kotovalexarian-likes-gitlab/gitlab-org--gitlab-foss
1
0
Fork 0
Code Releases Activity

Add latest changes from gitlab-org/gitlab@master

Browse source
This commit is contained in:
GitLab Bot 2021-08-03 15:10:03 +00:00
parent 6b3944a901
commit f397d486bc
35 changed files with 303 additions and 155 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
.gitlab/CODEOWNERS
View file

@ -145,7 +145,7 @@
/doc/api/experiments.md @kpaizee
/doc/development/experiment_guide/ @kpaizee
/doc/development/snowplow/ @kpaizee
/doc/development/usage_ping/ @kpaizee
/doc/development/service_ping/ @kpaizee
/doc/user/admin_area/license.md @kpaizee
[Frontend]

12
app/assets/javascripts/repository/mutations/lock_path.mutation.graphql Normal file
View file

@ -0,0 +1,12 @@
mutation toggleLock($projectPath: ID!, $filePath: String!, $lock: Boolean!) {
projectSetLocked(input: { projectPath: $projectPath, filePath: $filePath, lock: $lock }) {
project {
pathLocks {
nodes {
path
}
}
}
errors
}
}

2
app/models/user.rb
View file

@ -1013,6 +1013,8 @@ class User < ApplicationRecord
# Returns a relation of groups the user has access to, including their parent
# and child groups (recursively).
def all_expanded_groups
return groups if groups.empty?
Gitlab::ObjectHierarchy.new(groups).all_objects
end

1
app/serializers/ci/pipeline_entity.rb
View file

@ -7,6 +7,7 @@ class Ci::PipelineEntity < Grape::Entity
delegate :name, :failure_reason, to: :presented_pipeline
expose :id
expose :iid
expose :user, using: UserEntity
expose :active?, as: :active

108
app/services/projects/update_pages_service.rb
View file

@ -37,14 +37,13 @@ module Projects
job.run!
end
raise InvalidStateError, 'missing pages artifacts' unless build.artifacts?
raise InvalidStateError, 'build SHA is outdated for this ref' unless latest?
validate_state!
validate_max_size!
validate_max_entries!
build.artifacts_file.use_file do |artifacts_path|
deploy_to_legacy_storage(artifacts_path)
create_pages_deployment(artifacts_path, build)
success
end
rescue InvalidStateError => e
@ -92,8 +91,10 @@ module Projects
# Check if we did extract public directory
archive_public_path = File.join(tmp_path, PUBLIC_DIR)
raise InvalidStateError, 'pages miss the public folder' unless Dir.exist?(archive_public_path)
raise InvalidStateError, 'build SHA is outdated for this ref' unless latest?
validate_outdated_sha!
deploy_page!(archive_public_path)
end
@ -108,15 +109,6 @@ module Projects
end
def extract_zip_archive!(artifacts_path, temp_path)
raise InvalidStateError, 'missing artifacts metadata' unless build.artifacts_metadata?
# Calculate page size after extract
public_entry = build.artifacts_metadata_entry(PUBLIC_DIR + '/', recursive: true)
if public_entry.total_size > max_size
raise InvalidStateError, "artifacts for pages are too large: #{public_entry.total_size}"
end
SafeZip::Extract.new(artifacts_path)
.extract(directories: [PUBLIC_DIR], to: temp_path)
rescue SafeZip::Extract::Error => e
@ -151,10 +143,6 @@ module Projects
end
def create_pages_deployment(artifacts_path, build)
# we're using the full archive and pages daemon needs to read it
# so we want the total count from entries, not only "public/" directory
# because it better approximates work we need to do before we can serve the site
entries_count = build.artifacts_metadata_entry("", recursive: true).entries.count
sha256 = build.job_artifacts_archive.file_sha256
deployment = nil
@ -163,7 +151,7 @@ module Projects
file_count: entries_count,
file_sha256: sha256)
raise InvalidStateError, 'build SHA is outdated for this ref' unless latest?
validate_outdated_sha!
project.update_pages_deployment!(deployment)
end
@ -175,29 +163,6 @@ module Projects
)
end
def latest?
# check if sha for the ref is still the most recent one
# this helps in case when multiple deployments happens
sha == latest_sha
end
def blocks
# Calculate dd parameters: we limit the size of pages
1 + max_size / BLOCK_SIZE
end
def max_size_from_settings
Gitlab::CurrentSettings.max_pages_size.megabytes
end
def max_size
max_pages_size = max_size_from_settings
return ::Gitlab::Pages::MAX_SIZE if max_pages_size == 0
max_pages_size
end
def tmp_path
@tmp_path ||= File.join(::Settings.pages.path, TMP_EXTRACT_PATH)
end
@ -262,6 +227,65 @@ module Projects
def tmp_dir_prefix
"project-#{project.id}-build-#{build.id}-"
end
def validate_state!
raise InvalidStateError, 'missing pages artifacts' unless build.artifacts?
raise InvalidStateError, 'missing artifacts metadata' unless build.artifacts_metadata?
validate_outdated_sha!
end
def validate_outdated_sha!
raise InvalidStateError, 'build SHA is outdated for this ref' unless latest?
end
def latest?
# check if sha for the ref is still the most recent one
# this helps in case when multiple deployments happens
sha == latest_sha
end
def validate_max_size!
if total_size > max_size
raise InvalidStateError, "artifacts for pages are too large: #{total_size}"
end
end
# Calculate page size after extract
def total_size
@total_size ||= build.artifacts_metadata_entry(PUBLIC_DIR + '/', recursive: true).total_size
end
def max_size_from_settings
Gitlab::CurrentSettings.max_pages_size.megabytes
end
def max_size
max_pages_size = max_size_from_settings
return ::Gitlab::Pages::MAX_SIZE if max_pages_size == 0
max_pages_size
end
def validate_max_entries!
if pages_file_entries_limit > 0 && entries_count > pages_file_entries_limit
raise InvalidStateError, "pages site contains #{entries_count} file entries, while limit is set to #{pages_file_entries_limit}"
end
end
def entries_count
# we're using the full archive and pages daemon needs to read it
# so we want the total count from entries, not only "public/" directory
# because it better approximates work we need to do before we can serve the site
@entries_count = build.artifacts_metadata_entry("", recursive: true).entries.count
end
def pages_file_entries_limit
return 0 unless Feature.enabled?(:pages_limit_entries_count, project, default_enabled: :yaml)
project.actual_limits.pages_file_entries
end
end
end

54
app/views/admin/application_settings/_pages.html.haml
View file

@ -2,43 +2,49 @@
= form_errors(@application_setting)
%fieldset
.form-group
= f.label :max_pages_size, _('Maximum size of pages (MB)'), class: 'label-bold'
= f.number_field :max_pages_size, class: 'form-control gl-form-input'
.form-text.text-muted
= _("0 for unlimited")
.form-group
.form-check
= f.check_box :pages_domain_verification_enabled, class: 'form-check-input'
= f.label :pages_domain_verification_enabled, class: 'form-check-label' do
= _("Require users to prove ownership of custom domains")
= s_("AdminSettings|Require users to prove ownership of custom domains")
.form-text.text-muted
= _("Domain verification is an essential security measure for public GitLab sites. Users are required to demonstrate they control a domain before it is enabled")
= link_to sprite_icon('question-o'), help_page_path('user/project/pages/custom_domains_ssl_tls_certification/index.md', anchor: '4-verify-the-domains-ownership')
- pages_link_url = help_page_path('administration/pages/index', anchor: 'custom-domain-verification')
- pages_link_start = '<a href="%{url}" target="_blank" rel="noopener noreferrer">'.html_safe % { url: pages_link_url }
= s_('AdminSettings|Domain verification is an essential security measure for public GitLab sites. Users are required to demonstrate they control a domain before it is enabled. %{link_start}Learn more.%{link_end}').html_safe % { link_start: pages_link_start, link_end: '</a>'.html_safe }
- if Gitlab.config.pages.access_control
.form-group
.form-check
= f.check_box :force_pages_access_control, class: 'form-check-input'
= f.label :force_pages_access_control, class: 'form-check-label' do
= _("Disable public access to Pages sites")
= s_("AdminSettings|Disable public access to Pages sites")
.form-text.text-muted
= _("Access to Pages websites are controlled based on the user's membership to a given project. By checking this box, users will be required to be logged in to have access to all Pages websites in your instance.")
= link_to sprite_icon('question-o'), help_page_path('administration/pages/index.md', anchor: 'disabling-public-access-to-all-pages-websites')
- pages_link_url = help_page_path('administration/pages/index', anchor: 'disable-public-access-to-all-pages-sites')
- pages_link_start = '<a href="%{url}" target="_blank" rel="noopener noreferrer">'.html_safe % { url: pages_link_url }
= s_("AdminSettings|Select to disable public access for Pages sites, which requires users to sign in for access to the Pages sites in your instance. %{link_start}Learn more.%{link_end}").html_safe % { link_start: pages_link_start, link_end: '</a>'.html_safe }
.form-group
= f.label :max_pages_size, _('Maximum size of pages (MB)'), class: 'label-bold'
= f.number_field :max_pages_size, class: 'form-control gl-form-input'
.form-text.text-muted
- pages_link_url = help_page_path('administration/pages/index', anchor: 'set-global-maximum-pages-size-per-project')
- pages_link_start = '<a href="%{url}" target="_blank" rel="noopener noreferrer">'.html_safe % { url: pages_link_url }
= s_('AdminSettings|Set the maximum size of GitLab Pages per project (0 for unlimited). %{link_start}Learn more.%{link_end}').html_safe % { link_start: pages_link_start, link_end: '</a>'.html_safe }
%h5
= _("Configure Let's Encrypt")
= s_("AdminSettings|Configure Let's Encrypt")
%p
- lets_encrypt_link_start = '<a href="%{url}" target="_blank" rel="noopener noreferrer">'.html_safe % { url: "https://letsencrypt.org/" }
= _("%{lets_encrypt_link_start}Let's Encrypt%{lets_encrypt_link_end} is a free, automated, and open certificate authority (CA), that give digital certificates in order to enable HTTPS (SSL/TLS) for websites.").html_safe % { lets_encrypt_link_start: lets_encrypt_link_start, lets_encrypt_link_end: '</a>'.html_safe }
.form-group
= f.label :lets_encrypt_notification_email, _("Email"), class: 'label-bold'
= f.text_field :lets_encrypt_notification_email, class: 'form-control gl-form-input'
.form-text.text-muted
= _("A Let's Encrypt account will be configured for this GitLab installation using your email address. You will receive emails to warn of expiring certificates.")
.form-group
.form-check
= f.check_box :lets_encrypt_terms_of_service_accepted, class: 'form-check-input'
= f.label :lets_encrypt_terms_of_service_accepted, class: 'form-check-label' do
- terms_of_service_link_start = '<a href="%{url}" target="_blank" rel="noopener noreferrer">'.html_safe % { url: lets_encrypt_terms_of_service_admin_application_settings_path }
= _("I have read and agree to the Let's Encrypt %{link_start}Terms of Service%{link_end} (PDF)").html_safe % { link_start: terms_of_service_link_start, link_end: '</a>'.html_safe }
= _("%{lets_encrypt_link_start}Let's Encrypt%{lets_encrypt_link_end} is a free, automated, and open certificate authority (CA) that issues digital certificates to enable HTTPS (SSL/TLS) for sites.").html_safe % { lets_encrypt_link_start: lets_encrypt_link_start, lets_encrypt_link_end: '</a>'.html_safe }
.form-group
= f.label :lets_encrypt_notification_email, s_("AdminSettings|Let's Encrypt email"), class: 'label-bold'
= f.text_field :lets_encrypt_notification_email, class: 'form-control gl-form-input'
.form-text.text-muted
- pages_link_url = help_page_path('administration/pages/index', anchor: 'lets-encrypt-integration')
- pages_link_start = '<a href="%{url}" target="_blank" rel="noopener noreferrer">'.html_safe % { url: pages_link_url }
= s_("AdminSettings|A Let's Encrypt account will be configured for this GitLab instance using this email address. You will receive emails to warn of expiring certificates. %{link_start}Learn more.%{link_end}").html_safe % { link_start: pages_link_start, link_end: '</a>'.html_safe }
.form-group
.form-check
= f.check_box :lets_encrypt_terms_of_service_accepted, class: 'form-check-input'
= f.label :lets_encrypt_terms_of_service_accepted, class: 'form-check-label' do
- terms_of_service_link_start = '<a href="%{url}" target="_blank" rel="noopener noreferrer">'.html_safe % { url: lets_encrypt_terms_of_service_admin_application_settings_path }
= s_("AdminSettings|I have read and agree to the Let's Encrypt %{link_start}Terms of Service%{link_end} (PDF).").html_safe % { link_start: terms_of_service_link_start, link_end: '</a>'.html_safe }
= f.submit _('Save changes'), class: "gl-button btn btn-confirm"

2
app/views/admin/application_settings/preferences.html.haml
View file

@ -43,7 +43,7 @@
%button.btn.gl-button.btn-default.js-settings-toggle{ type: 'button' }
= expanded_by_default? ? _('Collapse') : _('Expand')
%p
= _('Size and domain settings for static websites')
= s_('AdminSettings|Size and domain settings for Pages static sites.')
.settings-content
= render 'pages'

4
app/views/projects/mirrors/_mirror_repos_push.html.haml
View file

@ -11,5 +11,5 @@
= check_box_tag :keep_divergent_refs, '1', false, class: 'js-mirror-keep-divergent-refs form-check-input'
= label_tag :keep_divergent_refs, _('Keep divergent refs'), class: 'form-check-label'
.form-text.text-muted
= _('By default, if any ref (branch, tag, or commit) on the remote mirror has diverged from the local repository, the entire push will fail, and nothing will be updated. Choose this option to override this behavior. After the mirror is created, this can only be modified via the API.')
= link_to _('Learn more.'), help_page_path('user/project/repository/repository_mirroring', anchor: 'keep-divergent-refs'), target: '_blank', rel: 'noopener noreferrer'
- link_opening_tag = '<a href="%{url}" target="_blank" rel="noopener noreferrer">'.html_safe
= html_escape(_('Do not force push over diverged refs. After the mirror is created, this setting can only be modified using the API. %{mirroring_docs_link_start}Learn more about this option%{link_closing_tag} and %{mirroring_api_docs_link_start}the API.%{link_closing_tag}')) % { mirroring_docs_link_start: link_opening_tag % {url: help_page_path('user/project/repository/repository_mirroring', anchor: 'keep-divergent-refs')}, mirroring_api_docs_link_start: link_opening_tag % {url: help_page_path('api/remote_mirrors')}, link_closing_tag: '</a>'.html_safe }

2
bin/secpick
View file

@ -39,7 +39,7 @@ module Secpick
["git fetch #{@options[:remote]} #{stable_branch}",
"git checkout -B #{source_branch} #{@options[:remote]}/#{stable_branch} --no-track",
"git cherry-pick #{@options[:sha]}",
"git push #{@options[:remote]} #{source_branch}",
"git push #{@options[:remote]} #{source_branch} --no-verify",
"git checkout #{@options[:branch]}"]
end

3
config/feature_categories.yml
View file

@ -9,7 +9,6 @@
---
- accessibility_testing
- advanced_deployments
- api
- attack_emulation
- audit_events
- audit_reports
@ -65,14 +64,12 @@
- infrastructure
- infrastructure_as_code
- insider_threat
- insights
- integrations
- intel_code_security
- interactive_application_security_testing
- internationalization
- issue_tracking
- jenkins_importer
- jira_importer
- kubernetes_management
- license
- license_compliance

8
config/feature_flags/development/pages_limit_entries_count.yml Normal file
View file

@ -0,0 +1,8 @@
---
name: pages_limit_entries_count
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/64925/diffs
rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/334765
milestone: '14.1'
type: development
group: group::release
default_enabled: false

7
db/migrate/20210611082822_add_pages_file_entries_to_plan_limits.rb Normal file
View file

@ -0,0 +1,7 @@
# frozen_string_literal: true
class AddPagesFileEntriesToPlanLimits < ActiveRecord::Migration[6.1]
def change
add_column(:plan_limits, :pages_file_entries, :integer, default: 200_000, null: false)
end
end

1
db/schema_migrations/20210611082822 Normal file
View file

@ -0,0 +1 @@
28b31b6e8aba1b8feec2b9a29b5f91f7145431be5d8b9875bddb8183f89700f7

3
db/structure.sql
View file

@ -16505,7 +16505,8 @@ CREATE TABLE plan_limits (
ci_daily_pipeline_schedule_triggers integer DEFAULT 0 NOT NULL,
ci_max_artifact_size_running_container_scanning integer DEFAULT 0 NOT NULL,
ci_max_artifact_size_cluster_image_scanning integer DEFAULT 0 NOT NULL,
ci_jobs_trace_size_limit integer DEFAULT 100 NOT NULL
ci_jobs_trace_size_limit integer DEFAULT 100 NOT NULL,
pages_file_entries integer DEFAULT 200000 NOT NULL
);
CREATE SEQUENCE plan_limits_id_seq

15
doc/administration/instance_limits.md
View file

@ -457,6 +457,21 @@ installation, run the following in the [GitLab Rails console](operations/rails_c
Plan.default.actual_limits.update!(ci_max_artifact_size_junit: 10)
```
### Number of files per GitLab Pages web-site
The total number of file entries (including directories and symlinks) is limited to `100000` per
GitLab Pages website.
This is the default limit for all [GitLab self-managed and SaaS plans](https://about.gitlab.com/pricing/).
You can update the limit in your self-managed instance using the
[GitLab Rails console](operations/rails_console.md#starting-a-rails-console-session).
For example, to change the limit to `100`:
```ruby
Plan.default.actual_limits.update!(pages_file_entries: 100)
```
### Number of registered runners per scope
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/321368) in GitLab 13.12.

BIN
doc/administration/pages/img/lets_encrypt_integration_v12_1.png
View file

Binary file not shown.
Side by side

Before

Width:  |  Height:  |  Size: 32 KiB

19
doc/administration/pages/index.md
View file

@ -407,17 +407,15 @@ verification requirement:
allows users to add Let's Encrypt SSL certificates for GitLab Pages
sites served under a custom domain.
To enable it, you must:
To enable it:
1. Choose an email address on which you want to receive notifications about expiring domains.
1. On the top bar, select **Menu >** **{admin}** **Admin**.
1. On the left sidebar, select **Settings > Preferences**.
1. Expand **Pages**.
1. Enter the email address for receiving notifications and accept Let's Encrypt's Terms of Service as shown below.
1. Enter the email address for receiving notifications and accept Let's Encrypt's Terms of Service.
1. Select **Save changes**.
![Let's Encrypt settings](img/lets_encrypt_integration_v12_1.png)
### Access control
> [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/33422) in GitLab 11.5.
@ -466,6 +464,7 @@ The scope to use for authentication must match the GitLab Pages OAuth applicatio
pre-existing applications must modify the GitLab Pages OAuth application. Follow these steps to do
this:
1. Enable [access control](#access-control).
1. On the top bar, select **Menu >** **{admin}** **Admin**.
1. On the left sidebar, select **Settings > Applications**.
1. Expand **GitLab Pages**.
@ -473,7 +472,7 @@ this:
`read_api`).
1. Select **Save changes**.
#### Disabling public access to all Pages websites
#### Disable public access to all Pages sites
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/32095) in GitLab 12.7.
@ -662,6 +661,16 @@ Follow the steps below to configure the proxy listener of GitLab Pages.
1. [Reconfigure GitLab](../restart_gitlab.md#omnibus-gitlab-reconfigure).
## Set global maximum pages size per project **(FREE SELF)**
To set the global maximum pages size for a project:
1. On the top bar, select **Menu >** **{admin}** **Admin**.
1. On the left sidebar, select **Settings > Preferences**.
1. Expand **Pages**.
1. Edit the **Maximum size of pages**.
1. Select **Save changes**.
## Override maximum pages size per project or group **(PREMIUM SELF)**
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/16610) in GitLab 12.7.

12
doc/api/discussions.md
View file

@ -1214,13 +1214,13 @@ Parameters:
| Attribute | Type | Required | Description |
| ------------------------- | -------------- | -------- | ----------- |
| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) |
| `commit_id` | integer | yes | The ID of a commit |
| `commit_id` | string | yes | The SHA of a commit |
| `body` | string | yes | The content of the thread |
| `created_at` | string | no | Date time string, ISO 8601 formatted, such as `2016-03-11T03:45:40Z` (requires administrator or project/group owner rights) |
| `position` | hash | no | Position when creating a diff note |
| `position[base_sha]` | string | yes | Base commit SHA in the source branch |
| `position[start_sha]` | string | yes | SHA referencing commit in target branch |
| `position[head_sha]` | string | yes | SHA referencing HEAD of this commit |
| `position[base_sha]` | string | yes | SHA of the parent commit|
| `position[start_sha]` | string | yes | SHA of the parent commit |
| `position[head_sha]` | string | yes | The SHA of this commit (same as `commit_id`) |
| `position[position_type]` | string | yes | Type of the position reference', allowed values: `text` or `image` |
| `position[new_path]` | string | no | File path after change |
| `position[new_line]` | integer | no | Line number after change |
@ -1235,6 +1235,10 @@ Parameters:
curl --request POST --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/5/commits/11/discussions?body=comment"
```
The rules for creating the API request are the same as when
[creating a new thread in the merge request diff](#create-a-new-thread-in-the-merge-request-diff),
with the exception of `base_sha`, `start_sha`, and `head_sha` attributes.
### Add note to existing commit thread
Adds a new note to the thread.

6
doc/api/pipelines.md
View file

@ -52,6 +52,7 @@ Example of response
[
{
"id": 47,
"iid": 12,
"project_id": 1,
"status": "pending",
"ref": "new-pipeline",
@ -62,6 +63,7 @@ Example of response
},
{
"id": 48,
"iid": 13,
"project_id": 1,
"status": "pending",
"ref": "new-pipeline",
@ -93,6 +95,7 @@ Example of response
```json
{
"id": 46,
"iid": 11,
"project_id": 1,
"status": "success",
"ref": "main",
@ -281,6 +284,7 @@ Example of response
```json
{
"id": 61,
"iid": 21,
"project_id": 1,
"sha": "384c444e840a515b23f21915ee5766b87068a70d",
"ref": "main",
@ -328,6 +332,7 @@ Response:
```json
{
"id": 46,
"iid": 11,
"project_id": 1,
"status": "pending",
"ref": "main",
@ -375,6 +380,7 @@ Response:
```json
{
"id": 46,
"iid": 11,
"project_id": 1,
"status": "canceled",
"ref": "main",

12
doc/user/project/releases/index.md
View file

@ -612,6 +612,18 @@ These metrics include:
- Total number of releases in the group
- Percentage of projects in the group that have at least one release
## Working example project
The Guided Exploration project [Utterly Automated Software and Artifact Versioning with GitVersion](https://gitlab.com/guided-explorations/devops-patterns/utterly-automated-versioning) demonstrates:
- Using GitLab releases.
- Using the GitLab `release-cli`.
- Creating a generic package.
- Linking the package to the release.
- Using a tool called [GitVersion](https://gitversion.net/) to automatically determine and increment versions for complex repositories.
You can copy the example project to your own group or instance for testing. More details on what other GitLab CI patterns are demonstrated are available at the project page.
## Troubleshooting
### Getting `403 Forbidden` or `Something went wrong while creating a new release` errors when creating, updating or deleting releases and their assets

17
doc/user/project/repository/repository_mirroring.md
View file

@ -92,19 +92,18 @@ You can also create and modify project push mirrors through the
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/208828) in GitLab 13.0.
By default, if any ref on the remote mirror has diverged from the local
repository, the *entire push* fails, and no updates occur.
By default, if any ref (branch or tag) on the remote mirror has diverged from the local repository, the local differences are forced to the remote.
For example, if a repository has `main`, `develop`, and `stable` branches that
For example, if a repository has `main` and `develop` branches that
have been mirrored to a remote, and then a new commit is added to `develop` on
the mirror, the next push attempt fails, leaving `main` and `stable`
out-of-date despite not having diverged. No change on any branch can be mirrored
until the divergence is resolved.
the remote mirror. The next push updates all of the references on the remote mirror to match
the local repository, and the new commit added to the remote `develop` branch is lost.
With the **Keep divergent refs** option enabled, the `develop` branch is
skipped, allowing `main` and `stable` to be updated. The mirror status
reflects that `develop` has diverged and was skipped, and be marked as a failed
update.
skipped, causing only `main` to be updated. The mirror status
reflects that `develop` has diverged and was skipped, and be marked as a
failed update. Refs that exist in the mirror repository but not in the local
repository are left untouched.
NOTE:
After the mirror is created, this option can only be modified via the [API](../../../api/remote_mirrors.md).

2
lib/feature.rb
View file

@ -56,7 +56,7 @@ class Feature
# use `default_enabled: true` to default the flag to being `enabled`
# unless set explicitly. The default is `disabled`
# TODO: remove the `default_enabled:` and read it from the `defintion_yaml`
# TODO: remove the `default_enabled:` and read it from the `definition_yaml`
# check: https://gitlab.com/gitlab-org/gitlab/-/issues/30228
def enabled?(key, thing = nil, type: :development, default_enabled: false)
if check_feature_flags_definition?

10
lib/gitlab/markdown_cache.rb
View file

@ -2,10 +2,14 @@
module Gitlab
module MarkdownCache
# Increment this number every time the renderer changes its output.
# Increment this number to invalidate cached HTML from Markdown documents.
# Even when reverting an MR, we should increment this because we only
# persist the cache when the new version is higher.
#
# Changing this value puts strain on the database, as every row with
# cached markdown needs to be updated. As a result, this line should
# not be changed.
# cached markdown needs to be updated. As a result, avoid changing
# this if the change to the renderer output is a new feature or a
# minor bug fix.
# See: https://gitlab.com/gitlab-org/gitlab/-/issues/330313
CACHE_COMMONMARK_VERSION = 28
CACHE_COMMONMARK_VERSION_START = 10

1
lib/gitlab/markdown_cache/active_record/extension.rb
View file

@ -39,6 +39,7 @@ module Gitlab
def save_markdown(updates)
return unless persisted? && Gitlab::Database.read_write?
return if cached_markdown_version < cached_markdown_version_in_database
update_columns(updates)
end

65
locale/gitlab.pot
View file

@ -676,7 +676,7 @@ msgstr ""
msgid "%{label_for_message} unavailable"
msgstr ""
msgid "%{lets_encrypt_link_start}Let's Encrypt%{lets_encrypt_link_end} is a free, automated, and open certificate authority (CA), that give digital certificates in order to enable HTTPS (SSL/TLS) for websites."
msgid "%{lets_encrypt_link_start}Let's Encrypt%{lets_encrypt_link_end} is a free, automated, and open certificate authority (CA) that issues digital certificates to enable HTTPS (SSL/TLS) for sites."
msgstr ""
msgid "%{level_name} is not allowed in a %{group_level_name} group."
@ -1191,9 +1191,6 @@ msgstr ""
msgid "0 bytes"
msgstr ""
msgid "0 for unlimited"
msgstr ""
msgid "0 for unlimited, only effective with remote storage enabled."
msgstr ""
@ -1402,9 +1399,6 @@ msgstr ""
msgid "A Let's Encrypt SSL certificate can not be obtained until your domain is verified."
msgstr ""
msgid "A Let's Encrypt account will be configured for this GitLab installation using your email address. You will receive emails to warn of expiring certificates."
msgstr ""
msgid "A Metrics Dashboard menu item appears in the Monitoring section of the Admin Area."
msgstr ""
@ -1726,9 +1720,6 @@ msgstr ""
msgid "Access to '%{classification_label}' not allowed"
msgstr ""
msgid "Access to Pages websites are controlled based on the user's membership to a given project. By checking this box, users will be required to be logged in to have access to all Pages websites in your instance."
msgstr ""
msgid "AccessDropdown|Deploy Keys"
msgstr ""
@ -2365,27 +2356,45 @@ msgstr ""
msgid "AdminProjects|Delete Project %{projectName}?"
msgstr ""
msgid "AdminSettings|A Let's Encrypt account will be configured for this GitLab instance using this email address. You will receive emails to warn of expiring certificates. %{link_start}Learn more.%{link_end}"
msgstr ""
msgid "AdminSettings|All new projects can use the instance's shared runners by default."
msgstr ""
msgid "AdminSettings|Auto DevOps domain"
msgstr ""
msgid "AdminSettings|Configure Let's Encrypt"
msgstr ""
msgid "AdminSettings|Disable feed token"
msgstr ""
msgid "AdminSettings|Disable public access to Pages sites"
msgstr ""
msgid "AdminSettings|Domain verification is an essential security measure for public GitLab sites. Users are required to demonstrate they control a domain before it is enabled. %{link_start}Learn more.%{link_end}"
msgstr ""
msgid "AdminSettings|Enable shared runners for new projects"
msgstr ""
msgid "AdminSettings|Feed token"
msgstr ""
msgid "AdminSettings|I have read and agree to the Let's Encrypt %{link_start}Terms of Service%{link_end} (PDF)."
msgstr ""
msgid "AdminSettings|If not specified at the group or instance level, the default is %{default_initial_branch_name}. Does not affect existing repositories."
msgstr ""
msgid "AdminSettings|Keep the latest artifacts for all jobs in the latest successful pipelines"
msgstr ""
msgid "AdminSettings|Let's Encrypt email"
msgstr ""
msgid "AdminSettings|Maximum duration of a session for Git operations when 2FA is enabled."
msgstr ""
@ -2398,6 +2407,9 @@ msgstr ""
msgid "AdminSettings|Protect CI/CD variables by default"
msgstr ""
msgid "AdminSettings|Require users to prove ownership of custom domains"
msgstr ""
msgid "AdminSettings|Required pipeline configuration"
msgstr ""
@ -2407,12 +2419,21 @@ msgstr ""
msgid "AdminSettings|Select a group to use as the source for instance-level project templates."
msgstr ""
msgid "AdminSettings|Select to disable public access for Pages sites, which requires users to sign in for access to the Pages sites in your instance. %{link_start}Learn more.%{link_end}"
msgstr ""
msgid "AdminSettings|Session duration for Git operations when 2FA is enabled (minutes)"
msgstr ""
msgid "AdminSettings|Set a CI/CD template as the required pipeline configuration for all projects in the instance. Project CI/CD configuration merges into the required pipeline configuration when the pipeline runs. %{link_start}What is a required pipeline configuration?%{link_end}"
msgstr ""
msgid "AdminSettings|Set the maximum size of GitLab Pages per project (0 for unlimited). %{link_start}Learn more.%{link_end}"
msgstr ""
msgid "AdminSettings|Size and domain settings for Pages static sites."
msgstr ""
msgid "AdminSettings|The default domain to use for Auto Review Apps and Auto Deploy stages in all projects."
msgstr ""
@ -5832,9 +5853,6 @@ msgstr ""
msgid "By default, all projects and groups will use the global notifications setting."
msgstr ""
msgid "By default, if any ref (branch, tag, or commit) on the remote mirror has diverged from the local repository, the entire push will fail, and nothing will be updated. Choose this option to override this behavior. After the mirror is created, this can only be modified via the API."
msgstr ""
msgid "ByAuthor|by"
msgstr ""
@ -8395,9 +8413,6 @@ msgstr ""
msgid "Configure Integrations"
msgstr ""
msgid "Configure Let's Encrypt"
msgstr ""
msgid "Configure Prometheus"
msgstr ""
@ -11559,9 +11574,6 @@ msgstr ""
msgid "Disable group runners"
msgstr ""
msgid "Disable public access to Pages sites"
msgstr ""
msgid "Disable two-factor authentication"
msgstr ""
@ -11705,6 +11717,9 @@ msgstr ""
msgid "Do not display offers from third parties"
msgstr ""
msgid "Do not force push over diverged refs. After the mirror is created, this setting can only be modified using the API. %{mirroring_docs_link_start}Learn more about this option%{link_closing_tag} and %{mirroring_api_docs_link_start}the API.%{link_closing_tag}"
msgstr ""
msgid "Do you want to remove this deploy key?"
msgstr ""
@ -11732,9 +11747,6 @@ msgstr ""
msgid "Domain cannot be deleted while associated to one or more clusters."
msgstr ""
msgid "Domain verification is an essential security measure for public GitLab sites. Users are required to demonstrate they control a domain before it is enabled"
msgstr ""
msgid "Domain was successfully created."
msgstr ""
@ -16455,9 +16467,6 @@ msgstr ""
msgid "I forgot my password"
msgstr ""
msgid "I have read and agree to the Let's Encrypt %{link_start}Terms of Service%{link_end} (PDF)"
msgstr ""
msgid "I want to explore GitLab to see if its worth switching to"
msgstr ""
@ -28074,9 +28083,6 @@ msgstr ""
msgid "Require user password for approvals."
msgstr ""
msgid "Require users to prove ownership of custom domains"
msgstr ""
msgid "Required approvals (%{approvals_given} given)"
msgstr ""
@ -30652,9 +30658,6 @@ msgstr ""
msgid "Size"
msgstr ""
msgid "Size and domain settings for static websites"
msgstr ""
msgid "Size limit per repository (MB)"
msgstr ""

4
package.json
View file

@ -57,9 +57,9 @@
"@babel/preset-env": "^7.10.1",
"@gitlab/at.js": "1.5.7",
"@gitlab/favicon-overlay": "2.0.0",
"@gitlab/svgs": "1.205.0",
"@gitlab/svgs": "1.207.0",
"@gitlab/tributejs": "1.0.0",
"@gitlab/ui": "31.6.0",
"@gitlab/ui": "31.6.1",
"@gitlab/visual-review-tools": "1.6.1",
"@rails/actioncable": "6.1.3-2",
"@rails/ujs": "6.1.3-2",

1
scripts/frontend/startup_css/constants.js
View file

@ -49,7 +49,6 @@ const createMainOutput = ({ outFile, cssKeys, type }) => ({
outFile,
htmlPaths: [
path.join(FIXTURES_ROOT, `startup_css/project-${type}.html`),
path.join(FIXTURES_ROOT, `startup_css/project-${type}-legacy-sidebar.html`),
path.join(FIXTURES_ROOT, `startup_css/project-${type}-signed-out.html`),
],
cssKeys,

2
spec/features/admin/admin_settings_spec.rb
View file

@ -634,7 +634,7 @@ RSpec.describe 'Admin updates settings' do
it "change Pages Let's Encrypt settings" do
visit preferences_admin_application_settings_path
page.within('.as-pages') do
fill_in 'Email', with: 'my@test.example.com'
fill_in "Let's Encrypt email", with: 'my@test.example.com'
check "I have read and agree to the Let's Encrypt Terms of Service"
click_button 'Save changes'
end

12
spec/frontend/fixtures/startup_css.rb
View file

@ -10,7 +10,6 @@ RSpec.describe 'Startup CSS fixtures', type: :controller do
render_views
before(:all) do
stub_feature_flags(sidebar_refactor: true)
clean_frontend_fixtures('startup_css/')
end
@ -31,17 +30,6 @@ RSpec.describe 'Startup CSS fixtures', type: :controller do
expect(response).to be_successful
end
it "startup_css/project-#{type}-legacy-sidebar.html" do
stub_feature_flags(sidebar_refactor: false)
get :show, params: {
namespace_id: project.namespace.to_param,
id: project
}
expect(response).to be_successful
end
it "startup_css/project-#{type}-signed-out.html" do
sign_out(user)

12
spec/lib/gitlab/markdown_cache/active_record/extension_spec.rb
View file

@ -216,4 +216,16 @@ RSpec.describe Gitlab::MarkdownCache::ActiveRecord::Extension do
end
end
end
context 'when persisted cache is newer than current version' do
before do
thing.update_column(:cached_markdown_version, thing.cached_markdown_version + 1)
end
it 'does not save the generated HTML' do
expect(thing).not_to receive(:update_columns)
thing.refresh_markdown_cache!
end
end
end

16
spec/models/user_spec.rb
View file

@ -4039,6 +4039,14 @@ RSpec.describe User do
]
end
end
context 'when the user is not saved' do
let(:user) { build(:user) }
it 'returns empty when there are no groups or ancestor groups for the user' do
is_expected.to eq([])
end
end
end
describe '#refresh_authorized_projects', :clean_gitlab_redis_shared_state do
@ -4300,6 +4308,14 @@ RSpec.describe User do
expect(user.two_factor_grace_period).to be 48
end
end
context 'when the user is not saved' do
let(:user) { build(:user) }
it 'does not raise an ActiveRecord::StatementInvalid statement exception' do
expect { user.update_two_factor_requirement }.not_to raise_error
end
end
end
describe '#source_groups_of_two_factor_authentication_requirement' do

