root
/
gitlab-ce
mirror of https://gitlab.com/free-releases/gitlab-ce.git
1
0
Fork 0
Code Issues Actions Packages Projects Releases Wiki Activity

Add latest changes from gitlab-org/gitlab@master

This commit is contained in:
GitLab Bot 2022-05-12 03:08:58 +00:00
parent df8c8224ed
commit 48d9e7ff8d
23 changed files with 280 additions and 103 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.rubocop_todo/database/multiple_databases.yml
View File

@ -2,7 +2,6 @@
Database/MultipleDatabases:
Exclude:
- 'config/initializers/active_record_data_types.rb'
- 'config/initializers/active_record_lifecycle.rb'
- 'config/initializers/sidekiq.rb'
- 'db/post_migrate/20210317104032_set_iteration_cadence_automatic_to_false.rb'
- 'db/post_migrate/20210811122206_update_external_project_bots.rb'

22
app/assets/javascripts/projects/settings_service_desk/components/service_desk_setting.vue
View File

@ -270,18 +270,16 @@ export default {
</template>
</gl-form-group>
<div class="gl-display-flex gl-justify-content-end">
<gl-button
variant="success"
class="gl-mt-5"
data-testid="save_service_desk_settings_button"
data-qa-selector="save_service_desk_settings_button"
:disabled="isTemplateSaving"
@click="onSaveTemplate"
>
{{ __('Save changes') }}
</gl-button>
</div>
<gl-button
variant="confirm"
class="gl-mt-5"
data-testid="save_service_desk_settings_button"
data-qa-selector="save_service_desk_settings_button"
:disabled="isTemplateSaving"
@click="onSaveTemplate"
>
{{ __('Save changes') }}
</gl-button>
</div>
</div>
</div>

7
app/graphql/types/ci/runner_status_enum.rb
View File

@ -28,12 +28,13 @@ module Types
value: :online
value 'OFFLINE',
description: "Runner that has not contacted this instance within the last #{::Ci::Runner::ONLINE_CONTACT_TIMEOUT.inspect}.",
deprecated: { reason: 'This field will have a slightly different scope starting in 15.0, with STALE being returned after a certain period offline', milestone: '14.6' },
description: "Runner that has not contacted this instance within the " \
"last #{::Ci::Runner::ONLINE_CONTACT_TIMEOUT.inspect}. Will be considered `STALE` if offline for " \
"more than #{::Ci::Runner::STALE_TIMEOUT.inspect}.",
value: :offline
value 'STALE',
description: "Runner that has not contacted this instance within the last #{::Ci::Runner::STALE_TIMEOUT.inspect}. Only available if legacyMode is null. Will be a possible return value starting in 15.0.",
description: "Runner that has not contacted this instance within the last #{::Ci::Runner::STALE_TIMEOUT.inspect}.",
value: :stale
value 'NEVER_CONTACTED',

4
app/models/ci/runner.rb
View File

@ -60,7 +60,7 @@ module Ci
AVAILABLE_TYPES_LEGACY = %w[specific shared].freeze
AVAILABLE_TYPES = runner_types.keys.freeze
AVAILABLE_STATUSES = %w[active paused online offline never_contacted stale].freeze # TODO: Remove in %16.0: active, paused. Relevant issues: https://gitlab.com/gitlab-org/gitlab/-/issues/347303, https://gitlab.com/gitlab-org/gitlab/-/issues/344648
AVAILABLE_STATUSES = %w[active paused online offline never_contacted stale].freeze # TODO: Remove in %16.0: active, paused. Relevant issue: https://gitlab.com/gitlab-org/gitlab/-/issues/344648
AVAILABLE_SCOPES = (AVAILABLE_TYPES_LEGACY + AVAILABLE_TYPES + AVAILABLE_STATUSES).freeze
FORM_EDITABLE = %i[description tag_list active run_untagged locked access_level maximum_timeout_human_readable].freeze
@ -336,6 +336,8 @@ module Ci
# DEPRECATED
# TODO Remove in %16.0 in favor of `status` for REST calls, see https://gitlab.com/gitlab-org/gitlab/-/issues/344648
def deprecated_rest_status
return :stale if stale?
if contacted_at.nil?
:never_contacted
elsif active?

