Add latest changes from gitlab-org/gitlab@master
This commit is contained in:
parent
b014ff26b4
commit
cea25900b7
|
@ -1 +1 @@
|
|||
6314c40a2e0ae9d43eb4c01026d0aef57c10d91c
|
||||
cc879cfb5db4ed342c4f0ea744dbbfdc9649b35f
|
||||
|
|
|
@ -3,12 +3,12 @@
|
|||
module SafeUrl
|
||||
extend ActiveSupport::Concern
|
||||
|
||||
def safe_url(usernames_whitelist: [])
|
||||
def safe_url(allowed_usernames: [])
|
||||
return if url.nil?
|
||||
|
||||
uri = URI.parse(url)
|
||||
uri.password = '*****' if uri.password
|
||||
uri.user = '*****' if uri.user && !usernames_whitelist.include?(uri.user)
|
||||
uri.user = '*****' if uri.user && allowed_usernames.exclude?(uri.user)
|
||||
uri.to_s
|
||||
rescue URI::Error
|
||||
end
|
||||
|
|
|
@ -207,7 +207,7 @@ class RemoteMirror < ApplicationRecord
|
|||
end
|
||||
|
||||
def safe_url
|
||||
super(usernames_whitelist: %w[git])
|
||||
super(allowed_usernames: %w[git])
|
||||
end
|
||||
|
||||
def bare_url
|
||||
|
|
|
@ -6,11 +6,11 @@
|
|||
.card-footer.footer-block.clearfix
|
||||
- if can?(current_user, :accept_terms, @term)
|
||||
.float-right
|
||||
= button_to accept_term_path(@term, redirect_params), class: 'gl-button btn btn-success gl-ml-3', data: { qa_selector: 'accept_terms_button' } do
|
||||
= button_to accept_term_path(@term, redirect_params), class: 'gl-button btn btn-confirm gl-ml-3', data: { qa_selector: 'accept_terms_button' } do
|
||||
= _('Accept terms')
|
||||
- else
|
||||
.float-right
|
||||
= link_to root_path, class: 'gl-button btn btn-success gl-ml-3' do
|
||||
= link_to root_path, class: 'gl-button btn btn-confirm gl-ml-3' do
|
||||
= _('Continue')
|
||||
- if can?(current_user, :decline_terms, @term)
|
||||
.float-right
|
||||
|
|
|
@ -0,0 +1,5 @@
|
|||
---
|
||||
title: Move from btn-success to btn-confirm in users directory
|
||||
merge_request: 56945
|
||||
author: Yogi (@yo)
|
||||
type: changed
|
|
@ -0,0 +1,5 @@
|
|||
---
|
||||
title: Adjust gitlab_database_transaction_seconds histogram bucket
|
||||
merge_request: 56952
|
||||
author:
|
||||
type: changed
|
|
@ -600,8 +600,9 @@ the below steps to do a no downtime transfer to a new storage location.
|
|||
|
||||
## Configure listener for reverse proxy requests
|
||||
|
||||
Follow the steps below to configure the proxy listener of GitLab Pages. [Introduced](https://gitlab.com/gitlab-org/omnibus-gitlab/-/merge_requests/2533) in
|
||||
Omnibus GitLab 11.1.
|
||||
> [Introduced](https://gitlab.com/gitlab-org/omnibus-gitlab/-/merge_requests/2533) in Omnibus GitLab 11.1.
|
||||
|
||||
Follow the steps below to configure the proxy listener of GitLab Pages.
|
||||
|
||||
1. By default the listener is configured to listen for requests on `localhost:8090`.
|
||||
|
||||
|
|
|
@ -18,9 +18,6 @@ Some gems may not include their license information in their `gemspec` file, and
|
|||
|
||||
### License Finder commands
|
||||
|
||||
NOTE:
|
||||
License Finder currently uses GitLab misused terms of `whitelist` and `blacklist`. As a result, the commands below reference those terms. We've created an [issue on their project](https://github.com/pivotal/LicenseFinder/issues/745) to propose that they rename their commands.
|
||||
|
||||
There are a few basic commands License Finder provides that you need in order to manage license detection.
