@@ -193,7 +193,7 @@ Combined with [protected branches](../../../user/project/protected_branches.md),
...
@@ -193,7 +193,7 @@ Combined with [protected branches](../../../user/project/protected_branches.md),
For the full list of options, see Vault's [Create Role documentation](https://www.vaultproject.io/api/auth/jwt#create-role).
For the full list of options, see Vault's [Create Role documentation](https://www.vaultproject.io/api/auth/jwt#create-role).
WARNING:
WARNING:
Always restrict your roles to project or namespace by using one of the provided claims (e.g.`project_id` or `namespace_id`). Otherwise any JWT generated by this instance may be allowed to authenticate using this role.
Always restrict your roles to project or namespace by using one of the provided claims (for example,`project_id` or `namespace_id`). Otherwise any JWT generated by this instance may be allowed to authenticate using this role.
@@ -123,7 +123,7 @@ Therefore, for a production environment we use additional steps to ensure that a
...
@@ -123,7 +123,7 @@ Therefore, for a production environment we use additional steps to ensure that a
Since this was a WordPress project, I gave real life code snippets. Some further ideas you can pursue:
Since this was a WordPress project, I gave real life code snippets. Some further ideas you can pursue:
- Having a slightly different script for the default branch allows you to deploy to a production server from that branch and to a stage server from any other branches.
- Having a slightly different script for the default branch allows you to deploy to a production server from that branch and to a stage server from any other branches.
- Instead of pushing it live, you can push it to WordPress official repository (with creating a SVN commit, etc.).
- Instead of pushing it live, you can push it to WordPress official repository.
- You could generate i18n text domains on the fly.
- You could generate i18n text domains on the fly.
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/9788) in [GitLab Premium](https://about.gitlab.com/pricing/) 11.10. Requires GitLab Runner 11.10 and above.
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/9788) in [GitLab Premium](https://about.gitlab.com/pricing/) 11.10. Requires GitLab Runner 11.10 and above.
GitLab provides a lot of great reporting tools for [merge requests](../user/project/merge_requests/index.md) - [Unit test reports](unit_test_reports.md), [code quality](../user/project/merge_requests/code_quality.md), performance tests, etc. While JUnit is a great open framework for tests that "pass" or "fail", it is also important to see other types of metrics from a given change.
GitLab provides a lot of great reporting tools for things like [merge requests](../user/project/merge_requests/index.md) - [Unit test reports](unit_test_reports.md), [code quality](../user/project/merge_requests/code_quality.md), and performance tests. While JUnit is a great open framework for tests that "pass" or "fail", it is also important to see other types of metrics from a given change.
You can configure your job to use custom Metrics Reports, and GitLab displays a report on the merge request so that it's easier and faster to identify changes without having to check the entire log.
You can configure your job to use custom Metrics Reports, and GitLab displays a report on the merge request so that it's easier and faster to identify changes without having to check the entire log.
@@ -90,4 +90,4 @@ In addition, any system dependencies used in Omnibus packages or the Cloud Nativ
...
@@ -90,4 +90,4 @@ In addition, any system dependencies used in Omnibus packages or the Cloud Nativ
If the service component needs to be updated or released with the monthly GitLab release, then the component should be added to the [release tools automation](https://gitlab.com/gitlab-org/release-tools). This project is maintained by the [Delivery team](https://about.gitlab.com/handbook/engineering/infrastructure/team/delivery/). A list of the projects managed this way can be found in the [release tools project directory](https://about.gitlab.com/handbook/engineering/infrastructure/team/delivery/).
If the service component needs to be updated or released with the monthly GitLab release, then the component should be added to the [release tools automation](https://gitlab.com/gitlab-org/release-tools). This project is maintained by the [Delivery team](https://about.gitlab.com/handbook/engineering/infrastructure/team/delivery/). A list of the projects managed this way can be found in the [release tools project directory](https://about.gitlab.com/handbook/engineering/infrastructure/team/delivery/).
For example, during the monthly GitLab release, the desired version of Gitaly, GitLab Workhorse, GitLab Shell, etc., need to synchronized through the various release pipelines.
For example, during the monthly GitLab release, the desired version of Gitaly, GitLab Workhorse and GitLab Shell need to be synchronized through the various release pipelines.
For non-200 HTTP responses, use the provided helpers in `lib/api/helpers.rb` to ensure correct behavior (`not_found!`, `no_content!` etc.). These `throw` inside Grape and abort the execution of your endpoint.
For non-200 HTTP responses, use the provided helpers in `lib/api/helpers.rb` to ensure correct behavior (like `not_found!` or `no_content!`). These `throw` inside Grape and abort the execution of your endpoint.
For `DELETE` requests, you should also generally use the `destroy_conditionally!` helper which by default returns a `204 No Content` response on success, or a `412 Precondition Failed` response if the given `If-Unmodified-Since` header is out of range. This helper calls `#destroy` on the passed resource, but you can also implement a custom deletion method by passing a block.
For `DELETE` requests, you should also generally use the `destroy_conditionally!` helper which by default returns a `204 No Content` response on success, or a `412 Precondition Failed` response if the given `If-Unmodified-Since` header is out of range. This helper calls `#destroy` on the passed resource, but you can also implement a custom deletion method by passing a block.
@@ -52,8 +52,8 @@ When self-identifying as a domain expert, it is recommended to assign the MR cha
...
@@ -52,8 +52,8 @@ When self-identifying as a domain expert, it is recommended to assign the MR cha
We make the following assumption with regards to automatically being considered a domain expert:
We make the following assumption with regards to automatically being considered a domain expert:
- Team members working in a specific stage/group (e.g. create: source code) are considered domain experts for that area of the app they work on
- Team members working in a specific stage/group (for example, create: source code) are considered domain experts for that area of the app they work on
- Team members working on a specific feature (e.g. search) are considered domain experts for that feature
- Team members working on a specific feature (for example, search) are considered domain experts for that feature
We default to assigning reviews to team members with domain expertise.
We default to assigning reviews to team members with domain expertise.
When a suitable [domain expert](#domain-experts) isn't available, you can choose any team member to review the MR, or simply follow the [Reviewer roulette](#reviewer-roulette) recommendation.
When a suitable [domain expert](#domain-experts) isn't available, you can choose any team member to review the MR, or simply follow the [Reviewer roulette](#reviewer-roulette) recommendation.
@@ -12,7 +12,7 @@ GitLab community members and their privileges/responsibilities.
...
@@ -12,7 +12,7 @@ GitLab community members and their privileges/responsibilities.
|-------|------------------|--------------|
|-------|------------------|--------------|
| Maintainer | Accepts merge requests on several GitLab projects | Added to the [team page](https://about.gitlab.com/company/team/). An expert on code reviews and knows the product/codebase |
| Maintainer | Accepts merge requests on several GitLab projects | Added to the [team page](https://about.gitlab.com/company/team/). An expert on code reviews and knows the product/codebase |
| Reviewer | Performs code reviews on MRs | Added to the [team page](https://about.gitlab.com/company/team/) |
| Reviewer | Performs code reviews on MRs | Added to the [team page](https://about.gitlab.com/company/team/) |
| Developer |Has access to GitLab internal infrastructure & issues (e.g. HR-related) | GitLab employee or a Core Team member (with an NDA) |
| Developer |Has access to GitLab internal infrastructure & issues (for example, HR-related) | GitLab employee or a Core Team member (with an NDA) |
| Contributor | Can make contributions to all GitLab public projects | Have a GitLab.com account |
| Contributor | Can make contributions to all GitLab public projects | Have a GitLab.com account |
[List of current reviewers/maintainers](https://about.gitlab.com/handbook/engineering/projects/#gitlab-ce).
[List of current reviewers/maintainers](https://about.gitlab.com/handbook/engineering/projects/#gitlab-ce).
@@ -191,7 +191,7 @@ If you are not sure who to mention, the reviewer will do this for you early in t
...
@@ -191,7 +191,7 @@ If you are not sure who to mention, the reviewer will do this for you early in t
A "breaking change" is any change that requires users to make a corresponding change to their code, settings, or workflow. "Users" might be humans, API clients, or even code classes that "use" another class. Examples of breaking changes include:
A "breaking change" is any change that requires users to make a corresponding change to their code, settings, or workflow. "Users" might be humans, API clients, or even code classes that "use" another class. Examples of breaking changes include:
- Removing a user-facing feature without a replacement/workaround.
- Removing a user-facing feature without a replacement/workaround.
- Changing the definition of an existing API (by re-naming query parameters, changing routes, etc.).
- Changing the definition of an existing API (by doing things like re-naming query parameters or changing routes).
- Removing a public method from a code class.
- Removing a public method from a code class.
A breaking change can be considered "major" if it affects many users, or represents a significant change in behavior.
A breaking change can be considered "major" if it affects many users, or represents a significant change in behavior.
If you are new to GitLab development (or web development in general), see the
If you are new to GitLab development (or web development in general), see the
[how to contribute](index.md#how-to-contribute) section to get started with
[how to contribute](index.md#how-to-contribute) section to get started with
...
@@ -69,7 +69,7 @@ request is as follows:
...
@@ -69,7 +69,7 @@ request is as follows:
request addresses. Referenced issues do not [close automatically](../../user/project/issues/managing_issues.md#closing-issues-automatically).
request addresses. Referenced issues do not [close automatically](../../user/project/issues/managing_issues.md#closing-issues-automatically).
You must close them manually once the merge request is merged.
You must close them manually once the merge request is merged.
1. The MR must include *Before* and *After* screenshots if UI changes are made.
1. The MR must include *Before* and *After* screenshots if UI changes are made.
1. Include any steps or setup required to ensure reviewers can view the changes you've made (e.g. include any information about feature flags).
1. Include any steps or setup required to ensure reviewers can view the changes you've made (for example, include any information about feature flags).
1. If you're allowed to, set a relevant milestone and [labels](issue_workflow.md).
1. If you're allowed to, set a relevant milestone and [labels](issue_workflow.md).
1. UI changes should use available components from the GitLab Design System,
1. UI changes should use available components from the GitLab Design System,
[Pajamas](https://design.gitlab.com/).
[Pajamas](https://design.gitlab.com/).
...
@@ -204,7 +204,7 @@ the contribution acceptance criteria below:
...
@@ -204,7 +204,7 @@ the contribution acceptance criteria below:
only one working on your feature branch, otherwise merge `main`.
only one working on your feature branch, otherwise merge `main`.
1. Only one specific issue is fixed or one specific feature is implemented. Do not
1. Only one specific issue is fixed or one specific feature is implemented. Do not
combine things; send separate merge requests for each issue or feature.
combine things; send separate merge requests for each issue or feature.
1. Migrations should do only one thing (e.g., create a table, move data to a new
1. Migrations should do only one thing (for example, create a table, move data to a new
table, or remove an old table) to aid retrying on failure.
table, or remove an old table) to aid retrying on failure.
1. Contains functionality that other users will benefit from.
1. Contains functionality that other users will benefit from.
1. Doesn't add configuration options or settings options since they complicate making
1. Doesn't add configuration options or settings options since they complicate making
...
@@ -214,7 +214,7 @@ the contribution acceptance criteria below:
...
@@ -214,7 +214,7 @@ the contribution acceptance criteria below:
- Check for N+1 queries via the SQL log or [`QueryRecorder`](../merge_request_performance_guidelines.md).
- Check for N+1 queries via the SQL log or [`QueryRecorder`](../merge_request_performance_guidelines.md).
- Avoid repeated access of the file system.
- Avoid repeated access of the file system.
- Use [polling with ETag caching](../polling.md) if needed to support real-time features.
- Use [polling with ETag caching](../polling.md) if needed to support real-time features.
1. If the merge request adds any new libraries (gems, JavaScript libraries, etc.),
1. If the merge request adds any new libraries (like gems or JavaScript libraries),
they should conform to our [Licensing guidelines](../licensing.md). See those
they should conform to our [Licensing guidelines](../licensing.md). See those
instructions for help if the "license-finder" test fails with a
instructions for help if the "license-finder" test fails with a
`Dependencies that need approval` error. Also, make the reviewer aware of the new
`Dependencies that need approval` error. Also, make the reviewer aware of the new
...
@@ -272,7 +272,7 @@ request:
...
@@ -272,7 +272,7 @@ request:
We allow engineering time to fix small problems (with or without an
We allow engineering time to fix small problems (with or without an
issue) that are incremental improvements, such as:
issue) that are incremental improvements, such as:
1. Unprioritized bug fixes (e.g.[Banner alerting of project move is
1. Unprioritized bug fixes (for example,[Banner alerting of project move is
showing up everywhere](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/18985))
showing up everywhere](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/18985))
@@ -142,13 +142,13 @@ forwarded to both indices. Once the new index is ready, an admin can
...
@@ -142,13 +142,13 @@ forwarded to both indices. Once the new index is ready, an admin can
mark it active, which will direct all searches to it, and remove the old
mark it active, which will direct all searches to it, and remove the old
index.
index.
This is also helpful for migrating to new servers, e.g. moving to/from AWS.
This is also helpful for migrating to new servers, for example, moving to/from AWS.
Currently we are on the process of migrating to this new design. Everything is hardwired to work with one single version for now.
Currently we are on the process of migrating to this new design. Everything is hardwired to work with one single version for now.
### Architecture
### Architecture
The traditional setup, provided by `elasticsearch-rails`, is to communicate through its internal proxy classes. Developers would write model-specific logic in a module for the model to include in (e.g. `SnippetsSearch`). The `__elasticsearch__` methods would return a proxy object, e.g.:
The traditional setup, provided by `elasticsearch-rails`, is to communicate through its internal proxy classes. Developers would write model-specific logic in a module for the model to include in (for example, `SnippetsSearch`). The `__elasticsearch__` methods would return a proxy object, for example:
-`Issue.__elasticsearch__` returns an instance of `Elasticsearch::Model::Proxy::ClassMethodsProxy`
-`Issue.__elasticsearch__` returns an instance of `Elasticsearch::Model::Proxy::ClassMethodsProxy`
-`Issue.first.__elasticsearch__` returns an instance of `Elasticsearch::Model::Proxy::InstanceMethodsProxy`.
-`Issue.first.__elasticsearch__` returns an instance of `Elasticsearch::Model::Proxy::InstanceMethodsProxy`.
...
@@ -171,7 +171,7 @@ The global configurations per version are now in the `Elastic::(Version)::Config
...
@@ -171,7 +171,7 @@ The global configurations per version are now in the `Elastic::(Version)::Config
NOTE:
NOTE:
This is not applicable yet as multiple indices functionality is not fully implemented.
This is not applicable yet as multiple indices functionality is not fully implemented.
Folders like `ee/lib/elastic/v12p1` contain snapshots of search logic from different versions. To keep a continuous Git history, the latest version lives under `ee/lib/elastic/latest`, but its classes are aliased under an actual version (e.g. `ee/lib/elastic/v12p3`). When referencing these classes, never use the `Latest` namespace directly, but use the actual version (e.g.`V12p3`).
Folders like `ee/lib/elastic/v12p1` contain snapshots of search logic from different versions. To keep a continuous Git history, the latest version lives under `ee/lib/elastic/latest`, but its classes are aliased under an actual version (for example, `ee/lib/elastic/v12p3`). When referencing these classes, never use the `Latest` namespace directly, but use the actual version (for example,`V12p3`).
The version name basically follows the GitLab release version. If setting is changed in 12.3, we will create a new namespace called `V12p3` (p stands for "point"). Raise an issue if there is a need to name a version differently.
The version name basically follows the GitLab release version. If setting is changed in 12.3, we will create a new namespace called `V12p3` (p stands for "point"). Raise an issue if there is a need to name a version differently.
@@ -59,7 +59,7 @@ Shared Global Object's solve the problem of making something globally accessible
...
@@ -59,7 +59,7 @@ Shared Global Object's solve the problem of making something globally accessible
could be appropriate:
could be appropriate:
- When a responsibility is truly global and should be referenced across the application
- When a responsibility is truly global and should be referenced across the application
(e.g., an application-wide Event Bus).
(for example, an application-wide Event Bus).
Even in these scenarios, please consider avoiding the Shared Global Object pattern because the
Even in these scenarios, please consider avoiding the Shared Global Object pattern because the
side-effects can be notoriously difficult to reason with.
side-effects can be notoriously difficult to reason with.
...
@@ -136,8 +136,8 @@ many problems with a module that exports utility functions.
...
@@ -136,8 +136,8 @@ many problems with a module that exports utility functions.
Singletons solve the problem of enforcing there to be only 1 instance of a thing. It's possible
Singletons solve the problem of enforcing there to be only 1 instance of a thing. It's possible
that a Singleton could be appropriate in the following rare cases:
that a Singleton could be appropriate in the following rare cases:
- We need to manage some resource that **MUST** have just 1 instance (i.e. some hardware restriction).
- We need to manage some resource that **MUST** have just 1 instance (that is, some hardware restriction).
- There is a real [cross-cutting concern](https://en.wikipedia.org/wiki/Cross-cutting_concern)(e.g., logging) and a Singleton provides the simplest API.
- There is a real [cross-cutting concern](https://en.wikipedia.org/wiki/Cross-cutting_concern)(for example, logging) and a Singleton provides the simplest API.
Even in these scenarios, please consider avoiding the Singleton pattern.
Even in these scenarios, please consider avoiding the Singleton pattern.
[Dependency Injection](https://en.wikipedia.org/wiki/Dependency_injection) is an approach which breaks
[Dependency Injection](https://en.wikipedia.org/wiki/Dependency_injection) is an approach which breaks
coupling by declaring a module's dependencies to be injected from outside the module (e.g., through constructor parameters, a bona-fide Dependency Injection framework, and even Vue's `provide/inject`).
coupling by declaring a module's dependencies to be injected from outside the module (for example, through constructor parameters, a bona-fide Dependency Injection framework, and even Vue's `provide/inject`).