kotovalexarian-likes-gitlab/gitlab-org--gitlab-foss
1
0
Fork 0
Code Releases Activity

Add latest changes from gitlab-org/gitlab@master

Browse source
This commit is contained in:
GitLab Bot 2020-03-25 15:07:47 +00:00
parent e6baeabaa9
commit 6f2065c468
48 changed files with 447 additions and 86 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
app/graphql/resolvers/merge_requests_resolver.rb
View file

@ -15,7 +15,8 @@ module Resolvers
alias_method :project, :object
def resolve(**args)
return unless project.present?
project = object.respond_to?(:sync) ? object.sync : object
return MergeRequest.none if project.nil?
args[:iids] ||= [args[:iid]].compact

4
app/helpers/notifications_helper.rb
View file

@ -120,4 +120,8 @@ module NotificationsHelper
def can_read_project?(project)
can?(current_user, :read_project, project)
end
def notification_event_disabled?(event)
event == :fixed_pipeline && Feature.disabled?(:ci_pipeline_fixed_notifications)
end
end

12
app/presenters/project_presenter.rb
View file

@ -25,6 +25,7 @@ class ProjectPresenter < Gitlab::View::Presenter::Delegated
branches_anchor_data,
tags_anchor_data,
files_anchor_data,
storage_anchor_data,
releases_anchor_data
].compact.select(&:is_link)
end
@ -154,6 +155,17 @@ class ProjectPresenter < Gitlab::View::Presenter::Delegated
empty_repo? ? nil : project_tree_path(project))
end
def storage_anchor_data
AnchorData.new(true,
statistic_icon('disk') +
_('%{strong_start}%{human_size}%{strong_end} Storage').html_safe % {
human_size: storage_counter(statistics.storage_size),
strong_start: '<strong class="project-stat-value">'.html_safe,
strong_end: '</strong>'.html_safe
},
empty_repo? ? nil : project_tree_path(project))
end
def releases_anchor_data
return unless can?(current_user, :read_release, project)

72
app/services/metrics/dashboard/gitlab_alert_embed_service.rb Normal file
View file

@ -0,0 +1,72 @@
# frozen_string_literal: true
# Responsible for returning an embed containing the specified
# metrics chart for an alert. Creates panels based on the
# matching metric stored in the database.
#
# Use Gitlab::Metrics::Dashboard::Finder to retrieve dashboards.
module Metrics
module Dashboard
class GitlabAlertEmbedService < ::Metrics::Dashboard::BaseEmbedService
include Gitlab::Utils::StrongMemoize
SEQUENCE = [STAGES::EndpointInserter].freeze
class << self
# Determines whether the provided params are sufficient
# to uniquely identify a panel composed of user-defined
# custom metrics from the DB.
def valid_params?(params)
[
embedded?(params[:embedded]),
params[:prometheus_alert_id].is_a?(Integer)
].all?
end
end
def raw_dashboard
panels_not_found!(alert_id: alert_id) unless alert && prometheus_metric
{ 'panel_groups' => [{ 'panels' => [panel] }] }
end
private
def allowed?
Ability.allowed?(current_user, :read_prometheus_alerts, project)
end
def alert_id
params[:prometheus_alert_id]
end
def alert
strong_memoize(:alert) do
Projects::Prometheus::AlertsFinder.new(id: alert_id).execute.first
end
end
def process_params
params.merge(environment: alert.environment)
end
def prometheus_metric
strong_memoize(:prometheus_metric) do
PrometheusMetricsFinder.new(id: alert.prometheus_metric_id).execute.first
end
end
def panel
{
title: prometheus_metric.title,
y_label: prometheus_metric.y_label,
metrics: [prometheus_metric.to_metric_hash]
}
end
def sequence
SEQUENCE
end
end
end
end

2
app/views/shared/notifications/_custom_notifications.html.haml
View file

@ -23,7 +23,7 @@
#{ paragraph.html_safe }
.col-lg-8
- notification_setting.email_events.each_with_index do |event, index|
- next if event == :fixed_pipeline && Feature.disabled?(:ci_pipeline_fixed_notifications)
- next if notification_event_disabled?(event)
- field_id = "#{notifications_menu_identifier("modal", notification_setting)}_notification_setting[#{event}]"
.form-group
.form-check{ class: ("prepend-top-0" if index == 0) }

2
app/workers/all_queues.yml
View file

@ -1224,7 +1224,7 @@
- :name: project_export
:feature_category: :importers
:has_external_dependencies:
:urgency: :low
:urgency: :throttled
:resource_boundary: :memory
:weight: 1
:idempotent:

1
app/workers/project_export_worker.rb
View file

@ -7,6 +7,7 @@ class ProjectExportWorker # rubocop:disable Scalability/IdempotentWorker
feature_category :importers
worker_resource_boundary :memory
urgency :throttled
def perform(current_user_id, project_id, after_export_strategy = {}, params = {})
current_user = User.find(current_user_id)

5
changelogs/unreleased/208431-follow-up-from-add-mutation-concern-to-resolve-a-single-issuable.yml Normal file
View file

@ -0,0 +1,5 @@
---
title: Amend GraphQL merge requests resolver to check for project presence
merge_request: 27783
author:
type: fixed

5
changelogs/unreleased/211445-follow-up-from-introduce-a-feature-flag-for-fixed-pipeline-notific.yml Normal file
View file

@ -0,0 +1,5 @@
---
title: Add an helper to check if a notification_event is enabled
merge_request: 27880
author: Jacopo Beschi @jacopo-beschi
type: changed

5
changelogs/unreleased/feat-show-storage.yml Normal file
View file

@ -0,0 +1,5 @@
---
title: Show storage size on project page
merge_request: 27724
author: Roger Meier
type: added

5
changelogs/unreleased/project_export_urgency_throttled.yml Normal file
View file

@ -0,0 +1,5 @@
---
title: Change project_export_worker urgency to throttled
merge_request: 27941
author:
type: other

5
changelogs/unreleased/rp-add-missing-docstring.yml Normal file
View file

@ -0,0 +1,5 @@
---
title: Add missing docstring to Prometheus metric
merge_request: 27868
author:
type: fixed

2
doc/administration/auth/how_to_configure_ldap_gitlab_ce/index.md
View file

@ -21,7 +21,7 @@ There are many commercial and open source [directory servers](https://en.wikiped
For example, [Active Directory](https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/hh831484(v=ws.11)) is generally favored in a primarily Windows environment, as this allows quick integration with existing services. Other popular directory services include:
- [Oracle Internet Directory](https://www.oracle.com/middleware/technologies/internet-directory.html)
- [OpenLDAP](http://www.openldap.org/)
- [OpenLDAP](https://www.openldap.org/)
- [389 Directory](http://directory.fedoraproject.org/)
- [OpenDJ (Renamed to Forgerock Directory Services)](https://www.forgerock.com/platform/directory-services)
- [ApacheDS](https://directory.apache.org/)

