root
/
gitlab-ce
mirror of https://gitlab.com/free-releases/gitlab-ce.git
1
0
Fork 0
Code Issues Actions Packages Projects Releases Wiki Activity

Add latest changes from gitlab-org/gitlab@master

This commit is contained in:
GitLab Bot 2024-02-02 15:11:00 +00:00
parent c82fe55218
commit 7c4caf0146
102 changed files with 1258 additions and 824 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

141
.gitlab/issue_templates/SAST Rule Enhancement.md Normal file
View File

@ -0,0 +1,141 @@
<--
This issue template is sourced from https://gitlab.com/gitlab-org/gitlab/-/blob/master/.gitlab/issue_templates/SAST%20Ruleset%20Enhancement.md and is maintained by the Secure: Vulnerability Research team (https://handbook.gitlab.com/handbook/engineering/development/sec/secure/vulnerability-research/), most of its content is based on the documentation found in the GitLab SAST Rules Project under https://gitlab.com/gitlab-org/security-products/sast-rules/-/blob/main/docs.
-->
## Background and Rationale behind this Work
<--
REPLACE: As per https://gitlab.com/gitlab-org/gitlab/-/issues/425704 and https://gitlab.com/gitlab-org/gitlab/-/issues/425704 we are continuously working towards improving the coverage and efficacy of our SAST rules.
-->
### Desired Change
<--
REPLACE: This issue is aimed at creating, embedding, or enhancing a GitLab SAST rule that detects the issue seen in https://foo.example.com and https://bar.example.com
-->
---
## Implementation Plan
### Assesment
#### If Creating a New Rule
- [ ] Determine whether the rule in question currently exists or ever existed in our [GitLab SAST Rules](https://gitlab.com/gitlab-org/security-products/sast-rules).
- [ ] If it existed but was removed or merged into another rule, e.g. due to generating a high number of false positives, document said context in the comments and work to avoid the same problems with this new rule.
#### If Embedding or Adapting an External Rule
Determine whether the test code or minimal runnable example (MRE) accompanying the rule to be embedded or adapted:
- [ ] Is realistic in its portrayal of the problem, e.g. test code for a Django rule crammed within a single Python file and containing no views or models isn't realistic.
- [ ] Contains a sufficient number of true positive(TP) testcases(`# ruleid: my-rule`) and variations. In the case of Python, for example, rules and tests considering `foo("bar")` but not for `foo(f"{bar}")` nor `foo("%s" % bar)` are most likely insufficient.
- [ ] Contains a sufficient number of true negative(TN) testcases(`# okruleid: my-rule`) and variations.
- [ ] Determine whether [the GitLab SAST ruleset](https://gitlab.com/gitlab-org/security-products/sast-rules) detects instances of the vulnerability in the acompanying MRE and if there is room for improvement regarding when compared to the external rule (e.g. `semgrep --test --config sast-rules/gitlab-rule.yml mre/` vs `semgrep --test --config external-rule.yml mre/` ).
#### If Enhancing an already Exisiting Rule
Proceed to the next section.
#### Classification
- [ ] In order to keep track of the ruleset evolution and also maintain proper licensing, classify the work in this issue and justify your decision:
If a new rule will be created from scratch due to poor performance of externally sourced rules, label this issue as ~"SAST::Ruleset::Addition"
If an existing rule will be enhanced, label this issue as ~"SAST::Ruleset::Enhancement"
If an equivalent rule doesn't exist already but embedding its externally sourced counterpart(s) improves our SAST Ruleset, label this issue as ~"SAST::Ruleset::Inclusion"
If an equivalent rule exists already but can be improved based on external rules, label this issue as ~"SAST::Ruleset::Adaptation"
If the addition, inclusion or adaptation of a rule addressing the Desired Change in this issue adds no value to our SAST Ruleset, label this issue as ~"SAST::Ruleset::Skip"
### Preparation
:information_source: Think out loud as well as document your research and design decisions; feel free to do so at the end of this issue description or in individual comments.
- [ ] No matter if you are creating or embedding a new [GitLab SAST Rule](https://gitlab.com/gitlab-org/security-products/sast-rules) or enhancing and adapting an already existing one, continuously refer to repositories with appropriate licensing schemes such as [Semgrep Community](https://github.com/semgrep/semgrep-rules/), [PyCQA Bandit](https://github.com/PyCQA/bandit/), and others that focus on similar issues to draw inspiration from them.
- [ ] Learn about and document the purpose as well as effectiveness of the rules you found and their accompanying sample code by looking at the test performance (using `semgrep --test` and `semgrep scan --config rule.yml code/`). Include this information as references and code snippets in the rule's implementation issue (for example, https://gitlab.com/gitlab-org/gitlab/-/issues/434269)
- [ ] Research and understand thoroughly the nature of the vulnerability to be detected, for example why, when, how it arises and why, when, how it doesn't.
- [ ] Use the code search function on Gitlab, Github and other platforms to find realistic usage scenarios of the vulnerable patterns:
- https://github.com/search?q=language%3APython+path%3A*.py+%3DRawSQL&type=code
- https://https://grep.app/search?q=%3DRawSQL%28
- https://gitlab.com/search?group_id=2504721&scope=blobs&search=eval%5C%28).
- https://www.tabnine.com/code/java/methods/java.sql.PreparedStatement/executeQuery
- https://cs.opensource.google/search?q=language:python%20%20pcre:yes%09os.system
- [ ] AI can save time by rephrasing rule descriptions and generating test cases, but should not be relied upon for the actual security research work and evaluation. To align with our [dogfooding](https://handbook.gitlab.com/handbook/values/#dogfooding) value, please use GitLab Duo, which is powered by best-in-class AI models.
- [ ] Document the scenarios and variants of the security problem you are looking to detect in this issue, either in its description or as comments, and prioritize them from most realistic and common to less realistic and unlikely.
- [ ] If the rule does not currently exist in our [GitLab SAST Rules](https://gitlab.com/gitlab-org/security-products/sast-rules), use the publicly available rules and code examples found previously as inspiration, making use of them when their license allows us to do so. Be skeptical about their quality and improve on them when necessary.
### Implementation
- [ ] Create a simple but realistic Minimal Runnable Example (MRE), in e.g. `mre/`, which captures, initially, the most representative variant of the problem to be addressed by the rule.
- [ ] Create a Semgrep rule, e.g. `my-rule.yml`, that correctly identifies the vulnerabilities present in your `mre/` so far and place it in the language, framework and variant folder most suited for it, e.g. `python/django/security/injection/sql`.
- [ ] For each instance of the problem to be detected (`# ruleid: my-rule`) or to be ignored (`# okruleid: my-rule`) within your MRE, add two comments above each occurrence:
```
# rationale: <description of the vulnerability or variant>
# ruleid: <java_some_rule_id>
```
- [ ] One comment should explain the rationale behind the scenario and test-case, its pitfalls and anything you deem relevant, e.g. `# this test case is necessary because string interpolations are handled in a different manner when compared to normal string literals`
- [ ] The second comment should follow Semgrep's [rule testing guidelines](https://semgrep.dev/docs/writing-rules/testing-rules/), making it clear whether the line immediately following said comment represents a true positive ( `# ruleid: my-rule` ), a true negative ( `# ok: my-rule` ) or a false negative to be addressed in the future (`# todoruleid: my-rule`)
- [] Enhance and extend your MRE as well as its associated rule with other important variants and corner cases of the same problem according to your prioritized list of scenarios. Make sure to add variations which are syntactically and semantically different enough to warrant doing so and which make both your rule and MRE more robust.
- [ ] Continuously test your rule on your MRE ( `semgrep scan --config my-rule.yml mre/` ) and update it as your MRE becomes more complex while also continuing to add comments and Semgrep test annotations to help verifying the desired coverage.
- [ ] Once you are satisfied with the level of detail in your MRE as well as the coverage of your rule and its test results, distill your `mre/` into a unit test file(e.g. `rule.py`) or series of files (`test/rule.py`) with the most representative test cases and place them into the same folder as your rule within the `sast-rules` project.
#### Merge the MRE
- [ ] Clone our [Real World Test Projects](https://gitlab.com/gitlab-org/security-products/tests/sast-rules-apps/) and extend it with your MRE demonstrating the problem. Alternatively, discuss the creation of a new folder or repository if none fits.
- [ ] Push the changes to [gitlab-org/security-products/tests/sast-rules-apps](https://gitlab.com/gitlab-org/security-products/tests/sast-rules-apps/) as a feature branch if you have access; otherwise push it to a personal fork of the project
- [ ] Create a new MR and mention this issue in it so they are linked.
- [ ] A member of the @gitlab-org/secure/vulnerability-research team will assign themselves as reviewer shortly, work with them to finalise and merge your work.
#### Merge the Rule
- [ ] Push the changes to `sast-rules` as a feature branch to [gitlab-org/security-products/sast-rules](https://gitlab.com/gitlab-org/security-products/sast-rules/) if you have access; otherwise push it to a personal fork of the project.
- [ ] Create the MR and mention this issue in it so they are linked.
- [ ] A member of the @gitlab-org/secure/vulnerability-research team will assign themselves as reviewer shortly, work with them to finalise and merge your work.
- [ ] Find the [latest sast-rules release MR](https://gitlab.com/gitlab-org/security-products/sast-rules/-/merge_requests?scope=all&state=opened&search=draft%3A+Release) and add a line to CHANGELOG.md detailing briefly the changes performed, their intent and the MR ID where this work was done.
```
## v2.X.X
- Adds/Changes/Updates new pattern to existing rule `java/xss/rule-XXX.yml` for Java that checks XXX for XXX (!<merge request id>)
...
```
## Workflow
Use the [SAST Improvement Board](https://gitlab.com/groups/gitlab-org/-/boards/7309853) to track the progress of your issues or find other SAST work to get involved with.
Use the ~"workflow::ready for development", ~"workflow::in dev" and ~"workflow::ready for review" labels to signal this issue is ready to be worked on, this issue is actively being worked on by the assignee or this issue and its associated MR require review before proceeding.
/label ~"devops::secure" ~"feature::enhancement" ~"group::vulnerability research" ~"issue::validation" ~"section::sec" ~"type::feature" ~"Category:SAST" ~"SAST::Ruleset::Skip"
/epic &10971
---
### Research and other Considerations
#### TODO
#### TODO
#### References
1.
1.
1.
1.
1.

3
.rubocop_todo/gitlab/namespaced_class.yml
View File

@ -135,7 +135,6 @@ Gitlab/NamespacedClass:
- 'app/models/container_repository.rb'
- 'app/models/context_commits_diff.rb'
- 'app/models/custom_emoji.rb'
- 'app/models/data_list.rb'
- 'app/models/deploy_key.rb'
- 'app/models/deploy_keys_project.rb'
- 'app/models/deploy_token.rb'
@ -625,9 +624,7 @@ Gitlab/NamespacedClass:
- 'app/services/base_project_service.rb'
- 'app/services/base_renderer.rb'
- 'app/services/base_service.rb'
- 'app/services/bulk_create_integration_service.rb'
- 'app/services/bulk_push_event_payload_service.rb'
- 'app/services/bulk_update_integration_service.rb'
- 'app/services/cohorts_service.rb'
- 'app/services/compare_service.rb'
- 'app/services/event_create_service.rb'

1
.rubocop_todo/rspec/feature_category.yml
View File

@ -4391,7 +4391,6 @@ RSpec/FeatureCategory:
- 'spec/models/customer_relations/issue_contact_spec.rb'
- 'spec/models/customer_relations/organization_spec.rb'
- 'spec/models/cycle_analytics/project_level_stage_adapter_spec.rb'
- 'spec/models/data_list_spec.rb'
- 'spec/models/dependency_proxy/blob_spec.rb'
- 'spec/models/dependency_proxy/group_setting_spec.rb'
- 'spec/models/dependency_proxy/image_ttl_group_policy_spec.rb'

1
.rubocop_todo/rspec/named_subject.yml
View File

@ -2719,7 +2719,6 @@ RSpec/NamedSubject:
- 'spec/models/integrations/external_wiki_spec.rb'
- 'spec/models/integrations/gitlab_slack_application_spec.rb'
- 'spec/models/integrations/google_play_spec.rb'
- 'spec/models/integrations/integration_list_spec.rb'
- 'spec/models/integrations/irker_spec.rb'
- 'spec/models/integrations/jenkins_spec.rb'
- 'spec/models/integrations/jira_spec.rb'

2
.rubocop_todo/style/inline_disable_annotation.yml
View File

@ -588,7 +588,6 @@ Style/InlineDisableAnnotation:
- 'app/services/bulk_imports/relation_export_service.rb'
- 'app/services/bulk_imports/tree_export_service.rb'
- 'app/services/bulk_imports/uploads_export_service.rb'
- 'app/services/bulk_update_integration_service.rb'
- 'app/services/chat_names/find_user_service.rb'
- 'app/services/ci/abort_pipelines_service.rb'
- 'app/services/ci/archive_trace_service.rb'
@ -643,6 +642,7 @@ Style/InlineDisableAnnotation:
- 'app/services/groups/destroy_service.rb'
- 'app/services/groups/import_export/import_service.rb'
- 'app/services/groups/transfer_service.rb'
- 'app/services/integrations/propagation/bulk_update_service.rb'
- 'app/services/integrations/slack_options/label_search_handler.rb'
- 'app/services/integrations/slack_options/user_search_handler.rb'
- 'app/services/issuable_base_service.rb'

2
GITALY_SERVER_VERSION
View File

@ -1 +1 @@
79643229c351d39a7b16d90b6023ebe5f8108c16
9c0854b938d2a29f64e4c47169d7b4a18a85f54a

2
GITLAB_ELASTICSEARCH_INDEXER_VERSION
View File

@ -1 +1 @@
4.6.0
4.7.0

30
app/controllers/projects/merge_requests/creations_controller.rb
View File

@ -4,6 +4,7 @@ class Projects::MergeRequests::CreationsController < Projects::MergeRequests::Ap
include DiffForPath
include DiffHelper
include RendersCommits
include ProductAnalyticsTracking
skip_before_action :merge_request
before_action :authorize_create_merge_request_from!
@ -25,6 +26,12 @@ class Projects::MergeRequests::CreationsController < Projects::MergeRequests::Ap
:branch_to
]
track_internal_event :new, name: 'create_mr_web_ide', conditions: -> { webide_source? }
track_internal_event :new,
name: 'visit_after_push_link_or_create_mr_banner',
conditions: -> { after_push_link? }
def new
define_new_vars
end
@ -160,10 +167,27 @@ class Projects::MergeRequests::CreationsController < Projects::MergeRequests::Ap
end
# rubocop: enable CodeReuse/ActiveRecord
def incr_count_webide_merge_request
return if params[:nav_source] != 'webide'
def webide_source?
params[:nav_source] == 'webide'
end
Gitlab::UsageDataCounters::WebIdeCounter.increment_merge_requests_count
def after_push_link?
# Link in the console after you push changes:
# .../-/merge_requests/new?merge_request%5Bsource_branch%5D=branch-name
request.query_parameters.keys == ['merge_request'] &&
request.query_parameters['merge_request'].keys == ['source_branch']
end
def incr_count_webide_merge_request
webide_source? && Gitlab::UsageDataCounters::WebIdeCounter.increment_merge_requests_count
end
def tracking_project_source
@project
end
def tracking_namespace_source
@project.namespace
end
end

10
app/controllers/projects/settings/integrations_controller.rb
View File

@ -34,18 +34,18 @@ module Projects
if use_inherited_settings?(attributes)
integration.inherit_from_id = default_integration.id
if saved = integration.save(context: :manual_change)
BulkUpdateIntegrationService.new(default_integration, [integration]).execute
if updated = integration.save(context: :manual_change)
::Integrations::Propagation::BulkUpdateService.new(default_integration, [integration]).execute
end
else
attributes[:inherit_from_id] = nil
integration.attributes = attributes
saved = integration.save(context: :manual_change)
updated = integration.save(context: :manual_change)
end
respond_to do |format|
format.html do
if saved
if updated
redirect_to redirect_path, notice: success_message
else
render 'edit'
@ -53,7 +53,7 @@ module Projects
end
format.json do
status = saved ? :ok : :unprocessable_entity
status = updated ? :ok : :unprocessable_entity
render json: serialize_as_json, status: status
end

15
app/helpers/projects/issues_helper.rb Normal file
View File

@ -0,0 +1,15 @@
# frozen_string_literal: true
module Projects
module IssuesHelper
def create_mr_tracking_data(can_create_mr, can_create_confidential_mr)
if can_create_confidential_mr
{ event_tracking: 'click_create_confidential_mr_issues_list' }
elsif can_create_mr
{ event_tracking: 'click_create_mr_issues_list' }
else
{}
end
end
end
end

25
app/models/bulk_imports/export_status.rb
View File

@ -47,6 +47,8 @@ module BulkImports
end
def total_objects_count
return 0 if empty?
status['total_objects_count']
end
@ -55,21 +57,20 @@ module BulkImports
attr_reader :client, :entity, :relation, :pipeline_tracker
def status
strong_memoize(:status) do
# As an optimization, once an export status has finished or failed it will
# be cached, so we do not fetch from the remote source again.
status = status_from_cache
next status if status
# As an optimization, once an export status has finished or failed it will
# be cached, so we do not fetch from the remote source again.
cached_status = status_from_cache
return cached_status if cached_status
status_from_remote
rescue BulkImports::NetworkError => e
raise BulkImports::RetryPipelineError.new(e.message, 2.seconds) if e.retriable?(pipeline_tracker)
status_from_remote
rescue BulkImports::NetworkError => e
raise BulkImports::RetryPipelineError.new(e.message, 2.seconds) if e.retriable?(pipeline_tracker)
default_error_response(e.message)
rescue StandardError => e
default_error_response(e.message)
end
default_error_response(e.message)
rescue StandardError => e
default_error_response(e.message)
end
strong_memoize_attr :status
def status_from_cache
status = Gitlab::Cache::Import::Caching.read(cache_key)

31
app/models/data_list.rb
View File

@ -1,31 +0,0 @@
# frozen_string_literal: true
class DataList
def initialize(batch, data_fields_hash, data_fields_klass)
@batch = batch
@data_fields_hash = data_fields_hash
@data_fields_klass = data_fields_klass
end
def to_array
[data_fields_klass, columns, values]
end
private
attr_reader :batch, :data_fields_hash, :data_fields_klass
def columns
data_fields_hash.keys << data_fields_foreign_key
end
def data_fields_foreign_key
data_fields_klass.reflections['integration'].foreign_key
end
def values
batch.map do |record|
data_fields_hash.values << record['id']
end
end
end

29
app/models/integrations/integration_list.rb
View File

@ -1,29 +0,0 @@
# frozen_string_literal: true
module Integrations
class IntegrationList
def initialize(batch, integration_hash, association)
@batch = batch
@integration_hash = integration_hash
@association = association
end
def to_array
[Integration, columns, values]
end
private
attr_reader :batch, :integration_hash, :association
def columns
integration_hash.keys << "#{association}_id"
end
def values
batch.select(:id).map do |record|
integration_hash.values << record.id
end
end
end
end

35
app/services/bulk_create_integration_service.rb
View File

@ -1,35 +0,0 @@
# frozen_string_literal: true
class BulkCreateIntegrationService
include Integrations::BulkOperationHashes
def initialize(integration, batch, association)
@integration = integration
@batch = batch
@association = association
end
def execute
integration_list = Integrations::IntegrationList.new(batch, integration_hash(:create), association).to_array
Integration.transaction do
results = bulk_insert(*integration_list)
if integration.data_fields_present?
data_list = DataList.new(results, data_fields_hash(:create), integration.data_fields.class).to_array
bulk_insert(*data_list)
end
end
end
private
attr_reader :integration, :batch, :association
def bulk_insert(klass, columns, values_array)
items_to_insert = values_array.map { |array| Hash[columns.zip(array)] }
klass.insert_all(items_to_insert, returning: [:id])
end
end

43
app/services/bulk_update_integration_service.rb
View File

@ -1,43 +0,0 @@
# frozen_string_literal: true
class BulkUpdateIntegrationService
include Integrations::BulkOperationHashes
def initialize(integration, batch)
@integration = integration
@batch = batch
end
# rubocop: disable CodeReuse/ActiveRecord
def execute
Integration.transaction do
Integration.where(id: batch_ids).update_all(integration_hash(:update))
if integration.data_fields_present?
integration.data_fields.class.where(data_fields_foreign_key => batch_ids)
.update_all(
data_fields_hash(:update)
)
end
end
end
# rubocop: enable CodeReuse/ActiveRecord
private
attr_reader :integration, :batch
# service_id or integration_id
def data_fields_foreign_key
integration.data_fields.class.reflections['integration'].foreign_key
end
def batch_ids
@batch_ids ||=
if batch.is_a?(ActiveRecord::Relation)
batch.select(:id)
else
batch.map(&:id)
end
end
end

31
app/services/concerns/integrations/bulk_operation_hashes.rb
View File

@ -1,31 +0,0 @@
# frozen_string_literal: true
# Returns hashes of attributes suitable for passing to `.insert_all` or `update_all`
module Integrations
module BulkOperationHashes
private
def integration_hash(operation)
integration
.to_database_hash
.merge('inherit_from_id' => integration.inherit_from_id || integration.id)
.merge(update_timestamps(operation))
end
def data_fields_hash(operation)
integration
.data_fields
.to_database_hash
.merge(update_timestamps(operation))
end
def update_timestamps(operation)
time_now = Time.current
{
'created_at' => (time_now if operation == :create),
'updated_at' => time_now
}.compact
end
end
end

33
app/services/concerns/integrations/propagation/bulk_operation_hashes.rb Normal file
View File

@ -0,0 +1,33 @@
# frozen_string_literal: true
# Returns hashes of attributes suitable for passing to `.insert_all` or `update_all`
module Integrations
module Propagation
module BulkOperationHashes
private
def integration_hash(operation)
integration
.to_database_hash
.merge('inherit_from_id' => integration.inherit_from_id || integration.id)
.merge(update_timestamps(operation))
end
def data_fields_hash(operation)
integration
.data_fields
.to_database_hash
.merge(update_timestamps(operation))
end
def update_timestamps(operation)
time_now = Time.current
{
'created_at' => (time_now if operation == :create),
'updated_at' => time_now
}.compact
end
end
end
end

56
app/services/integrations/propagation/bulk_create_service.rb Normal file
View File

@ -0,0 +1,56 @@
# frozen_string_literal: true
module Integrations
module Propagation
class BulkCreateService
include BulkOperationHashes
def initialize(integration, batch, association)
@integration = integration
@batch = batch
@association = association
end
def execute
Integration.transaction do
inserted_ids = bulk_insert_integrations
bulk_insert_data_fields(inserted_ids) if integration.data_fields_present?
end
end
private
attr_reader :integration, :batch, :association
def bulk_insert_new(model, items_to_insert)
model.insert_all(
items_to_insert,
returning: [:id]
).rows.flatten
end
def bulk_insert_integrations
attributes = integration_hash(:create)
items_to_insert = batch.select(:id).map do |record|
attributes.merge("#{association}_id" => record.id)
end
bulk_insert_new(Integration, items_to_insert)
end
def bulk_insert_data_fields(integration_ids)
model = integration.data_fields.class
integration_fk_name = model.reflections['integration'].foreign_key
attributes = data_fields_hash(:create)
items_to_insert = integration_ids.map do |id|
attributes.merge(integration_fk_name => id)
end
bulk_insert_new(model, items_to_insert)
end
end
end
end

