root
/
gitlab-ce
mirror of https://gitlab.com/free-releases/gitlab-ce.git
1
0
Fork 0
Code Issues Actions Packages Projects Releases Wiki Activity

Add latest changes from gitlab-org/gitlab@master

This commit is contained in:
GitLab Bot 2022-11-03 00:10:34 +00:00
parent 03cd2a56f3
commit d81023e4e9
31 changed files with 235 additions and 126 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
.gitlab/ci/package-and-test/rules.gitlab-ci.yml
View File

@ -20,9 +20,9 @@
when: manual
allow_failure: true
# QA framework changes present
.qa-framework-changes: &qa-framework-changes
if: $QA_FRAMEWORK_CHANGES == "true"
# Run all tests when framework changes present or explicitly enabled full suite execution
.qa-run-all-tests: &qa-run-all-tests
if: $QA_FRAMEWORK_CHANGES == "true" || $QA_RUN_ALL_TESTS == "true"
# Process test results (notify failure to slack, create test session report, relate test failures)
.process-test-results: &process-test-results
@ -91,7 +91,7 @@
.rules:test:qa-non-parallel:
rules:
# always run parallel with full suite when framework changes present or ff state changed
- <<: *qa-framework-changes
- <<: *qa-run-all-tests
when: never
- <<: *all-specs
when: never
@ -100,7 +100,7 @@
.rules:test:qa-parallel:
rules:
- *qa-framework-changes
- *qa-run-all-tests
- <<: *specific-specs
when: manual
allow_failure: true
@ -111,7 +111,7 @@
# general qa job rule for jobs without the need to run in parallel
.rules:test:qa:
rules:
- *qa-framework-changes
- *qa-run-all-tests
- *feature-flags-set-manual
.rules:test:update:

24
.gitlab/ci/review-apps/rules.gitlab-ci.yml
View File

@ -15,9 +15,9 @@
.app-changes: &app-changes
if: $APP_CHANGE_TRIGGER == "true"
# QA framework changes present
.qa-framework-changes: &qa-framework-changes
if: $QA_FRAMEWORK_CHANGES == "true"
# Run all tests when framework changes present or explicitly enabled full suite execution
.qa-run-all-tests: &qa-run-all-tests
if: $QA_FRAMEWORK_CHANGES == "true" || $QA_RUN_ALL_TESTS == "true"
.default-branch: &default-branch
if: $CI_COMMIT_REF_NAME == $CI_DEFAULT_BRANCH
@ -28,19 +28,19 @@
variables:
QA_TESTS: ""
.never-when-qa-framework-changes-or-no-specific-specs:
- <<: *qa-framework-changes
.never-when-qa-run-all-tests-or-no-specific-specs:
- <<: *qa-run-all-tests
when: never
- <<: *all-specs
when: never
.never-when-specific-specs-always-when-qa-framework-changes:
.never-when-specific-specs-always-when-qa-run-all-tests:
- *qa-run-all-tests
- <<: *specific-specs
when: manual
allow_failure: true
variables:
QA_TESTS: ""
- *qa-framework-changes
# ------------------------------------------
# Prepare
@ -62,7 +62,7 @@
- <<: *app-changes
variables:
QA_TESTS: "" # unset QA_TESTS even if specific tests were inferred from stage label
- *qa-framework-changes
- *qa-run-all-tests
- if: $QA_SUITES =~ /Test::Instance::Smoke/
- *qa-manual
@ -70,7 +70,7 @@
rules:
- <<: *app-changes
when: never
- !reference [.never-when-qa-framework-changes-or-no-specific-specs]
- !reference [.never-when-qa-run-all-tests-or-no-specific-specs]
- if: $QA_SUITES =~ /Test::Instance::ReviewBlocking/
.rules:qa-blocking-parallel:
rules:
@ -78,16 +78,16 @@
- <<: *app-changes
variables:
QA_TESTS: "" # unset QA_TESTS even if specific tests were inferred from stage label
- !reference [.never-when-specific-specs-always-when-qa-framework-changes]
- !reference [.never-when-specific-specs-always-when-qa-run-all-tests]
- if: $QA_SUITES =~ /Test::Instance::ReviewBlocking/
.rules:qa-non-blocking:
rules:
- !reference [.never-when-qa-framework-changes-or-no-specific-specs]
- !reference [.never-when-qa-run-all-tests-or-no-specific-specs]
- if: $QA_SUITES =~ /Test::Instance::ReviewNonBlocking/
.rules:qa-non-blocking-parallel:
rules:
- !reference [.never-when-specific-specs-always-when-qa-framework-changes]
- !reference [.never-when-specific-specs-always-when-qa-run-all-tests]
- *all-specs-mr # set full suite to manual when no specific specs passed in mr
- if: $QA_SUITES =~ /Test::Instance::ReviewNonBlocking/

1
app/models/application_setting.rb
View File

@ -318,6 +318,7 @@ class ApplicationSetting < ApplicationRecord
less_than_or_equal_to: Commit::MAX_DIFF_LINES_SETTING_UPPER_BOUND }
validates :user_default_internal_regex, js_regex: true, allow_nil: true
validates :default_preferred_language, presence: true, inclusion: { in: Gitlab::I18n.available_locales }
validates :personal_access_token_prefix,
format: { with: %r{\A[a-zA-Z0-9_+=/@:.-]+\z},

2
app/models/user.rb
View File

@ -696,6 +696,8 @@ class User < ApplicationRecord
#
# Returns an ActiveRecord::Relation.
def search(query, **options)
return none unless query.is_a?(String)
query = query&.delete_prefix('@')
return none if query.blank?

