root
/
gitlab-ce
mirror of https://gitlab.com/free-releases/gitlab-ce.git
1
0
Fork 0
Code Issues Actions Packages Projects Releases Wiki Activity

Add latest changes from gitlab-org/gitlab@master

This commit is contained in:
GitLab Bot 2023-09-28 18:12:54 +00:00
parent 33d999642a
commit 46c019ae69
51 changed files with 409 additions and 188 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
app/assets/javascripts/behaviors/preview_markdown.js
View File

@ -131,10 +131,13 @@ $(document).on('markdown-preview:show', (e, $form) => {
lastTextareaPreviewed = $form.find('textarea.markdown-area');
lastTextareaHeight = lastTextareaPreviewed.height();
// toggle tabs
$form.find(previewButtonSelector).val('edit');
$form.find(previewButtonSelector).children('span.gl-button-text').text(__('Continue editing'));
$form.find(previewButtonSelector).addClass('gl-shadow-none! gl-bg-transparent!');
const $previewButton = $form.find(previewButtonSelector);
if (!$previewButton.parents('.js-vue-markdown-field').length) {
$previewButton.val('edit');
$previewButton.children('span.gl-button-text').text(__('Continue editing'));
$previewButton.addClass('gl-shadow-none! gl-bg-transparent!');
}
// toggle content
$form.find('.md-write-holder').hide();
@ -154,9 +157,12 @@ $(document).on('markdown-preview:hide', (e, $form) => {
$form.find('textarea.markdown-area').height(lastTextareaHeight);
}
// toggle tabs
$form.find(previewButtonSelector).val('preview');
$form.find(previewButtonSelector).children('span.gl-button-text').text(__('Preview'));
const $previewButton = $form.find(previewButtonSelector);
if (!$previewButton.parents('.js-vue-markdown-field').length) {
$previewButton.val('preview');
$previewButton.children('span.gl-button-text').text(__('Preview'));
}
// toggle content
$form.find('.md-write-holder').show();

2
app/assets/javascripts/vue_shared/components/markdown/header.vue
View File

@ -263,7 +263,7 @@ export default {
<gl-button
v-if="enablePreview"
data-testid="preview-toggle"
value="preview"
:value="previewMarkdown ? 'preview' : 'edit'"
:label="$options.i18n.previewTabTitle"
class="js-md-preview-button gl-flex-direction-row-reverse gl-align-items-center gl-font-weight-normal! gl-mr-2"
size="small"

1
app/assets/stylesheets/components/related_items_list.scss
View File

@ -5,7 +5,6 @@ $item-remove-button-space: 42px;
.related-items-list {
padding: $gl-padding-4;
padding-right: $gl-padding-6;
border-bottom-left-radius: $gl-border-size-3;
border-bottom-right-radius: $gl-border-size-3;

10
app/assets/stylesheets/fonts.scss
View File

@ -1,3 +1,5 @@
$font-display: optional !default;
/* -------------------------------------------------------
Inter variable font.
@ -7,7 +9,7 @@ Usage:
@font-face {
font-family: 'GitLab Sans';
font-weight: 100 900;
font-display: optional;
font-display: $font-display;
font-style: normal;
/* stylelint-disable-next-line property-no-unknown */
font-named-instance: 'Regular';
@ -17,7 +19,7 @@ Usage:
@font-face {
font-family: 'GitLab Sans';
font-weight: 100 900;
font-display: optional;
font-display: $font-display;
font-style: italic;
/* stylelint-disable-next-line property-no-unknown */
font-named-instance: 'Regular';
@ -33,7 +35,7 @@ Usage:
@font-face {
font-family: 'GitLab Mono';
font-weight: 100 900;
font-display: optional;
font-display: $font-display;
font-style: normal;
src: font-url('gitlab-mono/GitLabMono.woff2') format('woff2');
}
@ -41,7 +43,7 @@ Usage:
@font-face {
font-family: 'GitLab Mono';
font-weight: 100 900;
font-display: optional;
font-display: $font-display;
font-style: italic;
src: font-url('gitlab-mono/GitLabMono-Italic.woff2') format('woff2');
}

1
app/assets/stylesheets/fonts_optional.scss Normal file
View File

@ -0,0 +1 @@
@import 'fonts';

3
app/assets/stylesheets/fonts_swap.scss Normal file
View File

@ -0,0 +1,3 @@
$font-display: swap;
@import 'fonts';

2
app/models/chat_name.rb
View File

@ -27,6 +27,6 @@ class ChatName < ApplicationRecord
end
def update_last_used_at?
last_used_at.nil? || last_used_at > LAST_USED_AT_INTERVAL.ago
last_used_at.nil? || last_used_at.before?(LAST_USED_AT_INTERVAL.ago)
end
end

1
app/models/concerns/repository_storage_movable.rb
View File

@ -49,6 +49,7 @@ module RepositoryStorageMovable
begin
storage_move.container.set_repository_read_only!(skip_git_transfer_check: true)
rescue StandardError => e
storage_move.do_fail!
storage_move.add_error(e.message)
next false
end

4
app/models/integration.rb
View File

@ -111,9 +111,7 @@ class Integration < ApplicationRecord
validate :validate_belongs_to_project_or_group
scope :external_issue_trackers, -> { where(category: 'issue_tracker').active }
# TODO: Will be modified in 15.0
# Details: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/74501#note_744393645
scope :third_party_wikis, -> { where(type: %w[Integrations::Confluence Integrations::Shimo]).active }
scope :third_party_wikis, -> { where(category: 'third_party_wiki').active }
scope :by_name, ->(name) { by_type(integration_name_to_type(name)) }
scope :external_wikis, -> { by_name(:external_wiki).active }
scope :active, -> { where(active: true) }

6
app/views/devise/sessions/_new_base.html.haml
View File

@ -15,14 +15,12 @@
= link_to _('Forgot your password?'), new_password_path(:user)
.form-group
- if Feature.enabled?(:arkose_labs_login_challenge)
= render_if_exists 'devise/sessions/arkose_labs'
- elsif captcha_enabled? || captcha_on_login_required?
- if captcha_enabled? || captcha_on_login_required?
= recaptcha_tags nonce: content_security_policy_nonce
- if remember_me_enabled?
.form-group
= f.gitlab_ui_checkbox_component :remember_me, _('Remember me'), checkbox_options: { autocomplete: 'off' }
= render Pajamas::ButtonComponent.new(type: :submit, variant: :confirm, block: true, button_options: { class: "js-sign-in-button #{'js-no-auto-disable' if Feature.enabled?(:arkose_labs_login_challenge)}", data: { qa_selector: 'sign_in_button', testid: 'sign-in-button' } }) do
= render Pajamas::ButtonComponent.new(type: :submit, variant: :confirm, block: true, button_options: { class: 'js-sign-in-button', data: { qa_selector: 'sign_in_button', testid: 'sign-in-button' } }) do
= _('Sign in')

5
app/views/layouts/_head.html.haml
View File

@ -38,7 +38,10 @@
= stylesheet_link_tag "disable_animations", media: "all" if Rails.env.test? || Gitlab.config.gitlab['disable_animations']
= stylesheet_link_tag "test_environment", media: "all" if Rails.env.test?
= stylesheet_link_tag_defer "fonts"
- if ::Feature.enabled?(:font_display_swap, current_user)
= stylesheet_link_tag_defer "fonts_swap"
- else
= stylesheet_link_tag_defer "fonts_optional"
= stylesheet_link_tag_defer "highlight/themes/#{user_color_scheme}"

6
app/views/layouts/_loading_hints.html.haml
View File

@ -17,6 +17,10 @@
-# Do not use preload_link_tag for fonts, to work around Firefox double-fetch bug.
-# See https://github.com/web-platform-tests/wpt/pull/36930
%link{ rel: 'preload', href: font_path('gitlab-sans/GitLabSans.woff2'), as: 'font', crossorigin: css_crossorigin }
%link{ rel: 'preload', href: font_path('gitlab-sans/GitLabSans-Italic.woff2'), as: 'font', crossorigin: css_crossorigin }
%link{ rel: 'preload', href: font_path('gitlab-mono/GitLabMono.woff2'), as: 'font', crossorigin: css_crossorigin }
%link{ rel: 'preload', href: font_path('gitlab-mono/GitLabMono-Italic.woff2'), as: 'font', crossorigin: css_crossorigin }
= preload_link_tag(path_to_stylesheet('fonts'), crossorigin: css_crossorigin)
- if ::Feature.enabled?(:font_display_swap, current_user)
= preload_link_tag(path_to_stylesheet('fonts_swap'), crossorigin: css_crossorigin)
- else
= preload_link_tag(path_to_stylesheet('fonts_optional'), crossorigin: css_crossorigin)

3
config/application.rb
View File

@ -367,7 +367,8 @@ module Gitlab
config.assets.precompile << "disable_animations.css"
config.assets.precompile << "test_environment.css"
config.assets.precompile << "snippets.css"
config.assets.precompile << "fonts.css"
config.assets.precompile << "fonts_optional.css"
config.assets.precompile << "fonts_swap.css"
config.assets.precompile << "locale/**/app.js"
config.assets.precompile << "emoji_sprites.css"
config.assets.precompile << "errors.css"

8
config/feature_flags/development/arkose_labs_prevent_login.yml
View File

@ -1,8 +0,0 @@
---
name: arkose_labs_prevent_login
introduced_by_url:
rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/358838
milestone: '14.10'
type: development
group: group::anti-abuse
default_enabled: false

10
config/feature_flags/development/arkose_labs_login_challenge.yml → config/feature_flags/development/font_display_swap.yml
View File

@ -1,8 +1,8 @@
---
name: arkose_labs_login_challenge
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/82751
rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/356171
milestone: '14.10'
name: font_display_swap
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/132798
rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/426437
milestone: '16.5'
type: development
group: group::anti-abuse
group: group::foundations
default_enabled: false

13
config/puma.rb.example
View File

@ -81,15 +81,10 @@ log_formatter do |str|
json_formatter.call(str)
end
lowlevel_error_handler do |ex, env|
if Raven.configuration.capture_allowed?
Raven.capture_exception(ex, tags: { 'handler': 'puma_low_level' }, extra: { puma_env: env })
end
require_relative "/home/git/gitlab/lib/gitlab/puma/error_handler"
if Sentry.configuration.sending_allowed?
Sentry.capture_exception(ex, tags: { 'handler': 'puma_low_level' }, extra: { puma_env: env })
end
error_handler = Gitlab::Puma::ErrorHandler.new(ENV['RAILS_ENV'] == 'production')
# note the below is just a Rack response
[500, {}, ["An error has occurred and reported in the system's low-level error handler."]]
lowlevel_error_handler do |ex, env, status_code|
error_handler.execute(ex, env, status_code)
end

25
db/migrate/20230921081527_add_queued_migration_version_to_batched_background_migrations.rb Normal file
View File

@ -0,0 +1,25 @@
# frozen_string_literal: true
class AddQueuedMigrationVersionToBatchedBackgroundMigrations < Gitlab::Database::Migration[2.1]
disable_ddl_transaction!
INDEX_NAME = 'unique_batched_background_migrations_queued_migration_version'
# rubocop:disable Migration/AddLimitToTextColumns
# limit is added in 20230921082223_add_limit_to_queued_migration_version_in_batched_background_migrations.rb
def up
add_column(:batched_background_migrations, :queued_migration_version, :text, if_not_exists: true)
add_concurrent_index(
:batched_background_migrations,
:queued_migration_version,
unique: true,
name: INDEX_NAME
)
end
# rubocop:enable Migration/AddLimitToTextColumns
def down
remove_column(:batched_background_migrations, :queued_migration_version, :text, if_exists: true)
end
end

14
db/migrate/20230921082223_add_limit_to_queued_migration_version_in_batched_background_migrations.rb Normal file
View File

@ -0,0 +1,14 @@
# frozen_string_literal: true
class AddLimitToQueuedMigrationVersionInBatchedBackgroundMigrations < Gitlab::Database::Migration[2.1]
disable_ddl_transaction!
def up
# 14 is set as the limit because the migration version is 14 chars in length
add_text_limit :batched_background_migrations, :queued_migration_version, 14
end
def down
remove_text_limit :batched_background_migrations, :queued_migration_version
end
end

1
db/schema_migrations/20230921081527 Normal file
View File

@ -0,0 +1 @@
9cc0cc5ea170c56f03224e71771c6638f31bf57ede060de51f7cbe181349c373

1
db/schema_migrations/20230921082223 Normal file
View File

@ -0,0 +1 @@
84b7cbffd811799e4d065e5488180f4335575589d0510d6f2ce1afe1c0bf6806

4
db/structure.sql
View File

@ -12567,9 +12567,11 @@ CREATE TABLE batched_background_migrations (
on_hold_until timestamp with time zone,
gitlab_schema text NOT NULL,
finished_at timestamp with time zone,
queued_migration_version text,
CONSTRAINT check_0406d9776f CHECK ((char_length(gitlab_schema) <= 255)),
CONSTRAINT check_5bb0382d6f CHECK ((char_length(column_name) <= 63)),
CONSTRAINT check_6b6a06254a CHECK ((char_length(table_name) <= 63)),
CONSTRAINT check_713f147aea CHECK ((char_length(queued_migration_version) <= 14)),
CONSTRAINT check_batch_size_in_range CHECK ((batch_size >= sub_batch_size)),
CONSTRAINT check_e6c75b1e29 CHECK ((char_length(job_class_name) <= 100)),
CONSTRAINT check_fe10674721 CHECK ((char_length(batch_class_name) <= 100)),
@ -34845,6 +34847,8 @@ CREATE UNIQUE INDEX unique_amazon_s3_configurations_namespace_id_and_bucket_name
CREATE UNIQUE INDEX unique_amazon_s3_configurations_namespace_id_and_name ON audit_events_amazon_s3_configurations USING btree (namespace_id, name);
CREATE UNIQUE INDEX unique_batched_background_migrations_queued_migration_version ON batched_background_migrations USING btree (queued_migration_version);
CREATE UNIQUE INDEX unique_ci_builds_token_encrypted_and_partition_id ON ci_builds USING btree (token_encrypted, partition_id) WHERE (token_encrypted IS NOT NULL);
CREATE UNIQUE INDEX unique_external_audit_event_destination_namespace_id_and_name ON audit_events_external_audit_event_destinations USING btree (namespace_id, name);

31
doc/api/merge_request_context_commits.md
View File

@ -55,29 +55,38 @@ Parameters:
|---------------------|---------|----------|-------------|
| `id` | integer | Yes | The ID or [URL-encoded path of the project](rest/index.md#namespaced-path-encoding) owned by the authenticated user |
| `merge_request_iid` | integer | Yes | The internal ID of the merge request. |
| `commits` | string array | Yes | The context commits' SHAs. |
```plaintext
POST /projects/:id/merge_requests/
Example request:
```shell
curl --request POST --header "PRIVATE-TOKEN: <your_access_token>" \
--header 'Content-Type: application/json' \
--data '{"commits": ["51856a574ac3302a95f82483d6c7396b1e0783cb"]}' \
https://gitlab.example.com/api/v4/projects/15/merge_requests/12/context_commits
```
| Attribute | Type | Required | Description |
| --------- | ---- | -------- | ----------- |
| `commits` | string array | Yes | The context commits' SHA. |
Example response:
```json
[
{
"id": "6d394385cf567f80a8fd85055db1ab4c5295806f",
"message": "Added contributing guide\n\nSigned-off-by: Example User <user@example.com>\n",
"id": "51856a574ac3302a95f82483d6c7396b1e0783cb",
"short_id": "51856a57",
"created_at": "2014-02-27T10:05:10.000+02:00",
"parent_ids": [
"1a0b36b3cdad1d2ee32457c102a8c0b7056fa863"
"57a82e2180507c9e12880c0747f0ea65ad489515"
],
"authored_date": "2014-02-27T10:05:10.000+02:00",
"title": "Commit title",
"message": "Commit message",
"author_name": "Example User",
"author_email": "user@example.com",
"committed_date": "2014-02-27T10:05:10.000+02:00",
"authored_date": "2014-02-27T10:05:10.000+02:00",
"committer_name": "Example User",
"committer_email": "user@example.com"
"committer_email": "user@example.com",
"committed_date": "2014-02-27T10:05:10.000+02:00",
"trailers": {},
"web_url": "https://gitlab.example.com/project/path/-/commit/b782f6c553653ab4e16469ff34bf3a81638ac304"
}
]
```

8
doc/architecture/blueprints/email_ingestion/index.md
View File

@ -3,8 +3,8 @@ status: proposed
creation-date: "2023-06-05"
authors: [ "@msaleiko" ]
coach: "@stanhu"
approvers: [ "@kbychu", "@bmarnane" ]
owning-stage: "~devops::monitor"
approvers: [ ]
owning-stage: ""
participating-stages: [ "~group::incubation" ]
---
@ -162,8 +162,8 @@ The current setup limits us and only allows to fetch two email addresses. To pub
## Additional resources
- [Draft issue for this blueprint](https://gitlab.com/gitlab-org/gitlab/-/issues/393157)
- [Meta issue for this design document](https://gitlab.com/gitlab-org/gitlab/-/issues/393157)
## Timeline
- 2023-XX-XX: The initial version of the blueprint has been merged.
- 2023-09-26: The initial version of the blueprint has been merged.

2
doc/ci/runners/runners_scope.md
View File

@ -5,7 +5,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w
type: reference
---
# Manage runners
# Manage runners **(FREE ALL)**
GitLab Runner has the following types of runners, which are available based on who you want to have access:

15
doc/development/internal_analytics/metrics/index.md Normal file
View File

@ -0,0 +1,15 @@
---
stage: Analyze
group: Analytics Instrumentation
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Metrics
This page provides an overview for pages related to metrics in internal analytics at GitLab.
This page is a work in progress. If you have access to the GitLab Slack workspace, use the
`#g_analyze_analytics_instrumentation` channel for any questions or clarifications.
- [Metrics Dictionary Guide](metrics_dictionary.md)
- [Metrics Lifecycle](metrics_lifecycle.md)

31
doc/integration/arkose.md
View File

@ -13,11 +13,7 @@ Arkose Protect on GitLab.com. While this feature is theoretically usable in self
is not recommended at the moment.
GitLab integrates [Arkose Protect](https://www.arkoselabs.com/arkose-protect/) to guard against
credential stuffing and bots in the sign-in form. GitLab triggers Arkose Protect if the user:
- Has never signed in before.
- Has failed to sign in twice in a row.
- Has not signed in during the past three months.
malicious users from creating accounts.
## How does it work?
@ -31,7 +27,7 @@ sequenceDiagram
participant U as User
participant G as GitLab
participant A as Arkose Labs
U->>G: User loads form <br />(POST /api/:version/users/captcha_check)
U->>G: User loads signup form
G->>A: Sends device fingerprint and telemetry
A->>U: Returns Session token and decision on if to challenge
opt Requires Challenge
@ -52,21 +48,6 @@ sequenceDiagram
Depending on the risk score received, a user might be required to perform up to three stages of [identity verification](../security/identity_verification.md) to register an account.
## How do we treat malicious sign-in attempts?
Users are not denied access if Arkose Protect considers they are malicious. However,
their risk score is exposed in the administrator console so that we can make more informed decisions when it
comes to manually blocking users. When we decide to block a user, feedback is sent to ArkoseLabs to
improve their risk prediction model.
NOTE:
Enabling the `arkose_labs_prevent_login` feature flag results in sessions with a `High` risk
score being denied access. So far, we have kept this feature flag disabled to evaluate Arkose Protect
predictions and to make sure we are not preventing legitimate users from signing in.
That said, we have seen that interactive challenges are effective in preventing some malicious
sign-in attempts as not completing them prevents attackers from moving on to the next sign-in step.
## Configuration
To enable Arkose Protect:
@ -76,17 +57,11 @@ To enable Arkose Protect:
1. Enable the ArkoseLabs login challenge. Run the following commands in the Rails console, replacing `<your_public_api_key>` and `<your_private_api_key>` with your own API keys.
```ruby
Feature.enable(:arkose_labs_login_challenge)
Feature.enable(:arkose_labs_signup_challenge)
ApplicationSetting.current.update(arkose_labs_public_api_key: '<your_public_api_key>')
ApplicationSetting.current.update(arkose_labs_private_api_key: '<your_private_api_key>')
```
1. Optional. To prevent high risk sessions from signing, enable the `arkose_labs_prevent_login` feature flag. Run the following command in the Rails console:
```ruby
Feature.enable(:arkose_labs_prevent_login)
```
## Triage and debug ArkoseLabs issues
You can triage and debug issues raised by ArkoseLabs with:

1
lib/generators/batched_background_migration/templates/batched_background_migration_dictionary.template
View File

@ -4,3 +4,4 @@ description: # Please capture what <%= class_name %> does
feature_category: <%= feature_category %>
introduced_by_url: # URL of the MR (or issue/commit) that introduced the migration
milestone: <%= current_milestone %>
queued_migration_version: <%= migration_number %>

1
lib/generators/batched_background_migration/templates/queue_batched_background_migration.template
View File

@ -17,6 +17,7 @@ class <%= migration_class_name %> < Gitlab::Database::Migration[<%= Gitlab::Data
:<%= table_name %>,
:<%= column_name %>,
job_interval: DELAY_INTERVAL,
queued_migration_version: '<%= migration_number %>',
batch_size: BATCH_SIZE,
sub_batch_size: SUB_BATCH_SIZE
)

2
lib/gitlab/ci/pipeline/chain/validate/abilities.rb
View File

@ -19,7 +19,7 @@ module Gitlab
end
if project.import_in_progress?
return error('Import in progress')
return error('You cannot run pipelines before project import is complete.')
end
unless allowed_to_create_pipeline?

60
lib/gitlab/database/migrations/batched_background_migration_helpers.rb
View File

@ -38,6 +38,10 @@ module Gitlab
# batch_class_name - The name of the class that will be called to find the range of each next batch
# batch_size - The maximum number of rows per job
# sub_batch_size - The maximum number of rows processed per "iteration" within the job
# queued_migration_version - Version of the migration that queues the BBM, this is used to establish dependecies
#
# queued_migration_version is made optional temporarily to allow prior migrations to not fail,
# https://gitlab.com/gitlab-org/gitlab/-/issues/426417 will make it mandatory.
#
# *Returns the created BatchedMigration record*
#
@ -63,6 +67,7 @@ module Gitlab
batch_column_name,
*job_arguments,
job_interval:,
queued_migration_version: nil,
batch_min_value: BATCH_MIN_VALUE,
batch_max_value: nil,
batch_class_name: BATCH_CLASS_NAME,
@ -113,27 +118,13 @@ module Gitlab
"(given #{job_arguments.count}, expected #{migration.job_class.job_arguments_count})"
end
# Below `BatchedMigration` attributes were introduced after the
# initial `batched_background_migrations` table was created, so any
# migrations that ran relying on initial table schema would not know
# about columns introduced later on because this model is not
# isolated in migrations, which is why we need to check for existence
# of these columns first.
if migration.respond_to?(:max_batch_size)
migration.max_batch_size = max_batch_size
end
if migration.respond_to?(:total_tuple_count)
# We keep track of the estimated number of tuples to reason later
# about the overall progress of a migration.
migration.total_tuple_count = Gitlab::Database::SharedModel.using_connection(connection) do
Gitlab::Database::PgClass.for_table(batch_table_name)&.cardinality_estimate
end
end
if migration.respond_to?(:gitlab_schema)
migration.gitlab_schema = gitlab_schema
end
assign_attribtues_safely(
migration,
max_batch_size,
batch_table_name,
gitlab_schema,
queued_migration_version
)
migration.save!
migration
@ -244,6 +235,33 @@ module Gitlab
"\n\n" \
"\thttps://docs.gitlab.com/ee/update/background_migrations.html#database-migrations-failing-because-of-batched-background-migration-not-finished"
end
private
# Below `BatchedMigration` attributes were introduced after the
# initial `batched_background_migrations` table was created, so any
# migrations that ran relying on initial table schema would not know
# about columns introduced later on because this model is not
# isolated in migrations, which is why we need to check for existence
# of these columns first.
def assign_attribtues_safely(migration, max_batch_size, batch_table_name, gitlab_schema, queued_migration_version)
# We keep track of the estimated number of tuples in 'total_tuple_count' to reason later
# about the overall progress of a migration.
safe_attributes_value = {
max_batch_size: max_batch_size,
total_tuple_count: Gitlab::Database::SharedModel.using_connection(connection) do
Gitlab::Database::PgClass.for_table(batch_table_name)&.cardinality_estimate
end,
gitlab_schema: gitlab_schema,
queued_migration_version: queued_migration_version
}
# rubocop:disable GitlabSecurity/PublicSend
safe_attributes_value.each do |safe_attribute, value|
migration.public_send("#{safe_attribute}=", value) if migration.respond_to?(safe_attribute)
end
# rubocop:enable GitlabSecurity/PublicSend
end
end
end
end

2
lib/gitlab/health_checks/puma_check.rb
View File

@ -20,7 +20,7 @@ module Gitlab
def check
return unless Gitlab::Runtime.puma?
stats = Puma.stats
stats = ::Puma.stats
stats = Gitlab::Json.parse(stats)
# If `workers` is missing this means that

2
lib/gitlab/metrics/samplers/puma_sampler.rb
View File

@ -40,7 +40,7 @@ module Gitlab
private
def puma_stats
Puma.stats
::Puma.stats
rescue NoMethodError
Gitlab::AppLogger.info "PumaSampler: stats are not available yet, waiting for Puma to boot"
nil

41
lib/gitlab/puma/error_handler.rb Normal file
View File

@ -0,0 +1,41 @@
# frozen_string_literal: true
module Gitlab
module Puma
class ErrorHandler
PROD_ERROR_MESSAGE = "An error has occurred and reported in the system's low-level error handler."
DEV_ERROR_MESSAGE = <<~MSG
Server Error: An error has been caught by Puma's low-level error handler.
Read the Puma section of the troubleshooting docs for next steps - https://gitlab.com/gitlab-org/gitlab-development-kit/-/blob/main/doc/troubleshooting/index.md#puma.
MSG
def initialize(is_production)
@is_production = is_production
end
def execute(ex, env, status_code)
# Puma v6.4.0 added the status_code argument in
# https://github.com/puma/puma/pull/3094
status_code ||= 500
if Raven.configuration.capture_allowed?
Raven.capture_exception(ex, tags: { handler: 'puma_low_level' },
extra: { puma_env: env, status_code: status_code })
end
# note the below is just a Rack response
[status_code, {}, message]
end
private
def message
if @is_production
PROD_ERROR_MESSAGE
else
DEV_ERROR_MESSAGE
end
end
end
end
end

8
lib/gitlab/runtime.rb
View File

@ -78,16 +78,16 @@ module Gitlab
def puma_in_clustered_mode?
return unless puma?
return unless Puma.respond_to?(:cli_config)
return unless ::Puma.respond_to?(:cli_config)
Puma.cli_config.options[:workers].to_i > 0
::Puma.cli_config.options[:workers].to_i > 0
end
def max_threads
threads = 1 # main thread
if puma? && Puma.respond_to?(:cli_config)
threads += Puma.cli_config.options[:max_threads]
if puma? && ::Puma.respond_to?(:cli_config)
threads += ::Puma.cli_config.options[:max_threads]
elsif sidekiq?
# 2 extra threads for the pollers in Sidekiq and Sidekiq Cron:
# https://github.com/ondrejbartas/sidekiq-cron#under-the-hood

6
locale/gitlab.pot
View File

@ -12105,9 +12105,6 @@ msgstr ""
msgid "Complete"
msgstr ""
msgid "Complete verification to sign in."
msgstr ""
msgid "Complete verification to sign up."
msgstr ""
@ -43806,9 +43803,6 @@ msgstr ""
msgid "Session duration (minutes)"
msgstr ""
msgid "Session|Unable to verify the user. An error occurred when loading the user verification challenge. Refresh to try again."
msgstr ""
msgid "Set %{epic_ref} as the parent epic."
msgstr ""

2
package.json
View File

@ -257,7 +257,7 @@
"cheerio": "^1.0.0-rc.9",
"commander": "^2.20.3",
"custom-jquery-matchers": "^2.1.0",
"eslint": "8.49.0",
"eslint": "8.50.0",
"eslint-import-resolver-jest": "3.0.2",
"eslint-import-resolver-webpack": "0.13.7",
"eslint-plugin-import": "^2.28.1",

15
qa/qa/page/main/login.rb
View File

@ -153,10 +153,6 @@ module QA
has_css?(".active", text: 'Standard')
end
def has_arkose_labs_token?
has_css?('[name="arkose_labs_token"][value]', visible: false)
end
def has_accept_all_cookies_button?
has_button?('Accept All Cookies')
end
@ -235,16 +231,7 @@ module QA
fill_in_credential(user)
if Runtime::Env.running_on_dot_com?
click_accept_all_cookies if has_accept_all_cookies_button?
# Arkose only appears in staging.gitlab.com, gitlab.com, etc...
# Wait until the ArkoseLabs challenge has initialized
Support::WaitForRequests.wait_for_requests
Support::Waiter.wait_until(max_duration: 5, reload_page: false, raise_on_failure: false) do
has_arkose_labs_token?
end
end
click_accept_all_cookies if Runtime::Env.running_on_dot_com? && has_accept_all_cookies_button?
click_element :sign_in_button

4
qa/qa/specs/features/browser_ui/4_verify/ci_variable/custom_variable_spec.rb
View File

@ -60,9 +60,9 @@ module QA
Page::Project::Pipeline::Show.perform do |show|
Support::Waiter.wait_until { show.passed? }
end
create(:job, id: project.job_by_name(pipeline_job_name)[:id], name: pipeline_job_name, project: project).visit!
show.click_job(pipeline_job_name)
end
Page::Project::Job::Show.perform do |show|
expect(show.output).to have_content(variable_custom_value)

4
spec/controllers/sessions_controller_spec.rb
View File

@ -195,10 +195,6 @@ RSpec.describe SessionsController, feature_category: :system_access do
end
context 'with reCAPTCHA' do
before do
stub_feature_flags(arkose_labs_login_challenge: false)
end
def unsuccesful_login(user_params, sesion_params: {})
# Without this, `verify_recaptcha` arbitrarily returns true in test env
Recaptcha.configuration.skip_verify_env.delete('test')

11
spec/features/issues/user_comments_on_issue_spec.rb
View File

@ -52,6 +52,17 @@ RSpec.describe "User comments on issue", :js, feature_category: :team_planning d
expect(find_highlighted_autocomplete_item).to have_content('/label')
end
it "switches back to edit mode if a comment is submitted in preview mode" do
fill_in 'Comment', with: 'just a regular comment'
click_button 'Preview'
expect(page).to have_content('Continue editing')
click_button 'Comment'
expect(page).not_to have_content('Continue editing')
end
end
context "when editing comments" do

14
spec/lib/generators/batched_background_migration/batched_background_migration_generator_spec.rb
View File

@ -33,7 +33,7 @@ RSpec.describe BatchedBackgroundMigration::BatchedBackgroundMigrationGenerator,
end
assert_migration('db/post_migrate/queue_my_batched_migration.rb') do |migration_file|
expect(migration_file).to eq(expected_migration_file)
expect(migration_file).to eq(expected_migration_file.gsub('<migration_version>', fetch_migration_version))
end
assert_migration('spec/migrations/queue_my_batched_migration_spec.rb') do |migration_spec_file|
@ -54,7 +54,7 @@ RSpec.describe BatchedBackgroundMigration::BatchedBackgroundMigrationGenerator,
end
let(:expected_ee_migration_job_file) { load_expected_file('ee_my_batched_migration.txt') }
let(:expected_migration_job_spec_file) { load_expected_file('my_batched_migration_spec_matcher.txt') }
let(:expected_migration_job_spec_file) { load_expected_file('my_batched_migration_spec.txt') }
include_examples "generates files common to both types of migrations",
'foss_my_batched_migration.txt',
@ -78,7 +78,7 @@ RSpec.describe BatchedBackgroundMigration::BatchedBackgroundMigrationGenerator,
run_generator %w[my_batched_migration --table_name=projects --column_name=id --feature_category=database]
end
let(:expected_migration_job_spec_file) { load_expected_file('my_batched_migration_spec_matcher.txt') }
let(:expected_migration_job_spec_file) { load_expected_file('my_batched_migration_spec.txt') }
include_examples "generates files common to both types of migrations",
'my_batched_migration.txt',
@ -88,8 +88,7 @@ RSpec.describe BatchedBackgroundMigration::BatchedBackgroundMigrationGenerator,
it 'generates expected files' do
assert_file('spec/lib/gitlab/background_migration/my_batched_migration_spec.rb') do |migration_job_spec_file|
# Regex is used to match the dynamic schema: <version> in the specs
expect(migration_job_spec_file).to match(/#{expected_migration_job_spec_file}/)
expect(migration_job_spec_file).to eq(expected_migration_job_spec_file)
end
end
end
@ -99,4 +98,9 @@ RSpec.describe BatchedBackgroundMigration::BatchedBackgroundMigrationGenerator,
def load_expected_file(file_name)
File.read(File.expand_path("expected_files/#{file_name}", __dir__))
end
def fetch_migration_version
@migration_version ||= migration_file_name('db/post_migrate/queue_my_batched_migration.rb')
.match(%r{post_migrate/([0-9]+)_queue_my_batched_migration.rb})[1]
end
end

1
spec/lib/generators/batched_background_migration/expected_files/my_batched_migration_dictionary_matcher.txt
View File

@ -4,3 +4,4 @@ description: # Please capture what MyBatchedMigration does
feature_category: database
introduced_by_url: # URL of the MR \(or issue/commit\) that introduced the migration
milestone: [0-9\.]+
queued_migration_version: [0-9]+

0
spec/lib/generators/batched_background_migration/expected_files/my_batched_migration_spec_matcher.txt → spec/lib/generators/batched_background_migration/expected_files/my_batched_migration_spec.txt
View File

1
spec/lib/generators/batched_background_migration/expected_files/queue_my_batched_migration.txt
View File

@ -17,6 +17,7 @@ class QueueMyBatchedMigration < Gitlab::Database::Migration[2.1]
:projects,
:id,
job_interval: DELAY_INTERVAL,
queued_migration_version: '<migration_version>',
batch_size: BATCH_SIZE,
sub_batch_size: SUB_BATCH_SIZE
)

2
spec/lib/gitlab/ci/pipeline/chain/validate/abilities_spec.rb
View File

@ -92,7 +92,7 @@ RSpec.describe Gitlab::Ci::Pipeline::Chain::Validate::Abilities, feature_categor
it 'adds an error about imports' do
expect(pipeline.errors.to_a)
.to include /Import in progress/
.to include /before project import is complete/
end
it 'breaks the pipeline builder chain' do

57
spec/lib/gitlab/database/migrations/batched_background_migration_helpers_spec.rb
View File

@ -2,7 +2,7 @@
require 'spec_helper'
RSpec.describe Gitlab::Database::Migrations::BatchedBackgroundMigrationHelpers do
RSpec.describe Gitlab::Database::Migrations::BatchedBackgroundMigrationHelpers, feature_category: :database do
let(:migration_class) do
Class.new(ActiveRecord::Migration[6.1])
.include(described_class)
@ -70,39 +70,54 @@ RSpec.describe Gitlab::Database::Migrations::BatchedBackgroundMigrationHelpers d
end
end
it 'creates the database record for the migration' do
expect(Gitlab::Database::PgClass).to receive(:for_table).with(:projects).and_return(pgclass_info)
context "when the migration doesn't exist already" do
before do
allow(Gitlab::Database::PgClass).to receive(:for_table).with(:projects).and_return(pgclass_info)
end
expect do
subject(:enqueue_batched_background_migration) do
migration.queue_batched_background_migration(
job_class.name,
:projects,
:id,
job_interval: 5.minutes,
queued_migration_version: format("%.14d", 123),
batch_min_value: 5,
batch_max_value: 1000,
batch_class_name: 'MyBatchClass',
batch_size: 100,
max_batch_size: 10000,
sub_batch_size: 10,
gitlab_schema: :gitlab_ci)
end.to change { Gitlab::Database::BackgroundMigration::BatchedMigration.count }.by(1)
gitlab_schema: :gitlab_ci
)
end
expect(Gitlab::Database::BackgroundMigration::BatchedMigration.last).to have_attributes(
job_class_name: 'MyJobClass',
table_name: 'projects',
column_name: 'id',
interval: 300,
min_value: 5,
max_value: 1000,
batch_class_name: 'MyBatchClass',
batch_size: 100,
max_batch_size: 10000,
sub_batch_size: 10,
job_arguments: %w[],
status_name: :active,
total_tuple_count: pgclass_info.cardinality_estimate,
gitlab_schema: 'gitlab_ci')
it 'enqueues exactly one batched migration' do
expect { enqueue_batched_background_migration }
.to change { Gitlab::Database::BackgroundMigration::BatchedMigration.count }.by(1)
end
it 'creates the database record for the migration' do
batched_background_migration = enqueue_batched_background_migration
expect(batched_background_migration.reload).to have_attributes(
job_class_name: 'MyJobClass',
table_name: 'projects',
column_name: 'id',
interval: 300,
min_value: 5,
max_value: 1000,
batch_class_name: 'MyBatchClass',
batch_size: 100,
max_batch_size: 10000,
sub_batch_size: 10,
job_arguments: %w[],
status_name: :active,
total_tuple_count: pgclass_info.cardinality_estimate,
gitlab_schema: 'gitlab_ci',
queued_migration_version: format("%.14d", 123)
)
end
end
context 'when the job interval is lower than the minimum' do

85
spec/lib/gitlab/puma/error_handler_spec.rb Normal file
View File

@ -0,0 +1,85 @@
# frozen_string_literal: true
require 'spec_helper'
RSpec.describe Gitlab::Puma::ErrorHandler, feature_category: :shared do
subject { described_class.new(is_production) }
let(:is_production) { true }
let(:ex) { StandardError.new('Sample error message') }
let(:env) { {} }
let(:status_code) { 500 }
describe '#execute' do
it 'captures the exception and returns a Rack response' do
allow(Raven.configuration).to receive(:capture_allowed?).and_return(true)
expect(Raven).to receive(:capture_exception).with(
ex,
tags: { handler: 'puma_low_level' },
extra: { puma_env: env, status_code: status_code }
).and_call_original
status, headers, message = subject.execute(ex, env, status_code)
expect(status).to eq(500)
expect(headers).to eq({})
expect(message).to eq(described_class::PROD_ERROR_MESSAGE)
end
context 'when capture is not allowed' do
it 'returns a Rack response without capturing the exception' do
allow(Raven.configuration).to receive(:capture_allowed?).and_return(false)
expect(Raven).not_to receive(:capture_exception)
status, headers, message = subject.execute(ex, env, status_code)
expect(status).to eq(500)
expect(headers).to eq({})
expect(message).to eq(described_class::PROD_ERROR_MESSAGE)
end
end
context 'when not in production' do
let(:is_production) { false }
it 'returns a Rack response with dev error message' do
allow(Raven.configuration).to receive(:capture_allowed?).and_return(true)
status, headers, message = subject.execute(ex, env, status_code)
expect(status).to eq(500)
expect(headers).to eq({})
expect(message).to eq(described_class::DEV_ERROR_MESSAGE)
end
end
context 'when status code is nil' do
let(:status_code) { 500 }
it 'defaults to error 500' do
allow(Raven.configuration).to receive(:capture_allowed?).and_return(false)
expect(Raven).not_to receive(:capture_exception)
status, headers, message = subject.execute(ex, env, status_code)
expect(status).to eq(500)
expect(headers).to eq({})
expect(message).to eq(described_class::PROD_ERROR_MESSAGE)
end
end
context 'when status code is provided' do
let(:status_code) { 404 }
it 'uses the provided status code in the response' do
allow(Raven.configuration).to receive(:capture_allowed?).and_return(true)
status, headers, message = subject.execute(ex, env, status_code)
expect(status).to eq(404)
expect(headers).to eq({})
expect(message).to eq(described_class::PROD_ERROR_MESSAGE)
end
end
end
end

16
spec/models/chat_name_spec.rb
View File

@ -33,6 +33,22 @@ RSpec.describe ChatName, feature_category: :integrations do
expect(subject.last_used_at).to eq(time)
end
it 'updates last_used_at if it was not recently updated' do
allow_next_instance_of(Gitlab::ExclusiveLease) do |lease|
allow(lease).to receive(:try_obtain).and_return('successful_lease_guid')
end
subject.update_last_used_at
new_time = ChatName::LAST_USED_AT_INTERVAL.from_now + 5.minutes
travel_to(new_time) do
subject.update_last_used_at
end
expect(subject.last_used_at).to be_like_time(new_time)
end
end
it_behaves_like 'it has loose foreign keys' do

4
spec/spec_helper.rb
View File

@ -330,10 +330,6 @@ RSpec.configure do |config|
stub_feature_flags(disable_anonymous_project_search: false)
stub_feature_flags(disable_cancel_redundant_pipelines_service: false)
# Specs should not get a CAPTCHA challenge by default, this makes the sign-in flow simpler in
# most cases. We do test the CAPTCHA flow in the appropriate specs.
stub_feature_flags(arkose_labs_login_challenge: false)
# Specs should not require email verification by default, this makes the sign-in flow simpler in
# most cases. We do test the email verification flow in the appropriate specs.
stub_feature_flags(require_email_verification: false)

13
spec/support/shared_examples/models/concerns/repository_storage_movable_shared_examples.rb
View File

@ -71,14 +71,21 @@ RSpec.shared_examples 'handles repository moves' do
end
context 'when the transition fails' do
it 'does not trigger the corresponding repository storage worker and adds an error' do
before do
allow(storage_move.container).to receive(:set_repository_read_only!).and_raise(StandardError, 'foobar')
end
it 'does not trigger the corresponding repository storage worker and adds an error' do
expect(repository_storage_worker).not_to receive(:perform_async)
storage_move.schedule!
expect(storage_move.errors[error_key]).to include('foobar')
end
it 'sets the state to failed' do
expect(storage_move).to receive(:do_fail!).and_call_original
storage_move.schedule!
expect(storage_move.state_name).to eq(:failed)
end
end
end

18
yarn.lock
View File

@ -1194,10 +1194,10 @@
minimatch "^3.1.2"
strip-json-comments "^3.1.1"
"@eslint/js@8.49.0":
version "8.49.0"
resolved "https://registry.yarnpkg.com/@eslint/js/-/js-8.49.0.tgz#86f79756004a97fa4df866835093f1df3d03c333"
integrity sha512-1S8uAY/MTJqVx0SC4epBq+N2yhuwtNwLbJYNZyhL2pO1ZVKn5HFXav5T41Ryzy9K9V7ZId2JB2oy/W4aCd9/2w==
"@eslint/js@8.50.0":
version "8.50.0"
resolved "https://registry.yarnpkg.com/@eslint/js/-/js-8.50.0.tgz#9e93b850f0f3fa35f5fa59adfd03adae8488e484"
integrity sha512-NCC3zz2+nvYd+Ckfh87rA47zfu2QsQpvc6k1yzTk+b9KzRj0wkGa8LSoGOXN6Zv4lRf/EIoZ80biDh9HOI+RNQ==
"@floating-ui/core@^1.2.6":
version "1.2.6"
@ -6329,15 +6329,15 @@ eslint-visitor-keys@^3.3.0, eslint-visitor-keys@^3.4.1, eslint-visitor-keys@^3.4
resolved "https://registry.yarnpkg.com/eslint-visitor-keys/-/eslint-visitor-keys-3.4.3.tgz#0cd72fe8550e3c2eae156a96a4dddcd1c8ac5800"
integrity sha512-wpc+LXeiyiisxPlEkUzU6svyS1frIO3Mgxj1fdy7Pm8Ygzguax2N3Fa/D/ag1WqbOprdI+uY6wMUl8/a2G+iag==
eslint@8.49.0:
version "8.49.0"
resolved "https://registry.yarnpkg.com/eslint/-/eslint-8.49.0.tgz#09d80a89bdb4edee2efcf6964623af1054bf6d42"
integrity sha512-jw03ENfm6VJI0jA9U+8H5zfl5b+FvuU3YYvZRdZHOlU2ggJkxrlkJH4HcDrZpj6YwD8kuYqvQM8LyesoazrSOQ==
eslint@8.50.0:
version "8.50.0"
resolved "https://registry.yarnpkg.com/eslint/-/eslint-8.50.0.tgz#2ae6015fee0240fcd3f83e1e25df0287f487d6b2"
integrity sha512-FOnOGSuFuFLv/Sa+FDVRZl4GGVAAFFi8LecRsI5a1tMO5HIE8nCm4ivAlzt4dT3ol/PaaGC0rJEEXQmHJBGoOg==
dependencies:
"@eslint-community/eslint-utils" "^4.2.0"
"@eslint-community/regexpp" "^4.6.1"
"@eslint/eslintrc" "^2.1.2"
"@eslint/js" "8.49.0"
"@eslint/js" "8.50.0"
"@humanwhocodes/config-array" "^0.11.11"
"@humanwhocodes/module-importer" "^1.0.1"
"@nodelib/fs.walk" "^1.2.8"