diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2023-05-16 03:07:16 +0000 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2023-05-16 03:07:16 +0000 |
| commit | fe0260eaa337339a131624a8b71d7a05a3664a18 (patch) | |
| tree | ef249dade23077695d37ab760851f4d1d1c7556f | |
| parent | cc93ae5beb8a50c959373b77a9fdd6b31a88f00c (diff) | |
| download | gitlab-ce-fe0260eaa337339a131624a8b71d7a05a3664a18.tar.gz | |
Add latest changes from gitlab-org/gitlab@master
39 files changed, 808 insertions, 231 deletions
diff --git a/app/assets/javascripts/graphql_shared/possible_types.json b/app/assets/javascripts/graphql_shared/possible_types.json index c6c145f5e2b..f35886716ee 100644 --- a/app/assets/javascripts/graphql_shared/possible_types.json +++ b/app/assets/javascripts/graphql_shared/possible_types.json @@ -89,6 +89,22 @@ "NugetMetadata", "PypiMetadata" ], + "Registrable": [ + "CiSecureFileRegistry", + "ContainerRepositoryRegistry", + "DependencyProxyBlobRegistry", + "DependencyProxyManifestRegistry", + "JobArtifactRegistry", + "LfsObjectRegistry", + "MergeRequestDiffRegistry", + "PackageFileRegistry", + "PagesDeploymentRegistry", + "PipelineArtifactRegistry", + "ProjectWikiRepositoryRegistry", + "SnippetRepositoryRegistry", + "TerraformStateVersionRegistry", + "UploadRegistry" + ], "ResolvableInterface": [ "Discussion", "Note" diff --git a/app/assets/javascripts/merge_requests/components/sticky_header.vue b/app/assets/javascripts/merge_requests/components/sticky_header.vue index b49ceb89e3b..e63b9613257 100644 --- a/app/assets/javascripts/merge_requests/components/sticky_header.vue +++ b/app/assets/javascripts/merge_requests/components/sticky_header.vue @@ -106,11 +106,11 @@ export default { @disappear="setStickyHeaderVisible(true)" > <div - class="issue-sticky-header merge-request-sticky-header gl-fixed gl-bg-white gl-pt-3 gl-display-none gl-md-display-block" + class="issue-sticky-header merge-request-sticky-header gl-fixed gl-bg-white gl-display-none gl-md-display-flex gl-flex-direction-column gl-justify-content-end gl-border-b" :class="{ 'gl-visibility-hidden': !isStickyHeaderVisible }" > <div - class="issue-sticky-header-text gl-display-flex gl-flex-direction-column gl-align-items-center gl-mx-auto gl-px-5" + class="issue-sticky-header-text gl-display-flex gl-flex-direction-column gl-align-items-center gl-mx-auto gl-px-5 gl-w-full" :class="{ 'gl-max-w-container-xl': !isFluidLayout }" > <div class="gl-w-full gl-display-flex gl-align-items-center"> diff --git a/app/assets/stylesheets/framework/diffs.scss b/app/assets/stylesheets/framework/diffs.scss index 3885863999b..6c40781670a 100644 --- a/app/assets/stylesheets/framework/diffs.scss +++ b/app/assets/stylesheets/framework/diffs.scss @@ -37,7 +37,7 @@ z-index: 120; &.is-sidebar-moved { - top: calc(#{$calc-application-header-height} + #{$mr-tabs-height} + 24px); + top: calc(#{$calc-application-header-height} + #{$mr-sticky-header-height} - #{$gl-border-size-1}); } &::before { diff --git a/app/assets/stylesheets/framework/variables.scss b/app/assets/stylesheets/framework/variables.scss index 3dd6a435a75..1ba3de68662 100644 --- a/app/assets/stylesheets/framework/variables.scss +++ b/app/assets/stylesheets/framework/variables.scss @@ -481,6 +481,7 @@ $highlight-changes-color: rgb(235, 255, 232); $performance-bar-height: 35px; $system-header-height: 16px; $system-footer-height: $system-header-height; +$mr-sticky-header-height: 72px; $mr-review-bar-height: calc(2rem + 13px); $flash-height: 52px; $context-header-height: 60px; diff --git a/app/assets/stylesheets/page_bundles/merge_requests.scss b/app/assets/stylesheets/page_bundles/merge_requests.scss index b282d83b74b..61f8f0de557 100644 --- a/app/assets/stylesheets/page_bundles/merge_requests.scss +++ b/app/assets/stylesheets/page_bundles/merge_requests.scss @@ -266,8 +266,8 @@ $tabs-holder-z-index: 250; } &.is-sidebar-moved { - height: calc(#{$calc-application-viewport-height} - (#{$mr-tabs-height} + #{$diff-file-header-top} + 26px)); - top: calc(#{$calc-application-header-height} + #{$mr-tabs-height} + #{$diff-file-header-top} + 26px); + height: calc(#{$calc-application-viewport-height} - (#{$mr-sticky-header-height} + #{$diff-file-header-top})); + top: calc(#{$calc-application-header-height} + #{$mr-sticky-header-height} + #{$diff-file-header-top}); } } @@ -550,7 +550,7 @@ $tabs-holder-z-index: 250; border-radius: $border-radius-default; } - .mr-widget-section:not(:first-child) { + .mr-widget-section:not(:first-child) > div { border-top: solid 1px var(--border-color, $border-color); } @@ -1078,7 +1078,7 @@ $tabs-holder-z-index: 250; .merge-request-sticky-header { z-index: 204; - box-shadow: 0 1px 4px rgba($gray-300, 0.4); + height: $mr-sticky-header-height; } .merge-request-notification-toggle { diff --git a/app/graphql/mutations/base_mutation.rb b/app/graphql/mutations/base_mutation.rb index 5f98b222099..994668b5f8f 100644 --- a/app/graphql/mutations/base_mutation.rb +++ b/app/graphql/mutations/base_mutation.rb @@ -28,7 +28,7 @@ module Mutations end def ready?(**args) - raise_resource_not_available_error! ERROR_MESSAGE if Gitlab::Database.read_only? + raise_resource_not_available_error!(ERROR_MESSAGE) if read_only? missing_args = self.class.arguments.values .reject { |arg| arg.accepts?(args.fetch(arg.keyword, :not_given)) } @@ -39,6 +39,10 @@ module Mutations true end + def read_only? + Gitlab::Database.read_only? + end + def load_application_object(argument, id, context) ::Gitlab::Graphql::Lazy.new { super } end diff --git a/app/graphql/resolvers/user_resolver.rb b/app/graphql/resolvers/user_resolver.rb index f0fd60e9cbb..ddced5ee859 100644 --- a/app/graphql/resolvers/user_resolver.rb +++ b/app/graphql/resolvers/user_resolver.rb @@ -39,7 +39,7 @@ module Resolvers def batch_load(username) BatchLoader::GraphQL.for(username).batch do |usernames, loader| User.by_username(usernames).each do |user| - loader.call(user.username, user) + loader.call(username, user) end end end diff --git a/app/models/pages_domain.rb b/app/models/pages_domain.rb index 446c4a6187c..10ac10295fc 100644 --- a/app/models/pages_domain.rb +++ b/app/models/pages_domain.rb @@ -172,6 +172,10 @@ class PagesDomain < ApplicationRecord "#{VERIFICATION_KEY}=#{verification_code}" end + def verification_record + "#{verification_domain} TXT #{keyed_verification_code}" + end + def certificate=(certificate) super(certificate) diff --git a/app/presenters/pages_domain_presenter.rb b/app/presenters/pages_domain_presenter.rb index d730608cc27..49322ad6b43 100644 --- a/app/presenters/pages_domain_presenter.rb +++ b/app/presenters/pages_domain_presenter.rb @@ -13,4 +13,11 @@ class PagesDomainPresenter < Gitlab::View::Presenter::Delegated ::Gitlab::LetsEncrypt.enabled? && auto_ssl_failed end + + def user_defined_certificate? + persisted? && + certificate.present? && + certificate_user_provided? && + errors[:certificate].blank? + end end diff --git a/app/views/projects/pages_domains/_dns.html.haml b/app/views/projects/pages_domains/_dns.html.haml index 2c6b808eb1c..3e6a92d8bc0 100644 --- a/app/views/projects/pages_domains/_dns.html.haml +++ b/app/views/projects/pages_domains/_dns.html.haml @@ -13,7 +13,6 @@ %p.form-text.text-muted = _("To access this domain create a new DNS record") - if verification_enabled - - verification_record = "#{domain_presenter.verification_domain} TXT #{domain_presenter.keyed_verification_code}" .form-group.border-section .row .col-sm-2 @@ -24,7 +23,7 @@ = gl_badge_tag text, variant: status = link_to sprite_icon("redo"), verify_project_pages_domain_path(@project, domain_presenter), method: :post, class: "gl-ml-2 gl-button btn btn-sm btn-default has-tooltip", title: _("Retry verification") .input-group - = text_field_tag :domain_verification, verification_record, class: "monospace js-select-on-focus form-control", readonly: true + = text_field_tag :domain_verification, domain_presenter.verification_record, class: "monospace js-select-on-focus form-control", readonly: true .input-group-append = clipboard_button(target: '#domain_verification', class: 'btn-default d-none d-sm-block') %p.form-text.text-muted diff --git a/config/sidekiq_queues.yml b/config/sidekiq_queues.yml index e3b8c5cbffc..370fe87ff96 100644 --- a/config/sidekiq_queues.yml +++ b/config/sidekiq_queues.yml @@ -105,6 +105,8 @@ - 1 - - ci_job_artifacts_expire_project_build_artifacts - 1 +- - ci_llm_generate_config + - 1 - - ci_parse_secure_file_metadata - 1 - - ci_runners_process_runner_version_update diff --git a/data/removals/16_0/16-0-remove-legacy-gitaly-config-structure.yml b/data/removals/16_0/16-0-remove-legacy-gitaly-config-structure.yml new file mode 100644 index 00000000000..13f6669bd10 --- /dev/null +++ b/data/removals/16_0/16-0-remove-legacy-gitaly-config-structure.yml @@ -0,0 +1,22 @@ +--- +- title: "Legacy Gitaly configuration method" + announcement_milestone: "15.10" + removal_milestone: "16.0" + breaking_change: true + reporter: mjwood + stage: gitaly + issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/393574 + body: | + Previously, Gitaly configuration keys for Omnibus GitLab were scattered throughout the configuration file. In GitLab + 15.10, we added support for a