root
/
gitlab-ce
mirror of https://gitlab.com/free-releases/gitlab-ce.git
1
0
Fork 0
Code Issues Actions Packages Projects Releases Wiki Activity

Add latest changes from gitlab-org/gitlab@master

This commit is contained in:
GitLab Bot 2021-11-15 06:10:30 +00:00
parent cf77519fac
commit 0702e2171f
21 changed files with 202 additions and 74 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
GITLAB_PAGES_VERSION
View File

@ -1 +1 @@
1.47.0
1.48.0

7
app/assets/javascripts/issues_list/components/new_issue_dropdown.vue
View File

@ -71,8 +71,11 @@ export default {
hasSelectedProject() {
return this.selectedProject.id;
},
projectsWithIssuesEnabled() {
return this.projects.filter((project) => project.issuesEnabled);
},
showNoSearchResultsText() {
return !this.projects.length && this.search;
return !this.projectsWithIssuesEnabled.length && this.search;
},
},
methods: {
@ -110,7 +113,7 @@ export default {
<gl-loading-icon v-if="$apollo.queries.projects.loading" />
<template v-else>
<gl-dropdown-item
v-for="project of projects"
v-for="project of projectsWithIssuesEnabled"
:key="project.id"
@click="selectProject(project)"
>

1
app/assets/javascripts/issues_list/queries/search_projects.query.graphql
View File

@ -3,6 +3,7 @@ query searchProjects($fullPath: ID!, $search: String) {
projects(search: $search, includeSubgroups: true) {
nodes {
id
issuesEnabled
name
nameWithNamespace
webUrl

2
app/controllers/profiles_controller.rb
View File

@ -63,7 +63,7 @@ class ProfilesController < Profiles::ApplicationController
# rubocop: disable CodeReuse/ActiveRecord
def audit_log
@events = AuditEvent.where(entity_type: "User", entity_id: current_user.id)
@events = AuthenticationEvent.where(user: current_user)
.order("created_at DESC")
.page(params[:page])

11
app/views/profiles/_event_table.html.haml
View File

@ -3,10 +3,11 @@
%ul.content-list
- events.each do |event|
%li
%span.description
= audit_icon(event.details[:with], css_class: 'gl-mr-2')
= _('Signed in with %{authentication} authentication') % { authentication: event.details[:with]}
%span.float-right= time_ago_with_tooltip(event.created_at)
- if event.success?
%li
%span.description
= audit_icon('key', css_class: 'gl-mr-2')
= _('Signed in with %{authentication} authentication') % { authentication: event.provider }
%span.float-right= time_ago_with_tooltip(event.created_at)
= paginate events, theme: "gitlab"

2
app/views/profiles/audit_log.html.haml
View File

@ -6,6 +6,6 @@
%h4.gl-mt-0
= page_title
%p
= _('This is a security log of important events involving your account.')
= _('This is a security log of authentication events involving your account.')
.col-lg-8
= render 'event_table', events: @events

2
app/views/shared/deploy_tokens/_form.html.haml
View File

@ -36,7 +36,7 @@
.text-secondary= s_('DeployTokens|Allows read-only access to registry images.')
%fieldset.form-group.form-check
= f.check_box :write_registry, class: 'form-check-input'
= f.check_box :write_registry, class: 'form-check-input', data: { qa_selector: 'deploy_token_write_registry_checkbox' }
= f.label :write_registry, 'write_registry', class: 'label-bold form-check-label'
.text-secondary= s_('DeployTokens|Allows read and write access to registry images.')

2
doc/user/project/settings/index.md
View File

@ -258,7 +258,7 @@ Use the switches to enable or disable the following features:
| **Wiki** | ✓ | Enables a separate system for [documentation](../wiki/). |
| **Snippets** | ✓ | Enables [sharing of code and text](../../snippets.md). |
| **Pages** | ✓ | Allows you to [publish static websites](../pages/). |
| **Operations** | ✓ | Control access to [operations dashboard](../../../operations/index.md). |
| **Operations** | ✓ | Control access to Operations-related features, including [Operations Dashboard](../../../operations/index.md), [Environments and Deployments](../../../ci/environments/index.md), [Feature Flags](../../../operations/feature_flags.md). |
| **Metrics Dashboard** | ✓ | Control access to [metrics dashboard](../integrations/prometheus.md). |
Some features depend on others:

2
locale/gitlab.pot
View File

@ -35286,7 +35286,7 @@ msgstr ""
msgid "This is a private email address %{helpIcon} generated just for you. Anyone who has it can create issues or merge requests as if they were you. If that happens, %{resetLinkStart}reset this token%{resetLinkEnd}."
msgstr ""
msgid "This is a security log of important events involving your account."
msgid "This is a security log of authentication events involving your account."
msgstr ""
msgid "This is a self-managed instance of GitLab."

12
qa/qa/page/project/settings/deploy_tokens.rb
View File

@ -12,6 +12,7 @@ module QA
element :deploy_token_read_package_registry_checkbox
element :deploy_token_write_package_registry_checkbox
element :deploy_token_read_registry_checkbox
element :deploy_token_write_registry_checkbox
element :create_deploy_token_button
end
@ -29,11 +30,12 @@ module QA
fill_element(:deploy_token_expires_at_field, expires_at.to_s + "\n")
end
def fill_scopes(read_repository: false, read_registry: false, read_package_registry: false, write_package_registry: false)
check_element(:deploy_token_read_repository_checkbox) if read_repository
check_element(:deploy_token_read_package_registry_checkbox) if read_package_registry
check_element(:deploy_token_write_package_registry_checkbox) if write_package_registry
check_element(:deploy_token_read_registry_checkbox) if read_registry
def fill_scopes(scopes)
check_element(:deploy_token_read_repository_checkbox) if scopes.include? :read_repository
check_element(:deploy_token_read_package_registry_checkbox) if scopes.include? :read_package_registry
check_element(:deploy_token_write_package_registry_checkbox) if scopes.include? :write_package_registry
check_element(:deploy_token_read_registry_checkbox) if scopes.include? :read_registry
check_element(:deploy_token_write_registry_checkbox) if scopes.include? :write_registry
end
def add_token

3
qa/qa/resource/deploy_token.rb
View File

@ -4,6 +4,7 @@ module QA
module Resource
class DeployToken < Base
attr_accessor :name, :expires_at
attr_writer :scopes
attribute :username do
Page::Project::Settings::Repository.perform do |repository_page|
@ -37,7 +38,7 @@ module QA
setting.expand_deploy_tokens do |page|
page.fill_token_name(name)
page.fill_token_expires_at(expires_at)
page.fill_scopes(read_repository: true, read_package_registry: true, write_package_registry: true)
page.fill_scopes(@scopes)
page.add_token
end

152
qa/qa/specs/features/browser_ui/5_package/container_registry/container_registry_omnibus_spec.rb
View File

@ -3,10 +3,27 @@
module QA
RSpec.describe 'Package', :orchestrated, only: { pipeline: :main } do
describe 'Self-managed Container Registry' do
using RSpec::Parameterized::TableSyntax
let(:project) do
Resource::Project.fabricate_via_api! do |project|
project.name = 'project-with-registry'
project.template_name = 'express'
project.visibility = :private
end
end
let(:project_deploy_token) do
Resource::DeployToken.fabricate_via_browser_ui! do |deploy_token|
deploy_token.name = 'registry-deploy-token'
deploy_token.project = project
deploy_token.scopes = [
:read_repository,
:read_package_registry,
:write_package_registry,
:read_registry,
:write_registry
]
end
end
@ -19,6 +36,8 @@ module QA
end
end
let(:personal_access_token) { Runtime::Env.personal_access_token }
before do
Flow::Login.sign_in
project.visit!
@ -26,68 +45,92 @@ module QA
after do
runner.remove_via_api!
project.remove_via_api!
end
context 'when tls is enabled' do
it "pushes image and deletes tag", :registry_tls, testcase: 'https://gitlab.com/gitlab-org/quality/testcases/-/quality/test_cases/1911' do
Resource::Repository::Commit.fabricate_via_api! do |commit|
commit.project = project
commit.commit_message = 'Add .gitlab-ci.yml'
commit.add_files([{
file_path: '.gitlab-ci.yml',
content:
<<~YAML
build:
image: docker:19.03.12
stage: build
services:
- name: docker:19.03.12-dind
command:
- /bin/sh
- -c
- |
apk add --no-cache openssl
true | openssl s_client -showcerts -connect gitlab.test:5050 > /usr/local/share/ca-certificates/gitlab.test.crt
update-ca-certificates
dockerd-entrypoint.sh || exit
variables:
IMAGE_TAG: $CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG
script:
- docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD gitlab.test:5050
- docker build -t $IMAGE_TAG .
- docker push $IMAGE_TAG
tags:
- "runner-for-#{project.name}"
YAML
}])
where(:authentication_token_type, :token_name) do
:personal_access_token | 'Personal Access Token'
:project_deploy_token | 'Deploy Token'
:ci_job_token | 'Job Token'
end
with_them do
let(:auth_token) do
case authentication_token_type
when :personal_access_token
"\"#{personal_access_token}\""
when :project_deploy_token
"\"#{project_deploy_token.password}\""
when :ci_job_token
'$CI_JOB_TOKEN'
end
end
Flow::Pipeline.visit_latest_pipeline
Page::Project::Pipeline::Show.perform do |pipeline|
pipeline.click_job('build')
let(:auth_user) do
case authentication_token_type
when :personal_access_token
"$CI_REGISTRY_USER"
when :project_deploy_token
"\"#{project_deploy_token.username}\""
when :ci_job_token
'gitlab-ci-token'
end
end
Page::Project::Job::Show.perform do |job|
expect(job).to be_successful(timeout: 800)
end
context "when tls is disabled" do
it "using a #{params[:token_name]}, pushes image and deletes tag", :registry do
Resource::Repository::Commit.fabricate_via_api! do |commit|
commit.project = project
commit.commit_message = 'Add .gitlab-ci.yml'
commit.add_files([{
file_path: '.gitlab-ci.yml',
content:
<<~YAML
build:
image: docker:19.03.12
stage: build
services:
- name: docker:19.03.12-dind
command: ["--insecure-registry=gitlab.test:5050"]
variables:
IMAGE_TAG: $CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG
script:
- docker login -u #{auth_user} -p #{auth_token} gitlab.test:5050
- docker build -t $IMAGE_TAG .
- docker push $IMAGE_TAG
tags:
- "runner-for-#{project.name}"
YAML
}])
end
Page::Project::Menu.perform(&:go_to_container_registry)
Flow::Pipeline.visit_latest_pipeline
Page::Project::Registry::Show.perform do |registry|
expect(registry).to have_registry_repository(project.path_with_namespace)
Page::Project::Pipeline::Show.perform do |pipeline|
pipeline.click_job('build')
end
registry.click_on_image(project.path_with_namespace)
expect(registry).to have_tag('master')
Page::Project::Job::Show.perform do |job|
expect(job).to be_successful(timeout: 800)
end
registry.click_delete
expect(registry).not_to have_tag('master')
Page::Project::Menu.perform(&:go_to_container_registry)
Page::Project::Registry::Show.perform do |registry|
expect(registry).to have_registry_repository(project.path_with_namespace)
registry.click_on_image(project.path_with_namespace)
expect(registry).to have_tag('master')
registry.click_delete
expect(registry).not_to have_tag('master')
end
end
end
end
context "when tls is disabled" do
it "pushes image and deletes tag", :registry, testcase: 'https://gitlab.com/gitlab-org/quality/testcases/-/quality/test_cases/2378' do
context "when tls is enabled" do
it "pushes image and deletes tag", :registry_tls, testcase: 'https://gitlab.com/gitlab-org/quality/testcases/-/quality/test_cases/2378' do
Resource::Repository::Commit.fabricate_via_api! do |commit|
commit.project = project
commit.commit_message = 'Add .gitlab-ci.yml'
@ -100,7 +143,14 @@ module QA
stage: build
services:
- name: docker:19.03.12-dind
command: ["--insecure-registry=gitlab.test:5050"]
command:
- /bin/sh
- -c
- |
apk add --no-cache openssl
true | openssl s_client -showcerts -connect gitlab.test:5050 > /usr/local/share/ca-certificates/gitlab.test.crt
update-ca-certificates
dockerd-entrypoint.sh || exit
variables:
IMAGE_TAG: $CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG
script:
@ -119,8 +169,8 @@ module QA
pipeline.click_job('build')
end
Page::Project::Job::Show.perform do |job|
expect(job).to be_successful(timeout: 800)
Support::Retrier.retry_until(max_duration: 800, sleep_interval: 10) do
project.pipelines.last[:status] == 'success'
end
Page::Project::Menu.perform(&:go_to_container_registry)

5
qa/qa/specs/features/browser_ui/5_package/package_registry/npm/npm_instance_level_spec.rb
View File

@ -19,6 +19,11 @@ module QA
Resource::DeployToken.fabricate_via_browser_ui! do |deploy_token|
deploy_token.name = 'npm-deploy-token'
deploy_token.project = project
deploy_token.scopes = [
:read_repository,
:read_package_registry,
:write_package_registry
]
end
end

5
qa/qa/specs/features/browser_ui/5_package/package_registry/npm/npm_project_level_spec.rb
View File

@ -19,6 +19,11 @@ module QA
Resource::DeployToken.fabricate_via_browser_ui! do |deploy_token|
deploy_token.name = 'npm-deploy-token'
deploy_token.project = project
deploy_token.scopes = [
:read_repository,
:read_package_registry,
:write_package_registry
]
end
end

1
qa/qa/specs/features/browser_ui/6_release/deploy_token/add_deploy_token_spec.rb
View File

@ -12,6 +12,7 @@ module QA
deploy_token = Resource::DeployToken.fabricate_via_browser_ui! do |resource|
resource.name = deploy_token_name
resource.expires_at = one_week_from_now
resource.scopes = [:read_repository]
end
expect(deploy_token.username.length).to be > 0

5
qa/spec/support/shared_contexts/packages_registry_shared_context.rb
View File

@ -45,6 +45,11 @@ module QA
Resource::DeployToken.fabricate_via_browser_ui! do |deploy_token|
deploy_token.name = 'package-deploy-token'
deploy_token.project = package_project
deploy_token.scopes = [
:read_repository,
:read_package_registry,
:write_package_registry
]
end
end

10
spec/controllers/profiles_controller_spec.rb
View File

@ -125,6 +125,8 @@ RSpec.describe ProfilesController, :request_store do
end
describe 'GET audit_log' do
let(:auth_event) { create(:authentication_event, user: user) }
it 'tracks search event', :snowplow do
sign_in(user)
@ -136,6 +138,14 @@ RSpec.describe ProfilesController, :request_store do
user: user
)
end
it 'loads page correctly' do
sign_in(user)
get :audit_log
expect(response).to have_gitlab_http_status(:success)
end
end
describe 'PUT update_username' do

8
spec/factories/authentication_event.rb
View File

@ -7,5 +7,13 @@ FactoryBot.define do
user_name { 'Jane Doe' }
ip_address { '127.0.0.1' }
result { :failed }
trait :successful do
result { :success }
end
trait :failed do
result { :failed }
end
end
end

6
spec/frontend/issues_list/components/new_issue_dropdown_spec.js
View File

@ -8,7 +8,7 @@ import { DASH_SCOPE, joinPaths } from '~/lib/utils/url_utility';
import {
emptySearchProjectsQueryResponse,
project1,
project2,
project3,
searchProjectsQueryResponse,
} from '../mock_data';
@ -72,7 +72,7 @@ describe('NewIssueDropdown component', () => {
expect(inputSpy).toHaveBeenCalledTimes(1);
});
it('renders expected dropdown items', async () => {
it('renders projects with issues enabled', async () => {
wrapper = mountComponent({ mountFn: mount });
await showDropdown();
@ -80,7 +80,7 @@ describe('NewIssueDropdown component', () => {
const listItems = wrapper.findAll('li');
expect(listItems.at(0).text()).toBe(project1.nameWithNamespace);
expect(listItems.at(1).text()).toBe(project2.nameWithNamespace);
expect(listItems.at(1).text()).toBe(project3.nameWithNamespace);
});
it('renders `No matches found` when there are no matches', async () => {

12
spec/frontend/issues_list/mock_data.js
View File

@ -262,6 +262,7 @@ export const urlParamsWithSpecialValues = {
export const project1 = {
id: 'gid://gitlab/Group/26',
issuesEnabled: true,
name: 'Super Mario Project',
nameWithNamespace: 'Mushroom Kingdom / Super Mario Project',
webUrl: 'https://127.0.0.1:3000/mushroom-kingdom/super-mario-project',
@ -269,16 +270,25 @@ export const project1 = {
export const project2 = {
id: 'gid://gitlab/Group/59',
issuesEnabled: false,
name: 'Mario Kart Project',
nameWithNamespace: 'Mushroom Kingdom / Mario Kart Project',
webUrl: 'https://127.0.0.1:3000/mushroom-kingdom/mario-kart-project',
};
export const project3 = {
id: 'gid://gitlab/Group/103',
issuesEnabled: true,
name: 'Mario Party Project',
nameWithNamespace: 'Mushroom Kingdom / Mario Party Project',
webUrl: 'https://127.0.0.1:3000/mushroom-kingdom/mario-party-project',
};
export const searchProjectsQueryResponse = {
data: {
group: {
projects: {
nodes: [project1, project2],
nodes: [project1, project2, project3],
},
},
},

26
spec/views/profiles/audit_log.html.haml_spec.rb Normal file
View File

@ -0,0 +1,26 @@
# frozen_string_literal: true
require 'spec_helper'
RSpec.describe 'profiles/audit_log' do
let(:user) { create(:user) }
before do
assign(:user, user)
assign(:events, AuthenticationEvent.all.page(params[:page]))
allow(controller).to receive(:current_user).and_return(user)
end
context 'when user has successful and failure events' do
before do
create(:authentication_event, :successful, user: user)
create(:authentication_event, :failed, user: user)
end
it 'only shows successful events' do
render
expect(rendered).to have_text('Signed in with standard authentication', count: 1)
end
end
end