Add latest changes from gitlab-org/gitlab@16-3-stable-ee

2023-09-11 20:29:05 +00:00 · 2023-09-11 20:29:05 +00:00 · 5cc6a88396
parent c92e9b9e7d
commit 5cc6a88396
7 changed files with 75 additions and 1 deletions
--- a/db/migrate/20230823160533_update_package_metadata_sync_setting.rb
+++ b/db/migrate/20230823160533_update_package_metadata_sync_setting.rb
@ -0,0 +1,25 @@
+# frozen_string_literal: true
+
+class UpdatePackageMetadataSyncSetting < Gitlab::Database::Migration[2.1]
+  restrict_gitlab_migration gitlab_schema: :gitlab_main
+
+  class ApplicationSetting < MigrationRecord
+  end
+
+  FULLY_ENABLED_SYNC = [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12].freeze
+
+  def up
+    application_setting = ApplicationSetting.last
+    return unless application_setting
+
+    # Check if the setting still has a default value and it wasn't updated manually by the admin
+    return unless application_setting.package_metadata_purl_types == []
+
+    # Update setting to enable all package types to sync
+    application_setting.update(package_metadata_purl_types: FULLY_ENABLED_SYNC)
+  end
+
+  def down
+    # no op
+  end
+end
--- a/db/migrate/20230830101525_update_default_value_pm.rb
+++ b/db/migrate/20230830101525_update_default_value_pm.rb
@ -0,0 +1,11 @@
+# frozen_string_literal: true
+
+class UpdateDefaultValuePm < Gitlab::Database::Migration[2.1]
+  disable_ddl_transaction!
+
+  FULLY_ENABLED_SYNC = [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12].freeze
+
+  def change
+    change_column_default :application_settings, :package_metadata_purl_types, from: [], to: FULLY_ENABLED_SYNC
+  end
+end
--- a/db/schema_migrations/20230823160533
+++ b/db/schema_migrations/20230823160533
@ -0,0 +1 @@
+1583a9581ec2905781f4a5bb7715c7da784d6772eb6b6d8ecb05cad53f13b8c9
--- a/db/schema_migrations/20230830101525
+++ b/db/schema_migrations/20230830101525
@ -0,0 +1 @@
+02b0d2f9133db9378d2511144c4cff91a5d2ea9dce30eed371122dec342d547b
--- a/db/structure.sql
+++ b/db/structure.sql
@ -11898,7 +11898,7 @@ CREATE TABLE application_settings (
    encrypted_product_analytics_configurator_connection_string bytea,
    encrypted_product_analytics_configurator_connection_string_iv bytea,
    silent_mode_enabled boolean DEFAULT false NOT NULL,
-    package_metadata_purl_types smallint[] DEFAULT '{}'::smallint[],
+    package_metadata_purl_types smallint[] DEFAULT '{1,2,3,4,5,6,7,8,9,10,11,12}'::smallint[],
    ci_max_includes integer DEFAULT 150 NOT NULL,
    remember_me_enabled boolean DEFAULT true NOT NULL,
    encrypted_anthropic_api_key bytea,
--- a/doc/api/settings.md
+++ b/doc/api/settings.md
@ -486,6 +486,7 @@ listed in the descriptions of the relevant settings.
 | `pypi_package_requests_forwarding` **(PREMIUM)**  | boolean | no                                   | Use pypi.org as a default remote repository when the package is not found in the GitLab Package Registry for PyPI. |
 | `outbound_local_requests_whitelist`      | array of strings | no                                   | Define a list of trusted domains or IP addresses to which local requests are allowed when local requests for webhooks and integrations are disabled.
 | `package_registry_allow_anyone_to_pull_option` | boolean    | no                                   | Enable to [allow anyone to pull from Package Registry](../user/packages/package_registry/index.md#allow-anyone-to-pull-from-package-registry) visible and changeable.
+| `package_metadata_purl_types` **(ULTIMATE SELF)** | array of integers | no                         | List of [package registry metadata to sync](../administration/settings/security_and_compliance.md#choose-package-registry-metadata-to-sync). See [the list](https://gitlab.com/gitlab-org/gitlab/-/blob/master/app/models/concerns/enums/package_metadata.rb#L5) of the available values.
 | `pages_domain_verification_enabled`       | boolean         | no                                   | Require users to prove ownership of custom domains. Domain verification is an essential security measure for public GitLab sites. Users are required to demonstrate they control a domain before it is enabled. |
 | `password_authentication_enabled_for_git` | boolean         | no                                   | Enable authentication for Git over HTTP(S) via a GitLab account password. Default is `true`. |
 | `password_authentication_enabled_for_web` | boolean         | no                                   | Enable authentication for the web interface via a GitLab account password. Default is `true`. |
--- a/spec/migrations/db/migrate/20230823160533_update_package_metadata_sync_setting_spec.rb
+++ b/spec/migrations/db/migrate/20230823160533_update_package_metadata_sync_setting_spec.rb
@ -0,0 +1,35 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+require_migration!
+
+RSpec.describe UpdatePackageMetadataSyncSetting, feature_category: :software_composition_analysis do
+  let(:settings) { table(:application_settings) }
+  let(:fully_enabled_sync_setting) { [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12] }
+
+  describe "#up" do
+    context 'with default value' do
+      let(:fully_disabled_sync) { [] }
+
+      it 'updates setting' do
+        settings.create!(package_metadata_purl_types: fully_disabled_sync)
+
+        migrate!
+
+        expect(ApplicationSetting.last.package_metadata_purl_types).to eq(fully_enabled_sync_setting)
+      end
+    end
+
+    context 'with custom value' do
+      let(:partially_enabled_sync) { [1, 2, 3, 4, 5] }
+
+      it 'does not change setting' do
+        settings.create!(package_metadata_purl_types: partially_enabled_sync)
+
+        migrate!
+
+        expect(ApplicationSetting.last.package_metadata_purl_types).to eq(partially_enabled_sync)
+      end
+    end
+  end
+end
				`@ -0,0 +1 @@`
				`1583a9581ec2905781f4a5bb7715c7da784d6772eb6b6d8ecb05cad53f13b8c9`
				`@ -0,0 +1 @@`
				`02b0d2f9133db9378d2511144c4cff91a5d2ea9dce30eed371122dec342d547b`