root
/
gitlab-ce
mirror of https://gitlab.com/free-releases/gitlab-ce.git
1
0
Fork 0
Code Issues Actions Packages Projects Releases Wiki Activity

Add latest changes from gitlab-org/gitlab@master

This commit is contained in:
GitLab Bot 2025-02-24 15:12:01 +00:00
parent 39bf89a7ee
commit 668334016b
41 changed files with 414 additions and 234 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
app/assets/javascripts/admin/application_settings/runner_token_expiration/components/chronic_duration_input.vue
View File

@ -17,6 +17,11 @@ export default {
event: 'change',
},
props: {
id: {
type: String,
required: false,
default: null,
},
value: {
type: Number,
required: false,
@ -127,7 +132,7 @@ export default {
</script>
<template>
<div>
<gl-form-input ref="text" v-bind="$attrs" v-model="humanReadableValue" />
<gl-form-input :id="id" ref="text" v-bind="$attrs" v-model="humanReadableValue" />
<input ref="hidden" type="hidden" :name="name" :value="numberValue" />
</div>
</template>

6
app/assets/javascripts/admin/application_settings/runner_token_expiration/components/expiration_intervals.vue
View File

@ -76,6 +76,7 @@ export default {
<div>
<gl-form-group
:label="$options.i18n.instanceRunnerTitle"
label-for="group_runner_token_expiration_interval"
:invalid-feedback="perInput.instance.feedback"
:state="perInput.instance.valid"
>
@ -83,6 +84,7 @@ export default {
<expiration-interval-description :message="$options.i18n.instanceRunnerDescription" />
</template>
<chronic-duration-input
id="group_runner_token_expiration_interval"
v-model="perInput.instance.value"
name="application_setting[runner_token_expiration_interval]"
:state="perInput.instance.valid"
@ -91,6 +93,7 @@ export default {
</gl-form-group>
<gl-form-group
:label="$options.i18n.groupRunnerTitle"
label-for="group_runners_expiration"
:invalid-feedback="perInput.group.feedback"
:state="perInput.group.valid"
>
@ -98,6 +101,7 @@ export default {
<expiration-interval-description :message="$options.i18n.groupRunnerDescription" />
</template>
<chronic-duration-input
id="group_runners_expiration"
v-model="perInput.group.value"
name="application_setting[group_runner_token_expiration_interval]"
:state="perInput.group.valid"
@ -106,6 +110,7 @@ export default {
</gl-form-group>
<gl-form-group
:label="$options.i18n.projectRunnerTitle"
label-for="project_runners_expiration"
:invalid-feedback="perInput.project.feedback"
:state="perInput.project.valid"
>
@ -113,6 +118,7 @@ export default {
<expiration-interval-description :message="$options.i18n.projectRunnerDescription" />
</template>
<chronic-duration-input
id="project_runners_expiration"
v-model="perInput.project.value"
name="application_setting[project_runner_token_expiration_interval]"
:state="perInput.project.valid"

10
app/assets/javascripts/boards/components/project_select.vue
View File

@ -137,9 +137,12 @@ export default {
<template>
<div>
<label class="gl-mt-3 gl-font-bold" data-testid="header-label">{{
$options.i18n.headerTitle
}}</label>
<label
id="project-select-listbox-label"
class="gl-mt-3 gl-font-bold"
data-testid="header-label"
>{{ $options.i18n.headerTitle }}</label
>
<gl-collapsible-listbox
v-model="selectedProjectId"
block
@ -149,6 +152,7 @@ export default {
:items="activeGroupProjects"
:toggle-text="selectedProjectName"
:header-text="$options.i18n.headerTitle"
toggle-aria-labelled-by="project-select-listbox-label"
:loading="initialLoading"
:searching="isLoading"
:search-placeholder="$options.i18n.searchPlaceholder"

1
app/helpers/application_settings_helper.rb
View File

@ -480,6 +480,7 @@ module ApplicationSettingsHelper
:snowplow_cookie_domain,
:snowplow_database_collector_hostname,
:snowplow_enabled,
:product_usage_data_enabled,
:snowplow_app_id,
:push_event_hooks_limit,
:push_event_activities_limit,

3
app/models/application_setting.rb
View File

@ -702,7 +702,8 @@ class ApplicationSetting < ApplicationRecord
users_api_limit_gpg_key: [:integer, { default: 120 }]
jsonb_accessor :service_ping_settings,
gitlab_environment_toolkit_instance: [:boolean, { default: false }]
gitlab_environment_toolkit_instance: [:boolean, { default: false }],
product_usage_data_enabled: [:boolean, { default: false }]
jsonb_accessor :rate_limits_unauthenticated_git_http,
throttle_unauthenticated_git_http_enabled: [:boolean, { default: false }],

1
app/models/application_setting_implementation.rb
View File

@ -151,6 +151,7 @@ module ApplicationSettingImplementation
personal_access_token_prefix: 'glpat-',
plantuml_enabled: false,
plantuml_url: nil,
product_usage_data_enabled: true, # TODO : this setting should come from instance instalation, see https://gitlab.com/gitlab-org/omnibus-gitlab/-/issues/8897
diagramsnet_enabled: true,
diagramsnet_url: 'https://embed.diagrams.net',
polling_interval_multiplier: 1,

25
app/models/hooks/no_sti_system_hook.rb
View File

@ -1,25 +0,0 @@
# frozen_string_literal: true
class NoStiSystemHook < SystemHook # rubocop:disable Gitlab/BoundedContexts, Gitlab/NamespacedClass -- Copied from SystemHook
self.table_name = "system_hooks"
undef :web_hook_logs
attr_encrypted :token,
mode: :per_attribute_iv,
algorithm: 'aes-256-gcm',
key: Settings.attr_encrypted_db_key_base_32,
encode: false,
encode_iv: false
attr_encrypted :url,
mode: :per_attribute_iv,
algorithm: 'aes-256-gcm',
key: Settings.attr_encrypted_db_key_base_32,
encode: false,
encode_iv: false
def decrypt_url_was
self.class.decrypt_url(encrypted_url_was, iv: encrypted_url_iv_was)
end
end

