Add latest changes from gitlab-org/gitlab@master

2021-05-31 06:10:40 +00:00 · 2021-05-31 06:10:40 +00:00 · d6ae5ba9df
commit d6ae5ba9df
parent 5fa401a99e
14 changed files with 77 additions and 13 deletions
--- a/.gitlab/ci/docs.gitlab-ci.yml
+++ b/.gitlab/ci/docs.gitlab-ci.yml
@ -10,8 +10,8 @@
    # because some repos are private and CI_JOB_TOKEN cannot access files.
    # See https://gitlab.com/gitlab-org/gitlab/issues/191273
    GIT_DEPTH: 1
-    # By default, deploy the Review App using the `master` branch of the `gitlab-org/gitlab-docs` project
-    DOCS_BRANCH: master
+    # By default, deploy the Review App using the `main` branch of the `gitlab-org/gitlab-docs` project
+    DOCS_BRANCH: main
  environment:
    name: review-docs/mr-${CI_MERGE_REQUEST_IID}
    # DOCS_REVIEW_APPS_DOMAIN and DOCS_GITLAB_REPO_SUFFIX are CI variables
--- a/app/controllers/projects/forks_controller.rb
+++ b/app/controllers/projects/forks_controller.rb
@ -56,7 +56,13 @@ class Projects::ForksController < Projects::ApplicationController
          can_fork_to?(current_user.namespace)

        render json: {
-          namespaces: ForkNamespaceSerializer.new.represent(namespaces, project: project, current_user: current_user, memberships: memberships_hash)
+          namespaces: ForkNamespaceSerializer.new.represent(
+            namespaces,
+            project: project,
+            current_user: current_user,
+            memberships: memberships_hash,
+            forked_projects: forked_projects_by_namespace(namespaces)
+          )
        }
      end
    end
@ -129,6 +135,10 @@ class Projects::ForksController < Projects::ApplicationController
  def memberships_hash
    current_user.members.where(source: load_namespaces_with_associations).index_by(&:source_id)
  end
+
+  def forked_projects_by_namespace(namespaces)
+    project.forks.where(namespace: namespaces).includes(:namespace).index_by(&:namespace_id)
+  end
 end

 Projects::ForksController.prepend_mod_with('Projects::ForksController')
--- a/app/controllers/projects/issues_controller.rb
+++ b/app/controllers/projects/issues_controller.rb
@ -160,7 +160,7 @@ class Projects::IssuesController < Projects::ApplicationController
      new_project = Project.find(params[:move_to_project_id])
      return render_404 unless issue.can_move?(current_user, new_project)

-      @issue = ::Issues::UpdateService.new(project: project, current_user: current_user, params: { target_project: new_project }).execute(issue)
+      @issue = ::Issues::MoveService.new(project: project, current_user: current_user).execute(issue, new_project)
    end

    respond_to do |format|
--- a/app/models/hooks/web_hook.rb
+++ b/app/models/hooks/web_hook.rb
@ -73,6 +73,8 @@ class WebHook < ApplicationRecord
  end

  def enable!
+    return if recent_failures == 0 && disabled_until.nil? && backoff_count == 0
+
    update!(recent_failures: 0, disabled_until: nil, backoff_count: 0)
  end

--- a/app/serializers/fork_namespace_entity.rb
+++ b/app/serializers/fork_namespace_entity.rb
@ -13,7 +13,7 @@ class ForkNamespaceEntity < Grape::Entity
  end

  expose :forked_project_path do |namespace, options|
-    if forked_project = namespace.find_fork_of(options[:project])
+    if forked_project = options.dig(:forked_projects, namespace.id)
      project_path(forked_project)
    end
  end
--- a/doc/administration/troubleshooting/group_saml_scim.md
+++ b/doc/administration/troubleshooting/group_saml_scim.md
@ -42,6 +42,10 @@ SCIM mapping:

 ![Azure AD SCIM](img/AzureAD-scim_attribute_mapping.png)

+Group Sync:
+
+![Azure Group Claims](img/azure_configure_group_claim.png)
+
 ## Okta

 Basic SAML app configuration:
--- a/doc/administration/troubleshooting/img/azure_configure_group_claim.png
+++ b/doc/administration/troubleshooting/img/azure_configure_group_claim.png
--- a/doc/ci/jobs/index.md
+++ b/doc/ci/jobs/index.md
@ -29,7 +29,7 @@ jobs, where each of the jobs executes a different command.
 Of course a command can execute code directly (`./configure;make;make install`)
 or run a script (`test.sh`) in the repository.

-Jobs are picked up by [runners](../runners/README.md) and executed within the
+Jobs are picked up by [runners](../runners/README.md) and executed in the
 environment of the runner. What is important is that each job is run
 independently from each other.

--- a/doc/user/group/saml_sso/index.md
+++ b/doc/user/group/saml_sso/index.md
@ -152,6 +152,10 @@ We recommend:
 - **Unique User Identifier (Name identifier)** set to `user.objectID`.
 - **nameid-format** set to persistent.

+If using [Group Sync](#group-sync), customize the name of the group claim to match the required attribute.
+
+See the [troubleshooting page](../../../administration/troubleshooting/group_saml_scim.md#azure-active-directory) for an example configuration.
+
 ### Okta setup notes

 Please follow the Okta documentation on [setting up a SAML application in Okta](https://developer.okta.com/docs/guides/build-sso-integration/saml2/overview/) with the notes below for consideration.
--- a/doc/user/project/settings/project_access_tokens.md
+++ b/doc/user/project/settings/project_access_tokens.md
@ -81,6 +81,8 @@ the following table.

 ## Enable or disable project access token creation

+> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/287707) in GitLab 13.11.
+
 You may enable or disable project access token creation for all projects in a group in **Group > Settings > General > Permissions, LFS, 2FA > Allow project access token creation**.
 Even when creation is disabled, you can still use and revoke existing project access tokens.
 This setting is available only on top-level groups.
--- a/scripts/trigger-build
+++ b/scripts/trigger-build
@ -255,7 +255,7 @@ module Trigger
    end

    def ref
-      ENV['DOCS_BRANCH'] || 'master'
+      ENV['DOCS_BRANCH'] || 'main'
    end

    # `gitlab-org/gitlab-docs` pipeline trigger "Triggered from gitlab-org/gitlab 'review-docs-deploy' job"
--- a/spec/controllers/projects/forks_controller_spec.rb
+++ b/spec/controllers/projects/forks_controller_spec.rb
@ -195,6 +195,29 @@ RSpec.describe Projects::ForksController do
          expect(json_response['namespaces'].length).to eq(1)
          expect(json_response['namespaces'][0]['id']).to eq(group.id)
        end
+
+        context 'N+1 queries' do
+          before do
+            create(:fork_network, root_project: project)
+          end
+
+          it 'avoids N+1 queries' do
+            do_request = -> { get :new, format: format, params: { namespace_id: project.namespace, project_id: project } }
+
+            # warm up
+            do_request.call
+
+            control = ActiveRecord::QueryRecorder.new { do_request.call }
+
+            create(:group, :public).add_owner(user)
+
+            # TODO: There is another N+1 caused by user.can?(:create_projects, namespace)
+            # Defined in ForkNamespaceEntity
+            extra_count = 1
+
+            expect { do_request.call }.not_to exceed_query_limit(control.count + extra_count)
+          end
+        end
      end
    end

--- a/spec/models/hooks/web_hook_spec.rb
+++ b/spec/models/hooks/web_hook_spec.rb
@ -268,11 +268,29 @@ RSpec.describe WebHook do
  end

  describe '#enable!' do
-    it 'makes a hook executable' do
+    it 'makes a hook executable if it was marked as failed' do
      hook.recent_failures = 1000

      expect { hook.enable! }.to change(hook, :executable?).from(false).to(true)
    end
+
+    it 'makes a hook executable if it is currently backed off' do
+      hook.disabled_until = 1.hour.from_now
+
+      expect { hook.enable! }.to change(hook, :executable?).from(false).to(true)
+    end
+
+    it 'does not update hooks unless necessary' do
+      expect(hook).not_to receive(:update!)
+
+      hook.enable!
+    end
+
+    it 'is idempotent on executable hooks' do
+      expect(hook).not_to receive(:update!)
+
+      expect { hook.enable! }.not_to change(hook, :executable?)
+    end
  end

  describe 'backoff!' do
@ -298,6 +316,7 @@ RSpec.describe WebHook do

    it 'does not allow the failure count to exceed the maximum value' do
      hook.recent_failures = described_class::MAX_FAILURES
+      expect(hook).not_to receive(:update!)

      expect { hook.failed! }.not_to change(hook, :recent_failures)
    end
--- a/spec/serializers/fork_namespace_entity_spec.rb
+++ b/spec/serializers/fork_namespace_entity_spec.rb
@ -9,12 +9,15 @@ RSpec.describe ForkNamespaceEntity do
  let_it_be(:user) { create(:user) }
  let_it_be(:project) { create(:project) }
  let_it_be(:namespace) { create(:group, :with_avatar, description: 'test') }
+  let_it_be(:forked_project) { build(:project) }

  let(:memberships) do
    user.members.index_by(&:source_id)
  end

-  let(:entity) { described_class.new(namespace, current_user: user, project: project, memberships: memberships) }
+  let(:forked_projects) { { namespace.id => forked_project } }
+
+  let(:entity) { described_class.new(namespace, current_user: user, project: project, memberships: memberships, forked_projects: forked_projects) }

  subject(:json) { entity.as_json }

@ -46,10 +49,7 @@ RSpec.describe ForkNamespaceEntity do
  end

  it 'exposes forked_project_path when fork exists in namespace' do
-    namespace.add_maintainer(user)
-    fork_in_namespace = fork_project(project, user, namespace: namespace)
-
-    expect(json[:forked_project_path]).to eql project_path(fork_in_namespace)
+    expect(json[:forked_project_path]).to eql project_path(forked_project)
  end

  it 'exposes relative path to the namespace' do