kotovalexarian-likes-gitlab
/
gitlab-org--gitlab-foss
1
0
Fork 0
Code Releases Activity

Add latest changes from gitlab-org/gitlab@master

This commit is contained in:
GitLab Bot 2022-08-25 03:10:55 +00:00
parent b9955afcfb
commit 65de487500
31 changed files with 283 additions and 81 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
.gitlab/ci/review.gitlab-ci.yml
View File

@ -23,7 +23,7 @@ review-cleanup:
- ruby -rrubygems scripts/review_apps/automated_cleanup.rb
- gcp_cleanup
review-app-pipeline-generate:
.review-app-pipeline-generate:
image: ${GITLAB_DEPENDENCY_PROXY}ruby:${RUBY_VERSION}
stage: prepare
extends:
@ -52,7 +52,8 @@ review-app-pipeline-generate:
exit $exit_code
fi
start-review-app-pipeline:
# Temporarily disable review-apps due to https://gitlab.com/gitlab-org/gitlab/-/issues/371809
.start-review-app-pipeline:
extends:
- .review:rules:start-review-app-pipeline
resource_group: review/${CI_COMMIT_REF_SLUG}${SCHEDULE_TYPE} # CI_ENVIRONMENT_SLUG is not available here and we want this to be the same as the environment

1
.rubocop_todo/style/percent_literal_delimiters.yml
View File

@ -254,7 +254,6 @@ Style/PercentLiteralDelimiters:
- 'ee/app/mailers/previews/license_mailer_preview.rb'
- 'ee/app/models/app_sec/fuzzing/api/scan_profile.rb'
- 'ee/app/models/app_sec/fuzzing/coverage/corpus.rb'
- 'ee/app/models/concerns/ee/approvable.rb'
- 'ee/app/models/concerns/ee/issue_available_features.rb'
- 'ee/app/models/ee/audit_event.rb'
- 'ee/app/models/ee/description_version.rb'

3
app/assets/javascripts/boards/components/board_card_inner.vue
View File

@ -38,6 +38,8 @@ export default {
GlSprintf,
BoardCardMoveToPosition,
WorkItemTypeIcon,
IssueHealthStatus: () =>
import('ee_component/related_items_tree/components/issue_health_status.vue'),
},
directives: {
GlTooltip: GlTooltipDirective,
@ -381,6 +383,7 @@ export default {
:weight="item.weight"
@click="filterByWeight(item.weight)"
/>
<issue-health-status v-if="item.healthStatus" :health-status="item.healthStatus" />
</span>
</span>
</div>

8
app/assets/javascripts/google_tag_manager/index.js
View File

@ -290,3 +290,11 @@ export const trackCombinedGroupProjectForm = () => {
pushEvent('combinedGroupProjectFormSubmit');
});
};
export const trackCompanyForm = (aboutYourCompanyType) => {
if (!isSupported()) {
return;
}
pushEvent('aboutYourCompanyFormSubmit', { aboutYourCompanyType });
};

8
app/assets/javascripts/jobs/components/filtered_search/utils.js
View File

@ -10,10 +10,14 @@ export const validateQueryString = (queryStringObj) => {
const filters = Object.keys(queryStringObj);
if (filters.includes('statuses')) {
const found = jobStatusValues.find((status) => status === queryStringObj.statuses);
const queryStringStatus = {
statuses: queryStringObj.statuses.toUpperCase(),
};
const found = jobStatusValues.find((status) => status === queryStringStatus.statuses);
if (found) {
return queryStringObj;
return queryStringStatus;
}
return null;

6
app/assets/stylesheets/page_bundles/boards.scss
View File

@ -182,10 +182,8 @@
}
.board-card-number {
font-size: $gl-font-size-xs;
@include media-breakpoint-up(md) {
font-size: $label-font-size;
@include media-breakpoint-down(md) {
font-size: $gl-font-size-sm;
}
}

11
app/serializers/impersonation_access_token_entity.rb Normal file
View File

@ -0,0 +1,11 @@
# frozen_string_literal: true
# rubocop: disable Gitlab/NamespacedClass
class ImpersonationAccessTokenEntity < API::Entities::PersonalAccessToken
include Gitlab::Routing
expose :revoke_path do |token, _options|
revoke_admin_user_impersonation_token_path(token.user, token)
end
end
# rubocop: enable Gitlab/NamespacedClass

