Commit e6bf45f1 authored by GitLab Bot's avatar GitLab Bot

Automatic merge of gitlab-org/gitlab master

parents b52bf0ef 747d771f
...@@ -274,7 +274,7 @@ gem 'licensee', '~> 9.14.1' ...@@ -274,7 +274,7 @@ gem 'licensee', '~> 9.14.1'
gem 'charlock_holmes', '~> 0.7.7' gem 'charlock_holmes', '~> 0.7.7'
# Detect mime content type from content # Detect mime content type from content
gem 'ruby-magic-static', '~> 0.3.4' gem 'ruby-magic-static', '~> 0.3.5'
# Fake version of the gem to trick bundler # Fake version of the gem to trick bundler
gem 'mimemagic', '0.3.7', path: 'vendor/shims/mimemagic', require: false gem 'mimemagic', '0.3.7', path: 'vendor/shims/mimemagic', require: false
......
...@@ -1113,7 +1113,8 @@ GEM ...@@ -1113,7 +1113,8 @@ GEM
i18n i18n
ruby-fogbugz (0.2.1) ruby-fogbugz (0.2.1)
crack (~> 0.4) crack (~> 0.4)
ruby-magic-static (0.3.4) ruby-magic-static (0.3.5)
mini_portile2 (~> 2.5.0)
ruby-prof (1.3.1) ruby-prof (1.3.1)
ruby-progressbar (1.11.0) ruby-progressbar (1.11.0)
ruby-saml (1.7.2) ruby-saml (1.7.2)
...@@ -1559,7 +1560,7 @@ DEPENDENCIES ...@@ -1559,7 +1560,7 @@ DEPENDENCIES
rspec_junit_formatter rspec_junit_formatter
rspec_profiling (~> 0.0.6) rspec_profiling (~> 0.0.6)
ruby-fogbugz (~> 0.2.1) ruby-fogbugz (~> 0.2.1)
ruby-magic-static (~> 0.3.4) ruby-magic-static (~> 0.3.5)
ruby-prof (~> 1.3.0) ruby-prof (~> 1.3.0)
ruby-progressbar (~> 1.10) ruby-progressbar (~> 1.10)
ruby_parser (~> 3.15) ruby_parser (~> 3.15)
......
- project = local_assigns.fetch(:project) - project = local_assigns.fetch(:project)
- model = local_assigns.fetch(:model) - model = local_assigns.fetch(:model)
- form = local_assigns.fetch(:form) - form = local_assigns.fetch(:form)
- placeholder = model.is_a?(MergeRequest) ? _('Describe the goal of the changes and what reviewers should be aware of.') : _('Write a comment or drag your files here…') - placeholder = model.is_a?(MergeRequest) ? _('Describe the goal of the changes and what reviewers should be aware of.') : _('Write a description or drag your files here…')
- supports_quick_actions = true - supports_quick_actions = true
- preview_url = preview_markdown_path(project, target_type: model.class.name) - preview_url = preview_markdown_path(project, target_type: model.class.name)
......
---
title: Update New Issue form description copy from 'wite a comment' to 'wite a description'
merge_request: 58068
author:
type: changed
---
title: Update ruby-magic-static to v0.3.5
merge_request: 57984
author:
type: changed
...@@ -6,30 +6,18 @@ info: To determine the technical writer assigned to the Stage/Group associated w ...@@ -6,30 +6,18 @@ info: To determine the technical writer assigned to the Stage/Group associated w
# Jira integrations **(FREE)** # Jira integrations **(FREE)**
GitLab can be integrated with [Jira](https://www.atlassian.com/software/jira). If your organization uses [Jira](https://www.atlassian.com/software/jira) issues,
you can [migrate](../../../user/project/import/jira.md) your issues from Jira and work
exclusively in GitLab.
[Issues](../issues/index.md) are a tool for discussing ideas, and planning and tracking work. However, if you'd like to continue to use Jira, you can integrate it with GitLab.
However, your organization may already use Jira for these purposes, with extensive, established data
and business processes they rely on.
Although you can [migrate](../../../user/project/import/jira.md) your Jira issues and work There are two ways to use GitLab with Jira:
exclusively in GitLab, you can also continue to use Jira by using the GitLab Jira integrations.
## Integration types - [Jira integration](jira.md). Connect a GitLab project
to a Jira instance. The Jira instance can be hosted by you or in [Atlassian cloud](https://www.atlassian.com/cloud).
There are two different Jira integrations that allow different types of cross-referencing between - [Jira Development panel integration](../../../integration/jira_development_panel.md).
GitLab activity and Jira issues, with additional features: Connect all GitLab projects under a group or personal namespace.
