From 720cf698151643831bf36e3bd4ccd1c8e9246184 Mon Sep 17 00:00:00 2001 From: GitLab Bot Date: Thu, 3 Nov 2022 12:11:20 +0000 Subject: [PATCH] Add latest changes from gitlab-org/gitlab@master --- .../concerns/verifies_with_email.rb | 5 +-- app/mailers/emails/identity_verification.rb | 16 +++++-- app/mailers/previews/notify_preview.rb | 2 +- doc/security/password_length_limits.md | 9 ++-- ...minimum_password_length_settings_v12_6.png | Bin 10385 -> 0 bytes .../settings/sign_up_restrictions.md | 2 +- doc/user/analytics/dora_metrics.md | 7 +++ lib/api/api.rb | 2 +- lib/api/entities/ci/pipeline_basic.rb | 17 +++++-- lib/api/entities/commit.rb | 2 +- lib/api/entities/commit_detail.rb | 6 +-- lib/api/entities/commit_stats.rb | 4 +- lib/api/submodules.rb | 31 ++++++++++--- lib/api/terraform/state.rb | 12 ++++- .../container_registry_omnibus_spec.rb | 4 +- .../emails/identity_verification_spec.rb | 42 ++++++++++++++++++ spec/requests/api/terraform/state_spec.rb | 31 +++++-------- 17 files changed, 138 insertions(+), 54 deletions(-) delete mode 100644 doc/user/admin_area/img/minimum_password_length_settings_v12_6.png create mode 100644 spec/mailers/emails/identity_verification_spec.rb diff --git a/app/controllers/concerns/verifies_with_email.rb b/app/controllers/concerns/verifies_with_email.rb index 782cae53c3f..49475c74590 100644 --- a/app/controllers/concerns/verifies_with_email.rb +++ b/app/controllers/concerns/verifies_with_email.rb @@ -84,10 +84,7 @@ module VerifiesWithEmail def send_verification_instructions_email(user, token) return unless user.can?(:receive_notifications) - Notify.verification_instructions_email( - user.id, - token: token, - expires_in: Users::EmailVerification::ValidateTokenService::TOKEN_VALID_FOR_MINUTES).deliver_later + Notify.verification_instructions_email(user.email, token: token).deliver_later log_verification(user, :instructions_sent) end diff --git a/app/mailers/emails/identity_verification.rb b/app/mailers/emails/identity_verification.rb index e3089fdef9b..f3fe609e7d1 100644 --- a/app/mailers/emails/identity_verification.rb +++ b/app/mailers/emails/identity_verification.rb @@ -2,14 +2,22 @@ module Emails module IdentityVerification - def verification_instructions_email(user_id, token:, expires_in:) + def verification_instructions_email(email, token:) @token = token - @expires_in_minutes = expires_in + @expires_in_minutes = Users::EmailVerification::ValidateTokenService::TOKEN_VALID_FOR_MINUTES @password_link = edit_profile_password_url @two_fa_link = help_page_url('user/profile/account/two_factor_authentication') - user = User.find(user_id) - email_with_layout(to: user.email, subject: s_('IdentityVerification|Verify your identity')) + headers = { + to: email, + subject: s_('IdentityVerification|Verify your identity'), + 'X-Mailgun-Suppressions-Bypass' => 'true' + } + + mail_with_locale(headers) do |format| + format.html { render layout: 'mailer' } + format.text + end end end end diff --git a/app/mailers/previews/notify_preview.rb b/app/mailers/previews/notify_preview.rb index 206518e582b..7d7e01950c8 100644 --- a/app/mailers/previews/notify_preview.rb +++ b/app/mailers/previews/notify_preview.rb @@ -210,7 +210,7 @@ class NotifyPreview < ActionMailer::Preview end def verification_instructions_email - Notify.verification_instructions_email(user.id, token: '123456', expires_in: 60).message + Notify.verification_instructions_email(user.email, token: '123456').message end def project_was_exported_email diff --git a/doc/security/password_length_limits.md b/doc/security/password_length_limits.md index 55d6e8642bd..698fb0efe55 100644 --- a/doc/security/password_length_limits.md +++ b/doc/security/password_length_limits.md @@ -12,9 +12,11 @@ By default, GitLab supports passwords with the following lengths: - Minimum: 8 characters - Maximum: 128 characters -You can only change the minimum password length. Changing the minimum length does not affect existing user passwords. Existing users are not asked to reset their password to adhere to the new limits. The new limit restriction applies only during new user sign-ups and when an existing user performs a password reset. +You can only change the minimum password length. Changing the minimum length does not affect existing user passwords. +Existing users are not asked to reset their password to adhere to the new limits. The new limit restriction applies only +during new user sign-ups and when an existing user performs a password reset. -## Modify minimum password length using GitLab UI +## Modify minimum password length > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/20661) in GitLab 12.6 @@ -24,9 +26,6 @@ To change the minimum password length using GitLab UI: 1. On the top bar, select **Main menu > Admin**. 1. On the left sidebar, select **Settings > General** and expand **Sign-up restrictions**. - - ![Minimum password length settings](../user/admin_area/img/minimum_password_length_settings_v12_6.png) - 1. Enter a **Minimum password length** value greater than or equal to `8`. 1. Select **Save changes**. diff --git a/doc/user/admin_area/img/minimum_password_length_settings_v12_6.png b/doc/user/admin_area/img/minimum_password_length_settings_v12_6.png deleted file mode 100644 index 27634a02a8a820b4ca85f39a18895117ca8c83ec..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 10385 zcmbVybx>T-v+pK^kS{?JB)EiNK?4N0;1Jy1WeL8xLm_00012L0(z|0KfnN08j8= zVElcvNY%3S_wfuUp)3IaRK~x&GspbPKXKELlLSCUDR%&Xr>km8S~8E1k5W=nS65dG z3JSu)!W3WX?(Xk6I5<{US2s5|H8nNW)YO)jm+R~6AyCM}!-Jcfn~si7T3XtVA3r81 zCx8F`-P7A+X=&Nf(UF*#I1isUFfh2iy}iG`|Ni}ZX=!P6bhNp-d0t+gjg3u0LPB+Q zb#QQSRaKRXi%UdA#QFI-0)g1s**U*Bx3{-XPEPjl@K|48-`m@3Y-&6>I50Lg9vdI? z^Yh!^-@mxH=0h;Zb+ot+&EsPXLV zEHg9n`uaLIFW2ASzo@7vBqZeK=4N1EpuN3)adB~VZMC4FV0LykDJkjb=xBF$cYAyL z^768&x#{%swxy*70)Z437DA!W*49=hCnp}S=B=%*lamuP8Vv*jkB^T_N=l}ur<P|64ljFp zda|>#VK7*Je*W&!m0i|I25iYWd#t;=dw%11Zhp?YV4|+BZf$KXw|Ql7;o$u0?&$oc zV|wT2?%pwbG@y8@c6d__-18}@{qp86FfedtW+tH;?wUIW${l-nc$ELvmD=*4_Wf>b zD+c^^mznMiG#r&CHLY*1L_v^&; zTBQz!SIn;NoS7sJ+&?_FA-#@ySTquMtd=6WRtv!Q3^m79M zv;YNZ2`%r1{TzE$A_bB@)iL)iHaGJPp=ZxuKQSkj`IhnI8LW@?WhC9H$O`Mn_D+*c_4u*L(+cY>&Tb=VOnioc6WXyT`&+3jOn{j#& z7`90(40wD^p0PUkmdt#m=o4eI7E*8XsX8OiPjMCX63@W=waft}8x2%YhEi}+rpj!Q zlt~dOM{j{!QWWR8bJM$-jUl)XNP!SPU9KCdyKS^p$MZGYFJ(5fFPGbt5Gv*eK3+;2 z=-!bT6&z^7__5v3oi~FVN=e};HG|Oa+9i=ze@TNypg-{QZ;Loj1&v_4DdBl#$o)1T z@-x7muXZXT)d^iAj+;TAiT8MPLCTG?oknssn>~TIL~~nqOsMy0UBPavHF8Qy zqM4=Xk7>NC0&*LgOHiL4g>SZ<3*On-L`)Z$DA`PH5YkFVr|cdLU{;YtPPXvJAf%1! z$Zm~#aQ6mui7$&&nZ2H~yerZWY(Awv1(EgeD|I@ZvqGjdv$bqDox6(##yI#-jEIY! ze||4T`2SVI{ZtpKlPR4N?r0N3cyJK4egljWuD6vhMd(m@koHvAgTLu-EfG!`lJ$&| zew=T1L)J$|Zj4Gq75o4jy@$`~nttfT%;~5LySDxMzZIqyA_J$pOL~1|K~!hU;eA z8Qevk{`H@ETT48X^jPIe&o2c6#+3eE=g)%lL0<;^w0OF55#&H1#Ykg|D(I(>AcwS{ zyQ686E@vFo1XECB=ZQ;+8pze6Ekl@tP&{9M%fV^5@=#t+P^{)X%pTJ+dyERuBMaRe zsb^WL9lVinyGh}Slg*aHh9Eje&rdOpSqP$0jkDfMB$t+~yhr(&B6 zx+R}LfnES2iuy-jqjNF`rU_Sa<#-Ak(+ciy#OO{b=1vnWW|ZO7aRpQ9*AhFRHlw!3 z3hOw~m`lA;>YmzIlQ{KDm45PsN=lUOc9FWyed(rHZo+`MUbT_m?}ciwoUn`%9@x@* z7pzamuY)R$xnW)gK98*&Rw60=$E>UzO$v_*vwpijBnQrtE*m$y`~10yN*gYr8+L(`sU{3n2jcjN1$$#JiVu-a7^>Rr9QU7g{-e+Q1wsMsmwt@` zw{@9q=2O#Q^Yn=`C!EWV)rEP6tDHeU$AS-k26XFJ_gRk3O(@l z9C!VdktGwty~69vxv3W7l8zob_z~x^p28ZQi>rh50j?{@ydoyJdmc`>?N9 z?$zh??Zn>Yzg@iBZMti)2|ko}(jR)4Tg)CfO-?<`FBkks>pLK2QY|uHRjN4d+-@$| zwUXB0bcB(wt)5;Ak$ozIo2Lbub-V5}{UNXef--EB*FX1HFN`t5Z%CzMsv(35*o~?S zaLLSd)p*N#6@G48`x~{MZ~hTY0NHsLeFAyJgPn2)ZuyAczdojt-<0RKJD6WAOsxj9gcB#$QWqM`1a(Dx>Q<*;9|BsZ4$plX0_zyALChw=Wmr zKk~HQTz^B?X}5t&BkW$HQEHbx&Nu31`az*kKvZ-;NHqO(VYx>hLdV0hFCuw~nQXt? zp6al%VG=Juhsofw zHT%Y#QA4`BLi4Cr7G`m3@v+;0If=wT;f3ALsEe&iRU?_bt}QlTYhCLcrC-!3?@K@g z1AV{@t637SfUIor95y|UfJtIq4Y*QvAeaC1t=QKYyFk_-|{_O=+c-KeQ|z!C!wGg zW+$jd-(R!!jjAPdxrGh)2z4G$$Fnw6j?n$d?PvXqGM}pkZ3}M#w`k-nr zXK`g~Kg#x?Cci@QgQ7zAO#*{IMxPB~-=k^e%}ai))3Qf;5cLDdWo0GQUNQ8N62=}6 zO!%aeqG;0jV-M+36OU$F3Mi3b22|iJ#;Cyo+UfQ5wl{Zf*X8NBlg^xhAJ8jE-@g7E zLr^-7-oZ?432e#;3+kSyXardW$SrT|&-L;^eXVyquKj?@xOSIATQi*LZbPB4DRW(n z^0E)0=N#l$#8C~Sy6(ACAKC0UjAsmN4H2EqYWd(7Icr_5v{~R&(49?~;04Y}nz9ap z`eZ-0Mv$laC5)>=hrra$sCgp+T=3kSgNJ`?=O0esyVqM-NI6&++KV3|K%ld#gBW!? zFG!E672>v=C}xt4r7mk}t7WeLKikaq7{=h1NgjrqzMS)3N=pDY_5ZU<5Ttx>(Mxi? zSTV)5OV(CILJx`I3{a`mF%mq=RVh6Wn3LU5+cZNTjxwTanrl9b?mm}|lV5La+|>KF zox3J2m3?6y@`qlp4fv3Erj2G&4zS|joKN(%dCZ4jmXzdU*qJxh6|i-(faJloRTA$Ay|y&b zMW%Jdv^stl)OlCjI296W+2h`lA_(FM5@IpbYnaCRy!9oc6nXmHMQeTV>!k9Q3BIK^?T~VZ)FTYGkyDE~A zH<7)S?(?KUNTf`_eC4Mna@WW7G;~bSekPD1`q6=o1k>uo=w+Vg??8WE5?&(GP-CVK z_ncXn;5{d^3pThmVhb*_p$VQUEy)_HV?dKmJTuj_K49znz@$pR|4RGlM}SP67sh*i zEs5z4er*KK^(0j;@RntC`evU$!92I1756^m zuUblEpua-U)jfWeAt96VmJUpx5uK`p7yFwFV)AB}qcl6&A)_0ng<#Zr)lw?MIhQ6M z`>VHxk%N4yrfJ7DrGYws%o?Y5oT$E(rA72kk8l1H!i15?Vx^I4 z)@6i%6=$|nRE=~Bu@T{)jWm=AyD~tDG_T-H7_e?Cglgm+3kWG~dWy+gHa$CiR-MsZ zZ?_?hFq`waQIbXH1*Lo)3KD)bezwyq)53c?Fu-gI20MbQqo0^2@#JNHUxBW7D49o# ziE`PUZ4mq$UCO%2sPJ(jj2X~x$5!NrYN%}vD|D9nI?x5JPl6tjv5h+T*Zjzzxh;z< zuT5E<-rV|$D%fd*dA3}&-%#!U)&^%0mg8p7G)Si#I%zP1iml7-F!ONhlBV?D>|e{O zh^5*7%7wSdTPboemEM9L%{WHuWq~cveK(OI6rdp&>HO z0jM{Z*CV3TsQv;wv`;|T&uD4urE`cJ%k9#T^UxIS96~fK9 zH+reK)bU(Uny>ArWSfC?^I=ZB*2VQj_k;`aisn`N2(ckym7u+1iPFb&or#?%>*=-0 zZtn0`Wv;nCO`4QO+=O$1YPRQmbf!5+P!dCrJGPkQDfXH^7vDII4><(vc@31*f+PDd z6jz{E@St^A{@*ZnmJs#~!wl%N z@Nvt!3U++lNL(6qlw(!ecB7Z6mZyf!yQNui7n+Uy~w@iwN|f&)PFTBcNbb1DDirkxbIUeA~+4+p^n=UFzaSZe-a6v|YaB2$8azE_RF8nasx%Xg&nk^&)3QbM2l@se=Y*m})Abg` z!QMs*4Lr?sen}bZwmw;?_eUlA3@VEWme!0Q*WBja)l`90&6Ov(&Z7Pz;CBm6Xq3Q= z>qqj6^+XNhHx-U*%fbFCHiWvYRe3fXB~^lTo4Xr?#anLZCc6Na3{A`M(#B?cUIzw< zBD;eFN#DOvX$If!8u``sV~24@FK;c&oHQymbk+5X1cJMX1M&FB3-b3WWK3yN3@jG^ z!tV02Yg^Dikw~Pt7ivte=J}f&&8Q$Pzvw^s%Z)Jw-#XEbJu_I1**~^&{CbfGBnS_5n(mt z-_c;+youeLT@S8AJCIh~e53NTbX?