2
app/services/milestones/transfer_service.rb
View File

@ -62,7 +62,7 @@ module Milestones
# rubocop: enable CodeReuse/ActiveRecord
def find_or_create_milestone(milestone)
params = milestone.attributes.slice('title', 'description', 'start_date', 'due_date')
params = milestone.attributes.slice('title', 'description', 'start_date', 'due_date', 'state')
FindOrCreateService.new(project, current_user, params).execute
end

10
db/migrate/20221101032521_add_default_preferred_language_to_application_settings.rb Normal file
View File

@ -0,0 +1,10 @@
# frozen_string_literal: true
class AddDefaultPreferredLanguageToApplicationSettings < Gitlab::Database::Migration[2.0]
def change
# rubocop:disable Migration/AddLimitToTextColumns
# limit is added in 20221101032600_add_text_limit_to_default_preferred_language_on_application_settings.rb
add_column :application_settings, :default_preferred_language, :text, default: 'en', null: false
# rubocop:enable Migration/AddLimitToTextColumns
end
end

15
db/migrate/20221101032600_add_text_limit_to_default_preferred_language_on_application_settings.rb Normal file
View File

@ -0,0 +1,15 @@
# frozen_string_literal: true
class AddTextLimitToDefaultPreferredLanguageOnApplicationSettings < Gitlab::Database::Migration[2.0]
MAXIMUM_LIMIT = 32
disable_ddl_transaction!
def up
add_text_limit :application_settings, :default_preferred_language, MAXIMUM_LIMIT
end
def down
remove_text_limit :application_settings, :default_preferred_language
end
end

1
db/schema_migrations/20221101032521 Normal file
View File

@ -0,0 +1 @@
db7e477626aa34154db2d6ff30bcafc7c70a2a9c3a719bfb7e7ac0a8e0d7e579

1
db/schema_migrations/20221101032600 Normal file
View File

@ -0,0 +1 @@
49449f2bb02e8dbe0cff73b6ac8dc291c00c7ce9c0d54bf7bb2b5cd9c599d713

2
db/structure.sql
View File

@ -11495,6 +11495,7 @@ CREATE TABLE application_settings (
product_analytics_enabled boolean DEFAULT false NOT NULL,
email_confirmation_setting smallint DEFAULT 2,
disable_admin_oauth_scopes boolean DEFAULT false NOT NULL,
default_preferred_language text DEFAULT 'en'::text NOT NULL,
CONSTRAINT app_settings_container_reg_cleanup_tags_max_list_size_positive CHECK ((container_registry_cleanup_tags_service_max_list_size >= 0)),
CONSTRAINT app_settings_container_registry_pre_import_tags_rate_positive CHECK ((container_registry_pre_import_tags_rate >= (0)::numeric)),
CONSTRAINT app_settings_dep_proxy_ttl_policies_worker_capacity_positive CHECK ((dependency_proxy_ttl_group_policy_worker_capacity >= 0)),
@ -11535,6 +11536,7 @@ CREATE TABLE application_settings (
CONSTRAINT check_d4865d70f3 CHECK ((char_length(clickhouse_connection_string) <= 1024)),
CONSTRAINT check_d820146492 CHECK ((char_length(spam_check_endpoint_url) <= 255)),
CONSTRAINT check_dea8792229 CHECK ((char_length(jitsu_host) <= 255)),
CONSTRAINT check_e2692d7523 CHECK ((char_length(default_preferred_language) <= 32)),
CONSTRAINT check_e2dd6e290a CHECK ((char_length(jira_connect_application_key) <= 255)),
CONSTRAINT check_e5024c8801 CHECK ((char_length(elasticsearch_username) <= 255)),
CONSTRAINT check_e5aba18f02 CHECK ((char_length(container_registry_version) <= 255)),

2
doc/ci/review_apps/index.md
View File

@ -198,7 +198,7 @@ After you have the route mapping set up, it takes effect in the following locati
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/10761) in GitLab 12.0.
> - [Moved](https://about.gitlab.com/blog/2021/01/26/new-gitlab-product-subscription-model/) to GitLab Premium in 13.9.
> - It's [deployed behind a feature flag](../../user/feature_flags.md), `anonymous_visual_review_feedback`, disabled by default.
> - It's enabled on GitLab.com.
> - It's disabled on GitLab.com.
FLAG:
On self-managed GitLab, by default this feature is not available. To make it available,

20
doc/development/testing_guide/end_to_end/index.md
View File

@ -123,9 +123,8 @@ test or a group of tests that are different than the groups in any of the existi
For example, when we [dequarantine](https://about.gitlab.com/handbook/engineering/quality/quality-engineering/debugging-qa-test-failures/#dequarantining-tests)
a flaky test we first want to make sure that it's no longer flaky.
We can do that using the `ce:custom-parallel` and `ee:custom-parallel` jobs.
Both are manual jobs that you can configure using custom variables.
When selecting the name (not the play icon) of one of the parallel jobs,
We can do that by running `_ee:quarantine` manual job.
When selecting the name (not the play icon) of manual job,
you are prompted to enter variables. You can use any of
[the variables that can be used with `gitlab-qa`](https://gitlab.com/gitlab-org/gitlab-qa/blob/master/docs/what_tests_can_be_run.md#supported-gitlab-environment-variables)
as well as these:
@ -134,7 +133,7 @@ as well as these:
|-|-|
| `QA_SCENARIO` | The scenario to run (default `Test::Instance::Image`) |
| `QA_TESTS` | The tests to run (no default, which means run all the tests in the scenario). Use file paths as you would when running tests via RSpec, for example, `qa/specs/features/ee/browser_ui` would include all the `EE` UI tests. |
| `QA_RSPEC_TAGS` | The RSpec tags to add (no default) |
| `QA_RSPEC_TAGS` | The RSpec tags to add (default `--tag quarantine`) |
For now,
[manual jobs with custom variables don't use the same variable when retried](https://gitlab.com/gitlab-org/gitlab/-/issues/31367),
@ -157,6 +156,19 @@ against the [Review App](../review_apps.md).
See [Review Apps](../review_apps.md) for more details about Review Apps.
#### Selective test execution
In order to limit amount of tests executed in a merge request, dynamic selection of which tests to execute is present. Algorithm of which tests to run is based
on changed files and merge request labels. Following criteria determine which tests will run:
1. Changes in `qa` framework code would execute the full suite
1. Changes in particular `_spec.rb` file in `qa` folder would execute only that particular test
1. Merge request with backend changes and label `devops::manage` would execute all e2e tests related to `manage` stage
#### Overriding selective test execution
To override selective test execution and trigger the full suite, label `pipeline:run-all-e2e` should be added to particular merge request.
### Run tests in parallel
To run tests in parallel on CI, the [Knapsack](https://github.com/KnapsackPro/knapsack)

52
doc/operations/incident_management/alerts.md
View File

@ -8,7 +8,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w
Alerts are a critical entity in your incident management workflow. They represent a notable event that might indicate a service outage or disruption. GitLab provides a list view for triage and detail view for deeper investigation of what happened.
## Alert List
## Alert list
Users with at least the Developer role can
access the Alert list at **Monitor > Alerts** in your project's
@ -137,7 +137,7 @@ timeline of the alert's investigation and assignment history.
The following actions result in a system note:
- [Updating the status of an alert](#update-an-alerts-status)
- [Updating the status of an alert](#change-an-alerts-status)
- [Creating an incident based on an alert](#create-an-incident-from-an-alert)
- [Assignment of an alert to a user](#assign-an-alert)
- [Escalation of an alert to on-call responders](paging.md#escalating-an-alert)
@ -148,25 +148,45 @@ The following actions result in a system note:
There are different actions available in GitLab to help triage and respond to alerts.
### Update an alert's status
### Change an alert's status
**Triggered** is the default status for new alerts. For users with the Developer role or higher, the
alert status can be updated from these locations:
You can change the status of an alert.
- [Alert list](#alert-list): select the status dropdown list corresponding to an alert, then select an
alternate status.
- [Alert details page](#alert-details-page): select **Edit** in the right-hand side bar, then select
an alternate status.
The available statuses are:
- Triggered (default for new alerts)
- Acknowledged
- Resolved
Prerequisites:
- You must have at least the Developer role.
To change an alert's status:
- From the [alert list](#alert-list):
1. In the **Status** column, next to an alert, select the status dropdown list.
1. Select a status.
- From the [alert details page](#alert-details-page):
1. On the right sidebar, select **Edit**.
1. Select a status.
To stop email notifications for alert reoccurrences in projects with [email notifications enabled](paging.md#email-notifications-for-alerts),
[change the alert's status](alerts.md#update-an-alerts-status) away from **Triggered**.
change the alert's status away from **Triggered**.
In projects with GitLab Premium, on-call responders can respond to [alert pages](paging.md#escalating-an-alert)
by changing the status. Setting the status to:
#### As an on-call responder **(PREMIUM)**
- **Resolved** silences all on-call pages for the alert.
- **Acknowledged** limits on-call pages based on the project's [escalation policy](escalation_policies.md).
- **Triggered** from **Resolved** restarts the alert escalating from the beginning.
On-call responders can respond to [alert pages](paging.md#escalating-an-alert)
by changing the alert status.
Changing the status has the following effects:
- To **Acknowledged**: limits on-call pages based on the project's [escalation policy](escalation_policies.md).
- To **Resolved**: silences all on-call pages for the alert.
- From **Resolved** to **Triggered**: restarts the alert escalating.
In GitLab 15.1 and earlier, updating the status of an [alert with an associated incident](alerts.md#create-an-incident-from-an-alert)
also updates the incident status. In [GitLab 15.2 and later](https://gitlab.com/gitlab-org/gitlab/-/issues/356057),
@ -183,7 +203,7 @@ alert by selecting the **View Issue** button.
You can also [create incidents for alerts automatically](incidents.md#create-incidents-automatically).
Closing a GitLab issue associated with an alert [changes the alert's status](#update-an-alerts-status) to
Closing a GitLab issue associated with an alert [changes the alert's status](#change-an-alerts-status) to
**Resolved**. See [Alert List](#alert-list) for more details
about alert statuses.

