| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| | |
|
| |\
| |
| |
| |
| |
| |
| | |
Improve ldap:check errors
Fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/21621.
See merge request !6601
|
| | |
| |
| |
| |
| |
| |
| | |
It was previously possible for invalid credential errors to go unnoticed
in this task. Users would believe everything was configured correctly and
then sign in would fail with 'invalid credentials'. This adds a specific
bind check, plus catches errors connecting to the server. Also, specs :)
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Respect project visibility settings in the contributions calendar
This MR fixes a number of bugs relating to access controls and date selection of events for the contributions calendar
Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/23403
See merge request !2019
Signed-off-by: Rémy Coutable <remy@rymai.me>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Ensure external users are not able to clone disabled repositories.
Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/23788
See merge request !2017
Signed-off-by: Rémy Coutable <remy@rymai.me>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Fix for HackerOne XSS vulnerability in markdown
This is an updated blacklist patch to fix https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/2007. No text is removed. Dangerous schemes/protocols and invalid URIs are left intact but not linked.
Fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/23153
See merge request !2015
Signed-off-by: Rémy Coutable <remy@rymai.me>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
disable markdown in comments when referencing disabled features
fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/23548
This MR prevents the following references when tool is disabled:
- issues
- snippets
- commits - when repo is disabled
- commit range - when repo is disabled
- milestones
This MR does not prevent references to repository files, since they are just markdown links and don't leak
information.
See merge request !2011
Signed-off-by: Rémy Coutable <remy@rymai.me>
|
| |\ \
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Refactor routing constraints
## What does this MR do?
Refactors routing constraints
## Why was this MR needed?
This refactoring make it possible to introduce nesting namespaces and project constrainer in future.
## What are the relevant issue numbers?
Extracted from https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/7121/
See merge request !7327
|
| | | |
| | |
| | |
| | | |
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
|
| | | |
| | |
| | |
| | | |
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
|
| |\ \ \
| |/ /
|/| |
| | |
| | | |
Use separate email-friendly token for incoming email
See merge request !5914
|
| | | |
| | |
| | |
| | | |
reactivates all tests and writes more tests for it
|
| | |/
| |
| |
| | |
email token be reset
|
| |/ |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Fix symlink vulnerability in Import/Export
Replaces https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/2018 made by @james
Fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/23822
See merge request !2022
Signed-off-by: Rémy Coutable <remy@rymai.me>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Fix Import/Export foreign key issue to do with project members
Cleans-up any foreign keys in `ProjectMember` - same as we do with the rest of the models when importing.
Fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/23837 and https://gitlab.com/gitlab-org/gitlab-ce/issues/23739
See merge request !2020
Signed-off-by: Rémy Coutable <remy@rymai.me>
|
| |\
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Allow owners to fetch source code in CI builds
Due to different way of handling owners of a project, they were not allowed to fetch CI sources for project.
This adds a separate code path for handling owners, that are not admins.
Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/23437
See merge request !6943
|
| | |
| |
| |
| | |
Due to different way of handling owners of a project, they were not allowed to fetch CI sources for project.
|
| | | |
|
| |/
|
|
| |
Fixes: https://gitlab.com/gitlab-org/gitlab-ce/issues/18096
|
| |\
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Use optimistic locking
## What does this MR do?
Removes the usage of pessimistic locking in favor of optimistic which is way cheaper and doesn't block database operation.
Since this is very simple change it should be safe. If we receive `StaleObjectError` message we will reload object a retry operations in lock.
However, I still believe that we need this one: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/7005 as this will reduce a load on Database and FS.
This changes a behavior from:
### Pesimistic locking (previous behavior)
#### For updating
1. SELECT * FOR UPDATE (other updates wait on this)
2. we update ci_pipeline
3. latest_build_status
4. enqueue: (use: transition :created -> :pending)
5. [state_machine] we are in state created, we can go to pending
6. [state_machine] ci_pipeline.status = created
7. [state_machine] ci_pipeline.save
8. [state_machine] after_transition: (if for success): PipelineSuccessWorker on Sidekiq
9. release DB lock
#### If no update is required
1. SELECT * FOR UPDATE (other updates wait on this)
2. we update ci_pipeline
3. latest_build_status
4. we are in pending, we can't transition to pending, because it's forbidden
5. release DB lock
### Optimistic locking (implemented by this MR)
#### For updating
1. latest_build_status
2. enqueue: (use `transition :created -> :pending`)
3. [state_machine] we are in state created, we can go to pending
4. [state_machine] ci_pipeline.status = created
5. [state_machine] ci_pipeline.save
6. [state_machine] [save] where(lock_version: ci_pipeline.lock_version).update_all(status: :created, updated_at: Time.now)
7. [state_machine] [save] unless we_updated_row then raise ObjectInconsistentError
#### If no update is required
1. we update ci_pipeline
2. latest_build_status
3. we are in pending, we can't transition to pending, because it's forbidden
## Why was this MR needed?
We have been seeing a number of problems when we migrated Pipeline/Build processing to Sidekiq. Especially we started seeing a lot of blocking queries.
We used a pessimistic locking which doesn't seem to be required. This effectively allows us to fix our issues with blocked queries by using more efficient method of operation.
## What are the relevant issue numbers?
Issues: https://gitlab.com/gitlab-com/infrastructure/issues/623 and https://gitlab.com/gitlab-com/infrastructure/issues/584, but also there's a bunch of Merge Requests that try to improve behavior of scheduled jobs.
cc @pcarranza @yorickpeterse @stanhu
See merge request !7040
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| |\ \
| | |
| | |
| | |
| | |
| | |
| | | |
Fix couple of GitHub importing bugs
Fix a bug in GH comment importing and label applying for imported MRs.
See merge request !7139
|
| | |/ |
|
| |\ \
| |/
|/| |
|
| | | |
|
| |/
|
|
|
|
| |
This changes ProjectCacheWorker.perform_async so it only schedules a job
when no lease for the given project is present. This ensures we don't
end up scheduling hundreds of jobs when they won't be executed anyway.
|
| | |
|
| |
|
|
| |
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
|
| |
|
|
| |
Closes #23208
|
| |\
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Add group level labels
## What does this MR do?
Add group level labels.
## Are there points in the code the reviewer needs to double check?
* `LabelsFinder`
* `Gitlab::Gfm::ReferenceRewriter`
* `Banzai::Filter::LabelReferenceFilter`
## Why was this MR needed?
We'll be adding more feature that allow you to do cross-project management of issues.
## Screenshots (if relevant)
* Group Labels
* Project Labels
* Expanded references for group labels when moving issue to another project
## Does this MR meet the acceptance criteria?
- [x] [CHANGELOG](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CHANGELOG) entry added
- [ ] [Documentation created/updated](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/doc_styleguide.md)
- [x] API support added
- Tests
- [x] Added for this feature/bug
- [ ] All builds are passing
- [ ] Conform by the [merge request performance guides](http://docs.gitlab.com/ce/development/merge_request_performance_guidelines.html)
- [x] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides)
- [ ] Branch has no merge conflicts with `master` (if you do - rebase it please)
- [x] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits)
## What are the relevant issue numbers?
#19997
See merge request !6425
|
| | |
| |
| |
| |
| |
| | |
Fixed all related specs and also changed the logic to handle edge cases. This includes exporting and exporting of group labels, which will get associated with the new group (if any) or they will become normal project labels otherwise.
Found other issues to do with not being able to import all labels at once in the beginning of the JSON - code was much simpler when we import all labels and milestones associated to a project first, then the associations will find the already created labels instead of creating them from the associations themselves.
|
| | | |
|
| | | |
|
| | | |
|
| | |
| |
| |
| | |
relevant specs.
|
| | | |
|
| | | |
|
| |\ \
| |/
|/|
| |
| |
| |
| | |
Prevent wrong markdown on issue ids when project has Jira service activated
fixes gitlab-org/gitlab-ee#828
See merge request !6728
|
| | | |
|
| |\ \
| |/
|/|
| |
| | |
fix: commit messages being double-escaped in activities tab
See merge request !6937
|
| | | |
|
| |\ \
| | |
| | |
| | |
| | |
| | |
| | | |
Backport git access spec changes from EE
https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/645#note_16391185
See merge request !6961
|
| | |/
| |
| |
| |
| | |
These were introduced in:
<https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/645>
|
| |\ \
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Delete dynamic environments
- Adds "close environment" action to a merge request
- Adds tabs to environments list
- Adds close button to each environment row in environments list
- Replaces Destroy button with Close button inside an environment
- Adds close button to builds list inside an environment
#### Configuration
In order to enable stopping environments a valid `.gitlab-ci.yml` syntax has to be used:
```
review:
environment:
name: review/$app
on_stop: stop_review
stop_review:
script: echo Delete My App
when: manual
environment:
name: review/$app
action: stop
```
This MR requires that `stop_review` has to have: `when`, `environment:name` and `environment:action` defined.
The next MR after this one will verify that and enforce that these settings are configured.
It will also implicitly configure these settings, making it possible to define it like this:
```
review:
environment:
name: review/$app
on_stop: stop_review
stop_review:
script: echo Delete My App
```
Closes #22191
See merge request !6669
|
| | |\ \ |
|