|
||||
|
||||
To verify that the checks are passing, and/or to see what dependencies are causing the checks to fail:
|
||||
|
@ -32,13 +29,13 @@ bundle exec license_finder
|
|||
To allowlist a new license:
|
||||
|
||||
```shell
|
||||
license_finder whitelist add MIT
|
||||
license_finder permitted_licenses add MIT
|
||||
```
|
||||
|
||||
To denylist a new license:
|
||||
|
||||
```shell
|
||||
license_finder blacklist add Unlicense
|
||||
license_finder restricted_licenses add Unlicense
|
||||
```
|
||||
|
||||
To tell License Finder about a dependency's license if it isn't auto-detected:
|
||||
|
|
|
@ -11,13 +11,16 @@ module Gitlab
|
|||
DB_COUNTERS = %i{db_count db_write_count db_cached_count}.freeze
|
||||
SQL_COMMANDS_WITH_COMMENTS_REGEX = /\A(\/\*.*\*\/\s)?((?!(.*[^\w'"](DELETE|UPDATE|INSERT INTO)[^\w'"])))(WITH.*)?(SELECT)((?!(FOR UPDATE|FOR SHARE)).)*$/i.freeze
|
||||
|
||||
DURATION_BUCKET = [0.05, 0.1, 0.25].freeze
|
||||
SQL_DURATION_BUCKET = [0.05, 0.1, 0.25].freeze
|
||||
TRANSACTION_DURATION_BUCKET = [0.1, 0.25, 1].freeze
|
||||
|
||||
# This event is published from ActiveRecordBaseTransactionMetrics and
|
||||
# used to record a database transaction duration when calling
|
||||
# ActiveRecord::Base.transaction {} block.
|
||||
def transaction(event)
|
||||
observe(:gitlab_database_transaction_seconds, event)
|
||||
observe(:gitlab_database_transaction_seconds, event) do
|
||||
buckets TRANSACTION_DURATION_BUCKET
|
||||
end
|
||||
end
|
||||
|
||||
def sql(event)
|
||||
|
@ -33,7 +36,9 @@ module Gitlab
|
|||
increment(:db_cached_count) if cached_query?(payload)
|
||||
increment(:db_write_count) unless select_sql_command?(payload)
|
||||
|
||||
observe(:gitlab_sql_duration_seconds, event)
|
||||
observe(:gitlab_sql_duration_seconds, event) do
|
||||
buckets SQL_DURATION_BUCKET
|
||||
end
|
||||
end
|
||||
|
||||
def self.db_counter_payload
|
||||
|
@ -66,10 +71,8 @@ module Gitlab
|
|||
Gitlab::SafeRequestStore[counter] = Gitlab::SafeRequestStore[counter].to_i + 1
|
||||
end
|
||||
|
||||
def observe(histogram, event)
|
||||
current_transaction&.observe(histogram, event.duration / 1000.0) do
|
||||
buckets DURATION_BUCKET
|
||||
end
|
||||
def observe(histogram, event, &block)
|
||||
current_transaction&.observe(histogram, event.duration / 1000.0, &block)
|
||||
end
|
||||
|
||||
def current_transaction
|
||||
|
|
|
@ -8,65 +8,145 @@ RSpec.describe Gitlab::Metrics::Subscribers::ActiveRecord do
|
|||
let(:env) { {} }
|
||||
let(:subscriber) { described_class.new }
|
||||
let(:connection) { double(:connection) }
|
||||
let(:payload) { { sql: 'SELECT * FROM users WHERE id = 10', connection: connection } }
|
||||
|
||||
let(:event) do
|
||||
double(
|
||||
:event,
|
||||
name: 'sql.active_record',
|
||||
duration: 2,
|
||||
payload: payload
|
||||
)
|
||||
end
|
||||
describe '#transaction' do
|
||||
let(:web_transaction) { double('Gitlab::Metrics::WebTransaction') }
|
||||
let(:background_transaction) { double('Gitlab::Metrics::WebTransaction') }
|
||||
|
||||
# Emulate Marginalia pre-pending comments
|
||||
def sql(query, comments: true)
|
||||
if comments && !%w[BEGIN COMMIT].include?(query)
|
||||
"/*application:web,controller:badges,action:pipeline,correlation_id:01EYN39K9VMJC56Z7808N7RSRH*/ #{query}"
|
||||
else
|
||||
query
|
||||
end
|
||||
end
|
||||
|
||||
shared_examples 'track generic sql events' do
|
||||
where(:name, :sql_query, :record_query, :record_write_query, :record_cached_query) do
|
||||
'SQL' | 'SELECT * FROM users WHERE id = 10' | true | false | false
|
||||
'SQL' | 'WITH active_milestones AS (SELECT COUNT(*), state FROM milestones GROUP BY state) SELECT * FROM active_milestones' | true | false | false
|
||||
'SQL' | 'SELECT * FROM users WHERE id = 10 FOR UPDATE' | true | true | false
|
||||
'SQL' | 'WITH archived_rows AS (SELECT * FROM users WHERE archived = true) INSERT INTO products_log SELECT * FROM archived_rows' | true | true | false
|
||||
'SQL' | 'DELETE FROM users where id = 10' | true | true | false
|
||||
'SQL' | 'INSERT INTO project_ci_cd_settings (project_id) SELECT id FROM projects' | true | true | false
|
||||
'SQL' | 'UPDATE users SET admin = true WHERE id = 10' | true | true | false
|
||||
'CACHE' | 'SELECT * FROM users WHERE id = 10' | true | false | true
|
||||
'SCHEMA' | "SELECT attr.attname FROM pg_attribute attr INNER JOIN pg_constraint cons ON attr.attrelid = cons.conrelid AND attr.attnum = any(cons.conkey) WHERE cons.contype = 'p' AND cons.conrelid = '\"projects\"'::regclass" | false | false | false
|
||||
nil | 'BEGIN' | false | false | false
|
||||
nil | 'COMMIT' | false | false | false
|
||||
let(:event) do
|
||||
double(
|
||||
:event,
|
||||
name: 'transaction.active_record',
|
||||
duration: 230,
|
||||
payload: { connection: connection }
|
||||
)
|
||||
end
|
||||
|
||||
with_them do
|
||||
let(:payload) { { name: name, sql: sql(sql_query, comments: comments), connection: connection } }
|
||||
before do
|
||||
allow(background_transaction).to receive(:observe)
|
||||
allow(web_transaction).to receive(:observe)
|
||||
end
|
||||
|
||||
it 'marks the current thread as using the database' do
|
||||
# since it would already have been toggled by other specs
|
||||
Thread.current[:uses_db_connection] = nil
|
||||
|
||||
expect { subscriber.sql(event) }.to change { Thread.current[:uses_db_connection] }.from(nil).to(true)
|
||||
context 'when both web and background transaction are available' do
|
||||
before do
|
||||
allow(::Gitlab::Metrics::WebTransaction).to receive(:current)
|
||||
.and_return(web_transaction)
|
||||
allow(::Gitlab::Metrics::BackgroundTransaction).to receive(:current)
|
||||
.and_return(background_transaction)
|
||||
end
|
||||
|
||||
it_behaves_like 'record ActiveRecord metrics'
|
||||
it_behaves_like 'store ActiveRecord info in RequestStore'
|
||||
it 'captures the metrics for web only' do
|
||||
expect(web_transaction).to receive(:observe).with(:gitlab_database_transaction_seconds, 0.23)
|
||||
|
||||
expect(background_transaction).not_to receive(:observe)
|
||||
expect(background_transaction).not_to receive(:increment)
|
||||
|
||||
subscriber.transaction(event)
|
||||
end
|
||||
end
|
||||
|
||||
context 'when web transaction is available' do
|
||||
let(:web_transaction) { double('Gitlab::Metrics::WebTransaction') }
|
||||
|
||||
before do
|
||||
allow(::Gitlab::Metrics::WebTransaction).to receive(:current)
|
||||
.and_return(web_transaction)
|
||||
allow(::Gitlab::Metrics::BackgroundTransaction).to receive(:current)
|
||||
.and_return(nil)
|
||||
end
|
||||
|
||||
it 'captures the metrics for web only' do
|
||||
expect(web_transaction).to receive(:observe).with(:gitlab_database_transaction_seconds, 0.23)
|
||||
|
||||
expect(background_transaction).not_to receive(:observe)
|
||||
expect(background_transaction).not_to receive(:increment)
|
||||
|
||||
subscriber.transaction(event)
|
||||
end
|
||||
end
|
||||
|
||||
context 'when background transaction is available' do
|
||||
let(:background_transaction) { double('Gitlab::Metrics::BackgroundTransaction') }
|
||||
|
||||
before do
|
||||
allow(::Gitlab::Metrics::WebTransaction).to receive(:current)
|
||||
.and_return(nil)
|
||||
allow(::Gitlab::Metrics::BackgroundTransaction).to receive(:current)
|
||||
.and_return(background_transaction)
|
||||
end
|
||||
|
||||
it 'captures the metrics for web only' do
|
||||
expect(background_transaction).to receive(:observe).with(:gitlab_database_transaction_seconds, 0.23)
|
||||
|
||||
expect(web_transaction).not_to receive(:observe)
|
||||
expect(web_transaction).not_to receive(:increment)
|
||||
|
||||
subscriber.transaction(event)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
context 'without Marginalia comments' do
|
||||
let(:comments) { false }
|
||||
describe '#sql' do
|
||||
let(:payload) { { sql: 'SELECT * FROM users WHERE id = 10', connection: connection } }
|
||||
|
||||
it_behaves_like 'track generic sql events'
|
||||
end
|
||||
let(:event) do
|
||||
double(
|
||||
:event,
|
||||
name: 'sql.active_record',
|
||||
duration: 2,
|
||||
payload: payload
|
||||
)
|
||||
end
|
||||
|
||||
context 'with Marginalia comments' do
|
||||
let(:comments) { true }
|
||||
# Emulate Marginalia pre-pending comments
|
||||
def sql(query, comments: true)
|
||||
if comments && !%w[BEGIN COMMIT].include?(query)
|
||||
"/*application:web,controller:badges,action:pipeline,correlation_id:01EYN39K9VMJC56Z7808N7RSRH*/ #{query}"
|
||||
else
|
||||
query
|
||||
end
|
||||
end
|
||||
|
||||
it_behaves_like 'track generic sql events'
|
||||
shared_examples 'track generic sql events' do
|
||||
where(:name, :sql_query, :record_query, :record_write_query, :record_cached_query) do
|
||||
'SQL' | 'SELECT * FROM users WHERE id = 10' | true | false | false
|
||||
'SQL' | 'WITH active_milestones AS (SELECT COUNT(*), state FROM milestones GROUP BY state) SELECT * FROM active_milestones' | true | false | false
|
||||
'SQL' | 'SELECT * FROM users WHERE id = 10 FOR UPDATE' | true | true | false
|
||||
'SQL' | 'WITH archived_rows AS (SELECT * FROM users WHERE archived = true) INSERT INTO products_log SELECT * FROM archived_rows' | true | true | false
|
||||
'SQL' | 'DELETE FROM users where id = 10' | true | true | false
|
||||
'SQL' | 'INSERT INTO project_ci_cd_settings (project_id) SELECT id FROM projects' | true | true | false
|
||||
'SQL' | 'UPDATE users SET admin = true WHERE id = 10' | true | true | false
|
||||
'CACHE' | 'SELECT * FROM users WHERE id = 10' | true | false | true
|
||||
'SCHEMA' | "SELECT attr.attname FROM pg_attribute attr INNER JOIN pg_constraint cons ON attr.attrelid = cons.conrelid AND attr.attnum = any(cons.conkey) WHERE cons.contype = 'p' AND cons.conrelid = '\"projects\"'::regclass" | false | false | false
|
||||
nil | 'BEGIN' | false | false | false
|
||||
nil | 'COMMIT' | false | false | false
|
||||
end
|
||||
|
||||
with_them do
|
||||
let(:payload) { { name: name, sql: sql(sql_query, comments: comments), connection: connection } }
|
||||
|
||||
it 'marks the current thread as using the database' do
|
||||
# since it would already have been toggled by other specs
|
||||
Thread.current[:uses_db_connection] = nil
|
||||
|
||||
expect { subscriber.sql(event) }.to change { Thread.current[:uses_db_connection] }.from(nil).to(true)
|
||||
end
|
||||
|
||||
it_behaves_like 'record ActiveRecord metrics'
|
||||
it_behaves_like 'store ActiveRecord info in RequestStore'
|
||||
end
|
||||
end
|
||||
|
||||
context 'without Marginalia comments' do
|
||||
let(:comments) { false }
|
||||
|
||||
it_behaves_like 'track generic sql events'
|
||||
end
|
||||
|
||||
context 'with Marginalia comments' do
|
||||
let(:comments) { true }
|
||||
|
||||
it_behaves_like 'track generic sql events'
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -26,14 +26,16 @@ RSpec.describe SafeUrl do
|
|||
context 'when URL contains credentials' do
|
||||
let(:url) { 'http://foo:bar@example.com' }
|
||||
|
||||
it { is_expected.to eq('http://*****:*****@example.com')}
|
||||
it 'masks username and password' do
|
||||
is_expected.to eq('http://*****:*****@example.com')
|
||||
end
|
||||
|
||||
context 'when username is whitelisted' do
|
||||
subject { test_class.safe_url(usernames_whitelist: usernames_whitelist) }
|
||||
context 'when username is allowed' do
|
||||
subject { test_class.safe_url(allowed_usernames: usernames) }
|
||||
|
||||
let(:usernames_whitelist) { %w[foo] }
|
||||
let(:usernames) { %w[foo] }
|
||||
|
||||
it 'does expect the whitelisted username not to be masked' do
|
||||
it 'masks the password, but not the username' do
|
||||
is_expected.to eq('http://foo:*****@example.com')
|
||||
end
|
||||
end
|
||||
|
|
Loading…
Reference in New Issue