summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGitLab Bot <gitlab-bot@gitlab.com>2021-02-17 06:09:21 +0000
committerGitLab Bot <gitlab-bot@gitlab.com>2021-02-17 06:09:21 +0000
commit3c97422b098235bca250f738922dab9c861f0ee7 (patch)
tree5b3a1b25c5e203b6fb9ab569c578d745f93aff0a
parent38c3d3255398d615cf93867cb82902c3d2cb65a5 (diff)
downloadgitlab-ce-3c97422b098235bca250f738922dab9c861f0ee7.tar.gz
Add latest changes from gitlab-org/gitlab@master
Diffstat
-rw-r--r--app/assets/javascripts/releases/components/release_block_header.vue17
-rw-r--r--app/assets/javascripts/vue_merge_request_widget/queries/get_state.query.graphql1
-rw-r--r--app/assets/javascripts/vue_merge_request_widget/stores/mr_widget_store.js5
-rw-r--r--app/assets/stylesheets/page_bundles/_ide_theme_overrides.scss1
-rw-r--r--app/graphql/types/ci/pipeline_type.rb3
-rw-r--r--app/services/alert_management/process_prometheus_alert_service.rb17
-rw-r--r--app/services/concerns/alert_management/alert_processing.rb6
-rw-r--r--changelogs/unreleased/feat-release-tooltip-for-guest-users.yml5
-rw-r--r--changelogs/unreleased/ph-ph-fixWidgetGraphqlPipelineWarnings.yml5
-rw-r--r--changelogs/unreleased/skr-ide.yml5
-rw-r--r--changelogs/unreleased/sy-remove-alert-retriggering.yml6
-rw-r--r--doc/.vale/gitlab/Admin.yml5
-rw-r--r--doc/api/graphql/reference/gitlab_schema.graphql5
-rw-r--r--doc/api/graphql/reference/gitlab_schema.json18
-rw-r--r--doc/api/graphql/reference/index.md1
-rw-r--r--doc/ci/README.md4
-rw-r--r--doc/ci/introduction/index.md124
-rw-r--r--doc/user/application_security/dast/index.md22
-rw-r--r--doc/user/application_security/dependency_scanning/index.md5
-rw-r--r--doc/user/group/bulk_editing/index.md10
-rw-r--r--doc/user/project/bulk_editing.md7
-rw-r--r--lib/gitlab/kroki.rb5
-rw-r--r--locale/gitlab.pot3
-rw-r--r--spec/graphql/types/ci/pipeline_type_spec.rb2
-rw-r--r--spec/lib/gitlab/url_blocker_spec.rb15
-rw-r--r--spec/services/alert_management/process_prometheus_alert_service_spec.rb45
-rw-r--r--spec/support/shared_examples/alert_notification_service_shared_examples.rb18
27 files changed, 186 insertions, 174 deletions
diff --git a/app/assets/javascripts/releases/components/release_block_header.vue b/app/assets/javascripts/releases/components/release_block_header.vue
index 65b68c93e35..356fc0f3bf3 100644
--- a/app/assets/javascripts/releases/components/release_block_header.vue
+++ b/app/assets/javascripts/releases/components/release_block_header.vue
@@ -1,5 +1,5 @@
<script>
-import { GlTooltipDirective, GlLink, GlBadge, GlButton } from '@gitlab/ui';
+import { GlTooltipDirective, GlLink, GlBadge, GlButton, GlIcon } from '@gitlab/ui';
import { setUrlParams } from '~/lib/utils/url_utility';
import { BACK_URL_PARAM } from '~/releases/constants';
@@ -9,6 +9,7 @@ export default {
GlLink,
GlBadge,
GlButton,
+ GlIcon,
},
directives: {
GlTooltip: GlTooltipDirective,
@@ -44,7 +45,19 @@ export default {
<gl-link v-if="selfLink" :href="selfLink" class="font-size-inherit">
{{ release.name }}
</gl-link>
- <template v-else>{{ release.name }}</template>
+ <template v-else>
+ {{ release.name }}
+ <gl-icon
+ v-gl-tooltip
+ name="lock"
+ :title="
+ __(
+ 'Private - Guest users are not allowed to view detailed release information like title and source code.',
+ )
+ "
+ class="text-secondary gl-mb-2"
+ />
+ </template>
<gl-badge v-if="release.upcomingRelease" variant="warning" class="align-middle">{{
__('Upcoming Release')
}}</gl-badge>
diff --git a/app/assets/javascripts/vue_merge_request_widget/queries/get_state.query.graphql b/app/assets/javascripts/vue_merge_request_widget/queries/get_state.query.graphql
index b284bb23969..13ea07884b1 100644
--- a/app/assets/javascripts/vue_merge_request_widget/queries/get_state.query.graphql
+++ b/app/assets/javascripts/vue_merge_request_widget/queries/get_state.query.graphql
