Add latest changes from gitlab-org/gitlab@master

2024-04-03 21:10:54 +00:00 · 2024-04-03 21:10:54 +00:00 · ae2c90b95a
parent 6d63ea6f1b
commit ae2c90b95a
7 changed files with 144 additions and 18 deletions
--- a/.gitlab/issue_templates/Remote
+++ b/.gitlab/issue_templates/Remote
@ -1,14 +1,22 @@
 MR: Pending
 <!--
-The first line of the MR must be one of the following:
+The first line of this issue description must be one of the following:

 1. `MR: Pending`
 2. `MR: <MR link with trailing +>`,
-   and the first description line of the MR should be `Issue: <Issue link with trailing +>` 
-3. `MR: No MR`
+3. If there are multiple MRs:
+   ```
+   MRs:
+   - <MR 1 link with trailing +>`
+   - <MR 2 link with trailing +>`
+   - ...
+   ```
+4. `MR: No MR`
+
+...and the first description line of the MR should be `Issue: <Issue link with trailing +>` 

 For more context, see:
-https://about.gitlab.com/handbook/engineering/development/dev/create/ide/index.html#1-to-1-relationship-of-issues-to-mrs
+https://about.gitlab.com/handbook/engineering/development/dev/create/ide/index.html#relationship-of-issues-to-mrs
 -->

 <!--
@ -21,7 +29,10 @@ https://about.gitlab.com/handbook/engineering/development/dev/create/ide/#2-pre-
 ## Description

 TODO: Fill out (required)
-`As a [user or stakeholder], I want [goal or objective] so that [reason or benefit].`
+
+As a [user or stakeholder], I want [goal or objective] so that [reason or benefit].
+
+[Provide any additional description here.]

 ## Acceptance Criteria

@ -32,22 +43,22 @@ TODO: Fill out (required)

 ## Technical Requirements

-TODO: Fill out or delete
+TODO: Fill out or delete (optional)
 [If applicable, please list out any technical requirements for this feature/enhancement.]

 ## Design Requirements

-TODO: Fill out or delete
+TODO: Fill out or delete (optional)
 [If applicable, please provide a link to the design specifications for this feature/enhancement.]

 ## Impact Assessment

-TODO: Fill out or delete
+TODO: Fill out or delete (optional)
 [Please describe the impact this feature/enhancement will have on the user experience and/or the product as a whole.]

 ## User Story

-TODO: Fill out or delete
+TODO: Fill out or delete (optional)
 [Provide a user story to illustrate the use case for this feature/enhancement. Include examples to help communicate the intended functionality.]


--- a/.gitlab/issue_templates/Web
+++ b/.gitlab/issue_templates/Web
@ -0,0 +1,79 @@
+MR: Pending
+<!--
+The first line of this issue description must be one of the following:
+
+1. `MR: Pending`
+2. `MR: <MR link with trailing +>`,
+3. If there are multiple MRs:
+   ```
+   MRs:
+   - <MR 1 link with trailing +>`
+   - <MR 2 link with trailing +>`
+   - ...
+   ```
+4. `MR: No MR`
+
+...and the first description line of the MR should be `Issue: <Issue link with trailing +>` 
+
+For more context, see:
+https://about.gitlab.com/handbook/engineering/development/dev/create/ide/index.html#relationship-of-issues-to-mrs
+-->
+
+<!--
+The following sections should be filled out as part of the refinement process before the issue is prioritized.
+
+For more context, see:
+https://about.gitlab.com/handbook/engineering/development/dev/create/ide/#2-pre-iteration-planning-meeting
+-->
+
+## Description
+
+TODO: Fill out (required)
+
+As a [user or stakeholder], I want [goal or objective] so that [reason or benefit].
+
+[Provide any additional description here.]
+
+## Acceptance Criteria
+
+TODO: Fill out (required)
+- [ ] [Describe what must be achieved to complete this issue.]
+- [ ] [Describe another requirement needed to complete this issue.]
+- [ ] [Add additional acceptance criteria as needed.]
+
+## Technical Requirements
+
+TODO: Fill out or delete (optional)
+[If applicable, please list out any technical requirements for this feature/enhancement.]
+
+## Design Requirements
+
+TODO: Fill out or delete (optional)
+[If applicable, please provide a link to the design specifications for this feature/enhancement.]
+
+## Impact Assessment
+
+TODO: Fill out or delete (optional)
+[Please describe the impact this feature/enhancement will have on the user experience and/or the product as a whole.]
+
+## User Story
+
+TODO: Fill out or delete (optional)
+[Provide a user story to illustrate the use case for this feature/enhancement. Include examples to help communicate the intended functionality.]
+
+
+/label ~"Category:Web IDE"
+/label  ~"section::dev"
+/label  ~"devops::create"
+/label  ~"group::ide"
+
+<!-- Replace with other type, e.g. bug or maintenance, if appropriate -->
+/label ~"type::feature"
+<!-- Replace with other subtype if appropriate -->
+/label ~"feature::addition"
+
+<!-- By default, all issues start in the unprioritized status. See https://about.gitlab.com/handbook/engineering/development/dev/create/ide/#-remote-development-planning-process -->
+/label  ~"rd-workflow::unprioritized"
+
+<!-- For simplicity and to avoid triage bot warnings about missing workflow labels, we will default to issues starting at the refinement phase --> 
+/label ~"workflow::refinement"
--- a/doc/architecture/blueprints/rapid_diffs/index.md
+++ b/doc/architecture/blueprints/rapid_diffs/index.md
@ -250,6 +250,24 @@ sequenceDiagram
    Gitaly ->> Back end: List of diffs
 ```

+###### Database
+
+```mermaid
+sequenceDiagram
+    Back end ->> Database: What are the file paths for a known MR version?
+    Database ->> Back end: List of paths
+```
+
+###### Cache
+
+- Fresh render of a diff
+
+```mermaid
+sequenceDiagram
+    Back end ->> Cache: Give me the diff template for scenario XYZ
+    Cache ->> Back end: Static template to render diff in scenario XYZ
+```
+
 ### Accessibility

 Reusable Rapid Diffs should be displayed in a way that is compliant with [Web Content Accessibility Guidelines 2.1](https://www.w3.org/TR/WCAG21/) level AA for web-based content and [Authoring Tool Accessibility Guidelines 2.0](https://www.w3.org/TR/ATAG20/) level AA for user interface.
--- a/doc/ci/testing/test_coverage_visualization.md
+++ b/doc/ci/testing/test_coverage_visualization.md
@ -287,7 +287,6 @@ run tests:
  script:
    - pip install pytest pytest-cov
    - pytest --cov --cov-report term --cov-report xml:coverage.xml
-  coverage: '/(?i)total.*? (100(?:\.0+)?\%|[1-9]?\d(?:\.\d+)?\%)$/'
  artifacts:
    reports:
      coverage_report:
@ -354,7 +353,6 @@ run tests:
    - cd build
    - make test
    - gcovr --xml-pretty --exclude-unreachable-branches --print-summary -o coverage.xml --root ${CI_PROJECT_DIR}
-  coverage: /^\s*lines:\s*\d+.\d+\%/
  artifacts:
    name: ${CI_JOB_NAME}-${CI_COMMIT_REF_NAME}-${CI_COMMIT_SHA}
    expire_in: 2 days
--- a/doc/development/secure_coding_guidelines.md
+++ b/doc/development/secure_coding_guidelines.md
@ -155,6 +155,8 @@ Hardcoded regular expressions with backtracking issues:
 Consider the following example application, which defines a check using a regular expression. A user entering `user@aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa!.com` as the email on a form will hang the web server.

 ```ruby
+# For ruby versions < 3.2.0
+# Press ctrl+c to terminate a hung process
 class Email < ApplicationRecord
  DOMAIN_MATCH = Regexp.new('([a-zA-Z0-9]+)+\.com')

@ -170,7 +172,17 @@ end

 ### Mitigation

-#### Ruby
+#### Ruby from 3.2.0
+
+Ruby released [Regexp improvements against ReDoS in 3.2.0](https://www.ruby-lang.org/en/news/2022/12/25/ruby-3-2-0-released/). ReDoS will no longer be an issue, with the exception of _"some kind of regular expressions, such as those including advanced features (e.g., back-references or look-around), or with a huge fixed number of repetitions"_.
+
+[Until GitLab enforces a global Regexp timeout](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/145679) you should pass an explicit timeout parameter, particularly when using advanced features or a large number of repetitions. For example:
+
+```ruby
+Regexp.new('^a*b?a*()\1$', timeout: 1) # timeout in seconds
+```
+
+#### Ruby before 3.2.0

 GitLab has [`Gitlab::UntrustedRegexp`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/untrusted_regexp.rb)
 which internally uses the [`re2`](https://github.com/google/re2/wiki/Syntax) library.
--- a/qa/qa/tools/ci/test_metrics.rb
+++ b/qa/qa/tools/ci/test_metrics.rb
@ -24,13 +24,26 @@ module QA
          return logger.warn("No files matched pattern '#{metrics_file_glob}'") if metrics_files.empty?

          logger.info("Exporting #{metrics_data.size} entries to influxdb")
-          influx_client.create_write_api.write(data: metrics_data, bucket: INFLUX_MAIN_TEST_METRICS_BUCKET)
+          influx_client
+            .create_write_api(write_options: write_options)
+            .write(data: metrics_data, bucket: INFLUX_MAIN_TEST_METRICS_BUCKET)
        end

        private

        attr_reader :metrics_file_glob

+        # Write options for influxdb
+        #
+        # @return [InfluxDB::WriteOptions]
+        def write_options
+          InfluxDB2::WriteOptions.new(
+            write_type: InfluxDB2::WriteType::BATCHING,
+            batch_size: 100,
+            max_retries: 3
+          )
+        end
+
        # Metrics data files
        #
        # @return [Array]
--- a/qa/tasks/ci.rake
+++ b/qa/tasks/ci.rake
@ -72,9 +72,4 @@ namespace :ci do

    QA::Tools::Ci::TestMetrics.export(args[:glob])
  end
-
-  desc "Get available QA environment variables"
-  task :env_var_name_list do
-    puts Gitlab::QA::Runtime::Env.variables.keys.join("\n")
-  end
 end