* upstream/master: (3852 commits)
Grapify token API
Fix cache for commit status in commits list to respect branches
Grapify milestones API
Grapify runners API
Improve EeCompatCheck, cache EE repo and keep artifacts for the ee_compat_check task
Use 'Forking in progress' title when appropriate
Fix CHANGELOG after 8.14.0-rc1 tag
Update CHANGELOG.md for 8.14.0-rc1
Fix YAML syntax on CHANGELOG entry
Remove redundant rescue from repository keep_around
Remove redundant space from repository model code
Remove order-dependent expectation
Minor CHANGELOG.md cleanups
Add a link to Git cheatsheet PDF in docs readme
Grapify the session API
Add 8.13.5, 8.12.9, and 8.11.11 CHANGELOG
Merge branch 'unauthenticated-container-registry-access' into 'security'
Merge branch '23403-fix-events-for-private-project-features' into 'security'
Merge branch 'fix-unathorized-cloning' into 'security'
Merge branch 'markdown-xss-fix-option-2.1' into 'security'
...
Respect project visibility settings in the contributions calendar
This MR fixes a number of bugs relating to access controls and date selection of events for the contributions calendar
Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/23403
See merge request !2019
Signed-off-by: Rémy Coutable <remy@rymai.me>
disable markdown in comments when referencing disabled features
fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/23548
This MR prevents the following references when tool is disabled:
- issues
- snippets
- commits - when repo is disabled
- commit range - when repo is disabled
- milestones
This MR does not prevent references to repository files, since they are just markdown links and don't leak
information.
See merge request !2011
Signed-off-by: Rémy Coutable <remy@rymai.me>
It was previously possible for invalid credential errors to go unnoticed
in this task. Users would believe everything was configured correctly and
then sign in would fail with 'invalid credentials'. This adds a specific
bind check, plus catches errors connecting to the server. Also, specs :)
Allow owners to fetch source code in CI builds
Due to different way of handling owners of a project, they were not allowed to fetch CI sources for project.
This adds a separate code path for handling owners, that are not admins.
Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/23437
See merge request !6943
Use optimistic locking
## What does this MR do?
Removes the usage of pessimistic locking in favor of optimistic which is way cheaper and doesn't block database operation.
Since this is very simple change it should be safe. If we receive `StaleObjectError` message we will reload object a retry operations in lock.
However, I still believe that we need this one: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/7005 as this will reduce a load on Database and FS.
This changes a behavior from:
### Pesimistic locking (previous behavior)
#### For updating
1. SELECT * FOR UPDATE (other updates wait on this)
2. we update ci_pipeline
3. latest_build_status
4. enqueue: (use: transition :created -> :pending)
5. [state_machine] we are in state created, we can go to pending
6. [state_machine] ci_pipeline.status = created
7. [state_machine] ci_pipeline.save
8. [state_machine] after_transition: (if for success): PipelineSuccessWorker on Sidekiq
9. release DB lock
#### If no update is required
1. SELECT * FOR UPDATE (other updates wait on this)
2. we update ci_pipeline
3. latest_build_status
4. we are in pending, we can't transition to pending, because it's forbidden
5. release DB lock
### Optimistic locking (implemented by this MR)
#### For updating
1. latest_build_status
2. enqueue: (use `transition :created -> :pending`)
3. [state_machine] we are in state created, we can go to pending
4. [state_machine] ci_pipeline.status = created
5. [state_machine] ci_pipeline.save
6. [state_machine] [save] where(lock_version: ci_pipeline.lock_version).update_all(status: :created, updated_at: Time.now)
7. [state_machine] [save] unless we_updated_row then raise ObjectInconsistentError
#### If no update is required
1. we update ci_pipeline
2. latest_build_status
3. we are in pending, we can't transition to pending, because it's forbidden
## Why was this MR needed?
We have been seeing a number of problems when we migrated Pipeline/Build processing to Sidekiq. Especially we started seeing a lot of blocking queries.
