From a3f88440c4bac584638d0c1684ae2338982e4e48 Mon Sep 17 00:00:00 2001 From: GitLab Bot Date: Wed, 17 Jun 2020 03:08:38 +0000 Subject: [PATCH] Add latest changes from gitlab-org/gitlab@master --- app/views/admin/groups/_group.html.haml | 43 ++++++++++--------- app/views/shared/groups/_group.html.haml | 37 ++++++++-------- .../214607-ci-jwt-signing-key-check.yml | 5 --- .../bump_cluster_applications_version.yml | 5 +++ .../packages/container_registry.md | 4 ++ doc/api/feature_flag_specs.md | 6 +++ doc/api/feature_flag_user_lists.md | 6 +++ doc/api/feature_flags.md | 6 +++ doc/api/feature_flags_legacy.md | 6 +++ doc/api/features.md | 6 +++ doc/api/merge_trains.md | 6 +++ doc/api/packages.md | 6 +++ doc/api/pages.md | 6 +++ doc/api/pages_domains.md | 6 +++ doc/api/releases/index.md | 6 +++ doc/api/releases/links.md | 6 +++ doc/api/runners.md | 6 +++ doc/ci/yaml/README.md | 2 +- .../settings/continuous_integration.md | 3 ++ doc/user/clusters/applications.md | 4 +- .../packages/composer_repository/index.md | 6 +++ doc/user/packages/go_proxy/index.md | 6 +++ ...Managed-Cluster-Applications.gitlab-ci.yml | 4 +- lib/gitlab/usage_data_concerns/topology.rb | 41 +++++++++++++----- .../app/ci_jwt_signing_key_check.rb | 30 ------------- lib/system_check/rake_task/app_task.rb | 3 +- .../usage_data_concerns/topology_spec.rb | 34 +++++++++++---- .../app/ci_jwt_signing_key_check_spec.rb | 29 ------------- 28 files changed, 201 insertions(+), 127 deletions(-) delete mode 100644 changelogs/unreleased/214607-ci-jwt-signing-key-check.yml create mode 100644 changelogs/unreleased/bump_cluster_applications_version.yml delete mode 100644 lib/system_check/app/ci_jwt_signing_key_check.rb delete mode 100644 spec/lib/system_check/app/ci_jwt_signing_key_check_spec.rb diff --git a/app/views/admin/groups/_group.html.haml b/app/views/admin/groups/_group.html.haml index 5fe8f9b4bbc..bbeeb1be929 100644 --- a/app/views/admin/groups/_group.html.haml +++ b/app/views/admin/groups/_group.html.haml @@ -1,34 +1,37 @@ - group = local_assigns.fetch(:group) -- css_class = 'no-description' if group.description.blank? +- css_class = "gl-display-flex!#{' no-description' if group.description.blank?}" -%li.group-row.py-3{ class: css_class, data: { qa_selector: 'group_row_content' } } - .controls - = link_to _('Edit'), admin_group_edit_path(group), id: "edit_#{dom_id(group)}", class: 'btn' - = link_to _('Delete'), [:admin, group], data: { confirm: _("Are you sure you want to remove %{group_name}?") % { group_name: group.name } }, method: :delete, class: 'btn btn-remove' - .stats +%li.group-row.gl-py-3.gl-align-items-center{ class: css_class, data: { qa_selector: 'group_row_content' } } + .avatar-container.rect-avatar.s40.gl-flex-shrink-0 + = group_icon(group, class: "avatar s40") + + .gl-min-w-0.gl-flex-grow-1 + .title + = link_to [:admin, group], class: 'group-name', data: { qa_selector: 'group_name_link' } do + = group.full_name + + - if group.description.present? + .description + = markdown_field(group, :description) + + .stats.gl-text-gray-700.gl-flex-shrink-0.gl-display-none.gl-display-sm-flex %span.badge.badge-pill = storage_counter(group.storage_size) - = render_if_exists 'admin/namespace_plan_badge', namespace: group - = render_if_exists 'admin/groups/marked_for_deletion_badge', group: group + = render_if_exists 'admin/namespace_plan_badge', namespace: group, css_class: 'gl-ml-5 gl-mr-0' + = render_if_exists 'admin/groups/marked_for_deletion_badge', group: group, css_class: 'gl-ml-5' - %span + %span.gl-ml-5 = icon('bookmark') = number_with_delimiter(group.projects.count) - %span + %span.gl-ml-5 = icon('users') = number_with_delimiter(group.users.count) - %span.visibility-icon.has-tooltip{ data: { container: 'body', placement: 'left' }, title: visibility_icon_description(group) } + %span.gl-ml-5.visibility-icon.has-tooltip{ data: { container: 'body', placement: 'left' }, title: visibility_icon_description(group) } = visibility_level_icon(group.visibility_level, fw: false) - .avatar-container.rect-avatar.s40 - = group_icon(group, class: "avatar s40 d-none d-sm-block") - .title - = link_to [:admin, group], class: 'group-name', data: { qa_selector: 'group_name_link' } do - = group.full_name - - - if group.description.present? - .description - = markdown_field(group, :description) + .controls.gl-flex-shrink-0.gl-ml-5 + = link_to _('Edit'), admin_group_edit_path(group), id: "edit_#{dom_id(group)}", class: 'btn' + = link_to _('Delete'), [:admin, group], data: { confirm: _("Are you sure you want to remove %{group_name}?") % { group_name: group.name } }, method: :delete, class: 'btn btn-remove' diff --git a/app/views/shared/groups/_group.html.haml b/app/views/shared/groups/_group.html.haml index 60c9c076a70..5dac400bd5e 100644 --- a/app/views/shared/groups/_group.html.haml +++ b/app/views/shared/groups/_group.html.haml @@ -1,28 +1,29 @@ - user = local_assigns.fetch(:user, current_user) - access = user&.max_member_access_for_group(group.id) -%li.group-row.py-3{ class: ('no-description' if group.description.blank?) } - .stats - %span +%li.group-row.py-3.gl-align-items-center{ class: "gl-display-flex!#{' no-description' if group.description.blank?}" } + .avatar-container.rect-avatar.s40.gl-flex-shrink-0 + = link_to group do + = group_icon(group, class: "avatar s40") + .gl-min-w-0.gl-flex-grow-1 + .title + = link_to group.full_name, group, class: 'group-name' + + - if access&.nonzero? + %span.user-access-role= Gitlab::Access.human_access(access) + + - if group.description.present? + .description + = markdown_field(group, :description) + + .stats.gl-text-gray-700.gl-flex-shrink-0 + %span.gl-ml-5 = icon('bookmark') = number_with_delimiter(group.projects.non_archived.count) - %span + %span.gl-ml-5 = icon('users') = number_with_delimiter(group.users.count) - %span.visibility-icon.has-tooltip{ data: { container: 'body', placement: 'left' }, title: visibility_icon_description(group) } + %span.gl-ml-5.visibility-icon.has-tooltip{ data: { container: 'body', placement: 'left' }, title: visibility_icon_description(group) } = visibility_level_icon(group.visibility_level, fw: false) - - .avatar-container.rect-avatar.s40 - = link_to group do - = group_icon(group, class: "avatar s40") - .title - = link_to group.full_name, group, class: 'group-name' - - - if access&.nonzero? - %span.user-access-role= Gitlab::Access.human_access(access) - - - if group.description.present? - .description - = markdown_field(group, :description) diff --git a/changelogs/unreleased/214607-ci-jwt-signing-key-check.yml b/changelogs/unreleased/214607-ci-jwt-signing-key-check.yml deleted file mode 100644 index 5814e7f0b43..00000000000 --- a/changelogs/unreleased/214607-ci-jwt-signing-key-check.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -title: Add system check for CI JWT signing key -merge_request: 33920 -author: -type: added diff --git a/changelogs/unreleased/bump_cluster_applications_version.yml b/changelogs/unreleased/bump_cluster_applications_version.yml new file mode 100644 index 00000000000..7ea7407350d --- /dev/null +++ b/changelogs/unreleased/bump_cluster_applications_version.yml @@ -0,0 +1,5 @@ +--- +title: Bump cluster-applications version to v0.20.0 +merge_request: 34569 +author: +type: added diff --git a/doc/administration/packages/container_registry.md b/doc/administration/packages/container_registry.md index a6de5e12270..8f55345a9a8 100644 --- a/doc/administration/packages/container_registry.md +++ b/doc/administration/packages/container_registry.md @@ -720,6 +720,8 @@ no longer directly accessible via the `:latest` tag. ### Recycling unused tags +> [Introduced](https://gitlab.com/gitlab-org/omnibus-gitlab/-/merge_requests/987) in Omnibus GitLab 8.12. + There are a couple of considerations you need to note before running the built-in command: @@ -775,6 +777,8 @@ that you have