root
/
gitlab-ce
mirror of https://gitlab.com/free-releases/gitlab-ce.git
1
0
Fork 0
Code Issues Actions Packages Projects Releases Wiki Activity

Add latest changes from gitlab-org/gitlab@master

This commit is contained in:
GitLab Bot 2025-02-19 21:09:49 +00:00
parent 09f6ce9fcd
commit e6b06e8bb9
56 changed files with 311 additions and 448 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
.gitlab/ci/qa-common/rules.gitlab-ci.yml
View File

@ -105,6 +105,15 @@ include:
variables:
QA_RSPEC_TAGS: "--tag ~smoke --tag ~orchestrated --tag ~skip_live_env"
.rules:test:dependency-update:
rules:
- if: '$DEPENDENCY_UPDATE == "true"'
.rules:test:dependency-update-never:
rules:
- if: '$DEPENDENCY_UPDATE == "true"'
when: never
# ------------------------------------------
# Report
# ------------------------------------------

3
.gitlab/ci/rules.gitlab-ci.yml
View File

@ -1809,7 +1809,8 @@
- <<: *if-merge-request
changes: *dependency-patterns
variables:
OMNIBUS_GITLAB_BUILD_ON_ALL_OS: 'true'
OMNIBUS_GITLAB_BUILD_ON_ALL_OS: "true"
DEPENDENCY_UPDATE: "true"
- <<: *if-merge-request
changes: *code-qa-patterns
when: manual

52
.gitlab/ci/test-on-omnibus/main.gitlab-ci.yml
View File

@ -6,6 +6,9 @@ include:
- local: .gitlab/ci/qa-common/variables.gitlab-ci.yml
- local: .gitlab/ci/qa-common/omnibus.gitlab-ci.yml
variables:
QA_PARALLEL_PROCESSES: 6
# ==========================================
# Prepare stage
# ==========================================
@ -28,7 +31,6 @@ check-release-set:
_quarantine:
extends:
- .qa
- .rules:test:manual-except-default-branch
stage: test
variables:
QA_RSPEC_TAGS: --tag quarantine
@ -39,11 +41,25 @@ _quarantine:
expire_in: 1 day
paths:
- gitlab-qa-run-*/**/test-metrics-*.json
rules:
- !reference [.rules:test:dependency-update-never, rules]
- !reference [.rules:test:manual-except-default-branch, rules]
# ------------------------------------------
# Test jobs
# ------------------------------------------
# Execute smallest test suite to validate omnibus package in dependency update merge request pipelines
health-check:
extends:
- .qa
variables:
QA_SCENARIO: Test::Instance::Image
QA_RUN_IN_PARALLEL: true
QA_RSPEC_TAGS: --tag health_check
rules:
- !reference [.rules:test:dependency-update, rules]
# ========== instance ===========
instance:
extends:
@ -52,8 +68,8 @@ instance:
variables:
QA_SCENARIO: Test::Instance::Image
QA_RUN_IN_PARALLEL: true
QA_PARALLEL_PROCESSES: 6
rules:
- !reference [.rules:test:dependency-update-never, rules]
- !reference [.rules:test:smoke-for-omnibus-mr, rules]
- if: $QA_SUITES =~ /Test::Instance::All/
@ -68,6 +84,7 @@ praefect:
QA_CAN_TEST_PRAEFECT: "true"
QA_GITALY_TRANSACTIONS_ENABLED: "false"
rules:
- !reference [.rules:test:dependency-update-never, rules]
- !reference [.rules:test:smoke-for-omnibus-mr, rules]
- if: $QA_SUITES =~ /Test::Instance::Create/
@ -84,8 +101,8 @@ gitaly-transactions:
QA_CAN_TEST_PRAEFECT: "true"
QA_GITALY_TRANSACTIONS_ENABLED: "true"
QA_RUN_IN_PARALLEL: true
QA_PARALLEL_PROCESSES: 6
rules:
- !reference [.rules:test:dependency-update-never, rules]
- if: $QA_SUITES =~ /Test::Instance::Create/
# ========== gitaly reftables backend ===========
@ -103,6 +120,7 @@ gitaly-reftables-backend:
QA_CAN_TEST_PRAEFECT: "true"
QA_FEATURE_FLAGS: "gitaly_new_repo_reftable_backend=enabled"
rules:
- !reference [.rules:test:dependency-update-never, rules]
- if: $QA_SUITES =~ /Test::Instance::Create/
# ========== git sha256 enabled ===========
@ -117,6 +135,7 @@ git-sha256-repositories:
QA_USE_SHA256_REPOSITORY_OBJECT_STORAGE: true
GITLAB_QA_OPTS: "--enable-feature support_sha256_repositories"
rules:
- !reference [.rules:test:dependency-update-never, rules]
- if: $QA_SUITES =~ /Test::Instance::All/
gitaly-cluster:
@ -124,6 +143,7 @@ gitaly-cluster:
variables:
QA_SCENARIO: Test::Integration::GitalyCluster
rules:
- !reference [.rules:test:dependency-update-never, rules]
- if: $QA_SUITES =~ /Test::Integration::GitalyCluster/
group-saml:
@ -143,6 +163,7 @@ oauth:
QA_RSPEC_TAGS: --tag oauth
GITLAB_QA_OPTS: --omnibus-config github_oauth
rules:
- !reference [.rules:test:dependency-update-never, rules]
- if: $QA_SUITES =~ /Test::Integration::OAuth/
instance-saml:
@ -150,6 +171,7 @@ instance-saml:
variables:
QA_SCENARIO: Test::Integration::InstanceSAML
rules:
- !reference [.rules:test:dependency-update-never, rules]
- if: $QA_SUITES =~ /Test::Integration::InstanceSAML/
jira:
@ -158,6 +180,7 @@ jira:
variables:
QA_SCENARIO: Test::Integration::Jira
rules:
- !reference [.rules:test:dependency-update-never, rules]
- if: $QA_SUITES =~ /Test::Integration::Jira/
integrations:
@ -165,6 +188,7 @@ integrations:
variables:
QA_SCENARIO: Test::Integration::Integrations
rules:
- !reference [.rules:test:dependency-update-never, rules]
- if: $QA_SUITES =~ /Test::Integration::Integrations/
ldap-no-server:
@ -172,6 +196,7 @@ ldap-no-server:
variables:
QA_SCENARIO: Test::Integration::LDAPNoServer
rules:
- !reference [.rules:test:dependency-update-never, rules]
- if: $QA_SUITES =~ /Test::Integration::LDAPNoServer/
ldap-tls:
@ -179,6 +204,7 @@ ldap-tls:
variables:
QA_SCENARIO: Test::Integration::LDAPTLS
rules:
- !reference [.rules:test:dependency-update-never, rules]
- if: $QA_SUITES =~ /Test::Integration::LDAPTLS/
ldap-no-tls:
@ -186,6 +212,7 @@ ldap-no-tls:
variables:
QA_SCENARIO: Test::Integration::LDAPNoTLS
rules:
- !reference [.rules:test:dependency-update-never, rules]
- if: $QA_SUITES =~ /Test::Integration::LDAPNoTLS/
mtls:
@ -193,6 +220,7 @@ mtls:
variables:
QA_SCENARIO: Test::Integration::MTLS
rules:
- !reference [.rules:test:dependency-update-never, rules]
- if: $QA_SUITES =~ /Test::Integration::Mtls/
mattermost:
@ -201,6 +229,7 @@ mattermost:
variables:
QA_SCENARIO: Test::Integration::Mattermost
rules:
- !reference [.rules:test:dependency-update-never, rules]
- if: $QA_SUITES =~ /Test::Integration::Mattermost/
registry:
@ -209,6 +238,7 @@ registry:
variables:
QA_SCENARIO: Test::Integration::Registry
rules:
- !reference [.rules:test:dependency-update-never, rules]
- if: $QA_SUITES =~ /Test::Integration::Registry/
repository-storage:
@ -217,6 +247,7 @@ repository-storage:
variables:
QA_SCENARIO: Test::Instance::RepositoryStorage
rules:
- !reference [.rules:test:dependency-update-never, rules]
- if: $QA_SUITES =~ /Test::Instance::RepositoryStorage/
service-ping-disabled:
@ -226,6 +257,7 @@ service-ping-disabled:
variables:
QA_SCENARIO: Test::Integration::ServicePingDisabled
rules:
- !reference [.rules:test:dependency-update-never, rules]
- if: $QA_SUITES =~ /Test::Integration::ServicePingDisabled/
smtp:
@ -234,6 +266,7 @@ smtp:
variables:
QA_SCENARIO: Test::Integration::SMTP
rules:
- !reference [.rules:test:dependency-update-never, rules]
- if: $QA_SUITES =~ /Test::Integration::SMTP/
cloud-activation:
@ -243,6 +276,7 @@ cloud-activation:
QA_SCENARIO: Test::Instance::Image
QA_RSPEC_TAGS: --tag cloud_activation
rules:
- !reference [.rules:test:dependency-update-never, rules]
- if: $QA_SUITES =~ /Test::Instance::CloudActivation/
metrics:
@ -250,6 +284,7 @@ metrics:
variables:
QA_SCENARIO: Test::Integration::Metrics
rules:
- !reference [.rules:test:dependency-update-never, rules]
- if: $QA_SUITES =~ /Test::Integration::Metrics/
elasticsearch:
@ -260,6 +295,7 @@ elasticsearch:
before_script:
- !reference [.qa, before_script]
rules:
- !reference [.rules:test:dependency-update-never, rules]
- !reference [.rules:test:ee-only, rules]
- if: $QA_SUITES =~ /Test::Integration::Elasticsearch/
@ -270,6 +306,7 @@ importers:
QA_SCENARIO: Test::Integration::Import
QA_MOCK_GITHUB: "true"
rules:
- !reference [.rules:test:dependency-update-never, rules]
- if: $QA_SUITES =~ /Test::Integration::Import/
import-with-smtp:
@ -279,6 +316,7 @@ import-with-smtp:
variables:
QA_SCENARIO: Test::Integration::ImportWithSMTP
rules:
- !reference [.rules:test:dependency-update-never, rules]
- if: $QA_SUITES =~ /Test::Integration::ImportWithSMTP/
# ========== ai-gateway ===========
@ -288,6 +326,7 @@ ai-gateway:
variables:
QA_SCENARIO: Test::Integration::AiGateway
rules:
- !reference [.rules:test:dependency-update-never, rules]
- if: $QA_SUITES =~ /Test::Integration::AiGateway/
ai-gateway-no-seat-assigned:
@ -296,6 +335,7 @@ ai-gateway-no-seat-assigned:
variables:
QA_SCENARIO: Test::Integration::AiGatewayNoSeatAssigned
rules:
- !reference [.rules:test:dependency-update-never, rules]
- if: $QA_SUITES =~ /Test::Integration::AiGatewayNoSeatAssigned/
ai-gateway-no-add-on:
@ -307,6 +347,7 @@ ai-gateway-no-add-on:
- export QA_EE_ACTIVATION_CODE=$QA_EE_ACTIVATION_CODE_NO_ADD_ON
- !reference [.qa, before_script]
rules:
- !reference [.rules:test:dependency-update-never, rules]
- if: $QA_SUITES =~ /Test::Integration::AiGatewayNoAddOn/
ai-gateway-no-license:
@ -318,6 +359,7 @@ ai-gateway-no-license:
- unset QA_EE_LICENSE
- !reference [.qa, before_script]
rules:
- !reference [.rules:test:dependency-update-never, rules]
- if: $QA_SUITES =~ /Test::Integration::AiGatewayNoLicense/
# ========== continuous-vulnerability-scanning ===========
@ -329,6 +371,7 @@ continuous-vulnerabiity-scanning:
QA_SCENARIO: Test::Integration::ContinuousVulnerabilityScanning
QA_MOCK_GITHUB: "true"
rules:
- !reference [.rules:test:dependency-update-never, rules]
- !reference [.rules:test:ee-only, rules]
- if: $QA_SUITES =~ /Test::Integration::ContinuousVulnerabilityScanning/
@ -343,6 +386,7 @@ update-minor:
UPDATE_TYPE: minor
QA_RSPEC_TAGS: --tag health_check
rules:
- !reference [.rules:test:dependency-update-never, rules]
- !reference [.rules:test:update, rules]
update-major:
@ -353,6 +397,7 @@ update-major:
UPDATE_TYPE: major
QA_RSPEC_TAGS: --tag health_check
rules:
- !reference [.rules:test:dependency-update-never, rules]
- !reference [.rules:test:update, rules]
update-ee-to-ce:
@ -364,6 +409,7 @@ update-ee-to-ce:
UPDATE_FROM_EDITION: ee
QA_RSPEC_TAGS: --tag health_check
rules:
- !reference [.rules:test:dependency-update-never, rules]
- !reference [.rules:test:ce-only, rules]
- !reference [.rules:test:update, rules]

