diff --git a/app/views/admin/groups/_group.html.haml b/app/views/admin/groups/_group.html.haml
index 5fe8f9b4bbc..bbeeb1be929 100644
--- a/app/views/admin/groups/_group.html.haml
+++ b/app/views/admin/groups/_group.html.haml
@@ -1,34 +1,37 @@
- group = local_assigns.fetch(:group)
-- css_class = 'no-description' if group.description.blank?
+- css_class = "gl-display-flex!#{' no-description' if group.description.blank?}"
-%li.group-row.py-3{ class: css_class, data: { qa_selector: 'group_row_content' } }
- .controls
- = link_to _('Edit'), admin_group_edit_path(group), id: "edit_#{dom_id(group)}", class: 'btn'
- = link_to _('Delete'), [:admin, group], data: { confirm: _("Are you sure you want to remove %{group_name}?") % { group_name: group.name } }, method: :delete, class: 'btn btn-remove'
- .stats
+%li.group-row.gl-py-3.gl-align-items-center{ class: css_class, data: { qa_selector: 'group_row_content' } }
+ .avatar-container.rect-avatar.s40.gl-flex-shrink-0
+ = group_icon(group, class: "avatar s40")
+
+ .gl-min-w-0.gl-flex-grow-1
+ .title
+ = link_to [:admin, group], class: 'group-name', data: { qa_selector: 'group_name_link' } do
+ = group.full_name
+
+ - if group.description.present?
+ .description
+ = markdown_field(group, :description)
+
+ .stats.gl-text-gray-700.gl-flex-shrink-0.gl-display-none.gl-display-sm-flex
%span.badge.badge-pill
= storage_counter(group.storage_size)
- = render_if_exists 'admin/namespace_plan_badge', namespace: group
- = render_if_exists 'admin/groups/marked_for_deletion_badge', group: group
+ = render_if_exists 'admin/namespace_plan_badge', namespace: group, css_class: 'gl-ml-5 gl-mr-0'
+ = render_if_exists 'admin/groups/marked_for_deletion_badge', group: group, css_class: 'gl-ml-5'
- %span
+ %span.gl-ml-5
= icon('bookmark')
= number_with_delimiter(group.projects.count)
- %span
+ %span.gl-ml-5
= icon('users')
= number_with_delimiter(group.users.count)
- %span.visibility-icon.has-tooltip{ data: { container: 'body', placement: 'left' }, title: visibility_icon_description(group) }
+ %span.gl-ml-5.visibility-icon.has-tooltip{ data: { container: 'body', placement: 'left' }, title: visibility_icon_description(group) }
= visibility_level_icon(group.visibility_level, fw: false)
- .avatar-container.rect-avatar.s40
- = group_icon(group, class: "avatar s40 d-none d-sm-block")
- .title
- = link_to [:admin, group], class: 'group-name', data: { qa_selector: 'group_name_link' } do
- = group.full_name
-
- - if group.description.present?
- .description
- = markdown_field(group, :description)
+ .controls.gl-flex-shrink-0.gl-ml-5
+ = link_to _('Edit'), admin_group_edit_path(group), id: "edit_#{dom_id(group)}", class: 'btn'
+ = link_to _('Delete'), [:admin, group], data: { confirm: _("Are you sure you want to remove %{group_name}?") % { group_name: group.name } }, method: :delete, class: 'btn btn-remove'
diff --git a/app/views/shared/groups/_group.html.haml b/app/views/shared/groups/_group.html.haml
index 60c9c076a70..5dac400bd5e 100644
--- a/app/views/shared/groups/_group.html.haml
+++ b/app/views/shared/groups/_group.html.haml
@@ -1,28 +1,29 @@
- user = local_assigns.fetch(:user, current_user)
- access = user&.max_member_access_for_group(group.id)
-%li.group-row.py-3{ class: ('no-description' if group.description.blank?) }
- .stats
- %span
+%li.group-row.py-3.gl-align-items-center{ class: "gl-display-flex!#{' no-description' if group.description.blank?}" }
+ .avatar-container.rect-avatar.s40.gl-flex-shrink-0
+ = link_to group do
+ = group_icon(group, class: "avatar s40")
+ .gl-min-w-0.gl-flex-grow-1
+ .title
+ = link_to group.full_name, group, class: 'group-name'
+
+ - if access&.nonzero?