- [Jira integration](jira.md), built in to GitLab. In a given GitLab project, it can be configured
to connect to any Jira instance, either hosted by you or hosted in
[Atlassian cloud](https://www.atlassian.com/cloud).
- [Jira development panel integration](../../../integration/jira/index.md). Connects all
GitLab projects under a specified group or personal namespace.
Jira development panel integration configuration depends on whether:
- You're using GitLab.com or a self-managed GitLab instance.
- You're using Jira on [Atlassian cloud](https://www.atlassian.com/cloud) or on your own server.
The integration you choose depends on the capabilities you require. The integration you choose depends on the capabilities you require.
You can also install both at the same time. You can also install both at the same time.
......
...@@ -6,7 +6,8 @@ module Security ...@@ -6,7 +6,8 @@ module Security
self.table_name = 'security_orchestration_policy_configurations' self.table_name = 'security_orchestration_policy_configurations'
POLICIES_BASE_PATH = '.gitlab/security-policies/' POLICY_PATH = '.gitlab/security-policies/policy.yml'
POLICY_LIMIT = 5
ON_DEMAND_SCANS = %w[dast].freeze ON_DEMAND_SCANS = %w[dast].freeze
...@@ -23,12 +24,7 @@ module Security ...@@ -23,12 +24,7 @@ module Security
def active_policies def active_policies
return [] unless enabled? return [] unless enabled?
security_policy_management_project scan_execution_policy_at(POLICY_PATH).select { |config| config[:enabled] }.first(POLICY_LIMIT)
.repository
.ls_files(security_policy_management_project.default_branch_or_master)
.grep(/\A#{Regexp.escape(POLICIES_BASE_PATH)}.+\.(yml|yaml)\z/)
.map { |path| policy_at(path) }
.select { |config| config[:enabled] }
end end
def on_demand_scan_actions(branch) def on_demand_scan_actions(branch)
...@@ -48,6 +44,14 @@ module Security ...@@ -48,6 +44,14 @@ module Security
private private
def policy_repo
security_policy_management_project.repository
end
def default_branch_or_master
security_policy_management_project.default_branch_or_master
end
def active_policy_names_with_dast_profiles def active_policy_names_with_dast_profiles
strong_memoize(:active_policy_names_with_dast_profiles) do strong_memoize(:active_policy_names_with_dast_profiles) do
profiles = { site_profiles: Hash.new { Set.new }, scanner_profiles: Hash.new { Set.new } } profiles = { site_profiles: Hash.new { Set.new }, scanner_profiles: Hash.new { Set.new } }
...@@ -65,11 +69,9 @@ module Security ...@@ -65,11 +69,9 @@ module Security
end end
end end
def policy_at(path) def scan_execution_policy_at(path)
security_policy_management_project policy_repo.blob_data_at(default_branch_or_master, path)
.repository .then { |config| Gitlab::Config::Loader::Yaml.new(config).load!.fetch(:scan_execution_policy, []) }
.blob_data_at(security_policy_management_project.default_branch_or_master, path)
.then { |config| Gitlab::Config::Loader::Yaml.new(config).load! }
end end
def applicable_for_branch?(policy, ref) def applicable_for_branch?(policy, ref)
......