We used a pessimistic locking which doesn't seem to be required. This effectively allows us to fix our issues with blocked queries by using more efficient method of operation.
## What are the relevant issue numbers?
Issues: https://gitlab.com/gitlab-com/infrastructure/issues/623 and https://gitlab.com/gitlab-com/infrastructure/issues/584, but also there's a bunch of Merge Requests that try to improve behavior of scheduled jobs.
cc @pcarranza @yorickpeterse @stanhu
See merge request !7040
This changes ProjectCacheWorker.perform_async so it only schedules a job
when no lease for the given project is present. This ensures we don't
end up scheduling hundreds of jobs when they won't be executed anyway.
Fixed all related specs and also changed the logic to handle edge cases. This includes exporting and exporting of group labels, which will get associated with the new group (if any) or they will become normal project labels otherwise.
Found other issues to do with not being able to import all labels at once in the beginning of the JSON - code was much simpler when we import all labels and milestones associated to a project first, then the associations will find the already created labels instead of creating them from the associations themselves.
Delete dynamic environments
- Adds "close environment" action to a merge request
- Adds tabs to environments list
- Adds close button to each environment row in environments list
- Replaces Destroy button with Close button inside an environment
- Adds close button to builds list inside an environment
#### Configuration
In order to enable stopping environments a valid `.gitlab-ci.yml` syntax has to be used:
```
review:
environment:
name: review/$app
on_stop: stop_review
stop_review:
script: echo Delete My App
when: manual
environment:
name: review/$app
action: stop
```
This MR requires that `stop_review` has to have: `when`, `environment:name` and `environment:action` defined.
The next MR after this one will verify that and enforce that these settings are configured.
It will also implicitly configure these settings, making it possible to define it like this:
```
review:
environment:
name: review/$app
on_stop: stop_review
stop_review:
script: echo Delete My App
```
Closes#22191
See merge request !6669
* upstream/master: (58 commits)
Update endpoint to username validator
change border color to variable
Add todo for deprecated user routes and more information about deprecation to changelog
Provide better error message to the user
Apply better hierarchy to markdown headers and issue/mr titles
Swapped button text manipulation outcomes for the toggle query
Fixed find file keyboard navigation
Update CHANGELOG for 8.12.7
Added download-button class and applied button margin
Enable activerecord_sane_schema_dumper for test
Updated logo from @luke
Fix broken specs on MySQL after https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/6896
Fix Test Env (proper error handling when gitlab-shell is not clonned)
Fix randomly crashing spinach test for merge request
[Great spinach fix] Replace gsub with delete
Remove carriage returns from commit description as summary is on a newline and will always include carriage returns
Convert due_date_select.js filetype to es6.
Stop directly parsing due_date with Date.parse, prefer parsing implicitly.
Improve spec for pipeline metrics worker
Add Pipeline metrics worker
...
* upstream/master: (237 commits)
Grapify boards API
Add test, fix merge error
Use local assigns to get the dropdown title
Updated issuable dropdown titles
Added safety check for formatted values
Minor style improvement
Fixed conflict and corrected teaspoon test
Rename method in test
Moved ci_status environments logic to new action ci_envrionments_status and set up frontend polling
Refactor ci_status on MergeRequestController
Fix indenting error in HAML
Show what time ago a MR was deployed
Fixed missing links
Fixed missing links
Refactor merge requests revisions
Add link to update docs for source installations
Grapify todos API
Link to review apps example from docs
fix grafana_configuration.md move link
Do not run before_script, artifacts, cache in trigger_docs job
...
Lin Jen-Shin
Sean McGivern
Robert Speicher
Douwe Maan
Drew Blessing
tiagonbotelho
Douwe Maan
Jacob Vosmaer
Rémy Coutable
Felipe Artur
Kamil Trzcinski
Stan Hu
Ahmad Sherif
Gabriel Mazetto
Yorick Peterse
James Lopez
Douglas Barbosa Alexandre
Sean McGivern
Phil Hughes