Add latest changes from gitlab-org/gitlab@master
This commit is contained in:
parent
4f6d64e5bd
commit
66fc7ba6f3
|
@ -16,7 +16,7 @@ stages:
|
||||||
# in cases where jobs require Docker-in-Docker, the job
|
# in cases where jobs require Docker-in-Docker, the job
|
||||||
# definition must be extended with `.use-docker-in-docker`
|
# definition must be extended with `.use-docker-in-docker`
|
||||||
default:
|
default:
|
||||||
image: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images:debian-bullseye-ruby-2.7.patched-golang-1.16-git-2.33-lfs-2.9-chrome-97-node-14.15-yarn-1.22-postgresql-11-graphicsmagick-1.3.36
|
image: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images:debian-${DEBIAN_VERSION}-ruby-2.7.patched-golang-1.16-git-2.33-lfs-2.9-chrome-97-node-14.15-yarn-1.22-postgresql-11-graphicsmagick-1.3.36
|
||||||
tags:
|
tags:
|
||||||
- gitlab-org
|
- gitlab-org
|
||||||
# All jobs are interruptible by default
|
# All jobs are interruptible by default
|
||||||
|
@ -67,6 +67,7 @@ variables:
|
||||||
GIT_DEPTH: "20"
|
GIT_DEPTH: "20"
|
||||||
GIT_SUBMODULE_STRATEGY: "none"
|
GIT_SUBMODULE_STRATEGY: "none"
|
||||||
GET_SOURCES_ATTEMPTS: "3"
|
GET_SOURCES_ATTEMPTS: "3"
|
||||||
|
DEBIAN_VERSION: "bullseye"
|
||||||
|
|
||||||
KNAPSACK_RSPEC_SUITE_REPORT_PATH: knapsack/report-master.json
|
KNAPSACK_RSPEC_SUITE_REPORT_PATH: knapsack/report-master.json
|
||||||
FLAKY_RSPEC_SUITE_REPORT_PATH: rspec/flaky/report-suite.json
|
FLAKY_RSPEC_SUITE_REPORT_PATH: rspec/flaky/report-suite.json
|
||||||
|
|
|
@ -11,7 +11,7 @@
|
||||||
- .default-retry
|
- .default-retry
|
||||||
- .default-before_script
|
- .default-before_script
|
||||||
- .assets-compile-cache
|
- .assets-compile-cache
|
||||||
image: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images:debian-bullseye-ruby-2.7-git-2.33-lfs-2.9-node-14.15-yarn-1.22-graphicsmagick-1.3.36
|
image: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images:debian-${DEBIAN_VERSION}-ruby-2.7-git-2.33-lfs-2.9-node-14.15-yarn-1.22-graphicsmagick-1.3.36
|
||||||
variables:
|
variables:
|
||||||
SETUP_DB: "false"
|
SETUP_DB: "false"
|
||||||
WEBPACK_VENDOR_DLL: "true"
|
WEBPACK_VENDOR_DLL: "true"
|
||||||
|
|
|
@ -18,7 +18,7 @@
|
||||||
- source scripts/prepare_build.sh
|
- source scripts/prepare_build.sh
|
||||||
|
|
||||||
.ruby-gems-cache: &ruby-gems-cache
|
.ruby-gems-cache: &ruby-gems-cache
|
||||||
key: "ruby-gems-v2"
|
key: "ruby-gems-${DEBIAN_VERSION}"
|
||||||
paths:
|
paths:
|
||||||
- vendor/ruby/
|
- vendor/ruby/
|
||||||
policy: pull
|
policy: pull
|
||||||
|
@ -28,7 +28,7 @@
|
||||||
policy: push # We want to rebuild the cache from scratch to ensure stale dependencies are cleaned up.
|
policy: push # We want to rebuild the cache from scratch to ensure stale dependencies are cleaned up.
|
||||||
|
|
||||||
.gitaly-ruby-gems-cache: &gitaly-ruby-gems-cache
|
.gitaly-ruby-gems-cache: &gitaly-ruby-gems-cache
|
||||||
key: "gitaly-ruby-gems-v2"
|
key: "gitaly-ruby-gems-${DEBIAN_VERSION}"
|
||||||
paths:
|
paths:
|
||||||
- vendor/gitaly-ruby/
|
- vendor/gitaly-ruby/
|
||||||
policy: pull
|
policy: pull
|
||||||
|
@ -41,7 +41,7 @@
|
||||||
key:
|
key:
|
||||||
files:
|
files:
|
||||||
- GITALY_SERVER_VERSION
|
- GITALY_SERVER_VERSION
|
||||||
prefix: "gitaly-binaries"
|
prefix: "gitaly-binaries-${DEBIAN-VERSION}"
|
||||||
paths:
|
paths:
|
||||||
- tmp/tests/gitaly/_build/bin/
|
- tmp/tests/gitaly/_build/bin/
|
||||||
- tmp/tests/gitaly/_build/deps/git/install/
|
- tmp/tests/gitaly/_build/deps/git/install/
|
||||||
|
@ -56,7 +56,7 @@
|
||||||
policy: pull
|
policy: pull
|
||||||
|
|
||||||
.go-pkg-cache: &go-pkg-cache
|
.go-pkg-cache: &go-pkg-cache
|
||||||
key: "go-pkg-v1"
|
key: "go-pkg-${DEBIAN_VERSION}"
|
||||||
paths:
|
paths:
|
||||||
- .go/pkg/mod/
|
- .go/pkg/mod/
|
||||||
policy: pull
|
policy: pull
|
||||||
|
@ -66,7 +66,7 @@
|
||||||
policy: push # We want to rebuild the cache from scratch to ensure stale dependencies are cleaned up.
|
policy: push # We want to rebuild the cache from scratch to ensure stale dependencies are cleaned up.
|
||||||
|
|
||||||
.node-modules-cache: &node-modules-cache
|
.node-modules-cache: &node-modules-cache
|
||||||
key: "node-modules-${NODE_ENV}-v1"
|
key: "node-modules-${DEBIAN_VERSION}-${NODE_ENV}"
|
||||||
paths:
|
paths:
|
||||||
- node_modules/
|
- node_modules/
|
||||||
- tmp/cache/webpack-dlls/
|
- tmp/cache/webpack-dlls/
|
||||||
|
@ -77,7 +77,7 @@
|
||||||
policy: push # We want to rebuild the cache from scratch to ensure stale dependencies are cleaned up.
|
policy: push # We want to rebuild the cache from scratch to ensure stale dependencies are cleaned up.