+ %span.user-access-role= Gitlab::Access.human_access(access)
+
+ - if group.description.present?
+ .description
+ = markdown_field(group, :description)
+
+ .stats.gl-text-gray-700.gl-flex-shrink-0
+ %span.gl-ml-5
= icon('bookmark')
= number_with_delimiter(group.projects.non_archived.count)
- %span
+ %span.gl-ml-5
= icon('users')
= number_with_delimiter(group.users.count)
- %span.visibility-icon.has-tooltip{ data: { container: 'body', placement: 'left' }, title: visibility_icon_description(group) }
+ %span.gl-ml-5.visibility-icon.has-tooltip{ data: { container: 'body', placement: 'left' }, title: visibility_icon_description(group) }
= visibility_level_icon(group.visibility_level, fw: false)
-
- .avatar-container.rect-avatar.s40
- = link_to group do
- = group_icon(group, class: "avatar s40")
- .title
- = link_to group.full_name, group, class: 'group-name'
-
- - if access&.nonzero?
- %span.user-access-role= Gitlab::Access.human_access(access)
-
- - if group.description.present?
- .description
- = markdown_field(group, :description)
diff --git a/changelogs/unreleased/214607-ci-jwt-signing-key-check.yml b/changelogs/unreleased/214607-ci-jwt-signing-key-check.yml
deleted file mode 100644
index 5814e7f0b43..00000000000
--- a/changelogs/unreleased/214607-ci-jwt-signing-key-check.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Add system check for CI JWT signing key
-merge_request: 33920
-author:
-type: added
diff --git a/changelogs/unreleased/bump_cluster_applications_version.yml b/changelogs/unreleased/bump_cluster_applications_version.yml
new file mode 100644
index 00000000000..7ea7407350d
--- /dev/null
+++ b/changelogs/unreleased/bump_cluster_applications_version.yml
@@ -0,0 +1,5 @@
+---
+title: Bump cluster-applications version to v0.20.0
+merge_request: 34569
+author:
+type: added
diff --git a/doc/administration/packages/container_registry.md b/doc/administration/packages/container_registry.md
index a6de5e12270..8f55345a9a8 100644
--- a/doc/administration/packages/container_registry.md
+++ b/doc/administration/packages/container_registry.md
@@ -720,6 +720,8 @@ no longer directly accessible via the `:latest` tag.
### Recycling unused tags
+> [Introduced](https://gitlab.com/gitlab-org/omnibus-gitlab/-/merge_requests/987) in Omnibus GitLab 8.12.
+
There are a couple of considerations you need to note before running the
built-in command:
@@ -775,6 +777,8 @@ that you have backed up all registry data.
### Performing garbage collection without downtime
+> [Introduced](https://gitlab.com/gitlab-org/omnibus-gitlab/-/merge_requests/764) in GitLab 8.8.
+
You can perform a garbage collection without stopping the Container Registry by setting
it into a read-only mode and by not using the built-in command. During this time,
you will be able to pull from the Container Registry, but you will not be able to
diff --git a/doc/api/feature_flag_specs.md b/doc/api/feature_flag_specs.md
index 0c9cad8bee1..52a4864fdc5 100644
--- a/doc/api/feature_flag_specs.md
+++ b/doc/api/feature_flag_specs.md
@@ -1,3 +1,9 @@
+---
+stage: Release
+group: Progressive Delivery
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers
+---
+
# Feature Flag Specs API **(PREMIUM)**
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/9566) in [GitLab Premium](https://about.gitlab.com/pricing/) 12.5.
diff --git a/doc/api/feature_flag_user_lists.md b/doc/api/feature_flag_user_lists.md
index 862c927454f..460f3727819 100644
--- a/doc/api/feature_flag_user_lists.md
+++ b/doc/api/feature_flag_user_lists.md
@@ -1,3 +1,9 @@
+---
+stage: Release
+group: Progressive Delivery
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers
+---
+
# Feature flag user lists API **(PREMIUM)**
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/205409) in [GitLab Premium](https://about.gitlab.com/pricing/) 12.10.
diff --git a/doc/api/feature_flags.md b/doc/api/feature_flags.md
index ad52ef7f941..f3af662c972 100644
--- a/doc/api/feature_flags.md
+++ b/doc/api/feature_flags.md
@@ -1,3 +1,9 @@
+---
+stage: Release
+group: Progressive Delivery
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers
+---
+
# Feature Flags API **(PREMIUM)**
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/9566) in [GitLab Premium](https://about.gitlab.com/pricing/) 12.5.
diff --git a/doc/api/feature_flags_legacy.md b/doc/api/feature_flags_legacy.md
index 0f92dc12c86..30bae9c5eeb 100644
--- a/doc/api/feature_flags_legacy.md
+++ b/doc/api/feature_flags_legacy.md
@@ -1,3 +1,9 @@
+---
+stage: Release
+group: Progressive Delivery
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers
+---
+
# Legacy Feature Flags API **(PREMIUM)**
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/9566) in [GitLab Premium](https://about.gitlab.com/pricing/) 12.5.
diff --git a/doc/api/features.md b/doc/api/features.md
index ca040e9b0fa..bbf86eca490 100644
--- a/doc/api/features.md
+++ b/doc/api/features.md
@@ -1,3 +1,9 @@
+---
+stage: Release
+group: Progressive Delivery
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers
+---
+
# Features flags API
This API is for managing Flipper-based [feature flags used in development of GitLab](../development/feature_flags/index.md).
diff --git a/doc/api/merge_trains.md b/doc/api/merge_trains.md
index a2a026a5e90..3cfef3864ad 100644
--- a/doc/api/merge_trains.md
+++ b/doc/api/merge_trains.md
@@ -1,3 +1,9 @@
+---
+stage: Verify
+group: Continuous Integration
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers
+---
+
# Merge Trains API **(PREMIUM)**
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/36146) in GitLab 12.9.
diff --git a/doc/api/packages.md b/doc/api/packages.md
index f21cb59220b..ca7113bc743 100644
--- a/doc/api/packages.md
+++ b/doc/api/packages.md
@@ -1,3 +1,9 @@
+---
+stage: Package
+group: Package
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers
+---
+
# Packages API **(PREMIUM)**
This is the API docs of [GitLab Packages](../administration/packages/index.md).
diff --git a/doc/api/pages.md b/doc/api/pages.md
index b90d6634bbc..fda4a70cbd9 100644
--- a/doc/api/pages.md
+++ b/doc/api/pages.md
@@ -1,3 +1,9 @@
+---
+stage: Release
+group: Release Management
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers
+---
+
# Pages API
Endpoints for managing [GitLab Pages](https://about.gitlab.com/stages-devops-lifecycle/pages/).
diff --git a/doc/api/pages_domains.md b/doc/api/pages_domains.md
index c8803f8845b..1fddc79814f 100644
--- a/doc/api/pages_domains.md
+++ b/doc/api/pages_domains.md
@@ -1,3 +1,9 @@
+---
+stage: Release
+group: Release Management
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers
+---
+
# Pages domains API
Endpoints for connecting custom domain(s) and TLS certificates in [GitLab Pages](https://about.gitlab.com/stages-devops-lifecycle/pages/).
diff --git a/doc/api/releases/index.md b/doc/api/releases/index.md
index f7c566d8060..2c933061c37 100644
--- a/doc/api/releases/index.md
+++ b/doc/api/releases/index.md
@@ -1,3 +1,9 @@
+---
+stage: Release
+group: Release Management
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers
+---
+
# Releases API
> - [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/41766) in GitLab 11.7.
diff --git a/doc/api/releases/links.md b/doc/api/releases/links.md
index 9b2c0d611ac..35cb66e59a1 100644
--- a/doc/api/releases/links.md
+++ b/doc/api/releases/links.md
@@ -1,3 +1,9 @@
+---
+stage: Release
+group: Release Management
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers
+---
+
# Release links API
> [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/41766) in GitLab 11.7.
diff --git a/doc/api/runners.md b/doc/api/runners.md
index 5db1f116f6c..4cda4b723f5 100644
--- a/doc/api/runners.md
+++ b/doc/api/runners.md
@@ -1,3 +1,9 @@
+---
+stage: Verify
+group: Runner
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers
+---
+
# Runners API
> [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/2640) in GitLab 8.5
diff --git a/doc/ci/yaml/README.md b/doc/ci/yaml/README.md
index 09145dfe958..7ed5a8fec01 100644
--- a/doc/ci/yaml/README.md
+++ b/doc/ci/yaml/README.md
@@ -3451,7 +3451,7 @@ variables:
`none` also re-uses the local working copy, but skips all Git operations
(including GitLab Runner's pre-clone script, if present). It's mostly useful
-for jobs that operate exclusively on artifacts (for examples `deploy`). Git repository
+for jobs that operate exclusively on artifacts (for example, `deploy`). Git repository
data may be present, but it's certain to be out of date, so you should only
rely on files brought into the local working copy from cache or artifacts.
diff --git a/doc/user/admin_area/settings/continuous_integration.md b/doc/user/admin_area/settings/continuous_integration.md
index 7fc5aadcd10..3a287f29a0a 100644
--- a/doc/user/admin_area/settings/continuous_integration.md
+++ b/doc/user/admin_area/settings/continuous_integration.md
@@ -1,4 +1,7 @@
---
+stage: Verify
+group: Continuous Integration
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers
type: reference
---
diff --git a/doc/user/clusters/applications.md b/doc/user/clusters/applications.md
index 425cf9725b8..86624d12bcf 100644
--- a/doc/user/clusters/applications.md
+++ b/doc/user/clusters/applications.md
@@ -483,7 +483,7 @@ For information on configuring Crossplane installed on the cluster, see
[Crossplane configuration](crossplane.md).
NOTE: **Note:**
-[`alpha/crossplane`](https://charts.crossplane.io/alpha/) chart v0.4.1 is used to
+[`alpha/crossplane`](https://github.com/crossplane/crossplane/tree/v0.4.1/cluster/charts/crossplane) chart v0.4.1 is used to
install Crossplane using the
[`values.yaml`](https://github.com/crossplane/crossplane/blob/master/cluster/charts/crossplane/values.yaml.tmpl)
file.
@@ -1121,7 +1121,7 @@ You can customize the installation of JupyterHub by defining a
`.gitlab/managed-apps/jupyterhub/values.yaml` file in your cluster management project.
Refer to the
-[chart reference](https://zero-to-jupyterhub.readthedocs.io/en/stable/reference.html) for the
+[chart reference](https://zero-to-jupyterhub.readthedocs.io/en/stable/reference/reference.html) for the
available configuration options.
### Install Elastic Stack using GitLab CI/CD
diff --git a/doc/user/packages/composer_repository/index.md b/doc/user/packages/composer_repository/index.md
index cccb91c45fa..8a7c70ec74d 100644
--- a/doc/user/packages/composer_repository/index.md
+++ b/doc/user/packages/composer_repository/index.md
@@ -1,3 +1,9 @@
+---
+stage: Package
+group: Package
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers
+---
+
# GitLab Composer Repository **(PREMIUM)**
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/15886) in [GitLab Premium](https://about.gitlab.com/pricing/) 13.1.
diff --git a/doc/user/packages/go_proxy/index.md b/doc/user/packages/go_proxy/index.md
index 2d1369c061b..a705b956d30 100644
--- a/doc/user/packages/go_proxy/index.md
+++ b/doc/user/packages/go_proxy/index.md
@@ -1,3 +1,9 @@
+---
+stage: Package
+group: Package
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers
+---
+
# GitLab Go Proxy **(PREMIUM)**
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/27376) in [GitLab Premium](https://about.gitlab.com/pricing/) 13.1.
diff --git a/lib/gitlab/ci/templates/Managed-Cluster-Applications.gitlab-ci.yml b/lib/gitlab/ci/templates/Managed-Cluster-Applications.gitlab-ci.yml
index bb534f0f51c..316647b5921 100644
--- a/lib/gitlab/ci/templates/Managed-Cluster-Applications.gitlab-ci.yml
+++ b/lib/gitlab/ci/templates/Managed-Cluster-Applications.gitlab-ci.yml
@@ -1,6 +1,6 @@
apply:
stage: deploy
- image: "registry.gitlab.com/gitlab-org/cluster-integration/cluster-applications:v0.17.0"
+ image: "registry.gitlab.com/gitlab-org/cluster-integration/cluster-applications:v0.20.0"
environment:
name: production
variables:
@@ -20,6 +20,8 @@ apply:
FLUENTD_VALUES_FILE: $CI_PROJECT_DIR/.gitlab/managed-apps/fluentd/values.yaml
KNATIVE_VALUES_FILE: $CI_PROJECT_DIR/.gitlab/managed-apps/knative/values.yaml
POSTHOG_VALUES_FILE: $CI_PROJECT_DIR/.gitlab/managed-apps/posthog/values.yaml
+ FALCO_VALUES_FILE: $CI_PROJECT_DIR/.gitlab/managed-apps/falco/values.yaml
+ APPARMOR_VALUES_FILE: $CI_PROJECT_DIR/.gitlab/managed-apps/apparmor/values.yaml
script:
- gitlab-managed-apps /usr/local/share/gitlab-managed-apps/helmfile.yaml
only:
diff --git a/lib/gitlab/usage_data_concerns/topology.rb b/lib/gitlab/usage_data_concerns/topology.rb
index ee1d9fb22a7..6e1d29f2a17 100644
--- a/lib/gitlab/usage_data_concerns/topology.rb
+++ b/lib/gitlab/usage_data_concerns/topology.rb
@@ -5,6 +5,17 @@ module Gitlab
module Topology
include Gitlab::Utils::UsageData
+ JOB_TO_SERVICE_NAME = {
+ 'gitlab-rails' => 'web',
+ 'gitlab-sidekiq' => 'sidekiq',
+ 'gitlab-workhorse' => 'workhorse',
+ 'redis' => 'redis',
+ 'postgres' => 'postgres',
+ 'gitaly' => 'gitaly',
+ 'prometheus' => 'prometheus',
+ 'node' => 'node-exporter'
+ }.freeze
+
def topology_usage_data
topology_data, duration = measure_duration do
alt_usage_data(fallback: {}) do
@@ -50,12 +61,12 @@ module Gitlab
def topology_all_service_memory(client)
aggregate_many(
client,
- 'avg ({__name__=~"ruby_process_(resident|unique|proportional)_memory_bytes"}) by (instance, job, __name__)'
+ 'avg ({__name__ =~ "(ruby_){0,1}process_(resident|unique|proportional)_memory_bytes", job != "gitlab_exporter_process"}) by (instance, job, __name__)'
)
end
def topology_all_service_process_count(client)
- aggregate_many(client, 'count (ruby_process_start_time_seconds) by (instance, job)')
+ aggregate_many(client, 'count ({__name__ =~ "(ruby_){0,1}process_start_time_seconds", job != "gitlab_exporter_process"}) by (instance, job)')
end
def topology_node_services(instance, all_process_counts, all_process_memory)
@@ -64,28 +75,32 @@ module Gitlab
topology_instance_service_process_count(instance, all_process_counts)
.deep_merge(topology_instance_service_memory(instance, all_process_memory))
- # map to list of hashes where service name becomes a value instead
- instance_service_data.map do |service, data|
- { name: service.to_s }.merge(data)
+ # map to list of hashes where service names become values instead, and remove
+ # unknown services, since they might not be ours
+ instance_service_data.each_with_object([]) do |entry, list|
+ service, service_metrics = entry
+ gitlab_service = JOB_TO_SERVICE_NAME[service.to_s]
+ next unless gitlab_service
+
+ list << { name: gitlab_service }.merge(service_metrics)
end
end
def topology_instance_service_process_count(instance, all_instance_data)
topology_data_for_instance(instance, all_instance_data).to_h do |metric, count|
- job = metric['job'].underscore.to_sym
- [job, { process_count: count }]
+ [metric['job'], { process_count: count }]
end
end
def topology_instance_service_memory(instance, all_instance_data)
topology_data_for_instance(instance, all_instance_data).each_with_object({}) do |entry, hash|
metric, memory = entry
- job = metric['job'].underscore.to_sym
+ job = metric['job']
key =
case metric['__name__']
- when 'ruby_process_resident_memory_bytes' then :process_memory_rss
- when 'ruby_process_unique_memory_bytes' then :process_memory_uss
- when 'ruby_process_proportional_memory_bytes' then :process_memory_pss
+ when match_process_memory_metric_for_type('resident') then :process_memory_rss
+ when match_process_memory_metric_for_type('unique') then :process_memory_uss
+ when match_process_memory_metric_for_type('proportional') then :process_memory_pss
end
hash[job] ||= {}
@@ -93,6 +108,10 @@ module Gitlab
end
end
+ def match_process_memory_metric_for_type(type)
+ /(ruby_){0,1}process_#{type}_memory_bytes/
+ end
+
def topology_data_for_instance(instance, all_instance_data)
all_instance_data.filter { |metric, _value| metric['instance'] == instance }
end
diff --git a/lib/system_check/app/ci_jwt_signing_key_check.rb b/lib/system_check/app/ci_jwt_signing_key_check.rb
deleted file mode 100644
index 2777daf0123..00000000000
--- a/lib/system_check/app/ci_jwt_signing_key_check.rb
+++ /dev/null
@@ -1,30 +0,0 @@
-# frozen_string_literal: true
-
-module SystemCheck
- module App
- class CiJwtSigningKeyCheck < SystemCheck::BaseCheck
- set_name 'Valid CI JWT signing key?'
