Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
0a2b4d2e
Commit
0a2b4d2e
authored
Jan 22, 2018
by
GitLab Bot
Browse files
Options
Browse Files
Download
Plain Diff
Merge remote-tracking branch 'upstream/master' into ce-to-ee-2018-01-22
parents
5a0eec8c
68cc9ea2
Changes
12
Show whitespace changes
Inline
Side-by-side
Showing
12 changed files
with
98 additions
and
8 deletions
+98
-8
.gitlab-ci.yml
.gitlab-ci.yml
+16
-3
app/assets/stylesheets/framework/layout.scss
app/assets/stylesheets/framework/layout.scss
+7
-1
app/helpers/application_settings_helper.rb
app/helpers/application_settings_helper.rb
+1
-0
app/models/project.rb
app/models/project.rb
+1
-1
changelogs/unreleased/41814-text-decoration-skip.yml
changelogs/unreleased/41814-text-decoration-skip.yml
+5
-0
changelogs/unreleased/42206-permit-password-for-git-param.yml
...gelogs/unreleased/42206-permit-password-for-git-param.yml
+5
-0
changelogs/unreleased/42231-protected-branches-api-route-returns-404-for-branches-with-dots.yml
...branches-api-route-returns-404-for-branches-with-dots.yml
+5
-0
lib/api/protected_branches.rb
lib/api/protected_branches.rb
+1
-1
lib/gitlab/git/repository.rb
lib/gitlab/git/repository.rb
+4
-0
spec/controllers/admin/application_settings_controller_spec.rb
...controllers/admin/application_settings_controller_spec.rb
+7
-0
spec/requests/api/protected_branches_spec.rb
spec/requests/api/protected_branches_spec.rb
+6
-0
vendor/gitlab-ci-yml/Auto-DevOps.gitlab-ci.yml
vendor/gitlab-ci-yml/Auto-DevOps.gitlab-ci.yml
+40
-2
No files found.
.gitlab-ci.yml
View file @
0a2b4d2e
...
@@ -313,7 +313,7 @@ flaky-examples-check:
...
@@ -313,7 +313,7 @@ flaky-examples-check:
-
scripts/merge-reports ${NEW_FLAKY_SPECS_REPORT} rspec_flaky/new_*_*.json
-
scripts/merge-reports ${NEW_FLAKY_SPECS_REPORT} rspec_flaky/new_*_*.json
-
scripts/detect-new-flaky-examples $NEW_FLAKY_SPECS_REPORT
-
scripts/detect-new-flaky-examples $NEW_FLAKY_SPECS_REPORT
setup-test-env
:
compile-assets
:
<<
:
*dedicated-runner
<<
:
*dedicated-runner
<<
:
*except-docs
<<
:
*except-docs
<<
:
*use-pg
<<
:
*use-pg
...
@@ -324,13 +324,25 @@ setup-test-env:
...
@@ -324,13 +324,25 @@ setup-test-env:
-
node --version
-
node --version
-
yarn install --frozen-lockfile --cache-folder .yarn-cache
-
yarn install --frozen-lockfile --cache-folder .yarn-cache
-
bundle exec rake gitlab:assets:compile
-
bundle exec rake gitlab:assets:compile
-
bundle exec ruby -Ispec -e 'require "spec_helper" ; TestEnv.init'
-
scripts/gitaly-test-build
# Do not use 'bundle exec' here
artifacts
:
artifacts
:
expire_in
:
7d
expire_in
:
7d
paths
:
paths
:
-
node_modules
-
node_modules
-
public/assets
-
public/assets
setup-test-env
:
<<
:
*dedicated-runner
<<
:
*except-docs
<<
:
*use-pg
stage
:
prepare
cache
:
<<
:
*default-cache
script
:
-
bundle exec ruby -Ispec -e 'require "spec_helper" ; TestEnv.init'
-
scripts/gitaly-test-build
# Do not use 'bundle exec' here
artifacts
:
expire_in
:
7d
paths
:
-
tmp/tests
-
tmp/tests
rspec-pg geo
:
*rspec-metadata-pg-geo
rspec-pg geo
:
*rspec-metadata-pg-geo
...
@@ -689,6 +701,7 @@ lint:javascript:report:
...
@@ -689,6 +701,7 @@ lint:javascript:report:
<<
:
*pull-cache
<<
:
*pull-cache
stage
:
post-test
stage
:
post-test
dependencies
:
dependencies
:
-
compile-assets
-
setup-test-env
-
setup-test-env
before_script
:
[]
before_script
:
[]
script
:
script
:
...
...
app/assets/stylesheets/framework/layout.scss
View file @
0a2b4d2e
html
{
html
{
overflow-y
:
scroll
;
overflow-y
:
scroll
;
&
.touch
.tooltip
{
display
:
none
!
important
;
}
&
.touch
.tooltip
{
display
:
none
!
important
;
}
}
}
body
{
body
{
// Improves readability for dyslexic users; supported only in Chrome/Safari so far
// scss-lint:disable PropertySpelling
text-decoration-skip
:
ink
;
// scss-lint:enable PropertySpelling
&
.navless
{
&
.navless
{
background-color
:
$white-light
!
important
;
background-color
:
$white-light
!
important
;
}
}
...
...
app/helpers/application_settings_helper.rb
View file @
0a2b4d2e
...
@@ -202,6 +202,7 @@ module ApplicationSettingsHelper
...
@@ -202,6 +202,7 @@ module ApplicationSettingsHelper
:metrics_sample_interval
,
:metrics_sample_interval
,
:metrics_timeout
,
:metrics_timeout
,
:password_authentication_enabled_for_web
,
:password_authentication_enabled_for_web
,
:password_authentication_enabled_for_git
,
:performance_bar_allowed_group_id
,
:performance_bar_allowed_group_id
,
:performance_bar_enabled
,
:performance_bar_enabled
,
:plantuml_enabled
,
:plantuml_enabled
,
...
...
app/models/project.rb
View file @
0a2b4d2e
...
@@ -1449,7 +1449,7 @@ class Project < ActiveRecord::Base
...
@@ -1449,7 +1449,7 @@ class Project < ActiveRecord::Base
# We'd need to keep track of project full path otherwise directory tree
# We'd need to keep track of project full path otherwise directory tree
# created with hashed storage enabled cannot be usefully imported using
# created with hashed storage enabled cannot be usefully imported using
# the import rake task.
# the import rake task.
repository
.
r
ugged
.
config
[
'gitlab.fullpath'
]
=
gl_full_path
repository
.
r
aw_repository
.
write_config
(
full_path:
gl_full_path
)
rescue
Gitlab
::
Git
::
Repository
::
NoRepository
=>
e
rescue
Gitlab
::
Git
::
Repository
::
NoRepository
=>
e
Rails
.
logger
.
error
(
"Error writing to .git/config for project
#{
full_path
}
(
#{
id
}
):
#{
e
.
message
}
."
)
Rails
.
logger
.
error
(
"Error writing to .git/config for project
#{
full_path
}
(
#{
id
}
):
#{
e
.
message
}
."
)
nil
nil
...
...
changelogs/unreleased/41814-text-decoration-skip.yml
0 → 100644
View file @
0a2b4d2e
---
title
:
Improve readability of underlined links for dyslexic users
merge_request
:
author
:
type
:
other
changelogs/unreleased/42206-permit-password-for-git-param.yml
0 → 100644
View file @
0a2b4d2e
---
title
:
Permits 'password_authentication_enabled_for_git' parameter for ApplicationSettingsController
merge_request
:
author
:
type
:
fixed
changelogs/unreleased/42231-protected-branches-api-route-returns-404-for-branches-with-dots.yml
0 → 100644
View file @
0a2b4d2e
---
title
:
Fix protected branches API to accept name parameter with dot
merge_request
:
author
:
type
:
fixed
lib/api/protected_branches.rb
View file @
0a2b4d2e
...
@@ -2,7 +2,7 @@ module API
...
@@ -2,7 +2,7 @@ module API
class
ProtectedBranches
<
Grape
::
API
class
ProtectedBranches
<
Grape
::
API
include
PaginationParams
include
PaginationParams
BRANCH_ENDPOINT_REQUIREMENTS
=
API
::
PROJECT_ENDPOINT_REQUIREMENTS
.
merge
(
branch
:
API
::
NO_SLASH_URL_PART_REGEX
)
BRANCH_ENDPOINT_REQUIREMENTS
=
API
::
PROJECT_ENDPOINT_REQUIREMENTS
.
merge
(
name
:
API
::
NO_SLASH_URL_PART_REGEX
)
before
{
authorize_admin_project
}
before
{
authorize_admin_project
}
...
...
lib/gitlab/git/repository.rb
View file @
0a2b4d2e
...
@@ -1311,6 +1311,10 @@ module Gitlab
...
@@ -1311,6 +1311,10 @@ module Gitlab
end
end
# rubocop:enable Metrics/ParameterLists
# rubocop:enable Metrics/ParameterLists
def
write_config
(
full_path
:)
rugged
.
config
[
'gitlab.fullpath'
]
=
full_path
if
full_path
.
present?
end
def
gitaly_repository
def
gitaly_repository
Gitlab
::
GitalyClient
::
Util
.
repository
(
@storage
,
@relative_path
,
@gl_repository
)
Gitlab
::
GitalyClient
::
Util
.
repository
(
@storage
,
@relative_path
,
@gl_repository
)
end
end
...
...
spec/controllers/admin/application_settings_controller_spec.rb
View file @
0a2b4d2e
...
@@ -51,6 +51,13 @@ describe Admin::ApplicationSettingsController do
...
@@ -51,6 +51,13 @@ describe Admin::ApplicationSettingsController do
sign_in
(
admin
)
sign_in
(
admin
)
end
end
it
'updates the password_authentication_enabled_for_git setting'
do
put
:update
,
application_setting:
{
password_authentication_enabled_for_git:
"0"
}
expect
(
response
).
to
redirect_to
(
admin_application_settings_path
)
expect
(
ApplicationSetting
.
current
.
password_authentication_enabled_for_git
).
to
eq
(
false
)
end
it
'updates the default_project_visibility for string value'
do
it
'updates the default_project_visibility for string value'
do
put
:update
,
application_setting:
{
default_project_visibility:
"20"
}
put
:update
,
application_setting:
{
default_project_visibility:
"20"
}
...
...
spec/requests/api/protected_branches_spec.rb
View file @
0a2b4d2e
...
@@ -101,6 +101,12 @@ describe API::ProtectedBranches do
...
@@ -101,6 +101,12 @@ describe API::ProtectedBranches do
it_behaves_like
'protected branch'
it_behaves_like
'protected branch'
end
end
context
'when protected branch contains a period'
do
let
(
:protected_name
)
{
'my.feature'
}
it_behaves_like
'protected branch'
end
end
end
context
'when authenticated as a guest'
do
context
'when authenticated as a guest'
do
...
...
vendor/gitlab-ci-yml/Auto-DevOps.gitlab-ci.yml
View file @
0a2b4d2e
...
@@ -42,6 +42,7 @@ stages:
...
@@ -42,6 +42,7 @@ stages:
-
build
-
build
-
test
-
test
-
review
-
review
-
dast
-
staging
-
staging
-
canary
-
canary
-
production
-
production
...
@@ -130,6 +131,23 @@ sast:container:
...
@@ -130,6 +131,23 @@ sast:container:
artifacts
:
artifacts
:
paths
:
[
gl-sast-container-report.json
]
paths
:
[
gl-sast-container-report.json
]
dast
:
stage
:
dast
allow_failure
:
true
image
:
owasp/zap2docker-stable
variables
:
POSTGRES_DB
:
"
false"
script
:
-
dast
artifacts
:
paths
:
[
gl-dast-report.json
]
only
:
refs
:
-
branches
kubernetes
:
active
except
:
-
master
review
:
review
:
stage
:
review
stage
:
review
script
:
script
:
...
@@ -270,8 +288,8 @@ production:
...
@@ -270,8 +288,8 @@ production:
docker run -p 6060:6060 --link db:postgres -d --name clair arminc/clair-local-scan:v2.0.1
docker run -p 6060:6060 --link db:postgres -d --name clair arminc/clair-local-scan:v2.0.1
apk add -U wget ca-certificates
apk add -U wget ca-certificates
docker pull ${CI_APPLICATION_REPOSITORY}:${CI_APPLICATION_TAG}
docker pull ${CI_APPLICATION_REPOSITORY}:${CI_APPLICATION_TAG}
wget https://github.com/arminc/clair-scanner/releases/download/v
6/clair-scanner_linux_386
wget https://github.com/arminc/clair-scanner/releases/download/v
8/clair-scanner_linux_amd64
mv clair-scanner_linux_
386
clair-scanner
mv clair-scanner_linux_
amd64
clair-scanner
chmod +x clair-scanner
chmod +x clair-scanner
touch clair-whitelist.yml
touch clair-whitelist.yml
./clair-scanner -c http://docker:6060 --ip $(hostname -i) -r gl-sast-container-report.json -l clair.log -w clair-whitelist.yml ${CI_APPLICATION_REPOSITORY}:${CI_APPLICATION_TAG} || true
./clair-scanner -c http://docker:6060 --ip $(hostname -i) -r gl-sast-container-report.json -l clair.log -w clair-whitelist.yml ${CI_APPLICATION_REPOSITORY}:${CI_APPLICATION_TAG} || true
...
@@ -327,6 +345,12 @@ production:
...
@@ -327,6 +345,12 @@ production:
replicas="$new_replicas"
replicas="$new_replicas"
fi
fi
if [[ "$CI_PROJECT_VISIBILITY" != "public" ]]; then
secret_name='gitlab-registry'
else
secret_name=''
fi
helm upgrade --install \
helm upgrade --install \
--wait \
--wait \
--set service.enabled="$service_enabled" \
--set service.enabled="$service_enabled" \
...
@@ -334,6 +358,7 @@ production:
...
@@ -334,6 +358,7 @@ production:
--set image.repository="$CI_APPLICATION_REPOSITORY" \
--set image.repository="$CI_APPLICATION_REPOSITORY" \
--set image.tag="$CI_APPLICATION_TAG" \
--set image.tag="$CI_APPLICATION_TAG" \
--set image.pullPolicy=IfNotPresent \
--set image.pullPolicy=IfNotPresent \
--set image.secrets[0].name="$secret_name" \
--set application.track="$track" \
--set application.track="$track" \
--set application.database_url="$DATABASE_URL" \
--set application.database_url="$DATABASE_URL" \
--set service.url="$CI_ENVIRONMENT_URL" \
--set service.url="$CI_ENVIRONMENT_URL" \
...
@@ -462,6 +487,11 @@ production:
...
@@ -462,6 +487,11 @@ production:
}
}
function create_secret() {
function create_secret() {
echo "Create secret..."
if [[ "$CI_PROJECT_VISIBILITY" == "public" ]]; then
return
fi
kubectl create secret -n "$KUBE_NAMESPACE" \
kubectl create secret -n "$KUBE_NAMESPACE" \
docker-registry gitlab-registry \
docker-registry gitlab-registry \
--docker-server="$CI_REGISTRY" \
--docker-server="$CI_REGISTRY" \
...
@@ -471,6 +501,14 @@ production:
...
@@ -471,6 +501,14 @@ production:
-o yaml --dry-run | kubectl replace -n "$KUBE_NAMESPACE" --force -f -
-o yaml --dry-run | kubectl replace -n "$KUBE_NAMESPACE" --force -f -
}
}
function dast() {
export CI_ENVIRONMENT_URL=$(cat environment_url.txt)
mkdir /zap/wrk/
/zap/zap-baseline.py -J gl-dast-report.json -t "$CI_ENVIRONMENT_URL" || true
cp /zap/wrk/gl-dast-report.json .
}
function performance() {
function performance() {
export CI_ENVIRONMENT_URL=$(cat environment_url.txt)
export CI_ENVIRONMENT_URL=$(cat environment_url.txt)
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment