)(?:\.(?!-)[a-zA-Z0-9-]{1,63}(?<!-))*(?::[0-9]{1,5})?\/)?((?![._-])(?:[a-z0-9._-]*)(?<![._-])(?:\/(?![._-])[a-z0-9._-]*(?<![._-]))*)(?::(?![.-])[a-zA-Z0-9_.-]{1,128})?$"
invalid-feedback: Please enter a valid docker image
# Second input widget
- label: Installation Steps
description: "Enter the steps that need to run to set up a local build
@ -90,11 +90,11 @@ steps:
image: $BUILD_IMAGE
before_script: $INSTALLATION_STEPS
artifacts:
paths:
- foo
# Step 2
- inputs:
# This is the only input widget for this step
@ -104,7 +104,7 @@ steps:
placeholder: npm ci
widget: list
target: $INSTALLATION_STEPS
template:
# Functions that should be executed before the build script runs
before_script: $INSTALLATION_STEPS
@ -127,13 +127,13 @@ is planned to add the ability to create a MR from here.
### Props
- `template` (required): The template content as an unparsed String. See
- `template` (required): The template content as an unparsed String. See
[Template file location](#template-file-location) for more information.
- `project-path` (required): The full path of the project the final file
- `project-path` (required): The full path of the project the final file
should be committed to
- `default-branch` (required): The branch that will be pre-selected during
- `default-branch` (required): The branch that will be pre-selected during
the commit step. This can be changed by the user.
- `default-filename` (optional, default: `.gitlab-ci.yml`): The Filename
- `default-filename` (optional, default: `.gitlab-ci.yml`): The Filename
to be used for the file. This can be overridden in the template file.
### Events
@ -181,12 +181,12 @@ Each step can contain one or more `inputs`. For an ideal user experience, it sho
contain more than three.
The look and feel of the input, as well as the YAML type it produces (string, list, and so on)
depends on the [`widget`](#widgets) used. [`widget: text`](#text) displays a
depends on the [`widget`](#widgets) used. [`widget: text`](#text) displays a
text input
and inserts the user's input as a string into the template. [`widget: list`](#list)
displays one or more input fields and inserts a list.
All `inputs` must have a `label`, `widget`, and optionally `target`, but
All `inputs` must have a `label`, `widget`, and optionally `target`, but
most properties
are dependent on the widget being used:

2
doc/development/code_review.md
View File

@ -90,7 +90,7 @@ page, with these behaviors:
1. People whose [GitLab status](../user/profile/index.md#set-your-current-status) emoji
is 🔶 `:large_orange_diamond:` or 🔸 `:small_orange_diamond:` are half as likely to be picked.
1. It always picks the same reviewers and maintainers for the same
branch name (unless their out-of-office (OOO) status changes, as in point 1). It
branch name (unless their out-of-office (`OOO`) status changes, as in point 1). It
removes leading `ce-` and `ee-`, and trailing `-ce` and `-ee`, so
that it can be stable for backport branches.

2
doc/development/database/avoiding_downtime_in_migrations.md
View File

@ -175,7 +175,7 @@ copying over indexes and foreign keys.
If a column contains one or more indexes that don't contain the name of the
original column, the previously described procedure will fail. In that case,
you'll first need to rename these indexes.
you need to rename these indexes.
### Step 2: Add A Post-Deployment Migration

5
doc/development/go_guide/index.md
View File

@ -406,9 +406,8 @@ variable).
Since daemons are long-running applications, they should have mechanisms to
manage cancellations, and avoid unnecessary resources consumption (which could
lead to DDOS vulnerabilities). [Go
Context](https://github.com/golang/go/wiki/CodeReviewComments#contexts) should
be used in functions that can block and passed as the first parameter.
lead to DDoS vulnerabilities). [Go Context](https://github.com/golang/go/wiki/CodeReviewComments#contexts)
should be used in functions that can block and passed as the first parameter.
## Dockerfiles

2
doc/development/internal_api/index.md
View File

@ -763,7 +763,7 @@ Example response:
### Moving additional packs
Use a PATCH to move additional packs from one namespace to another.
Use a `PATCH` to move additional packs from one namespace to another.
```plaintext
PATCH /namespaces/:id/minutes/move/:target_id

2
doc/gitlab-basics/start-using-git.md
View File

@ -34,7 +34,7 @@ prompt, command shell, and command line). Here are some options:
- For macOS users:
- Built-in [Terminal](https://blog.teamtreehouse.com/introduction-to-the-mac-os-x-command-line). Press <kbd>⌘ command</kbd> + <kbd>space</kbd> and type `terminal`.
- [iTerm2](https://iterm2.com/). You can integrate it with [zsh](https://git-scm.com/book/id/v2/Appendix-A%3A-Git-in-Other-Environments-Git-in-Zsh) and [oh my zsh](https://ohmyz.sh/) for color highlighting and other advanced features.
- [iTerm2](https://iterm2.com/). You can integrate it with [Zsh](https://git-scm.com/book/id/v2/Appendix-A%3A-Git-in-Other-Environments-Git-in-Zsh) and [Oh My Zsh](https://ohmyz.sh/) for color highlighting and other advanced features.
- For Windows users:
- Built-in command line. On the Windows taskbar, select the search icon and type `cmd`.
- [PowerShell](https://docs.microsoft.com/en-us/powershell/scripting/windows-powershell/install/installing-windows-powershell?view=powershell-7).

2
doc/install/azure/index.md
View File

@ -15,7 +15,7 @@ Enterprise Edition in a single Virtual Machine (VM).
## Prerequisite
You'll need an account on Azure. Use of the following methods to obtain an account:
You need an account on Azure. Use of the following methods to obtain an account:
- If you or your company already have an account with a subscription, use that account.
If not, you can [open your own Azure account for free](https://azure.microsoft.com/en-us/free/).

2
doc/integration/kerberos.md
View File

@ -386,7 +386,7 @@ above error message.
To fix this, ensure that the forward and reverse DNS for your GitLab server
match. So for instance, if you access GitLab as `gitlab.example.com`, resolving
to IP address `1.2.3.4`, then `4.3.2.1.in-addr.arpa` must be a PTR record for
to IP address `1.2.3.4`, then `4.3.2.1.in-addr.arpa` must be a `PTR` record for
`gitlab.example.com`.
Finally, it's possible that the browser or client machine lack Kerberos support

2
doc/integration/mattermost/index.md
View File

@ -240,7 +240,7 @@ cd /opt/gitlab/embedded/service/mattermost
sudo /opt/gitlab/embedded/bin/chpst -e /opt/gitlab/etc/mattermost/env -P -U mattermost:mattermost -u mattermost:mattermost /opt/gitlab/embedded/bin/mattermost --config=/var/opt/gitlab/mattermost/config.json version
```
Until [#4745](https://gitlab.com/gitlab-org/omnibus-gitlab/-/issues/4745) has been implemented, the command requires quite of bit typing and is hard to remember, so let's make a bash/zsh alias to make it a bit easier to remember. Add the following to your `~/.bashrc` or `~/.zshrc` file:
Until [#4745](https://gitlab.com/gitlab-org/omnibus-gitlab/-/issues/4745) has been implemented, the command requires quite of bit typing and is hard to remember, so let's make a bash or Zsh alias to make it a bit easier to remember. Add the following to your `~/.bashrc` or `~/.zshrc` file:
```shell
alias mattermost-cli="cd /opt/gitlab/embedded/service/mattermost && sudo /opt/gitlab/embedded/bin/chpst -e /opt/gitlab/etc/mattermost/env -P -U mattermost:mattermost -u mattermost:mattermost /opt/gitlab/embedded/bin/mattermost --config=/var/opt/gitlab/mattermost/config.json $1"

2
doc/topics/git/git_rebase.md
View File

@ -180,7 +180,7 @@ the operation you want to perform in each commit. To do so, edit
the commits in your terminal's text editor.
For example, with [Vim](https://www.vim.org/) as the text editor in
a macOS's `ZSH` shell, you can `squash` or `fixup` (combine) all three commits:
a macOS's Zsh shell, you can `squash` or `fixup` (combine) all three commits:
<!-- vale gitlab.FirstPerson = NO -->

2
doc/topics/git/partial_clone.md
View File

@ -160,7 +160,7 @@ For more details, see the Git documentation for
```
WARNING:
Git integrations with `bash`, `zsh`, etc and editors that automatically
Git integrations with `bash`, Zsh, etc and editors that automatically
show Git status information often run `git fetch` which fetches the
entire repository. Disabling or reconfiguring these integrations might be required.

