bf89e06a45
Allow specifying protected branches using wildcards Closes #18627 # Tasks - [ ] #18627 !4665 Allow specifying protected branches using wildcards - [x] Find existing usages of protected branches - Protecting branches - `ProtectedBranchesController` is used to mark a branch protected/unprotected - `API::Branches` can be used to mark a branch protected/unprotected - Enforcing branch protection - `Gitlab::GitAccess` has helpers (`can_push_to_branch?`, `check`) that are used to deny pushes if a branch is protected - Over SSH: `gitlab-shell` receives a push, and calls `/allowed` on the GitLab API, which calls `GitAccess.check` - Over HTTP: - `gitlab-workhorse` receives the request, and forwards it to rails - Rails (in the `GitHttpController#git-recieve-pack`) runs basic checks (is the user logged in, not protected branch checks) and returns ok with `GL_ID` and `RepoPath` - `gitlab-workhorse` looks at the response, and calls the relevant `gitlab-shell` action from `git-http/handlePostRPC` - Rest of this flow is the same as the SSH flow above - [x] Implementation - [x] Backend - [x] Change `project#protected_branch?` to look at wildcard protected branches - [x] Change `project#developers_can_push_to_protected_branch?` - [x] Change `project#open_branches` - [x] Better error message when creating a disallowed branch from the Web UI - [x] Frontend - [x] Protected branches page should allow typing out a wildcard pattern - [x] Add help text explaining the use of wildcards - [x] Show matching branches for each protected branch - [x] ~~On the index page~~ - [x] On a show page - [x] Index? - [x] Can't have the "last commit" column for wildcard protected branches - [x] Fix / write tests - [x] What happens if a hook is missing in dev? - [x] Refactor - [x] Test workflows - Create a branch matching a wildcard pattern - Push to a branch matching a wildcard pattern - Force push to a branch matching a wildcard pattern - Delete a branch matching a wildcard pattern - [x] Test using Web UI - [x] Test over SSH - [x] Test over HTTP - [x] Test as developer and master - [x] Investigate performance - [x] Test with a large number of protected branches / branches - [x] Paginate list of protected branches - [x] ~~Possibly rewrite `open_branches`~~ - [x] Add `iid`s to existing `ProtectedBranch`es - [x] Add documentation - [x] Add CHANGELOG entry - [x] Add screenshots - [x] Make sure [build]( |
||
---|---|---|
.. | ||
environments | ||
initializers | ||
locales | ||
application.rb | ||
aws.yml.example | ||
boot.rb | ||
database.yml.env | ||
database.yml.mysql | ||
database.yml.postgresql | ||
dependency_decisions.yml | ||
environment.rb | ||
gitlab.teatro.yml | ||
gitlab.yml.example | ||
license_finder.yml | ||
mail_room.yml | ||
newrelic.yml | ||
resque.yml.example | ||
routes.rb | ||
secrets.yml.example | ||
sidekiq.yml.example | ||
unicorn.rb.example | ||
unicorn.rb.example.development |