+Su>0sQM@(_4&QyZk%;BUEYH0a_ZN7I0b4M?W zu)}h^9ZyrjL(^zDPDeHA4M<1KZ{3dzjc=d+*b*M~ip855nhey`;B~!liMjnHcQZw0 z;se502puH9R0IBEbTk^~gGi$C@$O9al`+LYD^06v4o341zepGaIewW2Zs5HXHM=SP%V8wDh-|D2ykX!HFo zm|u4)DqzxIfORm`VCr_Wd_6Z{yC-|YR9#TElGmebZy}4dY9*S>GVX7F6^{#pfl)Ro zc^EHtW!9>|Oq`V}Ei<3YW{z!^d7XaXZu@V3^qd2=QeM(H&jz6Pig|{U0U!9(7ODn5 zr6w0GSk)7N^BNbjRrpQ^_Gd-LEvi6FWVG*x1lAY-sJCTR!7Dhazu~5t2w)WyJ}wTK z-lgs7Ujic@pduNI4TFmV^IjbmgI2|v%?s)WgCtv9>GddcB_fW#}PK(!fFsBLY#TyFUct2AQ!_W82UM2DC;W112I@w5YB|gL3q4qyOeVFX9Jmq^DY@UfZOAaOTVFknDd8dn@@u&8fSKbvCeA zFPPIs9o^$~W48C?J70`V{voEr*6(5n%lxI?22?s(4rpV2g;QM|t-!0P=sr)t3u#j_ z6v37&A0n!(vlRuB-t$K`rE>=rjFi9j)3RFfZR3`e-RWNtRG)!@$+tqjZV4(n*C*## zguM}tWz;QT_I*$D1@}^gYi~ADJ3}i6`5TZ2E^DLKbfoe%Y-UF2x~J<_h&CNh#9)U9 z5b?co$Lh@VcHRY%U*EeDl^2ce6b8+!iD*P1>-X_ zFdLgb5>409TWi*jb@aBip^pWxaF+-&K|sB;T<)oe&Fi7|r0296^JP%nvGD`PFiZ$X zodCwsO~KA~RXf5;y0FGY{f(<+%>3Z&$rG`D3KY*D5;-Pi3|S(*AA-TE-)u@tVCj8|I|BZuZJq++91vILPX=^r4Ail2fl^L}O0=6kAq zrg$+8k`T>fdx@ilgQY-1Emub>JAq zoP=SzYrG$G=ps>vUL`0@vai7f=>X^o%?gm#7r|KnLxwIPaWDkAyLqn8^FZx_$DQPqV%UAnYMVXb)%JUuqC0-q$liK)J8 zrVQwE6-QjYdx#Y>iDt=-y)X~yYF^&nu$rDM|EgG1QJ+^`Tp}nQn|@1aBg}iObvmdm z&S@Eu&3Ky?G%h8Ur#lo^WQe5}%3d7h)w8r+io^V~9Axj!SCS-^3wn}Yd<7SbBUqND zsePwzWu*Soa*2DwPfO!wOTMksn-c}m@%-^Jy?p71%&*KD$B!k?YD1Wc_>YHy(1oYI zw>@5%Nc7vxfpoo0Sypu(Nzo4n20qBf+VO+Ys4`Oul&ryrxD;g# z1YyjDnzA8Nlhj9^8Pf##AQ94>qDX`ROq)L z1bHT&xBgyNN?3)P@U=sJ7|_01UZ^*68IzM1%U!3Rf<&q)ML%a&_<5eOnNj@303YNj z&w>E|q?Z8Q!c_0b4tb!jBgLh(cv^-*#AHk0#)qku&Xh5~coJwXh|AwIHv0A0msK~z zJ$iGBK4qQj-s3o_V>|eS16`S40QzFrgzNE*B=?VRC%wl}Ec1G!4g5mTePdfA25knH z<{?56aSAU>pM*aDd~;aH!lHLv+K0+&K(yhFza&aKXE9t;8Gb46k1^zfZQKYxd zb$6C_TpIZtprF5DQD91QxQ%=+e{tJna>LY^gEVd3N}G7CRTPN6g|gZ?w(_CxC5BK@9JhK-?$seluj} zyf6n>+^JTh86~t0f;CDJfg^X3Kmn|06c9(nQarcN@1{8Iy^rYf4fjp~8ijsMdF|a> zI9}&i2{K_9&g^AlWGT2fC58M23w6r9f7@)r28~H^NjOw#8;?{J7@(;?Y9OC>4GVdp z1nb>=>4?<8W>no5W3ghap=FGjXPc?c;}MCC`J@dBACK3M(~J4k4GO!{{IvXe!W8Q! zqxV8Jsey~*d__@*BvnxGcF3qW$n56O(gR1y;nN3Yg9azUlVzSl3>6m7<7w# zk$^>%+gaT$Wm>bT{1~0%c35l4WI_?!t+jl4O4oOpn`L?H+LrAGarRe@loc~Fzxi#k zQ2ZEm?!`D2$Db-wH)*OI=k0b_L0_Paq+-fQWk3dp$Rs!NpzV%V{p~6*m<9d0WWSW^ z(Cecdn^|u#$~Itgu|$1FBcLNqR`9^jyJ=2AUe7MdDQE$STLs880mE&C z+0KD!R;zS?-2#)iZe6cS003qa2ORy1Pl9z*b^rLi{W`=t z+8!hffN~TFI6p~bW$w*=sz=#_x!R^o?JE%6v%C4m1r{K76g!|1pMEW zpguvl4rvJrmZo=F&7vW+_P5|}NdzAXVd^2eQ|>%_7Tc0mH(MC@q^9!zTmn-0K-XJm zdEoAfq{~l+HoYqtdM7^FO4(qI_sqJ z5I~U9fLr9SFZ5Rm{cFeh@1OpNzk;b^Ae!W6V9OET1$BE86CNNz06_mA6fA}K%Lmg0 zA&yWhfN1Ntt08g10RXntu%#Uguj;3Izo?xgysA5?D4r1b^vV8*v99pQ1XqtShZTxF z2Q4fO?sk!a(RUU%Lr5r%V_}imM9_6%(QbNXvG(brT~18-bMKrec0BZ-@4ZmAk&SHD zJ#gHyq)@h`)uw5;gPCD*8k0qvdR;76QF!J=22=}^#wZ6{aq?R{BdTPf zi);N!J&7sq{#bBWmp@BVLk$n#kWFGksJ-JLwJ2zay^g0>SJ2N&YfxX@r#SnkZ+@Be z== zy92-eqfS9NaXTe^0z`WAc&sEve{4yp0RS+i|J4gH@)49q=jefRll_y99c1BQjjHhU zkUYyq_$-El8(UgNtH>#zC471l=oHO1H8MD%eMh@_bXi}ql~pU$#L%prnQ@Xb%scCX zsJd=y6MQEmOHp48zcv^0NSI8aGHo8>A7ymPoWZGFL;mJ#Tx-=NwmO$p?;-z^kfJGC zmSL5P=3A3eB=j?G*Jzt&$OM*-s`1iv>|hlMCWRsLI~>yxNtF zNgG>WNyV8DnaqN3{w!urtpTEY7kdl#SV5W{S9LsSprcwbEbI@(#Ck$MK8j&cRL2pj zazvSrKkVL}s`Q&r)GjV4`bO06!XX75O{Se18Owk2v}$0z#HZG%HrknR&oi75W#`i5 zJgt-@a3$Af9w0pvSYT^~yV1I$V8V}ElHc~*kwhW=EsLeayq6;%NJh#bctOU%Xg4@f zK)j6hMrf_=eQB8tUYG)-Z~M*PmKoFp_+|Yj@KWZHIiFl*i8;|Prq!cyJG?rEx>mfP z2qo}>_9q{ec0-tsYjlrmCTd|MzXo1Qe#+TRJ7t3$Z0=Sc6;os!d$-6XxI4`R$~zve z@rqF|6ggfe>KYg@gTH8!WOwLh4fm8it{NTV_zj5&byvRNG?`VO;21Q4y^0ZX>-25A zj`Hcz(1j*8JlClZ@8}22_|(V+!YQ8TsPMhcX>c**)Kg^EVx@DUSHaPIe{BPzdRWBO=l64venfeo4udANc1&?e;o$-1#tlMscXEk>$e6@j1kNbl zcpGG9(YPm&62_UfvJs$sDb;4m*69RReESMbKzLKjtd-qW{w;C0Ag`0ihDzXK(eFVp>P= zy}o;=o_ak6_sPalm(S&DcI{YImT8rfee0VVK}__bl8$R=ml0dwoc`G~g+(NpXnZn? zl!m}V7(*6eW0mH0I;-r%kxT{@5z2{00D1jB*Roel6OcIB%i>uX^NwxNqrs|L{JiR# ziNn@}co_2O?pfE~5_RcdeJbGWp*G&Qi4)vExoL))>RFTy>3T$V^dfxLrJz3GoF>2mG=oVfk=8uHCby_u^>_1%jMSPI>Y#1(wFhtLU*aT zHtmn2M>*T|a-b=V&utb@;(0ErOoVmc>)4O+jLT?2xL0K+kaZvU;=q*j4OxZ{B==uu zuI!Hv)Ki+$I|2SfzD+%$=12tJ-1yK3MyJyKb zF1pWb7m*vEF79qeUKTaQ>g4?l#kew&vD|&Pj~V=p!O84Jn#2FIlG+~M83br5Y9Kj? S5y$#h(o&F7k%mZ`h5RoPEYFAl diff --git a/doc/user/admin_area/settings/sign_up_restrictions.md b/doc/user/admin_area/settings/sign_up_restrictions.md index 28fb188731b..f2139583cc2 100644 --- a/doc/user/admin_area/settings/sign_up_restrictions.md +++ b/doc/user/admin_area/settings/sign_up_restrictions.md @@ -115,7 +115,7 @@ create or update pipelines until their email address is confirmed. > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/20661) in GitLab 12.6 -You can [change](../../../security/password_length_limits.md#modify-minimum-password-length-using-gitlab-ui) +You can [change](../../../security/password_length_limits.md#modify-minimum-password-length) the minimum number of characters a user must have in their password using the GitLab UI. ### Password complexity requirements **(PREMIUM SELF)** diff --git a/doc/user/analytics/dora_metrics.md b/doc/user/analytics/dora_metrics.md index 605985cd779..07b6d06f73e 100644 --- a/doc/user/analytics/dora_metrics.md +++ b/doc/user/analytics/dora_metrics.md @@ -20,6 +20,13 @@ DORA includes four key metrics, divided into two core areas of DevOps: For software leaders, tracking velocity alongside quality metrics ensures they're not sacrificing quality for speed. +
+ For an overview, see GitLab Speed Run: DORA metrics in GitLab One DevOps Platform. +
+
+ +
+ ## DORA Metrics dashboard in Value Stream Analytics The four DORA metrics are available out-of-the-box in the [Value Stream Analytics (VSA) overview dashboard](../group/value_stream_analytics/index.md#view-dora-metrics-and-key-metrics-for-a-group). diff --git a/lib/api/api.rb b/lib/api/api.rb index c21437cf948..3400e15394d 100644 --- a/lib/api/api.rb +++ b/lib/api/api.rb @@ -193,6 +193,7 @@ module API mount ::API::SnippetRepositoryStorageMoves mount ::API::ProtectedBranches mount ::API::Statistics + mount ::API::Submodules mount ::API::Suggestions mount ::API::Tags mount ::API::UserCounts @@ -312,7 +313,6 @@ module API mount ::API::Settings mount ::API::SidekiqMetrics mount ::API::Snippets - mount ::API::Submodules mount ::API::Subscriptions mount ::API::SystemHooks mount ::API::Tags diff --git a/lib/api/entities/ci/pipeline_basic.rb b/lib/api/entities/ci/pipeline_basic.rb index a2a5a98920a..6d82cca1bf1 100644 --- a/lib/api/entities/ci/pipeline_basic.rb +++ b/lib/api/entities/ci/pipeline_basic.rb @@ -4,10 +4,21 @@ module API module Entities module Ci class PipelineBasic < Grape::Entity - expose :id, :iid, :project_id, :sha, :ref, :status, :source - expose :created_at, :updated_at + expose :id, documentation: { type: 'integer', example: 1 } + expose :iid, documentation: { type: 'integer', example: 2 } + expose :project_id, documentation: { type: 'integer', example: 3 } + expose :sha, documentation: { type: 'string', example: '0ec9e58fdfca6cdd6652c083c9edb53abc0bad52' } + expose :ref, documentation: { type: 'string', example: 'feature-branch' } + expose :status, documentation: { type: 'string', example: 'success' } + expose :source, documentation: { type: 'string', example: 'push' } + expose :created_at, documentation: { type: 'dateTime', example: '2022-10-21T16:49:48.000+02:00' } + expose :updated_at, documentation: { type: 'dateTime', example: '2022-10-21T16:49:48.000+02:00' } - expose :web_url do |pipeline, _options| + expose :web_url, + documentation: { + type: 'string', + example: 'https://gitlab.example.com/gitlab-org/gitlab-foss/-/pipelines/61' + } do |pipeline, _options| Gitlab::Routing.url_helpers.project_pipeline_url(pipeline.project, pipeline) end end diff --git a/lib/api/entities/commit.rb b/lib/api/entities/commit.rb index 5996c0966fb..a247ea2110e 100644 --- a/lib/api/entities/commit.rb +++ b/lib/api/entities/commit.rb @@ -16,7 +16,7 @@ module API expose :committer_name, documentation: { type: 'string', example: 'Jack Smith' } expose :committer_email, documentation: { type: 'string', example: 'jack@example.com' } expose :committed_date, documentation: { type: 'dateTime', example: '2012-05-28T04:42:42-07:00' } - expose :trailers, documentation: { type: 'object', example: '{}' } + expose :trailers, documentation: { type: 'object', example: '{ "Merged-By": "Jane Doe janedoe@gitlab.com" }' } expose :web_url, documentation: { diff --git a/lib/api/entities/commit_detail.rb b/lib/api/entities/commit_detail.rb index cc529639359..428c53f7fe3 100644 --- a/lib/api/entities/commit_detail.rb +++ b/lib/api/entities/commit_detail.rb @@ -6,10 +6,10 @@ module API include ::API::Helpers::Presentable expose :stats, using: Entities::CommitStats, if: :include_stats - expose :status_for, as: :status - expose :project_id + expose :status_for, as: :status, documentation: { type: 'string', example: 'success' } + expose :project_id, documentation: { type: 'integer', example: 1 } - expose :last_pipeline do |commit, options| + expose :last_pipeline, documentation: { type: ::API::Entities::Ci::PipelineBasic.to_s } do |commit, options| pipeline = commit.last_pipeline if can_read_pipeline? ::API::Entities::Ci::PipelineBasic.represent(pipeline, options) end diff --git a/lib/api/entities/commit_stats.rb b/lib/api/entities/commit_stats.rb index d9ba99c8eb0..e07483e5d97 100644 --- a/lib/api/entities/commit_stats.rb +++ b/lib/api/entities/commit_stats.rb @@ -3,7 +3,9 @@ module API module Entities class CommitStats < Grape::Entity - expose :additions, :deletions, :total + expose :additions, documentation: { type: 'integer', example: 1 } + expose :deletions, documentation: { type: 'integer', example: 0 } + expose :total, documentation: { type: 'integer', example: 1 } end end end diff --git a/lib/api/submodules.rb b/lib/api/submodules.rb index 2b51ab91c40..6638ac57f69 100644 --- a/lib/api/submodules.rb +++ b/lib/api/submodules.rb @@ -18,17 +18,34 @@ module API end params do - requires :id, type: String, desc: 'The project ID' + requires :id, + type: String, + desc: 'The ID or URL-encoded path of a project', + documentation: { example: 'gitlab-org/gitlab' } end - resource :projects, requirements: Files::FILE_ENDPOINT_REQUIREMENTS do + resource :projects, requirements: API::NAMESPACE_OR_PROJECT_REQUIREMENTS do desc 'Update existing submodule reference in repository' do - success Entities::Commit + success code: 200, model: Entities::CommitDetail + failure [ + { code: 404, message: '404 Project Not Found' }, + { code: 401, message: '401 Unauthorized' }, + { code: 400, message: 'The repository is empty' } + ] end params do - requires :submodule, type: String, desc: 'Url encoded full path to submodule.' - requires :commit_sha, type: String, desc: 'Commit sha to update the submodule to.' - requires :branch, type: String, desc: 'Name of the branch to commit into.' - optional :commit_message, type: String, desc: 'Commit message. If no message is provided a default one will be set.' + requires :submodule, + type: String, + desc: 'Url encoded full path to submodule.', + documentation: { example: 'gitlab-org/gitlab-shell' } + requires :commit_sha, + type: String, + desc: 'Commit sha to update the submodule to.', + documentation: { example: 'ed899a2f4b50b4370feeea94676502b42383c746' } + requires :branch, type: String, desc: 'Name of the branch to commit into.', documentation: { example: 'main' } + optional :commit_message, + type: String, + desc: 'Commit message. If no message is provided a default one will be set.', + documentation: { example: 'Commit message' } end put ":id/repository/submodules/:submodule", requirements: Files::FILE_ENDPOINT_REQUIREMENTS do authorize! :push_code, user_project diff --git a/lib/api/terraform/state.rb b/lib/api/terraform/state.rb index a19919b5e76..61583ece82e 100644 --- a/lib/api/terraform/state.rb +++ b/lib/api/terraform/state.rb @@ -27,8 +27,16 @@ module API increment_unique_values('p_terraform_state_api_unique_users', current_user.id) if Feature.enabled?(:route_hll_to_snowplow_phase2, user_project&.namespace) - Gitlab::Tracking.event('API::Terraform::State', 'p_terraform_state_api_unique_users', - namespace: user_project&.namespace, user: current_user) + Gitlab::Tracking.event( + 'API::Terraform::State', + 'terraform_state_api_request', + namespace: user_project&.namespace, + user: current_user, + project: user_project, + label: 'redis_hll_counters.terraform.p_terraform_state_api_unique_users_monthly', + context: [Gitlab::Tracking::ServicePingContext.new(data_source: :redis_hll, + event: 'p_terraform_state_api_unique_users').to_context] + ) end end diff --git a/qa/qa/specs/features/browser_ui/5_package/container_registry/container_registry_omnibus_spec.rb b/qa/qa/specs/features/browser_ui/5_package/container_registry/container_registry_omnibus_spec.rb index 5947b61c9c8..c57a5c27dd2 100644 --- a/qa/qa/specs/features/browser_ui/5_package/container_registry/container_registry_omnibus_spec.rb +++ b/qa/qa/specs/features/browser_ui/5_package/container_registry/container_registry_omnibus_spec.rb @@ -174,7 +174,7 @@ module QA Page::Project::Registry::Show.perform do |registry| expect(registry).to have_registry_repository(project.name) - registry.click_on_image(project.path_with_namespace) + registry.click_on_image(project.name) expect(registry).to