Add latest changes from gitlab-org/gitlab@master

app/assets/javascripts/repository/components/last_commit.vue

@@ -79,7 +79,7 @@ export default {
       return this.$apollo.queries.commit.loading;
     },
     showCommitId() {
-      return this.commit.sha.substr(0, 8);
+      return this.commit?.sha?.substr(0, 8);
     },
   },
   watch: {

app/graphql/types/user_type.rb

@@ -14,7 +14,7 @@ module Types
           description: 'Human-readable name of the user'
     field :username, GraphQL::STRING_TYPE, null: false,
           description: 'Username of the user. Unique within this instance of GitLab'
-    field :avatar_url, GraphQL::STRING_TYPE, null: false,
+    field :avatar_url, GraphQL::STRING_TYPE, null: true,
           description: "URL of the user's avatar"
     field :web_url, GraphQL::STRING_TYPE, null: false,
           description: 'Web URL of the user'

changelogs/unreleased/25283-add-masked-param-group-vars-api.yml

@@ -0,0 +1,5 @@
+---
+title: "Allow to create masked variable from group variables API"
+merge_request: 25283
+author: Emmanuel CARRE
+type: added

changelogs/unreleased/ph-207723-userTypeGravatarDisabled.yml

@@ -0,0 +1,5 @@
+---
+title: Fixed last commit widget when Gravatar is disabled
+merge_request:
+author:
+type: fixed

doc/api/graphql/reference/gitlab_schema.graphql

@@ -8003,7 +8003,7 @@ type User {
   """
   URL of the user's avatar
   """
-  avatarUrl: String!
+  avatarUrl: String
 
   """
   Human-readable name of the user

doc/api/graphql/reference/gitlab_schema.json

@@ -6171,13 +6171,9 @@
 
               ],
               "type": {
-                "kind": "NON_NULL",
-                "name": null,
-                "ofType": {
-                  "kind": "SCALAR",
-                  "name": "String",
-                  "ofType": null
-                }
+                "kind": "SCALAR",
+                "name": "String",
+                "ofType": null
               },
               "isDeprecated": false,
               "deprecationReason": null

doc/api/graphql/reference/index.md

@@ -1287,7 +1287,7 @@ Autogenerated return type of UpdateSnippet
 
 | Name  | Type  | Description |
 | ---   |  ---- | ----------  |
-| `avatarUrl` | String! | URL of the user's avatar |
+| `avatarUrl` | String | URL of the user's avatar |
 | `name` | String! | Human-readable name of the user |
 | `userPermissions` | UserPermissions! | Permissions for the current user on the resource |
 | `username` | String! | Username of the user. Unique within this instance of GitLab |

doc/api/group_level_variables.md

@@ -23,12 +23,16 @@ curl --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/a
     {
         "key": "TEST_VARIABLE_1",
         "variable_type": "env_var",
-        "value": "TEST_1"
+        "value": "TEST_1",
+        "protected": false,
+        "masked": false
     },
     {
         "key": "TEST_VARIABLE_2",
         "variable_type": "env_var",
-        "value": "TEST_2"
+        "value": "TEST_2",
+        "protected": false,
+        "masked": false
     }
 ]
 ```
@@ -54,7 +58,9 @@ curl --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/a
 {
     "key": "TEST_VARIABLE_1",
     "variable_type": "env_var",
-    "value": "TEST_1"
+    "value": "TEST_1",
+    "protected": false,
+    "masked": false
 }
 ```
 
@@ -73,6 +79,7 @@ POST /groups/:id/variables
 | `value`         | string  | yes      | The `value` of a variable |
 | `variable_type` | string  | no       | The type of a variable. Available types are: `env_var` (default) and `file` |
 | `protected`     | boolean | no       | Whether the variable is protected |
+| `masked`        | boolean | no       | Whether the variable is masked |
 
 ```
 curl --request POST --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/groups/1/variables" --form "key=NEW_VARIABLE" --form "value=new value"
@@ -83,7 +90,8 @@ curl --request POST --header "PRIVATE-TOKEN: <your_access_token>" "https://gitla
     "key": "NEW_VARIABLE",
     "value": "new value",
     "variable_type": "env_var",
-    "protected": false
+    "protected": false,
+    "masked": false
 }
 ```
 
@@ -102,6 +110,7 @@ PUT /groups/:id/variables/:key
 | `value`         | string  | yes      | The `value` of a variable |
 | `variable_type` | string  | no       | The type of a variable. Available types are: `env_var` (default) and `file` |
 | `protected`     | boolean | no       | Whether the variable is protected |
+| `masked`        | boolean | no       | Whether the variable is masked |
 
 ```
 curl --request PUT --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/groups/1/variables/NEW_VARIABLE" --form "value=updated value"
@@ -112,7 +121,8 @@ curl --request PUT --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab
     "key": "NEW_VARIABLE",
     "value": "updated value",
     "variable_type": "env_var",
-    "protected": true
+    "protected": true,
+    "masked": true
 }
 ```
 

lib/api/group_variables.rb

@@ -47,6 +47,7 @@ module API
         requires :key, type: String, desc: 'The key of the variable'
         requires :value, type: String, desc: 'The value of the variable'
         optional :protected, type: String, desc: 'Whether the variable is protected'
+        optional :masked, type: String, desc: 'Whether the variable is masked'
         optional :variable_type, type: String, values: Ci::GroupVariable.variable_types.keys, desc: 'The type of variable, must be one of env_var or file. Defaults to env_var'
       end
       post ':id/variables' do
@@ -68,6 +69,7 @@ module API
         optional :key, type: String, desc: 'The key of the variable'
         optional :value, type: String, desc: 'The value of the variable'
         optional :protected, type: String, desc: 'Whether the variable is protected'
+        optional :masked, type: String, desc: 'Whether the variable is masked'
         optional :variable_type, type: String, values: Ci::GroupVariable.variable_types.keys, desc: 'The type of variable, must be one of env_var or file'
       end
       # rubocop: disable CodeReuse/ActiveRecord

qa/qa/specs/features/browser_ui/2_plan/issue/create_issue_spec.rb

@@ -17,7 +17,7 @@ module QA
         end
       end
 
-      context 'when using attachments in comments', :object_storage do
+      context 'when using attachments in comments', :object_storage, quarantine: { issue: 'https://gitlab.com/gitlab-org/gitlab/issues/205408', type: :flaky } do
         let(:gif_file_name) { 'banana_sample.gif' }
         let(:file_to_attach) do
           File.absolute_path(File.join('spec', 'fixtures', gif_file_name))

spec/features/projects/tree/tree_show_spec.rb

@@ -5,11 +5,14 @@ require 'spec_helper'
 describe 'Projects tree', :js do
   let(:user) { create(:user) }
   let(:project) { create(:project, :repository) }
+  let(:gravatar_enabled) { true }
 
   # This commit has a known state on the master branch of gitlab-test
   let(:test_sha) { '7975be0116940bf2ad4321f79d02a55c5f7779aa' }
 
   before do
+    stub_application_setting(gravatar_enabled: gravatar_enabled)
+
     project.add_maintainer(user)
     sign_in(user)
   end
@@ -34,6 +37,20 @@ describe 'Projects tree', :js do
     expect(page).not_to have_selector('.flash-alert')
   end
 
+  context 'gravatar disabled' do
+    let(:gravatar_enabled) { false }
+
+    it 'renders last commit' do
+      visit project_tree_path(project, test_sha)
+      wait_for_requests
+
+      page.within('.project-last-commit') do
+        expect(page).to have_selector('.user-avatar-link')
+        expect(page).to have_content('Merge branch')
+      end
+    end
+  end
+
   context 'for signed commit' do
     it 'displays a GPG badge' do
       visit project_tree_path(project, '33f3729a45c02fc67d00adb1b8bca394b0e761d9')

spec/requests/api/group_variables_spec.rb

@@ -90,13 +90,14 @@ describe API::GroupVariables do
 
       it 'creates variable' do
         expect do
-          post api("/groups/#{group.id}/variables", user), params: { key: 'TEST_VARIABLE_2', value: 'PROTECTED_VALUE_2', protected: true }
+          post api("/groups/#{group.id}/variables", user), params: { key: 'TEST_VARIABLE_2', value: 'PROTECTED_VALUE_2', protected: true, masked: true }
         end.to change {group.variables.count}.by(1)
 
         expect(response).to have_gitlab_http_status(201)
         expect(json_response['key']).to eq('TEST_VARIABLE_2')
         expect(json_response['value']).to eq('PROTECTED_VALUE_2')
         expect(json_response['protected']).to be_truthy
+        expect(json_response['masked']).to be_truthy
         expect(json_response['variable_type']).to eq('env_var')
       end
 
@@ -109,6 +110,7 @@ describe API::GroupVariables do
         expect(json_response['key']).to eq('TEST_VARIABLE_2')
         expect(json_response['value']).to eq('VALUE_2')
         expect(json_response['protected']).to be_falsey
+        expect(json_response['masked']).to be_falsey
         expect(json_response['variable_type']).to eq('file')
       end
 
@@ -150,7 +152,7 @@ describe API::GroupVariables do
         initial_variable = group.variables.reload.first
         value_before = initial_variable.value
 
-        put api("/groups/#{group.id}/variables/#{variable.key}", user), params: { variable_type: 'file', value: 'VALUE_1_UP', protected: true }
+        put api("/groups/#{group.id}/variables/#{variable.key}", user), params: { variable_type: 'file', value: 'VALUE_1_UP', protected: true, masked: true }
 
         updated_variable = group.variables.reload.first
 
@@ -159,6 +161,7 @@ describe API::GroupVariables do
         expect(updated_variable.value).to eq('VALUE_1_UP')
         expect(updated_variable).to be_protected
         expect(json_response['variable_type']).to eq('file')
+        expect(json_response['masked']).to be_truthy
       end
 
       it 'responds with 404 Not Found if requesting non-existing variable' do