kotovalexarian-likes-gitlab
/
gitlab-org--gitlab-foss
1
0
Fork 0
Code Releases Activity

Add latest changes from gitlab-org/gitlab@master

This commit is contained in:
GitLab Bot 2022-01-12 12:14:10 +00:00
parent 612dd7d31a
commit da646aac6c
55 changed files with 713 additions and 537 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
.rubocop_todo/rails/save_bang.yml
View File

@ -2,15 +2,6 @@
Rails/SaveBang:
Exclude:
- ee/spec/lib/analytics/merge_request_metrics_calculator_spec.rb
- ee/spec/lib/gitlab/auth/ldap/access_spec.rb
- ee/spec/lib/gitlab/auth/o_auth/user_spec.rb
- ee/spec/lib/gitlab/auth/saml/user_spec.rb
- ee/spec/lib/gitlab/elastic/search_results_spec.rb
- ee/spec/lib/gitlab/email/handler/ee/service_desk_handler_spec.rb
- ee/spec/lib/gitlab/geo_spec.rb
- ee/spec/lib/gitlab/git_access_spec.rb
- ee/spec/lib/gitlab/import_export/group/relation_factory_spec.rb
- ee/spec/lib/gitlab/mirror_spec.rb
- ee/spec/models/application_setting_spec.rb
- ee/spec/models/approval_merge_request_rule_spec.rb
- ee/spec/models/approval_project_rule_spec.rb

1
.rubocop_todo/style/open_struct_use.yml
View File

@ -13,7 +13,6 @@ Style/OpenStructUse:
- lib/gitlab/testing/request_inspector_middleware.rb
- lib/mattermost/session.rb
- spec/controllers/groups/clusters_controller_spec.rb
- spec/controllers/import/gitlab_controller_spec.rb
- spec/controllers/projects/clusters_controller_spec.rb
- spec/factories/go_module_versions.rb
- spec/factories/wiki_pages.rb

2
Gemfile.lock
View File

@ -336,7 +336,7 @@ GEM
ethon (0.15.0)
ffi (>= 1.15.0)
eventmachine (1.2.7)
excon (0.71.1)
excon (0.89.0)
execjs (2.8.1)
expression_parser (0.9.0)
extended-markdown-filter (0.6.0)

7
app/assets/javascripts/behaviors/markdown/render_sandboxed_mermaid.js
View File

@ -31,6 +31,7 @@ const MAX_CHAR_LIMIT = 2000;
const MAX_MERMAID_BLOCK_LIMIT = 50;
// Max # of `&` allowed in Chaining of links syntax
const MAX_CHAINING_OF_LINKS_LIMIT = 30;
const BUFFER_IFRAME_HEIGHT = 10;
// Keep a map of mermaid blocks we've already rendered.
const elsProcessingMap = new WeakMap();
let renderedMermaidBlocks = 0;
@ -117,9 +118,9 @@ function renderMermaidEl(el, source) {
if (event.origin !== 'null' || event.source !== iframeEl.contentWindow) {
return;
}
const { h, w } = event.data;
iframeEl.width = w;
iframeEl.height = h;
const { h } = event.data;
iframeEl.width = '100%';
iframeEl.height = `${h + BUFFER_IFRAME_HEIGHT}px`;
},
false,
);

5
app/assets/javascripts/integrations/edit/components/dynamic_field.vue
View File

@ -153,7 +153,7 @@ export default {
:invalid-feedback="__('This field is required.')"
:state="valid"
>
<template #description>
<template v-if="!isCheckbox" #description>
<span v-safe-html:[$options.helpHtmlConfig]="help"></span>
</template>
@ -161,6 +161,9 @@ export default {
<input :name="fieldName" type="hidden" :value="model || false" />
<gl-form-checkbox :id="fieldId" v-model="model" :disabled="isInheriting">
{{ checkboxLabel || humanizedTitle }}
<template #help>
<span v-safe-html:[$options.helpHtmlConfig]="help"></span>
</template>
</gl-form-checkbox>
</template>
<template v-else-if="isSelect">

15
app/assets/javascripts/main.js
View File

@ -101,6 +101,21 @@ function deferredInitialisation() {
initFeatureHighlight();
initCopyCodeButton();
const helpToggle = document.querySelector('.header-help-dropdown-toggle');
if (helpToggle) {
helpToggle.addEventListener(
'click',
() => {
import(/* webpackChunkName: 'versionCheck' */ './gitlab_version_check')
.then(({ default: initGitlabVersionCheck }) => {
initGitlabVersionCheck();
})
.catch(() => {});
},
{ once: true },
);
}
const search = document.querySelector('#search');
if (search) {
search.addEventListener(

7
app/assets/javascripts/packages_and_registries/container_registry/explorer/components/details_page/details_header.vue
View File

@ -143,6 +143,7 @@ export default {
</template>
<template #right-actions>
<gl-dropdown
v-if="!deleteButtonDisabled"
icon="ellipsis_v"
text="More actions"
:text-sr-only="true"
@ -150,11 +151,7 @@ export default {
no-caret
right
>
<gl-dropdown-item
variant="danger"
:disabled="deleteButtonDisabled"
@click="$emit('delete')"
>
<gl-dropdown-item variant="danger" @click="$emit('delete')">
{{ __('Delete image repository') }}
</gl-dropdown-item>
</gl-dropdown>

14
app/assets/javascripts/repository/components/blob_controls.vue
View File

@ -63,19 +63,25 @@ export default {
},
computed: {
filePath() {
const { path } = this.$route.params;
updateElementsVisibility('.tree-controls', !path);
return path;
return this.$route.params.path;
},
showBlobControls() {
return this.filePath && this.$route.name === 'blobPathDecoded';
},
blobInfo() {
return this.project?.repository?.blobs?.nodes[0] || {};
},
},
watch: {
showBlobControls(shouldShow) {
updateElementsVisibility('.tree-controls', !shouldShow);
},
},
};
</script>
<template>
<div v-if="filePath">
<div v-if="showBlobControls">
<gl-button data-testid="find" :href="blobInfo.findFilePath" :class="$options.buttonClassList">
{{ $options.i18n.findFile }}
</gl-button>

4
app/assets/stylesheets/framework/header.scss
View File

@ -150,7 +150,7 @@ $top-nav-hover-bg: var(--indigo-900-alpha-008, $indigo-900-alpha-008) !important
}
li {
.badge.badge-pill:not(.merge-request-badge) {
.badge.badge-pill:not(.merge-request-badge):not(.version-check-badge) {
box-shadow: none;
font-weight: $gl-font-weight-bold;
}
@ -417,7 +417,7 @@ $top-nav-hover-bg: var(--indigo-900-alpha-008, $indigo-900-alpha-008) !important
.title-container,
.navbar-nav {
.badge.badge-pill:not(.merge-request-badge) {
.badge.badge-pill:not(.merge-request-badge):not(.version-check-badge) {
position: inherit;
font-weight: $gl-font-weight-normal;
margin-left: -6px;

25
app/assets/stylesheets/startup/startup-dark.scss
View File

@ -837,7 +837,7 @@ input {
.container-fluid
.navbar-nav
li
.badge.badge-pill:not(.merge-request-badge) {
.badge.badge-pill:not(.merge-request-badge):not(.version-check-badge) {
box-shadow: none;
font-weight: 600;
}
@ -920,8 +920,10 @@ input {
line-height: 18px;
margin: 4px 0 4px 2px;
}
.title-container .badge.badge-pill:not(.merge-request-badge),
.navbar-nav .badge.badge-pill:not(.merge-request-badge) {
.title-container
.badge.badge-pill:not(.merge-request-badge):not(.version-check-badge),
.navbar-nav
.badge.badge-pill:not(.merge-request-badge):not(.version-check-badge) {
position: inherit;
font-weight: 400;
margin-left: -6px;
@ -932,17 +934,22 @@ input {
border-radius: 7px;
box-shadow: 0 1px 0 rgba(76, 78, 84, 0.2);
}
.title-container .badge.badge-pill:not(.merge-request-badge).green-badge,
.navbar-nav .badge.badge-pill:not(.merge-request-badge).green-badge {
.title-container
.badge.badge-pill:not(.merge-request-badge):not(.version-check-badge).green-badge,
.navbar-nav
.badge.badge-pill:not(.merge-request-badge):not(.version-check-badge).green-badge {
background-color: var(--green-400, #108548);
}
.title-container
.badge.badge-pill:not(.merge-request-badge).merge-requests-count,
.navbar-nav .badge.badge-pill:not(.merge-request-badge).merge-requests-count {
.badge.badge-pill:not(.merge-request-badge):not(.version-check-badge).merge-requests-count,
.navbar-nav
.badge.badge-pill:not(.merge-request-badge):not(.version-check-badge).merge-requests-count {
background-color: var(--orange-400, #ab6100);
}
.title-container .badge.badge-pill:not(.merge-request-badge).todos-count,
.navbar-nav .badge.badge-pill:not(.merge-request-badge).todos-count {
.title-container
.badge.badge-pill:not(.merge-request-badge):not(.version-check-badge).todos-count,
.navbar-nav
.badge.badge-pill:not(.merge-request-badge):not(.version-check-badge).todos-count {
background-color: var(--blue-400, #1f75cb);
}
.title-container .canary-badge .badge,

25
app/assets/stylesheets/startup/startup-general.scss
View File

@ -818,7 +818,7 @@ input {
.container-fluid
.navbar-nav
li
.badge.badge-pill:not(.merge-request-badge) {
.badge.badge-pill:not(.merge-request-badge):not(.version-check-badge) {
box-shadow: none;
font-weight: 600;
}
@ -901,8 +901,10 @@ input {
line-height: 18px;
margin: 4px 0 4px 2px;
}
.title-container .badge.badge-pill:not(.merge-request-badge),
.navbar-nav .badge.badge-pill:not(.merge-request-badge) {
.title-container
.badge.badge-pill:not(.merge-request-badge):not(.version-check-badge),
.navbar-nav
.badge.badge-pill:not(.merge-request-badge):not(.version-check-badge) {
position: inherit;
font-weight: 400;
margin-left: -6px;
@ -913,17 +915,22 @@ input {
border-radius: 7px;
box-shadow: 0 1px 0 rgba(76, 78, 84, 0.2);
}
.title-container .badge.badge-pill:not(.merge-request-badge).green-badge,
.navbar-nav .badge.badge-pill:not(.merge-request-badge).green-badge {
.title-container
.badge.badge-pill:not(.merge-request-badge):not(.version-check-badge).green-badge,
.navbar-nav
.badge.badge-pill:not(.merge-request-badge):not(.version-check-badge).green-badge {
background-color: var(--green-400, #2da160);
}
.title-container
.badge.badge-pill:not(.merge-request-badge).merge-requests-count,
.navbar-nav .badge.badge-pill:not(.merge-request-badge).merge-requests-count {
.badge.badge-pill:not(.merge-request-badge):not(.version-check-badge).merge-requests-count,
.navbar-nav
.badge.badge-pill:not(.merge-request-badge):not(.version-check-badge).merge-requests-count {
background-color: var(--orange-400, #c17d10);
}
.title-container .badge.badge-pill:not(.merge-request-badge).todos-count,
.navbar-nav .badge.badge-pill:not(.merge-request-badge).todos-count {
.title-container
.badge.badge-pill:not(.merge-request-badge):not(.version-check-badge).todos-count,
.navbar-nav
.badge.badge-pill:not(.merge-request-badge):not(.version-check-badge).todos-count {
background-color: var(--blue-400, #428fdc);
}
.title-container .canary-badge .badge,

3
app/controllers/registrations_controller.rb
View File

@ -13,6 +13,9 @@ class RegistrationsController < Devise::RegistrationsController
before_action :ensure_destroy_prerequisites_met, only: [:destroy]
before_action :load_recaptcha, only: :new
before_action :set_invite_params, only: :new
before_action only: [:create] do
check_rate_limit!(:user_sign_up, scope: request.ip) if Feature.enabled?(:rate_limit_user_sign_up_endpoint, default_enabled: :yaml)
end
feature_category :authentication_and_authorization

10
app/helpers/commits_helper.rb
View File

@ -27,10 +27,12 @@ module CommitsHelper
end
def commit_to_html(commit, ref, project)
render 'projects/commits/commit.html',
commit: commit,
ref: ref,
project: project
render partial: 'projects/commits/commit', formats: :html,
locals: {
commit: commit,
ref: ref,
project: project
}
end
# Breadcrumb links for a Project and, if applicable, a tree path

6
app/models/ci/build.rb
View File

@ -268,6 +268,10 @@ module Ci
!build.any_unmet_prerequisites? # If false is returned, it stops the transition
end
before_transition on: :enqueue do |build|
!build.waiting_for_deployment_approval? # If false is returned, it stops the transition
end
after_transition created: :scheduled do |build|
build.run_after_commit do
Ci::BuildScheduleWorker.perform_at(build.scheduled_at, build.id)
@ -424,7 +428,7 @@ module Ci
end
def playable?
action? && !archived? && (manual? || scheduled? || retryable?)
action? && !archived? && (manual? || scheduled? || retryable?) && !waiting_for_deployment_approval?
end
def waiting_for_deployment_approval?

