Add latest changes from gitlab-org/gitlab@master
This commit is contained in:
parent
ff16b71bc7
commit
75330c963b
|
@ -8,8 +8,8 @@ module Ci
|
|||
|
||||
BATCH_SIZE = 100
|
||||
LOOP_TIMEOUT = 5.minutes
|
||||
SMALL_LOOP_LIMIT = 10
|
||||
LARGE_LOOP_LIMIT = 100
|
||||
SMALL_LOOP_LIMIT = 100
|
||||
LARGE_LOOP_LIMIT = 500
|
||||
EXCLUSIVE_LOCK_KEY = 'expired_job_artifacts:destroy:lock'
|
||||
LOCK_TIMEOUT = 6.minutes
|
||||
|
||||
|
|
|
@ -1,8 +0,0 @@
|
|||
---
|
||||
name: optimize_merge_request_parser
|
||||
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/62490/
|
||||
rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/331893
|
||||
milestone: '14.0'
|
||||
type: development
|
||||
group: group::source code
|
||||
default_enabled: false
|
|
@ -6,6 +6,9 @@ info: To determine the technical writer assigned to the Stage/Group associated w
|
|||
|
||||
# Connect to cloud services
|
||||
|
||||
> - `CI_JOB_JWT` variable for reading secrets from Vault [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/207125) in GitLab 12.10.
|
||||
> - `CI_JOB_JWT_V2` variable to support additional OIDC providers [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/346737) in GitLab 14.7.
|
||||
|
||||
GitLab CI/CD supports [OpenID Connect (OIDC)](https://openid.net/connect/faq/) that allows your build and deployment job access to cloud credentials and services. Historically, teams stored secrets in projects or applied permissions on the GitLab Runner instance to build and deploy. To support this, a predefined variable named `CI_JOB_JWT_V2` is included in the CI/CD job allowing you to follow a scalable and least-privilege security approach.
|
||||
|
||||
## Requirements
|
||||
|
@ -120,11 +123,11 @@ To configure the trust between GitLab and OIDC, you must create a conditional ro
|
|||
| Filter to main branch | `project_path:mygroup/myproject:ref_type:branch:ref:main` |
|
||||
| Filter to any branch | Wildcard supported. `project_path:mygroup/myproject:ref_type:branch:ref:*` |
|
||||
| Filter to specific project | `project_path:mygroup/myproject:ref_type:branch:ref:main` |
|
||||
| Filter to all projects under a group | Wildcard supported. `project_path:acme/*:ref_type:branch:ref:main` |
|
||||
| Filter to a Git tag | Wildcard supported. `project_path:acme/*:ref_type:tag:ref:1.0` |
|
||||
| Filter to all projects under a group | Wildcard supported. `project_path:mygroup/*:ref_type:branch:ref:main` |
|
||||
| Filter to a Git tag | Wildcard supported. `project_path:mygroup/*:ref_type:tag:ref:1.0` |
|
||||
|
||||
## OIDC authorization with your cloud provider
|
||||
|
||||
To connect with your cloud provider, see the following tutorials:
|
||||
|
||||
- Configure OpenID Connect in AWS
|
||||
- [Configure OpenID Connect in AWS](aws/index.md)
|
||||
|
|
|
@ -8,8 +8,6 @@ module Banzai
|
|||
self.reference_type = :merge_request
|
||||
|
||||
def nodes_visible_to_user(user, nodes)
|
||||
return super if Feature.disabled?(:optimize_merge_request_parser, user, default_enabled: :yaml)
|
||||
|
||||
merge_request_nodes = nodes.select { |node| node.has_attribute?(self.class.data_attribute) }
|
||||
records = projects_for_nodes(merge_request_nodes)
|
||||
|
||||
|
|
|
@ -9,6 +9,7 @@ module QA
|
|||
|
||||
PROJECT = "gitlab-qa-resources"
|
||||
BUCKET = "knapsack-reports"
|
||||
FALLBACK_REPORT = "knapsack/master_report.json"
|
||||
|
||||
def_delegators :new, :configure!, :move_regenerated_report, :download_report, :upload_report
|
||||
|
||||
|
@ -35,9 +36,9 @@ module QA
|
|||
file = client.get_object(BUCKET, report_file)
|
||||
File.write(report_path, file[:body])
|
||||
rescue StandardError => e
|
||||
ENV["KNAPSACK_REPORT_PATH"] = "knapsack/master_report.json"
|
||||
ENV["KNAPSACK_REPORT_PATH"] = FALLBACK_REPORT
|
||||
logger.warn("Failed to fetch latest knapsack report: #{e}")
|
||||
logger.warn("Falling back to 'knapsack/master_report.json'")
|
||||
logger.warn("Falling back to '#{FALLBACK_REPORT}'")
|
||||
end
|
||||
|
||||
# Rename and move new regenerated report to a separate folder used to indicate report name
|
||||
|
@ -46,11 +47,13 @@ module QA
|
|||
def move_regenerated_report
|
||||
return unless ENV["KNAPSACK_GENERATE_REPORT"] == "true"
|
||||
|
||||
path = "tmp/knapsack/#{report_name}"
|
||||
FileUtils.mkdir_p(path)
|
||||
tmp_path = "tmp/knapsack/#{report_name}"
|
||||
FileUtils.mkdir_p(tmp_path)
|
||||
|
||||
# Use path from knapsack config in case of fallback to master_report.json
|
||||
FileUtils.cp(Knapsack.report.report_path, "#{path}/#{ENV['CI_NODE_INDEX']}.json")
|
||||
knapsack_report_path = Knapsack.report.report_path
|
||||
logger.debug("Moving regenerated #{knapsack_report_path} to save as artifact")
|
||||
FileUtils.cp(knapsack_report_path, "#{tmp_path}/#{ENV['CI_NODE_INDEX']}.json")
|
||||
end
|
||||
|
||||
# Merge and upload knapsack report to gcs bucket
|
||||
|
@ -73,6 +76,8 @@ module QA
|
|||
report = jsons
|
||||
.map { |json| JSON.parse(File.read(json)) }
|
||||
.reduce({}, :merge)
|
||||
.sort_by { |k, v| v } # sort report by execution time
|
||||
.to_h
|
||||
next logger.warn("Knapsack generated empty report for '#{name}', skipping upload!") if report.empty?
|
||||
|
||||
logger.info("Uploading latest knapsack report '#{file}'")
|
||||
|
|
|
@ -65,12 +65,14 @@ RSpec.configure do |config|
|
|||
end
|
||||
|
||||
config.after(:suite) do |suite|
|
||||
QA::Tools::KnapsackReport.move_regenerated_report if QA::Runtime::Env.knapsack?
|
||||
|
||||
# If any tests failed, leave the resources behind to help troubleshoot
|
||||
QA::Resource::ReusableProject.remove_all_via_api! unless suite.reporter.failed_examples.present?
|
||||
end
|
||||
|
||||
config.append_after(:suite) do
|
||||
QA::Tools::KnapsackReport.move_regenerated_report if QA::Runtime::Env.knapsack?
|
||||
end
|
||||
|
||||
config.expect_with :rspec do |expectations|
|
||||
expectations.include_chain_clauses_in_custom_matcher_descriptions = true
|
||||
end
|
||||
|
|
|
@ -23,14 +23,6 @@ RSpec.describe Banzai::ReferenceParser::MergeRequestParser do
|
|||
end
|
||||
|
||||
it_behaves_like "referenced feature visibility", "merge_requests"
|
||||
|
||||
context 'when optimize_merge_request_parser feature flag is off' do
|
||||
before do
|
||||
stub_feature_flags(optimize_merge_request_parser: false)
|
||||
end
|
||||
|
||||
it_behaves_like "referenced feature visibility", "merge_requests"
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
|
|
Loading…
Reference in New Issue