kotovalexarian-likes-gitlab
/
gitlab-org--gitlab-foss
1
0
Fork 0
Code Releases Activity

Add latest changes from gitlab-org/gitlab@master

This commit is contained in:
GitLab Bot 2022-05-24 18:09:18 +00:00
parent 8e1bb8745b
commit 8015f09545
57 changed files with 361 additions and 681 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
GITALY_SERVER_VERSION
View File

@ -1 +1 @@
b2c8eaa672c9f2dc4b55477a3876f957e2c9a768
5aa9d4d29c49ebe427a4a895158e195725cda2da

5
app/assets/javascripts/profile/account/components/update_username.vue
View File

@ -60,7 +60,7 @@ Please update your Git repository remotes as soon as possible.`),
return {
text: __('Update username'),
attributes: [
{ variant: 'warning' },
{ variant: 'confirm' },
{ category: 'primary' },
{ disabled: this.isRequestPending },
],
@ -127,8 +127,7 @@ Please update your Git repository remotes as soon as possible.`),
v-gl-modal-directive="$options.modalId"
:disabled="newUsername === username"
:loading="isRequestPending"
category="primary"
variant="warning"
variant="confirm"
data-testid="username-change-confirmation-modal"
>{{ $options.buttonText }}</gl-button
>

1
app/assets/stylesheets/framework/forms.scss
View File

@ -110,6 +110,7 @@ label {
}
&:focus {
border-color: $gray-400;
@include gl-focus;
}
}

2
app/assets/stylesheets/framework/timeline.scss
View File

@ -49,7 +49,7 @@
}
img.avatar {
margin-right: $gl-padding;
margin-right: $gl-padding-12;
@include media-breakpoint-down(sm) {
width: $gl-spacing-scale-6;

25
app/assets/stylesheets/page_bundles/issues_show.scss
View File

@ -22,9 +22,10 @@
inset-inline-start: 1rem;
}
/* The inside bullet aligns itself to the bottom, which we see when text to its right wraps.
* We fix this by aligning it to the top. Targeting ::marker doesn't seem to work. */
> * {
/* The inside bullet aligns itself to the bottom, which we see when text to the right of
* a multi-line list item wraps. We fix this by aligning it to the top, and excluding
* other elements adversely affected by this. Targeting ::marker doesn't seem to work. */
> *:not(code):not(input):not(.gl-label) {
vertical-align: top;
}
@ -38,7 +39,23 @@
/* We fix the other paragraphs not indenting to the
* right of the bullet due to the inside bullet. */
> :not(p:first-of-type):not(.drag-icon):not(.task-list-item-checkbox):not(.gfm-issue):not(.js-add-task) {
p ~ a,
p ~ blockquote,
p ~ code,
p ~ details,
p ~ dl,
p ~ h1,
p ~ h2,
p ~ h3,
p ~ h4,
p ~ h5,
p ~ h6,
p ~ hr,
p ~ ol,
p ~ p,
p ~ table:not(.code), /* We need :not(.code) to override typography.scss */
p ~ ul,
p ~ .markdown-code-block {
margin-inline-start: 1rem;
}
}

8
app/assets/stylesheets/pages/note_form.scss
View File

@ -77,6 +77,10 @@
}
}
.md-area:focus-within {
@include gl-focus;
}
.md-header .nav-links {
display: flex;
flex-flow: row wrap;
@ -427,7 +431,11 @@ table {
}
.comment-warning-wrapper {
transition: border-color ease-in-out 0.15s,
box-shadow ease-in-out 0.15s;
.md-area {
border: 0;
box-shadow: none;
}
}

4
app/assets/stylesheets/pages/notes.scss
View File

@ -199,6 +199,7 @@ $system-note-svg-size: 16px;
}
.note-body {
padding: $gl-padding-4;
overflow-x: auto;
overflow-y: hidden;
@ -615,6 +616,7 @@ $system-note-svg-size: 16px;
.note-header-info {
min-width: 0;
padding-left: $gl-padding-4;
&.discussion {
padding-bottom: 0;
@ -623,7 +625,7 @@ $system-note-svg-size: 16px;
.note-header-info,
.note-actions {
padding-bottom: $gl-padding-8;
padding-bottom: $gl-padding-4;
}
.system-note .note-header-info {

8
config/feature_flags/development/force_no_sharing_primary_model.yml
View File

@ -1,8 +0,0 @@
---
name: force_no_sharing_primary_model
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/76188
rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/347286
milestone: '14.8'
type: development
group: group::sharding
default_enabled: false

1
config/mail_room.yml
View File

@ -46,6 +46,7 @@
:delivery_method: postback
:delivery_options:
:delivery_url: <%= config[:gitlab_url] %>/api/v4/internal/mail_room/<%= key %>
:content_type: text/plain
:jwt_auth_header: <%= Gitlab::MailRoom::INTERNAL_API_REQUEST_HEADER %>
:jwt_issuer: <%= Gitlab::MailRoom::INTERNAL_API_REQUEST_JWT_ISSUER %>
:jwt_algorithm: "HS256"

2
data/deprecations/14-9-background-upload.yml
View File

@ -6,7 +6,7 @@
breaking_change: true
reporter: fzimmer
body: | # Do not modify this line, instead modify the lines below.
To reduce the overall complexity and maintenance burden of GitLab's [object storage feature](https://docs.gitlab.com/ee/administration/object_storage.html), support for using `background_upload` to upload files is deprecated and will be fully removed in GitLab 15.0.
To reduce the overall complexity and maintenance burden of GitLab's [object storage feature](https://docs.gitlab.com/ee/administration/object_storage.html), support for using `background_upload` to upload files is deprecated and will be fully removed in GitLab 15.0. Review the [15.0 specific changes](https://docs.gitlab.com/omnibus/update/gitlab_15_changes.html) for the [removed background uploads settings for object storage](https://docs.gitlab.com/omnibus/update/gitlab_15_changes.html#removed-background-uploads-settings-for-object-storage).
This impacts a small subset of object storage providers:

17
db/post_migrate/20220510192117_index_expirable_unknown_artifacts_for_removal.rb Normal file
View File

@ -0,0 +1,17 @@
# frozen_string_literal: true
class IndexExpirableUnknownArtifactsForRemoval < Gitlab::Database::Migration[2.0]
disable_ddl_transaction!
TABLE_NAME = 'ci_job_artifacts'
INDEX_NAME = 'tmp_index_ci_job_artifacts_on_expire_at_where_locked_unknown'
CONDITIONS = 'locked = 2 AND expire_at IS NOT NULL'
def up
prepare_async_index TABLE_NAME, [:expire_at, :job_id], name: INDEX_NAME, where: CONDITIONS
end
def down
unprepare_async_index_by_name TABLE_NAME, INDEX_NAME
end
end

20
db/post_migrate/20220523171107_drop_deploy_tokens_token_column.rb Normal file
View File

@ -0,0 +1,20 @@
# frozen_string_literal: true
class DropDeployTokensTokenColumn < Gitlab::Database::Migration[2.0]
disable_ddl_transaction!
COMPOSITE_INDEX_NAME = 'index_deploy_tokens_on_token_and_expires_at_and_id'
def up
remove_column :deploy_tokens, :token
end
def down
unless column_exists?(:deploy_tokens, :token)
add_column :deploy_tokens, :token, :string
end
add_concurrent_index(:deploy_tokens, :token, unique: true)
add_concurrent_index(:deploy_tokens, %i[token expires_at id], where: 'revoked IS FALSE', name: COMPOSITE_INDEX_NAME)
end
end

1
db/schema_migrations/20220510192117 Normal file
View File

@ -0,0 +1 @@
bb3c52967d818984d1f5350c8fefa6e83e38f2c105e89ebd7ceb39f59587f2b2

1
db/schema_migrations/20220523171107 Normal file
View File

@ -0,0 +1 @@
5b21dda35554a77388dae289e24df405852ae60bb5947edd061bc3dc595b000d

5
db/structure.sql
View File

@ -14350,7 +14350,6 @@ CREATE TABLE deploy_tokens (
expires_at timestamp with time zone NOT NULL,
created_at timestamp with time zone NOT NULL,
name character varying NOT NULL,
token character varying,
username character varying,
token_encrypted character varying(255),
deploy_token_type smallint DEFAULT 2 NOT NULL,
@ -27634,10 +27633,6 @@ CREATE INDEX index_deploy_keys_projects_on_project_id ON deploy_keys_projects US
CREATE INDEX index_deploy_tokens_on_creator_id ON deploy_tokens USING btree (creator_id);
CREATE UNIQUE INDEX index_deploy_tokens_on_token ON deploy_tokens USING btree (token);
CREATE INDEX index_deploy_tokens_on_token_and_expires_at_and_id ON deploy_tokens USING btree (token, expires_at, id) WHERE (revoked IS FALSE);
CREATE UNIQUE INDEX index_deploy_tokens_on_token_encrypted ON deploy_tokens USING btree (token_encrypted);
CREATE INDEX index_deployment_approvals_on_approval_rule_id ON deployment_approvals USING btree (approval_rule_id);