7
app/serializers/impersonation_access_token_serializer.rb Normal file
View File

@ -0,0 +1,7 @@
# frozen_string_literal: true
# rubocop: disable Gitlab/NamespacedClass
class ImpersonationAccessTokenSerializer < BaseSerializer
entity ImpersonationAccessTokenEntity
end
# rubocop: enable Gitlab/NamespacedClass

9
db/migrate/20220822102651_add_namespace_id_to_broadcast_message.rb Normal file
View File

@ -0,0 +1,9 @@
# frozen_string_literal: true
class AddNamespaceIdToBroadcastMessage < Gitlab::Database::Migration[2.0]
enable_lock_retries!
def change
add_column :broadcast_messages, :namespace_id, :bigint
end
end

17
db/migrate/20220822103638_add_index_and_foreign_key_to_broadcast_message.rb Normal file
View File

@ -0,0 +1,17 @@
# frozen_string_literal: true
class AddIndexAndForeignKeyToBroadcastMessage < Gitlab::Database::Migration[2.0]
disable_ddl_transaction!
INDEX_NAME = 'index_broadcast_messages_on_namespace_id'
def up
add_concurrent_index :broadcast_messages, :namespace_id, name: INDEX_NAME
add_concurrent_foreign_key :broadcast_messages, :namespaces, column: :namespace_id, on_delete: :cascade
end
def down
remove_foreign_key_if_exists :broadcast_messages, column: :namespace_id
remove_concurrent_index_by_name :broadcast_messages, name: INDEX_NAME
end
end

1
db/schema_migrations/20220822102651 Normal file
View File

@ -0,0 +1 @@
2bf5f851ee8919f2306a36ae299cd3c30943d5cc3356981bab2091ff104ef127

1
db/schema_migrations/20220822103638 Normal file
View File

@ -0,0 +1 @@
9aee5b0e3475736170d7169fd3c8ac9933d976ee69a2769dea29ee4bc553af27

8
db/structure.sql
View File

@ -12286,7 +12286,8 @@ CREATE TABLE broadcast_messages (
broadcast_type smallint DEFAULT 1 NOT NULL,
dismissable boolean,
target_access_levels integer[] DEFAULT '{}'::integer[] NOT NULL,
theme smallint DEFAULT 0 NOT NULL
theme smallint DEFAULT 0 NOT NULL,
namespace_id bigint
);
CREATE SEQUENCE broadcast_messages_id_seq
@ -27776,6 +27777,8 @@ CREATE INDEX index_boards_on_project_id ON boards USING btree (project_id);
CREATE INDEX index_broadcast_message_on_ends_at_and_broadcast_type_and_id ON broadcast_messages USING btree (ends_at, broadcast_type, id);
CREATE INDEX index_broadcast_messages_on_namespace_id ON broadcast_messages USING btree (namespace_id);
CREATE INDEX index_btree_namespaces_traversal_ids ON namespaces USING btree (traversal_ids);
CREATE INDEX index_bulk_import_configurations_on_bulk_import_id ON bulk_import_configurations USING btree (bulk_import_id);
@ -32456,6 +32459,9 @@ ALTER TABLE ONLY vulnerabilities
ALTER TABLE ONLY issue_customer_relations_contacts
ADD CONSTRAINT fk_7b92f835bb FOREIGN KEY (contact_id) REFERENCES customer_relations_contacts(id) ON DELETE CASCADE;
ALTER TABLE ONLY broadcast_messages
ADD CONSTRAINT fk_7bf2ec43da FOREIGN KEY (namespace_id) REFERENCES namespaces(id) ON DELETE CASCADE;
ALTER TABLE ONLY vulnerabilities
ADD CONSTRAINT fk_7c5bb22a22 FOREIGN KEY (due_date_sourcing_milestone_id) REFERENCES milestones(id) ON DELETE SET NULL;