3
app/models/hooks/system_hook.rb
View File

@ -1,8 +1,5 @@
# frozen_string_literal: true
# This model is being migrated to the NoStiSystemHook model temporarily.
# Please ensure all changes here are reflected in the new model.
# More info here: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/175729
class SystemHook < WebHook
extend ::Gitlab::Utils::Override
include TriggerableHooks

22
app/models/merge_request_diff_commit.rb
View File

@ -133,7 +133,29 @@ class MergeRequestDiffCommit < ApplicationRecord
committer&.email
end
def message
Gitlab::AppLogger.info(
event: 'mrdc_message_method',
message: "mrdc#message called via #{caller_locations(2, 1).first.path}"
)
if ::Feature.enabled?(:disable_message_attribute_on_mr_diff_commits, project)
""
else
read_attribute("message")
end
end
def to_hash
super.merge({ 'id' => sha })
end
private
# As of %17.10, we still don't have `project_id` on merge_request_diff_commit
# records. Until we do, we have to fetch it from merge_request_diff.
#
def project
@_project ||= merge_request_diff.project
end
end

4
app/validators/json_schemas/application_setting_service_ping_settings.json
View File

@ -7,6 +7,10 @@
"gitlab_environment_toolkit_instance": {
"type": "boolean",
"description": "Indicates whether the instance was provisioned with the GitLab Environment Toolkit for Service Ping reporting."
},
"product_usage_data_enabled": {
"type": "boolean",
"description": "Indicates whether the instance was provisioned with product usage data tracking."
}
}
}

13
app/views/admin/application_settings/_product_usage_data.html.haml Normal file
View File

@ -0,0 +1,13 @@
= gitlab_ui_form_for @application_setting, url: metrics_and_profiling_admin_application_settings_path(anchor: 'js-product-usage-data-settings'), html: { class: 'fieldset-form' } do |f|
= form_errors(@application_setting)
%fieldset
.form-group
- label = s_('AdminSettings|Enable product usage tracking')
= f.gitlab_ui_checkbox_component :product_usage_data_enabled?, '%{label}'.html_safe % { label: label },
checkbox_options: { id: 'application_setting_product_usage_data_enabled' },
label_options: { id: 'service_ping_features_label' }
= f.submit _('Save changes'), pajamas_button: true

10
app/views/admin/application_settings/metrics_and_profiling.html.haml
View File

@ -42,6 +42,16 @@
- c.with_body do
= render 'usage'
- if Feature.enabled?(:product_usage_data, :instance)
= render ::Layouts::SettingsBlockComponent.new(_('Product usage data tracking'),
id: 'js-product-usage-data-settings',
testid: 'product-usage-data-settings-content',
expanded: expanded_by_default?) do |c|
- c.with_description do
= _('Control whether events are sent to GitLab.')
- c.with_body do
= render 'product_usage_data'
= render ::Layouts::SettingsBlockComponent.new(_('Sentry'),
id: 'js-sentry-settings',
expanded: expanded_by_default?) do |c|

7
config/feature_flags/development/product_usage_data.yml Normal file
View File

@ -0,0 +1,7 @@
name: product_usage_data
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/179666
rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/515960
milestone: '17.10'
type: development
group: group::analytics instrumentation
default_enabled: false

9
config/feature_flags/gitlab_com_derisk/disable_message_attribute_on_mr_diff_commits.yml Normal file
View File

@ -0,0 +1,9 @@
---
name: disable_message_attribute_on_mr_diff_commits
feature_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/520302
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/182039
rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/520384
milestone: '17.10'
group: group::source code
type: gitlab_com_derisk
default_enabled: false

2
db/docs/system_hooks.yml → db/docs/deleted_tables/system_hooks.yml
View File

@ -8,3 +8,5 @@ description: Webhooks data for system hooks. NoStiSystemHook is a temporary mode
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/175729
milestone: '17.9'
gitlab_schema: gitlab_main_clusterwide
removed_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/182115
removed_in_milestone: '17.10'

14
db/docs/organization_cluster_agent_mappings.yml Normal file
View File

@ -0,0 +1,14 @@
---
table_name: organization_cluster_agent_mappings
classes:
- RemoteDevelopment::OrganizationClusterAgentMapping
feature_categories:
- workspaces
description: This table records associations between Organizations and Cluster Agents
as a part of supporting organization-cluster agent association in the context of Workspaces
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/179604
milestone: '17.9'
gitlab_schema: gitlab_main_cell
sharding_key:
organization_id: organizations
table_size: small

36
db/migrate/20250130123120_add_organization_cluster_agent_mappings_table.rb Normal file
View File

@ -0,0 +1,36 @@
# frozen_string_literal: true
# See https://docs.gitlab.com/ee/development/migration_style_guide.html
# for more information on how to write migrations for GitLab.
class AddOrganizationClusterAgentMappingsTable < Gitlab::Database::Migration[2.2]
disable_ddl_transaction!
milestone '17.9'
TABLE_NAME = :organization_cluster_agent_mappings
UNIQUE_CLUSTER_AGENT_ID_INDEX_NAME = "i_organization_cluster_agent_mappings_unique_cluster_agent_id"
CREATOR_ID_INDEX_NAME = "i_organization_cluster_agent_mappings_on_creator_id"
ORGANIZATION_ID_INDEX_NAME = "i_organization_cluster_agent_mappings_on_organization_id"
def up
create_table TABLE_NAME, if_not_exists: true do |t|
t.bigint :organization_id, null: false
t.bigint :cluster_agent_id, null: false
t.bigint :creator_id, null: true
t.timestamps_with_timezone null: false
end
add_concurrent_index TABLE_NAME, :cluster_agent_id,
unique: true, name: UNIQUE_CLUSTER_AGENT_ID_INDEX_NAME
add_concurrent_index TABLE_NAME, :creator_id, name: CREATOR_ID_INDEX_NAME
add_concurrent_index TABLE_NAME, :organization_id, name: ORGANIZATION_ID_INDEX_NAME
add_concurrent_foreign_key TABLE_NAME, :cluster_agents, column: :cluster_agent_id, on_delete: :cascade
add_concurrent_foreign_key TABLE_NAME, :organizations, column: :organization_id, on_delete: :cascade
add_concurrent_foreign_key TABLE_NAME, :users, column: :creator_id, on_delete: :nullify
end
def down
drop_table TABLE_NAME
end
end

21
db/migrate/20250219073512_add_connection_id_to_ai_active_context_collections.rb Normal file
View File

@ -0,0 +1,21 @@
# frozen_string_literal: true
class AddConnectionIdToAiActiveContextCollections < Gitlab::Database::Migration[2.2]
milestone '17.10'
disable_ddl_transaction!
def up
# drop records before adding new column
truncate_tables!('ai_active_context_collections')
add_column :ai_active_context_collections, :connection_id, :bigint, null: false, if_not_exists: true # rubocop:disable Rails/NotNullColumn -- table is empty
add_concurrent_foreign_key :ai_active_context_collections, :ai_active_context_connections, column: :connection_id,
on_delete: :cascade
end
def down
with_lock_retries do
remove_column :ai_active_context_collections, :connection_id, if_exists: true
end
end
end

43
db/post_migrate/20250220120955_drop_system_hooks_table.rb Normal file
View File

@ -0,0 +1,43 @@
# frozen_string_literal: true
class DropSystemHooksTable < Gitlab::Database::Migration[2.2]
milestone '17.10'
TABLE_NAME = :system_hooks
def up
drop_table TABLE_NAME
end
def down
create_table TABLE_NAME do |t|
t.timestamps null: true # rubocop:disable Migration/Timestamps -- Needs to match web_hooks table
t.datetime_with_timezone :disabled_until
t.integer :recent_failures, limit: 2, default: 0, null: false
t.integer :backoff_count, limit: 2, default: 0, null: false
t.integer :branch_filter_strategy, limit: 2, default: 0, null: false
t.boolean :push_events, default: true, null: false
t.boolean :merge_requests_events, default: false, null: false
t.boolean :tag_push_events, default: false
t.boolean :enable_ssl_verification, default: true
t.boolean :repository_update_events, default: false, null: false
t.text :push_events_branch_filter, limit: 5000
t.text :name, limit: 255
t.text :description, limit: 2048
t.text :custom_webhook_template, limit: 4096
t.binary :encrypted_token
t.binary :encrypted_token_iv
t.binary :encrypted_url
t.binary :encrypted_url_iv
t.binary :encrypted_url_variables
t.binary :encrypted_url_variables_iv
t.binary :encrypted_custom_headers
t.binary :encrypted_custom_headers_iv
end
end
end

16
db/post_migrate/20250221113152_index_ai_active_context_collections_on_name.rb Normal file
View File

@ -0,0 +1,16 @@
# frozen_string_literal: true
class IndexAiActiveContextCollectionsOnName < Gitlab::Database::Migration[2.2]
INDEX_NAME = 'uniq_idx_ai_active_context_collections_on_connection_id_name'
milestone '17.10'
disable_ddl_transaction!
def up
add_concurrent_index :ai_active_context_collections, [:connection_id, :name], unique: true, name: INDEX_NAME
end
def down
remove_concurrent_index_by_name :ai_active_context_collections, INDEX_NAME
end
end

1
db/schema_migrations/20250130123120 Normal file
View File

@ -0,0 +1 @@
2b7dd886bb863c373f88af09c16b6ef1b4ab7f668b2c8f992b8e4f3293c421dd

1
db/schema_migrations/20250219073512 Normal file
View File

@ -0,0 +1 @@
20d50fdba6c896e6261939b390d704215e4b2fa8b0b06300d677d2bea2f66811

1
db/schema_migrations/20250220120955 Normal file
View File

@ -0,0 +1 @@
fa47c04d96be9a22c5901ca6f395b3edf3e202c42b35bf13d85d66973eb0e14d

1
db/schema_migrations/20250221113152 Normal file
View File

@ -0,0 +1 @@
6ad2e4fc5430245cb00ba73dc6169f8fd9849d47ca467512702b3d2655554a9b

89
db/structure.sql
View File

@ -7121,6 +7121,7 @@ CREATE TABLE ai_active_context_collections (
number_of_partitions integer DEFAULT 1 NOT NULL,
created_at timestamp with time zone NOT NULL,
updated_at timestamp with time zone NOT NULL,
connection_id bigint NOT NULL,
CONSTRAINT check_fe84a77f95 CHECK ((char_length(name) <= 255))
);
@ -17526,6 +17527,24 @@ CREATE SEQUENCE operations_user_lists_id_seq
ALTER SEQUENCE operations_user_lists_id_seq OWNED BY operations_user_lists.id;
CREATE TABLE organization_cluster_agent_mappings (
id bigint NOT NULL,
organization_id bigint NOT NULL,
cluster_agent_id bigint NOT NULL,
creator_id bigint,
created_at timestamp with time zone NOT NULL,
updated_at timestamp with time zone NOT NULL
);
CREATE SEQUENCE organization_cluster_agent_mappings_id_seq
START WITH 1
INCREMENT BY 1
NO MINVALUE
NO MAXVALUE
CACHE 1;
ALTER SEQUENCE organization_cluster_agent_mappings_id_seq OWNED BY organization_cluster_agent_mappings.id;
CREATE TABLE organization_details (
organization_id bigint NOT NULL,
created_at timestamp with time zone NOT NULL,
@ -22154,46 +22173,6 @@ CREATE SEQUENCE system_access_microsoft_graph_access_tokens_id_seq
ALTER SEQUENCE system_access_microsoft_graph_access_tokens_id_seq OWNED BY system_access_microsoft_graph_access_tokens.id;
CREATE TABLE system_hooks (
id bigint NOT NULL,
created_at timestamp(6) without time zone,
updated_at timestamp(6) without time zone,
disabled_until timestamp with time zone,
recent_failures smallint DEFAULT 0 NOT NULL,
backoff_count smallint DEFAULT 0 NOT NULL,
branch_filter_strategy smallint DEFAULT 0 NOT NULL,
push_events boolean DEFAULT true NOT NULL,
merge_requests_events boolean DEFAULT false NOT NULL,
tag_push_events boolean DEFAULT false,
enable_ssl_verification boolean DEFAULT true,
repository_update_events boolean DEFAULT false NOT NULL,
push_events_branch_filter text,
name text,
description text,
custom_webhook_template text,
encrypted_token bytea,
encrypted_token_iv bytea,
encrypted_url bytea,
encrypted_url_iv bytea,
encrypted_url_variables bytea,
encrypted_url_variables_iv bytea,
encrypted_custom_headers bytea,
encrypted_custom_headers_iv bytea,
CONSTRAINT check_32d89afab7 CHECK ((char_length(push_events_branch_filter) <= 5000)),
CONSTRAINT check_6439bc2682 CHECK ((char_length(name) <= 255)),
CONSTRAINT check_6e64a69bc5 CHECK ((char_length(custom_webhook_template) <= 4096)),
CONSTRAINT check_f6fffb36bd CHECK ((char_length(description) <= 2048))
);
CREATE SEQUENCE system_hooks_id_seq
START WITH 1
INCREMENT BY 1
NO MINVALUE
NO MAXVALUE
CACHE 1;
ALTER SEQUENCE system_hooks_id_seq OWNED BY system_hooks.id;
CREATE TABLE system_note_metadata (
commit_count integer,
action character varying,
@ -25785,6 +25764,8 @@ ALTER TABLE ONLY operations_strategies_user_lists ALTER COLUMN id SET DEFAULT ne
ALTER TABLE ONLY operations_user_lists ALTER COLUMN id SET DEFAULT nextval('operations_user_lists_id_seq'::regclass);
ALTER TABLE ONLY organization_cluster_agent_mappings ALTER COLUMN id SET DEFAULT nextval('organization_cluster_agent_mappings_id_seq'::regclass);
ALTER TABLE ONLY organization_users ALTER COLUMN id SET DEFAULT nextval('organization_users_id_seq'::regclass);
ALTER TABLE ONLY organizations ALTER COLUMN id SET DEFAULT nextval('organizations_id_seq'::regclass);
@ -26143,8 +26124,6 @@ ALTER TABLE ONLY system_access_microsoft_applications ALTER COLUMN id SET DEFAUL
ALTER TABLE ONLY system_access_microsoft_graph_access_tokens ALTER COLUMN id SET DEFAULT nextval('system_access_microsoft_graph_access_tokens_id_seq'::regclass);
ALTER TABLE ONLY system_hooks ALTER COLUMN id SET DEFAULT nextval('system_hooks_id_seq'::regclass);
ALTER TABLE ONLY system_note_metadata ALTER COLUMN id SET DEFAULT nextval('system_note_metadata_id_seq'::regclass);
ALTER TABLE ONLY taggings ALTER COLUMN id SET DEFAULT nextval('taggings_id_seq'::regclass);
@ -28410,6 +28389,9 @@ ALTER TABLE ONLY operations_strategies_user_lists
ALTER TABLE ONLY operations_user_lists
ADD CONSTRAINT operations_user_lists_pkey PRIMARY KEY (id);
ALTER TABLE ONLY organization_cluster_agent_mappings
ADD CONSTRAINT organization_cluster_agent_mappings_pkey PRIMARY KEY (id);
ALTER TABLE ONLY organization_details
ADD CONSTRAINT organization_details_pkey PRIMARY KEY (organization_id);
@ -29088,9 +29070,6 @@ ALTER TABLE ONLY system_access_microsoft_applications
ALTER TABLE ONLY system_access_microsoft_graph_access_tokens
ADD CONSTRAINT system_access_microsoft_graph_access_tokens_pkey PRIMARY KEY (id);
ALTER TABLE ONLY system_hooks
ADD CONSTRAINT system_hooks_pkey PRIMARY KEY (id);
ALTER TABLE ONLY system_note_metadata
ADD CONSTRAINT system_note_metadata_pkey PRIMARY KEY (id);
@ -30928,6 +30907,12 @@ CREATE INDEX i_namespace_cluster_agent_mappings_on_cluster_agent_id ON remote_de
CREATE INDEX i_namespace_cluster_agent_mappings_on_creator_id ON remote_development_namespace_cluster_agent_mappings USING btree (creator_id);
CREATE INDEX i_organization_cluster_agent_mappings_on_creator_id ON organization_cluster_agent_mappings USING btree (creator_id);
CREATE INDEX i_organization_cluster_agent_mappings_on_organization_id ON organization_cluster_agent_mappings USING btree (organization_id);
CREATE UNIQUE INDEX i_organization_cluster_agent_mappings_unique_cluster_agent_id ON organization_cluster_agent_mappings USING btree (cluster_agent_id);
CREATE UNIQUE INDEX i_packages_unique_project_id_package_type_package_name_pattern ON packages_protection_rules USING btree (project_id, package_type, package_name_pattern);
CREATE INDEX i_pkgs_deb_file_meta_on_updated_at_package_file_id_when_unknown ON packages_debian_file_metadata USING btree (updated_at, package_file_id) WHERE (file_type = 1);
@ -36100,6 +36085,8 @@ CREATE UNIQUE INDEX uniq_compliance_statuses_control_project_id ON project_contr
CREATE UNIQUE INDEX uniq_google_cloud_logging_configuration_namespace_id_and_name ON audit_events_google_cloud_logging_configurations USING btree (namespace_id, name);
CREATE UNIQUE INDEX uniq_idx_ai_active_context_collections_on_connection_id_name ON ai_active_context_collections USING btree (connection_id, name);
CREATE UNIQUE INDEX uniq_idx_audit_events_aws_configs_stream_dests ON audit_events_amazon_s3_configurations USING btree (stream_destination_id) WHERE (stream_destination_id IS NOT NULL);
CREATE UNIQUE INDEX uniq_idx_audit_events_ext_audit_event_stream_dests ON audit_events_external_audit_event_destinations USING btree (stream_destination_id) WHERE (stream_destination_id IS NOT NULL);
@ -38675,6 +38662,9 @@ CREATE TRIGGER vulnerabilities_loose_fk_trigger AFTER DELETE ON vulnerabilities
ALTER TABLE ONLY ai_conversation_threads
ADD CONSTRAINT fk_00234c7444 FOREIGN KEY (organization_id) REFERENCES organizations(id) ON DELETE CASCADE;
ALTER TABLE ONLY ai_active_context_collections
ADD CONSTRAINT fk_008426fce1 FOREIGN KEY (connection_id) REFERENCES ai_active_context_connections(id) ON DELETE CASCADE;
ALTER TABLE ONLY deployments
ADD CONSTRAINT fk_009fd21147 FOREIGN KEY (environment_id) REFERENCES environments(id) ON DELETE CASCADE;
@ -39146,6 +39136,9 @@ ALTER TABLE ONLY operations_feature_flags_issues
ALTER TABLE ONLY push_event_payloads
ADD CONSTRAINT fk_36c74129da FOREIGN KEY (event_id) REFERENCES events(id) ON DELETE CASCADE;
ALTER TABLE ONLY organization_cluster_agent_mappings
ADD CONSTRAINT fk_3727f3f4ec FOREIGN KEY (cluster_agent_id) REFERENCES cluster_agents(id) ON DELETE CASCADE;
ALTER TABLE ONLY protected_branch_merge_access_levels
ADD CONSTRAINT fk_37ab3dd3ba FOREIGN KEY (protected_branch_project_id) REFERENCES projects(id) ON DELETE CASCADE;
@ -39500,6 +39493,9 @@ ALTER TABLE ONLY projects
ALTER TABLE ONLY compliance_framework_security_policies
ADD CONSTRAINT fk_6d3bd0c9f1 FOREIGN KEY (project_id) REFERENCES projects(id) ON DELETE CASCADE;
ALTER TABLE ONLY organization_cluster_agent_mappings
ADD CONSTRAINT fk_6d8bfa275e FOREIGN KEY (organization_id) REFERENCES organizations(id) ON DELETE CASCADE;
ALTER TABLE ONLY audit_events_streaming_instance_namespace_filters
ADD CONSTRAINT fk_6e0be28087 FOREIGN KEY (external_streaming_destination_id) REFERENCES audit_events_instance_external_streaming_destinations(id) ON DELETE CASCADE;
@ -39635,6 +39631,9 @@ ALTER TABLE ONLY catalog_resource_versions
ALTER TABLE ONLY merge_requests_approval_rules
ADD CONSTRAINT fk_7af76dbd21 FOREIGN KEY (project_id) REFERENCES projects(id) ON DELETE CASCADE;
ALTER TABLE ONLY organization_cluster_agent_mappings
ADD CONSTRAINT fk_7b441007e5 FOREIGN KEY (creator_id) REFERENCES users(id) ON DELETE SET NULL;
ALTER TABLE ONLY issue_customer_relations_contacts
ADD CONSTRAINT fk_7b92f835bb FOREIGN KEY (contact_id) REFERENCES customer_relations_contacts(id) ON DELETE CASCADE;

4
doc/api/graphql/reference/_index.md
View File

@ -22826,6 +22826,7 @@ Represents a ComplianceRequirementsControl associated with a ComplianceRequireme
| ---- | ---- | ----------- |
| <a id="compliancerequirementscontrolcontroltype"></a>`controlType` | [`String!`](#string) | Type of the compliance control. |
| <a id="compliancerequirementscontrolexpression"></a>`expression` | [`String`](#string) | Expression of the compliance control. |
| <a id="compliancerequirementscontrolexternalurl"></a>`externalUrl` | [`String`](#string) | URL of the external control. |
| <a id="compliancerequirementscontrolid"></a>`id` | [`ID!`](#id) | Compliance requirements control ID. |
| <a id="compliancerequirementscontrolname"></a>`name` | [`String!`](#string) | Name of the compliance control. |
@ -46574,8 +46575,11 @@ Attributes for defining a CI/CD variable.
| Name | Type | Description |
| ---- | ---- | ----------- |
| <a id="compliancerequirementscontrolinputcontroltype"></a>`controlType` | [`String`](#string) | Type of the compliance control. |
| <a id="compliancerequirementscontrolinputexpression"></a>`expression` | [`String`](#string) | Expression of the compliance control. |
| <a id="compliancerequirementscontrolinputexternalurl"></a>`externalUrl` | [`String`](#string) | URL of the external control. |
| <a id="compliancerequirementscontrolinputname"></a>`name` | [`String`](#string) | New name for the compliance requirement control. |
| <a id="compliancerequirementscontrolinputsecrettoken"></a>`secretToken` | [`String`](#string) | Secret token for an external control. |
### `ComplianceStandardsAdherenceInput`

5
doc/api/group_access_tokens.md
View File

@ -58,6 +58,7 @@ curl --request GET \
"id" : 42,
"active" : true,
"created_at" : "2021-01-20T22:11:48.151Z",
"description": "Test Token description",
"revoked" : false,
"last_used_at": null,
"access_level": 40
@ -72,6 +73,7 @@ curl --request GET \
"id" : 43,
"active" : false,
"created_at" : "2021-01-21T12:12:38.123Z",
"description": "Test Token description",
"revoked" : true,
"last_used_at": "2021-02-13T10:34:57.178Z",
"access_level": 40
@ -109,6 +111,7 @@ curl --request GET \
"id" : 42,
"active" : true,
"created_at" : "2021-01-20T22:11:48.151Z",
"description": "Test Token description",
"revoked" : false,
"access_level": 40
}
@ -136,6 +139,7 @@ POST /groups/:id/access_tokens
| -------------- | ----------------- | -------- | ----------- |
| `id` | integer or string | yes | ID or [URL-encoded path](rest/_index.md#namespaced-paths) of a group. |
| `name` | String | yes | Name of the token. |
| `description` | string | no | Description of the group access token. |
| `scopes` | `Array[String]` | yes | List of [scopes](../user/group/settings/group_access_tokens.md#scopes-for-a-group-access-token) available to the token. |
| `access_level` | Integer | no | [Access level](../development/permissions/predefined_roles.md#members) for the token. Possible values: `10` (Guest), `15` (Planner), `20` (Reporter), `30` (Developer), `40` (Maintainer), and `50` (Owner). Default value: `40`. |
| `expires_at` | date | no | Expiration date of the access token in ISO format (`YYYY-MM-DD`). The date must be one year or less from the rotation date. If undefined, the date is set to the [maximum allowable lifetime limit](../user/profile/personal_access_tokens.md#access-token-expiration). |
@ -158,6 +162,7 @@ curl --request POST \
"name" : "test",
"revoked" : false,
"created_at" : "2021-01-21T19:35:37.921Z",
"description": "Test Token description",
"user_id" : 166,
"id" : 58,
"expires_at" : "2021-01-31",

5
doc/api/project_access_tokens.md
View File

@ -58,6 +58,7 @@ curl --request GET \
"id" : 42,
"active" : true,
"created_at" : "2021-01-20T22:11:48.151Z",
"description": "Test Token description",
"last_used_at" : null,
"revoked" : false,
"access_level" : 40
@ -72,6 +73,7 @@ curl --request GET \
"id" : 43,
"active" : false,
"created_at" : "2021-01-21T12:12:38.123Z",
"description": "Test Token description",
"revoked" : true,
"last_used_at" : "2021-02-13T10:34:57.178Z",
"access_level" : 40
@ -109,6 +111,7 @@ curl --request GET \
"id" : 42,
"active" : true,
"created_at" : "2021-01-20T22:11:48.151Z",
"description": "Test Token description",
"revoked" : false,
"access_level": 40,
"last_used_at": "2022-03-15T11:05:42.437Z"
@ -133,6 +136,7 @@ POST projects/:id/access_tokens
| -------------- | ----------------- | -------- | ----------- |
| `id` | integer or string | yes | ID or [URL-encoded path](rest/_index.md#namespaced-paths) of a project. |
| `name` | string | yes | Name of the token. |
| `description` | string | no | Description of the project access token. |
| `scopes` | `Array[String]` | yes | List of [scopes](../user/project/settings/project_access_tokens.md#scopes-for-a-project-access-token) available to the token. |
| `access_level` | integer | no | [Access level](../development/permissions/predefined_roles.md#members) for the token. Possible values: `10` (Guest), `15` (Planner), `20` (Reporter), `30` (Developer), `40` (Maintainer), and `50` (Owner). Default value: `40`. |
| `expires_at` | date | yes | Expiration date of the token in ISO format (`YYYY-MM-DD`). If undefined, the date is set to the [maximum allowable lifetime limit](../user/profile/personal_access_tokens.md#access-token-expiration). |
@ -155,6 +159,7 @@ curl --request POST \
"name" : "test",
"revoked" : false,
"created_at" : "2021-01-21T19:35:37.921Z",
"description": "Test Token description",
"user_id" : 166,
"id" : 58,
"expires_at" : "2021-01-31",

2
doc/integration/omniauth.md
View File

@ -395,7 +395,7 @@ omniauth:
{{< history >}}
- [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/505575) `job_title` and `organization` attributes in GitLab 17.8.
- [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/505575) `job_title` and `organization` attributes in GitLab 17.9.
{{< /history >}}

36
doc/user/project/repository/mirror/troubleshooting.md
View File

@ -297,3 +297,39 @@ To resolve this, you can do either of the following:
- Migrate the source repository to a "smart" server.
- Mirror the repository using the [SSH protocol](_index.md#ssh-authentication) (requires authentication).
## Error: `File directory conflict`
You might get an error that states something similar to the following:
```plaintext
13:preparing reference update: file directory conflict
```
This error occurs when a tag or branch name conflict exists between the source and
mirror repositories. For example:
- A tag or branch named `x/y` exists in the mirror repository.
- A tag or branch named `x` exists in the source repository.
To resolve this issue, delete the conflicting tag or branch.
If you cannot identify the conflicting tag or branch, delete all tags from your mirror repository.
An alternative option is to [overwrite diverged branches](pull.md#overwrite-diverged-branches).
{{< alert type="note" >}}
Deleting tags could be destructive for any work done in the mirror repository.
{{< /alert >}}
To delete and remove all tags from the mirror repository:
1. On a local copy of your mirrored repository, run:
```shell
git tag -l | xargs -n 1 git push --delete origin
```
1. On the left sidebar, select **Settings > Repository**.
1. Expand **Mirroring repositories**.
1. Select **Update now** ({{< icon name="retry" >}}).

1
doc/user/workspace/configuration.md
View File

@ -138,6 +138,7 @@ To configure sudo access for a workspace with Sysbox:
- Set [`default_runtime_class`](settings.md#default_runtime_class) to the runtime class
of Sysbox (for example, `sysbox-runc`).
- Set [`allow_privilege_escalation`](settings.md#allow_privilege_escalation) to `true`.
- Set [`annotations`](settings.md#annotations) to `{"io.kubernetes.cri-o.userns-mode": "auto:size=65536"}`.
### With Kata Containers

2
lib/api/helpers/projects_helpers.rb
View File

@ -118,7 +118,7 @@ module API
optional :restrict_user_defined_variables, type: Boolean, desc: 'Restrict use of user-defined variables when triggering a pipeline'
optional :ci_pipeline_variables_minimum_override_role, values: %w[no_one_allowed developer maintainer owner], type: String, desc: 'Limit ability to override CI/CD variables when triggering a pipeline to only users with at least the set minimum role'
optional :ci_push_repository_for_job_token_allowed, type: Boolean, desc: "Allow pushing to this project's repository by authenticating with a CI/CD job token generated in this project."
optional :ci_id_token_sub_claim_components, type: Array[String], values: %w[project_path ref_type ref], desc: 'Claims that will be used to build the sub claim in id tokens'
optional :ci_id_token_sub_claim_components, type: Array[String], desc: 'Claims that will be used to build the sub claim in id tokens'
optional :ci_delete_pipelines_in_seconds, type: Integer, desc: 'Pipelines older than the configured time are deleted'
optional :max_artifacts_size, type: Integer, desc: "Set the maximum file size for each job's artifacts"
end

31
lib/gitlab/import/username_mention_rewriter.rb
View File

@ -25,29 +25,22 @@ module Gitlab
def wrap_mentions_in_backticks(text)
return text unless text.present?
resultant_array = []
split_array = text.split("\n")
split_array.each do |line|
if MENTION_REGEX.match?(line)
line = MENTION_REGEX.replace_gsub(line) do |match|
case match[0]
when /^`/
match[0]
when /^ /
" `#{match[0].lstrip}`"
when /^\(/
"(`#{match[0].sub(/^./, '')}`"
else
"`#{match[0]}`"
end
if MENTION_REGEX.match?(text)
text = MENTION_REGEX.replace_gsub(text) do |match|
case match[0]
when /^`/
match[0]
when /^ /
" `#{match[0].lstrip}`"
when /^\(/
"(`#{match[0].sub(/^./, '')}`"
else
"`#{match[0]}`"
end
end
resultant_array << line
end
resultant_array.join("\n")
text
end
end
end

9
locale/gitlab.pot
View File

@ -4341,6 +4341,9 @@ msgstr ""
msgid "AdminSettings|Enable product analytics"
msgstr ""
msgid "AdminSettings|Enable product usage tracking"
msgstr ""
msgid "AdminSettings|Enable smartcn custom analyzer: Indexing"
msgstr ""
@ -16571,6 +16574,9 @@ msgstr ""
msgid "Control + Shift + M"
msgstr ""
msgid "Control whether events are sent to GitLab."
msgstr ""
msgid "Control whether to display customer experience improvement content and third-party offers in GitLab."
msgstr ""
@ -43901,6 +43907,9 @@ msgstr ""
msgid "Product analytics"
msgstr ""
msgid "Product usage data tracking"
msgstr ""
msgid "ProductAnalytics|1. Add the NPM package to your package.json using your preferred package manager"
msgstr ""

10
scripts/database/migrate.rb
View File

@ -83,9 +83,13 @@ def prompt(list, prompt:, multi: false, reverse: false)
end
def get_changed_files(branch_name:)
set = `git diff --name-only --diff-filter=d $(git merge-base #{branch_name} HEAD)..HEAD #{MIGRATIONS_DIR}`
.split("\n").to_set
set += `git diff --diff-filter=d --merge-base --name-only #{branch_name} #{MIGRATIONS_DIR}`.split("\n")
set = Set.new
[MIGRATIONS_DIR, POST_DEPLOY_MIGRATIONS_DIR].each do |dir|
set += `git diff --name-only --diff-filter=d $(git merge-base #{branch_name} HEAD)..HEAD #{dir}`
.split("\n").to_set
set += `git diff --diff-filter=d --merge-base --name-only #{branch_name} #{dir}`.split("\n")
end
set
end

17
spec/factories/no_sti_system_hooks.rb
View File

@ -1,17 +0,0 @@
# frozen_string_literal: true
FactoryBot.define do
factory :no_sti_system_hook do
url { generate(:url) }
name { generate(:name) }
description { "Description of #{name}" }
trait :token do
token { generate(:token) }
end
trait :url_variables do
url_variables { { 'abc' => 'supers3cret', 'def' => 'foobar' } }
end
end
end

41
spec/lib/gitlab/import/username_mention_rewriter_spec.rb
View File

@ -57,17 +57,33 @@ RSpec.describe Gitlab::Import::UsernameMentionRewriter, feature_category: :impor
context 'when the text contains code-formatted text' do
let(:original_text) do
"I said to @sam the code should be ``find @bob and return`` " \
"and he said no it's ```find @bob and play```. " \
"What do you think @alice? " \
"Another alternative is `forward to the @goonsquad!`"
<<~CODE_BLOCK
I said to @sam the code should be
```
find @bob and return
```
and he said no it's ```find @bob and play```.
What do you think @alice?
Another alternative is `forward to the @goonsquad!`
CODE_BLOCK
end
let(:expected_text) do
"I said to `@sam` the code should be ``find @bob and return`` " \
"and he said no it's ```find @bob and play```. " \
"What do you think `@alice`? " \
"Another alternative is `forward to the @goonsquad!`"
<<~CODE_BLOCK
I said to `@sam` the code should be
```
find @bob and return
```
and he said no it's ```find @bob and play```.
What do you think `@alice`?
Another alternative is `forward to the @goonsquad!`
CODE_BLOCK
end
it 'wraps username mentions only if they are outside code-formatted text' do
@ -93,13 +109,4 @@ RSpec.describe Gitlab::Import::UsernameMentionRewriter, feature_category: :impor
end
end
end
context 'when the text contains username in the new line' do
let(:original_text) { "Hello,\n@username is mentioned here.\nThis is the next line." }
let(:expected_text) { "Hello,\n`@username` is mentioned here.\nThis is the next line." }
it 'wraps the username in backticks and it should be properly formatted in the new line' do
expect(instance.wrap_mentions_in_backticks(original_text)).to eq(expected_text)
end
end
end

