Add latest changes from gitlab-org/gitlab@master

115c8ea7 · GitLab Bot · 27d91a62 · 115c8ea7 · 115c8ea7 · 115c8ea7
Commit 115c8ea7 authored Dec 10, 2019 by GitLab Bot
8 changed files
--- a/app/views/admin/dashboard/index.html.haml
+++ b/app/views/admin/dashboard/index.html.haml
@@ -46,7 +46,8 @@
            enabled: allow_signup?)
          = feature_entry(_('LDAP'),
-            enabled: Gitlab.config.ldap.enabled)
+            enabled: Gitlab.config.ldap.enabled,
+            doc_href: help_page_path('administration/auth/ldap'))
          = feature_entry(_('Gravatar'),
            href: admin_application_settings_path(anchor: 'js-account-settings'),
@@ -54,10 +55,12 @@
          = feature_entry(_('OmniAuth'),
            href: admin_application_settings_path(anchor: 'js-signin-settings'),
-            enabled: Gitlab::Auth.omniauth_enabled?)
+            enabled: Gitlab::Auth.omniauth_enabled?,
+            doc_href: help_page_path('integration/omniauth'))
          = feature_entry(_('Reply by email'),
-            enabled: Gitlab::IncomingEmail.enabled?)
+            enabled: Gitlab::IncomingEmail.enabled?,
+            doc_href: help_page_path('administration/reply_by_email'))
          = render_if_exists 'admin/dashboard/elastic_and_geo'

--- a/changelogs/unreleased/35368-add-doc-links-to-all-features-2.yml
+++ b/changelogs/unreleased/35368-add-doc-links-to-all-features-2.yml
+---
+title: Add doc links to features on admin dashboard
+merge_request: 21419
+author:
+type: changed
--- a/changelogs/unreleased/8248-remove-conan-feature-flag.yml
+++ b/changelogs/unreleased/8248-remove-conan-feature-flag.yml
+---
+title: Add support for Conan package management in the package registry
+merge_request: 21152
+author:
+type: added
--- a/doc/api/README.md
+++ b/doc/api/README.md
@@ -82,7 +82,7 @@ There are four ways to authenticate with the GitLab API:
 1. [OAuth2 tokens](#oauth2-tokens)
 1. [Personal access tokens](#personal-access-tokens)
 1. [Session cookie](#session-cookie)
-1. [GitLab CI job token](#gitlab-ci-job-token-premium) **(PREMIUM)**
+1. [GitLab CI job token](#gitlab-ci-job-token) **(Specific endpoints only)**
 For admins who want to authenticate with the API as a specific user, or who want to build applications or scripts that do so, two options are available:
@@ -152,13 +152,14 @@ The primary user of this authentication method is the web frontend of GitLab its
 which can use the API as the authenticated user to get a list of their projects,
 for example, without needing to explicitly pass an access token.
-### GitLab CI job token **(PREMIUM)**
+### GitLab CI job token
 With a few API endpoints you can use a [GitLab CI job token](../user/project/new_ci_build_permissions_model.md#job-token)
 to authenticate with the API:
 - [Get job artifacts](jobs.md#get-job-artifacts)
 - [Pipeline triggers](pipeline_triggers.md)
+- [Release creation](releases/index.md#create-a-release)
 ### Impersonation tokens

--- a/lib/api/api_guard.rb
+++ b/lib/api/api_guard.rb
@@ -63,7 +63,9 @@ module API
      end
      def find_user_from_sources
-        find_user_from_access_token || find_user_from_warden
+        find_user_from_access_token ||
+          find_user_from_job_token ||
+          find_user_from_warden
      end
      private

--- a/lib/gitlab/auth/user_auth_finders.rb
+++ b/lib/gitlab/auth/user_auth_finders.rb
@@ -24,6 +24,8 @@ module Gitlab
      PRIVATE_TOKEN_HEADER = 'HTTP_PRIVATE_TOKEN'
      PRIVATE_TOKEN_PARAM = :private_token
+      JOB_TOKEN_HEADER = "HTTP_JOB_TOKEN".freeze
+      JOB_TOKEN_PARAM = :job_token
      # Check the Rails session for valid authentication details
      def find_user_from_warden
@@ -50,6 +52,20 @@ module Gitlab
        User.find_by_feed_token(token) || raise(UnauthorizedError)
      end
+      def find_user_from_job_token
+        return unless route_authentication_setting[:job_token_allowed]
+        token = (params[JOB_TOKEN_PARAM] || env[JOB_TOKEN_HEADER]).to_s
+        return unless token.present?
+        job = ::Ci::Build.find_by_token(token)
+        raise ::Gitlab::Auth::UnauthorizedError unless job
+        @current_authenticated_job = job # rubocop:disable Gitlab/ModuleWithInstanceVariables
+        job.user
+      end
      # We only allow Private Access Tokens with `api` scope to be used by web
      # requests on RSS feeds or ICS files for backwards compatibility.
      # It is also used by GraphQL/API requests.

--- a/lib/gitlab/diff/highlight_cache.rb
+++ b/lib/gitlab/diff/highlight_cache.rb
@@ -3,6 +3,8 @@
 module Gitlab
  module Diff
    class HighlightCache
+      include Gitlab::Utils::StrongMemoize
      EXPIRATION = 1.week
      VERSION = 1
@@ -30,12 +32,11 @@ module Gitlab
      #   IO generated by N+1's (1 writing for each highlighted line or file).
      #
      def write_if_empty
-        return if uncached_files.empty?
+        return if cacheable_files.empty?
        new_cache_content = {}
-        uncached_files.each do |diff_file|
-          next unless cacheable?(diff_file)
+        cacheable_files.each do |diff_file|
          new_cache_content[diff_file.file_path] = diff_file.highlighted_diff_lines.map(&:to_hash)
        end
@@ -49,7 +50,9 @@ module Gitlab
      end
      def key
-        @redis_key ||= ['highlighted-diff-files', diffable.cache_key, VERSION, diff_options].join(":")
+        strong_memoize(:redis_key) do
+          ['highlighted-diff-files', diffable.cache_key, VERSION, diff_options].join(":")
+        end
      end
      private
@@ -60,13 +63,17 @@ module Gitlab
      # See https://gitlab.com/gitlab-org/gitlab/issues/38008
      #
      def deprecated_cache
-        @deprecated_cache ||= Gitlab::Diff::DeprecatedHighlightCache.new(@diff_collection)
+        strong_memoize(:deprecated_cache) do
+          Gitlab::Diff::DeprecatedHighlightCache.new(@diff_collection)
+        end
      end
-      def uncached_files
+      def cacheable_files
-        diff_files = @diff_collection.diff_files
+        strong_memoize(:cacheable_files) do
+          diff_files = @diff_collection.diff_files
-        diff_files.select { |file| read_cache[file.file_path].nil? }
+          diff_files.select { |file| cacheable?(file) && read_file(file).nil? }
+        end
      end
      # Given a hash of:
@@ -95,13 +102,20 @@ module Gitlab
          end
        end
+        # Subsequent read_file calls would need the latest cache.
+        #
+        clear_memoization(:cached_content)
+        clear_memoization(:cacheable_files)
        # Clean up any deprecated hash entries
        #
        deprecated_cache.clear
      end
      def file_paths
-        @file_paths ||= @diff_collection.diffs.collect(&:file_path)
+        strong_memoize(:file_paths) do
+          @diff_collection.diffs.collect(&:file_path)
+        end
      end
      def read_file(diff_file)
@@ -109,7 +123,7 @@ module Gitlab
      end
      def cached_content
-        @cached_content ||= read_cache
+        strong_memoize(:cached_content) { read_cache }
      end
      def read_cache

--- a/spec/lib/gitlab/diff/highlight_cache_spec.rb
+++ b/spec/lib/gitlab/diff/highlight_cache_spec.rb
@@ -72,13 +72,22 @@ describe Gitlab::Diff::HighlightCache, :clean_gitlab_redis_cache do
  describe '#write_if_empty' do
    it 'filters the key/value list of entries to be caches for each invocation' do
+      paths = merge_request.diffs.diff_files.select(&:text?).map(&:file_path)
      expect(cache).to receive(:write_to_redis_hash)
-        .once.with(hash_including(".gitignore")).and_call_original
+        .with(hash_including(*paths))
-      expect(cache).to receive(:write_to_redis_hash).once.with({}).and_call_original
+        .once
+        .and_call_original
      2.times { cache.write_if_empty }
    end
+    it 'reads from cache once' do
+      expect(cache).to receive(:read_cache).once.and_call_original
+      cache.write_if_empty
+    end
    context 'different diff_collections for the same diffable' do
      before do
        cache.write_if_empty