28
doc/user/group/access_and_permissions.md
View File

@ -30,6 +30,26 @@ The group's new subgroups have push rules set for them based on either:
- The closest parent group with push rules defined.
- Push rules set at the instance level, if no parent groups have push rules defined.
## Restrict Git access protocols
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/365601) in GitLab 15.1 [with a flag](../../administration/feature_flags.md) named `group_level_git_protocol_control`. Disabled by default.
FLAG:
On self-managed GitLab, by default this feature is not available. To make it available, ask an administrator to
[enable the feature flag](../../administration/feature_flags.md) named `group_level_git_protocol_control`. On GitLab.com,
this feature is available.
You can set the permitted protocols used to access a group's repositories to either SSH, HTTPS, or both. This setting
is disabled when the [instance setting](../admin_area/settings/visibility_and_access_controls.md#configure-enabled-git-access-protocols) is
configured by an administrator.
To change the permitted Git access protocols for a group:
1. Go to the group's **Settings > General** page.
1. Expand the **Permissions and group features** section.
1. Choose the permitted protocols from **Enabled Git access protocols**.
1. Select **Save changes**.
## Restrict group access by IP address **(PREMIUM)**
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/1985) in GitLab 12.0.
@ -67,7 +87,7 @@ To restrict group access by IP address:
1. Go to the group's **Settings > General** page.
1. Expand the **Permissions and group features** section.
1. In the **Allow access to the following IP addresses** field, enter IPv4 or IPv6 address ranges in CIDR notation.
1. In the **Restrict access by IP address** field, enter IPv4 or IPv6 address ranges in CIDR notation.
1. Select **Save changes**.
In self-managed installations of GitLab 15.1 and later, you can also configure
@ -130,7 +150,7 @@ To prevent sharing outside of the group's hierarchy:
1. On the top bar, select **Menu > Groups** and find your group.
1. On the left sidebar, select **Settings > General**.
1. Expand **Permissions and group features**.
1. Select **Prevent members from sending invitations to groups outside of `<group_name>` and its subgroups**.
1. Select **Members cannot invite groups outside of `<group_name>` and its subgroups**.
1. Select **Save changes**.
## Prevent a project from being shared with groups
@ -143,7 +163,7 @@ To prevent a project from being shared with other groups:
1. Go to the group's **Settings > General** page.
1. Expand the **Permissions and group features** section.
1. Select **Prevent sharing a project in `<group_name>` with other groups**.
1. Select **Projects in `<group_name>` cannot be shared with other groups**.
1. Select **Save changes**.
This setting applies to all subgroups unless overridden by a group owner. Groups already
@ -199,7 +219,7 @@ To prevent members from being added to projects in a group:
1. Go to the group's **Settings > General** page.
1. Expand the **Permissions and group features** section.
1. Under **Membership**, select **Prevent adding new members to projects within this group**.
1. Under **Membership**, select **Users cannot be added to projects in this group**.
1. Select **Save changes**.
All users who previously had permissions can no longer add members to a group.

8
doc/user/group/manage.md
View File

@ -212,7 +212,7 @@ To change this setting for a specific group:
1. Find the group and select it.
1. From the left menu, select **Settings > General**.
1. Expand the **Permissions and group features** section.
1. Select the desired option in the **Allowed to create projects** dropdown list.
1. Select the desired option in the **Roles allowed to create projects** dropdown list.
1. Select **Save changes**.
To change this setting globally, see [Default project creation protection](../admin_area/settings/visibility_and_access_controls.md#define-which-roles-can-create-projects).
@ -342,7 +342,7 @@ To transfer a group:
> - [User interface changed](https://gitlab.com/gitlab-org/gitlab/-/issues/352961) in GitLab 15.1.
[Delayed project deletion](../project/settings/index.md#delayed-project-deletion) is locked and disabled unless the instance-level settings for
[deletion protection](../admin_area/settings/visibility_and_access_controls.md#deletion-protection) is enabled for either groups only or groups and projects.
[deletion protection](../admin_area/settings/visibility_and_access_controls.md#deletion-protection) are enabled for either groups only or groups and projects.
When enabled on groups, projects in the group are deleted after a period of delay. During this period, projects are in a read-only state and can be restored.
The default period is seven days but [is configurable at the instance level](../admin_area/settings/visibility_and_access_controls.md#retention-period).
@ -379,7 +379,7 @@ To disable email notifications:
1. Go to the group's **Settings > General** page.
1. Expand the **Permissions and group features** section.
1. Select **Disable email notifications**.
1. Select **Email notifications are disabled**.
1. Select **Save changes**.
## Disable group mentions
@ -398,7 +398,7 @@ To disable group mentions:
1. Go to the group's **Settings > General** page.
1. Expand the **Permissions and group features** section.
1. Select **Disable group mentions**.
1. Select **Group mentions are disabled**.
1. Select **Save changes**.
## Export members as CSV **(PREMIUM)**