92
spec/models/hooks/no_sti_system_hook_spec.rb
View File

@ -1,92 +0,0 @@
# frozen_string_literal: true
require "spec_helper"
RSpec.describe NoStiSystemHook, feature_category: :webhooks do
it_behaves_like 'a webhook', factory: :no_sti_system_hook, auto_disabling: false
it_behaves_like 'a hook that does not get automatically disabled on failure' do
let(:hook) { build(:no_sti_system_hook) }
let(:hook_factory) { :no_sti_system_hook }
let(:default_factory_arguments) { {} }
def find_hooks
described_class.all
end
end
describe 'default attributes' do
let(:no_sti_system_hook) { described_class.new }
it 'sets defined default parameters' do
attrs = {
push_events: false,
repository_update_events: true,
merge_requests_events: false
}
expect(no_sti_system_hook).to have_attributes(attrs)
end
end
describe 'associations' do
it { is_expected.not_to respond_to(:web_hook_logs) }
end
describe 'validations' do
describe 'url' do
let(:url) { 'http://localhost:9000' }
it { is_expected.not_to allow_value(url).for(:url) }
it 'is valid if application settings allow local requests from system hooks' do
settings = ApplicationSetting.new(allow_local_requests_from_system_hooks: true)
allow(ApplicationSetting).to receive(:current).and_return(settings)
is_expected.to allow_value(url).for(:url)
end
end
end
describe '.repository_update_hooks' do
it 'returns hooks for repository update events only' do
hook = create(:no_sti_system_hook, repository_update_events: true)
create(:no_sti_system_hook, repository_update_events: false)
expect(described_class.repository_update_hooks).to eq([hook])
end
end
describe 'execute WebHookService' do
let(:hook) { build(:no_sti_system_hook) }
let(:data) { { key: 'value' } }
let(:hook_name) { 'no_sti_system_hook' }
let(:web_hook_service) { instance_double(WebHookService, execute: true) }
it '#execute' do
expect(WebHookService).to receive(:new).with(hook, data, hook_name, idempotency_key: anything, force: false)
.and_return(web_hook_service)
expect(web_hook_service).to receive(:execute)
hook.execute(data, hook_name)
end
it '#async_execute' do
expect(WebHookService).to receive(:new).with(hook, data, hook_name, idempotency_key: anything)
.and_return(web_hook_service)
expect(web_hook_service).to receive(:async_execute)
hook.async_execute(data, hook_name)
end
end
describe '#application_context' do
let(:hook) { build(:no_sti_system_hook) }
it 'includes the type' do
expect(hook.application_context).to eq(
related_class: 'NoStiSystemHook'
)
end
end
end

4
spec/models/hooks/system_hook_spec.rb
View File

@ -243,13 +243,13 @@ RSpec.describe SystemHook, feature_category: :webhooks do
end
describe '#pluralized_name' do
subject { build(:no_sti_system_hook).pluralized_name }
subject { build(:system_hook).pluralized_name }
it { is_expected.to eq('System hooks') }
end
describe '#help_path' do
subject { build(:no_sti_system_hook).help_path }
subject { build(:system_hook).help_path }
it { is_expected.to eq('administration/system_hooks') }
end

42
spec/models/merge_request_diff_commit_spec.rb
View File

@ -24,11 +24,45 @@ RSpec.describe MergeRequestDiffCommit, feature_category: :code_review_workflow d
describe '#to_hash' do
subject { merge_request.commits.first }
it 'returns the same results as Commit#to_hash, except for parent_ids' do
commit_from_repo = project.repository.commit(subject.sha)
commit_from_repo_hash = commit_from_repo.to_hash.merge(parent_ids: [], message: '')
context 'when disable_message_attribute_on_mr_diff_commits is false' do
# Both these feature flags are can interact to suppress display of the message
# attribute. Without disabling both feature flags, we can not prove the
# isolated case of disable_message_attribute_on_mr_diff_commits.
#
before do
stub_feature_flags(disable_message_attribute_on_mr_diff_commits: false)
stub_feature_flags(optimized_commit_storage: false)
end
expect(subject.to_hash).to eq(commit_from_repo_hash)
it 'returns the same results as Commit#to_hash, except for parent_ids' do
commit_from_repo = project.repository.commit(subject.sha)
commit_from_repo_hash = commit_from_repo.to_hash.merge(parent_ids: [])
expect(subject.to_hash).to eq(commit_from_repo_hash)
end
end
context 'when disable_message_attribute_on_mr_diff_commits is true' do
before do
# Strictly speaking, we don't need to set this flag to `true` but let's
# be explicit.
#
stub_feature_flags(disable_message_attribute_on_mr_diff_commits: true)
stub_feature_flags(optimized_commit_storage: false)
end
it 'returns the same results as Commit#to_hash, except for parent_ids and message' do
commit_from_repo = project.repository.commit(subject.sha)
commit_from_repo_hash = commit_from_repo.to_hash.merge(parent_ids: [], message: "")
expect(subject.to_hash).to eq(commit_from_repo_hash)
end
end
it 'logs the event with the expected info' do
expect(Gitlab::AppLogger).to receive(:info).at_least(:once)
subject.to_hash
end
end

1
spec/models/merge_request_diff_spec.rb
View File

@ -63,6 +63,7 @@ RSpec.describe MergeRequestDiff, feature_category: :code_review_workflow do
context 'when feature flag "optimized_commit_storage" is disabled' do
before do
stub_feature_flags(disable_message_attribute_on_mr_diff_commits: false)
stub_feature_flags(optimized_commit_storage: false)
end