root
/
gitlab-ce
mirror of https://gitlab.com/free-releases/gitlab-ce.git
1
0
Fork 0
Code Issues Actions Packages Projects Releases Wiki Activity

Add latest changes from gitlab-org/gitlab@master

This commit is contained in:
GitLab Bot 2025-05-02 18:13:03 +00:00
parent ea042ca488
commit 247d342e12
70 changed files with 606 additions and 117 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
.rubocop_todo/migration/prevent_feature_flags_usage.yml
View File

@ -1,6 +0,0 @@
---
Migration/PreventFeatureFlagsUsage:
Details: grace period
Exclude:
- 'db/migrate/20250228183319_migrate_vscode_extension_marketplace_feature_flag_to_data.rb'
- 'db/post_migrate/20250404151331_backfill_ci_job_live_trace_application_setting.rb'

2
Gemfile
View File

@ -699,7 +699,7 @@ gem 'valid_email', '~> 0.1', feature_category: :shared
# JSON
gem 'jsonb_accessor', '~> 1.4', feature_category: :shared
gem 'json', '~> 2.10.0', feature_category: :shared
gem 'json', '~> 2.11.0', feature_category: :shared
gem 'json_schemer', '~> 2.3.0', feature_category: :shared
gem 'oj', '~> 3.16.0', '>=3.16.10', feature_category: :shared
gem 'oj-introspect', '~> 0.8', feature_category: :shared

4
Gemfile.checksum
View File

@ -348,8 +348,8 @@
{"name":"jira-ruby","version":"2.3.0","platform":"ruby","checksum":"abf26e6bff4a8ea40bae06f7df6276a5776905c63fb2070934823ca54f62eb62"},
{"name":"jmespath","version":"1.6.2","platform":"ruby","checksum":"238d774a58723d6c090494c8879b5e9918c19485f7e840f2c1c7532cf84ebcb1"},
{"name":"js_regex","version":"3.8.0","platform":"ruby","checksum":"7934bcdd5a0e6d5af4a520288fd4684a02a472ae55831d9178ccaf82356344b5"},
{"name":"json","version":"2.10.2","platform":"java","checksum":"fe31faac61ea21ea1448c35450183f84e85c2b94cc6522c241959ba9d1362006"},
{"name":"json","version":"2.10.2","platform":"ruby","checksum":"34e0eada93022b2a0a3345bb0b5efddb6e9ff5be7c48e409cfb54ff8a36a8b06"},
{"name":"json","version":"2.11.3","platform":"java","checksum":"cfe8db24e49073c5bcd93699d106a1c1c9e5bc301fcc0de05965e72fad999a34"},
{"name":"json","version":"2.11.3","platform":"ruby","checksum":"9a10f658a2de67c0eb837eb795dd48132ce797c403e52b5ebef87dcdc7f9ccc1"},
{"name":"json-jwt","version":"1.16.6","platform":"ruby","checksum":"ab451f9cd8743cecc4137f4170806046c1d8a6d4ee6e8570e0b5c958409b266c"},
{"name":"json_schemer","version":"2.3.0","platform":"ruby","checksum":"9f1fa173b859ca520f15e9e8d08b0892ffca80b78dd8221feb3e360ff4cdeb35"},
{"name":"jsonb_accessor","version":"1.4","platform":"java","checksum":"2c5590d33d89c7b929d5cf38ae3d2c52658bf6f84f03b06ede5c88e9d76f3451"},

4
Gemfile.lock
View File

@ -1071,7 +1071,7 @@ GEM
character_set (~> 1.4)
regexp_parser (~> 2.5)
regexp_property_values (~> 1.0)
json (2.10.2)
json (2.11.3)
json-jwt (1.16.6)
activesupport (>= 4.2)
aes_key_wrap
@ -2236,7 +2236,7 @@ DEPENDENCIES
ipynbdiff!
jira-ruby (~> 2.3.0)
js_regex (~> 3.8)
json (~> 2.10.0)
json (~> 2.11.0)
json_schemer (~> 2.3.0)
jsonb_accessor (~> 1.4)
jwt (~> 2.9.3)

4
Gemfile.next.checksum
View File

@ -348,8 +348,8 @@
{"name":"jira-ruby","version":"2.3.0","platform":"ruby","checksum":"abf26e6bff4a8ea40bae06f7df6276a5776905c63fb2070934823ca54f62eb62"},
{"name":"jmespath","version":"1.6.2","platform":"ruby","checksum":"238d774a58723d6c090494c8879b5e9918c19485f7e840f2c1c7532cf84ebcb1"},
{"name":"js_regex","version":"3.8.0","platform":"ruby","checksum":"7934bcdd5a0e6d5af4a520288fd4684a02a472ae55831d9178ccaf82356344b5"},
{"name":"json","version":"2.10.2","platform":"java","checksum":"fe31faac61ea21ea1448c35450183f84e85c2b94cc6522c241959ba9d1362006"},
{"name":"json","version":"2.10.2","platform":"ruby","checksum":"34e0eada93022b2a0a3345bb0b5efddb6e9ff5be7c48e409cfb54ff8a36a8b06"},
{"name":"json","version":"2.11.3","platform":"java","checksum":"cfe8db24e49073c5bcd93699d106a1c1c9e5bc301fcc0de05965e72fad999a34"},
{"name":"json","version":"2.11.3","platform":"ruby","checksum":"9a10f658a2de67c0eb837eb795dd48132ce797c403e52b5ebef87dcdc7f9ccc1"},
{"name":"json-jwt","version":"1.16.6","platform":"ruby","checksum":"ab451f9cd8743cecc4137f4170806046c1d8a6d4ee6e8570e0b5c958409b266c"},
{"name":"json_schemer","version":"2.3.0","platform":"ruby","checksum":"9f1fa173b859ca520f15e9e8d08b0892ffca80b78dd8221feb3e360ff4cdeb35"},
{"name":"jsonb_accessor","version":"1.4","platform":"java","checksum":"2c5590d33d89c7b929d5cf38ae3d2c52658bf6f84f03b06ede5c88e9d76f3451"},

4
Gemfile.next.lock
View File

@ -1071,7 +1071,7 @@ GEM
character_set (~> 1.4)
regexp_parser (~> 2.5)
regexp_property_values (~> 1.0)
json (2.10.2)
json (2.11.3)
json-jwt (1.16.6)
activesupport (>= 4.2)
aes_key_wrap
@ -2236,7 +2236,7 @@ DEPENDENCIES
ipynbdiff!
jira-ruby (~> 2.3.0)
js_regex (~> 3.8)
json (~> 2.10.0)
json (~> 2.11.0)
json_schemer (~> 2.3.0)
jsonb_accessor (~> 1.4)
jwt (~> 2.9.3)

84
app/assets/javascripts/authentication/sessions/components/session_expire_modal.vue Normal file
View File

@ -0,0 +1,84 @@
<script>
import { GlModal } from '@gitlab/ui';
import { uniqueId } from 'lodash';
import { visitUrl } from '~/lib/utils/url_utility';
import { __ } from '~/locale';
import { INTERVAL_SESSION_MODAL } from '../constants';
export default {
components: {
GlModal,
},
props: {
message: {
type: String,
required: true,
},
sessionTimeout: {
type: Number,
required: true,
},
signInUrl: {
type: String,
required: true,
},
title: {
type: String,
required: true,
},
},
data() {
return {
intervalId: null,
modalId: uniqueId('expire-session-modal-'),
showModal: false,
};
},
async created() {
this.intervalId = setInterval(this.checkStatus, INTERVAL_SESSION_MODAL);
document.addEventListener('visibilitychange', this.onDocumentVisible);
},
beforeDestroy() {
this.clearEvents();
},
methods: {
clearEvents() {
if (this.intervalId) {
clearInterval(this.intervalId);
document.removeEventListener('visibilitychange', this.onDocumentVisible);
this.intervalId = null;
}
},
checkStatus() {
if (Date.now() >= this.sessionTimeout) {
this.showModal = true;
this.clearEvents();
}
},
onDocumentVisible() {
if (document.visibilityState === 'visible') {
this.checkStatus();
}
},
goTo() {
visitUrl(this.signInUrl);
},
},
reload: { text: __('Sign in') },
cancel: { text: __('Cancel') },
};
</script>
<template>
<gl-modal
v-model="showModal"
:modal-id="modalId"
:title="title"
:action-primary="$options.reload"
:action-cancel="$options.cancel"
aria-live="assertive"
@primary="goTo"
>
{{ message }}
</gl-modal>
</template>

1
app/assets/javascripts/authentication/sessions/constants.js Normal file
View File

@ -0,0 +1 @@
export const INTERVAL_SESSION_MODAL = 10 * 1000;

25
app/assets/javascripts/authentication/sessions/index.js Normal file
View File

@ -0,0 +1,25 @@
import Vue from 'vue';
import { s__ } from '~/locale';
import SessionExpireModal from './components/session_expire_modal.vue';
export const initExpireSessionModal = () => {
const el = document.getElementById('js-session-expire-modal');
if (!el) return null;
const { sessionTimeout, signInUrl } = el.dataset;
const message = s__('SessionExpire|Your session has expired. Please, sign in again.');
const title = s__('SessionExpire|Your session has expired');
return new Vue({
el,
render: (createElement) =>
createElement(SessionExpireModal, {
props: {
message,
sessionTimeout: parseInt(sessionTimeout, 10),
signInUrl,
title,
},
}),
});
};

9
app/assets/javascripts/ci/pipeline_mini_graph/pipeline_stage_dropdown.vue
View File

@ -159,11 +159,16 @@ export default {
<template #header>
<div
data-testid="pipeline-stage-dropdown-menu-title"
class="gl-flex gl-min-h-8 gl-items-center gl-border-b-1 gl-border-b-dropdown !gl-p-4 gl-text-sm gl-font-bold gl-leading-1 gl-border-b-solid"
class="gl-border-b gl-flex gl-min-h-8 gl-items-center !gl-p-4 gl-text-sm gl-font-bold gl-leading-1 gl-border-b-solid"
>
<span>{{ dropdownHeaderText }}</span>
</div>
<gl-search-box-by-type v-if="searchVisible" v-model="search" class="gl-m-2" borderless />
<gl-search-box-by-type
v-if="searchVisible"
v-model="search"
class="pipeline-mini-graph-search"
borderless
/>
</template>
<div v-if="isLoading" class="gl-flex gl-gap-3 gl-px-4 gl-py-3">

3
app/assets/javascripts/main.js
View File

@ -33,7 +33,7 @@ import initWorkItemAttributePopovers from './work_item_attribute_popovers';
import initBroadcastNotifications from './broadcast_notification';
import { initCopyCodeButton } from './behaviors/copy_code';
import initGitlabVersionCheck from './gitlab_version_check';
import { initExpireSessionModal } from './authentication/sessions';
import 'ee_else_ce/main_ee';
import 'jh_else_ce/main_jh';
@ -96,6 +96,7 @@ function deferredInitialisation() {
initDefaultTrackers();
initCopyCodeButton();
initGitlabVersionCheck();
initExpireSessionModal();
addSelectOnFocusBehaviour('.js-select-on-focus');

20
app/assets/stylesheets/page_bundles/pipelines.scss
View File

@ -47,6 +47,26 @@
}
}
.pipeline-mini-graph-search {
// stylelint-disable-next-line gitlab/no-gl-class
.gl-form-input {
@apply gl-w-full gl-h-auto gl-py-4 gl-border-none gl-rounded-none gl-text-base gl-leading-normal;
padding-left: calc(#{$gl-spacing-scale-7} + #{$gl-spacing-scale-2});
padding-right: calc(#{$gl-spacing-scale-6} + #{$gl-spacing-scale-2});
background-color: var(--gl-dropdown-search-background-color);
@apply gl-border-b;
&:hover {
@apply gl-shadow-none;
}
}
// stylelint-disable-next-line gitlab/no-gl-class
.gl-search-box-by-type-search-icon {
@apply gl-inset-4;
}
}
// Pipeline failed status
.ci-job-component.ci-job-item-failed:not(:hover):not(:focus) > a {
@include ci-job-item-failed-status-bg;

5
app/helpers/sessions_helper.rb
View File

@ -12,6 +12,11 @@ module SessionsHelper
Gitlab::Utils::Email.obfuscated_email(email)
end
def session_expire_modal_data
{ session_timeout: Gitlab::Auth::SessionExpireFromInitEnforcer.session_expires_at(session) * 1000,
sign_in_url: new_session_url(:user, redirect_to_referer: 'yes') }
end
def remember_me_enabled?
Gitlab::CurrentSettings.allow_user_remember_me?
end

4
app/models/concerns/has_repository.rb
View File

@ -47,6 +47,10 @@ module HasRepository
repository.branch_exists?(branch)
end
def ref_exists?(ref)
repository.ref_exists?(ref)
end
def commit_by(oid:)
repository.commit_by(oid: oid)
end

4
app/models/integrations/jira.rb
View File

@ -184,10 +184,6 @@ module Integrations
# https://gitlab.com/gitlab-org/gitlab/issues/29404
# These fields are API only, so no field definition is required.
data_field :jira_issue_transition_automatic
data_field :project_key
data_field :vulnerabilities_enabled
data_field :vulnerabilities_issuetype
data_field :customize_jira_issue_enabled
# When these are false GitLab does not create cross reference
# comments on Jira except when an issue gets transitioned.

24
app/services/merge_requests/build_service.rb
View File

@ -197,7 +197,29 @@ module MergeRequests
end
def source_branch_exists?
source_branch.blank? || source_project.branch_exists?(source_branch)
source_branch.blank? || source_project.branch_exists?(source_branch) || ref_exists_in_gitaly?
end
def ref_exists_in_gitaly?
return false unless Feature.enabled?(:pull_ref_directly_from_gitaly, project)
# The following check acts as a fallback if there is a mismatch between
# the cache and repository state. If the branch ref does not exist in the cache
# then we validate the repository state with Gitaly to avoid an inconsistent response.
exists = source_project.ref_exists?("refs/heads/#{source_branch}")
return false unless exists
# Only log when we find a ref that exists in Gitaly but was not found elsewhere
Gitlab::AppJsonLogger.info(
class: self.class.to_s,
method: __method__,
project_id: project.id,
source_branch: source_branch,
**Gitlab::ApplicationContext.current
)
true
end
def target_branch_exists?

1
app/views/layouts/_page.html.haml
View File

@ -9,6 +9,7 @@
%aside.js-super-sidebar.super-sidebar.super-sidebar-loading{ data: { root_path: root_path, sidebar: sidebar_data, force_desktop_expanded_sidebar: @force_desktop_expanded_sidebar.to_s, command_palette: command_palette_data(project: @project, current_ref: current_ref).to_json, is_saas: Gitlab.com?.to_s } }
= render_if_exists "layouts/tanuki_bot_chat"
= render_if_exists "layouts/session_expire_modal"
.content-wrapper{ class: "#{@content_wrapper_class}" }
-# Broadcast messages

3
app/views/layouts/_session_expire_modal.html.haml Normal file
View File

@ -0,0 +1,3 @@
- return unless current_user && Gitlab::CurrentSettings.session_expire_from_init && Feature.enabled?(:session_expire_from_init, :instance)
#js-session-expire-modal{ data: session_expire_modal_data }

9
config/feature_flags/gitlab_com_derisk/pull_ref_directly_from_gitaly.yml Normal file
View File

@ -0,0 +1,9 @@
---
name: pull_ref_directly_from_gitaly
feature_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/348565
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/188492
rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/536824
milestone: '18.0'
group: group::source code
type: gitlab_com_derisk
default_enabled: false

2
data/deprecations/16-0-deprecate-postgresql-13.yml
View File

@ -6,7 +6,7 @@
stage: Enablement
issue_url: https://gitlab.com/groups/gitlab-org/-/epics/9065
body: |
GitLab follows an [annual upgrade cadence for PostgreSQL](https://handbook.gitlab.com/handbook/engineering/infrastructure/core-platform/data_stores/database/postgresql-upgrade-cadence/).
GitLab follows an [annual upgrade cadence for PostgreSQL](https://handbook.gitlab.com/handbook/engineering/infrastructure-platforms/data-access/database-framework/postgresql-upgrade-cadence/).
Support for PostgreSQL 13 is scheduled for removal in GitLab 17.0.
In GitLab 17.0, PostgreSQL 14 becomes the minimum required PostgreSQL version.

7
db/migrate/20250228183319_migrate_vscode_extension_marketplace_feature_flag_to_data.rb
View File

@ -42,11 +42,6 @@ class MigrateVSCodeExtensionMarketplaceFeatureFlagToData < Gitlab::Database::Mig
private
def extension_marketplace_flag_enabled?
# NOTE: It's possible the flag is only enabled for a specific user, but in that case we'll assume
# the instance admin didn't want the feature globally available and we won't initialize the data.
Feature.enabled?(:web_ide_extensions_marketplace, nil) &&
# NOTE: We only want to migrate instances that have **explicitly** opted in to the early
# extensions marketplace experience (not just enabled by default feature flag).
Feature.persisted_name?(:web_ide_extensions_marketplace)
feature_flag_enabled?('web_ide_extensions_marketplace')
end
end

19
db/migrate/20250313171706_partition_vulnerability_archives.rb
View File

@ -36,10 +36,29 @@ class PartitionVulnerabilityArchives < Gitlab::Database::Migration[2.2]
end
def down
# Drop the constraint from partitioned table.
connection.execute(<<~SQL)
ALTER TABLE vulnerability_archived_records DROP CONSTRAINT fk_rails_601e008d4b;
SQL
# Drop the constraint from detached partitions.
foreign_keys = connection.execute(<<~SQL)
SELECT
table_schema,
table_name
FROM
information_schema.table_constraints
WHERE
table_name ILIKE 'vulnerability_archived_records%'
AND constraint_name = 'fk_rails_601e008d4b';
SQL
foreign_keys.values.each do |schema, table_name| # rubocop:disable Style/HashEachMethods -- This is a Hash
connection.execute(<<~SQL)
ALTER TABLE connection.quote_table_name(#{schema}.#{table_name}) DROP CONSTRAINT fk_rails_601e008d4b;
SQL
end
drop_table :vulnerability_archives
create_table :vulnerability_archives do |t| # rubocop:disable Migration/EnsureFactoryForTable -- false positive

4
db/post_migrate/20250404151331_backfill_ci_job_live_trace_application_setting.rb
View File

@ -6,8 +6,8 @@ class BackfillCiJobLiveTraceApplicationSetting < Gitlab::Database::Migration[2.2
milestone '17.11'
def up
ci_enable_live_trace = Feature.enabled?(:ci_enable_live_trace,
:instance) && Gitlab.config.artifacts.object_store.enabled
ci_enable_live_trace = feature_flag_enabled?('ci_enable_live_trace') &&
Gitlab.config.artifacts.object_store.enabled
sql = <<~SQL
UPDATE application_settings

7
doc/administration/credentials_inventory.md
View File

@ -2,13 +2,14 @@
stage: Software Supply Chain Security
group: Authentication
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
title: Credentials inventory for GitLab Self-Managed
gitlab_dedicated: yes
title: Credentials inventory
---
{{< details >}}
- Tier: Ultimate
- Offering: GitLab Self-Managed
- Offering: GitLab Self-Managed, GitLab Dedicated
{{< /details >}}
@ -24,7 +25,7 @@ For GitLab.com, see [Credentials inventory for GitLab.com](../user/group/credent
{{< /alert >}}
Use the credentials inventory to monitor and control access to your GitLab Self-Managed instance.
Use the credentials inventory to monitor and control access to your instance.
As an administrator, you can:

23
doc/administration/repository_checks.md
View File

@ -2,13 +2,14 @@
stage: Systems
group: Gitaly
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
gitlab_dedicated: yes
title: Repository checks
---
{{< details >}}
- Tier: Free, Premium, Ultimate
- Offering: GitLab Self-Managed
- Offering: GitLab Self-Managed, GitLab Dedicated
{{< /details >}}
@ -50,7 +51,7 @@ Instead of checking repositories manually, GitLab can be configured to run the c
When enabled, GitLab periodically runs a repository check on all project repositories and wiki
repositories to detect possible data corruption. A project is checked no more than once per month, and new projects aren't checked for at least 24 hours.
Administrators can configure the frequency of repository checks. To edit the frequency:
GitLab Self-Managed administrators can configure the frequency of repository checks. To edit the frequency:
- For Linux package installations, edit `gitlab_rails['repository_check_worker_cron']` in
`/etc/gitlab/gitlab.rb`.
@ -66,6 +67,12 @@ Repositories with known check failures can be found at
## Run a check using the command line
{{< details >}}
- Offering: GitLab Self-Managed
{{< /details >}}
You can run [`git fsck`](https://git-scm.com/docs/git-fsck) using the command line on repositories on
[Gitaly servers](gitaly/_index.md). To locate the repositories:
@ -88,6 +95,12 @@ You can run [`git fsck`](https://git-scm.com/docs/git-fsck) using the command li
## What to do if a check failed
{{< details >}}
- Offering: GitLab Self-Managed
{{< /details >}}
If a repository check fails, locate the error in the [`repocheck.log` file](logs/_index.md#repochecklog) on disk at:
- `/var/log/gitlab/gitlab-rails` for Linux package installations.
@ -103,6 +116,12 @@ If periodic repository checks cause false alarms, you can clear all repository c
## Troubleshooting
{{< details >}}
- Offering: GitLab Self-Managed
{{< /details >}}
When working with repository checks, you might encounter the following issues.
### Error: `failed to parse commit <commit SHA> from object database for commit-graph`

3
doc/administration/review_abuse_reports.md
View File

@ -2,13 +2,14 @@
stage: Software Supply Chain Security
group: Authorization
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
gitlab_dedicated: yes
title: Review abuse reports
---
{{< details >}}
- Tier: Free, Premium, Ultimate
- Offering: GitLab Self-Managed
- Offering: GitLab Self-Managed, GitLab Dedicated
{{< /details >}}

3
doc/administration/settings/_index.md
View File

@ -2,6 +2,7 @@
stage: none
group: unassigned
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
gitlab_dedicated: yes
description: Product settings.
title: Update your Admin area settings
---
@ -9,7 +10,7 @@ title: Update your Admin area settings
{{< details >}}
- Tier: Free, Premium, Ultimate
- Offering: GitLab Self-Managed
- Offering: GitLab Self-Managed, GitLab Dedicated
{{< /details >}}

6
doc/administration/settings/account_and_limit_settings.md
View File

@ -756,6 +756,12 @@ users from deleting their own accounts:
## Troubleshooting
{{< details >}}
- Offering: GitLab Self-Managed
{{< /details >}}
### 413 Request Entity Too Large
When attaching a file to a comment or reply in GitLab, the [max attachment size](#max-attachment-size)

3
doc/administration/settings/continuous_integration.md
View File

@ -2,13 +2,14 @@
stage: Verify
group: Pipeline Execution
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
gitlab_dedicated: yes
title: CI/CD settings
---
{{< details >}}
- Tier: Free, Premium, Ultimate
- Offering: GitLab Self-Managed
- Offering: GitLab Self-Managed, GitLab Dedicated
{{< /details >}}

25
doc/administration/settings/email.md
View File

@ -2,13 +2,14 @@
stage: Plan
group: Project Management
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
gitlab_dedicated: yes
title: Email
---
{{< details >}}
- Tier: Free, Premium, Ultimate
- Offering: GitLab Self-Managed
- Offering: GitLab Self-Managed, GitLab Dedicated
{{< /details >}}
@ -23,7 +24,7 @@ The logo in the header of some emails can be customized, see the [logo customiza
{{< details >}}
- Tier: Premium, Ultimate
- Offering: GitLab Self-Managed
- Offering: GitLab Self-Managed, GitLab Dedicated
{{< /details >}}
@ -44,7 +45,7 @@ To include the author's email address in the email body:
{{< details >}}
- Tier: Premium, Ultimate
- Offering: GitLab Self-Managed
- Offering: GitLab Self-Managed, GitLab Dedicated
{{< /details >}}
@ -63,7 +64,7 @@ To enable multipart email:
{{< details >}}
- Tier: Premium, Ultimate
- Offering: GitLab Self-Managed
- Offering: GitLab Self-Managed, GitLab Dedicated
{{< /details >}}
@ -91,7 +92,7 @@ recognized by GitLab. This can directly conflict with certain [Push rules](../..
{{< details >}}
- Tier: Premium, Ultimate
- Offering: GitLab Self-Managed
- Offering: GitLab Self-Managed, GitLab Dedicated
{{< /details >}}
@ -120,13 +121,6 @@ To disable these notifications:
### Custom additional text in deactivation emails
{{< details >}}
- Tier: Free, Premium, Ultimate
- Offering: GitLab Self-Managed
{{< /details >}}
{{< history >}}
- [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/355964) in GitLab 15.9 [with a flag](../feature_flags.md) named `deactivation_email_additional_text`. Disabled by default.
@ -149,13 +143,6 @@ To add additional text to deactivation emails:
## Group and project access token expiry emails to inherited members
{{< details >}}
- Tier: Free, Premium, Ultimate
- Offering: GitLab Self-Managed
{{< /details >}}
{{< history >}}
- Notifications to inherited group members [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/463016) in GitLab 17.7 [with a flag](../feature_flags.md) named `pat_expiry_inherited_members_notification`. Disabled by default.

3
doc/administration/settings/external_authorization.md
View File

@ -2,13 +2,14 @@
stage: Software Supply Chain Security
group: Authentication
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
gitlab_dedicated: yes
title: External authorization control
---
{{< details >}}
- Tier: Free, Premium, Ultimate
- Offering: GitLab Self-Managed
- Offering: GitLab Self-Managed, GitLab Dedicated
{{< /details >}}

5
doc/administration/settings/files_api_rate_limits.md
View File

@ -2,14 +2,15 @@
stage: Create
group: Source Code
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
description: Configure rate limits for the repository files API on GitLab Self-Managed.
gitlab_dedicated: yes
description: Configure rate limits for the repository files API.
title: Rate limits on Repository files API
---
{{< details >}}
- Tier: Free, Premium, Ultimate
- Offering: GitLab Self-Managed
- Offering: GitLab Self-Managed, GitLab Dedicated
{{< /details >}}

3
doc/administration/settings/git_lfs_rate_limits.md
View File

@ -2,6 +2,7 @@
stage: Create
group: Source Code
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
gitlab_dedicated: yes
description: Configure rate limits for Git LFS on GitLab.
title: Rate limits on Git LFS
---
@ -9,7 +10,7 @@ title: Rate limits on Git LFS
{{< details >}}
- Tier: Free, Premium, Ultimate
- Offering: GitLab.com, GitLab Self-Managed
- Offering: GitLab.com, GitLab Self-Managed, GitLab Dedicated
{{< /details >}}

9
doc/administration/settings/import_and_export_settings.md
View File

@ -2,13 +2,14 @@
stage: Foundations
group: Import and Integrate
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
gitlab_dedicated: yes
title: Import and export settings
---
{{< details >}}
- Tier: Free, Premium, Ultimate
- Offering: GitLab Self-Managed
- Offering: GitLab Self-Managed, GitLab Dedicated
{{< /details >}}
@ -121,6 +122,12 @@ To allow mapping of imported user contributions to administrators:
## Skip confirmation when reassigning placeholder users
{{< details >}}
- Offering: GitLab Self-Managed
{{< /details >}}
{{< history >}}
- [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/534330) in GitLab 18.0 [with a flag](../feature_flags.md) named `importer_user_mapping_allow_bypass_of_confirmation`. Disabled by default.

3
doc/administration/settings/incident_management_rate_limits.md
View File

@ -2,13 +2,14 @@
stage: Monitor
group: Platform Insights
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
gitlab_dedicated: yes
title: Incident management rate limits
---
{{< details >}}
- Tier: Ultimate
- Offering: GitLab Self-Managed
- Offering: GitLab Self-Managed, GitLab Dedicated
{{< /details >}}

5
doc/administration/settings/instance_template_repository.md
View File

@ -2,14 +2,15 @@
stage: Create
group: Source Code
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
description: Configure a collection of file templates available for all projects on GitLab Self-Managed.
gitlab_dedicated: yes
description: Configure a collection of file templates available for all projects.
title: Instance template repository
---
{{< details >}}
- Tier: Premium, Ultimate
- Offering: GitLab Self-Managed
- Offering: GitLab Self-Managed, GitLab Dedicated
{{< /details >}}

3
doc/administration/settings/localization.md
View File

@ -2,13 +2,14 @@
stage: none
group: unassigned
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
gitlab_dedicated: yes
title: Localization
---
{{< details >}}
- Tier: Free, Premium, Ultimate
- Offering: GitLab Self-Managed
- Offering: GitLab Self-Managed, GitLab Dedicated
{{< /details >}}

3
doc/administration/settings/package_registry_rate_limits.md
View File

@ -2,13 +2,14 @@
stage: Package
group: Package Registry
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
gitlab_dedicated: yes
title: Package registry rate limits
---
{{< details >}}
- Tier: Free, Premium, Ultimate
- Offering: GitLab Self-Managed
- Offering: GitLab Self-Managed, GitLab Dedicated
{{< /details >}}

3
doc/administration/settings/protected_paths.md
View File

@ -2,13 +2,14 @@
stage: none
group: unassigned
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
gitlab_dedicated: yes
title: Protected paths
---
{{< details >}}
- Tier: Free, Premium, Ultimate
- Offering: GitLab Self-Managed
- Offering: GitLab Self-Managed, GitLab Dedicated
{{< /details >}}

3
doc/administration/settings/push_event_activities_limit.md
View File

@ -2,6 +2,7 @@
stage: Create
group: Source Code
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
gitlab_dedicated: yes
description: Configure limits on the number of single push events your instance will allow.
title: Push event activities limit and bulk push events
---
@ -9,7 +10,7 @@ title: Push event activities limit and bulk push events
{{< details >}}
- Tier: Free, Premium, Ultimate
- Offering: GitLab Self-Managed
- Offering: GitLab Self-Managed, GitLab Dedicated
{{< /details >}}

3
doc/administration/settings/security_and_compliance.md
View File

@ -2,13 +2,14 @@
stage: Application Security Testing
group: Composition Analysis
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
gitlab_dedicated: yes
title: Security and compliance Admin area settings
---
{{< details >}}
- Tier: Ultimate
- Offering: GitLab Self-Managed
- Offering: GitLab Self-Managed, GitLab Dedicated
{{< /details >}}

3
doc/administration/settings/security_contact_information.md
View File

@ -2,13 +2,14 @@
stage: Software Supply Chain Security
group: Compliance
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
gitlab_dedicated: yes
title: Provide public security contact information
---
{{< details >}}
- Tier: Free, Premium, Ultimate
- Offering: GitLab Self-Managed
- Offering: GitLab Self-Managed, GitLab Dedicated
{{< /details >}}

13
doc/administration/settings/visibility_and_access_controls.md
View File

@ -2,14 +2,15 @@
stage: Create
group: Source Code
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
description: Control project visibility, creation, retention, and deletion on GitLab Self-Managed.
gitlab_dedicated: yes
description: Control project visibility, creation, retention, and deletion.
title: Control access and visibility
---
{{< details >}}
- Tier: Free, Premium, Ultimate
- Offering: GitLab Self-Managed
- Offering: GitLab Self-Managed, GitLab Dedicated
{{< /details >}}
@ -59,7 +60,7 @@ is turned on, administrators must enter Admin Mode to create new projects.
{{< details >}}
- Tier: Premium, Ultimate
- Offering: GitLab Self-Managed
- Offering: GitLab Self-Managed, GitLab Dedicated
{{< /details >}}
@ -342,6 +343,12 @@ This happens even if you select **Only SSH**, because GitLab Runner and CI/CD jo
## Customize Git clone URL for HTTP(S)
{{< details >}}
- Offering: GitLab Self-Managed
{{< /details >}}
You can customize project Git clone URLs for HTTP(S), which affects the clone
panel shown to users on a project's page. For example, if:

4
doc/api/project_integrations.md
View File

@ -1489,6 +1489,10 @@ Parameters:
| `issues_enabled` | boolean | no | Enable viewing Jira issues in GitLab. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/267015) in GitLab 17.0. |
| `project_keys` | array of strings | no | Keys of Jira projects. When `issues_enabled` is `true`, this setting specifies which Jira projects to view issues from in GitLab. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/267015) in GitLab 17.0. |
| `use_inherited_settings` | boolean | no | Indicates whether to inherit the default settings. Defaults to `false`. |
| `vulnerabilities_enabled` | boolean | no | Available only in GitLab EE. When set to `true`, creates Jira issues for GitLab vulnerabilities.|
| `vulnerabilities_issuetype` | number | no | Available only in GitLab EE. ID of the Jira issue type to use when creating issues from vulnerabilities. |
| `project_key` | string | no | Available only in GitLab EE. Key of the project to use when creating issues from vulnerabilities. This parameter is required if using the integration to create issues from vulnerabilities. |
| `customize_jira_issue_enabled` | boolean | no | Available only in GitLab EE. When set to `true`, opens a prefilled form on the Jira instance when creating a Jira issue from a vulnerability. |
### Disable Jira

4
doc/development/adding_service_component.md
View File

@ -63,7 +63,7 @@ The first iteration should be opt-in, either through the `gitlab.yml` configurat
Code shipped with GitLab needs to use a license approved by the Legal team. See the list of [existing approved licenses](https://handbook.gitlab.com/handbook/engineering/open-source/#using-open-source-software).
Notify the [Distribution team](https://handbook.gitlab.com/handbook/engineering/infrastructure/core-platform/systems/distribution/) when adding a new dependency that must be compiled. We must be able to compile the dependency on all supported platforms.
Notify the [Distribution team](https://handbook.gitlab.com/handbook/engineering/infrastructure-platforms/gitlab-delivery/distribution/) when adding a new dependency that must be compiled. We must be able to compile the dependency on all supported platforms.
New services to be bundled with GitLab need to be available in the following environments.
@ -86,7 +86,7 @@ In order for a service to be bundled for end-users or GitLab.com, it needs to be
Dependencies should be kept up to date and be tracked for security updates. For the Rails codebase, the JavaScript and Ruby dependencies are
scanned for vulnerabilities using GitLab [dependency scanning](../user/application_security/dependency_scanning/_index.md).
In addition, any system dependencies used in Omnibus packages or the Cloud Native images should be added to the [dependency update automation](https://handbook.gitlab.com/handbook/engineering/infrastructure/core-platform/systems/distribution/maintenance/dependencies.io/#adding-new-dependencies).
In addition, any system dependencies used in Omnibus packages or the Cloud Native images should be added to the [dependency update automation](https://handbook.gitlab.com/handbook/engineering/infrastructure-platforms/gitlab-delivery/distribution/maintenance).
## Release management

2
doc/development/architecture.md
View File

@ -90,7 +90,7 @@ new features and services must be written to consider Kubernetes compatibility *
The simplest way to ensure this, is to add support for your feature or service to
[the official GitLab Helm chart](https://docs.gitlab.com/charts/) or reach out to
[the Distribution team](https://handbook.gitlab.com/handbook/engineering/infrastructure/core-platform/systems/distribution/#how-to-work-with-distribution).
[the Distribution team](https://handbook.gitlab.com/handbook/engineering/infrastructure-platforms/gitlab-delivery/distribution/#how-to-work-with-distribution).
Refer to the [process for adding new service components](adding_service_component.md) for more details.

2
doc/development/code_review.md
View File

@ -175,7 +175,7 @@ by a reviewer before passing it to a maintainer as described in the
| `~frontend` changes <sup>1</sup> | [Frontend maintainer](https://handbook.gitlab.com/handbook/engineering/projects/#gitlab_maintainers_frontend). |
| `~UX` user-facing changes <sup>3</sup> | [Product Designer](https://handbook.gitlab.com/handbook/engineering/projects/#gitlab_reviewers_UX). Refer to the [design and user interface guidelines](contributing/design.md) for details. |
| Adding a new JavaScript library <sup>1</sup> | - [Frontend Design System member](https://about.gitlab.com/direction/foundations/design_system/) if the library significantly increases the [bundle size](https://gitlab.com/gitlab-org/frontend/playground/webpack-memory-metrics/-/blob/main/doc/report.md).<br/>- A [legal department member](https://handbook.gitlab.com/handbook/legal/) if the license used by the new library hasn't been approved for use in GitLab.<br/><br/>More information about license compatibility can be found in our [GitLab Licensing and Compatibility documentation](licensing.md). |
| A new dependency or a file system change | - [Distribution team member](https://about.gitlab.com/company/team/). See how to work with the [Distribution team](https://handbook.gitlab.com/handbook/engineering/infrastructure/core-platform/systems/distribution/#how-to-work-with-distribution) for more details.<br/>- For RubyGems, request an [AppSec review](gemfile.md#request-an-appsec-review). |
| A new dependency or a file system change | - [Distribution team member](https://about.gitlab.com/company/team/). See how to work with the [Distribution team](https://handbook.gitlab.com/handbook/engineering/infrastructure-platforms/gitlab-delivery/distribution/#how-to-work-with-distribution) for more details.<br/>- For RubyGems, request an [AppSec review](gemfile.md#request-an-appsec-review). |
| `~documentation` or `~UI text` changes | [Technical writer](https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments) based on assignments in the appropriate [DevOps stage group](https://handbook.gitlab.com/handbook/product/categories/#devops-stages). |
| Changes to development guidelines | Follow the [review process](development_processes.md#development-guidelines-review) and get the approvals accordingly. |
| End-to-end **and** non-end-to-end changes <sup>4</sup> | [Software Engineer in Test](https://handbook.gitlab.com/handbook/engineering/quality/#individual-contributors). |

6
doc/development/database/adding_database_indexes.md
View File

@ -328,12 +328,6 @@ Be aware that certain factors can give the false impression that an index is unu
parent_idx.relname = '<PARENT_INDEX_NAME>';
```
- Run the following command in the Rails console:
```ruby
Gitlab::Database::PostgresPartitionedTable.by_identifier('public.<PARENT_TABLE_NAME>').indexes
```
1. For GitLab.com, you can view index usage data in [Grafana](https://dashboards.gitlab.net/goto/shHCmIxHg?orgId=1).
- Query the metric `pg_stat_user_indexes_idx_scan` filtered by the relevant index(s) for at least the last 6 months.
The query below shows index usage across all database instances combined.

2
doc/development/database/multiple_databases.md
View File

@ -683,7 +683,7 @@ end
```
Don't hesitate to reach out to the
[Pods group](https://handbook.gitlab.com/handbook/engineering/infrastructure/core-platform/data_stores/tenant-scale/)
[Tenant Scale group](https://handbook.gitlab.com/handbook/engineering/infrastructure-platforms/tenant-scale/)
for advice.
##### Avoid `dependent: :nullify` and `dependent: :destroy` across databases

2
doc/development/database/not_null_constraints.md
View File

@ -160,7 +160,7 @@ end
#### Check if all records are fixed (next release)
Use postgres.ai to [create a thin clone](https://handbook.gitlab.com/handbook/engineering/infrastructure/core-platform/data_stores/database/doc/gitlab-com-database/#use-postgresai-to-work-with-a-thin-clone-of-the-database-includes-direct-psql-access-to-the-thin-clone)
Use postgres.ai to [create a thin clone](https://handbook.gitlab.com/handbook/engineering/infrastructure-platforms/data-access/database-framework/doc/gitlab-com-database/#use-postgresai-to-work-with-a-thin-clone-of-the-database-includes-direct-psql-access-to-the-thin-clone)
of the production database and check if all records on GitLab.com have the attribute set.
If not go back to [Prevent new invalid records](#prevent-new-invalid-records-current-release) step and figure out where
in the code the attribute is explicitly set to `nil`. Fix the code path then reschedule the migration to fix the existing

2
doc/development/database/transaction_guidelines.md
View File

@ -11,7 +11,7 @@ For further reference, check PostgreSQL documentation about [transactions](https
## Database decomposition and sharding
The [Pods group](https://handbook.gitlab.com/handbook/engineering/infrastructure/core-platform/data_stores/tenant-scale/) plans
The [Tenant Scale group](https://handbook.gitlab.com/handbook/engineering/infrastructure-platforms/tenant-scale/) plans
to split the main GitLab database and move some of the database tables to other database servers.
We start decomposing the `ci_*`-related database tables first. To maintain the current application

2
doc/development/distribution/_index.md
View File

@ -16,7 +16,7 @@ to one must be made to the other to retain feature parity.
## Contributing
The primary projects handled by Distribution are listed below. For more
information, visit the [Distribution team engineering handbook page](https://handbook.gitlab.com/handbook/engineering/infrastructure/core-platform/systems/distribution/)
information, visit the [Distribution team engineering handbook page](https://handbook.gitlab.com/handbook/engineering/infrastructure-platforms/gitlab-delivery/distribution/)
or select one of the subsections in the navigation bar.
### GitLab application

3
doc/security/ssh_keys_restrictions.md
View File

@ -2,13 +2,14 @@
stage: Software Supply Chain Security
group: Authentication
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
gitlab_dedicated: yes
title: Restrict allowed SSH key technologies and minimum length
---
{{< details >}}
- Tier: Free, Premium, Ultimate
- Offering: GitLab Self-Managed
- Offering: GitLab Self-Managed, GitLab Dedicated
{{< /details >}}

2
doc/update/deprecations.md
View File

@ -3388,7 +3388,7 @@ In milestone 17.0, we will remove the `pipelines` attribute from the API respons
</div>
GitLab follows an [annual upgrade cadence for PostgreSQL](https://handbook.gitlab.com/handbook/engineering/infrastructure/core-platform/data_stores/database/postgresql-upgrade-cadence/).
GitLab follows an [annual upgrade cadence for PostgreSQL](https://handbook.gitlab.com/handbook/engineering/infrastructure-platforms/data-access/database-framework/postgresql-upgrade-cadence/).
Support for PostgreSQL 13 is scheduled for removal in GitLab 17.0.
In GitLab 17.0, PostgreSQL 14 becomes the minimum required PostgreSQL version.

9
doc/user/application_security/vulnerabilities/validity_check.md
View File

@ -10,7 +10,7 @@ title: Validity checks
Status: Experiment
- Tier: Ultimate
- Offering: GitLab.com, GitLab Dedicated
- Offering: GitLab.com
{{< /details >}}
@ -28,10 +28,7 @@ This feature is available for testing, but not ready for production use.
{{< /alert >}}
## What is a validity check?
GitLab validity checks determines whether a secret, like an access token, is active.
A secret is active when:
- It is not expired.
@ -54,10 +51,10 @@ To enable validity checks for a project:
- Contact your GitLab representative and ask them to enable validity checks.
If validity checks are enabled, when the `secret_detection` CI/CD job is complete,
GitLab checks the status of supported detected secrets. The statuses are displayed on the
GitLab checks the status of detected secrets. The statuses are displayed on the
**Findings** page of the vulnerability report.
## Coverage
### Coverage
Validity checks supports the following secret types:

3
doc/user/packages/container_registry/container_repository_protection_rules.md
View File

@ -2,13 +2,14 @@
stage: Container
group: Container Registry
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
gitlab_dedicated: yes
title: Protected container repositories
---
{{< details >}}
- Tier: Free, Premium, Ultimate
- Offering: GitLab.com, GitLab Self-Managed
- Offering: GitLab.com, GitLab Self-Managed, GitLab Dedicated
{{< /details >}}

3
doc/user/packages/package_registry/package_protection_rules.md
View File

@ -2,13 +2,14 @@
stage: Package
group: Package Registry
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
gitlab_dedicated: yes
title: Protected packages
---
{{< details >}}
- Tier: Free, Premium, Ultimate
- Offering: GitLab.com, GitLab Self-Managed
- Offering: GitLab.com, GitLab Self-Managed, GitLab Dedicated
{{< /details >}}

5
doc/user/profile/account/two_factor_authentication.md
View File

@ -2,13 +2,14 @@
stage: Software Supply Chain Security
group: Authentication
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
gitlab_dedicated: yes
title: Two-factor authentication
---
{{< details >}}
- Tier: Free, Premium, Ultimate
- Offering: GitLab.com, GitLab Self-Managed
- Offering: GitLab.com, GitLab Self-Managed, GitLab Dedicated
{{< /details >}}
@ -431,7 +432,7 @@ This clears all your 2FA registrations, including mobile applications and WebAut
{{< details >}}
- Tier: Free, Premium, Ultimate
- Offering: GitLab Self-Managed
- Offering: GitLab Self-Managed, GitLab Dedicated
{{< /details >}}

3
doc/user/profile/account/two_factor_authentication_troubleshooting.md
View File

@ -2,13 +2,14 @@
stage: Software Supply Chain Security
group: Authentication
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
gitlab_dedicated: yes
title: Troubleshooting two-factor authentication
---
{{< details >}}
- Tier: Free, Premium, Ultimate
- Offering: GitLab.com, GitLab Self-Managed
- Offering: GitLab.com, GitLab Self-Managed, GitLab Dedicated
{{< /details >}}

3
doc/user/tasks.md
View File

@ -2,13 +2,14 @@
stage: Plan
group: Project Management
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
gitlab_dedicated: yes
title: Tasks
---
{{< details >}}
- Tier: Free, Premium, Ultimate
- Offering: GitLab.com, GitLab Self-Managed
- Offering: GitLab.com, GitLab Self-Managed, GitLab Dedicated
{{< /details >}}

11
lib/gitlab/ci/pipeline/chain/command.rb
View File

@ -43,10 +43,9 @@ module Gitlab
end
def merge_request_ref_exists?
strong_memoize(:merge_request_ref_exists) do
MergeRequest.merge_request_ref?(origin_ref) &&
project.repository.ref_exists?(origin_ref)
end
return check_merge_request_ref if Feature.enabled?(:pull_ref_directly_from_gitaly, project)
strong_memoize(:merge_request_ref_exists) { check_merge_request_ref }
end
def ref
@ -166,6 +165,10 @@ module Gitlab
def gitlab_org_project?
project.full_path == 'gitlab-org/gitlab'
end
def check_merge_request_ref
MergeRequest.merge_request_ref?(origin_ref) && project.repository.ref_exists?(origin_ref)
end
end
end
end

21
locale/gitlab.pot
View File

@ -34011,6 +34011,12 @@ msgstr ""
msgid "JiraIntegration|Enable viewing Jira issues in GitLab."
msgstr ""
msgid "JiraIntegration|Jira issue type to use when creating issues from vulnerabilities."
msgstr ""
msgid "JiraIntegration|Key of the project to use when creating issues from vulnerabilities.This parameter is required if using the integration to create Jira issues from vulnerabilities."
msgstr ""
msgid "JiraIntegration|Keys of Jira projects. When `issues_enabled` is `true`, this setting specifies which Jira projects to view issues from in GitLab."
msgstr ""
@ -34038,6 +34044,12 @@ msgstr ""
msgid "JiraIntegration|The email or username to use with Jira. Use an email for Jira Cloud, and a username for Jira Data Center and Jira Server. Required when using Basic Authentication (`jira_auth_type` is `0`)."
msgstr ""
msgid "JiraIntegration|Turn on Jira issue creation for GitLab vulnerabilities."
msgstr ""
msgid "JiraIntegration|When set to `true`, opens a prefilled form on the Jira instancewhen creating a Jira issue from a vulnerability."
msgstr ""
msgid "JiraRequest|A connection error occurred while connecting to Jira. Try your request again."
msgstr ""
@ -56850,6 +56862,12 @@ msgstr ""
msgid "Session ID"
msgstr ""
msgid "SessionExpire|Your session has expired"
msgstr ""
msgid "SessionExpire|Your session has expired. Please, sign in again."
msgstr ""
msgid "Session|There was a error loading the user verification challenge. Refresh to try again."
msgstr ""
@ -71863,6 +71881,9 @@ msgstr ""
msgid "image diff"
msgstr ""
msgid "image_pull_secrets.namespace and shared_namespace must match if shared_namespace is specified"
msgstr ""
msgid "impersonation token"
msgstr ""

104
spec/frontend/authentication/sessions/components/session_expire_modal_spec.js Normal file
View File

@ -0,0 +1,104 @@
import { GlModal } from '@gitlab/ui';
import { shallowMount } from '@vue/test-utils';
import { nextTick } from 'vue';
import SessionExpireModal from '~/authentication/sessions/components/session_expire_modal.vue';
import { INTERVAL_SESSION_MODAL } from '~/authentication/sessions/constants';
import { visitUrl } from '~/lib/utils/url_utility';
jest.useFakeTimers();
jest.mock('~/lib/utils/url_utility');
describe('SessionExpireModal', () => {
const message = 'Modal message';
const sessionTimeout = 0;
const signInUrl = 'http://gitlab.example.com/users/sign_in?redirect_to_referer=yes';
const title = 'Modal title';
let wrapper;
const createComponent = (props = {}) => {
wrapper = shallowMount(SessionExpireModal, {
propsData: {
message,
sessionTimeout,
signInUrl,
title,
...props,
},
});
};
const findModal = () => wrapper.findComponent(GlModal);
it('initially, it does not show the modal', () => {
createComponent();
expect(findModal().props()).toMatchObject({
visible: false,
title,
actionPrimary: {
text: 'Sign in',
},
actionCancel: {
text: 'Cancel',
},
});
expect(findModal().attributes()).toMatchObject({
'aria-live': 'assertive',
});
});
describe('when there is a expiring session', () => {
it('shows the modal triggered by time elapsed', async () => {
jest.spyOn(global, 'setInterval');
jest.spyOn(global, 'clearInterval');
createComponent();
expect(setInterval).toHaveBeenCalledTimes(1);
expect(setInterval).toHaveBeenCalledWith(expect.any(Function), INTERVAL_SESSION_MODAL);
jest.advanceTimersByTime(INTERVAL_SESSION_MODAL);
await nextTick();
expect(findModal().props('visible')).toBe(true);
expect(clearInterval).toHaveBeenCalledTimes(1);
expect(clearInterval).toHaveBeenCalledWith(expect.any(Number));
});
it('shows the modal triggered by changevisibility event', async () => {
jest.spyOn(document, 'addEventListener');
jest.spyOn(document, 'removeEventListener');
createComponent();
nextTick();
expect(document.addEventListener).toHaveBeenCalledTimes(1);
expect(document.addEventListener).toHaveBeenCalledWith(
'visibilitychange',
expect.any(Function),
);
document.dispatchEvent(new Event('visibilitychange'));
await nextTick();
expect(findModal().props('visible')).toBe(true);
expect(document.removeEventListener).toHaveBeenCalledTimes(1);
expect(document.removeEventListener).toHaveBeenCalledWith(
'visibilitychange',
expect.any(Function),
);
});
it('shows the correct modal content', async () => {
createComponent();
await nextTick();
expect(findModal().text()).toBe(message);
});
it('triggers a refresh of the current page', () => {
createComponent();
findModal().vm.$emit('primary');
expect(visitUrl).toHaveBeenCalledWith(signInUrl);
});
});
});

17
spec/helpers/sessions_helper_spec.rb
View File

@ -3,6 +3,8 @@
require 'spec_helper'
RSpec.describe SessionsHelper, feature_category: :system_access do
include Devise::Test::ControllerHelpers
describe '#unconfirmed_email?' do
it 'returns true when the flash alert contains a devise failure unconfirmed message' do
flash[:alert] = t(:unconfirmed, scope: [:devise, :failure])
@ -91,6 +93,21 @@ RSpec.describe SessionsHelper, feature_category: :system_access do
end
end
describe '#session_expire_modal_data' do
before do
allow(Gitlab::Auth::SessionExpireFromInitEnforcer).to receive(:session_expires_at).and_return(5)
end
subject { helper.session_expire_modal_data }
it 'returns the expected data' do
expect(subject).to match(a_hash_including({
session_timeout: 5000,
sign_in_url: a_string_including(/^http/)
}))
end
end
describe '#remember_me_enabled?' do
subject { helper.remember_me_enabled? }

21
spec/lib/gitlab/ci/pipeline/chain/command_spec.rb
View File

@ -126,6 +126,7 @@ RSpec.describe Gitlab::Ci::Pipeline::Chain::Command, feature_category: :pipeline
subject { command.merge_request_ref_exists? }
let!(:merge_request) { create(:merge_request, source_project: project, target_project: project) }
let(:origin_ref) { merge_request.source_branch }
context 'for existing merge request ref' do
let(:origin_ref) { merge_request.ref_path }
@ -134,10 +135,26 @@ RSpec.describe Gitlab::Ci::Pipeline::Chain::Command, feature_category: :pipeline
end
context 'for branch ref' do
let(:origin_ref) { merge_request.source_branch }
it { is_expected.to eq(false) }
end
it 'does not memoize the result' do
expect(command).to receive(:check_merge_request_ref).twice
2.times { command.merge_request_ref_exists? }
end
context 'when pull_ref_directly_from_gitaly feature flag is disabled' do
before do
stub_feature_flags(pull_ref_directly_from_gitaly: false)
end
it 'memoizes the result' do
expect(command).to receive(:check_merge_request_ref).once
2.times { command.merge_request_ref_exists? }
end
end
end
describe '#ref' do

17
spec/models/integrations/jira_spec.rb
View File

@ -15,7 +15,6 @@ RSpec.describe Integrations::Jira, feature_category: :integrations do
let(:jira_issue_prefix) { '' }
let(:jira_issue_regex) { '' }
let(:password) { 'jira-password' }
let(:project_key) { 'TEST' }
let(:project_keys) { %w[TEST1 TEST2] }
let(:transition_id) { 'test27' }
let(:server_info_results) { { 'deploymentType' => 'Cloud' } }
@ -26,7 +25,6 @@ RSpec.describe Integrations::Jira, feature_category: :integrations do
url: url,
username: username,
password: password,
project_key: project_key,
project_keys: project_keys
)
end
@ -223,7 +221,18 @@ RSpec.describe Integrations::Jira, feature_category: :integrations do
subject(:fields) { integration.fields }
it 'returns custom fields' do
expect(fields.pluck(:name)).to eq(%w[url api_url jira_auth_type username password jira_issue_regex jira_issue_prefix jira_issue_transition_id issues_enabled project_keys])
expect(fields.pluck(:name)).to include(
'url',
'api_url',
'jira_auth_type',
'username',
'password',
'jira_issue_regex',
'jira_issue_prefix',
'jira_issue_transition_id',
'issues_enabled',
'project_keys'
)
end
end
@ -408,7 +417,6 @@ RSpec.describe Integrations::Jira, feature_category: :integrations do
jira_issue_regex: jira_issue_regex,
jira_issue_prefix: jira_issue_prefix,
jira_issue_transition_id: transition_id,
project_key: project_key,
project_keys: project_keys
}
end
@ -429,7 +437,6 @@ RSpec.describe Integrations::Jira, feature_category: :integrations do
expect(integration.jira_tracker_data.jira_issue_prefix).to eq(jira_issue_prefix)
expect(integration.jira_tracker_data.jira_issue_transition_id).to eq(transition_id)
expect(integration.jira_tracker_data.deployment_cloud?).to be_truthy
expect(integration.jira_tracker_data.project_key).to eq(project_key)
expect(integration.jira_tracker_data.project_keys).to eq(project_keys)
end

60
spec/services/merge_requests/build_service_spec.rb
View File

@ -14,6 +14,7 @@ RSpec.describe MergeRequests::BuildService, feature_category: :code_review_workf
let(:issue) { create(:issue, project: project, title: 'A bug', confidential: issue_confidential) }
let(:description) { nil }
let(:source_branch) { 'feature' }
let(:ref_path) { "refs/heads/#{source_branch}" }
let(:target_branch) { 'master' }
let(:milestone_id) { nil }
let(:label_ids) { [] }
@ -133,6 +134,8 @@ RSpec.describe MergeRequests::BuildService, feature_category: :code_review_workf
before do
project.add_reporter(user)
allow(source_project).to receive(:ref_exists?).with(ref_path).and_return(false)
end
it 'assigns force_remove_source_branch' do
@ -543,6 +546,7 @@ RSpec.describe MergeRequests::BuildService, feature_category: :code_review_workf
before do
allow(project).to receive(:branch_exists?).with(target_branch).and_return(true)
allow(project).to receive(:branch_exists?).with(source_branch).and_return(false)
allow(project).to receive(:ref_exists?).with(ref_path).and_return(false)
end
it_behaves_like 'forbids the merge request from being created' do
@ -550,6 +554,61 @@ RSpec.describe MergeRequests::BuildService, feature_category: :code_review_workf
end
end
context 'when a source branch ref exists in Gitaly but not in the ref cache' do
let(:log_arguments) do
{
class: 'MergeRequests::BuildService',
method: :ref_exists_in_gitaly?,
project_id: project.id,
source_branch: source_branch
}
end
before do
allow(service).to receive(:source_project).and_return(project)
allow(project).to receive(:branch_exists?).with(target_branch).and_return(true)
allow(project).to receive(:branch_exists?).with(source_branch).and_return(false)
end
context 'when the ref exists in Gitaly' do
before do
allow(project).to receive(:ref_exists?).with(ref_path).and_return(true)
end
it 'logs info' do
expect(project).to receive(:ref_exists?).with(ref_path)
expect(Gitlab::AppJsonLogger).to receive(:info).with(hash_including(**log_arguments))
service.execute
end
end
context 'when the ref does not exist in Gitaly' do
before do
allow(project).to receive(:ref_exists?).with(ref_path).and_return(false)
end
it 'does not log info' do
expect(project).to receive(:ref_exists?).with(ref_path)
expect(Gitlab::AppJsonLogger).not_to receive(:info).with(hash_including(**log_arguments))
service.execute
end
end
context 'and the pull_ref_directly_from_gitaly FF is disabled' do
before do
stub_feature_flags(pull_ref_directly_from_gitaly: false)
end
it 'does not check for refs in Gitaly' do
expect(project).not_to receive(:ref_exists?).with(ref_path)
service.execute
end
end
end
context 'target branch does not exist' do
before do
allow(project).to receive(:branch_exists?).with(target_branch).and_return(false)
@ -563,6 +622,7 @@ RSpec.describe MergeRequests::BuildService, feature_category: :code_review_workf
context 'both source and target branches do not exist' do
before do
allow(project).to receive(:ref_exists?).with(ref_path).and_return(false)
allow(project).to receive(:branch_exists?).and_return(false)
end

6
spec/support/shared_contexts/features/integrations/integrations_shared_context.rb
View File

@ -40,8 +40,10 @@ RSpec.shared_context 'with integration' do
let(:custom_attributes) do
{
jira: %i[
comment_on_event_enabled jira_issue_transition_automatic jira_issue_transition_id project_key
issues_enabled vulnerabilities_enabled vulnerabilities_issuetype
comment_on_event_enabled
jira_issue_transition_automatic
jira_issue_transition_id
issues_enabled
]
}
end

15
spec/support/shared_examples/models/concerns/has_repository_shared_examples.rb
View File

@ -139,6 +139,21 @@ RSpec.shared_examples 'model with repository' do
it { expect(container.repo_exists?).to be(true) }
end
describe '#ref_exists?' do
let(:ref_path) { 'refs/heads/master' }
let(:non_existent_ref_path) { 'refs/heads/foo' }
before do
allow_next_instance_of(Gitlab::GitalyClient::RefService) do |ref_service|
allow(ref_service).to receive(:ref_exists?).with(ref_path).and_return(true)
allow(ref_service).to receive(:ref_exists?).with(non_existent_ref_path).and_return(false)
end
end
it { expect(container.ref_exists?(ref_path)).to be(true) }
it { expect(container.ref_exists?(non_existent_ref_path)).to be(false) }
end
describe '#root_ref' do
let(:root_ref) { container.repository.root_ref }

17
spec/views/layouts/_session_expire_modal.html.haml_spec.rb Normal file
View File

@ -0,0 +1,17 @@
# frozen_string_literal: true
require 'spec_helper'
RSpec.describe 'layouts/_session_expire_modal', feature_category: :system_access do
let(:user) { build_stubbed(:user) }
before do
allow(view).to receive_messages(current_user: user, session_expire_modal_data: { session_timeout: 5000 })
stub_application_setting(session_expire_from_init: true)
end
it 'renders the modal' do
render
expect(rendered).to have_selector('#js-session-expire-modal')
end
end