diff --git a/doc/api/runners.md b/doc/api/runners.md index 657eb4d470c..cb199f06159 100644 --- a/doc/api/runners.md +++ b/doc/api/runners.md @@ -652,14 +652,14 @@ POST /runners |--------------------|--------------|----------|---------------------------------------------------------------------------------------------------------------------------------------------------------------| | `token` | string | yes | [Registration token](#registration-and-authentication-tokens) | | `description` | string | no | Runner's description | -| `info` | hash | no | Runner's metadata. You can include `name`, `version`, `revision`, `platform`, and `architecture`, but only `version` is displayed in the Admin Area of the UI | -| `active` | boolean | no | Deprecated: Use `:paused` instead. Whether the runner is allowed to receive jobs | -| `paused` | boolean | no | Whether the runner should ignore new jobs | -| `locked` | boolean | no | Whether the runner should be locked for current project | -| `run_untagged` | boolean | no | Whether the runner should handle untagged jobs | -| `tag_list` | string array | no | List of runner's tags | -| `access_level` | string | no | The access_level of the runner; `not_protected` or `ref_protected` | -| `maximum_timeout` | integer | no | Maximum timeout set when this runner handles the job | +| `info` | hash | no | Runner's metadata. You can include `name`, `version`, `revision`, `platform`, and `architecture`, but only `version`, `platform`, and `architecture` are displayed in the Admin Area of the UI | +| `active` | boolean | no | Deprecated: Use `paused` instead. Specifies whether the runner is allowed to receive new jobs | +| `paused` | boolean | no | Specifies whether the runner should ignore new jobs | +| `locked` | boolean | no | Specifies whether the runner should be locked for the current project | +| `run_untagged` | boolean | no | Specifies whether the runner should handle untagged jobs | +| `tag_list` | string array | no | A list of runner tags | +| `access_level` | string | no | The access level of the runner; `not_protected` or `ref_protected` | +| `maximum_timeout` | integer | no | Maximum timeout that limits the amount of time (in seconds) that runners can run jobs | | `maintainer_note` | string | no | [Deprecated](https://gitlab.com/gitlab-org/gitlab/-/issues/350730), see `maintenance_note` | | `maintenance_note` | string | no | Free-form maintenance notes for the runner (1024 characters) | @@ -739,9 +739,9 @@ Validates authentication credentials for a registered runner. POST /runners/verify ``` -| Attribute | Type | Required | Description | -|-------------|---------|----------|---------------------| -| `token` | string | yes | Runner's [authentication token](#registration-and-authentication-tokens). | +| Attribute | Type | Required | Description | +|-------------|---------|----------|-------------------------------------------------------------------------------| +| `token` | string | yes | The runner's [authentication token](#registration-and-authentication-tokens). | ```shell curl --request POST "https://gitlab.example.com/api/v4/runners/verify" \ @@ -759,7 +759,7 @@ Response: > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/30942) in GitLab 14.3. -Resets the runner registration token for the GitLab instance. +Reset the runner registration token for the GitLab instance. ```plaintext POST /runners/reset_registration_token @@ -828,15 +828,15 @@ Example response: ## Reset runner's authentication token by using the current token -Resets the runner's authentication token by using the current token's value as an input. +Reset the runner's authentication token by using the current token's value as an input. ```plaintext POST /runners/reset_authentication_token ``` -| Attribute | Type | Required | Description | -|-----------|---------|----------|---------------------------------| -| `token` | string | yes | The current token of the runner | +| Attribute | Type | Required | Description | +|-----------|---------|----------|----------------------------------------| +| `token` | string | yes | The authentication token of the runner | ```shell curl --request POST --form "token=" \ diff --git a/doc/topics/git/merge_conflicts.md b/doc/topics/git/merge_conflicts.md index 91b608ab705..ea37afe1b31 100644 --- a/doc/topics/git/merge_conflicts.md +++ b/doc/topics/git/merge_conflicts.md @@ -1,69 +1,11 @@ --- -stage: Create -group: Source Code -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments -comments: false +redirect_to: '../../user/project/merge_requests/conflicts.md#resolve-conflicts-from-the-command-line' +remove_date: '2023-02-01' --- -# Merge conflicts **(FREE)** +This document was moved to [another location](../../user/project/merge_requests/conflicts.md#resolve-conflicts-from-the-command-line). -- Happen often -- Learning to fix conflicts is hard -- Practice makes perfect -- Force push after fixing conflicts. Be careful! - -## Merge conflicts sample workflow - -1. Check out a new branch and edit `conflicts.rb`. Add 'Line4' and 'Line5'. -1. Commit and push. -1. Check out `main` and edit `conflicts.rb`. Add 'Line6' and 'Line7' below 'Line3'. -1. Commit and push to `main``. -1. Create a merge request and watch it fail. -1. Rebase our new branch with `main`. -1. Fix conflicts on the `conflicts.rb` file. -1. Stage the file and continue rebasing. -1. Force push the changes. -1. Finally continue with the merge request. - -```shell -git checkout -b conflicts_branch - -# vi conflicts.rb -# Add 'Line4' and 'Line5' - -git commit -am "add line4 and line5" -git push origin conflicts_branch - -git checkout main - -# vi conflicts.rb -# Add 'Line6' and 'Line7' -git commit -am "add line6 and line7" -git push origin main -``` - -Create a merge request on the GitLab web UI, and a conflict warning displays. - -```shell -git checkout conflicts_branch -git fetch -git rebase main - -# Fix conflicts by editing the files. - -git add conflicts.rb -# No need to commit this file - -git rebase --continue - -# Remember that we have rewritten our commit history so we -# need to force push so that our remote branch is restructured -git push origin conflicts_branch -f -``` - -## Note - -- When to use `git merge` and when to use `git rebase` -- Rebase when updating your branch with `main` -- Merge when bringing changes from feature to `main` -- Reference: + + + + diff --git a/doc/user/profile/notifications.md b/doc/user/profile/notifications.md index 3548537442c..057fed3c2e0 100644 --- a/doc/user/profile/notifications.md +++ b/doc/user/profile/notifications.md @@ -194,6 +194,7 @@ Users are notified of the following events: | Personal access tokens expiring soon | User | Security email, always sent. | | Personal access tokens have been created | User | Security email, always sent. _[Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/337591) in GitLab 14.9._ | | Personal access tokens have expired | User | Security email, always sent. | +| Personal access token has been revoked | User | Security email, always sent. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/98911) in GitLab 15.5. | | Project access level changed | User | Sent when user project access level is changed. | | SSH key has expired | User | Security email, always sent. _[Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/322637) in GitLab 13.12._ | | Two-factor authentication disabled | User | Security email, always sent. | diff --git a/doc/user/project/members/index.md b/doc/user/project/members/index.md index 101076ad614..e6b0da30bad 100644 --- a/doc/user/project/members/index.md +++ b/doc/user/project/members/index.md @@ -45,8 +45,7 @@ flowchart RL > - [Changed](https://gitlab.com/gitlab-org/gitlab/-/issues/247208) in GitLab 13.11 from a form to a modal window [with a flag](../../feature_flags.md). Disabled by default. > - Modal window [enabled on GitLab.com and self-managed](https://gitlab.com/gitlab-org/gitlab/-/issues/247208) in GitLab 14.8. -> - [Generally available](https://gitlab.com/gitlab-org/gitlab/-/issues/352526) in GitLab 14.9. - [Feature flag `invite_members_group_modal`](https://gitlab.com/gitlab-org/gitlab/-/issues/352526) removed. +> - [Generally available](https://gitlab.com/gitlab-org/gitlab/-/issues/352526) in GitLab 14.9. [Feature flag `invite_members_group_modal`](https://gitlab.com/gitlab-org/gitlab/-/issues/352526) removed. Add users to a project so they become members and have permission to perform actions. @@ -90,8 +89,7 @@ The Owner [role](../../permissions.md#project-members-permissions) can be added > - [Changed](https://gitlab.com/gitlab-org/gitlab/-/issues/247208) in GitLab 13.11 from a form to a modal window [with a flag](../../feature_flags.md). Disabled by default. > - Modal window [enabled on GitLab.com and self-managed](https://gitlab.com/gitlab-org/gitlab/-/issues/247208) in GitLab 14.8. -> - [Generally available](https://gitlab.com/gitlab-org/gitlab/-/issues/352526) in GitLab 14.9. - [Feature flag `invite_members_group_modal`](https://gitlab.com/gitlab-org/gitlab/-/issues/352526) removed. +> - [Generally available](https://gitlab.com/gitlab-org/gitlab/-/issues/352526) in GitLab 14.9. [Feature flag `invite_members_group_modal`](https://gitlab.com/gitlab-org/gitlab/-/issues/352526) removed. When you add a group to a project, each user in the group gets access to the project. Each user's access is based on: @@ -169,8 +167,9 @@ group itself. Prerequisites: -- To remove direct members with the Maintainer, Developer, Reporter, or Guest role, you must have the Maintainer role. -- To remove members with the Owner role, you must have the Owner role. +- To remove direct members with the: + - Maintainer, Developer, Reporter, or Guest role, you must have the Maintainer role. + - Owner role, you must have the Owner role. - Optional. Unassign the member from all issues and merge requests that are assigned to them. diff --git a/lib/api/api.rb b/lib/api/api.rb index 35d96efec5c..8de5ed042d2 100644 --- a/lib/api/api.rb +++ b/lib/api/api.rb @@ -171,6 +171,7 @@ module API namespace do mount ::API::AccessRequests mount ::API::Appearance + mount ::API::Ci::Runner mount ::API::Clusters::Agents mount ::API::Clusters::AgentTokens mount ::API::DeployKeys @@ -187,6 +188,7 @@ module API mount ::API::Release::Links mount ::API::SnippetRepositoryStorageMoves mount ::API::Statistics + mount ::API::Tags add_open_api_documentation! end @@ -211,7 +213,6 @@ module API mount ::API::Ci::PipelineSchedules mount ::API::Ci::Pipelines mount ::API::Ci::ResourceGroups - mount ::API::Ci::Runner mount ::API::Ci::Runners mount ::API::Ci::SecureFiles mount ::API::Ci::Triggers diff --git a/lib/api/ci/runner.rb b/lib/api/ci/runner.rb index 52646c80d4b..a75741ac695 100644 --- a/lib/api/ci/runner.rb +++ b/lib/api/ci/runner.rb @@ -8,15 +8,17 @@ module API content_type :txt, 'text/plain' resource :runners do - desc 'Registers a new Runner' do + desc 'Register a new runner' do + detail "Register a new runner for the instance" success Entities::Ci::RunnerRegistrationDetails - http_codes [[201, 'Runner was created'], [403, 'Forbidden']] + failure [[400, 'Bad Request'], [403, 'Forbidden']] end params do requires :token, type: String, desc: 'Registration token' optional :description, type: String, desc: %q(Runner's description) - optional :maintainer_note, type: String, desc: %q(Deprecated: Use :maintenance_note instead. Runner's maintenance notes) - optional :maintenance_note, type: String, desc: %q(Runner's