Skip to content

G
gitlab-ce
Commit c30973fa authored by Marin Jankovski's avatar Marin Jankovski
Browse files
Options

Merge branch 'ce-to-ee-2018-10-19' into 'master' 

CE upstream - 2018-10-19 09:30 UTC

Closes gitlab-com/support-forum#3825

See merge request gitlab-org/gitlab-ee!8009
parents 62e7658d e22874be
Hide whitespace changes
Inline Side-by-side
Showing with 493 additions and 110 deletions
.gitlab/issue_templates/Test plan.md
View file @ c30973fa
......@@ -38,22 +38,22 @@ test plan](https://testing.googleblog.com/2011/09/10-minute-test-plan.html) and
[this wiki page from an open-source tool that implements the ACC
model](https://code.google.com/archive/p/test-analytics/wikis/AccExplained.wiki). -->
| | Simple | Secure | Responsive | Obvious | Stable |
|------------|:------:|:------:|:----------:|:-------:|:------:|
| Admin | | | | | |
| Groups | | | | | |
| Project | | | | | |
| Repository | | | | | |
| Issues | | | | | |
| MRs | | | | | |
| CI/CD | | | | | |
| Ops | | | | | |
| Registry | | | | | |
| Wiki | | | | | |
| Snippets | | | | | |
| Settings | | | | | |
| Tracking | | | | | |
| API | | | | | |
| | Secure | Responsive | Intuitive | Reliable |
|------------|:------:|:----------:|:---------:|:--------:|
| Admin | | | | |
| Groups | | | | |
| Project | | | | |
| Repository | | | | |
| Issues | | | | |
| MRs | | | | |
| CI/CD | | | | |
| Ops | | | | |
| Registry | | | | |
| Wiki | | | | |
| Snippets | | | | |
| Settings | | | | |
| Tracking | | | | |
| API | | | | |
## Capabilities
......@@ -65,7 +65,7 @@ more complex features could involve multiple or even all.
Example (from https://gitlab.com/gitlab-org/gitlab-ce/issues/50353):
* Respository is
* Simple
* Intuitive
* It's easy to select the desired file template
* It doesn't require unnecessary actions to save the change
* It's easy to undo the change after selecting a template
......@@ -93,4 +93,4 @@ When adding new automated tests, please keep [testing levels](https://docs.gitla
in mind.
-->
/label ~Quality
\ No newline at end of file
/label ~Quality ~"test plan"
\ No newline at end of file
app/controllers/projects/merge_requests_controller.rb
View file @ c30973fa
......@@ -202,43 +202,11 @@ class Projects::MergeRequestsController < Projects::MergeRequests::ApplicationCo
end
def ci_environments_status
environments =
begin
@merge_request.environments_for(current_user).map do |environment|
project = environment.project
deployment = environment.first_deployment_for(@merge_request.diff_head_sha)
stop_url =
if can?(current_user, :stop_environment, environment)
stop_project_environment_path(project, environment)
end
metrics_url =
if can?(current_user, :read_environment, environment) && environment.has_metrics?
metrics_project_environment_deployment_path(project, environment, deployment)
end
metrics_monitoring_url =
if can?(current_user, :read_environment, environment)
environment_metrics_path(environment)
end
{
id: environment.id,
name: environment.name,
url: project_environment_path(project, environment),
metrics_url: metrics_url,
metrics_monitoring_url: metrics_monitoring_url,
stop_url: stop_url,
external_url: environment.external_url,
external_url_formatted: environment.formatted_external_url,
deployed_at: deployment.try(:created_at),
deployed_at_formatted: deployment.try(:formatted_deployment_time)
}
end.compact
end
environments = @merge_request.environments_for(current_user).map do |environment|
EnvironmentStatus.new(environment, @merge_request)
end
render json: environments
render json: EnvironmentStatusSerializer.new(current_user: current_user).represent(environments)
end
def rebase
......
