Add latest changes from gitlab-org/gitlab@master

.gitlab/ci/global.gitlab-ci.yml

@@ -30,7 +30,7 @@
     policy: pull
 
 .use-pg9:
-  image: "registry.gitlab.com/gitlab-org/gitlab-build-images:ruby-2.6.5-golang-1.12-git-2.24-lfs-2.9-chrome-73.0-node-12.x-yarn-1.21-postgresql-9.6-graphicsmagick-1.3.34"
+  image: "registry.gitlab.com/gitlab-org/gitlab-build-images:ruby-2.6.5-golang-1.14-git-2.24-lfs-2.9-chrome-73.0-node-12.x-yarn-1.21-postgresql-9.6-graphicsmagick-1.3.34"
   services:
     - name: postgres:9.6.17
       command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"]
@@ -63,7 +63,7 @@
     key: "debian-stretch-ruby-2.6.5-pg11-node-12.x"
 
 .use-pg9-ee:
-  image: "registry.gitlab.com/gitlab-org/gitlab-build-images:ruby-2.6.5-golang-1.12-git-2.24-lfs-2.9-chrome-73.0-node-12.x-yarn-1.21-postgresql-9.6-graphicsmagick-1.3.34"
+  image: "registry.gitlab.com/gitlab-org/gitlab-build-images:ruby-2.6.5-golang-1.14-git-2.24-lfs-2.9-chrome-73.0-node-12.x-yarn-1.21-postgresql-9.6-graphicsmagick-1.3.34"
   services:
     - name: postgres:9.6.17
       command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"]

app/models/concerns/spammable.rb

@@ -37,15 +37,23 @@ module Spammable
     end
   end
 
-  def invalidate_if_spam
-    error_msg = if Gitlab::Recaptcha.enabled?
-                  "Your #{spammable_entity_type} has been recognized as spam. "\
-                  "Please, change the content or solve the reCAPTCHA to proceed."
-                else
-                  "Your #{spammable_entity_type} has been recognized as spam and has been discarded."
-                end
+  def needs_recaptcha!
+    self.errors.add(:base, "Your #{spammable_entity_type} has been recognized as spam. "\
+                  "Please, change the content or solve the reCAPTCHA to proceed.")
+  end
 
-    self.errors.add(:base, error_msg) if spam?
+  def unrecoverable_spam_error!
+    self.errors.add(:base, "Your #{spammable_entity_type} has been recognized as spam and has been discarded.")
+  end
+
+  def invalidate_if_spam
+    return unless spam?
+
+    if Gitlab::Recaptcha.enabled?
+      needs_recaptcha!
+    else
+      unrecoverable_spam_error!
+    end
   end
 
   def spammable_entity_type

app/views/shared/issuable/form/_branch_chooser.html.haml

@@ -12,7 +12,7 @@
       = _('From <code>%{source_title}</code> into').html_safe % { source_title: source_title }
 
     - if issuable.new_record?
-      %code= target_title
+      %code#js-target-branch-title= target_title
       &nbsp;
       = link_to _('Change branches'), mr_change_branches_path(issuable)
     - elsif issuable.for_fork?

changelogs/unreleased/213367-snippet-update-error-when-version-feature-flag-disabled.yml

@@ -0,0 +1,5 @@
+---
+title: Resolve Snippet update error with version flag disabled
+merge_request: 28815
+author:
+type: fixed

changelogs/unreleased/approval-by-me-icon.yml

@@ -0,0 +1,5 @@
+---
+title: Use different approval icon if current user approved
+merge_request: 28290
+author: Steffen Köhler
+type: changed

changelogs/unreleased/sh-flatten-sidekiq-exception-logs.yml

@@ -0,0 +1,5 @@
+---
+title: Stringify Sidekiq job args in exception logs
+merge_request: 28996
+author:
+type: fixed