have_tag('master') end end @@ -232,7 +232,7 @@ module QA Page::Project::Registry::Show.perform do |registry| expect(registry).to have_registry_repository(project.name) - registry.click_on_image(project.path_with_namespace) + registry.click_on_image(project.name) expect(registry).to have_tag('master') diff --git a/spec/mailers/emails/identity_verification_spec.rb b/spec/mailers/emails/identity_verification_spec.rb new file mode 100644 index 00000000000..57ae95cc1ee --- /dev/null +++ b/spec/mailers/emails/identity_verification_spec.rb @@ -0,0 +1,42 @@ +# frozen_string_literal: true + +require 'spec_helper' + +RSpec.describe Emails::IdentityVerification do + include EmailSpec::Matchers + include_context 'gitlab email notification' + + describe 'verification_instructions_email' do + let_it_be(:user) { build_stubbed(:user) } + let_it_be(:token) { '123456' } + + subject do + Notify.verification_instructions_email(user.email, token: token) + end + + it_behaves_like 'an email sent from GitLab' + + it 'is sent to the user' do + is_expected.to deliver_to user.email + end + + it 'has the correct subject' do + is_expected.to have_subject s_('IdentityVerification|Verify your identity') + end + + it 'has the mailgun suppression bypass header' do + is_expected.to have_header 'X-Mailgun-Suppressions-Bypass', 'true' + end + + it 'includes the token' do + is_expected.to have_body_text token + end + + it 'includes the expiration time' do + expires_in_minutes = Users::EmailVerification::ValidateTokenService::TOKEN_VALID_FOR_MINUTES + + is_expected.to have_body_text format(s_('IdentityVerification|Your verification code expires after '\ + '%{expires_in_minutes} minutes.'), expires_in_minutes: expires_in_minutes) + end + end +end diff --git a/spec/requests/api/terraform/state_spec.rb b/spec/requests/api/terraform/state_spec.rb index 959d28f52c9..38b08b4e214 100644 --- a/spec/requests/api/terraform/state_spec.rb +++ b/spec/requests/api/terraform/state_spec.rb @@ -46,26 +46,19 @@ RSpec.describe API::Terraform::State, :snowplow do let(:expected_value) { instance_of(Integer) } end - it 'tracks Snowplow event' do - request + it_behaves_like 'Snowplow event tracking with RedisHLL context' do + subject(:api_request) { request } - expect_snowplow_event( - category: described_class.to_s, - action: 'p_terraform_state_api_unique_users', - namespace: project.namespace.reload, - user: current_user - ) - end - - context 'when route_hll_to_snowplow_phase2 FF is disabled' do - before do - stub_feature_flags(route_hll_to_snowplow_phase2: false) - end - - it 'does not track Snowplow event' do - request - - expect_no_snowplow_event + let(:feature_flag_name) { :route_hll_to_snowplow_phase2 } + let(:category) { described_class.name } + let(:action) { 'terraform_state_api_request' } + let(:label) { 'redis_hll_counters.terraform.p_terraform_state_api_unique_users_monthly' } + let(:namespace) { project.namespace.reload } + let(:user) { current_user } + let(:context) do + payload = Gitlab::Tracking::ServicePingContext.new(data_source: :redis_hll, + event: 'p_terraform_state_api_unique_users').to_context + [Gitlab::Json.dump(payload)] end end end