5
app/models/concerns/bulk_member_access_load.rb
View File

@ -12,6 +12,11 @@ module BulkMemberAccessLoad
end
end
def purge_resource_id_from_request_store(resource_klass, resource_id)
Gitlab::SafeRequestPurger.execute(resource_key: max_member_access_for_resource_key(resource_klass),
resource_ids: [resource_id])
end
def max_member_access_for_resource_key(klass)
"max_member_access_for_#{klass.name.underscore.pluralize}:#{self.class}:#{self.id}"
end

4
app/models/project_team.rb
View File

@ -193,6 +193,10 @@ class ProjectTeam
project.merge_value_to_request_store(User, user_id, project_access_level)
end
def purge_member_access_cache_for_user_id(user_id)
project.purge_resource_id_from_request_store(User, user_id)
end
def max_member_access(user_id)
max_member_access_for_user_ids([user_id])[user_id]
end

15
app/services/members/projects/creator_service.rb
View File

@ -6,16 +6,11 @@ module Members
private
def can_create_new_member?
# order is important here!
# The `admin_project_member` check has side-effects that causes projects not be created if this area is hit
# during project creation.
# Call that triggers is current_user.can?(:admin_project_member, member.project)
# I tracked back to base_policy.rb admin check and specifically in
# Gitlab::Auth::CurrentUserMode.new(@user).admin_mode? call.
# This calls user.admin? and that specific call causes issues with project creation in
# spec/requests/api/projects_spec.rb specs and others, mostly around project creation.
# https://gitlab.com/gitlab-org/gitlab/-/issues/358931 for investigation
adding_the_creator_as_owner_in_a_personal_project? || current_user.can?(:admin_project_member, member.project)
# This access check(`admin_project_member`) will write to safe request store cache for the user being added.
# This means any operations inside the same request will need to purge that safe request
# store cache if operations are needed to be done inside the same request that checks max member access again on
# that user.
current_user.can?(:admin_project_member, member.project) || adding_the_creator_as_owner_in_a_personal_project?
end
def can_update_existing_member?

7
app/services/projects/create_service.rb
View File

@ -161,6 +161,13 @@ module Projects
)
else
@project.add_owner(@project.namespace.owner, current_user: current_user)
# During the process of adding a project owner, a check on permissions is made on the user which caches
# the max member access for that user on this project.
# Since that is `0` before the member is created - and we are still inside the request
# cycle when we need to do other operations that might check those permissions (e.g. write a commit)
# we need to purge that cache so that the updated permissions is fetched instead of using the outdated cached value of 0
# from before member creation
@project.team.purge_member_access_cache_for_user_id(@project.namespace.owner.id)
end
end

8
config/initializers/active_record_lifecycle.rb
View File

@ -5,7 +5,9 @@
if defined?(ActiveRecord::Base) && !Gitlab::Runtime.sidekiq?
Gitlab::Cluster::LifecycleEvents.on_worker_start do
ActiveSupport.on_load(:active_record) do
ActiveRecord::Base.establish_connection # rubocop: disable Database/EstablishConnection
# rubocop:disable Database/MultipleDatabases
ActiveRecord::Base.establish_connection # rubocop:disable Database/EstablishConnection
# rubocop:enable Database/MultipleDatabases
Gitlab::AppLogger.debug("ActiveRecord connection established")
end
@ -18,8 +20,8 @@ if defined?(ActiveRecord::Base)
# the following is highly recommended for Rails + "preload_app true"
# as there's no need for the master process to hold a connection
ActiveRecord::Base.connection.disconnect!
ActiveRecord::Base.clear_all_connections! # rubocop:disable Database/MultipleDatabases
Gitlab::AppLogger.debug("ActiveRecord connection disconnected")
Gitlab::AppLogger.debug("ActiveRecord connections disconnected")
end
end

7
data/deprecations/14-6-runner_api_new_stale_status_breaking_change.yml → data/removals/15_0/15-0-runner_api_new_stale_status_breaking_change.yml
View File

@ -5,9 +5,12 @@
removal_date: "2022-05-22"
breaking_change: true
body: | # Do not modify this line, instead modify the lines below.
A breaking change will occur for the Runner [API](https://docs.gitlab.com/ee/api/runners.html#runners-api) endpoints in 15.0.
A breaking change was made to the Runner [API](https://docs.gitlab.com/ee/api/runners.html#runners-api) endpoints
in 15.0.
Instead of the GitLab Runner API endpoints returning `offline` and `not_connected` for runners that have not contacted the GitLab instance in the past three months, the API endpoints will return the `stale` value, which was introduced in 14.6.
Instead of the GitLab Runner API endpoints returning `offline` and `not_connected` for runners that have not
contacted the GitLab instance in the past three months, the API endpoints now return the `stale` value,
which was introduced in 14.6.
stage: Verify
tiers: [Core, Premium, Ultimate]
issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/347303

31
doc/administration/gitaly/praefect.md
View File

@ -1245,12 +1245,14 @@ workers from verifying the same replica concurrently. The worker releases the le
Praefect contains a background goroutine that releases stale leases every 10 seconds when workers are terminated for
some reason without releasing the lease.
The worker logs each of the metadata removals prior to executing them. For example:
The worker logs each of the metadata removals prior to executing them. The `perform_deletions` key
indicates whether the invalid metadata records are actually deleted or not. For example:
```json
{
"level": "info",
"msg": "removing metadata records of non-existent replicas",
"perform_deletions": false,
"replicas": {
"default": {
"@hashed/6b/86/6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b.git": [
@ -1261,15 +1263,15 @@ The worker logs each of the metadata removals prior to executing them. For examp
}
```
### Enable verification worker
### Configure the verification worker
The worker is disabled by default. It can be enabled by configuring the verification interval. The interval
accepts any valid [Go duration string](https://pkg.go.dev/time#ParseDuration).
The worker is enabled by default and verifies the metadata records every seven days. The verification
interval is configurable with any valid [Go duration string](https://pkg.go.dev/time#ParseDuration).
To enable the worker and verify replicas every 7 days:
To verify the metadata every three days:
```ruby
praefect['background_verification_verification_interval'] = '168h'
praefect['background_verification_verification_interval'] = '72h'
```
Values of 0 and below disable the background verifier.
@ -1278,6 +1280,23 @@ Values of 0 and below disable the background verifier.
praefect['background_verification_verification_interval'] = '0'
```
#### Enable deletions
WARNING:
Deletions are disabled by default due to a race condition with repository renames that can cause incorrect
deletions. This is especially prominent in Geo instances as Geo performs more renames than instances without Geo.
See [Handle repository creations, deletions and renames atomically](https://gitlab.com/gitlab-org/gitaly/-/merge_requests/4101)
for progress on a fix. We do not recommend enabling the deletions until this is fixed.
By default, the worker does not delete invalid metadata records but simply logs them and outputs Prometheus
metrics for them.
You can enable deleting invalid metadata records with:
```ruby
praefect['background_verification_delete_invalid_records'] = true
```
### Prioritize verification manually
You can prioritize verification of some replicas ahead of their next scheduled verification time.

4
doc/api/graphql/reference/index.md
View File

@ -17994,10 +17994,10 @@ Values for sorting runners.
| ----- | ----------- |
| <a id="cirunnerstatusactive"></a>`ACTIVE` **{warning-solid}** | **Deprecated** in 14.6. This was renamed. Use: [`CiRunner.paused`](#cirunnerpaused). |
| <a id="cirunnerstatusnever_contacted"></a>`NEVER_CONTACTED` | Runner that has never contacted this instance. |
| <a id="cirunnerstatusoffline"></a>`OFFLINE` **{warning-solid}** | **Deprecated** in 14.6. This field will have a slightly different scope starting in 15.0, with STALE being returned after a certain period offline. |
| <a id="cirunnerstatusoffline"></a>`OFFLINE` | Runner that has not contacted this instance within the last 2 hours. Will be considered `STALE` if offline for more than 3 months. |