doc/.vale/gitlab/Spelling.yml

@@ -0,0 +1,14 @@
+# Checks for possible spelling mistakes in content, not code. May find false positives
+# due to links using angle brackets: <https://example.com>. These can be ignored.
+#
+# If a word is flagged as a spelling mistake incorrectly, such as a product name,
+# you can submit an MR to update `spelling-exceptions.txt` with the missing word.
+# Commands, like `git clone` must use backticks, and must not be added to the
+# exceptions.
+#
+# For a list of all options, see https://errata-ai.github.io/vale/styles/
+extends: spelling
+message: 'Spelling check: "%s"?'
+level: warning
+ignore:
+  - gitlab/spelling-exceptions.txt

doc/.vale/gitlab/spelling-exceptions.txt

@@ -0,0 +1,387 @@
+Akismet
+Alertmanager
+Algolia
+Ansible
+API
+approvers
+Artifactory
+Asana
+Asciidoctor
+Atlassian
+Auth0
+Authentiq
+autocomplete
+autocompleted
+autocompletes
+autocompleting
+autogenerated
+autoloaded
+autoloader
+autoloading
+autoscale
+autoscaled
+autoscaler
+autoscales
+autoscaling
+awardable
+Azure
+backport
+backported
+backporting
+backports
+backtrace
+backtraced
+backtraces
+backtracing
+Bamboo
+Bitbucket
+blockquote
+blockquoted
+blockquotes
+blockquoting
+boolean
+browsable
+Bugzilla
+Buildkite
+buildpack
+buildpacks
+bundler
+bundlers
+burndown
+cacheable
+CAS
+CentOS
+Chatops
+Citrix
+Cloudwatch
+Cognito
+colocated
+colocating
+compilable
+composable
+Conda
+Consul
+cron
+crons
+crontab
+crontabs
+crosslinked
+crosslinking
+crosslinks
+Crossplane
+CrowdIn
+Debian
+deduplicate
+deduplicated
+deduplicates
+deduplicating
+deduplication
+deprovision
+deprovisioned
+deprovisioning
+deprovisions
+discoverability
+Disqus
+Dockerfile
+Dockerfiles
+downvoted
+downvotes
+Dpl
+Elasticsearch
+enablement
+enqueued
+expirable
+Facebook
+failover
+failovers
+failsafe
+favicon
+firewalled
+Flowdock
+Fluentd
+Forgerock
+Gantt
+Gemnasium
+Git
+Gitaly
+Gitea
+GitHub
+GitLab
+gitlabsos
+Gitter
+Gmail
+Google
+Gradle
+Grafana
+gravatar
+hardcode
+hardcoded
+hardcodes
+Helm
+HipChat
+hostname
+hostnames
+hotfix
+hotfixed
+hotfixes
+hotfixing
+http
+https
+Ingress
+initializer
+initializers
+interdependencies
+interdependency
+Irker
+jasmine-jquery
+JavaScript
+Jaeger
+Jenkins
+Jira
+jQuery
+JupyterHub
+kanban
+kanbans
+Karma
+Kerberos
+Kibana
+Knative
+Kramdown
+Kubernetes
+Laravel
+LDAP
+Libravatar
+Lograge
+lookahead
+lookaheads
+lookbehind
+lookbehinds
+lookups
+Lucene
