From 46c019ae69759f91eb6e71e4aa4dd9b23b136f60 Mon Sep 17 00:00:00 2001 From: GitLab Bot Date: Thu, 28 Sep 2023 18:12:54 +0000 Subject: [PATCH] Add latest changes from gitlab-org/gitlab@master --- .../javascripts/behaviors/preview_markdown.js | 20 +++-- .../vue_shared/components/markdown/header.vue | 2 +- .../components/related_items_list.scss | 1 - app/assets/stylesheets/fonts.scss | 10 ++- app/assets/stylesheets/fonts_optional.scss | 1 + app/assets/stylesheets/fonts_swap.scss | 3 + app/models/chat_name.rb | 2 +- .../concerns/repository_storage_movable.rb | 1 + app/models/integration.rb | 4 +- app/views/devise/sessions/_new_base.html.haml | 6 +- app/views/layouts/_head.html.haml | 5 +- app/views/layouts/_loading_hints.html.haml | 6 +- config/application.rb | 3 +- .../development/arkose_labs_prevent_login.yml | 8 -- ...in_challenge.yml => font_display_swap.yml} | 10 +-- config/puma.rb.example | 13 +-- ...ersion_to_batched_background_migrations.rb | 25 ++++++ ...ersion_in_batched_background_migrations.rb | 14 +++ db/schema_migrations/20230921081527 | 1 + db/schema_migrations/20230921082223 | 1 + db/structure.sql | 4 + doc/api/merge_request_context_commits.md | 31 ++++--- .../blueprints/email_ingestion/index.md | 8 +- doc/ci/runners/runners_scope.md | 2 +- .../internal_analytics/metrics/index.md | 15 ++++ doc/integration/arkose.md | 31 +------ ...d_background_migration_dictionary.template | 1 + ...ueue_batched_background_migration.template | 1 + .../ci/pipeline/chain/validate/abilities.rb | 2 +- .../batched_background_migration_helpers.rb | 60 ++++++++----- lib/gitlab/health_checks/puma_check.rb | 2 +- lib/gitlab/metrics/samplers/puma_sampler.rb | 2 +- lib/gitlab/puma/error_handler.rb | 41 +++++++++ lib/gitlab/runtime.rb | 8 +- locale/gitlab.pot | 6 -- package.json | 2 +- qa/qa/page/main/login.rb | 15 +--- .../ci_variable/custom_variable_spec.rb | 4 +- spec/controllers/sessions_controller_spec.rb | 4 - .../issues/user_comments_on_issue_spec.rb | 11 +++ ...hed_background_migration_generator_spec.rb | 14 +-- ...y_batched_migration_dictionary_matcher.txt | 1 + ...cher.txt => my_batched_migration_spec.txt} | 0 .../queue_my_batched_migration.txt | 1 + .../pipeline/chain/validate/abilities_spec.rb | 2 +- ...tched_background_migration_helpers_spec.rb | 57 ++++++++----- spec/lib/gitlab/puma/error_handler_spec.rb | 85 +++++++++++++++++++ spec/models/chat_name_spec.rb | 16 ++++ spec/spec_helper.rb | 4 - ...ository_storage_movable_shared_examples.rb | 13 ++- yarn.lock | 18 ++-- 51 files changed, 409 insertions(+), 188 deletions(-) create mode 100644 app/assets/stylesheets/fonts_optional.scss create mode 100644 app/assets/stylesheets/fonts_swap.scss delete mode 100644 config/feature_flags/development/arkose_labs_prevent_login.yml rename config/feature_flags/development/{arkose_labs_login_challenge.yml => font_display_swap.yml} (63%) create mode 100644 db/migrate/20230921081527_add_queued_migration_version_to_batched_background_migrations.rb create mode 100644 db/migrate/20230921082223_add_limit_to_queued_migration_version_in_batched_background_migrations.rb create mode 100644 db/schema_migrations/20230921081527 create mode 100644 db/schema_migrations/20230921082223 create mode 100644 doc/development/internal_analytics/metrics/index.md create mode 100644 lib/gitlab/puma/error_handler.rb rename spec/lib/generators/batched_background_migration/expected_files/{my_batched_migration_spec_matcher.txt => my_batched_migration_spec.txt} (100%) create mode 100644 spec/lib/gitlab/puma/error_handler_spec.rb diff --git a/app/assets/javascripts/behaviors/preview_markdown.js b/app/assets/javascripts/behaviors/preview_markdown.js index ce77ede9fe4..6e0b1250479 100644 --- a/app/assets/javascripts/behaviors/preview_markdown.js +++ b/app/assets/javascripts/behaviors/preview_markdown.js @@ -131,10 +131,13 @@ $(document).on('markdown-preview:show', (e, $form) => { lastTextareaPreviewed = $form.find('textarea.markdown-area'); lastTextareaHeight = lastTextareaPreviewed.height(); - // toggle tabs - $form.find(previewButtonSelector).val('edit'); - $form.find(previewButtonSelector).children('span.gl-button-text').text(__('Continue editing')); - $form.find(previewButtonSelector).addClass('gl-shadow-none! gl-bg-transparent!'); + const $previewButton = $form.find(previewButtonSelector); + + if (!$previewButton.parents('.js-vue-markdown-field').length) { + $previewButton.val('edit'); + $previewButton.children('span.gl-button-text').text(__('Continue editing')); + $previewButton.addClass('gl-shadow-none! gl-bg-transparent!'); + } // toggle content $form.find('.md-write-holder').hide(); @@ -154,9 +157,12 @@ $(document).on('markdown-preview:hide', (e, $form) => { $form.find('textarea.markdown-area').height(lastTextareaHeight); } - // toggle tabs - $form.find(previewButtonSelector).val('preview'); - $form.find(previewButtonSelector).children('span.gl-button-text').text(__('Preview')); + const $previewButton = $form.find(previewButtonSelector); + + if (!$previewButton.parents('.js-vue-markdown-field').length) { + $previewButton.val('preview'); + $previewButton.children('span.gl-button-text').text(__('Preview')); + } // toggle content $form.find('.md-write-holder').show(); diff --git a/app/assets/javascripts/vue_shared/components/markdown/header.vue b/app/assets/javascripts/vue_shared/components/markdown/header.vue index 286a1b87ad0..a569b4ea9a7 100644 --- a/app/assets/javascripts/vue_shared/components/markdown/header.vue +++ b/app/assets/javascripts/vue_shared/components/markdown/header.vue @@ -263,7 +263,7 @@ export default { LAST_USED_AT_INTERVAL.ago + last_used_at.nil? || last_used_at.before?(LAST_USED_AT_INTERVAL.ago) end end diff --git a/app/models/concerns/repository_storage_movable.rb b/app/models/concerns/repository_storage_movable.rb index 87ff413f2c1..77edabb9706 100644 --- a/app/models/concerns/repository_storage_movable.rb +++ b/app/models/concerns/repository_storage_movable.rb @@ -49,6 +49,7 @@ module RepositoryStorageMovable begin storage_move.container.set_repository_read_only!