scan_execution_policy:
- name: Run DAST in every pipeline
description: This policy enforces to run DAST for every pipeline within the project
enabled: true
rules:
- type: pipeline
branches:
- "production"
actions:
- scan: dast
site_profile: Site Profile
scanner_profile: Scanner Profile
- name: Run DAST in every pipeline_v1
description: This policy enforces to run DAST for every pipeline within the project
enabled: true
rules:
- type: pipeline
branches:
- "master"
actions:
- scan: dast
site_profile: Site Profile
scanner_profile: Scanner Profile
- name: Disabled policy
description: This policy is disabled
enabled: false
rules: []
actions: []
- name: Disabled policy_v2
description: This policy is disabled v2
enabled: false
rules: []
actions: []
- name: Run DAST in every pipeline_v3
description: This policy enforces to run DAST for every pipeline within the project
enabled: true
rules:
- type: pipeline
branches:
- "master"
actions:
- scan: dast
site_profile: Site Profile
scanner_profile: Scanner Profile
- name: Run DAST in every pipeline_v4
description: This policy enforces to run DAST for every pipeline within the project
enabled: true
rules:
- type: pipeline
branches:
- "master"
actions:
- scan: dast
site_profile: Site Profile
scanner_profile: Scanner Profile
- name: Run DAST in every pipeline_v5
description: This policy enforces to run DAST for every pipeline within the project
enabled: true
rules:
- type: pipeline
branches:
- "master"
actions:
- scan: dast
site_profile: Site Profile
scanner_profile: Scanner Profile
- name: Run DAST in every pipeline_v6
description: This policy enforces to run DAST for every pipeline within the project
enabled: true
rules:
- type: pipeline
branches:
- "master"
actions:
- scan: dast
site_profile: Site Profile
scanner_profile: Scanner Profile
\ No newline at end of file
...@@ -69,8 +69,12 @@ module Gitlab ...@@ -69,8 +69,12 @@ module Gitlab
end end
def validate_service_request def validate_service_request
headers = {}
headers['X-Gitlab-Token'] = validation_service_token if validation_service_token
Gitlab::HTTP.post( Gitlab::HTTP.post(
validation_service_url, timeout: validation_service_timeout, validation_service_url, timeout: validation_service_timeout,
headers: headers,
body: validation_service_payload.to_json body: validation_service_payload.to_json
) )
end end
...@@ -86,6 +90,10 @@ module Gitlab ...@@ -86,6 +90,10 @@ module Gitlab
ENV['EXTERNAL_VALIDATION_SERVICE_URL'] ENV['EXTERNAL_VALIDATION_SERVICE_URL']
end end
def validation_service_token
ENV['EXTERNAL_VALIDATION_SERVICE_TOKEN']
end
def validation_service_payload def validation_service_payload
{ {
project: { project: {
......
...@@ -34656,6 +34656,9 @@ msgstr "" ...@@ -34656,6 +34656,9 @@ msgstr ""
msgid "Write a comment…" msgid "Write a comment…"
msgstr "" msgstr ""
msgid "Write a description or drag your files here…"
msgstr ""
msgid "Write milestone description..." msgid "Write milestone description..."
msgstr "" msgstr ""
......
...@@ -136,8 +136,10 @@ postgresql: ...@@ -136,8 +136,10 @@ postgresql:
metrics: metrics:
enabled: false enabled: false
resources: resources:
requests:
cpu: 600m cpu: 600m
memory: 1000M memory: 1000M
limits:
cpu: 1300m cpu: 1300m
memory: 1500M memory: 1500M
prometheus: prometheus:
......
...@@ -45,7 +45,7 @@ RSpec.describe "User creates issue" do ...@@ -45,7 +45,7 @@ RSpec.describe "User creates issue" do
.and have_no_content("Milestone") .and have_no_content("Milestone")
expect(page.find('#issue_title')['placeholder']).to eq 'Title' expect(page.find('#issue_title')['placeholder']).to eq 'Title'
expect(page.find('#issue_description')['placeholder']).to eq 'Write a comment or drag your files here…' expect(page.find('#issue_description')['placeholder']).to eq 'Write a description or drag your files here…'
end end
issue_title = "500 error on profile" issue_title = "500 error on profile"
......
...@@ -63,6 +63,7 @@ RSpec.describe Gitlab::Ci::Pipeline::Chain::Validate::External do ...@@ -63,6 +63,7 @@ RSpec.describe Gitlab::Ci::Pipeline::Chain::Validate::External do
expect(::Gitlab::HTTP).to receive(:post) do |_url, params| expect(::Gitlab::HTTP).to receive(:post) do |_url, params|
expect(params[:body]).to match_schema('/external_validation') expect(params[:body]).to match_schema('/external_validation')
expect(params[:timeout]).to eq(described_class::DEFAULT_VALIDATION_REQUEST_TIMEOUT) expect(params[:timeout]).to eq(described_class::DEFAULT_VALIDATION_REQUEST_TIMEOUT)
expect(params[:headers]).to eq({})
end end
perform! perform!
...@@ -119,6 +120,20 @@ RSpec.describe Gitlab::Ci::Pipeline::Chain::Validate::External do ...@@ -119,6 +120,20 @@ RSpec.describe Gitlab::Ci::Pipeline::Chain::Validate::External do
end end
end end
context 'when EXTERNAL_VALIDATION_SERVICE_TOKEN is set' do
before do
stub_env('EXTERNAL_VALIDATION_SERVICE_TOKEN', '123')
end
it 'passes token in X-Gitlab-Token header' do
expect(::Gitlab::HTTP).to receive(:post) do |_url, params|
expect(params[:headers]).to eq({ 'X-Gitlab-Token' => '123' })
end
perform!
end
end
context 'when validation returns 200 OK' do context 'when validation returns 200 OK' do
before do before do
stub_request(:post, validation_service_url).to_return(status: 200, body: "{}") stub_request(:post, validation_service_url).to_return(status: 200, body: "{}")
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment