diff --git a/.eslintrc.yml b/.eslintrc.yml index 6b9a1ce62c..cd3cd82d4e 100644 --- a/.eslintrc.yml +++ b/.eslintrc.yml @@ -88,7 +88,7 @@ rules: - pattern: test_fixtures/** group: internal alphabetize: - order: asc + order: ignore overrides: - files: - '**/spec/**/*' @@ -100,6 +100,8 @@ overrides: - 'scripts/**/*' - '*.config.js' - '*.config.*.js' + - 'jest_resolver.js' + - storybook/config/*.js rules: '@gitlab/require-i18n-strings': off import/no-extraneous-dependencies: off diff --git a/.gitignore b/.gitignore index f753a24756..5152ef2057 100644 --- a/.gitignore +++ b/.gitignore @@ -40,10 +40,7 @@ eslint-report.html /config/initializers/smtp_settings.rb /config/initializers/relative_url.rb /config/resque.yml -/config/redis.cache.yml -/config/redis.queues.yml -/config/redis.shared_state.yml -/config/redis.trace_chunks.yml +/config/redis.*.yml /config/unicorn.rb /config/puma.rb /config/secrets.yml diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 891551cd41..b72ad35953 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -5,9 +5,7 @@ stages: - fixtures - test - post-test - - review-prepare - review - - dast - qa - post-qa - pages @@ -89,11 +87,12 @@ variables: REVIEW_APPS_GCP_REGION: "us-central1" BUILD_ASSETS_IMAGE: "true" # Set it to "false" to disable assets image building, used in `build-assets-image` - RSPEC_FAIL_FAST_ENABLED: "true" # Set it to "false" to disable RSpec fail-fast SIMPLECOV: "true" # For the default QA image, we use $CI_COMMIT_SHA as tag since it's always available and we override it for specific workflow.rules (see above) QA_IMAGE: "${CI_REGISTRY}/${CI_PROJECT_PATH}/gitlab-ee-qa:${CI_COMMIT_SHA}" + # Default latest tag for particular branch + QA_IMAGE_BRANCH: "${CI_REGISTRY}/${CI_PROJECT_PATH}/gitlab-ee-qa:${CI_COMMIT_REF_SLUG}" # Preparing custom clone path to reduce space used by all random forks # on GitLab.com's Shared Runners. Our main forks - especially the security diff --git a/.gitlab/CODEOWNERS b/.gitlab/CODEOWNERS index 095601ba82..64e74dd12e 100644 --- a/.gitlab/CODEOWNERS +++ b/.gitlab/CODEOWNERS @@ -11,39 +11,40 @@ /doc/.markdownlint @marcel.amirault @eread @aqualls @cnorris /doc/ @gl-docsteam /doc/.vale/ @marcel.amirault @eread @aqualls @cnorris -/doc/administration/geo/ @axil +/doc/administration/geo/ @marcel.amirault /doc/administration/gitaly/ @eread /doc/administration/lfs/ @aqualls /doc/administration/monitoring/ @ngaskill -/doc/administration/operations/ @axil @eread @marcia +/doc/administration/operations/ @marcel.amirault @eread @marcia /doc/administration/packages/ @ngaskill -/doc/administration/pages/ @axil @kpaizee +/doc/administration/pages/ @rdickenson @kpaizee /doc/administration/postgresql/ @marcia -/doc/administration/raketasks/ @axil @eread -/doc/administration/redis/ @axil -/doc/administration/reference_architectures/ @axil +/doc/administration/raketasks/ @marcel.amirault @eread +/doc/administration/redis/ @marcel.amirault +/doc/administration/reference_architectures/ @marcel.amirault /doc/administration/snippets/ @aqualls -/doc/administration/troubleshooting @axil @marcia @eread +/doc/administration/troubleshooting @marcel.amirault @marcia @eread /doc/api/graphql/ @msedlakjakubowski @kpaizee /doc/api/graphql/reference/ @kpaizee /doc/api/group_activity_analytics.md @msedlakjakubowski /doc/ci/ @marcel.amirault @sselhorn -/doc/ci/environments/ @axil +/doc/ci/environments/ @rdickenson /doc/ci/services/ @sselhorn /doc/ci/test_cases/ @msedlakjakubowski /doc/development/ @marcia -/doc/development/documentation/ @cnorris +/doc/development/documentation/ @cnorris @dianalogan /doc/development/i18n/ @ngaskill /doc/development/value_stream_analytics.md @msedlakjakubowski /doc/gitlab-basics/ @aqualls -/doc/install/ @axil -/doc/operations/ @ngaskill @axil +/doc/install/ @marcel.amirault +/doc/operations/ @ngaskill @rdickenson /doc/push_rules/ @aqualls +/doc/security/ @eread /doc/ssh/ @eread /doc/subscriptions/ @sselhorn /doc/topics/autodevops/ @marcia /doc/topics/git/ @aqualls -/doc/update/ @axil @marcia +/doc/update/ @marcel.amirault @marcia /doc/user/analytics/ @msedlakjakubowski @ngaskill /doc/user/application_security/ @rdickenson /doc/user/application_security/container_scanning/ @ngaskill @@ -62,13 +63,13 @@ /doc/user/packages/infrastructure_registry/ @marcia /doc/user/packages/terraform_module_registry/ @marcia /doc/user/profile/ @msedlakjakubowski @eread -/doc/user/project/ @aqualls @axil @eread @msedlakjakubowski @ngaskill +/doc/user/project/ @aqualls @rdickenson @eread @msedlakjakubowski @ngaskill /doc/user/project/clusters/ @marcia /doc/user/project/import/ @ngaskill @msedlakjakubowski /doc/user/project/issues/ @msedlakjakubowski /doc/user/project/merge_requests/ @aqualls @eread /doc/user/project/milestones/ @msedlakjakubowski -/doc/user/project/pages/ @axil +/doc/user/project/pages/ @rdickenson /doc/user/project/repository/ @aqualls /doc/user/project/settings/ @aqualls @eread /doc/user/project/static_site_editor/index.md @aqualls @@ -151,8 +152,8 @@ /doc/api/invitations.md @kpaizee /doc/api/experiments.md @kpaizee /doc/development/experiment_guide/ @kpaizee -/doc/development/snowplow/ @kpaizee -/doc/development/service_ping/ @kpaizee +/doc/development/snowplow/ @fneill +/doc/development/service_ping/ @fneill /doc/user/admin_area/license.md @kpaizee [Frontend] @@ -241,7 +242,7 @@ Dangerfile @gl-quality/eng-prod /ee/lib/gitlab/ci/reports/dependency_list/ @gitlab-org/secure/composition-analysis-be /ee/lib/gitlab/ci/reports/license_scanning/ @gitlab-org/secure/composition-analysis-be /ee/lib/gitlab/ci/reports/security/ @gitlab-org/secure/composition-analysis-be @gitlab-org/secure/dynamic-analysis-be @gitlab-org/secure/static-analysis-be @gitlab-org/secure/fuzzing-be -/ee/app/services/ci/run_dast_scan_service.rb @gitlab-org/secure/dynamic-analysis-be +/ee/app/services/app_sec/dast/ @gitlab-org/secure/dynamic-analysis-be [Container Security] /ee/app/views/projects/threat_monitoring/** @gitlab-org/protect/container-security-frontend diff --git a/.gitlab/ci/build-images.gitlab-ci.yml b/.gitlab/ci/build-images.gitlab-ci.yml index 0169f01706..6a222d8937 100644 --- a/.gitlab/ci/build-images.gitlab-ci.yml +++ b/.gitlab/ci/build-images.gitlab-ci.yml @@ -28,7 +28,8 @@ build-qa-image: script: - !reference [.base-image-build, script] - echo $QA_IMAGE - - /kaniko/executor --context=${CI_PROJECT_DIR} --dockerfile=${CI_PROJECT_DIR}/qa/Dockerfile --destination=${QA_IMAGE} --cache=true + - echo $QA_IMAGE_BRANCH + - /kaniko/executor --context=${CI_PROJECT_DIR} --dockerfile=${CI_PROJECT_DIR}/qa/Dockerfile --destination=${QA_IMAGE} --destination=${QA_IMAGE_BRANCH} --cache=true # This image is used by: # - The `CNG` pipelines (via the `review-build-cng` job): https://gitlab.com/gitlab-org/build/CNG/-/blob/cfc67136d711e1c8c409bf8e57427a644393da2f/.gitlab-ci.yml#L335 diff --git a/.gitlab/ci/dast.gitlab-ci.yml b/.gitlab/ci/dast.gitlab-ci.yml deleted file mode 100644 index 309714f873..0000000000 --- a/.gitlab/ci/dast.gitlab-ci.yml +++ /dev/null @@ -1,205 +0,0 @@ -.dast_conf: - tags: - - prm - # For scheduling dast job - extends: - - .reports:rules:schedule-dast - image: - name: "registry.gitlab.com/gitlab-org/security-products/dast:$DAST_VERSION" - resource_group: dast_scan - variables: - DAST_USERNAME_FIELD: "user[login]" - DAST_PASSWORD_FIELD: "user[password]" - DAST_FULL_SCAN_ENABLED: "true" - DAST_SPIDER_MINS: 0 - # TBD pin to a version - DAST_VERSION: 1.22.1 - # -Xmx is used to set the JVM memory to 6GB to prevent DAST OutOfMemoryError. - DAST_ZAP_CLI_OPTIONS: "-Xmx6144m" - DAST_RULES: "41,42,43,10027,10032,10041,10042,10045,10047,10052,10053,10057,10061,10096,10097,10104,10106,20012,20014,20015,20016,20017,20018,40019,40020,40021,40024,40025,40027,40029,40032,90001,90019,10109,10026,10028,10029,10030,10031,10033,10034,10035,10036,10038,10039,10043,10044,10048,10050,10051,10058,10062,10095,10107,10108,30003,40013,40022,40023,40028,90021,90023,90024,90025,90027,90028,10003,50003,0,2,3,6,7,10010,10011,10015,10017,10019,10020,10021,10023,10024,10025,10037,10040,10054,10055,10056,10098,10105,10202,20019,30001,30002,40003,40008,40009,40012,40014,40016,40017,40018,50000,50001,90011,90020,90022,90033" - before_script: - - 'export DAST_WEBSITE="${DAST_WEBSITE:-$(cat environment_url.txt)}"' - - 'export DAST_AUTH_URL="${DAST_WEBSITE}/users/sign_in"' - - 'export DAST_PASSWORD="${REVIEW_APPS_ROOT_PASSWORD}"' - # Below three lines can be removed once https://gitlab.com/gitlab-org/gitlab/-/issues/230687 is fixed - - mkdir -p /zap/xml - - 'sed -i "84 s/true/false/" /zap/xml/config.xml' - - cat /zap/xml/config.xml - # Help pages are excluded from scan as they are static pages. - # profile/two_factor_auth is excluded from scan to prevent 2FA from being turned on from user profile, which will reduce coverage. - - 'export DAST_AUTH_EXCLUDE_URLS="${DAST_WEBSITE}/help/.*,${DAST_WEBSITE}/profile/two_factor_auth,${DAST_WEBSITE}/users/sign_out"' - # Exclude the automatically generated monitoring project from being tested due to https://gitlab.com/gitlab-org/gitlab/-/issues/260362 - - 'DAST_AUTH_EXCLUDE_URLS="${DAST_AUTH_EXCLUDE_URLS},https://.*\.gitlab-review\.app/gitlab-instance-(administrators-)?[a-zA-Z0-9]{8}/.*"' - - enable_rule () { read all_rules; rule=$1; echo $all_rules | sed -r "s/(,)?$rule(,)?/\1-1\2/" ; } - # Sort ids in DAST_RULES ascendingly, which is required when using DAST_RULES as argument to enable_rule - - 'DAST_RULES=$(echo $DAST_RULES | tr "," "\n" | sort -n | paste -sd ",")' - needs: ["review-deploy"] - stage: dast - # Default job timeout set to 90m and dast rules needs 2h to so that it won't timeout. - timeout: 2h - # Add retry because of intermittent connection problems. See https://gitlab.com/gitlab-org/gitlab/-/issues/244313 - retry: 1 - artifacts: - paths: - - gl-dast-report.json # GitLab-specific - reports: - dast: gl-dast-report.json - expire_in: 1 week # GitLab-specific - -# DAST scan with a subset of Release scan rules. -DAST-fullscan-ruleset1: - extends: - - .dast_conf - variables: - DAST_USERNAME: "user1" - script: - - export DAST_EXCLUDE_RULES=$(echo $DAST_RULES | enable_rule 10019 | enable_rule 10020 | enable_rule 10021 | enable_rule 10023 | enable_rule 10024 | enable_rule 10025 | enable_rule 10037 | enable_rule 10040 | enable_rule 10054 | enable_rule 10055 | enable_rule 10056) - - echo $DAST_EXCLUDE_RULES - - /analyze -t $DAST_WEBSITE -d - -# DAST scan with a subset of Release scan rules. -DAST-fullscan-ruleset2: - extends: - - .dast_conf - variables: - DAST_USERNAME: "user2" - script: - - export DAST_EXCLUDE_RULES=$(echo $DAST_RULES | enable_rule 90011 | enable_rule 90020 | enable_rule 90022 | enable_rule 90033) - - echo $DAST_EXCLUDE_RULES - - /analyze -t $DAST_WEBSITE -d - -# DAST scan with a subset of Release scan rules. -DAST-fullscan-ruleset3: - extends: - - .dast_conf - variables: - DAST_USERNAME: "user3" - script: - - export DAST_EXCLUDE_RULES=$(echo $DAST_RULES | enable_rule 40016 | enable_rule 40017 | enable_rule 50000 | enable_rule 50001) - - echo $DAST_EXCLUDE_RULES - - /analyze -t $DAST_WEBSITE -d - -# DAST scan with a subset of Release scan rules. -DAST-fullscan-ruleset4: - extends: - - .dast_conf - variables: - DAST_USERNAME: "user4" - script: - - export DAST_EXCLUDE_RULES=$(echo $DAST_RULES | enable_rule 0 | enable_rule 2 | enable_rule 3 | enable_rule 7 ) - - echo $DAST_EXCLUDE_RULES - - /analyze -t $DAST_WEBSITE -d - -# DAST scan with a subset of Release scan rules. -DAST-fullscan-ruleset5: - extends: - - .dast_conf - variables: - DAST_USERNAME: "user5" - script: - - export DAST_EXCLUDE_RULES=$(echo $DAST_RULES | enable_rule 10010 | enable_rule 10011 | enable_rule 10017 | enable_rule 10019) - - echo $DAST_EXCLUDE_RULES - - /analyze -t $DAST_WEBSITE -d - -# DAST scan with a subset of Release scan rules. -DAST-fullscan-ruleset6: - extends: - - .dast_conf - variables: - DAST_USERNAME: "user6" - script: - - export DAST_EXCLUDE_RULES=$(echo $DAST_RULES | enable_rule 30001 | enable_rule 40009) - - echo $DAST_EXCLUDE_RULES - - /analyze -t $DAST_WEBSITE -d - -# Enable when https://gitlab.com/gitlab-org/gitlab/-/merge_requests/39749 is fixed -# DAST scan with a subset of Beta scan rules. -# DAST-fullscan-ruleset7: -# extends: -# - .dast_conf -# variables: -# DAST_USERNAME: "user7" -# script: -# - export DAST_EXCLUDE_RULES=$(echo $DAST_RULES | enable_rule 10098 | enable_rule 10105 | enable_rule 10202 | enable_rule 30002 | enable_rule 40003 | enable_rule 40008 | enable_rule 40009) -# - echo $DAST_EXCLUDE_RULES -# - /analyze -t $DAST_WEBSITE -d - -# Enable when https://gitlab.com/gitlab-org/gitlab/-/merge_requests/39749 is fixed -# Below jobs runs DAST scans with one time consuming scan rule. These scan rules are disabled in above jobs so that those jobs won't timeout. -# DAST scan with rule - 20019 External Redirect -# DAST-fullscan-rule-20019: -# extends: -# - .dast_conf -# variables: -# DAST_USERNAME: "user8" -# script: -# - export DAST_EXCLUDE_RULES=$(echo $DAST_RULES | enable_rule 20019) -# - echo $DAST_EXCLUDE_RULES -# - /analyze -t $DAST_WEBSITE -d - -# Enable when https://gitlab.com/gitlab-org/gitlab/-/merge_requests/39749 is fixed -# DAST scan with rule - 10107 Httpoxy - Proxy Header Misuse - Active/beta -# DAST-fullscan-rule-10107: -# extends: -# - .dast_conf -# variables: -# DAST_USERNAME: "user9" -# script: -# - export DAST_EXCLUDE_RULES=$(echo $DAST_RULES | enable_rule 10107) -# - echo $DAST_EXCLUDE_RULES -# - /analyze -t $DAST_WEBSITE -d - -# DAST scan with rule - 90020 Remote OS Command Injection -DAST-fullscan-rule-90020: - extends: - - .dast_conf - variables: - DAST_USERNAME: "user10" - script: - - export DAST_EXCLUDE_RULES=$(echo $DAST_RULES | enable_rule 90020) - - echo $DAST_EXCLUDE_RULES - - /analyze -t $DAST_WEBSITE -d - -# DAST scan with rule - 40018 SQL Injection - Active/release -DAST-fullscan-rule-40018: - extends: - - .dast_conf - variables: - DAST_USERNAME: "user11" - script: - - export DAST_EXCLUDE_RULES=$(echo $DAST_RULES | enable_rule 40018) - - echo $DAST_EXCLUDE_RULES - - /analyze -t $DAST_WEBSITE -d - -# DAST scan with rule - 40014 Cross Site Scripting (Persistent) - Active/release -DAST-fullscan-rule-40014: - extends: - - .dast_conf - variables: - DAST_USERNAME: "user12" - script: - - export DAST_EXCLUDE_RULES=$(echo $DAST_RULES | enable_rule 40014) - - echo $DAST_EXCLUDE_RULES - - /analyze -t $DAST_WEBSITE -d - -# DAST scan with rule - 6 Path travesal -DAST-fullscan-rule-6: - extends: - - .dast_conf - variables: - DAST_USERNAME: "user13" - script: - - export DAST_EXCLUDE_RULES=$(echo $DAST_RULES | enable_rule 6) - - echo $DAST_EXCLUDE_RULES - - /analyze -t $DAST_WEBSITE -d - -# DAST scan with rule - 40012 Cross Site Scripting (Reflected) -DAST-fullscan-rule-40012: - extends: - - .dast_conf - variables: - DAST_USERNAME: "user14" - script: - - export DAST_EXCLUDE_RULES=$(echo $DAST_RULES | enable_rule 40012) - - echo $DAST_EXCLUDE_RULES - - /analyze -t $DAST_WEBSITE -d diff --git a/.gitlab/ci/docs.gitlab-ci.yml b/.gitlab/ci/docs.gitlab-ci.yml index c585047f91..f4d8698f22 100644 --- a/.gitlab/ci/docs.gitlab-ci.yml +++ b/.gitlab/ci/docs.gitlab-ci.yml @@ -75,17 +75,3 @@ ui-docs-links lint: needs: [] script: - bundle exec haml-lint -i DocumentationLinks - -deprecations-doc check: - variables: - SETUP_DB: "false" - extends: - - .default-retry - - .rails-cache - - .default-before_script - - .docs:rules:deprecations - stage: test - needs: [] - script: - - bundle exec rake gitlab:docs:check_deprecations - allow_failure: true diff --git a/.gitlab/ci/frontend.gitlab-ci.yml b/.gitlab/ci/frontend.gitlab-ci.yml index 48f85219ff..6974d63a49 100644 --- a/.gitlab/ci/frontend.gitlab-ci.yml +++ b/.gitlab/ci/frontend.gitlab-ci.yml @@ -71,6 +71,12 @@ compile-test-assets as-if-foss: - .frontend:rules:compile-test-assets-as-if-foss - .as-if-foss +compile-test-assets as-if-jh: + extends: + - compile-test-assets + - .frontend:rules:compile-test-assets-as-if-jh + needs: ["add-jh-folder"] + update-assets-compile-production-cache: extends: - compile-production-assets @@ -112,7 +118,7 @@ update-storybook-yarn-cache: - .rails-cache - .use-pg12 stage: fixtures - needs: ["setup-test-env", "retrieve-tests-metadata", "compile-test-assets"] + needs: ["setup-test-env", "retrieve-tests-metadata"] variables: WEBPACK_VENDOR_DLL: "true" script: @@ -128,23 +134,38 @@ update-storybook-yarn-cache: - tmp/tests/frontend/ - knapsack/ -rspec frontend_fixture: +# Builds FOSS, and EE fixtures in the EE project. +# Builds FOSS fixtures in the FOSS project. +rspec-all frontend_fixture: extends: - .frontend-fixtures-base - .frontend:rules:default-frontend-jobs - parallel: 2 + needs: + - !reference [.frontend-fixtures-base, needs] + - "compile-test-assets" + parallel: 5 -rspec frontend_fixture as-if-foss: +# Builds FOSS fixtures in the EE project, with the `ee/` folder removed (due to `as-if-foss`). +rspec-all frontend_fixture as-if-foss: extends: - .frontend-fixtures-base - .frontend:rules:default-frontend-jobs-as-if-foss - .as-if-foss + needs: + - !reference [.frontend-fixtures-base, needs] + - "compile-test-assets as-if-foss" -rspec-ee frontend_fixture: +# Builds FOSS, EE, and JH fixtures in the EE project, with the `jh/` folder added (due to `as-if-jh`). +rspec-all frontend_fixture as-if-jh: extends: - .frontend-fixtures-base - - .frontend:rules:default-frontend-jobs-ee - parallel: 3 + - .frontend:rules:default-frontend-jobs-as-if-jh + needs: + - !reference [.frontend-fixtures-base, needs] + - "compile-test-assets as-if-jh" + - "add-jh-folder" + script: + - echo "This job is currently doing nothing since there's no specific JH fixtures yet. To enable this job, remove this line." graphql-schema-dump: variables: @@ -172,7 +193,9 @@ graphql-schema-dump: # Disable warnings in browserslist which can break on backports # https://github.com/browserslist/browserslist/blob/a287ec6/node.js#L367-L384 BROWSERSLIST_IGNORE_OLD_DATA: "true" + SETUP_DB: "false" before_script: + - !reference [.default-before_script, before_script] - *yarn-install stage: test @@ -194,11 +217,7 @@ jest: extends: - .jest-base - .frontend:rules:jest - needs: - - job: "detect-tests" - - job: "rspec frontend_fixture" - - job: "rspec-ee frontend_fixture" - optional: true + needs: ["rspec-all frontend_fixture"] artifacts: name: coverage-frontend expire_in: 31d @@ -215,6 +234,9 @@ jest minimal: extends: - jest - .frontend:rules:jest:minimal + needs: + - !reference [jest, needs] + - "detect-tests" script: - run_timed_command "yarn jest:ci:minimal" @@ -225,9 +247,7 @@ jest-integration: script: - run_timed_command "yarn jest:integration --ci" needs: - - job: "rspec frontend_fixture" - - job: "rspec-ee frontend_fixture" - optional: true + - job: "rspec-all frontend_fixture" - job: "graphql-schema-dump" jest-as-if-foss: @@ -235,9 +255,17 @@ jest-as-if-foss: - .jest-base - .frontend:rules:default-frontend-jobs-as-if-foss - .as-if-foss - needs: ["rspec frontend_fixture as-if-foss"] + needs: ["rspec-all frontend_fixture as-if-foss"] parallel: 2 +jest-as-if-jh: + extends: + - .jest-base + - .frontend:rules:default-frontend-jobs-as-if-jh + needs: ["rspec-all frontend_fixture as-if-jh", "add-jh-folder"] + script: + - echo "This job is currently doing nothing since there's no specific JH Jest tests yet. To enable this job, remove this line." + coverage-frontend: extends: - .default-retry @@ -341,9 +369,7 @@ startup-css-check: - .frontend:rules:default-frontend-jobs needs: - job: "compile-test-assets" - - job: "rspec frontend_fixture" - - job: "rspec-ee frontend_fixture" - optional: true + - job: "rspec-all frontend_fixture" startup-css-check as-if-foss: extends: @@ -352,7 +378,7 @@ startup-css-check as-if-foss: - .frontend:rules:default-frontend-jobs-as-if-foss needs: - job: "compile-test-assets as-if-foss" - - job: "rspec frontend_fixture as-if-foss" + - job: "rspec-all frontend_fixture as-if-foss" .compile-storybook-base: extends: @@ -361,11 +387,15 @@ startup-css-check as-if-foss: script: - *storybook-yarn-install - yarn run storybook:build + needs: ["graphql-schema-dump"] compile-storybook: extends: - .compile-storybook-base - .frontend:rules:default-frontend-jobs + needs: + - !reference [.compile-storybook-base, needs] + - job: "rspec-all frontend_fixture" artifacts: name: storybook expire_in: 31d @@ -378,3 +408,6 @@ compile-storybook as-if-foss: - .compile-storybook-base - .as-if-foss - .frontend:rules:default-frontend-jobs-as-if-foss + needs: + - !reference [.compile-storybook-base, needs] + - job: "rspec-all frontend_fixture as-if-foss" diff --git a/.gitlab/ci/global.gitlab-ci.yml b/.gitlab/ci/global.gitlab-ci.yml index d9978a44ff..d0c26d6006 100644 --- a/.gitlab/ci/global.gitlab-ci.yml +++ b/.gitlab/ci/global.gitlab-ci.yml @@ -10,6 +10,7 @@ .default-before_script: before_script: + - echo $FOSS_ONLY - '[ "$FOSS_ONLY" = "1" ] && rm -rf ee/ qa/spec/ee/ qa/qa/specs/features/ee/ qa/qa/ee/ qa/qa/ee.rb' - export GOPATH=$CI_PROJECT_DIR/.go - mkdir -p $GOPATH @@ -193,10 +194,12 @@ .storybook-yarn-cache: cache: + - *node-modules-cache - *storybook-node-modules-cache .storybook-yarn-cache-push: cache: + - *node-modules-cache # We don't push this cache as it's already rebuilt by `update-yarn-cache` - *storybook-node-modules-cache-push .use-pg11: diff --git a/.gitlab/ci/memory.gitlab-ci.yml b/.gitlab/ci/memory.gitlab-ci.yml index f3ad8f81da..9234b116ff 100644 --- a/.gitlab/ci/memory.gitlab-ci.yml +++ b/.gitlab/ci/memory.gitlab-ci.yml @@ -4,6 +4,12 @@ - .rails-cache - .default-before_script - .memory:rules + variables: + METRICS_FILE: "metrics.txt" + artifacts: + reports: + metrics: "${METRICS_FILE}" + expire_in: 31d memory-static: extends: .only-code-memory-job-base @@ -11,24 +17,25 @@ memory-static: needs: ["setup-test-env"] variables: SETUP_DB: "false" + MEMORY_BUNDLE_MEM_FILE: "tmp/memory_bundle_mem.txt" + MEMORY_BUNDLE_OBJECTS_FILE: "tmp/memory_bundle_objects.txt" script: # Uses two different reports from the 'derailed_benchmars' gem. # Loads each of gems in the Gemfile and checks how much memory they consume when they are required. # 'derailed_benchmarks' internally uses 'get_process_mem' - - bundle exec derailed bundle:mem > tmp/memory_bundle_mem.txt - - scripts/generate-gems-size-metrics-static tmp/memory_bundle_mem.txt >> 'tmp/memory_metrics.txt' + - bundle exec derailed bundle:mem > "${MEMORY_BUNDLE_MEM_FILE}" + - scripts/generate-gems-size-metrics-static "${MEMORY_BUNDLE_MEM_FILE}" >> "${METRICS_FILE}" # Outputs detailed information about objects created while gems are loaded. # 'derailed_benchmarks' internally uses 'memory_profiler' - - bundle exec derailed bundle:objects > tmp/memory_bundle_objects.txt - - scripts/generate-gems-memory-metrics-static tmp/memory_bundle_objects.txt >> 'tmp/memory_metrics.txt' + - bundle exec derailed bundle:objects > "${MEMORY_BUNDLE_OBJECTS_FILE}" + - scripts/generate-gems-memory-metrics-static "${MEMORY_BUNDLE_OBJECTS_FILE}" >> "${METRICS_FILE}" artifacts: paths: - - tmp/memory_*.txt - reports: - metrics: tmp/memory_metrics.txt - expire_in: 31d + - "${METRICS_FILE}" + - "${MEMORY_BUNDLE_MEM_FILE}" + - "${MEMORY_BUNDLE_OBJECTS_FILE}" # Show memory usage caused by invoking require per gem. # Unlike `memory-static`, it hits the app with one request to ensure that any last minute require-s have been called. @@ -44,12 +51,11 @@ memory-on-boot: NODE_ENV: "production" RAILS_ENV: "production" SETUP_DB: "true" + MEMORY_ON_BOOT_FILE: "tmp/memory_on_boot.txt" script: - - PATH_TO_HIT="/users/sign_in" CUT_OFF=0.3 bundle exec derailed exec perf:mem >> 'tmp/memory_on_boot.txt' - - scripts/generate-memory-metrics-on-boot tmp/memory_on_boot.txt >> 'tmp/memory_on_boot_metrics.txt' + - PATH_TO_HIT="/users/sign_in" CUT_OFF=0.3 bundle exec derailed exec perf:mem >> "${MEMORY_ON_BOOT_FILE}" + - scripts/generate-memory-metrics-on-boot "${MEMORY_ON_BOOT_FILE}" >> "${METRICS_FILE}" artifacts: paths: - - tmp/memory_*.txt - reports: - metrics: tmp/memory_on_boot_metrics.txt - expire_in: 31d + - "${METRICS_FILE}" + - "${MEMORY_ON_BOOT_FILE}" diff --git a/.gitlab/ci/reports.gitlab-ci.yml b/.gitlab/ci/reports.gitlab-ci.yml index a5403073e1..b581cf83d5 100644 --- a/.gitlab/ci/reports.gitlab-ci.yml +++ b/.gitlab/ci/reports.gitlab-ci.yml @@ -1,7 +1,7 @@ include: - template: Jobs/Code-Quality.gitlab-ci.yml - - template: Security/SAST.gitlab-ci.yml - - template: Security/Secret-Detection.gitlab-ci.yml + - template: Jobs/SAST.gitlab-ci.yml + - template: Jobs/Secret-Detection.gitlab-ci.yml - template: Security/Dependency-Scanning.gitlab-ci.yml - template: Security/License-Scanning.gitlab-ci.yml @@ -13,6 +13,7 @@ code_quality: paths: - gl-code-quality-report.json # GitLab-specific rules: !reference [".reports:rules:code_quality", rules] + allow_failure: true .sast-analyzer: # We need to re-`extends` from `sast` as the `extends` here overrides the one from the template. @@ -27,16 +28,13 @@ code_quality: variables: SAST_BRAKEMAN_LEVEL: 2 # GitLab-specific SAST_EXCLUDED_PATHS: "qa, spec, doc, ee/spec, config/gitlab.yml.example, tmp" # GitLab-specific - SAST_EXCLUDED_ANALYZERS: bandit, flawfinder, phpcs-security-audit, pmd-apex, security-code-scan, spotbugs, eslint + SAST_EXCLUDED_ANALYZERS: bandit, flawfinder, phpcs-security-audit, pmd-apex, security-code-scan, spotbugs, eslint, nodejs-scan brakeman-sast: - rules: !reference [".reports:rules:sast", rules] - -nodejs-scan-sast: - rules: !reference [".reports:rules:sast", rules] + rules: !reference [".reports:rules:brakeman-sast", rules] semgrep-sast: - rules: !reference [".reports:rules:sast", rules] + rules: !reference [".reports:rules:semgrep-sast", rules] gosec-sast: variables: @@ -52,7 +50,7 @@ gosec-sast: cache: paths: - vendor/go - rules: !reference [".reports:rules:sast", rules] + rules: !reference [".reports:rules:gosec-sast", rules] .secret-analyzer: extends: .default-retry @@ -73,6 +71,7 @@ secret_detection: needs: [] variables: DS_EXCLUDED_PATHS: "qa/qa/ee/fixtures/secure_premade_reports, spec, ee/spec, tmp" # GitLab-specific + DS_EXCLUDED_ANALYZERS: "gemnasium-maven" artifacts: paths: - gl-dependency-scanning-report.json # GitLab-specific @@ -82,11 +81,6 @@ gemnasium-dependency_scanning: before_script: # git-lfs is needed for auto-remediation - apk add git-lfs - after_script: - # Post-processing - - apk add jq - # Lower execa severity based on https://gitlab.com/gitlab-org/gitlab/-/issues/223859#note_452922390 - - jq '(.vulnerabilities[] | select (.cve == "yarn.lock:execa:gemnasium:05cfa2e8-2d0c-42c1-8894-638e2f12ff3d")).severity = "Medium"' gl-dependency-scanning-report.json > temp.json && mv temp.json gl-dependency-scanning-report.json rules: !reference [".reports:rules:gemnasium-dependency_scanning", rules] bundler-audit-dependency_scanning: @@ -101,8 +95,7 @@ gemnasium-python-dependency_scanning: # Analyze dependencies for malicious behavior # See https://gitlab.com/gitlab-com/gl-security/security-research/package-hunter .package_hunter-base: - extends: - - .default-retry + extends: .default-retry stage: test image: name: registry.gitlab.com/gitlab-com/gl-security/security-research/package-hunter-cli:1.1.0 @@ -116,6 +109,8 @@ gemnasium-python-dependency_scanning: before_script: - rm -r spec locale .git app/assets/images doc/ - cd .. && tar -I "gzip --best" -cf gitlab.tgz gitlab/ + script: + - node /usr/src/app/cli.js analyze --format gitlab --manager ${PACKAGE_MANAGER} gitlab.tgz | tee ${CI_PROJECT_DIR}/gl-dependency-scanning-report.json artifacts: paths: - gl-dependency-scanning-report.json @@ -127,15 +122,15 @@ package_hunter-yarn: extends: - .package_hunter-base - .reports:rules:package_hunter-yarn - script: - - node /usr/src/app/cli.js analyze --format gitlab --manager yarn gitlab.tgz | tee $CI_PROJECT_DIR/gl-dependency-scanning-report.json + variables: + PACKAGE_MANAGER: yarn package_hunter-bundler: extends: - .package_hunter-base - .reports:rules:package_hunter-bundler - script: - - node /usr/src/app/cli.js analyze --format gitlab --manager bundler gitlab.tgz | tee $CI_PROJECT_DIR/gl-dependency-scanning-report.json + variables: + PACKAGE_MANAGER: bundler license_scanning: extends: .default-retry diff --git a/.gitlab/ci/review-apps/dast.gitlab-ci.yml b/.gitlab/ci/review-apps/dast.gitlab-ci.yml new file mode 100644 index 0000000000..512c850b7d --- /dev/null +++ b/.gitlab/ci/review-apps/dast.gitlab-ci.yml @@ -0,0 +1,191 @@ +.dast_conf: + tags: + - prm + # For scheduling dast job + extends: + - .reports:rules:schedule-dast + image: + name: "registry.gitlab.com/gitlab-org/security-products/dast:$DAST_VERSION" + resource_group: dast_scan + variables: + DAST_USERNAME_FIELD: "user[login]" + DAST_PASSWORD_FIELD: "user[password]" + DAST_SUBMIT_FIELD: "commit" + DAST_FULL_SCAN_ENABLED: "true" + DAST_VERSION: 2 + GIT_STRATEGY: none + # -Xmx is used to set the JVM memory to 6GB to prevent DAST OutOfMemoryError. + DAST_ZAP_CLI_OPTIONS: "-Xmx6144m" + before_script: + - 'export DAST_WEBSITE="${DAST_WEBSITE:-$(cat environment_url.txt)}"' + - 'export DAST_AUTH_URL="${DAST_WEBSITE}/users/sign_in"' + - 'export DAST_PASSWORD="${REVIEW_APPS_ROOT_PASSWORD}"' + # Help pages are excluded from scan as they are static pages. + # profile/two_factor_auth is excluded from scan to prevent 2FA from being turned on from user profile, which will reduce coverage. + - 'DAST_EXCLUDE_URLS="${DAST_WEBSITE}/help/.*,${DAST_WEBSITE}/-/profile/two_factor_auth,${DAST_WEBSITE}/users/sign_out"' + # Exclude the automatically generated monitoring project from being tested due to https://gitlab.com/gitlab-org/gitlab/-/issues/260362 + - 'export DAST_EXCLUDE_URLS="${DAST_EXCLUDE_URLS},${DAST_WEBSITE}/gitlab-instance-.*"' + needs: ["review-deploy"] + stage: dast + # Default job timeout set to 90m and dast rules needs 2h to so that it won't timeout. + timeout: 2h + # Add retry because of intermittent connection problems. See https://gitlab.com/gitlab-org/gitlab/-/issues/244313 + retry: 1 + artifacts: + paths: + - gl-dast-report.json # GitLab-specific + reports: + dast: gl-dast-report.json + expire_in: 1 week # GitLab-specific + allow_failure: true + +# DAST scan with a subset of Release scan rules. +# ZAP rule details can be found at https://www.zaproxy.org/docs/alerts/ + +# 10019, 10021 Missing security headers +# 10023, 10024, 10025, 10037 Information Disclosure +# 10040 Secure Pages Include Mixed Content +# 10055 CSP +# 10056 X-Debug-Token Information Leak +# Duration: 14 minutes 20 seconds + +dast:secureHeaders-csp-infoLeak: + extends: + - .dast_conf + variables: + DAST_USERNAME: "user1" + DAST_ONLY_INCLUDE_RULES: "10019,10021,10023,10024,10025,10037,10040,10055,10056" + script: + - /analyze + +# 90023 XML External Entity Attack +# Duration: 41 minutes 20 seconds +# 90019 Server Side Code Injection +# Duration: 34 minutes 31 seconds +dast:XXE-SrvSideInj: + extends: + - .dast_conf + variables: + DAST_USERNAME: "user2" + DAST_ONLY_INCLUDE_RULES: "90023,90019" + script: + - /analyze + +# 0 Directory Browsing +# 2 Private IP Disclosure +# 3 Session ID in URL Rewrite +# 7 Remote File Inclusion +# Duration: 63 minutes 43 seconds +# 90034 Cloud Metadata Potentially Exposed +# Duration: 13 minutes 48 seconds +# 90022 Application Error Disclosure +# Duration: 12 minutes 7 seconds +dast:infoLeak-fileInc-DirBrowsing: + extends: + - .dast_conf + variables: + DAST_USERNAME: "user3" + DAST_ONLY_INCLUDE_RULES: "0,2,3,7,90034,90022" + script: + - /analyze + +# 10010 Cookie No HttpOnly Flag +# 10011 Cookie Without Secure Flag +# 10017 Cross-Domain JavaScript Source File Inclusion +# 10029 Cookie Poisoning +# 90033 Loosely Scoped Cookie +# 10054 Cookie Without SameSite Attribute +# Duration: 13 minutes 23 seconds +dast:insecureCookie: + extends: + - .dast_conf + variables: + DAST_USERNAME: "user4" + DAST_ONLY_INCLUDE_RULES: "10010,10011,10017,10029,90033,10054" + script: + - /analyze + + +# 20012 Anti-CSRF Tokens Check +# 10202 Absence of Anti-CSRF Tokens +# https://gitlab.com/gitlab-com/gl-security/appsec/appsec-team/-/issues/192 + +# Commented because of lot of FP's +# dast:csrfTokenCheck: +# extends: +# - .dast_conf +# variables: +# DAST_USERNAME: "user6" +# DAST_ONLY_INCLUDE_RULES: "20012,10202" +# script: +# - /analyze + +# 10098 Cross-Domain Misconfiguration +# 10105 Weak Authentication Method +# 40003 CRLF Injection +# 40008 Parameter Tampering +# Duration: 71 minutes 15 seconds +dast:corsMisconfig-weakauth-crlfInj: + extends: + - .dast_conf + variables: + DAST_USERNAME: "user5" + DAST_ONLY_INCLUDE_RULES: "10098,10105,40003,40008" + script: + - /analyze + +# 20019 External Redirect +# 20014 HTTP Parameter Pollution +# Duration: 46 minutes 12 seconds +dast:extRedirect-paramPollution: + extends: + - .dast_conf + variables: + DAST_USERNAME: "user6" + DAST_ONLY_INCLUDE_RULES: "20019,20014" + script: + - /analyze + +# 40022 SQL Injection - PostgreSQL +# Duration: 53 minutes 59 seconds +dast:sqlInjection: + extends: + - .dast_conf + variables: + DAST_USERNAME: "user7" + DAST_ONLY_INCLUDE_RULES: "40022" + script: + - /analyze + +# 40014 Cross Site Scripting (Persistent) +# Duration: 21 minutes 50 seconds +dast:xss-persistent: + extends: + - .dast_conf + variables: + DAST_USERNAME: "user8" + DAST_ONLY_INCLUDE_RULES: "40014" + script: + - /analyze + +# 40012 Cross Site Scripting (Reflected) +# Duration: 73 minutes 15 seconds +dast:xss-reflected: + extends: + - .dast_conf + variables: + DAST_USERNAME: "user9" + DAST_ONLY_INCLUDE_RULES: "40012" + script: + - /analyze + +# 40013 Session Fixation +# Duration: 44 minutes 25 seconds +dast:sessionFixation: + extends: + - .dast_conf + variables: + DAST_USERNAME: "user10" + DAST_ONLY_INCLUDE_RULES: "40013" + script: + - /analyze diff --git a/.gitlab/ci/review-apps/main.gitlab-ci.yml b/.gitlab/ci/review-apps/main.gitlab-ci.yml new file mode 100644 index 0000000000..6fe9e39cb8 --- /dev/null +++ b/.gitlab/ci/review-apps/main.gitlab-ci.yml @@ -0,0 +1,106 @@ +stages: + - prepare + - deploy + - qa + - post-qa + - dast + +include: + - local: .gitlab/ci/global.gitlab-ci.yml + - local: .gitlab/ci/rules.gitlab-ci.yml + - local: .gitlab/ci/review-apps/qa.gitlab-ci.yml + - local: .gitlab/ci/review-apps/dast.gitlab-ci.yml + +.base-before_script: &base-before_script + - source ./scripts/utils.sh + - source ./scripts/review_apps/review-apps.sh + - install_api_client_dependencies_with_apk + +review-build-cng: + extends: + - .default-retry + - .review:rules:review-build-cng + image: ${GITLAB_DEPENDENCY_PROXY}ruby:2.7-alpine3.13 + stage: prepare + variables: + CNG_PROJECT_ACCESS_TOKEN: "${CNG_MIRROR_PROJECT_ACCESS_TOKEN}" # "Multi-pipeline (from 'gitlab-org/gitlab' 'review-build-cng' job)" at https://gitlab.com/gitlab-org/build/CNG-mirror/-/settings/access_tokens + CNG_PROJECT_PATH: "gitlab-org/build/CNG-mirror" + before_script: + - source ./scripts/utils.sh + - install_gitlab_gem + script: + - ./scripts/trigger-build cng + +.review-workflow-base: + extends: + - .default-retry + image: registry.gitlab.com/gitlab-org/gitlab-build-images:gitlab-helm3.5-kubectl1.17 + variables: + HOST_SUFFIX: "${CI_ENVIRONMENT_SLUG}" + DOMAIN: "-${CI_ENVIRONMENT_SLUG}.${REVIEW_APPS_DOMAIN}" + GITLAB_HELM_CHART_REF: "v5.2.1" + environment: + name: review/${CI_COMMIT_REF_SLUG}${FREQUENCY} + url: https://gitlab-${CI_ENVIRONMENT_SLUG}.${REVIEW_APPS_DOMAIN} + on_stop: review-stop + auto_stop_in: 48 hours + +review-deploy: + extends: + - .review-workflow-base + - .review:rules:review-deploy + stage: deploy + needs: ["review-build-cng"] + resource_group: "review/${CI_COMMIT_REF_NAME}" + before_script: + - export GITLAB_SHELL_VERSION=$( environment_url.txt + - *base-before_script + script: + - check_kube_domain + - download_chart + - date + - deploy || (display_deployment_debug && exit 1) + - verify_deploy || exit 1 + - disable_sign_ups || (delete_release && exit 1) + after_script: + # Run seed-dast-test-data.sh only when DAST_RUN is set to true. This is to pupulate review app with data for DAST scan. + # Set DAST_RUN to true when jobs are manually scheduled. + - if [ "$DAST_RUN" == "true" ]; then source scripts/review_apps/seed-dast-test-data.sh; TRACE=1 trigger_proj_user_creation; fi + artifacts: + paths: + - environment_url.txt + - curl_output.txt + expire_in: 7 days + when: always + +.review-stop-base: + extends: .review-workflow-base + environment: + action: stop + dependencies: [] + variables: + # We're cloning the repo instead of downloading the script for now + # because some repos are private and CI_JOB_TOKEN cannot access files. + # See https://gitlab.com/gitlab-org/gitlab/issues/191273 + GIT_DEPTH: 1 + before_script: + - *base-before_script + +review-delete-deployment: + extends: + - .review-stop-base + - .review:rules:review-delete-deployment + stage: prepare + script: + - delete_release + +review-stop: + extends: + - .review-stop-base + - .review:rules:review-stop + stage: post-qa + script: + - delete_k8s_release_namespace diff --git a/.gitlab/ci/review-apps/qa.gitlab-ci.yml b/.gitlab/ci/review-apps/qa.gitlab-ci.yml new file mode 100644 index 0000000000..6b9d4feb3c --- /dev/null +++ b/.gitlab/ci/review-apps/qa.gitlab-ci.yml @@ -0,0 +1,128 @@ +.review-qa-base: + extends: + - .use-docker-in-docker + image: + name: ${QA_IMAGE} + entrypoint: [""] + stage: qa + needs: ["review-deploy"] + variables: + QA_DEBUG: "true" + QA_CAN_TEST_GIT_PROTOCOL_V2: "false" + QA_GENERATE_ALLURE_REPORT: "true" + GITLAB_USERNAME: "root" + GITLAB_PASSWORD: "${REVIEW_APPS_ROOT_PASSWORD}" + GITLAB_ADMIN_USERNAME: "root" + GITLAB_ADMIN_PASSWORD: "${REVIEW_APPS_ROOT_PASSWORD}" + GITHUB_ACCESS_TOKEN: "${REVIEW_APPS_QA_GITHUB_ACCESS_TOKEN}" + EE_LICENSE: "${REVIEW_APPS_EE_LICENSE}" + SIGNUP_DISABLED: "true" + before_script: + # Use $CI_MERGE_REQUEST_SOURCE_BRANCH_SHA so that GitLab image built in omnibus-gitlab-mirror and QA image are in sync. + - if [ -n "$CI_MERGE_REQUEST_SOURCE_BRANCH_SHA" ]; then + git checkout -f ${CI_MERGE_REQUEST_SOURCE_BRANCH_SHA}; + fi + - export CI_ENVIRONMENT_URL="$(cat environment_url.txt)" + - echo "${CI_ENVIRONMENT_URL}" + - cd qa + artifacts: + paths: + - qa/tmp + expire_in: 7 days + when: always + +.allure-report-base: + image: + name: ${GITLAB_DEPENDENCY_PROXY}andrcuns/allure-report-publisher:0.3.6 + entrypoint: [""] + stage: post-qa + variables: + GIT_STRATEGY: none + STORAGE_CREDENTIALS: $QA_ALLURE_REPORT_GCS_CREDENTIALS + GITLAB_AUTH_TOKEN: $GITLAB_QA_MR_ALLURE_REPORT_TOKEN + ALLURE_PROJECT_PATH: $CI_PROJECT_PATH + ALLURE_MERGE_REQUEST_IID: $CI_MERGE_REQUEST_IID + allow_failure: true + script: + - | + allure-report-publisher upload gcs \ + --results-glob="qa/tmp/allure-results/*" \ + --bucket="gitlab-qa-allure-reports" \ + --prefix="$ALLURE_REPORT_PATH_PREFIX/$CI_COMMIT_REF_SLUG" \ + --update-pr="comment" \ + --copy-latest \ + --ignore-missing-results \ + --color + +review-qa-smoke: + extends: + - .review-qa-base + - .review:rules:review-qa-smoke + retry: 1 # This is confusing but this means "2 runs at max". + variables: + QA_RUN_TYPE: review-qa-smoke + script: + - bin/test Test::Instance::Smoke "${CI_ENVIRONMENT_URL}" + +review-qa-all: + extends: + - .review-qa-base + - .review:rules:review-qa-all + variables: + QA_RUN_TYPE: review-qa-all + parallel: 5 + script: + - export KNAPSACK_REPORT_PATH=knapsack/master_report.json + - export KNAPSACK_TEST_FILE_PATTERN=qa/specs/features/**/*_spec.rb + - | + bin/test Test::Instance::All "${CI_ENVIRONMENT_URL}" \ + -- \ + --color --format documentation \ + --format RspecJunitFormatter --out tmp/rspec.xml + artifacts: + reports: + junit: qa/tmp/rspec.xml + +review-performance: + extends: + - .default-retry + - .review:rules:review-performance + image: + name: sitespeedio/sitespeed.io + entrypoint: [""] + stage: qa + needs: ["review-deploy"] + before_script: + - export CI_ENVIRONMENT_URL="$(cat environment_url.txt)" + - echo "${CI_ENVIRONMENT_URL}" + - mkdir -p gitlab-exporter + - wget -O ./gitlab-exporter/index.js https://gitlab.com/gitlab-org/gl-performance/raw/master/index.js + - mkdir -p sitespeed-results + script: + - /start.sh --plugins.add ./gitlab-exporter --outputFolder sitespeed-results "${CI_ENVIRONMENT_URL}" + after_script: + - mv sitespeed-results/data/performance.json performance.json + artifacts: + paths: + - sitespeed-results/ + reports: + performance: performance.json + expire_in: 31d + +allure-report-qa-smoke: + extends: + - .allure-report-base + - .review:rules:review-qa-smoke-report + needs: ["review-qa-smoke"] + variables: + ALLURE_REPORT_PATH_PREFIX: gitlab-review-smoke + ALLURE_JOB_NAME: review-qa-smoke + +allure-report-qa-all: + extends: + - .allure-report-base + - .review:rules:review-qa-all-report + needs: ["review-qa-all"] + variables: + ALLURE_REPORT_PATH_PREFIX: gitlab-review-all + ALLURE_JOB_NAME: review-qa-all diff --git a/.gitlab/ci/review.gitlab-ci.yml b/.gitlab/ci/review.gitlab-ci.yml index f20f327686..b2b8c456ae 100644 --- a/.gitlab/ci/review.gitlab-ci.yml +++ b/.gitlab/ci/review.gitlab-ci.yml @@ -16,225 +16,25 @@ review-cleanup: - ruby -rrubygems scripts/review_apps/automated_cleanup.rb - gcp_cleanup -.base-before_script: &base-before_script - - source ./scripts/utils.sh - - source ./scripts/review_apps/review-apps.sh - - install_api_client_dependencies_with_apk - -review-build-cng: +start-review-app-pipeline: extends: - - .default-retry - - .review:rules:review-build-cng - image: ${GITLAB_DEPENDENCY_PROXY}ruby:2.7-alpine3.13 - stage: review-prepare - needs: - - job: compile-production-assets - artifacts: false - variables: - CNG_PROJECT_ACCESS_TOKEN: "${CNG_MIRROR_PROJECT_ACCESS_TOKEN}" # "Multi-pipeline (from 'gitlab-org/gitlab' 'review-build-cng' job)" at https://gitlab.com/gitlab-org/build/CNG-mirror/-/settings/access_tokens - CNG_PROJECT_PATH: "gitlab-org/build/CNG-mirror" - before_script: - - source ./scripts/utils.sh - - install_gitlab_gem - script: - - ./scripts/trigger-build cng - -.review-workflow-base: - extends: - - .default-retry - image: registry.gitlab.com/gitlab-org/gitlab-build-images:gitlab-helm3.5-kubectl1.17 - variables: - HOST_SUFFIX: "${CI_ENVIRONMENT_SLUG}" - DOMAIN: "-${CI_ENVIRONMENT_SLUG}.${REVIEW_APPS_DOMAIN}" - GITLAB_HELM_CHART_REF: "v5.2.1" - environment: - name: review/${CI_COMMIT_REF_SLUG}${FREQUENCY} - url: https://gitlab-${CI_ENVIRONMENT_SLUG}.${REVIEW_APPS_DOMAIN} - on_stop: review-stop - auto_stop_in: 48 hours - -review-deploy: - extends: - - .review-workflow-base - - .review:rules:review-deploy + - .review:rules:review-app-pipeline stage: review - needs: ["review-build-cng"] - resource_group: "review/${CI_COMMIT_REF_NAME}" - before_script: - - export GITLAB_SHELL_VERSION=$( environment_url.txt - - *base-before_script - script: - - check_kube_domain - - download_chart - - date - - deploy || (display_deployment_debug && exit 1) - - verify_deploy || exit 1 - - disable_sign_ups || (delete_release && exit 1) - after_script: - # Run seed-dast-test-data.sh only when DAST_RUN is set to true. This is to pupulate review app with data for DAST scan. - # Set DAST_RUN to true when jobs are manually scheduled. - - if [ "$DAST_RUN" == "true" ]; then source scripts/review_apps/seed-dast-test-data.sh; TRACE=1 trigger_proj_user_creation; fi - artifacts: - paths: - - environment_url.txt - - curl_output.txt - expire_in: 7 days - when: always - -.review-stop-base: - extends: .review-workflow-base - environment: - action: stop - dependencies: [] + needs: + - job: build-assets-image + artifacts: false + - job: build-qa-image + artifacts: false + # These variables are set in the pipeline schedules. + # They need to be explicitly passed on to the child pipeline. + # https://docs.gitlab.com/ee/ci/pipelines/multi_project_pipelines.html#pass-cicd-variables-to-a-downstream-pipeline-by-using-the-variables-keyword variables: - # We're cloning the repo instead of downloading the script for now - # because some repos are private and CI_JOB_TOKEN cannot access files. - # See https://gitlab.com/gitlab-org/gitlab/issues/191273 - GIT_DEPTH: 1 - before_script: - - *base-before_script - -review-delete-deployment: - extends: - - .review-stop-base - - .review:rules:review-delete-deployment - stage: prepare - script: - - delete_release - -review-stop: - extends: - - .review-stop-base - - .review:rules:review-stop - stage: post-qa - script: - - delete_k8s_release_namespace - -.review-qa-base: - extends: - - .use-docker-in-docker - image: - name: ${QA_IMAGE} - entrypoint: [""] - stage: qa - needs: ["build-qa-image", "review-deploy"] - variables: - QA_DEBUG: "true" - QA_CAN_TEST_GIT_PROTOCOL_V2: "false" - QA_GENERATE_ALLURE_REPORT: "true" - GITLAB_USERNAME: "root" - GITLAB_PASSWORD: "${REVIEW_APPS_ROOT_PASSWORD}" - GITLAB_ADMIN_USERNAME: "root" - GITLAB_ADMIN_PASSWORD: "${REVIEW_APPS_ROOT_PASSWORD}" - GITHUB_ACCESS_TOKEN: "${REVIEW_APPS_QA_GITHUB_ACCESS_TOKEN}" - EE_LICENSE: "${REVIEW_APPS_EE_LICENSE}" - SIGNUP_DISABLED: "true" - before_script: - # Use $CI_MERGE_REQUEST_SOURCE_BRANCH_SHA so that GitLab image built in omnibus-gitlab-mirror and QA image are in sync. - - if [ -n "$CI_MERGE_REQUEST_SOURCE_BRANCH_SHA" ]; then - git checkout -f ${CI_MERGE_REQUEST_SOURCE_BRANCH_SHA}; - fi - - export CI_ENVIRONMENT_URL="$(cat environment_url.txt)" - - echo "${CI_ENVIRONMENT_URL}" - - cd qa - artifacts: - paths: - - qa/tmp - expire_in: 7 days - when: always - -.allure-report-base: - image: - name: ${GITLAB_DEPENDENCY_PROXY}andrcuns/allure-report-publisher:0.3.4 - entrypoint: [""] - stage: post-qa - variables: - GIT_STRATEGY: none - STORAGE_CREDENTIALS: $QA_ALLURE_REPORT_GCS_CREDENTIALS - GITLAB_AUTH_TOKEN: $GITLAB_QA_MR_ALLURE_REPORT_TOKEN - allow_failure: true - script: - - | - allure-report-publisher upload gcs \ - --results-glob="qa/tmp/allure-results/*" \ - --bucket="gitlab-qa-allure-reports" \ - --prefix="$ALLURE_REPORT_PATH_PREFIX/$CI_COMMIT_REF_SLUG" \ - --update-pr="comment" \ - --copy-latest \ - --ignore-missing-results \ - --color - -review-qa-smoke: - extends: - - .review-qa-base - - .review:rules:review-qa-smoke - retry: 1 # This is confusing but this means "2 runs at max". - script: - - bin/test Test::Instance::Smoke "${CI_ENVIRONMENT_URL}" - -review-qa-all: - extends: - - .review-qa-base - - .review:rules:review-qa-all - parallel: 5 - script: - - export KNAPSACK_REPORT_PATH=knapsack/master_report.json - - export KNAPSACK_TEST_FILE_PATTERN=qa/specs/features/**/*_spec.rb - - | - bin/test Test::Instance::All "${CI_ENVIRONMENT_URL}" \ - -- \ - --color --format documentation \ - --format RspecJunitFormatter --out tmp/rspec.xml - artifacts: - reports: - junit: qa/tmp/rspec.xml - -review-performance: - extends: - - .default-retry - - .review:rules:review-performance - image: - name: sitespeedio/sitespeed.io - entrypoint: [""] - stage: qa - needs: ["review-deploy"] - before_script: - - export CI_ENVIRONMENT_URL="$(cat environment_url.txt)" - - echo "${CI_ENVIRONMENT_URL}" - - mkdir -p gitlab-exporter - - wget -O ./gitlab-exporter/index.js https://gitlab.com/gitlab-org/gl-performance/raw/master/index.js - - mkdir -p sitespeed-results - script: - - /start.sh --plugins.add ./gitlab-exporter --outputFolder sitespeed-results "${CI_ENVIRONMENT_URL}" - after_script: - - mv sitespeed-results/data/performance.json performance.json - artifacts: - paths: - - sitespeed-results/ - reports: - performance: performance.json - expire_in: 31d - -allure-report-qa-smoke: - extends: - - .allure-report-base - - .review:rules:review-qa-smoke-report - needs: ["review-qa-smoke"] - variables: - ALLURE_REPORT_PATH_PREFIX: gitlab-review-smoke - ALLURE_JOB_NAME: review-qa-smoke - -allure-report-qa-all: - extends: - - .allure-report-base - - .review:rules:review-qa-all-report - needs: ["review-qa-all"] - variables: - ALLURE_REPORT_PATH_PREFIX: gitlab-review-all - ALLURE_JOB_NAME: review-qa-all + FREQUENCY: $FREQUENCY + DAST_RUN: $DAST_RUN + trigger: + include: + - local: .gitlab/ci/review-apps/main.gitlab-ci.yml + strategy: depend danger-review: extends: diff --git a/.gitlab/ci/rules.gitlab-ci.yml b/.gitlab/ci/rules.gitlab-ci.yml index a4a932c7dd..8ddcf9c209 100644 --- a/.gitlab/ci/rules.gitlab-ci.yml +++ b/.gitlab/ci/rules.gitlab-ci.yml @@ -10,6 +10,9 @@ .if-not-foss: &if-not-foss if: '$CI_PROJECT_NAME != "gitlab-foss" && $CI_PROJECT_NAME != "gitlab-ce" && $CI_PROJECT_NAME != "gitlabhq"' +.if-jh: &if-jh + if: '$CI_PROJECT_PATH == "gitlab-jh/gitlab"' + .if-default-refs: &if-default-refs if: '$CI_COMMIT_REF_NAME == $CI_DEFAULT_BRANCH || $CI_COMMIT_REF_NAME =~ /^[\d-]+-stable(-ee)?$/ || $CI_COMMIT_REF_NAME =~ /^\d+-\d+-auto-deploy-\d+$/ || $CI_COMMIT_REF_NAME =~ /^security\// || $CI_MERGE_REQUEST_IID || $CI_COMMIT_TAG || $FORCE_GITLAB_CI' @@ -37,19 +40,22 @@ .if-automated-merge-request: &if-automated-merge-request if: '$CI_MERGE_REQUEST_SOURCE_BRANCH_NAME == "release-tools/update-gitaly" || $CI_MERGE_REQUEST_TARGET_BRANCH_NAME =~ /stable-ee$/' -.if-merge-request-title-as-if-foss: &if-merge-request-title-as-if-foss +.if-merge-request-labels-as-if-foss: &if-merge-request-labels-as-if-foss if: '$CI_MERGE_REQUEST_LABELS =~ /pipeline:run-as-if-foss/' -.if-merge-request-title-update-caches: &if-merge-request-title-update-caches +.if-merge-request-labels-as-if-jh: &if-merge-request-labels-as-if-jh + if: '$CI_MERGE_REQUEST_LABELS =~ /pipeline:run-as-if-jh/' + +.if-merge-request-labels-update-caches: &if-merge-request-labels-update-caches if: '$CI_MERGE_REQUEST_LABELS =~ /pipeline:update-cache/' -.if-merge-request-title-run-all-rspec: &if-merge-request-title-run-all-rspec +.if-merge-request-labels-run-all-rspec: &if-merge-request-labels-run-all-rspec if: '$CI_MERGE_REQUEST_LABELS =~ /pipeline:run-all-rspec/' -.if-merge-request-title-run-all-jest: &if-merge-request-title-run-all-jest +.if-merge-request-labels-run-all-jest: &if-merge-request-labels-run-all-jest if: '$CI_MERGE_REQUEST_LABELS =~ /pipeline:run-all-jest/' -.if-merge-request-run-decomposed: &if-merge-request-run-decomposed +.if-merge-request-labels-run-decomposed: &if-merge-request-labels-run-decomposed if: '$CI_MERGE_REQUEST_LABELS =~ /pipeline:run-decomposed/' .if-security-merge-request: &if-security-merge-request @@ -67,15 +73,24 @@ .if-dot-com-gitlab-org-schedule: &if-dot-com-gitlab-org-schedule if: '$CI_SERVER_HOST == "gitlab.com" && $CI_PROJECT_NAMESPACE == "gitlab-org" && $CI_PIPELINE_SOURCE == "schedule"' +.if-dot-com-gitlab-org-schedule-child-pipeline: &if-dot-com-gitlab-org-schedule-child-pipeline + if: '$CI_SERVER_HOST == "gitlab.com" && $CI_PROJECT_NAMESPACE == "gitlab-org" && $CI_PIPELINE_SOURCE == "parent_pipeline" && $FREQUENCY' + .if-dot-com-ee-schedule: &if-dot-com-ee-schedule if: '$CI_SERVER_HOST == "gitlab.com" && $CI_PROJECT_PATH == "gitlab-org/gitlab" && $CI_PIPELINE_SOURCE == "schedule"' +.if-dot-com-ee-schedule-child-pipeline: &if-dot-com-ee-schedule-child-pipeline + if: '$CI_SERVER_HOST == "gitlab.com" && $CI_PROJECT_PATH == "gitlab-org/gitlab" && $CI_PIPELINE_SOURCE == "parent_pipeline" && $FREQUENCY' + .if-dot-com-ee-2-hourly-schedule: &if-dot-com-ee-2-hourly-schedule if: '$CI_SERVER_HOST == "gitlab.com" && $CI_PROJECT_PATH == "gitlab-org/gitlab" && $CI_PIPELINE_SOURCE == "schedule" && $FREQUENCY == "2-hourly"' .if-dot-com-ee-nightly-schedule: &if-dot-com-ee-nightly-schedule if: '$CI_SERVER_HOST == "gitlab.com" && $CI_PROJECT_PATH == "gitlab-org/gitlab" && $CI_PIPELINE_SOURCE == "schedule" && $FREQUENCY == "nightly"' +.if-dot-com-ee-nightly-schedule-child-pipeline: &if-dot-com-ee-nightly-schedule-child-pipeline + if: '$CI_SERVER_HOST == "gitlab.com" && $CI_PROJECT_PATH == "gitlab-org/gitlab" && $CI_PIPELINE_SOURCE == "parent_pipeline" && $FREQUENCY == "nightly"' + .if-cache-credentials-schedule: &if-cache-credentials-schedule if: '$CI_REPO_CACHE_CREDENTIALS && $CI_PIPELINE_SOURCE == "schedule"' @@ -91,13 +106,6 @@ .if-dot-com-gitlab-org-and-security-tag: &if-dot-com-gitlab-org-and-security-tag if: '$CI_SERVER_HOST == "gitlab.com" && $CI_PROJECT_NAMESPACE =~ /^gitlab-org($|\/security$)/ && $CI_COMMIT_TAG' - -.if-rspec-fail-fast-disabled: &if-rspec-fail-fast-disabled - if: '$RSPEC_FAIL_FAST_ENABLED != "true"' - -.if-rspec-fail-fast-skipped: &if-rspec-fail-fast-skipped - if: '$CI_MERGE_REQUEST_LABELS =~ /pipeline:skip-rspec-fail-fast/' - # For Security merge requests, the gitlab-release-tools-bot triggers a new # pipeline for the "Pipelines for merged results" feature. If the pipeline # fails, we notify release managers. @@ -120,6 +128,7 @@ - ".gitlab/ci/frontend.gitlab-ci.yml" - ".gitlab/ci/build-images.gitlab-ci.yml" - ".gitlab/ci/review.gitlab-ci.yml" + - ".gitlab/ci/review-apps/**/*" - "scripts/review_apps/base-config.yaml" - "scripts/review_apps/review-apps.sh" - "scripts/trigger-build" @@ -150,13 +159,6 @@ - ".markdownlint.yml" - "scripts/lint-doc.sh" -.docs-deprecations-patterns: &docs-deprecations-patterns - - "doc/deprecations/index.md" - - "data/deprecations/*.yml" - - "data/deprecations/templates/_deprecation_template.md.erb" - - "lib/tasks/gitlab/docs/compile_deprecations.rake" - - "tooling/deprecations/docs.rb" - .bundler-patterns: &bundler-patterns - '{Gemfile.lock,*/Gemfile.lock,*/*/Gemfile.lock}' @@ -368,13 +370,16 @@ - "danger/**/*" - "tooling/danger/**/*" +.core-backend-patterns: &core-backend-patterns + - "{,jh/}Gemfile{,.lock}" + - "{,ee/,jh/}config/**/*.rb" + .core-frontend-patterns: &core-frontend-patterns - "{package.json,yarn.lock}" - "babel.config.js" - "jest.config.{base,integration,unit}.js" - "config/helpers/**/*.js" - "vendor/assets/javascripts/**/*" - - "{,ee/,jh/}app/assets/**/*.graphql" ################ # Shared rules # @@ -383,11 +388,11 @@ rules: - <<: *if-default-branch-schedule-2-hourly - <<: *if-security-schedule - - <<: *if-merge-request-title-update-caches + - <<: *if-merge-request-labels-update-caches .shared:rules:update-gitaly-binaries-cache: rules: - - <<: *if-merge-request-title-update-caches + - <<: *if-merge-request-labels-update-caches - changes: *gitaly-patterns ###################### @@ -471,12 +476,6 @@ changes: *docs-patterns when: on_success -.docs:rules:deprecations: - rules: - - <<: *if-default-refs - changes: *docs-deprecations-patterns - when: on_success - ################## # GraphQL rules # ################## @@ -502,24 +501,30 @@ .frontend:rules:compile-test-assets: rules: - changes: *code-backstage-qa-patterns - - <<: *if-merge-request-title-run-all-rspec + - <<: *if-merge-request-labels-run-all-rspec .frontend:rules:compile-test-assets-as-if-foss: rules: - <<: *if-not-ee when: never + - <<: *if-merge-request-labels-as-if-foss + - <<: *if-merge-request-labels-run-all-rspec - changes: *code-backstage-qa-patterns - - <<: *if-merge-request-title-run-all-rspec + - changes: *startup-css-patterns -.frontend:rules:default-frontend-jobs: - rules: - - <<: *if-default-refs - changes: *code-backstage-patterns - -.frontend:rules:default-frontend-jobs-ee: +.frontend:rules:compile-test-assets-as-if-jh: rules: - <<: *if-not-ee when: never + - <<: *if-jh + when: never + - <<: *if-merge-request-labels-as-if-jh + - <<: *if-merge-request-labels-run-all-rspec + - changes: *code-backstage-qa-patterns + - changes: *startup-css-patterns + +.frontend:rules:default-frontend-jobs: + rules: - <<: *if-default-refs changes: *code-backstage-patterns @@ -527,10 +532,27 @@ rules: - <<: *if-not-ee when: never + - <<: *if-jh + when: never - <<: *if-security-merge-request changes: *code-backstage-patterns - - <<: *if-merge-request-title-as-if-foss - - <<: *if-merge-request-title-run-all-rspec + - <<: *if-merge-request-labels-as-if-foss + - <<: *if-merge-request-labels-run-all-rspec + - <<: *if-merge-request + changes: *startup-css-patterns + - <<: *if-merge-request + changes: *ci-patterns + +.frontend:rules:default-frontend-jobs-as-if-jh: + rules: + - <<: *if-not-ee + when: never + - <<: *if-jh + when: never + - <<: *if-security-merge-request + changes: *code-backstage-patterns + - <<: *if-merge-request-labels-as-if-jh + - <<: *if-merge-request-labels-run-all-rspec - <<: *if-merge-request changes: *startup-css-patterns - <<: *if-merge-request @@ -538,7 +560,7 @@ .frontend:rules:jest: rules: - - <<: *if-merge-request-title-run-all-jest + - <<: *if-merge-request-labels-run-all-jest - <<: *if-default-refs changes: *core-frontend-patterns - <<: *if-merge-request @@ -558,7 +580,7 @@ when: never - <<: *if-automated-merge-request when: never - - <<: *if-merge-request-title-run-all-jest + - <<: *if-merge-request-labels-run-all-jest when: never - <<: *if-default-refs changes: *core-frontend-patterns @@ -576,7 +598,10 @@ rules: - <<: *if-not-ee when: never - - <<: *if-merge-request-title-as-if-foss + - <<: *if-jh + when: never + # We already have `static-analysis as-if-foss` which already runs `lint:eslint:all` if the `pipeline:run-as-if-foss` label is set. + - <<: *if-merge-request-labels-as-if-foss when: never - <<: *if-merge-request changes: *frontend-patterns @@ -644,10 +669,12 @@ rules: - <<: *if-not-ee when: never + - <<: *if-jh + when: never - <<: *if-security-merge-request changes: *code-qa-patterns - - <<: *if-merge-request-title-as-if-foss - - <<: *if-merge-request-title-run-all-rspec + - <<: *if-merge-request-labels-as-if-foss + - <<: *if-merge-request-labels-run-all-rspec - <<: *if-merge-request changes: *ci-patterns @@ -673,12 +700,13 @@ ############### .rails:rules:decomposed-databases: rules: - - <<: *if-merge-request-run-decomposed - allow_failure: true + - <<: *if-merge-request-labels-run-decomposed .rails:rules:ee-and-foss-migration: rules: - - <<: *if-merge-request-title-run-all-rspec + - <<: *if-merge-request-labels-run-all-rspec + - <<: *if-merge-request + changes: *core-backend-patterns - <<: *if-merge-request changes: *ci-patterns - <<: *if-merge-request @@ -695,7 +723,10 @@ when: never - <<: *if-automated-merge-request when: never - - <<: *if-merge-request-title-run-all-rspec + - <<: *if-merge-request-labels-run-all-rspec + when: never + - <<: *if-merge-request + changes: *core-backend-patterns when: never - <<: *if-merge-request changes: *ci-patterns @@ -708,7 +739,7 @@ rules: - <<: *if-merge-request changes: *db-patterns - - <<: *if-merge-request-title-run-all-rspec + - <<: *if-merge-request-labels-run-all-rspec .rails:rules:db:gitlabcom-database-testing: rules: @@ -720,7 +751,9 @@ .rails:rules:ee-and-foss-unit: rules: - - <<: *if-merge-request-title-run-all-rspec + - <<: *if-merge-request-labels-run-all-rspec + - <<: *if-merge-request + changes: *core-backend-patterns - <<: *if-merge-request changes: *ci-patterns - <<: *if-automated-merge-request @@ -735,7 +768,10 @@ when: never - <<: *if-automated-merge-request when: never - - <<: *if-merge-request-title-run-all-rspec + - <<: *if-merge-request-labels-run-all-rspec + when: never + - <<: *if-merge-request + changes: *core-backend-patterns when: never - <<: *if-merge-request changes: *ci-patterns @@ -745,7 +781,9 @@ .rails:rules:ee-and-foss-integration: rules: - - <<: *if-merge-request-title-run-all-rspec + - <<: *if-merge-request-labels-run-all-rspec + - <<: *if-merge-request + changes: *core-backend-patterns - <<: *if-merge-request changes: *ci-patterns - <<: *if-automated-merge-request @@ -760,7 +798,10 @@ when: never - <<: *if-automated-merge-request when: never - - <<: *if-merge-request-title-run-all-rspec + - <<: *if-merge-request-labels-run-all-rspec + when: never + - <<: *if-merge-request + changes: *core-backend-patterns when: never - <<: *if-merge-request changes: *ci-patterns @@ -770,7 +811,9 @@ .rails:rules:ee-and-foss-system: rules: - - <<: *if-merge-request-title-run-all-rspec + - <<: *if-merge-request-labels-run-all-rspec + - <<: *if-merge-request + changes: *core-backend-patterns - <<: *if-merge-request changes: *ci-patterns - <<: *if-automated-merge-request @@ -785,7 +828,10 @@ when: never - <<: *if-automated-merge-request when: never - - <<: *if-merge-request-title-run-all-rspec + - <<: *if-merge-request-labels-run-all-rspec + when: never + - <<: *if-merge-request + changes: *core-backend-patterns when: never - <<: *if-merge-request changes: *ci-patterns @@ -795,7 +841,9 @@ .rails:rules:ee-and-foss-fast_spec_helper: rules: - - <<: *if-merge-request-title-run-all-rspec + - <<: *if-merge-request-labels-run-all-rspec + - <<: *if-merge-request + changes: *core-backend-patterns - <<: *if-merge-request changes: *ci-patterns - <<: *if-automated-merge-request @@ -810,7 +858,10 @@ when: never - <<: *if-automated-merge-request when: never - - <<: *if-merge-request-title-run-all-rspec + - <<: *if-merge-request-labels-run-all-rspec + when: never + - <<: *if-merge-request + changes: *core-backend-patterns when: never - <<: *if-merge-request changes: *ci-patterns @@ -821,13 +872,15 @@ .rails:rules:code-backstage-qa: rules: - changes: *code-backstage-qa-patterns - - <<: *if-merge-request-title-run-all-rspec + - <<: *if-merge-request-labels-run-all-rspec .rails:rules:ee-only-migration: rules: - <<: *if-not-ee when: never - - <<: *if-merge-request-title-run-all-rspec + - <<: *if-merge-request-labels-run-all-rspec + - <<: *if-merge-request + changes: *core-backend-patterns - <<: *if-merge-request changes: *ci-patterns - <<: *if-merge-request @@ -846,7 +899,10 @@ when: never - <<: *if-automated-merge-request when: never - - <<: *if-merge-request-title-run-all-rspec + - <<: *if-merge-request-labels-run-all-rspec + when: never + - <<: *if-merge-request + changes: *core-backend-patterns when: never - <<: *if-merge-request changes: *ci-patterns @@ -859,7 +915,9 @@ rules: - <<: *if-not-ee when: never - - <<: *if-merge-request-title-run-all-rspec + - <<: *if-merge-request-labels-run-all-rspec + - <<: *if-merge-request + changes: *core-backend-patterns - <<: *if-merge-request changes: *ci-patterns - <<: *if-automated-merge-request @@ -876,7 +934,10 @@ when: never - <<: *if-automated-merge-request when: never - - <<: *if-merge-request-title-run-all-rspec + - <<: *if-merge-request-labels-run-all-rspec + when: never + - <<: *if-merge-request + changes: *core-backend-patterns when: never - <<: *if-merge-request changes: *ci-patterns @@ -888,7 +949,9 @@ rules: - <<: *if-not-ee when: never - - <<: *if-merge-request-title-run-all-rspec + - <<: *if-merge-request-labels-run-all-rspec + - <<: *if-merge-request + changes: *core-backend-patterns - <<: *if-merge-request changes: *ci-patterns - <<: *if-automated-merge-request @@ -905,7 +968,10 @@ when: never - <<: *if-automated-merge-request when: never - - <<: *if-merge-request-title-run-all-rspec + - <<: *if-merge-request-labels-run-all-rspec + when: never + - <<: *if-merge-request + changes: *core-backend-patterns when: never - <<: *if-merge-request changes: *ci-patterns @@ -917,7 +983,9 @@ rules: - <<: *if-not-ee when: never - - <<: *if-merge-request-title-run-all-rspec + - <<: *if-merge-request-labels-run-all-rspec + - <<: *if-merge-request + changes: *core-backend-patterns - <<: *if-merge-request changes: *ci-patterns - <<: *if-automated-merge-request @@ -934,7 +1002,10 @@ when: never - <<: *if-automated-merge-request when: never - - <<: *if-merge-request-title-run-all-rspec + - <<: *if-merge-request-labels-run-all-rspec + when: never + - <<: *if-merge-request + changes: *core-backend-patterns when: never - <<: *if-merge-request changes: *ci-patterns @@ -946,12 +1017,14 @@ rules: - <<: *if-not-ee when: never - - <<: *if-merge-request-title-run-all-rspec + - <<: *if-merge-request-labels-run-all-rspec + - <<: *if-merge-request + changes: *core-backend-patterns - <<: *if-merge-request changes: *ci-patterns - <<: *if-security-merge-request changes: *db-patterns - - <<: *if-merge-request-title-as-if-foss + - <<: *if-merge-request-labels-as-if-foss changes: *db-patterns - <<: *if-automated-merge-request changes: *db-patterns @@ -966,13 +1039,16 @@ when: never - <<: *if-automated-merge-request when: never + - <<: *if-merge-request + changes: *core-backend-patterns + when: never - <<: *if-merge-request changes: *ci-patterns when: never - <<: *if-security-merge-request changes: *db-patterns when: never - - <<: *if-merge-request-title-as-if-foss + - <<: *if-merge-request-labels-as-if-foss changes: *db-patterns when: never @@ -980,7 +1056,9 @@ rules: - <<: *if-not-ee when: never - - <<: *if-merge-request-title-run-all-rspec + - <<: *if-merge-request-labels-run-all-rspec + - <<: *if-merge-request + changes: *core-backend-patterns - <<: *if-merge-request changes: *ci-patterns - <<: *if-automated-merge-request @@ -989,7 +1067,7 @@ when: never - <<: *if-security-merge-request changes: *backend-patterns - - <<: *if-merge-request-title-as-if-foss + - <<: *if-merge-request-labels-as-if-foss changes: *backend-patterns .rails:rules:as-if-foss-unit:minimal: @@ -1000,19 +1078,24 @@ when: never - <<: *if-automated-merge-request when: never + - <<: *if-merge-request + changes: *core-backend-patterns + when: never - <<: *if-merge-request changes: *ci-patterns when: never - <<: *if-security-merge-request changes: *backend-patterns - - <<: *if-merge-request-title-as-if-foss + - <<: *if-merge-request-labels-as-if-foss changes: *backend-patterns .rails:rules:as-if-foss-integration: rules: - <<: *if-not-ee when: never - - <<: *if-merge-request-title-run-all-rspec + - <<: *if-merge-request-labels-run-all-rspec + - <<: *if-merge-request + changes: *core-backend-patterns - <<: *if-merge-request changes: *ci-patterns - <<: *if-automated-merge-request @@ -1021,7 +1104,7 @@ when: never - <<: *if-security-merge-request changes: *backend-patterns - - <<: *if-merge-request-title-as-if-foss + - <<: *if-merge-request-labels-as-if-foss changes: *backend-patterns .rails:rules:as-if-foss-integration:minimal: @@ -1032,19 +1115,24 @@ when: never - <<: *if-automated-merge-request when: never + - <<: *if-merge-request + changes: *core-backend-patterns + when: never - <<: *if-merge-request changes: *ci-patterns when: never - <<: *if-security-merge-request changes: *backend-patterns - - <<: *if-merge-request-title-as-if-foss + - <<: *if-merge-request-labels-as-if-foss changes: *backend-patterns .rails:rules:as-if-foss-system: rules: - <<: *if-not-ee when: never - - <<: *if-merge-request-title-run-all-rspec + - <<: *if-merge-request-labels-run-all-rspec + - <<: *if-merge-request + changes: *core-backend-patterns - <<: *if-merge-request changes: *ci-patterns - <<: *if-automated-merge-request @@ -1053,7 +1141,7 @@ when: never - <<: *if-security-merge-request changes: *code-backstage-patterns - - <<: *if-merge-request-title-as-if-foss + - <<: *if-merge-request-labels-as-if-foss changes: *code-backstage-patterns .rails:rules:as-if-foss-system:minimal: @@ -1064,24 +1152,27 @@ when: never - <<: *if-automated-merge-request when: never + - <<: *if-merge-request + changes: *core-backend-patterns + when: never - <<: *if-merge-request changes: *ci-patterns when: never - <<: *if-security-merge-request changes: *code-backstage-patterns - - <<: *if-merge-request-title-as-if-foss + - <<: *if-merge-request-labels-as-if-foss changes: *code-backstage-patterns .rails:rules:ee-and-foss-db-library-code: rules: - changes: *db-library-patterns - - <<: *if-merge-request-title-run-all-rspec + - <<: *if-merge-request-labels-run-all-rspec .rails:rules:ee-mr-and-default-branch-only: rules: - <<: *if-not-ee when: never - - <<: *if-merge-request-title-run-all-rspec + - <<: *if-merge-request-labels-run-all-rspec - <<: *if-merge-request changes: *code-backstage-patterns - <<: *if-default-branch-refs @@ -1090,13 +1181,13 @@ .rails:rules:detect-tests: rules: - changes: *code-backstage-patterns - - <<: *if-merge-request-title-run-all-rspec + - <<: *if-merge-request-labels-run-all-rspec .rails:rules:rspec-foss-impact: rules: - <<: *if-not-ee when: never - - <<: *if-merge-request-title-as-if-foss + - <<: *if-merge-request-labels-as-if-foss when: never - <<: *if-security-merge-request changes: *code-backstage-patterns @@ -1105,10 +1196,6 @@ .rails:rules:rspec fail-fast: rules: - - <<: *if-rspec-fail-fast-disabled - when: never - - <<: *if-rspec-fail-fast-skipped - when: never - <<: *if-not-ee when: never - <<: *if-security-merge-request @@ -1118,10 +1205,6 @@ .rails:rules:fail-pipeline-early: rules: - - <<: *if-rspec-fail-fast-disabled - when: never - - <<: *if-rspec-fail-fast-skipped - when: never - <<: *if-not-ee when: never - <<: *if-security-merge-request @@ -1136,7 +1219,7 @@ - <<: *if-not-ee when: never - <<: *if-default-branch-schedule-nightly - - <<: *if-merge-request-title-run-all-rspec + - <<: *if-merge-request-labels-run-all-rspec .rails:rules:rspec-coverage: rules: @@ -1146,7 +1229,7 @@ changes: *code-backstage-patterns when: always - <<: *if-default-branch-schedule-2-hourly - - <<: *if-merge-request-title-run-all-rspec + - <<: *if-merge-request-labels-run-all-rspec when: always .rails:rules:default-branch-schedule-nightly--code-backstage: @@ -1181,7 +1264,7 @@ rules: - <<: *if-not-ee when: never - - <<: *if-merge-request-title-as-if-foss + - <<: *if-merge-request-labels-as-if-foss changes: *code-backstage-qa-patterns - <<: *if-security-merge-request changes: *code-backstage-qa-patterns @@ -1196,7 +1279,7 @@ rules: - <<: *if-merge-request changes: ["vendor/gems/mail-smtp_pool/**/*"] - - <<: *if-merge-request-title-run-all-rspec + - <<: *if-merge-request-labels-run-all-rspec ################## # Releases rules # @@ -1222,75 +1305,76 @@ when: never - <<: *if-default-refs changes: *code-backstage-patterns - allow_failure: true -.reports:rules:sast: +.reports:rules:brakeman-sast: rules: - - if: '$SAST_DISABLED || $GITLAB_FEATURES !~ /\bsast\b/' + - if: $SAST_DISABLED when: never - - <<: *if-default-refs - changes: *code-backstage-qa-patterns - allow_failure: true + - if: $SAST_EXCLUDED_ANALYZERS =~ /brakeman/ + when: never + - changes: + - '**/*.rb' + - '**/Gemfile' + +.reports:rules:gosec-sast: + rules: + - if: $SAST_DISABLED + when: never + - if: $SAST_EXCLUDED_ANALYZERS =~ /gosec/ + when: never + - changes: + - '**/*.go' + +.reports:rules:semgrep-sast: + rules: + - if: $SAST_DISABLED + when: never + - if: $SAST_EXCLUDED_ANALYZERS =~ /semgrep/ + when: never + - changes: + - '**/*.py' + - '**/*.js' + - '**/*.jsx' + - '**/*.ts' + - '**/*.tsx' + - '**/*.c' + - '**/*.go' .reports:rules:secret_detection: rules: - if: '$SECRET_DETECTION_DISABLED' when: never - - if: '$CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH' # The Secret-Detection template already has a `secret_detection_default_branch` job - when: never - changes: *code-backstage-qa-patterns - allow_failure: true .reports:rules:gemnasium-dependency_scanning: rules: - - if: '$DEPENDENCY_SCANNING_DISABLED || $GITLAB_FEATURES !~ /\bdependency_scanning\b/ || $DS_EXCLUDED_ANALYZERS =~ /gemnasium([^-]|$)/' + - if: '$DEPENDENCY_SCANNING_DISABLED || $GITLAB_FEATURES !~ /\bdependency_scanning\b/ || $DS_EXCLUDED_ANALYZERS =~ /gemnasium([^-]|$)/ || $DS_DEFAULT_ANALYZERS !~ /gemnasium([^-]|$)/' when: never - - <<: *if-default-refs - changes: *dependency-patterns - allow_failure: true + - changes: *dependency-patterns .reports:rules:bundler-audit-dependency_scanning: rules: - - if: '$DEPENDENCY_SCANNING_DISABLED || $GITLAB_FEATURES !~ /\bdependency_scanning\b/ || $DS_EXCLUDED_ANALYZERS =~ /bundler-audit/' + - if: '$DEPENDENCY_SCANNING_DISABLED || $GITLAB_FEATURES !~ /\bdependency_scanning\b/ || $DS_EXCLUDED_ANALYZERS =~ /bundler-audit/ || $DS_DEFAULT_ANALYZERS !~ /bundler-audit/' when: never - - <<: *if-default-refs - changes: *bundler-patterns - allow_failure: true + - changes: *bundler-patterns .reports:rules:retire-js-dependency_scanning: rules: - - if: '$DEPENDENCY_SCANNING_DISABLED || $GITLAB_FEATURES !~ /\bdependency_scanning\b/ || $DS_EXCLUDED_ANALYZERS =~ /retire.js/' + - if: '$DEPENDENCY_SCANNING_DISABLED || $GITLAB_FEATURES !~ /\bdependency_scanning\b/ || $DS_EXCLUDED_ANALYZERS =~ /retire.js/ || $DS_DEFAULT_ANALYZERS !~ /retire.js/' when: never - - <<: *if-default-refs - changes: *nodejs-patterns - allow_failure: true + - changes: *nodejs-patterns .reports:rules:gemnasium-python-dependency_scanning: rules: - - if: '$DEPENDENCY_SCANNING_DISABLED || $GITLAB_FEATURES !~ /\bdependency_scanning\b/ || $DS_EXCLUDED_ANALYZERS =~ /gemnasium-python/' + - if: '$DEPENDENCY_SCANNING_DISABLED || $GITLAB_FEATURES !~ /\bdependency_scanning\b/ || $DS_EXCLUDED_ANALYZERS =~ /gemnasium-python/ || $DS_DEFAULT_ANALYZERS !~ /gemnasium-python/' when: never - - <<: *if-default-refs - changes: *python-patterns - allow_failure: true - -.reports:rules:dast: - rules: - - if: '$DAST_DISABLED || $GITLAB_FEATURES !~ /\bdast\b/' - when: never - - <<: *if-dot-com-gitlab-org-merge-request - changes: *frontend-patterns - allow_failure: true - - <<: *if-dot-com-gitlab-org-merge-request - changes: *code-qa-patterns - when: manual - allow_failure: true + - changes: *python-patterns .reports:rules:schedule-dast: rules: - if: '$DAST_DISABLED || $GITLAB_FEATURES !~ /\bdast\b/' when: never - - <<: *if-dot-com-ee-nightly-schedule - allow_failure: true + - <<: *if-dot-com-ee-nightly-schedule-child-pipeline .reports:rules:package_hunter-yarn: rules: @@ -1310,16 +1394,14 @@ .reports:rules:license_scanning: rules: - - if: '$LICENSE_SCANNING_DISABLED || $GITLAB_FEATURES !~ /\blicense_scanning\b/' + - if: '$LICENSE_MANAGEMENT_DISABLED || $GITLAB_FEATURES !~ /\blicense_scanning\b/' when: never - - <<: *if-default-refs - changes: *code-backstage-qa-patterns - allow_failure: true + - changes: *code-backstage-qa-patterns ################ # Review rules # ################ -.review:rules:review-build-cng: +.review:rules:review-app-pipeline: rules: - <<: *if-not-ee when: never @@ -1336,6 +1418,22 @@ allow_failure: true - <<: *if-dot-com-gitlab-org-schedule +.review:rules:review-build-cng: + rules: + - <<: *if-not-ee + when: never + - <<: *if-dot-com-gitlab-org-merge-request + changes: *ci-review-patterns + - <<: *if-dot-com-gitlab-org-merge-request + changes: *frontend-patterns + - <<: *if-dot-com-gitlab-org-merge-request + changes: *code-patterns + allow_failure: true + - <<: *if-dot-com-gitlab-org-merge-request + changes: *qa-patterns + allow_failure: true + - <<: *if-dot-com-gitlab-org-schedule-child-pipeline + .review:rules:review-deploy: rules: - <<: *if-not-ee @@ -1351,7 +1449,7 @@ - <<: *if-dot-com-gitlab-org-merge-request changes: *qa-patterns allow_failure: true - - <<: *if-dot-com-gitlab-org-schedule + - <<: *if-dot-com-gitlab-org-schedule-child-pipeline allow_failure: true .review:rules:review-performance: @@ -1368,7 +1466,7 @@ - <<: *if-dot-com-gitlab-org-merge-request changes: *code-qa-patterns allow_failure: true - - <<: *if-dot-com-gitlab-org-schedule + - <<: *if-dot-com-gitlab-org-schedule-child-pipeline allow_failure: true .review:rules:review-delete-deployment: @@ -1390,7 +1488,7 @@ - <<: *if-dot-com-gitlab-org-merge-request changes: *code-qa-patterns allow_failure: true - - <<: *if-dot-com-ee-schedule + - <<: *if-dot-com-ee-schedule-child-pipeline allow_failure: true # The rule needs to be duplicated between `on_success` and `on_failure` @@ -1418,9 +1516,9 @@ - <<: *if-dot-com-gitlab-org-merge-request changes: *code-qa-patterns when: on_failure - - <<: *if-dot-com-ee-schedule + - <<: *if-dot-com-ee-schedule-child-pipeline when: on_success - - <<: *if-dot-com-ee-schedule + - <<: *if-dot-com-ee-schedule-child-pipeline when: on_failure .review:rules:review-qa-all: @@ -1434,7 +1532,7 @@ - <<: *if-dot-com-gitlab-org-merge-request changes: *qa-patterns allow_failure: true - - <<: *if-dot-com-ee-nightly-schedule + - <<: *if-dot-com-ee-nightly-schedule-child-pipeline allow_failure: true # The rule needs to be duplicated between `on_success` and `on_failure` @@ -1456,10 +1554,10 @@ changes: *qa-patterns when: on_failure allow_failure: true - - <<: *if-dot-com-ee-nightly-schedule + - <<: *if-dot-com-ee-nightly-schedule-child-pipeline when: on_success allow_failure: true - - <<: *if-dot-com-ee-nightly-schedule + - <<: *if-dot-com-ee-nightly-schedule-child-pipeline when: on_failure allow_failure: true @@ -1471,7 +1569,7 @@ changes: *code-qa-patterns when: manual allow_failure: true - - <<: *if-dot-com-gitlab-org-schedule + - <<: *if-dot-com-gitlab-org-schedule-child-pipeline allow_failure: true .review:rules:review-stop: @@ -1534,6 +1632,17 @@ changes: *code-backstage-patterns when: on_success +.setup:rules:add-jh-folder: + rules: + - <<: *if-not-ee + when: never + - <<: *if-jh + when: never + - <<: *if-merge-request-labels-as-if-jh + - <<: *if-merge-request-labels-run-all-rspec + - changes: *code-backstage-qa-patterns + - changes: *startup-css-patterns + ####################### # Test metadata rules # ####################### @@ -1541,7 +1650,7 @@ rules: - changes: *code-backstage-patterns when: on_success - - <<: *if-merge-request-title-run-all-rspec + - <<: *if-merge-request-labels-run-all-rspec .test-metadata:rules:update-tests-metadata: rules: diff --git a/.gitlab/ci/setup.gitlab-ci.yml b/.gitlab/ci/setup.gitlab-ci.yml index 60a1ad54cf..eb7a5afad3 100644 --- a/.gitlab/ci/setup.gitlab-ci.yml +++ b/.gitlab/ci/setup.gitlab-ci.yml @@ -101,3 +101,19 @@ detect-tests as-if-foss: MATCHED_TESTS_FILE: tmp/matching_foss_tests.txt before_script: - '[ "$FOSS_ONLY" = "1" ] && rm -rf ee/ qa/spec/ee/ qa/qa/specs/features/ee/ qa/qa/ee/ qa/qa/ee.rb' + +add-jh-folder: + extends: .setup:rules:add-jh-folder + image: ${GITLAB_DEPENDENCY_PROXY}alpine:edge + stage: prepare + before_script: + - apk add --no-cache --update curl bash + script: + - curl --location -o "jh-folder.tar.gz" "https://gitlab.com/gitlab-jh/gitlab/-/archive/main-jh/gitlab-main-jh.tar.gz?path=jh" + - tar -xf "jh-folder.tar.gz" + - mv gitlab-main-jh-jh/jh/ ./ + - ls -l jh/ + artifacts: + expire_in: 2d + paths: + - jh/ diff --git a/.gitlab/ci/static-analysis.gitlab-ci.yml b/.gitlab/ci/static-analysis.gitlab-ci.yml index 1394085b6e..85df68e903 100644 --- a/.gitlab/ci/static-analysis.gitlab-ci.yml +++ b/.gitlab/ci/static-analysis.gitlab-ci.yml @@ -35,6 +35,17 @@ static-analysis: paths: - tmp/feature_flags/ +static-analysis-with-database: + extends: + - .static-analysis-base + - .static-analysis:rules:ee-and-foss + - .use-pg12 + stage: test + script: + - bundle exec rake lint:static_verification_with_database + variables: + SETUP_DB: "true" + static-analysis as-if-foss: extends: - static-analysis diff --git a/.gitlab/ci/test-metadata.gitlab-ci.yml b/.gitlab/ci/test-metadata.gitlab-ci.yml index ac71997797..2d96fb6d4b 100644 --- a/.gitlab/ci/test-metadata.gitlab-ci.yml +++ b/.gitlab/ci/test-metadata.gitlab-ci.yml @@ -29,8 +29,7 @@ update-tests-metadata: - retrieve-tests-metadata - setup-test-env - rspec migration pg12 - - rspec frontend_fixture - - rspec-ee frontend_fixture + - rspec-all frontend_fixture - rspec unit pg12 - rspec integration pg12 - rspec system pg12 diff --git a/.gitlab/issue_templates/Feature Flag Roll Out.md b/.gitlab/issue_templates/Feature Flag Roll Out.md index 1576f6e8f5..00b396bac4 100644 --- a/.gitlab/issue_templates/Feature Flag Roll Out.md +++ b/.gitlab/issue_templates/Feature Flag Roll Out.md @@ -24,26 +24,6 @@ Are there any other stages or teams involved that need to be kept in the loop? - The Delivery Team --> -## The Rollout Plan - -- Partial Rollout on GitLab.com with testing groups -- Rollout on GitLab.com for a certain period (How long) -- Percentage Rollout on GitLab.com -- Rollout Feature for everyone as soon as it's ready - - - -## Testing Groups/Projects/Users - - - -- `gitlab-org/gitlab` project -- `gitlab-org/gitlab-foss` project -- `gitlab-com/www-gitlab-com` project -- `gitlab-org`/`gitlab-com` groups -- ... - - ## Expectations ### What are we expecting to happen? @@ -62,17 +42,30 @@ Are there any other stages or teams involved that need to be kept in the loop? ### Rollout on non-production environments -- [ ] Ensure that the feature MRs have been deployed to non-production environments. +- Ensure that the feature MRs have been deployed to non-production environments. - [ ] `/chatops run auto_deploy status ` - [ ] Enable the feature globally on non-production environments. - [ ] `/chatops run feature set true --dev` - [ ] `/chatops run feature set true --staging` - [ ] Verify that the feature works as expected. Posting the QA result in this issue is preferable. -### Preparation before production rollout +### Specific rollout on production -- [ ] Ensure that the feature MRs have been deployed to both production and canary. +- Ensure that the feature MRs have been deployed to both production and canary. - [ ] `/chatops run auto_deploy status ` +- If you're using [project-actor](https://docs.gitlab.com/ee/development/feature_flags/#feature-actors), you must enable the feature on these entries: + - [ ] `/chatops run feature set --project=gitlab-org/gitlab true` + - [ ] `/chatops run feature set --project=gitlab-org/gitlab-foss true` + - [ ] `/chatops run feature set --project=gitlab-com/www-gitlab-com true` +- If you're using [group-actor](https://docs.gitlab.com/ee/development/feature_flags/#feature-actors), you must enable the feature on these entries: + - [ ] `/chatops run feature set --group=gitlab-org true` + - [ ] `/chatops run feature set --group=gitlab-com true` +- If you're using [user-actor](https://docs.gitlab.com/ee/development/feature_flags/#feature-actors), you must enable the feature on these entries: + - [ ] `/chatops run feature set --user= true` +- [ ] Verify that the feature works on the specific entries. Posting the QA result in this issue is preferable. + +### Preparation before global rollout + - [ ] Check if the feature flag change needs to be accompanied with a [change management issue](https://about.gitlab.com/handbook/engineering/infrastructure/change-management/#feature-flags-and-the-change-management-process). Cross link the issue here if it does. @@ -86,19 +79,13 @@ Are there any other stages or teams involved that need to be kept in the loop? All `/chatops` commands that target production should be done in the `#production` slack channel for visibility. -- [ ] Confirm the feature flag is enabled on `staging` without incident -- [ ] Roll out the feature to targeted testing projects/groups first - - [ ] `/chatops run feature set --project=gitlab-org/gitlab true` - - [ ] `/chatops run feature set --project=gitlab-org/gitlab-foss true` - - [ ] `/chatops run feature set --project=gitlab-com/www-gitlab-com true` - - [ ] [Incrementally roll out](https://docs.gitlab.com/ee/development/feature_flags/controls.html#process) the feature. - If the feature flag in code has [an actor](https://docs.gitlab.com/ee/development/feature_flags/#feature-actors), perform **actor-based** rollout. - [ ] `/chatops run feature set --actors` - If the feature flag in code does **NOT** have [an actor](https://docs.gitlab.com/ee/development/feature_flags/#feature-actors), perform time-based rollout (**random** rollout). - [ ] `/chatops run feature set ` -- [ ] Verify the change has the desired outcome with the limited rollout before enabling the feature globally on production. -- [ ] Enable the feature globally on production environment. `/chatops run feature set true` + - Enable the feature globally on production environment. + - [ ] `/chatops run feature set true` - [ ] Announce on [the feature issue](ISSUE LINK) that the feature has been globally enabled. - [ ] Wait for [at least one day for the verification term](https://about.gitlab.com/handbook/product-development-flow/feature-flag-lifecycle/#including-a-feature-behind-feature-flag-in-the-final-release). diff --git a/.gitlab/issue_templates/Geo Replicate a new Git repository type.md b/.gitlab/issue_templates/Geo Replicate a new Git repository type.md index 476ee14a63..0d82294579 100644 --- a/.gitlab/issue_templates/Geo Replicate a new Git repository type.md +++ b/.gitlab/issue_templates/Geo Replicate a new Git repository type.md @@ -109,7 +109,7 @@ Geo secondary sites have a [Geo tracking database](https://gitlab.com/gitlab-org bin/rake geo:db:migrate ``` -- [ ] Be sure to commit the relevant changes in `ee/db/geo/schema.rb` +- [ ] Be sure to commit the relevant changes in `ee/db/geo/structure.sql` ### Add verification state fields on the Geo primary site diff --git a/.gitlab/issue_templates/Geo Replicate a new blob type.md b/.gitlab/issue_templates/Geo Replicate a new blob type.md index aef983f649..00a71fa406 100644 --- a/.gitlab/issue_templates/Geo Replicate a new blob type.md +++ b/.gitlab/issue_templates/Geo Replicate a new blob type.md @@ -110,7 +110,7 @@ Geo secondary sites have a [Geo tracking database](https://gitlab.com/gitlab-org bin/rake geo:db:migrate ``` -- [ ] Be sure to commit the relevant changes in `ee/db/geo/schema.rb` +- [ ] Be sure to commit the relevant changes in `ee/db/geo/structure.sql` ### Add verification state fields on the Geo primary site diff --git a/.gitlab/issue_templates/Navigation - Left Sidebar Proposals.md b/.gitlab/issue_templates/Navigation - Left Sidebar Proposals.md index 57d6d12267..e9e510da11 100644 --- a/.gitlab/issue_templates/Navigation - Left Sidebar Proposals.md +++ b/.gitlab/issue_templates/Navigation - Left Sidebar Proposals.md @@ -8,8 +8,7 @@ - [ ] If your proposal includes changes to the top-level menu items within the left sidebar, engage the [Foundations Product Design Manager](https://about.gitlab.com/handbook/product/categories/#foundations-group) for approval. The Foundations DRI will work with UX partners in product design, research, and technical writing, as applicable. - [ ] Follow the [product development workflow](https://about.gitlab.com/handbook/product-development-flow/#validation-phase-2-problem-validation) validation process to ensure you are solving a well understood problem and that the proposed change is understandable and non-disruptive to users. Navigation-specific research is strongly encouraged. -- [ ] Engage the [Editor](https://about.gitlab.com/handbook/engineering/development/dev/create-editor/) team to ensure your proposal is in alignment with holistic changes happening to the left side bar. +- [ ] Engage the [Foundations](https://about.gitlab.com/handbook/product/categories/#foundations-group) team to ensure your proposal is in alignment with holistic changes happening to the left side bar. - [ ] Consider whether you need to communicate the change somehow, or if you will have an interim period in the UI where your nav item will live in more than one place. -- [ ] Once implemented, update this [navigation map in Mural](https://app.mural.co/t/gitlab2474/m/gitlab2474/1589571490215/261462d0beb3043979374623710d3f2d6cfec1cb) with your navigation change. /label ~UX ~"UI text" ~"documentation" ~"documentation" ~"Category:Navigation & Settings" ~"Category:Foundations" ~navigation diff --git a/.gitlab/merge_request_templates/Deprecations.md b/.gitlab/merge_request_templates/Deprecations.md new file mode 100644 index 0000000000..8431e9ca39 --- /dev/null +++ b/.gitlab/merge_request_templates/Deprecations.md @@ -0,0 +1,82 @@ + + +/label ~"release post" ~"release post item" ~"Technical Writing" ~"devops::" ~"group::" +/milestone % +/assign `@PM` + +**Be sure to link this MR to the relevant deprecation issue(s).** + +**By the 10th**: Assign this MR to these team members as Reviewer and for Approval (optional unless noted as required): + +- Product Marketing: `@PMM` +- Product Designer(s): `@ProductDesigners` +- Group Manager or Director: `@manager` +- Engineering Manager: `@EM` - Required + +**By 8:00 AM PDT 15th**: PM will assign this MR to the TW reviewer: `@PM` + +**By 11:59 PM PDT 15th**: TW Reviewer will perform final review and merge this MR to Master: `@TW` + +--- + +Please review the [guidelines for deprecations](https://about.gitlab.com/handbook/marketing/blog/release-posts/#deprecations), +as well as the process for [creating a deprecation entry](https://about.gitlab.com/handbook/marketing/blog/release-posts/#creating-a-deprecation-entry). +They are frequently updated, and everyone should make sure they are aware of the current standards (PM, PMM, EM, and TW). + +## Links + +- Deprecation Issue: +- Deprecation MR (optional): + +## PM release post item checklist + +- [ ] Set yourself as the Assignee. +- [ ] Follow the process to [create a deprecation YAML file](https://about.gitlab.com/handbook/marketing/blog/release-posts/#creating-a-deprecation-entry). +- [ ] Add reviewers by the 10th +- [ ] When ready to be merged and not later than the 15th, add the ~ready label and @ message the TW for final review and merge. + +## Reviewers + +When the content is ready for review, it must be reviewed by Technical Writer and Engineering Manager, but can also be reviewed by +Product Marketing, Product Design, and the Product Leaders for this area. Please use the +[Reviewers for Merge Requests](https://docs.gitlab.com/ee/user/project/merge_requests/getting_started#reviewer) +feature for all reviews. Reviewers will then `approve` the MR and remove themselves from Reviewers when their review is complete. + +- [ ] (Recommended) PMM +- [ ] (Optional) Product Designer +- [ ] (Optional) Group Manager or Director +- [ ] Required review and approval: [Technical Writer designated to the corresponding DevOps stage/group](https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments). + +### Tech writer review + +After being added as a Reviewer to this merge request, the TW performs their review +according to the criteria described below. + +Review deprecation MRs with a similar process as regular docs MRs. Add suggestions +as needed, @ message the PM to inform them the first review is complete, and remove +yourself as a reviewer if it's not ready for merge yet. + +
+Expand for Details + +- [ ] Title: + - Length limit: 7 words (not including articles or prepositions). + - Capitalization: ensure the title is [sentence cased](https://design.gitlab.com/content/punctuation#case). + - No Markdown `` `code` `` formatting in the title, as it doesn't render correctly in the release post. +- [ ] Consistency: + - Ensure that all resources (docs, deprecation, etc.) refer to the feature with the same term / feature name. +- [ ] Content: + - Make sure the deprecation is accurate based on your understanding. Look for typos or grammar mistakes. Work with PM and PMM to ensure a consistent GitLab style and tone for messaging, based on other features and deprecations. + - Review use of whitespace and bullet lists. Will the deprecation item be easily scannable when published? Consider adding line breaks or breaking content into bullets if you have more than a few sentences. + - Make sure there aren't acronyms readers may not understand per . +- [ ] Links: + - All links must be full URLs, as the deprecation YAML files are used in two different projects. Do not use relative links. The generated doc is an exception to the relative link rule and currently uses absolute links only. + - Make sure all links and anchors are correct. Do not link to the H1 (top) anchor on a docs page. +- [ ] Code. Make sure any included code is wrapped in code blocks. +- [ ] Capitalization. Make sure to capitalize feature names. Stay consistent with the Documentation Style Guidance on [Capitalization](https://docs.gitlab.com/ee/development/documentation/styleguide.html#capitalization). +- [ ] Blank spaces. Remove unnecessary spaces (end of line spaces, double spaces, extra blank lines, and lines with only spaces). + +
+ +When the PM indicates it is ready for merge, all issues have been addressed merge this MR. + - You must merge this MR by the 15th so the Release Post TW lead can run the [deprecations in Docs rake task](https://about.gitlab.com/handbook/marketing/blog/release-posts/#update-the-deprecations-doc) on the 16th diff --git a/.gitpod.yml b/.gitpod.yml index e9cc798ed1..d546cc7f64 100644 --- a/.gitpod.yml +++ b/.gitpod.yml @@ -16,8 +16,7 @@ tasks: # GitLab [[ -d /workspace/gitlab ]] && ln -fs /workspace/gitlab /workspace/gitlab-development-kit/gitlab mv /workspace/gitlab-development-kit/secrets.yml /workspace/gitlab-development-kit/gitlab/config - # update gdk.yml - gdk config set gitlab.rails.hostname $(gp url 3000 | sed -e 's+^http[s]*://++') + # ensure gdk.yml has correct instance settings gdk config set gitlab.rails.port 443 gdk config set gitlab.rails.https.enabled true # reconfigure GDK @@ -42,6 +41,13 @@ tasks: echo "$(date) – Updating GDK" | tee -a /workspace/startup.log gdk update fi + # ensure gdk.yml has correct instance settings + gdk config set gitlab.rails.hostname $(gp url 3000 | sed -e 's+^http[s]*://++') + gdk config set gitlab.rails.port 443 + gdk config set gitlab.rails.https.enabled true + # reconfigure GDK + echo "$(date) – Reconfiguring GDK" | tee -a /workspace/startup.log + gdk reconfigure # start GDK echo "$(date) – Starting GDK" | tee -a /workspace/startup.log export DEV_SERVER_PUBLIC_ADDR=$(gp url 3808) diff --git a/.rubocop.yml b/.rubocop.yml index 141ba874b2..4bf2392867 100644 --- a/.rubocop.yml +++ b/.rubocop.yml @@ -28,7 +28,6 @@ AllCops: - 'node_modules/**/*' - 'db/fixtures/**/*' - 'db/schema.rb' - - 'ee/db/geo/schema.rb' - 'tmp/**/*' - 'bin/**/*' - 'generator_templates/**/*' diff --git a/.rubocop_manual_todo.yml b/.rubocop_manual_todo.yml index 2cbfeec104..a646f6ec95 100644 --- a/.rubocop_manual_todo.yml +++ b/.rubocop_manual_todo.yml @@ -296,7 +296,6 @@ Rails/TimeZone: - 'spec/lib/gitlab/graphql_logger_spec.rb' - 'spec/lib/gitlab/graphs/commits_spec.rb' - 'spec/lib/gitlab/import_export/project/relation_factory_spec.rb' - - 'spec/lib/gitlab/instrumentation_helper_spec.rb' - 'spec/lib/gitlab/json_logger_spec.rb' - 'spec/lib/gitlab/lfs_token_spec.rb' - 'spec/lib/gitlab/log_timestamp_formatter_spec.rb' @@ -384,10 +383,8 @@ RSpec/TimecopFreeze: - 'spec/lib/gitlab/checks/timed_logger_spec.rb' - 'spec/lib/gitlab/cycle_analytics/stage_summary_spec.rb' - 'spec/lib/gitlab/cycle_analytics/usage_data_spec.rb' - - 'spec/lib/gitlab/instrumentation_helper_spec.rb' - 'spec/lib/gitlab/omniauth_logging/json_formatter_spec.rb' - 'spec/lib/gitlab/puma_logging/json_formatter_spec.rb' - - 'spec/lib/gitlab/sidekiq_logging/structured_logger_spec.rb' - 'spec/lib/json_web_token/hmac_token_spec.rb' - 'spec/tooling/rspec_flaky/flaky_example_spec.rb' - 'spec/tooling/rspec_flaky/listener_spec.rb' @@ -744,7 +741,6 @@ RSpec/AnyInstanceOf: - 'spec/policies/ci/pipeline_policy_spec.rb' - 'spec/presenters/gitlab/blame_presenter_spec.rb' - 'spec/presenters/merge_request_presenter_spec.rb' - - 'spec/requests/api/api_spec.rb' - 'spec/requests/api/ci/runner/jobs_artifacts_spec.rb' - 'spec/requests/api/ci/runner/jobs_put_spec.rb' - 'spec/requests/api/ci/runner/jobs_request_post_spec.rb' @@ -1769,7 +1765,6 @@ Gitlab/NamespacedClass: - 'app/workers/pages_domain_ssl_renewal_worker.rb' - 'app/workers/pages_domain_verification_cron_worker.rb' - 'app/workers/pages_domain_verification_worker.rb' - - 'app/workers/pages_remove_worker.rb' - 'app/workers/pages_transfer_worker.rb' - 'app/workers/pages_update_configuration_worker.rb' - 'app/workers/pages_worker.rb' @@ -2589,13 +2584,9 @@ Rails/IncludeUrlHelper: - 'app/models/integrations/youtrack.rb' - 'app/presenters/alert_management/alert_presenter.rb' - 'app/presenters/ci/pipeline_presenter.rb' - - 'app/presenters/clusters/cluster_presenter.rb' - 'app/presenters/environment_presenter.rb' - 'app/presenters/gitlab/blame_presenter.rb' - - 'app/presenters/group_clusterable_presenter.rb' - - 'app/presenters/instance_clusterable_presenter.rb' - 'app/presenters/merge_request_presenter.rb' - - 'app/presenters/project_clusterable_presenter.rb' - 'app/presenters/project_presenter.rb' - 'app/presenters/prometheus_alert_presenter.rb' - 'app/presenters/release_presenter.rb' @@ -2607,7 +2598,6 @@ Rails/IncludeUrlHelper: - 'ee/spec/lib/banzai/filter/cross_project_issuable_information_filter_spec.rb' - 'ee/spec/lib/banzai/filter/issuable_state_filter_spec.rb' - 'lib/gitlab/ci/badge/metadata.rb' - - 'lib/gitlab/email/message/in_product_marketing/helper.rb' - 'spec/helpers/merge_requests_helper_spec.rb' - 'spec/helpers/nav/top_nav_helper_spec.rb' - 'spec/helpers/notify_helper_spec.rb' diff --git a/.stylelintrc b/.stylelintrc index a4331811eb..488e34dd7d 100644 --- a/.stylelintrc +++ b/.stylelintrc @@ -13,6 +13,7 @@ "./scripts/frontend/stylelint/stylelint-utility-classes.js", ], "rules":{ + "at-rule-disallowed-list": ["extend"], "max-nesting-depth": [ 3, { diff --git a/CHANGELOG.md b/CHANGELOG.md index ab9f3dd35e..dad5599a28 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,23 +2,428 @@ documentation](doc/development/changelog.md) for instructions on adding your own entry. -## 14.3.4 (2021-10-28) +## 14.4.2 (2021-11-08) + +### Fixed (3 changes) + +- [Skip retrying for reads on connection errors if primary only](gitlab-org/gitlab@8e1976ed75bd6c606d49c83863cf46bf3c4d5070) ([merge request](gitlab-org/gitlab!73919)) +- [Fix error 500 loading branch with UTF-8 characters with performance bar](gitlab-org/gitlab@67ddc428472d57bb3d8a4a84eb0750487a175f75) ([merge request](gitlab-org/gitlab!73919)) +- [Skip st_diff callback setting on LegacyDiffNote when importing](gitlab-org/gitlab@84f5c66321473cd702b3b671584054fcf3d141ae) ([merge request](gitlab-org/gitlab!73919)) + +### Changed (1 change) + +- [Remove skip_legacy_diff_note_callback_on_import from legacy diff note](gitlab-org/gitlab@547a2ec29ea9e9299eab727899c3d90886ffc21c) ([merge request](gitlab-org/gitlab!73919)) + +### Performance (1 change) + +- [Prevent Sidekiq size limiter middleware from running multiple times on the same job](gitlab-org/gitlab@294c01be38d400607536fb20a2038e098c0f0e28) ([merge request](gitlab-org/gitlab!73919)) + +## 14.4.1 (2021-10-28) ### Security (13 changes) -- [Highlight usage of unicode bidi characters](gitlab-org/security/gitlab@0b9bcafa73bc12ad873f75584b993f7b94f1f2e7) ([merge request](gitlab-org/security/gitlab!1938)) -- [Fix dompurify.js to prevent path traversal attacks](gitlab-org/security/gitlab@6599afd4d7357ab356fcb773af19f8388978b3ed) ([merge request](gitlab-org/security/gitlab!1930)) -- [Refresh authorizations on transfer of groups having project shares](gitlab-org/security/gitlab@faad71f44a1b1048b73897d450c923a18ec18c0b) ([merge request](gitlab-org/security/gitlab!1917)) -- [Do not allow Applications API to create apps with blank scopes](gitlab-org/security/gitlab@293931500c84ef7ea9a2117d3ddf094f8ac15dcf) ([merge request](gitlab-org/security/gitlab!1923)) -- [Don't allow author to resolve discussions when MR is locked via GraphQL](gitlab-org/security/gitlab@5027cb2b0303645a921b95d324d3d55dcf7632e4) ([merge request](gitlab-org/security/gitlab!1920)) -- [Workhorse: Allow uploading only a single file](gitlab-org/security/gitlab@c18c2ddfa34a4c3e476136ab3eba9be7f265ad59) ([merge request](gitlab-org/security/gitlab!1914)) -- [Group owners should see SCIM token only once](gitlab-org/security/gitlab@3d6664461da720fb256d8e139961b383e33a3b90) ([merge request](gitlab-org/security/gitlab!1907)) **GitLab Enterprise Edition** -- [Respect visibility level settings when updating project via API](gitlab-org/security/gitlab@124ca62c02bfa8ef6f7de7b328f80756fd01c052) ([merge request](gitlab-org/security/gitlab!1904)) -- [Avoid decoding the whole tiff image on isTIFF check](gitlab-org/security/gitlab@8e6ffd52f50170a5cf2761e50a3d6efaca5fe64f) ([merge request](gitlab-org/security/gitlab!1900)) -- [Adding a '[redacted]' to mask private email addresses](gitlab-org/security/gitlab@6f2a2b2240eb7590bbc773f35d3927d4854a31b5) ([merge request](gitlab-org/security/gitlab!1894)) -- [Do not display the root password by default](gitlab-org/security/gitlab@87893548183fc4a111e12c0bdb3e409175a41668) ([merge request](gitlab-org/security/gitlab!1803)) -- [Set PipelineSchedules to inactive](gitlab-org/security/gitlab@0e77e1cd938f876f3e9c049a84486c8c90cd0f3f) ([merge request](gitlab-org/security/gitlab!1879)) -- [Remove external_webhook_token from exported project](gitlab-org/security/gitlab@1362f7481aad5e4295da11f0db53e31600c7c7b5) ([merge request](gitlab-org/security/gitlab!1866)) +- [Highlight usage of unicode bidi characters](gitlab-org/security/gitlab@cef762a270783780112c7bf318e353a39de1aa1e) ([merge request](gitlab-org/security/gitlab!1937)) +- [Fix dompurify.js to prevent path traversal attacks](gitlab-org/security/gitlab@9a891cbe465a302f260f0f81fc490cacb9e8c70e) ([merge request](gitlab-org/security/gitlab!1929)) +- [Refresh authorizations on transfer of groups having project shares](gitlab-org/security/gitlab@bdf8b6e90d0a1f719c0f389f29ea5dc41c22f119) ([merge request](gitlab-org/security/gitlab!1916)) +- [Adding a '[redacted]' to mask private email addresses](gitlab-org/security/gitlab@324fe6286b266c3990676bc93b3f6ab03eea5f6b) ([merge request](gitlab-org/security/gitlab!1927)) +- [Do not allow Applications API to create apps with blank scopes](gitlab-org/security/gitlab@4e2c4d2a88acf7167e1078e8a27679545ab90c9c) ([merge request](gitlab-org/security/gitlab!1922)) +- [Don't allow author to resolve discussions when MR is locked via GraphQL](gitlab-org/security/gitlab@34ffcb55a70ad6db38292f79fe73c05fb2655738) ([merge request](gitlab-org/security/gitlab!1919)) +- [Workhorse: Allow uploading only a single file](gitlab-org/security/gitlab@0aee710db4bbab84c78b9e38f459bfca606aaf80) ([merge request](gitlab-org/security/gitlab!1913)) +- [Set PipelineSchedules to inactive](gitlab-org/security/gitlab@de405edc9de4519656675ed6825534aac6b738da) ([merge request](gitlab-org/security/gitlab!1911)) +- [Do not display the root password by default](gitlab-org/security/gitlab@138a62f89ce6616d63e3cf18eeda291a380b9ebc) ([merge request](gitlab-org/security/gitlab!1909)) +- [Group owners should see SCIM token only once](gitlab-org/security/gitlab@43d19f580543d0203b1d841f921536474ca4be38) ([merge request](gitlab-org/security/gitlab!1906)) **GitLab Enterprise Edition** +- [Respect visibility level settings when updating project via API](gitlab-org/security/gitlab@f96258f3622cf72b46158f22c4660ff60a2c25ae) ([merge request](gitlab-org/security/gitlab!1903)) +- [Avoid decoding the whole tiff image on isTIFF check](gitlab-org/security/gitlab@b93683df51ce85f909d5072ec2a0e7756d64038e) ([merge request](gitlab-org/security/gitlab!1899)) +- [Remove external_webhook_token from exported project](gitlab-org/security/gitlab@874aa74a23fc3c44f390500bc8379c30ebc51452) ([merge request](gitlab-org/security/gitlab!1872)) + +## 14.4.0 (2021-10-21) + +### Added (79 changes) + +- [Upgrade GitLab Pages to 1.46.0](gitlab-org/gitlab@e606ddc078a2fe55658abb33924fac5699376953) ([merge request](gitlab-org/gitlab!72383)) +- [Support math expressions in the Content Editor](gitlab-org/gitlab@3e60388da219b0b33fa032f50bf087fd5b7845c0) ([merge request](gitlab-org/gitlab!72153)) +- [Add Reviewer names](gitlab-org/gitlab@925c1246984a33b4c408848298dc544757656499) ([merge request](gitlab-org/gitlab!72244)) +- [Geo: Enable Upload replication using SSF by default](gitlab-org/gitlab@99543ee585f7f35f84f19e08b2ccba6428341a2b) ([merge request](gitlab-org/gitlab!72199)) **GitLab Enterprise Edition** +- [Add username attribute support for GitLab.com Group SAML SSO](gitlab-org/gitlab@085254b32ebdb6269636c774de9d88cbabc5bed9) ([merge request](gitlab-org/gitlab!72134)) **GitLab Enterprise Edition** +- [Expose issue contacts via GraphQL](gitlab-org/gitlab@2dc68a486afeffd1b64b78fcbeae537c030d7dfa) by @leetickett ([merge request](gitlab-org/gitlab!71889)) +- [Add source instance version validation for project](gitlab-org/gitlab@44c33c0ceb7c4507c94f1c7fda5811d81d5fdf9c) ([merge request](gitlab-org/gitlab!71423)) +- [Add top-level GraphQL query for single board list](gitlab-org/gitlab@2740bda696e362f7fd92f567b3e13f063b6677cf) ([merge request](gitlab-org/gitlab!67909)) +- [Allow to setup Documentation pages URL for help pages redirects](gitlab-org/gitlab@3f3566ab09ce35ac3a636a22e65e40927e63cab9) ([merge request](gitlab-org/gitlab!71737)) +- [DevOps Adoption: Add "trend over time" graph](gitlab-org/gitlab@ef874e312ca65ed14101c41d09e69bfa9869a19e) ([merge request](gitlab-org/gitlab!70518)) **GitLab Enterprise Edition** +- [Improve data zoom on contribution analytics](gitlab-org/gitlab@13d202a2f08fb7c45ebfa475ab258d20b68bc982) ([merge request](gitlab-org/gitlab!72004)) **GitLab Enterprise Edition** +- [Add cluster_image_scanning CI parser to update location data](gitlab-org/gitlab@c28d8ab7e6367258ddfbbeb25e0492c0a324c6f7) ([merge request](gitlab-org/gitlab!71794)) **GitLab Enterprise Edition** +- [Enable on-demand scans scheduler](gitlab-org/gitlab@fff487ba8404497c28f547c13f6322adf05ea6b5) ([merge request](gitlab-org/gitlab!72097)) **GitLab Enterprise Edition** +- [Add EE variant of Resolvers::ProjectPipelinesResolver](gitlab-org/gitlab@a463cdfb92c0b65fcbf1f88ac5fe967fb8dd8458) ([merge request](gitlab-org/gitlab!69983)) **GitLab Enterprise Edition** +- [Implement PostUploadPackWithSidechannel client in Workhorse](gitlab-org/gitlab@c82a66e14df6a61d7a72a5c91e63ec3829f9f1f2) ([merge request](gitlab-org/gitlab!71047)) +- [Introduce status column for the security_scans table and populate it](gitlab-org/gitlab@82ca4611de10d84e3f71d5a53e2adb0f56600308) ([merge request](gitlab-org/gitlab!71944)) +- [Add contact update mutation to GraphQL](gitlab-org/gitlab@36e00a538964c38997cc4ead8e6e405bfde60237) by @leetickett ([merge request](gitlab-org/gitlab!71866)) +- [Add support for load balancing multiple databases](gitlab-org/gitlab@771f94fc7fac48a353c66eab22bc25ccd6f18d54) ([merge request](gitlab-org/gitlab!67773)) +- [Admin: listing matching card details of an user](gitlab-org/gitlab@74e3fc25beeb3bbc142864df192acad845d73407) ([merge request](gitlab-org/gitlab!71533)) **GitLab Enterprise Edition** +- [Import repository with project migration](gitlab-org/gitlab@a6d2a4297a26c72f1168c9713085d8b324487648) ([merge request](gitlab-org/gitlab!70326)) +- [Graceful degradation for Branches controller](gitlab-org/gitlab@ac36712c9e89441b21fbdf391d70a2ae31df384f) ([merge request](gitlab-org/gitlab!70970)) +- [Add ability to set iteration on issue creation via GraphQL API](gitlab-org/gitlab@8821ec56982cbec2503d862f2684231048666647) ([merge request](gitlab-org/gitlab!71689)) **GitLab Enterprise Edition** +- [Avoid cross-joins in PipelinesForMergeRequestFinder](gitlab-org/gitlab@4e95bcd85840bda5a60a93096eec2235a10f0677) ([merge request](gitlab-org/gitlab!68549)) +- [Remove ci_resource_group_process_modes feature flag](gitlab-org/gitlab@7eb40a877b386f3c2f097e0fe22e592763b61d9b) ([merge request](gitlab-org/gitlab!71365)) +- [Add customer relations contact create mutation](gitlab-org/gitlab@78cd670bfc5605de4ee906e5074b25c8f10e4e75) by @leetickett ([merge request](gitlab-org/gitlab!70733)) +- [Sync requirement and requirement issues state](gitlab-org/gitlab@5b06b0d63227ebf8f7ba8e59ba4f4af3c528037a) ([merge request](gitlab-org/gitlab!70607)) **GitLab Enterprise Edition** +- [Keep credit card non-sensitive info](gitlab-org/gitlab@b5381bcab8271401dda80323ef44a8f18887d159) ([merge request](gitlab-org/gitlab!71171)) **GitLab Enterprise Edition** +- [Subscriptions hand raise lead API client](gitlab-org/gitlab@cd0ad142152f07acd5d50439ac7b58a89a84f8b4) ([merge request](gitlab-org/gitlab!71723)) **GitLab Enterprise Edition** +- [Add metric for users associating milestones to releases](gitlab-org/gitlab@bf999ff05c4d3f47aea31fd87a6bd1d6dcda0a0a) ([merge request](gitlab-org/gitlab!71287)) +- [Add meta data in user_credit_card_validations](gitlab-org/gitlab@0d08d597a30d1cd8e73f78fc3b64ad79418aa3e3) ([merge request](gitlab-org/gitlab!71032)) +- [Link to a search for feature flag name in project](gitlab-org/gitlab@8d1c153c04b54f1710596d523ea46880a9851eb2) ([merge request](gitlab-org/gitlab!70417)) **GitLab Enterprise Edition** +- [Add includeSubepics argument to issue filters in GraphQL](gitlab-org/gitlab@5a913e8455e9881be20c73c095bb077c7655acfb) ([merge request](gitlab-org/gitlab!71610)) **GitLab Enterprise Edition** +- [Warn users of impacted escalation policies on leave/delete](gitlab-org/gitlab@de25310c6c6a987003bb1c3948f7713960af917a) ([merge request](gitlab-org/gitlab!69411)) **GitLab Enterprise Edition** +- [Add confidential issues filtering for GraphQL API](gitlab-org/gitlab@733862877c48d3666d85922b956de186f6d93305) ([merge request](gitlab-org/gitlab!71355)) +- [Measure Sidekiq enqueue latency for scheduled jobs](gitlab-org/gitlab@c4c42d29cf4c33d913479ebcb916a4fdf45ab002) ([merge request](gitlab-org/gitlab!71615)) +- [Add ability to set iteration on issue creation via GraphQL API](gitlab-org/gitlab@25b287bfee614a0b8844a5ecf62ac26173327ea2) ([merge request](gitlab-org/gitlab!70007)) **GitLab Enterprise Edition** +- [Add issue_customer_relations_contacts linking table](gitlab-org/gitlab@3f6597a9aa88e023223d0f91e633be2d54ca99e9) by @leetickett ([merge request](gitlab-org/gitlab!71007)) +- [Add config field gitlab_kas.external_k8s_proxy_url](gitlab-org/gitlab@e0137111fbbd28316f38da30075aba641e702b98) ([merge request](gitlab-org/gitlab!71512)) +- [Add DependencyProxySettings mutation](gitlab-org/gitlab@e2d7d722887c8a6edc2b52a1e8871bce4781c4a2) ([merge request](gitlab-org/gitlab!71274)) +- [Added feature flag to show terraform banner](gitlab-org/gitlab@361e943b17924bbc14b26a2d8e1864d9c234c670) ([merge request](gitlab-org/gitlab!71462)) +- [Promote jobs_to_be_done experiment](gitlab-org/gitlab@26781e4305c97d64a9dc9bf2c1dd31702bff9daf) ([merge request](gitlab-org/gitlab!71122)) +- [Feat(Cloud Activation Form Modal): loading button](gitlab-org/gitlab@67403800753894384f77f603a2b0bc5587ccd77f) ([merge request](gitlab-org/gitlab!71385)) **GitLab Enterprise Edition** +- [Return runner webUrl via GraphQL API](gitlab-org/gitlab@f708096867cabf5829119cd4d83c902fa24b5c8b) ([merge request](gitlab-org/gitlab!70692)) +- [Add option of 60 days to container image expiration policy](gitlab-org/gitlab@c7be549c5f1727b474ff91212a42216f3115181f) by @pataar ([merge request](gitlab-org/gitlab!70148)) +- [Add missing keywords to CI schema](gitlab-org/gitlab@f1d0f6edadb5c20ab20efe0637e3698adc5ba2b5) ([merge request](gitlab-org/gitlab!70779)) +- [BulkImports: Handle network errors](gitlab-org/gitlab@337e284574a89bfb67d82a567152d7651814a976) ([merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/68582)) +- [Add sorting to DA overview table](gitlab-org/gitlab@87145f1c815d2c5f6e46270e108dbdda0c45b80a) ([merge request](gitlab-org/gitlab!70937)) **GitLab Enterprise Edition** +- [Document how to migrate off Gitaly Cluster](gitlab-org/gitlab@855db4a1816db79cd3d48c75597a48e3f55ac6b5) ([merge request](gitlab-org/gitlab!71223)) +- [Make it possible to define custom request duration thresholds](gitlab-org/gitlab@5c52eddb1487a2876f0589affaf8a746ff84b3e9) ([merge request](gitlab-org/gitlab!69877)) +- [Implement rate-limiting for a deprecated API endpoint](gitlab-org/gitlab@5b9e642e5b591fa0cc5bbbddc18530cafa4e1c22) ([merge request](gitlab-org/gitlab!70310)) +- [Extend EE::Types::Ci::PipelineType with dast_profile](gitlab-org/gitlab@ea048ea3ab508a3d7f573adb0ee978f0cf1325fe) ([merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/69808)) **GitLab Enterprise Edition** +- [Add `links` and `message` field to VulnerabilityType](gitlab-org/gitlab@3360a18c7fa4ae8a4b452b86ca8adb21454f73d1) ([merge request](gitlab-org/gitlab!71207)) **GitLab Enterprise Edition** +- [Allow relate quick action on issue create](gitlab-org/gitlab@763d5577565ce9b14d99b87577a9ac17b95fbb7f) ([merge request](gitlab-org/gitlab!71193)) +- [Allow plus character in project names](gitlab-org/gitlab@22714f512393017b538b8995ecb270c12deeddbd) by @lzampier ([merge request](gitlab-org/gitlab!67997)) +- [Render frontmatter codeblock in the Content Editor](gitlab-org/gitlab@d84bcddf3a3c6c0b188a5a7a09ba49ae347c1eaa) ([merge request](gitlab-org/gitlab!70854)) +- [Add support for wbr in content editor](gitlab-org/gitlab@772f061eac6bd4cca2c3511f9978d0d246c3cd2a) ([merge request](gitlab-org/gitlab!69365)) +- [Enable live tracking and enforcement of CI minutes](gitlab-org/gitlab@55adb3a7e1fabb9a20bf4dcd7a08dcd5ad09097e) ([merge request](gitlab-org/gitlab!71072)) **GitLab Enterprise Edition** +- [Send "setup for company" in trial form to CustomersDot](gitlab-org/gitlab@b7e4d09eeb8f83194032e1463d126a4a9d2a4a6d) ([merge request](gitlab-org/gitlab!70569)) +- [Perform validations on the parent of a namespace/group by default](gitlab-org/gitlab@5dd7051f880f01a5ee0d43e7472c46c0de824352) ([merge request](gitlab-org/gitlab!70365)) +- [Added support for test coverage badge color configuration](gitlab-org/gitlab@13ca69c7e4cf42c47a8c99f33a5e8bc7ed511357) by @szaboi ([merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/69164)) +- [Move cluster agent GraphQL mutations and supporting services to core](gitlab-org/gitlab@8e45ef80d137f4b76008ac1e1044d6f38cf61823) ([merge request](gitlab-org/gitlab!70887)) +- [Move cluster agent GraphQL types and resolvers to core](gitlab-org/gitlab@5f54a7c09133de4a833390b1b510af02744da9f8) ([merge request](gitlab-org/gitlab!70759)) +- [Address the PK Overflow risk for the taggins - Step 3](gitlab-org/gitlab@f9b8e8d7c55b8959468b6f1594ea83c965b9e5c3) ([merge request](gitlab-org/gitlab!69639)) +- [Remove i_testing_metrics_report_artifact_uploaders feature flag](gitlab-org/gitlab@1a4f15be1a8c12c96a70463b8e1b2c3e01cfcd1d) ([merge request](gitlab-org/gitlab!70957)) +- [Remove usage_data_i_testing_test_case_parsed feature flag](gitlab-org/gitlab@af7d2e9f6926914fc6fee750c466b15e44e1a9f3) ([merge request](gitlab-org/gitlab!70953)) +- [Enable FF "paginated_tree_graphql_query" by default](gitlab-org/gitlab@ade0b92eb1736575e4e6530db5920cd1222a8bed) ([merge request](gitlab-org/gitlab!70913)) +- [Add user permissions for runners in GraphQL API](gitlab-org/gitlab@8d9c658cb4a2b952407779f7a64b0dc11960195f) ([merge request](gitlab-org/gitlab!70809)) +- [Always enable the database load balancer](gitlab-org/gitlab@f38900c90d7ff75eaeaf15265d177e4b1fae5c22) ([merge request](gitlab-org/gitlab!68042)) +- [Add endpoints for project relations exports](gitlab-org/gitlab@5e9ebbd16ea73d22f41e3aa9f005cb532fe5f0cc) ([merge request](gitlab-org/gitlab!70330)) +- [Upgrade Pages to 1.45.0](gitlab-org/gitlab@8853ba52e3a2bd66051b845f47b67b6eef9916b3) ([merge request](gitlab-org/gitlab!70752)) +- [Support FIFO/LIFO process modes to Resource Group](gitlab-org/gitlab@a100cb945bc9bcd4c531c1889059f8a8f6e29e61) ([merge request](gitlab-org/gitlab!67015)) +- [Add documentation to Files API Rate Limits](gitlab-org/gitlab@3da4af85c9bbf210b8adde556ebb255700fc2983) ([merge request](gitlab-org/gitlab!68645)) +- [Add security_orchestration_policy to pipeline source filter](gitlab-org/gitlab@b5a6dfec3faf5c7df11e3a68c30ce642aeabf49b) ([merge request](gitlab-org/gitlab!69985)) **GitLab Enterprise Edition** +- [Add sign-in count to external pipeline validation](gitlab-org/gitlab@838d1f55a83cdbf00b7d99206156fac351115aaf) ([merge request](gitlab-org/gitlab!70668)) +- [Add negated issueType filter to issue resolver (group and project)](gitlab-org/gitlab@4cca803a06aad048f7478b8eb51c6934958b3bc6) ([merge request](gitlab-org/gitlab!70635)) +- [Add clone issue to REST API](gitlab-org/gitlab@33e9e55a35631392ce88f4a4823d11d0ae3cc797) ([merge request](gitlab-org/gitlab!57740)) +- [Add runner_features column to ci_builds_metadata](gitlab-org/gitlab@319d59940117374d3bebf7fa53d55b7bc3c19763) ([merge request](gitlab-org/gitlab!70189)) +- [Extend /help/instance_configuration with Git LFS rate limit](gitlab-org/gitlab@455ad3b28580c1da1f6a5cea6a2f37794e07dd72) by @wwwjon ([merge request](gitlab-org/gitlab!70397)) +- [API: Add endpoint to reset runner authentication token](gitlab-org/gitlab@c2e34204a0b6ef305ac76a68f9f7c9216eb0f379) by @KyleFromKitware ([merge request](gitlab-org/gitlab!69561)) + +### Fixed (96 changes) + +- [Fix Analytics Author filters](gitlab-org/gitlab@17c9eb627e135ce61b51c81a541d844602cb4305) ([merge request](gitlab-org/gitlab!72492)) +- [Allow maintainers to set MR approval settings](gitlab-org/gitlab@de58cb9ca02037b4df2fc2f14040503026ddf5b7) ([merge request](gitlab-org/gitlab!72493)) **GitLab Enterprise Edition** +- [Fix: update links in billing page](gitlab-org/gitlab@c8d6f73497df3080b5080977f3fe03085e1506fe) by @orozot ([merge request](gitlab-org/gitlab!72259)) **GitLab Enterprise Edition** +- [Update onboarding template project](gitlab-org/gitlab@1f5160ad9e8a2dcfcc5f628f525734e423bb75b9) ([merge request](gitlab-org/gitlab!72355)) **GitLab Enterprise Edition** +- [Fix handling Service Ping response DevOps metrics](gitlab-org/gitlab@e06fe59cd272e35a2009f499a006f7da8ae7640f) ([merge request](gitlab-org/gitlab!72344)) +- [Add guard clause to ensure incoming params](gitlab-org/gitlab@0f3b20cde204f1cb28dce6e7c794fac0cd5a0a64) ([merge request](gitlab-org/gitlab!72241)) +- [MR Analytics: Add pipelines sanity check](gitlab-org/gitlab@f204f965a9fbd875b2491ec88d77c9f7558dec49) ([merge request](gitlab-org/gitlab!72210)) **GitLab Enterprise Edition** +- [Replace calls to LoadBalancing with ::Gitlab::Database::LoadBalancing](gitlab-org/gitlab@d54189d088a90daa7f1fda4bea2334acf5b172b5) ([merge request](gitlab-org/gitlab!72205)) +- [Change shared runner settings on import on conflict with group](gitlab-org/gitlab@e5680f9350f863c2ad2e14e5d495ae8df5aa413e) ([merge request](gitlab-org/gitlab!71846)) +- [Fix undefined method `use_primary!' error in GDK](gitlab-org/gitlab@5c3638936934b90049c0bf5a8d9f017fb721e750) by @leetickett ([merge request](gitlab-org/gitlab!72247)) +- [Guard against exceptions from unfound DiffNotes](gitlab-org/gitlab@580072f86097f4156fc01eb16863b7e746c2a4fb) ([merge request](gitlab-org/gitlab!72242)) +- [Replace success button in the add linked issue](gitlab-org/gitlab@7d3d847c76e6dbd7bfcd357ffb31236860419aed) ([merge request](gitlab-org/gitlab!72211)) +- [Ensure correct group for DA chart](gitlab-org/gitlab@0065f5a8db8410868566e58e9c4af31015cf8162) ([merge request](gitlab-org/gitlab!72176)) **GitLab Enterprise Edition** +- [Fix cut-off dropdown in board breadcrumbs](gitlab-org/gitlab@49feed59a9f572f3210e353b5b5816717a414bfe) ([merge request](gitlab-org/gitlab!72168)) +- [Fix non-restarted skipped bridge jobs](gitlab-org/gitlab@ad8ffd504c5898570666a1789ef463c0030196ee) ([merge request](gitlab-org/gitlab!72141)) +- [Don't run WAL queries when not using replicas](gitlab-org/gitlab@9599f8669a9395d5193be1b226b4c136f28f8e90) ([merge request](gitlab-org/gitlab!71736)) +- [Enable syntax highlighting for new files](gitlab-org/gitlab@4d0a4fc7b0cc9ec616a67853b97cd96e731d2ed6) ([merge request](gitlab-org/gitlab!71801)) +- [Add go, nuget, and sbt to Dependencies API filters](gitlab-org/gitlab@1d996aa6ecefeea103fa05f02131000918d08b7c) ([merge request](gitlab-org/gitlab!72022)) **GitLab Enterprise Edition** +- [Present sbt, nuget, and go in Dependency List page](gitlab-org/gitlab@e2907ff57a11be60f3bb1c8dc8157de0a00d8156) ([merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/72021)) **GitLab Enterprise Edition** +- [Fix detail page of NuGet package with missing metadata](gitlab-org/gitlab@412acd19f95c5a56699c9cb248afd31e8f0a3476) by @wwwjon ([merge request](gitlab-org/gitlab!72013)) +- [Remove local form errors flash](gitlab-org/gitlab@52ea002f636cae726fb452ad4146919c0f700d4a) ([merge request](gitlab-org/gitlab!71945)) +- [Make CI minutes consumption increment idempotently](gitlab-org/gitlab@f82d4f06987fc7736e0d0fc84c8cfdfd2b7d938f) ([merge request](gitlab-org/gitlab!71840)) **GitLab Enterprise Edition** +- [Boards - Sort closed issues by closedAt date](gitlab-org/gitlab@c89f00d681dab5ff00096913af170f043b052e10) ([merge request](gitlab-org/gitlab!71698)) +- [Gracefully track errors raised by sending CI minutes notifications](gitlab-org/gitlab@2036f9a11fc272cf5cb6e0ecbaae5eeefa454df3) ([merge request](gitlab-org/gitlab!71815)) **GitLab Enterprise Edition** +- [Add IssuesFieldExtension to set relative positions](gitlab-org/gitlab@5c62b8c87c22a8d722c66bdeaf475f01bc1a29f8) ([merge request](gitlab-org/gitlab!71164)) +- [Update strategies used for DB count approximation for read-only DB](gitlab-org/gitlab@09a35759c3de4665cd3b7769eaf82a11de32d03d) ([merge request](gitlab-org/gitlab!71925)) +- [Mark the `created_at` attribute as read-only to prevent updating it](gitlab-org/gitlab@21d7ee36bb6e11fe2d1b51a3ab5cf0734efae0f2) ([merge request](gitlab-org/gitlab!71399)) +- [Disable caching of MergeToRefService call in mergeability check](gitlab-org/gitlab@36f8fbf83cdf7e539165bc73f742bfd2e39a0290) ([merge request](gitlab-org/gitlab!71909)) +- [Return the correct project in job/allowed_agents API response](gitlab-org/gitlab@95364c467bcf2e3765f58fef18b8d759031022af) ([merge request](gitlab-org/gitlab!71876)) +- [Use pessimistic locking when accessing Terraform state](gitlab-org/gitlab@ac3916a5d29d16de4ce8359d0d100dace6e82e24) ([merge request](gitlab-org/gitlab!71873)) +- [Sanitize given scan types before querying the security_scans](gitlab-org/gitlab@a06867f1eb2e7c091be0067eb1b10b7071b2f512) ([merge request](gitlab-org/gitlab!71836)) +- [Fix auto-renew of LetsEncrypt domains for Pages](gitlab-org/gitlab@b3a7e0d5268b90722a372674ad7f0c248a6e9872) ([merge request](gitlab-org/gitlab!71697)) +- [Show hint if input value is invalid](gitlab-org/gitlab@b1b2a440e4afd624559153c697a50a5c1ee37e7c) ([merge request](gitlab-org/gitlab!71582)) **GitLab Enterprise Edition** +- [Fix inline JavaScript HAML linter not working](gitlab-org/gitlab@8f32460266e31bad3f66155df31735a34a756328) ([merge request](gitlab-org/gitlab!71798)) +- [Add ON DELETE constraint to security_policy_management_project_id](gitlab-org/gitlab@402154b0df873e6edb91267980b27ef5a4e231dc) ([merge request](gitlab-org/gitlab!71391)) +- [Fix merge request approvals accordion](gitlab-org/gitlab@016ac9c025e5ed11e208dba86f5af8609e1dc0d1) ([merge request](gitlab-org/gitlab!69252)) **GitLab Enterprise Edition** +- [Fix undefined method error in validate_remote_git_endpoint service](gitlab-org/gitlab@a93a088faecdd667c76790c47e2bae00b6d203dc) ([merge request](gitlab-org/gitlab!71670)) +- [Hide filters UI in Roadmap within epic page](gitlab-org/gitlab@c35f81070d988c0a1c5d337245c1ac20de29761c) ([merge request](gitlab-org/gitlab!71726)) **GitLab Enterprise Edition** +- [Fix storing first_mentioned_in_commit_at attribute](gitlab-org/gitlab@900db121a1e2914656ad8678b00f25e93d076515) ([merge request](gitlab-org/gitlab!71639)) +- [Redirect Geo git push operations to primary external URL](gitlab-org/gitlab@98780b7eb910720fdc4ded20dd7f6ba3f39d8e27) ([merge request](gitlab-org/gitlab!71711)) **GitLab Enterprise Edition** +- [Fix spacing between note badges](gitlab-org/gitlab@f629eb9b3ab799815fb0e6d05dc186840ed6d369) by @TaehyeokKang ([merge request](gitlab-org/gitlab!71208)) +- [Fix project statistics Uploads](gitlab-org/gitlab@7ebd4cb24c56cb8a26082ca06242d5ab5823dfad) by @guillaume.chauvel ([merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/71370)) +- [Move required styles for issue-token to core](gitlab-org/gitlab@297c1112d5cce610f98e1189d13c00465d27949e) by @michael.telgkamp ([merge request](gitlab-org/gitlab!71531)) +- [Fix default values for the deprecated API throttle](gitlab-org/gitlab@86cb92849da9ed37a1f9962613eb4c366f270f8b) ([merge request](gitlab-org/gitlab!71449)) +- [Fix dependency proxy image prefix](gitlab-org/gitlab@f4c9a981b55492c53b9d233846d6364a4e344649) ([merge request](gitlab-org/gitlab!71511)) +- [Upgrade mermaid-js to v8.13.2](gitlab-org/gitlab@0dc2971222642e39b3af5a6832f50a57586dcc94) ([merge request](gitlab-org/gitlab!71415)) +- [Don't retry errors when there are no replicas](gitlab-org/gitlab@0f27854a100931c96d18b79b9d903511c352405c) ([merge request](gitlab-org/gitlab!71489)) +- [Delete issues css](gitlab-org/gitlab@97ffda63a12a951e8a5bce650487ce319b0196b0) ([merge request](gitlab-org/gitlab!71478)) +- [Use GlAlert for external issues list errors](gitlab-org/gitlab@824b40be15edf9744ac06f52f55dcf6ee229b4ff) ([merge request](gitlab-org/gitlab!71256)) **GitLab Enterprise Edition** +- [Fix tabs switching between tree and roadmap](gitlab-org/gitlab@25e066d8364bb7127668bfbdc3f8fbce72dea9a7) ([merge request](gitlab-org/gitlab!71398)) **GitLab Enterprise Edition** +- [Fix: change dropdown background to transparent](gitlab-org/gitlab@87cec043a6eecba6189e61ea4dec5d6295b830b1) by @orozot ([merge request](gitlab-org/gitlab!71264)) +- [Use GlAlert for integrations table errors](gitlab-org/gitlab@14123f51ffd9aa3ad202845f9ef98fbf2822eb3d) ([merge request](gitlab-org/gitlab!71255)) +- [Removes reporting on non-existant failures for import rake task](gitlab-org/gitlab@2c6af766cf1044f730e325b4043e48f187c15ce3) ([merge request](gitlab-org/gitlab!71402)) +- [Fix compliance framework labels readability](gitlab-org/gitlab@645b035a9e2c97e20e6a350d780658a6a93108ff) ([merge request](gitlab-org/gitlab!71301)) **GitLab Enterprise Edition** +- [Fix clipped broadcast message on login page when using custom header](gitlab-org/gitlab@593862859242f4318d935bc3529ee34547fc9f81) ([merge request](gitlab-org/gitlab!71227)) +- [Fix issue search optimization in GraphQL](gitlab-org/gitlab@e0dee49402c289c4a53c16297e2f2da09aa81809) ([merge request](gitlab-org/gitlab!71351)) +- [Expand template names when tracking inclusion](gitlab-org/gitlab@223a3c66bae0af4b233663d0f7cf6cd523229c24) ([merge request](gitlab-org/gitlab!71157)) +- [Fix incorrect date in type of work chart](gitlab-org/gitlab@56ef35edb7d7ab0d68a61676b7f8d24262780713) ([merge request](gitlab-org/gitlab!71350)) **GitLab Enterprise Edition** +- [Fix: translate upload license tips](gitlab-org/gitlab@b5bb563377d941bd8db979242345cc61da1a0c98) by @orozot ([merge request](gitlab-org/gitlab!70640)) **GitLab Enterprise Edition** +- [Reapply table-layout fixed in repository file list](gitlab-org/gitlab@b20c171a54f1414cf5b98e4b1d086ed53e943103) ([merge request](gitlab-org/gitlab!71327)) +- [Global Search - Upvote Tooltip Alignment](gitlab-org/gitlab@08e0e2c0adb067d5cbe8af9ed2786b54ebc2f14d) ([merge request](gitlab-org/gitlab!71226)) +- [Prevent group wiki writes on read-only DBs](gitlab-org/gitlab@900b071936852a0675efd8938115f836284b5709) ([merge request](gitlab-org/gitlab!71314)) **GitLab Enterprise Edition** +- [Fix incorrect trigger of issue/epic autocomplete](gitlab-org/gitlab@09faec22a1ded63f52201d62edc43382161e5f29) ([merge request](gitlab-org/gitlab!71191)) **GitLab Enterprise Edition** +- [Fix Web IDE renaming empty content](gitlab-org/gitlab@04340139969234f992dd69bd0c807b3439afbee1) ([merge request](gitlab-org/gitlab!71130)) +- [Fix milestone references in group context](gitlab-org/gitlab@c91b498592b73039a5d68e43e31359e8e55b6021) ([merge request](gitlab-org/gitlab!71269)) +- [Value of `lock_memberships_to_ldap` should not affect authorizations](gitlab-org/gitlab@deb229258b6e659695dfc5df0de6f378ecc36cad) ([merge request](gitlab-org/gitlab!71253)) +- [Remove file upload type restirction](gitlab-org/gitlab@32563ed72ca7aaca330bd8f8a2d1223127a11453) ([merge request](gitlab-org/gitlab!71082)) +- [Fixed post merge ci status bug](gitlab-org/gitlab@b21dc4140ff30c16c571afdad29a0dba6f639d8e) ([merge request](gitlab-org/gitlab!70719)) +- [Generate startup css as if com_and_canary](gitlab-org/gitlab@64eaa2de7dee16fff0d62b4231cc2b1631f0171f) by @leetickett ([merge request](gitlab-org/gitlab!71134)) +- [Disable form on admin appearance sign-in page preview](gitlab-org/gitlab@4060fbbb578246b9d4acc6d2a534add63cfd397c) ([merge request](gitlab-org/gitlab!70736)) +- [Add connection fallback to ActiveRecordProxy](gitlab-org/gitlab@b1b48aa28b302914c317f51beca546707ffda367) ([merge request](gitlab-org/gitlab!71059)) +- [Update GitLab Shell to v13.21.1](gitlab-org/gitlab@ec1e172b96d2186ec0b914a95850e3ae353ccb0f) ([merge request](gitlab-org/gitlab!71037)) +- [Fix Australian timezone abbreviations in tooltips](gitlab-org/gitlab@5451d41c1586cc83525178734b7c45b0b5234075) ([merge request](gitlab-org/gitlab!70723)) +- [Merge branch 'jswain_combined_registration_auto_trial_params' into 'master'](gitlab-org/gitlab@4d1d5a4bc1dcc7b4c5969cc0c3cebf0dbbd665f3) ([merge request](gitlab-org/gitlab!70823)) **GitLab Enterprise Edition** +- [Provide namespace_id default value](gitlab-org/gitlab@45dfc11d0858e731d1544f98f93a193166e5ad92) ([merge request](gitlab-org/gitlab!70823)) +- [Fix CSV issues import max file size message](gitlab-org/gitlab@f0e9076caeab2a8d786ad06128832c0abf4e41c6) by @JonstonChan ([merge request](gitlab-org/gitlab!68223)) +- [Fix unmet prerequisites help URL](gitlab-org/gitlab@8b798847612a5ce3386d6dfb6df0371d5aea4e4b) ([merge request](gitlab-org/gitlab!70976)) +- [Fix polling on vuln details page](gitlab-org/gitlab@5dd1f8c11e06a61476425db0696e292af09d2407) ([merge request](gitlab-org/gitlab!70961)) **GitLab Enterprise Edition** +- [Fix rule all branches not using monospace font](gitlab-org/gitlab@fe0df34d5f291d7eac1129bc15f5ac722b24c544) ([merge request](gitlab-org/gitlab!70943)) **GitLab Enterprise Edition** +- [Fix sum of LFS objects size with identical value](gitlab-org/gitlab@d2b2d298e41fdf237e40c404c005cea7a0924686) by @guillaume.chauvel ([merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/70610)) +- [Fix project group share setting wording](gitlab-org/gitlab@56cedf5ba1f0437784ced6855922386d770bf4ff) ([merge request](gitlab-org/gitlab!70636)) +- [Fix gitaly-backup TLS connections](gitlab-org/gitlab@e36cf16acc44cb223aee93b4d36c4d0281f3476f) ([merge request](gitlab-org/gitlab!70883)) +- [Fix Content-Disposition header not working in Azure Blob storage](gitlab-org/gitlab@e586b6e3a58d66850ac32924c9ad1342daf24f1b) ([merge request](gitlab-org/gitlab!70874)) +- [Handle ConnectionNotEstablished in the DB LB](gitlab-org/gitlab@cf3a0e3580c8649f1e2abe2f620993f739c3dba9) ([merge request](gitlab-org/gitlab!68042)) +- [MR Analytics: Add yAxis formatter](gitlab-org/gitlab@9d7769a3a90ddd1712d5f1e6633d5f102a2a59e2) ([merge request](gitlab-org/gitlab!70573)) **GitLab Enterprise Edition** +- [Remove unnecessary route](gitlab-org/gitlab@d7b1c4dea176e84c706580806984ffa11753be7f) ([merge request](gitlab-org/gitlab!70277)) +- [Fix address requires string literal i18n helpers](gitlab-org/gitlab@ee4394c4237fcd65a1e9d0597603210034634988) by @elcordova ([merge request](gitlab-org/gitlab!70767)) +- [Fix DB connection check for Geo user routing](gitlab-org/gitlab@f908364d9888fa4cd37c6e5ca2555f1b936a9f39) ([merge request](gitlab-org/gitlab!70621)) **GitLab Enterprise Edition** +- [Update to commonmarker gem 0.23.2](gitlab-org/gitlab@57c5bad16c533bf7937f56bc05cbcc6a3d72004a) ([merge request](gitlab-org/gitlab!70612)) +- [Focus on input when dropdown is shown on issue creation page](gitlab-org/gitlab@00a431b287132f8b833cf10ad99a2e61d50ec9e8) ([merge request](gitlab-org/gitlab!70703)) +- [Replace public_send with send in doctor rake task](gitlab-org/gitlab@386ee2b5f21a5a8184ee78350f11a12803d118e1) ([merge request](gitlab-org/gitlab!69062)) +- [Open sidebar after user creates a new item in boards](gitlab-org/gitlab@a8304104fe5158369354377df8a35001ec576e29) ([merge request](gitlab-org/gitlab!70352)) +- [Geo: Fix maintenance mode causing Unhealthy secondary status](gitlab-org/gitlab@01551e03a1313d3f95dca66b5d27082ec59506b8) ([merge request](gitlab-org/gitlab!70010)) **GitLab Enterprise Edition** +- [Allow BoardListType.issues to filter by negated issueType in GraphQL](gitlab-org/gitlab@9debb183be68909ff7bf61adfaa02fb3a7e1b2e9) ([merge request](gitlab-org/gitlab!70554)) +- [Add additional properties to policy_details helper](gitlab-org/gitlab@5645f93c630fe14fad2c418bc635cedde47c56b2) ([merge request](gitlab-org/gitlab!70553)) **GitLab Enterprise Edition** +- [Persist feedback alert for SAST Configuration](gitlab-org/gitlab@3343c3171a3e6ea202ca5f9db3751799fe8c6222) ([merge request](gitlab-org/gitlab!70517)) **GitLab Enterprise Edition** + +### Changed (80 changes) + +- [Implement Dependency proxy via Workhorse injectors](gitlab-org/gitlab@b3e6d6c37efba1418ecb33f6037582b1f8553f99) ([merge request](gitlab-org/gitlab!71890)) +- [Added v-scrolling to both editors](gitlab-org/gitlab@2802a43f2f97f987ba0ddaeafc36c8c90beaeb6f) by @mehulsharma ([merge request](gitlab-org/gitlab!71136)) +- [Update auto-deploy-image to v2.14.0](gitlab-org/gitlab@354fb973fc32958dd81dd70b5ab516f4ee26d9a8) ([merge request](gitlab-org/gitlab!72027)) +- [Adjust update_runners_registration_token permission](gitlab-org/gitlab@6182eecf3b3a466864c2c192b4fcef9908822eeb) ([merge request](gitlab-org/gitlab!71965)) +- [Remove feature flag member_destroy_async_auth_refresh](gitlab-org/gitlab@edde4d7ffabb30f69691f6bd99e06c82b4dfab8a) ([merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/72338)) +- [Disable create list button after clicked once](gitlab-org/gitlab@8d8de87a0be0628f23a1cda888a11559a079167c) ([merge request](gitlab-org/gitlab!72048)) +- [Preselect all projects in group coverage analytics](gitlab-org/gitlab@88d4f5793b3d1f05675ca896d7514a7d1deb5243) ([merge request](gitlab-org/gitlab!72051)) **GitLab Enterprise Edition** +- [Allow longer Helm channel names](gitlab-org/gitlab@7e57516919e5cee8ae8c38890d4b8a18d10e54f0) by @sathieu ([merge request](gitlab-org/gitlab!71806)) +- [Enable create_vulnerabilities_via_api by default](gitlab-org/gitlab@1a635aa386c3fb1dd6d6369fbfcbe16015aa85df) ([merge request](gitlab-org/gitlab!72204)) **GitLab Enterprise Edition** +- [Use allowlist of allowed attributes for imported models](gitlab-org/gitlab@3f30823920caef67d589e6f06c1cee2380d3d080) ([merge request](gitlab-org/gitlab!71296)) +- [Refactor the usage of Secret Scanning to Secret Detection](gitlab-org/gitlab@48d35ae9509bc14affc7bd52fdd415f7b21b1434) ([merge request](gitlab-org/gitlab!71824)) +- [Improve Git HTTPS message given when Gitaly unavailable](gitlab-org/gitlab@772df282e60924413931e0b0736fe11d94f4d3de) ([merge request](gitlab-org/gitlab!71120)) +- [Remove `performance_roadmap` ff and legacy code](gitlab-org/gitlab@7be12de8acaa583818cb370f566a8e4d394b4259) ([merge request](gitlab-org/gitlab!71828)) **GitLab Enterprise Edition** +- [Respect security scanner schema](gitlab-org/gitlab@b7ea3dc21229f8c6a59087aca5b2e8c0368645f2) ([merge request](gitlab-org/gitlab!69961)) **GitLab Enterprise Edition** +- [Default enable use_upsert_query_for_mr_metrics FF](gitlab-org/gitlab@37723ac46e66416d1a7cb3e661d51f5525ba3d8b) ([merge request](gitlab-org/gitlab!72120)) +- [Support Jira Connect asymmetric JWTs](gitlab-org/gitlab@e100bd3dfbf08eb27f2ee2c3b84438931144cf00) ([merge request](gitlab-org/gitlab!71080)) +- [Improve translatability of email confirmation page](gitlab-org/gitlab@2809b8bbe0a1b8913ad097473612c17d09951db1) ([merge request](gitlab-org/gitlab!71165)) +- [Remove vulnerability flags feature flag](gitlab-org/gitlab@d80460b160b2fb2f6704c10ea5108dee4785457e) ([merge request](gitlab-org/gitlab!71966)) +- [Styling updates of the protected environments edit access dropdown](gitlab-org/gitlab@6582038a0b3dda66199cc4a309aae6a35ba70e98) ([merge request](gitlab-org/gitlab!71119)) **GitLab Enterprise Edition** +- [Clean up oauth buttons on sign in/up](gitlab-org/gitlab@72e5bf594fed8112539c89f97f77ba5bf81f708a) ([merge request](gitlab-org/gitlab!71263)) +- [Improve merge train help text](gitlab-org/gitlab@c28b6bbd3c78d76f32816c51f006ea1ffb7e150c) ([merge request](gitlab-org/gitlab!71687)) **GitLab Enterprise Edition** +- [Update branch name to use monospace](gitlab-org/gitlab@cd6c3b3ccebb3a18bead8e572e509b7edc863eb2) ([merge request](gitlab-org/gitlab!71393)) **GitLab Enterprise Edition** +- [Remove redundant help text from runners](gitlab-org/gitlab@a0e98ddbd79b557fb97c1a9164bb14f47efc2669) ([merge request](gitlab-org/gitlab!71915)) +- [Proxy Geo secondary HTTP pushes + lfs through Workhorse](gitlab-org/gitlab@f1812b88bd4498051cc2b011127dba8c6448f725) ([merge request](gitlab-org/gitlab!71732)) **GitLab Enterprise Edition** +- [Update compliance report title and navigation](gitlab-org/gitlab@906d78136dd1f7812e4af5c55c7f6ecfe1a438b2) ([merge request](gitlab-org/gitlab!71383)) **GitLab Enterprise Edition** +- [Change MR draft status notification from flash to tast](gitlab-org/gitlab@9aee4d3ef920636c2a0e51331efc796b6e4ae028) ([merge request](gitlab-org/gitlab!71887)) +- [Allow minimal access value for UserHighestRole](gitlab-org/gitlab@a1165f69aaa0e62b9effd0733185ff2bd4fc45ab) ([merge request](gitlab-org/gitlab!71814)) **GitLab Enterprise Edition** +- [Add jsonb field for Finding Evidence](gitlab-org/gitlab@679ebf13709aa8440e58baa05539ad72b6e12e9b) ([merge request](gitlab-org/gitlab!70097)) +- [Geo: Increase reliability of certain one-time jobs](gitlab-org/gitlab@b731a55c30cf8cbfd38fefc46659de1fe6a6d0f4) ([merge request](gitlab-org/gitlab!71419)) **GitLab Enterprise Edition** +- [Geo: Reduce unnecessary resource usage](gitlab-org/gitlab@a3bfd4b6cc11ecae16d9414c8d3337c0383271fa) ([merge request](gitlab-org/gitlab!71419)) **GitLab Enterprise Edition** +- [Geo: Reduce unnecessary resource usage](gitlab-org/gitlab@93127cfc6803616db47b321a826e643c1468d75a) ([merge request](gitlab-org/gitlab!71419)) **GitLab Enterprise Edition** +- [GithubImporter: Format diff note suggestions to the gitlab format](gitlab-org/gitlab@e4f59f2ecb0dd9958ab48c50dcd42ee0c6517ea8) ([merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/71411)) +- [system_check: Bump minimum required Git version to v2.33.0](gitlab-org/gitlab@8094ba64d14af82094fbcdcacc3d54c7aecee09f) ([merge request](gitlab-org/gitlab!71813)) +- [Update SAST config primary action button variant](gitlab-org/gitlab@105b5e63a55545868c3a26b8fdfd8ed7939bb2d4) ([merge request](gitlab-org/gitlab!71783)) **GitLab Enterprise Edition** +- [Add rake task to pause or resume elastic indexing](gitlab-org/gitlab@6a60c27a05219d16980c924fffe6231cc1f4ef9d) ([merge request](gitlab-org/gitlab!71426)) **GitLab Enterprise Edition** +- [Changed cluster type badge to gitlab-ui element](gitlab-org/gitlab@f39cda9d1d654f58d379345db0eabfc23290f2a1) ([merge request](gitlab-org/gitlab!71504)) +- [Move advanced_search_multi_project_select FF to user actor](gitlab-org/gitlab@1d43d927e587d3fff1ec94404c442da11033fdee) ([merge request](gitlab-org/gitlab!71416)) **GitLab Enterprise Edition** +- [Implement Dependency proxy via Workhorse injectors](gitlab-org/gitlab@c9c9a36a7decac3a0ee6986d4e42730814ccb250) ([merge request](gitlab-org/gitlab!68157)) +- [Replace namespaces unique index on name and parent_id](gitlab-org/gitlab@db628d9df92faaee0b50bef7a1b525c2c2f974dc) ([merge request](gitlab-org/gitlab!71390)) +- [Remove orchestration policies feature flag](gitlab-org/gitlab@705218f2d9be1d17f70f2dcaa91ac81c18827bb0) ([merge request](gitlab-org/gitlab!71516)) **GitLab Enterprise Edition** +- [Redirect threat_monitoring policies endpoints](gitlab-org/gitlab@a07a65b574471cf6b19a02b39140327455f0e4f5) ([merge request](gitlab-org/gitlab!71517)) **GitLab Enterprise Edition** +- [Add tooltips to runners badges](gitlab-org/gitlab@7e0ab139085e6b3da86b4be1dfafb42b7d043b16) ([merge request](gitlab-org/gitlab!71404)) +- [Remove beta badge from GitLab Migration](gitlab-org/gitlab@b7fb1e66ebc384d67623c5ce3a287c41e9c851cd) ([merge request](gitlab-org/gitlab!71643)) +- [Show author badge in comments](gitlab-org/gitlab@4a90dc4244ad54b9518d1818d2fcf2efb869e93c) ([merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/40198)) +- [Toggle banner using suggest_pipeline_enabled application setting](gitlab-org/gitlab@fac9b2b23bc60c0a53d7a1b7a950ed46d8b38ab9) ([merge request](gitlab-org/gitlab!71015)) +- [Enable merge requests discussions cache](gitlab-org/gitlab@de3fa103478f104456ccdab85efe752178c03c92) ([merge request](gitlab-org/gitlab!71635)) +- [Edit UI text of Abuse reports settings](gitlab-org/gitlab@2549f52084da0f575d1584b3c0afd73abfe60ffc) ([merge request](gitlab-org/gitlab!71276)) +- [Prevent Workhorse panics when Geo proxy URL is unset](gitlab-org/gitlab@b3d88bdafdcbdf97eebd52596c4cd6967d3a4c26) ([merge request](gitlab-org/gitlab!71285)) **GitLab Enterprise Edition** +- [Improve deployment information on Jira Cloud app](gitlab-org/gitlab@1b0cbfb845f387eaa9e67edfcb1e504592623fb2) by @rbordignon ([merge request](gitlab-org/gitlab!70880)) +- [Migrate branches nav from Bootstrap tabs to GlTabs](gitlab-org/gitlab@2b8a42b251094f9d811a6ba71cb03a4b9deddf55) ([merge request](gitlab-org/gitlab!71461)) +- [Allow dots in Helm channel, but forbid repeated dots](gitlab-org/gitlab@de0602ad3197e37ac0d6a59f0271c3141dd5a04e) by @sathieu ([merge request](gitlab-org/gitlab!69278)) +- [Remove analyzer_pipeline metrics join to ci_builds](gitlab-org/gitlab@f12722fd6c7e0e673c68e138632a6dabe9653039) ([merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/71210)) **GitLab Enterprise Edition** +- [Update cluster management project template with new version of Falco](gitlab-org/gitlab@ee66cfee8865be5b1a959097451aa25b1a198fba) ([merge request](gitlab-org/gitlab!71446)) +- [Update UI text in Group general settings](gitlab-org/gitlab@3b2b26758b6b6ea3af890190bf5eabc853c30c76) ([merge request](gitlab-org/gitlab!69869)) +- [Allow removal of cloud licenses](gitlab-org/gitlab@7f7e8de72eea09b7e51eb74c26e73698fed75a0d) ([merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/71481)) **GitLab Enterprise Edition** +- [Remove default value for time zone user preference](gitlab-org/gitlab@4840ed7f831c7d1fc6fd3a403b575bd0ed103c64) ([merge request](gitlab-org/gitlab!70834)) +- [Exclude secret_detection findings from autoresolution](gitlab-org/gitlab@231545fd4cb47598b21e0bb6fbc364dd749bfec9) ([merge request](gitlab-org/gitlab!71436)) **GitLab Enterprise Edition** +- [Enable repo size limit and ip restriction](gitlab-org/gitlab@30bdbd2a95cd5af7e040116ea447f36e56a0e0a2) ([merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/70912)) **GitLab Enterprise Edition** +- [Remove `async_filtering` feature flag](gitlab-org/gitlab@00bbc6810d5ac3099f3ee86c615587f36a7d6af3) ([merge request](gitlab-org/gitlab!71035)) +- [Convert ee/geo/db/schema.rb to ee/geo/db/structure.sql](gitlab-org/gitlab@e900df0bcc90d24bb939de6e247fed9871562d31) ([merge request](gitlab-org/gitlab!71222)) **GitLab Enterprise Edition** +- [Updated the Cluster Agent Token table heading](gitlab-org/gitlab@d59a4d4a385927eb39248a4b75a6fdd2d9353d2e) ([merge request](gitlab-org/gitlab!71197)) **GitLab Enterprise Edition** +- [Fix DB load balance autoloading/code-reloading](gitlab-org/gitlab@91b7cf3e70237cdbd00b4d7ba4a82d21b28dc435) ([merge request](gitlab-org/gitlab!71218)) +- [Remove "files" from end of default commit message in Web IDE](gitlab-org/gitlab@f096a5554a0743955d0706144cfc888c32947363) by @scootergrisen ([merge request](gitlab-org/gitlab!70582)) +- [Ensure merge request header strings are internationalized](gitlab-org/gitlab@60611e55051d2d5614054957ce4e5fae233924c0) ([merge request](gitlab-org/gitlab!71093)) +- [Add namespace_ancestry_ids migration](gitlab-org/gitlab@1fae3ce0c92aa764cdb15cb8438d3975dccb7ef1) ([merge request](gitlab-org/gitlab!70042)) **GitLab Enterprise Edition** +- [Update Copy on License Compliance CTA](gitlab-org/gitlab@c2dbfa7a023a0458008214bed0371b702faed78b) ([merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/70923)) **GitLab Enterprise Edition** +- [Remove download text from pipeline artifact dropdown items](gitlab-org/gitlab@466b1125e758fdf87bfe3a5944ac659d0dbae8bf) by @fabsrc ([merge request](gitlab-org/gitlab!70982)) +- [Add suggest_pipeline_enabled to application_settings](gitlab-org/gitlab@048800044f3a4d9c01d1977fc14559a1463cc4a1) ([merge request](gitlab-org/gitlab!70756)) +- [Update deprecated GlIcon size in IDE preview navigator](gitlab-org/gitlab@b2b4570795732a0eae4665f03f7f1c064d03e53b) by @jameschensmith ([merge request](gitlab-org/gitlab!70960)) +- [Block move and clone of requirement issues](gitlab-org/gitlab@3c18b544bbc2bb423e1ddc0a5c1944af48baf9d7) ([merge request](gitlab-org/gitlab!70439)) **GitLab Enterprise Edition** +- [Remove owner validation in AdditionalPack transfer](gitlab-org/gitlab@f5a1bcecabee1cc1ce91275026cec8c4f67b0035) ([merge request](gitlab-org/gitlab!70790)) **GitLab Enterprise Edition** +- [Update Rouge syntax highlighting gem](gitlab-org/gitlab@879628c8260b2b5813ce4d90a01a890bd0afe274) ([merge request](gitlab-org/gitlab!70738)) +- [Check anonymous search access in API endpoints](gitlab-org/gitlab@5c2f3a7758cbba21bb229f0680945bb25a08d221) ([merge request](gitlab-org/gitlab!70290)) **GitLab Enterprise Edition** +- [Merge boards Apollo client](gitlab-org/gitlab@32dd42f07bcc37e9ed4d077dd42ba501840bb292) ([merge request](gitlab-org/gitlab!70375)) +- [Bump swagger-ui-dist to 3.52.3](gitlab-org/gitlab@2d5caeba4714fcb860bc96789d2e40e1247bb39f) by @bufferoverflow ([merge request](gitlab-org/gitlab!70740)) +- [Assign trial to only eligible namespace](gitlab-org/gitlab@16e6aeddd380f87fb4b13c38f15d5f4b66f26ae2) ([merge request](gitlab-org/gitlab!70196)) **GitLab Enterprise Edition** +- [Remove cutoff logic for expiration message](gitlab-org/gitlab@6ff13cf0e1217bcd459ef2a7c1d82c70098a6889) ([merge request](gitlab-org/gitlab!70584)) **GitLab Enterprise Edition** +- [Replace "Any branch" with "All branches"](gitlab-org/gitlab@1b256d5a93c9a76b71d07f9ef4a4e7d08bf73a8c) ([merge request](gitlab-org/gitlab!70552)) +- [Re-organize Environment Action Buttons](gitlab-org/gitlab@528a22f0d7b4eda3a40b65c59f85d1b0eda44469) ([merge request](gitlab-org/gitlab!70228)) +- [Fix multiple translation strings](gitlab-org/gitlab@6609b9fa4e3433ffa66a0ebb680a909e1b19071e) by @scootergrisen ([merge request](gitlab-org/gitlab!70182)) + +### Removed (9 changes) + +- [Remove shared runners CTE FF](gitlab-org/gitlab@b47f6a628664b74d4f3aed1a1acf4b3178ac1cb2) ([merge request](gitlab-org/gitlab!72370)) +- [Remove bio-html and cached_markdown_version from user_details](gitlab-org/gitlab@c045bb54932fa708163aa59b65de6ffe598f3fbd) ([merge request](gitlab-org/gitlab!71663)) +- [Remove obsolete column for DevOps analytics](gitlab-org/gitlab@7fb3dcc912ad28fa859614ec099d746c8cd2d9d6) ([merge request](gitlab-org/gitlab!71907)) +- [Drop Delayed Project Removal column from Namespaces](gitlab-org/gitlab@6262b4c53d99eeac2146b919f8cf43264d4ce256) ([merge request](gitlab-org/gitlab!71077)) +- [Remove ignoring framework column for compliance project settings](gitlab-org/gitlab@973da3fc3a4b28a587c24118803d39b2998618d7) ([merge request](gitlab-org/gitlab!71634)) **GitLab Enterprise Edition** +- [Remove unused Debian distribution methods](gitlab-org/gitlab@bde080e16a3743523310c7b6929f26193bee835a) by @sathieu ([merge request](gitlab-org/gitlab!71502)) +- [Remove project_level_issues_analytics FF](gitlab-org/gitlab@deba920fce7df9aed3ddb0ed49c5f899f9ad6d5d) ([merge request](gitlab-org/gitlab!71382)) +- [Removed instance level serverless domains feature](gitlab-org/gitlab@e834417cb802979e6eba8073b5b6736b9168a8dc) ([merge request](gitlab-org/gitlab!71283)) +- [Remove feature flag `ci_parallel_minutes_reset`](gitlab-org/gitlab@e106986cd1349c73347fd83592ebd7d2e876ca8b) ([merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/71041)) **GitLab Enterprise Edition** + +### Security (34 changes) + +- [Add autocomplete attribute to most password fields](gitlab-org/gitlab@8a71c388de0e238b3e77e0dad55262023fb03533) ([merge request](gitlab-org/gitlab!72329)) +- [Rename profile password fields so password managers understand](gitlab-org/gitlab@16820a9eea57095918942771c51845972e5cd408) ([merge request](gitlab-org/gitlab!71237)) +- [Fix reverse tabnabbing issue](gitlab-org/gitlab@d133ec2ba23ea87e0bd8270a24341e9403757e01) ([merge request](gitlab-org/gitlab!71756)) +- [Use v-safe-html in project_list_item.vue](gitlab-org/gitlab@14c07dd906f3666119c4cb6b3c4e3c2e338a5e54) by @Fall1ngStar ([merge request](gitlab-org/gitlab!70730)) +- [Require password confirmation when user changes their primary email](gitlab-org/gitlab@086303a7529c480db08ee39173299f2ef4271b37) ([merge request](gitlab-org/gitlab!69439)) +- [Fix XSS in Jira link](gitlab-org/gitlab@406fa2dfc40f5b7c54fd329f88125c37b851c631) **GitLab Enterprise Edition** +- [Return 404 if model id wasn't passed to UploadsController](gitlab-org/gitlab@c5fac89577d5576c570486dab91d7af099043f42) +- [Scrub artifacts signed URL in SendEntry logs](gitlab-org/gitlab@e9d2f771e6ca5d0eb84e90fa1973f90356ffce7c) +- [Prevent double-impersonation and impersonation breakout](gitlab-org/gitlab@780c8592b1e5c9f3ebb25682d22868d3e41d0ff8) +- [Clear session access tokens when starting/stopping impersonation](gitlab-org/gitlab@413f65cf961b9330d4455a3c7c96dbb5c3076593) +- [Require password param for 2FA changes](gitlab-org/gitlab@2fee55910eb9294aac3d096009e18afbf701b2e8) +- [Prevent users from bypassing 2FA on certain pages](gitlab-org/gitlab@5a52554984c540c0211a91169956cc7f3b8e511f) +- [Use validated URL when sending request to Gitea Importer](gitlab-org/gitlab@7af8abd4df9a98f7a1ae7c4ec9840d0a7a8c684d) +- [Fix permissions check on project members import](gitlab-org/gitlab@3b34c4e1e960dabc982c147b996ea4a3228f36fe) +- [Fix fogbugz importer DNS Rebind SSRF](gitlab-org/gitlab@395649cc463054467cfa9265f0f6d8a1a943226d) +- [Require group admin access to list pending invites](gitlab-org/gitlab@f4b8af4e6829d0ccfbf2f34caa0183908d622d66) +- [Do not export and import repository_size_limit](gitlab-org/gitlab@215ac57160a36faa55adfb4069c48a6e993be0f6) +- [Escapes MR approval rule names correctly](gitlab-org/gitlab@a3af82b0f065cbf449c8285db91d8837a7208f17) +- [Disable exporting pipeline triggers on project export](gitlab-org/gitlab@4195b918418786babcc71af51b61ea3fad107a8a) +- [Add pagination to dependencies API](gitlab-org/gitlab@5eeb99760ce78b28e8e77361daec438a1c588d31) **GitLab Enterprise Edition** +- [Filter shared groups autocomplete by permitted](gitlab-org/gitlab@faf9969eb78296e8f20bee8bac6563f6f02ea07a) **GitLab Enterprise Edition** +- [Apply account locking to password reset page](gitlab-org/gitlab@38a3aceb6e20e52d6f2a554dcdf6c4828d2d49a2) +- [Verify state before using errors from OAuth2 OmniAuth providers](gitlab-org/gitlab@79457dafe5558446504e7cdda33f2731e4033d62) +- [Fix GFM autocomplete xss](gitlab-org/gitlab@bd9bc17acd5930c5830f67ae8becdf7b8e7b4550) +- [Remove related project access tokens when a project is deleted](gitlab-org/gitlab@ff76361cba4561a13fca600afe431a50137e4f45) +- [Do not allow status checks to exist with external protected branches](gitlab-org/gitlab@dd5d6c9dda012e3776eddf89ddbc74073b5d40d5) **GitLab Enterprise Edition** +- [Permission check issuable template API data](gitlab-org/gitlab@dbad14b7fac92ed9cae602a3e30676703f406e62) **GitLab Enterprise Edition** +- [Require access token for git when 2fa is required](gitlab-org/gitlab@79c523c3f9ade423ad960f8bd30b686759eda29f) +- [Prohibit anonymous access for specific user API endpoint](gitlab-org/gitlab@635002da5981dc88c0942bb11ae4a14e7601362f) +- [Respect disabled import sources when initiating import via API](gitlab-org/gitlab@0dec589a9811e4ed72002116fcc89ca65447cb72) +- [Prevent showing not allowed subgroup epics](gitlab-org/gitlab@c77693d4154db385a292b1a290598b145ac20a57) **GitLab Enterprise Edition** +- [Prevent moving epic issues to different group hierarchy](gitlab-org/gitlab@eefca514c7716dc7071de8a3de9567f1a97d66df) **GitLab Enterprise Edition** +- [Fix denial-of-service attack in Markdown parser](gitlab-org/gitlab@1315787019130f5e65ef00dc166721dd703a2908) +- [Enforce configured scopes for Oauth applications](gitlab-org/gitlab@31cc65d79b44e43108f7eeac06496c12cf9f8ee3) + +### Performance (27 changes) + +- [Set X-Requested-With for startup JS requests](gitlab-org/gitlab@5b10ead1fc4d7fdf8836f210a70825ba1834cd7b) ([merge request](gitlab-org/gitlab!72360)) +- [Use Group linear ancestor scopes](gitlab-org/gitlab@e2664d387b9e50ea25253044bb6792983dd5992c) ([merge request](gitlab-org/gitlab!70708)) **GitLab Enterprise Edition** +- [Skip secure product metrics in service ping](gitlab-org/gitlab@a7895ff78405735fc0a9be4e9339f45aec7d6023) ([merge request](gitlab-org/gitlab!72198)) **GitLab Enterprise Edition** +- [Clean up failed archive when no more attempts left](gitlab-org/gitlab@22bdd739efbfabc999544aac0c17f6719024237e) ([merge request](gitlab-org/gitlab!71878)) +- [Render gitaly-unavailable error for Tags page](gitlab-org/gitlab@9a20a93028cc1ff4e9191f3204549a2f71393705) ([merge request](gitlab-org/gitlab!71078)) +- [Enable FF "reference_cache_memoization" by default](gitlab-org/gitlab@a1ad071bc5d8bb2a31545c90f02d91d4d78cf045) ([merge request](gitlab-org/gitlab!71731)) +- [Enable FF "tags_finder_gitaly" by default](gitlab-org/gitlab@bf59b0925716dd5342cd9d77396ca0adf74d5ff3) ([merge request](gitlab-org/gitlab!71743)) +- [Quarantine broken security_products_usage metrics](gitlab-org/gitlab@417a1319e87b37aea0b987736d2920e17a50f1b6) ([merge request](gitlab-org/gitlab!71722)) **GitLab Enterprise Edition** +- [Preload user project access in group API](gitlab-org/gitlab@c6bc7f71703844a96e0781da5c1e4d12ac2b0c23) ([merge request](gitlab-org/gitlab!71631)) +- [User ParticipantService linear ancestor scopes](gitlab-org/gitlab@133206812814dbea34ad7c9673bcb8849d2497f3) ([merge request](gitlab-org/gitlab!70684)) +- [Use GroupPlansPreloader linear ancestor scopes](gitlab-org/gitlab@5bffbad5917195c4eff72570a5798e5a5aa81d29) ([merge request](gitlab-org/gitlab!70685)) **GitLab Enterprise Edition** +- [Use specialized worker to refresh authorizations on group-share update](gitlab-org/gitlab@fa1d31ee1f88ba8d659f3d14ef06bc2867ee19ae) ([merge request](gitlab-org/gitlab!70361)) +- [Disable BatchLoader replace_methods by default](gitlab-org/gitlab@cac51506144d441abf74026b788ee5c9fedb0452) ([merge request](gitlab-org/gitlab!71364)) +- [Avoid loading project namespace for id](gitlab-org/gitlab@c5b9c6b5c600827f24b0d97bf30c97644abada19) ([merge request](gitlab-org/gitlab!71051)) +- [Use MembersFinder ancestors linear scopes](gitlab-org/gitlab@ea414318775364ceeecc5d5a9b812fcdc5f7d758) ([merge request](gitlab-org/gitlab!70583)) +- [Use ApplicationSetting ancestors linear scopes](gitlab-org/gitlab@d7aaa809a62bd5a9668f06fe554c1f12c8dbec66) ([merge request](gitlab-org/gitlab!70579)) **GitLab Enterprise Edition** +- [Disable replace_methods in users autocomplete](gitlab-org/gitlab@6d0b7babd98d253fe65153653a8e3ba23372ac7e) ([merge request](gitlab-org/gitlab!71262)) +- [Remove priority sort from board list issues](gitlab-org/gitlab@30820e968005dafccf66be6fc5fe534bd8c05d4a) ([merge request](gitlab-org/gitlab!70674)) +- [Use GroupTree ancestors linear scopes](gitlab-org/gitlab@c1f9f33079d41594f41507f830d90164caecc59d) ([merge request](gitlab-org/gitlab!70503)) +- [Replace Group ancestors scope with linear version](gitlab-org/gitlab@bd908d325f2989e184c016bbf6ffa2f34ac9f7b3) ([merge request](gitlab-org/gitlab!70495)) +- [Add concurrent index for selecting resource_group from ci_builds](gitlab-org/gitlab@f5fb3b4b90e0806453f7ffa418edf904d9c6632f) ([merge request](gitlab-org/gitlab!70911)) +- [Skip keep_around commit callback if `skip_keep_around_commits` is true](gitlab-org/gitlab@7abd7d2d47888ea92459534a42734ac734bc0eef) ([merge request](gitlab-org/gitlab!69910)) +- [Add index for vulnerability_occurrences image location](gitlab-org/gitlab@44e892e7f517e26ec52cdfb9d9b8c7552b20e761) ([merge request](gitlab-org/gitlab!70275)) +- [Improve retrieving default branch of empty repos](gitlab-org/gitlab@c5ccb9261e05c38fbe0956bc563556481e32c783) ([merge request](gitlab-org/gitlab!70116)) +- [Update pending builds namespace traversal ids](gitlab-org/gitlab@9aa02e07af6a936244b88b4c873a866cea4fb65e) ([merge request](gitlab-org/gitlab!70691)) +- [Use specialized worker to refresh authorizations on project transfer](gitlab-org/gitlab@34f5f02a72b710cf97b6ed8526dc42b4c026aa07) ([merge request](gitlab-org/gitlab!70356)) +- [Add a `uniq` filter to SHAs passed to the keep around service](gitlab-org/gitlab@e3b599c5bdcebd15b117e039b58e4c98349ac652) ([merge request](gitlab-org/gitlab!70323)) + +### Other (41 changes) + +- [Remove feature flag for pipeline editor drawer](gitlab-org/gitlab@28f635fffc9f2db4d2c43bff9afac4b2b3f44bdc) ([merge request](gitlab-org/gitlab!72237)) +- [Improve UX of group two factor grace period input](gitlab-org/gitlab@84208b270b1ce7148a1db0caaca50e2111348342) ([merge request](gitlab-org/gitlab!72280)) +- [Remove metrics that keeps count of deleted container images](gitlab-org/gitlab@96806577b479cddf2e0e1b0a8a417702ee5e3865) by @edith007 ([merge request](gitlab-org/gitlab!70983)) **GitLab Enterprise Edition** +- [Remove metric that keeps track of published Debian packages](gitlab-org/gitlab@5193a7f3c2512c05cffab2627ae0a86f9a45a535) by @edith007 ([merge request](gitlab-org/gitlab!70988)) **GitLab Enterprise Edition** +- [Remove the FF ci_idempotent_pipeline_process_worker](gitlab-org/gitlab@30b3172abc9592c640412641f9f420201bcfc019) ([merge request](gitlab-org/gitlab!72297)) +- [Remove metric that keeps track of downloaded container images](gitlab-org/gitlab@460b8f2e3a41a5fbf6e6ecfc83c4ead68c23a28c) by @edith007 ([merge request](gitlab-org/gitlab!70985)) **GitLab Enterprise Edition** +- [Add Google Analytics ID to gitlab_standard schema for snowplow](gitlab-org/gitlab@a9522b5e8afd76353fc9fb0d92d32e46b03b7f6f) ([merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/71242)) +- [Remove metric that keeps track of published container images](gitlab-org/gitlab@2a4246d2ad491d1f96437a5277a7f0931dd8bf6c) by @edith007 ([merge request](gitlab-org/gitlab!70987)) **GitLab Enterprise Edition** +- [Remove the FF ci_include_rules](gitlab-org/gitlab@53e9d5fb9f1fd021566b1d2f5cd1556207be9194) ([merge request](gitlab-org/gitlab!72122)) +- [Always use rate limiting Redis](gitlab-org/gitlab@5bc8987a710cc84aa399d99f3336523bffbc957f) ([merge request](gitlab-org/gitlab!72113)) +- [Cleanup delete orphaned deployments background migration](gitlab-org/gitlab@233858c7e8e63cc3b3405621ceee8c73d73c8495) ([merge request](gitlab-org/gitlab!66600)) +- [Remove feature flag disable_joins_upstream_downstream_projects](gitlab-org/gitlab@76d008a4d5b5bc4a08760e3d1c863b0668767c6b) ([merge request](gitlab-org/gitlab!71968)) +- [Do not append hash to pseudonymized URL](gitlab-org/gitlab@768d0801050fe83d8e81a6abbf9cbf34bfb6534a) ([merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/71335)) +- [Remove test summary widget usage ping feature flag](gitlab-org/gitlab@5d780fc9ec7b0dbfc6df1bed102c5b6006a409c6) ([merge request](gitlab-org/gitlab!71781)) +- [Remove sync_namespace_name_with_cdot flag](gitlab-org/gitlab@467a39884503f3f387760b503943e447e8fa6c7e) ([merge request](gitlab-org/gitlab!71763)) +- [Set `assumeImmutableResults` to `true` in access tokens Apollo config](gitlab-org/gitlab@a2d295513d9ba4a336997388b696302110bf12b5) by @imrishabh18 ([merge request](gitlab-org/gitlab!70873)) +- [Remove unused struct field](gitlab-org/gitlab@916a647334b542ad4b011c28a511bc4a5dd9ac10) ([merge request](gitlab-org/gitlab!71738)) +- [Re Reschedule Delete Orphaned Deployments BG migration](gitlab-org/gitlab@4fc0ad4eebce4f76bad344913cf16c340dfb0d62) ([merge request](gitlab-org/gitlab!71700)) +- [Refactor compliance framework UI and documentation](gitlab-org/gitlab@0b3b96373f0633fd333f87d0446faa9657a9831b) ([merge request](gitlab-org/gitlab!70258)) **GitLab Enterprise Edition** +- [Remove the FF ci_pipeline_add_job_with_lock](gitlab-org/gitlab@7bb475a84b5411dd71cf04d62dc760837af432a6) ([merge request](gitlab-org/gitlab!71652)) +- [Remove project authorizations API FF](gitlab-org/gitlab@6a4e306aa856dc9cbfb31d070f5edc20491ff10d) ([merge request](gitlab-org/gitlab!71638)) +- [Revise UI text for Usage Statistics](gitlab-org/gitlab@6f7df4eabd0fe12bd735562b1c61704f62438d08) ([merge request](gitlab-org/gitlab!71473)) +- [Removes `track_epic_boards_activity` feature flag](gitlab-org/gitlab@3a3c53a19f8e14a11872afc5bfbea9be1ebb7a7e) ([merge request](gitlab-org/gitlab!71552)) +- [Remove pages_smart_check_outdated_sha feature flag](gitlab-org/gitlab@b68e407fe931b4c6c2912926c8a576448cba65ea) ([merge request](gitlab-org/gitlab!71530)) +- [Additional tests of #work_in_progress?](gitlab-org/gitlab@bab351e939be61d330dc683bbeb638a132410079) ([merge request](gitlab-org/gitlab!71437)) +- [Use varchar_pattern_ops indexes for labels](gitlab-org/gitlab@dbf00facaf0d5aab14455f524d0608a133abd14c) ([merge request](gitlab-org/gitlab!70770)) +- [Update runner status descriptions](gitlab-org/gitlab@471c067f8de82a6ae83282cad16fec9dfed0fb30) ([merge request](gitlab-org/gitlab!71447)) +- [Make build_id param as required when updating CI minutes async](gitlab-org/gitlab@fd716d443a31f7a22716c2feec11deb65f084d65) ([merge request](gitlab-org/gitlab!71297)) **GitLab Enterprise Edition** +- [Remove FF ci_remove_update_retried_from_process_pipeline](gitlab-org/gitlab@6d3b53f4fd3925ca38cf0c75e9941d60e23e71f3) ([merge request](gitlab-org/gitlab!71201)) +- [Filter Welcome to GitLab console message from capybara](gitlab-org/gitlab@511d56f0fdbec074930037f587737d7066002a1c) by @leetickett ([merge request](gitlab-org/gitlab!71151)) +- [Remove redundant index on taggings table](gitlab-org/gitlab@5124a0375265ede986eed631e9cfad7cf1400642) ([merge request](gitlab-org/gitlab!71083)) +- [Update additional CI minute docs](gitlab-org/gitlab@1d74e66b394c9d5418f0d2f277bd61ddb3de1b98) ([merge request](gitlab-org/gitlab!70934)) +- [Drop old int4 PK column for push_event_payloads](gitlab-org/gitlab@6e19f4eee1eafd432619d7fbf0d897ef2e622776) ([merge request](gitlab-org/gitlab!70920)) +- [Drop old int4 PK column for events](gitlab-org/gitlab@2de6a4f4784f68e2a8e2680b1273d76f9ad21023) ([merge request](gitlab-org/gitlab!70915)) +- [Remove foreign key from terraform_state_versions to ci_builds](gitlab-org/gitlab@1f99a8584dd7573c64e658712d504474404120f7) ([merge request](gitlab-org/gitlab!70743)) +- [Drop old int4 PK columns for ci_sources_pipelines](gitlab-org/gitlab@fecfc17771721bd94dbb4a2ca60ce97f149e5e60) ([merge request](gitlab-org/gitlab!70896)) +- [Drop old int4 PK columns for ci_job_artifacts](gitlab-org/gitlab@751d343ebf822966ec66bc59e954601ca6639a66) ([merge request](gitlab-org/gitlab!70884)) +- [Cleanup bigint conversion for ci_builds_metadata](gitlab-org/gitlab@fbf66ae98289e7ad5b0d8a126b8b92d8a29aa8fb) ([merge request](gitlab-org/gitlab!69712)) +- [Remove pipeline foreign keys from package tables](gitlab-org/gitlab@3b8d317b98a2054f2a6251b02940974bb3a74d5d) ([merge request](gitlab-org/gitlab!70614)) +- [Cleanup bigint conversion for ci_builds](gitlab-org/gitlab@176992aa2b2e76b22637a07d5bafbd6541324a7d) ([merge request](gitlab-org/gitlab!70351)) +- [Drop support for data-track-event](gitlab-org/gitlab@ac6027fbef6adf41643412a84945fda6f15c9666) ([merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/70234)) ## 14.3.3 (2021-10-12) @@ -568,6 +973,39 @@ entry. - [Remove the FF ci_reset_bridge_with_subsequent_jobs](gitlab-org/gitlab@a4a75095b9b0250d0b1bdadea90c8a4cd24449b2) ([merge request](gitlab-org/gitlab!68295)) - [Removes ci_same_stage_job_needs ff](gitlab-org/gitlab@5e509cf7aa90041a541b19dda563120a359f0bf9) ([merge request](gitlab-org/gitlab!68041)) +## 14.2.5 (2021-09-30) + +### Security (28 changes) + +- [Require password param for 2FA changes](gitlab-org/security/gitlab@5693760a3edf82774a4e19b9bb561be87316be54) ([merge request](gitlab-org/security/gitlab!1815)) +- [Fix permissions check on project members import](gitlab-org/security/gitlab@f9b4200427833e370638aa63851d6801a40c404c) ([merge request](gitlab-org/security/gitlab!1859)) +- [Respect disabled import sources when initiating import via API](gitlab-org/security/gitlab@3c9af055ece281fcaab0b8dcc277e0ce9133ad31) ([merge request](gitlab-org/security/gitlab!1847)) +- [Return 404 if model id wasn't passed to UploadsController](gitlab-org/security/gitlab@dd4616362040d2b812d69ff2ecf78e70ff4b9ae3) ([merge request](gitlab-org/security/gitlab!1844)) +- [Scrub artifacts signed URL in SendEntry logs](gitlab-org/security/gitlab@41d275bb73943ba6f970d6678b49c9336194af35) ([merge request](gitlab-org/security/gitlab!1841)) +- [Prevent double-impersonation and impersonation breakout](gitlab-org/security/gitlab@c0ab498adda057f4d87969d74c32a3ea95df297c) ([merge request](gitlab-org/security/gitlab!1835)) +- [Clear session access tokens when starting/stopping impersonation](gitlab-org/security/gitlab@fd39d88b348d525818820d2496afe08612420023) ([merge request](gitlab-org/security/gitlab!1832)) +- [Use validated URL when sending request to Gitea Importer](gitlab-org/security/gitlab@328e3c726c693b32666e0fb32eda0b7a6f22d8ad) ([merge request](gitlab-org/security/gitlab!1821)) +- [Fix XSS in Jira link](gitlab-org/security/gitlab@868d8b9c4a1e9e9019a7ff51da11f75051e452c3) ([merge request](gitlab-org/security/gitlab!1817)) **GitLab Enterprise Edition** +- [Fix fogbugz importer DNS Rebind SSRF](gitlab-org/security/gitlab@4f4b5a15a3508084f921442b3a7f42ba0448f1bb) ([merge request](gitlab-org/security/gitlab!1681)) +- [Remove related project access tokens when a project is deleted](gitlab-org/security/gitlab@282e81198f80f1fda912da5bc6f671d778b19ca9) ([merge request](gitlab-org/security/gitlab!1811)) +- [Require group admin access to list pending invites](gitlab-org/security/gitlab@1ce85345787025222c915fe5fa314bad8994b6ba) ([merge request](gitlab-org/security/gitlab!1720)) +- [Do not export and import repository_size_limit](gitlab-org/security/gitlab@359f14e41dfc355a13041cdf1dbcd082c254200c) ([merge request](gitlab-org/security/gitlab!1769)) +- [Escapes MR approval rule names correctly](gitlab-org/security/gitlab@d84739982599197ff337d69d818634544270e142) ([merge request](gitlab-org/security/gitlab!1808)) +- [Filter shared groups autocomplete by permitted](gitlab-org/security/gitlab@3a2b4c7ff1eb2ba3e84840ba2800c13d6491d726) ([merge request](gitlab-org/security/gitlab!1805)) **GitLab Enterprise Edition** +- [Require access token for git when 2fa is required](gitlab-org/security/gitlab@deb4e7e5f941c82450d382c1b85f6325e367394f) ([merge request](gitlab-org/security/gitlab!1795)) +- [Disable exporting pipeline triggers on project export](gitlab-org/security/gitlab@417761bb2f67f03bfe803163bad97da7b9fa088b) ([merge request](gitlab-org/security/gitlab!1789)) +- [Add pagination to dependencies API](gitlab-org/security/gitlab@2f84755ba54580df126054a561d8cc4731f936d3) ([merge request](gitlab-org/security/gitlab!1724)) **GitLab Enterprise Edition** +- [Permission check issuable template API data](gitlab-org/security/gitlab@a90614e2efc813ca5f13a9aa9b51f13f0e8934aa) ([merge request](gitlab-org/security/gitlab!1786)) **GitLab Enterprise Edition** +- [Apply account locking to password reset page](gitlab-org/security/gitlab@6bbd77c0748e59eacff51edb6264d6099ee14a38) ([merge request](gitlab-org/security/gitlab!1783)) +- [Enforce configured scopes for Oauth applications](gitlab-org/security/gitlab@a9f44bb19cbfc460cd05627a80ef17c39cdde86b) ([merge request](gitlab-org/security/gitlab!1780)) +- [Verify state before using errors from OAuth2 OmniAuth providers](gitlab-org/security/gitlab@6f70292d0fa3efbe99c44748a463df189830cc35) ([merge request](gitlab-org/security/gitlab!1777)) +- [Prevent moving epic issues to different group hierarchy](gitlab-org/security/gitlab@979d40003794014d5930709a257e9a5c75df10e6) ([merge request](gitlab-org/security/gitlab!1773)) **GitLab Enterprise Edition** +- [Prevent showing not allowed subgroup epics](gitlab-org/security/gitlab@2f72e4062f6cd7256ffff31172b00c012a5910e1) ([merge request](gitlab-org/security/gitlab!1765)) **GitLab Enterprise Edition** +- [Do not allow status checks to exist with external protected branches](gitlab-org/security/gitlab@dd08837d054c574f94f80e806cc7b49de342cc57) ([merge request](gitlab-org/security/gitlab!1762)) **GitLab Enterprise Edition** +- [Fix GFM autocomplete xss](gitlab-org/security/gitlab@5afba618ef89fdce544f498a30e7366e3f6cb788) ([merge request](gitlab-org/security/gitlab!1747)) +- [Prohibit anonymous access for specific user API endpoint](gitlab-org/security/gitlab@a813bd8a8f07ffa0477efd3a3936b436e5ec6b17) ([merge request](gitlab-org/security/gitlab!1736)) +- [Fix denial-of-service attack in Markdown parser](gitlab-org/security/gitlab@f618ad9c104882ac5f707b162e8119805252019e) ([merge request](gitlab-org/security/gitlab!1729)) + ## 14.2.4 (2021-09-17) ### Fixed (2 changes) @@ -1159,6 +1597,45 @@ entry. - [Add helpful text to URL group validation and limit text](gitlab-org/gitlab@59a5a6266cb0d5434596170ffa36e4e74b8d2c2c) ([merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/65369)) **GitLab Enterprise Edition** - [Refactor external storage admin area configuration UI and docs](gitlab-org/gitlab@497ba4fc8f4ec1d234c9f5f1ec5c69712b8c7cb3) ([merge request](gitlab-org/gitlab!66219)) +## 14.1.7 (2021-09-30) + +### Security (28 changes) + +- [Require password param for 2FA changes](gitlab-org/security/gitlab@4e16401a77264ef3127f0bb314fa0abab11216c7) ([merge request](gitlab-org/security/gitlab!1816)) +- [Fix permissions check on project members import](gitlab-org/security/gitlab@be54b3f4890fa89d58cb02be79c65025f606bd6c) ([merge request](gitlab-org/security/gitlab!1860)) +- [Respect disabled import sources when initiating import via API](gitlab-org/security/gitlab@b76b6229c93447954efc5719e6dd61eb601afdc4) ([merge request](gitlab-org/security/gitlab!1848)) +- [Return 404 if model id wasn't passed to UploadsController](gitlab-org/security/gitlab@8ab1cfaafba21a9e90ef41677993af2afdcd920a) ([merge request](gitlab-org/security/gitlab!1845)) +- [Scrub artifacts signed URL in SendEntry logs](gitlab-org/security/gitlab@5bae93b2f085d5dac58e411bffb5ca518fe7df98) ([merge request](gitlab-org/security/gitlab!1842)) +- [Prevent double-impersonation and impersonation breakout](gitlab-org/security/gitlab@7c82d0f2a1dbfb0a23d6a5cdaee448307ffc6972) ([merge request](gitlab-org/security/gitlab!1836)) +- [Clear session access tokens when starting/stopping impersonation](gitlab-org/security/gitlab@a4d529eb7c8eeb3e9c42ae3d81514d79a905cdb7) ([merge request](gitlab-org/security/gitlab!1833)) +- [Use validated URL when sending request to Gitea Importer](gitlab-org/security/gitlab@b30536e6c9aa969c76bcd167f00db5a0e07ace7a) ([merge request](gitlab-org/security/gitlab!1820)) +- [Fix XSS in Jira link](gitlab-org/security/gitlab@9ace10c46744ee220c649d2da0eeb3e99216ee7d) ([merge request](gitlab-org/security/gitlab!1625)) **GitLab Enterprise Edition** +- [Fix fogbugz importer DNS Rebind SSRF](gitlab-org/security/gitlab@9d7107665d6ed931ef4b2feeb0287bc71b89232c) ([merge request](gitlab-org/security/gitlab!1682)) +- [Remove related project access tokens when a project is deleted](gitlab-org/security/gitlab@b86096865949f07f6a2020603959117d9c84877b) ([merge request](gitlab-org/security/gitlab!1812)) +- [Require group admin access to list pending invites](gitlab-org/security/gitlab@404b344edd61b2f13c3498cd545c2b40165ee536) ([merge request](gitlab-org/security/gitlab!1721)) +- [Do not export and import repository_size_limit](gitlab-org/security/gitlab@56f563980f944f1a5e3935ad82070e6719cd5a0c) ([merge request](gitlab-org/security/gitlab!1768)) +- [Escapes MR approval rule names correctly](gitlab-org/security/gitlab@ea64f981ce70a0e1e6ee58e64a6007e82f48e071) ([merge request](gitlab-org/security/gitlab!1809)) +- [Filter shared groups autocomplete by permitted](gitlab-org/security/gitlab@59999ab27cba402589b27d204cf29678100e948b) ([merge request](gitlab-org/security/gitlab!1806)) **GitLab Enterprise Edition** +- [Require access token for git when 2fa is required](gitlab-org/security/gitlab@6a4a75efd7685a69ffa7cc4c027c7058013cca45) ([merge request](gitlab-org/security/gitlab!1796)) +- [Disable exporting pipeline triggers on project export](gitlab-org/security/gitlab@8a8c78ed054def210013a849195939d7888fcf65) ([merge request](gitlab-org/security/gitlab!1790)) +- [Add pagination to dependencies API](gitlab-org/security/gitlab@2a963ad670c60d1f3078fdf446ea755c5862fa26) ([merge request](gitlab-org/security/gitlab!1725)) **GitLab Enterprise Edition** +- [Permission check issuable template API data](gitlab-org/security/gitlab@9d95d13bc714e46b5e3697288c4b398cb5aee88b) ([merge request](gitlab-org/security/gitlab!1787)) **GitLab Enterprise Edition** +- [Apply account locking to password reset page](gitlab-org/security/gitlab@47ee79b1983de886f5ebe04b2975c2e37aa938ce) ([merge request](gitlab-org/security/gitlab!1784)) +- [Enforce configured scopes for Oauth applications](gitlab-org/security/gitlab@acf2d894c91aa7fb72ea32b10e50e94441885399) ([merge request](gitlab-org/security/gitlab!1781)) +- [Verify state before using errors from OAuth2 OmniAuth providers](gitlab-org/security/gitlab@20073576508aa239e52d8ff911c1dfd3df8af670) ([merge request](gitlab-org/security/gitlab!1778)) +- [Prevent moving epic issues to different group hierarchy](gitlab-org/security/gitlab@93c6ec69b7bc6c9124a2a5350cebebb57f63a28f) ([merge request](gitlab-org/security/gitlab!1774)) **GitLab Enterprise Edition** +- [Prevent showing not allowed subgroup epics](gitlab-org/security/gitlab@72a11e72425a033f3464d6ff12b4d06e12ec9faf) ([merge request](gitlab-org/security/gitlab!1766)) **GitLab Enterprise Edition** +- [Do not allow status checks to exist with external protected branches](gitlab-org/security/gitlab@8f96c013ccbbe9c52b3f03fb0d247debb1b157a8) ([merge request](gitlab-org/security/gitlab!1763)) **GitLab Enterprise Edition** +- [Fix GFM autocomplete xss](gitlab-org/security/gitlab@fd92dabddff5ae5d67a98aef5d858438520a2f06) ([merge request](gitlab-org/security/gitlab!1748)) +- [Prohibit anonymous access for specific user API endpoint](gitlab-org/security/gitlab@2e8a386430309a931dbbd47fba7540a53399ad64) ([merge request](gitlab-org/security/gitlab!1737)) +- [Fix denial-of-service attack in Markdown parser](gitlab-org/security/gitlab@5b6ed5212f880e2397dbea9ffc74cf0a35bd4411) ([merge request](gitlab-org/security/gitlab!1728)) + +## 14.1.6 (2021-09-27) + +### Fixed (1 change) + +- [Fix Elastic::MigrationWorker current_migration (2nd attempt)](gitlab-org/gitlab@f07c7a5f173a2fc053247664f21c03d29df543a4) ([merge request](gitlab-org/gitlab!71187)) **GitLab Enterprise Edition** + ## 14.1.5 (2021-09-02) ### Fixed (1 change) @@ -1796,6 +2273,12 @@ entry. - [Remove diffs gradual load feature flag](gitlab-org/gitlab@027d7c4327b5b6205a84281239027273517bf81b) ([merge request](gitlab-org/gitlab!55478)) - [Remove partial index for Hashed Storage migration](gitlab-org/gitlab@3ed017a1023d7b0941a7606b69e6caee8d22f15c) ([merge request](gitlab-org/gitlab!62920)) +## 14.0.11 (2021-09-23) + +### Fixed (1 change) + +- [Fix Elastic::MigrationWorker current_migration](gitlab-org/gitlab@0b72aace30bff0fda7a114862ec1e389ddaa5ead) ([merge request](gitlab-org/gitlab!71101)) **GitLab Enterprise Edition** + ## 14.0.10 (2021-09-02) No changes. @@ -2561,6 +3044,10 @@ No changes. - [Add missing metrics information](gitlab-org/gitlab@89cd7fe3b95323e635b2d73e08549b2e6153dc4d) ([merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/61772/edit)) - [Track usage of the resolve UI](gitlab-org/gitlab@35c8e30fce288cecefcf2f7c0077d4608e696519) ([merge request](gitlab-org/gitlab!61654)) +## 13.12.12 (2021-09-21) + +No changes. + ## 13.12.11 (2021-09-02) No changes. diff --git a/GITALY_SERVER_VERSION b/GITALY_SERVER_VERSION index b10f9ae296..afc1b70fc5 100644 --- a/GITALY_SERVER_VERSION +++ b/GITALY_SERVER_VERSION @@ -1 +1 @@ -14.3.4 \ No newline at end of file +14.4.2 \ No newline at end of file diff --git a/GITLAB_ELASTICSEARCH_INDEXER_VERSION b/GITLAB_ELASTICSEARCH_INDEXER_VERSION index fb2c0766b7..7524906967 100644 --- a/GITLAB_ELASTICSEARCH_INDEXER_VERSION +++ b/GITLAB_ELASTICSEARCH_INDEXER_VERSION @@ -1 +1 @@ -2.13.0 +2.16.0 diff --git a/GITLAB_KAS_VERSION b/GITLAB_KAS_VERSION index 839845e0b6..72f51351fc 100644 --- a/GITLAB_KAS_VERSION +++ b/GITLAB_KAS_VERSION @@ -1 +1 @@ -14.3.3 +14.4.0 diff --git a/GITLAB_PAGES_VERSION b/GITLAB_PAGES_VERSION index 372cf402c7..0a3db35b24 100644 --- a/GITLAB_PAGES_VERSION +++ b/GITLAB_PAGES_VERSION @@ -1 +1 @@ -1.44.0 +1.46.0 diff --git a/Gemfile b/Gemfile index 39e6156496..1e6648df48 100644 --- a/Gemfile +++ b/Gemfile @@ -2,7 +2,7 @@ source 'https://rubygems.org' -gem 'rails', '~> 6.1.3.2' +gem 'rails', '~> 6.1.4.1' gem 'bootsnap', '~> 1.4.6' @@ -92,7 +92,7 @@ gem 'net-ldap', '~> 0.16.3' # API gem 'grape', '~> 1.5.2' -gem 'grape-entity', '~> 0.9.0' +gem 'grape-entity', '~> 0.10.0' gem 'rack-cors', '~> 1.0.6', require: 'rack/cors' # GraphQL API @@ -129,7 +129,7 @@ gem 'fog-local', '~> 0.6' gem 'fog-openstack', '~> 1.0' gem 'fog-rackspace', '~> 0.1.1' gem 'fog-aliyun', '~> 0.3' -gem 'gitlab-fog-azure-rm', '~> 1.1.1', require: false +gem 'gitlab-fog-azure-rm', '~> 1.2.0', require: false # for Google storage gem 'google-api-client', '~> 0.33' @@ -154,7 +154,7 @@ gem 'html-pipeline', '~> 2.13.2' gem 'deckar01-task_list', '2.3.1' gem 'gitlab-markup', '~> 1.7.1' gem 'github-markup', '~> 1.7.0', require: 'github/markup' -gem 'commonmarker', '~> 0.21' +gem 'commonmarker', '~> 0.23.2' gem 'kramdown', '~> 2.3.1' gem 'RedCloth', '~> 4.3.2' gem 'rdoc', '~> 6.3.2' @@ -165,7 +165,7 @@ gem 'asciidoctor', '~> 2.0.10' gem 'asciidoctor-include-ext', '~> 0.3.1', require: false gem 'asciidoctor-plantuml', '~> 0.0.12' gem 'asciidoctor-kroki', '~> 0.5.0', require: false -gem 'rouge', '~> 3.26.0' +gem 'rouge', '~> 3.26.1' gem 'truncato', '~> 0.7.11' gem 'bootstrap_form', '~> 4.2.0' gem 'nokogiri', '~> 1.11.4' @@ -195,10 +195,10 @@ gem 'state_machines-activerecord', '~> 0.8.0' gem 'acts-as-taggable-on', '~> 7.0' # Background jobs -gem 'sidekiq', '~> 5.2.7' +gem 'sidekiq', '~> 6.2.2' gem 'sidekiq-cron', '~> 1.0' gem 'redis-namespace', '~> 1.8.1' -gem 'gitlab-sidekiq-fetcher', '0.5.6', require: 'sidekiq-reliable-fetch' +gem 'gitlab-sidekiq-fetcher', '0.8.0', require: 'sidekiq-reliable-fetch' # Cron Parser gem 'fugit', '~> 1.2.1' @@ -229,7 +229,7 @@ gem 'js_regex', '~> 3.7' gem 'device_detector' # Redis -gem 'redis', '~> 4.1.4' +gem 'redis', '~> 4.4.0' gem 'connection_pool', '~> 2.0' # Redis session store @@ -341,7 +341,7 @@ group :development do gem 'lefthook', '~> 0.7.0', require: false gem 'solargraph', '~> 0.43', require: false - gem 'letter_opener_web', '~> 1.4.0' + gem 'letter_opener_web', '~> 1.4.1' # Better errors handler gem 'better_errors', '~> 2.9.0' @@ -355,7 +355,7 @@ group :development, :test do gem 'bullet', '~> 6.1.3' gem 'pry-byebug' gem 'pry-rails', '~> 0.3.9' - gem 'pry-shell', '~> 0.4.0' + gem 'pry-shell', '~> 0.5.0' gem 'awesome_print', require: false @@ -424,7 +424,7 @@ group :test do gem 'webmock', '~> 3.9.1' gem 'rails-controller-testing' gem 'concurrent-ruby', '~> 1.1' - gem 'test-prof', '~> 0.12.0' + gem 'test-prof', '~> 1.0.7' gem 'rspec_junit_formatter' gem 'guard-rspec' @@ -474,7 +474,7 @@ end gem 'spamcheck', '~> 0.1.0' # Gitaly GRPC protocol definitions -gem 'gitaly', '~> 14.3.0.pre.rc1' +gem 'gitaly', '~> 14.3.0.pre.rc2' # KAS GRPC protocol definitions gem 'kas-grpc', '~> 0.0.2' diff --git a/Gemfile.lock b/Gemfile.lock index d62e948e63..a6b7f598ec 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -11,63 +11,63 @@ GEM RedCloth (4.3.2) acme-client (2.0.6) faraday (>= 0.17, < 2.0.0) - actioncable (6.1.3.2) - actionpack (= 6.1.3.2) - activesupport (= 6.1.3.2) + actioncable (6.1.4.1) + actionpack (= 6.1.4.1) + activesupport (= 6.1.4.1) nio4r (~> 2.0) websocket-driver (>= 0.6.1) - actionmailbox (6.1.3.2) - actionpack (= 6.1.3.2) - activejob (= 6.1.3.2) - activerecord (= 6.1.3.2) - activestorage (= 6.1.3.2) - activesupport (= 6.1.3.2) + actionmailbox (6.1.4.1) + actionpack (= 6.1.4.1) + activejob (= 6.1.4.1) + activerecord (= 6.1.4.1) + activestorage (= 6.1.4.1) + activesupport (= 6.1.4.1) mail (>= 2.7.1) - actionmailer (6.1.3.2) - actionpack (= 6.1.3.2) - actionview (= 6.1.3.2) - activejob (= 6.1.3.2) - activesupport (= 6.1.3.2) + actionmailer (6.1.4.1) + actionpack (= 6.1.4.1) + actionview (= 6.1.4.1) + activejob (= 6.1.4.1) + activesupport (= 6.1.4.1) mail (~> 2.5, >= 2.5.4) rails-dom-testing (~> 2.0) - actionpack (6.1.3.2) - actionview (= 6.1.3.2) - activesupport (= 6.1.3.2) + actionpack (6.1.4.1) + actionview (= 6.1.4.1) + activesupport (= 6.1.4.1) rack (~> 2.0, >= 2.0.9) rack-test (>= 0.6.3) rails-dom-testing (~> 2.0) rails-html-sanitizer (~> 1.0, >= 1.2.0) - actiontext (6.1.3.2) - actionpack (= 6.1.3.2) - activerecord (= 6.1.3.2) - activestorage (= 6.1.3.2) - activesupport (= 6.1.3.2) + actiontext (6.1.4.1) + actionpack (= 6.1.4.1) + activerecord (= 6.1.4.1) + activestorage (= 6.1.4.1) + activesupport (= 6.1.4.1) nokogiri (>= 1.8.5) - actionview (6.1.3.2) - activesupport (= 6.1.3.2) + actionview (6.1.4.1) + activesupport (= 6.1.4.1) builder (~> 3.1) erubi (~> 1.4) rails-dom-testing (~> 2.0) rails-html-sanitizer (~> 1.1, >= 1.2.0) - activejob (6.1.3.2) - activesupport (= 6.1.3.2) + activejob (6.1.4.1) + activesupport (= 6.1.4.1) globalid (>= 0.3.6) - activemodel (6.1.3.2) - activesupport (= 6.1.3.2) - activerecord (6.1.3.2) - activemodel (= 6.1.3.2) - activesupport (= 6.1.3.2) + activemodel (6.1.4.1) + activesupport (= 6.1.4.1) + activerecord (6.1.4.1) + activemodel (= 6.1.4.1) + activesupport (= 6.1.4.1) activerecord-explain-analyze (0.1.0) activerecord (>= 4) pg - activestorage (6.1.3.2) - actionpack (= 6.1.3.2) - activejob (= 6.1.3.2) - activerecord (= 6.1.3.2) - activesupport (= 6.1.3.2) + activestorage (6.1.4.1) + actionpack (= 6.1.4.1) + activejob (= 6.1.4.1) + activerecord (= 6.1.4.1) + activesupport (= 6.1.4.1) marcel (~> 1.0.0) - mini_mime (~> 1.0.2) - activesupport (6.1.3.2) + mini_mime (>= 1.1.0) + activesupport (6.1.4.1) concurrent-ruby (~> 1.0, >= 1.0.2) i18n (>= 1.6, < 2) minitest (>= 5.1) @@ -200,8 +200,7 @@ GEM open4 (~> 1.3) coderay (1.1.3) colored2 (3.1.2) - commonmarker (0.21.0) - ruby-enum (~> 0.5) + commonmarker (0.23.2) concurrent-ruby (1.1.9) connection_pool (2.2.2) contracts (0.11.0) @@ -453,7 +452,7 @@ GEM rails (>= 3.2.0) git (1.7.0) rchardet (~> 1.8) - gitaly (14.3.0.pre.rc1) + gitaly (14.3.0.pre.rc2) grpc (~> 1.0) github-markup (1.7.0) gitlab (4.16.1) @@ -468,7 +467,7 @@ GEM activesupport (>= 3.0) request_store (>= 1.0) scientist (~> 1.6, >= 1.6.0) - gitlab-fog-azure-rm (1.1.1) + gitlab-fog-azure-rm (1.2.0) azure-storage-blob (~> 2.0) azure-storage-common (~> 2.0) fog-core (= 2.1.0) @@ -491,8 +490,8 @@ GEM addressable (~> 2.7) omniauth (~> 1.9) openid_connect (~> 1.2) - gitlab-sidekiq-fetcher (0.5.6) - sidekiq (~> 5) + gitlab-sidekiq-fetcher (0.8.0) + sidekiq (~> 6.1) gitlab-styles (6.3.0) rubocop (~> 0.91, >= 0.91.1) rubocop-gitlab-security (~> 0.1.1) @@ -506,8 +505,8 @@ GEM omniauth (~> 1.3) pyu-ruby-sasl (>= 0.0.3.3, < 0.1) rubyntlm (~> 0.5) - globalid (0.4.2) - activesupport (>= 4.2.0) + globalid (0.5.2) + activesupport (>= 5.0) gon (6.4.0) actionpack (>= 3.0.20) i18n (>= 0.7) @@ -543,7 +542,7 @@ GEM mustermann-grape (~> 1.0.0) rack (>= 1.3.0) rack-accept - grape-entity (0.9.0) + grape-entity (0.10.0) activesupport (>= 3.0.0) multi_json (>= 1.3.2) grape-path-helpers (1.7.0) @@ -700,7 +699,7 @@ GEM lefthook (0.7.5) letter_opener (1.7.0) launchy (~> 2.2) - letter_opener_web (1.4.0) + letter_opener_web (1.4.1) actionmailer (>= 3.2) letter_opener (~> 1.0) railties (>= 3.2) @@ -747,7 +746,7 @@ GEM mime-types-data (3.2020.0512) mini_histogram (0.3.1) mini_magick (4.10.1) - mini_mime (1.0.2) + mini_mime (1.1.1) mini_portile2 (2.5.3) minitest (5.11.3) mixlib-cli (2.1.8) @@ -784,7 +783,7 @@ GEM net-ssh (>= 2.6.5, < 7.0.0) net-ssh (6.0.0) netrc (0.11.0) - nio4r (2.5.4) + nio4r (2.5.8) no_proxy_fix (0.1.2) nokogiri (1.11.7) mini_portile2 (~> 2.5.0) @@ -908,7 +907,7 @@ GEM peek (1.1.0) railties (>= 4.0.0) pg (1.2.3) - pg_query (2.1.0) + pg_query (2.1.1) google-protobuf (>= 3.17.1) plist (3.6.0) png_quantizator (0.2.1) @@ -934,7 +933,7 @@ GEM pry (~> 0.13.0) pry-rails (0.3.9) pry (>= 0.10.4) - pry-shell (0.4.1) + pry-shell (0.5.0) pry (~> 0.13.0) tty-markdown tty-prompt @@ -960,27 +959,25 @@ GEM httpclient json-jwt (>= 1.11.0) rack (>= 2.1.0) - rack-protection (2.0.5) - rack rack-proxy (0.6.0) rack rack-test (1.1.0) rack (>= 1.0, < 3) rack-timeout (0.5.2) - rails (6.1.3.2) - actioncable (= 6.1.3.2) - actionmailbox (= 6.1.3.2) - actionmailer (= 6.1.3.2) - actionpack (= 6.1.3.2) - actiontext (= 6.1.3.2) - actionview (= 6.1.3.2) - activejob (= 6.1.3.2) - activemodel (= 6.1.3.2) - activerecord (= 6.1.3.2) - activestorage (= 6.1.3.2) - activesupport (= 6.1.3.2) + rails (6.1.4.1) + actioncable (= 6.1.4.1) + actionmailbox (= 6.1.4.1) + actionmailer (= 6.1.4.1) + actionpack (= 6.1.4.1) + actiontext (= 6.1.4.1) + actionview (= 6.1.4.1) + activejob (= 6.1.4.1) + activemodel (= 6.1.4.1) + activerecord (= 6.1.4.1) + activestorage (= 6.1.4.1) + activesupport (= 6.1.4.1) bundler (>= 1.15.0) - railties (= 6.1.3.2) + railties (= 6.1.4.1) sprockets-rails (>= 2.0.0) rails-controller-testing (1.0.5) actionpack (>= 5.0.1.rc1) @@ -994,11 +991,11 @@ GEM rails-i18n (6.0.0) i18n (>= 0.7, < 2) railties (>= 6.0.0, < 7) - railties (6.1.3.2) - actionpack (= 6.1.3.2) - activesupport (= 6.1.3.2) + railties (6.1.4.1) + actionpack (= 6.1.4.1) + activesupport (= 6.1.4.1) method_source - rake (>= 0.8.7) + rake (>= 0.13) thor (~> 1.0) rainbow (3.0.0) rake (13.0.6) @@ -1018,7 +1015,7 @@ GEM recaptcha (4.13.1) json recursive-open-struct (1.1.3) - redis (4.1.4) + redis (4.4.0) redis-actionpack (5.2.0) actionpack (>= 5, < 7) redis-rack (>= 2.1.0, < 3) @@ -1052,7 +1049,7 @@ GEM rexml (3.2.5) rinku (2.0.0) rotp (6.2.0) - rouge (3.26.0) + rouge (3.26.1) rqrcode (0.7.0) chunky_png rqrcode-rails3 (0.1.7) @@ -1116,8 +1113,6 @@ GEM rubocop-rspec (1.44.1) rubocop (~> 0.87) rubocop-ast (>= 0.7.1) - ruby-enum (0.8.0) - i18n ruby-fogbugz (0.2.1) crack (~> 0.4) ruby-magic (0.4.0) @@ -1175,11 +1170,10 @@ GEM shellany (0.0.1) shoulda-matchers (4.0.1) activesupport (>= 4.2.0) - sidekiq (5.2.9) - connection_pool (~> 2.2, >= 2.2.2) + sidekiq (6.2.2) + connection_pool (>= 2.2.2) rack (~> 2.0) - rack-protection (>= 1.5.0) - redis (>= 3.3.5, < 4.2) + redis (>= 4.2.0) sidekiq-cron (1.0.4) fugit (~> 1.1) sidekiq (>= 4.2.1) @@ -1257,7 +1251,7 @@ GEM unicode-display_width (~> 1.1, >= 1.1.1) terser (1.0.2) execjs (>= 0.3.0, < 3) - test-prof (0.12.0) + test-prof (1.0.7) test_file_finder (0.1.4) faraday (~> 1.0) text (1.3.1) @@ -1357,7 +1351,7 @@ GEM crack (>= 0.3.2) hashdiff (>= 0.4.0, < 2.0.0) webrick (1.6.1) - websocket-driver (0.7.3) + websocket-driver (0.7.5) websocket-extensions (>= 0.1.0) websocket-extensions (0.1.5) wikicloth (0.8.1) @@ -1414,7 +1408,7 @@ DEPENDENCIES capybara-screenshot (~> 1.0.22) carrierwave (~> 1.3) charlock_holmes (~> 0.7.7) - commonmarker (~> 0.21) + commonmarker (~> 0.23.2) concurrent-ruby (~> 1.1) connection_pool (~> 2.0) countries (~> 3.0) @@ -1464,19 +1458,19 @@ DEPENDENCIES gettext (~> 3.3) gettext_i18n_rails (~> 1.8.0) gettext_i18n_rails_js (~> 1.3) - gitaly (~> 14.3.0.pre.rc1) + gitaly (~> 14.3.0.pre.rc2) github-markup (~> 1.7.0) gitlab-chronic (~> 0.10.5) gitlab-dangerfiles (~> 2.3.0) gitlab-experiment (~> 0.6.4) - gitlab-fog-azure-rm (~> 1.1.1) + gitlab-fog-azure-rm (~> 1.2.0) gitlab-labkit (~> 0.21.1) gitlab-license (~> 2.0) gitlab-mail_room (~> 0.0.9) gitlab-markup (~> 1.7.1) gitlab-net-dns (~> 0.9.1) gitlab-omniauth-openid-connect (~> 0.8.0) - gitlab-sidekiq-fetcher (= 0.5.6) + gitlab-sidekiq-fetcher (= 0.8.0) gitlab-styles (~> 6.3.0) gitlab_chronic_duration (~> 0.10.6.2) gitlab_omniauth-ldap (~> 2.1.1) @@ -1485,7 +1479,7 @@ DEPENDENCIES google-protobuf (~> 3.17.1) gpgme (~> 2.0.19) grape (~> 1.5.2) - grape-entity (~> 0.9.0) + grape-entity (~> 0.10.0) grape-path-helpers (~> 1.7.0) grape_logging (~> 1.7) graphiql-rails (~> 1.4.10) @@ -1518,7 +1512,7 @@ DEPENDENCIES kramdown (~> 2.3.1) kubeclient (~> 4.9.2) lefthook (~> 0.7.0) - letter_opener_web (~> 1.4.0) + letter_opener_web (~> 1.4.1) license_finder (~> 6.0) licensee (~> 9.14.1) lockbox (~> 0.6.2) @@ -1570,7 +1564,7 @@ DEPENDENCIES prometheus-client-mmap (~> 0.15.0) pry-byebug pry-rails (~> 0.3.9) - pry-shell (~> 0.4.0) + pry-shell (~> 0.5.0) puma (~> 5.3.1) puma_worker_killer (~> 0.3.1) rack (~> 2.2.3) @@ -1579,7 +1573,7 @@ DEPENDENCIES rack-oauth2 (~> 1.16.0) rack-proxy (~> 0.6.0) rack-timeout (~> 0.5.1) - rails (~> 6.1.3.2) + rails (~> 6.1.4.1) rails-controller-testing rails-i18n (~> 6.0) rainbow (~> 3.0) @@ -1588,14 +1582,14 @@ DEPENDENCIES rdoc (~> 6.3.2) re2 (~> 1.2.0) recaptcha (~> 4.11) - redis (~> 4.1.4) + redis (~> 4.4.0) redis-actionpack (~> 5.2.0) redis-namespace (~> 1.8.1) request_store (~> 1.5) responders (~> 3.0) retriable (~> 3.1.2) rexml (~> 3.2.5) - rouge (~> 3.26.0) + rouge (~> 3.26.1) rqrcode-rails3 (~> 0.1.7) rspec-parameterized rspec-rails (~> 5.0.1) @@ -1617,7 +1611,7 @@ DEPENDENCIES sentry-raven (~> 3.1) settingslogic (~> 2.0.9) shoulda-matchers (~> 4.0.1) - sidekiq (~> 5.2.7) + sidekiq (~> 6.2.2) sidekiq-cron (~> 1.0) simple_po_parser (~> 1.1.2) simplecov (~> 0.18.5) @@ -1634,7 +1628,7 @@ DEPENDENCIES state_machines-activerecord (~> 0.8.0) sys-filesystem (~> 1.1.6) terser (= 1.0.2) - test-prof (~> 0.12.0) + test-prof (~> 1.0.7) test_file_finder (~> 0.1.3) thin (~> 1.8.0) thrift (>= 0.14.0) diff --git a/README.md b/README.md index ee7eef9aa2..f5ec329cd9 100644 --- a/README.md +++ b/README.md @@ -68,7 +68,7 @@ GitLab is an open source project and we are very happy to accept community contr ## Install a development environment To work on GitLab itself, we recommend setting up your development environment with [the GitLab Development Kit](https://gitlab.com/gitlab-org/gitlab-development-kit). -If you do not use the GitLab Development Kit you need to install and setup all the dependencies yourself, this is a lot of work and error prone. +If you do not use the GitLab Development Kit you need to install and configure all the dependencies yourself, this is a lot of work and error prone. One small thing you also have to do when installing it yourself is to copy the example development Puma configuration file: cp config/puma.rb.example.development config/puma.rb @@ -81,7 +81,7 @@ GitLab is a Ruby on Rails application that runs on the following software: - Ubuntu/Debian/CentOS/RHEL/OpenSUSE - Ruby (MRI) 2.7.4 -- Git 2.31+ +- Git 2.33+ - Redis 5.0+ - PostgreSQL 12+ diff --git a/VERSION b/VERSION index b10f9ae296..afc1b70fc5 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -14.3.4 \ No newline at end of file +14.4.2 \ No newline at end of file diff --git a/app/assets/images/logos/zentao.svg b/app/assets/images/logos/zentao.svg new file mode 100644 index 0000000000..d2115b72ae --- /dev/null +++ b/app/assets/images/logos/zentao.svg @@ -0,0 +1,14 @@ + + + + + + + + + diff --git a/app/assets/javascripts/access_tokens/index.js b/app/assets/javascripts/access_tokens/index.js index 7f5f0403de..2cd3a8f12e 100644 --- a/app/assets/javascripts/access_tokens/index.js +++ b/app/assets/javascripts/access_tokens/index.js @@ -49,7 +49,7 @@ export const initProjectsField = () => { { default: createDefaultClient }, ]) => { const apolloProvider = new VueApollo({ - defaultClient: createDefaultClient(), + defaultClient: createDefaultClient({}, { assumeImmutableResults: true }), }); Vue.use(VueApollo); diff --git a/app/assets/javascripts/admin/users/components/actions/delete.vue b/app/assets/javascripts/admin/users/components/actions/delete.vue index a0f4a4bf38..e6dde5898e 100644 --- a/app/assets/javascripts/admin/users/components/actions/delete.vue +++ b/app/assets/javascripts/admin/users/components/actions/delete.vue @@ -14,7 +14,7 @@ export default { type: Object, required: true, }, - oncallSchedules: { + userDeletionObstacles: { type: Array, required: false, default: () => [], @@ -29,7 +29,7 @@ export default { :username="username" :paths="paths" :delete-path="paths.delete" - :oncall-schedules="oncallSchedules" + :user-deletion-obstacles="userDeletionObstacles" > diff --git a/app/assets/javascripts/admin/users/components/actions/delete_with_contributions.vue b/app/assets/javascripts/admin/users/components/actions/delete_with_contributions.vue index 02fd3efafa..bd920a9151 100644 --- a/app/assets/javascripts/admin/users/components/actions/delete_with_contributions.vue +++ b/app/assets/javascripts/admin/users/components/actions/delete_with_contributions.vue @@ -14,7 +14,7 @@ export default { type: Object, required: true, }, - oncallSchedules: { + userDeletionObstacles: { type: Array, required: false, default: () => [], @@ -29,7 +29,7 @@ export default { :username="username" :paths="paths" :delete-path="paths.deleteWithContributions" - :oncall-schedules="oncallSchedules" + :user-deletion-obstacles="userDeletionObstacles" > diff --git a/app/assets/javascripts/admin/users/components/actions/shared/shared_delete_action.vue b/app/assets/javascripts/admin/users/components/actions/shared/shared_delete_action.vue index a1589c9d46..c9f29b55db 100644 --- a/app/assets/javascripts/admin/users/components/actions/shared/shared_delete_action.vue +++ b/app/assets/javascripts/admin/users/components/actions/shared/shared_delete_action.vue @@ -22,7 +22,7 @@ export default { type: String, required: true, }, - oncallSchedules: { + userDeletionObstacles: { type: Array, required: true, }, @@ -34,7 +34,7 @@ export default { 'data-delete-user-url': this.deletePath, 'data-gl-modal-action': this.modalType, 'data-username': this.username, - 'data-oncall-schedules': JSON.stringify(this.oncallSchedules), + 'data-user-deletion-obstacles': JSON.stringify(this.userDeletionObstacles), }; }, }, diff --git a/app/assets/javascripts/admin/users/components/modals/delete_user_modal.vue b/app/assets/javascripts/admin/users/components/modals/delete_user_modal.vue index 413163c853..ed90343777 100644 --- a/app/assets/javascripts/admin/users/components/modals/delete_user_modal.vue +++ b/app/assets/javascripts/admin/users/components/modals/delete_user_modal.vue @@ -2,7 +2,7 @@ import { GlModal, GlButton, GlFormInput, GlSprintf } from '@gitlab/ui'; import * as Sentry from '@sentry/browser'; import { s__, sprintf } from '~/locale'; -import OncallSchedulesList from '~/vue_shared/components/oncall_schedules_list.vue'; +import UserDeletionObstaclesList from '~/vue_shared/components/user_deletion_obstacles/user_deletion_obstacles_list.vue'; export default { components: { @@ -10,7 +10,7 @@ export default { GlButton, GlFormInput, GlSprintf, - OncallSchedulesList, + UserDeletionObstaclesList, }, props: { title: { @@ -45,7 +45,7 @@ export default { type: String, required: true, }, - oncallSchedules: { + userDeletionObstacles: { type: String, required: false, default: '[]', @@ -66,9 +66,9 @@ export default { canSubmit() { return this.enteredUsername === this.username; }, - schedules() { + obstacles() { try { - return JSON.parse(this.oncallSchedules); + return JSON.parse(this.userDeletionObstacles); } catch (e) { Sentry.captureException(e); } @@ -112,12 +112,16 @@ export default {

- +

diff --git a/app/assets/javascripts/admin/users/components/user_actions.vue b/app/assets/javascripts/admin/users/components/user_actions.vue index c076e0bedf..4f4e294734 100644 --- a/app/assets/javascripts/admin/users/components/user_actions.vue +++ b/app/assets/javascripts/admin/users/components/user_actions.vue @@ -9,6 +9,7 @@ import { } from '@gitlab/ui'; import { convertArrayToCamelCase } from '~/lib/utils/common_utils'; import { capitalizeFirstCharacter } from '~/lib/utils/text_utility'; +import { parseUserDeletionObstacles } from '~/vue_shared/components/user_deletion_obstacles/utils'; import { I18N_USER_ACTIONS } from '../constants'; import { generateUserPaths } from '../utils'; import Actions from './actions'; @@ -72,6 +73,9 @@ export default { href: this.userPaths.edit, }; }, + obstaclesForUserDeletion() { + return parseUserDeletionObstacles(this.user); + }, }, methods: { isLdapAction(action) { @@ -141,7 +145,7 @@ export default { :key="action" :paths="userPaths" :username="user.name" - :oncall-schedules="user.oncallSchedules" + :user-deletion-obstacles="obstaclesForUserDeletion" :data-testid="`delete-${action}`" > {{ $options.i18n[action] }} diff --git a/app/assets/javascripts/analytics/shared/components/projects_dropdown_filter.vue b/app/assets/javascripts/analytics/shared/components/projects_dropdown_filter.vue index a490111e13..0bdb45d35c 100644 --- a/app/assets/javascripts/analytics/shared/components/projects_dropdown_filter.vue +++ b/app/assets/javascripts/analytics/shared/components/projects_dropdown_filter.vue @@ -15,6 +15,8 @@ import { DEFAULT_DEBOUNCE_AND_THROTTLE_MS } from '~/lib/utils/constants'; import { n__, s__, __ } from '~/locale'; import getProjects from '../graphql/projects.query.graphql'; +const sortByProjectName = (projects = []) => projects.sort((a, b) => a.name.localeCompare(b.name)); + export default { name: 'ProjectsDropdownFilter', components: { @@ -88,6 +90,9 @@ export default { selectedProjectIds() { return this.selectedProjects.map((p) => p.id); }, + hasSelectedProjects() { + return Boolean(this.selectedProjects.length); + }, availableProjects() { return filterBySearchTerm(this.projects, this.searchTerm); }, @@ -95,6 +100,12 @@ export default { const { loading, availableProjects } = this; return !loading && !availableProjects.length; }, + selectedItems() { + return sortByProjectName(this.selectedProjects); + }, + unselectedItems() { + return this.availableProjects.filter(({ id }) => !this.selectedProjectIds.includes(id)); + }, }, watch: { searchTerm() { @@ -105,44 +116,53 @@ export default { this.search(); }, methods: { + handleUpdatedSelectedProjects() { + this.$emit('selected', this.selectedProjects); + }, search: debounce(function debouncedSearch() { this.fetchData(); }, DEFAULT_DEBOUNCE_AND_THROTTLE_MS), - getSelectedProjects(selectedProject, isMarking) { - return isMarking + getSelectedProjects(selectedProject, isSelected) { + return isSelected ? this.selectedProjects.concat([selectedProject]) : this.selectedProjects.filter((project) => project.id !== selectedProject.id); }, singleSelectedProject(selectedObj, isMarking) { return isMarking ? [selectedObj] : []; }, - setSelectedProjects(selectedObj, isMarking) { + setSelectedProjects(project) { this.selectedProjects = this.multiSelect - ? this.getSelectedProjects(selectedObj, isMarking) - : this.singleSelectedProject(selectedObj, isMarking); + ? this.getSelectedProjects(project, !this.isProjectSelected(project)) + : this.singleSelectedProject(project, !this.isProjectSelected(project)); }, - onClick({ project, isSelected }) { - this.setSelectedProjects(project, !isSelected); - this.$emit('selected', this.selectedProjects); + onClick(project) { + this.setSelectedProjects(project); + this.handleUpdatedSelectedProjects(); }, - onMultiSelectClick({ project, isSelected }) { - this.setSelectedProjects(project, !isSelected); + onMultiSelectClick(project) { + this.setSelectedProjects(project); this.isDirty = true; }, - onSelected(ev) { + onSelected(project) { if (this.multiSelect) { - this.onMultiSelectClick(ev); + this.onMultiSelectClick(project); } else { - this.onClick(ev); + this.onClick(project); } }, onHide() { if (this.multiSelect && this.isDirty) { - this.$emit('selected', this.selectedProjects); + this.handleUpdatedSelectedProjects(); } this.searchTerm = ''; this.isDirty = false; }, + onClearAll() { + if (this.hasSelectedProjects) { + this.isDirty = true; + } + this.selectedProjects = []; + }, fetchData() { this.loading = true; @@ -168,8 +188,8 @@ export default { this.projects = nodes; }); }, - isProjectSelected(id) { - return this.selectedProjects ? this.selectedProjectIds.includes(id) : false; + isProjectSelected(project) { + return this.selectedProjectIds.includes(project.id); }, getEntityId(project) { return getIdFromGraphQLId(project.id); @@ -182,6 +202,10 @@ export default { ref="projectsDropdown" class="dropdown dropdown-projects" toggle-class="gl-shadow-none" + :show-clear-all="hasSelectedProjects" + show-highlighted-items-title + highlighted-items-title-class="gl-p-3" + @clear-all.stop="onClearAll" @hide="onHide" > +
{ @@ -7,3 +8,64 @@ export const filterBySearchTerm = (data = [], searchTerm = '', filterByKey = 'na }; export const toYmd = (date) => dateFormat(date, dateFormats.isoDate); + +/** + * Takes a url and extracts query parameters used for the shared + * filter bar + * + * @param {string} url The URL to extract query parameters from + * @returns {Object} + */ +export const extractFilterQueryParameters = (url = '') => { + const { + source_branch_name = null, + target_branch_name = null, + author_username = null, + milestone_title = null, + assignee_username = [], + label_name = [], + } = urlQueryToFilter(url); + + return { + selectedSourceBranch: source_branch_name, + selectedTargetBranch: target_branch_name, + selectedAuthor: author_username, + selectedMilestone: milestone_title, + selectedAssigneeList: assignee_username, + selectedLabelList: label_name, + }; +}; + +/** + * Takes a url and extracts sorting and pagination query parameters into an object + * + * @param {string} url The URL to extract query parameters from + * @returns {Object} + */ +export const extractPaginationQueryParameters = (url = '') => { + const { sort, direction, page } = urlQueryToFilter(url); + return { + sort: sort?.value || null, + direction: direction?.value || null, + page: page?.value || null, + }; +}; + +export const getDataZoomOption = ({ + totalItems = 0, + maxItemsPerPage = 40, + dataZoom = [{ type: 'slider', bottom: 10, start: 0 }], +}) => { + if (totalItems <= maxItemsPerPage) { + return {}; + } + + const intervalEnd = Math.ceil((maxItemsPerPage / totalItems) * 100); + + return dataZoom.map((item) => { + return { + ...item, + end: intervalEnd, + }; + }); +}; diff --git a/app/assets/javascripts/api.js b/app/assets/javascripts/api.js index 01e463c196..adf3e122a6 100644 --- a/app/assets/javascripts/api.js +++ b/app/assets/javascripts/api.js @@ -499,10 +499,10 @@ const Api = { return axios.put(url, params); }, - applySuggestionBatch(ids) { + applySuggestionBatch(ids, message) { const url = Api.buildUrl(Api.applySuggestionBatchPath); - return axios.put(url, { ids }); + return axios.put(url, { ids, commit_message: message }); }, commitPipelines(projectId, sha) { diff --git a/app/assets/javascripts/api/bulk_imports_api.js b/app/assets/javascripts/api/bulk_imports_api.js new file mode 100644 index 0000000000..d636cfdff0 --- /dev/null +++ b/app/assets/javascripts/api/bulk_imports_api.js @@ -0,0 +1,7 @@ +import { buildApiUrl } from '~/api/api_utils'; +import axios from '~/lib/utils/axios_utils'; + +const BULK_IMPORT_ENTITIES_PATH = '/api/:version/bulk_imports/entities'; + +export const getBulkImportsHistory = (params) => + axios.get(buildApiUrl(BULK_IMPORT_ENTITIES_PATH), { params }); diff --git a/app/assets/javascripts/artifacts_settings/index.js b/app/assets/javascripts/artifacts_settings/index.js index 531b42bc18..5c9f1c3129 100644 --- a/app/assets/javascripts/artifacts_settings/index.js +++ b/app/assets/javascripts/artifacts_settings/index.js @@ -6,7 +6,7 @@ import createDefaultClient from '~/lib/graphql'; Vue.use(VueApollo); const apolloProvider = new VueApollo({ - defaultClient: createDefaultClient(), + defaultClient: createDefaultClient({}, { assumeImmutableResults: true }), }); export default (containerId = 'js-artifacts-settings-app') => { diff --git a/app/assets/javascripts/behaviors/markdown/nodes/emoji.js b/app/assets/javascripts/behaviors/markdown/nodes/emoji.js index 367a06ad3c..9d0890aa1b 100644 --- a/app/assets/javascripts/behaviors/markdown/nodes/emoji.js +++ b/app/assets/javascripts/behaviors/markdown/nodes/emoji.js @@ -26,6 +26,18 @@ export default class Emoji extends Node { moji: el.textContent, }), }, + { + tag: 'img.emoji', + getAttrs: (el) => { + const name = el.getAttribute('title').replace(/^:|:$/g, ''); + + return { + name, + title: name, + moji: name, + }; + }, + }, ], toDOM: (node) => [ 'gl-emoji', diff --git a/app/assets/javascripts/behaviors/markdown/nodes/image.js b/app/assets/javascripts/behaviors/markdown/nodes/image.js index ade5839d10..4cc28c4573 100644 --- a/app/assets/javascripts/behaviors/markdown/nodes/image.js +++ b/app/assets/javascripts/behaviors/markdown/nodes/image.js @@ -29,7 +29,7 @@ export default class Image extends BaseImage { }, // Matches HTML generated by Banzai::Filter::ImageLazyLoadFilter { - tag: 'img[src]', + tag: 'img[src]:not(.emoji)', getAttrs: (el) => { const imageSrc = el.src; const imageUrl = diff --git a/app/assets/javascripts/behaviors/preview_markdown.js b/app/assets/javascripts/behaviors/preview_markdown.js index a1911585f8..a548b28314 100644 --- a/app/assets/javascripts/behaviors/preview_markdown.js +++ b/app/assets/javascripts/behaviors/preview_markdown.js @@ -81,7 +81,7 @@ MarkdownPreview.prototype.fetchMarkdownPreview = function (text, url, success) { }) .catch(() => createFlash({ - message: __('An error occurred while fetching markdown preview'), + message: __('An error occurred while fetching Markdown preview'), }), ); }; diff --git a/app/assets/javascripts/behaviors/requires_input.js b/app/assets/javascripts/behaviors/requires_input.js index b1227fb353..5990503525 100644 --- a/app/assets/javascripts/behaviors/requires_input.js +++ b/app/assets/javascripts/behaviors/requires_input.js @@ -38,23 +38,9 @@ $.fn.requiresInput = function requiresInput() { $form.on('change input', fieldSelector, requireInput); }; -// Hide or Show the help block when creating a new project -// based on the option selected -function hideOrShowHelpBlock(form) { - const selected = $('.js-select-namespace option:selected'); - if (selected.length && selected.data('optionsParent') === 'groups') { - form.find('.form-text.text-muted').hide(); - } else if (selected.length) { - form.find('.form-text.text-muted').show(); - } -} - $(() => { $('form.js-requires-input').each((i, el) => { const $form = $(el); - $form.requiresInput(); - hideOrShowHelpBlock($form); - $('.select2.js-select-namespace').change(() => hideOrShowHelpBlock($form)); }); }); diff --git a/app/assets/javascripts/behaviors/shortcuts/keybindings.js b/app/assets/javascripts/behaviors/shortcuts/keybindings.js index ebf2ab0381..b27dccabdf 100644 --- a/app/assets/javascripts/behaviors/shortcuts/keybindings.js +++ b/app/assets/javascripts/behaviors/shortcuts/keybindings.js @@ -306,6 +306,12 @@ export const GO_TO_PROJECT_WIKI = { defaultKeys: ['g w'], // eslint-disable-line @gitlab/require-i18n-strings }; +export const GO_TO_PROJECT_WEBIDE = { + id: 'project.goToWebIDE', + description: __('Open in Web IDE'), + defaultKeys: ['.'], +}; + export const PROJECT_FILES_MOVE_SELECTION_UP = { id: 'projectFiles.moveSelectionUp', description: __('Move selection up'), @@ -549,6 +555,7 @@ export const PROJECT_SHORTCUTS_GROUP = { GO_TO_PROJECT_KUBERNETES, GO_TO_PROJECT_SNIPPETS, GO_TO_PROJECT_WIKI, + GO_TO_PROJECT_WEBIDE, ], }; diff --git a/app/assets/javascripts/behaviors/shortcuts/shortcuts_navigation.js b/app/assets/javascripts/behaviors/shortcuts/shortcuts_navigation.js index b188d3b0ec..7d8e4dd490 100644 --- a/app/assets/javascripts/behaviors/shortcuts/shortcuts_navigation.js +++ b/app/assets/javascripts/behaviors/shortcuts/shortcuts_navigation.js @@ -1,4 +1,5 @@ import Mousetrap from 'mousetrap'; +import { visitUrl, constructWebIDEPath } from '~/lib/utils/url_utility'; import findAndFollowLink from '../../lib/utils/navigation_utility'; import { keysFor, @@ -18,6 +19,7 @@ import { GO_TO_PROJECT_KUBERNETES, GO_TO_PROJECT_ENVIRONMENTS, GO_TO_PROJECT_METRICS, + GO_TO_PROJECT_WEBIDE, NEW_ISSUE, } from './keybindings'; import Shortcuts from './shortcuts'; @@ -58,6 +60,18 @@ export default class ShortcutsNavigation extends Shortcuts { findAndFollowLink('.shortcuts-environments'), ); Mousetrap.bind(keysFor(GO_TO_PROJECT_METRICS), () => findAndFollowLink('.shortcuts-metrics')); + Mousetrap.bind(keysFor(GO_TO_PROJECT_WEBIDE), ShortcutsNavigation.navigateToWebIDE); Mousetrap.bind(keysFor(NEW_ISSUE), () => findAndFollowLink('.shortcuts-new-issue')); } + + static navigateToWebIDE() { + const path = constructWebIDEPath({ + sourceProjectFullPath: window.gl.mrWidgetData?.source_project_full_path, + targetProjectFullPath: window.gl.mrWidgetData?.target_project_full_path, + iid: window.gl.mrWidgetData?.iid, + }); + if (path) { + visitUrl(path); + } + } } diff --git a/app/assets/javascripts/blob/components/blob_content.vue b/app/assets/javascripts/blob/components/blob_content.vue index 1a74675100..213e026c41 100644 --- a/app/assets/javascripts/blob/components/blob_content.vue +++ b/app/assets/javascripts/blob/components/blob_content.vue @@ -41,6 +41,11 @@ export default { type: Object, required: true, }, + hideLineNumbers: { + type: Boolean, + required: false, + default: false, + }, }, computed: { viewer() { @@ -80,6 +85,7 @@ export default { :is-raw-content="isRawContent" :file-name="blob.name" :type="activeViewer.fileType" + :hide-line-numbers="hideLineNumbers" data-qa-selector="file_content" /> diff --git a/app/assets/javascripts/blob/file_template_mediator.js b/app/assets/javascripts/blob/file_template_mediator.js index 136457c115..991f98c89e 100644 --- a/app/assets/javascripts/blob/file_template_mediator.js +++ b/app/assets/javascripts/blob/file_template_mediator.js @@ -247,7 +247,11 @@ export default class FileTemplateMediator { } setFilename(name) { - this.$filenameInput.val(name).trigger('change'); + const input = this.$filenameInput.get(0); + if (name !== undefined && input.value !== name) { + input.value = name; + input.dispatchEvent(new Event('change')); + } } getSelected() { diff --git a/app/assets/javascripts/boards/boards_util.js b/app/assets/javascripts/boards/boards_util.js index d113a1d39d..c10241d00d 100644 --- a/app/assets/javascripts/boards/boards_util.js +++ b/app/assets/javascripts/boards/boards_util.js @@ -43,7 +43,9 @@ export function formatListIssues(listIssues) { let sortedIssues = list.issues.edges.map((issueNode) => ({ ...issueNode.node, })); - sortedIssues = sortBy(sortedIssues, 'relativePosition'); + if (list.listType !== ListType.closed) { + sortedIssues = sortBy(sortedIssues, 'relativePosition'); + } return { ...map, @@ -146,7 +148,8 @@ export function getMoveData(state, params) { } export function moveItemListHelper(item, fromList, toList) { - const updatedItem = item; + const updatedItem = cloneDeep(item); + if ( toList.listType === ListType.label && !updatedItem.labels.find((label) => label.id === toList.label.id) diff --git a/app/assets/javascripts/boards/components/board_add_new_column.vue b/app/assets/javascripts/boards/components/board_add_new_column.vue index 22ad619e76..c5411ec313 100644 --- a/app/assets/javascripts/boards/components/board_add_new_column.vue +++ b/app/assets/javascripts/boards/components/board_add_new_column.vue @@ -52,6 +52,8 @@ export default { }, setSelectedItem(selectedId) { + this.selectedId = selectedId; + const label = this.labels.find(({ id }) => id === selectedId); if (!selectedId || !label) { this.selectedLabel = null; @@ -87,8 +89,8 @@ export default { diff --git a/app/assets/javascripts/cycle_analytics/components/filter_bar.vue b/app/assets/javascripts/cycle_analytics/components/filter_bar.vue index 5140b05e18..016fea354f 100644 --- a/app/assets/javascripts/cycle_analytics/components/filter_bar.vue +++ b/app/assets/javascripts/cycle_analytics/components/filter_bar.vue @@ -79,7 +79,6 @@ export default { title: __('Assignees'), type: 'assignees', token: AuthorToken, - defaultAuthors: [], initialAuthors: this.assigneesData, unique: false, operators: OPERATOR_IS_ONLY, diff --git a/app/assets/javascripts/cycle_analytics/components/stage_table.vue b/app/assets/javascripts/cycle_analytics/components/stage_table.vue index 8a2667a4ab..fc4dfafb80 100644 --- a/app/assets/javascripts/cycle_analytics/components/stage_table.vue +++ b/app/assets/javascripts/cycle_analytics/components/stage_table.vue @@ -194,6 +194,9 @@ export default { > + diff --git a/app/assets/javascripts/jobs/components/log/log.vue b/app/assets/javascripts/jobs/components/log/log.vue index 0134e5dafe..ef95d79b8a 100644 --- a/app/assets/javascripts/jobs/components/log/log.vue +++ b/app/assets/javascripts/jobs/components/log/log.vue @@ -10,10 +10,10 @@ export default { }, computed: { ...mapState([ - 'traceEndpoint', - 'trace', - 'isTraceComplete', - 'isScrolledToBottomBeforeReceivingTrace', + 'jobLogEndpoint', + 'jobLog', + 'isJobLogComplete', + 'isScrolledToBottomBeforeReceivingJobLog', ]), }, updated() { @@ -39,7 +39,7 @@ export default { * In order to scroll the page down after `v-html` has finished, we need to use setTimeout */ handleScrollDown() { - if (this.isScrolledToBottomBeforeReceivingTrace) { + if (this.isScrolledToBottomBeforeReceivingJobLog) { setTimeout(() => { this.scrollBottom(); }, 0); @@ -50,18 +50,18 @@ export default {