6
doc/user/asciidoc.md
View File

@ -381,9 +381,9 @@ comment - content which is not included in the output document
It's possible to have color written in `HEX`, `RGB`, or `HSL` format rendered with a color indicator.
Supported formats (named colors are not supported):
- HEX: `` `#RGB[A]` `` or `` `#RRGGBB[AA]` ``
- RGB: `` `RGB[A](R, G, B[, A])` ``
- HSL: `` `HSL[A](H, S, L[, A])` ``
- `HEX`: `` `#RGB[A]` `` or `` `#RRGGBB[AA]` ``
- `RGB`: `` `RGB[A](R, G, B[, A])` ``
- `HSL`: `` `HSL[A](H, S, L[, A])` ``
Color written inside backticks is followed by a color "chip":

2
doc/user/project/settings/project_access_tokens.md
View File

@ -102,7 +102,7 @@ These bot users do not count as licensed seats.
The bot users for projects have [permissions](../../permissions.md#project-members-permissions) that correspond with the
selected role and [scope](#scopes-for-a-project-access-token) of the project access token.
**Note** Project maintainers cannot select Owner role for bot users.
**Note** Project maintainers cannot select Owner role for bot users.
- The name is set to the name of the token.
- The username is set to `project_{project_id}_bot` for the first access token. For example, `project_123_bot`.

2
doc/user/search/index.md
View File

@ -170,7 +170,7 @@ You can filter the **Issues** list to individual instances by their ID. For exam
> Moved to GitLab Premium in 13.9.
To filter merge requests by an individual eligible approver ([Codeowner](../project/code_owners.md)), you can type (or select from
To filter merge requests by an individual eligible approver ([Code owner](../project/code_owners.md)), you can type (or select from
the dropdown list) **Approver** and select the user.
![Filter MRs by an approver](img/filter_approver_merge_requests_v14_6.png)

6
qa/qa/page/merge_request/show.rb
View File

@ -19,6 +19,10 @@ module QA
element :review_bar_content
end
view 'app/assets/javascripts/batch_comments/components/draft_note.vue' do
element :draft_note_content
end
view 'app/assets/javascripts/diffs/components/compare_dropdown_layout.vue' do
element :dropdown_content
end
@ -150,6 +154,8 @@ module QA
has_element?(:submit_review_button)
within_element(:review_bar_content) do
click_element(:review_preview_dropdown)
end
within_element(:draft_note_content) do
click_element(:submit_review_button)
end
# After clicking the button, wait for it to disappear

176
qa/qa/specs/features/api/1_manage/user_inherited_access_spec.rb Normal file
View File