-
- def check?
- key_data = Rails.application.secrets.ci_jwt_signing_key
- return false unless key_data.present?
-
- OpenSSL::PKey::RSA.new(key_data)
-
- true
- rescue OpenSSL::PKey::RSAError
- false
- end
-
- def show_error
- $stdout.puts ' Rails.application.secrets.ci_jwt_signing_key is missing or not a valid RSA key.'.color(:red)
- $stdout.puts ' CI_JOB_JWT will not be generated for CI jobs.'.color(:red)
-
- for_more_information(
- 'doc/ci/variables/predefined_variables.md',
- 'doc/ci/examples/authenticating-with-hashicorp-vault/index.md'
- )
- end
- end
- end
-end
diff --git a/lib/system_check/rake_task/app_task.rb b/lib/system_check/rake_task/app_task.rb
index 571283165dc..99c93edd12d 100644
--- a/lib/system_check/rake_task/app_task.rb
+++ b/lib/system_check/rake_task/app_task.rb
@@ -33,8 +33,7 @@ module SystemCheck
SystemCheck::App::ActiveUsersCheck,
SystemCheck::App::AuthorizedKeysPermissionCheck,
SystemCheck::App::HashedStorageEnabledCheck,
- SystemCheck::App::HashedStorageAllProjectsCheck,
- SystemCheck::App::CiJwtSigningKeyCheck
+ SystemCheck::App::HashedStorageAllProjectsCheck
]
end
end
diff --git a/spec/lib/gitlab/usage_data_concerns/topology_spec.rb b/spec/lib/gitlab/usage_data_concerns/topology_spec.rb
index b9eed7a6192..0428900690c 100644
--- a/spec/lib/gitlab/usage_data_concerns/topology_spec.rb
+++ b/spec/lib/gitlab/usage_data_concerns/topology_spec.rb
@@ -42,14 +42,14 @@ describe Gitlab::UsageDataConcerns::Topology do
node_cpus: 8,
node_services: [
{
- name: 'gitlab_rails',
+ name: 'web',
process_count: 10,
process_memory_rss: 300,
process_memory_uss: 301,
process_memory_pss: 302
},
{
- name: 'gitlab_sidekiq',
+ name: 'sidekiq',
process_count: 5,
process_memory_rss: 303
}
@@ -60,10 +60,15 @@ describe Gitlab::UsageDataConcerns::Topology do
node_cpus: 16,
node_services: [
{
- name: 'gitlab_sidekiq',
+ name: 'sidekiq',
process_count: 15,
process_memory_rss: 400,
process_memory_pss: 401
+ },
+ {
+ name: 'redis',
+ process_count: 1,
+ process_memory_rss: 402
}
]
}
@@ -118,7 +123,7 @@ describe Gitlab::UsageDataConcerns::Topology do
def receive_node_memory_query(result: nil)
receive(:query)
- .with('avg (node_memory_MemTotal_bytes) by (instance)', an_instance_of(Hash))
+ .with(/node_memory_MemTotal_bytes/, an_instance_of(Hash))
.and_return(result || [
{
'metric' => { 'instance' => 'instance1:8080' },
@@ -133,7 +138,7 @@ describe Gitlab::UsageDataConcerns::Topology do
def receive_node_cpu_count_query(result: nil)
receive(:query)
- .with('count (node_cpu_seconds_total{mode="idle"}) by (instance)', an_instance_of(Hash))
+ .with(/node_cpu_seconds_total/, an_instance_of(Hash))
.and_return(result || [
{
'metric' => { 'instance' => 'instance2:8090' },
@@ -148,7 +153,7 @@ describe Gitlab::UsageDataConcerns::Topology do
def receive_node_service_memory_query(result: nil)
receive(:query)
- .with('avg ({__name__=~"ruby_process_(resident|unique|proportional)_memory_bytes"}) by (instance, job, __name__)', an_instance_of(Hash))
+ .with(/process_.+_memory_bytes/, an_instance_of(Hash))
.and_return(result || [
# instance 1: runs Puma + a small Sidekiq
{
@@ -167,7 +172,7 @@ describe Gitlab::UsageDataConcerns::Topology do
'metric' => { 'instance' => 'instance1:8090', 'job' => 'gitlab-sidekiq', '__name__' => 'ruby_process_resident_memory_bytes' },
'value' => [1000, '303']
},
- # instance 2: runs a dedicated Sidekiq
+ # instance 2: runs a dedicated Sidekiq + Redis (which uses a different metric name)
{
'metric' => { 'instance' => 'instance2:8090', 'job' => 'gitlab-sidekiq', '__name__' => 'ruby_process_resident_memory_bytes' },
'value' => [1000, '400']
@@ -175,13 +180,17 @@ describe Gitlab::UsageDataConcerns::Topology do
{
'metric' => { 'instance' => 'instance2:8090', 'job' => 'gitlab-sidekiq', '__name__' => 'ruby_process_proportional_memory_bytes' },
'value' => [1000, '401']
+ },
+ {
+ 'metric' => { 'instance' => 'instance2:9121', 'job' => 'redis', '__name__' => 'process_resident_memory_bytes' },
+ 'value' => [1000, '402']
}
])
end
def receive_node_service_process_count_query(result: nil)
receive(:query)
- .with('count (ruby_process_start_time_seconds) by (instance, job)', an_instance_of(Hash))
+ .with(/process_start_time_seconds/, an_instance_of(Hash))
.and_return(result || [
# instance 1
{
@@ -196,6 +205,15 @@ describe Gitlab::UsageDataConcerns::Topology do
{
'metric' => { 'instance' => 'instance2:8090', 'job' => 'gitlab-sidekiq' },
'value' => [1000, '15']
+ },
+ {
+ 'metric' => { 'instance' => 'instance2:9121', 'job' => 'redis' },
+ 'value' => [1000, '1']
+ },
+ # unknown service => should be stripped out
+ {
+ 'metric' => { 'instance' => 'instance2:9000', 'job' => 'not-a-gitlab-service' },
+ 'value' => [1000, '42']
}
])
end
diff --git a/spec/lib/system_check/app/ci_jwt_signing_key_check_spec.rb b/spec/lib/system_check/app/ci_jwt_signing_key_check_spec.rb
deleted file mode 100644
index b23504487cb..00000000000
--- a/spec/lib/system_check/app/ci_jwt_signing_key_check_spec.rb
+++ /dev/null
@@ -1,29 +0,0 @@
-# frozen_string_literal: true
-
-require 'spec_helper'
-
-RSpec.describe SystemCheck::App::CiJwtSigningKeyCheck do
- subject(:system_check) { described_class.new }
-
- describe '#check?' do
- it 'returns false when key is not present' do
- expect(Rails.application.secrets).to receive(:ci_jwt_signing_key).and_return(nil)
-
- expect(system_check.check?).to eq(false)
- end
-
- it 'returns false when key is not valid RSA key' do
- invalid_key = OpenSSL::PKey::RSA.new(1024).to_s.delete("\n")
- expect(Rails.application.secrets).to receive(:ci_jwt_signing_key).and_return(invalid_key)
-
- expect(system_check.check?).to eq(false)
- end
-
- it 'returns true when key is valid RSA key' do
- valid_key = OpenSSL::PKey::RSA.new(1024).to_s
- expect(Rails.application.secrets).to receive(:ci_jwt_signing_key).and_return(valid_key)
-
- expect(system_check.check?).to eq(true)
- end
- end
-end