single configuration structure that matches Gitaly internal configuration. Both methods + of configuring Gitaly were supported in parallel. + + In GitLab 16.0, we removed support for the former configuration method and now only support the new configuration + method. + + Before upgrading to GitLab 16.0, administrators must migrate to the new single configuration structure. For + instructions, see [Gitaly - Omnibus GitLab configuration structure change](https://docs.gitlab.com/ee/update/#gitaly-omnibus-gitlab-configuration-structure-change). + tiers: # (optional - may be required in the future) An array of tiers that the feature is available in currently. e.g., [Free, Silver, Gold, Core, Premium, Ultimate] + documentation_url: # (optional) This is a link to the current documentation page + image_url: # (optional) This is a link to a thumbnail image depicting the feature + video_url: # (optional) Use the youtube thumbnail URL with the structure of https://img.youtube.com/vi/UNIQUEID/hqdefault.jpg diff --git a/data/removals/16_0/16-0-remove-legacy-praefect-config-structure.yml b/data/removals/16_0/16-0-remove-legacy-praefect-config-structure.yml new file mode 100644 index 00000000000..0b8a745a822 --- /dev/null +++ b/data/removals/16_0/16-0-remove-legacy-praefect-config-structure.yml @@ -0,0 +1,22 @@ +--- +- title: "Legacy Praefect configuration method" + announcement_milestone: "15.9" + removal_milestone: "16.0" + breaking_change: true + reporter: mjwood + stage: gitaly + issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/390291 + body: | + Previously, Praefect configuration keys for Omnibus GitLab were scattered throughout the configuration file. In GitLab + 15.9, we added support for a single configuration structure that matches Praefect internal configuration. Both methods + of configuring Praefect were supported in parallel. + + In GitLab 16.0, we removed support for the former configuration method and now only support the new configuration + method. + + Before upgrading to GitLab 16.0, administrators must migrate to the new single configuration structure. For + instructions, see [Praefect - Omnibus GitLab configuration structure change](https://docs.gitlab.com/ee/update/#praefect-omnibus-gitlab-configuration-structure-change). + tiers: # (optional - may be required in the future) An array of tiers that the feature is available in currently. e.g., [Free, Silver, Gold, Core, Premium, Ultimate] + documentation_url: https://docs.gitlab.com/ee/administration/gitaly/praefect.html + image_url: # (optional) This is a link to a thumbnail image depicting the feature + video_url: # (optional) Use the youtube thumbnail URL with the structure of https://img.youtube.com/vi/UNIQUEID/hqdefault.jpg diff --git a/data/removals/16_0/16-0-remove-metrics.yml b/data/removals/16_0/16-0-remove-metrics.yml new file mode 100644 index 00000000000..0e2df8a3ecd --- /dev/null +++ b/data/removals/16_0/16-0-remove-metrics.yml @@ -0,0 +1,24 @@ +- title: "Monitoring performance metrics through Prometheus is removed" + announcement_milestone: "14.7" + removal_milestone: "16.0" + breaking_change: true + reporter: kbychu + stage: monitor + issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/346541 + body: | + We previously launched a solution that allows you to view performance metrics by displaying data stored in a Prometheus instance. + The Prometheus instance can be set up as a GitLab-managed app or you can connect a previously configured Prometheus instance. + The latter is known as an "external Prometheus" in GitLab. The value we provided was to enable you to easily set up monitoring + (using GitLab Managed Apps) and have the visualization of the metrics all in the same tool you used to build the application. + + However, as we are removing certificate-based integrations, the full monitoring experience is also deprecated as you will not + have the option to easily set up Prometheus from GitLab. Furthermore, we plan to consolidate on + a focused observability dashboard experience instead of having multiple paths to view metrics. Because of this, we are also removing the external + Prometheus experience, together with the metrics visualization capability. + + This removal only refers to the GitLab Metrics capabilities, and **does not** include: + + - Deprecating [alerts for Prometheus](https://gitlab.com/gitlab-org/gitlab/-/issues/338834). + - [Capabilities that GitLab comes with that allow operators of GitLab to retrieve metrics from those instances](https://docs.gitlab.com/ee/administration/monitoring/prometheus/gitlab_metrics.html). + + tiers: [Free, Silver, Gold, Core, Premium, Ultimate] diff --git a/data/removals/16_0/16-0-remove-praefect-custom-metric-endpoint.yml b/data/removals/16_0/16-0-remove-praefect-custom-metric-endpoint.yml new file mode 100644 index 00000000000..6642e707c29 --- /dev/null +++ b/data/removals/16_0/16-0-remove-praefect-custom-metric-endpoint.yml @@ -0,0 +1,18 @@ +--- +- title: "Praefect custom metrics endpoint configuration" + announcement_milestone: "15.9" + removal_milestone: "16.0" + breaking_change: true + reporter: mjwood + stage: Gitaly + issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/390266 + body: | + Support for using the `prometheus_exclude_database_from_default_metrics` configuration value was deprecated in + GitLab 15.9 and is removed in GitLab 16.0. We made this change to improve the performance of Praefect. + All metrics that scrape the Praefect database are now exported to the `/db_metrics` endpoint. + + You must update your metrics collection targets to use the `/db_metrics` endpoint. + tiers: # (optional - may be required in the future) An array of tiers that the feature is available in currently. e.g., [Free, Silver, Gold, Core, Premium, Ultimate] + documentation_url: # (optional) This is a link to the current documentation page + image_url: # (optional) This is a link to a thumbnail image depicting the feature + video_url: # (optional) Use the youtube thumbnail URL with the structure of https://img.youtube.com/vi/UNIQUEID/hqdefault.jpg diff --git a/doc/administration/gitaly/monitoring.md b/doc/administration/gitaly/monitoring.md index a854a0a3b48..00d0499faa2 100644 --- a/doc/administration/gitaly/monitoring.md +++ b/doc/administration/gitaly/monitoring.md @@ -183,9 +183,6 @@ To monitor [repository verification](praefect.md#repository-verification), use t - `gitaly_praefect_stale_verification_leases_released_total`, the number of stale verification leases released. -The `/metrics` endpoint also provides all the metrics available under the `/db_metrics` endpoint. Using `/metrics` for `/db_metrics` metrics -is [deprecated](https://gitlab.com/gitlab-org/gitlab/-/issues/390266) in GitLab 15.9 and will be removed in GitLab 16.0. - You can also monitor the [Praefect logs](../logs/index.md#praefect-logs). ### Database metrics `/db_metrics` endpoint diff --git a/doc/api/graphql/reference/index.md b/doc/api/graphql/reference/index.md index 47e52e6005f..8d94b45c1f9 100644 --- a/doc/api/graphql/reference/index.md +++ b/doc/api/graphql/reference/index.md @@ -3406,6 +3406,33 @@ Input type: `ExternalAuditEventDestinationUpdateInput` | <a id="mutationexternalauditeventdestinationupdateerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | | <a id="mutationexternalauditeventdestinationupdateexternalauditeventdestination"></a>`externalAuditEventDestination` | [`ExternalAuditEventDestination`](#externalauditeventdestination) | Updated destination. | +### `Mutation.geoRegistriesUpdate` + +Mutates a Geo registry. Does not mutate the registry entry if `geo_registries_update_mutation` feature flag is disabled. + +WARNING: +**Introduced** in 16.1. +This feature is an Experiment. It can be changed or removed at any time. + +Input type: `GeoRegistriesUpdateInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationgeoregistriesupdateaction"></a>`action` | [`GeoRegistryAction!`](#georegistryaction) | Action to be executed on a Geo registry. | +| <a id="mutationgeoregistriesupdateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationgeoregistriesupdateregistryclass"></a>`registryClass` | [`GeoRegistryClass!`](#georegistryclass) | Class of the Geo registry to be updated. | +| <a id="mutationgeoregistriesupdateregistryid"></a>`registryId` | [`GeoBaseRegistryID!`](#geobaseregistryid) | ID of the Geo registry entry to be updated. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationgeoregistriesupdateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationgeoregistriesupdateerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationgeoregistriesupdateregistry"></a>`registry` | [`Registrable`](#registrable) | Updated Geo registry entry. | + ### `Mutation.gitlabSubscriptionActivate` Input type: `GitlabSubscriptionActivateInput` @@ -24391,6 +24418,36 @@ Event action. | <a id="eventactionreopened"></a>`REOPENED` | Reopened action. | | <a id="eventactionupdated"></a>`UPDATED` | Updated action. | +### `GeoRegistryAction` + +Action to trigger on one or more Geo registries. + +| Value | Description | +| ----- | ----------- | +| <a id="georegistryactionresync"></a>`RESYNC` | Resync a registry. | +| <a id="georegistryactionreverify"></a>`REVERIFY` | Reverify a registry. | + +### `GeoRegistryClass` + +Geo registry class. + +| Value | Description | +| ----- | ----------- | +| <a id="georegistryclassci_secure_file_registry"></a>`CI_SECURE_FILE_REGISTRY` | Geo::CiSecureFileRegistry registry class. | +| <a id="georegistryclasscontainer_repository_registry"></a>`CONTAINER_REPOSITORY_REGISTRY` | Geo::ContainerRepositoryRegistry registry class. | +| <a id="georegistryclassdependency_proxy_blob_registry"></a>`DEPENDENCY_PROXY_BLOB_REGISTRY` | Geo::DependencyProxyBlobRegistry registry class. | +| <a id="georegistryclassdependency_proxy_manifest_registry"></a>`DEPENDENCY_PROXY_MANIFEST_REGISTRY` | Geo::DependencyProxyManifestRegistry registry class. | +| <a id="georegistryclassjob_artifact_registry"></a>`JOB_ARTIFACT_REGISTRY` | Geo::JobArtifactRegistry registry class. | +| <a id="georegistryclasslfs_object_registry"></a>`LFS_OBJECT_REGISTRY` | Geo::LfsObjectRegistry registry class. | +| <a id="georegistryclassmerge_request_diff_registry"></a>`MERGE_REQUEST_DIFF_REGISTRY` | Geo::MergeRequestDiffRegistry registry class. | +| <a id="georegistryclasspackage_file_registry"></a>`PACKAGE_FILE_REGISTRY` | Geo::PackageFileRegistry registry class. | +| <a id="georegistryclasspages_deployment_registry"></a>`PAGES_DEPLOYMENT_REGISTRY` | Geo::PagesDeploymentRegistry registry class. | +| <a id="georegistryclasspipeline_artifact_registry"></a>`PIPELINE_ARTIFACT_REGISTRY` | Geo::PipelineArtifactRegistry registry class. | +| <a id="georegistryclassproject_wiki_repository_registry"></a>`PROJECT_WIKI_REPOSITORY_REGISTRY` | Geo::ProjectWikiRepositoryRegistry registry class. | +| <a id="georegistryclasssnippet_repository_registry"></a>`SNIPPET_REPOSITORY_REGISTRY` | Geo::SnippetRepositoryRegistry registry class. | +| <a id="georegistryclassterraform_state_version_registry"></a>`TERRAFORM_STATE_VERSION_REGISTRY` | Geo::TerraformStateVersionRegistry registry class. | +| <a id="georegistryclassupload_registry"></a>`UPLOAD_REGISTRY` | Geo::UploadRegistry registry class. | + ### `GitlabSubscriptionsUserRole` Role of User. @@ -26154,6 +26211,12 @@ An example `EpicTreeSortingID` is: `"gid://gitlab/EpicTreeSorting/1"`. Represents signed double-precision fractional values as specified by [IEEE 754](https://en.wikipedia.org/wiki/IEEE_floating_point). +### `GeoBaseRegistryID` + +A `GeoBaseRegistryID` is a global ID. It is encoded as a string. + +An example `GeoBaseRegistryID` is: `"gid://gitlab/Geo::BaseRegistry/1"`. + ### `GitlabErrorTrackingDetailedErrorID` A `GitlabErrorTrackingDetailedErrorID` is a global ID. It is encoded as a string. @@ -26605,6 +26668,25 @@ One of: - [`NugetMetadata`](#nugetmetadata) - [`PypiMetadata`](#pypimetadata) +#### `Registrable` + +One of: + +- [`CiSecureFileRegistry`](#cisecurefileregistry) +- [`ContainerRepositoryRegistry`](#containerrepositoryregistry) +- [`DependencyProxyBlobRegistry`](#dependencyproxyblobregistry) +- [`DependencyProxyManifestRegistry`](#dependencyproxymanifestregistry) +- [`JobArtifactRegistry`](#jobartifactregistry) +- [`LfsObjectRegistry`](#lfsobjectregistry) +- [`MergeRequestDiffRegistry`](#mergerequestdiffregistry) +- [`PackageFileRegistry`](#packagefileregistry) +- [`PagesDeploymentRegistry`](#pagesdeploymentregistry) +- [`PipelineArtifactRegistry`](#pipelineartifactregistry) +- [`ProjectWikiRepositoryRegistry`](#projectwikirepositoryregistry) +- [`SnippetRepositoryRegistry`](#snippetrepositoryregistry) +- [`TerraformStateVersionRegistry`](#terraformstateversionregistry) +- [`UploadRegistry`](#uploadregistry) + #### `SecurityPolicySource` Represents a policy source. Its fields depend on the source type. diff --git a/doc/update/removals.md b/doc/update/removals.md index fcd4de7a2f5..a2dddbfaa44 100644 --- a/doc/update/removals.md +++ b/doc/update/removals.md @@ -226,6 +226,22 @@ Review the details carefully before upgrading. The [Jira DVCS connector](https://docs.gitlab.com/ee/integration/jira/dvcs/) for Jira Cloud was deprecated in GitLab 15.1 and has been removed in 16.0. Use the [GitLab for Jira Cloud app](https://docs.gitlab.com/ee/integration/jira/connect-app.html) instead. The Jira DVCS connector was also deprecated for Jira 8.13 and earlier. You can only use the Jira DVCS connector with Jira Data Center or Jira Server in Jira 8.14 and later. Upgrade your Jira instance to Jira 8.14 or later, and reconfigure the Jira integration in your GitLab instance. If you cannot upgrade your Jira instance in time and are on GitLab self-managed version, we offer a workaround until GitLab 16.6. This breaking change is deployed in GitLab 16.0 behind a feature flag named `jira_dvcs_end_of_life_amnesty`. The flag is disabled by default, but you can ask an administrator to enable the flag at any time. For questions related to this announcement, see the [feedback issue](https://gitlab.com/gitlab-org/gitlab/-/issues/408185). +### Legacy Gitaly configuration method + +WARNING: +This is a [breaking change](https://docs.gitlab.com/ee/development/deprecation_guidelines/). +Review the details carefully before upgrading. + +Previously, Gitaly configuration keys for Omnibus GitLab were scattered throughout the configuration file. In GitLab +15.10, we added support for a single configuration structure that matches Gitaly internal configuration. Both methods +of configuring Gitaly were supported in parallel. + +In GitLab 16.0, we removed support for the former configuration method and now only support the new configuration +method. + +Before upgrading to GitLab 16.0, administrators must migrate to the new single configuration structure. For +instructions, see [Gitaly - Omnibus GitLab configuration structure change](https://docs.gitlab.com/ee/update/#gitaly-omnibus-gitlab-configuration-structure-change). + ### Legacy Gitaly configuration methods with variables WARNING: @@ -239,6 +255,22 @@ in GitLab 16.0. These variables are replaced with standard GitLab instances that use `GIT_CONFIG_SYSTEM` and `GIT_CONFIG_GLOBAL` to configure Gitaly must switch to configuring using `config.toml`. +### Legacy Praefect configuration method + +WARNING: +This is a [breaking change](https://docs.gitlab.com/ee/development/deprecation_guidelines/). +Review the details carefully before upgrading. + +Previously, Praefect configuration keys for Omnibus GitLab were scattered throughout the configuration file. In GitLab +15.9, we added support for a single configuration structure that matches Praefect internal configuration. Both methods +of configuring Praefect were supported in parallel. + +In GitLab 16.0, we removed support for the former configuration method and now only support the new configuration +method. + +Before upgrading to GitLab 16.0, administrators must migrate to the new single configuration structure. For +instructions, see [Praefect - Omnibus GitLab configuration structure change](https://docs.gitlab.com/ee/update/#praefect-omnibus-gitlab-configuration-structure-change). + ### License-Check and the Policies tab on the License Compliance page WARNING: @@ -282,6 +314,27 @@ The [**Maximum number of active pipelines per project** limit](https://docs.gitl - [**Pipelines rate limits**](https://docs.gitlab.com/ee/user/admin_area/settings/rate_limit_on_pipelines_creation.html). - [**Total number of jobs in currently active pipelines**](https://docs.gitlab.com/ee/user/admin_area/settings/continuous_integration.html#set-cicd-limits). +### Monitoring performance metrics through Prometheus is removed + +WARNING: +This is a [breaking change](https://docs.gitlab.com/ee/development/deprecation_guidelines/). +Review the details carefully before upgrading. + +We previously launched a solution that allows you to view performance metrics by displaying data stored in a Prometheus instance. +The Prometheus instance can be set up as a GitLab-managed app or you can connect a previously configured Prometheus instance. +The latter is known as an "external Prometheus" in GitLab. The value we provided was to enable you to easily set up monitoring +(using GitLab Managed Apps) and have the visualization of the metrics all in the same tool you used to build the application. + +However, as we are removing certificate-based integrations, the full monitoring experience is also deprecated as you will not +have the option to easily set up Prometheus from GitLab. Furthermore, we plan to consolidate on +a focused observability dashboard experience instead of having multiple paths to view metrics. Because of this, we are also removing the external +Prometheus experience, together with the metrics visualization capability. + +This removal only refers to the GitLab Metrics capabilities, and **does not** include: + +- Deprecating [alerts for Prometheus](https://gitlab.com/gitlab-org/gitlab/-/issues/338834). +- [Capabilities that GitLab comes with that allow operators of GitLab to retrieve metrics from those instances](https://docs.gitlab.com/ee/administration/monitoring/prometheus/gitlab_metrics.html). + ### Non-expiring access tokens no longer supported WARNING: @@ -330,6 +383,18 @@ Before upgrading to GitLab 16.0, if you are: - Using an externally-provided PostgreSQL 12, you must upgrade