app/models/environment_status.rb 0 → 100644
View file @ c30973fa
# frozen_string_literal: true
class EnvironmentStatus
include Gitlab::Utils::StrongMemoize
attr_reader :environment, :merge_request
delegate :id, to: :environment
delegate :name, to: :environment
delegate :project, to: :environment
delegate :deployed_at, to: :deployment, allow_nil: true
def initialize(environment, merge_request)
@environment = environment
@merge_request = merge_request
end
def deployment
strong_memoize(:deployment) do
environment.first_deployment_for(merge_request.diff_head_sha)
end
end
def deployed_at
deployment&.created_at
end
def changes
sha = merge_request.diff_head_sha
return [] if project.route_map_for(sha).nil?
changed_files.map { |file| build_change(file, sha) }.compact
end
def changed_files
merge_request.merge_request_diff
.merge_request_diff_files.where(deleted_file: false)
end
private
PAGE_EXTENSIONS = /\A\.(s?html?|php|asp|cgi|pl)\z/i.freeze
def build_change(file, sha)
public_path = project.public_path_for_source_path(file.new_path, sha)
return if public_path.nil?
ext = File.extname(public_path)
return if ext.present? && ext !~ PAGE_EXTENSIONS
{
path: public_path,
external_url: environment.external_url_for(file.new_path, sha)
}
end
end
app/serializers/environment_status_entity.rb 0 → 100644
View file @ c30973fa
# frozen_string_literal: true
class EnvironmentStatusEntity < Grape::Entity
include RequestAwareEntity
expose :id
expose :name
expose :url do |es|
project_environment_path(es.project, es.environment)
end
expose :metrics_url, if: ->(*) { can_read_environment? && environment.has_metrics? } do |es|
metrics_project_environment_deployment_path(es.project, es.environment, es.deployment)
end
expose :metrics_monitoring_url, if: ->(*) { can_read_environment? } do |es|
environment_metrics_path(es.environment)
end
expose :stop_url, if: ->(*) { can_stop_environment? } do |es|
stop_project_environment_path(es.project, es.environment)
end
expose :external_url do |es|
es.environment.external_url
end
expose :external_url_formatted do |es|
es.environment.formatted_external_url
end
expose :deployed_at
expose :deployed_at_formatted do |es|
es.deployment.try(:formatted_deployment_time)
end
expose :changes, if: ->(*) { Feature.enabled?(:ci_environments_status_changes, project) }
private
def environment
object.environment
end
def project
object.environment.project
end
def current_user
request.current_user
end
def can_read_environment?
can?(current_user, :read_environment, environment)
end
def can_stop_environment?
can?(current_user, :stop_environment, environment)
end
end
app/serializers/environment_status_serializer.rb 0 → 100644
View file @ c30973fa
# frozen_string_literal: true
class EnvironmentStatusSerializer < BaseSerializer
entity EnvironmentStatusEntity
end
app/services/audit_event_service.rb
View file @ c30973fa
......@@ -19,11 +19,29 @@ class AuditEventService
end
def security_event
SecurityEvent.create(
log_security_event_to_file
log_security_event_to_database
end
private
def base_payload
{
author_id: @author.id,
entity_id: @entity.id,
entity_type: @entity.class.name,
details: @details
)
entity_type: @entity.class.name
}
end
def file_logger
@file_logger ||= Gitlab::AuditJsonLogger.build
end
def log_security_event_to_file
file_logger.info(base_payload.merge(@details))
end
def log_security_event_to_database
SecurityEvent.create(base_payload.merge(details: @details))
end
end
app/services/web_hook_service.rb
View file @ c30973fa
......@@ -43,7 +43,7 @@ class WebHookService
http_status: response.code,
message: response.to_s
}
rescue SocketError, OpenSSL::SSL::SSLError, Errno::ECONNRESET, Errno::ECONNREFUSED, Errno::EHOSTUNREACH, Net::OpenTimeout, Net::ReadTimeout, Gitlab::HTTP::BlockedUrlError => e
rescue SocketError, OpenSSL::SSL::SSLError, Errno::ECONNRESET, Errno::ECONNREFUSED, Errno::EHOSTUNREACH, Net::OpenTimeout, Net::ReadTimeout, Gitlab::HTTP::BlockedUrlError, Gitlab::HTTP::RedirectionTooDeep => e
log_execution(
trigger: hook_name,
url: hook.url,
......
changelogs/unreleased/52692-catch-redirect-loops.yml 0 → 100644
View file @ c30973fa
---
title: Fix 500 error when testing webhooks with redirect loops
merge_request: 22447
author: Heinrich Lee Yu
type: fixed
changelogs/unreleased/sh-add-audit-logging-json-ce.yml 0 → 100644
View file @ c30973fa
---
title: Add support for JSON logging for audit events
merge_request: 22471
author:
type: added
doc/administration/logs.md
View file @ c30973fa
......@@ -144,6 +144,20 @@ December 03, 2014 13:20 -> ERROR -> Command failed [1]: /usr/bin/git --git-dir=/
error: failed to push some refs to '/Users/vsizov/gitlab-development-kit/repositories/gitlabhq/gitlab_git.git'
```
## `audit_json.log`
This file lives in `/var/log/gitlab/gitlab-rails/audit_json.log` for
Omnibus GitLab packages or in `/home/git/gitlab/log/audit_json.log` for
installations from source.
Changes to group or project settings are logged to this file. For example:
```json
{"severity":"INFO","time":"2018-10-17T17:38:22.523Z","author_id":3,"entity_id":2,"entity_type":"Project","change":"visibility","from":"Private","to":"Public","author_name":"John Doe4","target_id":2,"target_type":"Project","target_details":"namespace2/project2"}
{"severity":"INFO","time":"2018-10-17T17:38:22.830Z","author_id":5,"entity_id":3,"entity_type":"Project","change":"name","from":"John Doe7 / project3","to":"John Doe7 / new name","author_name":"John Doe6","target_id":3,"target_type":"Project","target_details":"namespace3/project3"}
{"severity":"INFO","time":"2018-10-17T17:38:23.175Z","author_id":7,"entity_id":4,"entity_type":"Project","change":"path","from":"","to":"namespace4/newpath","author_name":"John Doe8","target_id":4,"target_type":"Project","target_details":"namespace4/newpath"}
```
## `sidekiq.log`
This file lives in `/var/log/gitlab/gitlab-rails/sidekiq.log` for
......
doc/api/README.md
View file @ c30973fa
......@@ -76,6 +76,7 @@ following locations:
- [System Hooks](system_hooks.md)
- [Tags](tags.md)
- [Todos](todos.md)
- [Triggering Pipelines](../ci/triggers/README.md)
- [Users](users.md)
- [Validate CI configuration](lint.md)
- [V3 to V4](v3_to_v4.md)
......
doc/ci/docker/using_docker_build.md
View file @ c30973fa
......@@ -395,8 +395,67 @@ If you're running multiple Runners you will have to modify all configuration fil
> login to GitLab's Container Registry.
Once you've built a Docker image, you can push it up to the built-in
[GitLab Container Registry](../../user/project/container_registry.md). For example,
if you're using docker-in-docker on your runners, this is how your `.gitlab-ci.yml`
[GitLab Container Registry](../../user/project/container_registry.md).
Some things you should be aware of:
- You must [log in to the container registry](#authenticating-to-the-container-registry)
before running commands. You can do this in the `before_script` if multiple
jobs depend on it.
- Using `docker build --pull` fetches any changes to base
images before building just in case your cache is stale. It takes slightly
longer, but means you don’t get stuck without security patches to base images.
- Doing an explicit `docker pull` before each `docker run` fetches
the latest image that was just built. This is especially important if you are
using multiple runners that cache images locally. Using the git SHA in your
image tag makes this less necessary since each job will be unique and you
shouldn't ever have a stale image. However, it's still possible to have a
stale image if you re-build a given commit after a dependency has changed.
- You don't want to build directly to `latest` tag in case there are multiple jobs
happening simultaneously.
### Authenticating to the Container Registry
There are three ways to authenticate to the Container Registry via GitLab CI/CD
and depend on the visibility of your project.
For all projects, mostly suitable for public ones:
- **Using the special `gitlab-ci-token` user**: This user is created for you in order to
push to the Registry connected to your project. Its password is automatically
set with the `$CI_JOB_TOKEN` variable. This allows you to automate building and deploying
your Docker images and has read/write access to the Registry. This is ephemeral,
so it's only valid for one job. You can use the following example as-is:
```sh
docker login -u gitlab-ci-token -p $CI_JOB_TOKEN $CI_REGISTRY
```
For private and internal projects:
- **Using a personal access token**: You can create and use a
[personal access token](../../user/profile/personal_access_tokens.md)
in case your project is private:
- For read (pull) access, the scope should be `read_registry`.
- For read/write (pull/push) access, use `api`.
Replace the `<username>` and `<access_token>` in the following example:
```sh
docker login -u <username> -p <access_token> $CI_REGISTRY
```
- **Using the GitLab Deploy Token**: You can create and use a
[special deploy token](../../user/project/deploy_tokens/index.md#gitlab-deploy-token)
with your private projects. It provides read-only (pull) access to the Registry.
Once created, you can use the special environment variables, and GitLab CI/CD
will fill them in for you. You can use the following example as-is:
```sh
docker login -u $CI_DEPLOY_USER -p $CI_DEPLOY_PASSWORD $CI_REGISTRY
```
### Container Registry examples
If you're using docker-in-docker on your Runners, this is how your `.gitlab-ci.yml`
could look like:
```yaml
......@@ -414,11 +473,6 @@ could look like:
- docker push registry.example.com/group/project/image:latest
```
You have to use the special `gitlab-ci-token` user created for you in order to
push to the Registry connected to your project. Its password is provided in the
`$CI_JOB_TOKEN` variable. This allows you to automate building and deployment
of your Docker images.
You can also make use of [other variables](../variables/README.md) to avoid hardcoding:
```yaml
......@@ -508,22 +562,6 @@ deploy:
- master
```
Some things you should be aware of when using the Container Registry:
- You must log in to the container registry before running commands. Putting
this in `before_script` will run it before each job.
- Using `docker build --pull` makes sure that Docker fetches any changes to base
images before building just in case your cache is stale. It takes slightly
longer, but means you don’t get stuck without security patches to base images.
- Doing an explicit `docker pull` before each `docker run` makes sure to fetch
the latest image that was just built. This is especially important if you are
using multiple runners that cache images locally. Using the git SHA in your
image tag makes this less necessary since each job will be unique and you
shouldn't ever have a stale image, but it's still possible if you re-build a
given commit after a dependency has changed.
- You don't want to build directly to `latest` in case there are multiple jobs
happening simultaneously.
[docker-in-docker]: https://blog.docker.com/2013/09/docker-can-now-run-within-docker/
[docker-cap]: https://docs.docker.com/engine/reference/run/#runtime-privilege-and-linux-capabilities
[2fa]: ../../user/profile/account/two_factor_authentication.md
......
doc/user/profile/account/two_factor_authentication.md
View file @ c30973fa
......@@ -2,8 +2,8 @@
Two-factor Authentication (2FA) provides an additional level of security to your
GitLab account. Once enabled, in addition to supplying your username and
password to login, you'll be prompted for a code generated by your one time password
authenticator. For example, a password manager on one of your devices.
password to login, you'll be prompted for a code generated by your one time password
authenticator. For example, a password manager on one of your devices.
By enabling 2FA, the only way someone other than you can log into your account
is to know your username and password *and* have access to your one time password secret.
......@@ -83,9 +83,11 @@ Click on **Register U2F Device** to complete the process.
Recovery codes are not generated for U2F devices.
Should you ever lose access to your one time password authenticator, you can use one of the ten provided
backup codes to login to your account. We suggest copying or printing them for
storage in a safe place. **Each code can be used only once** to log in to your
account.
backup codes to login to your account. We suggest copying them, printing them, or downloading them using
the **Download codes** button for storage in a safe place.
CAUTION: **Caution:**
Each code can be used only once to log in to your account.
If you lose the recovery codes or just want to generate new ones, you can do so
[using SSH](#generate-new-recovery-codes-using-ssh).