89
doc/administration/pages/index.md
View File

@ -257,7 +257,6 @@ control over how the Pages daemon runs and serves content in your environment.
| `auth_scope` | The OAuth application scope to use for authentication. Must match GitLab Pages OAuth application settings. Leave blank to use `api` scope by default. |
| `gitlab_server` | Server to use for authentication when access control is enabled; defaults to GitLab `external_url`. |
| `headers` | Specify any additional http headers that should be sent to the client with each response. Multiple headers can be given as an array, header and value as one string, for example `['my-header: myvalue', 'my-other-header: my-other-value']` |
| `inplace_chroot` | [REMOVED in GitLab 14.3.](https://gitlab.com/gitlab-org/gitlab-pages/-/issues/561) On [systems that don't support bind-mounts](index.md#gitlab-pages-fails-to-start-in-docker-container), this instructs GitLab Pages to `chroot` into its `pages_path` directory. Some caveats exist when using in-place `chroot`; refer to the GitLab Pages [README](https://gitlab.com/gitlab-org/gitlab-pages/blob/master/README.md#caveats) for more information. |
| `enable_disk` | Allows the GitLab Pages daemon to serve content from disk. Shall be disabled if shared disk storage isn't available. |
| `insecure_ciphers` | Use default list of cipher suites, may contain insecure ones like 3DES and RC4. |
| `internal_gitlab_server` | Internal GitLab server address used exclusively for API requests. Useful if you want to send that traffic over an internal load balancer. Defaults to GitLab `external_url`. |
@ -1208,72 +1207,6 @@ sudo gitlab-ctl tail gitlab-pages
You can also find the log file in `/var/log/gitlab/gitlab-pages/current`.
### `open /etc/ssl/ca-bundle.pem: permission denied`
WARNING:
This issue is fixed in GitLab 14.3 and above, try upgrading GitLab first.
GitLab Pages runs inside a `chroot` jail, usually in a uniquely numbered directory like
`/tmp/gitlab-pages-*`.
In the jail, a bundle of trusted certificates is
provided at `/etc/ssl/ca-bundle.pem`. It's
[copied there](https://gitlab.com/gitlab-org/gitlab-pages/-/merge_requests/51)
from `/opt/gitlab/embedded/ssl/certs/cacert.pem`
as part of starting up Pages.
If the permissions on the source file are incorrect (they should be `0644`), then
the file inside the `chroot` jail is also wrong.
Pages logs errors in `/var/log/gitlab/gitlab-pages/current` like:
```plaintext
x509: failed to load system roots and no roots provided
open /etc/ssl/ca-bundle.pem: permission denied
```
The use of a `chroot` jail makes this error misleading, as it is not
referring to `/etc/ssl` on the root file system.
The fix is to correct the source file permissions and restart Pages:
```shell
sudo chmod 644 /opt/gitlab/embedded/ssl/certs/cacert.pem
sudo gitlab-ctl restart gitlab-pages
```
### `dial tcp: lookup gitlab.example.com` and `x509: certificate signed by unknown authority`
WARNING:
This issue is fixed in GitLab 14.3 and above, try upgrading GitLab first.
When setting both `inplace_chroot` and `access_control` to `true`, you might encounter errors like:
```plaintext
dial tcp: lookup gitlab.example.com on [::1]:53: dial udp [::1]:53: connect: cannot assign requested address
```
Or:
```plaintext
open /opt/gitlab/embedded/ssl/certs/cacert.pem: no such file or directory
x509: certificate signed by unknown authority
```
The reason for those errors is that the files `resolv.conf`, `/etc/hosts/`, `/etc/nsswitch.conf` and `ca-bundle.pem` are missing inside the `chroot`.
The fix is to copy these files inside the `chroot`:
```shell
sudo mkdir -p /var/opt/gitlab/gitlab-rails/shared/pages/etc/ssl
sudo mkdir -p /var/opt/gitlab/gitlab-rails/shared/pages/opt/gitlab/embedded/ssl/certs/
sudo cp /etc/resolv.conf /var/opt/gitlab/gitlab-rails/shared/pages/etc/
sudo cp /etc/hosts /var/opt/gitlab/gitlab-rails/shared/pages/etc/
sudo cp /etc/nsswitch.conf /var/opt/gitlab/gitlab-rails/shared/pages/etc/
sudo cp /opt/gitlab/embedded/ssl/certs/cacert.pem /var/opt/gitlab/gitlab-rails/shared/pages/opt/gitlab/embedded/ssl/certs/
sudo cp /opt/gitlab/embedded/ssl/certs/cacert.pem /var/opt/gitlab/gitlab-rails/shared/pages/etc/ssl/ca-bundle.pem
```
### `unsupported protocol scheme \"\""`
If you see the following error:
@ -1552,28 +1485,6 @@ To do that:
1. [Reconfigure GitLab](../restart_gitlab.md#omnibus-gitlab-reconfigure).
### GitLab Pages fails to start in Docker container
WARNING:
This issue is fixed in GitLab 14.3 and above, try upgrading GitLab first.
The GitLab Pages daemon doesn't have permissions to bind mounts when it runs
in a Docker container. To overcome this issue, you must change the `chroot`
behavior:
1. Edit `/etc/gitlab/gitlab.rb`.
1. Set the `inplace_chroot` to `true` for GitLab Pages:
```ruby
gitlab_pages['inplace_chroot'] = true
```
1. [Reconfigure GitLab](../restart_gitlab.md#omnibus-gitlab-reconfigure).
NOTE:
`inplace_chroot` option might not work with the other features, such as [Pages Access Control](#access-control).
The [GitLab Pages README](https://gitlab.com/gitlab-org/gitlab-pages#caveats) has more information about caveats and workarounds.
### GitLab Pages deploy job fails with error "is not a recognized provider"
If the **pages** job succeeds but the **deploy** job gives the error "is not a recognized provider":

12
doc/administration/reference_architectures/10k_users.md
View File

@ -1620,18 +1620,12 @@ and on all Praefect clients that communicate with it following the procedure des
Note the following:
- The certificate must specify the address you use to access the Praefect server. If
addressing the Praefect server by:
- Hostname, you can either use the Common Name field for this, or add it as a Subject
Alternative Name.
- IP address, you must add it as a Subject Alternative Name to the certificate.
- The certificate must specify the address you use to access the Praefect server. You must add the hostname or IP
address as a Subject Alternative Name to the certificate.
- You can configure Praefect servers with both an unencrypted listening address
`listen_addr` and an encrypted listening address `tls_listen_addr` at the same time.
This allows you to do a gradual transition from unencrypted to encrypted traffic, if
necessary.
necessary. To disable the unencrypted listener, set `praefect['listen_addr'] = nil`.
- The Internal Load Balancer will also access to the certificates and need to be configured
to allow for TLS pass-through.
Refer to the load balancers documentation on how to configure this.

12
doc/administration/reference_architectures/25k_users.md
View File

@ -1624,18 +1624,12 @@ and on all Praefect clients that communicate with it following the procedure des
Note the following:
- The certificate must specify the address you use to access the Praefect server. If
addressing the Praefect server by:
- Hostname, you can either use the Common Name field for this, or add it as a Subject
Alternative Name.
- IP address, you must add it as a Subject Alternative Name to the certificate.
- The certificate must specify the address you use to access the Praefect server. You must add the hostname or IP
address as a Subject Alternative Name to the certificate.
- You can configure Praefect servers with both an unencrypted listening address
`listen_addr` and an encrypted listening address `tls_listen_addr` at the same time.
This allows you to do a gradual transition from unencrypted to encrypted traffic, if
necessary.
necessary. To disable the unencrypted listener, set `praefect['listen_addr'] = nil`.
- The Internal Load Balancer will also access to the certificates and need to be configured
to allow for TLS passthrough.
Refer to the load balancers documentation on how to configure this.

4
doc/administration/reference_architectures/2k_users.md
View File

@ -527,11 +527,9 @@ that communicate with it following the procedure described in
NOTE:
The self-signed certificate must specify the address you use to access the
Gitaly server. If you are addressing the Gitaly server by a hostname, you can
either use the Common Name field for this, or add it as a Subject Alternative
Gitaly server. If you are addressing the Gitaly server by a hostname, add it as a Subject Alternative
Name. If you are addressing the Gitaly server by its IP address, you must add it
as a Subject Alternative Name to the certificate.
[gRPC does not support using an IP address as Common Name in a certificate](https://github.com/grpc/grpc/issues/2691).
It's possible to configure Gitaly servers with both an unencrypted listening
address (`listen_addr`) and an encrypted listening address (`tls_listen_addr`)

12
doc/administration/reference_architectures/3k_users.md
View File

@ -1564,18 +1564,12 @@ and on all Praefect clients that communicate with it following the procedure des
Note the following:
- The certificate must specify the address you use to access the Praefect server. If
addressing the Praefect server by:
- Hostname, you can either use the Common Name field for this, or add it as a Subject
Alternative Name.
- IP address, you must add it as a Subject Alternative Name to the certificate.
- The certificate must specify the address you use to access the Praefect server. You must add the hostname or IP
address as a Subject Alternative Name to the certificate.
- You can configure Praefect servers with both an unencrypted listening address
`listen_addr` and an encrypted listening address `tls_listen_addr` at the same time.
This allows you to do a gradual transition from unencrypted to encrypted traffic, if
necessary.
necessary. To disable the unencrypted listener, set `praefect['listen_addr'] = nil`.
- The Internal Load Balancer will also access to the certificates and need to be configured
to allow for TLS passthrough.
Refer to the load balancers documentation on how to configure this.

12
doc/administration/reference_architectures/50k_users.md
View File

@ -1633,18 +1633,12 @@ and on all Praefect clients that communicate with it following the procedure des
Note the following:
- The certificate must specify the address you use to access the Praefect server. If
addressing the Praefect server by:
- Hostname, you can either use the Common Name field for this, or add it as a Subject
Alternative Name.
- IP address, you must add it as a Subject Alternative Name to the certificate.
- The certificate must specify the address you use to access the Praefect server. You must add the hostname or IP
address as a Subject Alternative Name to the certificate.
- You can configure Praefect servers with both an unencrypted listening address
`listen_addr` and an encrypted listening address `tls_listen_addr` at the same time.
This allows you to do a gradual transition from unencrypted to encrypted traffic, if
necessary.
necessary. To disable the unencrypted listener, set `praefect['listen_addr'] = nil`.
- The Internal Load Balancer will also access to the certificates and need to be configured
to allow for TLS passthrough.
Refer to the load balancers documentation on how to configure this.

12
doc/administration/reference_architectures/5k_users.md
View File

@ -1562,18 +1562,12 @@ and on all Praefect clients that communicate with it following the procedure des
Note the following:
- The certificate must specify the address you use to access the Praefect server. If
addressing the Praefect server by:
- Hostname, you can either use the Common Name field for this, or add it as a Subject
Alternative Name.
- IP address, you must add it as a Subject Alternative Name to the certificate.
- The certificate must specify the address you use to access the Praefect server. You must add the hostname or IP
address as a Subject Alternative Name to the certificate.
- You can configure Praefect servers with both an unencrypted listening address
`listen_addr` and an encrypted listening address `tls_listen_addr` at the same time.
This allows you to do a gradual transition from unencrypted to encrypted traffic, if
necessary.
necessary. To disable the unencrypted listener, set `praefect['listen_addr'] = nil`.
- The Internal Load Balancer will also access to the certificates and need to be configured
to allow for TLS passthrough.
Refer to the load balancers documentation on how to configure this.

2
doc/update/deprecations.md
View File

@ -239,7 +239,7 @@ as a [breaking change](https://docs.gitlab.com/ee/development/contributing/#brea
Before updating GitLab, review the details carefully to determine if you need to make any
changes to your code, settings, or workflow.
To reduce the overall complexity and maintenance burden of GitLab's [object storage feature](https://docs.gitlab.com/ee/administration/object_storage.html), support for using `background_upload` to upload files is deprecated and will be fully removed in GitLab 15.0.
To reduce the overall complexity and maintenance burden of GitLab's [object storage feature](https://docs.gitlab.com/ee/administration/object_storage.html), support for using `background_upload` to upload files is deprecated and will be fully removed in GitLab 15.0. Review the [15.0 specific changes](https://docs.gitlab.com/omnibus/update/gitlab_15_changes.html) for the [removed background uploads settings for object storage](https://docs.gitlab.com/omnibus/update/gitlab_15_changes.html#removed-background-uploads-settings-for-object-storage).
This impacts a small subset of object storage providers:

4
lib/api/internal/mail_room.rb
View File

@ -12,6 +12,10 @@ module API
class MailRoom < ::API::Base
feature_category :service_desk
format :json
content_type :txt, 'text/plain'
default_format :txt
before do
authenticate_gitlab_mailroom_request!
end

5
lib/gitlab/database.rb
View File

@ -223,8 +223,11 @@ module Gitlab
def self.db_config_for_connection(connection)
return unless connection
# For a ConnectionProxy we want to avoid ambiguous db_config as it may
# sometimes default to replica so we always return the primary config
# instead.
if connection.is_a?(::Gitlab::Database::LoadBalancing::ConnectionProxy)
return connection.load_balancer.configuration.primary_db_config
return connection.load_balancer.configuration.db_config
end
# During application init we might receive `NullPool`

59
lib/gitlab/database/load_balancing/configuration.rb
View File

@ -41,8 +41,6 @@ module Gitlab
end
end
config.reuse_primary_connection!
config
end
@ -61,44 +59,17 @@ module Gitlab
disconnect_timeout: 120,
use_tcp: false
}
# Temporary model for GITLAB_LOAD_BALANCING_REUSE_PRIMARY_
# To be removed with FF
@primary_model = nil
end
def db_config_name
@model.connection_db_config.name.to_sym
end
# With connection re-use the primary connection can be overwritten
# to be used from different model
def primary_connection_specification_name
primary_model_or_model_if_enabled.connection_specification_name
def connection_specification_name
@model.connection_specification_name
end
def primary_model_or_model_if_enabled
if use_dedicated_connection?
@model
else
@primary_model || @model
end
end
def use_dedicated_connection?
return true unless @primary_model # We can only use dedicated connection, if re-use of connections is disabled
return false unless ::Gitlab::SafeRequestStore.active?
::Gitlab::SafeRequestStore.fetch(:force_no_sharing_primary_model) do
::Feature::FlipperFeature.table_exists? && ::Feature.enabled?(:force_no_sharing_primary_model)
end
end
def primary_db_config
primary_model_or_model_if_enabled.connection_db_config
end
def replica_db_config
def db_config
@model.connection_db_config
end
@ -131,30 +102,6 @@ module Gitlab
service_discovery[:record].present?
end
# TODO: This is temporary code to allow re-use of primary connection
# if the two connections are pointing to the same host. This is needed
# to properly support transaction visibility.
#
# This behavior is required to support [Phase 3](https://gitlab.com/groups/gitlab-org/-/epics/6160#progress).
# This method is meant to be removed as soon as it is finished.
#
# The remapping is done as-is:
# export GITLAB_LOAD_BALANCING_REUSE_PRIMARY_<name-of-connection>=<new-name-of-connection>
#
# Ex.:
# export GITLAB_LOAD_BALANCING_REUSE_PRIMARY_ci=main
#
def reuse_primary_connection!
new_connection = ENV["GITLAB_LOAD_BALANCING_REUSE_PRIMARY_#{db_config_name}"]
return unless new_connection.present?
@primary_model = Gitlab::Database.database_base_models[new_connection.to_sym]
unless @primary_model
raise "Invalid value for 'GITLAB_LOAD_BALANCING_REUSE_PRIMARY_#{db_config_name}=#{new_connection}'"
end
end
end
end
end

8
lib/gitlab/database/load_balancing/load_balancer.rb
View File

@ -232,14 +232,14 @@ module Gitlab
# host - An optional host name to use instead of the default one.
# port - An optional port to connect to.
def create_replica_connection_pool(pool_size, host = nil, port = nil)
db_config = @configuration.replica_db_config
db_config = @configuration.db_config
env_config = db_config.configuration_hash.dup
env_config[:pool] = pool_size
env_config[:host] = host if host
env_config[:port] = port if port
replica_db_config = ActiveRecord::DatabaseConfigurations::HashConfig.new(
db_config = ActiveRecord::DatabaseConfigurations::HashConfig.new(
db_config.env_name,
db_config.name + REPLICA_SUFFIX,
env_config
@ -249,7 +249,7 @@ module Gitlab
# as it will rewrite ActiveRecord::Base.connection
ActiveRecord::ConnectionAdapters::ConnectionHandler
.new
.establish_connection(replica_db_config)
.establish_connection(db_config)
end
# ActiveRecord::ConnectionAdapters::ConnectionHandler handles fetching,
@ -258,7 +258,7 @@ module Gitlab
# rubocop:disable Database/MultipleDatabases
def pool
ActiveRecord::Base.connection_handler.retrieve_connection_pool(
@configuration.primary_connection_specification_name,
@configuration.connection_specification_name,
role: ActiveRecord::Base.writing_role,
shard: ActiveRecord::Base.default_shard
) || raise(::ActiveRecord::ConnectionNotEstablished)

8
lib/gitlab/database/query_analyzers/gitlab_schemas_metrics.rb
View File

@ -27,15 +27,9 @@ module Gitlab
# to reduce amount of labels sort schemas used
gitlab_schemas = gitlab_schemas.to_a.sort.join(",")
# Temporary feature to observe relation of `gitlab_schemas` to `db_config_name`
# depending on primary model
ci_dedicated_primary_connection = ::Ci::ApplicationRecord.connection_class? &&
::Ci::ApplicationRecord.load_balancer.configuration.use_dedicated_connection?
schemas_metrics.increment({
gitlab_schemas: gitlab_schemas,
db_config_name: db_config_name,
ci_dedicated_primary_connection: ci_dedicated_primary_connection
db_config_name: db_config_name
})
end

2
lib/gitlab/metrics/samplers/database_sampler.rb
View File

@ -72,7 +72,7 @@ module Gitlab
{
host: host.host,
port: host.port,
class: load_balancer.configuration.primary_connection_specification_name,
class: load_balancer.configuration.connection_specification_name,
db_config_name: Gitlab::Database.db_config_name(host.connection)
}
end

4
package.json
View File

@ -57,7 +57,7 @@
"@gitlab/at.js": "1.5.7",
"@gitlab/favicon-overlay": "2.0.0",
"@gitlab/svgs": "2.14.0",
"@gitlab/ui": "40.6.2",
"@gitlab/ui": "40.6.3",
"@gitlab/visual-review-tools": "1.7.3",
"@rails/actioncable": "6.1.4-7",
"@rails/ujs": "6.1.4-7",
@ -109,7 +109,7 @@
"codesandbox-api": "0.0.23",
"compression-webpack-plugin": "^5.0.2",
"copy-webpack-plugin": "^6.4.1",
"core-js": "^3.22.6",
"core-js": "^3.22.7",
"cron-validator": "^1.1.1",
"cronstrue": "^1.122.0",
"cropper": "^2.3.0",

4
spec/factories/merge_requests.rb
View File

@ -25,10 +25,6 @@ FactoryBot.define do
title { generate(:draft_title) }
end
trait :wip_merge_request do
title { generate(:wip_title) }
end
trait :jira_title do
title { generate(:jira_title) }
end

1
spec/factories/sequences.rb
View File

@ -16,7 +16,6 @@ FactoryBot.define do
sequence(:oid) { |n| Digest::SHA2.hexdigest("oid-like-#{n}") }
sequence(:variable) { |n| "var#{n}" }
sequence(:draft_title) { |n| "Draft: #{n}" }
sequence(:wip_title) { |n| "WIP: #{n}" }
sequence(:jira_title) { |n| "[PROJ-#{n}]: fix bug" }
sequence(:jira_description) { |n| "This is a description\n here is the description\n Related to: PROJ-#{n}" }
sequence(:jira_branch) { |n| "feature/PROJ-#{n}" }

2
spec/fixtures/security_reports/feature-branch/gl-secret-detection-report.json vendored
View File

@ -1,5 +1,5 @@
{
"version": "3.0",
"version": "14.1.2",
"vulnerabilities": [],
"remediations": []
}

2
spec/fixtures/security_reports/master/gl-sast-missing-scanner.json vendored
View File

@ -1,5 +1,5 @@
{
"version": "1.2",
"version": "14.1.2",
"vulnerabilities": [
{
"category": "sast",

2
spec/fixtures/security_reports/master/gl-secret-detection-report.json vendored
View File

@ -1,5 +1,5 @@
{
"version": "3.0",
"version": "14.1.2",
"vulnerabilities": [
{
"id": "27d2322d519c94f803ffed1cf6d14e455df97e5a0668e229eb853fdb0d277d2c",

16
spec/frontend/content_editor/components/__snapshots__/toolbar_link_button_spec.js.snap
View File

@ -16,15 +16,13 @@ exports[`content_editor/components/toolbar_link_button renders dropdown componen
<!---->
<li role=\\"presentation\\" class=\\"gl-px-3!\\">
<form tabindex=\\"-1\\" class=\\"b-dropdown-form gl-p-0\\">
<div placeholder=\\"Link URL\\">
<div role=\\"group\\" class=\\"input-group\\">
<!---->
<!----> <input type=\\"text\\" placeholder=\\"Link URL\\" class=\\"form-control gl-form-input\\">
<div class=\\"input-group-append\\"><button type=\\"button\\" class=\\"btn btn-confirm btn-md gl-button\\">
<!---->
<!----> <span class=\\"gl-button-text\\">Apply</span></button></div>
<!---->
</div>
<div role=\\"group\\" class=\\"input-group\\" placeholder=\\"Link URL\\">
<!---->
<!----> <input type=\\"text\\" placeholder=\\"Link URL\\" class=\\"form-control gl-form-input\\">
<div class=\\"input-group-append\\"><button type=\\"button\\" class=\\"btn btn-confirm btn-md gl-button\\">
<!---->
<!----> <span class=\\"gl-button-text\\">Apply</span></button></div>
<!---->
</div>
</form>
</li>

2
spec/frontend/error_tracking_settings/components/app_spec.js
View File

@ -177,7 +177,7 @@ describe('error tracking settings app', () => {
const clipBoardButton = findDsnSettings().findComponent(ClipboardButton);
expect(clipBoardInput.props('value')).toBe(TEST_GITLAB_DSN);
expect(clipBoardInput.attributes('readonly')).toBeTruthy();
expect(clipBoardInput.attributes('readonly')).toBe('');
expect(clipBoardButton.props('text')).toBe(TEST_GITLAB_DSN);
});
});

2
spec/frontend/profile/account/components/update_username_spec.js
View File

@ -52,7 +52,7 @@ describe('UpdateUsername component', () => {
openModalBtn: wrapper.find('[data-testid="username-change-confirmation-modal"]'),
modalBody: modal.find('.modal-body'),
modalHeader: modal.find('.modal-title'),
confirmModalBtn: wrapper.find('.btn-warning'),
confirmModalBtn: wrapper.find('.btn-confirm'),
};
};

2
spec/frontend/projects/new/components/new_project_push_tip_popover_spec.js
View File

@ -57,7 +57,7 @@ describe('New project push tip popover', () => {
});
expect(findFormInput().attributes()).toMatchObject({
'aria-label': 'Push project from command line',
readonly: 'readonly',
readonly: '',
});
});

118
spec/frontend/vue_shared/components/__snapshots__/clone_dropdown_spec.js.snap
View File

@ -24,41 +24,38 @@ exports[`Clone Dropdown Button rendering matches the snapshot 1`] = `
<div
class="mx-3"
>
<div
readonly="readonly"
<b-input-group-stub
readonly=""
tag="div"
>
<b-input-group-stub
<!---->
<b-form-input-stub
class="gl-form-input"
debounce="0"
formatter="[Function]"
readonly="true"
type="text"
value="ssh://foo.bar"
/>
<b-input-group-append-stub
tag="div"
>
<!---->
<b-form-input-stub
class="gl-form-input"
debounce="0"
formatter="[Function]"
readonly="true"
type="text"
value="ssh://foo.bar"
<gl-button-stub
aria-label="Copy URL"
buttontextclasses=""
category="primary"
class="d-inline-flex"
data-clipboard-text="ssh://foo.bar"
data-qa-selector="copy_ssh_url_button"
icon="copy-to-clipboard"
size="medium"
title="Copy URL"
variant="default"
/>
<b-input-group-append-stub
tag="div"
>
<gl-button-stub
aria-label="Copy URL"
buttontextclasses=""
category="primary"
class="d-inline-flex"
data-clipboard-text="ssh://foo.bar"
data-qa-selector="copy_ssh_url_button"
icon="copy-to-clipboard"
size="medium"
title="Copy URL"
variant="default"
/>
</b-input-group-append-stub>
</b-input-group-stub>
</div>
</b-input-group-append-stub>
</b-input-group-stub>
</div>
<gl-dropdown-section-header-stub>
@ -68,41 +65,38 @@ exports[`Clone Dropdown Button rendering matches the snapshot 1`] = `
<div
class="mx-3"
>
<div
readonly="readonly"
<b-input-group-stub
readonly=""
tag="div"
>
<b-input-group-stub
<!---->
<b-form-input-stub
class="gl-form-input"
debounce="0"
formatter="[Function]"
readonly="true"
type="text"
value="http://foo.bar"
/>
<b-input-group-append-stub
tag="div"
>
<!---->
<b-form-input-stub
class="gl-form-input"
debounce="0"
formatter="[Function]"
readonly="true"
type="text"
value="http://foo.bar"
<gl-button-stub
aria-label="Copy URL"
buttontextclasses=""
category="primary"
class="d-inline-flex"
data-clipboard-text="http://foo.bar"
data-qa-selector="copy_http_url_button"
icon="copy-to-clipboard"
size="medium"
title="Copy URL"
variant="default"
/>
<b-input-group-append-stub
tag="div"
>
<gl-button-stub
aria-label="Copy URL"
buttontextclasses=""
category="primary"
class="d-inline-flex"
data-clipboard-text="http://foo.bar"
data-qa-selector="copy_http_url_button"
icon="copy-to-clipboard"
size="medium"
title="Copy URL"
variant="default"
/>
</b-input-group-append-stub>
</b-input-group-stub>
</div>
</b-input-group-append-stub>
</b-input-group-stub>
</div>
</div>
</gl-dropdown-stub>

2
spec/lib/gitlab/ci/parsers/security/secret_detection_spec.rb
View File

@ -39,7 +39,7 @@ RSpec.describe Gitlab::Ci::Parsers::Security::SecretDetection do
end
it "generates expected metadata_version" do
expect(report.findings.first.metadata_version).to eq('3.0')
expect(report.findings.first.metadata_version).to eq('14.1.2')
end
end
end

61
spec/lib/gitlab/database/load_balancing/configuration_spec.rb
View File

@ -100,14 +100,6 @@ RSpec.describe Gitlab::Database::LoadBalancing::Configuration, :request_store do
expect(config.pool_size).to eq(4)
end
end
it 'calls reuse_primary_connection!' do
expect_next_instance_of(described_class) do |subject|
expect(subject).to receive(:reuse_primary_connection!).and_call_original
end
described_class.for_model(model)
end
end
describe '#load_balancing_enabled?' do
@ -203,61 +195,12 @@ RSpec.describe Gitlab::Database::LoadBalancing::Configuration, :request_store do
end
end
describe '#replica_db_config' do
describe '#db_config' do
let(:model) { double(:model, connection_db_config: db_config, connection_specification_name: 'Ci::ApplicationRecord') }
let(:config) { described_class.for_model(model) }
it 'returns exactly db_config' do
expect(config.replica_db_config).to eq(db_config)
end
context 'when GITLAB_LOAD_BALANCING_REUSE_PRIMARY_ci=main' do
it 'does not change replica_db_config' do
stub_env('GITLAB_LOAD_BALANCING_REUSE_PRIMARY_ci', 'main')
expect(config.replica_db_config).to eq(db_config)
end
end
end
describe 'reuse_primary_connection!' do
let(:model) { double(:model, connection_db_config: db_config, connection_specification_name: 'Ci::ApplicationRecord') }
let(:config) { described_class.for_model(model) }
context 'when GITLAB_LOAD_BALANCING_REUSE_PRIMARY_* not configured' do
it 'the primary connection uses default specification' do
stub_env('GITLAB_LOAD_BALANCING_REUSE_PRIMARY_ci', nil)
expect(config.primary_connection_specification_name).to eq('Ci::ApplicationRecord')
end
end
context 'when GITLAB_LOAD_BALANCING_REUSE_PRIMARY_ci=main' do
before do
stub_env('GITLAB_LOAD_BALANCING_REUSE_PRIMARY_ci', 'main')
end
it 'the primary connection uses main connection' do
expect(config.primary_connection_specification_name).to eq('ActiveRecord::Base')
end
context 'when force_no_sharing_primary_model feature flag is enabled' do
before do
stub_feature_flags(force_no_sharing_primary_model: true)
end
it 'the primary connection uses ci connection' do
expect(config.primary_connection_specification_name).to eq('Ci::ApplicationRecord')
end
end
end
context 'when GITLAB_LOAD_BALANCING_REUSE_PRIMARY_ci=unknown' do
it 'raises exception' do
stub_env('GITLAB_LOAD_BALANCING_REUSE_PRIMARY_ci', 'unknown')
expect { config.reuse_primary_connection! }.to raise_error /Invalid value for/
end
expect(config.db_config).to eq(db_config)
end
end
end

40
spec/lib/gitlab/database/load_balancing/load_balancer_spec.rb
View File

@ -487,46 +487,6 @@ RSpec.describe Gitlab::Database::LoadBalancing::LoadBalancer, :request_store do
end
end
describe 'primary connection re-use', :reestablished_active_record_base, :add_ci_connection do
let(:model) { Ci::ApplicationRecord }
describe '#read' do
it 'returns ci replica connection' do
expect { |b| lb.read(&b) }.to yield_with_args do |args|
expect(args.pool.db_config.name).to eq('ci_replica')
end
end
context 'when GITLAB_LOAD_BALANCING_REUSE_PRIMARY_ci=main' do
it 'returns ci replica connection' do
stub_env('GITLAB_LOAD_BALANCING_REUSE_PRIMARY_ci', 'main')
expect { |b| lb.read(&b) }.to yield_with_args do |args|
expect(args.pool.db_config.name).to eq('ci_replica')
end
end
end
end
describe '#read_write' do
it 'returns Ci::ApplicationRecord connection' do
expect { |b| lb.read_write(&b) }.to yield_with_args do |args|
expect(args.pool.db_config.name).to eq('ci')
end
end
context 'when GITLAB_LOAD_BALANCING_REUSE_PRIMARY_ci=main' do
it 'returns ActiveRecord::Base connection' do
stub_env('GITLAB_LOAD_BALANCING_REUSE_PRIMARY_ci', 'main')
expect { |b| lb.read_write(&b) }.to yield_with_args do |args|
expect(args.pool.db_config.name).to eq('main')
end
end
end
end
end
describe '#wal_diff' do
it 'returns the diff between two write locations' do
loc1 = lb.send(:get_write_location, lb.pool.connection)

