diff --git a/.gitlab/ci/workhorse.gitlab-ci.yml b/.gitlab/ci/workhorse.gitlab-ci.yml index 21b4cfba137..411cdcf65a1 100644 --- a/.gitlab/ci/workhorse.gitlab-ci.yml +++ b/.gitlab/ci/workhorse.gitlab-ci.yml @@ -33,7 +33,7 @@ workhorse:test go: extends: .workhorse:test parallel: matrix: - - GO_VERSION: ["1.20", "1.21", "1.22"] + - GO_VERSION: ["1.21", "1.22"] REDIS_VERSION: ["7.0", "6.2"] script: - make -C workhorse test-coverage @@ -49,7 +49,7 @@ workhorse:test fips: - setup-test-env-fips parallel: matrix: - - GO_VERSION: ["1.20", "1.21", "1.22"] + - GO_VERSION: ["1.21", "1.22"] REDIS_VERSION: ["7.0", "6.2"] image: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images/${BUILD_OS}-${OS_VERSION}-ruby-${RUBY_VERSION}-golang-${GO_VERSION}-rust-${RUST_VERSION}:rubygems-${RUBYGEMS_VERSION}-git-2.36-exiftool-12.60 variables: diff --git a/.rubocop_todo/layout/line_end_string_concatenation_indentation.yml b/.rubocop_todo/layout/line_end_string_concatenation_indentation.yml index f00e4c23398..34875f252e0 100644 --- a/.rubocop_todo/layout/line_end_string_concatenation_indentation.yml +++ b/.rubocop_todo/layout/line_end_string_concatenation_indentation.yml @@ -105,8 +105,6 @@ Layout/LineEndStringConcatenationIndentation: - 'ee/spec/lib/gitlab/ci/templates/dast_latest_gitlab_ci_yaml_spec.rb' - 'ee/spec/lib/gitlab/ci/templates/dependency_scanning_gitlab_ci_yaml_spec.rb' - 'ee/spec/lib/gitlab/ci/templates/dependency_scanning_latest_gitlab_ci_yaml_spec.rb' - - 'ee/spec/lib/gitlab/ci/templates/license_scanning_gitlab_ci_yaml_spec.rb' - - 'ee/spec/lib/gitlab/ci/templates/license_scanning_latest_gitlab_ci_yaml_spec.rb' - 'ee/spec/lib/gitlab/ci/templates/sast_gitlab_ci_yaml_spec.rb' - 'ee/spec/lib/gitlab/ci/templates/sast_iac_gitlab_ci_yaml_spec.rb' - 'ee/spec/lib/gitlab/ci/templates/sast_latest_gitlab_ci_yaml_spec.rb' diff --git a/.rubocop_todo/rspec/context_wording.yml b/.rubocop_todo/rspec/context_wording.yml index 76f2b23d6af..8f9eba3cdaf 100644 --- a/.rubocop_todo/rspec/context_wording.yml +++ b/.rubocop_todo/rspec/context_wording.yml @@ -334,7 +334,6 @@ RSpec/ContextWording: - 'ee/spec/lib/gitlab/ci/templates/dast_api_gitlab_ci_yaml_spec.rb' - 'ee/spec/lib/gitlab/ci/templates/dast_latest_gitlab_ci_yaml_spec.rb' - 'ee/spec/lib/gitlab/ci/templates/dependency_scanning_gitlab_ci_yaml_spec.rb' - - 'ee/spec/lib/gitlab/ci/templates/license_scanning_gitlab_ci_yaml_spec.rb' - 'ee/spec/lib/gitlab/ci/templates/sast_gitlab_ci_yaml_spec.rb' - 'ee/spec/lib/gitlab/ci/templates/sast_iac_gitlab_ci_yaml_spec.rb' - 'ee/spec/lib/gitlab/ci/templates/sast_latest_gitlab_ci_yaml_spec.rb' diff --git a/GITALY_SERVER_VERSION b/GITALY_SERVER_VERSION index 36f61c2a24a..f7f0261106b 100644 --- a/GITALY_SERVER_VERSION +++ b/GITALY_SERVER_VERSION @@ -1 +1 @@ -faac94442a49a42427236f28d5190c6d721c172b +84074347b5ad5ff09fd4d6068c8bcdf356f7798c diff --git a/app/assets/javascripts/environments/graphql/resolvers/flux.js b/app/assets/javascripts/environments/graphql/resolvers/flux.js index 5cb5db5d752..fa2c3adeb63 100644 --- a/app/assets/javascripts/environments/graphql/resolvers/flux.js +++ b/app/assets/javascripts/environments/graphql/resolvers/flux.js @@ -8,7 +8,7 @@ import fluxKustomizationStatusQuery from '../queries/flux_kustomization_status.q import fluxHelmReleaseStatusQuery from '../queries/flux_helm_release_status.query.graphql'; const helmReleasesApiVersion = 'helm.toolkit.fluxcd.io/v2beta1'; -const kustomizationsApiVersion = 'kustomize.toolkit.fluxcd.io/v1beta1'; +const kustomizationsApiVersion = 'kustomize.toolkit.fluxcd.io/v1'; const helmReleaseField = 'fluxHelmReleaseStatus'; const kustomizationField = 'fluxKustomizationStatus'; diff --git a/app/assets/javascripts/issues/list/components/empty_state_without_any_issues.vue b/app/assets/javascripts/issues/list/components/empty_state_without_any_issues.vue index 48d6545b21e..0b3c43f2ffa 100644 --- a/app/assets/javascripts/issues/list/components/empty_state_without_any_issues.vue +++ b/app/assets/javascripts/issues/list/components/empty_state_without_any_issues.vue @@ -69,7 +69,7 @@ export default {
diff --git a/app/assets/stylesheets/page_bundles/design_management.scss b/app/assets/stylesheets/page_bundles/design_management.scss index b5a797725dc..59dc2c1233b 100644 --- a/app/assets/stylesheets/page_bundles/design_management.scss +++ b/app/assets/stylesheets/page_bundles/design_management.scss @@ -3,7 +3,6 @@ $design-pin-diameter: 28px; $design-pin-diameter-sm: 24px; $t-gray-a-16-design-pin: rgba($black, 0.16); -$zindex-design-detail: 1061; .design-card-header { background: transparent; @@ -15,7 +14,6 @@ $zindex-design-detail: 1061; .design-detail { bottom: $calc-application-footer-height; - z-index: $zindex-design-detail; .comment-indicator { border-radius: 50%; diff --git a/app/graphql/types/ci/runner_membership_filter_enum.rb b/app/graphql/types/ci/runner_membership_filter_enum.rb index eb691166944..439e2b984cc 100644 --- a/app/graphql/types/ci/runner_membership_filter_enum.rb +++ b/app/graphql/types/ci/runner_membership_filter_enum.rb @@ -4,8 +4,7 @@ module Types module Ci class RunnerMembershipFilterEnum < BaseEnum graphql_name 'CiRunnerMembershipFilter' - description 'Values for filtering runners in namespaces. ' \ - 'The previous type name `RunnerMembershipFilter` was deprecated in 15.4.' + description 'Values for filtering runners in namespaces.' value 'DIRECT', description: "Include runners that have a direct relationship.", diff --git a/app/graphql/types/ci/runner_type.rb b/app/graphql/types/ci/runner_type.rb index dcacfb48997..ebdc7f1d9de 100644 --- a/app/graphql/types/ci/runner_type.rb +++ b/app/graphql/types/ci/runner_type.rb @@ -23,10 +23,6 @@ module Types deprecated: { reason: 'Use paused', milestone: '14.8' } field :admin_url, GraphQL::Types::String, null: true, description: 'Admin URL of the runner. Only available for administrators.' - field :architecture_name, GraphQL::Types::String, null: true, - deprecated: { reason: "Use field in `manager` object instead", milestone: '16.2' }, - description: 'Architecture provided by the the runner.', - method: :architecture field :contacted_at, Types::TimeType, null: true, description: 'Timestamp of last contact from this runner.', method: :contacted_at @@ -46,17 +42,10 @@ module Types field :ephemeral_register_url, GraphQL::Types::String, null: true, description: 'URL of the registration page of the runner manager. Only available for the creator of the runner for a limited time during registration.', alpha: { milestone: '15.11' } - field :executor_name, GraphQL::Types::String, null: true, - deprecated: { reason: "Use field in `manager` object instead", milestone: '16.2' }, - description: 'Executor last advertised by the runner.', - method: :executor_name field :groups, null: true, resolver: ::Resolvers::Ci::RunnerGroupsResolver, description: 'Groups the runner is associated with. For group runners only.' field :id, ::Types::GlobalIDType[::Ci::Runner], null: false, description: 'ID of the runner.' - field :ip_address, GraphQL::Types::String, null: true, - deprecated: { reason: "Use field in `manager` object instead", milestone: '16.2' }, - description: 'IP address of the runner.' field :job_count, GraphQL::Types::Int, null: true, description: "Number of jobs processed by the runner (limited to #{JOB_COUNT_LIMIT}, plus one to " \ "indicate that more items exist).\n`jobCount` is an optimized version of `jobs { count }`, " \ @@ -86,10 +75,6 @@ module Types resolver: ::Resolvers::Ci::RunnerOwnerProjectResolver field :paused, GraphQL::Types::Boolean, null: false, description: 'Indicates the runner is paused and not available to run jobs.' - field :platform_name, GraphQL::Types::String, null: true, - deprecated: { reason: "Use field in `manager` object instead", milestone: '16.2' }, - description: 'Platform provided by the runner.', - method: :platform field :project_count, GraphQL::Types::Int, null: true, description: 'Number of projects that the runner is associated with.' field :projects, @@ -99,9 +84,6 @@ module Types description: 'Find projects the runner is associated with. For project runners only.' field :register_admin_url, GraphQL::Types::String, null: true, description: 'URL of the temporary registration page of the runner. Only available before the runner is registered. Only available for administrators.' - field :revision, GraphQL::Types::String, null: true, - deprecated: { reason: "Use field in `manager` object instead", milestone: '16.2' }, - description: 'Revision of the runner.' field :run_untagged, GraphQL::Types::Boolean, null: false, description: 'Indicates the runner is able to run untagged jobs.' field :runner_type, ::Types::Ci::RunnerTypeEnum, null: false, @@ -118,9 +100,6 @@ module Types field :token_expires_at, Types::TimeType, null: true, description: 'Runner token expiration time.', method: :token_expires_at - field :version, GraphQL::Types::String, null: true, - deprecated: { reason: "Use field in `manager` object instead", milestone: '16.2' }, - description: 'Version of the runner.' markdown_field :maintenance_note_html, null: true diff --git a/app/models/ci/runner_manager.rb b/app/models/ci/runner_manager.rb index 69b8bd1cbef..e4810d83ab5 100644 --- a/app/models/ci/runner_manager.rb +++ b/app/models/ci/runner_manager.rb @@ -76,6 +76,7 @@ module Ci end scope :order_id_desc, -> { order(id: :desc) } + scope :order_contacted_at_desc, -> { order(contacted_at: :desc) } scope :with_version_prefix, ->(value) do regex = version_regex_expression_for_version(value) diff --git a/app/models/repository.rb b/app/models/repository.rb index ceed9929d26..32e26474db6 100644 --- a/app/models/repository.rb +++ b/app/models/repository.rb @@ -170,11 +170,6 @@ class Repository commits = Commit.decorate(commits, container) if commits.present? CommitCollection.new(container, commits, ref) - rescue Gitlab::Git::CommandError => e - # Temporary fix to address a new Gitaly internal error: https://gitlab.com/gitlab-org/gitlab/-/issues/452488 - return CommitCollection.new(container, [], ref) if e.message.include?('listing commits failed') - - raise end def commits_between(from, to, limit: nil) diff --git a/app/presenters/ci/runner_presenter.rb b/app/presenters/ci/runner_presenter.rb index 482534f27b9..cd268140c50 100644 --- a/app/presenters/ci/runner_presenter.rb +++ b/app/presenters/ci/runner_presenter.rb @@ -12,10 +12,6 @@ module Ci delegator_override :locked alias_method :locked, :locked? - def executor_name - Ci::Runner::EXECUTOR_TYPE_TO_NAMES[executor_type&.to_sym] - end - def paused !active end diff --git a/app/validators/json_schemas/member_role_permissions.json b/app/validators/json_schemas/member_role_permissions.json index b2c50bb9ad4..2257ec48934 100644 --- a/app/validators/json_schemas/member_role_permissions.json +++ b/app/validators/json_schemas/member_role_permissions.json @@ -22,6 +22,9 @@ "admin_terraform_state": { "type": "boolean" }, + "admin_compliance_framework": { + "type": "boolean" + }, "admin_vulnerability": { "type": "boolean" }, diff --git a/app/views/devise/shared/_signup_box_form.html.haml b/app/views/devise/shared/_signup_box_form.html.haml index 33b364965db..af5ec456872 100644 --- a/app/views/devise/shared/_signup_box_form.html.haml +++ b/app/views/devise/shared/_signup_box_form.html.haml @@ -20,10 +20,14 @@ .form-group = label_tag :signup_intent, s_('SignUp|I want to...') = select_tag :signup_intent, - options_for_select([[s_('SignUp|Set up a new team'), :new_team], - [s_('SignUp|Set up a new personal account'), :new_personal_account], - [s_('SignUp|Join an existing team'), :join_existing_team], - [s_('SignUp|Contribute to a public project on GitLab'), :contribute_public_project]]), + options_for_select([[s_('SignUp|Set up a new team'), + :select_signup_intent_dropdown_new_team_registration_step_one], + [s_('SignUp|Set up a new personal account'), + :select_signup_intent_dropdown_new_personal_account_registration_step_one], + [s_('SignUp|Join an existing team'), + :select_signup_intent_dropdown_join_existing_team_registration_step_one], + [s_('SignUp|Contribute to a public project on GitLab'), + :select_signup_intent_dropdown_contribute_public_project_registration_step_one]]), prompt: s_('SignUp|Please select an option...'), class: 'gl-form-select custom-select', required: true diff --git a/app/views/groups/edit.html.haml b/app/views/groups/edit.html.haml index 1c1388013af..afdb4cc1c55 100644 --- a/app/views/groups/edit.html.haml +++ b/app/views/groups/edit.html.haml @@ -45,7 +45,10 @@ .settings-content = render 'shared/badges/badge_settings' +- if can?(current_user, :admin_compliance_framework, @group) = render_if_exists 'groups/compliance_frameworks', expanded: expanded + +- if can?(current_user, :admin_group, @group) = render_if_exists 'groups/custom_project_templates_setting' = render_if_exists 'groups/templates_setting', expanded: expanded = render_if_exists 'shared/groups/max_pages_size_setting' @@ -60,6 +63,7 @@ = _('Perform advanced options such as changing path, transferring, exporting, or removing the group.') .settings-content = render 'groups/settings/advanced' + - elsif can?(current_user, :remove_group, @group) = render 'groups/settings/remove', group: @group, remove_form_id: 'js-remove-group-form' = render_if_exists 'groups/settings/restore', group: @group diff --git a/app/views/projects/edit.html.haml b/app/views/projects/edit.html.haml index 90837a1a291..d185ef2f130 100644 --- a/app/views/projects/edit.html.haml +++ b/app/views/projects/edit.html.haml @@ -51,8 +51,10 @@ .settings-content = render 'shared/badges/badge_settings' +- if can?(current_user, :admin_compliance_framework, @project) = render_if_exists 'compliance_management/compliance_framework/project_settings', expanded: expanded +- if can?(current_user, :admin_project, @project) = render_if_exists 'projects/settings/default_issue_template' = render 'projects/service_desk_settings' diff --git a/data/deprecations/15-6-deprecate-post-api-v4-runner.yml b/data/deprecations/15-6-deprecate-post-api-v4-runner.yml index 9e8b1f81832..e8b49c5427d 100644 --- a/data/deprecations/15-6-deprecate-post-api-v4-runner.yml +++ b/data/deprecations/15-6-deprecate-post-api-v4-runner.yml @@ -1,7 +1,6 @@ - title: 'Registration tokens and server-side runner arguments in `POST /api/v4/runners` endpoint' # (required) The name of the feature to be deprecated announcement_milestone: '15.6' # (required) The milestone when this feature was first announced as deprecated. removal_milestone: '18.0' # (required) The milestone when this feature is planned to be removed - removal_date: '2024-04-22' breaking_change: true # (required) If this deprecation is a breaking change, set this value to true reporter: pedropombeiro # (required) GitLab username of the person reporting the deprecation stage: Verify # (required) String value of the stage that the feature was created in. e.g., Growth diff --git a/data/deprecations/15-9-deprecate-runner-setup-instructions-api.yml b/data/deprecations/15-9-deprecate-runner-setup-instructions-api.yml index 4f5c301b7c2..1339225ef20 100644 --- a/data/deprecations/15-9-deprecate-runner-setup-instructions-api.yml +++ b/data/deprecations/15-9-deprecate-runner-setup-instructions-api.yml @@ -1,8 +1,7 @@ - title: 'GitLab Runner platforms and setup instructions in GraphQL API' announcement_milestone: '15.9' announcement_date: '2023-02-22' - removal_milestone: '17.0' - removal_date: '2024-05-22' + removal_milestone: '18.0' breaking_change: true reporter: mrincon body: | diff --git a/db/post_migrate/20240410104838_index_vulnerability_reads_on_state_report_type_severity_traversal_ids_archived.rb b/db/post_migrate/20240410104838_index_vulnerability_reads_on_state_report_type_severity_traversal_ids_archived.rb new file mode 100644 index 00000000000..6b750eb3fe0 --- /dev/null +++ b/db/post_migrate/20240410104838_index_vulnerability_reads_on_state_report_type_severity_traversal_ids_archived.rb @@ -0,0 +1,17 @@ +# frozen_string_literal: true + +class IndexVulnerabilityReadsOnStateReportTypeSeverityTraversalIdsArchived < Gitlab::Database::Migration[2.2] + disable_ddl_transaction! + milestone '16.11' + + INDEX_NAME = 'index_vulnerability_reads_common_attrs_and_detection_for_groups' + COLUMNS = %i[resolved_on_default_branch state report_type severity traversal_ids vulnerability_id].freeze + + def up + add_concurrent_index :vulnerability_reads, COLUMNS, name: INDEX_NAME, where: 'archived = false' + end + + def down + remove_concurrent_index_by_name :vulnerability_reads, INDEX_NAME + end +end diff --git a/db/schema_migrations/20240410104838 b/db/schema_migrations/20240410104838 new file mode 100644 index 00000000000..f10968480cb --- /dev/null +++ b/db/schema_migrations/20240410104838 @@ -0,0 +1 @@ +09626f964c06c02dff8c779f4e7bcfe56cb5ba6a256af43ce8a7d57dff4509c7 \ No newline at end of file diff --git a/db/structure.sql b/db/structure.sql index f11da557671..ae2e565ae94 100644 --- a/db/structure.sql +++ b/db/structure.sql @@ -27698,6 +27698,8 @@ CREATE UNIQUE INDEX index_vulnerability_occurrences_on_uuid_1 ON vulnerability_o CREATE INDEX index_vulnerability_occurrences_on_vulnerability_id ON vulnerability_occurrences USING btree (vulnerability_id); +CREATE INDEX index_vulnerability_reads_common_attrs_and_detection_for_groups ON vulnerability_reads USING btree (resolved_on_default_branch, state, report_type, severity, traversal_ids, vulnerability_id) WHERE (archived = false); + CREATE INDEX index_vulnerability_reads_common_finder_query_2 ON vulnerability_reads USING btree (project_id, state, report_type, severity, vulnerability_id DESC, dismissal_reason); CREATE INDEX index_vulnerability_reads_common_finder_query_w_namespace_id ON vulnerability_reads USING btree (namespace_id, state, report_type, severity, vulnerability_id DESC, dismissal_reason); diff --git a/doc/api/graphql/reference/index.md b/doc/api/graphql/reference/index.md index ad42824bec2..69bb258d130 100644 --- a/doc/api/graphql/reference/index.md +++ b/doc/api/graphql/reference/index.md @@ -17269,7 +17269,6 @@ CI/CD variables for a project. | `accessLevel` | [`CiRunnerAccessLevel!`](#cirunneraccesslevel) | Access level of the runner. | | `active` **{warning-solid}** | [`Boolean!`](#boolean) | **Deprecated** in GitLab 14.8. Use paused. | | `adminUrl` | [`String`](#string) | Admin URL of the runner. Only available for administrators. | -| `architectureName` **{warning-solid}** | [`String`](#string) | **Deprecated** in GitLab 16.2. Use field in `manager` object instead. | | `contactedAt` | [`Time`](#time) | Timestamp of last contact from this runner. | | `createdAt` | [`Time`](#time) | Timestamp of creation of this runner. | | `createdBy` | [`UserCore`](#usercore) | User that created this runner. | @@ -17277,10 +17276,8 @@ CI/CD variables for a project. | `editAdminUrl` | [`String`](#string) | Admin form URL of the runner. Only available for administrators. | | `ephemeralAuthenticationToken` **{warning-solid}** | [`String`](#string) | **Introduced** in GitLab 15.9. **Status**: Experiment. Ephemeral authentication token used for runner manager registration. Only available for the creator of the runner for a limited time during registration. | | `ephemeralRegisterUrl` **{warning-solid}** | [`String`](#string) | **Introduced** in GitLab 15.11. **Status**: Experiment. URL of the registration page of the runner manager. Only available for the creator of the runner for a limited time during registration. | -| `executorName` **{warning-solid}** | [`String`](#string) | **Deprecated** in GitLab 16.2. Use field in `manager` object instead. | | `groups` | [`GroupConnection`](#groupconnection) | Groups the runner is associated with. For group runners only. (see [Connections](#connections)) | | `id` | [`CiRunnerID!`](#cirunnerid) | ID of the runner. | -| `ipAddress` **{warning-solid}** | [`String`](#string) | **Deprecated** in GitLab 16.2. Use field in `manager` object instead. | | `jobExecutionStatus` **{warning-solid}** | [`CiRunnerJobExecutionStatus`](#cirunnerjobexecutionstatus) | **Introduced** in GitLab 15.7. **Status**: Experiment. Job execution status of the runner. | | `locked` | [`Boolean`](#boolean) | Indicates the runner is locked. | | `maintenanceNote` | [`String`](#string) | Runner's maintenance notes. | @@ -17288,12 +17285,10 @@ CI/CD variables for a project. | `maximumTimeout` | [`Int`](#int) | Maximum timeout (in seconds) for jobs processed by the runner. | | `ownerProject` | [`Project`](#project) | Project that owns the runner. For project runners only. | | `paused` | [`Boolean!`](#boolean) | Indicates the runner is paused and not available to run jobs. | -| `platformName` **{warning-solid}** | [`String`](#string) | **Deprecated** in GitLab 16.2. Use field in `manager` object instead. | | `privateProjectsMinutesCostFactor` | [`Float`](#float) | Private projects' "compute cost factor" associated with the runner (GitLab.com only). | | `projectCount` | [`Int`](#int) | Number of projects that the runner is associated with. | | `publicProjectsMinutesCostFactor` | [`Float`](#float) | Public projects' "compute cost factor" associated with the runner (GitLab.com only). | | `registerAdminUrl` | [`String`](#string) | URL of the temporary registration page of the runner. Only available before the runner is registered. Only available for administrators. | -| `revision` **{warning-solid}** | [`String`](#string) | **Deprecated** in GitLab 16.2. Use field in `manager` object instead. | | `runUntagged` | [`Boolean!`](#boolean) | Indicates the runner is able to run untagged jobs. | | `runnerType` | [`CiRunnerType!`](#cirunnertype) | Type of the runner. | | `shortSha` | [`String`](#string) | First eight characters of the runner's token used to authenticate new job requests. Used as the runner's unique ID. | @@ -17301,7 +17296,6 @@ CI/CD variables for a project. | `tokenExpiresAt` | [`Time`](#time) | Runner token expiration time. | | `upgradeStatus` **{warning-solid}** | [`CiRunnerUpgradeStatus`](#cirunnerupgradestatus) | **Introduced** in GitLab 14.10. **Status**: Experiment. Availability of upgrades for the runner. | | `userPermissions` | [`RunnerPermissions!`](#runnerpermissions) | Permissions for the current user on the resource. | -| `version` **{warning-solid}** | [`String`](#string) | **Deprecated** in GitLab 16.2. Use field in `manager` object instead. | #### Fields with arguments @@ -26133,6 +26127,7 @@ Represents vulnerability finding of a security report on the pipeline. | `scanner` | [`VulnerabilityScanner`](#vulnerabilityscanner) | Scanner metadata for the vulnerability. | | `severity` | [`VulnerabilitySeverity`](#vulnerabilityseverity) | Severity of the vulnerability finding. | | `solution` | [`String`](#string) | Solution for resolving the security report finding. | +| `solutionHtml` | [`String`](#string) | GitLab Flavored Markdown rendering of `solution`. | | `state` | [`VulnerabilityState`](#vulnerabilitystate) | Finding status. | | `stateComment` | [`String`](#string) | Comment for the state of the security report finding. | | `title` | [`String`](#string) | Title of the vulnerability finding. | @@ -32010,7 +32005,7 @@ Runner cloud provider. ### `CiRunnerMembershipFilter` -Values for filtering runners in namespaces. The previous type name `RunnerMembershipFilter` was deprecated in 15.4. +Values for filtering runners in namespaces. | Value | Description | | ----- | ----------- | @@ -33156,6 +33151,7 @@ Member role permission. | Value | Description | | ----- | ----------- | | `ADMIN_CICD_VARIABLES` | Create, read, update, and delete CI/CD variables. | +| `ADMIN_COMPLIANCE_FRAMEWORK` | Enables administrator access to the compliance framework. | | `ADMIN_GROUP_MEMBER` | Add or remove users in a group, and assign roles to users. When assigning a role, users with this custom permission must select a role that has the same or fewer permissions as the default role used as the base for their custom role. | | `ADMIN_MERGE_REQUEST` | Allows approval of merge requests. | | `ADMIN_PUSH_RULES` | Configure push rules for repositories at the group or project level. | diff --git a/doc/api/graphql/removed_items.md b/doc/api/graphql/removed_items.md index 57c8458ca20..3f1c464bce7 100644 --- a/doc/api/graphql/removed_items.md +++ b/doc/api/graphql/removed_items.md @@ -14,6 +14,21 @@ GraphQL is a versionless API, unlike the REST API. Occasionally, items have to be updated or removed from the GraphQL API. According to our [process for removing items](index.md#deprecation-and-removal-process), here are the items that have been removed. +## GitLab 17.0 + +Fields removed in GitLab 17.0. + +### GraphQL Fields + +| Field name | GraphQL type | Deprecated in | Removal MR | Use instead | +|---|---|---|---|---| +| `architectureName` | `CiRunner` | 16.2 | [!124751](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/124751) | Use this field in `manager` object instead. | +| `executorName` | `CiRunner` | 16.2 | [!124751](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/124751) | Use this field in `manager` object instead. | +| `ipAddress` | `CiRunner` | 16.2 | [!124751](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/124751) | Use this field in `manager` object instead. | +| `platformName` | `CiRunner` | 16.2 | [!124751](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/124751) | Use this field in `manager` object instead. | +| `revision` | `CiRunner` | 16.2 | [!124751](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/124751) | Use this field in `manager` object instead. | +| `version` | `CiRunner` | 16.2 | [!124751](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/124751) | Use this field in `manager` object instead. | + ## GitLab 16.0 Fields removed in GitLab 16.0. diff --git a/doc/api/rest/deprecations.md b/doc/api/rest/deprecations.md index f192f3d4592..ba54ba46ddd 100644 --- a/doc/api/rest/deprecations.md +++ b/doc/api/rest/deprecations.md @@ -116,3 +116,11 @@ Breaking change. [Related issue](https://gitlab.com/gitlab-org/gitlab/-/issues/4 In GitLab 17.0, the [Runners API](../runners.md) will return `""` in place of `ip_address` for runners. In v5 of the REST API, the field will be removed. + +## Runner will not return `version`, `revision`, `platform`, or `architecture` + +Breaking change. [Related issue](https://gitlab.com/gitlab-org/gitlab/-/issues/457128). + +In GitLab 18.0, the [Runners API](../runners.md) will return `""` in place of `version`, `revision`, `platform`, +and `architecture` for runners. +In v5 of the REST API, the fields will be removed. diff --git a/doc/api/runners.md b/doc/api/runners.md index 48f1b67b33d..4f6ec49d756 100644 --- a/doc/api/runners.md +++ b/doc/api/runners.md @@ -80,6 +80,14 @@ NOTE: The `active` attribute in the response was deprecated [in GitLab 14.8](https://gitlab.com/gitlab-org/gitlab/-/issues/347211) and will be removed in [a future version of the REST API](https://gitlab.com/gitlab-org/gitlab/-/issues/351109). It is replaced by the `paused` attribute. +NOTE: +The `ip_address` attribute in the response was deprecated +[in GitLab 16.1](https://gitlab.com/gitlab-org/gitlab/-/issues/415159) and will be removed in +[a future version of the REST API](https://gitlab.com/gitlab-org/gitlab/-/issues/351109). +This attribute will start returning an empty string in GitLab 17.0. +The `ipAddress` attribute can be found inside the respective runner manager, currently only available through the GraphQL +[`CiRunnerManager` type](graphql/reference/index.md#cirunnermanager). + Example response: ```json @@ -89,7 +97,7 @@ Example response: "paused": false, "description": "test-1-20150125", "id": 6, - "ip_address": "127.0.0.1", + "ip_address": "", "is_shared": false, "runner_type": "project_type", "name": null, @@ -101,7 +109,7 @@ Example response: "paused": false, "description": "test-2-20150125", "id": 8, - "ip_address": "127.0.0.1", + "ip_address": "", "is_shared": false, "runner_type": "group_type", "name": null, @@ -150,6 +158,14 @@ NOTE: The `active` attribute in the response was deprecated [in GitLab 14.8](https://gitlab.com/gitlab-org/gitlab/-/issues/347211) and will be removed in [a future version of the REST API](https://gitlab.com/gitlab-org/gitlab/-/issues/351109). It is replaced by the `paused` attribute. +NOTE: +The `ip_address` attribute in the response was deprecated +[in GitLab 16.1](https://gitlab.com/gitlab-org/gitlab/-/issues/415159) and will be removed in +[a future version of the REST API](https://gitlab.com/gitlab-org/gitlab/-/issues/351109). +This attribute will start returning an empty string in GitLab 17.0. +The `ipAddress` attribute can be found inside the respective runner manager, currently only available through the GraphQL +[`CiRunnerManager` type](graphql/reference/index.md#cirunnermanager). + Example response: ```json @@ -159,7 +175,7 @@ Example response: "paused": false, "description": "shared-runner-1", "id": 1, - "ip_address": "127.0.0.1", + "ip_address": "", "is_shared": true, "runner_type": "instance_type", "name": null, @@ -171,7 +187,7 @@ Example response: "paused": false, "description": "shared-runner-2", "id": 3, - "ip_address": "127.0.0.1", + "ip_address": "", "is_shared": true, "runner_type": "instance_type", "name": null, @@ -183,7 +199,7 @@ Example response: "paused": false, "description": "test-1-20150125", "id": 6, - "ip_address": "127.0.0.1", + "ip_address": "", "is_shared": false, "runner_type": "project_type", "name": null, @@ -195,7 +211,7 @@ Example response: "paused": false, "description": "test-2-20150125", "id": 8, - "ip_address": "127.0.0.1", + "ip_address": "", "is_shared": false, "runner_type": "group_type", "name": null, @@ -236,6 +252,22 @@ NOTE: The `active` attribute in the response was deprecated [in GitLab 14.8](https://gitlab.com/gitlab-org/gitlab/-/issues/347211) and will be removed in [a future version of the REST API](https://gitlab.com/gitlab-org/gitlab/-/issues/351109). It is replaced by the `paused` attribute. +NOTE: +The `ip_address` attribute in the response was deprecated +[in GitLab 16.1](https://gitlab.com/gitlab-org/gitlab/-/issues/415159) and will be removed in +[a future version of the REST API](https://gitlab.com/gitlab-org/gitlab/-/issues/351109). +This attribute will start returning an empty string in GitLab 17.0. +The `ipAddress` attribute can be found inside the respective runner manager, currently only available through the GraphQL +[`CiRunnerManager` type](graphql/reference/index.md#cirunnermanager). + +NOTE: +The `version`, `revision`, `platform`, and `architecture` attributes in the response were deprecated +[in GitLab 17.0](https://gitlab.com/gitlab-org/gitlab/-/issues/457128) and will be removed in +[a future version of the REST API](https://gitlab.com/gitlab-org/gitlab/-/issues/351109). +These attributes will start returning an empty string in GitLab 18.0. +The same attributes can be found inside the respective runner manager, currently only available through the GraphQL +[`CiRunnerManager` type](graphql/reference/index.md#cirunnermanager). + Example response: ```json @@ -245,7 +277,7 @@ Example response: "architecture": null, "description": "test-1-20150125", "id": 6, - "ip_address": "127.0.0.1", + "ip_address": "", "is_shared": false, "runner_type": "project_type", "contacted_at": "2016-01-25T16:39:48.066Z", @@ -308,6 +340,14 @@ NOTE: The `active` query parameter was deprecated [in GitLab 14.8](https://gitlab.com/gitlab-org/gitlab/-/issues/347211) and will be removed in [a future version of the REST API](https://gitlab.com/gitlab-org/gitlab/-/issues/351109). It is replaced by the `paused` attribute. +NOTE: +The `ip_address` attribute in the response was deprecated +[in GitLab 16.1](https://gitlab.com/gitlab-org/gitlab/-/issues/415159) and will be removed in +[a future version of the REST API](https://gitlab.com/gitlab-org/gitlab/-/issues/351109). +This attribute will start returning an empty string in GitLab 17.0. +The `ipAddress` attribute can be found inside the respective runner manager, currently only available through the GraphQL +[`CiRunnerManager` type](graphql/reference/index.md#cirunnermanager). + Example response: ```json @@ -316,7 +356,7 @@ Example response: "architecture": null, "description": "test-1-20150125-test", "id": 6, - "ip_address": "127.0.0.1", + "ip_address": "", "is_shared": false, "runner_type": "group_type", "contacted_at": "2016-01-25T16:39:48.066Z", @@ -507,6 +547,14 @@ NOTE: The `active` attribute in the response was deprecated [in GitLab 14.8](https://gitlab.com/gitlab-org/gitlab/-/issues/347211) and will be removed in [a future version of the REST API](https://gitlab.com/gitlab-org/gitlab/-/issues/351109). It is replaced by the `paused` attribute. +NOTE: +The `ip_address` attribute in the response was deprecated +[in GitLab 16.1](https://gitlab.com/gitlab-org/gitlab/-/issues/415159) and will be removed in +[a future version of the REST API](https://gitlab.com/gitlab-org/gitlab/-/issues/351109). +This attribute will start returning an empty string in GitLab 17.0. +The `ipAddress` attribute can be found inside the respective runner manager, currently only available through the GraphQL +[`CiRunnerManager` type](graphql/reference/index.md#cirunnermanager). + Example response: ```json @@ -516,7 +564,7 @@ Example response: "paused": false, "description": "test-2-20150125", "id": 8, - "ip_address": "127.0.0.1", + "ip_address": "", "is_shared": false, "runner_type": "project_type", "name": null, @@ -528,7 +576,7 @@ Example response: "paused": false, "description": "development_runner", "id": 5, - "ip_address": "127.0.0.1", + "ip_address": "", "is_shared": true, "runner_type": "instance_type", "name": null, @@ -556,6 +604,14 @@ curl --request POST --header "PRIVATE-TOKEN: " "https://gitla --form "runner_id=9" ``` +NOTE: +The `ip_address` attribute in the response was deprecated +[in GitLab 16.1](https://gitlab.com/gitlab-org/gitlab/-/issues/415159) and will be removed in +[a future version of the REST API](https://gitlab.com/gitlab-org/gitlab/-/issues/351109). +This attribute will start returning an empty string in GitLab 17.0. +The `ipAddress` attribute can be found inside the respective runner manager, currently only available through the GraphQL +[`CiRunnerManager` type](graphql/reference/index.md#cirunnermanager). + Example response: ```json @@ -563,7 +619,7 @@ Example response: "active": true, "description": "test-2016-02-01", "id": 9, - "ip_address": "127.0.0.1", + "ip_address": "", "is_shared": false, "runner_type": "project_type", "name": null, @@ -624,6 +680,14 @@ NOTE: The `active` attribute in the response was deprecated [in GitLab 14.8](https://gitlab.com/gitlab-org/gitlab/-/issues/347211) and will be removed in [a future version of the REST API](https://gitlab.com/gitlab-org/gitlab/-/issues/351109). It is replaced by the `paused` attribute. +NOTE: +The `ip_address` attribute in the response was deprecated +[in GitLab 16.1](https://gitlab.com/gitlab-org/gitlab/-/issues/415159) and will be removed in +[a future version of the REST API](https://gitlab.com/gitlab-org/gitlab/-/issues/351109). +This attribute will start returning an empty string in GitLab 17.0. +The `ipAddress` attribute can be found inside the respective runner manager, currently only available through the GraphQL +[`CiRunnerManager` type](graphql/reference/index.md#cirunnermanager). + Example response: ```json @@ -631,7 +695,7 @@ Example response: { "id": 3, "description": "Shared", - "ip_address": "127.0.0.1", + "ip_address": "", "active": true, "paused": false, "is_shared": true, @@ -643,7 +707,7 @@ Example response: { "id": 6, "description": "Test", - "ip_address": "127.0.0.1", + "ip_address": "", "active": true, "paused": false, "is_shared": true, @@ -655,7 +719,7 @@ Example response: { "id": 8, "description": "Test 2", - "ip_address": "127.0.0.1", + "ip_address": "", "active": true, "paused": false, "is_shared": false, diff --git a/doc/ci/yaml/index.md b/doc/ci/yaml/index.md index 834b825d001..d429cf8b829 100644 --- a/doc/ci/yaml/index.md +++ b/doc/ci/yaml/index.md @@ -997,6 +997,7 @@ in a header section. **Possible inputs**: Can be one of: +- `array`, to accept an [array](../yaml/inputs.md#array-type) of inputs. - `string`, to accept string inputs (default when not defined). - `number`, to only accept numeric inputs. - `boolean`, to only accept `true` or `false` inputs. @@ -1013,6 +1014,8 @@ spec: type: number available: type: boolean + array_input: + type: array --- # The pipeline configuration would follow... diff --git a/doc/development/sec/analyzer_development_guide.md b/doc/development/sec/analyzer_development_guide.md index 990e6c7aa5c..ed3012db241 100644 --- a/doc/development/sec/analyzer_development_guide.md +++ b/doc/development/sec/analyzer_development_guide.md @@ -396,7 +396,6 @@ This issue will guide you through the whole release process. In general, you hav - [SAST vendored CI/CD template](https://gitlab.com/gitlab-org/gitlab/blob/master/lib/gitlab/ci/templates/Security/SAST.gitlab-ci.yml) - [Dependency Scanning vendored CI/CD template](https://gitlab.com/gitlab-org/gitlab/blob/master/lib/gitlab/ci/templates/Security/Dependency-Scanning.gitlab-ci.yml) - - [License Scanning vendored CI/CD template](https://gitlab.com/gitlab-org/gitlab/blob/master/lib/gitlab/ci/templates/Security/License-Scanning.gitlab-ci.yml) - [Container Scanning CI/CD template](https://gitlab.com/gitlab-org/gitlab/blob/master/lib/gitlab/ci/templates/Security/Container-Scanning.gitlab-ci.yml) If needed, go to the pipeline corresponding to the last Git tag, diff --git a/doc/topics/autodevops/cicd_variables.md b/doc/topics/autodevops/cicd_variables.md index 4e4c8cf2588..476d7fcd62c 100644 --- a/doc/topics/autodevops/cicd_variables.md +++ b/doc/topics/autodevops/cicd_variables.md @@ -111,7 +111,7 @@ Use these variables to disable CI/CD jobs. | `gemnasium-python-dependency_scanning` | `DEPENDENCY_SCANNING_DISABLED` | | The job isn't created if the value is `"true"`. | | `kubesec-sast` | `SAST_DISABLED` | | The job isn't created if the value is `"true"`. | | `license_management` | `LICENSE_MANAGEMENT_DISABLED` | GitLab 12.7 and earlier | If the variable is present, the job isn't created. Job deprecated [from GitLab 12.8](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/22773) | -| `license_scanning` | `LICENSE_MANAGEMENT_DISABLED` | | The job isn't created if the value is `"true"`.| +| `license_scanning` | `LICENSE_MANAGEMENT_DISABLED` | | The job isn't created if the value is `"true"`. Job deprecated [from GitLab 15.9](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/111071) | | `load_performance` | `LOAD_PERFORMANCE_DISABLED` | | If the variable is present, the job isn't created. | | `nodejs-scan-sast` | `SAST_DISABLED` | | The job isn't created if the value is `"true"`. | | `performance` | `PERFORMANCE_DISABLED` | GitLab 13.12 and earlier | Browser performance. If the variable is present, the job isn't created. Replaced by `browser_performance`. | diff --git a/doc/update/deprecations.md b/doc/update/deprecations.md index eba45fbf0b9..41fb0347497 100644 --- a/doc/update/deprecations.md +++ b/doc/update/deprecations.md @@ -192,6 +192,22 @@ upgrade to GitLab 16.3 or above, and remove the feature flag configuration.
+### GitLab Runner platforms and setup instructions in GraphQL API + +
+- Announced in GitLab 15.9 +- Removal in GitLab 18.0 ([breaking change](https://docs.gitlab.com/ee/update/terminology.html#breaking-change)) +- To discuss this change or learn more, see the [deprecation issue](https://gitlab.com/gitlab-org/gitlab/-/issues/387937). +
+ +The `runnerPlatforms` and `runnerSetup` queries to get GitLab Runner platforms and installation instructions +are deprecated and will be removed from the GraphQL API. For installation instructions, you should use the +[GitLab Runner documentation](https://docs.gitlab.com/runner/) + +
+ +
+ ### GitLab Runner registration token in Runner Operator
@@ -1140,22 +1156,6 @@ Because the new values provide a streamlined, comprehensive method to enable TLS
-### GitLab Runner platforms and setup instructions in GraphQL API - -
-- Announced in GitLab 15.9 -- Removal in GitLab 17.0 ([breaking change](https://docs.gitlab.com/ee/update/terminology.html#breaking-change)) -- To discuss this change or learn more, see the [deprecation issue](https://gitlab.com/gitlab-org/gitlab/-/issues/387937). -
- -The `runnerPlatforms` and `runnerSetup` queries to get GitLab Runner platforms and installation instructions -are deprecated and will be removed from the GraphQL API. For installation instructions, you should use the -[GitLab Runner documentation](https://docs.gitlab.com/runner/) - -
- -
- ### GitLab Runner provenance metadata SLSA v0.2 statement
diff --git a/doc/user/ai_features.md b/doc/user/ai_features.md index 2606416dc46..37c7ec4b5ca 100644 --- a/doc/user/ai_features.md +++ b/doc/user/ai_features.md @@ -33,6 +33,7 @@ GitLab is [transparent](https://handbook.gitlab.com/handbook/values/#transparenc | Helps you understand code by explaining it in English language.

[Watch overview](https://www.youtube.com/watch?v=1izKaLmmaCA) | [Code explanation](#explain-code-in-the-web-ui-with-code-explanation) | **Tier:** Ultimate
**Offering:** GitLab.com
**Status:** Experiment | | Assists you in determining the root cause for a pipeline failure and failed CI/CD build. | [Root cause analysis](#root-cause-analysis) | **Tier:** Ultimate
**Offering:** GitLab.com
**Status:** Experiment | | Assists you with predicting productivity metrics and identifying anomalies across your software development lifecycle. | [Value stream forecasting](#forecast-deployment-frequency-with-value-stream-forecasting) | **Tier:** Ultimate
**Offering:** GitLab.com, Self-managed, GitLab Dedicated
**Status:** Experiment | +| Processes and responds to your questions about your application's usage data. | [Product Analytics](analytics/analytics_dashboards.md#generate-a-custom-visualization-with-gitlab-duo) | **Tier:** Ultimate
**Offering:** GitLab.com
**Status:** Experiment | ## Controlling GitLab Duo features @@ -317,7 +318,7 @@ language model referenced above. | [Git suggestions](https://gitlab.com/gitlab-org/gitlab/-/issues/409636) | Vertex AI Codey [`codechat-bison`](https://cloud.google.com/vertex-ai/generative-ai/docs/model-reference/code-chat) | | [Discussion summary](#summarize-issue-discussions-with-discussion-summary) |Anthropic [`Claude-2`](https://docs.anthropic.com/claude/reference/selecting-a-model) | | [Issue description generation](#summarize-an-issue-with-issue-description-generation) | Anthropic [`Claude-2`](https://docs.anthropic.com/claude/reference/selecting-a-model) | -| [Code Suggestions](project/repository/code_suggestions/index.md) | For Code Completion: Vertex AI Codey [`code-gecko`](https://cloud.google.com/vertex-ai/generative-ai/docs/model-reference/code-completion) For Code Generation: Anthropic [`Claude-2`](https://docs.anthropic.com/claude/reference/selecting-a-model) | +| [Code Suggestions](project/repository/code_suggestions/index.md) | For Code Completion: Vertex AI Codey [`code-gecko`](https://cloud.google.com/vertex-ai/generative-ai/docs/model-reference/code-completion) For Code Generation: Anthropic [`Claude-3-Sonnet`](https://docs.anthropic.com/claude/docs/models-overview) | | [Test generation](gitlab_duo_chat.md#write-tests-in-the-ide) | Anthropic [`Claude-2`](https://docs.anthropic.com/claude/reference/selecting-a-model) | | [Merge request template population](project/merge_requests/ai_in_merge_requests.md#fill-in-merge-request-templates) | Vertex AI Codey [`text-bison`](https://cloud.google.com/vertex-ai/generative-ai/docs/model-reference/text) | | [Suggested Reviewers](project/merge_requests/reviews/index.md#gitlab-duo-suggested-reviewers) | GitLab creates a machine learning model for each project, which is used to generate reviewers [View the issue](https://gitlab.com/gitlab-org/modelops/applied-ml/applied-ml-updates/-/issues/10) | @@ -329,6 +330,7 @@ language model referenced above. | [GitLab Duo Chat](gitlab_duo_chat.md) | Anthropic [`Claude-2`](https://docs.anthropic.com/claude/reference/selecting-a-model) Vertex AI Codey [`textembedding-gecko`](https://cloud.google.com/vertex-ai/generative-ai/docs/embeddings/get-text-embeddings) | | [Root cause analysis](#root-cause-analysis) | Vertex AI Codey [`text-bison`](https://cloud.google.com/vertex-ai/generative-ai/docs/model-reference/text) | | [Value stream forecasting](#forecast-deployment-frequency-with-value-stream-forecasting) | Statistical forecasting | +| [Product analytics](analytics/analytics_dashboards.md#generate-a-custom-visualization-with-gitlab-duo) | Vertex AI Codey [`codechat-bison`](https://cloud.google.com/vertex-ai/generative-ai/docs/model-reference/code-chat) | ## Data usage diff --git a/doc/user/analytics/analytics_dashboards.md b/doc/user/analytics/analytics_dashboards.md index 4173c73b262..049abe9cc08 100644 --- a/doc/user/analytics/analytics_dashboards.md +++ b/doc/user/analytics/analytics_dashboards.md @@ -88,6 +88,7 @@ This feature is only compatible with the [product analytics](../product_analytic You can use the dashboard designer to: - [Create custom visualizations](#create-a-custom-visualization). +- [Generate custom visualizations with GitLab Duo](#generate-a-custom-visualization-with-gitlab-duo). - Explore available data. ## View project dashboards @@ -291,6 +292,38 @@ To create a custom visualization: After you saved a visualization, you can add it to a new or existing custom dashboard in the same project. +### Generate a custom visualization with GitLab Duo + +DETAILS: +**Tier:** Ultimate +**Offering:** GitLab.com +**Status:** Experiment + +> - Introduced in GitLab 16.11 as an [Experiment](../../policy/experiment-beta-support.md#experiment) feature [with a flag](../../administration/feature_flags.md) named `generate_cube_query`. Disabled by default. + +Prerequisites: + +- The parent group of the project must have [experiment and beta features enabled](../group/manage.md#enable-experiment-and-beta-features). + +To generate a custom visualization with GitLab Duo using a natural language query: + +1. On the left sidebar, select **Search or go to** and find your project. +1. Select **Analyze > Analytics dashboards**. +1. Select **Visualization designer**. +1. In the **Visualization title** field, enter the name of your visualization. +1. From the **Visualization type** dropdown list, select a visualization type. +1. In the **Generate with GitLab Duo** section, enter your prompt. For example: + + - _Daily sessions_ + - _Number of unique users, grouped weekly_ + - _Which are the most popular pages?_ + - _How many unique users does each browser have?_ + +1. Select **Generate with GitLab Duo**. +1. Select **Save**. + +After you saved a visualization, you can add it to a new or existing custom dashboard in the same project. + ## Troubleshooting ### `Something went wrong while loading the dashboard.` @@ -311,3 +344,11 @@ If a dashboard panel displays an error message: - Check your [Cube query](../product_analytics/index.md#product-analytics-dashboards) and [visualization](../analytics/analytics_dashboards.md#define-a-chart-visualization) configurations, and make sure they are set up correctly. - For [product analytics](../product_analytics/index.md), also check that your visualization's Cube query is valid. + +### Generate visualization with GitLab Duo returns unexpected results + +If GitLab Duo doesn't return the expected or a useful result, try editing your query to: + +- Specify a date range. For example: _number of unique users in 2023 to 2024, grouped monthly_. +- Use the same names for metrics and dimensions as shown in the visualization designer. +For example: _returning users_ instead of _existing customers_. diff --git a/doc/user/application_security/container_scanning/index.md b/doc/user/application_security/container_scanning/index.md index 6809cfbcfff..0304f7ba37c 100644 --- a/doc/user/application_security/container_scanning/index.md +++ b/doc/user/application_security/container_scanning/index.md @@ -266,7 +266,7 @@ including a large number of false positives. | `ADDITIONAL_CA_CERT_BUNDLE` | `""` | Bundle of CA certs that you want to trust. See [Using a custom SSL CA certificate authority](#using-a-custom-ssl-ca-certificate-authority) for more details. | All | | `CI_APPLICATION_REPOSITORY` | `$CI_REGISTRY_IMAGE/$CI_COMMIT_REF_SLUG` | Docker repository URL for the image to be scanned. | All | | `CI_APPLICATION_TAG` | `$CI_COMMIT_SHA` | Docker repository tag for the image to be scanned. | All | -| `CS_ANALYZER_IMAGE` | `registry.gitlab.com/security-products/container-scanning:6` | Docker image of the analyzer. | All | +| `CS_ANALYZER_IMAGE` | `registry.gitlab.com/security-products/container-scanning:7` | Docker image of the analyzer. | All | | `CS_DEFAULT_BRANCH_IMAGE` | `""` | The name of the `CS_IMAGE` on the default branch. See [Setting the default branch image](#setting-the-default-branch-image) for more details. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/338877) in GitLab 14.5. | All | | `CS_DISABLE_DEPENDENCY_LIST` | `"false"` | Disable Dependency Scanning for packages installed in the scanned image. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/345434) in GitLab 14.6. | All | | `CS_DISABLE_LANGUAGE_VULNERABILITY_SCAN` | `"true"` | Disable scanning for language-specific packages installed in the scanned image. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/345434) in GitLab 14.6. | All | @@ -325,9 +325,9 @@ standard tag plus the `-fips` extension. | Scanner name | `CS_ANALYZER_IMAGE` | | --------------- | ------------------- | -| Default (Trivy) | `registry.gitlab.com/security-products/container-scanning:6-fips` | -| Grype | `registry.gitlab.com/security-products/container-scanning/grype:6-fips` | -| Trivy | `registry.gitlab.com/security-products/container-scanning/trivy:6-fips` | +| Default (Trivy) | `registry.gitlab.com/security-products/container-scanning:7-fips` | +| Grype | `registry.gitlab.com/security-products/container-scanning/grype:7-fips` | +| Trivy | `registry.gitlab.com/security-products/container-scanning/trivy:7-fips` | NOTE: Prior to GitLab 15.0, the `-ubi` image extension is also available. GitLab 15.0 and later only @@ -384,9 +384,9 @@ The following options are available: | Scanner name | `CS_ANALYZER_IMAGE` | |----------------------------------------------------------|--------------------------------------------------------------------| -| Default ([Trivy](https://github.com/aquasecurity/trivy)) | `registry.gitlab.com/security-products/container-scanning:6` | -| [Grype](https://github.com/anchore/grype) | `registry.gitlab.com/security-products/container-scanning/grype:6` | -| Trivy | `registry.gitlab.com/security-products/container-scanning/trivy:6` | +| Default ([Trivy](https://github.com/aquasecurity/trivy)) | `registry.gitlab.com/security-products/container-scanning:7` | +| [Grype](https://github.com/anchore/grype) | `registry.gitlab.com/security-products/container-scanning/grype:7` | +| Trivy | `registry.gitlab.com/security-products/container-scanning/trivy:7` | WARNING: Do not use the `:latest` tag when selecting the scanner image. @@ -584,9 +584,9 @@ For container scanning, import the following images from `registry.gitlab.com` i [local Docker container registry](../../packages/container_registry/index.md): ```plaintext -registry.gitlab.com/security-products/container-scanning:6 -registry.gitlab.com/security-products/container-scanning/grype:6 -registry.gitlab.com/security-products/container-scanning/trivy:6 +registry.gitlab.com/security-products/container-scanning:7 +registry.gitlab.com/security-products/container-scanning/grype:7 +registry.gitlab.com/security-products/container-scanning/trivy:7 ``` The process for importing Docker images into a local offline Docker registry depends on @@ -626,7 +626,7 @@ following `.gitlab-ci.yml` example as a template. ```yaml variables: - SOURCE_IMAGE: registry.gitlab.com/security-products/container-scanning:6 + SOURCE_IMAGE: registry.gitlab.com/security-products/container-scanning:7 TARGET_IMAGE: $CI_REGISTRY/namespace/container-scanning image: docker:latest diff --git a/doc/user/compliance/license_list.md b/doc/user/compliance/license_list.md index 3465ed48fca..5ddb3c78939 100644 --- a/doc/user/compliance/license_list.md +++ b/doc/user/compliance/license_list.md @@ -25,12 +25,6 @@ requirements must be met: 1. You must be generating an SBOM file with components from one of our [one of our supported languages](license_scanning_of_cyclonedx_files/index.md#supported-languages-and-package-managers). 1. If using our [`Dependency-Scanning.gitlab-ci.yml` template](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Jobs/Dependency-Scanning.gitlab-ci.yml) to generate the SBOM file, then your project must use at least one of the [supported languages and package managers](license_scanning_of_cyclonedx_files/index.md#supported-languages-and-package-managers). -Alternatively, licenses will also appear under the license list when using our deprecated [`License-Scanning.gitlab-ci.yml` template](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Jobs/License-Scanning.gitlab-ci.yml) as long as the following requirements are met: - -1. The Dependency Scanning CI/CD job must be [enabled](license_scanning_of_cyclonedx_files/index.md#configuration) for your project. -1. Your project must use at least one of the - [supported languages and package managers](license_scanning_of_cyclonedx_files/index.md#supported-languages-and-package-managers). - When everything is configured, on the left sidebar, select **Secure > License compliance**. The licenses are displayed, where: diff --git a/doc/user/compliance/license_scanning_of_cyclonedx_files/index.md b/doc/user/compliance/license_scanning_of_cyclonedx_files/index.md index 9e33054f5af..c2c50fcdef2 100644 --- a/doc/user/compliance/license_scanning_of_cyclonedx_files/index.md +++ b/doc/user/compliance/license_scanning_of_cyclonedx_files/index.md @@ -12,22 +12,7 @@ DETAILS: > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/384932) in GitLab 15.9 for GitLab SaaS [with two flags](../../../administration/feature_flags.md) named `license_scanning_sbom_scanner` and `package_metadata_synchronization`. Both flags disabled by default. > - [Generally available](https://gitlab.com/gitlab-org/gitlab/-/issues/385176) in GitLab 16.4. Feature flags `license_scanning_sbom_scanner` and `package_metadata_synchronization` removed. - -NOTE: -The legacy License Compliance analyzer was deprecated in GitLab 15.9 and removed in GitLab 16.3. -To continue using GitLab for License Compliance, remove the License Compliance template from your -CI/CD pipeline and add the [Dependency Scanning template](../../application_security/dependency_scanning/index.md#configuration). -The Dependency Scanning template is now capable of gathering the required license information so it -is no longer necessary to run a separate License Compliance job. The License Compliance CI/CD -template should not be removed prior to verifying that the instance has been upgraded to a version -that supports the new method of license scanning. To begin using the Dependency Scanner quickly at -scale, you may set up a [scan execution policy](../../application_security/policies/scan-execution-policies.md) -at the group level to enforce the SBOM-based license scan for all projects in the group. -Then, you may remove the inclusion of the `Jobs/License-Scanning.gitlab-ci.yml` template from your -CI/CD configuration. If you wish to continue using the legacy License Compliance feature, you can do -so by setting the `LICENSE_MANAGEMENT_VERSION CI` variable to `4`. This variable can be set at the -[project](../../../ci/variables/index.md#for-a-project), [group](../../../ci/variables/index.md#for-a-group) -or [instance](../../../ci/variables/index.md#for-an-instance) level. +> - The legacy License Compliance analyzer (`License-Scanning.gitlab-ci.yml`) was [removed](https://gitlab.com/gitlab-org/gitlab/-/issues/439162) in GitLab 17.0. To detect the licenses in use, License Compliance relies on running the [Dependency Scanning CI Jobs](../../application_security/dependency_scanning/index.md), diff --git a/doc/user/custom_roles/abilities.md b/doc/user/custom_roles/abilities.md index e49f3ec807c..7dcede3beab 100644 --- a/doc/user/custom_roles/abilities.md +++ b/doc/user/custom_roles/abilities.md @@ -30,6 +30,12 @@ These requirements are documented in the `Required permission` column in the fol | [`admin_merge_request`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/128302) | | Allows approval of merge requests. | GitLab [16.4](https://gitlab.com/gitlab-org/gitlab/-/issues/412708) | | | | [`read_code`](https://gitlab.com/gitlab-org/gitlab/-/issues/376180) | | Allows read-only access to the source code. | GitLab [15.7](https://gitlab.com/gitlab-org/gitlab/-/issues/20277) | `customizable_roles` | GitLab [15.9](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/110810) | +## Compliance management + +| Name | Required permission | Description | Introduced in | Feature flag | Enabled in | +|:-----|:------------|:------------------|:---------|:--------------|:---------| +| [`admin_compliance_framework`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/144183) | | Enables administrator access to the compliance framework. | GitLab [17.0](https://gitlab.com/gitlab-org/gitlab/-/issues/411502) | | | + ## Group and projects | Name | Required permission | Description | Introduced in | Feature flag | Enabled in | diff --git a/doc/user/group/saml_sso/index.md b/doc/user/group/saml_sso/index.md index 616aa2d4d80..4b812e25c52 100644 --- a/doc/user/group/saml_sso/index.md +++ b/doc/user/group/saml_sso/index.md @@ -249,7 +249,13 @@ After you set up your identity provider to work with GitLab, you must configure 1. Complete the fields: - In the **Identity provider single sign-on URL** field, enter the SSO URL from your identity provider. - In the **Certificate fingerprint** field, enter the fingerprint for the SAML token signing certificate. -1. In the **Default membership role** field, select the role to assign to new users. +1. For groups on GitLab.com: in the **Default membership role** field, select: + 1. The role to assign to new users. + 1. The role to assign to + [users who are not members of a mapped SAML group](../saml_sso/group_sync.md#automatic-member-removal) + when SAML Group Links is configured for the group. +1. For groups on self-managed instances: in the **Default membership role** field, + select the role to assign to new users. The default role is **Guest**. That role becomes the starting role of all users added to the group: - In [GitLab 13.3](https://gitlab.com/gitlab-org/gitlab/-/issues/214523) and diff --git a/doc/user/packages/generic_packages/index.md b/doc/user/packages/generic_packages/index.md index 2081a979ab5..9b53828f9ec 100644 --- a/doc/user/packages/generic_packages/index.md +++ b/doc/user/packages/generic_packages/index.md @@ -163,20 +163,38 @@ GET /projects/:id/packages/generic/:package_name/:package_version/:file_name The file context is served in the response body. The response content type is `application/octet-stream`. +::Tabs + +:::TabTitle Personal access token + Example request that uses a personal access token: ```shell +# Header authentication curl --header "PRIVATE-TOKEN: " \ "https://gitlab.example.com/api/v4/projects/24/packages/generic/my_package/0.0.1/file.txt" -``` -Example request that uses HTTP Basic authentication: - -```shell +# Basic authentication curl --user "user:" \ "https://gitlab.example.com/api/v4/projects/24/packages/generic/my_package/0.0.1/file.txt" ``` +:::TabTitle CI_JOB_TOKEN + +Example request that uses a `CI_JOB_TOKEN`: + +```shell +# Header authentication +curl --header "JOB-TOKEN: ${CI_JOB_TOKEN}" \ + "https://gitlab.example.com/api/v4/projects/24/packages/generic/my_package/0.0.1/file.txt" + +# Basic authentication +curl --user "gitlab-ci-token:${CI_JOB_TOKEN}" \ + "https://gitlab.example.com/api/v4/projects/24/packages/generic/my_package/0.0.1/file.txt" +``` + +::EndTabs + ## Publish a generic package by using CI/CD To work with generic packages in [GitLab CI/CD](../../../ci/index.md), you can use diff --git a/doc/user/project/issues/index.md b/doc/user/project/issues/index.md index 5f13e419332..fd74988e668 100644 --- a/doc/user/project/issues/index.md +++ b/doc/user/project/issues/index.md @@ -62,3 +62,4 @@ To learn how the GitLab Strategic Marketing department uses GitLab issues with [ - [Issues API](../../../api/issues.md) - [Configure an external issue tracker](../../../integration/external-issue-tracker.md) - [Tasks](../../tasks.md) +- [External participants](../service_desk/external_participants.md) diff --git a/doc/user/project/service_desk/external_participants.md b/doc/user/project/service_desk/external_participants.md new file mode 100644 index 00000000000..82da367cee7 --- /dev/null +++ b/doc/user/project/service_desk/external_participants.md @@ -0,0 +1,159 @@ +--- +stage: Service Management +group: Respond +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments +--- + +# External participants + +DETAILS: +**Tier:** Free, Premium, Ultimate +**Offering:** GitLab.com, Self-managed + +> - [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/3758) in GitLab 17.0 [with a flag](../../../administration/feature_flags.md) named `issue_email_participants`. Disabled by default. + +FLAG: +The availability of this feature is controlled by a feature flag. +For more information, see the history. +This feature is available for testing, but not ready for production use. + +External participants are users without a GitLab account that can interact with an issue or Service Desk ticket only by email. +They get notified of public comments on an issue or ticket by [Service Desk emails](configure.md#customize-emails-sent-to-the-requester). + +The maximum number of external participants on an issue or ticket is 10. + +## Service Desk tickets + +GitLab adds the external author of a Service Desk ticket as an external participant. +That usually is the email address from the `From` header of the initial email that created the ticket. + +### Add external participants from the `Cc` header + +By default GitLab only adds the sender of the email that creates the Service Desk ticket as an external participant. + +You can configure GitLab to also add all email addresses from the `Cc` header to the Service Desk ticket. +This works for the initial email and all replies to the [`thank_you` email](configure.md#customize-emails-sent-to-the-requester). + +Prerequisites: + +- You must have at least the Maintainer role for the project. + +To enable the setting for the project: + +1. On the left sidebar, select **Search or go to** and find your project. +1. Select **Settings > General**. +1. Expand **Service Desk**. +1. Select **Add external participants from the `Cc` header**. +1. Select **Save changes**. + +## As an external participant + +An external participant receives a notification for each public comment on the issue or ticket +using [Service Desk emails](configure.md#customize-emails-sent-to-the-requester). + +### Replying to notification emails + +An external participant can [reply to the received notification email](../../../administration/reply_by_email.md#you-reply-to-the-notification-email). +It creates a new comment on the issue or ticket and displays the email address of the external participant +instead of a GitLab username. The email address is followed by `(external participant)`. + +![Comment from an external participant on an issue or ticket](img/service_desk_external_participants_comment_v17_0.png) + +### Unsubscribing from notification emails + +External participants can use the unsubscribe link in the default Service Desk email template to +unsubscribe from the issue or ticket. + +If you [customize your `thank_you` and `new_note` email templates](configure.md#customize-emails-sent-to-the-requester), +you can use the `%{UNSUBSCRIBE_URL}` placeholder to add the unsubscribe link to the templates. + +Your GitLab instance must be reachable (for example, from the public internet) for the external participant to successfully unsubscribe. +If that's not the case, consider removing the unsubscribe link from your template. + +## As a GitLab user + +To see the email address of an external participant you must have at least the Reporter role for the project. + +The external participant's email address is obfuscated if both these conditions are true: + +- You are not a member of the project or have the Guest role. +- The issue or ticket is public ([non-confidential](../issues/confidential_issues.md#confidential-issues)). + +The external participant's email address is then obfuscated in: + +- The author field of a Service Desk ticket. +- All [system notes](../system_notes.md) that mention an external participant. +- The [REST](../../../api/notes.md) and [GraphQL](../../../api/graphql/index.md) APIs. +- The warning message below the comment editor. + +For example: + +![Obfuscated email addresses of external participants in system notes](img/service_desk_external_participants_email_obfuscation_v17_0.png) + +### Notifications sent to external participants + +External participants get notifications for all public comments on an issue. +For private communication, use [internal notes](../../discussions/index.md#add-an-internal-note). + +External participants don't receive notifications for any other issue or ticket event. + +### View all external participants + +Get an overview of all external participants that receive a Service Desk email for a new comment. + +Prerequisites: + +- You must have at least the Reporter role for the project. + +To see a list of all external participants: + +1. Go to the issue or ticket. +1. Scroll down to the comment editor. +1. If the issue or ticket has external participants, you can see a warning under the comment editor + that lists all external participants. + +![Warning below the comment editor listing external participants](img/service_desk_external_participants_comment_editor_warning_v17_0.png) + +### Add an external participant + +Add an external participant using the `/invite_email` [quick action](../quick_actions.md) when you want +to include them in the conversation at any time. + +When added, the external participant starts receiving notifications using Service Desk emails. +GitLab doesn't send a `thank_you` email for manually added external participants. + +You should add external participants in a dedicated comment because they don't receive a notification +email for the comment that contains the `/invite_email` quick action. + +Prerequisites: + +- You must have at least the Reporter role for the project. + +To add an external participant to an issue or ticket: + +1. Go to the issue or ticket. +1. Add a comment that contains only the quick action `/invite_email user@example.com`. + You can chain up to 6 email addresses. For example `/invite_email user@example.com user2@example.com` + +You should see a success message and a new system note with the email address. + +### Remove an external participant + +Remove an external participant from an issue or Service Desk ticket using the `/remove_email` +[quick action](../quick_actions.md) when they should stop receiving notifications. + +After removing them from the issue or ticket they don't receive new notifications. +But they can still reply to emails they received before and create a new comment on the issue or ticket. + +Prerequisites: + +- You must have at least the Reporter role for the project. +- There must be at least one external participant on the issue or ticket. + +To remove an existing external participant from an issue or ticket: + +1. Go to the issue or ticket. +1. Add a comment that contains only the quick action `/remove_email user@example.com`. + You can chain up to 6 email addresses. For example `/remove_email user@example.com user2@example.com` + +You should see a success message and a new system note with the email address. diff --git a/doc/user/project/service_desk/img/service_desk_external_participants_comment_editor_warning_v17_0.png b/doc/user/project/service_desk/img/service_desk_external_participants_comment_editor_warning_v17_0.png new file mode 100644 index 00000000000..c956f085c27 Binary files /dev/null and b/doc/user/project/service_desk/img/service_desk_external_participants_comment_editor_warning_v17_0.png differ diff --git a/doc/user/project/service_desk/img/service_desk_external_participants_comment_v17_0.png b/doc/user/project/service_desk/img/service_desk_external_participants_comment_v17_0.png new file mode 100644 index 00000000000..9033a960fe6 Binary files /dev/null and b/doc/user/project/service_desk/img/service_desk_external_participants_comment_v17_0.png differ diff --git a/doc/user/project/service_desk/img/service_desk_external_participants_email_obfuscation_v17_0.png b/doc/user/project/service_desk/img/service_desk_external_participants_email_obfuscation_v17_0.png new file mode 100644 index 00000000000..a39f6b662e3 Binary files /dev/null and b/doc/user/project/service_desk/img/service_desk_external_participants_email_obfuscation_v17_0.png differ diff --git a/doc/user/project/service_desk/index.md b/doc/user/project/service_desk/index.md index 27e3817ba5a..6dc1a67aabc 100644 --- a/doc/user/project/service_desk/index.md +++ b/doc/user/project/service_desk/index.md @@ -64,6 +64,10 @@ Meanwhile: - [Email contents and formatting](using_service_desk.md#email-contents-and-formatting) - [Convert a regular issue to a Service Desk ticket](using_service_desk.md#convert-a-regular-issue-to-a-service-desk-ticket) - [Privacy considerations](using_service_desk.md#privacy-considerations) +- [External Participants](external_participants.md) + - [Service Desk tickets](external_participants.md#service-desk-tickets) + - [As an external participant](external_participants.md#as-an-external-participant) + - [As a GitLab user](external_participants.md#as-a-gitlab-user) ## Troubleshooting Service Desk diff --git a/doc/user/project/service_desk/using_service_desk.md b/doc/user/project/service_desk/using_service_desk.md index 054918343cc..5271e442707 100644 --- a/doc/user/project/service_desk/using_service_desk.md +++ b/doc/user/project/service_desk/using_service_desk.md @@ -39,8 +39,8 @@ are sent as emails: Any responses they send via email are displayed in the issue itself. -For information about headers used for treating email, see -[the incoming email documentation](../../../administration/incoming_email.md#accepted-headers). +For additional information see [External participants](external_participants.md) and the +[headers used for treating email](../../../administration/incoming_email.md#accepted-headers). ### Create a Service Desk ticket in GitLab UI diff --git a/lib/api/entities/ci/runner.rb b/lib/api/entities/ci/runner.rb index 441e1dc1117..821c7dc1256 100644 --- a/lib/api/entities/ci/runner.rb +++ b/lib/api/entities/ci/runner.rb @@ -6,8 +6,8 @@ module API class Runner < Grape::Entity expose :id, documentation: { type: 'integer', example: 8 } expose :description, documentation: { type: 'string', example: 'test-1-20150125' } - # TODO: return null in 17.0 and remove in v5 https://gitlab.com/gitlab-org/gitlab/-/issues/415159 - expose :ip_address, documentation: { type: 'string', example: '127.0.0.1' } + # TODO: remove in v5 https://gitlab.com/gitlab-org/gitlab/-/issues/415159 + expose(:ip_address, documentation: { type: 'string', example: '127.0.0.1' }) { |_runner, _options| nil } # TODO Remove in v5 in favor of `paused` for REST calls, see https://gitlab.com/gitlab-org/gitlab/-/issues/375709 expose :active, documentation: { type: 'boolean', example: true } expose :paused, documentation: { type: 'boolean', example: false } do |runner| diff --git a/lib/api/entities/ci/runner_details.rb b/lib/api/entities/ci/runner_details.rb index a26e3afb4c7..40b4d3fa1a0 100644 --- a/lib/api/entities/ci/runner_details.rb +++ b/lib/api/entities/ci/runner_details.rb @@ -4,12 +4,18 @@ module API module Entities module Ci class RunnerDetails < Runner + include Gitlab::Utils::StrongMemoize + expose :tag_list expose :run_untagged expose :locked expose :maximum_timeout expose :access_level - expose :version, :revision, :platform, :architecture + # TODO: return nil in 18.0 and remove in v5 https://gitlab.com/gitlab-org/gitlab/-/issues/457128 + expose(:version) { |runner, _options| latest_runner_manager(runner)&.version } + expose(:revision) { |runner, _options| latest_runner_manager(runner)&.revision } + expose(:platform) { |runner, _options| latest_runner_manager(runner)&.platform } + expose(:architecture) { |runner, _options| latest_runner_manager(runner)&.architecture } expose :contacted_at expose :maintenance_note @@ -31,6 +37,12 @@ module API end end # rubocop: enable CodeReuse/ActiveRecord + + def latest_runner_manager(runner) + strong_memoize_with(:latest_runner_manager, runner) do + runner.runner_managers.order_contacted_at_desc.first + end + end end end end diff --git a/lib/api/generic_packages.rb b/lib/api/generic_packages.rb index 8d1e9e55f24..56188392288 100644 --- a/lib/api/generic_packages.rb +++ b/lib/api/generic_packages.rb @@ -119,7 +119,7 @@ module API requires :file_name, type: String, desc: 'Package file name', regexp: Gitlab::Regex.generic_package_file_name_regex, file_path: true end - route_setting :authentication, job_token_allowed: true, basic_auth_personal_access_token: true, deploy_token_allowed: true + route_setting :authentication, job_token_allowed: %i[request basic_auth], basic_auth_personal_access_token: true, deploy_token_allowed: true get do project = authorized_user_project(action: :read_package) diff --git a/lib/api/helpers/packages/maven/basic_auth_helpers.rb b/lib/api/helpers/packages/maven/basic_auth_helpers.rb index c9ef95adc33..0b0082dc7af 100644 --- a/lib/api/helpers/packages/maven/basic_auth_helpers.rb +++ b/lib/api/helpers/packages/maven/basic_auth_helpers.rb @@ -12,7 +12,7 @@ module API # basic auth. override :find_user_from_job_token def find_user_from_job_token - super || find_user_from_basic_auth_job + super || find_user_from_job_token_basic_auth end end end diff --git a/lib/gitlab/auth/auth_finders.rb b/lib/gitlab/auth/auth_finders.rb index 319d1121ec8..f753db5076b 100644 --- a/lib/gitlab/auth/auth_finders.rb +++ b/lib/gitlab/auth/auth_finders.rb @@ -76,30 +76,11 @@ module Gitlab def find_user_from_job_token return unless route_authentication_setting[:job_token_allowed] - return find_user_from_basic_auth_job if route_authentication_setting[:job_token_allowed] == :basic_auth - token = current_request.params[JOB_TOKEN_PARAM].presence || - current_request.params[RUNNER_JOB_TOKEN_PARAM].presence || - current_request.env[JOB_TOKEN_HEADER].presence - return unless token + user = find_user_from_job_token_basic_auth if can_authenticate_job_token_basic_auth? + return user if user - job = find_valid_running_job_by_token!(token.to_s) - @current_authenticated_job = job # rubocop:disable Gitlab/ModuleWithInstanceVariables - - job.user - end - - def find_user_from_basic_auth_job - return unless has_basic_credentials?(current_request) - - login, password = user_name_and_password(current_request) - return unless login.present? && password.present? - return unless ::Gitlab::Auth::CI_JOB_USER == login - - job = find_valid_running_job_by_token!(password.to_s) - @current_authenticated_job = job # rubocop:disable Gitlab/ModuleWithInstanceVariables - - job.user + find_user_from_job_token_query_params_or_header if can_authenticate_job_token_request? end def find_user_from_basic_auth_password @@ -322,6 +303,41 @@ module Gitlab user end + def can_authenticate_job_token_basic_auth? + setting = route_authentication_setting[:job_token_allowed] + Array.wrap(setting).include?(:basic_auth) + end + + def can_authenticate_job_token_request? + setting = route_authentication_setting[:job_token_allowed] + setting == true || Array.wrap(setting).include?(:request) + end + + def find_user_from_job_token_query_params_or_header + token = current_request.params[JOB_TOKEN_PARAM].presence || + current_request.params[RUNNER_JOB_TOKEN_PARAM].presence || + current_request.env[JOB_TOKEN_HEADER].presence + return unless token + + job = find_valid_running_job_by_token!(token.to_s) + @current_authenticated_job = job # rubocop:disable Gitlab/ModuleWithInstanceVariables + + job.user + end + + def find_user_from_job_token_basic_auth + return unless has_basic_credentials?(current_request) + + login, password = user_name_and_password(current_request) + return unless login.present? && password.present? + return unless ::Gitlab::Auth::CI_JOB_USER == login + + job = find_valid_running_job_by_token!(password.to_s) + @current_authenticated_job = job # rubocop:disable Gitlab/ModuleWithInstanceVariables + + job.user + end + def parsed_oauth_token Doorkeeper::OAuth::Token.from_request(current_request, *Doorkeeper.configuration.access_token_methods) end diff --git a/lib/gitlab/auth/request_authenticator.rb b/lib/gitlab/auth/request_authenticator.rb index c33ae1ce901..da13d8e382f 100644 --- a/lib/gitlab/auth/request_authenticator.rb +++ b/lib/gitlab/auth/request_authenticator.rb @@ -38,7 +38,7 @@ module Gitlab find_user_from_web_access_token(request_format, scopes: [:api, :read_api]) || find_user_from_feed_token(request_format) || find_user_from_static_object_token(request_format) || - find_user_from_basic_auth_job || + find_user_from_job_token_basic_auth || find_user_from_job_token || find_user_from_personal_access_token_for_api_or_git || find_user_for_git_or_lfs_request diff --git a/lib/gitlab/ci/templates/Auto-DevOps.gitlab-ci.yml b/lib/gitlab/ci/templates/Auto-DevOps.gitlab-ci.yml index fa1d8bec7e6..2a07530c00d 100644 --- a/lib/gitlab/ci/templates/Auto-DevOps.gitlab-ci.yml +++ b/lib/gitlab/ci/templates/Auto-DevOps.gitlab-ci.yml @@ -65,10 +65,6 @@ variables: DOCKER_TLS_CERTDIR: "" # https://gitlab.com/gitlab-org/gitlab-runner/issues/4501 - # License-Scanning job is removed from GitLab 16.3 - # This is the fix for https://gitlab.com/gitlab-org/gitlab/-/issues/422791 - LICENSE_MANAGEMENT_DISABLED: "true" - stages: - build - test @@ -182,7 +178,6 @@ include: - template: Jobs/Container-Scanning.gitlab-ci.yml # https://gitlab.com/gitlab-org/gitlab/blob/master/lib/gitlab/ci/templates/Jobs/Container-Scanning.gitlab-ci.yml - template: Jobs/Dependency-Scanning.gitlab-ci.yml # https://gitlab.com/gitlab-org/gitlab/blob/master/lib/gitlab/ci/templates/Jobs/Dependency-Scanning.gitlab-ci.yml - template: Jobs/SAST.gitlab-ci.yml # https://gitlab.com/gitlab-org/gitlab/blob/master/lib/gitlab/ci/templates/Jobs/SAST.gitlab-ci.yml - - template: Jobs/License-Scanning.gitlab-ci.yml # https://gitlab.com/gitlab-org/gitlab/blob/master/lib/gitlab/ci/templates/Jobs/License-Scanning.gitlab-ci.yml - template: Jobs/Secret-Detection.gitlab-ci.yml # https://gitlab.com/gitlab-org/gitlab/blob/master/lib/gitlab/ci/templates/Jobs/Secret-Detection.gitlab-ci.yml # The latest build job generates a dotenv report artifact with a CI_APPLICATION_TAG diff --git a/lib/gitlab/ci/templates/Jobs/Container-Scanning.gitlab-ci.yml b/lib/gitlab/ci/templates/Jobs/Container-Scanning.gitlab-ci.yml index 5cee19a746c..fe8f3be11b4 100644 --- a/lib/gitlab/ci/templates/Jobs/Container-Scanning.gitlab-ci.yml +++ b/lib/gitlab/ci/templates/Jobs/Container-Scanning.gitlab-ci.yml @@ -22,7 +22,7 @@ # List of available variables: https://docs.gitlab.com/ee/user/application_security/container_scanning/#available-variables variables: - CS_ANALYZER_IMAGE: "$CI_TEMPLATE_REGISTRY_HOST/security-products/container-scanning:6" + CS_ANALYZER_IMAGE: "$CI_TEMPLATE_REGISTRY_HOST/security-products/container-scanning:7" CS_SCHEMA_MODEL: 15 container_scanning: diff --git a/lib/gitlab/ci/templates/Jobs/Container-Scanning.latest.gitlab-ci.yml b/lib/gitlab/ci/templates/Jobs/Container-Scanning.latest.gitlab-ci.yml index ade4be99f18..30c6a30f2fb 100644 --- a/lib/gitlab/ci/templates/Jobs/Container-Scanning.latest.gitlab-ci.yml +++ b/lib/gitlab/ci/templates/Jobs/Container-Scanning.latest.gitlab-ci.yml @@ -22,7 +22,7 @@ # List of available variables: https://docs.gitlab.com/ee/user/application_security/container_scanning/#available-variables variables: - CS_ANALYZER_IMAGE: "$CI_TEMPLATE_REGISTRY_HOST/security-products/container-scanning:6" + CS_ANALYZER_IMAGE: "$CI_TEMPLATE_REGISTRY_HOST/security-products/container-scanning:7" CS_SCHEMA_MODEL: 15 container_scanning: diff --git a/lib/gitlab/ci/templates/Jobs/License-Scanning.gitlab-ci.yml b/lib/gitlab/ci/templates/Jobs/License-Scanning.gitlab-ci.yml deleted file mode 100644 index 58846d31e2f..00000000000 --- a/lib/gitlab/ci/templates/Jobs/License-Scanning.gitlab-ci.yml +++ /dev/null @@ -1,38 +0,0 @@ -# To contribute improvements to CI/CD templates, please follow the Development guide at: -# https://docs.gitlab.com/ee/development/cicd/templates.html -# This specific template is located at: -# https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Jobs/License-Scanning.gitlab-ci.yml - -# Read more about this feature here: https://docs.gitlab.com/ee/user/compliance/license_compliance/index.html -# -# Configure license scanning with CI/CD variables (https://docs.gitlab.com/ee/ci/variables/index.html). -# List of available variables: https://docs.gitlab.com/ee/user/compliance/license_compliance/#available-variables - -variables: - # Setting this variable will affect all Security templates - # (SAST, Dependency Scanning, ...) - SECURE_ANALYZERS_PREFIX: "$CI_TEMPLATE_REGISTRY_HOST/security-products" - - LICENSE_MANAGEMENT_SETUP_CMD: '' # If needed, specify a command to setup your environment with a custom package manager. - LICENSE_MANAGEMENT_VERSION: 'removed' - -license_scanning: - stage: test - image: - name: "$SECURE_ANALYZERS_PREFIX/license-finder:$LICENSE_MANAGEMENT_VERSION" - entrypoint: [""] - variables: - LM_REPORT_VERSION: '2.1' - SETUP_CMD: $LICENSE_MANAGEMENT_SETUP_CMD - allow_failure: true - script: - - /run.sh analyze . - artifacts: - reports: - license_scanning: gl-license-scanning-report.json - dependencies: [] - rules: - - if: $LICENSE_MANAGEMENT_DISABLED == 'true' || $LICENSE_MANAGEMENT_DISABLED == '1' - when: never - - if: $CI_COMMIT_BRANCH && - $GITLAB_FEATURES =~ /\blicense_scanning\b/ diff --git a/lib/gitlab/ci/templates/Jobs/License-Scanning.latest.gitlab-ci.yml b/lib/gitlab/ci/templates/Jobs/License-Scanning.latest.gitlab-ci.yml deleted file mode 100644 index 8e1b0159cb0..00000000000 --- a/lib/gitlab/ci/templates/Jobs/License-Scanning.latest.gitlab-ci.yml +++ /dev/null @@ -1,48 +0,0 @@ -# To contribute improvements to CI/CD templates, please follow the Development guide at: -# https://docs.gitlab.com/ee/development/cicd/templates.html -# This specific template is located at: -# https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Jobs/License-Scanning.gitlab-ci.yml - -# Read more about this feature here: https://docs.gitlab.com/ee/user/compliance/license_compliance/index.html -# -# Configure license scanning with CI/CD variables (https://docs.gitlab.com/ee/ci/variables/index.html). -# List of available variables: https://docs.gitlab.com/ee/user/compliance/license_compliance/#available-variables - -variables: - # Setting this variable will affect all Security templates - # (SAST, Dependency Scanning, ...) - SECURE_ANALYZERS_PREFIX: "$CI_TEMPLATE_REGISTRY_HOST/security-products" - - LICENSE_MANAGEMENT_SETUP_CMD: '' # If needed, specify a command to setup your environment with a custom package manager. - LICENSE_MANAGEMENT_VERSION: 4 - -license_scanning: - stage: test - image: - name: "$SECURE_ANALYZERS_PREFIX/license-finder:$LICENSE_MANAGEMENT_VERSION" - entrypoint: [""] - variables: - LM_REPORT_VERSION: '2.1' - SETUP_CMD: $LICENSE_MANAGEMENT_SETUP_CMD - allow_failure: true - script: - - /run.sh analyze . - artifacts: - reports: - license_scanning: gl-license-scanning-report.json - dependencies: [] - rules: - - if: $LICENSE_MANAGEMENT_DISABLED == 'true' || $LICENSE_MANAGEMENT_DISABLED == '1' - when: never - - # Add the job to merge request pipelines if there's an open merge request. - - if: $CI_PIPELINE_SOURCE == "merge_request_event" && - $GITLAB_FEATURES =~ /\blicense_scanning\b/ - - # Don't add it to a *branch* pipeline if it's already in a merge request pipeline. - - if: $CI_OPEN_MERGE_REQUESTS - when: never - - # Add the job to branch pipelines. - - if: $CI_COMMIT_BRANCH && - $GITLAB_FEATURES =~ /\blicense_scanning\b/ diff --git a/lib/gitlab/ci/templates/Security/License-Scanning.gitlab-ci.yml b/lib/gitlab/ci/templates/Security/License-Scanning.gitlab-ci.yml deleted file mode 100644 index 0fe544b2c84..00000000000 --- a/lib/gitlab/ci/templates/Security/License-Scanning.gitlab-ci.yml +++ /dev/null @@ -1,5 +0,0 @@ -# This template moved to Jobs/License-Scanning.gitlab-ci.yml in GitLab 14.8 -# Issue: https://gitlab.com/gitlab-org/gitlab/-/issues/292977 - -include: - - template: Jobs/License-Scanning.gitlab-ci.yml diff --git a/lib/gitlab/graphql/type_name_deprecations.rb b/lib/gitlab/graphql/type_name_deprecations.rb index b06749df269..34f7e16e515 100644 --- a/lib/gitlab/graphql/type_name_deprecations.rb +++ b/lib/gitlab/graphql/type_name_deprecations.rb @@ -11,11 +11,7 @@ module Gitlab # old_name: 'RunnerMembershipFilter', new_name: 'CiRunnerMembershipFilter', milestone: '15.4' # ) # ].freeze - DEPRECATIONS = [ - Gitlab::Graphql::DeprecationsBase::NameDeprecation.new( - old_name: 'RunnerMembershipFilter', new_name: 'CiRunnerMembershipFilter', milestone: '15.4' - ) - ].freeze + DEPRECATIONS = [].freeze def self.map_graphql_name(name) name diff --git a/lib/tasks/gitlab/graphql.rake b/lib/tasks/gitlab/graphql.rake index 8a677ff4677..686abe0900b 100644 --- a/lib/tasks/gitlab/graphql.rake +++ b/lib/tasks/gitlab/graphql.rake @@ -20,13 +20,18 @@ namespace :gitlab do end end + task generous_gitlab_schema: :environment do + GitlabSchema.validate_timeout 1.second + puts "Validation timeout set to #{GitlabSchema.validate_timeout} second(s)" + end + # Defines tasks for dumping the GraphQL schema: # - gitlab:graphql:schema:dump # - gitlab:graphql:schema:idl # - gitlab:graphql:schema:json GraphQL::RakeTask.new( schema_name: 'GitlabSchema', - dependencies: [:environment, :enable_feature_flags], + dependencies: [:environment, :enable_feature_flags, :generous_gitlab_schema], directory: TEMP_SCHEMA_DIR, idl_outfile: "gitlab_schema.graphql", json_outfile: "gitlab_schema.json" @@ -70,13 +75,7 @@ namespace :gitlab do end desc 'GitLab | GraphQL | Validate queries' - task validate: [:environment, :enable_feature_flags] do |t, args| - class GenerousTimeoutSchema < GitlabSchema # rubocop:disable Gitlab/NamespacedClass - validate_timeout 1.second - end - - puts "Validating GraphQL queries. Validation timeout set to #{GenerousTimeoutSchema.validate_timeout} second(s)" - + task validate: [:environment, :enable_feature_flags, :generous_gitlab_schema] do |t, args| queries = if args.to_a.present? args.to_a.flat_map { |path| Gitlab::Graphql::Queries.find(path) } else @@ -84,7 +83,7 @@ namespace :gitlab do end failed = queries.flat_map do |defn| - summary, errs = defn.validate(GenerousTimeoutSchema) + summary, errs = defn.validate(GitlabSchema) case summary when :client_query diff --git a/lib/unnested_in_filters/rewriter.rb b/lib/unnested_in_filters/rewriter.rb index 2e334eb147b..386dd548127 100644 --- a/lib/unnested_in_filters/rewriter.rb +++ b/lib/unnested_in_filters/rewriter.rb @@ -69,6 +69,90 @@ module UnnestedInFilters end end + # A naive query planner implementation. + # Checks if a database-level index can be utilized by given filtering and ordering predicates. + # + # Partial index support: + # - Supports partial indices if the partial index predicate contains only one column. + # - Supports only the `=` operator in partial index predicate. + class IndexCoverage + PARTIAL_INDEX_REGEX = /(?\(*(?\b\w+)\s*=\s*(?\w+)\)*)(?!\s)/ + + def initialize(index, where_hash, order_attributes) + @index = index + @where_hash = where_hash + @order_attributes = order_attributes + end + + def covers? + filter_attributes_covered? && + can_be_used_for_sorting? && + does_not_contain_any_other_column? + end + + private + + attr_reader :index, :where_hash, :order_attributes + + def filter_attributes_covered? + partial? ? partial_index_coverage? : full_index_coverage? + end + + def can_be_used_for_sorting? + index.columns.last(order_attributes.length) == order_attributes + end + + def does_not_contain_any_other_column? + (index.columns - combined_attributes).empty? + end + + def partial? + index.where.present? + end + + def full_index_coverage? + (filter_attributes - Array(index.columns)).empty? + end + + def partial_index_coverage? + return false unless partial_column + + full_index_coverage_with_partial_column? && partial_filter_matches? + end + + def full_index_coverage_with_partial_column? + (filter_attributes - Array(index.columns) - Array(partial_column)).empty? + end + + def combined_attributes + filter_attributes + order_attributes + end + + def filter_attributes + @filter_attributes ||= where_hash.keys + end + + def partial_filter_matches? + partial_filter == partial_value + end + + def partial_filter + where_hash[partial_column].to_s + end + + def partial_column + index_filter['column_name'] + end + + def partial_value + index_filter['column_value'] + end + + def index_filter + @index_filter ||= index.where.match(PARTIAL_INDEX_REGEX)&.named_captures.to_h + end + end + def initialize(relation) @relation = relation end @@ -252,11 +336,7 @@ module UnnestedInFilters end def has_index_coverage? - indices.any? do |index| - (filter_attributes - Array(index.columns)).empty? && # all the filter attributes are indexed - index.columns.last(order_attributes.length) == order_attributes && # index can be used in sorting - (index.columns - combined_attributes).empty? # there is no other columns in the index - end + indices.any?(&:covers?) end def primary_key_present? @@ -285,7 +365,9 @@ module UnnestedInFilters end def indices - model.connection.schema_cache.indexes(model.table_name) + model.connection.schema_cache.indexes(model.table_name).map do |index| + IndexCoverage.new(index, where_clause.to_h, order_attributes) + end end def value_tables diff --git a/qa/qa/specs/features/browser_ui/7_configure/auto_devops/auto_devops_templates_spec.rb b/qa/qa/specs/features/browser_ui/7_configure/auto_devops/auto_devops_templates_spec.rb index 2e64987f605..88e1487df34 100644 --- a/qa/qa/specs/features/browser_ui/7_configure/auto_devops/auto_devops_templates_spec.rb +++ b/qa/qa/specs/features/browser_ui/7_configure/auto_devops/auto_devops_templates_spec.rb @@ -15,7 +15,6 @@ module QA # during the production run let(:optional_jobs) do %w[ - LICENSE_MANAGEMENT_DISABLED SAST_DISABLED DAST_DISABLED DEPENDENCY_SCANNING_DISABLED CONTAINER_SCANNING_DISABLED diff --git a/qa/qa/specs/features/browser_ui/7_configure/auto_devops/create_project_with_auto_devops_spec.rb b/qa/qa/specs/features/browser_ui/7_configure/auto_devops/create_project_with_auto_devops_spec.rb index b0eea1e5553..12e37f2742d 100644 --- a/qa/qa/specs/features/browser_ui/7_configure/auto_devops/create_project_with_auto_devops_spec.rb +++ b/qa/qa/specs/features/browser_ui/7_configure/auto_devops/create_project_with_auto_devops_spec.rb @@ -80,7 +80,7 @@ module QA def disable_optional_jobs(project) %w[ - TEST_DISABLED CODE_QUALITY_DISABLED LICENSE_MANAGEMENT_DISABLED + TEST_DISABLED CODE_QUALITY_DISABLED BROWSER_PERFORMANCE_DISABLED LOAD_PERFORMANCE_DISABLED SAST_DISABLED SECRET_DETECTION_DISABLED DEPENDENCY_SCANNING_DISABLED CONTAINER_SCANNING_DISABLED DAST_DISABLED REVIEW_DISABLED diff --git a/spec/frontend/environments/environment_details/components/kubernetes/kubernetes_status_bar_spec.js b/spec/frontend/environments/environment_details/components/kubernetes/kubernetes_status_bar_spec.js index 0bed741a21e..df6f5cfd725 100644 --- a/spec/frontend/environments/environment_details/components/kubernetes/kubernetes_status_bar_spec.js +++ b/spec/frontend/environments/environment_details/components/kubernetes/kubernetes_status_bar_spec.js @@ -28,7 +28,7 @@ const configuration = { }; const environmentName = 'environment_name'; const kustomizationResourcePath = - 'kustomize.toolkit.fluxcd.io/v1beta1/namespaces/my-namespace/kustomizations/app'; + 'kustomize.toolkit.fluxcd.io/v1/namespaces/my-namespace/kustomizations/app'; describe('~/environments/environment_details/components/kubernetes/kubernetes_status_bar.vue', () => { let wrapper; @@ -280,7 +280,7 @@ describe('~/environments/environment_details/components/kubernetes/kubernetes_st createWrapper({ apolloProvider: createApolloProviderWithErrors(), fluxResourcePath: - 'kustomize.toolkit.fluxcd.io/v1beta1/namespaces/my-namespace/kustomizations/app', + 'kustomize.toolkit.fluxcd.io/v1/namespaces/my-namespace/kustomizations/app', }); await waitForPromises(); }); diff --git a/spec/frontend/environments/environment_flux_resource_selector_spec.js b/spec/frontend/environments/environment_flux_resource_selector_spec.js index 8dab8fdd96a..a05deb52463 100644 --- a/spec/frontend/environments/environment_flux_resource_selector_spec.js +++ b/spec/frontend/environments/environment_flux_resource_selector_spec.js @@ -29,7 +29,7 @@ describe('~/environments/components/flux_resource_selector.vue', () => { let wrapper; const kustomizationItem = { - apiVersion: 'kustomize.toolkit.fluxcd.io/v1beta1', + apiVersion: 'kustomize.toolkit.fluxcd.io/v1', metadata: { name: 'kustomization', namespace }, }; const helmReleaseItem = { diff --git a/spec/frontend/environments/graphql/mock_data.js b/spec/frontend/environments/graphql/mock_data.js index 4754d1c15a8..9501887b10c 100644 --- a/spec/frontend/environments/graphql/mock_data.js +++ b/spec/frontend/environments/graphql/mock_data.js @@ -822,7 +822,7 @@ export const fluxKustomizationsMock = [ }, ]; -export const fluxResourcePathMock = 'path/to/flux/resource'; +export const fluxResourcePathMock = 'kustomize.toolkit.fluxcd.io/v1/path/to/flux/resource'; export const resolvedEnvironmentToDelete = { __typename: 'LocalEnvironment', diff --git a/spec/frontend/environments/graphql/resolvers/flux_spec.js b/spec/frontend/environments/graphql/resolvers/flux_spec.js index 526c98b55b3..ff808032205 100644 --- a/spec/frontend/environments/graphql/resolvers/flux_spec.js +++ b/spec/frontend/environments/graphql/resolvers/flux_spec.js @@ -28,7 +28,7 @@ describe('~/frontend/environments/graphql/resolvers', () => { describe('fluxKustomizationStatus', () => { const client = { writeQuery: jest.fn() }; const fluxResourcePath = - 'kustomize.toolkit.fluxcd.io/v1beta1/namespaces/my-namespace/kustomizations/app'; + 'kustomize.toolkit.fluxcd.io/v1/namespaces/my-namespace/kustomizations/app'; const endpoint = `${configuration.basePath}/apis/${fluxResourcePath}`; describe('when k8sWatchApi feature is disabled', () => { @@ -84,7 +84,7 @@ describe('~/frontend/environments/graphql/resolvers', () => { }); const resourceName = 'custom-resource'; const resourceNamespace = 'custom-namespace'; - const apiVersion = 'kustomize.toolkit.fluxcd.io/v1beta1'; + const apiVersion = 'kustomize.toolkit.fluxcd.io/v1'; beforeEach(() => { gon.features = { k8sWatchApi: true }; diff --git a/spec/frontend/issues/list/components/empty_state_without_any_issues_spec.js b/spec/frontend/issues/list/components/empty_state_without_any_issues_spec.js index 004e5fd9356..ab3e90e40ab 100644 --- a/spec/frontend/issues/list/components/empty_state_without_any_issues_spec.js +++ b/spec/frontend/issues/list/components/empty_state_without_any_issues_spec.js @@ -184,7 +184,7 @@ describe('EmptyStateWithoutAnyIssues component', () => { const experimentTracking = { 'data-track-experiment': 'issues_mrs_empty_state' }; const emptyStateBlockTracking = { - 'data-track-action': 'render_project_issues_empty_list_page', + 'data-track-action': 'render', 'data-track-label': 'project_issues_empty_list', }; diff --git a/spec/graphql/types/ci/runner_type_spec.rb b/spec/graphql/types/ci/runner_type_spec.rb index dc664f281b7..cbfea04e71d 100644 --- a/spec/graphql/types/ci/runner_type_spec.rb +++ b/spec/graphql/types/ci/runner_type_spec.rb @@ -10,9 +10,9 @@ RSpec.describe GitlabSchema.types['CiRunner'], feature_category: :runner do it 'contains attributes related to a runner' do expected_fields = %w[ id description created_by created_at contacted_at managers maximum_timeout access_level active paused status - version short_sha revision locked run_untagged ip_address runner_type tag_list - project_count job_count admin_url edit_admin_url register_admin_url user_permissions executor_name - architecture_name platform_name maintenance_note maintenance_note_html groups projects jobs token_expires_at + short_sha locked run_untagged runner_type tag_list + project_count job_count admin_url edit_admin_url register_admin_url user_permissions + maintenance_note maintenance_note_html groups projects jobs token_expires_at owner_project job_execution_status ephemeral_authentication_token ephemeral_register_url ] diff --git a/spec/lib/gitlab/auth/auth_finders_spec.rb b/spec/lib/gitlab/auth/auth_finders_spec.rb index 26e6cd36615..914d675452c 100644 --- a/spec/lib/gitlab/auth/auth_finders_spec.rb +++ b/spec/lib/gitlab/auth/auth_finders_spec.rb @@ -786,8 +786,8 @@ RSpec.describe Gitlab::Auth::AuthFinders, feature_category: :system_access do end end - describe '#find_user_from_basic_auth_job' do - subject { find_user_from_basic_auth_job } + describe '#find_user_from_job_token_basic_auth' do + subject { find_user_from_job_token_basic_auth } context 'when the request does not have AUTHORIZATION header' do it { is_expected.to be_nil } @@ -1037,6 +1037,60 @@ RSpec.describe Gitlab::Auth::AuthFinders, feature_category: :system_access do end end + context 'for route_authentication_setting[job_token_allowed]' do + using RSpec::Parameterized::TableSyntax + + where(:route_setting, :expect_user_via_request, :expect_user_via_basic_auth) do + true | true | false + :request | true | false + [:request] | true | false + :basic_auth | false | true + [:basic_auth] | false | true + [:request, :basic_auth] | true | true + + # unexpected values + :foo | false | false + [:foo] | false | false + [:foo, :bar] | false | false + end + + with_them do + let(:route_authentication_setting) { { job_token_allowed: route_setting } } + + context 'when the token is in the headers' do + before do + set_header(described_class::JOB_TOKEN_HEADER, token) + end + + it { is_expected.to eq(expect_user_via_request ? user : nil) } + end + + context 'when the token is in the job_token param' do + before do + set_param(described_class::JOB_TOKEN_PARAM, token) + end + + it { is_expected.to eq(expect_user_via_request ? user : nil) } + end + + context 'when the token is in the token param' do + before do + set_param(described_class::RUNNER_JOB_TOKEN_PARAM, token) + end + + it { is_expected.to eq(expect_user_via_request ? user : nil) } + end + + context 'when the token is in basic auth header' do + before do + set_basic_auth_header(::Gitlab::Auth::CI_JOB_USER, token) + end + + it { is_expected.to eq(expect_user_via_basic_auth ? user : nil) } + end + end + end + context 'when route setting allows job_token' do let(:route_authentication_setting) { { job_token_allowed: true } } diff --git a/spec/lib/unnested_in_filters/rewriter_spec.rb b/spec/lib/unnested_in_filters/rewriter_spec.rb index 945a50ce2e8..24ee4c16b52 100644 --- a/spec/lib/unnested_in_filters/rewriter_spec.rb +++ b/spec/lib/unnested_in_filters/rewriter_spec.rb @@ -62,6 +62,44 @@ RSpec.describe UnnestedInFilters::Rewriter do end end end + + context 'with partial indices' do + let(:relation) { Vulnerability.where(state: [:detected, :confirmed], resolved_on_default_branch: false) } + + before do + Vulnerability.reset_column_information + end + + context 'when there is a partial index coverage for the used columns' do + before do + ApplicationRecord.connection.execute(<<~SQL) + CREATE INDEX on vulnerabilities USING btree(state) WHERE (resolved_on_default_branch = false) + SQL + end + + it { is_expected.to be_truthy } + end + + context 'when there is no partial index coverage for the used columns' do + before do + ApplicationRecord.connection.execute(<<~SQL) + CREATE INDEX on vulnerabilities USING btree(state) WHERE (id = 100) + SQL + end + + it { is_expected.to be_falsey } + end + + context 'when the partial index definition has more columns' do + before do + ApplicationRecord.connection.execute(<<~SQL) + CREATE INDEX on vulnerabilities USING btree(state) WHERE (resolved_on_default_branch = false AND id = 100) + SQL + end + + it { is_expected.to be_falsey } + end + end end end diff --git a/spec/models/ci/runner_manager_spec.rb b/spec/models/ci/runner_manager_spec.rb index bc479036b00..eca02c01796 100644 --- a/spec/models/ci/runner_manager_spec.rb +++ b/spec/models/ci/runner_manager_spec.rb @@ -226,6 +226,16 @@ RSpec.describe Ci::RunnerManager, feature_category: :fleet_visibility, type: :mo it { is_expected.to eq([runner_manager2, runner_manager1]) } end + describe '.order_contacted_at_desc', :freeze_time do + subject(:scope) { described_class.order_contacted_at_desc } + + let_it_be(:runner_manager1) { create(:ci_runner_machine, contacted_at: 1.second.ago) } + let_it_be(:runner_manager2) { create(:ci_runner_machine, contacted_at: 3.seconds.ago) } + let_it_be(:runner_manager3) { create(:ci_runner_machine, contacted_at: 2.seconds.ago) } + + it { is_expected.to eq([runner_manager1, runner_manager3, runner_manager2]) } + end + describe '.with_upgrade_status' do subject(:scope) { described_class.with_upgrade_status(upgrade_status) } diff --git a/spec/models/repository_spec.rb b/spec/models/repository_spec.rb index dd9ecdf993c..485e400eb26 100644 --- a/spec/models/repository_spec.rb +++ b/spec/models/repository_spec.rb @@ -386,26 +386,6 @@ RSpec.describe Repository, feature_category: :source_code_management do end end - context 'when Gitaly raises a CommandError error' do - let(:error_message) { 'Boom' } - - before do - expect(Gitlab::Git::Commit).to receive(:where).and_raise(Gitlab::Git::CommandError, error_message) - end - - it 're-raises an error' do - expect { repository.commits('master', limit: 60) }.to raise_error(Gitlab::Git::CommandError, error_message) - end - - context 'when error contains "listing commits failed" message' do - let(:error_message) { 'listing commits failed' } - - it 'returns an empty collection' do - expect(repository.commits('master', limit: 60).to_a).to eq([]) - end - end - end - context 'when ref is passed' do it 'returns every commit from the specified ref' do expect(repository.commits('master', limit: 60).size).to eq(37) diff --git a/spec/requests/api/commits_spec.rb b/spec/requests/api/commits_spec.rb index 85a07d85174..db76b03090a 100644 --- a/spec/requests/api/commits_spec.rb +++ b/spec/requests/api/commits_spec.rb @@ -277,6 +277,29 @@ RSpec.describe API::Commits, feature_category: :source_code_management do end end + context 'with ref_name + path params' do + let(:params) { { ref_name: ref_name, path: 'files/ruby/popen.rb' } } + let(:ref_name) { 'master' } + + it 'returns project commits matching provided path parameter' do + get api("/projects/#{project_id}/repository/commits", user), params: params + + expect(json_response.size).to eq(3) + expect(json_response.first["id"]).to eq("570e7b2abdd848b95f2f578043fc23bd6f6fd24d") + expect(response).to include_limited_pagination_headers + end + + context 'when ref_name does not exist' do + let(:ref_name) { 'does-not-exist' } + + it 'returns an empty response' do + get api("/projects/#{project_id}/repository/commits", user), params: params + + expect(json_response).to eq([]) + end + end + end + context 'with pagination params' do let(:page) { 1 } let(:per_page) { 5 } diff --git a/spec/requests/api/generic_packages_spec.rb b/spec/requests/api/generic_packages_spec.rb index cf9912ba906..eadd0817fb6 100644 --- a/spec/requests/api/generic_packages_spec.rb +++ b/spec/requests/api/generic_packages_spec.rb @@ -29,6 +29,8 @@ RSpec.describe API::GenericPackages, feature_category: :package_registry do personal_access_token_header when :job_token job_token_header + when :job_basic_auth + job_basic_auth_header when :invalid_personal_access_token personal_access_token_header('wrong token') when :invalid_job_token @@ -61,6 +63,10 @@ RSpec.describe API::GenericPackages, feature_category: :package_registry do { Gitlab::Auth::AuthFinders::JOB_TOKEN_HEADER => value || ci_build.token } end + def job_basic_auth_header(value = nil) + basic_auth_header(Gitlab::Auth::CI_JOB_USER, value || ci_build.token) + end + def deploy_token_header(value) { Gitlab::Auth::AuthFinders::DEPLOY_TOKEN_HEADER => value } end @@ -564,12 +570,16 @@ RSpec.describe API::GenericPackages, feature_category: :package_registry do 'PRIVATE' | :guest | false | :invalid_user_basic_auth | :unauthorized 'PRIVATE' | :anonymous | false | :none | :unauthorized 'PUBLIC' | :developer | true | :job_token | :success + 'PUBLIC' | :developer | true | :job_basic_auth | :success 'PUBLIC' | :developer | true | :invalid_job_token | :unauthorized 'PUBLIC' | :developer | false | :job_token | :success + 'PUBLIC' | :developer | false | :job_basic_auth | :success 'PUBLIC' | :developer | false | :invalid_job_token | :unauthorized 'PRIVATE' | :developer | true | :job_token | :success + 'PRIVATE' | :developer | true | :job_basic_auth | :success 'PRIVATE' | :developer | true | :invalid_job_token | :unauthorized 'PRIVATE' | :developer | false | :job_token | :not_found + 'PRIVATE' | :developer | false | :job_basic_auth | :not_found 'PRIVATE' | :developer | false | :invalid_job_token | :unauthorized end diff --git a/spec/requests/api/graphql/ci/runner_spec.rb b/spec/requests/api/graphql/ci/runner_spec.rb index a2fb646769b..ec30c6fb71c 100644 --- a/spec/requests/api/graphql/ci/runner_spec.rb +++ b/spec/requests/api/graphql/ci/runner_spec.rb @@ -89,9 +89,7 @@ RSpec.describe 'Query.runner(id)', :freeze_time, feature_category: :fleet_visibi created_by: runner.creator ? a_graphql_entity_for(runner.creator) : nil, created_at: runner.created_at&.iso8601, contacted_at: runner.contacted_at&.iso8601, - version: runner.version, short_sha: runner.short_sha, - revision: runner.revision, locked: false, active: runner.active, paused: !runner.active, @@ -100,12 +98,8 @@ RSpec.describe 'Query.runner(id)', :freeze_time, feature_category: :fleet_visibi maximum_timeout: runner.maximum_timeout, access_level: runner.access_level.to_s.upcase, run_untagged: runner.run_untagged, - ip_address: runner.ip_address, runner_type: runner.instance_type? ? 'INSTANCE_TYPE' : 'PROJECT_TYPE', ephemeral_authentication_token: nil, - executor_name: runner.executor_type&.dasherize, - architecture_name: runner.architecture, - platform_name: runner.platform, maintenance_note: runner.maintenance_note, maintenance_note_html: runner.maintainer_note.present? ? a_string_including('Test maintenance note') : '', diff --git a/spec/views/devise/shared/_signup_box.html.haml_spec.rb b/spec/views/devise/shared/_signup_box.html.haml_spec.rb index e4ca48f1623..d620449672d 100644 --- a/spec/views/devise/shared/_signup_box.html.haml_spec.rb +++ b/spec/views/devise/shared/_signup_box.html.haml_spec.rb @@ -110,10 +110,22 @@ RSpec.describe 'devise/shared/_signup_box', feature_category: :system_access do expect(rendered).to include(s_('SignUp|Contribute to a public project on GitLab')) expect(rendered).to have_css('select[name="signup_intent"]') - expect(rendered).to have_css('option[value="new_team"]') - expect(rendered).to have_css('option[value="new_personal_account"]') - expect(rendered).to have_css('option[value="join_existing_team"]') - expect(rendered).to have_css('option[value="contribute_public_project"]') + + expect(rendered).to have_css( + 'option[value="select_signup_intent_dropdown_new_team_registration_step_one"]' + ) + + expect(rendered).to have_css( + 'option[value="select_signup_intent_dropdown_new_personal_account_registration_step_one"]' + ) + + expect(rendered).to have_css( + 'option[value="select_signup_intent_dropdown_join_existing_team_registration_step_one"]' + ) + + expect(rendered).to have_css( + 'option[value="select_signup_intent_dropdown_contribute_public_project_registration_step_one"]' + ) end end diff --git a/workhorse/go.mod b/workhorse/go.mod index 833670fdd90..93174b7b34e 100644 --- a/workhorse/go.mod +++ b/workhorse/go.mod @@ -1,6 +1,8 @@ module gitlab.com/gitlab-org/gitlab/workhorse -go 1.20 +go 1.21 + +toolchain go1.21.9 require ( github.com/Azure/azure-sdk-for-go/sdk/storage/azblob v1.3.1 diff --git a/workhorse/go.sum b/workhorse/go.sum index 7d31ec736c7..b2b44637324 100644 --- a/workhorse/go.sum +++ b/workhorse/go.sum @@ -67,6 +67,7 @@ github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.5.1/go.mod h1:h8hyGFDsU5HMiv github.com/Azure/azure-sdk-for-go/sdk/internal v1.5.2 h1:LqbJ/WzJUwBf8UiaSzgX7aMclParm9/5Vgp+TY51uBQ= github.com/Azure/azure-sdk-for-go/sdk/internal v1.5.2/go.mod h1:yInRyqWXAuaPrgI7p70+lDDgh3mlBohis29jGMISnmc= github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/storage/armstorage v1.5.0 h1:AifHbc4mg0x9zW52WOpKbsHaDKuRhlI7TVl47thgQ70= +github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/storage/armstorage v1.5.0/go.mod h1:T5RfihdXtBDxt1Ch2wobif3TvzTdumDy29kahv6AV9A= github.com/Azure/azure-sdk-for-go/sdk/storage/azblob v1.3.1 h1:fXPMAmuh0gDuRDey0atC8cXBuKIlqCzCkL8sm1n9Ov0= github.com/Azure/azure-sdk-for-go/sdk/storage/azblob v1.3.1/go.mod h1:SUZc9YRRHfx2+FAQKNDGrssXehqLpxmwRv2mC/5ntj4= github.com/Azure/go-autorest v14.2.0+incompatible h1:V5VMDjClD3GiElqLWO7mz2MxNAK/vTfRHdAubSIPRgs= @@ -85,36 +86,58 @@ github.com/DataDog/gostackparse v0.5.0/go.mod h1:lTfqcJKqS9KnXQGnyQMCugq3u1FP6UZ github.com/DataDog/sketches-go v1.0.0 h1:chm5KSXO7kO+ywGWJ0Zs6tdmWU8PBXSbywFVciL6BG4= github.com/DataDog/sketches-go v1.0.0/go.mod h1:O+XkJHWk9w4hDwY2ZUDU31ZC9sNYlYo8DiFsxjYeo1k= github.com/HdrHistogram/hdrhistogram-go v1.1.1 h1:cJXY5VLMHgejurPjZH6Fo9rIwRGLefBGdiaENZALqrg= +github.com/HdrHistogram/hdrhistogram-go v1.1.1/go.mod h1:yDgFjdqOqDEKOvasDdhWNXYg9BVp4O+o5f6V/ehm6Oo= github.com/Microsoft/go-winio v0.6.1 h1:9/kr64B9VUZrLm5YYwbGtUJnMgqWVOdUAXu6Migciow= github.com/Microsoft/go-winio v0.6.1/go.mod h1:LRdKpFKfdobln8UmuiYcKPot9D2v6svN5+sAH+4kjUM= github.com/StackExchange/wmi v0.0.0-20190523213315-cbe66965904d/go.mod h1:3eOhrUMpNV+6aFIbp5/iudMxNCF27Vw2OZgy4xEx0Fg= github.com/alecthomas/assert/v2 v2.6.0 h1:o3WJwILtexrEUk3cUVal3oiQY2tfgr/FHWiz/v2n4FU= +github.com/alecthomas/assert/v2 v2.6.0/go.mod h1:Bze95FyfUr7x34QZrjL+XP+0qgp/zg8yS+TtBj1WA3k= github.com/alecthomas/chroma/v2 v2.13.0 h1:VP72+99Fb2zEcYM0MeaWJmV+xQvz5v5cxRHd+ooU1lI= github.com/alecthomas/chroma/v2 v2.13.0/go.mod h1:BUGjjsD+ndS6eX37YgTchSEG+Jg9Jv1GiZs9sqPqztk= github.com/alecthomas/repr v0.4.0 h1:GhI2A8MACjfegCPVq9f1FLvIBS+DrQ2KQBFZP1iFzXc= +github.com/alecthomas/repr v0.4.0/go.mod h1:Fr0507jx4eOXV7AlPV6AVZLYrLIuIeSOWtW57eE/O/4= github.com/antihax/optional v1.0.0/go.mod h1:uupD/76wgC+ih3iEmQUL+0Ugr19nfwCT1kdvxnR2qWY= github.com/aws/aws-sdk-go v1.44.256/go.mod h1:aVsgQcEevwlmQ7qHE9I3h+dtQgpqhFB+i8Phjh7fkwI= github.com/aws/aws-sdk-go v1.51.14 h1:qedX6zZEO1a+5kra+D4ythOYR3TgaROC0hTPxhTFh8I= github.com/aws/aws-sdk-go v1.51.14/go.mod h1:LF8svs817+Nz+DmiMQKTO3ubZ/6IaTpq3TjupRn3Eqk= github.com/aws/aws-sdk-go-v2 v1.25.3 h1:xYiLpZTQs1mzvz5PaI6uR0Wh57ippuEthxS4iK5v0n0= +github.com/aws/aws-sdk-go-v2 v1.25.3/go.mod h1:35hUlJVYd+M++iLI3ALmVwMOyRYMmRqUXpTtRGW+K9I= github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.6.1 h1:gTK2uhtAPtFcdRRJilZPx8uJLL2J85xK11nKtWL0wfU= +github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.6.1/go.mod h1:sxpLb+nZk7tIfCWChfd+h4QwHNUR57d8hA1cleTkjJo= github.com/aws/aws-sdk-go-v2/config v1.27.7 h1:JSfb5nOQF01iOgxFI5OIKWwDiEXWTyTgg1Mm1mHi0A4= +github.com/aws/aws-sdk-go-v2/config v1.27.7/go.mod h1:PH0/cNpoMO+B04qET699o5W92Ca79fVtbUnvMIZro4I= github.com/aws/aws-sdk-go-v2/credentials v1.17.7 h1:WJd+ubWKoBeRh7A5iNMnxEOs982SyVKOJD+K8HIezu4= +github.com/aws/aws-sdk-go-v2/credentials v1.17.7/go.mod h1:UQi7LMR0Vhvs+44w5ec8Q+VS+cd10cjwgHwiVkE0YGU= github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.15.3 h1:p+y7FvkK2dxS+FEwRIDHDe//ZX+jDhP8HHE50ppj4iI= +github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.15.3/go.mod h1:/fYB+FZbDlwlAiynK9KDXlzZl3ANI9JkD0Uhz5FjNT4= github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.16.9 h1:vXY/Hq1XdxHBIYgBUmug/AbMyIe1AKulPYS2/VE1X70= +github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.16.9/go.mod h1:GyJJTZoHVuENM4TeJEl5Ffs4W9m19u+4wKJcDi/GZ4A= github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.3 h1:ifbIbHZyGl1alsAhPIYsHOg5MuApgqOvVeI8wIugXfs= +github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.3/go.mod h1:oQZXg3c6SNeY6OZrDY+xHcF4VGIEoNotX2B4PrDeoJI= github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.3 h1:Qvodo9gHG9F3E8SfYOspPeBt0bjSbsevK8WhRAUHcoY= +github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.3/go.mod h1:vCKrdLXtybdf/uQd/YfVR2r5pcbNuEYKzMQpcxmeSJw= github.com/aws/aws-sdk-go-v2/internal/ini v1.8.0 h1:hT8rVHwugYE2lEfdFE0QWVo81lF7jMrYJVDWI+f+VxU= +github.com/aws/aws-sdk-go-v2/internal/ini v1.8.0/go.mod h1:8tu/lYfQfFe6IGnaOdrpVgEL2IrrDOf6/m9RQum4NkY= github.com/aws/aws-sdk-go-v2/internal/v4a v1.3.3 h1:mDnFOE2sVkyphMWtTH+stv0eW3k0OTx94K63xpxHty4= +github.com/aws/aws-sdk-go-v2/internal/v4a v1.3.3/go.mod h1:V8MuRVcCRt5h1S+Fwu8KbC7l/gBGo3yBAyUbJM2IJOk= github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.11.1 h1:EyBZibRTVAs6ECHZOw5/wlylS9OcTzwyjeQMudmREjE= +github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.11.1/go.mod h1:JKpmtYhhPs7D97NL/ltqz7yCkERFW5dOlHyVl66ZYF8= github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.3.5 h1:mbWNpfRUTT6bnacmvOTKXZjR/HycibdWzNpfbrbLDIs= +github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.3.5/go.mod h1:FCOPWGjsshkkICJIn9hq9xr6dLKtyaWpuUojiN3W1/8= github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.11.5 h1:K/NXvIftOlX+oGgWGIa3jDyYLDNsdVhsjHmsBH2GLAQ= +github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.11.5/go.mod h1:cl9HGLV66EnCmMNzq4sYOti+/xo8w34CsgzVtm2GgsY= github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.17.3 h1:4t+QEX7BsXz98W8W1lNvMAG+NX8qHz2CjLBxQKku40g= +github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.17.3/go.mod h1:oFcjjUq5Hm09N9rpxTdeMeLeQcxS7mIkBkL8qUKng+A= github.com/aws/aws-sdk-go-v2/service/s3 v1.51.4 h1:lW5xUzOPGAMY7HPuNF4FdyBwRc3UJ/e8KsapbesVeNU= +github.com/aws/aws-sdk-go-v2/service/s3 v1.51.4/go.mod h1:MGTaf3x/+z7ZGugCGvepnx2DS6+caCYYqKhzVoLNYPk= github.com/aws/aws-sdk-go-v2/service/sso v1.20.2 h1:XOPfar83RIRPEzfihnp+U6udOveKZJvPQ76SKWrLRHc= +github.com/aws/aws-sdk-go-v2/service/sso v1.20.2/go.mod h1:Vv9Xyk1KMHXrR3vNQe8W5LMFdTjSeWk0gBZBzvf3Qa0= github.com/aws/aws-sdk-go-v2/service/ssooidc v1.23.2 h1:pi0Skl6mNl2w8qWZXcdOyg197Zsf4G97U7Sso9JXGZE= +github.com/aws/aws-sdk-go-v2/service/ssooidc v1.23.2/go.mod h1:JYzLoEVeLXk+L4tn1+rrkfhkxl6mLDEVaDSvGq9og90= github.com/aws/aws-sdk-go-v2/service/sts v1.28.4 h1:Ppup1nVNAOWbBOrcoOxaxPeEnSFB2RnnQdguhXpmeQk= +github.com/aws/aws-sdk-go-v2/service/sts v1.28.4/go.mod h1:+K1rNPVyGxkRuv9NNiaZ4YhBFuyw2MMA9SlIJ1Zlpz8= github.com/aws/smithy-go v1.20.1 h1:4SZlSlMr36UEqC7XOyRVb27XMeZubNcBNN+9IgEPIQw= +github.com/aws/smithy-go v1.20.1/go.mod h1:krry+ya/rV9RDcV/Q16kpu6ypI4K2czasz0NC3qS14E= github.com/beevik/ntp v1.3.0 h1:/w5VhpW5BGKS37vFm1p9oVk/t4HnnkKZAZIubHM6F7Q= github.com/beevik/ntp v1.3.0/go.mod h1:vD6h1um4kzXpqmLTuu0cCLcC+NfvC0IC+ltmEDA8E78= github.com/benbjohnson/clock v1.1.0/go.mod h1:J11/hYXuz8f4ySSvYwY0FKfm+ezbsZBKZxNJlLklBHA= @@ -122,7 +145,9 @@ github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM= github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw= github.com/bradfitz/gomemcache v0.0.0-20170208213004-1952afaa557d/go.mod h1:PmM6Mmwb0LSuEubjR8N7PtNe1KxZLtOUHtbeikc5h60= github.com/bsm/ginkgo/v2 v2.12.0 h1:Ny8MWAHyOepLGlLKYmXG4IEkioBysk6GpaRTLC8zwWs= +github.com/bsm/ginkgo/v2 v2.12.0/go.mod h1:SwYbGRRDovPVboqFv0tPTcG1sN61LM1Z4ARdbAV9g4c= github.com/bsm/gomega v1.27.10 h1:yeMWxP2pV2fG3FgAODIY8EiRE3dy0aeFYt4l7wh6yKA= +github.com/bsm/gomega v1.27.10/go.mod h1:JyEr/xRbxbtgWNi8tIEVPUYZ5Dzef52k01W3YH0H+O0= github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= github.com/census-instrumentation/opencensus-proto v0.4.1 h1:iKLQ0xPNFxR/2hzXZMrBo8f1j86j5WHzznCCQxV/b8g= github.com/census-instrumentation/opencensus-proto v0.4.1/go.mod h1:4T9NM4+4Vw91VeyqjLS6ao50K5bOcLKN6Q42XnYaRYw= @@ -137,6 +162,7 @@ github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDk github.com/client9/reopen v1.0.0 h1:8tpLVR74DLpLObrn2KvsyxJY++2iORGR17WLUdSzUws= github.com/client9/reopen v1.0.0/go.mod h1:caXVCEr+lUtoN1FlsRiOWdfQtdRHIYfcb0ai8qKWtkQ= github.com/cloudflare/tableflip v1.2.3 h1:8I+B99QnnEWPHOY3fWipwVKxS70LGgUsslG7CSfmHMw= +github.com/cloudflare/tableflip v1.2.3/go.mod h1:P4gRehmV6Z2bY5ao5ml9Pd8u6kuEnlB37pUFMmv7j2E= github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc= github.com/cncf/udpa/go v0.0.0-20200629203442-efcf912fb354/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk= github.com/cncf/udpa/go v0.0.0-20201120205902-5459f2c99403/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk= @@ -152,6 +178,7 @@ github.com/disintegration/imaging v1.6.2/go.mod h1:44/5580QXChDfwIclfc/PCwrr44am github.com/dlclark/regexp2 v1.11.0 h1:G/nrcoOa7ZXlpoa/91N3X7mM3r8eIlMBBJZvsz/mxKI= github.com/dlclark/regexp2 v1.11.0/go.mod h1:DHkYz0B9wPfa6wondMfaivmHpzrQ3v9q8cnmRbL6yW8= github.com/dnaeon/go-vcr v1.2.0 h1:zHCHvJYTMh1N7xnV7zf1m1GPBF9Ad0Jk/whtQ1663qI= +github.com/dnaeon/go-vcr v1.2.0/go.mod h1:R4UdLID7HZT3taECzJs4YgbbH6PIGXB6W/sc5OLb6RQ= github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98= @@ -243,8 +270,11 @@ github.com/google/go-cmp v0.5.4/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/ github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.6/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI= +github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/google/go-replayers/grpcreplay v1.1.0 h1:S5+I3zYyZ+GQz68OfbURDdt/+cSMqCK1wrvNx7WBzTE= +github.com/google/go-replayers/grpcreplay v1.1.0/go.mod h1:qzAvJ8/wi57zq7gWqaE6AwLM6miiXUQwP1S+I9icmhk= github.com/google/go-replayers/httpreplay v1.2.0 h1:VM1wEyyjaoU53BwrOnaf9VhAyQQEEioJvFYxYcLRKzk= +github.com/google/go-replayers/httpreplay v1.2.0/go.mod h1:WahEFFZZ7a1P4VM1qEeHy+tME4bwyqPcwWbNlUI1Mcg= github.com/google/gofuzz v1.2.0 h1:xRy4A+RhZaiKjJ1bPfwQ8sedCA+YS2YcCHW6ec7JMi0= github.com/google/gofuzz v1.2.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= github.com/google/martian v2.1.0+incompatible h1:/CP5g8u/VJHijgedC/Legn3BAbAaWPgecwXBIDzw5no= @@ -253,6 +283,7 @@ github.com/google/martian/v3 v3.0.0/go.mod h1:y5Zk1BBys9G+gd6Jrk0W3cC1+ELVxBWuIG github.com/google/martian/v3 v3.1.0/go.mod h1:y5Zk1BBys9G+gd6Jrk0W3cC1+ELVxBWuIGO+w/tUAp0= github.com/google/martian/v3 v3.2.1/go.mod h1:oBOf6HBosgwRXnUGWUB05QECsc6uvmMiJ3+6W4l/CUk= github.com/google/martian/v3 v3.3.2 h1:IqNFLAmvJOgVlpdEBiQbDc2EwKW77amAycfTuWKdfvw= +github.com/google/martian/v3 v3.3.2/go.mod h1:oBOf6HBosgwRXnUGWUB05QECsc6uvmMiJ3+6W4l/CUk= github.com/google/pprof v0.0.0-20181206194817-3ea8567a2e57/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc= github.com/google/pprof v0.0.0-20190515194954-54271f7e092f/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc= github.com/google/pprof v0.0.0-20191218002539-d4f498aebedc/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= @@ -305,6 +336,7 @@ github.com/hashicorp/hcl v0.0.0-20170914154624-68e816d1c783/go.mod h1:oZtUIOe8dh github.com/hashicorp/yamux v0.1.2-0.20220728231024-8f49b6f63f18 h1:IVujPV6DRIu1fYF4zUHrfhkngJzmYjelXa+iSUiFZSI= github.com/hashicorp/yamux v0.1.2-0.20220728231024-8f49b6f63f18/go.mod h1:CtWFDAQgb7dxtzFs4tWbplKIe2jSi3+5vKbgIO0SLnQ= github.com/hexops/gotextdiff v1.0.3 h1:gitA9+qJrrTCsiCl7+kh75nPqQt1cx4ZkudSTLoUqJM= +github.com/hexops/gotextdiff v1.0.3/go.mod h1:pSWU5MAI3yDq+fZBTazCSJysOMbxWL1BSow5/V2vxeg= github.com/hpcloud/tail v1.0.0 h1:nfCOvKYfkgYP8hkirhJocXT2+zOD8yUNjXaWfTlyFKI= github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU= github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= @@ -328,6 +360,7 @@ github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxv github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= github.com/kr/pretty v0.2.0/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= +github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk= github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE= github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= @@ -343,6 +376,7 @@ github.com/magiconair/properties v1.7.4-0.20170902060319-8d7837e64d3c/go.mod h1: github.com/mattn/go-colorable v0.0.10-0.20170816031813-ad5389df28cd/go.mod h1:9vuHe8Xs5qXnSaW/c/ABM9alt+Vo+STaOChaDxuIBZU= github.com/mattn/go-isatty v0.0.2/go.mod h1:M+lRXTBqGeGNdLjl/ufCoiOlB5xdOkqRJdNxMWT7Zi4= github.com/miekg/dns v1.1.58 h1:ca2Hdkz+cDg/7eNF6V56jjzuZ4aCAE+DbVkILdQWG/4= +github.com/miekg/dns v1.1.58/go.mod h1:Ypv+3b/KadlvW9vJfXOTf300O4UqaHFzFCuHz+rPkBY= github.com/mitchellh/copystructure v1.2.0 h1:vpKXTN4ewci03Vljg/q9QvCGUDttBOGBIa15WveJJGw= github.com/mitchellh/copystructure v1.2.0/go.mod h1:qLl+cE2AmVv+CoeAwDPye/v+N2HKCj9FbZEVFJRxO9s= github.com/mitchellh/mapstructure v0.0.0-20170523030023-d0303fe80992/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y= @@ -353,8 +387,10 @@ github.com/oklog/ulid/v2 v2.0.2/go.mod h1:mtBL0Qe/0HAx6/a4Z30qxVIAL1eQDweXq5lxOE github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= github.com/onsi/ginkgo v1.7.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= github.com/onsi/ginkgo v1.10.3 h1:OoxbjfXVZyod1fmWYhI7SEyaD8B00ynP3T+D5GiyHOY= +github.com/onsi/ginkgo v1.10.3/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= github.com/onsi/gomega v1.4.3/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY= github.com/onsi/gomega v1.7.1 h1:K0jcRCwNQM3vFGh1ppMtDh/+7ApJrjldlX8fA0jDTLQ= +github.com/onsi/gomega v1.7.1/go.mod h1:XdKZgCCFLUoM/7CFJVPcG8C1xQ1AJ0vpAezJrB7JYyY= github.com/opentracing/opentracing-go v1.0.2/go.mod h1:UkNAQd3GIcIGf0SeVgPpRdFStlNbqXla1AfSYxPUl2o= github.com/opentracing/opentracing-go v1.1.0/go.mod h1:UkNAQd3GIcIGf0SeVgPpRdFStlNbqXla1AfSYxPUl2o= github.com/opentracing/opentracing-go v1.2.0 h1:uEJPy/1a5RIPAJ0Ov+OIO8OxWu77jEv+1B0VhjKrZUs= @@ -389,6 +425,7 @@ github.com/redis/go-redis/v9 v9.5.1/go.mod h1:hdY0cQFCN4fnSYT6TkisLufl/4W5UIXyv0 github.com/rogpeppe/fastuuid v1.2.0/go.mod h1:jVj6XXZzXRy/MSR5jhDC/2q6DgLz+nrA6LYCDYWNEvQ= github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= github.com/rogpeppe/go-internal v1.10.0 h1:TMyTOH3F/DB16zRVcYyreMH6GnZZrwQVAoYjRBZyWFQ= +github.com/rogpeppe/go-internal v1.10.0/go.mod h1:UQnix2H7Ngw/k4C5ijL5+65zddjncjaFoBhdsK/akog= github.com/ryszard/goskiplist v0.0.0-20150312221310-2dfbae5fcf46 h1:GHRpF1pTW19a8tTFrMLUcfWwyC0pnifVo2ClaLq+hP8= github.com/ryszard/goskiplist v0.0.0-20150312221310-2dfbae5fcf46/go.mod h1:uAQ5PCi+MFsC7HjREoAz1BU+Mq60+05gifQSsHSDG/8= github.com/sebest/xff v0.0.0-20210106013422-671bd2870b3a h1:iLcLb5Fwwz7g/DLK89F+uQBDeAhHhwdzB5fSlVdhGcM= @@ -416,6 +453,7 @@ github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+ github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= github.com/stretchr/objx v0.5.2 h1:xuMeJ0Sdp5ZMRXx/aWO6RZxdr3beISkG5/G/aIRr3pY= +github.com/stretchr/objx v0.5.2/go.mod h1:FRsXN1f5AsAjCGJKqEizvkpNtU+EGNCLh3NxZ/8L+MA= github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= @@ -471,6 +509,7 @@ go.opentelemetry.io/otel v1.24.0/go.mod h1:W7b9Ozg4nkF5tWI5zsXkaKKDjdVjpD4oAt9Qi go.opentelemetry.io/otel/metric v1.24.0 h1:6EhoGWWK28x1fbpA4tYTOWBkPefTDQnb8WSGXlc88kI= go.opentelemetry.io/otel/metric v1.24.0/go.mod h1:VYhLe1rFfxuTXLgj4CBiyz+9WYBA8pNGJgDcSFRKBco= go.opentelemetry.io/otel/sdk v1.22.0 h1:6coWHw9xw7EfClIC/+O31R8IY3/+EiRFHevmHafB2Gw= +go.opentelemetry.io/otel/sdk v1.22.0/go.mod h1:iu7luyVGYovrRpe2fmj3CVKouQNdTOkxtLzPvPz1DOc= go.opentelemetry.io/otel/trace v1.24.0 h1:CsKnnL4dUAr/0llH9FKuc698G04IrpWV0MQA/Y1YELI= go.opentelemetry.io/otel/trace v1.24.0/go.mod h1:HPc3Xr/cOApsBI154IU0OI0HJexz+aw5uPdbs3UCjNU= go.opentelemetry.io/proto/otlp v0.7.0/go.mod h1:PqfVotwruBrMGOCsRd/89rSnXhoiJIqeYNgFYFoEGnI= @@ -479,6 +518,7 @@ go.uber.org/atomic v1.11.0 h1:ZvwS0R+56ePWxUNi+Atn9dWONBPp/AUETXlHW0DxSjE= go.uber.org/atomic v1.11.0/go.mod h1:LUxbIzbOniOlMKjJjyPfpl4v+PKK2cNJn91OQbhoJI0= go.uber.org/goleak v1.1.10/go.mod h1:8a7PlsEVH3e/a/GLqe5IIrQx6GzcnRmZEufDUTk4A7A= go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto= +go.uber.org/goleak v1.3.0/go.mod h1:CoHD4mav9JJNrW/WLlf7HGZPjdw8EucARQHekz1X6bE= go.uber.org/multierr v1.6.0/go.mod h1:cdWPpRnG4AhwMwsgIHip0KRBQjJy5kYEpYjJxpXp9iU= go.uber.org/zap v1.18.1/go.mod h1:xg/QME4nWcxGxrpdeYfq7UvYrLh66cuVKdrbD1XF/NI= gocloud.dev v0.37.0 h1:XF1rN6R0qZI/9DYjN16Uy0durAmSlf58DHOcb28GPro= @@ -505,6 +545,7 @@ golang.org/x/exp v0.0.0-20200119233911-0405dc783f0a/go.mod h1:2RIsYlXP63K8oxa1u0 golang.org/x/exp v0.0.0-20200207192155-f17229e696bd/go.mod h1:J/WKrq2StrnmMY6+EHIKF9dgMWnmCNThgcyBT1FY9mM= golang.org/x/exp v0.0.0-20200224162631-6cc2880d07d6/go.mod h1:3jZMyOhIsHpP37uCMkUooju7aAi5cS1Q23tOzKc+0MU= golang.org/x/exp v0.0.0-20240119083558-1b970713d09a h1:Q8/wZp0KX97QFTc2ywcOE0YRjZPVIx+MXInMzdvQqcA= +golang.org/x/exp v0.0.0-20240119083558-1b970713d09a/go.mod h1:idGWGoKP1toJGkd5/ig9ZLuPcZBC3ewk7SzmH0uou08= golang.org/x/exp/typeparams v0.0.0-20221208152030-732eee02a75a h1:Jw5wfR+h9mnIYH+OtGT2im5wV1YGGDora5vTv/aa5bE= golang.org/x/exp/typeparams v0.0.0-20221208152030-732eee02a75a/go.mod h1:AbB0pIl9nAr9wVwH+Z2ZpaocVmF5I4GyWCDIsVjR0bk= golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js= @@ -935,6 +976,7 @@ gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8 gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= +gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI= gopkg.in/fsnotify.v1 v1.4.7 h1:xOHLXZwVvI9hhs+cLKq5+I5onOuwQLhQwiu63xxlHs4= gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys= @@ -946,6 +988,7 @@ gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.3/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= +gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=