2
doc/administration/auth/oidc.md
View file

@ -128,7 +128,7 @@ different providers with Omnibus GitLab.
### Google
See the [Google
documentation](https://developers.google.com/identity/protocols/OpenIDConnect)
documentation](https://developers.google.com/identity/protocols/oauth2/openid-connect)
for more details:
```ruby

2
doc/administration/geo/replication/security_review.md
View file

@ -3,7 +3,7 @@
The following security review of the Geo feature set focuses on security aspects of
the feature as they apply to customers running their own GitLab instances. The review
questions are based in part on the [OWASP Application Security Verification Standard Project](https://owasp.org/www-project-application-security-verification-standard/)
from [owasp.org](https://www.owasp.org/).
from [owasp.org](https://owasp.org/).
## Business Model

2
doc/administration/gitaly/index.md
View file

@ -731,7 +731,7 @@ use a Ruby gem (library) called
the form of a C library.
Over time it has become clear to use that Rugged, and particularly
Rugged in combination with the [Unicorn](https://bogomips.org/unicorn/)
Rugged in combination with the [Unicorn](https://yhbt.net/unicorn/)
web server, is extremely efficient. Because libgit2 is a *library* and
not an external process, there was very little overhead between GitLab
application code that tried to look up data in Git repositories, and the

2
doc/administration/high_availability/pgbouncer.md
View file

@ -4,7 +4,7 @@ type: reference
# Working with the bundled PgBouncer service **(PREMIUM ONLY)**
As part of its High Availability stack, GitLab Premium includes a bundled version of [PgBouncer](https://pgbouncer.github.io/) that can be managed through `/etc/gitlab/gitlab.rb`. PgBouncer is used to seamlessly migrate database connections between servers in a failover scenario. Additionally, it can be used in a non-HA setup to pool connections, speeding up response time while reducing resource usage.
As part of its High Availability stack, GitLab Premium includes a bundled version of [PgBouncer](http://www.pgbouncer.org/) that can be managed through `/etc/gitlab/gitlab.rb`. PgBouncer is used to seamlessly migrate database connections between servers in a failover scenario. Additionally, it can be used in a non-HA setup to pool connections, speeding up response time while reducing resource usage.
In a HA setup, it's recommended to run a PgBouncer node separately for each database node with an internal load balancer (TCP) serving each accordingly.

23
doc/administration/instance_limits.md
View file

@ -168,3 +168,26 @@ NOTE: **Note:** Set the limit to `0` to disable it.
## Wiki limits
- [Length restrictions for file and directory names](../user/project/wiki/index.md#length-restrictions-for-file-and-directory-names).
## Push Event Limits
### Webhooks and Project Services
> [Introduced](https://gitlab.com/gitlab-org/gitlab/issues/31009) in GitLab 12.4.
Total number of changes (branches or tags) in a single push. If changes are more
than the specified limit, hooks won't be executed.
More information can be found in these docs:
- [Webhooks push events](../user/project/integrations/webhooks.md#push-events)
- [Project services push hooks limit](../user/project/integrations/project_services.md#push-hooks-limit)
### Activities
> [Introduced](https://gitlab.com/gitlab-org/gitlab/issues/31007) in GitLab 12.4.
Total number of changes (branches or tags) in a single push to determine whether
individual push events or bulk push event will be created.
More information can be found in the [Push event activities limit and bulk push events documentation](../user/admin_area/settings/push_event_activities_limit.md).

10
doc/administration/integration/plantuml.md
View file

@ -2,7 +2,7 @@
> [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/8537) in GitLab 8.16.
When [PlantUML](http://plantuml.com) integration is enabled and configured in
When [PlantUML](https://plantuml.com) integration is enabled and configured in
GitLab we are able to create simple diagrams in AsciiDoc and Markdown documents
created in snippets, wikis, and repos.
@ -161,10 +161,10 @@ Alice -> Bob : hi
```
Inside the block you can add any of the supported diagrams by PlantUML such as
[Sequence](http://plantuml.com/sequence-diagram), [Use Case](http://plantuml.com/use-case-diagram),
[Class](http://plantuml.com/class-diagram), [Activity](http://plantuml.com/activity-diagram-legacy),
[Component](http://plantuml.com/component-diagram), [State](http://plantuml.com/state-diagram),
and [Object](http://plantuml.com/object-diagram) diagrams. You do not need to use the PlantUML
[Sequence](https://plantuml.com/sequence-diagram), [Use Case](https://plantuml.com/use-case-diagram),
[Class](https://plantuml.com/class-diagram), [Activity](https://plantuml.com/activity-diagram-legacy),
[Component](https://plantuml.com/component-diagram), [State](https://plantuml.com/state-diagram),
and [Object](https://plantuml.com/object-diagram) diagrams. You do not need to use the PlantUML
diagram delimiters `@startuml`/`@enduml` as these are replaced by the AsciiDoc `plantuml` block.
Some parameters can be added to the AsciiDoc block definition:

2
doc/administration/operations/puma.md
View file

@ -2,7 +2,7 @@
## Puma
As of GitLab 12.9, [Puma](https://github.com/puma/puma) has replaced [Unicorn](https://bogomips.org/unicorn/).
As of GitLab 12.9, [Puma](https://github.com/puma/puma) has replaced [Unicorn](https://yhbt.net/unicorn/).
as the default web server.
## Why switch to Puma?

2
doc/administration/operations/unicorn.md
View file

@ -2,7 +2,7 @@
## Unicorn
GitLab uses [Unicorn](https://bogomips.org/unicorn/), a pre-forking Ruby web
GitLab uses [Unicorn](https://yhbt.net/unicorn/), a pre-forking Ruby web
server, to handle web requests (web browsers and Git HTTP clients). Unicorn is
a daemon written in Ruby and C that can load and run a Ruby on Rails
application; in our case the Rails application is GitLab Community Edition or