+Maildir
+Makefile
+Makefiles
+Markdown
+markdownlint
+Mattermost
+mbox
+mergeable
+Microsoft
+middleware
+middlewares
+MinIO
+mitmproxy
+misconfigure
+misconfigured
+misconfigures
+misconfiguration
+misconfigurations
+misconfiguring
+mitigations
+mockup
+mockups
+nameserver
+nameservers
+namespace
+namespaced
+namespaces
+Nanoc
+NGINX
+OAuth
+Okta
+offboarded
+offboarding
+offboards
+OmniAuth
+OpenID
+OpenShift
+Packagist
+parallelization
+parallelizations
+performant
+Piwik
+PgBouncer
+plaintext
+PostgreSQL
+preconfigure
+preconfigured
+preconfigures
+prefill
+prefilled
+prefilling
+prefills
+prepend
+prepended
+prepends
+Pritaly
+profiler
+Prometheus
+proxied
+proxies
+proxying
+Pseudonymized
+Pseudonymizer
+Puma
+Python
+Qualys
+Rackspace
+Raketask
+Raketasks
+rebase
+rebased
+rebases
+rebasing
+Redis
+Redmine
+reCAPTCHA
+referer
+referers
+reindex
+reindexed
+reindexes
+reindexing
+relicensing
+Repmgr
+Repmgrd
+requeue
+requeued
+requeues
+reusability
+resynced
+resyncing
+resyncs
+rollout
+rollouts
+rsync
+rsynced
+rsyncing
+rsyncs
+resync
+reverified
+reverifies
+reverify
+runbook
+runbooks
+runit
+runtime
+runtimes
+Salesforce
+SAML
+Sendmail
+Sentry
+serverless
+Sidekiq
+sharding
+Shibboleth
+sanitization
+serializer
+serializers
+serializing
+Slack
+Slony
+SMTP
+Sourcegraph
+Splunk
+SSH
+storable
+strace
+subfolder
+subfolders
+sublicense
+sublicensed
+sublicenses
+sublicensing
+subnet
+subnets
+subnetting
+subtree
+subtrees
+subqueried
+subqueries
+subquery
+subquerying
+syslog
+Tiller
+todos
+tokenizer
+Tokenizers
+tokenizing
+toolchain
+toolchains
+tooltip
+tooltips
+Trello
+triaging
+TypeScript
+Twitter
+Ubuntu
+unarchive
+unarchived
+unarchives
+Unassign
+Unassigns
+uncheck
+unchecked
+unchecking
+unchecks
+uncomment
+uncommented
+unencrypted
+Unicorn
+unindexed
+unlink
+unlinking
+unlinks
+unmergeable
+unmerged
+unmerges
+unmerging
+unoptimize
+unoptimized
+unoptimizes
+unoptimizing
+unprotect
+unprotects
+unprotected
+unpublish
+unpublished
+unpublishes
+unreferenced
+unresolve
+unresolved
+unresolving
+unstage
+unstaged
+unstages
+unstaging
+untracked
+untrusted
+unverified
+unverifies
+unverify
+unverifying
+uploader
+uploaders
+upvoted
+upvotes
+validator
+validators
+vendored
+virtualized
+virtualizing
+Vue
+Vuex
+walkthrough
+walkthroughs
+WebdriverIO
+webpack
+webserver
+whitepaper
+whitepapers
+Wireshark
+Wordpress
+Xcode
+Xeon
+YouTrack
+Zeitwerk
+Zendesk

doc/ci/caching/index.md

@@ -329,6 +329,30 @@ rspec:
   - rspec spec
 ```
 
+### Caching Go dependencies
+
+Assuming your project is using [Go Modules](https://github.com/golang/go/wiki/Modules) to install
+Go dependencies, the following example defines `cache` in a `go-cache` template, that
+any job can extend. Go modules are installed in `${GOPATH}/pkg/mod/` and
+are cached for all of the `go` projects:
+
+```yaml
+.go-cache:
+  variables:
+    GOPATH: $CI_PROJECT_DIR/.go
+  before_script:
+    - mkdir -p .go
+  cache:
+    paths:
+      - .go/pkg/mod/
+
+test:
+  image: golang:1.13
+  extends: .go-cache
+  script:
+  - go test ./... -v -short
+```
+
 ## Availability of the cache
 
 Caching is an optimization, but isn't guaranteed to always work, so you need to

doc/subscriptions/index.md

@@ -306,9 +306,12 @@ Sg0KU1hNMGExaE9SVGR2V2pKQlBUMWNiaUo5DQo=',
 
 #### Disable Seat Link
 
-Seat Link is enabled by default. To disable this feature, go to
-**{admin}** **Admin Area > Settings > Metrics and profiling** and
-clear the Seat Link checkbox.
+> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/212375) in [GitLab Starter](https://about.gitlab.com/pricing/) 12.10.
+
+Seat Link is enabled by default.
+
+To disable this feature, go to
+**{admin}** **Admin Area > Settings > Metrics and profiling** and clear the **Seat Link** checkbox.
 
 To disable Seat Link in an Omnibus GitLab installation, and prevent it from
 being configured in the future through the administration panel, set the following in

lib/api/internal/base.rb

@@ -108,7 +108,7 @@ module API
         #   check_ip - optional, only in EE version, may limit access to
         #     group resources based on its IP restrictions
         post "/allowed" do
-          if repo_type.snippet? && Feature.disabled?(:version_snippets, actor.user)
+          if repo_type.snippet? && params[:protocol] != 'web' && Feature.disabled?(:version_snippets, actor.user)
             break response_with_status(code: 401, success: false, message: 'Snippet git access is disabled.')
           end
 

lib/gitlab/ci/templates/Managed-Cluster-Applications.gitlab-ci.yml

@@ -1,6 +1,6 @@
 apply:
   stage: deploy
-  image: "registry.gitlab.com/gitlab-org/cluster-integration/cluster-applications:v0.12.0"
+  image: "registry.gitlab.com/gitlab-org/cluster-integration/cluster-applications:v0.13.1"
   environment:
     name: production
   variables:

lib/gitlab/sidekiq_logging/json_formatter.rb

@@ -19,6 +19,7 @@ module Gitlab
           output[:message] = data
         when Hash
           convert_to_iso8601!(data)
+          stringify_args!(data)
           output.merge!(data)
         end
 
@@ -39,6 +40,10 @@ module Gitlab
 
         Time.at(timestamp).utc.iso8601(3)
       end
+
+      def stringify_args!(payload)
+        payload['args'] = Gitlab::Utils::LogLimitedArray.log_limited_array(payload['args'].map(&:to_s)) if payload['args']
+      end
     end
   end
 end

lib/gitlab/sidekiq_logging/logs_jobs.rb

@@ -7,6 +7,7 @@ module Gitlab
         "#{payload['class']} JID-#{payload['jid']}"
       end
 
+      # NOTE: Arguments are truncated/stringified in sidekiq_logging/json_formatter.rb
       def parse_job(job)
         # Error information from the previous try is in the payload for
         # displaying in the Sidekiq UI, but is very confusing in logs!
@@ -16,7 +17,6 @@ module Gitlab
         job['pid'] = ::Process.pid
 
         job.delete('args') unless ENV['SIDEKIQ_LOG_ARGUMENTS']
-        job['args'] = Gitlab::Utils::LogLimitedArray.log_limited_array(job['args'].map(&:to_s)) if job['args']
 
         job
       end

locale/gitlab.pot

@@ -380,9 +380,6 @@ msgstr ""
 msgid "%{name}'s avatar"
 msgstr ""
 
-msgid "%{numberOfDays} days"
-msgstr ""
-
 msgid "%{number_commits_behind} commits behind %{default_branch}, %{number_commits_ahead} commits ahead"
 msgstr ""
 
@@ -2266,6 +2263,9 @@ msgstr ""
 msgid "Approvals"
 msgstr ""
 
+msgid "Approvals (you've approved)"
+msgstr ""
+
 msgid "Approve"
 msgstr ""
 
@@ -10082,6 +10082,9 @@ msgstr ""
 msgid "Group: %{name}"
 msgstr ""
 
+msgid "GroupActivityMetrics|New Members created"
+msgstr ""
+
 msgid "GroupActivyMetrics|Issues created"
