2019-02-15 15:39:39 +05:30
# frozen_string_literal: true
module API
2021-01-03 14:25:43 +05:30
class Releases < :: API :: Base
2019-02-15 15:39:39 +05:30
include PaginationParams
2023-01-13 00:05:48 +05:30
releases_tags = %w[ releases ]
2019-12-04 20:38:33 +05:30
RELEASE_ENDPOINT_REQUIREMENTS = API :: NAMESPACE_OR_PROJECT_REQUIREMENTS
2019-02-15 15:39:39 +05:30
. merge ( tag_name : API :: NO_SLASH_URL_PART_REGEX )
2021-06-08 01:23:25 +05:30
RELEASE_CLI_USER_AGENT = 'GitLab-release-cli'
2019-02-15 15:39:39 +05:30
2022-06-21 17:19:12 +05:30
feature_category :release_orchestration
2022-07-16 23:28:13 +05:30
urgency :low
2019-02-15 15:39:39 +05:30
2022-06-21 17:19:12 +05:30
params do
2023-01-13 00:05:48 +05:30
requires :id , types : [ String , Integer ] , desc : 'The ID or URL-encoded path of the group'
2022-06-21 17:19:12 +05:30
end
resource :groups , requirements : API :: NAMESPACE_OR_PROJECT_REQUIREMENTS do
before { authorize_read_group_releases! }
2021-06-08 01:23:25 +05:30
2023-01-13 00:05:48 +05:30
desc 'List group releases' do
detail 'Returns a list of group releases.'
2022-06-21 17:19:12 +05:30
success Entities :: Release
2023-01-13 00:05:48 +05:30
failure [
{ code : 400 , message : 'Bad request' } ,
{ code : 403 , message : 'Forbidden' } ,
{ code : 404 , message : 'Not found' }
]
is_array true
tags releases_tags
2022-06-21 17:19:12 +05:30
end
params do
2023-01-13 00:05:48 +05:30
requires :id ,
types : [ String , Integer ] ,
desc : 'The ID or URL-encoded path of the group owned by the authenticated user'
optional :sort ,
type : String ,
values : %w[ asc desc ] ,
default : 'desc' ,
desc : 'The direction of the order. Either `desc` (default) for descending order or `asc` for ascending order'
optional :simple ,
type : Boolean ,
default : false ,
desc : 'Return only limited fields for each release'
2022-06-21 17:19:12 +05:30
use :pagination
end
get " :id/releases " do
finder_options = {
sort : params [ :sort ]
}
strict_params = declared_params ( include_missing : false )
releases = find_group_releases ( finder_options )
present_group_releases ( strict_params , releases )
end
end
2021-01-29 00:20:46 +05:30
2019-02-15 15:39:39 +05:30
params do
2023-01-13 00:05:48 +05:30
requires :id , types : [ String , Integer ] , desc : 'The ID or URL-encoded path of the project'
2019-02-15 15:39:39 +05:30
end
resource :projects , requirements : API :: NAMESPACE_OR_PROJECT_REQUIREMENTS do
2022-06-21 17:19:12 +05:30
before { authorize_read_releases! }
after { track_release_event }
2023-01-13 00:05:48 +05:30
desc 'List Releases' do
detail 'Returns a paginated list of releases. This feature was introduced in GitLab 11.7.'
2021-06-08 01:23:25 +05:30
named 'get_releases'
2023-01-13 00:05:48 +05:30
is_array true
2019-02-15 15:39:39 +05:30
success Entities :: Release
2023-01-13 00:05:48 +05:30
tags releases_tags
2019-02-15 15:39:39 +05:30
end
params do
use :pagination
2023-01-13 00:05:48 +05:30
optional :order_by ,
type : String ,
values : %w[ released_at created_at ] ,
default : 'released_at' ,
desc : 'The field to use as order. Either `released_at` (default) or `created_at`'
optional :sort ,
type : String ,
values : %w[ asc desc ] ,
default : 'desc' ,
desc : 'The direction of the order. Either `desc` (default) for descending order or `asc` for ascending order'
optional :include_html_description ,
type : Boolean ,
desc : 'If `true`, a response includes HTML rendered markdown of the release description'
2019-02-15 15:39:39 +05:30
end
2021-12-11 22:18:48 +05:30
route_setting :authentication , job_token_allowed : true
2019-02-15 15:39:39 +05:30
get ':id/releases' do
2021-01-03 14:25:43 +05:30
releases = :: ReleasesFinder . new ( user_project , current_user , declared_params . slice ( :order_by , :sort ) ) . execute
2019-02-15 15:39:39 +05:30
2021-06-08 01:23:25 +05:30
# We cache the serialized payload per user in order to avoid repeated renderings.
# Since the cached result could contain sensitive information,
# it will expire in a short interval.
present_cached paginate ( releases ) ,
with : Entities :: Release ,
# `current_user` could be absent if the releases are publicly accesible.
# We should not use `cache_key` for the user because the version/updated_at
# context is unnecessary here.
cache_context : - > ( _ ) { " user:{ #{ current_user & . id } } " } ,
expires_in : 5 . minutes ,
current_user : current_user ,
include_html_description : params [ :include_html_description ]
2019-02-15 15:39:39 +05:30
end
2023-01-13 00:05:48 +05:30
desc 'Get a release by a tag name' do
detail 'Gets a release for the given tag. This feature was introduced in GitLab 11.7.'
2021-06-08 01:23:25 +05:30
named 'get_release'
2019-02-15 15:39:39 +05:30
success Entities :: Release
2023-01-13 00:05:48 +05:30
failure [
{ code : 401 , message : 'Unauthorized' } ,
{ code : 404 , message : 'Not found' }
]
tags releases_tags
2019-02-15 15:39:39 +05:30
end
params do
2023-01-13 00:05:48 +05:30
requires :tag_name , type : String , desc : 'The Git tag the release is associated with' , as : :tag
optional :include_html_description ,
type : Boolean ,
desc : 'If `true`, a response includes HTML rendered markdown of the release description'
2019-02-15 15:39:39 +05:30
end
2021-12-11 22:18:48 +05:30
route_setting :authentication , job_token_allowed : true
2019-12-04 20:38:33 +05:30
get ':id/releases/:tag_name' , requirements : RELEASE_ENDPOINT_REQUIREMENTS do
2023-01-13 00:05:48 +05:30
authorize_read_code!
2019-02-15 15:39:39 +05:30
2021-09-30 23:02:18 +05:30
not_found! unless release
2021-06-08 01:23:25 +05:30
present release , with : Entities :: Release , current_user : current_user , include_html_description : params [ :include_html_description ]
2019-02-15 15:39:39 +05:30
end
2022-10-11 01:57:18 +05:30
desc 'Download a project release asset file' do
detail 'This feature was introduced in GitLab 15.4.'
named 'download_release_asset_file'
2023-01-13 00:05:48 +05:30
failure [
{ code : 401 , message : 'Unauthorized' } ,
{ code : 404 , message : 'Not found' }
]
tags releases_tags
2022-10-11 01:57:18 +05:30
end
params do
2023-01-13 00:05:48 +05:30
requires :tag_name , type : String , desc : 'The Git tag the release is associated with' , as : :tag
2023-03-17 16:20:25 +05:30
requires :direct_asset_path ,
2023-01-13 00:05:48 +05:30
type : String ,
file_path : true ,
2023-03-17 16:20:25 +05:30
desc : 'The path to the file to download, as specified when creating the release asset' ,
as : :filepath
2022-10-11 01:57:18 +05:30
end
route_setting :authentication , job_token_allowed : true
2023-03-17 16:20:25 +05:30
get ':id/releases/:tag_name/downloads/*direct_asset_path' , format : false , requirements : RELEASE_ENDPOINT_REQUIREMENTS do
2023-01-13 00:05:48 +05:30
authorize_read_code!
2022-10-11 01:57:18 +05:30
not_found! unless release
2023-03-17 16:20:25 +05:30
link = release . links . find_by_filepath! ( " / #{ params [ :filepath ] } " )
2022-10-11 01:57:18 +05:30
not_found! unless link
redirect link . url
end
desc 'Get the latest project release' do
detail 'This feature was introduced in GitLab 15.4.'
named 'get_latest_release'
2023-01-13 00:05:48 +05:30
failure [
{ code : 401 , message : 'Unauthorized' } ,
{ code : 404 , message : 'Not found' }
]
tags releases_tags
2022-10-11 01:57:18 +05:30
end
params do
2023-01-13 00:05:48 +05:30
requires :suffix_path ,
type : String ,
file_path : true ,
desc : 'The path to be suffixed to the latest release'
2022-10-11 01:57:18 +05:30
end
route_setting :authentication , job_token_allowed : true
get ':id/releases/permalink/latest(/)(*suffix_path)' , format : false , requirements : RELEASE_ENDPOINT_REQUIREMENTS do
2023-01-13 00:05:48 +05:30
authorize_read_code!
2022-10-11 01:57:18 +05:30
# Try to find the latest release
latest_release = find_latest_release
not_found! unless latest_release
# Build the full API URL with the tag of the latest release
redirect_url = api_v4_projects_releases_path ( id : user_project . id , tag_name : latest_release . tag )
# Include the additional suffix_path if present
redirect_url += " / #{ params [ :suffix_path ] } " if params [ :suffix_path ] . present?
# Include any query parameter except `order_by` since we have plans to extend it in the future.
# See https://gitlab.com/gitlab-org/gitlab/-/issues/352945 for reference.
query_parameters_except_order_by = get_query_params . except ( 'order_by' )
if query_parameters_except_order_by . present?
redirect_url += " ? #{ query_parameters_except_order_by . compact . to_param } "
end
redirect redirect_url
end
2023-01-13 00:05:48 +05:30
desc 'Create a release' do
detail 'Creates a release. Developer level access to the project is required to create a release. This feature was introduced in GitLab 11.7.'
2021-06-08 01:23:25 +05:30
named 'create_release'
2019-02-15 15:39:39 +05:30
success Entities :: Release
2023-01-13 00:05:48 +05:30
failure [
{ code : 400 , message : 'Bad request' } ,
{ code : 401 , message : 'Unauthorized' } ,
{ code : 403 , message : 'Forbidden' } ,
{ code : 404 , message : 'Not found' } ,
{ code : 409 , message : 'Conflict' } ,
{ code : 422 , message : 'Unprocessable entity' }
]
tags releases_tags
2019-02-15 15:39:39 +05:30
end
params do
2023-01-13 00:05:48 +05:30
requires :tag_name , type : String , desc : 'The tag where the release is created from' , as : :tag
2022-07-23 23:45:48 +05:30
optional :tag_message , type : String , desc : 'Message to use if creating a new annotated tag'
2023-01-13 00:05:48 +05:30
optional :name , type : String , desc : 'The release name'
optional :description , type : String , desc : 'The description of the release. You can use Markdown'
optional :ref ,
type : String ,
desc : " If a tag specified in `tag_name` doesn't exist, the release is created from `ref` and tagged " \
" with `tag_name`. It can be a commit SHA, another tag name, or a branch name. "
2019-02-15 15:39:39 +05:30
optional :assets , type : Hash do
optional :links , type : Array do
2023-01-13 00:05:48 +05:30
requires :name , type : String , desc : 'The name of the link. Link names must be unique within the release'
requires :url , type : String , desc : 'The URL of the link. Link URLs must be unique within the release'
2023-03-17 16:20:25 +05:30
optional :direct_asset_path , type : String , desc : 'Optional path for a direct asset link' , as : :filepath
2023-01-13 00:05:48 +05:30
optional :link_type , type : String , desc : 'The type of the link: `other`, `runbook`, `image`, `package`. Defaults to `other`'
2019-02-15 15:39:39 +05:30
end
end
2023-01-13 00:05:48 +05:30
optional :milestones ,
type : Array [ String ] ,
coerce_with : :: API :: Validations :: Types :: CommaSeparatedToArray . coerce ,
2023-04-23 21:23:45 +05:30
desc : 'The title of each milestone the release is associated with. GitLab Premium customers can specify group milestones. Cannot be combined with `milestone_ids` parameter.'
optional :milestone_ids ,
type : Array [ String , Integer ] ,
coerce_with : :: API :: Validations :: Types :: CommaSeparatedToIntegerArray . coerce ,
desc : 'The ID of each milestone the release is associated with. GitLab Premium customers can specify group milestones. Cannot be combined with `milestones` parameter.'
mutually_exclusive :milestones , :milestone_ids , message : 'Cannot specify milestones and milestone_ids at the same time'
2023-01-13 00:05:48 +05:30
optional :released_at ,
type : DateTime ,
desc : 'Date and time for the release. Defaults to the current time. Expected in ISO 8601 format (`2019-03-15T08:00:00Z`). ' \
'Only provide this field if creating an upcoming or historical release.'
2019-02-15 15:39:39 +05:30
end
2020-01-01 13:55:28 +05:30
route_setting :authentication , job_token_allowed : true
2019-02-15 15:39:39 +05:30
post ':id/releases' do
authorize_create_release!
result = :: Releases :: CreateService
. new ( user_project , current_user , declared_params ( include_missing : false ) )
. execute
if result [ :status ] == :success
2020-03-13 15:44:24 +05:30
log_release_created_audit_event ( result [ :release ] )
2019-07-31 22:56:46 +05:30
present result [ :release ] , with : Entities :: Release , current_user : current_user
2019-02-15 15:39:39 +05:30
else
render_api_error! ( result [ :message ] , result [ :http_status ] )
end
end
desc 'Update a release' do
2023-01-13 00:05:48 +05:30
detail 'Updates a release. Developer level access to the project is required to update a release. This feature was introduced in GitLab 11.7.'
2021-06-08 01:23:25 +05:30
named 'update_release'
2019-02-15 15:39:39 +05:30
success Entities :: Release
2023-01-13 00:05:48 +05:30
failure [
{ code : 400 , message : 'Bad request' } ,
{ code : 401 , message : 'Unauthorized' } ,
{ code : 403 , message : 'Forbidden' } ,
{ code : 404 , message : 'Not found' }
]
tags releases_tags
2019-02-15 15:39:39 +05:30
end
params do
2023-01-13 00:05:48 +05:30
requires :tag_name , type : String , desc : 'The Git tag the release is associated with' , as : :tag
optional :name , type : String , desc : 'The release name'
optional :description , type : String , desc : 'The description of the release. You can use Markdown'
optional :released_at , type : DateTime , desc : 'The date when the release is/was ready. Expected in ISO 8601 format (`2019-03-15T08:00:00Z`)'
optional :milestones ,
type : Array [ String ] ,
coerce_with : :: API :: Validations :: Types :: CommaSeparatedToArray . coerce ,
2023-04-23 21:23:45 +05:30
desc : 'The title of each milestone to associate with the release. GitLab Premium customers can specify group milestones. Cannot be combined with `milestone_ids` parameter. To remove all milestones from the release, specify `[]`'
optional :milestone_ids ,
type : Array [ String , Integer ] ,
coerce_with : :: API :: Validations :: Types :: CommaSeparatedToIntegerArray . coerce ,
desc : 'The ID of each milestone the release is associated with. GitLab Premium customers can specify group milestones. Cannot be combined with `milestones` parameter. To remove all milestones from the release, specify `[]`'
mutually_exclusive :milestones , :milestone_ids , message : 'Cannot specify milestones and milestone_ids at the same time'
2019-02-15 15:39:39 +05:30
end
2021-12-11 22:18:48 +05:30
route_setting :authentication , job_token_allowed : true
2019-12-04 20:38:33 +05:30
put ':id/releases/:tag_name' , requirements : RELEASE_ENDPOINT_REQUIREMENTS do
2019-02-15 15:39:39 +05:30
authorize_update_release!
result = :: Releases :: UpdateService
. new ( user_project , current_user , declared_params ( include_missing : false ) )
. execute
if result [ :status ] == :success
2020-03-13 15:44:24 +05:30
log_release_updated_audit_event
log_release_milestones_updated_audit_event if result [ :milestones_updated ]
2019-07-31 22:56:46 +05:30
present result [ :release ] , with : Entities :: Release , current_user : current_user
2019-02-15 15:39:39 +05:30
else
render_api_error! ( result [ :message ] , result [ :http_status ] )
end
end
desc 'Delete a release' do
2023-01-13 00:05:48 +05:30
detail " Delete a release. Deleting a release doesn't delete the associated tag. Maintainer level access to the project is required to delete a release. This feature was introduced in GitLab 11.7. "
2021-06-08 01:23:25 +05:30
named 'delete_release'
2019-02-15 15:39:39 +05:30
success Entities :: Release
2023-01-13 00:05:48 +05:30
failure [
{ code : 400 , message : 'Bad request' } ,
{ code : 401 , message : 'Unauthorized' } ,
{ code : 403 , message : 'Forbidden' } ,
{ code : 404 , message : 'Not found' }
]
tags releases_tags
2019-02-15 15:39:39 +05:30
end
params do
2023-01-13 00:05:48 +05:30
requires :tag_name , type : String , desc : 'The Git tag the release is associated with' , as : :tag
2019-02-15 15:39:39 +05:30
end
2021-12-11 22:18:48 +05:30
route_setting :authentication , job_token_allowed : true
2019-12-04 20:38:33 +05:30
delete ':id/releases/:tag_name' , requirements : RELEASE_ENDPOINT_REQUIREMENTS do
2019-02-15 15:39:39 +05:30
authorize_destroy_release!
result = :: Releases :: DestroyService
. new ( user_project , current_user , declared_params ( include_missing : false ) )
. execute
if result [ :status ] == :success
2022-08-27 11:52:29 +05:30
log_release_deleted_audit_event
2019-07-31 22:56:46 +05:30
present result [ :release ] , with : Entities :: Release , current_user : current_user
2019-02-15 15:39:39 +05:30
else
render_api_error! ( result [ :message ] , result [ :http_status ] )
end
end
end
helpers do
2022-06-21 17:19:12 +05:30
def authorize_read_group_releases!
authorize! :read_release , user_group
end
2019-02-15 15:39:39 +05:30
def authorize_create_release!
authorize! :create_release , user_project
end
def authorize_read_releases!
authorize! :read_release , user_project
end
def authorize_read_release!
authorize! :read_release , release
end
def authorize_update_release!
authorize! :update_release , release
end
def authorize_destroy_release!
authorize! :destroy_release , release
end
2019-07-31 22:56:46 +05:30
def authorize_download_code!
2021-09-30 23:02:18 +05:30
authorize! :download_code , user_project
2019-07-31 22:56:46 +05:30
end
2023-01-13 00:05:48 +05:30
def authorize_read_code!
authorize! :read_code , user_project
end
2020-04-22 19:07:51 +05:30
def authorize_create_evidence!
2021-01-03 14:25:43 +05:30
# extended in EE
2020-04-22 19:07:51 +05:30
end
2019-02-15 15:39:39 +05:30
def release
@release || = user_project . releases . find_by_tag ( params [ :tag ] )
end
2020-03-13 15:44:24 +05:30
2022-10-11 01:57:18 +05:30
def find_latest_release
ReleasesFinder . new ( user_project , current_user , { order_by : 'released_at' , sort : 'desc' } ) . execute . first
end
def get_query_params
return { } unless @request . query_string . present?
Rack :: Utils . parse_nested_query ( @request . query_string )
end
2020-03-13 15:44:24 +05:30
def log_release_created_audit_event ( release )
2021-01-03 14:25:43 +05:30
# extended in EE
2020-03-13 15:44:24 +05:30
end
def log_release_updated_audit_event
2021-01-03 14:25:43 +05:30
# extended in EE
2020-03-13 15:44:24 +05:30
end
2022-08-27 11:52:29 +05:30
def log_release_deleted_audit_event
# extended in EE
end
2020-03-13 15:44:24 +05:30
def log_release_milestones_updated_audit_event
2021-01-03 14:25:43 +05:30
# extended in EE
2020-03-13 15:44:24 +05:30
end
2021-06-08 01:23:25 +05:30
def release_cli?
request . env [ 'HTTP_USER_AGENT' ] & . include? ( RELEASE_CLI_USER_AGENT ) == true
end
def event_context
{
release_cli : release_cli?
}
end
def track_release_event
Gitlab :: Tracking . event ( options [ :for ] . name , options [ :route_options ] [ :named ] ,
project : user_project , user : current_user , ** event_context )
end
2022-06-21 17:19:12 +05:30
def find_group_releases ( finder_options )
:: Releases :: GroupReleasesFinder
. new ( user_group , current_user , finder_options )
. execute ( preload : true )
end
def present_group_releases ( params , releases )
options = {
with : params [ :simple ] ? Entities :: BasicReleaseDetails : Entities :: Release ,
current_user : current_user
}
# GroupReleasesFinder has already ordered the data for us
present paginate ( releases , skip_default_order : true ) , options
end
2019-02-15 15:39:39 +05:30
end
end
end
2020-03-13 15:44:24 +05:30
2021-06-08 01:23:25 +05:30
API :: Releases . prepend_mod_with ( 'API::Releases' )