kotovalexarian-likes-gitlab/gitlab-org--gitlab-foss
1
0
Fork 0
Code Releases Activity

Add latest changes from gitlab-org/gitlab@master

Browse source
This commit is contained in:
GitLab Bot 2021-11-05 00:13:17 +00:00
parent 2fdc3eaafb
commit cdd01f01dc
12 changed files with 152 additions and 21 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
app/services/issues/create_service.rb
View file

@ -6,7 +6,7 @@ module Issues
prepend RateLimitedService
rate_limit key: :issues_create,
opts: { scope: [:project, :current_user], users_allowlist: -> { [User.support_bot.username] } }
opts: { scope: [:project, :current_user, :external_author] }
# NOTE: For Issues::CreateService, we require the spam_params and do not default it to nil, because
# spam_checking is likely to be necessary. However, if there is not a request available in scope
@ -25,6 +25,10 @@ module Issues
create(@issue, skip_system_notes: skip_system_notes)
end
def external_author
params[:external_author] # present when creating an issue using service desk (email: from)
end
def before_create(issue)
Spam::SpamActionService.new(
spammable: issue,

2
app/views/admin/topics/_topic.html.haml
View file

@ -6,7 +6,7 @@
.gl-min-w-0.gl-flex-grow-1
.title
= topic.name
= link_to topic.name, topic_explore_projects_path(topic_name: topic.name)
.stats.gl-text-gray-500.gl-flex-shrink-0.gl-display-none.gl-sm-display-flex
%span.gl-ml-5.has-tooltip{ title: n_('%d project', '%d projects', topic.total_projects_count) % topic.total_projects_count }

13
db/post_migrate/20211104044453_remove_redundant_events_index.rb Normal file
View file

@ -0,0 +1,13 @@
# frozen_string_literal: true
class RemoveRedundantEventsIndex < Gitlab::Database::Migration[1.0]
disable_ddl_transaction!
def up
remove_concurrent_index_by_name :events, :index_events_on_target_type_and_target_id
end
def down
add_concurrent_index :events, [:target_type, :target_id], name: :index_events_on_target_type_and_target_id
end
end

1
db/schema_migrations/20211104044453 Normal file
View file

@ -0,0 +1 @@
fc5a60c27ca89b122d798abe8f55a0951fece712c885555df0d2f37b565d6f94

2
db/structure.sql
View file

@ -25361,8 +25361,6 @@ CREATE INDEX index_events_on_project_id_and_id ON events USING btree (project_id
CREATE INDEX index_events_on_project_id_and_id_desc_on_merged_action ON events USING btree (project_id, id DESC) WHERE (action = 7);
CREATE INDEX index_events_on_target_type_and_target_id ON events USING btree (target_type, target_id);
CREATE UNIQUE INDEX index_events_on_target_type_and_target_id_and_fingerprint ON events USING btree (target_type, target_id, fingerprint);
CREATE INDEX index_evidences_on_release_id ON evidences USING btree (release_id);

8
doc/user/clusters/agent/repository.md
View file

@ -213,7 +213,7 @@ configuration block to your agent's `config.yaml` with no `filters`:
```yaml
starboard:
vulnerability_reports:
vulnerability_report:
filters: []
```
@ -231,7 +231,7 @@ By adding filters, you can limit scans by:
```yaml
starboard:
vulnerability_reports:
vulnerability_report:
filters:
- namespaces:
- staging
@ -256,7 +256,7 @@ names are scanned. In this example, a resource isn't scanned unless it has a con
```yaml
starboard:
vulnerability_reports:
vulnerability_report:
filters:
- kinds:
- Deployment
@ -270,7 +270,7 @@ There is also a global `namespaces` field that applies to all filters:
```yaml
starboard:
vulnerability_reports:
vulnerability_report:
namespaces:
- production
filters:

5
doc/user/packages/generic_packages/index.md
View file

@ -35,7 +35,10 @@ When you publish a package file, if the package does not exist, it is created.
Prerequisites:
- You need to [authenticate with the API](../../../api/index.md#authentication). If authenticating with a deploy token, it must be configured with the `write_package_registry` scope.
- You must [authenticate with the API](../../../api/index.md#authentication).
If authenticating with a deploy token, it must be configured with the `write_package_registry`
scope. If authenticating with a personal access token or project access token, it must be
configured with the `api` scope.
```plaintext
PUT /projects/:id/packages/generic/:package_name/:package_version/:file_name?status=:status

4
spec/controllers/groups/dependency_proxy_for_containers_controller_spec.rb
View file

@ -164,10 +164,10 @@ RSpec.describe Groups::DependencyProxyForContainersController do
end
describe 'GET #manifest' do
let_it_be(:manifest) { create(:dependency_proxy_manifest, group: group) }
let_it_be(:tag) { 'latest' }
let_it_be(:manifest) { create(:dependency_proxy_manifest, file_name: "alpine:#{tag}.json", group: group) }
let(:pull_response) { { status: :success, manifest: manifest, from_cache: false } }
let(:tag) { 'latest1' }
before do
allow_next_instance_of(DependencyProxy::FindOrCreateManifestService) do |instance|

4
spec/fixtures/emails/service_desk_forwarded.eml vendored
View file

@ -1,11 +1,11 @@
Delivered-To: incoming+email-test-project_id-issue-@appmail.adventuretime.ooo
Return-Path: <jake@adventuretime.ooo>
Return-Path: <jake.g@adventuretime.ooo>
Received: from iceking.adventuretime.ooo ([unix socket]) by iceking (Cyrus v2.2.13-Debian-2.2.13-19+squeeze3) with LMTPA; Thu, 13 Jun 2013 17:03:50 -0400
Received: from mail-ie0-x234.google.com (mail-ie0-x234.google.com [IPv6:2607:f8b0:4001:c03::234]) by iceking.adventuretime.ooo (8.14.3/8.14.3/Debian-9.4) with ESMTP id r5DL3nFJ016967 (version=TLSv1/SSLv3 cipher=RC4-SHA bits=128 verify=NOT) for <incoming+gitlabhq/gitlabhq@appmail.adventuretime.ooo>; Thu, 13 Jun 2013 17:03:50 -0400
Received: by mail-ie0-f180.google.com with SMTP id f4so21977375iea.25 for <incoming+email-test-project_id-issue-@appmail.adventuretime.ooo>; Thu, 13 Jun 2013 14:03:48 -0700
Received: by 10.0.0.1 with HTTP; Thu, 13 Jun 2013 14:03:48 -0700
Date: Thu, 13 Jun 2013 17:03:48 -0400
From: Jake the Dog <jake@adventuretime.ooo>
From: Jake the Dog <jake.g@adventuretime.ooo>
To: support@adventuretime.ooo
Delivered-To: support@adventuretime.ooo
Message-ID: <CADkmRc+rNGAGGbV2iE5p918UVy4UyJqVcXRO2=otppgzduJSg@mail.gmail.com>

20
spec/lib/gitlab/application_rate_limiter_spec.rb
View file

@ -99,6 +99,16 @@ RSpec.describe Gitlab::ApplicationRateLimiter do
end
it_behaves_like 'action rate limiter'
context 'when a scope attribute is nil' do
let(:scope) { [user, nil] }
let(:cache_key) do
"application_rate_limiter:test_action:user:#{user.id}"
end
it_behaves_like 'action rate limiter'
end
end
context 'when the key is a combination of ActiveRecord models and strings' do
@ -112,6 +122,16 @@ RSpec.describe Gitlab::ApplicationRateLimiter do
end
it_behaves_like 'action rate limiter'
context 'when a scope attribute is nil' do
let(:scope) { [project, commit, nil] }
let(:cache_key) do
"application_rate_limiter:test_action:project:#{project.id}:commit:#{commit.sha}"
end
it_behaves_like 'action rate limiter'
end
end
end

61
spec/lib/gitlab/email/handler/service_desk_handler_spec.rb
View file

@ -11,6 +11,7 @@ RSpec.describe Gitlab::Email::Handler::ServiceDeskHandler do
end
let(:email_raw) { email_fixture('emails/service_desk.eml') }
let(:author_email) { 'jake@adventuretime.ooo' }
let_it_be(:group) { create(:group, :private, name: "email") }
let(:expected_description) do
@ -45,7 +46,7 @@ RSpec.describe Gitlab::Email::Handler::ServiceDeskHandler do
receiver.execute
new_issue = Issue.last
expect(new_issue.issue_email_participants.first.email).to eq("jake@adventuretime.ooo")
expect(new_issue.issue_email_participants.first.email).to eq(author_email)
end
it 'sends thank you email' do
@ -256,13 +257,60 @@ RSpec.describe Gitlab::Email::Handler::ServiceDeskHandler do
it_behaves_like 'a new issue request'
end
end
end
context 'when rate limiting is in effect' do
it 'allows unlimited new issue creation' do
stub_application_setting(issues_create_limit: 1)
setup_attachment
context 'when rate limiting is in effect', :clean_gitlab_redis_cache do
let(:receiver) { Gitlab::Email::Receiver.new(email_raw) }
expect { 2.times { receiver.execute } }.to change { Issue.count }.by(2)
subject { 2.times { receiver.execute } }
before do
stub_feature_flags(rate_limited_service_issues_create: true)
stub_application_setting(issues_create_limit: 1)
end
context 'when too many requests are sent by one user' do
it 'raises an error' do
freeze_time do
expect { subject }.to raise_error(RateLimitedService::RateLimitedError)
end
end
it 'creates 1 issue' do
freeze_time do
expect do
subject
rescue RateLimitedService::RateLimitedError
end.to change { Issue.count }.by(1)
end
end
context 'when requests are sent by different users' do
let(:email_raw_2) { email_fixture('emails/service_desk_forwarded.eml') }
let(:receiver2) { Gitlab::Email::Receiver.new(email_raw_2) }
subject do
receiver.execute
receiver2.execute
end
it 'creates 2 issues' do
freeze_time do
expect { subject }.to change { Issue.count }.by(2)
end
end
end
end
context 'when limit is higher than sent emails' do
before do
stub_application_setting(issues_create_limit: 3)
end
it 'creates 2 issues' do
freeze_time do
expect { subject }.to change { Issue.count }.by(2)
end
end
end
end
@ -336,6 +384,7 @@ RSpec.describe Gitlab::Email::Handler::ServiceDeskHandler do
end
context 'when the email is forwarded through an alias' do
let(:author_email) { 'jake.g@adventuretime.ooo' }
let(:email_raw) { email_fixture('emails/service_desk_forwarded.eml') }
it_behaves_like 'a new issue request'

47
spec/services/issues/create_service_spec.rb
View file

@ -15,8 +15,7 @@ RSpec.describe Issues::CreateService do
expect(described_class.rate_limiter_scoped_and_keyed).to be_a(RateLimitedService::RateLimiterScopedAndKeyed)
expect(described_class.rate_limiter_scoped_and_keyed.key).to eq(:issues_create)
expect(described_class.rate_limiter_scoped_and_keyed.opts[:scope]).to eq(%i[project current_user])
expect(described_class.rate_limiter_scoped_and_keyed.opts[:users_allowlist].call).to eq(%w[support-bot])
expect(described_class.rate_limiter_scoped_and_keyed.opts[:scope]).to eq(%i[project current_user external_author])
expect(described_class.rate_limiter_scoped_and_keyed.rate_limiter_klass).to eq(Gitlab::ApplicationRateLimiter)
end
end
@ -289,6 +288,50 @@ RSpec.describe Issues::CreateService do
described_class.new(project: project, current_user: user, params: opts, spam_params: spam_params).execute
end
context 'when rate limiting is in effect', :clean_gitlab_redis_cache do
let(:user) { create(:user) }
before do
stub_feature_flags(rate_limited_service_issues_create: true)
stub_application_setting(issues_create_limit: 1)
end
subject do
2.times { described_class.new(project: project, current_user: user, params: opts, spam_params: double).execute }
end
context 'when too many requests are sent by one user' do
it 'raises an error' do
freeze_time do
expect do
subject
end.to raise_error(RateLimitedService::RateLimitedError)
end
end
it 'creates 1 issue' do
freeze_time do
expect do
subject
rescue RateLimitedService::RateLimitedError
end.to change { Issue.count }.by(1)
end
end
end
context 'when limit is higher than counf of issues being created' do
before do
stub_application_setting(issues_create_limit: 3)
end
it 'creates 2 issues' do
freeze_time do
expect { subject }.to change { Issue.count }.by(2)
end
end
end
end
context 'after_save callback to store_mentions' do
context 'when mentionable attributes change' do
let(:opts) { { title: 'Title', description: "Description with #{user.to_reference}" } }