Commit 53b2a931 authored by Filipa Lacerda's avatar Filipa Lacerda

Merge branch 'master' into 4316-status-icon

* master:
  Fix route for Geo 'Repair authentication'
  Add docs for playing a CI pipeline schedule
  Adds logging to remove remote worker
  Update CHANGELOG.md for 10.4.0
  Update CHANGELOG-EE.md for 10.4.0-ee
  Copy k8s service integration info into clusters
  Add more info on how DAST works
  Adds ExclusiveLeaseGuard to RepositoryRemoveRemoteWorker and restores RemoteMirror#refresh_remote to after_save callback
  Moves ExclusiveLeaseGuard from EE to CE
  Moves remove_remote to a background job
  Update icon to match EE
  Merge branch 'master' into vue-mr-widget-state
  Move mr_widget_auto_merge_failed component into a vue file
  Move EE-specific image to ee/app/assets/images
  Move EE-specific stylesheets to ee/app/assets/stylesheets
parents af8d3a90 b84dc2c7
Please view this file on the master branch, on stable branches it's out of date. Please view this file on the master branch, on stable branches it's out of date.
## 10.4.0 (2018-01-22)
### Security (2 changes)
- Fix LDAP external user/group bug on first sign in.
- Deny persisting milestones from outside project/group scope on boards.
### Fixed (19 changes, 1 of them is from the community)
- Issue count now refreshes quicker on geo secondary. !3639
- Prevent adding same role multiple times on repeated clicks. !3700
- Geo - Fix difference in FDW / non-FDW queries for Geo::FileRegistry queries. !3714
- Fix successful rebase throwing flash error message. !3727
- Fix Merge Rquest widget rebase action in Internet Explorer. !3732
- Geo - Use relative path for avatar images on a secondary node. !3857
- Add missing wiki counts to prometheus metrics. !3875
- Adjust content width for User Settings, Pipeline quota. !3895 (George Tsiolis)
- Fix a bug where branch could not be delete due to a push rule config. !3900
- Fix a few doc links to fast ssh key lookup. !3937
- Handle node details load failure gracefully on UI. !3992
- Use the fastest available method for various Geo status counts. !4024
- Fix neutralCount computation to prevent negative values. !4044
- Fix reordering of items when moved to top or bottom. !4050
- Geo - Fix repository clean up when selective replication changes with hashed storage enabled. !4059
- Fix JavaScript bundle running on Cluster update/destroy pages. !4112
- Record EE instances without a license correctly in usage ping.
- Fix export to CSV if a filter with multiple labels is used.
- Stop authorization attempts with instance profile when static credentials are provided for AWS Elasticsearch.
### Changed (6 changes)
- Change MR widget failed icons to warning icons. !3669
- Show clear message when set-geo-primary-node was successful. !3768
- More descriptive error when clocks between Geo nodes are out of sync. !3860
- Allow sidekiq to react to becoming a Geo primary or secondary without a restart. !3878
- Geo admin screen enhancements. !3902
- Geo UI polish.
### Added (13 changes)
- Split project repository and wiki repository status in Geo node status. !3560
- Add reset pipeline minutes button to admin overview of groups and users. !3656
- Show results from docker image scan in the merge request widget. !3672
- Geo: Added Authorized Keys specific checks. !3728
- Add some extra fields to Geo API node and status. !3858
- Show results from DAST scan in the merge request widget. !3885
- Add Geo support for CI job artifacts. !3935
- Make it possible to enable/disable PostgreSQL FDW for Geo. !4020
- Add support for reordering issues in epics.
- Check if shard configuration is same across Geo nodes.
- Add API for epics.
- Add group boards API endpoint.
- Add api for epic_issue associations.
### Other (6 changes)
- Document GitLab Geo with Object Storage. !3760
- Update disaster recovery documentation with detailed steps. !3845
- Fix broken alignment of database password in geo docs. !3939
- Remove unnecessary NTP checks now included in gitlab:geo:check. !3940
- Move geo status check after db replication to avoid anticipated failures. !3941
- Make scoped issue board specs more reliable.
## 10.3.5 (2018-01-18) ## 10.3.5 (2018-01-18)
- No changes. - No changes.
......
...@@ -2,6 +2,171 @@ ...@@ -2,6 +2,171 @@
documentation](doc/development/changelog.md) for instructions on adding your own documentation](doc/development/changelog.md) for instructions on adding your own
entry. entry.
## 10.4.0 (2018-01-22)
### Security (8 changes, 1 of them is from the community)
- Upgrade Ruby to 2.3.6 to include security patches. !16016
- Filter out sensitive fields from the project services API. (Robert Schilling)
- Fix RCE via project import mechanism.
- Prevent OAuth login POST requests when a provider has been disabled.
- Prevent a SQL injection in the MilestonesFinder.
- Check user authorization for source and target projects when creating a merge request.
- Fix path traversal in gitlab-ci.yml cache:key.
- Fix writable shared deploy keys.
### Fixed (69 changes, 24 of them are from the community)
- Update comment on image cursor and icons. !15760
- Fixes the wording of headers in system info page. !15802 (Gilbert Roulot)
- Reset todo counters when the target is deleted. !15807
- Execute quick actions (if present) when creating MR from issue. !15810
- fix build count in pipeline success mail. !15827 (Christiaan Van den Poel)
- Fix error that was preventing users to change the access level of access requests for Groups or Projects. !15832
- Last push event widget width for fixed layout. !15862 (George Tsiolis)
- Hide link to issues/MRs from labels list if issues/MRs are disabled. !15863 (Sophie Herold)
- Use relative URL for projects to avoid storing domains. !15876
- Fix gitlab-rake gitlab:import:repos import schedule. !15931
- Removed incorrect guidance stating blocked users will be removed from groups and project as members. !15947 (CesarApodaca)
- Fix some POST/DELETE requests in IE by switching some bundles to Axios for Ajax requests. !15951
- Fixing error 500 when member exist but not the user. !15970
- show None when issue is in closed list and no labels assigned. !15976 (Christiaan Van den Poel)
- Fix tags in the Activity tab not being clickable. !15996 (Mario de la Ossa)
- Disable Vue pagination when only one page of content is available. !15999 (Mario de la Ossa)
- disables shortcut to issue boards when issues are not enabled. !16020 (Christiaan Van den Poel)
- Ignore lost+found folder during backup on a volume. !16036 (Julien Millau)
- Fix abuse reports link url in admin area navbar. !16068 (megos)
- Keep typographic hierarchy in User Settings. !16090 (George Tsiolis)
- Adjust content width for User Settings, GPG Keys. !16093 (George Tsiolis)
- Fix gitlab-rake gitlab:import:repos import schedule. !16115
- Fix import project url not updating project name. !16120
- Fix activity inline event line height on mobile. !16121 (George Tsiolis)
- Fix slash commands dropdown description mis-alignment on Firefox. !16125 (Maurizio De Santis)
- Remove unnecessary sidebar element realignment. !16159 (George Tsiolis)
- User#projects_limit remove DB default and added NOT NULL constraint. !16165 (Mario de la Ossa)
- Fix API endpoints to edit wiki pages where project belongs to a group. !16170
- Fix breadcrumbs in User Settings. !16172 (rfwatson)
- Move 2FA disable button. !16177 (George Tsiolis)
- Fixing bug when wiki last version. !16197
- Protected branch is now created for default branch on import. !16198
- Prevent excessive DB load due to faulty DeleteConflictingRedirectRoutes background migration. !16205
- Force Auto DevOps kubectl version to 1.8.6. !16218
- Fix missing references to pipeline objects when restoring project with import/export feature. !16221
- Fix inconsistent downcase of filenames in prefilled `Add` commit messages. !16232 (James Ramsay)
- Default merge request title is set correctly again when external issue tracker is activated. !16356 (Ben305)
- Ensure that emails contain absolute, rather than relative, links to user uploads. !16364
- Prevent invalid Route path if path is unchanged. !16397
- Fixing rack request mime type when using rack attack. !16427
- Prevent RevList failing on non utf8 paths. !16440
- Fix giant fork icons on forks page. !16474
- Fix links to uploaded files on wiki pages. !16499
- Fix GitHub importer using removed interface.
- Fix when branch creation fails don't post system note. (Mateusz Bajorski)
- Show authored date rather than committed date on the commit list.
- Fix ANSI 256 bold colors in pipelines job output.
- Add optional search param for Merge Requests API.
- fix button alignment on MWPS component.
- Clears visual token on second backspace. (Martin Wortschack)
- Fix viewing merge request diffs where the underlying blobs are unavailable.
- Fix 500 error when visiting a commit where the blobs do not exist.
- Set target_branch to the ref branch when creating MR from issue.
- Fix closed text for issues on Todos page.
- [API] Fix creating issue when assignee_id is empty.
- Fix false positive issue references in merge requests caused by header anchor links.
- Fixed chanages dropdown ellipsis positioning.
- Fix shortcut links on help page.
- Fix onion-skin re-entering state.
- Normalizing Identity extern_uid when saving the record.
- Fixed typo for issue description field declaration. (Marcus Amargi)
- Modify `LDAP::Person` to return username value based on attributes.
- Fixed merge request status badge not updating after merging.
- Remove related links in MR widget when empty state.
- Gracefully handle garbled URIs in Markdown.
- Fix hooks not being set up properly for bare import Rake task.
- Fix Mermaid drawings not loading on some browsers.
- Humanize the units of "Showing last X KiB of log" in job trace.
- Avoid leaving a push event empty if payload cannot be created.
### Changed (18 changes, 3 of them are from the community)
- Make mail notifications of discussion notes In-Reply-To of each other. !14289
- Migrate existing data from KubernetesService to Clusters::Platforms::Kubernetes. !15589
- Implement checking GCP project billing status in cluster creation form. !15665
- Present multiple clusters in a single list instead of a tabbed view. !15669
- Remove soft removals related code. !15789
- Only mark import and fork jobs as failed once all Sidekiq retries get exhausted. !15844
- Translate date ranges on contributors page. !15846
- Update issuable status icons. !15898
- Update feature toggle design to use icons and make it i18n friendly. !15904
- Update groups tree to use GitLab SVG icons, add last updated at information for projects. !15980
- Allow forking a public project to a private group. !16050
- Expose project_id on /api/v4/pages/domains. !16200 (Luc Didry)
- Display graph values on hover within monitoring page. !16261
- Hide markdown toolbar in preview mode.
- Run background migrations with a minimum interval.
- Provide additional cookies to JIRA service requests to allow Oracle WebGates Basic Auth. (Stanislaw Wozniak)
- removed tabindexes from tag form. (Marcus Amargi)
- Move edit button to second row on issue page (and change it to a pencil icon).
### Performance (11 changes)
- Improve the performance for counting diverging commits. Show 999+ if it is more than 1000 commits. !15963
- Improve search query for merge requests.
- Improve search query for issues.
- Eager load event target authors whenever possible.
- Use simple Next/Prev paging for jobs to avoid large count queries on arbitrarily large sets of historical jobs.
- Improve performance of MR discussions on large diffs.
- Add index on namespaces lower(name) for UsersController#exists.
- Fix timeout when filtering issues by label.
- Treat empty markdown and html strings as valid cached text, not missing cache that needs to be updated.
- Cache merged and closed events data in merge_request_metrics table.
- Speed up generation of commit stats by using Rugged native methods.
### Added (26 changes, 8 of them are from the community)
- Support new chat notifications parameters in Services API. !11435
- Add online and status attribute to runner api entity. !11750
- Adds ordering to projects contributors in API. !15469 (Jacopo Beschi @jacopo-beschi)
- Add assets_sync gem to Gemfile. !15734
- Add a gitlab:tcp_check rake task. !15759
- add support for sorting in tags api. !15772 (haseebeqx)
- Add Prometheus to available Cluster applications. !15895
- Validate file status when commiting multiple files. !15922
- List of avatars should never show +1. !15972 (Jacopo Beschi @jacopo-beschi)
- Do not generate NPM links for private NPM modules in blob view. !16002 (Mario de la Ossa)
- Backport fast database lookup of SSH authorized_keys from EE. !16014
- Add i18n helpers to branch comparison view. !16031 (James Ramsay)
- Add pause/resume button to project runners. !16032 (Mario de la Ossa)
- Added option to user preferences to enable the multi file editor. !16056
- Implement project jobs cache reset. !16067
- Rendering of emoji's in Group-Overview. !16098 (Jacopo Beschi @jacopo-beschi)
- Allow automatic creation of Kubernetes Integration from template. !16104
- API: get participants from merge_requests & issues. !16187 (Brent Greeff)
- Added option to disable commits stats in the commit endpoint. !16309
- Disable creation of new Kubernetes Integrations unless they're active or created from template. !41054
- Enable ordering of groups and their children by name.
- Hide runner token in CI/CD settings page.
- Allow user to rebase merge requests.
- Handle GitLab hashed storage repositories using the repo import task.
- Added badge to tree & blob views to indicate LFS tracked files.
- Add button to run scheduled pipeline immediately.
### Other (12 changes, 3 of them are from the community)
- Adds the multi file editor as a new beta feature. !15430
- Use relative URLs when linking to uploaded files. !15751
- Add docs for why you might be signed out when using the Remember me token. !15756
- Replace '.team << [user, role]' with 'add_role(user)' in specs. !16069 (@blackst0ne)
- Add id to modal.vue to support data-toggle="modal". !16189
- Update scss-lint to 0.56.0. !16278 (Takuya Noguchi)
- Fix web ide user preferences copy and buttons. !41789
- Update Browse file to Choose file in all occurences.
- Import some code and functionality from gitlab-shell to improve subprocess handling.
- Bump mysql2 gem version from 0.4.5 to 0.4.10. (asaparov)
- Use a background migration for issues.closed_at.
- Update redis-rack to 2.0.4.
## 10.3.5 (2018-01-18) ## 10.3.5 (2018-01-18)
- No changes. - No changes.
......
import eventHub from '../../event_hub';
import statusIcon from '../mr_widget_status_icon';
export default {
name: 'MRWidgetAutoMergeFailed',
props: {
mr: { type: Object, required: true },
},
data() {
return {
isRefreshing: false,
};
},
components: {
statusIcon,
},
methods: {
refreshWidget() {
this.isRefreshing = true;
eventHub.$emit('MRWidgetUpdateRequested', () => {
this.isRefreshing = false;
});
},
},
template: `
<div class="mr-widget-body media">
<status-icon status="warning" />
<div class="media-body space-children">
<span class="bold">
<template v-if="mr.mergeError">{{mr.mergeError}}.</template>
This merge request failed to be merged automatically
</span>
<button
@click="refreshWidget"
:disabled="isRefreshing"
type="button"
class="btn btn-xs btn-default">
<i
v-if="isRefreshing"
class="fa fa-spinner fa-spin"
aria-hidden="true" />
Refresh
</button>
</div>
</div>
`,
};
<script>
import loadingIcon from '~/vue_shared/components/loading_icon.vue';
import eventHub from '../../event_hub';
import statusIcon from '../mr_widget_status_icon';
export default {
name: 'MRWidgetAutoMergeFailed',
components: {
statusIcon,
loadingIcon,
},
props: {
mr: {
type: Object,
required: true,
},
},
data() {
return {
isRefreshing: false,
};
},
methods: {
refreshWidget() {
this.isRefreshing = true;
eventHub.$emit('MRWidgetUpdateRequested', () => {
this.isRefreshing = false;
});
},
},
};
</script>
<template>
<div class="mr-widget-body media">
<status-icon status="warning" />
<div class="media-body space-children">
<span class="bold">
<template v-if="mr.mergeError">{{ mr.mergeError }}.</template>
{{ s__("mrWidget|This merge request failed to be merged automatically") }}
</span>
<button
@click="refreshWidget"
:disabled="isRefreshing"
type="button"
class="btn btn-xs btn-default"
>
<loading-icon v-if="isRefreshing" />
{{ s__("mrWidget|Refresh") }}
</button>
</div>
</div>
</template>
...@@ -33,7 +33,7 @@ export { default as PipelineBlockedState } from './components/states/mr_widget_p ...@@ -33,7 +33,7 @@ export { default as PipelineBlockedState } from './components/states/mr_widget_p
export { default as PipelineFailedState } from './components/states/mr_widget_pipeline_failed'; export { default as PipelineFailedState } from './components/states/mr_widget_pipeline_failed';
export { default as MergeWhenPipelineSucceedsState } from './components/states/mr_widget_merge_when_pipeline_succeeds'; export { default as MergeWhenPipelineSucceedsState } from './components/states/mr_widget_merge_when_pipeline_succeeds';
export { default as RebaseState } from './components/states/mr_widget_rebase.vue'; export { default as RebaseState } from './components/states/mr_widget_rebase.vue';
export { default as AutoMergeFailed } from './components/states/mr_widget_auto_merge_failed'; export { default as AutoMergeFailed } from './components/states/mr_widget_auto_merge_failed.vue';
export { default as CheckingState } from './components/states/mr_widget_checking'; export { default as CheckingState } from './components/states/mr_widget_checking';
export { default as MRWidgetStore } from 'ee/vue_merge_request_widget/stores/mr_widget_store'; export { default as MRWidgetStore } from 'ee/vue_merge_request_widget/stores/mr_widget_store';
export { default as MRWidgetService } from 'ee/vue_merge_request_widget/services/mr_widget_service'; export { default as MRWidgetService } from 'ee/vue_merge_request_widget/services/mr_widget_service';
......
...@@ -1005,13 +1005,27 @@ class Repository ...@@ -1005,13 +1005,27 @@ class Repository
add_remote(remote_name, url, mirror_refmap: refmap) add_remote(remote_name, url, mirror_refmap: refmap)
fetch_remote(remote_name, forced: forced) fetch_remote(remote_name, forced: forced)
ensure ensure
remove_remote(remote_name) if tmp_remote_name async_remove_remote(remote_name) if tmp_remote_name
end end
def fetch_remote(remote, forced: false, ssh_auth: nil, no_tags: false) def fetch_remote(remote, forced: false, ssh_auth: nil, no_tags: false)
gitlab_shell.fetch_remote(raw_repository, remote, ssh_auth: ssh_auth, forced: forced, no_tags: no_tags) gitlab_shell.fetch_remote(raw_repository, remote, ssh_auth: ssh_auth, forced: forced, no_tags: no_tags)
end end
def async_remove_remote(remote_name)
return unless remote_name
job_id = RepositoryRemoveRemoteWorker.perform_async(project.id, remote_name)
if job_id
Rails.logger.info("Remove remote job scheduled for #{project.id} with remote name: #{remote_name} job ID #{job_id}.")
else
Rails.logger.info("Remove remote job failed to create for #{project.id} with remote name #{remote_name}.")
end
job_id
end
def fetch_source_branch!(source_repository, source_branch, local_ref) def fetch_source_branch!(source_repository, source_branch, local_ref)
raw_repository.fetch_source_branch!(source_repository.raw_repository, source_branch, local_ref) raw_repository.fetch_source_branch!(source_repository.raw_repository, source_branch, local_ref)
end end
......
...@@ -93,6 +93,7 @@ ...@@ -93,6 +93,7 @@
- rebase - rebase
- repository_fork - repository_fork
- repository_import - repository_import
- repository_remove_remote
- storage_migrator - storage_migrator
- system_hook_push - system_hook_push
- update_merge_requests - update_merge_requests
......
class RepositoryRemoveRemoteWorker
include ApplicationWorker
include ExclusiveLeaseGuard
LEASE_TIMEOUT = 1.hour
attr_reader :project, :remote_name
def perform(project_id, remote_name)
@remote_name = remote_name
@project = Project.find_by_id(project_id)
return unless @project
logger.info("Removing remote #{remote_name} from project #{project.id}")
try_obtain_lease do
remove_remote = @project.repository.remove_remote(remote_name)
if remove_remote
logger.info("Remote #{remote_name} was successfully removed from project #{project.id}")
else
logger.error("Could not remove remote #{remote_name} from project #{project.id}")
end
end
end
def lease_timeout
LEASE_TIMEOUT
end
def lease_key
"remove_remote_#{project.id}_#{remote_name}"
end
end
---
title: Fix Merge Rquest widget rebase action in Internet Explorer
merge_request: 3732
author:
type: fixed
---
title: Fix export to CSV if a filter with multiple labels is used
merge_request:
author:
type: fixed
---
title: Add reset pipeline minutes button to admin overview of groups and users
merge_request: 3656
author:
type: added
---
title: Prevent adding same role multiple times on repeated clicks
merge_request: 3700
author:
type: fixed
---
title: Allow sidekiq to react to becoming a Geo primary or secondary without a restart
merge_request: 3878
author:
type: changed
---
title: Issue count now refreshes quicker on geo secondary
merge_request: 3639
author:
type: fixed
---
title: Fix a bug where branch could not be delete due to a push rule config
merge_request: 3900
author:
type: fixed
---
title: 'Geo: Added Authorized Keys specific checks'
merge_request: 3728
author:
type: added
--- ---
title: Geo UI polish title: Ports remote removal to a background job
merge_request: merge_request:
author: author:
type: changed type: changed
---
title: Change MR widget failed icons to warning icons
merge_request: 3669
author:
type: changed
---
title: Add API for epics
merge_request:
author:
type: added
---
title: Show results from docker image scan in the merge request widget
merge_request: 3672
author:
type: added
---
title: Add api for epic_issue associations
merge_request:
author:
type: added
---
title: Geo admin screen enhancements
merge_request: 3902
author:
type: changed
---
title: Fix successful rebase throwing flash error message
merge_request: 3727
author:
type: fixed
---
title: Show results from DAST scan in the merge request widget
merge_request: 3885
author:
type: added
---
title: Fix JavaScript bundle running on Cluster update/destroy pages
merge_request: 4112
author:
type: fixed
---
title: Add missing wiki counts to prometheus metrics
merge_request: 3875
author:
type: fixed
---
title: Use the fastest available method for various Geo status counts
merge_request: 4024
author:
type: fixed
---
title: Handle node details load failure gracefully on UI
merge_request: 3992
author:
type: fixed
---
title: Fix neutralCount computation to prevent negative values
merge_request: 4044
author:
type: fixed
---
title: Fix reordering of items when moved to top or bottom
merge_request: 4050
author:
type: fixed
---
title: Geo - Fix repository clean up when selective replication changes with hashed storage enabled
merge_request: 4059
author:
type: fixed
---
title: Stop authorization attempts with instance profile when static credentials are
provided for AWS Elasticsearch
merge_request:
author:
type: fixed
---
title: Geo - Fix difference in FDW / non-FDW queries for Geo::FileRegistry queries
merge_request: 3714
author:
type: fixed
---
title: Geo - Use relative path for avatar images on a secondary node
merge_request: 3857
author:
type: fixed
---
title: Add group boards API endpoint
merge_request:
author:
type: added
---
title: Split project repository and wiki repository status in Geo node status
merge_request: 3560
author:
type: added
---
title: Fix LDAP external user/group bug on first sign in
merge_request:
author:
type: security
---
title: Update disaster recovery documentation with detailed steps
merge_request: 3845
author:
type: other
---
title: Move geo status check after db replication to avoid anticipated failures
merge_request: 3941
author:
type: other
---
title: Fix broken alignment of database password in geo docs
merge_request: 3939
author:
type: other
---
title: Remove unnecessary NTP checks now included in gitlab:geo:check
merge_request: 3940
author:
type: other
---
title: Add Geo support for CI job artifacts
merge_request: 3935
author:
type: added
---
title: Fix a few doc links to fast ssh key lookup
merge_request: 3937
author:
type: fixed
---
title: Deny persisting milestones from outside project/group scope on boards
merge_request:
author:
type: security
---
title: Make scoped issue board specs more reliable
merge_request:
author:
type: other
---
title: Adjust content width for User Settings, Pipeline quota
merge_request: 3895
author: George Tsiolis
type: fixed
---
title: Add support for reordering issues in epics
merge_request:
author:
type: added
---
title: Check if shard configuration is same across Geo nodes
merge_request:
author:
type: added
---
title: Record EE instances without a license correctly in usage ping
merge_request:
author:
type: fixed
---
title: Add some extra fields to Geo API node and status
merge_request: 3858
author:
type: added
---
title: Make it possible to enable/disable PostgreSQL FDW for Geo
merge_request: 4020
author:
type: added
---
title: More descriptive error when clocks between Geo nodes are out of sync
merge_request: 3860
author:
type: changed
---
title: Document GitLab Geo with Object Storage
merge_request: 3760
author:
type: other
---
title: Show clear message when set-geo-primary-node was successful
merge_request: 3768
author:
type: changed
---
title: Adds ordering to projects contributors in API
merge_request: 15469
author: Jacopo Beschi @jacopo-beschi
type: added
---
title: Fix error that was preventing users to change the access level of access requests for Groups or Projects
merge_request: 15832
author:
type: fixed
---
title: 'Validate file status when commiting multiple files'
merge_request: 15922
author:
type: added
---
title: Improve search query for merge requests.
merge_request:
author:
type: performance
---
title: "Ignore lost+found folder during backup on a volume"
merge_request: 16036
author: Julien Millau
type: fixed
\ No newline at end of file
---
title: Improve search query for issues.
merge_request:
author:
type: performance
---
title: Add pause/resume button to project runners
merge_request: 16032
author: Mario de la Ossa
type: added
---
title: Fix when branch creation fails don't post system note
merge_request:
author: Mateusz Bajorski
type: fixed
---
title: Show authored date rather than committed date on the commit list
merge_request:
author:
type: fixed
---
title: Refactor member view using a Presenter
merge_request: 9645
author: TM Lee
---
title: User#projects_limit remove DB default and added NOT NULL constraint
merge_request: 16165
author: Mario de la Ossa
type: fixed
---
title: Support new chat notifications parameters in Services API
merge_request: 11435
author:
type: added
---
title: Fix tags in the Activity tab not being clickable
merge_request: 15996
author: Mario de la Ossa
type: fixed
---
title: Disable Vue pagination when only one page of content is available
merge_request: 15999
author: Mario de la Ossa
type: fixed
---
title: Update issuable status icons
merge_request: 15898
author:
type: changed
---
title: Fix some POST/DELETE requests in IE by switching some bundles to Axios for Ajax requests
merge_request: 15951
author:
type: fixed
---
title: Do not generate NPM links for private NPM modules in blob view
merge_request: 16002
author: Mario de la Ossa
type: added
---
title: Default merge request title is set correctly again when external issue tracker is activated
merge_request: 16356
author: Ben305
type: fixed
---
title: Replace '.team << [user, role]' with 'add_role(user)' in specs
merge_request: 16069
author: "@blackst0ne"
type: other
---
title: Enable ordering of groups and their children by name
merge_request:
author:
type: added
---
title: Hide runner token in CI/CD settings page
merge_request:
author:
type: added
---
title: Display graph values on hover within monitoring page
merge_request: 16261
author:
type: changed
---
title: Fixes the wording of headers in system info page
merge_request: 15802
author: Gilbert Roulot
type: fixed
---
title: Update feature toggle design to use icons and make it i18n friendly
merge_request: 15904
author:
type: changed
---
title: Add optional search param for Merge Requests API
merge_request:
author:
type: fixed
---
title: fix button alignment on MWPS component
merge_request:
author:
type: fixed
---
title: Clears visual token on second backspace
merge_request:
author: Martin Wortschack
type: fixed
---
title: Use relative URLs when linking to uploaded files
merge_request: 15751
author:
type: other
---
title: Only mark import and fork jobs as failed once all Sidekiq retries get exhausted
merge_request: 15844
author:
type: changed
---
title: List of avatars should never show +1
merge_request: 15972
author: Jacopo Beschi @jacopo-beschi
type: added
---
title: Update comment on image cursor and icons
merge_request: 15760
author:
type: fixed
---
title: Protected branch is now created for default branch on import
merge_request: 16198
author:
type: fixed
---
title: Implement checking GCP project billing status in cluster creation form.
merge_request: 15665
author:
type: changed
---
title: Add assets_sync gem to Gemfile
merge_request: 15734
author:
type: added
---
title: Adds the multi file editor as a new beta feature
merge_request: 15430
author:
type: feature
---
title: Hide markdown toolbar in preview mode
merge_request:
author:
type: changed
---
title: "Fix slash commands dropdown description mis-alignment on Firefox"
merge_request: 16125
author: Maurizio De Santis
type: fixed
---
title: Fix gitlab-rake gitlab:import:repos import schedule
merge_request: 15931
author:
type: fixed
---
title: Fix breadcrumbs in User Settings
merge_request: 16172
author: rfwatson
type: fixed
---
title: Allow user to rebase merge requests.
merge_request:
author:
type: added
---
title: Migrate existing data from KubernetesService to Clusters::Platforms::Kubernetes
merge_request: 15589
author:
type: changed
---
title: Fix API endpoints to edit wiki pages where project belongs to a group
merge_request: 16170
author:
type: fixed
---
title: add support for sorting in tags api
merge_request: 15772
author: haseebeqx
type: added
---
title: Update groups tree to use GitLab SVG icons, add last updated at information
for projects
merge_request: 15980
author:
type: changed
---
title: Rendering of emoji's in Group-Overview
merge_request: 16098
author: Jacopo Beschi @jacopo-beschi
type: added
---
title: Improve the performance for counting diverging commits. Show 999+
if it is more than 1000 commits
merge_request: 15963
author:
type: performance
---
title: Update Browse file to Choose file in all occurences
merge_request:
author:
type: other
---
title: Reset todo counters when the target is deleted
merge_request: 15807
author:
type: fixed
---
title: Use relative URL for projects to avoid storing domains
merge_request: 15876
author:
type: fixed
---
title: Import some code and functionality from gitlab-shell to improve subprocess
handling
merge_request:
author:
type: other
---
title: Add Prometheus to available Cluster applications
merge_request: 15895
author:
type: added
---
title: Disable creation of new Kubernetes Integrations unless they're active or created
from template
merge_request: 41054
author:
type: added
---
title: Allow automatic creation of Kubernetes Integration from template
merge_request: 16104
author:
type: added
---
title: disables shortcut to issue boards when issues are not enabled
merge_request: 16020
author: Christiaan Van den Poel
type: fixed
---
title: Implement project jobs cache reset
merge_request: 16067
author:
type: added
---
title: Upgrade Ruby to 2.3.6 to include security patches
merge_request: 16016
author:
type: security
---
title: Fix gitlab-rake gitlab:import:repos import schedule
merge_request: 16115
author:
type: fixed
---
title: Fix viewing merge request diffs where the underlying blobs are unavailable
merge_request:
author:
type: fixed
---
title: Fix 500 error when visiting a commit where the blobs do not exist
merge_request:
author:
type: fixed
---
title: Set target_branch to the ref branch when creating MR from issue
merge_request:
author:
type: fixed
---
title: Update scss-lint to 0.56.0
merge_request: 16278
author: Takuya Noguchi
type: other
---
title: Fix web ide user preferences copy and buttons
merge_request: 41789
author:
type: other
---
title: Fix closed text for issues on Todos page
merge_request:
author:
type: fixed
---
title: Ensure that emails contain absolute, rather than relative, links to user uploads
merge_request: 16364
author:
type: fixed
---
title: "[API] Fix creating issue when assignee_id is empty"
merge_request:
author:
type: fixed
---
title: Fix links to uploaded files on wiki pages
merge_request: 16499
author:
type: fixed
---
title: Fix giant fork icons on forks page
merge_request: 16474
author:
type: fixed
---
title: Force Auto DevOps kubectl version to 1.8.6
merge_request: 16218
author:
type: fixed
---
title: Add a gitlab:tcp_check rake task
merge_request: 15759
author:
type: added
---
title: Fix false positive issue references in merge requests caused by header anchor
links.
merge_request:
author:
type: fixed
---
title: Expose project_id on /api/v4/pages/domains
merge_request: 16200
author: Luc Didry
type: changed
---
title: Filter out sensitive fields from the project services API
merge_request:
author: Robert Schilling
type: security
---
title: Bump mysql2 gem version from 0.4.5 to 0.4.10
merge_request:
author: asaparov
type: other
---
title: Allow forking a public project to a private group
merge_request: 16050
author:
type: changed
---
title: Use a background migration for issues.closed_at
merge_request:
author:
type: other
---
title: Fixed chanages dropdown ellipsis positioning
merge_request:
author:
type: fixed
---
title: Eager load event target authors whenever possible
merge_request:
author:
type: performance
---
title: Handle GitLab hashed storage repositories using the repo import task
merge_request:
author:
type: added
---
title: Run background migrations with a minimum interval
merge_request:
author:
type: changed
---
title: Use simple Next/Prev paging for jobs to avoid large count queries on arbitrarily
large sets of historical jobs
merge_request:
author:
type: performance
---
title: Improve performance of MR discussions on large diffs
merge_request:
author:
type: performance
---
title: Add docs for why you might be signed out when using the Remember me token
merge_request: 15756
author:
type: other
---
title: Provide additional cookies to JIRA service requests to allow Oracle WebGates
Basic Auth
merge_request:
author: Stanislaw Wozniak
type: changed
---
title: Add online and status attribute to runner api entity
merge_request: 11750
author:
type: added
---
title: Fix abuse reports link url in admin area navbar
merge_request: 16068
author: megos
type: fixed
---
title: Fix activity inline event line height on mobile
merge_request: 16121
author: George Tsiolis
type: fixed
---
title: Execute quick actions (if present) when creating MR from issue
merge_request: 15810
author:
type: fixed
---
title: Fix shortcut links on help page
merge_request:
author:
type: fixed
---
title: Fix missing references to pipeline objects when restoring project with import/export
feature
merge_request: 16221
author:
type: fixed
---
title: Fix RCE via project import mechanism
merge_request:
author:
type: security
---
title: Last push event widget width for fixed layout
merge_request: 15862
author: George Tsiolis
type: fixed
---
title: Move 2FA disable button
merge_request: 16177
author: George Tsiolis
type: fixed
---
title: Fix onion-skin re-entering state
merge_request:
author:
type: fixed
---
title: Adjust content width for User Settings, GPG Keys
merge_request: 16093
author: George Tsiolis
type: fixed
---
title: Keep typographic hierarchy in User Settings
merge_request: 16090
author: George Tsiolis
type: fixed
---
title: Remove unnecessary sidebar element realignment
merge_request: 16159
author: George Tsiolis
type: fixed
---
title: fix build count in pipeline success mail
merge_request: 15827
author: Christiaan Van den Poel
type: fixed
---
title: Fixing error 500 when member exist but not the user
merge_request: 15970
author:
type: fixed
---
title: Normalizing Identity extern_uid when saving the record
merge_request:
author:
type: fixed
---
title: Fixing bug when wiki last version
merge_request: 16197
author:
type: fixed
---
title: Fixing rack request mime type when using rack attack
merge_request: 16427
author:
type: fixed
---
title: Added option to disable commits stats in the commit endpoint
merge_request: 16309
author:
type: added
---
title: Add index on namespaces lower(name) for UsersController#exists
merge_request:
author:
type: performance
---
title: Fixed typo for issue description field declaration
merge_request:
author: Marcus Amargi
type: fixed
---
title: Fix timeout when filtering issues by label
merge_request:
author:
type: performance
---
title: 'API: get participants from merge_requests & issues'
merge_request: 16187
author: Brent Greeff
type: added
---
title: Backport fast database lookup of SSH authorized_keys from EE
merge_request: 16014
author:
type: added
---
title: Prevent OAuth login POST requests when a provider has been disabled
merge_request:
author:
type: security
---
title: Prevent RevList failing on non utf8 paths
merge_request: 16440
author:
type: fixed
---
title: Added option to user preferences to enable the multi file editor
merge_request: 16056
author:
type: added
---
title: Fix import project url not updating project name
merge_request: 16120
author:
type: fixed
---
title: Add i18n helpers to branch comparison view
merge_request: 16031
author: James Ramsay
type: added
---
title: Fix inconsistent downcase of filenames in prefilled `Add` commit messages
merge_request: 16232
author: James Ramsay
type: fixed
---
title: Modify `LDAP::Person` to return username value based on attributes
merge_request:
author:
type: fixed
---
title: Added badge to tree & blob views to indicate LFS tracked files
merge_request:
author:
type: added
---
title: Prevent a SQL injection in the MilestonesFinder
merge_request:
author:
type: security
---
title: Prevent invalid Route path if path is unchanged
merge_request: 16397
author:
type: fixed
---
title: Prevent excessive DB load due to faulty DeleteConflictingRedirectRoutes background
migration
merge_request: 16205
author:
type: fixed
---
title: Fixed merge request status badge not updating after merging
merge_request:
author:
type: fixed
---
title: Present multiple clusters in a single list instead of a tabbed view
merge_request: 15669
author:
type: changed
---
title: Treat empty markdown and html strings as valid cached text, not missing cache
that needs to be updated
merge_request:
author:
type: performance
---
title: Cache merged and closed events data in merge_request_metrics table
merge_request:
author:
type: performance
---
title: Check user authorization for source and target projects when creating a merge
request.
merge_request:
author:
type: security
---
title: Removed incorrect guidance stating blocked users will be removed from groups
and project as members
merge_request: 15947
author: CesarApodaca
type: fixed
---
title: Remove related links in MR widget when empty state
merge_request:
author:
type: fixed
---
title: Remove soft removals related code
merge_request: 15789
author:
type: changed
---
title: removed tabindexes from tag form
merge_request:
author: Marcus Amargi
type: changed
---
title: Fix path traversal in gitlab-ci.yml cache:key
merge_request:
author:
type: security
---
title: Add button to run scheduled pipeline immediately
merge_request:
author:
type: added
---
title: Gracefully handle garbled URIs in Markdown
merge_request:
author:
type: fixed
---
title: Fix hooks not being set up properly for bare import Rake task
merge_request:
author:
type: fixed
---
title: Fix Mermaid drawings not loading on some browsers
merge_request:
author:
type: fixed
---
title: Humanize the units of "Showing last X KiB of log" in job trace
merge_request:
author:
type: fixed
---
title: Fix writable shared deploy keys
merge_request:
author:
type: security
---
title: Speed up generation of commit stats by using Rugged native methods
merge_request:
author:
type: performance
---
title: Avoid leaving a push event empty if payload cannot be created
merge_request:
author:
type: fixed
---
title: Move edit button to second row on issue page (and change it to a pencil icon)
merge_request:
author:
type: changed
---
title: show None when issue is in closed list and no labels assigned
merge_request: 15976
author: Christiaan Van den Poel
type: fixed
---
title: Hide link to issues/MRs from labels list if issues/MRs are disabled.
merge_request: 15863
author: Sophie Herold
type: fixed
---
title: Make mail notifications of discussion notes In-Reply-To of each other
merge_request: 14289
author:
type: changed
---
title: Update redis-rack to 2.0.4
merge_request:
author:
type: other
---
title: Add id to modal.vue to support data-toggle="modal"
merge_request: 16189
author:
type: other
---
title: Translate date ranges on contributors page
merge_request: 15846
author:
type: changed
---
title: Fix GitHub importer using removed interface
merge_request:
author:
type: fixed
...@@ -118,6 +118,12 @@ module Gitlab ...@@ -118,6 +118,12 @@ module Gitlab
# Support legacy unicode file named img emojis, `1F939.png` # Support legacy unicode file named img emojis, `1F939.png`
config.assets.paths << Gemojione.images_path config.assets.paths << Gemojione.images_path
config.assets.paths << "vendor/assets/fonts" config.assets.paths << "vendor/assets/fonts"
# EE specific paths.
config.assets.paths << "ee/app/assets/images"
config.assets.paths << "ee/app/assets/javascripts"
config.assets.paths << "ee/app/assets/stylesheets"
config.assets.precompile << "*.png" config.assets.precompile << "*.png"
config.assets.precompile << "print.css" config.assets.precompile << "print.css"
config.assets.precompile << "notify.css" config.assets.precompile << "notify.css"
......
...@@ -40,6 +40,7 @@ ...@@ -40,6 +40,7 @@
- [upload_checksum, 1] - [upload_checksum, 1]
- [repository_fork, 1] - [repository_fork, 1]
- [repository_import, 1] - [repository_import, 1]
- [repository_remove_remote, 1]
- [github_importer, 1] - [github_importer, 1]
- [github_import_advance_stage, 1] - [github_import_advance_stage, 1]
- [project_service, 1] - [project_service, 1]
......
class AddRemoteNameToRemoteMirrors < ActiveRecord::Migration
include Gitlab::Database::MigrationHelpers
DOWNTIME = false
def change
add_column :remote_mirrors, :remote_name, :string
end
end
...@@ -2029,6 +2029,7 @@ ActiveRecord::Schema.define(version: 20180113220114) do ...@@ -2029,6 +2029,7 @@ ActiveRecord::Schema.define(version: 20180113220114) do
t.datetime "updated_at", null: false t.datetime "updated_at", null: false
t.datetime "last_update_started_at" t.datetime "last_update_started_at"
t.boolean "only_protected_branches", default: false, null: false t.boolean "only_protected_branches", default: false, null: false
t.string "remote_name"
end end
add_index "remote_mirrors", ["last_successful_update_at"], name: "index_remote_mirrors_on_last_successful_update_at", using: :btree add_index "remote_mirrors", ["last_successful_update_at"], name: "index_remote_mirrors_on_last_successful_update_at", using: :btree
......
# Dynamic Application Security Testing with GitLab CI/CD # Dynamic Application Security Testing with GitLab CI/CD
This example shows how to run
[Dynamic Application Security Testing (DAST)](https://en.wikipedia.org/wiki/Dynamic_program_analysis) [Dynamic Application Security Testing (DAST)](https://en.wikipedia.org/wiki/Dynamic_program_analysis)
on your project's source code by using GitLab CI/CD. is using the popular open source tool [OWASP ZAProxy](https://github.com/zaproxy/zaproxy)
to perform an analysis on your running web application.
DAST is using the popular open source tool It can be very useful combined with [Review Apps](../review_apps/index.md).
[OWASP ZAProxy](https://github.com/zaproxy/zaproxy) to perform an analysis.
## Example
All you need is a GitLab Runner with the Docker executor (the shared Runners on All you need is a GitLab Runner with the Docker executor (the shared Runners on
GitLab.com will work fine). You can then add a new job to `.gitlab-ci.yml`, GitLab.com will work fine). You can then add a new job to `.gitlab-ci.yml`,
...@@ -14,22 +15,26 @@ called `dast`: ...@@ -14,22 +15,26 @@ called `dast`:
```yaml ```yaml
dast: dast:
image: owasp/zap2docker-stable image: owasp/zap2docker-stable
variables:
website: "https://example.com"
script: script:
- mkdir /zap/wrk/ - mkdir /zap/wrk/
- /zap/zap-baseline.py -J gl-dast-report.json -t https://example.com || true - /zap/zap-baseline.py -J gl-dast-report.json -t $website || true
- cp /zap/wrk/gl-dast-report.json . - cp /zap/wrk/gl-dast-report.json .
artifacts: artifacts:
paths: [gl-dast-report.json] paths: [gl-dast-report.json]
``` ```
The above example will create a `dast` job in your CI pipeline and will allow The above example will create a `dast` job in your CI/CD pipeline which will run
you to download and analyze the report artifact in JSON format. the tests on the URL defined in the `website` variable (change it to use your
own) and finally write the results in the `gl-dast-report.json` file. You can
then download and analyze the report artifact in JSON format.
TIP: **Tip:** TIP: **Tip:**
Starting with [GitLab Enterprise Edition Ultimate][ee] 10.4, this information will Starting with [GitLab Enterprise Edition Ultimate][ee] 10.4, this information will
be automatically extracted and shown right in the merge request widget. To do be automatically extracted and shown right in the merge request widget. To do
so, the CI job must be named `dast` and the artifact path must be so, the CI job must be named `dast` and the artifact path must be
`gl-dast-report.json`. `gl-dast-report.json`.
[Learn more on dynamic application security testing results shown in merge requests](../../user/project/merge_requests/dast.md). [Learn more about DAST results shown in merge requests](../../user/project/merge_requests/dast.md).
[ee]: https://about.gitlab.com/gitlab-ee/ [ee]: https://about.gitlab.com/gitlab-ee/
...@@ -2,15 +2,16 @@ ...@@ -2,15 +2,16 @@
> [Introduced](https://gitlab.com/gitlab-org/gitlab-ce/issues/35954) in GitLab 10.1. > [Introduced](https://gitlab.com/gitlab-org/gitlab-ce/issues/35954) in GitLab 10.1.
NOTE: **Note:** Connect your project to Google Kubernetes Engine (GKE) or an existing Kubernetes
The Cluster integration will eventually supersede the cluster in a few steps.
[Kubernetes integration](../integrations/kubernetes.md).
With a cluster associated to your project, you can use Review Apps, deploy your With a cluster associated to your project, you can use Review Apps, deploy your
applications, run your pipelines, and much more, in an easy way. applications, run your pipelines, and much more, in an easy way.
Connect your project to Google Kubernetes Engine (GKE) or an existing Kubernetes There are two options when adding a new cluster to your project; either associate
cluster in a few steps. your account with Google Kubernetes Engine (GKE) so that you can [create new
clusters](#adding-and-creating-a-new-gke-cluster-via-gitlab) from within GitLab,
or provide the credentials to an [existing Kubernetes cluster](#adding-an-existing-kubernetes-cluster).
## Prerequisites ## Prerequisites
...@@ -41,20 +42,13 @@ following prerequisites must be met. ...@@ -41,20 +42,13 @@ following prerequisites must be met.
If all of the above requirements are met, you can proceed to add a new Kubernetes If all of the above requirements are met, you can proceed to add a new Kubernetes
cluster. cluster.
## Adding a Kubernetes cluster ## Adding and creating a new GKE cluster via GitLab
NOTE: **Note:** NOTE: **Note:**
You need Master [permissions] and above to access the Clusters page. You need Master [permissions] and above to access the Clusters page.
There are two options when adding a new cluster to your project; either associate Before proceeding, make sure all [prerequisites](#prerequisites) are met.
your account with Google Kubernetes Engine (GKE) so that you can create new To add a new cluster hosted on GKE to your project:
clusters from within GitLab, or provide the credentials to an existing
Kubernetes cluster.
Before proceeding to either method, make sure all [prerequisites](#prerequisites)
are met.
**To add a new cluster hosted on GKE to your project:**
1. Navigate to your project's **CI/CD > Clusters** page. 1. Navigate to your project's **CI/CD > Clusters** page.
1. Click on **Add cluster**. 1. Click on **Add cluster**.
...@@ -71,24 +65,56 @@ are met. ...@@ -71,24 +65,56 @@ are met.
- **Number of nodes** - The number of nodes you wish the cluster to have. - **Number of nodes** - The number of nodes you wish the cluster to have.
- **Machine type** - The [machine type](https://cloud.google.com/compute/docs/machine-types) - **Machine type** - The [machine type](https://cloud.google.com/compute/docs/machine-types)
of the Virtual Machine instance that the cluster will be based on. of the Virtual Machine instance that the cluster will be based on.
- **Project namespace** - The unique namespace for this project. By default you
don't have to fill it in; by leaving it blank, GitLab will create one for you.
- **Environment scope** - The [associated environment](#setting-the-environment-scope) to this cluster. - **Environment scope** - The [associated environment](#setting-the-environment-scope) to this cluster.
1. Finally, click the **Create cluster** button. 1. Finally, click the **Create cluster** button.
--- After a few moments, your cluster should be created. If something goes wrong,
you will be notified.
**To add an existing cluster to your project:** You can now proceed to install some pre-defined applications and then
enable the Cluster integration.
## Adding an existing Kubernetes cluster
NOTE: **Note:**
You need Master [permissions] and above to access the Clusters page.
To add an existing Kubernetes cluster to your project:
1. Navigate to your project's **CI/CD > Clusters** page. 1. Navigate to your project's **CI/CD > Clusters** page.
1. Click on **Add cluster**. 1. Click on **Add cluster**.
1. Click on **Add an existing cluster** and fill in the details as described 1. Click on **Add an existing cluster** and fill in the details:
in the [Kubernetes integration](../integrations/kubernetes.md#configuration) - **Cluster name** (required) - The name you wish to give the cluster.
documentation. - **Environment scope** (required)- The
1. Select the [environment scope](#setting-the-environment-scope). [associated environment](#setting-the-environment-scope) to this cluster.
- **API URL** (required) -
It's the URL that GitLab uses to access the Kubernetes API. Kubernetes
exposes several APIs, we want the "base" URL that is common to all of them,
e.g., `https://kubernetes.example.com` rather than `https://kubernetes.example.com/api/v1`.
- **CA certificate** (optional) -
If the API is using a self-signed TLS certificate, you'll also need to include
the `ca.crt` contents here.
- **Token** -
GitLab authenticates against Kubernetes using service tokens, which are
scoped to a particular `namespace`. If you don't have a service token yet,
you can follow the
[Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/)
to create one. You can also view or create service tokens in the
[Kubernetes dashboard](https://kubernetes.io/docs/tasks/access-application-cluster/web-ui-dashboard/#config)
(under **Config > Secrets**).
- **Project namespace** (optional) - The following apply:
- By default you don't have to fill it in; by leaving it blank, GitLab will
create one for you.
- Each project should have a unique namespace.
- The project namespace is not necessarily the namespace of the secret, if
you're using a secret with broader permissions, like the secret from `default`.
- You should **not** use `default` as the project namespace.
- If you or someone created a secret specifically for the project, usually
with limited permissions, the secret's namespace and project namespace may
be the same.
1. Finally, click the **Create cluster** button. 1. Finally, click the **Create cluster** button.
--- The Kubernetes service takes the following parameters:
After a few moments, your cluster should be created. If something goes wrong, After a few moments, your cluster should be created. If something goes wrong,
you will be notified. you will be notified.
...@@ -108,45 +134,6 @@ added directly to your configured cluster. Those applications are needed for ...@@ -108,45 +134,6 @@ added directly to your configured cluster. Those applications are needed for
| [Ingress](https://kubernetes.io/docs/concepts/services-networking/ingress/) | 10.2+ | Ingress can provide load balancing, SSL termination, and name-based virtual hosting. It acts as a web proxy for your applications and is useful if you want to use [Auto DevOps](../../../topics/autodevops/index.md) or deploy your own web apps. | | [Ingress](https://kubernetes.io/docs/concepts/services-networking/ingress/) | 10.2+ | Ingress can provide load balancing, SSL termination, and name-based virtual hosting. It acts as a web proxy for your applications and is useful if you want to use [Auto DevOps](../../../topics/autodevops/index.md) or deploy your own web apps. |
| [Prometheus](https://prometheus.io/docs/introduction/overview/) | 10.4+ | Prometheus is an open-source monitoring and alerting system useful to supervise your deployed applications | | [Prometheus](https://prometheus.io/docs/introduction/overview/) | 10.4+ | Prometheus is an open-source monitoring and alerting system useful to supervise your deployed applications |
## Enabling or disabling the Cluster integration
After you have successfully added your cluster information, you can enable the
Cluster integration:
1. Click the "Enabled/Disabled" switch
1. Hit **Save** for the changes to take effect
You can now start using your Kubernetes cluster for your deployments.
To disable the Cluster integration, follow the same procedure.
## Removing the Cluster integration
NOTE: **Note:**
You need Master [permissions] and above to remove a cluster integration.
NOTE: **Note:**
When you remove a cluster, you only remove its relation to GitLab, not the
cluster itself. To remove the cluster, you can do so by visiting the GKE
dashboard or using `kubectl`.
To remove the Cluster integration from your project, simply click on the
**Remove integration** button. You will then be able to follow the procedure
and [add a cluster](#adding-a-cluster) again.
## Multiple Kubernetes clusters
> Introduced in [GitLab Enterprise Edition Premium][ee] 10.3.
With GitLab EEP, you can associate more than one Kubernetes clusters to your
project. That way you can have different clusters for different environments,
like dev, staging, production, etc.
To add another cluster, follow the same steps as described in [adding a
Kubernetes cluster](#adding-a-kubernetes-cluster) and make sure to
[set an environment scope](#setting-the-environment-scope) that will
differentiate the new cluster with the rest.
## Setting the environment scope ## Setting the environment scope
When adding more than one clusters, you need to differentiate them with an When adding more than one clusters, you need to differentiate them with an
...@@ -201,5 +188,119 @@ The result will then be: ...@@ -201,5 +188,119 @@ The result will then be:
- The staging cluster will be used for the "deploy to staging" job. - The staging cluster will be used for the "deploy to staging" job.
- The production cluster will be used for the "deploy to production" job. - The production cluster will be used for the "deploy to production" job.
## Multiple Kubernetes clusters
> Introduced in [GitLab Enterprise Edition Premium][ee] 10.3.
With GitLab EEP, you can associate more than one Kubernetes clusters to your
project. That way you can have different clusters for different environments,
like dev, staging, production, etc.
To add another cluster, follow the same steps as described in [adding a
Kubernetes cluster](#adding-a-kubernetes-cluster) and make sure to
[set an environment scope](#setting-the-environment-scope) that will
differentiate the new cluster with the rest.
## Deployment variables
The Kubernetes cluster integration exposes the following
[deployment variables](../../../ci/variables/README.md#deployment-variables) in the
GitLab CI/CD build environment:
- `KUBE_URL` - Equal to the API URL.
- `KUBE_TOKEN` - The Kubernetes token.
- `KUBE_NAMESPACE` - The Kubernetes namespace is auto-generated if not specified.
The default value is `<project_name>-<project_id>`. You can overwrite it to
use different one if needed, otherwise the `KUBE_NAMESPACE` variable will
receive the default value.
- `KUBE_CA_PEM_FILE` - Only present if a custom CA bundle was specified. Path
to a file containing PEM data.
- `KUBE_CA_PEM` (deprecated) - Only if a custom CA bundle was specified. Raw PEM data.
- `KUBECONFIG` - Path to a file containing `kubeconfig` for this deployment.
CA bundle would be embedded if specified.
## Enabling or disabling the Cluster integration
After you have successfully added your cluster information, you can enable the
Cluster integration:
1. Click the "Enabled/Disabled" switch
1. Hit **Save** for the changes to take effect
You can now start using your Kubernetes cluster for your deployments.
To disable the Cluster integration, follow the same procedure.
## Removing the Cluster integration
NOTE: **Note:**
You need Master [permissions] and above to remove a cluster integration.
NOTE: **Note:**
When you remove a cluster, you only remove its relation to GitLab, not the
cluster itself. To remove the cluster, you can do so by visiting the GKE
dashboard or using `kubectl`.
To remove the Cluster integration from your project, simply click on the
**Remove integration** button. You will then be able to follow the procedure
and [add a cluster](#adding-a-cluster) again.
## What you can get with the Kubernetes integration
Here's what you can do with GitLab if you enable the Kubernetes integration.
### Deploy Boards (EEP)
> Available in [GitLab Enterprise Edition Premium][ee].
GitLab's Deploy Boards offer a consolidated view of the current health and
status of each CI [environment](../../../ci/environments.md) running on Kubernetes,
displaying the status of the pods in the deployment. Developers and other
teammates can view the progress and status of a rollout, pod by pod, in the
workflow they already use without any need to access Kubernetes.
[> Read more about Deploy Boards](../deploy_boards.md)
### Canary Deployments (EEP)
> Available in [GitLab Enterprise Edition Premium][ee].
Leverage [Kubernetes' Canary deployments](https://kubernetes.io/docs/concepts/cluster-administration/manage-deployment/#canary-deployments)
and visualize your canary deployments right inside the Deploy Board, without
the need to leave GitLab.
[> Read more about Canary Deployments](../canary_deployments.md)
### Kubernetes monitoring
Automatically detect and monitor Kubernetes metrics. Automatic monitoring of
[NGINX ingress](../integrations/prometheus_library/nginx.md) is also supported.
[> Read more about Kubernetes monitoring](../integrations/prometheus_library/kubernetes.md)
### Auto DevOps
Auto DevOps automatically detects, builds, tests, deploys, and monitors your
applications.
To make full use of Auto DevOps(Auto Deploy, Auto Review Apps, and Auto Monitoring)
you will need the Kubernetes project integration enabled.
[> Read more about Auto DevOps](../../../topics/autodevops/index.md)
### Web terminals
NOTE: **Note:**
Introduced in GitLab 8.15. You must be the project owner or have `master` permissions
to use terminals. Support is limited to the first container in the
first pod of your environment.
When enabled, the Kubernetes service adds [web terminal](../../../ci/environments.md#web-terminals)
support to your [environments](../../../ci/environments.md). This is based on the `exec` functionality found in
Docker and Kubernetes, so you get a new shell session within your existing
containers. To use this integration, you should deploy to Kubernetes using
the deployment variables above, ensuring any pods you create are labelled with
`app=$CI_ENVIRONMENT_SLUG`. GitLab will do the rest!
[permissions]: ../../permissions.md [permissions]: ../../permissions.md
[ee]: https://about.gitlab.com/gitlab-ee/ [ee]: https://about.gitlab.com/gitlab-ee/
...@@ -2,11 +2,15 @@ ...@@ -2,11 +2,15 @@
last_updated: 2017-12-28 last_updated: 2017-12-28
--- ---
CAUTION: **Warning:**
Kubernetes service integration has been deprecated in GitLab 10.3. If the service is active the cluster information still be editable, however we advised to disable and reconfigure the clusters using the new [Clusters](../clusters/index.md) page. If the service is inactive the fields will be uneditable. Read [GitLab 10.3 release post](https://about.gitlab.com/2017/12/22/gitlab-10-3-released/#kubernetes-integration-service) for more information.
# GitLab Kubernetes / OpenShift integration # GitLab Kubernetes / OpenShift integration
CAUTION: **Warning:**
The Kubernetes service integration has been deprecated in GitLab 10.3. If the
service is active, the cluster information will still be editable, however we
advise to disable and reconfigure the clusters using the new
[Clusters](../clusters/index.md) page. If the service is inactive, the fields
will not be editable. Read [GitLab 10.3 release post](https://about.gitlab.com/2017/12/22/gitlab-10-3-released/#kubernetes-integration-service) for more information.
GitLab can be configured to interact with Kubernetes, or other systems using the GitLab can be configured to interact with Kubernetes, or other systems using the
Kubernetes API (such as OpenShift). Kubernetes API (such as OpenShift).
......
...@@ -2,42 +2,54 @@ ...@@ -2,42 +2,54 @@
> [Introduced][ee-4348] in [GitLab Enterprise Edition Ultimate][ee] 10.4. > [Introduced][ee-4348] in [GitLab Enterprise Edition Ultimate][ee] 10.4.
If you are using [GitLab CI/CD][ci], you can analyze your running web application(s)
for known vulnerabilities using Dynamic Application Security Testing (DAST).
## Overview ## Overview
If you are using [GitLab CI/CD][ci], you can analyze your web application for known Running [static checks](sast.md) on your code is the first step to detect
vulnerabilities using Dynamic Application Security Testing (DAST), either by vulnerabilities that can put the security of your code at risk. Yet, once
including the CI job in your [existing `.gitlab-ci.yml` file][cc-docs] or deployed, your application is exposed to a new category of possible attacks,
by implicitly using [Auto DAST](../../../topics/autodevops/index.md#auto-dast) such as cross-site scripting or broken authentication flaws. This is where
Dynamic Application Security Testing (DAST) comes into place.
You can take advantage of DAST by either [including the CI job][cc-docs] in
your existing `.gitlab-ci.yml` file or by implicitly using
[Auto DAST](../../../topics/autodevops/index.md#auto-dast)
that is provided by [Auto DevOps](../../../topics/autodevops/index.md). that is provided by [Auto DevOps](../../../topics/autodevops/index.md).
Going a step further, GitLab can show the vulnerability list right in the merge Going a step further, GitLab can show the vulnerability list right in the merge
request widget area. request widget area.
![DAST Widget](img/dast-all.png) ## Use cases
By clicking on vulnerability you will be able to see the details and the URL(s) It helps you automatically find security vulnerabilities in your running web
affected. applications while you are developing and testing your applications.
![DAST Widget Clicked](img/dast-single.png) ## How it works
## Use cases First of all, you need to define a job named `dast` in your `.gitlab-ci.yml`
file. [Check how the `dast` job should look like][cc-docs].
It helps you automatically find security vulnerabilities in your web applications In order for the report to show in the merge request, there are two
while you are developing and testing your applications. prerequisites:
## How it works - the specified job **must** be named `dast`
- the resulting report **must** be named `gl-dast-report.json` and uploaded as an
artifact. This JSON file needs to be the only artifact file for the job. If
you try to also include other files, it will break the vulnerability display
in the merge request.
The `sast` job will perform an analysis on the running web application, the
resulting JSON file will be uploaded as an artifact, and GitLab will then check
this file and show the information inside the merge request.
In order for the report to show in the merge request, you need to specify a ![DAST Widget](img/dast_all.png)
`dast` job (exact name) that will analyze the running application and upload the
resulting `gl-dast-report.json` file (exact filename) as an artifact. GitLab
will then check this file and show the information inside the merge request.
This JSON file needs to be the only artifact file for the job. If you try By clicking on one of the detected linked vulnerabilities, you will be able to
to also include other files, it will break the vulnerability display in the see the details and the URL(s) affected.
merge request.
For more information on how the `dast` job should look like, check the ![DAST Widget Clicked](img/dast_single.png)
[example on analyzing a project's code for vulnerabilities][cc-docs].
[ee-4348]: https://gitlab.com/gitlab-org/gitlab-ee/issues/4348 [ee-4348]: https://gitlab.com/gitlab-org/gitlab-ee/issues/4348
[ee]: https://about.gitlab.com/gitlab-ee/ [ee]: https://about.gitlab.com/gitlab-ee/
......
...@@ -31,6 +31,20 @@ is installed on. ...@@ -31,6 +31,20 @@ is installed on.
![Schedules list](img/pipeline_schedules_list.png) ![Schedules list](img/pipeline_schedules_list.png)
### Running a scheduled pipeline manually
> [Introduced][ce-15700] in GitLab 10.4.
To trigger a pipeline schedule manually, click the "Play" button:
![Play Pipeline Schedule](img/pipeline_schedule_play.png)
This will schedule a background job to run the pipeline schedule. A flash
message will provide a link to the CI/CD Pipeline index page.
To help avoid abuse, users are rate limited to triggering a pipeline once per
minute.
### Making use of scheduled pipeline variables ### Making use of scheduled pipeline variables
> [Introduced][ce-12328] in GitLab 9.4. > [Introduced][ce-12328] in GitLab 9.4.
...@@ -90,4 +104,5 @@ don't have admin access to the server, ask your administrator. ...@@ -90,4 +104,5 @@ don't have admin access to the server, ask your administrator.
[ce-10533]: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/10533 [ce-10533]: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/10533
[ce-10853]: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/10853 [ce-10853]: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/10853
[ce-12328]: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/12328 [ce-12328]: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/12328
[ce-15700]: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/15700
[settings]: https://about.gitlab.com/gitlab-com/settings/#cron-jobs [settings]: https://about.gitlab.com/gitlab-com/settings/#cron-jobs
...@@ -3,7 +3,7 @@ export const NODE_ACTION_BASE_PATH = '/admin/geo_nodes/'; ...@@ -3,7 +3,7 @@ export const NODE_ACTION_BASE_PATH = '/admin/geo_nodes/';
export const NODE_ACTIONS = { export const NODE_ACTIONS = {
TOGGLE: '/toggle', TOGGLE: '/toggle',
EDIT: '/edit', EDIT: '/edit',
REPAIR: '/reconfigure', REPAIR: '/repair',
}; };
export const VALUE_TYPE = { export const VALUE_TYPE = {
......
...@@ -329,7 +329,7 @@ module EE ...@@ -329,7 +329,7 @@ module EE
end end
def remove_mirror_repository_reference def remove_mirror_repository_reference
repository.remove_remote(::Repository::MIRROR_REMOTE) repository.async_remove_remote(::Repository::MIRROR_REMOTE)
end end
def import_url_availability def import_url_availability
......
...@@ -21,6 +21,8 @@ class RemoteMirror < ActiveRecord::Base ...@@ -21,6 +21,8 @@ class RemoteMirror < ActiveRecord::Base
validate :url_availability, if: -> (mirror) { mirror.url_changed? || mirror.enabled? } validate :url_availability, if: -> (mirror) { mirror.url_changed? || mirror.enabled? }
validates :url, addressable_url: true, if: :url_changed? validates :url, addressable_url: true, if: :url_changed?
before_save :set_new_remote_name, if: :mirror_url_changed?
after_save :set_override_remote_mirror_available, unless: -> { Gitlab::CurrentSettings.current_application_settings.mirror_available } after_save :set_override_remote_mirror_available, unless: -> { Gitlab::CurrentSettings.current_application_settings.mirror_available }
after_save :refresh_remote, if: :mirror_url_changed? after_save :refresh_remote, if: :mirror_url_changed?
after_update :reset_fields, if: :mirror_url_changed? after_update :reset_fields, if: :mirror_url_changed?
...@@ -69,8 +71,8 @@ class RemoteMirror < ActiveRecord::Base ...@@ -69,8 +71,8 @@ class RemoteMirror < ActiveRecord::Base
end end
end end
def ref_name def remote_name
"remote_mirror_#{id}" super || fallback_remote_name
end end
def update_failed? def update_failed?
...@@ -149,7 +151,13 @@ class RemoteMirror < ActiveRecord::Base ...@@ -149,7 +151,13 @@ class RemoteMirror < ActiveRecord::Base
private private
def raw def raw
@raw ||= Gitlab::Git::RemoteMirror.new(project.repository.raw, ref_name) @raw ||= Gitlab::Git::RemoteMirror.new(project.repository.raw, remote_name)
end
def fallback_remote_name
return unless id
"remote_mirror_#{id}"
end end
def recently_scheduled? def recently_scheduled?
...@@ -189,16 +197,27 @@ class RemoteMirror < ActiveRecord::Base ...@@ -189,16 +197,27 @@ class RemoteMirror < ActiveRecord::Base
project.update(remote_mirror_available_overridden: enabled) project.update(remote_mirror_available_overridden: enabled)
end end
def set_new_remote_name
self.remote_name = "remote_mirror_#{SecureRandom.hex}"
end
def refresh_remote def refresh_remote
return unless project return unless project
project.repository.add_remote(ref_name, url) # Before adding a new remote we have to delete the data from
# the previous remote name
prev_remote_name = remote_name_was || fallback_remote_name
run_after_commit do
project.repository.async_remove_remote(prev_remote_name)
end
project.repository.add_remote(remote_name, url)
end end
def remove_remote def remove_remote
if project # could be pending to delete so don't need to touch the git repository return unless project # could be pending to delete so don't need to touch the git repository
project.repository.remove_remote(ref_name)
end project.repository.async_remove_remote(remote_name)
end end
def mirror_url_changed? def mirror_url_changed?
......
...@@ -8,7 +8,7 @@ module Projects ...@@ -8,7 +8,7 @@ module Projects
return success unless remote_mirror.enabled? return success unless remote_mirror.enabled?
begin begin
repository.fetch_remote(remote_mirror.ref_name, no_tags: true) repository.fetch_remote(remote_mirror.remote_name, no_tags: true)
opts = {} opts = {}
if remote_mirror.only_protected_branches? if remote_mirror.only_protected_branches?
......
...@@ -177,6 +177,7 @@ FactoryBot.define do ...@@ -177,6 +177,7 @@ FactoryBot.define do
trait :remote_mirror do trait :remote_mirror do
transient do transient do
remote_name "remote_mirror_#{SecureRandom.hex}"
url "http://foo.com" url "http://foo.com"
enabled true enabled true
end end
......
...@@ -83,7 +83,7 @@ describe('GeoNodeActionsComponent', () => { ...@@ -83,7 +83,7 @@ describe('GeoNodeActionsComponent', () => {
describe('nodeRepairAuthPath', () => { describe('nodeRepairAuthPath', () => {
it('returns node repair authentication path', () => { it('returns node repair authentication path', () => {
expect(vm.nodeRepairAuthPath).toBe('/admin/geo_nodes/1/reconfigure'); expect(vm.nodeRepairAuthPath).toBe('/admin/geo_nodes/1/repair');
}); });
}); });
......
import Vue from 'vue'; import Vue from 'vue';
import autoMergeFailedComponent from '~/vue_merge_request_widget/components/states/mr_widget_auto_merge_failed'; import autoMergeFailedComponent from '~/vue_merge_request_widget/components/states/mr_widget_auto_merge_failed.vue';
import eventHub from '~/vue_merge_request_widget/event_hub';
const mergeError = 'This is the merge error'; import mountComponent from '../../../helpers/vue_mount_component_helper';
describe('MRWidgetAutoMergeFailed', () => { describe('MRWidgetAutoMergeFailed', () => {
describe('props', () => { let vm;
it('should have props', () => { const mergeError = 'This is the merge error';
const mrProp = autoMergeFailedComponent.props.mr;
expect(mrProp.type instanceof Object).toBeTruthy(); beforeEach(() => {
expect(mrProp.required).toBeTruthy(); const Component = Vue.extend(autoMergeFailedComponent);
vm = mountComponent(Component, {
mr: { mergeError },
}); });
}); });
describe('template', () => { afterEach(() => {
const Component = Vue.extend(autoMergeFailedComponent); vm.$destroy();
const vm = new Component({ });
el: document.createElement('div'),
propsData: { it('renders failed message', () => {
mr: { mergeError }, expect(vm.$el.textContent).toContain('This merge request failed to be merged automatically');
}, });
});
it('renders merge error provided', () => {
expect(vm.$el.innerText).toContain(mergeError);
});
it('render refresh button', () => {
expect(vm.$el.querySelector('button').textContent.trim()).toEqual('Refresh');
});
it('emits event and shows loading icon when button is clicked', (done) => {
spyOn(eventHub, '$emit');
vm.$el.querySelector('button').click();
expect(eventHub.$emit.calls.argsFor(0)[0]).toEqual('MRWidgetUpdateRequested');
it('should have correct elements', () => { Vue.nextTick(() => {
expect(vm.$el.classList.contains('mr-widget-body')).toBeTruthy(); expect(vm.$el.querySelector('button').getAttribute('disabled')).toEqual('disabled');
expect(vm.$el.querySelector('button').getAttribute('disabled')).toBeFalsy(); expect(
expect(vm.$el.innerText).toContain('This merge request failed to be merged automatically'); vm.$el.querySelector('button i').classList,
expect(vm.$el.innerText).toContain(mergeError); ).toContain('fa-spinner');
done();
}); });
}); });
}); });
...@@ -68,7 +68,36 @@ describe RemoteMirror do ...@@ -68,7 +68,36 @@ describe RemoteMirror do
mirror.update_attribute(:url, 'http://foo:baz@test.com') mirror.update_attribute(:url, 'http://foo:baz@test.com')
config = repo.raw_repository.rugged.config config = repo.raw_repository.rugged.config
expect(config["remote.#{mirror.ref_name}.url"]).to eq('http://foo:baz@test.com') expect(config["remote.#{mirror.remote_name}.url"]).to eq('http://foo:baz@test.com')
end
end
end
describe '#remote_name' do
context 'when remote name is persisted in the database' do
it 'returns remote name with random value' do
allow(SecureRandom).to receive(:hex).and_return('secret')
remote_mirror = create(:remote_mirror)
expect(remote_mirror.remote_name).to eq("remote_mirror_secret")
end
end
context 'when remote name is not persisted in the database' do
it 'returns remote name with remote mirror id' do
remote_mirror = create(:remote_mirror)
remote_mirror.remote_name = nil
expect(remote_mirror.remote_name).to eq("remote_mirror_#{remote_mirror.id}")
end
end
context 'when remote is not persisted in the database' do
it 'returns nil' do
remote_mirror = build(:remote_mirror, remote_name: nil)
expect(remote_mirror.remote_name).to be_nil
end end
end end
end end
......
...@@ -701,6 +701,38 @@ describe Repository do ...@@ -701,6 +701,38 @@ describe Repository do
end end
end end
describe '#async_remove_remote' do
before do
masterrev = repository.find_branch('master').dereferenced_target
create_remote_branch('joe', 'remote_branch', masterrev)
end
context 'when worker is scheduled successfully' do
before do
masterrev = repository.find_branch('master').dereferenced_target
create_remote_branch('remote_name', 'remote_branch', masterrev)
allow(RepositoryRemoveRemoteWorker).to receive(:perform_async).and_return('1234')
end
it 'returns job_id' do
expect(repository.async_remove_remote('joe')).to eq('1234')
end
end
context 'when worker does not schedule successfully' do
before do
allow(RepositoryRemoveRemoteWorker).to receive(:perform_async).and_return(nil)
end
it 'returns nil' do
expect(Rails.logger).to receive(:info).with("Remove remote job failed to create for #{project.id} with remote name joe.")
expect(repository.async_remove_remote('joe')).to be_nil
end
end
end
describe '#fetch_ref' do describe '#fetch_ref' do
let(:broken_repository) { create(:project, :broken_storage).repository } let(:broken_repository) { create(:project, :broken_storage).repository }
......
...@@ -27,15 +27,15 @@ describe Projects::UpdateRemoteMirrorService do ...@@ -27,15 +27,15 @@ describe Projects::UpdateRemoteMirrorService do
end end
it "fetches the remote repository" do it "fetches the remote repository" do
expect(repository).to receive(:fetch_remote).with(remote_mirror.ref_name, no_tags: true) do expect(repository).to receive(:fetch_remote).with(remote_mirror.remote_name, no_tags: true) do
sync_remote(repository, remote_mirror.ref_name, local_branch_names) sync_remote(repository, remote_mirror.remote_name, local_branch_names)
end end
subject.execute(remote_mirror) subject.execute(remote_mirror)
end end
it "succeeds" do it "succeeds" do
allow(repository).to receive(:fetch_remote) { sync_remote(repository, remote_mirror.ref_name, local_branch_names) } allow(repository).to receive(:fetch_remote) { sync_remote(repository, remote_mirror.remote_name, local_branch_names) }
result = subject.execute(remote_mirror) result = subject.execute(remote_mirror)
...@@ -46,13 +46,13 @@ describe Projects::UpdateRemoteMirrorService do ...@@ -46,13 +46,13 @@ describe Projects::UpdateRemoteMirrorService do
it "push all the branches the first time" do it "push all the branches the first time" do
allow(repository).to receive(:fetch_remote) allow(repository).to receive(:fetch_remote)
expect(raw_repository).to receive(:push_remote_branches).with(remote_mirror.ref_name, local_branch_names) expect(raw_repository).to receive(:push_remote_branches).with(remote_mirror.remote_name, local_branch_names)
subject.execute(remote_mirror) subject.execute(remote_mirror)
end end
it "does not push anything is remote is up to date" do it "does not push anything is remote is up to date" do
allow(repository).to receive(:fetch_remote) { sync_remote(repository, remote_mirror.ref_name, local_branch_names) } allow(repository).to receive(:fetch_remote) { sync_remote(repository, remote_mirror.remote_name, local_branch_names) }
expect(raw_repository).not_to receive(:push_remote_branches) expect(raw_repository).not_to receive(:push_remote_branches)
...@@ -62,21 +62,21 @@ describe Projects::UpdateRemoteMirrorService do ...@@ -62,21 +62,21 @@ describe Projects::UpdateRemoteMirrorService do
it "sync new branches" do it "sync new branches" do
# call local_branch_names early so it is not called after the new branch has been created # call local_branch_names early so it is not called after the new branch has been created
current_branches = local_branch_names current_branches = local_branch_names
allow(repository).to receive(:fetch_remote) { sync_remote(repository, remote_mirror.ref_name, current_branches) } allow(repository).to receive(:fetch_remote) { sync_remote(repository, remote_mirror.remote_name, current_branches) }
create_branch(repository, 'my-new-branch') create_branch(repository, 'my-new-branch')
expect(raw_repository).to receive(:push_remote_branches).with(remote_mirror.ref_name, ['my-new-branch']) expect(raw_repository).to receive(:push_remote_branches).with(remote_mirror.remote_name, ['my-new-branch'])
subject.execute(remote_mirror) subject.execute(remote_mirror)
end end
it "sync updated branches" do it "sync updated branches" do
allow(repository).to receive(:fetch_remote) do allow(repository).to receive(:fetch_remote) do
sync_remote(repository, remote_mirror.ref_name, local_branch_names) sync_remote(repository, remote_mirror.remote_name, local_branch_names)
update_branch(repository, 'existing-branch') update_branch(repository, 'existing-branch')
end end
expect(raw_repository).to receive(:push_remote_branches).with(remote_mirror.ref_name, ['existing-branch']) expect(raw_repository).to receive(:push_remote_branches).with(remote_mirror.remote_name, ['existing-branch'])
subject.execute(remote_mirror) subject.execute(remote_mirror)
end end
...@@ -94,22 +94,22 @@ describe Projects::UpdateRemoteMirrorService do ...@@ -94,22 +94,22 @@ describe Projects::UpdateRemoteMirrorService do
it "sync updated protected branches" do it "sync updated protected branches" do
allow(repository).to receive(:fetch_remote) do allow(repository).to receive(:fetch_remote) do
sync_remote(repository, remote_mirror.ref_name, local_branch_names) sync_remote(repository, remote_mirror.remote_name, local_branch_names)
update_branch(repository, protected_branch_name) update_branch(repository, protected_branch_name)
end end
expect(raw_repository).to receive(:push_remote_branches).with(remote_mirror.ref_name, [protected_branch_name]) expect(raw_repository).to receive(:push_remote_branches).with(remote_mirror.remote_name, [protected_branch_name])
subject.execute(remote_mirror) subject.execute(remote_mirror)
end end
it 'does not sync unprotected branches' do it 'does not sync unprotected branches' do
allow(repository).to receive(:fetch_remote) do allow(repository).to receive(:fetch_remote) do
sync_remote(repository, remote_mirror.ref_name, local_branch_names) sync_remote(repository, remote_mirror.remote_name, local_branch_names)
update_branch(repository, 'existing-branch') update_branch(repository, 'existing-branch')
end end
expect(raw_repository).not_to receive(:push_remote_branches).with(remote_mirror.ref_name, ['existing-branch']) expect(raw_repository).not_to receive(:push_remote_branches).with(remote_mirror.remote_name, ['existing-branch'])
subject.execute(remote_mirror) subject.execute(remote_mirror)
end end
...@@ -119,11 +119,11 @@ describe Projects::UpdateRemoteMirrorService do ...@@ -119,11 +119,11 @@ describe Projects::UpdateRemoteMirrorService do
context 'when it has diverged' do context 'when it has diverged' do
it 'syncs branches' do it 'syncs branches' do
allow(repository).to receive(:fetch_remote) do allow(repository).to receive(:fetch_remote) do
sync_remote(repository, remote_mirror.ref_name, local_branch_names) sync_remote(repository, remote_mirror.remote_name, local_branch_names)
update_remote_branch(repository, remote_mirror.ref_name, 'markdown') update_remote_branch(repository, remote_mirror.remote_name, 'markdown')
end end
expect(raw_repository).to receive(:push_remote_branches).with(remote_mirror.ref_name, ['markdown']) expect(raw_repository).to receive(:push_remote_branches).with(remote_mirror.remote_name, ['markdown'])
subject.execute(remote_mirror) subject.execute(remote_mirror)
end end
...@@ -134,11 +134,11 @@ describe Projects::UpdateRemoteMirrorService do ...@@ -134,11 +134,11 @@ describe Projects::UpdateRemoteMirrorService do
context 'when branch exists in local and remote repo' do context 'when branch exists in local and remote repo' do
it 'deletes the branch from remote repo' do it 'deletes the branch from remote repo' do
allow(repository).to receive(:fetch_remote) do allow(repository).to receive(:fetch_remote) do
sync_remote(repository, remote_mirror.ref_name, local_branch_names) sync_remote(repository, remote_mirror.remote_name, local_branch_names)
delete_branch(repository, 'existing-branch') delete_branch(repository, 'existing-branch')
end end
expect(raw_repository).to receive(:delete_remote_branches).with(remote_mirror.ref_name, ['existing-branch']) expect(raw_repository).to receive(:delete_remote_branches).with(remote_mirror.remote_name, ['existing-branch'])
subject.execute(remote_mirror) subject.execute(remote_mirror)
end end
...@@ -159,22 +159,22 @@ describe Projects::UpdateRemoteMirrorService do ...@@ -159,22 +159,22 @@ describe Projects::UpdateRemoteMirrorService do
it 'deletes the protected branch from remote repo' do it 'deletes the protected branch from remote repo' do
allow(repository).to receive(:fetch_remote) do allow(repository).to receive(:fetch_remote) do
sync_remote(repository, remote_mirror.ref_name, local_branch_names) sync_remote(repository, remote_mirror.remote_name, local_branch_names)
delete_branch(repository, protected_branch_name) delete_branch(repository, protected_branch_name)
end end
expect(raw_repository).not_to receive(:delete_remote_branches).with(remote_mirror.ref_name, [protected_branch_name]) expect(raw_repository).not_to receive(:delete_remote_branches).with(remote_mirror.remote_name, [protected_branch_name])
subject.execute(remote_mirror) subject.execute(remote_mirror)
end end
it 'does not delete the unprotected branch from remote repo' do it 'does not delete the unprotected branch from remote repo' do
allow(repository).to receive(:fetch_remote) do allow(repository).to receive(:fetch_remote) do
sync_remote(repository, remote_mirror.ref_name, local_branch_names) sync_remote(repository, remote_mirror.remote_name, local_branch_names)
delete_branch(repository, 'existing-branch') delete_branch(repository, 'existing-branch')
end end
expect(raw_repository).not_to receive(:delete_remote_branches).with(remote_mirror.ref_name, ['existing-branch']) expect(raw_repository).not_to receive(:delete_remote_branches).with(remote_mirror.remote_name, ['existing-branch'])
subject.execute(remote_mirror) subject.execute(remote_mirror)
end end
...@@ -190,10 +190,10 @@ describe Projects::UpdateRemoteMirrorService do ...@@ -190,10 +190,10 @@ describe Projects::UpdateRemoteMirrorService do
context 'when it has diverged' do context 'when it has diverged' do
it 'does not delete the remote branch' do it 'does not delete the remote branch' do
allow(repository).to receive(:fetch_remote) do allow(repository).to receive(:fetch_remote) do
sync_remote(repository, remote_mirror.ref_name, local_branch_names) sync_remote(repository, remote_mirror.remote_name, local_branch_names)
rev = repository.find_branch('markdown').dereferenced_target rev = repository.find_branch('markdown').dereferenced_target
create_remote_branch(repository, remote_mirror.ref_name, 'remote-branch', rev.id) create_remote_branch(repository, remote_mirror.remote_name, 'remote-branch', rev.id)
end end
expect(raw_repository).not_to receive(:delete_remote_branches) expect(raw_repository).not_to receive(:delete_remote_branches)
...@@ -205,13 +205,13 @@ describe Projects::UpdateRemoteMirrorService do ...@@ -205,13 +205,13 @@ describe Projects::UpdateRemoteMirrorService do
context 'when it has not diverged' do context 'when it has not diverged' do
it 'deletes the remote branch' do it 'deletes the remote branch' do
allow(repository).to receive(:fetch_remote) do allow(repository).to receive(:fetch_remote) do
sync_remote(repository, remote_mirror.ref_name, local_branch_names) sync_remote(repository, remote_mirror.remote_name, local_branch_names)
masterrev = repository.find_branch('master').dereferenced_target masterrev = repository.find_branch('master').dereferenced_target
create_remote_branch(repository, remote_mirror.ref_name, protected_branch_name, masterrev.id) create_remote_branch(repository, remote_mirror.remote_name, protected_branch_name, masterrev.id)
end end
expect(raw_repository).to receive(:delete_remote_branches).with(remote_mirror.ref_name, [protected_branch_name]) expect(raw_repository).to receive(:delete_remote_branches).with(remote_mirror.remote_name, [protected_branch_name])
subject.execute(remote_mirror) subject.execute(remote_mirror)
end end
...@@ -223,10 +223,10 @@ describe Projects::UpdateRemoteMirrorService do ...@@ -223,10 +223,10 @@ describe Projects::UpdateRemoteMirrorService do
context 'when it has diverged' do context 'when it has diverged' do
it 'does not delete the remote branch' do it 'does not delete the remote branch' do
allow(repository).to receive(:fetch_remote) do allow(repository).to receive(:fetch_remote) do
sync_remote(repository, remote_mirror.ref_name, local_branch_names) sync_remote(repository, remote_mirror.remote_name, local_branch_names)
rev = repository.find_branch('markdown').dereferenced_target rev = repository.find_branch('markdown').dereferenced_target
create_remote_branch(repository, remote_mirror.ref_name, 'remote-branch', rev.id) create_remote_branch(repository, remote_mirror.remote_name, 'remote-branch', rev.id)
end end
expect(raw_repository).not_to receive(:delete_remote_branches) expect(raw_repository).not_to receive(:delete_remote_branches)
...@@ -238,13 +238,13 @@ describe Projects::UpdateRemoteMirrorService do ...@@ -238,13 +238,13 @@ describe Projects::UpdateRemoteMirrorService do
context 'when it has not diverged' do context 'when it has not diverged' do
it 'deletes the remote branch' do it 'deletes the remote branch' do
allow(repository).to receive(:fetch_remote) do allow(repository).to receive(:fetch_remote) do
sync_remote(repository, remote_mirror.ref_name, local_branch_names) sync_remote(repository, remote_mirror.remote_name, local_branch_names)
masterrev = repository.find_branch('master').dereferenced_target masterrev = repository.find_branch('master').dereferenced_target
create_remote_branch(repository, remote_mirror.ref_name, 'remote-branch', masterrev.id) create_remote_branch(repository, remote_mirror.remote_name, 'remote-branch', masterrev.id)
end end
expect(raw_repository).to receive(:delete_remote_branches).with(remote_mirror.ref_name, ['remote-branch']) expect(raw_repository).to receive(:delete_remote_branches).with(remote_mirror.remote_name, ['remote-branch'])
subject.execute(remote_mirror) subject.execute(remote_mirror)
end end
...@@ -255,7 +255,7 @@ describe Projects::UpdateRemoteMirrorService do ...@@ -255,7 +255,7 @@ describe Projects::UpdateRemoteMirrorService do
describe 'Syncing tags' do describe 'Syncing tags' do
before do before do
allow(repository).to receive(:fetch_remote) { sync_remote(repository, remote_mirror.ref_name, local_branch_names) } allow(repository).to receive(:fetch_remote) { sync_remote(repository, remote_mirror.remote_name, local_branch_names) }
end end
context 'when there are not tags to push' do context 'when there are not tags to push' do
...@@ -273,7 +273,7 @@ describe Projects::UpdateRemoteMirrorService do ...@@ -273,7 +273,7 @@ describe Projects::UpdateRemoteMirrorService do
it 'pushes tags to remote' do it 'pushes tags to remote' do
allow(raw_repository).to receive(:remote_tags) { {} } allow(raw_repository).to receive(:remote_tags) { {} }
expect(raw_repository).to receive(:push_remote_branches).with(remote_mirror.ref_name, ['v1.0.0', 'v1.1.0']) expect(raw_repository).to receive(:push_remote_branches).with(remote_mirror.remote_name, ['v1.0.0', 'v1.1.0'])
subject.execute(remote_mirror) subject.execute(remote_mirror)
end end
...@@ -286,7 +286,7 @@ describe Projects::UpdateRemoteMirrorService do ...@@ -286,7 +286,7 @@ describe Projects::UpdateRemoteMirrorService do
repository.rm_tag(create(:user), 'v1.0.0') repository.rm_tag(create(:user), 'v1.0.0')
expect(raw_repository).to receive(:delete_remote_branches).with(remote_mirror.ref_name, ['v1.0.0']) expect(raw_repository).to receive(:delete_remote_branches).with(remote_mirror.remote_name, ['v1.0.0'])
subject.execute(remote_mirror) subject.execute(remote_mirror)
end end
......
require 'rails_helper'
describe RepositoryRemoveRemoteWorker do
subject(:worker) { described_class.new }
describe '#perform' do
let(:remote_name) { 'joe'}
let!(:project) { create(:project, :repository) }
context 'when it cannot obtain lease' do
it 'logs error' do
allow_any_instance_of(Gitlab::ExclusiveLease).to receive(:try_obtain) { nil }
expect_any_instance_of(Repository).not_to receive(:remove_remote)
expect(worker).to receive(:log_error).with('Cannot obtain an exclusive lease. There must be another instance already in execution.')
worker.perform(project.id, remote_name)
end
end
context 'when it gets the lease' do
before do
allow_any_instance_of(Gitlab::ExclusiveLease).to receive(:try_obtain).and_return(true)
end
context 'when project does not exist' do
it 'returns nil' do
expect(worker.perform(-1, 'remote_name')).to be_nil
end
end
context 'when project exists' do
it 'removes remote from repository' do
masterrev = project.repository.find_branch('master').dereferenced_target
create_remote_branch(remote_name, 'remote_branch', masterrev)
expect_any_instance_of(Repository).to receive(:remove_remote).with(remote_name).and_call_original
worker.perform(project.id, remote_name)
end
end
end
end
def create_remote_branch(remote_name, branch_name, target)
rugged = project.repository.rugged
rugged.references.create("refs/remotes/#{remote_name}/#{branch_name}", target.id)
end
end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment