Add latest changes from gitlab-org/gitlab@master

2022-01-19 03:14:09 +00:00 · 2022-01-19 03:14:09 +00:00 · 57007c0e64
parent 6e70c2b428
commit 57007c0e64
15 changed files with 46 additions and 108 deletions
--- a/.gitlab/ci/docs.gitlab-ci.yml
+++ b/.gitlab/ci/docs.gitlab-ci.yml
@ -44,7 +44,7 @@ docs-lint markdown:
    - .default-retry
    - .docs:rules:docs-lint
  # When updating the image version here, update it in /scripts/lint-doc.sh too.
-  image: registry.gitlab.com/gitlab-org/gitlab-docs/lint-markdown:alpine-3.14-vale-2.12.0-markdownlint-0.29.0
+  image: registry.gitlab.com/gitlab-org/gitlab-docs/lint-markdown:alpine-3.15-vale-2.14.0-markdownlint-0.30.0
  stage: lint
  needs: []
  script:
@ -53,7 +53,7 @@ docs-lint markdown:
 docs-lint links:
  extends:
    - .docs:rules:docs-lint
-  image: registry.gitlab.com/gitlab-org/gitlab-docs/lint-html:alpine-3.14-ruby-2.7.5-08847baa
+  image: registry.gitlab.com/gitlab-org/gitlab-docs/lint-html:alpine-3.15-ruby-2.7.5-cee62c13
  stage: lint
  needs: []
  script:
--- a/app/models/concerns/has_wiki.rb
+++ b/app/models/concerns/has_wiki.rb
@ -17,7 +17,7 @@ module HasWiki
  def wiki
    strong_memoize(:wiki) do
-      Wiki.for_container(self, self.default_owner)
+      Wiki.for_container(self, self.first_owner)
    end
  end
--- a/app/models/group.rb
+++ b/app/models/group.rb
@ -725,8 +725,8 @@ class Group < Namespace
    end
  end
-  def default_owner
+  def first_owner
-    owners.first || parent&.default_owner || owner
+    owners.first || parent&.first_owner || owner
  end
  def default_branch_name
--- a/app/models/project.rb
+++ b/app/models/project.rb
@ -1514,11 +1514,11 @@ class Project < ApplicationRecord
    group || namespace.try(:owner)
  end
-  def default_owner
+  def first_owner
    obj = owner
-    if obj.respond_to?(:default_owner)
+    if obj.respond_to?(:first_owner)
-      obj.default_owner
+      obj.first_owner
    else
      obj
    end
--- a/app/services/design_management/copy_design_collection/copy_service.rb
+++ b/app/services/design_management/copy_design_collection/copy_service.rb
@ -16,7 +16,7 @@ module DesignManagement
        @temporary_branch = "CopyDesignCollectionService_#{SecureRandom.hex}"
        # The user who triggered the copy may not have permissions to push
        # to the design repository.
-        @git_user = @target_project.default_owner
+        @git_user = @target_project.first_owner
        @designs = DesignManagement::Design.unscoped.where(issue: issue).order(:id).load
        @versions = DesignManagement::Version.unscoped.where(issue: issue).order(:id).includes(:designs).load
--- a/doc/administration/gitaly/configure_gitaly.md
+++ b/doc/administration/gitaly/configure_gitaly.md
@ -565,6 +565,12 @@ Note the following:
 - You can configure Gitaly servers with both an unencrypted listening address `listen_addr` and an
  encrypted listening address `tls_listen_addr` at the same time. This allows you to gradually
  transition from unencrypted to encrypted traffic if necessary.
