root
/
gitlab-ce
mirror of https://gitlab.com/free-releases/gitlab-ce.git
1
0
Fork 0
Code Issues Actions Packages Projects Releases Wiki Activity

Add latest changes from gitlab-org/gitlab@master

This commit is contained in:
GitLab Bot 2024-04-22 21:09:46 +00:00
parent 1f5a6f7200
commit fc0d8fd420
77 changed files with 791 additions and 320 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
.gitlab/ci/workhorse.gitlab-ci.yml
View File

@ -33,7 +33,7 @@ workhorse:test go:
extends: .workhorse:test
parallel:
matrix:
- GO_VERSION: ["1.20", "1.21", "1.22"]
- GO_VERSION: ["1.21", "1.22"]
REDIS_VERSION: ["7.0", "6.2"]
script:
- make -C workhorse test-coverage
@ -49,7 +49,7 @@ workhorse:test fips:
- setup-test-env-fips
parallel:
matrix:
- GO_VERSION: ["1.20", "1.21", "1.22"]
- GO_VERSION: ["1.21", "1.22"]
REDIS_VERSION: ["7.0", "6.2"]
image: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images/${BUILD_OS}-${OS_VERSION}-ruby-${RUBY_VERSION}-golang-${GO_VERSION}-rust-${RUST_VERSION}:rubygems-${RUBYGEMS_VERSION}-git-2.36-exiftool-12.60
variables:

2
.rubocop_todo/layout/line_end_string_concatenation_indentation.yml
View File

@ -105,8 +105,6 @@ Layout/LineEndStringConcatenationIndentation:
- 'ee/spec/lib/gitlab/ci/templates/dast_latest_gitlab_ci_yaml_spec.rb'
- 'ee/spec/lib/gitlab/ci/templates/dependency_scanning_gitlab_ci_yaml_spec.rb'
- 'ee/spec/lib/gitlab/ci/templates/dependency_scanning_latest_gitlab_ci_yaml_spec.rb'
- 'ee/spec/lib/gitlab/ci/templates/license_scanning_gitlab_ci_yaml_spec.rb'
- 'ee/spec/lib/gitlab/ci/templates/license_scanning_latest_gitlab_ci_yaml_spec.rb'
- 'ee/spec/lib/gitlab/ci/templates/sast_gitlab_ci_yaml_spec.rb'
- 'ee/spec/lib/gitlab/ci/templates/sast_iac_gitlab_ci_yaml_spec.rb'
- 'ee/spec/lib/gitlab/ci/templates/sast_latest_gitlab_ci_yaml_spec.rb'

1
.rubocop_todo/rspec/context_wording.yml
View File

@ -334,7 +334,6 @@ RSpec/ContextWording:
- 'ee/spec/lib/gitlab/ci/templates/dast_api_gitlab_ci_yaml_spec.rb'
- 'ee/spec/lib/gitlab/ci/templates/dast_latest_gitlab_ci_yaml_spec.rb'
- 'ee/spec/lib/gitlab/ci/templates/dependency_scanning_gitlab_ci_yaml_spec.rb'
- 'ee/spec/lib/gitlab/ci/templates/license_scanning_gitlab_ci_yaml_spec.rb'
- 'ee/spec/lib/gitlab/ci/templates/sast_gitlab_ci_yaml_spec.rb'
- 'ee/spec/lib/gitlab/ci/templates/sast_iac_gitlab_ci_yaml_spec.rb'
- 'ee/spec/lib/gitlab/ci/templates/sast_latest_gitlab_ci_yaml_spec.rb'

2
GITALY_SERVER_VERSION
View File

@ -1 +1 @@
faac94442a49a42427236f28d5190c6d721c172b
84074347b5ad5ff09fd4d6068c8bcdf356f7798c

2
app/assets/javascripts/environments/graphql/resolvers/flux.js
View File

@ -8,7 +8,7 @@ import fluxKustomizationStatusQuery from '../queries/flux_kustomization_status.q
import fluxHelmReleaseStatusQuery from '../queries/flux_helm_release_status.query.graphql';
const helmReleasesApiVersion = 'helm.toolkit.fluxcd.io/v2beta1';
const kustomizationsApiVersion = 'kustomize.toolkit.fluxcd.io/v1beta1';
const kustomizationsApiVersion = 'kustomize.toolkit.fluxcd.io/v1';
const helmReleaseField = 'fluxHelmReleaseStatus';
const kustomizationField = 'fluxKustomizationStatus';

2
app/assets/javascripts/issues/list/components/empty_state_without_any_issues.vue
View File

@ -69,7 +69,7 @@ export default {
<div
v-if="isSignedIn"
data-testid="signed-in-empty-state-block"
:data-track-action="isProject && 'render_project_issues_empty_list_page'"
:data-track-action="isProject && 'render'"
:data-track-label="isProject && 'project_issues_empty_list'"
:data-track-experiment="isProject && 'issues_mrs_empty_state'"
>

2
app/assets/stylesheets/page_bundles/design_management.scss
View File

@ -3,7 +3,6 @@
$design-pin-diameter: 28px;
$design-pin-diameter-sm: 24px;
$t-gray-a-16-design-pin: rgba($black, 0.16);
$zindex-design-detail: 1061;
.design-card-header {
background: transparent;
@ -15,7 +14,6 @@ $zindex-design-detail: 1061;
.design-detail {
bottom: $calc-application-footer-height;
z-index: $zindex-design-detail;
.comment-indicator {
border-radius: 50%;

3
app/graphql/types/ci/runner_membership_filter_enum.rb
View File

@ -4,8 +4,7 @@ module Types
module Ci
class RunnerMembershipFilterEnum < BaseEnum
graphql_name 'CiRunnerMembershipFilter'
description 'Values for filtering runners in namespaces. ' \
'The previous type name `RunnerMembershipFilter` was deprecated in 15.4.'
description 'Values for filtering runners in namespaces.'
value 'DIRECT',
description: "Include runners that have a direct relationship.",

21
app/graphql/types/ci/runner_type.rb
View File

@ -23,10 +23,6 @@ module Types
deprecated: { reason: 'Use paused', milestone: '14.8' }
field :admin_url, GraphQL::Types::String, null: true,
description: 'Admin URL of the runner. Only available for administrators.'
field :architecture_name, GraphQL::Types::String, null: true,
deprecated: { reason: "Use field in `manager` object instead", milestone: '16.2' },
description: 'Architecture provided by the the runner.',
method: :architecture
field :contacted_at, Types::TimeType, null: true,
description: 'Timestamp of last contact from this runner.',
method: :contacted_at
@ -46,17 +42,10 @@ module Types
field :ephemeral_register_url, GraphQL::Types::String, null: true,
description: 'URL of the registration page of the runner manager. Only available for the creator of the runner for a limited time during registration.',
alpha: { milestone: '15.11' }
field :executor_name, GraphQL::Types::String, null: true,
deprecated: { reason: "Use field in `manager` object instead", milestone: '16.2' },
description: 'Executor last advertised by the runner.',
method: :executor_name
field :groups, null: true,
resolver: ::Resolvers::Ci::RunnerGroupsResolver,
description: 'Groups the runner is associated with. For group runners only.'
field :id, ::Types::GlobalIDType[::Ci::Runner], null: false, description: 'ID of the runner.'
field :ip_address, GraphQL::Types::String, null: true,
deprecated: { reason: "Use field in `manager` object instead", milestone: '16.2' },
description: 'IP address of the runner.'
field :job_count, GraphQL::Types::Int, null: true,
description: "Number of jobs processed by the runner (limited to #{JOB_COUNT_LIMIT}, plus one to " \
"indicate that more items exist).\n`jobCount` is an optimized version of `jobs { count }`, " \
@ -86,10 +75,6 @@ module Types
resolver: ::Resolvers::Ci::RunnerOwnerProjectResolver
field :paused, GraphQL::Types::Boolean, null: false,
description: 'Indicates the runner is paused and not available to run jobs.'
field :platform_name, GraphQL::Types::String, null: true,
deprecated: { reason: "Use field in `manager` object instead", milestone: '16.2' },
description: 'Platform provided by the runner.',
method: :platform
field :project_count, GraphQL::Types::Int, null: true,
description: 'Number of projects that the runner is associated with.'
field :projects,
@ -99,9 +84,6 @@ module Types
description: 'Find projects the runner is associated with. For project runners only.'
field :register_admin_url, GraphQL::Types::String, null: true,
description: 'URL of the temporary registration page of the runner. Only available before the runner is registered. Only available for administrators.'
field :revision, GraphQL::Types::String, null: true,
deprecated: { reason: "Use field in `manager` object instead", milestone: '16.2' },
description: 'Revision of the runner.'
field :run_untagged, GraphQL::Types::Boolean, null: false,
description: 'Indicates the runner is able to run untagged jobs.'
field :runner_type, ::Types::Ci::RunnerTypeEnum, null: false,
@ -118,9 +100,6 @@ module Types
field :token_expires_at, Types::TimeType, null: true,
description: 'Runner token expiration time.',
method: :token_expires_at
field :version, GraphQL::Types::String, null: true,
deprecated: { reason: "Use field in `manager` object instead", milestone: '16.2' },
description: 'Version of the runner.'
markdown_field :maintenance_note_html, null: true

1
app/models/ci/runner_manager.rb
View File

@ -76,6 +76,7 @@ module Ci
end
scope :order_id_desc, -> { order(id: :desc) }
scope :order_contacted_at_desc, -> { order(contacted_at: :desc) }
scope :with_version_prefix, ->(value) do
regex = version_regex_expression_for_version(value)

5
app/models/repository.rb
View File

@ -170,11 +170,6 @@ class Repository
commits = Commit.decorate(commits, container) if commits.present?
CommitCollection.new(container, commits, ref)
rescue Gitlab::Git::CommandError => e
# Temporary fix to address a new Gitaly internal error: https://gitlab.com/gitlab-org/gitlab/-/issues/452488
return CommitCollection.new(container, [], ref) if e.message.include?('listing commits failed')
raise
end
def commits_between(from, to, limit: nil)

4
app/presenters/ci/runner_presenter.rb
View File

@ -12,10 +12,6 @@ module Ci
delegator_override :locked
alias_method :locked, :locked?
def executor_name
Ci::Runner::EXECUTOR_TYPE_TO_NAMES[executor_type&.to_sym]
end
def paused
!active
end

3
app/validators/json_schemas/member_role_permissions.json
View File

@ -22,6 +22,9 @@
"admin_terraform_state": {
"type": "boolean"
},
"admin_compliance_framework": {
"type": "boolean"
},
"admin_vulnerability": {
"type": "boolean"
},

12
app/views/devise/shared/_signup_box_form.html.haml
View File

@ -20,10 +20,14 @@
.form-group
= label_tag :signup_intent, s_('SignUp|I want to...')
= select_tag :signup_intent,
options_for_select([[s_('SignUp|Set up a new team'), :new_team],
[s_('SignUp|Set up a new personal account'), :new_personal_account],
[s_('SignUp|Join an existing team'), :join_existing_team],
[s_('SignUp|Contribute to a public project on GitLab'), :contribute_public_project]]),
options_for_select([[s_('SignUp|Set up a new team'),
:select_signup_intent_dropdown_new_team_registration_step_one],
[s_('SignUp|Set up a new personal account'),
:select_signup_intent_dropdown_new_personal_account_registration_step_one],
[s_('SignUp|Join an existing team'),
:select_signup_intent_dropdown_join_existing_team_registration_step_one],
[s_('SignUp|Contribute to a public project on GitLab'),
:select_signup_intent_dropdown_contribute_public_project_registration_step_one]]),
prompt: s_('SignUp|Please select an option...'),
class: 'gl-form-select custom-select',
required: true

4
app/views/groups/edit.html.haml
View File

@ -45,7 +45,10 @@
.settings-content
= render 'shared/badges/badge_settings'
- if can?(current_user, :admin_compliance_framework, @group)
= render_if_exists 'groups/compliance_frameworks', expanded: expanded
- if can?(current_user, :admin_group, @group)
= render_if_exists 'groups/custom_project_templates_setting'
= render_if_exists 'groups/templates_setting', expanded: expanded
= render_if_exists 'shared/groups/max_pages_size_setting'
@ -60,6 +63,7 @@
= _('Perform advanced options such as changing path, transferring, exporting, or removing the group.')
.settings-content
= render 'groups/settings/advanced'
- elsif can?(current_user, :remove_group, @group)
= render 'groups/settings/remove', group: @group, remove_form_id: 'js-remove-group-form'
= render_if_exists 'groups/settings/restore', group: @group

2
app/views/projects/edit.html.haml
View File

@ -51,8 +51,10 @@
.settings-content
= render 'shared/badges/badge_settings'
- if can?(current_user, :admin_compliance_framework, @project)
= render_if_exists 'compliance_management/compliance_framework/project_settings', expanded: expanded
- if can?(current_user, :admin_project, @project)
= render_if_exists 'projects/settings/default_issue_template'
= render 'projects/service_desk_settings'

1
data/deprecations/15-6-deprecate-post-api-v4-runner.yml
View File

@ -1,7 +1,6 @@
- title: 'Registration tokens and server-side runner arguments in `POST /api/v4/runners` endpoint' # (required) The name of the feature to be deprecated
announcement_milestone: '15.6' # (required) The milestone when this feature was first announced as deprecated.
removal_milestone: '18.0' # (required) The milestone when this feature is planned to be removed
removal_date: '2024-04-22'
breaking_change: true # (required) If this deprecation is a breaking change, set this value to true
reporter: pedropombeiro # (required) GitLab username of the person reporting the deprecation
stage: Verify # (required) String value of the stage that the feature was created in. e.g., Growth

3
data/deprecations/15-9-deprecate-runner-setup-instructions-api.yml
View File

@ -1,8 +1,7 @@
- title: 'GitLab Runner platforms and setup instructions in GraphQL API'
announcement_milestone: '15.9'
announcement_date: '2023-02-22'
removal_milestone: '17.0'
removal_date: '2024-05-22'
removal_milestone: '18.0'
breaking_change: true
reporter: mrincon
body: |

17
db/post_migrate/20240410104838_index_vulnerability_reads_on_state_report_type_severity_traversal_ids_archived.rb Normal file
View File

@ -0,0 +1,17 @@
# frozen_string_literal: true
class IndexVulnerabilityReadsOnStateReportTypeSeverityTraversalIdsArchived < Gitlab::Database::Migration[2.2]
disable_ddl_transaction!
milestone '16.11'
INDEX_NAME = 'index_vulnerability_reads_common_attrs_and_detection_for_groups'
COLUMNS = %i[resolved_on_default_branch state report_type severity traversal_ids vulnerability_id].freeze
def up
add_concurrent_index :vulnerability_reads, COLUMNS, name: INDEX_NAME, where: 'archived = false'
end
def down
remove_concurrent_index_by_name :vulnerability_reads, INDEX_NAME
end
end

1
db/schema_migrations/20240410104838 Normal file
View File

@ -0,0 +1 @@
09626f964c06c02dff8c779f4e7bcfe56cb5ba6a256af43ce8a7d57dff4509c7

2
db/structure.sql
View File

@ -27698,6 +27698,8 @@ CREATE UNIQUE INDEX index_vulnerability_occurrences_on_uuid_1 ON vulnerability_o
CREATE INDEX index_vulnerability_occurrences_on_vulnerability_id ON vulnerability_occurrences USING btree (vulnerability_id);
CREATE INDEX index_vulnerability_reads_common_attrs_and_detection_for_groups ON vulnerability_reads USING btree (resolved_on_default_branch, state, report_type, severity, traversal_ids, vulnerability_id) WHERE (archived = false);
CREATE INDEX index_vulnerability_reads_common_finder_query_2 ON vulnerability_reads USING btree (project_id, state, report_type, severity, vulnerability_id DESC, dismissal_reason);
CREATE INDEX index_vulnerability_reads_common_finder_query_w_namespace_id ON vulnerability_reads USING btree (namespace_id, state, report_type, severity, vulnerability_id DESC, dismissal_reason);

10
doc/api/graphql/reference/index.md
View File

@ -17269,7 +17269,6 @@ CI/CD variables for a project.
| <a id="cirunneraccesslevel"></a>`accessLevel` | [`CiRunnerAccessLevel!`](#cirunneraccesslevel) | Access level of the runner. |
| <a id="cirunneractive"></a>`active` **{warning-solid}** | [`Boolean!`](#boolean) | **Deprecated** in GitLab 14.8. Use paused. |
| <a id="cirunneradminurl"></a>`adminUrl` | [`String`](#string) | Admin URL of the runner. Only available for administrators. |
| <a id="cirunnerarchitecturename"></a>`architectureName` **{warning-solid}** | [`String`](#string) | **Deprecated** in GitLab 16.2. Use field in `manager` object instead. |
| <a id="cirunnercontactedat"></a>`contactedAt` | [`Time`](#time) | Timestamp of last contact from this runner. |
| <a id="cirunnercreatedat"></a>`createdAt` | [`Time`](#time) | Timestamp of creation of this runner. |
| <a id="cirunnercreatedby"></a>`createdBy` | [`UserCore`](#usercore) | User that created this runner. |
@ -17277,10 +17276,8 @@ CI/CD variables for a project.
| <a id="cirunnereditadminurl"></a>`editAdminUrl` | [`String`](#string) | Admin form URL of the runner. Only available for administrators. |
| <a id="cirunnerephemeralauthenticationtoken"></a>`ephemeralAuthenticationToken` **{warning-solid}** | [`String`](#string) | **Introduced** in GitLab 15.9. **Status**: Experiment. Ephemeral authentication token used for runner manager registration. Only available for the creator of the runner for a limited time during registration. |
| <a id="cirunnerephemeralregisterurl"></a>`ephemeralRegisterUrl` **{warning-solid}** | [`String`](#string) | **Introduced** in GitLab 15.11. **Status**: Experiment. URL of the registration page of the runner manager. Only available for the creator of the runner for a limited time during registration. |
| <a id="cirunnerexecutorname"></a>`executorName` **{warning-solid}** | [`String`](#string) | **Deprecated** in GitLab 16.2. Use field in `manager` object instead. |
| <a id="cirunnergroups"></a>`groups` | [`GroupConnection`](#groupconnection) | Groups the runner is associated with. For group runners only. (see [Connections](#connections)) |
| <a id="cirunnerid"></a>`id` | [`CiRunnerID!`](#cirunnerid) | ID of the runner. |
| <a id="cirunneripaddress"></a>`ipAddress` **{warning-solid}** | [`String`](#string) | **Deprecated** in GitLab 16.2. Use field in `manager` object instead. |
| <a id="cirunnerjobexecutionstatus"></a>`jobExecutionStatus` **{warning-solid}** | [`CiRunnerJobExecutionStatus`](#cirunnerjobexecutionstatus) | **Introduced** in GitLab 15.7. **Status**: Experiment. Job execution status of the runner. |
| <a id="cirunnerlocked"></a>`locked` | [`Boolean`](#boolean) | Indicates the runner is locked. |
| <a id="cirunnermaintenancenote"></a>`maintenanceNote` | [`String`](#string) | Runner's maintenance notes. |
@ -17288,12 +17285,10 @@ CI/CD variables for a project.
| <a id="cirunnermaximumtimeout"></a>`maximumTimeout` | [`Int`](#int) | Maximum timeout (in seconds) for jobs processed by the runner. |
| <a id="cirunnerownerproject"></a>`ownerProject` | [`Project`](#project) | Project that owns the runner. For project runners only. |
| <a id="cirunnerpaused"></a>`paused` | [`Boolean!`](#boolean) | Indicates the runner is paused and not available to run jobs. |
| <a id="cirunnerplatformname"></a>`platformName` **{warning-solid}** | [`String`](#string) | **Deprecated** in GitLab 16.2. Use field in `manager` object instead. |
| <a id="cirunnerprivateprojectsminutescostfactor"></a>`privateProjectsMinutesCostFactor` | [`Float`](#float) | Private projects' "compute cost factor" associated with the runner (GitLab.com only). |
| <a id="cirunnerprojectcount"></a>`projectCount` | [`Int`](#int) | Number of projects that the runner is associated with. |
| <a id="cirunnerpublicprojectsminutescostfactor"></a>`publicProjectsMinutesCostFactor` | [`Float`](#float) | Public projects' "compute cost factor" associated with the runner (GitLab.com only). |
| <a id="cirunnerregisteradminurl"></a>`registerAdminUrl` | [`String`](#string) | URL of the temporary registration page of the runner. Only available before the runner is registered. Only available for administrators. |
| <a id="cirunnerrevision"></a>`revision` **{warning-solid}** | [`String`](#string) | **Deprecated** in GitLab 16.2. Use field in `manager` object instead. |
| <a id="cirunnerrununtagged"></a>`runUntagged` | [`Boolean!`](#boolean) | Indicates the runner is able to run untagged jobs. |
| <a id="cirunnerrunnertype"></a>`runnerType` | [`CiRunnerType!`](#cirunnertype) | Type of the runner. |
| <a id="cirunnershortsha"></a>`shortSha` | [`String`](#string) | First eight characters of the runner's token used to authenticate new job requests. Used as the runner's unique ID. |
@ -17301,7 +17296,6 @@ CI/CD variables for a project.
| <a id="cirunnertokenexpiresat"></a>`tokenExpiresAt` | [`Time`](#time) | Runner token expiration time. |
| <a id="cirunnerupgradestatus"></a>`upgradeStatus` **{warning-solid}** | [`CiRunnerUpgradeStatus`](#cirunnerupgradestatus) | **Introduced** in GitLab 14.10. **Status**: Experiment. Availability of upgrades for the runner. |
| <a id="cirunneruserpermissions"></a>`userPermissions` | [`RunnerPermissions!`](#runnerpermissions) | Permissions for the current user on the resource. |
| <a id="cirunnerversion"></a>`version` **{warning-solid}** | [`String`](#string) | **Deprecated** in GitLab 16.2. Use field in `manager` object instead. |
#### Fields with arguments
@ -26133,6 +26127,7 @@ Represents vulnerability finding of a security report on the pipeline.
| <a id="pipelinesecurityreportfindingscanner"></a>`scanner` | [`VulnerabilityScanner`](#vulnerabilityscanner) | Scanner metadata for the vulnerability. |
| <a id="pipelinesecurityreportfindingseverity"></a>`severity` | [`VulnerabilitySeverity`](#vulnerabilityseverity) | Severity of the vulnerability finding. |
| <a id="pipelinesecurityreportfindingsolution"></a>`solution` | [`String`](#string) | Solution for resolving the security report finding. |
| <a id="pipelinesecurityreportfindingsolutionhtml"></a>`solutionHtml` | [`String`](#string) | GitLab Flavored Markdown rendering of `solution`. |
| <a id="pipelinesecurityreportfindingstate"></a>`state` | [`VulnerabilityState`](#vulnerabilitystate) | Finding status. |
| <a id="pipelinesecurityreportfindingstatecomment"></a>`stateComment` | [`String`](#string) | Comment for the state of the security report finding. |
| <a id="pipelinesecurityreportfindingtitle"></a>`title` | [`String`](#string) | Title of the vulnerability finding. |
@ -32010,7 +32005,7 @@ Runner cloud provider.
### `CiRunnerMembershipFilter`
Values for filtering runners in namespaces. The previous type name `RunnerMembershipFilter` was deprecated in 15.4.
Values for filtering runners in namespaces.
| Value | Description |
| ----- | ----------- |
@ -33156,6 +33151,7 @@ Member role permission.
| Value | Description |
| ----- | ----------- |
| <a id="memberrolepermissionadmin_cicd_variables"></a>`ADMIN_CICD_VARIABLES` | Create, read, update, and delete CI/CD variables. |
| <a id="memberrolepermissionadmin_compliance_framework"></a>`ADMIN_COMPLIANCE_FRAMEWORK` | Enables administrator access to the compliance framework. |
| <a id="memberrolepermissionadmin_group_member"></a>`ADMIN_GROUP_MEMBER` | Add or remove users in a group, and assign roles to users. When assigning a role, users with this custom permission must select a role that has the same or fewer permissions as the default role used as the base for their custom role. |
| <a id="memberrolepermissionadmin_merge_request"></a>`ADMIN_MERGE_REQUEST` | Allows approval of merge requests. |
| <a id="memberrolepermissionadmin_push_rules"></a>`ADMIN_PUSH_RULES` | Configure push rules for repositories at the group or project level. |

15
doc/api/graphql/removed_items.md
View File

@ -14,6 +14,21 @@ GraphQL is a versionless API, unlike the REST API.
Occasionally, items have to be updated or removed from the GraphQL API.
According to our [process for removing items](index.md#deprecation-and-removal-process), here are the items that have been removed.
## GitLab 17.0
Fields removed in GitLab 17.0.
### GraphQL Fields
| Field name | GraphQL type | Deprecated in | Removal MR | Use instead |
|---|---|---|---|---|
| `architectureName` | `CiRunner` | 16.2 | [!124751](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/124751) | Use this field in `manager` object instead. |
| `executorName` | `CiRunner` | 16.2 | [!124751](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/124751) | Use this field in `manager` object instead. |
| `ipAddress` | `CiRunner` | 16.2 | [!124751](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/124751) | Use this field in `manager` object instead. |
| `platformName` | `CiRunner` | 16.2 | [!124751](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/124751) | Use this field in `manager` object instead. |
| `revision` | `CiRunner` | 16.2 | [!124751](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/124751) | Use this field in `manager` object instead. |
| `version` | `CiRunner` | 16.2 | [!124751](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/124751) | Use this field in `manager` object instead. |
## GitLab 16.0
Fields removed in GitLab 16.0.

8
doc/api/rest/deprecations.md
View File

@ -116,3 +116,11 @@ Breaking change. [Related issue](https://gitlab.com/gitlab-org/gitlab/-/issues/4
In GitLab 17.0, the [Runners API](../runners.md) will return `""` in place of `ip_address` for runners.
In v5 of the REST API, the field will be removed.
## Runner will not return `version`, `revision`, `platform`, or `architecture`
Breaking change. [Related issue](https://gitlab.com/gitlab-org/gitlab/-/issues/457128).
In GitLab 18.0, the [Runners API](../runners.md) will return `""` in place of `version`, `revision`, `platform`,
and `architecture` for runners.
In v5 of the REST API, the fields will be removed.

92
doc/api/runners.md
View File

@ -80,6 +80,14 @@ NOTE:
The `active` attribute in the response was deprecated [in GitLab 14.8](https://gitlab.com/gitlab-org/gitlab/-/issues/347211)
and will be removed in [a future version of the REST API](https://gitlab.com/gitlab-org/gitlab/-/issues/351109). It is replaced by the `paused` attribute.
NOTE:
The `ip_address` attribute in the response was deprecated
[in GitLab 16.1](https://gitlab.com/gitlab-org/gitlab/-/issues/415159) and will be removed in
[a future version of the REST API](https://gitlab.com/gitlab-org/gitlab/-/issues/351109).
This attribute will start returning an empty string in GitLab 17.0.
The `ipAddress` attribute can be found inside the respective runner manager, currently only available through the GraphQL
[`CiRunnerManager` type](graphql/reference/index.md#cirunnermanager).
Example response:
```json
@ -89,7 +97,7 @@ Example response:
"paused": false,
"description": "test-1-20150125",
"id": 6,
"ip_address": "127.0.0.1",
"ip_address": "",
"is_shared": false,
"runner_type": "project_type",
"name": null,
@ -101,7 +109,7 @@ Example response:
"paused": false,
"description": "test-2-20150125",
"id": 8,
"ip_address": "127.0.0.1",
"ip_address": "",
"is_shared": false,
"runner_type": "group_type",
"name": null,
@ -150,6 +158,14 @@ NOTE:
The `active` attribute in the response was deprecated [in GitLab 14.8](https://gitlab.com/gitlab-org/gitlab/-/issues/347211)
and will be removed in [a future version of the REST API](https://gitlab.com/gitlab-org/gitlab/-/issues/351109). It is replaced by the `paused` attribute.
NOTE:
The `ip_address` attribute in the response was deprecated
[in GitLab 16.1](https://gitlab.com/gitlab-org/gitlab/-/issues/415159) and will be removed in
[a future version of the REST API](https://gitlab.com/gitlab-org/gitlab/-/issues/351109).
This attribute will start returning an empty string in GitLab 17.0.
The `ipAddress` attribute can be found inside the respective runner manager, currently only available through the GraphQL
[`CiRunnerManager` type](graphql/reference/index.md#cirunnermanager).
Example response:
```json
@ -159,7 +175,7 @@ Example response:
"paused": false,
"description": "shared-runner-1",
"id": 1,
"ip_address": "127.0.0.1",
"ip_address": "",
"is_shared": true,
"runner_type": "instance_type",
"name": null,
@ -171,7 +187,7 @@ Example response:
"paused": false,
"description": "shared-runner-2",
"id": 3,
"ip_address": "127.0.0.1",
"ip_address": "",
"is_shared": true,
"runner_type": "instance_type",
"name": null,
@ -183,7 +199,7 @@ Example response:
"paused": false,
"description": "test-1-20150125",
"id": 6,
"ip_address": "127.0.0.1",
"ip_address": "",
"is_shared": false,
"runner_type": "project_type",
"name": null,
@ -195,7 +211,7 @@ Example response:
"paused": false,
"description": "test-2-20150125",
"id": 8,
"ip_address": "127.0.0.1",
"ip_address": "",
"is_shared": false,
"runner_type": "group_type",
"name": null,
@ -236,6 +252,22 @@ NOTE:
The `active` attribute in the response was deprecated [in GitLab 14.8](https://gitlab.com/gitlab-org/gitlab/-/issues/347211)
and will be removed in [a future version of the REST API](https://gitlab.com/gitlab-org/gitlab/-/issues/351109). It is replaced by the `paused` attribute.
NOTE:
The `ip_address` attribute in the response was deprecated
[in GitLab 16.1](https://gitlab.com/gitlab-org/gitlab/-/issues/415159) and will be removed in
[a future version of the REST API](https://gitlab.com/gitlab-org/gitlab/-/issues/351109).
This attribute will start returning an empty string in GitLab 17.0.
The `ipAddress` attribute can be found inside the respective runner manager, currently only available through the GraphQL
[`CiRunnerManager` type](graphql/reference/index.md#cirunnermanager).
NOTE:
The `version`, `revision`, `platform`, and `architecture` attributes in the response were deprecated
[in GitLab 17.0](https://gitlab.com/gitlab-org/gitlab/-/issues/457128) and will be removed in
[a future version of the REST API](https://gitlab.com/gitlab-org/gitlab/-/issues/351109).
These attributes will start returning an empty string in GitLab 18.0.
The same attributes can be found inside the respective runner manager, currently only available through the GraphQL
[`CiRunnerManager` type](graphql/reference/index.md#cirunnermanager).
Example response:
```json
@ -245,7 +277,7 @@ Example response:
"architecture": null,
"description": "test-1-20150125",
"id": 6,
"ip_address": "127.0.0.1",
"ip_address": "",
"is_shared": false,
"runner_type": "project_type",
"contacted_at": "2016-01-25T16:39:48.066Z",
@ -308,6 +340,14 @@ NOTE:
The `active` query parameter was deprecated [in GitLab 14.8](https://gitlab.com/gitlab-org/gitlab/-/issues/347211)
and will be removed in [a future version of the REST API](https://gitlab.com/gitlab-org/gitlab/-/issues/351109). It is replaced by the `paused` attribute.
NOTE:
The `ip_address` attribute in the response was deprecated
[in GitLab 16.1](https://gitlab.com/gitlab-org/gitlab/-/issues/415159) and will be removed in
[a future version of the REST API](https://gitlab.com/gitlab-org/gitlab/-/issues/351109).
This attribute will start returning an empty string in GitLab 17.0.
The `ipAddress` attribute can be found inside the respective runner manager, currently only available through the GraphQL
[`CiRunnerManager` type](graphql/reference/index.md#cirunnermanager).
Example response:
```json
@ -316,7 +356,7 @@ Example response:
"architecture": null,
"description": "test-1-20150125-test",
"id": 6,
"ip_address": "127.0.0.1",
"ip_address": "",
"is_shared": false,
"runner_type": "group_type",
"contacted_at": "2016-01-25T16:39:48.066Z",
@ -507,6 +547,14 @@ NOTE:
The `active` attribute in the response was deprecated [in GitLab 14.8](https://gitlab.com/gitlab-org/gitlab/-/issues/347211)
and will be removed in [a future version of the REST API](https://gitlab.com/gitlab-org/gitlab/-/issues/351109). It is replaced by the `paused` attribute.
NOTE:
The `ip_address` attribute in the response was deprecated
[in GitLab 16.1](https://gitlab.com/gitlab-org/gitlab/-/issues/415159) and will be removed in
[a future version of the REST API](https://gitlab.com/gitlab-org/gitlab/-/issues/351109).
This attribute will start returning an empty string in GitLab 17.0.
The `ipAddress` attribute can be found inside the respective runner manager, currently only available through the GraphQL
[`CiRunnerManager` type](graphql/reference/index.md#cirunnermanager).
Example response:
```json
@ -516,7 +564,7 @@ Example response:
"paused": false,
"description": "test-2-20150125",
"id": 8,
"ip_address": "127.0.0.1",
"ip_address": "",
"is_shared": false,
"runner_type": "project_type",
"name": null,
@ -528,7 +576,7 @@ Example response:
"paused": false,
"description": "development_runner",
"id": 5,
"ip_address": "127.0.0.1",
"ip_address": "",
"is_shared": true,
"runner_type": "instance_type",
"name": null,
@ -556,6 +604,14 @@ curl --request POST --header "PRIVATE-TOKEN: <your_access_token>" "https://gitla
--form "runner_id=9"
```
NOTE:
The `ip_address` attribute in the response was deprecated
[in GitLab 16.1](https://gitlab.com/gitlab-org/gitlab/-/issues/415159) and will be removed in
[a future version of the REST API](https://gitlab.com/gitlab-org/gitlab/-/issues/351109).
This attribute will start returning an empty string in GitLab 17.0.
The `ipAddress` attribute can be found inside the respective runner manager, currently only available through the GraphQL
[`CiRunnerManager` type](graphql/reference/index.md#cirunnermanager).
Example response:
```json
@ -563,7 +619,7 @@ Example response:
"active": true,
"description": "test-2016-02-01",
"id": 9,
"ip_address": "127.0.0.1",
"ip_address": "",
"is_shared": false,
"runner_type": "project_type",
"name": null,
@ -624,6 +680,14 @@ NOTE:
The `active` attribute in the response was deprecated [in GitLab 14.8](https://gitlab.com/gitlab-org/gitlab/-/issues/347211)
and will be removed in [a future version of the REST API](https://gitlab.com/gitlab-org/gitlab/-/issues/351109). It is replaced by the `paused` attribute.
NOTE:
The `ip_address` attribute in the response was deprecated
[in GitLab 16.1](https://gitlab.com/gitlab-org/gitlab/-/issues/415159) and will be removed in
[a future version of the REST API](https://gitlab.com/gitlab-org/gitlab/-/issues/351109).
This attribute will start returning an empty string in GitLab 17.0.
The `ipAddress` attribute can be found inside the respective runner manager, currently only available through the GraphQL
[`CiRunnerManager` type](graphql/reference/index.md#cirunnermanager).
Example response:
```json
@ -631,7 +695,7 @@ Example response:
{
"id": 3,
"description": "Shared",
"ip_address": "127.0.0.1",
"ip_address": "",
"active": true,
"paused": false,
"is_shared": true,
@ -643,7 +707,7 @@ Example response:
{
"id": 6,
"description": "Test",
"ip_address": "127.0.0.1",
"ip_address": "",
"active": true,
"paused": false,
"is_shared": true,
@ -655,7 +719,7 @@ Example response:
{
"id": 8,
"description": "Test 2",
"ip_address": "127.0.0.1",
"ip_address": "",
"active": true,
"paused": false,
"is_shared": false,

