Add latest changes from gitlab-org/gitlab@master
This commit is contained in:
parent
71da5de44f
commit
f9d0e89611
|
@ -15,7 +15,7 @@ stages:
|
|||
# in cases where jobs require Docker-in-Docker, the job
|
||||
# definition must be extended with `.use-docker-in-docker`
|
||||
default:
|
||||
image: "registry.gitlab.com/gitlab-org/gitlab-build-images:ruby-2.6.6-golang-1.14-git-2.27-lfs-2.9-chrome-83-node-12.x-yarn-1.21-postgresql-11-graphicsmagick-1.3.34"
|
||||
image: "registry.gitlab.com/gitlab-org/gitlab-build-images:ruby-2.6.6-golang-1.14-git-2.28-lfs-2.9-chrome-84-node-12.x-yarn-1.21-postgresql-11-graphicsmagick-1.3.34"
|
||||
tags:
|
||||
- gitlab-org
|
||||
# All jobs are interruptible by default
|
||||
|
|
|
@ -11,7 +11,7 @@
|
|||
extends:
|
||||
- .frontend-base
|
||||
- .assets-compile-cache
|
||||
image: registry.gitlab.com/gitlab-org/gitlab-build-images:ruby-2.6.6-git-2.27-lfs-2.9-node-12.x-yarn-1.21-graphicsmagick-1.3.34
|
||||
image: registry.gitlab.com/gitlab-org/gitlab-build-images:ruby-2.6.6-git-2.28-lfs-2.9-node-12.x-yarn-1.21-graphicsmagick-1.3.34
|
||||
variables:
|
||||
WEBPACK_VENDOR_DLL: "true"
|
||||
stage: prepare
|
||||
|
|
|
@ -64,7 +64,7 @@
|
|||
policy: pull
|
||||
|
||||
.use-pg11:
|
||||
image: "registry.gitlab.com/gitlab-org/gitlab-build-images:ruby-2.6.6-golang-1.14-git-2.27-lfs-2.9-chrome-83-node-12.x-yarn-1.21-postgresql-11-graphicsmagick-1.3.34"
|
||||
image: "registry.gitlab.com/gitlab-org/gitlab-build-images:ruby-2.6.6-golang-1.14-git-2.28-lfs-2.9-chrome-84-node-12.x-yarn-1.21-postgresql-11-graphicsmagick-1.3.34"
|
||||
services:
|
||||
- name: postgres:11.6
|
||||
command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"]
|
||||
|
@ -73,7 +73,7 @@
|
|||
POSTGRES_HOST_AUTH_METHOD: trust
|
||||
|
||||
.use-pg12:
|
||||
image: "registry.gitlab.com/gitlab-org/gitlab-build-images:ruby-2.6.6-golang-1.14-git-2.27-lfs-2.9-chrome-83-node-12.x-yarn-1.21-postgresql-12-graphicsmagick-1.3.34"
|
||||
image: "registry.gitlab.com/gitlab-org/gitlab-build-images:ruby-2.6.6-golang-1.14-git-2.28-lfs-2.9-chrome-84-node-12.x-yarn-1.21-postgresql-12-graphicsmagick-1.3.34"
|
||||
services:
|
||||
- name: postgres:12
|
||||
command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"]
|
||||
|
@ -82,7 +82,7 @@
|
|||
POSTGRES_HOST_AUTH_METHOD: trust
|
||||
|
||||
.use-pg11-ee:
|
||||
image: "registry.gitlab.com/gitlab-org/gitlab-build-images:ruby-2.6.6-golang-1.14-git-2.27-lfs-2.9-chrome-83-node-12.x-yarn-1.21-postgresql-11-graphicsmagick-1.3.34"
|
||||
image: "registry.gitlab.com/gitlab-org/gitlab-build-images:ruby-2.6.6-golang-1.14-git-2.28-lfs-2.9-chrome-84-node-12.x-yarn-1.21-postgresql-11-graphicsmagick-1.3.34"
|
||||
services:
|
||||
- name: postgres:11.6
|
||||
command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"]
|
||||
|
@ -92,7 +92,7 @@
|
|||
POSTGRES_HOST_AUTH_METHOD: trust
|
||||
|
||||
.use-pg12-ee:
|
||||
image: "registry.gitlab.com/gitlab-org/gitlab-build-images:ruby-2.6.6-golang-1.14-git-2.27-lfs-2.9-chrome-83-node-12.x-yarn-1.21-postgresql-12-graphicsmagick-1.3.34"
|
||||
image: "registry.gitlab.com/gitlab-org/gitlab-build-images:ruby-2.6.6-golang-1.14-git-2.28-lfs-2.9-chrome-84-node-12.x-yarn-1.21-postgresql-12-graphicsmagick-1.3.34"
|
||||
services:
|
||||
- name: postgres:12
|
||||
command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"]
|
||||
|
|
|
@ -8,12 +8,6 @@ Set the title to: `Security Release: 12.2.X, 12.1.X, and 12.0.X`
|
|||
|
||||
-------
|
||||
|
||||
## Releases tasks
|
||||
|
||||
- https://gitlab.com/gitlab-org/release/docs/blob/master/general/security/release-manager.md
|
||||
- https://gitlab.com/gitlab-org/release/docs/blob/master/general/security/developer.md
|
||||
- https://gitlab.com/gitlab-org/release/docs/blob/master/general/security/security-engineer.md
|
||||
|
||||
## Version issues:
|
||||
|
||||
12.2.X, 12.1.X, 12.0.X: {release task link}
|
||||
|
@ -25,12 +19,9 @@ your security issues as related to this release tracking issue. You can do this
|
|||
in the "Linked issues" section below this issue description.
|
||||
|
||||
:warning: If your security issues are not marked as related to this release
|
||||
tracking issue, their merge requests may not be included in the security
|
||||
tracking issue, their merge requests will not be included in the security
|
||||
release.
|
||||
|
||||
## QA
|
||||
{QA issue link}
|
||||
|
||||
## Blog post
|
||||
|
||||
Dev: {https://dev.gitlab.org/gitlab/www-gitlab-com/merge_requests/ link}<br/>
|
|
@ -28,8 +28,8 @@ After your merge request has been approved according to our [approval guidelines
|
|||
* You can use the script `bin/secpick` instead of the following steps, to help you cherry-picking. See the [secpick documentation]
|
||||
- [ ] Create each MR targeting the stable branch `X-Y-stable`, using the [Security Release merge request template].
|
||||
* Every merge request will have its own set of TODOs, so make sure to complete those.
|
||||
- [ ] On the "Related merge requests" section, ensure all MRs are linked to this issue.
|
||||
* This section should only list the merge requests created for this issue: One targeting `master` and the 3 backports.
|
||||
- [ ] On the "Related merge requests" section, ensure that `4` merge requests are associated: The one targeting `master` and the `3` backports.
|
||||
- [ ] If this issue requires less than `4` merge requests, post a message on the Security Release Tracking Issue and ping the Release Managers.
|
||||
|
||||
## Documentation and final details
|
||||
|
||||
|
|
4
Gemfile
4
Gemfile
|
@ -464,9 +464,9 @@ end
|
|||
# Gitaly GRPC protocol definitions
|
||||
gem 'gitaly', '~> 13.3.0-rc1'
|
||||
|
||||
gem 'grpc', '~> 1.24.0'
|
||||
gem 'grpc', '~> 1.30.2'
|
||||
|
||||
gem 'google-protobuf', '~> 3.8.0'
|
||||
gem 'google-protobuf', '~> 3.12'
|
||||
|
||||
gem 'toml-rb', '~> 1.0.0'
|
||||
|
||||
|
|
14
Gemfile.lock
14
Gemfile.lock
|
@ -450,9 +450,9 @@ GEM
|
|||
representable (~> 3.0)
|
||||
retriable (>= 2.0, < 4.0)
|
||||
signet (~> 0.12)
|
||||
google-protobuf (3.8.0)
|
||||
googleapis-common-protos-types (1.0.4)
|
||||
google-protobuf (~> 3.0)
|
||||
google-protobuf (3.12.4)
|
||||
googleapis-common-protos-types (1.0.5)
|
||||
google-protobuf (~> 3.11)
|
||||
googleauth (0.12.0)
|
||||
faraday (>= 0.17.3, < 2.0)
|
||||
jwt (>= 1.4, < 3.0)
|
||||
|
@ -491,8 +491,8 @@ GEM
|
|||
graphql (~> 1.6)
|
||||
html-pipeline (~> 2.8)
|
||||
sass (~> 3.4)
|
||||
grpc (1.24.0)
|
||||
google-protobuf (~> 3.8)
|
||||
grpc (1.30.2)
|
||||
google-protobuf (~> 3.12)
|
||||
googleapis-common-protos-types (~> 1.0)
|
||||
gssapi (1.2.0)
|
||||
ffi (>= 1.0.1)
|
||||
|
@ -1278,7 +1278,7 @@ DEPENDENCIES
|
|||
gitlab_omniauth-ldap (~> 2.1.1)
|
||||
gon (~> 6.2)
|
||||
google-api-client (~> 0.33)
|
||||
google-protobuf (~> 3.8.0)
|
||||
google-protobuf (~> 3.12)
|
||||
gpgme (~> 2.0.19)
|
||||
grape (= 1.4.0)
|
||||
grape-entity (~> 0.7.1)
|
||||
|
@ -1287,7 +1287,7 @@ DEPENDENCIES
|
|||
graphiql-rails (~> 1.4.10)
|
||||
graphql (~> 1.10.5)
|
||||
graphql-docs (~> 1.6.0)
|
||||
grpc (~> 1.24.0)
|
||||
grpc (~> 1.30.2)
|
||||
gssapi
|
||||
guard-rspec
|
||||
haml_lint (~> 0.34.0)
|
||||
|
|
|
@ -7,6 +7,7 @@ import BlobCiYamlSelector from './template_selectors/ci_yaml_selector';
|
|||
import DockerfileSelector from './template_selectors/dockerfile_selector';
|
||||
import GitignoreSelector from './template_selectors/gitignore_selector';
|
||||
import LicenseSelector from './template_selectors/license_selector';
|
||||
import MetricsDashboardSelector from './template_selectors/metrics_dashboard_selector';
|
||||
import toast from '~/vue_shared/plugins/global_toast';
|
||||
import { __ } from '~/locale';
|
||||
import initPopover from '~/blob/suggest_gitlab_ci_yml';
|
||||
|
@ -30,6 +31,7 @@ export default class FileTemplateMediator {
|
|||
this.templateSelectors = [
|
||||
GitignoreSelector,
|
||||
BlobCiYamlSelector,
|
||||
MetricsDashboardSelector,
|
||||
DockerfileSelector,
|
||||
LicenseSelector,
|
||||
].map(TemplateSelectorClass => new TemplateSelectorClass({ mediator: this }));
|
||||
|
|
|
@ -0,0 +1,28 @@
|
|||
import FileTemplateSelector from '../file_template_selector';
|
||||
|
||||
export default class MetricsDashboardSelector extends FileTemplateSelector {
|
||||
constructor({ mediator }) {
|
||||
super(mediator);
|
||||
this.config = {
|
||||
key: 'metrics-dashboard-yaml',
|
||||
name: '.metrics-dashboard.yml',
|
||||
pattern: /(.metrics-dashboard.yml)/,
|
||||
type: 'metrics_dashboard_ymls',
|
||||
dropdown: '.js-metrics-dashboard-selector',
|
||||
wrapper: '.js-metrics-dashboard-selector-wrap',
|
||||
};
|
||||
}
|
||||
|
||||
initDropdown() {
|
||||
this.$dropdown.glDropdown({
|
||||
data: this.$dropdown.data('data'),
|
||||
filterable: true,
|
||||
selectable: true,
|
||||
search: {
|
||||
fields: ['name'],
|
||||
},
|
||||
clicked: options => this.reportSelectionName(options),
|
||||
text: item => item.name,
|
||||
});
|
||||
}
|
||||
}
|
|
@ -210,6 +210,7 @@ export default {
|
|||
v-model="key"
|
||||
:token-list="$options.tokenList"
|
||||
:label-text="__('Key')"
|
||||
data-qa-selector="ci_variable_key_field"
|
||||
/>
|
||||
|
||||
<gl-form-group v-else :label="__('Key')" label-for="ci-variable-key">
|
||||
|
|
|
@ -407,6 +407,7 @@ export default {
|
|||
right
|
||||
class="gl-flex-grow-1"
|
||||
data-testid="actions-menu"
|
||||
data-qa-selector="actions_menu_dropdown"
|
||||
:title="s__('Metrics|Create dashboard')"
|
||||
:icon="'plus-square'"
|
||||
>
|
||||
|
|
|
@ -187,7 +187,8 @@
|
|||
.gitignore-selector,
|
||||
.gitlab-ci-yml-selector,
|
||||
.dockerfile-selector,
|
||||
.template-type-selector {
|
||||
.template-type-selector,
|
||||
.metrics-dashboard-selector {
|
||||
display: inline-block;
|
||||
vertical-align: top;
|
||||
font-family: $regular_font;
|
||||
|
|
|
@ -50,7 +50,9 @@ module Packages
|
|||
user: build_user_info(pipeline_info.user),
|
||||
project: {
|
||||
name: pipeline_info.project.name,
|
||||
web_url: pipeline_info.project.web_url
|
||||
web_url: pipeline_info.project.web_url,
|
||||
pipeline_url: Gitlab::Routing.url_helpers.project_pipeline_url(pipeline_info.project, pipeline_info),
|
||||
commit_url: Gitlab::Routing.url_helpers.project_commit_url(pipeline_info.project, pipeline_info.sha)
|
||||
}
|
||||
}
|
||||
end
|
||||
|
|
|
@ -7,6 +7,8 @@
|
|||
= dropdown_tag(_("Apply a template"), options: { toggle_class: 'js-license-selector qa-license-dropdown', dropdown_class: 'dropdown-menu-selectable', filter: true, placeholder: "Filter", data: { data: licenses_for_select(@project), project: @project.name, fullname: @project.namespace.human_name } } )
|
||||
.gitignore-selector.js-gitignore-selector-wrap.js-template-selector-wrap.hidden
|
||||
= dropdown_tag(_("Apply a template"), options: { toggle_class: 'js-gitignore-selector qa-gitignore-dropdown', dropdown_class: 'dropdown-menu-selectable', filter: true, placeholder: "Filter", data: { data: gitignore_names(@project) } } )
|
||||
.metrics-dashboard-selector.js-metrics-dashboard-selector-wrap.js-template-selector-wrap.hidden
|
||||
= dropdown_tag(_("Apply a template"), options: { toggle_class: 'js-metrics-dashboard-selector qa-metrics-dashboard-dropdown', dropdown_class: 'dropdown-menu-selectable', filter: true, placeholder: "Filter", data: { data: metrics_dashboard_ymls(@project) } } )
|
||||
#gitlab-ci-yml-selector.gitlab-ci-yml-selector.js-gitlab-ci-yml-selector-wrap.js-template-selector-wrap.hidden
|
||||
= dropdown_tag(_("Apply a template"), options: { toggle_class: 'js-gitlab-ci-yml-selector qa-gitlab-ci-yml-dropdown', dropdown_class: 'dropdown-menu-selectable', filter: true, placeholder: "Filter", data: { data: gitlab_ci_ymls(@project) } } )
|
||||
.dockerfile-selector.js-dockerfile-selector-wrap.js-template-selector-wrap.hidden
|
||||
|
|
|
@ -0,0 +1,5 @@
|
|||
---
|
||||
title: "Add internal api for getting personal access tokens from gitlab-shell"
|
||||
merge_request: 36302
|
||||
author: Taylan Develioglu @tdevelioglu
|
||||
type: added
|
|
@ -0,0 +1,5 @@
|
|||
---
|
||||
title: Add metrics dashboard templates for the standard file blob selector
|
||||
merge_request: 37519
|
||||
author:
|
||||
type: added
|
|
@ -0,0 +1,5 @@
|
|||
---
|
||||
title: Remove some unnecessary Redis calls on commit lists
|
||||
merge_request: 38343
|
||||
author:
|
||||
type: performance
|
|
@ -0,0 +1,5 @@
|
|||
---
|
||||
title: Upgrade CI to Git v2.28.0
|
||||
merge_request: 38152
|
||||
author:
|
||||
type: added
|
|
@ -456,7 +456,7 @@ you can pull from the Container Registry, but you cannot push.
|
|||
sudo aws --endpoint-url https://your-object-storage-backend.com s3 ls
|
||||
```
|
||||
|
||||
If you are using AWS as your back end, you do not need the [`--endpoint-url`](https://docs.aws.amazon.com/cli/latest/reference/#:~:text=--endpoint-url).
|
||||
If you are using AWS as your back end, you do not need the [`--endpoint-url`](https://docs.aws.amazon.com/cli/latest/reference/#options).
|
||||
1. Copy initial data to your S3 bucket, for example with the `aws` CLI
|
||||
[`cp`](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/s3/cp.html)
|
||||
or [`sync`](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/s3/sync.html)
|
||||
|
|
|
@ -281,12 +281,16 @@ first time.
|
|||
### Assigning a merge request for a review
|
||||
|
||||
When you are ready to have your merge request reviewed,
|
||||
you should default to assigning it to a reviewer from your group or team for the first review,
|
||||
however, you can also assign it to any reviewer. The list of reviewers can be found on [Engineering projects](https://about.gitlab.com/handbook/engineering/projects/) page.
|
||||
you should request an initial review by assigning it to a reviewer from your group or team.
|
||||
However, you can also assign it to any reviewer. The list of reviewers can be found on [Engineering projects](https://about.gitlab.com/handbook/engineering/projects/) page.
|
||||
|
||||
You can also use `workflow::ready for review` label. That means that your merge request is ready to be reviewed and any reviewer can pick it. It is recommended to use that label only if there isn't time pressure and make sure the merge request is assigned to a reviewer.
|
||||
|
||||
When your merge request was reviewed and can be passed to a maintainer, you should default to choosing a maintainer with [domain expertise](#domain-experts), and otherwise follow the Reviewer Roulette recommendation or use the label `ready for merge`.
|
||||
When your merge request receives an approval from the first reviewer it can be passed to a maintainer. You should default to choosing a maintainer with [domain expertise](#domain-experts), and otherwise follow the Reviewer Roulette recommendation or use the label `ready for merge`.
|
||||
|
||||
Sometimes, a maintainer may not be available for review. They could be out of the office or [at capacity](#review-response-slo).
|
||||
You can and should check the maintainer’s availability in their profile. If the maintainer recommended by
|
||||
the roulette is not available, choose someone else from that list.
|
||||
|
||||
It is responsibility of the author of a merge request that the merge request is reviewed. If it stays in `ready for review` state too long it is recommended to assign it to a specific reviewer.
|
||||
|
||||
|
|
|
@ -1,3 +1,10 @@
|
|||
---
|
||||
stage: Create
|
||||
group: Source Code
|
||||
info: "To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers"
|
||||
type: reference, api
|
||||
---
|
||||
|
||||
# Internal API
|
||||
|
||||
The internal API is used by different GitLab components, it can not be
|
||||
|
@ -24,10 +31,11 @@ authentication.
|
|||
|
||||
## Git Authentication
|
||||
|
||||
This is called by Gitaly and GitLab-shell to check access to a
|
||||
This is called by [Gitaly](https://gitlab.com/gitlab-org/gitaly) and
|
||||
[GitLab Shell](https://gitlab.com/gitlab-org/gitlab-shell) to check access to a
|
||||
repository.
|
||||
|
||||
When called from GitLab-shell no changes are passed and the internal
|
||||
When called from GitLab Shell no changes are passed and the internal
|
||||
API replies with the information needed to pass the request on to
|
||||
Gitaly.
|
||||
|
||||
|
@ -40,13 +48,13 @@ POST /internal/allowed
|
|||
|
||||
| Attribute | Type | Required | Description |
|
||||
|:----------|:-------|:---------|:------------|
|
||||
| `key_id` | string | no | ID of the SSH-key used to connect to GitLab-shell |
|
||||
| `username` | string | no | Username from the certificate used to connect to GitLab-Shell |
|
||||
| `key_id` | string | no | ID of the SSH-key used to connect to GitLab Shell |
|
||||
| `username` | string | no | Username from the certificate used to connect to GitLab Shell |
|
||||
| `project` | string | no (if `gl_repository` is passed) | Path to the project |
|
||||
| `gl_repository` | string | no (if `project` is passed) | Repository identifier (e.g. `project-7`) |
|
||||
| `protocol` | string | yes | SSH when called from GitLab-shell, HTTP or SSH when called from Gitaly |
|
||||
| `action` | string | yes | Git command being run (`git-upload-pack`, `git-receive-pack`, `git-upload-archive`) |
|
||||
| `changes` | string | yes | `<oldrev> <newrev> <refname>` when called from Gitaly, The magic string `_any` when called from GitLab Shell |
|
||||
| `changes` | string | yes | `<oldrev> <newrev> <refname>` when called from Gitaly, the magic string `_any` when called from GitLab Shell |
|
||||
| `check_ip` | string | no | IP address from which call to GitLab Shell was made |
|
||||
|
||||
Example request:
|
||||
|
@ -84,17 +92,17 @@ Example response:
|
|||
### Known consumers
|
||||
|
||||
- Gitaly
|
||||
- GitLab-shell
|
||||
- GitLab Shell
|
||||
|
||||
## LFS Authentication
|
||||
|
||||
This is the endpoint that gets called from GitLab-shell to provide
|
||||
This is the endpoint that gets called from GitLab Shell to provide
|
||||
information for LFS clients when the repository is accessed over SSH.
|
||||
|
||||
| Attribute | Type | Required | Description |
|
||||
|:----------|:-------|:---------|:------------|
|
||||
| `key_id` | string | no | ID of the SSH-key used to connect to GitLab-shell |
|
||||
| `username`| string | no | Username from the certificate used to connect to GitLab-Shell |
|
||||
| `key_id` | string | no | ID of the SSH-key used to connect to GitLab Shell |
|
||||
| `username`| string | no | Username from the certificate used to connect to GitLab Shell |
|
||||
| `project` | string | no | Path to the project |
|
||||
|
||||
Example request:
|
||||
|
@ -114,17 +122,17 @@ curl --request POST --header "Gitlab-Shared-Secret: <Base64 encoded token>" --da
|
|||
|
||||
### Known consumers
|
||||
|
||||
- GitLab-shell
|
||||
- GitLab Shell
|
||||
|
||||
## Authorized Keys Check
|
||||
|
||||
This endpoint is called by the GitLab-shell authorized keys
|
||||
This endpoint is called by the GitLab Shell authorized keys
|
||||
check. Which is called by OpenSSH for [fast SSH key
|
||||
lookup](../administration/operations/fast_ssh_key_lookup.md).
|
||||
|
||||
| Attribute | Type | Required | Description |
|
||||
|:----------|:-------|:---------|:------------|
|
||||
| `key` | string | yes | SSH key as passed by OpenSSH to GitLab-shell |
|
||||
| `key` | string | yes | SSH key as passed by OpenSSH to GitLab Shell |
|
||||
|
||||
```plaintext
|
||||
GET /internal/authorized_keys
|
||||
|
@ -149,7 +157,7 @@ Example response:
|
|||
|
||||
### Known consumers
|
||||
|
||||
- GitLab-shell
|
||||
- GitLab Shell
|
||||
|
||||
## Get user for user ID or key
|
||||
|
||||
|
@ -159,7 +167,7 @@ discovers the user associated with an SSH key.
|
|||
| Attribute | Type | Required | Description |
|
||||
|:----------|:-------|:---------|:------------|
|
||||
| `key_id` | integer | no | The ID of the SSH key used as found in the authorized-keys file or through the `/authorized_keys` check |
|
||||
| `username` | string | no | Username of the user being looked up, used by GitLab-shell when authenticating using a certificate |
|
||||
| `username` | string | no | Username of the user being looked up, used by GitLab Shell when authenticating using a certificate |
|
||||
|
||||
```plaintext
|
||||
GET /internal/discover
|
||||
|
@ -183,12 +191,12 @@ Example response:
|
|||
|
||||
### Known consumers
|
||||
|
||||
- GitLab-shell
|
||||
- GitLab Shell
|
||||
|
||||
## Instance information
|
||||
|
||||
This gets some generic information about the instance. This is used
|
||||
by Geo nodes to get information about each other
|
||||
by Geo nodes to get information about each other.
|
||||
|
||||
```plaintext
|
||||
GET /internal/check
|
||||
|
@ -214,12 +222,12 @@ Example response:
|
|||
### Known consumers
|
||||
|
||||
- GitLab Geo
|
||||
- GitLab-shell's `bin/check`
|
||||
- GitLab Shell's `bin/check`
|
||||
|
||||
## Get new 2FA recovery codes using an SSH key
|
||||
|
||||
This is called from GitLab-shell and allows users to get new 2FA
|
||||
recovery codes based on their SSH key
|
||||
This is called from GitLab Shell and allows users to get new 2FA
|
||||
recovery codes based on their SSH key.
|
||||
|
||||
| Attribute | Type | Required | Description |
|
||||
|:----------|:-------|:---------|:------------|
|
||||
|
@ -258,7 +266,45 @@ Example response:
|
|||
|
||||
### Known consumers
|
||||
|
||||
- GitLab-shell
|
||||
- GitLab Shell
|
||||
|
||||
## Get new personal access-token
|
||||
|
||||
This is called from GitLab Shell and allows users to generate a new
|
||||
personal access token.
|
||||
|
||||
| Attribute | Type | Required | Description |
|
||||
|:----------|:-------|:---------|:------------|
|
||||
| `name` | string | yes | The name of the new token |
|
||||
| `scopes` | string array | yes | The authorization scopes for the new token, these must be valid token scopes |
|
||||
| `expires_at` | string | no | The expiry date for the new token |
|
||||
| `key_id` | integer | no | The ID of the SSH key used as found in the authorized-keys file or through the `/authorized_keys` check |
|
||||
| `user_id` | integer | no | User\_id for which to generate the new token |
|
||||
|
||||
```plaintext
|
||||
POST /internal/personal_access_token
|
||||
```
|
||||
|
||||
Example request:
|
||||
|
||||
```shell
|
||||
curl --request POST --header "Gitlab-Shared-Secret: <Base64 encoded secret>" --data "user_id=29&name=mytokenname&scopes[]=read_user&scopes[]=read_repository&expires_at=2020-07-24" http://localhost:3001/api/v4/internal/personal_access_token
|
||||
```
|
||||
|
||||
Example response:
|
||||
|
||||
```json
|
||||
{
|
||||
"success": true,
|
||||
"token": "Hf_79B288hRv_3-TSD1R",
|
||||
"scopes": ["read_user","read_repository"],
|
||||
"expires_at": "2020-07-24"
|
||||
}
|
||||
```
|
||||
|
||||
### Known consumers
|
||||
|
||||
- GitLab Shell
|
||||
|
||||
## Incrementing counter on pre-receive
|
||||
|
||||
|
|
|
@ -134,7 +134,7 @@ Make sure you have the right version of Git installed:
|
|||
# Install Git
|
||||
sudo apt-get install -y git-core
|
||||
|
||||
# Make sure Git is version 2.27.0 or higher (minimal supported version is 2.25.0)
|
||||
# Make sure Git is version 2.28.0 or higher
|
||||
git --version
|
||||
```
|
||||
|
||||
|
@ -181,9 +181,9 @@ sudo make install
|
|||
|
||||
# Download and compile from source
|
||||
cd /tmp
|
||||
curl --remote-name --location --progress https://www.kernel.org/pub/software/scm/git/git-2.27.0.tar.gz
|
||||
echo '77ded85cbe42b1ffdc2578b460a1ef5d23bcbc6683eabcafbb0d394dffe2e787 git-2.27.0.tar.gz' | shasum -a256 -c - && tar -xzf git-2.27.0.tar.gz
|
||||
cd git-2.27.0/
|
||||
curl --remote-name --location --progress https://www.kernel.org/pub/software/scm/git/git-2.28.0.tar.gz
|
||||
echo 'f914c60a874d466c1e18467c864a910dd4ea22281ba6d4d58077cb0c3f115170 git-2.28.0.tar.gz' | shasum -a256 -c - && tar -xzf git-2.28.0.tar.gz
|
||||
cd git-2.28.0/
|
||||
./configure --with-libpcre
|
||||
make prefix=/usr/local all
|
||||
|
||||
|
|
|
@ -56,8 +56,7 @@ The minimum required Go version is 1.13.
|
|||
|
||||
From GitLab 13.1:
|
||||
|
||||
- Git 2.25.x and later is required.
|
||||
- Git 2.27.x and later [is recommended](https://gitlab.com/gitlab-org/gitaly/-/issues/2829).
|
||||
- Git 2.28.x and later [is required](https://gitlab.com/gitlab-org/gitaly/-/issues/2959).
|
||||
|
||||
### Node.js versions
|
||||
|
||||
|
|
|
@ -222,6 +222,11 @@ possible.
|
|||
|
||||
## Version specific upgrading instructions
|
||||
|
||||
### 13.3.0
|
||||
|
||||
In 13.3.0, you must upgrade to at least Git v2.28. Previously, the minimum
|
||||
required version was Git v2.24.
|
||||
|
||||
### 13.2.0
|
||||
|
||||
GitLab installations that have multiple web nodes will need to be
|
||||
|
|
|
@ -124,7 +124,7 @@ rm go1.13.5.linux-amd64.tar.gz
|
|||
|
||||
CAUTION: **Caution:**
|
||||
From GitLab 13.1, you must use at least Git v2.24 (previous minimum version was v2.22).
|
||||
Git v2.26 is recommended.
|
||||
From GitLab 13.3, you must use at least Git v2.28.
|
||||
|
||||
To check you are running the minimum required Git version, see
|
||||
[Git versions](../install/requirements.md#git-versions).
|
||||
|
@ -132,7 +132,7 @@ To check you are running the minimum required Git version, see
|
|||
In Debian or Ubuntu:
|
||||
|
||||
```shell
|
||||
# Make sure Git is version 2.24.0 or higher
|
||||
# Make sure Git is version 2.28.0 or higher
|
||||
git --version
|
||||
|
||||
# Remove packaged Git
|
||||
|
@ -152,9 +152,9 @@ make install
|
|||
|
||||
# Download and compile from source
|
||||
cd /tmp
|
||||
curl --remote-name --location --progress https://www.kernel.org/pub/software/scm/git/git-2.26.0.tar.gz
|
||||
echo 'aa168c2318e7187cd295a645f7370cc6d71a324aafc932f80f00c780b6a26bed git-2.26.0.tar.gz' | shasum -a256 -c - && tar -xzf git-2.26.0.tar.gz
|
||||
cd git-2.26.0/
|
||||
curl --remote-name --location --progress https://www.kernel.org/pub/software/scm/git/git-2.28.0.tar.gz
|
||||
echo 'f914c60a874d466c1e18467c864a910dd4ea22281ba6d4d58077cb0c3f115170 git-2.28.0.tar.gz' | shasum -a256 -c - && tar -xzf git-2.28.0.tar.gz
|
||||
cd git-2.28.0/
|
||||
./configure --with-libpcre
|
||||
make prefix=/usr/local all
|
||||
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
---
|
||||
stage: Plan
|
||||
group: Project Management
|
||||
stage: Manage
|
||||
group: Import
|
||||
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers
|
||||
type: reference
|
||||
---
|
||||
|
|
|
@ -116,6 +116,45 @@ of the GitLab artifacts system, GitLab saves in a corpus directory the new test
|
|||
generates. In any subsequent runs, GitLab also reuses the generated corpus together with the seed
|
||||
corpus.
|
||||
|
||||
### Reports JSON format
|
||||
|
||||
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/220062) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 13.3 as an [Alpha feature](https://about.gitlab.com/handbook/product/gitlab-the-product/#alpha).
|
||||
|
||||
The `gitlab-cov-fuzz` tool emits a JSON report file. For more information, see the
|
||||
[schema for this report](https://gitlab.com/gitlab-org/security-products/security-report-schemas/-/blob/master/dist/coverage-fuzzing-report-format.json).
|
||||
|
||||
You can download the JSON report file from the CI pipelines page. For more information, see
|
||||
[Downloading artifacts](../../../ci/pipelines/job_artifacts.md#downloading-artifacts).
|
||||
|
||||
Here's an example Coverage Fuzzing report:
|
||||
|
||||
```json-doc
|
||||
{
|
||||
"version": "v1.0.8",
|
||||
"regression": false,
|
||||
"exit_code": -1,
|
||||
"vulnerabilities": [
|
||||
{
|
||||
"category": "coverage_fuzzing",
|
||||
"message": "Heap-buffer-overflow\nREAD 1",
|
||||
"description": "Heap-buffer-overflow\nREAD 1",
|
||||
"severity": "Critical",
|
||||
"stacktrace_snippet": "INFO: Seed: 3415817494\nINFO: Loaded 1 modules (7 inline 8-bit counters): 7 [0x10eee2470, 0x10eee2477), \nINFO: Loaded 1 PC tables (7 PCs): 7 [0x10eee2478,0x10eee24e8), \nINFO: 5 files found in corpus\nINFO: -max_len is not provided; libFuzzer will not generate inputs larger than 4096 bytes\nINFO: seed corpus: files: 5 min: 1b max: 4b total: 14b rss: 26Mb\n#6\tINITED cov: 7 ft: 7 corp: 5/14b exec/s: 0 rss: 26Mb\n=================================================================\n==43405==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x602000001573 at pc 0x00010eea205a bp 0x7ffee0d5e090 sp 0x7ffee0d5e088\nREAD of size 1 at 0x602000001573 thread T0\n #0 0x10eea2059 in FuzzMe(unsigned char const*, unsigned long) fuzz_me.cc:9\n #1 0x10eea20ba in LLVMFuzzerTestOneInput fuzz_me.cc:13\n #2 0x10eebe020 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) FuzzerLoop.cpp:556\n #3 0x10eebd765 in fuzzer::Fuzzer::RunOne(unsigned char const*, unsigned long, bool, fuzzer::InputInfo*, bool*) FuzzerLoop.cpp:470\n #4 0x10eebf966 in fuzzer::Fuzzer::MutateAndTestOne() FuzzerLoop.cpp:698\n #5 0x10eec0665 in fuzzer::Fuzzer::Loop(std::__1::vector\u003cfuzzer::SizedFile, fuzzer::fuzzer_allocator\u003cfuzzer::SizedFile\u003e \u003e\u0026) FuzzerLoop.cpp:830\n #6 0x10eead0cd in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) FuzzerDriver.cpp:829\n #7 0x10eedaf82 in main FuzzerMain.cpp:19\n #8 0x7fff684fecc8 in start+0x0 (libdyld.dylib:x86_64+0x1acc8)\n\n0x602000001573 is located 0 bytes to the right of 3-byte region [0x602000001570,0x602000001573)\nallocated by thread T0 here:\n #0 0x10ef92cfd in wrap__Znam+0x7d (libclang_rt.asan_osx_dynamic.dylib:x86_64+0x50cfd)\n #1 0x10eebdf31 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) FuzzerLoop.cpp:541\n #2 0x10eebd765 in fuzzer::Fuzzer::RunOne(unsigned char const*, unsigned long, bool, fuzzer::InputInfo*, bool*) FuzzerLoop.cpp:470\n #3 0x10eebf966 in fuzzer::Fuzzer::MutateAndTestOne() FuzzerLoop.cpp:698\n #4 0x10eec0665 in fuzzer::Fuzzer::Loop(std::__1::vector\u003cfuzzer::SizedFile, fuzzer::fuzzer_allocator\u003cfuzzer::SizedFile\u003e \u003e\u0026) FuzzerLoop.cpp:830\n #5 0x10eead0cd in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) FuzzerDriver.cpp:829\n #6 0x10eedaf82 in main FuzzerMain.cpp:19\n #7 0x7fff684fecc8 in start+0x0 (libdyld.dylib:x86_64+0x1acc8)\n\nSUMMARY: AddressSanitizer: heap-buffer-overflow fuzz_me.cc:9 in FuzzMe(unsigned char const*, unsigned long)\nShadow bytes around the buggy address:\n 0x1c0400000250: fa fa fd fa fa fa fd fa fa fa fd fa fa fa fd fa\n 0x1c0400000260: fa fa fd fa fa fa fd fa fa fa fd fa fa fa fd fa\n 0x1c0400000270: fa fa fd fa fa fa fd fa fa fa fd fa fa fa fd fa\n 0x1c0400000280: fa fa fd fa fa fa fd fa fa fa fd fa fa fa fd fa\n 0x1c0400000290: fa fa fd fa fa fa fd fa fa fa fd fa fa fa fd fa\n=\u003e0x1c04000002a0: fa fa fd fa fa fa fd fa fa fa fd fa fa fa[03]fa\n 0x1c04000002b0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa\n 0x1c04000002c0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa\n 0x1c04000002d0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa\n 0x1c04000002e0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa\n 0x1c04000002f0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa\nShadow byte legend (one shadow byte represents 8 application bytes):\n Addressable: 00\n Partially addressable: 01 02 03 04 05 06 07 \n Heap left redzone: fa\n Freed heap region: fd\n Stack left redzone: f1\n Stack mid redzone: f2\n Stack right redzone: f3\n Stack after return: f5\n Stack use after scope: f8\n Global redzone: f9\n Global init order: f6\n Poisoned by user: f7\n Container overflow: fc\n Array cookie: ac\n Intra object redzone: bb\n ASan internal: fe\n Left alloca redzone: ca\n Right alloca redzone: cb\n Shadow gap: cc\n==43405==ABORTING\nMS: 1 EraseBytes-; base unit: de3a753d4f1def197604865d76dba888d6aefc71\n0x46,0x55,0x5a,\nFUZ\nartifact_prefix='./crashes/'; Test unit written to ./crashes/crash-0eb8e4ed029b774d80f2b66408203801cb982a60\nBase64: RlVa\nstat::number_of_executed_units: 122\nstat::average_exec_per_sec: 0\nstat::new_units_added: 0\nstat::slowest_unit_time_sec: 0\nstat::peak_rss_mb: 28",
|
||||
"scanner": {
|
||||
"id": "libFuzzer",
|
||||
"name": "libFuzzer"
|
||||
},
|
||||
"location": {
|
||||
"crash_address": "0x602000001573",
|
||||
"crash_state": "FuzzMe\nstart\nstart+0x0\n\n",
|
||||
"crash_type": "Heap-buffer-overflow\nREAD 1"
|
||||
},
|
||||
"tool": "libFuzzer"
|
||||
}
|
||||
]
|
||||
}
|
||||
```
|
||||
|
||||
### Additional Configuration
|
||||
|
||||
The `gitlab-cov-fuzz` command passes all arguments it receives to the underlying fuzzing engine. You
|
||||
|
|
|
@ -287,3 +287,7 @@ To add an issue to an [iteration](../../group/iterations/index.md):
|
|||
|
||||
1. In an issue sidebar, click **Edit** next to **Iteration**. A dropdown appears.
|
||||
1. Click an iteration you'd like to associate this issue with.
|
||||
|
||||
You can also use the `/iteration`
|
||||
[quick action](../quick_actions.md#quick-actions-for-issues-merge-requests-and-epics)
|
||||
in a comment or description field.
|
||||
|
|
|
@ -44,7 +44,7 @@ The following quick actions are applicable to descriptions, discussions and thre
|
|||
| `/duplicate <#issue>` | ✓ | | | Close this issue and mark as a duplicate of another issue. **(CORE)** Also, mark both as related. **(STARTER)** |
|
||||
| `/epic <epic>` | ✓ | | | Add to epic `<epic>`. The `<epic>` value should be in the format of `&epic`, `group&epic`, or a URL to an epic. **(PREMIUM)** |
|
||||
| `/estimate <<W>w <DD>d <hh>h <mm>m>` | ✓ | ✓ | | Set time estimate. For example, `/estimate 1w 3d 2h 14m`. |
|
||||
| `/iteration *iteration:iteration` | ✓ | | | Set iteration ([Introduced in GitLab 13.1](https://gitlab.com/gitlab-org/gitlab/-/issues/196795)) **(STARTER)** |
|
||||
| `/iteration *iteration:"iteration name"` | ✓ | | | Set iteration. For example, to set the `Late in July` iteration: `/iteration *iteration:"Late in July"` ([introduced in GitLab 13.1](https://gitlab.com/gitlab-org/gitlab/-/issues/196795)). **(STARTER)** |
|
||||
| `/label ~label1 ~label2` | ✓ | ✓ | ✓ | Add one or more labels. Label names can also start without a tilde (`~`), but mixed syntax is not supported. |
|
||||
| `/lock` | ✓ | ✓ | | Lock the thread. |
|
||||
| `/merge` | | ✓ | | Merge changes. Depending on the project setting, this may be [when the pipeline succeeds](merge_requests/merge_when_pipeline_succeeds.md), adding to a [Merge Train](../../ci/merge_request_pipelines/pipelines_for_merged_results/merge_trains/index.md), etc. |
|
||||
|
@ -60,7 +60,7 @@ The following quick actions are applicable to descriptions, discussions and thre
|
|||
| `/remove_due_date` | ✓ | | | Remove due date. |
|
||||
| `/remove_epic` | ✓ | | | Remove from epic. **(PREMIUM)** |
|
||||
| `/remove_estimate` | ✓ | ✓ | | Remove time estimate. |
|
||||
| `/remove_iteration` | ✓ | | | Remove iteration ([Introduced in GitLab 13.1](https://gitlab.com/gitlab-org/gitlab/-/issues/196795)) **(STARTER)** |
|
||||
| `/remove_iteration` | ✓ | | | Remove iteration ([introduced in GitLab 13.1](https://gitlab.com/gitlab-org/gitlab/-/issues/196795)) **(STARTER)** |
|
||||
| `/remove_milestone` | ✓ | ✓ | | Remove milestone. |
|
||||
| `/remove_parent_epic` | | | ✓ | Remove parent epic from epic ([introduced in GitLab 12.1](https://gitlab.com/gitlab-org/gitlab/-/issues/10556)). **(ULTIMATE)** |
|
||||
| `/remove_time_spent` | ✓ | ✓ | | Remove time spent. |
|
||||
|
|
|
@ -117,7 +117,7 @@ module API
|
|||
return unless %w[git-receive-pack git-upload-pack git-upload-archive].include?(action)
|
||||
|
||||
{
|
||||
repository: repository.gitaly_repository,
|
||||
repository: repository.gitaly_repository.to_h,
|
||||
address: Gitlab::GitalyClient.address(repository.shard),
|
||||
token: Gitlab::GitalyClient.token(repository.shard),
|
||||
features: Feature::Gitaly.server_feature_flags
|
||||
|
|
|
@ -18,6 +18,10 @@ module API
|
|||
|
||||
UNKNOWN_CHECK_RESULT_ERROR = 'Unknown check result'.freeze
|
||||
|
||||
VALID_PAT_SCOPES = Set.new(
|
||||
Gitlab::Auth::API_SCOPES + Gitlab::Auth::REPOSITORY_SCOPES + Gitlab::Auth::REGISTRY_SCOPES
|
||||
).freeze
|
||||
|
||||
helpers do
|
||||
def response_with_status(code: 200, success: true, message: nil, **extra_options)
|
||||
status code
|
||||
|
@ -194,6 +198,60 @@ module API
|
|||
{ success: true, recovery_codes: codes }
|
||||
end
|
||||
|
||||
post '/personal_access_token' do
|
||||
status 200
|
||||
|
||||
actor.update_last_used_at!
|
||||
user = actor.user
|
||||
|
||||
if params[:key_id]
|
||||
unless actor.key
|
||||
break { success: false, message: 'Could not find the given key' }
|
||||
end
|
||||
|
||||
if actor.key.is_a?(DeployKey)
|
||||
break { success: false, message: 'Deploy keys cannot be used to create personal access tokens' }
|
||||
end
|
||||
|
||||
unless user
|
||||
break { success: false, message: 'Could not find a user for the given key' }
|
||||
end
|
||||
elsif params[:user_id] && user.nil?
|
||||
break { success: false, message: 'Could not find the given user' }
|
||||
end
|
||||
|
||||
if params[:name].blank?
|
||||
break { success: false, message: "No token name specified" }
|
||||
end
|
||||
|
||||
if params[:scopes].blank?
|
||||
break { success: false, message: "No token scopes specified" }
|
||||
end
|
||||
|
||||
invalid_scope = params[:scopes].find { |scope| VALID_PAT_SCOPES.exclude?(scope.to_sym) }
|
||||
|
||||
if invalid_scope
|
||||
valid_scopes = VALID_PAT_SCOPES.map(&:to_s).sort
|
||||
break { success: false, message: "Invalid scope: '#{invalid_scope}'. Valid scopes are: #{valid_scopes}" }
|
||||
end
|
||||
|
||||
begin
|
||||
expires_at = params[:expires_at].presence && Date.parse(params[:expires_at])
|
||||
rescue ArgumentError
|
||||
break { success: false, message: "Invalid token expiry date: '#{params[:expires_at]}'" }
|
||||
end
|
||||
|
||||
access_token = nil
|
||||
|
||||
::Users::UpdateService.new(current_user, user: user).execute! do |user|
|
||||
access_token = user.personal_access_tokens.create!(
|
||||
name: params[:name], scopes: params[:scopes], expires_at: expires_at
|
||||
)
|
||||
end
|
||||
|
||||
{ success: true, token: access_token.token, scopes: access_token.scopes, expires_at: access_token.expires_at }
|
||||
end
|
||||
|
||||
post '/pre_receive' do
|
||||
status 200
|
||||
|
||||
|
|
|
@ -47,6 +47,10 @@ module ExtractsRef
|
|||
if id =~ /^(\h{40})(.+)/
|
||||
# If the ref appears to be a SHA, we're done, just split the string
|
||||
pair = $~.captures
|
||||
elsif id.exclude?('/')
|
||||
# If the ID contains no slash, we must have a ref and no path, so
|
||||
# we can skip the Redis calls below
|
||||
pair = [id, '']
|
||||
else
|
||||
# Otherwise, attempt to detect the ref using a list of the repository_container's
|
||||
# branches and tags
|
||||
|
@ -71,12 +75,10 @@ module ExtractsRef
|
|||
end
|
||||
end
|
||||
|
||||
pair[0] = pair[0].strip
|
||||
|
||||
# Remove ending slashes from path
|
||||
pair[1].gsub!(%r{^/|/$}, '')
|
||||
|
||||
pair
|
||||
[
|
||||
pair[0].strip,
|
||||
pair[1].gsub(%r{^/|/$}, '') # Remove leading and trailing slashes from path
|
||||
]
|
||||
end
|
||||
|
||||
# Assigns common instance variables for views working with Git tree-ish objects
|
||||
|
|
|
@ -7,7 +7,6 @@ module Gitlab
|
|||
ERROR_MESSAGE = 'LFS objects are missing. Ensure LFS is properly set up or try a manual "git lfs push --all".'
|
||||
|
||||
def validate!
|
||||
return unless Feature.enabled?(:lfs_check, default_enabled: true)
|
||||
return unless project.lfs_enabled?
|
||||
return if skip_lfs_integrity_check
|
||||
|
||||
|
|
|
@ -29,7 +29,7 @@ module Gitlab
|
|||
return if cache.exist?(key)
|
||||
return unless stats
|
||||
|
||||
cache.write(key, stats.as_json, expires_in: EXPIRATION)
|
||||
cache.write(key, stats.map(&:to_h).as_json, expires_in: EXPIRATION)
|
||||
clear_memoization(:cached_values)
|
||||
end
|
||||
|
||||
|
|
|
@ -7,7 +7,7 @@ module SystemCheck
|
|||
set_check_pass -> { "yes (#{self.current_version})" }
|
||||
|
||||
def self.required_version
|
||||
@required_version ||= Gitlab::VersionInfo.parse('2.22.0')
|
||||
@required_version ||= Gitlab::VersionInfo.parse('2.28.0')
|
||||
end
|
||||
|
||||
def self.current_version
|
||||
|
|
|
@ -7548,12 +7548,21 @@ msgstr ""
|
|||
msgid "DastProfiles|Could not create the site profile. Please try again."
|
||||
msgstr ""
|
||||
|
||||
msgid "DastProfiles|Could not update the site profile. Please try again."
|
||||
msgstr ""
|
||||
|
||||
msgid "DastProfiles|Do you want to discard this site profile?"
|
||||
msgstr ""
|
||||
|
||||
msgid "DastProfiles|Do you want to discard your changes?"
|
||||
msgstr ""
|
||||
|
||||
msgid "DastProfiles|Edit feature will come soon. Please create a new profile if changes needed"
|
||||
msgstr ""
|
||||
|
||||
msgid "DastProfiles|Edit site profile"
|
||||
msgstr ""
|
||||
|
||||
msgid "DastProfiles|Error fetching the profiles list. Please check your network connection and try again."
|
||||
msgstr ""
|
||||
|
||||
|
|
|
@ -20,6 +20,7 @@ module QA
|
|||
element :environments_dropdown
|
||||
element :edit_dashboard_button
|
||||
element :range_picker_dropdown
|
||||
element :actions_menu_dropdown
|
||||
end
|
||||
|
||||
view 'app/assets/javascripts/monitoring/components/duplicate_dashboard_form.vue' do
|
||||
|
@ -60,8 +61,8 @@ module QA
|
|||
end
|
||||
|
||||
def duplicate_dashboard(save_as = 'test_duplication.yml', commit_option = 'Commit to master branch')
|
||||
click_element :dashboards_filter_dropdown
|
||||
click_on 'Duplicate dashboard'
|
||||
click_element :actions_menu_dropdown
|
||||
click_on 'Duplicate current dashboard'
|
||||
fill_element :duplicate_dashboard_filename_field, "#{SecureRandom.hex(8)}-#{save_as}"
|
||||
choose commit_option
|
||||
within('.modal-content') { click_button(class: 'btn-success') }
|
||||
|
|
|
@ -23,7 +23,7 @@ module QA
|
|||
end
|
||||
|
||||
def fill_variable(key, value, masked)
|
||||
fill_element :ci_variable_key_field, key
|
||||
within_element(:ci_variable_key_field) { find('input').set key }
|
||||
fill_element :ci_variable_value_field, value
|
||||
click_ci_variable_save_button
|
||||
end
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
# frozen_string_literal: true
|
||||
|
||||
module QA
|
||||
RSpec.describe 'Verify', quarantine: { issue: 'https://gitlab.com/gitlab-org/gitlab/-/issues/229724', type: :investigating } do
|
||||
RSpec.describe 'Verify' do
|
||||
describe 'Add or Remove CI variable via UI', :smoke do
|
||||
let!(:project) do
|
||||
Resource::Project.fabricate_via_api! do |project|
|
||||
|
|
|
@ -22,7 +22,7 @@ RSpec.describe 'Projects > Show > User manages notifications', :js do
|
|||
|
||||
click_notifications_button
|
||||
expect(find('.update-notification.is-active')).to have_content('On mention')
|
||||
expect(find('.notifications-icon use')[:'xlink:href']).to end_with('#notifications')
|
||||
expect(page).to have_css('.notifications-icon[data-testid="notifications-icon"]')
|
||||
end
|
||||
|
||||
it 'changes the notification setting to disabled' do
|
||||
|
@ -32,7 +32,7 @@ RSpec.describe 'Projects > Show > User manages notifications', :js do
|
|||
|
||||
wait_for_requests
|
||||
|
||||
expect(find('.notifications-icon use')[:'xlink:href']).to end_with('#notifications-off')
|
||||
expect(page).to have_css('.notifications-icon[data-testid="notifications-off-icon"]')
|
||||
end
|
||||
|
||||
context 'custom notification settings' do
|
||||
|
|
|
@ -34,7 +34,7 @@ export const utilsMockData = [
|
|||
content: [
|
||||
{
|
||||
text:
|
||||
'Using Docker executor with image dev.gitlab.org:5005/gitlab/gitlab-build-images:ruby-2.6.6-golang-1.14-git-2.27-lfs-2.9-chrome-83-node-12.x-yarn-1.21-postgresql-11-graphicsmagick-1.3.34',
|
||||
'Using Docker executor with image dev.gitlab.org:5005/gitlab/gitlab-build-images:ruby-2.6.6-golang-1.14-git-2.28-lfs-2.9-chrome-84-node-12.x-yarn-1.21-postgresql-11-graphicsmagick-1.3.34',
|
||||
},
|
||||
],
|
||||
section: 'prepare-executor',
|
||||
|
|
|
@ -147,7 +147,7 @@ RSpec.describe Mutations::Commits::Create do
|
|||
|
||||
it 'returns errors' do
|
||||
expect(mutated_commit).to be_nil
|
||||
expect(subject[:errors]).to eq(['3:UserCommitFiles: empty CommitMessage'])
|
||||
expect(subject[:errors].to_s).to match(/3:UserCommitFiles: empty CommitMessage/)
|
||||
end
|
||||
end
|
||||
|
||||
|
|
|
@ -27,18 +27,6 @@ RSpec.describe Gitlab::Checks::LfsCheck do
|
|||
allow(project).to receive(:lfs_enabled?).and_return(true)
|
||||
end
|
||||
|
||||
context 'with lfs_check feature disabled' do
|
||||
before do
|
||||
stub_feature_flags(lfs_check: false)
|
||||
end
|
||||
|
||||
it 'skips integrity check' do
|
||||
expect_any_instance_of(Gitlab::Git::LfsChanges).not_to receive(:new_pointers)
|
||||
|
||||
subject.validate!
|
||||
end
|
||||
end
|
||||
|
||||
context 'deletion' do
|
||||
let(:changes) { { oldrev: oldrev, ref: ref } }
|
||||
|
||||
|
|
|
@ -9,6 +9,7 @@ RSpec.describe Gitlab::Diff::StatsCache, :use_clean_rails_memory_store_caching d
|
|||
let(:cachable_key) { 'cachecachecache' }
|
||||
let(:stat) { Gitaly::DiffStats.new(path: 'temp', additions: 10, deletions: 15) }
|
||||
let(:stats) { Gitlab::Git::DiffStatsCollection.new([stat]) }
|
||||
let(:serialized_stats) { stats.map(&:to_h).as_json }
|
||||
let(:cache) { Rails.cache }
|
||||
|
||||
describe '#read' do
|
||||
|
@ -38,7 +39,7 @@ RSpec.describe Gitlab::Diff::StatsCache, :use_clean_rails_memory_store_caching d
|
|||
it 'writes the stats' do
|
||||
expect(cache)
|
||||
.to receive(:write)
|
||||
.with(key, stats.as_json, expires_in: described_class::EXPIRATION)
|
||||
.with(key, serialized_stats, expires_in: described_class::EXPIRATION)
|
||||
.and_call_original
|
||||
|
||||
stats_cache.write_if_empty(stats)
|
||||
|
@ -53,7 +54,7 @@ RSpec.describe Gitlab::Diff::StatsCache, :use_clean_rails_memory_store_caching d
|
|||
it 'writes the stats' do
|
||||
expect(cache)
|
||||
.to receive(:write)
|
||||
.with(key, stats.as_json, expires_in: described_class::EXPIRATION)
|
||||
.with(key, serialized_stats, expires_in: described_class::EXPIRATION)
|
||||
.and_call_original
|
||||
|
||||
stats_cache.write_if_empty(stats)
|
||||
|
|
|
@ -9,6 +9,7 @@ RSpec.describe ::Packages::Detail::PackagePresenter do
|
|||
let(:presenter) { described_class.new(package) }
|
||||
|
||||
let_it_be(:user_info) { { name: user.name, avatar_url: user.avatar_url } }
|
||||
|
||||
let!(:expected_package_files) do
|
||||
package.package_files.map do |file|
|
||||
{
|
||||
|
@ -19,6 +20,7 @@ RSpec.describe ::Packages::Detail::PackagePresenter do
|
|||
}
|
||||
end
|
||||
end
|
||||
|
||||
let(:pipeline_info) do
|
||||
pipeline = package.build_info.pipeline
|
||||
{
|
||||
|
@ -30,11 +32,15 @@ RSpec.describe ::Packages::Detail::PackagePresenter do
|
|||
user: user_info,
|
||||
project: {
|
||||
name: pipeline.project.name,
|
||||
web_url: pipeline.project.web_url
|
||||
web_url: pipeline.project.web_url,
|
||||
pipeline_url: include("pipelines/#{pipeline.id}"),
|
||||
commit_url: include("commit/#{pipeline.sha}")
|
||||
}
|
||||
}
|
||||
end
|
||||
|
||||
let!(:dependency_links) { [] }
|
||||
|
||||
let!(:expected_package_details) do
|
||||
{
|
||||
id: package.id,
|
||||
|
@ -56,7 +62,7 @@ RSpec.describe ::Packages::Detail::PackagePresenter do
|
|||
let(:expected_package_details) { super().merge(pipeline: pipeline_info) }
|
||||
|
||||
it 'returns details with pipeline' do
|
||||