14
lib/gitlab/ci/parsers/sbom/cyclonedx.rb
View File

@ -6,7 +6,6 @@ module Gitlab
module Sbom
class Cyclonedx
SUPPORTED_SPEC_VERSIONS = %w[1.4].freeze
COMPONENT_ATTRIBUTES = %w[type name version].freeze
def parse!(blob, sbom_report)
@report = sbom_report
@ -62,10 +61,17 @@ module Gitlab
end
def parse_components
data['components']&.each do |component|
next unless supported_component_type?(component['type'])
data['components']&.each do |component_data|
type = component_data['type']
next unless supported_component_type?(type)
report.add_component(component.slice(*COMPONENT_ATTRIBUTES))
component = ::Gitlab::Ci::Reports::Sbom::Component.new(
type: type,
name: component_data['name'],
version: component_data['version']
)
report.add_component(component)
end
end

10
lib/gitlab/ci/parsers/sbom/source/dependency_scanning.rb
View File

@ -21,11 +21,11 @@ module Gitlab
def source
return unless required_attributes_present?
{
'type' => :dependency_scanning,
'data' => data,
'fingerprint' => fingerprint
}
::Gitlab::Ci::Reports::Sbom::Source.new(
type: :dependency_scanning,
data: data,
fingerprint: fingerprint
)
end
private

8
lib/gitlab/ci/reports/sbom/component.rb
View File

@ -7,10 +7,10 @@ module Gitlab
class Component
attr_reader :component_type, :name, :version
def initialize(component = {})
@component_type = component['type']
@name = component['name']
@version = component['version']
def initialize(type:, name:, version:)
@component_type = type
@name = name
@version = version
end
end
end

4
lib/gitlab/ci/reports/sbom/report.rb
View File

@ -17,11 +17,11 @@ module Gitlab
end
def set_source(source)
self.source = Source.new(source)
self.source = source
end
def add_component(component)
components << Component.new(component)
components << component
end
private

8
lib/gitlab/ci/reports/sbom/source.rb
View File

@ -7,10 +7,10 @@ module Gitlab
class Source
attr_reader :source_type, :data, :fingerprint
def initialize(source = {})
@source_type = source['type']
@data = source['data']
@fingerprint = source['fingerprint']
def initialize(type:, data:, fingerprint:)
@source_type = type
@data = data
@fingerprint = fingerprint
end
end
end

19
spec/factories/ci/reports/sbom/components.rb Normal file
View File

@ -0,0 +1,19 @@
# frozen_string_literal: true
FactoryBot.define do
factory :ci_reports_sbom_component, class: '::Gitlab::Ci::Reports::Sbom::Component' do
type { :library }
sequence(:name) { |n| "component-#{n}" }
sequence(:version) { |n| "v0.0.#{n}" }
skip_create
initialize_with do
::Gitlab::Ci::Reports::Sbom::Component.new(
type: type,
name: name,
version: version
)
end
end
end

34
spec/factories/ci/reports/sbom/sources.rb Normal file
View File

@ -0,0 +1,34 @@
# frozen_string_literal: true
FactoryBot.define do
factory :ci_reports_sbom_source, class: '::Gitlab::Ci::Reports::Sbom::Source' do
type { :dependency_scanning }
transient do
sequence(:input_file_path) { |n| "subproject-#{n}/package-lock.json" }
sequence(:source_file_path) { |n| "subproject-#{n}/package.json" }
end
data do
{
'category' => 'development',
'input_file' => { 'path' => input_file_path },
'source_file' => { 'path' => source_file_path },
'package_manager' => { 'name' => 'npm' },
'language' => { 'name' => 'JavaScript' }
}
end
fingerprint { Digest::SHA256.hexdigest(data.to_json) }
skip_create
initialize_with do
::Gitlab::Ci::Reports::Sbom::Source.new(
type: type,
data: data,
fingerprint: fingerprint
)
end
end
end