3
doc/ci/yaml/index.md
View File

@ -997,6 +997,7 @@ in a header section.
**Possible inputs**: Can be one of:
- `array`, to accept an [array](../yaml/inputs.md#array-type) of inputs.
- `string`, to accept string inputs (default when not defined).
- `number`, to only accept numeric inputs.
- `boolean`, to only accept `true` or `false` inputs.
@ -1013,6 +1014,8 @@ spec:
type: number
available:
type: boolean
array_input:
type: array
---
# The pipeline configuration would follow...

1
doc/development/sec/analyzer_development_guide.md
View File

@ -396,7 +396,6 @@ This issue will guide you through the whole release process. In general, you hav
- [SAST vendored CI/CD template](https://gitlab.com/gitlab-org/gitlab/blob/master/lib/gitlab/ci/templates/Security/SAST.gitlab-ci.yml)
- [Dependency Scanning vendored CI/CD template](https://gitlab.com/gitlab-org/gitlab/blob/master/lib/gitlab/ci/templates/Security/Dependency-Scanning.gitlab-ci.yml)
- [License Scanning vendored CI/CD template](https://gitlab.com/gitlab-org/gitlab/blob/master/lib/gitlab/ci/templates/Security/License-Scanning.gitlab-ci.yml)
- [Container Scanning CI/CD template](https://gitlab.com/gitlab-org/gitlab/blob/master/lib/gitlab/ci/templates/Security/Container-Scanning.gitlab-ci.yml)
If needed, go to the pipeline corresponding to the last Git tag,

2
doc/topics/autodevops/cicd_variables.md
View File

@ -111,7 +111,7 @@ Use these variables to disable CI/CD jobs.
| `gemnasium-python-dependency_scanning` | `DEPENDENCY_SCANNING_DISABLED` | | The job isn't created if the value is `"true"`. |
| `kubesec-sast` | `SAST_DISABLED` | | The job isn't created if the value is `"true"`. |
| `license_management` | `LICENSE_MANAGEMENT_DISABLED` | GitLab 12.7 and earlier | If the variable is present, the job isn't created. Job deprecated [from GitLab 12.8](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/22773) |
| `license_scanning` | `LICENSE_MANAGEMENT_DISABLED` | | The job isn't created if the value is `"true"`.|
| `license_scanning` | `LICENSE_MANAGEMENT_DISABLED` | | The job isn't created if the value is `"true"`. Job deprecated [from GitLab 15.9](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/111071) |
| `load_performance` | `LOAD_PERFORMANCE_DISABLED` | | If the variable is present, the job isn't created. |
| `nodejs-scan-sast` | `SAST_DISABLED` | | The job isn't created if the value is `"true"`. |
| `performance` | `PERFORMANCE_DISABLED` | GitLab 13.12 and earlier | Browser performance. If the variable is present, the job isn't created. Replaced by `browser_performance`. |

32
doc/update/deprecations.md
View File

@ -192,6 +192,22 @@ upgrade to GitLab 16.3 or above, and remove the feature flag configuration.
<div class="deprecation breaking-change" data-milestone="18.0">
### GitLab Runner platforms and setup instructions in GraphQL API
<div class="deprecation-notes">
- Announced in GitLab <span class="milestone">15.9</span>
- Removal in GitLab <span class="milestone">18.0</span> ([breaking change](https://docs.gitlab.com/ee/update/terminology.html#breaking-change))
- To discuss this change or learn more, see the [deprecation issue](https://gitlab.com/gitlab-org/gitlab/-/issues/387937).
</div>
The `runnerPlatforms` and `runnerSetup` queries to get GitLab Runner platforms and installation instructions
are deprecated and will be removed from the GraphQL API. For installation instructions, you should use the
[GitLab Runner documentation](https://docs.gitlab.com/runner/)
</div>
<div class="deprecation breaking-change" data-milestone="18.0">
### GitLab Runner registration token in Runner Operator
<div class="deprecation-notes">
@ -1140,22 +1156,6 @@ Because the new values provide a streamlined, comprehensive method to enable TLS
<div class="deprecation breaking-change" data-milestone="17.0">
### GitLab Runner platforms and setup instructions in GraphQL API
<div class="deprecation-notes">
- Announced in GitLab <span class="milestone">15.9</span>
- Removal in GitLab <span class="milestone">17.0</span> ([breaking change](https://docs.gitlab.com/ee/update/terminology.html#breaking-change))
- To discuss this change or learn more, see the [deprecation issue](https://gitlab.com/gitlab-org/gitlab/-/issues/387937).
</div>
The `runnerPlatforms` and `runnerSetup` queries to get GitLab Runner platforms and installation instructions
are deprecated and will be removed from the GraphQL API. For installation instructions, you should use the
[GitLab Runner documentation](https://docs.gitlab.com/runner/)
</div>
<div class="deprecation breaking-change" data-milestone="17.0">
### GitLab Runner provenance metadata SLSA v0.2 statement
<div class="deprecation-notes">

4
doc/user/ai_features.md
View File

@ -33,6 +33,7 @@ GitLab is [transparent](https://handbook.gitlab.com/handbook/values/#transparenc
| Helps you understand code by explaining it in English language. <br><br><i class="fa fa-youtube-play youtube" aria-hidden="true"></i> [Watch overview](https://www.youtube.com/watch?v=1izKaLmmaCA) | [Code explanation](#explain-code-in-the-web-ui-with-code-explanation) | **Tier:** Ultimate <br>**Offering:** GitLab.com <br>**Status:** Experiment |
| Assists you in determining the root cause for a pipeline failure and failed CI/CD build. | [Root cause analysis](#root-cause-analysis) | **Tier:** Ultimate <br>**Offering:** GitLab.com <br>**Status:** Experiment |
| Assists you with predicting productivity metrics and identifying anomalies across your software development lifecycle. | [Value stream forecasting](#forecast-deployment-frequency-with-value-stream-forecasting) | **Tier:** Ultimate <br>**Offering:** GitLab.com, Self-managed, GitLab Dedicated <br>**Status:** Experiment |
| Processes and responds to your questions about your application's usage data. | [Product Analytics](analytics/analytics_dashboards.md#generate-a-custom-visualization-with-gitlab-duo) | **Tier:** Ultimate <br>**Offering:** GitLab.com <br>**Status:** Experiment |
## Controlling GitLab Duo features
@ -317,7 +318,7 @@ language model referenced above.
| [Git suggestions](https://gitlab.com/gitlab-org/gitlab/-/issues/409636) | Vertex AI Codey [`codechat-bison`](https://cloud.google.com/vertex-ai/generative-ai/docs/model-reference/code-chat) |
| [Discussion summary](#summarize-issue-discussions-with-discussion-summary) |Anthropic [`Claude-2`](https://docs.anthropic.com/claude/reference/selecting-a-model) |
| [Issue description generation](#summarize-an-issue-with-issue-description-generation) | Anthropic [`Claude-2`](https://docs.anthropic.com/claude/reference/selecting-a-model) |
| [Code Suggestions](project/repository/code_suggestions/index.md) | For Code Completion: Vertex AI Codey [`code-gecko`](https://cloud.google.com/vertex-ai/generative-ai/docs/model-reference/code-completion) For Code Generation: Anthropic [`Claude-2`](https://docs.anthropic.com/claude/reference/selecting-a-model) |
| [Code Suggestions](project/repository/code_suggestions/index.md) | For Code Completion: Vertex AI Codey [`code-gecko`](https://cloud.google.com/vertex-ai/generative-ai/docs/model-reference/code-completion) For Code Generation: Anthropic [`Claude-3-Sonnet`](https://docs.anthropic.com/claude/docs/models-overview) |
| [Test generation](gitlab_duo_chat.md#write-tests-in-the-ide) | Anthropic [`Claude-2`](https://docs.anthropic.com/claude/reference/selecting-a-model) |
| [Merge request template population](project/merge_requests/ai_in_merge_requests.md#fill-in-merge-request-templates) | Vertex AI Codey [`text-bison`](https://cloud.google.com/vertex-ai/generative-ai/docs/model-reference/text) |
| [Suggested Reviewers](project/merge_requests/reviews/index.md#gitlab-duo-suggested-reviewers) | GitLab creates a machine learning model for each project, which is used to generate reviewers [View the issue](https://gitlab.com/gitlab-org/modelops/applied-ml/applied-ml-updates/-/issues/10) |
@ -329,6 +330,7 @@ language model referenced above.
| [GitLab Duo Chat](gitlab_duo_chat.md) | Anthropic [`Claude-2`](https://docs.anthropic.com/claude/reference/selecting-a-model) Vertex AI Codey [`textembedding-gecko`](https://cloud.google.com/vertex-ai/generative-ai/docs/embeddings/get-text-embeddings) |
| [Root cause analysis](#root-cause-analysis) | Vertex AI Codey [`text-bison`](https://cloud.google.com/vertex-ai/generative-ai/docs/model-reference/text) |
| [Value stream forecasting](#forecast-deployment-frequency-with-value-stream-forecasting) | Statistical forecasting |
| [Product analytics](analytics/analytics_dashboards.md#generate-a-custom-visualization-with-gitlab-duo) | Vertex AI Codey [`codechat-bison`](https://cloud.google.com/vertex-ai/generative-ai/docs/model-reference/code-chat) |
## Data usage

41
doc/user/analytics/analytics_dashboards.md
View File

@ -88,6 +88,7 @@ This feature is only compatible with the [product analytics](../product_analytic
You can use the dashboard designer to:
- [Create custom visualizations](#create-a-custom-visualization).
- [Generate custom visualizations with GitLab Duo](#generate-a-custom-visualization-with-gitlab-duo).
- Explore available data.
## View project dashboards
@ -291,6 +292,38 @@ To create a custom visualization:
After you saved a visualization, you can add it to a new or existing custom dashboard in the same project.
### Generate a custom visualization with GitLab Duo
DETAILS:
**Tier:** Ultimate
**Offering:** GitLab.com
**Status:** Experiment
> - Introduced in GitLab 16.11 as an [Experiment](../../policy/experiment-beta-support.md#experiment) feature [with a flag](../../administration/feature_flags.md) named `generate_cube_query`. Disabled by default.
Prerequisites:
- The parent group of the project must have [experiment and beta features enabled](../group/manage.md#enable-experiment-and-beta-features).
To generate a custom visualization with GitLab Duo using a natural language query:
1. On the left sidebar, select **Search or go to** and find your project.
1. Select **Analyze > Analytics dashboards**.
1. Select **Visualization designer**.
1. In the **Visualization title** field, enter the name of your visualization.
1. From the **Visualization type** dropdown list, select a visualization type.
1. In the **Generate with GitLab Duo** section, enter your prompt. For example:
- _Daily sessions_
- _Number of unique users, grouped weekly_
- _Which are the most popular pages?_
- _How many unique users does each browser have?_
1. Select **Generate with GitLab Duo**.
1. Select **Save**.
After you saved a visualization, you can add it to a new or existing custom dashboard in the same project.
## Troubleshooting
### `Something went wrong while loading the dashboard.`
@ -311,3 +344,11 @@ If a dashboard panel displays an error message:
- Check your [Cube query](../product_analytics/index.md#product-analytics-dashboards) and [visualization](../analytics/analytics_dashboards.md#define-a-chart-visualization)
configurations, and make sure they are set up correctly.
- For [product analytics](../product_analytics/index.md), also check that your visualization's Cube query is valid.
### Generate visualization with GitLab Duo returns unexpected results
If GitLab Duo doesn't return the expected or a useful result, try editing your query to:
- Specify a date range. For example: _number of unique users in 2023 to 2024, grouped monthly_.
- Use the same names for metrics and dimensions as shown in the visualization designer.
For example: _returning users_ instead of _existing customers_.

22
doc/user/application_security/container_scanning/index.md
View File

@ -266,7 +266,7 @@ including a large number of false positives.
| `ADDITIONAL_CA_CERT_BUNDLE` | `""` | Bundle of CA certs that you want to trust. See [Using a custom SSL CA certificate authority](#using-a-custom-ssl-ca-certificate-authority) for more details. | All |
| `CI_APPLICATION_REPOSITORY` | `$CI_REGISTRY_IMAGE/$CI_COMMIT_REF_SLUG` | Docker repository URL for the image to be scanned. | All |
| `CI_APPLICATION_TAG` | `$CI_COMMIT_SHA` | Docker repository tag for the image to be scanned. | All |
| `CS_ANALYZER_IMAGE` | `registry.gitlab.com/security-products/container-scanning:6` | Docker image of the analyzer. | All |
| `CS_ANALYZER_IMAGE` | `registry.gitlab.com/security-products/container-scanning:7` | Docker image of the analyzer. | All |
| `CS_DEFAULT_BRANCH_IMAGE` | `""` | The name of the `CS_IMAGE` on the default branch. See [Setting the default branch image](#setting-the-default-branch-image) for more details. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/338877) in GitLab 14.5. | All |
| `CS_DISABLE_DEPENDENCY_LIST` | `"false"` | Disable Dependency Scanning for packages installed in the scanned image. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/345434) in GitLab 14.6. | All |
| `CS_DISABLE_LANGUAGE_VULNERABILITY_SCAN` | `"true"` | Disable scanning for language-specific packages installed in the scanned image. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/345434) in GitLab 14.6. | All |
@ -325,9 +325,9 @@ standard tag plus the `-fips` extension.
| Scanner name | `CS_ANALYZER_IMAGE` |
| --------------- | ------------------- |
| Default (Trivy) | `registry.gitlab.com/security-products/container-scanning:6-fips` |
| Grype | `registry.gitlab.com/security-products/container-scanning/grype:6-fips` |
| Trivy | `registry.gitlab.com/security-products/container-scanning/trivy:6-fips` |
| Default (Trivy) | `registry.gitlab.com/security-products/container-scanning:7-fips` |
| Grype | `registry.gitlab.com/security-products/container-scanning/grype:7-fips` |
| Trivy | `registry.gitlab.com/security-products/container-scanning/trivy:7-fips` |
NOTE:
Prior to GitLab 15.0, the `-ubi` image extension is also available. GitLab 15.0 and later only
@ -384,9 +384,9 @@ The following options are available:
| Scanner name | `CS_ANALYZER_IMAGE` |
|----------------------------------------------------------|--------------------------------------------------------------------|
| Default ([Trivy](https://github.com/aquasecurity/trivy)) | `registry.gitlab.com/security-products/container-scanning:6` |
| [Grype](https://github.com/anchore/grype) | `registry.gitlab.com/security-products/container-scanning/grype:6` |
| Trivy | `registry.gitlab.com/security-products/container-scanning/trivy:6` |
| Default ([Trivy](https://github.com/aquasecurity/trivy)) | `registry.gitlab.com/security-products/container-scanning:7` |
| [Grype](https://github.com/anchore/grype) | `registry.gitlab.com/security-products/container-scanning/grype:7` |
| Trivy | `registry.gitlab.com/security-products/container-scanning/trivy:7` |
WARNING:
Do not use the `:latest` tag when selecting the scanner image.
@ -584,9 +584,9 @@ For container scanning, import the following images from `registry.gitlab.com` i
[local Docker container registry](../../packages/container_registry/index.md):
```plaintext
registry.gitlab.com/security-products/container-scanning:6
registry.gitlab.com/security-products/container-scanning/grype:6
registry.gitlab.com/security-products/container-scanning/trivy:6
registry.gitlab.com/security-products/container-scanning:7
registry.gitlab.com/security-products/container-scanning/grype:7
registry.gitlab.com/security-products/container-scanning/trivy:7
```
The process for importing Docker images into a local offline Docker registry depends on
@ -626,7 +626,7 @@ following `.gitlab-ci.yml` example as a template.
```yaml
variables:
SOURCE_IMAGE: registry.gitlab.com/security-products/container-scanning:6
SOURCE_IMAGE: registry.gitlab.com/security-products/container-scanning:7
TARGET_IMAGE: $CI_REGISTRY/namespace/container-scanning
image: docker:latest

6
doc/user/compliance/license_list.md
View File

@ -25,12 +25,6 @@ requirements must be met:
1. You must be generating an SBOM file with components from one of our [one of our supported languages](license_scanning_of_cyclonedx_files/index.md#supported-languages-and-package-managers).
1. If using our [`Dependency-Scanning.gitlab-ci.yml` template](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Jobs/Dependency-Scanning.gitlab-ci.yml) to generate the SBOM file, then your project must use at least one of the [supported languages and package managers](license_scanning_of_cyclonedx_files/index.md#supported-languages-and-package-managers).
Alternatively, licenses will also appear under the license list when using our deprecated [`License-Scanning.gitlab-ci.yml` template](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Jobs/License-Scanning.gitlab-ci.yml) as long as the following requirements are met:
1. The Dependency Scanning CI/CD job must be [enabled](license_scanning_of_cyclonedx_files/index.md#configuration) for your project.
1. Your project must use at least one of the
[supported languages and package managers](license_scanning_of_cyclonedx_files/index.md#supported-languages-and-package-managers).
When everything is configured, on the left sidebar, select **Secure > License compliance**.
The licenses are displayed, where:

17
doc/user/compliance/license_scanning_of_cyclonedx_files/index.md
View File

@ -12,22 +12,7 @@ DETAILS:
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/384932) in GitLab 15.9 for GitLab SaaS [with two flags](../../../administration/feature_flags.md) named `license_scanning_sbom_scanner` and `package_metadata_synchronization`. Both flags disabled by default.
> - [Generally available](https://gitlab.com/gitlab-org/gitlab/-/issues/385176) in GitLab 16.4. Feature flags `license_scanning_sbom_scanner` and `package_metadata_synchronization` removed.
NOTE:
The legacy License Compliance analyzer was deprecated in GitLab 15.9 and removed in GitLab 16.3.
To continue using GitLab for License Compliance, remove the License Compliance template from your
CI/CD pipeline and add the [Dependency Scanning template](../../application_security/dependency_scanning/index.md#configuration).
The Dependency Scanning template is now capable of gathering the required license information so it
is no longer necessary to run a separate License Compliance job. The License Compliance CI/CD
template should not be removed prior to verifying that the instance has been upgraded to a version
that supports the new method of license scanning. To begin using the Dependency Scanner quickly at
scale, you may set up a [scan execution policy](../../application_security/policies/scan-execution-policies.md)
at the group level to enforce the SBOM-based license scan for all projects in the group.
Then, you may remove the inclusion of the `Jobs/License-Scanning.gitlab-ci.yml` template from your
CI/CD configuration. If you wish to continue using the legacy License Compliance feature, you can do
so by setting the `LICENSE_MANAGEMENT_VERSION CI` variable to `4`. This variable can be set at the
[project](../../../ci/variables/index.md#for-a-project), [group](../../../ci/variables/index.md#for-a-group)
or [instance](../../../ci/variables/index.md#for-an-instance) level.
> - The legacy License Compliance analyzer (`License-Scanning.gitlab-ci.yml`) was [removed](https://gitlab.com/gitlab-org/gitlab/-/issues/439162) in GitLab 17.0.
To detect the licenses in use, License Compliance relies on running the
[Dependency Scanning CI Jobs](../../application_security/dependency_scanning/index.md),

6
doc/user/custom_roles/abilities.md
View File

@ -30,6 +30,12 @@ These requirements are documented in the `Required permission` column in the fol
| [`admin_merge_request`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/128302) | | Allows approval of merge requests. | GitLab [16.4](https://gitlab.com/gitlab-org/gitlab/-/issues/412708) | | |
| [`read_code`](https://gitlab.com/gitlab-org/gitlab/-/issues/376180) | | Allows read-only access to the source code. | GitLab [15.7](https://gitlab.com/gitlab-org/gitlab/-/issues/20277) | `customizable_roles` | GitLab [15.9](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/110810) |
## Compliance management
| Name | Required permission | Description | Introduced in | Feature flag | Enabled in |
|:-----|:------------|:------------------|:---------|:--------------|:---------|
| [`admin_compliance_framework`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/144183) | | Enables administrator access to the compliance framework. | GitLab [17.0](https://gitlab.com/gitlab-org/gitlab/-/issues/411502) | | |
## Group and projects
| Name | Required permission | Description | Introduced in | Feature flag | Enabled in |

8
doc/user/group/saml_sso/index.md
View File

@ -249,7 +249,13 @@ After you set up your identity provider to work with GitLab, you must configure
1. Complete the fields:
- In the **Identity provider single sign-on URL** field, enter the SSO URL from your identity provider.
- In the **Certificate fingerprint** field, enter the fingerprint for the SAML token signing certificate.
1. In the **Default membership role** field, select the role to assign to new users.
1. For groups on GitLab.com: in the **Default membership role** field, select:
1. The role to assign to new users.
1. The role to assign to
[users who are not members of a mapped SAML group](../saml_sso/group_sync.md#automatic-member-removal)
when SAML Group Links is configured for the group.
1. For groups on self-managed instances: in the **Default membership role** field,
select the role to assign to new users.
The default role is **Guest**. That role becomes the starting role of all users
added to the group:
- In [GitLab 13.3](https://gitlab.com/gitlab-org/gitlab/-/issues/214523) and

26
doc/user/packages/generic_packages/index.md
View File

@ -163,20 +163,38 @@ GET /projects/:id/packages/generic/:package_name/:package_version/:file_name
The file context is served in the response body. The response content type is `application/octet-stream`.
::Tabs
:::TabTitle Personal access token
Example request that uses a personal access token:
```shell
# Header authentication
curl --header "PRIVATE-TOKEN: <your_access_token>" \
"https://gitlab.example.com/api/v4/projects/24/packages/generic/my_package/0.0.1/file.txt"
```
Example request that uses HTTP Basic authentication:
```shell
# Basic authentication
curl --user "user:<your_access_token>" \
"https://gitlab.example.com/api/v4/projects/24/packages/generic/my_package/0.0.1/file.txt"
```
:::TabTitle CI_JOB_TOKEN
Example request that uses a `CI_JOB_TOKEN`:
```shell
# Header authentication
curl --header "JOB-TOKEN: ${CI_JOB_TOKEN}" \
"https://gitlab.example.com/api/v4/projects/24/packages/generic/my_package/0.0.1/file.txt"
# Basic authentication
curl --user "gitlab-ci-token:${CI_JOB_TOKEN}" \
"https://gitlab.example.com/api/v4/projects/24/packages/generic/my_package/0.0.1/file.txt"
```
::EndTabs
## Publish a generic package by using CI/CD
To work with generic packages in [GitLab CI/CD](../../../ci/index.md), you can use

1
doc/user/project/issues/index.md
View File

@ -62,3 +62,4 @@ To learn how the GitLab Strategic Marketing department uses GitLab issues with [
- [Issues API](../../../api/issues.md)
- [Configure an external issue tracker](../../../integration/external-issue-tracker.md)
- [Tasks](../../tasks.md)
- [External participants](../service_desk/external_participants.md)

159
doc/user/project/service_desk/external_participants.md Normal file
View File

@ -0,0 +1,159 @@
---
stage: Service Management
group: Respond
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# External participants
DETAILS:
**Tier:** Free, Premium, Ultimate
**Offering:** GitLab.com, Self-managed
> - [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/3758) in GitLab 17.0 [with a flag](../../../administration/feature_flags.md) named `issue_email_participants`. Disabled by default.
FLAG:
The availability of this feature is controlled by a feature flag.
For more information, see the history.
This feature is available for testing, but not ready for production use.
External participants are users without a GitLab account that can interact with an issue or Service Desk ticket only by email.
They get notified of public comments on an issue or ticket by [Service Desk emails](configure.md#customize-emails-sent-to-the-requester).
The maximum number of external participants on an issue or ticket is 10.
## Service Desk tickets
GitLab adds the external author of a Service Desk ticket as an external participant.
That usually is the email address from the `From` header of the initial email that created the ticket.
### Add external participants from the `Cc` header
By default GitLab only adds the sender of the email that creates the Service Desk ticket as an external participant.
You can configure GitLab to also add all email addresses from the `Cc` header to the Service Desk ticket.
This works for the initial email and all replies to the [`thank_you` email](configure.md#customize-emails-sent-to-the-requester).
Prerequisites:
- You must have at least the Maintainer role for the project.
To enable the setting for the project:
1. On the left sidebar, select **Search or go to** and find your project.
1. Select **Settings > General**.
1. Expand **Service Desk**.
1. Select **Add external participants from the `Cc` header**.
1. Select **Save changes**.
## As an external participant
An external participant receives a notification for each public comment on the issue or ticket
using [Service Desk emails](configure.md#customize-emails-sent-to-the-requester).
### Replying to notification emails
An external participant can [reply to the received notification email](../../../administration/reply_by_email.md#you-reply-to-the-notification-email).
It creates a new comment on the issue or ticket and displays the email address of the external participant
instead of a GitLab username. The email address is followed by `(external participant)`.
![Comment from an external participant on an issue or ticket](img/service_desk_external_participants_comment_v17_0.png)
### Unsubscribing from notification emails
External participants can use the unsubscribe link in the default Service Desk email template to
unsubscribe from the issue or ticket.
If you [customize your `thank_you` and `new_note` email templates](configure.md#customize-emails-sent-to-the-requester),
you can use the `%{UNSUBSCRIBE_URL}` placeholder to add the unsubscribe link to the templates.
Your GitLab instance must be reachable (for example, from the public internet) for the external participant to successfully unsubscribe.
If that's not the case, consider removing the unsubscribe link from your template.
## As a GitLab user
To see the email address of an external participant you must have at least the Reporter role for the project.
The external participant's email address is obfuscated if both these conditions are true:
- You are not a member of the project or have the Guest role.
- The issue or ticket is public ([non-confidential](../issues/confidential_issues.md#confidential-issues)).
The external participant's email address is then obfuscated in:
- The author field of a Service Desk ticket.
- All [system notes](../system_notes.md) that mention an external participant.
- The [REST](../../../api/notes.md) and [GraphQL](../../../api/graphql/index.md) APIs.
- The warning message below the comment editor.
For example:
![Obfuscated email addresses of external participants in system notes](img/service_desk_external_participants_email_obfuscation_v17_0.png)
### Notifications sent to external participants
External participants get notifications for all public comments on an issue.
For private communication, use [internal notes](../../discussions/index.md#add-an-internal-note).
External participants don't receive notifications for any other issue or ticket event.
### View all external participants
Get an overview of all external participants that receive a Service Desk email for a new comment.
Prerequisites:
- You must have at least the Reporter role for the project.
To see a list of all external participants:
1. Go to the issue or ticket.
1. Scroll down to the comment editor.
1. If the issue or ticket has external participants, you can see a warning under the comment editor
that lists all external participants.
![Warning below the comment editor listing external participants](img/service_desk_external_participants_comment_editor_warning_v17_0.png)
### Add an external participant
Add an external participant using the `/invite_email` [quick action](../quick_actions.md) when you want
to include them in the conversation at any time.
When added, the external participant starts receiving notifications using Service Desk emails.
GitLab doesn't send a `thank_you` email for manually added external participants.
You should add external participants in a dedicated comment because they don't receive a notification
email for the comment that contains the `/invite_email` quick action.
Prerequisites:
- You must have at least the Reporter role for the project.
To add an external participant to an issue or ticket:
1. Go to the issue or ticket.
1. Add a comment that contains only the quick action `/invite_email user@example.com`.
You can chain up to 6 email addresses. For example `/invite_email user@example.com user2@example.com`
You should see a success message and a new system note with the email address.
### Remove an external participant
Remove an external participant from an issue or Service Desk ticket using the `/remove_email`
[quick action](../quick_actions.md) when they should stop receiving notifications.
After removing them from the issue or ticket they don't receive new notifications.
But they can still reply to emails they received before and create a new comment on the issue or ticket.
Prerequisites:
- You must have at least the Reporter role for the project.
- There must be at least one external participant on the issue or ticket.
To remove an existing external participant from an issue or ticket:
1. Go to the issue or ticket.
1. Add a comment that contains only the quick action `/remove_email user@example.com`.
You can chain up to 6 email addresses. For example `/remove_email user@example.com user2@example.com`
You should see a success message and a new system note with the email address.

BIN
doc/user/project/service_desk/img/service_desk_external_participants_comment_editor_warning_v17_0.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 32 KiB

BIN
doc/user/project/service_desk/img/service_desk_external_participants_comment_v17_0.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 19 KiB

BIN
doc/user/project/service_desk/img/service_desk_external_participants_email_obfuscation_v17_0.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 27 KiB

4
doc/user/project/service_desk/index.md
View File

@ -64,6 +64,10 @@ Meanwhile:
- [Email contents and formatting](using_service_desk.md#email-contents-and-formatting)
- [Convert a regular issue to a Service Desk ticket](using_service_desk.md#convert-a-regular-issue-to-a-service-desk-ticket)
- [Privacy considerations](using_service_desk.md#privacy-considerations)
- [External Participants](external_participants.md)
- [Service Desk tickets](external_participants.md#service-desk-tickets)
- [As an external participant](external_participants.md#as-an-external-participant)
- [As a GitLab user](external_participants.md#as-a-gitlab-user)
## Troubleshooting Service Desk

4
doc/user/project/service_desk/using_service_desk.md
View File

@ -39,8 +39,8 @@ are sent as emails:
Any responses they send via email are displayed in the issue itself.
For information about headers used for treating email, see
[the incoming email documentation](../../../administration/incoming_email.md#accepted-headers).
For additional information see [External participants](external_participants.md) and the
[headers used for treating email](../../../administration/incoming_email.md#accepted-headers).
### Create a Service Desk ticket in GitLab UI

4
lib/api/entities/ci/runner.rb
View File

@ -6,8 +6,8 @@ module API
class Runner < Grape::Entity
expose :id, documentation: { type: 'integer', example: 8 }
expose :description, documentation: { type: 'string', example: 'test-1-20150125' }
# TODO: return null in 17.0 and remove in v5 https://gitlab.com/gitlab-org/gitlab/-/issues/415159
expose :ip_address, documentation: { type: 'string', example: '127.0.0.1' }
# TODO: remove in v5 https://gitlab.com/gitlab-org/gitlab/-/issues/415159
expose(:ip_address, documentation: { type: 'string', example: '127.0.0.1' }) { |_runner, _options| nil }
# TODO Remove in v5 in favor of `paused` for REST calls, see https://gitlab.com/gitlab-org/gitlab/-/issues/375709
expose :active, documentation: { type: 'boolean', example: true }
expose :paused, documentation: { type: 'boolean', example: false } do |runner|

14
lib/api/entities/ci/runner_details.rb
View File

@ -4,12 +4,18 @@ module API
module Entities
module Ci
class RunnerDetails < Runner
include Gitlab::Utils::StrongMemoize
expose :tag_list
expose :run_untagged
expose :locked
expose :maximum_timeout
expose :access_level
expose :version, :revision, :platform, :architecture
# TODO: return nil in 18.0 and remove in v5 https://gitlab.com/gitlab-org/gitlab/-/issues/457128
expose(:version) { |runner, _options| latest_runner_manager(runner)&.version }
expose(:revision) { |runner, _options| latest_runner_manager(runner)&.revision }
expose(:platform) { |runner, _options| latest_runner_manager(runner)&.platform }
expose(:architecture) { |runner, _options| latest_runner_manager(runner)&.architecture }
expose :contacted_at
expose :maintenance_note
@ -31,6 +37,12 @@ module API
end
end
# rubocop: enable CodeReuse/ActiveRecord
def latest_runner_manager(runner)
strong_memoize_with(:latest_runner_manager, runner) do
runner.runner_managers.order_contacted_at_desc.first
end
end
end
end
end

2
lib/api/generic_packages.rb
View File

@ -119,7 +119,7 @@ module API
requires :file_name, type: String, desc: 'Package file name', regexp: Gitlab::Regex.generic_package_file_name_regex, file_path: true
end
route_setting :authentication, job_token_allowed: true, basic_auth_personal_access_token: true, deploy_token_allowed: true
route_setting :authentication, job_token_allowed: %i[request basic_auth], basic_auth_personal_access_token: true, deploy_token_allowed: true
get do
project = authorized_user_project(action: :read_package)

2
lib/api/helpers/packages/maven/basic_auth_helpers.rb
View File

@ -12,7 +12,7 @@ module API
# basic auth.
override :find_user_from_job_token
def find_user_from_job_token
super || find_user_from_basic_auth_job
super || find_user_from_job_token_basic_auth
end
end
end

60
lib/gitlab/auth/auth_finders.rb
View File

@ -76,30 +76,11 @@ module Gitlab
def find_user_from_job_token
return unless route_authentication_setting[:job_token_allowed]
return find_user_from_basic_auth_job if route_authentication_setting[:job_token_allowed] == :basic_auth
token = current_request.params[JOB_TOKEN_PARAM].presence ||
current_request.params[RUNNER_JOB_TOKEN_PARAM].presence ||
current_request.env[JOB_TOKEN_HEADER].presence
return unless token
user = find_user_from_job_token_basic_auth if can_authenticate_job_token_basic_auth?
return user if user
job = find_valid_running_job_by_token!(token.to_s)
@current_authenticated_job = job # rubocop:disable Gitlab/ModuleWithInstanceVariables
job.user
end
def find_user_from_basic_auth_job
return unless has_basic_credentials?(current_request)
login, password = user_name_and_password(current_request)
return unless login.present? && password.present?
return unless ::Gitlab::Auth::CI_JOB_USER == login
job = find_valid_running_job_by_token!(password.to_s)
@current_authenticated_job = job # rubocop:disable Gitlab/ModuleWithInstanceVariables
job.user
find_user_from_job_token_query_params_or_header if can_authenticate_job_token_request?
end
def find_user_from_basic_auth_password
@ -322,6 +303,41 @@ module Gitlab
user
end
def can_authenticate_job_token_basic_auth?
setting = route_authentication_setting[:job_token_allowed]
Array.wrap(setting).include?(:basic_auth)
end
def can_authenticate_job_token_request?
setting = route_authentication_setting[:job_token_allowed]
setting == true || Array.wrap(setting).include?(:request)
end
def find_user_from_job_token_query_params_or_header
token = current_request.params[JOB_TOKEN_PARAM].presence ||
current_request.params[RUNNER_JOB_TOKEN_PARAM].presence ||
current_request.env[JOB_TOKEN_HEADER].presence
return unless token
job = find_valid_running_job_by_token!(token.to_s)
@current_authenticated_job = job # rubocop:disable Gitlab/ModuleWithInstanceVariables
job.user
end
def find_user_from_job_token_basic_auth
return unless has_basic_credentials?(current_request)
login, password = user_name_and_password(current_request)
return unless login.present? && password.present?
return unless ::Gitlab::Auth::CI_JOB_USER == login
job = find_valid_running_job_by_token!(password.to_s)
@current_authenticated_job = job # rubocop:disable Gitlab/ModuleWithInstanceVariables
job.user
end
def parsed_oauth_token
Doorkeeper::OAuth::Token.from_request(current_request, *Doorkeeper.configuration.access_token_methods)
end

2
lib/gitlab/auth/request_authenticator.rb
View File

@ -38,7 +38,7 @@ module Gitlab
find_user_from_web_access_token(request_format, scopes: [:api, :read_api]) ||
find_user_from_feed_token(request_format) ||
find_user_from_static_object_token(request_format) ||
find_user_from_basic_auth_job ||
find_user_from_job_token_basic_auth ||
find_user_from_job_token ||
find_user_from_personal_access_token_for_api_or_git ||
find_user_for_git_or_lfs_request

5
lib/gitlab/ci/templates/Auto-DevOps.gitlab-ci.yml
View File

@ -65,10 +65,6 @@ variables:
DOCKER_TLS_CERTDIR: "" # https://gitlab.com/gitlab-org/gitlab-runner/issues/4501
# License-Scanning job is removed from GitLab 16.3
# This is the fix for https://gitlab.com/gitlab-org/gitlab/-/issues/422791
LICENSE_MANAGEMENT_DISABLED: "true"
stages:
- build
- test
@ -182,7 +178,6 @@ include:
- template: Jobs/Container-Scanning.gitlab-ci.yml # https://gitlab.com/gitlab-org/gitlab/blob/master/lib/gitlab/ci/templates/Jobs/Container-Scanning.gitlab-ci.yml
- template: Jobs/Dependency-Scanning.gitlab-ci.yml # https://gitlab.com/gitlab-org/gitlab/blob/master/lib/gitlab/ci/templates/Jobs/Dependency-Scanning.gitlab-ci.yml
- template: Jobs/SAST.gitlab-ci.yml # https://gitlab.com/gitlab-org/gitlab/blob/master/lib/gitlab/ci/templates/Jobs/SAST.gitlab-ci.yml
- template: Jobs/License-Scanning.gitlab-ci.yml # https://gitlab.com/gitlab-org/gitlab/blob/master/lib/gitlab/ci/templates/Jobs/License-Scanning.gitlab-ci.yml
- template: Jobs/Secret-Detection.gitlab-ci.yml # https://gitlab.com/gitlab-org/gitlab/blob/master/lib/gitlab/ci/templates/Jobs/Secret-Detection.gitlab-ci.yml
# The latest build job generates a dotenv report artifact with a CI_APPLICATION_TAG

2
lib/gitlab/ci/templates/Jobs/Container-Scanning.gitlab-ci.yml
View File

@ -22,7 +22,7 @@
# List of available variables: https://docs.gitlab.com/ee/user/application_security/container_scanning/#available-variables
variables:
CS_ANALYZER_IMAGE: "$CI_TEMPLATE_REGISTRY_HOST/security-products/container-scanning:6"
CS_ANALYZER_IMAGE: "$CI_TEMPLATE_REGISTRY_HOST/security-products/container-scanning:7"
CS_SCHEMA_MODEL: 15
container_scanning:

2
lib/gitlab/ci/templates/Jobs/Container-Scanning.latest.gitlab-ci.yml
View File

@ -22,7 +22,7 @@
# List of available variables: https://docs.gitlab.com/ee/user/application_security/container_scanning/#available-variables
variables:
CS_ANALYZER_IMAGE: "$CI_TEMPLATE_REGISTRY_HOST/security-products/container-scanning:6"
CS_ANALYZER_IMAGE: "$CI_TEMPLATE_REGISTRY_HOST/security-products/container-scanning:7"
CS_SCHEMA_MODEL: 15
container_scanning:

38
lib/gitlab/ci/templates/Jobs/License-Scanning.gitlab-ci.yml
View File

@ -1,38 +0,0 @@
# To contribute improvements to CI/CD templates, please follow the Development guide at:
# https://docs.gitlab.com/ee/development/cicd/templates.html
# This specific template is located at:
# https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Jobs/License-Scanning.gitlab-ci.yml
# Read more about this feature here: https://docs.gitlab.com/ee/user/compliance/license_compliance/index.html
#
# Configure license scanning with CI/CD variables (https://docs.gitlab.com/ee/ci/variables/index.html).
# List of available variables: https://docs.gitlab.com/ee/user/compliance/license_compliance/#available-variables
variables:
# Setting this variable will affect all Security templates
# (SAST, Dependency Scanning, ...)
SECURE_ANALYZERS_PREFIX: "$CI_TEMPLATE_REGISTRY_HOST/security-products"
LICENSE_MANAGEMENT_SETUP_CMD: '' # If needed, specify a command to setup your environment with a custom package manager.
LICENSE_MANAGEMENT_VERSION: 'removed'
license_scanning:
stage: test
image:
name: "$SECURE_ANALYZERS_PREFIX/license-finder:$LICENSE_MANAGEMENT_VERSION"
entrypoint: [""]
variables:
LM_REPORT_VERSION: '2.1'
SETUP_CMD: $LICENSE_MANAGEMENT_SETUP_CMD
allow_failure: true
script:
- /run.sh analyze .
artifacts:
reports:
license_scanning: gl-license-scanning-report.json
dependencies: []
rules:
- if: $LICENSE_MANAGEMENT_DISABLED == 'true' || $LICENSE_MANAGEMENT_DISABLED == '1'
when: never
- if: $CI_COMMIT_BRANCH &&
$GITLAB_FEATURES =~ /\blicense_scanning\b/

48
lib/gitlab/ci/templates/Jobs/License-Scanning.latest.gitlab-ci.yml
View File

@ -1,48 +0,0 @@
# To contribute improvements to CI/CD templates, please follow the Development guide at:
# https://docs.gitlab.com/ee/development/cicd/templates.html
# This specific template is located at:
# https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Jobs/License-Scanning.gitlab-ci.yml
# Read more about this feature here: https://docs.gitlab.com/ee/user/compliance/license_compliance/index.html
#
# Configure license scanning with CI/CD variables (https://docs.gitlab.com/ee/ci/variables/index.html).
# List of available variables: https://docs.gitlab.com/ee/user/compliance/license_compliance/#available-variables
variables:
# Setting this variable will affect all Security templates
# (SAST, Dependency Scanning, ...)
SECURE_ANALYZERS_PREFIX: "$CI_TEMPLATE_REGISTRY_HOST/security-products"
LICENSE_MANAGEMENT_SETUP_CMD: '' # If needed, specify a command to setup your environment with a custom package manager.
LICENSE_MANAGEMENT_VERSION: 4
license_scanning:
stage: test
image:
name: "$SECURE_ANALYZERS_PREFIX/license-finder:$LICENSE_MANAGEMENT_VERSION"
entrypoint: [""]
variables:
LM_REPORT_VERSION: '2.1'
SETUP_CMD: $LICENSE_MANAGEMENT_SETUP_CMD
allow_failure: true
script:
- /run.sh analyze .
artifacts:
reports:
license_scanning: gl-license-scanning-report.json
dependencies: []
rules:
- if: $LICENSE_MANAGEMENT_DISABLED == 'true' || $LICENSE_MANAGEMENT_DISABLED == '1'
when: never
# Add the job to merge request pipelines if there's an open merge request.
- if: $CI_PIPELINE_SOURCE == "merge_request_event" &&
$GITLAB_FEATURES =~ /\blicense_scanning\b/
# Don't add it to a *branch* pipeline if it's already in a merge request pipeline.
- if: $CI_OPEN_MERGE_REQUESTS
when: never
# Add the job to branch pipelines.
- if: $CI_COMMIT_BRANCH &&
$GITLAB_FEATURES =~ /\blicense_scanning\b/

5
lib/gitlab/ci/templates/Security/License-Scanning.gitlab-ci.yml
View File

@ -1,5 +0,0 @@
# This template moved to Jobs/License-Scanning.gitlab-ci.yml in GitLab 14.8
# Issue: https://gitlab.com/gitlab-org/gitlab/-/issues/292977
include:
- template: Jobs/License-Scanning.gitlab-ci.yml

6
lib/gitlab/graphql/type_name_deprecations.rb
View File

@ -11,11 +11,7 @@ module Gitlab
# old_name: 'RunnerMembershipFilter', new_name: 'CiRunnerMembershipFilter', milestone: '15.4'
# )
# ].freeze
DEPRECATIONS = [
Gitlab::Graphql::DeprecationsBase::NameDeprecation.new(
old_name: 'RunnerMembershipFilter', new_name: 'CiRunnerMembershipFilter', milestone: '15.4'
)
].freeze
DEPRECATIONS = [].freeze
def self.map_graphql_name(name)
name

17
lib/tasks/gitlab/graphql.rake
View File

@ -20,13 +20,18 @@ namespace :gitlab do
end
end
task generous_gitlab_schema: :environment do
GitlabSchema.validate_timeout 1.second
puts "Validation timeout set to #{GitlabSchema.validate_timeout} second(s)"
end
# Defines tasks for dumping the GraphQL schema:
# - gitlab:graphql:schema:dump
# - gitlab:graphql:schema:idl
# - gitlab:graphql:schema:json
GraphQL::RakeTask.new(
schema_name: 'GitlabSchema',
dependencies: [:environment, :enable_feature_flags],
dependencies: [:environment, :enable_feature_flags, :generous_gitlab_schema],
directory: TEMP_SCHEMA_DIR,
idl_outfile: "gitlab_schema.graphql",
json_outfile: "gitlab_schema.json"
@ -70,13 +75,7 @@ namespace :gitlab do
end
desc 'GitLab | GraphQL | Validate queries'
task validate: [:environment, :enable_feature_flags] do |t, args|
class GenerousTimeoutSchema < GitlabSchema # rubocop:disable Gitlab/NamespacedClass
validate_timeout 1.second
end
puts "Validating GraphQL queries. Validation timeout set to #{GenerousTimeoutSchema.validate_timeout} second(s)"
task validate: [:environment, :enable_feature_flags, :generous_gitlab_schema] do |t, args|
queries = if args.to_a.present?
args.to_a.flat_map { |path| Gitlab::Graphql::Queries.find(path) }
else
@ -84,7 +83,7 @@ namespace :gitlab do
end
failed = queries.flat_map do |defn|
summary, errs = defn.validate(GenerousTimeoutSchema)
summary, errs = defn.validate(GitlabSchema)
case summary
when :client_query

94
lib/unnested_in_filters/rewriter.rb
View File

@ -69,6 +69,90 @@ module UnnestedInFilters
end
end
# A naive query planner implementation.
# Checks if a database-level index can be utilized by given filtering and ordering predicates.
#
# Partial index support:
# - Supports partial indices if the partial index predicate contains only one column.
# - Supports only the `=` operator in partial index predicate.
class IndexCoverage
PARTIAL_INDEX_REGEX = /(?<!\s)(?>\(*(?<column_name>\b\w+)\s*=\s*(?<column_value>\w+)\)*)(?!\s)/
def initialize(index, where_hash, order_attributes)
@index = index
@where_hash = where_hash
@order_attributes = order_attributes
end
def covers?
filter_attributes_covered? &&
can_be_used_for_sorting? &&
does_not_contain_any_other_column?
end
private
attr_reader :index, :where_hash, :order_attributes
def filter_attributes_covered?
partial? ? partial_index_coverage? : full_index_coverage?
end
def can_be_used_for_sorting?
index.columns.last(order_attributes.length) == order_attributes
end
def does_not_contain_any_other_column?
(index.columns - combined_attributes).empty?
end
def partial?
index.where.present?
end
def full_index_coverage?
(filter_attributes - Array(index.columns)).empty?
end
def partial_index_coverage?
return false unless partial_column
full_index_coverage_with_partial_column? && partial_filter_matches?
end
def full_index_coverage_with_partial_column?
(filter_attributes - Array(index.columns) - Array(partial_column)).empty?
end
def combined_attributes
filter_attributes + order_attributes
end
def filter_attributes
@filter_attributes ||= where_hash.keys
end
def partial_filter_matches?
partial_filter == partial_value
end
def partial_filter
where_hash[partial_column].to_s
end
def partial_column
index_filter['column_name']
end
def partial_value
index_filter['column_value']
end
def index_filter
@index_filter ||= index.where.match(PARTIAL_INDEX_REGEX)&.named_captures.to_h
end
end
def initialize(relation)
@relation = relation
end
@ -252,11 +336,7 @@ module UnnestedInFilters
end
def has_index_coverage?
indices.any? do |index|
(filter_attributes - Array(index.columns)).empty? && # all the filter attributes are indexed
index.columns.last(order_attributes.length) == order_attributes && # index can be used in sorting
(index.columns - combined_attributes).empty? # there is no other columns in the index
end
indices.any?(&:covers?)
end
def primary_key_present?
@ -285,7 +365,9 @@ module UnnestedInFilters
end
def indices
model.connection.schema_cache.indexes(model.table_name)
model.connection.schema_cache.indexes(model.table_name).map do |index|
IndexCoverage.new(index, where_clause.to_h, order_attributes)
end
end
def value_tables

1
qa/qa/specs/features/browser_ui/7_configure/auto_devops/auto_devops_templates_spec.rb
View File

@ -15,7 +15,6 @@ module QA
# during the production run
let(:optional_jobs) do
%w[
LICENSE_MANAGEMENT_DISABLED
SAST_DISABLED DAST_DISABLED
DEPENDENCY_SCANNING_DISABLED
CONTAINER_SCANNING_DISABLED

2
qa/qa/specs/features/browser_ui/7_configure/auto_devops/create_project_with_auto_devops_spec.rb
View File

@ -80,7 +80,7 @@ module QA
def disable_optional_jobs(project)
%w[
TEST_DISABLED CODE_QUALITY_DISABLED LICENSE_MANAGEMENT_DISABLED
TEST_DISABLED CODE_QUALITY_DISABLED
BROWSER_PERFORMANCE_DISABLED LOAD_PERFORMANCE_DISABLED
SAST_DISABLED SECRET_DETECTION_DISABLED DEPENDENCY_SCANNING_DISABLED
CONTAINER_SCANNING_DISABLED DAST_DISABLED REVIEW_DISABLED

4
spec/frontend/environments/environment_details/components/kubernetes/kubernetes_status_bar_spec.js
View File

@ -28,7 +28,7 @@ const configuration = {
};
const environmentName = 'environment_name';
const kustomizationResourcePath =
'kustomize.toolkit.fluxcd.io/v1beta1/namespaces/my-namespace/kustomizations/app';
'kustomize.toolkit.fluxcd.io/v1/namespaces/my-namespace/kustomizations/app';
describe('~/environments/environment_details/components/kubernetes/kubernetes_status_bar.vue', () => {
let wrapper;
@ -280,7 +280,7 @@ describe('~/environments/environment_details/components/kubernetes/kubernetes_st
createWrapper({
apolloProvider: createApolloProviderWithErrors(),
fluxResourcePath:
'kustomize.toolkit.fluxcd.io/v1beta1/namespaces/my-namespace/kustomizations/app',
'kustomize.toolkit.fluxcd.io/v1/namespaces/my-namespace/kustomizations/app',
});
await waitForPromises();
});

2
spec/frontend/environments/environment_flux_resource_selector_spec.js
View File

@ -29,7 +29,7 @@ describe('~/environments/components/flux_resource_selector.vue', () => {
let wrapper;
const kustomizationItem = {
apiVersion: 'kustomize.toolkit.fluxcd.io/v1beta1',
apiVersion: 'kustomize.toolkit.fluxcd.io/v1',
metadata: { name: 'kustomization', namespace },
};
const helmReleaseItem = {

2
spec/frontend/environments/graphql/mock_data.js
View File

@ -822,7 +822,7 @@ export const fluxKustomizationsMock = [
},
];
export const fluxResourcePathMock = 'path/to/flux/resource';
export const fluxResourcePathMock = 'kustomize.toolkit.fluxcd.io/v1/path/to/flux/resource';
export const resolvedEnvironmentToDelete = {
__typename: 'LocalEnvironment',

4
spec/frontend/environments/graphql/resolvers/flux_spec.js
View File

@ -28,7 +28,7 @@ describe('~/frontend/environments/graphql/resolvers', () => {
describe('fluxKustomizationStatus', () => {
const client = { writeQuery: jest.fn() };
const fluxResourcePath =
'kustomize.toolkit.fluxcd.io/v1beta1/namespaces/my-namespace/kustomizations/app';
'kustomize.toolkit.fluxcd.io/v1/namespaces/my-namespace/kustomizations/app';
const endpoint = `${configuration.basePath}/apis/${fluxResourcePath}`;
describe('when k8sWatchApi feature is disabled', () => {
@ -84,7 +84,7 @@ describe('~/frontend/environments/graphql/resolvers', () => {
});
const resourceName = 'custom-resource';
const resourceNamespace = 'custom-namespace';
const apiVersion = 'kustomize.toolkit.fluxcd.io/v1beta1';
const apiVersion = 'kustomize.toolkit.fluxcd.io/v1';
beforeEach(() => {
gon.features = { k8sWatchApi: true };

2
spec/frontend/issues/list/components/empty_state_without_any_issues_spec.js
View File

@ -184,7 +184,7 @@ describe('EmptyStateWithoutAnyIssues component', () => {
const experimentTracking = { 'data-track-experiment': 'issues_mrs_empty_state' };
const emptyStateBlockTracking = {
'data-track-action': 'render_project_issues_empty_list_page',
'data-track-action': 'render',
'data-track-label': 'project_issues_empty_list',
};

6
spec/graphql/types/ci/runner_type_spec.rb
View File

@ -10,9 +10,9 @@ RSpec.describe GitlabSchema.types['CiRunner'], feature_category: :runner do
it 'contains attributes related to a runner' do
expected_fields = %w[
id description created_by created_at contacted_at managers maximum_timeout access_level active paused status
version short_sha revision locked run_untagged ip_address runner_type tag_list
project_count job_count admin_url edit_admin_url register_admin_url user_permissions executor_name
architecture_name platform_name maintenance_note maintenance_note_html groups projects jobs token_expires_at
short_sha locked run_untagged runner_type tag_list
project_count job_count admin_url edit_admin_url register_admin_url user_permissions
maintenance_note maintenance_note_html groups projects jobs token_expires_at
owner_project job_execution_status ephemeral_authentication_token ephemeral_register_url
]

58
spec/lib/gitlab/auth/auth_finders_spec.rb
View File

@ -786,8 +786,8 @@ RSpec.describe Gitlab::Auth::AuthFinders, feature_category: :system_access do
end
end
describe '#find_user_from_basic_auth_job' do
subject { find_user_from_basic_auth_job }
describe '#find_user_from_job_token_basic_auth' do
subject { find_user_from_job_token_basic_auth }
context 'when the request does not have AUTHORIZATION header' do
it { is_expected.to be_nil }
@ -1037,6 +1037,60 @@ RSpec.describe Gitlab::Auth::AuthFinders, feature_category: :system_access do
end
end
context 'for route_authentication_setting[job_token_allowed]' do
using RSpec::Parameterized::TableSyntax
where(:route_setting, :expect_user_via_request, :expect_user_via_basic_auth) do
true | true | false
:request | true | false
[:request] | true | false
:basic_auth | false | true
[:basic_auth] | false | true
[:request, :basic_auth] | true | true
# unexpected values
:foo | false | false
[:foo] | false | false
[:foo, :bar] | false | false
end
with_them do
let(:route_authentication_setting) { { job_token_allowed: route_setting } }
context 'when the token is in the headers' do
before do
set_header(described_class::JOB_TOKEN_HEADER, token)
end
it { is_expected.to eq(expect_user_via_request ? user : nil) }
end
context 'when the token is in the job_token param' do
before do
set_param(described_class::JOB_TOKEN_PARAM, token)
end
it { is_expected.to eq(expect_user_via_request ? user : nil) }
end
context 'when the token is in the token param' do
before do
set_param(described_class::RUNNER_JOB_TOKEN_PARAM, token)
end
it { is_expected.to eq(expect_user_via_request ? user : nil) }
end
context 'when the token is in basic auth header' do
before do
set_basic_auth_header(::Gitlab::Auth::CI_JOB_USER, token)
end
it { is_expected.to eq(expect_user_via_basic_auth ? user : nil) }
end
end
end
context 'when route setting allows job_token' do
let(:route_authentication_setting) { { job_token_allowed: true } }

38
spec/lib/unnested_in_filters/rewriter_spec.rb
View File

@ -62,6 +62,44 @@ RSpec.describe UnnestedInFilters::Rewriter do
end
end
end
context 'with partial indices' do
let(:relation) { Vulnerability.where(state: [:detected, :confirmed], resolved_on_default_branch: false) }
before do
Vulnerability.reset_column_information
end
context 'when there is a partial index coverage for the used columns' do
before do
ApplicationRecord.connection.execute(<<~SQL)
CREATE INDEX on vulnerabilities USING btree(state) WHERE (resolved_on_default_branch = false)
SQL
end
it { is_expected.to be_truthy }
end
context 'when there is no partial index coverage for the used columns' do
before do
ApplicationRecord.connection.execute(<<~SQL)
CREATE INDEX on vulnerabilities USING btree(state) WHERE (id = 100)
SQL
end
it { is_expected.to be_falsey }
end
context 'when the partial index definition has more columns' do
before do
ApplicationRecord.connection.execute(<<~SQL)
CREATE INDEX on vulnerabilities USING btree(state) WHERE (resolved_on_default_branch = false AND id = 100)
SQL
end
it { is_expected.to be_falsey }
end
end
end
end

10
spec/models/ci/runner_manager_spec.rb
View File

@ -226,6 +226,16 @@ RSpec.describe Ci::RunnerManager, feature_category: :fleet_visibility, type: :mo
it { is_expected.to eq([runner_manager2, runner_manager1]) }
end
describe '.order_contacted_at_desc', :freeze_time do
subject(:scope) { described_class.order_contacted_at_desc }
let_it_be(:runner_manager1) { create(:ci_runner_machine, contacted_at: 1.second.ago) }
let_it_be(:runner_manager2) { create(:ci_runner_machine, contacted_at: 3.seconds.ago) }
let_it_be(:runner_manager3) { create(:ci_runner_machine, contacted_at: 2.seconds.ago) }
it { is_expected.to eq([runner_manager1, runner_manager3, runner_manager2]) }
end
describe '.with_upgrade_status' do
subject(:scope) { described_class.with_upgrade_status(upgrade_status) }

20
spec/models/repository_spec.rb
View File

@ -386,26 +386,6 @@ RSpec.describe Repository, feature_category: :source_code_management do
end
end
context 'when Gitaly raises a CommandError error' do
let(:error_message) { 'Boom' }
before do
expect(Gitlab::Git::Commit).to receive(:where).and_raise(Gitlab::Git::CommandError, error_message)
end
it 're-raises an error' do
expect { repository.commits('master', limit: 60) }.to raise_error(Gitlab::Git::CommandError, error_message)
end
context 'when error contains "listing commits failed" message' do
let(:error_message) { 'listing commits failed' }
it 'returns an empty collection' do
expect(repository.commits('master', limit: 60).to_a).to eq([])
end
end
end
context 'when ref is passed' do
it 'returns every commit from the specified ref' do
expect(repository.commits('master', limit: 60).size).to eq(37)

23
spec/requests/api/commits_spec.rb
View File

@ -277,6 +277,29 @@ RSpec.describe API::Commits, feature_category: :source_code_management do
end
end
context 'with ref_name + path params' do
let(:params) { { ref_name: ref_name, path: 'files/ruby/popen.rb' } }
let(:ref_name) { 'master' }
it 'returns project commits matching provided path parameter' do
get api("/projects/#{project_id}/repository/commits", user), params: params
expect(json_response.size).to eq(3)
expect(json_response.first["id"]).to eq("570e7b2abdd848b95f2f578043fc23bd6f6fd24d")
expect(response).to include_limited_pagination_headers
end
context 'when ref_name does not exist' do
let(:ref_name) { 'does-not-exist' }
it 'returns an empty response' do
get api("/projects/#{project_id}/repository/commits", user), params: params
expect(json_response).to eq([])
end
end
end
context 'with pagination params' do
let(:page) { 1 }
let(:per_page) { 5 }

10
spec/requests/api/generic_packages_spec.rb
View File

@ -29,6 +29,8 @@ RSpec.describe API::GenericPackages, feature_category: :package_registry do
personal_access_token_header
when :job_token
job_token_header
when :job_basic_auth
job_basic_auth_header
when :invalid_personal_access_token
personal_access_token_header('wrong token')
when :invalid_job_token
@ -61,6 +63,10 @@ RSpec.describe API::GenericPackages, feature_category: :package_registry do
{ Gitlab::Auth::AuthFinders::JOB_TOKEN_HEADER => value || ci_build.token }
end
def job_basic_auth_header(value = nil)
basic_auth_header(Gitlab::Auth::CI_JOB_USER, value || ci_build.token)
end
def deploy_token_header(value)
{ Gitlab::Auth::AuthFinders::DEPLOY_TOKEN_HEADER => value }
end
@ -564,12 +570,16 @@ RSpec.describe API::GenericPackages, feature_category: :package_registry do
'PRIVATE' | :guest | false | :invalid_user_basic_auth | :unauthorized
'PRIVATE' | :anonymous | false | :none | :unauthorized
'PUBLIC' | :developer | true | :job_token | :success
'PUBLIC' | :developer | true | :job_basic_auth | :success
'PUBLIC' | :developer | true | :invalid_job_token | :unauthorized
'PUBLIC' | :developer | false | :job_token | :success
'PUBLIC' | :developer | false | :job_basic_auth | :success
'PUBLIC' | :developer | false | :invalid_job_token | :unauthorized
'PRIVATE' | :developer | true | :job_token | :success
'PRIVATE' | :developer | true | :job_basic_auth | :success
'PRIVATE' | :developer | true | :invalid_job_token | :unauthorized
'PRIVATE' | :developer | false | :job_token | :not_found
'PRIVATE' | :developer | false | :job_basic_auth | :not_found
'PRIVATE' | :developer | false | :invalid_job_token | :unauthorized
end

6
spec/requests/api/graphql/ci/runner_spec.rb
View File

@ -89,9 +89,7 @@ RSpec.describe 'Query.runner(id)', :freeze_time, feature_category: :fleet_visibi
created_by: runner.creator ? a_graphql_entity_for(runner.creator) : nil,
created_at: runner.created_at&.iso8601,
contacted_at: runner.contacted_at&.iso8601,
version: runner.version,
short_sha: runner.short_sha,
revision: runner.revision,
locked: false,
active: runner.active,
paused: !runner.active,
@ -100,12 +98,8 @@ RSpec.describe 'Query.runner(id)', :freeze_time, feature_category: :fleet_visibi
maximum_timeout: runner.maximum_timeout,
access_level: runner.access_level.to_s.upcase,
run_untagged: runner.run_untagged,
ip_address: runner.ip_address,
runner_type: runner.instance_type? ? 'INSTANCE_TYPE' : 'PROJECT_TYPE',
ephemeral_authentication_token: nil,
executor_name: runner.executor_type&.dasherize,
architecture_name: runner.architecture,
platform_name: runner.platform,
maintenance_note: runner.maintenance_note,
maintenance_note_html:
runner.maintainer_note.present? ? a_string_including('<strong>Test maintenance note</strong>') : '',

20
spec/views/devise/shared/_signup_box.html.haml_spec.rb
View File

@ -110,10 +110,22 @@ RSpec.describe 'devise/shared/_signup_box', feature_category: :system_access do
expect(rendered).to include(s_('SignUp|Contribute to a public project on GitLab'))
expect(rendered).to have_css('select[name="signup_intent"]')
expect(rendered).to have_css('option[value="new_team"]')
expect(rendered).to have_css('option[value="new_personal_account"]')
expect(rendered).to have_css('option[value="join_existing_team"]')
expect(rendered).to have_css('option[value="contribute_public_project"]')
expect(rendered).to have_css(
'option[value="select_signup_intent_dropdown_new_team_registration_step_one"]'
)
expect(rendered).to have_css(
'option[value="select_signup_intent_dropdown_new_personal_account_registration_step_one"]'
)
expect(rendered).to have_css(
'option[value="select_signup_intent_dropdown_join_existing_team_registration_step_one"]'
)
expect(rendered).to have_css(
'option[value="select_signup_intent_dropdown_contribute_public_project_registration_step_one"]'
)
end
end

4
workhorse/go.mod
View File

@ -1,6 +1,8 @@
module gitlab.com/gitlab-org/gitlab/workhorse
go 1.20
go 1.21
toolchain go1.21.9
require (
github.com/Azure/azure-sdk-for-go/sdk/storage/azblob v1.3.1

43
workhorse/go.sum
View File

@ -67,6 +67,7 @@ github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.5.1/go.mod h1:h8hyGFDsU5HMiv
github.com/Azure/azure-sdk-for-go/sdk/internal v1.5.2 h1:LqbJ/WzJUwBf8UiaSzgX7aMclParm9/5Vgp+TY51uBQ=
github.com/Azure/azure-sdk-for-go/sdk/internal v1.5.2/go.mod h1:yInRyqWXAuaPrgI7p70+lDDgh3mlBohis29jGMISnmc=
github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/storage/armstorage v1.5.0 h1:AifHbc4mg0x9zW52WOpKbsHaDKuRhlI7TVl47thgQ70=
github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/storage/armstorage v1.5.0/go.mod h1:T5RfihdXtBDxt1Ch2wobif3TvzTdumDy29kahv6AV9A=
github.com/Azure/azure-sdk-for-go/sdk/storage/azblob v1.3.1 h1:fXPMAmuh0gDuRDey0atC8cXBuKIlqCzCkL8sm1n9Ov0=
github.com/Azure/azure-sdk-for-go/sdk/storage/azblob v1.3.1/go.mod h1:SUZc9YRRHfx2+FAQKNDGrssXehqLpxmwRv2mC/5ntj4=
github.com/Azure/go-autorest v14.2.0+incompatible h1:V5VMDjClD3GiElqLWO7mz2MxNAK/vTfRHdAubSIPRgs=
@ -85,36 +86,58 @@ github.com/DataDog/gostackparse v0.5.0/go.mod h1:lTfqcJKqS9KnXQGnyQMCugq3u1FP6UZ
github.com/DataDog/sketches-go v1.0.0 h1:chm5KSXO7kO+ywGWJ0Zs6tdmWU8PBXSbywFVciL6BG4=
github.com/DataDog/sketches-go v1.0.0/go.mod h1:O+XkJHWk9w4hDwY2ZUDU31ZC9sNYlYo8DiFsxjYeo1k=
github.com/HdrHistogram/hdrhistogram-go v1.1.1 h1:cJXY5VLMHgejurPjZH6Fo9rIwRGLefBGdiaENZALqrg=
github.com/HdrHistogram/hdrhistogram-go v1.1.1/go.mod h1:yDgFjdqOqDEKOvasDdhWNXYg9BVp4O+o5f6V/ehm6Oo=
github.com/Microsoft/go-winio v0.6.1 h1:9/kr64B9VUZrLm5YYwbGtUJnMgqWVOdUAXu6Migciow=
github.com/Microsoft/go-winio v0.6.1/go.mod h1:LRdKpFKfdobln8UmuiYcKPot9D2v6svN5+sAH+4kjUM=
github.com/StackExchange/wmi v0.0.0-20190523213315-cbe66965904d/go.mod h1:3eOhrUMpNV+6aFIbp5/iudMxNCF27Vw2OZgy4xEx0Fg=
github.com/alecthomas/assert/v2 v2.6.0 h1:o3WJwILtexrEUk3cUVal3oiQY2tfgr/FHWiz/v2n4FU=
github.com/alecthomas/assert/v2 v2.6.0/go.mod h1:Bze95FyfUr7x34QZrjL+XP+0qgp/zg8yS+TtBj1WA3k=
github.com/alecthomas/chroma/v2 v2.13.0 h1:VP72+99Fb2zEcYM0MeaWJmV+xQvz5v5cxRHd+ooU1lI=
github.com/alecthomas/chroma/v2 v2.13.0/go.mod h1:BUGjjsD+ndS6eX37YgTchSEG+Jg9Jv1GiZs9sqPqztk=
github.com/alecthomas/repr v0.4.0 h1:GhI2A8MACjfegCPVq9f1FLvIBS+DrQ2KQBFZP1iFzXc=
github.com/alecthomas/repr v0.4.0/go.mod h1:Fr0507jx4eOXV7AlPV6AVZLYrLIuIeSOWtW57eE/O/4=
github.com/antihax/optional v1.0.0/go.mod h1:uupD/76wgC+ih3iEmQUL+0Ugr19nfwCT1kdvxnR2qWY=
github.com/aws/aws-sdk-go v1.44.256/go.mod h1:aVsgQcEevwlmQ7qHE9I3h+dtQgpqhFB+i8Phjh7fkwI=
github.com/aws/aws-sdk-go v1.51.14 h1:qedX6zZEO1a+5kra+D4ythOYR3TgaROC0hTPxhTFh8I=
github.com/aws/aws-sdk-go v1.51.14/go.mod h1:LF8svs817+Nz+DmiMQKTO3ubZ/6IaTpq3TjupRn3Eqk=
github.com/aws/aws-sdk-go-v2 v1.25.3 h1:xYiLpZTQs1mzvz5PaI6uR0Wh57ippuEthxS4iK5v0n0=
github.com/aws/aws-sdk-go-v2 v1.25.3/go.mod h1:35hUlJVYd+M++iLI3ALmVwMOyRYMmRqUXpTtRGW+K9I=
github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.6.1 h1:gTK2uhtAPtFcdRRJilZPx8uJLL2J85xK11nKtWL0wfU=
github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.6.1/go.mod h1:sxpLb+nZk7tIfCWChfd+h4QwHNUR57d8hA1cleTkjJo=
github.com/aws/aws-sdk-go-v2/config v1.27.7 h1:JSfb5nOQF01iOgxFI5OIKWwDiEXWTyTgg1Mm1mHi0A4=
github.com/aws/aws-sdk-go-v2/config v1.27.7/go.mod h1:PH0/cNpoMO+B04qET699o5W92Ca79fVtbUnvMIZro4I=
github.com/aws/aws-sdk-go-v2/credentials v1.17.7 h1:WJd+ubWKoBeRh7A5iNMnxEOs982SyVKOJD+K8HIezu4=
github.com/aws/aws-sdk-go-v2/credentials v1.17.7/go.mod h1:UQi7LMR0Vhvs+44w5ec8Q+VS+cd10cjwgHwiVkE0YGU=
github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.15.3 h1:p+y7FvkK2dxS+FEwRIDHDe//ZX+jDhP8HHE50ppj4iI=
github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.15.3/go.mod h1:/fYB+FZbDlwlAiynK9KDXlzZl3ANI9JkD0Uhz5FjNT4=
github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.16.9 h1:vXY/Hq1XdxHBIYgBUmug/AbMyIe1AKulPYS2/VE1X70=
github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.16.9/go.mod h1:GyJJTZoHVuENM4TeJEl5Ffs4W9m19u+4wKJcDi/GZ4A=
github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.3 h1:ifbIbHZyGl1alsAhPIYsHOg5MuApgqOvVeI8wIugXfs=
github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.3/go.mod h1:oQZXg3c6SNeY6OZrDY+xHcF4VGIEoNotX2B4PrDeoJI=
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.3 h1:Qvodo9gHG9F3E8SfYOspPeBt0bjSbsevK8WhRAUHcoY=
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.3/go.mod h1:vCKrdLXtybdf/uQd/YfVR2r5pcbNuEYKzMQpcxmeSJw=
github.com/aws/aws-sdk-go-v2/internal/ini v1.8.0 h1:hT8rVHwugYE2lEfdFE0QWVo81lF7jMrYJVDWI+f+VxU=
github.com/aws/aws-sdk-go-v2/internal/ini v1.8.0/go.mod h1:8tu/lYfQfFe6IGnaOdrpVgEL2IrrDOf6/m9RQum4NkY=
github.com/aws/aws-sdk-go-v2/internal/v4a v1.3.3 h1:mDnFOE2sVkyphMWtTH+stv0eW3k0OTx94K63xpxHty4=
github.com/aws/aws-sdk-go-v2/internal/v4a v1.3.3/go.mod h1:V8MuRVcCRt5h1S+Fwu8KbC7l/gBGo3yBAyUbJM2IJOk=
github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.11.1 h1:EyBZibRTVAs6ECHZOw5/wlylS9OcTzwyjeQMudmREjE=
github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.11.1/go.mod h1:JKpmtYhhPs7D97NL/ltqz7yCkERFW5dOlHyVl66ZYF8=
github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.3.5 h1:mbWNpfRUTT6bnacmvOTKXZjR/HycibdWzNpfbrbLDIs=
github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.3.5/go.mod h1:FCOPWGjsshkkICJIn9hq9xr6dLKtyaWpuUojiN3W1/8=
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.11.5 h1:K/NXvIftOlX+oGgWGIa3jDyYLDNsdVhsjHmsBH2GLAQ=
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.11.5/go.mod h1:cl9HGLV66EnCmMNzq4sYOti+/xo8w34CsgzVtm2GgsY=
github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.17.3 h1:4t+QEX7BsXz98W8W1lNvMAG+NX8qHz2CjLBxQKku40g=
github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.17.3/go.mod h1:oFcjjUq5Hm09N9rpxTdeMeLeQcxS7mIkBkL8qUKng+A=
github.com/aws/aws-sdk-go-v2/service/s3 v1.51.4 h1:lW5xUzOPGAMY7HPuNF4FdyBwRc3UJ/e8KsapbesVeNU=
github.com/aws/aws-sdk-go-v2/service/s3 v1.51.4/go.mod h1:MGTaf3x/+z7ZGugCGvepnx2DS6+caCYYqKhzVoLNYPk=
github.com/aws/aws-sdk-go-v2/service/sso v1.20.2 h1:XOPfar83RIRPEzfihnp+U6udOveKZJvPQ76SKWrLRHc=
github.com/aws/aws-sdk-go-v2/service/sso v1.20.2/go.mod h1:Vv9Xyk1KMHXrR3vNQe8W5LMFdTjSeWk0gBZBzvf3Qa0=
github.com/aws/aws-sdk-go-v2/service/ssooidc v1.23.2 h1:pi0Skl6mNl2w8qWZXcdOyg197Zsf4G97U7Sso9JXGZE=
github.com/aws/aws-sdk-go-v2/service/ssooidc v1.23.2/go.mod h1:JYzLoEVeLXk+L4tn1+rrkfhkxl6mLDEVaDSvGq9og90=
github.com/aws/aws-sdk-go-v2/service/sts v1.28.4 h1:Ppup1nVNAOWbBOrcoOxaxPeEnSFB2RnnQdguhXpmeQk=
github.com/aws/aws-sdk-go-v2/service/sts v1.28.4/go.mod h1:+K1rNPVyGxkRuv9NNiaZ4YhBFuyw2MMA9SlIJ1Zlpz8=
github.com/aws/smithy-go v1.20.1 h1:4SZlSlMr36UEqC7XOyRVb27XMeZubNcBNN+9IgEPIQw=
github.com/aws/smithy-go v1.20.1/go.mod h1:krry+ya/rV9RDcV/Q16kpu6ypI4K2czasz0NC3qS14E=
github.com/beevik/ntp v1.3.0 h1:/w5VhpW5BGKS37vFm1p9oVk/t4HnnkKZAZIubHM6F7Q=
github.com/beevik/ntp v1.3.0/go.mod h1:vD6h1um4kzXpqmLTuu0cCLcC+NfvC0IC+ltmEDA8E78=
github.com/benbjohnson/clock v1.1.0/go.mod h1:J11/hYXuz8f4ySSvYwY0FKfm+ezbsZBKZxNJlLklBHA=
@ -122,7 +145,9 @@ github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM=
github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw=
github.com/bradfitz/gomemcache v0.0.0-20170208213004-1952afaa557d/go.mod h1:PmM6Mmwb0LSuEubjR8N7PtNe1KxZLtOUHtbeikc5h60=
github.com/bsm/ginkgo/v2 v2.12.0 h1:Ny8MWAHyOepLGlLKYmXG4IEkioBysk6GpaRTLC8zwWs=
github.com/bsm/ginkgo/v2 v2.12.0/go.mod h1:SwYbGRRDovPVboqFv0tPTcG1sN61LM1Z4ARdbAV9g4c=
github.com/bsm/gomega v1.27.10 h1:yeMWxP2pV2fG3FgAODIY8EiRE3dy0aeFYt4l7wh6yKA=
github.com/bsm/gomega v1.27.10/go.mod h1:JyEr/xRbxbtgWNi8tIEVPUYZ5Dzef52k01W3YH0H+O0=
github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU=
github.com/census-instrumentation/opencensus-proto v0.4.1 h1:iKLQ0xPNFxR/2hzXZMrBo8f1j86j5WHzznCCQxV/b8g=
github.com/census-instrumentation/opencensus-proto v0.4.1/go.mod h1:4T9NM4+4Vw91VeyqjLS6ao50K5bOcLKN6Q42XnYaRYw=
@ -137,6 +162,7 @@ github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDk
github.com/client9/reopen v1.0.0 h1:8tpLVR74DLpLObrn2KvsyxJY++2iORGR17WLUdSzUws=
github.com/client9/reopen v1.0.0/go.mod h1:caXVCEr+lUtoN1FlsRiOWdfQtdRHIYfcb0ai8qKWtkQ=
github.com/cloudflare/tableflip v1.2.3 h1:8I+B99QnnEWPHOY3fWipwVKxS70LGgUsslG7CSfmHMw=
github.com/cloudflare/tableflip v1.2.3/go.mod h1:P4gRehmV6Z2bY5ao5ml9Pd8u6kuEnlB37pUFMmv7j2E=
github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc=
github.com/cncf/udpa/go v0.0.0-20200629203442-efcf912fb354/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk=
github.com/cncf/udpa/go v0.0.0-20201120205902-5459f2c99403/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk=
@ -152,6 +178,7 @@ github.com/disintegration/imaging v1.6.2/go.mod h1:44/5580QXChDfwIclfc/PCwrr44am
github.com/dlclark/regexp2 v1.11.0 h1:G/nrcoOa7ZXlpoa/91N3X7mM3r8eIlMBBJZvsz/mxKI=
github.com/dlclark/regexp2 v1.11.0/go.mod h1:DHkYz0B9wPfa6wondMfaivmHpzrQ3v9q8cnmRbL6yW8=
github.com/dnaeon/go-vcr v1.2.0 h1:zHCHvJYTMh1N7xnV7zf1m1GPBF9Ad0Jk/whtQ1663qI=
github.com/dnaeon/go-vcr v1.2.0/go.mod h1:R4UdLID7HZT3taECzJs4YgbbH6PIGXB6W/sc5OLb6RQ=
github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4=
github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4=
github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98=
@ -243,8 +270,11 @@ github.com/google/go-cmp v0.5.4/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/
github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
github.com/google/go-cmp v0.5.6/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI=
github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
github.com/google/go-replayers/grpcreplay v1.1.0 h1:S5+I3zYyZ+GQz68OfbURDdt/+cSMqCK1wrvNx7WBzTE=
github.com/google/go-replayers/grpcreplay v1.1.0/go.mod h1:qzAvJ8/wi57zq7gWqaE6AwLM6miiXUQwP1S+I9icmhk=
github.com/google/go-replayers/httpreplay v1.2.0 h1:VM1wEyyjaoU53BwrOnaf9VhAyQQEEioJvFYxYcLRKzk=
github.com/google/go-replayers/httpreplay v1.2.0/go.mod h1:WahEFFZZ7a1P4VM1qEeHy+tME4bwyqPcwWbNlUI1Mcg=
github.com/google/gofuzz v1.2.0 h1:xRy4A+RhZaiKjJ1bPfwQ8sedCA+YS2YcCHW6ec7JMi0=
github.com/google/gofuzz v1.2.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
github.com/google/martian v2.1.0+incompatible h1:/CP5g8u/VJHijgedC/Legn3BAbAaWPgecwXBIDzw5no=
@ -253,6 +283,7 @@ github.com/google/martian/v3 v3.0.0/go.mod h1:y5Zk1BBys9G+gd6Jrk0W3cC1+ELVxBWuIG
github.com/google/martian/v3 v3.1.0/go.mod h1:y5Zk1BBys9G+gd6Jrk0W3cC1+ELVxBWuIGO+w/tUAp0=
github.com/google/martian/v3 v3.2.1/go.mod h1:oBOf6HBosgwRXnUGWUB05QECsc6uvmMiJ3+6W4l/CUk=
github.com/google/martian/v3 v3.3.2 h1:IqNFLAmvJOgVlpdEBiQbDc2EwKW77amAycfTuWKdfvw=
github.com/google/martian/v3 v3.3.2/go.mod h1:oBOf6HBosgwRXnUGWUB05QECsc6uvmMiJ3+6W4l/CUk=
github.com/google/pprof v0.0.0-20181206194817-3ea8567a2e57/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc=
github.com/google/pprof v0.0.0-20190515194954-54271f7e092f/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc=
github.com/google/pprof v0.0.0-20191218002539-d4f498aebedc/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM=
@ -305,6 +336,7 @@ github.com/hashicorp/hcl v0.0.0-20170914154624-68e816d1c783/go.mod h1:oZtUIOe8dh
github.com/hashicorp/yamux v0.1.2-0.20220728231024-8f49b6f63f18 h1:IVujPV6DRIu1fYF4zUHrfhkngJzmYjelXa+iSUiFZSI=
github.com/hashicorp/yamux v0.1.2-0.20220728231024-8f49b6f63f18/go.mod h1:CtWFDAQgb7dxtzFs4tWbplKIe2jSi3+5vKbgIO0SLnQ=
github.com/hexops/gotextdiff v1.0.3 h1:gitA9+qJrrTCsiCl7+kh75nPqQt1cx4ZkudSTLoUqJM=
github.com/hexops/gotextdiff v1.0.3/go.mod h1:pSWU5MAI3yDq+fZBTazCSJysOMbxWL1BSow5/V2vxeg=
github.com/hpcloud/tail v1.0.0 h1:nfCOvKYfkgYP8hkirhJocXT2+zOD8yUNjXaWfTlyFKI=
github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU=
github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc=
@ -328,6 +360,7 @@ github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxv
github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
github.com/kr/pretty v0.2.0/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI=
github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE=
github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk=
github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE=
github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
@ -343,6 +376,7 @@ github.com/magiconair/properties v1.7.4-0.20170902060319-8d7837e64d3c/go.mod h1:
github.com/mattn/go-colorable v0.0.10-0.20170816031813-ad5389df28cd/go.mod h1:9vuHe8Xs5qXnSaW/c/ABM9alt+Vo+STaOChaDxuIBZU=
github.com/mattn/go-isatty v0.0.2/go.mod h1:M+lRXTBqGeGNdLjl/ufCoiOlB5xdOkqRJdNxMWT7Zi4=
github.com/miekg/dns v1.1.58 h1:ca2Hdkz+cDg/7eNF6V56jjzuZ4aCAE+DbVkILdQWG/4=
github.com/miekg/dns v1.1.58/go.mod h1:Ypv+3b/KadlvW9vJfXOTf300O4UqaHFzFCuHz+rPkBY=
github.com/mitchellh/copystructure v1.2.0 h1:vpKXTN4ewci03Vljg/q9QvCGUDttBOGBIa15WveJJGw=
github.com/mitchellh/copystructure v1.2.0/go.mod h1:qLl+cE2AmVv+CoeAwDPye/v+N2HKCj9FbZEVFJRxO9s=
github.com/mitchellh/mapstructure v0.0.0-20170523030023-d0303fe80992/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y=
@ -353,8 +387,10 @@ github.com/oklog/ulid/v2 v2.0.2/go.mod h1:mtBL0Qe/0HAx6/a4Z30qxVIAL1eQDweXq5lxOE
github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE=
github.com/onsi/ginkgo v1.7.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE=
github.com/onsi/ginkgo v1.10.3 h1:OoxbjfXVZyod1fmWYhI7SEyaD8B00ynP3T+D5GiyHOY=
github.com/onsi/ginkgo v1.10.3/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE=
github.com/onsi/gomega v1.4.3/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY=
github.com/onsi/gomega v1.7.1 h1:K0jcRCwNQM3vFGh1ppMtDh/+7ApJrjldlX8fA0jDTLQ=
github.com/onsi/gomega v1.7.1/go.mod h1:XdKZgCCFLUoM/7CFJVPcG8C1xQ1AJ0vpAezJrB7JYyY=
github.com/opentracing/opentracing-go v1.0.2/go.mod h1:UkNAQd3GIcIGf0SeVgPpRdFStlNbqXla1AfSYxPUl2o=
github.com/opentracing/opentracing-go v1.1.0/go.mod h1:UkNAQd3GIcIGf0SeVgPpRdFStlNbqXla1AfSYxPUl2o=
github.com/opentracing/opentracing-go v1.2.0 h1:uEJPy/1a5RIPAJ0Ov+OIO8OxWu77jEv+1B0VhjKrZUs=
@ -389,6 +425,7 @@ github.com/redis/go-redis/v9 v9.5.1/go.mod h1:hdY0cQFCN4fnSYT6TkisLufl/4W5UIXyv0
github.com/rogpeppe/fastuuid v1.2.0/go.mod h1:jVj6XXZzXRy/MSR5jhDC/2q6DgLz+nrA6LYCDYWNEvQ=
github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4=
github.com/rogpeppe/go-internal v1.10.0 h1:TMyTOH3F/DB16zRVcYyreMH6GnZZrwQVAoYjRBZyWFQ=
github.com/rogpeppe/go-internal v1.10.0/go.mod h1:UQnix2H7Ngw/k4C5ijL5+65zddjncjaFoBhdsK/akog=
github.com/ryszard/goskiplist v0.0.0-20150312221310-2dfbae5fcf46 h1:GHRpF1pTW19a8tTFrMLUcfWwyC0pnifVo2ClaLq+hP8=
github.com/ryszard/goskiplist v0.0.0-20150312221310-2dfbae5fcf46/go.mod h1:uAQ5PCi+MFsC7HjREoAz1BU+Mq60+05gifQSsHSDG/8=
github.com/sebest/xff v0.0.0-20210106013422-671bd2870b3a h1:iLcLb5Fwwz7g/DLK89F+uQBDeAhHhwdzB5fSlVdhGcM=
@ -416,6 +453,7 @@ github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+
github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw=
github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo=
github.com/stretchr/objx v0.5.2 h1:xuMeJ0Sdp5ZMRXx/aWO6RZxdr3beISkG5/G/aIRr3pY=
github.com/stretchr/objx v0.5.2/go.mod h1:FRsXN1f5AsAjCGJKqEizvkpNtU+EGNCLh3NxZ/8L+MA=
github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4=
@ -471,6 +509,7 @@ go.opentelemetry.io/otel v1.24.0/go.mod h1:W7b9Ozg4nkF5tWI5zsXkaKKDjdVjpD4oAt9Qi
go.opentelemetry.io/otel/metric v1.24.0 h1:6EhoGWWK28x1fbpA4tYTOWBkPefTDQnb8WSGXlc88kI=
go.opentelemetry.io/otel/metric v1.24.0/go.mod h1:VYhLe1rFfxuTXLgj4CBiyz+9WYBA8pNGJgDcSFRKBco=
go.opentelemetry.io/otel/sdk v1.22.0 h1:6coWHw9xw7EfClIC/+O31R8IY3/+EiRFHevmHafB2Gw=
go.opentelemetry.io/otel/sdk v1.22.0/go.mod h1:iu7luyVGYovrRpe2fmj3CVKouQNdTOkxtLzPvPz1DOc=
go.opentelemetry.io/otel/trace v1.24.0 h1:CsKnnL4dUAr/0llH9FKuc698G04IrpWV0MQA/Y1YELI=
go.opentelemetry.io/otel/trace v1.24.0/go.mod h1:HPc3Xr/cOApsBI154IU0OI0HJexz+aw5uPdbs3UCjNU=
go.opentelemetry.io/proto/otlp v0.7.0/go.mod h1:PqfVotwruBrMGOCsRd/89rSnXhoiJIqeYNgFYFoEGnI=
@ -479,6 +518,7 @@ go.uber.org/atomic v1.11.0 h1:ZvwS0R+56ePWxUNi+Atn9dWONBPp/AUETXlHW0DxSjE=
go.uber.org/atomic v1.11.0/go.mod h1:LUxbIzbOniOlMKjJjyPfpl4v+PKK2cNJn91OQbhoJI0=
go.uber.org/goleak v1.1.10/go.mod h1:8a7PlsEVH3e/a/GLqe5IIrQx6GzcnRmZEufDUTk4A7A=
go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto=
go.uber.org/goleak v1.3.0/go.mod h1:CoHD4mav9JJNrW/WLlf7HGZPjdw8EucARQHekz1X6bE=
go.uber.org/multierr v1.6.0/go.mod h1:cdWPpRnG4AhwMwsgIHip0KRBQjJy5kYEpYjJxpXp9iU=
go.uber.org/zap v1.18.1/go.mod h1:xg/QME4nWcxGxrpdeYfq7UvYrLh66cuVKdrbD1XF/NI=
gocloud.dev v0.37.0 h1:XF1rN6R0qZI/9DYjN16Uy0durAmSlf58DHOcb28GPro=
@ -505,6 +545,7 @@ golang.org/x/exp v0.0.0-20200119233911-0405dc783f0a/go.mod h1:2RIsYlXP63K8oxa1u0
golang.org/x/exp v0.0.0-20200207192155-f17229e696bd/go.mod h1:J/WKrq2StrnmMY6+EHIKF9dgMWnmCNThgcyBT1FY9mM=
golang.org/x/exp v0.0.0-20200224162631-6cc2880d07d6/go.mod h1:3jZMyOhIsHpP37uCMkUooju7aAi5cS1Q23tOzKc+0MU=
golang.org/x/exp v0.0.0-20240119083558-1b970713d09a h1:Q8/wZp0KX97QFTc2ywcOE0YRjZPVIx+MXInMzdvQqcA=
golang.org/x/exp v0.0.0-20240119083558-1b970713d09a/go.mod h1:idGWGoKP1toJGkd5/ig9ZLuPcZBC3ewk7SzmH0uou08=
golang.org/x/exp/typeparams v0.0.0-20221208152030-732eee02a75a h1:Jw5wfR+h9mnIYH+OtGT2im5wV1YGGDora5vTv/aa5bE=
golang.org/x/exp/typeparams v0.0.0-20221208152030-732eee02a75a/go.mod h1:AbB0pIl9nAr9wVwH+Z2ZpaocVmF5I4GyWCDIsVjR0bk=
golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js=
@ -935,6 +976,7 @@ gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8
gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk=
gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q=
gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI=
gopkg.in/fsnotify.v1 v1.4.7 h1:xOHLXZwVvI9hhs+cLKq5+I5onOuwQLhQwiu63xxlHs4=
gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys=
@ -946,6 +988,7 @@ gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
gopkg.in/yaml.v2 v2.2.3/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY=
gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ=
gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=