@ -0,0 +1,176 @@
# frozen_string_literal: true
module QA
RSpec.describe 'Manage' do
describe 'User', :requires_admin do
let(:admin_api_client) { Runtime::API::Client.as_admin }
let!(:sub_group) do
QA::Resource::Group.fabricate_via_api! do |group|
group.path = "sub-group-to-test-user-access-#{SecureRandom.hex(8)}"
end
end
context 'when added to parent group' do
let!(:parent_group_user) do
Resource::User.fabricate_via_api! do |user|
user.api_client = admin_api_client
end
end
let!(:parent_group_user_api_client) do
Runtime::API::Client.new(:gitlab, user: parent_group_user)
end
let!(:sub_group_project) do
Resource::Project.fabricate_via_api! do |project|
project.group = sub_group
project.name = "sub-group-project-to-test-user-access"
project.initialize_with_readme = true
end
end
before do
sub_group.sandbox.add_member(parent_group_user)
end
it(
'is allowed to push code to sub-group project via the CLI',
testcase: 'https://gitlab.com/gitlab-org/gitlab/-/quality/test_cases/363345'
) do
expect do
Resource::Repository::Push.fabricate! do |push|
push.repository_http_uri = sub_group_project.repository_http_location.uri
push.file_name = 'test.txt'
push.file_content = "# This is a test project named #{sub_group_project.name}"
push.commit_message = 'Add test.txt'
push.branch_name = "new_branch_#{SecureRandom.hex(8)}"
push.user = parent_group_user
end
end.not_to raise_error
end
it(
'is allowed to create a file in sub-group project via the API',
testcase: 'https://gitlab.com/gitlab-org/gitlab/-/quality/test_cases/363348'
) do
expect do
Resource::File.fabricate_via_api! do |file|
file.api_client = parent_group_user_api_client
file.project = sub_group_project
file.branch = "new_branch_#{SecureRandom.hex(8)}"
file.commit_message = 'Add new file'
file.name = 'test.txt'
file.content = "New file"
end
end.not_to raise_error
end
it(
'is allowed to commit to sub-group project via the API',
testcase: 'https://gitlab.com/gitlab-org/gitlab/-/quality/test_cases/363349'
) do
expect do
Resource::Repository::Commit.fabricate_via_api! do |commit|
commit.api_client = parent_group_user_api_client
commit.project = sub_group_project
commit.branch = "new_branch_#{SecureRandom.hex(8)}"
commit.start_branch = sub_group_project.default_branch
commit.commit_message = 'Add new file'
commit.add_files([
{ file_path: 'test.txt', content: 'new file' }
])
end
end.not_to raise_error
end
after do
parent_group_user.remove_via_api!
sub_group_project.remove_via_api!
sub_group.remove_via_api!
end
end
context 'when added to sub-group' do
let!(:parent_group_project) do
Resource::Project.fabricate_via_api! do |project|
project.group = sub_group.sandbox
project.name = "sub-group-project-to-test-user-access"
project.initialize_with_readme = true
end
end
let!(:sub_group_user) do
Resource::User.fabricate_via_api! do |user|
user.api_client = admin_api_client
end
end
let!(:sub_group_user_api_client) do
Runtime::API::Client.new(:gitlab, user: sub_group_user)
end
before do
sub_group.add_member(sub_group_user)
end
it(
'is not allowed to push code to parent group project via the CLI',
testcase: 'https://gitlab.com/gitlab-org/gitlab/-/quality/test_cases/363344'
) do
expect do
Resource::Repository::Push.fabricate! do |push|
push.repository_http_uri = parent_group_project.repository_http_location.uri
push.file_name = 'test.txt'
push.file_content = "# This is a test project named #{parent_group_project.name}"
push.commit_message = 'Add test.txt'
push.branch_name = "new_branch_#{SecureRandom.hex(8)}"
push.user = sub_group_user
end
end.to raise_error(QA::Support::Run::CommandError, /You are not allowed to push code to this project/)
end
it(
'is not allowed to create a file in parent group project via the API',
testcase: 'https://gitlab.com/gitlab-org/gitlab/-/quality/test_cases/363343'
) do
expect do
Resource::File.fabricate_via_api! do |file|
file.api_client = sub_group_user_api_client
file.project = parent_group_project
file.branch = "new_branch_#{SecureRandom.hex(8)}"
file.commit_message = 'Add new file'
file.name = 'test.txt'
file.content = "New file"
end
end.to raise_error(Resource::ApiFabricator::ResourceFabricationFailedError, /403 Forbidden/)
end
it(
'is not allowed to commit to parent group project via the API',
testcase: 'https://gitlab.com/gitlab-org/gitlab/-/quality/test_cases/363342'
) do
expect do
Resource::Repository::Commit.fabricate_via_api! do |commit|
commit.api_client = sub_group_user_api_client
commit.project = parent_group_project
commit.branch = "new_branch_#{SecureRandom.hex(8)}"
commit.start_branch = parent_group_project.default_branch
commit.commit_message = 'Add new file'
commit.add_files([
{ file_path: 'test.txt', content: 'new file' }
])
end
end.to raise_error(Resource::ApiFabricator::ResourceFabricationFailedError,
/403 Forbidden - You are not allowed to push into this branch/)
end
after do
sub_group_user.remove_via_api!
parent_group_project.remove_via_api!
sub_group.remove_via_api!
end
end
end
end
end

109
qa/qa/specs/features/browser_ui/1_manage/user/user_inherited_access_spec.rb Normal file
View File

@ -0,0 +1,109 @@
# frozen_string_literal: true
module QA
RSpec.describe 'Manage' do
describe 'User', :requires_admin do
let(:admin_api_client) { Runtime::API::Client.as_admin }
let!(:sub_group) do
QA::Resource::Group.fabricate_via_api! do |group|
group.path = "sub-group-to-test-user-access-#{SecureRandom.hex(8)}"
end
end
context 'when added to parent group' do
let!(:parent_group_user) do
Resource::User.fabricate_via_api! do |user|
user.api_client = admin_api_client
end
end
let!(:parent_group_user_api_client) do
Runtime::API::Client.new(:gitlab, user: parent_group_user)
end
let!(:sub_group_project) do
Resource::Project.fabricate_via_api! do |project|
project.group = sub_group
project.name = "sub-group-project-to-test-user-access"
project.initialize_with_readme = true
end
end
before do
sub_group.sandbox.add_member(parent_group_user)
end
it(
'is allowed to edit the sub-group project files',
testcase: 'https://gitlab.com/gitlab-org/gitlab/-/quality/test_cases/363467'
) do
Flow::Login.sign_in(as: parent_group_user)
sub_group_project.visit!
Page::Project::Show.perform do |project|
project.click_file('README.md')
end
Page::File::Show.perform(&:click_edit)
Page::File::Form.perform do |file_form|
expect(file_form).to have_element(:commit_button)
end
end
after do
parent_group_user.remove_via_api!
sub_group_project.remove_via_api!
sub_group.remove_via_api!
end
end
context 'when added to sub-group' do
let!(:parent_group_project) do
Resource::Project.fabricate_via_api! do |project|
project.group = sub_group.sandbox
project.name = "sub-group-project-to-test-user-access"
project.initialize_with_readme = true
end
end
let!(:sub_group_user) do
Resource::User.fabricate_via_api! do |user|
user.api_client = admin_api_client
end
end
let!(:sub_group_user_api_client) do
Runtime::API::Client.new(:gitlab, user: sub_group_user)
end
before do
sub_group.add_member(sub_group_user)
end
it(
'is not allowed to edit the parent group project files',
testcase: 'https://gitlab.com/gitlab-org/gitlab/-/quality/test_cases/363466'
) do
Flow::Login.sign_in(as: sub_group_user)
parent_group_project.visit!
Page::Project::Show.perform do |project|
project.click_file('README.md')
end
Page::File::Show.perform(&:click_edit)
expect(page).to have_text("You cant edit files directly in this project.")
end
after do
sub_group_user.remove_via_api!
parent_group_project.remove_via_api!
sub_group.remove_via_api!
end
end
end
end
end