root
/
gitlab-ce
mirror of https://gitlab.com/free-releases/gitlab-ce.git
1
0
Fork 0
Code Issues Actions Packages Projects Releases Wiki Activity

Add latest changes from gitlab-org/gitlab@master

This commit is contained in:
GitLab Bot 2022-12-05 03:08:47 +00:00
parent f50a7f8d97
commit f0208efd0b
64 changed files with 246 additions and 140 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
.rubocop_todo/style/keyword_parameters_order.yml
View File

@ -46,30 +46,3 @@ Style/KeywordParametersOrder:
- 'lib/gitlab/merge_requests/mergeability/results_store.rb'
- 'lib/gitlab/usage_data_counters/editor_unique_counter.rb'
- 'lib/microsoft_teams/notifier.rb'
- 'qa/qa/specs/features/ee/browser_ui/3_create/repository/file_locking_spec.rb'
- 'qa/qa/specs/features/ee/browser_ui/3_create/repository/push_rules_spec.rb'
- 'qa/spec/runtime/env_spec.rb'
- 'spec/graphql/types/ci/pipeline_counts_type_spec.rb'
- 'spec/lib/gitlab/background_migration/populate_vulnerability_reads_spec.rb'
- 'spec/lib/gitlab/background_migration/recalculate_vulnerabilities_occurrences_uuid_spec.rb'
- 'spec/lib/gitlab/background_migration/remove_duplicate_vulnerabilities_findings_spec.rb'
- 'spec/lib/gitlab/background_migration/remove_occurrence_pipelines_and_duplicate_vulnerabilities_findings_spec.rb'
- 'spec/lib/gitlab/database/partitioning/detached_partition_dropper_spec.rb'
- 'spec/migrations/20211018152654_schedule_remove_duplicate_vulnerabilities_findings3_spec.rb'
- 'spec/migrations/20211116111644_schedule_remove_occurrence_pipelines_and_duplicate_vulnerabilities_findings_spec.rb'
- 'spec/migrations/20220106111958_add_insert_or_update_vulnerability_reads_trigger_spec.rb'
- 'spec/migrations/20220106112043_add_update_vulnerability_reads_trigger_spec.rb'
- 'spec/migrations/20220106112085_add_update_vulnerability_reads_location_trigger_spec.rb'
- 'spec/migrations/20220106163326_add_has_issues_on_vulnerability_reads_trigger_spec.rb'
- 'spec/migrations/20220107064845_populate_vulnerability_reads_spec.rb'
- 'spec/migrations/confirm_support_bot_user_spec.rb'
- 'spec/services/service_ping/submit_service_ping_service_spec.rb'
- 'spec/support/helpers/doc_url_helper.rb'
- 'spec/support/helpers/smime_helper.rb'
- 'spec/support/helpers/workhorse_helpers.rb'
- 'spec/support/shared_examples/projects/container_repository/cleanup_tags_service_shared_examples.rb'
- 'spec/support/shared_examples/services/container_expiration_policy_shared_examples.rb'
- 'spec/support/shared_examples/services/dependency_proxy_ttl_policies_shared_examples.rb'
- 'spec/support/shared_examples/services/namespace_package_settings_shared_examples.rb'
- 'spec/tasks/gitlab/usage_data_rake_spec.rb'
- 'spec/workers/container_expiration_policies/cleanup_container_repository_worker_spec.rb'

2
config/open_api.yml
View File

@ -27,6 +27,8 @@ metadata:
description: Operations related to the GitLab agent for Kubernetes
- name: clusters
description: Operations related to clusters
- name: conan_packages
description: Operations related to Conan packages
- name: container_registry
description: Operations related to container registry
- name: container_registry_event

2
doc/administration/gitaly/troubleshooting.md
View File

@ -630,7 +630,7 @@ Is [some cases](index.md#known-issues) the Praefect database can get out of sync
a given repository is fully synced on all nodes, run the [`gitlab:praefect:replicas` Rake task](../raketasks/praefect.md#replica-checksums)
that checksums the repository on all Gitaly nodes.
The [Praefect dataloss](recovery.md#check-for-data-loss) command only checks the state of the repository in the Praefect database, and cannot
The [Praefect `dataloss`](recovery.md#check-for-data-loss) command only checks the state of the repository in the Praefect database, and cannot
be relied to detect sync problems in this scenario.
### Relation does not exist errors

10
doc/architecture/blueprints/pods/pods-feature-ci-runners.md
View File

@ -105,8 +105,8 @@ We can pick a design where all runners are always registered and local to a give
database to rather prefer to use JWT tokens that would encode
- The Admin Area showing registered Runners would have to be scoped to a Pod
This model might be desired since it provides strong isolation guarnatees.
This model does significantly increase maintanance overhead since each Pod is managed
This model might be desired since it provides strong isolation guarantees.
This model does significantly increase maintenance overhead since each Pod is managed
separately.
This model may require adjustments to runner tags feature so that projects have consistent runner experience across pods.
@ -123,7 +123,7 @@ However, this requires significant overhaul of system and to change the followin
- build queuing would have to be reworked to be two phase where each Pod would know of all pending
and running builds, but the actual claim of a build would happen against a Pod containing data
- likely `ci_pending_builds` and `ci_running_builds` would have to be made `cluster-wide` tables
increasing likelity of creating hotspots in a system related to CI queueing
increasing likelihood of creating hotspots in a system related to CI queueing
This model makes it complex to implement from engineering side. Does make some data being shared
between Pods. Creates hotspots / scalability issues in a system (ex. during abuse) that
@ -132,14 +132,14 @@ might impact experience of organizations on other Pods.
### 3.5. GitLab CI Daemon
Another potential solution to explore is to have a dedicated service responsible for builds queueing
owning it's database and working in a model of either shareded or podded service. There were prior
owning it's database and working in a model of either sharded or podded service. There were prior
discussions about [CI/CD Daemon](https://gitlab.com/gitlab-org/gitlab/-/issues/19435).
If the service would be sharded:
- depending on a model if runners are cluster-wide or pod-local this service would have to fetch
data from all Pods
- if the sharded service would be used we could adapt a model of either sharing database containig
- if the sharded service would be used we could adapt a model of either sharing database containing
`ci_pending_builds/ci_running_builds` with the service
- if the sharded service would be used we could consider a push model where each Pod pushes to CI/CD Daemon
builds that should be picked by Runner

4
doc/architecture/blueprints/pods/pods-feature-container-registry.md
View File

@ -50,7 +50,7 @@ via `https://registry.gitlab.com`.
The main identifiable problems are:
- the authentication reqest (`https://gitlab.com/jwt/auth`) that is processed by GitLab.com
- the authentication request (`https://gitlab.com/jwt/auth`) that is processed by GitLab.com
- the `https://registry.gitlab.com` that is run by external service and uses it's own data store
- the data deduplication, the Pods architecture with registry run in a Pod would reduce
efficiency of data storage
@ -100,7 +100,7 @@ curl \
Due to it's architecture it extensive architecture and in general highly scalable
horizontal architecture it should be evaluated if the GitLab Container Registry
should be run not in Pod, but in a Cluster and be scaled indepdently.
should be run not in Pod, but in a Cluster and be scaled independently.
This might be easier, but would definitely not offer the same amount of data isolation.

4
doc/architecture/blueprints/pods/pods-feature-data-migration.md
View File

@ -29,7 +29,7 @@ into smaller ones. This describes various approaches to provide this type of spl
We also need to handle for cases where data is already violating the expected
isolation constraints of Pods (ie. references cannot span multiple
organizations). We know that existing features like linked issues allowed users
to link issues across any projects regardless of their hierachy. There are many
to link issues across any projects regardless of their hierarchy. There are many
similar features. All of this data will need to be migrated in some way before
it can be split across different pods. This may mean some data needs to be
deleted, or the feature changed and modelled slightly differently before we can
@ -66,7 +66,7 @@ physical replication, etc.
1. The data of Pod 0 is live replicated to as many Pods it needs to be split.
1. Once consensus is achieved between Pod 0 and N-Pods the organizations to be migrated away
are marked as read-only cluster-wide.
1. The `routes` is updated on for all organizations to be split to indicate an authorative
1. The `routes` is updated on for all organizations to be split to indicate an authoritative
Pod holding the most recent data, like `gitlab-org` on `pod-100`.
1. The data for `gitlab-org` on Pod 0, and on other non-authoritative N-Pods are dormant
and will be removed in the future.

4
doc/architecture/blueprints/pods/pods-feature-git-access.md
View File

@ -15,7 +15,7 @@ we can document the reasons for not choosing this approach.
# Pods: Git Access
This document describes impact of Pods architecture on all Git access (over HTTPS and SSH)
patterns providing explanantion of how potentially those features should be changed
patterns providing explanation of how potentially those features should be changed
to work well with Pods.
## 1. Definition
@ -130,7 +130,7 @@ sequenceDiagram
## 3. Proposal
The Pods stateless router proposal requires that any ambigious path (that is not routable)
The Pods stateless router proposal requires that any ambiguous path (that is not routable)
will be made to be routable. It means that at least the following paths will have to be updated
do introduce a routable entity (project, group, or organization).

2
doc/architecture/blueprints/pods/pods-feature-graphql.md
View File

@ -23,7 +23,7 @@ we can document the reasons for not choosing this approach.
# Pods: GraphQL
GitLab exensively uses GraphQL to perform efficient data query operations.
GitLab extensively uses GraphQL to perform efficient data query operations.
GraphQL due to it's nature is not directly routable. The way how GitLab uses
it calls the `/api/graphql` endpoint, and only query or mutation of body request
might define where the data can be accessed.

2
doc/architecture/blueprints/pods/pods-feature-router-endpoints-classification.md
View File

@ -29,7 +29,7 @@ hitting load balancer of a GitLab installation to a Pod that can serve it.
Each Pod should be able to decode each request and classify for which Pod
it belongs to.
GitLab currently implements houndreds of endpoints. This document tries
GitLab currently implements hundreds of endpoints. This document tries
to describe various techniques that can be implemented to allow the Rails
to provide this information efficiently.

4
doc/architecture/blueprints/rate_limiting/index.md
View File

@ -286,7 +286,7 @@ The GitLab Policy Service might be used in two different ways:
1. The policy service feature will be used as a backend to store policies defined by users.
These are two slightly different use-cases: first one is about using
internally-defined policies to ensure the stability / availably of a GitLab
internally-defined policies to ensure the stability / availability of a GitLab
instance (GitLab.com or self-managed instance). The second use-case is about
making GitLab Policy Service a feature that users will be able to build on top
of.
@ -303,7 +303,7 @@ the sections of this document above.
It is possible that GitLab Policy Service and Decoupled Limits Service can
actually be the same thing. It, however, depends on the implementation details
that we can't predict yet, and the decision about merging these services
together will need to be informed by subsequent interations' feedback.
together will need to be informed by subsequent iterations' feedback.
## Hierarchical limits

4
doc/architecture/blueprints/runner_scaling/index.md
View File

@ -273,7 +273,7 @@ interfaces.
Within the `docker+autoscaling` executor the [`machineExecutor`](https://gitlab.com/gitlab-org/gitlab-runner/-/blob/267f40d871cd260dd063f7fbd36a921fedc62241/executors/docker/machine/machine.go#L19)
type has a [`Machine`](https://gitlab.com/gitlab-org/gitlab-runner/-/blob/267f40d871cd260dd063f7fbd36a921fedc62241/helpers/docker/machine.go#L7)
interface which it uses to aquire a VM during the common [`Prepare`](https://gitlab.com/gitlab-org/gitlab-runner/-/blob/267f40d871cd260dd063f7fbd36a921fedc62241/executors/docker/machine/machine.go#L71)
interface which it uses to acquire a VM during the common [`Prepare`](https://gitlab.com/gitlab-org/gitlab-runner/-/blob/267f40d871cd260dd063f7fbd36a921fedc62241/executors/docker/machine/machine.go#L71)
phase. This abstraction primarily creates, accesses and deletes VMs.
There is no current abstraction for the VM autoscaling logic. It is tightly
@ -401,7 +401,7 @@ In order to make use of the new interface, the autoscaling logic is pulled
out of the Docker Executor and placed into a new Taskscaler library.
This places the concerns of VM lifecycle, VM shape and job routing within
the plugin. It also places the conern of VM autoscaling into a separate
the plugin. It also places the concern of VM autoscaling into a separate
component so it can be used by multiple Runner Executors (not just `docker+autoscaling`).
Rationale: [Description of the InstanceGroup / Fleeting proposal](https://gitlab.com/gitlab-org/gitlab-runner/-/issues/28848#note_823430883)

6
doc/ci/yaml/index.md
View File

@ -1767,8 +1767,8 @@ deploy:
**Additional details**:
- Enviroments created from this job definition are assigned a [tier](../environments/index.md#deployment-tier-of-environments) based on this value.
- Existing environments don't have their tier updated if this value is added later. Existing enviroments must have their tier updated via the [Environments API](../../api/environments.md#update-an-existing-environment).
- Environments created from this job definition are assigned a [tier](../environments/index.md#deployment-tier-of-environments) based on this value.
- Existing environments don't have their tier updated if this value is added later. Existing environments must have their tier updated via the [Environments API](../../api/environments.md#update-an-existing-environment).
**Related topics**:
@ -3008,7 +3008,7 @@ job:
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/363024) in GitLab 15.3. Supported by `release-cli` v0.12.0 or later.
If the tag does not exist, the newly created tag is annotated with the message specifed by `tag_message`.
If the tag does not exist, the newly created tag is annotated with the message specified by `tag_message`.
If omitted, a lightweight tag is created.
**Keyword type**: Job keyword. You can use it only as part of a job.

2
doc/development/application_slis/rails_request_apdex.md
View File

@ -108,7 +108,7 @@ a case-by-case basis. Take the following into account:
should try to keep as short as possible.
1. Traffic characteristics should also be taken into account. If the
traffic to the endpoint is bursty, like CI traffic spinning up a
traffic to the endpoint sometimes bursts, like CI traffic spinning up a
big batch of jobs hitting the same endpoint, then having these
endpoints take five seconds is unacceptable from an infrastructure point of
view. We cannot scale up the fleet fast enough to accommodate for

2
doc/development/caching.md
View File

@ -80,7 +80,7 @@ indicates we have plenty of headroom.
- Generic data can be cached for everyone.
- You must keep this in mind when building new features.
1. Try to preserve cache data as much as possible:
- Use nested caches to maintain as much cached data as possible across expiries.
- Use nested caches to maintain as much cached data as possible across expires.
1. Perform as few requests to the cache as possible:
- This reduces variable latency caused by network issues.
- Lower overhead for each read on the cache.

2
doc/development/database/database_debugging.md
View File

@ -53,7 +53,7 @@ bundle exec rake db:reset RAILS_ENV=test
- `bundle exec rake db:migrate:up:main VERSION=20170926203418 RAILS_ENV=development`: Set up a migration
- `bundle exec rake db:migrate:redo:main VERSION=20170926203418 RAILS_ENV=development`: Re-run a specific migration
Replace `main` in the above commands to execute agains the `ci` database instead of `main`.
Replace `main` in the above commands to execute against the `ci` database instead of `main`.
## Manually access the database

2
doc/development/gemfile.md
View File

@ -56,7 +56,7 @@ This means that new dependencies should, at a minimum, meet the following criter
- They have an active developer community. At the minimum a maintainer should still be active
to merge change requests in case of emergencies.
- There are no issues open that we know may impact the availablity or performance of GitLab.
- There are no issues open that we know may impact the availability or performance of GitLab.
- The project is tested using some form of test automation. The test suite must be passing
using the Ruby version currently used by GitLab.
- If the project uses a C extension, consider requesting an additional review from a C or MRI

2
doc/development/geo.md
View File

@ -308,7 +308,7 @@ sequenceDiagram
- Sidekiq queries `job_artifact_registry` in the [PostgreSQL Geo Tracking Database](#tracking-database) for the number of rows marked "pending verification" or "failed verification and ready to retry"
- Sidekiq enqueues one or more `Geo::VerificationBatchWorker` jobs, limited by the "maximum verification concurrency" setting
- Sidekiq picks up `Geo::VerificationBatchWorker` job
- Sidekiq queries `job_artifact_registry` in the PostgreSQL Geo Tracking Databasef for rows marked "pending verification"
- Sidekiq queries `job_artifact_registry` in the PostgreSQL Geo Tracking Database for rows marked "pending verification"
- If the previous step yielded less than 10 rows, then Sidekiq queries `job_artifact_registry` for rows marked "failed verification and ready to retry"
- For each row
- Sidekiq marks it "started verification"

4
doc/development/gitlab_flavored_markdown/specification_guide/index.md
View File

@ -458,7 +458,7 @@ You can see the RSpec shared context containing these fixtures in
In some cases, fixtures may not be usable, because they do not provide control over the varying
values. In these cases, we can introduce support for a environment variable into the production
code, which allows us to override the randommness in our test environment when we are
code, which allows us to override the randomness in our test environment when we are
generating the HTML for footnote examples. Even though it is in the production code path, it has
no effect unless it is explicitly set, therefore it is innocuous. It allows us to avoid
the more-complex regex-based normalization described below.
@ -1056,7 +1056,7 @@ allows control over other aspects of the snapshot example generation process.
the example will only be run by `ee/spec/requests/api/markdown_snapshot_spec.rb`, not by
`spec/requests/api/markdown_snapshot_spec.rb`.
- The `api_request_override_path` field overrides the API endpoint path which is used to
generate the `static` HTML for the specifed example. Different endpoints can generate different
generate the `static` HTML for the specified example. Different endpoints can generate different
HTML in some cases, so we want to be able to exercise different API endpoints for the same
Markdown. By default, the `/markdown` endpoint is used.

2
doc/development/pipelines/internals.md
View File

@ -107,7 +107,7 @@ automatically updates the Gitaly version used in the main project),
[the Dependency proxy isn't accessible](https://gitlab.com/gitlab-org/gitlab/-/issues/332411#note_1130388163)
and the job fails at the `Preparing the "docker+machine" executor` step.
To work around that, we have a special workflow rule, that overrides the
`${GITLAB_DEPENDENCY_PROXY_ADDRESS}` variable so that Depdendency proxy isn't used in that case:
`${GITLAB_DEPENDENCY_PROXY_ADDRESS}` variable so that Dependency proxy isn't used in that case:
```yaml
- if: '$CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH && $GITLAB_USER_LOGIN =~ /project_\d+_bot\d*/'

2
doc/development/service_ping/troubleshooting.md
View File

@ -30,7 +30,7 @@ For results about an investigation conducted into an unexpected drop in Service
Check if the [export jobs](https://gitlab.com/gitlab-services/version-gitlab-com#data-export-using-pipeline-schedules) are successful.
Check [Service Ping errors](https://app.periscopedata.com/app/gitlab/968489/Product-Intelligence---Service-Ping-Health?widget=14609989&udv=0) in the [Service Ping Health Dahsboard](https://app.periscopedata.com/app/gitlab/968489/Product-Intelligence---Service-Ping-Health).
Check [Service Ping errors](https://app.periscopedata.com/app/gitlab/968489/Product-Intelligence---Service-Ping-Health?widget=14609989&udv=0) in the [Service Ping Health Dashboard](https://app.periscopedata.com/app/gitlab/968489/Product-Intelligence---Service-Ping-Health).
### Troubleshoot Google Storage layer

2
doc/development/spam_protection_and_captcha/exploratory_testing.md
View File

@ -353,7 +353,7 @@ GraphQL response:
}
```
### Scenario: allow_possible_spam feature flag enabled
### Scenario: `allow_possible_spam` feature flag enabled
With the `allow_possible_spam` feature flag enabled, the API returns a 200 response. Any
valid request is successful and no CAPTCHA is presented, even if the request is considered

6
doc/development/testing_guide/flaky_tests.md
View File

@ -75,7 +75,7 @@ difficult to achieve locally.
any table has more than 500 columns. It could pass in the merge request, but fail later in
`master` if the order of tests changes.
- [Example 2](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/91016/diffs): A test asserts
that trying to find a record with an unexisting ID retuns an error message. The test uses an
that trying to find a record with an nonexistent ID returns an error message. The test uses an
hardcoded ID that's supposed to not exist (e.g. `42`). If the test is run early in the test
suite, it might pass as not enough records were created before it, but as soon as it would run
later in the suite, there could be a record that actually has the ID `42`, hence the test would
@ -207,10 +207,10 @@ The `rspec/flaky/report-suite.json` report is:
- [Sporadic RSpec failures due to `PG::UniqueViolation`](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/28307#note_24958837): <https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/9846>
- Follow-up: <https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/10688>
- [Capybara.reset_session! should be called before requests are blocked](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/33779): <https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/12224>
- FFaker generates funky data that tests are not ready to handle (and tests should be predictable so that's bad!):
- ffaker generates funky data that tests are not ready to handle (and tests should be predictable so that's bad!):
- [Make `spec/mailers/notify_spec.rb` more robust](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/20121): <https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/10015>
- [Transient failure in `spec/requests/api/commits_spec.rb`](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/27988#note_25342521): <https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/9944>
- [Replace FFaker factory data with sequences](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/29643): <https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/10184>
- [Replace ffaker factory data with sequences](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/29643): <https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/10184>
- [Transient failure in spec/finders/issues_finder_spec.rb](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/30211#note_26707685): <https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/10404>
### Order-dependent flaky tests

2
doc/development/testing_guide/frontend_testing.md
View File

@ -534,7 +534,7 @@ Example
});
```
With [enableAutoDestroy](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/100389), it is no longer neccessary to manually call `wrapper.destroy()`.
With [enableAutoDestroy](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/100389), it is no longer necessary to manually call `wrapper.destroy()`.
However, some mocks, spies, and fixtures do need to be torn down, and we can leverage the `afterEach` hook.
Example

2
doc/integration/advanced_search/elasticsearch.md
View File

@ -559,7 +559,7 @@ The following are some available Rake tasks:
| Task | Description |
|:--------------------------------------------------------------------------------------------------------------------------------------------------------|:------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| [`sudo gitlab-rake gitlab:elastic:info`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/lib/tasks/gitlab/elastic.rake) | Outputs debugging information for the Advanced Search intergation. |
| [`sudo gitlab-rake gitlab:elastic:info`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/lib/tasks/gitlab/elastic.rake) | Outputs debugging information for the Advanced Search integration. |
| [`sudo gitlab-rake gitlab:elastic:index`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/lib/tasks/gitlab/elastic.rake) | Enables Elasticsearch indexing and run `gitlab:elastic:create_empty_index`, `gitlab:elastic:clear_index_status`, `gitlab:elastic:index_projects`, and `gitlab:elastic:index_snippets`. |
| [`sudo gitlab-rake gitlab:elastic:pause_indexing`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/lib/tasks/gitlab/elastic.rake) | Pauses Elasticsearch indexing. Changes are still tracked. Useful for cluster/index migrations. |
| [`sudo gitlab-rake gitlab:elastic:resume_indexing`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/lib/tasks/gitlab/elastic.rake) | Resumes Elasticsearch indexing. |

2
doc/subscriptions/gitlab_com/index.md
View File

@ -465,7 +465,7 @@ If your credit card is declined when purchasing a GitLab subscription, possible
Check with your financial institution to confirm if any of these reasons apply. If they don't
apply, contact [GitLab Support](https://support.gitlab.com/hc/en-us/requests/new?ticket_form_id=360000071293).
### Unable to link subcription to namespace
### Unable to link subscription to namespace
If you cannot link a subscription to your namespace, ensure that you have the Owner role
for that namespace.

2
doc/user/application_security/dependency_scanning/index.md
View File

@ -109,7 +109,7 @@ maximum of two directory levels from the repository's root. For example, the
`gemnasium-dependency_scanning` job is enabled if a repository contains either `Gemfile`,
`api/Gemfile`, or `api/client/Gemfile`, but not if the only supported dependency file is `api/v1/client/Gemfile`.
For Java and Python, when a supported depedency file is detected, Dependency Scanning attempts to build the project and execute some Java or Python commands to get the list of dependencies. For all other projects, the lock file is parsed to obtain the list of dependencies without needing to build the project first.
For Java and Python, when a supported dependency file is detected, Dependency Scanning attempts to build the project and execute some Java or Python commands to get the list of dependencies. For all other projects, the lock file is parsed to obtain the list of dependencies without needing to build the project first.
When a supported dependency file is detected, all dependencies, including transitive dependencies are analyzed. There is no limit to the depth of nested or transitive dependencies that are analyzed.

2
doc/user/application_security/index.md
View File

@ -242,7 +242,7 @@ reports are available to download. To download a report, select
A merge request contains a security widget which displays a summary of the new results. New results are determined by comparing the findings of the merge request against the findings of the most recent completed pipeline (`success`, `failed`, `canceled` or `skipped`) for the latest commit in the target branch.
If security scans have not run for the most recent completed pipeline in the target branch there is no base for comparison. The vulnerabilties from the merge request findings will be listed as new in the merge request security widget. We recommend you run a scan of the `default` (target) branch before enabling feature branch scans for your developers.
If security scans have not run for the most recent completed pipeline in the target branch there is no base for comparison. The vulnerabilities from the merge request findings will be listed as new in the merge request security widget. We recommend you run a scan of the `default` (target) branch before enabling feature branch scans for your developers.
The merge request security widget displays only a subset of the vulnerabilities in the generated JSON artifact because it contains both new and existing findings.

2
doc/user/clusters/agent/vulnerabilities.md
View File

@ -58,7 +58,7 @@ container_scanning:
## Enable via scan execution policies
To enable scanning of all images within your Kubernetes cluster via scan execution poilicies, we can use the
To enable scanning of all images within your Kubernetes cluster via scan execution policies, we can use the
[scan execution policy editor](../../application_security/policies/scan-execution-policies.md#scan-execution-policy-editor)
in order to create a new schedule rule.

2
doc/user/group/compliance_frameworks.md
View File

@ -205,7 +205,7 @@ When creating such an MR against a project with CF pipelines, the above snippet
This is because in the context of the target project, `$CI_COMMIT_REF_NAME` evaluates to a non-existing branch name.
To get the correct context, use `$CI_MERGE_REQUEST_SOURCE_PROJECT_PATH` instead of `$CI_PROJECT_PATH`.
This variable is only availabe in
This variable is only available in
[merge request pipelines](../../ci/pipelines/merge_request_pipelines.md).
For example, for a configuration that supports both merge request pipelines originating in project forks and branch pipelines,

4
lib/api/api.rb
View File

@ -198,6 +198,8 @@ module API
mount ::API::Clusters::Agents
mount ::API::Commits
mount ::API::CommitStatuses
mount ::API::ConanInstancePackages
mount ::API::ConanProjectPackages
mount ::API::ContainerRegistryEvent
mount ::API::ContainerRepositories
mount ::API::DependencyProxy
@ -297,8 +299,6 @@ module API
mount ::API::Ci::PipelineSchedules
mount ::API::Ci::SecureFiles
mount ::API::ComposerPackages
mount ::API::ConanInstancePackages
mount ::API::ConanProjectPackages
mount ::API::DebianGroupPackages
mount ::API::DebianProjectPackages
mount ::API::Discussions

2
lib/api/conan_project_packages.rb
View File

@ -4,7 +4,7 @@
module API
class ConanProjectPackages < ::API::Base
params do
requires :id, type: Integer, desc: 'The ID of a project', regexp: %r{\A[1-9]\d*\z}
requires :id, types: [String, Integer], desc: 'The ID or URL-encoded path of the project'
end
resource :projects, requirements: API::NAMESPACE_OR_PROJECT_REQUIREMENTS do

168
lib/api/concerns/packages/conan_endpoints.rb
View File

@ -53,6 +53,11 @@ module API
desc 'Ping the Conan API' do
detail 'This feature was introduced in GitLab 12.2'
success code: 200
failure [
{ code: 404, message: 'Not Found' }
]
tags %w[conan_packages]
end
route_setting :authentication, job_token_allowed: true, basic_auth_personal_access_token: true
@ -63,10 +68,15 @@ module API
desc 'Search for packages' do
detail 'This feature was introduced in GitLab 12.4'
success code: 200
failure [
{ code: 404, message: 'Not Found' }
]
tags %w[conan_packages]
end
params do
requires :q, type: String, desc: 'Search query'
requires :q, type: String, desc: 'Search query', documentation: { example: 'Hello*' }
end
route_setting :authentication, job_token_allowed: true, basic_auth_personal_access_token: true
@ -86,6 +96,12 @@ module API
desc 'Authenticate user against conan CLI' do
detail 'This feature was introduced in GitLab 12.2'
success code: 200
failure [
{ code: 401, message: 'Unauthorized' },
{ code: 404, message: 'Not Found' }
]
tags %w[conan_packages]
end
route_setting :authentication, job_token_allowed: true, basic_auth_personal_access_token: true
@ -98,6 +114,12 @@ module API
desc 'Check for valid user credentials per conan CLI' do
detail 'This feature was introduced in GitLab 12.4'
success code: 200
failure [
{ code: 401, message: 'Unauthorized' },
{ code: 404, message: 'Not Found' }
]
tags %w[conan_packages]
end
route_setting :authentication, job_token_allowed: true, basic_auth_personal_access_token: true
@ -109,10 +131,10 @@ module API
end
params do
requires :package_name, type: String, regexp: PACKAGE_COMPONENT_REGEX, desc: 'Package name'
requires :package_version, type: String, regexp: PACKAGE_COMPONENT_REGEX, desc: 'Package version'
requires :package_username, type: String, regexp: CONAN_REVISION_USER_CHANNEL_REGEX, desc: 'Package username'
requires :package_channel, type: String, regexp: CONAN_REVISION_USER_CHANNEL_REGEX, desc: 'Package channel'
requires :package_name, type: String, regexp: PACKAGE_COMPONENT_REGEX, desc: 'Package name', documentation: { example: 'my-package' }
requires :package_version, type: String, regexp: PACKAGE_COMPONENT_REGEX, desc: 'Package version', documentation: { example: '1.0' }
requires :package_username, type: String, regexp: CONAN_REVISION_USER_CHANNEL_REGEX, desc: 'Package username', documentation: { example: 'my-group+my-project' }
requires :package_channel, type: String, regexp: CONAN_REVISION_USER_CHANNEL_REGEX, desc: 'Package channel', documentation: { example: 'stable' }
end
namespace 'conans/:package_name/:package_version/:package_username/:package_channel', requirements: PACKAGE_REQUIREMENTS do
after_validation do
@ -122,14 +144,21 @@ module API
# Get the snapshot
#
# the snapshot is a hash of { filename: md5 hash }
# md5 hash is the has of that file. This hash is used to diff the files existing on the client
# md5 hash is the hash of that file. This hash is used to diff the files existing on the client
# to determine which client files need to be uploaded if no recipe exists the snapshot is empty
desc 'Package Snapshot' do
detail 'This feature was introduced in GitLab 12.5'
success code: 200, model: ::API::Entities::ConanPackage::ConanPackageSnapshot
failure [
{ code: 400, message: 'Bad Request' },
{ code: 403, message: 'Forbidden' },
{ code: 404, message: 'Not Found' }
]
tags %w[conan_packages]
end
params do
requires :conan_package_reference, type: String, desc: 'Conan package ID'
requires :conan_package_reference, type: String, desc: 'Conan package ID', documentation: { example: '103f6067a947f366ef91fc1b7da351c588d1827f' }
end
route_setting :authentication, job_token_allowed: true, basic_auth_personal_access_token: true
@ -149,6 +178,13 @@ module API
desc 'Recipe Snapshot' do
detail 'This feature was introduced in GitLab 12.5'
success code: 200, model: ::API::Entities::ConanPackage::ConanRecipeSnapshot
failure [
{ code: 400, message: 'Bad Request' },
{ code: 403, message: 'Forbidden' },
{ code: 404, message: 'Not Found' }
]
tags %w[conan_packages]
end
route_setting :authentication, job_token_allowed: true, basic_auth_personal_access_token: true
@ -168,9 +204,16 @@ module API
# where the url is the download url for the file
desc 'Package Digest' do
detail 'This feature was introduced in GitLab 12.5'
success code: 200, model: ::API::Entities::ConanPackage::ConanPackageManifest
failure [
{ code: 400, message: 'Bad Request' },
{ code: 403, message: 'Forbidden' },
{ code: 404, message: 'Not Found' }
]
tags %w[conan_packages]
end
params do
requires :conan_package_reference, type: String, desc: 'Conan package ID'
requires :conan_package_reference, type: String, desc: 'Conan package ID', documentation: { example: '103f6067a947f366ef91fc1b7da351c588d1827f' }
end
route_setting :authentication, job_token_allowed: true, basic_auth_personal_access_token: true
@ -181,6 +224,13 @@ module API
desc 'Recipe Digest' do
detail 'This feature was introduced in GitLab 12.5'
success code: 200, model: ::API::Entities::ConanPackage::ConanRecipeManifest
failure [
{ code: 400, message: 'Bad Request' },
{ code: 403, message: 'Forbidden' },
{ code: 404, message: 'Not Found' }
]
tags %w[conan_packages]
end
route_setting :authentication, job_token_allowed: true, basic_auth_personal_access_token: true
@ -197,10 +247,17 @@ module API
# where the url is the download url for the file
desc 'Package Download Urls' do
detail 'This feature was introduced in GitLab 12.5'
success code: 200, model: ::API::Entities::ConanPackage::ConanPackageManifest
failure [
{ code: 400, message: 'Bad Request' },
{ code: 403, message: 'Forbidden' },
{ code: 404, message: 'Not Found' }
]
tags %w[conan_packages]
end
params do
requires :conan_package_reference, type: String, desc: 'Conan package ID'
requires :conan_package_reference, type: String, desc: 'Conan package ID', documentation: { example: '103f6067a947f366ef91fc1b7da351c588d1827f' }
end
route_setting :authentication, job_token_allowed: true, basic_auth_personal_access_token: true
@ -211,6 +268,13 @@ module API
desc 'Recipe Download Urls' do
detail 'This feature was introduced in GitLab 12.5'
success code: 200, model: ::API::Entities::ConanPackage::ConanRecipeManifest
failure [
{ code: 400, message: 'Bad Request' },
{ code: 403, message: 'Forbidden' },
{ code: 404, message: 'Not Found' }
]
tags %w[conan_packages]
end
route_setting :authentication, job_token_allowed: true, basic_auth_personal_access_token: true
@ -228,10 +292,17 @@ module API
# where the url is the upload url for the file that the conan client will use
desc 'Package Upload Urls' do
detail 'This feature was introduced in GitLab 12.4'
success code: 200, model: ::API::Entities::ConanPackage::ConanUploadUrls
failure [
{ code: 400, message: 'Bad Request' },
{ code: 403, message: 'Forbidden' },
{ code: 404, message: 'Not Found' }
]
tags %w[conan_packages]
end
params do
requires :conan_package_reference, type: String, desc: 'Conan package ID'
requires :conan_package_reference, type: String, desc: 'Conan package ID', documentation: { example: '103f6067a947f366ef91fc1b7da351c588d1827f' }
end
route_setting :authentication, job_token_allowed: true, basic_auth_personal_access_token: true
@ -245,6 +316,13 @@ module API
desc 'Recipe Upload Urls' do
detail 'This feature was introduced in GitLab 12.4'
success code: 200, model: ::API::Entities::ConanPackage::ConanUploadUrls
failure [
{ code: 400, message: 'Bad Request' },
{ code: 403, message: 'Forbidden' },
{ code: 404, message: 'Not Found' }
]
tags %w[conan_packages]
end
route_setting :authentication, job_token_allowed: true, basic_auth_personal_access_token: true
@ -258,6 +336,13 @@ module API
desc 'Delete Package' do
detail 'This feature was introduced in GitLab 12.5'
success code: 200
failure [
{ code: 400, message: 'Bad Request' },
{ code: 403, message: 'Forbidden' },
{ code: 404, message: 'Not Found' }
]
tags %w[conan_packages]
end
route_setting :authentication, job_token_allowed: true, basic_auth_personal_access_token: true
@ -272,11 +357,11 @@ module API
end
params do
requires :package_name, type: String, regexp: PACKAGE_COMPONENT_REGEX, desc: 'Package name'
requires :package_version, type: String, regexp: PACKAGE_COMPONENT_REGEX, desc: 'Package version'
requires :package_username, type: String, regexp: CONAN_REVISION_USER_CHANNEL_REGEX, desc: 'Package username'
requires :package_channel, type: String, regexp: CONAN_REVISION_USER_CHANNEL_REGEX, desc: 'Package channel'
requires :recipe_revision, type: String, regexp: CONAN_REVISION_REGEX, desc: 'Conan Recipe Revision'
requires :package_name, type: String, regexp: PACKAGE_COMPONENT_REGEX, desc: 'Package name', documentation: { example: 'my-package' }
requires :package_version, type: String, regexp: PACKAGE_COMPONENT_REGEX, desc: 'Package version', documentation: { example: '1.0' }
requires :package_username, type: String, regexp: CONAN_REVISION_USER_CHANNEL_REGEX, desc: 'Package username', documentation: { example: 'my-group+my-project' }
requires :package_channel, type: String, regexp: CONAN_REVISION_USER_CHANNEL_REGEX, desc: 'Package channel', documentation: { example: 'stable' }
requires :recipe_revision, type: String, regexp: CONAN_REVISION_REGEX, desc: 'Conan Recipe Revision', documentation: { example: '0' }
end
namespace 'files/:package_name/:package_version/:package_username/:package_channel/:recipe_revision', requirements: PACKAGE_REQUIREMENTS do
before do
@ -288,12 +373,19 @@ module API
end
params do
requires :file_name, type: String, desc: 'Package file name', values: CONAN_FILES
requires :file_name, type: String, desc: 'Package file name', values: CONAN_FILES, documentation: { example: 'conanfile.py' }
end
namespace 'export/:file_name', requirements: FILE_NAME_REQUIREMENTS do
desc 'Download recipe files' do
detail 'This feature was introduced in GitLab 12.6'
success code: 200
failure [
{ code: 400, message: 'Bad Request' },
{ code: 403, message: 'Forbidden' },
{ code: 404, message: 'Not Found' }
]
tags %w[conan_packages]
end
route_setting :authentication, job_token_allowed: true, basic_auth_personal_access_token: true
@ -304,6 +396,14 @@ module API
desc 'Upload recipe package files' do
detail 'This feature was introduced in GitLab 12.6'
success code: 200
failure [
{ code: 400, message: 'Bad Request' },
{ code: 401, message: 'Unauthorized' },
{ code: 403, message: 'Forbidden' },
{ code: 404, message: 'Not Found' }
]
tags %w[conan_packages]
end
params do
@ -318,6 +418,14 @@ module API
desc 'Workhorse authorize the conan recipe file' do
detail 'This feature was introduced in GitLab 12.6'
success code: 200
failure [
{ code: 400, message: 'Bad Request' },
{ code: 401, message: 'Unauthorized' },
{ code: 403, message: 'Forbidden' },
{ code: 404, message: 'Not Found' }
]
tags %w[conan_packages]
end
route_setting :authentication, job_token_allowed: true, basic_auth_personal_access_token: true
@ -328,13 +436,19 @@ module API
end
params do
requires :conan_package_reference, type: String, desc: 'Conan Package ID'
requires :package_revision, type: String, desc: 'Conan Package Revision'
requires :file_name, type: String, desc: 'Package file name', values: CONAN_FILES
requires :conan_package_reference, type: String, desc: 'Conan Package ID', documentation: { example: '103f6067a947f366ef91fc1b7da351c588d1827f' }
requires :package_revision, type: String, desc: 'Conan Package Revision', documentation: { example: '0' }
requires :file_name, type: String, desc: 'Package file name', values: CONAN_FILES, documentation: { example: 'conaninfo.txt' }
end
namespace 'package/:conan_package_reference/:package_revision/:file_name', requirements: FILE_NAME_REQUIREMENTS do
desc 'Download package files' do
detail 'This feature was introduced in GitLab 12.5'
success code: 200
failure [
{ code: 403, message: 'Forbidden' },
{ code: 404, message: 'Not Found' }
]
tags %w[conan_packages]
end
route_setting :authentication, job_token_allowed: true, basic_auth_personal_access_token: true
@ -345,6 +459,14 @@ module API
desc 'Workhorse authorize the conan package file' do
detail 'This feature was introduced in GitLab 12.6'
success code: 200
failure [
{ code: 400, message: 'Bad Request' },
{ code: 401, message: 'Unauthorized' },
{ code: 403, message: 'Forbidden' },
{ code: 404, message: 'Not Found' }
]
tags %w[conan_packages]
end
route_setting :authentication, job_token_allowed: true, basic_auth_personal_access_token: true
@ -355,6 +477,14 @@ module API
desc 'Upload package files' do
detail 'This feature was introduced in GitLab 12.6'
success code: 200
failure [
{ code: 400, message: 'Bad Request' },
{ code: 401, message: 'Unauthorized' },
{ code: 403, message: 'Forbidden' },
{ code: 404, message: 'Not Found' }
]
tags %w[conan_packages]
end
params do

2
lib/api/entities/conan_package/conan_package_manifest.rb
View File

@ -4,7 +4,7 @@ module API
module Entities
module ConanPackage
class ConanPackageManifest < Grape::Entity
expose :package_urls, merge: true
expose :package_urls, merge: true, documentation: { type: 'object', example: '{ "conan_package.tgz": "https://gitlab.example.com/api/v4/packages/conan/v1/files/my-package/1.0/my-group+my-project/stable/packages/103f6067a947f366ef91fc1b7da351c588d1827f/0/conan_package.tgz"' }
end
end
end

6
lib/api/entities/conan_package/conan_package_snapshot.rb
View File

@ -4,7 +4,11 @@ module API
module Entities
module ConanPackage
class ConanPackageSnapshot < Grape::Entity
expose :package_snapshot, merge: true
expose :package_snapshot, merge: true,
documentation: {
type: 'object',
example: '{ "conan_package.tgz": "749b29bdf72587081ca03ec033ee59dc" }'
}
end
end
end

2
lib/api/entities/conan_package/conan_recipe_manifest.rb
View File

@ -4,7 +4,7 @@ module API
module Entities
module ConanPackage
class ConanRecipeManifest < Grape::Entity
expose :recipe_urls, merge: true
expose :recipe_urls, merge: true, documentation: { type: 'object', example: '{ "conan_sources.tgz": "https://gitlab.example.com/api/v4/packages/conan/v1/files/my-package/1.0/my-group+my-project/stable/0/export/conan_sources.tgz" }' }
end
end
end

6
lib/api/entities/conan_package/conan_recipe_snapshot.rb
View File

@ -4,7 +4,11 @@ module API
module Entities
module ConanPackage
class ConanRecipeSnapshot < Grape::Entity
expose :recipe_snapshot, merge: true
expose :recipe_snapshot, merge: true,
documentation: {
type: 'object',
example: '{ "conan_sources.tgz": "eadf19b33f4c3c7e113faabf26e76277" }'
}
end
end
end

2
lib/api/entities/conan_package/conan_upload_urls.rb
View File

@ -4,7 +4,7 @@ module API
module Entities
module ConanPackage
class ConanUploadUrls < Grape::Entity
expose :upload_urls, merge: true
expose :upload_urls, merge: true, documentation: { type: 'object', example: '{ "conan_package.tgz": "https://gitlab.example.com/api/v4/packages/conan/v1/files/my-package/1.0/my-group+my-project/stable/0/package/103f6067a947f366ef91fc1b7da351c588d1827f/0/conan_package.tgz" }' }
end
end
end

2
qa/spec/runtime/env_spec.rb
View File

@ -7,7 +7,7 @@ RSpec.describe QA::Runtime::Env do
it_behaves_like 'boolean method with parameter', kwargs
end
shared_examples 'boolean method with parameter' do |method:, param: nil, env_key:, default:|
shared_examples 'boolean method with parameter' do |method:, env_key:, default:, param: nil|
context 'when there is an env variable set' do
it 'returns false when falsey values specified' do
stub_env(env_key, 'false')

2
spec/graphql/types/ci/pipeline_counts_type_spec.rb
View File

@ -32,7 +32,7 @@ RSpec.describe GitlabSchema.types['PipelineCounts'] do
expect(described_class).to include_graphql_fields(*expected_fields)
end
shared_examples 'pipeline counts query' do |args: "", expected_counts:|
shared_examples 'pipeline counts query' do |expected_counts:, args: ""|
let_it_be(:query) do
%(
query {

2
spec/lib/gitlab/background_migration/populate_vulnerability_reads_spec.rb
View File

@ -68,7 +68,7 @@ RSpec.describe Gitlab::BackgroundMigration::PopulateVulnerabilityReads, :migrati
# rubocop:disable Metrics/ParameterLists
def create_finding!(
vulnerability_id: nil, project_id:, scanner_id:, primary_identifier_id:,
project_id:, scanner_id:, primary_identifier_id:, vulnerability_id: nil,
name: "test", severity: 7, confidence: 7, report_type: 0,
project_fingerprint: '123qweasdzxc', location: { "image" => "alpine:3.4" }, location_fingerprint: 'test',
metadata_version: 'test', raw_metadata: 'test', uuid: SecureRandom.uuid)

3
spec/lib/gitlab/background_migration/recalculate_vulnerabilities_occurrences_uuid_spec.rb
View File

@ -488,8 +488,7 @@ RSpec.describe Gitlab::BackgroundMigration::RecalculateVulnerabilitiesOccurrence
# rubocop:disable Metrics/ParameterLists
def create_finding!(
id: nil,
vulnerability_id:, project_id:, scanner_id:, primary_identifier_id:,
vulnerability_id:, project_id:, scanner_id:, primary_identifier_id:, id: nil,
name: "test", severity: 7, confidence: 7, report_type: 0,
project_fingerprint: '123qweasdzxc', location_fingerprint: 'test',
metadata_version: 'test', raw_metadata: 'test', uuid: 'test')

3
spec/lib/gitlab/background_migration/remove_duplicate_vulnerabilities_findings_spec.rb
View File

@ -134,8 +134,7 @@ RSpec.describe Gitlab::BackgroundMigration::RemoveDuplicateVulnerabilitiesFindin
# rubocop:disable Metrics/ParameterLists
def create_finding!(
id: nil,
vulnerability_id:, project_id:, scanner_id:, primary_identifier_id:,
vulnerability_id:, project_id:, scanner_id:, primary_identifier_id:, id: nil,
name: "test", severity: 7, confidence: 7, report_type: 0,
project_fingerprint: '123qweasdzxc', location_fingerprint: 'test',
metadata_version: 'test', raw_metadata: 'test', uuid: 'test')

3
spec/lib/gitlab/background_migration/remove_occurrence_pipelines_and_duplicate_vulnerabilities_findings_spec.rb
View File

@ -133,8 +133,7 @@ RSpec.describe Gitlab::BackgroundMigration::RemoveOccurrencePipelinesAndDuplicat
# rubocop:disable Metrics/ParameterLists
def create_finding!(
id: nil,
vulnerability_id:, project_id:, scanner_id:, primary_identifier_id:,
vulnerability_id:, project_id:, scanner_id:, primary_identifier_id:, id: nil,
name: "test", severity: 7, confidence: 7, report_type: 0,
project_fingerprint: '123qweasdzxc', location_fingerprint: 'test',
metadata_version: 'test', raw_metadata: 'test', uuid: 'test')

2
spec/lib/gitlab/database/partitioning/detached_partition_dropper_spec.rb
View File

@ -41,7 +41,7 @@ RSpec.describe Gitlab::Database::Partitioning::DetachedPartitionDropper do
SQL
end
def create_partition(name:, table: 'parent_table', from:, to:, attached:, drop_after:)
def create_partition(name:, from:, to:, attached:, drop_after:, table: 'parent_table')
from = from.beginning_of_month
to = to.beginning_of_month
full_name = "#{Gitlab::Database::DYNAMIC_PARTITIONS_SCHEMA}.#{name}"

3
spec/migrations/20211018152654_schedule_remove_duplicate_vulnerabilities_findings3_spec.rb
View File

@ -131,8 +131,7 @@ RSpec.describe ScheduleRemoveDuplicateVulnerabilitiesFindings3, :migration do
# rubocop:disable Metrics/ParameterLists
def create_finding!(
id: nil,
vulnerability_id:, project_id:, scanner_id:, primary_identifier_id:,
vulnerability_id:, project_id:, scanner_id:, primary_identifier_id:, id: nil,
name: "test", severity: 7, confidence: 7, report_type: 0,
project_fingerprint: '123qweasdzxc', location_fingerprint: 'test',
metadata_version: 'test', raw_metadata: 'test', uuid: 'test')

3
spec/migrations/20211116111644_schedule_remove_occurrence_pipelines_and_duplicate_vulnerabilities_findings_spec.rb
View File

@ -149,8 +149,7 @@ RSpec.describe ScheduleRemoveOccurrencePipelinesAndDuplicateVulnerabilitiesFindi
# rubocop:disable Metrics/ParameterLists
def create_finding!(
id: nil,
vulnerability_id:, project_id:, scanner_id:, primary_identifier_id:,
vulnerability_id:, project_id:, scanner_id:, primary_identifier_id:, id: nil,
name: "test", severity: 7, confidence: 7, report_type: 0,
project_fingerprint: '123qweasdzxc', location_fingerprint: 'test',
metadata_version: 'test', raw_metadata: 'test', uuid: 'test')

2
spec/migrations/20220106111958_add_insert_or_update_vulnerability_reads_trigger_spec.rb
View File

@ -126,7 +126,7 @@ RSpec.describe AddInsertOrUpdateVulnerabilityReadsTrigger do
# rubocop:disable Metrics/ParameterLists
def create_finding!(
vulnerability_id: nil, project_id:, scanner_id:, primary_identifier_id:,
project_id:, scanner_id:, primary_identifier_id:, vulnerability_id: nil,
name: "test", severity: 7, confidence: 7, report_type: 0,
project_fingerprint: '123qweasdzxc', location: { "image" => "alpine:3.4" }, location_fingerprint: 'test',
metadata_version: 'test', raw_metadata: 'test', uuid: SecureRandom.uuid)

2
spec/migrations/20220106112043_add_update_vulnerability_reads_trigger_spec.rb
View File

@ -103,7 +103,7 @@ RSpec.describe AddUpdateVulnerabilityReadsTrigger do
# rubocop:disable Metrics/ParameterLists
def create_finding!(
vulnerability_id: nil, project_id:, scanner_id:, primary_identifier_id:,
project_id:, scanner_id:, primary_identifier_id:, vulnerability_id: nil,
name: "test", severity: 7, confidence: 7, report_type: 0,
project_fingerprint: '123qweasdzxc', location: { "image" => "alpine:3.4" }, location_fingerprint: 'test',
metadata_version: 'test', raw_metadata: 'test', uuid: SecureRandom.uuid)

2
spec/migrations/20220106112085_add_update_vulnerability_reads_location_trigger_spec.rb
View File

@ -111,7 +111,7 @@ RSpec.describe AddUpdateVulnerabilityReadsLocationTrigger do
# rubocop:disable Metrics/ParameterLists
def create_finding!(
vulnerability_id: nil, project_id:, scanner_id:, primary_identifier_id:,
project_id:, scanner_id:, primary_identifier_id:, vulnerability_id: nil,
name: "test", severity: 7, confidence: 7, report_type: 0,
project_fingerprint: '123qweasdzxc', location: { "image" => "alpine:3.4" }, location_fingerprint: 'test',
metadata_version: 'test', raw_metadata: 'test', uuid: SecureRandom.uuid)

2
spec/migrations/20220106163326_add_has_issues_on_vulnerability_reads_trigger_spec.rb
View File

@ -109,7 +109,7 @@ RSpec.describe AddHasIssuesOnVulnerabilityReadsTrigger do
# rubocop:disable Metrics/ParameterLists
def create_finding!(
vulnerability_id: nil, project_id:, scanner_id:, primary_identifier_id:,
project_id:, scanner_id:, primary_identifier_id:, vulnerability_id: nil,
name: "test", severity: 7, confidence: 7, report_type: 0,
project_fingerprint: '123qweasdzxc', location: { "image" => "alpine:3.4" }, location_fingerprint: 'test',
metadata_version: 'test', raw_metadata: 'test', uuid: SecureRandom.uuid)

3
spec/migrations/20220107064845_populate_vulnerability_reads_spec.rb
View File

@ -80,8 +80,7 @@ RSpec.describe PopulateVulnerabilityReads, :migration do
# rubocop:disable Metrics/ParameterLists
def create_finding!(
id: nil,
vulnerability_id:, project_id:, scanner_id:, primary_identifier_id:,
vulnerability_id:, project_id:, scanner_id:, primary_identifier_id:, id: nil,
name: "test", severity: 7, confidence: 7, report_type: 0,
project_fingerprint: '123qweasdzxc', location_fingerprint: 'test',
metadata_version: 'test', raw_metadata: 'test', uuid: SecureRandom.uuid)

2
spec/migrations/confirm_support_bot_user_spec.rb
View File

@ -72,7 +72,7 @@ RSpec.describe ConfirmSupportBotUser, :migration do
private
def create_user!(name: 'GitLab Support Bot', email: 'support@example.com', user_type:, created_at: Time.now, confirmed_at: nil, record_timestamps: true)
def create_user!(user_type:, name: 'GitLab Support Bot', email: 'support@example.com', created_at: Time.now, confirmed_at: nil, record_timestamps: true)
users.create!(
name: name,
email: email,

2
spec/requests/api/conan_instance_packages_spec.rb
View File

@ -2,7 +2,7 @@
require 'spec_helper'
RSpec.describe API::ConanInstancePackages do
RSpec.describe API::ConanInstancePackages, feature_category: :package_registry do
let(:snowplow_gitlab_standard_context) { { user: user, project: project, namespace: project.namespace, property: 'i_package_conan_user' } }
include_context 'conan api setup'

2
spec/requests/api/conan_project_packages_spec.rb
View File

@ -1,7 +1,7 @@
# frozen_string_literal: true
require 'spec_helper'
RSpec.describe API::ConanProjectPackages do
RSpec.describe API::ConanProjectPackages, feature_category: :package_registry do
include_context 'conan api setup'
let(:project_id) { project.id }

2
spec/services/service_ping/submit_service_ping_service_spec.rb
View File

@ -340,7 +340,7 @@ RSpec.describe ServicePing::SubmitService do
end
end
def stub_response(url: service_ping_payload_url, body:, status: 201)
def stub_response(body:, url: service_ping_payload_url, status: 201)
stub_full_request(url, method: :post)
.to_return(
headers: { 'Content-Type' => 'application/json' },

2
spec/support/helpers/doc_url_helper.rb
View File

@ -13,7 +13,7 @@ module DocUrlHelper
"#{documentation_base_url}/ee/#{path}.html"
end
def stub_doc_file_read(file_name: 'index.md', content: )
def stub_doc_file_read(content:, file_name: 'index.md')
expect_file_read(File.join(Rails.root, 'doc', file_name), content: content)
end
end

2
spec/support/helpers/smime_helper.rb
View File

@ -17,7 +17,7 @@ module SmimeHelper
end
# returns a hash { key:, cert: } containing a generated key, cert pair
def issue(email_address: 'test@example.com', cn: nil, signed_by:, expires_in:, certificate_authority:)
def issue(signed_by:, expires_in:, certificate_authority:, email_address: 'test@example.com', cn: nil)
key = OpenSSL::PKey::RSA.new(4096)
public_key = key.public_key

8
spec/support/helpers/workhorse_helpers.rb
View File

@ -39,11 +39,11 @@ module WorkhorseHelpers
# workhorse_finalize will transform file_key inside params as if it was the finalize call of an inline object storage upload.
# note that based on the content of the params it can simulate a disc acceleration or an object storage upload
def workhorse_finalize(url, method: :post, file_key:, params:, headers: {}, send_rewritten_field: false)
def workhorse_finalize(url, file_key:, params:, method: :post, headers: {}, send_rewritten_field: false)
workhorse_finalize_with_multiple_files(url, method: method, file_keys: file_key, params: params, headers: headers, send_rewritten_field: send_rewritten_field)
end
def workhorse_finalize_with_multiple_files(url, method: :post, file_keys:, params:, headers: {}, send_rewritten_field: false)
def workhorse_finalize_with_multiple_files(url, file_keys:, params:, method: :post, headers: {}, send_rewritten_field: false)
workhorse_request_with_multiple_files(method, url,
file_keys: file_keys,
params: params,
@ -52,11 +52,11 @@ module WorkhorseHelpers
)
end
def workhorse_request_with_file(method, url, file_key:, params:, env: {}, extra_headers: {}, send_rewritten_field:)
def workhorse_request_with_file(method, url, file_key:, params:, send_rewritten_field:, env: {}, extra_headers: {})
workhorse_request_with_multiple_files(method, url, file_keys: file_key, params: params, env: env, extra_headers: extra_headers, send_rewritten_field: send_rewritten_field)
end
def workhorse_request_with_multiple_files(method, url, file_keys:, params:, env: {}, extra_headers: {}, send_rewritten_field:)
def workhorse_request_with_multiple_files(method, url, file_keys:, params:, send_rewritten_field:, env: {}, extra_headers: {})
workhorse_params = params.dup
file_keys = Array(file_keys)

18
spec/support/shared_examples/projects/container_repository/cleanup_tags_service_shared_examples.rb
View File

@ -1,7 +1,7 @@
# frozen_string_literal: true
RSpec.shared_examples 'when regex matching everything is specified' do
|service_response_extra: {}, supports_caching: false, delete_expectations:|
|delete_expectations:, service_response_extra: {}, supports_caching: false|
let(:params) do
{ 'name_regex_delete' => '.*' }
end
@ -65,7 +65,7 @@ RSpec.shared_examples 'when delete regex matching specific tags is used with ove
end
RSpec.shared_examples 'with allow regex value' do
|service_response_extra: {}, supports_caching: false, delete_expectations:|
|delete_expectations:, service_response_extra: {}, supports_caching: false|
let(:params) do
{
'name_regex_delete' => '.*',
@ -80,7 +80,7 @@ RSpec.shared_examples 'with allow regex value' do
end
RSpec.shared_examples 'when keeping only N tags' do
|service_response_extra: {}, supports_caching: false, delete_expectations:|
|delete_expectations:, service_response_extra: {}, supports_caching: false|
let(:params) do
{
'name_regex' => 'A|B.*|C',
@ -99,7 +99,7 @@ RSpec.shared_examples 'when keeping only N tags' do
end
RSpec.shared_examples 'when not keeping N tags' do
|service_response_extra: {}, supports_caching: false, delete_expectations:|
|delete_expectations:, service_response_extra: {}, supports_caching: false|
let(:params) do
{ 'name_regex' => 'A|B.*|C' }
end
@ -115,7 +115,7 @@ RSpec.shared_examples 'when not keeping N tags' do
end
RSpec.shared_examples 'when removing keeping only 3' do
|service_response_extra: {}, supports_caching: false, delete_expectations:|
|delete_expectations:, service_response_extra: {}, supports_caching: false|
let(:params) do
{ 'name_regex_delete' => '.*',
'keep_n' => 3 }
@ -128,7 +128,7 @@ RSpec.shared_examples 'when removing keeping only 3' do
end
RSpec.shared_examples 'when removing older than 1 day' do
|service_response_extra: {}, supports_caching: false, delete_expectations:|
|delete_expectations:, service_response_extra: {}, supports_caching: false|
let(:params) do
{
'name_regex_delete' => '.*',
@ -143,7 +143,7 @@ RSpec.shared_examples 'when removing older than 1 day' do
end
RSpec.shared_examples 'when combining all parameters' do
|service_response_extra: {}, supports_caching: false, delete_expectations:|
|delete_expectations:, service_response_extra: {}, supports_caching: false|
let(:params) do
{
'name_regex_delete' => '.*',
@ -159,7 +159,7 @@ RSpec.shared_examples 'when combining all parameters' do
end
RSpec.shared_examples 'when running a container_expiration_policy' do
|service_response_extra: {}, supports_caching: false, delete_expectations:|
|delete_expectations:, service_response_extra: {}, supports_caching: false|
let(:user) { nil }
context 'with valid container_expiration_policy param' do
@ -191,7 +191,7 @@ RSpec.shared_examples 'not removing anything' do |service_response_extra: {}, su
end
RSpec.shared_examples 'removing the expected tags' do
|service_response_extra: {}, supports_caching: false, delete_expectations:|
|delete_expectations:, service_response_extra: {}, supports_caching: false|
it 'removes the expected tags' do
delete_expectations.each { |expectation| expect_delete(expectation) }
expect_no_caching unless supports_caching

2
spec/support/shared_examples/services/container_expiration_policy_shared_examples.rb
View File

@ -1,6 +1,6 @@
# frozen_string_literal: true
RSpec.shared_examples 'updating the container expiration policy attributes' do |mode:, from: {}, to:|
RSpec.shared_examples 'updating the container expiration policy attributes' do |mode:, to:, from: {}|
if mode == :create
it 'creates a new container expiration policy' do
expect { subject }

2
spec/support/shared_examples/services/dependency_proxy_ttl_policies_shared_examples.rb
View File

@ -1,6 +1,6 @@
# frozen_string_literal: true
RSpec.shared_examples 'updating the dependency proxy image ttl policy attributes' do |from: {}, to:|
RSpec.shared_examples 'updating the dependency proxy image ttl policy attributes' do |to:, from: {}|
it_behaves_like 'not creating the dependency proxy image ttl policy'
it 'updates the dependency proxy image ttl policy' do

2
spec/support/shared_examples/services/namespace_package_settings_shared_examples.rb
View File

@ -1,6 +1,6 @@
# frozen_string_literal: true
RSpec.shared_examples 'updating the namespace package setting attributes' do |from: {}, to:|
RSpec.shared_examples 'updating the namespace package setting attributes' do |to:, from: {}|
it_behaves_like 'not creating the namespace package setting'
it 'updates the namespace package setting' do

2
spec/tasks/gitlab/usage_data_rake_spec.rb
View File

@ -80,7 +80,7 @@ RSpec.describe 'gitlab:usage data take tasks', :silence_stdout do
private
def stub_response(url: service_ping_payload_url, body:, status: 201)
def stub_response(body:, url: service_ping_payload_url, status: 201)
stub_full_request(url, method: :post)
.to_return(
headers: { 'Content-Type' => 'application/json' },

3
spec/workers/container_expiration_policies/cleanup_container_repository_worker_spec.rb
View File

@ -398,8 +398,7 @@ RSpec.describe ContainerExpirationPolicies::CleanupContainerRepositoryWorker do
end
def cleanup_service_response(
status: :finished,
repository:,
repository:, status: :finished,
cleanup_tags_service_original_size: 100,
cleanup_tags_service_before_truncate_size: 80,
cleanup_tags_service_after_truncate_size: 80,