@@ -14,6 +14,7 @@ query getState($projectPath: ID!, $iid: String!) {
pipelines(first: 1) {
nodes {
status
+ warnings
}
}
shouldBeRebased
diff --git a/app/assets/javascripts/vue_merge_request_widget/stores/mr_widget_store.js b/app/assets/javascripts/vue_merge_request_widget/stores/mr_widget_store.js
index 78a17493d31..a0f14f558d2 100644
--- a/app/assets/javascripts/vue_merge_request_widget/stores/mr_widget_store.js
+++ b/app/assets/javascripts/vue_merge_request_widget/stores/mr_widget_store.js
@@ -172,6 +172,11 @@ export default class MergeRequestStore {
this.canBeMerged = mergeRequest.mergeStatus === 'can_be_merged';
this.canMerge = mergeRequest.userPermissions.canMerge;
this.ciStatus = pipeline?.status.toLowerCase();
+
+ if (pipeline?.warnings && this.ciStatus === 'success') {
+ this.ciStatus = `${this.ciStatus}-with-warnings`;
+ }
+
this.commitsCount = mergeRequest.commitCount || 10;
this.branchMissing = !mergeRequest.sourceBranchExists || !mergeRequest.targetBranchExists;
this.hasConflicts = mergeRequest.conflicts;
diff --git a/app/assets/stylesheets/page_bundles/_ide_theme_overrides.scss b/app/assets/stylesheets/page_bundles/_ide_theme_overrides.scss
index 8d34f35502e..7336d555f79 100644
--- a/app/assets/stylesheets/page_bundles/_ide_theme_overrides.scss
+++ b/app/assets/stylesheets/page_bundles/_ide_theme_overrides.scss
@@ -253,7 +253,6 @@
.btn-default:not(.gl-button),
.dropdown,
.dropdown-menu-toggle {
- background-color: var(--ide-input-background, $white) !important;
color: var(--ide-input-color, $gl-text-color) !important;
border-color: var(--ide-btn-default-border, $border-color);
}
diff --git a/app/graphql/types/ci/pipeline_type.rb b/app/graphql/types/ci/pipeline_type.rb
index af7e0fa224f..2c386c9b564 100644
--- a/app/graphql/types/ci/pipeline_type.rb
+++ b/app/graphql/types/ci/pipeline_type.rb
@@ -27,6 +27,9 @@ module Types
field :status, PipelineStatusEnum, null: false,
description: "Status of the pipeline (#{::Ci::Pipeline.all_state_names.compact.join(', ').upcase})"
+ field :warnings, GraphQL::BOOLEAN_TYPE, null: false, method: :has_warnings?,
+ description: "Indicates if a pipeline has warnings."
+
field :detailed_status, Types::Ci::DetailedStatusType, null: false,
description: 'Detailed status of the pipeline.'
diff --git a/app/services/alert_management/process_prometheus_alert_service.rb b/app/services/alert_management/process_prometheus_alert_service.rb
index 545c5581f72..0591376bcdf 100644
--- a/app/services/alert_management/process_prometheus_alert_service.rb
+++ b/app/services/alert_management/process_prometheus_alert_service.rb
@@ -32,23 +32,6 @@ module AlertManagement
super
end
- override :process_firing_alert
- def process_firing_alert
- super
-
- reset_alert_status
- end
-
- def reset_alert_status
- return if alert.trigger
-
- logger.warn(
- message: 'Unable to update AlertManagement::Alert status to triggered',
- project_id: project.id,
- alert_id: alert.id
- )
- end
-
override :incoming_payload
def incoming_payload
strong_memoize(:incoming_payload) do
diff --git a/app/services/concerns/alert_management/alert_processing.rb b/app/services/concerns/alert_management/alert_processing.rb
index 3d64758b11a..9b15c5d7b4b 100644
--- a/app/services/concerns/alert_management/alert_processing.rb
+++ b/app/services/concerns/alert_management/alert_processing.rb
@@ -29,7 +29,7 @@ module AlertManagement
# Creates or closes issue for alert and notifies stakeholders
def complete_post_processing_tasks
process_incident_issues if process_issues?
- send_alert_email if send_email?
+ send_alert_email if send_email? && notifying_alert?
end
def process_existing_alert
@@ -116,6 +116,10 @@ module AlertManagement
incoming_payload.ends_at.present?
end
+ def notifying_alert?
+ alert.triggered? || alert.resolved?
+ end
+
def alert_source
alert.monitoring_tool
end
diff --git a/changelogs/unreleased/feat-release-tooltip-for-guest-users.yml b/changelogs/unreleased/feat-release-tooltip-for-guest-users.yml
new file mode 100644
index 00000000000..22cef8bd01f
--- /dev/null
+++ b/changelogs/unreleased/feat-release-tooltip-for-guest-users.yml
@@ -0,0 +1,5 @@
+---
+title: Add release tooltip for guest users
+merge_request: 53722
+author: Jonas Wälter @wwwjon
+type: changed
diff --git a/changelogs/unreleased/ph-ph-fixWidgetGraphqlPipelineWarnings.yml b/changelogs/unreleased/ph-ph-fixWidgetGraphqlPipelineWarnings.yml
new file mode 100644
index 00000000000..a1fb41ac716
--- /dev/null
+++ b/changelogs/unreleased/ph-ph-fixWidgetGraphqlPipelineWarnings.yml
@@ -0,0 +1,5 @@
+---
+title: Added warnings field to the pipelines GraphQL type
+merge_request: 54296
+author:
+type: added
diff --git a/changelogs/unreleased/skr-ide.yml b/changelogs/unreleased/skr-ide.yml
new file mode 100644
index 00000000000..0af94cc0783
--- /dev/null
+++ b/changelogs/unreleased/skr-ide.yml
@@ -0,0 +1,5 @@
+---
+title: Removed ugly border around ellipsis dropdown Gitlab IDE
+merge_request: 53963
+author: Shubham Kumar @imskr
+type: fixed
diff --git a/changelogs/unreleased/sy-remove-alert-retriggering.yml b/changelogs/unreleased/sy-remove-alert-retriggering.yml
new file mode 100644
index 00000000000..0bc5f23119c
--- /dev/null
+++ b/changelogs/unreleased/sy-remove-alert-retriggering.yml
@@ -0,0 +1,6 @@
+---
+title: Stop notifying users of acknowledged alerts and stop changing the status of
+ acknowledged Prometheus alerts to Triggered
+merge_request: 53330
+author:
+type: changed
diff --git a/doc/.vale/gitlab/Admin.yml b/doc/.vale/gitlab/Admin.yml
index dbbdb34a8e7..d74621bde8e 100644
--- a/doc/.vale/gitlab/Admin.yml
+++ b/doc/.vale/gitlab/Admin.yml
@@ -5,10 +5,9 @@
#
# For a list of all options, see https://errata-ai.gitbook.io/vale/getting-started/styles
extends: substitution
-message: 'Use "administration", "administrator", "administer", or "Admin Area" instead of "admin" or "admin area".'
+message: 'Verify this use of the word "admin". Can it be updated to "administration", "administrator", "administer", or "Admin Area"?'
link: https://docs.gitlab.com/ee/development/documentation/styleguide.html
-# Do not set `level: error`, as our docs refer to other docs which use "admin" and "Admin"
-level: warning
+level: suggestion
ignorecase: true
swap:
'admin ?\w*': '(?:Admin Area|[Aa]dminist(ration|rator|rators|er|rative))'
diff --git a/doc/api/graphql/reference/gitlab_schema.graphql b/doc/api/graphql/reference/gitlab_schema.graphql
index be1543d8621..4e89f663efc 100644
--- a/doc/api/graphql/reference/gitlab_schema.graphql
+++ b/doc/api/graphql/reference/gitlab_schema.graphql
@@ -18668,6 +18668,11 @@ type Pipeline {
Permissions for the current user on the resource
"""
userPermissions: PipelinePermissions!
+
+ """
+ Indicates if a pipeline has warnings.
+ """
+ warnings: Boolean!
}
type PipelineAnalytics {
diff --git a/doc/api/graphql/reference/gitlab_schema.json b/doc/api/graphql/reference/gitlab_schema.json
index 6fdff3f4dc4..492682d2e54 100644
--- a/doc/api/graphql/reference/gitlab_schema.json
+++ b/doc/api/graphql/reference/gitlab_schema.json
@@ -54675,6 +54675,24 @@
},
"isDeprecated": false,
"deprecationReason": null
+ },
+ {
+ "name": "warnings",
+ "description": "Indicates if a pipeline has warnings.",
+ "args": [
+
+ ],
+ "type": {
+ "kind": "NON_NULL",
+ "name": null,
+ "ofType": {
+ "kind": "SCALAR",
+ "name": "Boolean",
+ "ofType": null
+ }
+ },
+ "isDeprecated": false,
+ "deprecationReason": null
}
],
"inputFields": null,
diff --git a/doc/api/graphql/reference/index.md b/doc/api/graphql/reference/index.md
index 0b7a4493d6f..f49a12568ed 100644
--- a/doc/api/graphql/reference/index.md
+++ b/doc/api/graphql/reference/index.md
@@ -2820,6 +2820,7 @@ Information about pagination in a connection..
| `upstream` | Pipeline | Pipeline that triggered the pipeline. |
| `user` | User | Pipeline user. |
| `userPermissions` | PipelinePermissions! | Permissions for the current user on the resource |
+| `warnings` | Boolean! | Indicates if a pipeline has warnings. |
### PipelineAnalytics
diff --git a/doc/ci/README.md b/doc/ci/README.md
index 953608fc1e8..9b555c0ee68 100644
--- a/doc/ci/README.md
+++ b/doc/ci/README.md
@@ -10,7 +10,7 @@ type: index
# GitLab CI/CD **(FREE)**
GitLab CI/CD is a tool built into GitLab for software development
-through the [continuous methodologies](introduction/index.md#introduction-to-cicd-methodologies):
+through the [continuous methodologies](introduction/index.md):
- Continuous Integration (CI)
- Continuous Delivery (CD)
@@ -57,7 +57,7 @@ the following documents:
- [Get started with GitLab CI/CD](quick_start/index.md).
- [Fundamental pipeline architectures](pipelines/pipeline_architectures.md).
-- [GitLab CI/CD basic workflow](introduction/index.md#basic-cicd-workflow).
+- [GitLab CI/CD basic workflow](introduction/index.md#gitlab-cicd-workflow).
- [Step-by-step guide for writing `.gitlab-ci.yml` for the first time](../user/project/pages/getting_started/pages_from_scratch.md).
If you're migrating from another CI/CD tool, check out our handy references:
diff --git a/doc/ci/introduction/index.md b/doc/ci/introduction/index.md
index d812aab1871..307dcdf258c 100644
--- a/doc/ci/introduction/index.md
+++ b/doc/ci/introduction/index.md
@@ -6,122 +6,112 @@ description: "An overview of Continuous Integration, Continuous Delivery, and Co
type: concepts
---
-# Introduction to CI/CD concepts **(FREE)**
+# CI/CD concepts **(FREE)**
-This document introduces the concepts of Continuous Integration,
-Continuous Delivery, Continuous Deployment, and GitLab CI/CD.
+With the continuous method of software development, you continuously build,
+test, and deploy iterative code changes. This iterative process helps reduce
+the chance that you develop new code based on buggy or failed previous versions.
+With this method, you strive to have less human intervention or even no intervention at all,
+from the development of new code until its deployment.
+
+The three primary approaches for the continuous method are:
+
+- [Continuous Integration](#continuous-integration)
+- [Continuous Delivery](#continuous-delivery)
+- [Continuous Deployment](#continuous-deployment)
NOTE:
Out-of-the-box management systems can decrease hours spent on maintaining toolchains by 10% or more.
Watch our ["Mastering continuous software development"](https://about.gitlab.com/webcast/mastering-ci-cd/)
-webcast to learn about continuous methods and how the GitLab built-in CI can help you simplify and scale software development.
+webcast to learn about continuous methods and how built-in GitLab CI/CD can help you simplify and scale software development.
> - <i class="fa fa-youtube-play youtube" aria-hidden="true"></i>&nbsp;Learn how to [configure CI/CD](https://www.youtube.com/embed/opdLqwz6tcE).
> - [Make the case for CI/CD in your organization](https://about.gitlab.com/compare/github-actions-alternative/).
> - <i class="fa fa-youtube-play youtube" aria-hidden="true"></i>&nbsp;Learn how [Verizon reduced rebuilds](https://about.gitlab.com/blog/2019/02/14/verizon-customer-story/)
> from 30 days to under 8 hours with GitLab.
-## Introduction to CI/CD methodologies
-
-The continuous methodologies of software development are based on
-automating the execution of scripts to minimize the chance of
-introducing errors while developing applications. They require
-less human intervention or even no intervention at all, from the
-development of new code until its deployment.
-
-It involves continuously building, testing, and deploying code
-changes at every small iteration, reducing the chance of developing
-new code based on bugged or failed previous versions.
-
-There are three main approaches to this methodology, each of them
-to be applied according to what best suits your strategy.
-
-### Continuous Integration
+## Continuous Integration
Consider an application that has its code stored in a Git
repository in GitLab. Developers push code changes every day,
multiple times a day. For every push to the repository, you
can create a set of scripts to build and test your application
-automatically, decreasing the chance of introducing errors to your app.
+automatically. These scripts help decrease the chances that you introduce errors in your application.
-This practice is known as [Continuous Integration](https://en.wikipedia.org/wiki/Continuous_integration);
-for every change submitted to an application - even to development branches -
-it's built and tested automatically and continuously, ensuring the
-introduced changes pass all tests, guidelines, and code compliance
-standards you established for your app.
+This practice is known as [Continuous Integration](https://en.wikipedia.org/wiki/Continuous_integration).
+Each change submitted to an application, even to development branches,
+is built and tested automatically and continuously. These tests ensure the
+changes pass all tests, guidelines, and code compliance
+standards you established for your application.
-[GitLab itself](https://gitlab.com/gitlab-org/gitlab-foss) is an
-example of using Continuous Integration as a software
-development method. For every push to the project, there's a set
-of scripts the code is checked against.
+[GitLab itself](https://gitlab.com/gitlab-org/gitlab) is an
+example of a project that uses Continuous Integration as a software
+development method. For every push to the project, a set
+of checks run against the code.
-### Continuous Delivery
+## Continuous Delivery
[Continuous Delivery](https://continuousdelivery.com/) is a step
-beyond Continuous Integration. Your application is not only
-built and tested at every code change pushed to the codebase,
-but, as an additional step, it's also deployed continuously, though
-the deployments are triggered manually.
+beyond Continuous Integration. Not only is your application
+built and tested each time a code change is pushed to the codebase,
+the application is also deployed continuously. However, with continuous
+delivery, you trigger the deployments manually.
-This method ensures the code is checked automatically but requires
+Continuous Delivery checks the code automatically, but it requires
human intervention to manually and strategically trigger the deployment
of the changes.
-### Continuous Deployment
+## Continuous Deployment
[Continuous Deployment](https://www.airpair.com/continuous-deployment/posts/continuous-deployment-for-practical-people)
-is also a further step beyond Continuous Integration, similar to
+is another step beyond Continuous Integration, similar to
Continuous Delivery. The difference is that instead of deploying your
-application manually, you set it to be deployed automatically. It does
-not require human intervention at all to have your application
-deployed.
+application manually, you set it to be deployed automatically.
+Human intervention is not required.
-## Introduction to GitLab CI/CD
+## GitLab CI/CD
-[GitLab CI/CD](../quick_start/index.md) is a powerful tool built into GitLab that allows you
-to apply all the continuous methods (Continuous Integration,
-Delivery, and Deployment) to your software with no third-party
-application or integration needed.
+[GitLab CI/CD](../quick_start/index.md) is the part of GitLab that you use
+for all of the continuous methods (Continuous Integration,
+Delivery, and Deployment). With GitLab CI/CD, you can test, build,
+and publish your software with no third-party application or integration needed.
<i class="fa fa-youtube-play youtube" aria-hidden="true"></i>
-For an overview, see [Introduction to GitLab CI](https://www.youtube.com/watch?v=l5705U8s_nQ&t=397) from a recent GitLab meetup.
+For an overview, see [Introduction to GitLab CI/CD](https://www.youtube.com/watch?v=l5705U8s_nQ&t=397) from an April 2020 GitLab meetup.
-### Basic CI/CD workflow
+### GitLab CI/CD workflow
-Consider the following example for how GitLab CI/CD fits in a
-common development workflow.
+GitLab CI/CD fits in a common development workflow.
-Assume that you have discussed a code implementation in an issue
-and worked locally on your proposed changes. After you push your
-commits to a feature branch in a remote repository in GitLab,
-the CI/CD pipeline set for your project is triggered. By doing
-so, GitLab CI/CD:
+You can start by discussing a code implementation in an issue
+and working locally on your proposed changes. Then you can push your
+commits to a feature branch in a remote repository that's hosted in GitLab.
+The push triggers the CI/CD pipeline for your project. Then, GitLab CI/CD:
- Runs automated scripts (sequentially or in parallel) to:
- - Build and test your app.
- - Preview the changes per merge request with Review Apps, as you
- would see in your `localhost`.
+ - Build and test your application.
+ - Preview the changes in a Review App, the same as you
+ would see on your `localhost`.
-After you're happy with your implementation:
+After the implementation works as expected:
- Get your code reviewed and approved.
- Merge the feature branch into the default branch.
- GitLab CI/CD deploys your changes automatically to a production environment.
-- And finally, you and your team can easily roll it back if something goes wrong.
+
+If something goes wrong, you can roll back your changes.
![GitLab workflow example](img/gitlab_workflow_example_11_9.png)
-GitLab CI/CD is capable of doing a lot more, but this workflow
-exemplifies the ability of GitLab to track the entire process,
-without the need for an external tool to deliver your software.
-And, most usefully, you can visualize all the steps through
-the GitLab UI.
+This workflow shows the major steps in the GitLab process.
+You don't need any external tools to deliver your software and
+you can visualize all the steps in the GitLab UI.
### A deeper look into the CI/CD workflow
-If we take a deeper look into the basic workflow, we can see
+If you look deeper into the workflow, you can see
the features available in GitLab at each stage of the DevOps
-lifecycle, as shown in the illustration below.
+lifecycle.
![Deeper look into the basic CI/CD workflow](img/gitlab_workflow_example_extended_v12_3.png)
diff --git a/doc/user/application_security/dast/index.md b/doc/user/application_security/dast/index.md
index 53af18e919c..3950c856b40 100644
--- a/doc/user/application_security/dast/index.md
+++ b/doc/user/application_security/dast/index.md
@@ -727,6 +727,8 @@ Alternatively, you can use the CI/CD variable `SECURE_ANALYZERS_PREFIX` to overr
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/218465) in GitLab 13.2.
> - [Improved](https://gitlab.com/gitlab-org/gitlab/-/issues/218465) in GitLab 13.3.
+> - The saved scans feature was [added](https://gitlab.com/groups/gitlab-org/-/epics/5100) in
+> GitLab 13.9.
An on-demand DAST scan runs outside the DevOps life cycle. Changes in your repository don't trigger
the scan. You must start it manually.
@@ -765,9 +767,11 @@ To run an on-demand scan, either:
- [Create and run an on-demand scan](#create-and-run-an-on-demand-scan).
- [Run a previously saved on-demand scan](#run-a-saved-on-demand-scan).
-### Create and run an on-demand scan
+#### Create and run an on-demand scan
-1. From your project's home page, go to **Security & Compliance > On-demand Scans** in the left sidebar.
+1. From your project's home page, go to **Security & Compliance > On-demand Scans** in the left
+ sidebar.
+1. Complete the **Scan name** and **Description** fields.
1. In **Scanner profile**, select a scanner profile from the dropdown.
1. In **Site profile**, select a site profile from the dropdown.
1. To run the on-demand scan now, select **Save and run scan**. Otherwise select **Save scan** to
@@ -775,49 +779,53 @@ To run an on-demand scan, either:
The on-demand DAST scan runs and the project's dashboard shows the results.
-#### List saved on-demand scans
+### List saved on-demand scans
To list saved on-demand scans:
1. From your project's home page, go to **Security & Compliance > Configuration**.
1. Select the **Saved Scans** tab.
-#### View details of an on-demand scan
+### View details of an on-demand scan
To view details of an on-demand scan:
1. From your project's home page, go to **Security & Compliance > Configuration**.
+1. Select **Manage DAST scans**.
1. Select **Manage** in the **DAST Profiles** row.
1. Select the **Saved Scans** tab.
1. In the saved scan's row select **More actions** (**{ellipsis_v}**), then select **Edit**.
-#### Run a saved on-demand scan
+### Run a saved on-demand scan
To run a saved on-demand scan:
1. From your project's home page, go to **Security & Compliance > Configuration**.
+1. Select **Manage DAST scans**.
1. Select **Manage** in the **DAST Profiles** row.
1. Select the **Saved Scans** tab.
1. In the scan's row select **Run scan**.
The on-demand DAST scan runs and the project's dashboard shows the results.
-#### Edit an on-demand scan
+### Edit an on-demand scan
To edit an on-demand scan:
1. From your project's home page, go to **Security & Compliance > Configuration**.
+1. Select **Manage DAST scans**.
1. Select **Manage** in the **DAST Profiles** row.
1. Select the **Saved Scans** tab.
1. In the saved scan's row select **More actions** (**{ellipsis_v}**), then select **Edit**.
1. Edit the form.
1. Select **Save scan**.
-#### Delete an on-demand scan
+### Delete an on-demand scan
To delete an on-demand scan:
1. From your project's home page, go to **Security & Compliance > Configuration**.
+1. Select **Manage DAST scans**.
1. Select **Manage** in the **DAST Profiles** row.
1. Select the **Saved Scans** tab.
1. In the saved scan's row select **More actions** (**{ellipsis_v}**), then select **Delete**.
diff --git a/doc/user/application_security/dependency_scanning/index.md b/doc/user/application_security/dependency_scanning/index.md
index acd79433e7d..11d27140e42 100644
--- a/doc/user/application_security/dependency_scanning/index.md
+++ b/doc/user/application_security/dependency_scanning/index.md
@@ -68,17 +68,16 @@ The following languages and dependency managers are supported:
| [npm](https://www.npmjs.com/) (7 and earlier), [yarn](https://classic.yarnpkg.com/en/) 1.x | JavaScript | `package.json` | [Retire.js](https://retirejs.github.io/retire.js/) |
| [NuGet](https://www.nuget.org/) 4.9+ | .NET, C# | [`packages.lock.json`](https://docs.microsoft.com/en-us/nuget/consume-packages/package-references-in-project-files#enabling-lock-file) | [Gemnasium](https://gitlab.com/gitlab-org/security-products/gemnasium) |
| [`setuptools`](https://setuptools.readthedocs.io/en/latest/), [pip](https://pip.pypa.io/en/stable/), [Pipenv](https://pipenv.pypa.io/en/latest/) (*1*) | Python | `setup.py`, `requirements.txt`, `requirements.pip`, `requires.txt`, `Pipfile`, `Pipfile.lock` | [Gemnasium](https://gitlab.com/gitlab-org/security-products/gemnasium) |
-| [sbt](https://www.scala-sbt.org/) 1.2 and below ([Ivy](http://ant.apache.org/ivy/)) | Scala | `build.sbt` | [Gemnasium](https://gitlab.com/gitlab-org/security-products/gemnasium) |
+| [sbt](https://www.scala-sbt.org/) (*2*) | Scala | `build.sbt` | [Gemnasium](https://gitlab.com/gitlab-org/security-products/gemnasium) |
1. [Pipenv](https://pipenv.pypa.io/en/latest/) projects are scanned when a `Pipfile` is present.
- Gemnasium scans the exact package versions listed in `Pipfile.lock` when this file is also present.
+1. Support for [sbt](https://www.scala-sbt.org/) 1.3 and above was added in GitLab 13.9.
Plans are underway for supporting the following languages, dependency managers, and dependency files. For details, see the issue link for each.
| Package Managers | Languages | Supported files | Scan tools | Issue |
| ------------------- | --------- | --------------- | ---------- | ----- |
| [Poetry](https://python-poetry.org/) | Python | `poetry.lock` | [Gemnasium](https://gitlab.com/gitlab-org/security-products/gemnasium) | [GitLab#7006](https://gitlab.com/gitlab-org/gitlab/-/issues/7006) |
-| [sbt](https://www.scala-sbt.org/) 1.3+ ([Coursier](https://get-coursier.io/))| Scala | `build.sbt` | [Gemnasium](https://gitlab.com/gitlab-org/security-products/gemnasium) | [GitLab#271345](https://gitlab.com/gitlab-org/gitlab/-/issues/271345) |
## Contribute your scanner
diff --git a/doc/user/group/bulk_editing/index.md b/doc/user/group/bulk_editing/index.md
index 22001b317f7..651bb7c055e 100644
--- a/doc/user/group/bulk_editing/index.md
+++ b/doc/user/group/bulk_editing/index.md
@@ -13,7 +13,6 @@ For more details, see [Bulk editing issues and merge requests at the project lev
If you want to update attributes across multiple issues, epics, or merge requests in a group, you
can do it by bulk editing them, that is, editing them together.
-NOTE:
Only the items visible on the current page are selected for bulk editing (up to 20).
![Bulk editing](img/bulk-editing_v13_2.png)
@@ -25,8 +24,7 @@ Only the items visible on the current page are selected for bulk editing (up to
> - Editing health status [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/218395) in GitLab 13.2.
> - Editing iteration [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/196806) in GitLab 13.9.
-NOTE:
-You need a permission level of [Reporter or higher](../../permissions.md) to manage issues.
+Users with permission level of [Reporter or higher](../../permissions.md) can manage issues.
When bulk editing issues in a group, you can edit the following attributes:
@@ -48,8 +46,7 @@ To update multiple project issues at the same time:
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/7250) in [GitLab Premium](https://about.gitlab.com/pricing/) 12.2.
-NOTE:
-You need a permission level of [Reporter or higher](../../permissions.md) to manage epics.
+Users with permission level of [Reporter or higher](../../permissions.md) can manage epics.
When bulk editing epics in a group, you can edit their labels.
@@ -65,8 +62,7 @@ To update multiple epics at the same time:
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/12719) in [GitLab Premium](https://about.gitlab.com/pricing/) 12.2.
-NOTE:
-You need a permission level of [Developer or higher](../../permissions.md) to manage merge requests.
+Users with permission level of [Developer or higher](../../permissions.md) can manage merge requests.
When bulk editing merge requests in a group, you can edit the following attributes:
diff --git a/doc/user/project/bulk_editing.md b/doc/user/project/bulk_editing.md
index 19f17ad91d7..d7e8133f9ad 100644
--- a/doc/user/project/bulk_editing.md
+++ b/doc/user/project/bulk_editing.md
@@ -14,7 +14,6 @@ For more details, see
If you want to update attributes across multiple issues or merge requests, you can do it
by bulk editing them, that is, editing them together.
-NOTE:
Only the items visible on the current page are selected for bulk editing (up to 20).
![Bulk editing](img/bulk-editing_v13_2.png)
@@ -25,8 +24,7 @@ Only the items visible on the current page are selected for bulk editing (up to
> - Editing health status [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/218395) in GitLab 13.2.
> - Editing iteration [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/196806) in GitLab 13.9.
-NOTE:
-You need a permission level of [Reporter or higher](../permissions.md) to manage issues.
+Users with permission level of [Reporter or higher](../permissions.md) can manage issues.
When bulk editing issues in a project, you can edit the following attributes:
@@ -49,8 +47,7 @@ To update multiple project issues at the same time:
## Bulk edit merge requests at the project level
-NOTE:
-You need a permission level of [Developer or higher](../permissions.md) to manage merge requests.
+Users with permission level of [Developer or higher](../permissions.md) can manage merge requests.
When bulk editing merge requests in a project, you can edit the following attributes:
diff --git a/lib/gitlab/kroki.rb b/lib/gitlab/kroki.rb
index 38090786836..2948b6ebd5b 100644
--- a/lib/gitlab/kroki.rb
+++ b/lib/gitlab/kroki.rb
@@ -13,9 +13,8 @@ module Gitlab
packetdiag
rackdiag
].freeze
- DIAGRAMS_FORMATS = ::AsciidoctorExtensions::Kroki::SUPPORTED_DIAGRAM_NAMES
- DIAGRAMS_FORMATS_WO_PLANTUML = DIAGRAMS_FORMATS
- .reject { |diagram_type| diagram_type == 'plantuml' }
+ DIAGRAMS_FORMATS = (::AsciidoctorExtensions::Kroki::SUPPORTED_DIAGRAM_NAMES - %w(mermaid)).freeze
+ DIAGRAMS_FORMATS_WO_PLANTUML = (DIAGRAMS_FORMATS - %w(plantuml)).freeze
# Get the list of diagram formats that are currently enabled
#
diff --git a/locale/gitlab.pot b/locale/gitlab.pot
index 79d393fd222..48fe53ebc50 100644
--- a/locale/gitlab.pot
+++ b/locale/gitlab.pot
@@ -22451,6 +22451,9 @@ msgstr ""
msgid "Private"
msgstr ""
+msgid "Private - Guest users are not allowed to view detailed release information like title and source code."
+msgstr ""
+
msgid "Private - Project access must be granted explicitly to each user. If this project is part of a group, access will be granted to members of the group."
msgstr ""
diff --git a/spec/graphql/types/ci/pipeline_type_spec.rb b/spec/graphql/types/ci/pipeline_type_spec.rb
index d435e337ad7..2a1e030480d 100644
--- a/spec/graphql/types/ci/pipeline_type_spec.rb
+++ b/spec/graphql/types/ci/pipeline_type_spec.rb
@@ -12,7 +12,7 @@ RSpec.describe Types::Ci::PipelineType do
id iid sha before_sha status detailed_status config_source duration
coverage created_at updated_at started_at finished_at committed_at
stages user retryable cancelable jobs source_job downstream
- upstream path project active user_permissions
+ upstream path project active user_permissions warnings
]
if Gitlab.ee?
diff --git a/spec/lib/gitlab/url_blocker_spec.rb b/spec/lib/gitlab/url_blocker_spec.rb
index 20a8f2f6a41..4f274387195 100644
--- a/spec/lib/gitlab/url_blocker_spec.rb
+++ b/spec/lib/gitlab/url_blocker_spec.rb
@@ -167,10 +167,8 @@ RSpec.describe Gitlab::UrlBlocker, :stub_invalid_dns_only do
subject { described_class.validate!(import_url, dns_rebind_protection: dns_rebind_protection) }
before do
- skip 'timeout is not available' unless timeout_available?
-
stub_env('RSPEC_ALLOW_INVALID_URLS', 'false')
- stub_const("#{described_class}::GETADDRINFO_TIMEOUT_SECONDS", 0)
+ allow(Addrinfo).to receive(:getaddrinfo).and_raise(SocketError)
end
context 'with dns rebinding enabled' do
@@ -189,17 +187,6 @@ RSpec.describe Gitlab::UrlBlocker, :stub_invalid_dns_only do
let(:expected_hostname) { nil }
end
end
-
- # Detect whether the timeout option is available.