14
app/models/ci/pipeline.rb
View File

@ -467,15 +467,11 @@ module Ci
end
def tags_count
if tag_counts_enabled?
ActsAsTaggableOn::Tagging.where(taggable: builds).count
end
ActsAsTaggableOn::Tagging.where(taggable: builds).count
end
def distinct_tags_count
if tag_counts_enabled?
ActsAsTaggableOn::Tagging.where(taggable: builds).count('distinct(tag_id)')
end
ActsAsTaggableOn::Tagging.where(taggable: builds).count('distinct(tag_id)')
end
def stages_names
@ -1352,12 +1348,6 @@ module Ci
::Gitlab::Ci::PipelineObjectHierarchy
.new(self.class.unscoped.where(id: id), options: options)
end
def tag_counts_enabled?
strong_memoize(:tag_counts_enabled) do
::Feature.enabled?(:ci_pipeline_logger_tags_count, project, default_enabled: :yaml)
end
end
end
end

4
app/models/deployment.rb
View File

@ -70,6 +70,10 @@ class Deployment < ApplicationRecord
transition created: :blocked
end
event :unblock do
transition blocked: :created
end
event :succeed do
transition any - [:success] => :success
end

6
app/services/ci/pipelines/add_job_service.rb
View File

@ -39,6 +39,12 @@ module Ci
job.pipeline = pipeline
job.project = pipeline.project
job.ref = pipeline.ref
# update metadata since it might have been lazily initialised before this call
# metadata is present on `Ci::Processable`
if job.respond_to?(:metadata) && job.metadata
job.metadata.project = pipeline.project
end
end
end
end

11
app/views/layouts/header/_gitlab_version.html.haml Normal file
View File

@ -0,0 +1,11 @@
- return unless show_version_check?
.gl-display-flex.gl-flex-direction-column.gl-px-4.gl-py-3
%span
= s_("VersionCheck|Your GitLab Version")
= emoji_icon('rocket')
%span
%span.gl-font-sm.gl-text-gray-500
#{Gitlab.version_info.major}.#{Gitlab.version_info.minor}
%span.gl-ml-2
.js-gitlab-version-check{ data: { "size": "sm" } }

1
app/views/layouts/header/_help_dropdown.html.haml
View File

@ -1,5 +1,6 @@
%ul
- if current_user_menu?(:help)
= render 'layouts/header/gitlab_version'
= render 'layouts/header/whats_new_dropdown_item'
%li
= link_to _("Help"), help_path

2
app/workers/all_queues.yml
View File

@ -1539,7 +1539,7 @@
:tags: []
- :name: pipeline_creation:ci_external_pull_requests_create_pipeline
:worker_name: Ci::ExternalPullRequests::CreatePipelineWorker
:feature_category: :pipeline_authoring
:feature_category: :continuous_integration
:has_external_dependencies:
:urgency: :high
:resource_boundary: :cpu

2
app/workers/ci/external_pull_requests/create_pipeline_worker.rb
View File

@ -7,7 +7,7 @@ module Ci
data_consistency :always
queue_namespace :pipeline_creation
feature_category :pipeline_authoring
feature_category :continuous_integration
urgency :high
worker_resource_boundary :cpu

8
config/feature_flags/development/ci_pipeline_logger_tags_count.yml
View File

@ -1,8 +0,0 @@
---
name: ci_pipeline_logger_tags_count
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/77112
rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/348967
milestone: '14.7'
type: development
group: group::pipeline execution
default_enabled: false

8
config/feature_flags/development/ci_pipeline_logger_sql_count.yml → config/feature_flags/development/rate_limit_user_sign_up_endpoint.yml
View File

@ -1,8 +1,8 @@
---
name: ci_pipeline_logger_sql_count
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/77117
rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/346246
name: rate_limit_user_sign_up_endpoint
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/77835
rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/349843
milestone: '14.7'
type: development
group: group::pipeline execution
group: group::optimize
default_enabled: false

287
doc/administration/geo/replication/troubleshooting.md
View File

@ -6,14 +6,14 @@ info: To determine the technical writer assigned to the Stage/Group associated w
# Troubleshooting Geo **(PREMIUM SELF)**
Setting up Geo requires careful attention to details and sometimes it's easy to
Setting up Geo requires careful attention to details, and sometimes it's easy to
miss a step.
Here is a list of steps you should take to attempt to fix problem:
- Perform [basic troubleshooting](#basic-troubleshooting).
- Fix any [replication errors](#fixing-replication-errors).
- Fix any [common](#fixing-common-errors) errors.
1. Perform [basic troubleshooting](#basic-troubleshooting).
1. Fix any [replication errors](#fixing-replication-errors).
1. Fix any [common](#fixing-common-errors) errors.
## Basic troubleshooting
@ -40,11 +40,11 @@ to help identify if something is wrong:
![Geo health check](img/geo_site_health_v14_0.png)
For information on how to resolve common errors reported from the UI, see
[Fixing Common Errors](#fixing-common-errors).
For information about how to resolve common error messages reported from the user interface,
see [Fixing Common Errors](#fixing-common-errors).
If the UI is not working, or you are unable to log in, you can run the Geo
health check manually to get this information as well as a few more details.
If the user interface is not working, or you are unable to sign in, you can run the Geo
health check manually to get this information and a few more details.
#### Health check Rake task
@ -172,116 +172,122 @@ HINT: Close open transactions soon to avoid wraparound problems.
You might also need to commit or roll back old prepared transactions, or drop stale replication slots.
```
To fix this, do the following:
To fix this:
1. [Connect to the primary database](https://docs.gitlab.com/omnibus/settings/database.html#connecting-to-the-bundled-postgresql-database).
1. Run `SELECT * FROM pg_replication_slots;`.
1. Note the `slot_name` that reports `active` as `f` (false).
1. Follow [all these steps to remove that Geo site](remove_geo_site.md).
Note the `slot_name` that reports `active` as `f` (false).
1. Follow [the steps to remove that Geo site](remove_geo_site.md).
## Fixing errors found when running the Geo check Rake task
When running this Rake task, you may see errors if the nodes are not properly configured:
When running this Rake task, you may see error messages if the nodes are not properly configured:
```shell
sudo gitlab-rake gitlab:geo:check
```
1. Rails did not provide a password when connecting to the database
- Rails did not provide a password when connecting to the database.
```plaintext
Checking Geo ...
```plaintext
Checking Geo ...
GitLab Geo is available ... Exception: fe_sendauth: no password supplied
GitLab Geo is enabled ... Exception: fe_sendauth: no password supplied
...
Checking Geo ... Finished
```
GitLab Geo is available ... Exception: fe_sendauth: no password supplied
GitLab Geo is enabled ... Exception: fe_sendauth: no password supplied
...
Checking Geo ... Finished
```
- Ensure that you have the `gitlab_rails['db_password']` set to the plain text-password used when creating the hash for `postgresql['sql_user_password']`.
Ensure you have the `gitlab_rails['db_password']` set to the plain-text
password used when creating the hash for `postgresql['sql_user_password']`.
1. Rails is unable to connect to the database
- Rails is unable to connect to the database.
```plaintext
Checking Geo ...
```plaintext
Checking Geo ...
GitLab Geo is available ... Exception: FATAL: no pg_hba.conf entry for host "1.1.1.1", user "gitlab", database "gitlabhq_production", SSL on
FATAL: no pg_hba.conf entry for host "1.1.1.1", user "gitlab", database "gitlabhq_production", SSL off
GitLab Geo is enabled ... Exception: FATAL: no pg_hba.conf entry for host "1.1.1.1", user "gitlab", database "gitlabhq_production", SSL on
FATAL: no pg_hba.conf entry for host "1.1.1.1", user "gitlab", database "gitlabhq_production", SSL off
...
Checking Geo ... Finished
```
GitLab Geo is available ... Exception: FATAL: no pg_hba.conf entry for host "1.1.1.1", user "gitlab", database "gitlabhq_production", SSL on
FATAL: no pg_hba.conf entry for host "1.1.1.1", user "gitlab", database "gitlabhq_production", SSL off
GitLab Geo is enabled ... Exception: FATAL: no pg_hba.conf entry for host "1.1.1.1", user "gitlab", database "gitlabhq_production", SSL on
FATAL: no pg_hba.conf entry for host "1.1.1.1", user "gitlab", database "gitlabhq_production", SSL off
...
Checking Geo ... Finished
```
- Ensure that you have the IP address of the rails node included in `postgresql['md5_auth_cidr_addresses']`.
- Ensure that you have included the subnet mask on the IP address: `postgresql['md5_auth_cidr_addresses'] = ['1.1.1.1/32']`.
Ensure you have the IP address of the rails node included in `postgresql['md5_auth_cidr_addresses']`.
Also, ensure you have included the subnet mask on the IP address: `postgresql['md5_auth_cidr_addresses'] = ['1.1.1.1/32']`.
1. Rails has supplied the incorrect password
- Rails has supplied the incorrect password.
```plaintext
Checking Geo ...
GitLab Geo is available ... Exception: FATAL: password authentication failed for user "gitlab"
FATAL: password authentication failed for user "gitlab"
GitLab Geo is enabled ... Exception: FATAL: password authentication failed for user "gitlab"
FATAL: password authentication failed for user "gitlab"
...
Checking Geo ... Finished
```
```plaintext
Checking Geo ...
GitLab Geo is available ... Exception: FATAL: password authentication failed for user "gitlab"
FATAL: password authentication failed for user "gitlab"
GitLab Geo is enabled ... Exception: FATAL: password authentication failed for user "gitlab"
FATAL: password authentication failed for user "gitlab"
...
Checking Geo ... Finished
```
- Verify the correct password is set for `gitlab_rails['db_password']` that was used when creating the hash in `postgresql['sql_user_password']` by running `gitlab-ctl pg-password-md5 gitlab` and entering the password.
Verify the correct password is set for `gitlab_rails['db_password']` that was
used when creating the hash in `postgresql['sql_user_password']` by running
`gitlab-ctl pg-password-md5 gitlab` and entering the password.
1. Check returns `not a secondary node`
- Check returns `not a secondary node`.
```plaintext
Checking Geo ...
```plaintext
Checking Geo ...
GitLab Geo is available ... yes
GitLab Geo is enabled ... yes
GitLab Geo secondary database is correctly configured ... not a secondary node
Database replication enabled? ... not a secondary node
...
Checking Geo ... Finished
```
GitLab Geo is available ... yes
GitLab Geo is enabled ... yes
GitLab Geo secondary database is correctly configured ... not a secondary node
Database replication enabled? ... not a secondary node
...
Checking Geo ... Finished
```
- Ensure that you have added the secondary node in the Admin Area of the **primary** node.
- Ensure that you entered the `external_url` or `gitlab_rails['geo_node_name']` when adding the secondary node in the Admin Area of the **primary** node.
- Prior to GitLab 12.4, edit the secondary node in the Admin Area of the **primary** node and ensure that there is a trailing `/` in the `Name` field.
Ensure you have added the secondary node in the Admin Area of the **primary** node.
Also ensure you entered the `external_url` or `gitlab_rails['geo_node_name']`
when adding the secondary node in the Admin Area of the **primary** node.
In GitLab 12.3 and earlier, edit the secondary node in the Admin Area of the **primary**
node and ensure that there is a trailing `/` in the `Name` field.
1. Check returns `Exception: PG::UndefinedTable: ERROR: relation "geo_nodes" does not exist`
- Check returns `Exception: PG::UndefinedTable: ERROR: relation "geo_nodes" does not exist`.
```plaintext
Checking Geo ...
```plaintext
Checking Geo ...
GitLab Geo is available ... no
Try fixing it:
Upload a new license that includes the GitLab Geo feature
For more information see:
https://about.gitlab.com/features/gitlab-geo/
GitLab Geo is enabled ... Exception: PG::UndefinedTable: ERROR: relation "geo_nodes" does not exist
LINE 8: WHERE a.attrelid = '"geo_nodes"'::regclass
GitLab Geo is available ... no
Try fixing it:
Upload a new license that includes the GitLab Geo feature
For more information see:
https://about.gitlab.com/features/gitlab-geo/
GitLab Geo is enabled ... Exception: PG::UndefinedTable: ERROR: relation "geo_nodes" does not exist
LINE 8: WHERE a.attrelid = '"geo_nodes"'::regclass
^
: SELECT a.attname, format_type(a.atttypid, a.atttypmod),
pg_get_expr(d.adbin, d.adrelid), a.attnotnull, a.atttypid, a.atttypmod,
c.collname, col_description(a.attrelid, a.attnum) AS comment
FROM pg_attribute a
LEFT JOIN pg_attrdef d ON a.attrelid = d.adrelid AND a.attnum = d.adnum
LEFT JOIN pg_type t ON a.atttypid = t.oid
LEFT JOIN pg_collation c ON a.attcollation = c.oid AND a.attcollation <> t.typcollation
WHERE a.attrelid = '"geo_nodes"'::regclass
AND a.attnum > 0 AND NOT a.attisdropped
ORDER BY a.attnum
...
Checking Geo ... Finished
```
: SELECT a.attname, format_type(a.atttypid, a.atttypmod),
pg_get_expr(d.adbin, d.adrelid), a.attnotnull, a.atttypid, a.atttypmod,
c.collname, col_description(a.attrelid, a.attnum) AS comment
FROM pg_attribute a
LEFT JOIN pg_attrdef d ON a.attrelid = d.adrelid AND a.attnum = d.adnum
LEFT JOIN pg_type t ON a.atttypid = t.oid
LEFT JOIN pg_collation c ON a.attcollation = c.oid AND a.attcollation <> t.typcollation
WHERE a.attrelid = '"geo_nodes"'::regclass
AND a.attnum > 0 AND NOT a.attisdropped
ORDER BY a.attnum
...
Checking Geo ... Finished
```
When performing a PostgreSQL major version (9 > 10) update this is expected. Follow:
- [initiate-the-replication-process](../setup/database.md#step-3-initiate-the-replication-process)
When performing a PostgreSQL major version (9 > 10) update this is expected. Follow
the [initiate-the-replication-process](../setup/database.md#step-3-initiate-the-replication-process).
## Fixing replication errors
The following sections outline troubleshooting steps for fixing replication
errors (indicated by `Database replication working? ... no` in the
error messages (indicated by `Database replication working? ... no` in the
[`geo:check` output](#health-check-rake-task).
### Message: `ERROR: replication slots can only be used if max_replication_slots > 0`?
@ -304,7 +310,7 @@ process](../setup/database.md) on the **secondary** node .
### Message: "Command exceeded allowed execution time" when setting up replication?
This may happen while [initiating the replication process](../setup/database.md#step-3-initiate-the-replication-process) on the **secondary** node,
and indicates that your initial dataset is too large to be replicated in the default timeout (30 minutes).
and indicates your initial dataset is too large to be replicated in the default timeout (30 minutes).
Re-run `gitlab-ctl replicate-geo-database`, but include a larger value for
`--backup-timeout`:
@ -318,7 +324,7 @@ sudo gitlab-ctl \
```
This gives the initial replication up to six hours to complete, rather than
the default thirty minutes. Adjust as required for your installation.
the default 30 minutes. Adjust as required for your installation.
### Message: "PANIC: could not write to file `pg_xlog/xlogtemp.123`: No space left on device"
@ -334,7 +340,7 @@ log data to build up in `pg_xlog`. Removing the unused slots can reduce the amou
NOTE:
Using `gitlab-rails dbconsole` does not work, because managing replication slots requires superuser permissions.
1. View your replication slots with:
1. View your replication slots:
```sql
SELECT * FROM pg_replication_slots;
@ -343,7 +349,7 @@ log data to build up in `pg_xlog`. Removing the unused slots can reduce the amou
Slots where `active` is `f` are not active.
- When this slot should be active, because you have a **secondary** node configured using that slot,
log in to that **secondary** node and check the [PostgreSQL logs](../../logs.md#postgresql-logs)
sign in to that **secondary** node and check the [PostgreSQL logs](../../logs.md#postgresql-logs)
to view why the replication is not running.
- If you are no longer using the slot (for example, you no longer have Geo enabled), you can remove it with in the
@ -355,11 +361,11 @@ Slots where `active` is `f` are not active.
### Message: "ERROR: canceling statement due to conflict with recovery"
This error occurs infrequently under normal usage, and the system is resilient
This error message occurs infrequently under normal usage, and the system is resilient
enough to recover.
However, under certain conditions, some database queries on secondaries may run
excessively long, which increases the frequency of this error. This can lead to a situation
excessively long, which increases the frequency of this error message. This can lead to a situation
where some queries never complete due to being canceled on every replication.
These long-running queries are
@ -426,7 +432,7 @@ If large repositories are affected by this problem,
their resync may take a long time and cause significant load on your Geo nodes,
storage and network systems.
If you get the error `Synchronization failed - Error syncing repository` along with the following log messages, this indicates that the expected `geo` remote is not present in the `.git/config` file
If you get the error message `Synchronization failed - Error syncing repository` along with the following log messages, this indicates that the expected `geo` remote is not present in the `.git/config` file
of a repository on the secondary Geo node's file system:
```json
@ -449,11 +455,11 @@ of a repository on the secondary Geo node's file system:
To solve this:
1. Log into the secondary Geo node.
1. Sign in to the secondary Geo node.
1. Back up [the `.git` folder](../../repository_storage_types.md#translate-hashed-storage-paths).
1. Optional: [Spot-check](../../troubleshooting/log_parsing.md#find-all-projects-affected-by-a-fatal-git-problem)
1. Optional. [Spot-check](../../troubleshooting/log_parsing.md#find-all-projects-affected-by-a-fatal-git-problem)
a few of those IDs whether they indeed correspond
to a project with known Geo replication failures.
Use `fatal: 'geo'` as the `grep` term and the following API call:
@ -488,18 +494,19 @@ GitLab places a timeout on all repository clones, including project imports
and Geo synchronization operations. If a fresh `git clone` of a repository
on the **primary** takes more than the default three hours, you may be affected by this.
To increase the timeout, add the following line to `/etc/gitlab/gitlab.rb`
on the **secondary** node:
To increase the timeout:
```ruby
gitlab_rails['gitlab_shell_git_timeout'] = 14400
```
1. On the **secondary** node, add the following line to `/etc/gitlab/gitlab.rb`:
Then reconfigure GitLab:
```ruby
gitlab_rails['gitlab_shell_git_timeout'] = 14400
```
```shell
sudo gitlab-ctl reconfigure
```
1. Reconfigure GitLab:
```shell
sudo gitlab-ctl reconfigure
```
This increases the timeout to four hours (14400 seconds). Choose a time
long enough to accommodate a full clone of your largest repositories.
@ -510,7 +517,7 @@ If new LFS objects are never replicated to secondary Geo nodes, check the versio
GitLab you are running. GitLab versions 11.11.x or 12.0.x are affected by
[a bug that results in new LFS objects not being replicated to Geo secondary nodes](https://gitlab.com/gitlab-org/gitlab/-/issues/32696).
To resolve the issue, upgrade to GitLab 12.1 or newer.
To resolve the issue, upgrade to GitLab 12.1 or later.
