Add latest changes from gitlab-org/gitlab@master

2022-04-04 21:08:45 +00:00 · 2022-04-04 21:08:45 +00:00 · 4067f40b62
parent 6d05fbc478
commit 4067f40b62
7 changed files with 49 additions and 19 deletions
--- a/app/assets/stylesheets/page_bundles/milestone.scss
+++ b/app/assets/stylesheets/page_bundles/milestone.scss
@ -7,21 +7,7 @@ $status-box-line-height: 26px;
 }

 .milestones {
-  padding: $gl-padding-8;
-  margin-top: $gl-padding-8;
-  border-radius: $border-radius-default;
-  background-color: var(--gray-100, $gray-100);
-
  .milestone {
-    border: 0;
-    padding: $gl-padding-top $gl-padding;
-    border-radius: $border-radius-default;
-    background-color: var(--white, $white);
-
-    &:not(:last-child) {
-      margin-bottom: $gl-padding-4;
-    }
-
    h4 {
      font-weight: $gl-font-weight-bold;
    }
--- a/app/views/admin/application_settings/repository.html.haml
+++ b/app/views/admin/application_settings/repository.html.haml
@ -21,7 +21,7 @@
      = expanded_by_default? ? 'Collapse' : 'Expand'
    %p
      = _('Configure repository mirroring.')
-      = link_to s_('Learn more.'), help_page_path('user/project/repository/repository_mirroring.md'), target: '_blank', rel: 'noopener noreferrer'
+      = link_to s_('Learn more.'), help_page_path('user/project/repository/mirror/index.md'), target: '_blank', rel: 'noopener noreferrer'
  .settings-content
    = render partial: 'repository_mirrors_form'

--- a/doc/user/application_security/index.md
+++ b/doc/user/application_security/index.md
@ -474,6 +474,7 @@ GitLab provides two methods of accomplishing this, each with advantages and disa
 - [Compliance framework pipelines](../project/settings/#compliance-pipeline-configuration)
  are recommended when:

+  - Scan execution enforcement is required for SAST or Secret Detection scans that use custom rulesets.
  - Scan execution enforcement is required for SAST IaC, Dependency Scanning,
    License Compliance, API Fuzzing, or Coverage-guided Fuzzing.
  - Scan execution enforcement is required for scanners external to GitLab.
@ -482,9 +483,18 @@ GitLab provides two methods of accomplishing this, each with advantages and disa
 - [Scan execution policies](policies/scan-execution-policies.md)
  are recommended when:

-  - Scan execution enforcement is required for DAST, SAST, Secret Detection, or Container Scanning.
+  - Scan execution enforcement is required for DAST.
+  - Scan execution enforcement is required for Container Scanning with project-specific variable
+    customizations. To accomplish this, users must create a separate security policy per project.
  - Scans are required to run on a regular, scheduled cadence.

+- Either solution can be used equally well when:
+
+  - Scan execution enforcement is required for SAST or Secret Detection when custom rulesets are not
+    used.
+  - Scan execution enforcement is required for Container Scanning with no project-specific variable
+    customizations.
+
 Additional details about the differences between the two solutions are outlined below:

 | | Compliance Framework Pipelines | Scan Execution Policies |
--- a/doc/user/application_security/policies/scan-result-policies.md
+++ b/doc/user/application_security/policies/scan-result-policies.md
@ -65,7 +65,7 @@ This rule enforces the defined actions based on the information provided.
 | `scanners`  | `array` of `string` | `sast`, `secret_detection`, `dependency_scanning`, `container_scanning`, `dast`, `coverage_fuzzing`, `api_fuzzing` | The security scanners for this rule to consider. |
 | `vulnerabilities_allowed`  | `integer` | Greater than or equal to zero | Number of vulnerabilities allowed before this rule is considered. |
 | `severity_levels`  | `array` of `string` | `info`, `unknown`, `low`, `medium`, `high`, `critical`| The severity levels for this rule to consider. |
-| `vulnerability_states`  | `array` of `string` | `newly_detected`, `detected`, `confirmed`, `resolved`, `dismissed` | The vulnerability states for this rule to consider when the target branch is set to the default branch. |
+| `vulnerability_states`  | `array` of `string` | `newly_detected`, `detected`, `confirmed`, `resolved`, `dismissed` | The vulnerability states for this rule to consider when the target branch is set to the default branch. The `newly_detected` state considers all newly detected vulnerabilities regardless of their status or dismissal. The other states consider findings that match the selected state and already exist in the default branch. |

 ## `require_approval` action type

--- a/doc/user/project/code_intelligence.md
+++ b/doc/user/project/code_intelligence.md
@ -48,8 +48,8 @@ After the job succeeds, code intelligence data can be viewed while browsing the

 ## Find references

-> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/217392) in GitLab 13.2.
-> - [Feature flag removed](https://gitlab.com/gitlab-org/gitlab/-/issues/235735) in GitLab 13.4.
+> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/217392) in GitLab 13.2 [with a flag](../../administration/feature_flags.md) named `code_navigation_references`. Disabled by default.
+> - [Enabled on GitLab.com and self-managed](https://gitlab.com/gitlab-org/gitlab/-/issues/225621) in GitLab 13.3. Feature flag `code_navigation_references` removed.

 To find where a particular object is being used, you can see links to specific lines of code
 under the **References** tab:
--- a/lib/gitlab/background_migration/batching_strategies/primary_key_batching_strategy.rb
+++ b/lib/gitlab/background_migration/batching_strategies/primary_key_batching_strategy.rb
@ -23,6 +23,7 @@ module Gitlab

          quoted_column_name = model_class.connection.quote_column_name(column_name)
          relation = model_class.where("#{quoted_column_name} >= ?", batch_min_value)
+          relation = apply_additional_filters(relation)
          next_batch_bounds = nil

          relation.each_batch(of: batch_size, column: column_name) do |batch| # rubocop:disable Lint/UnreachableLoop
@ -33,6 +34,20 @@ module Gitlab

          next_batch_bounds
        end
+
+        # Strategies based on PrimaryKeyBatchingStrategy can use
+        # this method to easily apply additional filters.
+        #
+        # Example:
+        #
+        #   class TypeIsNotNull < PrimaryKeyBatchingStrategy
+        #     def apply_additional_filters(relation)
+        #       relation.where.not(type: nil)
+        #     end
+        #   end
+        def apply_additional_filters(relation)
+          relation
+        end
      end
    end
  end
--- a/spec/lib/gitlab/background_migration/batching_strategies/primary_key_batching_strategy_spec.rb
+++ b/spec/lib/gitlab/background_migration/batching_strategies/primary_key_batching_strategy_spec.rb
@ -44,4 +44,23 @@ RSpec.describe Gitlab::BackgroundMigration::BatchingStrategies::PrimaryKeyBatchi
      expect(batch_bounds).to be_nil
    end
  end
+
+  context 'additional filters' do
+    let(:strategy_with_filters) do
+      Class.new(described_class) do
+        def apply_additional_filters(relation)
+          relation.where.not(type: 'Project')
+        end
+      end
+    end
+
+    let(:batching_strategy) { strategy_with_filters.new(connection: ActiveRecord::Base.connection) }
+    let!(:namespace5) { namespaces.create!(name: 'batchtest5', path: 'batch-test5', type: 'Project') }
+
+    it 'applies additional filters' do
+      batch_bounds = batching_strategy.next_batch(:namespaces, :id, batch_min_value: namespace4.id, batch_size: 3, job_arguments: nil)
+
+      expect(batch_bounds).to eq([namespace4.id, namespace4.id])
+    end
+  end
 end