summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGitLab Bot <gitlab-bot@gitlab.com>2022-07-06 03:09:39 +0000
committerGitLab Bot <gitlab-bot@gitlab.com>2022-07-06 03:09:39 +0000
commit6e11ac78e99b33c23fa785c02be9fc21c513b04e (patch)
tree222c9e3119c4e24063a2db7271493fd40cdf6ca6
parent5d86ca3d06924e9c0b99be18237ae1e3a805329d (diff)
downloadgitlab-ce-6e11ac78e99b33c23fa785c02be9fc21c513b04e.tar.gz
Add latest changes from gitlab-org/gitlab@master
-rw-r--r--app/models/environment.rb6
-rw-r--r--doc/user/application_security/dependency_scanning/index.md14
-rw-r--r--doc/user/public_access.md2
-rw-r--r--lib/api/internal/kubernetes.rb4
-rw-r--r--lib/gitlab/ci/config/entry/environment.rb2
-rw-r--r--lib/gitlab/ci/templates/Jobs/Dependency-Scanning.gitlab-ci.yml10
-rw-r--r--spec/models/environment_spec.rb1
-rw-r--r--spec/requests/api/internal/kubernetes_spec.rb4
8 files changed, 24 insertions, 19 deletions
diff --git a/app/models/environment.rb b/app/models/environment.rb
index 031a7f2fb83..68540ce0f5c 100644
--- a/app/models/environment.rb
+++ b/app/models/environment.rb
@@ -451,9 +451,11 @@ class Environment < ApplicationRecord
def auto_stop_in=(value)
return unless value
- return unless parsed_result = ChronicDuration.parse(value)
- self.auto_stop_at = parsed_result.seconds.from_now
+ parser = ::Gitlab::Ci::Build::DurationParser.new(value)
+ return if parser.seconds_from_now.nil?
+
+ self.auto_stop_at = parser.seconds_from_now
end
def rollout_status
diff --git a/doc/user/application_security/dependency_scanning/index.md b/doc/user/application_security/dependency_scanning/index.md
index 9e01b2ad509..4449cf47431 100644
--- a/doc/user/application_security/dependency_scanning/index.md
+++ b/doc/user/application_security/dependency_scanning/index.md
@@ -848,7 +848,7 @@ before the feature is made generally available.
In addition to the [JSON report file](#reports-json-format), the [Gemnasium](https://gitlab.com/gitlab-org/security-products/analyzers/gemnasium)
Dependency Scanning tool outputs a [CycloneDX](https://cyclonedx.org/) Software Bill of Materials (SBOM) for
each supported lock or build file it detects. These CycloneDX SBOMs are named
-`cyclonedx-<package-type>-<package-manager>.json`, and are saved in the same directory
+`gl-sbom-<package-type>-<package-manager>.cdx.json`, and are saved in the same directory
as the detected lock or build files.
For example, if your project has the following structure:
@@ -871,16 +871,16 @@ Then the Gemnasium scanner generates the following CycloneDX SBOMs:
.
├── ruby-project/
│ ├── Gemfile.lock
-│ └── cyclonedx-gem-bundler.json
+│ └── gl-sbom-gem-bundler.cdx.json
├── ruby-project-2/
│ ├── Gemfile.lock
-│ └── cyclonedx-gem-bundler.json
+│ └── gl-sbom-gem-bundler.cdx.json
├── php-project/
│ ├── composer.lock
-│ └── cyclonedx-packagist-composer.json
+│ └── gl-sbom-packagist-composer.cdx.json
└── go-project/
├── go.sum
- └── cyclonedx-go-go.json
+ └── gl-sbom-go-go.cdx.json
```
The CycloneDX SBOMs can be downloaded [the same way as other job artifacts](../../../ci/pipelines/job_artifacts.md#download-job-artifacts).
@@ -905,10 +905,10 @@ merge cyclonedx sboms:
- wget https://github.com/CycloneDX/cyclonedx-cli/releases/download/v0.22.0/cyclonedx-linux-musl-x64 -O /usr/local/bin/cyclonedx-cli
- chmod 755 /usr/local/bin/cyclonedx-cli
- apk --update add --no-cache icu-dev libstdc++
- - find * -name "cyclonedx-*.json" -exec cyclonedx-cli merge --input-files {} --output-file cyclonedx-all.json +
+ - find * -name "gl-sbom-*.cdx.json" -exec cyclonedx-cli merge --input-files {} --output-file gl-sbom-all.cdx.json +
artifacts:
paths:
- - cyclonedx-all.json
+ - gl-sbom-all.cdx.json
```
GitLab uses [CycloneDX Properties](https://cyclonedx.org/use-cases/#properties--name-value-store)
diff --git a/doc/user/public_access.md b/doc/user/public_access.md
index cca753a2830..d821c1abe47 100644
--- a/doc/user/public_access.md
+++ b/doc/user/public_access.md
@@ -70,6 +70,8 @@ Prerequisite:
Prerequisite:
- You must have the Owner role for a group.
+- Subgroups and projects must already have visibility settings that are at least as
+ restrictive as the new setting for the group.
1. On the top bar, select **Menu > Groups** and find your project.
1. On the left sidebar, select **Settings > General**.
diff --git a/lib/api/internal/kubernetes.rb b/lib/api/internal/kubernetes.rb
index 34acfac4cb1..f7c6e48e54f 100644
--- a/lib/api/internal/kubernetes.rb
+++ b/lib/api/internal/kubernetes.rb
@@ -38,7 +38,6 @@ module API
def gitaly_repository(project)
{
- default_branch: project.default_branch_or_main,
storage_name: project.repository_storage,
relative_path: project.disk_path + '.git',
gl_repository: repo_type.identifier_for_container(project),
@@ -76,7 +75,8 @@ module API
agent_id: agent.id,
agent_name: agent.name,
gitaly_info: gitaly_info(project),
- gitaly_repository: gitaly_repository(project)
+ gitaly_repository: gitaly_repository(project),
+ default_branch: project.default_branch_or_main
}
end
end
diff --git a/lib/gitlab/ci/config/entry/environment.rb b/lib/gitlab/ci/config/entry/environment.rb
index bc39abfe977..96ba3553b46 100644
--- a/lib/gitlab/ci/config/entry/environment.rb
+++ b/lib/gitlab/ci/config/entry/environment.rb
@@ -54,7 +54,7 @@ module Gitlab
validates :on_stop, type: String, allow_nil: true
validates :kubernetes, type: Hash, allow_nil: true
- validates :auto_stop_in, duration: true, allow_nil: true
+ validates :auto_stop_in, duration: { parser: ::Gitlab::Ci::Build::DurationParser }, allow_nil: true
end
end
diff --git a/lib/gitlab/ci/templates/Jobs/Dependency-Scanning.gitlab-ci.yml b/lib/gitlab/ci/templates/Jobs/Dependency-Scanning.gitlab-ci.yml
index b95b36fd555..42cfb83bb7f 100644
--- a/lib/gitlab/ci/templates/Jobs/Dependency-Scanning.gitlab-ci.yml
+++ b/lib/gitlab/ci/templates/Jobs/Dependency-Scanning.gitlab-ci.yml
@@ -46,10 +46,10 @@ dependency_scanning:
script:
- /analyzer run
-.cyclone-dx-reports:
+.cyclonedx-reports:
artifacts:
paths:
- - "**/cyclonedx-*.json"
+ - "**/gl-sbom-*.cdx.json"
.gemnasium-shared-rule:
exists:
@@ -66,7 +66,7 @@ dependency_scanning:
gemnasium-dependency_scanning:
extends:
- .ds-analyzer
- - .cyclone-dx-reports
+ - .cyclonedx-reports
variables:
DS_ANALYZER_NAME: "gemnasium"
GEMNASIUM_LIBRARY_SCAN_ENABLED: "true"
@@ -95,7 +95,7 @@ gemnasium-dependency_scanning:
gemnasium-maven-dependency_scanning:
extends:
- .ds-analyzer
- - .cyclone-dx-reports
+ - .cyclonedx-reports
variables:
DS_ANALYZER_NAME: "gemnasium-maven"
rules:
@@ -125,7 +125,7 @@ gemnasium-maven-dependency_scanning:
gemnasium-python-dependency_scanning:
extends:
- .ds-analyzer
- - .cyclone-dx-reports
+ - .cyclonedx-reports
variables:
DS_ANALYZER_NAME: "gemnasium-python"
rules:
diff --git a/spec/models/environment_spec.rb b/spec/models/environment_spec.rb
index 92af1c3d571..4064f24cff0 100644
--- a/spec/models/environment_spec.rb
+++ b/spec/models/environment_spec.rb
@@ -1672,6 +1672,7 @@ RSpec.describe Environment, :use_clean_rails_memory_store_caching do
'abcdef' | ChronicDuration::DurationParseError
'' | nil
nil | nil
+ 'never' | nil
end
with_them do
it 'sets correct auto_stop_in' do
diff --git a/spec/requests/api/internal/kubernetes_spec.rb b/spec/requests/api/internal/kubernetes_spec.rb
index 0e566dd8c0e..c0a979995c9 100644
--- a/spec/requests/api/internal/kubernetes_spec.rb
+++ b/spec/requests/api/internal/kubernetes_spec.rb
@@ -169,12 +169,12 @@ RSpec.describe API::Internal::Kubernetes do
'features' => {}
),
'gitaly_repository' => a_hash_including(
- 'default_branch' => project.default_branch_or_main,
'storage_name' => project.repository_storage,
'relative_path' => project.disk_path + '.git',
'gl_repository' => "project-#{project.id}",
'gl_project_path' => project.full_path
- )
+ ),
+ 'default_branch' => project.default_branch_or_main
)
)
end