47
app/services/integrations/propagation/bulk_update_service.rb Normal file
View File

@ -0,0 +1,47 @@
# frozen_string_literal: true
module Integrations
module Propagation
class BulkUpdateService
include BulkOperationHashes
def initialize(integration, batch)
@integration = integration
@batch = batch
end
# rubocop: disable CodeReuse/ActiveRecord
def execute
Integration.transaction do
Integration.where(id: batch_ids).update_all(integration_hash(:update))
if integration.data_fields_present?
integration.data_fields.class.where(data_fields_foreign_key => batch_ids)
.update_all(
data_fields_hash(:update)
)
end
end
end
# rubocop: enable CodeReuse/ActiveRecord
private
attr_reader :integration, :batch
# service_id or integration_id
def data_fields_foreign_key
integration.data_fields.class.reflections['integration'].foreign_key
end
def batch_ids
@batch_ids ||=
if batch.is_a?(ActiveRecord::Relation)
batch.select(:id)
else
batch.map(&:id)
end
end
end
end
end

7
app/services/merge_requests/after_create_service.rb
View File

@ -7,13 +7,14 @@ module MergeRequests
def execute(merge_request)
merge_request.ensure_merge_request_diff
logger.info(**log_payload(merge_request, 'Executing hooks'))
execute_hooks(merge_request)
logger.info(**log_payload(merge_request, 'Executed hooks'))
prepare_for_mergeability(merge_request)
prepare_merge_request(merge_request)
mark_merge_request_as_prepared(merge_request)
logger.info(**log_payload(merge_request, 'Executing hooks'))
execute_hooks(merge_request)
logger.info(**log_payload(merge_request, 'Executed hooks'))
end
private

7
app/views/projects/issues/_new_branch.html.haml
View File

@ -8,6 +8,7 @@
- can_create_path = can_create_branch_project_issue_path(@project, @issue)
- create_branch_path = project_branches_path(@project, branch_name: @issue.to_branch_name, ref: @project.default_branch, issue_iid: @issue.iid, format: :json)
- refs_path = refs_namespace_project_path(@project.namespace, @project, search: '')
- tracking_data = create_mr_tracking_data(can_create_merge_request, can_create_confidential_merge_request?)
.create-mr-dropdown-wrap.d-inline-block.full-width-mobile.js-create-mr{ data: { project_path: @project.full_path, project_id: @project.id, can_create_path: can_create_path, create_mr_path: create_mr_path(from: @issue.to_branch_name, source_project: @project, to: @project.default_branch, mr_params: { issue_iid: @issue.iid }), create_branch_path: create_branch_path, refs_path: refs_path, is_confidential: can_create_confidential_merge_request?.to_s } }
.btn-group.unavailable
@ -18,7 +19,8 @@
.btn-group.available.hidden
= render Pajamas::ButtonComponent.new(variant: :confirm, button_options: { class: 'js-create-merge-request', data: { action: data_action } }) do
= render Pajamas::ButtonComponent.new(variant: :confirm,
button_options: { class: 'js-create-merge-request', data: { action: data_action, **tracking_data } }) do
= gl_loading_icon(inline: true , css_class: 'js-create-mr-spinner js-spinner gl-display-none')
= value
@ -56,7 +58,8 @@
%input#source-name.js-ref.ref.form-control.gl-form-input{ type: 'text', placeholder: "#{@project.default_branch}", value: "#{@project.default_branch}", data: { value: "#{@project.default_branch}" } }
%span.js-ref-message.form-text.gl-font-sm
= render Pajamas::ButtonComponent.new(variant: :confirm, button_options: { class: 'js-create-target', data: { action: 'create-mr' } }) do
= render Pajamas::ButtonComponent.new(variant: :confirm,
button_options: { class: 'js-create-target', data: { action: 'create-mr', **tracking_data } }) do
= create_mr_text
- if can_create_confidential_merge_request?

3
app/views/projects/merge_requests/_nav_btns.html.haml
View File

@ -5,7 +5,8 @@
= render Pajamas::ButtonComponent.new(type: :submit, button_options: { class: 'gl-mr-3 js-bulk-update-toggle' }) do
= _("Bulk edit")
- if merge_project && can?(@current_user, :create_merge_request_in, @project)
= render Pajamas::ButtonComponent.new(href: new_merge_request_path, variant: :confirm) do
= render Pajamas::ButtonComponent.new(href: new_merge_request_path, variant: :confirm,
button_options: { data: { event_tracking: 'click_new_merge_request_list' } }) do
= _("New merge request")
.dropdown.gl-dropdown

13
app/views/shared/empty_states/_merge_requests.html.haml
View File

@ -4,6 +4,7 @@
- is_opened_state = params[:state] == 'opened'
- is_closed_state = params[:state] == 'closed'
- can_create_merge_request = merge_request_source_project_for_project(@project)
- tracking_data = { event_tracking: 'click_new_merge_request_empty_list' }
.row.empty-state.merge-requests{ data: { testid: 'issuable-empty-state' } }
.col-12
@ -18,7 +19,8 @@
= _("To widen your search, change or remove filters above")
.text-center
- if can_create_merge_request
= link_button_to _("New merge request"), button_path || project_new_merge_request_path(@project), title: _("New merge request"), variant: :confirm
= link_button_to _("New merge request"), button_path || project_new_merge_request_path(@project),
title: _("New merge request"), variant: :confirm, data: tracking_data
- elsif is_opened_state && opened_merged_count == 0 && closed_merged_count > 0
%h4.text-center
= _("There are no open merge requests")
@ -26,7 +28,8 @@
= _("To keep this project going, create a new merge request")
.text-center
- if can_create_merge_request
= link_button_to _("New merge request"), button_path || project_new_merge_request_path(@project), title: _("New merge request"), variant: :confirm
= link_button_to _("New merge request"), button_path || project_new_merge_request_path(@project),
title: _("New merge request"), variant: :confirm, data: tracking_data
- elsif is_closed_state && opened_merged_count > 0 && closed_merged_count == 0
%h4.text-center
= _("There are no closed merge requests")
@ -37,4 +40,8 @@
= _("Interested parties can even contribute by pushing commits if they want to.")
- if button_path
.text-center
= link_button_to _('New merge request'), button_path, title: _('New merge request'), id: 'new_merge_request_link', data: { testid: "new-merge-request-button" }, variant: :confirm
= link_button_to _('New merge request'), button_path,
title: _('New merge request'),
id: 'new_merge_request_link',
variant: :confirm,
data: { testid: "new-merge-request-button", **tracking_data }

2
app/workers/propagate_integration_group_worker.rb
View File

@ -23,7 +23,7 @@ class PropagateIntegrationGroupWorker
return if batch.empty?
BulkCreateIntegrationService.new(integration, batch, 'group').execute
Integrations::Propagation::BulkCreateService.new(integration, batch, 'group').execute
end
# rubocop: enable CodeReuse/ActiveRecord
end

2
app/workers/propagate_integration_inherit_descendant_worker.rb
View File

@ -17,7 +17,7 @@ class PropagateIntegrationInheritDescendantWorker
batch = Integration.inherited_descendants_from_self_or_ancestors_from(integration).where(id: min_id..max_id)
BulkUpdateIntegrationService.new(integration, batch).execute
Integrations::Propagation::BulkUpdateService.new(integration, batch).execute
end
# rubocop: enable CodeReuse/ActiveRecord
end

2
app/workers/propagate_integration_inherit_worker.rb
View File

@ -17,7 +17,7 @@ class PropagateIntegrationInheritWorker
batch = Integration.where(id: min_id..max_id).by_type(integration.type).inherit_from_id(integration.id)
BulkUpdateIntegrationService.new(integration, batch).execute
Integrations::Propagation::BulkUpdateService.new(integration, batch).execute
end
# rubocop: enable CodeReuse/ActiveRecord
end

2
app/workers/propagate_integration_project_worker.rb
View File

@ -20,7 +20,7 @@ class PropagateIntegrationProjectWorker
return if batch.empty?
BulkCreateIntegrationService.new(integration, batch, 'project').execute
Integrations::Propagation::BulkCreateService.new(integration, batch, 'project').execute
end
# rubocop: enable CodeReuse/ActiveRecord
end

20
config/events/click_create_confidential_mr_issues_list.yml Normal file
View File

@ -0,0 +1,20 @@
---
description: User clicks Create confidential merge request on issues list
category: InternalEventTracking
action: click_create_confidential_mr_issues_list
identifiers:
- project
- namespace
- user
product_section: growth
product_stage: growth
product_group: acquisition
milestone: '16.9'
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/143036
distributions:
- ce
- ee
tiers:
- free
- premium
- ultimate

20
config/events/click_create_mr_issues_list.yml Normal file
View File

@ -0,0 +1,20 @@
---
description: User clicks Create merge request on issues list
category: InternalEventTracking
action: click_create_mr_issues_list
identifiers:
- project
- namespace
- user
product_section: growth
product_stage: growth
product_group: acquisition
milestone: '16.9'
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/143036
distributions:
- ce
- ee
tiers:
- free
- premium
- ultimate

20
config/events/click_new_merge_request_empty_list.yml Normal file
View File

@ -0,0 +1,20 @@
---
description: User clicks New merge request on empty MR list
category: InternalEventTracking
action: click_new_merge_request_empty_list
identifiers:
- project
- namespace
- user
product_section: growth
product_stage: growth
product_group: acquisition
milestone: '16.9'
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/143036
distributions:
- ce
- ee
tiers:
- free
- premium
- ultimate

20
config/events/click_new_merge_request_list.yml Normal file
View File

@ -0,0 +1,20 @@
---
description: User clicks New merge request on MR list
category: InternalEventTracking
action: click_new_merge_request_list
identifiers:
- project
- namespace
- user
product_section: growth
product_stage: growth
product_group: acquisition
milestone: '16.9'
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/143036
distributions:
- ce
- ee
tiers:
- free
- premium
- ultimate

20
config/events/create_mr_web_ide.yml Normal file
View File

@ -0,0 +1,20 @@
---
description: Create new MR from WebIDE
category: InternalEventTracking
action: create_mr_web_ide
identifiers:
- project
- namespace
- user
product_section: growth
product_stage: growth
product_group: acquisition
milestone: '16.9'
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/143036
distributions:
- ce
- ee
tiers:
- free
- premium
- ultimate

20
config/events/visit_after_push_link_or_create_mr_banner.yml Normal file
View File

@ -0,0 +1,20 @@
---
description: 'Visit new MR link after push or create new MR from banner'
category: InternalEventTracking
action: visit_after_push_link_or_create_mr_banner
identifiers:
- project
- namespace
- user
product_section: growth
product_stage: growth
product_group: acquisition
milestone: '16.9'
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/143036
distributions:
- ce
- ee
tiers:
- free
- premium
- ultimate

8
config/feature_flags/development/copy_additional_properties_approval_rules.yml
View File

@ -1,8 +0,0 @@
---
name: copy_additional_properties_approval_rules
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/128259
rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/423517
milestone: '16.4'
type: development
group: group::code review
default_enabled: false

8
config/feature_flags/development/use_new_rule_finalize_approach.yml
View File

@ -1,8 +0,0 @@
---
name: use_new_rule_finalize_approach
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/133633
rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/427612
milestone: '16.6'
type: development
group: group::code review
default_enabled: false

26
config/metrics/counts_all/count_total_click_create_confidential_mr_issues_list.yml Normal file
View File

@ -0,0 +1,26 @@
---
key_path: counts.count_total_click_create_confidential_mr_issues_list
description: Total count of clicks Create confidential merge request on issues list
product_section: growth
product_stage: growth
product_group: acquisition
performance_indicator_type: []
value_type: number
status: active
milestone: '16.9'
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/143036
time_frame: all
data_source: internal_events
data_category: optional
distribution:
- ce
- ee
tier:
- free
- premium
- ultimate
options:
events:
- click_create_confidential_mr_issues_list
events:
- name: click_create_confidential_mr_issues_list

26
config/metrics/counts_all/count_total_click_create_mr_issues_list.yml Normal file
View File

@ -0,0 +1,26 @@
---
key_path: counts.count_total_click_create_mr_issues_list
description: Total count of clicks Create merge request on issues list
product_section: growth
product_stage: growth
product_group: acquisition
performance_indicator_type: []
value_type: number
status: active
milestone: '16.9'
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/143036
time_frame: all
data_source: internal_events
data_category: optional
distribution:
- ce
- ee
tier:
- free
- premium
- ultimate
options:
events:
- click_create_mr_issues_list
events:
- name: click_create_mr_issues_list

26
config/metrics/counts_all/count_total_click_new_merge_request_empty_list.yml Normal file
View File

@ -0,0 +1,26 @@
---
key_path: counts.count_total_click_new_merge_request_empty_list
description: Total count of clicks New merge request on empty list
product_section: growth
product_stage: growth
product_group: acquisition
performance_indicator_type: []
value_type: number
status: active
milestone: '16.9'
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/143036
time_frame: all
data_source: internal_events
data_category: optional
distribution:
- ce
- ee
tier:
- free
- premium
- ultimate
options:
events:
- click_new_merge_request_empty_list
events:
- name: click_new_merge_request_empty_list

26
config/metrics/counts_all/count_total_click_new_merge_request_list.yml Normal file
View File

@ -0,0 +1,26 @@
---
key_path: counts.count_total_click_new_merge_request_list
description: Total count of clicks New merge request on list
product_section: growth
product_stage: growth
product_group: acquisition
performance_indicator_type: []
value_type: number
status: active
milestone: '16.9'
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/143036
time_frame: all
data_source: internal_events
data_category: optional
distribution:
- ce
- ee
tier:
- free
- premium
- ultimate
options:
events:
- click_new_merge_request_list
events:
- name: click_new_merge_request_list

26
config/metrics/counts_all/count_total_create_mr_web_ide.yml Normal file
View File

@ -0,0 +1,26 @@
---
key_path: counts.count_total_create_mr_web_ide
description: Total count of created MRs from WebIDE
product_section: growth
product_stage: growth
product_group: acquisition
performance_indicator_type: []
value_type: number
status: active
milestone: '16.9'
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/143036
time_frame: all
data_source: internal_events
data_category: optional
distribution:
- ce
- ee
tier:
- free
- premium
- ultimate
options:
events:
- create_mr_web_ide
events:
- name: create_mr_web_ide

26
config/metrics/counts_all/count_total_visit_after_push_link_or_create_mr_banner.yml Normal file
View File

@ -0,0 +1,26 @@
---
key_path: counts.count_total_visit_after_push_link_or_create_mr_banner
description: Total count of visited after push links or created MRs from banner
product_section: growth
product_stage: growth
product_group: acquisition
performance_indicator_type: []
value_type: number
status: active
milestone: '16.9'
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/143036
time_frame: all
data_source: internal_events
data_category: optional
distribution:
- ce
- ee
tier:
- free
- premium
- ultimate
options:
events:
- visit_after_push_link_or_create_mr_banner
events:
- name: visit_after_push_link_or_create_mr_banner

2
db/docs/commit_user_mentions.yml
View File

@ -3,7 +3,7 @@ table_name: commit_user_mentions
classes:
- CommitUserMention
feature_categories:
- team_planning
- code_review_workflow
description: User mentions in commit messages
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/19009
milestone: '12.6'

2
db/docs/customer_relations_organizations.yml
View File

@ -3,7 +3,7 @@ table_name: customer_relations_organizations
classes:
- CustomerRelations::Organization
feature_categories:
- team_planning
- service_desk
description: Organizations, against which time can be spent by users on issues using
the CRM functionality
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/67551

2
db/docs/issue_customer_relations_contacts.yml
View File

@ -3,7 +3,7 @@ table_name: issue_customer_relations_contacts
classes:
- CustomerRelations::IssueContact
feature_categories:
- team_planning
- service_desk
description: Holds Customer Relations (CRM) Contacts
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/71007
milestone: '14.4'

2
db/docs/merge_request_user_mentions.yml
View File

@ -3,7 +3,7 @@ table_name: merge_request_user_mentions
classes:
- MergeRequestUserMention
feature_categories:
- team_planning
- code_review_workflow
description: Store user mentions for merge requests
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/19009
milestone: '12.6'

30
doc/administration/monitoring/prometheus/gitlab_metrics.md
View File

@ -44,11 +44,11 @@ The following metrics are available:
| `gitlab_cache_operation_duration_seconds` | Histogram | 10.2 | Cache access time | `operation`, `store`, `endpoint_id` |
| `gitlab_cache_operations_total` | Counter | 12.2 | Cache operations by controller or action | `controller`, `action`, `operation`, `store`, `endpoint_id` |
| `gitlab_cache_read_multikey_count` | Histogram | 15.7 | Count of keys in multi-key cache read operations | `controller`, `action`, `store`, `endpoint_id` |
| `gitlab_ci_pipeline_builder_scoped_variables_duration` | Histogram | 14.5 | Time in seconds it takes to create the scoped variables for a CI/CD job
| `gitlab_ci_pipeline_builder_scoped_variables_duration` | Histogram | 14.5 | Time in seconds it takes to create the scoped variables for a CI/CD job | |
| `gitlab_ci_pipeline_creation_duration_seconds` | Histogram | 13.0 | Time in seconds it takes to create a CI/CD pipeline | `gitlab` |
| `gitlab_ci_pipeline_size_builds` | Histogram | 13.1 | Total number of builds within a pipeline grouped by a pipeline source | `source` |
| `gitlab_ci_runner_authentication_success_total` | Counter | 15.2 | Total number of times that runner authentication has succeeded | `type` |
| `gitlab_ci_runner_authentication_failure_total` | Counter | 15.2 | Total number of times that runner authentication has failed
| `gitlab_ci_runner_authentication_failure_total` | Counter | 15.2 | Total number of times that runner authentication has failed | |
| `gitlab_ghost_user_migration_lag_seconds` | Gauge | 15.6 | The waiting time in seconds of the oldest scheduled record for ghost user migration | |
| `gitlab_ghost_user_migration_scheduled_records_total` | Gauge | 15.6 | The total number of scheduled ghost user migrations | |
| `gitlab_ci_active_jobs` | Histogram | 14.2 | Count of active jobs when pipeline is created | |
@ -171,18 +171,18 @@ The following metrics are available:
| `gitlab_sli_rails_request_apdex_total` | Counter | 14.4 | Total number of request Apdex measurements. For more information, see [Rails request SLIs](../../../development/application_slis/rails_request.md) | `endpoint_id`, `feature_category`, `request_urgency` |
| `gitlab_sli_rails_request_apdex_success_total` | Counter | 14.4 | Total number of successful requests that met the target duration for their urgency. Divide by `gitlab_sli_rails_requests_apdex_total` to get a success ratio | `endpoint_id`, `feature_category`, `request_urgency` |
| `gitlab_sli_rails_request_error_total` | Counter | 15.7 | Total number of request error measurements. For more information, see [Rails request SLIs](../../../development/application_slis/rails_request.md) | `endpoint_id`, `feature_category`, `request_urgency`, `error` |
| `job_register_attempts_failed_total` | Counter | 9.5 | Counts the times a runner fails to register a job |
| `job_register_attempts_total` | Counter | 9.5 | Counts the times a runner tries to register a job |
| `job_queue_duration_seconds` | Histogram | 9.5 | Request handling execution time |
| `gitlab_ci_queue_operations_total` | Counter | 16.3 | Counts all the operations that are happening inside a queue |
| `gitlab_ci_queue_depth_total` | Histogram | 16.3 | Size of a CI/CD builds queue in relation to the operation result |
| `gitlab_ci_queue_size_total` | Histogram | 16.3 | Size of initialized CI/CD builds queue |
| `gitlab_ci_current_queue_size` | Gauge | 16.3 | Current size of initialized CI/CD builds queue |
| `gitlab_ci_queue_iteration_duration_seconds` | Histogram | 16.3 | Time it takes to find a build in CI/CD queue |
| `gitlab_ci_queue_retrieval_duration_seconds` | Histogram | 16.3 | Time it takes to execute a SQL query to retrieve builds queue |
| `gitlab_connection_pool_size` | Gauge | 16.7 | Size of connection pool |
| `gitlab_connection_pool_available_count` | Gauge | 16.7 | Number of available connections in the pool |
| `gitlab_security_policies_scan_result_process_duration_seconds` | Histogram | 16.7 | The amount of time to process merge request approval policies |
| `job_register_attempts_failed_total` | Counter | 9.5 | Counts the times a runner fails to register a job | |
| `job_register_attempts_total` | Counter | 9.5 | Counts the times a runner tries to register a job | |
| `job_queue_duration_seconds` | Histogram | 9.5 | Request handling execution time | |
| `gitlab_ci_queue_operations_total` | Counter | 16.3 | Counts all the operations that are happening inside a queue | |
| `gitlab_ci_queue_depth_total` | Histogram | 16.3 | Size of a CI/CD builds queue in relation to the operation result | |
| `gitlab_ci_queue_size_total` | Histogram | 16.3 | Size of initialized CI/CD builds queue | |
| `gitlab_ci_current_queue_size` | Gauge | 16.3 | Current size of initialized CI/CD builds queue | |
| `gitlab_ci_queue_iteration_duration_seconds` | Histogram | 16.3 | Time it takes to find a build in CI/CD queue | |
| `gitlab_ci_queue_retrieval_duration_seconds` | Histogram | 16.3 | Time it takes to execute a SQL query to retrieve builds queue | |
| `gitlab_connection_pool_size` | Gauge | 16.7 | Size of connection pool | |
| `gitlab_connection_pool_available_count` | Gauge | 16.7 | Number of available connections in the pool | |
| `gitlab_security_policies_scan_result_process_duration_seconds` | Histogram | 16.7 | The amount of time to process merge request approval policies | |
| `gitlab_highlight_usage` | Counter | 16.8 | The number of times `Gitlab::Highlight` is used | `used_on` |
| `dependency_linker_usage` | Counter | 16.8 | The number of times dependency linker is used | `used_on` |
@ -410,7 +410,7 @@ configuration option in `gitlab.yml`. These metrics are served from the
| `geo_design_management_repositories_verification_total` | Gauge | 16.1 | Number of design repositories verifications tried on secondary | `url` |
| `geo_design_management_repositories_verified` | Gauge | 16.1 | Number of design repositories verified on secondary | `url` |
| `geo_design_management_repositories_verification_failed` | Gauge | 16.1 | Number of design repositories verifications failed on secondary | `url` |
| `gitlab_ci_queue_active_runners_total` | Histogram | 16.3 | The number of active runners that can process the CI/CD queue in a project |
| `gitlab_ci_queue_active_runners_total` | Histogram | 16.3 | The number of active runners that can process the CI/CD queue in a project | |
## Database load balancing metrics

18
doc/administration/nfs.md
View File

@ -138,12 +138,12 @@ Note there are several options that you should consider using:
| Setting | Description |
| ------- | ----------- |
| `vers=4.1` |NFS v4.1 should be used instead of v4.0 because there is a Linux [NFS client bug in v4.0](https://gitlab.com/gitlab-org/gitaly/-/issues/1339) that can cause significant problems due to stale data.
| `nofail` | Don't halt boot process waiting for this mount to become available
| `lookupcache=positive` | Tells the NFS client to honor `positive` cache results but invalidates any `negative` cache results. Negative cache results cause problems with Git. Specifically, a `git push` can fail to register uniformly across all NFS clients. The negative cache causes the clients to 'remember' that the files did not exist previously.
| `hard` | Instead of `soft`. [Further details](#soft-mount-option).
| `cto` | `cto` is the default option, which you should use. Do not use `nocto`. [Further details](#nocto-mount-option).
| `_netdev` | Wait to mount file system until network is online. See also the [`high_availability['mountpoint']`](https://docs.gitlab.com/omnibus/settings/configuration.html#only-start-omnibus-gitlab-services-after-a-given-file-system-is-mounted) option.
| `vers=4.1` |NFS v4.1 should be used instead of v4.0 because there is a Linux [NFS client bug in v4.0](https://gitlab.com/gitlab-org/gitaly/-/issues/1339) that can cause significant problems due to stale data. |
| `nofail` | Don't halt boot process waiting for this mount to become available. |
| `lookupcache=positive` | Tells the NFS client to honor `positive` cache results but invalidates any `negative` cache results. Negative cache results cause problems with Git. Specifically, a `git push` can fail to register uniformly across all NFS clients. The negative cache causes the clients to 'remember' that the files did not exist previously. |
| `hard` | Instead of `soft`. [Further details](#soft-mount-option). |
| `cto` | `cto` is the default option, which you should use. Do not use `nocto`. [Further details](#nocto-mount-option). |
| `_netdev` | Wait to mount file system until network is online. See also the [`high_availability['mountpoint']`](https://docs.gitlab.com/omnibus/settings/configuration.html#only-start-omnibus-gitlab-services-after-a-given-file-system-is-mounted) option. |
#### `soft` mount option
@ -261,9 +261,9 @@ following are the 4 locations need to be shared:
| Location | Description | Default configuration |
| -------- | ----------- | --------------------- |
| `/var/opt/gitlab/gitlab-rails/uploads` | User uploaded attachments | `gitlab_rails['uploads_directory'] = '/var/opt/gitlab/gitlab-rails/uploads'`
| `/var/opt/gitlab/gitlab-rails/shared` | Objects such as build artifacts, GitLab Pages, LFS objects, and temp files. If you're using LFS this may also account for a large portion of your data | `gitlab_rails['shared_path'] = '/var/opt/gitlab/gitlab-rails/shared'`
| `/var/opt/gitlab/gitlab-ci/builds` | GitLab CI/CD build traces | `gitlab_ci['builds_directory'] = '/var/opt/gitlab/gitlab-ci/builds'`
| `/var/opt/gitlab/gitlab-rails/uploads` | User uploaded attachments | `gitlab_rails['uploads_directory'] = '/var/opt/gitlab/gitlab-rails/uploads'` |
| `/var/opt/gitlab/gitlab-rails/shared` | Objects such as build artifacts, GitLab Pages, LFS objects, and temp files. If you're using LFS this may also account for a large portion of your data | `gitlab_rails['shared_path'] = '/var/opt/gitlab/gitlab-rails/shared'` |
| `/var/opt/gitlab/gitlab-ci/builds` | GitLab CI/CD build traces | `gitlab_ci['builds_directory'] = '/var/opt/gitlab/gitlab-ci/builds'` |
Other GitLab directories should not be shared between nodes. They contain
node-specific files and GitLab code that does not need to be shared. To ship

2
doc/administration/package_information/postgresql_versions.md
View File

@ -44,7 +44,7 @@ Read more about update policies and warnings in the PostgreSQL
| 15.10.8 | 13.11 | 13.11 | 12.12 | |
| 15.6 | 12.12, 13.8 | 13.8 | 12.12 | For upgrades, you can manually upgrade to 13.8 following the [upgrade documentation](../../update/versions/gitlab_15_changes.md#linux-package-installations-2). |
| 15.0 | 12.10, 13.6 | 13.6 | 12.10 | For upgrades, you can manually upgrade to 13.6 following the [upgrade documentation](../../update/versions/gitlab_15_changes.md#linux-package-installations-2). |
| 14.1 | 12.7, 13.3 | 12.7 | 12.7 | PostgreSQL 13 available for fresh installations if not using [Geo](../geo/index.md#requirements-for-running-geo) or [Patroni](../postgresql/index.md#postgresql-replication-and-failover-for-linux-package-installations).
| 14.1 | 12.7, 13.3 | 12.7 | 12.7 | PostgreSQL 13 available for fresh installations if not using [Geo](../geo/index.md#requirements-for-running-geo) or [Patroni](../postgresql/index.md#postgresql-replication-and-failover-for-linux-package-installations). |
| 14.0 | 12.7 | 12.7 | 12.7 | HA installations with repmgr are no longer supported and are prevented from upgrading to Linux package 14.0 |
| 13.8 | 11.9, 12.4 | 12.4 | 12.4 | Package upgrades automatically performed PostgreSQL upgrade for nodes that are not part of a Geo or HA cluster. |
| 13.7 | 11.9, 12.4 | 12.4 | 11.9 | For upgrades users can manually upgrade to 12.4 following the [upgrade documentation](https://docs.gitlab.com/omnibus/settings/database.html#upgrade-packaged-postgresql-server). |

2
doc/administration/pages/index.md
View File

@ -422,7 +422,7 @@ control over how the Pages daemon runs and serves content in your environment.
| `namespace_in_path` | (Experimental) Enable or disable namespace in the URL path. This requires `pages_nginx[enable] = true`. Sets `rewrite` configuration in NGINX to support [without wildcard DNS setup](#for-namespace-in-url-path-without-wildcard-dns). Default: `false` |
| `propagate_correlation_id` | Set to true (false by default) to re-use existing Correlation ID from the incoming request header `X-Request-ID` if present. If a reverse proxy sets this header, the value is propagated in the request chain. |
| `max_connections` | Limit on the number of concurrent connections to the HTTP, HTTPS or proxy listeners. |
| `max_uri_length` | The maximum length of URIs accepted by GitLab Pages. Set to 0 for unlimited length. [Introduced](https://gitlab.com/gitlab-org/omnibus-gitlab/-/merge_requests/5729) in GitLab 14.5.
| `max_uri_length` | The maximum length of URIs accepted by GitLab Pages. Set to 0 for unlimited length. [Introduced](https://gitlab.com/gitlab-org/omnibus-gitlab/-/merge_requests/5729) in GitLab 14.5. |
| `metrics_address` | The address to listen on for metrics requests. |
| `redirect_http` | Redirect pages from HTTP to HTTPS, true/false. |
| `redirects_max_config_size` | The maximum size of the `_redirects` file, in bytes (default: 65536). |

2
doc/api/api_resources.md
View File

@ -43,7 +43,7 @@ The following API resources are available in the project context:
| [Deploy tokens](deploy_tokens.md) | `/projects/:id/deploy_tokens` (also available for groups and standalone) |
| [Deployments](deployments.md) | `/projects/:id/deployments` |
| [Discussions](discussions.md) (threaded comments) | `/projects/:id/issues/.../discussions`, `/projects/:id/snippets/.../discussions`, `/projects/:id/merge_requests/.../discussions`, `/projects/:id/commits/.../discussions` (also available for groups) |
| [Draft Notes](draft_notes.md) (comments) | `/projects/:id/merge_requests/.../draft_notes`
| [Draft Notes](draft_notes.md) (comments) | `/projects/:id/merge_requests/.../draft_notes` |
| [Emoji reactions](emoji_reactions.md) | `/projects/:id/issues/.../award_emoji`, `/projects/:id/merge_requests/.../award_emoji`, `/projects/:id/snippets/.../award_emoji` |
| [Environments](environments.md) | `/projects/:id/environments` |
| [Error Tracking](error_tracking.md) | `/projects/:id/error_tracking/settings` |

32
doc/api/appearance.md
View File

@ -61,22 +61,22 @@ PUT /application/appearance
| Attribute | Type | Required | Description |
| --------------------------------- | ------- | -------- | ----------- |
| `title` | string | no | Instance title on the sign in / sign up page
| `description` | string | no | Markdown text shown on the sign in / sign up page
| `pwa_name` | string | no | Full name of the Progressive Web App. Used for the attribute `name` in `manifest.json`. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/375708) in GitLab 15.8.
| `pwa_short_name` | string | no | Short name for Progressive Web App. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/375708) in GitLab 15.8.
| `pwa_description` | string | no | An explanation of what the Progressive Web App does. Used for the attribute `description` in `manifest.json`. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/375708) in GitLab 15.8.
| `pwa_icon` | mixed | no | Icon used for Progressive Web App. See [Change logo](#change-logo). [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/375708) in GitLab 15.8.
| `logo` | mixed | no | Instance image used on the sign in / sign up page. See [Change logo](#change-logo)
| `header_logo` | mixed | no | Instance image used for the main navigation bar
| `favicon` | mixed | no | Instance favicon in `.ico` or `.png` format
| `new_project_guidelines` | string | no | Markdown text shown on the new project page
| `profile_image_guidelines` | string | no | Markdown text shown on the profile page below Public Avatar
| `header_message` | string | no | Message in the system header bar
| `footer_message` | string | no | Message in the system footer bar
| `message_background_color` | string | no | Background color for the system header / footer bar
| `message_font_color` | string | no | Font color for the system header / footer bar
| `email_header_and_footer_enabled` | boolean | no | Add header and footer to all outgoing emails if enabled
| `title` | string | no | Instance title on the sign in / sign up page |
| `description` | string | no | Markdown text shown on the sign in / sign up page |
| `pwa_name` | string | no | Full name of the Progressive Web App. Used for the attribute `name` in `manifest.json`. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/375708) in GitLab 15.8. |
| `pwa_short_name` | string | no | Short name for Progressive Web App. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/375708) in GitLab 15.8. |
| `pwa_description` | string | no | An explanation of what the Progressive Web App does. Used for the attribute `description` in `manifest.json`. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/375708) in GitLab 15.8. |
| `pwa_icon` | mixed | no | Icon used for Progressive Web App. See [Change logo](#change-logo). [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/375708) in GitLab 15.8. |
| `logo` | mixed | no | Instance image used on the sign in / sign up page. See [Change logo](#change-logo) |
| `header_logo` | mixed | no | Instance image used for the main navigation bar |
| `favicon` | mixed | no | Instance favicon in `.ico` or `.png` format |
| `new_project_guidelines` | string | no | Markdown text shown on the new project page |
| `profile_image_guidelines` | string | no | Markdown text shown on the profile page below Public Avatar |
| `header_message` | string | no | Message in the system header bar |
| `footer_message` | string | no | Message in the system footer bar |
| `message_background_color` | string | no | Background color for the system header / footer bar |
| `message_font_color` | string | no | Font color for the system header / footer bar |
| `email_header_and_footer_enabled` | boolean | no | Add header and footer to all outgoing emails if enabled |
```shell
curl --request PUT --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/application/appearance?email_header_and_footer_enabled=true&header_message=test"

52
doc/api/commits.md
View File

@ -34,7 +34,7 @@ GET /projects/:id/repository/commits
| Attribute | Type | Required | Description |
| --------- | ---- | -------- | ----------- |
| `id` | integer/string | yes | The ID or [URL-encoded path of the project](rest/index.md#namespaced-path-encoding) owned by the authenticated user
| `id` | integer/string | yes | The ID or [URL-encoded path of the project](rest/index.md#namespaced-path-encoding) owned by the authenticated user |
| `ref_name` | string | no | The name of a repository branch, tag or revision range, or if not given the default branch |
| `since` | string | no | Only commits after or on this date are returned in ISO 8601 format `YYYY-MM-DDTHH:MM:SSZ` |
| `until` | string | no | Only commits before or on this date are returned in ISO 8601 format `YYYY-MM-DDTHH:MM:SSZ` |
@ -234,7 +234,7 @@ Parameters:
| Attribute | Type | Required | Description |
| --------- | ---- | -------- | ----------- |
| `id` | integer/string | yes | The ID or [URL-encoded path of the project](rest/index.md#namespaced-path-encoding) owned by the authenticated user
| `id` | integer/string | yes | The ID or [URL-encoded path of the project](rest/index.md#namespaced-path-encoding) owned by the authenticated user |
| `sha` | string | yes | The commit hash or name of a repository branch or tag |
| `stats` | boolean | no | Include commit stats. Default is true |
@ -290,7 +290,7 @@ Parameters:
| Attribute | Type | Required | Description |
| --------- | ---- | -------- | ----------- |
| `id` | integer/string | yes | The ID or [URL-encoded path of the project](rest/index.md#namespaced-path-encoding) owned by the authenticated user
| `id` | integer/string | yes | The ID or [URL-encoded path of the project](rest/index.md#namespaced-path-encoding) owned by the authenticated user |
| `sha` | string | yes | The commit hash |
| `type` | string | no | The scope of commits. Possible values `branch`, `tag`, `all`. Default is `all`. |
@ -362,7 +362,7 @@ Parameters:
| `sha` | string | yes | The commit hash |
| `branch` | string | yes | The name of the branch |
| `dry_run` | boolean | no | Does not commit any changes. Default is false. [Introduced in GitLab 13.3](https://gitlab.com/gitlab-org/gitlab/-/issues/231032) |
| `message` | string | no | A custom commit message to use for the new commit. [Introduced in GitLab 14.0](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/62481)
| `message` | string | no | A custom commit message to use for the new commit. [Introduced in GitLab 14.0](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/62481) |
```shell
curl --request POST \
@ -503,7 +503,7 @@ Parameters:
| Attribute | Type | Required | Description |
| --------- | ---- | -------- | ----------- |
| `id` | integer/string | yes | The ID or [URL-encoded path of the project](rest/index.md#namespaced-path-encoding) owned by the authenticated user
| `id` | integer/string | yes | The ID or [URL-encoded path of the project](rest/index.md#namespaced-path-encoding) owned by the authenticated user |
| `sha` | string | yes | The commit hash or name of a repository branch or tag |
| `unidiff` | boolean | no | Present diffs in the [unified diff](https://www.gnu.org/software/diffutils/manual/html_node/Detailed-Unified.html) format. Default is false. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/130610) in GitLab 16.5. |
@ -541,7 +541,7 @@ Parameters:
| Attribute | Type | Required | Description |
| --------- | ---- | -------- | ----------- |
| `id` | integer/string | yes | The ID or [URL-encoded path of the project](rest/index.md#namespaced-path-encoding) owned by the authenticated user
| `id` | integer/string | yes | The ID or [URL-encoded path of the project](rest/index.md#namespaced-path-encoding) owned by the authenticated user |
| `sha` | string | yes | The commit hash or name of a repository branch or tag |
```shell
@ -595,7 +595,7 @@ POST /projects/:id/repository/commits/:sha/comments
| Attribute | Type | Required | Description |
| --------- | ---- | -------- | ----------- |
| `id` | integer/string | yes | The ID or [URL-encoded path of the project](rest/index.md#namespaced-path-encoding) owned by the authenticated user
| `id` | integer/string | yes | The ID or [URL-encoded path of the project](rest/index.md#namespaced-path-encoding) owned by the authenticated user |
| `sha` | string | yes | The commit SHA or name of a repository branch or tag |
| `note` | string | yes | The text of the comment |
| `path` | string | no | The file path relative to the repository |
@ -644,7 +644,7 @@ Parameters:
| Attribute | Type | Required | Description |
| --------- | ---- | -------- | ----------- |
| `id` | integer/string | yes | The ID or [URL-encoded path of the project](rest/index.md#namespaced-path-encoding) owned by the authenticated user
| `id` | integer/string | yes | The ID or [URL-encoded path of the project](rest/index.md#namespaced-path-encoding) owned by the authenticated user |
| `sha` | string | yes | The commit hash or name of a repository branch or tag |
```shell
@ -704,12 +704,12 @@ GET /projects/:id/repository/commits/:sha/statuses
| Attribute | Type | Required | Description |
| --------- | ---- | -------- | ----------- |
| `id` | integer/string | yes | The ID or [URL-encoded path of the project](rest/index.md#namespaced-path-encoding) owned by the authenticated user
| `sha` | string | yes | The commit SHA
| `ref` | string | no | The name of a repository branch or tag or, if not given, the default branch
| `stage` | string | no | Filter by [build stage](../ci/yaml/index.md#stages), for example, `test`
| `name` | string | no | Filter by [job name](../ci/yaml/index.md#job-keywords), for example, `bundler:audit`
| `all` | boolean | no | Return all statuses, not only the latest ones
| `id` | integer/string | yes | The ID or [URL-encoded path of the project](rest/index.md#namespaced-path-encoding) owned by the authenticated user |
| `sha` | string | yes | The commit SHA |
| `ref` | string | no | The name of a repository branch or tag or, if not given, the default branch |
| `stage` | string | no | Filter by [build stage](../ci/yaml/index.md#stages), for example, `test` |
| `name` | string | no | Filter by [job name](../ci/yaml/index.md#job-keywords), for example, `bundler:audit` |
| `all` | boolean | no | Return all statuses, not only the latest ones |
```shell
curl --header "PRIVATE-TOKEN: <your_access_token>" \
@ -780,15 +780,15 @@ POST /projects/:id/statuses/:sha
| Attribute | Type | Required | Description |
| --------- | ---- | -------- | ----------- |
| `id` | integer/string | yes | The ID or [URL-encoded path of the project](rest/index.md#namespaced-path-encoding) owned by the authenticated user
| `sha` | string | yes | The commit SHA
| `state` | string | yes | The state of the status. Can be one of the following: `pending`, `running`, `success`, `failed`, `canceled`
| `ref` | string | no | The `ref` (branch or tag) to which the status refers
| `name` or `context` | string | no | The label to differentiate this status from the status of other systems. Default value is `default`
| `target_url` | string | no | The target URL to associate with this status
| `description` | string | no | The short description of the status
| `coverage` | float | no | The total code coverage
| `pipeline_id` | integer | no | The ID of the pipeline to set status. Use in case of several pipeline on same SHA.
| `id` | integer/string | yes | The ID or [URL-encoded path of the project](rest/index.md#namespaced-path-encoding) owned by the authenticated user |
| `sha` | string | yes | The commit SHA |
| `state` | string | yes | The state of the status. Can be one of the following: `pending`, `running`, `success`, `failed`, `canceled` |
| `ref` | string | no | The `ref` (branch or tag) to which the status refers |
| `name` or `context` | string | no | The label to differentiate this status from the status of other systems. Default value is `default` |
| `target_url` | string | no | The target URL to associate with this status |
| `description` | string | no | The short description of the status |
| `coverage` | float | no | The total code coverage |
| `pipeline_id` | integer | no | The ID of the pipeline to set status. Use in case of several pipeline on same SHA. |
```shell
curl --request POST \
@ -833,8 +833,8 @@ GET /projects/:id/repository/commits/:sha/merge_requests
| Attribute | Type | Required | Description |
| --------- | ---- | -------- | ----------- |
| `id` | integer/string | yes | The ID or [URL-encoded path of the project](rest/index.md#namespaced-path-encoding) owned by the authenticated user
| `sha` | string | yes | The commit SHA
| `id` | integer/string | yes | The ID or [URL-encoded path of the project](rest/index.md#namespaced-path-encoding) owned by the authenticated user |
| `sha` | string | yes | The commit SHA |
```shell
curl --header "PRIVATE-TOKEN: <your_access_token>" \
@ -906,7 +906,7 @@ Parameters:
| Attribute | Type | Required | Description |
| --------- | ---- | -------- | ----------- |
| `id` | integer/string | yes | The ID or [URL-encoded path of the project](rest/index.md#namespaced-path-encoding) owned by the authenticated user
| `id` | integer/string | yes | The ID or [URL-encoded path of the project](rest/index.md#namespaced-path-encoding) owned by the authenticated user |
| `sha` | string | yes | The commit hash or name of a repository branch or tag |
```shell

2
doc/api/deployments.md
View File

@ -30,7 +30,7 @@ GET /projects/:id/deployments
| `finished_after` | datetime | no | Return deployments finished after the specified date. Expected in ISO 8601 format (`2019-03-15T08:00:00Z`). |
| `finished_before` | datetime | no | Return deployments finished before the specified date. Expected in ISO 8601 format (`2019-03-15T08:00:00Z`). |
| `environment` | string | no | The [name of the environment](../ci/environments/index.md) to filter deployments by. |
| `status` | string | no | The status to filter deployments by. One of `created`, `running`, `success`, `failed`, `canceled`, or `blocked`.
| `status` | string | no | The status to filter deployments by. One of `created`, `running`, `success`, `failed`, `canceled`, or `blocked`. |
```shell
curl --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/1/deployments"

4
doc/api/discussions.md
View File

@ -194,7 +194,7 @@ Parameters:
| `id` | integer or string | yes | The ID or [URL-encoded path of the project](rest/index.md#namespaced-path-encoding). |
| `issue_iid` | integer | yes | The IID of an issue. |
| `note_id` | integer | yes | The ID of a thread note. |
| `created_at` | string | no | Date time string, ISO 8601 formatted, such as `2016-03-11T03:45:40Z`. Requires administrator or project/group owner rights.
| `created_at` | string | no | Date time string, ISO 8601 formatted, such as `2016-03-11T03:45:40Z`. Requires administrator or project/group owner rights. |
```shell
curl --request POST --header "PRIVATE-TOKEN: <your_access_token>" \
@ -360,7 +360,7 @@ Parameters:
| Attribute | Type | Required | Description |
| --------------- | -------------- | -------- | ----------- |
| `discussion_id` | integer | yes | The ID of a discussion item.
| `discussion_id` | integer | yes | The ID of a discussion item. |
| `id` | integer or string | yes | The ID or [URL-encoded path of the project](rest/index.md#namespaced-path-encoding). |
| `snippet_id` | integer | yes | The ID of an snippet. |