 - When running Praefect sub-commands such as `dial-nodes` and `list-untracked-repositories` from the command line with Gitaly TLS enabled, you must set
  the `SSL_CERT_DIR` or `SSL_CERT_FILE` environment variable so that the Gitaly certificate is trusted. For example: 
   ```shell
   sudo SSL_CERT_DIR=/etc/gitlab/trusted_certs /opt/gitlab/embedded/bin/praefect -config /var/opt/gitlab/praefect/config.toml dial-nodes
   ```
 To configure Gitaly with TLS:
--- a/doc/administration/gitaly/praefect.md
+++ b/doc/administration/gitaly/praefect.md
@ -408,7 +408,7 @@ On the **Praefect** node:
   # Enable only the Praefect service
   praefect['enable'] = true
-   # Prevent database connections during 'gitlab-ctl reconfigure'
+   # Disable database migrations to prevent database connections during 'gitlab-ctl reconfigure'
   gitlab_rails['auto_migrate'] = false
   praefect['auto_migrate'] = false
   ```
@ -531,7 +531,7 @@ On the **Praefect** node:
 1. For:
   - The "deploy node":
-     1. Enable Praefect auto-migration again by setting `praefect['auto_migrate'] = true` in
+     1. Enable Praefect database auto-migration again by setting `praefect['auto_migrate'] = true` in
        `/etc/gitlab/gitlab.rb`.
     1. To ensure database migrations are only run during reconfigure and not automatically on
        upgrade, run:
@ -767,7 +767,7 @@ For more information on Gitaly server configuration, see our
   # Enable Prometheus if needed
   prometheus['enable'] = true
-   # Prevent database connections during 'gitlab-ctl reconfigure'
+   # Disable database migrations to prevent database connections during 'gitlab-ctl reconfigure'
   gitlab_rails['auto_migrate'] = false
   ```
@ -1229,9 +1229,9 @@ To migrate existing clusters:
 1. Praefect nodes didn't historically keep database records of every repository stored on the cluster. When
   the `per_repository` election strategy is configured, Praefect expects to have database records of
-   each repository. A [background migration](https://gitlab.com/gitlab-org/gitaly/-/merge_requests/2749) is
+   each repository. A [background database migration](https://gitlab.com/gitlab-org/gitaly/-/merge_requests/2749) is
-   included in GitLab 13.6 and later to create any missing database records for repositories. Before migrating
+   included in GitLab 13.6 and later to create any missing database records for repositories. Before migrating,
-   you should verify the migration has run by checking Praefect's logs:
+   check Praefect's logs to verify that the database migration ran.
   Check Praefect's logs for `repository importer finished` message. The `virtual_storages` field contains
   the names of virtual storages and whether they've had any missing database records created.
@ -1248,8 +1248,8 @@ To migrate existing clusters:
   {"level":"info","msg":"repository importer finished","pid":19752,"time":"2021-04-28T11:41:36.743Z","virtual_storages":{"default":false}}
   ```
-   The migration is ran when Praefect starts up. If the migration is unsuccessful, you can restart
+   The database migration runs when Praefect starts. If the database migration is unsuccessful, you can restart
-   a Praefect node to reattempt it. The migration only runs with `sql` election strategy configured.
+   a Praefect node to reattempt it.
 1. Running two different election strategies side by side can cause a split brain, where different
   Praefect nodes consider repositories to have different primaries. This can be avoided either:
--- a/doc/development/gitaly.md
+++ b/doc/development/gitaly.md
@ -112,10 +112,9 @@ bundle exec rake gitlab:features:disable_rugged
 Most of this code exists in the `lib/gitlab/git/rugged_impl` directory.
 NOTE:
-You should *not* need to add or modify code related to
+You should *not* have to add or modify code related to Rugged unless explicitly discussed with the
-Rugged unless explicitly discussed with the
+[Gitaly Team](https://gitlab.com/groups/gl-gitaly/group_members). This code does not work on GitLab.com or other GitLab
-[Gitaly Team](https://gitlab.com/groups/gl-gitaly/group_members). This code does
+instances that do not use NFS.
 NOT work on GitLab.com or other GitLab instances that do not use NFS.
 ## `TooManyInvocationsError` errors
@ -197,7 +196,7 @@ If you make changes to your local Gitaly in between test runs you need
 to manually run `make` again.
 Note that CI tests do not use your locally modified version of
-Gitaly. To use a custom Gitaly version in CI you need to update
+Gitaly. To use a custom Gitaly version in CI, you must update
 GITALY_SERVER_VERSION as described at the beginning of this section.
 To use a different Gitaly repository, such as if your changes are present
@ -326,7 +325,7 @@ default value. The default value depends on the GitLab version.
 To be sure that the flag is set correctly and it goes into Gitaly, you can check
 the integration by using GDK:
-1. The state of the flag must be observable. To check it, you need to enable it
+1. The state of the flag must be observable. To check it, you must enable it
   by fetching the Prometheus metrics:
   1. Navigate to GDK's root directory.
   1. Make sure you have the proper branch checked out for Gitaly.
--- a/doc/user/group/settings/group_access_tokens.md
+++ b/doc/user/group/settings/group_access_tokens.md
@ -7,10 +7,15 @@ type: reference, howto
 # Group access tokens
 With group access tokens, you can use a single token to:
 - Perform actions for groups.
 - Manage the projects within the group.
 You can use a group access token to authenticate:
 - With the [GitLab API](../../../api/index.md#personalprojectgroup-access-tokens).
- With Git, when using HTTP Basic Authentication.
+- In [GitLab 14.2](https://gitlab.com/gitlab-org/gitlab/-/issues/330718) and later, authenticate with Git over HTTPS.
 After you configure a group access token, you don't need a password when you authenticate.
 Instead, you can enter any non-blank value.
--- a/doc/user/project/settings/project_access_tokens.md
+++ b/doc/user/project/settings/project_access_tokens.md
@ -84,78 +84,6 @@ To enable or disable project access token creation for all projects in a top-lev
 Even when creation is disabled, you can still use and revoke existing project access tokens.
 ## Group access tokens **(FREE SELF)**
 With group access tokens, you can use a single token to:
 - Perform actions for groups.
 - Manage the projects within the group.
 - In [GitLab 14.2](https://gitlab.com/gitlab-org/gitlab/-/issues/330718) and later, authenticate with Git over HTTPS.
 NOTE:
 You cannot use the UI to create a group access token. [An issue exists](https://gitlab.com/gitlab-org/gitlab/-/issues/214045)
 to add this functionality. This section describes a workaround.
 If you are an administrator of a self-managed GitLab instance, you can create a group access token in the
 [Rails console](../../../administration/operations/rails_console.md).
 <div class="video-fallback">
  For a demo of the group access token workaround, see <a href="https://www.youtube.com/watch?v=W2fg1P1xmU0">Demo: Group Level Access Tokens</a>.
 </div>
 <figure class="video-container">
  <iframe src="https://www.youtube.com/embed/W2fg1P1xmU0" frameborder="0" allowfullscreen="true"> </iframe>
 </figure>
 ### Create a group access token
 To create a group access token:
 1. Run the following commands in a [Rails console](../../../administration/operations/rails_console.md):
   ```ruby
   # Set the GitLab administration user to use. If user ID 1 is not available or is not an administrator, use 'admin = User.admins.first' instead to select an administrator.
   admin = User.find(1)
   # Set the group group you want to create a token for. For example, group with ID 109.
   group = Group.find(109)
   # Create the group bot user. For further group access tokens, the username should be group_#{group.id}_bot#{bot_count}. For example, group_109_bot2 and email address group_109_bot2@example.com.
   bot = Users::CreateService.new(admin, { name: 'group_token', username: "group_#{group.id}_bot", email: "group_#{group.id}_bot@example.com", user_type: :project_bot }).execute
   # Confirm the group bot.
   bot.confirm
   # Add the bot to the group with the required role.
   group.add_user(bot, :maintainer)
   # Give the bot a personal access token.
   token = bot.personal_access_tokens.create(scopes:[:api, :write_repository], name: 'group_token')
   # Get the token value.
   gtoken = token.token
   ```
 1. Test if the generated group access token works:
   1. Use the group access token in the `PRIVATE-TOKEN` header with GitLab REST APIs. For example:
      - [Create an epic](../../../api/epics.md#new-epic) in the group.
      - [Create a project pipeline](../../../api/pipelines.md#create-a-new-pipeline) in one of the group's projects.
      - [Create an issue](../../../api/issues.md#new-issue) in one of the group's projects.
   1. Use the group token to [clone a group's project](../../../gitlab-basics/start-using-git.md#clone-with-https)
      using HTTPS.
 ### Revoke a group access token
 To revoke a group access token, run the following command in a [Rails console](../../../administration/operations/rails_console.md):
 ```ruby
 bot = User.find_by(username: 'group_109_bot') # the owner of the token you want to revoke
 token = bot.personal_access_tokens.last # the token you want to revoke
 token.revoke!
 ```
 ## Project bot users
 > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/210181) in GitLab 13.0.
--- a/scripts/lint-doc.sh
+++ b/scripts/lint-doc.sh
@ -128,7 +128,7 @@ function run_locally_or_in_docker() {
    $cmd $args
  elif hash docker 2>/dev/null
  then
-    docker run -t -v ${PWD}:/gitlab -w /gitlab --rm registry.gitlab.com/gitlab-org/gitlab-docs/lint-markdown:alpine-3.14-vale-2.12.0-markdownlint-0.29.0 ${cmd} ${args}
+    docker run -t -v ${PWD}:/gitlab -w /gitlab --rm registry.gitlab.com/gitlab-org/gitlab-docs/lint-markdown:alpine-3.15-vale-2.14.0-markdownlint-0.30.0 ${cmd} ${args}
  else
    echo
    echo "  ✖ ERROR: '${cmd}' not found. Install '${cmd}' or Docker to proceed." >&2
--- a/spec/factories/wikis.rb
+++ b/spec/factories/wikis.rb
@ -4,7 +4,7 @@ FactoryBot.define do
  factory :wiki do
    transient do
      container { association(:project) }
-      user { container.default_owner || association(:user) }
+      user { container.first_owner || association(:user) }
    end
    initialize_with { Wiki.for_container(container, user) }
--- a/spec/models/group_spec.rb
+++ b/spec/models/group_spec.rb
@ -2539,7 +2539,7 @@ RSpec.describe Group do
    end
  end
-  describe '#default_owner' do
+  describe '#first_owner' do
    let(:group) { build(:group) }
    context 'the group has owners' do
@ -2549,7 +2549,7 @@ RSpec.describe Group do
      end
      it 'is the first owner' do
-        expect(group.default_owner)
+        expect(group.first_owner)
          .to eq(group.owners.first)
          .and be_a(User)
      end
@ -2564,8 +2564,8 @@ RSpec.describe Group do
      end
      it 'is the first owner of the parent' do
-        expect(group.default_owner)
+        expect(group.first_owner)
-          .to eq(parent.default_owner)
+          .to eq(parent.first_owner)
          .and be_a(User)
      end
    end
@ -2576,7 +2576,7 @@ RSpec.describe Group do
      end
      it 'is the group.owner' do
-        expect(group.default_owner)
+        expect(group.first_owner)
          .to eq(group.owner)
          .and be_a(User)
      end
--- a/spec/models/project_spec.rb
+++ b/spec/models/project_spec.rb
@ -1299,7 +1299,7 @@ RSpec.describe Project, factory_default: :keep do
    end
  end
-  describe '#default_owner' do
+  describe '#first_owner' do
    let_it_be(:owner)     { create(:user) }
    let_it_be(:namespace) { create(:namespace, owner: owner) }
@ -1307,7 +1307,7 @@ RSpec.describe Project, factory_default: :keep do
      let(:project) { build(:project, namespace: namespace) }
      it 'is the namespace owner' do
-        expect(project.default_owner).to eq(owner)
+        expect(project.first_owner).to eq(owner)
      end
    end
@ -1316,9 +1316,9 @@ RSpec.describe Project, factory_default: :keep do
      let(:project) { build(:project, group: group, namespace: namespace) }
      it 'is the group owner' do
-        allow(group).to receive(:default_owner).and_return(Object.new)
+        allow(group).to receive(:first_owner).and_return(Object.new)
-        expect(project.default_owner).to eq(group.default_owner)
+        expect(project.first_owner).to eq(group.first_owner)
      end
    end
  end
--- a/spec/views/shared/wikis/_sidebar.html.haml_spec.rb
+++ b/spec/views/shared/wikis/_sidebar.html.haml_spec.rb
@ -3,7 +3,7 @@ require 'spec_helper'
 RSpec.describe 'shared/wikis/_sidebar.html.haml' do
  let_it_be(:project) { create(:project) }
-  let_it_be(:wiki) { Wiki.for_container(project, project.default_owner) }
+  let_it_be(:wiki) { Wiki.for_container(project, project.first_owner) }
  before do
    assign(:wiki, wiki)