 msgstr ""
 

qa/qa/page/component/ci_badge_link.rb

@@ -13,6 +13,10 @@ module QA
             timeout ? completed?(timeout: timeout) : completed?
             status_badge == status
           end
+
+          # has_passed? => passed?
+          # has_failed? => failed?
+          alias_method :"has_#{status}?", :"#{status}?"
         end
 
         # e.g. def pending?; status_badge == 'pending'; end

qa/qa/specs/features/browser_ui/6_release/pipeline/parent_child_pipelines_dependent_relationship_spec.rb

@@ -32,7 +32,7 @@ module QA
           parent_pipeline.click_linked_job(project.name)
 
           expect(parent_pipeline).to have_job("child_job")
-          expect(parent_pipeline).to be_passed
+          expect(parent_pipeline).to have_passed
         end
       end
 
@@ -44,7 +44,7 @@ module QA
           parent_pipeline.click_linked_job(project.name)
 
           expect(parent_pipeline).to have_job("child_job")
-          expect(parent_pipeline).to be_failed
+          expect(parent_pipeline).to have_failed
         end
       end
 

qa/qa/specs/features/browser_ui/6_release/pipeline/parent_child_pipelines_independent_relationship_spec.rb

@@ -32,7 +32,7 @@ module QA
           parent_pipeline.click_linked_job(project.name)
 
           expect(parent_pipeline).to have_job("child_job")
-          expect(parent_pipeline).to be_passed
+          expect(parent_pipeline).to have_passed
         end
       end
 
@@ -44,7 +44,7 @@ module QA
           parent_pipeline.click_linked_job(project.name)
 
           expect(parent_pipeline).to have_job("child_job")
-          expect(parent_pipeline).to be_passed
+          expect(parent_pipeline).to have_passed
         end
       end
 

spec/lib/gitlab/sidekiq_logging/json_formatter_spec.rb

@@ -9,6 +9,8 @@ describe Gitlab::SidekiqLogging::JSONFormatter do
   let(:timestamp_iso8601) { now.iso8601(3) }
 
   describe 'with a Hash' do
+    subject { JSON.parse(described_class.new.call('INFO', now, 'my program', hash_input)) }
+
     let(:hash_input) do
       {
         foo: 1,
@@ -23,9 +25,6 @@ describe Gitlab::SidekiqLogging::JSONFormatter do
     end
 
     it 'properly formats timestamps into ISO 8601 form' do
-      result = subject.call('INFO', now, 'my program', hash_input)
-
-      data = JSON.parse(result)
       expected_output = hash_input.stringify_keys.merge!(
         {
           'severity' => 'INFO',
@@ -39,20 +38,39 @@ describe Gitlab::SidekiqLogging::JSONFormatter do
         }
       )
 
-      expect(data).to eq(expected_output)
+      expect(subject).to eq(expected_output)
+    end
+
+    context 'when the job args are bigger than the maximum allowed' do
+      it 'keeps args from the front until they exceed the limit' do
+        half_limit = Gitlab::Utils::LogLimitedArray::MAXIMUM_ARRAY_LENGTH / 2
+        hash_input['args'] = [1, 2, 'a' * half_limit, 'b' * half_limit, 3]
+
+        expected_args = hash_input['args'].take(3).map(&:to_s) + ['...']
+
+        expect(subject['args']).to eq(expected_args)
+      end
+    end
+
+    it 'properly flattens arguments to a String' do
+      hash_input['args'] = [1, "test", 2, { 'test' => 1 }]
+
+      expect(subject['args']).to eq(["1", "test", "2", %({"test"=>1})])
     end
   end
 
-  it 'wraps a String' do
-    result = subject.call('DEBUG', now, 'my string', message)
+  describe 'with a String' do
+    it 'accepts strings with no changes' do
+      result = subject.call('DEBUG', now, 'my string', message)
 
-    data = JSON.parse(result)
-    expected_output = {
-      severity: 'DEBUG',
-      time: timestamp_iso8601,
-      message: message
-    }
+      data = JSON.parse(result)
+      expected_output = {
+        severity: 'DEBUG',
+        time: timestamp_iso8601,
+        message: message
+      }
 
-    expect(data).to eq(expected_output.stringify_keys)
+      expect(data).to eq(expected_output.stringify_keys)
+    end
   end
 end

spec/lib/gitlab/sidekiq_logging/structured_logger_spec.rb

@@ -30,7 +30,6 @@ describe Gitlab::SidekiqLogging::StructuredLogger do
     let(:clock_thread_cputime_end) { 1.333333799 }
     let(:start_payload) do
       job.except('error_backtrace', 'error_class', 'error_message').merge(
-        'args' => %w(1234 hello {"key"=>"value"}),
         'message' => 'TestWorker JID-da883554ee4fe414012f5f42: start',
         'job_status' => 'start',
         'pid' => Process.pid,
@@ -113,24 +112,6 @@ describe Gitlab::SidekiqLogging::StructuredLogger do
           end
         end
       end
-
-      context 'when the job args are bigger than the maximum allowed' do
-        it 'keeps args from the front until they exceed the limit' do
-          Timecop.freeze(timestamp) do
-            half_limit = Gitlab::Utils::LogLimitedArray::MAXIMUM_ARRAY_LENGTH / 2
-            job['args'] = [1, 2, 'a' * half_limit, 'b' * half_limit, 3]
-
-            expected_args = job['args'].take(3).map(&:to_s) + ['...']
-
-            expect(logger).to receive(:info).with(start_payload.merge('args' => expected_args)).ordered
-            expect(logger).to receive(:info).with(end_payload.merge('args' => expected_args)).ordered
-            expect(subject).to receive(:log_job_start).and_call_original
-            expect(subject).to receive(:log_job_done).and_call_original
-
-            subject.call(job, 'test_queue') { }
-          end
-        end
-      end
     end
 
     context 'with SIDEKIQ_LOG_ARGUMENTS disabled' do

spec/requests/api/internal/base_spec.rb

@@ -335,6 +335,27 @@ describe API::Internal::Base do
         end
       end
 
+      shared_examples 'snippet success' do
+        it 'responds with success' do
+          subject
+
+          expect(response).to have_gitlab_http_status(:ok)
+          expect(json_response['status']).to be_truthy
+        end
+      end
+
+      shared_examples 'snippets with web protocol' do
+        it_behaves_like 'snippet success'
+
+        context 'with disabled version flag' do
+          before do
+            stub_feature_flags(version_snippets: false)
+          end
+
+          it_behaves_like 'snippet success'
+        end
+      end
+
       context 'git push with personal snippet' do
         subject { push(key, personal_snippet, env: env.to_json, changes: snippet_changes) }
 
@@ -349,14 +370,21 @@ describe API::Internal::Base do
         end
 
         it_behaves_like 'snippets with disabled feature flag'
+
+        it_behaves_like 'snippets with web protocol' do
+          subject { push(key, personal_snippet, 'web', env: env.to_json, changes: snippet_changes) }
+        end
+
         it_behaves_like 'sets hook env' do
           let(:gl_repository) { Gitlab::GlRepository::SNIPPET.identifier_for_container(personal_snippet) }
         end
       end
 
       context 'git pull with personal snippet' do
+        subject { pull(key, personal_snippet) }
+
         it 'responds with success' do
-          pull(key, personal_snippet)
+          subject
 
           expect(response).to have_gitlab_http_status(:ok)
           expect(json_response["status"]).to be_truthy
@@ -365,8 +393,10 @@ describe API::Internal::Base do
           expect(user.reload.last_activity_on).to eql(Date.today)
         end
 
-        it_behaves_like 'snippets with disabled feature flag' do
-          subject { pull(key, personal_snippet) }
+        it_behaves_like 'snippets with disabled feature flag'
+
+        it_behaves_like 'snippets with web protocol' do
+          subject { pull(key, personal_snippet, 'web') }
         end
       end
 
@@ -384,6 +414,11 @@ describe API::Internal::Base do
         end
 
         it_behaves_like 'snippets with disabled feature flag'
+
+        it_behaves_like 'snippets with web protocol' do
+          subject { push(key, project_snippet, 'web', env: env.to_json, changes: snippet_changes) }
+        end
+
         it_behaves_like 'sets hook env' do
           let(:gl_repository) { Gitlab::GlRepository::SNIPPET.identifier_for_container(project_snippet) }
         end
@@ -403,6 +438,10 @@ describe API::Internal::Base do
         it_behaves_like 'snippets with disabled feature flag' do
           subject { pull(key, project_snippet) }
         end
+
+        it_behaves_like 'snippets with web protocol' do
+          subject { pull(key, project_snippet, 'web') }
+        end
       end
 
       context "git pull" do