Add latest changes from gitlab-org/gitlab@master
This commit is contained in:
parent
39623d60e8
commit
d69a7028a5
13 changed files with 206 additions and 1 deletions
|
@ -0,0 +1,25 @@
|
|||
# frozen_string_literal: true
|
||||
|
||||
module Security
|
||||
module CiConfiguration
|
||||
class DependencyScanningCreateService < ::Security::CiConfiguration::BaseCreateService
|
||||
private
|
||||
|
||||
def action
|
||||
Security::CiConfiguration::DependencyScanningBuildAction.new(project.auto_devops_enabled?, existing_gitlab_ci_content).generate
|
||||
end
|
||||
|
||||
def next_branch
|
||||
'set-dependency-scanning-config'
|
||||
end
|
||||
|
||||
def message
|
||||
_('Configure Dependency Scanning in `.gitlab-ci.yml`, creating this file if it does not already exist')
|
||||
end
|
||||
|
||||
def description
|
||||
_('Configure Dependency Scanning in `.gitlab-ci.yml` using the GitLab managed template. You can [add variable overrides](https://docs.gitlab.com/ee/user/application_security/dependency_scanning/#customizing-the-dependency-scanning-settings) to customize Dependency Scanning settings.')
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
|
@ -0,0 +1,13 @@
|
|||
# frozen_string_literal: true
|
||||
|
||||
class DeleteLegacyOperationsFeatureFlags < ActiveRecord::Migration[6.1]
|
||||
LEGACY_FEATURE_FLAG_VERSION = 1
|
||||
|
||||
def up
|
||||
execute("DELETE FROM operations_feature_flags WHERE version = #{LEGACY_FEATURE_FLAG_VERSION}")
|
||||
end
|
||||
|
||||
def down
|
||||
# no-op
|
||||
end
|
||||
end
|
1
db/schema_migrations/20210610153556
Normal file
1
db/schema_migrations/20210610153556
Normal file
|
@ -0,0 +1 @@
|
|||
39ca841ce1de3faadee41fbb756d80c98efd853fbbffa7cb3f8f9de56752078b
|
|
@ -909,6 +909,30 @@ Input type: `CommitCreateInput`
|
|||
| <a id="mutationcommitcreatecontent"></a>`content` | [`[String!]`](#string) | Contents of the commit. |
|
||||
| <a id="mutationcommitcreateerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. |
|
||||
|
||||
### `Mutation.configureDependencyScanning`
|
||||
|
||||
Configure Dependency Scanning for a project by enabling Dependency Scanning in a new or modified
|
||||
`.gitlab-ci.yml` file in a new branch. The new branch and a URL to
|
||||
create a Merge Request are a part of the response.
|
||||
|
||||
Input type: `ConfigureDependencyScanningInput`
|
||||
|
||||
#### Arguments
|
||||
|
||||
| Name | Type | Description |
|
||||
| ---- | ---- | ----------- |
|
||||
| <a id="mutationconfiguredependencyscanningclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. |
|
||||
| <a id="mutationconfiguredependencyscanningprojectpath"></a>`projectPath` | [`ID!`](#id) | Full path of the project. |
|
||||
|
||||
#### Fields
|
||||
|
||||
| Name | Type | Description |
|
||||
| ---- | ---- | ----------- |
|
||||
| <a id="mutationconfiguredependencyscanningbranch"></a>`branch` | [`String`](#string) | Branch that has the new/modified `.gitlab-ci.yml` file. |
|
||||
| <a id="mutationconfiguredependencyscanningclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. |
|
||||
| <a id="mutationconfiguredependencyscanningerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. |
|
||||
| <a id="mutationconfiguredependencyscanningsuccesspath"></a>`successPath` | [`String`](#string) | Redirect path to use when the response is successful. |
|
||||
|
||||
### `Mutation.configureSast`
|
||||
|
||||
Configure SAST for a project by enabling SAST in a new or modified
|
||||
|
|
|
@ -18,7 +18,9 @@ module API
|
|||
end
|
||||
|
||||
expose :subscribed do |label, options|
|
||||
label.subscribed?(options[:current_user], options[:parent])
|
||||
label.subscribed?(options[:current_user]) || (
|
||||
options[:parent].is_a?(::Project) && label.subscribed?(options[:current_user], options[:parent])
|
||||
)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -41,6 +41,7 @@ module Security
|
|||
# You can override the included template(s) by including variable overrides
|
||||
# SAST customization: https://docs.gitlab.com/ee/user/application_security/sast/#customizing-the-sast-settings
|
||||
# Secret Detection customization: https://docs.gitlab.com/ee/user/application_security/secret_detection/#customizing-settings
|
||||
# Dependency Scanning customization: https://docs.gitlab.com/ee/user/application_security/dependency_scanning/#customizing-the-dependency-scanning-settings
|
||||
# Note that environment variables can be set in several places
|
||||
# See https://docs.gitlab.com/ee/ci/variables/#cicd-variable-precedence
|
||||
YAML
|
||||
|
|
|
@ -0,0 +1,19 @@
|
|||
# frozen_string_literal: true
|
||||
|
||||
module Security
|
||||
module CiConfiguration
|
||||
class DependencyScanningBuildAction < BaseBuildAction
|
||||
private
|
||||
|
||||
def update_existing_content!
|
||||
@existing_gitlab_ci_content['include'] = generate_includes
|
||||
end
|
||||
|
||||
def template
|
||||
return 'Auto-DevOps.gitlab-ci.yml' if @auto_devops_enabled
|
||||
|
||||
'Security/Dependency-Scanning.gitlab-ci.yml'
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
|
@ -8286,6 +8286,12 @@ msgstr ""
|
|||
msgid "Configure %{repository_checks_link_start}repository checks%{link_end} and %{housekeeping_link_start}housekeeping%{link_end} on repositories."
|
||||
msgstr ""
|
||||
|
||||
msgid "Configure Dependency Scanning in `.gitlab-ci.yml` using the GitLab managed template. You can [add variable overrides](https://docs.gitlab.com/ee/user/application_security/dependency_scanning/#customizing-the-dependency-scanning-settings) to customize Dependency Scanning settings."
|
||||
msgstr ""
|
||||
|
||||
msgid "Configure Dependency Scanning in `.gitlab-ci.yml`, creating this file if it does not already exist"
|
||||
msgstr ""
|
||||
|
||||
msgid "Configure GitLab runners to start using the Web Terminal. %{helpStart}Learn more.%{helpEnd}"
|
||||
msgstr ""
|
||||
|
||||
|
|
|
@ -323,6 +323,7 @@ RSpec.describe Security::CiConfiguration::SastBuildAction do
|
|||
# You can override the included template(s) by including variable overrides
|
||||
# SAST customization: https://docs.gitlab.com/ee/user/application_security/sast/#customizing-the-sast-settings
|
||||
# Secret Detection customization: https://docs.gitlab.com/ee/user/application_security/secret_detection/#customizing-settings
|
||||
# Dependency Scanning customization: https://docs.gitlab.com/ee/user/application_security/dependency_scanning/#customizing-the-dependency-scanning-settings
|
||||
# Note that environment variables can be set in several places
|
||||
# See https://docs.gitlab.com/ee/ci/variables/#cicd-variable-precedence
|
||||
stages:
|
||||
|
@ -342,6 +343,7 @@ RSpec.describe Security::CiConfiguration::SastBuildAction do
|
|||
# You can override the included template(s) by including variable overrides
|
||||
# SAST customization: https://docs.gitlab.com/ee/user/application_security/sast/#customizing-the-sast-settings
|
||||
# Secret Detection customization: https://docs.gitlab.com/ee/user/application_security/secret_detection/#customizing-settings
|
||||
# Dependency Scanning customization: https://docs.gitlab.com/ee/user/application_security/dependency_scanning/#customizing-the-dependency-scanning-settings
|
||||
# Note that environment variables can be set in several places
|
||||
# See https://docs.gitlab.com/ee/ci/variables/#cicd-variable-precedence
|
||||
stages:
|
||||
|
@ -358,6 +360,7 @@ RSpec.describe Security::CiConfiguration::SastBuildAction do
|
|||
# You can override the included template(s) by including variable overrides
|
||||
# SAST customization: https://docs.gitlab.com/ee/user/application_security/sast/#customizing-the-sast-settings
|
||||
# Secret Detection customization: https://docs.gitlab.com/ee/user/application_security/secret_detection/#customizing-settings
|
||||
# Dependency Scanning customization: https://docs.gitlab.com/ee/user/application_security/dependency_scanning/#customizing-the-dependency-scanning-settings
|
||||
# Note that environment variables can be set in several places
|
||||
# See https://docs.gitlab.com/ee/ci/variables/#cicd-variable-precedence
|
||||
stages:
|
||||
|
@ -380,6 +383,7 @@ RSpec.describe Security::CiConfiguration::SastBuildAction do
|
|||
# You can override the included template(s) by including variable overrides
|
||||
# SAST customization: https://docs.gitlab.com/ee/user/application_security/sast/#customizing-the-sast-settings
|
||||
# Secret Detection customization: https://docs.gitlab.com/ee/user/application_security/secret_detection/#customizing-settings
|
||||
# Dependency Scanning customization: https://docs.gitlab.com/ee/user/application_security/dependency_scanning/#customizing-the-dependency-scanning-settings
|
||||
# Note that environment variables can be set in several places
|
||||
# See https://docs.gitlab.com/ee/ci/variables/#cicd-variable-precedence
|
||||
stages:
|
||||
|
@ -415,6 +419,7 @@ RSpec.describe Security::CiConfiguration::SastBuildAction do
|
|||
# You can override the included template(s) by including variable overrides
|
||||
# SAST customization: https://docs.gitlab.com/ee/user/application_security/sast/#customizing-the-sast-settings
|
||||
# Secret Detection customization: https://docs.gitlab.com/ee/user/application_security/secret_detection/#customizing-settings
|
||||
# Dependency Scanning customization: https://docs.gitlab.com/ee/user/application_security/dependency_scanning/#customizing-the-dependency-scanning-settings
|
||||
# Note that environment variables can be set in several places
|
||||
# See https://docs.gitlab.com/ee/ci/variables/#cicd-variable-precedence
|
||||
stages:
|
||||
|
@ -439,6 +444,7 @@ RSpec.describe Security::CiConfiguration::SastBuildAction do
|
|||
# You can override the included template(s) by including variable overrides
|
||||
# SAST customization: https://docs.gitlab.com/ee/user/application_security/sast/#customizing-the-sast-settings
|
||||
# Secret Detection customization: https://docs.gitlab.com/ee/user/application_security/secret_detection/#customizing-settings
|
||||
# Dependency Scanning customization: https://docs.gitlab.com/ee/user/application_security/dependency_scanning/#customizing-the-dependency-scanning-settings
|
||||
# Note that environment variables can be set in several places
|
||||
# See https://docs.gitlab.com/ee/ci/variables/#cicd-variable-precedence
|
||||
stages:
|
||||
|
@ -461,6 +467,7 @@ RSpec.describe Security::CiConfiguration::SastBuildAction do
|
|||
# You can override the included template(s) by including variable overrides
|
||||
# SAST customization: https://docs.gitlab.com/ee/user/application_security/sast/#customizing-the-sast-settings
|
||||
# Secret Detection customization: https://docs.gitlab.com/ee/user/application_security/secret_detection/#customizing-settings
|
||||
# Dependency Scanning customization: https://docs.gitlab.com/ee/user/application_security/dependency_scanning/#customizing-the-dependency-scanning-settings
|
||||
# Note that environment variables can be set in several places
|
||||
# See https://docs.gitlab.com/ee/ci/variables/#cicd-variable-precedence
|
||||
stages:
|
||||
|
@ -484,6 +491,7 @@ RSpec.describe Security::CiConfiguration::SastBuildAction do
|
|||
# You can override the included template(s) by including variable overrides
|
||||
# SAST customization: https://docs.gitlab.com/ee/user/application_security/sast/#customizing-the-sast-settings
|
||||
# Secret Detection customization: https://docs.gitlab.com/ee/user/application_security/secret_detection/#customizing-settings
|
||||
# Dependency Scanning customization: https://docs.gitlab.com/ee/user/application_security/dependency_scanning/#customizing-the-dependency-scanning-settings
|
||||
# Note that environment variables can be set in several places
|
||||
# See https://docs.gitlab.com/ee/ci/variables/#cicd-variable-precedence
|
||||
stages:
|
||||
|
@ -507,6 +515,7 @@ RSpec.describe Security::CiConfiguration::SastBuildAction do
|
|||
# You can override the included template(s) by including variable overrides
|
||||
# SAST customization: https://docs.gitlab.com/ee/user/application_security/sast/#customizing-the-sast-settings
|
||||
# Secret Detection customization: https://docs.gitlab.com/ee/user/application_security/secret_detection/#customizing-settings
|
||||
# Dependency Scanning customization: https://docs.gitlab.com/ee/user/application_security/dependency_scanning/#customizing-the-dependency-scanning-settings
|
||||
# Note that environment variables can be set in several places
|
||||
# See https://docs.gitlab.com/ee/ci/variables/#cicd-variable-precedence
|
||||
stages:
|
||||
|
|
|
@ -16,6 +16,7 @@ RSpec.describe Security::CiConfiguration::SecretDetectionBuildAction do
|
|||
# You can override the included template(s) by including variable overrides
|
||||
# SAST customization: https://docs.gitlab.com/ee/user/application_security/sast/#customizing-the-sast-settings
|
||||
# Secret Detection customization: https://docs.gitlab.com/ee/user/application_security/secret_detection/#customizing-settings
|
||||
# Dependency Scanning customization: https://docs.gitlab.com/ee/user/application_security/dependency_scanning/#customizing-the-dependency-scanning-settings
|
||||
# Note that environment variables can be set in several places
|
||||
# See https://docs.gitlab.com/ee/ci/variables/#cicd-variable-precedence
|
||||
stages:
|
||||
|
@ -62,6 +63,7 @@ RSpec.describe Security::CiConfiguration::SecretDetectionBuildAction do
|
|||
# You can override the included template(s) by including variable overrides
|
||||
# SAST customization: https://docs.gitlab.com/ee/user/application_security/sast/#customizing-the-sast-settings
|
||||
# Secret Detection customization: https://docs.gitlab.com/ee/user/application_security/secret_detection/#customizing-settings
|
||||
# Dependency Scanning customization: https://docs.gitlab.com/ee/user/application_security/dependency_scanning/#customizing-the-dependency-scanning-settings
|
||||
# Note that environment variables can be set in several places
|
||||
# See https://docs.gitlab.com/ee/ci/variables/#cicd-variable-precedence
|
||||
stages:
|
||||
|
@ -111,6 +113,7 @@ RSpec.describe Security::CiConfiguration::SecretDetectionBuildAction do
|
|||
# You can override the included template(s) by including variable overrides
|
||||
# SAST customization: https://docs.gitlab.com/ee/user/application_security/sast/#customizing-the-sast-settings
|
||||
# Secret Detection customization: https://docs.gitlab.com/ee/user/application_security/secret_detection/#customizing-settings
|
||||
# Dependency Scanning customization: https://docs.gitlab.com/ee/user/application_security/dependency_scanning/#customizing-the-dependency-scanning-settings
|
||||
# Note that environment variables can be set in several places
|
||||
# See https://docs.gitlab.com/ee/ci/variables/#cicd-variable-precedence
|
||||
include:
|
||||
|
@ -131,6 +134,7 @@ RSpec.describe Security::CiConfiguration::SecretDetectionBuildAction do
|
|||
# You can override the included template(s) by including variable overrides
|
||||
# SAST customization: https://docs.gitlab.com/ee/user/application_security/sast/#customizing-the-sast-settings
|
||||
# Secret Detection customization: https://docs.gitlab.com/ee/user/application_security/secret_detection/#customizing-settings
|
||||
# Dependency Scanning customization: https://docs.gitlab.com/ee/user/application_security/dependency_scanning/#customizing-the-dependency-scanning-settings
|
||||
# Note that environment variables can be set in several places
|
||||
# See https://docs.gitlab.com/ee/ci/variables/#cicd-variable-precedence
|
||||
include:
|
||||
|
|
|
@ -0,0 +1,45 @@
|
|||
# frozen_string_literal: true
|
||||
|
||||
require 'spec_helper'
|
||||
|
||||
require_migration!('delete_legacy_operations_feature_flags')
|
||||
|
||||
RSpec.describe DeleteLegacyOperationsFeatureFlags do
|
||||
let(:namespace) { table(:namespaces).create!(name: 'foo', path: 'bar') }
|
||||
let(:project) { table(:projects).create!(namespace_id: namespace.id) }
|
||||
let(:issue) { table(:issues).create!(id: 123, project_id: project.id) }
|
||||
let(:operations_feature_flags) { table(:operations_feature_flags) }
|
||||
let(:operations_feature_flag_scopes) { table(:operations_feature_flag_scopes) }
|
||||
let(:operations_strategies) { table(:operations_strategies) }
|
||||
let(:operations_scopes) { table(:operations_scopes) }
|
||||
let(:operations_feature_flags_issues) { table(:operations_feature_flags_issues) }
|
||||
|
||||
it 'correctly deletes legacy feature flags' do
|
||||
# Legacy version of a feature flag - dropped support in GitLab 14.0.
|
||||
legacy_flag = operations_feature_flags.create!(project_id: project.id, version: 1, name: 'flag_a', active: true, iid: 1)
|
||||
operations_feature_flag_scopes.create!(feature_flag_id: legacy_flag.id, active: true)
|
||||
operations_feature_flags_issues.create!(feature_flag_id: legacy_flag.id, issue_id: issue.id)
|
||||
# New version of a feature flag.
|
||||
new_flag = operations_feature_flags.create!(project_id: project.id, version: 2, name: 'flag_b', active: true, iid: 2)
|
||||
new_strategy = operations_strategies.create!(feature_flag_id: new_flag.id, name: 'default')
|
||||
operations_scopes.create!(strategy_id: new_strategy.id, environment_scope: '*')
|
||||
operations_feature_flags_issues.create!(feature_flag_id: new_flag.id, issue_id: issue.id)
|
||||
|
||||
expect(operations_feature_flags.all.pluck(:version)).to contain_exactly(1, 2)
|
||||
expect(operations_feature_flag_scopes.count).to eq(1)
|
||||
expect(operations_strategies.count).to eq(1)
|
||||
expect(operations_scopes.count).to eq(1)
|
||||
expect(operations_feature_flags_issues.all.pluck(:feature_flag_id)).to contain_exactly(legacy_flag.id, new_flag.id)
|
||||
|
||||
migrate!
|
||||
|
||||
# Legacy flag is deleted.
|
||||
expect(operations_feature_flags.all.pluck(:version)).to contain_exactly(2)
|
||||
# The associated entries of the legacy flag are deleted too.
|
||||
expect(operations_feature_flag_scopes.count).to eq(0)
|
||||
# The associated entries of the new flag stay instact.
|
||||
expect(operations_strategies.count).to eq(1)
|
||||
expect(operations_scopes.count).to eq(1)
|
||||
expect(operations_feature_flags_issues.all.pluck(:feature_flag_id)).to contain_exactly(new_flag.id)
|
||||
end
|
||||
end
|
|
@ -29,6 +29,32 @@ RSpec.describe API::GroupLabels do
|
|||
let(:expected_labels) { [group_label1.name] }
|
||||
|
||||
it_behaves_like 'fetches labels'
|
||||
|
||||
context 'and is subscribed' do
|
||||
before do
|
||||
group_label1.subscribe(user)
|
||||
end
|
||||
|
||||
it 'returns true' do
|
||||
get api("/groups/#{group.id}/labels?search=#{group_label1.name}", user)
|
||||
|
||||
expect(response).to have_gitlab_http_status(:ok)
|
||||
expect(json_response[0]['subscribed']).to be true
|
||||
end
|
||||
end
|
||||
|
||||
context 'and is unsubscribed' do
|
||||
before do
|
||||
group_label1.unsubscribe(user)
|
||||
end
|
||||
|
||||
it 'returns false' do
|
||||
get api("/groups/#{group.id}/labels?search=#{group_label1.name}", user)
|
||||
|
||||
expect(response).to have_gitlab_http_status(:ok)
|
||||
expect(json_response[0]['subscribed']).to be false
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
context 'when the with_counts parameter is set' do
|
||||
|
|
|
@ -200,6 +200,36 @@ RSpec.describe API::Labels do
|
|||
expect(json_response.map { |l| l['name'] }).to match_array([group_label.name, priority_label.name, label1.name])
|
||||
end
|
||||
|
||||
context 'when search param is provided' do
|
||||
context 'and user is subscribed' do
|
||||
before do
|
||||
priority_label.subscribe(user)
|
||||
end
|
||||
|
||||
it 'returns subscribed true' do
|
||||
get api("/projects/#{project.id}/labels?search=#{priority_label.name}", user)
|
||||
|
||||
expect(response).to have_gitlab_http_status(:ok)
|
||||
expect(json_response[0]['name']).to eq(priority_label.name)
|
||||
expect(json_response[0]['subscribed']).to be true
|
||||
end
|
||||
end
|
||||
|
||||
context 'and user is not subscribed' do
|
||||
before do
|
||||
priority_label.unsubscribe(user)
|
||||
end
|
||||
|
||||
it 'returns subscribed false' do
|
||||
get api("/projects/#{project.id}/labels?search=#{priority_label.name}", user)
|
||||
|
||||
expect(response).to have_gitlab_http_status(:ok)
|
||||
expect(json_response[0]['name']).to eq(priority_label.name)
|
||||
expect(json_response[0]['subscribed']).to be false
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
context 'when the with_counts parameter is set' do
|
||||
before do
|
||||
create(:labeled_issue, project: project, labels: [group_label], author: user)
|
||||
|
|
Loading…
Reference in a new issue