to PostgreSQL 13 or later to meet the [minimum version requirements](https://docs.gitlab.com/ee/install/requirements.html#postgresql-requirements). +### Praefect custom metrics endpoint configuration + +WARNING: +This is a [breaking change](https://docs.gitlab.com/ee/development/deprecation_guidelines/). +Review the details carefully before upgrading. + +Support for using the `prometheus_exclude_database_from_default_metrics` configuration value was deprecated in +GitLab 15.9 and is removed in GitLab 16.0. We made this change to improve the performance of Praefect. +All metrics that scrape the Praefect database are now exported to the `/db_metrics` endpoint. + +You must update your metrics collection targets to use the `/db_metrics` endpoint. + ### Project REST API field `operations_access_level` removed WARNING: diff --git a/doc/user/enterprise_user/index.md b/doc/user/enterprise_user/index.md index 901731ad6f9..ffeaaa8c591 100644 --- a/doc/user/enterprise_user/index.md +++ b/doc/user/enterprise_user/index.md @@ -41,21 +41,62 @@ The following automated processes use [verified domains](../project/pages/custom Prerequisites: -- A project with [GitLab Pages](../project/pages/index.md), served under the default Pages domain `*.gitlab.io`. - A custom domain name `example.com` or subdomain `subdomain.example.com`. - Access to your domain's server control panel to set up a DNS `TXT` record to verify your domain's ownership. Setting up a verified domain is similar to [setting up a custom domain on GitLab Pages](../project/pages/custom_domains_ssl_tls_certification/index.md). However, you must: -- Only configure the DNS `TXT` record to verify the domain's ownership. -- Ignore instructions for the `A`, `CNAME`, and `ALIAS` records. +- Link the domain to a project. For more information on group-level domain verification, see [issue 5299](https://gitlab.com/groups/gitlab-org/-/epics/5299). +- Configure the DNS `TXT` record to verify the domain's ownership. -1. [Add a custom domain](../project/pages/custom_domains_ssl_tls_certification/index.md#1-add-a-custom-domain) for the matching email domain. - - The domain must match the email domain exactly. For example, if your email is `username@example.com`, verify the `example.com` domain. -1. [Get a verification code](../project/pages/custom_domains_ssl_tls_certification/index.md#2-get-the-verification-code). -1. [Set up the DNS `TXT`](../project/pages/custom_domains_ssl_tls_certification/index.md#3-set-up-dns-records) for your custom domain. -1. [Verify the domain's ownership](../project/pages/custom_domains_ssl_tls_certification/index.md#4-verify-the-domains-ownership). -1. Optional. [Add more domain aliases](../project/pages/custom_domains_ssl_tls_certification/index.md#add-more-domain-aliases). +Steps: + +#### 1. Add a custom domain for the matching email domain + +The custom domain must match the email domain exactly. For example, if your email is `username@example.com`, verify the `example.com` domain. + +1. On the top bar, select **Main menu > Groups** and find your top group. +1. On the left sidebar, select **Settings > Domain Verification**. +1. In the upper-right corner, select **Add Domain**. +1. In **Domain**, enter the domain name. +1. In **Project**, link to a project. +1. Optional. In **Certificate**, switch the **Manually enter certificate information** toggle to add an SSL/TLS + certificate. You can also add the certificate and key later. +1. Select **Add Domain**. + +#### 2. Get a verification code + +After you create a new domain, the verification code prompts you. Copy the values from GitLab +and paste them in your domain's control panel as a `TXT` record. + + + +#### 3. Verify the domain's ownership + +After you have added all the DNS records: + +1. On the top bar, select **Main menu > Groups** and find your group. +1. On the left sidebar, select **Settings > Domain Verification**. +1. On the domain table row, Select **Retry verification** (**{retry}**). + + + +WARNING: +For GitLab instances with domain verification enabled, +if the domain cannot be verified for 7 days, that domain is removed +from the GitLab project. + +> **Notes:** +> +> - Domain verification is **required for GitLab.com users**; + for GitLab self-managed instances, your GitLab administrator has the option + to [disabled custom domain verification](../../administration/pages/index.md#custom-domain-verification). +> - [DNS propagation may take some time (up to 24 hours)](https://www.inmotionhosting.com/support/domain-names/dns-nameserver-changes/complete-guide-to-dns-records/), + although it's usually a matter of minutes to complete. Until it does, verification + fails, and attempts to visit your domain result in a 404. +> - Once your domain has been verified, leave the verification record + in place. Your domain is periodically reverified, and may be + disabled if the record is removed. ### View domains in group diff --git a/doc/user/img/get_domain_verification_code_v16_0.png b/doc/user/img/get_domain_verification_code_v16_0.png Binary files differnew file mode 100644 index 00000000000..34c77866865 --- /dev/null +++ b/doc/user/img/get_domain_verification_code_v16_0.png diff --git a/doc/user/img/retry_domain_verification_v16_0.png b/doc/user/img/retry_domain_verification_v16_0.png Binary files differnew file mode 100644 index 00000000000..4183fd5a342 --- /dev/null +++ b/doc/user/img/retry_domain_verification_v16_0.png diff --git a/doc/user/project/web_ide/index.md b/doc/user/project/web_ide/index.md index 140008f8b93..bb1609a74e5 100644 --- a/doc/user/project/web_ide/index.md +++ b/doc/user/project/web_ide/index.md @@ -87,6 +87,20 @@ To view a list of files you changed in the Web IDE: Your `CHANGES`, `STAGED CHANGES`, and `MERGE CHANGES` are displayed. For more information, see the [VS Code documentation](https://code.visualstudio.com/docs/sourcecontrol/overview#_commit). +## Upload a new file + +To upload a new file and add it to the Git repository: + +1. In the **Explorer** file tree, navigate to the directory where you want to upload the file. +1. Optional. If the directory does not exist yet, select the directory path where you want to have a new directory and either: + - Right-click on the directory path, and select **New Folder...**. You can create a nested directory path with the `/` separator, for example `parentdir/subdir1/subdir2`. + - In the **Explorer** panel, in the upper-right corner, select the new folder (**{folder-new}**) icon. +1. Enter the name of the new directory, and press <kbd>Enter/Return</kbd> to create it. +1. Right-click on the directory path and select `Upload...`. +1. Select the file you want to upload, then select `Open`. You can select and add multiple files at once. + +The file is uploaded and automatically added as a new file to the Git repository. + ## Switch branches The Web IDE uses the currently selected branch by default. diff --git a/lib/gitlab/grape_logging/loggers/response_logger.rb b/lib/gitlab/grape_logging/loggers/response_logger.rb index 0465f01f7f5..767c282d62e 100644 --- a/lib/gitlab/grape_logging/loggers/response_logger.rb +++ b/lib/gitlab/grape_logging/loggers/response_logger.rb @@ -8,7 +8,14 @@ module Gitlab return {} unless Feature.enabled?(:log_response_length) response_bytes = 0 - response.each { |resp| response_bytes += resp.to_s.bytesize } + + case response + when String + response_bytes = response.bytesize + else + response.each { |resp| response_bytes += resp.to_s.bytesize } + end + { response_bytes: response_bytes } diff --git a/lib/gitlab/http_connection_adapter.rb b/lib/gitlab/http_connection_adapter.rb index 2152f619228..afb740a902b 100644 --- a/lib/gitlab/http_connection_adapter.rb +++ b/lib/gitlab/http_connection_adapter.rb @@ -24,11 +24,18 @@ module Gitlab override :connection def connection - @uri, hostname = validate_url!(uri) + result = validate_url_with_proxy!(uri) + @uri = result.uri + hostname = result.hostname http = super http.hostname_override = hostname if hostname + unless result.use_proxy + http.proxy_from_env = false + http.proxy_address = nil + end + gitlab_http = Gitlab::NetHttpAdapter.new(http.address, http.port) http.instance_variables.each do |variable| @@ -40,12 +47,13 @@ module Gitlab private - def validate_url!(url) - Gitlab::UrlBlocker.validate!(url, allow_local_network: allow_local_requests?, - allow_localhost: allow_local_requests?, - allow_object_storage: allow_object_storage?, - dns_rebind_protection: dns_rebind_protection?, - schemes: %w[http https]) + def validate_url_with_proxy!(url) + Gitlab::UrlBlocker.validate_url_with_proxy!( + url, allow_local_network: allow_local_requests?, + allow_localhost: allow_local_requests?, + allow_object_storage: allow_object_storage?, + dns_rebind_protection: dns_rebind_protection?, + schemes: %w[http https]) rescue Gitlab::UrlBlocker::BlockedUrlError => e raise Gitlab::HTTP::BlockedUrlError, "URL is blocked: #{e.message}" end diff --git a/lib/gitlab/url_blocker.rb b/lib/gitlab/url_blocker.rb index e7aab4fae79..ba50a42cd37 100644 --- a/lib/gitlab/url_blocker.rb +++ b/lib/gitlab/url_blocker.rb @@ -9,6 +9,23 @@ module Gitlab DENY_ALL_REQUESTS_EXCEPT_ALLOWED_DEFAULT = proc { deny_all_requests_except_allowed_app_setting }.freeze + # Result stores the validation result: + # uri - The original URI requested + # hostname - The hostname that should be used to connect. For DNS + # rebinding protection, this will be the resolved IP address of + # the hostname. + # use_proxy - + # If true, this means that the proxy server specified in the + # http_proxy/https_proxy environment variables should be used. + # + # If false, this either means that no proxy server was specified + # or that the hostname in the URL is exempt via the no_proxy + # environment variable. This allows the caller to disable usage + # of a proxy since the IP address may be used to + # connect. Otherwise, Net::HTTP may erroneously compare the IP + # address against the no_proxy list. + Result = Struct.new(:uri, :hostname, :use_proxy) + class << self # Validates the given url according to the constraints specified by arguments. # @@ -21,9 +38,9 @@ module Gitlab # enforce_sanitization - Raises error if URL includes any HTML/CSS/JS tags and argument is true. # deny_all_requests_except_allowed - Raises error if URL is not in the allow list and argument is true. Can be Boolean or Proc. Defaults to instance app setting. # - # Returns an array with [<uri>, <original-hostname>]. + # Returns a Result object. # rubocop:disable Metrics/ParameterLists - def validate!( + def validate_url_with_proxy!( url, schemes:, ports: [], @@ -37,7 +54,7 @@ module Gitlab dns_rebind_protection: true) # rubocop:enable Metrics/ParameterLists - return [nil, nil] if url.nil? + return Result.new(nil, nil, true) if url.nil? raise ArgumentError, 'The schemes is a required argument' if schemes.blank? @@ -56,19 +73,22 @@ module Gitlab begin address_info = get_address_info(uri) rescue SocketError - return [uri, nil] unless enforce_address_info_retrievable?(uri, dns_rebind_protection, deny_all_requests_except_allowed) + proxy_in_use = uri_under_proxy_setting?(uri, nil) + + return Result.new(uri, nil, proxy_in_use) unless enforce_address_info_retrievable?(uri, dns_rebind_protection, deny_all_requests_except_allowed) raise BlockedUrlError, 'Host cannot be resolved or invalid' end ip_address = ip_address(address_info) + proxy_in_use = uri_under_proxy_setting?(uri, ip_address) # Ignore DNS rebind protection when a proxy is being used, as DNS # rebinding is expected behavior. - dns_rebind_protection &= !uri_under_proxy_setting?(uri, ip_address) - return [uri, nil] if domain_in_allow_list?(uri) + dns_rebind_protection &&= !proxy_in_use + return Result.new(uri, nil, proxy_in_use) if domain_in_allow_list?(uri) - protected_uri_with_hostname = enforce_uri_hostname(ip_address, uri, dns_rebind_protection) + protected_uri_with_hostname = enforce_uri_hostname(ip_address, uri, dns_rebind_protection, proxy_in_use) return protected_uri_with_hostname if ip_in_allow_list?(ip_address, port: get_port(uri)) @@ -96,6 +116,13 @@ module Gitlab true end + # For backwards compatibility, Returns an array with [<uri>, <original-hostname>]. + # Issue for refactoring: https://gitlab.com/gitlab-org/gitlab/-/issues/410890 + def validate!(...) + result = validate_url_with_proxy!(...) + [result.uri, result.hostname] + end + private # Returns the given URI with IP address as hostname and the original hostname respectively @@ -106,12 +133,12 @@ module Gitlab # # The original hostname is used to validate the SSL, given in that scenario # we'll be making the request to the IP address, instead of using the hostname. - def enforce_uri_hostname(ip_address, uri, dns_rebind_protection) - return [uri, nil] unless dns_rebind_protection && ip_address && ip_address != uri.hostname + def enforce_uri_hostname(ip_address, uri, dns_rebind_protection, proxy_in_use) + return Result.new(uri, nil, proxy_in_use) unless dns_rebind_protection && ip_address && ip_address != uri.hostname new_uri = uri.dup new_uri.hostname = ip_address - [new_uri, uri.hostname] + Result.new(new_uri, uri.hostname, proxy_in_use) end def ip_address(address_info) diff --git a/locale/gitlab.pot b/locale/gitlab.pot index 99cda6ff71b..82b5c1944cc 100644 --- a/locale/gitlab.pot +++ b/locale/gitlab.pot @@ -684,6 +684,9 @@ msgstr "" msgid "%{docs_link_start}Learn about visibility levels.%{docs_link_end}" msgstr "" +msgid "%{docs_link_start}Setting up a verified domain%{docs_link_end} requires being linked to a project." +msgstr "" + msgid "%{docs_link_start}What is Large File Storage?%{docs_link_end}" msgstr "" @@ -2408,6 +2411,9 @@ msgstr "" msgid "Action" msgstr "" +msgid "Action '%{action}' in registry %{registry_id} entry is not supported." +msgstr "" + msgid "Action not allowed." msgstr "" @@ -15909,6 +15915,12 @@ msgstr "" msgid "DomainVerification|Add Domain" msgstr "" +msgid "DomainVerification|Are you sure you want to delete this domain?" +msgstr "" + +msgid "DomainVerification|Delete domain" +msgstr "" + msgid "DomainVerification|Domain was added" msgstr "" @@ -15918,21 +15930,42 @@ msgstr "" msgid "DomainVerification|Domain was updated" msgstr "" +msgid "DomainVerification|Edit Domain" +msgstr "" + +msgid "DomainVerification|Enter your domain" +msgstr "" + msgid "DomainVerification|Failed to verify domain ownership" msgstr "" msgid "DomainVerification|How do I configure a domain?" msgstr "" +msgid "DomainVerification|How to set up DNS records?" +msgstr "" + +msgid "DomainVerification|Manually enter certificate information" +msgstr "" + +msgid "DomainVerification|New Domain" +msgstr "" + msgid "DomainVerification|No domains configured. Create a domain in a project in this group hierarchy." msgstr "" +msgid "DomainVerification|Remove certificate" +msgstr "" + msgid "DomainVerification|Successfully verified domain ownership" msgstr "" msgid "DomainVerification|The following domains are configured for projects in this group. Users with email addresses that match a verified domain do not need to confirm their account." msgstr "" +msgid "DomainVerification|To verify ownership of your domain, add the above key to a TXT record within your DNS configuration. %{link_to_help}" +msgstr "" + msgid "Don't have a group?" msgstr "" @@ -37195,6 +37228,12 @@ msgstr "" msgid "Registration|Your profile" msgstr "" +msgid "Registry entry enqueued to be resynced" +msgstr "" + +msgid "Registry entry enqueued to be reverified" +msgstr "" + msgid "Registry setup" msgstr "" @@ -42885,6 +42924,9 @@ msgstr "" msgid "Source IP" msgstr "" +msgid "Source Project" +msgstr "" + msgid "Source branch" msgstr "" @@ -44129,6 +44171,9 @@ msgstr "" msgid "System started" msgstr "" +msgid "TXT" +msgstr "" + msgid "Table of Contents" msgstr "" diff --git a/qa/qa/fixtures/mocks/import/github.yml b/qa/qa/fixtures/mocks/import/github.yml index b8e137abfbb..6ee6be471c4 100644 --- a/qa/qa/fixtures/mocks/import/github.yml +++ b/qa/qa/fixtures/mocks/import/github.yml @@ -215,6 +215,23 @@ ] - request: + path: /user/orgs + method: GET + query_params: + page: '1' + per_page: '25' + headers: + Host: api.github.com + response: + status: 200 + headers: + Content-Type: application/json; charset=utf-8 + X-Ratelimit-Limit: '5000' + X-Ratelimit-Remaining: '5000' + body: | + [] + +- request: path: matcher: ShouldMatch value: (\/repositories\/466994992$|\/repos\/gitlab-qa-github\/import-test$) @@ -346,175 +363,6 @@ } - request: - path: /repos/gitlab-qa-github/import-test/issues - method: GET - headers: - Host: api.github.com - response: - status: 200 - headers: - Content-Type: application/json; charset=utf-8 - X-Ratelimit-Limit: '5000' - X-Ratelimit-Remaining: '5000' - body: | - [ - { - "active_lock_reason": null, - "assignee": { - "avatar_url": "https://avatars.githubusercontent.com/u/59606922?v=4", - "events_url": "https://api.github.com/users/gitlab-qa-github/events{/privacy}", - "followers_url": "https://api.github.com/users/gitlab-qa-github/followers", - "following_url": "https://api.github.com/users/gitlab-qa-github/following{/other_user}", - "gists_url": "https://api.github.com/users/gitlab-qa-github/gists{/gist_id}", - "gravatar_id": "", - "html_url": "https://github.com/gitlab-qa-github", - "id": 59606922, - "login": "gitlab-qa-github", - "node_id": "MDQ6VXNlcjU5NjA2OTIy", - "organizations_url": "https://api.github.com/users/gitlab-qa-github/orgs", - "received_events_url": "https://api.github.com/users/gitlab-qa-github/received_events", - "repos_url": "https://api.github.com/users/gitlab-qa-github/repos", - "site_admin": false, - "starred_url": "https://api.github.com/users/gitlab-qa-github/starred{/owner}{/repo}", - "subscriptions_url": "https://api.github.com/users/gitlab-qa-github/subscriptions", - "type": "User", - "url": "https://api.github.com/users/gitlab-qa-github" - }, - "assignees": [ - { - "avatar_url": "https://avatars.githubusercontent.com/u/59606922?v=4", - "events_url": "https://api.github.com/users/gitlab-qa-github/events{/privacy}", - "followers_url": "https://api.github.com/users/gitlab-qa-github/followers", - "following_url": "https://api.github.com/users/gitlab-qa-github/following{/other_user}", - "gists_url": "https://api.github.com/users/gitlab-qa-github/gists{/gist_id}", - "gravatar_id": "", - "html_url": "https://github.com/gitlab-qa-github", - "id": 59606922, - "login": "gitlab-qa-github", - "node_id": "MDQ6VXNlcjU5NjA2OTIy", - "organizations_url": "https://api.github.com/users/gitlab-qa-github/orgs", - "received_events_url": "https://api.github.com/users/gitlab-qa-github/received_events", - "repos_url": "https://api.github.com/users/gitlab-qa-github/repos", - "site_admin": false, - "starred_url": "https://api.github.com/users/gitlab-qa-github/starred{/owner}{/repo}", - "subscriptions_url": "https://api.github.com/users/gitlab-qa-github/subscriptions", - "type": "User", - "url": "https://api.github.com/users/gitlab-qa-github" - } - ], - "author_association": "OWNER", - "body": "Test pull request body", - "closed_at": null, - "comments": 1, - "comments_url": "https://api.github.com/repos/gitlab-qa-github/import-test/issues/2/comments", - "created_at": "2022-03-07T07:58:10Z", - "draft": false, - "events_url": "https://api.github.com/repos/gitlab-qa-github/import-test/issues/2/events", - "html_url": "https://github.com/gitlab-qa-github/import-test/pull/2", - "id": 1161030385, - "labels": [ - { - "color": "0075ca", - "default": true, - "description": "Improvements or additions to documentation", - "id": 3902072341, - "name": "documentation", - "node_id": "LA_kwDOG9XHMM7olOYV", - "url": "https://api.github.com/repos/gitlab-qa-github/import-test/labels/documentation" - } - ], - "labels_url": "https://api.github.com/repos/gitlab-qa-github/import-test/issues/2/labels{/name}", - "locked": false, - "milestone": { - "closed_at": null, - "closed_issues": 0, - "created_at": "2022-03-07T07:54:43Z", - "creator": { - "avatar_url": "https://avatars.githubusercontent.com/u/59606922?v=4", - "events_url": "https://api.github.com/users/gitlab-qa-github/events{/privacy}", - "followers_url": "https://api.github.com/users/gitlab-qa-github/followers", - "following_url": "https://api.github.com/users/gitlab-qa-github/following{/other_user}", - "gists_url": "https://api.github.com/users/gitlab-qa-github/gists{/gist_id}", - "gravatar_id": "", - "html_url": "https://github.com/gitlab-qa-github", - "id": 59606922, - "login": "gitlab-qa-github", - "node_id": "MDQ6VXNlcjU5NjA2OTIy", - "organizations_url": "https://api.github.com/users/gitlab-qa-github/orgs", - "received_events_url": "https://api.github.com/users/gitlab-qa-github/received_events", - "repos_url": "https://api.github.com/users/gitlab-qa-github/repos", - "site_admin": false, - "starred_url": "https://api.github.com/users/gitlab-qa-github/starred{/owner}{/repo}", - "subscriptions_url": "https://api.github.com/users/gitlab-qa-github/subscriptions", - "type": "User", - "url": "https://api.github.com/users/gitlab-qa-github" - }, - "description": null, - "due_on": null, - "html_url": "https://github.com/gitlab-qa-github/import-test/milestone/1", - "id": 7741550, - "labels_url": "https://api.github.com/repos/gitlab-qa-github/import-test/milestones/1/labels", - "node_id": "MI_kwDOG9XHMM4AdiBu", - "number": 1, - "open_issues": 2, - "state": "open", - "title": "0.0.1", - "updated_at": "2022-07-07T10:01:32Z", - "url": "https://api.github.com/repos/gitlab-qa-github/import-test/milestones/1" - }, - "node_id": "PR_kwDOG9XHMM40Bfnz", - "number": 2, - "performed_via_github_app": null, - "pull_request": { - "diff_url": "https://github.com/gitlab-qa-github/import-test/pull/2.diff", - "html_url": "https://github.com/gitlab-qa-github/import-test/pull/2", - "merged_at": null, - "patch_url": "https://github.com/gitlab-qa-github/import-test/pull/2.patch", - "url": "https://api.github.com/repos/gitlab-qa-github/import-test/pulls/2" - }, - "reactions": { - "+1": 0, - "-1": 0, - "confused": 0, - "eyes": 0, - "heart": 0, - "hooray": 0, - "laugh": 0, - "rocket": 0, - "total_count": 0, - "url": "https://api.github.com/repos/gitlab-qa-github/import-test/issues/2/reactions" - }, - "repository_url": "https://api.github.com/repos/gitlab-qa-github/import-test", - "state": "open", - "state_reason": null, - "timeline_url": "https://api.github.com/repos/gitlab-qa-github/import-test/issues/2/timeline", - "title": "Test pull request", - "updated_at": "2022-12-27T09:57:21Z", - "url": "https://api.github.com/repos/gitlab-qa-github/import-test/issues/2", - "user": { - "avatar_url": "https://avatars.githubusercontent.com/u/59606922?v=4", - "events_url": "https://api.github.com/users/gitlab-qa-github/events{/privacy}", - "followers_url": "https://api.github.com/users/gitlab-qa-github/followers", - "following_url": "https://api.github.com/users/gitlab-qa-github/following{/other_user}", - "gists_url": "https://api.github.com/users/gitlab-qa-github/gists{/gist_id}", - "gravatar_id": "", - "html_url": "https://github.com/gitlab-qa-github", - "id": 59606922, - "login": "gitlab-qa-github", - "node_id": "MDQ6VXNlcjU5NjA2OTIy", - "organizations_url": "https://api.github.com/users/gitlab-qa-github/orgs", - "received_events_url": "https://api.github.com/users/gitlab-qa-github/received_events", - "repos_url": "https://api.github.com/users/gitlab-qa-github/repos", - "site_admin": false, - "starred_url": "https://api.github.com/users/gitlab-qa-github/starred{/owner}{/repo}", - "subscriptions_url": "https://api.github.com/users/gitlab-qa-github/subscriptions", - "type": "User", - "url": "https://api.github.com/users/gitlab-qa-github" - } - } - ] - -- request: path: /repos/gitlab-qa-github/import-test/labels method: GET query_params: @@ -1288,8 +1136,6 @@ path: /repos/gitlab-qa-github/import-test/issues method: GET query_params: - per_page: '100' - sort: created state: all headers: Host: api.github.com @@ -2815,3 +2661,109 @@ "url": "https://api.github.com/users/gitlab-qa-github" } ] + +- request: + path: /users/gitlab-qa-github + method: GET + headers: + Host: api.github.com + response: + status: 200 + headers: + Content-Type: application/json; charset=utf-8 + X-Ratelimit-Limit: '5000' + X-Ratelimit-Remaining: '5000' + body: | + { + "avatar_url": "https://avatars.githubusercontent.com/u/59606922?v=4", + "bio": null, + "blog": "", + "collaborators": 0, + "company": null, + "created_at": "2020-01-07T11:47:11Z", + "disk_usage": 841, + "email": null, + "events_url": "https://api.github.com/users/gitlab-qa-github/events{/privacy}", + "followers": 0, + "followers_url": "https://api.github.com/users/gitlab-qa-github/followers", + "following": 0, + "following_url": "https://api.github.com/users/gitlab-qa-github/following{/other_user}", + "gists_url": "https://api.github.com/users/gitlab-qa-github/gists{/gist_id}", + "gravatar_id": "", + "hireable": null, + "html_url": "https://github.com/gitlab-qa-github", + "id": 59606922, + "location": null, + "login": "gitlab-qa-github", + "name": null, + "node_id": "MDQ6VXNlcjU5NjA2OTIy", + "organizations_url": "https://api.github.com/users/gitlab-qa-github/orgs", + "owned_private_repos": 0, + "plan": { + "collaborators": 0, + "name": "free", + "private_repos": 10000, + "space": 976562499 + }, + "private_gists": 0, + "public_gists": 0, + "public_repos": 4, + "received_events_url": "https://api.github.com/users/gitlab-qa-github/received_events", + "repos_url": "https://api.github.com/users/gitlab-qa-github/repos", + "site_admin": false, + "starred_url": "https://api.github.com/users/gitlab-qa-github/starred{/owner}{/repo}", + "subscriptions_url": "https://api.github.com/users/gitlab-qa-github/subscriptions", + "total_private_repos": 0, + "twitter_username": null, + "two_factor_authentication": true, + "type": "User", + "updated_at": "2023-04-27T11:22:33Z", + "url": "https://api.github.com/users/gitlab-qa-github" + } + +- request: + path: /users/gitlab-qa + method: GET + headers: + Host: api.github.com + response: + status: 200 + headers: + Content-Type: application/json; charset=utf-8 + X-Ratelimit-Limit: '5000' + X-Ratelimit-Remaining: '5000' + body: | + { + "avatar_url": "https://avatars.githubusercontent.com/u/40021320?v=4", + "bio": null, + "blog": "", + "company": null, + "created_at": "2018-06-07T08:07:41Z", + "email": null, + "events_url": "https://api.github.com/users/gitlab-qa/events{/privacy}", + "followers": 0, + "followers_url": "https://api.github.com/users/gitlab-qa/followers", + "following": 0, + "following_url": "https://api.github.com/users/gitlab-qa/following{/other_user}", + "gists_url": "https://api.github.com/users/gitlab-qa/gists{/gist_id}", + "gravatar_id": "", + "hireable": null, + "html_url": "https://github.com/gitlab-qa", + "id": 40021320, + "location": null, + "login": "gitlab-qa", + "name": null, + "node_id": "MDQ6VXNlcjQwMDIxMzIw", + "organizations_url": "https://api.github.com/users/gitlab-qa/orgs", + "public_gists": 0, + "public_repos": 2, + "received_events_url": "https://api.github.com/users/gitlab-qa/received_events", + "repos_url": "https://api.github.com/users/gitlab-qa/repos", + "site_admin": false, + "starred_url": "https://api.github.com/users/gitlab-qa/starred{/owner}{/repo}", + "subscriptions_url": "https://api.github.com/users/gitlab-qa/subscriptions", + "twitter_username": null, + "type": "User", + "updated_at": "2023-05-11T05:59:28Z", + "url": "https://api.github.com/users/gitlab-qa" + } diff --git a/qa/qa/page/project/import/github.rb b/qa/qa/page/project/import/github.rb index 759729f0abf..898bf78b46a 100644 --- a/qa/qa/page/project/import/github.rb +++ b/qa/qa/page/project/import/github.rb @@ -87,7 +87,7 @@ module QA ) do status_selector = 'import_status_indicator' - return has_element?