153
spec/lib/gitlab/database/load_balancing/setup_spec.rb
View File

@ -122,123 +122,68 @@ RSpec.describe Gitlab::Database::LoadBalancing::Setup do
context 'uses correct base models', :reestablished_active_record_base do
using RSpec::Parameterized::TableSyntax
where do
let(:ci_class) do
Class.new(ActiveRecord::Base) do
def self.name
'Ci::ApplicationRecordTemporary'
end
establish_connection ActiveRecord::DatabaseConfigurations::HashConfig.new(
Rails.env,
'ci',
ActiveRecord::Base.connection_db_config.configuration_hash
)
end
end
let(:models) do
{
"it picks a dedicated CI connection" => {
env_GITLAB_LOAD_BALANCING_REUSE_PRIMARY_ci: nil,
request_store_active: false,
ff_force_no_sharing_primary_model: false,
expectations: {
main: { read: 'main_replica', write: 'main' },
ci: { read: 'ci_replica', write: 'ci' }
}
},
"with re-use of primary connection it uses CI connection for reads" => {
env_GITLAB_LOAD_BALANCING_REUSE_PRIMARY_ci: 'main',
request_store_active: false,
ff_force_no_sharing_primary_model: false,
expectations: {
main: { read: 'main_replica', write: 'main' },
ci: { read: 'ci_replica', write: 'main' }
}
},
"with re-use and FF force_no_sharing_primary_model enabled with RequestStore it sticks FF and uses CI connection for reads and writes" => {
env_GITLAB_LOAD_BALANCING_REUSE_PRIMARY_ci: 'main',
request_store_active: true,
ff_force_no_sharing_primary_model: true,
expectations: {
main: { read: 'main_replica', write: 'main' },
ci: { read: 'ci_replica', write: 'ci' }
}
},
"with re-use and FF force_no_sharing_primary_model enabled without RequestStore it doesn't use FF and uses CI connection for reads only" => {
env_GITLAB_LOAD_BALANCING_REUSE_PRIMARY_ci: 'main',
request_store_active: true,
ff_force_no_sharing_primary_model: false,
expectations: {
main: { read: 'main_replica', write: 'main' },
ci: { read: 'ci_replica', write: 'main' }
}
}
main: ActiveRecord::Base,
ci: ci_class
}
end
with_them do
let(:ci_class) do
Class.new(ActiveRecord::Base) do
def self.name
'Ci::ApplicationRecordTemporary'
end
before do
allow(Gitlab).to receive(:dev_or_test_env?).and_return(false)
establish_connection ActiveRecord::DatabaseConfigurations::HashConfig.new(
Rails.env,
'ci',
ActiveRecord::Base.connection_db_config.configuration_hash
)
# Rewrite `class_attribute` to use rspec mocking and prevent modifying the objects
allow_next_instance_of(described_class) do |setup|
allow(setup).to receive(:configure_connection)
allow(setup).to receive(:setup_class_attribute) do |attribute, value|
allow(setup.model).to receive(attribute) { value }
end
end
let(:models) do
# Make load balancer to force init with a dedicated replicas connections
models.each do |_, model|
described_class.new(model).tap do |subject|
subject.configuration.hosts = [subject.configuration.db_config.host]
subject.setup
end
end
end
it 'results match expectations' do
result = models.transform_values do |model|
load_balancer = model.connection.instance_variable_get(:@load_balancer)
{
main: ActiveRecord::Base,
ci: ci_class
read: load_balancer.read { |connection| connection.pool.db_config.name },
write: load_balancer.read_write { |connection| connection.pool.db_config.name }
}
end
around do |example|
if request_store_active
Gitlab::WithRequestStore.with_request_store do
stub_feature_flags(force_no_sharing_primary_model: ff_force_no_sharing_primary_model)
RequestStore.clear!
expect(result).to eq({
main: { read: 'main_replica', write: 'main' },
ci: { read: 'ci_replica', write: 'ci' }
})
end
example.run
end
else
example.run
end
end
before do
allow(Gitlab).to receive(:dev_or_test_env?).and_return(false)
# Rewrite `class_attribute` to use rspec mocking and prevent modifying the objects
allow_next_instance_of(described_class) do |setup|
allow(setup).to receive(:configure_connection)
allow(setup).to receive(:setup_class_attribute) do |attribute, value|
allow(setup.model).to receive(attribute) { value }
end
end
stub_env('GITLAB_LOAD_BALANCING_REUSE_PRIMARY_ci', env_GITLAB_LOAD_BALANCING_REUSE_PRIMARY_ci)
# Make load balancer to force init with a dedicated replicas connections
models.each do |_, model|
described_class.new(model).tap do |subject|
subject.configuration.hosts = [subject.configuration.replica_db_config.host]
subject.setup
end
end
end
it 'results match expectations' do
result = models.transform_values do |model|
load_balancer = model.connection.instance_variable_get(:@load_balancer)
{
read: load_balancer.read { |connection| connection.pool.db_config.name },
write: load_balancer.read_write { |connection| connection.pool.db_config.name }
}
end
expect(result).to eq(expectations)
end
it 'does return load_balancer assigned to a given connection' do
models.each do |name, model|
expect(model.load_balancer.name).to eq(name)
expect(model.sticking.instance_variable_get(:@load_balancer)).to eq(model.load_balancer)
end
it 'does return load_balancer assigned to a given connection' do
models.each do |name, model|
expect(model.load_balancer.name).to eq(name)
expect(model.sticking.instance_variable_get(:@load_balancer)).to eq(model.load_balancer)
end
end
end

73
spec/lib/gitlab/database/query_analyzers/gitlab_schemas_metrics_spec.rb
View File

@ -17,7 +17,7 @@ RSpec.describe Gitlab::Database::QueryAnalyzers::GitlabSchemasMetrics, query_ana
process_sql(ActiveRecord::Base, "SELECT 1 FROM projects")
end
context 'properly observes all queries', :add_ci_connection, :request_store do
context 'properly observes all queries', :add_ci_connection do
using RSpec::Parameterized::TableSyntax
where do
@ -28,8 +28,7 @@ RSpec.describe Gitlab::Database::QueryAnalyzers::GitlabSchemasMetrics, query_ana
expectations: {
gitlab_schemas: "gitlab_main",
db_config_name: "main"
},
setup: nil
}
},
"for query accessing gitlab_ci and gitlab_main" => {
model: ApplicationRecord,
@ -37,8 +36,7 @@ RSpec.describe Gitlab::Database::QueryAnalyzers::GitlabSchemasMetrics, query_ana
expectations: {
gitlab_schemas: "gitlab_ci,gitlab_main",
db_config_name: "main"
},
setup: nil
}
},
"for query accessing gitlab_ci and gitlab_main the gitlab_schemas is always ordered" => {
model: ApplicationRecord,
@ -46,8 +44,7 @@ RSpec.describe Gitlab::Database::QueryAnalyzers::GitlabSchemasMetrics, query_ana
expectations: {
gitlab_schemas: "gitlab_ci,gitlab_main",
db_config_name: "main"
},
setup: nil
}
},
"for query accessing CI database" => {
model: Ci::ApplicationRecord,
@ -56,62 +53,6 @@ RSpec.describe Gitlab::Database::QueryAnalyzers::GitlabSchemasMetrics, query_ana
gitlab_schemas: "gitlab_ci",
db_config_name: "ci"
}
},
"for query accessing CI database with re-use and disabled sharing" => {
model: Ci::ApplicationRecord,
sql: "SELECT 1 FROM ci_builds",
expectations: {
gitlab_schemas: "gitlab_ci",
db_config_name: "ci",
ci_dedicated_primary_connection: true
},
setup: ->(_) do
skip_if_multiple_databases_not_setup
stub_env('GITLAB_LOAD_BALANCING_REUSE_PRIMARY_ci', 'main')
stub_feature_flags(force_no_sharing_primary_model: true)
end
},
"for query accessing CI database with re-use and enabled sharing" => {
model: Ci::ApplicationRecord,
sql: "SELECT 1 FROM ci_builds",
expectations: {
gitlab_schemas: "gitlab_ci",
db_config_name: "ci",
ci_dedicated_primary_connection: false
},
setup: ->(_) do
skip_if_multiple_databases_not_setup
stub_env('GITLAB_LOAD_BALANCING_REUSE_PRIMARY_ci', 'main')
stub_feature_flags(force_no_sharing_primary_model: false)
end
},
"for query accessing CI database without re-use and disabled sharing" => {
model: Ci::ApplicationRecord,
sql: "SELECT 1 FROM ci_builds",
expectations: {
gitlab_schemas: "gitlab_ci",
db_config_name: "ci",
ci_dedicated_primary_connection: true
},
setup: ->(_) do
skip_if_multiple_databases_not_setup
stub_env('GITLAB_LOAD_BALANCING_REUSE_PRIMARY_ci', nil)
stub_feature_flags(force_no_sharing_primary_model: true)
end
},
"for query accessing CI database without re-use and enabled sharing" => {
model: Ci::ApplicationRecord,
sql: "SELECT 1 FROM ci_builds",
expectations: {
gitlab_schemas: "gitlab_ci",
db_config_name: "ci",
ci_dedicated_primary_connection: true
},
setup: ->(_) do
skip_if_multiple_databases_not_setup
stub_env('GITLAB_LOAD_BALANCING_REUSE_PRIMARY_ci', nil)
stub_feature_flags(force_no_sharing_primary_model: false)
end
}
}
end
@ -122,15 +63,11 @@ RSpec.describe Gitlab::Database::QueryAnalyzers::GitlabSchemasMetrics, query_ana
end
it do
stub_env('GITLAB_LOAD_BALANCING_REUSE_PRIMARY_ci', nil)
instance_eval(&setup) if setup
allow(::Ci::ApplicationRecord.load_balancer).to receive(:configuration)
.and_return(Gitlab::Database::LoadBalancing::Configuration.for_model(::Ci::ApplicationRecord))
expect(described_class.schemas_metrics).to receive(:increment)
.with({ ci_dedicated_primary_connection: anything }.merge(expectations)).and_call_original
.with(expectations).and_call_original
process_sql(model, sql)
end

17
spec/lib/gitlab/database_spec.rb
View File

@ -160,13 +160,15 @@ RSpec.describe Gitlab::Database do
end
end
context 'when the connection is LoadBalancing::ConnectionProxy' do
it 'returns primary_db_config' do
lb_config = ::Gitlab::Database::LoadBalancing::Configuration.new(ActiveRecord::Base)
lb = ::Gitlab::Database::LoadBalancing::LoadBalancer.new(lb_config)
proxy = ::Gitlab::Database::LoadBalancing::ConnectionProxy.new(lb)
context 'when the connection is LoadBalancing::ConnectionProxy', :database_replica do
it 'returns primary db config even if ambiguous queries default to replica' do
Gitlab::Database::LoadBalancing::Session.current.use_primary!
primary_config = described_class.db_config_for_connection(ActiveRecord::Base.connection)
expect(described_class.db_config_for_connection(proxy)).to eq(lb_config.primary_db_config)
Gitlab::Database::LoadBalancing::Session.clear_session
Gitlab::Database::LoadBalancing::Session.current.fallback_to_replicas_for_ambiguous_queries do
expect(described_class.db_config_for_connection(ActiveRecord::Base.connection)).to eq(primary_config)
end
end
end
@ -223,9 +225,6 @@ RSpec.describe Gitlab::Database do
describe '.gitlab_schemas_for_connection' do
it 'does return a valid schema depending on a base model used', :request_store do
# FF due to lib/gitlab/database/load_balancing/configuration.rb:92
stub_feature_flags(force_no_sharing_primary_model: true)
expect(described_class.gitlab_schemas_for_connection(Project.connection)).to include(:gitlab_main, :gitlab_shared)
expect(described_class.gitlab_schemas_for_connection(Ci::Build.connection)).to include(:gitlab_ci, :gitlab_shared)
end

2
spec/lib/gitlab/mail_room/mail_room_spec.rb
View File

@ -303,6 +303,7 @@ RSpec.describe Gitlab::MailRoom do
delivery_method: 'postback',
delivery_options: {
delivery_url: "http://gitlab.example/api/v4/internal/mail_room/incoming_email",
content_type: "text/plain",
jwt_auth_header: Gitlab::MailRoom::INTERNAL_API_REQUEST_HEADER,
jwt_issuer: Gitlab::MailRoom::INTERNAL_API_REQUEST_JWT_ISSUER,
jwt_algorithm: 'HS256',
@ -316,6 +317,7 @@ RSpec.describe Gitlab::MailRoom do
delivery_method: 'postback',
delivery_options: {
delivery_url: "http://gitlab.example/api/v4/internal/mail_room/service_desk_email",
content_type: "text/plain",
jwt_auth_header: Gitlab::MailRoom::INTERNAL_API_REQUEST_HEADER,
jwt_issuer: Gitlab::MailRoom::INTERNAL_API_REQUEST_JWT_ISSUER,
jwt_algorithm: 'HS256',

4
spec/lib/gitlab/metrics/samplers/database_sampler_spec.rb
View File

@ -66,7 +66,7 @@ RSpec.describe Gitlab::Metrics::Samplers::DatabaseSampler do
let(:main_replica_host) { main_load_balancer.host }
let(:ci_load_balancer) { double(:load_balancer, host_list: ci_host_list, configuration: configuration) }
let(:configuration) { double(:configuration, primary_connection_specification_name: 'Ci::ApplicationRecord') }
let(:configuration) { double(:configuration, connection_specification_name: 'Ci::ApplicationRecord') }
let(:ci_host_list) { double(:host_list, hosts: [ci_replica_host]) }
let(:ci_replica_host) { double(:host, connection: ci_connection) }
let(:ci_connection) { double(:connection, pool: Ci::ApplicationRecord.connection_pool) }
@ -121,7 +121,7 @@ RSpec.describe Gitlab::Metrics::Samplers::DatabaseSampler do
let(:main_replica_host) { main_load_balancer.host }
let(:ci_load_balancer) { double(:load_balancer, host_list: ci_host_list, configuration: configuration) }
let(:configuration) { double(:configuration, primary_connection_specification_name: 'Ci::ApplicationRecord') }
let(:configuration) { double(:configuration, connection_specification_name: 'Ci::ApplicationRecord') }
let(:ci_host_list) { double(:host_list, hosts: [ci_replica_host]) }
let(:ci_replica_host) { double(:host, connection: ci_connection) }
let(:ci_connection) { double(:connection, pool: Ci::ApplicationRecord.connection_pool) }

2
spec/lib/marginalia_spec.rb
View File

@ -59,7 +59,7 @@ RSpec.describe 'Marginalia spec' do
"application" => "test",
"endpoint_id" => "MarginaliaTestController#first_user",
"correlation_id" => correlation_id,
"db_config_name" => ENV['GITLAB_LOAD_BALANCING_REUSE_PRIMARY_ci'] == 'main' ? 'main' : 'ci'
"db_config_name" => 'ci'
}
end

22
spec/migrations/20220523171107_drop_deploy_tokens_token_column_spec.rb Normal file
View File

@ -0,0 +1,22 @@
# frozen_string_literal: true
require 'spec_helper'
require_migration!
RSpec.describe DropDeployTokensTokenColumn do
let(:deploy_tokens) { table(:deploy_tokens) }
it 'correctly migrates up and down' do
reversible_migration do |migration|
migration.before -> {
expect(deploy_tokens.column_names).to include('token')
}
migration.after -> {
deploy_tokens.reset_column_information
expect(deploy_tokens.column_names).not_to include('token')
}
end
end
end

105
spec/models/merge_request_spec.rb
View File

@ -1394,81 +1394,68 @@ RSpec.describe MergeRequest, factory_default: :keep do
end
end
[
'WIP:', 'WIP: ', '[WIP]', '[WIP] ', ' [WIP] WIP: [WIP] WIP:',
"WIP ", "(WIP)",
"draft", "Draft", "Draft -", "draft - ", "Draft ", "draft "
].each do |draft_prefix|
it "doesn't detect '#{draft_prefix}' at the start of the title as a draft" do
subject.title = "#{draft_prefix}#{subject.title}"
context "returns false" do
# We have removed support for variations of "WIP", and additionally need
# to test unsupported variations of "Draft" that we have seen users
# attempt.
#
[
'WIP:', 'WIP: ', '[WIP]', '[WIP] ', ' [WIP] WIP: [WIP] WIP:',
"WIP ", "(WIP)",
"draft", "Draft", "Draft -", "draft - ", "Draft ", "draft "
].each do |trigger|
it "when '#{trigger}' prefixes the title" do
subject.title = "#{trigger}#{subject.title}"
expect(subject.work_in_progress?).to eq false
expect(subject.draft?).to eq false
end
end
end
it "doesn't detect merge request title just saying 'wip'" do
subject.title = "wip"
["WIP", "Draft"].each do |trigger| # rubocop:disable Style/WordArray
it "when merge request title is simply '#{trigger}'" do
subject.title = trigger
expect(subject.work_in_progress?).to eq false
end
expect(subject.draft?).to eq false
end
it "does not detect merge request title just saying 'draft'" do
subject.title = "draft"
it "when #{trigger} is in the middle of the title" do
subject.title = "Something with #{trigger} in the middle"
expect(subject.work_in_progress?).to eq false
end
expect(subject.draft?).to eq false
end
it 'does not detect WIP in the middle of the title' do
subject.title = 'Something with WIP in the middle'
it "when #{trigger} is at the end of the title" do
subject.title = "Something ends with #{trigger}"
expect(subject.work_in_progress?).to eq false
end
expect(subject.draft?).to eq false
end
it 'does not detect Draft in the middle of the title' do
subject.title = 'Something with Draft in the middle'
it "when title contains words starting with #{trigger}" do
subject.title = "#{trigger}foo #{subject.title}"
expect(subject.work_in_progress?).to eq false
end
expect(subject.draft?).to eq false
end
it 'does not detect Draft: in the middle of the title' do
subject.title = 'Something with Draft: in the middle'
it "when title contains words containing with #{trigger}" do
subject.title = "Foo#{trigger}Bar #{subject.title}"
expect(subject.work_in_progress?).to eq false
end
expect(subject.draft?).to eq false
end
end
it 'does not detect WIP at the end of the title' do
subject.title = 'Something ends with WIP'
it 'when Draft: in the middle of the title' do
subject.title = 'Something with Draft: in the middle'
expect(subject.work_in_progress?).to eq false
end
expect(subject.draft?).to eq false
end
it 'does not detect Draft at the end of the title' do
subject.title = 'Something ends with Draft'
it "when the title does not contain draft" do
expect(subject.draft?).to eq false
end
expect(subject.work_in_progress?).to eq false
end
it "doesn't detect WIP for words starting with WIP" do
subject.title = "Wipwap #{subject.title}"
expect(subject.work_in_progress?).to eq false
end
it "doesn't detect WIP for words containing with WIP" do
subject.title = "WupWipwap #{subject.title}"
expect(subject.work_in_progress?).to eq false
end
it "doesn't detect draft for words containing with draft" do
subject.title = "Drafting #{subject.title}"
expect(subject.work_in_progress?).to eq false
end
it "doesn't detect WIP by default" do
expect(subject.work_in_progress?).to eq false
end
it "is aliased to #draft?" do
expect(subject.method(:work_in_progress?)).to eq(subject.method(:draft?))
it "is aliased to #draft?" do
expect(subject.method(:work_in_progress?)).to eq(subject.method(:draft?))
end
end
end

24
spec/requests/api/internal/mail_room_spec.rb
View File

@ -215,5 +215,29 @@ RSpec.describe API::Internal::MailRoom do
expect(job).to match a_hash_including('args' => [encoded_email_content])
end
end
context 'handle text/plain request content type' do
let(:auth_headers) do
jwt_token = JWT.encode(auth_payload, incoming_email_secret, 'HS256')
{
Gitlab::MailRoom::INTERNAL_API_REQUEST_HEADER => jwt_token,
'Content-Type' => 'text/plain'
}
end
it 'schedules a EmailReceiverWorker job with email content encoded to utf-8 forcefully' do
Sidekiq::Testing.fake! do
expect do
post api("/internal/mail_room/incoming_email"), headers: auth_headers, params: email_content
end.to change { EmailReceiverWorker.jobs.size }.by(1)
end
expect(response).to have_gitlab_http_status(:ok)
expect(response.content_type).to eql('application/json')
job = EmailReceiverWorker.jobs.last
expect(job).to match a_hash_including('args' => [email_content])
end
end
end
end

10
spec/spec_helper.rb
View File

@ -256,16 +256,6 @@ RSpec.configure do |config|
end
config.around do |example|
if example.metadata.fetch(:stub_feature_flags, true)
# It doesn't make sense for this to default to enabled as we only plan to
# use this temporarily to override an environment variable but eventually
# we'll just use the environment variable value when we've completed the
# gradual rollout. This stub must happen in around block as there are other
# around blocks in tests that will run before this and get the wrong
# database connection.
stub_feature_flags(force_no_sharing_primary_model: false)
end
example.run
end

2
workhorse/go.mod
View File

@ -29,7 +29,7 @@ require (
github.com/stretchr/testify v1.7.0
gitlab.com/gitlab-org/gitaly/v14 v14.10.0-rc1.0.20220426135705-ccfab390f7c3
gitlab.com/gitlab-org/golang-archive-zip v0.1.1
gitlab.com/gitlab-org/labkit v1.14.0
gitlab.com/gitlab-org/labkit v1.15.0
gocloud.dev v0.23.0
golang.org/x/image v0.0.0-20191009234506-e7c1f5e7dbb8
golang.org/x/lint v0.0.0-20210508222113-6edffad5e616

4
workhorse/go.sum
View File

@ -956,8 +956,8 @@ gitlab.com/gitlab-org/labkit v0.0.0-20200908084045-45895e129029/go.mod h1:SNfxkf
gitlab.com/gitlab-org/labkit v1.0.0/go.mod h1:nohrYTSLDnZix0ebXZrbZJjymRar8HeV2roWL5/jw2U=
gitlab.com/gitlab-org/labkit v1.4.1/go.mod h1:x5JO5uvdX4t6e/TZXLXZnFL5AcKz2uLLd3uKXZcuO4k=
gitlab.com/gitlab-org/labkit v1.5.0/go.mod h1:1ZuVZpjSpCKUgjLx8P6jzkkQFxJI1thUKr6yKV3p0vY=
gitlab.com/gitlab-org/labkit v1.14.0 h1:LSrvHgybidPyH8fHnsy1GBghrLR4kFObFrtZwUfCgAI=
gitlab.com/gitlab-org/labkit v1.14.0/go.mod h1:bcxc4ZpAC+WyACgyKl7FcvT2XXAbl8CrzN6UY+w8cMc=
gitlab.com/gitlab-org/labkit v1.15.0 h1:rMdhIdONc7bcd5qGRtWav6iInpeDmavDmP9A1tai92k=
gitlab.com/gitlab-org/labkit v1.15.0/go.mod h1:bcxc4ZpAC+WyACgyKl7FcvT2XXAbl8CrzN6UY+w8cMc=
go.etcd.io/bbolt v1.3.3/go.mod h1:IbVyRI1SCnLcuJnV2u8VeU0CEYM7e686BmAb1XKL+uU=
go.etcd.io/etcd v0.0.0-20191023171146-3cf2f69b5738/go.mod h1:dnLIgRNXwCJa5e+c6mIZCrds/GIG4ncV9HhK5PX7jPg=
go.opencensus.io v0.15.0/go.mod h1:UffZAU+4sDEINUGP/B7UfBBkq4fqLu9zXAX7ke6CHW0=

7
workhorse/internal/upload/destination/objectstore/s3_session.go
View File

@ -10,6 +10,8 @@ import (
"github.com/aws/aws-sdk-go/aws/session"
"gitlab.com/gitlab-org/gitlab/workhorse/internal/config"
"gitlab.com/gitlab-org/labkit/fips"
)
type s3Session struct {
@ -61,8 +63,9 @@ func setupS3Session(s3Credentials config.S3Credentials, s3Config config.S3Config
}
cfg := &aws.Config{
Region: aws.String(s3Config.Region),
S3ForcePathStyle: aws.Bool(s3Config.PathStyle),
Region: aws.String(s3Config.Region),
S3ForcePathStyle: aws.Bool(s3Config.PathStyle),
S3DisableContentMD5Validation: aws.Bool(fips.Enabled()),
}
// In case IAM profiles aren't being used, use the static credentials

16
yarn.lock
View File

@ -968,10 +968,10 @@
resolved "https://registry.yarnpkg.com/@gitlab/svgs/-/svgs-2.14.0.tgz#92b36bc98ccbed49a4dbca310862146275091cb2"
integrity sha512-U9EYmEIiTMl7R3X5DmCrw6fz7gz8c1kjvQtaF6HfJ15xDtR7trRAyCNbn3z7YGk1QJ8Cv/Ifw2/T5SxXwYd7dw==
"@gitlab/ui@40.6.2":
version "40.6.2"
resolved "https://registry.yarnpkg.com/@gitlab/ui/-/ui-40.6.2.tgz#196529ed0fcf372402d74042fc828b0b469aeaf2"
integrity sha512-mOalOdFxjdtCMGUEmzeH1nSN0SCaqIkJQYbtX2x7PI2pyjHAA+8urUeCGC5JlpqDy8a4OmBmZtXTuhvweoOIew==
"@gitlab/ui@40.6.3":
version "40.6.3"
resolved "https://registry.yarnpkg.com/@gitlab/ui/-/ui-40.6.3.tgz#94f3a46054f3b4d8eb40116b20d23827d9473039"
integrity sha512-BWmal3iaBjI16BT9aMWRdYYhuRBAfzvG4/0EbKMS3smlo9yKFd81OdSEfhgFRiJENohk+tEMgR6YqB6V5DOGpw==
dependencies:
"@popperjs/core" "^2.11.2"
bootstrap-vue "2.20.1"
@ -3876,10 +3876,10 @@ core-js-pure@^3.0.0:
resolved "https://registry.yarnpkg.com/core-js-pure/-/core-js-pure-3.6.5.tgz#c79e75f5e38dbc85a662d91eea52b8256d53b813"
integrity sha512-lacdXOimsiD0QyNf9BC/mxivNJ/ybBGJXQFKzRekp1WTHoVUWsUHEn+2T8GJAzzIhyOuXA+gOxCVN3l+5PLPUA==
core-js@^3.22.6:
version "3.22.6"
resolved "https://registry.yarnpkg.com/core-js/-/core-js-3.22.6.tgz#294dd824b4cae2c24725a36baa4a791ed00bb0de"
integrity sha512-2IGcGH00z9I4twgNWU4uGCNEsBFG1s2JudVQrgSCoVhOfwoTwQjxC8aMo9exrpTMOxvobggEpaHnGMmQY4cfBQ==
core-js@^3.22.7:
version "3.22.7"
resolved "https://registry.yarnpkg.com/core-js/-/core-js-3.22.7.tgz#8d6c37f630f6139b8732d10f2c114c3f1d00024f"
integrity sha512-Jt8SReuDKVNZnZEzyEQT5eK6T2RRCXkfTq7Lo09kpm+fHjgGewSbNjV+Wt4yZMhPDdzz2x1ulI5z/w4nxpBseg==
core-js@~2.3.0:
version "2.3.0"