......
doc/user/profile/personal_access_tokens.md
View file @ c30973fa
......@@ -45,16 +45,14 @@ the following table.
| Scope | Description |
| ----- | ----------- |
|`read_user` | Allows access to the read-only endpoints under `/users`. Essentially, any of the `GET` requests in the [Users API][users] are allowed ([introduced][ce-5951] in GitLab 8.15). |
| `api` | Grants complete access to the API (read/write) ([introduced][ce-5951] in GitLab 8.15). Required for accessing Git repositories over HTTP when 2FA is enabled. |
| `read_registry` | Allows to read [container registry] images if a project is private and authorization is required ([introduced][ce-11845] in GitLab 9.3). |
| `api` | Grants complete access to the API and Container Registry (read/write) ([introduced](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/5951) in GitLab 8.15). Required for accessing Git repositories over HTTP when 2FA is enabled. |
| `read_registry` | Allows to read (pull) [container registry] images if a project is private and authorization is required ([introduced](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/11845) in GitLab 9.3). |
| `sudo` | Allows performing API actions as any user in the system (if the authenticated user is an admin) ([introduced][ce-14838] in GitLab 10.2). |
| `read_repository` | Allows read-access to the repository through git clone. |
| `read_repository` | Allows read-access (pull) to the repository through git clone. |
[2fa]: ../account/two_factor_authentication.md
[api]: ../../api/README.md
[ce-3749]: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/3749
[ce-5951]: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/5951
[ce-11845]: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/11845
[ce-14838]: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/14838
[container registry]: ../project/container_registry.md
[users]: ../../api/users.md
......
doc/user/project/container_registry.md
View file @ c30973fa
......@@ -119,12 +119,17 @@ and [Using the GitLab Container Registry documentation](../../ci/docker/using_do
> Project Deploy Tokens were [introduced][ce-17894] in GitLab 10.7
If a project is private, credentials will need to be provided for authorization.
The preferred way to do this, is either by using a [personal access tokens][pat] or a [project deploy token][pdt].
There are two ways to do this:
- By using a [personal access token](../profile/personal_access_tokens.md).
- By using a [deploy token](../project/deploy_tokens/index.md).
The minimal scope needed for both of them is `read_registry`.
Example of using a personal access token:
```
docker login registry.example.com -u <your_username> -p <your_access_token>
Example of using a token:
```sh
docker login registry.example.com -u <username> -p <token>
```
## Troubleshooting the GitLab Container Registry
......
doc/user/project/deploy_tokens/index.md
View file @ c30973fa
......@@ -9,7 +9,7 @@ at midnight UTC and that they can be only managed by [maintainers](https://docs.
## Creating a Deploy Token
You can create as many deploy tokens as you like from the settings of your project:
You can create as many deploy tokens as you like from the settings of your project:
1. Log in to your GitLab account.
1. Go to the project you want to create Deploy Tokens for.
......@@ -49,14 +49,13 @@ To download a repository using a Deploy Token, you just need to:
2. Take note of your `username` and `token`
3. `git clone` the project using the Deploy Token:
```sh
git clone http://<username>:<deploy_token>@gitlab.example.com/tanuki/awesome_project.git
```
```bash
git clone https://<username>:<deploy_token>@gitlab.example.com/tanuki/awesome_project.git
```
Just replace `<username>` and `<deploy_token>` with the proper values
Replace `<username>` and `<deploy_token>` with the proper values.
### Read container registry images
### Read Container Registry images
To read the container registry images, you'll need to:
......@@ -64,21 +63,29 @@ To read the container registry images, you'll need to:
2. Take note of your `username` and `token`
3. Log in to GitLab’s Container Registry using the deploy token:
```
```sh
docker login registry.example.com -u <username> -p <deploy_token>
```
Just replace `<username>` and `<deploy_token>` with the proper values. Then you can simply
Just replace `<username>` and `<deploy_token>` with the proper values. Then you can simply
pull images from your Container Registry.
### GitLab Deploy Token
> [Introduced][ce-18414] in GitLab 10.8.
There's a special case when it comes to Deploy Tokens, if a user creates one
named `gitlab-deploy-token`, the username and token of the Deploy Token will be
automatically exposed to the CI/CD jobs as environment variables: `CI_DEPLOY_USER` and
`CI_DEPLOY_PASSWORD`, respectively.
There's a special case when it comes to Deploy Tokens. If a user creates one
named `gitlab-deploy-token`, the username and token of the Deploy Token will be
automatically exposed to the CI/CD jobs as environment variables: `CI_DEPLOY_USER` and
`CI_DEPLOY_PASSWORD`, respectively. With the GitLab Deploy Token, the
`read_registry` scope is implied.
After you create the token, you can login to the Container Registry using
those variables:
```sh
docker login -u $CI_DEPLOY_USER -p $CI_DEPLOY_PASSWORD $CI_REGISTRY
```
[ce-17894]: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/17894
[ce-11845]: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/11845
......
lib/gitlab/audit_json_logger.rb 0 → 100644
View file @ c30973fa
# frozen_string_literal: true
module Gitlab
class AuditJsonLogger < Gitlab::JsonLogger
def self.file_name_noext
'audit_json'
end
end
end
lib/gitlab/http.rb
View file @ c30973fa
......@@ -5,9 +5,16 @@
module Gitlab
class HTTP
BlockedUrlError = Class.new(StandardError)
RedirectionTooDeep = Class.new(StandardError)
include HTTParty # rubocop:disable Gitlab/HTTParty
connection_adapter ProxyHTTPConnectionAdapter
def self.perform_request(http_method, path, options, &block)
super
rescue HTTParty::RedirectionTooDeep
raise RedirectionTooDeep
end
end
end
spec/factories/deployments.rb
View file @ c30973fa
......@@ -16,5 +16,10 @@ FactoryBot.define do
allow(deployment.project.repository).to receive(:create_ref)
end
end
trait :review_app do
sha { TestEnv::BRANCH_SHA['pages-deploy'] }
ref 'pages-deploy'
end
end
end
spec/factories/merge_requests.rb
View file @ c30973fa
......@@ -107,6 +107,20 @@ FactoryBot.define do
end
end
trait :deployed_review_app do
target_branch 'pages-deploy-target'
transient do
deployment { create(:deployment, :review_app) }
end
after(:build) do |merge_request, evaluator|
merge_request.source_branch = evaluator.deployment.ref
merge_request.source_project = evaluator.deployment.project
merge_request.target_project = evaluator.deployment.project
end
end
after(:build) do |merge_request|
target_project = merge_request.target_project
source_project = merge_request.source_project
......
spec/lib/gitlab/http_spec.rb
View file @ c30973fa
......@@ -46,4 +46,30 @@ describe Gitlab::HTTP do
end
end
end
describe 'handle redirect loops' do
before do
WebMock.stub_request(:any, "http://example.org").to_raise(HTTParty::RedirectionTooDeep.new("Redirection Too Deep"))
end
it 'handles GET requests' do
expect { described_class.get('http://example.org') }.to raise_error(Gitlab::HTTP::RedirectionTooDeep)
end
it 'handles POST requests' do
expect { described_class.post('http://example.org') }.to raise_error(Gitlab::HTTP::RedirectionTooDeep)
end
it 'handles PUT requests' do
expect { described_class.put('http://example.org') }.to raise_error(Gitlab::HTTP::RedirectionTooDeep)
end
it 'handles DELETE requests' do
expect { described_class.delete('http://example.org') }.to raise_error(Gitlab::HTTP::RedirectionTooDeep)
end
it 'handles HEAD requests' do
expect { described_class.head('http://example.org') }.to raise_error(Gitlab::HTTP::RedirectionTooDeep)
end
end
end
spec/models/environment_status_spec.rb 0 → 100644
View file @ c30973fa
require 'spec_helper'
describe EnvironmentStatus do
let(:deployment) { create(:deployment, :review_app) }
let(:environment) { deployment.environment}
let(:project) { deployment.project }
let(:merge_request) { create(:merge_request, :deployed_review_app, deployment: deployment) }
subject(:environment_status) { described_class.new(environment, merge_request) }
it { is_expected.to delegate_method(:id).to(:environment) }
it { is_expected.to delegate_method(:name).to(:environment) }
it { is_expected.to delegate_method(:project).to(:environment) }
it { is_expected.to delegate_method(:deployed_at).to(:deployment).as(:created_at) }
describe '#project' do
subject { environment_status.project }
it { is_expected.to eq(project) }
end
describe '#merge_request' do
subject { environment_status.merge_request }
it { is_expected.to eq(merge_request) }
end
describe '#deployment' do
subject { environment_status.deployment }
it { is_expected.to eq(deployment) }
end
# $ git diff --stat pages-deploy-target...pages-deploy
# .gitlab/route-map.yml | 5 +++++
# files/html/500.html | 13 -------------
# files/html/page.html | 3 +++
# files/js/application.js | 3 +++
# files/markdown/ruby-style-guide.md | 4 ++++
# pages-deploy.txt | 1 +
#
# $ cat .gitlab/route-map.yml
# - source: /files\/markdown\/(.+)\.md$/
# public: '\1.html'
#
# - source: /files\/(.+)/
# public: '\1'
describe '#changes' do
it 'contains only added and modified public pages' do
expect(environment_status.changes).to contain_exactly(
{
path: 'ruby-style-guide.html',
external_url: "#{environment.external_url}/ruby-style-guide.html"
}, {
path: 'html/page.html',
external_url: "#{environment.external_url}/html/page.html"
}
)
end
end
end
spec/serializers/environment_status_entity_spec.rb 0 → 100644
View file @ c30973fa
require 'spec_helper'
describe EnvironmentStatusEntity do
let(:user) { create(:user) }
let(:request) { double('request') }
let(:deployment) { create(:deployment, :review_app) }
let(:environment) { deployment.environment}
let(:project) { deployment.project }
let(:merge_request) { create(:merge_request, :deployed_review_app, deployment: deployment) }
let(:environment_status) { EnvironmentStatus.new(environment, merge_request) }
let(:entity) { described_class.new(environment_status, request: request) }
subject { entity.as_json }
before do
allow(request).to receive(:current_user).and_return(user)
end
it { is_expected.to include(:id) }
it { is_expected.to include(:name) }
it { is_expected.to include(:url) }
it { is_expected.to include(:external_url) }
it { is_expected.to include(:external_url_formatted) }
it { is_expected.to include(:deployed_at) }
it { is_expected.to include(:deployed_at_formatted) }
it { is_expected.to include(:changes) }
it { is_expected.not_to include(:stop_url) }
it { is_expected.not_to include(:metrics_url) }
it { is_expected.not_to include(:metrics_monitoring_url) }
context 'when :ci_environments_status_changes feature flag is disabled' do
before do
stub_feature_flags(ci_environments_status_changes: false)
end
it { is_expected.not_to include(:changes) }
end
context 'when the user is project maintainer' do
before do
project.add_maintainer(user)
end
it { is_expected.to include(:stop_url) }
end
end
spec/services/audit_event_service_spec.rb 0 → 100644
View file @ c30973fa
# frozen_string_literal: true
require 'spec_helper'
describe AuditEventService do
let(:project) { create(:project) }
let(:user) { create(:user) }
let(:project_member) { create(:project_member, user: user) }
let(:service) { described_class.new(user, project, { action: :destroy }) }
let(:logger) { instance_double(Gitlab::AuditJsonLogger) }
describe '#security_event' do
before do
expect(service).to receive(:file_logger).and_return(logger)
end
it 'creates an event and logs to a file' do
expect(logger).to receive(:info).with(author_id: user.id,
entity_id: project.id,
entity_type: "Project",
action: :destroy)
expect { service.security_event }.to change(SecurityEvent, :count).by(1)
end
end
end
spec/services/web_hook_service_spec.rb
View file @ c30973fa
......@@ -97,7 +97,7 @@ describe WebHookService do
end
it 'handles exceptions' do
exceptions = [SocketError, OpenSSL::SSL::SSLError, Errno::ECONNRESET, Errno::ECONNREFUSED, Errno::EHOSTUNREACH, Net::OpenTimeout, Net::ReadTimeout, Gitlab::HTTP::BlockedUrlError]
exceptions = [SocketError, OpenSSL::SSL::SSLError, Errno::ECONNRESET, Errno::ECONNREFUSED, Errno::EHOSTUNREACH, Net::OpenTimeout, Net::ReadTimeout, Gitlab::HTTP::BlockedUrlError, Gitlab::HTTP::RedirectionTooDeep]
exceptions.each do |exception_class|
exception = exception_class.new('Exception message')
......
spec/support/helpers/test_env.rb
View file @ c30973fa
......@@ -31,6 +31,8 @@ module TestEnv
'symlink-expand-diff' => '81e6355',
'expand-collapse-files' => '025db92',
'expand-collapse-lines' => '238e82d',
'pages-deploy' => '7897d5b',
'pages-deploy-target' => '7975be0',
'video' => '8879059',
'add-balsamiq-file' => 'b89b56d',
'crlf-diff' => '5938907',
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7