realaravinth/debian-mirror-gitlab
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Update upstream source from tag 'upstream/14.4.2+ds1'

Browse source 
Update to upstream version '14.4.2+ds1'
with Debian dir 752465c447
This commit is contained in:
Pirate Praveen 2021-11-18 22:13:24 +05:30
commit 3607edbc5d
5049 changed files with 177207 additions and 139267 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
.eslintrc.yml
View file

@ -88,7 +88,7 @@ rules:
- pattern: test_fixtures/**
group: internal
alphabetize:
order: asc
order: ignore
overrides:
- files:
- '**/spec/**/*'
@ -100,6 +100,8 @@ overrides:
- 'scripts/**/*'
- '*.config.js'
- '*.config.*.js'
- 'jest_resolver.js'
- storybook/config/*.js
rules:
'@gitlab/require-i18n-strings': off
import/no-extraneous-dependencies: off

5
.gitignore vendored
View file

@ -40,10 +40,7 @@ eslint-report.html
/config/initializers/smtp_settings.rb
/config/initializers/relative_url.rb
/config/resque.yml
/config/redis.cache.yml
/config/redis.queues.yml
/config/redis.shared_state.yml
/config/redis.trace_chunks.yml
/config/redis.*.yml
/config/unicorn.rb
/config/puma.rb
/config/secrets.yml

5
.gitlab-ci.yml
View file

@ -5,9 +5,7 @@ stages:
- fixtures
- test
- post-test
- review-prepare
- review
- dast
- qa
- post-qa
- pages
@ -89,11 +87,12 @@ variables:
REVIEW_APPS_GCP_REGION: "us-central1"
BUILD_ASSETS_IMAGE: "true" # Set it to "false" to disable assets image building, used in `build-assets-image`
RSPEC_FAIL_FAST_ENABLED: "true" # Set it to "false" to disable RSpec fail-fast
SIMPLECOV: "true"
# For the default QA image, we use $CI_COMMIT_SHA as tag since it's always available and we override it for specific workflow.rules (see above)
QA_IMAGE: "${CI_REGISTRY}/${CI_PROJECT_PATH}/gitlab-ee-qa:${CI_COMMIT_SHA}"
# Default latest tag for particular branch
QA_IMAGE_BRANCH: "${CI_REGISTRY}/${CI_PROJECT_PATH}/gitlab-ee-qa:${CI_COMMIT_REF_SLUG}"
# Preparing custom clone path to reduce space used by all random forks
# on GitLab.com's Shared Runners. Our main forks - especially the security

35
.gitlab/CODEOWNERS
View file

@ -11,39 +11,40 @@
/doc/.markdownlint @marcel.amirault @eread @aqualls @cnorris
/doc/ @gl-docsteam
/doc/.vale/ @marcel.amirault @eread @aqualls @cnorris
/doc/administration/geo/ @axil
/doc/administration/geo/ @marcel.amirault
/doc/administration/gitaly/ @eread
/doc/administration/lfs/ @aqualls
/doc/administration/monitoring/ @ngaskill
/doc/administration/operations/ @axil @eread @marcia
/doc/administration/operations/ @marcel.amirault @eread @marcia
/doc/administration/packages/ @ngaskill
/doc/administration/pages/ @axil @kpaizee
/doc/administration/pages/ @rdickenson @kpaizee
/doc/administration/postgresql/ @marcia
/doc/administration/raketasks/ @axil @eread
/doc/administration/redis/ @axil
/doc/administration/reference_architectures/ @axil
/doc/administration/raketasks/ @marcel.amirault @eread
/doc/administration/redis/ @marcel.amirault
/doc/administration/reference_architectures/ @marcel.amirault
/doc/administration/snippets/ @aqualls
/doc/administration/troubleshooting @axil @marcia @eread
/doc/administration/troubleshooting @marcel.amirault @marcia @eread
/doc/api/graphql/ @msedlakjakubowski @kpaizee
/doc/api/graphql/reference/ @kpaizee
/doc/api/group_activity_analytics.md @msedlakjakubowski
/doc/ci/ @marcel.amirault @sselhorn
/doc/ci/environments/ @axil
/doc/ci/environments/ @rdickenson
/doc/ci/services/ @sselhorn
/doc/ci/test_cases/ @msedlakjakubowski
/doc/development/ @marcia
/doc/development/documentation/ @cnorris
/doc/development/documentation/ @cnorris @dianalogan
/doc/development/i18n/ @ngaskill
/doc/development/value_stream_analytics.md @msedlakjakubowski
/doc/gitlab-basics/ @aqualls
/doc/install/ @axil
/doc/operations/ @ngaskill @axil
/doc/install/ @marcel.amirault
/doc/operations/ @ngaskill @rdickenson
/doc/push_rules/ @aqualls
/doc/security/ @eread
/doc/ssh/ @eread
/doc/subscriptions/ @sselhorn
/doc/topics/autodevops/ @marcia
/doc/topics/git/ @aqualls
/doc/update/ @axil @marcia
/doc/update/ @marcel.amirault @marcia
/doc/user/analytics/ @msedlakjakubowski @ngaskill
/doc/user/application_security/ @rdickenson
/doc/user/application_security/container_scanning/ @ngaskill
@ -62,13 +63,13 @@
/doc/user/packages/infrastructure_registry/ @marcia
/doc/user/packages/terraform_module_registry/ @marcia
/doc/user/profile/ @msedlakjakubowski @eread
/doc/user/project/ @aqualls @axil @eread @msedlakjakubowski @ngaskill
/doc/user/project/ @aqualls @rdickenson @eread @msedlakjakubowski @ngaskill
/doc/user/project/clusters/ @marcia
/doc/user/project/import/ @ngaskill @msedlakjakubowski
/doc/user/project/issues/ @msedlakjakubowski
/doc/user/project/merge_requests/ @aqualls @eread
/doc/user/project/milestones/ @msedlakjakubowski
/doc/user/project/pages/ @axil
/doc/user/project/pages/ @rdickenson
/doc/user/project/repository/ @aqualls
/doc/user/project/settings/ @aqualls @eread
/doc/user/project/static_site_editor/index.md @aqualls
@ -151,8 +152,8 @@
/doc/api/invitations.md @kpaizee
/doc/api/experiments.md @kpaizee
/doc/development/experiment_guide/ @kpaizee
/doc/development/snowplow/ @kpaizee
/doc/development/service_ping/ @kpaizee
/doc/development/snowplow/ @fneill
/doc/development/service_ping/ @fneill
/doc/user/admin_area/license.md @kpaizee
[Frontend]
@ -241,7 +242,7 @@ Dangerfile @gl-quality/eng-prod
/ee/lib/gitlab/ci/reports/dependency_list/ @gitlab-org/secure/composition-analysis-be
/ee/lib/gitlab/ci/reports/license_scanning/ @gitlab-org/secure/composition-analysis-be
/ee/lib/gitlab/ci/reports/security/ @gitlab-org/secure/composition-analysis-be @gitlab-org/secure/dynamic-analysis-be @gitlab-org/secure/static-analysis-be @gitlab-org/secure/fuzzing-be
/ee/app/services/ci/run_dast_scan_service.rb @gitlab-org/secure/dynamic-analysis-be
/ee/app/services/app_sec/dast/ @gitlab-org/secure/dynamic-analysis-be
[Container Security]
/ee/app/views/projects/threat_monitoring/** @gitlab-org/protect/container-security-frontend

3
.gitlab/ci/build-images.gitlab-ci.yml
View file

@ -28,7 +28,8 @@ build-qa-image:
script:
- !reference [.base-image-build, script]
- echo $QA_IMAGE
- /kaniko/executor --context=${CI_PROJECT_DIR} --dockerfile=${CI_PROJECT_DIR}/qa/Dockerfile --destination=${QA_IMAGE} --cache=true
- echo $QA_IMAGE_BRANCH
- /kaniko/executor --context=${CI_PROJECT_DIR} --dockerfile=${CI_PROJECT_DIR}/qa/Dockerfile --destination=${QA_IMAGE} --destination=${QA_IMAGE_BRANCH} --cache=true
# This image is used by:
# - The `CNG` pipelines (via the `review-build-cng` job): https://gitlab.com/gitlab-org/build/CNG/-/blob/cfc67136d711e1c8c409bf8e57427a644393da2f/.gitlab-ci.yml#L335

205
.gitlab/ci/dast.gitlab-ci.yml
View file

@ -1,205 +0,0 @@
.dast_conf:
tags:
- prm
# For scheduling dast job
extends:
- .reports:rules:schedule-dast
image:
name: "registry.gitlab.com/gitlab-org/security-products/dast:$DAST_VERSION"
resource_group: dast_scan
variables:
DAST_USERNAME_FIELD: "user[login]"
DAST_PASSWORD_FIELD: "user[password]"
DAST_FULL_SCAN_ENABLED: "true"
DAST_SPIDER_MINS: 0
# TBD pin to a version
DAST_VERSION: 1.22.1
# -Xmx is used to set the JVM memory to 6GB to prevent DAST OutOfMemoryError.
DAST_ZAP_CLI_OPTIONS: "-Xmx6144m"
DAST_RULES: "41,42,43,10027,10032,10041,10042,10045,10047,10052,10053,10057,10061,10096,10097,10104,10106,20012,20014,20015,20016,20017,20018,40019,40020,40021,40024,40025,40027,40029,40032,90001,90019,10109,10026,10028,10029,10030,10031,10033,10034,10035,10036,10038,10039,10043,10044,10048,10050,10051,10058,10062,10095,10107,10108,30003,40013,40022,40023,40028,90021,90023,90024,90025,90027,90028,10003,50003,0,2,3,6,7,10010,10011,10015,10017,10019,10020,10021,10023,10024,10025,10037,10040,10054,10055,10056,10098,10105,10202,20019,30001,30002,40003,40008,40009,40012,40014,40016,40017,40018,50000,50001,90011,90020,90022,90033"
before_script:
- 'export DAST_WEBSITE="${DAST_WEBSITE:-$(cat environment_url.txt)}"'
- 'export DAST_AUTH_URL="${DAST_WEBSITE}/users/sign_in"'
- 'export DAST_PASSWORD="${REVIEW_APPS_ROOT_PASSWORD}"'
# Below three lines can be removed once https://gitlab.com/gitlab-org/gitlab/-/issues/230687 is fixed
- mkdir -p /zap/xml
- 'sed -i "84 s/true/false/" /zap/xml/config.xml'
- cat /zap/xml/config.xml
# Help pages are excluded from scan as they are static pages.
# profile/two_factor_auth is excluded from scan to prevent 2FA from being turned on from user profile, which will reduce coverage.
- 'export DAST_AUTH_EXCLUDE_URLS="${DAST_WEBSITE}/help/.*,${DAST_WEBSITE}/profile/two_factor_auth,${DAST_WEBSITE}/users/sign_out"'
# Exclude the automatically generated monitoring project from being tested due to https://gitlab.com/gitlab-org/gitlab/-/issues/260362
- 'DAST_AUTH_EXCLUDE_URLS="${DAST_AUTH_EXCLUDE_URLS},https://.*\.gitlab-review\.app/gitlab-instance-(administrators-)?[a-zA-Z0-9]{8}/.*"'
- enable_rule () { read all_rules; rule=$1; echo $all_rules | sed -r "s/(,)?$rule(,)?/\1-1\2/" ; }
# Sort ids in DAST_RULES ascendingly, which is required when using DAST_RULES as argument to enable_rule
- 'DAST_RULES=$(echo $DAST_RULES | tr "," "\n" | sort -n | paste -sd ",")'
needs: ["review-deploy"]
stage: dast
# Default job timeout set to 90m and dast rules needs 2h to so that it won't timeout.
timeout: 2h
# Add retry because of intermittent connection problems. See https://gitlab.com/gitlab-org/gitlab/-/issues/244313
retry: 1
artifacts:
paths:
- gl-dast-report.json # GitLab-specific
reports:
dast: gl-dast-report.json
expire_in: 1 week # GitLab-specific
# DAST scan with a subset of Release scan rules.
DAST-fullscan-ruleset1:
extends:
- .dast_conf
variables:
DAST_USERNAME: "user1"
script:
- export DAST_EXCLUDE_RULES=$(echo $DAST_RULES | enable_rule 10019 | enable_rule 10020 | enable_rule 10021 | enable_rule 10023 | enable_rule 10024 | enable_rule 10025 | enable_rule 10037 | enable_rule 10040 | enable_rule 10054 | enable_rule 10055 | enable_rule 10056)
- echo $DAST_EXCLUDE_RULES
- /analyze -t $DAST_WEBSITE -d
# DAST scan with a subset of Release scan rules.
DAST-fullscan-ruleset2:
extends:
- .dast_conf
variables:
DAST_USERNAME: "user2"
script:
- export DAST_EXCLUDE_RULES=$(echo $DAST_RULES | enable_rule 90011 | enable_rule 90020 | enable_rule 90022 | enable_rule 90033)
- echo $DAST_EXCLUDE_RULES
- /analyze -t $DAST_WEBSITE -d
# DAST scan with a subset of Release scan rules.
DAST-fullscan-ruleset3:
extends:
- .dast_conf
variables:
DAST_USERNAME: "user3"
script:
- export DAST_EXCLUDE_RULES=$(echo $DAST_RULES | enable_rule 40016 | enable_rule 40017 | enable_rule 50000 | enable_rule 50001)
- echo $DAST_EXCLUDE_RULES
- /analyze -t $DAST_WEBSITE -d
# DAST scan with a subset of Release scan rules.
DAST-fullscan-ruleset4:
extends:
- .dast_conf
variables:
DAST_USERNAME: "user4"
script:
- export DAST_EXCLUDE_RULES=$(echo $DAST_RULES | enable_rule 0 | enable_rule 2 | enable_rule 3 | enable_rule 7 )
- echo $DAST_EXCLUDE_RULES
- /analyze -t $DAST_WEBSITE -d
# DAST scan with a subset of Release scan rules.
DAST-fullscan-ruleset5:
extends:
- .dast_conf
variables:
DAST_USERNAME: "user5"
script:
- export DAST_EXCLUDE_RULES=$(echo $DAST_RULES | enable_rule 10010 | enable_rule 10011 | enable_rule 10017 | enable_rule 10019)
- echo $DAST_EXCLUDE_RULES
- /analyze -t $DAST_WEBSITE -d
# DAST scan with a subset of Release scan rules.
DAST-fullscan-ruleset6:
extends:
- .dast_conf
variables:
DAST_USERNAME: "user6"
script:
- export DAST_EXCLUDE_RULES=$(echo $DAST_RULES | enable_rule 30001 | enable_rule 40009)
- echo $DAST_EXCLUDE_RULES
- /analyze -t $DAST_WEBSITE -d
# Enable when https://gitlab.com/gitlab-org/gitlab/-/merge_requests/39749 is fixed
# DAST scan with a subset of Beta scan rules.
# DAST-fullscan-ruleset7:
# extends:
# - .dast_conf
# variables:
# DAST_USERNAME: "user7"
# script:
# - export DAST_EXCLUDE_RULES=$(echo $DAST_RULES | enable_rule 10098 | enable_rule 10105 | enable_rule 10202 | enable_rule 30002 | enable_rule 40003 | enable_rule 40008 | enable_rule 40009)
# - echo $DAST_EXCLUDE_RULES
# - /analyze -t $DAST_WEBSITE -d
# Enable when https://gitlab.com/gitlab-org/gitlab/-/merge_requests/39749 is fixed
# Below jobs runs DAST scans with one time consuming scan rule. These scan rules are disabled in above jobs so that those jobs won't timeout.
# DAST scan with rule - 20019 External Redirect
# DAST-fullscan-rule-20019:
# extends:
# - .dast_conf
# variables:
# DAST_USERNAME: "user8"
# script:
# - export DAST_EXCLUDE_RULES=$(echo $DAST_RULES | enable_rule 20019)
# - echo $DAST_EXCLUDE_RULES
# - /analyze -t $DAST_WEBSITE -d
# Enable when https://gitlab.com/gitlab-org/gitlab/-/merge_requests/39749 is fixed
# DAST scan with rule - 10107 Httpoxy - Proxy Header Misuse - Active/beta
# DAST-fullscan-rule-10107:
# extends:
# - .dast_conf
# variables:
# DAST_USERNAME: "user9"
# script:
# - export DAST_EXCLUDE_RULES=$(echo $DAST_RULES | enable_rule 10107)
# - echo $DAST_EXCLUDE_RULES
# - /analyze -t $DAST_WEBSITE -d
# DAST scan with rule - 90020 Remote OS Command Injection
DAST-fullscan-rule-90020:
extends:
- .dast_conf
variables:
DAST_USERNAME: "user10"
script:
- export DAST_EXCLUDE_RULES=$(echo $DAST_RULES | enable_rule 90020)
- echo $DAST_EXCLUDE_RULES
- /analyze -t $DAST_WEBSITE -d
# DAST scan with rule - 40018 SQL Injection - Active/release
DAST-fullscan-rule-40018:
extends:
- .dast_conf
variables:
DAST_USERNAME: "user11"
script:
- export DAST_EXCLUDE_RULES=$(echo $DAST_RULES | enable_rule 40018)
- echo $DAST_EXCLUDE_RULES
- /analyze -t $DAST_WEBSITE -d
# DAST scan with rule - 40014 Cross Site Scripting (Persistent) - Active/release
DAST-fullscan-rule-40014:
extends:
- .dast_conf
variables:
DAST_USERNAME: "user12"
script:
- export DAST_EXCLUDE_RULES=$(echo $DAST_RULES | enable_rule 40014)
- echo $DAST_EXCLUDE_RULES
- /analyze -t $DAST_WEBSITE -d
# DAST scan with rule - 6 Path travesal
DAST-fullscan-rule-6:
extends:
- .dast_conf
variables:
DAST_USERNAME: "user13"
script:
- export DAST_EXCLUDE_RULES=$(echo $DAST_RULES | enable_rule 6)
- echo $DAST_EXCLUDE_RULES
- /analyze -t $DAST_WEBSITE -d
# DAST scan with rule - 40012 Cross Site Scripting (Reflected)
DAST-fullscan-rule-40012:
extends:
- .dast_conf
variables:
DAST_USERNAME: "user14"
script:
- export DAST_EXCLUDE_RULES=$(echo $DAST_RULES | enable_rule 40012)
- echo $DAST_EXCLUDE_RULES
- /analyze -t $DAST_WEBSITE -d

14
.gitlab/ci/docs.gitlab-ci.yml
View file

@ -75,17 +75,3 @@ ui-docs-links lint:
needs: []
script:
- bundle exec haml-lint -i DocumentationLinks
deprecations-doc check:
variables:
SETUP_DB: "false"
extends:
- .default-retry
- .rails-cache
- .default-before_script
- .docs:rules:deprecations
stage: test
needs: []
script:
- bundle exec rake gitlab:docs:check_deprecations
allow_failure: true

73
.gitlab/ci/frontend.gitlab-ci.yml
View file

@ -71,6 +71,12 @@ compile-test-assets as-if-foss:
- .frontend:rules:compile-test-assets-as-if-foss
- .as-if-foss
compile-test-assets as-if-jh:
extends:
- compile-test-assets
- .frontend:rules:compile-test-assets-as-if-jh
needs: ["add-jh-folder"]
update-assets-compile-production-cache:
extends:
- compile-production-assets
@ -112,7 +118,7 @@ update-storybook-yarn-cache:
- .rails-cache
- .use-pg12
stage: fixtures
needs: ["setup-test-env", "retrieve-tests-metadata", "compile-test-assets"]
needs: ["setup-test-env", "retrieve-tests-metadata"]
variables:
WEBPACK_VENDOR_DLL: "true"
script:
@ -128,23 +134,38 @@ update-storybook-yarn-cache:
- tmp/tests/frontend/
- knapsack/
rspec frontend_fixture:
# Builds FOSS, and EE fixtures in the EE project.
# Builds FOSS fixtures in the FOSS project.
rspec-all frontend_fixture:
extends:
- .frontend-fixtures-base
- .frontend:rules:default-frontend-jobs
parallel: 2
needs:
- !reference [.frontend-fixtures-base, needs]
- "compile-test-assets"
parallel: 5
rspec frontend_fixture as-if-foss:
# Builds FOSS fixtures in the EE project, with the `ee/` folder removed (due to `as-if-foss`).
rspec-all frontend_fixture as-if-foss:
extends:
- .frontend-fixtures-base
- .frontend:rules:default-frontend-jobs-as-if-foss
- .as-if-foss
needs:
- !reference [.frontend-fixtures-base, needs]
- "compile-test-assets as-if-foss"
rspec-ee frontend_fixture:
# Builds FOSS, EE, and JH fixtures in the EE project, with the `jh/` folder added (due to `as-if-jh`).
rspec-all frontend_fixture as-if-jh:
extends:
- .frontend-fixtures-base
- .frontend:rules:default-frontend-jobs-ee
parallel: 3
- .frontend:rules:default-frontend-jobs-as-if-jh
needs:
- !reference [.frontend-fixtures-base, needs]
- "compile-test-assets as-if-jh"
- "add-jh-folder"
script:
- echo "This job is currently doing nothing since there's no specific JH fixtures yet. To enable this job, remove this line."
graphql-schema-dump:
variables:
@ -172,7 +193,9 @@ graphql-schema-dump:
# Disable warnings in browserslist which can break on backports
# https://github.com/browserslist/browserslist/blob/a287ec6/node.js#L367-L384
BROWSERSLIST_IGNORE_OLD_DATA: "true"
SETUP_DB: "false"
before_script:
- !reference [.default-before_script, before_script]
- *yarn-install
stage: test
@ -194,11 +217,7 @@ jest:
extends:
- .jest-base
- .frontend:rules:jest
needs:
- job: "detect-tests"
- job: "rspec frontend_fixture"
- job: "rspec-ee frontend_fixture"
optional: true
needs: ["rspec-all frontend_fixture"]
artifacts:
name: coverage-frontend
expire_in: 31d
@ -215,6 +234,9 @@ jest minimal:
extends:
- jest
- .frontend:rules:jest:minimal
needs:
- !reference [jest, needs]
- "detect-tests"
script:
- run_timed_command "yarn jest:ci:minimal"
@ -225,9 +247,7 @@ jest-integration:
script:
- run_timed_command "yarn jest:integration --ci"
needs:
- job: "rspec frontend_fixture"
- job: "rspec-ee frontend_fixture"
optional: true
- job: "rspec-all frontend_fixture"
- job: "graphql-schema-dump"
jest-as-if-foss:
@ -235,9 +255,17 @@ jest-as-if-foss:
- .jest-base
- .frontend:rules:default-frontend-jobs-as-if-foss
- .as-if-foss
needs: ["rspec frontend_fixture as-if-foss"]
needs: ["rspec-all frontend_fixture as-if-foss"]
parallel: 2
jest-as-if-jh:
extends:
- .jest-base
- .frontend:rules:default-frontend-jobs-as-if-jh
needs: ["rspec-all frontend_fixture as-if-jh", "add-jh-folder"]
script:
- echo "This job is currently doing nothing since there's no specific JH Jest tests yet. To enable this job, remove this line."
coverage-frontend:
extends:
- .default-retry
@ -341,9 +369,7 @@ startup-css-check:
- .frontend:rules:default-frontend-jobs
needs:
- job: "compile-test-assets"
- job: "rspec frontend_fixture"
- job: "rspec-ee frontend_fixture"
optional: true
- job: "rspec-all frontend_fixture"
startup-css-check as-if-foss:
extends:
@ -352,7 +378,7 @@ startup-css-check as-if-foss:
- .frontend:rules:default-frontend-jobs-as-if-foss
needs:
- job: "compile-test-assets as-if-foss"
- job: "rspec frontend_fixture as-if-foss"
- job: "rspec-all frontend_fixture as-if-foss"
.compile-storybook-base:
extends:
@ -361,11 +387,15 @@ startup-css-check as-if-foss:
script:
- *storybook-yarn-install
- yarn run storybook:build
needs: ["graphql-schema-dump"]
compile-storybook:
extends:
- .compile-storybook-base
- .frontend:rules:default-frontend-jobs
needs:
- !reference [.compile-storybook-base, needs]
- job: "rspec-all frontend_fixture"
artifacts:
name: storybook
expire_in: 31d
@ -378,3 +408,6 @@ compile-storybook as-if-foss:
- .compile-storybook-base
- .as-if-foss
- .frontend:rules:default-frontend-jobs-as-if-foss
needs:
- !reference [.compile-storybook-base, needs]
- job: "rspec-all frontend_fixture as-if-foss"

3
.gitlab/ci/global.gitlab-ci.yml
View file

@ -10,6 +10,7 @@
.default-before_script:
before_script:
- echo $FOSS_ONLY
- '[ "$FOSS_ONLY" = "1" ] && rm -rf ee/ qa/spec/ee/ qa/qa/specs/features/ee/ qa/qa/ee/ qa/qa/ee.rb'
- export GOPATH=$CI_PROJECT_DIR/.go
- mkdir -p $GOPATH
@ -193,10 +194,12 @@
.storybook-yarn-cache:
cache:
- *node-modules-cache
- *storybook-node-modules-cache
.storybook-yarn-cache-push:
cache:
- *node-modules-cache # We don't push this cache as it's already rebuilt by `update-yarn-cache`
- *storybook-node-modules-cache-push
.use-pg11:

34
.gitlab/ci/memory.gitlab-ci.yml
View file

@ -4,6 +4,12 @@
- .rails-cache
- .default-before_script
- .memory:rules
variables:
METRICS_FILE: "metrics.txt"
artifacts:
reports:
metrics: "${METRICS_FILE}"
expire_in: 31d
memory-static:
extends: .only-code-memory-job-base
@ -11,24 +17,25 @@ memory-static:
needs: ["setup-test-env"]
variables:
SETUP_DB: "false"
MEMORY_BUNDLE_MEM_FILE: "tmp/memory_bundle_mem.txt"
MEMORY_BUNDLE_OBJECTS_FILE: "tmp/memory_bundle_objects.txt"
script:
# Uses two different reports from the 'derailed_benchmars' gem.
# Loads each of gems in the Gemfile and checks how much memory they consume when they are required.
# 'derailed_benchmarks' internally uses 'get_process_mem'
- bundle exec derailed bundle:mem > tmp/memory_bundle_mem.txt
- scripts/generate-gems-size-metrics-static tmp/memory_bundle_mem.txt >> 'tmp/memory_metrics.txt'
- bundle exec derailed bundle:mem > "${MEMORY_BUNDLE_MEM_FILE}"
- scripts/generate-gems-size-metrics-static "${MEMORY_BUNDLE_MEM_FILE}" >> "${METRICS_FILE}"
# Outputs detailed information about objects created while gems are loaded.
# 'derailed_benchmarks' internally uses 'memory_profiler'
- bundle exec derailed bundle:objects > tmp/memory_bundle_objects.txt
- scripts/generate-gems-memory-metrics-static tmp/memory_bundle_objects.txt >> 'tmp/memory_metrics.txt'
- bundle exec derailed bundle:objects > "${MEMORY_BUNDLE_OBJECTS_FILE}"
- scripts/generate-gems-memory-metrics-static "${MEMORY_BUNDLE_OBJECTS_FILE}" >> "${METRICS_FILE}"
artifacts:
paths:
- tmp/memory_*.txt
reports:
metrics: tmp/memory_metrics.txt
expire_in: 31d
- "${METRICS_FILE}"
- "${MEMORY_BUNDLE_MEM_FILE}"
- "${MEMORY_BUNDLE_OBJECTS_FILE}"
# Show memory usage caused by invoking require per gem.
# Unlike `memory-static`, it hits the app with one request to ensure that any last minute require-s have been called.
@ -44,12 +51,11 @@ memory-on-boot:
NODE_ENV: "production"
RAILS_ENV: "production"
SETUP_DB: "true"
MEMORY_ON_BOOT_FILE: "tmp/memory_on_boot.txt"
script:
- PATH_TO_HIT="/users/sign_in" CUT_OFF=0.3 bundle exec derailed exec perf:mem >> 'tmp/memory_on_boot.txt'
- scripts/generate-memory-metrics-on-boot tmp/memory_on_boot.txt >> 'tmp/memory_on_boot_metrics.txt'
- PATH_TO_HIT="/users/sign_in" CUT_OFF=0.3 bundle exec derailed exec perf:mem >> "${MEMORY_ON_BOOT_FILE}"
- scripts/generate-memory-metrics-on-boot "${MEMORY_ON_BOOT_FILE}" >> "${METRICS_FILE}"
artifacts:
paths:
- tmp/memory_*.txt
reports:
metrics: tmp/memory_on_boot_metrics.txt
expire_in: 31d
- "${METRICS_FILE}"
- "${MEMORY_ON_BOOT_FILE}"

35
.gitlab/ci/reports.gitlab-ci.yml
View file

@ -1,7 +1,7 @@
include:
- template: Jobs/Code-Quality.gitlab-ci.yml
- template: Security/SAST.gitlab-ci.yml
- template: Security/Secret-Detection.gitlab-ci.yml
- template: Jobs/SAST.gitlab-ci.yml
- template: Jobs/Secret-Detection.gitlab-ci.yml
- template: Security/Dependency-Scanning.gitlab-ci.yml
- template: Security/License-Scanning.gitlab-ci.yml
@ -13,6 +13,7 @@ code_quality:
paths:
- gl-code-quality-report.json # GitLab-specific
rules: !reference [".reports:rules:code_quality", rules]
allow_failure: true
.sast-analyzer:
# We need to re-`extends` from `sast` as the `extends` here overrides the one from the template.
@ -27,16 +28,13 @@ code_quality:
variables:
SAST_BRAKEMAN_LEVEL: 2 # GitLab-specific
SAST_EXCLUDED_PATHS: "qa, spec, doc, ee/spec, config/gitlab.yml.example, tmp" # GitLab-specific
SAST_EXCLUDED_ANALYZERS: bandit, flawfinder, phpcs-security-audit, pmd-apex, security-code-scan, spotbugs, eslint
SAST_EXCLUDED_ANALYZERS: bandit, flawfinder, phpcs-security-audit, pmd-apex, security-code-scan, spotbugs, eslint, nodejs-scan
brakeman-sast:
rules: !reference [".reports:rules:sast", rules]
nodejs-scan-sast:
rules: !reference [".reports:rules:sast", rules]
rules: !reference [".reports:rules:brakeman-sast", rules]
semgrep-sast:
rules: !reference [".reports:rules:sast", rules]
rules: !reference [".reports:rules:semgrep-sast", rules]
gosec-sast:
variables:
@ -52,7 +50,7 @@ gosec-sast:
cache:
paths:
- vendor/go
rules: !reference [".reports:rules:sast", rules]
rules: !reference [".reports:rules:gosec-sast", rules]
.secret-analyzer:
extends: .default-retry
@ -73,6 +71,7 @@ secret_detection:
needs: []
variables:
DS_EXCLUDED_PATHS: "qa/qa/ee/fixtures/secure_premade_reports, spec, ee/spec, tmp" # GitLab-specific
DS_EXCLUDED_ANALYZERS: "gemnasium-maven"
artifacts:
paths:
- gl-dependency-scanning-report.json # GitLab-specific
@ -82,11 +81,6 @@ gemnasium-dependency_scanning:
before_script:
# git-lfs is needed for auto-remediation
- apk add git-lfs
after_script:
# Post-processing
- apk add jq
# Lower execa severity based on https://gitlab.com/gitlab-org/gitlab/-/issues/223859#note_452922390
- jq '(.vulnerabilities[] | select (.cve == "yarn.lock:execa:gemnasium:05cfa2e8-2d0c-42c1-8894-638e2f12ff3d")).severity = "Medium"' gl-dependency-scanning-report.json > temp.json && mv temp.json gl-dependency-scanning-report.json
rules: !reference [".reports:rules:gemnasium-dependency_scanning", rules]
bundler-audit-dependency_scanning:
@ -101,8 +95,7 @@ gemnasium-python-dependency_scanning:
# Analyze dependencies for malicious behavior
# See https://gitlab.com/gitlab-com/gl-security/security-research/package-hunter
.package_hunter-base:
extends:
- .default-retry
extends: .default-retry
stage: test
image:
name: registry.gitlab.com/gitlab-com/gl-security/security-research/package-hunter-cli:1.1.0
@ -116,6 +109,8 @@ gemnasium-python-dependency_scanning:
before_script:
- rm -r spec locale .git app/assets/images doc/
- cd .. && tar -I "gzip --best" -cf gitlab.tgz gitlab/
script:
- node /usr/src/app/cli.js analyze --format gitlab --manager ${PACKAGE_MANAGER} gitlab.tgz | tee ${CI_PROJECT_DIR}/gl-dependency-scanning-report.json
artifacts:
paths:
- gl-dependency-scanning-report.json
@ -127,15 +122,15 @@ package_hunter-yarn:
extends:
- .package_hunter-base
- .reports:rules:package_hunter-yarn
script:
- node /usr/src/app/cli.js analyze --format gitlab --manager yarn gitlab.tgz | tee $CI_PROJECT_DIR/gl-dependency-scanning-report.json
variables:
PACKAGE_MANAGER: yarn
package_hunter-bundler:
extends:
- .package_hunter-base
- .reports:rules:package_hunter-bundler
script:
- node /usr/src/app/cli.js analyze --format gitlab --manager bundler gitlab.tgz | tee $CI_PROJECT_DIR/gl-dependency-scanning-report.json
variables:
PACKAGE_MANAGER: bundler
license_scanning:
extends: .default-retry

191
.gitlab/ci/review-apps/dast.gitlab-ci.yml Normal file
View file

@ -0,0 +1,191 @@
.dast_conf:
tags:
- prm
# For scheduling dast job
extends:
- .reports:rules:schedule-dast
image:
name: "registry.gitlab.com/gitlab-org/security-products/dast:$DAST_VERSION"
resource_group: dast_scan
variables:
DAST_USERNAME_FIELD: "user[login]"
DAST_PASSWORD_FIELD: "user[password]"
DAST_SUBMIT_FIELD: "commit"
DAST_FULL_SCAN_ENABLED: "true"
DAST_VERSION: 2
GIT_STRATEGY: none
# -Xmx is used to set the JVM memory to 6GB to prevent DAST OutOfMemoryError.
DAST_ZAP_CLI_OPTIONS: "-Xmx6144m"
before_script:
- 'export DAST_WEBSITE="${DAST_WEBSITE:-$(cat environment_url.txt)}"'
- 'export DAST_AUTH_URL="${DAST_WEBSITE}/users/sign_in"'
- 'export DAST_PASSWORD="${REVIEW_APPS_ROOT_PASSWORD}"'
# Help pages are excluded from scan as they are static pages.
# profile/two_factor_auth is excluded from scan to prevent 2FA from being turned on from user profile, which will reduce coverage.
- 'DAST_EXCLUDE_URLS="${DAST_WEBSITE}/help/.*,${DAST_WEBSITE}/-/profile/two_factor_auth,${DAST_WEBSITE}/users/sign_out"'
# Exclude the automatically generated monitoring project from being tested due to https://gitlab.com/gitlab-org/gitlab/-/issues/260362
- 'export DAST_EXCLUDE_URLS="${DAST_EXCLUDE_URLS},${DAST_WEBSITE}/gitlab-instance-.*"'
needs: ["review-deploy"]
stage: dast
# Default job timeout set to 90m and dast rules needs 2h to so that it won't timeout.
timeout: 2h
# Add retry because of intermittent connection problems. See https://gitlab.com/gitlab-org/gitlab/-/issues/244313
retry: 1
artifacts:
paths:
- gl-dast-report.json # GitLab-specific
reports:
dast: gl-dast-report.json
expire_in: 1 week # GitLab-specific
allow_failure: true
# DAST scan with a subset of Release scan rules.
# ZAP rule details can be found at https://www.zaproxy.org/docs/alerts/
# 10019, 10021 Missing security headers
# 10023, 10024, 10025, 10037 Information Disclosure
# 10040 Secure Pages Include Mixed Content
# 10055 CSP
# 10056 X-Debug-Token Information Leak
# Duration: 14 minutes 20 seconds
dast:secureHeaders-csp-infoLeak:
extends:
- .dast_conf
variables:
DAST_USERNAME: "user1"
DAST_ONLY_INCLUDE_RULES: "10019,10021,10023,10024,10025,10037,10040,10055,10056"
script:
- /analyze
# 90023 XML External Entity Attack
# Duration: 41 minutes 20 seconds
# 90019 Server Side Code Injection
# Duration: 34 minutes 31 seconds
dast:XXE-SrvSideInj:
extends:
- .dast_conf
variables:
DAST_USERNAME: "user2"
DAST_ONLY_INCLUDE_RULES: "90023,90019"
script:
- /analyze
# 0 Directory Browsing
# 2 Private IP Disclosure
# 3 Session ID in URL Rewrite
# 7 Remote File Inclusion
# Duration: 63 minutes 43 seconds
# 90034 Cloud Metadata Potentially Exposed
# Duration: 13 minutes 48 seconds
# 90022 Application Error Disclosure
# Duration: 12 minutes 7 seconds
dast:infoLeak-fileInc-DirBrowsing:
extends:
- .dast_conf
variables:
DAST_USERNAME: "user3"
DAST_ONLY_INCLUDE_RULES: "0,2,3,7,90034,90022"
script:
- /analyze
# 10010 Cookie No HttpOnly Flag
# 10011 Cookie Without Secure Flag
# 10017 Cross-Domain JavaScript Source File Inclusion
# 10029 Cookie Poisoning
# 90033 Loosely Scoped Cookie
# 10054 Cookie Without SameSite Attribute
# Duration: 13 minutes 23 seconds
dast:insecureCookie:
extends:
- .dast_conf
variables:
DAST_USERNAME: "user4"
DAST_ONLY_INCLUDE_RULES: "10010,10011,10017,10029,90033,10054"
script:
- /analyze
# 20012 Anti-CSRF Tokens Check
# 10202 Absence of Anti-CSRF Tokens
# https://gitlab.com/gitlab-com/gl-security/appsec/appsec-team/-/issues/192
# Commented because of lot of FP's
# dast:csrfTokenCheck:
# extends:
# - .dast_conf
# variables:
# DAST_USERNAME: "user6"
# DAST_ONLY_INCLUDE_RULES: "20012,10202"
# script:
# - /analyze
# 10098 Cross-Domain Misconfiguration
# 10105 Weak Authentication Method
# 40003 CRLF Injection
# 40008 Parameter Tampering
# Duration: 71 minutes 15 seconds
dast:corsMisconfig-weakauth-crlfInj:
extends:
- .dast_conf
variables:
DAST_USERNAME: "user5"
DAST_ONLY_INCLUDE_RULES: "10098,10105,40003,40008"
script:
- /analyze
# 20019 External Redirect
# 20014 HTTP Parameter Pollution
# Duration: 46 minutes 12 seconds
dast:extRedirect-paramPollution:
extends:
- .dast_conf
variables:
DAST_USERNAME: "user6"
DAST_ONLY_INCLUDE_RULES: "20019,20014"
script:
- /analyze
# 40022 SQL Injection - PostgreSQL
# Duration: 53 minutes 59 seconds
dast:sqlInjection:
extends:
- .dast_conf
variables:
DAST_USERNAME: "user7"
DAST_ONLY_INCLUDE_RULES: "40022"
script:
- /analyze
# 40014 Cross Site Scripting (Persistent)
# Duration: 21 minutes 50 seconds
dast:xss-persistent:
extends:
- .dast_conf
variables:
DAST_USERNAME: "user8"
DAST_ONLY_INCLUDE_RULES: "40014"
script:
- /analyze
# 40012 Cross Site Scripting (Reflected)
# Duration: 73 minutes 15 seconds
dast:xss-reflected:
extends:
- .dast_conf
variables:
DAST_USERNAME: "user9"
DAST_ONLY_INCLUDE_RULES: "40012"
script:
- /analyze
# 40013 Session Fixation
# Duration: 44 minutes 25 seconds
dast:sessionFixation:
extends:
- .dast_conf
variables:
DAST_USERNAME: "user10"
DAST_ONLY_INCLUDE_RULES: "40013"
script:
- /analyze

106
.gitlab/ci/review-apps/main.gitlab-ci.yml Normal file
View file

@ -0,0 +1,106 @@
stages:
- prepare
- deploy
- qa
- post-qa
- dast
include:
- local: .gitlab/ci/global.gitlab-ci.yml
- local: .gitlab/ci/rules.gitlab-ci.yml
- local: .gitlab/ci/review-apps/qa.gitlab-ci.yml
- local: .gitlab/ci/review-apps/dast.gitlab-ci.yml
.base-before_script: &base-before_script
- source ./scripts/utils.sh
- source ./scripts/review_apps/review-apps.sh
- install_api_client_dependencies_with_apk
review-build-cng:
extends:
- .default-retry
- .review:rules:review-build-cng
image: ${GITLAB_DEPENDENCY_PROXY}ruby:2.7-alpine3.13
stage: prepare
variables:
CNG_PROJECT_ACCESS_TOKEN: "${CNG_MIRROR_PROJECT_ACCESS_TOKEN}" # "Multi-pipeline (from 'gitlab-org/gitlab' 'review-build-cng' job)" at https://gitlab.com/gitlab-org/build/CNG-mirror/-/settings/access_tokens
CNG_PROJECT_PATH: "gitlab-org/build/CNG-mirror"
before_script:
- source ./scripts/utils.sh
- install_gitlab_gem
script:
- ./scripts/trigger-build cng
.review-workflow-base:
extends:
- .default-retry
image: registry.gitlab.com/gitlab-org/gitlab-build-images:gitlab-helm3.5-kubectl1.17
variables:
HOST_SUFFIX: "${CI_ENVIRONMENT_SLUG}"
DOMAIN: "-${CI_ENVIRONMENT_SLUG}.${REVIEW_APPS_DOMAIN}"
GITLAB_HELM_CHART_REF: "v5.2.1"
environment:
name: review/${CI_COMMIT_REF_SLUG}${FREQUENCY}
url: https://gitlab-${CI_ENVIRONMENT_SLUG}.${REVIEW_APPS_DOMAIN}
on_stop: review-stop
auto_stop_in: 48 hours
review-deploy:
extends:
- .review-workflow-base
- .review:rules:review-deploy
stage: deploy
needs: ["review-build-cng"]
resource_group: "review/${CI_COMMIT_REF_NAME}"
before_script:
- export GITLAB_SHELL_VERSION=$(<GITLAB_SHELL_VERSION)
- export GITALY_VERSION=$(<GITALY_SERVER_VERSION)
- export GITLAB_WORKHORSE_VERSION=$(<GITLAB_WORKHORSE_VERSION)
- echo "${CI_ENVIRONMENT_URL}" > environment_url.txt
- *base-before_script
script:
- check_kube_domain
- download_chart
- date
- deploy || (display_deployment_debug && exit 1)
- verify_deploy || exit 1
- disable_sign_ups || (delete_release && exit 1)
after_script:
# Run seed-dast-test-data.sh only when DAST_RUN is set to true. This is to pupulate review app with data for DAST scan.
# Set DAST_RUN to true when jobs are manually scheduled.
- if [ "$DAST_RUN" == "true" ]; then source scripts/review_apps/seed-dast-test-data.sh; TRACE=1 trigger_proj_user_creation; fi
artifacts:
paths:
- environment_url.txt
- curl_output.txt
expire_in: 7 days
when: always
.review-stop-base:
extends: .review-workflow-base
environment:
action: stop
dependencies: []
variables:
# We're cloning the repo instead of downloading the script for now
# because some repos are private and CI_JOB_TOKEN cannot access files.
# See https://gitlab.com/gitlab-org/gitlab/issues/191273
GIT_DEPTH: 1
before_script:
- *base-before_script
review-delete-deployment:
extends:
- .review-stop-base
- .review:rules:review-delete-deployment
stage: prepare
script:
- delete_release
review-stop:
extends:
- .review-stop-base
- .review:rules:review-stop
stage: post-qa
script:
- delete_k8s_release_namespace

128
.gitlab/ci/review-apps/qa.gitlab-ci.yml Normal file
View file

@ -0,0 +1,128 @@
.review-qa-base:
extends:
- .use-docker-in-docker
image:
name: ${QA_IMAGE}
entrypoint: [""]
stage: qa
needs: ["review-deploy"]
variables:
QA_DEBUG: "true"
QA_CAN_TEST_GIT_PROTOCOL_V2: "false"
QA_GENERATE_ALLURE_REPORT: "true"
GITLAB_USERNAME: "root"
GITLAB_PASSWORD: "${REVIEW_APPS_ROOT_PASSWORD}"
GITLAB_ADMIN_USERNAME: "root"
GITLAB_ADMIN_PASSWORD: "${REVIEW_APPS_ROOT_PASSWORD}"
GITHUB_ACCESS_TOKEN: "${REVIEW_APPS_QA_GITHUB_ACCESS_TOKEN}"
EE_LICENSE: "${REVIEW_APPS_EE_LICENSE}"
SIGNUP_DISABLED: "true"
before_script:
# Use $CI_MERGE_REQUEST_SOURCE_BRANCH_SHA so that GitLab image built in omnibus-gitlab-mirror and QA image are in sync.
- if [ -n "$CI_MERGE_REQUEST_SOURCE_BRANCH_SHA" ]; then
git checkout -f ${CI_MERGE_REQUEST_SOURCE_BRANCH_SHA};
fi
- export CI_ENVIRONMENT_URL="$(cat environment_url.txt)"
- echo "${CI_ENVIRONMENT_URL}"
- cd qa
artifacts:
paths:
- qa/tmp
expire_in: 7 days
when: always
.allure-report-base:
image:
name: ${GITLAB_DEPENDENCY_PROXY}andrcuns/allure-report-publisher:0.3.6
entrypoint: [""]
stage: post-qa
variables:
GIT_STRATEGY: none
STORAGE_CREDENTIALS: $QA_ALLURE_REPORT_GCS_CREDENTIALS
GITLAB_AUTH_TOKEN: $GITLAB_QA_MR_ALLURE_REPORT_TOKEN
ALLURE_PROJECT_PATH: $CI_PROJECT_PATH
ALLURE_MERGE_REQUEST_IID: $CI_MERGE_REQUEST_IID
allow_failure: true
script:
- |
allure-report-publisher upload gcs \
--results-glob="qa/tmp/allure-results/*" \
--bucket="gitlab-qa-allure-reports" \
--prefix="$ALLURE_REPORT_PATH_PREFIX/$CI_COMMIT_REF_SLUG" \
--update-pr="comment" \
--copy-latest \
--ignore-missing-results \
--color
review-qa-smoke:
extends:
- .review-qa-base
- .review:rules:review-qa-smoke
retry: 1 # This is confusing but this means "2 runs at max".
variables:
QA_RUN_TYPE: review-qa-smoke
script:
- bin/test Test::Instance::Smoke "${CI_ENVIRONMENT_URL}"
review-qa-all:
extends:
- .review-qa-base
- .review:rules:review-qa-all
variables:
QA_RUN_TYPE: review-qa-all
parallel: 5
script:
- export KNAPSACK_REPORT_PATH=knapsack/master_report.json
- export KNAPSACK_TEST_FILE_PATTERN=qa/specs/features/**/*_spec.rb
- |
bin/test Test::Instance::All "${CI_ENVIRONMENT_URL}" \
-- \
--color --format documentation \
--format RspecJunitFormatter --out tmp/rspec.xml
artifacts:
reports:
junit: qa/tmp/rspec.xml
review-performance:
extends:
- .default-retry
- .review:rules:review-performance
image:
name: sitespeedio/sitespeed.io
entrypoint: [""]
stage: qa
needs: ["review-deploy"]
before_script:
- export CI_ENVIRONMENT_URL="$(cat environment_url.txt)"
- echo "${CI_ENVIRONMENT_URL}"
- mkdir -p gitlab-exporter
- wget -O ./gitlab-exporter/index.js https://gitlab.com/gitlab-org/gl-performance/raw/master/index.js
- mkdir -p sitespeed-results
script:
- /start.sh --plugins.add ./gitlab-exporter --outputFolder sitespeed-results "${CI_ENVIRONMENT_URL}"
after_script:
- mv sitespeed-results/data/performance.json performance.json
artifacts:
paths:
- sitespeed-results/
reports:
performance: performance.json
expire_in: 31d
allure-report-qa-smoke:
extends:
- .allure-report-base
- .review:rules:review-qa-smoke-report
needs: ["review-qa-smoke"]
variables:
ALLURE_REPORT_PATH_PREFIX: gitlab-review-smoke
ALLURE_JOB_NAME: review-qa-smoke
allure-report-qa-all:
extends:
- .allure-report-base
- .review:rules:review-qa-all-report
needs: ["review-qa-all"]
variables:
ALLURE_REPORT_PATH_PREFIX: gitlab-review-all
ALLURE_JOB_NAME: review-qa-all

232
.gitlab/ci/review.gitlab-ci.yml
View file

@ -16,225 +16,25 @@ review-cleanup:
- ruby -rrubygems scripts/review_apps/automated_cleanup.rb
- gcp_cleanup
.base-before_script: &base-before_script
- source ./scripts/utils.sh
- source ./scripts/review_apps/review-apps.sh
- install_api_client_dependencies_with_apk
review-build-cng:
start-review-app-pipeline:
extends:
- .default-retry
- .review:rules:review-build-cng
image: ${GITLAB_DEPENDENCY_PROXY}ruby:2.7-alpine3.13
stage: review-prepare
needs:
- job: compile-production-assets
artifacts: false
variables:
CNG_PROJECT_ACCESS_TOKEN: "${CNG_MIRROR_PROJECT_ACCESS_TOKEN}" # "Multi-pipeline (from 'gitlab-org/gitlab' 'review-build-cng' job)" at https://gitlab.com/gitlab-org/build/CNG-mirror/-/settings/access_tokens
CNG_PROJECT_PATH: "gitlab-org/build/CNG-mirror"
before_script:
- source ./scripts/utils.sh
- install_gitlab_gem
script:
- ./scripts/trigger-build cng
.review-workflow-base:
extends:
- .default-retry
image: registry.gitlab.com/gitlab-org/gitlab-build-images:gitlab-helm3.5-kubectl1.17
variables:
HOST_SUFFIX: "${CI_ENVIRONMENT_SLUG}"
DOMAIN: "-${CI_ENVIRONMENT_SLUG}.${REVIEW_APPS_DOMAIN}"
GITLAB_HELM_CHART_REF: "v5.2.1"
environment:
name: review/${CI_COMMIT_REF_SLUG}${FREQUENCY}
url: https://gitlab-${CI_ENVIRONMENT_SLUG}.${REVIEW_APPS_DOMAIN}
on_stop: review-stop
auto_stop_in: 48 hours
review-deploy:
extends:
- .review-workflow-base
- .review:rules:review-deploy
- .review:rules:review-app-pipeline
stage: review
needs: ["review-build-cng"]
resource_group: "review/${CI_COMMIT_REF_NAME}"
before_script:
- export GITLAB_SHELL_VERSION=$(<GITLAB_SHELL_VERSION)
- export GITALY_VERSION=$(<GITALY_SERVER_VERSION)
- export GITLAB_WORKHORSE_VERSION=$(<GITLAB_WORKHORSE_VERSION)
- echo "${CI_ENVIRONMENT_URL}" > environment_url.txt
- *base-before_script
script:
- check_kube_domain
- download_chart
- date
- deploy || (display_deployment_debug && exit 1)
- verify_deploy || exit 1
- disable_sign_ups || (delete_release && exit 1)
after_script:
# Run seed-dast-test-data.sh only when DAST_RUN is set to true. This is to pupulate review app with data for DAST scan.
# Set DAST_RUN to true when jobs are manually scheduled.
- if [ "$DAST_RUN" == "true" ]; then source scripts/review_apps/seed-dast-test-data.sh; TRACE=1 trigger_proj_user_creation; fi
artifacts:
paths:
- environment_url.txt
- curl_output.txt
expire_in: 7 days
when: always
.review-stop-base:
extends: .review-workflow-base
environment:
action: stop
dependencies: []
needs:
- job: build-assets-image
artifacts: false
- job: build-qa-image
artifacts: false
# These variables are set in the pipeline schedules.
# They need to be explicitly passed on to the child pipeline.
# https://docs.gitlab.com/ee/ci/pipelines/multi_project_pipelines.html#pass-cicd-variables-to-a-downstream-pipeline-by-using-the-variables-keyword
variables:
# We're cloning the repo instead of downloading the script for now
# because some repos are private and CI_JOB_TOKEN cannot access files.
# See https://gitlab.com/gitlab-org/gitlab/issues/191273
GIT_DEPTH: 1
before_script:
- *base-before_script
review-delete-deployment:
extends:
- .review-stop-base
- .review:rules:review-delete-deployment
stage: prepare
script:
- delete_release
review-stop:
extends:
- .review-stop-base
- .review:rules:review-stop
stage: post-qa
script:
- delete_k8s_release_namespace
.review-qa-base:
extends:
- .use-docker-in-docker
image:
name: ${QA_IMAGE}
entrypoint: [""]
stage: qa
needs: ["build-qa-image", "review-deploy"]
variables:
QA_DEBUG: "true"
QA_CAN_TEST_GIT_PROTOCOL_V2: "false"
QA_GENERATE_ALLURE_REPORT: "true"
GITLAB_USERNAME: "root"
GITLAB_PASSWORD: "${REVIEW_APPS_ROOT_PASSWORD}"
GITLAB_ADMIN_USERNAME: "root"
GITLAB_ADMIN_PASSWORD: "${REVIEW_APPS_ROOT_PASSWORD}"
GITHUB_ACCESS_TOKEN: "${REVIEW_APPS_QA_GITHUB_ACCESS_TOKEN}"
EE_LICENSE: "${REVIEW_APPS_EE_LICENSE}"
SIGNUP_DISABLED: "true"
before_script:
# Use $CI_MERGE_REQUEST_SOURCE_BRANCH_SHA so that GitLab image built in omnibus-gitlab-mirror and QA image are in sync.
- if [ -n "$CI_MERGE_REQUEST_SOURCE_BRANCH_SHA" ]; then
git checkout -f ${CI_MERGE_REQUEST_SOURCE_BRANCH_SHA};
fi
- export CI_ENVIRONMENT_URL="$(cat environment_url.txt)"
- echo "${CI_ENVIRONMENT_URL}"
- cd qa
artifacts:
paths:
- qa/tmp
expire_in: 7 days
when: always
.allure-report-base:
image:
name: ${GITLAB_DEPENDENCY_PROXY}andrcuns/allure-report-publisher:0.3.4
entrypoint: [""]
stage: post-qa
variables:
GIT_STRATEGY: none
STORAGE_CREDENTIALS: $QA_ALLURE_REPORT_GCS_CREDENTIALS
GITLAB_AUTH_TOKEN: $GITLAB_QA_MR_ALLURE_REPORT_TOKEN
allow_failure: true
script:
- |
allure-report-publisher upload gcs \
--results-glob="qa/tmp/allure-results/*" \
--bucket="gitlab-qa-allure-reports" \
--prefix="$ALLURE_REPORT_PATH_PREFIX/$CI_COMMIT_REF_SLUG" \
--update-pr="comment" \
--copy-latest \
--ignore-missing-results \
--color
review-qa-smoke:
extends:
- .review-qa-base
- .review:rules:review-qa-smoke
retry: 1 # This is confusing but this means "2 runs at max".
script:
- bin/test Test::Instance::Smoke "${CI_ENVIRONMENT_URL}"
review-qa-all:
extends:
- .review-qa-base
- .review:rules:review-qa-all
parallel: 5
script:
- export KNAPSACK_REPORT_PATH=knapsack/master_report.json
- export KNAPSACK_TEST_FILE_PATTERN=qa/specs/features/**/*_spec.rb
- |
bin/test Test::Instance::All "${CI_ENVIRONMENT_URL}" \
-- \
--color --format documentation \
--format RspecJunitFormatter --out tmp/rspec.xml
artifacts:
reports:
junit: qa/tmp/rspec.xml
review-performance:
extends:
- .default-retry
- .review:rules:review-performance
image:
name: sitespeedio/sitespeed.io
entrypoint: [""]
stage: qa
needs: ["review-deploy"]
before_script:
- export CI_ENVIRONMENT_URL="$(cat environment_url.txt)"
- echo "${CI_ENVIRONMENT_URL}"
- mkdir -p gitlab-exporter
- wget -O ./gitlab-exporter/index.js https://gitlab.com/gitlab-org/gl-performance/raw/master/index.js
- mkdir -p sitespeed-results
script:
- /start.sh --plugins.add ./gitlab-exporter --outputFolder sitespeed-results "${CI_ENVIRONMENT_URL}"
after_script:
- mv sitespeed-results/data/performance.json performance.json
artifacts:
paths:
- sitespeed-results/
reports:
performance: performance.json
expire_in: 31d
allure-report-qa-smoke:
extends:
- .allure-report-base
- .review:rules:review-qa-smoke-report
needs: ["review-qa-smoke"]
variables:
ALLURE_REPORT_PATH_PREFIX: gitlab-review-smoke
ALLURE_JOB_NAME: review-qa-smoke
allure-report-qa-all:
extends:
- .allure-report-base
- .review:rules:review-qa-all-report
needs: ["review-qa-all"]
variables:
ALLURE_REPORT_PATH_PREFIX: gitlab-review-all
ALLURE_JOB_NAME: review-qa-all
FREQUENCY: $FREQUENCY
DAST_RUN: $DAST_RUN
trigger:
include:
- local: .gitlab/ci/review-apps/main.gitlab-ci.yml
strategy: depend
danger-review:
extends:

403
.gitlab/ci/rules.gitlab-ci.yml
View file

@ -10,6 +10,9 @@
.if-not-foss: &if-not-foss
if: '$CI_PROJECT_NAME != "gitlab-foss" && $CI_PROJECT_NAME != "gitlab-ce" && $CI_PROJECT_NAME != "gitlabhq"'
.if-jh: &if-jh
if: '$CI_PROJECT_PATH == "gitlab-jh/gitlab"'
.if-default-refs: &if-default-refs
if: '$CI_COMMIT_REF_NAME == $CI_DEFAULT_BRANCH || $CI_COMMIT_REF_NAME =~ /^[\d-]+-stable(-ee)?$/ || $CI_COMMIT_REF_NAME =~ /^\d+-\d+-auto-deploy-\d+$/ || $CI_COMMIT_REF_NAME =~ /^security\// || $CI_MERGE_REQUEST_IID || $CI_COMMIT_TAG || $FORCE_GITLAB_CI'
@ -37,19 +40,22 @@
.if-automated-merge-request: &if-automated-merge-request
if: '$CI_MERGE_REQUEST_SOURCE_BRANCH_NAME == "release-tools/update-gitaly" || $CI_MERGE_REQUEST_TARGET_BRANCH_NAME =~ /stable-ee$/'
.if-merge-request-title-as-if-foss: &if-merge-request-title-as-if-foss
.if-merge-request-labels-as-if-foss: &if-merge-request-labels-as-if-foss
if: '$CI_MERGE_REQUEST_LABELS =~ /pipeline:run-as-if-foss/'
.if-merge-request-title-update-caches: &if-merge-request-title-update-caches
.if-merge-request-labels-as-if-jh: &if-merge-request-labels-as-if-jh
if: '$CI_MERGE_REQUEST_LABELS =~ /pipeline:run-as-if-jh/'
.if-merge-request-labels-update-caches: &if-merge-request-labels-update-caches
if: '$CI_MERGE_REQUEST_LABELS =~ /pipeline:update-cache/'
.if-merge-request-title-run-all-rspec: &if-merge-request-title-run-all-rspec
.if-merge-request-labels-run-all-rspec: &if-merge-request-labels-run-all-rspec
if: '$CI_MERGE_REQUEST_LABELS =~ /pipeline:run-all-rspec/'
.if-merge-request-title-run-all-jest: &if-merge-request-title-run-all-jest
.if-merge-request-labels-run-all-jest: &if-merge-request-labels-run-all-jest
if: '$CI_MERGE_REQUEST_LABELS =~ /pipeline:run-all-jest/'
.if-merge-request-run-decomposed: &if-merge-request-run-decomposed
.if-merge-request-labels-run-decomposed: &if-merge-request-labels-run-decomposed
if: '$CI_MERGE_REQUEST_LABELS =~ /pipeline:run-decomposed/'
.if-security-merge-request: &if-security-merge-request
@ -67,15 +73,24 @@
.if-dot-com-gitlab-org-schedule: &if-dot-com-gitlab-org-schedule
if: '$CI_SERVER_HOST == "gitlab.com" && $CI_PROJECT_NAMESPACE == "gitlab-org" && $CI_PIPELINE_SOURCE == "schedule"'
.if-dot-com-gitlab-org-schedule-child-pipeline: &if-dot-com-gitlab-org-schedule-child-pipeline
if: '$CI_SERVER_HOST == "gitlab.com" && $CI_PROJECT_NAMESPACE == "gitlab-org" && $CI_PIPELINE_SOURCE == "parent_pipeline" && $FREQUENCY'
.if-dot-com-ee-schedule: &if-dot-com-ee-schedule
if: '$CI_SERVER_HOST == "gitlab.com" && $CI_PROJECT_PATH == "gitlab-org/gitlab" && $CI_PIPELINE_SOURCE == "schedule"'
.if-dot-com-ee-schedule-child-pipeline: &if-dot-com-ee-schedule-child-pipeline
if: '$CI_SERVER_HOST == "gitlab.com" && $CI_PROJECT_PATH == "gitlab-org/gitlab" && $CI_PIPELINE_SOURCE == "parent_pipeline" && $FREQUENCY'
.if-dot-com-ee-2-hourly-schedule: &if-dot-com-ee-2-hourly-schedule
if: '$CI_SERVER_HOST == "gitlab.com" && $CI_PROJECT_PATH == "gitlab-org/gitlab" && $CI_PIPELINE_SOURCE == "schedule" && $FREQUENCY == "2-hourly"'
.if-dot-com-ee-nightly-schedule: &if-dot-com-ee-nightly-schedule
if: '$CI_SERVER_HOST == "gitlab.com" && $CI_PROJECT_PATH == "gitlab-org/gitlab" && $CI_PIPELINE_SOURCE == "schedule" && $FREQUENCY == "nightly"'
.if-dot-com-ee-nightly-schedule-child-pipeline: &if-dot-com-ee-nightly-schedule-child-pipeline
if: '$CI_SERVER_HOST == "gitlab.com" && $CI_PROJECT_PATH == "gitlab-org/gitlab" && $CI_PIPELINE_SOURCE == "parent_pipeline" && $FREQUENCY == "nightly"'
.if-cache-credentials-schedule: &if-cache-credentials-schedule
if: '$CI_REPO_CACHE_CREDENTIALS && $CI_PIPELINE_SOURCE == "schedule"'
@ -91,13 +106,6 @@
.if-dot-com-gitlab-org-and-security-tag: &if-dot-com-gitlab-org-and-security-tag
if: '$CI_SERVER_HOST == "gitlab.com" && $CI_PROJECT_NAMESPACE =~ /^gitlab-org($|\/security$)/ && $CI_COMMIT_TAG'
.if-rspec-fail-fast-disabled: &if-rspec-fail-fast-disabled
if: '$RSPEC_FAIL_FAST_ENABLED != "true"'
.if-rspec-fail-fast-skipped: &if-rspec-fail-fast-skipped
if: '$CI_MERGE_REQUEST_LABELS =~ /pipeline:skip-rspec-fail-fast/'
# For Security merge requests, the gitlab-release-tools-bot triggers a new
# pipeline for the "Pipelines for merged results" feature. If the pipeline
# fails, we notify release managers.
@ -120,6 +128,7 @@
- ".gitlab/ci/frontend.gitlab-ci.yml"
- ".gitlab/ci/build-images.gitlab-ci.yml"
- ".gitlab/ci/review.gitlab-ci.yml"
- ".gitlab/ci/review-apps/**/*"
- "scripts/review_apps/base-config.yaml"
- "scripts/review_apps/review-apps.sh"
- "scripts/trigger-build"
@ -150,13 +159,6 @@
- ".markdownlint.yml"
- "scripts/lint-doc.sh"
.docs-deprecations-patterns: &docs-deprecations-patterns
- "doc/deprecations/index.md"
- "data/deprecations/*.yml"
- "data/deprecations/templates/_deprecation_template.md.erb"
- "lib/tasks/gitlab/docs/compile_deprecations.rake"
- "tooling/deprecations/docs.rb"
.bundler-patterns: &bundler-patterns
- '{Gemfile.lock,*/Gemfile.lock,*/*/Gemfile.lock}'
@ -368,13 +370,16 @@
- "danger/**/*"
- "tooling/danger/**/*"
.core-backend-patterns: &core-backend-patterns
- "{,jh/}Gemfile{,.lock}"
- "{,ee/,jh/}config/**/*.rb"
.core-frontend-patterns: &core-frontend-patterns
- "{package.json,yarn.lock}"
- "babel.config.js"
- "jest.config.{base,integration,unit}.js"
- "config/helpers/**/*.js"
- "vendor/assets/javascripts/**/*"
- "{,ee/,jh/}app/assets/**/*.graphql"
################
# Shared rules #
@ -383,11 +388,11 @@
rules:
- <<: *if-default-branch-schedule-2-hourly
- <<: *if-security-schedule
- <<: *if-merge-request-title-update-caches
- <<: *if-merge-request-labels-update-caches
.shared:rules:update-gitaly-binaries-cache:
rules:
- <<: *if-merge-request-title-update-caches
- <<: *if-merge-request-labels-update-caches
- changes: *gitaly-patterns
######################
@ -471,12 +476,6 @@
changes: *docs-patterns
when: on_success
.docs:rules:deprecations:
rules:
- <<: *if-default-refs
changes: *docs-deprecations-patterns
when: on_success
##################
# GraphQL rules #
##################
@ -502,24 +501,30 @@
.frontend:rules:compile-test-assets:
rules:
- changes: *code-backstage-qa-patterns
- <<: *if-merge-request-title-run-all-rspec
- <<: *if-merge-request-labels-run-all-rspec
.frontend:rules:compile-test-assets-as-if-foss:
rules:
- <<: *if-not-ee
when: never
- <<: *if-merge-request-labels-as-if-foss
- <<: *if-merge-request-labels-run-all-rspec
- changes: *code-backstage-qa-patterns
- <<: *if-merge-request-title-run-all-rspec
- changes: *startup-css-patterns
.frontend:rules:default-frontend-jobs:
rules:
- <<: *if-default-refs
changes: *code-backstage-patterns
.frontend:rules:default-frontend-jobs-ee:
.frontend:rules:compile-test-assets-as-if-jh:
rules:
- <<: *if-not-ee
when: never
- <<: *if-jh
when: never
- <<: *if-merge-request-labels-as-if-jh
- <<: *if-merge-request-labels-run-all-rspec
- changes: *code-backstage-qa-patterns
- changes: *startup-css-patterns
.frontend:rules:default-frontend-jobs:
rules:
- <<: *if-default-refs
changes: *code-backstage-patterns
@ -527,10 +532,27 @@
rules:
- <<: *if-not-ee
when: never
- <<: *if-jh
when: never
- <<: *if-security-merge-request
changes: *code-backstage-patterns
- <<: *if-merge-request-title-as-if-foss
- <<: *if-merge-request-title-run-all-rspec
- <<: *if-merge-request-labels-as-if-foss
- <<: *if-merge-request-labels-run-all-rspec
- <<: *if-merge-request
changes: *startup-css-patterns
- <<: *if-merge-request
changes: *ci-patterns
.frontend:rules:default-frontend-jobs-as-if-jh:
rules:
- <<: *if-not-ee
when: never
- <<: *if-jh
when: never
- <<: *if-security-merge-request
changes: *code-backstage-patterns
- <<: *if-merge-request-labels-as-if-jh
- <<: *if-merge-request-labels-run-all-rspec
- <<: *if-merge-request
changes: *startup-css-patterns
- <<: *if-merge-request
@ -538,7 +560,7 @@
.frontend:rules:jest:
rules:
- <<: *if-merge-request-title-run-all-jest
- <<: *if-merge-request-labels-run-all-jest
- <<: *if-default-refs
changes: *core-frontend-patterns
- <<: *if-merge-request
@ -558,7 +580,7 @@
when: never
- <<: *if-automated-merge-request
when: never
- <<: *if-merge-request-title-run-all-jest
- <<: *if-merge-request-labels-run-all-jest
when: never
- <<: *if-default-refs
changes: *core-frontend-patterns
@ -576,7 +598,10 @@
rules:
- <<: *if-not-ee
when: never
- <<: *if-merge-request-title-as-if-foss
- <<: *if-jh
when: never
# We already have `static-analysis as-if-foss` which already runs `lint:eslint:all` if the `pipeline:run-as-if-foss` label is set.
- <<: *if-merge-request-labels-as-if-foss
when: never
- <<: *if-merge-request
changes: *frontend-patterns
@ -644,10 +669,12 @@
rules:
- <<: *if-not-ee
when: never
- <<: *if-jh
when: never
- <<: *if-security-merge-request
changes: *code-qa-patterns
- <<: *if-merge-request-title-as-if-foss
- <<: *if-merge-request-title-run-all-rspec
- <<: *if-merge-request-labels-as-if-foss
- <<: *if-merge-request-labels-run-all-rspec
- <<: *if-merge-request
changes: *ci-patterns
@ -673,12 +700,13 @@
###############
.rails:rules:decomposed-databases:
rules:
- <<: *if-merge-request-run-decomposed
allow_failure: true
- <<: *if-merge-request-labels-run-decomposed
.rails:rules:ee-and-foss-migration:
rules:
- <<: *if-merge-request-title-run-all-rspec
- <<: *if-merge-request-labels-run-all-rspec
- <<: *if-merge-request
changes: *core-backend-patterns
- <<: *if-merge-request
changes: *ci-patterns
- <<: *if-merge-request
@ -695,7 +723,10 @@
when: never
- <<: *if-automated-merge-request
when: never
- <<: *if-merge-request-title-run-all-rspec
- <<: *if-merge-request-labels-run-all-rspec
when: never
- <<: *if-merge-request
changes: *core-backend-patterns
when: never
- <<: *if-merge-request
changes: *ci-patterns
@ -708,7 +739,7 @@
rules:
- <<: *if-merge-request
changes: *db-patterns
- <<: *if-merge-request-title-run-all-rspec
- <<: *if-merge-request-labels-run-all-rspec
.rails:rules:db:gitlabcom-database-testing:
rules:
@ -720,7 +751,9 @@
.rails:rules:ee-and-foss-unit:
rules:
- <<: *if-merge-request-title-run-all-rspec
- <<: *if-merge-request-labels-run-all-rspec
- <<: *if-merge-request
changes: *core-backend-patterns
- <<: *if-merge-request
changes: *ci-patterns
- <<: *if-automated-merge-request
@ -735,7 +768,10 @@
when: never
- <<: *if-automated-merge-request
when: never
- <<: *if-merge-request-title-run-all-rspec
- <<: *if-merge-request-labels-run-all-rspec
when: never
- <<: *if-merge-request
changes: *core-backend-patterns
when: never
- <<: *if-merge-request
changes: *ci-patterns
@ -745,7 +781,9 @@
.rails:rules:ee-and-foss-integration:
rules:
- <<: *if-merge-request-title-run-all-rspec
- <<: *if-merge-request-labels-run-all-rspec
- <<: *if-merge-request
changes: *core-backend-patterns
- <<: *if-merge-request
changes: *ci-patterns
- <<: *if-automated-merge-request
@ -760,7 +798,10 @@
when: never
- <<: *if-automated-merge-request
when: never
- <<: *if-merge-request-title-run-all-rspec
- <<: *if-merge-request-labels-run-all-rspec
when: never
- <<: *if-merge-request
changes: *core-backend-patterns
when: never
- <<: *if-merge-request
changes: *ci-patterns
@ -770,7 +811,9 @@
.rails:rules:ee-and-foss-system:
rules:
- <<: *if-merge-request-title-run-all-rspec
- <<: *if-merge-request-labels-run-all-rspec
- <<: *if-merge-request
changes: *core-backend-patterns
- <<: *if-merge-request
changes: *ci-patterns
- <<: *if-automated-merge-request
@ -785,7 +828,10 @@
when: never
- <<: *if-automated-merge-request
when: never
- <<: *if-merge-request-title-run-all-rspec
- <<: *if-merge-request-labels-run-all-rspec
when: never
- <<: *if-merge-request
changes: *core-backend-patterns
when: never
- <<: *if-merge-request
changes: *ci-patterns
@ -795,7 +841,9 @@
.rails:rules:ee-and-foss-fast_spec_helper:
rules:
- <<: *if-merge-request-title-run-all-rspec
- <<: *if-merge-request-labels-run-all-rspec
- <<: *if-merge-request
changes: *core-backend-patterns
- <<: *if-merge-request
changes: *ci-patterns
- <<: *if-automated-merge-request
@ -810,7 +858,10 @@
when: never
- <<: *if-automated-merge-request
when: never
- <<: *if-merge-request-title-run-all-rspec
- <<: *if-merge-request-labels-run-all-rspec
when: never
- <<: *if-merge-request
changes: *core-backend-patterns
when: never
- <<: *if-merge-request
changes: *ci-patterns
@ -821,13 +872,15 @@
.rails:rules:code-backstage-qa:
rules:
- changes: *code-backstage-qa-patterns
- <<: *if-merge-request-title-run-all-rspec
- <<: *if-merge-request-labels-run-all-rspec
.rails:rules:ee-only-migration:
rules:
- <<: *if-not-ee
when: never
- <<: *if-merge-request-title-run-all-rspec
- <<: *if-merge-request-labels-run-all-rspec
- <<: *if-merge-request
changes: *core-backend-patterns
- <<: *if-merge-request
changes: *ci-patterns
- <<: *if-merge-request
@ -846,7 +899,10 @@
when: never
- <<: *if-automated-merge-request
when: never
- <<: *if-merge-request-title-run-all-rspec
- <<: *if-merge-request-labels-run-all-rspec
when: never
- <<: *if-merge-request
changes: *core-backend-patterns
when: never
- <<: *if-merge-request
changes: *ci-patterns
@ -859,7 +915,9 @@
rules:
- <<: *if-not-ee
when: never
- <<: *if-merge-request-title-run-all-rspec
- <<: *if-merge-request-labels-run-all-rspec
- <<: *if-merge-request
changes: *core-backend-patterns
- <<: *if-merge-request
changes: *ci-patterns
- <<: *if-automated-merge-request
@ -876,7 +934,10 @@
when: never
- <<: *if-automated-merge-request
when: never
- <<: *if-merge-request-title-run-all-rspec
- <<: *if-merge-request-labels-run-all-rspec
when: never
- <<: *if-merge-request
changes: *core-backend-patterns
when: never
- <<: *if-merge-request
changes: *ci-patterns
@ -888,7 +949,9 @@
rules:
- <<: *if-not-ee
when: never
- <<: *if-merge-request-title-run-all-rspec
- <<: *if-merge-request-labels-run-all-rspec
- <<: *if-merge-request
changes: *core-backend-patterns
- <<: *if-merge-request
changes: *ci-patterns
- <<: *if-automated-merge-request
@ -905,7 +968,10 @@
when: never
- <<: *if-automated-merge-request
when: never
- <<: *if-merge-request-title-run-all-rspec
- <<: *if-merge-request-labels-run-all-rspec
when: never
- <<: *if-merge-request
changes: *core-backend-patterns
when: never
- <<: *if-merge-request
changes: *ci-patterns
@ -917,7 +983,9 @@
rules:
- <<: *if-not-ee
when: never
- <<: *if-merge-request-title-run-all-rspec
- <<: *if-merge-request-labels-run-all-rspec
- <<: *if-merge-request
changes: *core-backend-patterns
- <<: *if-merge-request
changes: *ci-patterns
- <<: *if-automated-merge-request
@ -934,7 +1002,10 @@
when: never
- <<: *if-automated-merge-request
when: never
- <<: *if-merge-request-title-run-all-rspec
- <<: *if-merge-request-labels-run-all-rspec
when: never
- <<: *if-merge-request
changes: *core-backend-patterns
when: never
- <<: *if-merge-request
changes: *ci-patterns
@ -946,12 +1017,14 @@
rules:
- <<: *if-not-ee
when: never
- <<: *if-merge-request-title-run-all-rspec
- <<: *if-merge-request-labels-run-all-rspec
- <<: *if-merge-request
changes: *core-backend-patterns
- <<: *if-merge-request
changes: *ci-patterns
- <<: *if-security-merge-request
changes: *db-patterns
- <<: *if-merge-request-title-as-if-foss
- <<: *if-merge-request-labels-as-if-foss
changes: *db-patterns
- <<: *if-automated-merge-request
changes: *db-patterns
@ -966,13 +1039,16 @@
when: never
- <<: *if-automated-merge-request
when: never
- <<: *if-merge-request
changes: *core-backend-patterns
when: never
- <<: *if-merge-request
changes: *ci-patterns
when: never
- <<: *if-security-merge-request
changes: *db-patterns
when: never
- <<: *if-merge-request-title-as-if-foss
- <<: *if-merge-request-labels-as-if-foss
changes: *db-patterns
when: never
@ -980,7 +1056,9 @@
rules:
- <<: *if-not-ee
when: never
- <<: *if-merge-request-title-run-all-rspec
- <<: *if-merge-request-labels-run-all-rspec
- <<: *if-merge-request
changes: *core-backend-patterns
- <<: *if-merge-request
changes: *ci-patterns
- <<: *if-automated-merge-request
@ -989,7 +1067,7 @@
when: never
- <<: *if-security-merge-request
changes: *backend-patterns
- <<: *if-merge-request-title-as-if-foss
- <<: *if-merge-request-labels-as-if-foss
changes: *backend-patterns
.rails:rules:as-if-foss-unit:minimal:
@ -1000,19 +1078,24 @@
when: never
- <<: *if-automated-merge-request
when: never
- <<: *if-merge-request
changes: *core-backend-patterns
when: never
- <<: *if-merge-request
changes: *ci-patterns
when: never
- <<: *if-security-merge-request
changes: *backend-patterns
- <<: *if-merge-request-title-as-if-foss
- <<: *if-merge-request-labels-as-if-foss
changes: *backend-patterns
.rails:rules:as-if-foss-integration:
rules:
- <<: *if-not-ee
when: never
- <<: *if-merge-request-title-run-all-rspec
- <<: *if-merge-request-labels-run-all-rspec
- <<: *if-merge-request
changes: *core-backend-patterns
- <<: *if-merge-request
changes: *ci-patterns
- <<: *if-automated-merge-request
@ -1021,7 +1104,7 @@
when: never
- <<: *if-security-merge-request
changes: *backend-patterns
- <<: *if-merge-request-title-as-if-foss
- <<: *if-merge-request-labels-as-if-foss
changes: *backend-patterns
.rails:rules:as-if-foss-integration:minimal:
@ -1032,19 +1115,24 @@
when: never
- <<: *if-automated-merge-request
when: never
- <<: *if-merge-request
changes: *core-backend-patterns
when: never
- <<: *if-merge-request
changes: *ci-patterns
when: never
- <<: *if-security-merge-request
changes: *backend-patterns
- <<: *if-merge-request-title-as-if-foss
- <<: *if-merge-request-labels-as-if-foss
changes: *backend-patterns
.rails:rules:as-if-foss-system:
rules:
- <<: *if-not-ee
when: never
- <<: *if-merge-request-title-run-all-rspec
- <<: *if-merge-request-labels-run-all-rspec
- <<: *if-merge-request
changes: *core-backend-patterns
- <<: *if-merge-request
changes: *ci-patterns
- <<: *if-automated-merge-request
@ -1053,7 +1141,7 @@
when: never
- <<: *if-security-merge-request
changes: *code-backstage-patterns
- <<: *if-merge-request-title-as-if-foss
- <<: *if-merge-request-labels-as-if-foss
changes: *code-backstage-patterns
.rails:rules:as-if-foss-system:minimal:
@ -1064,24 +1152,27 @@
when: never
- <<: *if-automated-merge-request
when: never
- <<: *if-merge-request
changes: *core-backend-patterns
when: never
- <<: *if-merge-request
changes: *ci-patterns
when: never
- <<: *if-security-merge-request
changes: *code-backstage-patterns
- <<: *if-merge-request-title-as-if-foss
- <<: *if-merge-request-labels-as-if-foss
changes: *code-backstage-patterns
.rails:rules:ee-and-foss-db-library-code:
rules:
- changes: *db-library-patterns
- <<: *if-merge-request-title-run-all-rspec
- <<: *if-merge-request-labels-run-all-rspec
.rails:rules:ee-mr-and-default-branch-only:
rules:
- <<: *if-not-ee
when: never
- <<: *if-merge-request-title-run-all-rspec
- <<: *if-merge-request-labels-run-all-rspec
- <<: *if-merge-request
changes: *code-backstage-patterns
- <<: *if-default-branch-refs
@ -1090,13 +1181,13 @@
.rails:rules:detect-tests:
rules:
- changes: *code-backstage-patterns
- <<: *if-merge-request-title-run-all-rspec
- <<: *if-merge-request-labels-run-all-rspec
.rails:rules:rspec-foss-impact:
rules:
- <<: *if-not-ee
when: never
- <<: *if-merge-request-title-as-if-foss
- <<: *if-merge-request-labels-as-if-foss
when: never
- <<: *if-security-merge-request
changes: *code-backstage-patterns
@ -1105,10 +1196,6 @@
.rails:rules:rspec fail-fast:
rules:
- <<: *if-rspec-fail-fast-disabled
when: never
- <<: *if-rspec-fail-fast-skipped
when: never
- <<: *if-not-ee
when: never
- <<: *if-security-merge-request
@ -1118,10 +1205,6 @@
.rails:rules:fail-pipeline-early:
rules:
- <<: *if-rspec-fail-fast-disabled
when: never
- <<: *if-rspec-fail-fast-skipped
when: never
- <<: *if-not-ee
when: never
- <<: *if-security-merge-request
@ -1136,7 +1219,7 @@
- <<: *if-not-ee
when: never
- <<: *if-default-branch-schedule-nightly
- <<: *if-merge-request-title-run-all-rspec
- <<: *if-merge-request-labels-run-all-rspec
.rails:rules:rspec-coverage:
rules:
@ -1146,7 +1229,7 @@
changes: *code-backstage-patterns
when: always
- <<: *if-default-branch-schedule-2-hourly
- <<: *if-merge-request-title-run-all-rspec
- <<: *if-merge-request-labels-run-all-rspec
when: always
.rails:rules:default-branch-schedule-nightly--code-backstage:
@ -1181,7 +1264,7 @@
rules:
- <<: *if-not-ee
when: never
- <<: *if-merge-request-title-as-if-foss
- <<: *if-merge-request-labels-as-if-foss
changes: *code-backstage-qa-patterns
- <<: *if-security-merge-request
changes: *code-backstage-qa-patterns
@ -1196,7 +1279,7 @@
rules:
- <<: *if-merge-request
changes: ["vendor/gems/mail-smtp_pool/**/*"]
- <<: *if-merge-request-title-run-all-rspec
- <<: *if-merge-request-labels-run-all-rspec
##################
# Releases rules #
@ -1222,75 +1305,76 @@
when: never
- <<: *if-default-refs
changes: *code-backstage-patterns
allow_failure: true
.reports:rules:sast:
.reports:rules:brakeman-sast:
rules:
- if: '$SAST_DISABLED || $GITLAB_FEATURES !~ /\bsast\b/'
- if: $SAST_DISABLED
when: never
- <<: *if-default-refs
changes: *code-backstage-qa-patterns
allow_failure: true
- if: $SAST_EXCLUDED_ANALYZERS =~ /brakeman/
when: never
- changes:
- '**/*.rb'
- '**/Gemfile'
.reports:rules:gosec-sast:
rules:
- if: $SAST_DISABLED
when: never
- if: $SAST_EXCLUDED_ANALYZERS =~ /gosec/
when: never
- changes:
- '**/*.go'
.reports:rules:semgrep-sast:
rules:
- if: $SAST_DISABLED
when: never
- if: $SAST_EXCLUDED_ANALYZERS =~ /semgrep/
when: never
- changes:
- '**/*.py'
- '**/*.js'
- '**/*.jsx'
- '**/*.ts'
- '**/*.tsx'
- '**/*.c'
- '**/*.go'
.reports:rules:secret_detection:
rules:
- if: '$SECRET_DETECTION_DISABLED'
when: never
- if: '$CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH' # The Secret-Detection template already has a `secret_detection_default_branch` job
when: never
- changes: *code-backstage-qa-patterns
allow_failure: true
.reports:rules:gemnasium-dependency_scanning:
rules:
- if: '$DEPENDENCY_SCANNING_DISABLED || $GITLAB_FEATURES !~ /\bdependency_scanning\b/ || $DS_EXCLUDED_ANALYZERS =~ /gemnasium([^-]|$)/'
- if: '$DEPENDENCY_SCANNING_DISABLED || $GITLAB_FEATURES !~ /\bdependency_scanning\b/ || $DS_EXCLUDED_ANALYZERS =~ /gemnasium([^-]|$)/ || $DS_DEFAULT_ANALYZERS !~ /gemnasium([^-]|$)/'
when: never
- <<: *if-default-refs
changes: *dependency-patterns
allow_failure: true
- changes: *dependency-patterns
.reports:rules:bundler-audit-dependency_scanning:
rules:
- if: '$DEPENDENCY_SCANNING_DISABLED || $GITLAB_FEATURES !~ /\bdependency_scanning\b/ || $DS_EXCLUDED_ANALYZERS =~ /bundler-audit/'
- if: '$DEPENDENCY_SCANNING_DISABLED || $GITLAB_FEATURES !~ /\bdependency_scanning\b/ || $DS_EXCLUDED_ANALYZERS =~ /bundler-audit/ || $DS_DEFAULT_ANALYZERS !~ /bundler-audit/'
when: never
- <<: *if-default-refs
changes: *bundler-patterns
allow_failure: true
- changes: *bundler-patterns
.reports:rules:retire-js-dependency_scanning:
rules:
- if: '$DEPENDENCY_SCANNING_DISABLED || $GITLAB_FEATURES !~ /\bdependency_scanning\b/ || $DS_EXCLUDED_ANALYZERS =~ /retire.js/'
- if: '$DEPENDENCY_SCANNING_DISABLED || $GITLAB_FEATURES !~ /\bdependency_scanning\b/ || $DS_EXCLUDED_ANALYZERS =~ /retire.js/ || $DS_DEFAULT_ANALYZERS !~ /retire.js/'
when: never
- <<: *if-default-refs
changes: *nodejs-patterns
allow_failure: true
- changes: *nodejs-patterns
.reports:rules:gemnasium-python-dependency_scanning:
rules:
- if: '$DEPENDENCY_SCANNING_DISABLED || $GITLAB_FEATURES !~ /\bdependency_scanning\b/ || $DS_EXCLUDED_ANALYZERS =~ /gemnasium-python/'
- if: '$DEPENDENCY_SCANNING_DISABLED || $GITLAB_FEATURES !~ /\bdependency_scanning\b/ || $DS_EXCLUDED_ANALYZERS =~ /gemnasium-python/ || $DS_DEFAULT_ANALYZERS !~ /gemnasium-python/'
when: never
- <<: *if-default-refs
changes: *python-patterns
allow_failure: true
.reports:rules:dast:
rules:
- if: '$DAST_DISABLED || $GITLAB_FEATURES !~ /\bdast\b/'
when: never
- <<: *if-dot-com-gitlab-org-merge-request
changes: *frontend-patterns
allow_failure: true
- <<: *if-dot-com-gitlab-org-merge-request
changes: *code-qa-patterns
when: manual
allow_failure: true
- changes: *python-patterns
.reports:rules:schedule-dast:
rules:
- if: '$DAST_DISABLED || $GITLAB_FEATURES !~ /\bdast\b/'
when: never
- <<: *if-dot-com-ee-nightly-schedule
allow_failure: true
- <<: *if-dot-com-ee-nightly-schedule-child-pipeline
.reports:rules:package_hunter-yarn:
rules:
@ -1310,16 +1394,14 @@
.reports:rules:license_scanning:
rules:
- if: '$LICENSE_SCANNING_DISABLED || $GITLAB_FEATURES !~ /\blicense_scanning\b/'
- if: '$LICENSE_MANAGEMENT_DISABLED || $GITLAB_FEATURES !~ /\blicense_scanning\b/'
when: never
- <<: *if-default-refs
changes: *code-backstage-qa-patterns
allow_failure: true
- changes: *code-backstage-qa-patterns
################
# Review rules #
################
.review:rules:review-build-cng:
.review:rules:review-app-pipeline:
rules:
- <<: *if-not-ee
when: never
@ -1336,6 +1418,22 @@
allow_failure: true
- <<: *if-dot-com-gitlab-org-schedule
.review:rules:review-build-cng:
rules:
- <<: *if-not-ee
when: never
- <<: *if-dot-com-gitlab-org-merge-request
changes: *ci-review-patterns
- <<: *if-dot-com-gitlab-org-merge-request
changes: *frontend-patterns
- <<: *if-dot-com-gitlab-org-merge-request
changes: *code-patterns
allow_failure: true
- <<: *if-dot-com-gitlab-org-merge-request
changes: *qa-patterns
allow_failure: true
- <<: *if-dot-com-gitlab-org-schedule-child-pipeline
.review:rules:review-deploy:
rules:
- <<: *if-not-ee
@ -1351,7 +1449,7 @@
- <<: *if-dot-com-gitlab-org-merge-request
changes: *qa-patterns
allow_failure: true
- <<: *if-dot-com-gitlab-org-schedule
- <<: *if-dot-com-gitlab-org-schedule-child-pipeline
allow_failure: true
.review:rules:review-performance:
@ -1368,7 +1466,7 @@
- <<: *if-dot-com-gitlab-org-merge-request
changes: *code-qa-patterns
allow_failure: true
- <<: *if-dot-com-gitlab-org-schedule
- <<: *if-dot-com-gitlab-org-schedule-child-pipeline
allow_failure: true
.review:rules:review-delete-deployment:
@ -1390,7 +1488,7 @@
- <<: *if-dot-com-gitlab-org-merge-request
changes: *code-qa-patterns
allow_failure: true
- <<: *if-dot-com-ee-schedule
- <<: *if-dot-com-ee-schedule-child-pipeline
allow_failure: true
# The rule needs to be duplicated between `on_success` and `on_failure`
@ -1418,9 +1516,9 @@
- <<: *if-dot-com-gitlab-org-merge-request
changes: *code-qa-patterns
when: on_failure
- <<: *if-dot-com-ee-schedule
- <<: *if-dot-com-ee-schedule-child-pipeline
when: on_success
- <<: *if-dot-com-ee-schedule
- <<: *if-dot-com-ee-schedule-child-pipeline
when: on_failure
.review:rules:review-qa-all:
@ -1434,7 +1532,7 @@
- <<: *if-dot-com-gitlab-org-merge-request
changes: *qa-patterns
allow_failure: true
- <<: *if-dot-com-ee-nightly-schedule
- <<: *if-dot-com-ee-nightly-schedule-child-pipeline
allow_failure: true
# The rule needs to be duplicated between `on_success` and `on_failure`
@ -1456,10 +1554,10 @@
changes: *qa-patterns
when: on_failure
allow_failure: true
- <<: *if-dot-com-ee-nightly-schedule
- <<: *if-dot-com-ee-nightly-schedule-child-pipeline
when: on_success
allow_failure: true
- <<: *if-dot-com-ee-nightly-schedule
- <<: *if-dot-com-ee-nightly-schedule-child-pipeline
when: on_failure
allow_failure: true
@ -1471,7 +1569,7 @@
changes: *code-qa-patterns
when: manual
allow_failure: true
- <<: *if-dot-com-gitlab-org-schedule
- <<: *if-dot-com-gitlab-org-schedule-child-pipeline
allow_failure: true
.review:rules:review-stop:
@ -1534,6 +1632,17 @@
changes: *code-backstage-patterns
when: on_success
.setup:rules:add-jh-folder:
rules:
- <<: *if-not-ee
when: never
- <<: *if-jh
when: never
- <<: *if-merge-request-labels-as-if-jh
- <<: *if-merge-request-labels-run-all-rspec
- changes: *code-backstage-qa-patterns
- changes: *startup-css-patterns
#######################
# Test metadata rules #
#######################
@ -1541,7 +1650,7 @@
rules:
- changes: *code-backstage-patterns
when: on_success
- <<: *if-merge-request-title-run-all-rspec
- <<: *if-merge-request-labels-run-all-rspec
.test-metadata:rules:update-tests-metadata:
rules:

16
.gitlab/ci/setup.gitlab-ci.yml
View file

@ -101,3 +101,19 @@ detect-tests as-if-foss:
MATCHED_TESTS_FILE: tmp/matching_foss_tests.txt
before_script:
- '[ "$FOSS_ONLY" = "1" ] && rm -rf ee/ qa/spec/ee/ qa/qa/specs/features/ee/ qa/qa/ee/ qa/qa/ee.rb'
add-jh-folder:
extends: .setup:rules:add-jh-folder
image: ${GITLAB_DEPENDENCY_PROXY}alpine:edge
stage: prepare
before_script:
- apk add --no-cache --update curl bash
script:
- curl --location -o "jh-folder.tar.gz" "https://gitlab.com/gitlab-jh/gitlab/-/archive/main-jh/gitlab-main-jh.tar.gz?path=jh"
- tar -xf "jh-folder.tar.gz"
- mv gitlab-main-jh-jh/jh/ ./
- ls -l jh/
artifacts:
expire_in: 2d
paths:
- jh/

11
.gitlab/ci/static-analysis.gitlab-ci.yml
View file

@ -35,6 +35,17 @@ static-analysis:
paths:
- tmp/feature_flags/
static-analysis-with-database:
extends:
- .static-analysis-base
- .static-analysis:rules:ee-and-foss
- .use-pg12
stage: test
script:
- bundle exec rake lint:static_verification_with_database
variables:
SETUP_DB: "true"
static-analysis as-if-foss:
extends:
- static-analysis

3
.gitlab/ci/test-metadata.gitlab-ci.yml
View file

@ -29,8 +29,7 @@ update-tests-metadata:
- retrieve-tests-metadata
- setup-test-env
- rspec migration pg12
- rspec frontend_fixture
- rspec-ee frontend_fixture
- rspec-all frontend_fixture
- rspec unit pg12
- rspec integration pg12
- rspec system pg12

49
.gitlab/issue_templates/Feature Flag Roll Out.md
View file

@ -24,26 +24,6 @@ Are there any other stages or teams involved that need to be kept in the loop?
- The Delivery Team
-->
## The Rollout Plan
- Partial Rollout on GitLab.com with testing groups
- Rollout on GitLab.com for a certain period (How long)
- Percentage Rollout on GitLab.com
- Rollout Feature for everyone as soon as it's ready
<!-- Which dashboards from https://dashboards.gitlab.net are most relevant? Sentry errors reports can also be useful to review -->
## Testing Groups/Projects/Users
<!-- If applicable, any groups/projects that are happy to have this feature turned on early. Some organizations may wish to test big changes they are interested in with a small subset of users ahead of time for example. -->
- `gitlab-org/gitlab` project
- `gitlab-org/gitlab-foss` project
- `gitlab-com/www-gitlab-com` project
- `gitlab-org`/`gitlab-com` groups
- ...
## Expectations
### What are we expecting to happen?
@ -62,17 +42,30 @@ Are there any other stages or teams involved that need to be kept in the loop?
### Rollout on non-production environments
- [ ] Ensure that the feature MRs have been deployed to non-production environments.
- Ensure that the feature MRs have been deployed to non-production environments.
- [ ] `/chatops run auto_deploy status <merge-commit-of-your-feature>`
- [ ] Enable the feature globally on non-production environments.
- [ ] `/chatops run feature set <feature-flag-name> true --dev`
- [ ] `/chatops run feature set <feature-flag-name> true --staging`
- [ ] Verify that the feature works as expected. Posting the QA result in this issue is preferable.
### Preparation before production rollout
### Specific rollout on production
- [ ] Ensure that the feature MRs have been deployed to both production and canary.
- Ensure that the feature MRs have been deployed to both production and canary.
- [ ] `/chatops run auto_deploy status <merge-commit-of-your-feature>`
- If you're using [project-actor](https://docs.gitlab.com/ee/development/feature_flags/#feature-actors), you must enable the feature on these entries:
- [ ] `/chatops run feature set --project=gitlab-org/gitlab <feature-flag-name> true`
- [ ] `/chatops run feature set --project=gitlab-org/gitlab-foss <feature-flag-name> true`
- [ ] `/chatops run feature set --project=gitlab-com/www-gitlab-com <feature-flag-name> true`
- If you're using [group-actor](https://docs.gitlab.com/ee/development/feature_flags/#feature-actors), you must enable the feature on these entries:
- [ ] `/chatops run feature set --group=gitlab-org <feature-flag-name> true`
- [ ] `/chatops run feature set --group=gitlab-com <feature-flag-name> true`
- If you're using [user-actor](https://docs.gitlab.com/ee/development/feature_flags/#feature-actors), you must enable the feature on these entries:
- [ ] `/chatops run feature set --user=<your-username> <feature-flag-name> true`
- [ ] Verify that the feature works on the specific entries. Posting the QA result in this issue is preferable.
### Preparation before global rollout
- [ ] Check if the feature flag change needs to be accompanied with a
[change management issue](https://about.gitlab.com/handbook/engineering/infrastructure/change-management/#feature-flags-and-the-change-management-process).
Cross link the issue here if it does.
@ -86,19 +79,13 @@ Are there any other stages or teams involved that need to be kept in the loop?
All `/chatops` commands that target production should be done in the `#production` slack channel for visibility.
- [ ] Confirm the feature flag is enabled on `staging` without incident
- [ ] Roll out the feature to targeted testing projects/groups first
- [ ] `/chatops run feature set --project=gitlab-org/gitlab <feature-flag-name> true`
- [ ] `/chatops run feature set --project=gitlab-org/gitlab-foss <feature-flag-name> true`
- [ ] `/chatops run feature set --project=gitlab-com/www-gitlab-com <feature-flag-name> true`
- [ ] [Incrementally roll out](https://docs.gitlab.com/ee/development/feature_flags/controls.html#process) the feature.
- If the feature flag in code has [an actor](https://docs.gitlab.com/ee/development/feature_flags/#feature-actors), perform **actor-based** rollout.
- [ ] `/chatops run feature set <feature-flag-name> <rollout-percentage> --actors`
- If the feature flag in code does **NOT** have [an actor](https://docs.gitlab.com/ee/development/feature_flags/#feature-actors), perform time-based rollout (**random** rollout).
- [ ] `/chatops run feature set <feature-flag-name> <rollout-percentage>`
- [ ] Verify the change has the desired outcome with the limited rollout before enabling the feature globally on production.
- [ ] Enable the feature globally on production environment. `/chatops run feature set <feature-flag-name> true`
- Enable the feature globally on production environment.
- [ ] `/chatops run feature set <feature-flag-name> true`
- [ ] Announce on [the feature issue](ISSUE LINK) that the feature has been globally enabled.
- [ ] Wait for [at least one day for the verification term](https://about.gitlab.com/handbook/product-development-flow/feature-flag-lifecycle/#including-a-feature-behind-feature-flag-in-the-final-release).

2
.gitlab/issue_templates/Geo Replicate a new Git repository type.md
View file

@ -109,7 +109,7 @@ Geo secondary sites have a [Geo tracking database](https://gitlab.com/gitlab-org
bin/rake geo:db:migrate
```
- [ ] Be sure to commit the relevant changes in `ee/db/geo/schema.rb`
- [ ] Be sure to commit the relevant changes in `ee/db/geo/structure.sql`
### Add verification state fields on the Geo primary site

2
.gitlab/issue_templates/Geo Replicate a new blob type.md
View file

@ -110,7 +110,7 @@ Geo secondary sites have a [Geo tracking database](https://gitlab.com/gitlab-org
bin/rake geo:db:migrate
```
- [ ] Be sure to commit the relevant changes in `ee/db/geo/schema.rb`
- [ ] Be sure to commit the relevant changes in `ee/db/geo/structure.sql`
### Add verification state fields on the Geo primary site

3
.gitlab/issue_templates/Navigation - Left Sidebar Proposals.md
View file

@ -8,8 +8,7 @@
- [ ] If your proposal includes changes to the top-level menu items within the left sidebar, engage the [Foundations Product Design Manager](https://about.gitlab.com/handbook/product/categories/#foundations-group) for approval. The Foundations DRI will work with UX partners in product design, research, and technical writing, as applicable.
- [ ] Follow the [product development workflow](https://about.gitlab.com/handbook/product-development-flow/#validation-phase-2-problem-validation) validation process to ensure you are solving a well understood problem and that the proposed change is understandable and non-disruptive to users. Navigation-specific research is strongly encouraged.
- [ ] Engage the [Editor](https://about.gitlab.com/handbook/engineering/development/dev/create-editor/) team to ensure your proposal is in alignment with holistic changes happening to the left side bar.
- [ ] Engage the [Foundations](https://about.gitlab.com/handbook/product/categories/#foundations-group) team to ensure your proposal is in alignment with holistic changes happening to the left side bar.
- [ ] Consider whether you need to communicate the change somehow, or if you will have an interim period in the UI where your nav item will live in more than one place.
- [ ] Once implemented, update this [navigation map in Mural](https://app.mural.co/t/gitlab2474/m/gitlab2474/1589571490215/261462d0beb3043979374623710d3f2d6cfec1cb) with your navigation change.
/label ~UX ~"UI text" ~"documentation" ~"documentation" ~"Category:Navigation & Settings" ~"Category:Foundations" ~navigation

82
.gitlab/merge_request_templates/Deprecations.md Normal file
View file

@ -0,0 +1,82 @@
<!-- Set the correct label and milestone using autocomplete for guidance. Please @mention only the DRI(s) for each stage or group rather than an entire department. -->
/label ~"release post" ~"release post item" ~"Technical Writing" ~"devops::" ~"group::"
/milestone %
/assign `@PM`
**Be sure to link this MR to the relevant deprecation issue(s).**
**By the 10th**: Assign this MR to these team members as Reviewer and for Approval (optional unless noted as required):
- Product Marketing: `@PMM`
- Product Designer(s): `@ProductDesigners`
- Group Manager or Director: `@manager`
- Engineering Manager: `@EM` - Required
**By 8:00 AM PDT 15th**: PM will assign this MR to the TW reviewer: `@PM`
**By 11:59 PM PDT 15th**: TW Reviewer will perform final review and merge this MR to Master: `@TW`
---
Please review the [guidelines for deprecations](https://about.gitlab.com/handbook/marketing/blog/release-posts/#deprecations),
as well as the process for [creating a deprecation entry](https://about.gitlab.com/handbook/marketing/blog/release-posts/#creating-a-deprecation-entry).
They are frequently updated, and everyone should make sure they are aware of the current standards (PM, PMM, EM, and TW).
## Links
- Deprecation Issue:
- Deprecation MR (optional):
## PM release post item checklist
- [ ] Set yourself as the Assignee.
- [ ] Follow the process to [create a deprecation YAML file](https://about.gitlab.com/handbook/marketing/blog/release-posts/#creating-a-deprecation-entry).
- [ ] Add reviewers by the 10th
- [ ] When ready to be merged and not later than the 15th, add the ~ready label and @ message the TW for final review and merge.
## Reviewers
When the content is ready for review, it must be reviewed by Technical Writer and Engineering Manager, but can also be reviewed by
Product Marketing, Product Design, and the Product Leaders for this area. Please use the
[Reviewers for Merge Requests](https://docs.gitlab.com/ee/user/project/merge_requests/getting_started#reviewer)
feature for all reviews. Reviewers will then `approve` the MR and remove themselves from Reviewers when their review is complete.
- [ ] (Recommended) PMM
- [ ] (Optional) Product Designer
- [ ] (Optional) Group Manager or Director
- [ ] Required review and approval: [Technical Writer designated to the corresponding DevOps stage/group](https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments).
### Tech writer review
After being added as a Reviewer to this merge request, the TW performs their review
according to the criteria described below.
Review deprecation MRs with a similar process as regular docs MRs. Add suggestions
as needed, @ message the PM to inform them the first review is complete, and remove
yourself as a reviewer if it's not ready for merge yet.
<details>
<summary>Expand for Details </summary>
- [ ] Title:
- Length limit: 7 words (not including articles or prepositions).
- Capitalization: ensure the title is [sentence cased](https://design.gitlab.com/content/punctuation#case).
- No Markdown `` `code` `` formatting in the title, as it doesn't render correctly in the release post.
- [ ] Consistency:
- Ensure that all resources (docs, deprecation, etc.) refer to the feature with the same term / feature name.
- [ ] Content:
- Make sure the deprecation is accurate based on your understanding. Look for typos or grammar mistakes. Work with PM and PMM to ensure a consistent GitLab style and tone for messaging, based on other features and deprecations.
- Review use of whitespace and bullet lists. Will the deprecation item be easily scannable when published? Consider adding line breaks or breaking content into bullets if you have more than a few sentences.
- Make sure there aren't acronyms readers may not understand per <https://about.gitlab.com/handbook/communication/#writing-style-guidelines>.
- [ ] Links:
- All links must be full URLs, as the deprecation YAML files are used in two different projects. Do not use relative links. The generated doc is an exception to the relative link rule and currently uses absolute links only.
- Make sure all links and anchors are correct. Do not link to the H1 (top) anchor on a docs page.
- [ ] Code. Make sure any included code is wrapped in code blocks.
- [ ] Capitalization. Make sure to capitalize feature names. Stay consistent with the Documentation Style Guidance on [Capitalization](https://docs.gitlab.com/ee/development/documentation/styleguide.html#capitalization).
- [ ] Blank spaces. Remove unnecessary spaces (end of line spaces, double spaces, extra blank lines, and lines with only spaces).
</details>
When the PM indicates it is ready for merge, all issues have been addressed merge this MR.
- You must merge this MR by the 15th so the Release Post TW lead can run the [deprecations in Docs rake task](https://about.gitlab.com/handbook/marketing/blog/release-posts/#update-the-deprecations-doc) on the 16th

10
.gitpod.yml
View file

@ -16,8 +16,7 @@ tasks:
# GitLab
[[ -d /workspace/gitlab ]] && ln -fs /workspace/gitlab /workspace/gitlab-development-kit/gitlab
mv /workspace/gitlab-development-kit/secrets.yml /workspace/gitlab-development-kit/gitlab/config
# update gdk.yml
gdk config set gitlab.rails.hostname $(gp url 3000 | sed -e 's+^http[s]*://++')
# ensure gdk.yml has correct instance settings
gdk config set gitlab.rails.port 443
gdk config set gitlab.rails.https.enabled true
# reconfigure GDK
@ -42,6 +41,13 @@ tasks:
echo "$(date) Updating GDK" | tee -a /workspace/startup.log
gdk update
fi
# ensure gdk.yml has correct instance settings
gdk config set gitlab.rails.hostname $(gp url 3000 | sed -e 's+^http[s]*://++')
gdk config set gitlab.rails.port 443
gdk config set gitlab.rails.https.enabled true
# reconfigure GDK
echo "$(date) Reconfiguring GDK" | tee -a /workspace/startup.log
gdk reconfigure
# start GDK
echo "$(date) Starting GDK" | tee -a /workspace/startup.log
export DEV_SERVER_PUBLIC_ADDR=$(gp url 3808)

1
.rubocop.yml
View file

@ -28,7 +28,6 @@ AllCops:
- 'node_modules/**/*'
- 'db/fixtures/**/*'
- 'db/schema.rb'
- 'ee/db/geo/schema.rb'
- 'tmp/**/*'
- 'bin/**/*'
- 'generator_templates/**/*'

10
.rubocop_manual_todo.yml
View file

@ -296,7 +296,6 @@ Rails/TimeZone:
- 'spec/lib/gitlab/graphql_logger_spec.rb'
- 'spec/lib/gitlab/graphs/commits_spec.rb'
- 'spec/lib/gitlab/import_export/project/relation_factory_spec.rb'
- 'spec/lib/gitlab/instrumentation_helper_spec.rb'
- 'spec/lib/gitlab/json_logger_spec.rb'
- 'spec/lib/gitlab/lfs_token_spec.rb'
- 'spec/lib/gitlab/log_timestamp_formatter_spec.rb'
@ -384,10 +383,8 @@ RSpec/TimecopFreeze:
- 'spec/lib/gitlab/checks/timed_logger_spec.rb'
- 'spec/lib/gitlab/cycle_analytics/stage_summary_spec.rb'
- 'spec/lib/gitlab/cycle_analytics/usage_data_spec.rb'
- 'spec/lib/gitlab/instrumentation_helper_spec.rb'
- 'spec/lib/gitlab/omniauth_logging/json_formatter_spec.rb'
- 'spec/lib/gitlab/puma_logging/json_formatter_spec.rb'
- 'spec/lib/gitlab/sidekiq_logging/structured_logger_spec.rb'
- 'spec/lib/json_web_token/hmac_token_spec.rb'
- 'spec/tooling/rspec_flaky/flaky_example_spec.rb'
- 'spec/tooling/rspec_flaky/listener_spec.rb'
@ -744,7 +741,6 @@ RSpec/AnyInstanceOf:
- 'spec/policies/ci/pipeline_policy_spec.rb'
- 'spec/presenters/gitlab/blame_presenter_spec.rb'
- 'spec/presenters/merge_request_presenter_spec.rb'
- 'spec/requests/api/api_spec.rb'
- 'spec/requests/api/ci/runner/jobs_artifacts_spec.rb'
- 'spec/requests/api/ci/runner/jobs_put_spec.rb'
- 'spec/requests/api/ci/runner/jobs_request_post_spec.rb'
@ -1769,7 +1765,6 @@ Gitlab/NamespacedClass:
- 'app/workers/pages_domain_ssl_renewal_worker.rb'
- 'app/workers/pages_domain_verification_cron_worker.rb'
- 'app/workers/pages_domain_verification_worker.rb'
- 'app/workers/pages_remove_worker.rb'
- 'app/workers/pages_transfer_worker.rb'
- 'app/workers/pages_update_configuration_worker.rb'
- 'app/workers/pages_worker.rb'
@ -2589,13 +2584,9 @@ Rails/IncludeUrlHelper:
- 'app/models/integrations/youtrack.rb'
- 'app/presenters/alert_management/alert_presenter.rb'
- 'app/presenters/ci/pipeline_presenter.rb'
- 'app/presenters/clusters/cluster_presenter.rb'
- 'app/presenters/environment_presenter.rb'
- 'app/presenters/gitlab/blame_presenter.rb'
- 'app/presenters/group_clusterable_presenter.rb'
- 'app/presenters/instance_clusterable_presenter.rb'
- 'app/presenters/merge_request_presenter.rb'
- 'app/presenters/project_clusterable_presenter.rb'
- 'app/presenters/project_presenter.rb'
- 'app/presenters/prometheus_alert_presenter.rb'
- 'app/presenters/release_presenter.rb'
@ -2607,7 +2598,6 @@ Rails/IncludeUrlHelper:
- 'ee/spec/lib/banzai/filter/cross_project_issuable_information_filter_spec.rb'
- 'ee/spec/lib/banzai/filter/issuable_state_filter_spec.rb'
- 'lib/gitlab/ci/badge/metadata.rb'
- 'lib/gitlab/email/message/in_product_marketing/helper.rb'
- 'spec/helpers/merge_requests_helper_spec.rb'
- 'spec/helpers/nav/top_nav_helper_spec.rb'
- 'spec/helpers/notify_helper_spec.rb'

1
.stylelintrc
View file

@ -13,6 +13,7 @@
"./scripts/frontend/stylelint/stylelint-utility-classes.js",
],
"rules":{
"at-rule-disallowed-list": ["extend"],
"max-nesting-depth": [
3,
{

515
CHANGELOG.md
View file

@ -2,23 +2,428 @@
documentation](doc/development/changelog.md) for instructions on adding your own
entry.
## 14.3.4 (2021-10-28)
## 14.4.2 (2021-11-08)
### Fixed (3 changes)
- [Skip retrying for reads on connection errors if primary only](gitlab-org/gitlab@8e1976ed75bd6c606d49c83863cf46bf3c4d5070) ([merge request](gitlab-org/gitlab!73919))
- [Fix error 500 loading branch with UTF-8 characters with performance bar](gitlab-org/gitlab@67ddc428472d57bb3d8a4a84eb0750487a175f75) ([merge request](gitlab-org/gitlab!73919))
- [Skip st_diff callback setting on LegacyDiffNote when importing](gitlab-org/gitlab@84f5c66321473cd702b3b671584054fcf3d141ae) ([merge request](gitlab-org/gitlab!73919))
### Changed (1 change)
- [Remove skip_legacy_diff_note_callback_on_import from legacy diff note](gitlab-org/gitlab@547a2ec29ea9e9299eab727899c3d90886ffc21c) ([merge request](gitlab-org/gitlab!73919))
### Performance (1 change)
- [Prevent Sidekiq size limiter middleware from running multiple times on the same job](gitlab-org/gitlab@294c01be38d400607536fb20a2038e098c0f0e28) ([merge request](gitlab-org/gitlab!73919))
## 14.4.1 (2021-10-28)
### Security (13 changes)
- [Highlight usage of unicode bidi characters](gitlab-org/security/gitlab@0b9bcafa73bc12ad873f75584b993f7b94f1f2e7) ([merge request](gitlab-org/security/gitlab!1938))
- [Fix dompurify.js to prevent path traversal attacks](gitlab-org/security/gitlab@6599afd4d7357ab356fcb773af19f8388978b3ed) ([merge request](gitlab-org/security/gitlab!1930))
- [Refresh authorizations on transfer of groups having project shares](gitlab-org/security/gitlab@faad71f44a1b1048b73897d450c923a18ec18c0b) ([merge request](gitlab-org/security/gitlab!1917))
- [Do not allow Applications API to create apps with blank scopes](gitlab-org/security/gitlab@293931500c84ef7ea9a2117d3ddf094f8ac15dcf) ([merge request](gitlab-org/security/gitlab!1923))
- [Don't allow author to resolve discussions when MR is locked via GraphQL](gitlab-org/security/gitlab@5027cb2b0303645a921b95d324d3d55dcf7632e4) ([merge request](gitlab-org/security/gitlab!1920))
- [Workhorse: Allow uploading only a single file](gitlab-org/security/gitlab@c18c2ddfa34a4c3e476136ab3eba9be7f265ad59) ([merge request](gitlab-org/security/gitlab!1914))
- [Group owners should see SCIM token only once](gitlab-org/security/gitlab@3d6664461da720fb256d8e139961b383e33a3b90) ([merge request](gitlab-org/security/gitlab!1907)) **GitLab Enterprise Edition**
- [Respect visibility level settings when updating project via API](gitlab-org/security/gitlab@124ca62c02bfa8ef6f7de7b328f80756fd01c052) ([merge request](gitlab-org/security/gitlab!1904))
- [Avoid decoding the whole tiff image on isTIFF check](gitlab-org/security/gitlab@8e6ffd52f50170a5cf2761e50a3d6efaca5fe64f) ([merge request](gitlab-org/security/gitlab!1900))
- [Adding a '[redacted]' to mask private email addresses](gitlab-org/security/gitlab@6f2a2b2240eb7590bbc773f35d3927d4854a31b5) ([merge request](gitlab-org/security/gitlab!1894))
- [Do not display the root password by default](gitlab-org/security/gitlab@87893548183fc4a111e12c0bdb3e409175a41668) ([merge request](gitlab-org/security/gitlab!1803))
- [Set PipelineSchedules to inactive](gitlab-org/security/gitlab@0e77e1cd938f876f3e9c049a84486c8c90cd0f3f) ([merge request](gitlab-org/security/gitlab!1879))
- [Remove external_webhook_token from exported project](gitlab-org/security/gitlab@1362f7481aad5e4295da11f0db53e31600c7c7b5) ([merge request](gitlab-org/security/gitlab!1866))
- [Highlight usage of unicode bidi characters](gitlab-org/security/gitlab@cef762a270783780112c7bf318e353a39de1aa1e) ([merge request](gitlab-org/security/gitlab!1937))
- [Fix dompurify.js to prevent path traversal attacks](gitlab-org/security/gitlab@9a891cbe465a302f260f0f81fc490cacb9e8c70e) ([merge request](gitlab-org/security/gitlab!1929))
- [Refresh authorizations on transfer of groups having project shares](gitlab-org/security/gitlab@bdf8b6e90d0a1f719c0f389f29ea5dc41c22f119) ([merge request](gitlab-org/security/gitlab!1916))
- [Adding a '[redacted]' to mask private email addresses](gitlab-org/security/gitlab@324fe6286b266c3990676bc93b3f6ab03eea5f6b) ([merge request](gitlab-org/security/gitlab!1927))
- [Do not allow Applications API to create apps with blank scopes](gitlab-org/security/gitlab@4e2c4d2a88acf7167e1078e8a27679545ab90c9c) ([merge request](gitlab-org/security/gitlab!1922))
- [Don't allow author to resolve discussions when MR is locked via GraphQL](gitlab-org/security/gitlab@34ffcb55a70ad6db38292f79fe73c05fb2655738) ([merge request](gitlab-org/security/gitlab!1919))
- [Workhorse: Allow uploading only a single file](gitlab-org/security/gitlab@0aee710db4bbab84c78b9e38f459bfca606aaf80) ([merge request](gitlab-org/security/gitlab!1913))
- [Set PipelineSchedules to inactive](gitlab-org/security/gitlab@de405edc9de4519656675ed6825534aac6b738da) ([merge request](gitlab-org/security/gitlab!1911))
- [Do not display the root password by default](gitlab-org/security/gitlab@138a62f89ce6616d63e3cf18eeda291a380b9ebc) ([merge request](gitlab-org/security/gitlab!1909))
- [Group owners should see SCIM token only once](gitlab-org/security/gitlab@43d19f580543d0203b1d841f921536474ca4be38) ([merge request](gitlab-org/security/gitlab!1906)) **GitLab Enterprise Edition**
- [Respect visibility level settings when updating project via API](gitlab-org/security/gitlab@f96258f3622cf72b46158f22c4660ff60a2c25ae) ([merge request](gitlab-org/security/gitlab!1903))
- [Avoid decoding the whole tiff image on isTIFF check](gitlab-org/security/gitlab@b93683df51ce85f909d5072ec2a0e7756d64038e) ([merge request](gitlab-org/security/gitlab!1899))
- [Remove external_webhook_token from exported project](gitlab-org/security/gitlab@874aa74a23fc3c44f390500bc8379c30ebc51452) ([merge request](gitlab-org/security/gitlab!1872))
## 14.4.0 (2021-10-21)
### Added (79 changes)
- [Upgrade GitLab Pages to 1.46.0](gitlab-org/gitlab@e606ddc078a2fe55658abb33924fac5699376953) ([merge request](gitlab-org/gitlab!72383))
- [Support math expressions in the Content Editor](gitlab-org/gitlab@3e60388da219b0b33fa032f50bf087fd5b7845c0) ([merge request](gitlab-org/gitlab!72153))
- [Add Reviewer names](gitlab-org/gitlab@925c1246984a33b4c408848298dc544757656499) ([merge request](gitlab-org/gitlab!72244))
- [Geo: Enable Upload replication using SSF by default](gitlab-org/gitlab@99543ee585f7f35f84f19e08b2ccba6428341a2b) ([merge request](gitlab-org/gitlab!72199)) **GitLab Enterprise Edition**
- [Add username attribute support for GitLab.com Group SAML SSO](gitlab-org/gitlab@085254b32ebdb6269636c774de9d88cbabc5bed9) ([merge request](gitlab-org/gitlab!72134)) **GitLab Enterprise Edition**
- [Expose issue contacts via GraphQL](gitlab-org/gitlab@2dc68a486afeffd1b64b78fcbeae537c030d7dfa) by @leetickett ([merge request](gitlab-org/gitlab!71889))
- [Add source instance version validation for project](gitlab-org/gitlab@44c33c0ceb7c4507c94f1c7fda5811d81d5fdf9c) ([merge request](gitlab-org/gitlab!71423))
- [Add top-level GraphQL query for single board list](gitlab-org/gitlab@2740bda696e362f7fd92f567b3e13f063b6677cf) ([merge request](gitlab-org/gitlab!67909))
- [Allow to setup Documentation pages URL for help pages redirects](gitlab-org/gitlab@3f3566ab09ce35ac3a636a22e65e40927e63cab9) ([merge request](gitlab-org/gitlab!71737))
- [DevOps Adoption: Add "trend over time" graph](gitlab-org/gitlab@ef874e312ca65ed14101c41d09e69bfa9869a19e) ([merge request](gitlab-org/gitlab!70518)) **GitLab Enterprise Edition**
- [Improve data zoom on contribution analytics](gitlab-org/gitlab@13d202a2f08fb7c45ebfa475ab258d20b68bc982) ([merge request](gitlab-org/gitlab!72004)) **GitLab Enterprise Edition**
- [Add cluster_image_scanning CI parser to update location data](gitlab-org/gitlab@c28d8ab7e6367258ddfbbeb25e0492c0a324c6f7) ([merge request](gitlab-org/gitlab!71794)) **GitLab Enterprise Edition**
- [Enable on-demand scans scheduler](gitlab-org/gitlab@fff487ba8404497c28f547c13f6322adf05ea6b5) ([merge request](gitlab-org/gitlab!72097)) **GitLab Enterprise Edition**
- [Add EE variant of Resolvers::ProjectPipelinesResolver](gitlab-org/gitlab@a463cdfb92c0b65fcbf1f88ac5fe967fb8dd8458) ([merge request](gitlab-org/gitlab!69983)) **GitLab Enterprise Edition**
- [Implement PostUploadPackWithSidechannel client in Workhorse](gitlab-org/gitlab@c82a66e14df6a61d7a72a5c91e63ec3829f9f1f2) ([merge request](gitlab-org/gitlab!71047))
- [Introduce status column for the security_scans table and populate it](gitlab-org/gitlab@82ca4611de10d84e3f71d5a53e2adb0f56600308) ([merge request](gitlab-org/gitlab!71944))
- [Add contact update mutation to GraphQL](gitlab-org/gitlab@36e00a538964c38997cc4ead8e6e405bfde60237) by @leetickett ([merge request](gitlab-org/gitlab!71866))
- [Add support for load balancing multiple databases](gitlab-org/gitlab@771f94fc7fac48a353c66eab22bc25ccd6f18d54) ([merge request](gitlab-org/gitlab!67773))
- [Admin: listing matching card details of an user](gitlab-org/gitlab@74e3fc25beeb3bbc142864df192acad845d73407) ([merge request](gitlab-org/gitlab!71533)) **GitLab Enterprise Edition**
- [Import repository with project migration](gitlab-org/gitlab@a6d2a4297a26c72f1168c9713085d8b324487648) ([merge request](gitlab-org/gitlab!70326))
- [Graceful degradation for Branches controller](gitlab-org/gitlab@ac36712c9e89441b21fbdf391d70a2ae31df384f) ([merge request](gitlab-org/gitlab!70970))
- [Add ability to set iteration on issue creation via GraphQL API](gitlab-org/gitlab@8821ec56982cbec2503d862f2684231048666647) ([merge request](gitlab-org/gitlab!71689)) **GitLab Enterprise Edition**
- [Avoid cross-joins in PipelinesForMergeRequestFinder](gitlab-org/gitlab@4e95bcd85840bda5a60a93096eec2235a10f0677) ([merge request](gitlab-org/gitlab!68549))
- [Remove ci_resource_group_process_modes feature flag](gitlab-org/gitlab@7eb40a877b386f3c2f097e0fe22e592763b61d9b) ([merge request](gitlab-org/gitlab!71365))
- [Add customer relations contact create mutation](gitlab-org/gitlab@78cd670bfc5605de4ee906e5074b25c8f10e4e75) by @leetickett ([merge request](gitlab-org/gitlab!70733))
- [Sync requirement and requirement issues state](gitlab-org/gitlab@5b06b0d63227ebf8f7ba8e59ba4f4af3c528037a) ([merge request](gitlab-org/gitlab!70607)) **GitLab Enterprise Edition**
- [Keep credit card non-sensitive info](gitlab-org/gitlab@b5381bcab8271401dda80323ef44a8f18887d159) ([merge request](gitlab-org/gitlab!71171)) **GitLab Enterprise Edition**
- [Subscriptions hand raise lead API client](gitlab-org/gitlab@cd0ad142152f07acd5d50439ac7b58a89a84f8b4) ([merge request](gitlab-org/gitlab!71723)) **GitLab Enterprise Edition**
- [Add metric for users associating milestones to releases](gitlab-org/gitlab@bf999ff05c4d3f47aea31fd87a6bd1d6dcda0a0a) ([merge request](gitlab-org/gitlab!71287))
- [Add meta data in user_credit_card_validations](gitlab-org/gitlab@0d08d597a30d1cd8e73f78fc3b64ad79418aa3e3) ([merge request](gitlab-org/gitlab!71032))
- [Link to a search for feature flag name in project](gitlab-org/gitlab@8d1c153c04b54f1710596d523ea46880a9851eb2) ([merge request](gitlab-org/gitlab!70417)) **GitLab Enterprise Edition**
- [Add includeSubepics argument to issue filters in GraphQL](gitlab-org/gitlab@5a913e8455e9881be20c73c095bb077c7655acfb) ([merge request](gitlab-org/gitlab!71610)) **GitLab Enterprise Edition**
- [Warn users of impacted escalation policies on leave/delete](gitlab-org/gitlab@de25310c6c6a987003bb1c3948f7713960af917a) ([merge request](gitlab-org/gitlab!69411)) **GitLab Enterprise Edition**
- [Add confidential issues filtering for GraphQL API](gitlab-org/gitlab@733862877c48d3666d85922b956de186f6d93305) ([merge request](gitlab-org/gitlab!71355))
- [Measure Sidekiq enqueue latency for scheduled jobs](gitlab-org/gitlab@c4c42d29cf4c33d913479ebcb916a4fdf45ab002) ([merge request](gitlab-org/gitlab!71615))
- [Add ability to set iteration on issue creation via GraphQL API](gitlab-org/gitlab@25b287bfee614a0b8844a5ecf62ac26173327ea2) ([merge request](gitlab-org/gitlab!70007)) **GitLab Enterprise Edition**
- [Add issue_customer_relations_contacts linking table](gitlab-org/gitlab@3f6597a9aa88e023223d0f91e633be2d54ca99e9) by @leetickett ([merge request](gitlab-org/gitlab!71007))
- [Add config field gitlab_kas.external_k8s_proxy_url](gitlab-org/gitlab@e0137111fbbd28316f38da30075aba641e702b98) ([merge request](gitlab-org/gitlab!71512))
- [Add DependencyProxySettings mutation](gitlab-org/gitlab@e2d7d722887c8a6edc2b52a1e8871bce4781c4a2) ([merge request](gitlab-org/gitlab!71274))
- [Added feature flag to show terraform banner](gitlab-org/gitlab@361e943b17924bbc14b26a2d8e1864d9c234c670) ([merge request](gitlab-org/gitlab!71462))
- [Promote jobs_to_be_done experiment](gitlab-org/gitlab@26781e4305c97d64a9dc9bf2c1dd31702bff9daf) ([merge request](gitlab-org/gitlab!71122))
- [Feat(Cloud Activation Form Modal): loading button](gitlab-org/gitlab@67403800753894384f77f603a2b0bc5587ccd77f) ([merge request](gitlab-org/gitlab!71385)) **GitLab Enterprise Edition**
- [Return runner webUrl via GraphQL API](gitlab-org/gitlab@f708096867cabf5829119cd4d83c902fa24b5c8b) ([merge request](gitlab-org/gitlab!70692))
- [Add option of 60 days to container image expiration policy](gitlab-org/gitlab@c7be549c5f1727b474ff91212a42216f3115181f) by @pataar ([merge request](gitlab-org/gitlab!70148))
- [Add missing keywords to CI schema](gitlab-org/gitlab@f1d0f6edadb5c20ab20efe0637e3698adc5ba2b5) ([merge request](gitlab-org/gitlab!70779))
- [BulkImports: Handle network errors](gitlab-org/gitlab@337e284574a89bfb67d82a567152d7651814a976) ([merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/68582))
- [Add sorting to DA overview table](gitlab-org/gitlab@87145f1c815d2c5f6e46270e108dbdda0c45b80a) ([merge request](gitlab-org/gitlab!70937)) **GitLab Enterprise Edition**
- [Document how to migrate off Gitaly Cluster](gitlab-org/gitlab@855db4a1816db79cd3d48c75597a48e3f55ac6b5) ([merge request](gitlab-org/gitlab!71223))
- [Make it possible to define custom request duration thresholds](gitlab-org/gitlab@5c52eddb1487a2876f0589affaf8a746ff84b3e9) ([merge request](gitlab-org/gitlab!69877))
- [Implement rate-limiting for a deprecated API endpoint](gitlab-org/gitlab@5b9e642e5b591fa0cc5bbbddc18530cafa4e1c22) ([merge request](gitlab-org/gitlab!70310))
- [Extend EE::Types::Ci::PipelineType with dast_profile](gitlab-org/gitlab@ea048ea3ab508a3d7f573adb0ee978f0cf1325fe) ([merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/69808)) **GitLab Enterprise Edition**
- [Add `links` and `message` field to VulnerabilityType](gitlab-org/gitlab@3360a18c7fa4ae8a4b452b86ca8adb21454f73d1) ([merge request](gitlab-org/gitlab!71207)) **GitLab Enterprise Edition**
- [Allow relate quick action on issue create](gitlab-org/gitlab@763d5577565ce9b14d99b87577a9ac17b95fbb7f) ([merge request](gitlab-org/gitlab!71193))
- [Allow plus character in project names](gitlab-org/gitlab@22714f512393017b538b8995ecb270c12deeddbd) by @lzampier ([merge request](gitlab-org/gitlab!67997))
- [Render frontmatter codeblock in the Content Editor](gitlab-org/gitlab@d84bcddf3a3c6c0b188a5a7a09ba49ae347c1eaa) ([merge request](gitlab-org/gitlab!70854))
- [Add support for wbr in content editor](gitlab-org/gitlab@772f061eac6bd4cca2c3511f9978d0d246c3cd2a) ([merge request](gitlab-org/gitlab!69365))
- [Enable live tracking and enforcement of CI minutes](gitlab-org/gitlab@55adb3a7e1fabb9a20bf4dcd7a08dcd5ad09097e) ([merge request](gitlab-org/gitlab!71072)) **GitLab Enterprise Edition**
- [Send "setup for company" in trial form to CustomersDot](gitlab-org/gitlab@b7e4d09eeb8f83194032e1463d126a4a9d2a4a6d) ([merge request](gitlab-org/gitlab!70569))
- [Perform validations on the parent of a namespace/group by default](gitlab-org/gitlab@5dd7051f880f01a5ee0d43e7472c46c0de824352) ([merge request](gitlab-org/gitlab!70365))
- [Added support for test coverage badge color configuration](gitlab-org/gitlab@13ca69c7e4cf42c47a8c99f33a5e8bc7ed511357) by @szaboi ([merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/69164))
- [Move cluster agent GraphQL mutations and supporting services to core](gitlab-org/gitlab@8e45ef80d137f4b76008ac1e1044d6f38cf61823) ([merge request](gitlab-org/gitlab!70887))
- [Move cluster agent GraphQL types and resolvers to core](gitlab-org/gitlab@5f54a7c09133de4a833390b1b510af02744da9f8) ([merge request](gitlab-org/gitlab!70759))
- [Address the PK Overflow risk for the taggins - Step 3](gitlab-org/gitlab@f9b8e8d7c55b8959468b6f1594ea83c965b9e5c3) ([merge request](gitlab-org/gitlab!69639))
- [Remove i_testing_metrics_report_artifact_uploaders feature flag](gitlab-org/gitlab@1a4f15be1a8c12c96a70463b8e1b2c3e01cfcd1d) ([merge request](gitlab-org/gitlab!70957))
- [Remove usage_data_i_testing_test_case_parsed feature flag](gitlab-org/gitlab@af7d2e9f6926914fc6fee750c466b15e44e1a9f3) ([merge request](gitlab-org/gitlab!70953))
- [Enable FF "paginated_tree_graphql_query" by default](gitlab-org/gitlab@ade0b92eb1736575e4e6530db5920cd1222a8bed) ([merge request](gitlab-org/gitlab!70913))
- [Add user permissions for runners in GraphQL API](gitlab-org/gitlab@8d9c658cb4a2b952407779f7a64b0dc11960195f) ([merge request](gitlab-org/gitlab!70809))
- [Always enable the database load balancer](gitlab-org/gitlab@f38900c90d7ff75eaeaf15265d177e4b1fae5c22) ([merge request](gitlab-org/gitlab!68042))
- [Add endpoints for project relations exports](gitlab-org/gitlab@5e9ebbd16ea73d22f41e3aa9f005cb532fe5f0cc) ([merge request](gitlab-org/gitlab!70330))
- [Upgrade Pages to 1.45.0](gitlab-org/gitlab@8853ba52e3a2bd66051b845f47b67b6eef9916b3) ([merge request](gitlab-org/gitlab!70752))
- [Support FIFO/LIFO process modes to Resource Group](gitlab-org/gitlab@a100cb945bc9bcd4c531c1889059f8a8f6e29e61) ([merge request](gitlab-org/gitlab!67015))
- [Add documentation to Files API Rate Limits](gitlab-org/gitlab@3da4af85c9bbf210b8adde556ebb255700fc2983) ([merge request](gitlab-org/gitlab!68645))
- [Add security_orchestration_policy to pipeline source filter](gitlab-org/gitlab@b5a6dfec3faf5c7df11e3a68c30ce642aeabf49b) ([merge request](gitlab-org/gitlab!69985)) **GitLab Enterprise Edition**
- [Add sign-in count to external pipeline validation](gitlab-org/gitlab@838d1f55a83cdbf00b7d99206156fac351115aaf) ([merge request](gitlab-org/gitlab!70668))
- [Add negated issueType filter to issue resolver (group and project)](gitlab-org/gitlab@4cca803a06aad048f7478b8eb51c6934958b3bc6) ([merge request](gitlab-org/gitlab!70635))
- [Add clone issue to REST API](gitlab-org/gitlab@33e9e55a35631392ce88f4a4823d11d0ae3cc797) ([merge request](gitlab-org/gitlab!57740))
- [Add runner_features column to ci_builds_metadata](gitlab-org/gitlab@319d59940117374d3bebf7fa53d55b7bc3c19763) ([merge request](gitlab-org/gitlab!70189))
- [Extend /help/instance_configuration with Git LFS rate limit](gitlab-org/gitlab@455ad3b28580c1da1f6a5cea6a2f37794e07dd72) by @wwwjon ([merge request](gitlab-org/gitlab!70397))
- [API: Add endpoint to reset runner authentication token](gitlab-org/gitlab@c2e34204a0b6ef305ac76a68f9f7c9216eb0f379) by @KyleFromKitware ([merge request](gitlab-org/gitlab!69561))
### Fixed (96 changes)
- [Fix Analytics Author filters](gitlab-org/gitlab@17c9eb627e135ce61b51c81a541d844602cb4305) ([merge request](gitlab-org/gitlab!72492))
- [Allow maintainers to set MR approval settings](gitlab-org/gitlab@de58cb9ca02037b4df2fc2f14040503026ddf5b7) ([merge request](gitlab-org/gitlab!72493)) **GitLab Enterprise Edition**
- [Fix: update links in billing page](gitlab-org/gitlab@c8d6f73497df3080b5080977f3fe03085e1506fe) by @orozot ([merge request](gitlab-org/gitlab!72259)) **GitLab Enterprise Edition**
- [Update onboarding template project](gitlab-org/gitlab@1f5160ad9e8a2dcfcc5f628f525734e423bb75b9) ([merge request](gitlab-org/gitlab!72355)) **GitLab Enterprise Edition**
- [Fix handling Service Ping response DevOps metrics](gitlab-org/gitlab@e06fe59cd272e35a2009f499a006f7da8ae7640f) ([merge request](gitlab-org/gitlab!72344))
- [Add guard clause to ensure incoming params](gitlab-org/gitlab@0f3b20cde204f1cb28dce6e7c794fac0cd5a0a64) ([merge request](gitlab-org/gitlab!72241))
- [MR Analytics: Add pipelines sanity check](gitlab-org/gitlab@f204f965a9fbd875b2491ec88d77c9f7558dec49) ([merge request](gitlab-org/gitlab!72210)) **GitLab Enterprise Edition**
- [Replace calls to LoadBalancing with ::Gitlab::Database::LoadBalancing](gitlab-org/gitlab@d54189d088a90daa7f1fda4bea2334acf5b172b5) ([merge request](gitlab-org/gitlab!72205))
- [Change shared runner settings on import on conflict with group](gitlab-org/gitlab@e5680f9350f863c2ad2e14e5d495ae8df5aa413e) ([merge request](gitlab-org/gitlab!71846))
- [Fix undefined method `use_primary!' error in GDK](gitlab-org/gitlab@5c3638936934b90049c0bf5a8d9f017fb721e750) by @leetickett ([merge request](gitlab-org/gitlab!72247))
- [Guard against exceptions from unfound DiffNotes](gitlab-org/gitlab@580072f86097f4156fc01eb16863b7e746c2a4fb) ([merge request](gitlab-org/gitlab!72242))
- [Replace success button in the add linked issue](gitlab-org/gitlab@7d3d847c76e6dbd7bfcd357ffb31236860419aed) ([merge request](gitlab-org/gitlab!72211))
- [Ensure correct group for DA chart](gitlab-org/gitlab@0065f5a8db8410868566e58e9c4af31015cf8162) ([merge request](gitlab-org/gitlab!72176)) **GitLab Enterprise Edition**
- [Fix cut-off dropdown in board breadcrumbs](gitlab-org/gitlab@49feed59a9f572f3210e353b5b5816717a414bfe) ([merge request](gitlab-org/gitlab!72168))
- [Fix non-restarted skipped bridge jobs](gitlab-org/gitlab@ad8ffd504c5898570666a1789ef463c0030196ee) ([merge request](gitlab-org/gitlab!72141))
- [Don't run WAL queries when not using replicas](gitlab-org/gitlab@9599f8669a9395d5193be1b226b4c136f28f8e90) ([merge request](gitlab-org/gitlab!71736))
- [Enable syntax highlighting for new files](gitlab-org/gitlab@4d0a4fc7b0cc9ec616a67853b97cd96e731d2ed6) ([merge request](gitlab-org/gitlab!71801))
- [Add go, nuget, and sbt to Dependencies API filters](gitlab-org/gitlab@1d996aa6ecefeea103fa05f02131000918d08b7c) ([merge request](gitlab-org/gitlab!72022)) **GitLab Enterprise Edition**
- [Present sbt, nuget, and go in Dependency List page](gitlab-org/gitlab@e2907ff57a11be60f3bb1c8dc8157de0a00d8156) ([merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/72021)) **GitLab Enterprise Edition**
- [Fix detail page of NuGet package with missing metadata](gitlab-org/gitlab@412acd19f95c5a56699c9cb248afd31e8f0a3476) by @wwwjon ([merge request](gitlab-org/gitlab!72013))
- [Remove local form errors flash](gitlab-org/gitlab@52ea002f636cae726fb452ad4146919c0f700d4a) ([merge request](gitlab-org/gitlab!71945))
- [Make CI minutes consumption increment idempotently](gitlab-org/gitlab@f82d4f06987fc7736e0d0fc84c8cfdfd2b7d938f) ([merge request](gitlab-org/gitlab!71840)) **GitLab Enterprise Edition**
- [Boards - Sort closed issues by closedAt date](gitlab-org/gitlab@c89f00d681dab5ff00096913af170f043b052e10) ([merge request](gitlab-org/gitlab!71698))
- [Gracefully track errors raised by sending CI minutes notifications](gitlab-org/gitlab@2036f9a11fc272cf5cb6e0ecbaae5eeefa454df3) ([merge request](gitlab-org/gitlab!71815)) **GitLab Enterprise Edition**
- [Add IssuesFieldExtension to set relative positions](gitlab-org/gitlab@5c62b8c87c22a8d722c66bdeaf475f01bc1a29f8) ([merge request](gitlab-org/gitlab!71164))
- [Update strategies used for DB count approximation for read-only DB](gitlab-org/gitlab@09a35759c3de4665cd3b7769eaf82a11de32d03d) ([merge request](gitlab-org/gitlab!71925))
- [Mark the `created_at` attribute as read-only to prevent updating it](gitlab-org/gitlab@21d7ee36bb6e11fe2d1b51a3ab5cf0734efae0f2) ([merge request](gitlab-org/gitlab!71399))
- [Disable caching of MergeToRefService call in mergeability check](gitlab-org/gitlab@36f8fbf83cdf7e539165bc73f742bfd2e39a0290) ([merge request](gitlab-org/gitlab!71909))
- [Return the correct project in job/allowed_agents API response](gitlab-org/gitlab@95364c467bcf2e3765f58fef18b8d759031022af) ([merge request](gitlab-org/gitlab!71876))
- [Use pessimistic locking when accessing Terraform state](gitlab-org/gitlab@ac3916a5d29d16de4ce8359d0d100dace6e82e24) ([merge request](gitlab-org/gitlab!71873))
- [Sanitize given scan types before querying the security_scans](gitlab-org/gitlab@a06867f1eb2e7c091be0067eb1b10b7071b2f512) ([merge request](gitlab-org/gitlab!71836))
- [Fix auto-renew of LetsEncrypt domains for Pages](gitlab-org/gitlab@b3a7e0d5268b90722a372674ad7f0c248a6e9872) ([merge request](gitlab-org/gitlab!71697))
- [Show hint if input value is invalid](gitlab-org/gitlab@b1b2a440e4afd624559153c697a50a5c1ee37e7c) ([merge request](gitlab-org/gitlab!71582)) **GitLab Enterprise Edition**
- [Fix inline JavaScript HAML linter not working](gitlab-org/gitlab@8f32460266e31bad3f66155df31735a34a756328) ([merge request](gitlab-org/gitlab!71798))
- [Add ON DELETE constraint to security_policy_management_project_id](gitlab-org/gitlab@402154b0df873e6edb91267980b27ef5a4e231dc) ([merge request](gitlab-org/gitlab!71391))
- [Fix merge request approvals accordion](gitlab-org/gitlab@016ac9c025e5ed11e208dba86f5af8609e1dc0d1) ([merge request](gitlab-org/gitlab!69252)) **GitLab Enterprise Edition**
- [Fix undefined method error in validate_remote_git_endpoint service](gitlab-org/gitlab@a93a088faecdd667c76790c47e2bae00b6d203dc) ([merge request](gitlab-org/gitlab!71670))
- [Hide filters UI in Roadmap within epic page](gitlab-org/gitlab@c35f81070d988c0a1c5d337245c1ac20de29761c) ([merge request](gitlab-org/gitlab!71726)) **GitLab Enterprise Edition**
- [Fix storing first_mentioned_in_commit_at attribute](gitlab-org/gitlab@900db121a1e2914656ad8678b00f25e93d076515) ([merge request](gitlab-org/gitlab!71639))
- [Redirect Geo git push operations to primary external URL](gitlab-org/gitlab@98780b7eb910720fdc4ded20dd7f6ba3f39d8e27) ([merge request](gitlab-org/gitlab!71711)) **GitLab Enterprise Edition**
- [Fix spacing between note badges](gitlab-org/gitlab@f629eb9b3ab799815fb0e6d05dc186840ed6d369) by @TaehyeokKang ([merge request](gitlab-org/gitlab!71208))
- [Fix project statistics Uploads](gitlab-org/gitlab@7ebd4cb24c56cb8a26082ca06242d5ab5823dfad) by @guillaume.chauvel ([merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/71370))
- [Move required styles for issue-token to core](gitlab-org/gitlab@297c1112d5cce610f98e1189d13c00465d27949e) by @michael.telgkamp ([merge request](gitlab-org/gitlab!71531))
- [Fix default values for the deprecated API throttle](gitlab-org/gitlab@86cb92849da9ed37a1f9962613eb4c366f270f8b) ([merge request](gitlab-org/gitlab!71449))
- [Fix dependency proxy image prefix](gitlab-org/gitlab@f4c9a981b55492c53b9d233846d6364a4e344649) ([merge request](gitlab-org/gitlab!71511))
- [Upgrade mermaid-js to v8.13.2](gitlab-org/gitlab@0dc2971222642e39b3af5a6832f50a57586dcc94) ([merge request](gitlab-org/gitlab!71415))
- [Don't retry errors when there are no replicas](gitlab-org/gitlab@0f27854a100931c96d18b79b9d903511c352405c) ([merge request](gitlab-org/gitlab!71489))
- [Delete issues css](gitlab-org/gitlab@97ffda63a12a951e8a5bce650487ce319b0196b0) ([merge request](gitlab-org/gitlab!71478))
- [Use GlAlert for external issues list errors](gitlab-org/gitlab@824b40be15edf9744ac06f52f55dcf6ee229b4ff) ([merge request](gitlab-org/gitlab!71256)) **GitLab Enterprise Edition**
- [Fix tabs switching between tree and roadmap](gitlab-org/gitlab@25e066d8364bb7127668bfbdc3f8fbce72dea9a7) ([merge request](gitlab-org/gitlab!71398)) **GitLab Enterprise Edition**
- [Fix: change dropdown background to transparent](gitlab-org/gitlab@87cec043a6eecba6189e61ea4dec5d6295b830b1) by @orozot ([merge request](gitlab-org/gitlab!71264))
- [Use GlAlert for integrations table errors](gitlab-org/gitlab@14123f51ffd9aa3ad202845f9ef98fbf2822eb3d) ([merge request](gitlab-org/gitlab!71255))
- [Removes reporting on non-existant failures for import rake task](gitlab-org/gitlab@2c6af766cf1044f730e325b4043e48f187c15ce3) ([merge request](gitlab-org/gitlab!71402))
- [Fix compliance framework labels readability](gitlab-org/gitlab@645b035a9e2c97e20e6a350d780658a6a93108ff) ([merge request](gitlab-org/gitlab!71301)) **GitLab Enterprise Edition**
- [Fix clipped broadcast message on login page when using custom header](gitlab-org/gitlab@593862859242f4318d935bc3529ee34547fc9f81) ([merge request](gitlab-org/gitlab!71227))
- [Fix issue search optimization in GraphQL](gitlab-org/gitlab@e0dee49402c289c4a53c16297e2f2da09aa81809) ([merge request](gitlab-org/gitlab!71351))
- [Expand template names when tracking inclusion](gitlab-org/gitlab@223a3c66bae0af4b233663d0f7cf6cd523229c24) ([merge request](gitlab-org/gitlab!71157))
- [Fix incorrect date in type of work chart](gitlab-org/gitlab@56ef35edb7d7ab0d68a61676b7f8d24262780713) ([merge request](gitlab-org/gitlab!71350)) **GitLab Enterprise Edition**
- [Fix: translate upload license tips](gitlab-org/gitlab@b5bb563377d941bd8db979242345cc61da1a0c98) by @orozot ([merge request](gitlab-org/gitlab!70640)) **GitLab Enterprise Edition**
- [Reapply table-layout fixed in repository file list](gitlab-org/gitlab@b20c171a54f1414cf5b98e4b1d086ed53e943103) ([merge request](gitlab-org/gitlab!71327))
- [Global Search - Upvote Tooltip Alignment](gitlab-org/gitlab@08e0e2c0adb067d5cbe8af9ed2786b54ebc2f14d) ([merge request](gitlab-org/gitlab!71226))
- [Prevent group wiki writes on read-only DBs](gitlab-org/gitlab@900b071936852a0675efd8938115f836284b5709) ([merge request](gitlab-org/gitlab!71314)) **GitLab Enterprise Edition**
- [Fix incorrect trigger of issue/epic autocomplete](gitlab-org/gitlab@09faec22a1ded63f52201d62edc43382161e5f29) ([merge request](gitlab-org/gitlab!71191)) **GitLab Enterprise Edition**
- [Fix Web IDE renaming empty content](gitlab-org/gitlab@04340139969234f992dd69bd0c807b3439afbee1) ([merge request](gitlab-org/gitlab!71130))
- [Fix milestone references in group context](gitlab-org/gitlab@c91b498592b73039a5d68e43e31359e8e55b6021) ([merge request](gitlab-org/gitlab!71269))
- [Value of `lock_memberships_to_ldap` should not affect authorizations](gitlab-org/gitlab@deb229258b6e659695dfc5df0de6f378ecc36cad) ([merge request](gitlab-org/gitlab!71253))
- [Remove file upload type restirction](gitlab-org/gitlab@32563ed72ca7aaca330bd8f8a2d1223127a11453) ([merge request](gitlab-org/gitlab!71082))
- [Fixed post merge ci status bug](gitlab-org/gitlab@b21dc4140ff30c16c571afdad29a0dba6f639d8e) ([merge request](gitlab-org/gitlab!70719))
- [Generate startup css as if com_and_canary](gitlab-org/gitlab@64eaa2de7dee16fff0d62b4231cc2b1631f0171f) by @leetickett ([merge request](gitlab-org/gitlab!71134))
- [Disable form on admin appearance sign-in page preview](gitlab-org/gitlab@4060fbbb578246b9d4acc6d2a534add63cfd397c) ([merge request](gitlab-org/gitlab!70736))
- [Add connection fallback to ActiveRecordProxy](gitlab-org/gitlab@b1b48aa28b302914c317f51beca546707ffda367) ([merge request](gitlab-org/gitlab!71059))
- [Update GitLab Shell to v13.21.1](gitlab-org/gitlab@ec1e172b96d2186ec0b914a95850e3ae353ccb0f) ([merge request](gitlab-org/gitlab!71037))
- [Fix Australian timezone abbreviations in tooltips](gitlab-org/gitlab@5451d41c1586cc83525178734b7c45b0b5234075) ([merge request](gitlab-org/gitlab!70723))
- [Merge branch 'jswain_combined_registration_auto_trial_params' into 'master'](gitlab-org/gitlab@4d1d5a4bc1dcc7b4c5969cc0c3cebf0dbbd665f3) ([merge request](gitlab-org/gitlab!70823)) **GitLab Enterprise Edition**
- [Provide namespace_id default value](gitlab-org/gitlab@45dfc11d0858e731d1544f98f93a193166e5ad92) ([merge request](gitlab-org/gitlab!70823))
- [Fix CSV issues import max file size message](gitlab-org/gitlab@f0e9076caeab2a8d786ad06128832c0abf4e41c6) by @JonstonChan ([merge request](gitlab-org/gitlab!68223))
- [Fix unmet prerequisites help URL](gitlab-org/gitlab@8b798847612a5ce3386d6dfb6df0371d5aea4e4b) ([merge request](gitlab-org/gitlab!70976))
- [Fix polling on vuln details page](gitlab-org/gitlab@5dd1f8c11e06a61476425db0696e292af09d2407) ([merge request](gitlab-org/gitlab!70961)) **GitLab Enterprise Edition**
- [Fix rule all branches not using monospace font](gitlab-org/gitlab@fe0df34d5f291d7eac1129bc15f5ac722b24c544) ([merge request](gitlab-org/gitlab!70943)) **GitLab Enterprise Edition**
- [Fix sum of LFS objects size with identical value](gitlab-org/gitlab@d2b2d298e41fdf237e40c404c005cea7a0924686) by @guillaume.chauvel ([merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/70610))
- [Fix project group share setting wording](gitlab-org/gitlab@56cedf5ba1f0437784ced6855922386d770bf4ff) ([merge request](gitlab-org/gitlab!70636))
- [Fix gitaly-backup TLS connections](gitlab-org/gitlab@e36cf16acc44cb223aee93b4d36c4d0281f3476f) ([merge request](gitlab-org/gitlab!70883))
- [Fix Content-Disposition header not working in Azure Blob storage](gitlab-org/gitlab@e586b6e3a58d66850ac32924c9ad1342daf24f1b) ([merge request](gitlab-org/gitlab!70874))
- [Handle ConnectionNotEstablished in the DB LB](gitlab-org/gitlab@cf3a0e3580c8649f1e2abe2f620993f739c3dba9) ([merge request](gitlab-org/gitlab!68042))
- [MR Analytics: Add yAxis formatter](gitlab-org/gitlab@9d7769a3a90ddd1712d5f1e6633d5f102a2a59e2) ([merge request](gitlab-org/gitlab!70573)) **GitLab Enterprise Edition**
- [Remove unnecessary route](gitlab-org/gitlab@d7b1c4dea176e84c706580806984ffa11753be7f) ([merge request](gitlab-org/gitlab!70277))
- [Fix address requires string literal i18n helpers](gitlab-org/gitlab@ee4394c4237fcd65a1e9d0597603210034634988) by @elcordova ([merge request](gitlab-org/gitlab!70767))
- [Fix DB connection check for Geo user routing](gitlab-org/gitlab@f908364d9888fa4cd37c6e5ca2555f1b936a9f39) ([merge request](gitlab-org/gitlab!70621)) **GitLab Enterprise Edition**
- [Update to commonmarker gem 0.23.2](gitlab-org/gitlab@57c5bad16c533bf7937f56bc05cbcc6a3d72004a) ([merge request](gitlab-org/gitlab!70612))
- [Focus on input when dropdown is shown on issue creation page](gitlab-org/gitlab@00a431b287132f8b833cf10ad99a2e61d50ec9e8) ([merge request](gitlab-org/gitlab!70703))
- [Replace public_send with send in doctor rake task](gitlab-org/gitlab@386ee2b5f21a5a8184ee78350f11a12803d118e1) ([merge request](gitlab-org/gitlab!69062))
- [Open sidebar after user creates a new item in boards](gitlab-org/gitlab@a8304104fe5158369354377df8a35001ec576e29) ([merge request](gitlab-org/gitlab!70352))
- [Geo: Fix maintenance mode causing Unhealthy secondary status](gitlab-org/gitlab@01551e03a1313d3f95dca66b5d27082ec59506b8) ([merge request](gitlab-org/gitlab!70010)) **GitLab Enterprise Edition**
- [Allow BoardListType.issues to filter by negated issueType in GraphQL](gitlab-org/gitlab@9debb183be68909ff7bf61adfaa02fb3a7e1b2e9) ([merge request](gitlab-org/gitlab!70554))
- [Add additional properties to policy_details helper](gitlab-org/gitlab@5645f93c630fe14fad2c418bc635cedde47c56b2) ([merge request](gitlab-org/gitlab!70553)) **GitLab Enterprise Edition**
- [Persist feedback alert for SAST Configuration](gitlab-org/gitlab@3343c3171a3e6ea202ca5f9db3751799fe8c6222) ([merge request](gitlab-org/gitlab!70517)) **GitLab Enterprise Edition**
### Changed (80 changes)
- [Implement Dependency proxy via Workhorse injectors](gitlab-org/gitlab@b3e6d6c37efba1418ecb33f6037582b1f8553f99) ([merge request](gitlab-org/gitlab!71890))
- [Added v-scrolling to both editors](gitlab-org/gitlab@2802a43f2f97f987ba0ddaeafc36c8c90beaeb6f) by @mehulsharma ([merge request](gitlab-org/gitlab!71136))
- [Update auto-deploy-image to v2.14.0](gitlab-org/gitlab@354fb973fc32958dd81dd70b5ab516f4ee26d9a8) ([merge request](gitlab-org/gitlab!72027))
- [Adjust update_runners_registration_token permission](gitlab-org/gitlab@6182eecf3b3a466864c2c192b4fcef9908822eeb) ([merge request](gitlab-org/gitlab!71965))
- [Remove feature flag member_destroy_async_auth_refresh](gitlab-org/gitlab@edde4d7ffabb30f69691f6bd99e06c82b4dfab8a) ([merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/72338))
- [Disable create list button after clicked once](gitlab-org/gitlab@8d8de87a0be0628f23a1cda888a11559a079167c) ([merge request](gitlab-org/gitlab!72048))
- [Preselect all projects in group coverage analytics](gitlab-org/gitlab@88d4f5793b3d1f05675ca896d7514a7d1deb5243) ([merge request](gitlab-org/gitlab!72051)) **GitLab Enterprise Edition**
- [Allow longer Helm channel names](gitlab-org/gitlab@7e57516919e5cee8ae8c38890d4b8a18d10e54f0) by @sathieu ([merge request](gitlab-org/gitlab!71806))
- [Enable create_vulnerabilities_via_api by default](gitlab-org/gitlab@1a635aa386c3fb1dd6d6369fbfcbe16015aa85df) ([merge request](gitlab-org/gitlab!72204)) **GitLab Enterprise Edition**
- [Use allowlist of allowed attributes for imported models](gitlab-org/gitlab@3f30823920caef67d589e6f06c1cee2380d3d080) ([merge request](gitlab-org/gitlab!71296))
- [Refactor the usage of Secret Scanning to Secret Detection](gitlab-org/gitlab@48d35ae9509bc14affc7bd52fdd415f7b21b1434) ([merge request](gitlab-org/gitlab!71824))
- [Improve Git HTTPS message given when Gitaly unavailable](gitlab-org/gitlab@772df282e60924413931e0b0736fe11d94f4d3de) ([merge request](gitlab-org/gitlab!71120))
- [Remove `performance_roadmap` ff and legacy code](gitlab-org/gitlab@7be12de8acaa583818cb370f566a8e4d394b4259) ([merge request](gitlab-org/gitlab!71828)) **GitLab Enterprise Edition**
- [Respect security scanner schema](gitlab-org/gitlab@b7ea3dc21229f8c6a59087aca5b2e8c0368645f2) ([merge request](gitlab-org/gitlab!69961)) **GitLab Enterprise Edition**
- [Default enable use_upsert_query_for_mr_metrics FF](gitlab-org/gitlab@37723ac46e66416d1a7cb3e661d51f5525ba3d8b) ([merge request](gitlab-org/gitlab!72120))
- [Support Jira Connect asymmetric JWTs](gitlab-org/gitlab@e100bd3dfbf08eb27f2ee2c3b84438931144cf00) ([merge request](gitlab-org/gitlab!71080))
- [Improve translatability of email confirmation page](gitlab-org/gitlab@2809b8bbe0a1b8913ad097473612c17d09951db1) ([merge request](gitlab-org/gitlab!71165))
- [Remove vulnerability flags feature flag](gitlab-org/gitlab@d80460b160b2fb2f6704c10ea5108dee4785457e) ([merge request](gitlab-org/gitlab!71966))
- [Styling updates of the protected environments edit access dropdown](gitlab-org/gitlab@6582038a0b3dda66199cc4a309aae6a35ba70e98) ([merge request](gitlab-org/gitlab!71119)) **GitLab Enterprise Edition**
- [Clean up oauth buttons on sign in/up](gitlab-org/gitlab@72e5bf594fed8112539c89f97f77ba5bf81f708a) ([merge request](gitlab-org/gitlab!71263))
- [Improve merge train help text](gitlab-org/gitlab@c28b6bbd3c78d76f32816c51f006ea1ffb7e150c) ([merge request](gitlab-org/gitlab!71687)) **GitLab Enterprise Edition**
- [Update branch name to use monospace](gitlab-org/gitlab@cd6c3b3ccebb3a18bead8e572e509b7edc863eb2) ([merge request](gitlab-org/gitlab!71393)) **GitLab Enterprise Edition**
- [Remove redundant help text from runners](gitlab-org/gitlab@a0e98ddbd79b557fb97c1a9164bb14f47efc2669) ([merge request](gitlab-org/gitlab!71915))
- [Proxy Geo secondary HTTP pushes + lfs through Workhorse](gitlab-org/gitlab@f1812b88bd4498051cc2b011127dba8c6448f725) ([merge request](gitlab-org/gitlab!71732)) **GitLab Enterprise Edition**
- [Update compliance report title and navigation](gitlab-org/gitlab@906d78136dd1f7812e4af5c55c7f6ecfe1a438b2) ([merge request](gitlab-org/gitlab!71383)) **GitLab Enterprise Edition**
- [Change MR draft status notification from flash to tast](gitlab-org/gitlab@9aee4d3ef920636c2a0e51331efc796b6e4ae028) ([merge request](gitlab-org/gitlab!71887))
- [Allow minimal access value for UserHighestRole](gitlab-org/gitlab@a1165f69aaa0e62b9effd0733185ff2bd4fc45ab) ([merge request](gitlab-org/gitlab!71814)) **GitLab Enterprise Edition**
- [Add jsonb field for Finding Evidence](gitlab-org/gitlab@679ebf13709aa8440e58baa05539ad72b6e12e9b) ([merge request](gitlab-org/gitlab!70097))
- [Geo: Increase reliability of certain one-time jobs](gitlab-org/gitlab@b731a55c30cf8cbfd38fefc46659de1fe6a6d0f4) ([merge request](gitlab-org/gitlab!71419)) **GitLab Enterprise Edition**
- [Geo: Reduce unnecessary resource usage](gitlab-org/gitlab@a3bfd4b6cc11ecae16d9414c8d3337c0383271fa) ([merge request](gitlab-org/gitlab!71419)) **GitLab Enterprise Edition**
- [Geo: Reduce unnecessary resource usage](gitlab-org/gitlab@93127cfc6803616db47b321a826e643c1468d75a) ([merge request](gitlab-org/gitlab!71419)) **GitLab Enterprise Edition**
- [GithubImporter: Format diff note suggestions to the gitlab format](gitlab-org/gitlab@e4f59f2ecb0dd9958ab48c50dcd42ee0c6517ea8) ([merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/71411))
- [system_check: Bump minimum required Git version to v2.33.0](gitlab-org/gitlab@8094ba64d14af82094fbcdcacc3d54c7aecee09f) ([merge request](gitlab-org/gitlab!71813))
- [Update SAST config primary action button variant](gitlab-org/gitlab@105b5e63a55545868c3a26b8fdfd8ed7939bb2d4) ([merge request](gitlab-org/gitlab!71783)) **GitLab Enterprise Edition**
- [Add rake task to pause or resume elastic indexing](gitlab-org/gitlab@6a60c27a05219d16980c924fffe6231cc1f4ef9d) ([merge request](gitlab-org/gitlab!71426)) **GitLab Enterprise Edition**
- [Changed cluster type badge to gitlab-ui element](gitlab-org/gitlab@f39cda9d1d654f58d379345db0eabfc23290f2a1) ([merge request](gitlab-org/gitlab!71504))
- [Move advanced_search_multi_project_select FF to user actor](gitlab-org/gitlab@1d43d927e587d3fff1ec94404c442da11033fdee) ([merge request](gitlab-org/gitlab!71416)) **GitLab Enterprise Edition**
- [Implement Dependency proxy via Workhorse injectors](gitlab-org/gitlab@c9c9a36a7decac3a0ee6986d4e42730814ccb250) ([merge request](gitlab-org/gitlab!68157))
- [Replace namespaces unique index on name and parent_id](gitlab-org/gitlab@db628d9df92faaee0b50bef7a1b525c2c2f974dc) ([merge request](gitlab-org/gitlab!71390))
- [Remove orchestration policies feature flag](gitlab-org/gitlab@705218f2d9be1d17f70f2dcaa91ac81c18827bb0) ([merge request](gitlab-org/gitlab!71516)) **GitLab Enterprise Edition**
- [Redirect threat_monitoring policies endpoints](gitlab-org/gitlab@a07a65b574471cf6b19a02b39140327455f0e4f5) ([merge request](gitlab-org/gitlab!71517)) **GitLab Enterprise Edition**
- [Add tooltips to runners badges](gitlab-org/gitlab@7e0ab139085e6b3da86b4be1dfafb42b7d043b16) ([merge request](gitlab-org/gitlab!71404))
- [Remove beta badge from GitLab Migration](gitlab-org/gitlab@b7fb1e66ebc384d67623c5ce3a287c41e9c851cd) ([merge request](gitlab-org/gitlab!71643))
- [Show author badge in comments](gitlab-org/gitlab@4a90dc4244ad54b9518d1818d2fcf2efb869e93c) ([merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/40198))
- [Toggle banner using suggest_pipeline_enabled application setting](gitlab-org/gitlab@fac9b2b23bc60c0a53d7a1b7a950ed46d8b38ab9) ([merge request](gitlab-org/gitlab!71015))
- [Enable merge requests discussions cache](gitlab-org/gitlab@de3fa103478f104456ccdab85efe752178c03c92) ([merge request](gitlab-org/gitlab!71635))
- [Edit UI text of Abuse reports settings](gitlab-org/gitlab@2549f52084da0f575d1584b3c0afd73abfe60ffc) ([merge request](gitlab-org/gitlab!71276))
- [Prevent Workhorse panics when Geo proxy URL is unset](gitlab-org/gitlab@b3d88bdafdcbdf97eebd52596c4cd6967d3a4c26) ([merge request](gitlab-org/gitlab!71285)) **GitLab Enterprise Edition**
- [Improve deployment information on Jira Cloud app](gitlab-org/gitlab@1b0cbfb845f387eaa9e67edfcb1e504592623fb2) by @rbordignon ([merge request](gitlab-org/gitlab!70880))
- [Migrate branches nav from Bootstrap tabs to GlTabs](gitlab-org/gitlab@2b8a42b251094f9d811a6ba71cb03a4b9deddf55) ([merge request](gitlab-org/gitlab!71461))
- [Allow dots in Helm channel, but forbid repeated dots](gitlab-org/gitlab@de0602ad3197e37ac0d6a59f0271c3141dd5a04e) by @sathieu ([merge request](gitlab-org/gitlab!69278))
- [Remove analyzer_pipeline metrics join to ci_builds](gitlab-org/gitlab@f12722fd6c7e0e673c68e138632a6dabe9653039) ([merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/71210)) **GitLab Enterprise Edition**
- [Update cluster management project template with new version of Falco](gitlab-org/gitlab@ee66cfee8865be5b1a959097451aa25b1a198fba) ([merge request](gitlab-org/gitlab!71446))
- [Update UI text in Group general settings](gitlab-org/gitlab@3b2b26758b6b6ea3af890190bf5eabc853c30c76) ([merge request](gitlab-org/gitlab!69869))
- [Allow removal of cloud licenses](gitlab-org/gitlab@7f7e8de72eea09b7e51eb74c26e73698fed75a0d) ([merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/71481)) **GitLab Enterprise Edition**
- [Remove default value for time zone user preference](gitlab-org/gitlab@4840ed7f831c7d1fc6fd3a403b575bd0ed103c64) ([merge request](gitlab-org/gitlab!70834))
- [Exclude secret_detection findings from autoresolution](gitlab-org/gitlab@231545fd4cb47598b21e0bb6fbc364dd749bfec9) ([merge request](gitlab-org/gitlab!71436)) **GitLab Enterprise Edition**
- [Enable repo size limit and ip restriction](gitlab-org/gitlab@30bdbd2a95cd5af7e040116ea447f36e56a0e0a2) ([merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/70912)) **GitLab Enterprise Edition**
- [Remove `async_filtering` feature flag](gitlab-org/gitlab@00bbc6810d5ac3099f3ee86c615587f36a7d6af3) ([merge request](gitlab-org/gitlab!71035))
- [Convert ee/geo/db/schema.rb to ee/geo/db/structure.sql](gitlab-org/gitlab@e900df0bcc90d24bb939de6e247fed9871562d31) ([merge request](gitlab-org/gitlab!71222)) **GitLab Enterprise Edition**
- [Updated the Cluster Agent Token table heading](gitlab-org/gitlab@d59a4d4a385927eb39248a4b75a6fdd2d9353d2e) ([merge request](gitlab-org/gitlab!71197)) **GitLab Enterprise Edition**
- [Fix DB load balance autoloading/code-reloading](gitlab-org/gitlab@91b7cf3e70237cdbd00b4d7ba4a82d21b28dc435) ([merge request](gitlab-org/gitlab!71218))
- [Remove "files" from end of default commit message in Web IDE](gitlab-org/gitlab@f096a5554a0743955d0706144cfc888c32947363) by @scootergrisen ([merge request](gitlab-org/gitlab!70582))
- [Ensure merge request header strings are internationalized](gitlab-org/gitlab@60611e55051d2d5614054957ce4e5fae233924c0) ([merge request](gitlab-org/gitlab!71093))
- [Add namespace_ancestry_ids migration](gitlab-org/gitlab@1fae3ce0c92aa764cdb15cb8438d3975dccb7ef1) ([merge request](gitlab-org/gitlab!70042)) **GitLab Enterprise Edition**
- [Update Copy on License Compliance CTA](gitlab-org/gitlab@c2dbfa7a023a0458008214bed0371b702faed78b) ([merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/70923)) **GitLab Enterprise Edition**
- [Remove download text from pipeline artifact dropdown items](gitlab-org/gitlab@466b1125e758fdf87bfe3a5944ac659d0dbae8bf) by @fabsrc ([merge request](gitlab-org/gitlab!70982))
- [Add suggest_pipeline_enabled to application_settings](gitlab-org/gitlab@048800044f3a4d9c01d1977fc14559a1463cc4a1) ([merge request](gitlab-org/gitlab!70756))
- [Update deprecated GlIcon size in IDE preview navigator](gitlab-org/gitlab@b2b4570795732a0eae4665f03f7f1c064d03e53b) by @jameschensmith ([merge request](gitlab-org/gitlab!70960))
- [Block move and clone of requirement issues](gitlab-org/gitlab@3c18b544bbc2bb423e1ddc0a5c1944af48baf9d7) ([merge request](gitlab-org/gitlab!70439)) **GitLab Enterprise Edition**
- [Remove owner validation in AdditionalPack transfer](gitlab-org/gitlab@f5a1bcecabee1cc1ce91275026cec8c4f67b0035) ([merge request](gitlab-org/gitlab!70790)) **GitLab Enterprise Edition**
- [Update Rouge syntax highlighting gem](gitlab-org/gitlab@879628c8260b2b5813ce4d90a01a890bd0afe274) ([merge request](gitlab-org/gitlab!70738))
- [Check anonymous search access in API endpoints](gitlab-org/gitlab@5c2f3a7758cbba21bb229f0680945bb25a08d221) ([merge request](gitlab-org/gitlab!70290)) **GitLab Enterprise Edition**
- [Merge boards Apollo client](gitlab-org/gitlab@32dd42f07bcc37e9ed4d077dd42ba501840bb292) ([merge request](gitlab-org/gitlab!70375))
- [Bump swagger-ui-dist to 3.52.3](gitlab-org/gitlab@2d5caeba4714fcb860bc96789d2e40e1247bb39f) by @bufferoverflow ([merge request](gitlab-org/gitlab!70740))
- [Assign trial to only eligible namespace](gitlab-org/gitlab@16e6aeddd380f87fb4b13c38f15d5f4b66f26ae2) ([merge request](gitlab-org/gitlab!70196)) **GitLab Enterprise Edition**
- [Remove cutoff logic for expiration message](gitlab-org/gitlab@6ff13cf0e1217bcd459ef2a7c1d82c70098a6889) ([merge request](gitlab-org/gitlab!70584)) **GitLab Enterprise Edition**
- [Replace "Any branch" with "All branches"](gitlab-org/gitlab@1b256d5a93c9a76b71d07f9ef4a4e7d08bf73a8c) ([merge request](gitlab-org/gitlab!70552))
- [Re-organize Environment Action Buttons](gitlab-org/gitlab@528a22f0d7b4eda3a40b65c59f85d1b0eda44469) ([merge request](gitlab-org/gitlab!70228))
- [Fix multiple translation strings](gitlab-org/gitlab@6609b9fa4e3433ffa66a0ebb680a909e1b19071e) by @scootergrisen ([merge request](gitlab-org/gitlab!70182))
### Removed (9 changes)
- [Remove shared runners CTE FF](gitlab-org/gitlab@b47f6a628664b74d4f3aed1a1acf4b3178ac1cb2) ([merge request](gitlab-org/gitlab!72370))
- [Remove bio-html and cached_markdown_version from user_details](gitlab-org/gitlab@c045bb54932fa708163aa59b65de6ffe598f3fbd) ([merge request](gitlab-org/gitlab!71663))
- [Remove obsolete column for DevOps analytics](gitlab-org/gitlab@7fb3dcc912ad28fa859614ec099d746c8cd2d9d6) ([merge request](gitlab-org/gitlab!71907))
- [Drop Delayed Project Removal column from Namespaces](gitlab-org/gitlab@6262b4c53d99eeac2146b919f8cf43264d4ce256) ([merge request](gitlab-org/gitlab!71077))
- [Remove ignoring framework column for compliance project settings](gitlab-org/gitlab@973da3fc3a4b28a587c24118803d39b2998618d7) ([merge request](gitlab-org/gitlab!71634)) **GitLab Enterprise Edition**
- [Remove unused Debian distribution methods](gitlab-org/gitlab@bde080e16a3743523310c7b6929f26193bee835a) by @sathieu ([merge request](gitlab-org/gitlab!71502))
- [Remove project_level_issues_analytics FF](gitlab-org/gitlab@deba920fce7df9aed3ddb0ed49c5f899f9ad6d5d) ([merge request](gitlab-org/gitlab!71382))
- [Removed instance level serverless domains feature](gitlab-org/gitlab@e834417cb802979e6eba8073b5b6736b9168a8dc) ([merge request](gitlab-org/gitlab!71283))
- [Remove feature flag `ci_parallel_minutes_reset`](gitlab-org/gitlab@e106986cd1349c73347fd83592ebd7d2e876ca8b) ([merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/71041)) **GitLab Enterprise Edition**
### Security (34 changes)
- [Add autocomplete attribute to most password fields](gitlab-org/gitlab@8a71c388de0e238b3e77e0dad55262023fb03533) ([merge request](gitlab-org/gitlab!72329))
- [Rename profile password fields so password managers understand](gitlab-org/gitlab@16820a9eea57095918942771c51845972e5cd408) ([merge request](gitlab-org/gitlab!71237))
- [Fix reverse tabnabbing issue](gitlab-org/gitlab@d133ec2ba23ea87e0bd8270a24341e9403757e01) ([merge request](gitlab-org/gitlab!71756))
- [Use v-safe-html in project_list_item.vue](gitlab-org/gitlab@14c07dd906f3666119c4cb6b3c4e3c2e338a5e54) by @Fall1ngStar ([merge request](gitlab-org/gitlab!70730))
- [Require password confirmation when user changes their primary email](gitlab-org/gitlab@086303a7529c480db08ee39173299f2ef4271b37) ([merge request](gitlab-org/gitlab!69439))
- [Fix XSS in Jira link](gitlab-org/gitlab@406fa2dfc40f5b7c54fd329f88125c37b851c631) **GitLab Enterprise Edition**
- [Return 404 if model id wasn't passed to UploadsController](gitlab-org/gitlab@c5fac89577d5576c570486dab91d7af099043f42)
- [Scrub artifacts signed URL in SendEntry logs](gitlab-org/gitlab@e9d2f771e6ca5d0eb84e90fa1973f90356ffce7c)
- [Prevent double-impersonation and impersonation breakout](gitlab-org/gitlab@780c8592b1e5c9f3ebb25682d22868d3e41d0ff8)
- [Clear session access tokens when starting/stopping impersonation](gitlab-org/gitlab@413f65cf961b9330d4455a3c7c96dbb5c3076593)
- [Require password param for 2FA changes](gitlab-org/gitlab@2fee55910eb9294aac3d096009e18afbf701b2e8)
- [Prevent users from bypassing 2FA on certain pages](gitlab-org/gitlab@5a52554984c540c0211a91169956cc7f3b8e511f)
- [Use validated URL when sending request to Gitea Importer](gitlab-org/gitlab@7af8abd4df9a98f7a1ae7c4ec9840d0a7a8c684d)
- [Fix permissions check on project members import](gitlab-org/gitlab@3b34c4e1e960dabc982c147b996ea4a3228f36fe)
- [Fix fogbugz importer DNS Rebind SSRF](gitlab-org/gitlab@395649cc463054467cfa9265f0f6d8a1a943226d)
- [Require group admin access to list pending invites](gitlab-org/gitlab@f4b8af4e6829d0ccfbf2f34caa0183908d622d66)
- [Do not export and import repository_size_limit](gitlab-org/gitlab@215ac57160a36faa55adfb4069c48a6e993be0f6)
- [Escapes MR approval rule names correctly](gitlab-org/gitlab@a3af82b0f065cbf449c8285db91d8837a7208f17)
- [Disable exporting pipeline triggers on project export](gitlab-org/gitlab@4195b918418786babcc71af51b61ea3fad107a8a)
- [Add pagination to dependencies API](gitlab-org/gitlab@5eeb99760ce78b28e8e77361daec438a1c588d31) **GitLab Enterprise Edition**
- [Filter shared groups autocomplete by permitted](gitlab-org/gitlab@faf9969eb78296e8f20bee8bac6563f6f02ea07a) **GitLab Enterprise Edition**
- [Apply account locking to password reset page](gitlab-org/gitlab@38a3aceb6e20e52d6f2a554dcdf6c4828d2d49a2)
- [Verify state before using errors from OAuth2 OmniAuth providers](gitlab-org/gitlab@79457dafe5558446504e7cdda33f2731e4033d62)
- [Fix GFM autocomplete xss](gitlab-org/gitlab@bd9bc17acd5930c5830f67ae8becdf7b8e7b4550)
- [Remove related project access tokens when a project is deleted](gitlab-org/gitlab@ff76361cba4561a13fca600afe431a50137e4f45)
- [Do not allow status checks to exist with external protected branches](gitlab-org/gitlab@dd5d6c9dda012e3776eddf89ddbc74073b5d40d5) **GitLab Enterprise Edition**
- [Permission check issuable template API data](gitlab-org/gitlab@dbad14b7fac92ed9cae602a3e30676703f406e62) **GitLab Enterprise Edition**
- [Require access token for git when 2fa is required](gitlab-org/gitlab@79c523c3f9ade423ad960f8bd30b686759eda29f)
- [Prohibit anonymous access for specific user API endpoint](gitlab-org/gitlab@635002da5981dc88c0942bb11ae4a14e7601362f)
- [Respect disabled import sources when initiating import via API](gitlab-org/gitlab@0dec589a9811e4ed72002116fcc89ca65447cb72)
- [Prevent showing not allowed subgroup epics](gitlab-org/gitlab@c77693d4154db385a292b1a290598b145ac20a57) **GitLab Enterprise Edition**
- [Prevent moving epic issues to different group hierarchy](gitlab-org/gitlab@eefca514c7716dc7071de8a3de9567f1a97d66df) **GitLab Enterprise Edition**
- [Fix denial-of-service attack in Markdown parser](gitlab-org/gitlab@1315787019130f5e65ef00dc166721dd703a2908)
- [Enforce configured scopes for Oauth applications](gitlab-org/gitlab@31cc65d79b44e43108f7eeac06496c12cf9f8ee3)
### Performance (27 changes)
- [Set X-Requested-With for startup JS requests](gitlab-org/gitlab@5b10ead1fc4d7fdf8836f210a70825ba1834cd7b) ([merge request](gitlab-org/gitlab!72360))
- [Use Group linear ancestor scopes](gitlab-org/gitlab@e2664d387b9e50ea25253044bb6792983dd5992c) ([merge request](gitlab-org/gitlab!70708)) **GitLab Enterprise Edition**
- [Skip secure product metrics in service ping](gitlab-org/gitlab@a7895ff78405735fc0a9be4e9339f45aec7d6023) ([merge request](gitlab-org/gitlab!72198)) **GitLab Enterprise Edition**
- [Clean up failed archive when no more attempts left](gitlab-org/gitlab@22bdd739efbfabc999544aac0c17f6719024237e) ([merge request](gitlab-org/gitlab!71878))
- [Render gitaly-unavailable error for Tags page](gitlab-org/gitlab@9a20a93028cc1ff4e9191f3204549a2f71393705) ([merge request](gitlab-org/gitlab!71078))
- [Enable FF "reference_cache_memoization" by default](gitlab-org/gitlab@a1ad071bc5d8bb2a31545c90f02d91d4d78cf045) ([merge request](gitlab-org/gitlab!71731))
- [Enable FF "tags_finder_gitaly" by default](gitlab-org/gitlab@bf59b0925716dd5342cd9d77396ca0adf74d5ff3) ([merge request](gitlab-org/gitlab!71743))
- [Quarantine broken security_products_usage metrics](gitlab-org/gitlab@417a1319e87b37aea0b987736d2920e17a50f1b6) ([merge request](gitlab-org/gitlab!71722)) **GitLab Enterprise Edition**
- [Preload user project access in group API](gitlab-org/gitlab@c6bc7f71703844a96e0781da5c1e4d12ac2b0c23) ([merge request](gitlab-org/gitlab!71631))
- [User ParticipantService linear ancestor scopes](gitlab-org/gitlab@133206812814dbea34ad7c9673bcb8849d2497f3) ([merge request](gitlab-org/gitlab!70684))
- [Use GroupPlansPreloader linear ancestor scopes](gitlab-org/gitlab@5bffbad5917195c4eff72570a5798e5a5aa81d29) ([merge request](gitlab-org/gitlab!70685)) **GitLab Enterprise Edition**
- [Use specialized worker to refresh authorizations on group-share update](gitlab-org/gitlab@fa1d31ee1f88ba8d659f3d14ef06bc2867ee19ae) ([merge request](gitlab-org/gitlab!70361))
- [Disable BatchLoader replace_methods by default](gitlab-org/gitlab@cac51506144d441abf74026b788ee5c9fedb0452) ([merge request](gitlab-org/gitlab!71364))
- [Avoid loading project namespace for id](gitlab-org/gitlab@c5b9c6b5c600827f24b0d97bf30c97644abada19) ([merge request](gitlab-org/gitlab!71051))
- [Use MembersFinder ancestors linear scopes](gitlab-org/gitlab@ea414318775364ceeecc5d5a9b812fcdc5f7d758) ([merge request](gitlab-org/gitlab!70583))
- [Use ApplicationSetting ancestors linear scopes](gitlab-org/gitlab@d7aaa809a62bd5a9668f06fe554c1f12c8dbec66) ([merge request](gitlab-org/gitlab!70579)) **GitLab Enterprise Edition**
- [Disable replace_methods in users autocomplete](gitlab-org/gitlab@6d0b7babd98d253fe65153653a8e3ba23372ac7e) ([merge request](gitlab-org/gitlab!71262))
- [Remove priority sort from board list issues](gitlab-org/gitlab@30820e968005dafccf66be6fc5fe534bd8c05d4a) ([merge request](gitlab-org/gitlab!70674))
- [Use GroupTree ancestors linear scopes](gitlab-org/gitlab@c1f9f33079d41594f41507f830d90164caecc59d) ([merge request](gitlab-org/gitlab!70503))
- [Replace Group ancestors scope with linear version](gitlab-org/gitlab@bd908d325f2989e184c016bbf6ffa2f34ac9f7b3) ([merge request](gitlab-org/gitlab!70495))
- [Add concurrent index for selecting resource_group from ci_builds](gitlab-org/gitlab@f5fb3b4b90e0806453f7ffa418edf904d9c6632f) ([merge request](gitlab-org/gitlab!70911))
- [Skip keep_around commit callback if `skip_keep_around_commits` is true](gitlab-org/gitlab@7abd7d2d47888ea92459534a42734ac734bc0eef) ([merge request](gitlab-org/gitlab!69910))
- [Add index for vulnerability_occurrences image location](gitlab-org/gitlab@44e892e7f517e26ec52cdfb9d9b8c7552b20e761) ([merge request](gitlab-org/gitlab!70275))
- [Improve retrieving default branch of empty repos](gitlab-org/gitlab@c5ccb9261e05c38fbe0956bc563556481e32c783) ([merge request](gitlab-org/gitlab!70116))
- [Update pending builds namespace traversal ids](gitlab-org/gitlab@9aa02e07af6a936244b88b4c873a866cea4fb65e) ([merge request](gitlab-org/gitlab!70691))
- [Use specialized worker to refresh authorizations on project transfer](gitlab-org/gitlab@34f5f02a72b710cf97b6ed8526dc42b4c026aa07) ([merge request](gitlab-org/gitlab!70356))
- [Add a `uniq` filter to SHAs passed to the keep around service](gitlab-org/gitlab@e3b599c5bdcebd15b117e039b58e4c98349ac652) ([merge request](gitlab-org/gitlab!70323))
### Other (41 changes)
- [Remove feature flag for pipeline editor drawer](gitlab-org/gitlab@28f635fffc9f2db4d2c43bff9afac4b2b3f44bdc) ([merge request](gitlab-org/gitlab!72237))
- [Improve UX of group two factor grace period input](gitlab-org/gitlab@84208b270b1ce7148a1db0caaca50e2111348342) ([merge request](gitlab-org/gitlab!72280))
- [Remove metrics that keeps count of deleted container images](gitlab-org/gitlab@96806577b479cddf2e0e1b0a8a417702ee5e3865) by @edith007 ([merge request](gitlab-org/gitlab!70983)) **GitLab Enterprise Edition**
- [Remove metric that keeps track of published Debian packages](gitlab-org/gitlab@5193a7f3c2512c05cffab2627ae0a86f9a45a535) by @edith007 ([merge request](gitlab-org/gitlab!70988)) **GitLab Enterprise Edition**
- [Remove the FF ci_idempotent_pipeline_process_worker](gitlab-org/gitlab@30b3172abc9592c640412641f9f420201bcfc019) ([merge request](gitlab-org/gitlab!72297))
- [Remove metric that keeps track of downloaded container images](gitlab-org/gitlab@460b8f2e3a41a5fbf6e6ecfc83c4ead68c23a28c) by @edith007 ([merge request](gitlab-org/gitlab!70985)) **GitLab Enterprise Edition**
- [Add Google Analytics ID to gitlab_standard schema for snowplow](gitlab-org/gitlab@a9522b5e8afd76353fc9fb0d92d32e46b03b7f6f) ([merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/71242))
- [Remove metric that keeps track of published container images](gitlab-org/gitlab@2a4246d2ad491d1f96437a5277a7f0931dd8bf6c) by @edith007 ([merge request](gitlab-org/gitlab!70987)) **GitLab Enterprise Edition**
- [Remove the FF ci_include_rules](gitlab-org/gitlab@53e9d5fb9f1fd021566b1d2f5cd1556207be9194) ([merge request](gitlab-org/gitlab!72122))
- [Always use rate limiting Redis](gitlab-org/gitlab@5bc8987a710cc84aa399d99f3336523bffbc957f) ([merge request](gitlab-org/gitlab!72113))
- [Cleanup delete orphaned deployments background migration](gitlab-org/gitlab@233858c7e8e63cc3b3405621ceee8c73d73c8495) ([merge request](gitlab-org/gitlab!66600))
- [Remove feature flag disable_joins_upstream_downstream_projects](gitlab-org/gitlab@76d008a4d5b5bc4a08760e3d1c863b0668767c6b) ([merge request](gitlab-org/gitlab!71968))
- [Do not append hash to pseudonymized URL](gitlab-org/gitlab@768d0801050fe83d8e81a6abbf9cbf34bfb6534a) ([merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/71335))
- [Remove test summary widget usage ping feature flag](gitlab-org/gitlab@5d780fc9ec7b0dbfc6df1bed102c5b6006a409c6) ([merge request](gitlab-org/gitlab!71781))
- [Remove sync_namespace_name_with_cdot flag](gitlab-org/gitlab@467a39884503f3f387760b503943e447e8fa6c7e) ([merge request](gitlab-org/gitlab!71763))
- [Set `assumeImmutableResults` to `true` in access tokens Apollo config](gitlab-org/gitlab@a2d295513d9ba4a336997388b696302110bf12b5) by @imrishabh18 ([merge request](gitlab-org/gitlab!70873))
- [Remove unused struct field](gitlab-org/gitlab@916a647334b542ad4b011c28a511bc4a5dd9ac10) ([merge request](gitlab-org/gitlab!71738))
- [Re Reschedule Delete Orphaned Deployments BG migration](gitlab-org/gitlab@4fc0ad4eebce4f76bad344913cf16c340dfb0d62) ([merge request](gitlab-org/gitlab!71700))
- [Refactor compliance framework UI and documentation](gitlab-org/gitlab@0b3b96373f0633fd333f87d0446faa9657a9831b) ([merge request](gitlab-org/gitlab!70258)) **GitLab Enterprise Edition**
- [Remove the FF ci_pipeline_add_job_with_lock](gitlab-org/gitlab@7bb475a84b5411dd71cf04d62dc760837af432a6) ([merge request](gitlab-org/gitlab!71652))
- [Remove project authorizations API FF](gitlab-org/gitlab@6a4e306aa856dc9cbfb31d070f5edc20491ff10d) ([merge request](gitlab-org/gitlab!71638))
- [Revise UI text for Usage Statistics](gitlab-org/gitlab@6f7df4eabd0fe12bd735562b1c61704f62438d08) ([merge request](gitlab-org/gitlab!71473))
- [Removes `track_epic_boards_activity` feature flag](gitlab-org/gitlab@3a3c53a19f8e14a11872afc5bfbea9be1ebb7a7e) ([merge request](gitlab-org/gitlab!71552))
- [Remove pages_smart_check_outdated_sha feature flag](gitlab-org/gitlab@b68e407fe931b4c6c2912926c8a576448cba65ea) ([merge request](gitlab-org/gitlab!71530))
- [Additional tests of #work_in_progress?](gitlab-org/gitlab@bab351e939be61d330dc683bbeb638a132410079) ([merge request](gitlab-org/gitlab!71437))
- [Use varchar_pattern_ops indexes for labels](gitlab-org/gitlab@dbf00facaf0d5aab14455f524d0608a133abd14c) ([merge request](gitlab-org/gitlab!70770))
- [Update runner status descriptions](gitlab-org/gitlab@471c067f8de82a6ae83282cad16fec9dfed0fb30) ([merge request](gitlab-org/gitlab!71447))
- [Make build_id param as required when updating CI minutes async](gitlab-org/gitlab@fd716d443a31f7a22716c2feec11deb65f084d65) ([merge request](gitlab-org/gitlab!71297)) **GitLab Enterprise Edition**
- [Remove FF ci_remove_update_retried_from_process_pipeline](gitlab-org/gitlab@6d3b53f4fd3925ca38cf0c75e9941d60e23e71f3) ([merge request](gitlab-org/gitlab!71201))
- [Filter Welcome to GitLab console message from capybara](gitlab-org/gitlab@511d56f0fdbec074930037f587737d7066002a1c) by @leetickett ([merge request](gitlab-org/gitlab!71151))
- [Remove redundant index on taggings table](gitlab-org/gitlab@5124a0375265ede986eed631e9cfad7cf1400642) ([merge request](gitlab-org/gitlab!71083))
- [Update additional CI minute docs](gitlab-org/gitlab@1d74e66b394c9d5418f0d2f277bd61ddb3de1b98) ([merge request](gitlab-org/gitlab!70934))
- [Drop old int4 PK column for push_event_payloads](gitlab-org/gitlab@6e19f4eee1eafd432619d7fbf0d897ef2e622776) ([merge request](gitlab-org/gitlab!70920))
- [Drop old int4 PK column for events](gitlab-org/gitlab@2de6a4f4784f68e2a8e2680b1273d76f9ad21023) ([merge request](gitlab-org/gitlab!70915))
- [Remove foreign key from terraform_state_versions to ci_builds](gitlab-org/gitlab@1f99a8584dd7573c64e658712d504474404120f7) ([merge request](gitlab-org/gitlab!70743))
- [Drop old int4 PK columns for ci_sources_pipelines](gitlab-org/gitlab@fecfc17771721bd94dbb4a2ca60ce97f149e5e60) ([merge request](gitlab-org/gitlab!70896))
- [Drop old int4 PK columns for ci_job_artifacts](gitlab-org/gitlab@751d343ebf822966ec66bc59e954601ca6639a66) ([merge request](gitlab-org/gitlab!70884))
- [Cleanup bigint conversion for ci_builds_metadata](gitlab-org/gitlab@fbf66ae98289e7ad5b0d8a126b8b92d8a29aa8fb) ([merge request](gitlab-org/gitlab!69712))
- [Remove pipeline foreign keys from package tables](gitlab-org/gitlab@3b8d317b98a2054f2a6251b02940974bb3a74d5d) ([merge request](gitlab-org/gitlab!70614))
- [Cleanup bigint conversion for ci_builds](gitlab-org/gitlab@176992aa2b2e76b22637a07d5bafbd6541324a7d) ([merge request](gitlab-org/gitlab!70351))
- [Drop support for data-track-event](gitlab-org/gitlab@ac6027fbef6adf41643412a84945fda6f15c9666) ([merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/70234))
## 14.3.3 (2021-10-12)
@ -568,6 +973,39 @@ entry.
- [Remove the FF ci_reset_bridge_with_subsequent_jobs](gitlab-org/gitlab@a4a75095b9b0250d0b1bdadea90c8a4cd24449b2) ([merge request](gitlab-org/gitlab!68295))
- [Removes ci_same_stage_job_needs ff](gitlab-org/gitlab@5e509cf7aa90041a541b19dda563120a359f0bf9) ([merge request](gitlab-org/gitlab!68041))
## 14.2.5 (2021-09-30)
### Security (28 changes)
- [Require password param for 2FA changes](gitlab-org/security/gitlab@5693760a3edf82774a4e19b9bb561be87316be54) ([merge request](gitlab-org/security/gitlab!1815))
- [Fix permissions check on project members import](gitlab-org/security/gitlab@f9b4200427833e370638aa63851d6801a40c404c) ([merge request](gitlab-org/security/gitlab!1859))
- [Respect disabled import sources when initiating import via API](gitlab-org/security/gitlab@3c9af055ece281fcaab0b8dcc277e0ce9133ad31) ([merge request](gitlab-org/security/gitlab!1847))
- [Return 404 if model id wasn't passed to UploadsController](gitlab-org/security/gitlab@dd4616362040d2b812d69ff2ecf78e70ff4b9ae3) ([merge request](gitlab-org/security/gitlab!1844))
- [Scrub artifacts signed URL in SendEntry logs](gitlab-org/security/gitlab@41d275bb73943ba6f970d6678b49c9336194af35) ([merge request](gitlab-org/security/gitlab!1841))
- [Prevent double-impersonation and impersonation breakout](gitlab-org/security/gitlab@c0ab498adda057f4d87969d74c32a3ea95df297c) ([merge request](gitlab-org/security/gitlab!1835))
- [Clear session access tokens when starting/stopping impersonation](gitlab-org/security/gitlab@fd39d88b348d525818820d2496afe08612420023) ([merge request](gitlab-org/security/gitlab!1832))
- [Use validated URL when sending request to Gitea Importer](gitlab-org/security/gitlab@328e3c726c693b32666e0fb32eda0b7a6f22d8ad) ([merge request](gitlab-org/security/gitlab!1821))
- [Fix XSS in Jira link](gitlab-org/security/gitlab@868d8b9c4a1e9e9019a7ff51da11f75051e452c3) ([merge request](gitlab-org/security/gitlab!1817)) **GitLab Enterprise Edition**
- [Fix fogbugz importer DNS Rebind SSRF](gitlab-org/security/gitlab@4f4b5a15a3508084f921442b3a7f42ba0448f1bb) ([merge request](gitlab-org/security/gitlab!1681))
- [Remove related project access tokens when a project is deleted](gitlab-org/security/gitlab@282e81198f80f1fda912da5bc6f671d778b19ca9) ([merge request](gitlab-org/security/gitlab!1811))
- [Require group admin access to list pending invites](gitlab-org/security/gitlab@1ce85345787025222c915fe5fa314bad8994b6ba) ([merge request](gitlab-org/security/gitlab!1720))
- [Do not export and import repository_size_limit](gitlab-org/security/gitlab@359f14e41dfc355a13041cdf1dbcd082c254200c) ([merge request](gitlab-org/security/gitlab!1769))
- [Escapes MR approval rule names correctly](gitlab-org/security/gitlab@d84739982599197ff337d69d818634544270e142) ([merge request](gitlab-org/security/gitlab!1808))
- [Filter shared groups autocomplete by permitted](gitlab-org/security/gitlab@3a2b4c7ff1eb2ba3e84840ba2800c13d6491d726) ([merge request](gitlab-org/security/gitlab!1805)) **GitLab Enterprise Edition**
- [Require access token for git when 2fa is required](gitlab-org/security/gitlab@deb4e7e5f941c82450d382c1b85f6325e367394f) ([merge request](gitlab-org/security/gitlab!1795))
- [Disable exporting pipeline triggers on project export](gitlab-org/security/gitlab@417761bb2f67f03bfe803163bad97da7b9fa088b) ([merge request](gitlab-org/security/gitlab!1789))
- [Add pagination to dependencies API](gitlab-org/security/gitlab@2f84755ba54580df126054a561d8cc4731f936d3) ([merge request](gitlab-org/security/gitlab!1724)) **GitLab Enterprise Edition**
- [Permission check issuable template API data](gitlab-org/security/gitlab@a90614e2efc813ca5f13a9aa9b51f13f0e8934aa) ([merge request](gitlab-org/security/gitlab!1786)) **GitLab Enterprise Edition**
- [Apply account locking to password reset page](gitlab-org/security/gitlab@6bbd77c0748e59eacff51edb6264d6099ee14a38) ([merge request](gitlab-org/security/gitlab!1783))
- [Enforce configured scopes for Oauth applications](gitlab-org/security/gitlab@a9f44bb19cbfc460cd05627a80ef17c39cdde86b) ([merge request](gitlab-org/security/gitlab!1780))
- [Verify state before using errors from OAuth2 OmniAuth providers](gitlab-org/security/gitlab@6f70292d0fa3efbe99c44748a463df189830cc35) ([merge request](gitlab-org/security/gitlab!1777))
- [Prevent moving epic issues to different group hierarchy](gitlab-org/security/gitlab@979d40003794014d5930709a257e9a5c75df10e6) ([merge request](gitlab-org/security/gitlab!1773)) **GitLab Enterprise Edition**
- [Prevent showing not allowed subgroup epics](gitlab-org/security/gitlab@2f72e4062f6cd7256ffff31172b00c012a5910e1) ([merge request](gitlab-org/security/gitlab!1765)) **GitLab Enterprise Edition**
- [Do not allow status checks to exist with external protected branches](gitlab-org/security/gitlab@dd08837d054c574f94f80e806cc7b49de342cc57) ([merge request](gitlab-org/security/gitlab!1762)) **GitLab Enterprise Edition**
- [Fix GFM autocomplete xss](gitlab-org/security/gitlab@5afba618ef89fdce544f498a30e7366e3f6cb788) ([merge request](gitlab-org/security/gitlab!1747))
- [Prohibit anonymous access for specific user API endpoint](gitlab-org/security/gitlab@a813bd8a8f07ffa0477efd3a3936b436e5ec6b17) ([merge request](gitlab-org/security/gitlab!1736))
- [Fix denial-of-service attack in Markdown parser](gitlab-org/security/gitlab@f618ad9c104882ac5f707b162e8119805252019e) ([merge request](gitlab-org/security/gitlab!1729))
## 14.2.4 (2021-09-17)
### Fixed (2 changes)
@ -1159,6 +1597,45 @@ entry.
- [Add helpful text to URL group validation and limit text](gitlab-org/gitlab@59a5a6266cb0d5434596170ffa36e4e74b8d2c2c) ([merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/65369)) **GitLab Enterprise Edition**
- [Refactor external storage admin area configuration UI and docs](gitlab-org/gitlab@497ba4fc8f4ec1d234c9f5f1ec5c69712b8c7cb3) ([merge request](gitlab-org/gitlab!66219))
## 14.1.7 (2021-09-30)
### Security (28 changes)
- [Require password param for 2FA changes](gitlab-org/security/gitlab@4e16401a77264ef3127f0bb314fa0abab11216c7) ([merge request](gitlab-org/security/gitlab!1816))
- [Fix permissions check on project members import](gitlab-org/security/gitlab@be54b3f4890fa89d58cb02be79c65025f606bd6c) ([merge request](gitlab-org/security/gitlab!1860))
- [Respect disabled import sources when initiating import via API](gitlab-org/security/gitlab@b76b6229c93447954efc5719e6dd61eb601afdc4) ([merge request](gitlab-org/security/gitlab!1848))
- [Return 404 if model id wasn't passed to UploadsController](gitlab-org/security/gitlab@8ab1cfaafba21a9e90ef41677993af2afdcd920a) ([merge request](gitlab-org/security/gitlab!1845))
- [Scrub artifacts signed URL in SendEntry logs](gitlab-org/security/gitlab@5bae93b2f085d5dac58e411bffb5ca518fe7df98) ([merge request](gitlab-org/security/gitlab!1842))
- [Prevent double-impersonation and impersonation breakout](gitlab-org/security/gitlab@7c82d0f2a1dbfb0a23d6a5cdaee448307ffc6972) ([merge request](gitlab-org/security/gitlab!1836))
- [Clear session access tokens when starting/stopping impersonation](gitlab-org/security/gitlab@a4d529eb7c8eeb3e9c42ae3d81514d79a905cdb7) ([merge request](gitlab-org/security/gitlab!1833))
- [Use validated URL when sending request to Gitea Importer](gitlab-org/security/gitlab@b30536e6c9aa969c76bcd167f00db5a0e07ace7a) ([merge request](gitlab-org/security/gitlab!1820))
- [Fix XSS in Jira link](gitlab-org/security/gitlab@9ace10c46744ee220c649d2da0eeb3e99216ee7d) ([merge request](gitlab-org/security/gitlab!1625)) **GitLab Enterprise Edition**
- [Fix fogbugz importer DNS Rebind SSRF](gitlab-org/security/gitlab@9d7107665d6ed931ef4b2feeb0287bc71b89232c) ([merge request](gitlab-org/security/gitlab!1682))
- [Remove related project access tokens when a project is deleted](gitlab-org/security/gitlab@b86096865949f07f6a2020603959117d9c84877b) ([merge request](gitlab-org/security/gitlab!1812))
- [Require group admin access to list pending invites](gitlab-org/security/gitlab@404b344edd61b2f13c3498cd545c2b40165ee536) ([merge request](gitlab-org/security/gitlab!1721))
- [Do not export and import repository_size_limit](gitlab-org/security/gitlab@56f563980f944f1a5e3935ad82070e6719cd5a0c) ([merge request](gitlab-org/security/gitlab!1768))
- [Escapes MR approval rule names correctly](gitlab-org/security/gitlab@ea64f981ce70a0e1e6ee58e64a6007e82f48e071) ([merge request](gitlab-org/security/gitlab!1809))
- [Filter shared groups autocomplete by permitted](gitlab-org/security/gitlab@59999ab27cba402589b27d204cf29678100e948b) ([merge request](gitlab-org/security/gitlab!1806)) **GitLab Enterprise Edition**
- [Require access token for git when 2fa is required](gitlab-org/security/gitlab@6a4a75efd7685a69ffa7cc4c027c7058013cca45) ([merge request](gitlab-org/security/gitlab!1796))
- [Disable exporting pipeline triggers on project export](gitlab-org/security/gitlab@8a8c78ed054def210013a849195939d7888fcf65) ([merge request](gitlab-org/security/gitlab!1790))
- [Add pagination to dependencies API](gitlab-org/security/gitlab@2a963ad670c60d1f3078fdf446ea755c5862fa26) ([merge request](gitlab-org/security/gitlab!1725)) **GitLab Enterprise Edition**
- [Permission check issuable template API data](gitlab-org/security/gitlab@9d95d13bc714e46b5e3697288c4b398cb5aee88b) ([merge request](gitlab-org/security/gitlab!1787)) **GitLab Enterprise Edition**
- [Apply account locking to password reset page](gitlab-org/security/gitlab@47ee79b1983de886f5ebe04b2975c2e37aa938ce) ([merge request](gitlab-org/security/gitlab!1784))
- [Enforce configured scopes for Oauth applications](gitlab-org/security/gitlab@acf2d894c91aa7fb72ea32b10e50e94441885399) ([merge request](gitlab-org/security/gitlab!1781))
- [Verify state before using errors from OAuth2 OmniAuth providers](gitlab-org/security/gitlab@20073576508aa239e52d8ff911c1dfd3df8af670) ([merge request](gitlab-org/security/gitlab!1778))
- [Prevent moving epic issues to different group hierarchy](gitlab-org/security/gitlab@93c6ec69b7bc6c9124a2a5350cebebb57f63a28f) ([merge request](gitlab-org/security/gitlab!1774)) **GitLab Enterprise Edition**
- [Prevent showing not allowed subgroup epics](gitlab-org/security/gitlab@72a11e72425a033f3464d6ff12b4d06e12ec9faf) ([merge request](gitlab-org/security/gitlab!1766)) **GitLab Enterprise Edition**
- [Do not allow status checks to exist with external protected branches](gitlab-org/security/gitlab@8f96c013ccbbe9c52b3f03fb0d247debb1b157a8) ([merge request](gitlab-org/security/gitlab!1763)) **GitLab Enterprise Edition**
- [Fix GFM autocomplete xss](gitlab-org/security/gitlab@fd92dabddff5ae5d67a98aef5d858438520a2f06) ([merge request](gitlab-org/security/gitlab!1748))
- [Prohibit anonymous access for specific user API endpoint](gitlab-org/security/gitlab@2e8a386430309a931dbbd47fba7540a53399ad64) ([merge request](gitlab-org/security/gitlab!1737))
- [Fix denial-of-service attack in Markdown parser](gitlab-org/security/gitlab@5b6ed5212f880e2397dbea9ffc74cf0a35bd4411) ([merge request](gitlab-org/security/gitlab!1728))
## 14.1.6 (2021-09-27)
### Fixed (1 change)
- [Fix Elastic::MigrationWorker current_migration (2nd attempt)](gitlab-org/gitlab@f07c7a5f173a2fc053247664f21c03d29df543a4) ([merge request](gitlab-org/gitlab!71187)) **GitLab Enterprise Edition**
## 14.1.5 (2021-09-02)
### Fixed (1 change)
@ -1796,6 +2273,12 @@ entry.
- [Remove diffs gradual load feature flag](gitlab-org/gitlab@027d7c4327b5b6205a84281239027273517bf81b) ([merge request](gitlab-org/gitlab!55478))
- [Remove partial index for Hashed Storage migration](gitlab-org/gitlab@3ed017a1023d7b0941a7606b69e6caee8d22f15c) ([merge request](gitlab-org/gitlab!62920))
## 14.0.11 (2021-09-23)
### Fixed (1 change)
- [Fix Elastic::MigrationWorker current_migration](gitlab-org/gitlab@0b72aace30bff0fda7a114862ec1e389ddaa5ead) ([merge request](gitlab-org/gitlab!71101)) **GitLab Enterprise Edition**
## 14.0.10 (2021-09-02)
No changes.
@ -2561,6 +3044,10 @@ No changes.
- [Add missing metrics information](gitlab-org/gitlab@89cd7fe3b95323e635b2d73e08549b2e6153dc4d) ([merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/61772/edit))
- [Track usage of the resolve UI](gitlab-org/gitlab@35c8e30fce288cecefcf2f7c0077d4608e696519) ([merge request](gitlab-org/gitlab!61654))
## 13.12.12 (2021-09-21)
No changes.
## 13.12.11 (2021-09-02)
No changes.

2
GITALY_SERVER_VERSION
View file

@ -1 +1 @@
14.3.4
14.4.2

2
GITLAB_ELASTICSEARCH_INDEXER_VERSION
View file

@ -1 +1 @@
2.13.0
2.16.0

2
GITLAB_KAS_VERSION
View file

@ -1 +1 @@
14.3.3
14.4.0

2
GITLAB_PAGES_VERSION
View file

@ -1 +1 @@
1.44.0
1.46.0

24
Gemfile
View file

@ -2,7 +2,7 @@
source 'https://rubygems.org'
gem 'rails', '~> 6.1.3.2'
gem 'rails', '~> 6.1.4.1'
gem 'bootsnap', '~> 1.4.6'
@ -92,7 +92,7 @@ gem 'net-ldap', '~> 0.16.3'
# API
gem 'grape', '~> 1.5.2'
gem 'grape-entity', '~> 0.9.0'
gem 'grape-entity', '~> 0.10.0'
gem 'rack-cors', '~> 1.0.6', require: 'rack/cors'
# GraphQL API
@ -129,7 +129,7 @@ gem 'fog-local', '~> 0.6'
gem 'fog-openstack', '~> 1.0'
gem 'fog-rackspace', '~> 0.1.1'
gem 'fog-aliyun', '~> 0.3'
gem 'gitlab-fog-azure-rm', '~> 1.1.1', require: false
gem 'gitlab-fog-azure-rm', '~> 1.2.0', require: false
# for Google storage
gem 'google-api-client', '~> 0.33'
@ -154,7 +154,7 @@ gem 'html-pipeline', '~> 2.13.2'
gem 'deckar01-task_list', '2.3.1'
gem 'gitlab-markup', '~> 1.7.1'
gem 'github-markup', '~> 1.7.0', require: 'github/markup'
gem 'commonmarker', '~> 0.21'
gem 'commonmarker', '~> 0.23.2'
gem 'kramdown', '~> 2.3.1'
gem 'RedCloth', '~> 4.3.2'
gem 'rdoc', '~> 6.3.2'
@ -165,7 +165,7 @@ gem 'asciidoctor', '~> 2.0.10'
gem 'asciidoctor-include-ext', '~> 0.3.1', require: false
gem 'asciidoctor-plantuml', '~> 0.0.12'
gem 'asciidoctor-kroki', '~> 0.5.0', require: false
gem 'rouge', '~> 3.26.0'
gem 'rouge', '~> 3.26.1'
gem 'truncato', '~> 0.7.11'
gem 'bootstrap_form', '~> 4.2.0'
gem 'nokogiri', '~> 1.11.4'
@ -195,10 +195,10 @@ gem 'state_machines-activerecord', '~> 0.8.0'
gem 'acts-as-taggable-on', '~> 7.0'
# Background jobs
gem 'sidekiq', '~> 5.2.7'
gem 'sidekiq', '~> 6.2.2'
gem 'sidekiq-cron', '~> 1.0'
gem 'redis-namespace', '~> 1.8.1'
gem 'gitlab-sidekiq-fetcher', '0.5.6', require: 'sidekiq-reliable-fetch'
gem 'gitlab-sidekiq-fetcher', '0.8.0', require: 'sidekiq-reliable-fetch'
# Cron Parser
gem 'fugit', '~> 1.2.1'
@ -229,7 +229,7 @@ gem 'js_regex', '~> 3.7'
gem 'device_detector'
# Redis
gem 'redis', '~> 4.1.4'
gem 'redis', '~> 4.4.0'
gem 'connection_pool', '~> 2.0'
# Redis session store
@ -341,7 +341,7 @@ group :development do
gem 'lefthook', '~> 0.7.0', require: false
gem 'solargraph', '~> 0.43', require: false
gem 'letter_opener_web', '~> 1.4.0'
gem 'letter_opener_web', '~> 1.4.1'
# Better errors handler
gem 'better_errors', '~> 2.9.0'
@ -355,7 +355,7 @@ group :development, :test do
gem 'bullet', '~> 6.1.3'
gem 'pry-byebug'
gem 'pry-rails', '~> 0.3.9'
gem 'pry-shell', '~> 0.4.0'
gem 'pry-shell', '~> 0.5.0'
gem 'awesome_print', require: false
@ -424,7 +424,7 @@ group :test do
gem 'webmock', '~> 3.9.1'
gem 'rails-controller-testing'
gem 'concurrent-ruby', '~> 1.1'
gem 'test-prof', '~> 0.12.0'
gem 'test-prof', '~> 1.0.7'
gem 'rspec_junit_formatter'
gem 'guard-rspec'
@ -474,7 +474,7 @@ end
gem 'spamcheck', '~> 0.1.0'
# Gitaly GRPC protocol definitions
gem 'gitaly', '~> 14.3.0.pre.rc1'
gem 'gitaly', '~> 14.3.0.pre.rc2'
# KAS GRPC protocol definitions
gem 'kas-grpc', '~> 0.0.2'

180
Gemfile.lock
View file

@ -11,63 +11,63 @@ GEM
RedCloth (4.3.2)
acme-client (2.0.6)
faraday (>= 0.17, < 2.0.0)
actioncable (6.1.3.2)
actionpack (= 6.1.3.2)
activesupport (= 6.1.3.2)
actioncable (6.1.4.1)
actionpack (= 6.1.4.1)
activesupport (= 6.1.4.1)
nio4r (~> 2.0)
websocket-driver (>= 0.6.1)
actionmailbox (6.1.3.2)
actionpack (= 6.1.3.2)
activejob (= 6.1.3.2)
activerecord (= 6.1.3.2)
activestorage (= 6.1.3.2)
activesupport (= 6.1.3.2)
actionmailbox (6.1.4.1)
actionpack (= 6.1.4.1)
activejob (= 6.1.4.1)
activerecord (= 6.1.4.1)
activestorage (= 6.1.4.1)
activesupport (= 6.1.4.1)
mail (>= 2.7.1)
actionmailer (6.1.3.2)
actionpack (= 6.1.3.2)
actionview (= 6.1.3.2)
activejob (= 6.1.3.2)
activesupport (= 6.1.3.2)
actionmailer (6.1.4.1)
actionpack (= 6.1.4.1)
actionview (= 6.1.4.1)
activejob (= 6.1.4.1)
activesupport (= 6.1.4.1)
mail (~> 2.5, >= 2.5.4)
rails-dom-testing (~> 2.0)
actionpack (6.1.3.2)
actionview (= 6.1.3.2)
activesupport (= 6.1.3.2)
actionpack (6.1.4.1)
actionview (= 6.1.4.1)
activesupport (= 6.1.4.1)
rack (~> 2.0, >= 2.0.9)
rack-test (>= 0.6.3)
rails-dom-testing (~> 2.0)
rails-html-sanitizer (~> 1.0, >= 1.2.0)
actiontext (6.1.3.2)
actionpack (= 6.1.3.2)
activerecord (= 6.1.3.2)
activestorage (= 6.1.3.2)
activesupport (= 6.1.3.2)
actiontext (6.1.4.1)
actionpack (= 6.1.4.1)
activerecord (= 6.1.4.1)
activestorage (= 6.1.4.1)
activesupport (= 6.1.4.1)
nokogiri (>= 1.8.5)
actionview (6.1.3.2)
activesupport (= 6.1.3.2)
actionview (6.1.4.1)
activesupport (= 6.1.4.1)
builder (~> 3.1)
erubi (~> 1.4)
rails-dom-testing (~> 2.0)
rails-html-sanitizer (~> 1.1, >= 1.2.0)
activejob (6.1.3.2)
activesupport (= 6.1.3.2)
activejob (6.1.4.1)
activesupport (= 6.1.4.1)
globalid (>= 0.3.6)
activemodel (6.1.3.2)
activesupport (= 6.1.3.2)
activerecord (6.1.3.2)
activemodel (= 6.1.3.2)
activesupport (= 6.1.3.2)
activemodel (6.1.4.1)
activesupport (= 6.1.4.1)
activerecord (6.1.4.1)
activemodel (= 6.1.4.1)
activesupport (= 6.1.4.1)
activerecord-explain-analyze (0.1.0)
activerecord (>= 4)
pg
activestorage (6.1.3.2)
actionpack (= 6.1.3.2)
activejob (= 6.1.3.2)
activerecord (= 6.1.3.2)
activesupport (= 6.1.3.2)
activestorage (6.1.4.1)
actionpack (= 6.1.4.1)
activejob (= 6.1.4.1)
activerecord (= 6.1.4.1)
activesupport (= 6.1.4.1)
marcel (~> 1.0.0)
mini_mime (~> 1.0.2)
activesupport (6.1.3.2)
mini_mime (>= 1.1.0)
activesupport (6.1.4.1)
concurrent-ruby (~> 1.0, >= 1.0.2)
i18n (>= 1.6, < 2)
minitest (>= 5.1)
@ -200,8 +200,7 @@ GEM
open4 (~> 1.3)
coderay (1.1.3)
colored2 (3.1.2)
commonmarker (0.21.0)
ruby-enum (~> 0.5)
commonmarker (0.23.2)
concurrent-ruby (1.1.9)
connection_pool (2.2.2)
contracts (0.11.0)
@ -453,7 +452,7 @@ GEM
rails (>= 3.2.0)
git (1.7.0)
rchardet (~> 1.8)
gitaly (14.3.0.pre.rc1)
gitaly (14.3.0.pre.rc2)
grpc (~> 1.0)
github-markup (1.7.0)
gitlab (4.16.1)
@ -468,7 +467,7 @@ GEM
activesupport (>= 3.0)
request_store (>= 1.0)
scientist (~> 1.6, >= 1.6.0)
gitlab-fog-azure-rm (1.1.1)
gitlab-fog-azure-rm (1.2.0)
azure-storage-blob (~> 2.0)
azure-storage-common (~> 2.0)
fog-core (= 2.1.0)
@ -491,8 +490,8 @@ GEM
addressable (~> 2.7)
omniauth (~> 1.9)
openid_connect (~> 1.2)
gitlab-sidekiq-fetcher (0.5.6)
sidekiq (~> 5)
gitlab-sidekiq-fetcher (0.8.0)
sidekiq (~> 6.1)
gitlab-styles (6.3.0)
rubocop (~> 0.91, >= 0.91.1)
rubocop-gitlab-security (~> 0.1.1)
@ -506,8 +505,8 @@ GEM
omniauth (~> 1.3)
pyu-ruby-sasl (>= 0.0.3.3, < 0.1)
rubyntlm (~> 0.5)
globalid (0.4.2)
activesupport (>= 4.2.0)
globalid (0.5.2)
activesupport (>= 5.0)
gon (6.4.0)
actionpack (>= 3.0.20)
i18n (>= 0.7)
@ -543,7 +542,7 @@ GEM
mustermann-grape (~> 1.0.0)
rack (>= 1.3.0)
rack-accept
grape-entity (0.9.0)
grape-entity (0.10.0)
activesupport (>= 3.0.0)
multi_json (>= 1.3.2)
grape-path-helpers (1.7.0)
@ -700,7 +699,7 @@ GEM
lefthook (0.7.5)
letter_opener (1.7.0)
launchy (~> 2.2)
letter_opener_web (1.4.0)
letter_opener_web (1.4.1)
actionmailer (>= 3.2)
letter_opener (~> 1.0)
railties (>= 3.2)
@ -747,7 +746,7 @@ GEM
mime-types-data (3.2020.0512)
mini_histogram (0.3.1)
mini_magick (4.10.1)
mini_mime (1.0.2)
mini_mime (1.1.1)
mini_portile2 (2.5.3)
minitest (5.11.3)
mixlib-cli (2.1.8)
@ -784,7 +783,7 @@ GEM
net-ssh (>= 2.6.5, < 7.0.0)
net-ssh (6.0.0)
netrc (0.11.0)
nio4r (2.5.4)
nio4r (2.5.8)
no_proxy_fix (0.1.2)
nokogiri (1.11.7)
mini_portile2 (~> 2.5.0)
@ -908,7 +907,7 @@ GEM
peek (1.1.0)
railties (>= 4.0.0)
pg (1.2.3)
pg_query (2.1.0)
pg_query (2.1.1)
google-protobuf (>= 3.17.1)
plist (3.6.0)
png_quantizator (0.2.1)
@ -934,7 +933,7 @@ GEM
pry (~> 0.13.0)
pry-rails (0.3.9)
pry (>= 0.10.4)
pry-shell (0.4.1)
pry-shell (0.5.0)
pry (~> 0.13.0)
tty-markdown
tty-prompt
@ -960,27 +959,25 @@ GEM
httpclient
json-jwt (>= 1.11.0)
rack (>= 2.1.0)
rack-protection (2.0.5)
rack
rack-proxy (0.6.0)
rack
rack-test (1.1.0)
rack (>= 1.0, < 3)
rack-timeout (0.5.2)
rails (6.1.3.2)
actioncable (= 6.1.3.2)
actionmailbox (= 6.1.3.2)
actionmailer (= 6.1.3.2)
actionpack (= 6.1.3.2)
actiontext (= 6.1.3.2)
actionview (= 6.1.3.2)
activejob (= 6.1.3.2)
activemodel (= 6.1.3.2)
activerecord (= 6.1.3.2)
activestorage (= 6.1.3.2)
activesupport (= 6.1.3.2)
rails (6.1.4.1)
actioncable (= 6.1.4.1)
actionmailbox (= 6.1.4.1)
actionmailer (= 6.1.4.1)
actionpack (= 6.1.4.1)
actiontext (= 6.1.4.1)
actionview (= 6.1.4.1)
activejob (= 6.1.4.1)
activemodel (= 6.1.4.1)
activerecord (= 6.1.4.1)
activestorage (= 6.1.4.1)
activesupport (= 6.1.4.1)
bundler (>= 1.15.0)
railties (= 6.1.3.2)
railties (= 6.1.4.1)
sprockets-rails (>= 2.0.0)
rails-controller-testing (1.0.5)
actionpack (>= 5.0.1.rc1)
@ -994,11 +991,11 @@ GEM
rails-i18n (6.0.0)
i18n (>= 0.7, < 2)
railties (>= 6.0.0, < 7)
railties (6.1.3.2)
actionpack (= 6.1.3.2)
activesupport (= 6.1.3.2)
railties (6.1.4.1)
actionpack (= 6.1.4.1)
activesupport (= 6.1.4.1)
method_source
rake (>= 0.8.7)
rake (>= 0.13)
thor (~> 1.0)
rainbow (3.0.0)
rake (13.0.6)
@ -1018,7 +1015,7 @@ GEM
recaptcha (4.13.1)
json
recursive-open-struct (1.1.3)
redis (4.1.4)
redis (4.4.0)
redis-actionpack (5.2.0)
actionpack (>= 5, < 7)
redis-rack (>= 2.1.0, < 3)
@ -1052,7 +1049,7 @@ GEM
rexml (3.2.5)
rinku (2.0.0)
rotp (6.2.0)
rouge (3.26.0)
rouge (3.26.1)
rqrcode (0.7.0)
chunky_png
rqrcode-rails3 (0.1.7)
@ -1116,8 +1113,6 @@ GEM
rubocop-rspec (1.44.1)
rubocop (~> 0.87)
rubocop-ast (>= 0.7.1)
ruby-enum (0.8.0)
i18n
ruby-fogbugz (0.2.1)
crack (~> 0.4)
ruby-magic (0.4.0)
@ -1175,11 +1170,10 @@ GEM
shellany (0.0.1)
shoulda-matchers (4.0.1)
activesupport (>= 4.2.0)
sidekiq (5.2.9)
connection_pool (~> 2.2, >= 2.2.2)
sidekiq (6.2.2)
connection_pool (>= 2.2.2)
rack (~> 2.0)
rack-protection (>= 1.5.0)
redis (>= 3.3.5, < 4.2)
redis (>= 4.2.0)
sidekiq-cron (1.0.4)
fugit (~> 1.1)
sidekiq (>= 4.2.1)
@ -1257,7 +1251,7 @@ GEM
unicode-display_width (~> 1.1, >= 1.1.1)
terser (1.0.2)
execjs (>= 0.3.0, < 3)
test-prof (0.12.0)
test-prof (1.0.7)
test_file_finder (0.1.4)
faraday (~> 1.0)
text (1.3.1)
@ -1357,7 +1351,7 @@ GEM
crack (>= 0.3.2)
hashdiff (>= 0.4.0, < 2.0.0)
webrick (1.6.1)
websocket-driver (0.7.3)
websocket-driver (0.7.5)
websocket-extensions (>= 0.1.0)
websocket-extensions (0.1.5)
wikicloth (0.8.1)
@ -1414,7 +1408,7 @@ DEPENDENCIES
capybara-screenshot (~> 1.0.22)
carrierwave (~> 1.3)
charlock_holmes (~> 0.7.7)
commonmarker (~> 0.21)
commonmarker (~> 0.23.2)
concurrent-ruby (~> 1.1)
connection_pool (~> 2.0)
countries (~> 3.0)
@ -1464,19 +1458,19 @@ DEPENDENCIES
gettext (~> 3.3)
gettext_i18n_rails (~> 1.8.0)
gettext_i18n_rails_js (~> 1.3)
gitaly (~> 14.3.0.pre.rc1)
gitaly (~> 14.3.0.pre.rc2)
github-markup (~> 1.7.0)
gitlab-chronic (~> 0.10.5)
gitlab-dangerfiles (~> 2.3.0)
gitlab-experiment (~> 0.6.4)
gitlab-fog-azure-rm (~> 1.1.1)
gitlab-fog-azure-rm (~> 1.2.0)
gitlab-labkit (~> 0.21.1)
gitlab-license (~> 2.0)
gitlab-mail_room (~> 0.0.9)
gitlab-markup (~> 1.7.1)
gitlab-net-dns (~> 0.9.1)
gitlab-omniauth-openid-connect (~> 0.8.0)
gitlab-sidekiq-fetcher (= 0.5.6)
gitlab-sidekiq-fetcher (= 0.8.0)
gitlab-styles (~> 6.3.0)
gitlab_chronic_duration (~> 0.10.6.2)
gitlab_omniauth-ldap (~> 2.1.1)
@ -1485,7 +1479,7 @@ DEPENDENCIES
google-protobuf (~> 3.17.1)
gpgme (~> 2.0.19)
grape (~> 1.5.2)
grape-entity (~> 0.9.0)
grape-entity (~> 0.10.0)
grape-path-helpers (~> 1.7.0)
grape_logging (~> 1.7)
graphiql-rails (~> 1.4.10)
@ -1518,7 +1512,7 @@ DEPENDENCIES
kramdown (~> 2.3.1)
kubeclient (~> 4.9.2)
lefthook (~> 0.7.0)
letter_opener_web (~> 1.4.0)
letter_opener_web (~> 1.4.1)
license_finder (~> 6.0)
licensee (~> 9.14.1)
lockbox (~> 0.6.2)
@ -1570,7 +1564,7 @@ DEPENDENCIES
prometheus-client-mmap (~> 0.15.0)
pry-byebug
pry-rails (~> 0.3.9)
pry-shell (~> 0.4.0)
pry-shell (~> 0.5.0)
puma (~> 5.3.1)
puma_worker_killer (~> 0.3.1)
rack (~> 2.2.3)
@ -1579,7 +1573,7 @@ DEPENDENCIES
rack-oauth2 (~> 1.16.0)
rack-proxy (~> 0.6.0)
rack-timeout (~> 0.5.1)
rails (~> 6.1.3.2)
rails (~> 6.1.4.1)
rails-controller-testing
rails-i18n (~> 6.0)
rainbow (~> 3.0)
@ -1588,14 +1582,14 @@ DEPENDENCIES
rdoc (~> 6.3.2)
re2 (~> 1.2.0)
recaptcha (~> 4.11)
redis (~> 4.1.4)
redis (~> 4.4.0)
redis-actionpack (~> 5.2.0)
redis-namespace (~> 1.8.1)
request_store (~> 1.5)
responders (~> 3.0)
retriable (~> 3.1.2)
rexml (~> 3.2.5)
rouge (~> 3.26.0)
rouge (~> 3.26.1)
rqrcode-rails3 (~> 0.1.7)
rspec-parameterized
rspec-rails (~> 5.0.1)
@ -1617,7 +1611,7 @@ DEPENDENCIES
sentry-raven (~> 3.1)
settingslogic (~> 2.0.9)
shoulda-matchers (~> 4.0.1)
sidekiq (~> 5.2.7)
sidekiq (~> 6.2.2)
sidekiq-cron (~> 1.0)
simple_po_parser (~> 1.1.2)
simplecov (~> 0.18.5)
@ -1634,7 +1628,7 @@ DEPENDENCIES
state_machines-activerecord (~> 0.8.0)
sys-filesystem (~> 1.1.6)
terser (= 1.0.2)
test-prof (~> 0.12.0)
test-prof (~> 1.0.7)
test_file_finder (~> 0.1.3)
thin (~> 1.8.0)
thrift (>= 0.14.0)

4
README.md
View file

@ -68,7 +68,7 @@ GitLab is an open source project and we are very happy to accept community contr
## Install a development environment
To work on GitLab itself, we recommend setting up your development environment with [the GitLab Development Kit](https://gitlab.com/gitlab-org/gitlab-development-kit).
If you do not use the GitLab Development Kit you need to install and setup all the dependencies yourself, this is a lot of work and error prone.
If you do not use the GitLab Development Kit you need to install and configure all the dependencies yourself, this is a lot of work and error prone.
One small thing you also have to do when installing it yourself is to copy the example development Puma configuration file:
cp config/puma.rb.example.development config/puma.rb
@ -81,7 +81,7 @@ GitLab is a Ruby on Rails application that runs on the following software:
- Ubuntu/Debian/CentOS/RHEL/OpenSUSE
- Ruby (MRI) 2.7.4
- Git 2.31+
- Git 2.33+
- Redis 5.0+
- PostgreSQL 12+

2
VERSION
View file

@ -1 +1 @@
14.3.4
14.4.2

14
app/assets/images/logos/zentao.svg Normal file
View file

@ -0,0 +1,14 @@
<svg xmlns="http://www.w3.org/2000/svg" width="16px" height="16px" fill="none">
<path fill="url(#SVGID_1_)" d="M8,1C4.1,1,1,4.1,1,8s3.1,7,7,7s7-3.1,7-7S11.9,1,8,1L8,1z M11.3,8.2C9.8,7.7,7.9,6.1,5.8,7.6
C4,8.9,4.8,11.1,6,11.8c0.9,0.6,2.3,0.7,3,0.1C9.7,11.4,10,10,9,9.5C8.6,9.4,7.9,9.3,7.5,9.8c-0.5,0.6-0.3,1.4,0.4,1.7
c0,0-1.2-0.1-1.4-1.3C6.2,7.9,9,7.6,10.3,8.4c2.4,1.5,1.5,4.8-2,5.4c-1.8,0.3-4.8-0.3-5.9-2.7c-0.4-0.9-0.3-0.7-0.3-0.7
c0.1,0.1,0.3,0.3,0.4,0.4c0.8,0.6,1.6,0.1,1.4-0.8C3.3,7.2,4.4,6.7,5.1,6.2s0.4-1.5-0.9-1.3c-1.9,0.3-2.4,3-2.4,3s-0.3-4.6,3.7-5
c4.1-0.4,4.7,3.2,6.5,3.7c2.5,0.8,1.3-2.6,1.3-2.6s1.1,1.7,0.6,3.2C13.5,8.2,12.3,8.5,11.3,8.2z" />
<defs>
<linearGradient id="SVGID_1_" gradientUnits="userSpaceOnUse" x1="8" y1="-271.1102" x2="8" y2="-257.1102"
gradientTransform="matrix(1 0 0 -1 0 -256.1102)">
<stop offset="0" style="stop-color:#445470" />
<stop offset="1" style="stop-color:#7A869A" />
</linearGradient>
</defs>
</svg>
Side by side

After

Width:  |  Height:  |  Size: 1,016 B

2
app/assets/javascripts/access_tokens/index.js
View file

@ -49,7 +49,7 @@ export const initProjectsField = () => {
{ default: createDefaultClient },
]) => {
const apolloProvider = new VueApollo({
defaultClient: createDefaultClient(),
defaultClient: createDefaultClient({}, { assumeImmutableResults: true }),
});
Vue.use(VueApollo);

4
app/assets/javascripts/admin/users/components/actions/delete.vue
View file

@ -14,7 +14,7 @@ export default {
type: Object,
required: true,
},
oncallSchedules: {
userDeletionObstacles: {
type: Array,
required: false,
default: () => [],
@ -29,7 +29,7 @@ export default {
:username="username"
:paths="paths"
:delete-path="paths.delete"
:oncall-schedules="oncallSchedules"
:user-deletion-obstacles="userDeletionObstacles"
>
<slot></slot>
</shared-delete-action>

4
app/assets/javascripts/admin/users/components/actions/delete_with_contributions.vue
View file

@ -14,7 +14,7 @@ export default {
type: Object,
required: true,
},
oncallSchedules: {
userDeletionObstacles: {
type: Array,
required: false,
default: () => [],
@ -29,7 +29,7 @@ export default {
:username="username"
:paths="paths"
:delete-path="paths.deleteWithContributions"
:oncall-schedules="oncallSchedules"
:user-deletion-obstacles="userDeletionObstacles"
>
<slot></slot>
</shared-delete-action>

4
app/assets/javascripts/admin/users/components/actions/shared/shared_delete_action.vue
View file

@ -22,7 +22,7 @@ export default {
type: String,
required: true,
},
oncallSchedules: {
userDeletionObstacles: {
type: Array,
required: true,
},
@ -34,7 +34,7 @@ export default {
'data-delete-user-url': this.deletePath,
'data-gl-modal-action': this.modalType,
'data-username': this.username,
'data-oncall-schedules': JSON.stringify(this.oncallSchedules),
'data-user-deletion-obstacles': JSON.stringify(this.userDeletionObstacles),
};
},
},

18
app/assets/javascripts/admin/users/components/modals/delete_user_modal.vue
View file

@ -2,7 +2,7 @@
import { GlModal, GlButton, GlFormInput, GlSprintf } from '@gitlab/ui';
import * as Sentry from '@sentry/browser';
import { s__, sprintf } from '~/locale';
import OncallSchedulesList from '~/vue_shared/components/oncall_schedules_list.vue';
import UserDeletionObstaclesList from '~/vue_shared/components/user_deletion_obstacles/user_deletion_obstacles_list.vue';
export default {
components: {
@ -10,7 +10,7 @@ export default {
GlButton,
GlFormInput,
GlSprintf,
OncallSchedulesList,
UserDeletionObstaclesList,
},
props: {
title: {
@ -45,7 +45,7 @@ export default {
type: String,
required: true,
},
oncallSchedules: {
userDeletionObstacles: {
type: String,
required: false,
default: '[]',
@ -66,9 +66,9 @@ export default {
canSubmit() {
return this.enteredUsername === this.username;
},
schedules() {
obstacles() {
try {
return JSON.parse(this.oncallSchedules);
return JSON.parse(this.userDeletionObstacles);
} catch (e) {
Sentry.captureException(e);
}
@ -112,12 +112,16 @@ export default {
</gl-sprintf>
</p>
<oncall-schedules-list v-if="schedules.length" :schedules="schedules" :user-name="username" />
<user-deletion-obstacles-list
v-if="obstacles.length"
:obstacles="obstacles"
:user-name="username"
/>
<p>
<gl-sprintf :message="s__('AdminUsers|To confirm, type %{username}')">
<template #username>
<code>{{ username }}</code>
<code class="gl-white-space-pre-wrap">{{ username }}</code>
</template>
</gl-sprintf>
</p>

6
app/assets/javascripts/admin/users/components/user_actions.vue
View file

@ -9,6 +9,7 @@ import {
} from '@gitlab/ui';
import { convertArrayToCamelCase } from '~/lib/utils/common_utils';
import { capitalizeFirstCharacter } from '~/lib/utils/text_utility';
import { parseUserDeletionObstacles } from '~/vue_shared/components/user_deletion_obstacles/utils';
import { I18N_USER_ACTIONS } from '../constants';
import { generateUserPaths } from '../utils';
import Actions from './actions';
@ -72,6 +73,9 @@ export default {
href: this.userPaths.edit,
};
},
obstaclesForUserDeletion() {
return parseUserDeletionObstacles(this.user);
},
},
methods: {
isLdapAction(action) {
@ -141,7 +145,7 @@ export default {
:key="action"
:paths="userPaths"
:username="user.name"
:oncall-schedules="user.oncallSchedules"
:user-deletion-obstacles="obstaclesForUserDeletion"
:data-testid="`delete-${action}`"
>
{{ $options.i18n[action] }}

91
app/assets/javascripts/analytics/shared/components/projects_dropdown_filter.vue
View file

@ -15,6 +15,8 @@ import { DEFAULT_DEBOUNCE_AND_THROTTLE_MS } from '~/lib/utils/constants';
import { n__, s__, __ } from '~/locale';
import getProjects from '../graphql/projects.query.graphql';
const sortByProjectName = (projects = []) => projects.sort((a, b) => a.name.localeCompare(b.name));
export default {
name: 'ProjectsDropdownFilter',
components: {
@ -88,6 +90,9 @@ export default {
selectedProjectIds() {
return this.selectedProjects.map((p) => p.id);
},
hasSelectedProjects() {
return Boolean(this.selectedProjects.length);
},
availableProjects() {
return filterBySearchTerm(this.projects, this.searchTerm);
},
@ -95,6 +100,12 @@ export default {
const { loading, availableProjects } = this;
return !loading && !availableProjects.length;
},
selectedItems() {
return sortByProjectName(this.selectedProjects);
},
unselectedItems() {
return this.availableProjects.filter(({ id }) => !this.selectedProjectIds.includes(id));
},
},
watch: {
searchTerm() {
@ -105,44 +116,53 @@ export default {
this.search();
},
methods: {
handleUpdatedSelectedProjects() {
this.$emit('selected', this.selectedProjects);
},
search: debounce(function debouncedSearch() {
this.fetchData();
}, DEFAULT_DEBOUNCE_AND_THROTTLE_MS),
getSelectedProjects(selectedProject, isMarking) {
return isMarking
getSelectedProjects(selectedProject, isSelected) {
return isSelected
? this.selectedProjects.concat([selectedProject])
: this.selectedProjects.filter((project) => project.id !== selectedProject.id);
},
singleSelectedProject(selectedObj, isMarking) {
return isMarking ? [selectedObj] : [];
},
setSelectedProjects(selectedObj, isMarking) {
setSelectedProjects(project) {
this.selectedProjects = this.multiSelect
? this.getSelectedProjects(selectedObj, isMarking)
: this.singleSelectedProject(selectedObj, isMarking);
? this.getSelectedProjects(project, !this.isProjectSelected(project))
: this.singleSelectedProject(project, !this.isProjectSelected(project));
},
onClick({ project, isSelected }) {
this.setSelectedProjects(project, !isSelected);
this.$emit('selected', this.selectedProjects);
onClick(project) {
this.setSelectedProjects(project);
this.handleUpdatedSelectedProjects();
},
onMultiSelectClick({ project, isSelected }) {
this.setSelectedProjects(project, !isSelected);
onMultiSelectClick(project) {
this.setSelectedProjects(project);
this.isDirty = true;
},
onSelected(ev) {
onSelected(project) {
if (this.multiSelect) {
this.onMultiSelectClick(ev);
this.onMultiSelectClick(project);
} else {
this.onClick(ev);
this.onClick(project);
}
},
onHide() {
if (this.multiSelect && this.isDirty) {
this.$emit('selected', this.selectedProjects);
this.handleUpdatedSelectedProjects();
}
this.searchTerm = '';
this.isDirty = false;
},
onClearAll() {
if (this.hasSelectedProjects) {
this.isDirty = true;
}
this.selectedProjects = [];
},
fetchData() {
this.loading = true;
@ -168,8 +188,8 @@ export default {
this.projects = nodes;
});
},
isProjectSelected(id) {
return this.selectedProjects ? this.selectedProjectIds.includes(id) : false;
isProjectSelected(project) {
return this.selectedProjectIds.includes(project.id);
},
getEntityId(project) {
return getIdFromGraphQLId(project.id);
@ -182,6 +202,10 @@ export default {
ref="projectsDropdown"
class="dropdown dropdown-projects"
toggle-class="gl-shadow-none"
:show-clear-all="hasSelectedProjects"
show-highlighted-items-title
highlighted-items-title-class="gl-p-3"
@clear-all.stop="onClearAll"
@hide="onHide"
>
<template #button-content>
@ -204,14 +228,37 @@ export default {
<gl-dropdown-section-header>{{ __('Projects') }}</gl-dropdown-section-header>
<gl-search-box-by-type v-model.trim="searchTerm" />
</template>
<template #highlighted-items>
<gl-dropdown-item
v-for="project in selectedItems"
:key="project.id"
is-check-item
:is-checked="isProjectSelected(project)"
@click.native.capture.stop="onSelected(project)"
>
<div class="gl-display-flex">
<gl-avatar
class="gl-mr-2 gl-vertical-align-middle"
:alt="project.name"
:size="16"
:entity-id="getEntityId(project)"
:entity-name="project.name"
:src="project.avatarUrl"
shape="rect"
/>
<div>
<div data-testid="project-name">{{ project.name }}</div>
<div class="gl-text-gray-500" data-testid="project-full-path">
{{ project.fullPath }}
</div>
</div>
</div>
</gl-dropdown-item>
</template>
<gl-dropdown-item
v-for="project in availableProjects"
v-for="project in unselectedItems"
:key="project.id"
:is-check-item="true"
:is-checked="isProjectSelected(project.id)"
@click.native.capture.stop="
onSelected({ project, isSelected: isProjectSelected(project.id) })
"
@click.native.capture.stop="onSelected(project)"
>
<div class="gl-display-flex">
<gl-avatar

1
app/assets/javascripts/analytics/shared/constants.js
View file

@ -9,4 +9,5 @@ export const dateFormats = {
isoDate,
defaultDate: mediumDate,
defaultDateTime: 'mmm d, yyyy h:MMtt',
month: 'mmmm',
};

62
app/assets/javascripts/analytics/shared/utils.js
View file

@ -1,4 +1,5 @@
import dateFormat from 'dateformat';
import { urlQueryToFilter } from '~/vue_shared/components/filtered_search_bar/filtered_search_utils';
import { dateFormats } from './constants';
export const filterBySearchTerm = (data = [], searchTerm = '', filterByKey = 'name') => {
@ -7,3 +8,64 @@ export const filterBySearchTerm = (data = [], searchTerm = '', filterByKey = 'na
};
export const toYmd = (date) => dateFormat(date, dateFormats.isoDate);
/**
* Takes a url and extracts query parameters used for the shared
* filter bar
*
* @param {string} url The URL to extract query parameters from
* @returns {Object}
*/
export const extractFilterQueryParameters = (url = '') => {
const {
source_branch_name = null,
target_branch_name = null,
author_username = null,
milestone_title = null,
assignee_username = [],
label_name = [],
} = urlQueryToFilter(url);
return {
selectedSourceBranch: source_branch_name,
selectedTargetBranch: target_branch_name,
selectedAuthor: author_username,
selectedMilestone: milestone_title,
selectedAssigneeList: assignee_username,
selectedLabelList: label_name,
};
};
/**
* Takes a url and extracts sorting and pagination query parameters into an object
*
* @param {string} url The URL to extract query parameters from
* @returns {Object}
*/
export const extractPaginationQueryParameters = (url = '') => {
const { sort, direction, page } = urlQueryToFilter(url);
return {
sort: sort?.value || null,
direction: direction?.value || null,
page: page?.value || null,
};
};
export const getDataZoomOption = ({
totalItems = 0,
maxItemsPerPage = 40,
dataZoom = [{ type: 'slider', bottom: 10, start: 0 }],
}) => {
if (totalItems <= maxItemsPerPage) {
return {};
}
const intervalEnd = Math.ceil((maxItemsPerPage / totalItems) * 100);
return dataZoom.map((item) => {
return {
...item,
end: intervalEnd,
};
});
};

4
app/assets/javascripts/api.js
View file

@ -499,10 +499,10 @@ const Api = {
return axios.put(url, params);
},
applySuggestionBatch(ids) {
applySuggestionBatch(ids, message) {
const url = Api.buildUrl(Api.applySuggestionBatchPath);
return axios.put(url, { ids });
return axios.put(url, { ids, commit_message: message });
},
commitPipelines(projectId, sha) {

7
app/assets/javascripts/api/bulk_imports_api.js Normal file
View file

@ -0,0 +1,7 @@
import { buildApiUrl } from '~/api/api_utils';
import axios from '~/lib/utils/axios_utils';
const BULK_IMPORT_ENTITIES_PATH = '/api/:version/bulk_imports/entities';
export const getBulkImportsHistory = (params) =>
axios.get(buildApiUrl(BULK_IMPORT_ENTITIES_PATH), { params });

2
app/assets/javascripts/artifacts_settings/index.js
View file

@ -6,7 +6,7 @@ import createDefaultClient from '~/lib/graphql';
Vue.use(VueApollo);
const apolloProvider = new VueApollo({
defaultClient: createDefaultClient(),
defaultClient: createDefaultClient({}, { assumeImmutableResults: true }),
});
export default (containerId = 'js-artifacts-settings-app') => {

12
app/assets/javascripts/behaviors/markdown/nodes/emoji.js
View file

@ -26,6 +26,18 @@ export default class Emoji extends Node {
moji: el.textContent,
}),
},
{
tag: 'img.emoji',
getAttrs: (el) => {
const name = el.getAttribute('title').replace(/^:|:$/g, '');
return {
name,
title: name,
moji: name,
};
},
},
],
toDOM: (node) => [
'gl-emoji',

2
app/assets/javascripts/behaviors/markdown/nodes/image.js
View file

@ -29,7 +29,7 @@ export default class Image extends BaseImage {
},
// Matches HTML generated by Banzai::Filter::ImageLazyLoadFilter
{
tag: 'img[src]',
tag: 'img[src]:not(.emoji)',
getAttrs: (el) => {
const imageSrc = el.src;
const imageUrl =

2
app/assets/javascripts/behaviors/preview_markdown.js
View file

@ -81,7 +81,7 @@ MarkdownPreview.prototype.fetchMarkdownPreview = function (text, url, success) {
})
.catch(() =>
createFlash({
message: __('An error occurred while fetching markdown preview'),
message: __('An error occurred while fetching Markdown preview'),
}),
);
};

14
app/assets/javascripts/behaviors/requires_input.js
View file

@ -38,23 +38,9 @@ $.fn.requiresInput = function requiresInput() {
$form.on('change input', fieldSelector, requireInput);
};
// Hide or Show the help block when creating a new project
// based on the option selected
function hideOrShowHelpBlock(form) {
const selected = $('.js-select-namespace option:selected');
if (selected.length && selected.data('optionsParent') === 'groups') {
form.find('.form-text.text-muted').hide();
} else if (selected.length) {
form.find('.form-text.text-muted').show();
}
}
$(() => {
$('form.js-requires-input').each((i, el) => {
const $form = $(el);
$form.requiresInput();
hideOrShowHelpBlock($form);
$('.select2.js-select-namespace').change(() => hideOrShowHelpBlock($form));
});
});

7
app/assets/javascripts/behaviors/shortcuts/keybindings.js
View file

@ -306,6 +306,12 @@ export const GO_TO_PROJECT_WIKI = {
defaultKeys: ['g w'], // eslint-disable-line @gitlab/require-i18n-strings
};
export const GO_TO_PROJECT_WEBIDE = {
id: 'project.goToWebIDE',
description: __('Open in Web IDE'),
defaultKeys: ['.'],
};
export const PROJECT_FILES_MOVE_SELECTION_UP = {
id: 'projectFiles.moveSelectionUp',
description: __('Move selection up'),
@ -549,6 +555,7 @@ export const PROJECT_SHORTCUTS_GROUP = {
GO_TO_PROJECT_KUBERNETES,
GO_TO_PROJECT_SNIPPETS,
GO_TO_PROJECT_WIKI,
GO_TO_PROJECT_WEBIDE,
],
};

14
app/assets/javascripts/behaviors/shortcuts/shortcuts_navigation.js
View file

@ -1,4 +1,5 @@
import Mousetrap from 'mousetrap';
import { visitUrl, constructWebIDEPath } from '~/lib/utils/url_utility';
import findAndFollowLink from '../../lib/utils/navigation_utility';
import {
keysFor,
@ -18,6 +19,7 @@ import {
GO_TO_PROJECT_KUBERNETES,
GO_TO_PROJECT_ENVIRONMENTS,
GO_TO_PROJECT_METRICS,
GO_TO_PROJECT_WEBIDE,
NEW_ISSUE,
} from './keybindings';
import Shortcuts from './shortcuts';
@ -58,6 +60,18 @@ export default class ShortcutsNavigation extends Shortcuts {
findAndFollowLink('.shortcuts-environments'),
);
Mousetrap.bind(keysFor(GO_TO_PROJECT_METRICS), () => findAndFollowLink('.shortcuts-metrics'));
Mousetrap.bind(keysFor(GO_TO_PROJECT_WEBIDE), ShortcutsNavigation.navigateToWebIDE);
Mousetrap.bind(keysFor(NEW_ISSUE), () => findAndFollowLink('.shortcuts-new-issue'));
}
static navigateToWebIDE() {
const path = constructWebIDEPath({
sourceProjectFullPath: window.gl.mrWidgetData?.source_project_full_path,
targetProjectFullPath: window.gl.mrWidgetData?.target_project_full_path,
iid: window.gl.mrWidgetData?.iid,
});
if (path) {
visitUrl(path);
}
}
}

6
app/assets/javascripts/blob/components/blob_content.vue
View file

@ -41,6 +41,11 @@ export default {
type: Object,
required: true,
},
hideLineNumbers: {
type: Boolean,
required: false,
default: false,
},
},
computed: {
viewer() {
@ -80,6 +85,7 @@ export default {
:is-raw-content="isRawContent"
:file-name="blob.name"
:type="activeViewer.fileType"
:hide-line-numbers="hideLineNumbers"
data-qa-selector="file_content"
/>
</template>

6
app/assets/javascripts/blob/file_template_mediator.js
View file

@ -247,7 +247,11 @@ export default class FileTemplateMediator {
}
setFilename(name) {
this.$filenameInput.val(name).trigger('change');
const input = this.$filenameInput.get(0);
if (name !== undefined && input.value !== name) {
input.value = name;
input.dispatchEvent(new Event('change'));
}
}
getSelected() {

7
app/assets/javascripts/boards/boards_util.js
View file

@ -43,7 +43,9 @@ export function formatListIssues(listIssues) {
let sortedIssues = list.issues.edges.map((issueNode) => ({
...issueNode.node,
}));
sortedIssues = sortBy(sortedIssues, 'relativePosition');
if (list.listType !== ListType.closed) {
sortedIssues = sortBy(sortedIssues, 'relativePosition');
}
return {
...map,
@ -146,7 +148,8 @@ export function getMoveData(state, params) {
}
export function moveItemListHelper(item, fromList, toList) {
const updatedItem = item;
const updatedItem = cloneDeep(item);
if (
toList.listType === ListType.label &&
!updatedItem.labels.find((label) => label.id === toList.label.id)

4
app/assets/javascripts/boards/components/board_add_new_column.vue
View file

@ -52,6 +52,8 @@ export default {
},
setSelectedItem(selectedId) {
this.selectedId = selectedId;
const label = this.labels.find(({ id }) => id === selectedId);
if (!selectedId || !label) {
this.selectedLabel = null;
@ -87,8 +89,8 @@ export default {
<template #items>
<gl-form-radio-group
v-if="labels.length > 0"
v-model="selectedId"
class="gl-overflow-y-auto gl-px-5 gl-pt-3"
:checked="selectedId"
@change="setSelectedItem"
>
<label

25
app/assets/javascripts/boards/components/board_add_new_column_trigger.vue
View file

@ -1,13 +1,23 @@
<script>
import { GlButton } from '@gitlab/ui';
import { mapActions } from 'vuex';
import { GlButton, GlTooltipDirective } from '@gitlab/ui';
import { mapActions, mapState } from 'vuex';
import { __ } from '~/locale';
import Tracking from '~/tracking';
export default {
components: {
GlButton,
},
directives: {
GlTooltip: GlTooltipDirective,
},
mixins: [Tracking.mixin()],
computed: {
...mapState({ isNewListShowing: ({ addColumnForm }) => addColumnForm.visible }),
tooltip() {
return this.isNewListShowing ? __('The list creation wizard is already open') : '';
},
},
methods: {
...mapActions(['setAddColumnFormVisibility']),
handleClick() {
@ -19,7 +29,14 @@ export default {
</script>
<template>
<div class="gl-ml-3 gl-display-flex gl-align-items-center" data-testid="boards-create-list">
<gl-button variant="confirm" @click="handleClick">{{ __('Create list') }} </gl-button>
<div
v-gl-tooltip="tooltip"
:tabindex="isNewListShowing ? '0' : undefined"
class="gl-ml-3 gl-display-flex gl-align-items-center"
data-testid="boards-create-list"
>
<gl-button :disabled="isNewListShowing" variant="confirm" @click="handleClick"
>{{ __('Create list') }}
</gl-button>
</div>
</template>

4
app/assets/javascripts/boards/components/board_card_inner.vue
View file

@ -316,7 +316,7 @@ export default {
</p>
</gl-tooltip>
<span ref="countBadge" class="issue-count-badge board-card-info gl-mr-0 gl-pr-0">
<span ref="countBadge" class="board-card-info gl-mr-0 gl-pr-0 gl-pl-3">
<span v-if="allowSubEpics" class="gl-mr-3">
<gl-icon name="epic" />
{{ totalEpicsCount }}
@ -334,7 +334,7 @@ export default {
<span
v-if="shouldRenderEpicProgress"
ref="progressBadge"
class="issue-count-badge board-card-info gl-pl-0"
class="board-card-info gl-pl-0"
>
<span class="gl-mr-3" data-testid="epic-progress">
<gl-icon name="progress" />

64
app/assets/javascripts/boards/components/board_content_sidebar.vue
View file

@ -3,15 +3,18 @@ import { GlDrawer } from '@gitlab/ui';
import { MountingPortal } from 'portal-vue';
import { mapState, mapActions, mapGetters } from 'vuex';
import SidebarDropdownWidget from 'ee_else_ce/sidebar/components/sidebar_dropdown_widget.vue';
import { __, sprintf } from '~/locale';
import BoardSidebarLabelsSelect from '~/boards/components/sidebar/board_sidebar_labels_select.vue';
import BoardSidebarTimeTracker from '~/boards/components/sidebar/board_sidebar_time_tracker.vue';
import BoardSidebarTitle from '~/boards/components/sidebar/board_sidebar_title.vue';
import { ISSUABLE } from '~/boards/constants';
import { getIdFromGraphQLId } from '~/graphql_shared/utils';
import SidebarAssigneesWidget from '~/sidebar/components/assignees/sidebar_assignees_widget.vue';
import SidebarConfidentialityWidget from '~/sidebar/components/confidential/sidebar_confidentiality_widget.vue';
import SidebarDateWidget from '~/sidebar/components/date/sidebar_date_widget.vue';
import SidebarSubscriptionsWidget from '~/sidebar/components/subscriptions/sidebar_subscriptions_widget.vue';
import SidebarTodoWidget from '~/sidebar/components/todo_toggle/sidebar_todo_widget.vue';
import SidebarLabelsWidget from '~/vue_shared/components/sidebar/labels_select_widget/labels_select_root.vue';
import glFeatureFlagMixin from '~/vue_shared/mixins/gl_feature_flags_mixin';
export default {
@ -23,6 +26,7 @@ export default {
SidebarConfidentialityWidget,
BoardSidebarTimeTracker,
BoardSidebarLabelsSelect,
SidebarLabelsWidget,
SidebarSubscriptionsWidget,
SidebarDropdownWidget,
SidebarTodoWidget,
@ -46,16 +50,20 @@ export default {
weightFeatureAvailable: {
default: false,
},
allowLabelEdit: {
default: false,
},
},
inheritAttrs: false,
computed: {
...mapGetters([
'isGroupBoard',
'isSidebarOpen',
'activeBoardItem',
'groupPathForActiveIssue',
'projectPathForActiveIssue',
]),
...mapState(['sidebarType', 'issuableType']),
...mapState(['sidebarType', 'issuableType', 'isSettingLabels']),
isIssuableSidebar() {
return this.sidebarType === ISSUABLE;
},
@ -65,17 +73,48 @@ export default {
fullPath() {
return this.activeBoardItem?.referencePath?.split('#')[0] || '';
},
createLabelTitle() {
return sprintf(__('Create %{workspace} label'), {
workspace: this.isGroupBoard ? 'group' : 'project',
});
},
manageLabelTitle() {
return sprintf(__('Manage %{workspace} labels'), {
workspace: this.isGroupBoard ? 'group' : 'project',
});
},
attrWorkspacePath() {
return this.isGroupBoard ? this.groupPathForActiveIssue : undefined;
},
},
methods: {
...mapActions([
'toggleBoardItem',
'setAssignees',
'setActiveItemConfidential',
'setActiveBoardItemLabels',
'setActiveItemWeight',
]),
handleClose() {
this.toggleBoardItem({ boardItem: this.activeBoardItem, sidebarType: this.sidebarType });
},
handleUpdateSelectedLabels(input) {
this.setActiveBoardItemLabels({
iid: this.activeBoardItem.iid,
projectPath: this.projectPathForActiveIssue,
addLabelIds: input.map((label) => getIdFromGraphQLId(label.id)),
removeLabelIds: this.activeBoardItem.labels
.filter((label) => !input.find((selected) => selected.id === label.id))
.map((label) => label.id),
});
},
handleLabelRemove(input) {
this.setActiveBoardItemLabels({
iid: this.activeBoardItem.iid,
projectPath: this.projectPathForActiveIssue,
removeLabelIds: [input],
});
},
},
};
</script>
@ -160,7 +199,28 @@ export default {
:issuable-type="issuableType"
data-testid="sidebar-due-date"
/>
<board-sidebar-labels-select class="block labels" />
<sidebar-labels-widget
v-if="glFeatures.labelsWidget"
class="block labels"
data-testid="sidebar-labels"
:iid="activeBoardItem.iid"
:full-path="projectPathForActiveIssue"
:allow-label-remove="allowLabelEdit"
:allow-multiselect="true"
:selected-labels="activeBoardItem.labels"
:labels-select-in-progress="isSettingLabels"
:footer-create-label-title="createLabelTitle"
:footer-manage-label-title="manageLabelTitle"
:labels-create-title="createLabelTitle"
:labels-filter-base-path="projectPathForActiveIssue"
:attr-workspace-path="attrWorkspacePath"
:issuable-type="issuableType"
@onLabelRemove="handleLabelRemove"
@updateSelectedLabels="handleUpdateSelectedLabels"
>
{{ __('None') }}
</sidebar-labels-widget>
<board-sidebar-labels-select v-else class="block labels" />
<sidebar-weight-widget
v-if="weightFeatureAvailable"
:iid="activeBoardItem.iid"

4
app/assets/javascripts/boards/components/board_list_header.vue
View file

@ -365,7 +365,7 @@ export default {
>
<span class="gl-display-inline-flex">
<gl-tooltip :target="() => $refs.itemCount" :title="itemsTooltipLabel" />
<span ref="itemCount" class="issue-count-badge-count">
<span ref="itemCount" class="gl-display-inline-flex gl-align-items-center">
<gl-icon class="gl-mr-2" :name="countIcon" />
<item-count :items-size="itemsCount" :max-issue-count="list.maxIssueCount" />
</span>
@ -388,7 +388,7 @@ export default {
v-gl-tooltip.hover
:aria-label="$options.i18n.newIssue"
:title="$options.i18n.newIssue"
class="issue-count-badge-add-button no-drag"
class="no-drag"
icon="plus"
@click="showNewIssueForm"
/>

22
app/assets/javascripts/boards/graphql.js Normal file
View file

@ -0,0 +1,22 @@
import { IntrospectionFragmentMatcher, defaultDataIdFromObject } from 'apollo-cache-inmemory';
import createDefaultClient from '~/lib/graphql';
import introspectionQueryResultData from '~/sidebar/fragmentTypes.json';
const fragmentMatcher = new IntrospectionFragmentMatcher({
introspectionQueryResultData,
});
export const gqlClient = createDefaultClient(
{},
{
cacheConfig: {
dataIdFromObject: (object) => {
// eslint-disable-next-line no-underscore-dangle
return object.__typename === 'BoardList' ? object.iid : defaultDataIdFromObject(object);
},
fragmentMatcher,
},
assumeImmutableResults: true,
},
);

4
app/assets/javascripts/boards/graphql/issue.fragment.graphql
View file

@ -1,3 +1,4 @@
#import "~/graphql_shared/fragments/milestone.fragment.graphql"
#import "~/graphql_shared/fragments/user.fragment.graphql"
fragment IssueNode on Issue {
@ -15,6 +16,9 @@ fragment IssueNode on Issue {
hidden
webUrl
relativePosition
milestone {
...MilestoneFragment
}
assignees {
nodes {
...User

2
app/assets/javascripts/boards/graphql/lists_issues.query.graphql
View file

@ -16,6 +16,7 @@ query ListIssues(
nodes {
id
issuesCount
listType
issues(first: $first, filters: $filters, after: $after) {
edges {
node {
@ -37,6 +38,7 @@ query ListIssues(
nodes {
id
issuesCount
listType
issues(first: $first, filters: $filters, after: $after) {
edges {
node {

21
app/assets/javascripts/boards/index.js
View file

@ -1,4 +1,3 @@
import { IntrospectionFragmentMatcher } from 'apollo-cache-inmemory';
import PortalVue from 'portal-vue';
import Vue from 'vue';
import VueApollo from 'vue-apollo';
@ -14,30 +13,17 @@ import FilteredSearchBoards from '~/boards/filtered_search_boards';
import initBoardsFilteredSearch from '~/boards/mount_filtered_search_issue_boards';
import store from '~/boards/stores';
import toggleFocusMode from '~/boards/toggle_focus';
import createDefaultClient from '~/lib/graphql';
import { NavigationType, parseBoolean } from '~/lib/utils/common_utils';
import introspectionQueryResultData from '~/sidebar/fragmentTypes.json';
import { fullBoardId } from './boards_util';
import boardConfigToggle from './config_toggle';
import { gqlClient } from './graphql';
import mountMultipleBoardsSwitcher from './mount_multiple_boards_switcher';
Vue.use(VueApollo);
Vue.use(PortalVue);
const fragmentMatcher = new IntrospectionFragmentMatcher({
introspectionQueryResultData,
});
const apolloProvider = new VueApollo({
defaultClient: createDefaultClient(
{},
{
cacheConfig: {
fragmentMatcher,
},
assumeImmutableResults: true,
},
),
defaultClient: gqlClient,
});
function mountBoardApp(el) {
@ -101,6 +87,9 @@ function mountBoardApp(el) {
iterationListsAvailable: parseBoolean(el.dataset.iterationListsAvailable),
issuableType: issuableTypes.issue,
emailsDisabled: parseBoolean(el.dataset.emailsDisabled),
allowLabelCreate: parseBoolean(el.dataset.canUpdate),
allowLabelEdit: parseBoolean(el.dataset.canUpdate),
allowScopedLabels: parseBoolean(el.dataset.scopedLabels),
},
render: (createComponent) => createComponent(BoardApp),
});

17
app/assets/javascripts/boards/stores/actions.js
View file

@ -19,7 +19,6 @@ import {
import createBoardListMutation from 'ee_else_ce/boards/graphql/board_list_create.mutation.graphql';
import issueMoveListMutation from 'ee_else_ce/boards/graphql/issue_move_list.mutation.graphql';
import { getIdFromGraphQLId } from '~/graphql_shared/utils';
import createGqClient, { fetchPolicies } from '~/lib/graphql';
import { convertObjectPropsToCamelCase } from '~/lib/utils/common_utils';
import { queryToObject } from '~/lib/utils/url_utility';
import { s__ } from '~/locale';
@ -35,6 +34,7 @@ import {
FiltersInfo,
filterVariables,
} from '../boards_util';
import { gqlClient } from '../graphql';
import boardLabelsQuery from '../graphql/board_labels.query.graphql';
import groupBoardIterationsQuery from '../graphql/group_board_iterations.query.graphql';
import groupBoardMilestonesQuery from '../graphql/group_board_milestones.query.graphql';
@ -47,13 +47,6 @@ import projectBoardMilestonesQuery from '../graphql/project_board_milestones.que
import * as types from './mutation_types';
export const gqlClient = createGqClient(
{},
{
fetchPolicy: fetchPolicies.NO_CACHE,
},
);
export default {
setInitialBoardData: ({ commit }, data) => {
commit(types.SET_INITIAL_BOARD_DATA, data);
@ -603,7 +596,7 @@ export default {
});
},
addListItem: ({ commit }, { list, item, position, inProgress = false }) => {
addListItem: ({ commit, dispatch }, { list, item, position, inProgress = false }) => {
commit(types.ADD_BOARD_ITEM_TO_LIST, {
listId: list.id,
itemId: item.id,
@ -611,6 +604,9 @@ export default {
inProgress,
});
commit(types.UPDATE_BOARD_ITEM, item);
if (!inProgress) {
dispatch('setActiveId', { id: item.id, sidebarType: ISSUABLE });
}
},
removeListItem: ({ commit }, { listId, itemId }) => {
@ -660,6 +656,7 @@ export default {
},
setActiveIssueLabels: async ({ commit, getters }, input) => {
commit(types.SET_LABELS_LOADING, true);
const { activeBoardItem } = getters;
const { data } = await gqlClient.mutate({
mutation: issueSetLabelsMutation,
@ -673,6 +670,8 @@ export default {
},
});
commit(types.SET_LABELS_LOADING, false);
if (data.updateIssue?.errors?.length > 0) {
throw new Error(data.updateIssue.errors);
}

1
app/assets/javascripts/boards/stores/mutation_types.js
View file

@ -28,6 +28,7 @@ export const ADD_BOARD_ITEM_TO_LIST = 'ADD_BOARD_ITEM_TO_LIST';
export const REMOVE_BOARD_ITEM_FROM_LIST = 'REMOVE_BOARD_ITEM_FROM_LIST';
export const SET_ACTIVE_ID = 'SET_ACTIVE_ID';
export const UPDATE_BOARD_ITEM_BY_ID = 'UPDATE_BOARD_ITEM_BY_ID';
export const SET_LABELS_LOADING = 'SET_LABELS_LOADING';
export const SET_ASSIGNEE_LOADING = 'SET_ASSIGNEE_LOADING';
export const RESET_ISSUES = 'RESET_ISSUES';
export const REQUEST_GROUP_PROJECTS = 'REQUEST_GROUP_PROJECTS';

4
app/assets/javascripts/boards/stores/mutations.js
View file

@ -195,6 +195,10 @@ export default {
Vue.set(state.boardItems[itemId], prop, value);
},
[mutationTypes.SET_LABELS_LOADING](state, isLoading) {
state.isSettingLabels = isLoading;
},
[mutationTypes.SET_ASSIGNEE_LOADING](state, isLoading) {
state.isSettingAssignees = isLoading;
},

1
app/assets/javascripts/boards/stores/state.js
View file

@ -12,6 +12,7 @@ export default () => ({
listsFlags: {},
boardItemsByListId: {},
backupItemsList: [],
isSettingLabels: false,
isSettingAssignees: false,
pageInfoByListId: {},
boardItems: {},

4
app/assets/javascripts/ci_lint/index.js
View file

@ -8,7 +8,9 @@ import CiLint from './components/ci_lint.vue';
Vue.use(VueApollo);
const apolloProvider = new VueApollo({
defaultClient: createDefaultClient(resolvers),
defaultClient: createDefaultClient(resolvers, {
assumeImmutableResults: true,
}),
});
export default (containerId = '#js-ci-lint') => {

159
app/assets/javascripts/clusters/agents/components/show.vue Normal file
View file

@ -0,0 +1,159 @@
<script>
import {
GlAlert,
GlBadge,
GlKeysetPagination,
GlLoadingIcon,
GlSprintf,
GlTab,
GlTabs,
} from '@gitlab/ui';
import { s__ } from '~/locale';
import TimeAgoTooltip from '~/vue_shared/components/time_ago_tooltip.vue';
import { MAX_LIST_COUNT } from '../constants';
import getClusterAgentQuery from '../graphql/queries/get_cluster_agent.query.graphql';
import TokenTable from './token_table.vue';
export default {
i18n: {
installedInfo: s__('ClusterAgents|Created by %{name} %{time}'),
loadingError: s__('ClusterAgents|An error occurred while loading your agent'),
tokens: s__('ClusterAgents|Access tokens'),
unknownUser: s__('ClusterAgents|Unknown user'),
},
apollo: {
clusterAgent: {
query: getClusterAgentQuery,
variables() {
return {
agentName: this.agentName,
projectPath: this.projectPath,
...this.cursor,
};
},
update: (data) => data?.project?.clusterAgent,
error() {
this.clusterAgent = null;
},
},
},
components: {
GlAlert,
GlBadge,
GlKeysetPagination,
GlLoadingIcon,
GlSprintf,
GlTab,
GlTabs,
TimeAgoTooltip,
TokenTable,
},
props: {
agentName: {
required: true,
type: String,
},
projectPath: {
required: true,
type: String,
},
},
data() {
return {
cursor: {
first: MAX_LIST_COUNT,
last: null,
},
};
},
computed: {
createdAt() {
return this.clusterAgent?.createdAt;
},
createdBy() {
return this.clusterAgent?.createdByUser?.name || this.$options.i18n.unknownUser;
},
isLoading() {
return this.$apollo.queries.clusterAgent.loading;
},
showPagination() {
return this.tokenPageInfo.hasPreviousPage || this.tokenPageInfo.hasNextPage;
},
tokenCount() {
return this.clusterAgent?.tokens?.count;
},
tokenPageInfo() {
return this.clusterAgent?.tokens?.pageInfo || {};
},
tokens() {
return this.clusterAgent?.tokens?.nodes || [];
},
},
methods: {
nextPage() {
this.cursor = {
first: MAX_LIST_COUNT,
last: null,
afterToken: this.tokenPageInfo.endCursor,
};
},
prevPage() {
this.cursor = {
first: null,
last: MAX_LIST_COUNT,
beforeToken: this.tokenPageInfo.startCursor,
};
},
},
};
</script>
<template>
<section>
<h2>{{ agentName }}</h2>
<gl-loading-icon v-if="isLoading && clusterAgent == null" size="lg" class="gl-m-3" />
<div v-else-if="clusterAgent">
<p data-testid="cluster-agent-create-info">
<gl-sprintf :message="$options.i18n.installedInfo">
<template #name>
{{ createdBy }}
</template>
<template #time>
<time-ago-tooltip :time="createdAt" />
</template>
</gl-sprintf>
</p>
<gl-tabs>
<gl-tab>
<template #title>
<span data-testid="cluster-agent-token-count">
{{ $options.i18n.tokens }}
<gl-badge v-if="tokenCount" size="sm" class="gl-tab-counter-badge">{{
tokenCount
}}</gl-badge>
</span>
</template>
<gl-loading-icon v-if="isLoading" size="md" class="gl-m-3" />
<div v-else>
<TokenTable :tokens="tokens" />
<div v-if="showPagination" class="gl-display-flex gl-justify-content-center gl-mt-5">
<gl-keyset-pagination v-bind="tokenPageInfo" @prev="prevPage" @next="nextPage" />
</div>
</div>
</gl-tab>
</gl-tabs>
</div>
<gl-alert v-else variant="danger" :dismissible="false">
{{ $options.i18n.loadingError }}
</gl-alert>
</section>
</template>

122
app/assets/javascripts/clusters/agents/components/token_table.vue Normal file
View file

@ -0,0 +1,122 @@
<script>
import { GlEmptyState, GlLink, GlTable, GlTooltip, GlTruncate } from '@gitlab/ui';
import { helpPagePath } from '~/helpers/help_page_helper';
import { s__ } from '~/locale';
import TimeAgoTooltip from '~/vue_shared/components/time_ago_tooltip.vue';
export default {
components: {
GlEmptyState,
GlLink,
GlTable,
GlTooltip,
GlTruncate,
TimeAgoTooltip,
},
i18n: {
createdBy: s__('ClusterAgents|Created by'),
createToken: s__('ClusterAgents|You will need to create a token to connect to your agent'),
dateCreated: s__('ClusterAgents|Date created'),
description: s__('ClusterAgents|Description'),
lastUsed: s__('ClusterAgents|Last contact'),
learnMore: s__('ClusterAgents|Learn how to create an agent access token'),
name: s__('ClusterAgents|Name'),
neverUsed: s__('ClusterAgents|Never'),
noTokens: s__('ClusterAgents|This agent has no tokens'),
unknownUser: s__('ClusterAgents|Unknown user'),
},
props: {
tokens: {
required: true,
type: Array,
},
},
computed: {
fields() {
return [
{
key: 'name',
label: this.$options.i18n.name,
tdAttr: { 'data-testid': 'agent-token-name' },
},
{
key: 'lastUsed',
label: this.$options.i18n.lastUsed,
tdAttr: { 'data-testid': 'agent-token-used' },
},
{
key: 'createdAt',
label: this.$options.i18n.dateCreated,
tdAttr: { 'data-testid': 'agent-token-created-time' },
},
{
key: 'createdBy',
label: this.$options.i18n.createdBy,
tdAttr: { 'data-testid': 'agent-token-created-user' },
},
{
key: 'description',
label: this.$options.i18n.description,
tdAttr: { 'data-testid': 'agent-token-description' },
},
];
},
learnMoreUrl() {
return helpPagePath('user/clusters/agent/index.md', {
anchor: 'create-an-agent-record-in-gitlab',
});
},
},
methods: {
createdByName(token) {
return token?.createdByUser?.name || this.$options.i18n.unknownUser;
},
},
};
</script>
<template>
<div v-if="tokens.length">
<div class="gl-text-right gl-my-5">
<gl-link target="_blank" :href="learnMoreUrl">
{{ $options.i18n.learnMore }}
</gl-link>
</div>
<gl-table :items="tokens" :fields="fields" fixed stacked="md">
<template #cell(lastUsed)="{ item }">
<time-ago-tooltip v-if="item.lastUsedAt" :time="item.lastUsedAt" />
<span v-else>{{ $options.i18n.neverUsed }}</span>
</template>
<template #cell(createdAt)="{ item }">
<time-ago-tooltip :time="item.createdAt" />
</template>
<template #cell(createdBy)="{ item }">
<span>{{ createdByName(item) }}</span>
</template>
<template #cell(description)="{ item }">
<div v-if="item.description" :id="`tooltip-description-container-${item.id}`">
<gl-truncate :id="`tooltip-description-${item.id}`" :text="item.description" />
<gl-tooltip
:container="`tooltip-description-container-${item.id}`"
:target="`tooltip-description-${item.id}`"
placement="top"
>
{{ item.description }}
</gl-tooltip>
</div>
</template>
</gl-table>
</div>
<gl-empty-state
v-else
:title="$options.i18n.noTokens"
:primary-button-link="learnMoreUrl"
:primary-button-text="$options.i18n.learnMore"
/>
</template>

1
app/assets/javascripts/clusters/agents/constants.js Normal file
View file

@ -0,0 +1 @@
export const MAX_LIST_COUNT = 25;

11
app/assets/javascripts/clusters/agents/graphql/fragments/cluster_agent_token.fragment.graphql Normal file
View file

@ -0,0 +1,11 @@
fragment Token on ClusterAgentToken {
id
createdAt
description
lastUsedAt
name
createdByUser {
name
}
}

34
app/assets/javascripts/clusters/agents/graphql/queries/get_cluster_agent.query.graphql Normal file
View file

@ -0,0 +1,34 @@
#import "~/graphql_shared/fragments/pageInfo.fragment.graphql"
#import "../fragments/cluster_agent_token.fragment.graphql"
query getClusterAgent(
$projectPath: ID!
$agentName: String!
$first: Int
$last: Int
$afterToken: String
$beforeToken: String
) {
project(fullPath: $projectPath) {
clusterAgent(name: $agentName) {
id
createdAt
createdByUser {
name
}
tokens(first: $first, last: $last, before: $beforeToken, after: $afterToken) {
count
nodes {
...Token
}
pageInfo {
...PageInfo
}
}
}
}
}

30
app/assets/javascripts/clusters/agents/index.js Normal file
View file

@ -0,0 +1,30 @@
import Vue from 'vue';
import VueApollo from 'vue-apollo';
import createDefaultClient from '~/lib/graphql';
import AgentShowPage from './components/show.vue';
Vue.use(VueApollo);
export default () => {
const el = document.querySelector('#js-cluster-agent-details');
if (!el) {
return null;
}
const defaultClient = createDefaultClient();
const { agentName, projectPath } = el.dataset;
return new Vue({
el,
apolloProvider: new VueApollo({ defaultClient }),
render(createElement) {
return createElement(AgentShowPage, {
props: {
agentName,
projectPath,
},
});
},
});
};

8
app/assets/javascripts/clusters_list/clusters_util.js Normal file
View file

@ -0,0 +1,8 @@
export function generateAgentRegistrationCommand(agentToken, kasAddress) {
return `docker run --pull=always --rm \\
registry.gitlab.com/gitlab-org/cluster-integration/gitlab-agent/cli:stable generate \\
--agent-token=${agentToken} \\
--kas-address=${kasAddress} \\
--agent-version stable \\
--namespace gitlab-kubernetes-agent | kubectl apply -f -`;
}

119
app/assets/javascripts/clusters_list/components/agent_empty_state.vue Normal file
View file

@ -0,0 +1,119 @@
<script>
import { GlButton, GlEmptyState, GlLink, GlSprintf, GlAlert, GlModalDirective } from '@gitlab/ui';
import { INSTALL_AGENT_MODAL_ID } from '../constants';
export default {
modalId: INSTALL_AGENT_MODAL_ID,
components: {
GlButton,
GlEmptyState,
GlLink,
GlSprintf,
GlAlert,
},
directives: {
GlModalDirective,
},
inject: [
'emptyStateImage',
'projectPath',
'agentDocsUrl',
'installDocsUrl',
'getStartedDocsUrl',
'integrationDocsUrl',
],
props: {
hasConfigurations: {
type: Boolean,
required: true,
},
},
computed: {
repositoryPath() {
return `/${this.projectPath}`;
},
},
};
</script>
<template>
<gl-empty-state
:svg-path="emptyStateImage"
:title="s__('ClusterAgents|Integrate Kubernetes with a GitLab Agent')"
class="empty-state--agent"
>
<template #description>
<p class="mw-460 gl-mx-auto">
<gl-sprintf
:message="
s__(
'ClusterAgents|The GitLab Kubernetes Agent allows an Infrastructure as Code, GitOps approach to integrating Kubernetes clusters with GitLab. %{linkStart}Learn more.%{linkEnd}',
)
"
>
<template #link="{ content }">
<gl-link :href="agentDocsUrl" target="_blank" data-testid="agent-docs-link">
{{ content }}
</gl-link>
</template>
</gl-sprintf>
</p>
<p class="mw-460 gl-mx-auto">
<gl-sprintf
:message="
s__(
'ClusterAgents|The GitLab Agent also requires %{linkStart}enabling the Agent Server%{linkEnd}',
)
"
>
<template #link="{ content }">
<gl-link :href="installDocsUrl" target="_blank" data-testid="install-docs-link">
{{ content }}
</gl-link>
</template>
</gl-sprintf>
</p>
<gl-alert
v-if="!hasConfigurations"
variant="warning"
class="gl-mb-5 text-left"
:dismissible="false"
>
{{
s__(
'ClusterAgents|To install an Agent you should create an agent directory in the Repository first. We recommend that you add the Agent configuration to the directory before you start the installation process.',
)
}}
<template #actions>
<gl-button
category="primary"
variant="info"
:href="getStartedDocsUrl"
target="_blank"
class="gl-ml-0!"
>
{{ s__('ClusterAgents|Read more about getting started') }}
</gl-button>
<gl-button category="secondary" variant="info" :href="repositoryPath">
{{ s__('ClusterAgents|Go to the repository') }}
</gl-button>
</template>
</gl-alert>
</template>
<template #actions>
<gl-button
v-gl-modal-directive="$options.modalId"
:disabled="!hasConfigurations"
data-testid="integration-primary-button"
category="primary"
variant="success"
>
{{ s__('ClusterAgents|Integrate with the GitLab Agent') }}
</gl-button>
</template>
</gl-empty-state>
</template>

152
app/assets/javascripts/clusters_list/components/agent_table.vue Normal file
View file

@ -0,0 +1,152 @@
<script>
import {
GlButton,
GlLink,
GlModalDirective,
GlTable,
GlIcon,
GlSprintf,
GlTooltip,
GlPopover,
} from '@gitlab/ui';
import { s__ } from '~/locale';
import TimeAgoTooltip from '~/vue_shared/components/time_ago_tooltip.vue';
import timeagoMixin from '~/vue_shared/mixins/timeago';
import { INSTALL_AGENT_MODAL_ID, AGENT_STATUSES, TROUBLESHOOTING_LINK } from '../constants';
export default {
components: {
GlButton,
GlLink,
GlTable,
GlIcon,
GlSprintf,
GlTooltip,
GlPopover,
TimeAgoTooltip,
},
directives: {
GlModalDirective,
},
mixins: [timeagoMixin],
inject: ['integrationDocsUrl'],
INSTALL_AGENT_MODAL_ID,
AGENT_STATUSES,
TROUBLESHOOTING_LINK,
props: {
agents: {
required: true,
type: Array,
},
},
computed: {
fields() {
return [
{
key: 'name',
label: s__('ClusterAgents|Name'),
},
{
key: 'status',
label: s__('ClusterAgents|Connection status'),
},
{
key: 'lastContact',
label: s__('ClusterAgents|Last contact'),
},
{
key: 'configuration',
label: s__('ClusterAgents|Configuration'),
},
];
},
},
};
</script>
<template>
<div>
<div class="gl-display-block gl-text-right gl-my-3">
<gl-button
v-gl-modal-directive="$options.INSTALL_AGENT_MODAL_ID"
variant="confirm"
category="primary"
>{{ s__('ClusterAgents|Install a new GitLab Agent') }}
</gl-button>
</div>
<gl-table
:items="agents"
:fields="fields"
stacked="md"
head-variant="white"
thead-class="gl-border-b-solid gl-border-b-1 gl-border-b-gray-100"
data-testid="cluster-agent-list-table"
>
<template #cell(name)="{ item }">
<gl-link :href="item.webPath" data-testid="cluster-agent-name-link">
{{ item.name }}
</gl-link>
</template>
<template #cell(status)="{ item }">
<span
:id="`connection-status-${item.name}`"
class="gl-pr-5"
data-testid="cluster-agent-connection-status"
>
<span :class="$options.AGENT_STATUSES[item.status].class" class="gl-mr-3">
<gl-icon :name="$options.AGENT_STATUSES[item.status].icon" :size="12" /></span
>{{ $options.AGENT_STATUSES[item.status].name }}
</span>
<gl-tooltip
v-if="item.status === 'active'"
:target="`connection-status-${item.name}`"
placement="right"
>
<gl-sprintf :message="$options.AGENT_STATUSES[item.status].tooltip.title"
><template #timeAgo>{{ timeFormatted(item.lastContact) }}</template>
</gl-sprintf>
</gl-tooltip>
<gl-popover
v-else
:target="`connection-status-${item.name}`"
:title="$options.AGENT_STATUSES[item.status].tooltip.title"
placement="right"
container="viewport"
>
<p>
<gl-sprintf :message="$options.AGENT_STATUSES[item.status].tooltip.body"
><template #timeAgo>{{ timeFormatted(item.lastContact) }}</template></gl-sprintf
>
</p>
<p class="gl-mb-0">
{{ s__('ClusterAgents|For more troubleshooting information go to') }}
<gl-link :href="$options.TROUBLESHOOTING_LINK" target="_blank" class="gl-font-sm">
{{ $options.TROUBLESHOOTING_LINK }}</gl-link
>
</p>
</gl-popover>
</template>
<template #cell(lastContact)="{ item }">
<span data-testid="cluster-agent-last-contact">
<time-ago-tooltip v-if="item.lastContact" :time="item.lastContact" />
<span v-else>{{ s__('ClusterAgents|Never') }}</span>
</span>
</template>
<template #cell(configuration)="{ item }">
<span data-testid="cluster-agent-configuration-link">
<!-- eslint-disable @gitlab/vue-require-i18n-strings -->
<gl-link v-if="item.configFolder" :href="item.configFolder.webPath">
.gitlab/agents/{{ item.name }}
</gl-link>
<span v-else>.gitlab/agents/{{ item.name }}</span>
<!-- eslint-enable @gitlab/vue-require-i18n-strings -->
</span>
</template>
</gl-table>
</div>
</template>

156
app/assets/javascripts/clusters_list/components/agents.vue Normal file
View file

@ -0,0 +1,156 @@
<script>
import { GlAlert, GlKeysetPagination, GlLoadingIcon } from '@gitlab/ui';
import { MAX_LIST_COUNT, ACTIVE_CONNECTION_TIME } from '../constants';
import getAgentsQuery from '../graphql/queries/get_agents.query.graphql';
import AgentEmptyState from './agent_empty_state.vue';
import AgentTable from './agent_table.vue';
import InstallAgentModal from './install_agent_modal.vue';
export default {
apollo: {
agents: {
query: getAgentsQuery,
variables() {
return {
defaultBranchName: this.defaultBranchName,
projectPath: this.projectPath,
...this.cursor,
};
},
update(data) {
this.updateTreeList(data);
return data;
},
},
},
components: {
AgentEmptyState,
AgentTable,
InstallAgentModal,
GlAlert,
GlKeysetPagination,
GlLoadingIcon,
},
inject: ['projectPath'],
props: {
defaultBranchName: {
default: '.noBranch',
required: false,
type: String,
},
},
data() {
return {
cursor: {
first: MAX_LIST_COUNT,
last: null,
},
folderList: {},
};
},
computed: {
agentList() {
let list = this.agents?.project?.clusterAgents?.nodes;
if (list) {
list = list.map((agent) => {
const configFolder = this.folderList[agent.name];
const lastContact = this.getLastContact(agent);
const status = this.getStatus(lastContact);
return { ...agent, configFolder, lastContact, status };
});
}
return list;
},
agentPageInfo() {
return this.agents?.project?.clusterAgents?.pageInfo || {};
},
isLoading() {
return this.$apollo.queries.agents.loading;
},
showPagination() {
return this.agentPageInfo.hasPreviousPage || this.agentPageInfo.hasNextPage;
},
treePageInfo() {
return this.agents?.project?.repository?.tree?.trees?.pageInfo || {};
},
hasConfigurations() {
return Boolean(this.agents?.project?.repository?.tree?.trees?.nodes?.length);
},
},
methods: {
reloadAgents() {
this.$apollo.queries.agents.refetch();
},
nextPage() {
this.cursor = {
first: MAX_LIST_COUNT,
last: null,
afterAgent: this.agentPageInfo.endCursor,
afterTree: this.treePageInfo.endCursor,
};
},
prevPage() {
this.cursor = {
first: null,
last: MAX_LIST_COUNT,
beforeAgent: this.agentPageInfo.startCursor,
beforeTree: this.treePageInfo.endCursor,
};
},
updateTreeList(data) {
const configFolders = data?.project?.repository?.tree?.trees?.nodes;
if (configFolders) {
configFolders.forEach((folder) => {
this.folderList[folder.name] = folder;
});
}
},
getLastContact(agent) {
const tokens = agent?.tokens?.nodes;
let lastContact = null;
if (tokens?.length) {
tokens.forEach((token) => {
const lastContactToDate = new Date(token.lastUsedAt).getTime();
if (lastContactToDate > lastContact) {
lastContact = lastContactToDate;
}
});
}
return lastContact;
},
getStatus(lastContact) {
if (lastContact) {
const now = new Date().getTime();
const diff = now - lastContact;
return diff > ACTIVE_CONNECTION_TIME ? 'inactive' : 'active';
}
return 'unused';
},
},
};
</script>
<template>
<gl-loading-icon v-if="isLoading" size="md" class="gl-mt-3" />
<section v-else-if="agentList" class="gl-mt-3">
<div v-if="agentList.length">
<AgentTable :agents="agentList" />
<div v-if="showPagination" class="gl-display-flex gl-justify-content-center gl-mt-5">
<gl-keyset-pagination v-bind="agentPageInfo" @prev="prevPage" @next="nextPage" />
</div>
</div>
<AgentEmptyState v-else :has-configurations="hasConfigurations" />
<InstallAgentModal @agentRegistered="reloadAgents" />
</section>
<gl-alert v-else variant="danger" :dismissible="false">
{{ s__('ClusterAgents|An error occurred while loading your GitLab Agents') }}
</gl-alert>
</template>

83
app/assets/javascripts/clusters_list/components/available_agents_dropdown.vue Normal file
View file

@ -0,0 +1,83 @@
<script>
import { GlDropdown, GlDropdownItem } from '@gitlab/ui';
import { I18N_AVAILABLE_AGENTS_DROPDOWN } from '../constants';
import agentConfigurations from '../graphql/queries/agent_configurations.query.graphql';
export default {
name: 'AvailableAgentsDropdown',
i18n: I18N_AVAILABLE_AGENTS_DROPDOWN,
components: {
GlDropdown,
GlDropdownItem,
},
inject: ['projectPath'],
props: {
isRegistering: {
required: true,
type: Boolean,
},
},
apollo: {
agents: {
query: agentConfigurations,
variables() {
return {
projectPath: this.projectPath,
};
},
update(data) {
this.populateAvailableAgents(data);
},
},
},
data() {
return {
availableAgents: [],
selectedAgent: null,
};
},
computed: {
isLoading() {
return this.$apollo.queries.agents.loading;
},
dropdownText() {
if (this.isRegistering) {
return this.$options.i18n.registeringAgent;
} else if (this.selectedAgent === null) {
return this.$options.i18n.selectAgent;
}
return this.selectedAgent;
},
},
methods: {
selectAgent(agent) {
this.$emit('agentSelected', agent);
this.selectedAgent = agent;
},
isSelected(agent) {
return this.selectedAgent === agent;
},
populateAvailableAgents(data) {
const installedAgents = data?.project?.clusterAgents?.nodes.map((agent) => agent.name) ?? [];
const configuredAgents =
data?.project?.agentConfigurations?.nodes.map((config) => config.agentName) ?? [];
this.availableAgents = configuredAgents.filter((agent) => !installedAgents.includes(agent));
},
},
};
</script>
<template>
<gl-dropdown :text="dropdownText" :loading="isLoading || isRegistering">
<gl-dropdown-item
v-for="agent in availableAgents"
:key="agent"
:is-checked="isSelected(agent)"
is-check-item
@click="selectAgent(agent)"
>
{{ agent }}
</gl-dropdown-item>
</gl-dropdown>
</template>

259
app/assets/javascripts/clusters_list/components/install_agent_modal.vue Normal file
View file

@ -0,0 +1,259 @@
<script>
import {
GlAlert,
GlButton,
GlFormGroup,
GlFormInputGroup,
GlLink,
GlModal,
GlSprintf,
} from '@gitlab/ui';
import { helpPagePath } from '~/helpers/help_page_helper';
import ClipboardButton from '~/vue_shared/components/clipboard_button.vue';
import CodeBlock from '~/vue_shared/components/code_block.vue';
import { generateAgentRegistrationCommand } from '../clusters_util';
import { INSTALL_AGENT_MODAL_ID, I18N_INSTALL_AGENT_MODAL } from '../constants';
import createAgent from '../graphql/mutations/create_agent.mutation.graphql';
import createAgentToken from '../graphql/mutations/create_agent_token.mutation.graphql';
import AvailableAgentsDropdown from './available_agents_dropdown.vue';
export default {
modalId: INSTALL_AGENT_MODAL_ID,
i18n: I18N_INSTALL_AGENT_MODAL,
components: {
AvailableAgentsDropdown,
ClipboardButton,
CodeBlock,
GlAlert,
GlButton,
GlFormGroup,
GlFormInputGroup,
GlLink,
GlModal,
GlSprintf,
},
inject: ['projectPath', 'kasAddress'],
data() {
return {
registering: false,
agentName: null,
agentToken: null,
error: null,
};
},
computed: {
registered() {
return Boolean(this.agentToken);
},
nextButtonDisabled() {
return !this.registering && this.agentName !== null;
},
canCancel() {
return !this.registered && !this.registering;
},
agentRegistrationCommand() {
return generateAgentRegistrationCommand(this.agentToken, this.kasAddress);
},
basicInstallPath() {
return helpPagePath('user/clusters/agent/index', {
anchor: 'install-the-agent-into-the-cluster',
});
},
advancedInstallPath() {
return helpPagePath('user/clusters/agent/index', { anchor: 'advanced-installation' });
},
},
methods: {
setAgentName(name) {
this.agentName = name;
},
cancelClicked() {
this.$refs.modal.hide();
},
doneClicked() {
this.$emit('agentRegistered');
this.$refs.modal.hide();
},
resetModal() {
this.registering = null;
this.agentName = null;
this.agentToken = null;
this.error = null;
},
createAgentMutation() {
return this.$apollo
.mutate({
mutation: createAgent,
variables: {
input: {
name: this.agentName,
projectPath: this.projectPath,
},
},
})
.then(({ data: { createClusterAgent } }) => createClusterAgent);
},
createAgentTokenMutation(agendId) {
return this.$apollo
.mutate({
mutation: createAgentToken,
variables: {
input: {
clusterAgentId: agendId,
name: this.agentName,
},
},
})
.then(({ data: { clusterAgentTokenCreate } }) => clusterAgentTokenCreate);
},
async registerAgent() {
this.registering = true;
this.error = null;
try {
const { errors: agentErrors, clusterAgent } = await this.createAgentMutation();
if (agentErrors?.length > 0) {
throw new Error(agentErrors[0]);
}
const { errors: tokenErrors, secret } = await this.createAgentTokenMutation(
clusterAgent.id,
);
if (tokenErrors?.length > 0) {
throw new Error(tokenErrors[0]);
}
this.agentToken = secret;
} catch (error) {
if (error) {
this.error = error.message;
} else {
this.error = this.$options.i18n.unknownError;
}
} finally {
this.registering = false;
}
},
},
};
</script>
<template>
<gl-modal
ref="modal"
:modal-id="$options.modalId"
:title="$options.i18n.modalTitle"
static
lazy
@hidden="resetModal"
>
<template v-if="!registered">
<p>
<strong>{{ $options.i18n.selectAgentTitle }}</strong>
</p>
<p>
<gl-sprintf :message="$options.i18n.selectAgentBody">
<template #link="{ content }">
<gl-link :href="basicInstallPath" target="_blank"> {{ content }}</gl-link>
</template>
</gl-sprintf>
</p>
<form>
<gl-form-group label-for="agent-name">
<available-agents-dropdown
class="gl-w-70p"
:is-registering="registering"
@agentSelected="setAgentName"
/>
</gl-form-group>
</form>
<p v-if="error">
<gl-alert
:title="$options.i18n.registrationErrorTitle"
variant="danger"
:dismissible="false"
>
{{ error }}
</gl-alert>
</p>
</template>
<template v-else>
<p>
<strong>{{ $options.i18n.tokenTitle }}</strong>
</p>
<p>
<gl-sprintf :message="$options.i18n.tokenBody">
<template #link="{ content }">
<gl-link :href="basicInstallPath" target="_blank"> {{ content }}</gl-link>
</template>
</gl-sprintf>
</p>
<p>
<gl-alert
:title="$options.i18n.tokenSingleUseWarningTitle"
variant="warning"
:dismissible="false"
>
{{ $options.i18n.tokenSingleUseWarningBody }}
</gl-alert>
</p>
<p>
<gl-form-input-group readonly :value="agentToken" :select-on-click="true">
<template #append>
<clipboard-button :text="agentToken" :title="$options.i18n.copyToken" />
</template>
</gl-form-input-group>
</p>
<p>
<strong>{{ $options.i18n.basicInstallTitle }}</strong>
</p>
<p>
{{ $options.i18n.basicInstallBody }}
</p>
<p>
<code-block :code="agentRegistrationCommand" />
</p>
<p>
<strong>{{ $options.i18n.advancedInstallTitle }}</strong>
</p>
<p>
<gl-sprintf :message="$options.i18n.advancedInstallBody">
<template #link="{ content }">
<gl-link :href="advancedInstallPath" target="_blank"> {{ content }}</gl-link>
</template>
</gl-sprintf>
</p>
</template>
<template #modal-footer>
<gl-button v-if="canCancel" @click="cancelClicked">{{ $options.i18n.cancel }} </gl-button>
<gl-button v-if="registered" variant="confirm" category="primary" @click="doneClicked"
>{{ $options.i18n.done }}
</gl-button>
<gl-button
v-else
:disabled="!nextButtonDisabled"
variant="confirm"
category="primary"
@click="registerAgent"
>{{ $options.i18n.next }}
</gl-button>
</template>
</gl-modal>
</template>

85
app/assets/javascripts/clusters_list/constants.js
View file

@ -1,4 +1,10 @@
import { __, s__ } from '~/locale';
import { __, s__, sprintf } from '~/locale';
export const MAX_LIST_COUNT = 25;
export const INSTALL_AGENT_MODAL_ID = 'install-agent';
export const ACTIVE_CONNECTION_TIME = 480000;
export const TROUBLESHOOTING_LINK =
'https://docs.gitlab.com/ee/user/clusters/agent/#troubleshooting';
export const CLUSTER_ERRORS = {
default: {
@ -58,3 +64,80 @@ export const STATUSES = {
deleting: { title: __('Deleting') },
creating: { title: __('Creating') },
};
export const I18N_INSTALL_AGENT_MODAL = {
next: __('Next'),
done: __('Done'),
cancel: __('Cancel'),
modalTitle: s__('ClusterAgents|Install new Agent'),
selectAgentTitle: s__('ClusterAgents|Select which Agent you want to install'),
selectAgentBody: s__(
`ClusterAgents|Select the Agent you want to register with GitLab and install on your cluster. To learn more about the Kubernetes Agent registration process %{linkStart}go to the documentation%{linkEnd}.`,
),
copyToken: s__('ClusterAgents|Copy token'),
tokenTitle: s__('ClusterAgents|Registration token'),
tokenBody: s__(
`ClusterAgents|The registration token will be used to connect the Agent on your cluster to GitLab. To learn more about the registration tokens and how they are used %{linkStart}go to the documentation%{linkEnd}.`,
),
tokenSingleUseWarningTitle: s__(
'ClusterAgents|The token value will not be shown again after you close this window.',
),
tokenSingleUseWarningBody: s__(
`ClusterAgents|The recommended installation method provided below includes the token. If you want to follow the alternative installation method provided in the docs make sure you save the token value before you close the window.`,
),
basicInstallTitle: s__('ClusterAgents|Recommended installation method'),
basicInstallBody: s__(
`Open a CLI and connect to the cluster you want to install the Agent in. Use this installation method to minimize any manual steps. The token is already included in the command.`,
),
advancedInstallTitle: s__('ClusterAgents|Alternative installation methods'),
advancedInstallBody: s__(
'ClusterAgents|For alternative installation methods %{linkStart}go to the documentation%{linkEnd}.',
),
registrationErrorTitle: s__('Failed to register Agent'),
unknownError: s__('ClusterAgents|An unknown error occurred. Please try again.'),
};
export const I18N_AVAILABLE_AGENTS_DROPDOWN = {
selectAgent: s__('ClusterAgents|Select an Agent'),
registeringAgent: s__('ClusterAgents|Registering Agent'),
};
export const AGENT_STATUSES = {
active: {
name: s__('ClusterAgents|Connected'),
icon: 'status-success',
class: 'text-success-500',
tooltip: {
title: sprintf(s__('ClusterAgents|Last connected %{timeAgo}.')),
},
},
inactive: {
name: s__('ClusterAgents|Not connected'),
icon: 'severity-critical',
class: 'text-danger-800',
tooltip: {
title: s__('ClusterAgents|Agent might not be connected to GitLab'),
body: sprintf(
s__(
'ClusterAgents|The Agent has not been connected in a long time. There might be a connectivity issue. Last contact was %{timeAgo}.',
),
),
},
},
unused: {
name: s__('ClusterAgents|Never connected'),
icon: 'status-neutral',
class: 'text-secondary-400',
tooltip: {
title: s__('ClusterAgents|Agent never connected to GitLab'),
body: s__('ClusterAgents|Make sure you are using a valid token.'),
},
},
};

8
app/assets/javascripts/clusters_list/graphql/mutations/create_agent.mutation.graphql Normal file
View file

@ -0,0 +1,8 @@
mutation createClusterAgent($input: CreateClusterAgentInput!) {
createClusterAgent(input: $input) {
clusterAgent {
id
}
errors
}
}

9
app/assets/javascripts/clusters_list/graphql/mutations/create_agent_token.mutation.graphql Normal file
View file

@ -0,0 +1,9 @@
mutation createClusterAgentToken($input: ClusterAgentTokenCreateInput!) {
clusterAgentTokenCreate(input: $input) {
secret
token {
id
}
errors
}
}

15
app/assets/javascripts/clusters_list/graphql/queries/agent_configurations.query.graphql Normal file
View file

@ -0,0 +1,15 @@
query agentConfigurations($projectPath: ID!) {
project(fullPath: $projectPath) {
agentConfigurations {
nodes {
agentName
}
}
clusterAgents {
nodes {
name
}
}
}
}

47
app/assets/javascripts/clusters_list/graphql/queries/get_agents.query.graphql Normal file
View file

@ -0,0 +1,47 @@
#import "~/graphql_shared/fragments/pageInfo.fragment.graphql"
query getAgents(
$defaultBranchName: String!
$projectPath: ID!
$first: Int
$last: Int
$afterAgent: String
$afterTree: String
$beforeAgent: String
$beforeTree: String
) {
project(fullPath: $projectPath) {
clusterAgents(first: $first, last: $last, before: $beforeAgent, after: $afterAgent) {
nodes {
id
name
webPath
tokens {
nodes {
lastUsedAt
}
}
}
pageInfo {
...PageInfo
}
}
repository {
tree(path: ".gitlab/agents", ref: $defaultBranchName) {
trees(first: $first, last: $last, after: $afterTree, before: $beforeTree) {
nodes {
name
path
webPath
}
pageInfo {
...PageInfo
}
}
}
}
}
}

5
app/assets/javascripts/clusters_list/index.js
View file

@ -1,6 +1,11 @@
import Vue from 'vue';
import VueApollo from 'vue-apollo';
import loadClusters from './load_clusters';
import loadAgents from './load_agents';
Vue.use(VueApollo);
export default () => {
loadClusters(Vue);
loadAgents(Vue, VueApollo);
};

44
app/assets/javascripts/clusters_list/load_agents.js Normal file
View file

@ -0,0 +1,44 @@
import createDefaultClient from '~/lib/graphql';
import Agents from './components/agents.vue';
export default (Vue, VueApollo) => {
const el = document.querySelector('#js-cluster-agents-list');
if (!el) {
return null;
}
const defaultClient = createDefaultClient({}, { assumeImmutableResults: true });
const {
emptyStateImage,
defaultBranchName,
projectPath,
agentDocsUrl,
installDocsUrl,
getStartedDocsUrl,
integrationDocsUrl,
kasAddress,
} = el.dataset;
return new Vue({
el,
apolloProvider: new VueApollo({ defaultClient }),
provide: {
emptyStateImage,
projectPath,
agentDocsUrl,
installDocsUrl,
getStartedDocsUrl,
integrationDocsUrl,
kasAddress,
},
render(createElement) {
return createElement(Agents, {
props: {
defaultBranchName,
},
});
},
});
};

71
app/assets/javascripts/comment_type_toggle.js
View file

@ -1,71 +0,0 @@
import DropLab from './droplab/drop_lab';
import ISetter from './droplab/plugins/input_setter';
// Todo: Remove this when fixing issue in input_setter plugin
const InputSetter = { ...ISetter };
class CommentTypeToggle {
constructor(opts = {}) {
this.dropdownTrigger = opts.dropdownTrigger;
this.dropdownList = opts.dropdownList;
this.noteTypeInput = opts.noteTypeInput;
this.submitButton = opts.submitButton;
this.closeButton = opts.closeButton;
this.reopenButton = opts.reopenButton;
}
initDroplab() {
this.droplab = new DropLab();
const config = this.setConfig();
this.droplab.init(this.dropdownTrigger, this.dropdownList, [InputSetter], config);
}
setConfig() {
const config = {
InputSetter: [
{
input: this.noteTypeInput,
valueAttribute: 'data-value',
},
{
input: this.submitButton,
valueAttribute: 'data-submit-text',
},
],
};
if (this.closeButton) {
config.InputSetter.push(
{
input: this.closeButton,
valueAttribute: 'data-close-text',
},
{
input: this.closeButton,
valueAttribute: 'data-close-text',
inputAttribute: 'data-alternative-text',
},
);
}
if (this.reopenButton) {
config.InputSetter.push(
{
input: this.reopenButton,
valueAttribute: 'data-reopen-text',
},
{
input: this.reopenButton,
valueAttribute: 'data-reopen-text',
inputAttribute: 'data-alternative-text',
},
);
}
return config;
}
}
export default CommentTypeToggle;

9
app/assets/javascripts/content_editor/components/top_toolbar.vue
View file

@ -111,6 +111,15 @@ export default {
:label="__('Add a numbered list')"
@execute="trackToolbarControlExecution"
/>
<toolbar-button
data-testid="details"
content-type="details"
icon-name="details-block"
class="gl-mx-2"
editor-command="toggleDetails"
:label="__('Add a collapsible section')"
@execute="trackToolbarControlExecution"
/>
<toolbar-button
data-testid="horizontal-rule"
content-type="horizontalRule"

33
app/assets/javascripts/content_editor/components/wrappers/details.vue Normal file
View file

@ -0,0 +1,33 @@
<script>
import { NodeViewWrapper, NodeViewContent } from '@tiptap/vue-2';
export default {
name: 'DetailsWrapper',
components: {
NodeViewWrapper,
NodeViewContent,
},
props: {
node: {
type: Object,
required: true,
},
},
data() {
return {
open: true,
};
},
};
</script>
<template>
<node-view-wrapper class="gl-display-flex">
<div
class="details-toggle-icon"
data-testid="details-toggle-icon"
:class="{ 'is-open': open }"
@click="open = !open"
></div>
<node-view-content as="ul" class="details-content" :class="{ 'is-open': open }" />
</node-view-wrapper>
</template>

32
app/assets/javascripts/content_editor/components/wrappers/frontmatter.vue Normal file
View file

@ -0,0 +1,32 @@
<script>
import { NodeViewWrapper, NodeViewContent } from '@tiptap/vue-2';
import { __ } from '~/locale';
export default {
name: 'FrontMatter',
components: {
NodeViewWrapper,
NodeViewContent,
},
props: {
node: {
type: Object,
required: true,
},
},
i18n: {
frontmatter: __('frontmatter'),
},
};
</script>
<template>
<node-view-wrapper class="gl-relative code highlight" as="pre">
<span
data-testid="frontmatter-label"
class="gl-absolute gl-top-0 gl-right-3"
contenteditable="false"
>{{ $options.i18n.frontmatter }}:{{ node.attrs.language }}</span
>
<node-view-content as="code" />
</node-view-wrapper>
</template>

2
app/assets/javascripts/content_editor/content_editor.stories.js
View file

@ -2,7 +2,7 @@ import { ContentEditor } from './index';
export default {
component: ContentEditor,
title: 'Components/Content Editor',
title: 'content_editor/components/content_editor',
};
const Template = (_, { argTypes }) => ({

3
app/assets/javascripts/content_editor/extensions/code_block_highlight.js
View file

@ -11,7 +11,8 @@ export default CodeBlockLowlight.extend({
parseHTML: (element) => extractLanguage(element),
},
class: {
default: 'code highlight js-syntax-highlight',
// eslint-disable-next-line @gitlab/require-i18n-strings
default: 'code highlight',
},
};
},

73
app/assets/javascripts/content_editor/extensions/color_chip.js Normal file
View file

@ -0,0 +1,73 @@
import { Node } from '@tiptap/core';
import { Plugin, PluginKey } from 'prosemirror-state';
import { Decoration, DecorationSet } from 'prosemirror-view';
import { isValidColorExpression } from '~/lib/utils/color_utils';
import { PARSE_HTML_PRIORITY_HIGHEST } from '../constants';
const colorExpressionTypes = ['#', 'hsl', 'rgb'];
const isValidColor = (color) => {
if (!colorExpressionTypes.some((type) => color.toLowerCase().startsWith(type))) {
return false;
}
return isValidColorExpression(color);
};
const highlightColors = (doc) => {
const decorations = [];
doc.descendants((node, position) => {
const { text, marks } = node;
if (!text || marks.length === 0 || marks[0].type.name !== 'code' || !isValidColor(text)) {
return;
}
const from = position;
const to = from + text.length;
const decoration = Decoration.inline(from, to, {
class: 'gl-display-inline-flex gl-align-items-center content-editor-color-chip',
style: `--gl-color-chip-color: ${text}`,
});
decorations.push(decoration);
});
return DecorationSet.create(doc, decorations);
};
export const colorDecoratorPlugin = new Plugin({
key: new PluginKey('colorDecorator'),
state: {
init(_, { doc }) {
return highlightColors(doc);
},
apply(transaction, oldState) {
return transaction.docChanged ? highlightColors(transaction.doc) : oldState;
},
},
props: {
decorations(state) {
return this.getState(state);
},
},
});
export default Node.create({
name: 'colorChip',
parseHTML() {
return [
{
tag: '.gfm-color_chip',
ignore: true,
priority: PARSE_HTML_PRIORITY_HIGHEST,
},
];
},
addProseMirrorPlugins() {
return [colorDecoratorPlugin];
},
});

36
app/assets/javascripts/content_editor/extensions/details.js Normal file
View file

@ -0,0 +1,36 @@
import { Node } from '@tiptap/core';
import { VueNodeViewRenderer } from '@tiptap/vue-2';
import { wrappingInputRule } from 'prosemirror-inputrules';
import DetailsWrapper from '../components/wrappers/details.vue';
export const inputRegex = /^\s*(<details>)$/;
export default Node.create({
name: 'details',
content: 'detailsContent+',
// eslint-disable-next-line @gitlab/require-i18n-strings
group: 'block list',
parseHTML() {
return [{ tag: 'details' }];
},
renderHTML({ HTMLAttributes }) {
return ['ul', HTMLAttributes, 0];
},
addNodeView() {
return VueNodeViewRenderer(DetailsWrapper);
},
addInputRules() {
return [wrappingInputRule(inputRegex, this.type)];
},
addCommands() {
return {
setDetails: () => ({ commands }) => commands.wrapInList('details'),
toggleDetails: () => ({ commands }) => commands.toggleList('details', 'detailsContent'),
};
},
});

Some files were not shown because too many files have changed in this diff Show more