4
doc/operations/incident_management/paging.md
View File

@ -34,7 +34,7 @@ a single email notification for new alerts.
**Send a single email notification to Owners and Maintainers for new alerts** checkbox.
1. Select **Save changes**.
[Update the alert's status](alerts.md#update-an-alerts-status) to manage email notifications for an alert.
[Update the alert's status](alerts.md#change-an-alerts-status) to manage email notifications for an alert.
## Paging **(PREMIUM)**
@ -46,7 +46,7 @@ can be automatically paged about critical problems through email.
When an alert is triggered, it begins escalating to the on-call responders immediately.
For each escalation rule in the project's escalation policy, the designated on-call
responders receive one email when the rule fires. You can respond to a page
or stop alert escalations by [updating the alert's status](alerts.md#update-an-alerts-status).
or stop alert escalations by [updating the alert's status](alerts.md#change-an-alerts-status).
### Escalating an incident

37
doc/security/password_length_limits.md
View File

@ -12,15 +12,7 @@ By default, GitLab supports passwords with the following lengths:
- Minimum: 8 characters
- Maximum: 128 characters
GitLab administrators can modify password lengths:
- Using the GitLab UI. [From](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/20661) GitLab
12.6, this is the only available option.
- Using configuration file. Up to GitLab 12.5.
Changing the minimum or maximum length does not affect existing user passwords. Existing users are
not asked to reset their password to adhere to the new limits. The new limit restriction applies
only during new user sign-ups and when an existing user performs a password reset.
You can only change the minimum password length. Changing the minimum length does not affect existing user passwords. Existing users are not asked to reset their password to adhere to the new limits. The new limit restriction applies only during new user sign-ups and when an existing user performs a password reset.
## Modify minimum password length using GitLab UI
@ -38,33 +30,6 @@ To change the minimum password length using GitLab UI:
1. Enter a **Minimum password length** value greater than or equal to `8`.
1. Select **Save changes**.
## Modify maximum password length using configuration file
From GitLab 12.6, the minimum password length set in this configuration file is ignored. Minimum password lengths must instead be modified via the [GitLab UI](#modify-minimum-password-length-using-gitlab-ui).
The user password length is set to a maximum of 128 characters by default.
To change that for installations from source:
1. Edit `devise_password_length.rb`:
```shell
cd /home/git/gitlab
sudo -u git -H cp config/initializers/devise_password_length.rb.example config/initializers/devise_password_length.rb
sudo -u git -H editor config/initializers/devise_password_length.rb
```
1. Change the new password length limits:
```ruby
config.password_length = 12..135
```
In this example, the minimum length is 12 characters, and the maximum length
is 135 characters.
1. [Restart GitLab](../administration/restart_gitlab.md#installations-from-source)
for the changes to take effect.
<!-- ## Troubleshooting
Include any troubleshooting steps that you can foresee. If you know beforehand what issues

2
doc/security/passwords_for_integrated_authentication_methods.md
View File

@ -14,4 +14,4 @@ However, to maintain data consistency, GitLab requires passwords for all user ac
For such accounts, we use the [`friendly_token`](https://github.com/heartcombo/devise/blob/f26e05c20079c9acded3c0ee16da0df435a28997/lib/devise.rb#L492) method provided by the Devise gem to generate a random, unique and secure password and sets it as the account password during sign up.
The length of the generated password is the set based on the value of [maximum password length](password_length_limits.md#modify-maximum-password-length-using-configuration-file) as set in the Device configuration. The default value is 128 characters.
The length of the generated password is [128 characters](password_length_limits.md).

37
doc/user/permissions.md
View File

@ -73,7 +73,7 @@ The following table lists project permissions available for each role:
| [Clusters](infrastructure/clusters/index.md):<br>Manage clusters | | | | ✓ | ✓ |
| [Container Registry](packages/container_registry/index.md):<br>Create, edit, delete [cleanup policies](packages/container_registry/index.md#delete-images-by-using-a-cleanup-policy) | | | | ✓ | ✓ |
| [Container Registry](packages/container_registry/index.md):<br>Push an image to the Container Registry | | | ✓ | ✓ | ✓ |
| [Container Registry](packages/container_registry/index.md):<br>Pull an image from the Container Registry | ✓ (*20*) | ✓ (*20*) | ✓ | ✓ | ✓ |
| [Container Registry](packages/container_registry/index.md):<br>Pull an image from the Container Registry | ✓ (*19*) | ✓ (*19*) | ✓ | ✓ | ✓ |
| [Container Registry](packages/container_registry/index.md):<br>Remove a Container Registry image | | | ✓ | ✓ | ✓ |
| [GitLab Pages](project/pages/index.md):<br>View Pages protected by [access control](project/pages/introduction.md#gitlab-pages-access-control) | ✓ | ✓ | ✓ | ✓ | ✓ |
| [GitLab Pages](project/pages/index.md):<br>Manage | | | | ✓ | ✓ |
@ -81,8 +81,9 @@ The following table lists project permissions available for each role:
| [GitLab Pages](project/pages/index.md):<br>Remove GitLab Pages | | | | ✓ | ✓ |
| [Incident Management](../operations/incident_management/index.md):<br>View [alerts](../operations/incident_management/alerts.md) | | ✓ | ✓ | ✓ | ✓ |
| [Incident Management](../operations/incident_management/index.md):<br>Assign an alert | ✓ | ✓ | ✓ | ✓ | ✓ |
| [Incident Management](../operations/incident_management/index.md):<br>[Change an alert status](../operations/incident_management/alerts.md#change-an-alerts-status) | | ✓ | ✓ | ✓ | ✓ |
| [Incident Management](../operations/incident_management/index.md):<br>View [incident](../operations/incident_management/incidents.md) | ✓ | ✓ | ✓ | ✓ | ✓ |
| [Incident Management](../operations/incident_management/index.md):<br>Create [incident](../operations/incident_management/incidents.md) | (*16*) | ✓ | ✓ | ✓ | ✓ |
| [Incident Management](../operations/incident_management/index.md):<br>Create [incident](../operations/incident_management/incidents.md) | | ✓ | ✓ | ✓ | ✓ |
| [Incident Management](../operations/incident_management/index.md):<br>View [on-call schedules](../operations/incident_management/oncall_schedules.md) | | ✓ | ✓ | ✓ | ✓ |
| [Incident Management](../operations/incident_management/index.md):<br>Participate in on-call rotation | ✓ | ✓ | ✓ | ✓ | ✓ |
| [Incident Management](../operations/incident_management/index.md):<br>View [escalation policies](../operations/incident_management/escalation_policies.md) | | ✓ | ✓ | ✓ | ✓ |
@ -91,16 +92,16 @@ The following table lists project permissions available for each role:
| [Issue boards](project/issue_board.md):<br>Create or delete lists | | ✓ | ✓ | ✓ | ✓ |
| [Issue boards](project/issue_board.md):<br>Move issues between lists | | ✓ | ✓ | ✓ | ✓ |
| [Issues](project/issues/index.md):<br>Add Labels | ✓ (*15*) | ✓ | ✓ | ✓ | ✓ |
| [Issues](project/issues/index.md):<br>Add to epic | | ✓ (*23*) | ✓ (*23*) | ✓ (*23*) | ✓ (*23*) |
| [Issues](project/issues/index.md):<br>Add to epic | | ✓ (*22*) | ✓ (*22*) | ✓ (*22*) | ✓ (*22*) |
| [Issues](project/issues/index.md):<br>Assign | ✓ (*15*) | ✓ | ✓ | ✓ | ✓ |
| [Issues](project/issues/index.md):<br>Create (*18*) | ✓ | ✓ | ✓ | ✓ | ✓ |
| [Issues](project/issues/index.md):<br>Create (*17*) | ✓ | ✓ | ✓ | ✓ | ✓ |
| [Issues](project/issues/index.md):<br>Create [confidential issues](project/issues/confidential_issues.md) | ✓ | ✓ | ✓ | ✓ | ✓ |
| [Issues](project/issues/index.md):<br>View [Design Management](project/issues/design_management.md) pages | ✓ | ✓ | ✓ | ✓ | ✓ |
| [Issues](project/issues/index.md):<br>View [related issues](project/issues/related_issues.md) | ✓ | ✓ | ✓ | ✓ | ✓ |
| [Issues](project/issues/index.md):<br>Set [weight](project/issues/issue_weight.md) | ✓ (*15*) | ✓ | ✓ | ✓ | ✓ |
| [Issues](project/issues/index.md):<br>Set [parent epic](group/epics/manage_epics.md#add-an-existing-issue-to-an-epic) | | ✓ | ✓ | ✓ | ✓ |
| [Issues](project/issues/index.md):<br>View [confidential issues](project/issues/confidential_issues.md) | (*2*) | ✓ | ✓ | ✓ | ✓ |
| [Issues](project/issues/index.md):<br>Close / reopen (*19*) | | ✓ | ✓ | ✓ | ✓ |
| [Issues](project/issues/index.md):<br>Close / reopen (*18*) | | ✓ | ✓ | ✓ | ✓ |
| [Issues](project/issues/index.md):<br>Lock threads | | ✓ | ✓ | ✓ | ✓ |
| [Issues](project/issues/index.md):<br>Manage [related issues](project/issues/related_issues.md) | | ✓ | ✓ | ✓ | ✓ |
| [Issues](project/issues/index.md):<br>Manage tracker | | ✓ | ✓ | ✓ | ✓ |
@ -118,7 +119,7 @@ The following table lists project permissions available for each role:
| [Merge requests](project/merge_requests/index.md):<br>Apply code change suggestions | | | ✓ | ✓ | ✓ |
| [Merge requests](project/merge_requests/index.md):<br>Approve (*8*) | | | ✓ | ✓ | ✓ |
| [Merge requests](project/merge_requests/index.md):<br>Assign | | | ✓ | ✓ | ✓ |
| [Merge requests](project/merge_requests/index.md):<br>Create (*17*) | | | ✓ | ✓ | ✓ |
| [Merge requests](project/merge_requests/index.md):<br>Create (*16*) | | | ✓ | ✓ | ✓ |
| [Merge requests](project/merge_requests/index.md):<br>Add labels | | | ✓ | ✓ | ✓ |
| [Merge requests](project/merge_requests/index.md):<br>Lock threads | | | ✓ | ✓ | ✓ |
| [Merge requests](project/merge_requests/index.md):<br>Manage or accept | | | ✓ | ✓ | ✓ |
@ -153,7 +154,7 @@ The following table lists project permissions available for each role:
| [Projects](project/index.md):<br>View project [Audit Events](../administration/audit_events.md) | | | ✓ (*10*) | ✓ | ✓ |
| [Projects](project/index.md):<br>Add [deploy keys](project/deploy_keys/index.md) | | | | ✓ | ✓ |
| [Projects](project/index.md):<br>Add new [team members](project/members/index.md) | | | | ✓ | ✓ |
| [Projects](project/index.md):<br>Manage [team members](project/members/index.md) | | | | ✓ (*21*) | ✓ |
| [Projects](project/index.md):<br>Manage [team members](project/members/index.md) | | | | ✓ (*20*) | ✓ |
| [Projects](project/index.md):<br>Change [project features visibility](public_access.md) level | | | | ✓ (*13*) | ✓ |
| [Projects](project/index.md):<br>Configure [webhooks](project/integrations/webhooks.md) | | | | ✓ | ✓ |
| [Projects](project/index.md):<br>Delete [wiki](project/wiki/index.md) pages | | | ✓ | ✓ | ✓ |
@ -161,7 +162,7 @@ The following table lists project permissions available for each role:
| [Projects](project/index.md):<br>Edit project badges | | | | ✓ | ✓ |
| [Projects](project/index.md):<br>Edit project settings | | | | ✓ | ✓ |
| [Projects](project/index.md):<br>Export project | | | | ✓ | ✓ |
| [Projects](project/index.md):<br>Manage [project access tokens](project/settings/project_access_tokens.md) (*11*) | | | | ✓ (*21*) | ✓ |
| [Projects](project/index.md):<br>Manage [project access tokens](project/settings/project_access_tokens.md) (*11*) | | | | ✓ (*20*) | ✓ |
| [Projects](project/index.md):<br>Manage [Project Operations](../operations/index.md) | | | | ✓ | ✓ |
| [Projects](project/index.md):<br>Rename project | | | | ✓ | ✓ |
| [Projects](project/index.md):<br>Share (invite) projects with groups | | | | ✓ (*7*) | ✓ (*7*) |
@ -203,10 +204,10 @@ The following table lists project permissions available for each role:
| [Security dashboard](application_security/security_dashboard/index.md):<br>Use security dashboard | | | ✓ | ✓ | ✓ |
| [Security dashboard](application_security/security_dashboard/index.md):<br>View vulnerability | | | ✓ | ✓ | ✓ |
| [Security dashboard](application_security/security_dashboard/index.md):<br>View vulnerability findings in [dependency list](application_security/dependency_list/index.md) | | | ✓ | ✓ | ✓ |
| [Tasks](tasks.md):<br>Create (*18*) | ✓ | ✓ | ✓ | ✓ | ✓ |
| [Tasks](tasks.md):<br>Create (*17*) | ✓ | ✓ | ✓ | ✓ | ✓ |
| [Tasks](tasks.md):<br>Edit | | ✓ | ✓ | ✓ | ✓ |
| [Tasks](tasks.md):<br>Remove from issue | | ✓ | ✓ | ✓ | ✓ |
| [Tasks](tasks.md):<br>Delete (*22*) | | | | | ✓ |
| [Tasks](tasks.md):<br>Delete (*21*) | | | | | ✓ |
| [Terraform](infrastructure/index.md):<br>Read Terraform state | | | ✓ | ✓ | ✓ |
| [Terraform](infrastructure/index.md):<br>Manage Terraform state | | | | ✓ | ✓ |
| [Test cases](../ci/test_cases/index.md):<br>Archive | | ✓ | ✓ | ✓ | ✓ |
@ -239,15 +240,13 @@ The following table lists project permissions available for each role:
Developer role.
15. Guest users can only set metadata (for example, labels, assignees, or milestones)
when creating an issue. They cannot change the metadata on existing issues.
16. In GitLab 14.5 or later, Guests are not allowed to [create incidents](../operations/incident_management/incidents.md#incident-creation).
In GitLab 15.1 and later, a Guest who created an issue that was promoted to an incident cannot edit, close, or reopen their incident.
17. In projects that accept contributions from external members, users can create, edit, and close their own merge requests.
18. Authors and assignees can modify the title and description even if they don't have the Reporter role.
19. Authors and assignees can close and reopen issues even if they don't have the Reporter role.
20. The ability to view the Container Registry and pull images is controlled by the [Container Registry's visibility permissions](packages/container_registry/index.md#container-registry-visibility-permissions).
21. Maintainers cannot create, demote, or remove Owners, and they cannot promote users to the Owner role. They also cannot approve Owner role access requests.
22. Authors of tasks can delete them even if they don't have the Owner role, but they have to have at least the Guest role for the project.
23. You must have permission to [view the epic](group/epics/manage_epics.md#who-can-view-an-epic).
16. In projects that accept contributions from external members, users can create, edit, and close their own merge requests.
17. Authors and assignees can modify the title and description even if they don't have the Reporter role.
18. Authors and assignees can close and reopen issues even if they don't have the Reporter role.
19. The ability to view the Container Registry and pull images is controlled by the [Container Registry's visibility permissions](packages/container_registry/index.md#container-registry-visibility-permissions).
20. Maintainers cannot create, demote, or remove Owners, and they cannot promote users to the Owner role. They also cannot approve Owner role access requests.
21. Authors of tasks can delete them even if they don't have the Owner role, but they have to have at least the Guest role for the project.
22. You must have permission to [view the epic](group/epics/manage_epics.md#who-can-view-an-epic).
<!-- markdownlint-enable MD029 -->

1
jest.config.integration.js
View File

@ -25,4 +25,5 @@ module.exports = {
},
}),
timers: 'real',
testTimeout: process.env.CI ? 20000 : 7000,
};

2
lib/gitlab/sql/pattern.rb
View File

@ -40,6 +40,8 @@ module Gitlab
# lower_exact_match - When set to `true` we'll fall back to using
# `LOWER(column) = query` instead of using `ILIKE`.
def fuzzy_arel_match(column, query, lower_exact_match: false, use_minimum_char_limit: true)
return unless query.is_a?(String)
query = query.squish
return unless query.present?

3
locale/gitlab.pot
View File

@ -36252,6 +36252,9 @@ msgstr ""
msgid "SecurityOrchestration|Inherited from %{namespace}"
msgstr ""
msgid "SecurityOrchestration|Invalid policy"
msgstr ""
msgid "SecurityOrchestration|Invalid policy type"
msgstr ""

2
package.json
View File

@ -53,7 +53,7 @@
"@codesandbox/sandpack-client": "^1.2.2",
"@gitlab/at.js": "1.5.7",
"@gitlab/favicon-overlay": "2.0.0",
"@gitlab/svgs": "3.5.0",
"@gitlab/svgs": "3.6.0",
"@gitlab/ui": "49.2.1",
"@gitlab/visual-review-tools": "1.7.3",
"@gitlab/web-ide": "0.0.1-dev-20220815034418",

18
qa/qa/page/project/settings/advanced.rb
View File

@ -48,15 +48,17 @@ module QA
def transfer_project!(project_name, namespace)
QA::Runtime::Logger.info "Transferring project: #{project_name} to namespace: #{namespace}"
scroll_to_transfer_project_content
wait_for_transfer_project_content
# Scroll to bottom of page to prevent namespace dropdown from changing position mid-click
# See https://gitlab.com/gitlab-org/gitlab/-/issues/381376 for details
page.scroll_to(:bottom)
# Workaround for a failure to search when there are no spaces around the /
# https://gitlab.com/gitlab-org/gitlab/-/issues/218965
select_namespace(namespace.gsub(%r{([^\s])/([^\s])}, '\1 / \2'))
retry_until(sleep_interval: 1, message: 'Waiting for transfer project button to be enabled') do
has_element?(:transfer_project_button, disabled: false, wait: 3)
end
wait_for_enabled_transfer_project_button
click_element :transfer_project_button
@ -88,12 +90,16 @@ module QA
private
def scroll_to_transfer_project_content
def wait_for_transfer_project_content
retry_until(sleep_interval: 1, message: 'Waiting for transfer project content to display') do
has_element?(:transfer_project_content, wait: 3)
end
end
scroll_to_element :transfer_project_content
def wait_for_enabled_transfer_project_button
retry_until(sleep_interval: 1, message: 'Waiting for transfer project button to be enabled') do
has_element?(:transfer_project_button, disabled: false, wait: 3)
end
end
end
end

26
qa/tasks/ci.rake
View File

@ -2,7 +2,6 @@
require_relative "helpers/util"
# rubocop:disable Rails/RakeEnvironment
namespace :ci do
include Task::Helpers::Util
@ -23,18 +22,20 @@ namespace :ci do
# skip running tests when only quarantine changes detected
if qa_changes.quarantine_changes?
logger.info(" merge request contains only quarantine changes, e2e test execution will be skipped!")
append_to_file(env_file, <<~TXT)
QA_SKIP_ALL_TESTS=true
TXT
append_to_file(env_file, "QA_SKIP_ALL_TESTS=true")
next
end
tests = qa_changes.qa_tests
if qa_changes.framework_changes? # run all tests when framework changes detected
run_all_label_present = mr_labels.include?("pipeline:run-all-e2e")
# on run-all label of framework changes do not infer specific tests
tests = run_all_label_present || qa_changes.framework_changes? ? nil : qa_changes.qa_tests
if run_all_label_present
logger.info(" merge request has pipeline:run-all-e2e label, full test suite will be executed")
append_to_file(env_file, "QA_RUN_ALL_TESTS=true\n")
elsif qa_changes.framework_changes? # run all tests when framework changes detected
logger.info(" merge request contains qa framework changes, full test suite will be executed")
append_to_file(env_file, <<~TXT)
QA_FRAMEWORK_CHANGES=true
TXT
append_to_file(env_file, "QA_FRAMEWORK_CHANGES=true\n")
elsif tests
logger.info(" detected following specs to execute: '#{tests}'")
else
@ -44,15 +45,13 @@ namespace :ci do
# always check all test suites in case a suite is defined but doesn't have any runnable specs
suites = QA::Tools::Ci::NonEmptySuites.new(tests).fetch
append_to_file(env_file, <<~TXT)
QA_TESTS='#{tests}'
QA_SUITES='#{suites}'
QA_TESTS='#{tests}'
TXT
# check if mr contains feature flag changes
feature_flags = QA::Tools::Ci::FfChanges.new(diff).fetch
append_to_file(env_file, <<~TXT)
QA_FEATURE_FLAGS='#{feature_flags}'
TXT
append_to_file(env_file, "QA_FEATURE_FLAGS='#{feature_flags}'")
end
desc "Download test results from downstream pipeline"
@ -60,4 +59,3 @@ namespace :ci do
QA::Tools::Ci::TestResults.get(args[:trigger_name], args[:test_report_job_name], args[:report_path])
end
end
# rubocop:enable Rails/RakeEnvironment

5
scripts/generate-e2e-pipeline
View File

@ -25,9 +25,10 @@ variables:
GITLAB_QA_CACHE_KEY: "$qa_cache_key"
GITLAB_VERSION: "$(cat VERSION)"
COLORIZED_LOGS: "true"
QA_TESTS: "$QA_TESTS"
QA_FEATURE_FLAGS: "${QA_FEATURE_FLAGS}"
QA_RUN_ALL_TESTS: "${QA_RUN_ALL_TESTS:-false}"
QA_FRAMEWORK_CHANGES: "${QA_FRAMEWORK_CHANGES:-false}"
QA_FEATURE_FLAGS: "${QA_FEATURE_FLAGS}"
QA_TESTS: "$QA_TESTS"
QA_SUITES: "$QA_SUITES"
YML
)

3
spec/lib/gitlab/sql/pattern_spec.rb
View File

@ -29,6 +29,9 @@ RSpec.describe Gitlab::SQL::Pattern do
'AH' | %i[title description] | %i[issue3]
'oh' | %i[title] | %i[issue3]
'ah' | %i[description] | %i[issue3]
'' | %i[title] | %i[issue1 issue2 issue3]
%w[a b] | %i[title] | %i[issue1 issue2 issue3]
end
with_them do

27
spec/migrations/20221101032521_add_default_preferred_language_to_application_settings_spec.rb Normal file
View File

@ -0,0 +1,27 @@
# frozen_string_literal: true
require 'spec_helper'
require_migration!
RSpec.describe AddDefaultPreferredLanguageToApplicationSettings do
let(:application_setting) { table(:application_settings).create! }
describe "#up" do
it 'allows to read default_preferred_language field' do
migrate!
expect(application_setting.attributes.keys).to include('default_preferred_language')
expect(application_setting.default_preferred_language).to eq 'en'
end
end
describe "#down" do
it 'deletes default_preferred_language field' do
migrate!
schema_migrate_down!
expect(application_setting.attributes.keys).not_to include('default_preferred_language')
end
end
end

29
spec/migrations/20221101032600_add_text_limit_to_default_preferred_language_on_application_settings_spec.rb Normal file
View File

@ -0,0 +1,29 @@
# frozen_string_literal: true
require 'spec_helper'
require_migration!
RSpec.describe AddTextLimitToDefaultPreferredLanguageOnApplicationSettings do
let(:application_setting) { table(:application_settings).create! }
let(:too_long_text) { SecureRandom.alphanumeric(described_class::MAXIMUM_LIMIT + 1) }
subject { application_setting.update_column(:default_preferred_language, too_long_text) }
describe "#up" do
it 'adds text limit to default_preferred_language' do
migrate!
expect { subject }.to raise_error ActiveRecord::StatementInvalid
end
end
describe "#down" do
it 'deletes text limit to default_preferred_language' do
migrate!
schema_migrate_down!
expect { subject }.not_to raise_error
end
end
end

5
spec/models/application_setting_spec.rb
View File

@ -1129,6 +1129,11 @@ RSpec.describe ApplicationSetting do
it { is_expected.to validate_presence_of(:error_tracking_api_url) }
end
end
context 'for default_preferred_language' do
it { is_expected.to allow_value(*Gitlab::I18n.available_locales).for(:default_preferred_language) }
it { is_expected.not_to allow_value(nil, '', 'invalid_locale').for(:default_preferred_language) }
end
end
context 'restrict creating duplicates' do

4
spec/models/user_spec.rb
View File

@ -3032,6 +3032,10 @@ RSpec.describe User do
it 'returns no matches for nil' do
expect(described_class.search(nil)).to be_empty
end
it 'returns no matches for an array' do
expect(described_class.search(%w[the test])).to be_empty
end
end
describe '.user_search_minimum_char_limit' do

4
spec/services/milestones/transfer_service_spec.rb
View File

@ -11,7 +11,7 @@ RSpec.describe Milestones::TransferService do
let(:new_group) { create(:group) }
let(:old_group) { create(:group) }
let(:project) { create(:project, namespace: old_group) }
let(:group_milestone) { create(:milestone, group: old_group) }
let(:group_milestone) { create(:milestone, :closed, group: old_group) }
let(:group_milestone2) { create(:milestone, group: old_group) }
let(:project_milestone) { create(:milestone, project: project) }
let!(:issue_with_group_milestone) { create(:issue, project: project, milestone: group_milestone) }
@ -38,6 +38,7 @@ RSpec.describe Milestones::TransferService do
expect(new_milestone).not_to eq(group_milestone)
expect(new_milestone.title).to eq(group_milestone.title)
expect(new_milestone.project_milestone?).to be_truthy
expect(new_milestone.state).to eq("closed")
end
context 'when milestone is from an ancestor group' do
@ -88,6 +89,7 @@ RSpec.describe Milestones::TransferService do
expect(new_milestone).not_to eq(group_milestone)
expect(new_milestone.title).to eq(group_milestone.title)
expect(new_milestone.project_milestone?).to be_truthy
expect(new_milestone.state).to eq("closed")
end
it 'does not apply new project milestone to issuables with project milestone' do

8
yarn.lock
View File

@ -1108,10 +1108,10 @@
stylelint-declaration-strict-value "1.8.0"
stylelint-scss "4.2.0"
"@gitlab/svgs@3.5.0":
version "3.5.0"
resolved "https://registry.yarnpkg.com/@gitlab/svgs/-/svgs-3.5.0.tgz#226240b7aa93db986f4c6f7738ca2a1846b5234d"
integrity sha512-/djPsJzUY7i/FaydRVt3ZyXiFf5HGNo1rg2mfLn1EpXvT4zc2ag5ECwnYcPb97KgqFCJX6Tk+Ndu8Wh3GoOW1g==
"@gitlab/svgs@3.6.0":
version "3.6.0"
resolved "https://registry.yarnpkg.com/@gitlab/svgs/-/svgs-3.6.0.tgz#3967cda46087ff2bc163ff339adf7ae6eaaa415f"
integrity sha512-UXTvFmPa1lK7+S+r2iWrN6CIvRpjCNIJFbcJiimEF1UJ8uR+JY3/fGIJXLjd53ZNXkqbffSXurxY35Zd4SeTkg==
"@gitlab/ui@49.2.1":
version "49.2.1"