diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2020-08-03 18:10:05 +0000 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2020-08-03 18:10:05 +0000 |
| commit | 0851c83c27613426f80d94fe74e9a7e8bc520fc0 (patch) | |
| tree | a89c7f9c9c03dfabac2954a4c20c51add0475427 | |
| parent | 31979cb3238a9993bd9834ff3cf4099f43257816 (diff) | |
| download | gitlab-ce-0851c83c27613426f80d94fe74e9a7e8bc520fc0.tar.gz | |
Add latest changes from gitlab-org/gitlab@master
59 files changed, 242 insertions, 214 deletions
diff --git a/.rubocop_todo.yml b/.rubocop_todo.yml index 4b1c1046bce..7dd8662576a 100644 --- a/.rubocop_todo.yml +++ b/.rubocop_todo.yml @@ -1910,20 +1910,3 @@ Rails/SaveBang: - 'spec/views/projects/imports/new.html.haml_spec.rb' - 'spec/views/projects/merge_requests/show.html.haml_spec.rb' - 'spec/views/shared/_label_row.html.haml_spec.rb' - - 'spec/workers/concerns/project_export_options_spec.rb' - - 'spec/workers/gitlab/import/stuck_project_import_jobs_worker_spec.rb' - - 'spec/workers/gitlab/jira_import/stuck_jira_import_jobs_worker_spec.rb' - - 'spec/workers/migrate_external_diffs_worker_spec.rb' - - 'spec/workers/namespaceless_project_destroy_worker_spec.rb' - - 'spec/workers/namespaces/root_statistics_worker_spec.rb' - - 'spec/workers/pages_domain_verification_worker_spec.rb' - - 'spec/workers/process_commit_worker_spec.rb' - - 'spec/workers/propagate_integration_worker_spec.rb' - - 'spec/workers/propagate_service_template_worker_spec.rb' - - 'spec/workers/remove_unreferenced_lfs_objects_worker_spec.rb' - - 'spec/workers/repository_check/single_repository_worker_spec.rb' - - 'spec/workers/repository_cleanup_worker_spec.rb' - - 'spec/workers/repository_import_worker_spec.rb' - - 'spec/workers/repository_update_remote_mirror_worker_spec.rb' - - 'spec/workers/stuck_ci_jobs_worker_spec.rb' - - 'spec/workers/update_head_pipeline_for_merge_request_worker_spec.rb' diff --git a/GITALY_SERVER_VERSION b/GITALY_SERVER_VERSION index 0afb9a644f6..41652a6743b 100644 --- a/GITALY_SERVER_VERSION +++ b/GITALY_SERVER_VERSION @@ -1 +1 @@ -13.3.0-rc3 +a6091637dcb4c3b601a8860b5f164c0ce90ba0ca diff --git a/app/assets/javascripts/design_management/components/design_sidebar.vue b/app/assets/javascripts/design_management/components/design_sidebar.vue index 1970f03a6f3..650169d3a80 100644 --- a/app/assets/javascripts/design_management/components/design_sidebar.vue +++ b/app/assets/javascripts/design_management/components/design_sidebar.vue @@ -94,7 +94,7 @@ export default { {{ issue.title }} </h2> <a - class="gl-text-gray-600 gl-text-decoration-none gl-mb-6 gl-display-block" + class="gl-text-gray-400 gl-text-decoration-none gl-mb-6 gl-display-block" :href="issue.webUrl" >{{ issue.webPath }}</a > diff --git a/app/assets/javascripts/design_management_legacy/components/design_sidebar.vue b/app/assets/javascripts/design_management_legacy/components/design_sidebar.vue index 333ad2557e8..eab589e5245 100644 --- a/app/assets/javascripts/design_management_legacy/components/design_sidebar.vue +++ b/app/assets/javascripts/design_management_legacy/components/design_sidebar.vue @@ -94,7 +94,7 @@ export default { {{ issue.title }} </h2> <a - class="gl-text-gray-600 gl-text-decoration-none gl-mb-6 gl-display-block" + class="gl-text-gray-400 gl-text-decoration-none gl-mb-6 gl-display-block" :href="issue.webUrl" >{{ issue.webPath }}</a > diff --git a/app/assets/javascripts/packages/list/coming_soon/packages_coming_soon.vue b/app/assets/javascripts/packages/list/coming_soon/packages_coming_soon.vue index 60d40efada4..7db56180b77 100644 --- a/app/assets/javascripts/packages/list/coming_soon/packages_coming_soon.vue +++ b/app/assets/javascripts/packages/list/coming_soon/packages_coming_soon.vue @@ -133,12 +133,12 @@ export default { </div> <div class="table-section section-100 gl-white-space-normal mt-md-3"> - <div class="gl-display-flex gl-text-gray-600"> + <div class="gl-display-flex gl-text-gray-400"> <gl-icon name="issues" class="gl-mr-2" /> <gl-link data-testid="issue-id-link" :href="issue.webUrl" - class="gl-text-gray-600 gl-mr-5" + class="gl-text-gray-400 gl-mr-5" @click="onIssueLinkClick(issue.iid, issue.title)" >#{{ issue.iid }}</gl-link > diff --git a/app/assets/javascripts/ref/components/ref_results_section.vue b/app/assets/javascripts/ref/components/ref_results_section.vue index 32e916052c4..c8f5c66b0c1 100644 --- a/app/assets/javascripts/ref/components/ref_results_section.vue +++ b/app/assets/javascripts/ref/components/ref_results_section.vue @@ -111,7 +111,7 @@ export default { <div class="gl-flex-grow-1 gl-display-flex gl-flex-direction-column"> <span class="gl-font-monospace">{{ item.name }}</span> - <span class="gl-text-gray-600">{{ item.subtitle }}</span> + <span class="gl-text-gray-400">{{ item.subtitle }}</span> </div> <gl-badge v-if="item.default" size="sm" variant="info">{{ diff --git a/app/assets/javascripts/ref/components/ref_selector.vue b/app/assets/javascripts/ref/components/ref_selector.vue index bd42d028098..e388604ed92 100644 --- a/app/assets/javascripts/ref/components/ref_selector.vue +++ b/app/assets/javascripts/ref/components/ref_selector.vue @@ -109,7 +109,7 @@ export default { <template> <gl-new-dropdown v-bind="$attrs" class="ref-selector" @shown="focusSearchBox"> <template slot="button-content"> - <span class="gl-flex-grow-1 gl-ml-2 gl-text-gray-600" data-testid="button-content"> + <span class="gl-flex-grow-1 gl-ml-2 gl-text-gray-400" data-testid="button-content"> <span v-if="selectedRef" class="gl-font-monospace">{{ selectedRef }}</span> <span v-else>{{ i18n.noRefSelected }}</span> </span> diff --git a/app/assets/javascripts/releases/components/release_block_assets.vue b/app/assets/javascripts/releases/components/release_block_assets.vue index ab29ceb0ce6..aaade91e36e 100644 --- a/app/assets/javascripts/releases/components/release_block_assets.vue +++ b/app/assets/javascripts/releases/components/release_block_assets.vue @@ -138,7 +138,7 @@ export default { :aria-label="$options.externalLinkTooltipText" :title="$options.externalLinkTooltipText" data-testid="external-link-indicator" - class="gl-ml-2 gl-flex-shrink-0 gl-flex-grow-0 gl-text-gray-600" + class="gl-ml-2 gl-flex-shrink-0 gl-flex-grow-0 gl-text-gray-400" /> </gl-link> </li> diff --git a/app/assets/javascripts/vue_merge_request_widget/components/states/squash_before_merge.vue b/app/assets/javascripts/vue_merge_request_widget/components/states/squash_before_merge.vue index efd58341a2d..3cf7dc3c4d1 100644 --- a/app/assets/javascripts/vue_merge_request_widget/components/states/squash_before_merge.vue +++ b/app/assets/javascripts/vue_merge_request_widget/components/states/squash_before_merge.vue @@ -38,7 +38,7 @@ export default { <div class="inline"> <label v-tooltip - :class="{ 'gl-text-gray-600': isDisabled }" + :class="{ 'gl-text-gray-400': isDisabled }" data-testid="squashLabel" :data-title="tooltipTitle" > diff --git a/app/assets/javascripts/vue_shared/components/user_popover/user_popover.vue b/app/assets/javascripts/vue_shared/components/user_popover/user_popover.vue index 0291faf49e1..be340fbc7ef 100644 --- a/app/assets/javascripts/vue_shared/components/user_popover/user_popover.vue +++ b/app/assets/javascripts/vue_shared/components/user_popover/user_popover.vue @@ -74,16 +74,16 @@ export default { </div> <div class="gl-text-gray-700"> <div v-if="user.bio" class="gl-display-flex gl-mb-2"> - <icon name="profile" class="gl-text-gray-600 gl-flex-shrink-0" /> + <icon name="profile" class="gl-text-gray-400 gl-flex-shrink-0" /> <span ref="bio" class="gl-ml-2" v-html="user.bioHtml"></span> </div> <div v-if="user.workInformation" class="gl-display-flex gl-mb-2"> - <icon name="work" class="gl-text-gray-600 gl-flex-shrink-0" /> + <icon name="work" class="gl-text-gray-400 gl-flex-shrink-0" /> <span ref="workInformation" class="gl-ml-2">{{ user.workInformation }}</span> </div> </div> <div v-if="user.location" class="js-location gl-text-gray-700 gl-display-flex"> - <icon name="location" class="gl-text-gray-600 flex-shrink-0" /> + <icon name="location" class="gl-text-gray-400 flex-shrink-0" /> <span class="gl-ml-2">{{ user.location }}</span> </div> <div v-if="statusHtml" class="js-user-status gl-mt-3"> diff --git a/app/assets/stylesheets/framework/common.scss b/app/assets/stylesheets/framework/common.scss index 2ff0e2c995f..78f98b5936e 100644 --- a/app/assets/stylesheets/framework/common.scss +++ b/app/assets/stylesheets/framework/common.scss @@ -509,7 +509,7 @@ img.emoji { } &.is-dragging { - background-color: $gray-600; + background-color: $gray-400; } } diff --git a/app/assets/stylesheets/framework/files.scss b/app/assets/stylesheets/framework/files.scss index 8fd507a45bb..ef7d39a5e7e 100644 --- a/app/assets/stylesheets/framework/files.scss +++ b/app/assets/stylesheets/framework/files.scss @@ -209,7 +209,7 @@ } .doc-versions { - color: $gray-600; + color: $gray-400; &:hover { color: $gray-900; diff --git a/app/assets/stylesheets/framework/forms.scss b/app/assets/stylesheets/framework/forms.scss index ec8d5806345..7be676ed83c 100644 --- a/app/assets/stylesheets/framework/forms.scss +++ b/app/assets/stylesheets/framework/forms.scss @@ -227,7 +227,7 @@ label { right: 0.8em; top: 50%; transform: translateY(-50%); - color: $gray-600; + color: $gray-400; } .input-md { diff --git a/app/assets/stylesheets/framework/mixins.scss b/app/assets/stylesheets/framework/mixins.scss index 918ca448c21..61e8c0d4718 100644 --- a/app/assets/stylesheets/framework/mixins.scss +++ b/app/assets/stylesheets/framework/mixins.scss @@ -326,8 +326,8 @@ line-height: 1; padding: 0; min-width: 16px; - color: $gray-600; - fill: $gray-600; + color: $gray-400; + fill: $gray-400; .fa { position: relative; diff --git a/app/assets/stylesheets/framework/variables.scss b/app/assets/stylesheets/framework/variables.scss index fd62ab5b6a4..ed4f3805cc4 100644 --- a/app/assets/stylesheets/framework/variables.scss +++ b/app/assets/stylesheets/framework/variables.scss @@ -168,7 +168,7 @@ $gray-200: #bfbfbf !default; $gray-300: #999 !default; $gray-400: #868686 !default; $gray-500: #666 !default; -$gray-600: #919191 !default; +$gray-600: #5e5e5e !default; $gray-700: #707070 !default; $gray-800: #4f4f4f !default; $gray-900: #303030 !default; @@ -351,11 +351,11 @@ $gl-font-weight-normal: 400; $gl-font-weight-bold: 600; $gl-text-color: $gray-900; $gl-text-color-secondary: $gray-700; -$gl-text-color-tertiary: $gray-600; +$gl-text-color-tertiary: $gray-400; $gl-text-color-quaternary: #d6d6d6; $gl-text-color-inverted: $white; $gl-text-color-secondary-inverted: rgba($white, 0.85); -$gl-text-color-disabled: $gray-600; +$gl-text-color-disabled: $gray-400; $gl-grayish-blue: #7f8fa4; $gl-gray-dark: #313236; $gl-gray-light: #5c5c5c; diff --git a/app/assets/stylesheets/pages/clusters.scss b/app/assets/stylesheets/pages/clusters.scss index 5a69aa15303..29422c1f7fa 100644 --- a/app/assets/stylesheets/pages/clusters.scss +++ b/app/assets/stylesheets/pages/clusters.scss @@ -166,6 +166,6 @@ .cluster-status-indicator { &.disabled { - background-color: $gray-600; + background-color: $gray-400; } } diff --git a/app/assets/stylesheets/pages/incident_management_list.scss b/app/assets/stylesheets/pages/incident_management_list.scss index e6305a5d233..341c5df6484 100644 --- a/app/assets/stylesheets/pages/incident_management_list.scss +++ b/app/assets/stylesheets/pages/incident_management_list.scss @@ -26,7 +26,7 @@ th { @include gl-bg-transparent; @include gl-font-weight-bold; - @include gl-text-gray-600; + @include gl-text-gray-400; &[aria-sort='none']:hover { background-image: url('data:image/svg+xml, %3csvg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="4 0 8 16"%3e %3cpath style="fill: %23BABABA;" fill-rule="evenodd" d="M11.707085,11.7071 L7.999975,15.4142 L4.292875,11.7071 C3.902375,11.3166 3.902375, 10.6834 4.292875,10.2929 C4.683375,9.90237 5.316575,9.90237 5.707075,10.2929 L6.999975, 11.5858 L6.999975,2 C6.999975,1.44771 7.447695,1 7.999975,1 C8.552255,1 8.999975,1.44771 8.999975,2 L8.999975,11.5858 L10.292865,10.2929 C10.683395 ,9.90237 11.316555,9.90237 11.707085,10.2929 C12.097605,10.6834 12.097605,11.3166 11.707085,11.7071 Z"/%3e %3c/svg%3e'); diff --git a/app/assets/stylesheets/pages/notes.scss b/app/assets/stylesheets/pages/notes.scss index 6528daa1ffe..d0165e92311 100644 --- a/app/assets/stylesheets/pages/notes.scss +++ b/app/assets/stylesheets/pages/notes.scss @@ -727,7 +727,7 @@ $note-form-margin-left: 72px; display: inline-flex; align-items: center; margin-left: 10px; - color: $gray-600; + color: $gray-400; @include notes-media('max', map-get($grid-breakpoints, sm) - 1) { float: none; diff --git a/app/assets/stylesheets/pages/pipelines.scss b/app/assets/stylesheets/pages/pipelines.scss index 7c60ac1d2d4..6cd8ea7aa3a 100644 --- a/app/assets/stylesheets/pages/pipelines.scss +++ b/app/assets/stylesheets/pages/pipelines.scss @@ -809,7 +809,7 @@ &.ci-status-icon-created, &.ci-status-icon-skipped { - @include mini-pipeline-graph-color($white, $gray-100, $gray-200, $gray-300, $gray-600, $gray-700); + @include mini-pipeline-graph-color($white, $gray-100, $gray-200, $gray-300, $gray-400, $gray-700); } } diff --git a/app/assets/stylesheets/pages/prometheus.scss b/app/assets/stylesheets/pages/prometheus.scss index 1e759afaac5..cc5a63c512f 100644 --- a/app/assets/stylesheets/pages/prometheus.scss +++ b/app/assets/stylesheets/pages/prometheus.scss @@ -56,7 +56,7 @@ .draggable-remove-link { cursor: pointer; - color: $gray-600; + color: $gray-400; background-color: $white; } } @@ -117,7 +117,7 @@ .prometheus-graph-cursor { position: absolute; - background: $gray-600; + background: $gray-400; width: 1px; } @@ -290,7 +290,7 @@ } > text { - fill: $gray-600; + fill: $gray-400; font-size: 10px; } } diff --git a/app/assets/stylesheets/pages/status.scss b/app/assets/stylesheets/pages/status.scss index fe22985b76b..695cea76a34 100644 --- a/app/assets/stylesheets/pages/status.scss +++ b/app/assets/stylesheets/pages/status.scss @@ -38,7 +38,7 @@ } &.ci-preparing { - @include status-color($gray-100, $gray-300, $gray-600); + @include status-color($gray-100, $gray-300, $gray-400); } &.ci-pending, diff --git a/app/views/admin/services/index.html.haml b/app/views/admin/services/index.html.haml index ec343c38470..19a0b7466a2 100644 --- a/app/views/admin/services/index.html.haml +++ b/app/views/admin/services/index.html.haml @@ -18,7 +18,7 @@ = link_to edit_admin_application_settings_integration_path(service.to_param), class: 'gl-text-blue-300!' do %strong.has-tooltip{ title: s_('AdminSettings|Moved to integrations'), data: { container: 'body' } } = service.title - %td.gl-cursor-default.gl-text-gray-600 + %td.gl-cursor-default.gl-text-gray-400 = service.description %td - else diff --git a/app/views/shared/issuable/form/_merge_params.html.haml b/app/views/shared/issuable/form/_merge_params.html.haml index 6f1023474a1..5c5c8c816d3 100644 --- a/app/views/shared/issuable/form/_merge_params.html.haml +++ b/app/views/shared/issuable/form/_merge_params.html.haml @@ -27,5 +27,5 @@ Squash commits when merge request is accepted. = link_to icon('question-circle'), help_page_path('user/project/merge_requests/squash_and_merge'), target: '_blank' - if project.squash_always? - .gl-text-gray-600 + .gl-text-gray-400 = _('Required in this project.') diff --git a/changelogs/unreleased/rails-save-bang-9.yml b/changelogs/unreleased/rails-save-bang-9.yml new file mode 100644 index 00000000000..14ce19c8c8c --- /dev/null +++ b/changelogs/unreleased/rails-save-bang-9.yml @@ -0,0 +1,5 @@ +--- +title: Refactor spec/workers/* to fix SaveBang Cop +merge_request: 38399 +author: Rajendra Kadam +type: fixed diff --git a/config/feature_categories.yml b/config/feature_categories.yml