- #
- # See https://bugs.ruby-lang.org/issues/15553
- def timeout_available?
- Addrinfo.getaddrinfo('localhost', nil, timeout: 0)
-
- false
- rescue SocketError
- true
- end
end
end
diff --git a/spec/services/alert_management/process_prometheus_alert_service_spec.rb b/spec/services/alert_management/process_prometheus_alert_service_spec.rb
index fb1a23996e3..288a33b71cd 100644
--- a/spec/services/alert_management/process_prometheus_alert_service_spec.rb
+++ b/spec/services/alert_management/process_prometheus_alert_service_spec.rb
@@ -68,36 +68,29 @@ RSpec.describe AlertManagement::ProcessPrometheusAlertService do
let!(:alert) { create(:alert_management_alert, :resolved, project: project, fingerprint: fingerprint) }
it_behaves_like 'creates an alert management alert'
+ it_behaves_like 'Alert Notification Service sends notification email'
end
context 'existing alert is ignored' do
let!(:alert) { create(:alert_management_alert, :ignored, project: project, fingerprint: fingerprint) }
it_behaves_like 'adds an alert management alert event'
+ it_behaves_like 'Alert Notification Service sends no notifications'
end
- context 'two existing alerts, one resolved one open' do
- let!(:resolved_alert) { create(:alert_management_alert, :resolved, project: project, fingerprint: fingerprint) }
- let!(:alert) { create(:alert_management_alert, project: project, fingerprint: fingerprint) }
+ context 'existing alert is acknowledged' do
+ let!(:alert) { create(:alert_management_alert, :acknowledged, project: project, fingerprint: fingerprint) }
it_behaves_like 'adds an alert management alert event'
+ it_behaves_like 'Alert Notification Service sends no notifications'
end
- context 'when status change did not succeed' do
- before do
- allow(AlertManagement::Alert).to receive(:for_fingerprint).and_return([alert])
- allow(alert).to receive(:trigger).and_return(false)
- end
-
- it 'writes a warning to the log' do
- expect(Gitlab::AppLogger).to receive(:warn).with(
- message: 'Unable to update AlertManagement::Alert status to triggered',
- project_id: project.id,
- alert_id: alert.id
- )
+ context 'two existing alerts, one resolved one open' do
+ let!(:resolved_alert) { create(:alert_management_alert, :resolved, project: project, fingerprint: fingerprint) }
+ let!(:alert) { create(:alert_management_alert, project: project, fingerprint: fingerprint) }
- execute
- end
+ it_behaves_like 'adds an alert management alert event'
+ it_behaves_like 'Alert Notification Service sends notification email'
end
context 'when auto-creation of issues is disabled' do
@@ -109,11 +102,7 @@ RSpec.describe AlertManagement::ProcessPrometheusAlertService do
context 'when emails are disabled' do
let(:send_email) { false }
- it 'does not send notification' do
- expect(NotificationService).not_to receive(:new)
-
- expect(subject).to be_success
- end
+ it_behaves_like 'Alert Notification Service sends no notifications'
end
end
@@ -136,11 +125,7 @@ RSpec.describe AlertManagement::ProcessPrometheusAlertService do
context 'when emails are disabled' do
let(:send_email) { false }
- it 'does not send notification' do
- expect(NotificationService).not_to receive(:new)
-
- expect(subject).to be_success
- end
+ it_behaves_like 'Alert Notification Service sends no notifications'
end
end
@@ -235,11 +220,7 @@ RSpec.describe AlertManagement::ProcessPrometheusAlertService do
context 'when emails are disabled' do
let(:send_email) { false }
- it 'does not send notification' do
- expect(NotificationService).not_to receive(:new)
-
- expect(subject).to be_success
- end
+ it_behaves_like 'Alert Notification Service sends no notifications'
end
end
diff --git a/spec/support/shared_examples/alert_notification_service_shared_examples.rb b/spec/support/shared_examples/alert_notification_service_shared_examples.rb
index 1568e4357a1..7bd6df8c608 100644
--- a/spec/support/shared_examples/alert_notification_service_shared_examples.rb
+++ b/spec/support/shared_examples/alert_notification_service_shared_examples.rb
@@ -3,7 +3,7 @@
RSpec.shared_examples 'Alert Notification Service sends notification email' do
let(:notification_service) { spy }
- it 'sends a notification for firing alerts only' do
+ it 'sends a notification' do
expect(NotificationService)
.to receive(:new)
.and_return(notification_service)
@@ -15,15 +15,15 @@ RSpec.shared_examples 'Alert Notification Service sends notification email' do
end
end
-RSpec.shared_examples 'Alert Notification Service sends no notifications' do |http_status:|
- let(:notification_service) { spy }
- let(:create_events_service) { spy }
-
+RSpec.shared_examples 'Alert Notification Service sends no notifications' do |http_status: nil|
it 'does not notify' do
- expect(notification_service).not_to receive(:async)
- expect(create_events_service).not_to receive(:execute)
+ expect(NotificationService).not_to receive(:new)
- expect(subject).to be_error
- expect(subject.http_status).to eq(http_status)
+ if http_status.present?
+ expect(subject).to be_error
+ expect(subject.http_status).to eq(http_status)
+ else
+ expect(subject).to be_success
+ end
end
end
View Lorry Controller Status