root
/
gitlab-ce
mirror of https://gitlab.com/free-releases/gitlab-ce.git
1
0
Fork 0
Code Issues Actions Packages Projects Releases Wiki Activity

Add latest changes from gitlab-org/gitlab@master

This commit is contained in:
GitLab Bot 2024-09-20 09:13:26 +00:00
parent a0d7b5b5ca
commit 742fcdb708
64 changed files with 720 additions and 140 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.rubocop_todo/gitlab/bounded_contexts.yml
View File

@ -3656,6 +3656,7 @@ Gitlab/BoundedContexts:
- 'ee/app/workers/system_access/saml_microsoft_group_sync_worker.rb'
- 'ee/app/workers/todos_destroyer/confidential_epic_worker.rb'
- 'ee/app/workers/update_all_mirrors_worker.rb'
- 'ee/app/workers/usage_events/dump_write_buffer_cron_worker.rb'
- 'ee/app/workers/vulnerability_exports/export_deletion_worker.rb'
- 'ee/app/workers/vulnerability_exports/export_worker.rb'
- 'ee/app/workers/vulnerability_external_issue_links/update_vulnerability_read.rb'

1
.rubocop_todo/graphql/extract_type.yml
View File

@ -67,7 +67,6 @@ GraphQL/ExtractType:
- 'app/graphql/types/work_items/linked_item_type.rb'
- 'app/graphql/types/work_items/widgets/description_type.rb'
- 'ee/app/graphql/mutations/projects/product_analytics_project_settings_update.rb'
- 'ee/app/graphql/types/analytics/ai_metrics.rb'
- 'ee/app/graphql/types/analytics/contribution_analytics/contribution_metadata_type.rb'
- 'ee/app/graphql/types/analytics/devops_adoption/snapshot_type.rb'
- 'ee/app/graphql/types/app_sec/fuzzing/api/ci_configuration_type.rb'

1
.rubocop_todo/graphql/graphql_name.yml
View File

@ -110,7 +110,6 @@ GraphQL/GraphqlName:
- 'ee/app/graphql/mutations/member_roles/base.rb'
- 'ee/app/graphql/mutations/requirements_management/base_requirement.rb'
- 'ee/app/graphql/types/ai/base_method_input_type.rb'
- 'ee/app/graphql/types/analytics/ai_metrics.rb'
- 'ee/app/graphql/types/analytics/cycle_analytics/aggregation_status_type.rb'
- 'ee/app/graphql/types/analytics/value_stream_analytics_type.rb'
- 'ee/app/graphql/types/boards/board_epic_input_type.rb'

2
GITLAB_KAS_VERSION
View File

@ -1 +1 @@
dded5ca7cb1f7c4a1c51baff00c5ea714406241c
73ca3ba951fb8125308d5dcf467a67e2d6047ceb

4
Gemfile
View File

@ -39,6 +39,10 @@ gem 'activerecord-gitlab', path: 'gems/activerecord-gitlab' # rubocop:todo Gemfi
gem 'bootsnap', '~> 1.18.3', require: false # rubocop:todo Gemfile/MissingFeatureCategory
# Avoid the precompiled native gems because Omnibus needs to build this to ensure
# LD_LIBRARY_PATH is correct: https://gitlab.com/gitlab-org/omnibus-gitlab/-/merge_requests/7730
gem 'ffi', '~> 1.17', force_ruby_platform: true, feature_category: :shared
gem 'openssl', '~> 3.0' # rubocop:todo Gemfile/MissingFeatureCategory
gem 'ipaddr', '~> 1.2.5' # rubocop:todo Gemfile/MissingFeatureCategory

20
Gemfile.checksum
View File

@ -174,11 +174,21 @@
{"name":"fast_blank","version":"1.0.1","platform":"ruby","checksum":"269fc30414fed4e6403bc4a49081e1ea539f8b9226e59276ed1efaefabaa17ea"},
{"name":"fast_gettext","version":"2.3.0","platform":"ruby","checksum":"0253e26423ccab68061c42387827e3b99243a1b15ad614df1c800ba870d64f84"},
{"name":"ffaker","version":"2.23.0","platform":"ruby","checksum":"9d2dfb5cc284a92c8571bddcbe0c573127a2f3238f4b0aa56e08ccf3e4858498"},
{"name":"ffi","version":"1.15.5","platform":"java","checksum":"610b9a993e67b812123cfedc1c45a639aa2f2455747af5443d54f98e092b1abe"},
{"name":"ffi","version":"1.15.5","platform":"ruby","checksum":"6f2ed2fa68047962d6072b964420cba91d82ce6fa8ee251950c17fca6af3c2a0"},
{"name":"ffi","version":"1.15.5","platform":"x64-mingw-ucrt","checksum":"3dea5573d11cd4c8a965e861052b0036098b239140caa0a98940c5c84eb5990d"},
{"name":"ffi","version":"1.15.5","platform":"x64-mingw32","checksum":"9acc4e474bef25dbcf827b1e6fce4067e9a1eff74a0296d25f0af392fafcd096"},
{"name":"ffi","version":"1.15.5","platform":"x86-mingw32","checksum":"6e52c39fdbbccc085ae05d489d1b835ce05dcdf2a4c88ba739e3b42afd2b5404"},
{"name":"ffi","version":"1.17.0","platform":"aarch64-linux-gnu","checksum":"228c8fb79e6b018a31c75414115a75ca65f74e8138b2c9c97d22041e4e12f2c1"},
{"name":"ffi","version":"1.17.0","platform":"aarch64-linux-musl","checksum":"f31ab84b3d7a850a22d2767b66dafebaebe12f64eaa9a4d1748d417ad1123109"},
{"name":"ffi","version":"1.17.0","platform":"arm-linux-gnu","checksum":"ae3b5bf4701c84263002f13eadfde35fe1e6f88720e7c6f15f1f08f46d745857"},
{"name":"ffi","version":"1.17.0","platform":"arm-linux-musl","checksum":"6f9dc84817e2dfb62fd209649097e134625c9a66db43c441fa7a8ddb17f40fc9"},
{"name":"ffi","version":"1.17.0","platform":"arm64-darwin","checksum":"609c874e76614542c6d485b0576e42a7a38ffcdf086612f9a300c4ec3fcd0d12"},
{"name":"ffi","version":"1.17.0","platform":"java","checksum":"f65f022616970fcde83fe176393eb873a7b959ef2703f94931cf0af6ab55ec7a"},
{"name":"ffi","version":"1.17.0","platform":"ruby","checksum":"51630e43425078311c056ca75f961bb3bda1641ab36e44ad4c455e0b0e4a231c"},
{"name":"ffi","version":"1.17.0","platform":"x64-mingw-ucrt","checksum":"1f05f7fb40387c99bea8fa66be384825fd2bbc3fb3d2645de6058f5f0f032bb8"},
{"name":"ffi","version":"1.17.0","platform":"x64-mingw32","checksum":"63c9b1c847036550c655237526c151ee535dbbeb638e70d9dd3ccbc6104c713b"},
{"name":"ffi","version":"1.17.0","platform":"x86-linux-gnu","checksum":"81b80d24392be2b8ec6bd66da6b488fd05242af5c0868b59c8b716e5a633c8b5"},
{"name":"ffi","version":"1.17.0","platform":"x86-linux-musl","checksum":"6917c10e928b80dbf9b16abf9696aa9d7ca417a24d0cc5c1d53fb4ce9799c8c1"},
{"name":"ffi","version":"1.17.0","platform":"x86-mingw32","checksum":"e6f55971b8d4909d95c19647adb1f9e8abfa5461d62deaaa1f69b8dccaf6c932"},
{"name":"ffi","version":"1.17.0","platform":"x86_64-darwin","checksum":"fdcd48c69db3303ef95aec5c64d6275fcf9878a02c0bec0afddc506ceca0f56b"},
{"name":"ffi","version":"1.17.0","platform":"x86_64-linux-gnu","checksum":"1015e59d5919dd6bbcb0704325b0bd639be664a79b1e2189943ceb18faa34198"},
{"name":"ffi","version":"1.17.0","platform":"x86_64-linux-musl","checksum":"6573299eedf8dd16668f8a435b72c4236b61bca0279bb73c811e3cbdb395e877"},
{"name":"ffi-compiler","version":"1.0.1","platform":"ruby","checksum":"019f389b078a2fec9de7f4f65771095f80a447e34436b4588bcb629e2a564c30"},
{"name":"ffi-yajl","version":"2.6.0","platform":"ruby","checksum":"69baa612273991e4c79667464eb25f3feb169899aab33929a33b03234af24336"},
{"name":"ffi-yajl","version":"2.6.0","platform":"universal-java","checksum":"1159a093c51d75d67578e31d2ed429f2481ef7e73021c5d667ebf6ab481a0d21"},

3
Gemfile.lock
View File

@ -611,7 +611,7 @@ GEM
fast_blank (1.0.1)
fast_gettext (2.3.0)
ffaker (2.23.0)
ffi (1.15.5)
ffi (1.17.0)
ffi-compiler (1.0.1)
ffi (>= 1.0.0)
rake
@ -2035,6 +2035,7 @@ DEPENDENCIES
faraday_middleware-aws-sigv4 (~> 1.0.1)
fast_blank (~> 1.0.1)
ffaker (~> 2.23)
ffi (~> 1.17)
flipper (~> 0.26.2)
flipper-active_record (~> 0.26.2)
flipper-active_support_cache_store (~> 0.26.2)

20
Gemfile.next.checksum
View File

@ -175,11 +175,21 @@
{"name":"fast_blank","version":"1.0.1","platform":"ruby","checksum":"269fc30414fed4e6403bc4a49081e1ea539f8b9226e59276ed1efaefabaa17ea"},
{"name":"fast_gettext","version":"2.3.0","platform":"ruby","checksum":"0253e26423ccab68061c42387827e3b99243a1b15ad614df1c800ba870d64f84"},
{"name":"ffaker","version":"2.23.0","platform":"ruby","checksum":"9d2dfb5cc284a92c8571bddcbe0c573127a2f3238f4b0aa56e08ccf3e4858498"},
{"name":"ffi","version":"1.15.5","platform":"java","checksum":"610b9a993e67b812123cfedc1c45a639aa2f2455747af5443d54f98e092b1abe"},
{"name":"ffi","version":"1.15.5","platform":"ruby","checksum":"6f2ed2fa68047962d6072b964420cba91d82ce6fa8ee251950c17fca6af3c2a0"},
{"name":"ffi","version":"1.15.5","platform":"x64-mingw-ucrt","checksum":"3dea5573d11cd4c8a965e861052b0036098b239140caa0a98940c5c84eb5990d"},
{"name":"ffi","version":"1.15.5","platform":"x64-mingw32","checksum":"9acc4e474bef25dbcf827b1e6fce4067e9a1eff74a0296d25f0af392fafcd096"},
{"name":"ffi","version":"1.15.5","platform":"x86-mingw32","checksum":"6e52c39fdbbccc085ae05d489d1b835ce05dcdf2a4c88ba739e3b42afd2b5404"},
{"name":"ffi","version":"1.17.0","platform":"aarch64-linux-gnu","checksum":"228c8fb79e6b018a31c75414115a75ca65f74e8138b2c9c97d22041e4e12f2c1"},
{"name":"ffi","version":"1.17.0","platform":"aarch64-linux-musl","checksum":"f31ab84b3d7a850a22d2767b66dafebaebe12f64eaa9a4d1748d417ad1123109"},
{"name":"ffi","version":"1.17.0","platform":"arm-linux-gnu","checksum":"ae3b5bf4701c84263002f13eadfde35fe1e6f88720e7c6f15f1f08f46d745857"},
{"name":"ffi","version":"1.17.0","platform":"arm-linux-musl","checksum":"6f9dc84817e2dfb62fd209649097e134625c9a66db43c441fa7a8ddb17f40fc9"},
{"name":"ffi","version":"1.17.0","platform":"arm64-darwin","checksum":"609c874e76614542c6d485b0576e42a7a38ffcdf086612f9a300c4ec3fcd0d12"},
{"name":"ffi","version":"1.17.0","platform":"java","checksum":"f65f022616970fcde83fe176393eb873a7b959ef2703f94931cf0af6ab55ec7a"},
{"name":"ffi","version":"1.17.0","platform":"ruby","checksum":"51630e43425078311c056ca75f961bb3bda1641ab36e44ad4c455e0b0e4a231c"},
{"name":"ffi","version":"1.17.0","platform":"x64-mingw-ucrt","checksum":"1f05f7fb40387c99bea8fa66be384825fd2bbc3fb3d2645de6058f5f0f032bb8"},
{"name":"ffi","version":"1.17.0","platform":"x64-mingw32","checksum":"63c9b1c847036550c655237526c151ee535dbbeb638e70d9dd3ccbc6104c713b"},
{"name":"ffi","version":"1.17.0","platform":"x86-linux-gnu","checksum":"81b80d24392be2b8ec6bd66da6b488fd05242af5c0868b59c8b716e5a633c8b5"},
{"name":"ffi","version":"1.17.0","platform":"x86-linux-musl","checksum":"6917c10e928b80dbf9b16abf9696aa9d7ca417a24d0cc5c1d53fb4ce9799c8c1"},
{"name":"ffi","version":"1.17.0","platform":"x86-mingw32","checksum":"e6f55971b8d4909d95c19647adb1f9e8abfa5461d62deaaa1f69b8dccaf6c932"},
{"name":"ffi","version":"1.17.0","platform":"x86_64-darwin","checksum":"fdcd48c69db3303ef95aec5c64d6275fcf9878a02c0bec0afddc506ceca0f56b"},
{"name":"ffi","version":"1.17.0","platform":"x86_64-linux-gnu","checksum":"1015e59d5919dd6bbcb0704325b0bd639be664a79b1e2189943ceb18faa34198"},
{"name":"ffi","version":"1.17.0","platform":"x86_64-linux-musl","checksum":"6573299eedf8dd16668f8a435b72c4236b61bca0279bb73c811e3cbdb395e877"},
{"name":"ffi-compiler","version":"1.0.1","platform":"ruby","checksum":"019f389b078a2fec9de7f4f65771095f80a447e34436b4588bcb629e2a564c30"},
{"name":"ffi-yajl","version":"2.6.0","platform":"ruby","checksum":"69baa612273991e4c79667464eb25f3feb169899aab33929a33b03234af24336"},
{"name":"ffi-yajl","version":"2.6.0","platform":"universal-java","checksum":"1159a093c51d75d67578e31d2ed429f2481ef7e73021c5d667ebf6ab481a0d21"},

2
Gemfile.next.lock
View File

@ -621,7 +621,7 @@ GEM
fast_blank (1.0.1)
fast_gettext (2.3.0)
ffaker (2.23.0)
ffi (1.15.5)
ffi (1.17.0)
ffi-compiler (1.0.1)
ffi (>= 1.0.0)
rake

4
app/assets/javascripts/ci/common/pipelines_table.vue
View File

@ -169,7 +169,9 @@ export default {
this.$emit('retry-pipeline', pipeline);
},
rowClass(item) {
return this.failedJobsCount(item) > 0 ? '' : '!gl-border-b';
return this.displayFailedJobsWidget(item) && this.failedJobsCount(item) > 0
? ''
: '!gl-border-b';
},
setLoaderPosition(ref) {
if (this.isMobile) {

11
app/assets/javascripts/work_items/graphql/work_item_widgets.fragment.graphql
View File

@ -50,6 +50,17 @@ fragment WorkItemWidgets on WorkItemWidget {
... on WorkItemWidgetHierarchy {
hasChildren
hasParent
rolledUpCountsByType {
countsByState {
all
closed
}
workItemType {
id
name
iconName
}
}
parent {
id
iid

11
app/finders/projects_finder.rb
View File

@ -30,6 +30,8 @@
# not_aimed_for_deletion: boolean
# full_paths: string[]
# organization: Scope the groups to the Organizations::Organization
# language: int
# language_name: string
#
class ProjectsFinder < UnionFinder
include CustomAttributesFilter
@ -259,11 +261,10 @@ class ProjectsFinder < UnionFinder
end
def by_language(items)
if params[:language].present?
items.with_programming_language_id(params[:language])
else
items
end
return items.with_programming_language_id(params[:language]) if params[:language].present?
return items.with_programming_language(params[:language_name]) if params[:language_name].present?
items
end
def sort(items)

7
app/graphql/resolvers/projects_resolver.rb
View File

@ -31,6 +31,10 @@ module Resolvers
required: false,
description: 'Return only projects where current user has at least the specified access level.'
argument :programming_language_name, GraphQL::Types::String,
required: false,
description: 'Filter projects by programming language name (case insensitive). For example: "css" or "ruby".'
def resolve_with_lookahead(**args)
validate_args!(args)
@ -74,7 +78,8 @@ module Resolvers
with_merge_requests_enabled: args[:with_merge_requests_enabled],
full_paths: args[:full_paths],
archived: args[:archived],
min_access_level: args[:min_access_level]
min_access_level: args[:min_access_level],
language_name: args[:programming_language_name]
}
end

2
app/helpers/users/callouts_helper.rb
View File

@ -55,7 +55,7 @@ module Users
def show_openssl_callout?
return false unless Gitlab.version_info >= Gitlab::VersionInfo.new(17, 1) &&
Gitlab.version_info < Gitlab::VersionInfo.new(17, 5)
Gitlab.version_info < Gitlab::VersionInfo.new(17, 7)
current_user&.can_admin_all_resources? &&
!user_dismissed?(OPENSSL_CALLOUT) &&

4
app/views/layouts/header/_openssl_callout.html.haml
View File

@ -1,9 +1,9 @@
- return unless show_openssl_callout?
-# rubocop:disable Gitlab/DocUrl -- This documentation section is only available in version 17.4 onward in GitLab.com.
- link = link_to('', 'https://docs.gitlab.com/ee/update/versions/gitlab_17_changes.html#1750', target: '_blank', rel: 'noopener noreferrer')
- link = link_to('', 'https://docs.gitlab.com/ee/update/versions/gitlab_17_changes.html#1770', target: '_blank', rel: 'noopener noreferrer')
-# rubocop:enable Gitlab/DocUrl
- message = safe_format(_('Starting with GitLab 17.5, OpenSSL 3 will be used. All TLS connections require TLS 1.2 or higher. Weaker ciphers are no longer supported. Encryption must have at least of 112 bits of security. %{link_start}Learn more%{link_end}.'), tag_pair(link, :link_start, :link_end))
- message = safe_format(_('Starting with GitLab 17.7, OpenSSL 3 will be used. All TLS connections require TLS 1.2 or higher. Weaker ciphers are no longer supported. Encryption must have at least of 112 bits of security. %{link_start}Learn more%{link_end}.'), tag_pair(link, :link_start, :link_end))
= render Pajamas::AlertComponent.new(title: _('OpenSSL version 3'),
variant: :warning,

3
config/initializers/1_settings.rb
View File

@ -939,6 +939,9 @@ Gitlab.ee do
Settings.cron_jobs['report_security_policies_metrics_worker.rb'] ||= {}
Settings.cron_jobs['report_security_policies_metrics_worker.rb']['cron'] ||= '*/1 * * * *'
Settings.cron_jobs['report_security_policies_metrics_worker.rb']['job_class'] = 'Security::Policies::ReportSecurityPoliciesMetricsWorker'
Settings.cron_jobs['usage_events_dump_write_buffer_cron_worker'] ||= {}
Settings.cron_jobs['usage_events_dump_write_buffer_cron_worker']['cron'] ||= "*/5 * * * *"
Settings.cron_jobs['usage_events_dump_write_buffer_cron_worker']['job_class'] = 'UsageEvents::DumpWriteBufferCronWorker'
Gitlab.com do
Settings.cron_jobs['disable_legacy_open_source_license_for_inactive_projects'] ||= {}

6
config/metrics/counts_all/20210216175510_ci_builds.yml
View File

@ -4,7 +4,9 @@ key_path: counts.ci_builds
description: Unique builds in project
product_group: pipeline_execution
value_type: number
status: active
status: removed
removed_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/166524
milestone_removed: '17.5'
time_frame: all
data_source: database
distribution:
@ -14,7 +16,5 @@ tier:
- free
- premium
- ultimate
performance_indicator_type:
- customer_health_score
milestone: "<13.9"
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/54332

1
db/docs/alert_management_alert_user_mentions.yml
View File

@ -19,3 +19,4 @@ desired_sharding_key:
table: alert_management_alerts
sharding_key: project_id
belongs_to: alert
desired_sharding_key_migration_job_name: BackfillAlertManagementAlertUserMentionsProjectId

9
db/docs/batched_background_migrations/backfill_alert_management_alert_user_mentions_project_id.yml Normal file
View File

@ -0,0 +1,9 @@
---
migration_job_name: BackfillAlertManagementAlertUserMentionsProjectId
description: Backfills sharding key `alert_management_alert_user_mentions.project_id` from `alert_management_alerts`.
feature_category: incident_management
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/166145
milestone: '17.5'
queued_migration_version: 20240916124325
finalize_after: '2024-10-22'
finalized_by: # version of the migration that finalized this BBM

9
db/docs/batched_background_migrations/backfill_incident_management_oncall_rotations_project_id.yml Normal file
View File

@ -0,0 +1,9 @@
---
migration_job_name: BackfillIncidentManagementOncallRotationsProjectId
description: Backfills sharding key `incident_management_oncall_rotations.project_id` from `incident_management_oncall_schedules`.
feature_category: incident_management
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/166153
milestone: '17.5'
queued_migration_version: 20240916132826
finalize_after: '2024-10-22'
finalized_by: # version of the migration that finalized this BBM

1
db/docs/incident_management_oncall_rotations.yml
View File

@ -20,3 +20,4 @@ desired_sharding_key:
table: incident_management_oncall_schedules
sharding_key: project_id
belongs_to: schedule
desired_sharding_key_migration_job_name: BackfillIncidentManagementOncallRotationsProjectId

9
db/migrate/20240916124321_add_project_id_to_alert_management_alert_user_mentions.rb Normal file
View File

@ -0,0 +1,9 @@
# frozen_string_literal: true
class AddProjectIdToAlertManagementAlertUserMentions < Gitlab::Database::Migration[2.2]
milestone '17.5'
def change
add_column :alert_management_alert_user_mentions, :project_id, :bigint
end
end

9
db/migrate/20240916132822_add_project_id_to_incident_management_oncall_rotations.rb Normal file
View File

@ -0,0 +1,9 @@
# frozen_string_literal: true
class AddProjectIdToIncidentManagementOncallRotations < Gitlab::Database::Migration[2.2]
milestone '17.5'
def change
add_column :incident_management_oncall_rotations, :project_id, :bigint
end
end

16
db/post_migrate/20240916124322_index_alert_management_alert_user_mentions_on_project_id.rb Normal file
View File

@ -0,0 +1,16 @@
# frozen_string_literal: true
class IndexAlertManagementAlertUserMentionsOnProjectId < Gitlab::Database::Migration[2.2]
milestone '17.5'
disable_ddl_transaction!
INDEX_NAME = 'index_alert_management_alert_user_mentions_on_project_id'
def up
add_concurrent_index :alert_management_alert_user_mentions, :project_id, name: INDEX_NAME
end
def down
remove_concurrent_index_by_name :alert_management_alert_user_mentions, INDEX_NAME
end
end

17
db/post_migrate/20240916124323_add_alert_management_alert_user_mentions_project_id_fk.rb Normal file
View File

@ -0,0 +1,17 @@
# frozen_string_literal: true
class AddAlertManagementAlertUserMentionsProjectIdFk < Gitlab::Database::Migration[2.2]
milestone '17.5'
disable_ddl_transaction!
def up
add_concurrent_foreign_key :alert_management_alert_user_mentions, :projects, column: :project_id,
on_delete: :cascade
end
def down
with_lock_retries do
remove_foreign_key :alert_management_alert_user_mentions, column: :project_id
end
end
end

25
db/post_migrate/20240916124324_add_alert_management_alert_user_mentions_project_id_trigger.rb Normal file
View File

@ -0,0 +1,25 @@
# frozen_string_literal: true
class AddAlertManagementAlertUserMentionsProjectIdTrigger < Gitlab::Database::Migration[2.2]
milestone '17.5'
def up
install_sharding_key_assignment_trigger(
table: :alert_management_alert_user_mentions,
sharding_key: :project_id,
parent_table: :alert_management_alerts,
parent_sharding_key: :project_id,
foreign_key: :alert_management_alert_id
)
end
def down
remove_sharding_key_assignment_trigger(
table: :alert_management_alert_user_mentions,
sharding_key: :project_id,
parent_table: :alert_management_alerts,
parent_sharding_key: :project_id,
foreign_key: :alert_management_alert_id
)
end
end

40
db/post_migrate/20240916124325_queue_backfill_alert_management_alert_user_mentions_project_id.rb Normal file
View File

@ -0,0 +1,40 @@
# frozen_string_literal: true
class QueueBackfillAlertManagementAlertUserMentionsProjectId < Gitlab::Database::Migration[2.2]
milestone '17.5'
restrict_gitlab_migration gitlab_schema: :gitlab_main_cell
MIGRATION = "BackfillAlertManagementAlertUserMentionsProjectId"
DELAY_INTERVAL = 2.minutes
BATCH_SIZE = 1000
SUB_BATCH_SIZE = 100
def up
queue_batched_background_migration(
MIGRATION,
:alert_management_alert_user_mentions,
:id,
:project_id,
:alert_management_alerts,
:project_id,
:alert_management_alert_id,
job_interval: DELAY_INTERVAL,
batch_size: BATCH_SIZE,
sub_batch_size: SUB_BATCH_SIZE
)
end
def down
delete_batched_background_migration(
MIGRATION,
:alert_management_alert_user_mentions,
:id,
[
:project_id,
:alert_management_alerts,
:project_id,
:alert_management_alert_id
]
)
end
end

16
db/post_migrate/20240916132823_index_incident_management_oncall_rotations_on_project_id.rb Normal file
View File

@ -0,0 +1,16 @@
# frozen_string_literal: true
class IndexIncidentManagementOncallRotationsOnProjectId < Gitlab::Database::Migration[2.2]
milestone '17.5'
disable_ddl_transaction!
INDEX_NAME = 'index_incident_management_oncall_rotations_on_project_id'
def up
add_concurrent_index :incident_management_oncall_rotations, :project_id, name: INDEX_NAME
end
def down
remove_concurrent_index_by_name :incident_management_oncall_rotations, INDEX_NAME
end
end

17
db/post_migrate/20240916132824_add_incident_management_oncall_rotations_project_id_fk.rb Normal file
View File

@ -0,0 +1,17 @@
# frozen_string_literal: true
class AddIncidentManagementOncallRotationsProjectIdFk < Gitlab::Database::Migration[2.2]
milestone '17.5'
disable_ddl_transaction!
def up
add_concurrent_foreign_key :incident_management_oncall_rotations, :projects, column: :project_id,
on_delete: :cascade
end
def down
with_lock_retries do
remove_foreign_key :incident_management_oncall_rotations, column: :project_id
end
end
end

25
db/post_migrate/20240916132825_add_incident_management_oncall_rotations_project_id_trigger.rb Normal file
View File

@ -0,0 +1,25 @@
# frozen_string_literal: true
class AddIncidentManagementOncallRotationsProjectIdTrigger < Gitlab::Database::Migration[2.2]
milestone '17.5'
def up
install_sharding_key_assignment_trigger(
table: :incident_management_oncall_rotations,
sharding_key: :project_id,
parent_table: :incident_management_oncall_schedules,
parent_sharding_key: :project_id,
foreign_key: :oncall_schedule_id
)
end
def down
remove_sharding_key_assignment_trigger(
table: :incident_management_oncall_rotations,
sharding_key: :project_id,
parent_table: :incident_management_oncall_schedules,
parent_sharding_key: :project_id,
foreign_key: :oncall_schedule_id
)
end
end

40
db/post_migrate/20240916132826_queue_backfill_incident_management_oncall_rotations_project_id.rb Normal file
View File

@ -0,0 +1,40 @@
# frozen_string_literal: true
class QueueBackfillIncidentManagementOncallRotationsProjectId < Gitlab::Database::Migration[2.2]
milestone '17.5'
restrict_gitlab_migration gitlab_schema: :gitlab_main_cell
MIGRATION = "BackfillIncidentManagementOncallRotationsProjectId"
DELAY_INTERVAL = 2.minutes
BATCH_SIZE = 1000
SUB_BATCH_SIZE = 100
def up
queue_batched_background_migration(
MIGRATION,
:incident_management_oncall_rotations,
:id,
:project_id,
:incident_management_oncall_schedules,
:project_id,
:oncall_schedule_id,
job_interval: DELAY_INTERVAL,
batch_size: BATCH_SIZE,
sub_batch_size: SUB_BATCH_SIZE
)
end
def down
delete_batched_background_migration(
MIGRATION,
:incident_management_oncall_rotations,
:id,
[
:project_id,
:incident_management_oncall_schedules,
:project_id,
:oncall_schedule_id
]
)
end
end

1
db/schema_migrations/20240916124321 Normal file
View File

@ -0,0 +1 @@
65e803e7fe5203e54677b82cdfe0e8cef6452d1ac7ad70674d8f716553457347

1
db/schema_migrations/20240916124322 Normal file
View File

@ -0,0 +1 @@
64b391b8462b872e96752a4d301dd31abfcdd889c2ccf5cee4b45e1d3c2c4ab5

1
db/schema_migrations/20240916124323 Normal file
View File

@ -0,0 +1 @@
94f1d031a9481d6e53abd9d8dc01b969a9874fa0cf8c04596a1d8520ded4891c

1
db/schema_migrations/20240916124324 Normal file
View File

@ -0,0 +1 @@
79119daa781aa38cf6548cbc5da449dc4e86d388abc1b6dbbbe02994998bfed8

1
db/schema_migrations/20240916124325 Normal file
View File

@ -0,0 +1 @@
435ed5398f0b6d9da90b11216a1112904a2d4913067421fb3e780af9997f85f2

1
db/schema_migrations/20240916132822 Normal file
View File

@ -0,0 +1 @@
196973c5da932f0600e128c2c482d2c95c3e23b9a2539d47b524b9e7e127af5d

1
db/schema_migrations/20240916132823 Normal file
View File

@ -0,0 +1 @@
3943f9018666014e119fbb80a1dcfc1d4e542eb3f5a8135200317619e0940a88

1
db/schema_migrations/20240916132824 Normal file
View File

@ -0,0 +1 @@
08545d81dfc16ea440024ea07cd34abce85fb4a2245bbfa7a625344d3bb53cbb

1
db/schema_migrations/20240916132825 Normal file
View File

@ -0,0 +1 @@
41b348acf226a31fc6dcbc43942d11ba6c1f1c93af7a1e77e9065788c7bf0841

1
db/schema_migrations/20240916132826 Normal file
View File

@ -0,0 +1 @@
a21b99b1d78be38924a4153cf20f123add3765ddf77b76e991653f347ac6a309

50
db/structure.sql
View File

@ -1097,6 +1097,22 @@ RETURN NEW;
END
$$;
CREATE FUNCTION trigger_30209d0fba3e() RETURNS trigger
LANGUAGE plpgsql
AS $$
BEGIN
IF NEW."project_id" IS NULL THEN
SELECT "project_id"
INTO NEW."project_id"
FROM "alert_management_alerts"
WHERE "alert_management_alerts"."id" = NEW."alert_management_alert_id";
END IF;
RETURN NEW;
END
$$;
CREATE FUNCTION trigger_3691f9f6a69f() RETURNS trigger
LANGUAGE plpgsql
AS $$
@ -1913,6 +1929,22 @@ RETURN NEW;
END
$$;
CREATE FUNCTION trigger_b046dd50c711() RETURNS trigger
LANGUAGE plpgsql
AS $$
BEGIN
IF NEW."project_id" IS NULL THEN
SELECT "project_id"
INTO NEW."project_id"
FROM "incident_management_oncall_schedules"
WHERE "incident_management_oncall_schedules"."id" = NEW."oncall_schedule_id";
END IF;
RETURN NEW;
END
$$;
CREATE FUNCTION trigger_b2612138515d() RETURNS trigger
LANGUAGE plpgsql
AS $$
@ -5263,7 +5295,8 @@ CREATE TABLE alert_management_alert_user_mentions (
note_id bigint,
mentioned_users_ids bigint[],
mentioned_projects_ids bigint[],
mentioned_groups_ids bigint[]
mentioned_groups_ids bigint[],
project_id bigint
);
CREATE SEQUENCE alert_management_alert_user_mentions_id_seq
@ -11982,6 +12015,7 @@ CREATE TABLE incident_management_oncall_rotations (
ends_at timestamp with time zone,
active_period_start time without time zone,
active_period_end time without time zone,
project_id bigint,
CONSTRAINT check_5209fb5d02 CHECK ((char_length(name) <= 200))
);
@ -27215,6 +27249,8 @@ CREATE INDEX index_alert_management_alert_metric_images_on_alert_id ON alert_man
CREATE INDEX index_alert_management_alert_metric_images_on_project_id ON alert_management_alert_metric_images USING btree (project_id);
CREATE INDEX index_alert_management_alert_user_mentions_on_project_id ON alert_management_alert_user_mentions USING btree (project_id);
CREATE INDEX index_alert_management_alerts_on_domain ON alert_management_alerts USING btree (domain);
CREATE INDEX index_alert_management_alerts_on_environment_id ON alert_management_alerts USING btree (environment_id) WHERE (environment_id IS NOT NULL);
@ -28777,6 +28813,8 @@ CREATE UNIQUE INDEX index_inc_mgmnt_oncall_rotations_on_oncall_schedule_id_and_n
CREATE INDEX index_incident_management_escalation_rules_on_project_id ON incident_management_escalation_rules USING btree (project_id);
CREATE INDEX index_incident_management_oncall_rotations_on_project_id ON incident_management_oncall_rotations USING btree (project_id);
CREATE INDEX index_incident_management_oncall_schedules_on_project_id ON incident_management_oncall_schedules USING btree (project_id);
CREATE INDEX index_incident_management_oncall_shifts_on_participant_id ON incident_management_oncall_shifts USING btree (participant_id);
@ -33119,6 +33157,8 @@ CREATE TRIGGER trigger_25fe4f7da510 BEFORE INSERT OR UPDATE ON vulnerability_iss
CREATE TRIGGER trigger_2b8fdc9b4a4e BEFORE INSERT OR UPDATE ON ml_experiment_metadata FOR EACH ROW EXECUTE FUNCTION trigger_2b8fdc9b4a4e();
CREATE TRIGGER trigger_30209d0fba3e BEFORE INSERT OR UPDATE ON alert_management_alert_user_mentions FOR EACH ROW EXECUTE FUNCTION trigger_30209d0fba3e();
CREATE TRIGGER trigger_3691f9f6a69f BEFORE INSERT OR UPDATE ON remote_development_agent_configs FOR EACH ROW EXECUTE FUNCTION trigger_3691f9f6a69f();
CREATE TRIGGER trigger_3d1a58344b29 BEFORE INSERT OR UPDATE ON alert_management_alert_assignees FOR EACH ROW EXECUTE FUNCTION trigger_3d1a58344b29();
@ -33219,6 +33259,8 @@ CREATE TRIGGER trigger_a7e0fb195210 BEFORE INSERT OR UPDATE ON vulnerability_fin
CREATE TRIGGER trigger_af3f17817e4d BEFORE INSERT OR UPDATE ON protected_tag_create_access_levels FOR EACH ROW EXECUTE FUNCTION trigger_af3f17817e4d();
CREATE TRIGGER trigger_b046dd50c711 BEFORE INSERT OR UPDATE ON incident_management_oncall_rotations FOR EACH ROW EXECUTE FUNCTION trigger_b046dd50c711();
CREATE TRIGGER trigger_b2612138515d BEFORE INSERT OR UPDATE ON project_relation_exports FOR EACH ROW EXECUTE FUNCTION trigger_b2612138515d();
CREATE TRIGGER trigger_b4520c29ea74 BEFORE INSERT OR UPDATE ON approval_merge_request_rule_sources FOR EACH ROW EXECUTE FUNCTION trigger_b4520c29ea74();
@ -34068,6 +34110,9 @@ ALTER TABLE ONLY sprints
ALTER TABLE ONLY alert_management_alert_metric_images
ADD CONSTRAINT fk_80b75a6094 FOREIGN KEY (project_id) REFERENCES projects(id) ON DELETE CASCADE;
ALTER TABLE ONLY alert_management_alert_user_mentions
ADD CONSTRAINT fk_8175238264 FOREIGN KEY (project_id) REFERENCES projects(id) ON DELETE CASCADE;
ALTER TABLE ONLY related_epic_links
ADD CONSTRAINT fk_8257080565 FOREIGN KEY (group_id) REFERENCES namespaces(id) ON DELETE CASCADE;
@ -34539,6 +34584,9 @@ ALTER TABLE ONLY incident_management_escalation_rules
ALTER TABLE ONLY packages_dependencies
ADD CONSTRAINT fk_cea1124da7 FOREIGN KEY (project_id) REFERENCES projects(id) ON DELETE CASCADE;
ALTER TABLE ONLY incident_management_oncall_rotations
ADD CONSTRAINT fk_cecf1b51f9 FOREIGN KEY (project_id) REFERENCES projects(id) ON DELETE CASCADE;
ALTER TABLE ONLY compliance_framework_security_policies
ADD CONSTRAINT fk_cf3c0ac207 FOREIGN KEY (policy_configuration_id) REFERENCES security_orchestration_policy_configurations(id) ON DELETE CASCADE;

73
doc/administration/auth/oidc.md
View File

@ -335,7 +335,9 @@ First, set the `uid_field`. Both the `uid_field` and the `sub` claim that you ca
| [`omniauth-azure-activedirectory-v2`](https://github.com/RIPAGlobal/omniauth-azure-activedirectory-v2/) | `oid` | You must configure `oid` as `uid_field` when migrating. |
| [`omniauth_openid_connect`](https://github.com/omniauth/omniauth_openid_connect/) | `sub` | Specify `uid_field` to use another field. |
To migrate to the Generic OpenID Connect configuration, you must change the configuration to the following:
To migrate to the Generic OpenID Connect configuration, you must update the configuration.
For Linux package installations, update the configuration as follows:
::Tabs
@ -395,11 +397,76 @@ gitlab_rails['omniauth_providers'] = [
::EndTabs
For Helm installations:
::Tabs
:::TabTitle Azure OAuth 2.0
```ruby
{
"name": "azure_oauth2",
"args": {
"name": "azure_oauth2",
"strategy_class": "OmniAuth::Strategies::OpenIDConnect",
"scope": [
"openid",
"profile",
"email"
],
"response_type": "code",
"issuer": "https://login.microsoftonline.com/<YOUR-TENANT-ID>/v2.0",
"client_auth_method": "query",
"discovery": true,
"uid_field": "sub",
"send_scope_to_token_endpoint": false,
"client_options": {
"identifier": "<YOUR APP CLIENT ID>",
"secret": "<YOUR APP CLIENT SECRET>",
"redirect_uri": "https://gitlab.example.com/users/auth/azure_oauth2/callback"
}
}
}
```
:::TabTitle Azure Active Directory v2
```ruby
{
"name": "azure_activedirectory_v2",
"args": {
"name": "azure_activedirectory_v2",
"strategy_class": "OmniAuth::Strategies::OpenIDConnect",
"scope": [
"openid",
"profile",
"email"
],
"response_type": "code",
"issuer": "https://login.microsoftonline.com/<YOUR-TENANT-ID>/v2.0",
"client_auth_method": "query",
"discovery": true,
"uid_field": "sub",
"send_scope_to_token_endpoint": false,
"client_options": {
"identifier": "<YOUR APP CLIENT ID>",
"secret": "<YOUR APP CLIENT SECRET>",
"redirect_uri": "https://gitlab.example.com/users/auth/activedirectory_v2/callback"
}
}
}
```
::EndTabs
As you migrate from `azure_oauth2` to `omniauth_openid_connect` as part of upgrading to GitLab 17.0 or above, the `sub` claim value set for your organization can vary. `azure_oauth2` uses Microsoft V1 endpoint while `azure_activedirectory_v2` and `omniauth_openid_connect` both use Microsoft V2 endpoint with a common `sub` value.
- For users with an email address in Entra ID, configure [`omniauth_auto_link_user`](../../integration/omniauth.md#link-existing-users-to-omniauth-users) to allow falling back to email address and updating the user's identity.
- **For users with an email address in Entra ID**, to allow falling back to email address and updating the user's identity,
configure the following:
- In a Linux package installation, [`omniauth_auto_link_user`](../../integration/omniauth.md#link-existing-users-to-omniauth-users).
- In a Helm installation, [`autoLinkUser`](https://docs.gitlab.com/charts/charts/globals.html#omniauth).
- For users with no email address, administrators must take one of the following actions:
- **For users with no email address**, administrators must take one of the following actions:
- Set up another authentication method or enable sign-in using GitLab username and password. The user can then sign in and link their Azure identity manually using their profile.
- Implement OpenID Connect as a new provider alongside the existing `azure_oauth2` so the user can sign in through OAuth2, and link their OpenID Connect identity (similar to the previous method). This method would also work for users with email addresses, as long as `auto_link_user` is enabled.

2
doc/api/graphql/reference/index.md
View File

@ -957,6 +957,7 @@ four standard [pagination arguments](#pagination-arguments):
| <a id="queryprojectsmembership"></a>`membership` | [`Boolean`](#boolean) | Return only projects that the current user is a member of. |
| <a id="queryprojectsminaccesslevel"></a>`minAccessLevel` | [`AccessLevelEnum`](#accesslevelenum) | Return only projects where current user has at least the specified access level. |
| <a id="queryprojectspersonal"></a>`personal` | [`Boolean`](#boolean) | Return only personal projects. |
| <a id="queryprojectsprogramminglanguagename"></a>`programmingLanguageName` | [`String`](#string) | Filter projects by programming language name (case insensitive). For example: "css" or "ruby". |
| <a id="queryprojectssearch"></a>`search` | [`String`](#string) | Search query, which can be for the project name, a path, or a description. |
| <a id="queryprojectssearchnamespaces"></a>`searchNamespaces` | [`Boolean`](#boolean) | Include namespace in project search. |
| <a id="queryprojectssort"></a>`sort` | [`String`](#string) | Sort order of results. Format: `<field_name>_<sort_direction>`, for example: `id_desc` or `name_asc`. |
@ -28438,6 +28439,7 @@ four standard [pagination arguments](#pagination-arguments):
| <a id="organizationprojectsmembership"></a>`membership` | [`Boolean`](#boolean) | Return only projects that the current user is a member of. |
| <a id="organizationprojectsminaccesslevel"></a>`minAccessLevel` | [`AccessLevelEnum`](#accesslevelenum) | Return only projects where current user has at least the specified access level. |
| <a id="organizationprojectspersonal"></a>`personal` | [`Boolean`](#boolean) | Return only personal projects. |
| <a id="organizationprojectsprogramminglanguagename"></a>`programmingLanguageName` | [`String`](#string) | Filter projects by programming language name (case insensitive). For example: "css" or "ruby". |
| <a id="organizationprojectssearch"></a>`search` | [`String`](#string) | Search query, which can be for the project name, a path, or a description. |
| <a id="organizationprojectssearchnamespaces"></a>`searchNamespaces` | [`Boolean`](#boolean) | Include namespace in project search. |
| <a id="organizationprojectssort"></a>`sort` | [`String`](#string) | Sort order of results. Format: `<field_name>_<sort_direction>`, for example: `id_desc` or `name_asc`. |

206
doc/user/permissions.md
View File

@ -54,65 +54,24 @@ Personal [namespace](namespace/index.md) owners:
For more information about how to manage project members, see
[members of a project](project/members/index.md).
The following table lists project permissions available for each role:
The following tables list project permissions available for each role.
<!-- Keep these tables sorted: By category first, then by minimum role, then alphabetically by action. -->
### Analytics
| Action | Guest | Reporter | Developer | Maintainer | Owner | Notes |
|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|:-----:|:--------:|:---------:|:----------:|:-----:|-------|
| [Analytics](analytics/index.md):<br>View [issue analytics](group/issues_analytics/index.md) | ✓ | ✓ | ✓ | ✓ | ✓ | |
| [Analytics](analytics/index.md):<br>View [value stream analytics](group/value_stream_analytics/index.md) | ✓ | ✓ | ✓ | ✓ | ✓ | |
| [Analytics](analytics/index.md):<br>View [Value Streams Dashboard & AI Impact analytics](analytics/value_streams_dashboard.md) | | ✓ | ✓ | ✓ | ✓ | |
| [Analytics](analytics/index.md):<br>View [DORA metrics](analytics/ci_cd_analytics.md) | | ✓ | ✓ | ✓ | ✓ | |
| [Analytics](analytics/index.md):<br>View [CI/CD analytics](analytics/ci_cd_analytics.md) | | ✓ | ✓ | ✓ | ✓ | |
| [Analytics](analytics/index.md):<br>View [code review analytics](analytics/code_review_analytics.md) | | ✓ | ✓ | ✓ | ✓ | |
| [Analytics](analytics/index.md):<br>View [merge request analytics](analytics/merge_request_analytics.md) | | ✓ | ✓ | ✓ | ✓ | |
| [Analytics](analytics/index.md):<br>View [repository analytics](analytics/repository_analytics.md) | | ✓ | ✓ | ✓ | ✓ | |
| [GitLab agent for Kubernetes](clusters/agent/index.md):<br>View agents | | | ✓ | ✓ | ✓ | |
| [GitLab agent for Kubernetes](clusters/agent/index.md):<br>Manage agents | | | | ✓ | ✓ | |
| [GitLab Pages](project/pages/index.md):<br>View Pages protected by [access control](project/pages/pages_access_control.md) | ✓ | ✓ | ✓ | ✓ | ✓ | |
| [GitLab Pages](project/pages/index.md):<br>Manage | | | | ✓ | ✓ | |
| [GitLab Pages](project/pages/index.md):<br>Manage GitLab Pages domains and certificates | | | | ✓ | ✓ | |
| [GitLab Pages](project/pages/index.md):<br>Remove GitLab Pages | | | | ✓ | ✓ | |
| [Incident Management](../operations/incident_management/index.md):<br>Assign an alert | ✓ | ✓ | ✓ | ✓ | ✓ | |
| [Incident Management](../operations/incident_management/index.md):<br>Participate in on-call rotation | ✓ | ✓ | ✓ | ✓ | ✓ | |
| [Incident Management](../operations/incident_management/index.md):<br>View [incident](../operations/incident_management/incidents.md) | ✓ | ✓ | ✓ | ✓ | ✓ | |
| [Incident Management](../operations/incident_management/index.md):<br>Change [alert status](../operations/incident_management/alerts.md#change-an-alerts-status) | | ✓ | ✓ | ✓ | ✓ | |
| [Incident Management](../operations/incident_management/index.md):<br>Change [incident severity](../operations/incident_management/manage_incidents.md#change-severity) | | ✓ | ✓ | ✓ | ✓ | |
| [Incident Management](../operations/incident_management/index.md):<br>Create [incident](../operations/incident_management/incidents.md) | | ✓ | ✓ | ✓ | ✓ | |
| [Incident Management](../operations/incident_management/index.md):<br>View [alerts](../operations/incident_management/alerts.md) | | ✓ | ✓ | ✓ | ✓ | |
| [Incident Management](../operations/incident_management/index.md):<br>View [escalation policies](../operations/incident_management/escalation_policies.md) | | ✓ | ✓ | ✓ | ✓ | |
| [Incident Management](../operations/incident_management/index.md):<br>View [on-call schedules](../operations/incident_management/oncall_schedules.md) | | ✓ | ✓ | ✓ | ✓ | |
| [Incident Management](../operations/incident_management/index.md):<br>Change [incident escalation status](../operations/incident_management/manage_incidents.md#change-status) | | | ✓ | ✓ | ✓ | |
| [Incident Management](../operations/incident_management/index.md):<br>Change [incident escalation policy](../operations/incident_management/manage_incidents.md#change-escalation-policy) | | | ✓ | ✓ | ✓ | |
| [Incident Management](../operations/incident_management/index.md):<br>Manage [on-call schedules](../operations/incident_management/oncall_schedules.md) | | | | ✓ | ✓ | |
| [Incident Management](../operations/incident_management/index.md):<br>Manage [escalation policies](../operations/incident_management/escalation_policies.md) | | | | ✓ | ✓ | |
| [Project operations](../operations/index.md):<br>View [Error Tracking](../operations/error_tracking.md) list | | ✓ | ✓ | ✓ | ✓ | |
| [Project operations](../operations/index.md):<br>Manage [Feature flags](../operations/feature_flags.md) | | | ✓ | ✓ | ✓ | |
| [Project operations](../operations/index.md):<br>Manage [Error Tracking](../operations/error_tracking.md) | | | | ✓ | ✓ | |
| [Projects](project/index.md):<br>Reposition comments on images (posted by any user) | ✓ | ✓ | ✓ | ✓ | ✓ | Applies only to comments on [Design Management](project/issues/design_management.md) designs. |
| [Projects](project/index.md):<br>View [Insights](project/insights/index.md) | ✓ | ✓ | ✓ | ✓ | ✓ | |
| [Projects](project/index.md):<br>View [Requirements](project/requirements/index.md) | ✓ | ✓ | ✓ | ✓ | ✓ | |
| [Projects](project/index.md):<br>View [time tracking](project/time_tracking.md) reports | ✓ | ✓ | ✓ | ✓ | ✓ | On self-managed GitLab instances, users with the Guest role are able to perform this action only on public and internal projects (not on private projects). [External users](../administration/external_users.md) must be given explicit access (at least the **Reporter** role) even if the project is internal. Users with the Guest role on GitLab.com are only able to perform this action on public projects because internal visibility is not available. |
| [Projects](project/index.md):<br>View [snippets](snippets.md) | ✓ | ✓ | ✓ | ✓ | ✓ | |
| [Projects](project/index.md):<br>Create [snippets](snippets.md) | | ✓ | ✓ | ✓ | ✓ | |
| [Projects](project/index.md):<br>Globally delete [snippets](snippets.md) | | | | ✓ | ✓ | |
| [Projects](project/index.md):<br>Globally edit [snippets](snippets.md) | | | | ✓ | ✓ | |
| [Projects](project/index.md):<br>View [project traffic statistics](../api/project_statistics.md) | | ✓ | ✓ | ✓ | ✓ | |
| [Projects](project/index.md):<br>Add [deploy keys](project/deploy_keys/index.md) | | | | ✓ | ✓ | |
| [Projects](project/index.md):<br>Manage [Project Operations](../operations/index.md) | | | | ✓ | ✓ | |
| [Projects](project/index.md): View [Usage Quotas](usage_quotas.md) page | | | | ✓ | ✓ | |
| [Requirements Management](project/requirements/index.md):<br>Archive / reopen | | ✓ | ✓ | ✓ | ✓ | Authors and assignees can archive and re-open even if they don't have the Reporter role. |
| [Requirements Management](project/requirements/index.md):<br>Create / edit | | ✓ | ✓ | ✓ | ✓ | Authors and assignees can modify the title and description even if they don't have the Reporter role.|
| [Requirements Management](project/requirements/index.md):<br>Import / export | | ✓ | ✓ | ✓ | ✓ | |
| [Terraform](infrastructure/index.md):<br>Read Terraform state | | | ✓ | ✓ | ✓ | |
| [Terraform](infrastructure/index.md):<br>Manage Terraform state | | | | ✓ | ✓ | |
| [Test cases](../ci/test_cases/index.md):<br>Archive | | ✓ | ✓ | ✓ | ✓ | |
| [Test cases](../ci/test_cases/index.md):<br>Create | | ✓ | ✓ | ✓ | ✓ | |
| [Test cases](../ci/test_cases/index.md):<br>Move | | ✓ | ✓ | ✓ | ✓ | |
| [Test cases](../ci/test_cases/index.md):<br>Reopen | | ✓ | ✓ | ✓ | ✓ | |
Project permissions for [analytics](../user/analytics/index.md) features including value streams, usage trends, product analytics, and insights.
### Application Security
| Action | Guest | Reporter | Developer | Maintainer | Owner | Notes |
|----------------------------------------------------------------------------------------------------------------------------------------------------------|:-----:|:--------:|:---------:|:----------:|:-----:|-------|
| View [issue analytics](group/issues_analytics/index.md) | ✓ | ✓ | ✓ | ✓ | ✓ | |
| View [value stream analytics](group/value_stream_analytics/index.md) | ✓ | ✓ | ✓ | ✓ | ✓ | |
| View [Value Streams Dashboard & AI Impact analytics](analytics/value_streams_dashboard.md) | | ✓ | ✓ | ✓ | ✓ | |
| View [DORA metrics](analytics/ci_cd_analytics.md) | | ✓ | ✓ | ✓ | ✓ | |
| View [CI/CD analytics](analytics/ci_cd_analytics.md) | | ✓ | ✓ | ✓ | ✓ | |
| View [code review analytics](analytics/code_review_analytics.md) | | ✓ | ✓ | ✓ | ✓ | |
| View [merge request analytics](analytics/merge_request_analytics.md) | | ✓ | ✓ | ✓ | ✓ | |
| View [repository analytics](analytics/repository_analytics.md) | | ✓ | ✓ | ✓ | ✓ | |
### Application security
Project permissions for [application security](application_security/secure_your_application.md) features including dependency management, security analyzers, security policies, and vulnerability management.
@ -140,7 +99,7 @@ Project permissions for [application security](application_security/secure_your_
- [Pipeline visibility](../ci/pipelines/settings.md#change-pipeline-visibility-for-non-project-members-in-public-projects):
When set to **Everyone with Access**, gives access to certain CI/CD "view" features to *non-project* members.
Project Owners can do any listed action, and also can delete pipelines:
Project Owners can perform any listed action, and can delete pipelines:
| Action | Non-member | Guest | Reporter | Developer | Maintainer | Notes |
|--------------------------------------------------------------------------------------------------------------------------------|:----------:|:-----:|:--------:|:---------:|:----------:|-------|
@ -174,6 +133,10 @@ Project Owners can do any listed action, and also can delete pipelines:
| Manage job triggers | | | | | ✓ | |
| Manage project CI/CD variables | | | | | ✓ | |
| Manage project [Secure Files](../api/secure_files.md) | | | | | ✓ | |
| View [agents for Kubernetes](clusters/agent/index.md) | | | ✓ | ✓ | ✓ | |
| Manage [agents for Kubernetes](clusters/agent/index.md) | | | | ✓ | ✓ | |
| Read [Terraform](infrastructure/index.md) state | | | ✓ | ✓ | ✓ | |
| Manage [Terraform](infrastructure/index.md) state | | | | ✓ | ✓ | |
This table shows granted privileges for jobs triggered by specific roles.
@ -203,17 +166,39 @@ Project permissions for [compliance](compliance/index.md) features including com
| View licenses in [dependency list](application_security/dependency_list/index.md) | | | ✓ | ✓ | ✓ | |
| Manage [audit streams](compliance/audit_event_streaming.md) | | | | | ✓ | |
### Machine learning model registry and experiments
### Machine learning model registry and experiment
Project permissions for [model registry](project/ml/model_registry/index.md) and [model experiments](project/ml/experiment_tracking/index.md).
| Action | Guest | Reporter | Developer | Maintainer | Owner | Notes |
|---------------------------------------------------------------------------------------------------|:-----:|:--------:|:---------:|:----------:|:-----:|-------|
| View [models and versions](project/ml/model_registry/index.md) | | ✓ | ✓ | ✓ | ✓ | |
| Create, edit, and delete models, versions, and artifacts | | | ✓ | ✓ | ✓ | |
| Create, edit, and delete models, versions, and artifacts | | | ✓ | ✓ | ✓ | |
| View [model experiments](project/ml/experiment_tracking/index.md) | | ✓ | ✓ | ✓ | ✓ | |
| Create, edit, and delete experiments, candidates etc | | | ✓ | ✓ | ✓ | |
### Monitoring
Project permissions for monitoring including [error tracking](../operations/error_tracking.md) and [incident management](../operations/incident_management/index.md):
| Action | Guest | Reporter | Developer | Maintainer | Owner | Notes |
|---------------------------------------------------------------------------------------------------------------------|-:-:---|-:-:------|-:-:-------|-:-:--------|-:-:---|-------|
| View [error tracking](../operations/error_tracking.md) list | | ✓ | ✓ | ✓ | ✓ | |
| Manage [error tracking](../operations/error_tracking.md) | | | | ✓ | ✓ | |
| Assign an [incident management](../operations/incident_management/index.md) alert | ✓ | ✓ | ✓ | ✓ | ✓ | |
| Participate in on-call rotation [Incident Management](../operations/incident_management/index.md) | ✓ | ✓ | ✓ | ✓ | ✓ | |
| View an [incident](../operations/incident_management/incidents.md) | ✓ | ✓ | ✓ | ✓ | ✓ | |
| Change [alert status](../operations/incident_management/alerts.md#change-an-alerts-status) | | ✓ | ✓ | ✓ | ✓ | |
| Change [incident severity](../operations/incident_management/manage_incidents.md#change-severity) | | ✓ | ✓ | ✓ | ✓ | |
| Create [incident](../operations/incident_management/incidents.md) | | ✓ | ✓ | ✓ | ✓ | |
| View [alerts](../operations/incident_management/alerts.md) | | ✓ | ✓ | ✓ | ✓ | |
| View [escalation policies](../operations/incident_management/escalation_policies.md) | | ✓ | ✓ | ✓ | ✓ | |
| View [on-call schedules](../operations/incident_management/oncall_schedules.md) | | ✓ | ✓ | ✓ | ✓ | |
| Change [incident escalation status](../operations/incident_management/manage_incidents.md#change-status) | | | ✓ | ✓ | ✓ | |
| Change [incident escalation policy](../operations/incident_management/manage_incidents.md#change-escalation-policy) | | | ✓ | ✓ | ✓ | |
| Manage [on-call schedules](../operations/incident_management/oncall_schedules.md) | | | | ✓ | ✓ | |
| Manage [escalation policies](../operations/incident_management/escalation_policies.md) | | | | ✓ | ✓ | |
### Project planning
Project permissions for [issues](project/issues/index.md):
@ -229,6 +214,14 @@ Project permissions for [issues](project/issues/index.md):
| Manage [issue boards](project/issue_board.md) | | ✓ | ✓ | ✓ | ✓ | |
| Manage [milestones](project/milestones/index.md) | | ✓ | ✓ | ✓ | ✓ | |
| Delete issues | | | | | ✓ | |
| Manage [Feature flags](../operations/feature_flags.md) | | | ✓ | ✓ | ✓ | |
| Archive or reopen [requirements](project/requirements/index.md) | | ✓ | ✓ | ✓ | ✓ | Authors and assignees can archive and re-open even if they don't have the Reporter role. |
| Create or edit [requirements](project/requirements/index.md) | | ✓ | ✓ | ✓ | ✓ | Authors and assignees can modify the title and description even if they don't have the Reporter role.|
| Import or export [requirements](project/requirements/index.md) | | ✓ | ✓ | ✓ | ✓ | |
| Archive [test cases](../ci/test_cases/index.md) | | ✓ | ✓ | ✓ | ✓ | |
| Create [test cases](../ci/test_cases/index.md) | | ✓ | ✓ | ✓ | ✓ | |
| Move [test cases](../ci/test_cases/index.md) | | ✓ | ✓ | ✓ | ✓ | |
| Reopen [test cases](../ci/test_cases/index.md) | | ✓ | ✓ | ✓ | ✓ | |
Project permissions for [tasks](tasks.md):
@ -260,7 +253,7 @@ Project permissions for [wikis](project/wiki/index.md):
| Create and edit wiki pages | | | ✓ | ✓ | ✓ | |
| Delete wiki pages | | | ✓ | ✓ | ✓ | |
### Packages and Registries
### Packages and registry
Project permissions for [container registry](../user/packages/index.md):
@ -303,6 +296,27 @@ Project permissions for [project features](project/organize_work_with_projects.m
| Delete project | | | | | ✓ | |
| Disable notification emails | | | | | ✓ | |
| Transfer project | | | | | ✓ | |
| Reposition comments on images (posted by any user) | ✓ | ✓ | ✓ | ✓ | ✓ | Applies only to comments on [Design Management](project/issues/design_management.md) designs. |
| View [Insights](project/insights/index.md) | ✓ | ✓ | ✓ | ✓ | ✓ | |
| View [Requirements](project/requirements/index.md) | ✓ | ✓ | ✓ | ✓ | ✓ | |
| View [time tracking](project/time_tracking.md) reports | ✓ | ✓ | ✓ | ✓ | ✓ | On self-managed GitLab instances, users with the Guest role are able to perform this action only on public and internal projects (not on private projects). [External users](../administration/external_users.md) must be given explicit access (at least the **Reporter** role) even if the project is internal. Users with the Guest role on GitLab.com are only able to perform this action on public projects because internal visibility is not available. |
| View [project traffic statistics](../api/project_statistics.md) | | ✓ | ✓ | ✓ | ✓ | |
| Add [deploy keys](project/deploy_keys/index.md) | | | | ✓ | ✓ | |
| Manage [Project Operations](../operations/index.md) | | | | ✓ | ✓ | |
| View [Usage Quotas](usage_quotas.md) page | | | | ✓ | ✓ | |
| View [snippets](snippets.md) | ✓ | ✓ | ✓ | ✓ | ✓ | |
| Create [snippets](snippets.md) | | ✓ | ✓ | ✓ | ✓ | |
| Globally delete [snippets](snippets.md) | | | | ✓ | ✓ | |
| Globally edit [snippets](snippets.md) | | | | ✓ | ✓ | |
Project permissions for [GitLab Pages](project/pages/index.md):
| Action | Guest | Reporter | Developer | Maintainer | Owner | Notes |
|---------------------------------------------------------------------------|:-----:|:--------:|:---------:|:----------:|:-----:|-------|
| View GitLab Pages protected by [access control](project/pages/pages_access_control.md) | ✓ | ✓ | ✓ | ✓ | ✓ | |
| Manage GitLab Pages | | | | ✓ | ✓ | |
| Manage GitLab Pages domain and certificates | | | | ✓ | ✓ | |
| Remove GitLab Pages | | | | ✓ | ✓ | |
### Repository
@ -337,6 +351,7 @@ Project permissions for [merge requests](project/merge_requests/index.md):
| Manage [merge request settings](project/merge_requests/approvals/settings.md) | | | | ✓ | ✓ | |
| Manage [merge request approval rules](project/merge_requests/approvals/rules.md) | | | | ✓ | ✓ | |
| Delete merge request | | | | | ✓ | |
| Create [snippets](snippets.md) | | ✓ | ✓ | ✓ | ✓ | |
### User management
@ -359,29 +374,28 @@ Project permissions for [GitLab Duo](gitlab_duo/index.md):
## Group members permissions
Any user can remove themselves from a group, unless they are the last Owner of
Any user can remove themselves from a group, unless they are the only Owner of
the group.
The following table lists group permissions available for each role:
<!-- Keep these tables sorted: By category first, then by minimum role, then alphabetically by action. -->
### Analytics group permissions
| Action | Guest | Reporter | Developer | Maintainer | Owner | Notes |
|-----------------------------------------------------------------------------------------|-------|----------|-----------|------------|-------|-------|
Group permission for [analytics](../user/analytics/index.md) features including value streams, product analytics, and insights:
| Action | Guest | Reporter | Developer | Maintainer | Owner | Notes |
|---------------------------------------|:-----:|:--------:|:---------:|:----------:|:-----:|-------|
| View [Insights](project/insights/index.md) | ✓ | ✓ | ✓ | ✓ | ✓ | |
| View [Insights](project/insights/index.md) charts | ✓ | ✓ | ✓ | ✓ | ✓ | |
| View [Issue analytics](group/issues_analytics/index.md) | ✓ | ✓ | ✓ | ✓ | ✓ | |
| View Contribution analytics | ✓ | ✓ | ✓ | ✓ | ✓ | |
| View value stream analytics | ✓ | ✓ | ✓ | ✓ | ✓ | |
| View [Group DevOps Adoption](group/devops_adoption/index.md) | | ✓ | ✓ | ✓ | ✓ | |
| View [Productivity analytics](analytics/productivity_analytics.md) | | ✓ | ✓ | ✓ | ✓ | |
| View [Group DevOps Adoption](group/devops_adoption/index.md) | | ✓ | ✓ | ✓ | ✓ | |
| View metrics dashboard annotations | | ✓ | ✓ | ✓ | ✓ | |
| Create/edit/delete metrics dashboard annotations | | | ✓ | ✓ | ✓ | |
| View group audit events | | | ✓ | ✓ | ✓ | Developers and Maintainers can only view events based on their individual actions. |
| Map or unmap workspace cluster agents to and from a group | | | | | ✓ | |
| View workspace cluster agents mapped to a group | | | | ✓ | ✓ | |
### Application Security
### Application security group permissions
Group permissions for [Application Security](application_security/secure_your_application.md) features including dependency management, security analyzers, security policies, and vulnerability management.
@ -392,9 +406,9 @@ Group permissions for [Application Security](application_security/secure_your_ap
| View [security dashboard](application_security/security_dashboard/index.md) | | | ✓ | ✓ | ✓ | |
| Create or assign [security policy project](application_security/policies/index.md) | | | | | ✓ | |
### CI/CD
### CI/CD group permissions
Group permissions for [CI/CD](../ci/index.md):
Group permissions for [CI/CD](../ci/index.md) features including runners, variables, and protected environments:
| Action | Guest | Reporter | Developer | Maintainer | Owner | Notes |
|---------------------------------------|:-----:|:--------:|:---------:|:----------:|:-----:|-------|
@ -404,9 +418,9 @@ Group permissions for [CI/CD](../ci/index.md):
| Manage group level CI/CD variables | | | | | ✓ | |
| Manage group protected environments | | | | | ✓ | |
### Compliance
### Compliance group permissions
Groups permissions for [compliance](compliance/index.md) features including compliance center, audit events, compliance frameworks, and licenses.
Group permissions for [compliance](compliance/index.md) features including compliance center, audit events, compliance frameworks, and licenses.
| Action | Guest | Reporter | Developer | Maintainer | Owner | Notes |
|---------------------------------------------------------------------------------------|:-----:|:--------:|:---------:|:----------:|:-----:|-------|
@ -417,7 +431,19 @@ Groups permissions for [compliance](compliance/index.md) features including comp
| Manage [compliance frameworks](group/compliance_frameworks.md) | | | | | ✓ | |
| Assign [compliance frameworks](group/compliance_frameworks.md) to projects | | | | | ✓ | |
### Groups
### GitLab Duo group permissions
Group permissions for [GitLab Duo](../user/gitlab_duo/index.md):
| Action | Non-member | Guest | Reporter | Developer | Maintainer | Owner | Notes |
|-------------------------------------------------------------------------------------------------------------|------------|-------|----------|-----------|------------|-------|-------|
| <br>Purchase [Duo seats](../subscriptions/subscription-add-ons.md#purchase-additional-gitlab-duo-seats) | | | | | | ✓ | |
| <br>Configure [Duo feature availability](gitlab_duo/turn_on_off.md#turn-off-for-a-group) | | | | | ✓ | ✓ | |
| <br>Configure [self-hosted models](../administration/self_hosted_models/configure_duo_features.md) | | | | | | ✓ | |
| <br>Enable [beta and experimental features](gitlab_duo/turn_on_off.md#turn-on-beta-and-experimental-features) | | | | | | ✓ | |
| <br>Use Duo features | | | ✓ | ✓ | ✓ | ✓ | Requires [user being assigned a seat to gain access to a Duo add-on](../subscriptions/subscription-add-ons.md#assign-gitlab-duo-seats). |
### Groups group permissions
Group permissions for [group features](../user/group/index.md):
@ -439,8 +465,9 @@ Group permissions for [group features](../user/group/index.md):
| Configure [SAML SSO](group/saml_sso/index.md) | | | | | ✓ | Does not apply to subgroups |
| [Migrate groups](group/import/index.md) | | | | | ✓ | |
| Delete group | | | | | ✓ | |
| View group audit events | | | ✓ | ✓ | ✓ | Developers and Maintainers can only view events based on their individual actions. |
### Project planning
### Project planning group permissions
Group permissions for project planning features including iterations, milestones, and labels:
@ -470,7 +497,7 @@ Group permissions for [wikis](project/wiki/group.md):
| Create and edit group wiki pages | | | ✓ | ✓ | ✓ | |
| Delete group wiki pages | | | ✓ | ✓ | ✓ | |
### Packages and Registries
### Packages and registries group permissions
Group permissions for [container registry](../user/packages/index.md):
@ -493,7 +520,7 @@ Group permissions for [package registry](../user/packages/index.md):
| Enable/disable a dependency proxy | | | | | ✓ | |
| Enable/disable package request forwarding | | | | | ✓ | |
### Repository
### Repository group permissions
Group permissions for [repository](project/repository/index.md) features including merge requests, push rules, and deploy tokens.
@ -503,7 +530,7 @@ Group permissions for [repository](project/repository/index.md) features includi
| Manage [push rules](group/access_and_permissions.md#group-push-rules) | | | | | ✓ | |
| Manage [deploy tokens](project/deploy_tokens/index.md) | | | | | ✓ | |
### User Management
### User management group permissions
Group permissions for user management:
@ -515,7 +542,16 @@ Group permissions for user management:
| Share (invite) groups with groups | | | | | ✓ | |
| Manage group-level custom roles | | | | | ✓ | |
### Subgroup permissions
### Workspace group permissions
Groups permissions for workspaces:
| Action | Guest | Reporter | Developer | Maintainer | Owner | Notes |
|-----------------------------------------------------------------------------------------|-------|----------|-----------|------------|-------|-------|
| Map or unmap workspace cluster agents to and from a group | | | | | ✓ | |
| View workspace cluster agents mapped to a group | | | | ✓ | ✓ | |
## Subgroup permissions
When you add a member to a subgroup, they inherit the membership and
permission level from the parent groups. This model allows access to
@ -524,18 +560,6 @@ nested groups if you have membership in one of its parents.
For more information, see
[subgroup memberships](group/subgroups/index.md#subgroup-membership).
### GitLab Duo
Group permissions for [GitLab Duo](../user/gitlab_duo/index.md):
| Action | Non-member | Guest | Reporter | Developer | Maintainer | Owner | Notes |
|-------------------------------------------------------------------------------------------------------------|------------|-------|----------|-----------|------------|-------|-------|
| <br>Purchase [Duo seats](../subscriptions/subscription-add-ons.md#purchase-additional-gitlab-duo-seats) | | | | | | ✓ | |
| <br>Configure [Duo feature availability](gitlab_duo/turn_on_off.md#turn-off-for-a-group) | | | | | ✓ | ✓ | |
| <br>Configure [self-hosted models](../administration/self_hosted_models/configure_duo_features.md) | | | | | | ✓ | |
| <br>Enable [beta and experimental features](gitlab_duo/turn_on_off.md#turn-on-beta-and-experimental-features) | | | | | | ✓ | |
| <br>Use Duo features | | | ✓ | ✓ | ✓ | ✓ | Requires [user being assigned a seat to gain access to a Duo add-on](../subscriptions/subscription-add-ons.md#assign-gitlab-duo-seats). |
## Users with Minimal Access
DETAILS:

10
lib/gitlab/background_migration/backfill_alert_management_alert_user_mentions_project_id.rb Normal file
View File

@ -0,0 +1,10 @@
# frozen_string_literal: true
module Gitlab
module BackgroundMigration
class BackfillAlertManagementAlertUserMentionsProjectId < BackfillDesiredShardingKeyJob
operation_name :backfill_alert_management_alert_user_mentions_project_id
feature_category :incident_management
end
end
end

10
lib/gitlab/background_migration/backfill_incident_management_oncall_rotations_project_id.rb Normal file
View File

@ -0,0 +1,10 @@
# frozen_string_literal: true
module Gitlab
module BackgroundMigration
class BackfillIncidentManagementOncallRotationsProjectId < BackfillDesiredShardingKeyJob
operation_name :backfill_incident_management_oncall_rotations_project_id
feature_category :incident_management
end
end
end

1
lib/gitlab/usage_data.rb
View File

@ -57,7 +57,6 @@ module Gitlab
{
counts: {
assignee_lists: count(List.assignee),
ci_builds: count(::Ci::Build),
ci_external_pipelines: count(::Ci::Pipeline.external),
ci_pipeline_config_auto_devops: count(::Ci::Pipeline.auto_devops_source),
ci_pipeline_config_repository: count(::Ci::Pipeline.repository_source),

2
locale/gitlab.pot
View File

@ -52661,7 +52661,7 @@ msgstr ""
msgid "Started escalation for this incident."
msgstr ""
msgid "Starting with GitLab 17.5, OpenSSL 3 will be used. All TLS connections require TLS 1.2 or higher. Weaker ciphers are no longer supported. Encryption must have at least of 112 bits of security. %{link_start}Learn more%{link_end}."
msgid "Starting with GitLab 17.7, OpenSSL 3 will be used. All TLS connections require TLS 1.2 or higher. Weaker ciphers are no longer supported. Encryption must have at least of 112 bits of security. %{link_start}Learn more%{link_end}."
msgstr ""
msgid "Starting..."