index fd4cc8bf2a5..e41d6d86e46 100644 --- a/config/feature_categories.yml +++ b/config/feature_categories.yml @@ -42,7 +42,6 @@ - design_management - design_system - devops_reports -- digital_experience_management - disaster_recovery - dynamic_application_security_testing - editor_extension @@ -72,7 +71,6 @@ - jupyter_notebooks - kanban_boards - kubernetes_management -- language_specific - license_compliance - live_preview - load_testing diff --git a/config/initializers_before_autoloader/000_inflections.rb b/config/initializers_before_autoloader/000_inflections.rb index 6e2206d8efc..5c1a3e87fba 100644 --- a/config/initializers_before_autoloader/000_inflections.rb +++ b/config/initializers_before_autoloader/000_inflections.rb @@ -26,7 +26,6 @@ ActiveSupport::Inflector.inflections do |inflect| project_statistics system_note_metadata vulnerabilities_feedback - vulnerability_export_registry vulnerability_feedback ) inflect.acronym 'EE' diff --git a/doc/README.md b/doc/README.md index d5ffe7dd0f2..56e70bb1779 100644 --- a/doc/README.md +++ b/doc/README.md @@ -55,7 +55,7 @@ making the software lifecycle faster and radically improving the speed of busine GitLab provides solutions for [each of the stages of the DevOps lifecycle](https://about.gitlab.com/stages-devops-lifecycle/): - + GitLab is like a top-of-the-line kitchen for making software. As the executive chef, you decide what software you want to serve. Using your recipe, GitLab handles @@ -71,10 +71,11 @@ The following sections provide links to documentation for each DevOps stage: | [Create](#create) | Source code, data creation, and management features. | | [Verify](#verify) | Testing, code quality, and continuous integration features. | | [Package](#package) | Docker container registry. | +| [Secure](#secure) | Security capability features. | | [Release](#release) | Application release and delivery features. | | [Configure](#configure) | Application and infrastructure configuration tools. | | [Monitor](#monitor) | Application monitoring and metrics features. | -| [Secure](#secure) | Security capability features. | +| [Defend](#defend) | Protection against security intrusions. | <div align="right"> <a type="button" class="btn btn-default" href="#overview"> @@ -274,6 +275,30 @@ The following documentation relates to the DevOps **Package** stage: </a> </div> +### Secure + +Check your application for security vulnerabilities that may lead to unauthorized access, data +leaks, or denial of service. GitLab can perform static and dynamic tests on your application's code, +looking for known flaws and reporting them in the merge request. You can then fix flaws prior to +merge. Security teams can use dashboards to get a high-level view on projects and groups, and start +remediation processes when needed. + +The following documentation relates to the DevOps **Secure** stage: + +| Secure topics | Description | +|:------------------------------------------------------------------------------------------------------|:-----------------------------------------------------------------------| +| [Compliance Dashboard](user/compliance/compliance_dashboard/index.md) **(ULTIMATE)** | View the most recent Merge Request activity in a group. | +| [Container Scanning](user/application_security/container_scanning/index.md) **(ULTIMATE)** | Use Clair to scan Docker images for known vulnerabilities. | +| [Dependency List](user/application_security/dependency_list/index.md) **(ULTIMATE)** | View your project's dependencies and their known vulnerabilities. | +| [Dependency Scanning](user/application_security/dependency_scanning/index.md) **(ULTIMATE)** | Analyze your dependencies for known vulnerabilities. | +| [Dynamic Application Security Testing (DAST)](user/application_security/dast/index.md) **(ULTIMATE)** | Analyze running web applications for known vulnerabilities. | +| [Group Security Dashboard](user/application_security/security_dashboard/index.md#group-security-dashboard) **(ULTIMATE)** | View vulnerabilities in all the projects in a group and its subgroups. | +| [Instance Security Dashboard](user/application_security/security_dashboard/index.md#instance-security-dashboard) **(ULTIMATE)** | View vulnerabilities in all the projects you're interested in. | +| [License Compliance](user/compliance/license_compliance/index.md) **(ULTIMATE)** | Search your project's dependencies for their licenses. | +| [Pipeline Security](user/application_security/security_dashboard/index.md#pipeline-security) **(ULTIMATE)** | View the security reports for your project's pipelines. | +| [Project Security Dashboard](user/application_security/security_dashboard/index.md#project-security-dashboard) **(ULTIMATE)** | View the latest security reports for your project. | +| [Static Application Security Testing (SAST)](user/application_security/sast/index.md) **(ULTIMATE)** | Analyze source code for known vulnerabilities. | + ### Release Spend less time configuring your tools, and more time creating. Whether you’re @@ -352,29 +377,21 @@ The following documentation relates to the DevOps **Monitor** stage: </a> </div> -### Secure +### Defend -Check your application for security vulnerabilities that may lead to unauthorized access, -data leaks, and denial of services. GitLab will perform static and dynamic tests on the -code of your application, looking for known flaws and report them in the merge request -so you can fix them before merging. Security teams can use dashboards to get a -high-level view on projects and groups, and start remediation processes when needed. +GitLab Defend enables organizations to proactively protect cloud-native environments by providing +context-aware technologies to reduce overall security risk. Defend is a natural extension of your +existing operation's practices and provides security visibility across the entire DevSecOps +lifecycle. This empowers your organization to apply DevSecOps best practices from the first line of +code through monitoring and protecting your applications deployed into production. -The following documentation relates to the DevOps **Secure** stage: +The following documentation relates to the DevOps **Defend** stage: -| Secure topics | Description | +| Defend topics | Description | |:------------------------------------------------------------------------------------------------------|:-----------------------------------------------------------------------| -| [Compliance Dashboard](user/compliance/compliance_dashboard/index.md) **(ULTIMATE)** | View the most recent Merge Request activity in a group. | -| [Container Scanning](user/application_security/container_scanning/index.md) **(ULTIMATE)** | Use Clair to scan Docker images for known vulnerabilities. | -| [Dependency List](user/application_security/dependency_list/index.md) **(ULTIMATE)** | View your project's dependencies and their known vulnerabilities. | -| [Dependency Scanning](user/application_security/dependency_scanning/index.md) **(ULTIMATE)** | Analyze your dependencies for known vulnerabilities. | -| [Dynamic Application Security Testing (DAST)](user/application_security/dast/index.md) **(ULTIMATE)** | Analyze running web applications for known vulnerabilities. | -| [Group Security Dashboard](user/application_security/security_dashboard/index.md#group-security-dashboard) **(ULTIMATE)** | View vulnerabilities in all the projects in a group and its subgroups. | -| [Instance Security Dashboard](user/application_security/security_dashboard/index.md#instance-security-dashboard) **(ULTIMATE)** | View vulnerabilities in all the projects you're interested in. | -| [License Compliance](user/compliance/license_compliance/index.md) **(ULTIMATE)** | Search your project's dependencies for their licenses. | -| [Pipeline Security](user/application_security/security_dashboard/index.md#pipeline-security) **(ULTIMATE)** | View the security reports for your project's pipelines. | -| [Project Security Dashboard](user/application_security/security_dashboard/index.md#project-security-dashboard) **(ULTIMATE)** | View the latest security reports for your project. | -| [Static Application Security Testing (SAST)](user/application_security/sast/index.md) **(ULTIMATE)** | Analyze source code for known vulnerabilities. | +| [Web Application Firewall with ModSecurity](user/compliance/compliance_dashboard/index.md) **(ULTIMATE)** | Filter, monitor, and block HTTP traffic to and from a web application. | +| [Container Host Security](user/clusters/applications.md#install-falco-using-gitlab-cicd) | Detect and respond to security threats at the Kubernetes, network, and host level. | +| [Container Network Security](user/clusters/applications.md#install-cilium-using-gitlab-cicd) | Detect and block unauthorized network traffic between pods and to/from the internet.