(skip_git_transfer_check: true) rescue StandardError => e + storage_move.do_fail! storage_move.add_error(e.message) next false end diff --git a/app/models/integration.rb b/app/models/integration.rb index d4c76f743a3..253a9cdcd9a 100644 --- a/app/models/integration.rb +++ b/app/models/integration.rb @@ -111,9 +111,7 @@ class Integration < ApplicationRecord validate :validate_belongs_to_project_or_group scope :external_issue_trackers, -> { where(category: 'issue_tracker').active } - # TODO: Will be modified in 15.0 - # Details: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/74501#note_744393645 - scope :third_party_wikis, -> { where(type: %w[Integrations::Confluence Integrations::Shimo]).active } + scope :third_party_wikis, -> { where(category: 'third_party_wiki').active } scope :by_name, ->(name) { by_type(integration_name_to_type(name)) } scope :external_wikis, -> { by_name(:external_wiki).active } scope :active, -> { where(active: true) } diff --git a/app/views/devise/sessions/_new_base.html.haml b/app/views/devise/sessions/_new_base.html.haml index e6551adffde..88dd4fd1721 100644 --- a/app/views/devise/sessions/_new_base.html.haml +++ b/app/views/devise/sessions/_new_base.html.haml @@ -15,14 +15,12 @@ = link_to _('Forgot your password?'), new_password_path(:user) .form-group - - if Feature.enabled?(:arkose_labs_login_challenge) - = render_if_exists 'devise/sessions/arkose_labs' - - elsif captcha_enabled? || captcha_on_login_required? + - if captcha_enabled? || captcha_on_login_required? = recaptcha_tags nonce: content_security_policy_nonce - if remember_me_enabled? .form-group = f.gitlab_ui_checkbox_component :remember_me, _('Remember me'), checkbox_options: { autocomplete: 'off' } - = render Pajamas::ButtonComponent.new(type: :submit, variant: :confirm, block: true, button_options: { class: "js-sign-in-button #{'js-no-auto-disable' if Feature.enabled?(:arkose_labs_login_challenge)}", data: { qa_selector: 'sign_in_button', testid: 'sign-in-button' } }) do + = render Pajamas::ButtonComponent.new(type: :submit, variant: :confirm, block: true, button_options: { class: 'js-sign-in-button', data: { qa_selector: 'sign_in_button', testid: 'sign-in-button' } }) do = _('Sign in') diff --git a/app/views/layouts/_head.html.haml b/app/views/layouts/_head.html.haml index bb492913346..267c32e53bd 100644 --- a/app/views/layouts/_head.html.haml +++ b/app/views/layouts/_head.html.haml @@ -38,7 +38,10 @@ = stylesheet_link_tag "disable_animations", media: "all" if Rails.env.test? || Gitlab.config.gitlab['disable_animations'] = stylesheet_link_tag "test_environment", media: "all" if Rails.env.test? - = stylesheet_link_tag_defer "fonts" + - if ::Feature.enabled?(:font_display_swap, current_user) + = stylesheet_link_tag_defer "fonts_swap" + - else + = stylesheet_link_tag_defer "fonts_optional" = stylesheet_link_tag_defer "highlight/themes/#{user_color_scheme}" diff --git a/app/views/layouts/_loading_hints.html.haml b/app/views/layouts/_loading_hints.html.haml index 1e6f671aacb..b6b1fe716db 100644 --- a/app/views/layouts/_loading_hints.html.haml +++ b/app/views/layouts/_loading_hints.html.haml @@ -17,6 +17,10 @@ -# Do not use preload_link_tag for fonts, to work around Firefox double-fetch bug. -# See https://github.com/web-platform-tests/wpt/pull/36930 %link{ rel: 'preload', href: font_path('gitlab-sans/GitLabSans.woff2'), as: 'font', crossorigin: css_crossorigin } + %link{ rel: 'preload', href: font_path('gitlab-sans/GitLabSans-Italic.woff2'), as: 'font', crossorigin: css_crossorigin } %link{ rel: 'preload', href: font_path('gitlab-mono/GitLabMono.woff2'), as: 'font', crossorigin: css_crossorigin } %link{ rel: 'preload', href: font_path('gitlab-mono/GitLabMono-Italic.woff2'), as: 'font', crossorigin: css_crossorigin } - = preload_link_tag(path_to_stylesheet('fonts'), crossorigin: css_crossorigin) + - if ::Feature.enabled?(:font_display_swap, current_user) + = preload_link_tag(path_to_stylesheet('fonts_swap'), crossorigin: css_crossorigin) + - else + = preload_link_tag(path_to_stylesheet('fonts_optional'), crossorigin: css_crossorigin) diff --git a/config/application.rb b/config/application.rb index 459487f2af3..aef8a2fbdf2 100644 --- a/config/application.rb +++ b/config/application.rb @@ -367,7 +367,8 @@ module Gitlab config.assets.precompile << "disable_animations.css" config.assets.precompile << "test_environment.css" config.assets.precompile << "snippets.css" - config.assets.precompile << "fonts.css" + config.assets.precompile << "fonts_optional.css" + config.assets.precompile << "fonts_swap.css" config.assets.precompile << "locale/**/app.js" config.assets.precompile << "emoji_sprites.css" config.assets.precompile << "errors.css" diff --git a/config/feature_flags/development/arkose_labs_prevent_login.yml b/config/feature_flags/development/arkose_labs_prevent_login.yml deleted file mode 100644 index 2b132466497..00000000000 --- a/config/feature_flags/development/arkose_labs_prevent_login.yml +++ /dev/null @@ -1,8 +0,0 @@ ---- -name: arkose_labs_prevent_login -introduced_by_url: -rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/358838 -milestone: '14.10' -type: development -group: group::anti-abuse -default_enabled: false diff --git a/config/feature_flags/development/arkose_labs_login_challenge.yml b/config/feature_flags/development/font_display_swap.yml similarity index 63% rename from config/feature_flags/development/arkose_labs_login_challenge.yml rename to config/feature_flags/development/font_display_swap.yml index c41709c33b6..cabe3ca614a 100644 --- a/config/feature_flags/development/arkose_labs_login_challenge.yml +++ b/config/feature_flags/development/font_display_swap.yml @@ -1,8 +1,8 @@ --- -name: arkose_labs_login_challenge -introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/82751 -rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/356171 -milestone: '14.10' +name: font_display_swap +introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/132798 +rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/426437 +milestone: '16.5' type: development -group: group::anti-abuse +group: group::foundations default_enabled: false diff --git a/config/puma.rb.example b/config/puma.rb.example index d664986174b..65c817bb2d8 100644 --- a/config/puma.rb.example +++ b/config/puma.rb.example @@ -81,15 +81,10 @@ log_formatter do |str| json_formatter.call(str) end -lowlevel_error_handler do |ex, env| - if Raven.configuration.capture_allowed? - Raven.capture_exception(ex, tags: { 'handler': 'puma_low_level' }, extra: { puma_env: env }) - end +require_relative "/home/git/gitlab/lib/gitlab/puma/error_handler" - if Sentry.configuration.sending_allowed? - Sentry.capture_exception(ex, tags: { 'handler': 'puma_low_level' }, extra: { puma_env: env }) - end +error_handler = Gitlab::Puma::ErrorHandler.new(ENV['RAILS_ENV'] == 'production') - # note the below is just a Rack response - [500, {}, ["An error has occurred and reported in the system's low-level error handler."]] +lowlevel_error_handler do |ex, env, status_code| + error_handler.execute(ex, env, status_code) end diff --git a/db/migrate/20230921081527_add_queued_migration_version_to_batched_background_migrations.rb b/db/migrate/20230921081527_add_queued_migration_version_to_batched_background_migrations.rb new file mode 100644 index 00000000000..1ab96f8d873 --- /dev/null +++ b/db/migrate/20230921081527_add_queued_migration_version_to_batched_background_migrations.rb @@ -0,0 +1,25 @@ +# frozen_string_literal: true + +class AddQueuedMigrationVersionToBatchedBackgroundMigrations < Gitlab::Database::Migration[2.1] + disable_ddl_transaction! + + INDEX_NAME = 'unique_batched_background_migrations_queued_migration_version' + + # rubocop:disable Migration/AddLimitToTextColumns + # limit is added in 20230921082223_add_limit_to_queued_migration_version_in_batched_background_migrations.rb + def up + add_column(:batched_background_migrations, :queued_migration_version, :text, if_not_exists: true) + + add_concurrent_index( + :batched_background_migrations, + :queued_migration_version, + unique: true, + name: INDEX_NAME + ) + end + # rubocop:enable Migration/AddLimitToTextColumns + + def down + remove_column(:batched_background_migrations, :queued_migration_version, :text, if_exists: true) + end +end diff --git a/db/migrate/20230921082223_add_limit_to_queued_migration_version_in_batched_background_migrations.rb b/db/migrate/20230921082223_add_limit_to_queued_migration_version_in_batched_background_migrations.rb new file mode 100644 index 00000000000..cb71628a879 --- /dev/null +++ b/db/migrate/20230921082223_add_limit_to_queued_migration_version_in_batched_background_migrations.rb @@ -0,0 +1,14 @@ +# frozen_string_literal: true + +class AddLimitToQueuedMigrationVersionInBatchedBackgroundMigrations < Gitlab::Database::Migration[2.1] + disable_ddl_transaction! + + def up + # 14 is set as the limit because the migration version is 14 chars in length + add_text_limit :batched_background_migrations, :queued_migration_version, 14 + end + + def down + remove_text_limit :batched_background_migrations, :queued_migration_version + end +end diff --git a/db/schema_migrations/20230921081527 b/db/schema_migrations/20230921081527 new file mode 100644 index 00000000000..7ce01f1f771 --- /dev/null +++ b/db/schema_migrations/20230921081527 @@ -0,0 +1 @@ +9cc0cc5ea170c56f03224e71771c6638f31bf57ede060de51f7cbe181349c373 \ No newline at end of file diff --git a/db/schema_migrations/20230921082223 b/db/schema_migrations/20230921082223 new file mode 100644 index 00000000000..374b18be56e --- /dev/null +++ b/db/schema_migrations/20230921082223 @@ -0,0 +1 @@ +84b7cbffd811799e4d065e5488180f4335575589d0510d6f2ce1afe1c0bf6806 \ No newline at end of file diff --git a/db/structure.sql b/db/structure.sql index 7d19c7475d7..c933b0817a9 100644 --- a/db/structure.sql +++ b/db/structure.sql @@ -12567,9 +12567,11 @@ CREATE TABLE batched_background_migrations ( on_hold_until timestamp with time zone, gitlab_schema text NOT NULL, finished_at timestamp with time zone, + queued_migration_version text, CONSTRAINT check_0406d9776f CHECK ((char_length(gitlab_schema) <= 255)), CONSTRAINT check_5bb0382d6f CHECK ((char_length(column_name) <= 63)), CONSTRAINT check_6b6a06254a CHECK ((char_length(table_name) <= 63)), + CONSTRAINT check_713f147aea CHECK ((char_length(queued_migration_version) <= 14)), CONSTRAINT check_batch_size_in_range CHECK ((batch_size >= sub_batch_size)), CONSTRAINT check_e6c75b1e29 CHECK ((char_length(job_class_name) <= 100)), CONSTRAINT check_fe10674721 CHECK ((char_length(batch_class_name) <= 100)), @@ -34845,6 +34847,8 @@ CREATE UNIQUE INDEX unique_amazon_s3_configurations_namespace_id_and_bucket_name CREATE UNIQUE INDEX unique_amazon_s3_configurations_namespace_id_and_name ON audit_events_amazon_s3_configurations USING btree (namespace_id, name); +CREATE UNIQUE INDEX unique_batched_background_migrations_queued_migration_version ON batched_background_migrations USING btree (queued_migration_version); + CREATE UNIQUE INDEX unique_ci_builds_token_encrypted_and_partition_id ON ci_builds USING btree (token_encrypted, partition_id) WHERE (token_encrypted IS NOT NULL); CREATE UNIQUE INDEX unique_external_audit_event_destination_namespace_id_and_name ON audit_events_external_audit_event_destinations USING btree (namespace_id, name); diff --git a/doc/api/merge_request_context_commits.md b/doc/api/merge_request_context_commits.md index 26fb561e5e7..3cb1448085d 100644 --- a/doc/api/merge_request_context_commits.md +++ b/doc/api/merge_request_context_commits.md @@ -55,29 +55,38 @@ Parameters: |---------------------|---------|----------|-------------| | `id` | integer | Yes | The ID or [URL-encoded path of the project](rest/index.md#namespaced-path-encoding) owned by the authenticated user | | `merge_request_iid` | integer | Yes | The internal ID of the merge request. | +| `commits` | string array | Yes | The context commits' SHAs. | -```plaintext -POST /projects/:id/merge_requests/ +Example request: + +```shell +curl --request POST --header "PRIVATE-TOKEN: " \ + --header 'Content-Type: application/json' \ + --data '{"commits": ["51856a574ac3302a95f82483d6c7396b1e0783cb"]}' \ + https://gitlab.example.com/api/v4/projects/15/merge_requests/12/context_commits ``` -| Attribute | Type | Required | Description | -| --------- | ---- | -------- | ----------- | -| `commits` | string array | Yes | The context commits' SHA. | +Example response: ```json [ { - "id": "6d394385cf567f80a8fd85055db1ab4c5295806f", - "message": "Added contributing guide\n\nSigned-off-by: Example User \n", + "id": "51856a574ac3302a95f82483d6c7396b1e0783cb", + "short_id": "51856a57", + "created_at": "2014-02-27T10:05:10.000+02:00", "parent_ids": [ - "1a0b36b3cdad1d2ee32457c102a8c0b7056fa863" + "57a82e2180507c9e12880c0747f0ea65ad489515" ], - "authored_date": "2014-02-27T10:05:10.000+02:00", + "title": "Commit title", + "message": "Commit message", "author_name": "Example User", "author_email": "user@example.com", - "committed_date": "2014-02-27T10:05:10.000+02:00", + "authored_date": "2014-02-27T10:05:10.000+02:00", "committer_name": "Example User", - "committer_email": "user@example.com" + "committer_email": "user@example.com", + "committed_date": "2014-02-27T10:05:10.000+02:00", + "trailers": {}, + "web_url": "https://gitlab.example.com/project/path/-/commit/b782f6c553653ab4e16469ff34bf3a81638ac304" } ] ``` diff --git a/doc/architecture/blueprints/email_ingestion/index.md b/doc/architecture/blueprints/email_ingestion/index.md index efaa5e6cf4c..9579a903133 100644 --- a/doc/architecture/blueprints/email_ingestion/index.md +++ b/doc/architecture/blueprints/email_ingestion/index.md @@ -3,8 +3,8 @@ status: proposed creation-date: "2023-06-05" authors: [ "@msaleiko" ] coach: "@stanhu" -approvers: [ "@kbychu", "@bmarnane" ] -owning-stage: "~devops::monitor" +approvers: [ ] +owning-stage: "" participating-stages: [ "~group::incubation" ] --- @@ -162,8 +162,8 @@ The current setup limits us and only allows to fetch two email addresses. To pub ## Additional resources -- [Draft issue for this blueprint](https://gitlab.com/gitlab-org/gitlab/-/issues/393157) +- [Meta issue for this design document](https://gitlab.com/gitlab-org/gitlab/-/issues/393157) ## Timeline -- 2023-XX-XX: The initial version of the blueprint has been merged. +- 2023-09-26: The initial version of the blueprint has been merged. diff --git a/doc/ci/runners/runners_scope.md b/doc/ci/runners/runners_scope.md index 6a845820580..5341f19fbbc 100644 --- a/doc/ci/runners/runners_scope.md +++ b/doc/ci/runners/runners_scope.md @@ -5,7 +5,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w type: reference --- -# Manage runners +# Manage runners **(FREE ALL)** GitLab Runner has the following types of runners, which are available based on who you want to have access: diff --git a/doc/development/internal_analytics/metrics/index.md b/doc/development/internal_analytics/metrics/index.md new file mode 100644 index 00000000000..45089ec8164 --- /dev/null +++ b/doc/development/internal_analytics/metrics/index.md @@ -0,0 +1,15 @@ +--- +stage: Analyze +group: Analytics Instrumentation +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments +--- + +# Metrics + +This page provides an overview for pages related to metrics in internal analytics at GitLab. + +This page is a work in progress. If you have access to the GitLab Slack workspace, use the +`#g_analyze_analytics_instrumentation` channel for any questions or clarifications. + +- [Metrics Dictionary Guide](metrics_dictionary.md) +- [Metrics Lifecycle](metrics_lifecycle.md) diff --git a/doc/integration/arkose.md b/doc/integration/arkose.md index 575cf8c4271..99c2c521534 100644 --- a/doc/integration/arkose.md +++ b/doc/integration/arkose.md @@ -13,11 +13,7 @@ Arkose Protect on GitLab.com. While this feature is theoretically usable in self is not recommended at the moment. GitLab integrates [Arkose Protect](https://www.arkoselabs.com/arkose-protect/) to guard against -credential stuffing and bots in the sign-in form. GitLab triggers Arkose Protect if the user: - -- Has never signed in before. -- Has failed to sign in twice in a row. -- Has not signed in during the past three months. +malicious users from creating accounts. ## How does it work? @@ -31,7 +27,7 @@ sequenceDiagram participant U as User participant G as GitLab participant A as Arkose Labs - U->>G: User loads form
(POST /api/:version/users/captcha_check) + U->>G: User loads signup form G->>A: Sends device fingerprint and telemetry A->>U: Returns Session token and decision on if to challenge opt Requires Challenge @@ -52,21 +48,6 @@ sequenceDiagram Depending on the risk score received, a user might be required to perform up to three stages of [identity verification](../security/identity_verification.md) to register an account. -## How do we treat malicious sign-in attempts? - -Users are not denied access if Arkose Protect considers they are malicious. However, -their risk score is exposed in the administrator console so that we can make more informed decisions when it -comes to manually blocking users. When we decide to block a user, feedback is sent to ArkoseLabs to -improve their risk prediction model. - -NOTE: -Enabling the `arkose_labs_prevent_login` feature flag results in sessions with a `High` risk -score being denied access. So far, we have kept this feature flag disabled to evaluate Arkose Protect -predictions and to make sure we are not preventing legitimate users from signing in. - -That said, we have seen that interactive challenges are effective in preventing some malicious -sign-in attempts as not completing them prevents attackers from moving on to the next sign-in step. - ## Configuration To enable Arkose Protect: @@ -76,17 +57,11 @@ To enable Arkose Protect: 1. Enable the ArkoseLabs login challenge. Run the following commands in the Rails console, replacing `` and `` with your own API keys. ```ruby - Feature.enable(:arkose_labs_login_challenge) + Feature.enable(:arkose_labs_signup_challenge) ApplicationSetting.current.update(arkose_labs_public_api_key: '') ApplicationSetting.current.update(arkose_labs_private_api_key: '') ``` -1. Optional. To prevent high risk sessions from signing, enable the `arkose_labs_prevent_login` feature flag. Run the following command in the Rails console: - - ```ruby - Feature.enable(:arkose_labs_prevent_login) - ``` - ## Triage and debug ArkoseLabs issues You can triage and debug issues raised by ArkoseLabs with: diff --git a/lib/generators/batched_background_migration/templates/batched_background_migration_dictionary.template b/lib/generators/batched_background_migration/templates/batched_background_migration_dictionary.template index 8aa08e15f48..9e33d97b5fa 100644 --- a/lib/generators/batched_background_migration/templates/batched_background_migration_dictionary.template +++ b/lib/generators/batched_background_migration/templates/batched_background_migration_dictionary.template @@ -4,3 +4,4 @@ description: # Please capture what <%= class_name %> does feature_category: <%= feature_category %> introduced_by_url: # URL of the MR (or issue/commit) that introduced the migration milestone: <%= current_milestone %> +queued_migration_version: <%= migration_number %> diff --git a/lib/generators/batched_background_migration/templates/queue_batched_background_migration.template b/lib/generators/batched_background_migration/templates/queue_batched_background_migration.template index 502edf2c1d7..886a3bd3116 100644 --- a/lib/generators/batched_background_migration/templates/queue_batched_background_migration.template +++ b/lib/generators/batched_background_migration/templates/queue_batched_background_migration.template @@ -17,6 +17,7 @@ class <%= migration_class_name %> < Gitlab::Database::Migration[<%= Gitlab::Data :<%= table_name %>, :<%= column_name %>, job_interval: DELAY_INTERVAL, + queued_migration_version: '<%= migration_number %>', batch_size: BATCH_SIZE, sub_batch_size: SUB_BATCH_SIZE ) diff --git a/lib/gitlab/ci/pipeline/chain/validate/abilities.rb b/lib/gitlab/ci/pipeline/chain/validate/abilities.rb index 1939b1ff395..c89f9933616 100644 --- a/lib/gitlab/ci/pipeline/chain/validate/abilities.rb +++ b/lib/gitlab/ci/pipeline/chain/validate/abilities.rb @@ -19,7 +19,7 @@ module Gitlab end if project.import_in_progress? - return error('Import in progress') + return error('You cannot run pipelines before project import is complete.') end unless allowed_to_create_pipeline? diff --git a/lib/gitlab/database/migrations/batched_background_migration_helpers.rb b/lib/gitlab/database/migrations/batched_background_migration_helpers.rb index efb1957d5e7..64cde273a59 100644 --- a/lib/gitlab/database/migrations/batched_background_migration_helpers.rb +++ b/lib/gitlab/database/migrations/batched_background_migration_helpers.rb @@ -38,6 +38,10 @@ module Gitlab # batch_class_name - The name of the class that will be called to find the range of each next batch # batch_size - The maximum number of rows per job # sub_batch_size - The maximum number of rows processed per "iteration" within the job + # queued_migration_version - Version of the migration that queues the BBM, this is used to establish dependecies + # + # queued_migration_version is made optional temporarily to allow prior migrations to not fail, + # https://gitlab.com/gitlab-org/gitlab/-/issues/426417 will make it mandatory. # # *Returns the created BatchedMigration record* # @@ -63,6 +67,7 @@ module Gitlab batch_column_name, *job_arguments, job_interval:, + queued_migration_version: nil, batch_min_value: BATCH_MIN_VALUE, batch_max_value: nil, batch_class_name: BATCH_CLASS_NAME, @@ -113,27 +118,13 @@ module Gitlab "(given #{job_arguments.count}, expected #{migration.job_class.job_arguments_count})" end - # Below `BatchedMigration` attributes were introduced after the - # initial `batched_background_migrations` table was created, so any - # migrations that ran relying on initial table schema would not know - # about columns introduced later on because this model is not - # isolated in migrations, which is why we need to check for existence - # of these columns first. - if migration.respond_to?(:max_batch_size) - migration.max_batch_size = max_batch_size - end - - if migration.respond_to?(:total_tuple_count) - # We keep track of the estimated number of tuples to reason later - # about the overall progress of a migration. - migration.total_tuple_count = Gitlab::Database::SharedModel.using_connection(connection) do - Gitlab::Database::PgClass.for_table(batch_table_name)&.cardinality_estimate - end - end - - if migration.respond_to?(:gitlab_schema) - migration.gitlab_schema = gitlab_schema - end + assign_attribtues_safely( + migration, + max_batch_size, + batch_table_name, + gitlab_schema, + queued_migration_version + ) migration.save! migration @@ -244,6 +235,33 @@ module Gitlab "\n\n" \ "\thttps://docs.gitlab.com/ee/update/background_migrations.html#database-migrations-failing-because-of-batched-background-migration-not-finished" end + + private + + # Below `BatchedMigration` attributes were introduced after the + # initial `batched_background_migrations` table was created, so any + # migrations that ran relying on initial table schema would not know + # about columns introduced later on because this model is not + # isolated in migrations, which is why we need to check for existence + # of these columns first. + def assign_attribtues_safely(migration, max_batch_size, batch_table_name, gitlab_schema, queued_migration_version) + # We keep track of the estimated number of tuples in 'total_tuple_count' to reason later + # about the overall progress of a migration. + safe_attributes_value = { + max_batch_size: max_batch_size, + total_tuple_count: Gitlab::Database::SharedModel.using_connection(connection) do + Gitlab::Database::PgClass.for_table(batch_table_name)&.cardinality_estimate + end, + gitlab_schema: gitlab_schema, + queued_migration_version: queued_migration_version + } + + # rubocop:disable GitlabSecurity/PublicSend + safe_attributes_value.each do |safe_attribute, value| + migration.public_send("#{safe_attribute}=", value) if migration.respond_to?(safe_attribute) + end + # rubocop:enable GitlabSecurity/PublicSend + end end end end diff --git a/lib/gitlab/health_checks/puma_check.rb b/lib/gitlab/health_checks/puma_check.rb index 2dc8a093572..efe3d65db91 100644 --- a/lib/gitlab/health_checks/puma_check.rb +++ b/lib/gitlab/health_checks/puma_check.rb @@ -20,7 +20,7 @@ module Gitlab def check return unless Gitlab::Runtime.puma? - stats = Puma.stats + stats = ::Puma.stats stats = Gitlab::Json.parse(stats) # If `workers` is missing this means that diff --git a/lib/gitlab/metrics/samplers/puma_sampler.rb b/lib/gitlab/metrics/samplers/puma_sampler.rb index d818aa43853..c806db09e66 100644 --- a/lib/gitlab/metrics/samplers/puma_sampler.rb +++ b/lib/gitlab/metrics/samplers/puma_sampler.rb @@ -40,7 +40,7 @@ module Gitlab private def puma_stats - Puma.stats + ::Puma.stats rescue NoMethodError Gitlab::AppLogger.info "PumaSampler: stats are not available yet, waiting for Puma to boot" nil diff --git a/lib/gitlab/puma/error_handler.rb b/lib/gitlab/puma/error_handler.rb new file mode 100644 index 00000000000..4efc4866431 --- /dev/null +++ b/lib/gitlab/puma/error_handler.rb @@ -0,0 +1,41 @@ +# frozen_string_literal: true + +module Gitlab + module Puma + class ErrorHandler + PROD_ERROR_MESSAGE = "An error has occurred and reported in the system's low-level error handler." + DEV_ERROR_MESSAGE = <<~MSG + Server Error: An error has been caught by Puma's low-level error handler. + Read the Puma section of the troubleshooting docs for next steps - https://gitlab.com/gitlab-org/gitlab-development-kit/-/blob/main/doc/troubleshooting/index.md#puma. + MSG + + def initialize(is_production) + @is_production = is_production + end + + def execute(ex, env, status_code) + # Puma v6.4.0 added the status_code argument in + # https://github.com/puma/puma/pull/3094 + status_code ||= 500 + + if Raven.configuration.capture_allowed? + Raven.capture_exception(ex, tags: { handler: 'puma_low_level' }, + extra: { puma_env: env, status_code: status_code }) + end + + # note the below is just a Rack response + [status_code, {}, message] + end + + private + + def message + if @is_production + PROD_ERROR_MESSAGE + else + DEV_ERROR_MESSAGE + end + end + end + end +end diff --git a/lib/gitlab/runtime.rb b/lib/gitlab/runtime.rb index f74f1489405..269fb74ceca 100644 --- a/lib/gitlab/runtime.rb +++ b/lib/gitlab/runtime.rb @@ -78,16 +78,16 @@ module Gitlab def puma_in_clustered_mode? return unless puma? - return unless Puma.respond_to?(:cli_config) + return unless ::Puma.respond_to?(:cli_config) - Puma.cli_config.options[:workers].to_i > 0 + ::Puma.cli_config.options[:workers].to_i > 0 end def max_threads threads = 1 # main thread - if puma? && Puma.respond_to?(:cli_config) - threads += Puma.cli_config.options[:max_threads] + if puma? && ::Puma.respond_to?(:cli_config) + threads += ::Puma.cli_config.options[:max_threads] elsif sidekiq? # 2 extra threads for the pollers in Sidekiq and Sidekiq Cron: # https://github.com/ondrejbartas/sidekiq-cron#under-the-hood diff --git a/locale/gitlab.pot b/locale/gitlab.pot index 60b6a32a982..0673bd00e9d 100644 --- a/locale/gitlab.pot +++ b/locale/gitlab.pot @@ -12105,9 +12105,6 @@ msgstr "" msgid "Complete" msgstr "" -msgid "Complete verification to sign in." -msgstr "" - msgid "Complete verification to sign up." msgstr "" @@ -43806,9 +43803,6 @@ msgstr "" msgid "Session duration (minutes)" msgstr "" -msgid "Session|Unable to verify the user. An error occurred when loading the user verification challenge. Refresh to try again." -msgstr "" - msgid "Set %{epic_ref} as the parent epic." msgstr "" diff --git a/package.json b/package.json index d6e8fd09d8a..3075f53bd25 100644 --- a/package.json +++ b/package.json @@ -257,7 +257,7 @@ "cheerio": "^1.0.0-rc.9", "commander": "^2.20.3", "custom-jquery-matchers": "^2.1.0", - "eslint": "8.49.0", + "eslint": "8.50.0", "eslint-import-resolver-jest": "3.0.2", "eslint-import-resolver-webpack": "0.13.7", "eslint-plugin-import": "^2.28.1", diff --git a/qa/qa/page/main/login.rb b/qa/qa/page/main/login.rb index 47e50c4a8a3..1fd0b5b453c 100644 --- a/qa/qa/page/main/login.rb +++ b/qa/qa/page/main/login.rb @@ -153,10 +153,6 @@ module QA has_css?(".active", text: 'Standard') end - def has_arkose_labs_token? - has_css?('[name="arkose_labs_token"][value]', visible: false) - end - def has_accept_all_cookies_button? has_button?('Accept All Cookies') end @@ -235,16 +231,7 @@ module QA fill_in_credential(user) - if Runtime::Env.running_on_dot_com? - click_accept_all_cookies if has_accept_all_cookies_button? - # Arkose only appears in staging.gitlab.com, gitlab.com, etc... - - # Wait until the ArkoseLabs challenge has initialized - Support::WaitForRequests.wait_for_requests - Support::Waiter.wait_until(max_duration: 5, reload_page: false, raise_on_failure: false) do - has_arkose_labs_token? - end - end + click_accept_all_cookies if Runtime::Env.running_on_dot_com? && has_accept_all_cookies_button? click_element :sign_in_button diff --git a/qa/qa/specs/features/browser_ui/4_verify/ci_variable/custom_variable_spec.rb b/qa/qa/specs/features/browser_ui/4_verify/ci_variable/custom_variable_spec.rb index 6e6a21f65a2..6680938ee67 100644 --- a/qa/qa/specs/features/browser_ui/4_verify/ci_variable/custom_variable_spec.rb +++ b/qa/qa/specs/features/browser_ui/4_verify/ci_variable/custom_variable_spec.rb @@ -60,9 +60,9 @@ module QA Page::Project::Pipeline::Show.perform do |show| Support::Waiter.wait_until { show.passed? } - end - create(:job, id: project.job_by_name(pipeline_job_name)[:id], name: pipeline_job_name, project: project).visit! + show.click_job(pipeline_job_name) + end Page::Project::Job::Show.perform do |show| expect(show.output).to have_content(variable_custom_value) diff --git a/spec/controllers/sessions_controller_spec.rb b/spec/controllers/sessions_controller_spec.rb index ce9703753cf..85248b6fa6c 100644 --- a/spec/controllers/sessions_controller_spec.rb +++ b/spec/controllers/sessions_controller_spec.rb @@ -195,10 +195,6 @@ RSpec.describe SessionsController, feature_category: :system_access do end context 'with reCAPTCHA' do - before do - stub_feature_flags(arkose_labs_login_challenge: false) - end - def unsuccesful_login(user_params, sesion_params: {}) # Without this, `verify_recaptcha` arbitrarily returns true in test env Recaptcha.configuration.skip_verify_env.delete('test') diff --git a/spec/features/issues/user_comments_on_issue_spec.rb b/spec/features/issues/user_comments_on_issue_spec.rb index d954a1d15ff..a81a99771cc 100644 --- a/spec/features/issues/user_comments_on_issue_spec.rb +++ b/spec/features/issues/user_comments_on_issue_spec.rb @@ -52,6 +52,17 @@ RSpec.describe "User comments on issue", :js, feature_category: :team_planning d expect(find_highlighted_autocomplete_item).to have_content('/label') end + + it "switches back to edit mode if a comment is submitted in preview mode" do + fill_in 'Comment', with: 'just a regular comment' + click_button 'Preview' + + expect(page).to have_content('Continue editing') + + click_button 'Comment' + + expect(page).not_to have_content('Continue editing') + end end context "when editing comments" do diff --git a/spec/lib/generators/batched_background_migration/batched_background_migration_generator_spec.rb b/spec/lib/generators/batched_background_migration/batched_background_migration_generator_spec.rb index d60d0c3c853..2d48b83be4c 100644 --- a/spec/lib/generators/batched_background_migration/batched_background_migration_generator_spec.rb +++ b/spec/lib/generators/batched_background_migration/batched_background_migration_generator_spec.rb @@ -33,7 +33,7 @@ RSpec.describe BatchedBackgroundMigration::BatchedBackgroundMigrationGenerator, end assert_migration('db/post_migrate/queue_my_batched_migration.rb') do |migration_file| - expect(migration_file).to eq(expected_migration_file) + expect(migration_file).to eq(expected_migration_file.gsub('', fetch_migration_version)) end assert_migration('spec/migrations/queue_my_batched_migration_spec.rb') do |migration_spec_file| @@ -54,7 +54,7 @@ RSpec.describe BatchedBackgroundMigration::BatchedBackgroundMigrationGenerator, end let(:expected_ee_migration_job_file) { load_expected_file('ee_my_batched_migration.txt') } - let(:expected_migration_job_spec_file) { load_expected_file('my_batched_migration_spec_matcher.txt') } + let(:expected_migration_job_spec_file) { load_expected_file('my_batched_migration_spec.txt') } include_examples "generates files common to both types of migrations", 'foss_my_batched_migration.txt', @@ -78,7 +78,7 @@ RSpec.describe BatchedBackgroundMigration::BatchedBackgroundMigrationGenerator, run_generator %w[my_batched_migration --table_name=projects --column_name=id --feature_category=database] end - let(:expected_migration_job_spec_file) { load_expected_file('my_batched_migration_spec_matcher.txt') } + let(:expected_migration_job_spec_file) { load_expected_file('my_batched_migration_spec.txt') } include_examples "generates files common to both types of migrations", 'my_batched_migration.txt', @@ -88,8 +88,7 @@ RSpec.describe BatchedBackgroundMigration::BatchedBackgroundMigrationGenerator, it 'generates expected files' do assert_file('spec/lib/gitlab/background_migration/my_batched_migration_spec.rb') do |migration_job_spec_file| - # Regex is used to match the dynamic schema: in the specs - expect(migration_job_spec_file).to match(/#{expected_migration_job_spec_file}/) + expect(migration_job_spec_file).to eq(expected_migration_job_spec_file) end end