(status_selector, text: "Complete", wait: 1) unless allow_partial_import # rubocop:disable Cop/AvoidReturnFromBlocks + next has_element?(status_selector, text: "Complete", wait: 1) unless allow_partial_import ["Partially completed", "Complete"].any? do |status| has_element?(status_selector, text: status, wait: 1) diff --git a/qa/qa/specs/features/api/1_manage/import/import_github_repo_spec.rb b/qa/qa/specs/features/api/1_manage/import/import_github_repo_spec.rb index 79f16fc2965..c13ddb2b746 100644 --- a/qa/qa/specs/features/api/1_manage/import/import_github_repo_spec.rb +++ b/qa/qa/specs/features/api/1_manage/import/import_github_repo_spec.rb @@ -1,11 +1,7 @@ # frozen_string_literal: true module QA - RSpec.describe 'Manage', :requires_admin, product_group: :import_and_integrate, - quarantine: { - issue: 'https://gitlab.com/gitlab-org/gitlab/-/issues/407297', - type: :investigating - } do + RSpec.describe 'Manage', product_group: :import_and_integrate do describe 'GitHub import' do include_context 'with github import' diff --git a/qa/qa/specs/features/browser_ui/1_manage/import/import_github_repo_spec.rb b/qa/qa/specs/features/browser_ui/1_manage/import/import_github_repo_spec.rb index d2744244af2..a2eca6278d0 100644 --- a/qa/qa/specs/features/browser_ui/1_manage/import/import_github_repo_spec.rb +++ b/qa/qa/specs/features/browser_ui/1_manage/import/import_github_repo_spec.rb @@ -39,11 +39,7 @@ module QA end end - it 'imports a project', testcase: 'https://gitlab.com/gitlab-org/gitlab/-/quality/test_cases/347877', - quarantine: { - issue: 'https://gitlab.com/gitlab-org/gitlab/-/issues/405127', - type: :investigating - } do + it 'imports a project', testcase: 'https://gitlab.com/gitlab-org/gitlab/-/quality/test_cases/347877' do Page::Project::Import::Github.perform do |import_page| import_page.add_personal_access_token(Runtime::Env.github_access_token) @@ -54,7 +50,7 @@ module QA import_page.import!(github_repo, group.full_path, imported_project.name) aggregate_failures do - expect(import_page).to have_imported_project(github_repo, wait: 240) + expect(import_page).to have_imported_project(github_repo, wait: import_wait_duration) # validate link is present instead of navigating to avoid dealing with multiple tabs # which makes the test more complicated expect(import_page).to have_go_to_project_link(github_repo) diff --git a/qa/qa/specs/features/shared_contexts/import/github_import_shared_context.rb b/qa/qa/specs/features/shared_contexts/import/github_import_shared_context.rb index d72144cecec..5ae90d20351 100644 --- a/qa/qa/specs/features/shared_contexts/import/github_import_shared_context.rb +++ b/qa/qa/specs/features/shared_contexts/import/github_import_shared_context.rb @@ -4,6 +4,8 @@ module QA RSpec.shared_context "with github import", :github, :import, :requires_admin, :orchestrated do include QA::Support::Data::Github + let(:import_wait_duration) { 240 } + let!(:github_repo) { "#{github_username}/import-test" } let!(:api_client) { Runtime::API::Client.as_admin } @@ -53,11 +55,15 @@ module QA group.add_member(user, Resource::Members::AccessLevel::MAINTAINER) end + after do + verify_mocks + end + def expect_project_import_finished_successfully imported_project.reload! # import the project status = nil - Support::Retrier.retry_until(max_duration: 240, sleep_interval: 1, raise_on_failure: false) do + Support::Retrier.retry_until(max_duration: import_wait_duration, sleep_interval: 1, raise_on_failure: false) do status = imported_project.project_import_status[:import_status] %w[finished failed].include?(status) end @@ -75,5 +81,17 @@ module QA smocker.reset smocker.register(File.read(File.join(mocks_path, "github.yml"))) end + + # Verify mock session + # + # @return [void] + def verify_mocks + return Runtime::Logger.warn("Mock host is not set, skipping verify step") unless smocker_host + + verify_response = smocker.verify + return if verify_response.success? + + raise "Mock failures detected:\n#{JSON.pretty_generate(verify_response.failures)}" + end end end diff --git a/qa/qa/vendor/smocker/smocker_api.rb b/qa/qa/vendor/smocker/smocker_api.rb index 111de84ffce..0434b5dcea4 100644 --- a/qa/qa/vendor/smocker/smocker_api.rb +++ b/qa/qa/vendor/smocker/smocker_api.rb @@ -113,6 +113,17 @@ module QA end end + # Fetch session verify response + # + # @param [String] session_name + # @return [VerifyResponse] + def verify(session_name = nil) + payload = { session: session_name ? get_session_id(session_name) : nil } + response = post("#{admin_url}/sessions/verify", payload) + + VerifyResponse.new(parse_body(response)) + end + # Returns a stringfied version of the Smocker history # # @param session_name [String] the session name for the mock diff --git a/qa/qa/vendor/smocker/verify_response.rb b/qa/qa/vendor/smocker/verify_response.rb new file mode 100644 index 00000000000..916aa204c90 --- /dev/null +++ b/qa/qa/vendor/smocker/verify_response.rb @@ -0,0 +1,46 @@ +# frozen_string_literal: true + +module QA + module Vendor + module Smocker + class VerifyResponse + def initialize(payload) + @payload = payload + end + + # Check if session did not have any errors + # + # @return [Boolean] + def success? + payload.dig(:mocks, :verified) && payload.dig(:history, :verified) + end + + # Check if all mock definitions have been used + # + # @return [Boolean] + def all_used? + payload.dig(:mocks, :all_used) + end + + # Fetch failures + # + # @return [Array] + def failures + (payload.dig(:mocks, :failures) || []) + (payload.dig(:history, :failures) || []) + end + + # Fetch unused mock definitions + # + # @return [Array] + def unused + payload.dig(:mocks, :unused) + end + + private + + # @return [Hash] + attr_reader :payload + end + end + end +end diff --git a/spec/lib/gitlab/grape_logging/loggers/response_logger_spec.rb b/spec/lib/gitlab/grape_logging/loggers/response_logger_spec.rb index 94e880d979d..449096a6faf 100644 --- a/spec/lib/gitlab/grape_logging/loggers/response_logger_spec.rb +++ b/spec/lib/gitlab/grape_logging/loggers/response_logger_spec.rb @@ -27,5 +27,11 @@ RSpec.describe Gitlab::GrapeLogging::Loggers::ResponseLogger do it { expect(subject).to eq({}) } end + + context 'when response is a String' do + let(:response) { response1 } + + it { expect(subject).to eq({ response_bytes: response1.bytesize }) } + end end end diff --git a/spec/lib/gitlab/http_connection_adapter_spec.rb b/spec/lib/gitlab/http_connection_adapter_spec.rb index 8b8097f4885..fac0c1a2a9f 100644 --- a/spec/lib/gitlab/http_connection_adapter_spec.rb +++ b/spec/lib/gitlab/http_connection_adapter_spec.rb @@ -2,7 +2,7 @@ require 'spec_helper' -RSpec.describe Gitlab::HTTPConnectionAdapter do +RSpec.describe Gitlab::HTTPConnectionAdapter, feature_category: :shared do include StubRequests let(:uri) { URI('https://example.org') } @@ -111,6 +111,42 @@ RSpec.describe Gitlab::HTTPConnectionAdapter do end end + context 'when proxy is enabled' do + before do + stub_env('http_proxy', 'http://proxy.example.com') + end + + it 'proxy stays configured' do + expect(connection.proxy?).to be true + expect(connection.proxy_from_env?).to be true + expect(connection.proxy_address).to eq('proxy.example.com') + end + + context 'when no_proxy matches the request' do + before do + stub_env('no_proxy', 'example.org') + end + + it 'proxy is disabled' do + expect(connection.proxy?).to be false + expect(connection.proxy_from_env?).to be false + expect(connection.proxy_address).to be nil + end + end + + context 'when no_proxy does not match the request' do + before do + stub_env('no_proxy', 'example.com') + end + + it 'proxy stays configured' do + expect(connection.proxy?).to be true + expect(connection.proxy_from_env?).to be true + expect(connection.proxy_address).to eq('proxy.example.com') + end + end + end + context 'when URL scheme is not HTTP/HTTPS' do let(:uri) { URI('ssh://example.org') } diff --git a/spec/lib/gitlab/url_blocker_spec.rb b/spec/lib/gitlab/url_blocker_spec.rb index d790d13f66c..cfd40fb93b5 100644 --- a/spec/lib/gitlab/url_blocker_spec.rb +++ b/spec/lib/gitlab/url_blocker_spec.rb @@ -7,6 +7,9 @@ RSpec.describe Gitlab::UrlBlocker, :stub_invalid_dns_only, feature_category: :sh let(:schemes) { %w[http https] } + # This test ensures backward compatibliity for the validate! method. + # We shoud refactor all callers of validate! to handle a Result object: + # https://gitlab.com/gitlab-org/gitlab/-/issues/410890 describe '#validate!' do let(:options) { { schemes: schemes } } @@ -21,6 +24,36 @@ RSpec.describe Gitlab::UrlBlocker, :stub_invalid_dns_only, feature_category: :sh end end + context 'when the URL hostname is a domain' do + context 'when domain can be resolved' do + let(:import_url) { 'https://example.org' } + + before do + stub_dns(import_url, ip_address: '93.184.216.34') + end + + it_behaves_like 'validates URI and hostname' do + let(:expected_uri) { 'https://93.184.216.34' } + let(:expected_hostname) { 'example.org' } + let(:expected_use_proxy) { false } + end + end + end + end + + describe '#validate_url_with_proxy!' do + let(:options) { { schemes: schemes } } + + subject { described_class.validate_url_with_proxy!(import_url, **options) } + + shared_examples 'validates URI and hostname' do + it 'runs the url validations' do + expect(subject.uri).to eq(Addressable::URI.parse(expected_uri)) + expect(subject.hostname).to eq(expected_hostname) + expect(subject.use_proxy).to eq(expected_use_proxy) + end + end + shared_context 'when instance configured to deny all requests' do before do allow(Gitlab::CurrentSettings).to receive(:current_application_settings?).and_return(true) @@ -94,6 +127,7 @@ RSpec.describe Gitlab::UrlBlocker, :stub_invalid_dns_only, feature_category: :sh it_behaves_like 'validates URI and hostname' do let(:expected_uri) { nil } let(:expected_hostname) { nil } + let(:expected_use_proxy) { true } end it_behaves_like 'a URI exempt from `deny_all_requests_except_allowed`' @@ -109,6 +143,7 @@ RSpec.describe Gitlab::UrlBlocker, :stub_invalid_dns_only, feature_category: :sh it_behaves_like 'validates URI and hostname' do let(:expected_uri) { 'http://127.0.0.1' } let(:expected_hostname) { 'localhost' } + let(:expected_use_proxy) { false } end it_behaves_like 'a URI exempt from `deny_all_requests_except_allowed`' @@ -146,6 +181,7 @@ RSpec.describe Gitlab::UrlBlocker, :stub_invalid_dns_only, feature_category: :sh it_behaves_like 'validates URI and hostname' do let(:expected_uri) { 'http://127.0.0.1:9000/external-diffs/merge_request_diffs/mr-1/diff-1' } let(:expected_hostname) { 'review-minio-svc.svc' } + let(:expected_use_proxy) { false } end it_behaves_like 'a URI exempt from `deny_all_requests_except_allowed`' @@ -157,6 +193,7 @@ RSpec.describe Gitlab::UrlBlocker, :stub_invalid_dns_only, feature_category: :sh it_behaves_like 'validates URI and hostname' do let(:expected_uri) { 'http://127.0.0.1:9000/external-diffs/merge_request_diffs/mr-1/diff-1' } let(:expected_hostname) { nil } + let(:expected_use_proxy) { false } end it_behaves_like 'a URI exempt from `deny_all_requests_except_allowed`' @@ -239,6 +276,7 @@ RSpec.describe Gitlab::UrlBlocker, :stub_invalid_dns_only, feature_category: :sh it_behaves_like 'validates URI and hostname' do let(:expected_uri) { 'https://93.184.216.34' } let(:expected_hostname) { 'example.org' } + let(:expected_use_proxy) { false } end it_behaves_like 'a URI denied by `deny_all_requests_except_allowed`' @@ -259,12 +297,25 @@ RSpec.describe Gitlab::UrlBlocker, :stub_invalid_dns_only, feature_category: :sh let(:import_url) { 'http://foobar.x' } before do - allow(Gitlab).to receive(:http_proxy_env?).and_return(true) + stub_env('http_proxy', 'http://proxy.example.com') end it_behaves_like 'validates URI and hostname' do let(:expected_uri) { import_url } let(:expected_hostname) { nil } + let(:expected_use_proxy) { true } + end + + context 'with no_proxy' do + before do + stub_env('no_proxy', 'foobar.x') + end + + it_behaves_like 'validates URI and hostname' do + let(:expected_uri) { import_url } + let(:expected_hostname) { nil } + let(:expected_use_proxy) { false } + end end end end @@ -284,6 +335,7 @@ RSpec.describe Gitlab::UrlBlocker, :stub_invalid_dns_only, feature_category: :sh it_behaves_like 'validates URI and hostname' do let(:expected_uri) { import_url } let(:expected_hostname) { nil } + let(:expected_use_proxy) { false } end it_behaves_like 'a URI denied by `deny_all_requests_except_allowed`' @@ -311,18 +363,20 @@ RSpec.describe Gitlab::UrlBlocker, :stub_invalid_dns_only, feature_category: :sh it_behaves_like 'validates URI and hostname' do let(:expected_uri) { 'http://192.168.0.120:9121/scrape?target=unix:///var/opt/gitlab/redis/redis.socket&check-keys=*' } let(:expected_hostname) { 'a.192.168.0.120.3times.127.0.0.1.1time.repeat.rebind.network' } + let(:expected_use_proxy) { false } end it_behaves_like 'a URI exempt from `deny_all_requests_except_allowed`' context 'with HTTP_PROXY' do before do - allow(Gitlab).to receive(:http_proxy_env?).and_return(true) + stub_env('http_proxy', 'http://proxy.example.com') end it_behaves_like 'validates URI and hostname' do let(:expected_uri) { import_url } let(:expected_hostname) { nil } + let(:expected_use_proxy) { true } end context 'when domain is in no_proxy env' do @@ -333,6 +387,7 @@ RSpec.describe Gitlab::UrlBlocker, :stub_invalid_dns_only, feature_category: :sh it_behaves_like 'validates URI and hostname' do let(:expected_uri) { 'http://192.168.0.120:9121/scrape?target=unix:///var/opt/gitlab/redis/redis.socket&check-keys=*' } let(:expected_hostname) { 'a.192.168.0.120.3times.127.0.0.1.1time.repeat.rebind.network' } + let(:expected_use_proxy) { false } end end end @@ -347,6 +402,7 @@ RSpec.describe Gitlab::UrlBlocker, :stub_invalid_dns_only, feature_category: :sh it_behaves_like 'validates URI and hostname' do let(:expected_uri) { import_url } let(:expected_hostname) { nil } + let(:expected_use_proxy) { false } end it_behaves_like 'a URI exempt from `deny_all_requests_except_allowed`' @@ -363,6 +419,7 @@ RSpec.describe Gitlab::UrlBlocker, :stub_invalid_dns_only, feature_category: :sh it_behaves_like 'validates URI and hostname' do let(:expected_uri) { import_url } let(:expected_hostname) { nil } + let(:expected_use_proxy) { false } end it_behaves_like 'a URI denied by `deny_all_requests_except_allowed`' @@ -374,6 +431,7 @@ RSpec.describe Gitlab::UrlBlocker, :stub_invalid_dns_only, feature_category: :sh it_behaves_like 'validates URI and hostname' do let(:expected_uri) { import_url } let(:expected_hostname) { nil } + let(:expected_use_proxy) { false } end it_behaves_like 'a URI denied by `deny_all_requests_except_allowed`' @@ -386,6 +444,7 @@ RSpec.describe Gitlab::UrlBlocker, :stub_invalid_dns_only, feature_category: :sh it_behaves_like 'validates URI and hostname' do let(:expected_uri) { import_url } let(:expected_hostname) { nil } + let(:expected_use_proxy) { false } end it_behaves_like 'a URI denied by `deny_all_requests_except_allowed`' @@ -396,6 +455,7 @@ RSpec.describe Gitlab::UrlBlocker, :stub_invalid_dns_only, feature_category: :sh it_behaves_like 'validates URI and hostname' do let(:expected_uri) { import_url } let(:expected_hostname) { nil } + let(:expected_use_proxy) { false } end it_behaves_like 'a URI denied by `deny_all_requests_except_allowed`' diff --git a/spec/presenters/pages_domain_presenter_spec.rb b/spec/presenters/pages_domain_presenter_spec.rb index 731279ce5b9..f197daab759 100644 --- a/spec/presenters/pages_domain_presenter_spec.rb +++ b/spec/presenters/pages_domain_presenter_spec.rb @@ -2,7 +2,7 @@ require 'spec_helper' -RSpec.describe PagesDomainPresenter do +RSpec.describe PagesDomainPresenter, feature_category: :pages do using RSpec::Parameterized::TableSyntax include LetsEncryptHelpers @@ -62,4 +62,46 @@ RSpec.describe PagesDomainPresenter do end end end + + describe 'user_defined_certificate?' do + subject { presenter.user_defined_certificate? } + + let(:domain) { create(:pages_domain) } + + context "when domain certificate is user provided" do + it { is_expected.to eq(true) } + end + + context "when domain is not persisted" do + before do + domain.destroy! + end + + it { is_expected.to eq(false) } + end + + context "when domain certificate is blank" do + before do + domain.update!(certificate: nil, key: nil) + end + + it { is_expected.to eq(false) } + end + + context "when domain certificate source is gitlab_provided" do + before do + domain.update!(certificate_source: :gitlab_provided) + end + + it { is_expected.to eq(false) } + end + + context "when domain certificate has error" do + before do + domain.errors.add(:certificate, "certificate error") + end + + it { is_expected.to eq(false) } + end + end end diff --git a/spec/requests/api/graphql/user_spec.rb b/spec/requests/api/graphql/user_spec.rb index f881935c052..41ee233dfc5 100644 --- a/spec/requests/api/graphql/user_spec.rb +++ b/spec/requests/api/graphql/user_spec.rb @@ -42,9 +42,17 @@ RSpec.describe 'User', feature_category: :user_profile do end context 'when username parameter is used' do - let(:query) { graphql_query_for(:user, { username: current_user.username.to_s }) } + context 'when username is identically cased' do + let(:query) { graphql_query_for(:user, { username: current_user.username.to_s }) } - it_behaves_like 'a working user query' + it_behaves_like 'a working user query' + end + + context 'when username is differently cased' do + let(:query) { graphql_query_for(:user, { username: current_user.username.to_s.upcase }) } + + it_behaves_like 'a working user query' + end end context 'when username and id parameter are used' do diff --git a/spec/workers/every_sidekiq_worker_spec.rb b/spec/workers/every_sidekiq_worker_spec.rb index 9fada09263c..16173e322b6 100644 --- a/spec/workers/every_sidekiq_worker_spec.rb +++ b/spec/workers/every_sidekiq_worker_spec.rb @@ -163,6 +163,7 @@ RSpec.describe 'Every Sidekiq worker', feature_category: :shared do 'Ci::InitialPipelineProcessWorker' => 3, 'Ci::MergeRequests::AddTodoWhenBuildFailsWorker' => 3, 'Ci::Minutes::UpdateProjectAndNamespaceUsageWorker' => 3, + 'Ci::Llm::GenerateConfigWorker' => 3, 'Ci::PipelineArtifacts::CoverageReportWorker' => 3, 'Ci::PipelineArtifacts::CreateQualityReportWorker' => 3, 'Ci::PipelineBridgeStatusWorker' => 3, |