4
app/controllers/projects_controller.rb
View File

@ -598,9 +598,9 @@ class ProjectsController < Projects::ApplicationController
def check_export_rate_limit!
prefixed_action = "project_#{params[:action]}".to_sym
group_scope = params[:action] == 'download_export' ? @project.namespace : nil
project_scope = params[:action] == 'download_export' ? @project : nil
check_rate_limit!(prefixed_action, scope: [current_user, group_scope].compact)
check_rate_limit!(prefixed_action, scope: [current_user, project_scope].compact)
end
def render_edit

11
app/mailers/emails/imports.rb
View File

@ -70,6 +70,17 @@ module Emails
)
end
def csv_placeholder_reassignment_failed(user_id, group_id)
user = User.find(user_id)
@group = Group.find(group_id)
@title = s_('BulkImport|Bulk reassignment failed')
email_with_layout(
to: user.notification_email_or_default,
subject: subject(@title)
)
end
def import_source_user_reassign(source_user_id)
@source_user = Import::SourceUser.find(source_user_id)
@reassign_to_user = @source_user.reassign_to_user

4
app/mailers/previews/notify_preview.rb
View File

@ -398,6 +398,10 @@ class NotifyPreview < ActionMailer::Preview
Notify.bulk_import_csv_user_mapping(user.id, group.id, 71249, 824)
end
def csv_placeholder_reassignment_failed
Notify.csv_placeholder_reassignment_failed(user.id, group.id)
end
def import_source_user_reassign
source_user = Import::SourceUser.last

16
app/views/notify/csv_placeholder_reassignment_failed.html.haml Normal file
View File

@ -0,0 +1,16 @@
- header_style = 'font-size:24px; text-align:center; line-height:30px;'
- text_style = 'font-size:16px; text-align:center; line-height:24px; margin-top: 24px;'
- button_style = 'border: 1px solid #694cc0; border-radius: 4px; font-size: 14px; padding: 8px 16px; background-color: #7b58cf; color: #fff; cursor: pointer;'
- strong_tag_pair = tag_pair(tag.strong(style: 'color: #7b58cf'), :strong_open, :strong_close)
%h1{ style: header_style }
= @title
%p{ style: text_style }
= safe_format(s_('BulkImport|Unable to process the CSV file for %{strong_open}%{group}%{strong_close} to reassign placeholders. Try to upload the file again.'), strong_tag_pair, group: @group.name)
%p{ style: text_style }
= link_to group_group_members_url(@group, tab: 'placeholders'), target: '_blank', rel: 'noopener noreferrer' do
%button{ type: 'button', style: button_style }
= s_('BulkImport|View placeholders')