|
||||||
|
|
||||||
.assets-cache: &assets-cache
|
.assets-cache: &assets-cache
|
||||||
key: "assets-${NODE_ENV}-v2"
|
key: "assets-${DEBIAN_VERSION}-${NODE_ENV}"
|
||||||
paths:
|
paths:
|
||||||
- assets-hash.txt
|
- assets-hash.txt
|
||||||
- public/assets/webpack/
|
- public/assets/webpack/
|
||||||
|
@ -91,7 +91,7 @@
|
||||||
policy: push # We want to rebuild the cache from scratch to ensure stale dependencies are cleaned up.
|
policy: push # We want to rebuild the cache from scratch to ensure stale dependencies are cleaned up.
|
||||||
|
|
||||||
.storybook-node-modules-cache: &storybook-node-modules-cache
|
.storybook-node-modules-cache: &storybook-node-modules-cache
|
||||||
key: "storybook-node-modules-${NODE_ENV}-v1"
|
key: "storybook-node-modules-${DEBIAN_VERSION}-${NODE_ENV}"
|
||||||
paths:
|
paths:
|
||||||
- storybook/node_modules/
|
- storybook/node_modules/
|
||||||
policy: pull
|
policy: pull
|
||||||
|
@ -101,7 +101,7 @@
|
||||||
policy: push # We want to rebuild the cache from scratch to ensure stale dependencies are cleaned up.
|
policy: push # We want to rebuild the cache from scratch to ensure stale dependencies are cleaned up.
|
||||||
|
|
||||||
.rubocop-cache: &rubocop-cache
|
.rubocop-cache: &rubocop-cache
|
||||||
key: "rubocop-v1"
|
key: "rubocop-${DEBIAN_VERSION}"
|
||||||
paths:
|
paths:
|
||||||
- tmp/rubocop_cache/
|
- tmp/rubocop_cache/
|
||||||
policy: pull
|
policy: pull
|
||||||
|
@ -113,7 +113,7 @@
|
||||||
policy: push
|
policy: push
|
||||||
|
|
||||||
.qa-ruby-gems-cache: &qa-ruby-gems-cache
|
.qa-ruby-gems-cache: &qa-ruby-gems-cache
|
||||||
key: "qa-ruby-gems-v1"
|
key: "qa-ruby-gems-${DEBIAN_VERSION}"
|
||||||
paths:
|
paths:
|
||||||
- qa/vendor/ruby/
|
- qa/vendor/ruby/
|
||||||
policy: pull
|
policy: pull
|
||||||
|
@ -213,7 +213,7 @@
|
||||||
- *storybook-node-modules-cache-push
|
- *storybook-node-modules-cache-push
|
||||||
|
|
||||||
.use-pg11:
|
.use-pg11:
|
||||||
image: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images:debian-bullseye-ruby-2.7.patched-golang-1.16-git-2.33-lfs-2.9-chrome-97-node-14.15-yarn-1.22-postgresql-11-graphicsmagick-1.3.36
|
image: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images:debian-${DEBIAN_VERSION}-ruby-2.7.patched-golang-1.16-git-2.33-lfs-2.9-chrome-97-node-14.15-yarn-1.22-postgresql-11-graphicsmagick-1.3.36
|
||||||
services:
|
services:
|
||||||
- name: postgres:11.6
|
- name: postgres:11.6
|
||||||
command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"]
|
command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"]
|
||||||
|
@ -222,7 +222,7 @@
|
||||||
POSTGRES_HOST_AUTH_METHOD: trust
|
POSTGRES_HOST_AUTH_METHOD: trust
|
||||||
|
|
||||||
.use-pg12:
|
.use-pg12:
|
||||||
image: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images:debian-bullseye-ruby-2.7.patched-golang-1.16-git-2.33-lfs-2.9-chrome-97-node-14.15-yarn-1.22-postgresql-12-graphicsmagick-1.3.36
|
image: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images:debian-${DEBIAN_VERSION}-ruby-2.7.patched-golang-1.16-git-2.33-lfs-2.9-chrome-97-node-14.15-yarn-1.22-postgresql-12-graphicsmagick-1.3.36
|
||||||
services:
|
services:
|
||||||
- name: postgres:12
|
- name: postgres:12
|
||||||
command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"]
|
command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"]
|
||||||
|
@ -231,7 +231,7 @@
|
||||||
POSTGRES_HOST_AUTH_METHOD: trust
|
POSTGRES_HOST_AUTH_METHOD: trust
|
||||||
|
|
||||||
.use-pg13:
|
.use-pg13:
|
||||||
image: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images:debian-bullseye-ruby-2.7.patched-golang-1.16-git-2.33-lfs-2.9-chrome-97-node-14.15-yarn-1.22-postgresql-13-graphicsmagick-1.3.36
|
image: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images:debian-${DEBIAN_VERSION}-ruby-2.7.patched-golang-1.16-git-2.33-lfs-2.9-chrome-97-node-14.15-yarn-1.22-postgresql-13-graphicsmagick-1.3.36
|
||||||
services:
|
services:
|
||||||
- name: postgres:13
|
- name: postgres:13
|
||||||
command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"]
|
command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"]
|
||||||
|
@ -240,7 +240,7 @@
|
||||||
POSTGRES_HOST_AUTH_METHOD: trust
|
POSTGRES_HOST_AUTH_METHOD: trust
|
||||||
|
|
||||||
.use-pg11-ee:
|
.use-pg11-ee:
|
||||||
image: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images:debian-bullseye-ruby-2.7.patched-golang-1.16-git-2.33-lfs-2.9-chrome-97-node-14.15-yarn-1.22-postgresql-11-graphicsmagick-1.3.36
|
image: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images:debian-${DEBIAN_VERSION}-ruby-2.7.patched-golang-1.16-git-2.33-lfs-2.9-chrome-97-node-14.15-yarn-1.22-postgresql-11-graphicsmagick-1.3.36
|
||||||
services:
|
services:
|
||||||
- name: postgres:11.6
|
- name: postgres:11.6
|
||||||
command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"]
|
command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"]
|
||||||
|
@ -251,7 +251,7 @@
|
||||||
POSTGRES_HOST_AUTH_METHOD: trust
|
POSTGRES_HOST_AUTH_METHOD: trust
|
||||||
|
|
||||||
.use-pg12-ee:
|
.use-pg12-ee:
|
||||||
image: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images:debian-bullseye-ruby-2.7.patched-golang-1.16-git-2.33-lfs-2.9-chrome-97-node-14.15-yarn-1.22-postgresql-12-graphicsmagick-1.3.36
|
image: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images:debian-${DEBIAN_VERSION}-ruby-2.7.patched-golang-1.16-git-2.33-lfs-2.9-chrome-97-node-14.15-yarn-1.22-postgresql-12-graphicsmagick-1.3.36
|
||||||
services:
|
services:
|
||||||
- name: postgres:12
