kotovalexarian-likes-gitlab/gitlab-org--gitlab-foss
1
0
Fork 0
Code Releases Activity

Add latest changes from gitlab-org/gitlab@master

Browse source
This commit is contained in:
GitLab Bot 2020-10-12 12:08:37 +00:00
parent 5abf26a68f
commit b47e7cd6b2
15 changed files with 107 additions and 72 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

13
app/models/ci/job_artifact.rb
View file

@ -66,11 +66,8 @@ module Ci
cluster_applications: :gzip,
lsif: :zip,
# All these file formats use `raw` as we need to store them uncompressed
# for Frontend to fetch the files and do analysis
# When they will be only used by backend, they can be `gzipped`.
accessibility: :raw,
codequality: :raw,
# Security reports and license scanning reports are raw artifacts
# because they used to be fetched by the frontend, but this is not the case anymore.
sast: :raw,
secret_detection: :raw,
dependency_scanning: :raw,
@ -78,6 +75,12 @@ module Ci
dast: :raw,
license_management: :raw,
license_scanning: :raw,
# All these file formats use `raw` as we need to store them uncompressed
# for Frontend to fetch the files and do analysis
# When they will be only used by backend, they can be `gzipped`.
accessibility: :raw,
codequality: :raw,
performance: :raw,
browser_performance: :raw,
load_performance: :raw,

1
doc/.vale/gitlab/Acronyms.yml
View file

@ -44,6 +44,7 @@ exceptions:
- IBM
- IDE
- IID
- IMAP
- IRC
- ISO
- JSON

39
doc/administration/auth/ldap/index.md
View file

@ -12,6 +12,7 @@ GitLab integrates with LDAP to support user authentication.
This integration works with most LDAP-compliant directory servers, including:
- Microsoft Active Directory
- [Microsoft Active Directory Trusts](https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/cc771568(v=ws.10)) are not supported.
- Apple Open Directory
- Open LDAP
- 389 Server
@ -21,9 +22,6 @@ Users added through LDAP take a [licensed seat](../../../subscriptions/self_mana
GitLab Enterprise Editions (EE) include enhanced integration,
including group membership syncing as well as multiple LDAP servers support.
NOTE: **Note:**
[Microsoft Active Directory Trusts](https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/cc771568(v=ws.10)) are not supported.
## Overview
[LDAP](https://en.wikipedia.org/wiki/Lightweight_Directory_Access_Protocol)
@ -55,9 +53,8 @@ are already logged in or are using Git over SSH will still be able to access
GitLab for up to one hour. Manually block the user in the GitLab Admin Area to
immediately block all access.
NOTE: **Note:**
GitLab Enterprise Edition Starter supports a
[configurable sync time](#adjusting-ldap-user-sync-schedule).
[configurable sync time](#adjusting-ldap-user-sync-schedule). **(STARTER)**
## Git password authentication **(CORE ONLY)**
@ -100,7 +97,6 @@ library. `start_tls` corresponds to StartTLS, not to be confused with regular TL
Normally, if you specify `simple_tls` it will be on port 636, while `start_tls` (StartTLS)
would be on port 389. `plain` also operates on port 389. Removed values: `tls` was replaced with `start_tls` and `ssl` was replaced with `simple_tls`.
NOTE: **Note:**
LDAP users must have an email address set, regardless of whether it is used to sign-in.
### Example Configurations **(CORE ONLY)**
@ -430,8 +426,7 @@ gitlab_rails['ldap_servers'] = {
}
```
NOTE: **Note:**
Any number of LDAP servers can be configured. However, make sure to use a unique naming convention for the `label` section of each entry as this will be the display name of the tab shown on the sign-in page.
If you configure multiple LDAP servers, use a unique naming convention for the `label` section of each entry. That label is used as the display name of the tab shown on the sign-in page.
## User sync **(STARTER ONLY)**
@ -445,11 +440,10 @@ The process executes the following access checks:
blocked/disabled state). This will only be checked if
`active_directory: true` is set in the LDAP configuration.
NOTE: **Note:**
In Active Directory, a user is marked as disabled/blocked if the user
account control attribute (`userAccountControl:1.2.840.113556.1.4.803`)
has bit 2 set. See <https://ctovswild.com/2009/09/03/bitmask-searches-in-ldap/>
for more information.
has bit 2 set.
For more information, see <https://ctovswild.com/2009/09/03/bitmask-searches-in-ldap/>
The user will be set to `ldap_blocked` state in GitLab if the above conditions
fail. This means the user will not be able to sign-in or push/pull code.
@ -460,8 +454,10 @@ The process will also update the following user information:
- If `sync_ssh_keys` is set, SSH public keys.
- If Kerberos is enabled, Kerberos identity.
NOTE: **Note:**
The LDAP sync process updates existing users while new users are created on first sign in.
The LDAP sync process:
- Updates existing users.
- Creates new users on first sign in.
### Adjusting LDAP user sync schedule **(STARTER ONLY)**
@ -469,11 +465,13 @@ NOTE: **Note:**
These are cron formatted values. You can use a crontab generator to create
these values, for example <http://www.crontabgenerator.com/>.
By default, GitLab will run a worker once per day at 01:30 a.m. server time to
By default, GitLab runs a worker once per day at 01:30 a.m. server time to
check and update GitLab users against LDAP.
You can manually configure LDAP user sync times by setting the
following configuration values. The example below shows how to set LDAP user
following configuration values, in cron format. If needed, you can
use a [crontab generator](http://crontabgenerator.com).
The example below shows how to set LDAP user
sync to run once every 12 hours at the top of the hour.
**Omnibus installations**
@ -617,14 +615,12 @@ To enable it you need to:
### Adjusting LDAP group sync schedule **(STARTER ONLY)**
NOTE: **Note:**
These are cron formatted values. You can use a crontab generator to create
these values, for example [Crontab Generator](http://www.crontabgenerator.com/).
By default, GitLab runs a group sync process every hour, on the hour.
The values shown are in cron format. If needed, you can use a
[Crontab Generator](http://www.crontabgenerator.com).
CAUTION: **Important:**
It's recommended that you do not start the sync process too frequently as this
Do not start the sync process too frequently as this
could lead to multiple syncs running concurrently. This is primarily a concern
for installations with a large number of LDAP users. Please review the
[LDAP group sync benchmark metrics](#benchmarks) to see how
@ -727,7 +723,8 @@ Other LDAP servers should work, too.
Active Directory also supports nested groups. Group sync will recursively
resolve membership if `active_directory: true` is set in the configuration file.
NOTE: **Note:**
##### Nested group memberships
Nested group memberships are resolved only if the nested group
is found within the configured `group_base`. For example, if GitLab sees a
nested group with DN `cn=nested_group,ou=special_groups,dc=example,dc=com` but

1
doc/administration/geo/replication/multiple_servers.md
View file

@ -422,7 +422,6 @@ application servers above, with some changes to run only the `sidekiq` service:
##
alertmanager['enable'] = false
consul['enable'] = false
geo_logcursor['enable'] = false
gitaly['enable'] = false
gitlab_exporter['enable'] = false
gitlab_workhorse['enable'] = false

8
doc/administration/incoming_email.md
View file

@ -82,12 +82,12 @@ instead of the regular password for the mailbox.
To set up a basic Postfix mail server with IMAP access on Ubuntu, follow the
[Postfix setup documentation](reply_by_email_postfix_setup.md).
### Security Concerns
### Security concerns
WARNING: **WARNING:**
CAUTION: **Caution:**
Be careful when choosing the domain used for receiving incoming email.
For the sake of example, suppose your top-level company domain is `hooli.com`.
For example, suppose your top-level company domain is `hooli.com`.
All employees in your company have an email address at that domain via Google
Apps, and your company's private Slack instance requires a valid `@hooli.com`
email address to sign up.
@ -112,7 +112,7 @@ See GitLab issue [#30366](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/303
for a real-world example of this exploit.
CAUTION: **Caution:**
Be sure to use a mail server that has been configured to reduce
Use a mail server that has been configured to reduce
spam.
A Postfix mail server that is running on a default configuration, for example,
can result in abuse. All messages received on the configured mailbox will be processed

2
doc/administration/reference_architectures/10k_users.md
View file

@ -2007,7 +2007,7 @@ based on what features you intend to use:
1. Configure [object storage for merge request diffs](../merge_request_diffs.md#using-object-storage).
1. Configure [object storage for Container Registry](../packages/container_registry.md#use-object-storage) (optional feature).
1. Configure [object storage for Mattermost](https://docs.mattermost.com/administration/config-settings.html#file-storage) (optional feature).
1. Configure [object storage for packages](../packages/index.md#using-object-storage) (optional feature). **(PREMIUM ONLY)**
1. Configure [object storage for packages](../packages/index.md#using-object-storage) (optional feature).
1. Configure [object storage for Dependency Proxy](../packages/dependency_proxy.md#using-object-storage) (optional feature). **(PREMIUM ONLY)**
1. Configure [object storage for Pseudonymizer](../pseudonymizer.md#configuration) (optional feature). **(ULTIMATE ONLY)**
1. Configure [object storage for autoscale runner caching](https://docs.gitlab.com/runner/configuration/autoscale.html#distributed-runners-caching) (optional - for improved performance).

2
doc/administration/reference_architectures/25k_users.md
View file

@ -2007,7 +2007,7 @@ based on what features you intend to use:
1. Configure [object storage for merge request diffs](../merge_request_diffs.md#using-object-storage).
1. Configure [object storage for Container Registry](../packages/container_registry.md#use-object-storage) (optional feature).
1. Configure [object storage for Mattermost](https://docs.mattermost.com/administration/config-settings.html#file-storage) (optional feature).
1. Configure [object storage for packages](../packages/index.md#using-object-storage) (optional feature). **(PREMIUM ONLY)**
1. Configure [object storage for packages](../packages/index.md#using-object-storage) (optional feature).
1. Configure [object storage for Dependency Proxy](../packages/dependency_proxy.md#using-object-storage) (optional feature). **(PREMIUM ONLY)**
1. Configure [object storage for Pseudonymizer](../pseudonymizer.md#configuration) (optional feature). **(ULTIMATE ONLY)**
1. Configure [object storage for autoscale runner caching](https://docs.gitlab.com/runner/configuration/autoscale.html#distributed-runners-caching) (optional - for improved performance).

2
doc/administration/reference_architectures/2k_users.md
View file

@ -851,7 +851,7 @@ on the features you intend to use:
1. [Object storage for merge request diffs](../merge_request_diffs.md#using-object-storage).
1. [Object storage for Container Registry](../packages/container_registry.md#use-object-storage) (optional feature).
1. [Object storage for Mattermost](https://docs.mattermost.com/administration/config-settings.html#file-storage) (optional feature).
1. [Object storage for packages](../packages/index.md#using-object-storage) (optional feature). **(PREMIUM ONLY)**
1. [Object storage for packages](../packages/index.md#using-object-storage) (optional feature).
1. [Object storage for Dependency Proxy](../packages/dependency_proxy.md#using-object-storage) (optional feature). **(PREMIUM ONLY)**
1. [Object storage for Pseudonymizer](../pseudonymizer.md#configuration) (optional feature). **(ULTIMATE ONLY)**
1. [Object storage for autoscale runner caching](https://docs.gitlab.com/runner/configuration/autoscale.html#distributed-runners-caching) (optional, for improved performance).

2
doc/administration/reference_architectures/3k_users.md
View file

@ -1735,7 +1735,7 @@ based on what features you intend to use:
1. Configure [object storage for merge request diffs](../merge_request_diffs.md#using-object-storage).
1. Configure [object storage for Container Registry](../packages/container_registry.md#use-object-storage) (optional feature).
1. Configure [object storage for Mattermost](https://docs.mattermost.com/administration/config-settings.html#file-storage) (optional feature).
1. Configure [object storage for packages](../packages/index.md#using-object-storage) (optional feature). **(PREMIUM ONLY)**
1. Configure [object storage for packages](../packages/index.md#using-object-storage) (optional feature).
1. Configure [object storage for Dependency Proxy](../packages/dependency_proxy.md#using-object-storage) (optional feature). **(PREMIUM ONLY)**
1. Configure [object storage for Pseudonymizer](../pseudonymizer.md#configuration) (optional feature). **(ULTIMATE ONLY)**
1. Configure [object storage for autoscale runner caching](https://docs.gitlab.com/runner/configuration/autoscale.html#distributed-runners-caching) (optional - for improved performance).

2
doc/administration/reference_architectures/50k_users.md
View file

@ -2007,7 +2007,7 @@ based on what features you intend to use:
1. Configure [object storage for merge request diffs](../merge_request_diffs.md#using-object-storage).
1. Configure [object storage for Container Registry](../packages/container_registry.md#use-object-storage) (optional feature).
1. Configure [object storage for Mattermost](https://docs.mattermost.com/administration/config-settings.html#file-storage) (optional feature).
1. Configure [object storage for packages](../packages/index.md#using-object-storage) (optional feature). **(PREMIUM ONLY)**
1. Configure [object storage for packages](../packages/index.md#using-object-storage) (optional feature).
1. Configure [object storage for Dependency Proxy](../packages/dependency_proxy.md#using-object-storage) (optional feature). **(PREMIUM ONLY)**
1. Configure [object storage for Pseudonymizer](../pseudonymizer.md#configuration) (optional feature). **(ULTIMATE ONLY)**
1. Configure [object storage for autoscale runner caching](https://docs.gitlab.com/runner/configuration/autoscale.html#distributed-runners-caching) (optional - for improved performance).

2
doc/administration/reference_architectures/5k_users.md
View file

@ -1734,7 +1734,7 @@ based on what features you intend to use:
1. Configure [object storage for merge request diffs](../merge_request_diffs.md#using-object-storage).
1. Configure [object storage for Container Registry](../packages/container_registry.md#use-object-storage) (optional feature).
1. Configure [object storage for Mattermost](https://docs.mattermost.com/administration/config-settings.html#file-storage) (optional feature).
1. Configure [object storage for packages](../packages/index.md#using-object-storage) (optional feature). **(PREMIUM ONLY)**
1. Configure [object storage for packages](../packages/index.md#using-object-storage) (optional feature).
1. Configure [object storage for Dependency Proxy](../packages/dependency_proxy.md#using-object-storage) (optional feature). **(PREMIUM ONLY)**
1. Configure [object storage for Pseudonymizer](../pseudonymizer.md#configuration) (optional feature). **(ULTIMATE ONLY)**
1. Configure [object storage for autoscale runner caching](https://docs.gitlab.com/runner/configuration/autoscale.html#distributed-runners-caching) (optional - for improved performance).

61
doc/api/protected_branches.md
View file

@ -295,6 +295,67 @@ Example response:
}
```
### Example with allow to push and allow to merge access **(STARTER)**
Example request:
```shell
curl --request POST \
--header "PRIVATE-TOKEN: <your_access_token>" \
--header "Content-Type: application/json" \
--data '{
"id": 5,
"name": "master",
"allowed_to_push": [{"access_level": 30}],
"allowed_to_merge": [{
"access_level": 30
},{
"access_level": 40
}
]}'
"https://gitlab.example.com/api/v4/projects/5/protected_branches"
```
Example response:
```json
{
"id": 5,
"name": "master",
"push_access_levels": [
{
"access_level": 30,
"access_level_description": "Developers + Maintainers",
"user_id": null,
"group_id": null
}
],
"merge_access_levels": [
{
"access_level": 30,
"access_level_description": "Developers + Maintainers",
"user_id": null,
"group_id": null
},
{
"access_level": 40,
"access_level_description": "Maintainers",
"user_id": null,
"group_id": null
}
],
"unprotect_access_levels": [
{
"access_level": 40,
"access_level_description": "Maintainers",
"user_id": null,
"group_id": null
}
],
"code_owner_approval_required": false
}
```
## Unprotect repository branches
Unprotects the given protected branch or wildcard protected branch.

14
doc/user/group/epics/index.md
View file

@ -75,7 +75,7 @@ to:
## Issue health status in Epic tree **(ULTIMATE)**
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/199184) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 12.10.
> - The health status of a closed issue [will be hidden](https://gitlab.com/gitlab-org/gitlab/-/issues/220867) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 13.3 or later.
> - The health status of a closed issue [is hidden](https://gitlab.com/gitlab-org/gitlab/-/issues/220867) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 13.3 or later.
Report or respond to the health of issues and epics by setting a red, amber, or green [health status](../../project/issues/index.md#health-status), which then appears on your Epic tree.
@ -111,10 +111,10 @@ To set a **Start date** and **Due date** for an epic, select one of the followin
> [Replaced](https://gitlab.com/gitlab-org/gitlab/-/issues/7332) in GitLab 12.5 by **Inherited**.
If you select **From milestones** for the start date, GitLab will automatically set the date to be earliest
start date across all milestones that are assigned to the issues that are added to the epic.
Similarly, if you select **From milestones** for the due date, GitLab will set it to be the latest due date across
all milestones that are assigned to those issues.
If you select **From milestones** for the start date, GitLab automatically sets the date to be earliest
start date across all milestones that are currently assigned to the issues that are added to the epic.
Similarly, if you select **From milestones** for the due date, GitLab sets it to be the latest due date across
all milestones that are currently assigned to those issues.
These are dynamic dates which are recalculated if any of the following occur:
@ -178,8 +178,8 @@ You can also consult the [group permissions table](../../permissions.md#group-me
Once you write your comment, you can either:
- Click **Comment**, and your comment will be published.
- Click **Start thread**, and you will start a thread within that epic's discussion.
- Click **Comment** to publish your comment.
- Click **Start thread** to start a thread within that epic's discussion.
### Activity sort order

4
spec/frontend/environments/environments_app_spec.js
View file

@ -182,7 +182,7 @@ describe('Environment', () => {
describe('when user can create environment', () => {
beforeEach(() => {
mockRequest([environment]);
wrapper = mount(EnvironmentsApp, { propsData: mockData });
wrapper = shallowMount(EnvironmentsApp, { propsData: mockData });
});
it('should render', () => {
@ -193,7 +193,7 @@ describe('Environment', () => {
describe('when user can not create environment', () => {
beforeEach(() => {
mockRequest([environment]);
wrapper = mount(EnvironmentsApp, {
wrapper = shallowMount(EnvironmentsApp, {
propsData: { ...mockData, canCreateEnvironment: false },
});
});

26
spec/frontend/pipelines/pipelines_table_spec.js
View file

@ -1,4 +1,3 @@
import { GlButton } from '@gitlab/ui';
import { mount } from '@vue/test-utils';
import PipelinesTable from '~/pipelines/components/pipelines_list/pipelines_table.vue';
@ -20,7 +19,6 @@ describe('Pipelines Table', () => {
});
};
const findRows = () => wrapper.findAll('.commit.gl-responsive-table-row');
const findGlButtons = () => wrapper.findAll(GlButton);
preloadFixtures(jsonFixtureName);
@ -65,28 +63,4 @@ describe('Pipelines Table', () => {
expect(findRows()).toHaveLength(1);
});
});
describe('pipline actions', () => {
it('should set the "Re-deploy" title', () => {
const pipelines = [{ ...pipeline, flags: { cancelable: false, retryable: true } }];
createComponent({ ...defaultProps, pipelines });
expect(findGlButtons().length).toBe(1);
expect(
findGlButtons()
.at(0)
.attributes('title'),
).toMatch('Retry');
});
it('should set the "Cancel" title', () => {
const pipelines = [{ ...pipeline, flags: { cancelable: true, retryable: false } }];
createComponent({ ...defaultProps, pipelines });
expect(findGlButtons().length).toBe(1);
expect(
findGlButtons()
.at(0)
.attributes('title'),
).toMatch('Cancel');
});
});
});