root
/
gitlab-ce
mirror of https://gitlab.com/free-releases/gitlab-ce.git
1
0
Fork 0
Code Issues Actions Packages Projects Releases Wiki Activity

Add latest changes from gitlab-org/gitlab@master

This commit is contained in:
GitLab Bot 2023-05-10 03:09:12 +00:00
parent 38c1da5195
commit 3591ecba91
88 changed files with 555 additions and 172 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
app/models/concerns/enums/package_metadata.rb
View File

@ -22,6 +22,16 @@ module Enums
trivy: 2
}.with_indifferent_access.freeze
DATA_TYPES = {
advisories: 1,
licenses: 2
}.with_indifferent_access.freeze
VERSION_FORMATS = {
v1: 1,
v2: 2
}.with_indifferent_access.freeze
def self.purl_types
PURL_TYPES
end
@ -33,5 +43,13 @@ module Enums
def self.advisory_sources
ADVISORY_SOURCES
end
def self.data_types
DATA_TYPES
end
def self.version_formats
VERSION_FORMATS
end
end
end

2
app/views/admin/application_settings/_localization.html.haml
View File

@ -20,7 +20,7 @@
= _('Default language')
= f.select :default_preferred_language, default_preferred_language_choices, {}, class: 'gl-form-select custom-select'
.form-text.text-muted
= s_('Default language for users who are not logged in.')
= _('Default language for users who are not logged in.')
= f.submit _('Save changes'), pajamas_button: true

4
app/views/admin/applications/index.html.haml
View File

@ -15,12 +15,12 @@
.gl-max-w-full.gl-m-auto
%h1.h4.gl-font-size-h-display= s_('AdminArea|No applications found')
= render Pajamas::ButtonComponent.new(href: new_admin_application_path, variant: :confirm, button_options: { data: { qa_selector: 'new_application_button' } }) do
= s_('New application')
= _('New application')
- else
%hr
= render Pajamas::ButtonComponent.new(href: new_admin_application_path, variant: :confirm, button_options: { data: { qa_selector: 'new_application_button' } }) do
= s_('New application')
= _('New application')
.table-responsive
%table.b-table.gl-table.gl-w-full{ role: 'table' }

8
app/views/admin/system_info/show.html.haml
View File

@ -7,7 +7,7 @@
= c.body do
%h4
= sprite_icon('pod', size: 18, css_class: 'gl-text-gray-700')
= s_('CPU')
= _('CPU')
.data
- if @cpus
%h2= _('%{cores} cores') % { cores: @cpus.length }
@ -19,7 +19,7 @@
= c.body do
%h4
= sprite_icon('status-health', size: 18, css_class: 'gl-text-gray-700')
= s_('Memory Usage')
= _('Memory Usage')
.data
- if @memory
%h2 #{number_to_human_size(@memory.active_bytes)} / #{number_to_human_size(@memory.total_bytes)}
@ -31,7 +31,7 @@
= c.body do
%h4
= sprite_icon('clock', size: 18, css_class: 'gl-text-gray-700')
= s_('System started')
= _('System started')
.data
%h2= time_ago_with_tooltip(Rails.application.config.booted_at)
.col-sm
@ -39,7 +39,7 @@
= c.body do
%h4
= sprite_icon('disk', size: 18, css_class: 'gl-text-gray-700')
= s_('Disk Usage')
= _('Disk Usage')
.data
- @disks.each do |disk|
%h2 #{number_to_human_size(disk[:bytes_used])} / #{number_to_human_size(disk[:bytes_total])}

7
app/views/layouts/_snowplow.html.haml
View File

@ -8,9 +8,10 @@
gl = window.gl || {};
gl.snowplowStandardContext = #{Gitlab::Tracking::StandardContext.new(
namespace: namespace,
project: @project,
user: current_user,
namespace_id: namespace&.id,
plan_name: namespace&.actual_plan_name,
project_id: @project&.id,
user_id: current_user&.id,
new_nav: show_super_sidebar?
).to_context.to_json.to_json}
gl.snowplowPseudonymizedPageUrl = #{masked_page_url(group: namespace, project: @project).to_json};

2
app/views/projects/environments/show.html.haml
View File

@ -21,7 +21,7 @@
= html_escape(_("Define environments in the deploy stage(s) in %{code_open}.gitlab-ci.yml%{code_close} to track deployments here.")) % { code_open: '<code>'.html_safe, code_close: '</code>'.html_safe }
.text-center
= render Pajamas::ButtonComponent.new(variant: :confirm, href: help_page_path("ci/environments/index.md")) do
= s_('Read more')
= _('Read more')
- else
.table-holder.gl-overflow-visible

2
app/views/projects/pages_domains/_certificate.html.haml
View File

@ -32,7 +32,7 @@
.col-sm-10.offset-sm-2
= render Pajamas::CardComponent.new(body_options: { class: 'gl-display-flex gl-align-items-center gl-justify-content-space-between gl-p-5' }) do |c|
- c.header do
= s_('Certificate')
= _('Certificate')
- c.body do
%span
= domain_presenter.pages_domain.subject || _('missing')

4
config/dependency_decisions.yml
View File

@ -378,6 +378,6 @@
- - :approve
- elkjs
- :who: John T Skarbek
:why: https://github.com/mermaid-js/mermaid/pull/3984
:versions: []
:why: https://gitlab.com/gitlab-com/legal-and-compliance/-/issues/1505
:versions: ["0.8.2"]
:when: 2023-04-07 09:15:33.00004000 Z

4
config/feature_flags/development/tofa_experimentation.yml → config/feature_flags/development/explain_vulnerability_vertex.yml
View File

@ -1,7 +1,7 @@
---
name: tofa_experimentation
name: explain_vulnerability_vertex
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/118754
rollout_issue_url:
rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/409182
milestone: '16.0'
type: development
group: group::threat insights

0
data/removals/16-0/16-0-vulnerabilityFindingDismiss-mutation.yml → data/removals/16_0/16-0-vulnerabilityFindingDismiss-mutation.yml
View File

19
db/migrate/20230503100753_add_version_format_and_data_type_to_checkpoints.rb Normal file
View File

@ -0,0 +1,19 @@
# frozen_string_literal: true
class AddVersionFormatAndDataTypeToCheckpoints < Gitlab::Database::Migration[2.1]
enable_lock_retries!
def up
add_column(:pm_checkpoints, :data_type, :integer, limit: 2, default: 1, null: false)
add_column(:pm_checkpoints, :version_format, :integer, limit: 2, default: 1, null: false)
add_index(:pm_checkpoints, [:purl_type, :data_type, :version_format], unique: true, name: :pm_checkpoints_unique_index) # rubocop:disable Migration/AddIndex
swap_primary_key(:pm_checkpoints, :pm_checkpoints_pkey, :pm_checkpoints_unique_index)
end
def down
add_index(:pm_checkpoints, [:purl_type], unique: true, name: :pm_checkpoints_unique_index) # rubocop:disable Migration/AddIndex
unswap_primary_key(:pm_checkpoints, :pm_checkpoints_pkey, :pm_checkpoints_unique_index)
remove_column(:pm_checkpoints, :version_format)
remove_column(:pm_checkpoints, :data_type)
end
end

13
db/post_migrate/20230502102832_schedule_index_to_members_on_source_and_type_and_access_level.rb Normal file
View File

@ -0,0 +1,13 @@
# frozen_string_literal: true
class ScheduleIndexToMembersOnSourceAndTypeAndAccessLevel < Gitlab::Database::Migration[2.1]
INDEX_NAME = 'index_members_on_source_and_type_and_access_level'
def up
prepare_async_index :members, %i[source_id source_type type access_level], name: INDEX_NAME
end
def down
unprepare_async_index :members, %i[source_id source_type type access_level], name: INDEX_NAME
end
end

15
db/post_migrate/20230502120021_schedule_index_to_project_authorizations_on_project_user_access_level.rb Normal file
View File

@ -0,0 +1,15 @@
# frozen_string_literal: true
class ScheduleIndexToProjectAuthorizationsOnProjectUserAccessLevel < Gitlab::Database::Migration[2.1]
INDEX_NAME = 'index_project_authorizations_on_project_user_access_level'
disable_ddl_transaction!
def up
prepare_async_index :project_authorizations, %i[project_id user_id access_level], unique: true, name: INDEX_NAME
end
def down
unprepare_async_index :project_authorizations, %i[project_id user_id access_level], name: INDEX_NAME
end
end

29
db/post_migrate/20230504010535_ensure_notes_bigint_backfill_is_finished_for_gitlab_dot_com.rb Normal file
View File

@ -0,0 +1,29 @@
# frozen_string_literal: true
class EnsureNotesBigintBackfillIsFinishedForGitlabDotCom < Gitlab::Database::Migration[2.1]
include Gitlab::Database::MigrationHelpers::ConvertToBigint
restrict_gitlab_migration gitlab_schema: :gitlab_main
disable_ddl_transaction!
def up
return unless should_run?
ensure_batched_background_migration_is_finished(
job_class_name: 'CopyColumnUsingBackgroundMigrationJob',
table_name: 'notes',
column_name: 'id',
job_arguments: [['id'], ['id_convert_to_bigint']]
)
end
def down
# no-op
end
private
def should_run?
com_or_dev_or_test_but_not_jh?
end
end

64
db/post_migrate/20230508034422_notes_bigint_create_indexes_async_for_gitlab_dot_com.rb Normal file
View File

@ -0,0 +1,64 @@
# frozen_string_literal: true
class NotesBigintCreateIndexesAsyncForGitlabDotCom < Gitlab::Database::Migration[2.1]
include Gitlab::Database::MigrationHelpers::ConvertToBigint
TABLE_NAME = 'notes'
PK_INDEX_NAME = 'index_notes_on_id_convert_to_bigint'
SECONDARY_INDEXES = [
{
name: :index_notes_on_author_id_created_at_id_convert_to_bigint,
columns: [:author_id, :created_at, :id_convert_to_bigint],
options: {}
},
{
name: :index_notes_on_id_convert_to_bigint_where_confidential,
columns: [:id_convert_to_bigint],
options: { where: 'confidential = true' }
},
{
name: :index_notes_on_id_convert_to_bigint_where_internal,
columns: [:id_convert_to_bigint],
options: { where: 'internal = true' }
},
{
name: :index_notes_on_project_id_id_convert_to_bigint_system_false,
columns: [:project_id, :id_convert_to_bigint],
options: { where: 'NOT system' }
},
{
name: :note_mentions_temp_index_convert_to_bigint,
columns: [:id_convert_to_bigint, :noteable_type],
options: { where: "note ~~ '%@%'::text" }
}
]
# Indexes will be created synchronously in
# https://gitlab.com/gitlab-org/gitlab/-/merge_requests/119705
def up
return unless should_run?
prepare_async_index TABLE_NAME, :id_convert_to_bigint, unique: true, name: PK_INDEX_NAME
SECONDARY_INDEXES.each do |index|
prepare_async_index TABLE_NAME, index[:columns], **index[:options].merge(name: index[:name])
end
end
def down
return unless should_run?
SECONDARY_INDEXES.each do |index|
unprepare_async_index TABLE_NAME, index[:columns], name: index[:name]
end
unprepare_async_index TABLE_NAME, :id_convert_to_bigint, name: PK_INDEX_NAME
end
private
def should_run?
com_or_dev_or_test_but_not_jh?
end
end

1
db/schema_migrations/20230502102832 Normal file
View File

@ -0,0 +1 @@
7543d5128ef49f1c169e30db24015cd1deae271ed20be29d34e67e6cc4ece372

1
db/schema_migrations/20230502120021 Normal file
View File

@ -0,0 +1 @@
9602256dc3cea8f0fce716ba341e364ac51e592ff6f71e51c230be2896bcfd49

1
db/schema_migrations/20230503100753 Normal file
View File

@ -0,0 +1 @@
2db1e083151334d1f53d3da97c66a5f9995997a1e9556bb7acd54122b6f765f6

1
db/schema_migrations/20230504010535 Normal file
View File

@ -0,0 +1 @@
68d1cbddace4f53fe437d234f9a9eac2264c88ef4a34353abc11bbbbdccc63c3

1
db/schema_migrations/20230508034422 Normal file
View File

@ -0,0 +1 @@
22359f0d7c7f08f2293a0302c36854e78cd6fdf51a555ed36303f56bfc6ee914

6
db/structure.sql
View File

@ -20122,7 +20122,9 @@ CREATE TABLE pm_checkpoints (
created_at timestamp with time zone NOT NULL,
updated_at timestamp with time zone NOT NULL,
purl_type smallint NOT NULL,
chunk smallint NOT NULL
chunk smallint NOT NULL,
data_type smallint DEFAULT 1 NOT NULL,
version_format smallint DEFAULT 1 NOT NULL
);
CREATE TABLE pm_licenses (
@ -27699,7 +27701,7 @@ ALTER TABLE ONLY pm_affected_packages
ADD CONSTRAINT pm_affected_packages_pkey PRIMARY KEY (id);
ALTER TABLE ONLY pm_checkpoints
ADD CONSTRAINT pm_checkpoints_pkey PRIMARY KEY (purl_type);
ADD CONSTRAINT pm_checkpoints_pkey PRIMARY KEY (purl_type, data_type, version_format);
ALTER TABLE ONLY pm_licenses
ADD CONSTRAINT pm_licenses_pkey PRIMARY KEY (id);

3
doc/administration/external_pipeline_validation.md
View File

@ -160,5 +160,4 @@ required number of seconds.
}
```
The `namespace` field is only available in [GitLab Premium](https://about.gitlab.com/pricing/)
and higher.
The `namespace` field is only available in [GitLab Premium and Ultimate](https://about.gitlab.com/pricing/).

8
doc/api/deployments.md
View File

@ -279,7 +279,7 @@ Example response:
}
```
When the [unified approval setting](../ci/environments/deployment_approvals.md#unified-approval-setting) is configured, deployments created by users on GitLab Premium or higher include the `approvals` and `pending_approval_count` properties:
When the [unified approval setting](../ci/environments/deployment_approvals.md#unified-approval-setting) is configured, deployments created by users on GitLab Premium or Ultimate include the `approvals` and `pending_approval_count` properties:
```json
{
@ -304,7 +304,7 @@ When the [unified approval setting](../ci/environments/deployment_approvals.md#u
}
```
When the [multiple approval rules](../ci/environments/deployment_approvals.md#multiple-approval-rules) is configured, deployments created by users on GitLab Premium or higher include the `approval_summary` property:
When the [multiple approval rules](../ci/environments/deployment_approvals.md#multiple-approval-rules) is configured, deployments created by users on GitLab Premium or Ultimate include the `approval_summary` property:
```json
{
@ -393,7 +393,7 @@ Example response:
}
```
Deployments created by users on GitLab Premium or higher include the `approvals` and `pending_approval_count` properties:
Deployments created by users on GitLab Premium or Ultimate include the `approvals` and `pending_approval_count` properties:
```json
{
@ -447,7 +447,7 @@ Example response:
}
```
Deployments created by users on GitLab Premium or higher include the `approvals` and `pending_approval_count` properties:
Deployments created by users on GitLab Premium or Ultimate include the `approvals` and `pending_approval_count` properties:
```json
{

2
doc/api/epic_issues.md
View File

@ -11,7 +11,7 @@ Every API call to the epic issues API endpoint must be authenticated.
If a user is not a member of a group and the group is private, a `GET` request on that group
results in a `404` status code.
Epics are available only in GitLab [Premium and higher](https://about.gitlab.com/pricing/).
Epics are available only in GitLab [Premium and Ultimate](https://about.gitlab.com/pricing/).
If the Epics feature is not available, a `403` status code is returned.
## Epic Issues pagination

2
doc/api/feature_flag_user_lists.md
View File

@ -11,7 +11,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w
API for accessing GitLab feature flag user lists.
Users with Developer or higher [permissions](../user/permissions.md) can access the feature flag user lists API.
Users with at least the Developer [role](../user/permissions.md) can access the feature flag user lists API.
NOTE:
`GET` requests return twenty results at a time because the API results

2
doc/api/groups.md
View File

@ -1136,7 +1136,7 @@ Only available to group owners and administrators.
This endpoint:
- On Premium and higher tiers, marks the group for deletion. The deletion happens 7 days later by default, but you can change the retention period in the [instance settings](../user/admin_area/settings/visibility_and_access_controls.md#deletion-protection).
- On Premium and Ultimate tiers, marks the group for deletion. The deletion happens 7 days later by default, but you can change the retention period in the [instance settings](../user/admin_area/settings/visibility_and_access_controls.md#deletion-protection).
- On Free tier, removes the group immediately and queues a background job to delete all projects in the group.
- Deletes a subgroup immediately if the subgroup is marked for deletion (GitLab 15.4 and later). The endpoint does not immediately delete top-level groups.

24
doc/api/projects.md
View File

@ -60,7 +60,7 @@ GET /projects
| `simple` | boolean | **{dotted-circle}** No | Return only limited fields for each project. This operation is a no-op without authentication where only simple fields are returned. |
| `sort` | string | **{dotted-circle}** No | Return projects sorted in `asc` or `desc` order. Default is `desc`. |
| `starred` | boolean | **{dotted-circle}** No | Limit by projects starred by the current user. |
| `statistics` | boolean | **{dotted-circle}** No | Include project statistics. Only available to Reporter or higher level role members. |
| `statistics` | boolean | **{dotted-circle}** No | Include project statistics. Available only to users with at least the Reporter role. |
| `topic` | string | **{dotted-circle}** No | Comma-separated topic names. Limit results to projects that match all of given topics. See `topics` attribute. |
| `topic_id` | integer | **{dotted-circle}** No | Limit results to projects with the assigned topic given by the topic ID. |
| `visibility` | string | **{dotted-circle}** No | Limit by visibility `public`, `internal`, or `private`. |
@ -271,11 +271,11 @@ The `tag_list` attribute has been deprecated
and is removed in API v5 in favor of the `topics` attribute.
NOTE:
For users of [GitLab Premium or higher](https://about.gitlab.com/pricing/),
For users of [GitLab Premium or Ultimate](https://about.gitlab.com/pricing/),
the `marked_for_deletion_at` attribute has been deprecated, and is removed
in API v5 in favor of the `marked_for_deletion_on` attribute.
Users of [GitLab Premium or higher](https://about.gitlab.com/pricing/)
Users of [GitLab Premium or Ultimate](https://about.gitlab.com/pricing/)
can also see the `approvals_before_merge` parameter:
```json
@ -341,7 +341,7 @@ GET /users/:user_id/projects
| `simple` | boolean | **{dotted-circle}** No | Return only limited fields for each project. Without authentication, this operation is a no-op; only simple fields are returned. |
| `sort` | string | **{dotted-circle}** No | Return projects sorted in `asc` or `desc` order. Default is `desc`. |
| `starred` | boolean | **{dotted-circle}** No | Limit by projects starred by the current user. |
| `statistics` | boolean | **{dotted-circle}** No | Include project statistics. Only available to Reporter or higher level role members. |
| `statistics` | boolean | **{dotted-circle}** No | Include project statistics. Available only to users with at least the Reporter role. |
| `visibility` | string | **{dotted-circle}** No | Limit by visibility `public`, `internal`, or `private`. |
| `with_custom_attributes` | boolean | **{dotted-circle}** No | Include [custom attributes](custom_attributes.md) in response. _(administrator only)_ |
| `with_issues_enabled` | boolean | **{dotted-circle}** No | Limit by enabled issues feature. |
@ -614,7 +614,7 @@ GET /users/:user_id/starred_projects
| `simple` | boolean | **{dotted-circle}** No | Return only limited fields for each project. Without authentication, this operation is a no-op; only simple fields are returned. |
| `sort` | string | **{dotted-circle}** No | Return projects sorted in `asc` or `desc` order. Default is `desc`. |
| `starred` | boolean | **{dotted-circle}** No | Limit by projects starred by the current user. |
| `statistics` | boolean | **{dotted-circle}** No | Include project statistics. Only available to Reporter or higher level role members. |
| `statistics` | boolean | **{dotted-circle}** No | Include project statistics. Available only to users with at least the Reporter role. |
| `visibility` | string | **{dotted-circle}** No | Limit by visibility `public`, `internal`, or `private`. |
| `with_custom_attributes` | boolean | **{dotted-circle}** No | Include [custom attributes](custom_attributes.md) in response. _(administrator only)_ |
| `with_issues_enabled` | boolean | **{dotted-circle}** No | Limit by enabled issues feature. |
@ -864,7 +864,7 @@ GET /projects/:id
|--------------------------|----------------|------------------------|-------------|
| `id` | integer or string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](rest/index.md#namespaced-path-encoding). |
| `license` | boolean | **{dotted-circle}** No | Include project license data. |
| `statistics` | boolean | **{dotted-circle}** No | Include project statistics. Only available to Reporter or higher level role members. |
| `statistics` | boolean | **{dotted-circle}** No | Include project statistics. Available only to users with at least the Reporter role. |
| `with_custom_attributes` | boolean | **{dotted-circle}** No | Include [custom attributes](custom_attributes.md) in response. _(administrators only)_ |
```json
@ -1038,7 +1038,7 @@ NOTE:
The `tag_list` attribute has been deprecated
and is removed in API v5 in favor of the `topics` attribute.
Users of [GitLab Premium or higher](https://about.gitlab.com/pricing/)
Users of [GitLab Premium or Ultimate](https://about.gitlab.com/pricing/)
can also see the `approvals_before_merge` parameter:
```json
@ -1120,7 +1120,7 @@ target the upstream project by default.
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/55718) in GitLab 13.10.
Users of [GitLab Premium or higher](https://about.gitlab.com/pricing/)
Users of [GitLab Premium or Ultimate](https://about.gitlab.com/pricing/)
can also see the `issues_template` and `merge_requests_template` parameters for managing
[issue and merge request description templates](../user/project/description_templates.md).
@ -1586,7 +1586,7 @@ GET /projects/:id/forks
| `simple` | boolean | **{dotted-circle}** No | Return only limited fields for each project. Without authentication, this operation is a no-op; only simple fields are returned. |
| `sort` | string | **{dotted-circle}** No | Return projects sorted in `asc` or `desc` order. Default is `desc`. |
| `starred` | boolean | **{dotted-circle}** No | Limit by projects starred by the current user. |
| `statistics` | boolean | **{dotted-circle}** No | Include project statistics. Only available to Reporter or higher level role members. |
| `statistics` | boolean | **{dotted-circle}** No | Include project statistics. Available only to users with at least the Reporter role. |
| `visibility` | string | **{dotted-circle}** No | Limit by visibility `public`, `internal`, or `private`. |
| `with_custom_attributes` | boolean | **{dotted-circle}** No | Include [custom attributes](custom_attributes.md) in response. _(administrators only)_ |
| `with_issues_enabled` | boolean | **{dotted-circle}** No | Limit by enabled issues feature. |
@ -2241,17 +2241,17 @@ This endpoint:
- Deletes a project including all associated resources (including issues and
merge requests).
- In [GitLab 12.6](https://gitlab.com/gitlab-org/gitlab/-/issues/32935) and later, on
[Premium or higher](https://about.gitlab.com/pricing/) tiers,
[Premium or Ultimate](https://about.gitlab.com/pricing/) tiers,
[delayed project deletion](../user/project/settings/index.md#delayed-project-deletion)
is applied if enabled.
- From [GitLab 13.2](https://gitlab.com/gitlab-org/gitlab/-/issues/220382) on
[Premium or higher](https://about.gitlab.com/pricing/) tiers, group
[Premium or Ultimate](https://about.gitlab.com/pricing/) tiers, group
administrators can [configure](../user/group/manage.md#enable-delayed-project-deletion)
projects within a group to be deleted after a delayed period. When enabled,
actual deletion happens after the number of days specified in the
[default deletion delay](../user/admin_area/settings/visibility_and_access_controls.md#deletion-protection).
- From [GitLab 15.11](https://gitlab.com/gitlab-org/gitlab/-/issues/396500) on
[Premium or higher](https://about.gitlab.com/pricing/) tiers, deletes a project immediately if the project is already
[Premium or Ultimate](https://about.gitlab.com/pricing/) tiers, deletes a project immediately if the project is already
marked for deletion, and the `permanently_remove` and `full_path` parameters are passed.
WARNING:

4
doc/api/rest/index.md
View File

@ -94,8 +94,8 @@ You can authenticate with the GitLab API in several ways:
Project access tokens are supported by:
- Self-managed GitLab Free and higher.
- GitLab SaaS Premium and higher.
- Self-managed GitLab: Free, Premium, and Ultimate.
- GitLab SaaS: Premium and Ultimate.
If you are an administrator, you or your application can authenticate as a specific user.
To do so, use:

2
doc/api/templates/dockerfiles.md
View File

@ -14,7 +14,7 @@ in the GitLab repository.
## Override Dockerfile API templates **(PREMIUM SELF)**
In [GitLab Premium and higher](https://about.gitlab.com/pricing/) tiers, GitLab instance
In [GitLab Premium and Ultimate](https://about.gitlab.com/pricing/) tiers, GitLab instance
administrators can override templates in the
[Admin Area](../../user/admin_area/settings/instance_template_repository.md).

20
doc/ci/jobs/job_artifacts.md
View File

@ -276,6 +276,8 @@ Replace `<full-project-path>` with a valid project path, you can find it in the
WARNING:
Deleting the job log and artifacts is a destructive action that cannot be reverted. Use with caution.
Deleting certain files, including report artifacts, job logs, and metadata files, affects
GitLab features that use these files as data sources.
You can delete a job's artifacts and log.
@ -288,6 +290,24 @@ To delete a job:
1. Go to a job's detail page.
1. In the upper-right corner of the job's log, select **Erase job log and artifacts** (**{remove}**).
You can also delete individual artifacts from the [**Artifacts** page](#bulk-delete-artifacts).
### Bulk delete artifacts
- [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/33348) in GitLab 15.10 [with a flag](../../administration/feature_flags.md) named `ci_job_artifact_bulk_destroy`. Disabled by default.
FLAG:
On self-managed GitLab, by default this feature is not available. To make it available,
ask an administrator to [enable the feature flag](../../administration/feature_flags.md) named `ci_job_artifact_bulk_destroy`.
The feature is not ready for production use.
You can delete multiple artifacts at the same time:
1. On the top bar, select **Main menu > Projects** and find your project.
1. On the left sidebar, select **CI/CD > Artifacts**.
1. Select the checkboxes next to the artifacts you want to delete. You can select up to 50 artifacts.
1. Select **Delete selected**.
## Link to job artifacts in the merge request UI
Use the [`artifacts:expose_as`](../yaml/index.md#artifactsexpose_as) keyword to display

2
doc/ci/secrets/index.md
View File

@ -53,7 +53,7 @@ and supports multiple secrets engines.
To configure your Vault server:
1. Ensure your Vault server is running on version 1.2.0 or higher.
1. Ensure your Vault server is running on version 1.2.0 or later.
1. Enable the authentication method by running these commands. They provide your Vault
server the [JSON Web Key Set](https://www.rfc-editor.org/rfc/rfc7517) (JWKS) endpoint for your GitLab instance, so Vault
can fetch the public signing key and verify the JSON Web Token (JWT) when authenticating:

2
doc/ci/services/index.md
View File

@ -189,7 +189,7 @@ following these rules:
- Slash (`/`) is replaced with double underscores (`__`) and the primary alias
is created.
- Slash (`/`) is replaced with a single dash (`-`) and the secondary alias is
created (requires GitLab Runner v1.1.0 or higher).
created (requires GitLab Runner v1.1.0 or later).
To override the default behavior, you can
[specify a service alias](#available-settings-for-services).

2
doc/development/merge_request_concepts/performance.md
View File

@ -211,7 +211,7 @@ By default, this `Gitlab::SQL::CTE` class forces materialization through adding
(this behavior is implemented using a custom Arel node `Gitlab::Database::AsWithMaterialized` under the surface).
WARNING:
Upgrading to GitLab 14.0 requires PostgreSQL 12 or higher.
Upgrading to GitLab 14.0 requires PostgreSQL 12 or later.
## Cached Queries

2
doc/operations/metrics/dashboards/default.md
View File

@ -31,7 +31,7 @@ metrics about the [deployed application](../index.md#configure-prometheus-to-gat
## Kubernetes pod health dashboard
This dashboard requires Kubernetes v1.14 or higher, due to the
This dashboard requires Kubernetes v1.14 or later, due to the
[change in metric labels](https://github.com/kubernetes/kubernetes/pull/69099)
in Kubernetes 1.14.

2
doc/topics/autodevops/upgrading_auto_deploy_dependencies.md
View File

@ -52,7 +52,7 @@ The following table explains the version compatibility between GitLab and Auto D
| GitLab version | `auto-deploy-image` version | Notes |
|------------------|-----------------------------|-------|
| v10.0 to v14.0 | v0.1.0 to v2.0.0 | v0 and v1 auto-deploy-image are backwards compatible. |
| v13.4 and higher | v2.0.0 and higher | v2 auto-deploy-image contains breaking changes, as explained in the [upgrade guide](#upgrade-deployments-to-the-v2-auto-deploy-image). |
| v13.4 and later | v2.0.0 and later | v2 auto-deploy-image contains breaking changes, as explained in the [upgrade guide](#upgrade-deployments-to-the-v2-auto-deploy-image). |
You can find the current stable version of auto-deploy-image in the [Auto Deploy stable template](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Jobs/Deploy.gitlab-ci.yml).

2
doc/topics/autodevops/upgrading_postgresql.md
View File

@ -184,7 +184,7 @@ You can also
1. Set `AUTO_DEVOPS_POSTGRES_DELETE_V1` to a non-empty value. This flag is a
safeguard to prevent accidental deletion of databases.
<!-- DO NOT REPLACE when upgrading GitLab's supported version. This is NOT related to GitLab's PostgreSQL version support, but the one deployed by Auto DevOps. -->
1. If you have a `POSTGRES_VERSION` set, make sure it is set to `9.6.16` *or higher*. This is the
1. If you have a `POSTGRES_VERSION` set, make sure it is set to `9.6.16` *or later*. This is the
minimum PostgreSQL version supported by Auto DevOps. See also the list of
[tags available](https://hub.docker.com/r/bitnami/postgresql/tags).
1. Set `PRODUCTION_REPLICAS` to `0`. For other environments, use

2
doc/topics/git/lfs/index.md
View File

@ -29,7 +29,7 @@ Documentation for GitLab instance administrators is under [LFS administration do
## Prerequisites
- Git LFS must be [enabled in project settings](../../../user/project/settings/index.md#configure-project-visibility-features-and-permissions).
- [Git LFS client](https://git-lfs.com/) version 1.0.1 or higher must be installed.
- [Git LFS client](https://git-lfs.com/) version 1.0.1 or later must be installed.
## Known limitations

2
doc/update/index.md
View File

@ -1538,7 +1538,7 @@ The following upgrade path also works around the bug:
1. [Ensure batched background migrations](background_migrations.md#batched-background-migrations) are complete.
1. Upgrade to an earlier GitLab 15.9 patch release that doesn't have the bug fix.
It is not then required to upgrade to 15.9.3 or higher for this issue.
It is not then required to upgrade to 15.9.3 or later for this issue.
[Read the issue](https://gitlab.com/gitlab-org/gitlab/-/issues/393216) for more information.

4
doc/user/admin_area/settings/security_and_compliance.md
View File

@ -11,6 +11,10 @@ The settings for package metadata synchronization are located in the [Admin Area
## Choose package registry metadata to sync
WARNING:
The full package metadata sync can take up to 30 GB of data. Ensure you have provisioned enough disk space before enabling this feature.
We are actively working on reducing this data size in [epic 10415](https://gitlab.com/groups/gitlab-org/-/epics/10415).
To choose the packages you want to synchronize with the GitLab License Database for [License Compliance](../../compliance/license_scanning_of_cyclonedx_files/index.md):
1. On the top bar, select **Main menu > Admin**.

2
doc/user/application_security/api_security/api_discovery/index.md
View File

@ -37,7 +37,7 @@ The following projects demonstrate API Discovery:
- Java: 11, 17 (LTS versions)
- Executable JARs
API Discovery supports Spring Boot major version 2, minor versions 1 and higher. Versions 2.0.X are not supported due to known bugs which affect API Discovery and were fixed in 2.1.
API Discovery supports Spring Boot major version 2, minor versions 1 and later. Versions 2.0.X are not supported due to known bugs which affect API Discovery and were fixed in 2.1.
Major version 3 is planned to be supported in the future. Support for major version 1 is not planned.

26
doc/user/application_security/container_scanning/index.md
View File

@ -82,7 +82,7 @@ To enable container scanning in your pipeline, you need the following:
- GitLab CI/CD pipeline must include the `test` stage, which is available unless overridden with the [`stages`](../../../ci/yaml/index.md#stages) keyword.
- [GitLab Runner](https://docs.gitlab.com/runner/) with the [`docker`](https://docs.gitlab.com/runner/executors/docker.html)
or [`kubernetes`](https://docs.gitlab.com/runner/install/kubernetes.html) executor on Linux/amd64.
- Docker `18.09.03` or higher installed on the same computer as the runner. If you're using the
- Docker `18.09.03` or later installed on the same computer as the runner. If you're using the
shared runners on GitLab.com, then this is already the case.
- An image matching the [supported distributions](#supported-distributions).
- [Build and push](../../packages/container_registry/build_and_push_images.md#use-gitlab-cicd)
@ -184,7 +184,7 @@ container_scanning:
include:
- template: Security/Container-Scanning.gitlab-ci.yml
variables:
variables:
CS_IMAGE: <aws_account_id>.dkr.ecr.<region>.amazonaws.com/<image>:<tag>
CS_REGISTRY_USER: AWS
CS_REGISTRY_PASSWORD: "$AWS_ECR_PASSWORD"
@ -257,7 +257,7 @@ including a large number of false positives.
| `ADDITIONAL_CA_CERT_BUNDLE` | `""` | Bundle of CA certs that you want to trust. See [Using a custom SSL CA certificate authority](#using-a-custom-ssl-ca-certificate-authority) for more details. | All |
| `CI_APPLICATION_REPOSITORY` | `$CI_REGISTRY_IMAGE/$CI_COMMIT_REF_SLUG` | Docker repository URL for the image to be scanned. | All |
| `CI_APPLICATION_TAG` | `$CI_COMMIT_SHA` | Docker repository tag for the image to be scanned. | All |
| `CS_ANALYZER_IMAGE` | `registry.gitlab.com/security-products/container-scanning:5` | Docker image of the analyzer. | All |
| `CS_ANALYZER_IMAGE` | `registry.gitlab.com/security-products/container-scanning:6` | Docker image of the analyzer. | All |
| `CS_DEFAULT_BRANCH_IMAGE` | `""` | The name of the `CS_IMAGE` on the default branch. See [Setting the default branch image](#setting-the-default-branch-image) for more details. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/338877) in GitLab 14.5. | All |
| `CS_DISABLE_DEPENDENCY_LIST` | `"false"` | Disable Dependency Scanning for packages installed in the scanned image. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/345434) in GitLab 14.6. | All |
| `CS_DISABLE_LANGUAGE_VULNERABILITY_SCAN` | `"true"` | Disable scanning for language-specific packages installed in the scanned image. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/345434) in GitLab 14.6. | All |
@ -305,9 +305,9 @@ standard tag plus the `-fips` extension.
| Scanner name | `CS_ANALYZER_IMAGE` |
| --------------- | ------------------- |
| Default (Trivy) | `registry.gitlab.com/security-products/container-scanning:5-fips` |
| Grype | `registry.gitlab.com/security-products/container-scanning/grype:5-fips` |
| Trivy | `registry.gitlab.com/security-products/container-scanning/trivy:5-fips` |
| Default (Trivy) | `registry.gitlab.com/security-products/container-scanning:6-fips` |
| Grype | `registry.gitlab.com/security-products/container-scanning/grype:6-fips` |
| Trivy | `registry.gitlab.com/security-products/container-scanning/trivy:6-fips` |
NOTE:
Prior to GitLab 15.0, the `-ubi` image extension is also available. GitLab 15.0 and later only
@ -364,9 +364,9 @@ The following options are available:
| Scanner name | `CS_ANALYZER_IMAGE` |
|----------------------------------------------------------|--------------------------------------------------------------------|
| Default ([Trivy](https://github.com/aquasecurity/trivy)) | `registry.gitlab.com/security-products/container-scanning:5` |
| [Grype](https://github.com/anchore/grype) | `registry.gitlab.com/security-products/container-scanning/grype:5` |
| Trivy | `registry.gitlab.com/security-products/container-scanning/trivy:5` |
| Default ([Trivy](https://github.com/aquasecurity/trivy)) | `registry.gitlab.com/security-products/container-scanning:6` |
| [Grype](https://github.com/anchore/grype) | `registry.gitlab.com/security-products/container-scanning/grype:6` |
| Trivy | `registry.gitlab.com/security-products/container-scanning/trivy:6` |
### Setting the default branch image
@ -557,9 +557,9 @@ For container scanning, import the following images from `registry.gitlab.com` i
[local Docker container registry](../../packages/container_registry/index.md):
```plaintext
registry.gitlab.com/security-products/container-scanning:5
registry.gitlab.com/security-products/container-scanning/grype:5
registry.gitlab.com/security-products/container-scanning/trivy:5
registry.gitlab.com/security-products/container-scanning:6
registry.gitlab.com/security-products/container-scanning/grype:6
registry.gitlab.com/security-products/container-scanning/trivy:6
```
The process for importing Docker images into a local offline Docker registry depends on
@ -599,7 +599,7 @@ following `.gitlab-ci.yml` example as a template.
```yaml
variables:
SOURCE_IMAGE: registry.gitlab.com/security-products/container-scanning:5
SOURCE_IMAGE: registry.gitlab.com/security-products/container-scanning:6
TARGET_IMAGE: $CI_REGISTRY/namespace/container-scanning
image: docker:stable

13
doc/user/compliance/compliance_report/index.md
View File

@ -18,7 +18,7 @@ See reports about compliance violations and compliance frameworks for the group.
> - GraphQL API [introduced](https://gitlab.com/groups/gitlab-org/-/epics/7222) in GitLab 14.9.
> - [Generally available](https://gitlab.com/groups/gitlab-org/-/epics/5237) in GitLab 14.10. [Feature flag `compliance_violations_report`](https://gitlab.com/gitlab-org/gitlab/-/issues/346266) removed.
> - [Renamed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/112111) to compliance violations report in GitLab 15.9.
> - [Added](https://gitlab.com/gitlab-org/gitlab/-/issues/394950) ability to create/edit compliance frameworks in GitLab 16.0 [with a flag](../../../administration/feature_flags.md) named `manage_compliance_frameworks_modals_refactor`. Disabled by default.
> - [Added](https://gitlab.com/gitlab-org/gitlab/-/issues/394950) ability to create/edit compliance frameworks in GitLab 16.0.
With compliance violations report, you can see a high-level view of merge request activity for all projects in the group.
@ -171,8 +171,7 @@ passing in an optional value to the `commit_sha` query parameter.
## Compliance frameworks report
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/387910) in GitLab 15.10.
> - Support for applying/removing compliance framework [added](https://gitlab.com/gitlab-org/gitlab/-/issues/383209) in GitLab 15.11
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/387910) in GitLab 15.10.
With compliance frameworks report, you can see the compliance frameworks that are applied to projects in a group. Each row of the report shows:
@ -196,6 +195,10 @@ To view the compliance frameworks report:
### Apply a compliance framework to projects in a group
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/383209) in GitLab 15.11.
You can apply a compliance framework to selected projects in a group.
Prerequisites:
- You must have the Owner role for the group.
@ -212,6 +215,10 @@ To apply a compliance framework to projects in a group:
### Remove a compliance framework from projects in a group
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/383209) in GitLab 15.11.
You can remove a compliance framework from selected projects in a group.
Prerequisites:
- You must have the Owner role for the group.

2
doc/user/group/access_and_permissions.md
View File

@ -203,7 +203,7 @@ your group.
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/216987) in GitLab 13.3.
By default, projects in a group can be forked.
Optionally, on [GitLab Premium](https://about.gitlab.com/pricing/) or higher tiers,
Optionally, on [GitLab Premium and Ultimate tiers](https://about.gitlab.com/pricing/),
you can prevent the projects in a group from being forked outside of the current top-level group.
This setting is removed from the SAML setting page, and migrated to the

4
doc/user/group/manage.md
View File

@ -75,7 +75,7 @@ This action removes the group. It also adds a background job to delete all proje
Specifically:
- In [GitLab 12.8 and later](https://gitlab.com/gitlab-org/gitlab/-/issues/33257), on [GitLab Premium](https://about.gitlab.com/pricing/premium/) or higher tiers, this action adds a background job to mark a group for deletion. By default, the job schedules the deletion 7 days in the future. You can modify this waiting period through the [instance settings](../admin_area/settings/visibility_and_access_controls.md#deletion-protection).
- In [GitLab 12.8 and later](https://gitlab.com/gitlab-org/gitlab/-/issues/33257), on [GitLab Premium or Ultimate tiers](https://about.gitlab.com/pricing/premium/), this action adds a background job to mark a group for deletion. By default, the job schedules the deletion 7 days in the future. You can modify this waiting period through the [instance settings](../admin_area/settings/visibility_and_access_controls.md#deletion-protection).
- In [GitLab 13.6 and later](https://gitlab.com/gitlab-org/gitlab/-/issues/39504), if the user who sets up the deletion is removed from the group before the
deletion happens, the job is cancelled, and the group is no longer scheduled for deletion.
@ -324,7 +324,7 @@ To change this setting for a specific group, see [group level default branch pro
To change this setting globally, see [initial default branch protection](../project/repository/branches/default.md#instance-level-default-branch-protection).
NOTE:
In [GitLab Premium or higher](https://about.gitlab.com/pricing/), GitLab administrators can choose to [disable group owners from updating the default branch protection](../project/repository/branches/default.md#prevent-overrides-of-default-branch-protection).
In [GitLab Premium or Ultimate](https://about.gitlab.com/pricing/), GitLab administrators can choose to [disable group owners from updating the default branch protection](../project/repository/branches/default.md#prevent-overrides-of-default-branch-protection).
## Use a custom name for the initial branch

4
doc/user/group/settings/group_access_tokens.md
View File

@ -36,8 +36,8 @@ occurs on self-managed instances when they are upgraded to GitLab 16.0. This cha
You can use group access tokens:
- On GitLab SaaS if you have the Premium license tier or higher. Group access tokens are not available with a [trial license](https://about.gitlab.com/free-trial/).
- On self-managed instances of GitLab, with any license tier. If you have the Free tier:
- On GitLab SaaS: If you have the Premium or Ultimate license tier. Group access tokens are not available with a [trial license](https://about.gitlab.com/free-trial/).
- On self-managed instances: With any license tier. If you have the Free tier:
- Review your security and compliance policies around
[user self-enrollment](../../admin_area/settings/sign_up_restrictions.md#disable-new-sign-ups).
- Consider [disabling group access tokens](#enable-or-disable-group-access-token-creation) to

2
doc/user/okrs.md
View File

@ -138,7 +138,7 @@ You can add [comments](discussions/index.md) and reply to threads in tasks.
To show who is responsible for an OKR, you can assign users to it.
Users on GitLab Free can assign one user per OKR.
Users on GitLab Premium and higher can assign multiple users to a single OKR.
Users on GitLab Premium and Ultimate can assign multiple users to a single OKR.
See also [multiple assignees for issues](project/issues/multiple_assignees_for_issues.md).
Prerequisites:

2
doc/user/packages/container_registry/index.md
View File

@ -143,7 +143,7 @@ see [Container Registry visibility permissions](#container-registry-visibility-p
is internal or private, the Container Registry is also internal or private.
- **Only Project Members**: The Container Registry is visible only to project members with
Reporter role or higher. This visibility is similar to the behavior of a private project with Container
at least the Reporter role. This visibility is similar to the behavior of a private project with Container
Registry visibility set to **Everyone With Access**.
1. Select **Save changes**.

4
doc/user/project/description_templates.md
View File

@ -153,7 +153,7 @@ To set a default description template for merge requests, either:
- [In GitLab 14.8 and later](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/78302), [create a merge request template](#create-a-merge-request-template) named `Default.md` (case insensitive)
and save it in `.gitlab/merge_request_templates/`.
This [doesn't overwrite](#priority-of-default-description-templates) the default template if one has been set in the project settings.
- Users on GitLab Premium and higher: set the default template in project settings:
- Users on GitLab Premium and Ultimate: set the default template in project settings:
1. On the top bar, select **Main menu > Projects** and find your project.
1. On the left sidebar, select **Settings > Merge requests**.
@ -165,7 +165,7 @@ To set a default description template for issues, either:
- [In GitLab 14.8 and later](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/78302), [create an issue template](#create-an-issue-template) named `Default.md` (case insensitive)
and save it in `.gitlab/issue_templates/`.
This [doesn't overwrite](#priority-of-default-description-templates) the default template if one has been set in the project settings.
- Users on GitLab Premium and higher: set the default template in project settings:
- Users on GitLab Premium and Ultimate: set the default template in project settings:
1. On the top bar, select **Main menu > Projects** and find your project.
1. On the left sidebar, select **Settings > General**.

3
doc/user/project/file_lock.md
View File

@ -195,8 +195,7 @@ Suggested workflow for shared projects:
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/440) in GitLab 8.9.
This process allows you to lock one file at a time through the GitLab UI and
requires access to [GitLab Premium](https://about.gitlab.com/pricing/)
or higher tiers.
requires access to the [GitLab Premium or Ultimate tier](https://about.gitlab.com/pricing/).
Default branch file and directory locks only apply to the
[default branch](repository/branches/default.md) set in the project's settings.

2
doc/user/project/issues/associate_zoom_meeting.md
View File

@ -36,7 +36,7 @@ You are only allowed to attach a single Zoom meeting to an issue. If you attempt
to add a second Zoom meeting using the `/zoom` quick action, it doesn't work. You
need to [remove it](#removing-an-existing-zoom-meeting-from-an-issue) first.
Users on GitLab Premium and higher can also
Users on GitLab Premium and Ultimate can also
[add multiple Zoom links to incidents](../../../operations/incident_management/linked_resources.md#link-zoom-meetings-from-an-incident).
## Removing an existing Zoom meeting from an issue

6
doc/user/project/merge_requests/approvals/rules.md
View File

@ -53,7 +53,7 @@ To add a merge request approval rule:
1. Select **Add approval rule**.
Users of GitLab Premium and higher tiers can create [additional approval rules](#add-multiple-approval-rules).
Users of GitLab Premium and Ultimate tiers can create [additional approval rules](#add-multiple-approval-rules).
Your configuration for approval rule overrides determines if the new rule is applied
to existing merge requests:
@ -91,7 +91,7 @@ To edit a merge request approval rule:
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/1979) in GitLab 11.10.
In GitLab Premium and higher tiers, you can enforce multiple approval rules on a
In GitLab Premium and Ultimate tiers, you can enforce multiple approval rules on a
merge request, and multiple default approval rules for a project. If your tier
supports multiple default rules:
@ -134,7 +134,7 @@ who commented on the merge request. It helps authors and reviewers identify who
contact with questions about the merge request's content.
If the number of required approvals is greater than the number of assigned approvers,
approvals from other users with Developer [permissions](../../../permissions.md) or higher
approvals from other users with at least the Developer [role](../../../permissions.md)
in the project counts toward meeting the required number of approvals, even if the
users were not explicitly listed in the approval rules.

2
doc/user/project/merge_requests/approvals/settings.md
View File

@ -121,7 +121,7 @@ permission enables an electronic signature for approvals, such as the one define
## Remove all approvals when commits are added to the source branch
By default, an approval on a merge request is removed when you add more changes
after the approval. In GitLab Premium and higher tiers, to keep existing approvals
after the approval. In GitLab Premium and Ultimate tiers, to keep existing approvals
after more changes are added to the merge request:
1. On the left sidebar, select **Settings > Merge requests**.

2
doc/user/project/merge_requests/dependencies.md
View File

@ -85,7 +85,7 @@ other specific work merges, even if the merge request is in a different project.
Prerequisites:
- You must have at least the Developer role or be allowed to create merge requests in the project.
- The dependent merge request must be in a project in a **PREMIUM** or higher tier.
- The dependent merge request must be in a project in the Premium or Ultimate tier.
To create a new merge request and mark it as dependent on another:

3
doc/user/project/merge_requests/index.md
View File

@ -321,13 +321,14 @@ For a web developer writing a webpage for your company's website:
FLAG:
On self-managed GitLab, by default this feature is not available.
To make it available per user, ask an administrator to [enable the feature flag](../../../administration/feature_flags.md) named `mr_activity_filters` for individual or groups of users.
On GitLab.com, this feature is enabled for all GitLab team members.
On GitLab.com, this feature unavailable.
To understand the history of a merge request, filter its activity feed to show you
only the items that are relevant to you.
1. On the top bar, select **Main menu > Projects** and find your project.
1. On the left sidebar, select **Merge requests**.
1. Select a merge request.
1. Scroll to **Activity**.
1. On the right side of the page, select **Activity filter** to show the filter options.
If you've selected filter options previously, this field shows a summary of your

4
doc/user/project/releases/index.md
View File

@ -45,8 +45,8 @@ To view a list of releases:
![Number of Releases](img/releases_count_v13_2.png "Incremental counter of Releases")
- On public projects, this number is visible to all users.
- On private projects, this number is visible to users with Reporter
[permissions](../../permissions.md#project-members-permissions) or higher.
- On private projects, this number is visible to users with at least the Reporter
[role](../../permissions.md#project-members-permissions).
### Sort releases

10
doc/user/project/releases/release_fields.md
View File

@ -90,6 +90,8 @@ By default, GitLab fetches the release using `released_at` time. The use of the
#### Permanent links to release assets
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/375489) in GitLab 15.9, links for private releases can be accessed using a Personal Access Token.
The assets associated with a release are accessible through a permanent URL.
GitLab always redirects this URL to the actual asset
location, so even if the assets move to a different location, you can continue
@ -121,6 +123,14 @@ https://gitlab.com/gitlab-org/gitlab-runner/-/releases/v11.9.0-rc2/downloads/bin
The physical location of the asset can change at any time and the direct link remains unchanged.
If the release is private, you need to provide a Personal Access Token with either `api` or `read_api` scopes using
a `private_token` query parameter or a `HTTP_PRIVATE_TOKEN` header when making the request. For example:
```shell
curl --location --output filename "https://gitlab.example.com/my-group/my-project/-/releases/:release/downloads/:filepath?private_token=<your_access_token>"
curl --location --output filename --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/my-group/my-project/-/releases/:release/downloads/:filepath"
```
#### Permanent links to latest release assets
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/16821) in GitLab 14.9.

4
doc/user/project/repository/branches/default.md
View File

@ -134,7 +134,7 @@ groups and subgroups can override this instance-wide setting for their projects.
Instance-level protections for default branches
can be overridden on a per-group basis by the group's owner. In
[GitLab Premium or higher](https://about.gitlab.com/pricing/), GitLab administrators can
[GitLab Premium or Ultimate](https://about.gitlab.com/pricing/), GitLab administrators can
disable this privilege for group owners, enforcing the instance-level protection rule:
1. On the top bar, select **Main menu > Admin**.
@ -153,7 +153,7 @@ GitLab administrators can still update the default branch protection of a group.
Instance-level protections for [default branch](#default-branch)
can be overridden on a per-group basis by the group's owner. In
[GitLab Premium or higher](https://about.gitlab.com/pricing/), GitLab administrators can
[GitLab Premium or Ultimate](https://about.gitlab.com/pricing/), GitLab administrators can
[enforce protection of initial default branches](#prevent-overrides-of-default-branch-protection)
which locks this setting for group owners.

2
doc/user/project/repository/branches/index.md
View File

@ -66,7 +66,7 @@ When viewing an issue, you can create an associated branch directly from that pa
Prerequisites:
- You must have the Developer or higher role in the project.
- You must have at least the Developer role in the project.
To create a branch from an issue:

4
doc/user/project/repository/forking_workflow.md
View File

@ -49,7 +49,7 @@ A fork can fall out of sync with its upstream repository, and require an update:
your changes up, and pull the upstream repository's new changes into your fork.
To sync your fork with its upstream repository, update it from the GitLab UI
or the command line. GitLab Premium and higher tiers can also automate updates by
or the command line. GitLab Premium and Ultimate tiers can also automate updates by
[configuring forks as pull mirrors](#with-repository-mirroring) of the upstream repository.
### From the UI
@ -142,7 +142,7 @@ an `upstream` remote repository for your fork:
A fork can be configured as a mirror of the upstream if all these conditions are met:
1. Your subscription is **Premium** or higher.
1. Your subscription is **Premium** or **Ultimate**.
1. You create all changes in branches (not `main`).
1. You do not work on [merge requests for confidential issues](../merge_requests/confidential.md),
which requires changes to `main`.

4
doc/user/project/settings/project_access_tokens.md
View File

@ -36,8 +36,8 @@ occurs on self-managed instances when they are upgraded to GitLab 16.0. This cha
You can use project access tokens:
- On GitLab SaaS if you have the Premium license tier or higher. Project access tokens are not available with a [trial license](https://about.gitlab.com/free-trial/).
- On self-managed instances of GitLab, with any license tier. If you have the Free tier:
- On GitLab SaaS: If you have the Premium or Ultimate license tier. Project access tokens are not available with a [trial license](https://about.gitlab.com/free-trial/).
- On self-managed instances of GitLab: With any license tier. If you have the Free tier:
- Review your security and compliance policies around
[user self-enrollment](../../admin_area/settings/sign_up_restrictions.md#disable-new-sign-ups).
- Consider [disabling project access tokens](#enable-or-disable-project-access-token-creation) to

2
doc/user/project/wiki/group.md
View File

@ -20,7 +20,7 @@ Group wikis are similar to [project wikis](index.md), with a few limitations:
For updates, follow [the epic that tracks feature parity with project wikis](https://gitlab.com/groups/gitlab-org/-/epics/2782).
Similar to project wikis, group members with at least the Developer role
and higher can edit group wikis. Group wiki repositories can be moved using the
can edit group wikis. Group wiki repositories can be moved using the
[Group repository storage moves API](../../../api/group_repository_storage_moves.md).
## View a group wiki

2
doc/user/tasks.md
View File

@ -165,7 +165,7 @@ To delete a task:
To show who is responsible for a task, you can assign users to it.
Users on GitLab Free can assign one user per task.
Users on GitLab Premium and higher can assign multiple users to a single task.
Users on GitLab Premium and Ultimate can assign multiple users to a single task.
See also [multiple assignees for issues](project/issues/multiple_assignees_for_issues.md).
Prerequisites:

2
lib/gitlab/ci/templates/Jobs/Container-Scanning.gitlab-ci.yml
View File

@ -22,7 +22,7 @@
# List of available variables: https://docs.gitlab.com/ee/user/application_security/container_scanning/#available-variables
variables:
CS_ANALYZER_IMAGE: "$CI_TEMPLATE_REGISTRY_HOST/security-products/container-scanning:5"
CS_ANALYZER_IMAGE: "$CI_TEMPLATE_REGISTRY_HOST/security-products/container-scanning:6"
CS_SCHEMA_MODEL: 15
container_scanning:

2
lib/gitlab/ci/templates/Jobs/Container-Scanning.latest.gitlab-ci.yml
View File

@ -22,7 +22,7 @@
# List of available variables: https://docs.gitlab.com/ee/user/application_security/container_scanning/#available-variables
variables:
CS_ANALYZER_IMAGE: "$CI_TEMPLATE_REGISTRY_HOST/security-products/container-scanning:5"
CS_ANALYZER_IMAGE: "$CI_TEMPLATE_REGISTRY_HOST/security-products/container-scanning:6"
CS_SCHEMA_MODEL: 15
container_scanning:

4
lib/gitlab/database/schema_validation/adapters/column_database_adapter.rb
View File

@ -33,6 +33,10 @@ module Gitlab
'NOT NULL' if query_result['not_null']
end
def partition_key?
query_result['partition_key']
end
private
attr_reader :query_result

18
lib/gitlab/database/schema_validation/adapters/column_structure_sql_adapter.rb
View File

@ -17,9 +17,10 @@ module Gitlab
attr_reader :table_name
def initialize(table_name, pg_query_stmt)
def initialize(table_name, pg_query_stmt, partitioning_stmt)
@table_name = table_name
@pg_query_stmt = pg_query_stmt
@partitioning_stmt = partitioning_stmt
end
def name
@ -44,9 +45,13 @@ module Gitlab
'NOT NULL' if constraints.any? { |node| node.constraint.contype == NOT_NULL_CONSTR }
end
def partition_key?
partition_keys.include?(name)
end
private
attr_reader :pg_query_stmt
attr_reader :pg_query_stmt, :partitioning_stmt
def constraints
@constraints ||= pg_query_stmt.constraints
@ -81,6 +86,7 @@ module Gitlab
# Parses PGQuery nodes recursively
#
# :constraint:: nodes that groups column default info
# :partition_elem:: node that store partition key info
# :func_cal:: nodes that stores functions, like +now()+
# :a_const:: nodes that stores constant values, like +t+, +f+, +0.0.0.0+, +255+, +1.0+
# :type_cast:: nodes that stores casting values, like +'name'::text+, +'0.0.0.0'::inet+
@ -93,6 +99,8 @@ module Gitlab
case node.node
when :constraint
parse_node(node.constraint.raw_expr)
when :partition_elem
node.partition_elem.name
when :func_call
"#{parse_node(node.func_call.funcname.first)}()"
when :a_const
@ -107,6 +115,12 @@ module Gitlab
node.to_h[node.node].values.last
end
end
def partition_keys
return [] unless partitioning_stmt
@partition_keys ||= partitioning_stmt.part_params.map { |key_stmt| parse_node(key_stmt) }
end
end
end
end

4
lib/gitlab/database/schema_validation/database.rb
View File

@ -105,12 +105,14 @@ module Gitlab
table_information.relname AS table_name,
col_information.attname AS column_name,
col_information.attnotnull AS not_null,
col_information.attnum = ANY(pg_partitioned_table.partattrs) as partition_key,
format_type(col_information.atttypid, col_information.atttypmod) AS data_type,
pg_get_expr(col_default_information.adbin, col_default_information.adrelid) AS column_default
FROM pg_attribute AS col_information
JOIN pg_class AS table_information ON col_information.attrelid = table_information.oid
JOIN pg_namespace AS schema_information ON table_information.relnamespace = schema_information.oid
LEFT JOIN pg_attrdef AS col_default_information ON col_information.attrelid = col_default_information.adrelid
LEFT JOIN pg_partitioned_table ON pg_partitioned_table.partrelid = table_information.oid
LEFT JOIN pg_attrdef AS col_default_information ON col_information.attrelid = col_default_information.adrelid
AND col_information.attnum = col_default_information.adnum
WHERE NOT col_information.attisdropped
AND col_information.attnum > 0

43
lib/gitlab/database/schema_validation/inconsistency_filter.rb Normal file
View File

@ -0,0 +1,43 @@
# frozen_string_literal: true
module Gitlab
module Database
module SchemaValidation
class InconsistencyFilter
def initialize(tables, triggers)
@tables = tables
@triggers = triggers
end
def to_proc
proc do |inconsistency|
inconsistency unless ignored?(inconsistency)
end
end
private
attr_reader :tables, :triggers
def ignored?(inconsistency)
case inconsistency.type
in 'extra_tables' | 'missing_tables'
ignored_table?(inconsistency.table_name)
in 'extra_triggers' | 'missing_triggers'
ignored_trigger?(inconsistency.object_name)
else
false
end
end
def ignored_table?(name)
tables.include?(name)
end
def ignored_trigger?(name)
triggers.any? { |ignored_object| name.to_s.include?(ignored_object) }
end
end
end
end
end

2
lib/gitlab/database/schema_validation/schema_objects/column.rb
View File

@ -11,7 +11,7 @@ module Gitlab
attr_reader :adapter
delegate :name, :table_name, to: :adapter
delegate :name, :table_name, :partition_key?, to: :adapter
def statement
[name, adapter.data_type, adapter.default, adapter.nullable].compact.join(' ')

2
lib/gitlab/database/schema_validation/schema_objects/table.rb
View File

@ -31,7 +31,7 @@ module Gitlab
private
def columns_statement
columns.map(&:statement).join(', ')
columns.reject(&:partition_key?).map(&:statement).join(', ')
end
end
end

4
lib/gitlab/database/schema_validation/structure_sql.rb
View File

@ -38,9 +38,11 @@ module Gitlab
def tables
@tables ||= table_statements.map do |stmt|
table_name = stmt.relation.relname
partition_stmt = stmt.partspec
columns = stmt.table_elts.select { |n| n.node == :column_def }.map do |column|
SchemaObjects::Column.new(Adapters::ColumnStructureSqlAdapter.new(table_name, column.column_def))
adapter = Adapters::ColumnStructureSqlAdapter.new(table_name, column.column_def, partition_stmt)
SchemaObjects::Column.new(adapter)
end
SchemaObjects::Table.new(table_name, columns)

17
lib/gitlab/tracking.rb
View File

@ -9,11 +9,15 @@ module Gitlab
def event(category, action, label: nil, property: nil, value: nil, context: [], project: nil, user: nil, namespace: nil, **extra) # rubocop:disable Metrics/ParameterLists
action = action.to_s
project_id = project.is_a?(Integer) ? project : project&.id
contexts = [
Tracking::StandardContext.new(
project: project,
user: user,
namespace: namespace,
namespace_id: namespace&.id,
plan_name: namespace&.actual_plan_name,
project_id: project_id,
user_id: user&.id,
**extra).to_context, *context
]
@ -25,9 +29,10 @@ module Gitlab
destination = Gitlab::Tracking::Destinations::DatabaseEventsSnowplow.new
contexts = [
Tracking::StandardContext.new(
project: project,
user: user,
namespace: namespace,
namespace_id: namespace&.id,
plan_name: namespace&.actual_plan_name,
project_id: project&.id,
user_id: user&.id,
**extra).to_context, *context
]

29
lib/gitlab/tracking/standard_context.rb
View File

@ -6,15 +6,16 @@ module Gitlab
GITLAB_STANDARD_SCHEMA_URL = 'iglu:com.gitlab/gitlab_standard/jsonschema/1-0-8'
GITLAB_RAILS_SOURCE = 'gitlab-rails'
def initialize(namespace: nil, project: nil, user: nil, **extra)
check_argument_type(:namespace, namespace, [Namespace])
check_argument_type(:project, project, [Project, Integer])
check_argument_type(:user, user, [User, DeployToken])
def initialize(namespace_id: nil, plan_name: nil, project_id: nil, user_id: nil, **extra)
check_argument_type(:namespace_id, namespace_id, [Integer])
check_argument_type(:plan_name, plan_name, [String])
check_argument_type(:project_id, project_id, [Integer])
check_argument_type(:user_id, user_id, [Integer])
@namespace = namespace
@plan = namespace&.actual_plan_name
@project = project
@user = user
@namespace_id = namespace_id
@plan_name = plan_name
@project_id = project_id
@user_id = user_id
@extra = extra
end
@ -40,25 +41,21 @@ module Gitlab
private
attr_accessor :namespace, :project, :extra, :plan, :user
attr_accessor :namespace_id, :project_id, :extra, :plan_name, :user_id
def to_h
{
environment: environment,
source: source,
plan: plan,
plan: plan_name,
extra: extra,
user_id: user&.id,
namespace_id: namespace&.id,
user_id: user_id,
namespace_id: namespace_id,
project_id: project_id,
context_generated_at: Time.current
}
end
def project_id
project.is_a?(Integer) ? project : project&.id
end
def check_argument_type(argument_name, argument_value, allowed_classes)
return if argument_value.nil? || allowed_classes.any? { |allowed_class| argument_value.is_a?(allowed_class) }

10
lib/tasks/gitlab/db.rake
View File

@ -449,6 +449,11 @@ namespace :gitlab do
end
namespace :schema_checker do
# TODO: Remove `test_replication` after PG 14 upgrade is finished
# https://gitlab.com/gitlab-com/gl-infra/db-migration/-/merge_requests/406#note_1369214728
IGNORED_TABLES = %w[test_replication].freeze
IGNORED_TRIGGERS = ['gitlab_schema_write_trigger_for_'].freeze
desc 'Checks schema inconsistencies'
task run: :environment do
database_model = Gitlab::Database.database_base_models[Gitlab::Database::MAIN_DATABASE_NAME]
@ -457,7 +462,10 @@ namespace :gitlab do
stucture_sql_path = Rails.root.join('db/structure.sql')
structure_sql = Gitlab::Database::SchemaValidation::StructureSql.new(stucture_sql_path)
inconsistencies = Gitlab::Database::SchemaValidation::Runner.new(structure_sql, database).execute
filter = Gitlab::Database::SchemaValidation::InconsistencyFilter.new(IGNORED_TABLES, IGNORED_TRIGGERS)
inconsistencies =
Gitlab::Database::SchemaValidation::Runner.new(structure_sql, database).execute.filter_map(&filter)
gitlab_url = 'gitlab-org/gitlab'

4
qa/lib/gitlab/page/group/settings/billing.rb
View File

@ -34,8 +34,8 @@ module Gitlab
#
# @param subscription_plan [String]
def wait_for_subscription(subscription_plan, page:)
::QA::Support::Waiter.wait_until(max_duration: 30, sleep_interval: 2, reload_page: page) do
billing_plan_header.match?(/currently using the #{subscription_plan} plan/i)
::QA::Support::Waiter.wait_until(max_duration: 30, sleep_interval: 3, reload_page: page) do
billing_plan_header.match?(/currently using the #{subscription_plan} saas plan/i)
end
end
end

6
spec/fixtures/structure.sql vendored
View File

@ -49,8 +49,10 @@ CREATE TABLE test_table (
uuid_with_default_column uuid DEFAULT '00000000-0000-0000-0000-000000000000'::uuid NOT NULL,
bytea_column bytea,
bytea_with_default_column bytea DEFAULT '\xDEADBEEF'::bytea,
unmapped_column_type anyarray
);
unmapped_column_type anyarray,
partition_key bigint DEFAULT 1 NOT NULL,
created_at timestamp with time zone DEFAULT now() NOT NULL
) PARTITION BY HASH (partition_key, created_at);
CREATE TABLE ci_project_mirrors (
id bigint NOT NULL,

8
spec/lib/gitlab/database/schema_validation/adapters/column_database_adapter_spec.rb
View File

@ -8,13 +8,15 @@ RSpec.describe Gitlab::Database::SchemaValidation::Adapters::ColumnDatabaseAdapt
let(:column_name) { 'email' }
let(:column_default) { "'no-reply@gitlab.com'::character varying" }
let(:not_null) { true }
let(:partition_key) { false }
let(:db_result) do
{
'table_name' => 'projects',
'column_name' => column_name,
'data_type' => 'character varying',
'column_default' => column_default,
'not_null' => not_null
'not_null' => not_null,
'partition_key' => partition_key
}
end
@ -63,4 +65,8 @@ RSpec.describe Gitlab::Database::SchemaValidation::Adapters::ColumnDatabaseAdapt
it { expect(adapter.nullable).to be_nil }
end
end
describe '#partition_key?' do
it { expect(adapter.partition_key?).to be(false) }
end
end

55
spec/lib/gitlab/database/schema_validation/adapters/column_structure_sql_adapter_spec.rb
View File

@ -3,36 +3,41 @@
require 'spec_helper'
RSpec.describe Gitlab::Database::SchemaValidation::Adapters::ColumnStructureSqlAdapter, feature_category: :database do
subject(:adapter) { described_class.new(table_name, column_def) }
subject(:adapter) { described_class.new(table_name, column_def, partition_stmt) }
let(:table_name) { 'my_table' }
let(:table_name) { 'test_table' }
let(:file_path) { Rails.root.join('spec/fixtures/structure.sql') }
let(:table_stmts) { PgQuery.parse(File.read(file_path)).tree.stmts.filter_map { |s| s.stmt.create_stmt } }
let(:column_stmts) { table_stmts.find { |table| table.relation.relname == 'test_table' }.table_elts }
let(:table) { table_stmts.find { |table| table.relation.relname == table_name } }
let(:partition_stmt) { table.partspec }
let(:column_stmts) { table.table_elts }
let(:column_def) { column_stmts.find { |col| col.column_def.colname == column_name }.column_def }
where(:column_name, :data_type, :default_value, :nullable) do
where(:column_name, :data_type, :default_value, :nullable, :partition_key) do
[
['id', 'bigint', nil, 'NOT NULL'],
['integer_column', 'integer', nil, nil],
['integer_with_default_column', 'integer', 'DEFAULT 1', nil],
['smallint_with_default_column', 'smallint', 'DEFAULT 0', 'NOT NULL'],
['double_precision_with_default_column', 'double precision', 'DEFAULT 1.0', nil],
['numeric_with_default_column', 'numeric', 'DEFAULT 1.0', 'NOT NULL'],
['boolean_with_default_colum', 'boolean', 'DEFAULT true', 'NOT NULL'],
['varying_with_default_column', 'character varying', "DEFAULT 'DEFAULT'::character varying", 'NOT NULL'],
['varying_with_limit_and_default_column', 'character varying(255)', "DEFAULT 'DEFAULT'::character varying", nil],
['text_with_default_column', 'text', "DEFAULT ''::text", 'NOT NULL'],
['array_with_default_column', 'character varying(255)[]', "DEFAULT '{one,two}'::character varying[]", 'NOT NULL'],
['jsonb_with_default_column', 'jsonb', "DEFAULT '[]'::jsonb", 'NOT NULL'],
['timestamptz_with_default_column', 'timestamp(6) with time zone', "DEFAULT now()", nil],
['id', 'bigint', nil, 'NOT NULL', false],
['integer_column', 'integer', nil, nil, false],
['integer_with_default_column', 'integer', 'DEFAULT 1', nil, false],
['smallint_with_default_column', 'smallint', 'DEFAULT 0', 'NOT NULL', false],
['double_precision_with_default_column', 'double precision', 'DEFAULT 1.0', nil, false],
['numeric_with_default_column', 'numeric', 'DEFAULT 1.0', 'NOT NULL', false],
['boolean_with_default_colum', 'boolean', 'DEFAULT true', 'NOT NULL', false],
['varying_with_default_column', 'character varying', "DEFAULT 'DEFAULT'::character varying", 'NOT NULL', false],
['varying_with_limit_and_default_column', 'character varying(255)', "DEFAULT 'DEFAULT'::character varying",
nil, false],
['text_with_default_column', 'text', "DEFAULT ''::text", 'NOT NULL', false],
['array_with_default_column', 'character varying(255)[]', "DEFAULT '{one,two}'::character varying[]",
'NOT NULL', false],
['jsonb_with_default_column', 'jsonb', "DEFAULT '[]'::jsonb", 'NOT NULL', false],
['timestamptz_with_default_column', 'timestamp(6) with time zone', "DEFAULT now()", nil, false],
['timestamp_with_default_column', 'timestamp(6) without time zone',
"DEFAULT '2022-01-23 00:00:00+00'::timestamp without time zone", 'NOT NULL'],
['date_with_default_column', 'date', 'DEFAULT 2023-04-05', nil],
['inet_with_default_column', 'inet', "DEFAULT '0.0.0.0'::inet", 'NOT NULL'],
['macaddr_with_default_column', 'macaddr', "DEFAULT '00-00-00-00-00-000'::macaddr", 'NOT NULL'],
['uuid_with_default_column', 'uuid', "DEFAULT '00000000-0000-0000-0000-000000000000'::uuid", 'NOT NULL'],
['bytea_with_default_column', 'bytea', "DEFAULT '\\xDEADBEEF'::bytea", nil]
"DEFAULT '2022-01-23 00:00:00+00'::timestamp without time zone", 'NOT NULL', false],
['date_with_default_column', 'date', 'DEFAULT 2023-04-05', nil, false],
['inet_with_default_column', 'inet', "DEFAULT '0.0.0.0'::inet", 'NOT NULL', false],
['macaddr_with_default_column', 'macaddr', "DEFAULT '00-00-00-00-00-000'::macaddr", 'NOT NULL', false],
['uuid_with_default_column', 'uuid', "DEFAULT '00000000-0000-0000-0000-000000000000'::uuid", 'NOT NULL', false],
['partition_key', 'bigint', 'DEFAULT 1', 'NOT NULL', true],
['created_at', 'timestamp with time zone', 'DEFAULT now()', 'NOT NULL', true]
]
end
@ -56,6 +61,10 @@ RSpec.describe Gitlab::Database::SchemaValidation::Adapters::ColumnStructureSqlA
describe '#default' do
it { expect(adapter.default).to eq(default_value) }
end
describe '#partition_key?' do
it { expect(adapter.partition_key?).to eq(partition_key) }
end
end
context 'when the data type is not mapped' do

2
spec/lib/gitlab/database/schema_validation/database_spec.rb
View File

@ -74,6 +74,7 @@ RSpec.describe Gitlab::Database::SchemaValidation::Database, feature_category: :
'column_name' => 'id',
'not_null' => true,
'data_type' => 'bigint',
'partition_key' => false,
'column_default' => "nextval('audit_events_id_seq'::regclass)"
},
{
@ -81,6 +82,7 @@ RSpec.describe Gitlab::Database::SchemaValidation::Database, feature_category: :
'column_name' => 'details',
'not_null' => false,
'data_type' => 'text',
'partition_key' => false,
'column_default' => nil
}
]

9
spec/lib/gitlab/database/schema_validation/schema_objects/table_spec.rb
View File

@ -9,8 +9,9 @@ RSpec.describe Gitlab::Database::SchemaValidation::SchemaObjects::Table, feature
let(:column_class) { 'Gitlab::Database::SchemaValidation::SchemaObjects::Column' }
let(:columns) do
[
instance_double(column_class, name: 'id', statement: 'id bigint NOT NULL'),
instance_double(column_class, name: 'col', statement: 'col text')
instance_double(column_class, name: 'id', statement: 'id bigint NOT NULL', partition_key?: false),
instance_double(column_class, name: 'col', statement: 'col text', partition_key?: false),
instance_double(column_class, name: 'partition', statement: 'partition integer DEFAULT 1', partition_key?: true)
]
end
@ -24,6 +25,10 @@ RSpec.describe Gitlab::Database::SchemaValidation::SchemaObjects::Table, feature
describe '#statement' do
it { expect(table.statement).to eq('CREATE TABLE my_table (id bigint NOT NULL, col text)') }
it 'ignores the partition column' do
expect(table.statement).not_to include('partition integer DEFAULT 1')
end
end
describe '#fetch_column_by_name' do

6
spec/lib/gitlab/tracking/standard_context_spec.rb
View File

@ -70,7 +70,9 @@ RSpec.describe Gitlab::Tracking::StandardContext do
end
context 'when namespace is available' do
subject { described_class.new(namespace: create(:namespace)) }
let(:namespace) { create(:namespace) }
subject { described_class.new(namespace_id: namespace.id, plan_name: namespace.actual_plan_name) }
it 'contains plan name' do
expect(snowplow_context.to_json.dig(:data, :plan)).to eq(Plan::DEFAULT)
@ -93,7 +95,7 @@ RSpec.describe Gitlab::Tracking::StandardContext do
end
context 'with incorrect argument type' do
subject { described_class.new(project: create(:group)) }
subject { described_class.new(project_id: create(:group)) }
it 'does call `track_and_raise_for_dev_exception`' do
expect(Gitlab::ErrorTracking).to receive(:track_and_raise_for_dev_exception)

2
spec/lib/gitlab/tracking_spec.rb
View File

@ -134,7 +134,7 @@ RSpec.describe Gitlab::Tracking, feature_category: :application_instrumentation
expect(Gitlab::Tracking::StandardContext)
.to receive(:new)
.with(project: project, user: user, namespace: namespace, extra_key_1: 'extra value 1', extra_key_2: 'extra value 2')
.with(project_id: project.id, user_id: user.id, namespace_id: namespace.id, plan_name: namespace.actual_plan_name, extra_key_1: 'extra value 1', extra_key_2: 'extra value 2')
.and_call_original
expect_any_instance_of(klass).to receive(:event) do |_, category, action, args|

22
spec/migrations/20230502102832_schedule_index_to_members_on_source_and_type_and_access_level_spec.rb Normal file
View File

@ -0,0 +1,22 @@
# frozen_string_literal: true
require "spec_helper"
require_migration!
RSpec.describe ScheduleIndexToMembersOnSourceAndTypeAndAccessLevel, feature_category: :security_policy_management do
let(:async_index) { Gitlab::Database::AsyncIndexes::PostgresAsyncIndex }
let(:index_name) { described_class::INDEX_NAME }
it "schedules the index" do
reversible_migration do |migration|
migration.before -> do
expect(async_index.where(name: index_name).count).to be(0)
end
migration.after -> do
expect(async_index.where(name: index_name).count).to be(1)
end
end
end
end

22
spec/migrations/20230502120021_schedule_index_to_project_authorizations_on_project_user_access_level_spec.rb Normal file
View File

@ -0,0 +1,22 @@
# frozen_string_literal: true
require "spec_helper"
require_migration!
RSpec.describe ScheduleIndexToProjectAuthorizationsOnProjectUserAccessLevel, feature_category: :security_policy_management do
let(:async_index) { Gitlab::Database::AsyncIndexes::PostgresAsyncIndex }
let(:index_name) { described_class::INDEX_NAME }
it "schedules the index" do
reversible_migration do |migration|
migration.before -> do
expect(async_index.where(name: index_name).count).to be(0)
end
migration.after -> do
expect(async_index.where(name: index_name).count).to be(1)
end
end
end
end

35
spec/migrations/ensure_notes_bigint_backfill_is_finished_for_gitlab_dot_com_spec.rb Normal file
View File

@ -0,0 +1,35 @@
# frozen_string_literal: true
require 'spec_helper'
require_migration!
RSpec.describe EnsureNotesBigintBackfillIsFinishedForGitlabDotCom, feature_category: :database do
describe '#up' do
let(:migration_arguments) do
{
job_class_name: 'CopyColumnUsingBackgroundMigrationJob',
table_name: 'notes',
column_name: 'id',
job_arguments: [['id'], ['id_convert_to_bigint']]
}
end
it 'ensures the migration is completed for GitLab.com, dev, or test' do
expect_next_instance_of(described_class) do |instance|
expect(instance).to receive(:com_or_dev_or_test_but_not_jh?).and_return(true)
expect(instance).to receive(:ensure_batched_background_migration_is_finished).with(migration_arguments)
end
migrate!
end
it 'skips the check for other instances' do
expect_next_instance_of(described_class) do |instance|
expect(instance).to receive(:com_or_dev_or_test_but_not_jh?).and_return(false)
expect(instance).not_to receive(:ensure_batched_background_migration_is_finished)
end
migrate!
end
end
end

15
spec/tasks/gitlab/db_rake_spec.rb
View File

@ -353,20 +353,17 @@ RSpec.describe 'gitlab:db namespace rake task', :silence_stdout, feature_categor
end
describe 'schema inconsistencies' do
let(:expected_value) do
[
{ inconsistency_type: 'wrong_indexes', object_name: 'index_1' },
{ inconsistency_type: 'missing_indexes', object_name: 'index_2' }
]
end
let(:runner) { instance_double(Gitlab::Database::SchemaValidation::Runner, execute: inconsistencies) }
let(:inconsistency_class) { Gitlab::Database::SchemaValidation::Inconsistency }
let(:inconsistencies) do
[
instance_double(inconsistency_class, inspect: 'index_statement_1'),
instance_double(inconsistency_class, inspect: 'index_statement_2')
instance_double(inconsistency_class, inspect: 'index_statement_1', type: 'wrong_indexes'),
instance_double(inconsistency_class, inspect: 'index_statement_2', type: 'missing_indexes'),
instance_double(inconsistency_class, inspect: 'table_statement_1', type: 'extra_tables',
table_name: 'test_replication'),
instance_double(inconsistency_class, inspect: 'trigger_statement', type: 'missing_triggers',
object_name: 'gitlab_schema_write_trigger_for_users')
]
end

2
workhorse/go.mod
View File

@ -7,7 +7,7 @@ require (
github.com/BurntSushi/toml v1.2.1
github.com/FZambia/sentinel v1.1.1
github.com/alecthomas/chroma/v2 v2.7.0
github.com/aws/aws-sdk-go v1.44.254
github.com/aws/aws-sdk-go v1.44.255
github.com/disintegration/imaging v1.6.2
github.com/getsentry/raven-go v0.2.0
github.com/golang-jwt/jwt/v5 v5.0.0

4
workhorse/go.sum
View File

@ -569,8 +569,8 @@ github.com/aws/aws-sdk-go v1.43.31/go.mod h1:y4AeaBuwd2Lk+GepC1E9v0qOiTws0MIWAX4
github.com/aws/aws-sdk-go v1.44.156/go.mod h1:aVsgQcEevwlmQ7qHE9I3h+dtQgpqhFB+i8Phjh7fkwI=
github.com/aws/aws-sdk-go v1.44.187/go.mod h1:aVsgQcEevwlmQ7qHE9I3h+dtQgpqhFB+i8Phjh7fkwI=
github.com/aws/aws-sdk-go v1.44.200/go.mod h1:aVsgQcEevwlmQ7qHE9I3h+dtQgpqhFB+i8Phjh7fkwI=
github.com/aws/aws-sdk-go v1.44.254 h1:8baW4yal2xGiM/Wm5/ZU10drS8sd+BVjMjPFjJx2ooc=
github.com/aws/aws-sdk-go v1.44.254/go.mod h1:aVsgQcEevwlmQ7qHE9I3h+dtQgpqhFB+i8Phjh7fkwI=
github.com/aws/aws-sdk-go v1.44.255 h1:tOd7OP5V6BeHhANksc7CFB/ILS2mHj3kRhTfZKFnsS0=
github.com/aws/aws-sdk-go v1.44.255/go.mod h1:aVsgQcEevwlmQ7qHE9I3h+dtQgpqhFB+i8Phjh7fkwI=
github.com/aws/aws-sdk-go-v2 v1.9.1/go.mod h1:cK/D0BBs0b/oWPIcX/Z/obahJK1TT7IPVjy53i/mX/4=
github.com/aws/aws-sdk-go-v2 v1.17.4 h1:wyC6p9Yfq6V2y98wfDsj6OnNQa4w2BLGCLIxzNhwOGY=
github.com/aws/aws-sdk-go-v2 v1.17.4/go.mod h1:uzbQtefpm44goOPmdKyAlXSNcwlRgF3ePWVW6EtJvvw=