29
spec/frontend/google_tag_manager/index_spec.js
View File

@ -15,6 +15,7 @@ import {
trackTransaction,
trackAddToCartUsageTab,
getNamespaceId,
trackCompanyForm,
} from '~/google_tag_manager';
import { setHTMLFixture, resetHTMLFixture } from 'helpers/fixtures';
import { logError } from '~/lib/logger';
@ -440,6 +441,34 @@ describe('~/google_tag_manager/index', () => {
});
});
});
describe('when trackCompanyForm is invoked', () => {
it('with an ultimate trial', () => {
expect(spy).not.toHaveBeenCalled();
trackCompanyForm('ultimate_trial');
expect(spy).toHaveBeenCalledTimes(1);
expect(spy).toHaveBeenCalledWith({
event: 'aboutYourCompanyFormSubmit',
aboutYourCompanyType: 'ultimate_trial',
});
expect(logError).not.toHaveBeenCalled();
});
it('with a free account', () => {
expect(spy).not.toHaveBeenCalled();
trackCompanyForm('free_account');
expect(spy).toHaveBeenCalledTimes(1);
expect(spy).toHaveBeenCalledWith({
event: 'aboutYourCompanyFormSubmit',
aboutYourCompanyType: 'free_account',
});
expect(logError).not.toHaveBeenCalled();
});
});
});
describe.each([

1
spec/frontend/jobs/components/filtered_search/utils_spec.js
View File

@ -5,6 +5,7 @@ describe('Filtered search utils', () => {
it.each`
queryStringObject | expected
${{ statuses: 'SUCCESS' }} | ${{ statuses: 'SUCCESS' }}
${{ statuses: 'failed' }} | ${{ statuses: 'FAILED' }}
${{ wrong: 'SUCCESS' }} | ${null}
${{ statuses: 'wrong' }} | ${null}
${{ wrong: 'wrong' }} | ${null}

6
spec/lib/gitlab/ci/parsers/sbom/cyclonedx_spec.rb
View File

@ -102,11 +102,11 @@ RSpec.describe Gitlab::Ci::Parsers::Sbom::Cyclonedx do
it 'adds each component, ignoring unused attributes' do
expect(report).to receive(:add_component)
.with({ "name" => "activesupport", "version" => "5.1.4", "type" => "library" })
.with(an_object_having_attributes(name: "activesupport", version: "5.1.4", component_type: "library"))
expect(report).to receive(:add_component)
.with({ "name" => "byebug", "version" => "10.0.0", "type" => "library" })
.with(an_object_having_attributes(name: "byebug", version: "10.0.0", component_type: "library"))
expect(report).to receive(:add_component)
.with({ "name" => "minimal-component", "type" => "library" })
.with(an_object_having_attributes(name: "minimal-component", version: nil, component_type: "library"))
parse!
end

10
spec/lib/gitlab/ci/parsers/sbom/source/dependency_scanning_spec.rb
View File

@ -17,11 +17,11 @@ RSpec.describe Gitlab::Ci::Parsers::Sbom::Source::DependencyScanning do
end
it 'returns expected source data' do
is_expected.to eq({
'type' => :dependency_scanning,
'data' => property_data,
'fingerprint' => '4dbcb747e6f0fb3ed4f48d96b777f1d64acdf43e459fdfefad404e55c004a188'
})
is_expected.to have_attributes(
source_type: :dependency_scanning,
data: property_data,
fingerprint: '4dbcb747e6f0fb3ed4f48d96b777f1d64acdf43e459fdfefad404e55c004a188'
)
end
end

14
spec/lib/gitlab/ci/reports/sbom/component_spec.rb
View File

@ -5,19 +5,19 @@ require 'fast_spec_helper'
RSpec.describe Gitlab::Ci::Reports::Sbom::Component do
let(:attributes) do
{
'type' => 'library',
'name' => 'component-name',
'version' => 'v0.0.1'
type: 'library',
name: 'component-name',
version: 'v0.0.1'
}
end
subject { described_class.new(attributes) }
subject { described_class.new(**attributes) }
it 'has correct attributes' do
expect(subject).to have_attributes(
component_type: 'library',
name: 'component-name',
version: 'v0.0.1'
component_type: attributes[:type],
name: attributes[:name],
version: attributes[:version]
)
end
end