backed up all registry data. ### Performing garbage collection without downtime +> [Introduced](https://gitlab.com/gitlab-org/omnibus-gitlab/-/merge_requests/764) in GitLab 8.8. + You can perform a garbage collection without stopping the Container Registry by setting it into a read-only mode and by not using the built-in command. During this time, you will be able to pull from the Container Registry, but you will not be able to diff --git a/doc/api/feature_flag_specs.md b/doc/api/feature_flag_specs.md index 0c9cad8bee1..52a4864fdc5 100644 --- a/doc/api/feature_flag_specs.md +++ b/doc/api/feature_flag_specs.md @@ -1,3 +1,9 @@ +--- +stage: Release +group: Progressive Delivery +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers +--- + # Feature Flag Specs API **(PREMIUM)** > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/9566) in [GitLab Premium](https://about.gitlab.com/pricing/) 12.5. diff --git a/doc/api/feature_flag_user_lists.md b/doc/api/feature_flag_user_lists.md index 862c927454f..460f3727819 100644 --- a/doc/api/feature_flag_user_lists.md +++ b/doc/api/feature_flag_user_lists.md @@ -1,3 +1,9 @@ +--- +stage: Release +group: Progressive Delivery +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers +--- + # Feature flag user lists API **(PREMIUM)** > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/205409) in [GitLab Premium](https://about.gitlab.com/pricing/) 12.10. diff --git a/doc/api/feature_flags.md b/doc/api/feature_flags.md index ad52ef7f941..f3af662c972 100644 --- a/doc/api/feature_flags.md +++ b/doc/api/feature_flags.md @@ -1,3 +1,9 @@ +--- +stage: Release +group: Progressive Delivery +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers +--- + # Feature Flags API **(PREMIUM)** > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/9566) in [GitLab Premium](https://about.gitlab.com/pricing/) 12.5. diff --git a/doc/api/feature_flags_legacy.md b/doc/api/feature_flags_legacy.md index 0f92dc12c86..30bae9c5eeb 100644 --- a/doc/api/feature_flags_legacy.md +++ b/doc/api/feature_flags_legacy.md @@ -1,3 +1,9 @@ +--- +stage: Release +group: Progressive Delivery +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers +--- + # Legacy Feature Flags API **(PREMIUM)** > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/9566) in [GitLab Premium](https://about.gitlab.com/pricing/) 12.5. diff --git a/doc/api/features.md b/doc/api/features.md index ca040e9b0fa..bbf86eca490 100644 --- a/doc/api/features.md +++ b/doc/api/features.md @@ -1,3 +1,9 @@ +--- +stage: Release +group: Progressive Delivery +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers +--- + # Features flags API This API is for managing Flipper-based [feature flags used in development of GitLab](../development/feature_flags/index.md). diff --git a/doc/api/merge_trains.md b/doc/api/merge_trains.md index a2a026a5e90..3cfef3864ad 100644 --- a/doc/api/merge_trains.md +++ b/doc/api/merge_trains.md @@ -1,3 +1,9 @@ +--- +stage: Verify +group: Continuous Integration +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers +--- + # Merge Trains API **(PREMIUM)** > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/36146) in GitLab 12.9. diff --git a/doc/api/packages.md b/doc/api/packages.md index f21cb59220b..ca7113bc743 100644 --- a/doc/api/packages.md +++ b/doc/api/packages.md @@ -1,3 +1,9 @@ +--- +stage: Package +group: Package +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers +--- + # Packages API **(PREMIUM)** This is the API docs of [GitLab Packages](../administration/packages/index.md). diff --git a/doc/api/pages.md b/doc/api/pages.md index b90d6634bbc..fda4a70cbd9 100644 --- a/doc/api/pages.md +++ b/doc/api/pages.md @@ -1,3 +1,9 @@ +--- +stage: Release +group: Release Management +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers +--- + # Pages API Endpoints for managing [GitLab Pages](https://about.gitlab.com/stages-devops-lifecycle/pages/). diff --git a/doc/api/pages_domains.md b/doc/api/pages_domains.md index c8803f8845b..1fddc79814f 100644 --- a/doc/api/pages_domains.md +++ b/doc/api/pages_domains.md @@ -1,3 +1,9 @@ +--- +stage: Release +group: Release Management +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers +--- + # Pages domains API Endpoints for connecting custom domain(s) and TLS certificates in [GitLab Pages](https://about.gitlab.com/stages-devops-lifecycle/pages/). diff --git a/doc/api/releases/index.md b/doc/api/releases/index.md index f7c566d8060..2c933061c37 100644 --- a/doc/api/releases/index.md +++ b/doc/api/releases/index.md @@ -1,3 +1,9 @@ +--- +stage: Release +group: Release Management +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers +--- + # Releases API > - [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/41766) in GitLab 11.7. diff --git a/doc/api/releases/links.md b/doc/api/releases/links.md index 9b2c0d611ac..35cb66e59a1 100644 --- a/doc/api/releases/links.md +++ b/doc/api/releases/links.md @@ -1,3 +1,9 @@ +--- +stage: Release +group: Release Management +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers +--- + # Release links API > [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/41766) in GitLab 11.7. diff --git a/doc/api/runners.md b/doc/api/runners.md index 5db1f116f6c..4cda4b723f5 100644 --- a/doc/api/runners.md +++ b/doc/api/runners.md @@ -1,3 +1,9 @@ +--- +stage: Verify +group: Runner +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers +--- + # Runners API > [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/2640) in GitLab 8.5 diff --git a/doc/ci/yaml/README.md b/doc/ci/yaml/README.md index 09145dfe958..7ed5a8fec01 100644 --- a/doc/ci/yaml/README.md +++ b/doc/ci/yaml/README.md @@ -3451,7 +3451,7 @@ variables: `none` also re-uses the local working copy, but skips all Git operations (including GitLab Runner's pre-clone script, if present). It's mostly useful -for jobs that operate exclusively on artifacts (for examples `deploy`). Git repository +for jobs that operate exclusively on artifacts (for example, `deploy`). Git repository data may be present, but it's certain to be out of date, so you should only rely on files brought into the local working copy from cache or artifacts. diff --git a/doc/user/admin_area/settings/continuous_integration.md b/doc/user/admin_area/settings/continuous_integration.md index 7fc5aadcd10..3a287f29a0a 100644 --- a/doc/user/admin_area/settings/continuous_integration.md +++ b/doc/user/admin_area/settings/continuous_integration.md @@ -1,4 +1,7 @@ --- +stage: Verify +group: Continuous Integration +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers type: reference --- diff --git a/doc/user/clusters/applications.md b/doc/user/clusters/applications.md index 425cf9725b8..86624d12bcf 100644 --- a/doc/user/clusters/applications.md +++ b/doc/user/clusters/applications.md @@ -483,7 +483,7 @@ For information on configuring Crossplane installed on the cluster, see [Crossplane configuration](crossplane.md). NOTE: **Note:** -[`alpha/crossplane`](https://charts.crossplane.io/alpha/) chart v0.4.1 is used to +[`alpha/crossplane`](https://github.com/crossplane/crossplane/tree/v0.4.1/cluster/charts/crossplane) chart v0.4.1 is used to install Crossplane using the [`values.yaml`](https://github.com/crossplane/crossplane/blob/master/cluster/charts/crossplane/values.yaml.tmpl) file. @@ -1121,7 +1121,7 @@ You can customize the installation of JupyterHub by defining a `.gitlab/managed-apps/jupyterhub/values.yaml` file in your cluster management project. Refer to the -[chart reference](https://zero-to-jupyterhub.readthedocs.io/en/stable/reference.html) for the +[chart reference](https://zero-to-jupyterhub.readthedocs.io/en/stable/reference/reference.html) for the available configuration options. ### Install Elastic Stack using GitLab CI/CD diff --git a/doc/user/packages/composer_repository/index.md b/doc/user/packages/composer_repository/index.md index cccb91c45fa..8a7c70ec74d 100644 --- a/doc/user/packages/composer_repository/index.md +++ b/doc/user/packages/composer_repository/index.md @@ -1,3 +1,9 @@ +--- +stage: Package +group: Package +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers +--- + # GitLab Composer Repository **(PREMIUM)** > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/15886) in [GitLab Premium](https://about.gitlab.com/pricing/) 13.1. diff --git a/doc/user/packages/go_proxy/index.md b/doc/user/packages/go_proxy/index.md index 2d1369c061b..a705b956d30 100644 --- a/doc/user/packages/go_proxy/index.md +++ b/doc/user/packages/go_proxy/index.md @@ -1,3 +1,9 @@ +--- +stage: Package +group: Package +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers +--- + # GitLab Go Proxy **(PREMIUM)** > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/27376) in [GitLab Premium](https://about.gitlab.com/pricing/) 13.1. diff --git a/lib/gitlab/ci/templates/Managed-Cluster-Applications.gitlab-ci.yml b/lib/gitlab/ci/templates/Managed-Cluster-Applications.gitlab-ci.yml index bb534f0f51c..316647b5921 100644 --- a/lib/gitlab/ci/templates/Managed-Cluster-Applications.gitlab-ci.yml +++ b/lib/gitlab/ci/templates/Managed-Cluster-Applications.gitlab-ci.yml @@ -1,6 +1,6 @@ apply: stage: deploy - image: "registry.gitlab.com/gitlab-org/cluster-integration/cluster-applications:v0.17.0" + image: "registry.gitlab.com/gitlab-org/cluster-integration/cluster-applications:v0.20.0" environment: name: production variables: @@ -20,6 +20,8 @@ apply: FLUENTD_VALUES_FILE: $CI_PROJECT_DIR/.gitlab/managed-apps/fluentd/values.yaml KNATIVE_VALUES_FILE: $CI_PROJECT_DIR/.gitlab/managed-apps/knative/values.yaml POSTHOG_VALUES_FILE: $CI_PROJECT_DIR/.gitlab/managed-apps/posthog/values.yaml + FALCO_VALUES_FILE: $CI_PROJECT_DIR/.gitlab/managed-apps/falco/values.yaml + APPARMOR_VALUES_FILE: $CI_PROJECT_DIR/.gitlab/managed-apps/apparmor/values.yaml script: - gitlab-managed-apps /usr/local/share/gitlab-managed-apps/helmfile.yaml only: diff --git a/lib/gitlab/usage_data_concerns/topology.rb b/lib/gitlab/usage_data_concerns/topology.rb index ee1d9fb22a7..6e1d29f2a17 100644 --- a/lib/gitlab/usage_data_concerns/topology.rb +++ b/lib/gitlab/usage_data_concerns/topology.rb @@ -5,6 +5,17 @@ module Gitlab module Topology include Gitlab::Utils::UsageData + JOB_TO_SERVICE_NAME = { + 'gitlab-rails' => 'web', + 'gitlab-sidekiq' => 'sidekiq', + 'gitlab-workhorse' => 'workhorse', + 'redis' => 'redis', + 'postgres' => 'postgres', + 'gitaly' => 'gitaly', + 'prometheus' => 'prometheus', + 'node' => 'node-exporter' + }.freeze + def topology_usage_data topology_data, duration = measure_duration do alt_usage_data(fallback: {}) do @@ -50,12 +61,12 @@ module Gitlab def topology_all_service_memory(client) aggregate_many( client, - 'avg ({__name__=~"ruby_process_(resident|unique|proportional)_memory_bytes"}) by (instance, job, __name__)' + 'avg ({__name__ =~ "(ruby_){0,1}process_(resident|unique|proportional)_memory_bytes", job != "gitlab_exporter_process"}) by (instance, job, __name__)' ) end def topology_all_service_process_count(client) - aggregate_many(client, 'count (ruby_process_start_time_seconds) by (instance, job)') + aggregate_many(client, 'count ({__name__ =~ "(ruby_){0,1}process_start_time_seconds", job != "gitlab_exporter_process"}) by (instance, job)') end def topology_node_services(instance, all_process_counts, all_process_memory) @@ -64,28 +75,32 @@ module Gitlab topology_instance_service_process_count(instance, all_process_counts) .deep_merge(topology_instance_service_memory(instance, all_process_memory)) - # map to list of hashes where service name becomes a value instead - instance_service_data.map do |service, data| - { name: service.to_s }.merge(data) + # map to list of hashes where service names become values instead, and remove + # unknown services, since they might not be ours + instance_service_data.each_with_object([]) do |entry, list| + service, service_metrics = entry + gitlab_service = JOB_TO_SERVICE_NAME[service.to_s] + next unless gitlab_service + + list << { name: gitlab_service }.merge(service_metrics) end end def topology_instance_service_process_count(instance, all_instance_data) topology_data_for_instance(instance, all_instance_data).to_h do |metric, count| - job = metric['job'].underscore.to_sym - [job, { process_count: count }] + [metric['job'], { process_count: count }] end end def topology_instance_service_memory(instance, all_instance_data) topology_data_for_instance(instance, all_instance_data).each_with_object({}) do |entry, hash| metric, memory = entry - job = metric['job'].underscore.to_sym + job = metric['job'] key = case metric['__name__'] - when 'ruby_process_resident_memory_bytes' then :process_memory_rss - when 'ruby_process_unique_memory_bytes' then :process_memory_uss - when 'ruby_process_proportional_memory_bytes' then :process_memory_pss + when match_process_memory_metric_for_type('resident') then :process_memory_rss + when match_process_memory_metric_for_type('unique') then :process_memory_uss + when match_process_memory_metric_for_type('proportional') then :process_memory_pss end hash[job] ||= {} @@ -93,6 +108,10 @@ module Gitlab end end + def match_process_memory_metric_for_type(type) + /(ruby_){0,1}process_#{type}_memory_bytes/ + end + def topology_data_for_instance(instance, all_instance_data) all_instance_data.filter { |metric, _value| metric['instance'] == instance } end diff --git a/lib/system_check/app/ci_jwt_signing_key_check.rb b/lib/system_check/app/ci_jwt_signing_key_check.rb deleted file mode 100644 index 2777daf0123..00000000000 --- a/lib/system_check/app/ci_jwt_signing_key_check.rb +++ /dev/null @@ -1,30 +0,0 @@ -# frozen_string_literal: true - -module SystemCheck - module App - class CiJwtSigningKeyCheck < SystemCheck::BaseCheck - set_name 'Valid CI JWT signing key?' - - def check? - key_data = Rails.application.secrets.ci_jwt_signing_key - return false unless key_data.present? - - OpenSSL::PKey::RSA.new(key_data) - - true - rescue OpenSSL::PKey::RSAError - false - end - - def show_error - $stdout.puts ' Rails.application.secrets.ci_jwt_signing_key is missing or not a valid RSA key.'.color(:red) - $stdout.puts ' CI_JOB_JWT will not be generated for CI jobs.'.color(:red) - - for_more_information( - 'doc/ci/variables/predefined_variables.md', - 'doc/ci/examples/authenticating-with-hashicorp-vault/index.md' - ) - end - end - end -end diff --git a/lib/system_check/rake_task/app_task.rb b/lib/system_check/rake_task/app_task.rb index 571283165dc..99c93edd12d 100644 --- a/lib/system_check/rake_task/app_task.rb +++ b/lib/system_check/rake_task/app_task.rb @@ -33,8 +33,7 @@ module SystemCheck SystemCheck::App::ActiveUsersCheck, SystemCheck::App::AuthorizedKeysPermissionCheck, SystemCheck::App::HashedStorageEnabledCheck, - SystemCheck::App::HashedStorageAllProjectsCheck, - SystemCheck::App::CiJwtSigningKeyCheck + SystemCheck::App::HashedStorageAllProjectsCheck ] end end diff --git a/spec/lib/gitlab/usage_data_concerns/topology_spec.rb b/spec/lib/gitlab/usage_data_concerns/topology_spec.rb index b9eed7a6192..0428900690c 100644 --- a/spec/lib/gitlab/usage_data_concerns/topology_spec.rb +++ b/spec/lib/gitlab/usage_data_concerns/topology_spec.rb @@ -42,14 +42,14 @@ describe Gitlab::UsageDataConcerns::Topology do node_cpus: 8, node_services: [ { - name: 'gitlab_rails', + name: 'web', process_count: 10, process_memory_rss: 300, process_memory_uss: 301, process_memory_pss: 302 }, { - name: 'gitlab_sidekiq', + name: 'sidekiq', process_count: 5, process_memory_rss: 303 } @@ -60,10 +60,15 @@ describe Gitlab::UsageDataConcerns::Topology do node_cpus: 16, node_services: [ { - name: 'gitlab_sidekiq', + name: 'sidekiq', process_count: 15, process_memory_rss: 400, process_memory_pss: 401 + }, + { + name: 'redis', + process_count: 1, + process_memory_rss: 402 } ] } @@ -118,7 +123,7 @@ describe Gitlab::UsageDataConcerns::Topology do def receive_node_memory_query(result: nil) receive(:query) - .with('avg (node_memory_MemTotal_bytes) by (instance)', an_instance_of(Hash)) + .with(/node_memory_MemTotal_bytes/, an_instance_of(Hash)) .and_return(result || [ { 'metric' => { 'instance' => 'instance1:8080' }, @@ -133,7 +138,7 @@ describe Gitlab::UsageDataConcerns::Topology do def receive_node_cpu_count_query(result: nil) receive(:query) - .with('count (node_cpu_seconds_total{mode="idle"}) by (instance)', an_instance_of(Hash)) + .with(/node_cpu_seconds_total/, an_instance_of(Hash)) .and_return(result || [ { 'metric' => { 'instance' => 'instance2:8090' }, @@ -148,7 +153,7 @@ describe Gitlab::UsageDataConcerns::Topology do def receive_node_service_memory_query(result: nil) receive(:query) - .with('avg ({__name__=~"ruby_process_(resident|unique|proportional)_memory_bytes"}) by (instance, job, __name__)', an_instance_of(Hash)) + .with(/process_.+_memory_bytes/, an_instance_of(Hash)) .and_return(result || [ # instance 1: runs Puma + a small Sidekiq { @@ -167,7 +172,7 @@ describe Gitlab::UsageDataConcerns::Topology do 'metric' => { 'instance' => 'instance1:8090', 'job' => 'gitlab-sidekiq', '__name__' => 'ruby_process_resident_memory_bytes' }, 'value' => [1000, '303'] }, - # instance 2: runs a dedicated Sidekiq + # instance 2: runs a dedicated Sidekiq + Redis (which uses a different metric name) { 'metric' => { 'instance' => 'instance2:8090', 'job' => 'gitlab-sidekiq', '__name__' => 'ruby_process_resident_memory_bytes' }, 'value' => [1000, '400'] @@ -175,13 +180,17 @@ describe Gitlab::UsageDataConcerns::Topology do { 'metric' => { 'instance' => 'instance2:8090', 'job' => 'gitlab-sidekiq', '__name__' => 'ruby_process_proportional_memory_bytes' }, 'value' => [1000, '401'] + }, + { + 'metric' => { 'instance' => 'instance2:9121', 'job' => 'redis', '__name__' => 'process_resident_memory_bytes' }, + 'value' => [1000, '402'] } ]) end def receive_node_service_process_count_query(result: nil) receive(:query) - .with('count (ruby_process_start_time_seconds) by (instance, job)', an_instance_of(Hash)) + .with(/process_start_time_seconds/, an_instance_of(Hash)) .and_return(result || [ # instance 1 { @@ -196,6 +205,15 @@ describe Gitlab::UsageDataConcerns::Topology do { 'metric' => { 'instance' => 'instance2:8090', 'job' => 'gitlab-sidekiq' }, 'value' => [1000, '15'] + }, + { + 'metric' => { 'instance' => 'instance2:9121', 'job' => 'redis' }, + 'value' => [1000, '1'] + }, + # unknown service => should be stripped out + { + 'metric' => { 'instance' => 'instance2:9000', 'job' => 'not-a-gitlab-service' }, + 'value' => [1000, '42'] } ]) end diff --git a/spec/lib/system_check/app/ci_jwt_signing_key_check_spec.rb b/spec/lib/system_check/app/ci_jwt_signing_key_check_spec.rb deleted file mode 100644 index b23504487cb..00000000000 --- a/spec/lib/system_check/app/ci_jwt_signing_key_check_spec.rb +++ /dev/null @@ -1,29 +0,0 @@ -# frozen_string_literal: true - -require 'spec_helper' - -RSpec.describe SystemCheck::App::CiJwtSigningKeyCheck do - subject(:system_check) { described_class.new } - - describe '#check?' do - it 'returns false when key is not present' do - expect(Rails.application.secrets).to receive(:ci_jwt_signing_key).and_return(nil) - - expect(system_check.check?).to eq(false) - end - - it 'returns false when key is not valid RSA key' do - invalid_key = OpenSSL::PKey::RSA.new(1024).to_s.delete("\n") - expect(Rails.application.secrets).to receive(:ci_jwt_signing_key).and_return(invalid_key) - - expect(system_check.check?).to eq(false) - end - - it 'returns true when key is valid RSA key' do - valid_key = OpenSSL::PKey::RSA.new(1024).to_s - expect(Rails.application.secrets).to receive(:ci_jwt_signing_key).and_return(valid_key) - - expect(system_check.check?).to eq(true) - end - end -end