| <a id="cirunnerstatusonline"></a>`ONLINE` | Runner that contacted this instance within the last 2 hours. |
| <a id="cirunnerstatuspaused"></a>`PAUSED` **{warning-solid}** | **Deprecated** in 14.6. This was renamed. Use: [`CiRunner.paused`](#cirunnerpaused). |
| <a id="cirunnerstatusstale"></a>`STALE` | Runner that has not contacted this instance within the last 3 months. Only available if legacyMode is null. Will be a possible return value starting in 15.0. |
| <a id="cirunnerstatusstale"></a>`STALE` | Runner that has not contacted this instance within the last 3 months. |
### `CiRunnerType`

17
doc/update/deprecations.md
View File

@ -1433,23 +1433,6 @@ The `merged_by` field in the [merge request API](https://docs.gitlab.com/ee/api/
<div class="deprecation removal-150 breaking-change">
### API: `stale` status returned instead of `offline` or `not_connected`
WARNING:
This feature will be changed or removed in 15.0
as a [breaking change](https://docs.gitlab.com/ee/development/contributing/#breaking-changes).
Before updating GitLab, review the details carefully to determine if you need to make any
changes to your code, settings, or workflow.
A breaking change will occur for the Runner [API](https://docs.gitlab.com/ee/api/runners.html#runners-api) endpoints in 15.0.
Instead of the GitLab Runner API endpoints returning `offline` and `not_connected` for runners that have not contacted the GitLab instance in the past three months, the API endpoints will return the `stale` value, which was introduced in 14.6.
**Planned removal milestone: <span class="removal-milestone">15.0</span> (2022-05-22)**
</div>
<div class="deprecation removal-150 breaking-change">
### CI/CD job name length limit
WARNING:

15
doc/update/removals.md
View File

@ -30,6 +30,21 @@ For removal reviewers (Technical Writers only):
## 15.0
### API: `stale` status returned instead of `offline` or `not_connected`
WARNING:
This feature was changed or removed in 15.0
as a [breaking change](https://docs.gitlab.com/ee/development/contributing/#breaking-changes).
Before updating GitLab, review the details carefully to determine if you need to make any
changes to your code, settings, or workflow.
A breaking change was made to the Runner [API](https://docs.gitlab.com/ee/api/runners.html#runners-api) endpoints
in 15.0.
Instead of the GitLab Runner API endpoints returning `offline` and `not_connected` for runners that have not
contacted the GitLab instance in the past three months, the API endpoints now return the `stale` value,
which was introduced in 14.6.
### Background upload for object storage
WARNING:

2
doc/user/application_security/vulnerabilities/index.md
View File

@ -42,7 +42,7 @@ A vulnerability's status can be one of the following:
| Dismissed | A user has seen this vulnerability and dismissed it because it is not accurate or otherwise not to be resolved. |
| Resolved | The vulnerability has been fixed or is no longer present. |
Dismissed vulnerabilities are ignored if detected in subsequent scans. Resolved vulnerabilities that are reintroduced and detected by subsequent scans have a _new_ vulnerability record created. When an existing vulnerability is no longer detected in a project's `default` branch, you should change its status to Resolved. This ensures that if it is accidentally reintroduced in a future merge, it will be visible again as a new record. You can use the [Activity filter](../vulnerability_report/#activity-filter) to select all vulnerabilities that are no longer detected, and [change their status](../vulnerability_report#change-status-of-multiple-vulnerabilities).
Dismissed vulnerabilities are ignored if detected in subsequent scans. Resolved vulnerabilities that are reintroduced and detected by subsequent scans have a _new_ vulnerability record created. When an existing vulnerability is no longer detected in a project's `default` branch, you should change its status to Resolved. This ensures that if it is accidentally reintroduced in a future merge, it will be visible again as a new record. You can use the [Activity filter](../vulnerability_report/#activity-filter) to select all vulnerabilities that are no longer detected, and [change their status](../vulnerability_report#change-status-of-vulnerabilities).
## Change vulnerability status

87
doc/user/application_security/vulnerability_report/index.md
View File

@ -34,13 +34,18 @@ in that row:
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/6165) in GitLab 11.1.
The project-level Vulnerability Report also contains:
At the project level, the Vulnerability Report also contains:
- A time stamp showing when it was updated, including a link to the latest pipeline.
- The number of failures that occurred in the most recent pipeline. Select the failure
notification to view the **Failed jobs** tab of the pipeline's page.
To access the report, navigate to **Security & Compliance > Vulnerability Report**.
### View the project-level vulnerability report
To view the project-level vulnerability report:
1. On the top bar, select **Menu > Projects** and find your project.
1. On the left sidebar, select **Security & Compliance > Vulnerability report**.
## Vulnerability Report actions
@ -56,17 +61,22 @@ From the Vulnerability Report you can:
## Vulnerability Report filters
You can filter the vulnerabilities table by:
You can filter the Vulnerability Report to narrow focus on only vulnerabilities matching specific
criteria.
The available filters are:
<!-- vale gitlab.SubstitutionWarning = NO -->
| Filter | Available options |
|:---------|:------------------|
| Status | Detected, Confirmed, Dismissed, Resolved. |
| Severity | Critical, High, Medium, Low, Info, Unknown. |
| Tool | For more details, see [Tool filter](#tool-filter). |
| Project | For more details, see [Project filter](#project-filter). |
| Activity | For more details, see [Activity filter](#activity-filter). |
- **Status**: Detected, Confirmed, Dismissed, Resolved.
- **Severity**: Critical, High, Medium, Low, Info, Unknown.
- **Tool**: For more details, see [Tool filter](#tool-filter).
- **Project**: For more details, see [Project filter](#project-filter).
- **Activity**: For more details, see [Activity filter](#activity-filter).
The filters' criteria are combined to show only vulnerabilities matching all criteria.
An exception to this behavior is the Activity filter. For more details about how it works, see
[Activity filter](#activity-filter).
<!-- vale gitlab.SubstitutionWarning = YES -->
@ -75,7 +85,7 @@ You can filter the vulnerabilities table by:
To filter the list of vulnerabilities:
1. Select a filter.
1. Select values from the dropdown.
1. Select values from the dropdown list.
1. Repeat the above steps for each desired filter.
After each filter is selected:
@ -83,11 +93,9 @@ After each filter is selected:
- The list of matching vulnerabilities is updated.
- The vulnerability severity totals are updated.
The filters' criteria are combined to show only vulnerabilities matching all criteria.
An exception to this behavior is the Activity filter. For more details about how it works, see
[Activity filter](#activity-filter).
### Tool filter
## Tool filter
> The third-party tool filter was [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/229661) in GitLab 13.12.
The tool filter allows you to focus on vulnerabilities detected by selected tools.
@ -95,7 +103,7 @@ When using the tool filter, you can choose:
- **All tools** (default).
- Individual GitLab-provided tools.
- Any integrated 3rd-party tool. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/229661) in GitLab 13.12.
- Any integrated third-party tool.
For details of each of the available tools, see [Security scanning tools](../index.md#security-scanning-tools).
@ -103,11 +111,9 @@ For details of each of the available tools, see [Security scanning tools](../ind
The content of the Project filter depends on the current level:
| Level | Content of the Project filter |
|:---------------|:------------------------------|
| Security Center | Only projects you've [added to your personal Security Center](../security_dashboard/index.md#add-projects-to-the-security-center). |
| Group level | All projects in the group. |
| Project level | Not applicable. |
- **Security Center**: Only projects you've [added to your personal Security Center](../security_dashboard/index.md#add-projects-to-the-security-center).
- **Group level**: All projects in the group.
- **Project level**: Not applicable.
### Activity filter
@ -119,13 +125,11 @@ all options can be selected in combination.
Selection behavior when using the Activity filter:
| Activity selection | Results displayed |
|:------------------------------------|:------------------|
| All | Vulnerabilities with any Activity status (same as ignoring this filter). Selecting this deselects any other Activity filter options. |
| No activity | Only vulnerabilities without either an associated Issue or that are no longer detected. Selecting this deselects any other Activity filter options. |
| With issues | Only vulnerabilities with one or more associated issues. Does not include vulnerabilities that also are no longer detected. |
| No longer detected | Only vulnerabilities that are no longer detected in the latest pipeline scan of the `default` branch. Does not include vulnerabilities with one or more associated issues. |
| With issues and No longer detected | Only vulnerabilities that have one or more associated issues and also are no longer detected in the latest pipeline scan of the `default` branch. |
- **All**: Vulnerabilities with any Activity status (same as ignoring this filter). Selecting this deselects any other Activity filter options.
- **No activity**: Only vulnerabilities without either an associated issue or that are no longer detected. Selecting this deselects any other Activity filter options.
- **With issues**: Only vulnerabilities with one or more associated issues. Does not include vulnerabilities that also are no longer detected.
- **No longer detected**: Only vulnerabilities that are no longer detected in the latest pipeline scan of the `default` branch. Does not include vulnerabilities with one or more associated issues.
- **With issues** and **No longer detected**: Only vulnerabilities that have one or more associated issues and also are no longer detected in the latest pipeline scan of the `default` branch.
## View details of a vulnerability
@ -155,23 +159,32 @@ If Jira issue support is enabled, the issue link found in the Activity entry lin
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/292636) in GitLab 13.10, all statuses became selectable.
From the Vulnerability Report you can change the status of one or more vulnerabilities.
To change the status of vulnerabilities in the table:
1. Select the checkbox for each vulnerability you want to update the status of.
1. In the dropdown that appears select the desired status, then select **Change status**.
1. Select the checkbox beside each vulnerability you want to update the status of. To select all,
select the checkbox in the table header.
1. In the **Set status** dropdown list, select the desired status.
1. Select **Change status**.
![Project Vulnerability Report](img/project_security_dashboard_status_change_v14_2.png)
### Change status of multiple vulnerabilities
## Dismissing a vulnerability
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/35816) in GitLab 12.9.
When you evaluate a vulnerability and decide it requires no more action, you can mark it
as **Dismissed**. Dismissed vulnerabilities don't appear in the merge request security widget
when detected in future scans.
You can change the status of multiple vulnerabilities at once:
When a vulnerability is dismissed, a record is made of:
1. In the list of vulnerabilities, select the checkbox for each vulnerability you want to update.
To select all, select the checkbox in the table header.
1. Above the table, select a new status.
1. Click **Change status** to save.
- Who dismissed it.
- Date and time when it was dismissed.
- Optionally, a reason why it was dismissed.
Vulnerability records cannot be deleted, so a permanent record always remains.
If a vulnerability is dismissed in error, reverse the dismissal by changing its status.
## Export vulnerability details

37
lib/gitlab/safe_request_purger.rb Normal file
View File

@ -0,0 +1,37 @@
# frozen_string_literal: true
module Gitlab
class SafeRequestPurger
def self.execute(args)
new(**args).execute
end
def initialize(resource_key:, resource_ids:)
@resource_key = resource_key
@resource_ids = resource_ids.uniq
@resource_data = {}
end
def execute
load_resource_data
purge_resource_ids
write_resource_data_to_store
end
private
attr_reader :resource_key, :resource_ids, :resource_data
def load_resource_data
@resource_data = Gitlab::SafeRequestStore.fetch(resource_key) { resource_data }
end
def purge_resource_ids
@resource_data.delete_if { |id| resource_ids.include?(id) }
end
def write_resource_data_to_store
Gitlab::SafeRequestStore.write(resource_key, resource_data)
end
end
end

6
spec/frontend/projects/settings_service_desk/components/service_desk_setting_spec.js
View File

@ -165,8 +165,12 @@ describe('ServiceDeskSetting', () => {
describe('save button', () => {
it('renders a save button to save a template', () => {
wrapper = createComponent();
const saveButton = findButton();
expect(findButton().text()).toContain('Save changes');
expect(saveButton.text()).toContain('Save changes');
expect(saveButton.props()).toMatchObject({
variant: 'confirm',
});
});
it('emits a save event with the chosen template when the save button is clicked', async () => {

73
spec/lib/gitlab/safe_request_purger_spec.rb Normal file
View File

@ -0,0 +1,73 @@
# frozen_string_literal: true
require 'spec_helper'
RSpec.describe Gitlab::SafeRequestPurger do
let(:resource_key) { '_key_' }
let(:resource_ids) { ['foo'] }
let(:args) { { resource_key: resource_key, resource_ids: resource_ids } }
let(:resource_data) { { 'foo' => 'bar' } }
before do
Gitlab::SafeRequestStore[resource_key] = resource_data
end
describe '.execute', :request_store do
subject(:execute_instance) { described_class.execute(**args) }
it 'purges an entry from the store' do
execute_instance
expect(Gitlab::SafeRequestStore.fetch(resource_key)).to be_empty
end
end
describe '#execute' do
subject(:execute_instance) { described_class.new(**args).execute }
context 'when request store is active', :request_store do
it 'purges an entry from the store' do
execute_instance
expect(Gitlab::SafeRequestStore.fetch(resource_key)).to be_empty
end
context 'when there are multiple resource_ids to purge' do
let(:resource_data) do
{
'foo' => 'bar',
'two' => '_two_',
'three' => '_three_',
'four' => '_four_'
}
end
let(:resource_ids) { %w[two three] }
it 'purges an entry from the store' do
execute_instance
expect(Gitlab::SafeRequestStore.fetch(resource_key)).to eq resource_data.slice('foo', 'four')
end
end
context 'when there is no matching resource_ids' do
let(:resource_ids) { ['_bogus_resource_id_'] }
it 'purges an entry from the store' do
execute_instance
expect(Gitlab::SafeRequestStore.fetch(resource_key)).to eq resource_data
end
end
end
context 'when request store is not active' do
let(:resource_ids) { ['_bogus_resource_id_'] }
it 'does offer the ability to interact with data store' do
expect(execute_instance).to eq({})
end
end
end
end

9
spec/models/ci/runner_spec.rb
View File

@ -838,7 +838,7 @@ RSpec.describe Ci::Runner do
context 'with legacy_mode enabled' do
let(:legacy_mode) { '14.5' }
it { is_expected.to eq(:never_contacted) }
it { is_expected.to eq(:stale) }
end
context 'with legacy_mode disabled' do
@ -895,7 +895,7 @@ RSpec.describe Ci::Runner do
context 'with legacy_mode enabled' do
let(:legacy_mode) { '14.5' }
it { is_expected.to eq(:offline) }
it { is_expected.to eq(:stale) }
end
context 'with legacy_mode disabled' do
@ -905,7 +905,7 @@ RSpec.describe Ci::Runner do
end
describe '#deprecated_rest_status' do
let(:runner) { build(:ci_runner, :instance, contacted_at: 1.second.ago) }
let(:runner) { create(:ci_runner, :instance, contacted_at: 1.second.ago) }
subject { runner.deprecated_rest_status }
@ -927,10 +927,11 @@ RSpec.describe Ci::Runner do
context 'contacted long time ago' do
before do
runner.created_at = 1.year.ago
runner.contacted_at = 1.year.ago
end
it { is_expected.to eq(:offline) }
it { is_expected.to eq(:stale) }
end
context 'inactive' do

16
spec/models/project_team_spec.rb
View File

@ -410,6 +410,22 @@ RSpec.describe ProjectTeam do
end
end
describe '#purge_member_access_cache_for_user_id', :request_store do
let(:project) { create(:project) }
let(:user_id) { 1 }
let(:resource_data) { { user_id => 50, 42 => 50 } }
before do
Gitlab::SafeRequestStore[project.max_member_access_for_resource_key(User)] = resource_data
end
it 'removes cached max access for user from store' do
project.team.purge_member_access_cache_for_user_id(user_id)
expect(Gitlab::SafeRequestStore[project.max_member_access_for_resource_key(User)]).to eq({ 42 => 50 })
end
end
describe '#member?' do
let(:group) { create(:group) }
let(:developer) { create(:user) }

4
spec/requests/api/graphql/ci/runner_spec.rb
View File

@ -237,8 +237,8 @@ RSpec.describe 'Query.runner(id)' do
stale_runner_data = graphql_data_at(:stale_runner)
expect(stale_runner_data).to match a_hash_including(
'status' => 'NEVER_CONTACTED',
'legacyStatusWithExplicitVersion' => 'NEVER_CONTACTED',
'status' => 'STALE',
'legacyStatusWithExplicitVersion' => 'STALE',
'newStatus' => 'STALE'
)

2
spec/services/projects/create_service_spec.rb
View File

@ -824,7 +824,7 @@ RSpec.describe Projects::CreateService, '#execute' do
it 'saves the project when the user has access to the label' do
expect(::Gitlab::ExternalAuthorization)
.to receive(:access_allowed?).with(user, 'new-label', any_args) { true }
.to receive(:access_allowed?).with(user, 'new-label', any_args) { true }.at_least(1).time
project = create_project(user, opts.merge({ external_authorization_classification_label: 'new-label' }))