|
- name: postgres:12
|
||||||
command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"]
|
command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"]
|
||||||
|
@ -262,7 +262,7 @@
|
||||||
POSTGRES_HOST_AUTH_METHOD: trust
|
POSTGRES_HOST_AUTH_METHOD: trust
|
||||||
|
|
||||||
.use-pg13-ee:
|
.use-pg13-ee:
|
||||||
image: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images:debian-bullseye-ruby-2.7.patched-golang-1.16-git-2.33-lfs-2.9-chrome-97-node-14.15-yarn-1.22-postgresql-13-graphicsmagick-1.3.36
|
image: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images:debian-${DEBIAN_VERSION}-ruby-2.7.patched-golang-1.16-git-2.33-lfs-2.9-chrome-97-node-14.15-yarn-1.22-postgresql-13-graphicsmagick-1.3.36
|
||||||
services:
|
services:
|
||||||
- name: postgres:13
|
- name: postgres:13
|
||||||
command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"]
|
command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"]
|
||||||
|
|
|
@ -22,8 +22,8 @@ workhorse:verify:
|
||||||
|
|
||||||
workhorse:test using go 1.16:
|
workhorse:test using go 1.16:
|
||||||
extends: .workhorse:test
|
extends: .workhorse:test
|
||||||
image: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images:debian-bullseye-ruby-2.7-golang-1.16-git-2.31
|
image: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images:debian-${DEBIAN_VERSION}-ruby-2.7-golang-1.16-git-2.31
|
||||||
|
|
||||||
workhorse:test using go 1.17:
|
workhorse:test using go 1.17:
|
||||||
extends: .workhorse:test
|
extends: .workhorse:test
|
||||||
image: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images:debian-bullseye-ruby-2.7-golang-1.17-git-2.31
|
image: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images:debian-${DEBIAN_VERSION}-ruby-2.7-golang-1.17-git-2.31
|
||||||
|
|
|
@ -218,6 +218,10 @@ $tabs-holder-z-index: 250;
|
||||||
.epic-tabs-holder {
|
.epic-tabs-holder {
|
||||||
top: $header-height;
|
top: $header-height;
|
||||||
z-index: $tabs-holder-z-index;
|
z-index: $tabs-holder-z-index;
|
||||||
|
margin-left: -$gl-padding;
|
||||||
|
margin-right: -$gl-padding;
|
||||||
|
padding-left: $gl-padding;
|
||||||
|
padding-right: $gl-padding;
|
||||||
background-color: $body-bg;
|
background-color: $body-bg;
|
||||||
border-bottom: 1px solid $border-color;
|
border-bottom: 1px solid $border-color;
|
||||||
|
|
||||||
|
|
|
@ -83,8 +83,16 @@ module WebpackHelper
|
||||||
end
|
end
|
||||||
|
|
||||||
def webpack_public_host
|
def webpack_public_host
|
||||||
# We proxy webpack output in 'test' and 'dev' environment, so we can just use asset_host
|
# We do not proxy the webpack output in the 'test' environment,
|
||||||
ActionController::Base.asset_host.try(:chomp, '/')
|
# so we must reference the webpack dev server directly.
|
||||||
|
if Rails.env.test? && Gitlab.config.webpack.dev_server.enabled
|
||||||
|
host = Gitlab.config.webpack.dev_server.host
|
||||||
|
port = Gitlab.config.webpack.dev_server.port
|
||||||
|
protocol = Gitlab.config.webpack.dev_server.https ? 'https' : 'http'
|
||||||
|
"#{protocol}://#{host}:#{port}"
|
||||||
|
else
|
||||||
|
ActionController::Base.asset_host.try(:chomp, '/')
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
def webpack_public_path
|
def webpack_public_path
|
||||||
|
|
|
@ -21,7 +21,7 @@ if app.config.public_file_server.enabled
|
||||||
|
|
||||||
# If webpack-dev-server is configured, proxy webpack's public directory
|
# If webpack-dev-server is configured, proxy webpack's public directory
|
||||||
# instead of looking for static assets
|
# instead of looking for static assets
|
||||||
if Gitlab.config.webpack.dev_server.enabled && Gitlab.dev_or_test_env?
|
if Gitlab.config.webpack.dev_server.enabled && Rails.env.development?
|
||||||
app.config.middleware.insert_before(
|
app.config.middleware.insert_before(
|
||||||
Gitlab::Middleware::Static,
|
Gitlab::Middleware::Static,
|
||||||
Gitlab::Webpack::DevServerMiddleware,
|
Gitlab::Webpack::DevServerMiddleware,
|
||||||
|
|
|
@ -0,0 +1,20 @@
|
||||||
|
- name: "Deprecate legacy Gitaly configuration methods" # The name of the feature to be deprecated
|
||||||
|
announcement_milestone: "14.8" # The milestone when this feature was first announced as deprecated.
|
||||||
|
announcement_date: "2022-02-22" # The date of the milestone release when this feature was first announced as deprecated. This should almost always be the 22nd of a month (YYYY-MM-22), unless you did an out of band blog post.
|
||||||
|
removal_milestone: "15.0" # The milestone when this feature is planned to be removed
|
||||||
|
removal_date: "2022-05-22" # The date of the milestone release when this feature is planned to be removed. This should almost always be the 22nd of a month (YYYY-MM-22), unless you did an out of band blog post.
|
||||||
|
breaking_change: true # If this deprecation is a breaking change, set this value to true
|
||||||
|
reporter: mjwood # GitLab username of the person reporting the deprecation
|
||||||
|
body: | # Do not modify this line, instead modify the lines below.
|
||||||
|
Using environment variables `GIT_CONFIG_SYSTEM` and `GIT_CONFIG_GLOBAL` to configure Gitaly is [deprecated](https://gitlab.com/gitlab-org/gitlab/-/issues/352609).
|
||||||
|
These variables are being replaced with standard [`config.toml` Gitaly configuration](https://docs.gitlab.com/ee/administration/gitaly/reference.html).
|
||||||
|
|
||||||
|
GitLab instances that use `GIT_CONFIG_SYSTEM` and `GIT_CONFIG_GLOBAL` to configure Gitaly should switch to configuring using
|
||||||
|
`config.toml`.
|
||||||
|
# The following items are not published on the docs page, but may be used in the future.
|
||||||
|
stage: "Create" # (optional - may be required in the future) String value of the stage that the feature was created in. e.g., Growth
|
||||||
|
tiers: # (optional - may be required in the future) An array of tiers that the feature is available in currently. e.g., [Free, Silver, Gold, Core, Premium, Ultimate]
|
||||||
|
issue_url: "https://gitlab.com/gitlab-org/gitlab/-/issues/352609" # (optional) This is a link to the deprecation issue in GitLab
|
||||||
|
documentation_url: "https://docs.gitlab.com/ee/administration/gitaly/reference.html" # (optional) This is a link to the current documentation page
|
||||||
|
image_url: # (optional) This is a link to a thumbnail image depicting the feature
|
||||||
|
video_url: # (optional) Use the youtube thumbnail URL with the structure of https://img.youtube.com/vi/UNIQUEID/hqdefault.jpg
|
|
@ -0,0 +1,24 @@
|
||||||
|
- name: "OAuth tokens without expiration" # The name of the feature to be deprecated
|
||||||
|
announcement_milestone: "14.8" # The milestone when this feature was first announced as deprecated.
|
||||||
|
announcement_date: "2022-02-22" # The date of the milestone release when this feature was first announced as deprecated. This should almost always be the 22nd of a month (YYYY-MM-22), unless you did an out of band blog post.
|
||||||
|
removal_milestone: "15.0" # The milestone when this feature is planned to be removed
|
||||||
|
removal_date: 2022-05-22 # The date of the milestone release when this feature was first announced as deprecated. This should almost always be the 22nd of a month (YYYY-MM-22), unless you did an out of band blog post.
|
||||||
|
breaking_change: true # If this deprecation is a breaking change, set this value to true
|
||||||
|
body: | # Do not modify this line, instead modify the lines below.
|
||||||
|
By default, all new applications expire access tokens after 2 hours. In GitLab 14.2 and earlier, OAuth access tokens
|
||||||
|
had no expiration. In GitLab 15.0, an expiry will be automatically generated for any existing token that does not
|
||||||
|
already have one.
|
||||||
|
|
||||||
|
You should [opt in](https://docs.gitlab.com/ee/integration/oauth_provider.html#expiring-access-tokens) to expiring
|
||||||
|
tokens before GitLab 15.0 is released:
|
||||||
|
|
||||||
|
1. Edit the application.
|
||||||
|
1. Select **Expire access tokens** to enable them. Tokens must be revoked or they don’t expire.
|
||||||
|
|
||||||
|
# The following items are not published on the docs page, but may be used in the future.
|
||||||
|
stage: # Manage
|
||||||
|
tiers: # (optional - may be required in the future) An array of tiers that the feature is available in currently. e.g., [Free, Silver, Gold, Core, Premium, Ultimate]
|
||||||
|
issue_url: # https://gitlab.com/gitlab-org/gitlab/-/issues/21745
|
||||||
|
documentation_url: # (optional) This is a link to the current documentation page
|
||||||
|
image_url: # (optional) This is a link to a thumbnail image depicting the feature
|
||||||
|
video_url: # (optional) Use the youtube thumbnail URL with the structure of https://img.youtube.com/vi/UNIQUEID/hqdefault.jpg
|
|
@ -86,23 +86,20 @@ To create an application for your GitLab instance:
|
||||||
When creating application in the **Admin Area** , you can mark it as _trusted_.
|
When creating application in the **Admin Area** , you can mark it as _trusted_.
|
||||||
The user authorization step is automatically skipped for this application.
|
The user authorization step is automatically skipped for this application.
|
||||||
|
|
||||||
## Expiring Access Tokens
|
## Expiring access tokens
|
||||||
|
|
||||||
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/21745) in GitLab 14.3.
|
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/21745) in GitLab 14.3.
|
||||||
|
|
||||||
By default, all new applications expire access tokens after 2 hours. In GitLab 14.2 and
|
WARNING:
|
||||||
earlier, OAuth access tokens had no expiration.
|
The ability to opt-out of expiring access tokens [is deprecated](https://gitlab.com/gitlab-org/gitlab/-/issues/340848).
|
||||||
|
All existing integrations should be updated to support access token refresh.
|
||||||
|
|
||||||
All integrations should update to support access token refresh.
|
Access tokens expire in two hours which means that integrations that use them must support generating new access
|
||||||
|
tokens at least every two hours. Existing:
|
||||||
|
|
||||||
When creating new applications, you can opt-out of expiry for backward compatibility by clearing
|
- Applications can have expiring access tokens:
|
||||||
**Expire access tokens** when creating them. The ability to opt-out
|
1. Edit the application.
|
||||||
[is deprecated](https://gitlab.com/gitlab-org/gitlab/-/issues/340848).
|
1. Select **Expire access tokens**.
|
||||||
|
|
||||||
Existing:
|
|
||||||
|
|
||||||
- Applications can have expiring access tokens. Edit the application and select
|
|
||||||
**Expire access tokens** to enable them.
|
|
||||||
- Tokens must be [revoked](../api/oauth2.md#revoke-a-token) or they don't expire.
|
- Tokens must be [revoked](../api/oauth2.md#revoke-a-token) or they don't expire.
|
||||||
|
|
||||||
When applications are deleted, all grants and tokens associated with the application are also deleted.
|
When applications are deleted, all grants and tokens associated with the application are also deleted.
|
||||||
|
|
|
@ -809,6 +809,22 @@ The following `geo:db:*` tasks will be replaced with their corresponding `db:*:g
|
||||||
|
|
||||||
**Planned removal milestone: 15.0 (2022-05-22)**
|
**Planned removal milestone: 15.0 (2022-05-22)**
|
||||||
|
|
||||||
|
### Deprecate legacy Gitaly configuration methods
|
||||||
|
|
||||||
|
WARNING:
|
||||||
|
This feature will be changed or removed in 15.0
|
||||||
|
as a [breaking change](https://docs.gitlab.com/ee/development/contributing/#breaking-changes).
|
||||||
|
Before updating GitLab, review the details carefully to determine if you need to make any
|
||||||
|
changes to your code, settings, or workflow.
|
||||||
|
|
||||||
|
Using environment variables `GIT_CONFIG_SYSTEM` and `GIT_CONFIG_GLOBAL` to configure Gitaly is [deprecated](https://gitlab.com/gitlab-org/gitlab/-/issues/352609).
|
||||||
|
These variables are being replaced with standard [`config.toml` Gitaly configuration](https://docs.gitlab.com/ee/administration/gitaly/reference.html).
|
||||||
|
|
||||||
|
GitLab instances that use `GIT_CONFIG_SYSTEM` and `GIT_CONFIG_GLOBAL` to configure Gitaly should switch to configuring using
|
||||||
|
`config.toml`.
|
||||||
|
|
||||||
|
**Planned removal milestone: 15.0 (2022-05-22)**
|
||||||
|
|
||||||
### Elasticsearch 6.8
|
### Elasticsearch 6.8
|
||||||
|
|
||||||
WARNING:
|
WARNING:
|
||||||
|
@ -851,6 +867,26 @@ To align with this change, API calls to list external status checks will also re
|
||||||
|
|
||||||
**Planned removal milestone: 15.0 (2022-05-22)**
|
**Planned removal milestone: 15.0 (2022-05-22)**
|
||||||
|
|
||||||
|
### OAuth tokens without expiration
|
||||||
|
|
||||||
|
WARNING:
|
||||||
|
This feature will be changed or removed in 15.0
|
||||||
|
as a [breaking change](https://docs.gitlab.com/ee/development/contributing/#breaking-changes).
|
||||||
|
Before updating GitLab, review the details carefully to determine if you need to make any
|
||||||
|
changes to your code, settings, or workflow.
|
||||||
|
|
||||||
|
By default, all new applications expire access tokens after 2 hours. In GitLab 14.2 and earlier, OAuth access tokens
|
||||||
|
had no expiration. In GitLab 15.0, an expiry will be automatically generated for any existing token that does not
|
||||||
|
already have one.
|
||||||
|
|
||||||
|
You should [opt in](https://docs.gitlab.com/ee/integration/oauth_provider.html#expiring-access-tokens) to expiring
|
||||||
|
tokens before GitLab 15.0 is released:
|
||||||
|
|
||||||
|
1. Edit the application.
|
||||||
|
1. Select **Expire access tokens** to enable them. Tokens must be revoked or they don’t expire.
|
||||||
|
|
||||||
|
**Planned removal milestone: 15.0 (2022-05-22)**
|
||||||
|
|
||||||
### Optional enforcement of PAT expiration
|
### Optional enforcement of PAT expiration
|
||||||
|
|
||||||
WARNING:
|
WARNING:
|
||||||
|
|
|
@ -569,7 +569,6 @@ The following variables are used for configuring specific analyzers (used for a
|
||||||
| `PIP_REQUIREMENTS_FILE` | `gemnasium-python` | | Pip requirements file to be scanned. |
|
| `PIP_REQUIREMENTS_FILE` | `gemnasium-python` | | Pip requirements file to be scanned. |
|
||||||
| `DS_PIP_VERSION` | `gemnasium-python` | | Force the install of a specific pip version (example: `"19.3"`), otherwise the pip installed in the Docker image is used. ([Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/12811) in GitLab 12.7) |
|
| `DS_PIP_VERSION` | `gemnasium-python` | | Force the install of a specific pip version (example: `"19.3"`), otherwise the pip installed in the Docker image is used. ([Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/12811) in GitLab 12.7) |
|
||||||
| `DS_PIP_DEPENDENCY_PATH` | `gemnasium-python` | | Path to load Python pip dependencies from. ([Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/12412) in GitLab 12.2) |
|
| `DS_PIP_DEPENDENCY_PATH` | `gemnasium-python` | | Path to load Python pip dependencies from. ([Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/12412) in GitLab 12.2) |
|
||||||
| `DS_PYTHON_VERSION` | `retire.js` | | Version of Python. If set to 2, dependencies are installed using Python 2.7 instead of Python 3.6. ([Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/12296) in GitLab 12.1, [removed](https://www.python.org/doc/sunset-python-2/) in GitLab 13.7). |
|
|
||||||
| `RETIREJS_JS_ADVISORY_DB` | `retire.js` | `https://raw.githubusercontent.com/RetireJS/retire.js/master/repository/jsrepository.json` | Path or URL to `retire.js` JS vulnerability data file. Note that if the URL hosting the data file uses a custom SSL certificate, for example in an offline installation, you can pass the certificate in the `ADDITIONAL_CA_CERT_BUNDLE` variable. |
|
| `RETIREJS_JS_ADVISORY_DB` | `retire.js` | `https://raw.githubusercontent.com/RetireJS/retire.js/master/repository/jsrepository.json` | Path or URL to `retire.js` JS vulnerability data file. Note that if the URL hosting the data file uses a custom SSL certificate, for example in an offline installation, you can pass the certificate in the `ADDITIONAL_CA_CERT_BUNDLE` variable. |
|
||||||
| `RETIREJS_NODE_ADVISORY_DB` | `retire.js` | `https://raw.githubusercontent.com/RetireJS/retire.js/master/repository/npmrepository.json` | Path or URL to `retire.js` node vulnerability data file. Note that if the URL hosting the data file uses a custom SSL certificate, for example in an offline installation, you can pass the certificate in the `ADDITIONAL_CA_CERT_BUNDLE` variable. |
|
| `RETIREJS_NODE_ADVISORY_DB` | `retire.js` | `https://raw.githubusercontent.com/RetireJS/retire.js/master/repository/npmrepository.json` | Path or URL to `retire.js` node vulnerability data file. Note that if the URL hosting the data file uses a custom SSL certificate, for example in an offline installation, you can pass the certificate in the `ADDITIONAL_CA_CERT_BUNDLE` variable. |
|
||||||
| `RETIREJS_ADVISORY_DB_INSECURE` | `retire.js` | `false` | Enable fetching remote JS and Node vulnerability data files (defined by the `RETIREJS_JS_ADVISORY_DB` and `RETIREJS_NODE_ADVISORY_DB` variables) from hosts using an insecure or self-signed SSL (TLS) certificate. |
|
| `RETIREJS_ADVISORY_DB_INSECURE` | `retire.js` | `false` | Enable fetching remote JS and Node vulnerability data files (defined by the `RETIREJS_JS_ADVISORY_DB` and `RETIREJS_NODE_ADVISORY_DB` variables) from hosts using an insecure or self-signed SSL (TLS) certificate. |
|
||||||
|
|
|
@ -288,12 +288,14 @@ brakeman-sast:
|
||||||
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/235382) in GitLab 13.5.
|
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/235382) in GitLab 13.5.
|
||||||
> - [Added](https://gitlab.com/gitlab-org/gitlab/-/issues/339614) support for
|
> - [Added](https://gitlab.com/gitlab-org/gitlab/-/issues/339614) support for
|
||||||
> passthrough chains. Expanded to include additional passthrough types of `file`, `git`, and `url` in GitLab 14.6.
|
> passthrough chains. Expanded to include additional passthrough types of `file`, `git`, and `url` in GitLab 14.6.
|
||||||
|
> - [Added](https://gitlab.com/gitlab-org/gitlab/-/issues/235359) support for overriding rules in GitLab 14.8.
|
||||||
|
|
||||||
You can customize the default scanning rules provided by our SAST analyzers.
|
You can customize the default scanning rules provided by our SAST analyzers.
|
||||||
Ruleset customization supports two capabilities that can be used
|
Ruleset customization supports the following that can be used
|
||||||
simultaneously:
|
simultaneously:
|
||||||
|
|
||||||
- [Disabling predefined rules](index.md#disable-predefined-analyzer-rules). Available for all analyzers.
|
- [Disabling predefined rules](index.md#disable-predefined-analyzer-rules). Available for all analyzers.
|
||||||
|
- [Overriding predefined rules](index.md#override-predefined-analyzer-rules). Available for all analyzers.
|
||||||
- Modifying the default behavior of a given analyzer by [synthesizing and passing a custom configuration](index.md#synthesize-a-custom-configuration). Available for only `nodejs-scan`, `gosec`, and `semgrep`.
|
- Modifying the default behavior of a given analyzer by [synthesizing and passing a custom configuration](index.md#synthesize-a-custom-configuration). Available for only `nodejs-scan`, `gosec`, and `semgrep`.
|
||||||
|
|
||||||
To customize the default scanning rules, create a file containing custom rules. These rules
|
To customize the default scanning rules, create a file containing custom rules. These rules
|
||||||
|
@ -343,6 +345,50 @@ and `sobelow` by matching the `type` and `value` of identifiers:
|
||||||
value = "sql_injection"
|
value = "sql_injection"
|
||||||
```
|
```
|
||||||
|
|
||||||
|
#### Override predefined analyzer rules
|
||||||
|
|
||||||
|
To override analyzer rules:
|
||||||
|
|
||||||
|
1. In one or more `ruleset.identifier` subsections, list the rules that you want to override. Every `ruleset.identifier` section has:
|
||||||
|
|
||||||
|
- a `type` field, to name the predefined rule identifier that the targeted analyzer uses.
|
||||||
|
- a `value` field, to name the rule to be overridden.
|
||||||
|
|
||||||
|
1. In the `ruleset.override` context of a `ruleset` section,
|
||||||
|
provide the keys to override. Any combination of keys can be
|
||||||
|
overridden. Valid keys are:
|
||||||
|
|
||||||
|
- description
|
||||||
|
- message
|
||||||
|
- name
|
||||||
|
- severity (valid options are: Critical, High, Medium, Low, Unknown, Info)
|
||||||
|
|
||||||
|
##### Example: Override predefined rules of SAST analyzers
|
||||||
|
|
||||||
|
In the following example, rules from `eslint`
|
||||||
|
and `gosec` are matched by the `type` and `value` of identifiers and
|
||||||
|
then overridden:
|
||||||
|
|
||||||
|
```toml
|
||||||
|
[eslint]
|
||||||
|
[[eslint.ruleset]]
|
||||||
|
[eslint.ruleset.identifier]
|
||||||
|
type = "eslint_rule_id"
|
||||||
|
value = "security/detect-object-injection"
|
||||||
|
[eslint.ruleset.override]
|
||||||
|
description = "OVERRIDDEN description"
|
||||||
|
message = "OVERRIDDEN message"
|
||||||
|
name = "OVERRIDDEN name"
|
||||||
|
severity = "Critical"
|
||||||
|
[gosec]
|
||||||
|
[[gosec.ruleset]]
|
||||||
|
[gosec.ruleset.identifier]
|
||||||
|
type = "CWE"
|
||||||
|
value = "CWE-79"
|
||||||
|
[gosec.ruleset.override]
|
||||||
|
severity = "Critical"
|
||||||
|
```
|
||||||
|
|
||||||
#### Synthesize a custom configuration
|
#### Synthesize a custom configuration
|
||||||
|
|
||||||
To create a custom configuration, you can use passthrough chains.
|
To create a custom configuration, you can use passthrough chains.
|
||||||
|
|
|
@ -182,14 +182,89 @@ Secret Detection can be customized by defining available CI/CD variables:
|
||||||
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/211387) in GitLab 13.5.
|
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/211387) in GitLab 13.5.
|
||||||
> - [Added](https://gitlab.com/gitlab-org/gitlab/-/issues/339614) support for
|
> - [Added](https://gitlab.com/gitlab-org/gitlab/-/issues/339614) support for
|
||||||
> passthrough chains. Expanded to include additional passthrough types of `file`, `git`, and `url` in GitLab 14.6.
|
> passthrough chains. Expanded to include additional passthrough types of `file`, `git`, and `url` in GitLab 14.6.
|
||||||
|
> - [Added](https://gitlab.com/gitlab-org/gitlab/-/issues/235359) support for overriding rules in GitLab 14.8.
|
||||||
|
|
||||||
You can customize the default secret detection rules provided with GitLab.
|
You can customize the default secret detection rules provided with GitLab.
|
||||||
|
Ruleset customization supports the following capabilities that can be used
|
||||||
|
simultaneously:
|
||||||
|
|
||||||
|
- [Disabling predefined rules](index.md#disable-predefined-analyzer-rules).
|
||||||
|
- [Overriding predefined rules](index.md#override-predefined-analyzer-rules).
|
||||||
|
- Modifying the default behavior of the Secret Detection analyzer by [synthesizing and passing a custom configuration](index.md#synthesize-a-custom-configuration). Available for only `nodejs-scan`, `gosec`, and `semgrep`.
|
||||||
|
|
||||||
Customization allows replacing the default secret detection rules with rules that you define.
|
Customization allows replacing the default secret detection rules with rules that you define.
|
||||||
|
|
||||||
To create a custom ruleset:
|
To create a custom ruleset:
|
||||||
|
|
||||||
1. Create a `.gitlab` directory at the root of your project, if one doesn't already exist.
|
1. Create a `.gitlab` directory at the root of your project, if one doesn't already exist.
|
||||||
1. Create a custom ruleset file named `secret-detection-ruleset.toml` in the `.gitlab` directory.
|
1. Create a custom ruleset file named `secret-detection-ruleset.toml` in the `.gitlab` directory.
|
||||||
|
|
||||||
|
#### Disable predefined analyzer rules
|
||||||
|
|
||||||
|
To disable analyzer rules:
|
||||||
|
|
||||||
|
1. Set the `disabled` flag to `true` in the context of a `ruleset` section.
|
||||||
|
|
||||||
|
1. In one or more `ruleset.identifier` subsections, list the rules that you want disabled. Every `ruleset.identifier` section has:
|
||||||
|
|
||||||
|
- a `type` field, to name the predefined rule identifier.
|
||||||
|
- a `value` field, to name the rule to be disabled.
|
||||||
|
|
||||||
|
##### Example: Disable predefined rules of Secret Detection analyzer
|
||||||
|
|
||||||
|
In the following example, the disabled rules is assigned to `secrets`
|
||||||
|
by matching the `type` and `value` of identifiers:
|
||||||
|
|
||||||
|
```toml
|
||||||
|
[secrets]
|
||||||
|
[[secrets.ruleset]]
|
||||||
|
disable = true
|
||||||
|
[secrets.ruleset.identifier]
|
||||||
|
type = "gitleaks_rule_id"
|
||||||
|
value = "RSA private key"
|
||||||
|
```
|
||||||
|
|
||||||
|
#### Override predefined analyzer rules
|
||||||
|
|
||||||
|
To override rules:
|
||||||
|
|
||||||
|
1. In one or more `ruleset.identifier` subsections, list the rules that you want to override. Every `ruleset.identifier` section has:
|
||||||
|
|
||||||
|
- a `type` field, to name the predefined rule identifier that the Secret Detection analyzer uses.
|
||||||
|
- a `value` field, to name the rule to be overridden.
|
||||||
|
|
||||||
|
1. In the `ruleset.override` context of a `ruleset` section,
|
||||||
|
provide the keys to override. Any combination of keys can be
|
||||||
|
overridden. Valid keys are:
|
||||||
|
|
||||||
|
- description
|
||||||
|
- message
|
||||||
|
- name
|
||||||
|
- severity (valid options are: Critical, High, Medium, Low, Unknown, Info)
|
||||||
|
|
||||||
|
##### Example: Override predefined rules of Secret Detection analyzer
|
||||||
|
|
||||||
|
In the following example, rules
|
||||||
|
are matched by the `type` and `value` of identifiers and
|
||||||
|
then overridden:
|
||||||
|
|
||||||
|
```toml
|
||||||
|
[secrets]
|
||||||
|
[[secrets.ruleset]]
|
||||||
|
[secrets.ruleset.identifier]
|
||||||
|
type = "gitleaks_rule_id"
|
||||||
|
value = "RSA private key"
|
||||||
|
[secrets.ruleset.override]
|
||||||
|
description = "OVERRIDDEN description"
|
||||||
|
message = "OVERRIDDEN message"
|
||||||
|
name = "OVERRIDDEN name"
|
||||||
|
severity = "Info"
|
||||||
|
```
|
||||||
|
|
||||||
|
#### Synthesize a custom configuration
|
||||||
|
|
||||||
|
To create a custom configuration, you can use passthrough chains.
|
||||||
|
|
||||||
1. In the `secret-detection-ruleset.toml` file, do one of the following:
|
1. In the `secret-detection-ruleset.toml` file, do one of the following:
|
||||||
|
|
||||||
- Define a custom ruleset:
|
- Define a custom ruleset:
|
||||||
|
|
|
@ -6,23 +6,32 @@ namespace :gitlab do
|
||||||
namespace :db do
|
namespace :db do
|
||||||
desc 'GitLab | DB | Manually insert schema migration version'
|
desc 'GitLab | DB | Manually insert schema migration version'
|
||||||
task :mark_migration_complete, [:version] => :environment do |_, args|
|
task :mark_migration_complete, [:version] => :environment do |_, args|
|
||||||
unless args[:version]
|
mark_migration_complete(args[:version])
|
||||||
puts "Must specify a migration version as an argument".color(:red)
|
end
|
||||||
|
|
||||||
|
namespace :mark_migration_complete do
|
||||||
|
ActiveRecord::Tasks::DatabaseTasks.for_each(databases) do |name|
|
||||||
|
desc "Gitlab | DB | Manually insert schema migration version on #{name} database"
|
||||||
|
task name, [:version] => :environment do |_, args|
|
||||||
|
mark_migration_complete(args[:version], database: name)
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
def mark_migration_complete(version, database: nil)
|
||||||
|
if version.to_i == 0
|
||||||
|
puts 'Must give a version argument that is a non-zero integer'.color(:red)
|
||||||
exit 1
|
exit 1
|
||||||
end
|
end
|
||||||
|
|
||||||
version = args[:version].to_i
|
Gitlab::Database.database_base_models.each do |name, model|
|
||||||
if version == 0
|
next if database && database.to_s != name
|
||||||
puts "Version '#{args[:version]}' must be a non-zero integer".color(:red)
|
|
||||||
exit 1
|
|
||||||
end
|
|
||||||
|
|
||||||
sql = "INSERT INTO schema_migrations (version) VALUES (#{version})"
|
model.connection.execute("INSERT INTO schema_migrations (version) VALUES (#{model.connection.quote(version)})")
|
||||||
begin
|
|
||||||
ActiveRecord::Base.connection.execute(sql)
|
puts "Successfully marked '#{version}' as complete on database #{name}".color(:green)
|
||||||
puts "Successfully marked '#{version}' as complete".color(:green)
|
|
||||||
rescue ActiveRecord::RecordNotUnique
|
rescue ActiveRecord::RecordNotUnique
|
||||||
puts "Migration version '#{version}' is already marked complete".color(:yellow)
|
puts "Migration version '#{version}' is already marked complete on database #{name}".color(:yellow)
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
|
@ -12,7 +12,7 @@ module QA
|
||||||
Flow::Login.sign_in
|
Flow::Login.sign_in
|
||||||
end
|
end
|
||||||
|
|
||||||
it 'user adds a design and annotates it', testcase: 'https://gitlab.com/gitlab-org/gitlab/-/quality/test_cases/347822' do
|
it 'user adds a design and annotates it', quarantine: { issue: 'https://gitlab.com/gitlab-org/gitlab/-/issues/352746', type: :investigating }, testcase: 'https://gitlab.com/gitlab-org/gitlab/-/quality/test_cases/347822' do
|
||||||
issue.visit!
|
issue.visit!
|
||||||
|
|
||||||
Page::Project::Issue::Show.perform do |issue|
|
Page::Project::Issue::Show.perform do |issue|
|
||||||
|
|
|
@ -4194,6 +4194,8 @@ RSpec.describe User do
|
||||||
|
|
||||||
context 'when FF ci_owned_runners_cross_joins_fix is disabled' do
|
context 'when FF ci_owned_runners_cross_joins_fix is disabled' do
|
||||||
before do
|
before do
|
||||||
|
skip_if_multiple_databases_are_setup
|
||||||
|
|
||||||
stub_feature_flags(ci_owned_runners_cross_joins_fix: false)
|
stub_feature_flags(ci_owned_runners_cross_joins_fix: false)
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
|
@ -750,6 +750,8 @@ module Ci
|
||||||
|
|
||||||
context 'with ci_queuing_use_denormalized_data_strategy disabled' do
|
context 'with ci_queuing_use_denormalized_data_strategy disabled' do
|
||||||
before do
|
before do
|
||||||
|
skip_if_multiple_databases_are_setup
|
||||||
|
|
||||||
stub_feature_flags(ci_queuing_use_denormalized_data_strategy: false)
|
stub_feature_flags(ci_queuing_use_denormalized_data_strategy: false)
|
||||||
end
|
end
|
||||||
|
|
||||||
|
@ -773,6 +775,8 @@ module Ci
|
||||||
|
|
||||||
context 'when not using pending builds table' do
|
context 'when not using pending builds table' do
|
||||||
before do
|
before do
|
||||||
|
skip_if_multiple_databases_are_setup
|
||||||
|
|
||||||
stub_feature_flags(ci_pending_builds_queue_source: false)
|
stub_feature_flags(ci_pending_builds_queue_source: false)
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
|
@ -20,6 +20,99 @@ RSpec.describe 'gitlab:db namespace rake task', :silence_stdout do
|
||||||
allow(Rake::Task['db:seed_fu']).to receive(:invoke).and_return(true)
|
allow(Rake::Task['db:seed_fu']).to receive(:invoke).and_return(true)
|
||||||
end
|
end
|
||||||
|
|
||||||
|
describe 'mark_migration_complete' do
|
||||||
|
context 'with a single database' do
|
||||||
|
let(:main_model) { ActiveRecord::Base }
|
||||||
|
|
||||||
|
before do
|
||||||
|
skip_if_multiple_databases_are_setup
|
||||||
|
end
|
||||||
|
|
||||||
|
it 'marks the migration complete on the given database' do
|
||||||
|
expect(main_model.connection).to receive(:quote).and_call_original
|
||||||
|
expect(main_model.connection).to receive(:execute)
|
||||||
|
.with("INSERT INTO schema_migrations (version) VALUES ('123')")
|
||||||
|
|
||||||
|
run_rake_task('gitlab:db:mark_migration_complete', '[123]')
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
context 'with multiple databases' do
|
||||||
|
let(:main_model) { double(:model, connection: double(:connection)) }
|
||||||
|
let(:ci_model) { double(:model, connection: double(:connection)) }
|
||||||
|
let(:base_models) { { 'main' => main_model, 'ci' => ci_model } }
|
||||||
|
|
||||||
|
before do
|
||||||
|
skip_if_multiple_databases_not_setup
|
||||||
|
|
||||||
|
allow(Gitlab::Database).to receive(:database_base_models).and_return(base_models)
|
||||||
|
end
|
||||||
|
|
||||||
|
it 'marks the migration complete on each database' do
|
||||||
|
expect(main_model.connection).to receive(:quote).with('123').and_return("'123'")
|
||||||
|
expect(main_model.connection).to receive(:execute)
|
||||||
|
.with("INSERT INTO schema_migrations (version) VALUES ('123')")
|
||||||
|
|
||||||
|
expect(ci_model.connection).to receive(:quote).with('123').and_return("'123'")
|
||||||
|
expect(ci_model.connection).to receive(:execute)
|
||||||
|
.with("INSERT INTO schema_migrations (version) VALUES ('123')")
|
||||||
|
|
||||||
|
run_rake_task('gitlab:db:mark_migration_complete', '[123]')
|
||||||
|
end
|
||||||
|
|
||||||
|
context 'when the single database task is used' do
|
||||||
|
it 'marks the migration complete for the given database' do
|
||||||
|
expect(main_model.connection).to receive(:quote).with('123').and_return("'123'")
|
||||||
|
expect(main_model.connection).to receive(:execute)
|
||||||
|
.with("INSERT INTO schema_migrations (version) VALUES ('123')")
|
||||||
|
|
||||||
|
expect(ci_model.connection).not_to receive(:quote)
|
||||||
|
expect(ci_model.connection).not_to receive(:execute)
|
||||||
|
|
||||||
|
run_rake_task('gitlab:db:mark_migration_complete:main', '[123]')
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
context 'when the migration is already marked complete' do
|
||||||
|
let(:main_model) { double(:model, connection: double(:connection)) }
|
||||||
|
let(:base_models) { { 'main' => main_model } }
|
||||||
|
|
||||||
|
before do
|
||||||
|
allow(Gitlab::Database).to receive(:database_base_models).and_return(base_models)
|
||||||
|
end
|
||||||
|
|
||||||
|
it 'prints a warning message' do
|
||||||
|
allow(main_model.connection).to receive(:quote).with('123').and_return("'123'")
|
||||||
|
|
||||||
|
expect(main_model.connection).to receive(:execute)
|
||||||
|
.with("INSERT INTO schema_migrations (version) VALUES ('123')")
|
||||||
|
.and_raise(ActiveRecord::RecordNotUnique)
|
||||||
|
|
||||||
|
expect { run_rake_task('gitlab:db:mark_migration_complete', '[123]') }
|
||||||
|
.to output(/Migration version '123' is already marked complete on database main/).to_stdout
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
context 'when an invalid version is given' do
|
||||||
|
let(:main_model) { double(:model, connection: double(:connection)) }
|
||||||
|
let(:base_models) { { 'main' => main_model } }
|
||||||
|
|
||||||
|
before do
|
||||||
|
allow(Gitlab::Database).to receive(:database_base_models).and_return(base_models)
|
||||||
|
end
|
||||||
|
|
||||||
|
it 'prints an error and exits' do
|
||||||
|
expect(main_model).not_to receive(:quote)
|
||||||
|
expect(main_model.connection).not_to receive(:execute)
|
||||||
|
|
||||||
|
expect { run_rake_task('gitlab:db:mark_migration_complete', '[abc]') }
|
||||||
|
.to output(/Must give a version argument that is a non-zero integer/).to_stdout
|
||||||
|
.and raise_error(SystemExit) { |error| expect(error.status).to eq(1) }
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
describe 'configure' do
|
describe 'configure' do
|
||||||
it 'invokes db:migrate when schema has already been loaded' do
|
it 'invokes db:migrate when schema has already been loaded' do
|
||||||
allow(ActiveRecord::Base.connection).to receive(:tables).and_return(%w[table1 table2])
|
allow(ActiveRecord::Base.connection).to receive(:tables).and_return(%w[table1 table2])
|
||||||
|
|
Loading…
Reference in New Issue