expect(presenter.detail_view).to eq expected_package_details
|
||||
expect(presenter.detail_view).to match expected_package_details
|
||||
end
|
||||
end
|
||||
|
||||
|
@ -91,6 +97,7 @@ RSpec.describe ::Packages::Detail::PackagePresenter do
|
|||
let_it_be(:package) { create(:nuget_package, project: project) }
|
||||
let_it_be(:dependency_link) { create(:packages_dependency_link, package: package) }
|
||||
let_it_be(:nuget_dependency) { create(:nuget_dependency_link_metadatum, dependency_link: dependency_link) }
|
||||
|
||||
let_it_be(:expected_link) do
|
||||
{
|
||||
name: dependency_link.dependency.name,
|
||||
|
@ -98,6 +105,7 @@ RSpec.describe ::Packages::Detail::PackagePresenter do
|
|||
target_framework: nuget_dependency.target_framework
|
||||
}
|
||||
end
|
||||
|
||||
let_it_be(:dependency_links) { [expected_link] }
|
||||
|
||||
it 'returns the correct dependency link' do
|
||||
|
|
|
@ -120,6 +120,138 @@ RSpec.describe API::Internal::Base do
|
|||
end
|
||||
end
|
||||
|
||||
describe 'POST /internal/personal_access_token' do
|
||||
it 'returns an error message when the key does not exist' do
|
||||
post api('/internal/personal_access_token'),
|
||||
params: {
|
||||
secret_token: secret_token,
|
||||
key_id: non_existing_record_id
|
||||
}
|
||||
|
||||
expect(json_response['success']).to be_falsey
|
||||
expect(json_response['message']).to eq('Could not find the given key')
|
||||
end
|
||||
|
||||
it 'returns an error message when the key is a deploy key' do
|
||||
deploy_key = create(:deploy_key)
|
||||
|
||||
post api('/internal/personal_access_token'),
|
||||
params: {
|
||||
secret_token: secret_token,
|
||||
key_id: deploy_key.id
|
||||
}
|
||||
|
||||
expect(json_response['success']).to be_falsey
|
||||
expect(json_response['message']).to eq('Deploy keys cannot be used to create personal access tokens')
|
||||
end
|
||||
|
||||
it 'returns an error message when the user does not exist' do
|
||||
key_without_user = create(:key, user: nil)
|
||||
|
||||
post api('/internal/personal_access_token'),
|
||||
params: {
|
||||
secret_token: secret_token,
|
||||
key_id: key_without_user.id
|
||||
}
|
||||
|
||||
expect(json_response['success']).to be_falsey
|
||||
expect(json_response['message']).to eq('Could not find a user for the given key')
|
||||
expect(json_response['token']).to be_nil
|
||||
end
|
||||
|
||||
it 'returns an error message when given an non existent user' do
|
||||
post api('/internal/personal_access_token'),
|
||||
params: {
|
||||
secret_token: secret_token,
|
||||
user_id: 0
|
||||
}
|
||||
|
||||
expect(json_response['success']).to be_falsey
|
||||
expect(json_response['message']).to eq("Could not find the given user")
|
||||
end
|
||||
|
||||
it 'returns an error message when no name parameter is received' do
|
||||
post api('/internal/personal_access_token'),
|
||||
params: {
|
||||
secret_token: secret_token,
|
||||
key_id: key.id
|
||||
}
|
||||
|
||||
expect(json_response['success']).to be_falsey
|
||||
expect(json_response['message']).to eq("No token name specified")
|
||||
end
|
||||
|
||||
it 'returns an error message when no scopes parameter is received' do
|
||||
post api('/internal/personal_access_token'),
|
||||
params: {
|
||||
secret_token: secret_token,
|
||||
key_id: key.id,
|
||||
name: 'newtoken'
|
||||
}
|
||||
|
||||
expect(json_response['success']).to be_falsey
|
||||
expect(json_response['message']).to eq("No token scopes specified")
|
||||
end
|
||||
|
||||
it 'returns an error message when expires_at contains an invalid date' do
|
||||
post api('/internal/personal_access_token'),
|
||||
params: {
|
||||
secret_token: secret_token,
|
||||
key_id: key.id,
|
||||
name: 'newtoken',
|
||||
scopes: ['api'],
|
||||
expires_at: 'invalid-date'
|
||||
}
|
||||
|
||||
expect(json_response['success']).to be_falsey
|
||||
expect(json_response['message']).to eq("Invalid token expiry date: 'invalid-date'")
|
||||
end
|
||||
|
||||
it 'returns an error message when it receives an invalid scope' do
|
||||
post api('/internal/personal_access_token'),
|
||||
params: {
|
||||
secret_token: secret_token,
|
||||
key_id: key.id,
|
||||
name: 'newtoken',
|
||||
scopes: %w(read_api badscope read_repository)
|
||||
}
|
||||
|
||||
expect(json_response['success']).to be_falsey
|
||||
expect(json_response['message']).to match(/\AInvalid scope: 'badscope'. Valid scopes are: /)
|
||||
end
|
||||
|
||||
it 'returns a token without expiry when the expires_at parameter is missing' do
|
||||
post api('/internal/personal_access_token'),
|
||||
params: {
|
||||
secret_token: secret_token,
|
||||
key_id: key.id,
|
||||
name: 'newtoken',
|
||||
scopes: %w(read_api read_repository)
|
||||
}
|
||||
|
||||
expect(json_response['success']).to be_truthy
|
||||
expect(json_response['token']).to match(/\A\S{20}\z/)
|
||||
expect(json_response['scopes']).to match_array(%w(read_api read_repository))
|
||||
expect(json_response['expires_at']).to be_nil
|
||||
end
|
||||
|
||||
it 'returns a token with expiry when it receives a valid expires_at parameter' do
|
||||
post api('/internal/personal_access_token'),
|
||||
params: {
|
||||
secret_token: secret_token,
|
||||
key_id: key.id,
|
||||
name: 'newtoken',
|
||||
scopes: %w(read_api read_repository),
|
||||
expires_at: '9001-11-17'
|
||||
}
|
||||
|
||||
expect(json_response['success']).to be_truthy
|
||||
expect(json_response['token']).to match(/\A\S{20}\z/)
|
||||
expect(json_response['scopes']).to match_array(%w(read_api read_repository))
|
||||
expect(json_response['expires_at']).to eq('9001-11-17')
|
||||
end
|
||||
end
|
||||
|
||||
describe "POST /internal/lfs_authenticate" do
|
||||
before do
|
||||
project.add_developer(user)
|
||||
|
|
|
@ -88,9 +88,16 @@ RSpec.shared_examples 'extracts refs' do
|
|||
expect(extract_ref('stable')).to eq(['stable', ''])
|
||||
end
|
||||
|
||||
it 'extracts the longest matching ref' do
|
||||
expect(extract_ref('release/app/v1.0.0/README.md')).to eq(
|
||||
['release/app/v1.0.0', 'README.md'])
|
||||
it 'does not fetch ref names when there is no slash' do
|
||||
expect(self).not_to receive(:ref_names)
|
||||
|
||||
extract_ref('master')
|
||||
end
|
||||
|
||||
it 'fetches ref names when there is a slash' do
|
||||
expect(self).to receive(:ref_names).and_call_original
|
||||
|
||||
extract_ref('release/app/v1.0.0')
|
||||
end
|
||||
end
|
||||
|
||||
|
@ -113,6 +120,11 @@ RSpec.shared_examples 'extracts refs' do
|
|||
it 'falls back to a primitive split for an invalid ref' do
|
||||
expect(extract_ref('stable/CHANGELOG')).to eq(%w(stable CHANGELOG))
|
||||
end
|
||||
|
||||
it 'extracts the longest matching ref' do
|
||||
expect(extract_ref('release/app/v1.0.0/README.md')).to eq(
|
||||
['release/app/v1.0.0', 'README.md'])
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
Loading…
Reference in New Issue