root
/
gitlab-ce
mirror of https://gitlab.com/free-releases/gitlab-ce.git
1
0
Fork 0
Code Issues Actions Packages Projects Releases Wiki Activity

Add latest changes from gitlab-org/gitlab@master

This commit is contained in:
GitLab Bot 2024-11-27 03:24:57 +00:00
parent 3b1e5a96e4
commit 13bd14b718
12 changed files with 55 additions and 66 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.rubocop_todo/layout/line_end_string_concatenation_indentation.yml
View File

@ -311,7 +311,6 @@ Layout/LineEndStringConcatenationIndentation:
- 'ee/spec/requests/users/registrations_identity_verification_controller_spec.rb'
- 'ee/spec/serializers/integrations/field_entity_spec.rb'
- 'ee/spec/services/boards/epic_lists/destroy_service_spec.rb'
- 'ee/spec/services/ci/destroy_pipeline_service_spec.rb'
- 'ee/spec/services/clusters/agent_tokens/create_service_audit_log_spec.rb'
- 'ee/spec/services/clusters/agent_tokens/revoke_service_audit_log_spec.rb'
- 'ee/spec/services/ee/auth/container_registry_authentication_service_spec.rb'

1
.rubocop_todo/rspec/context_wording.yml
View File

@ -2361,7 +2361,6 @@ RSpec/ContextWording:
- 'spec/services/ci/create_pipeline_service/tags_spec.rb'
- 'spec/services/ci/create_pipeline_service_spec.rb'
- 'spec/services/ci/create_web_ide_terminal_service_spec.rb'
- 'spec/services/ci/destroy_pipeline_service_spec.rb'
- 'spec/services/ci/destroy_secure_file_service_spec.rb'
- 'spec/services/ci/expire_pipeline_cache_service_spec.rb'
- 'spec/services/ci/find_exposed_artifacts_service_spec.rb'

1
.rubocop_todo/rspec/named_subject.yml
View File

@ -2937,7 +2937,6 @@ RSpec/NamedSubject:
- 'spec/services/ci/create_pipeline_service/parameter_content_spec.rb'
- 'spec/services/ci/create_web_ide_terminal_service_spec.rb'
- 'spec/services/ci/deployments/destroy_service_spec.rb'
- 'spec/services/ci/destroy_pipeline_service_spec.rb'
- 'spec/services/ci/destroy_secure_file_service_spec.rb'
- 'spec/services/ci/drop_pipeline_service_spec.rb'
- 'spec/services/ci/expire_pipeline_cache_service_spec.rb'

1
.rubocop_todo/rspec/scattered_let.yml
View File

@ -191,7 +191,6 @@ RSpec/ScatteredLet:
- 'spec/services/ci/create_downstream_pipeline_service_spec.rb'
- 'spec/services/ci/create_pipeline_service/rules_spec.rb'
- 'spec/services/ci/create_pipeline_service_spec.rb'
- 'spec/services/ci/destroy_pipeline_service_spec.rb'
- 'spec/services/design_management/delete_designs_service_spec.rb'
- 'spec/services/design_management/save_designs_service_spec.rb'
- 'spec/services/discussions/capture_diff_note_positions_service_spec.rb'

2
app/assets/stylesheets/framework/sidebar.scss
View File

@ -774,7 +774,7 @@
.reviewer-merge-icon,
.assignee .merge-icon,
.reviewer .merge-icon {
color: $orange-400;
color: var(--gl-status-warning-icon-color);
position: absolute;
bottom: -3px;
right: -3px;

4
app/services/ci/destroy_pipeline_service.rb
View File

@ -5,6 +5,10 @@ module Ci
def execute(pipeline)
raise Gitlab::Access::AccessDeniedError unless can?(current_user, :destroy_pipeline, pipeline)
unsafe_execute(pipeline)
end
def unsafe_execute(pipeline)
Ci::ExpirePipelineCacheService.new.execute(pipeline, delete: true)
# ensure cancellation happens sync so we accumulate compute minutes successfully

6
data/deprecations/17-3-codeclimate.yml
View File

@ -7,8 +7,8 @@
issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/471677 # (required) Link to the deprecation issue in GitLab
body: | # (required) Do not modify this line, instead modify the lines below.
In GitLab 18.0, we will remove CodeClimate-based Code Quality scanning.
However, you'll still be able to import results from quality tools by [providing a report as an artifact](https://docs.gitlab.com/ee/ci/testing/code_quality.html#implement-a-custom-tool), just as you can today.
In addition, you can also see this [epic](https://gitlab.com/groups/gitlab-org/-/epics/8790) for new directions considered for Code Quality.
In its place, you should use quality tools directly in your CI/CD pipeline and [provide the tool's report as an artifact](https://docs.gitlab.com/ee/ci/testing/code_quality.html#import-code-quality-results-from-a-cicd-job).
Many tools already support the required report format, and you can integrate them by following the [documented steps](https://docs.gitlab.com/ee/ci/testing/code_quality.html#integrate-common-tools-with-code-quality).
We expect to implement this change by:
@ -19,4 +19,4 @@
After End of Support in GitLab 18.0, we won't provide further updates.
However, we won't delete previously published container images or remove the ability to run them by using custom CI/CD pipeline job definitions.
For more details and required actions, see the [deprecation issue for this change](https://gitlab.com/gitlab-org/gitlab/-/issues/471677#action-required).
For more details, see [Scan code for quality violations](https://docs.gitlab.com/ee/ci/testing/code_quality.html#scan-code-for-quality-violations).

17
doc/ci/testing/code_quality.md
View File

@ -43,7 +43,9 @@ You can also [integrate multiple tools](#integrate-multiple-tools).
Many development teams already use linters, style checkers, or other tools in their CI/CD pipelines to automatically detect violations of coding standards.
You can make the findings from these tools easier to see and fix by integrating them with Code Quality.
To integrate a tool with Code Quality:
To see if your tool already has a documented integration, see [Integrate common tools with Code Quality](#integrate-common-tools-with-code-quality).
To integrate a different tool with Code Quality:
1. Add the tool to your CI/CD pipeline.
1. Configure the tool to output a report as a file.
@ -76,19 +78,6 @@ You can capture results from multiple tools in a single pipeline.
For example, you can run a code linter to scan your code along with a language linter to scan your documentation, or you can use a standalone tool along with CodeClimate-based scanning.
Code Quality combines all of the reports so you see all of them when you [view results](#view-code-quality-results).
Here is an example that returns ESLint output in the necessary format:
```yaml
eslint:
image: node:18-alpine
script:
- npm ci
- npx eslint --format gitlab .
artifacts:
reports:
codequality: gl-code-quality-report.json
```
## View Code Quality results
Code Quality results are shown in the:

6
doc/update/deprecations.md
View File

@ -209,8 +209,8 @@ This is one small step towards moving away from CI/CD templates in preference of
</div>
In GitLab 18.0, we will remove CodeClimate-based Code Quality scanning.
However, you'll still be able to import results from quality tools by [providing a report as an artifact](https://docs.gitlab.com/ee/ci/testing/code_quality.html#implement-a-custom-tool), just as you can today.
In addition, you can also see this [epic](https://gitlab.com/groups/gitlab-org/-/epics/8790) for new directions considered for Code Quality.
In its place, you should use quality tools directly in your CI/CD pipeline and [provide the tool's report as an artifact](https://docs.gitlab.com/ee/ci/testing/code_quality.html#import-code-quality-results-from-a-cicd-job).
Many tools already support the required report format, and you can integrate them by following the [documented steps](https://docs.gitlab.com/ee/ci/testing/code_quality.html#integrate-common-tools-with-code-quality).
We expect to implement this change by:
@ -221,7 +221,7 @@ Effective immediately, CodeClimate-based scanning will receive only [limited upd
After End of Support in GitLab 18.0, we won't provide further updates.
However, we won't delete previously published container images or remove the ability to run them by using custom CI/CD pipeline job definitions.
For more details and required actions, see the [deprecation issue for this change](https://gitlab.com/gitlab-org/gitlab/-/issues/471677#action-required).
For more details, see [Scan code for quality violations](https://docs.gitlab.com/ee/ci/testing/code_quality.html#scan-code-for-quality-violations).
</div>

