root
/
gitlab-ce
mirror of https://gitlab.com/free-releases/gitlab-ce.git
1
0
Fork 0
Code Issues Actions Packages Projects Releases Wiki Activity

Add latest changes from gitlab-org/gitlab@master

This commit is contained in:
GitLab Bot 2022-05-06 21:08:35 +00:00
parent 2b6716fbb2
commit 1327c778c4
67 changed files with 189 additions and 232 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
app/assets/javascripts/merge_request.js
View File

@ -5,6 +5,7 @@ import createFlash from '~/flash';
import toast from '~/vue_shared/plugins/global_toast';
import { __ } from '~/locale';
import eventHub from '~/vue_merge_request_widget/event_hub';
import { loadingIconForLegacyJS } from '~/loading_icon_for_legacy_js';
import axios from './lib/utils/axios_utils';
import { addDelimiter } from './lib/utils/text_utility';
import { getParameterValues, setUrlParams } from './lib/utils/url_utility';
@ -72,8 +73,7 @@ MergeRequest.prototype.initMRBtnListeners = function () {
const wipEvent = getParameterValues('merge_request[wip_event]', url)[0];
const mobileDropdown = draftToggle.closest('.dropdown.show');
const loader = document.createElement('span');
loader.classList.add('gl-spinner', 'gl-mr-3');
const loader = loadingIconForLegacyJS({ inline: true, classes: ['gl-mr-3'] });
if (mobileDropdown) {
$(mobileDropdown.firstElementChild).dropdown('toggle');

18
app/assets/javascripts/packages_and_registries/dependency_proxy/app.vue
View File

@ -39,11 +39,8 @@ export default {
directives: {
GlModalDirective,
},
inject: ['groupPath', 'groupId', 'dependencyProxyAvailable', 'noManifestsIllustration'],
inject: ['groupPath', 'groupId', 'noManifestsIllustration'],
i18n: {
proxyNotAvailableText: s__(
'DependencyProxy|Dependency Proxy feature is limited to public groups for now.',
),
proxyImagePrefix: s__('DependencyProxy|Dependency Proxy image prefix'),
copyImagePrefixText: s__('DependencyProxy|Copy prefix'),
blobCountAndSize: s__('DependencyProxy|Contains %{count} blobs of images (%{size})'),
@ -77,9 +74,6 @@ export default {
apollo: {
group: {
query: getDependencyProxyDetailsQuery,
skip() {
return !this.dependencyProxyAvailable;
},
variables() {
return this.queryVariables;
},
@ -214,15 +208,7 @@ export default {
</template>
</gl-form-group>
<gl-alert
v-if="!dependencyProxyAvailable"
:dismissible="false"
data-testid="proxy-not-available"
>
{{ $options.i18n.proxyNotAvailableText }}
</gl-alert>
<gl-skeleton-loader v-else-if="$apollo.queries.group.loading" />
<gl-skeleton-loader v-if="$apollo.queries.group.loading" />
<div v-else data-testid="main-area">
<manifests-list

4
app/assets/javascripts/packages_and_registries/dependency_proxy/index.js
View File

@ -1,5 +1,4 @@
import Vue from 'vue';
import { parseBoolean } from '~/lib/utils/common_utils';
import app from '~/packages_and_registries/dependency_proxy/app.vue';
import { apolloProvider } from '~/packages_and_registries/dependency_proxy/graphql';
import Translate from '~/vue_shared/translate';
@ -11,12 +10,11 @@ export const initDependencyProxyApp = () => {
if (!el) {
return null;
}
const { dependencyProxyAvailable, ...dataset } = el.dataset;
const { ...dataset } = el.dataset;
return new Vue({
el,
apolloProvider,
provide: {
dependencyProxyAvailable: parseBoolean(dependencyProxyAvailable),
...dataset,
},
render(createElement) {

1
app/assets/javascripts/packages_and_registries/settings/group/bundle.js
View File

@ -21,7 +21,6 @@ export default () => {
groupPath: el.dataset.groupPath,
groupDependencyProxyPath: el.dataset.groupDependencyProxyPath,
defaultExpanded: parseBoolean(el.dataset.defaultExpanded),
dependencyProxyAvailable: parseBoolean(el.dataset.dependencyProxyAvailable),
},
render(createElement) {
return createElement(SettingsApp);

3
app/assets/javascripts/packages_and_registries/settings/group/components/group_settings_app.vue
View File

@ -13,7 +13,7 @@ export default {
PackagesSettings,
DependencyProxySettings,
},
inject: ['groupPath', 'dependencyProxyAvailable'],
inject: ['groupPath'],
apollo: {
group: {
query: getGroupPackagesSettingsQuery,
@ -83,7 +83,6 @@ export default {
/>
<dependency-proxy-settings
v-if="dependencyProxyAvailable"
:dependency-proxy-settings="dependencyProxySettings"
:dependency-proxy-image-ttl-policy="dependencyProxyImageTtlPolicy"
:is-loading="isLoading"

1
app/controllers/groups/dependency_proxies_controller.rb
View File

@ -8,6 +8,7 @@ module Groups
before_action :verify_dependency_proxy_enabled!
feature_category :dependency_proxy
urgency :low
private

6
app/controllers/groups/dependency_proxy/application_controller.rb
View File

@ -16,8 +16,6 @@ module Groups
prepend_before_action :authenticate_user_from_jwt_token!
def authenticate_user_from_jwt_token!
return unless dependency_proxy_for_private_groups?
authenticate_with_http_token do |token, _|
@authentication_result = EMPTY_AUTH_RESULT
@ -36,10 +34,6 @@ module Groups
private
def dependency_proxy_for_private_groups?
Feature.enabled?(:dependency_proxy_for_private_groups)
end
def request_bearer_token!
# unfortunately, we cannot use https://api.rubyonrails.org/classes/ActionController/HttpAuthentication/Token.html#method-i-authentication_request
response.headers['WWW-Authenticate'] = ::DependencyProxy::Registry.authenticate_header

1
app/controllers/groups/dependency_proxy_auth_controller.rb
View File

@ -2,6 +2,7 @@
class Groups::DependencyProxyAuthController < ::Groups::DependencyProxy::ApplicationController
feature_category :dependency_proxy
urgency :low
def authenticate
render plain: '', status: :ok

1
app/controllers/groups/dependency_proxy_for_containers_controller.rb
View File

@ -17,6 +17,7 @@ class Groups::DependencyProxyForContainersController < ::Groups::DependencyProxy
attr_reader :token
feature_category :dependency_proxy
urgency :low
def manifest
result = DependencyProxy::FindCachedManifestService.new(group, image, tag, token).execute

1
app/controllers/groups/packages_controller.rb
View File

@ -5,6 +5,7 @@ module Groups
before_action :verify_packages_enabled!
feature_category :package_registry
urgency :low
# The show action renders index to allow frontend routing to work on page refresh
def show

1
app/controllers/groups/registry/repositories_controller.rb
View File

@ -9,6 +9,7 @@ module Groups
before_action :authorize_read_container_image!
feature_category :container_registry
urgency :low
def index
respond_to do |format|

1
app/controllers/groups/settings/packages_and_registries_controller.rb
View File

@ -8,6 +8,7 @@ module Groups
before_action :verify_packages_enabled!
feature_category :package_registry
urgency :low
def show
end

1
app/controllers/projects/packages/packages_controller.rb
View File

@ -6,6 +6,7 @@ module Projects
include PackagesAccess
feature_category :package_registry
urgency :low
# The show action renders index to allow frontend routing to work on page refresh
def show

1
app/controllers/projects/registry/application_controller.rb
View File

@ -9,6 +9,7 @@ module Projects
before_action :authorize_read_container_image!
feature_category :container_registry
urgency :low
private

1
app/controllers/projects/settings/packages_and_registries_controller.rb
View File

@ -9,6 +9,7 @@ module Projects
before_action :packages_and_registries_settings_enabled!
feature_category :package_registry
urgency :low
def show
end

6
app/policies/group_policy.rb
View File

@ -54,11 +54,7 @@ class GroupPolicy < Namespaces::GroupProjectNamespaceSharedPolicy
end
condition(:dependency_proxy_access_allowed) do
if Feature.enabled?(:dependency_proxy_for_private_groups)
access_level(for_any_session: true) >= GroupMember::GUEST || valid_dependency_proxy_deploy_token
else
can?(:read_group)
end
access_level(for_any_session: true) >= GroupMember::GUEST || valid_dependency_proxy_deploy_token
end
desc "Deploy token with read_package_registry scope"

2
app/views/groups/dependency_proxies/show.html.haml
View File

@ -1,7 +1,5 @@
- page_title _("Dependency Proxy")
- @content_class = "limit-container-width" unless fluid_layout
- dependency_proxy_available = Feature.enabled?(:dependency_proxy_for_private_groups) || @group.public?
#js-dependency-proxy{ data: { group_path: @group.full_path,
dependency_proxy_available: dependency_proxy_available.to_s,
no_manifests_illustration: image_path('illustrations/docker-empty-state.svg'), group_id: @group.id } }

2
app/views/groups/settings/packages_and_registries/show.html.haml
View File

@ -1,9 +1,7 @@
- breadcrumb_title _('Packages & Registries')
- page_title _('Packages & Registries')
- @content_class = 'limit-container-width' unless fluid_layout
- dependency_proxy_available = Feature.enabled?(:dependency_proxy_for_private_groups) || @group.public?
%section#js-packages-and-registries-settings{ data: { default_expanded: expanded_by_default?.to_s,
group_path: @group.full_path,
dependency_proxy_available: dependency_proxy_available.to_s,
group_dependency_proxy_path: group_dependency_proxy_path(@group) } }

8
config/feature_flags/development/dependency_proxy_for_private_groups.yml
View File

@ -1,8 +0,0 @@
---
name: dependency_proxy_for_private_groups
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/46042
rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/276777
milestone: '13.7'
type: development
group: group::package
default_enabled: true

7
config/feature_flags/development/usage_data_diff_searches.yml Normal file
View File

@ -0,0 +1,7 @@
name: usage_data_diff_searches
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/86603
rollout_issue_url:
milestone: '15.0'
type: development
group: group::code review
default_enabled: true

18
data/removals/15_0/15-0-request-profiling.yml Normal file
View File

@ -0,0 +1,18 @@
- name: "Request profiling"
announcement_milestone: "14.8"
announcement_date: "2021-02-22"
removal_milestone: "15.0"
removal_date: "2022-05-22"
breaking_change: true
reporter: iroussos
body: | # Do not modify this line, instead modify the lines below.
[Request profiling](https://docs.gitlab.com/ee/administration/monitoring/performance/request_profiling.html) has been removed in GitLab 15.0.
We're working on [consolidating our profiling tools](https://gitlab.com/groups/gitlab-org/-/epics/7327) and making them more easily accessible.
We [evaluated](https://gitlab.com/gitlab-org/gitlab/-/issues/350152) the use of this feature and we found that it is not widely used.
It also depends on a few third-party gems that are not actively maintained anymore, have not been updated for the latest version of Ruby, or crash frequently when profiling heavy page loads.
For more information, check the [summary section of the deprecation issue](https://gitlab.com/gitlab-org/gitlab/-/issues/352488#deprecation-summary).
stage: Monitor
tiers: [Free, Premium, Ultimate]
issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/352488

17
data/removals/15_0/15-0-static-site-editor.yml Normal file
View File

@ -0,0 +1,17 @@
- name: "Static Site Editor" # (required) the name of the feature being removed. Avoid the words `deprecation`, `deprecate`, `removal`, and `remove` in this field because these are implied.
announcement_milestone: "14.7" # (required) The milestone when this feature was deprecated.
announcement_date: "2022-01-22" # (required) The date of the milestone release when this feature was deprecated. This should almost always be the 22nd of a month (YYYY-MM-DD), unless you did an out of band blog post.
removal_milestone: "15.0" # (required) The milestone when this feature is being removed.
removal_date: "2022-05-22" # (required) This should almost always be the 22nd of a month (YYYY-MM-DD), the date of the milestone release when this feature will be removed.
breaking_change: false # (required) Change to true if this removal is a breaking change.
reporter: ericschurter # (required) GitLab username of the person reporting the removal
stage: create # (required) String value of the stage that the feature was created in. e.g., Growth
issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/347137 # (required) Link to the deprecation issue in GitLab
body: | # (required) Do not modify this line, instead modify the lines below.
The Static Site Editor was deprecated in GitLab 14.7 and the feature is being removed in GitLab 15.0. Incoming requests to the Static Site Editor will be redirected and open the target file to edit in the Web IDE. Current users of the Static Site Editor can view the [documentation](https://docs.gitlab.com/ee/user/project/static_site_editor/) for more information, including how to remove the configuration files from existing projects. We will continue investing in improvements to the Markdown editing experience by [maturing the Content Editor](https://gitlab.com/groups/gitlab-org/-/epics/5401) and making it available as a way to edit content across GitLab.
# The following items are not published on the docs page, but may be used in the future.
tiers: # (optional - may be required in the future) An array of tiers that the feature is available in currently. e.g., [Free, Silver, Gold, Core, Premium, Ultimate]
documentation_url: https://docs.gitlab.com/ee/user/project/static_site_editor/
image_url: # (optional) This is a link to a thumbnail image depicting the feature
video_url: # (optional) Use the youtube thumbnail URL with the structure of https://img.youtube.com/vi/UNIQUEID/hqdefault.jpg

2
db/docs/gitlab_subscription_histories.yml
View File

@ -4,6 +4,6 @@ classes:
- GitlabSubscriptionHistory
feature_categories:
- purchase
description: TODO
description: History log for the gitlab_subscriptions table
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/19694
milestone: '12.6'

2
db/docs/gitlab_subscriptions.yml
View File

@ -4,6 +4,6 @@ classes:
- GitlabSubscription
feature_categories:
- purchase
description: TODO
description: Used to store information related to GitLab subscriptions
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/7885
milestone: '11.6'

2
db/docs/licenses.yml
View File

@ -4,6 +4,6 @@ classes:
- License
feature_categories:
- purchase
description: TODO
description: Used to store information related to the instance's license
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/commit/d1f2b09fadcfba210c5121bd214b910b9f9809fd
milestone: '7.11'

2
db/docs/plan_limits.yml
View File

@ -4,6 +4,6 @@ classes:
- PlanLimits
feature_categories:
- purchase
description: TODO
description: Contains Plan specific limits (CI minute quantities for example)
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/19438
milestone: '12.5'

2
db/docs/plans.yml
View File

@ -4,6 +4,6 @@ classes:
- Plan
feature_categories:
- purchase
description: TODO
description: Contains information about purchasable Plans for GitLab namespaces
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/commit/39ca951a0f28d147d4689379bbe48a9c14d55d9f
milestone: '9.5'

2
db/docs/upcoming_reconciliations.yml
View File

@ -4,6 +4,6 @@ classes:
- GitlabSubscriptions::UpcomingReconciliation
feature_categories:
- purchase
description: TODO
description: Stores the data needed to notify a user of an upcoming reconciliation
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/63054
milestone: '14.0'

9
db/migrate/20220504140036_add_container_registry_size_to_namespace_root_storage_statistics.rb Normal file
View File

@ -0,0 +1,9 @@
# frozen_string_literal: true
class AddContainerRegistrySizeToNamespaceRootStorageStatistics < Gitlab::Database::Migration[2.0]
enable_lock_retries!
def change
add_column :namespace_root_storage_statistics, :container_registry_size, :bigint, default: 0, null: false
end
end

29
db/post_migrate/20220505022001_add_index_to_deployments_on_created_at_cluster_id_and_project_id.rb Normal file
View File

@ -0,0 +1,29 @@
# frozen_string_literal: true
class AddIndexToDeploymentsOnCreatedAtClusterIdAndProjectId < Gitlab::Database::Migration[2.0]
disable_ddl_transaction!
# This temporary index was created to support the script that will be run as part o this
# Change Request: https://gitlab.com/gitlab-com/gl-infra/production/-/issues/6981
#
# Issue to remove the temporary index: https://gitlab.com/gitlab-org/gitlab/-/issues/361389
INDEX_NAME = 'tp_index_created_at_cluster_id_project_id_on_deployments'
# The change request will only run for deployments newer than this date. This is what we'll
# be considering as "Active certificate based cluster Kubernetes Deployments". Namespaces with
# deployments older than this will have to be migrated to the agent and won't have their
# certificate based clusters life extended.
DEPLOYMENTS_START_DATE = '2022-04-03 00:00:00'
def up
add_concurrent_index(
:deployments,
[:created_at, :cluster_id, :project_id],
name: INDEX_NAME,
where: "cluster_id is not null and created_at > '#{DEPLOYMENTS_START_DATE}'")
end
def down
remove_concurrent_index_by_name(:deployments, INDEX_NAME)
end
end

1
db/schema_migrations/20220504140036 Normal file
View File

@ -0,0 +1 @@
726f09e0f6dd7f53a5e1928c9cb86e1499a9af7d84fe6d4cab847ab54db12711

1
db/schema_migrations/20220505022001 Normal file
View File

@ -0,0 +1 @@
4d93c3c0234171212aca73b7f3ed471a918fd30091e76e3427696c41c2842fce

5
db/structure.sql
View File

@ -17389,7 +17389,8 @@ CREATE TABLE namespace_root_storage_statistics (
pipeline_artifacts_size bigint DEFAULT 0 NOT NULL,
uploads_size bigint DEFAULT 0 NOT NULL,
dependency_proxy_size bigint DEFAULT 0 NOT NULL,
notification_level smallint DEFAULT 100 NOT NULL
notification_level smallint DEFAULT 100 NOT NULL,
container_registry_size bigint DEFAULT 0 NOT NULL
);
CREATE TABLE namespace_settings (
@ -29753,6 +29754,8 @@ CREATE INDEX tmp_index_projects_on_id_and_runners_token ON projects USING btree
CREATE INDEX tmp_index_projects_on_id_and_runners_token_encrypted ON projects USING btree (id, runners_token_encrypted) WHERE (runners_token_encrypted IS NOT NULL);
CREATE INDEX tp_index_created_at_cluster_id_project_id_on_deployments ON deployments USING btree (created_at, cluster_id, project_id) WHERE ((cluster_id IS NOT NULL) AND (created_at > '2022-04-03 00:00:00'::timestamp without time zone));
CREATE UNIQUE INDEX uniq_pkgs_deb_grp_architectures_on_distribution_id_and_name ON packages_debian_group_architectures USING btree (distribution_id, name);
CREATE UNIQUE INDEX uniq_pkgs_deb_grp_components_on_distribution_id_and_name ON packages_debian_group_components USING btree (distribution_id, name);