5
app/views/notify/csv_placeholder_reassignment_failed.text.erb Normal file
View File

@ -0,0 +1,5 @@
<%= @title %>
<%= safe_format(s_('BulkImport|Unable to process the CSV file for %{strong_open}%{group}%{strong_close} to reassign placeholders. Try to upload the file again.'), strong_open: '', strong_close: '', group: @group.name) %>
<%= s_('BulkImport|View placeholders') %>: <%= group_group_members_url(@group, tab: 'placeholders') %>

24
app/workers/import/user_mapping/assignment_from_csv_worker.rb
View File

@ -10,13 +10,12 @@ module Import
feature_category :importers
sidekiq_retries_exhausted do |job|
upload = Upload.find_by_id(job['args'][2])
new.perform_failure(upload)
new.perform_failure(*job['args'])
end
def perform(current_user_id, group_id, upload_id)
current_user = UserFinder.new(current_user_id).find_by_id
group = Group.find_by_id(group_id)
@current_user = UserFinder.new(current_user_id).find_by_id
@group = Group.find_by_id(group_id)
upload = Upload.find_by_id(upload_id)
if upload.nil?
@ -36,27 +35,30 @@ module Import
clear_upload(upload)
else
log_failure(results.message)
perform_failure(upload)
perform_failure(current_user_id, group_id, upload_id)
end
end
def perform_failure(upload)
return unless upload
clear_upload(upload)
def perform_failure(current_user_id, group_id, upload_id)
@current_user = UserFinder.new(current_user_id).find_by_id
@group = Group.find_by_id(group_id)
send_failure_email
upload = Upload.find_by_id(upload_id)
clear_upload(upload) if upload
end
private
attr_reader :current_user, :group
def send_results_email(_results)
# Not implemented yet. To be resolved by:
# https://gitlab.com/gitlab-org/gitlab/-/issues/458841
end
def send_failure_email
# Not implemented yet. To be resolved by:
# https://gitlab.com/gitlab-org/gitlab/-/issues/458841
Notify.csv_placeholder_reassignment_failed(current_user.id, group.id).deliver_later
end
def clear_upload(upload)

12
config/application_setting_columns/elasticsearch_analyzers_kuromoji_enabled.yml
View File

@ -1,12 +0,0 @@
---
api_type:
attr: elasticsearch_analyzers_kuromoji_enabled
clusterwide: true
column: elasticsearch_analyzers_kuromoji_enabled
db_type: boolean
default: 'false'
description:
encrypted: false
gitlab_com_different_than_default: false
jihu: false
not_null: true

12
config/application_setting_columns/elasticsearch_analyzers_kuromoji_search.yml
View File

@ -1,12 +0,0 @@
---
api_type:
attr: elasticsearch_analyzers_kuromoji_search
clusterwide: true
column: elasticsearch_analyzers_kuromoji_search
db_type: boolean
default: 'false'
description:
encrypted: false
gitlab_com_different_than_default: false
jihu: false
not_null: true

12
config/application_setting_columns/elasticsearch_analyzers_smartcn_enabled.yml
View File

@ -1,12 +0,0 @@
---
api_type:
attr: elasticsearch_analyzers_smartcn_enabled
clusterwide: true
column: elasticsearch_analyzers_smartcn_enabled
db_type: boolean
default: 'false'
description:
encrypted: false
gitlab_com_different_than_default: false
jihu: false
not_null: true

12
config/application_setting_columns/elasticsearch_analyzers_smartcn_search.yml
View File

@ -1,12 +0,0 @@
---
api_type:
attr: elasticsearch_analyzers_smartcn_search
clusterwide: true
column: elasticsearch_analyzers_smartcn_search
db_type: boolean
default: 'false'
description:
encrypted: false
gitlab_com_different_than_default: false
jihu: false
not_null: true

12
config/application_setting_columns/elasticsearch_aws.yml
View File

@ -1,12 +0,0 @@
---
api_type: boolean
attr: elasticsearch_aws
clusterwide: false
column: elasticsearch_aws
db_type: boolean
default: 'false'
description: Enable the use of AWS hosted Elasticsearch. Premium and Ultimate only.
encrypted: false
gitlab_com_different_than_default: false
jihu: false
not_null: true

12
config/application_setting_columns/elasticsearch_aws_access_key.yml
View File

@ -1,12 +0,0 @@
---
api_type: string
attr: elasticsearch_aws_access_key
clusterwide: false
column: elasticsearch_aws_access_key
db_type: character
default:
description: AWS IAM access key. Premium and Ultimate only.
encrypted: false
gitlab_com_different_than_default: true
jihu: false
not_null: false

13
config/application_setting_columns/elasticsearch_aws_region.yml
View File

@ -1,13 +0,0 @@
---
api_type: string
attr: elasticsearch_aws_region
clusterwide: false
column: elasticsearch_aws_region
db_type: character
default: "'us-east-1'::character"
description: The AWS region the Elasticsearch domain is configured. Premium and Ultimate
only.
encrypted: false
gitlab_com_different_than_default: false
jihu: false
not_null: false

12
config/application_setting_columns/elasticsearch_client_request_timeout.yml
View File

@ -1,12 +0,0 @@
---
api_type:
attr: elasticsearch_client_request_timeout
clusterwide: false
column: elasticsearch_client_request_timeout
db_type: integer
default: '0'
description:
encrypted: false
gitlab_com_different_than_default: true
jihu: false
not_null: true

14
config/application_setting_columns/elasticsearch_indexed_field_length_limit.yml
View File

@ -1,14 +0,0 @@
---
api_type: integer
attr: elasticsearch_indexed_field_length_limit
clusterwide: false
column: elasticsearch_indexed_field_length_limit
db_type: integer
default: '0'
description: Maximum size of text fields to index by Elasticsearch. 0 value means
no limit. This does not apply to repository and wiki indexing. Premium and Ultimate
only.
encrypted: false
gitlab_com_different_than_default: true
jihu: false
not_null: true

13
config/application_setting_columns/elasticsearch_indexed_file_size_limit_kb.yml
View File

@ -1,13 +0,0 @@
---
api_type: integer
attr: elasticsearch_indexed_file_size_limit_kb
clusterwide: false
column: elasticsearch_indexed_file_size_limit_kb
db_type: integer
default: '1024'
description: Maximum size of repository and wiki files that are indexed by Elasticsearch.
Premium and Ultimate only.
encrypted: false
gitlab_com_different_than_default: false
jihu: false
not_null: true

12
config/application_setting_columns/elasticsearch_indexing.yml
View File

@ -1,12 +0,0 @@
---
api_type: boolean
attr: elasticsearch_indexing
clusterwide: false
column: elasticsearch_indexing
db_type: boolean
default: 'false'
description: Enable Elasticsearch indexing. Premium and Ultimate only.
encrypted: false
gitlab_com_different_than_default: true
jihu: false
not_null: true

13
config/application_setting_columns/elasticsearch_limit_indexing.yml
View File

@ -1,13 +0,0 @@
---
api_type: boolean
attr: elasticsearch_limit_indexing
clusterwide: false
column: elasticsearch_limit_indexing
db_type: boolean
default: 'false'
description: Limit Elasticsearch to index certain namespaces and projects. Premium
and Ultimate only.
encrypted: false
gitlab_com_different_than_default: true
jihu: false
not_null: true

13
config/application_setting_columns/elasticsearch_max_bulk_concurrency.yml
View File

@ -1,13 +0,0 @@
---
api_type: integer
attr: elasticsearch_max_bulk_concurrency
clusterwide: false
column: elasticsearch_max_bulk_concurrency
db_type: smallint
default: '10'
description: Maximum concurrency of Elasticsearch bulk requests per indexing operation.
This only applies to repository indexing operations. Premium and Ultimate only.
encrypted: false
gitlab_com_different_than_default: false
jihu: false
not_null: true

13
config/application_setting_columns/elasticsearch_max_bulk_size_mb.yml
View File

@ -1,13 +0,0 @@
---
api_type: integer
attr: elasticsearch_max_bulk_size_mb
clusterwide: false
column: elasticsearch_max_bulk_size_mb
db_type: smallint
default: '10'
description: Maximum size of Elasticsearch bulk indexing requests in MB. This only
applies to repository indexing operations. Premium and Ultimate only.
encrypted: false
gitlab_com_different_than_default: false
jihu: false
not_null: true

13
config/application_setting_columns/elasticsearch_max_code_indexing_concurrency.yml
View File

@ -1,13 +0,0 @@
---
api_type: integer
attr: elasticsearch_max_code_indexing_concurrency
clusterwide: false
column: elasticsearch_max_code_indexing_concurrency
db_type: integer
default: '30'
description: Maximum concurrency of Elasticsearch code indexing background jobs. This
only applies to repository indexing operations. Premium and Ultimate only.
encrypted: false
gitlab_com_different_than_default: true
jihu: false
not_null: true

12
config/application_setting_columns/elasticsearch_pause_indexing.yml
View File

@ -1,12 +0,0 @@
---
api_type:
attr: elasticsearch_pause_indexing
clusterwide: false
column: elasticsearch_pause_indexing
db_type: boolean
default: 'false'
description:
encrypted: false
gitlab_com_different_than_default: false
jihu: false
not_null: true

14
config/application_setting_columns/elasticsearch_requeue_workers.yml
View File

@ -1,14 +0,0 @@
---
api_type: boolean
attr: elasticsearch_requeue_workers
clusterwide: false
column: elasticsearch_requeue_workers
db_type: boolean
default: 'false'
description: Enable automatic requeuing of indexing workers. This improves non-code
indexing throughput by enqueuing Sidekiq jobs until all documents are processed.
Premium and Ultimate only.
encrypted: false
gitlab_com_different_than_default: true
jihu: false
not_null: true

13
config/application_setting_columns/elasticsearch_retry_on_failure.yml
View File

@ -1,13 +0,0 @@
---
api_type: integer
attr: elasticsearch_retry_on_failure
clusterwide: false
column: elasticsearch_retry_on_failure
db_type: integer
default: '0'
description: Maximum number of possible retries for Elasticsearch search requests.
Premium and Ultimate only.
encrypted: false
gitlab_com_different_than_default: true
jihu: false
not_null: true

12
config/application_setting_columns/elasticsearch_search.yml
View File

@ -1,12 +0,0 @@
---
api_type: boolean
attr: elasticsearch_search
clusterwide: false
column: elasticsearch_search
db_type: boolean
default: 'false'
description: Enable Elasticsearch search. Premium and Ultimate only.
encrypted: false
gitlab_com_different_than_default: true
jihu: false
not_null: true

12
config/application_setting_columns/elasticsearch_username.yml
View File

@ -1,12 +0,0 @@
---
api_type: string
attr: elasticsearch_username
clusterwide: false
column: elasticsearch_username
db_type: text
default:
description: The `username` of your Elasticsearch instance. Premium and Ultimate only.
encrypted: false
gitlab_com_different_than_default: true
jihu: false
not_null: false

13
config/application_setting_columns/elasticsearch_worker_number_of_shards.yml
View File

@ -1,13 +0,0 @@
---
api_type: integer
attr: elasticsearch_worker_number_of_shards
clusterwide: false
column: elasticsearch_worker_number_of_shards
db_type: integer
default: '2'
description: Number of indexing worker shards. This improves non-code indexing throughput
by enqueuing more parallel Sidekiq jobs. Default is `2`. Premium and Ultimate only.
encrypted: false
gitlab_com_different_than_default: true
jihu: false
not_null: true

2
db/fixtures/development/26_packages.rb
View File

@ -91,7 +91,7 @@ class Gitlab::Seeder::Packages
'file.md5': '12345',
recipe_revision: '0',
package_revision: '0',
conan_package_reference: '123456789',
conan_package_reference: Digest::SHA1.hexdigest('0'),
conan_file_type: :package_file
}
::Packages::Conan::CreatePackageFileService.new(pkg, file, file_params).execute

60
db/post_migrate/20250217121107_remove_elasticsearch_settings_from_application_settings.rb Normal file
View File

@ -0,0 +1,60 @@
# frozen_string_literal: true
class RemoveElasticsearchSettingsFromApplicationSettings < Gitlab::Database::Migration[2.2]
disable_ddl_transaction!
milestone '17.10'
def up
with_lock_retries do
remove_column :application_settings, :elasticsearch_aws
remove_column :application_settings, :elasticsearch_search
remove_column :application_settings, :elasticsearch_indexing
remove_column :application_settings, :elasticsearch_username
remove_column :application_settings, :elasticsearch_aws_region
remove_column :application_settings, :elasticsearch_aws_access_key
remove_column :application_settings, :elasticsearch_limit_indexing
remove_column :application_settings, :elasticsearch_pause_indexing
remove_column :application_settings, :elasticsearch_requeue_workers
remove_column :application_settings, :elasticsearch_max_bulk_size_mb
remove_column :application_settings, :elasticsearch_retry_on_failure
remove_column :application_settings, :elasticsearch_max_bulk_concurrency
remove_column :application_settings, :elasticsearch_client_request_timeout
remove_column :application_settings, :elasticsearch_worker_number_of_shards
remove_column :application_settings, :elasticsearch_analyzers_smartcn_search
remove_column :application_settings, :elasticsearch_analyzers_kuromoji_search
remove_column :application_settings, :elasticsearch_analyzers_smartcn_enabled
remove_column :application_settings, :elasticsearch_analyzers_kuromoji_enabled
remove_column :application_settings, :elasticsearch_indexed_field_length_limit
remove_column :application_settings, :elasticsearch_indexed_file_size_limit_kb
remove_column :application_settings, :elasticsearch_max_code_indexing_concurrency
end
end
def down
with_lock_retries do
add_column :application_settings, :elasticsearch_aws, :boolean, default: false, null: false
add_column :application_settings, :elasticsearch_search, :boolean, default: false, null: false
add_column :application_settings, :elasticsearch_indexing, :boolean, default: false, null: false
add_column :application_settings, :elasticsearch_username, :text
add_column :application_settings, :elasticsearch_aws_region, 'character varying', default: 'us-east-1'
add_column :application_settings, :elasticsearch_aws_access_key, 'character varying'
add_column :application_settings, :elasticsearch_limit_indexing, :boolean, default: false, null: false
add_column :application_settings, :elasticsearch_pause_indexing, :boolean, default: false, null: false
add_column :application_settings, :elasticsearch_requeue_workers, :boolean, default: false, null: false
add_column :application_settings, :elasticsearch_max_bulk_size_mb, :smallint, default: 10, null: false
add_column :application_settings, :elasticsearch_retry_on_failure, :integer, default: 0, null: false
add_column :application_settings, :elasticsearch_max_bulk_concurrency, :smallint, default: 10, null: false
add_column :application_settings, :elasticsearch_client_request_timeout, :integer, default: 0, null: false
add_column :application_settings, :elasticsearch_worker_number_of_shards, :integer, default: 2, null: false
add_column :application_settings, :elasticsearch_analyzers_smartcn_search, :boolean, default: false, null: false
add_column :application_settings, :elasticsearch_analyzers_kuromoji_search, :boolean, default: false, null: false
add_column :application_settings, :elasticsearch_analyzers_smartcn_enabled, :boolean, default: false, null: false
add_column :application_settings, :elasticsearch_analyzers_kuromoji_enabled, :boolean, default: false, null: false
add_column :application_settings, :elasticsearch_indexed_field_length_limit, :integer, default: 0, null: false
add_column :application_settings, :elasticsearch_indexed_file_size_limit_kb, :integer, default: 1024, null: false
add_column :application_settings, :elasticsearch_max_code_indexing_concurrency, :integer, default: 30, null: false
end
add_check_constraint(:application_settings, 'char_length(elasticsearch_username) <= 255', 'check_e5024c8801')
end
end

13
db/post_migrate/20250217152354_remove_workspace_max_hours_before_termination_column.rb Normal file
View File

@ -0,0 +1,13 @@
# frozen_string_literal: true
class RemoveWorkspaceMaxHoursBeforeTerminationColumn < Gitlab::Database::Migration[2.2]
milestone '17.10'
def up
remove_column :workspaces, :max_hours_before_termination
end
def down
add_column(:workspaces, :max_hours_before_termination, :smallint, null: false, default: 8760, if_not_exists: true)
end
end

31
db/post_migrate/20250217152746_remove_agent_config_max_hours_before_termination_columns.rb Normal file
View File

@ -0,0 +1,31 @@
# frozen_string_literal: true
class RemoveAgentConfigMaxHoursBeforeTerminationColumns < Gitlab::Database::Migration[2.2]
disable_ddl_transaction!
milestone '17.10'
TABLE_NAME = :workspaces_agent_configs
def constraint_1_name
check_constraint_name TABLE_NAME, :default_max_hours_before_termination, "max_size_1_year"
end
def constraint_2_name
check_constraint_name TABLE_NAME, :max_hours_before_termination_limit, "max_size_1_year"
end
def up
remove_column TABLE_NAME, :default_max_hours_before_termination
remove_column TABLE_NAME, :max_hours_before_termination_limit
end
def down
add_column(TABLE_NAME, :max_hours_before_termination_limit, :smallint, null: false, default: 120,
if_not_exists: true)
add_column(TABLE_NAME, :default_max_hours_before_termination, :smallint, null: false, default: 24,
if_not_exists: true)
add_check_constraint TABLE_NAME, "default_max_hours_before_termination <= 8760", constraint_1_name
add_check_constraint TABLE_NAME, "max_hours_before_termination_limit <= 8760", constraint_2_name
end
end

1
db/schema_migrations/20250217121107 Normal file
View File

@ -0,0 +1 @@
a87dfeeb1bffdf43d12fc05989d84e4dc5751351aeab5620a286a4c644ffa848

1
db/schema_migrations/20250217152354 Normal file
View File

@ -0,0 +1 @@
68ba0eaa7e4624643e64e135b80cfefb2d822e23e76dd147557300bd614e518b

1
db/schema_migrations/20250217152746 Normal file
View File

@ -0,0 +1 @@
23d0653f634098788ee9cce71728ebd6aa5c311fad9cbcc1beb6dc1a8e8405db

27
db/structure.sql
View File

@ -8322,27 +8322,6 @@ CREATE TABLE application_settings (
encrypted_ci_job_token_signing_key_iv bytea,
elasticsearch jsonb DEFAULT '{}'::jsonb NOT NULL,
oauth_provider jsonb DEFAULT '{}'::jsonb NOT NULL,
elasticsearch_aws boolean DEFAULT false NOT NULL,
elasticsearch_search boolean DEFAULT false NOT NULL,
elasticsearch_indexing boolean DEFAULT false NOT NULL,
elasticsearch_username text,
elasticsearch_aws_region character varying DEFAULT 'us-east-1'::character varying,
elasticsearch_aws_access_key character varying,
elasticsearch_limit_indexing boolean DEFAULT false NOT NULL,
elasticsearch_pause_indexing boolean DEFAULT false NOT NULL,
elasticsearch_requeue_workers boolean DEFAULT false NOT NULL,
elasticsearch_max_bulk_size_mb smallint DEFAULT 10 NOT NULL,
elasticsearch_retry_on_failure integer DEFAULT 0 NOT NULL,
elasticsearch_max_bulk_concurrency smallint DEFAULT 10 NOT NULL,
elasticsearch_client_request_timeout integer DEFAULT 0 NOT NULL,
elasticsearch_worker_number_of_shards integer DEFAULT 2 NOT NULL,
elasticsearch_analyzers_smartcn_search boolean DEFAULT false NOT NULL,
elasticsearch_analyzers_kuromoji_search boolean DEFAULT false NOT NULL,
elasticsearch_analyzers_smartcn_enabled boolean DEFAULT false NOT NULL,
elasticsearch_analyzers_kuromoji_enabled boolean DEFAULT false NOT NULL,
elasticsearch_indexed_field_length_limit integer DEFAULT 0 NOT NULL,
elasticsearch_indexed_file_size_limit_kb integer DEFAULT 1024 NOT NULL,
elasticsearch_max_code_indexing_concurrency integer DEFAULT 30 NOT NULL,
observability_settings jsonb DEFAULT '{}'::jsonb NOT NULL,
search jsonb DEFAULT '{}'::jsonb NOT NULL,
anti_abuse_settings jsonb DEFAULT '{}'::jsonb NOT NULL,
@ -8423,7 +8402,6 @@ CREATE TABLE application_settings (
CONSTRAINT check_d820146492 CHECK ((char_length(spam_check_endpoint_url) <= 255)),
CONSTRAINT check_e2692d7523 CHECK ((char_length(default_preferred_language) <= 32)),
CONSTRAINT check_e2dd6e290a CHECK ((char_length(jira_connect_application_key) <= 255)),
CONSTRAINT check_e5024c8801 CHECK ((char_length(elasticsearch_username) <= 255)),
CONSTRAINT check_e5aba18f02 CHECK ((char_length(container_registry_version) <= 255)),
CONSTRAINT check_ef6176834f CHECK ((char_length(encrypted_cloud_license_auth_token_iv) <= 255)),
CONSTRAINT check_identity_verification_settings_is_hash CHECK ((jsonb_typeof(identity_verification_settings) = 'object'::text))
@ -24193,7 +24171,6 @@ CREATE TABLE workspaces (
cluster_agent_id bigint NOT NULL,
desired_state_updated_at timestamp with time zone NOT NULL,
responded_to_agent_at timestamp with time zone,
max_hours_before_termination smallint DEFAULT 8760 NOT NULL,
name text NOT NULL,
namespace text NOT NULL,
desired_state text NOT NULL,
@ -24258,8 +24235,6 @@ CREATE TABLE workspaces_agent_configs (
workspaces_quota bigint DEFAULT '-1'::integer NOT NULL,
workspaces_per_user_quota bigint DEFAULT '-1'::integer NOT NULL,
project_id bigint NOT NULL,
default_max_hours_before_termination smallint DEFAULT 24 NOT NULL,
max_hours_before_termination_limit smallint DEFAULT 120 NOT NULL,
enabled boolean NOT NULL,
network_policy_enabled boolean DEFAULT true NOT NULL,
dns_zone text NOT NULL,
@ -24279,9 +24254,7 @@ CREATE TABLE workspaces_agent_configs (
CONSTRAINT check_58759a890a CHECK ((char_length(dns_zone) <= 256)),
CONSTRAINT check_6d7baef494 CHECK (((max_active_hours_before_stop + max_stopped_hours_before_termination) <= 8760)),
CONSTRAINT check_720388a28c CHECK ((char_length(default_runtime_class) <= 253)),
CONSTRAINT check_dca877fba1 CHECK ((default_max_hours_before_termination <= 8760)),
CONSTRAINT check_df26c047a9 CHECK ((max_active_hours_before_stop > 0)),
CONSTRAINT check_eab6e375ad CHECK ((max_hours_before_termination_limit <= 8760)),
CONSTRAINT check_ee2464835c CHECK ((char_length(gitlab_workspaces_proxy_namespace) <= 63))
);

27
doc/api/group_service_accounts.md
View File

@ -56,12 +56,14 @@ Example response:
{
"id": 57,
"username": "service_account_group_345_<random_hash>",
"name": "Service account user"
"name": "Service account user",
"email": "service_account_group_345_<random_hash>@noreply.gitlab.example.com"
},
{
"id": 58,
"username": "service_account_group_346_<random_hash>",
"name": "Service account user"
"name": "Service account user",
"email": "service_account_group_346_<random_hash>@noreply.gitlab.example.com"
}
]
```
@ -70,8 +72,9 @@ Example response:
{{< history >}}
- [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/407775) in GitLab 16.1.
- Specify a service account user username or name was [introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/144841) in GitLab 16.10.
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/407775) in GitLab 16.1.
> - Specify a service account user username or name was [introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/144841) in GitLab 16.10.
> - Specify a service account user email address was [introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/181456) in GitLab 17.9 [with a flag](../administration/feature_flags.md) named `group_service_account_custom_email`.
{{< /history >}}
@ -89,16 +92,17 @@ POST /groups/:id/service_accounts
Supported attributes:
| Attribute | Type | Required | Description |
|:-----------|:---------------|:---------|:------------------------------------------------------------------------------|
| `id` | integer/string | yes | ID or [URL-encoded path](rest/_index.md#namespaced-paths) of a top-level group. |
| `name` | string | no | User account name. If not specified, uses `Service account user`. |
| `username` | string | no | User account username. If not specified, generates a name prepended with `service_account_`. |
| Attribute | Type | Required | Description |
|:-----------|:---------------|:---------|:----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| `id` | integer/string | yes | ID or [URL-encoded path](rest/_index.md#namespaced-paths) of a top-level group. |
| `name` | string | no | User account name. If not specified, uses `Service account user`. |
| `username` | string | no | User account username. If not specified, generates a name prepended with `service_account_group_`. |
| `email` | string | no | User account email. If not specified, generates an email prepended with `service_account_group_`. Custom email addresses require confirmation before the account is active, unless the group has a matching [verified domain](../user/enterprise_user/_index.md#verified-domains-for-groups). |
Example request:
```shell
curl --request POST --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/groups/345/service_accounts"
curl --request POST --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/groups/345/service_accounts" --data "email=custom_email@example.com"
```
Example response:
@ -107,7 +111,8 @@ Example response:
{
"id": 57,
"username": "service_account_group_345_6018816a18e515214e0c34c2b33523fc",
"name": "Service account user"
"name": "Service account user",
"email": "custom_email@example.com"
}
```

