summaryrefslogtreecommitdiff
path: root/spec/lib
Commit message (Collapse)AuthorAgeFilesLines
* Fix for missing service when importing from EE to CEfix/import-export-ee-servicesJames Lopez2016-12-191-0/+22
| | | | Signed-off-by: Rémy Coutable <remy@rymai.me>
* Merge branch 'fix/import-export-build-token' into 'master' Grzegorz Bizon2016-12-192-1/+11
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fix duplicated build token problem importing projects Reset token so duplicated builds do not thrown an error on import - [x] [Changelog entry](https://docs.gitlab.com/ce/development/changelog.html) added - Tests - [x] Added for this feature/bug - [x] All builds are passing - [x] Conform by the [merge request performance guides](http://docs.gitlab.com/ce/development/merge_request_performance_guidelines.html) - [x] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides) - [x] Branch has no merge conflicts with `master` (if it does - rebase it please) - [ ] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits) Fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/23475 See merge request !8171
| * updated specJames Lopez2016-12-191-2/+2
| |
| * Fix duplicated build token problem and added relevant specfix/import-export-build-tokenJames Lopez2016-12-192-1/+11
| |
* | Merge branch 'fix/detailed-status-groups' into 'master' Lin Jen-Shin (godfat)2016-12-1912-0/+56
|\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Improve icons and style for manual build status ## What does this MR do? This MR changes the CSS class for manual build status badge to make it a little more different than skipped build status badge. It makes it darker. ## Screenshots ![Screen_Shot_2016-12-17_at_13.37.58](/uploads/9628f0e84fdaad82d8833f546f0192a6/Screen_Shot_2016-12-17_at_13.37.58.png)![Screen_Shot_2016-12-17_at_13.31.48](/uploads/fe8e27df0274b9f9ae840110593a298a/Screen_Shot_2016-12-17_at_13.31.48.png) See merge request !8102
| * | Update status group name for success with warningsGrzegorz Bizon2016-12-161-0/+4
| | |
| * | Make CI/CD detailed status group concept explicitGrzegorz Bizon2016-12-1611-0/+52
| | |
* | | Merge branch '25301-git-2.11-force-push-bug' into 'master' Douglas Barbosa Alexandre2016-12-192-0/+72
|\ \ \ | |_|/ |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Accept environment variables from the `pre-receive` script ## Summary 1. Starting version 2.11, git changed the way the pre-receive flow works. - Previously, the new potential objects would be added to the main repo. If the pre-receive passes, the new objects stay in the repo but are linked up. If the pre-receive fails, the new objects stay orphaned in the repo, and are cleaned up during the next `git gc`. - In 2.11, the new potential objects are added to a temporary "alternate object directory", that git creates for this purpose. If the pre-receive passes, the objects from the alternate object directory are migrated to the main repo. If the pre-receive fails the alternate object directory is simply deleted. 2. In our workflow, the pre-recieve script (in `gitlab-shell`) calls the `/allowed` endpoint, which calls out directly to git to perform various checks. These direct calls to git do _not_ have the necessary environment variables set which allow access to the "alternate object directory" (explained above). Therefore these calls to git are not able to access any of the new potential objects to be added during this push. 3. We fix this by accepting the relevant environment variables (`GIT_ALTERNATE_OBJECT_DIRECTORIES`, `GIT_OBJECT_DIRECTORY`, and `GIT_QUARANTINE_PATH`) on the `/allowed` endpoint, and then include these environment variables while calling out to git. 4. This commit includes these environment variables while making the "force push" check. ## Issue Numbers - Closes #25301 (assuming the corresponding `gitlab-shell` MR has been merged in first) - Corresponding `gitlab-shell` MR: gitlab-org/gitlab-shell!112 - Corresponding EE MR: gitlab-org/gitlab-ee!964 ## Tasks - [#25301/!7967/!112] Git version 2.11.0 - Can't push to protected branch as master or developer - [x] Investigate - [x] Implementation - [x] `force_push.rb` should use the relevant environment variables - [x] Any other instances of `/allowed` calling out to git directly? - [x] Verify that the fix works over SSH as well - [x] Can we trim the number of env variables? Do we need all 3? - [x] Whitelist variables. Server shouldn't pass through _any_ env variable passed in - [x] Any security implications? - [x] Check for force push return code - [x] Shouldn't be able to opt-out from the force push check by passing an env variable - [x] Tests - [x] CE - [x] Added - [x] Passing - [x] Shell - [x] Added - [x] Passing - [x] Meta - [x] CHANGELOG entry created - [x] Branch has no merge conflicts with `master` - [x] Squashed related commits together - [x] EE merge request - [x] Review - [x] Endboss - [ ] Follow-up - [x] Make sure EE is working as expected - [x] [CE] Gitlab changes without gitlab-shell changes shouldn't raise any exceptions - [x] [CE] Gitlab-shell changes without gitlab changes shouldn't raise any exceptions - [x] [EE] Gitlab changes without gitlab-shell changes shouldn't raise any exceptions - [x] [EE] Gitlab-shell changes without gitlab changes shouldn't raise any exceptions - [ ] Wait for merge - [ ] CE - [ ] EE - [x] Shell See merge request !7967
| * | Implement final review comments from @rymai.25301-git-2.11-force-push-bugTimothy Andrew2016-12-161-44/+21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - `raise "string"` raises a `RuntimeError` - no need to be explicit - Remove top-level comment in the `RevList` class - Use `%w()` instead of `%w[]` - Extract an `environment_variables` method to cache `env.slice(*ALLOWED_VARIABLES)` - Use `start_with?` for env variable validation instead of regex match - Validation specs for each allowed environment variable were identical. Build them dynamically. - Minor change to `popen3` expectation.
| * | Implement review comments from @dbalexandre.Timothy Andrew2016-12-161-5/+45
| | | | | | | | | | | | | | | | | | | | | | | | - Don't define "allowed environment variables" in two places. - Dispatch to different arities of `Popen.open` without an if/else block. - Use `described_class` instead of explicitly stating the class name within a - spec. - Remove `git_environment_variables_validator_spec` and keep the validation inline.
| * | Check the exit code while invoking git in the force push check.Timothy Andrew2016-12-161-0/+19
| | | | | | | | | | | | | | | Previously, we were calling out to `popen` without asserting on the returned exit-code. Now we raise a `RuntimeError` if the exit code is non-zero.
| * | Validate environment variables in `Gitlab::Git::RevList`Timothy Andrew2016-12-161-0/+36
| |/ | | | | | | | | | | | | | | | | | | | | | | The list of environment variables in `Gitlab::Git::RevList` need to be validate to make sure that they don't reference any other project on disk. This commit mixes in `ActiveModel::Validations` into `Gitlab::Git::RevList`, and validates that the environment variables are on the level (using a custom validator class). If the validations fail, the force push is still executed without any environment variables set. Add specs for the validation using shared examples.
* | Merge branch '25741_enable_multiline_operation_indentation_rubocop_rule' ↵Sean McGivern2016-12-171-1/+1
|\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | into 'master' Enable Style/MultilineOperationIndentation in Rubocop Fixes #25741 See merge request !8125
| * | Enable Style/MultilineOperationIndentation in Rubocop, fixes #25741Rydkin Maxim2016-12-161-1/+1
| |/
* | Store mattermost_url in settingsKamil Trzcinski2016-12-171-5/+13
| |
* | Improve Mattermost Session specsKamil Trzcinski2016-12-171-15/+38
| |
* | Improve session testsZ.J. van de Weg2016-12-172-42/+68
| |
* | Setup mattermost sessionZ.J. van de Weg2016-12-171-0/+42
| |
* | Merge remote-tracking branch 'origin/master' into bitbucket-oauth2Douglas Barbosa Alexandre2016-12-1610-35/+310
|\ \ | |/
| * Merge branch '20492-access-token-scopes' into 'master' Rémy Coutable2016-12-161-23/+45
| |\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Resolve "Add a doorkeeper scope suitable for authentication" ## What does this MR do? - Add a single new scope (in addition to the `api` scope we've had) - `read_user` - Allow creating OAuth applications and Personal access tokens with a scope selected - Enforce scopes in the API ## What are the relevant issue numbers? - Closes #20492 - EE counterpart for this MR: gitlab-org/gitlab-ee!946 See merge request !5951
| | * View-related (and other minor) changes to !5951 based on @rymai's review.Timothy Andrew2016-12-161-28/+18
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - The `scopes_form` partial can be used in the `admin/applications` view as well - Don't allow partials to access instance variables directly. Instead, pass in the instance variables as local variables, and use `local_assigns.fetch` to assert that the variables are passed in as expected. - Change a few instances of `render :partial` to `render` - Remove an instance of `required: false` in a view, since this is the default - Inline many instances of a local variable (`ip = 'ip'`) in `auth_spec`
| | * Validate access token scopes in `Gitlab::Auth`Timothy Andrew2016-12-161-7/+39
| | | | | | | | | | | | | | | | | | - This module is used for git-over-http, as well as JWT. - The only valid scope here is `api`, currently.
| * | Merge branch 'issue_22269' into 'master' Kamil Trzciński2016-12-161-1/+2
| |\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Mattermost Notifications Service ## What does this MR do? closes #22269 ## Screenshots ![mattermost](/uploads/de71c121f544a91305b6dfa6dc4c5738/mattermost.png) ![slack](/uploads/081d75d49239319d94332abda214fb98/slack.png) ## Does this MR meet the acceptance criteria? - [x] [Changelog entry](https://docs.gitlab.com/ce/development/changelog.html) added - [x] [Documentation created/updated](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/doc_styleguide.md) - [x] API support added - Tests - [x] Added for this feature/bug - [x] All builds are passing - [x] Conform by the [merge request performance guides](http://docs.gitlab.com/ce/development/merge_request_performance_guidelines.html) - [x] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides) - [x] Branch has no merge conflicts with `master` (if it does - rebase it please) - [x] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits) See merge request !7764
| | * | Change SlackService to SlackNotificationsServiceissue_22269_fix_eeissue_22269Felipe Artur2016-12-151-2/+2
| | | |
| | * | Mattermost Notifications ServiceFelipe Artur2016-12-151-0/+1
| | | |
| * | | Fix specs in Ruby 2.1Sean McGivern2016-12-161-3/+3
| | |/ | |/| | | | | | | | | | Ruby 2.1 requires a basename argument to `Tempfile.open`, so just call it something that makes sense in context for the spec.
| * | Merge branch 'show-commit-status-from-latest-pipeline' into 'master' Grzegorz Bizon2016-12-151-2/+2
| |\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Show commit status from latest pipeline Show commit status from latest pipeline rather than compound status from all pipelines. Closes #20560 See merge request !7333
| | * \ Merge remote-tracking branch 'upstream/master' into ↵Lin Jen-Shin2016-12-1422-64/+664
| | |\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | show-commit-status-from-latest-pipeline * upstream/master: (39 commits) Improve build status specs contexts descriptions Add some missing tests for detailed status methods Remove trailing blank line from Allowable module Update manual build icon SVG Make it possible to mix `Gitlab::Routing` in Extract abilities checking module from ability model Extend tests for pipeline detailed status helpers Add tests for common build detailed status helpers Add missing tests for build `cancelable?` method Add tests for detailed build statuses factory Make it possible to retry build that was canceled Make build retryable only if complete and executed Improve readability in methods for detailed status Add tests for build cancelable/retryable statuses Extend specs for build play/stop detailed statuses Refine build stop/play extended status specs Use manual build icon in play/stop build statuses Adds manual action icon and case to show it Fix detailed status specs for pipeline stage model Fix detailed status badge for generic commit status ...
| | * \ \ Merge remote-tracking branch 'upstream/master' into ↵Lin Jen-Shin2016-12-1441-158/+1480
| | |\ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | show-commit-status-from-latest-pipeline * upstream/master: (557 commits) Fix wrong error message expectation in API::Commits spec Move admin settings spinach feature to rspec Encode when migrating ProcessCommitWorker jobs Prevent overflow with vertical scroll when we have space to show content Make rubocop happy API: Ability to cherry-pick a commit Be smarter when finding a sudoed user in API::Helpers Backport hooks on group policies for the EE-specific implementation API: Ability to get group's project in simple representation Add AddLowerPathIndexToRoutes to setup_postgresql.rake For single line git commit messages, the close quote should be on the same line as the open quote added border-radius and padding to labels Allow all alphanumeric characters in file names (!8002) Add failing test for #20190 Don't allow blank MR titles in API Replace static fixture for awards_handler_spec (!7661) Crontab typo '* */6' -> '0 */6' (4x/day not 1x-per-min-for-1h 4x/day) Fix test Tweak style and add back wording Clean up commit copy to clipboard and make consistent ...
| | * | | | Use Ci::Pipeline#latest for finding pipelinesLin Jen-Shin2016-11-241-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Feedback: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/7333#note_18861407
| * | | | | Merge branch '22864-add-clean-environment-name' into 'master' Kamil Trzciński2016-12-151-0/+16
| |\ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add a slug to environments ## What does this MR do? Adds a `slug` field to the `environments` table, populating existing rows and ensuring that new rows will get an entry. Cleaning examples: * `review/foo` => `review-foo-5gghdf` * `review-foo` => `review-foo` * `1-foo` => `env-1-foo-e2hx12` * `production` => `production` * `Production` => `production-f8ddlz` ## Are there points in the code the reviewer needs to double check? This migration requires downtime. I don't see a way to avoid it. ## Why was this MR needed? External services often have more restrictive rules on naming than those enforced for `environments.name`. In particular, forward slashes and names longer than 24 characters causes problems on OpenShift. `slug` is designed to be an acceptable alternative to `name` in these situations. Since forward slashes are a documented part of environment names, to set environment types, we need an envionmnent slug, not just a slug for the branch name. ## Does this MR meet the acceptance criteria? - [x] [Changelog entry](https://docs.gitlab.com/ce/development/changelog.html) added - [x] [Documentation created/updated](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/doc_styleguide.md) - [X] API support added - Tests - [X] Added for this feature/bug - [x] All builds are passing - [X] Conform by the [merge request performance guides](http://docs.gitlab.com/ce/development/merge_request_performance_guidelines.html) - [X] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides) - [X] Branch has no merge conflicts with `master` (if it does - rebase it please) - [X] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits) ## What are the relevant issue numbers? Part of #22864 See merge request !7983
| | * | | | | Add an environment slugNick Thomas2016-12-151-0/+16
| | | |_|_|/ | | |/| | |
| * | | | | Merge branch 'jej-note-search-uses-finder' into 'security' Douwe Maan2016-12-152-6/+45
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fix missing Note access checks in by moving Note#search to updated NoteFinder Split from !2024 to partially solve https://gitlab.com/gitlab-org/gitlab-ce/issues/23867 ## Which fixes are in this MR? :warning: - Potentially untested :bomb: - No test coverage :traffic_light: - Test coverage of some sort exists (a test failed when error raised) :vertical_traffic_light: - Test coverage of return value (a test failed when nil used) :white_check_mark: - Permissions check tested ### Note lookup without access check - [x] :white_check_mark: app/finders/notes_finder.rb:13 :download_code check - [x] :white_check_mark: app/finders/notes_finder.rb:19 `SnippetsFinder` - [x] :white_check_mark: app/models/note.rb:121 [`Issue#visible_to_user`] - [x] :white_check_mark: lib/gitlab/project_search_results.rb:113 - This is the only use of `app/models/note.rb:121` above, but importantly has no access checks at all. This means it leaks MR comments and snippets when those features are `team-only` in addition to the issue comments which would be fixed by `app/models/note.rb:121`. - It is only called from SearchController where `can?(current_user, :download_code, @project)` is checked, so commit comments are not leaked. ### Previous discussions - [x] https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/2024/diffs#b915c5267a63628b0bafd23d37792ae73ceae272_13_13 `: download_code` check on commit - [x] https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/2024/diffs#b915c5267a63628b0bafd23d37792ae73ceae272_19_19 `SnippetsFinder` should be used - `SnippetsFinder` should check if the snippets feature is enabled -> https://gitlab.com/gitlab-org/gitlab-ce/issues/25223 ### Acceptance criteria met? - [x] Tests added for new code - [x] TODO comments removed - [x] Squashed and removed skipped tests - [x] Changelog entry - [ ] State Gitlab versions affected and issue severity in description - [ ] Create technical debt issue for NotesFinder. - Either split into `NotesFinder::ForTarget` and `NotesFinder::Search` or consider object per notable type such as `NotesFinder::OnIssue`. For the first option could create `NotesFinder::Base` which is either inherited from or which can be included in the other two. - Avoid case statement anti-pattern in this finder with use of `NotesFinder::OnCommit` etc. Consider something on the finder for this? `Model.finder(user, project)` - Move `inc_author` to the controller, and implement `related_notes` to replace `non_diff_notes`/`mr_and_commit_notes` See merge request !2035
| * | | | | Merge branch 'katex-math' into 'master' Sean McGivern2016-12-152-2/+122
| |\ \ \ \ \ | | |/ / / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | Render math in Asciidoc and Markdown with KaTeX using code blocks Closes #13690 and #13180 See merge request !8003
| | * | | | Render math in Asciidoc and Markdown with KaTeX using code blocksMunken2016-12-143-47/+122
| | | | | |
| | * | | | More testsMunken2016-12-081-8/+12
| | | | | |
| | * | | | More testsMunken2016-12-081-1/+11
| | | | | |
| | * | | | Working inline math filterMunken2016-12-081-0/+31
| | | | | |
| * | | | | Add Gitlab::Middleware::MultipartJacob Vosmaer2016-12-152-1/+77
| | | | | |
| * | | | | Introduce deployment services, starting with a KubernetesServiceNick Thomas2016-12-141-0/+1
| | |_|_|/ | |/| | |
* | | | | Fix rubucop offensesbitbucket-oauth2Douglas Barbosa Alexandre2016-12-161-1/+0
| | | | |
* | | | | BB importer: Milestone importerValery Sizov2016-12-161-0/+6
| | | | |
* | | | | Merge branch 'master' of gitlab.com:gitlab-org/gitlab-ce into bitbucket-oauth2Valery Sizov2016-12-1422-64/+664
|\ \ \ \ \ | |/ / / /
| * | | | Merge branch 'build-statuses' into 'master' Rémy Coutable2016-12-1422-64/+664
| |\ \ \ \ | | |_|_|/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Detailed build statuses ## What does this MR do? Implements detailed statuses for `Ci::Builds` and `CommitStatus`. It also adds a new icon for manual build. ## Screenshots ![manual_builds_icon](/uploads/22b5c594350856c85398ef705a635f8b/manual_builds_icon.png) ## What are the relevant issue numbers? See #24273, closes #22642 See merge request !7989
| | * | | Improve build status specs contexts descriptionsGrzegorz Bizon2016-12-144-4/+4
| | | | |
| | * | | Make it possible to mix `Gitlab::Routing` inGrzegorz Bizon2016-12-131-0/+23
| | | | |
| | * | | Extract abilities checking module from ability modelGrzegorz Bizon2016-12-131-0/+27
| | | | |
| | * | | Extend tests for pipeline detailed status helpersGrzegorz Bizon2016-12-131-12/+18
| | | | |
| | * | | Add tests for common build detailed status helpersGrzegorz Bizon2016-12-131-0/+37
| | | | |
| | * | | Add tests for detailed build statuses factoryGrzegorz Bizon2016-12-131-0/+141
| | | | |
View Lorry Controller Status