17
doc/administration/packages/dependency_proxy.md
View File

@ -248,23 +248,6 @@ Verify that there are no files on disk in the `dependency_proxy` folder:
sudo find /var/opt/gitlab/gitlab-rails/shared/dependency_proxy -type f | grep -v tmp | wc -l
```
## Disabling Authentication
Authentication was introduced in 13.7 as part of [enabling private groups to use the
Dependency Proxy](https://gitlab.com/gitlab-org/gitlab/-/issues/11582). If you
previously used the Dependency Proxy without authentication and need to disable
this feature while you update your workflow to [authenticate with the Dependency
Proxy](../../user/packages/dependency_proxy/index.md#authenticate-with-the-dependency-proxy),
the following commands can be issued in a Rails console:
```ruby
# Disable the authentication
Feature.disable(:dependency_proxy_for_private_groups)
# Re-enable the authentication
Feature.enable(:dependency_proxy_for_private_groups)
```
## Changing the JWT expiration
The Dependency Proxy follows the [Docker v2 token authentication flow](https://docs.docker.com/registry/spec/auth/token/),

5
doc/development/documentation/styleguide/index.md
View File

@ -654,7 +654,10 @@ In the Markdown document:
For the heading text, **do**:
- Be clear and direct. Make every word count.
- Use active verbs for tasks. For example, `Configure GDK` instead of `Configuring GDK`.
- Use active, imperative verbs for [tasks](../structure.md#task). For example, `Create an issue`.
- Use `ing` (gerund) verbs only when you need a topic that introduces tasks. For example, `Configuring GDK`.
- Use nouns for [concepts](../structure.md#concept). For example, `GDK dependency management`. If a noun is
ambiguous, you can add a gerund. For example, `Documenting versions` instead of `Versions`.
- Talk about what the product does, realistically but from a positive perspective. Instead of
`Limitations`, move the content near other similar information. If you must, you can
use the title `Known issues`.

20
doc/update/removals.md
View File

@ -144,6 +144,26 @@ changes to your code, settings, or workflow.
The feature flag `PUSH_RULES_SUPERSEDE_CODE_OWNERS` has been removed in GitLab 15.0. From now on, push rules will supersede CODEOWNERS. The CODEOWNERS feature is no longer available for access control.
### Request profiling
WARNING:
This feature was changed or removed in 15.0
as a [breaking change](https://docs.gitlab.com/ee/development/contributing/#breaking-changes).
Before updating GitLab, review the details carefully to determine if you need to make any
changes to your code, settings, or workflow.
[Request profiling](https://docs.gitlab.com/ee/administration/monitoring/performance/request_profiling.html) has been removed in GitLab 15.0.
We're working on [consolidating our profiling tools](https://gitlab.com/groups/gitlab-org/-/epics/7327) and making them more easily accessible.
We [evaluated](https://gitlab.com/gitlab-org/gitlab/-/issues/350152) the use of this feature and we found that it is not widely used.
It also depends on a few third-party gems that are not actively maintained anymore, have not been updated for the latest version of Ruby, or crash frequently when profiling heavy page loads.
For more information, check the [summary section of the deprecation issue](https://gitlab.com/gitlab-org/gitlab/-/issues/352488#deprecation-summary).
### Static Site Editor
The Static Site Editor was deprecated in GitLab 14.7 and the feature is being removed in GitLab 15.0. Incoming requests to the Static Site Editor will be redirected and open the target file to edit in the Web IDE. Current users of the Static Site Editor can view the [documentation](https://docs.gitlab.com/ee/user/project/static_site_editor/) for more information, including how to remove the configuration files from existing projects. We will continue investing in improvements to the Markdown editing experience by [maturing the Content Editor](https://gitlab.com/groups/gitlab-org/-/epics/5401) and making it available as a way to edit content across GitLab.
### Test coverage project CI/CD setting
WARNING:

13
doc/user/packages/dependency_proxy/index.md
View File

@ -65,17 +65,8 @@ Prerequisites:
### Authenticate with the Dependency Proxy
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/11582) in GitLab 13.7.
> - It's [deployed behind a feature flag](../../feature_flags.md), enabled by default.
> - It's enabled on GitLab.com.
> - It's recommended for production use.
> - For GitLab self-managed instances, GitLab administrators can opt to [disable it](../../../administration/packages/dependency_proxy.md#disabling-authentication). **(FREE SELF)**
WARNING:
This feature might not be available to you. Check the **version history** note above for details.
The requirement to authenticate is a breaking change added in 13.7. An [administrator can temporarily
disable it](../../../administration/packages/dependency_proxy.md#disabling-authentication) if it
has disrupted your existing Dependency Proxy usage.
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/11582) in GitLab 13.7 [with a flag](../../../administration/feature_flags.md) named `dependency_proxy_for_private_groups`. Enabled by default.
> - [Removed](https://gitlab.com/gitlab-org/gitlab/-/issues/276777) the feature flag `dependency_proxy_for_private_groups` in GitLab 15.0.
Because the Dependency Proxy is storing Docker images in a space associated with your group,
you must authenticate against the Dependency Proxy.

12
lib/api/composer_packages.rb
View File

@ -71,7 +71,7 @@ module API
desc 'Composer packages endpoint at group level'
route_setting :authentication, job_token_allowed: true, basic_auth_personal_access_token: true, deploy_token_allowed: true
get ':id/-/packages/composer/packages' do
get ':id/-/packages/composer/packages', urgency: :low do
presenter.root
end
@ -80,7 +80,7 @@ module API
requires :sha, type: String, desc: 'Shasum of current json'
end
route_setting :authentication, job_token_allowed: true, basic_auth_personal_access_token: true, deploy_token_allowed: true
get ':id/-/packages/composer/p/:sha' do
get ':id/-/packages/composer/p/:sha', urgency: :low do
presenter.provider
end
@ -89,7 +89,7 @@ module API
requires :package_name, type: String, file_path: true, desc: 'The Composer package name'
end
route_setting :authentication, job_token_allowed: true, basic_auth_personal_access_token: true, deploy_token_allowed: true
get ':id/-/packages/composer/p2/*package_name', requirements: COMPOSER_ENDPOINT_REQUIREMENTS, file_path: true do
get ':id/-/packages/composer/p2/*package_name', requirements: COMPOSER_ENDPOINT_REQUIREMENTS, file_path: true, urgency: :low do
