kotovalexarian-likes-gitlab/gitlab-org--gitlab-foss
1
0
Fork 0
Code Releases Activity

Add latest changes from gitlab-org/gitlab@master

Browse source
This commit is contained in:
GitLab Bot 2021-06-18 03:10:18 +00:00
parent 9f61aba53f
commit b7a1160154
21 changed files with 194 additions and 62 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
app/assets/javascripts/frequent_items/components/frequent_items_list_item.vue
View file

@ -1,5 +1,6 @@
<script>
/* eslint-disable vue/require-default-prop, vue/no-v-html */
import { GlButton } from '@gitlab/ui';
import highlight from '~/lib/utils/highlight';
import { truncateNamespace } from '~/lib/utils/text_utility';
import { mapVuexModuleState } from '~/lib/utils/vuex_module_mappers';
@ -11,6 +12,7 @@ const trackingMixin = Tracking.mixin();
export default {
components: {
Identicon,
GlButton,
},
mixins: [trackingMixin],
inject: ['vuexModule'],
@ -56,9 +58,10 @@ export default {
<template>
<li class="frequent-items-list-item-container">
<a
<gl-button
category="tertiary"
:href="webUrl"
class="clearfix dropdown-item"
class="gl-text-left gl-justify-content-start!"
@click="track('click_link', { label: `${dropdownType}_dropdown_frequent_items_list_item` })"
>
<div
@ -90,6 +93,6 @@ export default {
{{ truncatedNamespace }}
</div>
</div>
</a>
</gl-button>
</li>
</template>

2
app/assets/javascripts/nav/components/top_nav_menu_item.vue
View file

@ -42,7 +42,7 @@ export default {
v-on="$listeners"
>
<span class="gl-display-flex">
<gl-icon v-if="menuItem.icon" :name="menuItem.icon" :class="{ 'gl-mr-2!': !iconOnly }" />
<gl-icon v-if="menuItem.icon" :name="menuItem.icon" :class="{ 'gl-mr-3!': !iconOnly }" />
<template v-if="!iconOnly">
{{ menuItem.title }}
<gl-icon v-if="menuItem.view" name="chevron-right" class="gl-ml-auto" />

2
app/assets/javascripts/nav/components/top_nav_menu_sections.vue
View file

@ -1,7 +1,7 @@
<script>
import TopNavMenuItem from './top_nav_menu_item.vue';
const BORDER_CLASSES = 'gl-pt-3 gl-border-1 gl-border-t-solid gl-border-gray-100';
const BORDER_CLASSES = 'gl-pt-3 gl-border-1 gl-border-t-solid gl-border-gray-50';
export default {
components: {

2
app/helpers/nav/top_nav_helper.rb
View file

@ -22,7 +22,7 @@ module Nav
new_view_model = new_dropdown_view_model(project: project, group: group)
if new_view_model
if new_view_model && new_view_model.fetch(:menu_sections)&.any?
builder.add_view(NEW_VIEW, new_view_model)
end

3
app/models/ci/build.rb
View file

@ -212,7 +212,8 @@ module Ci
acts_as_taggable
add_authentication_token_field :token, encrypted: :optional
add_authentication_token_field :token,
encrypted: -> { Gitlab::Ci::Features.require_builds_token_encryption? ? :required : :optional }
before_save :ensure_token
before_destroy { unscoped_project }

1
app/models/integration.rb
View file

@ -48,6 +48,7 @@ class Integration < ApplicationRecord
flowdock
hangouts_chat
irker
packagist pipelines_email pivotaltracker pushover
].to_set.freeze
def self.renamed?(name)

8
app/models/project.rb
View file

@ -178,10 +178,10 @@ class Project < ApplicationRecord
has_one :mattermost_slash_commands_service, class_name: 'Integrations::MattermostSlashCommands'
has_one :microsoft_teams_service, class_name: 'Integrations::MicrosoftTeams'
has_one :mock_ci_service, class_name: 'Integrations::MockCi'
has_one :packagist_service, class_name: 'Integrations::Packagist'
has_one :pipelines_email_service, class_name: 'Integrations::PipelinesEmail'
has_one :pivotaltracker_service, class_name: 'Integrations::Pivotaltracker'
has_one :pushover_service, class_name: 'Integrations::Pushover'
has_one :packagist_integration, class_name: 'Integrations::Packagist'
has_one :pipelines_email_integration, class_name: 'Integrations::PipelinesEmail'
has_one :pivotaltracker_integration, class_name: 'Integrations::Pivotaltracker'
has_one :pushover_integration, class_name: 'Integrations::Pushover'
has_one :redmine_service, class_name: 'Integrations::Redmine'
has_one :slack_service, class_name: 'Integrations::Slack'
has_one :slack_slash_commands_service, class_name: 'Integrations::SlackSlashCommands'

8
config/feature_flags/development/ci_builds_tokens_required_encryption.yml Normal file
View file

@ -0,0 +1,8 @@
---
name: ci_builds_tokens_required_encryption
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/63874
rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/333566
milestone: '14.0'
type: development
group: group::pipeline execution
default_enabled: false

147
doc/administration/operations/puma.md
View file

@ -4,35 +4,100 @@ group: Distribution
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
---
# Switching to Puma **(FREE SELF)**
# Puma **(FREE SELF)**
As of GitLab 12.9, [Puma](https://github.com/puma/puma) has replaced [Unicorn](https://yhbt.net/unicorn/)
as the default web server. From GitLab 14.0, the following run Puma:
NOTE:
Starting with GitLab 13.0, Puma
is the default web server and Unicorn has been
disabled by default. In GitLab 14.0, Unicorn was removed from the Linux package
and only Puma is available.
- All-in-one package-based installations.
- Helm chart-based installations.
Puma is a simple, fast, multi-threaded, and highly concurrent HTTP 1.1 server for
Ruby applications. It's the default GitLab web server since GitLab 13.0
and has replaced Unicorn. From GitLab 14.0, Unicorn is no longer supported.
## Why switch to Puma?
## Configure Puma
Puma has a multi-thread architecture which uses less memory than a multi-process
application server like Unicorn. On GitLab.com, we saw a 40% reduction in memory
consumption.
To configure Puma:
Most Rails applications requests normally include a proportion of I/O wait time.
During I/O wait time MRI Ruby will release the GVL (Global VM Lock) to other threads.
Multi-threaded Puma can therefore still serve more requests than a single process.
1. Determine suitable Puma worker and thread [settings](../../install/requirements.md#puma-settings).
1. If you're swithcing from Unicorn, [convert any custom settings to Puma](#convert-unicorn-settings-to-puma).
1. For multi-node deployments, configure the load balancer to use the
[readiness check](../load_balancer.md#readiness-check).
1. Reconfigure GitLab so the above changes take effect:
## Configuring Puma to replace Unicorn
```shell
sudo gitlab-ctl reconfigure
```
Beginning with GitLab 13.0, Puma is the default application server. We removed support for
Unicorn in GitLab 14.0.
For Helm based deployments, see the
[`webservice` chart documentation](https://docs.gitlab.com/charts/charts/gitlab/webservice/index.html).
When switching to Puma, Unicorn server configuration
will _not_ carry over automatically, due to differences between the two application servers. For Omnibus-based
deployments, see [Configuring Puma Settings](https://docs.gitlab.com/omnibus/settings/puma.html#configuring-puma-settings).
For Helm based deployments, see the [`webservice` chart documentation](https://docs.gitlab.com/charts/charts/gitlab/webservice/index.html).
For more details about the Puma configuration, see the
[Puma documentation](https://github.com/puma/puma#configuration).
Additionally we strongly recommend that multi-node deployments [configure their load balancers to use the readiness check](../load_balancer.md#readiness-check) due to a difference between Unicorn and Puma in how they handle connections during a restart of the service.
## Puma Worker Killer
By default, the [Puma Worker Killer](https://github.com/schneems/puma_worker_killer) will restart
a worker if it exceeds a [memory limit](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/cluster/puma_worker_killer_initializer.rb). Additionally, rolling restarts of
Puma workers are performed every 12 hours.
To change the memory limit setting:
1. Edit `/etc/gitlab/gitlab.rb`:
```ruby
puma['per_worker_max_memory_mb'] = 1024
```
1. Reconfigure GitLab for the changes to take effect:
```shell
sudo gitlab-ctl reconfigure
```
## Worker timeout
A [timeout of 60 seconds](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/initializers/rack_timeout.rb)
is used when Puma is enabled.
NOTE:
Unlike Unicorn, the `puma['worker_timeout']` setting does not set the maximum request duration.
To change the worker timeout:
1. Edit `/etc/gitlab/gitlab.rb`:
```ruby
gitlab_rails['env'] = {
'GITLAB_RAILS_RACK_TIMEOUT' => 600
}
```
1. Reconfigure GitLab for the changes to take effect:
```shell
sudo gitlab-ctl reconfigure
```
## Running in memory-constrained environments
In a memory-constrained environment with less than 4GB of RAM available, consider disabling Puma [Clustered mode](https://github.com/puma/puma#clustered-mode).
Configuring Puma by setting the amount of `workers` to `0` could reduce memory usage by hundreds of MB.
For details on Puma worker and thread settings, see the [Puma requirements](../../install/requirements.md#puma-settings).
Unlike in a Clustered mode, which is set up by default, only a single Puma process would serve the application.
The downside of running Puma with such configuration is the reduced throughput, and it could be considered as a fair tradeoff in a memory-constraint environment.
When running Puma in Single mode, some features are not supported:
- Phased restart will not work: [issue](https://gitlab.com/gitlab-org/gitlab/-/issues/300665)
- [Phased restart](https://gitlab.com/gitlab-org/gitlab/-/issues/300665)
- [Puma Worker Killer](https://gitlab.com/gitlab-org/gitlab/-/issues/300664)
To learn more, visit [epic 5303](https://gitlab.com/groups/gitlab-org/-/epics/5303).
## Performance caveat when using Puma with Rugged
@ -66,3 +131,45 @@ optimal configuration:
Rugged, single-threaded Puma works the same as Unicorn.
- To force Rugged to be used with multi-threaded Puma, you can use
[feature flags](../../development/gitaly.md#legacy-rugged-code).
## Convert Unicorn settings to Puma
NOTE:
Starting with GitLab 13.0, Puma is the default web server and Unicorn has been
disabled by default. In GitLab 14.0, Unicorn was removed from the Linux package
and only Puma is available.
Puma has a multi-thread architecture which uses less memory than a multi-process
application server like Unicorn. On GitLab.com, we saw a 40% reduction in memory
consumption. Most Rails applications requests normally include a proportion of I/O wait time.
During I/O wait time MRI Ruby will release the GVL (Global VM Lock) to other threads.
Multi-threaded Puma can therefore still serve more requests than a single process.
When switching to Puma, any Unicorn server configuration will _not_ carry over
automatically, due to differences between the two application servers.
The table below summarizes which Unicorn configuration keys correspond to those
in Puma when using the Linux package, and which ones have no corresponding counterpart.
| Unicorn | Puma |
| ------------------------------------ | ---------------------------------- |
| `unicorn['enable']` | `puma['enable']` |
| `unicorn['worker_timeout']` | `puma['worker_timeout']` |
| `unicorn['worker_processes']` | `puma['worker_processes']` |
| n/a | `puma['ha']` |
| n/a | `puma['min_threads']` |
| n/a | `puma['max_threads']` |
| `unicorn['listen']` | `puma['listen']` |
| `unicorn['port']` | `puma['port']` |
| `unicorn['socket']` | `puma['socket']` |
| `unicorn['pidfile']` | `puma['pidfile']` |
| `unicorn['tcp_nopush']` | n/a |
| `unicorn['backlog_socket']` | n/a |
| `unicorn['somaxconn']` | `puma['somaxconn']` |
| n/a | `puma['state_path']` |
| `unicorn['log_directory']` | `puma['log_directory']` |
| `unicorn['worker_memory_limit_min']` | n/a |
| `unicorn['worker_memory_limit_max']` | `puma['per_worker_max_memory_mb']` |
| `unicorn['exporter_enabled']` | `puma['exporter_enabled']` |
| `unicorn['exporter_address']` | `puma['exporter_address']` |
| `unicorn['exporter_port']` | `puma['exporter_port']` |

10
doc/install/requirements.md
View file

@ -170,11 +170,13 @@ of GitLab Support or other GitLab engineers.
## Puma settings
The recommended settings for Puma are determined by the infrastructure on which it's running.
Omnibus GitLab defaults to the recommended Puma settings. Regardless of installation method, you can
tune the Puma settings.
The GitLab Linux package defaults to the recommended Puma settings. Regardless of installation method, you can
tune the Puma settings:
If you're using Omnibus GitLab, see [Puma settings](https://docs.gitlab.com/omnibus/settings/puma.html)
for instructions on changing the Puma settings. If you're using the GitLab Helm chart, see the [`webservice` chart](https://docs.gitlab.com/charts/charts/gitlab/webservice/index.html).
- If you're using the GitLab Linux package, see [Puma settings](../administration/operations/puma.md)
for instructions on changing the Puma settings.
- If you're using the GitLab Helm chart, see the
[`webservice` chart](https://docs.gitlab.com/charts/charts/gitlab/webservice/index.html).
### Puma workers

2
doc/user/application_security/sast/index.md
View file

@ -497,7 +497,7 @@ Some analyzers can be customized with CI/CD variables.
| `SCAN_KUBERNETES_MANIFESTS` | Kubesec | Set to `"true"` to scan Kubernetes manifests. |
| `KUBESEC_HELM_CHARTS_PATH` | Kubesec | Optional path to Helm charts that `helm` uses to generate a Kubernetes manifest that `kubesec` scans. If dependencies are defined, `helm dependency build` should be ran in a `before_script` to fetch the necessary dependencies. |
| `KUBESEC_HELM_OPTIONS` | Kubesec | Additional arguments for the `helm` executable. |
| `COMPILE` | SpotBugs | Set to `false` to disable project compilation and dependency fetching. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/195252) in GitLab 13.1. |
| `COMPILE` | Gosec, SpotBugs | Set to `false` to disable project compilation and dependency fetching. [Introduced for `SpotBugs`](https://gitlab.com/gitlab-org/gitlab/-/issues/195252) analyzer in GitLab 13.1 and [`Gosec`](https://gitlab.com/gitlab-org/gitlab/-/issues/330678) analyzer in GitLab 14.0. |
| `ANT_HOME` | SpotBugs | The `ANT_HOME` variable. |
| `ANT_PATH` | SpotBugs | Path to the `ant` executable. |
| `GRADLE_PATH` | SpotBugs | Path to the `gradle` executable. |

4
lib/gitlab/ci/features.rb
View file

@ -41,6 +41,10 @@ module Gitlab
def self.gldropdown_tags_enabled?
::Feature.enabled?(:gldropdown_tags, default_enabled: :yaml)
end
def self.require_builds_token_encryption?
Feature.enabled?(:ci_builds_tokens_required_encryption, default_enabled: :yaml)
end
end
end
end

2
spec/factories/integrations.rb
View file

@ -173,7 +173,7 @@ FactoryBot.define do
type { 'SlackSlashCommandsService' }
end
factory :pipelines_email_service, class: 'Integrations::PipelinesEmail' do
factory :pipelines_email_integration, class: 'Integrations::PipelinesEmail' do
project
active { true }
type { 'PipelinesEmailService' }

16
spec/frontend/frequent_items/components/frequent_items_list_item_spec.js
View file

@ -1,3 +1,4 @@
import { GlButton } from '@gitlab/ui';
import { shallowMount, createLocalVue } from '@vue/test-utils';
import Vuex from 'vuex';
import { trimText } from 'helpers/text_helper';
@ -18,7 +19,7 @@ describe('FrequentItemsListItemComponent', () => {
const findAvatar = () => wrapper.find({ ref: 'frequentItemsItemAvatar' });
const findAllTitles = () => wrapper.findAll({ ref: 'frequentItemsItemTitle' });
const findNamespace = () => wrapper.find({ ref: 'frequentItemsItemNamespace' });
const findAllAnchors = () => wrapper.findAll('a');
const findAllButtons = () => wrapper.findAllComponents(GlButton);
const findAllNamespace = () => wrapper.findAll({ ref: 'frequentItemsItemNamespace' });
const findAvatarContainer = () => wrapper.findAll({ ref: 'frequentItemsItemAvatarContainer' });
const findAllMetadataContainers = () =>
@ -109,7 +110,7 @@ describe('FrequentItemsListItemComponent', () => {
it.each`
name | selector | expected
${'anchor'} | ${findAllAnchors} | ${1}
${'button'} | ${findAllButtons} | ${1}
${'avatar container'} | ${findAvatarContainer} | ${1}
${'metadata container'} | ${findAllMetadataContainers} | ${1}
${'title'} | ${findAllTitles} | ${1}
@ -119,13 +120,10 @@ describe('FrequentItemsListItemComponent', () => {
});
it('tracks when item link is clicked', () => {
const link = wrapper.find('a');
// NOTE: this listener is required to prevent the click from going through and causing:
// `Error: Not implemented: navigation ...`
link.element.addEventListener('click', (e) => {
e.preventDefault();
});
link.trigger('click');
const link = wrapper.findComponent(GlButton);
link.vm.$emit('click');
expect(trackingSpy).toHaveBeenCalledWith(undefined, 'click_link', {
label: 'projects_dropdown_frequent_items_list_item',
});

2
spec/frontend/nav/components/top_nav_menu_item_spec.js
View file

@ -73,7 +73,7 @@ describe('~/nav/components/top_nav_menu_item.vue', () => {
expect(findButtonIcons()).toEqual([
{
name: TEST_MENU_ITEM.icon,
classes: ['gl-mr-2!'],
classes: ['gl-mr-3!'],
},
{
name: 'chevron-right',

12
spec/helpers/nav/top_nav_helper_spec.rb
View file

@ -539,10 +539,18 @@ RSpec.describe Nav::TopNavHelper do
end
context 'with new' do
let(:with_new_view_model) { { id: 'test-new-view-model' } }
let(:with_new_view_model) { { menu_sections: [{ id: 'test-new-view-model' }] } }
it 'has new subview' do
expect(subject[:views][:new]).to eq({ id: 'test-new-view-model' })
expect(subject[:views][:new]).to eq(with_new_view_model)
end
end
context 'with new and no menu_sections' do
let(:with_new_view_model) { { menu_sections: [] } }
it 'has new subview' do
expect(subject[:views][:new]).to be_nil
end
end
end

8
spec/lib/gitlab/import_export/all_models.yml
View file

@ -367,12 +367,12 @@ project:
- discord_integration
- drone_ci_integration
- emails_on_push_integration
- pipelines_email_service
- pipelines_email_integration
- mattermost_slash_commands_service
- slack_slash_commands_service
- irker_integration
- packagist_service
- pivotaltracker_service
- packagist_integration
- pivotaltracker_integration
- prometheus_service
- flowdock_integration
- assembla_integration
@ -385,7 +385,7 @@ project:
- buildkite_integration
- bamboo_integration
- teamcity_service
- pushover_service
- pushover_integration
- jira_service
- redmine_service
- youtrack_service

2
spec/models/ci/pipeline_spec.rb
View file

@ -2854,7 +2854,7 @@ RSpec.describe Ci::Pipeline, :mailer, factory_default: :keep do
end
it 'builds hook data once' do
create(:pipelines_email_service)
create(:pipelines_email_integration)
expect(Gitlab::DataBuilder::Pipeline).to receive(:build).once.and_call_original

4
spec/models/integrations/packagist_spec.rb
View file

@ -33,14 +33,14 @@ RSpec.describe Integrations::Packagist do
let(:user) { create(:user) }
let(:project) { create(:project, :repository) }
let(:push_sample_data) { Gitlab::DataBuilder::Push.build_sample(project, user) }
let(:packagist_service) { described_class.create!(packagist_params) }
let(:packagist_integration) { described_class.create!(packagist_params) }
before do
stub_request(:post, packagist_hook_url)
end
it 'calls Packagist API' do
packagist_service.execute(push_sample_data)
packagist_integration.execute(push_sample_data)
expect(a_request(:post, packagist_hook_url)).to have_been_made.once
end

8
spec/models/project_spec.rb
View file

@ -41,8 +41,8 @@ RSpec.describe Project, factory_default: :keep do
it { is_expected.to have_one(:hangouts_chat_integration) }
it { is_expected.to have_one(:unify_circuit_service) }
it { is_expected.to have_one(:webex_teams_service) }
it { is_expected.to have_one(:packagist_service) }
it { is_expected.to have_one(:pushover_service) }
it { is_expected.to have_one(:packagist_integration) }
it { is_expected.to have_one(:pushover_integration) }
it { is_expected.to have_one(:asana_integration) }
it { is_expected.to have_many(:boards) }
it { is_expected.to have_one(:campfire_integration) }
@ -50,9 +50,9 @@ RSpec.describe Project, factory_default: :keep do
it { is_expected.to have_one(:discord_integration) }
it { is_expected.to have_one(:drone_ci_integration) }
it { is_expected.to have_one(:emails_on_push_integration) }
it { is_expected.to have_one(:pipelines_email_service) }
it { is_expected.to have_one(:pipelines_email_integration) }
it { is_expected.to have_one(:irker_integration) }
it { is_expected.to have_one(:pivotaltracker_service) }
it { is_expected.to have_one(:pivotaltracker_integration) }
it { is_expected.to have_one(:flowdock_integration) }
it { is_expected.to have_one(:assembla_integration) }
it { is_expected.to have_one(:slack_slash_commands_service) }

4
spec/services/integrations/test/project_service_spec.rb
View file

@ -23,8 +23,8 @@ RSpec.describe Integrations::Test::ProjectService do
expect(subject).to eq(success_result)
end
context 'PipelinesEmailService' do
let(:integration) { create(:pipelines_email_service, project: project) }
context 'with Integrations::PipelinesEmail' do
let(:integration) { create(:pipelines_email_integration, project: project) }
it_behaves_like 'tests for integration with pipeline data'
end