6
doc/ci/environments/_index.md
View File

@ -484,6 +484,12 @@ stop_review:
when: manual
```
{{< alert type="note" >}}
When using this functionality together with merge trains, the `stop` job triggers only if [duplicate pipelines are avoided](../jobs/job_rules.md#avoid-duplicate-pipelines).
{{< /alert >}}
### Stop an environment after a certain time period
You can set an environment to stop automatically after a certain time period.

9
doc/ci/test_cases/_index.md
View File

@ -31,15 +31,6 @@ while integrating with your development workflows, see
[Streamline Software Development: Integrating Requirements, Testing, and Development Workflows](https://www.youtube.com/watch?v=wbfWM4y2VmM).
<!-- Video published on 2024-02-21 -->
{{< alert type="note" >}}
[Requirements](../../user/project/requirements/_index.md) and test cases are being
[migrated to work items](https://gitlab.com/groups/gitlab-org/-/epics/5171).
[Issue 323790](https://gitlab.com/gitlab-org/gitlab/-/issues/323790) proposes to link requirements to test cases.
For more information, see [Product Stage Direction - Plan](https://about.gitlab.com/direction/plan/).
{{< /alert >}}
## Create a test case
{{< history >}}

31
doc/development/cells/application_settings_analysis.md
View File

@ -14,12 +14,12 @@ title: Application Settings analysis
## Statistics
- Number of attributes: 513
- Number of attributes: 492
- Number of encrypted attributes: 41 (8.0%)
- Number of attributes documented: 313 (61.0%)
- Number of attributes on GitLab.com different from the defaults: 233 (45.0%)
- Number of attributes with `clusterwide` set: 513 (100.0%)
- Number of attributes with `clusterwide: true` set: 127 (25.0%)
- Number of attributes documented: 298 (61.0%)
- Number of attributes on GitLab.com different from the defaults: 222 (45.0%)
- Number of attributes with `clusterwide` set: 492 (100.0%)
- Number of attributes with `clusterwide: true` set: 123 (25.0%)
## Individual columns
@ -156,30 +156,9 @@ title: Application Settings analysis
| `eks_integration_enabled` | `false` | `boolean` | `boolean` | `true` | `false` | `true` | `true`| `true` |
| `eks_secret_access_key` | `true` | `text` | `string` | `false` | `null` | `true` | `true`| `true` |
| `elasticsearch` | `false` | `jsonb` | `` | `true` | `'{}'::jsonb` | `true` | `false`| `false` |
| `elasticsearch_analyzers_kuromoji_enabled` | `false` | `boolean` | `` | `true` | `false` | `false` | `true`| `false` |
| `elasticsearch_analyzers_kuromoji_search` | `false` | `boolean` | `` | `true` | `false` | `false` | `true`| `false` |
| `elasticsearch_analyzers_smartcn_enabled` | `false` | `boolean` | `` | `true` | `false` | `false` | `true`| `false` |
| `elasticsearch_analyzers_smartcn_search` | `false` | `boolean` | `` | `true` | `false` | `false` | `true`| `false` |
| `elasticsearch_aws` | `false` | `boolean` | `boolean` | `true` | `false` | `false` | `false`| `true` |
| `elasticsearch_aws_access_key` | `false` | `character` | `string` | `false` | `null` | `true` | `false`| `true` |
| `elasticsearch_aws_region` | `false` | `character` | `string` | `false` | `'us-east-1'::character` | `false` | `false`| `true` |
| `elasticsearch_aws_secret_access_key` | `true` | `text` | `string` | `false` | `null` | `true` | `false`| `true` |
| `elasticsearch_client_request_timeout` | `false` | `integer` | `` | `true` | `0` | `true` | `false`| `false` |
| `elasticsearch_indexed_field_length_limit` | `false` | `integer` | `integer` | `true` | `0` | `true` | `false`| `true` |
| `elasticsearch_indexed_file_size_limit_kb` | `false` | `integer` | `integer` | `true` | `1024` | `false` | `false`| `true` |
| `elasticsearch_indexing` | `false` | `boolean` | `boolean` | `true` | `false` | `true` | `false`| `true` |
| `elasticsearch_limit_indexing` | `false` | `boolean` | `boolean` | `true` | `false` | `true` | `false`| `true` |
| `elasticsearch_max_bulk_concurrency` | `false` | `smallint` | `integer` | `true` | `10` | `false` | `false`| `true` |
| `elasticsearch_max_bulk_size_mb` | `false` | `smallint` | `integer` | `true` | `10` | `false` | `false`| `true` |
| `elasticsearch_max_code_indexing_concurrency` | `false` | `integer` | `integer` | `true` | `30` | `true` | `false`| `true` |
| `elasticsearch_password` | `true` | `bytea` | `string` | `false` | `null` | `true` | `false`| `true` |
| `elasticsearch_pause_indexing` | `false` | `boolean` | `` | `true` | `false` | `false` | `false`| `false` |
| `elasticsearch_requeue_workers` | `false` | `boolean` | `boolean` | `true` | `false` | `true` | `false`| `true` |
| `elasticsearch_retry_on_failure` | `false` | `integer` | `integer` | `true` | `0` | `true` | `false`| `true` |
| `elasticsearch_search` | `false` | `boolean` | `boolean` | `true` | `false` | `true` | `false`| `true` |
| `elasticsearch_url` | `false` | `character` | `string` | `false` | `'http://localhost:9200'::character` | `true` | `false`| `true` |
| `elasticsearch_username` | `false` | `text` | `string` | `false` | `null` | `true` | `false`| `true` |
| `elasticsearch_worker_number_of_shards` | `false` | `integer` | `integer` | `true` | `2` | `true` | `false`| `true` |
| `email_additional_text` | `false` | `character` | `string` | `false` | `null` | `true` | `true`| `true` |
| `email_author_in_body` | `false` | `boolean` | `boolean` | `false` | `false` | `false` | `true`| `true` |
| `email_confirmation_setting` | `false` | `smallint` | `string` | `false` | `0` | `true` | `true`| `true` |

11
doc/development/testing_guide/review_apps.md
View File

@ -9,16 +9,7 @@ Review apps are deployed using the `start-review-app-pipeline` job which trigger
![start-review-app-pipeline job](img/review-app-parent-pipeline_v14_4.png)
For any of the following scenarios, the `start-review-app-pipeline` job would be automatically started (only when the merge request is approved):
- for merge requests with CI configuration changes
- for merge requests with frontend changes
- for merge requests with changes to `{,ee/,jh/}{app/controllers}/**/*`
- for merge requests with changes to `{,ee/,jh/}{app/models}/**/*`
- for merge requests with changes to `{,ee/,jh/}lib/{,ee/,jh/}gitlab/**/*`
- for merge requests with QA changes
- for scheduled pipelines
- the MR has the `pipeline:run-review-app` label set
To start a review-app, add the `pipeline:run-review-app` label on your merge request, and trigger a new CI/CD pipeline.
## Bypass failed review app deployment to merge a broken `master` fix

11
doc/editor_extensions/eclipse/troubleshooting.md
View File

@ -25,7 +25,11 @@ If no issues match your problem, [create a new issue](https://gitlab.com/gitlab-
1. In the menu bar of your IDE, select **Window**.
1. Expand **Show View**, then select **Error Log**.
1. Search for errors referencing the `gitlab-eclipse-plugin` or `gitlab-language-server` plugins.
1. Search for errors referencing the `gitlab-eclipse-plugin` plugins.
## Locate the Workspace Log file
The Workspace log file, named `.log` is located in the directory `<your-eclipse-workspace>/.metadata`.
## Enable GitLab Language Server debug logs
@ -36,6 +40,11 @@ To enable GitLab Language Server debug logs:
1. In **Language Server Log Level**, enter `debug`.
1. Select **Apply and Close**.
The debug logs are available in the `language_server.log` file. To view this file, either:
- Go to the directory `/Users/<user>/eclipse/<eclipse-version>/Eclipse.app/Contents/MacOS/.gitlab_plugin`, replacing `<user>` and `<eclipse-version>` with the appropriate values.
- Open the [Error logs](#review-the-error-log). Search for the log `Language server logs saved to: <file>.` where `<file>` is the absolute path to the `language_server.log` file.
## Certificate errors
WARNING:

4
doc/user/clusters/agent/managed_kubernetes_resources.md
View File

@ -107,8 +107,8 @@ objects:
- apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: bind-{{ .agent.id }}-{{ .project.id }}-{{ .environment.slug }}
namespace: {{ .project.slug }}-{{ .project.id }}-{{ .environment.slug }}
name: bind-{{ .environment.slug }}-{{ .project.id }}-{{ .agent.id }}
namespace: '{{ .environment.slug }}-{{ .project.id }}-{{ .agent.id }}'
subjects:
- kind: Group
apiGroup: rbac.authorization.k8s.io

21
doc/user/project/merge_requests/conflicts.md
View File

@ -111,14 +111,16 @@ The merge conflict resolution editor helps you resolve these conflicts in GitLab
If your merge request is stuck with a `Checking ability to merge automatically`
message, you can:
- Use the `/rebase` [quick action](../quick_actions.md#issues-merge-requests-and-epics) in the GitLab UI.
- In a comment in the merge request, run the `/rebase` [quick action](../quick_actions.md#issues-merge-requests-and-epics).
- In the merge widget, select **Rebase source branch**.
- [Rebase with Git](../../../topics/git/git_rebase.md#rebase).
To troubleshoot CI/CD pipeline issues, see [Debugging CI/CD pipelines](../../../ci/debugging.md).
### Rebase with a quick action
### Rebase in the GitLab UI
You can rebase a merge request from the GitLab UI with the `/rebase` [quick action](../quick_actions.md).
To trigger a rebase from the GitLab UI, use the `/rebase` [quick action](../quick_actions.md), or the
rebase option in the merge request widget.
Prerequisites:
@ -127,13 +129,16 @@ Prerequisites:
- If the merge request is in a fork, the fork must allow commits
[from members of the upstream project](allow_collaboration.md).
To rebase with the quick action:
To rebase a merge request's branch from the GitLab UI:
1. Go to your merge request.
1. Type `/rebase` in a comment.
1. Select **Comment**.
1. On the left sidebar, select **Search or go to** and find your project.
1. Select **Code > Merge requests** and find the merge request.
1. Either:
- On the **Overview** tab, scroll to the merge request widget and select **Rebase source branch**.
- In a comment, enter `/rebase` and select **Comment**.
GitLab schedules and executes a rebase of the branch against the default branch.
GitLab schedules, then runs, a rebase of the branch against the default branch.
GitLab shows the completed rebase as a system note.
## Related topics

2
doc/user/project/merge_requests/methods/_index.md
View File

@ -205,7 +205,7 @@ In these merge methods, you can merge only when your source branch is up-to-date
If a fast-forward merge is not possible but a conflict-free rebase is possible,
GitLab provides:
- The [`/rebase` quick action](../conflicts.md#rebase-with-a-quick-action).
- The [`/rebase` quick action](../conflicts.md#rebase).
- The option to select **Rebase** in the user interface.
You must rebase the source branch locally before a fast-forward merge if both

12
doc/user/project/requirements/_index.md
View File

@ -22,21 +22,13 @@ If an industry standard *requires* that your application has a certain feature o
[create a requirement](#create-a-requirement) to reflect this.
When a feature is no longer necessary, you can [archive the related requirement](#archive-a-requirement).
{{< alert type="note" >}}
Requirements and [test cases](../../../ci/test_cases/_index.md) are being
[migrated to work items](https://gitlab.com/groups/gitlab-org/-/epics/5171).
[Issue 323790](https://gitlab.com/gitlab-org/gitlab/-/issues/323790) proposes to link requirements to test cases.
For more information, see [Product Stage Direction - Plan](https://about.gitlab.com/direction/plan/).
{{< /alert >}}
<i class="fa fa-youtube-play youtube" aria-hidden="true"></i>
For an overview, see [Requirements Management](https://www.youtube.com/watch?v=uSS7oUNSEoU).
<!-- Video published on 2020-04-09 -->
<i class="fa fa-youtube-play youtube" aria-hidden="true"></i>
For a more in-depth walkthrough see [GitLab Requirements Traceability Walkthrough](https://youtu.be/VIiuTQYFVa0) (Feb 2021).
For a more in-depth walkthrough see [GitLab Requirements Traceability Walkthrough](https://youtu.be/VIiuTQYFVa0).
<!-- Video published on 2020-02-12 -->
![requirements list view](img/requirements_list_v13_5.png)

2
doc/user/project/settings/import_export.md
View File

@ -320,7 +320,7 @@ To help avoid abuse, by default, users are rate limited to:
| Request type | Limit |
|:----------------|:--------------------------------|
| Export | 6 projects per minute |
| Download export | 1 download per group per minute |
| Download export | 1 download per project per minute |
| Import | 6 projects per minute |
## Migrate groups by uploading an export file (deprecated)

2
lib/api/project_export.rb
View File

@ -44,7 +44,7 @@ module API
produces %w[application/octet-stream application/json]
end
get ':id/export/download' do
check_rate_limit! :project_download_export, scope: [current_user, user_project.namespace]
check_rate_limit! :project_download_export, scope: [current_user, user_project]
if user_project.export_file_exists?(current_user)
if user_project.export_archive_exists?(current_user)

9
locale/gitlab.pot
View File

@ -10783,6 +10783,9 @@ msgstr ""
msgid "BulkImport|Because of settings on the source GitLab instance or group, you can't import projects with this group. To permit importing projects with this group, reconfigure the source GitLab instance or group. %{linkStart}Learn more.%{linkEnd}"
msgstr ""
msgid "BulkImport|Bulk reassignment failed"
msgstr ""
msgid "BulkImport|Check that the source instance base URL and the personal access token meet the necessary requirements."
msgstr ""
@ -10951,6 +10954,9 @@ msgstr ""
msgid "BulkImport|This %{importable} was imported from another instance."
msgstr ""
msgid "BulkImport|Unable to process the CSV file for %{strong_open}%{group}%{strong_close} to reassign placeholders. Try to upload the file again."
msgstr ""
msgid "BulkImport|Unsupported GitLab version. Minimum supported version is '%{version}'."
msgstr ""
@ -10963,6 +10969,9 @@ msgstr ""
msgid "BulkImport|View import results"
msgstr ""
msgid "BulkImport|View placeholders"
msgstr ""
msgid "BulkImport|Your imported groups and projects will appear here."
msgstr ""

2
qa/qa/scenario/test/instance/health_check.rb
View File

@ -7,7 +7,7 @@ module QA
class HealthCheck < All
tags :health_check
pipeline_mappings test_on_cng: ["cng-qa-min-redis-version"]
pipeline_mappings test_on_cng: ["cng-qa-min-redis-version"], test_on_omnibus: ["health-check"]
end
end
end

2
scripts/migration_schema_validator.rb
View File

@ -106,7 +106,7 @@ class MigrationSchemaValidator
next unless File.exist?(model_file_path)
model_content = File.read(model_file_path)
next if model_content.match?(/\s(ignore_column|ignore_columns)\s(:|%i\[)\s*#{column}/)
next if model_content.match?(/\s(ignore_column|ignore_columns)\s(:|%i\[).*?#{column}\b/m)
@models_missing_ignore[model_name.to_s] << column
end

33
spec/controllers/projects_controller_spec.rb
View File

@ -1702,7 +1702,7 @@ RSpec.describe ProjectsController, feature_category: :groups_and_projects do
end
it 'prevents requesting project export' do
post action, params: { namespace_id: project.namespace, id: project }
get action, params: { namespace_id: project.namespace, id: project }
expect(response.body).to eq('This endpoint has been requested too many times. Try again later.')
expect(response).to have_gitlab_http_status(:too_many_requests)
@ -1710,39 +1710,12 @@ RSpec.describe ProjectsController, feature_category: :groups_and_projects do
end
context 'applies correct scope when throttling', :clean_gitlab_redis_rate_limiting do
before do
stub_application_setting(project_download_export_limit: 1)
travel_to Date.current.beginning_of_day
end
after do
travel_back
end
it 'applies throttle per namespace' do
it 'applies throttle per project' do
expect(Gitlab::ApplicationRateLimiter)
.to receive(:throttled?)
.with(:project_download_export, scope: [user, project.namespace])
post action, params: { namespace_id: project.namespace, id: project }
end
it 'throttles downloads within same namespaces' do
# simulate prior request to the same namespace, which increments the rate limit counter for that scope
Gitlab::ApplicationRateLimiter.throttled?(:project_download_export, scope: [user, project.namespace])
.with(:project_download_export, scope: [user, project])
get action, params: { namespace_id: project.namespace, id: project }
expect(response).to have_gitlab_http_status(:too_many_requests)
end
it 'allows downloads from different namespaces' do
# simulate prior request to a different namespace, which increments the rate limit counter for that scope
Gitlab::ApplicationRateLimiter.throttled?(:project_download_export,
scope: [user, create(:project, :with_export).namespace])
get action, params: { namespace_id: project.namespace, id: project }
expect(response).to have_gitlab_http_status(:ok)
end
end
end

26
spec/requests/api/project_export_spec.rb
View File

@ -267,35 +267,15 @@ RSpec.describe API::ProjectExport, :aggregate_failures, :clean_gitlab_redis_cach
end
it 'prevents requesting project export' do
expect(Gitlab::ApplicationRateLimiter).to receive(:throttled?)
.with(:project_download_export, scope: [user, project]).and_call_original
request
expect(response).to have_gitlab_http_status(:too_many_requests)
expect(json_response['message']['error']).to eq('This endpoint has been requested too many times. Try again later.')
end
end
context 'applies correct scope when throttling' do
before do
stub_application_setting(project_download_export_limit: 1)
end
it 'throttles downloads within same namespaces', quarantine: 'https://gitlab.com/gitlab-org/gitlab/-/issues/413230' do
# simulate prior request to the same namespace, which increments the rate limit counter for that scope
Gitlab::ApplicationRateLimiter.throttled?(:project_download_export, scope: [user, project_finished.namespace])
get api(download_path_finished, user, admin_mode: true)
expect(response).to have_gitlab_http_status(:too_many_requests)
end
it 'allows downloads from different namespaces' do
# simulate prior request to a different namespace, which increments the rate limit counter for that scope
Gitlab::ApplicationRateLimiter.throttled?(:project_download_export,
scope: [user, create(:project, :with_export, export_user: user).namespace])
get api(download_path_finished, user, admin_mode: true)
expect(response).to have_gitlab_http_status(:ok)
end
end
end
context 'when user is a maintainer' do

21
spec/workers/import/user_mapping/assignment_from_csv_worker_spec.rb
View File

@ -80,18 +80,27 @@ RSpec.describe Import::UserMapping::AssignmentFromCsvWorker, feature_category: :
.with(message: 'something went wrong')
end
it 'sends an email summary' # https://gitlab.com/gitlab-org/gitlab/-/issues/458841
it 'sends an email to notify the user of the failure' do
expect(Notify).to receive(:csv_placeholder_reassignment_failed).with(current_user.id, group.id).and_call_original
perform
end
end
context 'when retries are exhausted' do
it 'clears the upload' do
job = { 'args' => [nil, nil, upload.id], 'jid' => '123' }
job = { 'args' => job_args, 'jid' => '123' }
expect { described_class.sidekiq_retries_exhausted_block.call(job) }
.to change { Upload.exists?(upload.id) }.from(true).to(false)
end
it 'sends an email summary' # https://gitlab.com/gitlab-org/gitlab/-/issues/458841
it 'sends an email to notify the user of the failure' do
expect(Notify).to receive(:csv_placeholder_reassignment_failed).with(current_user.id, group.id).and_call_original
job = { 'args' => job_args, 'jid' => '123' }
described_class.sidekiq_retries_exhausted_block.call(job)
end
end
context 'when the upload is missing' do
@ -108,6 +117,10 @@ RSpec.describe Import::UserMapping::AssignmentFromCsvWorker, feature_category: :
.with(message: "No reassignment CSV upload found for <Group id=#{group.id}>")
end
it 'sends an email summary' # https://gitlab.com/gitlab-org/gitlab/-/issues/458841
it 'sends an email to notify the user of the failure' do
expect(Notify).to receive(:csv_placeholder_reassignment_failed).with(current_user.id, group.id).and_call_original
perform
end
end
end