3
doc/administration/packages/index.md
View file

@ -119,9 +119,6 @@ upload packages:
}
```
NOTE: **Note:**
Some build tools, like Gradle, must make `HEAD` requests to Amazon S3 to pull a dependencys metadata. The `gitlab_rails['packages_object_store_proxy_download']` property must be set to `true`. Without this setting, GitLab won't act as a proxy to the Amazon S3 service, and will instead return the signed URL. This will cause a `HTTP 403 Forbidden` response, since Amazon S3 expects a signed URL.
1. Save the file and [reconfigure GitLab](../restart_gitlab.md#omnibus-gitlab-reconfigure)
for the changes to take effect.

2
doc/administration/repository_storage_paths.md
View file

@ -120,5 +120,5 @@ randomly placed on one of the selected paths.
[reconfigure-gitlab]: restart_gitlab.md#omnibus-gitlab-reconfigure
[backups]: ../raketasks/backup_restore.md
[raketask]: https://gitlab.com/gitlab-org/gitlab/blob/033e5423a2594e08a7ebcd2379bd2331f4c39032/lib/backup/repository.rb#L54-56
[repospath]: https://gitlab.com/gitlab-org/gitlab/blob/8-9-stable/config/gitlab.yml.example#L457
[repospath]: https://gitlab.com/gitlab-org/gitlab-foss/-/blob/8-9-stable/config/gitlab.yml.example#L457
[ce-11449]: https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/11449

2
doc/api/graphql/getting_started.md
View file

@ -36,7 +36,7 @@ The examples below:
- Can be run directly against GitLab 11.0 or later, though some of the types and fields
may not be supported in older versions.
- Will work against GitLab.com without any further setup. Make sure you are signed in and
navigate to the [GraphiQL Explorer](https://www.gitlab.com/-/graphql-explorer).
navigate to the [GraphiQL Explorer](https://gitlab.com/-/graphql-explorer).
If you want to run the queries locally, or on a self-managed instance,
you will need to either:

123
doc/development/architecture.md
View file

@ -125,18 +125,18 @@ Component statuses are linked to configuration documentation for each component.
| Component | Description | [Omnibus GitLab](https://docs.gitlab.com/omnibus/) | [GitLab chart](https://docs.gitlab.com/charts/) | [Minikube Minimal](https://docs.gitlab.com/charts/development/minikube/#deploying-gitlab-with-minimal-settings) | [GitLab.com](https://gitlab.com) | [Source](../install/installation.md) | [GDK](https://gitlab.com/gitlab-org/gitlab-development-kit) | CE/EE |
| --------- | ----------- |:--------------------:|:------------------:|:-----:|:--------:|:--------:|:-------:|:-------:|
| [NGINX](#nginx) | Routes requests to appropriate components, terminates SSL | [✅][nginx-omnibus] | [✅][nginx-charts] | [⚙][nginx-charts] | [](https://about.gitlab.com/handbook/engineering/infrastructure/production-architecture/#service-architecture) | [⤓][nginx-source] | ❌ | CE & EE |
| [NGINX](#nginx) | Routes requests to appropriate components, terminates SSL | [✅][nginx-omnibus] | [✅][nginx-charts] | [⚙][nginx-charts] | [](https://about.gitlab.com/handbook/engineering/infrastructure/production/architecture/#service-architecture) | [⤓][nginx-source] | ❌ | CE & EE |
| [Unicorn (GitLab Rails)](#unicorn) | Handles requests for the web interface and API | [✅][unicorn-omnibus] | [✅][unicorn-charts] | [✅][unicorn-charts] | [](../user/gitlab_com/index.md#unicorn) | [⚙][unicorn-source] | [✅][gitlab-yml] | CE & EE |
| [Sidekiq](#sidekiq) | Background jobs processor | [✅][sidekiq-omnibus] | [✅][sidekiq-charts] | [](https://docs.gitlab.com/charts/charts/gitlab/sidekiq/index.html) | [](../user/gitlab_com/index.md#sidekiq) | [✅][gitlab-yml] | [✅][gitlab-yml] | CE & EE |
| [Gitaly](#gitaly) | Git RPC service for handling all Git calls made by GitLab | [✅][gitaly-omnibus] | [✅][gitaly-charts] | [✅][gitaly-charts] | [](https://about.gitlab.com/handbook/engineering/infrastructure/production-architecture/#service-architecture) | [⚙][gitaly-source] | ✅ | CE & EE |
| [Praefect](#praefect) | A transparent proxy between any Git client and Gitaly storage nodes. | [✅][gitaly-omnibus] | [❌][gitaly-charts] | [❌][gitaly-charts] | [](https://about.gitlab.com/handbook/engineering/infrastructure/production-architecture/#service-architecture) | [⚙][praefect-source] | ✅ | CE & EE |
| [GitLab Workhorse](#gitlab-workhorse) | Smart reverse proxy, handles large HTTP requests | [✅][workhorse-omnibus] | [✅][workhorse-charts] | [✅][workhorse-charts] | [](https://about.gitlab.com/handbook/engineering/infrastructure/production-architecture/#service-architecture) | [⚙][workhorse-source] | ✅ | CE & EE |
| [GitLab Shell](#gitlab-shell) | Handles `git` over SSH sessions | [✅][shell-omnibus] | [✅][shell-charts] | [✅][shell-charts] | [](https://about.gitlab.com/handbook/engineering/infrastructure/production-architecture/#service-architecture) | [⚙][shell-source] | [✅][gitlab-yml] | CE & EE |
| [Gitaly](#gitaly) | Git RPC service for handling all Git calls made by GitLab | [✅][gitaly-omnibus] | [✅][gitaly-charts] | [✅][gitaly-charts] | [](https://about.gitlab.com/handbook/engineering/infrastructure/production/architecture/#service-architecture) | [⚙][gitaly-source] | ✅ | CE & EE |
| [Praefect](#praefect) | A transparent proxy between any Git client and Gitaly storage nodes. | [✅][gitaly-omnibus] | [❌][gitaly-charts] | [❌][gitaly-charts] | [](https://about.gitlab.com/handbook/engineering/infrastructure/production/architecture/#service-architecture) | [⚙][praefect-source] | ✅ | CE & EE |
| [GitLab Workhorse](#gitlab-workhorse) | Smart reverse proxy, handles large HTTP requests | [✅][workhorse-omnibus] | [✅][workhorse-charts] | [✅][workhorse-charts] | [](https://about.gitlab.com/handbook/engineering/infrastructure/production/architecture/#service-architecture) | [⚙][workhorse-source] | ✅ | CE & EE |
| [GitLab Shell](#gitlab-shell) | Handles `git` over SSH sessions | [✅][shell-omnibus] | [✅][shell-charts] | [✅][shell-charts] | [](https://about.gitlab.com/handbook/engineering/infrastructure/production/architecture/#service-architecture) | [⚙][shell-source] | [✅][gitlab-yml] | CE & EE |
| [GitLab Pages](#gitlab-pages) | Hosts static websites | [⚙][pages-omnibus] | [❌][pages-charts] | [❌][pages-charts] | [](../user/gitlab_com/index.md#gitlab-pages) | [⚙][pages-source] | [⚙][pages-gdk] | CE & EE |
| [Registry](#registry) | Container registry, allows pushing and pulling of images | [⚙][registry-omnibus] | [✅][registry-charts] | [✅][registry-charts] | [](../user/packages/container_registry/index.md#build-and-push-images-using-gitlab-cicd) | [⤓][registry-source] | [⚙][registry-gdk] | CE & EE |
| [Redis](#redis) | Caching service | [✅][redis-omnibus] | [✅][redis-omnibus] | [✅][redis-charts] | [](https://about.gitlab.com/handbook/engineering/infrastructure/production-architecture/#service-architecture) | [⤓][redis-source] | ✅ | CE & EE |
| [Redis](#redis) | Caching service | [✅][redis-omnibus] | [✅][redis-omnibus] | [✅][redis-charts] | [](https://about.gitlab.com/handbook/engineering/infrastructure/production/architecture/#service-architecture) | [⤓][redis-source] | ✅ | CE & EE |
| [PostgreSQL](#postgresql) | Database | [✅][postgres-omnibus] | [✅][postgres-charts] | [✅][postgres-charts] | [](../user/gitlab_com/index.md#postgresql) | [⤓][postgres-source] | ✅ | CE & EE |
| [PgBouncer](#pgbouncer) | Database connection pooling, failover | [⚙][pgbouncer-omnibus] | [❌][pgbouncer-charts] | [❌][pgbouncer-charts] | [](https://about.gitlab.com/handbook/engineering/infrastructure/production-architecture/#database-architecture) | ❌ | ❌ | EE Only |
| [PgBouncer](#pgbouncer) | Database connection pooling, failover | [⚙][pgbouncer-omnibus] | [❌][pgbouncer-charts] | [❌][pgbouncer-charts] | [](https://about.gitlab.com/handbook/engineering/infrastructure/production/architecture/#database-architecture) | ❌ | ❌ | EE Only |
| [Consul](#consul) | Database node discovery, failover | [⚙][consul-omnibus] | [❌][consul-charts] | [❌][consul-charts] | [](../user/gitlab_com/index.md#consul) | ❌ | ❌ | EE Only |
| [GitLab self-monitoring: Prometheus](#prometheus) | Time-series database, metrics collection, and query service | [✅][prometheus-omnibus] | [✅][prometheus-charts] | [⚙][prometheus-charts] | [](../user/gitlab_com/index.md#prometheus) | ❌ | ❌ | CE & EE |
| [GitLab self-monitoring: Alertmanager](#alertmanager) | Deduplicates, groups, and routes alerts from Prometheus | [⚙][alertmanager-omnibus] | [✅][alertmanager-charts] | [⚙][alertmanager-charts] | [](https://about.gitlab.com/handbook/engineering/monitoring/) | ❌ | ❌ | CE & EE |
@ -149,10 +149,10 @@ Component statuses are linked to configuration documentation for each component.
| [GitLab Exporter](#gitlab-exporter) | Generates a variety of GitLab metrics | [✅][gitlab-exporter-omnibus] | [✅][gitlab-exporter-charts] | [✅][gitlab-exporter-charts] | [](https://about.gitlab.com/handbook/engineering/monitoring/) | ❌ | ❌ | CE & EE |
| [Node Exporter](#node-exporter) | Prometheus endpoint with system metrics | [✅][node-exporter-omnibus] | [N/A][node-exporter-charts] | [N/A][node-exporter-charts] | [](https://about.gitlab.com/handbook/engineering/monitoring/) | ❌ | ❌ | CE & EE |
| [Mattermost](#mattermost) | Open-source Slack alternative | [⚙][mattermost-omnibus] | [⤓][mattermost-charts] | [⤓][mattermost-charts] | [](../user/project/integrations/mattermost.md) | ❌ | ❌ | CE & EE |
| [MinIO](#minio) | Object storage service | [⤓][minio-omnibus] | [✅][minio-charts] | [✅][minio-charts] | [](https://about.gitlab.com/handbook/engineering/infrastructure/production-architecture/#storage-architecture) | ❌ | [⚙][minio-gdk] | CE & EE |
| [MinIO](#minio) | Object storage service | [⤓][minio-omnibus] | [✅][minio-charts] | [✅][minio-charts] | [](https://about.gitlab.com/handbook/engineering/infrastructure/production/architecture/#storage-architecture) | ❌ | [⚙][minio-gdk] | CE & EE |
| [Runner](#gitlab-runner) | Executes GitLab CI jobs | [⤓][runner-omnibus] | [✅][runner-charts] | [⚙][runner-charts] | [](../user/gitlab_com/index.md#shared-runners) | [⚙][runner-source] | [⚙][runner-gdk] | CE & EE |
| [Database Migrations](#database-migrations) | Database migrations | [✅][database-migrations-omnibus] | [✅][database-migrations-charts] | [✅][database-migrations-charts] | ✅ | [⚙][database-migrations-source] | ✅ | CE & EE |
| [Certificate Management](#certificate-management) | TLS Settings, Let's Encrypt | [✅][certificate-management-omnibus] | [✅][certificate-management-charts] | [⚙][certificate-management-charts] | [](https://about.gitlab.com/handbook/engineering/infrastructure/production-architecture/#secrets-management) | [⚙][certificate-management-source] | [⚙][certificate-management-gdk] | CE & EE |
| [Certificate Management](#certificate-management) | TLS Settings, Let's Encrypt | [✅][certificate-management-omnibus] | [✅][certificate-management-charts] | [⚙][certificate-management-charts] | [](https://about.gitlab.com/handbook/engineering/infrastructure/production/architecture/#secrets-management) | [⚙][certificate-management-source] | [⚙][certificate-management-gdk] | CE & EE |
| [GitLab Geo Node](#gitlab-geo) | Geographically distributed GitLab nodes | [⚙][geo-omnibus] | [❌][geo-charts] | [❌][geo-charts] | ✅ | ❌ | [⚙][geo-gdk] | EE Only |
| [LDAP Authentication](#ldap-authentication) | Authenticate users against centralized LDAP directory | [⤓][ldap-omnibus] | [⤓][ldap-charts] | [⤓][ldap-charts] | [](https://about.gitlab.com/pricing/#gitlab-com) | [⤓][gitlab-yml] | [⤓][ldap-gdk] | CE & EE |
| [Outbound email (SMTP)](#outbound-email) | Send email messages to users | [⤓][outbound-email-omnibus] | [⤓][outbound-email-charts] | [⤓][outbound-email-charts] | [](../user/gitlab_com/index.md#mail-configuration) | [⤓][gitlab-yml] | [⤓][gitlab-yml] | CE & EE |
@ -446,7 +446,7 @@ Sidekiq is a Ruby background job processor that pulls jobs from the Redis queue
- Layer: Core Service (Processor)
- Process: `unicorn`
[Unicorn](https://bogomips.org/unicorn/) is a Ruby application server that is used to run the core Rails Application that provides the user facing features in GitLab. Often process output you will see this as `bundle` or `config.ru` depending on the GitLab version.
[Unicorn](https://yhbt.net/unicorn/) is a Ruby application server that is used to run the core Rails Application that provides the user facing features in GitLab. Often process output you will see this as `bundle` or `config.ru` depending on the GitLab version.
#### LDAP Authentication
@ -494,13 +494,108 @@ Below we describe the different pathing that HTTP vs. SSH Git requests will take
### Web Request (80/443)
When you make a Git request over HTTP, the request first takes the same steps as a web HTTP request
through NGINX and GitLab Workhorse. However, the GitLab Workhorse then diverts the request towards
Gitaly, which processes it directly.
Git operations over HTTP use the stateless "smart" protocol described in the
[Git documentation](https://git-scm.com/docs/http-protocol), but responsibility
for handling these operations is split across several GitLab components.
Here is a sequence diagram for `git fetch`. Note that all requests pass through
NGINX as well as any other HTTP load balancers, but are not transformed in any
way by them. All paths are presented relative to a `/namespace/project.git` URL.
```mermaid
sequenceDiagram
participant Git on client
participant NGINX
participant Workhorse
participant Rails
participant Gitaly
participant Git on server
Note left of Git on client: git fetch<br/>info-refs
Git on client->>+Workhorse: GET /info/refs?service=git-upload-pack
Workhorse->>+Rails: GET /info/refs?service=git-upload-pack
Note right of Rails: Auth check
Rails-->>-Workhorse: Gitlab::Workhorse.git_http_ok
Workhorse->>+Gitaly: SmartHTTPService.InfoRefsUploadPack request
Gitaly->>+Git on server: git upload-pack --stateless-rpc --advertise-refs
Git on server-->>-Gitaly: git upload-pack response
Gitaly-->>-Workhorse: SmartHTTPService.InfoRefsUploadPack response
Workhorse-->>-Git on client: 200 OK
Note left of Git on client: git fetch<br/>fetch-pack
Git on client->>+Workhorse: POST /git-upload-pack
Workhorse->>+Rails: POST /git-upload-pack
Note right of Rails: Auth check
Rails-->>-Workhorse: Gitlab::Workhorse.git_http_ok
Workhorse->>+Gitaly: SmartHTTPService.PostUploadPack request
Gitaly->>+Git on server: git upload-pack --stateless-rpc
Git on server-->>-Gitaly: git upload-pack response
Gitaly-->>-Workhorse: SmartHTTPService.PostUploadPack response
Workhorse-->>-Git on client: 200 OK
```
The sequence is similar for `git push`, except `git-receive-pack` is used
instead of `git-upload-pack`.
### SSH Request (22)
TODO
Git operations over SSH can use the stateful protocol described in the
[Git documentation](https://git-scm.com/docs/pack-protocol#_ssh_transport), but
responsibility for handling them is split across several GitLab components.
No GitLab components speak SSH directly - all SSH connections are made between
Git on the client machine and the SSH server, which terminates the connection.
To the SSH server, all connections are authenticated as the `git` user; GitLab
users are differentiated by the SSH key presented by the client.
Here is a sequence diagram for `git fetch`, assuming [Fast SSH key lookup](../administration/operations/fast_ssh_key_lookup.md)
is enabled. Note that `AuthorizedKeysCommand` is an executable provided by
[GitLab Shell](#gitlab-shell):
```mermaid
sequenceDiagram
participant Git on client
participant SSH server
participant AuthorizedKeysCommand
participant GitLab Shell
participant Rails
participant Gitaly
participant Git on server
Note left of Git on client: git fetch
Git on client->>SSH server: git fetch-pack
SSH server-->>AuthorizedKeysCommand: gitlab-shell-authorized-keys-check git AAAA...
AuthorizedKeysCommand-->>Rails: GET /internal/api/authorized_keys?key=AAAA...
Note right of Rails: Lookup key ID
Rails-->>SSH server: 200 OK, command="gitlab-shell upload-pack key_id=1"
SSH server-->>GitLab Shell: gitlab-shell upload-pack key_id=1
GitLab Shell-->>Rails: GET /internal/api/allowed?action=upload_pack&key_id=1
Note right of Rails: Auth check
Rails-->>GitLab Shell: 200 OK, { gitaly: ... }
GitLab Shell-->>Gitaly: SSHService.SSHUploadPack bidirectional request
Gitaly-->>Git on server: git upload-pack
Git on server->>Git on client: SSHService.SSHUploadPack bidirectional response
```
The `git push` operation is very similar, except `git receive-pack` is used
instead of `git upload-pack`.
If fast SSH key lookups are not enabled, the SSH server reads from the
`~git/.ssh/authorized_keys` file to determine what command to run for a given
SSH session. This is kept up to date by an [`AuthorizedKeysWorker`](https://gitlab.com/gitlab-org/gitlab/blob/master/app/workers/authorized_keys_worker.rb)
in Rails, scheduled to run whenever an SSH key is modified by a user.
[SSH certificates](../administration/operations/ssh_certificates.md) may be used
instead of keys. In this case, `AuthorizedKeysCommand` is replaced with an
`AuthorizedPrincipalsCommand`. This extracts a username from the certificate
without using the Rails internal API, which is used instead of `key_id` in the
`/api/internal/allowed` call later.
GitLab Shell also has a few operations that do not involve Gitaly, such as
resetting two-factor authentication codes. These are handled in the same way,
except there is no round-trip into Gitaly - Rails performs the action as part
of the [internal API](internal_api.md) call, and GitLab Shell streams the
response back to the user directly.
## System Layout

2
doc/development/chatops_on_gitlabcom.md
View file

@ -16,7 +16,7 @@ To request access to Chatops on GitLab.com:
1. Log into <https://ops.gitlab.net/users/sign_in> **using the same username** as for GitLab.com (you may have to rename it).
1. Ask in the [#production](https://gitlab.slack.com/messages/production) channel to add you by running `/chatops run member add <username> gitlab-com/chatops --ops`.
NOTE: **Note:** If you had to change your username for GitLab.com on the first step, make sure [to reflect this information](https://gitlab.com/gitlab-com/www-gitlab-com#adding-yourself-to-the-team-page) on [the team page](https://about.gitlab.com/team).
NOTE: **Note:** If you had to change your username for GitLab.com on the first step, make sure [to reflect this information](https://gitlab.com/gitlab-com/www-gitlab-com#adding-yourself-to-the-team-page) on [the team page](https://about.gitlab.com/company/team/).
## See also

2
doc/development/code_review.md
View file

@ -79,7 +79,7 @@ from teams other than your own.
#### Security requirements
View the updated documentation regarding [internal application security reviews](https://about.gitlab.com/handbook/engineering/security/index.html#internal-application-security-reviews) for **when** and **how** to request a security review.
View the updated documentation regarding [internal application security reviews](https://about.gitlab.com/handbook/engineering/security/#internal-application-security-reviews) for **when** and **how** to request a security review.
### The responsibility of the merge request author

13
doc/development/documentation/site_architecture/release_process.md
View file

@ -92,7 +92,7 @@ this needs to happen when the stable branches for all products have been created
tagged with the branch name you created in the first step. In the end, the
image will be uploaded in the [Container Registry](https://gitlab.com/gitlab-org/gitlab-docs/container_registry)
and it will be listed under the
[`registry` environment folder](https://gitlab.com/gitlab-org/gitlab-docs/environments/folders/registry).
[`registry` environment folder](https://gitlab.com/gitlab-org/gitlab-docs/-/environments/folders/registry).
Optionally, you can test locally by building the image and running it:
@ -179,11 +179,11 @@ The dropdown merge requests should have now been merged into their respective
version (stable branch), which will trigger another pipeline. At this point,
you need to only babysit the pipelines and make sure they don't fail:
1. Check the [pipelines page](https://gitlab.com/gitlab-org/gitlab-docs/pipelines)
1. Check the pipelines page: `https://gitlab.com/gitlab-org/gitlab-docs/pipelines`
and make sure all stable branches have green pipelines.
1. After all the pipelines of the online versions succeed, merge the release merge request.
1. Finally, run the [Build docker images weekly](https://gitlab.com/gitlab-org/gitlab-docs/pipeline_schedules)
pipeline that will build the `:latest` and `:archives` Docker images.
1. Finally, from `https://gitlab.com/gitlab-org/gitlab-docs/pipeline_schedules` run
the `Build docker images weekly` pipeline that will build the `:latest` and `:archives` Docker images.
Once the scheduled pipeline succeeds, the docs site will be deployed with all
new versions online.
@ -191,8 +191,7 @@ new versions online.
## Update an old Docker image with new upstream docs content
If there are any changes to any of the stable branches of the products that are
not included in the single Docker image, just
[rerun the pipeline](https://gitlab.com/gitlab-org/gitlab-docs/pipelines/new)
not included in the single Docker image, just rerun the pipeline (`https://gitlab.com/gitlab-org/gitlab-docs/pipelines/new`)