### Failures during backfill
@ -522,7 +529,7 @@ of the backfill queue, therefore these failures only clear up **after** the back
If you get a **secondary** node in a broken state and want to reset the replication state,
to start again from scratch, there are a few steps that can help you:
1. Stop Sidekiq and the Geo LogCursor
1. Stop Sidekiq and the Geo LogCursor.
It's possible to make Sidekiq stop gracefully, but making it stop getting new jobs and
wait until the current jobs to finish processing.
@ -545,7 +552,7 @@ to start again from scratch, there are a few steps that can help you:
gitlab-ctl tail sidekiq
```
1. Rename repository storage folders and create new ones. If you are not concerned about possible orphaned directories and files, then you can simply skip this step.
1. Rename repository storage folders and create new ones. If you are not concerned about possible orphaned directories and files, you can skip this step.
```shell
mv /var/opt/gitlab/git-data/repositories /var/opt/gitlab/git-data/repositories.old
@ -557,14 +564,14 @@ to start again from scratch, there are a few steps that can help you:
You may want to remove the `/var/opt/gitlab/git-data/repositories.old` in the future
as soon as you confirmed that you don't need it anymore, to save disk space.
1. Optional. Rename other data folders and create new ones
1. Optional. Rename other data folders and create new ones.
WARNING:
You may still have files on the **secondary** node that have been removed from the **primary** node, but this
removal has not been reflected. If you skip this step, these files are not removed at all from the Geo node.
removal has not been reflected. If you skip this step, these files are not removed from the Geo node.
Any uploaded content like file attachments, avatars or LFS objects are stored in a
subfolder in one of the two paths below:
Any uploaded content (like file attachments, avatars, or LFS objects) is stored in a
subfolder in one of these paths:
- `/var/opt/gitlab/gitlab-rails/shared`
- `/var/opt/gitlab/gitlab-rails/uploads`
@ -591,7 +598,7 @@ to start again from scratch, there are a few steps that can help you:
gitlab-ctl reconfigure
```
1. Reset the Tracking Database
1. Reset the Tracking Database.
```shell
gitlab-rake geo:db:drop # on a secondary app node
@ -599,7 +606,7 @@ to start again from scratch, there are a few steps that can help you:
gitlab-rake geo:db:setup # on a secondary app node
```
1. Restart previously stopped services
1. Restart previously stopped services.
```shell
gitlab-ctl start
@ -609,10 +616,10 @@ to start again from scratch, there are a few steps that can help you:
On the top bar, under **Menu > Admin > Geo > Nodes**,
if the Design repositories progress bar shows
`Synced` and `Failed` greater than 100%, and negative `Queued`, then the instance
`Synced` and `Failed` greater than 100%, and negative `Queued`, the instance
is likely affected by
[a bug in GitLab 13.2 and 13.3](https://gitlab.com/gitlab-org/gitlab/-/issues/241668).
It was [fixed in 13.4+](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/40643).
It was [fixed in GitLab 13.4 and later](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/40643).
To determine the actual replication status of design repositories in
a [Rails console](../../operations/rails_console.md):
@ -663,7 +670,7 @@ determine the actual replication status of Design repositories.
`gitlab-ctl promote-to-primary-node` fails since it runs preflight checks.
If the [previous snippet](#design-repository-failures-on-mirrored-projects-and-project-imports)
shows that all designs are synced, then you can use the
shows that all designs are synced, you can use the
`--skip-preflight-checks` option or the `--force` option to move forward with
promotion.
@ -676,9 +683,9 @@ determine the actual replication status of Design repositories.
### Sync failure message: "Verification failed with: Error during verification: File is not checksummable"
Until GitLab 14.6, certain data types which were missing on the Geo primary site were marked as "synced" on Geo secondary sites. This was because from the perspective of Geo secondary sites, the state matched the primary site and nothing more could be done on secondary sites.
In GitLab 14.5 and earlier, certain data types which were missing on the Geo primary site were marked as "synced" on Geo secondary sites. This was because from the perspective of Geo secondary sites, the state matched the primary site and nothing more could be done on secondary sites.
Secondaries would regularly try to sync these files again via the "verification" feature:
Secondaries would regularly try to sync these files again by using the "verification" feature:
- Verification fails since the file doesn't exist.
- The file is marked "sync failed".
@ -703,11 +710,11 @@ After confirming this is the problem, the files on the primary site need to be f
- A non-atomic backup was restored.
- Services or servers or network infrastructure was interrupted/restarted during use.
The appropriate action sometimes depends on the cause. For example, you can remount an NFS share. Often, a root cause may not be apparent or not useful to discover. If you have regular backups, then it may be expedient to look through them and pull files from there.
The appropriate action sometimes depends on the cause. For example, you can remount an NFS share. Often, a root cause may not be apparent or not useful to discover. If you have regular backups, it may be expedient to look through them and pull files from there.
In some cases, a file may be determined to be of low value, and so it may be worth deleting the record.
Geo itself is an excellent mitigation for files missing on the primary. If a file disappears on the primary but it was already synced to the secondary, then you can grab the secondary's file. In cases like this, the `File is not checksummable` error will not occur on Geo secondary sites, and only the primary will log this error.
Geo itself is an excellent mitigation for files missing on the primary. If a file disappears on the primary but it was already synced to the secondary, you can grab the secondary's file. In cases like this, the `File is not checksummable` error message will not occur on Geo secondary sites, and only the primary will log this error message.
This problem is more likely to show up in Geo secondary sites which were set up long after the original GitLab site. In this case, Geo is only surfacing an existing problem.
@ -725,17 +732,19 @@ This behavior affects only the following data types through GitLab 14.6:
| Uploads | 14.6 |
| CI Job Artifacts | 14.6 |
[Since GitLab 14.7, files which are missing on the primary site are now treated as sync failures](https://gitlab.com/gitlab-org/gitlab/-/issues/348745) in order to make Geo visibly surface data loss risks. The sync/verification loop is therefore short-circuited. `last_sync_failure` is now set to `The file is missing on the Geo primary site`.
[Since GitLab 14.7, files that are missing on the primary site are now treated as sync failures](https://gitlab.com/gitlab-org/gitlab/-/issues/348745)
to make Geo visibly surface data loss risks. The sync/verification loop is
therefore short-circuited. `last_sync_failure` is now set to `The file is missing on the Geo primary site`.
## Fixing errors during a failover or when promoting a secondary to a primary node
The following are possible errors that might be encountered during failover or
The following are possible error messages that might be encountered during failover or
when promoting a secondary to a primary node with strategies to resolve them.
### Message: ActiveRecord::RecordInvalid: Validation failed: Name has already been taken
When [promoting a **secondary** site](../disaster_recovery/index.md#step-3-promoting-a-secondary-site),
you might encounter the following error:
you might encounter the following error message:
```plaintext
Running gitlab-rake geo:set_secondary_as_primary...
@ -763,7 +772,7 @@ or `gitlab-ctl promote-to-primary-node`, either:
Rake::Task['geo:set_secondary_as_primary'].invoke
```
- Upgrade to GitLab 12.6.3 or newer if it is safe to do so. For example,
- Upgrade to GitLab 12.6.3 or later if it is safe to do so. For example,
if the failover was just a test. A [caching-related
bug](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/22021) was
fixed.
@ -771,8 +780,8 @@ or `gitlab-ctl promote-to-primary-node`, either:
### Message: ActiveRecord::RecordInvalid: Validation failed: Enabled Geo primary node cannot be disabled
If you disabled a secondary node, either with the [replication pause task](../index.md#pausing-and-resuming-replication)
(13.2) or by using the user interface (13.1 and earlier), you must first
re-enable the node before you can continue. This is fixed in 13.4.
(GitLab 13.2) or by using the user interface (GitLab 13.1 and earlier), you must first
re-enable the node before you can continue. This is fixed in GitLab 13.4.
This can be fixed in the database.
@ -798,12 +807,12 @@ This can be fixed in the database.
UPDATE geo_nodes SET enabled = true WHERE url = 'https://<secondary url>/' AND enabled = false;"
```
This should update 1 row.
This should update one row.
### Message: ``NoMethodError: undefined method `secondary?' for nil:NilClass``
When [promoting a **secondary** site](../disaster_recovery/index.md#step-3-promoting-a-secondary-site),
you might encounter the following error:
you might encounter the following error message:
```plaintext
sudo gitlab-rake geo:set_secondary_as_primary
@ -818,7 +827,7 @@ Tasks: TOP => geo:set_secondary_as_primary
(See full trace by running task with --trace)
```
This command is intended to be executed on a secondary site only, and this error
This command is intended to be executed on a secondary site only, and this error message
is displayed if you attempt to run this command on a primary site.
### Message: `sudo: gitlab-pg-ctl: command not found`
@ -840,7 +849,7 @@ In this case, the workaround is to use the full path to the binary, for example:
sudo /opt/gitlab/embedded/bin/gitlab-pg-ctl promote
```
GitLab 12.9 and later are [unaffected by this error](https://gitlab.com/gitlab-org/omnibus-gitlab/-/issues/5147).
GitLab 12.9 and later are [unaffected by this error message](https://gitlab.com/gitlab-org/omnibus-gitlab/-/issues/5147).
### Message: `ERROR - Replication is not up-to-date` during `gitlab-ctl promotion-preflight-checks`
@ -858,7 +867,7 @@ shows that it is complete, you can add `--skip-preflight-checks` to make the com
### Errors when using `--skip-preflight-checks` or `--force`
Before GitLab 13.5, you could bump into one of the following errors when using
In GitLab 13.4 and earlier, you could receive one of the following error messages when using
`--skip-preflight-checks` or `--force`:
```plaintext
@ -868,7 +877,7 @@ get_ctl_options': invalid option: --force (OptionParser::InvalidOption)
```
This can happen with XFS or file systems that list files in lexical order, because the
load order of the Omnibus command files can be different than expected, and a global function would get redefined.
load order of the Omnibus GitLab command files can be different than expected, and a global function would get redefined.
More details can be found in [the related issue](https://gitlab.com/gitlab-org/omnibus-gitlab/-/issues/6076).
The workaround is to manually run the preflight checks and promote the database, by running
@ -894,8 +903,8 @@ registry record related to the orphan files on disk.
### Message: The redirect URI included is not valid
If you are able to log in to the **primary** node, but you receive this error
when attempting to log into a **secondary**, you should check that the Geo
If you are able to sign in to the **primary** node, but you receive this error message
when attempting to sign in to a **secondary**, you should verify the Geo
node's URL matches its external URL.
On the **primary** node:
@ -909,7 +918,7 @@ On the **primary** node:
## Fixing common errors
This section documents common errors reported in the Admin Area and how to fix them.
This section documents common error messages reported in the Admin Area, and how to fix them.
### Geo database configuration file is missing
@ -930,7 +939,7 @@ It is safest to use a fresh secondary, or reset the whole secondary by following
### Geo node has a database that is writable which is an indication it is not configured for replication with the primary node
This error refers to a problem with the database replica on a **secondary** node,
This error message refers to a problem with the database replica on a **secondary** node,
which Geo expects to have access to. It usually means, either:
- An unsupported replication method was used (for example, logical replication).
@ -943,7 +952,7 @@ Geo **secondary** sites require two separate PostgreSQL instances:
- A read-only replica of the **primary** node.
- A regular, writable instance that holds replication metadata. That is, the Geo tracking database.
This error indicates that the replica database in the **secondary** site is misconfigured and replication has stopped.
This error message indicates that the replica database in the **secondary** site is misconfigured and replication has stopped.
To restore the database and resume replication, you can do one of the following:
@ -979,7 +988,7 @@ This can be caused by orphaned records in the project registry. You can clear th
### Geo Admin Area returns 404 error for a secondary node
Sometimes `sudo gitlab-rake gitlab:geo:check` indicates that the **secondary** node is
healthy, but a 404 error for the **secondary** node is returned in the Geo Admin Area on
healthy, but a 404 Not Found error message for the **secondary** node is returned in the Geo Admin Area on
the **primary** node.
To resolve this issue:
@ -997,7 +1006,7 @@ If using a load balancer, ensure that the load balancer's URL is set as the `ext
### Geo Admin Area shows 'Unhealthy' after enabling Maintenance Mode
In GitLab 13.9 through GitLab 14.3, when [GitLab Maintenance Mode](../../maintenance_mode/index.md) is enabled, the status of Geo secondary sites will stop getting updated. After 10 minutes, the status will become `Unhealthy`.
In GitLab 13.9 through GitLab 14.3, when [GitLab Maintenance Mode](../../maintenance_mode/index.md) is enabled, the status of Geo secondary sites will stop getting updated. After 10 minutes, the status changes to `Unhealthy`.
Geo secondary sites will continue to replicate and verify data, and the secondary sites should still be usable. You can use the [Sync status Rake task](#sync-status-rake-task) to determine the actual status of a secondary site during Maintenance Mode.
@ -1006,7 +1015,7 @@ This bug was [fixed in GitLab 14.4](https://gitlab.com/gitlab-org/gitlab/-/issue
### GitLab Pages return 404 errors after promoting
This is due to [Pages data not being managed by Geo](datatypes.md#limitations-on-replicationverification).
Find advice to resolve those errors in the
Find advice to resolve those error messages in the
[Pages administration documentation](../../../administration/pages/index.md#404-error-after-promoting-a-geo-secondary-to-a-primary-node).
## Fixing client errors
@ -1017,4 +1026,4 @@ You may have problems if you're running a version of [Git LFS](https://git-lfs.g
As noted in [this authentication issue](https://github.com/git-lfs/git-lfs/issues/3025),
requests redirected from the secondary to the primary node do not properly send the
Authorization header. This may result in either an infinite `Authorization <-> Redirect`
loop, or Authorization errors.
loop, or Authorization error messages.

14
doc/administration/reference_architectures/index.md
View File

@ -212,12 +212,12 @@ Note the following about the testing process:
| Reference<br/>Architecture<br/>Size | Bare-Metal | GCP | AWS | Azure |
|-----------------------------|------------|-----|-----|-------|
| 1k | <i>Refer to GCP<sup>1</sup><i/> | [Standard - Weekly](https://gitlab.com/gitlab-org/quality/performance/-/wikis/Benchmarks/Latest/1k)<sup>1</sup> | - | - |
| 2k | <i>Refer to GCP<sup>1</sup><i/> | [Standard - Weekly](https://gitlab.com/gitlab-org/quality/performance/-/wikis/Benchmarks/Latest/2k)<sup>1</sup> | - | - |
| 3k | <i>Refer to GCP<sup>1</sup><i/> | [Standard - Weekly](https://gitlab.com/gitlab-org/quality/performance/-/wikis/Benchmarks/Latest/3k)<sup>1</sup> | - | - |
| 5k | <i>Refer to GCP<sup>1</sup><i/> | [Standard - Weekly](https://gitlab.com/gitlab-org/quality/performance/-/wikis/Benchmarks/Latest/5k)<sup>1</sup> | - | - |
| 10k | <i>Refer to GCP<sup>1</sup><i/> | [Standard - Daily](https://gitlab.com/gitlab-org/quality/performance/-/wikis/Benchmarks/Latest/10k)<sup>1</sup> <br/> [Standard (inc Cloud Services) - Ad-Hoc](https://gitlab.com/gitlab-org/quality/performance/-/wikis/Past-Results/10k) <br/> [Cloud Native Hybrid - Ad-Hoc](https://gitlab.com/gitlab-org/quality/performance/-/wikis/Past-Results/10k-Cloud-Native-Hybrid) | [Standard (inc Cloud Services) - Ad-Hoc](https://gitlab.com/gitlab-org/quality/performance/-/wikis/Past-Results/10k) <br/> [Cloud Native Hybrid - Ad-Hoc](https://gitlab.com/gitlab-org/quality/performance/-/wikis/Past-Results/10k-Cloud-Native-Hybrid) | [Standard - Ad-Hoc](https://gitlab.com/gitlab-org/quality/performance/-/wikis/Past-Results/10k) |
| 25k | <i>Refer to GCP<sup>1</sup><i/> | [Standard - Weekly](https://gitlab.com/gitlab-org/quality/performance/-/wikis/Benchmarks/Latest/25k)<sup>1</sup> | - | [Standard - Ad-Hoc](https://gitlab.com/gitlab-org/quality/performance/-/wikis/Past-Results/25k) |
| 50k | <i>Refer to GCP<sup>1</sup><i/> | [Standard - Weekly](https://gitlab.com/gitlab-org/quality/performance/-/wikis/Benchmarks/Latest/50k)<sup>1</sup> | [Standard (inc Cloud Services) - Ad-Hoc](https://gitlab.com/gitlab-org/quality/performance/-/wikis/Past-Results/50k) | - |
| 1k | <i>Refer to GCP<sup>1</sup></i> | [Standard - Weekly](https://gitlab.com/gitlab-org/quality/performance/-/wikis/Benchmarks/Latest/1k)<sup>1</sup> | - | - |
| 2k | <i>Refer to GCP<sup>1</sup></i> | [Standard - Weekly](https://gitlab.com/gitlab-org/quality/performance/-/wikis/Benchmarks/Latest/2k)<sup>1</sup> | - | - |
| 3k | <i>Refer to GCP<sup>1</sup></i> | [Standard - Weekly](https://gitlab.com/gitlab-org/quality/performance/-/wikis/Benchmarks/Latest/3k)<sup>1</sup> | - | - |
| 5k | <i>Refer to GCP<sup>1</sup></i> | [Standard - Weekly](https://gitlab.com/gitlab-org/quality/performance/-/wikis/Benchmarks/Latest/5k)<sup>1</sup> | - | - |
| 10k | <i>Refer to GCP<sup>1</sup></i> | [Standard - Daily](https://gitlab.com/gitlab-org/quality/performance/-/wikis/Benchmarks/Latest/10k)<sup>1</sup> <br/> [Standard (inc Cloud Services) - Ad-Hoc](https://gitlab.com/gitlab-org/quality/performance/-/wikis/Past-Results/10k) <br/> [Cloud Native Hybrid - Ad-Hoc](https://gitlab.com/gitlab-org/quality/performance/-/wikis/Past-Results/10k-Cloud-Native-Hybrid) | [Standard (inc Cloud Services) - Ad-Hoc](https://gitlab.com/gitlab-org/quality/performance/-/wikis/Past-Results/10k) <br/> [Cloud Native Hybrid - Ad-Hoc](https://gitlab.com/gitlab-org/quality/performance/-/wikis/Past-Results/10k-Cloud-Native-Hybrid) | [Standard - Ad-Hoc](https://gitlab.com/gitlab-org/quality/performance/-/wikis/Past-Results/10k) |
| 25k | <i>Refer to GCP<sup>1</sup></i> | [Standard - Weekly](https://gitlab.com/gitlab-org/quality/performance/-/wikis/Benchmarks/Latest/25k)<sup>1</sup> | - | [Standard - Ad-Hoc](https://gitlab.com/gitlab-org/quality/performance/-/wikis/Past-Results/25k) |
| 50k | <i>Refer to GCP<sup>1</sup></i> | [Standard - Weekly](https://gitlab.com/gitlab-org/quality/performance/-/wikis/Benchmarks/Latest/50k)<sup>1</sup> | [Standard (inc Cloud Services) - Ad-Hoc](https://gitlab.com/gitlab-org/quality/performance/-/wikis/Past-Results/50k) | - |
1. The Standard Reference Architectures are designed to be platform agnostic, with everything being run on VMs via [Omnibus GitLab](https://docs.gitlab.com/omnibus/). While testing occurs primarily on GCP, ad-hoc testing has shown that they perform similarly on equivalently specced hardware on other Cloud Providers or if run on premises (bare-metal).

4
doc/user/application_security/api_fuzzing/index.md
View File

@ -1304,8 +1304,8 @@ To detect and correct elements that don't comply with the OpenAPI specifications
| Editor | OpenAPI 2.0 | OpenAPI 3.0.x | OpenAPI 3.1.x |
| -- | -- | -- | -- |
| [Swagger Editor](https://editor.swagger.io/) | [X] YAML, JSON | [X] YAML, JSON | [ ] YAML, JSON |
| [Stoplight Studio](https://stoplight.io/studio/) | [X] YAML, JSON | [X] YAML, JSON | [X] YAML, JSON |
| [Swagger Editor](https://editor.swagger.io/) | **{check-circle}** YAML, JSON | **{check-circle}** YAML, JSON | **{dotted-circle}** YAML, JSON |
| [Stoplight Studio](https://stoplight.io/studio/) | **{check-circle}** YAML, JSON | **{check-circle}** YAML, JSON | **{check-circle}** YAML, JSON |
If your OpenAPI document is generated manually, load your document in the editor and fix anything that is non-compliant. If your document is generated automatically, load it in your editor to identify the issues in the schema, then go to the application and perform the corrections based on the framework you are using.

4
doc/user/application_security/dast_api/index.md
View File

@ -1220,8 +1220,8 @@ To detect and correct elements that don't comply with the OpenAPI specifications
| Editor | OpenAPI 2.0 | OpenAPI 3.0.x | OpenAPI 3.1.x |
| -- | -- | -- | -- |
| [Swagger Editor](https://editor.swagger.io/) | [X] YAML, JSON | [X] YAML, JSON | [ ] YAML, JSON |
| [Stoplight Studio](https://stoplight.io/studio/) | [X] YAML, JSON | [X] YAML, JSON | [X] YAML, JSON |
| [Swagger Editor](https://editor.swagger.io/) | **{check-circle}** YAML, JSON | **{check-circle}** YAML, JSON | **{dotted-circle}** YAML, JSON |
| [Stoplight Studio](https://stoplight.io/studio/) | **{check-circle}** YAML, JSON | **{check-circle}** YAML, JSON | **{check-circle}** YAML, JSON |
If your OpenAPI document is generated manually, load your document in the editor and fix anything that is non-compliant. If your document is generated automatically, load it in your editor to identify the issues in the schema, then go to the application and perform the corrections based on the framework you are using.

1
lib/gitlab/application_rate_limiter.rb
View File

@ -51,6 +51,7 @@ module Gitlab
web_hook_calls: { interval: 1.minute },
users_get_by_id: { threshold: 10, interval: 1.minute },
username_exists: { threshold: 20, interval: 1.minute },
user_sign_up: { threshold: 20, interval: 1.minute },
profile_resend_email_confirmation: { threshold: 5, interval: 1.minute },
profile_update_username: { threshold: 10, interval: 1.minute },
update_environment_canary_ingress: { threshold: 1, interval: 1.minute },

8
lib/gitlab/ci/pipeline/logger.rb
View File

@ -38,8 +38,6 @@ module Gitlab
end
def instrument_with_sql(operation, &block)
return instrument(operation, &block) unless sql_logging_enabled?
op_start_db_counters = current_db_counter_payload
result = instrument(operation, &block)
@ -131,12 +129,6 @@ module Gitlab
def current_db_counter_payload
::Gitlab::Metrics::Subscribers::ActiveRecord.db_counter_payload
end
def sql_logging_enabled?
strong_memoize(:sql_logging_enabled) do
::Feature.enabled?(:ci_pipeline_logger_sql_count, project, default_enabled: :yaml)
end
end
end
end
end

4
lib/gitlab/database/partitioning/partition_manager.rb
View File

@ -64,6 +64,10 @@ module Gitlab
# with_lock_retries starts a requires_new transaction most of the time, but not on the last iteration
with_lock_retries do
connection.transaction(requires_new: false) do # so we open a transaction here if not already in progress
# Partitions might not get created (IF NOT EXISTS) so explicit locking will not happen.
# This LOCK TABLE ensures to have exclusive lock as the first step.
connection.execute "LOCK TABLE #{connection.quote_table_name(model.table_name)} IN ACCESS EXCLUSIVE MODE"
partitions.each do |partition|
connection.execute partition.to_sql

28
lib/gitlab/database/partitioning/sliding_list_strategy.rb
View File

@ -44,7 +44,18 @@ module Gitlab
def extra_partitions
possibly_extra = current_partitions[0...-1] # Never consider the most recent partition
possibly_extra.take_while { |p| detach_partition_if.call(p.value) }
extra = possibly_extra.take_while { |p| detach_partition_if.call(p.value) }
default_value = current_default_value
if extra.any? { |p| p.value == default_value }
Gitlab::AppLogger.error(message: "Inconsistent partition detected: partition with value #{current_default_value} should not be deleted because it's used as the default value.",
partition_number: current_default_value,
table_name: model.table_name)
extra = extra.reject { |p| p.value == default_value }
end
extra
end
def after_adding_partitions
@ -64,6 +75,21 @@ module Gitlab
private
def current_default_value
column_name = model.connection.quote(partitioning_key)
table_name = model.connection.quote(model.table_name)
value = model.connection.select_value <<~SQL
SELECT columns.column_default AS default_value
FROM information_schema.columns columns
WHERE columns.column_name = #{column_name} AND columns.table_name = #{table_name}
SQL
raise "No default value found for the #{partitioning_key} column within #{model.name}" if value.nil?
Integer(value)
end
def ensure_partitioning_column_ignored!
unless model.ignored_columns.include?(partitioning_key.to_s)
raise "Add #{partitioning_key} to #{model.name}.ignored_columns to use it with SlidingListStrategy"

19
lib/gitlab/metrics/exporter/base_exporter.rb
View File

@ -11,28 +11,26 @@ module Gitlab
attr_accessor :readiness_checks
def initialize(settings, **options)
def initialize(settings, log_enabled:, log_file:, **options)
super(**options)
@settings = settings
# log_enabled does not exist for all exporters
log_sink = log_enabled ? File.join(Rails.root, 'log', log_file) : File::NULL
@logger = WEBrick::Log.new(log_sink)
@logger.time_format = "[%Y-%m-%dT%H:%M:%S.%L%z]"
end
def enabled?
settings.enabled
end
def log_filename
raise NotImplementedError
end
private
attr_reader :settings
attr_reader :settings, :logger
def start_working
logger = WEBrick::Log.new(log_filename)
logger.time_format = "[%Y-%m-%dT%H:%M:%S.%L%z]"
access_log = [
[logger, WEBrick::AccessLog::COMBINED_LOG_FORMAT]
]
@ -44,6 +42,9 @@ module Gitlab
server.mount '/', Rack::Handler::WEBrick, rack_app
true
rescue StandardError => e
logger.error(e)
false
end
def run_thread

11
lib/gitlab/metrics/exporter/sidekiq_exporter.rb
View File

@ -4,12 +4,11 @@ module Gitlab
module Metrics
module Exporter
class SidekiqExporter < BaseExporter
def log_filename
if settings['log_enabled']
File.join(Rails.root, 'log', 'sidekiq_exporter.log')
else
File::NULL
end
def initialize(settings, **options)
super(settings,
log_enabled: settings['log_enabled'],
log_file: 'sidekiq_exporter.log',
**options)
end
end
end

8
lib/gitlab/metrics/exporter/web_exporter.rb
View File

@ -26,8 +26,8 @@ module Gitlab
attr_reader :running
# This exporter is always run on master process
def initialize
super(Settings.monitoring.web_exporter)
def initialize(**options)
super(Settings.monitoring.web_exporter, log_enabled: true, log_file: 'web_exporter.log', **options)
# DEPRECATED:
# these `readiness_checks` are deprecated
@ -39,10 +39,6 @@ module Gitlab
]
end
def log_filename
File.join(Rails.root, 'log', 'web_exporter.log')
end
def mark_as_not_running!
@running = false
end

15
locale/gitlab.pot
View File

@ -13405,6 +13405,9 @@ msgstr ""
msgid "Enter in your Phabricator Server URL and personal access token below"
msgstr ""
msgid "Enter license key"
msgstr ""
msgid "Enter merge request URLs"
msgstr ""
@ -21100,6 +21103,9 @@ msgstr ""
msgid "License file"
msgstr ""
msgid "License key"
msgstr ""
msgid "License overview"
msgstr ""
@ -34912,6 +34918,9 @@ msgstr ""
msgid "Terms of Service and Privacy Policy"
msgstr ""
msgid "Terms of service"
msgstr ""
msgid "Terraform"
msgstr ""
@ -38180,6 +38189,9 @@ msgstr ""
msgid "Upload"
msgstr ""
msgid "Upload %{file_name} file"
msgstr ""
msgid "Upload CSV file"
msgstr ""
@ -39155,6 +39167,9 @@ msgstr ""
msgid "VersionCheck|Update available"
msgstr ""
msgid "VersionCheck|Your GitLab Version"
msgstr ""
msgid "View Documentation"
msgstr ""

2
qa/qa/specs/features/browser_ui/1_manage/login/register_spec.rb
View File

@ -13,7 +13,7 @@ module QA
end
end
RSpec.describe 'Manage', :skip_signup_disabled, :requires_admin, quarantine: { issue: 'https://gitlab.com/gitlab-org/gitlab/-/issues/349626', type: :stale } do
RSpec.describe 'Manage', :skip_signup_disabled, :requires_admin do
describe 'while LDAP is enabled', :orchestrated, :ldap_no_tls, testcase: 'https://gitlab.com/gitlab-org/gitlab/-/quality/test_cases/347934' do
before do
# When LDAP is enabled, a previous test might have created a token for the LDAP 'tanuki' user who is not an admin

90
qa/qa/specs/features/browser_ui/3_create/merge_request/view_merge_request_merge_ref_diff_spec.rb
View File

@ -1,90 +0,0 @@
# frozen_string_literal: true
module QA
RSpec.describe 'Create', :requires_admin, quarantine: { issue: 'https://gitlab.com/gitlab-org/gitlab/-/issues/261793', type: :investigating } do
describe 'View merge request merge-ref diff' do
let(:project) do
Resource::Project.fabricate_via_api! do |project|
project.name = 'merge-ref-diff'
end
end
let(:merge_request) do
Resource::MergeRequest.fabricate_via_api! do |merge_request|
merge_request.project = project
merge_request.title = 'This is a merge request'
merge_request.description = '... for viewing merge-ref and merge-base diffs'
merge_request.file_content = 'This exists on the source branch only'
end
end
let(:new_file_name) { "added_file-#{SecureRandom.hex(8)}.txt" }
context 'when the feature flag default_merge_ref_for_diffs is enabled' do
before do
Runtime::Feature.enable('default_merge_ref_for_diffs', project: project)
commit_to_branch(merge_request.target_branch, new_file_name)
commit_to_branch(merge_request.source_branch, new_file_name)
Flow::Login.sign_in
merge_request.visit!
end
it 'views the merge-ref diff by default', testcase: 'https://gitlab.com/gitlab-org/gitlab/-/quality/test_cases/347651' do
Page::MergeRequest::Show.perform do |mr_page|
mr_page.click_diffs_tab
mr_page.click_target_version_dropdown
expect(mr_page.version_dropdown_content).to include("#{project.default_branch} (HEAD)")
expect(mr_page.version_dropdown_content).not_to include("#{project.default_branch} (base)")
expect(mr_page).to have_file(merge_request.file_name)
expect(mr_page).not_to have_file(new_file_name)
end
end
end
context 'when the feature flag default_merge_ref_for_diffs is disabled' do
before do
Runtime::Feature.disable('default_merge_ref_for_diffs', project: project)
commit_to_branch(merge_request.target_branch, new_file_name)
commit_to_branch(merge_request.source_branch, new_file_name)
Flow::Login.sign_in
merge_request.visit!
end
it 'views the merge-base diff by default', testcase: 'https://gitlab.com/gitlab-org/gitlab/-/quality/test_cases/347650' do
Page::MergeRequest::Show.perform do |mr_page|
mr_page.click_diffs_tab
mr_page.click_target_version_dropdown
expect(mr_page.version_dropdown_content).to include("#{project.default_branch} (HEAD)")
expect(mr_page.version_dropdown_content).to include("#{project.default_branch} (base)")
expect(mr_page).to have_file(merge_request.file_name)
expect(mr_page).to have_file(new_file_name)
end
end
end
def commit_to_branch(branch, file)
Resource::Repository::Commit.fabricate_via_api! do |commit|
commit.project = merge_request.project
commit.branch = branch
commit.commit_message = "Add new file on #{branch}"
commit.add_files(
[
{
file_path: file,
content: "This exists on source and target branches"
}
]
)
end
end
end
end
end

9
spec/controllers/import/gitlab_controller_spec.rb
View File

@ -33,15 +33,16 @@ RSpec.describe Import::GitlabController do
end
describe "GET status" do
let(:repo_fake) { Struct.new(:id, :path, :path_with_namespace, :web_url, keyword_init: true) }
let(:repo) { repo_fake.new(id: 1, path: 'vim', path_with_namespace: 'asd/vim', web_url: 'https://gitlab.com/asd/vim') }
before do
@repo = OpenStruct.new(id: 1, path: 'vim', path_with_namespace: 'asd/vim', web_url: 'https://gitlab.com/asd/vim')
assign_session_token
end
it_behaves_like 'import controller status' do
let(:repo) { @repo }
let(:repo_id) { @repo.id }
let(:import_source) { @repo.path_with_namespace }
let(:repo_id) { repo.id }
let(:import_source) { repo.path_with_namespace }
let(:provider_name) { 'gitlab' }
let(:client_repos_field) { :projects }
end

16
spec/controllers/registrations_controller_spec.rb
View File

@ -20,6 +20,10 @@ RSpec.describe RegistrationsController do
end
describe '#create' do
before do
allow(::Gitlab::ApplicationRateLimiter).to receive(:throttled?).and_return(false)
end
let_it_be(:base_user_params) do
{ first_name: 'first', last_name: 'last', username: 'new_username', email: 'new@user.com', password: 'Any_password' }
end
@ -410,6 +414,18 @@ RSpec.describe RegistrationsController do
end
end
context 'when the rate limit has been reached' do
it 'returns status 429 Too Many Requests', :aggregate_failures do
ip = '1.2.3.4'
expect(::Gitlab::ApplicationRateLimiter).to receive(:throttled?).with(:user_sign_up, scope: ip).and_return(true)
controller.request.env['REMOTE_ADDR'] = ip
post(:create, params: user_params, session: session_params)
expect(response).to have_gitlab_http_status(:too_many_requests)
end
end
it "logs a 'User Created' message" do
expect(Gitlab::AppLogger).to receive(:info).with(/\AUser Created: username=new_username email=new@user.com.+\z/).and_call_original

67
spec/features/help_dropdown_spec.rb Normal file
View File

@ -0,0 +1,67 @@
# frozen_string_literal: true
require 'spec_helper'
RSpec.describe "Help Dropdown", :js do
let_it_be(:user) { create(:user) }
let_it_be(:admin) { create(:admin) }
before do
stub_application_setting(version_check_enabled: true)
end
context 'when logged in as non-admin' do
before do
sign_in(user)
visit root_path
end
it 'does not render version data' do
page.within '.header-help' do
find('.header-help-dropdown-toggle').click
expect(page).not_to have_text('Your GitLab Version')
expect(page).not_to have_text("#{Gitlab.version_info.major}.#{Gitlab.version_info.minor}")
expect(page).not_to have_selector('.version-check-badge')
expect(page).not_to have_text('Up to date')
end
end
end
context 'when logged in as admin' do
before do
sign_in(admin)
gitlab_enable_admin_mode_sign_in(admin)
end
describe 'does render version data' do
where(:response, :ui_text) do
[
[{ "severity" => "success" }, 'Up to date'],
[{ "severity" => "warning" }, 'Update available'],
[{ "severity" => "danger" }, 'Update ASAP']
]
end
with_them do
before do
allow_next_instance_of(VersionCheck) do |instance|
allow(instance).to receive(:response).and_return(response)
end
visit root_path
end
it 'renders correct version badge variant' do
page.within '.header-help' do
find('.header-help-dropdown-toggle').click
expect(page).to have_text('Your GitLab Version')
expect(page).to have_text("#{Gitlab.version_info.major}.#{Gitlab.version_info.minor}")
expect(page).to have_selector('.version-check-badge')
expect(page).to have_text(ui_text)
end
end
end
end
end
end

13
spec/frontend/integrations/edit/components/dynamic_field_spec.js
View File

@ -61,7 +61,7 @@ describe('DynamicField', () => {
});
it(`renders GlFormCheckbox with correct text content when checkboxLabel is ${checkboxLabel}`, () => {
expect(findGlFormCheckbox().text()).toBe(checkboxLabel ?? defaultProps.title);
expect(findGlFormCheckbox().text()).toContain(checkboxLabel ?? defaultProps.title);
});
it('does not render other types of input', () => {
@ -182,6 +182,17 @@ describe('DynamicField', () => {
expect(findGlFormGroup().find('small').text()).toBe(defaultProps.help);
});
describe('when type is checkbox', () => {
it('renders description with help text', () => {
createComponent({
type: 'checkbox',
});
expect(findGlFormGroup().find('small').exists()).toBe(false);
expect(findGlFormCheckbox().text()).toContain(defaultProps.help);
});
});
it('renders description with help text as HTML', () => {
const helpHTML = 'The <strong>URL</strong> of the project';

84
spec/frontend/packages_and_registries/container_registry/explorer/components/details_page/details_header_spec.js
View File

@ -1,7 +1,6 @@
import { GlDropdownItem, GlIcon } from '@gitlab/ui';
import { GlDropdownItem, GlIcon, GlDropdown } from '@gitlab/ui';
import { shallowMount, createLocalVue } from '@vue/test-utils';
import VueApollo from 'vue-apollo';
import { GlDropdown } from 'jest/packages_and_registries/container_registry/explorer/stubs';
import { useFakeDate } from 'helpers/fake_date';
import createMockApollo from 'helpers/mock_apollo_helper';
import { createMockDirective, getBinding } from 'helpers/vue_mock_directive';
@ -51,6 +50,7 @@ describe('Details Header', () => {
const findCleanup = () => findByTestId('cleanup');
const findDeleteButton = () => wrapper.findComponent(GlDropdownItem);
const findInfoIcon = () => wrapper.findComponent(GlIcon);
const findMenu = () => wrapper.findComponent(GlDropdown);
const waitForMetadataItems = async () => {
// Metadata items are printed by a loop in the title-area and it takes two ticks for them to be available
@ -139,51 +139,53 @@ describe('Details Header', () => {
});
});
describe('delete button', () => {
it('exists', () => {
mountComponent();
expect(findDeleteButton().exists()).toBe(true);
});
it('has the correct text', () => {
mountComponent();
expect(findDeleteButton().text()).toBe('Delete image repository');
});
it('has the correct props', () => {
mountComponent();
expect(findDeleteButton().attributes()).toMatchObject(
expect.objectContaining({
variant: 'danger',
}),
);
});
it('emits the correct event', () => {
mountComponent();
findDeleteButton().vm.$emit('click');
expect(wrapper.emitted('delete')).toEqual([[]]);
});
describe('menu', () => {
it.each`
canDelete | disabled | isDisabled
${true} | ${false} | ${undefined}
${true} | ${true} | ${'true'}
${false} | ${false} | ${'true'}
${false} | ${true} | ${'true'}
canDelete | disabled | isVisible
${true} | ${false} | ${true}
${true} | ${true} | ${false}
${false} | ${false} | ${false}
${false} | ${true} | ${false}
`(
'when canDelete is $canDelete and disabled is $disabled is $isDisabled that the button is disabled',
({ canDelete, disabled, isDisabled }) => {
'when canDelete is $canDelete and disabled is $disabled is $isVisible that the menu is visible',
({ canDelete, disabled, isVisible }) => {
mountComponent({ propsData: { image: { ...defaultImage, canDelete }, disabled } });
expect(findDeleteButton().attributes('disabled')).toBe(isDisabled);
expect(findMenu().exists()).toBe(isVisible);
},
);
describe('delete button', () => {
it('exists', () => {
mountComponent();
expect(findDeleteButton().exists()).toBe(true);
});
it('has the correct text', () => {
mountComponent();
expect(findDeleteButton().text()).toBe('Delete image repository');
});
it('has the correct props', () => {
mountComponent();
expect(findDeleteButton().attributes()).toMatchObject(
expect.objectContaining({
variant: 'danger',
}),
);
});
it('emits the correct event', () => {
mountComponent();
findDeleteButton().vm.$emit('click');
expect(wrapper.emitted('delete')).toEqual([[]]);
});
});
});
describe('metadata items', () => {

27
spec/frontend/repository/components/blob_controls_spec.js
View File

@ -7,8 +7,11 @@ import BlobControls from '~/repository/components/blob_controls.vue';
import blobControlsQuery from '~/repository/queries/blob_controls.query.graphql';
import { shallowMountExtended } from 'helpers/vue_test_utils_helper';
import createRouter from '~/repository/router';
import { updateElementsVisibility } from '~/repository/utils/dom';
import { blobControlsDataMock, refMock } from '../mock_data';
jest.mock('~/repository/utils/dom');
let router;
let wrapper;
let mockResolver;
@ -64,14 +67,22 @@ describe('Blob controls component', () => {
expect(findPermalinkButton().attributes('href')).toBe('permalink/file.js');
});
it('does not render any buttons if no filePath is provided', async () => {
router.replace({ name: 'blobPath', params: { path: null } });
it.each`
name | path
${'blobPathDecoded'} | ${null}
${'treePathDecoded'} | ${'myFile.js'}
`(
'does not render any buttons if router name is $name and router path is $path',
async ({ name, path }) => {
router.replace({ name, params: { path } });
await nextTick();
await nextTick();
expect(findFindButton().exists()).toBe(false);
expect(findBlameButton().exists()).toBe(false);
expect(findHistoryButton().exists()).toBe(false);
expect(findPermalinkButton().exists()).toBe(false);
});
expect(findFindButton().exists()).toBe(false);
expect(findBlameButton().exists()).toBe(false);
expect(findHistoryButton().exists()).toBe(false);
expect(findPermalinkButton().exists()).toBe(false);
expect(updateElementsVisibility).toHaveBeenCalledWith('.tree-controls', true);
},
);
});

82
spec/lib/gitlab/database/no_cross_db_foreign_keys_spec.rb Normal file
View File

@ -0,0 +1,82 @@
# frozen_string_literal: true
require 'spec_helper'
RSpec.describe 'cross-database foreign keys' do
# TODO: We are trying to empty out this list in
# https://gitlab.com/groups/gitlab-org/-/epics/7249 . Once we are done we can
# keep this test and assert that there are no cross-db foreign keys. We
# should not be adding anything to this list but should instead only add new
# loose foreign keys
# https://docs.gitlab.com/ee/development/database/loose_foreign_keys.html .
let(:allowed_cross_database_foreign_keys) do
%w(
ci_build_report_results.project_id
ci_builds.project_id
ci_builds_metadata.project_id
ci_daily_build_group_report_results.group_id
ci_daily_build_group_report_results.project_id
ci_freeze_periods.project_id
ci_job_artifacts.project_id
ci_job_token_project_scope_links.added_by_id
ci_job_token_project_scope_links.source_project_id
ci_job_token_project_scope_links.target_project_id
ci_pending_builds.namespace_id
ci_pending_builds.project_id
ci_pipeline_artifacts.project_id
ci_pipeline_schedules.owner_id
ci_pipeline_schedules.project_id
ci_pipelines.merge_request_id
ci_pipelines.project_id
ci_project_monthly_usages.project_id
ci_refs.project_id
ci_resource_groups.project_id
ci_runner_namespaces.namespace_id
ci_runner_projects.project_id
ci_running_builds.project_id
ci_sources_pipelines.project_id
ci_sources_pipelines.source_project_id
ci_sources_projects.source_project_id
ci_stages.project_id
ci_subscriptions_projects.downstream_project_id
ci_subscriptions_projects.upstream_project_id
ci_triggers.owner_id
ci_triggers.project_id
ci_unit_tests.project_id
ci_variables.project_id
dast_profiles_pipelines.ci_pipeline_id
dast_scanner_profiles_builds.ci_build_id
dast_site_profiles_builds.ci_build_id
dast_site_profiles_pipelines.ci_pipeline_id
external_pull_requests.project_id
merge_requests.head_pipeline_id
merge_trains.pipeline_id
requirements_management_test_reports.build_id
security_scans.build_id
vulnerability_feedback.pipeline_id
vulnerability_occurrence_pipelines.pipeline_id
vulnerability_statistics.latest_pipeline_id
).freeze
end
def foreign_keys_for(table_name)
ApplicationRecord.connection.foreign_keys(table_name)
end
def is_cross_db?(fk_record)
Gitlab::Database::GitlabSchema.table_schemas([fk_record.from_table, fk_record.to_table]).many?
end
it 'onlies have allowed list of cross-database foreign keys', :aggregate_failures do
all_tables = ApplicationRecord.connection.data_sources
all_tables.each do |table|
foreign_keys_for(table).each do |fk|
if is_cross_db?(fk)
column = "#{fk.from_table}.#{fk.column}"
expect(allowed_cross_database_foreign_keys).to include(column), "Found extra cross-database foreign key #{column} referencing #{fk.to_table} with constraint name #{fk.name}. When a foreign key references another database you must use a Loose Foreign Key instead https://docs.gitlab.com/ee/development/database/loose_foreign_keys.html ."
end
end
end
end
end

3
spec/lib/gitlab/database/partitioning/partition_manager_spec.rb
View File

@ -18,7 +18,7 @@ RSpec.describe Gitlab::Database::Partitioning::PartitionManager do
let(:model) { double(partitioning_strategy: partitioning_strategy, table_name: table, connection: connection) }
let(:partitioning_strategy) { double(missing_partitions: partitions, extra_partitions: [], after_adding_partitions: nil) }
let(:connection) { ActiveRecord::Base.connection }
let(:table) { "some_table" }
let(:table) { "issues" }
before do
allow(connection).to receive(:table_exists?).and_call_original
@ -36,6 +36,7 @@ RSpec.describe Gitlab::Database::Partitioning::PartitionManager do
end
it 'creates the partition' do
expect(connection).to receive(:execute).with("LOCK TABLE \"#{table}\" IN ACCESS EXCLUSIVE MODE")
expect(connection).to receive(:execute).with(partitions.first.to_sql)
expect(connection).to receive(:execute).with(partitions.second.to_sql)

7
spec/lib/gitlab/database/partitioning/sliding_list_strategy_spec.rb
View File

@ -5,7 +5,7 @@ require 'spec_helper'
RSpec.describe Gitlab::Database::Partitioning::SlidingListStrategy do
let(:connection) { ActiveRecord::Base.connection }
let(:table_name) { :_test_partitioned_test }
let(:model) { double('model', table_name: table_name, ignored_columns: %w[partition]) }
let(:model) { double('model', table_name: table_name, ignored_columns: %w[partition], connection: connection) }
let(:next_partition_if) { double('next_partition_if') }
let(:detach_partition_if) { double('detach_partition_if') }
@ -94,7 +94,8 @@ RSpec.describe Gitlab::Database::Partitioning::SlidingListStrategy do
let(:detach_partition_if) { ->(p) { p != 5 } }
it 'is the leading set of partitions before that value' do
expect(strategy.extra_partitions.map(&:value)).to contain_exactly(1, 2, 3, 4)
# should not contain partition 2 since it's the default value for the partition column
expect(strategy.extra_partitions.map(&:value)).to contain_exactly(1, 3, 4)
end
end
@ -102,7 +103,7 @@ RSpec.describe Gitlab::Database::Partitioning::SlidingListStrategy do
let(:detach_partition_if) { proc { true } }
it 'is all but the most recent partition', :aggregate_failures do
expect(strategy.extra_partitions.map(&:value)).to contain_exactly(1, 2, 3, 4, 5, 6, 7, 8, 9)
expect(strategy.extra_partitions.map(&:value)).to contain_exactly(1, 3, 4, 5, 6, 7, 8, 9)
expect(strategy.current_partitions.map(&:value).max).to eq(10)
end

41
spec/lib/gitlab/metrics/exporter/base_exporter_spec.rb
View File

@ -4,13 +4,8 @@ require 'spec_helper'
RSpec.describe Gitlab::Metrics::Exporter::BaseExporter do
let(:settings) { double('settings') }
let(:exporter) { described_class.new(settings) }
let(:log_filename) { File.join(Rails.root, 'log', 'sidekiq_exporter.log') }
before do
allow_any_instance_of(described_class).to receive(:log_filename).and_return(log_filename)
allow_any_instance_of(described_class).to receive(:settings).and_return(settings)
end
let(:log_enabled) { false }
let(:exporter) { described_class.new(settings, log_enabled: log_enabled, log_file: 'test_exporter.log') }
describe 'when exporter is enabled' do
before do
@ -61,6 +56,38 @@ RSpec.describe Gitlab::Metrics::Exporter::BaseExporter do
exporter.start.join
end
context 'logging enabled' do
let(:log_enabled) { true }
let(:logger) { instance_double(WEBrick::Log) }
before do
allow(logger).to receive(:time_format=)
allow(logger).to receive(:info)
end
it 'configures a WEBrick logger with the given file' do
expect(WEBrick::Log).to receive(:new).with(end_with('test_exporter.log')).and_return(logger)
exporter
end
it 'logs any errors during startup' do
expect(::WEBrick::Log).to receive(:new).and_return(logger)
expect(::WEBrick::HTTPServer).to receive(:new).and_raise 'fail'
expect(logger).to receive(:error)
exporter.start
end
end
context 'logging disabled' do
it 'configures a WEBrick logger with the null device' do
expect(WEBrick::Log).to receive(:new).with(File::NULL).and_call_original
exporter
end
end
end
describe 'when thread is not alive' do

53
spec/lib/gitlab/metrics/exporter/sidekiq_exporter_spec.rb
View File

@ -1,53 +0,0 @@
# frozen_string_literal: true
require 'spec_helper'
RSpec.describe Gitlab::Metrics::Exporter::SidekiqExporter do
let(:exporter) { described_class.new(Settings.monitoring.sidekiq_exporter) }
after do
exporter.stop
end
context 'with valid config' do
before do
stub_config(
monitoring: {
sidekiq_exporter: {
enabled: true,
log_enabled: false,
port: 0,
address: '127.0.0.1'
}
}
)
end
it 'does start thread' do
expect(exporter.start).not_to be_nil
end
it 'does not enable logging by default' do
expect(exporter.log_filename).to eq(File::NULL)
end
end
context 'with logging enabled' do
before do
stub_config(
monitoring: {
sidekiq_exporter: {
enabled: true,
log_enabled: true,
port: 0,
address: '127.0.0.1'
}
}
)
end
it 'returns a valid log filename' do
expect(exporter.log_filename).to end_with('sidekiq_exporter.log')
end
end
end

22
spec/models/ci/build_spec.rb
View File

@ -2468,6 +2468,16 @@ RSpec.describe Ci::Build do
it { is_expected.not_to be_playable }
end
context 'when build is waiting for deployment approval' do
subject { build_stubbed(:ci_build, :manual, environment: 'production') }
before do
create(:deployment, :blocked, deployable: subject)
end
it { is_expected.not_to be_playable }
end
end
describe 'project settings' do
@ -3792,6 +3802,18 @@ RSpec.describe Ci::Build do
end
end
describe 'when the build is waiting for deployment approval' do
let(:build) { create(:ci_build, :manual, environment: 'production') }
before do
create(:deployment, :blocked, deployable: build)
end
it 'does not allow the build to be enqueued' do
expect { build.enqueue! }.to raise_error(StateMachines::InvalidTransition)
end
end
describe 'state transition: any => [:pending]' do
let(:build) { create(:ci_build, :created) }

9
spec/models/ci/pipeline_spec.rb
View File

@ -4695,14 +4695,5 @@ RSpec.describe Ci::Pipeline, :mailer, factory_default: :keep do
it { expect(pipeline.tags_count).to eq(4) }
it { expect(pipeline.distinct_tags_count).to eq(3) }
end
context 'with the FF disabled' do
before do
stub_feature_flags(ci_pipeline_logger_tags_count: false)
end
it { expect(pipeline.tags_count).to be_nil }
it { expect(pipeline.distinct_tags_count).to be_nil }
end
end
end

87
spec/policies/group_policy_spec.rb
View File

@ -10,21 +10,32 @@ RSpec.describe GroupPolicy do
let(:current_user) { nil }
it do
expect_allowed(:read_group)
expect_allowed(:read_counts)
expect_allowed(*read_group_permissions)
expect_allowed(*public_permissions)
expect_disallowed(:upload_file)
expect_disallowed(*reporter_permissions)
expect_disallowed(*developer_permissions)
expect_disallowed(*maintainer_permissions)
expect_disallowed(*owner_permissions)
expect_disallowed(:read_namespace)
expect_disallowed(:read_crm_organization)
expect_disallowed(:read_crm_contact)
end
end
context 'with no user and public project' do
context 'public group with user who is not a member' do
let(:group) { create(:group, :public, :crm_enabled) }
let(:current_user) { create(:user) }
it do
expect_allowed(*public_permissions)
expect_disallowed(:upload_file)
expect_disallowed(*reporter_permissions)
expect_disallowed(*developer_permissions)
expect_disallowed(*maintainer_permissions)
expect_disallowed(*owner_permissions)
expect_disallowed(:read_namespace)
end
end
context 'private group that has been invited to a public project and with no user' do
let(:project) { create(:project, :public, group: create(:group, :crm_enabled)) }
let(:current_user) { nil }
@ -32,15 +43,14 @@ RSpec.describe GroupPolicy do
create(:project_group_link, project: project, group: group)
end
it { expect_disallowed(:read_group) }
it { expect_disallowed(:read_crm_organization) }
it { expect_disallowed(:read_crm_contact) }
it { expect_disallowed(:read_counts) }
it { expect_disallowed(:read_group_runners) }
it { expect_disallowed(*read_group_permissions) }
it do
expect_disallowed(*public_permissions)
expect_disallowed(*reporter_permissions)
expect_disallowed(*owner_permissions)
end
end
context 'with foreign user and public project' do
context 'private group that has been invited to a public project and with a foreign user' do
let(:project) { create(:project, :public, group: create(:group, :crm_enabled)) }
let(:current_user) { create(:user) }
@ -48,12 +58,11 @@ RSpec.describe GroupPolicy do
create(:project_group_link, project: project, group: group)
end
it { expect_disallowed(:read_group) }
it { expect_disallowed(:read_crm_organization) }
it { expect_disallowed(:read_crm_contact) }
it { expect_disallowed(:read_counts) }
it { expect_disallowed(:read_group_runners) }
it { expect_disallowed(*read_group_permissions) }
it do
expect_disallowed(*public_permissions)
expect_disallowed(*reporter_permissions)
expect_disallowed(*owner_permissions)
end
end
context 'has projects' do
@ -64,13 +73,13 @@ RSpec.describe GroupPolicy do
project.add_developer(current_user)
end
it { expect_allowed(*read_group_permissions) }
it { expect_allowed(*(public_permissions - [:read_counts])) }
context 'in subgroups' do
let(:subgroup) { create(:group, :private, :crm_enabled, parent: group) }
let(:project) { create(:project, namespace: subgroup) }
it { expect_allowed(*read_group_permissions) }
it { expect_allowed(*(public_permissions - [:read_counts])) }
end
end
@ -83,7 +92,7 @@ RSpec.describe GroupPolicy do
let(:current_user) { deploy_token }
it do
expect_disallowed(*read_group_permissions)
expect_disallowed(*public_permissions)
expect_disallowed(*guest_permissions)
expect_disallowed(*reporter_permissions)
expect_disallowed(*developer_permissions)
@ -96,7 +105,7 @@ RSpec.describe GroupPolicy do
let(:current_user) { guest }
it do
expect_allowed(*read_group_permissions)
expect_allowed(*public_permissions)
expect_allowed(*guest_permissions)
expect_disallowed(*reporter_permissions)
expect_disallowed(*developer_permissions)
@ -113,7 +122,7 @@ RSpec.describe GroupPolicy do
let(:current_user) { reporter }
it do
expect_allowed(*read_group_permissions)
expect_allowed(*public_permissions)
expect_allowed(*guest_permissions)
expect_allowed(*reporter_permissions)
expect_disallowed(*developer_permissions)
@ -130,7 +139,7 @@ RSpec.describe GroupPolicy do
let(:current_user) { developer }
it do
expect_allowed(*read_group_permissions)
expect_allowed(*public_permissions)
expect_allowed(*guest_permissions)
expect_allowed(*reporter_permissions)
expect_allowed(*developer_permissions)
@ -158,7 +167,7 @@ RSpec.describe GroupPolicy do
updated_owner_permissions =
owner_permissions - create_subgroup_permission
expect_allowed(*read_group_permissions)
expect_allowed(*public_permissions)
expect_allowed(*guest_permissions)
expect_allowed(*reporter_permissions)
expect_allowed(*developer_permissions)
@ -169,7 +178,7 @@ RSpec.describe GroupPolicy do
context 'with subgroup_creation_level set to owner' do
it 'allows every maintainer permission' do
expect_allowed(*read_group_permissions)
expect_allowed(*public_permissions)
expect_allowed(*guest_permissions)
expect_allowed(*reporter_permissions)
expect_allowed(*developer_permissions)
@ -187,7 +196,7 @@ RSpec.describe GroupPolicy do
let(:current_user) { owner }
it do
expect_allowed(*read_group_permissions)
expect_allowed(*public_permissions)
expect_allowed(*guest_permissions)
expect_allowed(*reporter_permissions)
expect_allowed(*developer_permissions)
@ -204,7 +213,7 @@ RSpec.describe GroupPolicy do
let(:current_user) { admin }
specify do
expect_disallowed(*read_group_permissions)
expect_disallowed(*public_permissions)
expect_disallowed(*guest_permissions)
expect_disallowed(*reporter_permissions)
expect_disallowed(*developer_permissions)
@ -214,7 +223,7 @@ RSpec.describe GroupPolicy do
context 'with admin mode', :enable_admin_mode do
specify do
expect_allowed(*read_group_permissions)
expect_allowed(*public_permissions)
expect_allowed(*guest_permissions)
expect_allowed(*reporter_permissions)
expect_allowed(*developer_permissions)
@ -256,8 +265,7 @@ RSpec.describe GroupPolicy do
let(:current_user) { nil }
it do
expect_disallowed(:read_counts)
expect_disallowed(*read_group_permissions)
expect_disallowed(*public_permissions)
expect_disallowed(*guest_permissions)
expect_disallowed(*reporter_permissions)
expect_disallowed(*developer_permissions)
@ -270,8 +278,7 @@ RSpec.describe GroupPolicy do
let(:current_user) { guest }
it do
expect_allowed(:read_counts)
expect_allowed(*read_group_permissions)
expect_allowed(*public_permissions)
expect_allowed(*guest_permissions)
expect_disallowed(*reporter_permissions)
expect_disallowed(*developer_permissions)
@ -284,8 +291,7 @@ RSpec.describe GroupPolicy do
let(:current_user) { reporter }
it do
expect_allowed(:read_counts)
expect_allowed(*read_group_permissions)
expect_allowed(*public_permissions)
expect_allowed(*guest_permissions)
expect_allowed(*reporter_permissions)
expect_disallowed(*developer_permissions)
@ -298,8 +304,7 @@ RSpec.describe GroupPolicy do
let(:current_user) { developer }
it do
expect_allowed(:read_counts)
expect_allowed(*read_group_permissions)
expect_allowed(*public_permissions)
expect_allowed(*guest_permissions)
expect_allowed(*reporter_permissions)
expect_allowed(*developer_permissions)
@ -312,8 +317,7 @@ RSpec.describe GroupPolicy do
let(:current_user) { maintainer }
it do
expect_allowed(:read_counts)
expect_allowed(*read_group_permissions)
expect_allowed(*public_permissions)
expect_allowed(*guest_permissions)
expect_allowed(*reporter_permissions)
expect_allowed(*developer_permissions)
@ -326,8 +330,7 @@ RSpec.describe GroupPolicy do
let(:current_user) { owner }
it do
expect_allowed(:read_counts)
expect_allowed(*read_group_permissions)
expect_allowed(*public_permissions)
expect_allowed(*guest_permissions)
expect_allowed(*reporter_permissions)
expect_allowed(*developer_permissions)

2
spec/services/ci/pipelines/add_job_service_spec.rb
View File

@ -31,7 +31,7 @@ RSpec.describe Ci::Pipelines::AddJobService do
execute
end.to change { job.slice(:pipeline, :project, :ref) }.to(
pipeline: pipeline, project: pipeline.project, ref: pipeline.ref
)
).and change { job.metadata.project }.to(pipeline.project)
end
it 'returns a service response with the job as payload' do

19
spec/support/database/cross-database-modification-allowlist.yml
View File

@ -1,30 +1,11 @@
- "./ee/spec/mailers/notify_spec.rb"
- "./ee/spec/models/group_member_spec.rb"
- "./ee/spec/replicators/geo/terraform_state_version_replicator_spec.rb"
- "./ee/spec/services/ci/retry_build_service_spec.rb"
- "./spec/controllers/abuse_reports_controller_spec.rb"
- "./spec/controllers/omniauth_callbacks_controller_spec.rb"
- "./spec/controllers/projects/issues_controller_spec.rb"
- "./spec/features/issues/issue_detail_spec.rb"
- "./spec/features/projects/pipelines/pipeline_spec.rb"
- "./spec/features/signed_commits_spec.rb"
- "./spec/helpers/issuables_helper_spec.rb"
- "./spec/lib/gitlab/auth_spec.rb"
- "./spec/lib/gitlab/ci/pipeline/chain/create_spec.rb"
- "./spec/lib/gitlab/email/handler/create_issue_handler_spec.rb"
- "./spec/lib/gitlab/email/handler/create_merge_request_handler_spec.rb"
- "./spec/lib/gitlab/email/handler/create_note_handler_spec.rb"
- "./spec/lib/gitlab/email/handler/create_note_on_issuable_handler_spec.rb"
- "./spec/models/ci/build_trace_chunk_spec.rb"
- "./spec/models/ci/job_artifact_spec.rb"
- "./spec/models/clusters/applications/runner_spec.rb"
- "./spec/models/design_management/version_spec.rb"
- "./spec/models/hooks/system_hook_spec.rb"
- "./spec/models/members/project_member_spec.rb"
- "./spec/models/user_spec.rb"
- "./spec/models/user_status_spec.rb"
- "./spec/requests/api/commits_spec.rb"
- "./spec/services/ci/retry_build_service_spec.rb"
- "./spec/services/projects/overwrite_project_service_spec.rb"
- "./spec/workers/merge_requests/create_pipeline_worker_spec.rb"
- "./spec/workers/repository_cleanup_worker_spec.rb"

9
spec/support/shared_contexts/policies/group_policy_shared_context.rb
View File

@ -10,6 +10,13 @@ RSpec.shared_context 'GroupPolicy context' do
let_it_be(:non_group_member) { create(:user) }
let_it_be(:group, refind: true) { create(:group, :private, :owner_subgroup_creation_only, :crm_enabled) }
let(:public_permissions) do
%i[
read_group read_counts
read_label read_issue_board_list read_milestone read_issue_board
]
end
let(:guest_permissions) do
%i[
read_label read_group upload_file read_namespace read_group_activity
@ -18,8 +25,6 @@ RSpec.shared_context 'GroupPolicy context' do
]
end
let(:read_group_permissions) { %i[read_label read_issue_board_list read_milestone read_issue_board] }
let(:reporter_permissions) do
%i[
admin_label

16
spec/views/layouts/header/_gitlab_version.html.haml_spec.rb Normal file
View File

@ -0,0 +1,16 @@
# frozen_string_literal: true
require 'spec_helper'
RSpec.describe 'layouts/header/_gitlab_version' do
describe 'when show_version_check? is true' do
before do
allow(view).to receive(:show_version_check?).and_return(true)
render
end
it 'renders the version check badge' do
expect(rendered).to have_selector('.js-gitlab-version-check')
end
end
end