Add latest changes from gitlab-org/gitlab@master

2021-08-23 06:09:01 +00:00 · 2021-08-23 06:09:01 +00:00 · a5549176e1
commit a5549176e1
parent 6f58fccebf
14 changed files with 219 additions and 76 deletions
--- a/.gitlab/CODEOWNERS
+++ b/.gitlab/CODEOWNERS
@ -201,9 +201,9 @@ Dangerfile @gl-quality/eng-prod
 /lib/gitlab/auth/ldap/ @dblessing @mkozono
 [Templates]
-/lib/gitlab/ci/templates/ @nolith @shinya.maeda @matteeyah
+/lib/gitlab/ci/templates/ @gitlab-org/maintainers/cicd-templates
 /lib/gitlab/ci/templates/Auto-DevOps.gitlab-ci.yml @DylanGriffith @mayra-cabrera @tkuah
-/lib/gitlab/ci/templates/Security/ @gonzoyumo @twoodham @sethgitlab @thiagocsf 
+/lib/gitlab/ci/templates/Security/ @gonzoyumo @twoodham @sethgitlab @thiagocsf
 /lib/gitlab/ci/templates/Security/Container-Scanning.*.yml @gitlab-org/protect/container-security-backend
 [Project Alias]
--- a/app/models/instance_configuration.rb
+++ b/app/models/instance_configuration.rb
@ -13,7 +13,7 @@ class InstanceConfiguration
      { ssh_algorithms_hashes: ssh_algorithms_hashes,
        host: host,
        gitlab_pages: gitlab_pages,
-        gitlab_ci: gitlab_ci,
+        size_limits: size_limits,
        package_file_size_limits: package_file_size_limits,
        rate_limits: rate_limits }.deep_symbolize_keys
    end
@ -38,11 +38,16 @@ class InstanceConfiguration
  rescue Resolv::ResolvError
  end
-  def gitlab_ci
+  def size_limits
-    Settings.gitlab_ci
+    {
-            .to_h
+      max_attachment_size: application_settings[:max_attachment_size].megabytes,
-            .merge(artifacts_max_size: { value: Gitlab::CurrentSettings.max_artifacts_size.megabytes,
+      receive_max_input_size: application_settings[:receive_max_input_size]&.megabytes,
-                                         default: 100.megabytes })
+      max_import_size: application_settings[:max_import_size] > 0 ? application_settings[:max_import_size].megabytes : nil,
      diff_max_patch_bytes: application_settings[:diff_max_patch_bytes].bytes,
      max_artifacts_size: application_settings[:max_artifacts_size].megabytes,
      max_pages_size: application_settings[:max_pages_size] > 0 ? application_settings[:max_pages_size].megabytes : nil,
      snippet_size_limit: application_settings[:snippet_size_limit]&.bytes
    }
  end
  def package_file_size_limits
--- a/app/views/help/instance_configuration.html.haml
+++ b/app/views/help/instance_configuration.html.haml
@ -7,7 +7,7 @@
  = render 'help/instance_configuration/ssh_info'
  = render 'help/instance_configuration/gitlab_pages'
-  = render 'help/instance_configuration/gitlab_ci'
+  = render 'help/instance_configuration/size_limits'
  = render 'help/instance_configuration/package_registry'
  = render 'help/instance_configuration/rate_limits'
  %p
--- a/app/views/help/instance_configuration/_gitlab_ci.html.haml
+++ b/app/views/help/instance_configuration/_gitlab_ci.html.haml
@ -1,24 +0,0 @@
 - content_for :table_content do
  %li= link_to _('GitLab CI'), '#gitlab-ci'
 - content_for :settings_content do
  %h2#gitlab-ci
    = _('GitLab CI')
  %p
    = _('Below are the current settings regarding')
    = succeed('.') { link_to(_('GitLab CI'), 'https://about.gitlab.com/gitlab-ci', target: '_blank') }
  .table-responsive
    %table
      %thead
        %tr
          %th= _('Setting')
          %th= instance_configuration_host(@instance_configuration.settings[:host])
          %th= _('Default')
      %tbody
        %tr
          - artifacts_size = @instance_configuration.settings[:gitlab_ci][:artifacts_max_size]
          %td= _('Artifacts maximum size')
          %td= instance_configuration_human_size_cell(artifacts_size[:value])
          %td= instance_configuration_human_size_cell(artifacts_size[:default])
--- a/app/views/help/instance_configuration/_gitlab_pages.html.haml
+++ b/app/views/help/instance_configuration/_gitlab_pages.html.haml
@ -28,8 +28,3 @@
          %td= _('Port')
          %td
            %code= instance_configuration_cell_html(gitlab_pages[:port])
  %br
  %p
    - link_to_gitlab_ci = link_to(_('GitLab CI'), '#gitlab-ci')
    = _("The maximum size of your Pages site is regulated by the artifacts maximum size which is part of %{link_to_gitlab_ci}.").html_safe % { link_to_gitlab_ci: link_to_gitlab_ci }
--- a/app/views/help/instance_configuration/_size_limits.html.haml
+++ b/app/views/help/instance_configuration/_size_limits.html.haml
@ -0,0 +1,40 @@
 - size_limits = @instance_configuration.settings[:size_limits]
 - content_for :table_content do
  - if size_limits.present?
    %li= link_to _('Size Limits'), '#size-limits'
 - content_for :settings_content do
  - if size_limits.present?
    %h2#size-limits
      = _('Size Limits')
    %p
      = _('There are several size limits in place.')
    .table-responsive
    %table
      %thead
        %tr
          %th= _('Setting')
          %th= instance_configuration_host(@instance_configuration.settings[:host])
      %tbody
        %tr
          %td= _('Maximum attachment size')
          %td= instance_configuration_human_size_cell(size_limits[:max_attachment_size])
        %tr
          %td= _('Maximum push size')
          %td= instance_configuration_human_size_cell(size_limits[:receive_max_input_size])
        %tr
          %td= _('Maximum import size')
          %td= instance_configuration_human_size_cell(size_limits[:max_import_size])
        %tr
          %td= _('Maximum diff patch size')
          %td= instance_configuration_human_size_cell(size_limits[:diff_max_patch_bytes])
        %tr
          %td= _('Maximum job artifact size')
          %td= instance_configuration_human_size_cell(size_limits[:max_artifacts_size])
        %tr
          %td= _('Maximum page size')
          %td= instance_configuration_human_size_cell(size_limits[:max_pages_size])
        %tr
          %td= _('Maximum snippet size')
          %td= instance_configuration_human_size_cell(size_limits[:snippet_size_limit])
--- a/db/ci_migrate
+++ b/db/ci_migrate
@ -1 +0,0 @@
 migrate
--- a/lib/gitlab/ci/config/entry/processable.rb
+++ b/lib/gitlab/ci/config/entry/processable.rb
@ -16,6 +16,7 @@ module Gitlab
          PROCESSABLE_ALLOWED_KEYS = %i[extends stage only except rules variables
                                        inherit allow_failure when needs resource_group].freeze
          MAX_NESTING_LEVEL = 10
          included do
            validations do
@ -31,7 +32,7 @@ module Gitlab
              with_options allow_nil: true do
                validates :extends, array_of_strings_or_string: true
-                validates :rules, nested_array_of_hashes: true
+                validates :rules, nested_array_of_hashes_or_arrays: { max_level: MAX_NESTING_LEVEL }
                validates :resource_group, type: String
              end
            end
--- a/lib/gitlab/config/entry/validators.rb
+++ b/lib/gitlab/config/entry/validators.rb
@ -90,14 +90,22 @@ module Gitlab
          end
        end
-        class NestedArrayOfHashesValidator < ArrayOfHashesValidator
+        class NestedArrayOfHashesOrArraysValidator < ArrayOfHashesValidator
          include NestedArrayHelpers
          def validate_each(record, attribute, value)
-            unless validate_nested_array(value, 1, &method(:validate_array_of_hashes))
+            max_level = options.fetch(:max_level, 1)
            unless validate_nested_array(value, max_level, &method(:validate_hash))
              record.errors.add(attribute, 'should be an array containing hashes and arrays of hashes')
            end
          end
          private
          def validate_hash(value)
            value.is_a?(Hash)
          end
        end
        class ArrayOrStringValidator < ActiveModel::EachValidator
--- a/locale/gitlab.pot
+++ b/locale/gitlab.pot
@ -4531,9 +4531,6 @@ msgstr ""
 msgid "Artifacts"
 msgstr ""
 msgid "Artifacts maximum size"
 msgstr ""
 msgid "As we continue to build more features for SAST, we'd love your feedback on the SAST configuration feature in %{linkStart}this issue%{linkEnd}."
 msgstr ""
@ -5138,9 +5135,6 @@ msgstr ""
 msgid "Begin with the selected commit"
 msgstr ""
 msgid "Below are the current settings regarding"
 msgstr ""
 msgid "Below are the fingerprints for the current instance SSH host keys."
 msgstr ""
@ -10660,9 +10654,6 @@ msgstr ""
 msgid "Decrease"
 msgstr ""
 msgid "Default"
 msgstr ""
 msgid "Default CI/CD configuration file"
 msgstr ""
@ -15233,9 +15224,6 @@ msgstr ""
 msgid "GitLab Billing Team."
 msgstr ""
 msgid "GitLab CI"
 msgstr ""
 msgid "GitLab Import"
 msgstr ""
@ -20622,6 +20610,9 @@ msgstr ""
 msgid "Maximum artifacts size (MB)"
 msgstr ""
 msgid "Maximum attachment size"
 msgstr ""
 msgid "Maximum attachment size (MB)"
 msgstr ""
@ -20640,6 +20631,9 @@ msgstr ""
 msgid "Maximum delay (Minutes)"
 msgstr ""
 msgid "Maximum diff patch size"
 msgstr ""
 msgid "Maximum diff patch size (Bytes)"
 msgstr ""
@ -20667,9 +20661,15 @@ msgstr ""
 msgid "Maximum files in a diff"
 msgstr ""
 msgid "Maximum import size"
 msgstr ""
 msgid "Maximum import size (MB)"
 msgstr ""
 msgid "Maximum job artifact size"
 msgstr ""
 msgid "Maximum job timeout"
 msgstr ""
@ -20703,6 +20703,12 @@ msgstr ""
 msgid "Maximum page reached"
 msgstr ""
 msgid "Maximum page size"
 msgstr ""
 msgid "Maximum push size"
 msgstr ""
 msgid "Maximum push size (MB)"
 msgstr ""
@ -20727,6 +20733,9 @@ msgstr ""
 msgid "Maximum size of pages (MB)"
 msgstr ""
 msgid "Maximum snippet size"
 msgstr ""
 msgid "Maximum time between updates that a mirror can have when scheduled to synchronize."
 msgstr ""
@ -30949,6 +30958,9 @@ msgstr ""
 msgid "Size"
 msgstr ""
 msgid "Size Limits"
 msgstr ""
 msgid "Size limit per repository (MB)"
 msgstr ""
@ -33337,9 +33349,6 @@ msgstr ""
 msgid "The maximum number of tags that a single worker accepts for cleanup. If the number of tags goes above this limit, the list of tags to delete is truncated to this number. To remove this limit, set it to 0."
 msgstr ""
 msgid "The maximum size of your Pages site is regulated by the artifacts maximum size which is part of %{link_to_gitlab_ci}."
 msgstr ""
 msgid "The merge conflicts for this merge request cannot be resolved through GitLab. Please try to resolve them locally."
 msgstr ""
@ -33637,6 +33646,9 @@ msgstr ""
 msgid "There are several rate limits in place to protect the system."
 msgstr ""
 msgid "There are several size limits in place."
 msgstr ""
 msgid "There is a halted Elasticsearch migration"
 msgstr ""
--- a/spec/lib/gitlab/ci/config/entry/job_spec.rb
+++ b/spec/lib/gitlab/ci/config/entry/job_spec.rb
@ -169,6 +169,22 @@ RSpec.describe Gitlab::Ci::Config::Entry::Job do
          it { expect(entry).to be_valid }
        end
      end
      context 'when rules are used' do
        let(:config) { { script: 'ls', cache: { key: 'test' }, rules: rules } }
        let(:rules) do
          [
            { if: '$CI_PIPELINE_SOURCE == "schedule"', when: 'never' },
            [
              { if: '$CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH' },
              { if: '$CI_PIPELINE_SOURCE == "merge_request_event"' }
            ]
          ]
        end
        it { expect(entry).to be_valid }
      end
    end
    context 'when entry value is not correct' do
@ -485,6 +501,70 @@ RSpec.describe Gitlab::Ci::Config::Entry::Job do
          end
        end
      end
      context 'when invalid rules are used' do
        let(:config) { { script: 'ls', cache: { key: 'test' }, rules: rules } }
        context 'with rules nested more than max allowed levels' do
          let(:sample_rule) { { if: '$THIS == "other"', when: 'always' } }
          let(:rules) do
            [
              { if: '$THIS == "that"', when: 'always' },
              [
                { if: '$SKIP', when: 'never' },
                [
                  sample_rule,
                  [
                    sample_rule,
                    [
                      sample_rule,
                      [
                        sample_rule,
                        [
                          sample_rule,
                          [
                            sample_rule,
                            [
                              sample_rule,
                              [
                                sample_rule,
                                [
                                  sample_rule,
                                  [
                                    sample_rule,
                                    [sample_rule]
                                  ]
                                ]
                              ]
                            ]
                          ]
                        ]
                      ]
                    ]
                  ]
                ]
              ]
            ]
          end
          it { expect(entry).not_to be_valid }
        end
        context 'with rules with invalid keys' do
          let(:rules) do
            [
              { invalid_key: 'invalid' },
              [
                { if: '$CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH' },
                { if: '$CI_PIPELINE_SOURCE == "merge_request_event"' }
              ]
            ]
          end
          it { expect(entry).not_to be_valid }
        end
      end
    end
  end
--- a/spec/lib/gitlab/ci/config/entry/rules_spec.rb
+++ b/spec/lib/gitlab/ci/config/entry/rules_spec.rb
@ -53,7 +53,7 @@ RSpec.describe Gitlab::Ci::Config::Entry::Rules do
      let(:config) do
        [
          { if: '$THIS == "that"', when: 'always' },
-          [{ if: '$SKIP', when: 'never' }]
+          [{ if: '$SKIP', when: 'never' }, { if: '$THIS == "other"', when: 'always' }]
        ]
      end
@ -64,11 +64,11 @@ RSpec.describe Gitlab::Ci::Config::Entry::Rules do
      let(:config) do
        [
          { if: '$THIS == "that"', when: 'always' },
-          [{ if: '$SKIP', when: 'never' }, [{ if: '$THIS == "other"', when: 'aways' }]]
+          [{ if: '$SKIP', when: 'never' }, [{ if: '$THIS == "other"', when: 'always' }]]
        ]
      end
-      it { is_expected.not_to be_valid }
+      it { is_expected.to be_valid }
    end
  end
@ -119,7 +119,7 @@ RSpec.describe Gitlab::Ci::Config::Entry::Rules do
    context 'with rules nested more than one level' do
      let(:first_rule) { { if: '$THIS == "that"', when: 'always' } }
      let(:second_rule) { { if: '$SKIP', when: 'never' } }
-      let(:third_rule) { { if: '$THIS == "other"', when: 'aways' } }
+      let(:third_rule) { { if: '$THIS == "other"', when: 'always' } }
      let(:config) do
        [
--- a/spec/models/instance_configuration_spec.rb
+++ b/spec/models/instance_configuration_spec.rb
@ -76,24 +76,46 @@ RSpec.describe InstanceConfiguration do
        end
      end
-      describe '#gitlab_ci' do
+      describe '#size_limits' do
-        let(:gitlab_ci) { subject.settings[:gitlab_ci] }
+        before do
-
+          Gitlab::CurrentSettings.current_application_settings.update!(
-        it 'returns Settings.gitalb_ci' do
+            max_attachment_size: 10,
-          gitlab_ci.delete(:artifacts_max_size)
+            receive_max_input_size: 20,
-
+            max_import_size: 30,
-          expect(gitlab_ci).to eq(Settings.gitlab_ci.symbolize_keys)
+            diff_max_patch_bytes: 409600,
            max_artifacts_size: 50,
            max_pages_size: 60,
            snippet_size_limit: 70
          )
        end
-        it 'returns the key artifacts_max_size' do
+        it 'returns size limits from application settings' do
-          expect(gitlab_ci.keys).to include(:artifacts_max_size)
+          size_limits = subject.settings[:size_limits]
          expect(size_limits[:max_attachment_size]).to eq(10.megabytes)
          expect(size_limits[:receive_max_input_size]).to eq(20.megabytes)
          expect(size_limits[:max_import_size]).to eq(30.megabytes)
          expect(size_limits[:diff_max_patch_bytes]).to eq(400.kilobytes)
          expect(size_limits[:max_artifacts_size]).to eq(50.megabytes)
          expect(size_limits[:max_pages_size]).to eq(60.megabytes)
          expect(size_limits[:snippet_size_limit]).to eq(70.bytes)
        end
-        it 'returns the key artifacts_max_size with values' do
+        it 'returns nil if receive_max_input_size not set' do
-          stub_application_setting(max_artifacts_size: 200)
+          Gitlab::CurrentSettings.current_application_settings.update!(receive_max_input_size: nil)
-          expect(gitlab_ci[:artifacts_max_size][:default]).to eq(100.megabytes)
+          size_limits = subject.settings[:size_limits]
-          expect(gitlab_ci[:artifacts_max_size][:value]).to eq(200.megabytes)
+
          expect(size_limits[:receive_max_input_size]).to be_nil
        end
        it 'returns nil if set to 0 (unlimited)' do
          Gitlab::CurrentSettings.current_application_settings.update!(max_import_size: 0, max_pages_size: 0)
          size_limits = subject.settings[:size_limits]
          expect(size_limits[:max_import_size]).to be_nil
          expect(size_limits[:max_pages_size]).to be_nil
        end
      end
--- a/spec/views/help/instance_configuration.html.haml_spec.rb
+++ b/spec/views/help/instance_configuration.html.haml_spec.rb
@ -9,6 +9,7 @@ RSpec.describe 'help/instance_configuration' do
    let(:ssh_settings) { settings[:ssh_algorithms_hashes] }
    before do
      create(:plan, name: 'plan1', title: 'Plan 1')
      assign(:instance_configuration, instance_configuration)
    end
@ -17,7 +18,9 @@ RSpec.describe 'help/instance_configuration' do
      expect(rendered).to have_link(nil, href: '#ssh-host-keys-fingerprints') if ssh_settings.any?
      expect(rendered).to have_link(nil, href: '#gitlab-pages')
-      expect(rendered).to have_link(nil, href: '#gitlab-ci')
+      expect(rendered).to have_link(nil, href: '#size-limits')
      expect(rendered).to have_link(nil, href: '#package-registry')
      expect(rendered).to have_link(nil, href: '#rate-limits')
    end
    it 'has several sections' do
@ -25,7 +28,9 @@ RSpec.describe 'help/instance_configuration' do
      expect(rendered).to have_css('h2#ssh-host-keys-fingerprints') if ssh_settings.any?
      expect(rendered).to have_css('h2#gitlab-pages')
-      expect(rendered).to have_css('h2#gitlab-ci')
+      expect(rendered).to have_css('h2#size-limits')
      expect(rendered).to have_css('h2#package-registry')
      expect(rendered).to have_css('h2#rate-limits')
    end
  end
 end