Rename `MergeRequest#pipeline` to `head_pipeline`
## What does this MR do?
This MR renames `MergeRequest#pipeline` to `MergeRequest#head_pipeline`
## Does this MR meet the acceptance criteria?
- [x] All builds are passing
## What are the relevant issue numbers?
Closes#24810
See merge request !7783
CE-specific changes for gitlab-org/gitlab-ee#1137
## What does this MR do?
- gitlab-org/gitlab-ee#1137 is a `technical debt` issue to clean up the EE protected branch access levels (for users and groups) implementation.
- Some of this cleanup bleeds over to code shared by CE and EE, which is why this MR is required.
- An EE-specific MR has also been created: gitlab-org/gitlab-ee!927
See merge request !7821
Add diff hunks to notification emails
Add diff hunks to notification emails. Continued from https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/5855 - thanks @hoopes!
This also fixes an issue where the + / - prefixes were missing from diffs in emails.
Screenshots (from my browser) of the HTML emails, along with text screenshots 😛
```
New comment for Merge Request !1 on app/views/admin/builds/index.html.haml:
http://localhost:3000/gitlab-org/gitlab-ce/merge_requests/1#note_1023
> Finished
This is a comment at the top of a match section.
```
```
New comment for Merge Request !1 on app/views/admin/builds/index.html.haml:
http://localhost:3000/gitlab-org/gitlab-ce/merge_requests/1#note_1022
> Finished
> %span.badge.js-running-count= @all_builds.finished.count(:id)
>
> - %li{class: ('active' if @scope == 'all')}
> - = link_to admin_builds_path(scope: :all) do
> - All
> - %span.badge.js-totalbuilds-count= @all_builds.count(:id)
> -
> .gray-content-block
> #{(@scope || 'running').capitalize} builds
>
This is a comment at the bottom of a match section.
```
```
New comment for Merge Request !1 on app/views/admin/builds/index.html.haml:
http://localhost:3000/gitlab-org/gitlab-ce/merge_requests/1#note_1024
> = link_to 'Cancel all', cancel_all_admin_builds_path, data: { confirm: 'Are you sure?' }, class: 'btn btn-danger', method: :post
>
> %ul.center-top-menu
> - %li{class: ('active' if @scope.nil?)}
> + %li{class: ('active' if @scope == 'all')}
> = link_to admin_builds_path do
> + All
This is a comment with some deleted and added lines above it.
```
Closes#21027, closes#24340.
See merge request !7660
Replace issue access checks with use of IssuableFinder
Split from !2024 to partially solve https://gitlab.com/gitlab-org/gitlab-ce/issues/23867
## Which fixes are in this MR?
⚠️ - Potentially untested
💣 - No test coverage
🚥 - Test coverage of some sort exists (a test failed when error raised)
🚦 - Test coverage of return value (a test failed when nil used)
✅ - Permissions check tested
### Issue lookup with access check
Using `visible_to_user` likely makes these security issues too. See [Code smells](#code-smells).
- [x] 🚦 app/finders/notes_finder.rb:15 [`visible_to_user`]
- [x] 🚥 app/views/layouts/nav/_project.html.haml:73 [`visible_to_user`] [`.count`]
- [x] ✅ app/services/merge_requests/build_service.rb:84 [`issue.try(:confidential?)`]
- [x] ✅ lib/api/issues.rb:112 [`visible_to_user`]
- CHANGELOG: Prevented API returning issues set to 'Only team members' to everyone
- [x] ✅ lib/api/helpers.rb:126 [`can?(current_user, :read_issue, issue)`] Maybe here too?
- [x] ✅ lib/gitlab/search_results.rb:53 [`visible_to_user`]
### Previous discussions
- [ ] https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/2024/diffs#b2ff264eddf9819d7693c14ae213d941494fe2b3_128_126
- [ ] https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/2024/diffs#7b6375270d22f880bdcb085e47b519b426a5c6c7_87_87
See merge request !2031
Fix missing access checks on issue lookup using IssuableFinder
Split from !2024 to partially solve https://gitlab.com/gitlab-org/gitlab-ce/issues/23867⚠️ - Potentially untested
💣 - No test coverage
🚥 - Test coverage of some sort exists (a test failed when error raised)
🚦 - Test coverage of return value (a test failed when nil used)
✅ - Permissions check tested
- [x] ✅ app/controllers/projects/branches_controller.rb:39
- `before_action :authorize_push_code!` helpes limit/prevent exploitation. Always checks for reporter access so fine with
confidential issues, issues only visible to team, etc.