5
doc/user/compliance/license_scanning_of_cyclonedx_files/index.md
View File

@ -14,6 +14,7 @@ DETAILS:
> - [Generally available](https://gitlab.com/gitlab-org/gitlab/-/issues/385176) in GitLab 16.4. Feature flags `license_scanning_sbom_scanner` and `package_metadata_synchronization` removed.
> - The legacy License Compliance analyzer (`License-Scanning.gitlab-ci.yml`) was [removed](https://gitlab.com/gitlab-org/gitlab/-/issues/439162) in GitLab 17.0.
> - In GitLab 17.5 we introduced the ability to use a CycloneDX report artifact as a source of data for license information behind the feature flag `license_scanning_with_sbom_licenses`, disabled by default.
> - In GitLab 17.6 the ability to use a CycloneDX report artifact as a source of data for license information has been enabled by default. The feature flag `license_scanning_with_sbom_licenses` is still present to disable the feature if necessary.
To detect the licenses in use, License Compliance relies on running the
[Dependency Scanning CI Jobs](../../application_security/dependency_scanning/index.md),
@ -210,7 +211,7 @@ CycloneDX reports for licenses. For more information, see the offline [quick sta
## Use CycloneDX report as a source of license information
The ability to use a CI report artifact as a source of license information data was introduced in GitLab 17.5 behind the feature flag `license_scanning_with_sbom_licenses`.
The ability to use a CI report artifact as a source of license information data was introduced in GitLab 17.5 behind the feature flag `license_scanning_with_sbom_licenses` and enabled by default in 17.6.
When the feature flag `license_scanning_with_sbom_licenses` is enabled, the License Scanning uses the [licenses](https://cyclonedx.org/use-cases/#license-compliance) field of the CycloneDX JSON SBOM when available. If the license information is unavailable, the license information imported from the external license database will be used(current behavior).
License information can be provided using a valid SPDX identifier or a license name. However, providing a license using an SPDX License Expression is not supported.
@ -218,6 +219,8 @@ More information about the license field format can be found on the [CycloneDX](
Compatible CycloneDX SBOM generators that provide the licenses field can be found in the [CycloneDX Tool Center](https://cyclonedx.org/tool-center/).
Only licenses providing an SPDX identifier are currently supported. Extending this feature beyond SDPX licenses is tracked in [issue 505677](https://gitlab.com/gitlab-org/gitlab/-/issues/505677).
## Troubleshooting
### A CycloneDX file is not being scanned and appears to provide no results

17
doc/user/duo_workflow/index.md
View File

@ -99,23 +99,6 @@ Other risks to be aware of when using Duo Workflow:
goals or messages, as there is a chance it might end up using those in code
or other API calls.
## Duo Workflow use cases
Automate tasks and help increase productivity in your development workflow by using GitLab Duo Workflow.
GitLab Duo Workflow, currently only in your IDE, takes the information you provide
and uses AI to walk you through an implementation plan.
GitLab Duo Workflow supports a wide variety of use cases. Here are a few examples:
- Bootstrap a new project
- Write tests
- Fix a failed pipeline
- Implement a proof of concept for an existing issue
- Comment on a merge request with suggestions
- Optimize CI configuration
These are examples of successful use cases, but it can be used for many more.
## Prerequisites
Before you can use GitLab Duo Workflow:

60
spec/services/ci/destroy_pipeline_service_spec.rb
View File

@ -4,16 +4,13 @@ require 'spec_helper'
RSpec.describe ::Ci::DestroyPipelineService, feature_category: :continuous_integration do
let_it_be(:project) { create(:project, :repository) }
let_it_be_with_refind(:pipeline) { create(:ci_pipeline, :success, project: project, sha: project.commit.id) }
let!(:pipeline) { create(:ci_pipeline, :success, project: project, sha: project.commit.id) }
subject { described_class.new(project, user).execute(pipeline) }
context 'user is owner' do
let(:user) { project.first_owner }
let(:service) { described_class.new(project, user) }
shared_examples 'unsafe_execute' do
it 'destroys the pipeline' do
subject
response
expect { pipeline.reload }.to raise_error(ActiveRecord::RecordNotFound)
end
@ -23,7 +20,7 @@ RSpec.describe ::Ci::DestroyPipelineService, feature_category: :continuous_integ
expect(project.pipeline_status.has_status?).to be_truthy
subject
response
# We need to reset lazy_latest_pipeline cache to simulate a new request
BatchLoader::Executor.clear_current
@ -33,14 +30,14 @@ RSpec.describe ::Ci::DestroyPipelineService, feature_category: :continuous_integ
end
it 'does not log an audit event' do
expect { subject }.not_to change { AuditEvent.count }
expect { response }.not_to change { AuditEvent.count }
end
context 'when the pipeline has jobs' do
let!(:build) { create(:ci_build, project: project, pipeline: pipeline) }
it 'destroys associated jobs' do
subject
response
expect { build.reload }.to raise_error(ActiveRecord::RecordNotFound)
end
@ -48,7 +45,7 @@ RSpec.describe ::Ci::DestroyPipelineService, feature_category: :continuous_integ
it 'destroys associated stages' do
stages = pipeline.stages
subject
response
expect(stages).to all(raise_error(ActiveRecord::RecordNotFound))
end
@ -57,35 +54,34 @@ RSpec.describe ::Ci::DestroyPipelineService, feature_category: :continuous_integ
let!(:artifact) { create(:ci_job_artifact, :archive, job: build) }
it 'destroys associated artifacts' do
subject
response
expect { artifact.reload }.to raise_error(ActiveRecord::RecordNotFound)
end
it 'inserts deleted objects for object storage files' do
expect { subject }.to change { Ci::DeletedObject.count }
expect { response }.to change { Ci::DeletedObject.count }
end
end
context 'when job has trace chunks' do
let(:connection_params) { Gitlab.config.artifacts.object_store.connection.symbolize_keys }
let(:connection) { ::Fog::Storage.new(connection_params) }
before do
stub_object_storage(connection_params: connection_params, remote_directory: 'artifacts')
stub_artifacts_object_storage
end
let(:connection_params) { Gitlab.config.artifacts.object_store.connection.symbolize_keys }
let(:connection) { ::Fog::Storage.new(connection_params) }
let!(:trace_chunk) { create(:ci_build_trace_chunk, :fog_with_data, build: build) }
it 'destroys associated trace chunks' do
subject
response
expect { trace_chunk.reload }.to raise_error(ActiveRecord::RecordNotFound)
end
it 'removes data from object store' do
expect { subject }.to change { Ci::BuildTraceChunks::Fog.new.data(trace_chunk) }
expect { response }.to change { Ci::BuildTraceChunks::Fog.new.data(trace_chunk) }
end
end
end
@ -104,16 +100,34 @@ RSpec.describe ::Ci::DestroyPipelineService, feature_category: :continuous_integ
expect(cancel_pipeline_service).to receive(:force_execute)
subject
response
end
end
end
context 'user is not owner' do
let(:user) { create(:user) }
describe '#execute' do
subject(:response) { service.execute(pipeline) }
it 'raises an exception' do
expect { subject }.to raise_error(Gitlab::Access::AccessDeniedError)
context 'when user is owner' do
let(:user) { project.first_owner }
it_behaves_like 'unsafe_execute'
end
context 'when user is not owner' do
let(:user) { create(:user) }
it 'raises an exception' do
expect { response }.to raise_error(Gitlab::Access::AccessDeniedError)
end
end
end
describe '#unsafe_execute' do
subject(:response) { service.unsafe_execute(pipeline) }
let(:user) { nil }
it_behaves_like 'unsafe_execute'
end
end