| ## New to Git and GitLab? diff --git a/doc/administration/reference_architectures/10k_users.md b/doc/administration/reference_architectures/10k_users.md index e10520aaf3d..6349a94eb0e 100644 --- a/doc/administration/reference_architectures/10k_users.md +++ b/doc/administration/reference_architectures/10k_users.md @@ -1,45 +1,50 @@ --- reading_time: true +stage: Enablement +group: Distribution +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers --- # Reference architecture: up to 10,000 users -This page describes GitLab reference architecture for up to 10,000 users. -For a full list of reference architectures, see +This page describes GitLab reference architecture for up to 10,000 users. For a +full list of reference architectures, see [Available reference architectures](index.md#available-reference-architectures). > - **Supported users (approximate):** 10,000 -> - **High Availability:** True -> - **Test RPS rates:** API: 200 RPS, Web: 20 RPS, Git: 20 RPS - -| Service | Nodes | Configuration | GCP | AWS | Azure | -|--------------------------------------------------------------|-------|---------------------------------|------------------|-----------------------|----------------| -| External load balancing node | 1 | 2 vCPU, 1.8GB Memory | `n1-highcpu-2` | `c5.large` | `F2s v2` | -| Consul | 3 | 2 vCPU, 1.8GB Memory | `n1-highcpu-2` | `c5.large` | `F2s v2` | -| PostgreSQL | 3 | 4 vCPU, 15GB Memory | `n1-standard-4` | `m5.xlarge` | `D4s v3` | -| PgBouncer | 3 | 2 vCPU, 1.8GB Memory | `n1-highcpu-2` | `c5.large` | `F2s v2` | -| Internal load balancing node | 1 | 2 vCPU, 1.8GB Memory | `n1-highcpu-2` | `c5.large` | `F2s v2` | -| Redis - Cache | 3 | 4 vCPU, 15GB Memory | `n1-standard-4` | `m5.xlarge` | `D4s v3` | -| Redis - Queues / Shared State | 3 | 4 vCPU, 15GB Memory | `n1-standard-4` | `m5.xlarge` | `D4s v3` | -| Redis Sentinel - Cache | 3 | 1 vCPU, 1.7GB Memory | `g1-small` | `t2.small` | `B1MS` | -| Redis Sentinel - Queues / Shared State | 3 | 1 vCPU, 1.7GB Memory | `g1-small` | `t2.small` | `B1MS` | -| Gitaly | 2 minimum | 16 vCPU, 60GB Memory | `n1-standard-16` | `m5.4xlarge` | `D16s v3` | -| Sidekiq | 4 | 4 vCPU, 15GB Memory | `n1-standard-4` | `m5.xlarge` | `D4s v3` | -| GitLab Rails | 3 | 32 vCPU, 28.8GB Memory | `n1-highcpu-32` | `c5.9xlarge` | `F32s v2` | -| Monitoring node | 1 | 4 vCPU, 3.6GB Memory | `n1-highcpu-4` | `c5.xlarge` | `F4s v2` | -| Object Storage | n/a | n/a | n/a | n/a | n/a | -| NFS Server | 1 | 4 vCPU, 3.6GB Memory | `n1-highcpu-4` | `c5.xlarge` | `F4s v2` | - -The architectures were built and tested with the [Intel Xeon E5 v3 (Haswell)](https://cloud.google.com/compute/docs/cpu-platforms) -CPU platform on GCP. On different hardware you may find that adjustments, either lower -or higher, are required for your CPU or Node counts accordingly. For more information, a -[Sysbench](https://github.com/akopytov/sysbench) benchmark of the CPU can be found -[here](https://gitlab.com/gitlab-org/quality/performance/-/wikis/Reference-Architectures/GCP-CPU-Benchmarks). - -For data objects such as LFS, Uploads, Artifacts, etc., an [object storage service](#configure-the-object-storage) -is recommended over NFS where possible, due to better performance and availability. -Since this doesn't require a node to be set up, it's marked as not applicable (n/a) -in the table above. +> - **High Availability:** Yes +> - **Test requests per second (RPS) rates:** API: 200 RPS, Web: 20 RPS, Git: 20 RPS + +| Service | Nodes | Configuration | GCP | AWS | Azure | +|--------------------------------------------|-------------|-------------------------|-----------------|-------------|----------| +| External load balancing node | 1 | 2 vCPU, 1.8GB memory | n1-highcpu-2 | c5.large | F2s v2 | +| Consul | 3 | 2 vCPU, 1.8GB memory | n1-highcpu-2 | c5.large | F2s v2 | +| PostgreSQL | 3 | 4 vCPU, 15GB memory | n1-standard-4 | m5.xlarge | D4s v3 | +| PgBouncer | 3 | 2 vCPU, 1.8GB memory | n1-highcpu-2 | c5.large | F2s v2 | +| Internal load balancing node | 1 | 2 vCPU, 1.8GB memory | n1-highcpu-2 | c5.large | F2s v2 | +| Redis - Cache | 3 | 4 vCPU, 15GB memory | n1-standard-4 | m5.xlarge | D4s v3 | +| Redis - Queues / Shared State | 3 | 4 vCPU, 15GB memory | n1-standard-4 | m5.xlarge | D4s v3 | +| Redis Sentinel - Cache | 3 | 1 vCPU, 1.7GB memory | g1-small | t2.small | B1MS | +| Redis Sentinel - Queues / Shared State | 3 | 1 vCPU, 1.7GB memory | g1-small | t2.small | B1MS | +| Gitaly | 2 (minimum) | 16 vCPU, 60GB memory | n1-standard-16 | m5.4xlarge | D16s v3 | +| Sidekiq | 4 | 4 vCPU, 15GB memory | n1-standard-4 | m5.xlarge | D4s v3 | +| GitLab Rails | 3 | 32 vCPU, 28.8GB memory | n1-highcpu-32 | c5.9xlarge | F32s v2 | +| Monitoring node | 1 | 4 vCPU, 3.6GB memory | n1-highcpu-4 | c5.xlarge | F4s v2 | +| Object Storage | n/a | n/a | n/a | n/a | n/a | +| NFS Server | 1 | 4 vCPU, 3.6GB memory | n1-highcpu-4 | c5.xlarge | F4s v2 | + +The Google Cloud Platform (GCP) architectures were built and tested using the +[Intel Xeon E5 v3 (Haswell)](https://cloud.google.com/compute/docs/cpu-platforms) +CPU platform. On different hardware you may find that adjustments, either lower +or higher, are required for your CPU or node counts. For more information, see +our [Sysbench](https://github.com/akopytov/sysbench)-based +[CPU benchmark](https://gitlab.com/gitlab-org/quality/performance/-/wikis/Reference-Architectures/GCP-CPU-Benchmarks). + +For data objects (such as LFS, Uploads, or Artifacts), an +[object storage service](#configure-the-object-storage) is recommended instead +of NFS where possible, due to better performance and availability. Since this +doesn't require a node to be set up, *Object Storage* is noted as not +applicable (n/a) in the previous table. ## Setup components diff --git a/doc/administration/reference_architectures/25k_users.md b/doc/administration/reference_architectures/25k_users.md index 23ca22e422a..0027cfcaf82 100644 --- a/doc/administration/reference_architectures/25k_users.md +++ b/doc/administration/reference_architectures/25k_users.md @@ -1,45 +1,50 @@ --- reading_time: true +stage: Enablement +group: Distribution +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers --- # Reference architecture: up to 25,000 users -This page describes GitLab reference architecture for up to 25,000 users. -For a full list of reference architectures, see +This page describes GitLab reference architecture for up to 25,000 users. For a +full list of reference architectures, see [Available reference architectures](index.md#available-reference-architectures). > - **Supported users (approximate):** 25,000 -> - **High Availability:** True -> - **Test RPS rates:** API: 500 RPS, Web: 50 RPS, Git: 50 RPS - -| Service | Nodes | Configuration | GCP | AWS | Azure | -|--------------------------------------------------------------|-------|---------------------------------|------------------|-----------------------|----------------| -| External load balancing node | 1 | 4 vCPU, 3.6GB Memory | `n1-highcpu-4` | `c5.xlarge` | `F4s v2` | -| Consul | 3 | 2 vCPU, 1.8GB Memory | `n1-highcpu-2` | `c5.large` | `F2s v2` | -| PostgreSQL | 3 | 8 vCPU, 30GB Memory | `n1-standard-8` | `m5.2xlarge` | `D8s v3` | -| PgBouncer | 3 | 2 vCPU, 1.8GB Memory | `n1-highcpu-2` | `c5.large` | `F2s v2` | -| Internal load balancing node | 1 | 2 vCPU, 1.8GB Memory | `n1-highcpu-2` | `c5.large` | `F2s v2` | -| Redis - Cache | 3 | 4 vCPU, 15GB Memory | `n1-standard-4` | `m5.xlarge` | `D4s v3` | -| Redis - Queues / Shared State | 3 | 4 vCPU, 15GB Memory | `n1-standard-4` | `m5.xlarge` | `D4s v3` | -| Redis Sentinel - Cache | 3 | 1 vCPU, 1.7GB Memory | `g1-small` | `t2.small` | `B1MS` | -| Redis Sentinel - Queues / Shared State | 3 | 1 vCPU, 1.7GB Memory | `g1-small` | `t2.small` | `B1MS` | -| Gitaly | 2 minimum | 32 vCPU, 120GB Memory | `n1-standard-32` | `m5.8xlarge` | `D32s v3` | -| Sidekiq | 4 | 4 vCPU, 15GB Memory | `n1-standard-4` | `m5.xlarge` | `D4s v3` | -| GitLab Rails | 5 | 32 vCPU, 28.8GB Memory | `n1-highcpu-32` | `c5.9xlarge` | `F32s v2` | -| Monitoring node | 1 | 4 vCPU, 3.6GB Memory | `n1-highcpu-4` | `c5.xlarge` | `F4s v2` | -| Object Storage | n/a | n/a | n/a | n/a | n/a | -| NFS Server | 1 | 4 vCPU, 3.6GB Memory | `n1-highcpu-4` | `c5.xlarge` | `F4s v2` | - -The architectures were built and tested with the [Intel Xeon E5 v3 (Haswell)](https://cloud.google.com/compute/docs/cpu-platforms) -CPU platform on GCP. On different hardware you may find that adjustments, either lower -or higher, are required for your CPU or Node counts accordingly. For more information, a -[Sysbench](https://github.com/akopytov/sysbench) benchmark of the CPU can be found -[here](https://gitlab.com/gitlab-org/quality/performance/-/wikis/Reference-Architectures/GCP-CPU-Benchmarks). - -For data objects such as LFS, Uploads, Artifacts, etc., an [object storage service](#configure-the-object-storage) -is recommended over NFS where possible, due to better performance and availability. -Since this doesn't require a node to be set up, it's marked as not applicable (n/a) -in the table above. +> - **High Availability:** Yes +> - **Test requests per second (RPS) rates:** API: 500 RPS, Web: 50 RPS, Git: 50 RPS + +| Service | Nodes | Configuration | GCP | AWS | Azure | +|-----------------------------------------|-------------|-------------------------|-----------------|-------------|----------| +| External load balancing node | 1 | 4 vCPU, 3.6GB memory | n1-highcpu-4 | c5.xlarge | F4s v2 | +| Consul | 3 | 2 vCPU, 1.8GB memory | n1-highcpu-2 | c5.large | F2s v2 | +| PostgreSQL | 3 | 8 vCPU, 30GB memory | n1-standard-8 | m5.2xlarge | D8s v3 | +| PgBouncer | 3 | 2 vCPU, 1.8GB memory | n1-highcpu-2 | c5.large | F2s v2 | +| Internal load balancing node | 1 | 2 vCPU, 1.8GB memory | n1-highcpu-2 | c5.large | F2s v2 | +| Redis - Cache | 3 | 4 vCPU, 15GB memory | n1-standard-4 | m5.xlarge | D4s v3 | +| Redis - Queues / Shared State | 3 | 4 vCPU, 15GB memory | n1-standard-4 | m5.xlarge | D4s v3 | +| Redis Sentinel - Cache | 3 | 1 vCPU, 1.7GB memory | g1-small | t2.small | B1MS | +| Redis Sentinel - Queues / Shared State | 3 | 1 vCPU, 1.7GB memory | g1-small | t2.small | B1MS | +| Gitaly | 2 (minimum) | 32 vCPU, 120GB memory | n1-standard-32 | m5.8xlarge | D32s v3 | +| Sidekiq | 4 | 4 vCPU, 15GB memory | n1-standard-4 | m5.xlarge | D4s v3 | +| GitLab Rails | 5 | 32 vCPU, 28.8GB memory | n1-highcpu-32 | c5.9xlarge | F32s v2 | +| Monitoring node | 1 | 4 vCPU, 3.6GB memory | n1-highcpu-4 | c5.xlarge | F4s v2 | +| Object Storage | n/a | n/a | n/a | n/a | n/a | +| NFS Server | 1 | 4 vCPU, 3.6GB memory | n1-highcpu-4 | c5.xlarge | F4s v2 | + +The Google Cloud Platform (GCP) architectures were built and tested using the +[Intel Xeon E5 v3 (Haswell)](https://cloud.google.com/compute/docs/cpu-platforms) +CPU platform. On different hardware you may find that adjustments, either lower +or higher, are required for your CPU or node counts. For more information, see +our [Sysbench](https://github.com/akopytov/sysbench)-based +[CPU benchmark](https://gitlab.com/gitlab-org/quality/performance/-/wikis/Reference-Architectures/GCP-CPU-Benchmarks). + +For data objects (such as LFS, Uploads, or Artifacts), an +[object storage service](#configure-the-object-storage) is recommended instead +of NFS where possible, due to better performance and availability. Since this +doesn't require a node to be set up, *Object Storage* is noted as not +applicable (n/a) in the previous table. ## Setup components diff --git a/doc/administration/reference_architectures/50k_users.md b/doc/administration/reference_architectures/50k_users.md index 145ca4be7e0..e795acfaead 100644 --- a/doc/administration/reference_architectures/50k_users.md +++ b/doc/administration/reference_architectures/50k_users.md @@ -1,45 +1,50 @@ --- reading_time: true +stage: Enablement +group: Distribution +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers --- # Reference architecture: up to 50,000 users -This page describes GitLab reference architecture for up to 50,000 users. -For a full list of reference architectures, see +This page describes GitLab reference architecture for up to 50,000 users. For a +full list of reference architectures, see [Available reference architectures](index.md#available-reference-architectures). > - **Supported users (approximate):** 50,000 -> - **High Availability:** True -> - **Test RPS rates:** API: 1000 RPS, Web: 100 RPS, Git: 100 RPS - -| Service | Nodes | Configuration | GCP | AWS | Azure | -|--------------------------------------------------------------|-------|---------------------------------|------------------|-----------------------|----------------| -| External load balancing node | 1 | 8 vCPU, 7.2GB Memory | `n1-highcpu-8` | `c5.2xlarge` | `F8s v2` | -| Consul | 3 | 2 vCPU, 1.8GB Memory | `n1-highcpu-2` | `c5.large` | `F2s v2` | -| PostgreSQL | 3 | 16 vCPU, 60GB Memory | `n1-standard-16` | `m5.4xlarge` | `D16s v3` | -| PgBouncer | 3 | 2 vCPU, 1.8GB Memory | `n1-highcpu-2` | `c5.large` | `F2s v2` | -| Internal load balancing node | 1 | 8 vCPU, 7.2GB Memory | `n1-highcpu-8` | `c5.2xlarge` | `F8s v2` | -| Redis - Cache | 3 | 4 vCPU, 15GB Memory | `n1-standard-4` | `m5.xlarge` | `D4s v3` | -| Redis - Queues / Shared State | 3 | 4 vCPU, 15GB Memory | `n1-standard-4` | `m5.xlarge` | `D4s v3` | -| Redis Sentinel - Cache | 3 | 1 vCPU, 1.7GB Memory | `g1-small` | `t2.small` | `B1MS` | -| Redis Sentinel - Queues / Shared State | 3 | 1 vCPU, 1.7GB Memory | `g1-small` | `t2.small` | `B1MS` | -| Gitaly | 2 minimum | 64 vCPU, 240GB Memory | `n1-standard-64` | `m5.16xlarge` | `D64s v3` | -| Sidekiq | 4 | 4 vCPU, 15GB Memory | `n1-standard-4` | `m5.xlarge` | `D4s v3` | -| GitLab Rails | 12 | 32 vCPU, 28.8GB Memory | `n1-highcpu-32` | `c5.9xlarge` | `F32s v2` | -| Monitoring node | 1 | 4 vCPU, 3.6GB Memory | `n1-highcpu-4` | `c5.xlarge` | `F4s v2` | -| Object Storage | n/a | n/a | n/a | n/a | n/a | -| NFS Server | 1 | 4 vCPU, 3.6GB Memory | `n1-highcpu-4` | `c5.xlarge` | `F4s v2` | - -The architectures were built and tested with the [Intel Xeon E5 v3 (Haswell)](https://cloud.google.com/compute/docs/cpu-platforms) -CPU platform on GCP. On different hardware you may find that adjustments, either lower -or higher, are required for your CPU or Node counts accordingly. For more information, a -[Sysbench](https://github.com/akopytov/sysbench) benchmark of the CPU can be found -[here](https://gitlab.com/gitlab-org/quality/performance/-/wikis/Reference-Architectures/GCP-CPU-Benchmarks). - -For data objects such as LFS, Uploads, Artifacts, etc., an [object storage service](#configure-the-object-storage) -is recommended over NFS where possible, due to better performance and availability. -Since this doesn't require a node to be set up, it's marked as not applicable (n/a) -in the table above. +> - **High Availability:** Yes +> - **Test requests per second (RPS) rates:** API: 1000 RPS, Web: 100 RPS, Git: 100 RPS + +| Service | Nodes | Configuration | GCP | AWS | Azure | +|-----------------------------------------|-------------|-------------------------|-----------------|--------------|----------| +| External load balancing node | 1 | 8 vCPU, 7.2GB memory | n1-highcpu-8 | c5.2xlarge | F8s v2 | +| Consul | 3 | 2 vCPU, 1.8GB memory | n1-highcpu-2 | c5.large | F2s v2 | +| PostgreSQL | 3 | 16 vCPU, 60GB memory | n1-standard-16 | m5.4xlarge | D16s v3 | +| PgBouncer | 3 | 2 vCPU, 1.8GB memory | n1-highcpu-2 | c5.large | F2s v2 | +| Internal load balancing node | 1 | 8 vCPU, 7.2GB memory | n1-highcpu-8 | c5.2xlarge | F8s v2 | +| Redis - Cache | 3 | 4 vCPU, 15GB memory | n1-standard-4 | m5.xlarge | D4s v3 | +| Redis - Queues / Shared State | 3 | 4 vCPU, 15GB memory | n1-standard-4 | m5.xlarge | D4s v3 | +| Redis Sentinel - Cache | 3 | 1 vCPU, 1.7GB memory | g1-small | t2.small | B1MS | +| Redis Sentinel - Queues / Shared State | 3 | 1 vCPU, 1.7GB memory | g1-small | t2.small | B1MS | +| Gitaly | 2 (minimum) | 64 vCPU, 240GB memory | n1-standard-64 | m5.16xlarge | D64s v3 | +| Sidekiq | 4 | 4 vCPU, 15GB memory | n1-standard-4 | m5.xlarge | D4s v3 | +| GitLab Rails | 12 | 32 vCPU, 28.8GB memory | n1-highcpu-32 | c5.9xlarge | F32s v2 | +| Monitoring node | 1 | 4 vCPU, 3.6GB memory | n1-highcpu-4 | c5.xlarge | F4s v2 | +| Object Storage | n/a | n/a | n/a | n/a | n/a | +| NFS Server | 1 | 4 vCPU, 3.6GB memory | n1-highcpu-4 | c5.xlarge | F4s v2 | + +The Google Cloud Platform (GCP) architectures were built and tested using the +[Intel Xeon E5 v3 (Haswell)](https://cloud.google.com/compute/docs/cpu-platforms) +CPU platform. On different hardware you may find that adjustments, either lower +or higher, are required for your CPU or node counts. For more information, see +our [Sysbench](https://github.com/akopytov/sysbench)-based +[CPU benchmark](https://gitlab.com/gitlab-org/quality/performance/-/wikis/Reference-Architectures/GCP-CPU-Benchmarks). + +For data objects (such as LFS, Uploads, or Artifacts), an +[object storage service](#configure-the-object-storage) is recommended instead +of NFS where possible, due to better performance and availability. Since this +doesn't require a node to be set up, *Object Storage* is noted as not +applicable (n/a) in the previous table. ## Setup components diff --git a/doc/img/devops-stages-13_3.png b/doc/img/devops-stages-13_3.png Binary files differnew file mode 100644 index 00000000000..fe4def8d075 --- /dev/null +++ b/doc/img/devops-stages-13_3.png diff --git a/doc/img/devops-stages.png b/doc/img/devops-stages.png Binary files differdeleted file mode 100644 index 2fa5357062c..00000000000 --- a/doc/img/devops-stages.png +++ /dev/null diff --git a/doc/operations/feature_flags.md b/doc/operations/feature_flags.md index 8348f8e6295..46a57e72484 100644 --- a/doc/operations/feature_flags.md +++ b/doc/operations/feature_flags.md @@ -140,6 +140,14 @@ Enables the feature for lists of users created [in the Feature Flags UI](#create Similar to [User IDs](#user-ids), it uses the Unleash [`userWithId`](https://unleash.github.io/docs/activation_strategy#userwithid) activation strategy. +It's not possible to *disable* a feature for members of a user list, but you can achieve the same +effect by enabling a feature for a user list that doesn't contain the excluded users. + +For example: + +- `Full-user-list` = `User1A, User1B, User2A, User2B, User3A, User3B, ...` +- `Full-user-list-excluding-B-users` = `User1A, User2A, User3A, ...` + #### Create a user list > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/13308) in GitLab 13.3. diff --git a/doc/user/application_security/dast/index.md b/doc/user/application_security/dast/index.md index d68928d858b..0b52aa6e468 100644 --- a/doc/user/application_security/dast/index.md +++ b/doc/user/application_security/dast/index.md @@ -608,8 +608,11 @@ Alternatively, you can use the variable `SECURE_ANALYZERS_PREFIX` to override th > - It's able to be enabled or disabled per-project. > - To use it in GitLab self-managed instances, ask a GitLab administrator to [enable it](#enable-or-disable-on-demand-scans). -Passive DAST scans may be run on demand against a target website, outside the DevOps lifecycle. These scans will -always be associated with the default or `master` branch of your project and the results can be seen in the project dashboard. +Passive DAST scans may be run on demand against a target website, outside the DevOps lifecycle. These scans are +always associated with the default or `master` branch of your project and the results can be seen in the project dashboard. + +NOTE: **Note:** +You cannot run an on-demand DAST scan against a protected branch unless you have permission to do so. The `master` branch is protected by default. For more details, see [Pipeline security on protected branches](../../../ci/pipelines/index.md#pipeline-security-on-protected-branches).  diff --git a/doc/user/project/issues/design_management.md b/doc/user/project/issues/design_management.md index ce9d366811c..5b92f146e4b 100644 --- a/doc/user/project/issues/design_management.md +++ b/doc/user/project/issues/design_management.md @@ -1,7 +1,8 @@ # Design Management > - [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/660) in [GitLab Premium](https://about.gitlab.com/pricing/) 12.2. -> - [Moved](https://gitlab.com/gitlab-org/gitlab/-/issues/212566) to GitLab Core in 13.0. +> - Support for SVGs was [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/12771) in [GitLab Premium](https://about.gitlab.com/pricing/) 12.4. +> - Design Management was [moved](https://gitlab.com/gitlab-org/gitlab/-/issues/212566) to GitLab Core in 13.0. ## Overview @@ -41,10 +42,9 @@ If the requirements are not met, the **Designs** tab displays a message to the u ## Supported files Files uploaded must have a file extension of either `png`, `jpg`, `jpeg`, -`gif`, `bmp`, `tiff` or `ico`. +`gif`, `bmp`, `tiff`, `ico`, or `svg`. -Support for [SVG files](https://gitlab.com/gitlab-org/gitlab/-/issues/12771) -and [PDFs](https://gitlab.com/gitlab-org/gitlab/-/issues/32811) is planned for a future release. +Support for [PDF](https://gitlab.com/gitlab-org/gitlab/issues/32811) is planned for a future release. ## Limitations diff --git a/doc/user/search/advanced_global_search.md b/doc/user/search/advanced_global_search.md index c8ef1d9e5af..820d66e4cd6 100644 --- a/doc/user/search/advanced_global_search.md +++ b/doc/user/search/advanced_global_search.md @@ -22,20 +22,20 @@ visit the [administrator documentation](../../integration/elasticsearch.md). The Advanced Global Search in GitLab is a powerful search service that saves you time. Instead of creating duplicate code and wasting time, you can -now search for code within other teams that can help your own project. +now search for code within other projects that can help your own project. GitLab leverages the search capabilities of [Elasticsearch](https://www.elastic.co/elasticsearch/) and enables it when searching in: - Projects -- Repositories -- Commits - Issues - Merge requests - Milestones -- Notes (comments) -- Snippets +- Comments +- Code +- Commits - Wiki +- Users ## Use cases diff --git a/spec/frontend/design_management/pages/design/__snapshots__/index_spec.js.snap b/spec/frontend/design_management/pages/design/__snapshots__/index_spec.js.snap index 83bcebd513e..346309e10a2 100644 --- a/spec/frontend/design_management/pages/design/__snapshots__/index_spec.js.snap +++ b/spec/frontend/design_management/pages/design/__snapshots__/index_spec.js.snap @@ -41,7 +41,7 @@ exports[`Design management design index page renders design index 1`] = ` </h2> <a - class="gl-text-gray-600 gl-text-decoration-none gl-mb-6 gl-display-block" + class="gl-text-gray-400 gl-text-decoration-none gl-mb-6 gl-display-block" href="full-issue-url" > ull-issue-path @@ -188,7 +188,7 @@ exports[`Design management design index page with error GlAlert is rendered in c </h2> <a - class="gl-text-gray-600 gl-text-decoration-none gl-mb-6 gl-display-block" + class="gl-text-gray-400 gl-text-decoration-none gl-mb-6 gl-display-block" href="full-issue-url" > ull-issue-path diff --git a/spec/frontend/design_management/utils/error_messages_spec.js b/spec/frontend/design_management/utils/error_messages_spec.js index 635ff931d7d..4c19d6b419f 100644 --- a/spec/frontend/design_management/utils/error_messages_spec.js +++ b/spec/frontend/design_management/utils/error_messages_spec.js @@ -55,7 +55,7 @@ describe('Error message', () => { 'Upload skipped. Some of the designs you tried uploading did not change: 1.jpg, 2.jpg, 3.jpg, 4.jpg, 5.jpg, and 2 more.', ], ])('designUploadSkippedWarning', (uploadedFiles, skippedFiles, expected) => { - test('returns expected warning message', () => { + it('returns expected warning message', () => { expect(designUploadSkippedWarning(uploadedFiles, skippedFiles)).toBe(expected); }); }); diff --git a/spec/frontend/design_management_legacy/pages/design/__snapshots__/index_spec.js.snap b/spec/frontend/design_management_legacy/pages/design/__snapshots__/index_spec.js.snap index 65c4811536e..3aa414382d6 100644 --- a/spec/frontend/design_management_legacy/pages/design/__snapshots__/index_spec.js.snap +++ b/spec/frontend/design_management_legacy/pages/design/__snapshots__/index_spec.js.snap @@ -41,7 +41,7 @@ exports[`Design management design index page renders design index 1`] = ` </h2> <a - class="gl-text-gray-600 gl-text-decoration-none gl-mb-6 gl-display-block" + class="gl-text-gray-400 gl-text-decoration-none gl-mb-6 gl-display-block" href="full-issue-url" > ull-issue-path @@ -188,7 +188,7 @@ exports[`Design management design index page with error GlAlert is rendered in c </h2> <a - class="gl-text-gray-600 gl-text-decoration-none gl-mb-6 gl-display-block" + class="gl-text-gray-400 gl-text-decoration-none gl-mb-6 gl-display-block" href="full-issue-url" > ull-issue-path diff --git a/spec/frontend/ide/lib/languages/vue_spec.js b/spec/frontend/ide/lib/languages/vue_spec.js index 3d8784c1436..ba5c31bb101 100644 --- a/spec/frontend/ide/lib/languages/vue_spec.js +++ b/spec/frontend/ide/lib/languages/vue_spec.js @@ -9,7 +9,7 @@ describe('tokenization for .vue files', () => { registerLanguages(vue); }); - test.each([ + it.each([ [ '<div v-if="something">content</div>', [ diff --git a/spec/frontend/monitoring/components/dashboard_header_spec.js b/spec/frontend/monitoring/components/dashboard_header_spec.js index 7a704de427e..d67848aa0c0 100644 --- a/spec/frontend/monitoring/components/dashboard_header_spec.js +++ b/spec/frontend/monitoring/components/dashboard_header_spec.js @@ -436,7 +436,7 @@ describe('Dashboard header', () => { }); }); - test.each(systemDashboards)('is rendered for system dashboards', dashboardPath => { + it.each(systemDashboards)('is rendered for system dashboards', dashboardPath => { setupAllDashboards(store, dashboardPath); return wrapper.vm.$nextTick(() => { @@ -444,7 +444,7 @@ describe('Dashboard header', () => { }); }); - test.each(nonSystemDashboards)('is not rendered for non-system dashboards', dashboardPath => { + it.each(nonSystemDashboards)('is not rendered for non-system dashboards', dashboardPath => { setupAllDashboards(store, dashboardPath); return wrapper.vm.$nextTick(() => { diff --git a/spec/frontend/monitoring/components/group_empty_state_spec.js b/spec/frontend/monitoring/components/group_empty_state_spec.js index e8ef8192067..90bd6f67196 100644 --- a/spec/frontend/monitoring/components/group_empty_state_spec.js +++ b/spec/frontend/monitoring/components/group_empty_state_spec.js @@ -24,7 +24,7 @@ describe('GroupEmptyState', () => { 'FOO STATE', // does not fail with unknown states ]; - test.each(supportedStates)('Renders an empty state for %s', selectedState => { + it.each(supportedStates)('Renders an empty state for %s', selectedState => { const wrapper = createComponent({ selectedState }); expect(wrapper.element).toMatchSnapshot(); diff --git a/spec/frontend/vue_mr_widget/components/states/mr_widget_squash_before_merge_spec.js b/spec/frontend/vue_mr_widget/components/states/mr_widget_squash_before_merge_spec.js index 1542b0939aa..4c213899dbd 100644 --- a/spec/frontend/vue_mr_widget/components/states/mr_widget_squash_before_merge_spec.js +++ b/spec/frontend/vue_mr_widget/components/states/mr_widget_squash_before_merge_spec.js @@ -79,7 +79,7 @@ describe('Squash before merge component', () => { }); it(expectation, () => { - expect(findLabel().classes('gl-text-gray-600')).toBe(isDisabled); + expect(findLabel().classes('gl-text-gray-400')).toBe(isDisabled); }); }); }); diff --git a/spec/workers/gitlab/import/stuck_project_import_jobs_worker_spec.rb b/spec/workers/gitlab/import/stuck_project_import_jobs_worker_spec.rb index 510c41cba21..d12d5a605a7 100644 --- a/spec/workers/gitlab/import/stuck_project_import_jobs_worker_spec.rb +++ b/spec/workers/gitlab/import/stuck_project_import_jobs_worker_spec.rb @@ -10,7 +10,7 @@ RSpec.describe Gitlab::Import::StuckProjectImportJobsWorker do let(:import_state) { create(:project, :import_scheduled).import_state } before do - import_state.update(jid: '123') + import_state.update!(jid: '123') end end end @@ -20,7 +20,7 @@ RSpec.describe Gitlab::Import::StuckProjectImportJobsWorker do let(:import_state) { create(:project, :import_started).import_state } before do - import_state.update(jid: '123') + import_state.update!(jid: '123') end end end diff --git a/spec/workers/gitlab/jira_import/stuck_jira_import_jobs_worker_spec.rb b/spec/workers/gitlab/jira_import/stuck_jira_import_jobs_worker_spec.rb index 8271af4db2f..7f1cb8a2076 100644 --- a/spec/workers/gitlab/jira_import/stuck_jira_import_jobs_worker_spec.rb +++ b/spec/workers/gitlab/jira_import/stuck_jira_import_jobs_worker_spec.rb @@ -12,7 +12,7 @@ RSpec.describe ::Gitlab::JiraImport::StuckJiraImportJobsWorker do let(:import_state) { create(:jira_import_state, :scheduled, project: project) } before do - import_state.update(jid: '123') + import_state.update!(jid: '123') end end end @@ -22,7 +22,7 @@ RSpec.describe ::Gitlab::JiraImport::StuckJiraImportJobsWorker do let(:import_state) { create(:jira_import_state, :started, project: project) } before do - import_state.update(jid: '123') + import_state.update!(jid: '123') end end end diff --git a/spec/workers/migrate_external_diffs_worker_spec.rb b/spec/workers/migrate_external_diffs_worker_spec.rb index 86d4680acbe..36669b4e694 100644 --- a/spec/workers/migrate_external_diffs_worker_spec.rb +++ b/spec/workers/migrate_external_diffs_worker_spec.rb @@ -17,7 +17,7 @@ RSpec.describe MigrateExternalDiffsWorker do end it 'does nothing if the diff is missing' do - diff.destroy + diff.destroy! worker.perform(diff.id) end diff --git a/spec/workers/namespaceless_project_destroy_worker_spec.rb b/spec/workers/namespaceless_project_destroy_worker_spec.rb index ef396bc7fbb..618cd9cabe9 100644 --- a/spec/workers/namespaceless_project_destroy_worker_spec.rb +++ b/spec/workers/namespaceless_project_destroy_worker_spec.rb @@ -60,7 +60,7 @@ RSpec.describe NamespacelessProjectDestroyWorker do let!(:parent_project) { create(:project) } let(:project) do namespaceless_project = fork_project(parent_project) - namespaceless_project.save + namespaceless_project.save! namespaceless_project end diff --git a/spec/workers/namespaces/root_statistics_worker_spec.rb b/spec/workers/namespaces/root_statistics_worker_spec.rb index 0c6e3e89973..a97a850bbcf 100644 --- a/spec/workers/namespaces/root_statistics_worker_spec.rb +++ b/spec/workers/namespaces/root_statistics_worker_spec.rb @@ -51,7 +51,7 @@ RSpec.describe Namespaces::RootStatisticsWorker, '#perform' do context 'with no namespace' do before do - group.destroy + group.destroy! end it 'does not execute the refresher service' do @@ -64,7 +64,7 @@ RSpec.describe Namespaces::RootStatisticsWorker, '#perform' do context 'with a namespace with no aggregation scheduled' do before do - group.aggregation_schedule.destroy + group.aggregation_schedule.destroy! end it 'does not execute the refresher service' do diff --git a/spec/workers/pages_domain_verification_worker_spec.rb b/spec/workers/pages_domain_verification_worker_spec.rb index 74b9730f7c1..6d2f9ee2f8d 100644 --- a/spec/workers/pages_domain_verification_worker_spec.rb +++ b/spec/workers/pages_domain_verification_worker_spec.rb @@ -16,7 +16,7 @@ RSpec.describe PagesDomainVerificationWorker do end it 'does nothing for a non-existent domain' do - domain.destroy + domain.destroy! expect(VerifyPagesDomainService).not_to receive(:new) diff --git a/spec/workers/process_commit_worker_spec.rb b/spec/workers/process_commit_worker_spec.rb index a33ee6e1da5..7a168bf054e 100644 --- a/spec/workers/process_commit_worker_spec.rb +++ b/spec/workers/process_commit_worker_spec.rb @@ -160,7 +160,7 @@ RSpec.describe ProcessCommitWorker do context 'when issue has first_mentioned_in_commit_at earlier than given committed_date' do before do - issue.metrics.update(first_mentioned_in_commit_at: commit.committed_date - 1.day) + issue.metrics.update!(first_mentioned_in_commit_at: commit.committed_date - 1.day) end it "doesn't update issue metrics" do @@ -170,7 +170,7 @@ RSpec.describe ProcessCommitWorker do context 'when issue has first_mentioned_in_commit_at later than given committed_date' do before do - issue.metrics.update(first_mentioned_in_commit_at: commit.committed_date + 1.day) + issue.metrics.update!(first_mentioned_in_commit_at: commit.committed_date + 1.day) end it "doesn't update issue metrics" do diff --git a/spec/workers/propagate_integration_worker_spec.rb b/spec/workers/propagate_integration_worker_spec.rb index a0fdd37b3c0..3fe76f14750 100644 --- a/spec/workers/propagate_integration_worker_spec.rb +++ b/spec/workers/propagate_integration_worker_spec.rb @@ -5,7 +5,7 @@ require 'spec_helper' RSpec.describe PropagateIntegrationWorker do describe '#perform' do let(:integration) do - PushoverService.create( + PushoverService.create!( template: true, active: true, device: 'MyDevice', diff --git a/spec/workers/propagate_service_template_worker_spec.rb b/spec/workers/propagate_service_template_worker_spec.rb index 4cba313a23f..48151b25d4b 100644 --- a/spec/workers/propagate_service_template_worker_spec.rb +++ b/spec/workers/propagate_service_template_worker_spec.rb @@ -7,7 +7,7 @@ RSpec.describe PropagateServiceTemplateWorker do describe '#perform' do it 'calls the propagate service with the template' do - template = PushoverService.create( + template = PushoverService.create!( template: true, active: true, properties: { diff --git a/spec/workers/remove_unreferenced_lfs_objects_worker_spec.rb b/spec/workers/remove_unreferenced_lfs_objects_worker_spec.rb index e716d4806d3..d6a093a6b51 100644 --- a/spec/workers/remove_unreferenced_lfs_objects_worker_spec.rb +++ b/spec/workers/remove_unreferenced_lfs_objects_worker_spec.rb @@ -46,7 +46,7 @@ RSpec.describe RemoveUnreferencedLfsObjectsWorker do end it 'removes unreferenced lfs objects after project removal' do - project1.destroy + project1.destroy! worker.perform diff --git a/spec/workers/repository_check/single_repository_worker_spec.rb b/spec/workers/repository_check/single_repository_worker_spec.rb index 28e3f43d374..205d7c08f54 100644 --- a/spec/workers/repository_check/single_repository_worker_spec.rb +++ b/spec/workers/repository_check/single_repository_worker_spec.rb @@ -86,7 +86,7 @@ RSpec.describe RepositoryCheck::SingleRepositoryWorker do end def create_push_event(project) - project.events.create(action: :pushed, author_id: create(:user).id) + project.events.create!(action: :pushed, author_id: create(:user).id) end def break_wiki(project) diff --git a/spec/workers/repository_cleanup_worker_spec.rb b/spec/workers/repository_cleanup_worker_spec.rb index 41bfeabb7f3..f5887d08bd2 100644 --- a/spec/workers/repository_cleanup_worker_spec.rb +++ b/spec/workers/repository_cleanup_worker_spec.rb @@ -25,13 +25,13 @@ RSpec.describe RepositoryCleanupWorker do end it 'raises an error if the project cannot be found' do - project.destroy + project.destroy! expect { worker.perform(project.id, user.id) }.to raise_error(ActiveRecord::RecordNotFound) end it 'raises an error if the user cannot be found' do - user.destroy + user.destroy! expect { worker.perform(project.id, user.id) }.to raise_error(ActiveRecord::RecordNotFound) end diff --git a/spec/workers/repository_import_worker_spec.rb b/spec/workers/repository_import_worker_spec.rb index a2c19debdfd..4a80f4f9da6 100644 --- a/spec/workers/repository_import_worker_spec.rb +++ b/spec/workers/repository_import_worker_spec.rb @@ -49,7 +49,7 @@ RSpec.describe RepositoryImportWorker do it 'hide the credentials that were used in the import URL' do error = %q{remote: Not Found fatal: repository 'https://user:pass@test.com/root/repoC.git/' not found } - import_state.update(jid: '123') + import_state.update!(jid: '123') expect_next_instance_of(Projects::ImportService) do |instance| expect(instance).to receive(:execute).and_return({ status: :error, message: error }) end @@ -63,8 +63,8 @@ RSpec.describe RepositoryImportWorker do it 'updates the error on Import/Export' do error = %q{remote: Not Found fatal: repository 'https://user:pass@test.com/root/repoC.git/' not found } - project.update(import_type: 'gitlab_project') - import_state.update(jid: '123') + project.update!(import_type: 'gitlab_project') + import_state.update!(jid: '123') expect_next_instance_of(Projects::ImportService) do |instance| expect(instance).to receive(:execute).and_return({ status: :error, message: error }) end diff --git a/spec/workers/repository_update_remote_mirror_worker_spec.rb b/spec/workers/repository_update_remote_mirror_worker_spec.rb index 37eed57cf2e..c6e667097ec 100644 --- a/spec/workers/repository_update_remote_mirror_worker_spec.rb +++ b/spec/workers/repository_update_remote_mirror_worker_spec.rb @@ -26,7 +26,7 @@ RSpec.describe RepositoryUpdateRemoteMirrorWorker, :clean_gitlab_redis_shared_st end it 'does not do anything if the mirror was already updated' do - remote_mirror.update(last_update_started_at: Time.current, update_status: :finished) + remote_mirror.update!(last_update_started_at: Time.current, update_status: :finished) expect(Projects::UpdateRemoteMirrorService).not_to receive(:new) diff --git a/spec/workers/stuck_ci_jobs_worker_spec.rb b/spec/workers/stuck_ci_jobs_worker_spec.rb index b96d506771d..24d3b6fadf5 100644 --- a/spec/workers/stuck_ci_jobs_worker_spec.rb +++ b/spec/workers/stuck_ci_jobs_worker_spec.rb @@ -132,7 +132,7 @@ RSpec.describe StuckCiJobsWorker do let(:updated_at) { 2.days.ago } before do - job.project.update(pending_delete: true) + job.project.update!(pending_delete: true) end it 'does drop job' do diff --git a/spec/workers/update_head_pipeline_for_merge_request_worker_spec.rb b/spec/workers/update_head_pipeline_for_merge_request_worker_spec.rb index e6f4f415987..5ed600e308b 100644 --- a/spec/workers/update_head_pipeline_for_merge_request_worker_spec.rb +++ b/spec/workers/update_head_pipeline_for_merge_request_worker_spec.rb @@ -29,7 +29,7 @@ RSpec.describe UpdateHeadPipelineForMergeRequestWorker do context 'when merge request sha does not equal pipeline sha' do before do - merge_request.merge_request_diff.update(head_commit_sha: Digest::SHA1.hexdigest(SecureRandom.hex)) + merge_request.merge_request_diff.update!(head_commit_sha: Digest::SHA1.hexdigest(SecureRandom.hex)) end it 'does not update head pipeline' do |
