diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2022-07-06 03:09:39 +0000 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2022-07-06 03:09:39 +0000 |
commit | 6e11ac78e99b33c23fa785c02be9fc21c513b04e (patch) | |
tree | 222c9e3119c4e24063a2db7271493fd40cdf6ca6 | |
parent | 5d86ca3d06924e9c0b99be18237ae1e3a805329d (diff) | |
download | gitlab-ce-6e11ac78e99b33c23fa785c02be9fc21c513b04e.tar.gz |
Add latest changes from gitlab-org/gitlab@master
-rw-r--r-- | app/models/environment.rb | 6 | ||||
-rw-r--r-- | doc/user/application_security/dependency_scanning/index.md | 14 | ||||
-rw-r--r-- | doc/user/public_access.md | 2 | ||||
-rw-r--r-- | lib/api/internal/kubernetes.rb | 4 | ||||
-rw-r--r-- | lib/gitlab/ci/config/entry/environment.rb | 2 | ||||
-rw-r--r-- | lib/gitlab/ci/templates/Jobs/Dependency-Scanning.gitlab-ci.yml | 10 | ||||
-rw-r--r-- | spec/models/environment_spec.rb | 1 | ||||
-rw-r--r-- | spec/requests/api/internal/kubernetes_spec.rb | 4 |
8 files changed, 24 insertions, 19 deletions
diff --git a/app/models/environment.rb b/app/models/environment.rb index 031a7f2fb83..68540ce0f5c 100644 --- a/app/models/environment.rb +++ b/app/models/environment.rb @@ -451,9 +451,11 @@ class Environment < ApplicationRecord def auto_stop_in=(value) return unless value - return unless parsed_result = ChronicDuration.parse(value) - self.auto_stop_at = parsed_result.seconds.from_now + parser = ::Gitlab::Ci::Build::DurationParser.new(value) + return if parser.seconds_from_now.nil? + + self.auto_stop_at = parser.seconds_from_now end def rollout_status diff --git a/doc/user/application_security/dependency_scanning/index.md b/doc/user/application_security/dependency_scanning/index.md index 9e01b2ad509..4449cf47431 100644 --- a/doc/user/application_security/dependency_scanning/index.md +++ b/doc/user/application_security/dependency_scanning/index.md @@ -848,7 +848,7 @@ before the feature is made generally available. In addition to the [JSON report file](#reports-json-format), the [Gemnasium](https://gitlab.com/gitlab-org/security-products/analyzers/gemnasium) Dependency Scanning tool outputs a [CycloneDX](https://cyclonedx.org/) Software Bill of Materials (SBOM) for each supported lock or build file it detects. These CycloneDX SBOMs are named -`cyclonedx-<package-type>-<package-manager>.json`, and are saved in the same directory +`gl-sbom-<package-type>-<package-manager>.cdx.json`, and are saved in the same directory as the detected lock or build files. For example, if your project has the following structure: @@ -871,16 +871,16 @@ Then the Gemnasium scanner generates the following CycloneDX SBOMs: . ├── ruby-project/ │ ├── Gemfile.lock -│ └── cyclonedx-gem-bundler.json +│ └── gl-sbom-gem-bundler.cdx.json ├── ruby-project-2/ │ ├── Gemfile.lock -│ └── cyclonedx-gem-bundler.json +│ └── gl-sbom-gem-bundler.cdx.json ├── php-project/ │ ├── composer.lock -│ └── cyclonedx-packagist-composer.json +│ └── gl-sbom-packagist-composer.cdx.json └── go-project/ ├── go.sum - └── cyclonedx-go-go.json + └── gl-sbom-go-go.cdx.json ``` The CycloneDX SBOMs can be downloaded [the same way as other job artifacts](../../../ci/pipelines/job_artifacts.md#download-job-artifacts). @@ -905,10 +905,10 @@ merge cyclonedx sboms: - wget https://github.com/CycloneDX/cyclonedx-cli/releases/download/v0.22.0/cyclonedx-linux-musl-x64 -O /usr/local/bin/cyclonedx-cli - chmod 755 /usr/local/bin/cyclonedx-cli - apk --update add --no-cache icu-dev libstdc++ - - find * -name "cyclonedx-*.json" -exec cyclonedx-cli merge --input-files {} --output-file cyclonedx-all.json + + - find * -name "gl-sbom-*.cdx.json" -exec cyclonedx-cli merge --input-files {} --output-file gl-sbom-all.cdx.json + artifacts: paths: - - cyclonedx-all.json + - gl-sbom-all.cdx.json ``` GitLab uses [CycloneDX Properties](https://cyclonedx.org/use-cases/#properties--name-value-store) diff --git a/doc/user/public_access.md b/doc/user/public_access.md index cca753a2830..d821c1abe47 100644 --- a/doc/user/public_access.md +++ b/doc/user/public_access.md @@ -70,6 +70,8 @@ Prerequisite: Prerequisite: - You must have the Owner role for a group. +- Subgroups and projects must already have visibility settings that are at least as + restrictive as the new setting for the group. 1. On the top bar, select **Menu > Groups** and find your project. 1. On the left sidebar, select **Settings > General**. diff --git a/lib/api/internal/kubernetes.rb b/lib/api/internal/kubernetes.rb index 34acfac4cb1..f7c6e48e54f 100644 --- a/lib/api/internal/kubernetes.rb +++ b/lib/api/internal/kubernetes.rb @@ -38,7 +38,6 @@ module API def gitaly_repository(project) { - default_branch: project.default_branch_or_main, storage_name: project.repository_storage, relative_path: project.disk_path + '.git', gl_repository: repo_type.identifier_for_container(project), @@ -76,7 +75,8 @@ module API agent_id: agent.id, agent_name: agent.name, gitaly_info: gitaly_info(project), - gitaly_repository: gitaly_repository(project) + gitaly_repository: gitaly_repository(project), + default_branch: project.default_branch_or_main } end end diff --git a/lib/gitlab/ci/config/entry/environment.rb b/lib/gitlab/ci/config/entry/environment.rb index bc39abfe977..96ba3553b46 100644 --- a/lib/gitlab/ci/config/entry/environment.rb +++ b/lib/gitlab/ci/config/entry/environment.rb @@ -54,7 +54,7 @@ module Gitlab validates :on_stop, type: String, allow_nil: true validates :kubernetes, type: Hash, allow_nil: true - validates :auto_stop_in, duration: true, allow_nil: true + validates :auto_stop_in, duration: { parser: ::Gitlab::Ci::Build::DurationParser }, allow_nil: true end end diff --git a/lib/gitlab/ci/templates/Jobs/Dependency-Scanning.gitlab-ci.yml b/lib/gitlab/ci/templates/Jobs/Dependency-Scanning.gitlab-ci.yml index b95b36fd555..42cfb83bb7f 100644 --- a/lib/gitlab/ci/templates/Jobs/Dependency-Scanning.gitlab-ci.yml +++ b/lib/gitlab/ci/templates/Jobs/Dependency-Scanning.gitlab-ci.yml @@ -46,10 +46,10 @@ dependency_scanning: script: - /analyzer run -.cyclone-dx-reports: +.cyclonedx-reports: artifacts: paths: - - "**/cyclonedx-*.json" + - "**/gl-sbom-*.cdx.json" .gemnasium-shared-rule: exists: @@ -66,7 +66,7 @@ dependency_scanning: gemnasium-dependency_scanning: extends: - .ds-analyzer - - .cyclone-dx-reports + - .cyclonedx-reports variables: DS_ANALYZER_NAME: "gemnasium" GEMNASIUM_LIBRARY_SCAN_ENABLED: "true" @@ -95,7 +95,7 @@ gemnasium-dependency_scanning: gemnasium-maven-dependency_scanning: extends: - .ds-analyzer - - .cyclone-dx-reports + - .cyclonedx-reports variables: DS_ANALYZER_NAME: "gemnasium-maven" rules: @@ -125,7 +125,7 @@ gemnasium-maven-dependency_scanning: gemnasium-python-dependency_scanning: extends: - .ds-analyzer - - .cyclone-dx-reports + - .cyclonedx-reports variables: DS_ANALYZER_NAME: "gemnasium-python" rules: diff --git a/spec/models/environment_spec.rb b/spec/models/environment_spec.rb index 92af1c3d571..4064f24cff0 100644 --- a/spec/models/environment_spec.rb +++ b/spec/models/environment_spec.rb @@ -1672,6 +1672,7 @@ RSpec.describe Environment, :use_clean_rails_memory_store_caching do 'abcdef' | ChronicDuration::DurationParseError '' | nil nil | nil + 'never' | nil end with_them do it 'sets correct auto_stop_in' do diff --git a/spec/requests/api/internal/kubernetes_spec.rb b/spec/requests/api/internal/kubernetes_spec.rb index 0e566dd8c0e..c0a979995c9 100644 --- a/spec/requests/api/internal/kubernetes_spec.rb +++ b/spec/requests/api/internal/kubernetes_spec.rb @@ -169,12 +169,12 @@ RSpec.describe API::Internal::Kubernetes do 'features' => {} ), 'gitaly_repository' => a_hash_including( - 'default_branch' => project.default_branch_or_main, 'storage_name' => project.repository_storage, 'relative_path' => project.disk_path + '.git', 'gl_repository' => "project-#{project.id}", 'gl_project_path' => project.full_path - ) + ), + 'default_branch' => project.default_branch_or_main ) ) end |