26
spec/lib/gitlab/ci/reports/sbom/report_spec.rb
View File

@ -15,40 +15,22 @@ RSpec.describe Gitlab::Ci::Reports::Sbom::Report do
end
describe '#set_source' do
let_it_be(:source) do
{
'type' => :dependency_scanning,
'data' => {
'input_file' => { 'path' => 'package-lock.json' },
'source_file' => { 'path' => 'package.json' },
'package_manager' => { 'name' => 'npm' },
'language' => { 'name' => 'JavaScript' }
},
'fingerprint' => 'c01df1dc736c1148717e053edbde56cb3a55d3e31f87cea955945b6f67c17d42'
}
end
let_it_be(:source) { create(:ci_reports_sbom_source) }
it 'stores the source' do
report.set_source(source)
expect(report.source).to be_a(Gitlab::Ci::Reports::Sbom::Source)
expect(report.source).to eq(source)
end
end
describe '#add_component' do
let_it_be(:components) do
[
{ 'type' => 'library', 'name' => 'component1', 'version' => 'v0.0.1' },
{ 'type' => 'library', 'name' => 'component2', 'version' => 'v0.0.2' },
{ 'type' => 'library', 'name' => 'component2' }
]
end
let_it_be(:components) { create_list(:ci_reports_sbom_component, 3) }
it 'appends components to a list' do
components.each { |component| report.add_component(component) }
expect(report.components.size).to eq(3)
expect(report.components).to all(be_a(Gitlab::Ci::Reports::Sbom::Component))
expect(report.components).to match_array(components)
end
end
end

14
spec/lib/gitlab/ci/reports/sbom/source_spec.rb
View File

@ -5,25 +5,25 @@ require 'fast_spec_helper'
RSpec.describe Gitlab::Ci::Reports::Sbom::Source do
let(:attributes) do
{
'type' => :dependency_scanning,
'data' => {
type: :dependency_scanning,
data: {
'category' => 'development',
'input_file' => { 'path' => 'package-lock.json' },
'source_file' => { 'path' => 'package.json' },
'package_manager' => { 'name' => 'npm' },
'language' => { 'name' => 'JavaScript' }
},
'fingerprint' => '4dbcb747e6f0fb3ed4f48d96b777f1d64acdf43e459fdfefad404e55c004a188'
fingerprint: '4dbcb747e6f0fb3ed4f48d96b777f1d64acdf43e459fdfefad404e55c004a188'
}
end
subject { described_class.new(attributes) }
subject { described_class.new(**attributes) }
it 'has correct attributes' do
expect(subject).to have_attributes(
source_type: attributes['type'],
data: attributes['data'],
fingerprint: attributes['fingerprint']
source_type: attributes[:type],
data: attributes[:data],
fingerprint: attributes[:fingerprint]
)
end
end

26
spec/serializers/impersonation_access_token_entity_spec.rb Normal file
View File

@ -0,0 +1,26 @@
# frozen_string_literal: true
require 'spec_helper'
RSpec.describe ImpersonationAccessTokenEntity do
let_it_be(:user) { create(:user) }
let_it_be(:token) { create(:personal_access_token, :impersonation, user: user) }
subject(:json) { described_class.new(token).as_json }
it 'has the correct attributes' do
expected_revoke_path = Gitlab::Routing.url_helpers
.revoke_admin_user_impersonation_token_path(
{ user_id: user, id: token })
expect(json).to(
include(
id: token.id,
name: token.name,
scopes: token.scopes,
user_id: token.user_id,
revoke_path: expected_revoke_path
))
expect(json).not_to include(:token)
end
end

20
spec/serializers/impersonation_access_token_serializer_spec.rb Normal file
View File

@ -0,0 +1,20 @@
# frozen_string_literal: true
require 'spec_helper'
RSpec.describe ImpersonationAccessTokenSerializer do
subject(:serializer) { described_class.new }
describe '#represent' do
it 'can render a single token' do
token = create(:personal_access_token)
expect(serializer.represent(token)).to be_kind_of(Hash)
end
it 'can render a collection of tokens' do
tokens = create_list(:personal_access_token, 2)
expect(serializer.represent(tokens)).to be_kind_of(Array)
end
end
end