end @@ -99,4 +98,9 @@ RSpec.describe BatchedBackgroundMigration::BatchedBackgroundMigrationGenerator, def load_expected_file(file_name) File.read(File.expand_path("expected_files/#{file_name}", __dir__)) end + + def fetch_migration_version + @migration_version ||= migration_file_name('db/post_migrate/queue_my_batched_migration.rb') + .match(%r{post_migrate/([0-9]+)_queue_my_batched_migration.rb})[1] + end end diff --git a/spec/lib/generators/batched_background_migration/expected_files/my_batched_migration_dictionary_matcher.txt b/spec/lib/generators/batched_background_migration/expected_files/my_batched_migration_dictionary_matcher.txt index 6280d35177e..6d0bb151463 100644 --- a/spec/lib/generators/batched_background_migration/expected_files/my_batched_migration_dictionary_matcher.txt +++ b/spec/lib/generators/batched_background_migration/expected_files/my_batched_migration_dictionary_matcher.txt @@ -4,3 +4,4 @@ description: # Please capture what MyBatchedMigration does feature_category: database introduced_by_url: # URL of the MR \(or issue/commit\) that introduced the migration milestone: [0-9\.]+ +queued_migration_version: [0-9]+ diff --git a/spec/lib/generators/batched_background_migration/expected_files/my_batched_migration_spec_matcher.txt b/spec/lib/generators/batched_background_migration/expected_files/my_batched_migration_spec.txt similarity index 100% rename from spec/lib/generators/batched_background_migration/expected_files/my_batched_migration_spec_matcher.txt rename to spec/lib/generators/batched_background_migration/expected_files/my_batched_migration_spec.txt diff --git a/spec/lib/generators/batched_background_migration/expected_files/queue_my_batched_migration.txt b/spec/lib/generators/batched_background_migration/expected_files/queue_my_batched_migration.txt index 536e07d56aa..aa79062422b 100644 --- a/spec/lib/generators/batched_background_migration/expected_files/queue_my_batched_migration.txt +++ b/spec/lib/generators/batched_background_migration/expected_files/queue_my_batched_migration.txt @@ -17,6 +17,7 @@ class QueueMyBatchedMigration < Gitlab::Database::Migration[2.1] :projects, :id, job_interval: DELAY_INTERVAL, + queued_migration_version: '', batch_size: BATCH_SIZE, sub_batch_size: SUB_BATCH_SIZE ) diff --git a/spec/lib/gitlab/ci/pipeline/chain/validate/abilities_spec.rb b/spec/lib/gitlab/ci/pipeline/chain/validate/abilities_spec.rb index c3516c467d4..2a26747f65a 100644 --- a/spec/lib/gitlab/ci/pipeline/chain/validate/abilities_spec.rb +++ b/spec/lib/gitlab/ci/pipeline/chain/validate/abilities_spec.rb @@ -92,7 +92,7 @@ RSpec.describe Gitlab::Ci::Pipeline::Chain::Validate::Abilities, feature_categor it 'adds an error about imports' do expect(pipeline.errors.to_a) - .to include /Import in progress/ + .to include /before project import is complete/ end it 'breaks the pipeline builder chain' do diff --git a/spec/lib/gitlab/database/migrations/batched_background_migration_helpers_spec.rb b/spec/lib/gitlab/database/migrations/batched_background_migration_helpers_spec.rb index 158497b1fef..f1271f2434c 100644 --- a/spec/lib/gitlab/database/migrations/batched_background_migration_helpers_spec.rb +++ b/spec/lib/gitlab/database/migrations/batched_background_migration_helpers_spec.rb @@ -2,7 +2,7 @@ require 'spec_helper' -RSpec.describe Gitlab::Database::Migrations::BatchedBackgroundMigrationHelpers do +RSpec.describe Gitlab::Database::Migrations::BatchedBackgroundMigrationHelpers, feature_category: :database do let(:migration_class) do Class.new(ActiveRecord::Migration[6.1]) .include(described_class) @@ -70,39 +70,54 @@ RSpec.describe Gitlab::Database::Migrations::BatchedBackgroundMigrationHelpers d end end - it 'creates the database record for the migration' do - expect(Gitlab::Database::PgClass).to receive(:for_table).with(:projects).and_return(pgclass_info) + context "when the migration doesn't exist already" do + before do + allow(Gitlab::Database::PgClass).to receive(:for_table).with(:projects).and_return(pgclass_info) + end - expect do + subject(:enqueue_batched_background_migration) do migration.queue_batched_background_migration( job_class.name, :projects, :id, job_interval: 5.minutes, + queued_migration_version: format("%.14d", 123), batch_min_value: 5, batch_max_value: 1000, batch_class_name: 'MyBatchClass', batch_size: 100, max_batch_size: 10000, sub_batch_size: 10, - gitlab_schema: :gitlab_ci) - end.to change { Gitlab::Database::BackgroundMigration::BatchedMigration.count }.by(1) + gitlab_schema: :gitlab_ci + ) + end - expect(Gitlab::Database::BackgroundMigration::BatchedMigration.last).to have_attributes( - job_class_name: 'MyJobClass', - table_name: 'projects', - column_name: 'id', - interval: 300, - min_value: 5, - max_value: 1000, - batch_class_name: 'MyBatchClass', - batch_size: 100, - max_batch_size: 10000, - sub_batch_size: 10, - job_arguments: %w[], - status_name: :active, - total_tuple_count: pgclass_info.cardinality_estimate, - gitlab_schema: 'gitlab_ci') + it 'enqueues exactly one batched migration' do + expect { enqueue_batched_background_migration } + .to change { Gitlab::Database::BackgroundMigration::BatchedMigration.count }.by(1) + end + + it 'creates the database record for the migration' do + batched_background_migration = enqueue_batched_background_migration + + expect(batched_background_migration.reload).to have_attributes( + job_class_name: 'MyJobClass', + table_name: 'projects', + column_name: 'id', + interval: 300, + min_value: 5, + max_value: 1000, + batch_class_name: 'MyBatchClass', + batch_size: 100, + max_batch_size: 10000, + sub_batch_size: 10, + job_arguments: %w[], + status_name: :active, + total_tuple_count: pgclass_info.cardinality_estimate, + gitlab_schema: 'gitlab_ci', + queued_migration_version: format("%.14d", 123) + ) + end end context 'when the job interval is lower than the minimum' do diff --git a/spec/lib/gitlab/puma/error_handler_spec.rb b/spec/lib/gitlab/puma/error_handler_spec.rb new file mode 100644 index 00000000000..5b7cdf37af1 --- /dev/null +++ b/spec/lib/gitlab/puma/error_handler_spec.rb @@ -0,0 +1,85 @@ +# frozen_string_literal: true + +require 'spec_helper' + +RSpec.describe Gitlab::Puma::ErrorHandler, feature_category: :shared do + subject { described_class.new(is_production) } + + let(:is_production) { true } + let(:ex) { StandardError.new('Sample error message') } + let(:env) { {} } + let(:status_code) { 500 } + + describe '#execute' do + it 'captures the exception and returns a Rack response' do + allow(Raven.configuration).to receive(:capture_allowed?).and_return(true) + expect(Raven).to receive(:capture_exception).with( + ex, + tags: { handler: 'puma_low_level' }, + extra: { puma_env: env, status_code: status_code } + ).and_call_original + + status, headers, message = subject.execute(ex, env, status_code) + + expect(status).to eq(500) + expect(headers).to eq({}) + expect(message).to eq(described_class::PROD_ERROR_MESSAGE) + end + + context 'when capture is not allowed' do + it 'returns a Rack response without capturing the exception' do + allow(Raven.configuration).to receive(:capture_allowed?).and_return(false) + expect(Raven).not_to receive(:capture_exception) + + status, headers, message = subject.execute(ex, env, status_code) + + expect(status).to eq(500) + expect(headers).to eq({}) + expect(message).to eq(described_class::PROD_ERROR_MESSAGE) + end + end + + context 'when not in production' do + let(:is_production) { false } + + it 'returns a Rack response with dev error message' do + allow(Raven.configuration).to receive(:capture_allowed?).and_return(true) + + status, headers, message = subject.execute(ex, env, status_code) + + expect(status).to eq(500) + expect(headers).to eq({}) + expect(message).to eq(described_class::DEV_ERROR_MESSAGE) + end + end + + context 'when status code is nil' do + let(:status_code) { 500 } + + it 'defaults to error 500' do + allow(Raven.configuration).to receive(:capture_allowed?).and_return(false) + expect(Raven).not_to receive(:capture_exception) + + status, headers, message = subject.execute(ex, env, status_code) + + expect(status).to eq(500) + expect(headers).to eq({}) + expect(message).to eq(described_class::PROD_ERROR_MESSAGE) + end + end + + context 'when status code is provided' do + let(:status_code) { 404 } + + it 'uses the provided status code in the response' do + allow(Raven.configuration).to receive(:capture_allowed?).and_return(true) + + status, headers, message = subject.execute(ex, env, status_code) + + expect(status).to eq(404) + expect(headers).to eq({}) + expect(message).to eq(described_class::PROD_ERROR_MESSAGE) + end + end + end +end diff --git a/spec/models/chat_name_spec.rb b/spec/models/chat_name_spec.rb index 9d6b1a56458..5271e52f429 100644 --- a/spec/models/chat_name_spec.rb +++ b/spec/models/chat_name_spec.rb @@ -33,6 +33,22 @@ RSpec.describe ChatName, feature_category: :integrations do expect(subject.last_used_at).to eq(time) end + + it 'updates last_used_at if it was not recently updated' do + allow_next_instance_of(Gitlab::ExclusiveLease) do |lease| + allow(lease).to receive(:try_obtain).and_return('successful_lease_guid') + end + + subject.update_last_used_at + + new_time = ChatName::LAST_USED_AT_INTERVAL.from_now + 5.minutes + + travel_to(new_time) do + subject.update_last_used_at + end + + expect(subject.last_used_at).to be_like_time(new_time) + end end it_behaves_like 'it has loose foreign keys' do diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index d352feb783d..be5848ab3c7 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -330,10 +330,6 @@ RSpec.configure do |config| stub_feature_flags(disable_anonymous_project_search: false) stub_feature_flags(disable_cancel_redundant_pipelines_service: false) - # Specs should not get a CAPTCHA challenge by default, this makes the sign-in flow simpler in - # most cases. We do test the CAPTCHA flow in the appropriate specs. - stub_feature_flags(arkose_labs_login_challenge: false) - # Specs should not require email verification by default, this makes the sign-in flow simpler in # most cases. We do test the email verification flow in the appropriate specs. stub_feature_flags(require_email_verification: false) diff --git a/spec/support/shared_examples/models/concerns/repository_storage_movable_shared_examples.rb b/spec/support/shared_examples/models/concerns/repository_storage_movable_shared_examples.rb index 3f1588c46b3..a9a13ddcd60 100644 --- a/spec/support/shared_examples/models/concerns/repository_storage_movable_shared_examples.rb +++ b/spec/support/shared_examples/models/concerns/repository_storage_movable_shared_examples.rb @@ -71,14 +71,21 @@ RSpec.shared_examples 'handles repository moves' do end context 'when the transition fails' do - it 'does not trigger the corresponding repository storage worker and adds an error' do + before do allow(storage_move.container).to receive(:set_repository_read_only!).and_raise(StandardError, 'foobar') + end + + it 'does not trigger the corresponding repository storage worker and adds an error' do expect(repository_storage_worker).not_to receive(:perform_async) - storage_move.schedule! - expect(storage_move.errors[error_key]).to include('foobar') end + + it 'sets the state to failed' do + expect(storage_move).to receive(:do_fail!).and_call_original + storage_move.schedule! + expect(storage_move.state_name).to eq(:failed) + end end end diff --git a/yarn.lock b/yarn.lock index 5c0801310fc..c847901f870 100644 --- a/yarn.lock +++ b/yarn.lock @@ -1194,10 +1194,10 @@ minimatch "^3.1.2" strip-json-comments "^3.1.1" -"@eslint/js@8.49.0": - version "8.49.0" - resolved "https://registry.yarnpkg.com/@eslint/js/-/js-8.49.0.tgz#86f79756004a97fa4df866835093f1df3d03c333" - integrity sha512-1S8uAY/MTJqVx0SC4epBq+N2yhuwtNwLbJYNZyhL2pO1ZVKn5HFXav5T41Ryzy9K9V7ZId2JB2oy/W4aCd9/2w== +"@eslint/js@8.50.0": + version "8.50.0" + resolved "https://registry.yarnpkg.com/@eslint/js/-/js-8.50.0.tgz#9e93b850f0f3fa35f5fa59adfd03adae8488e484" + integrity sha512-NCC3zz2+nvYd+Ckfh87rA47zfu2QsQpvc6k1yzTk+b9KzRj0wkGa8LSoGOXN6Zv4lRf/EIoZ80biDh9HOI+RNQ== "@floating-ui/core@^1.2.6": version "1.2.6" @@ -6329,15 +6329,15 @@ eslint-visitor-keys@^3.3.0, eslint-visitor-keys@^3.4.1, eslint-visitor-keys@^3.4 resolved "https://registry.yarnpkg.com/eslint-visitor-keys/-/eslint-visitor-keys-3.4.3.tgz#0cd72fe8550e3c2eae156a96a4dddcd1c8ac5800" integrity sha512-wpc+LXeiyiisxPlEkUzU6svyS1frIO3Mgxj1fdy7Pm8Ygzguax2N3Fa/D/ag1WqbOprdI+uY6wMUl8/a2G+iag== -eslint@8.49.0: - version "8.49.0" - resolved "https://registry.yarnpkg.com/eslint/-/eslint-8.49.0.tgz#09d80a89bdb4edee2efcf6964623af1054bf6d42" - integrity sha512-jw03ENfm6VJI0jA9U+8H5zfl5b+FvuU3YYvZRdZHOlU2ggJkxrlkJH4HcDrZpj6YwD8kuYqvQM8LyesoazrSOQ== +eslint@8.50.0: + version "8.50.0" + resolved "https://registry.yarnpkg.com/eslint/-/eslint-8.50.0.tgz#2ae6015fee0240fcd3f83e1e25df0287f487d6b2" + integrity sha512-FOnOGSuFuFLv/Sa+FDVRZl4GGVAAFFi8LecRsI5a1tMO5HIE8nCm4ivAlzt4dT3ol/PaaGC0rJEEXQmHJBGoOg== dependencies: "@eslint-community/eslint-utils" "^4.2.0" "@eslint-community/regexpp" "^4.6.1" "@eslint/eslintrc" "^2.1.2" - "@eslint/js" "8.49.0" + "@eslint/js" "8.50.0" "@humanwhocodes/config-array" "^0.11.11" "@humanwhocodes/module-importer" "^1.0.1" "@nodelib/fs.walk" "^1.2.8"