32
doc/api/draft_notes.md
View File

@ -109,12 +109,12 @@ POST /projects/:id/merge_requests/:merge_request_iid/draft_notes
| Attribute | Type | Required | Description |
| ---------------------------------------- | ----------------- | ----------- | --------------------- |
| `id` | integer or string | yes | The ID or [URL-encoded path of the project](rest/index.md#namespaced-path-encoding).
| `merge_request_iid` | integer | yes | The IID of a project merge request.
| `note` | string | yes | The content of a note.
| `commit_id` | string | no | The SHA of a commit to associate the draft note to.
| `in_reply_to_discussion_id` | string | no | The ID of a discussion the draft note replies to.
| `resolve_discussion` | boolean | no | The associated discussion should be resolved.
| `id` | integer or string | yes | The ID or [URL-encoded path of the project](rest/index.md#namespaced-path-encoding). |
| `merge_request_iid` | integer | yes | The IID of a project merge request. |
| `note` | string | yes | The content of a note. |
| `commit_id` | string | no | The SHA of a commit to associate the draft note to. |
| `in_reply_to_discussion_id` | string | no | The ID of a discussion the draft note replies to. |
| `resolve_discussion` | boolean | no | The associated discussion should be resolved. |
| `position[base_sha]` | string | yes | Base commit SHA in the source branch. |
| `position[head_sha]` | string | yes | SHA referencing HEAD of this merge request. |
| `position[start_sha]` | string | yes | SHA referencing commit in target branch. |
@ -145,10 +145,10 @@ PUT /projects/:id/merge_requests/:merge_request_iid/draft_notes/:draft_note_id
| Attribute | Type | Required | Description |
| ------------------- | ----------------- | ----------- | --------------------- |
| `id` | integer or string | yes | The ID or [URL-encoded path of the project](rest/index.md#namespaced-path-encoding).
| `draft_note_id` | integer | yes | The ID of a draft note.
| `merge_request_iid` | integer | yes | The IID of a project merge request.
| `note` | string | no | The content of a note.
| `id` | integer or string | yes | The ID or [URL-encoded path of the project](rest/index.md#namespaced-path-encoding). |
| `draft_note_id` | integer | yes | The ID of a draft note. |
| `merge_request_iid` | integer | yes | The IID of a project merge request. |
| `note` | string | no | The content of a note. |
| `position[base_sha]` | string | yes | Base commit SHA in the source branch. |
| `position[head_sha]` | string | yes | SHA referencing HEAD of this merge request. |
| `position[start_sha]` | string | yes | SHA referencing commit in target branch. |
@ -180,9 +180,9 @@ DELETE /projects/:id/merge_requests/:merge_request_iid/draft_notes/:draft_note_i
| Attribute | Type | Required | Description |
| ------------------- | ---------------- | ----------- | --------------------- |
| `draft_note_id` | integer | yes | The ID of a draft note.
| `id` | integer or string | yes | The ID or [URL-encoded path of the project](rest/index.md#namespaced-path-encoding).
| `merge_request_iid` | integer | yes | The IID of a project merge request.
| `draft_note_id` | integer | yes | The ID of a draft note. |
| `id` | integer or string | yes | The ID or [URL-encoded path of the project](rest/index.md#namespaced-path-encoding). |
| `merge_request_iid` | integer | yes | The IID of a project merge request. |
```shell
curl --request DELETE \
@ -200,9 +200,9 @@ PUT /projects/:id/merge_requests/:merge_request_iid/draft_notes/:draft_note_id/p
| Attribute | Type | Required | Description |
| ------------------- | ---------------- | ----------- | --------------------- |
| `draft_note_id` | integer | yes | The ID of a draft note.
| `id` | integer or string | yes | The ID or [URL-encoded path of the project](rest/index.md#namespaced-path-encoding).
| `merge_request_iid` | integer | yes | The IID of a project merge request.
| `draft_note_id` | integer | yes | The ID of a draft note. |
| `id` | integer or string | yes | The ID or [URL-encoded path of the project](rest/index.md#namespaced-path-encoding). |
| `merge_request_iid` | integer | yes | The IID of a project merge request. |
```shell
curl --request PUT \

2
doc/api/issues.md
View File

@ -64,7 +64,7 @@ Supported attributes:
| `created_before` | datetime | No | Return issues created on or before the given time. Expected in ISO 8601 format (`2019-03-15T08:00:00Z`). |
| `due_date` | string | No | Return issues that have no due date, are overdue, or whose due date is this week, this month, or between two weeks ago and next month. Accepts: `0` (no due date), `any`, `today`, `tomorrow`, `overdue`, `week`, `month`, `next_month_and_previous_two_weeks`. |
| `epic_id` | integer | No | Return issues associated with the given epic ID. `None` returns issues that are not associated with an epic. `Any` returns issues that are associated with an epic. Premium and Ultimate only. |
| `health_status` | string | No | Return issues with the specified `health_status`. _([Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/370721) in GitLab 15.4)._ In [GitLab 15.5 and later](https://gitlab.com/gitlab-org/gitlab/-/issues/370721), `None` returns issues with no health status assigned, and `Any` returns issues with a health status assigned. Ultimate only.
| `health_status` | string | No | Return issues with the specified `health_status`. _([Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/370721) in GitLab 15.4)._ In [GitLab 15.5 and later](https://gitlab.com/gitlab-org/gitlab/-/issues/370721), `None` returns issues with no health status assigned, and `Any` returns issues with a health status assigned. Ultimate only. |
| `iids[]` | integer array | No | Return only the issues having the given `iid`. |
| `in` | string | No | Modify the scope of the `search` attribute. `title`, `description`, or a string joining them with comma. Default is `title,description`. |
| `issue_type` | string | No | Filter to a given type of issue. One of `issue`, `incident`, `test_case` or `task`. |

2
doc/api/issues_statistics.md
View File

@ -45,7 +45,7 @@ GET /issues_statistics?confidential=true
| `author_username` | string | no | Return issues created by the given `username`. Similar to `author_id` and mutually exclusive with `author_id`. |
| `assignee_id` | integer | no | Return issues assigned to the given user `id`. Mutually exclusive with `assignee_username`. `None` returns unassigned issues. `Any` returns issues with an assignee. |
| `assignee_username` | string array | no | Return issues assigned to the given `username`. Similar to `assignee_id` and mutually exclusive with `assignee_id`. In GitLab CE `assignee_username` array should only contain a single value or an invalid parameter error is returned otherwise. |
| `epic_id` | integer | no | Return issues associated with the given epic ID. `None` returns issues that are not associated with an epic. `Any` returns issues that are associated with an epic. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/46887) in GitLab 13.6. Premium and Ultimate only.
| `epic_id` | integer | no | Return issues associated with the given epic ID. `None` returns issues that are not associated with an epic. `Any` returns issues that are associated with an epic. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/46887) in GitLab 13.6. Premium and Ultimate only. |
| `my_reaction_emoji` | string | no | Return issues reacted by the authenticated user by the given `emoji`. `None` returns issues not given a reaction. `Any` returns issues given at least one reaction. |
| `iids[]` | integer array | no | Return only the issues having the given `iid` |
| `search` | string | no | Search issues against their `title` and `description` |

2
doc/api/merge_request_approvals.md
View File

@ -940,7 +940,7 @@ Supported attributes:
| `name` | string | Yes | The name of the approval rule. |
| `approval_project_rule_id` | integer | No | The ID of a project-level approval rule. |
| `group_ids` | Array | No | The IDs of groups as approvers. |
| `user_ids` | Array | No | The IDs of users as approvers. If you provide both `user_ids` and `usernames`, both lists of users are added.
| `user_ids` | Array | No | The IDs of users as approvers. If you provide both `user_ids` and `usernames`, both lists of users are added. |
| `usernames` | string array | No | The usernames of approvers for this rule (same as `user_ids` but requires a list of usernames). If you provide both `user_ids` and `usernames`, both lists of users are added. |
**Important:** When `approval_project_rule_id` is set, the `name`, `users` and

24
doc/api/notes.md
View File

@ -59,10 +59,10 @@ GET /projects/:id/issues/:issue_iid/notes?sort=asc&order_by=updated_at
| Attribute | Type | Required | Description |
| ------------------- | ---------------- | ---------- | --------------------------------------------------------------------------------------------------------------------------------------------------- |
| `id` | integer or string | yes | The ID or [URL-encoded path of the project](rest/index.md#namespaced-path-encoding)
| `issue_iid` | integer | yes | The IID of an issue
| `sort` | string | no | Return issue notes sorted in `asc` or `desc` order. Default is `desc`
| `order_by` | string | no | Return issue notes ordered by `created_at` or `updated_at` fields. Default is `created_at`
| `id` | integer or string | yes | The ID or [URL-encoded path of the project](rest/index.md#namespaced-path-encoding) |
| `issue_iid` | integer | yes | The IID of an issue |
| `sort` | string | no | Return issue notes sorted in `asc` or `desc` order. Default is `desc` |
| `order_by` | string | no | Return issue notes ordered by `created_at` or `updated_at` fields. Default is `created_at` |
```json
[
@ -219,10 +219,10 @@ GET /projects/:id/snippets/:snippet_id/notes?sort=asc&order_by=updated_at
| Attribute | Type | Required | Description |
| ------------------- | ---------------- | ---------- | --------------------------------------------------------------------------------------------------------------------------------------------------- |
| `id` | integer or string | yes | The ID or [URL-encoded path of the project](rest/index.md#namespaced-path-encoding)
| `snippet_id` | integer | yes | The ID of a project snippet
| `sort` | string | no | Return snippet notes sorted in `asc` or `desc` order. Default is `desc`
| `order_by` | string | no | Return snippet notes ordered by `created_at` or `updated_at` fields. Default is `created_at`
| `id` | integer or string | yes | The ID or [URL-encoded path of the project](rest/index.md#namespaced-path-encoding) |
| `snippet_id` | integer | yes | The ID of a project snippet |
| `sort` | string | no | Return snippet notes sorted in `asc` or `desc` order. Default is `desc` |
| `order_by` | string | no | Return snippet notes ordered by `created_at` or `updated_at` fields. Default is `created_at` |
```shell
curl --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/5/snippets/11/notes"
@ -350,10 +350,10 @@ GET /projects/:id/merge_requests/:merge_request_iid/notes?sort=asc&order_by=upda
| Attribute | Type | Required | Description |
| ------------------- | ---------------- | ---------- | --------------------------------------------------------------------------------------------------------------------------------------------------- |
| `id` | integer or string | yes | The ID or [URL-encoded path of the project](rest/index.md#namespaced-path-encoding)
| `merge_request_iid` | integer | yes | The IID of a project merge request
| `sort` | string | no | Return merge request notes sorted in `asc` or `desc` order. Default is `desc`
| `order_by` | string | no | Return merge request notes ordered by `created_at` or `updated_at` fields. Default is `created_at`
| `id` | integer or string | yes | The ID or [URL-encoded path of the project](rest/index.md#namespaced-path-encoding) |
| `merge_request_iid` | integer | yes | The IID of a project merge request |
| `sort` | string | no | Return merge request notes sorted in `asc` or `desc` order. Default is `desc` |
| `order_by` | string | no | Return merge request notes ordered by `created_at` or `updated_at` fields. Default is `created_at` |
```shell
curl --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/5/merge_requests/11/notes"

44
doc/api/project_import_export.md
View File

@ -58,11 +58,11 @@ POST /projects/:id/export
| Attribute | Type | Required | Description |
| --------- | -------------- | -------- | ---------------------------------------- |
| `id` | integer or string | yes | The ID or [URL-encoded path of the project](rest/index.md#namespaced-path-encoding) owned by the authenticated user.
| `upload[url]` | string | yes | The URL to upload the project.
| `description` | string | no | Overrides the project description.
| `upload` | hash | no | Hash that contains the information to upload the exported project to a web server.
| `upload[http_method]` | string | no | The HTTP method to upload the exported project. Only `PUT` and `POST` methods allowed. Default is `PUT`.
| `id` | integer or string | yes | The ID or [URL-encoded path of the project](rest/index.md#namespaced-path-encoding) owned by the authenticated user. |
| `upload[url]` | string | yes | The URL to upload the project. |
| `description` | string | no | Overrides the project description. |
| `upload` | hash | no | Hash that contains the information to upload the exported project to a web server. |
| `upload[http_method]` | string | no | The HTTP method to upload the exported project. Only `PUT` and `POST` methods allowed. Default is `PUT`. |
```shell
curl --request POST --header "PRIVATE-TOKEN: <your_access_token>" \
@ -87,7 +87,7 @@ GET /projects/:id/export
| Attribute | Type | Required | Description |
| --------- | -------------- | -------- | ---------------------------------------- |
| `id` | integer or string | yes | The ID or [URL-encoded path of the project](rest/index.md#namespaced-path-encoding) owned by the authenticated user.
| `id` | integer or string | yes | The ID or [URL-encoded path of the project](rest/index.md#namespaced-path-encoding) owned by the authenticated user. |
```shell
curl --header "PRIVATE-TOKEN: <your_access_token>" \
@ -136,7 +136,7 @@ GET /projects/:id/export/download
| Attribute | Type | Required | Description |
| --------- | ----------------- | -------- | ---------------------------------------- |
| `id` | integer or string | yes | The ID or [URL-encoded path of the project](rest/index.md#namespaced-path-encoding) owned by the authenticated user.
| `id` | integer or string | yes | The ID or [URL-encoded path of the project](rest/index.md#namespaced-path-encoding) owned by the authenticated user. |
```shell
curl --header "PRIVATE-TOKEN: <your_access_token>" --remote-header-name \
@ -232,12 +232,12 @@ POST /projects/remote-import
| Attribute | Type | Required | Description |
| ----------------- | ----------------- | -------- | ---------------------------------------- |
| `path` | string | yes | Name and path for the new project.
| `url` | string | yes | URL for the file to import.
| `name` | string | no | The name of the project to import. If not provided, defaults to the path of the project.
| `namespace` | integer or string | no | The ID or path of the namespace to import the project to. Defaults to the current user's namespace.
| `overwrite` | boolean | no | Whether to overwrite a project with the same path when importing. Defaults to `false`.
| `override_params` | Hash | no | Supports all fields defined in the [Project API](projects.md).
| `path` | string | yes | Name and path for the new project. |
| `url` | string | yes | URL for the file to import. |
| `name` | string | no | The name of the project to import. If not provided, defaults to the path of the project. |
| `namespace` | integer or string | no | The ID or path of the namespace to import the project to. Defaults to the current user's namespace. |
| `overwrite` | boolean | no | Whether to overwrite a project with the same path when importing. Defaults to `false`. |
| `override_params` | Hash | no | Supports all fields defined in the [Project API](projects.md). |
The passed override parameters take precedence over all values defined in the export file.
@ -280,14 +280,14 @@ POST /projects/remote-import-s3
| Attribute | Type | Required | Description |
| ------------------- | -------------- | -------- | ---------------------------------------- |
| `access_key_id` | string | yes | [AWS S3 access key ID](https://docs.aws.amazon.com/general/latest/gr/aws-sec-cred-types.html#access-keys-and-secret-access-keys).
| `bucket_name` | string | yes | [AWS S3 bucket name](https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucketnamingrules.html) where the file is stored.
| `file_key` | string | yes | [AWS S3 file key](https://docs.aws.amazon.com/AmazonS3/latest/userguide/UsingObjects.html) to identify the file.
| `path` | string | yes | The full path of the new project.
| `region` | string | yes | [AWS S3 region name](https://docs.aws.amazon.com/AmazonS3/latest/userguide/Welcome.html#Regions) where the file is stored.
| `secret_access_key` | string | yes | [AWS S3 secret access key](https://docs.aws.amazon.com/general/latest/gr/aws-sec-cred-types.html#access-keys-and-secret-access-keys).
| `name` | string | no | The name of the project to import. If not provided, defaults to the path of the project.
| `namespace` | integer or string | no | The ID or path of the namespace to import the project to. Defaults to the current user's namespace.
| `access_key_id` | string | yes | [AWS S3 access key ID](https://docs.aws.amazon.com/general/latest/gr/aws-sec-cred-types.html#access-keys-and-secret-access-keys). |
| `bucket_name` | string | yes | [AWS S3 bucket name](https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucketnamingrules.html) where the file is stored. |
| `file_key` | string | yes | [AWS S3 file key](https://docs.aws.amazon.com/AmazonS3/latest/userguide/UsingObjects.html) to identify the file. |
| `path` | string | yes | The full path of the new project. |
| `region` | string | yes | [AWS S3 region name](https://docs.aws.amazon.com/AmazonS3/latest/userguide/Welcome.html#Regions) where the file is stored. |
| `secret_access_key` | string | yes | [AWS S3 secret access key](https://docs.aws.amazon.com/general/latest/gr/aws-sec-cred-types.html#access-keys-and-secret-access-keys). |
| `name` | string | no | The name of the project to import. If not provided, defaults to the path of the project. |
| `namespace` | integer or string | no | The ID or path of the namespace to import the project to. Defaults to the current user's namespace. |
The passed override parameters take precedence over all values defined in the export file.
@ -354,7 +354,7 @@ GET /projects/:id/import
| Attribute | Type | Required | Description |
| --------- | -------------- | -------- | ---------------------------------------- |
| `id` | integer or string | yes | The ID or [URL-encoded path of the project](rest/index.md#namespaced-path-encoding) owned by the authenticated user.
| `id` | integer or string | yes | The ID or [URL-encoded path of the project](rest/index.md#namespaced-path-encoding) owned by the authenticated user. |
```shell
curl --header "PRIVATE-TOKEN: <your_access_token>" \

68
doc/api/project_snippets.md
View File

@ -39,7 +39,7 @@ Parameters:
| Attribute | Type | Required | Description |
|-----------|----------------|----------|-------------|
| `id` | integer or string | yes | The ID or [URL-encoded path of the project](rest/index.md#namespaced-path-encoding) owned by the authenticated user.
| `id` | integer or string | yes | The ID or [URL-encoded path of the project](rest/index.md#namespaced-path-encoding) owned by the authenticated user. |
## Single snippet
@ -53,8 +53,8 @@ Parameters:
| Attribute | Type | Required | Description |
|--------------|----------------|----------|-------------|
| `id` | integer or string | yes | The ID or [URL-encoded path of the project](rest/index.md#namespaced-path-encoding) owned by the authenticated user.
| `snippet_id` | integer | yes | The ID of a project's snippet.
| `id` | integer or string | yes | The ID or [URL-encoded path of the project](rest/index.md#namespaced-path-encoding) owned by the authenticated user. |
| `snippet_id` | integer | yes | The ID of a project's snippet. |
```json
{
@ -90,15 +90,15 @@ Parameters:
| Attribute | Type | Required | Description |
|:------------------|:----------------|:---------|:------------|
| `id` | integer or string | yes | The ID or [URL-encoded path of the project](rest/index.md#namespaced-path-encoding) owned by the authenticated user.
| `files:content` | string | yes | Content of the snippet file.
| `files:file_path` | string | yes | File path of the snippet file.
| `title` | string | yes | Title of a snippet.
| `content` | string | no | Deprecated: Use `files` instead. Content of a snippet.
| `description` | string | no | Description of a snippet.
| `file_name` | string | no | Deprecated: Use `files` instead. Name of a snippet file.
| `files` | array of hashes | no | An array of snippet files.
| `visibility` | string | no | Snippet's [visibility](#snippet-visibility-level).
| `id` | integer or string | yes | The ID or [URL-encoded path of the project](rest/index.md#namespaced-path-encoding) owned by the authenticated user. |
| `files:content` | string | yes | Content of the snippet file. |
| `files:file_path` | string | yes | File path of the snippet file. |
| `title` | string | yes | Title of a snippet. |
| `content` | string | no | Deprecated: Use `files` instead. Content of a snippet. |
| `description` | string | no | Description of a snippet. |
| `file_name` | string | no | Deprecated: Use `files` instead. Name of a snippet file. |
| `files` | array of hashes | no | An array of snippet files. |
| `visibility` | string | no | Snippet's [visibility](#snippet-visibility-level). |
Example request:
@ -139,18 +139,18 @@ Parameters:
| Attribute | Type | Required | Description |
|:----------------------|:----------------|:---------|:------------|
| `id` | integer or string | yes | The ID or [URL-encoded path of the project](rest/index.md#namespaced-path-encoding) owned by the authenticated user.
| `files:action` | string | yes | Type of action to perform on the file. One of: `create`, `update`, `delete`, `move`.
| `snippet_id` | integer | yes | The ID of a project's snippet.
| `content` | string | no | Deprecated: Use `files` instead. Content of a snippet.
| `description` | string | no | Description of a snippet.
| `files` | array of hashes | no | An array of snippet files.
| `files:content` | string | no | Content of the snippet file.
| `files:file_path` | string | no | File path of the snippet file.
| `file_name` | string | no | Deprecated: Use `files` instead. Name of a snippet file.
| `files:previous_path` | string | no | Previous path of the snippet file.
| `title` | string | no | Title of a snippet.
| `visibility` | string | no | Snippet's [visibility](#snippet-visibility-level).
| `id` | integer or string | yes | The ID or [URL-encoded path of the project](rest/index.md#namespaced-path-encoding) owned by the authenticated user. |
| `files:action` | string | yes | Type of action to perform on the file. One of: `create`, `update`, `delete`, `move`. |
| `snippet_id` | integer | yes | The ID of a project's snippet. |
| `content` | string | no | Deprecated: Use `files` instead. Content of a snippet. |
| `description` | string | no | Description of a snippet. |
| `files` | array of hashes | no | An array of snippet files. |
| `files:content` | string | no | Content of the snippet file. |
| `files:file_path` | string | no | File path of the snippet file. |
| `file_name` | string | no | Deprecated: Use `files` instead. Name of a snippet file. |
| `files:previous_path` | string | no | Previous path of the snippet file. |
| `title` | string | no | Title of a snippet. |
| `visibility` | string | no | Snippet's [visibility](#snippet-visibility-level). |
Example request:
@ -190,8 +190,8 @@ Parameters:
| Attribute | Type | Required | Description |
|:-------------|:---------------|:---------|:------------|
| `id` | integer or string | yes | The ID or [URL-encoded path of the project](rest/index.md#namespaced-path-encoding) owned by the authenticated user.
| `snippet_id` | integer | yes | The ID of a project's snippet.
| `id` | integer or string | yes | The ID or [URL-encoded path of the project](rest/index.md#namespaced-path-encoding) owned by the authenticated user. |
| `snippet_id` | integer | yes | The ID of a project's snippet. |
Example request:
@ -212,8 +212,8 @@ Parameters:
| Attribute | Type | Required | Description |
|:-------------|:---------------|:---------|:----------------------------------------------------------------------------------------------------------------|
| `id` | integer or string | yes | The ID or [URL-encoded path of the project](rest/index.md#namespaced-path-encoding) owned by the authenticated user.
| `snippet_id` | integer | yes | The ID of a project's snippet.
| `id` | integer or string | yes | The ID or [URL-encoded path of the project](rest/index.md#namespaced-path-encoding) owned by the authenticated user. |
| `snippet_id` | integer | yes | The ID of a project's snippet. |
Example request:
@ -234,10 +234,10 @@ Parameters:
| Attribute | Type | Required | Description |
|:-------------|:---------------|:---------|:------------|
| `id` | integer or string | yes | The ID or [URL-encoded path of the project](rest/index.md#namespaced-path-encoding) owned by the authenticated user.
| `file_path` | string | yes | The URL-encoded path to the file, for example, `snippet%2Erb`.
| `ref` | string | yes | The name of a branch, tag or commit, for example, `main`.
| `snippet_id` | integer | yes | The ID of a project's snippet.
| `id` | integer or string | yes | The ID or [URL-encoded path of the project](rest/index.md#namespaced-path-encoding) owned by the authenticated user. |
| `file_path` | string | yes | The URL-encoded path to the file, for example, `snippet%2Erb`. |
| `ref` | string | yes | The name of a branch, tag or commit, for example, `main`. |
| `snippet_id` | integer | yes | The ID of a project's snippet. |
Example request:
@ -256,8 +256,8 @@ GET /projects/:id/snippets/:snippet_id/user_agent_detail
| Attribute | Type | Required | Description |
|--------------|----------------|----------|-------------|
| `id` | integer or string | yes | The ID or [URL-encoded path of the project](rest/index.md#namespaced-path-encoding) owned by the authenticated user.
| `snippet_id` | Integer | yes | The ID of a snippet.
| `id` | integer or string | yes | The ID or [URL-encoded path of the project](rest/index.md#namespaced-path-encoding) owned by the authenticated user. |
| `snippet_id` | Integer | yes | The ID of a snippet. |
Example request:

28
doc/api/protected_branches.md
View File

@ -230,16 +230,16 @@ curl --request POST --header "PRIVATE-TOKEN: <your_access_token>" "https://gitla
| Attribute | Type | Required | Description |
| -------------------------------------------- | ---- | -------- | ----------- |
| `id` | integer/string | yes | The ID or [URL-encoded path of the project](rest/index.md#namespaced-path-encoding) owned by the authenticated user.
| `name` | string | yes | The name of the branch or wildcard.
| `allow_force_push` | boolean | no | When enabled, members who can push to this branch can also force push. (default: `false`)
| `allowed_to_merge` | array | no | Array of merge access levels, with each described by a hash of the form `{user_id: integer}`, `{group_id: integer}`, or `{access_level: integer}`. Premium and Ultimate only.
| `allowed_to_push` | array | no | Array of push access levels, with each described by a hash of the form `{user_id: integer}`, `{group_id: integer}`, or `{access_level: integer}`. Premium and Ultimate only.
| `id` | integer/string | yes | The ID or [URL-encoded path of the project](rest/index.md#namespaced-path-encoding) owned by the authenticated user. |
| `name` | string | yes | The name of the branch or wildcard. |
| `allow_force_push` | boolean | no | When enabled, members who can push to this branch can also force push. (default: `false`) |
| `allowed_to_merge` | array | no | Array of merge access levels, with each described by a hash of the form `{user_id: integer}`, `{group_id: integer}`, or `{access_level: integer}`. Premium and Ultimate only. |
| `allowed_to_push` | array | no | Array of push access levels, with each described by a hash of the form `{user_id: integer}`, `{group_id: integer}`, or `{access_level: integer}`. Premium and Ultimate only. |
| `allowed_to_unprotect` | array | no | Array of unprotect access levels, with each described by a hash of the form `{user_id: integer}`, `{group_id: integer}`, or `{access_level: integer}`. The access level `No access` is not available for this field. Premium and Ultimate only. |
| `code_owner_approval_required` | boolean | no | Prevent pushes to this branch if it matches an item in the [`CODEOWNERS` file](../user/project/codeowners/index.md). (defaults: false) Premium and Ultimate only.
| `merge_access_level` | integer | no | Access levels allowed to merge. (defaults: `40`, Maintainer role).
| `push_access_level` | integer | no | Access levels allowed to push. (defaults: `40`, Maintainer role)
| `unprotect_access_level` | integer | no | Access levels allowed to unprotect. (defaults: `40`, Maintainer role)
| `code_owner_approval_required` | boolean | no | Prevent pushes to this branch if it matches an item in the [`CODEOWNERS` file](../user/project/codeowners/index.md). (defaults: false) Premium and Ultimate only. |
| `merge_access_level` | integer | no | Access levels allowed to merge. (defaults: `40`, Maintainer role). |
| `push_access_level` | integer | no | Access levels allowed to push. (defaults: `40`, Maintainer role) |
| `unprotect_access_level` | integer | no | Access levels allowed to unprotect. (defaults: `40`, Maintainer role) |
Example response:
@ -469,11 +469,11 @@ curl --request PATCH --header "PRIVATE-TOKEN: <your_access_token>" "https://gitl
| Attribute | Type | Required | Description |
| -------------------------------------------- | ---- | -------- | ----------- |
| `id` | integer/string | yes | The ID or [URL-encoded path of the project](rest/index.md#namespaced-path-encoding) owned by the authenticated user.
| `name` | string | yes | The name of the branch or wildcard.
| `allow_force_push` | boolean | no | When enabled, members who can push to this branch can also force push.
| `allowed_to_merge` | array | no | Array of merge access levels, with each described by a hash of the form `{user_id: integer}`, `{group_id: integer}`, or `{access_level: integer}`. Premium and Ultimate only.
| `allowed_to_push` | array | no | Array of push access levels, with each described by a hash of the form `{user_id: integer}`, `{group_id: integer}`, or `{access_level: integer}`. Premium and Ultimate only.
| `id` | integer/string | yes | The ID or [URL-encoded path of the project](rest/index.md#namespaced-path-encoding) owned by the authenticated user. |
| `name` | string | yes | The name of the branch or wildcard. |
| `allow_force_push` | boolean | no | When enabled, members who can push to this branch can also force push. |
| `allowed_to_merge` | array | no | Array of merge access levels, with each described by a hash of the form `{user_id: integer}`, `{group_id: integer}`, or `{access_level: integer}`. Premium and Ultimate only. |
| `allowed_to_push` | array | no | Array of push access levels, with each described by a hash of the form `{user_id: integer}`, `{group_id: integer}`, or `{access_level: integer}`. Premium and Ultimate only. |
| `allowed_to_unprotect` | array | no | Array of unprotect access levels, with each described by a hash of the form `{user_id: integer}`, `{group_id: integer}`, `{access_level: integer}`, or `{id: integer, _destroy: true}` to destroy an existing access level. The access level `No access` is not available for this field. Premium and Ultimate only. |
| `code_owner_approval_required` | boolean | no | Prevent pushes to this branch if it matches an item in the [`CODEOWNERS` file](../user/project/codeowners/index.md). Premium and Ultimate only. |

6
doc/api/settings.md
View File

@ -504,8 +504,8 @@ listed in the descriptions of the relevant settings.
| `maven_package_requests_forwarding` | boolean | no | Use repo.maven.apache.org as a default remote repository when the package is not found in the GitLab Package Registry for Maven. Premium and Ultimate only. |
| `npm_package_requests_forwarding` | boolean | no | Use npmjs.org as a default remote repository when the package is not found in the GitLab Package Registry for npm. Premium and Ultimate only. |
| `pypi_package_requests_forwarding` | boolean | no | Use pypi.org as a default remote repository when the package is not found in the GitLab Package Registry for PyPI. Premium and Ultimate only. |
| `outbound_local_requests_whitelist` | array of strings | no | Define a list of trusted domains or IP addresses to which local requests are allowed when local requests for webhooks and integrations are disabled.
| `package_registry_allow_anyone_to_pull_option` | boolean | no | Enable to [allow anyone to pull from Package Registry](../user/packages/package_registry/index.md#allow-anyone-to-pull-from-package-registry) visible and changeable.
| `outbound_local_requests_whitelist` | array of strings | no | Define a list of trusted domains or IP addresses to which local requests are allowed when local requests for webhooks and integrations are disabled. |
| `package_registry_allow_anyone_to_pull_option` | boolean | no | Enable to [allow anyone to pull from Package Registry](../user/packages/package_registry/index.md#allow-anyone-to-pull-from-package-registry) visible and changeable. |
| `package_metadata_purl_types` | array of integers | no | List of [package registry metadata to sync](../administration/settings/security_and_compliance.md#choose-package-registry-metadata-to-sync). See [the list](https://gitlab.com/gitlab-org/gitlab/-/blob/ace16c20d5da7c4928dd03fb139692638b557fe3/app/models/concerns/enums/package_metadata.rb#L5) of the available values. Self-managed, Ultimate only. |
| `pages_domain_verification_enabled` | boolean | no | Require users to prove ownership of custom domains. Domain verification is an essential security measure for public GitLab sites. Users are required to demonstrate they control a domain before it is enabled. |
| `password_authentication_enabled_for_git` | boolean | no | Enable authentication for Git over HTTP(S) via a GitLab account password. Default is `true`. |
@ -529,7 +529,7 @@ listed in the descriptions of the relevant settings.
| `plantuml_url` | string | required by: `plantuml_enabled` | The PlantUML instance URL for integration. |
| `polling_interval_multiplier` | decimal | no | Interval multiplier used by endpoints that perform polling. Set to `0` to disable polling. |
| `project_export_enabled` | boolean | no | Enable project export. |
| `project_jobs_api_rate_limit` | integer |no | Maximum authenticated requests to `/project/:id/jobs` per minute. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/129319) in GitLab 16.5. Default: 600.
| `project_jobs_api_rate_limit` | integer |no | Maximum authenticated requests to `/project/:id/jobs` per minute. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/129319) in GitLab 16.5. Default: 600. |
| `projects_api_rate_limit_unauthenticated` | integer | no | [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/112283) in GitLab 15.10. Max number of requests per 10 minutes per IP address for unauthenticated requests to the [list all projects API](projects.md#list-all-projects). Default: 400. To disable throttling set to 0.|
| `prometheus_metrics_enabled` | boolean | no | Enable Prometheus metrics. |
| `protected_ci_variables` | boolean | no | CI/CD variables are protected by default. |

6
doc/api/users.md
View File

@ -564,7 +564,7 @@ Parameters:
| Attribute | Required | Description |
| :----------------------------------- | :------- | :------------------------------------------------------------------------------------------------------------------------------------------------------ |
| `admin` | No | User is an administrator. Valid values are `true` or `false`. Defaults to false.
| `admin` | No | User is an administrator. Valid values are `true` or `false`. Defaults to false. |
| `auditor` | No | User is an auditor. Valid values are `true` or `false`. Defaults to false. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/366404) in GitLab 15.3. Premium and Ultimate only. |
| `avatar` | No | Image file for user's avatar |
| `bio` | No | User's biography |
@ -620,7 +620,7 @@ Parameters:
| Attribute | Required | Description |
| :----------------------------------- | :------- | :------------------------------------------------------------------------------------------------------------------------------------------------------ |
| `admin` | No |User is an administrator. Valid values are `true` or `false`. Defaults to false.
| `admin` | No |User is an administrator. Valid values are `true` or `false`. Defaults to false. |
| `auditor` | No | User is an auditor. Valid values are `true` or `false`. Defaults to false. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/366404) in GitLab 15.3.(default) Premium and Ultimate only. |
| `avatar` | No | Image file for user's avatar |
| `bio` | No | User's biography |
@ -903,7 +903,7 @@ PATCH /user/status
| -------------------- | ------ | -------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| `emoji` | string | no | Name of the emoji to use as status. If omitted `speech_balloon` is used. Emoji name can be one of the specified names in the [Gemojione index](https://github.com/bonusly/gemojione/blob/master/config/index.json). |
| `message` | string | no | Message to set as a status. It can also contain emoji codes. Cannot exceed 100 characters. |
| `clear_status_after` | string | no | Automatically clean up the status after a given time interval, allowed values: `30_minutes`, `3_hours`, `8_hours`, `1_day`, `3_days`, `7_days`, `30_days`
| `clear_status_after` | string | no | Automatically clean up the status after a given time interval, allowed values: `30_minutes`, `3_hours`, `8_hours`, `1_day`, `3_days`, `7_days`, `30_days` |
Difference between `PUT` and `PATCH`

24
doc/development/database/iterating_tables_in_batches.md
View File

@ -141,18 +141,18 @@ already deleted). One index exists on the `id` field:
| `ID` | `sign_in_count` | `created_at` |
| -- | :-------------: | ------------ |
| 1 | 1 | 2020-01-01
| 2 | 4 | 2020-01-01
| 9 | 1 | 2020-01-03
| 300 | 5 | 2020-01-03
| 301 | 9 | 2020-01-03
| 302 | 8 | 2020-01-03
| 303 | 2 | 2020-01-03
| 350 | 1 | 2020-01-03
| 351 | 3 | 2020-01-04
| 352 | 0 | 2020-01-05
| 353 | 9 | 2020-01-11
| 354 | 3 | 2020-01-12
| 1 | 1 | 2020-01-01 |
| 2 | 4 | 2020-01-01 |
| 9 | 1 | 2020-01-03 |
| 300 | 5 | 2020-01-03 |
| 301 | 9 | 2020-01-03 |
| 302 | 8 | 2020-01-03 |
| 303 | 2 | 2020-01-03 |
| 350 | 1 | 2020-01-03 |
| 351 | 3 | 2020-01-04 |
| 352 | 0 | 2020-01-05 |
| 353 | 9 | 2020-01-11 |
| 354 | 3 | 2020-01-12 |
Loading all users into memory (avoid):

2
doc/development/documentation/feature_flags.md
View File

@ -95,7 +95,7 @@ This feature is not ready for production use.
| If the feature is... | Use this text |
|---------------------------------------------|---------------|
| Available | `On GitLab.com, this feature is available.` |
| Available to GitLab.com administrators only | `On GitLab.com, this feature is available but can be configured by GitLab.com administrators only.`
| Available to GitLab.com administrators only | `On GitLab.com, this feature is available but can be configured by GitLab.com administrators only.` |
| Unavailable | `On GitLab.com, this feature is not available.`|
### Optional information

4
doc/development/fe_guide/haml.md
View File

@ -101,7 +101,7 @@ Currently only the listed components are available but more components are plann
This component supports [ViewComponent slots](https://viewcomponent.org/guide/slots.html).
| Slot | Description
| Slot | Description |
|---|---|
| `label` | Checkbox label content. This slot can be used instead of the `label` argument. |
| `help_text` | Help text content displayed below the checkbox. This slot can be used instead of the `help_text` argument. |
@ -125,7 +125,7 @@ This component supports [ViewComponent slots](https://viewcomponent.org/guide/sl
This component supports [ViewComponent slots](https://viewcomponent.org/guide/slots.html).
| Slot | Description
| Slot | Description |
|---|---|
| `label` | Checkbox label content. This slot can be used instead of the `label` argument. |
| `help_text` | Help text content displayed below the radio button. This slot can be used instead of the `help_text` argument. |

2
doc/development/fe_guide/source_editor.md
View File

@ -72,7 +72,7 @@ The editor uses the same public API as
[provided by Monaco editor](https://microsoft.github.io/monaco-editor/docs.html)
with additional functions on the instance level:
| Function | Arguments | Description
| Function | Arguments | Description |
| --------------------- | ----- | ----- |
| `updateModelLanguage` | `path`: String | Updates the instance's syntax highlighting to follow the extension of the passed `path`. Available only on the instance level. |
| `use` | Array of objects | Array of extensions to apply to the instance. Accepts only an array of **objects**. The extensions' ES6 modules must be fetched and resolved in your views or components before they're passed to `use`. Available on the instance and global editor (all instances) levels. |

2
doc/development/go_guide/go_upgrade.md
View File

@ -151,7 +151,7 @@ if you need help finding the correct person or labels:
| [Alertmanager](https://github.com/prometheus/alertmanager) | [Issue Tracker](https://gitlab.com/gitlab-org/gitlab/-/issues) |
| Docker Distribution Pruner | [Issue Tracker](https://gitlab.com/gitlab-org/docker-distribution-pruner) |
| Gitaly | [Issue Tracker](https://gitlab.com/gitlab-org/gitaly/-/issues) |
| GitLab CLI (`glab`). | [Issue Tracker](https://gitlab.com/gitlab-org/cli/-/issues)
| GitLab CLI (`glab`). | [Issue Tracker](https://gitlab.com/gitlab-org/cli/-/issues) |
| GitLab Compose Kit | [Issuer Tracker](https://gitlab.com/gitlab-org/gitlab-compose-kit/-/issues) |
| GitLab container registry | [Issue Tracker](https://gitlab.com/gitlab-org/container-registry) |
| GitLab Elasticsearch Indexer | [Issue Tracker](https://gitlab.com/gitlab-org/gitlab-elasticsearch-indexer/-/issues) |

72
doc/development/integrations/index.md
View File

@ -105,22 +105,22 @@ the class method `Integration.supported_events` in your model.
The following events are supported for integrations:
| Event type | Default | Value | Trigger
|:-----------------------------------------------------------------------------------------------|:--------|:---------------------|:--
| Alert event | | `alert` | A a new, unique alert is recorded.
| Commit event | ✓ | `commit` | A commit is created or updated.
| [Deployment event](../../user/project/integrations/webhook_events.md#deployment-events) | | `deployment` | A deployment starts or finishes.
| [Issue event](../../user/project/integrations/webhook_events.md#issue-events) | ✓ | `issue` | An issue is created, updated, or closed.
| [Confidential issue event](../../user/project/integrations/webhook_events.md#issue-events) | ✓ | `confidential_issue` | A confidential issue is created, updated, or closed.
| [Job event](../../user/project/integrations/webhook_events.md#job-events) | | `job`
| [Merge request event](../../user/project/integrations/webhook_events.md#merge-request-events) | ✓ | `merge_request` | A merge request is created, updated, or merged.
| [Comment event](../../user/project/integrations/webhook_events.md#comment-events) | | `comment` | A new comment is added.
| [Confidential comment event](../../user/project/integrations/webhook_events.md#comment-events) | | `confidential_note` | A new comment on a confidential issue is added.
| [Pipeline event](../../user/project/integrations/webhook_events.md#pipeline-events) | | `pipeline` | A pipeline status changes.
| [Push event](../../user/project/integrations/webhook_events.md#push-events) | ✓ | `push` | A push is made to the repository.
| [Tag push event](../../user/project/integrations/webhook_events.md#tag-events) | ✓ | `tag_push` | New tags are pushed to the repository.
| Vulnerability event | | `vulnerability` | A new, unique vulnerability is recorded. Ultimate only.
| [Wiki page event](../../user/project/integrations/webhook_events.md#wiki-page-events) | ✓ | `wiki_page` | A wiki page is created or updated.
| Event type | Default | Value | Trigger |
|:-----------------------------------------------------------------------------------------------|:--------|:---------------------|:--|
| Alert event | | `alert` | A a new, unique alert is recorded. |
| Commit event | ✓ | `commit` | A commit is created or updated. |
| [Deployment event](../../user/project/integrations/webhook_events.md#deployment-events) | | `deployment` | A deployment starts or finishes. |
| [Issue event](../../user/project/integrations/webhook_events.md#issue-events) | ✓ | `issue` | An issue is created, updated, or closed. |
| [Confidential issue event](../../user/project/integrations/webhook_events.md#issue-events) | ✓ | `confidential_issue` | A confidential issue is created, updated, or closed. |
| [Job event](../../user/project/integrations/webhook_events.md#job-events) | | `job` | |
| [Merge request event](../../user/project/integrations/webhook_events.md#merge-request-events) | ✓ | `merge_request` | A merge request is created, updated, or merged. |
| [Comment event](../../user/project/integrations/webhook_events.md#comment-events) | | `comment` | A new comment is added. |
| [Confidential comment event](../../user/project/integrations/webhook_events.md#comment-events) | | `confidential_note` | A new comment on a confidential issue is added. |
| [Pipeline event](../../user/project/integrations/webhook_events.md#pipeline-events) | | `pipeline` | A pipeline status changes. |
| [Push event](../../user/project/integrations/webhook_events.md#push-events) | ✓ | `push` | A push is made to the repository. |
| [Tag push event](../../user/project/integrations/webhook_events.md#tag-events) | ✓ | `tag_push` | New tags are pushed to the repository. |
| Vulnerability event | | `vulnerability` | A new, unique vulnerability is recorded. Ultimate only. |
| [Wiki page event](../../user/project/integrations/webhook_events.md#wiki-page-events) | ✓ | `wiki_page` | A wiki page is created or updated. |
#### Event examples
@ -214,35 +214,35 @@ To add your custom properties to the form, you can define the metadata for them
This method should return an array of hashes for each field, where the keys can be:
| Key | Type | Required | Default | Description
|:---------------|:--------|:---------|:-----------------------------|:--
| `type:` | symbol | true | `:text` | The type of the form field. Can be `:text`, `:textarea`, `:password`, `:checkbox`, or `:select`.
| `name:` | string | true | | The property name for the form field.
| `required:` | boolean | false | `false` | Specify if the form field is required or optional. Note [backend validations](#define-validations) for presence are still needed.
| `title:` | string | false | Capitalized value of `name:` | The label for the form field.
| `placeholder:` | string | false | | A placeholder for the form field.
| `help:` | string | false | | A help text that displays below the form field.
| `api_only:` | boolean | false | `false` | Specify if the field should only be available through the API, and excluded from the frontend form.
| `if:` | boolean or lambda | false | `true` | Specify if the field should be available. The value can be a boolean or a lambda.
| Key | Type | Required | Default | Description |
|:---------------|:--------|:---------|:-----------------------------|:--|
| `type:` | symbol | true | `:text` | The type of the form field. Can be `:text`, `:textarea`, `:password`, `:checkbox`, or `:select`. |
| `name:` | string | true | | The property name for the form field. |
| `required:` | boolean | false | `false` | Specify if the form field is required or optional. Note [backend validations](#define-validations) for presence are still needed. |
| `title:` | string | false | Capitalized value of `name:` | The label for the form field. |
| `placeholder:` | string | false | | A placeholder for the form field. |
| `help:` | string | false | | A help text that displays below the form field. |
| `api_only:` | boolean | false | `false` | Specify if the field should only be available through the API, and excluded from the frontend form. |
| `if:` | boolean or lambda | false | `true` | Specify if the field should be available. The value can be a boolean or a lambda. |
### Additional keys for `type: :checkbox`
| Key | Type | Required | Default | Description
|:------------------|:-------|:---------|:------------------|:--
| `checkbox_label:` | string | false | Value of `title:` | A custom label that displays next to the checkbox.
| Key | Type | Required | Default | Description |
|:------------------|:-------|:---------|:------------------|:--|
| `checkbox_label:` | string | false | Value of `title:` | A custom label that displays next to the checkbox. |
### Additional keys for `type: :select`
| Key | Type | Required | Default | Description
|:-----------|:------|:---------|:--------|:--
| `choices:` | array | true | | A nested array of `[label, value]` tuples.
| Key | Type | Required | Default | Description |
|:-----------|:------|:---------|:--------|:--|
| `choices:` | array | true | | A nested array of `[label, value]` tuples. |
### Additional keys for `type: :password`
| Key | Type | Required | Default | Description
|:----------------------------|:-------|:---------|:------------------|:--
| `non_empty_password_title:` | string | false | Value of `title:` | An alternative label that displays when a value is already stored.
| `non_empty_password_help:` | string | false | Value of `help:` | An alternative help text that displays when a value is already stored.
| Key | Type | Required | Default | Description |
|:----------------------------|:-------|:---------|:------------------|:--|
| `non_empty_password_title:` | string | false | Value of `title:` | An alternative label that displays when a value is already stored. |
| `non_empty_password_help:` | string | false | Value of `help:` | An alternative help text that displays when a value is already stored. |
### Frontend form examples

130
doc/development/packages/settings.md
View File

@ -12,77 +12,77 @@ This page includes an exhaustive list of settings related to and maintained by t
### Package registry
Setting | Table | Description
------- | ----- | -----------
`npm_package_requests_forwarding` | `application_settings` | Enables or disables npm package forwarding at the instance level.
`pypi_package_requests_forwarding` | `application_settings` | Enables or disables PyPI package forwarding at the instance level.
`packages_cleanup_package_file_worker_capacity` | `application_settings` | Number of concurrent workers allowed for package file cleanup.
`package_registry_allow_anyone_to_pull_option` | `application_settings` | Enables or disables the `Allow anyone to pull from Package Registry` toggle.
`throttle_unauthenticated_packages_api_requests_per_period` | `application_settings` | Request limit for unauthenticated package API requests in the period defined by `throttle_unauthenticated_packages_api_period_in_seconds`.
`throttle_unauthenticated_packages_api_period_in_seconds` | `application_settings` | Period in seconds to measure unauthenticated package API requests.
`throttle_authenticated_packages_api_requests_per_period` | `application_settings` | Request limit for authenticated package API requests in the period defined by `throttle_authenticated_packages_api_period_in_seconds`.
`throttle_authenticated_packages_api_period_in_seconds` | `application_settings` | Period in seconds to measure authenticated package API requests.
`throttle_unauthenticated_packages_api_enabled` | `application_settings`
`throttle_authenticated_packages_api_enabled` | `application_settings` | Enables or disables request limits/throttling for the package API.
`conan_max_file_size` | `plan_limits` | Maximum file size for a Conan package file.
`maven_max_file_size` | `plan_limits` | Maximum file size for a Maven package file.
`npm_max_file_size` | `plan_limits` | Maximum file size for an npm package file.
`nuget_max_file_size` | `plan_limits` | Maximum file size for a NuGet package file.
`pypi_max_file_size` | `plan_limits` | Maximum file size for a PyPI package file.
`generic_packages_max_file_size` | `plan_limits` | Maximum file size for a generic package file.
`golang_max_file_size` | `plan_limits` | Maximum file size for a GoProxy package file.
`debian_max_file_size` | `plan_limits` | Maximum file size for a Debian package file.
`rubygems_max_file_size` | `plan_limits` | Maximum file size for a RubyGems package file.
`terraform_module_max_file_size` | `plan_limits` | Maximum file size for a Terraform package file.
`helm_max_file_size` | `plan_limits` | Maximum file size for a Helm package file.
| Setting | Table | Description |
| ------- | ----- | -----------|
| `npm_package_requests_forwarding` | `application_settings` | Enables or disables npm package forwarding at the instance level. |
| `pypi_package_requests_forwarding` | `application_settings` | Enables or disables PyPI package forwarding at the instance level. |
| `packages_cleanup_package_file_worker_capacity` | `application_settings` | Number of concurrent workers allowed for package file cleanup. |
| `package_registry_allow_anyone_to_pull_option` | `application_settings` | Enables or disables the `Allow anyone to pull from Package Registry` toggle. |
| `throttle_unauthenticated_packages_api_requests_per_period` | `application_settings` | Request limit for unauthenticated package API requests in the period defined by `throttle_unauthenticated_packages_api_period_in_seconds`. |
| `throttle_unauthenticated_packages_api_period_in_seconds` | `application_settings` | Period in seconds to measure unauthenticated package API requests. |
| `throttle_authenticated_packages_api_requests_per_period` | `application_settings` | Request limit for authenticated package API requests in the period defined by `throttle_authenticated_packages_api_period_in_seconds`. |
| `throttle_authenticated_packages_api_period_in_seconds` | `application_settings` | Period in seconds to measure authenticated package API requests. |
| `throttle_unauthenticated_packages_api_enabled` | `application_settings` | |
| `throttle_authenticated_packages_api_enabled` | `application_settings` | Enables or disables request limits/throttling for the package API. |
| `conan_max_file_size` | `plan_limits` | Maximum file size for a Conan package file. |
| `maven_max_file_size` | `plan_limits` | Maximum file size for a Maven package file. |
| `npm_max_file_size` | `plan_limits` | Maximum file size for an npm package file. |
| `nuget_max_file_size` | `plan_limits` | Maximum file size for a NuGet package file. |
| `pypi_max_file_size` | `plan_limits` | Maximum file size for a PyPI package file. |
| `generic_packages_max_file_size` | `plan_limits` | Maximum file size for a generic package file. |
| `golang_max_file_size` | `plan_limits` | Maximum file size for a GoProxy package file. |
| `debian_max_file_size` | `plan_limits` | Maximum file size for a Debian package file. |
| `rubygems_max_file_size` | `plan_limits` | Maximum file size for a RubyGems package file. |
| `terraform_module_max_file_size` | `plan_limits` | Maximum file size for a Terraform package file. |
| `helm_max_file_size` | `plan_limits` | Maximum file size for a Helm package file. |
### Container registry
Setting | Table | Description
------- | ----- | -----------
`container_registry_token_expire_delay` | `application_settings` | The time in minutes before the container registry auth token (JWT) expires.
`container_expiration_policies_enable_historic_entries` | `application_settings` | Allow or prevent projects older than 12.8 to use container cleanup policies.
`container_registry_vendor` | `application_settings` | The vendor of the container registry. `gitlab` for the GitLab container registry, other values for external registries.
`container_registry_version` | `application_settings` | The current version of the container registry.
`container_registry_features` | `application_settings` | Features supported by the connected container registry. For example, tag deletion.
`container_registry_delete_tags_service_timeout` | `application_settings` | The maximum time (in seconds) that the cleanup process can take to delete a batch of tags.
`container_registry_expiration_policies_worker_capacity` | `application_settings` | Number of concurrent container image cleanup policy workers allowed.
`container_registry_cleanup_tags_service_max_list_size` | `application_settings` | The maximum number of tags that can be deleted in a cleanup policy single execution. Additional tags must be deleted in another execution.
`container_registry_expiration_policies_caching` | `application_settings` | Enable or disable tag creation timestamp caching during execution of cleanup policies.
`container_registry_import_max_tags_count` | `application_settings` | Defines what is a the maximum amount of tags that we accept to migrate.
`container_registry_import_max_retries` | `application_settings` | The maximum amount of retries done on a migration that is aborted.
`container_registry_import_start_max_retries` | `application_settings` | The maximum amount of requests to start an import step that is sent to the container registry API.
`container_registry_import_max_step_duration` | `application_settings` | The maximum amount of seconds before an ongoing migration is considered as stale.
`container_registry_import_target_plan` | `application_settings` | The target subscription plan on which we're intend to pick container repositories.
`container_registry_import_created_before` | `application_settings` | Only image repositories created before this timestamp are eligible for the migration.
`container_registry_pre_import_timeout` | `application_settings` | The timeout for long running `pre_imports` before they are canceled by the `GuardWorker`.
`container_registry_import_timeout` | `application_settings` | The timeout for long running imports before they are canceled by the `GuardWorker`.
`dependency_proxy_ttl_group_policy_worker_capacity` | `application_settings` | Number of concurrent dependency proxy cleanup policy workers allowed.
| Setting | Table | Description |
| ------- | ----- | -----------|
| `container_registry_token_expire_delay` | `application_settings` | The time in minutes before the container registry auth token (JWT) expires. |
| `container_expiration_policies_enable_historic_entries` | `application_settings` | Allow or prevent projects older than 12.8 to use container cleanup policies. |
| `container_registry_vendor` | `application_settings` | The vendor of the container registry. `gitlab` for the GitLab container registry, other values for external registries. |
| `container_registry_version` | `application_settings` | The current version of the container registry. |
| `container_registry_features` | `application_settings` | Features supported by the connected container registry. For example, tag deletion. |
| `container_registry_delete_tags_service_timeout` | `application_settings` | The maximum time (in seconds) that the cleanup process can take to delete a batch of tags. |
| `container_registry_expiration_policies_worker_capacity` | `application_settings` | Number of concurrent container image cleanup policy workers allowed. |
| `container_registry_cleanup_tags_service_max_list_size` | `application_settings` | The maximum number of tags that can be deleted in a cleanup policy single execution. Additional tags must be deleted in another execution. |
| `container_registry_expiration_policies_caching` | `application_settings` | Enable or disable tag creation timestamp caching during execution of cleanup policies. |
| `container_registry_import_max_tags_count` | `application_settings` | Defines what is a the maximum amount of tags that we accept to migrate. |
| `container_registry_import_max_retries` | `application_settings` | The maximum amount of retries done on a migration that is aborted. |
| `container_registry_import_start_max_retries` | `application_settings` | The maximum amount of requests to start an import step that is sent to the container registry API. |
| `container_registry_import_max_step_duration` | `application_settings` | The maximum amount of seconds before an ongoing migration is considered as stale. |
| `container_registry_import_target_plan` | `application_settings` | The target subscription plan on which we're intend to pick container repositories. |
| `container_registry_import_created_before` | `application_settings` | Only image repositories created before this timestamp are eligible for the migration. |
| `container_registry_pre_import_timeout` | `application_settings` | The timeout for long running `pre_imports` before they are canceled by the `GuardWorker`. |
| `container_registry_import_timeout` | `application_settings` | The timeout for long running imports before they are canceled by the `GuardWorker`. |
| `dependency_proxy_ttl_group_policy_worker_capacity` | `application_settings` | Number of concurrent dependency proxy cleanup policy workers allowed. |
## Namespace/Group Settings
Setting | Table | Description
------- | ----- | -----------
`maven_duplicates_allowed` | `namespace_package_settings` | Allow or prevent duplicate Maven packages.
`maven_duplicate_exception_regex` | `namespace_package_settings` | Regex defining Maven packages that are allowed to be duplicate when duplicates are not allowed. This matches the name and version of the package.
`generic_duplicates_allowed` | `namespace_package_settings` | Allow or prevent duplicate generic packages.
`generic_duplicate_exception_regex` | `namespace_package_settings` | Regex defining generic packages that are allowed to be duplicate when duplicates are not allowed.
`nuget_duplicates_allowed` | `namespace_package_settings` | Allow or prevent duplicate NuGet packages.
`nuget_duplicate_exception_regex` | `namespace_package_settings` | Regex defining NuGet packages that are allowed to be duplicate when duplicates are not allowed.
`nuget_symbol_server_enabled` | `namespace_package_settings` | Enable or disable the NuGet symbol server.
`terraform_module_duplicates_allowed` | `namespace_package_settings` | Allow or prevent duplicate Terraform module packages.
`terraform_module_duplicate_exception_regex` | `namespace_package_settings` | Regex defining Terraform module packages that are allowed to be duplicate when duplicates are not allowed.
Dependency Proxy Cleanup Policies - `ttl` | `dependency_proxy_image_ttl_group_policies` | Number of days to retain an unused Dependency Proxy file before it is removed.
Dependency Proxy - `enabled` | `dependency_proxy_image_ttl_group_policies` | Enable or disable the Dependency Proxy cleanup policy.
| Setting | Table | Description |
| ------- | ----- | -----------|
| `maven_duplicates_allowed` | `namespace_package_settings` | Allow or prevent duplicate Maven packages. |
| `maven_duplicate_exception_regex` | `namespace_package_settings` | Regex defining Maven packages that are allowed to be duplicate when duplicates are not allowed. This matches the name and version of the package. |
| `generic_duplicates_allowed` | `namespace_package_settings` | Allow or prevent duplicate generic packages. |
| `generic_duplicate_exception_regex` | `namespace_package_settings` | Regex defining generic packages that are allowed to be duplicate when duplicates are not allowed. |
| `nuget_duplicates_allowed` | `namespace_package_settings` | Allow or prevent duplicate NuGet packages. |
| `nuget_duplicate_exception_regex` | `namespace_package_settings` | Regex defining NuGet packages that are allowed to be duplicate when duplicates are not allowed. |
| `nuget_symbol_server_enabled` | `namespace_package_settings` | Enable or disable the NuGet symbol server. |
| `terraform_module_duplicates_allowed` | `namespace_package_settings` | Allow or prevent duplicate Terraform module packages. |
| `terraform_module_duplicate_exception_regex` | `namespace_package_settings` | Regex defining Terraform module packages that are allowed to be duplicate when duplicates are not allowed. |
| Dependency Proxy Cleanup Policies - `ttl` | `dependency_proxy_image_ttl_group_policies` | Number of days to retain an unused Dependency Proxy file before it is removed. |
| Dependency Proxy - `enabled` | `dependency_proxy_image_ttl_group_policies` | Enable or disable the Dependency Proxy cleanup policy. |
## Project Settings
Setting | Table | Description
------- | ----- | -----------
Container Cleanup Policies - `next_run_at` | `container_expiration_policies` | When the project qualifies for the next container cleanup policy cron worker.
Container Cleanup Policies - `name_regex` | `container_expiration_policies` | Regex defining image names to remove with the container cleanup policy.
Container Cleanup Policies - `cadence` | `container_expiration_policies` | How often the container cleanup policy should run.
Container Cleanup Policies - `older_than` | `container_expiration_policies` | Age of images to remove with the container cleanup policy.
Container Cleanup Policies - `keep_n` | `container_expiration_policies` | Number of images to retain in a container cleanup policy.
Container Cleanup Policies - `enabled` | `container_expiration_policies` | Enable or disable a container cleanup policy.
Container Cleanup Policies - `name_regex_keep` | `container_expiration_policies` | Regex defining image names to always keep regardless of other rules with the container cleanup policy.
| Setting | Table | Description |
| ------- | ----- | -----------|
| Container Cleanup Policies - `next_run_at` | `container_expiration_policies` | When the project qualifies for the next container cleanup policy cron worker. |
| Container Cleanup Policies - `name_regex` | `container_expiration_policies` | Regex defining image names to remove with the container cleanup policy. |
| Container Cleanup Policies - `cadence` | `container_expiration_policies` | How often the container cleanup policy should run. |
| Container Cleanup Policies - `older_than` | `container_expiration_policies` | Age of images to remove with the container cleanup policy. |
| Container Cleanup Policies - `keep_n` | `container_expiration_policies` | Number of images to retain in a container cleanup policy. |
| Container Cleanup Policies - `enabled` | `container_expiration_policies` | Enable or disable a container cleanup policy. |
| Container Cleanup Policies - `name_regex_keep` | `container_expiration_policies` | Regex defining image names to always keep regardless of other rules with the container cleanup policy. |

4
doc/development/testing_guide/end_to_end/execution_context_selection.md
View File

@ -49,7 +49,7 @@ Matches use:
| The `ee:instance` job | `only: { job: 'ee:instance' }` | The `ee:instance` job in any pipeline |
| Any `quarantine` job | `only: { job: '.*quarantine' }` | Any job ending in `quarantine` in any pipeline |
| Local development environment | `only: :local` | Any environment where `Runtime::Env.running_in_ci?` is false |
| Any run where condition evaluates to a truthy value | `only: { condition: -> { ENV['TEST_ENV'] == 'true' } }` | Any run where `TEST_ENV` is set to true
| Any run where condition evaluates to a truthy value | `only: { condition: -> { ENV['TEST_ENV'] == 'true' } }` | Any run where `TEST_ENV` is set to true |
```ruby
RSpec.describe 'Area' do
@ -92,7 +92,7 @@ Matches use:
| The `nightly` and `canary` pipelines | `only: { pipeline: [:nightly, :canary] }` | ["nightly scheduled pipeline"](https://gitlab.com/gitlab-org/gitlab/-/pipeline_schedules) and ["canary"](https://gitlab.com/gitlab-org/quality/canary) |
| The `ee:instance` job | `except: { job: 'ee:instance' }` | The `ee:instance` job in any pipeline |
| Any `quarantine` job | `except: { job: '.*quarantine' }` | Any job ending in `quarantine` in any pipeline |
| Any run except where condition evaluates to a truthy value | `except: { condition: -> { ENV['TEST_ENV'] == 'true' } }` | Any run where `TEST_ENV` is not set to true
| Any run except where condition evaluates to a truthy value | `except: { condition: -> { ENV['TEST_ENV'] == 'true' } }` | Any run where `TEST_ENV` is not set to true |
```ruby
RSpec.describe 'Area' do

2
doc/development/testing_guide/end_to_end/rspec_metadata_tests.md
View File

@ -36,7 +36,7 @@ This is a partial list of the [RSpec metadata](https://rspec.info/features/3-12/
| `:oauth` | The test uses and external OmniAuth provider to log in to GitLab |
| `:object_storage` | The test requires a GitLab instance to be configured to use multiple [object storage types](../../../administration/object_storage.md). Uses MinIO as the object storage server. |
| `:only` | The test is only to be run in specific execution contexts. See [test execution context selection](execution_context_selection.md) for more information. |
| `:orchestrated` | The GitLab instance under test may be [configured by `gitlab-qa`](https://gitlab.com/gitlab-org/gitlab-qa/-/blob/master/docs/what_tests_can_be_run.md#orchestrated-tests) to be different to the default GitLab configuration, or `gitlab-qa` may launch additional services in separate Docker containers, or both. Tests tagged with `:orchestrated` are excluded when testing environments where we can't dynamically modify the GitLab configuration (for example, Staging). | |
| `:orchestrated` | The GitLab instance under test may be [configured by `gitlab-qa`](https://gitlab.com/gitlab-org/gitlab-qa/-/blob/master/docs/what_tests_can_be_run.md#orchestrated-tests) to be different to the default GitLab configuration, or `gitlab-qa` may launch additional services in separate Docker containers, or both. Tests tagged with `:orchestrated` are excluded when testing environments where we can't dynamically modify the GitLab configuration (for example, Staging). |
| `:product_group` | Specifies what product group the test belongs to. See [Product sections, stages, groups, and categories](https://handbook.gitlab.com/handbook/product/categories/) for the comprehensive groups list. |
| `:quarantine` | The test has been [quarantined](https://handbook.gitlab.com/handbook/engineering/infrastructure/test-platform/debugging-qa-test-failures/#quarantining-tests), runs in a separate job that only includes quarantined tests, and is allowed to fail. The test is skipped in its regular job so that if it fails it doesn't hold up the pipeline. Note that you can also [quarantine a test only when it runs in a specific context](execution_context_selection.md#quarantine-a-test-for-a-specific-environment). |
| `:relative_url` | The test requires a GitLab instance to be installed under a [relative URL](../../../install/relative_url.md). |

2
doc/development/utilities.md
View File

@ -152,7 +152,7 @@ Derived.f # => nil
## `StrongMemoize`
Refer to [`strong_memoize.rb`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/utils/strong_memoize.rb):
Refer to [`strong_memoize.rb`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/gems/gitlab-utils/lib/gitlab/utils/strong_memoize.rb):
- Memoize the value even if it is `nil` or `false`.

6
doc/integration/advanced_search/elasticsearch.md
View File

@ -659,9 +659,9 @@ The following are some available Rake tasks:
| [`sudo gitlab-rake gitlab:elastic:pause_indexing`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/lib/tasks/gitlab/elastic.rake) | Pauses Elasticsearch indexing. Changes are still tracked. Useful for cluster/index migrations. |
| [`sudo gitlab-rake gitlab:elastic:resume_indexing`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/lib/tasks/gitlab/elastic.rake) | Resumes Elasticsearch indexing. |
| [`sudo gitlab-rake gitlab:elastic:index_projects`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/lib/tasks/gitlab/elastic.rake) | Iterates over all projects, and queues Sidekiq jobs to index them in the background. It can only be used after the index is created. |
| [`sudo gitlab-rake gitlab:elastic:index_group_entities`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/lib/tasks/gitlab/elastic.rake) | Invokes `gitlab:elastic:index_epics` and `gitlab:elastic:index_group_wikis`.
| [`sudo gitlab-rake gitlab:elastic:index_epics`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/lib/tasks/gitlab/elastic.rake) | Indexes all epics from the groups where Elasticsearch is enabled.
| [`sudo gitlab-rake gitlab:elastic:index_group_wikis`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/lib/tasks/gitlab/elastic.rake) | Indexes all wikis from the groups where Elasticsearch is enabled.
| [`sudo gitlab-rake gitlab:elastic:index_group_entities`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/lib/tasks/gitlab/elastic.rake) | Invokes `gitlab:elastic:index_epics` and `gitlab:elastic:index_group_wikis`. |
| [`sudo gitlab-rake gitlab:elastic:index_epics`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/lib/tasks/gitlab/elastic.rake) | Indexes all epics from the groups where Elasticsearch is enabled. |
| [`sudo gitlab-rake gitlab:elastic:index_group_wikis`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/lib/tasks/gitlab/elastic.rake) | Indexes all wikis from the groups where Elasticsearch is enabled. |
| [`sudo gitlab-rake gitlab:elastic:index_projects_status`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/lib/tasks/gitlab/elastic.rake) | Determines the overall indexing status of all project repository data (code, commits, and wikis). The status is calculated by dividing the number of indexed projects by the total number of projects and multiplying by 100. This task does not include non-repository data such as issues, merge requests, or milestones. |
| [`sudo gitlab-rake gitlab:elastic:clear_index_status`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/lib/tasks/gitlab/elastic.rake) | Deletes all instances of IndexStatus for all projects. This command results in a complete wipe of the index, and it should be used with caution. |
| [`sudo gitlab-rake gitlab:elastic:create_empty_index`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/lib/tasks/gitlab/elastic.rake) | Generates empty indices (the default index and a separate issues index) and assigns an alias for each on the Elasticsearch side only if it doesn't already exist. |

10
doc/integration/jira/troubleshooting.md
View File

@ -141,7 +141,10 @@ To change all Jira projects to use instance-level integration settings:
integration.inherit_from_id = default_integration.id
if integration.save(context: :manual_change)
BulkUpdateIntegrationService.new(default_integration, [integration]).execute
# In GitLab 16.9 and later:
Integrations::Propagation::BulkUpdateService.new(default_integration, [integration]).execute
# In GitLab 16.8 and earlier, instead do:
# BulkUpdateIntegrationService.new(default_integration, [integration]).execute
end
end
```
@ -175,7 +178,10 @@ To change all Jira projects in a group (and its subgroups) to use group-level in
integration.inherit_from_id = default_integration.id
if integration.save(context: :manual_change)
BulkUpdateIntegrationService.new(default_integration, [integration]).execute
# In GitLab 16.9 and later:
Integrations::Propagation::BulkUpdateService.new(default_integration, [integration]).execute
# In GitLab 16.8 and earlier, instead do:
# BulkUpdateIntegrationService.new(default_integration, [integration]).execute
end
end

10
doc/integration/omniauth.md
View File

@ -47,11 +47,11 @@ GitLab supports the following OmniAuth providers.
Before you configure the OmniAuth provider,
configure the settings that are common for all providers.
Linux package, Docker, and self-compiled | Helm chart | Description | Default value
----------------------------|------------|-------------|-----------
`allow_single_sign_on` | `allowSingleSignOn` | List of providers that automatically create a GitLab account. The provider names are available in the **OmniAuth provider name** column in the [supported providers table](#supported-providers). | `false`, which means that signing in using your OmniAuth provider account without a pre-existing GitLab account is not allowed. You must create a GitLab account first, and then connect it to your OmniAuth provider account through your profile settings.
`auto_link_ldap_user` | `autoLinkLdapUser` | Creates an LDAP identity in GitLab for users that are created through an OmniAuth provider. You can enable this setting if you have [LDAP integration](../administration/auth/ldap/index.md) enabled. Requires the `uid` of the user to be the same in both LDAP and the OmniAuth provider. | `false`
`block_auto_created_users` | `blockAutoCreatedUsers` | Places automatically-created users in a [Pending approval](../administration/moderate_users.md#users-pending-approval) state (unable to sign in) until they are approved by an administrator. | `true`. If you set the value to `false`, make sure you define providers that you can control, like SAML or Google. Otherwise, any user on the internet can sign in to GitLab without an administrator's approval.
| Linux package, Docker, and self-compiled | Helm chart | Description | Default value |
| ----------------------------|------------|-------------|-----------|
| `allow_single_sign_on` | `allowSingleSignOn` | List of providers that automatically create a GitLab account. The provider names are available in the **OmniAuth provider name** column in the [supported providers table](#supported-providers). | `false`, which means that signing in using your OmniAuth provider account without a pre-existing GitLab account is not allowed. You must create a GitLab account first, and then connect it to your OmniAuth provider account through your profile settings. |
| `auto_link_ldap_user` | `autoLinkLdapUser` | Creates an LDAP identity in GitLab for users that are created through an OmniAuth provider. You can enable this setting if you have [LDAP integration](../administration/auth/ldap/index.md) enabled. Requires the `uid` of the user to be the same in both LDAP and the OmniAuth provider. | `false` |
| `block_auto_created_users` | `blockAutoCreatedUsers` | Places automatically-created users in a [Pending approval](../administration/moderate_users.md#users-pending-approval) state (unable to sign in) until they are approved by an administrator. | `true`. If you set the value to `false`, make sure you define providers that you can control, like SAML or Google. Otherwise, any user on the internet can sign in to GitLab without an administrator's approval. |
### Configure initial settings

2
doc/tutorials/plan_and_track.md
View File

@ -14,7 +14,7 @@ issues, epics, and more.
|-------|-------------|--------------------|
| [GitLab Agile Project Management](https://levelup.gitlab.com/courses/gitlab-agile-project-management-s2) | Learn how to use planning features to manage your projects in this self-paced course. | **{star}** |
| [Build a protected workflow for your project](protected_workflow/index.md) | Set up a workflow for your teams, and enforce protections with approval rules. | |
| [Run an agile iteration](agile_sprint/index.md) | Use group, projects, and iterations to run an agile development iteration. |
| [Run an agile iteration](agile_sprint/index.md) | Use group, projects, and iterations to run an agile development iteration. | |
| [Set up a single project for issue triage](issue_triage/index.md) | Use labels to set up a project for issue triage. | **{star}** |
| [Set up issue boards for team hand-off](boards_for_teams/index.md) | Use issue boards and scoped labels to set up collaboration across many teams. | **{star}** |
| <i class="fa fa-youtube-play youtube" aria-hidden="true"></i> [Epics and issue boards](https://www.youtube.com/watch?v=eQUnHwbKEkY) | Find out how to use epics and issue boards for project management. | |

2
doc/user/application_security/dast/authentication.md
View File

@ -84,7 +84,7 @@ To run a DAST authenticated scan:
| `DAST_USERNAME` <sup>1</sup> | string | The username to authenticate to in the website. Example: `admin` |
| `DAST_USERNAME_FIELD` <sup>1</sup> | [selector](#finding-an-elements-selector) | A selector describing the element used to enter the username on the login form. Example: `name:username` |
| `DAST_AUTH_DISABLE_CLEAR_FIELDS` | boolean | Disables clearing of username and password fields before attempting manual login. Set to `false` by default. |
| `DAST_AFTER_LOGIN_ACTIONS` | string | Comma separated list of actions to be run after login but before login verification. Currently supports "click" actions. Example: `click(on=id:change_to_bar_graph),click(on=css:input[name=username])` | |
| `DAST_AFTER_LOGIN_ACTIONS` | string | Comma separated list of actions to be run after login but before login verification. Currently supports "click" actions. Example: `click(on=id:change_to_bar_graph),click(on=css:input[name=username])` |
1. Available to an on-demand proxy-based DAST scan.
1. Not available to proxy-based scans.

3
doc/user/application_security/dast/browser/configuration/variables.md
View File

@ -15,7 +15,7 @@ For authentication CI/CD variables, see [Authentication](authentication.md).
|:--------------------------------------------|:---------------------------------------------------------|----------------------------------------|:------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| `DAST_ADVERTISE_SCAN` | boolean | `true` | Set to `true` to add a `Via` header to every request sent, advertising that the request was sent as part of a GitLab DAST scan. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/334947) in GitLab 14.1. |
| `DAST_AUTH_COOKIES` | string | | Set to a comma-separated list of cookie names to specify which cookies are used for authentication. |
| `DAST_AUTH_DISABLE_CLEAR_FIELDS` | boolean | | Disables clearing of username and password fields before attempting manual login. Set to `false` by default.
| `DAST_AUTH_DISABLE_CLEAR_FIELDS` | boolean | | Disables clearing of username and password fields before attempting manual login. Set to `false` by default. |
| `DAST_AUTH_REPORT` | boolean | | Set to `true` to generate a report detailing steps taken during the authentication process. You must also define `gl-dast-debug-auth-report.html` as a CI job artifact to be able to access the generated report. The report's content aids when debugging authentication failures. |
| `DAST_AUTH_TYPE` | string | | The authentication type to use. Example: `basic-digest`. |
| `DAST_AUTH_URL` | URL | | The URL of the page containing the login form on the target website. `DAST_USERNAME` and `DAST_PASSWORD` are submitted with the login form to create an authenticated scan. Example: `https://login.example.com`. |
@ -70,6 +70,5 @@ For authentication CI/CD variables, see [Authentication](authentication.md).
| `DAST_TARGET_AVAILABILITY_TIMEOUT` | number | `60` | Time limit in seconds to wait for target availability. |
| `DAST_USERNAME` | string | | The username to authenticate to in the website. Example: `admin` |
| `DAST_USERNAME_FIELD` | [selector](authentication.md#finding-an-elements-selector) | | A selector describing the element used to enter the username on the login form. Example: `name:username` |
|
| `DAST_WEBSITE` | URL | `https://example.com` | The URL of the website to scan. |
| `SECURE_ANALYZERS_PREFIX` | URL | `registry.organization.com` | Set the Docker registry base address from which to download the analyzer. |

4
doc/user/application_security/policies/scan-execution-policies.md
View File

@ -175,8 +175,8 @@ When using the `schedule` rule type in conjunction with the `branches` field, no
Use this schema to define `agents` objects in the [`schedule` rule type](#schedule-rule-type).
| Field | Type | Required | Possible values | Description |
|--------------|---------------------|----------|--------------------------|-------------|
| Field | Type | Required | Description |
|--------------|---------------------|----------|-------------|
| `namespaces` | `array` of `string` | true | The namespace that is scanned. If empty, all namespaces are scanned. |
#### Policy example

10
doc/user/packages/generic_packages/index.md
View File

@ -51,11 +51,11 @@ PUT /projects/:id/packages/generic/:package_name/:package_version/:file_name?sta
| Attribute | Type | Required | Description |
| -------------------| --------------- | ---------| -------------------------------------------------------------------------------------------------------------------------------- |
| `id` | integer/string | yes | The ID or [URL-encoded path of the project](../../../api/rest/index.md#namespaced-path-encoding). |
| `package_name` | string | yes | The package name. It can contain only lowercase letters (`a-z`), uppercase letter (`A-Z`), numbers (`0-9`), dots (`.`), hyphens (`-`), or underscores (`_`).
| `package_version` | string | yes | The package version. The following regex validates this: `\A(\.?[\w\+-]+\.?)+\z`. You can test your version strings on [Rubular](https://rubular.com/r/aNCV0wG5K14uq8).
| `file_name` | string | yes | The filename. It can contain only lowercase letters (`a-z`), uppercase letter (`A-Z`), numbers (`0-9`), dots (`.`), hyphens (`-`), or underscores (`_`).
| `status` | string | no | The package status. It can be `default` or `hidden`. Hidden packages do not appear in the UI or [package API list endpoints](../../../api/packages.md).
| `select` | string | no | The response payload. By default, the response is empty. Valid values are: `package_file`. `package_file` returns details of the package file record created by this request.
| `package_name` | string | yes | The package name. It can contain only lowercase letters (`a-z`), uppercase letter (`A-Z`), numbers (`0-9`), dots (`.`), hyphens (`-`), or underscores (`_`). |
| `package_version` | string | yes | The package version. The following regex validates this: `\A(\.?[\w\+-]+\.?)+\z`. You can test your version strings on [Rubular](https://rubular.com/r/aNCV0wG5K14uq8). |
| `file_name` | string | yes | The filename. It can contain only lowercase letters (`a-z`), uppercase letter (`A-Z`), numbers (`0-9`), dots (`.`), hyphens (`-`), or underscores (`_`). |
| `status` | string | no | The package status. It can be `default` or `hidden`. Hidden packages do not appear in the UI or [package API list endpoints](../../../api/packages.md). |
| `select` | string | no | The response payload. By default, the response is empty. Valid values are: `package_file`. `package_file` returns details of the package file record created by this request. |
Provide the file context in the request body.

6
doc/user/packages/terraform_module_registry/index.md
View File

@ -60,9 +60,9 @@ PUT /projects/:id/packages/terraform/modules/:module-name/:module-system/:module
| Attribute | Type | Required | Description |
| -------------------| --------------- | ---------| -------------------------------------------------------------------------------------------------------------------------------- |
| `id` | integer/string | yes | The ID or [URL-encoded path of the project](../../../api/rest/index.md#namespaced-path-encoding). |
| `module-name` | string | yes | The module name. **Supported syntax**: One to 64 ASCII characters, including lowercase letters (a-z) and digits (0-9). The module name can't exceed 64 characters.
| `module-system` | string | yes | The module system. **Supported syntax**: One to 64 ASCII characters, including lowercase letters (a-z) and digits (0-9). The module system can't exceed 64 characters. More information can be found in the [Terraform Module Registry protocol documentation](https://www.terraform.io/internals/module-registry-protocol).
| `module-version` | string | yes | The module version. It must be valid according to the [semantic versioning specification](https://semver.org/).
| `module-name` | string | yes | The module name. **Supported syntax**: One to 64 ASCII characters, including lowercase letters (a-z) and digits (0-9). The module name can't exceed 64 characters. |
| `module-system` | string | yes | The module system. **Supported syntax**: One to 64 ASCII characters, including lowercase letters (a-z) and digits (0-9). The module system can't exceed 64 characters. More information can be found in the [Terraform Module Registry protocol documentation](https://www.terraform.io/internals/module-registry-protocol). |
| `module-version` | string | yes | The module version. It must be valid according to the [semantic versioning specification](https://semver.org/). |
Provide the file content in the request body.

8
doc/user/project/codeowners/index.md
View File

@ -33,10 +33,10 @@ For example:
| Type | Name | Scope | Comment |
|------|------|--------|------------|
| Approval rule | UX | All files | A user experience (UX) team member reviews the user experience of all changes made in your project.
| Approval rule | Security | All files | A security team member reviews all changes for vulnerabilities.
| Code Owner approval rule | Frontend: Code Style | `*.css` files | A frontend engineer reviews CSS file changes for adherence to project style standards.
| Code Owner approval rule | Backend: Code Review | `*.rb` files | A backend engineer reviews the logic and code style of Ruby files.
| Approval rule | UX | All files | A user experience (UX) team member reviews the user experience of all changes made in your project. |
| Approval rule | Security | All files | A security team member reviews all changes for vulnerabilities. |
| Code Owner approval rule | Frontend: Code Style | `*.css` files | A frontend engineer reviews CSS file changes for adherence to project style standards. |
| Code Owner approval rule | Backend: Code Review | `*.rb` files | A backend engineer reviews the logic and code style of Ruby files. |
<div class="video-fallback">
Video introduction: <a href="https://www.youtube.com/watch?v=RoyBySTUSB0">Code Owners</a>.

2
doc/user/project/pages/redirects.md
View File

@ -23,7 +23,7 @@ are supported.
| Feature | Supported | Example |
| ------- | --------- | ------- |
| [Redirects (`301`, `302`)](#redirects) | **{check-circle}** Yes | `/wardrobe.html /narnia.html 302`
| [Redirects (`301`, `302`)](#redirects) | **{check-circle}** Yes | `/wardrobe.html /narnia.html 302` |
| [Rewrites (`200`)](#rewrites) | **{check-circle}** Yes | `/* / 200` |
| [Splats](#splats) | **{check-circle}** Yes | `/news/* /blog/:splat` |
| [Placeholders](#placeholders) | **{check-circle}** Yes | `/news/:year/:month/:date /blog-:year-:month-:date.html` |

4
doc/user/project/repository/code_suggestions/index.md
View File

@ -63,8 +63,8 @@ To use Code Suggestions, use one of these editor extensions:
| VSCode | [VS Code GitLab Workflow extension](https://marketplace.visualstudio.com/items?itemName=GitLab.gitlab-workflow)|
| [GitLab WebIDE (VS Code in the Cloud)](../../../project/web_ide/index.md) | No configuration required. |
| Microsoft Visual Studio | [Visual Studio GitLab extension](https://marketplace.visualstudio.com/items?itemName=GitLab.GitLabExtensionForVisualStudio) |
JetBrains IDEs | [GitLab plugin](https://plugins.jetbrains.com/plugin/22325-gitlab) |
Neovim | [`gitlab.vim` plugin](https://gitlab.com/gitlab-org/editor-extensions/gitlab.vim) |
| JetBrains IDEs | [GitLab plugin](https://plugins.jetbrains.com/plugin/22325-gitlab) |
| Neovim | [`gitlab.vim` plugin](https://gitlab.com/gitlab-org/editor-extensions/gitlab.vim) |
A [GitLab Language Server](https://gitlab.com/gitlab-org/editor-extensions/gitlab-lsp) is used in VS Code, Visual Studio, and Neovim. The Language Server supports faster iteration across more platforms. You can also configure it to support Code Suggestions in IDEs where GitLab doesn't provide official support.

105
doc/user/project/troubleshooting.md Normal file
View File

@ -0,0 +1,105 @@
---
stage: Data Stores
group: Tenant Scale
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Troubleshooting projects
When working with projects, you might encounter the following issues, or require alternate methods to complete specific tasks.
## `An error occurred while fetching commit data`
When you visit a project, the message `An error occurred while fetching commit data` might be displayed
if you use an ad blocker in your browser. The solution is to disable your ad blocker
for the GitLab instance you are trying to access.
## Find projects using an SQL query
While in [a Rails console session](../../administration/operations/rails_console.md#starting-a-rails-console-session), you can find and store an array of projects based on a SQL query:
```ruby
# Finds projects that end with '%ject'
projects = Project.find_by_sql("SELECT * FROM projects WHERE name LIKE '%ject'")
=> [#<Project id:12 root/my-first-project>>, #<Project id:13 root/my-second-project>>]
```
## Clear a project's or repository's cache
If a project or repository has been updated but the state is not reflected in the UI, you may need to clear the project's or repository's cache.
You can do so through [a Rails console session](../../administration/operations/rails_console.md#starting-a-rails-console-session) and one of the following:
WARNING:
Commands that change data can cause damage if not run correctly or under the right conditions. Always run commands in a test environment first and have a backup instance ready to restore.
```ruby
## Clear project cache
ProjectCacheWorker.perform_async(project.id)
## Clear repository .exists? cache
project.repository.expire_exists_cache
```
## Find projects that are pending deletion
If you need to find all projects marked for deletion but that have not yet been deleted,
[start a Rails console session](../../administration/operations/rails_console.md#starting-a-rails-console-session) and run the following:
```ruby
projects = Project.where(pending_delete: true)
projects.each do |p|
puts "Project ID: #{p.id}"
puts "Project name: #{p.name}"
puts "Repository path: #{p.repository.full_path}"
end
```
## Delete a project using console
If a project cannot be deleted, you can attempt to delete it through [Rails console](../../administration/operations/rails_console.md#starting-a-rails-console-session).
WARNING:
Commands that change data can cause damage if not run correctly or under the right conditions. Always run commands in a test environment first and have a backup instance ready to restore.
```ruby
project = Project.find_by_full_path('<project_path>')
user = User.find_by_username('<username>')
ProjectDestroyWorker.new.perform(project.id, user.id, {})
```
If this fails, display why it doesn't work with:
```ruby
project = Project.find_by_full_path('<project_path>')
project.delete_error
```
## Toggle a feature for all projects within a group
While toggling a feature in a project can be done through the [projects API](../../api/projects.md),
you may need to do this for a large number of projects.
To toggle a specific feature, you can [start a Rails console session](../../administration/operations/rails_console.md#starting-a-rails-console-session)
and run the following function:
WARNING:
Commands that change data can cause damage if not run correctly or under the right conditions. Always run commands in a test environment first and have a backup instance ready to restore.
```ruby
projects = Group.find_by_name('_group_name').projects
projects.each do |p|
## replace <feature-name> with the appropriate feature name in all instances
state = p.<feature-name>
if state != 0
puts "#{p.name} has <feature-name> already enabled. Skipping..."
else
puts "#{p.name} didn't have <feature-name> enabled. Enabling..."
p.project_feature.update!(<feature-name>: ProjectFeature::PRIVATE)
end
end
```
To find features that can be toggled, run `pp p.project_feature`.
Available permission levels are listed in
[concerns/featurable.rb](https://gitlab.com/gitlab-org/gitlab/blob/master/app/models/concerns/featurable.rb).

104
doc/user/project/working_with_projects.md
View File

@ -104,7 +104,7 @@ To delete a project:
This action deletes the project and all associated resources (such as issues and merge requests).
You can also [delete projects using the Rails console](#delete-a-project-using-console).
You can also [delete projects using the Rails console](troubleshooting.md#delete-a-project-using-console).
### Delayed project deletion
@ -127,7 +127,7 @@ On SaaS, there is a non-adjustable default retention period of seven days.
You can [view projects that are pending deletion](#view-projects-pending-deletion),
and use the Rails console to
[find projects that are pending deletion](#find-projects-that-are-pending-deletion).
[find projects that are pending deletion](troubleshooting.md#find-projects-that-are-pending-deletion).
### Delete a project immediately
@ -351,106 +351,6 @@ repository. For example, if an administrator creates the alias `gitlab` for the
`https://gitlab.com/gitlab-org/gitlab`, you can clone the project with
`git clone git@gitlab.com:gitlab.git` instead of `git clone git@gitlab.com:gitlab-org/gitlab.git`.
## Troubleshooting
When working with projects, you might encounter the following issues, or require alternate methods to complete specific tasks.
### `An error occurred while fetching commit data`
When you visit a project, the message `An error occurred while fetching commit data` might be displayed
if you use an ad blocker in your browser. The solution is to disable your ad blocker
for the GitLab instance you are trying to access.
### Find projects using an SQL query
While in [a Rails console session](../../administration/operations/rails_console.md#starting-a-rails-console-session), you can find and store an array of projects based on a SQL query:
```ruby
# Finds projects that end with '%ject'
projects = Project.find_by_sql("SELECT * FROM projects WHERE name LIKE '%ject'")
=> [#<Project id:12 root/my-first-project>>, #<Project id:13 root/my-second-project>>]
```
### Clear a project's or repository's cache
If a project or repository has been updated but the state is not reflected in the UI, you may need to clear the project's or repository's cache.
You can do so through [a Rails console session](../../administration/operations/rails_console.md#starting-a-rails-console-session) and one of the following:
WARNING:
Commands that change data can cause damage if not run correctly or under the right conditions. Always run commands in a test environment first and have a backup instance ready to restore.
```ruby
## Clear project cache
ProjectCacheWorker.perform_async(project.id)
## Clear repository .exists? cache
project.repository.expire_exists_cache
```
### Find projects that are pending deletion
If you need to find all projects marked for deletion but that have not yet been deleted,
[start a Rails console session](../../administration/operations/rails_console.md#starting-a-rails-console-session) and run the following:
```ruby
projects = Project.where(pending_delete: true)
projects.each do |p|
puts "Project ID: #{p.id}"
puts "Project name: #{p.name}"
puts "Repository path: #{p.repository.full_path}"
end
```
### Delete a project using console
If a project cannot be deleted, you can attempt to delete it through [Rails console](../../administration/operations/rails_console.md#starting-a-rails-console-session).
WARNING:
Commands that change data can cause damage if not run correctly or under the right conditions. Always run commands in a test environment first and have a backup instance ready to restore.
```ruby
project = Project.find_by_full_path('<project_path>')
user = User.find_by_username('<username>')
ProjectDestroyWorker.new.perform(project.id, user.id, {})
```
If this fails, display why it doesn't work with:
```ruby
project = Project.find_by_full_path('<project_path>')
project.delete_error
```
### Toggle a feature for all projects within a group
While toggling a feature in a project can be done through the [projects API](../../api/projects.md),
you may need to do this for a large number of projects.
To toggle a specific feature, you can [start a Rails console session](../../administration/operations/rails_console.md#starting-a-rails-console-session)
and run the following function:
WARNING:
Commands that change data can cause damage if not run correctly or under the right conditions. Always run commands in a test environment first and have a backup instance ready to restore.
```ruby
projects = Group.find_by_name('_group_name').projects
projects.each do |p|
## replace <feature-name> with the appropriate feature name in all instances
state = p.<feature-name>
if state != 0
puts "#{p.name} has <feature-name> already enabled. Skipping..."
else
puts "#{p.name} didn't have <feature-name> enabled. Enabling..."
p.project_feature.update!(<feature-name>: ProjectFeature::PRIVATE)
end
end
```
To find features that can be toggled, run `pp p.project_feature`.
Available permission levels are listed in
[concerns/featurable.rb](https://gitlab.com/gitlab-org/gitlab/blob/master/app/models/concerns/featurable.rb).
## Related topics
- [Import a project](../../user/project/import/index.md).

75
spec/controllers/projects/merge_requests/creations_controller_spec.rb
View File

@ -6,15 +6,18 @@ RSpec.describe Projects::MergeRequests::CreationsController, feature_category: :
let(:project) { create(:project, :repository) }
let(:user) { project.first_owner }
let(:fork_project) { create(:forked_project_with_submodules) }
let(:base_params) do
{ project_id: fork_project, namespace_id: fork_project.namespace.to_param }
end
let(:get_diff_params) do
{
namespace_id: fork_project.namespace.to_param,
project_id: fork_project,
base_params.merge(
merge_request: {
source_branch: 'remove-submodule',
target_branch: 'master'
}
}
)
end
before do
@ -36,14 +39,12 @@ RSpec.describe Projects::MergeRequests::CreationsController, feature_category: :
render_views
let(:large_diff_params) do
{
namespace_id: fork_project.namespace.to_param,
project_id: fork_project,
base_params.merge(
merge_request: {
source_branch: 'master',
target_branch: 'fix'
}
}
)
end
describe 'with artificial limits' do
@ -78,6 +79,30 @@ RSpec.describe Projects::MergeRequests::CreationsController, feature_category: :
expect(response).to have_gitlab_http_status(:ok)
end
end
context 'with tracking' do
let(:base_params) do
{ project_id: project, namespace_id: project.namespace.to_param }
end
context 'when webide source' do
it_behaves_like 'internal event tracking' do
let(:event) { 'create_mr_web_ide' }
subject { get :new, params: base_params.merge(nav_source: 'webide') }
end
end
context 'when after push link' do
it_behaves_like 'internal event tracking' do
let(:event) { 'visit_after_push_link_or_create_mr_banner' }
subject do
get :new, params: base_params.merge(merge_request: { source_branch: 'feature' })
end
end
end
end
end
describe 'GET diffs' do
@ -184,12 +209,7 @@ RSpec.describe Projects::MergeRequests::CreationsController, feature_category: :
expect(Ability).to receive(:allowed?).with(user, :read_project, project) { true }
expect(Ability).to receive(:allowed?).with(user, :create_merge_request_in, project) { true }.at_least(:once)
get :branch_to, params: {
namespace_id: fork_project.namespace,
project_id: fork_project,
target_project_id: project.id,
ref: 'master'
}
get :branch_to, params: base_params.merge(target_project_id: project.id, ref: 'master')
expect(assigns(:commit)).not_to be_nil
expect(response).to have_gitlab_http_status(:ok)
@ -199,12 +219,7 @@ RSpec.describe Projects::MergeRequests::CreationsController, feature_category: :
expect(Ability).to receive(:allowed?).with(user, :read_project, project) { true }
expect(Ability).to receive(:allowed?).with(user, :create_merge_request_in, project) { false }.at_least(:once)
get :branch_to, params: {
namespace_id: fork_project.namespace,
project_id: fork_project,
target_project_id: project.id,
ref: 'master'
}
get :branch_to, params: base_params.merge(target_project_id: project.id, ref: 'master')
expect(assigns(:commit)).to be_nil
expect(response).to have_gitlab_http_status(:ok)
@ -214,12 +229,7 @@ RSpec.describe Projects::MergeRequests::CreationsController, feature_category: :
expect(Ability).to receive(:allowed?).with(user, :read_project, project) { false }
expect(Ability).to receive(:allowed?).with(user, :create_merge_request_in, project) { true }.at_least(:once)
get :branch_to, params: {
namespace_id: fork_project.namespace,
project_id: fork_project,
target_project_id: project.id,
ref: 'master'
}
get :branch_to, params: base_params.merge(target_project_id: project.id, ref: 'master')
expect(assigns(:commit)).to be_nil
expect(response).to have_gitlab_http_status(:ok)
@ -244,12 +254,7 @@ RSpec.describe Projects::MergeRequests::CreationsController, feature_category: :
context 'project is a fork' do
it 'calls to project defaults to selects a correct target project' do
get :branch_to,
params: {
namespace_id: fork_project.namespace,
project_id: fork_project,
ref: 'master'
}
get :branch_to, params: base_params.merge(ref: 'master')
expect(assigns(:target_project)).to eq(project)
expect(response).to have_gitlab_http_status(:ok)
@ -260,15 +265,13 @@ RSpec.describe Projects::MergeRequests::CreationsController, feature_category: :
describe 'POST create' do
let(:params) do
{
namespace_id: fork_project.namespace.to_param,
project_id: fork_project,
base_params.merge(
merge_request: {
title: 'Test merge request',
source_branch: 'remove-submodule',
target_branch: 'master'
}
}
)
end
it 'creates merge request' do

21
spec/helpers/projects/issues_helper_spec.rb Normal file
View File

@ -0,0 +1,21 @@
# frozen_string_literal: true
require 'spec_helper'
RSpec.describe Projects::IssuesHelper, feature_category: :team_planning do
describe '#create_mr_tracking_data' do
using RSpec::Parameterized::TableSyntax
where(:can_create_mr, :can_create_confidential_mr, :tracking_data) do
true | true | { event_tracking: 'click_create_confidential_mr_issues_list' }
true | false | { event_tracking: 'click_create_mr_issues_list' }
false | false | {}
end
with_them do
it do
expect(create_mr_tracking_data(can_create_mr, can_create_confidential_mr)).to eq(tracking_data)
end
end
end
end

98
spec/models/bulk_imports/export_status_spec.rb
View File

@ -2,7 +2,7 @@
require 'spec_helper'
RSpec.describe BulkImports::ExportStatus, :clean_gitlab_redis_cache, feature_category: :importers do
RSpec.describe BulkImports::ExportStatus, :clean_gitlab_redis_cache, :clean_gitlab_redis_shared_state, feature_category: :importers do
let_it_be(:relation) { 'labels' }
let_it_be(:import) { create(:bulk_import) }
let_it_be(:config) { create(:bulk_import_configuration, bulk_import: import) }
@ -27,7 +27,7 @@ RSpec.describe BulkImports::ExportStatus, :clean_gitlab_redis_cache, feature_cat
)
end
subject { described_class.new(tracker, relation) }
subject(:export_status) { described_class.new(tracker, relation) }
before do
allow_next_instance_of(BulkImports::Clients::HTTP) do |client|
@ -40,7 +40,7 @@ RSpec.describe BulkImports::ExportStatus, :clean_gitlab_redis_cache, feature_cat
let(:status) { BulkImports::Export::STARTED }
it 'returns true' do
expect(subject.started?).to eq(true)
expect(export_status.started?).to eq(true)
end
end
@ -48,7 +48,7 @@ RSpec.describe BulkImports::ExportStatus, :clean_gitlab_redis_cache, feature_cat
let(:status) { BulkImports::Export::FAILED }
it 'returns false' do
expect(subject.started?).to eq(false)
expect(export_status.started?).to eq(false)
end
end
@ -58,7 +58,7 @@ RSpec.describe BulkImports::ExportStatus, :clean_gitlab_redis_cache, feature_cat
end
it 'returns false' do
expect(subject.started?).to eq(false)
expect(export_status.started?).to eq(false)
end
end
@ -72,7 +72,7 @@ RSpec.describe BulkImports::ExportStatus, :clean_gitlab_redis_cache, feature_cat
end
it 'returns false' do
expect(subject.started?).to eq(false)
expect(export_status.started?).to eq(false)
end
end
end
@ -82,7 +82,7 @@ RSpec.describe BulkImports::ExportStatus, :clean_gitlab_redis_cache, feature_cat
let(:status) { BulkImports::Export::FAILED }
it 'returns true' do
expect(subject.failed?).to eq(true)
expect(export_status.failed?).to eq(true)
end
end
@ -90,7 +90,7 @@ RSpec.describe BulkImports::ExportStatus, :clean_gitlab_redis_cache, feature_cat
let(:status) { BulkImports::Export::STARTED }
it 'returns false' do
expect(subject.failed?).to eq(false)
expect(export_status.failed?).to eq(false)
end
end
@ -100,7 +100,7 @@ RSpec.describe BulkImports::ExportStatus, :clean_gitlab_redis_cache, feature_cat
end
it 'returns false' do
expect(subject.failed?).to eq(false)
expect(export_status.failed?).to eq(false)
end
end
@ -114,7 +114,7 @@ RSpec.describe BulkImports::ExportStatus, :clean_gitlab_redis_cache, feature_cat
end
it 'returns true' do
expect(subject.failed?).to eq(true)
expect(export_status.failed?).to eq(true)
end
end
end
@ -123,7 +123,7 @@ RSpec.describe BulkImports::ExportStatus, :clean_gitlab_redis_cache, feature_cat
context 'when export status is present' do
let(:status) { 'any status' }
it { expect(subject.empty?).to eq(false) }
it { expect(export_status.empty?).to eq(false) }
end
context 'when export status is not present' do
@ -132,7 +132,7 @@ RSpec.describe BulkImports::ExportStatus, :clean_gitlab_redis_cache, feature_cat
end
it 'returns true' do
expect(subject.empty?).to eq(true)
expect(export_status.empty?).to eq(true)
end
end
@ -142,7 +142,7 @@ RSpec.describe BulkImports::ExportStatus, :clean_gitlab_redis_cache, feature_cat
end
it 'returns true' do
expect(subject.empty?).to eq(true)
expect(export_status.empty?).to eq(true)
end
end
@ -156,7 +156,7 @@ RSpec.describe BulkImports::ExportStatus, :clean_gitlab_redis_cache, feature_cat
end
it 'returns false' do
expect(subject.empty?).to eq(false)
expect(export_status.empty?).to eq(false)
end
end
end
@ -165,7 +165,7 @@ RSpec.describe BulkImports::ExportStatus, :clean_gitlab_redis_cache, feature_cat
let(:status) { BulkImports::Export::FAILED }
it 'returns error message' do
expect(subject.error).to eq('error!')
expect(export_status.error).to eq('error!')
end
context 'when something goes wrong during export status fetch' do
@ -180,13 +180,13 @@ RSpec.describe BulkImports::ExportStatus, :clean_gitlab_redis_cache, feature_cat
it 'raises RetryPipelineError' do
allow(exception).to receive(:retriable?).with(tracker).and_return(true)
expect { subject.failed? }.to raise_error(BulkImports::RetryPipelineError)
expect { export_status.failed? }.to raise_error(BulkImports::RetryPipelineError)
end
context 'when error is not retriable' do
it 'returns exception class as error' do
expect(subject.error).to eq('Error!')
expect(subject.failed?).to eq(true)
expect(export_status.error).to eq('Error!')
expect(export_status.failed?).to eq(true)
end
end
@ -196,8 +196,8 @@ RSpec.describe BulkImports::ExportStatus, :clean_gitlab_redis_cache, feature_cat
allow(client).to receive(:get).once.and_raise(StandardError, 'Standard Error!')
end
expect(subject.error).to eq('Standard Error!')
expect(subject.failed?).to eq(true)
expect(export_status.error).to eq('Standard Error!')
expect(export_status.failed?).to eq(true)
end
end
end
@ -211,13 +211,13 @@ RSpec.describe BulkImports::ExportStatus, :clean_gitlab_redis_cache, feature_cat
let(:batched) { true }
it 'returns true' do
expect(subject.batched?).to eq(true)
expect(export_status.batched?).to eq(true)
end
end
context 'when export is not batched' do
it 'returns false' do
expect(subject.batched?).to eq(false)
expect(export_status.batched?).to eq(false)
end
end
@ -227,7 +227,7 @@ RSpec.describe BulkImports::ExportStatus, :clean_gitlab_redis_cache, feature_cat
end
it 'returns false' do
expect(subject.batched?).to eq(false)
expect(export_status.batched?).to eq(false)
end
end
end
@ -235,7 +235,7 @@ RSpec.describe BulkImports::ExportStatus, :clean_gitlab_redis_cache, feature_cat
describe '#batches_count' do
context 'when batches count is present' do
it 'returns batches count' do
expect(subject.batches_count).to eq(1)
expect(export_status.batches_count).to eq(1)
end
end
@ -245,7 +245,7 @@ RSpec.describe BulkImports::ExportStatus, :clean_gitlab_redis_cache, feature_cat
end
it 'returns 0' do
expect(subject.batches_count).to eq(0)
expect(export_status.batches_count).to eq(0)
end
end
end
@ -262,22 +262,22 @@ RSpec.describe BulkImports::ExportStatus, :clean_gitlab_redis_cache, feature_cat
context 'when batch number is in range' do
it 'returns batch information' do
expect(subject.batch(1)['relation']).to eq('labels')
expect(subject.batch(2)['relation']).to eq('milestones')
expect(subject.batch(3)).to eq(nil)
expect(export_status.batch(1)['relation']).to eq('labels')
expect(export_status.batch(2)['relation']).to eq('milestones')
expect(export_status.batch(3)).to eq(nil)
end
end
end
context 'when batch number is less than 1' do
it 'raises error' do
expect { subject.batch(0) }.to raise_error(ArgumentError)
expect { export_status.batch(0) }.to raise_error(ArgumentError)
end
end
context 'when export is not batched' do
it 'returns nil' do
expect(subject.batch(1)).to eq(nil)
expect(export_status.batch(1)).to eq(nil)
end
end
end
@ -285,8 +285,8 @@ RSpec.describe BulkImports::ExportStatus, :clean_gitlab_redis_cache, feature_cat
describe 'caching' do
let(:cached_status) do
subject.send(:status)
subject.send(:status_from_cache)
export_status.send(:status)
export_status.send(:status_from_cache)
end
shared_examples 'does not result in a cached status' do
@ -341,8 +341,8 @@ RSpec.describe BulkImports::ExportStatus, :clean_gitlab_redis_cache, feature_cat
let(:status) { BulkImports::Export::FAILED }
it 'fetches the status from the remote' do
expect(subject).to receive(:status_from_remote).and_call_original
expect(subject.send(:status)).to include('status' => status)
expect(export_status).to receive(:status_from_remote).and_call_original
expect(export_status.send(:status)).to include('status' => status)
end
end
@ -357,8 +357,8 @@ RSpec.describe BulkImports::ExportStatus, :clean_gitlab_redis_cache, feature_cat
end
it 'does not fetch the status from the remote' do
expect(subject).not_to receive(:status_from_remote)
expect(subject.send(:status)).to eq({ 'status' => 'mock status' })
expect(export_status).not_to receive(:status_from_remote)
expect(export_status.send(:status)).to eq({ 'status' => 'mock status' })
end
context 'with a different entity' do
@ -367,8 +367,8 @@ RSpec.describe BulkImports::ExportStatus, :clean_gitlab_redis_cache, feature_cat
end
it 'fetches the status from the remote' do
expect(subject).to receive(:status_from_remote).and_call_original
expect(subject.send(:status)).to include('status' => status)
expect(export_status).to receive(:status_from_remote).and_call_original
expect(export_status.send(:status)).to include('status' => status)
end
end
@ -383,18 +383,30 @@ RSpec.describe BulkImports::ExportStatus, :clean_gitlab_redis_cache, feature_cat
end
it 'fetches the status from the remote' do
expect(subject).to receive(:status_from_remote).and_call_original
expect(subject.send(:status)).to include('status' => status)
expect(export_status).to receive(:status_from_remote).and_call_original
expect(export_status.send(:status)).to include('status' => status)
end
end
end
end
describe '#total_objects_count' do
let(:status) { BulkImports::Export::FINISHED }
context 'when status is present' do
let(:status) { BulkImports::Export::FINISHED }
it 'returns total objects count' do
expect(subject.total_objects_count).to eq(1)
it 'returns total objects count' do
expect(export_status.total_objects_count).to eq(1)
end
end
context 'when status is not present due to an error' do
let(:response_double) do
instance_double(HTTParty::Response, parsed_response: [])
end
it 'returns 0' do
expect(export_status.total_objects_count).to eq(0)
end
end
end
end

31
spec/models/data_list_spec.rb
View File

@ -1,31 +0,0 @@
# frozen_string_literal: true
require 'spec_helper'
RSpec.describe DataList do
describe '#to_array' do
let(:jira_integration) { create(:jira_integration) }
let(:zentao_integration) { create(:zentao_integration) }
let(:cases) do
[
[jira_integration, 'Integrations::JiraTrackerData', 'integration_id'],
[zentao_integration, 'Integrations::ZentaoTrackerData', 'integration_id']
]
end
def data_list(integration)
DataList.new([integration], integration.to_database_hash, integration.data_fields.class).to_array
end
it 'returns current data' do
cases.each do |integration, data_fields_class_name, foreign_key|
data_fields_klass, columns, values_items = data_list(integration)
expect(data_fields_klass.to_s).to eq data_fields_class_name
expect(columns.last).to eq foreign_key
values = values_items.first
expect(values.last).to eq integration.id
end
end
end
end

22
spec/models/integrations/integration_list_spec.rb
View File

@ -1,22 +0,0 @@
# frozen_string_literal: true
require 'spec_helper'
RSpec.describe Integrations::IntegrationList, feature_category: :integrations do
let_it_be(:projects) { create_pair(:project, :small_repo) }
let(:batch) { Project.where(id: projects.pluck(:id)) }
let(:integration_hash) { { 'active' => 'true', 'category' => 'common' } }
let(:association) { 'project' }
subject { described_class.new(batch, integration_hash, association) }
describe '#to_array' do
it 'returns array of Integration, columns, and values' do
expect(subject.to_array).to match_array([
Integration,
%w[active category project_id],
contain_exactly(['true', 'common', projects.first.id], ['true', 'common', projects.second.id])
])
end
end
end

14
spec/services/bulk_create_integration_service_spec.rb → spec/services/integrations/propagation/bulk_create_service_spec.rb
View File

@ -2,7 +2,7 @@
require 'spec_helper'
RSpec.describe BulkCreateIntegrationService, feature_category: :integrations do
RSpec.describe Integrations::Propagation::BulkCreateService, feature_category: :integrations do
include JiraIntegrationHelpers
before_all do
@ -32,7 +32,7 @@ RSpec.describe BulkCreateIntegrationService, feature_category: :integrations do
expect(attributes(created_integration)).to eq attributes(integration)
end
context 'integration with data fields' do
context 'when integration has data fields' do
let(:excluded_attributes) { %w[id service_id integration_id created_at updated_at] }
it 'updates the data fields from inherited integrations' do
@ -68,7 +68,7 @@ RSpec.describe BulkCreateIntegrationService, feature_category: :integrations do
end
end
context 'passing an instance-level integration' do
context 'with an instance-level integration' do
let(:integration) { instance_integration }
let(:inherit_from_id) { integration.id }
@ -91,14 +91,14 @@ RSpec.describe BulkCreateIntegrationService, feature_category: :integrations do
end
end
context 'passing a group integration' do
context 'with a group-level integration' do
let_it_be(:group) { create(:group) }
context 'with a project association' do
let!(:project) { create(:project, group: group) }
let(:integration) { create(:jira_integration, :group, group: group) }
let(:created_integration) { project.jira_integration }
let(:batch) { Project.where(id: Project.minimum(:id)..Project.maximum(:id)).without_integration(integration).in_namespace(integration.group.self_and_descendants) }
let(:batch) { Project.without_integration(integration).in_namespace(integration.group.self_and_descendants) }
let(:association) { 'project' }
let(:inherit_from_id) { integration.id }
@ -123,7 +123,9 @@ RSpec.describe BulkCreateIntegrationService, feature_category: :integrations do
it_behaves_like 'creates integration successfully'
context 'with different foreign key of data_fields' do
let(:integration) { create(:zentao_integration, :group, group: group, inherit_from_id: instance_integration.id) }
let(:integration) do
create(:zentao_integration, :group, group: group, inherit_from_id: instance_integration.id)
end
it_behaves_like 'creates integration successfully'
end

6
spec/services/bulk_update_integration_service_spec.rb → spec/services/integrations/propagation/bulk_update_service_spec.rb
View File

@ -2,7 +2,7 @@
require 'spec_helper'
RSpec.describe BulkUpdateIntegrationService, feature_category: :integrations do
RSpec.describe Integrations::Propagation::BulkUpdateService, feature_category: :integrations do
include JiraIntegrationHelpers
before_all do
@ -17,7 +17,9 @@ RSpec.describe BulkUpdateIntegrationService, feature_category: :integrations do
end
let(:batch) do
Integration.inherited_descendants_from_self_or_ancestors_from(subgroup_integration).where(id: group_integration.id..integration.id)
Integration
.inherited_descendants_from_self_or_ancestors_from(subgroup_integration)
.where(id: group_integration.id..integration.id)
end
let_it_be(:group) { create(:group) }

24
spec/services/merge_requests/after_create_service_spec.rb
View File

@ -69,8 +69,15 @@ RSpec.describe MergeRequests::AfterCreateService, feature_category: :code_review
execute_service
end
it 'executes hooks with default action' do
expect(project).to receive(:execute_hooks)
it 'executes hooks and integrations' do
expected_payload = hash_including(
object_kind: 'merge_request',
event_type: 'merge_request',
object_attributes: be_present
)
expect(project).to receive(:execute_hooks).with(expected_payload, :merge_request_hooks)
expect(project).to receive(:execute_integrations).with(expected_payload, :merge_request_hooks)
execute_service
end
@ -108,6 +115,19 @@ RSpec.describe MergeRequests::AfterCreateService, feature_category: :code_review
execute_service
end
it 'executes hooks and integrations with correct merge_status' do
expected_payload = hash_including(
object_attributes: hash_including(
merge_status: 'checking'
)
)
expect(project).to receive(:execute_hooks).with(expected_payload, :merge_request_hooks)
expect(project).to receive(:execute_integrations).with(expected_payload, :merge_request_hooks)
execute_service
end
context 'when preparing for mergeability fails' do
before do
# This is only one of the possible cases that can fail. This is to

5
spec/spec_helper.rb
View File

@ -225,7 +225,10 @@ RSpec.configure do |config|
# Gradually stop using rspec-retry
# See https://gitlab.com/gitlab-org/gitlab/-/issues/438388
%i[lib migrations models requests services].each do |type|
%i[
lib migrations models requests services sidekiq sidekiq_cluster
spam support_specs tasks tooling uploaders validators views workers
].each do |type|
config.prepend_before(:each, type: type) do |example|
example.metadata[:retry] = 1
end

1
spec/support/rspec_order_todo.yml
View File

@ -7176,7 +7176,6 @@
- './spec/models/customer_relations/issue_contact_spec.rb'
- './spec/models/customer_relations/organization_spec.rb'
- './spec/models/cycle_analytics/project_level_stage_adapter_spec.rb'
- './spec/models/data_list_spec.rb'
- './spec/models/dependency_proxy/blob_spec.rb'
- './spec/models/dependency_proxy/group_setting_spec.rb'
- './spec/models/dependency_proxy/image_ttl_group_policy_spec.rb'

10
spec/workers/propagate_integration_group_worker_spec.rb
View File

@ -13,8 +13,8 @@ RSpec.describe PropagateIntegrationGroupWorker, feature_category: :integrations
let(:job_args) { [integration.id, group.id, subgroup2.id] }
it_behaves_like 'an idempotent worker' do
it 'calls to BulkCreateIntegrationService' do
expect(BulkCreateIntegrationService).to receive(:new)
it 'calls to Integrations::Propagation::BulkCreateService' do
expect(Integrations::Propagation::BulkCreateService).to receive(:new)
.with(integration, match_array([group, another_group, subgroup1, subgroup2]), 'group').twice
.and_return(double(execute: nil))
@ -24,8 +24,8 @@ RSpec.describe PropagateIntegrationGroupWorker, feature_category: :integrations
context 'with a group integration' do
let_it_be(:integration) { create(:redmine_integration, :group, group: group) }
it 'calls to BulkCreateIntegrationService' do
expect(BulkCreateIntegrationService).to receive(:new)
it 'calls to Integrations::Propagation::BulkCreateService' do
expect(Integrations::Propagation::BulkCreateService).to receive(:new)
.with(integration, match_array([subgroup1, subgroup2]), 'group').twice
.and_return(double(execute: nil))
@ -36,7 +36,7 @@ RSpec.describe PropagateIntegrationGroupWorker, feature_category: :integrations
context 'with an invalid integration id' do
it 'returns without failure' do
expect(BulkCreateIntegrationService).not_to receive(:new)
expect(Integrations::Propagation::BulkCreateService).not_to receive(:new)
subject.perform(0, 1, 100)
end

6
spec/workers/propagate_integration_inherit_descendant_worker_spec.rb
View File

@ -11,8 +11,8 @@ RSpec.describe PropagateIntegrationInheritDescendantWorker, feature_category: :i
it_behaves_like 'an idempotent worker' do
let(:job_args) { [group_integration.id, subgroup_integration.id, subgroup_integration.id] }
it 'calls to BulkUpdateIntegrationService' do
expect(BulkUpdateIntegrationService).to receive(:new)
it 'calls to Integrations::Propagation::BulkUpdateService' do
expect(Integrations::Propagation::BulkUpdateService).to receive(:new)
.with(group_integration, match_array(subgroup_integration)).twice
.and_return(double(execute: nil))
@ -22,7 +22,7 @@ RSpec.describe PropagateIntegrationInheritDescendantWorker, feature_category: :i
context 'with an invalid integration id' do
it 'returns without failure' do
expect(BulkUpdateIntegrationService).not_to receive(:new)
expect(Integrations::Propagation::BulkUpdateService).not_to receive(:new)
subject.perform(0, subgroup_integration.id, subgroup_integration.id)
end

Some files were not shown because too many files have changed in this diff Show More