Merge branch 'ce-to-ee-2018-09-21' into 'master'

CE upstream - 2018-09-21 12:16 UTC

Closes #5325

See merge request gitlab-org/gitlab-ee!7451

CHANGELOG.md

@@ -4,13 +4,12 @@ entry.
 
 ## 11.3.0 (2018-09-22)
 
-### Security (6 changes, 1 of them is from the community)
+### Security (5 changes, 1 of them is from the community)
 
 - Disable the Sidekiq Admin Rack session. !21441
 - Set issuable_sort, diff_view, and perf_bar_enabled cookies to secure when possible. !21442
 - Update rubyzip to 1.2.2 (CVE-2018-1000544). !21460 (Takuya Noguchi)
 - Fixed persistent XSS rendering/escaping of diff location lines.
-- Adding CSRF protection to Hooks resend action.
 - Block link-local addresses in URLBlocker.
 
 ### Removed (1 change)
@@ -90,18 +89,18 @@ entry.
 - Fix absent Click to Expand link on diffs not rendered on first load of Merge Requests Changes tab. !21716
 - Update GitLab Shell to v8.3.3. !21750
 - Fix import error when archive does not have the correct extension. !21765
-- Fix checkboxes on runner admin settings - The labels are now clickable.
 - Fixed IDE deleting new files creating wrong state.
-- Increase width of checkout branch modal box.
+- Does not collapse runners section when using pagination.
 - Fix Emojis cutting in the right way. (Alexander Popov)
 - Fix NamespaceUploader.base_dir for remote uploads.
+- Increase width of checkout branch modal box.
 - Fixes SVGs for empty states in job page overflowing on mobile.
-- Fix: Project deletion may not log audit events during user deletion.
-- Does not collapse runners section when using pagination.
+- Fix checkboxes on runner admin settings - The labels are now clickable.
 - Fixed IDE file row scrolling into view when hovering.
 - Accept upload files in public/uplaods/tmp when using accelerated uploads.
-- Increase padding in code blocks.
 - Include correct CSS file for xterm in environments page.
+- Increase padding in code blocks.
+- Fix: Project deletion may not log audit events during user deletion.
 
 ### Changed (32 changes, 5 of them are from the community)
 
@@ -133,8 +132,8 @@ entry.
 - Improved commit panel in Web IDE. !21471
 - Administrative cleanup rake tasks now leverage Gitaly. !21588
 - Remove health check feature flag in BackgroundMigrationWorker.
-- Improved styling of top bar in IDE job trace pane.
 - Expose user's id in /admin/users/ show page. (Eva Kadlecova)
+- Improved styling of top bar in IDE job trace pane.
 - Make terminal button more visible.
 - Shows download artifacts button for pipelines on small screens.
 
@@ -195,8 +194,8 @@ entry.
 - Added file templates to the Web IDE.
 - Enabled multiple file uploads in the Web IDE.
 - Allow to delete group milestones.
-- Add system note when due date is changed. (Eva Kadlecova)
 - Use separate model for tracking resource label changes and render label system notes based on data from this model.
+- Add system note when due date is changed. (Eva Kadlecova)
 
 ### Other (48 changes, 16 of them are from the community)
 
@@ -236,18 +235,18 @@ entry.
 - Add margin between username and subsequent text in issuable header. !21697
 - Send artifact information in job API. !50460
 - Reduce differences between CE and EE code base in reports components.
-- Creates Vue component for artifacts block on job page.
-- Creates vue components for stage dropdowns and job list container for job log view.
-- Creates vue component for commit block in job log page.
-- Creates empty state vue component for job view.
-- Creates vue component for environments information in job log view.
-- Creates vue component for erased block on job view.
-- Creates vue component for job log trace.
-- Creates Vvue component for warning block about stuck runners.
 - Move project services log to a separate file.
-- Upgrade Monaco editor.
-- Creates Vue component for trigger variables block in job log page.
 - Creates vue component for job log top bar with controllers.
+- Creates Vue component for trigger variables block in job log page.
+- Creates Vvue component for warning block about stuck runners.
+- Creates vue component for job log trace.
+- Creates vue component for erased block on job view.
+- Creates vue component for environments information in job log view.
+- Upgrade Monaco editor.
+- Creates empty state vue component for job view.
+- Creates vue component for commit block in job log page.
+- Creates vue components for stage dropdowns and job list container for job log view.
+- Creates Vue component for artifacts block on job page.
 
 
 ## 11.2.3 (2018-08-28)
@@ -279,15 +278,13 @@ entry.
 
 ## 11.2.0 (2018-08-22)
 
-### Security (7 changes)
+### Security (5 changes)
 
 - Bump Gitaly to 0.117.1 for Rouge update. !21277
 - Fix symlink vulnerability in project import.
 - Bump rugged to 0.27.4 for security fixes.
 - Fixed XSS in branch name in Web IDE.
 - Adding CSRF protection to Hooks test action.
-- Don't expose project names in GitHub counters.
-- Don't expose project names in various counters.
 
 ### Removed (1 change)
 
@@ -527,8 +524,6 @@ entry.
 
 ## 11.1.5 (2018-08-27)
 
-- No changes.
-
 ### Security (3 changes)
 
 - Fixed persistent XSS rendering/escaping of diff location lines.
@@ -1457,11 +1452,11 @@ entry.
 - Fix specifying a non-default ref when requesting an archive using the legacy URL. !18468
 - Respect visibility options and description when importing project from template. !18473
 - Removes 'No Job log' message from build trace. !18523
+- Align action icons in pipeline graph.
 - Fix direct_upload when records with null file_store are used.
 - Removed alert box in IDE when redirecting to new merge request.
 - Fixed IDE not loading for sub groups.
 - Fixed IDE not showing loading state when tree is loading.
-- Align action icons in pipeline graph.
 
 ### Performance (4 changes)
 

VERSION

-11.3.0-pre
+11.4.0-pre

app/assets/stylesheets/framework/lists.scss

@@ -111,6 +111,7 @@ ul.content-list {
     border-color: $white-normal;
     font-size: $gl-font-size;
     color: $gl-text-color;
+    word-break: break-word;
 
     &.no-description {
       .title {

app/models/project_services/chat_message/merge_message.rb

@@ -28,7 +28,7 @@ module ChatMessage
 
     def activity
       {
-        title: "Merge Request #{state} by #{user_combined_name}",
+        title: "Merge Request #{state_or_action_text} by #{user_combined_name}",
         subtitle: "in #{project_link}",
         text: merge_request_link,
         image: user_avatar

app/views/doorkeeper/applications/index.html.haml

@@ -16,6 +16,9 @@
         = _('Add new application')
       = render 'form', application: @application
       %hr
+    - else
+      .bs-callout.bs-callout-disabled
+        = _('Adding new applications is disabled in your GitLab instance. Please contact your GitLab administrator to get the permission')
     - if user_oauth_applications?
       .oauth-applications
         %h5

changelogs/unreleased/41040-long-webhook-url-problem.yml

+---
+title: Fix long webhook URL overflow for custom integration.
+merge_request:
+author: Kukovskii Vladimir
+type: fixed

changelogs/unreleased/fix-chat-notification-service-for-ee.yml

+---
+title: Fix activity titles for MRs in chat notification services
+merge_request: 21834
+author:
+type: fixed

doc/administration/gitaly/index.md

@@ -101,6 +101,12 @@ documentation on configuring Gitaly
 authentication](https://gitlab.com/gitlab-org/gitaly/blob/master/doc/configuration/README.md#authentication)
 .
 
+Gitaly must trigger some callbacks to GitLab via GitLab Shell. As a result, 
+the GitLab Shell secret must be the same between the other GitLab servers and
+the Gitaly server. The easiest way to accomplish this is to copy `/etc/gitlab/gitlab-secrets.json`
+from an existing GitLab server to the Gitaly server. Without this shared secret,
+Git operations in GitLab will result in an API error. 
+
 > **NOTE:** In most or all cases the storage paths below end in `/repositories` which is 
 different than `path` in `git_data_dirs` of Omnibus installations. Check the
 directory layout on your Gitaly server to be sure.

doc/development/fe_guide/components.md

@@ -42,7 +42,7 @@ See also the [corresponding UX guide](../ux_guide/components.md#dropdowns).
 
 See also the [corresponding UX guide](../ux_guide/components.md#modals).
 
-We have a reusable Vue component for modals: [vue_shared/components/gl-modal.vue](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/app/assets/javascripts/vue_shared/components/gl-modal.vue)
+We have a reusable Vue component for modals: [vue_shared/components/gl_modal.vue](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/app/assets/javascripts/vue_shared/components/gl_modal.vue)
 
 Here is an example of how to use it:
 

locale/gitlab.pot

@@ -438,6 +438,9 @@ msgstr ""
 msgid "Add users to group"
 msgstr ""
 
+msgid "Adding new applications is disabled in your GitLab instance. Please contact your GitLab administrator to get the permission"
+msgstr ""
+
 msgid "Additional text"
 msgstr ""
 

spec/models/project_services/chat_message/merge_message_spec.rb

@@ -27,6 +27,23 @@ describe ChatMessage::MergeMessage do
     }
   end
 
+  # Integration point in EE
+  context 'when state is overridden' do
+    it 'respects the overridden state' do
+      allow(subject).to receive(:state_or_action_text) { 'devoured' }
+
+      aggregate_failures do
+        expect(subject.summary).not_to include('opened')
+        expect(subject.summary).to include('devoured')
+
+        activity_title = subject.activity[:title]
+
+        expect(activity_title).not_to include('opened')
+        expect(activity_title).to include('devoured')
+      end
+    end
+  end
+
   context 'without markdown' do
     let(:color) { '#345' }