Add latest changes from gitlab-org/gitlab@master

app/controllers/profiles/personal_access_tokens_controller.rb

@@ -14,6 +14,13 @@ class Profiles::PersonalAccessTokensController < Profiles::ApplicationController
       name: params[:name],
       scopes: scopes
     )
+
+    respond_to do |format|
+      format.html
+      format.json do
+        render json: @active_personal_access_tokens
+      end
+    end
   end
 
   def create
@@ -56,6 +63,28 @@ class Profiles::PersonalAccessTokensController < Profiles::ApplicationController
 
   def active_personal_access_tokens
     tokens = finder(state: 'active', sort: 'expires_at_asc').execute
+
+    if Feature.enabled?('access_token_pagination')
+      tokens = tokens.page(page)
+      add_pagination_headers(tokens)
+    end
+
     ::API::Entities::PersonalAccessTokenWithDetails.represent(tokens)
   end
+
+  def add_pagination_headers(relation)
+    Gitlab::Pagination::OffsetHeaderBuilder.new(
+      request_context: self,
+      per_page: relation.limit_value,
+      page: relation.current_page,
+      next_page: relation.next_page,
+      prev_page: relation.prev_page,
+      total: relation.total_count,
+      params: params.permit(:page)
+    ).execute
+  end
+
+  def page
+    (params[:page] || 1).to_i
+  end
 end

app/helpers/application_settings_helper.rb

@@ -238,6 +238,8 @@ module ApplicationSettingsHelper
       :email_author_in_body,
       :enabled_git_access_protocol,
       :enforce_terms,
+      :error_tracking_enabled,
+      :error_tracking_api_url,
       :external_pipeline_validation_service_timeout,
       :external_pipeline_validation_service_token,
       :external_pipeline_validation_service_url,

app/models/application_setting.rb

@@ -594,6 +594,14 @@ class ApplicationSetting < ApplicationRecord
     presence: true, length: { maximum: 255 },
     if: :sentry_enabled?
 
+  validates :error_tracking_enabled,
+    inclusion: { in: [true, false], message: _('must be a boolean value') }
+  validates :error_tracking_api_url,
+    presence: true,
+    addressable_url: true,
+    length: { maximum: 255 },
+    if: :error_tracking_enabled?
+
   validates :users_get_by_id_limit,
     numericality: { only_integer: true, greater_than_or_equal_to: 0 }
   validates :users_get_by_id_limit_allowlist,

app/views/admin/application_settings/_error_tracking.html.haml

@@ -0,0 +1,23 @@
+- expanded = integration_expanded?('error_tracking_')
+%section.settings.as-error-tracking.no-animate#js-error-tracking-settings{ class: ('expanded' if expanded) }
+  .settings-header
+    %h4
+      = _('GitLab Error Tracking')
+    = render Pajamas::ButtonComponent.new(button_options: { class: 'js-settings-toggle' }) do
+      = expanded ? _('Collapse') : _('Expand')
+    %p
+      = _('Allows projects to track errors using an Opstrace integration.').html_safe % { link: help_page_path('operations/error_tracking.md') }
+      = link_to _('Learn more.'), help_page_path('operations/error_tracking.md'), target: '_blank', rel: 'noopener noreferrer'
+  .settings-content
+    = gitlab_ui_form_for @application_setting, url: general_admin_application_settings_path(anchor: 'js-error-tracking-settings'), html: { class: 'fieldset-form', id: 'error-tracking-settings' } do |f|
+      = form_errors(@application_setting, pajamas_alert: true) if expanded
+
+      %fieldset
+        .form-group
+          = f.gitlab_ui_checkbox_component :error_tracking_enabled,
+          _('Enable GitLab Error Tracking')
+        .form-group
+          = f.label :error_tracking_api_url, _('Opstrace endpoint for Error Tracking integration'), class: 'label-light'
+          = f.text_field :error_tracking_api_url, class: 'form-control gl-form-input'
+
+      = f.submit _('Save changes'), class: 'gl-button btn btn-confirm'

app/views/admin/application_settings/_jira_connect_application_key.html.haml

@@ -12,7 +12,7 @@
 
   .settings-content
     = gitlab_ui_form_for @application_setting, url: general_admin_application_settings_path(anchor: 'js-jira-connect-application-id-settings'), html: { class: 'fieldset-form', id: 'jira-connect-application-id-settings' } do |f|
-      = form_errors(@application_setting)
+      = form_errors(@application_setting, pajamas_alert: true)
 
       %fieldset
         .form-group

app/views/admin/application_settings/general.html.haml

@@ -117,6 +117,7 @@
 = render_if_exists 'admin/application_settings/feishu_integration'
 = render 'admin/application_settings/third_party_offers'
 = render 'admin/application_settings/snowplow'
+= render 'admin/application_settings/error_tracking' if Feature.enabled?(:gitlab_error_tracking)
 = render 'admin/application_settings/eks'
 = render 'admin/application_settings/floc'
 = render_if_exists 'admin/application_settings/add_license'

app/views/notify/changed_milestone_email.html.haml

@@ -1,5 +1,5 @@
 %p
-  Milestone changed to
-  %strong= link_to(@milestone.name, @milestone_url)
+  - milestone_link = link_to(@milestone.name, @milestone_url)
+  = s_('Notify|Milestone changed to %{milestone}').html_safe % { milestone: content_tag(:strong, milestone_link).html_safe }
   - if date_range = milestone_date_range(@milestone)
     = "(#{date_range})"

app/views/profiles/two_factor_auths/show.html.haml

@@ -78,7 +78,7 @@
     .col-lg-8
       - registration = webauthn_enabled ? @webauthn_registration : @u2f_registration
       - if registration.errors.present?
-        = form_errors(registration)
+        = form_errors(registration, pajamas_alert: true)
       - if webauthn_enabled
         = render "authentication/register", target_path: create_webauthn_profile_two_factor_auth_path
       - else

config/feature_flags/development/access_token_pagination.yml

@@ -0,0 +1,8 @@
+---
+name: access_token_pagination
+introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/91372
+rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/366534
+milestone: '15.2'
+type: development
+group: group::authentication and authorization
+default_enabled: false

config/feature_flags/development/gitlab_error_tracking.yml

@@ -0,0 +1,8 @@
+---
+name: gitlab_error_tracking
+introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/91148
+rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/366382
+milestone: '15.2'
+type: development
+group: group::observability
+default_enabled: false

config/webpack.config.js

@@ -183,6 +183,7 @@ const alias = {
   test_fixtures: path.join(ROOT_PATH, 'tmp/tests/frontend/fixtures'),
   test_fixtures_static: path.join(ROOT_PATH, 'spec/frontend/fixtures/static'),
   test_helpers: path.join(ROOT_PATH, 'spec/frontend_integration/test_helpers'),
+  public: path.join(ROOT_PATH, 'public'),
 };
 
 if (IS_EE) {

db/docs/sbom_sources.yml

@@ -0,0 +1,11 @@
+---
+table_name: sbom_sources
+classes:
+- Sbom::Source
+feature_categories:
+- container_scanning
+- dependency_scanning
+- license_compliance
+description: Stores information about where an SBoM component originated from
+introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/90812
+milestone: '15.2'

db/migrate/20220616182016_create_sbom_sources.rb

@@ -0,0 +1,12 @@
+# frozen_string_literal: true
+
+class CreateSbomSources < Gitlab::Database::Migration[2.0]
+  def change
+    create_table :sbom_sources do |t|
+      t.timestamps_with_timezone
+      t.integer :source_type, null: false, limit: 2
+      t.jsonb :source, null: false, default: {}
+      t.binary :fingerprint, null: false
+    end
+  end
+end

db/migrate/20220627171538_add_error_tracking_settings.rb

@@ -0,0 +1,21 @@
+# frozen_string_literal: true
+
+# See https://docs.gitlab.com/ee/development/migration_style_guide.html
+# for more information on how to write migrations for GitLab.
+
+class AddErrorTrackingSettings < Gitlab::Database::Migration[2.0]
+  disable_ddl_transaction!
+
+  def up
+    add_column :application_settings, :error_tracking_enabled, :boolean,
+      default: false, null: false, if_not_exists: true
+
+    add_column :application_settings, :error_tracking_api_url, :text, if_not_exists: true
+    add_text_limit :application_settings, :error_tracking_api_url, 255
+  end
+
+  def down
+    remove_column :application_settings, :error_tracking_enabled, if_exists: true
+    remove_column :application_settings, :error_tracking_api_url, if_exists: true
+  end
+end

db/schema_migrations/20220616182016

@@ -0,0 +1 @@
+ebb53cf83d85c5b1b07e206e7190a3d17e37ec35f085e8e57e1245ba1a3acbf6

db/schema_migrations/20220627171538

@@ -0,0 +1 @@
+1f44130f3f8af92bfaa7de488da2f5f0804045afa6e2ac233d2660a7937a9e32

db/structure.sql

@@ -11329,6 +11329,8 @@ CREATE TABLE application_settings (
     encrypted_feishu_app_key_iv bytea,
     encrypted_feishu_app_secret bytea,
     encrypted_feishu_app_secret_iv bytea,
+    error_tracking_enabled boolean DEFAULT false NOT NULL,
+    error_tracking_api_url text,
     git_rate_limit_users_allowlist text[] DEFAULT '{}'::text[] NOT NULL,
     CONSTRAINT app_settings_container_reg_cleanup_tags_max_list_size_positive CHECK ((container_registry_cleanup_tags_service_max_list_size >= 0)),
     CONSTRAINT app_settings_container_registry_pre_import_tags_rate_positive CHECK ((container_registry_pre_import_tags_rate >= (0)::numeric)),
@@ -11346,6 +11348,7 @@ CREATE TABLE application_settings (
     CONSTRAINT check_3455368420 CHECK ((char_length(database_grafana_api_url) <= 255)),
     CONSTRAINT check_3559645ae5 CHECK ((char_length(container_registry_import_target_plan) <= 255)),
     CONSTRAINT check_3def0f1829 CHECK ((char_length(sentry_clientside_dsn) <= 255)),
+    CONSTRAINT check_492cc1354d CHECK ((char_length(error_tracking_api_url) <= 255)),
     CONSTRAINT check_4f8b811780 CHECK ((char_length(sentry_dsn) <= 255)),
     CONSTRAINT check_51700b31b5 CHECK ((char_length(default_branch_name) <= 255)),
     CONSTRAINT check_57123c9593 CHECK ((char_length(help_page_documentation_base_url) <= 255)),
@@ -20568,6 +20571,24 @@ CREATE SEQUENCE sbom_components_id_seq
 
 ALTER SEQUENCE sbom_components_id_seq OWNED BY sbom_components.id;
 
+CREATE TABLE sbom_sources (
+    id bigint NOT NULL,
+    created_at timestamp with time zone NOT NULL,
+    updated_at timestamp with time zone NOT NULL,
+    source_type smallint NOT NULL,
+    source jsonb DEFAULT '{}'::jsonb NOT NULL,
+    fingerprint bytea NOT NULL
+);
+
+CREATE SEQUENCE sbom_sources_id_seq
+    START WITH 1
+    INCREMENT BY 1
+    NO MINVALUE
+    NO MAXVALUE
+    CACHE 1;
+
+ALTER SEQUENCE sbom_sources_id_seq OWNED BY sbom_sources.id;
+
 CREATE TABLE schema_migrations (
     version character varying NOT NULL,
     finished_at timestamp with time zone DEFAULT now()
@@ -23474,6 +23495,8 @@ ALTER TABLE ONLY sbom_component_versions ALTER COLUMN id SET DEFAULT nextval('sb
 
 ALTER TABLE ONLY sbom_components ALTER COLUMN id SET DEFAULT nextval('sbom_components_id_seq'::regclass);
 
+ALTER TABLE ONLY sbom_sources ALTER COLUMN id SET DEFAULT nextval('sbom_sources_id_seq'::regclass);
+
 ALTER TABLE ONLY scim_identities ALTER COLUMN id SET DEFAULT nextval('scim_identities_id_seq'::regclass);
 
 ALTER TABLE ONLY scim_oauth_access_tokens ALTER COLUMN id SET DEFAULT nextval('scim_oauth_access_tokens_id_seq'::regclass);
@@ -25676,6 +25699,9 @@ ALTER TABLE ONLY sbom_component_versions
 ALTER TABLE ONLY sbom_components
     ADD CONSTRAINT sbom_components_pkey PRIMARY KEY (id);
 
+ALTER TABLE ONLY sbom_sources
+    ADD CONSTRAINT sbom_sources_pkey PRIMARY KEY (id);
+
 ALTER TABLE ONLY schema_migrations
     ADD CONSTRAINT schema_migrations_pkey PRIMARY KEY (version);
 

jest.config.base.js

@@ -57,6 +57,7 @@ module.exports = (path, options = {}) => {
     [TEST_FIXTURES_PATTERN]: '<rootDir>/tmp/tests/frontend/fixtures$1',
     '^test_fixtures_static(/.*)$': '<rootDir>/spec/frontend/fixtures/static$1',
     '\\.(jpg|jpeg|png|svg|css)$': '<rootDir>/spec/frontend/__mocks__/file_mock.js',
+    '^public(/.*)$': '<rootDir>/public$1',
     'emojis(/.*).json': '<rootDir>/fixtures/emojis$1.json',
     '^spec/test_constants$': '<rootDir>/spec/frontend/__helpers__/test_constants',
     '^jest/(.*)$': '<rootDir>/spec/frontend/$1',

lib/gitlab/ci/build/rules/rule/clause/changes.rb

@@ -33,7 +33,11 @@ module Gitlab
 
         def paths
           strong_memoize(:paths) do
-            Array(@globs[:paths])
+            if @globs.is_a?(Array)
+              @globs
+            else
+              Array(@globs[:paths])
+            end
           end
         end
       end

lib/gitlab/database/gitlab_schemas.yml

@@ -474,6 +474,7 @@ saml_providers: :gitlab_main
 saved_replies: :gitlab_main
 sbom_components: :gitlab_main
 sbom_component_versions: :gitlab_main
+sbom_sources: :gitlab_main
 schema_migrations: :gitlab_internal
 scim_identities: :gitlab_main
 scim_oauth_access_tokens: :gitlab_main

locale/gitlab.pot

@@ -3902,6 +3902,9 @@ msgstr ""
 msgid "Allows projects or subgroups in this group to override the global setting."
 msgstr ""
 
+msgid "Allows projects to track errors using an Opstrace integration."
+msgstr ""
+
 msgid "Allows you to add and manage Kubernetes clusters."
 msgstr ""
 
@@ -14215,6 +14218,9 @@ msgstr ""
 msgid "Enable Auto DevOps"
 msgstr ""
 
+msgid "Enable GitLab Error Tracking"
+msgstr ""
+
 msgid "Enable Gitpod"
 msgstr ""
 
@@ -17374,6 +17380,9 @@ msgstr ""
 msgid "GitLab Billing Team."
 msgstr ""
 
+msgid "GitLab Error Tracking"
+msgstr ""
+
 msgid "GitLab Import"
 msgstr ""
 
@@ -26452,6 +26461,9 @@ msgstr ""
 msgid "Notify|Merge request URL: %{merge_request_url}"
 msgstr ""
 
+msgid "Notify|Milestone changed to %{milestone}"
+msgstr ""
+
 msgid "Notify|New issue: %{project_issue_url}"
 msgstr ""
 
@@ -27132,6 +27144,9 @@ msgstr ""
 msgid "OperationsDashboard|The operations dashboard provides a summary of each project's operational health, including pipeline and alert statuses."
 msgstr ""
 
+msgid "Opstrace endpoint for Error Tracking integration"
+msgstr ""
+
 msgid "Optimize your workflow with CI/CD Pipelines"
 msgstr ""
 

spec/controllers/profiles/personal_access_tokens_controller_spec.rb

@@ -65,5 +65,42 @@ RSpec.describe Profiles::PersonalAccessTokensController do
         scopes: contain_exactly(:api, :read_user)
       )
     end
+
+    context "access_token_pagination feature flag is enabled" do
+      before do
+        stub_feature_flags(access_token_pagination: true)
+        allow(Kaminari.config).to receive(:default_per_page).and_return(1)
+        create(:personal_access_token, user: user)
+      end
+
+      it "returns paginated response" do
+        get :index, params: { page: 1 }
+        expect(assigns(:active_personal_access_tokens).count).to eq(1)
+      end
+
+      it 'adds appropriate headers' do
+        get :index, params: { page: 1 }
+        expect_header('X-Per-Page', '1')
+        expect_header('X-Page', '1')
+        expect_header('X-Next-Page', '2')
+        expect_header('X-Total', '2')
+      end
+    end
+
+    context "access_token_pagination feature flag is disabled" do
+      before do
+        stub_feature_flags(access_token_pagination: false)
+        create(:personal_access_token, user: user)
+      end
+
+      it "returns all tokens in system" do
+        get :index, params: { page: 1 }
+        expect(assigns(:active_personal_access_tokens).count).to eq(2)
+      end
+    end
+  end
+
+  def expect_header(header_name, header_val)
+    expect(response.headers[header_name]).to eq(header_val)
   end
 end

spec/frontend/__helpers__/shared_test_setup.js

@@ -15,6 +15,7 @@ import '~/commons/bootstrap';
 
 // This module has some fairly decent visual test coverage in it's own repository.
 jest.mock('@gitlab/favicon-overlay');
+jest.mock('~/lib/utils/axios_utils', () => jest.requireActual('helpers/mocks/axios_utils'));
 
 process.on('unhandledRejection', global.promiseRejectionHandler);
 

spec/frontend/test_setup.js

@@ -2,8 +2,6 @@
 import 'helpers/shared_test_setup';
 import { initializeTestTimeout } from 'helpers/timeout';
 
-jest.mock('~/lib/utils/axios_utils', () => jest.requireActual('helpers/mocks/axios_utils'));
-
 initializeTestTimeout(process.env.CI ? 6000 : 500);
 
 afterEach(() =>

spec/frontend_integration/snippets/snippets_notes_spec.js

@@ -0,0 +1,62 @@
+import $ from 'jquery';
+import axios from '~/lib/utils/axios_utils';
+import initGFMInput from '~/behaviors/markdown/gfm_auto_complete';
+import initDeprecatedNotes from '~/init_deprecated_notes';
+import { loadHTMLFixture } from 'helpers/fixtures';
+
+describe('Integration Snippets notes', () => {
+  beforeEach(async () => {
+    loadHTMLFixture('snippets/show.html');
+
+    // Check if we have to Load GFM Input
+    const $gfmInputs = $('.js-gfm-input:not(.js-gfm-input-initialized)');
+    initGFMInput($gfmInputs);
+
+    initDeprecatedNotes();
+  });
+
+  describe('emoji autocomplete', () => {
+    const findNoteTextarea = () => document.getElementById('note_note');
+    const findAtViewEmojiMenu = () => document.getElementById('at-view-58');
+    const findAtwhoResult = () => {
+      return Array.from(findAtViewEmojiMenu().querySelectorAll('li')).map((x) =>
+        x.innerText.trim(),
+      );
+    };
+    const fillNoteTextarea = (val) => {
+      const textarea = findNoteTextarea();
+
+      textarea.dispatchEvent(new Event('focus'));
+      textarea.value = val;
+      textarea.dispatchEvent(new Event('input'));
+      textarea.dispatchEvent(new Event('click'));
+    };
+
+    it.each([
+      [
+        ':heart',
+        ['heart', 'heart decoration', 'heart with arrow', 'heart with ribbon', 'heart_exclamation'],
+      ],
+      [':red', ['red apple', 'red_car', 'red_circle', 'credit card', 'tired face']],
+      [
+        ':circle',
+        // TODO: https://gitlab.com/gitlab-org/gitlab/-/issues/347549
+        // These autocompleted results aren't very good. The autocompletion should be improved.
+        [
+          'circled ideograph accept',
+          'circled ideograph advantage',
+          'circled ideograph congratulation',
+          'circled ideograph secret',
+          'circled latin capital letter m',
+        ],
+      ],
+    ])('shows a correct list of matching emojis when user enters %s', async (input, expected) => {
+      fillNoteTextarea(input);
+
+      await axios.waitForAll();
+
+      const result = findAtwhoResult();
+      expect(result).toEqual(expected);
+    });
+  });
+});

spec/frontend_integration/test_helpers/mock_server/routes/emojis.js

@@ -0,0 +1,9 @@
+import { Response } from 'miragejs';
+import emojis from 'public/-/emojis/2/emojis.json';
+import { EMOJI_VERSION } from '~/emoji';
+
+export default (server) => {
+  server.get(`/-/emojis/${EMOJI_VERSION}/emojis.json`, () => {
+    return new Response(200, {}, emojis);
+  });
+};

spec/frontend_integration/test_helpers/mock_server/routes/index.js

@@ -6,6 +6,7 @@ export default (server) => {
     require('./repository'),
     require('./ci'),
     require('./diffs'),
+    require('./emojis'),
     require('./404'),
   ].forEach(({ default: setup }) => {
     setup(server);

spec/lib/gitlab/ci/build/rules/rule/clause/changes_spec.rb

@@ -18,9 +18,11 @@ RSpec.describe Gitlab::Ci::Build::Rules::Rule::Clause::Changes do
 
       # rubocop:disable Layout/LineLength
       where(:case_name, :globs, :files, :satisfied) do
+        'exact top-level match'      |  ['Dockerfile']                         | { 'Dockerfile' => '', 'Gemfile' => '' }            | true
         'exact top-level match'      | { paths: ['Dockerfile'] }               | { 'Dockerfile' => '', 'Gemfile' => '' }            | true
         'exact top-level no match'   | { paths: ['Dockerfile'] }               | { 'Gemfile' => '' }                                | false
         'pattern top-level match'    | { paths: ['Docker*'] }                  | { 'Dockerfile' => '', 'Gemfile' => '' }            | true
+        'pattern top-level no match' | ['Docker*']                             | { 'Gemfile' => '' }                                | false
         'pattern top-level no match' | { paths: ['Docker*'] }                  | { 'Gemfile' => '' }                                | false
         'exact nested match'         | { paths: ['project/build.properties'] } | { 'project/build.properties' => '' }               | true
         'exact nested no match'      | { paths: ['project/build.properties'] } | { 'project/README.md' => '' }                      | false

spec/models/application_setting_spec.rb

@@ -1075,6 +1075,27 @@ RSpec.describe ApplicationSetting do
         is_expected.to validate_numericality_of(:metrics_method_call_threshold).is_greater_than_or_equal_to(0)
       end
     end
+
+    context 'error tracking settings' do
+      context 'with error tracking disabled' do
+        before do
+          setting.error_tracking_enabled = false
+        end
+
+        it { is_expected.to allow_value(nil).for(:error_tracking_api_url) }
+      end
+
+      context 'with error tracking enabled' do
+        before do
+          setting.error_tracking_enabled = true
+        end
+
+        it { is_expected.to allow_value(http).for(:error_tracking_api_url) }
+        it { is_expected.to allow_value(https).for(:error_tracking_api_url) }
+        it { is_expected.not_to allow_value(ftp).for(:error_tracking_api_url) }
+        it { is_expected.to validate_presence_of(:error_tracking_api_url) }
+      end
+    end
   end
 
   context 'restrict creating duplicates' do

spec/views/admin/application_settings/general.html.haml_spec.rb

@@ -97,4 +97,26 @@ RSpec.describe 'admin/application_settings/general.html.haml' do
       expect(rendered).to match ' data-minimum-password-length='
     end
   end
+
+  describe 'error tracking integration' do
+    context 'with error tracking feature flag enabled' do
+      it 'expects error tracking settings to be available' do
+        stub_feature_flags(gitlab_error_tracking: true)
+
+        render
+
+        expect(rendered).to have_field('application_setting_error_tracking_api_url')
+      end
+    end
+
+    context 'with error tracking feature flag disabled' do
+      it 'expects error tracking settings to not be avaiable' do
+        stub_feature_flags(gitlab_error_tracking: false)
+
+        render
+
+        expect(rendered).not_to have_field('application_setting_error_tracking_api_url')
+      end
+    end
+  end
 end