maintenance notes) + optional :maintainer_note, type: String, desc: %q(Deprecated: see `maintenance_note`) + optional :maintenance_note, type: String, + desc: %q(Free-form maintenance notes for the runner (1024 characters)) optional :info, type: Hash, desc: %q(Runner's metadata) do optional :name, type: String, desc: %q(Runner's name) optional :version, type: String, desc: %q(Runner's version) @@ -24,15 +26,20 @@ module API optional :platform, type: String, desc: %q(Runner's platform) optional :architecture, type: String, desc: %q(Runner's architecture) end - optional :active, type: Boolean, desc: 'Deprecated: Use `:paused` instead. Should runner be active' - optional :paused, type: Boolean, desc: 'Whether the runner should ignore new jobs' - optional :locked, type: Boolean, desc: 'Whether the runner should be locked for current project' + optional :active, type: Boolean, + desc: 'Deprecated: Use `paused` instead. Specifies whether the runner is allowed ' \ + 'to receive new jobs' + optional :paused, type: Boolean, desc: 'Specifies whether the runner should ignore new jobs' + optional :locked, type: Boolean, desc: 'Specifies whether the runner should be locked for the current project' optional :access_level, type: String, values: ::Ci::Runner.access_levels.keys, - desc: 'The access_level of the runner; `not_protected` or `ref_protected`' - optional :run_untagged, type: Boolean, desc: 'Whether the runner should handle untagged jobs' - optional :tag_list, type: Array[String], coerce_with: ::API::Validations::Types::CommaSeparatedToArray.coerce, desc: %q(List of Runner's tags) - optional :maximum_timeout, type: Integer, desc: 'Maximum timeout set when this runner handles the job' - mutually_exclusive :maintainer_note, :maintainer_note + desc: 'The access level of the runner' + optional :run_untagged, type: Boolean, desc: 'Specifies whether the runner should handle untagged jobs' + optional :tag_list, type: Array[String], coerce_with: ::API::Validations::Types::CommaSeparatedToArray.coerce, + desc: %q(A list of runner tags) + optional :maximum_timeout, type: Integer, + desc: 'Maximum timeout that limits the amount of time (in seconds) ' \ + 'that runners can run jobs' + mutually_exclusive :maintainer_note, :maintenance_note mutually_exclusive :active, :paused end post '/', urgency: :low, feature_category: :runner do @@ -55,11 +62,12 @@ module API end end - desc 'Deletes a registered Runner' do - http_codes [[204, 'Runner was deleted'], [403, 'Forbidden']] + desc 'Delete a registered runner' do + summary "Delete a runner by authentication token" + failure [[403, 'Forbidden']] end params do - requires :token, type: String, desc: %q(Runner's authentication token) + requires :token, type: String, desc: %q(The runner's authentication token) end delete '/', urgency: :low, feature_category: :runner do authenticate_runner! @@ -67,11 +75,12 @@ module API destroy_conditionally!(current_runner) { ::Ci::Runners::UnregisterRunnerService.new(current_runner, params[:token]).execute } end - desc 'Validates authentication credentials' do + desc 'Validate authentication credentials' do + summary "Verify authentication for a registered runner" http_codes [[200, 'Credentials are valid'], [403, 'Forbidden']] end params do - requires :token, type: String, desc: %q(Runner's authentication token) + requires :token, type: String, desc: %q(The runner's authentication token) end post '/verify', urgency: :low, feature_category: :runner do authenticate_runner! @@ -81,6 +90,7 @@ module API desc 'Reset runner authentication token with current token' do success Entities::Ci::ResetTokenResult + failure [[403, 'Forbidden']] end params do requires :token, type: String, desc: 'The current authentication token of the runner' @@ -100,7 +110,8 @@ module API success Entities::Ci::JobRequest::Response http_codes [[201, 'Job was scheduled'], [204, 'No job for Runner'], - [403, 'Forbidden']] + [403, 'Forbidden'], + [409, 'Conflict']] end params do requires :token, type: String, desc: %q(Runner's authentication token) @@ -174,14 +185,14 @@ module API end end - desc 'Updates a job' do + desc 'Update a job' do http_codes [[200, 'Job was updated'], [202, 'Update accepted'], [400, 'Unknown parameters'], [403, 'Forbidden']] end params do - requires :token, type: String, desc: %q(Runners's authentication token) + requires :token, type: String, desc: %q(Runner's authentication token) requires :id, type: Integer, desc: %q(Job's ID) optional :state, type: String, desc: %q(Job's status: success, failed) optional :checksum, type: String, desc: %q(Job's trace CRC32 checksum) @@ -209,7 +220,7 @@ module API end end - desc 'Appends a patch to the job trace' do + desc 'Append a patch to the job trace' do http_codes [[202, 'Trace was patched'], [400, 'Missing Content-Range header'], [403, 'Forbidden'], diff --git a/lib/api/entities/commit.rb b/lib/api/entities/commit.rb index 6cd180cd584..5996c0966fb 100644 --- a/lib/api/entities/commit.rb +++ b/lib/api/entities/commit.rb @@ -3,15 +3,26 @@ module API module Entities class Commit < Grape::Entity - expose :id, :short_id, :created_at - expose :parent_ids - expose :full_title, as: :title - expose :safe_message, as: :message - expose :author_name, :author_email, :authored_date - expose :committer_name, :committer_email, :committed_date - expose :trailers + expose :id, documentation: { type: 'string', example: '2695effb5807a22ff3d138d593fd856244e155e7' } + expose :short_id, documentation: { type: 'string', example: '2695effb' } + expose :created_at, documentation: { type: 'dateTime', example: '2017-07-26T11:08:53.000+02:00' } + expose :parent_ids, + documentation: { type: 'string', is_array: true, example: '2a4b78934375d7f53875269ffd4f45fd83a84ebe' } + expose :full_title, as: :title, documentation: { type: 'string', example: 'Initial commit' } + expose :safe_message, as: :message, documentation: { type: 'string', example: 'Initial commit' } + expose :author_name, documentation: { type: 'string', example: 'John Smith' } + expose :author_email, documentation: { type: 'string', example: 'john@example.com' } + expose :authored_date, documentation: { type: 'dateTime', example: '2012-05-28T04:42:42-07:00' } + expose :committer_name, documentation: { type: 'string', example: 'Jack Smith' } + expose :committer_email, documentation: { type: 'string', example: 'jack@example.com' } + expose :committed_date, documentation: { type: 'dateTime', example: '2012-05-28T04:42:42-07:00' } + expose :trailers, documentation: { type: 'object', example: '{}' } - expose :web_url do |commit, _options| + expose :web_url, + documentation: { + type: 'string', + example: 'https://gitlab.example.com/thedude/gitlab-foss/-/commit/ed899a2f4b50b4370feeea94676502b42383c746' + } do |commit, _options| c = commit c = c.__subject__ if c.is_a?(Gitlab::View::Presenter::Base) Gitlab::UrlBuilder.build(c) diff --git a/lib/api/entities/tag.rb b/lib/api/entities/tag.rb index 2d3569bb9bb..713bae64d5c 100644 --- a/lib/api/entities/tag.rb +++ b/lib/api/entities/tag.rb @@ -3,7 +3,9 @@ module API module Entities class Tag < Grape::Entity - expose :name, :message, :target + expose :name, documentation: { type: 'string', example: 'v1.0.0' } + expose :message, documentation: { type: 'string', example: 'Release v1.0.0' } + expose :target, documentation: { type: 'string', example: '2695effb5807a22ff3d138d593fd856244e155e7' } expose :commit, using: Entities::Commit do |repo_tag, options| options[:project].repository.commit(repo_tag.dereferenced_target) @@ -15,7 +17,7 @@ module API end # rubocop: enable CodeReuse/ActiveRecord - expose :protected do |repo_tag, options| + expose :protected, documentation: { type: 'boolean', example: true } do |repo_tag, options| ::ProtectedTag.protected?(options[:project], repo_tag.name) end end diff --git a/lib/api/entities/tag_release.rb b/lib/api/entities/tag_release.rb index d5f73d60332..66d1eeeab4a 100644 --- a/lib/api/entities/tag_release.rb +++ b/lib/api/entities/tag_release.rb @@ -4,8 +4,8 @@ module API module Entities # deprecated old Release representation class TagRelease < Grape::Entity - expose :tag, as: :tag_name - expose :description + expose :tag, as: :tag_name, documentation: { type: 'string', example: '1.0.0' } + expose :description, documentation: { type: 'string', example: 'Amazing release. Wow' } end end end diff --git a/lib/api/tags.rb b/lib/api/tags.rb index c8ac68189f5..8d7b4045639 100644 --- a/lib/api/tags.rb +++ b/lib/api/tags.rb @@ -17,7 +17,15 @@ module API end resource :projects, requirements: API::NAMESPACE_OR_PROJECT_REQUIREMENTS do desc 'Get a project repository tags' do - success Entities::Tag + is_array true + success code: 200, model: Entities::Tag + failure [ + { code: 403, message: 'Unauthenticated' }, + { code: 404, message: 'Not found' }, + { code: 422, message: 'Unprocessable entity' }, + { code: 503, message: 'Service unavailable' } + ] + tags %w[tags] end params do optional :sort, type: String, values: %w[asc desc], default: 'desc', @@ -46,7 +54,12 @@ module API end desc 'Get a single repository tag' do - success Entities::Tag + success code: 200, model: Entities::Tag + failure [ + { code: 403, message: 'Unauthenticated' }, + { code: 404, message: 'Not found' } + ] + tags %w[tags] end params do requires :tag_name, type: String, desc: 'The name of the tag' @@ -59,12 +72,18 @@ module API end desc 'Create a new repository tag' do - success Entities::Tag + success code: 201, model: Entities::Tag + failure [ + { code: 400, message: 'Bad request' }, + { code: 403, message: 'Unauthenticated' }, + { code: 404, message: 'Not found' } + ] + tags %w[tags] end params do - requires :tag_name, type: String, desc: 'The name of the tag' - requires :ref, type: String, desc: 'The commit sha or branch name' - optional :message, type: String, desc: 'Specifying a message creates an annotated tag' + requires :tag_name, type: String, desc: 'The name of the tag', documentation: { example: 'v.1.0.0' } + requires :ref, type: String, desc: 'The commit sha or branch name', documentation: { example: '2695effb5807a22ff3d138d593fd856244e155e7' } + optional :message, type: String, desc: 'Specifying a message creates an annotated tag', documentation: { example: 'Release 1.0.0' } end post ':id/repository/tags', :release_orchestration do authorize_admin_tag @@ -81,7 +100,15 @@ module API end end - desc 'Delete a repository tag' + desc 'Delete a repository tag' do + success code: 204 + failure [ + { code: 403, message: 'Unauthenticated' }, + { code: 404, message: 'Not found' }, + { code: 412, message: 'Precondition failed' } + ] + tags %w[tags] + end params do requires :tag_name, type: String, desc: 'The name of the tag' end diff --git a/spec/features/projects/issues/design_management/user_views_designs_with_svg_xss_spec.rb b/spec/features/projects/issues/design_management/user_views_designs_with_svg_xss_spec.rb index 0fe84ab47ed..682a45cf592 100644 --- a/spec/features/projects/issues/design_management/user_views_designs_with_svg_xss_spec.rb +++ b/spec/features/projects/issues/design_management/user_views_designs_with_svg_xss_spec.rb @@ -28,7 +28,7 @@ RSpec.describe 'User views an SVG design that contains XSS', :js do expect(file_content).to include("") end - it 'displays the SVG' do + it 'displays the SVG', quarantine: 'https://gitlab.com/gitlab-org/gitlab/-/issues/381115' do find("[data-testid='close-design']").click expect(page).to have_selector("img.design-img[alt='xss.svg']", count: 1, visible: false) end