2
qa/qa/page/base.rb
View File

@ -295,7 +295,7 @@ module QA
text = kwargs.delete(:text)
klass = kwargs.delete(:class)
visible = kwargs.delete(:visible)
visible = visible.nil? && true
visible = true if visible.nil?
try_find_element = ->(wait) do
if disabled.nil?

1
qa/qa/page/project/web_ide/vscode.rb
View File

@ -227,7 +227,6 @@ module QA
def create_merge_request
within_vscode_editor do
within_element('.notification-toast-container') do
has_element?('div[title="GitLab Web IDE Extension (Extension)"]')
click_monaco_button('Create MR')
end
end

3
qa/qa/specs/features/browser_ui/3_create/web_ide/upload_new_file_in_web_ide_spec.rb
View File

@ -30,8 +30,7 @@ module QA
end
shared_examples 'upload a file' do
it "verifies it successfully uploads and commits to a MR",
quarantine: 'https://gitlab.com/gitlab-org/gitlab/-/issues/491469' do
it "verifies it successfully uploads and commits to a MR" do
Page::Project::WebIDE::VSCode.perform do |ide|
ide.upload_file(file_path)
Support::Waiter.wait_until { ide.has_pending_changes? }

6
spec/features/callouts/openssl_callout_spec.rb
View File

@ -8,7 +8,7 @@ RSpec.describe 'OpenSSL callout', :do_not_mock_admin_mode_setting, feature_categ
let_it_be(:non_admin) { create(:user) }
let_it_be(:callout_title) { _('OpenSSL version 3') }
context 'when GitLab version is >= 17.1 and < 17.5' do
context 'when GitLab version is >= 17.1 and < 17.7' do
before do
stub_version('17.4.99', 'abcdefg')
end
@ -66,9 +66,9 @@ RSpec.describe 'OpenSSL callout', :do_not_mock_admin_mode_setting, feature_categ
end
end
context 'when GitLab version is >= 17.5' do
context 'when GitLab version is >= 17.7' do
before do
stub_version('17.5.0', 'abcdefg')
stub_version('17.7.0', 'abcdefg')
sign_in(admin)
end

14
spec/finders/projects_finder_spec.rb
View File

@ -473,13 +473,21 @@ RSpec.describe ProjectsFinder, feature_category: :groups_and_projects do
it { is_expected.to match_array([project]) }
end
describe 'filter by language' do
describe 'filtering by programming language' do
let_it_be(:ruby) { create(:programming_language, name: 'Ruby') }
let_it_be(:repository_language) { create(:repository_language, project: internal_project, programming_language: ruby) }
let(:params) { { language: ruby.id } }
context 'when language ID is provided' do
let(:params) { { language: ruby.id } }
it { is_expected.to match_array([internal_project]) }
it { is_expected.to match_array([internal_project]) }
end
context 'when language name is provided' do
let(:params) { { language_name: 'ruby' } }
it { is_expected.to match_array([internal_project]) }
end
end
describe 'filter by organization' do

10
spec/frontend/ci/common/pipelines_table_spec.js
View File

@ -206,6 +206,16 @@ describe('Pipelines Table', () => {
projectPath: 'frontend-fixtures/pipelines-project',
});
});
it('applies correct class to row', () => {
findTableRows().wrappers.forEach((row) => {
if (row.attributes('class').includes('details')) {
expect(row.attributes('class')).not.toContain('!gl-border-b');
} else {
expect(row.attributes('class')).toContain('!gl-border-b');
}
});
});
});
describe('and `useFailedJobsWidget` value is not provided', () => {

2
spec/frontend/work_items/mock_data.js
View File

@ -1343,6 +1343,7 @@ export const workItemResponseFactory = ({
__typename: 'WorkItemWidgetHierarchy',
type: 'HIERARCHY',
hasChildren: true,
rolledUpCountsByType: [],
hasParent,
children: {
nodes: [
@ -4702,6 +4703,7 @@ export const createWorkItemQueryResponse = {
hasChildren: false,
parent: null,
hasParent: false,
rolledUpCountsByType: [],
children: {
nodes: [],
__typename: 'WorkItemConnection',

4
spec/helpers/users/callouts_helper_spec.rb
View File

@ -123,9 +123,9 @@ RSpec.describe Users::CalloutsHelper, feature_category: :navigation do
where(:version, :current_user, :user_dismissed, :controller_path, :expected_result) do
'17.1.0' | ref(:admin) | false | 'admin' | true
'17.1.0' | ref(:admin) | false | 'admin/users' | true
'17.4.99' | ref(:admin) | false | 'admin' | true
'17.6.99' | ref(:admin) | false | 'admin' | true
'17.0.0' | ref(:admin) | false | 'admin' | false
'17.5.0' | ref(:admin) | false | 'admin' | false
'17.7.0' | ref(:admin) | false | 'admin' | false
'17.1.0' | ref(:user) | false | 'admin' | false
'17.1.0' | ref(:admin) | true | 'admin' | false
'17.1.0' | ref(:admin) | false | 'admin-' | false

15
spec/lib/gitlab/background_migration/backfill_alert_management_alert_user_mentions_project_id_spec.rb Normal file
View File

@ -0,0 +1,15 @@
# frozen_string_literal: true
require 'spec_helper'
RSpec.describe Gitlab::BackgroundMigration::BackfillAlertManagementAlertUserMentionsProjectId,
feature_category: :incident_management,
schema: 20240916124321 do
include_examples 'desired sharding key backfill job' do
let(:batch_table) { :alert_management_alert_user_mentions }
let(:backfill_column) { :project_id }
let(:backfill_via_table) { :alert_management_alerts }
let(:backfill_via_column) { :project_id }
let(:backfill_via_foreign_key) { :alert_management_alert_id }
end
end

15
spec/lib/gitlab/background_migration/backfill_incident_management_oncall_rotations_project_id_spec.rb Normal file
View File

@ -0,0 +1,15 @@
# frozen_string_literal: true
require 'spec_helper'
RSpec.describe Gitlab::BackgroundMigration::BackfillIncidentManagementOncallRotationsProjectId,
feature_category: :incident_management,
schema: 20240916132822 do
include_examples 'desired sharding key backfill job' do
let(:batch_table) { :incident_management_oncall_rotations }
let(:backfill_column) { :project_id }
let(:backfill_via_table) { :incident_management_oncall_schedules }
let(:backfill_via_column) { :project_id }
let(:backfill_via_foreign_key) { :oncall_schedule_id }
end
end

4
spec/lib/gitlab/usage/service_ping/instrumented_payload_spec.rb
View File

@ -42,8 +42,8 @@ RSpec.describe Gitlab::Usage::ServicePing::InstrumentedPayload do
context 'when missing instrumentation class' do
it 'returns empty hash' do
expect(described_class.new(['counts.ci_builds'], :with_instrumentation).build).to eq({})
expect(described_class.new(['counts.ci_builds'], :with_value).build).to eq({})
expect(described_class.new(['counts.ci_triggers'], :with_instrumentation).build).to eq({})
expect(described_class.new(['counts.ci_triggers'], :with_value).build).to eq({})
end
end

33
spec/migrations/20240916124325_queue_backfill_alert_management_alert_user_mentions_project_id_spec.rb Normal file
View File

@ -0,0 +1,33 @@
# frozen_string_literal: true
require 'spec_helper'
require_migration!
RSpec.describe QueueBackfillAlertManagementAlertUserMentionsProjectId, feature_category: :incident_management do
let!(:batched_migration) { described_class::MIGRATION }
it 'schedules a new batched migration' do
reversible_migration do |migration|
migration.before -> {
expect(batched_migration).not_to have_scheduled_batched_migration
}
migration.after -> {
expect(batched_migration).to have_scheduled_batched_migration(
table_name: :alert_management_alert_user_mentions,
column_name: :id,
interval: described_class::DELAY_INTERVAL,
batch_size: described_class::BATCH_SIZE,
sub_batch_size: described_class::SUB_BATCH_SIZE,
gitlab_schema: :gitlab_main_cell,
job_arguments: [
:project_id,
:alert_management_alerts,
:project_id,
:alert_management_alert_id
]
)
}
end
end
end

33
spec/migrations/20240916132826_queue_backfill_incident_management_oncall_rotations_project_id_spec.rb Normal file
View File

@ -0,0 +1,33 @@
# frozen_string_literal: true
require 'spec_helper'
require_migration!
RSpec.describe QueueBackfillIncidentManagementOncallRotationsProjectId, feature_category: :incident_management do
let!(:batched_migration) { described_class::MIGRATION }
it 'schedules a new batched migration' do
reversible_migration do |migration|
migration.before -> {
expect(batched_migration).not_to have_scheduled_batched_migration
}
migration.after -> {
expect(batched_migration).to have_scheduled_batched_migration(
table_name: :incident_management_oncall_rotations,
column_name: :id,
interval: described_class::DELAY_INTERVAL,
batch_size: described_class::BATCH_SIZE,
sub_batch_size: described_class::SUB_BATCH_SIZE,
gitlab_schema: :gitlab_main_cell,
job_arguments: [
:project_id,
:incident_management_oncall_schedules,
:project_id,
:oncall_schedule_id
]
)
}
end
end
end

17
spec/requests/api/graphql/projects/projects_spec.rb
View File

@ -147,4 +147,21 @@ RSpec.describe 'getting a collection of projects', feature_category: :source_cod
end
end
end
context 'when providing the programming_language_name argument' do
let_it_be(:project) { projects.first }
let_it_be(:ruby) { create(:programming_language, name: 'Ruby') }
let_it_be(:repository_language) do
create(:repository_language, project: project, programming_language: ruby, share: 1)
end
let(:filters) { { programming_language_name: 'ruby' } }
it 'returns the expected projects' do
post_graphql(query, current_user: current_user)
expect(graphql_data_at(:projects, :nodes))
.to contain_exactly(a_graphql_entity_for(project))
end
end
end

1
spec/support/helpers/usage_data_helpers.rb
View File

@ -3,7 +3,6 @@
module UsageDataHelpers
COUNTS_KEYS = %i[
assignee_lists
ci_builds
ci_external_pipelines
ci_pipeline_config_auto_devops
ci_pipeline_config_repository