not_found! if packages.empty?
presenter.package_versions
@ -100,7 +100,7 @@ module API
requires :package_name, type: String, file_path: true, desc: 'The Composer package name'
end
route_setting :authentication, job_token_allowed: true, basic_auth_personal_access_token: true, deploy_token_allowed: true
get ':id/-/packages/composer/*package_name', requirements: COMPOSER_ENDPOINT_REQUIREMENTS, file_path: true do
get ':id/-/packages/composer/*package_name', requirements: COMPOSER_ENDPOINT_REQUIREMENTS, file_path: true, urgency: :low do
not_found! if packages.empty?
not_found! if params[:sha].blank?
@ -122,7 +122,7 @@ module API
optional :tag, type: String, desc: 'The name of the tag'
exactly_one_of :tag, :branch
end
post do
post urgency: :low do
authorize_create_package!(authorized_user_project)
if params[:branch].present?
@ -147,7 +147,7 @@ module API
requires :package_name, type: String, file_path: true, desc: 'The Composer package name'
end
route_setting :authentication, job_token_allowed: true, basic_auth_personal_access_token: true, deploy_token_allowed: true
get 'archives/*package_name' do
get 'archives/*package_name', urgency: :default do
authorize_read_package!(authorized_user_project)
metadata = authorized_user_project

38
lib/api/concerns/packages/conan_endpoints.rb
View File

@ -56,7 +56,7 @@ module API
route_setting :authentication, job_token_allowed: true, basic_auth_personal_access_token: true
get 'ping' do
get 'ping', urgency: :default do
header 'X-Conan-Server-Capabilities', [].join(',')
end
@ -70,7 +70,7 @@ module API
route_setting :authentication, job_token_allowed: true, basic_auth_personal_access_token: true
get 'conans/search' do
get 'conans/search', urgency: :low do
service = ::Packages::Conan::SearchService.new(current_user, query: params[:q]).execute
service.payload
end
@ -89,7 +89,7 @@ module API
route_setting :authentication, job_token_allowed: true, basic_auth_personal_access_token: true
get 'authenticate' do
get 'authenticate', urgency: :low do
unauthorized! unless token
token.to_jwt
@ -101,7 +101,7 @@ module API
route_setting :authentication, job_token_allowed: true, basic_auth_personal_access_token: true
get 'check_credentials' do
get 'check_credentials', urgency: :default do
authenticate!
:ok
end
@ -133,7 +133,7 @@ module API
route_setting :authentication, job_token_allowed: true, basic_auth_personal_access_token: true
get 'packages/:conan_package_reference' do
get 'packages/:conan_package_reference', urgency: :low do
authorize!(:read_package, project)
presenter = ::Packages::Conan::PackagePresenter.new(
@ -152,7 +152,7 @@ module API
route_setting :authentication, job_token_allowed: true, basic_auth_personal_access_token: true
get do
get urgency: :low do
authorize!(:read_package, project)
presenter = ::Packages::Conan::PackagePresenter.new(package, current_user, project)
@ -174,7 +174,7 @@ module API
route_setting :authentication, job_token_allowed: true, basic_auth_personal_access_token: true
get 'packages/:conan_package_reference/digest' do
get 'packages/:conan_package_reference/digest', urgency: :low do
present_package_download_urls
end
@ -184,7 +184,7 @@ module API
route_setting :authentication, job_token_allowed: true, basic_auth_personal_access_token: true
get 'digest' do
get 'digest', urgency: :low do
present_recipe_download_urls
end
@ -204,7 +204,7 @@ module API
route_setting :authentication, job_token_allowed: true, basic_auth_personal_access_token: true
get 'packages/:conan_package_reference/download_urls' do
get 'packages/:conan_package_reference/download_urls', urgency: :low do
present_package_download_urls
end
@ -214,7 +214,7 @@ module API
route_setting :authentication, job_token_allowed: true, basic_auth_personal_access_token: true
get 'download_urls' do
get 'download_urls', urgency: :low do
present_recipe_download_urls
end
@ -235,7 +235,7 @@ module API
route_setting :authentication, job_token_allowed: true, basic_auth_personal_access_token: true
post 'packages/:conan_package_reference/upload_urls' do
post 'packages/:conan_package_reference/upload_urls', urgency: :low do
authorize!(:read_package, project)
status 200
@ -248,7 +248,7 @@ module API
route_setting :authentication, job_token_allowed: true, basic_auth_personal_access_token: true
post 'upload_urls' do
post 'upload_urls', urgency: :low do
authorize!(:read_package, project)
status 200
@ -261,7 +261,7 @@ module API
route_setting :authentication, job_token_allowed: true, basic_auth_personal_access_token: true
delete do
delete urgency: :low do
authorize!(:destroy_package, project)
track_package_event('delete_package', :conan, category: 'API::ConanPackages', user: current_user, project: project, namespace: project.namespace)
@ -297,7 +297,7 @@ module API
route_setting :authentication, job_token_allowed: true, basic_auth_personal_access_token: true
get do
get urgency: :low do
download_package_file(:recipe_file)
end
@ -311,7 +311,7 @@ module API
route_setting :authentication, job_token_allowed: true, basic_auth_personal_access_token: true
put do
put urgency: :low do
upload_package_file(:recipe_file)
end
@ -321,7 +321,7 @@ module API
route_setting :authentication, job_token_allowed: true, basic_auth_personal_access_token: true
put 'authorize' do
put 'authorize', urgency: :low do
authorize_workhorse!(subject: project, maximum_size: project.actual_limits.conan_max_file_size)
end
end
@ -338,7 +338,7 @@ module API
route_setting :authentication, job_token_allowed: true, basic_auth_personal_access_token: true
get do
get urgency: :low do
download_package_file(:package_file)
end
@ -348,7 +348,7 @@ module API
route_setting :authentication, job_token_allowed: true, basic_auth_personal_access_token: true
put 'authorize' do
put 'authorize', urgency: :low do
authorize_workhorse!(subject: project, maximum_size: project.actual_limits.conan_max_file_size)
end
@ -362,7 +362,7 @@ module API
route_setting :authentication, job_token_allowed: true, basic_auth_personal_access_token: true
put do
put urgency: :low do
upload_package_file(:package_file)
end
end

1
lib/api/concerns/packages/debian_distribution_endpoints.rb
View File

@ -10,6 +10,7 @@ module API
include PaginationParams
feature_category :package_registry
urgency :low
helpers ::API::Helpers::PackagesHelpers
helpers ::API::Helpers::Packages::BasicAuthHelpers

1
lib/api/concerns/packages/debian_package_endpoints.rb
View File

@ -16,6 +16,7 @@ module API
included do
feature_category :package_registry
urgency :low
helpers ::API::Helpers::PackagesHelpers
helpers ::API::Helpers::Packages::BasicAuthHelpers

8
lib/api/concerns/packages/nuget_endpoints.rb
View File

@ -56,7 +56,7 @@ module API
desc 'The NuGet Service Index' do
detail 'This feature was introduced in GitLab 12.6'
end
get 'index', format: :json do
get 'index', format: :json, urgency: :default do
authorize_read_package!(project_or_group)
track_package_event('cli_metadata', :nuget, **snowplow_gitlab_standard_context.merge(category: 'API::NugetPackages'))
@ -77,7 +77,7 @@ module API
desc 'The NuGet Metadata Service - Package name level' do
detail 'This feature was introduced in GitLab 12.8'
end
get 'index', format: :json do
get 'index', format: :json, urgency: :low do
present ::Packages::Nuget::PackagesMetadataPresenter.new(find_packages(params[:package_name])),
with: ::API::Entities::Nuget::PackagesMetadata
end
@ -88,7 +88,7 @@ module API
params do
requires :package_version, type: String, desc: 'The NuGet package version', regexp: API::NO_SLASH_URL_PART_REGEX
end
get '*package_version', format: :json do
get '*package_version', format: :json, urgency: :low do
present ::Packages::Nuget::PackageMetadataPresenter.new(find_package(params[:package_name], params[:package_version])),
with: ::API::Entities::Nuget::PackageMetadata
end
@ -109,7 +109,7 @@ module API
desc 'The NuGet Search Service' do
detail 'This feature was introduced in GitLab 12.8'
end
get format: :json do
get format: :json, urgency: :low do
search_options = {
include_prerelease_versions: params[:prerelease],
per_page: params[:take],

1
lib/api/container_registry_event.rb
View File

@ -5,6 +5,7 @@ module API
DOCKER_DISTRIBUTION_EVENTS_V1_JSON = 'application/vnd.docker.distribution.events.v1+json'
feature_category :container_registry
urgency :low
before { authenticate_registry_notification! }

1
lib/api/container_repositories.rb
View File

@ -10,6 +10,7 @@ module API
before { authenticate! }
feature_category :container_registry
urgency :low
namespace 'registry' do
params do

1
lib/api/dependency_proxy.rb
View File

@ -5,6 +5,7 @@ module API
helpers ::API::Helpers::PackagesHelpers
feature_category :dependency_proxy
urgency :low
after_validation do
authorize! :admin_group, user_group

1
lib/api/generic_packages.rb
View File

@ -10,6 +10,7 @@ module API
ALLOWED_STATUSES = %w[default hidden].freeze
feature_category :package_registry
urgency :low
before do
require_packages_enabled!

1
lib/api/go_proxy.rb
View File

@ -5,6 +5,7 @@ module API
helpers ::API::Helpers::PackagesHelpers
feature_category :package_registry
urgency :low
# basic semver, except case encoded (A => !a)
MODULE_VERSION_REGEX = /v(0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(?:-([-.!a-z0-9]+))?(?:\+([-.!a-z0-9]+))?/.freeze

1
lib/api/group_container_repositories.rb
View File

@ -10,6 +10,7 @@ module API
before { authorize_read_group_container_images! }
feature_category :container_registry
urgency :low
REPOSITORY_ENDPOINT_REQUIREMENTS = API::NAMESPACE_OR_PROJECT_REQUIREMENTS.merge(
tag_name: API::NO_SLASH_URL_PART_REGEX)

1
lib/api/group_packages.rb
View File

@ -9,6 +9,7 @@ module API
end
feature_category :package_registry
urgency :low
helpers ::API::Helpers::PackagesHelpers

1
lib/api/helm_packages.rb
View File

@ -9,6 +9,7 @@ module API
include ::API::Helpers::Authentication
feature_category :package_registry
urgency :low
PACKAGE_FILENAME = 'package.tgz'
HELM_REQUIREMENTS = {

1
lib/api/internal/container_registry/migration.rb
View File

@ -5,6 +5,7 @@ module API
module ContainerRegistry
class Migration < ::API::Base
feature_category :container_registry
urgency :low
STATUS_PRE_IMPORT_COMPLETE = 'pre_import_complete'
STATUS_PRE_IMPORT_FAILED = 'pre_import_failed'

1
lib/api/maven_packages.rb
View File

@ -6,6 +6,7 @@ module API
}.freeze
feature_category :package_registry
urgency :low
content_type :md5, 'text/plain'
content_type :sha1, 'text/plain'

1
lib/api/npm_instance_packages.rb
View File

@ -4,6 +4,7 @@ module API
helpers ::API::Helpers::Packages::Npm
feature_category :package_registry
urgency :low
rescue_from ActiveRecord::RecordInvalid do |e|
render_api_error!(e.message, 400)

1
lib/api/npm_project_packages.rb
View File

@ -4,6 +4,7 @@ module API
helpers ::API::Helpers::Packages::Npm
feature_category :package_registry
urgency :low
rescue_from ActiveRecord::RecordInvalid do |e|
render_api_error!(e.message, 400)

12
lib/api/nuget_project_packages.rb
View File

@ -105,7 +105,7 @@ module API
params do
use :file_params
end
put do
put urgency: :low do
upload_nuget_package_file do |package|
track_package_event(
'push_package',
@ -121,7 +121,7 @@ module API
forbidden!
end
put 'authorize' do
put 'authorize', urgency: :low do
authorize_nuget_upload
end
@ -133,7 +133,7 @@ module API
params do
use :file_params
end
put 'symbolpackage' do
put 'symbolpackage', urgency: :low do
upload_nuget_package_file(symbol_package: true) do |package|
track_package_event(
'push_symbol_package',
@ -149,7 +149,7 @@ module API
forbidden!
end
put 'symbolpackage/authorize' do
put 'symbolpackage/authorize', urgency: :low do
authorize_nuget_upload
end
@ -165,7 +165,7 @@ module API
desc 'The NuGet Content Service - index request' do
detail 'This feature was introduced in GitLab 12.8'
end
get 'index', format: :json do
get 'index', format: :json, urgency: :low do
present ::Packages::Nuget::PackagesVersionsPresenter.new(find_packages(params[:package_name])),
with: ::API::Entities::Nuget::PackagesVersions
end
@ -177,7 +177,7 @@ module API
requires :package_version, type: String, desc: 'The NuGet package version', regexp: API::NO_SLASH_URL_PART_REGEX
requires :package_filename, type: String, desc: 'The NuGet package filename', regexp: API::NO_SLASH_URL_PART_REGEX
end
get '*package_version/*package_filename', format: [:nupkg, :snupkg] do
get '*package_version/*package_filename', format: [:nupkg, :snupkg], urgency: :low do
filename = "#{params[:package_filename]}.#{params[:format]}"
package_file = ::Packages::PackageFileFinder.new(find_package(params[:package_name], params[:package_version]), filename, with_file_name_like: true)
.execute

1
lib/api/package_files.rb
View File

@ -9,6 +9,7 @@ module API
end
feature_category :package_registry
urgency :low
helpers ::API::Helpers::PackagesHelpers

1
lib/api/project_container_repositories.rb
View File

@ -13,6 +13,7 @@ module API
before { authorize_read_container_images! }
feature_category :package_registry
urgency :low
params do
requires :id, type: String, desc: 'The ID of a project'

1
lib/api/project_packages.rb
View File

@ -9,6 +9,7 @@ module API
end
feature_category :package_registry
urgency :low
helpers ::API::Helpers::PackagesHelpers

1
lib/api/pypi_packages.rb
View File

@ -14,6 +14,7 @@ module API
include ::API::Helpers::Packages::BasicAuthHelpers::Constants
feature_category :package_registry
urgency :low
default_format :json

1
lib/api/rubygem_packages.rb
View File

@ -8,6 +8,7 @@ module API
helpers ::API::Helpers::PackagesHelpers
feature_category :package_registry
urgency :low
# The Marshal version can be found by "#{Marshal::MAJOR_VERSION}.#{Marshal::MINOR_VERSION}"
# Updating the version should require a GitLab API version change.

1
lib/gitlab/usage_data_counters/known_events/code_review_events.yml
View File

@ -234,6 +234,7 @@
redis_slot: code_review
category: code_review
aggregation: weekly
feature_flag: usage_data_diff_searches
- name: i_code_review_total_suggestions_applied
redis_slot: code_review
category: code_review

3
locale/gitlab.pot
View File

@ -12119,9 +12119,6 @@ msgstr ""
msgid "DependencyProxy|Dependency Proxy"
msgstr ""
msgid "DependencyProxy|Dependency Proxy feature is limited to public groups for now."
msgstr ""
msgid "DependencyProxy|Dependency Proxy image prefix"
msgstr ""

12
spec/controllers/groups/dependency_proxy_auth_controller_spec.rb
View File

@ -8,18 +8,6 @@ RSpec.describe Groups::DependencyProxyAuthController do
describe 'GET #authenticate' do
subject { get :authenticate }
context 'feature flag disabled' do
before do
stub_feature_flags(dependency_proxy_for_private_groups: false)
end
it 'returns successfully', :aggregate_failures do
subject
expect(response).to have_gitlab_http_status(:success)
end
end
context 'without JWT' do
it 'returns unauthorized with oauth realm', :aggregate_failures do
subject

26
spec/controllers/groups/dependency_proxy_for_containers_controller_spec.rb
View File

@ -20,33 +20,9 @@ RSpec.describe Groups::DependencyProxyForContainersController do
request.headers['HTTP_AUTHORIZATION'] = nil
end
context 'feature flag disabled' do
let_it_be(:group) { create(:group) }
before do
stub_feature_flags(dependency_proxy_for_private_groups: false)
end
it { is_expected.to have_gitlab_http_status(:ok) }
end
it { is_expected.to have_gitlab_http_status(:unauthorized) }
end
shared_examples 'feature flag disabled with private group' do
before do
stub_feature_flags(dependency_proxy_for_private_groups: false)
end
it 'returns not found' do
group.update!(visibility_level: Gitlab::VisibilityLevel::PRIVATE)
subject
expect(response).to have_gitlab_http_status(:not_found)
end
end
shared_examples 'with invalid path' do
context 'with invalid image' do
let(:image) { '../path_traversal' }
@ -208,7 +184,6 @@ RSpec.describe Groups::DependencyProxyForContainersController do
context 'feature enabled' do
it_behaves_like 'without a token'
it_behaves_like 'without permission'
it_behaves_like 'feature flag disabled with private group'
context 'remote token request fails' do
let(:token_response) do
@ -321,7 +296,6 @@ RSpec.describe Groups::DependencyProxyForContainersController do
context 'feature enabled' do
it_behaves_like 'without a token'
it_behaves_like 'without permission'
it_behaves_like 'feature flag disabled with private group'
context 'a valid user' do
before do

16
spec/features/groups/dependency_proxy_spec.rb
View File

@ -88,22 +88,6 @@ RSpec.describe 'Group Dependency Proxy' do
sign_in(owner)
end
context 'feature flag is disabled', :js do
before do
stub_feature_flags(dependency_proxy_for_private_groups: false)
end
context 'group is private' do
let(:group) { create(:group, :private) }
it 'informs user that feature is only available for public groups' do
visit path
expect(page).to have_content('Dependency Proxy feature is limited to public groups for now.')
end
end
end
context 'feature is disabled globally' do
it 'renders 404 page' do
disable_feature

45
spec/frontend/packages_and_registries/dependency_proxy/app_spec.js
View File

@ -47,7 +47,6 @@ describe('DependencyProxyApp', () => {
const provideDefaults = {
groupPath: 'gitlab-org',
groupId: dummyGrouptId,
dependencyProxyAvailable: true,
noManifestsIllustration: 'noManifestsIllustration',
};
@ -74,7 +73,6 @@ describe('DependencyProxyApp', () => {
});
}
const findProxyNotAvailableAlert = () => wrapper.findByTestId('proxy-not-available');
const findClipBoardButton = () => wrapper.findComponent(ClipboardButton);
const findFormGroup = () => wrapper.findComponent(GlFormGroup);
const findFormInputGroup = () => wrapper.findComponent(GlFormInputGroup);
@ -103,41 +101,6 @@ describe('DependencyProxyApp', () => {
mock.restore();
});
describe('when the dependency proxy is not available', () => {
const createComponentArguments = {
provide: { ...provideDefaults, dependencyProxyAvailable: false },
};
it('renders an info alert', () => {
createComponent(createComponentArguments);
expect(findProxyNotAvailableAlert().text()).toBe(
DependencyProxyApp.i18n.proxyNotAvailableText,
);
});
it('does not render the main area', () => {
createComponent(createComponentArguments);
expect(findMainArea().exists()).toBe(false);
});
it('does not call the graphql endpoint', async () => {
resolver = jest.fn().mockResolvedValue(proxyDetailsQuery());
createComponent({ ...createComponentArguments });
await waitForPromises();
expect(resolver).not.toHaveBeenCalled();
});
it('hides the clear cache dropdown list', () => {
createComponent(createComponentArguments);
expect(findClearCacheDropdownList().exists()).toBe(false);
});
});
describe('when the dependency proxy is available', () => {
describe('when is loading', () => {
beforeEach(() => {
@ -155,10 +118,6 @@ describe('DependencyProxyApp', () => {
it('does not show the main section', () => {
expect(findMainArea().exists()).toBe(false);
});
it('does not render the info alert', () => {
expect(findProxyNotAvailableAlert().exists()).toBe(false);
});
});
describe('when the app is loaded', () => {
@ -168,10 +127,6 @@ describe('DependencyProxyApp', () => {
return waitForPromises();
});
it('does not render the info alert', () => {
expect(findProxyNotAvailableAlert().exists()).toBe(false);
});
it('renders the main area', () => {
expect(findMainArea().exists()).toBe(true);
});

12
spec/frontend/packages_and_registries/settings/group/components/group_settings_app_spec.js
View File

@ -28,7 +28,6 @@ describe('Group Settings App', () => {
const defaultProvide = {
defaultExpanded: false,
groupPath: 'foo_group_path',
dependencyProxyAvailable: true,
};
const mountComponent = ({
@ -140,15 +139,4 @@ describe('Group Settings App', () => {
});
});
});
describe('when the dependency proxy is not available', () => {
beforeEach(() => {
mountComponent({ provide: { ...defaultProvide, dependencyProxyAvailable: false } });
return waitForApolloQueryAndRender();
});
it('the setting block is hidden', () => {
expect(findDependencyProxySettings().exists()).toBe(false);
});
});
});