- [x] 🚥 app/models/cycle_analytics/summary.rb:9 [`.count`]
- [x] ✅ app/controllers/projects/todos_controller.rb:19
- [x] Potential double render in app/controllers/projects/todos_controller.rb
- https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/2024/diffs#cedccb227af9bfdf88802767cb58d43c2b977439_24_24
See merge request !2030
We only know the tag SHA after we create the tag.
This means that we pass a different value to the hooks that happen before
creating the tag, and a different value to the hooks that happen after
creating the tag.
This is not an ideal situation, but it is a trade-off we decided to
make. For discussion of the alternatives please refer to
https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/7700#note_18982873
"pre-receive" and "update" hooks always get the SHA of the commit
that the tag points to. "post-receive" gets the tag SHA if it is
an annotated tag or the commit SHA if it is an lightweight tag.
Currently we always create annotated tags if UI is used.
Refresh project authorizations using a Redis lease
This MR changes `User#refresh_authorized_projects` so it uses a Redis lease instead of relying on serializable transactions. See the commit message(s) for more details.
See merge request !7733
* Added keyword arguments to truncated_diff_lines method to allow for using highlighting or not (html templates vs. text)
* Tweaked templates for consistency and format appropriateness
Previously the `truncated_diff_lines` method for outputting a discussion diff took in already highlighted lines, which meant it wasn't reuseable for truncating ANY lines. In the way it was used, it also meant that for any email truncation, the whole diff was being highlighted before being truncated, meaning wasted time highlighting lines that wouldn't even be used (granted, they were being memoized, so perhaps this wasn't that great of an issue). I refactored truncation away from highlighting, in order to truncate formatted diffs for text templates in email, using `>`s to designate each line, but otherwise retaining the parsing already done to create `diff_lines`.
Additionally, while notes on merge requests or commits had already been tested, there was no existing test for notes on a diff on an MR or commit. Added mailer tests for such, and a unit test for truncating diff lines.
When I proposed using serializable transactions I was hoping we would be
able to refresh data of individual users concurrently. Unfortunately
upon closer inspection it was revealed this was not the case. This could
result in a lot of queries failing due to serialization errors,
overloading the database in the process (given enough workers trying to
update the target table).
To work around this we're now using a Redis lease that is cancelled upon
completion. This ensures we can update the data of different users
concurrently without overloading the database.
The code will try to obtain the lease until it succeeds, waiting at
least 1 second between retries. This is necessary as we may otherwise
end up _not_ updating the data which is not an option.
Improve how we could cancel pipelines:
Improve how we could cancel pipelines:
* Introduce `HasStatus.cancelable` which we might be able to cancel
* Cancel and check upon `cancelable`
* Also cancel on `CommitStatus` rather than just `Ci::Build`
Fixes#23635Fixes#17845
See merge request !7508
Flushing the events cache worked by updating a recent number of rows in
the "events" table. This has the result that on PostgreSQL a lot of dead
tuples are produced on a regular basis. This in turn means that
PostgreSQL will spend considerable amounts of time vacuuming this table.
This in turn can lead to an increase of database load.
For GitLab.com we measured the impact of not using events caching and
found no measurable increase in response timings. Meanwhile not flushing
the events cache lead to the "events" table having no more dead tuples
as now rows are only inserted into this table.
As a result of this we are hereby removing events caching as it does not
appear to help and only increases database load.
For more information see the following comment:
https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/6578#note_18864037
* upstream/master: (133 commits)
Restructure steps for MM slash commands service
Add Changelog entry for CI linter validation fix
Fix entry lookup in CI config inheritance rules
Extend specs for global ci configuration entry
Remove unnecessary require_relative calls from service classes
Use single quote for strings
Ue svg from SVGs object
Dont trigger CI builds [ci skip]
Revert "Test only migrations"
Add custom copy for each empty stage
Refactor Mattermost slash commands docs
Fetch only one revision
Highlight nav item on hover
Test only migrations
Fix migration paths tests
Scroll CA stage panel on mobile
Fix CSS declaration
administer to administrator
Move SVGs to JS objects for easy reuse
Improve deploy command message
...
Kamil Trzciński
Douwe Maan
Grzegorz Bizon
Timothy Andrew
Sean McGivern
Sean McGivern
Adam Niedzielski
hhoopes
Yorick Peterse
Robert Speicher
Douwe Maan
Chris Wilson
Dmitriy Zaporozhets
Lin Jen-Shin
Valery Sizov
Ahmad Sherif
Achilleas Pipinellis
Fatih Acet
Rémy Coutable
Tomasz Maczukin