2
spec/serializers/ci/pipeline_entity_spec.rb
View file

@ -18,7 +18,7 @@ RSpec.describe Ci::PipelineEntity do
let(:pipeline) { create(:ci_empty_pipeline) }
it 'contains required fields' do
expect(subject).to include :id, :user, :path, :coverage, :source
expect(subject).to include :id, :iid, :user, :path, :coverage, :source
expect(subject).to include :ref, :commit
expect(subject).to include :updated_at, :created_at
end

23
spec/services/projects/update_pages_service_spec.rb
View file

@ -158,6 +158,21 @@ RSpec.describe Projects::UpdatePagesService do
expect(execute).not_to eq(:success)
end
it 'limits pages file count' do
create(:plan_limits, :default_plan, pages_file_entries: 2)
expect(execute).not_to eq(:success)
expect(GenericCommitStatus.last.description).to eq("pages site contains 3 file entries, while limit is set to 2")
end
it 'does not limit pages file count if feature is disabled' do
stub_feature_flags(pages_limit_entries_count: false)
create(:plan_limits, :default_plan, pages_file_entries: 2)
expect(execute).to eq(:success)
end
it 'removes pages after destroy' do
expect(PagesWorker).to receive(:perform_in)
expect(project.pages_deployed?).to be_falsey
@ -339,9 +354,15 @@ RSpec.describe Projects::UpdatePagesService do
create(:ci_job_artifact, :archive, file: file, job: build)
create(:ci_job_artifact, :metadata, file: metafile, job: build)
allow(build).to receive(:artifacts_metadata_entry)
allow(build).to receive(:artifacts_metadata_entry).with('public/', recursive: true)
.and_return(metadata)
allow(metadata).to receive(:total_size).and_return(100)
# to pass entries count check
root_metadata = double('root metadata')
allow(build).to receive(:artifacts_metadata_entry).with('', recursive: true)
.and_return(root_metadata)
allow(root_metadata).to receive_message_chain(:entries, :count).and_return(10)
end
it 'raises an error' do

2
spec/support/shared_examples/features/packages_shared_examples.rb
View file

@ -100,7 +100,7 @@ def click_sort_option(option, ascending)
# Reset the sort direction
click_button 'Sort direction' if page.has_selector?('svg[aria-label="Sorting Direction: Ascending"]', wait: 0)
find('button.dropdown-menu-toggle').click
find('button.gl-dropdown-toggle').click
page.within('.dropdown-menu') do
click_button option

16
yarn.lock
View file

@ -898,20 +898,20 @@
stylelint-declaration-strict-value "1.7.7"
stylelint-scss "3.18.0"
"@gitlab/svgs@1.205.0":
version "1.205.0"
resolved "https://registry.yarnpkg.com/@gitlab/svgs/-/svgs-1.205.0.tgz#f8c084b6ef6a5f7eec676710f2c873992ebc2c83"
integrity sha512-cO9uqVCKE8O5ABlCd0m4W9EQrKwQyc536sF9KjwoLAxbqel8mlIo0C3HVIb367NuOpS2IWZdjN7GlNhulwffVA==
"@gitlab/svgs@1.207.0":
version "1.207.0"
resolved "https://registry.yarnpkg.com/@gitlab/svgs/-/svgs-1.207.0.tgz#39a1ff30b79a7c1134bcdc086a96e01988b89034"
integrity sha512-1JTuocHt1xk3fAP/C7xV79EJNtHmnoIAs+39eY3aidrgTo3hK8XkyANNBAmVooY0RdfUhK3juHfmj7i/C1ps0g==
"@gitlab/tributejs@1.0.0":
version "1.0.0"
resolved "https://registry.yarnpkg.com/@gitlab/tributejs/-/tributejs-1.0.0.tgz#672befa222aeffc83e7d799b0500a7a4418e59b8"
integrity sha512-nmKw1+hB6MHvlmPz63yPwVs1qQkycHwsKgxpEbzmky16Y6mL4EJMk3w1b8QlOAF/AIAzjCERPhe/R4MJiohbZw==
"@gitlab/ui@31.6.0":
version "31.6.0"
resolved "https://registry.yarnpkg.com/@gitlab/ui/-/ui-31.6.0.tgz#70aeb2b497aea15ea0a0a223b7332bc608587ff1"
integrity sha512-HABk7zwF7h5jaNaRiGKnWEkuQiPIm/bDRUzAtV3d/E/OgIzAU9S/fX3SHOrbj44g4Kq3mXifa4omMhEORx+mQg==
"@gitlab/ui@31.6.1":
version "31.6.1"
resolved "https://registry.yarnpkg.com/@gitlab/ui/-/ui-31.6.1.tgz#32acb2c9b6ded53077d703c071774c262db4c48b"
integrity sha512-x3851iL9N4qIIKqjVquFPuFk4IcrJwMVGCe2iVrCDfOckbHSnvKrR1QYO+wgx/OpLt818hD7BcMXd4R+p1Cz4Q==
dependencies:
"@babel/standalone" "^7.0.0"
bootstrap-vue "2.18.1"