for the version in question.
## Porting new website changes to old versions
@ -239,7 +238,7 @@ branches for 12.2 were used, this wouldn't have failed, but as we can see from
the [`compile_dev` job](https://gitlab.com/gitlab-org/gitlab-docs/-/jobs/328042427),
the `master` branches were pulled.
To fix this, [re-run the pipeline](https://gitlab.com/gitlab-org/gitlab-docs/pipelines/new)
To fix this, re-run the pipeline (`https://gitlab.com/gitlab-org/gitlab-docs/pipelines/new`)
for the `update-12-2-for-release-12-4` branch, by including the following environment variables:
- `BRANCH_CE` set to `12-2-stable`

10
doc/development/documentation/workflow.md
View file

@ -62,7 +62,7 @@ responsible for:
- Liaising with their Product Manager to understand what documentation must be delivered, and when.
- Requesting technical reviews from other developers within their group.
- Requesting documentation reviews from the Technical Writer
[assigned to the DevOps stage group](https://about.gitlab.com/handbook/product/technical-writing/index.html#assignments)
[assigned to the DevOps stage group](https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments)
that is delivering the new feature or feature enhancements.
TIP: **Tip:**
@ -92,7 +92,7 @@ the Product Manager and Technical Writer for a given issue:
- Documentation [Structure and template](structure.md) page.
- [Style Guide](styleguide.md).
- [Markdown Guide](https://about.gitlab.com/handbook/engineering/ux/technical-writing/markdown-guide/).
- Contact the Technical Writer for the relevant [DevOps stage](https://about.gitlab.com/handbook/product/technical-writing/index.html#assignments)
- Contact the Technical Writer for the relevant [DevOps stage](https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments)
in your issue or merge request, or within `#docs` on GitLab Slack, if you:
- Need any help to choose the correct place for documentation.
- Want to discuss a documentation idea or outline.
@ -423,7 +423,7 @@ Request help from the Technical Writing team if you:
To request help:
1. Locate the the Technical Writer for the relevant
[DevOps stage group](https://about.gitlab.com/handbook/product/technical-writing/index.html#assignments).
[DevOps stage group](https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments).
1. Either:
- If urgent help is required, directly assign the Technical Writer in the issue or in the merge request.
- If non-urgent help is required, ping the Technical Writer in the issue or merge request.
@ -439,7 +439,7 @@ Maintainers must make a good-faith effort to ensure that the content:
- Meets the [Documentation Guidelines](index.md) and [Style Guide](styleguide.md).
If the author or reviewer has any questions, they can mention the writer who is assigned to the relevant
[DevOps stage group](https://about.gitlab.com/handbook/product/technical-writing/index.html#assignments).
[DevOps stage group](https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments).
The process involves the following:
@ -449,7 +449,7 @@ The process involves the following:
- Technical Writer (Optional). If not completed for a merge request prior to merging, must be scheduled
post-merge. Schedule post-merge reviews only if an urgent merge is required. To request a:
- Pre-merge review, assign the Technical Writer listed for the applicable
[DevOps stage group](https://about.gitlab.com/handbook/product/technical-writing/index.html#assignments).
[DevOps stage group](https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments).
- Post-merge review, see [Post-merge reviews](#post-merge-reviews).
- Maintainer. For merge requests, Maintainers:
- Can always request any of the above reviews.

2
doc/development/fe_guide/frontend_faq.md
View file

@ -63,7 +63,7 @@ banner on top of the component examples indicates that:
> component.
For example, at the time of writing, this type of warning can be observed for
[all form components](https://design.gitlab.com/components/forms). It, however,
[all form components](https://design.gitlab.com/components/forms/). It, however,
doesn't imply that the component should not be used.
GitLab always asks to use `<gl-*>` components whenever a suitable component exists.

4
doc/development/understanding_explain_plans.md
View file

@ -765,5 +765,5 @@ exec ROLLBACK
## Further reading
A more extensive guide on understanding query plans can be found in
the [presentation](https://www.dalibo.org/_media/understanding_explain.pdf)
from [Dalibo.org](https://www.dalibo.org/en/).
the [presentation](https://public.dalibo.com/exports/conferences/_archives/_2012/201211_explain/understanding_explain.pdf)
from [Dalibo.org](https://www.dalibo.com/en/).

20
doc/install/openshift_and_gitlab/index.md
View file

@ -36,7 +36,7 @@ test OpenShift easily:
- [VirtualBox]
- [Vagrant]
- [OpenShift Client](https://docs.okd.io/latest/cli_reference/get_started_cli.html) (`oc` for short)
- [OpenShift Client](https://docs.okd.io/3.11/cli_reference/get_started_cli.html) (`oc` for short)
It is also important to mention that for the purposes of this tutorial, the
latest Origin release is used:
@ -99,7 +99,7 @@ landing page looks like:
![openshift web console](img/web-console.png)
You can see that a number of [projects](https://docs.okd.io/latest/dev_guide/projects.html) are already created for testing purposes.
You can see that a number of [projects](https://docs.okd.io/3.11/dev_guide/projects.html) are already created for testing purposes.
If you head over the `openshift-infra` project, a number of services with their
respective pods are there to explore.
@ -107,7 +107,7 @@ respective pods are there to explore.
![openshift web console](img/openshift-infra-project.png)
We are not going to explore the whole interface, but if you want to learn about
the key concepts of OpenShift, read the [core concepts reference](https://docs.okd.io/latest/architecture/core_concepts/index.html)
the key concepts of OpenShift, read the [core concepts reference](https://docs.okd.io/3.11/architecture/core_concepts/index.html)
in the official documentation.
### Explore the OpenShift CLI
@ -115,7 +115,7 @@ in the official documentation.
OpenShift Client (`oc`), is a powerful CLI tool that talks to the OpenShift API
and performs pretty much everything you can do from the web UI and much more.
Assuming you have [installed](https://docs.okd.io/latest/cli_reference/get_started_cli.html) it, let's explore some of its main
Assuming you have [installed](https://docs.okd.io/3.11/cli_reference/get_started_cli.html) it, let's explore some of its main
functionalities.
Let's first see the version of `oc`:
@ -172,7 +172,7 @@ The last command should spit a bunch of information about the statuses of the
pods and the services, which if you look closely is what we encountered in the
second image when we explored the web console.
You can always read more about `oc` in the [OpenShift CLI documentation](https://docs.okd.io/latest/cli_reference/get_started_cli.html).
You can always read more about `oc` in the [OpenShift CLI documentation](https://docs.okd.io/3.11/cli_reference/get_started_cli.html).
### Troubleshooting the all-in-one VM
@ -248,7 +248,7 @@ The next step is to import the OpenShift template for GitLab.
### Import the template
The [template](https://docs.okd.io/latest/architecture/core_concepts/templates.html) is basically a JSON file which describes a set of
The [template](https://docs.okd.io/3.11/architecture/core_concepts/templates.html) is basically a JSON file which describes a set of
related object definitions to be created together, as well as a set of
parameters for those objects.
@ -364,7 +364,7 @@ of resources, you'd be happy to know that you can scale up with the push of a
button.
In the **Overview** page just click the up arrow button in the pod where
GitLab is. The change is instant and you can see the number of [replicas](https://docs.okd.io/latest/architecture/core_concepts/deployments.html#replication-controllers) now
GitLab is. The change is instant and you can see the number of [replicas](https://docs.okd.io/3.11/architecture/core_concepts/deployments.html#replication-controllers) now
running scaled to 2.
![GitLab scale](img/gitlab-scale.png)
@ -382,7 +382,7 @@ scale up. If a pod is in pending state for too long, you can navigate to
### Scale GitLab using the `oc` CLI
Using `oc` is super easy to scale up the replicas of a pod. You may want to
skim through the [basic CLI operations](https://docs.okd.io/latest/cli_reference/basic_cli_operations.html) to get a taste how the CLI
skim through the [basic CLI operations](https://docs.okd.io/3.11/cli_reference/basic_cli_operations.html) to get a taste how the CLI
commands are used. Pay extra attention to the object types as we will use some
of them and their abbreviated versions below.
@ -455,7 +455,7 @@ In case you were wondering whether there is an option to autoscale a pod based
on the resources of your server, the answer is yes, of course there is.
We will not expand on this matter, but feel free to read the documentation on
OpenShift's website about [autoscaling](https://docs.okd.io/latest/dev_guide/pod_autoscaling.html).
OpenShift's website about [autoscaling](https://docs.okd.io/3.11/dev_guide/pod_autoscaling.html).
## Current limitations
@ -470,7 +470,7 @@ bother us. In any case, it is something to keep in mind when deploying GitLab
on a production cluster.
In order to deploy GitLab on a production cluster, you will need to assign the
GitLab service account to the `anyuid` [Security Context Constraints](https://docs.okd.io/latest/admin_guide/manage_scc.html).
GitLab service account to the `anyuid` [Security Context Constraints](https://docs.okd.io/3.11/admin_guide/manage_scc.html).
For OpenShift v3.0, you will need to do this manually:

2
doc/topics/authentication/index.md
View file

@ -47,4 +47,4 @@ This page gathers all the resources for the topic **Authentication** within GitL
- [Kanboard Plugin GitLab Authentication](https://github.com/kanboard/plugin-gitlab-auth)
- [Jenkins GitLab OAuth Plugin](https://wiki.jenkins.io/display/JENKINS/GitLab+OAuth+Plugin)
- [How to customize GitLab to support OpenID authentication](http://eric.van-der-vlist.com/blog/2013/11/23/how-to-customize-gitlab-to-support-openid-authentication/)
- [OKD - Configuring Authentication and User Agent](https://docs.okd.io/latest/install_config/configuring_authentication.html#GitLab)
- [OKD - Configuring Authentication and User Agent](https://docs.okd.io/3.11/install_config/configuring_authentication.html#GitLab)

2
doc/user/markdown.md
View file

@ -154,7 +154,7 @@ Color written inside backticks will be followed by a color "chip":
### Diagrams and flowcharts
It's possible to generate diagrams and flowcharts from text in GitLab using [Mermaid](https://mermaidjs.github.io/) or [PlantUML](http://plantuml.com).
It's possible to generate diagrams and flowcharts from text in GitLab using [Mermaid](https://mermaidjs.github.io/) or [PlantUML](https://plantuml.com).
#### Mermaid

12
doc/user/project/pages/getting_started/fork_sample_project.md
View file

@ -48,13 +48,21 @@ You can also take some **optional** further steps:
- _Remove the fork relationship._ The fork relationship is necessary to contribute back to the project you originally forked from. If you don't have any intentions to do so, you can remove it. To do so, navigate to your project's **Settings**, expand **Advanced settings**, and scroll down to **Remove fork relationship**:
![remove fork relationship](../img/remove_fork_relationship.png)
![Remove fork relationship](../img/remove_fork_relationship.png)
- _Make it a user or group website._ To turn a **project website** forked
from the Pages group into a **user/group** website, you'll need to:
- Rename it to `namespace.gitlab.io`: go to your project's
**Settings > General** and expand **Advanced**. Scroll down to
**Rename repository** and change the path to `namespace.gitlab.io`.
**Change path** and change the path to `namespace.gitlab.io`.
For example, consider the group `https://gitlab.com/gitlab-tests`:
`gitlab-tests` is the group's namespace, the repository path should be set
to `gitlab-tests.gitlab.io` (yes, weird like that), and the
resulting URL for your Pages website will be `https://gitlab-tests.gitlab.io`.
![Change repo's path](../img/change_path_v12_10.png)
- Adjust your SSG's [base URL](../getting_started_part_one.md#urls-and-baseurls) from `"project-name"` to
`""`. This setting will be at a different place for each SSG, as each of them
have their own structure and file tree. Most likely, it will be in the SSG's

BIN
doc/user/project/pages/img/change_path_v12_10.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 103 KiB

5
lib/gitlab/git_access_snippet.rb
View file

@ -98,10 +98,7 @@ module Gitlab
def check_single_change_access(change)
Checks::SnippetCheck.new(change, logger: logger).validate!
if Feature.enabled?(:snippet_count_check)
Checks::PushFileCountCheck.new(change, repository: repository, limit: Snippet::MAX_FILE_COUNT, logger: logger).validate!
end
Checks::PushFileCountCheck.new(change, repository: repository, limit: Snippet::MAX_FILE_COUNT, logger: logger).validate!
rescue Checks::TimedLogger::TimeoutError
raise TimeoutError, logger.full_message
end

1
lib/gitlab/metrics/dashboard/service_selector.rb
View file

@ -13,6 +13,7 @@ module Gitlab
include Gitlab::Utils::StrongMemoize
SERVICES = [
::Metrics::Dashboard::GitlabAlertEmbedService,
::Metrics::Dashboard::CustomMetricEmbedService,
::Metrics::Dashboard::GrafanaMetricEmbedService,
::Metrics::Dashboard::DynamicEmbedService,

1
lib/gitlab/middleware/rails_queue_duration.rb
View file

@ -32,6 +32,7 @@ module Gitlab
def metric_rails_queue_duration_seconds
@metric_rails_queue_duration_seconds ||= Gitlab::Metrics.histogram(
:gitlab_rails_queue_duration_seconds,
'Measures latency between GitLab Workhorse forwarding a request to Rails',
Gitlab::Metrics::Transaction::BASE_LABELS
)
end

7
locale/gitlab.pot
View file

@ -459,6 +459,9 @@ msgstr[1] ""
msgid "%{strong_start}%{human_size}%{strong_end} Files"
msgstr ""
msgid "%{strong_start}%{human_size}%{strong_end} Storage"
msgstr ""
msgid "%{strong_start}%{release_count}%{strong_end} Release"
msgid_plural "%{strong_start}%{release_count}%{strong_end} Releases"
msgstr[0] ""
@ -11766,7 +11769,7 @@ msgstr ""
msgid "LicenseCompliance|Add a license"
msgstr ""
msgid "LicenseCompliance|Add licenses manually to approve or blacklist"
msgid "LicenseCompliance|Add license and related policy"
msgstr ""
msgid "LicenseCompliance|Allow"
@ -11784,7 +11787,7 @@ msgstr ""
msgid "LicenseCompliance|Deny"
msgstr ""
msgid "LicenseCompliance|Here you can approve or blacklist licenses for this project. Using %{ci} or %{license} will allow you to see if there are any unmanaged licenses and approve or blacklist them in merge request."
msgid "LicenseCompliance|Here you can allow or deny licenses for this project. Using %{ci} or %{license} will allow you to see if there are any unmanaged licenses and allow or deny them in merge request."
msgstr ""
msgid "LicenseCompliance|License"

3
scripts/review_apps/base-config.yaml
View file

@ -111,7 +111,6 @@ nginx-ingress:
controller:
config:
ssl-ciphers: ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4
replicaCount: 2
resources:
requests:
cpu: 100m
@ -119,7 +118,6 @@ nginx-ingress:
limits:
cpu: 200m
memory: 675M
minAvailable: 1
service:
enableHttp: false
livenessProbe:
@ -134,7 +132,6 @@ nginx-ingress:
limits:
cpu: 10m
memory: 24M
replicaCount: 1
postgresql:
metrics:
enabled: false

2
scripts/review_apps/review-apps.sh
View file

@ -279,7 +279,7 @@ function deploy() {
IMAGE_REPOSITORY="registry.gitlab.com/gitlab-org/build/cng-mirror"
gitlab_migrations_image_repository="${IMAGE_REPOSITORY}/gitlab-rails-${edition}"
gitlab_sidekiq_image_repository="${IMAGE_REPOSITORY}/gitlab-sidekiq-${edition}"
gitlab_unicorn_image_repository="${IMAGE_REPOSITORY}/gitlab-unicorn-${edition}"
gitlab_unicorn_image_repository="${IMAGE_REPOSITORY}/gitlab-webservice-${edition}"
gitlab_task_runner_image_repository="${IMAGE_REPOSITORY}/gitlab-task-runner-${edition}"
gitlab_gitaly_image_repository="${IMAGE_REPOSITORY}/gitaly"
gitlab_shell_image_repository="${IMAGE_REPOSITORY}/gitlab-shell"

6
spec/graphql/mutations/concerns/mutations/resolves_issuable_spec.rb
View file

@ -59,6 +59,12 @@ describe Mutations::ResolvesIssuable do
expect(result).to be_nil
end
it 'returns nil if parent path is empty' do
result = mutation.resolve_issuable(type: type, parent_path: "", iid: issuable.iid)
expect(result).to be_nil
end
end
end

6
spec/graphql/resolvers/merge_requests_resolver_spec.rb
View file

@ -52,6 +52,12 @@ describe Resolvers::MergeRequestsResolver do
expect(result).to be_empty
end
it 'resolves an unknown project to be empty' do
result = batch_sync { resolve_mr(nil, iid: iid_1) }
expect(result.compact).to be_empty
end
end
def resolve_mr(project, args)

10
spec/lib/gitlab/git_access_snippet_spec.rb
View file

@ -209,16 +209,6 @@ describe Gitlab::GitAccessSnippet do
expect { push_access_check }.to raise_forbidden('foo')
end
context 'when feature flag :snippet_count_check is disabled' do
it 'does not check push file count' do
stub_feature_flags(snippet_count_check: false)
expect(Gitlab::Checks::PushFileCountCheck).not_to receive(:new)
expect { push_access_check }.not_to raise_error
end
end
end
private

9
spec/lib/gitlab/middleware/rails_queue_duration_spec.rb
View file

@ -9,7 +9,7 @@ describe Gitlab::Middleware::RailsQueueDuration do
let(:transaction) { Gitlab::Metrics::WebTransaction.new(env) }
before do
expect(app).to receive(:call).with(env).and_return('yay')
allow(app).to receive(:call).with(env).and_return('yay')
end
describe '#call' do
@ -42,6 +42,13 @@ describe Gitlab::Middleware::RailsQueueDuration do
expect(middleware.call(env)).to eq('yay')
end
end
it 'creates a metric with a docstring' do
metric = middleware.send(:metric_rails_queue_duration_seconds)
expect(metric).to be_instance_of(Prometheus::Client::Histogram)
expect(metric.docstring).to eq('Measures latency between GitLab Workhorse forwarding a request to Rails')
end
end
end
end

20
spec/presenters/project_presenter_spec.rb
View file

@ -179,6 +179,16 @@ describe ProjectPresenter do
end
end
describe '#storage_anchor_data' do
it 'returns storage data' do
expect(presenter.storage_anchor_data).to have_attributes(
is_link: true,
label: a_string_including('0 Bytes'),
link: nil
)
end
end
describe '#releases_anchor_data' do
it 'does not return release count' do
expect(presenter.releases_anchor_data).to be_nil
@ -232,6 +242,16 @@ describe ProjectPresenter do
end
end
describe '#storage_anchor_data' do
it 'returns storage data' do
expect(presenter.storage_anchor_data).to have_attributes(
is_link: true,
label: a_string_including('0 Bytes'),
link: presenter.project_tree_path(project)
)
end
end
describe '#releases_anchor_data' do
it 'returns release count if user can read release' do
project.add_maintainer(user)

96
spec/services/metrics/dashboard/gitlab_alert_embed_service_spec.rb Normal file
View file

@ -0,0 +1,96 @@
# frozen_string_literal: true
require 'spec_helper'
describe Metrics::Dashboard::GitlabAlertEmbedService do
include MetricsDashboardHelpers
let_it_be(:alert) { create(:prometheus_alert) }
let_it_be(:project) { alert.project }
let_it_be(:user) { create(:user) }
let(:alert_id) { alert.id }
before do
project.add_maintainer(user)
project.clear_memoization(:licensed_feature_available)
end
describe '.valid_params?' do
let(:valid_params) do
{
embedded: true,
prometheus_alert_id: alert_id
}
end
subject { described_class.valid_params?(params) }
let(:params) { valid_params }
it { is_expected.to be_truthy }
context 'missing embedded' do
let(:params) { valid_params.except(:embedded) }
it { is_expected.to be_falsey }
end
context 'not embedded' do
let(:params) { valid_params.merge(embedded: 'false') }
it { is_expected.to be_falsey }
end
context 'missing alert id' do
let(:params) { valid_params.except(:prometheus_alert_id) }
it { is_expected.to be_falsey }
end
context 'missing alert id' do
let(:params) { valid_params.merge(prometheus_alert_id: 'none') }
it { is_expected.to be_falsey }
end
end
describe '#get_dashboard' do
let(:service_params) do
[
project,
user,
{
embedded: true,
prometheus_alert_id: alert_id
}
]
end
let(:service_call) { described_class.new(*service_params).get_dashboard }
context 'when alerting is available' do
it_behaves_like 'valid embedded dashboard service response'
it_behaves_like 'raises error for users with insufficient permissions'
it 'uses the metric info corresponding to the alert' do
result = service_call
metrics = result[:dashboard][:panel_groups][0][:panels][0][:metrics]
expect(metrics.length).to eq 1
expect(metrics.first[:metric_id]).to eq alert.prometheus_metric_id
end
context 'when the metric does not exist' do
let(:alert_id) { -4 }
it_behaves_like 'misconfigured dashboard service response', :not_found
end
it 'does not cache the unprocessed dashboard' do
expect(Gitlab::Metrics::Dashboard::Cache).not_to receive(:fetch)
described_class.new(*service_params).get_dashboard
end
end
end
end